2018-10-10 19:26:48 +08:00
|
|
|
// SPDX-License-Identifier: GPL-2.0+
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
/*
|
|
|
|
* Freescale FSL CAAM support for crypto API over QI backend.
|
|
|
|
* Based on caamalg.c
|
|
|
|
*
|
|
|
|
* Copyright 2013-2016 Freescale Semiconductor, Inc.
|
2019-05-03 22:17:38 +08:00
|
|
|
* Copyright 2016-2019 NXP
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include "compat.h"
|
2017-10-24 14:27:31 +08:00
|
|
|
#include "ctrl.h"
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
#include "regs.h"
|
|
|
|
#include "intern.h"
|
|
|
|
#include "desc_constr.h"
|
|
|
|
#include "error.h"
|
|
|
|
#include "sg_sw_qm.h"
|
|
|
|
#include "key_gen.h"
|
|
|
|
#include "qi.h"
|
|
|
|
#include "jr.h"
|
|
|
|
#include "caamalg_desc.h"
|
|
|
|
|
|
|
|
/*
|
|
|
|
* crypto alg
|
|
|
|
*/
|
|
|
|
#define CAAM_CRA_PRIORITY 2000
|
|
|
|
/* max key is sum of AES_MAX_KEY_SIZE, max split key size */
|
|
|
|
#define CAAM_MAX_KEY_SIZE (AES_MAX_KEY_SIZE + \
|
|
|
|
SHA512_DIGEST_SIZE * 2)
|
|
|
|
|
|
|
|
#define DESC_MAX_USED_BYTES (DESC_QI_AEAD_GIVENC_LEN + \
|
|
|
|
CAAM_MAX_KEY_SIZE)
|
|
|
|
#define DESC_MAX_USED_LEN (DESC_MAX_USED_BYTES / CAAM_CMD_SZ)
|
|
|
|
|
|
|
|
struct caam_alg_entry {
|
|
|
|
int class1_alg_type;
|
|
|
|
int class2_alg_type;
|
|
|
|
bool rfc3686;
|
|
|
|
bool geniv;
|
2019-05-06 14:39:44 +08:00
|
|
|
bool nodkp;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
struct caam_aead_alg {
|
|
|
|
struct aead_alg aead;
|
|
|
|
struct caam_alg_entry caam;
|
|
|
|
bool registered;
|
|
|
|
};
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
struct caam_skcipher_alg {
|
|
|
|
struct skcipher_alg skcipher;
|
|
|
|
struct caam_alg_entry caam;
|
|
|
|
bool registered;
|
|
|
|
};
|
|
|
|
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
/*
|
|
|
|
* per-session context
|
|
|
|
*/
|
|
|
|
struct caam_ctx {
|
|
|
|
struct device *jrdev;
|
|
|
|
u32 sh_desc_enc[DESC_MAX_USED_LEN];
|
|
|
|
u32 sh_desc_dec[DESC_MAX_USED_LEN];
|
|
|
|
u8 key[CAAM_MAX_KEY_SIZE];
|
|
|
|
dma_addr_t key_dma;
|
2017-12-19 18:16:07 +08:00
|
|
|
enum dma_data_direction dir;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
struct alginfo adata;
|
|
|
|
struct alginfo cdata;
|
|
|
|
unsigned int authsize;
|
|
|
|
struct device *qidev;
|
|
|
|
spinlock_t lock; /* Protects multiple init of driver context */
|
|
|
|
struct caam_drv_ctx *drv_ctx[NUM_OP];
|
|
|
|
};
|
|
|
|
|
|
|
|
static int aead_set_sh_desc(struct crypto_aead *aead)
|
|
|
|
{
|
|
|
|
struct caam_aead_alg *alg = container_of(crypto_aead_alg(aead),
|
|
|
|
typeof(*alg), aead);
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
unsigned int ivsize = crypto_aead_ivsize(aead);
|
|
|
|
u32 ctx1_iv_off = 0;
|
|
|
|
u32 *nonce = NULL;
|
|
|
|
unsigned int data_len[2];
|
|
|
|
u32 inl_mask;
|
|
|
|
const bool ctr_mode = ((ctx->cdata.algtype & OP_ALG_AAI_MASK) ==
|
|
|
|
OP_ALG_AAI_CTR_MOD128);
|
|
|
|
const bool is_rfc3686 = alg->caam.rfc3686;
|
2017-12-19 18:16:07 +08:00
|
|
|
struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctx->jrdev->parent);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
if (!ctx->cdata.keylen || !ctx->authsize)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* AES-CTR needs to load IV in CONTEXT1 reg
|
|
|
|
* at an offset of 128bits (16bytes)
|
|
|
|
* CONTEXT1[255:128] = IV
|
|
|
|
*/
|
|
|
|
if (ctr_mode)
|
|
|
|
ctx1_iv_off = 16;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* RFC3686 specific:
|
|
|
|
* CONTEXT1[255:128] = {NONCE, IV, COUNTER}
|
|
|
|
*/
|
|
|
|
if (is_rfc3686) {
|
|
|
|
ctx1_iv_off = 16 + CTR_RFC3686_NONCE_SIZE;
|
|
|
|
nonce = (u32 *)((void *)ctx->key + ctx->adata.keylen_pad +
|
|
|
|
ctx->cdata.keylen - CTR_RFC3686_NONCE_SIZE);
|
|
|
|
}
|
|
|
|
|
2019-07-31 21:08:11 +08:00
|
|
|
/*
|
|
|
|
* In case |user key| > |derived key|, using DKP<imm,imm> would result
|
|
|
|
* in invalid opcodes (last bytes of user key) in the resulting
|
|
|
|
* descriptor. Use DKP<ptr,imm> instead => both virtual and dma key
|
|
|
|
* addresses are needed.
|
|
|
|
*/
|
|
|
|
ctx->adata.key_virt = ctx->key;
|
|
|
|
ctx->adata.key_dma = ctx->key_dma;
|
|
|
|
|
|
|
|
ctx->cdata.key_virt = ctx->key + ctx->adata.keylen_pad;
|
|
|
|
ctx->cdata.key_dma = ctx->key_dma + ctx->adata.keylen_pad;
|
|
|
|
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
data_len[0] = ctx->adata.keylen_pad;
|
|
|
|
data_len[1] = ctx->cdata.keylen;
|
|
|
|
|
|
|
|
if (alg->caam.geniv)
|
|
|
|
goto skip_enc;
|
|
|
|
|
|
|
|
/* aead_encrypt shared descriptor */
|
|
|
|
if (desc_inline_query(DESC_QI_AEAD_ENC_LEN +
|
|
|
|
(is_rfc3686 ? DESC_AEAD_CTR_RFC3686_LEN : 0),
|
|
|
|
DESC_JOB_IO_LEN, data_len, &inl_mask,
|
|
|
|
ARRAY_SIZE(data_len)) < 0)
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
ctx->adata.key_inline = !!(inl_mask & 1);
|
|
|
|
ctx->cdata.key_inline = !!(inl_mask & 2);
|
|
|
|
|
|
|
|
cnstr_shdsc_aead_encap(ctx->sh_desc_enc, &ctx->cdata, &ctx->adata,
|
|
|
|
ivsize, ctx->authsize, is_rfc3686, nonce,
|
2017-12-19 18:16:07 +08:00
|
|
|
ctx1_iv_off, true, ctrlpriv->era);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
skip_enc:
|
|
|
|
/* aead_decrypt shared descriptor */
|
|
|
|
if (desc_inline_query(DESC_QI_AEAD_DEC_LEN +
|
|
|
|
(is_rfc3686 ? DESC_AEAD_CTR_RFC3686_LEN : 0),
|
|
|
|
DESC_JOB_IO_LEN, data_len, &inl_mask,
|
|
|
|
ARRAY_SIZE(data_len)) < 0)
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
ctx->adata.key_inline = !!(inl_mask & 1);
|
|
|
|
ctx->cdata.key_inline = !!(inl_mask & 2);
|
|
|
|
|
|
|
|
cnstr_shdsc_aead_decap(ctx->sh_desc_dec, &ctx->cdata, &ctx->adata,
|
|
|
|
ivsize, ctx->authsize, alg->caam.geniv,
|
2017-12-19 18:16:07 +08:00
|
|
|
is_rfc3686, nonce, ctx1_iv_off, true,
|
|
|
|
ctrlpriv->era);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
if (!alg->caam.geniv)
|
|
|
|
goto skip_givenc;
|
|
|
|
|
|
|
|
/* aead_givencrypt shared descriptor */
|
|
|
|
if (desc_inline_query(DESC_QI_AEAD_GIVENC_LEN +
|
|
|
|
(is_rfc3686 ? DESC_AEAD_CTR_RFC3686_LEN : 0),
|
|
|
|
DESC_JOB_IO_LEN, data_len, &inl_mask,
|
|
|
|
ARRAY_SIZE(data_len)) < 0)
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
ctx->adata.key_inline = !!(inl_mask & 1);
|
|
|
|
ctx->cdata.key_inline = !!(inl_mask & 2);
|
|
|
|
|
|
|
|
cnstr_shdsc_aead_givencap(ctx->sh_desc_enc, &ctx->cdata, &ctx->adata,
|
|
|
|
ivsize, ctx->authsize, is_rfc3686, nonce,
|
2017-12-19 18:16:07 +08:00
|
|
|
ctx1_iv_off, true, ctrlpriv->era);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
skip_givenc:
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int aead_setauthsize(struct crypto_aead *authenc, unsigned int authsize)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(authenc);
|
|
|
|
|
|
|
|
ctx->authsize = authsize;
|
|
|
|
aead_set_sh_desc(authenc);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int aead_setkey(struct crypto_aead *aead, const u8 *key,
|
|
|
|
unsigned int keylen)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
struct device *jrdev = ctx->jrdev;
|
2017-12-19 18:16:07 +08:00
|
|
|
struct caam_drv_private *ctrlpriv = dev_get_drvdata(jrdev->parent);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
struct crypto_authenc_keys keys;
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
if (crypto_authenc_extractkeys(&keys, key, keylen) != 0)
|
|
|
|
goto badkey;
|
|
|
|
|
2019-05-23 16:50:29 +08:00
|
|
|
dev_dbg(jrdev, "keylen %d enckeylen %d authkeylen %d\n",
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
keys.authkeylen + keys.enckeylen, keys.enckeylen,
|
|
|
|
keys.authkeylen);
|
2019-05-23 16:50:29 +08:00
|
|
|
print_hex_dump_debug("key in @" __stringify(__LINE__)": ",
|
|
|
|
DUMP_PREFIX_ADDRESS, 16, 4, key, keylen, 1);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2017-12-19 18:16:07 +08:00
|
|
|
/*
|
|
|
|
* If DKP is supported, use it in the shared descriptor to generate
|
|
|
|
* the split key.
