diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-07-05 12:22:23 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-07-05 12:22:23 -0700 |
| commit | 8ad06e56dcbc1984ef0ff8f6e3c19982c5809f73 (patch) | |
| tree | 74bc746a4f18eeddfc085b76c776ddcf2c798cfa /drivers/crypto/cavium/cpt/cptvf_algs.c | |
| parent | 59005b0c59a164101b0273e4bda212c809dc2246 (diff) | |
| parent | 035f901eac4d2d0fd40f3055026355d55d46949f (diff) | |
| download | linux-8ad06e56dcbc1984ef0ff8f6e3c19982c5809f73.tar.bz2 | |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu:
"Algorithms:
- add private key generation to ecdh
Drivers:
- add generic gcm(aes) to aesni-intel
- add SafeXcel EIP197 crypto engine driver
- add ecb(aes), cfb(aes) and ecb(des3_ede) to cavium
- add support for CNN55XX adapters in cavium
- add ctr mode to chcr
- add support for gcm(aes) to omap"
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (140 commits)
crypto: testmgr - Reenable sha1/aes in FIPS mode
crypto: ccp - Release locks before returning
crypto: cavium/nitrox - dma_mapping_error() returns bool
crypto: doc - fix typo in docs
Documentation/bindings: Document the SafeXel cryptographic engine driver
crypto: caam - fix gfp allocation flags (part II)
crypto: caam - fix gfp allocation flags (part I)
crypto: drbg - Fixes panic in wait_for_completion call
crypto: caam - make of_device_ids const.
crypto: vmx - remove unnecessary check
crypto: n2 - make of_device_ids const
crypto: inside-secure - use the base_end pointer in ring rollback
crypto: inside-secure - increase the batch size
crypto: inside-secure - only dequeue when needed
crypto: inside-secure - get the backlog before dequeueing the request
crypto: inside-secure - stop requeueing failed requests
crypto: inside-secure - use one queue per hw ring
crypto: inside-secure - update the context and request later
crypto: inside-secure - align the cipher and hash send functions
crypto: inside-secure - optimize DSE bufferability control
...
Diffstat (limited to 'drivers/crypto/cavium/cpt/cptvf_algs.c')
| -rw-r--r-- | drivers/crypto/cavium/cpt/cptvf_algs.c | 234 |
1 files changed, 157 insertions, 77 deletions
diff --git a/drivers/crypto/cavium/cpt/cptvf_algs.c b/drivers/crypto/cavium/cpt/cptvf_algs.c index cc853f913d4b..1b220f3ed017 100644 --- a/drivers/crypto/cavium/cpt/cptvf_algs.c +++ b/drivers/crypto/cavium/cpt/cptvf_algs.c @@ -98,7 +98,6 @@ static inline void update_output_data(struct cpt_request_info *req_info, } static inline u32 create_ctx_hdr(struct ablkcipher_request *req, u32 enc, - u32 cipher_type, u32 aes_key_type, u32 *argcnt) { struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req); @@ -124,11 +123,11 @@ static inline u32 create_ctx_hdr(struct ablkcipher_request *req, u32 enc, req_info->req.param1 = req->nbytes; /* Encryption Data length */ req_info->req.param2 = 0; /*Auth data length */ - fctx->enc.enc_ctrl.e.enc_cipher = cipher_type; - fctx->enc.enc_ctrl.e.aes_key = aes_key_type; + fctx->enc.enc_ctrl.e.enc_cipher = ctx->cipher_type; + fctx->enc.enc_ctrl.e.aes_key = ctx->key_type; fctx->enc.enc_ctrl.e.iv_source = FROM_DPTR; - if (cipher_type == AES_XTS) + if (ctx->cipher_type == AES_XTS) memcpy(fctx->enc.encr_key, ctx->enc_key, ctx->key_len * 2); else memcpy(fctx->enc.encr_key, ctx->enc_key, ctx->key_len); @@ -154,14 +153,13 @@ static inline u32 create_ctx_hdr(struct ablkcipher_request *req, u32 enc, } static inline u32 create_input_list(struct ablkcipher_request *req, u32 enc, - u32 cipher_type, u32 aes_key_type, u32 enc_iv_len) { struct cvm_req_ctx *rctx = ablkcipher_request_ctx(req); struct cpt_request_info *req_info = &rctx->cpt_req; u32 argcnt = 0; - create_ctx_hdr(req, enc, cipher_type, aes_key_type, &argcnt); + create_ctx_hdr(req, enc, &argcnt); update_input_iv(req_info, req->info, enc_iv_len, &argcnt); update_input_data(req_info, req->src, req->nbytes, &argcnt); req_info->incnt = argcnt; @@ -177,7 +175,6 @@ static inline void