271-crypto-add-ss.patch 40 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493
  1. --- a/drivers/crypto/Kconfig
  2. +++ b/drivers/crypto/Kconfig
  3. @@ -437,4 +437,21 @@ config CRYPTO_DEV_QCE
  4. hardware. To compile this driver as a module, choose M here. The
  5. module will be called qcrypto.
  6. +config CRYPTO_DEV_SUNXI_SS
  7. + tristate "Support for Allwinner Security System cryptographic accelerator"
  8. + depends on ARCH_SUNXI
  9. + select CRYPTO_MD5
  10. + select CRYPTO_SHA1
  11. + select CRYPTO_AES
  12. + select CRYPTO_DES
  13. + select CRYPTO_BLKCIPHER
  14. + help
  15. + Some Allwinner SoC have a crypto accelerator named
  16. + Security System. Select this if you want to use it.
  17. + The Security System handle AES/DES/3DES ciphers in CBC mode
  18. + and SHA1 and MD5 hash algorithms.
  19. +
  20. + To compile this driver as a module, choose M here: the module
  21. + will be called sunxi-ss.
  22. +
  23. endif # CRYPTO_HW
  24. --- a/drivers/crypto/Makefile
  25. +++ b/drivers/crypto/Makefile
  26. @@ -25,3 +25,4 @@ obj-$(CONFIG_CRYPTO_DEV_TALITOS) += tali
  27. obj-$(CONFIG_CRYPTO_DEV_UX500) += ux500/
  28. obj-$(CONFIG_CRYPTO_DEV_QAT) += qat/
  29. obj-$(CONFIG_CRYPTO_DEV_QCE) += qce/
  30. +obj-$(CONFIG_CRYPTO_DEV_SUNXI_SS) += sunxi-ss/
  31. --- /dev/null
  32. +++ b/drivers/crypto/sunxi-ss/Makefile
  33. @@ -0,0 +1,2 @@
  34. +obj-$(CONFIG_CRYPTO_DEV_SUNXI_SS) += sunxi-ss.o
  35. +sunxi-ss-y += sunxi-ss-core.o sunxi-ss-hash.o sunxi-ss-cipher.o
  36. --- /dev/null
  37. +++ b/drivers/crypto/sunxi-ss/sunxi-ss-cipher.c
  38. @@ -0,0 +1,489 @@
  39. +/*
  40. + * sunxi-ss-cipher.c - hardware cryptographic accelerator for Allwinner A20 SoC
  41. + *
  42. + * Copyright (C) 2013-2014 Corentin LABBE <clabbe.montjoie@gmail.com>
  43. + *
  44. + * This file add support for AES cipher with 128,192,256 bits
  45. + * keysize in CBC mode.
  46. + * Add support also for DES and 3DES in CBC mode.
  47. + *
  48. + * You could find the datasheet in Documentation/arm/sunxi/README
  49. + *
  50. + * This program is free software; you can redistribute it and/or modify
  51. + * it under the terms of the GNU General Public License as published by
  52. + * the Free Software Foundation; either version 2 of the License, or
  53. + * (at your option) any later version.
  54. + */
  55. +#include "sunxi-ss.h"
  56. +
  57. +extern struct sunxi_ss_ctx *ss;
  58. +
  59. +static int sunxi_ss_cipher(struct ablkcipher_request *areq, u32 mode)
  60. +{
  61. + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
  62. + struct sunxi_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
  63. + const char *cipher_type;
  64. +
  65. + if (areq->nbytes == 0)
  66. + return 0;
  67. +
  68. + if (areq->info == NULL) {
  69. + dev_err(ss->dev, "ERROR: Empty IV\n");
  70. + return -EINVAL;
  71. + }
  72. +
  73. + if (areq->src == NULL || areq->dst == NULL) {
  74. + dev_err(ss->dev, "ERROR: Some SGs are NULL\n");
  75. + return -EINVAL;
  76. + }
  77. +
  78. + cipher_type = crypto_tfm_alg_name(crypto_ablkcipher_tfm(tfm));
  79. +
  80. + if (strcmp("cbc(aes)", cipher_type) == 0) {
  81. + mode |= SS_OP_AES | SS_CBC | SS_ENABLED | op->keymode;
  82. + return sunxi_ss_aes_poll(areq, mode);
  83. + }
  84. +
  85. + if (strcmp("cbc(des)", cipher_type) == 0) {
  86. + mode |= SS_OP_DES | SS_CBC | SS_ENABLED | op->keymode;
  87. + return sunxi_ss_des_poll(areq, mode);
  88. + }
  89. +
  90. + if (strcmp("cbc(des3_ede)", cipher_type) == 0) {
  91. + mode |= SS_OP_3DES | SS_CBC | SS_ENABLED | op->keymode;
  92. + return sunxi_ss_des_poll(areq, mode);
  93. + }
  94. +
  95. + dev_err(ss->dev, "ERROR: Cipher %s not handled\n", cipher_type);
  96. + return -EINVAL;
  97. +}
  98. +
  99. +int sunxi_ss_cipher_encrypt(struct ablkcipher_request *areq)
  100. +{
  101. + return sunxi_ss_cipher(areq, SS_ENCRYPTION);
  102. +}
  103. +
  104. +int sunxi_ss_cipher_decrypt(struct ablkcipher_request *areq)
  105. +{
  106. + return sunxi_ss_cipher(areq, SS_DECRYPTION);
  107. +}
  108. +
  109. +int sunxi_ss_cipher_init(struct crypto_tfm *tfm)
  110. +{
  111. + struct sunxi_tfm_ctx *op = crypto_tfm_ctx(tfm);
  112. +
  113. + memset(op, 0, sizeof(struct sunxi_tfm_ctx));
  114. + return 0;
  115. +}
  116. +
  117. +/*
  118. + * Optimized function for the case where we have only one SG,
  119. + * so we can use kmap_atomic
  120. + */
  121. +static int sunxi_ss_aes_poll_atomic(struct ablkcipher_request *areq)
  122. +{
  123. + u32 spaces;
  124. + struct scatterlist *in_sg = areq->src;
  125. + struct scatterlist *out_sg = areq->dst;
  126. + void *src_addr;
  127. + void *dst_addr;
  128. + unsigned int ileft = areq->nbytes;
  129. + unsigned int oleft = areq->nbytes;
  130. + unsigned int todo;
  131. + u32 *src32;
  132. + u32 *dst32;
  133. + u32 rx_cnt = 32;
  134. + u32 tx_cnt = 0;
  135. + int i;
  136. +
  137. + src_addr = kmap_atomic(sg_page(in_sg)) + in_sg->offset;
  138. + if (src_addr == NULL) {
  139. + dev_err(ss->dev, "kmap_atomic error for src SG\n");
  140. + writel(0, ss->base + SS_CTL);
  141. + mutex_unlock(&ss->lock);
  142. + return -EINVAL;
  143. + }
  144. +
  145. + dst_addr = kmap_atomic(sg_page(out_sg)) + out_sg->offset;
  146. + if (dst_addr == NULL) {
  147. + dev_err(ss->dev, "kmap_atomic error for dst SG\n");
  148. + writel(0, ss->base + SS_CTL);
  149. + kunmap_atomic(src_addr);
  150. + mutex_unlock(&ss->lock);
  151. + return -EINVAL;