|
|
|
|
*/
|
|
|
|
if (ctrlpriv->era >= 6) {
|
|
|
|
ctx->adata.keylen = keys.authkeylen;
|
|
|
|
ctx->adata.keylen_pad = split_key_len(ctx->adata.algtype &
|
|
|
|
OP_ALG_ALGSEL_MASK);
|
|
|
|
|
|
|
|
if (ctx->adata.keylen_pad + keys.enckeylen > CAAM_MAX_KEY_SIZE)
|
|
|
|
goto badkey;
|
|
|
|
|
|
|
|
memcpy(ctx->key, keys.authkey, keys.authkeylen);
|
|
|
|
memcpy(ctx->key + ctx->adata.keylen_pad, keys.enckey,
|
|
|
|
keys.enckeylen);
|
2019-05-03 22:17:42 +08:00
|
|
|
dma_sync_single_for_device(jrdev->parent, ctx->key_dma,
|
2017-12-19 18:16:07 +08:00
|
|
|
ctx->adata.keylen_pad +
|
|
|
|
keys.enckeylen, ctx->dir);
|
|
|
|
goto skip_split_key;
|
|
|
|
}
|
|
|
|
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
ret = gen_split_key(jrdev, ctx->key, &ctx->adata, keys.authkey,
|
|
|
|
keys.authkeylen, CAAM_MAX_KEY_SIZE -
|
|
|
|
keys.enckeylen);
|
|
|
|
if (ret)
|
|
|
|
goto badkey;
|
|
|
|
|
|
|
|
/* postpend encryption key to auth split key */
|
|
|
|
memcpy(ctx->key + ctx->adata.keylen_pad, keys.enckey, keys.enckeylen);
|
2019-05-03 22:17:42 +08:00
|
|
|
dma_sync_single_for_device(jrdev->parent, ctx->key_dma,
|
|
|
|
ctx->adata.keylen_pad + keys.enckeylen,
|
|
|
|
ctx->dir);
|
2019-08-20 19:26:39 +08:00
|
|
|
|
|
|
|
print_hex_dump_debug("ctx.key@" __stringify(__LINE__)": ",
|
|
|
|
DUMP_PREFIX_ADDRESS, 16, 4, ctx->key,
|
|
|
|
ctx->adata.keylen_pad + keys.enckeylen, 1);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2017-12-19 18:16:07 +08:00
|
|
|
skip_split_key:
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
ctx->cdata.keylen = keys.enckeylen;
|
|
|
|
|
|
|
|
ret = aead_set_sh_desc(aead);
|
|
|
|
if (ret)
|
|
|
|
goto badkey;
|
|
|
|
|
|
|
|
/* Now update the driver contexts with the new shared descriptor */
|
|
|
|
if (ctx->drv_ctx[ENCRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[ENCRYPT],
|
|
|
|
ctx->sh_desc_enc);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver enc context update failed\n");
|
|
|
|
goto badkey;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ctx->drv_ctx[DECRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[DECRYPT],
|
|
|
|
ctx->sh_desc_dec);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver dec context update failed\n");
|
|
|
|
goto badkey;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-03-23 18:42:19 +08:00
|
|
|
memzero_explicit(&keys, sizeof(keys));
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
return ret;
|
|
|
|
badkey:
|
2018-03-23 18:42:19 +08:00
|
|
|
memzero_explicit(&keys, sizeof(keys));
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2019-04-11 16:51:02 +08:00
|
|
|
static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
|
|
|
|
unsigned int keylen)
|
|
|
|
{
|
|
|
|
struct crypto_authenc_keys keys;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = crypto_authenc_extractkeys(&keys, key, keylen);
|
|
|
|
if (unlikely(err))
|
2019-08-15 17:00:48 +08:00
|
|
|
return err;
|
2019-04-11 16:51:02 +08:00
|
|
|
|
2019-08-15 17:00:48 +08:00
|
|
|
err = verify_aead_des3_key(aead, keys.enckey, keys.enckeylen) ?:
|
|
|
|
aead_setkey(aead, key, keylen);
|
2019-04-11 16:51:02 +08:00
|
|
|
|
|
|
|
memzero_explicit(&keys, sizeof(keys));
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
2018-01-29 16:38:37 +08:00
|
|
|
static int gcm_set_sh_desc(struct crypto_aead *aead)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
unsigned int ivsize = crypto_aead_ivsize(aead);
|
|
|
|
int rem_bytes = CAAM_DESC_BYTES_MAX - DESC_JOB_IO_LEN -
|
|
|
|
ctx->cdata.keylen;
|
|
|
|
|
|
|
|
if (!ctx->cdata.keylen || !ctx->authsize)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Job Descriptor and Shared Descriptor
|
|
|
|
* must fit into the 64-word Descriptor h/w Buffer
|
|
|
|
*/
|
|
|
|
if (rem_bytes >= DESC_QI_GCM_ENC_LEN) {
|
|
|
|
ctx->cdata.key_inline = true;
|
|
|
|
ctx->cdata.key_virt = ctx->key;
|
|
|
|
} else {
|
|
|
|
ctx->cdata.key_inline = false;
|
|
|
|
ctx->cdata.key_dma = ctx->key_dma;
|
|
|
|
}
|
|
|
|
|
|
|
|
cnstr_shdsc_gcm_encap(ctx->sh_desc_enc, &ctx->cdata, ivsize,
|
|
|
|
ctx->authsize, true);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Job Descriptor and Shared Descriptor
|
|
|
|
* must fit into the 64-word Descriptor h/w Buffer
|
|
|
|
*/
|
|
|
|
if (rem_bytes >= DESC_QI_GCM_DEC_LEN) {
|
|
|
|
ctx->cdata.key_inline = true;
|
|
|
|
ctx->cdata.key_virt = ctx->key;
|
|
|
|
} else {
|
|
|
|
ctx->cdata.key_inline = false;
|
|
|
|
ctx->cdata.key_dma = ctx->key_dma;
|
|
|
|
}
|
|
|
|
|
|
|
|
cnstr_shdsc_gcm_decap(ctx->sh_desc_dec, &ctx->cdata, ivsize,
|
|
|
|
ctx->authsize, true);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int gcm_setauthsize(struct crypto_aead *authenc, unsigned int authsize)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(authenc);
|
2019-07-31 21:08:06 +08:00
|
|
|
int err;
|
|
|
|
|
|
|
|
err = crypto_gcm_check_authsize(authsize);
|
|
|
|
if (err)
|
|
|
|
return err;
|
2018-01-29 16:38:37 +08:00
|
|
|
|
|
|
|
ctx->authsize = authsize;
|
|
|
|
gcm_set_sh_desc(authenc);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int gcm_setkey(struct crypto_aead *aead,
|
|
|
|
const u8 *key, unsigned int keylen)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
struct device *jrdev = ctx->jrdev;
|
|
|
|
int ret;
|
|
|
|
|
2019-07-31 21:08:05 +08:00
|
|
|
ret = aes_check_keylen(keylen);
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
if (ret)
|
2019-07-31 21:08:05 +08:00
|
|
|
return ret;
|
|
|
|
|
2019-05-23 16:50:29 +08:00
|
|
|
print_hex_dump_debug("key in @" __stringify(__LINE__)": ",
|
|
|
|
DUMP_PREFIX_ADDRESS, 16, 4, key, keylen, 1);
|
2018-01-29 16:38:37 +08:00
|
|
|
|
|
|
|
memcpy(ctx->key, key, keylen);
|
2019-05-03 22:17:42 +08:00
|
|
|
dma_sync_single_for_device(jrdev->parent, ctx->key_dma, keylen,
|
|
|
|
ctx->dir);
|
2018-01-29 16:38:37 +08:00
|
|
|
ctx->cdata.keylen = keylen;
|
|
|
|
|
|
|
|
ret = gcm_set_sh_desc(aead);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
/* Now update the driver contexts with the new shared descriptor */
|
|
|
|
if (ctx->drv_ctx[ENCRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[ENCRYPT],
|
|
|
|
ctx->sh_desc_enc);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver enc context update failed\n");
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ctx->drv_ctx[DECRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[DECRYPT],
|
|
|
|
ctx->sh_desc_dec);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver dec context update failed\n");
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int rfc4106_set_sh_desc(struct crypto_aead *aead)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
unsigned int ivsize = crypto_aead_ivsize(aead);
|
|
|
|
int rem_bytes = CAAM_DESC_BYTES_MAX - DESC_JOB_IO_LEN -
|
|
|
|
ctx->cdata.keylen;
|
|
|
|
|
|
|
|
if (!ctx->cdata.keylen || !ctx->authsize)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
ctx->cdata.key_virt = ctx->key;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Job Descriptor and Shared Descriptor
|
|
|
|
* must fit into the 64-word Descriptor h/w Buffer
|
|
|
|
*/
|
|
|
|
if (rem_bytes >= DESC_QI_RFC4106_ENC_LEN) {
|
|
|
|
ctx->cdata.key_inline = true;
|
|
|
|
} else {
|
|
|
|
ctx->cdata.key_inline = false;
|
|
|
|
ctx->cdata.key_dma = ctx->key_dma;
|
|
|
|
}
|
|
|
|
|
|
|
|
cnstr_shdsc_rfc4106_encap(ctx->sh_desc_enc, &ctx->cdata, ivsize,
|
|
|
|
ctx->authsize, true);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Job Descriptor and Shared Descriptor
|
|
|
|
* must fit into the 64-word Descriptor h/w Buffer
|
|
|
|
*/
|
|
|
|
if (rem_bytes >= DESC_QI_RFC4106_DEC_LEN) {
|
|
|
|
ctx->cdata.key_inline = true;
|
|
|
|
} else {
|
|
|
|
ctx->cdata.key_inline = false;
|
|
|
|
ctx->cdata.key_dma = ctx->key_dma;
|
|
|
|
}
|
|
|
|
|
|
|
|
cnstr_shdsc_rfc4106_decap(ctx->sh_desc_dec, &ctx->cdata, ivsize,
|
|
|
|
ctx->authsize, true);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int rfc4106_setauthsize(struct crypto_aead *authenc,
|
|
|
|
unsigned int authsize)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(authenc);
|
2019-07-31 21:08:06 +08:00
|
|
|
int err;
|
|
|
|
|
|
|
|
err = crypto_rfc4106_check_authsize(authsize);
|
|
|
|
if (err)
|
|
|
|
return err;
|
2018-01-29 16:38:37 +08:00
|
|
|
|
|
|
|
ctx->authsize = authsize;
|
|
|
|
rfc4106_set_sh_desc(authenc);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int rfc4106_setkey(struct crypto_aead *aead,
|
|
|
|
const u8 *key, unsigned int keylen)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
struct device *jrdev = ctx->jrdev;
|
|
|
|
int ret;
|
|
|
|
|
2019-07-31 21:08:05 +08:00
|
|
|
ret = aes_check_keylen(keylen - 4);
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
if (ret)
|
2019-07-31 21:08:05 +08:00
|
|
|
return ret;
|
2018-01-29 16:38:37 +08:00
|
|
|
|
2019-05-23 16:50:29 +08:00
|
|
|
print_hex_dump_debug("key in @" __stringify(__LINE__)": ",
|
|
|
|
DUMP_PREFIX_ADDRESS, 16, 4, key, keylen, 1);
|
2018-01-29 16:38:37 +08:00
|
|
|
|
|
|
|
memcpy(ctx->key, key, keylen);
|
|
|
|
/*
|
|
|
|
* The last four bytes of the key material are used as the salt value
|
|
|
|
* in the nonce. Update the AES key length.
