You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3521 lines
109 KiB
3521 lines
109 KiB
/* $Id: cryptocop.c,v 1.13 2005/04/21 17:27:55 henriken Exp $
|
|
*
|
|
* Stream co-processor driver for the ETRAX FS
|
|
*
|
|
* Copyright (C) 2003-2005 Axis Communications AB
|
|
*/
|
|
|
|
#include <linux/init.h>
|
|
#include <linux/sched.h>
|
|
#include <linux/module.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/string.h>
|
|
#include <linux/fs.h>
|
|
#include <linux/mm.h>
|
|
#include <linux/spinlock.h>
|
|
#include <linux/stddef.h>
|
|
|
|
#include <asm/uaccess.h>
|
|
#include <asm/io.h>
|
|
#include <asm/atomic.h>
|
|
|
|
#include <linux/list.h>
|
|
#include <linux/interrupt.h>
|
|
|
|
#include <asm/signal.h>
|
|
#include <asm/irq.h>
|
|
|
|
#include <asm/arch/dma.h>
|
|
#include <asm/arch/hwregs/dma.h>
|
|
#include <asm/arch/hwregs/reg_map.h>
|
|
#include <asm/arch/hwregs/reg_rdwr.h>
|
|
#include <asm/arch/hwregs/intr_vect_defs.h>
|
|
|
|
#include <asm/arch/hwregs/strcop.h>
|
|
#include <asm/arch/hwregs/strcop_defs.h>
|
|
#include <asm/arch/cryptocop.h>
|
|
|
|
|
|
|
|
#define DESCR_ALLOC_PAD (31)
|
|
|
|
struct cryptocop_dma_desc {
|
|
char *free_buf; /* If non-null will be kfreed in free_cdesc() */
|
|
dma_descr_data *dma_descr;
|
|
|
|
unsigned char dma_descr_buf[sizeof(dma_descr_data) + DESCR_ALLOC_PAD];
|
|
|
|
unsigned int from_pool:1; /* If 1 'allocated' from the descriptor pool. */
|
|
struct cryptocop_dma_desc *next;
|
|
};
|
|
|
|
|
|
struct cryptocop_int_operation{
|
|
void *alloc_ptr;
|
|
cryptocop_session_id sid;
|
|
|
|
dma_descr_context ctx_out;
|
|
dma_descr_context ctx_in;
|
|
|
|
/* DMA descriptors allocated by driver. */
|
|
struct cryptocop_dma_desc *cdesc_out;
|
|
struct cryptocop_dma_desc *cdesc_in;
|
|
|
|
/* Strcop config to use. */
|
|
cryptocop_3des_mode tdes_mode;
|
|
cryptocop_csum_type csum_mode;
|
|
|
|
/* DMA descrs provided by consumer. */
|
|
dma_descr_data *ddesc_out;
|
|
dma_descr_data *ddesc_in;
|
|
};
|
|
|
|
|
|
struct cryptocop_tfrm_ctx {
|
|
cryptocop_tfrm_id tid;
|
|
unsigned int blocklength;
|
|
|
|
unsigned int start_ix;
|
|
|
|
struct cryptocop_tfrm_cfg *tcfg;
|
|
struct cryptocop_transform_ctx *tctx;
|
|
|
|
unsigned char previous_src;
|
|
unsigned char current_src;
|
|
|
|
/* Values to use in metadata out. */
|
|
unsigned char hash_conf;
|
|
unsigned char hash_mode;
|
|
unsigned char ciph_conf;
|
|
unsigned char cbcmode;
|
|
unsigned char decrypt;
|
|
|
|
unsigned int requires_padding:1;
|
|
unsigned int strict_block_length:1;
|
|
unsigned int active:1;
|
|
unsigned int done:1;
|
|
size_t consumed;
|
|
size_t produced;
|
|
|
|
/* Pad (input) descriptors to put in the DMA out list when the transform
|
|
* output is put on the DMA in list. */
|
|
struct cryptocop_dma_desc *pad_descs;
|
|
|
|
struct cryptocop_tfrm_ctx *prev_src;
|
|
struct cryptocop_tfrm_ctx *curr_src;
|
|
|
|
/* Mapping to HW. */
|
|
unsigned char unit_no;
|
|
};
|
|
|
|
|
|
struct cryptocop_private{
|
|
cryptocop_session_id sid;
|
|
struct cryptocop_private *next;
|
|
};
|
|
|
|
/* Session list. */
|
|
|
|
struct cryptocop_transform_ctx{
|
|
struct cryptocop_transform_init init;
|
|
unsigned char dec_key[CRYPTOCOP_MAX_KEY_LENGTH];
|
|
unsigned int dec_key_set:1;
|
|
|
|
struct cryptocop_transform_ctx *next;
|
|
};
|
|
|
|
|
|
struct cryptocop_session{
|
|
cryptocop_session_id sid;
|
|
|
|
struct cryptocop_transform_ctx *tfrm_ctx;
|
|
|
|
struct cryptocop_session *next;
|
|
};
|
|
|
|
/* Priority levels for jobs sent to the cryptocop. Checksum operations from
|
|