  152. + }
  153. +
  154. + src32 = (u32 *)src_addr;
  155. + dst32 = (u32 *)dst_addr;
  156. + ileft = areq->nbytes / 4;
  157. + oleft = areq->nbytes / 4;
  158. + i = 0;
  159. + do {
  160. + if (ileft > 0 && rx_cnt > 0) {
  161. + todo = min(rx_cnt, ileft);
  162. + ileft -= todo;
  163. + do {
  164. + writel_relaxed(*src32++,
  165. + ss->base +
  166. + SS_RXFIFO);
  167. + todo--;
  168. + } while (todo > 0);
  169. + }
  170. + if (tx_cnt > 0) {
  171. + todo = min(tx_cnt, oleft);
  172. + oleft -= todo;
  173. + do {
  174. + *dst32++ = readl_relaxed(ss->base +
  175. + SS_TXFIFO);
  176. + todo--;
  177. + } while (todo > 0);
  178. + }
  179. + spaces = readl_relaxed(ss->base + SS_FCSR);
  180. + rx_cnt = SS_RXFIFO_SPACES(spaces);
  181. + tx_cnt = SS_TXFIFO_SPACES(spaces);
  182. + } while (oleft > 0);
  183. + writel(0, ss->base + SS_CTL);
  184. + kunmap_atomic(src_addr);
  185. + kunmap_atomic(dst_addr);
  186. + mutex_unlock(&ss->lock);
  187. + return 0;
  188. +}
  189. +
  190. +int sunxi_ss_aes_poll(struct ablkcipher_request *areq, u32 mode)
  191. +{
  192. + u32 spaces;
  193. + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
  194. + struct sunxi_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
  195. + unsigned int ivsize = crypto_ablkcipher_ivsize(tfm);
  196. + /* when activating SS, the default FIFO space is 32 */
  197. + u32 rx_cnt = 32;
  198. + u32 tx_cnt = 0;
  199. + u32 v;
  200. + int i;
  201. + struct scatterlist *in_sg = areq->src;
  202. + struct scatterlist *out_sg = areq->dst;
  203. + void *src_addr;
  204. + void *dst_addr;
  205. + unsigned int ileft = areq->nbytes;
  206. + unsigned int oleft = areq->nbytes;
  207. + unsigned int sgileft = areq->src->length;
  208. + unsigned int sgoleft = areq->dst->length;
  209. + unsigned int todo;
  210. + u32 *src32;
  211. + u32 *dst32;
  212. +
  213. + mutex_lock(&ss->lock);
  214. +
  215. + for (i = 0; i < op->keylen; i += 4)
  216. + writel(*(op->key + i/4), ss->base + SS_KEY0 + i);
  217. +
  218. + if (areq->info != NULL) {
  219. + for (i = 0; i < 4 && i < ivsize / 4; i++) {
  220. + v = *(u32 *)(areq->info + i * 4);
  221. + writel(v, ss->base + SS_IV0 + i * 4);
  222. + }
  223. + }
  224. + writel(mode, ss->base + SS_CTL);
  225. +
  226. + /* If we have only one SG, we can use kmap_atomic */
  227. + if (sg_next(in_sg) == NULL && sg_next(out_sg) == NULL)
  228. + return sunxi_ss_aes_poll_atomic(areq);
  229. +
  230. + /*
  231. + * If we have more than one SG, we cannot use kmap_atomic since
  232. + * we hold the mapping too long
  233. + */
  234. + src_addr = kmap(sg_page(in_sg)) + in_sg->offset;
  235. + if (src_addr == NULL) {
  236. + dev_err(ss->dev, "KMAP error for src SG\n");
  237. + mutex_unlock(&ss->lock);
  238. + return -EINVAL;
  239. + }
  240. + dst_addr = kmap(sg_page(out_sg)) + out_sg->offset;
  241. + if (dst_addr == NULL) {
  242. + kunmap(sg_page(in_sg));
  243. + dev_err(ss->dev, "KMAP error for dst SG\n");
  244. + mutex_unlock(&ss->lock);
  245. + return -EINVAL;
  246. + }
  247. + src32 = (u32 *)src_addr;
  248. + dst32 = (u32 *)dst_addr;
  249. + ileft = areq->nbytes / 4;
  250. + oleft = areq->nbytes / 4;
  251. + sgileft = in_sg->length / 4;
  252. + sgoleft = out_sg->length / 4;
  253. + do {
  254. + spaces = readl_relaxed(ss->base + SS_FCSR);
  255. + rx_cnt = SS_RXFIFO_SPACES(spaces);
  256. + tx_cnt = SS_TXFIFO_SPACES(spaces);
  257. + todo = min3(rx_cnt, ileft, sgileft);
  258. + if (todo > 0) {
  259. + ileft -= todo;
  260. + sgileft -= todo;
  261. + }
  262. + while (todo > 0) {
  263. + writel_relaxed(*src32++, ss->base + SS_RXFIFO);
  264. + todo--;
  265. + }
  266. + if (in_sg != NULL && sgileft == 0 && ileft > 0) {
  267. + kunmap(sg_page(in_sg));
  268. + in_sg = sg_next(in_sg);
  269. + while (in_sg != NULL && in_sg->length == 0)
  270. + in_sg = sg_next(in_sg);
  271. + if (in_sg != NULL && ileft > 0) {
  272. + src_addr = kmap(sg_page(in_sg)) + in_sg->offset;
  273. + if (src_addr == NULL) {
  274. + dev_err(ss->dev, "ERROR: KMAP for src SG\n");
  275. + mutex_unlock(&ss->lock);
  276. + return -EINVAL;
  277. + }
  278. + src32 = src_addr;
  279. + sgileft = in_sg->length / 4;
  280. + }
  281. + }
  282. + /* do not test oleft since when oleft == 0 we have finished */
  283. + todo = min3(tx_cnt, oleft, sgoleft);
  284. + if (todo > 0) {
  285. + oleft -= todo;
  286. + sgoleft -= todo;
  287. + }
  288. + while (todo > 0) {
  289. + *dst32++ = readl_relaxed(ss->base + SS_TXFIFO);
  290. + todo--;
  291. + }
  292. + if (out_sg != NULL && sgoleft == 0 && oleft >= 0) {
  293. + kunmap(sg_page(out_sg));
  294. + out_sg = sg_next(out_sg);
  295. + while (out_sg != NULL && out_sg->length == 0)
  296. + out_sg = sg_next(out_sg);
  297. + if (out_sg != NULL && oleft > 0) {
  298. + dst_addr = kmap(sg_page(out_sg)) +
  299. + out_sg->offset;
  300. + if (dst_addr == NULL) {
  301. + dev_err(ss->dev, "KMAP error\n");
  302. + mutex_unlock(&ss->lock);
  303. + return -EINVAL;
  304. + }
  305. + dst32 = dst_addr;
  306. + sgoleft = out_sg->length / 4;
  307. + }
  308. + }
  309. + } while (oleft > 0);
  310. +
  311. + writel_relaxed(0, ss->base + SS_CTL);
  312. + mutex_unlock(&ss->lock);
  313. + return 0;
  314. +}
  315. +
  316. +/*
  317. + * Pure CPU way of doing DES/3DES with SS
  318. + * Since DES and 3DES SGs could be smaller than 4 bytes, I use sg_copy_to_buffer
  319. + * for "linearize" them.