|
|
|
|
*/
|
|
|
|
ctx->cdata.keylen = keylen - 4;
|
2019-05-03 22:17:42 +08:00
|
|
|
dma_sync_single_for_device(jrdev->parent, ctx->key_dma,
|
|
|
|
ctx->cdata.keylen, ctx->dir);
|
2018-01-29 16:38:37 +08:00
|
|
|
|
|
|
|
ret = rfc4106_set_sh_desc(aead);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
/* Now update the driver contexts with the new shared descriptor */
|
|
|
|
if (ctx->drv_ctx[ENCRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[ENCRYPT],
|
|
|
|
ctx->sh_desc_enc);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver enc context update failed\n");
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ctx->drv_ctx[DECRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[DECRYPT],
|
|
|
|
ctx->sh_desc_dec);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver dec context update failed\n");
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int rfc4543_set_sh_desc(struct crypto_aead *aead)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
unsigned int ivsize = crypto_aead_ivsize(aead);
|
|
|
|
int rem_bytes = CAAM_DESC_BYTES_MAX - DESC_JOB_IO_LEN -
|
|
|
|
ctx->cdata.keylen;
|
|
|
|
|
|
|
|
if (!ctx->cdata.keylen || !ctx->authsize)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
ctx->cdata.key_virt = ctx->key;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Job Descriptor and Shared Descriptor
|
|
|
|
* must fit into the 64-word Descriptor h/w Buffer
|
|
|
|
*/
|
|
|
|
if (rem_bytes >= DESC_QI_RFC4543_ENC_LEN) {
|
|
|
|
ctx->cdata.key_inline = true;
|
|
|
|
} else {
|
|
|
|
ctx->cdata.key_inline = false;
|
|
|
|
ctx->cdata.key_dma = ctx->key_dma;
|
|
|
|
}
|
|
|
|
|
|
|
|
cnstr_shdsc_rfc4543_encap(ctx->sh_desc_enc, &ctx->cdata, ivsize,
|
|
|
|
ctx->authsize, true);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Job Descriptor and Shared Descriptor
|
|
|
|
* must fit into the 64-word Descriptor h/w Buffer
|
|
|
|
*/
|
|
|
|
if (rem_bytes >= DESC_QI_RFC4543_DEC_LEN) {
|
|
|
|
ctx->cdata.key_inline = true;
|
|
|
|
} else {
|
|
|
|
ctx->cdata.key_inline = false;
|
|
|
|
ctx->cdata.key_dma = ctx->key_dma;
|
|
|
|
}
|
|
|
|
|
|
|
|
cnstr_shdsc_rfc4543_decap(ctx->sh_desc_dec, &ctx->cdata, ivsize,
|
|
|
|
ctx->authsize, true);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int rfc4543_setauthsize(struct crypto_aead *authenc,
|
|
|
|
unsigned int authsize)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(authenc);
|
|
|
|
|
2019-07-31 21:08:06 +08:00
|
|
|
if (authsize != 16)
|
|
|
|
return -EINVAL;
|
|
|
|
|
2018-01-29 16:38:37 +08:00
|
|
|
ctx->authsize = authsize;
|
|
|
|
rfc4543_set_sh_desc(authenc);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int rfc4543_setkey(struct crypto_aead *aead,
|
|
|
|
const u8 *key, unsigned int keylen)
|
|
|
|
{
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
struct device *jrdev = ctx->jrdev;
|
|
|
|
int ret;
|
|
|
|
|
2019-07-31 21:08:05 +08:00
|
|
|
ret = aes_check_keylen(keylen - 4);
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
if (ret)
|
2019-07-31 21:08:05 +08:00
|
|
|
return ret;
|
2018-01-29 16:38:37 +08:00
|
|
|
|
2019-05-23 16:50:29 +08:00
|
|
|
print_hex_dump_debug("key in @" __stringify(__LINE__)": ",
|
|
|
|
DUMP_PREFIX_ADDRESS, 16, 4, key, keylen, 1);
|
2018-01-29 16:38:37 +08:00
|
|
|
|
|
|
|
memcpy(ctx->key, key, keylen);
|
|
|
|
/*
|
|
|
|
* The last four bytes of the key material are used as the salt value
|
|
|
|
* in the nonce. Update the AES key length.
|
|
|
|
*/
|
|
|
|
ctx->cdata.keylen = keylen - 4;
|
2019-05-03 22:17:42 +08:00
|
|
|
dma_sync_single_for_device(jrdev->parent, ctx->key_dma,
|
|
|
|
ctx->cdata.keylen, ctx->dir);
|
2018-01-29 16:38:37 +08:00
|
|
|
|
|
|
|
ret = rfc4543_set_sh_desc(aead);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
/* Now update the driver contexts with the new shared descriptor */
|
|
|
|
if (ctx->drv_ctx[ENCRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[ENCRYPT],
|
|
|
|
ctx->sh_desc_enc);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver enc context update failed\n");
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ctx->drv_ctx[DECRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[DECRYPT],
|
|
|
|
ctx->sh_desc_dec);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver dec context update failed\n");
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
|
2019-07-31 21:08:05 +08:00
|
|
|
unsigned int keylen, const u32 ctx1_iv_off)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
struct caam_ctx *ctx = crypto_skcipher_ctx(skcipher);
|
|
|
|
struct caam_skcipher_alg *alg =
|
|
|
|
container_of(crypto_skcipher_alg(skcipher), typeof(*alg),
|
|
|
|
skcipher);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
struct device *jrdev = ctx->jrdev;
|
2018-08-06 20:44:00 +08:00
|
|
|
unsigned int ivsize = crypto_skcipher_ivsize(skcipher);
|
|
|
|
const bool is_rfc3686 = alg->caam.rfc3686;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
int ret = 0;
|
|
|
|
|
2019-05-23 16:50:29 +08:00
|
|
|
print_hex_dump_debug("key in @" __stringify(__LINE__)": ",
|
|
|
|
DUMP_PREFIX_ADDRESS, 16, 4, key, keylen, 1);
|
|
|
|
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
ctx->cdata.keylen = keylen;
|
2017-12-19 18:16:05 +08:00
|
|
|
ctx->cdata.key_virt = key;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
ctx->cdata.key_inline = true;
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
/* skcipher encrypt, decrypt shared descriptors */
|
|
|
|
cnstr_shdsc_skcipher_encap(ctx->sh_desc_enc, &ctx->cdata, ivsize,
|
|
|
|
is_rfc3686, ctx1_iv_off);
|
|
|
|
cnstr_shdsc_skcipher_decap(ctx->sh_desc_dec, &ctx->cdata, ivsize,
|
|
|
|
is_rfc3686, ctx1_iv_off);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
/* Now update the driver contexts with the new shared descriptor */
|
|
|
|
if (ctx->drv_ctx[ENCRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[ENCRYPT],
|
|
|
|
ctx->sh_desc_enc);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver enc context update failed\n");
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
return -EINVAL;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ctx->drv_ctx[DECRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[DECRYPT],
|
|
|
|
ctx->sh_desc_dec);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver dec context update failed\n");
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
return -EINVAL;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2019-07-31 21:08:05 +08:00
|
|
|
static int aes_skcipher_setkey(struct crypto_skcipher *skcipher,
|
|
|
|
const u8 *key, unsigned int keylen)
|
|
|
|
{
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = aes_check_keylen(keylen);
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
if (err)
|
2019-07-31 21:08:05 +08:00
|
|
|
return err;
|
|
|
|
|
|
|
|
return skcipher_setkey(skcipher, key, keylen, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int rfc3686_skcipher_setkey(struct crypto_skcipher *skcipher,
|
|
|
|
const u8 *key, unsigned int keylen)
|
|
|
|
{
|
|
|
|
u32 ctx1_iv_off;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* RFC3686 specific:
|
|
|
|
* | CONTEXT1[255:128] = {NONCE, IV, COUNTER}
|
|
|
|
* | *key = {KEY, NONCE}
|
|
|
|
*/
|
|
|
|
ctx1_iv_off = 16 + CTR_RFC3686_NONCE_SIZE;
|
|
|
|
keylen -= CTR_RFC3686_NONCE_SIZE;
|
|
|
|
|
|
|
|
err = aes_check_keylen(keylen);
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
if (err)
|
2019-07-31 21:08:05 +08:00
|
|
|
return err;
|
|
|
|
|
|
|
|
return skcipher_setkey(skcipher, key, keylen, ctx1_iv_off);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int ctr_skcipher_setkey(struct crypto_skcipher *skcipher,
|
|
|
|
const u8 *key, unsigned int keylen)
|
|
|
|
{
|
|
|
|
u32 ctx1_iv_off;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* AES-CTR needs to load IV in CONTEXT1 reg
|
|
|
|
* at an offset of 128bits (16bytes)
|
|
|
|
* CONTEXT1[255:128] = IV
|
|
|
|
*/
|
|
|
|
ctx1_iv_off = 16;
|
|
|
|
|
|
|
|
err = aes_check_keylen(keylen);
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
if (err)
|
2019-07-31 21:08:05 +08:00
|
|
|
return err;
|
|
|
|
|
|
|
|
return skcipher_setkey(skcipher, key, keylen, ctx1_iv_off);
|
|
|
|
}
|
|
|
|
|
2019-04-11 16:51:02 +08:00
|
|
|
static int des3_skcipher_setkey(struct crypto_skcipher *skcipher,
|
|
|
|
const u8 *key, unsigned int keylen)
|
|
|
|
{
|
2019-08-15 17:00:48 +08:00
|
|
|
return verify_skcipher_des3_key(skcipher, key) ?:
|
2019-07-31 21:08:05 +08:00
|
|
|
skcipher_setkey(skcipher, key, keylen, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int des_skcipher_setkey(struct crypto_skcipher *skcipher,
|
|
|
|
const u8 *key, unsigned int keylen)
|
|
|
|
{
|
2019-08-15 17:00:48 +08:00
|
|
|
return verify_skcipher_des_key(skcipher, key) ?:
|
|
|
|
skcipher_setkey(skcipher, key, keylen, 0);
|
2019-04-11 16:51:02 +08:00
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
|
|
|
|
unsigned int keylen)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
struct caam_ctx *ctx = crypto_skcipher_ctx(skcipher);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
struct device *jrdev = ctx->jrdev;
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
if (keylen != 2 * AES_MIN_KEY_SIZE && keylen != 2 * AES_MAX_KEY_SIZE) {
|
2020-07-22 20:14:55 +08:00
|
|
|
dev_dbg(jrdev, "key size mismatch\n");
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
return -EINVAL;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
ctx->cdata.keylen = keylen;
|
2017-12-19 18:16:05 +08:00
|
|
|
ctx->cdata.key_virt = key;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
ctx->cdata.key_inline = true;
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
/* xts skcipher encrypt, decrypt shared descriptors */
|
|
|
|
cnstr_shdsc_xts_skcipher_encap(ctx->sh_desc_enc, &ctx->cdata);
|
|
|
|
cnstr_shdsc_xts_skcipher_decap(ctx->sh_desc_dec, &ctx->cdata);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
/* Now update the driver contexts with the new shared descriptor */
|
|
|
|
if (ctx->drv_ctx[ENCRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[ENCRYPT],
|
|
|
|
ctx->sh_desc_enc);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver enc context update failed\n");
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
return -EINVAL;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ctx->drv_ctx[DECRYPT]) {
|
|
|
|
ret = caam_drv_ctx_update(ctx->drv_ctx[DECRYPT],
|
|
|
|
ctx->sh_desc_dec);
|
|
|
|
if (ret) {
|
|
|
|
dev_err(jrdev, "driver dec context update failed\n");
|
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-12-31 11:19:36 +08:00
|
|
|
return -EINVAL;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* aead_edesc - s/w-extended aead descriptor
|
|
|
|
* @src_nents: number of segments in input scatterlist
|
|
|
|
* @dst_nents: number of segments in output scatterlist
|
|
|
|
* @iv_dma: dma address of iv for checking continuity and link table
|
|
|
|
* @qm_sg_bytes: length of dma mapped h/w link table
|
|
|
|
* @qm_sg_dma: bus physical mapped address of h/w link table
|
2017-07-10 13:40:32 +08:00
|
|
|
* @assoclen: associated data length, in CAAM endianness
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
* @assoclen_dma: bus physical mapped address of req->assoclen
|
|
|
|
* @drv_req: driver-specific request structure
|
2018-03-28 20:39:19 +08:00
|
|
|
* @sgt: the h/w link table, followed by IV
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
*/
|
|
|
|
struct aead_edesc {
|
|
|
|
int src_nents;
|
|
|
|
int dst_nents;
|
|
|
|
dma_addr_t iv_dma;
|
|
|
|
int qm_sg_bytes;
|
|
|
|
dma_addr_t qm_sg_dma;
|
2017-07-10 13:40:32 +08:00
|
|
|
unsigned int assoclen;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
dma_addr_t assoclen_dma;
|
|
|
|
struct caam_drv_req drv_req;
|
2020-02-25 00:21:00 +08:00
|
|
|
struct qm_sg_entry sgt[];
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
2018-08-06 20:44:00 +08:00
|
|
|
* skcipher_edesc - s/w-extended skcipher descriptor
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
* @src_nents: number of segments in input scatterlist
|
|
|
|
* @dst_nents: number of segments in output scatterlist
|
|
|
|
* @iv_dma: dma address of iv for checking continuity and link table
|
|
|
|
* @qm_sg_bytes: length of dma mapped h/w link table
|
|
|
|
* @qm_sg_dma: bus physical mapped address of h/w link table
|
|
|
|
* @drv_req: driver-specific request structure
|
2018-03-28 20:39:19 +08:00
|
|
|
* @sgt: the h/w link table, followed by IV
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
*/
|
2018-08-06 20:44:00 +08:00
|
|
|
struct skcipher_edesc {
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
int src_nents;
|
|
|
|
int dst_nents;
|
|
|
|
dma_addr_t iv_dma;
|
|
|
|
int qm_sg_bytes;
|
|
|
|
dma_addr_t qm_sg_dma;
|
|
|
|
struct caam_drv_req drv_req;
|
2020-02-25 00:21:00 +08:00
|
|
|
struct qm_sg_entry sgt[];
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static struct caam_drv_ctx *get_drv_ctx(struct caam_ctx *ctx,
|
|
|
|
enum optype type)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* This function is called on the fast path with values of 'type'
|
|
|
|
* known at compile time. Invalid arguments are not expected and
|
|
|
|
* thus no checks are made.