kernel have highest priority since TCPIP stack processing must not
|
|
be a bottleneck. */
|
|
typedef enum {
|
|
cryptocop_prio_kernel_csum = 0,
|
|
cryptocop_prio_kernel = 1,
|
|
cryptocop_prio_user = 2,
|
|
cryptocop_prio_no_prios = 3
|
|
} cryptocop_queue_priority;
|
|
|
|
struct cryptocop_prio_queue{
|
|
struct list_head jobs;
|
|
cryptocop_queue_priority prio;
|
|
};
|
|
|
|
struct cryptocop_prio_job{
|
|
struct list_head node;
|
|
cryptocop_queue_priority prio;
|
|
|
|
struct cryptocop_operation *oper;
|
|
struct cryptocop_int_operation *iop;
|
|
};
|
|
|
|
struct ioctl_job_cb_ctx {
|
|
unsigned int processed:1;
|
|
};
|
|
|
|
|
|
static struct cryptocop_session *cryptocop_sessions = NULL;
|
|
spinlock_t cryptocop_sessions_lock;
|
|
|
|
/* Next Session ID to assign. */
|
|
static cryptocop_session_id next_sid = 1;
|
|
|
|
/* Pad for checksum. */
|
|
static const char csum_zero_pad[1] = {0x00};
|
|
|
|
/* Trash buffer for mem2mem operations. */
|
|
#define MEM2MEM_DISCARD_BUF_LENGTH (512)
|
|
static unsigned char mem2mem_discard_buf[MEM2MEM_DISCARD_BUF_LENGTH];
|
|
|
|
/* Descriptor pool. */
|
|
/* FIXME Tweak this value. */
|
|
#define CRYPTOCOP_DESCRIPTOR_POOL_SIZE (100)
|
|
static struct cryptocop_dma_desc descr_pool[CRYPTOCOP_DESCRIPTOR_POOL_SIZE];
|
|
static struct cryptocop_dma_desc *descr_pool_free_list;
|
|
static int descr_pool_no_free;
|
|
static spinlock_t descr_pool_lock;
|
|
|
|
/* Lock to stop cryptocop to start processing of a new operation. The holder
|
|
of this lock MUST call cryptocop_start_job() after it is unlocked. */
|
|
spinlock_t cryptocop_process_lock;
|
|
|
|
static struct cryptocop_prio_queue cryptocop_job_queues[cryptocop_prio_no_prios];
|
|
static spinlock_t cryptocop_job_queue_lock;
|
|
static struct cryptocop_prio_job *cryptocop_running_job = NULL;
|
|
static spinlock_t running_job_lock;
|
|
|
|
/* The interrupt handler appends completed jobs to this list. The scehduled
|
|
* tasklet removes them upon sending the response to the crypto consumer. */
|
|
static struct list_head cryptocop_completed_jobs;
|
|
static spinlock_t cryptocop_completed_jobs_lock;
|
|
|
|
DECLARE_WAIT_QUEUE_HEAD(cryptocop_ioc_process_wq);
|
|
|
|
|
|
/** Local functions. **/
|
|
|
|
static int cryptocop_open(struct inode *, struct file *);
|
|
|
|
static int cryptocop_release(struct inode *, struct file *);
|
|
|
|
static int cryptocop_ioctl(struct inode *inode, struct file *file,
|
|
unsigned int cmd, unsigned long arg);
|
|
|
|
static void cryptocop_start_job(void);
|
|
|
|
static int cryptocop_job_queue_insert(cryptocop_queue_priority prio, struct cryptocop_operation *operation);
|
|
static int cryptocop_job_setup(struct cryptocop_prio_job **pj, struct cryptocop_operation *operation);
|
|
|
|
static int cryptocop_job_queue_init(void);
|
|
static void cryptocop_job_queue_close(void);
|
|
|
|
static int create_md5_pad(int alloc_flag, unsigned long long hashed_length, char **pad, size_t *pad_length);
|
|
|
|
static int create_sha1_pad(int alloc_flag, unsigned long long hashed_length, char **pad, size_t *pad_length);
|
|
|
|
static int transform_ok(struct cryptocop_transform_init *tinit);
|
|
|
|
static struct cryptocop_session *get_session(cryptocop_session_id sid);
|
|
|
|
static struct cryptocop_transform_ctx *get_transform_ctx(struct cryptocop_session *sess, cryptocop_tfrm_id tid);
|
|
|
|
static void delete_internal_operation(struct cryptocop_int_operation *iop);
|
|
|
|
static void get_aes_decrypt_key(unsigned char *dec_key, const unsigned char *key, unsigned int keylength);
|
|
|
|
static int init_stream_coprocessor(void);
|
|