  320. + * The problem with that is that I alloc (2 x areq->nbytes) for buf_in/buf_out
  321. + * TODO: change this system, I need to support other mode than CBC where len
  322. + * is not a multiple of 4 and the hack of linearize use too much memory
  323. + * SGsrc -> buf_in -> SS -> buf_out -> SGdst
  324. + */
  325. +int sunxi_ss_des_poll(struct ablkcipher_request *areq, u32 mode)
  326. +{
  327. + u32 value, spaces;
  328. + size_t nb_in_sg_tx, nb_in_sg_rx;
  329. + size_t ir, it;
  330. + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(areq);
  331. + struct sunxi_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
  332. + unsigned int ivsize = crypto_ablkcipher_ivsize(tfm);
  333. + u32 tx_cnt = 0;
  334. + u32 rx_cnt = 0;
  335. + u32 v;
  336. + int i;
  337. + int no_chunk = 1;
  338. + struct scatterlist *in_sg = areq->src;
  339. + struct scatterlist *out_sg = areq->dst;
  340. +
  341. + /*
  342. + * if we have only SGs with size multiple of 4,
  343. + * we can use the SS AES function
  344. + */
  345. + while (in_sg != NULL && no_chunk == 1) {
  346. + if ((in_sg->length % 4) != 0)
  347. + no_chunk = 0;
  348. + in_sg = sg_next(in_sg);
  349. + }
  350. + while (out_sg != NULL && no_chunk == 1) {
  351. + if ((out_sg->length % 4) != 0)
  352. + no_chunk = 0;
  353. + out_sg = sg_next(out_sg);
  354. + }
  355. +
  356. + if (no_chunk == 1)
  357. + return sunxi_ss_aes_poll(areq, mode);
  358. +
  359. + in_sg = areq->src;
  360. + out_sg = areq->dst;
  361. +
  362. + nb_in_sg_rx = sg_nents(in_sg);
  363. + nb_in_sg_tx = sg_nents(out_sg);
  364. +
  365. + /*
  366. + * buf_in and buf_out are allocated only one time
  367. + * then we keep the buffer until driver end
  368. + * the allocation can only grow more
  369. + * we do not reduce it for simplification
  370. + */
  371. + mutex_lock(&ss->bufin_lock);
  372. + if (ss->buf_in == NULL) {
  373. + ss->buf_in = kmalloc(areq->nbytes, GFP_KERNEL);
  374. + ss->buf_in_size = areq->nbytes;
  375. + } else {
  376. + if (areq->nbytes > ss->buf_in_size) {
  377. + kfree(ss->buf_in);
  378. + ss->buf_in = kmalloc(areq->nbytes, GFP_KERNEL);
  379. + ss->buf_in_size = areq->nbytes;
  380. + }
  381. + }
  382. + if (ss->buf_in == NULL) {
  383. + ss->buf_in_size = 0;
  384. + mutex_unlock(&ss->bufin_lock);
  385. + dev_err(ss->dev, "Unable to allocate pages.\n");
  386. + return -ENOMEM;
  387. + }
  388. + mutex_lock(&ss->bufout_lock);
  389. + if (ss->buf_out == NULL) {
  390. + ss->buf_out = kmalloc(areq->nbytes, GFP_KERNEL);
  391. + if (ss->buf_out == NULL) {
  392. + ss->buf_out_size = 0;
  393. + mutex_unlock(&ss->bufin_lock);
  394. + mutex_unlock(&ss->bufout_lock);
  395. + dev_err(ss->dev, "Unable to allocate pages.\n");
  396. + return -ENOMEM;
  397. + }
  398. + ss->buf_out_size = areq->nbytes;
  399. + } else {
  400. + if (areq->nbytes > ss->buf_out_size) {
  401. + kfree(ss->buf_out);
  402. + ss->buf_out = kmalloc(areq->nbytes, GFP_KERNEL);
  403. + if (ss->buf_out == NULL) {
  404. + ss->buf_out_size = 0;
  405. + mutex_unlock(&ss->bufin_lock);
  406. + mutex_unlock(&ss->bufout_lock);
  407. + dev_err(ss->dev, "Unable to allocate pages.\n");
  408. + return -ENOMEM;
  409. + }
  410. + ss->buf_out_size = areq->nbytes;
  411. + }
  412. + }
  413. +
  414. + sg_copy_to_buffer(areq->src, nb_in_sg_rx, ss->buf_in, areq->nbytes);
  415. +
  416. + ir = 0;
  417. + it = 0;
  418. + mutex_lock(&ss->lock);
  419. +
  420. + for (i = 0; i < op->keylen; i += 4)
  421. + writel(*(op->key + i/4), ss->base + SS_KEY0 + i);
  422. + if (areq->info != NULL) {
  423. + for (i = 0; i < 4 && i < ivsize / 4; i++) {
  424. + v = *(u32 *)(areq->info + i * 4);
  425. + writel(v, ss->base + SS_IV0 + i * 4);
  426. + }
  427. + }
  428. + writel(mode, ss->base + SS_CTL);
  429. +
  430. + do {
  431. + if (rx_cnt == 0 || tx_cnt == 0) {
  432. + spaces = readl(ss->base + SS_FCSR);
  433. + rx_cnt = SS_RXFIFO_SPACES(spaces);
  434. + tx_cnt = SS_TXFIFO_SPACES(spaces);
  435. + }
  436. + if (rx_cnt > 0 && ir < areq->nbytes) {
  437. + do {
  438. + value = *(u32 *)(ss->buf_in + ir);
  439. + writel(value, ss->base + SS_RXFIFO);
  440. + ir += 4;
  441. + rx_cnt--;
  442. + } while (rx_cnt > 0 && ir < areq->nbytes);
  443. + }
  444. + if (tx_cnt > 0 && it < areq->nbytes) {
  445. + do {
  446. + value = readl(ss->base + SS_TXFIFO);
  447. + *(u32 *)(ss->buf_out + it) = value;
  448. + it += 4;
  449. + tx_cnt--;
  450. + } while (tx_cnt > 0 && it < areq->nbytes);
  451. + }
  452. + if (ir == areq->nbytes) {
  453. + mutex_unlock(&ss->bufin_lock);
  454. + ir++;
  455. + }
  456. + } while (it < areq->nbytes);
  457. +
  458. + writel(0, ss->base + SS_CTL);
  459. + mutex_unlock(&ss->lock);
  460. +
  461. + /*
  462. + * a simple optimization, since we dont need the hardware for this copy
  463. + * we release the lock and do the copy. With that we gain 5/10% perf
  464. + */
  465. + sg_copy_from_buffer(areq->dst, nb_in_sg_tx, ss->buf_out, areq->nbytes);
  466. +
  467. + mutex_unlock(&ss->bufout_lock);
  468. + return 0;
  469. +}
  470. +
  471. +/* check and set the AES key, prepare the mode to be used */
  472. +int sunxi_ss_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
  473. + unsigned int keylen)
  474. +{
  475. + struct sunxi_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
  476. +
  477. + switch (keylen) {
  478. + case 128 / 8:
  479. + op->keymode = SS_AES_128BITS;
  480. + break;
  481. + case 192 / 8:
  482. + op->keymode = SS_AES_192BITS;
  483. + break;
  484. + case 256 / 8:
  485. + op->keymode = SS_AES_256BITS;
  486. + break;
  487. + default:
  488. + dev_err(ss->dev, "ERROR: Invalid keylen %u\n", keylen);
  489. + crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
  490. + return -EINVAL;
  491. + }
  492. + op->keylen = keylen;
  493. + memcpy(op->key, key, keylen);
  494. + return 0;
  495. +}
  496. +
  497. +/* check and set the DES key, prepare the mode to be used */
  498. +int sunxi_ss_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
  499. + unsigned int keylen)
  500. +{
  501. + struct sunxi_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
  502. +
  503. + if (keylen != DES_KEY_SIZE) {
  504. + dev_err(ss->dev, "Invalid keylen %u\n", keylen);
  505. + crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
  506. + return -EINVAL;
  507. + }
  508. + op->keylen = keylen;
  509. + memcpy(op->key, key, keylen);
  510. + return 0;
  511. +}
  512. +
  513. +/* check and set the 3DES key, prepare the mode to be used */
  514. +int sunxi_ss_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
  515. + unsigned int keylen)
  516. +{
  517. + struct sunxi_tfm_ctx *op = crypto_ablkcipher_ctx(tfm);
  518. +
  519. + if (keylen != 3 * DES_KEY_SIZE) {
  520. + dev_err(ss->dev, "Invalid keylen %u\n", keylen);
  521. + crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
  522. + return -EINVAL;
  523. + }
  524. + op->keylen = keylen;
  525. + memcpy(op->key, key, keylen);
  526. + return 0;
  527. +}
  528. --- /dev/null
  529. +++ b/drivers/crypto/sunxi-ss/sunxi-ss-core.c
  530. @@ -0,0 +1,318 @@
  531. +/*
  532. + * sunxi-ss-core.c - hardware cryptographic accelerator for Allwinner A20 SoC
  533. + *
  534. + * Copyright (C) 2013-2014 Corentin LABBE <clabbe.montjoie@gmail.com>
  535. + *
  536. + * Core file which registers crypto algorithms supported by the SS.
  537. + *
  538. + * You could find a link for the datasheet in Documentation/arm/sunxi/README
  539. + *
  540. + * This program is free software; you can redistribute it and/or modify
  541. + * it under the terms of the GNU General Public License as published by
  542. + * the Free Software Foundation; either version 2 of the License, or
  543. + * (at your option) any later version.
  544. + */
  545. +#include <linux/clk.h>
  546. +#include <linux/crypto.h>
  547. +#include <linux/io.h>
  548. +#include <linux/module.h>
  549. +#include <linux/of.h>
  550. +#include <linux/platform_device.h>
  551. +#include <crypto/scatterwalk.h>
  552. +#include <linux/scatterlist.h>
  553. +#include <linux/interrupt.h>
  554. +#include <linux/delay.h>
  555. +
  556. +#include "sunxi-ss.h"
  557. +
  558. +struct sunxi_ss_ctx *ss;
  559. +
  560. +/*
  561. + * General notes for whole driver:
  562. + *
  563. + * After each request the device must be disabled with a write of 0 in SS_CTL
  564. + *
  565. + * For performance reason, we use writel_relaxed/read_relaxed for all
  566. + * operations on RX and TX FIFO and also SS_FCSR.