|
|
|
|
*/
|
|
|
|
struct caam_drv_ctx *drv_ctx = ctx->drv_ctx[type];
|
|
|
|
u32 *desc;
|
|
|
|
|
|
|
|
if (unlikely(!drv_ctx)) {
|
|
|
|
spin_lock(&ctx->lock);
|
|
|
|
|
|
|
|
/* Read again to check if some other core init drv_ctx */
|
|
|
|
drv_ctx = ctx->drv_ctx[type];
|
|
|
|
if (!drv_ctx) {
|
|
|
|
int cpu;
|
|
|
|
|
|
|
|
if (type == ENCRYPT)
|
|
|
|
desc = ctx->sh_desc_enc;
|
2018-08-06 20:43:58 +08:00
|
|
|
else /* (type == DECRYPT) */
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
desc = ctx->sh_desc_dec;
|
|
|
|
|
|
|
|
cpu = smp_processor_id();
|
|
|
|
drv_ctx = caam_drv_ctx_init(ctx->qidev, &cpu, desc);
|
2019-02-20 18:49:18 +08:00
|
|
|
if (!IS_ERR_OR_NULL(drv_ctx))
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
drv_ctx->op_type = type;
|
|
|
|
|
|
|
|
ctx->drv_ctx[type] = drv_ctx;
|
|
|
|
}
|
|
|
|
|
|
|
|
spin_unlock(&ctx->lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
return drv_ctx;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void caam_unmap(struct device *dev, struct scatterlist *src,
|
|
|
|
struct scatterlist *dst, int src_nents,
|
|
|
|
int dst_nents, dma_addr_t iv_dma, int ivsize,
|
2019-06-10 21:30:59 +08:00
|
|
|
enum dma_data_direction iv_dir, dma_addr_t qm_sg_dma,
|
|
|
|
int qm_sg_bytes)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
|
|
|
if (dst != src) {
|
|
|
|
if (src_nents)
|
|
|
|
dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE);
|
2019-01-22 22:47:01 +08:00
|
|
|
if (dst_nents)
|
|
|
|
dma_unmap_sg(dev, dst, dst_nents, DMA_FROM_DEVICE);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
} else {
|
|
|
|
dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (iv_dma)
|
2019-06-10 21:30:59 +08:00
|
|
|
dma_unmap_single(dev, iv_dma, ivsize, iv_dir);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
if (qm_sg_bytes)
|
|
|
|
dma_unmap_single(dev, qm_sg_dma, qm_sg_bytes, DMA_TO_DEVICE);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void aead_unmap(struct device *dev,
|
|
|
|
struct aead_edesc *edesc,
|
|
|
|
struct aead_request *req)
|
|
|
|
{
|
|
|
|
struct crypto_aead *aead = crypto_aead_reqtfm(req);
|
|
|
|
int ivsize = crypto_aead_ivsize(aead);
|
|
|
|
|
|
|
|
caam_unmap(dev, req->src, req->dst, edesc->src_nents, edesc->dst_nents,
|
2019-06-10 21:30:59 +08:00
|
|
|
edesc->iv_dma, ivsize, DMA_TO_DEVICE, edesc->qm_sg_dma,
|
|
|
|
edesc->qm_sg_bytes);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
dma_unmap_single(dev, edesc->assoclen_dma, 4, DMA_TO_DEVICE);
|
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static void skcipher_unmap(struct device *dev, struct skcipher_edesc *edesc,
|
|
|
|
struct skcipher_request *req)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
|
|
|
|
int ivsize = crypto_skcipher_ivsize(skcipher);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
caam_unmap(dev, req->src, req->dst, edesc->src_nents, edesc->dst_nents,
|
2019-06-10 21:30:59 +08:00
|
|
|
edesc->iv_dma, ivsize, DMA_BIDIRECTIONAL, edesc->qm_sg_dma,
|
|
|
|
edesc->qm_sg_bytes);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void aead_done(struct caam_drv_req *drv_req, u32 status)
|
|
|
|
{
|
|
|
|
struct device *qidev;
|
|
|
|
struct aead_edesc *edesc;
|
|
|
|
struct aead_request *aead_req = drv_req->app_ctx;
|
|
|
|
struct crypto_aead *aead = crypto_aead_reqtfm(aead_req);
|
|
|
|
struct caam_ctx *caam_ctx = crypto_aead_ctx(aead);
|
|
|
|
int ecode = 0;
|
|
|
|
|
|
|
|
qidev = caam_ctx->qidev;
|
|
|
|
|
2019-07-31 21:08:03 +08:00
|
|
|
if (unlikely(status))
|
|
|
|
ecode = caam_jr_strstatus(qidev, status);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
edesc = container_of(drv_req, typeof(*edesc), drv_req);
|
|
|
|
aead_unmap(qidev, edesc, aead_req);
|
|
|
|
|
|
|
|
aead_request_complete(aead_req, ecode);
|
|
|
|
qi_cache_free(edesc);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* allocate and map the aead extended descriptor
|
|
|
|
*/
|
|
|
|
static struct aead_edesc *aead_edesc_alloc(struct aead_request *req,
|
|
|
|
bool encrypt)
|
|
|
|
{
|
|
|
|
struct crypto_aead *aead = crypto_aead_reqtfm(req);
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
struct caam_aead_alg *alg = container_of(crypto_aead_alg(aead),
|
|
|
|
typeof(*alg), aead);
|
|
|
|
struct device *qidev = ctx->qidev;
|
2017-06-19 16:44:46 +08:00
|
|
|
gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
|
|
|
|
GFP_KERNEL : GFP_ATOMIC;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
|
2019-06-10 21:30:58 +08:00
|
|
|
int src_len, dst_len = 0;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
struct aead_edesc *edesc;
|
|
|
|
dma_addr_t qm_sg_dma, iv_dma = 0;
|
|
|
|
int ivsize = 0;
|
|
|
|
unsigned int authsize = ctx->authsize;
|
|
|
|
int qm_sg_index = 0, qm_sg_ents = 0, qm_sg_bytes;
|
|
|
|
int in_len, out_len;
|
|
|
|
struct qm_sg_entry *sg_table, *fd_sgt;
|
|
|
|
struct caam_drv_ctx *drv_ctx;
|
|
|
|
|
2018-08-06 20:43:58 +08:00
|
|
|
drv_ctx = get_drv_ctx(ctx, encrypt ? ENCRYPT : DECRYPT);
|
2019-02-20 18:49:18 +08:00
|
|
|
if (IS_ERR_OR_NULL(drv_ctx))
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
return (struct aead_edesc *)drv_ctx;
|
|
|
|
|
|
|
|
/* allocate space for base edesc and hw desc commands, link tables */
|
|
|
|
edesc = qi_cache_alloc(GFP_DMA | flags);
|
|
|
|
if (unlikely(!edesc)) {
|
|
|
|
dev_err(qidev, "could not allocate extended descriptor\n");
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (likely(req->src == req->dst)) {
|
2019-06-10 21:30:58 +08:00
|
|
|
src_len = req->assoclen + req->cryptlen +
|
|
|
|
(encrypt ? authsize : 0);
|
|
|
|
|
|
|
|
src_nents = sg_nents_for_len(req->src, src_len);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
if (unlikely(src_nents < 0)) {
|
|
|
|
dev_err(qidev, "Insufficient bytes (%d) in src S/G\n",
|
2019-06-10 21:30:58 +08:00
|
|
|
src_len);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(src_nents);
|
|
|
|
}
|
|
|
|
|
|
|
|
mapped_src_nents = dma_map_sg(qidev, req->src, src_nents,
|
|
|
|
DMA_BIDIRECTIONAL);
|
|
|
|
if (unlikely(!mapped_src_nents)) {
|
|
|
|
dev_err(qidev, "unable to map source\n");
|
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
} else {
|
2019-06-10 21:30:58 +08:00
|
|
|
src_len = req->assoclen + req->cryptlen;
|
|
|
|
dst_len = src_len + (encrypt ? authsize : (-authsize));
|
|
|
|
|
|
|
|
src_nents = sg_nents_for_len(req->src, src_len);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
if (unlikely(src_nents < 0)) {
|
|
|
|
dev_err(qidev, "Insufficient bytes (%d) in src S/G\n",
|
2019-06-10 21:30:58 +08:00
|
|
|
src_len);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(src_nents);
|
|
|
|
}
|
|
|
|
|
2019-06-10 21:30:58 +08:00
|
|
|
dst_nents = sg_nents_for_len(req->dst, dst_len);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
if (unlikely(dst_nents < 0)) {
|
|
|
|
dev_err(qidev, "Insufficient bytes (%d) in dst S/G\n",
|
2019-06-10 21:30:58 +08:00
|
|
|
dst_len);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(dst_nents);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (src_nents) {
|
|
|
|
mapped_src_nents = dma_map_sg(qidev, req->src,
|
|
|
|
src_nents, DMA_TO_DEVICE);
|
|
|
|
if (unlikely(!mapped_src_nents)) {
|
|
|
|
dev_err(qidev, "unable to map source\n");
|
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
mapped_src_nents = 0;
|
|
|
|
}
|
|
|
|
|
2019-01-22 22:47:01 +08:00
|
|
|
if (dst_nents) {
|
|
|
|
mapped_dst_nents = dma_map_sg(qidev, req->dst,
|
|
|
|
dst_nents,
|
|
|
|
DMA_FROM_DEVICE);
|
|
|
|
if (unlikely(!mapped_dst_nents)) {
|
|
|
|
dev_err(qidev, "unable to map destination\n");
|
|
|
|
dma_unmap_sg(qidev, req->src, src_nents,
|
|
|
|
DMA_TO_DEVICE);
|
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
mapped_dst_nents = 0;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-03-28 20:39:19 +08:00
|
|
|
if ((alg->caam.rfc3686 && encrypt) || !alg->caam.geniv)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
ivsize = crypto_aead_ivsize(aead);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Create S/G table: req->assoclen, [IV,] req->src [, req->dst].
|
|
|
|
* Input is not contiguous.
|
2019-05-03 22:17:38 +08:00
|
|
|
* HW reads 4 S/G entries at a time; make sure the reads don't go beyond
|
|
|
|
* the end of the table by allocating more S/G entries. Logic:
|
|
|
|
* if (src != dst && output S/G)
|
|
|
|
* pad output S/G, if needed
|
|
|
|
* else if (src == dst && S/G)
|
|
|
|
* overlapping S/Gs; pad one of them
|
|
|
|
* else if (input S/G) ...