|
|
static void __exit exit_stream_coprocessor(void);
|
|
|
|
/*#define LDEBUG*/
|
|
#ifdef LDEBUG
|
|
#define DEBUG(s) s
|
|
#define DEBUG_API(s) s
|
|
static void print_cryptocop_operation(struct cryptocop_operation *cop);
|
|
static void print_dma_descriptors(struct cryptocop_int_operation *iop);
|
|
static void print_strcop_crypto_op(struct strcop_crypto_op *cop);
|
|
static void print_lock_status(void);
|
|
static void print_user_dma_lists(struct cryptocop_dma_list_operation *dma_op);
|
|
#define assert(s) do{if (!(s)) panic(#s);} while(0);
|
|
#else
|
|
#define DEBUG(s)
|
|
#define DEBUG_API(s)
|
|
#define assert(s)
|
|
#endif
|
|
|
|
|
|
/* Transform constants. */
|
|
#define DES_BLOCK_LENGTH (8)
|
|
#define AES_BLOCK_LENGTH (16)
|
|
#define MD5_BLOCK_LENGTH (64)
|
|
#define SHA1_BLOCK_LENGTH (64)
|
|
#define CSUM_BLOCK_LENGTH (2)
|
|
#define MD5_STATE_LENGTH (16)
|
|
#define SHA1_STATE_LENGTH (20)
|
|
|
|
/* The device number. */
|
|
#define CRYPTOCOP_MAJOR (254)
|
|
#define CRYPTOCOP_MINOR (0)
|
|
|
|
|
|
|
|
const struct file_operations cryptocop_fops = {
|
|
.owner = THIS_MODULE,
|
|
.open = cryptocop_open,
|
|
.release = cryptocop_release,
|
|
.ioctl = cryptocop_ioctl
|
|
};
|
|
|
|
|
|
static void free_cdesc(struct cryptocop_dma_desc *cdesc)
|
|
{
|
|
DEBUG(printk("free_cdesc: cdesc 0x%p, from_pool=%d\n", cdesc, cdesc->from_pool));
|
|
kfree(cdesc->free_buf);
|
|
|
|
if (cdesc->from_pool) {
|
|
unsigned long int flags;
|
|
spin_lock_irqsave(&descr_pool_lock, flags);
|
|
cdesc->next = descr_pool_free_list;
|
|
descr_pool_free_list = cdesc;
|
|
++descr_pool_no_free;
|
|
spin_unlock_irqrestore(&descr_pool_lock, flags);
|
|
} else {
|
|
kfree(cdesc);
|
|
}
|
|
}
|
|
|
|
|
|
static struct cryptocop_dma_desc *alloc_cdesc(int alloc_flag)
|
|
{
|
|
int use_pool = (alloc_flag & GFP_ATOMIC) ? 1 : 0;
|
|
struct cryptocop_dma_desc *cdesc;
|
|
|
|
if (use_pool) {
|
|
unsigned long int flags;
|
|
spin_lock_irqsave(&descr_pool_lock, flags);
|
|
if (!descr_pool_free_list) {
|
|
spin_unlock_irqrestore(&descr_pool_lock, flags);
|
|
DEBUG_API(printk("alloc_cdesc: pool is empty\n"));
|
|
return NULL;
|
|
}
|
|
cdesc = descr_pool_free_list;
|
|
descr_pool_free_list = descr_pool_free_list->next;
|
|
--descr_pool_no_free;
|
|
spin_unlock_irqrestore(&descr_pool_lock, flags);
|
|
cdesc->from_pool = 1;
|
|
} else {
|
|
cdesc = kmalloc(sizeof(struct cryptocop_dma_desc), alloc_flag);
|
|
if (!cdesc) {
|
|
DEBUG_API(printk("alloc_cdesc: kmalloc\n"));
|
|
return NULL;
|
|
}
|
|
cdesc->from_pool = 0;
|
|
}
|
|
cdesc->dma_descr = (dma_descr_data*)(((unsigned long int)cdesc + offsetof(struct cryptocop_dma_desc, dma_descr_buf) + DESCR_ALLOC_PAD) & ~0x0000001F);
|
|
|
|
cdesc->next = NULL;
|
|
|
|
cdesc->free_buf = NULL;
|
|
cdesc->dma_descr->out_eop = 0;
|
|
cdesc->dma_descr->in_eop = 0;
|
|
cdesc->dma_descr->intr = 0;
|
|
cdesc->dma_descr->eol = 0;
|
|
cdesc->dma_descr->wait = 0;
|
|
cdesc->dma_descr->buf = NULL;
|
|
cdesc->dma_descr->after = NULL;
|
|
|
|
DEBUG_API(printk("alloc_cdesc: return 0x%p, cdesc->dma_descr=0x%p, from_pool=%d\n", cdesc, cdesc->dma_descr, cdesc->from_pool));
|
|
return cdesc;
|
|
}
|
|
|
|
|
|
static void setup_descr_chain(struct cryptocop_dma_desc *cd)
|
|
{
|
|
DEBUG(printk("setup_descr_chain: entering\n"));
|
|
while (cd) {
|
|
if (cd->next) {
|
|
cd->dma_descr->next = (dma_descr_data*)virt_to_phys(cd->next->dma_descr);
|
|
} else {
|
|
cd->dma_descr->next = NULL;
|
|
}
|
|
cd = cd->next;
|
|
}
|
|
DEBUG(printk("setup_descr_chain: exit\n"));
|
|
}
|
|
|
|
|
|
/* Create a pad descriptor for the transform.