  567. + * Excepts for the last write on TX FIFO.
  568. + * For all other registers, we use writel/readl.
  569. + * See http://permalink.gmane.org/gmane.linux.ports.arm.kernel/117644
  570. + * and http://permalink.gmane.org/gmane.linux.ports.arm.kernel/117640
  571. + */
  572. +
  573. +static struct ahash_alg sunxi_md5_alg = {
  574. + .init = sunxi_hash_init,
  575. + .update = sunxi_hash_update,
  576. + .final = sunxi_hash_final,
  577. + .finup = sunxi_hash_finup,
  578. + .digest = sunxi_hash_digest,
  579. + .halg = {
  580. + .digestsize = MD5_DIGEST_SIZE,
  581. + .base = {
  582. + .cra_name = "md5",
  583. + .cra_driver_name = "md5-sunxi-ss",
  584. + .cra_priority = 300,
  585. + .cra_alignmask = 3,
  586. + .cra_flags = CRYPTO_ALG_TYPE_AHASH | CRYPTO_ALG_ASYNC,
  587. + .cra_blocksize = MD5_HMAC_BLOCK_SIZE,
  588. + .cra_ctxsize = sizeof(struct sunxi_req_ctx),
  589. + .cra_module = THIS_MODULE,
  590. + .cra_type = &crypto_ahash_type,
  591. + .cra_init = sunxi_hash_crainit
  592. + }
  593. + }
  594. +};
  595. +
  596. +static struct ahash_alg sunxi_sha1_alg = {
  597. + .init = sunxi_hash_init,
  598. + .update = sunxi_hash_update,
  599. + .final = sunxi_hash_final,
  600. + .finup = sunxi_hash_finup,
  601. + .digest = sunxi_hash_digest,
  602. + .halg = {
  603. + .digestsize = SHA1_DIGEST_SIZE,
  604. + .base = {
  605. + .cra_name = "sha1",
  606. + .cra_driver_name = "sha1-sunxi-ss",
  607. + .cra_priority = 300,
  608. + .cra_alignmask = 3,
  609. + .cra_flags = CRYPTO_ALG_TYPE_AHASH | CRYPTO_ALG_ASYNC,
  610. + .cra_blocksize = SHA1_BLOCK_SIZE,
  611. + .cra_ctxsize = sizeof(struct sunxi_req_ctx),
  612. + .cra_module = THIS_MODULE,
  613. + .cra_type = &crypto_ahash_type,
  614. + .cra_init = sunxi_hash_crainit
  615. + }
  616. + }
  617. +};
  618. +
  619. +static struct crypto_alg sunxi_cipher_algs[] = {
  620. +{
  621. + .cra_name = "cbc(aes)",
  622. + .cra_driver_name = "cbc-aes-sunxi-ss",
  623. + .cra_priority = 300,
  624. + .cra_blocksize = AES_BLOCK_SIZE,
  625. + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
  626. + .cra_ctxsize = sizeof(struct sunxi_tfm_ctx),
  627. + .cra_module = THIS_MODULE,
  628. + .cra_alignmask = 3,
  629. + .cra_type = &crypto_ablkcipher_type,
  630. + .cra_init = sunxi_ss_cipher_init,
  631. + .cra_u = {
  632. + .ablkcipher = {
  633. + .min_keysize = AES_MIN_KEY_SIZE,
  634. + .max_keysize = AES_MAX_KEY_SIZE,
  635. + .ivsize = AES_BLOCK_SIZE,
  636. + .setkey = sunxi_ss_aes_setkey,
  637. + .encrypt = sunxi_ss_cipher_encrypt,
  638. + .decrypt = sunxi_ss_cipher_decrypt,
  639. + }
  640. + }
  641. +}, {
  642. + .cra_name = "cbc(des)",
  643. + .cra_driver_name = "cbc-des-sunxi-ss",
  644. + .cra_priority = 300,
  645. + .cra_blocksize = DES_BLOCK_SIZE,
  646. + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
  647. + .cra_ctxsize = sizeof(struct sunxi_req_ctx),
  648. + .cra_module = THIS_MODULE,
  649. + .cra_alignmask = 3,
  650. + .cra_type = &crypto_ablkcipher_type,
  651. + .cra_init = sunxi_ss_cipher_init,
  652. + .cra_u.ablkcipher = {
  653. + .min_keysize = DES_KEY_SIZE,
  654. + .max_keysize = DES_KEY_SIZE,
  655. + .ivsize = DES_BLOCK_SIZE,
  656. + .setkey = sunxi_ss_des_setkey,
  657. + .encrypt = sunxi_ss_cipher_encrypt,
  658. + .decrypt = sunxi_ss_cipher_decrypt,
  659. + }
  660. +}, {
  661. + .cra_name = "cbc(des3_ede)",
  662. + .cra_driver_name = "cbc-des3-sunxi-ss",
  663. + .cra_priority = 300,
  664. + .cra_blocksize = DES3_EDE_BLOCK_SIZE,
  665. + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER,
  666. + .cra_ctxsize = sizeof(struct sunxi_req_ctx),
  667. + .cra_module = THIS_MODULE,
  668. + .cra_alignmask = 3,
  669. + .cra_type = &crypto_ablkcipher_type,
  670. + .cra_init = sunxi_ss_cipher_init,
  671. + .cra_u.ablkcipher = {
  672. + .min_keysize = DES3_EDE_KEY_SIZE,
  673. + .max_keysize = DES3_EDE_KEY_SIZE,
  674. + .ivsize = DES3_EDE_BLOCK_SIZE,
  675. + .setkey = sunxi_ss_des3_setkey,
  676. + .encrypt = sunxi_ss_cipher_encrypt,
  677. + .decrypt = sunxi_ss_cipher_decrypt,
  678. + }
  679. +}
  680. +};
  681. +
  682. +static int sunxi_ss_probe(struct platform_device *pdev)
  683. +{
  684. + struct resource *res;
  685. + u32 v;
  686. + int err;
  687. + unsigned long cr;
  688. + const unsigned long cr_ahb = 24 * 1000 * 1000;
  689. + const unsigned long cr_mod = 150 * 1000 * 1000;
  690. +
  691. + if (!pdev->dev.of_node)
  692. + return -ENODEV;
  693. +
  694. + ss = devm_kzalloc(&pdev->dev, sizeof(*ss), GFP_KERNEL);
  695. + if (ss == NULL)
  696. + return -ENOMEM;
  697. +
  698. + res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
  699. + ss->base = devm_ioremap_resource(&pdev->dev, res);
  700. + if (IS_ERR(ss->base)) {
  701. + dev_err(&pdev->dev, "Cannot request MMIO\n");
  702. + return PTR_ERR(ss->base);
  703. + }
  704. +
  705. + ss->ssclk = devm_clk_get(&pdev->dev, "mod");
  706. + if (IS_ERR(ss->ssclk)) {
  707. + err = PTR_ERR(ss->ssclk);
  708. + dev_err(&pdev->dev, "Cannot get SS clock err=%d\n", err);
  709. + return err;
  710. + }
  711. + dev_dbg(&pdev->dev, "clock ss acquired\n");
  712. +
  713. + ss->busclk = devm_clk_get(&pdev->dev, "ahb");
  714. + if (IS_ERR(ss->busclk)) {
  715. + err = PTR_ERR(ss->busclk);
  716. + dev_err(&pdev->dev, "Cannot get AHB SS clock err=%d\n", err);
  717. + return err;
  718. + }
  719. + dev_dbg(&pdev->dev, "clock ahb_ss acquired\n");
  720. +
  721. + /* Enable both clocks */
  722. + err = clk_prepare_enable(ss->busclk);
  723. + if (err != 0) {
  724. + dev_err(&pdev->dev, "Cannot prepare_enable busclk\n");
  725. + return err;
  726. + }
  727. + err = clk_prepare_enable(ss->ssclk);
  728. + if (err != 0) {
  729. + dev_err(&pdev->dev, "Cannot prepare_enable ssclk\n");
  730. + clk_disable_unprepare(ss->busclk);
  731. + return err;
  732. + }
  733. +
  734. + /*
  735. + * Check that clock have the correct rates gived in the datasheet
  736. + * Try to set the clock to the maximum allowed
  737. + */
  738. + err = clk_set_rate(ss->ssclk, cr_mod);
  739. + if (err != 0) {
  740. + dev_err(&pdev->dev, "Cannot set clock rate to ssclk\n");
  741. + clk_disable_unprepare(ss->ssclk);
  742. + clk_disable_unprepare(ss->busclk);
  743. + return err;
  744. + }
  745. +
  746. + cr = clk_get_rate(ss->busclk);
  747. + if (cr >= cr_ahb)
  748. + dev_dbg(&pdev->dev, "Clock bus %lu (%lu MHz) (must be >= %lu)\n",
  749. + cr, cr / 1000000, cr_ahb);
  750. + else
  751. + dev_warn(&pdev->dev, "Clock bus %lu (%lu MHz) (must be >= %lu)\n",
  752. + cr, cr / 1000000, cr_ahb);
  753. +
  754. + cr = clk_get_rate(ss->ssclk);
  755. + if (cr <= cr_mod)
  756. + if (cr < cr_mod)
  757. + dev_info(&pdev->dev, "Clock ss %lu (%lu MHz) (must be <= %lu)\n",
  758. + cr, cr / 1000000, cr_mod);
  759. + else
  760. + dev_dbg(&pdev->dev, "Clock ss %lu (%lu MHz) (must be <= %lu)\n",
  761. + cr, cr / 1000000, cr_mod);
  762. + else
  763. + dev_warn(&pdev->dev, "Clock ss is at %lu (%lu MHz) (must be <= %lu)\n",
  764. + cr, cr / 1000000, cr_mod);
  765. +
  766. + /*
  767. + * Datasheet named it "Die Bonding ID"
  768. + * I expect to be a sort of Security System Revision number.