|
|
|
|
* pad input S/G, if needed
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
*/
|
2019-05-03 22:17:38 +08:00
|
|
|
qm_sg_ents = 1 + !!ivsize + mapped_src_nents;
|
|
|
|
if (mapped_dst_nents > 1)
|
|
|
|
qm_sg_ents += pad_sg_nents(mapped_dst_nents);
|
|
|
|
else if ((req->src == req->dst) && (mapped_src_nents > 1))
|
|
|
|
qm_sg_ents = max(pad_sg_nents(qm_sg_ents),
|
|
|
|
1 + !!ivsize + pad_sg_nents(mapped_src_nents));
|
|
|
|
else
|
|
|
|
qm_sg_ents = pad_sg_nents(qm_sg_ents);
|
|
|
|
|
2018-03-28 20:39:19 +08:00
|
|
|
sg_table = &edesc->sgt[0];
|
|
|
|
qm_sg_bytes = qm_sg_ents * sizeof(*sg_table);
|
|
|
|
if (unlikely(offsetof(struct aead_edesc, sgt) + qm_sg_bytes + ivsize >
|
|
|
|
CAAM_QI_MEMCACHE_SIZE)) {
|
|
|
|
dev_err(qidev, "No space for %d S/G entries and/or %dB IV\n",
|
|
|
|
qm_sg_ents, ivsize);
|
|
|
|
caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
|
2019-06-10 21:30:59 +08:00
|
|
|
0, DMA_NONE, 0, 0);
|
2017-07-10 13:40:31 +08:00
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
2018-03-28 20:39:19 +08:00
|
|
|
|
|
|
|
if (ivsize) {
|
|
|
|
u8 *iv = (u8 *)(sg_table + qm_sg_ents);
|
|
|
|
|
|
|
|
/* Make sure IV is located in a DMAable area */
|
|
|
|
memcpy(iv, req->iv, ivsize);
|
|
|
|
|
|
|
|
iv_dma = dma_map_single(qidev, iv, ivsize, DMA_TO_DEVICE);
|
|
|
|
if (dma_mapping_error(qidev, iv_dma)) {
|
|
|
|
dev_err(qidev, "unable to map IV\n");
|
|
|
|
caam_unmap(qidev, req->src, req->dst, src_nents,
|
2019-06-10 21:30:59 +08:00
|
|
|
dst_nents, 0, 0, DMA_NONE, 0, 0);
|
2018-03-28 20:39:19 +08:00
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
}
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
edesc->src_nents = src_nents;
|
|
|
|
edesc->dst_nents = dst_nents;
|
|
|
|
edesc->iv_dma = iv_dma;
|
|
|
|
edesc->drv_req.app_ctx = req;
|
|
|
|
edesc->drv_req.cbk = aead_done;
|
|
|
|
edesc->drv_req.drv_ctx = drv_ctx;
|
|
|
|
|
2017-07-10 13:40:32 +08:00
|
|
|
edesc->assoclen = cpu_to_caam32(req->assoclen);
|
|
|
|
edesc->assoclen_dma = dma_map_single(qidev, &edesc->assoclen, 4,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
DMA_TO_DEVICE);
|
|
|
|
if (dma_mapping_error(qidev, edesc->assoclen_dma)) {
|
|
|
|
dev_err(qidev, "unable to map assoclen\n");
|
|
|
|
caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
|
2019-06-10 21:30:59 +08:00
|
|
|
iv_dma, ivsize, DMA_TO_DEVICE, 0, 0);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
|
|
|
dma_to_qm_sg_one(sg_table, edesc->assoclen_dma, 4, 0);
|
|
|
|
qm_sg_index++;
|
|
|
|
if (ivsize) {
|
|
|
|
dma_to_qm_sg_one(sg_table + qm_sg_index, iv_dma, ivsize, 0);
|
|
|
|
qm_sg_index++;
|
|
|
|
}
|
2019-06-10 21:30:58 +08:00
|
|
|
sg_to_qm_sg_last(req->src, src_len, sg_table + qm_sg_index, 0);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
qm_sg_index += mapped_src_nents;
|
|
|
|
|
|
|
|
if (mapped_dst_nents > 1)
|
2019-06-10 21:30:58 +08:00
|
|
|
sg_to_qm_sg_last(req->dst, dst_len, sg_table + qm_sg_index, 0);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
qm_sg_dma = dma_map_single(qidev, sg_table, qm_sg_bytes, DMA_TO_DEVICE);
|
|
|
|
if (dma_mapping_error(qidev, qm_sg_dma)) {
|
|
|
|
dev_err(qidev, "unable to map S/G table\n");
|
|
|
|
dma_unmap_single(qidev, edesc->assoclen_dma, 4, DMA_TO_DEVICE);
|
|
|
|
caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
|
2019-06-10 21:30:59 +08:00
|
|
|
iv_dma, ivsize, DMA_TO_DEVICE, 0, 0);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
|
|
|
edesc->qm_sg_dma = qm_sg_dma;
|
|
|
|
edesc->qm_sg_bytes = qm_sg_bytes;
|
|
|
|
|
|
|
|
out_len = req->assoclen + req->cryptlen +
|
|
|
|
(encrypt ? ctx->authsize : (-ctx->authsize));
|
|
|
|
in_len = 4 + ivsize + req->assoclen + req->cryptlen;
|
|
|
|
|
|
|
|
fd_sgt = &edesc->drv_req.fd_sgt[0];
|
|
|
|
dma_to_qm_sg_one_last_ext(&fd_sgt[1], qm_sg_dma, in_len, 0);
|
|
|
|
|
|
|
|
if (req->dst == req->src) {
|
|
|
|
if (mapped_src_nents == 1)
|
|
|
|
dma_to_qm_sg_one(&fd_sgt[0], sg_dma_address(req->src),
|
|
|
|
out_len, 0);
|
|
|
|
else
|
|
|
|
dma_to_qm_sg_one_ext(&fd_sgt[0], qm_sg_dma +
|
|
|
|
(1 + !!ivsize) * sizeof(*sg_table),
|
|
|
|
out_len, 0);
|
crypto: caam - avoid S/G table fetching for AEAD zero-length output
When enabling IOMMU support, the following issue becomes visible
in the AEAD zero-length case.
Even though the output sequence length is set to zero, the crypto engine
tries to prefetch 4 S/G table entries (since SGF bit is set
in SEQ OUT PTR command - which is either generated in SW in case of
caam/jr or in HW in case of caam/qi, caam/qi2).
The DMA read operation will trigger an IOMMU fault since the address in
the SEQ OUT PTR is "dummy" (set to zero / not obtained via DMA API
mapping).
1. In case of caam/jr, avoid the IOMMU fault by clearing the SGF bit
in SEQ OUT PTR command.
2. In case of caam/qi - setting address, bpid, length to zero for output
entry in the compound frame has a special meaning (cf. CAAM RM):
"Output frame = Unspecified, Input address = Y. A unspecified frame is
indicated by an unused SGT entry (an entry in which the Address, Length,
and BPID fields are all zero). SEC obtains output buffers from BMan as
prescribed by the preheader."
Since no output buffers are needed, modify the preheader by setting
(ABS = 1, ADDBUF = 0):
-"ABS = 1 means obtain the number of buffers in ADDBUF (0 or 1) from
the pool POOL ID"
-ADDBUF: "If ABS is set, ADD BUF specifies whether to allocate
a buffer or not"
3. In case of caam/qi2, since engine:
-does not support FLE[FMT]=2'b11 ("unused" entry) mentioned in DPAA2 RM
-requires output entry to be present, even if not used
the solution chosen is to leave output frame list entry zeroized.
Fixes: 763069ba49d3 ("crypto: caam - handle zero-length AEAD output")
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03 22:17:37 +08:00
|
|
|
} else if (mapped_dst_nents <= 1) {
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
dma_to_qm_sg_one(&fd_sgt[0], sg_dma_address(req->dst), out_len,
|
|
|
|
0);
|
|
|
|
} else {
|
|
|
|
dma_to_qm_sg_one_ext(&fd_sgt[0], qm_sg_dma + sizeof(*sg_table) *
|
|
|
|
qm_sg_index, out_len, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
return edesc;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int aead_crypt(struct aead_request *req, bool encrypt)
|
|
|
|
{
|
|
|
|
struct aead_edesc *edesc;
|
|
|
|
struct crypto_aead *aead = crypto_aead_reqtfm(req);
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(aead);
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
if (unlikely(caam_congested))
|
|
|
|
return -EAGAIN;
|
|
|
|
|
|
|
|
/* allocate extended descriptor */
|
|
|
|
edesc = aead_edesc_alloc(req, encrypt);
|
|
|
|
if (IS_ERR_OR_NULL(edesc))
|
|
|
|
return PTR_ERR(edesc);
|
|
|
|
|
|
|
|
/* Create and submit job descriptor */
|
|
|
|
ret = caam_qi_enqueue(ctx->qidev, &edesc->drv_req);
|
|
|
|
if (!ret) {
|
|
|
|
ret = -EINPROGRESS;
|
|
|
|
} else {
|
|
|
|
aead_unmap(ctx->qidev, edesc, req);
|
|
|
|
qi_cache_free(edesc);
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int aead_encrypt(struct aead_request *req)
|
|
|
|
{
|
|
|
|
return aead_crypt(req, true);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int aead_decrypt(struct aead_request *req)
|
|
|
|
{
|
|
|
|
return aead_crypt(req, false);
|
|
|
|
}
|
|
|
|
|
2018-01-29 16:38:37 +08:00
|
|
|
static int ipsec_gcm_encrypt(struct aead_request *req)
|
|
|
|
{
|
2019-07-31 21:08:07 +08:00
|
|
|
return crypto_ipsec_check_assoclen(req->assoclen) ? : aead_crypt(req,
|
|
|
|
true);
|
2018-01-29 16:38:37 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static int ipsec_gcm_decrypt(struct aead_request *req)
|
|
|
|
{
|
2019-07-31 21:08:07 +08:00
|
|
|
return crypto_ipsec_check_assoclen(req->assoclen) ? : aead_crypt(req,
|
|
|
|
false);
|
2018-01-29 16:38:37 +08:00
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static void skcipher_done(struct caam_drv_req *drv_req, u32 status)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
struct skcipher_edesc *edesc;
|
|
|
|
struct skcipher_request *req = drv_req->app_ctx;
|
|
|
|
struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
|
|
|
|
struct caam_ctx *caam_ctx = crypto_skcipher_ctx(skcipher);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
struct device *qidev = caam_ctx->qidev;
|
2018-08-06 20:44:00 +08:00
|
|
|
int ivsize = crypto_skcipher_ivsize(skcipher);
|
2019-07-31 21:08:03 +08:00
|
|
|
int ecode = 0;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2019-05-23 16:50:29 +08:00
|
|
|
dev_dbg(qidev, "%s %d: status 0x%x\n", __func__, __LINE__, status);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
edesc = container_of(drv_req, typeof(*edesc), drv_req);
|
|
|
|
|
|
|
|
if (status)
|
2019-07-31 21:08:03 +08:00
|
|
|
ecode = caam_jr_strstatus(qidev, status);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2019-05-23 16:50:29 +08:00
|
|
|
print_hex_dump_debug("dstiv @" __stringify(__LINE__)": ",
|
|
|
|
DUMP_PREFIX_ADDRESS, 16, 4, req->iv,
|
|
|
|
edesc->src_nents > 1 ? 100 : ivsize, 1);
|
2019-05-23 16:50:30 +08:00
|
|
|
caam_dump_sg("dst @" __stringify(__LINE__)": ",
|
2017-07-10 13:40:28 +08:00
|
|
|
DUMP_PREFIX_ADDRESS, 16, 4, req->dst,
|
2018-08-06 20:44:00 +08:00
|
|
|
edesc->dst_nents > 1 ? 100 : req->cryptlen, 1);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
skcipher_unmap(qidev, edesc, req);
|
2018-03-28 20:39:19 +08:00
|
|
|
|
2017-07-10 13:40:30 +08:00
|
|
|
/*
|
2018-08-06 20:44:00 +08:00
|
|
|
* The crypto API expects us to set the IV (req->iv) to the last
|
2019-06-10 21:30:59 +08:00
|
|
|
* ciphertext block (CBC mode) or last counter (CTR mode).
|
|
|
|
* This is used e.g. by the CTS mode.