|
|
* Return -1 for error, 0 if pad created. */
|
|
static int create_pad_descriptor(struct cryptocop_tfrm_ctx *tc, struct cryptocop_dma_desc **pad_desc, int alloc_flag)
|
|
{
|
|
struct cryptocop_dma_desc *cdesc = NULL;
|
|
int error = 0;
|
|
struct strcop_meta_out mo = {
|
|
.ciphsel = src_none,
|
|
.hashsel = src_none,
|
|
.csumsel = src_none
|
|
};
|
|
char *pad;
|
|
size_t plen;
|
|
|
|
DEBUG(printk("create_pad_descriptor: start.\n"));
|
|
/* Setup pad descriptor. */
|
|
|
|
DEBUG(printk("create_pad_descriptor: setting up padding.\n"));
|
|
cdesc = alloc_cdesc(alloc_flag);
|
|
if (!cdesc){
|
|
DEBUG_API(printk("create_pad_descriptor: alloc pad desc\n"));
|
|
goto error_cleanup;
|
|
}
|
|
switch (tc->unit_no) {
|
|
case src_md5:
|
|
error = create_md5_pad(alloc_flag, tc->consumed, &pad, &plen);
|
|
if (error){
|
|
DEBUG_API(printk("create_pad_descriptor: create_md5_pad_failed\n"));
|
|
goto error_cleanup;
|
|
}
|
|
cdesc->free_buf = pad;
|
|
mo.hashsel = src_dma;
|
|
mo.hashconf = tc->hash_conf;
|
|
mo.hashmode = tc->hash_mode;
|
|
break;
|
|
case src_sha1:
|
|
error = create_sha1_pad(alloc_flag, tc->consumed, &pad, &plen);
|
|
if (error){
|
|
DEBUG_API(printk("create_pad_descriptor: create_sha1_pad_failed\n"));
|
|
goto error_cleanup;
|
|
}
|
|
cdesc->free_buf = pad;
|
|
mo.hashsel = src_dma;
|
|
mo.hashconf = tc->hash_conf;
|
|
mo.hashmode = tc->hash_mode;
|
|
break;
|
|
case src_csum:
|
|
if (tc->consumed % tc->blocklength){
|
|
pad = (char*)csum_zero_pad;
|
|
plen = 1;
|
|
} else {
|
|
pad = (char*)cdesc; /* Use any pointer. */
|
|
plen = 0;
|
|
}
|
|
mo.csumsel = src_dma;
|
|
break;
|
|
}
|
|
cdesc->dma_descr->wait = 1;
|
|
cdesc->dma_descr->out_eop = 1; /* Since this is a pad output is pushed. EOP is ok here since the padded unit is the only one active. */
|
|
cdesc->dma_descr->buf = (char*)virt_to_phys((char*)pad);
|
|
cdesc->dma_descr->after = cdesc->dma_descr->buf + plen;
|
|
|
|
cdesc->dma_descr->md = REG_TYPE_CONV(unsigned short int, struct strcop_meta_out, mo);
|
|
*pad_desc = cdesc;
|
|
|
|
return 0;
|
|
|
|
error_cleanup:
|
|
if (cdesc) free_cdesc(cdesc);
|
|
return -1;
|
|
}
|
|
|
|
|
|
static int setup_key_dl_desc(struct cryptocop_tfrm_ctx *tc, struct cryptocop_dma_desc **kd, int alloc_flag)
|
|
{
|
|
struct cryptocop_dma_desc *key_desc = alloc_cdesc(alloc_flag);
|
|
struct strcop_meta_out mo = {0};
|
|
|
|
DEBUG(printk("setup_key_dl_desc\n"));
|
|
|
|
if (!key_desc) {
|
|
DEBUG_API(printk("setup_key_dl_desc: failed descriptor allocation.\n"));
|
|
return -ENOMEM;
|
|
}
|
|
|
|
/* Download key. */
|
|
if ((tc->tctx->init.alg == cryptocop_alg_aes) && (tc->tcfg->flags & CRYPTOCOP_DECRYPT)) {
|
|
/* Precook the AES decrypt key. */
|
|
if (!tc->tctx->dec_key_set){
|
|
get_aes_decrypt_key(tc->tctx->dec_key, tc->tctx->init.key, tc->tctx->init.keylen);
|
|
tc->tctx->dec_key_set = 1;
|
|
}
|
|
key_desc->dma_descr->buf = (char*)virt_to_phys(tc->tctx->dec_key);
|
|
key_desc->dma_descr->after = key_desc->dma_descr->buf + tc->tctx->init.keylen/8;
|
|
} else {
|
|
key_desc->dma_descr->buf = (char*)virt_to_phys(tc->tctx->init.key);
|
|
key_desc->dma_descr->after = key_desc->dma_descr->buf + tc->tctx->init.keylen/8;
|
|
}
|
|
/* Setup metadata. */
|
|
mo.dlkey = 1;
|
|
switch (tc->tctx->init.keylen) {
|
|
case 64:
|
|
mo.decrypt = 0;
|
|
mo.hashmode = 0;
|
|
break;
|
|
case 128:
|
|
mo.decrypt = 0;
|
|
mo.hashmode = 1;
|
|
break;
|
|
case 192:
|
|
mo.decrypt = 1;
|
|
mo.hashmode = 0;
|
|
break;
|
|
case 256:
|
|
mo.decrypt = 1;
|
|
mo.hashmode = 1;
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
mo.ciphsel = mo.hashsel = mo.csumsel = src_none;