  769. + * Since the A80 seems to have an other version of SS
  770. + * this info could be useful
  771. + */
  772. + writel(SS_ENABLED, ss->base + SS_CTL);
  773. + v = readl(ss->base + SS_CTL);
  774. + v >>= 16;
  775. + v &= 0x07;
  776. + dev_info(&pdev->dev, "Die ID %d\n", v);
  777. + writel(0, ss->base + SS_CTL);
  778. +
  779. + ss->dev = &pdev->dev;
  780. +
  781. + mutex_init(&ss->lock);
  782. + mutex_init(&ss->bufin_lock);
  783. + mutex_init(&ss->bufout_lock);
  784. +
  785. + err = crypto_register_ahash(&sunxi_md5_alg);
  786. + if (err)
  787. + goto error_md5;
  788. + err = crypto_register_ahash(&sunxi_sha1_alg);
  789. + if (err)
  790. + goto error_sha1;
  791. + err = crypto_register_algs(sunxi_cipher_algs,
  792. + ARRAY_SIZE(sunxi_cipher_algs));
  793. + if (err)
  794. + goto error_ciphers;
  795. +
  796. + return 0;
  797. +error_ciphers:
  798. + crypto_unregister_ahash(&sunxi_sha1_alg);
  799. +error_sha1:
  800. + crypto_unregister_ahash(&sunxi_md5_alg);
  801. +error_md5:
  802. + clk_disable_unprepare(ss->ssclk);
  803. + clk_disable_unprepare(ss->busclk);
  804. + return err;
  805. +}
  806. +
  807. +static int __exit sunxi_ss_remove(struct platform_device *pdev)
  808. +{
  809. + if (!pdev->dev.of_node)
  810. + return 0;
  811. +
  812. + crypto_unregister_ahash(&sunxi_md5_alg);
  813. + crypto_unregister_ahash(&sunxi_sha1_alg);
  814. + crypto_unregister_algs(sunxi_cipher_algs,
  815. + ARRAY_SIZE(sunxi_cipher_algs));
  816. +
  817. + if (ss->buf_in != NULL)
  818. + kfree(ss->buf_in);
  819. + if (ss->buf_out != NULL)
  820. + kfree(ss->buf_out);
  821. +
  822. + writel(0, ss->base + SS_CTL);
  823. + clk_disable_unprepare(ss->busclk);
  824. + clk_disable_unprepare(ss->ssclk);
  825. + return 0;
  826. +}
  827. +
  828. +static const struct of_device_id a20ss_crypto_of_match_table[] = {
  829. + { .compatible = "allwinner,sun7i-a20-crypto" },
  830. + {}
  831. +};
  832. +MODULE_DEVICE_TABLE(of, a20ss_crypto_of_match_table);
  833. +
  834. +static struct platform_driver sunxi_ss_driver = {
  835. + .probe = sunxi_ss_probe,
  836. + .remove = __exit_p(sunxi_ss_remove),
  837. + .driver = {
  838. + .owner = THIS_MODULE,
  839. + .name = "sunxi-ss",
  840. + .of_match_table = a20ss_crypto_of_match_table,
  841. + },
  842. +};
  843. +
  844. +module_platform_driver(sunxi_ss_driver);
  845. +
  846. +MODULE_DESCRIPTION("Allwinner Security System cryptographic accelerator");
  847. +MODULE_LICENSE("GPL");
  848. +MODULE_AUTHOR("Corentin LABBE <clabbe.montjoie@gmail.com>");
  849. --- /dev/null
  850. +++ b/drivers/crypto/sunxi-ss/sunxi-ss-hash.c
  851. @@ -0,0 +1,445 @@
  852. +/*
  853. + * sunxi-ss-hash.c - hardware cryptographic accelerator for Allwinner A20 SoC
  854. + *
  855. + * Copyright (C) 2013-2014 Corentin LABBE <clabbe.montjoie@gmail.com>
  856. + *
  857. + * This file add support for MD5 and SHA1.
  858. + *
  859. + * You could find the datasheet in Documentation/arm/sunxi/README
  860. + *
  861. + * This program is free software; you can redistribute it and/or modify
  862. + * it under the terms of the GNU General Public License as published by
  863. + * the Free Software Foundation; either version 2 of the License, or
  864. + * (at your option) any later version.
  865. + */
  866. +#include "sunxi-ss.h"
  867. +
  868. +/* This is a totaly arbitrary value */
  869. +#define SS_TIMEOUT 100
  870. +
  871. +extern struct sunxi_ss_ctx *ss;
  872. +
  873. +int sunxi_hash_crainit(struct crypto_tfm *tfm)
  874. +{
  875. + crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
  876. + sizeof(struct sunxi_req_ctx));
  877. + return 0;
  878. +}
  879. +
  880. +/* sunxi_hash_init: initialize request context */
  881. +int sunxi_hash_init(struct ahash_request *areq)
  882. +{
  883. + const char *hash_type;
  884. + struct sunxi_req_ctx *op = ahash_request_ctx(areq);
  885. +
  886. + memset(op, 0, sizeof(struct sunxi_req_ctx));
  887. +
  888. + hash_type = crypto_tfm_alg_name(areq->base.tfm);
  889. +
  890. + if (strcmp(hash_type, "sha1") == 0)
  891. + op->mode = SS_OP_SHA1;
  892. + if (strcmp(hash_type, "md5") == 0)
  893. + op->mode = SS_OP_MD5;
  894. + if (op->mode == 0)
  895. + return -EINVAL;
  896. +
  897. + return 0;
  898. +}
  899. +
  900. +static u32 rx_cnt;
  901. +
  902. +inline void ss_writer(const u32 v)
  903. +{
  904. + u32 spaces;
  905. +
  906. + writel(v, ss->base + SS_RXFIFO);
  907. + rx_cnt--;
  908. + while (rx_cnt == 0) {
  909. + spaces = readl_relaxed(ss->base + SS_FCSR);
  910. + rx_cnt = SS_RXFIFO_SPACES(spaces);
  911. + }
  912. +}
  913. +
  914. +inline void ss_writer_relaxed(const u32 v)
  915. +{
  916. + u32 spaces;
  917. +
  918. + writel_relaxed(v, ss->base + SS_RXFIFO);
  919. + rx_cnt--;
  920. + while (rx_cnt == 0) {
  921. + spaces = readl_relaxed(ss->base + SS_FCSR);
  922. + rx_cnt = SS_RXFIFO_SPACES(spaces);
  923. + }
  924. +}
  925. +
  926. +/*
  927. + * sunxi_hash_update: update hash engine
  928. + *
  929. + * Could be used for both SHA1 and MD5
  930. + * Write data by step of 32bits and put then in the SS.
  931. + *
  932. + * Since we cannot leave partial data and hash state in the engine,
  933. + * we need to get the hash state at the end of this function.