|
2017-07-10 13:40:30 +08:00
|
|
|
*/
|
2019-07-31 21:08:04 +08:00
|
|
|
if (!ecode)
|
|
|
|
memcpy(req->iv, (u8 *)&edesc->sgt[0] + edesc->qm_sg_bytes,
|
|
|
|
ivsize);
|
2017-07-10 13:40:30 +08:00
|
|
|
|
2018-03-28 20:39:19 +08:00
|
|
|
qi_cache_free(edesc);
|
2019-07-31 21:08:03 +08:00
|
|
|
skcipher_request_complete(req, ecode);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static struct skcipher_edesc *skcipher_edesc_alloc(struct skcipher_request *req,
|
|
|
|
bool encrypt)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
|
|
|
|
struct caam_ctx *ctx = crypto_skcipher_ctx(skcipher);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
struct device *qidev = ctx->qidev;
|
2017-06-19 16:44:46 +08:00
|
|
|
gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
GFP_KERNEL : GFP_ATOMIC;
|
|
|
|
int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
|
2018-08-06 20:44:00 +08:00
|
|
|
struct skcipher_edesc *edesc;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
dma_addr_t iv_dma;
|
2018-03-28 20:39:19 +08:00
|
|
|
u8 *iv;
|
2018-08-06 20:44:00 +08:00
|
|
|
int ivsize = crypto_skcipher_ivsize(skcipher);
|
2018-03-28 20:39:19 +08:00
|
|
|
int dst_sg_idx, qm_sg_ents, qm_sg_bytes;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
struct qm_sg_entry *sg_table, *fd_sgt;
|
|
|
|
struct caam_drv_ctx *drv_ctx;
|
|
|
|
|
2018-08-06 20:43:58 +08:00
|
|
|
drv_ctx = get_drv_ctx(ctx, encrypt ? ENCRYPT : DECRYPT);
|
2019-02-20 18:49:18 +08:00
|
|
|
if (IS_ERR_OR_NULL(drv_ctx))
|
2018-08-06 20:44:00 +08:00
|
|
|
return (struct skcipher_edesc *)drv_ctx;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
src_nents = sg_nents_for_len(req->src, req->cryptlen);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
if (unlikely(src_nents < 0)) {
|
|
|
|
dev_err(qidev, "Insufficient bytes (%d) in src S/G\n",
|
2018-08-06 20:44:00 +08:00
|
|
|
req->cryptlen);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
return ERR_PTR(src_nents);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (unlikely(req->src != req->dst)) {
|
2018-08-06 20:44:00 +08:00
|
|
|
dst_nents = sg_nents_for_len(req->dst, req->cryptlen);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
if (unlikely(dst_nents < 0)) {
|
|
|
|
dev_err(qidev, "Insufficient bytes (%d) in dst S/G\n",
|
2018-08-06 20:44:00 +08:00
|
|
|
req->cryptlen);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
return ERR_PTR(dst_nents);
|
|
|
|
}
|
|
|
|
|
|
|
|
mapped_src_nents = dma_map_sg(qidev, req->src, src_nents,
|
|
|
|
DMA_TO_DEVICE);
|
|
|
|
if (unlikely(!mapped_src_nents)) {
|
|
|
|
dev_err(qidev, "unable to map source\n");
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
|
|
|
mapped_dst_nents = dma_map_sg(qidev, req->dst, dst_nents,
|
|
|
|
DMA_FROM_DEVICE);
|
|
|
|
if (unlikely(!mapped_dst_nents)) {
|
|
|
|
dev_err(qidev, "unable to map destination\n");
|
|
|
|
dma_unmap_sg(qidev, req->src, src_nents, DMA_TO_DEVICE);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
mapped_src_nents = dma_map_sg(qidev, req->src, src_nents,
|
|
|
|
DMA_BIDIRECTIONAL);
|
|
|
|
if (unlikely(!mapped_src_nents)) {
|
|
|
|
dev_err(qidev, "unable to map source\n");
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-03-28 20:39:19 +08:00
|
|
|
qm_sg_ents = 1 + mapped_src_nents;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
dst_sg_idx = qm_sg_ents;
|
|
|
|
|
2019-05-03 22:17:38 +08:00
|
|
|
/*
|
2019-06-10 21:30:59 +08:00
|
|
|
* Input, output HW S/G tables: [IV, src][dst, IV]
|
|
|
|
* IV entries point to the same buffer
|
|
|
|
* If src == dst, S/G entries are reused (S/G tables overlap)
|
|
|
|
*
|
2019-05-03 22:17:38 +08:00
|
|
|
* HW reads 4 S/G entries at a time; make sure the reads don't go beyond
|
2019-06-10 21:30:59 +08:00
|
|
|
* the end of the table by allocating more S/G entries.
|
2019-05-03 22:17:38 +08:00
|
|
|
*/
|
2019-06-10 21:30:59 +08:00
|
|
|
if (req->src != req->dst)
|
|
|
|
qm_sg_ents += pad_sg_nents(mapped_dst_nents + 1);
|
2019-05-03 22:17:38 +08:00
|
|
|
else
|
2019-06-10 21:30:59 +08:00
|
|
|
qm_sg_ents = 1 + pad_sg_nents(qm_sg_ents);
|
2019-05-03 22:17:38 +08:00
|
|
|
|
2018-03-28 20:39:19 +08:00
|
|
|
qm_sg_bytes = qm_sg_ents * sizeof(struct qm_sg_entry);
|
2018-08-06 20:44:00 +08:00
|
|
|
if (unlikely(offsetof(struct skcipher_edesc, sgt) + qm_sg_bytes +
|
2018-03-28 20:39:19 +08:00
|
|
|
ivsize > CAAM_QI_MEMCACHE_SIZE)) {
|
|
|
|
dev_err(qidev, "No space for %d S/G entries and/or %dB IV\n",
|
|
|
|
qm_sg_ents, ivsize);
|
|
|
|
caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
|
2019-06-10 21:30:59 +08:00
|
|
|
0, DMA_NONE, 0, 0);
|
2017-07-10 13:40:31 +08:00
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
2018-03-28 20:39:19 +08:00
|
|
|
/* allocate space for base edesc, link tables and IV */
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
edesc = qi_cache_alloc(GFP_DMA | flags);
|
|
|
|
if (unlikely(!edesc)) {
|
|
|
|
dev_err(qidev, "could not allocate extended descriptor\n");
|
2018-03-28 20:39:19 +08:00
|
|
|
caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
|
2019-06-10 21:30:59 +08:00
|
|
|
0, DMA_NONE, 0, 0);
|
2018-03-28 20:39:19 +08:00
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Make sure IV is located in a DMAable area */
|
|
|
|
sg_table = &edesc->sgt[0];
|
|
|
|
iv = (u8 *)(sg_table + qm_sg_ents);
|
2018-08-06 20:44:00 +08:00
|
|
|
memcpy(iv, req->iv, ivsize);
|
2018-03-28 20:39:19 +08:00
|
|
|
|
2019-06-10 21:30:59 +08:00
|
|
|
iv_dma = dma_map_single(qidev, iv, ivsize, DMA_BIDIRECTIONAL);
|
2018-03-28 20:39:19 +08:00
|
|
|
if (dma_mapping_error(qidev, iv_dma)) {
|
|
|
|
dev_err(qidev, "unable to map IV\n");
|
|
|
|
caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
|
2019-06-10 21:30:59 +08:00
|
|
|
0, DMA_NONE, 0, 0);
|
2018-03-28 20:39:19 +08:00
|
|
|
qi_cache_free(edesc);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
|
|
|
edesc->src_nents = src_nents;
|
|
|
|
edesc->dst_nents = dst_nents;
|
|
|
|
edesc->iv_dma = iv_dma;
|
2018-03-28 20:39:19 +08:00
|
|
|
edesc->qm_sg_bytes = qm_sg_bytes;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
edesc->drv_req.app_ctx = req;
|
2018-08-06 20:44:00 +08:00
|
|
|
edesc->drv_req.cbk = skcipher_done;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
edesc->drv_req.drv_ctx = drv_ctx;
|
|
|
|
|
2018-03-28 20:39:19 +08:00
|
|
|
dma_to_qm_sg_one(sg_table, iv_dma, ivsize, 0);
|
2019-06-10 21:30:59 +08:00
|
|
|
sg_to_qm_sg(req->src, req->cryptlen, sg_table + 1, 0);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2019-06-10 21:30:59 +08:00
|
|
|
if (req->src != req->dst)
|
|
|
|
sg_to_qm_sg(req->dst, req->cryptlen, sg_table + dst_sg_idx, 0);
|
|
|
|
|
|
|
|
dma_to_qm_sg_one(sg_table + dst_sg_idx + mapped_dst_nents, iv_dma,
|
|
|
|
ivsize, 0);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
edesc->qm_sg_dma = dma_map_single(qidev, sg_table, edesc->qm_sg_bytes,
|
|
|
|
DMA_TO_DEVICE);
|
|
|
|
if (dma_mapping_error(qidev, edesc->qm_sg_dma)) {
|
|
|
|
dev_err(qidev, "unable to map S/G table\n");
|
|
|
|
caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
|
2019-06-10 21:30:59 +08:00
|
|
|
iv_dma, ivsize, DMA_BIDIRECTIONAL, 0, 0);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
qi_cache_free(edesc);
|
|
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
}
|
|
|
|
|
|
|
|
fd_sgt = &edesc->drv_req.fd_sgt[0];
|
|
|
|
|
2018-03-28 20:39:19 +08:00
|
|
|
dma_to_qm_sg_one_last_ext(&fd_sgt[1], edesc->qm_sg_dma,
|
2018-08-06 20:44:00 +08:00
|
|
|
ivsize + req->cryptlen, 0);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2019-06-10 21:30:59 +08:00
|
|
|
if (req->src == req->dst)
|
2018-03-28 20:39:19 +08:00
|
|
|
dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma +
|
2019-06-10 21:30:59 +08:00
|
|
|
sizeof(*sg_table), req->cryptlen + ivsize,
|
|
|
|
0);
|
|
|
|
else
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma + dst_sg_idx *
|
2019-06-10 21:30:59 +08:00
|
|
|
sizeof(*sg_table), req->cryptlen + ivsize,
|
|
|
|
0);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
return edesc;
|
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static inline int skcipher_crypt(struct skcipher_request *req, bool encrypt)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
struct skcipher_edesc *edesc;
|
|
|
|
struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
|
|
|
|
struct caam_ctx *ctx = crypto_skcipher_ctx(skcipher);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
int ret;
|
|
|
|
|
2019-07-31 21:08:08 +08:00
|
|
|
if (!req->cryptlen)
|
|
|
|
return 0;
|
|
|
|
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
if (unlikely(caam_congested))
|
|
|
|
return -EAGAIN;
|
|
|
|
|
|
|
|
/* allocate extended descriptor */
|
2018-08-06 20:44:00 +08:00
|
|
|
edesc = skcipher_edesc_alloc(req, encrypt);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
if (IS_ERR(edesc))
|
|
|
|
return PTR_ERR(edesc);
|
|
|
|
|
|
|
|
ret = caam_qi_enqueue(ctx->qidev, &edesc->drv_req);
|
|
|
|
if (!ret) {
|
|
|
|
ret = -EINPROGRESS;
|
|
|
|
} else {
|
2018-08-06 20:44:00 +08:00
|
|
|
skcipher_unmap(ctx->qidev, edesc, req);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
qi_cache_free(edesc);
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static int skcipher_encrypt(struct skcipher_request *req)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
return skcipher_crypt(req, true);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static int skcipher_decrypt(struct skcipher_request *req)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
return skcipher_crypt(req, false);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static struct caam_skcipher_alg driver_algs[] = {
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
.skcipher = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "cbc(aes)",
|
|
|
|
.cra_driver_name = "cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
2019-07-31 21:08:05 +08:00
|
|
|
.setkey = aes_skcipher_setkey,
|
2018-08-06 20:44:00 +08:00
|
|
|
.encrypt = skcipher_encrypt,
|
|
|
|
.decrypt = skcipher_decrypt,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.min_keysize = AES_MIN_KEY_SIZE,
|
|
|
|
.max_keysize = AES_MAX_KEY_SIZE,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
},
|
2018-08-06 20:44:00 +08:00
|
|
|
.caam.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
},
|
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
.skcipher = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "cbc(des3_ede)",
|
|
|
|
.cra_driver_name = "cbc-3des-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_skcipher_setkey,
|
2018-08-06 20:44:00 +08:00
|
|
|
.encrypt = skcipher_encrypt,
|
|
|
|
.decrypt = skcipher_decrypt,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.min_keysize = DES3_EDE_KEY_SIZE,
|
|
|
|
.max_keysize = DES3_EDE_KEY_SIZE,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2018-08-06 20:44:00 +08:00
|
|
|
.caam.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
},
|
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
.skcipher = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "cbc(des)",
|
|
|
|
.cra_driver_name = "cbc-des-caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
2019-07-31 21:08:05 +08:00
|
|
|
.setkey = des_skcipher_setkey,
|
2018-08-06 20:44:00 +08:00
|
|
|
.encrypt = skcipher_encrypt,
|
|
|
|
.decrypt = skcipher_decrypt,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.min_keysize = DES_KEY_SIZE,
|
|
|
|
.max_keysize = DES_KEY_SIZE,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
},
|
2018-08-06 20:44:00 +08:00
|
|
|
.caam.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
},
|
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
.skcipher = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "ctr(aes)",
|
|
|
|
.cra_driver_name = "ctr-aes-caam-qi",
|
|
|
|
.cra_blocksize = 1,
|
|
|
|
},
|
2019-07-31 21:08:05 +08:00
|
|
|
.setkey = ctr_skcipher_setkey,
|
2018-08-06 20:44:00 +08:00
|
|
|
.encrypt = skcipher_encrypt,
|
|
|
|
.decrypt = skcipher_decrypt,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.min_keysize = AES_MIN_KEY_SIZE,
|
|
|
|
.max_keysize = AES_MAX_KEY_SIZE,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
2018-08-06 20:44:00 +08:00
|
|
|
.chunksize = AES_BLOCK_SIZE,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
},
|
2018-08-06 20:44:00 +08:00
|
|
|
.caam.class1_alg_type = OP_ALG_ALGSEL_AES |
|
|