|
|
key_desc->dma_descr->md = REG_TYPE_CONV(unsigned short int, struct strcop_meta_out, mo);
|
|
|
|
key_desc->dma_descr->out_eop = 1;
|
|
key_desc->dma_descr->wait = 1;
|
|
key_desc->dma_descr->intr = 0;
|
|
|
|
*kd = key_desc;
|
|
return 0;
|
|
}
|
|
|
|
static int setup_cipher_iv_desc(struct cryptocop_tfrm_ctx *tc, struct cryptocop_dma_desc **id, int alloc_flag)
|
|
{
|
|
struct cryptocop_dma_desc *iv_desc = alloc_cdesc(alloc_flag);
|
|
struct strcop_meta_out mo = {0};
|
|
|
|
DEBUG(printk("setup_cipher_iv_desc\n"));
|
|
|
|
if (!iv_desc) {
|
|
DEBUG_API(printk("setup_cipher_iv_desc: failed CBC IV descriptor allocation.\n"));
|
|
return -ENOMEM;
|
|
}
|
|
/* Download IV. */
|
|
iv_desc->dma_descr->buf = (char*)virt_to_phys(tc->tcfg->iv);
|
|
iv_desc->dma_descr->after = iv_desc->dma_descr->buf + tc->blocklength;
|
|
|
|
/* Setup metadata. */
|
|
mo.hashsel = mo.csumsel = src_none;
|
|
mo.ciphsel = src_dma;
|
|
mo.ciphconf = tc->ciph_conf;
|
|
mo.cbcmode = tc->cbcmode;
|
|
|
|
iv_desc->dma_descr->md = REG_TYPE_CONV(unsigned short int, struct strcop_meta_out, mo);
|
|
|
|
iv_desc->dma_descr->out_eop = 0;
|
|
iv_desc->dma_descr->wait = 1;
|
|
iv_desc->dma_descr->intr = 0;
|
|
|
|
*id = iv_desc;
|
|
return 0;
|
|
}
|
|
|
|
/* Map the ouput length of the transform to operation output starting on the inject index. */
|
|
static int create_input_descriptors(struct cryptocop_operation *operation, struct cryptocop_tfrm_ctx *tc, struct cryptocop_dma_desc **id, int alloc_flag)
|
|
{
|
|
int err = 0;
|
|
struct cryptocop_dma_desc head = {0};
|
|
struct cryptocop_dma_desc *outdesc = &head;
|
|
size_t iov_offset = 0;
|
|
size_t out_ix = 0;
|
|
int outiov_ix = 0;
|
|
struct strcop_meta_in mi = {0};
|
|
|
|
size_t out_length = tc->produced;
|
|
int rem_length;
|
|
int dlength;
|
|
|
|
assert(out_length != 0);
|
|
if (((tc->produced + tc->tcfg->inject_ix) > operation->tfrm_op.outlen) || (tc->produced && (operation->tfrm_op.outlen == 0))) {
|
|
DEBUG_API(printk("create_input_descriptors: operation outdata too small\n"));
|
|
return -EINVAL;
|
|
}
|
|
/* Traverse the out iovec until the result inject index is reached. */
|
|
while ((outiov_ix < operation->tfrm_op.outcount) && ((out_ix + operation->tfrm_op.outdata[outiov_ix].iov_len) <= tc->tcfg->inject_ix)){
|
|
out_ix += operation->tfrm_op.outdata[outiov_ix].iov_len;
|
|
outiov_ix++;
|
|
}
|
|
if (outiov_ix >= operation->tfrm_op.outcount){
|
|
DEBUG_API(printk("create_input_descriptors: operation outdata too small\n"));
|
|
return -EINVAL;
|
|
}
|
|
iov_offset = tc->tcfg->inject_ix - out_ix;
|
|
mi.dmasel = tc->unit_no;
|
|
|
|
/* Setup the output descriptors. */
|
|
while ((out_length > 0) && (outiov_ix < operation->tfrm_op.outcount)) {
|
|
outdesc->next = alloc_cdesc(alloc_flag);
|
|
if (!outdesc->next) {
|
|
DEBUG_API(printk("create_input_descriptors: alloc_cdesc\n"));
|
|
err = -ENOMEM;
|
|
goto error_cleanup;
|
|
}
|
|
outdesc = outdesc->next;
|
|
rem_length = operation->tfrm_op.outdata[outiov_ix].iov_len - iov_offset;
|
|
dlength = (out_length < rem_length) ? out_length : rem_length;
|
|
|
|
DEBUG(printk("create_input_descriptors:\n"
|
|
"outiov_ix=%d, rem_length=%d, dlength=%d\n"
|
|
"iov_offset=%d, outdata[outiov_ix].iov_len=%d\n"
|
|
"outcount=%d, outiov_ix=%d\n",
|
|
outiov_ix, rem_length, dlength, iov_offset, operation->tfrm_op.outdata[outiov_ix].iov_len, operation->tfrm_op.outcount, outiov_ix));
|
|
|
|
outdesc->dma_descr->buf = (char*)virt_to_phys(operation->tfrm_op.outdata[outiov_ix].iov_base + iov_offset);
|
|
outdesc->dma_descr->after = outdesc->dma_descr->buf + dlength;
|
|