  934. + * After some work, I have found that we can get the hash state every 64o
  935. + *
  936. + * So the first work is to get the number of bytes to write to SS modulo 64
  937. + * The extra bytes will go to two different destination:
  938. + * op->wait for full 32bits word
  939. + * op->wb (waiting bytes) for partial 32 bits word
  940. + * So we can have up to (64/4)-1 op->wait words and 0/1/2/3 bytes in wb
  941. + *
  942. + * So at the begin of update()
  943. + * if op->nwait * 4 + areq->nbytes < 64
  944. + * => all data writed to wait buffers and end=0
  945. + * if not write all nwait to the device and position end to complete to 64o
  946. + *
  947. + * example 1:
  948. + * update1 60o => nwait=15
  949. + * update2 60o => need one more word to have 64o
  950. + * end=4
  951. + * so write all data in op->wait and one word of SGs
  952. + * write remaining data in op->wait
  953. + * final state op->nwait=14
  954. + */
  955. +int sunxi_hash_update(struct ahash_request *areq)
  956. +{
  957. + u32 v, ivmode = 0;
  958. + unsigned int i = 0;
  959. + /*
  960. + * i is the total bytes read from SGs, to be compared to areq->nbytes
  961. + * i is important because we cannot rely on SG length since the sum of
  962. + * SG->length could be greater than areq->nbytes
  963. + */
  964. +
  965. + struct sunxi_req_ctx *op = ahash_request_ctx(areq);
  966. + struct scatterlist *in_sg;
  967. + unsigned int in_i = 0; /* advancement in the current SG */
  968. + u64 end;
  969. + /*
  970. + * end is the position when we need to stop writing to the device,
  971. + * to be compared to i
  972. + */
  973. + int in_r;
  974. + void *src_addr;
  975. +
  976. + dev_dbg(ss->dev, "%s %s bc=%llu len=%u mode=%x bw=%u ww=%u",
  977. + __func__, crypto_tfm_alg_name(areq->base.tfm),
  978. + op->byte_count, areq->nbytes, op->mode,
  979. + op->nbw, op->nwait);
  980. +
  981. + if (areq->nbytes == 0)
  982. + return 0;
  983. +
  984. + end = ((areq->nbytes + op->nwait * 4 + op->nbw) / 64) * 64
  985. + - op->nbw - op->nwait * 4;
  986. +
  987. + if (end > areq->nbytes || areq->nbytes - end > 63) {
  988. + dev_err(ss->dev, "ERROR: Bound error %llu %u\n",
  989. + end, areq->nbytes);
  990. + return -EINVAL;
  991. + }
  992. +
  993. + if (op->nwait > 0 && end > 0) {
  994. + /* a precedent update was done */
  995. + for (i = 0; i < op->nwait; i++) {
  996. + ss_writer(op->wait[i]);
  997. + op->byte_count += 4;
  998. + }
  999. + op->nwait = 0;
  1000. + }
  1001. +
  1002. + mutex_lock(&ss->lock);
  1003. + /*
  1004. + * if some data have been processed before,
  1005. + * we need to restore the partial hash state
  1006. + */
  1007. + if (op->byte_count > 0) {
  1008. + ivmode = SS_IV_ARBITRARY;
  1009. + for (i = 0; i < 5; i++)
  1010. + writel(op->hash[i], ss->base + SS_IV0 + i * 4);
  1011. + }
  1012. + /* Enable the device */
  1013. + writel(op->mode | SS_ENABLED | ivmode, ss->base + SS_CTL);
  1014. +
  1015. + rx_cnt = 0;
  1016. + i = 0;
  1017. +
  1018. + in_sg = areq->src;
  1019. + src_addr = kmap(sg_page(in_sg)) + in_sg->offset;
  1020. + if (src_addr == NULL) {
  1021. + mutex_unlock(&ss->lock);
  1022. + dev_err(ss->dev, "ERROR: Cannot kmap source buffer\n");
  1023. + return -EFAULT;
  1024. + }
  1025. + do {
  1026. + /*
  1027. + * step 1, if some bytes remains from last SG,
  1028. + * try to complete them to 4 and send that word
  1029. + */
  1030. + if (op->nbw > 0) {
  1031. + while (op->nbw < 4 && i < areq->nbytes &&
  1032. + in_i < in_sg->length) {
  1033. + op->wb |= (*(u8 *)(src_addr + in_i))
  1034. + << (8 * op->nbw);
  1035. + dev_dbg(ss->dev, "%s Complete w=%d wb=%x\n",
  1036. + __func__, op->nbw, op->wb);
  1037. + i++;
  1038. + in_i++;
  1039. + op->nbw++;
  1040. + }
  1041. + if (op->nbw == 4) {
  1042. + if (i <= end) {
  1043. + ss_writer(op->wb);
  1044. + op->byte_count += 4;
  1045. + } else {
  1046. + op->wait[op->nwait] = op->wb;
  1047. + op->nwait++;
  1048. + dev_dbg(ss->dev, "%s Keep %u bytes after %llu\n",
  1049. + __func__, op->nwait, end);
  1050. + }
  1051. + op->nbw = 0;
  1052. + op->wb = 0;
  1053. + }
  1054. + }
  1055. + /* step 2, main loop, read data 4bytes at a time */
  1056. + while (i < areq->nbytes && in_i < in_sg->length) {
  1057. + /* how many bytes we can read, (we need 4) */
  1058. + in_r = min(in_sg->length - in_i, areq->nbytes - i);
  1059. + if (in_r < 4) {
  1060. + /* Not enough data to write to the device */
  1061. + op->wb = 0;
  1062. + while (in_r > 0) {
  1063. + op->wb |= (*(u8 *)(src_addr + in_i))
  1064. + << (8 * op->nbw);
  1065. + dev_dbg(ss->dev, "%s ending bw=%d wb=%x\n",
  1066. + __func__, op->nbw, op->wb);
  1067. + in_r--;
  1068. + i++;
  1069. + in_i++;
  1070. + op->nbw++;
  1071. + }
  1072. + goto nextsg;
  1073. + }
  1074. + v = *(u32 *)(src_addr + in_i);
  1075. + if (i < end) {
  1076. + /* last write must be done without relaxed */
  1077. + if (i + 4 >= end)
  1078. + ss_writer(v);
  1079. + else
  1080. + ss_writer_relaxed(v);
  1081. + i += 4;
  1082. + op->byte_count += 4;
  1083. + in_i += 4;
  1084. + } else {
  1085. + op->wait[op->nwait] = v;
  1086. + i += 4;
  1087. + in_i += 4;
  1088. + op->nwait++;
  1089. + dev_dbg(ss->dev, "%s Keep word ww=%u after %llu\n",
  1090. + __func__, op->nwait, end);
  1091. + if (op->nwait > 15) {
  1092. + dev_err(ss->dev, "FATAL: Cannot enqueue more, bug?\n");
  1093. + writel(0, ss->base + SS_CTL);
  1094. + mutex_unlock(&ss->lock);
  1095. + return -EIO;
  1096. + }
  1097. + }
  1098. + }
  1099. +nextsg:
  1100. + /* Nothing more to read in this SG */
  1101. + if (in_i == in_sg->length) {
  1102. + kunmap(sg_page(in_sg));
  1103. + do {
  1104. + in_sg = sg_next(in_sg);
  1105. + } while (in_sg != NULL && in_sg->length == 0);
  1106. + in_i = 0;
  1107. + if (in_sg != NULL) {
  1108. + src_addr = kmap(sg_page(in_sg)) + in_sg->offset;
  1109. + if (src_addr == NULL) {
  1110. + mutex_unlock(&ss->lock);
  1111. + dev_err(ss->dev, "ERROR: Cannot kmap source buffer\n");
  1112. + return -EFAULT;
  1113. + }
  1114. + }
  1115. + }
  1116. + } while (in_sg != NULL && i < areq->nbytes);
  1117. +
  1118. + /* ask the device to finish the hashing */
  1119. + writel(op->mode | SS_ENABLED | SS_DATA_END, ss->base + SS_CTL);
  1120. + i = 0;
  1121. + do {
  1122. + v = readl(ss->base + SS_CTL);
  1123. + i++;
  1124. + } while (i < SS_TIMEOUT && (v & SS_DATA_END) > 0);
  1125. + if (i >= SS_TIMEOUT) {
  1126. + dev_err(ss->dev, "ERROR: %s hash end timeout after %d loop, CTL=%x\n",
  1127. + __func__, i, v);
  1128. + writel(0, ss->base + SS_CTL);
  1129. + mutex_unlock(&ss->lock);
  1130. + return -EIO;
  1131. + }
  1132. +
  1133. + /* get the partial hash */
  1134. + if (op->mode == SS_OP_SHA1) {
  1135. + for (i = 0; i < 5; i++)
  1136. + op->hash[i] = readl(ss->base + SS_MD0 + i * 4);
  1137. + } else {
  1138. + for (i = 0; i < 4; i++)
  1139. + op->hash[i] = readl(ss->base + SS_MD0 + i * 4);
  1140. + }
  1141. +
  1142. + writel(0, ss->base + SS_CTL);
  1143. + mutex_unlock(&ss->lock);
  1144. + return 0;
  1145. +}
  1146. +
  1147. +/*
  1148. + * sunxi_hash_final: finalize hashing operation
  1149. + *
  1150. + * If we have some remaining bytes, we write them.