|
|
OP_ALG_AAI_CTR_MOD128,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
},
|
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
.skcipher = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "rfc3686(ctr(aes))",
|
|
|
|
.cra_driver_name = "rfc3686-ctr-aes-caam-qi",
|
|
|
|
.cra_blocksize = 1,
|
|
|
|
},
|
2019-07-31 21:08:05 +08:00
|
|
|
.setkey = rfc3686_skcipher_setkey,
|
2018-08-06 20:44:00 +08:00
|
|
|
.encrypt = skcipher_encrypt,
|
|
|
|
.decrypt = skcipher_decrypt,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.min_keysize = AES_MIN_KEY_SIZE +
|
|
|
|
CTR_RFC3686_NONCE_SIZE,
|
|
|
|
.max_keysize = AES_MAX_KEY_SIZE +
|
|
|
|
CTR_RFC3686_NONCE_SIZE,
|
|
|
|
.ivsize = CTR_RFC3686_IV_SIZE,
|
2018-08-06 20:44:00 +08:00
|
|
|
.chunksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES |
|
|
|
|
OP_ALG_AAI_CTR_MOD128,
|
|
|
|
.rfc3686 = true,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
.skcipher = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "xts(aes)",
|
|
|
|
.cra_driver_name = "xts-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = xts_skcipher_setkey,
|
|
|
|
.encrypt = skcipher_encrypt,
|
|
|
|
.decrypt = skcipher_decrypt,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.min_keysize = 2 * AES_MIN_KEY_SIZE,
|
|
|
|
.max_keysize = 2 * AES_MAX_KEY_SIZE,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
},
|
2018-08-06 20:44:00 +08:00
|
|
|
.caam.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_XTS,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
},
|
|
|
|
};
|
|
|
|
|
|
|
|
static struct caam_aead_alg driver_aeads[] = {
|
2018-01-29 16:38:37 +08:00
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "rfc4106(gcm(aes))",
|
|
|
|
.cra_driver_name = "rfc4106-gcm-aes-caam-qi",
|
|
|
|
.cra_blocksize = 1,
|
|
|
|
},
|
|
|
|
.setkey = rfc4106_setkey,
|
|
|
|
.setauthsize = rfc4106_setauthsize,
|
|
|
|
.encrypt = ipsec_gcm_encrypt,
|
|
|
|
.decrypt = ipsec_gcm_decrypt,
|
|
|
|
.ivsize = 8,
|
|
|
|
.maxauthsize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_GCM,
|
2019-05-06 14:39:44 +08:00
|
|
|
.nodkp = true,
|
2018-01-29 16:38:37 +08:00
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "rfc4543(gcm(aes))",
|
|
|
|
.cra_driver_name = "rfc4543-gcm-aes-caam-qi",
|
|
|
|
.cra_blocksize = 1,
|
|
|
|
},
|
|
|
|
.setkey = rfc4543_setkey,
|
|
|
|
.setauthsize = rfc4543_setauthsize,
|
|
|
|
.encrypt = ipsec_gcm_encrypt,
|
|
|
|
.decrypt = ipsec_gcm_decrypt,
|
|
|
|
.ivsize = 8,
|
|
|
|
.maxauthsize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_GCM,
|
2019-05-06 14:39:44 +08:00
|
|
|
.nodkp = true,
|
2018-01-29 16:38:37 +08:00
|
|
|
},
|
|
|
|
},
|
|
|
|
/* Galois Counter Mode */
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "gcm(aes)",
|
|
|
|
.cra_driver_name = "gcm-aes-caam-qi",
|
|
|
|
.cra_blocksize = 1,
|
|
|
|
},
|
|
|
|
.setkey = gcm_setkey,
|
|
|
|
.setauthsize = gcm_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = 12,
|
|
|
|
.maxauthsize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_GCM,
|
2019-05-06 14:39:44 +08:00
|
|
|
.nodkp = true,
|
2018-01-29 16:38:37 +08:00
|
|
|
}
|
|
|
|
},
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
/* single-pass ipsec_esp descriptor */
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(md5),cbc(aes))",
|
|
|
|
.cra_driver_name = "authenc-hmac-md5-"
|
|
|
|
"cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = MD5_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_MD5 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(md5),"
|
|
|
|
"cbc(aes)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-hmac-md5-"
|
|
|
|
"cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = MD5_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_MD5 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha1),cbc(aes))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha1-"
|
|
|
|
"cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA1_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA1 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha1),"
|
|
|
|
"cbc(aes)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha1-cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA1_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA1 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha224),cbc(aes))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha224-"
|
|
|
|
"cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA224_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA224 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha224),"
|
|
|
|
"cbc(aes)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha224-cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA224_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA224 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha256),cbc(aes))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha256-"
|
|
|
|
"cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA256_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA256 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha256),"
|
|
|
|
"cbc(aes)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha256-cbc-aes-"
|
|
|
|
"caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA256_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA256 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha384),cbc(aes))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha384-"
|
|
|
|
"cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA384_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA384 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha384),"
|
|
|
|
"cbc(aes)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha384-cbc-aes-"
|
|
|
|
"caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA384_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA384 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha512),cbc(aes))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha512-"
|
|
|
|
"cbc-aes-caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA512_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA512 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha512),"
|
|
|
|
"cbc(aes)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha512-cbc-aes-"
|
|
|
|
"caam-qi",
|
|
|
|
.cra_blocksize = AES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = AES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA512_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA512 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(md5),cbc(des3_ede))",
|
|
|
|
.cra_driver_name = "authenc-hmac-md5-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = MD5_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_MD5 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(md5),"
|
|
|
|
"cbc(des3_ede)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-hmac-md5-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = MD5_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_MD5 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha1),"
|
|
|
|
"cbc(des3_ede))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha1-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA1_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA1 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha1),"
|
|
|
|
"cbc(des3_ede)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha1-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA1_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA1 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha224),"
|
|
|
|
"cbc(des3_ede))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha224-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA224_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA224 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha224),"
|
|
|
|
"cbc(des3_ede)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha224-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA224_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA224 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha256),"
|
|
|
|
"cbc(des3_ede))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha256-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA256_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA256 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha256),"
|
|
|
|
"cbc(des3_ede)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha256-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA256_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA256 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha384),"
|
|
|
|
"cbc(des3_ede))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha384-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA384_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA384 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha384),"
|
|
|
|
"cbc(des3_ede)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha384-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA384_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA384 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha512),"
|
|
|
|
"cbc(des3_ede))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha512-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA512_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA512 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha512),"
|
|
|
|
"cbc(des3_ede)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha512-"
|
|
|
|
"cbc-des3_ede-caam-qi",
|
|
|
|
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
},
|
2019-04-11 16:51:02 +08:00
|
|
|
.setkey = des3_aead_setkey,
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES3_EDE_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA512_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA512 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(md5),cbc(des))",
|
|
|
|
.cra_driver_name = "authenc-hmac-md5-"
|
|
|
|
"cbc-des-caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = MD5_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_MD5 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(md5),"
|
|
|
|
"cbc(des)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-hmac-md5-"
|
|
|
|
"cbc-des-caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = MD5_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_MD5 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha1),cbc(des))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha1-"
|
|
|
|
"cbc-des-caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA1_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA1 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha1),"
|
|
|
|
"cbc(des)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha1-cbc-des-caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA1_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA1 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha224),cbc(des))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha224-"
|
|
|
|
"cbc-des-caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA224_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA224 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha224),"
|
|
|
|
"cbc(des)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha224-cbc-des-"
|
|
|
|
"caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA224_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA224 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha256),cbc(des))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha256-"
|
|
|
|
"cbc-des-caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA256_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA256 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha256),"
|
|
|
|
"cbc(des)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
2017-07-10 13:40:27 +08:00
|
|
|
"hmac-sha256-cbc-des-"
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
"caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA256_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA256 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha384),cbc(des))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha384-"
|
|
|
|
"cbc-des-caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA384_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA384 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha384),"
|
|
|
|
"cbc(des)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha384-cbc-des-"