outdesc->dma_descr->md = REG_TYPE_CONV(unsigned short int, struct strcop_meta_in, mi);
|
|
|
|
out_length -= dlength;
|
|
iov_offset += dlength;
|
|
if (iov_offset >= operation->tfrm_op.outdata[outiov_ix].iov_len) {
|
|
iov_offset = 0;
|
|
++outiov_ix;
|
|
}
|
|
}
|
|
if (out_length > 0){
|
|
DEBUG_API(printk("create_input_descriptors: not enough room for output, %d remained\n", out_length));
|
|
err = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
/* Set sync in last descriptor. */
|
|
mi.sync = 1;
|
|
outdesc->dma_descr->md = REG_TYPE_CONV(unsigned short int, struct strcop_meta_in, mi);
|
|
|
|
*id = head.next;
|
|
return 0;
|
|
|
|
error_cleanup:
|
|
while (head.next) {
|
|
outdesc = head.next->next;
|
|
free_cdesc(head.next);
|
|
head.next = outdesc;
|
|
}
|
|
return err;
|
|
}
|
|
|
|
|
|
static int create_output_descriptors(struct cryptocop_operation *operation, int *iniov_ix, int *iniov_offset, size_t desc_len, struct cryptocop_dma_desc **current_out_cdesc, struct strcop_meta_out *meta_out, int alloc_flag)
|
|
{
|
|
while (desc_len != 0) {
|
|
struct cryptocop_dma_desc *cdesc;
|
|
int rem_length = operation->tfrm_op.indata[*iniov_ix].iov_len - *iniov_offset;
|
|
int dlength = (desc_len < rem_length) ? desc_len : rem_length;
|
|
|
|
cdesc = alloc_cdesc(alloc_flag);
|
|
if (!cdesc) {
|
|
DEBUG_API(printk("create_output_descriptors: alloc_cdesc\n"));
|
|
return -ENOMEM;
|
|
}
|
|
(*current_out_cdesc)->next = cdesc;
|
|
(*current_out_cdesc) = cdesc;
|
|
|
|
cdesc->free_buf = NULL;
|
|
|
|
cdesc->dma_descr->buf = (char*)virt_to_phys(operation->tfrm_op.indata[*iniov_ix].iov_base + *iniov_offset);
|
|
cdesc->dma_descr->after = cdesc->dma_descr->buf + dlength;
|
|
|
|
desc_len -= dlength;
|
|
*iniov_offset += dlength;
|
|
assert(desc_len >= 0);
|
|
if (*iniov_offset >= operation->tfrm_op.indata[*iniov_ix].iov_len) {
|
|
*iniov_offset = 0;
|
|
++(*iniov_ix);
|
|
if (*iniov_ix > operation->tfrm_op.incount) {
|
|
DEBUG_API(printk("create_output_descriptors: not enough indata in operation."));
|
|
return -EINVAL;
|
|
}
|
|
}
|
|
cdesc->dma_descr->md = REG_TYPE_CONV(unsigned short int, struct strcop_meta_out, (*meta_out));
|
|
} /* while (desc_len != 0) */
|
|
/* Last DMA descriptor gets a 'wait' bit to signal expected change in metadata. */
|
|
(*current_out_cdesc)->dma_descr->wait = 1; /* This will set extraneous WAIT in some situations, e.g. when padding hashes and checksums. */
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
static int append_input_descriptors(struct cryptocop_operation *operation, struct cryptocop_dma_desc **current_in_cdesc, struct cryptocop_dma_desc **current_out_cdesc, struct cryptocop_tfrm_ctx *tc, int alloc_flag)
|
|
{
|
|
DEBUG(printk("append_input_descriptors, tc=0x%p, unit_no=%d\n", tc, tc->unit_no));
|
|
if (tc->tcfg) {
|
|
int failed = 0;
|
|
struct cryptocop_dma_desc *idescs = NULL;
|
|
DEBUG(printk("append_input_descriptors: pushing output, consumed %d produced %d bytes.\n", tc->consumed, tc->produced));
|
|
if (tc->pad_descs) {
|
|
DEBUG(printk("append_input_descriptors: append pad descriptors to DMA out list.\n"));
|
|
while (tc->pad_descs) {
|
|
DEBUG(printk("append descriptor 0x%p\n", tc->pad_descs));
|
|
(*current_out_cdesc)->next = tc->pad_descs;
|
|
tc->pad_descs = tc->pad_descs->next;
|
|
(*current_out_cdesc) = (*current_out_cdesc)->next;
|
|
}
|
|
}
|
|
|
|
/* Setup and append output descriptors to DMA in list. */
|
|
if (tc->unit_no == src_dma){
|
|
/* mem2mem. Setup DMA in descriptors to discard all input prior to the requested mem2mem data. */
|
|
struct strcop_meta_in mi = {.sync = 0, .dmasel = src_dma};
|
|
unsigned int start_ix = tc->start_ix;