  1151. + * Then ask the SS for finalizing the hashing operation
  1152. + */
  1153. +int sunxi_hash_final(struct ahash_request *areq)
  1154. +{
  1155. + u32 v, ivmode = 0;
  1156. + unsigned int i;
  1157. + int zeros;
  1158. + unsigned int index, padlen;
  1159. + __be64 bits;
  1160. + struct sunxi_req_ctx *op = ahash_request_ctx(areq);
  1161. +
  1162. + dev_dbg(ss->dev, "%s byte=%llu len=%u mode=%x bw=%u %x h=%x ww=%u",
  1163. + __func__, op->byte_count, areq->nbytes, op->mode,
  1164. + op->nbw, op->wb, op->hash[0], op->nwait);
  1165. +
  1166. + mutex_lock(&ss->lock);
  1167. + rx_cnt = 0;
  1168. +
  1169. + /*
  1170. + * if we have already writed something,
  1171. + * restore the partial hash state
  1172. + */
  1173. + if (op->byte_count > 0) {
  1174. + ivmode = SS_IV_ARBITRARY;
  1175. + for (i = 0; i < 5; i++)
  1176. + writel(op->hash[i], ss->base + SS_IV0 + i * 4);
  1177. + }
  1178. + writel(op->mode | SS_ENABLED | ivmode, ss->base + SS_CTL);
  1179. +
  1180. + /* write the remaining words of the wait buffer */
  1181. + if (op->nwait > 0) {
  1182. + for (i = 0; i < op->nwait; i++) {
  1183. + v = op->wait[i];
  1184. + ss_writer(v);
  1185. + op->byte_count += 4;
  1186. + dev_dbg(ss->dev, "%s write %llu i=%u %x\n",
  1187. + __func__, op->byte_count, i, v);
  1188. + }
  1189. + op->nwait = 0;
  1190. + }
  1191. +
  1192. + /* write the remaining bytes of the nbw buffer */
  1193. + if (op->nbw > 0) {
  1194. + op->wb |= ((1 << 7) << (op->nbw * 8));
  1195. + ss_writer(op->wb);
  1196. + } else {
  1197. + ss_writer((1 << 7));
  1198. + }
  1199. +
  1200. + /*
  1201. + * number of space to pad to obtain 64o minus 8(size) minus 4 (final 1)
  1202. + * I take the operations from other md5/sha1 implementations
  1203. + */
  1204. +
  1205. + /* we have already send 4 more byte of which nbw data */
  1206. + if (op->mode == SS_OP_MD5) {
  1207. + index = (op->byte_count + 4) & 0x3f;
  1208. + op->byte_count += op->nbw;
  1209. + if (index > 56)
  1210. + zeros = (120 - index) / 4;
  1211. + else
  1212. + zeros = (56 - index) / 4;
  1213. + } else {
  1214. + op->byte_count += op->nbw;
  1215. + index = op->byte_count & 0x3f;
  1216. + padlen = (index < 56) ? (56 - index) : ((64+56) - index);
  1217. + zeros = (padlen - 1) / 4;
  1218. + }
  1219. + for (i = 0; i < zeros; i++)
  1220. + ss_writer(0);
  1221. +
  1222. + /* write the length of data */
  1223. + if (op->mode == SS_OP_SHA1) {
  1224. + bits = cpu_to_be64(op->byte_count << 3);
  1225. + ss_writer(bits & 0xffffffff);
  1226. + ss_writer((bits >> 32) & 0xffffffff);
  1227. + } else {
  1228. + ss_writer((op->byte_count << 3) & 0xffffffff);
  1229. + ss_writer((op->byte_count >> 29) & 0xffffffff);
  1230. + }
  1231. +
  1232. + /* Tell the SS to stop the hashing */
  1233. + writel(op->mode | SS_ENABLED | SS_DATA_END, ss->base + SS_CTL);
  1234. +
  1235. + /*
  1236. + * Wait for SS to finish the hash.
  1237. + * The timeout could happend only in case of bad overcloking
  1238. + * or driver bug.
  1239. + */
  1240. + i = 0;
  1241. + do {
  1242. + v = readl(ss->base + SS_CTL);
  1243. + i++;
  1244. + } while (i < SS_TIMEOUT && (v & SS_DATA_END) > 0);
  1245. + if (i >= SS_TIMEOUT) {
  1246. + dev_err(ss->dev, "ERROR: hash end timeout %d>%d ctl=%x len=%u\n",
  1247. + i, SS_TIMEOUT, v, areq->nbytes);
  1248. + writel(0, ss->base + SS_CTL);
  1249. + mutex_unlock(&ss->lock);
  1250. + return -EIO;
  1251. + }
  1252. +
  1253. + /* Get the hash from the device */
  1254. + if (op->mode == SS_OP_SHA1) {
  1255. + for (i = 0; i < 5; i++) {
  1256. + v = cpu_to_be32(readl(ss->base + SS_MD0 + i * 4));
  1257. + memcpy(areq->result + i * 4, &v, 4);
  1258. + }
  1259. + } else {
  1260. + for (i = 0; i < 4; i++) {
  1261. + v = readl(ss->base + SS_MD0 + i * 4);
  1262. + memcpy(areq->result + i * 4, &v, 4);
  1263. + }
  1264. + }
  1265. + writel(0, ss->base + SS_CTL);
  1266. + mutex_unlock(&ss->lock);
  1267. + return 0;
  1268. +}
  1269. +
  1270. +/* sunxi_hash_finup: finalize hashing operation after an update */
  1271. +int sunxi_hash_finup(struct ahash_request *areq)
  1272. +{
  1273. + int err;
  1274. +
  1275. + err = sunxi_hash_update(areq);
  1276. + if (err != 0)
  1277. + return err;
  1278. +
  1279. + return sunxi_hash_final(areq);
  1280. +}
  1281. +
  1282. +/* combo of init/update/final functions */
  1283. +int sunxi_hash_digest(struct ahash_request *areq)
  1284. +{
  1285. + int err;
  1286. +
  1287. + err = sunxi_hash_init(areq);
  1288. + if (err != 0)
  1289. + return err;
  1290. +
  1291. + err = sunxi_hash_update(areq);
  1292. + if (err != 0)
  1293. + return err;
  1294. +
  1295. + return sunxi_hash_final(areq);
  1296. +}
  1297. --- /dev/null
  1298. +++ b/drivers/crypto/sunxi-ss/sunxi-ss.h
  1299. @@ -0,0 +1,193 @@
  1300. +/*
  1301. + * sunxi-ss.c - hardware cryptographic accelerator for Allwinner A20 SoC
  1302. + *
  1303. + * Copyright (C) 2013-2014 Corentin LABBE <clabbe.montjoie@gmail.com>
  1304. + *
  1305. + * Support AES cipher with 128,192,256 bits keysize.
  1306. + * Support MD5 and SHA1 hash algorithms.
  1307. + * Support DES and 3DES
  1308. + *
  1309. + * You could find the datasheet in Documentation/arm/sunxi/README
  1310. + *
  1311. + * Licensed under the GPL-2.