|
|
|
|
"caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA384_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA384 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "authenc(hmac(sha512),cbc(des))",
|
|
|
|
.cra_driver_name = "authenc-hmac-sha512-"
|
|
|
|
"cbc-des-caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA512_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA512 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
.aead = {
|
|
|
|
.base = {
|
|
|
|
.cra_name = "echainiv(authenc(hmac(sha512),"
|
|
|
|
"cbc(des)))",
|
|
|
|
.cra_driver_name = "echainiv-authenc-"
|
|
|
|
"hmac-sha512-cbc-des-"
|
|
|
|
"caam-qi",
|
|
|
|
.cra_blocksize = DES_BLOCK_SIZE,
|
|
|
|
},
|
|
|
|
.setkey = aead_setkey,
|
|
|
|
.setauthsize = aead_setauthsize,
|
|
|
|
.encrypt = aead_encrypt,
|
|
|
|
.decrypt = aead_decrypt,
|
|
|
|
.ivsize = DES_BLOCK_SIZE,
|
|
|
|
.maxauthsize = SHA512_DIGEST_SIZE,
|
|
|
|
},
|
|
|
|
.caam = {
|
|
|
|
.class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
|
|
|
|
.class2_alg_type = OP_ALG_ALGSEL_SHA512 |
|
|
|
|
OP_ALG_AAI_HMAC_PRECOMP,
|
|
|
|
.geniv = true,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
};
|
|
|
|
|
2017-12-19 18:16:07 +08:00
|
|
|
static int caam_init_common(struct caam_ctx *ctx, struct caam_alg_entry *caam,
|
|
|
|
bool uses_dkp)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
|
|
|
struct caam_drv_private *priv;
|
2019-05-03 22:17:42 +08:00
|
|
|
struct device *dev;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* distribute tfms across job rings to ensure in-order
|
|
|
|
* crypto request processing per tfm
|
|
|
|
*/
|
|
|
|
ctx->jrdev = caam_jr_alloc();
|
|
|
|
if (IS_ERR(ctx->jrdev)) {
|
|
|
|
pr_err("Job Ring Device allocation for transform failed\n");
|
|
|
|
return PTR_ERR(ctx->jrdev);
|
|
|
|
}
|
|
|
|
|
2019-05-03 22:17:42 +08:00
|
|
|
dev = ctx->jrdev->parent;
|
|
|
|
priv = dev_get_drvdata(dev);
|
2017-12-19 18:16:07 +08:00
|
|
|
if (priv->era >= 6 && uses_dkp)
|
|
|
|
ctx->dir = DMA_BIDIRECTIONAL;
|
|
|
|
else
|
|
|
|
ctx->dir = DMA_TO_DEVICE;
|
|
|
|
|
2019-05-03 22:17:42 +08:00
|
|
|
ctx->key_dma = dma_map_single(dev, ctx->key, sizeof(ctx->key),
|
2017-12-19 18:16:07 +08:00
|
|
|
ctx->dir);
|
2019-05-03 22:17:42 +08:00
|
|
|
if (dma_mapping_error(dev, ctx->key_dma)) {
|
|
|
|
dev_err(dev, "unable to map key\n");
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
caam_jr_free(ctx->jrdev);
|
|
|
|
return -ENOMEM;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* copy descriptor header template value */
|
|
|
|
ctx->cdata.algtype = OP_TYPE_CLASS1_ALG | caam->class1_alg_type;
|
|
|
|
ctx->adata.algtype = OP_TYPE_CLASS2_ALG | caam->class2_alg_type;
|
|
|
|
|
2019-05-03 22:17:42 +08:00
|
|
|
ctx->qidev = dev;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
spin_lock_init(&ctx->lock);
|
|
|
|
ctx->drv_ctx[ENCRYPT] = NULL;
|
|
|
|
ctx->drv_ctx[DECRYPT] = NULL;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static int caam_cra_init(struct crypto_skcipher *tfm)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
struct skcipher_alg *alg = crypto_skcipher_alg(tfm);
|
|
|
|
struct caam_skcipher_alg *caam_alg =
|
|
|
|
container_of(alg, typeof(*caam_alg), skcipher);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
return caam_init_common(crypto_skcipher_ctx(tfm), &caam_alg->caam,
|
|
|
|
false);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static int caam_aead_init(struct crypto_aead *tfm)
|
|
|
|
{
|
|
|
|
struct aead_alg *alg = crypto_aead_alg(tfm);
|
|
|
|
struct caam_aead_alg *caam_alg = container_of(alg, typeof(*caam_alg),
|
|
|
|
aead);
|
|
|
|
struct caam_ctx *ctx = crypto_aead_ctx(tfm);
|
|
|
|
|
2019-05-06 14:39:44 +08:00
|
|
|
return caam_init_common(ctx, &caam_alg->caam, !caam_alg->caam.nodkp);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void caam_exit_common(struct caam_ctx *ctx)
|
|
|
|
{
|
|
|
|
caam_drv_ctx_rel(ctx->drv_ctx[ENCRYPT]);
|
|
|
|
caam_drv_ctx_rel(ctx->drv_ctx[DECRYPT]);
|
|
|
|
|
2019-05-03 22:17:42 +08:00
|
|
|
dma_unmap_single(ctx->jrdev->parent, ctx->key_dma, sizeof(ctx->key),
|
|
|
|
ctx->dir);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
caam_jr_free(ctx->jrdev);
|
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static void caam_cra_exit(struct crypto_skcipher *tfm)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
caam_exit_common(crypto_skcipher_ctx(tfm));
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void caam_aead_exit(struct crypto_aead *tfm)
|
|
|
|
{
|
|
|
|
caam_exit_common(crypto_aead_ctx(tfm));
|
|
|
|
}
|
|
|
|
|
2019-05-03 22:17:39 +08:00
|
|
|
void caam_qi_algapi_exit(void)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < ARRAY_SIZE(driver_aeads); i++) {
|
|
|
|
struct caam_aead_alg *t_alg = driver_aeads + i;
|
|
|
|
|
|
|
|
if (t_alg->registered)
|
|
|
|
crypto_unregister_aead(&t_alg->aead);
|
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {
|
|
|
|
struct caam_skcipher_alg *t_alg = driver_algs + i;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
if (t_alg->registered)
|
|
|
|
crypto_unregister_skcipher(&t_alg->skcipher);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
static void caam_skcipher_alg_init(struct caam_skcipher_alg *t_alg)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2018-08-06 20:44:00 +08:00
|
|
|
struct skcipher_alg *alg = &t_alg->skcipher;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
alg->base.cra_module = THIS_MODULE;
|
|
|
|
alg->base.cra_priority = CAAM_CRA_PRIORITY;
|
|
|
|
alg->base.cra_ctxsize = sizeof(struct caam_ctx);
|
2020-07-10 14:20:41 +08:00
|
|
|
alg->base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY |
|
|
|
|
CRYPTO_ALG_KERN_DRIVER_ONLY;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
alg->init = caam_cra_init;
|
|
|
|
alg->exit = caam_cra_exit;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void caam_aead_alg_init(struct caam_aead_alg *t_alg)
|
|
|
|
{
|
|
|
|
struct aead_alg *alg = &t_alg->aead;
|
|
|
|
|
|
|
|
alg->base.cra_module = THIS_MODULE;
|
|
|
|
alg->base.cra_priority = CAAM_CRA_PRIORITY;
|
|
|
|
alg->base.cra_ctxsize = sizeof(struct caam_ctx);
|
2020-07-10 14:20:41 +08:00
|
|
|
alg->base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_ALLOCATES_MEMORY |
|
|
|
|
CRYPTO_ALG_KERN_DRIVER_ONLY;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
alg->init = caam_aead_init;
|
|
|
|
alg->exit = caam_aead_exit;
|
|
|
|
}
|
|
|
|
|
2019-05-03 22:17:39 +08:00
|
|
|
int caam_qi_algapi_init(struct device *ctrldev)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
{
|
2019-05-03 22:17:39 +08:00
|
|
|
struct caam_drv_private *priv = dev_get_drvdata(ctrldev);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
int i = 0, err = 0;
|
2018-11-08 21:36:27 +08:00
|
|
|
u32 aes_vid, aes_inst, des_inst, md_vid, md_inst;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
unsigned int md_limit = SHA512_DIGEST_SIZE;
|
|
|
|
bool registered = false;
|
|
|
|
|
2019-08-05 20:49:55 +08:00
|
|
|
/* Make sure this runs only on (DPAA 1.x) QI */
|
|
|
|
if (!priv->qi_present || caam_dpaa2)
|
|
|
|
return 0;
|
2017-10-24 14:27:31 +08:00
|
|
|
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
/*
|
|
|
|
* Register crypto algorithms the device supports.
|
|
|
|
* First, detect presence and attributes of DES, AES, and MD blocks.
|
|
|
|
*/
|
2018-11-08 21:36:27 +08:00
|
|
|
if (priv->era < 10) {
|
|
|
|
u32 cha_vid, cha_inst;
|
|
|
|
|
|
|
|
cha_vid = rd_reg32(&priv->ctrl->perfmon.cha_id_ls);
|
|
|
|
aes_vid = cha_vid & CHA_ID_LS_AES_MASK;
|
|
|
|
md_vid = (cha_vid & CHA_ID_LS_MD_MASK) >> CHA_ID_LS_MD_SHIFT;
|
|
|
|
|
|
|
|
cha_inst = rd_reg32(&priv->ctrl->perfmon.cha_num_ls);
|
|
|
|
des_inst = (cha_inst & CHA_ID_LS_DES_MASK) >>
|
|
|
|
CHA_ID_LS_DES_SHIFT;
|
|
|
|
aes_inst = cha_inst & CHA_ID_LS_AES_MASK;
|
|
|
|
md_inst = (cha_inst & CHA_ID_LS_MD_MASK) >> CHA_ID_LS_MD_SHIFT;
|
|
|
|
} else {
|
|
|
|
u32 aesa, mdha;
|
|
|
|
|
|
|
|
aesa = rd_reg32(&priv->ctrl->vreg.aesa);
|
|
|
|
mdha = rd_reg32(&priv->ctrl->vreg.mdha);
|
|
|
|
|
|
|
|
aes_vid = (aesa & CHA_VER_VID_MASK) >> CHA_VER_VID_SHIFT;
|
|
|
|
md_vid = (mdha & CHA_VER_VID_MASK) >> CHA_VER_VID_SHIFT;
|
|
|
|
|
|
|
|
des_inst = rd_reg32(&priv->ctrl->vreg.desa) & CHA_VER_NUM_MASK;
|
|
|
|
aes_inst = aesa & CHA_VER_NUM_MASK;
|
|
|
|
md_inst = mdha & CHA_VER_NUM_MASK;
|
|
|
|
}
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
/* If MD is present, limit digest size based on LP256 */
|
2018-11-08 21:36:27 +08:00
|
|
|
if (md_inst && md_vid == CHA_VER_VID_MD_LP256)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
md_limit = SHA256_DIGEST_SIZE;
|
|
|
|
|
|
|
|
for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {
|
2018-08-06 20:44:00 +08:00
|
|
|
struct caam_skcipher_alg *t_alg = driver_algs + i;
|
|
|
|
u32 alg_sel = t_alg->caam.class1_alg_type & OP_ALG_ALGSEL_MASK;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
/* Skip DES algorithms if not supported by device */
|
|
|
|
if (!des_inst &&
|
|
|
|
((alg_sel == OP_ALG_ALGSEL_3DES) ||
|
|
|
|
(alg_sel == OP_ALG_ALGSEL_DES)))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* Skip AES algorithms if not supported by device */
|
|
|
|
if (!aes_inst && (alg_sel == OP_ALG_ALGSEL_AES))
|
|
|
|
continue;
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
caam_skcipher_alg_init(t_alg);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
err = crypto_register_skcipher(&t_alg->skcipher);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
if (err) {
|
2019-05-03 22:17:40 +08:00
|
|
|
dev_warn(ctrldev, "%s alg registration failed\n",
|
2018-08-06 20:44:00 +08:00
|
|
|
t_alg->skcipher.base.cra_driver_name);
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2018-08-06 20:44:00 +08:00
|
|
|
t_alg->registered = true;
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
registered = true;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (i = 0; i < ARRAY_SIZE(driver_aeads); i++) {
|
|
|
|
struct caam_aead_alg *t_alg = driver_aeads + i;
|
|
|
|
u32 c1_alg_sel = t_alg->caam.class1_alg_type &
|
|
|
|
OP_ALG_ALGSEL_MASK;
|
|
|
|
u32 c2_alg_sel = t_alg->caam.class2_alg_type &
|
|
|
|
OP_ALG_ALGSEL_MASK;
|
|
|
|
u32 alg_aai = t_alg->caam.class1_alg_type & OP_ALG_AAI_MASK;
|
|
|
|
|
|
|
|
/* Skip DES algorithms if not supported by device */
|
|
|
|
if (!des_inst &&
|
|
|
|
((c1_alg_sel == OP_ALG_ALGSEL_3DES) ||
|
|
|
|
(c1_alg_sel == OP_ALG_ALGSEL_DES)))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* Skip AES algorithms if not supported by device */
|
|
|
|
if (!aes_inst && (c1_alg_sel == OP_ALG_ALGSEL_AES))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Check support for AES algorithms not available
|
|
|
|
* on LP devices.
|
|
|
|
*/
|
2018-11-08 21:36:27 +08:00
|
|
|
if (aes_vid == CHA_VER_VID_AES_LP && alg_aai == OP_ALG_AAI_GCM)
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
continue;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Skip algorithms requiring message digests
|
|
|
|
* if MD or MD size is not supported by device.
|
|
|
|
*/
|
|
|
|
if (c2_alg_sel &&
|
|
|
|
(!md_inst || (t_alg->aead.maxauthsize > md_limit)))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
caam_aead_alg_init(t_alg);
|
|
|
|
|
|
|
|
err = crypto_register_aead(&t_alg->aead);
|
|
|
|
if (err) {
|
|
|
|
pr_warn("%s alg registration failed\n",
|
|
|
|
t_alg->aead.base.cra_driver_name);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
t_alg->registered = true;
|
|
|
|
registered = true;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (registered)
|
2019-05-03 22:17:40 +08:00
|
|
|
dev_info(ctrldev, "algorithms registered in /proc/crypto\n");
|
crypto: caam/qi - add ablkcipher and authenc algorithms
Add support to submit ablkcipher and authenc algorithms
via the QI backend:
-ablkcipher:
cbc({aes,des,des3_ede})
ctr(aes), rfc3686(ctr(aes))
xts(aes)
-authenc:
authenc(hmac(md5),cbc({aes,des,des3_ede}))
authenc(hmac(sha*),cbc({aes,des,des3_ede}))
caam/qi being a new driver, let's wait some time to settle down without
interfering with existing caam/jr driver.
Accordingly, for now all caam/qi algorithms (caamalg_qi module) are
marked to be of lower priority than caam/jr ones (caamalg module).
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-03-17 18:06:02 +08:00
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|