|
|
while (start_ix){
|
|
unsigned int desclen = start_ix < MEM2MEM_DISCARD_BUF_LENGTH ? start_ix : MEM2MEM_DISCARD_BUF_LENGTH;
|
|
(*current_in_cdesc)->next = alloc_cdesc(alloc_flag);
|
|
if (!(*current_in_cdesc)->next){
|
|
DEBUG_API(printk("append_input_descriptors: alloc_cdesc mem2mem discard failed\n"));
|
|
return -ENOMEM;
|
|
}
|
|
(*current_in_cdesc) = (*current_in_cdesc)->next;
|
|
(*current_in_cdesc)->dma_descr->buf = (char*)virt_to_phys(mem2mem_discard_buf);
|
|
(*current_in_cdesc)->dma_descr->after = (*current_in_cdesc)->dma_descr->buf + desclen;
|
|
(*current_in_cdesc)->dma_descr->md = REG_TYPE_CONV(unsigned short int, struct strcop_meta_in, mi);
|
|
start_ix -= desclen;
|
|
}
|
|
mi.sync = 1;
|
|
(*current_in_cdesc)->dma_descr->md = REG_TYPE_CONV(unsigned short int, struct strcop_meta_in, mi);
|
|
}
|
|
|
|
failed = create_input_descriptors(operation, tc, &idescs, alloc_flag);
|
|
if (failed){
|
|
DEBUG_API(printk("append_input_descriptors: output descriptor setup failed\n"));
|
|
return failed;
|
|
}
|
|
DEBUG(printk("append_input_descriptors: append output descriptors to DMA in list.\n"));
|
|
while (idescs) {
|
|
DEBUG(printk("append descriptor 0x%p\n", idescs));
|
|
(*current_in_cdesc)->next = idescs;
|
|
idescs = idescs->next;
|
|
(*current_in_cdesc) = (*current_in_cdesc)->next;
|
|
}
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
|
|
|
|
static int cryptocop_setup_dma_list(struct cryptocop_operation *operation, struct cryptocop_int_operation **int_op, int alloc_flag)
|
|
{
|
|
struct cryptocop_session *sess;
|
|
struct cryptocop_transform_ctx *tctx;
|
|
|
|
struct cryptocop_tfrm_ctx digest_ctx = {
|
|
.previous_src = src_none,
|
|
.current_src = src_none,
|
|
.start_ix = 0,
|
|
.requires_padding = 1,
|
|
.strict_block_length = 0,
|
|
.hash_conf = 0,
|
|
.hash_mode = 0,
|
|
.ciph_conf = 0,
|
|
.cbcmode = 0,
|
|
.decrypt = 0,
|
|
.consumed = 0,
|
|
.produced = 0,
|
|
.pad_descs = NULL,
|
|
.active = 0,
|
|
.done = 0,
|
|
.prev_src = NULL,
|
|
.curr_src = NULL,
|
|
.tcfg = NULL};
|
|
struct cryptocop_tfrm_ctx cipher_ctx = {
|
|
.previous_src = src_none,
|
|
.current_src = src_none,
|
|
.start_ix = 0,
|
|
.requires_padding = 0,
|
|
.strict_block_length = 1,
|
|
.hash_conf = 0,
|
|
.hash_mode = 0,
|
|
.ciph_conf = 0,
|
|
.cbcmode = 0,
|
|
.decrypt = 0,
|
|
.consumed = 0,
|
|
.produced = 0,
|
|
.pad_descs = NULL,
|
|
.active = 0,
|
|
.done = 0,
|
|
.prev_src = NULL,
|
|
.curr_src = NULL,
|
|
.tcfg = NULL};
|
|
struct cryptocop_tfrm_ctx csum_ctx = {
|
|
.previous_src = src_none,
|
|
.current_src = src_none,
|
|
.start_ix = 0,
|
|
.blocklength = 2,
|
|
.requires_padding = 1,
|
|
.strict_block_length = 0,
|
|
.hash_conf = 0,
|
|
.hash_mode = 0,
|
|
.ciph_conf = 0,
|
|
.cbcmode = 0,
|
|
.decrypt = 0,
|
|
.consumed = 0,
|
|
.produced = 0,
|
|
.pad_descs = NULL,
|
|
.active = 0,
|
|
.done = 0,
|
|
.tcfg = NULL,
|
|
.prev_src = NULL,
|
|
.curr_src = NULL,
|
|
.unit_no = src_csum};
|
|
struct cryptocop_tfrm_cfg *tcfg = operation->tfrm_op.tfrm_cfg;
|
|
|
|
unsigned int indata_ix = 0;
|
|
|
|
/* iovec accounting. */
|
|
int iniov_ix = 0;
|
|
int iniov_offset = 0;
|
|
|
|
/* Operation descriptor cfg traversal pointer. */
|
|
struct cryptocop_desc *odsc;
|
|
|
|
int failed = 0;
|
|
/* List heads for allocated descriptors. */
|
|
struct cryptocop_dma_desc out_cdesc_head = {0};
|
|
struct cryptocop_dma_desc in_cdesc_head = {0};
|
|
|
|
struct cryptocop_dma_desc *current_out_cdesc = &out_cdesc_head;
|
|
struct cryptocop_dma_desc *current_in_cdesc = &in_cdesc_head;
|
|
|
|
struct cryptocop_tfrm_ctx *output_tc = NULL;
|
|
void *iop_alloc_ptr;