  1312. + */
  1313. +
  1314. +#include <linux/clk.h>
  1315. +#include <linux/crypto.h>
  1316. +#include <linux/io.h>
  1317. +#include <linux/module.h>
  1318. +#include <linux/of.h>
  1319. +#include <linux/platform_device.h>
  1320. +#include <crypto/scatterwalk.h>
  1321. +#include <linux/scatterlist.h>
  1322. +#include <linux/interrupt.h>
  1323. +#include <linux/delay.h>
  1324. +#include <crypto/md5.h>
  1325. +#include <crypto/sha.h>
  1326. +#include <crypto/hash.h>
  1327. +#include <crypto/internal/hash.h>
  1328. +#include <crypto/aes.h>
  1329. +#include <crypto/des.h>
  1330. +#include <crypto/internal/rng.h>
  1331. +
  1332. +#define SS_CTL 0x00
  1333. +#define SS_KEY0 0x04
  1334. +#define SS_KEY1 0x08
  1335. +#define SS_KEY2 0x0C
  1336. +#define SS_KEY3 0x10
  1337. +#define SS_KEY4 0x14
  1338. +#define SS_KEY5 0x18
  1339. +#define SS_KEY6 0x1C
  1340. +#define SS_KEY7 0x20
  1341. +
  1342. +#define SS_IV0 0x24
  1343. +#define SS_IV1 0x28
  1344. +#define SS_IV2 0x2C
  1345. +#define SS_IV3 0x30
  1346. +
  1347. +#define SS_CNT0 0x34
  1348. +#define SS_CNT1 0x38
  1349. +#define SS_CNT2 0x3C
  1350. +#define SS_CNT3 0x40
  1351. +
  1352. +#define SS_FCSR 0x44
  1353. +#define SS_ICSR 0x48
  1354. +
  1355. +#define SS_MD0 0x4C
  1356. +#define SS_MD1 0x50
  1357. +#define SS_MD2 0x54
  1358. +#define SS_MD3 0x58
  1359. +#define SS_MD4 0x5C
  1360. +
  1361. +#define SS_RXFIFO 0x200
  1362. +#define SS_TXFIFO 0x204
  1363. +
  1364. +/* SS_CTL configuration values */
  1365. +
  1366. +/* PRNG generator mode - bit 15 */
  1367. +#define SS_PRNG_ONESHOT (0 << 15)
  1368. +#define SS_PRNG_CONTINUE (1 << 15)
  1369. +
  1370. +/* IV mode for hash */
  1371. +#define SS_IV_ARBITRARY (1 << 14)
  1372. +
  1373. +/* SS operation mode - bits 12-13 */
  1374. +#define SS_ECB (0 << 12)
  1375. +#define SS_CBC (1 << 12)
  1376. +#define SS_CNT (2 << 12)
  1377. +
  1378. +/* Counter width for CNT mode - bits 10-11 */
  1379. +#define SS_CNT_16BITS (0 << 10)
  1380. +#define SS_CNT_32BITS (1 << 10)
  1381. +#define SS_CNT_64BITS (2 << 10)
  1382. +
  1383. +/* Key size for AES - bits 8-9 */
  1384. +#define SS_AES_128BITS (0 << 8)
  1385. +#define SS_AES_192BITS (1 << 8)
  1386. +#define SS_AES_256BITS (2 << 8)
  1387. +
  1388. +/* Operation direction - bit 7 */
  1389. +#define SS_ENCRYPTION (0 << 7)
  1390. +#define SS_DECRYPTION (1 << 7)
  1391. +
  1392. +/* SS Method - bits 4-6 */
  1393. +#define SS_OP_AES (0 << 4)
  1394. +#define SS_OP_DES (1 << 4)
  1395. +#define SS_OP_3DES (2 << 4)
  1396. +#define SS_OP_SHA1 (3 << 4)
  1397. +#define SS_OP_MD5 (4 << 4)
  1398. +#define SS_OP_PRNG (5 << 4)
  1399. +
  1400. +/* Data end bit - bit 2 */
  1401. +#define SS_DATA_END (1 << 2)
  1402. +
  1403. +/* PRNG start bit - bit 1 */
  1404. +#define SS_PRNG_START (1 << 1)
  1405. +
  1406. +/* SS Enable bit - bit 0 */
  1407. +#define SS_DISABLED (0 << 0)
  1408. +#define SS_ENABLED (1 << 0)
  1409. +
  1410. +/* SS_FCSR configuration values */
  1411. +/* RX FIFO status - bit 30 */
  1412. +#define SS_RXFIFO_FREE (1 << 30)
  1413. +
  1414. +/* RX FIFO empty spaces - bits 24-29 */
  1415. +#define SS_RXFIFO_SPACES(val) (((val) >> 24) & 0x3f)
  1416. +
  1417. +/* TX FIFO status - bit 22 */
  1418. +#define SS_TXFIFO_AVAILABLE (1 << 22)
  1419. +
  1420. +/* TX FIFO available spaces - bits 16-21 */
  1421. +#define SS_TXFIFO_SPACES(val) (((val) >> 16) & 0x3f)
  1422. +
  1423. +#define SS_RXFIFO_EMP_INT_PENDING (1 << 10)
  1424. +#define SS_TXFIFO_AVA_INT_PENDING (1 << 8)
  1425. +#define SS_RXFIFO_EMP_INT_ENABLE (1 << 2)
  1426. +#define SS_TXFIFO_AVA_INT_ENABLE (1 << 0)
  1427. +
  1428. +/* SS_ICSR configuration values */
  1429. +#define SS_ICS_DRQ_ENABLE (1 << 4)
  1430. +
  1431. +struct sunxi_ss_ctx {
  1432. + void __iomem *base;
  1433. + int irq;
  1434. + struct clk *busclk;
  1435. + struct clk *ssclk;
  1436. + struct device *dev;
  1437. + struct resource *res;
  1438. + void *buf_in; /* pointer to data to be uploaded to the device */
  1439. + size_t buf_in_size; /* size of buf_in */
  1440. + void *buf_out;
  1441. + size_t buf_out_size;
  1442. + struct mutex lock; /* control the use of the device */
  1443. + struct mutex bufout_lock; /* control the use of buf_out*/
  1444. + struct mutex bufin_lock; /* control the sue of buf_in*/
  1445. +};
  1446. +
  1447. +struct sunxi_tfm_ctx {
  1448. + u32 key[AES_MAX_KEY_SIZE / 4];/* divided by sizeof(u32) */
  1449. + u32 keylen;
  1450. + u32 keymode;
  1451. +};
  1452. +
  1453. +struct sunxi_req_ctx {
  1454. + u32 mode;
  1455. + u64 byte_count; /* number of bytes "uploaded" to the device */
  1456. + u32 wb; /* a partial word waiting to be completed and
  1457. + uploaded to the device */
  1458. + /* number of bytes to be uploaded in the wb word */
  1459. + unsigned int nbw;
  1460. + u32 hash[5];
  1461. + u32 wait[64];
  1462. + unsigned int nwait;
  1463. +};
  1464. +
  1465. +#define SS_SEED_LEN (192/8)
  1466. +#define SS_DATA_LEN (160/8)
  1467. +
  1468. +struct prng_context {
  1469. + u32 seed[SS_SEED_LEN/4];
  1470. + unsigned int slen;
  1471. +};
  1472. +
  1473. +int sunxi_hash_crainit(struct crypto_tfm *tfm);
  1474. +int sunxi_hash_init(struct ahash_request *areq);
  1475. +int sunxi_hash_update(struct ahash_request *areq);
  1476. +int sunxi_hash_final(struct ahash_request *areq);
  1477. +int sunxi_hash_finup(struct ahash_request *areq);
  1478. +int sunxi_hash_digest(struct ahash_request *areq);
  1479. +int sunxi_hash_export(struct ahash_request *areq, void *out);
  1480. +int sunxi_hash_import(struct ahash_request *areq, const void *in);
  1481. +
  1482. +int sunxi_ss_aes_poll(struct ablkcipher_request *areq, u32 mode);
  1483. +int sunxi_ss_des_poll(struct ablkcipher_request *areq, u32 mode);
  1484. +int sunxi_ss_cipher_init(struct crypto_tfm *tfm);
  1485. +int sunxi_ss_cipher_encrypt(struct ablkcipher_request *areq);
  1486. +int sunxi_ss_cipher_decrypt(struct ablkcipher_request *areq);
  1487. +int sunxi_ss_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
  1488. + unsigned int keylen);
  1489. +int sunxi_ss_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
  1490. + unsigned int keylen);
  1491. +int sunxi_ss_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
  1492. + unsigned int keylen);