store_cb_info(struct ablkcipher_request *req, } static inline void create_output_list(struct ablkcipher_request *req, - u32 cipher_type, u32 enc_iv_len) { struct cvm_req_ctx *rctx = ablkcipher_request_ctx(req); @@ -197,12 +194,9 @@ static inline void create_output_list(struct ablkcipher_request *req, req_info->outcnt = argcnt; } -static inline int cvm_enc_dec(struct ablkcipher_request *req, u32 enc, - u32 cipher_type) +static inline int cvm_enc_dec(struct ablkcipher_request *req, u32 enc) { struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req); - struct cvm_enc_ctx *ctx = crypto_ablkcipher_ctx(tfm); - u32 key_type = AES_128_BIT; struct cvm_req_ctx *rctx = ablkcipher_request_ctx(req); u32 enc_iv_len = crypto_ablkcipher_ivsize(tfm); struct fc_context *fctx = &rctx->fctx; @@ -210,36 +204,10 @@ static inline int cvm_enc_dec(struct ablkcipher_request *req, u32 enc, void *cdev = NULL; int status; - switch (ctx->key_len) { - case 16: - key_type = AES_128_BIT; - break; - case 24: - key_type = AES_192_BIT; - break; - case 32: - if (cipher_type == AES_XTS) - key_type = AES_128_BIT; - else - key_type = AES_256_BIT; - break; - case 64: - if (cipher_type == AES_XTS) - key_type = AES_256_BIT; - else - return -EINVAL; - break; - default: - return -EINVAL; - } - - if (cipher_type == DES3_CBC) - key_type = 0; - memset(req_info, 0, sizeof(struct cpt_request_info)); memset(fctx, 0, sizeof(struct fc_context)); - create_input_list(req, enc, cipher_type, key_type, enc_iv_len); - create_output_list(req, cipher_type, enc_iv_len); + create_input_list(req, enc, enc_iv_len); + create_output_list(req, enc_iv_len); store_cb_info(req, req_info); cdev = dev_handle.cdev[smp_processor_id()]; status = cptvf_do_request(cdev, req_info); @@ -254,34 +222,14 @@ static inline int cvm_enc_dec(struct ablkcipher_request *req, u32 enc, return -EINPROGRESS; } -int cvm_des3_encrypt_cbc(struct ablkcipher_request *req) +int cvm_encrypt(struct ablkcipher_request *req) { - return cvm_enc_dec(req, true, DES3_CBC); + return cvm_enc_dec(req, true); } -int cvm_des3_decrypt_cbc(struct ablkcipher_request *req) +int cvm_decrypt(struct ablkcipher_request *req) { - return cvm_enc_dec(req, false, DES3_CBC); -} - -int cvm_aes_encrypt_xts(struct ablkcipher_request *req) -{ - return cvm_enc_dec(req, true, AES_XTS); -} - -int cvm_aes_decrypt_xts(struct ablkcipher_request *req) -{ - return cvm_enc_dec(req, false, AES_XTS); -} - -int cvm_aes_encrypt_cbc(struct ablkcipher_request *req) -{ - return cvm_enc_dec(req, true, AES_CBC); -} - -int cvm_aes_decrypt_cbc(struct ablkcipher_request *req) -{ - return cvm_enc_dec(req, false, AES_CBC); + return cvm_enc_dec(req, false); } int cvm_xts_setkey(struct crypto_ablkcipher *cipher, const u8 *key, @@ -299,24 +247,93 @@ int cvm_xts_setkey(struct crypto_ablkcipher *cipher, const u8 *key, ctx->key_len = keylen; memcpy(ctx->enc_key, key1, keylen / 2); memcpy(ctx->enc_key + KEY2_OFFSET, key2, keylen / 2); + ctx->cipher_type = AES_XTS; + switch (ctx->key_len) { + case 32: + ctx->key_type = AES_128_BIT; + break; + case 64: + ctx->key_type = AES_256_BIT; + break; + default: + return -EINVAL; + } return 0; } -int cvm_enc_dec_setkey(struct crypto_ablkcipher *cipher, const u8 *key, - u32 keylen) +static int cvm_validate_keylen(struct cvm_enc_ctx *ctx, u32 keylen) +{ + if ((keylen == 16) || (keylen == 24) || (keylen == 32)) { + ctx->key_len = keylen; + switch (ctx->key_len) { + case 16: + ctx->key_type = AES_128_BIT; + break; + case 24: + ctx->key_type = AES_192_BIT; + break; + case 32: + ctx->key_type = AES_256_BIT; + break; + default: + return -EINVAL; + } + + if (ctx->cipher_type == DES3_CBC) + ctx->key_type = 0; + + return 0; + } + + return -EINVAL; +} + +static int cvm_setkey(struct crypto_ablkcipher *cipher, const u8 *key, + u32 keylen, u8 cipher_type) { struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct cvm_enc_ctx *ctx = crypto_tfm_ctx(tfm); - if ((keylen == 16) || (keylen == 24) || (keylen == 32)) { - ctx->key_len = keylen; + ctx->cipher_type = cipher_type; + if (!cvm_validate_keylen(ctx, keylen)) { memcpy(ctx->enc_key, key, keylen); return 0; + } else { + crypto_ablkcipher_set_flags(cipher, + CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; } - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); +} - return -EINVAL; +static int cvm_cbc_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, + u32 keylen) +{ + return cvm_setkey(cipher, key, keylen, AES_CBC); +} + +static int cvm_ecb_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, + u32 keylen) +{ + return cvm_setkey(cipher, key, keylen, AES_ECB); +} + +static int cvm_cfb_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, + u32 keylen) +{ + return cvm_setkey(cipher, key, keylen, AES_CFB); +} + +static int cvm_cbc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, + u32 keylen) +{ + return cvm_setkey(cipher, key, keylen, DES3_CBC); +} + +static int cvm_ecb_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, + u32 keylen) +{ + return cvm_setkey(cipher, key, keylen, DES3_ECB); } int cvm_enc_dec_init(struct crypto_tfm *tfm) @@ -349,8 +366,8 @@ struct crypto_alg algs[] = { { .min_keysize = 2 * AES_MIN_KEY_SIZE, .max_keysize = 2 * AES_MAX_KEY_SIZE, .setkey = cvm_xts_setkey, - .encrypt = cvm_aes_encrypt_xts, - .decrypt = cvm_aes_decrypt_xts, + .encrypt = cvm_encrypt, + .decrypt = cvm_decrypt, }, }, .cra_init = cvm_enc_dec_init, @@ -369,9 +386,51 @@ struct crypto_alg algs[] = { { .ivsize = AES_BLOCK_SIZE, .min_keysize = AES_MIN_KEY_SIZE, .max_keysize = AES_MAX_KEY_SIZE, - .setkey = cvm_enc_dec_setkey, - .encrypt = cvm_aes_encrypt_cbc, - .decrypt = cvm_aes_decrypt_cbc, + .setkey = cvm_cbc_aes_setkey, + .encrypt = cvm_encrypt, + .decrypt = cvm_decrypt, + }, + }, + .cra_init = cvm_enc_dec_init, + .cra_module = THIS_MODULE, +}, { + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, + .cra_blocksize = AES_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct cvm_enc_ctx), + .cra_alignmask = 7, + .cra_priority = 4001, + .cra_name = "ecb(aes)", + .cra_driver_name = "cavium-ecb-aes", + .cra_type = &crypto_ablkcipher_type, + .cra_u = { + .ablkcipher = { + .ivsize = AES_BLOCK_SIZE, + .min_keysize = AES_MIN_KEY_SIZE, + .max_keysize = AES_MAX_KEY_SIZE, + .setkey = cvm_ecb_aes_setkey, + .encrypt = cvm_encrypt, + .decrypt = cvm_decrypt, + }, + }, + .cra_init = cvm_enc_dec_init, + .cra_module = THIS_MODULE, +}, { + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, + .cra_blocksize = AES_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct cvm_enc_ctx), + .cra_alignmask = 7, + .cra_priority = 4001, + .cra_name = "cfb(aes)", + .cra_driver_name = "cavium-cfb-aes", + .cra_type = &crypto_ablkcipher_type, + .cra_u = { + .ablkcipher = { + .ivsize = AES_BLOCK_SIZE, + .min_keysize = AES_MIN_KEY_SIZE, + .max_keysize = AES_MAX_KEY_SIZE, + .setkey = cvm_cfb_aes_setkey, + .encrypt = cvm_encrypt, + .decrypt = cvm_decrypt, }, }, .cra_init = cvm_enc_dec_init, @@ -390,9 +449,30 @@ struct crypto_alg algs[] = { { .min_keysize = DES3_EDE_KEY_SIZE, .max_keysize = DES3_EDE_KEY_SIZE, .ivsize = DES_BLOCK_SIZE, - .setkey = cvm_enc_dec_setkey, - .encrypt = cvm_des3_encrypt_cbc, - .decrypt = cvm_des3_decrypt_cbc, + .setkey = cvm_cbc_des3_setkey, + .encrypt = cvm_encrypt, + .decrypt = cvm_decrypt, + }, + }, + .cra_init = cvm_enc_dec_init, + .cra_module = THIS_MODULE, +}, { + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, + .cra_blocksize = DES3_EDE_BLOCK_SIZE, + .cra_ctxsize = sizeof(struct cvm_des3_ctx), + .cra_alignmask = 7, + .cra_priority = 4001, + .cra_name = "ecb(des3_ede)", + .cra_driver_name = "cavium-ecb-des3_ede", + .cra_type = &crypto_ablkcipher_type, + .cra_u = { + .ablkcipher = { + .min_keysize = DES3_EDE_KEY_SIZE, + .max_keysize = DES3_EDE_KEY_SIZE, + .ivsize = DES_BLOCK_SIZE, + .setkey = cvm_ecb_des3_setkey, + .encrypt = cvm_encrypt, + .decrypt = cvm_decrypt, }, }, .cra_init = cvm_enc_dec_init, |