|
|
|
|
assert(operation != NULL);
|
|
assert(int_op != NULL);
|
|
|
|
DEBUG(printk("cryptocop_setup_dma_list: start\n"));
|
|
DEBUG(print_cryptocop_operation(operation));
|
|
|
|
sess = get_session(operation->sid);
|
|
if (!sess) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: no session found for operation.\n"));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
iop_alloc_ptr = kmalloc(DESCR_ALLOC_PAD + sizeof(struct cryptocop_int_operation), alloc_flag);
|
|
if (!iop_alloc_ptr) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: kmalloc cryptocop_int_operation\n"));
|
|
failed = -ENOMEM;
|
|
goto error_cleanup;
|
|
}
|
|
(*int_op) = (struct cryptocop_int_operation*)(((unsigned long int)(iop_alloc_ptr + DESCR_ALLOC_PAD + offsetof(struct cryptocop_int_operation, ctx_out)) & ~0x0000001F) - offsetof(struct cryptocop_int_operation, ctx_out));
|
|
DEBUG(memset((*int_op), 0xff, sizeof(struct cryptocop_int_operation)));
|
|
(*int_op)->alloc_ptr = iop_alloc_ptr;
|
|
DEBUG(printk("cryptocop_setup_dma_list: *int_op=0x%p, alloc_ptr=0x%p\n", *int_op, (*int_op)->alloc_ptr));
|
|
|
|
(*int_op)->sid = operation->sid;
|
|
(*int_op)->cdesc_out = NULL;
|
|
(*int_op)->cdesc_in = NULL;
|
|
(*int_op)->tdes_mode = cryptocop_3des_ede;
|
|
(*int_op)->csum_mode = cryptocop_csum_le;
|
|
(*int_op)->ddesc_out = NULL;
|
|
(*int_op)->ddesc_in = NULL;
|
|
|
|
/* Scan operation->tfrm_op.tfrm_cfg for bad configuration and set up the local contexts. */
|
|
if (!tcfg) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: no configured transforms in operation.\n"));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
while (tcfg) {
|
|
tctx = get_transform_ctx(sess, tcfg->tid);
|
|
if (!tctx) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: no transform id %d in session.\n", tcfg->tid));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
if (tcfg->inject_ix > operation->tfrm_op.outlen){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: transform id %d inject_ix (%d) > operation->tfrm_op.outlen(%d)", tcfg->tid, tcfg->inject_ix, operation->tfrm_op.outlen));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
switch (tctx->init.alg){
|
|
case cryptocop_alg_mem2mem:
|
|
if (cipher_ctx.tcfg != NULL){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: multiple ciphers in operation.\n"));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
/* mem2mem is handled as a NULL cipher. */
|
|
cipher_ctx.cbcmode = 0;
|
|
cipher_ctx.decrypt = 0;
|
|
cipher_ctx.blocklength = 1;
|
|
cipher_ctx.ciph_conf = 0;
|
|
cipher_ctx.unit_no = src_dma;
|
|
cipher_ctx.tcfg = tcfg;
|
|
cipher_ctx.tctx = tctx;
|
|
break;
|
|
case cryptocop_alg_des:
|
|
case cryptocop_alg_3des:
|
|
case cryptocop_alg_aes:
|
|
/* cipher */
|
|
if (cipher_ctx.tcfg != NULL){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: multiple ciphers in operation.\n"));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
cipher_ctx.tcfg = tcfg;
|
|
cipher_ctx.tctx = tctx;
|
|
if (cipher_ctx.tcfg->flags & CRYPTOCOP_DECRYPT){
|
|
cipher_ctx.decrypt = 1;
|
|
}
|
|
switch (tctx->init.cipher_mode) {
|
|
case cryptocop_cipher_mode_ecb:
|
|
cipher_ctx.cbcmode = 0;
|
|
break;
|
|
case cryptocop_cipher_mode_cbc:
|
|
cipher_ctx.cbcmode = 1;
|
|
break;
|
|
default:
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: cipher_ctx, bad cipher mode==%d\n", tctx->init.cipher_mode));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
DEBUG(printk("cryptocop_setup_dma_list: cipher_ctx, set CBC mode==%d\n", cipher_ctx.cbcmode));
|
|
switch (tctx->init.alg){
|
|
case cryptocop_alg_des:
|
|
cipher_ctx.ciph_conf = 0;
|
|
cipher_ctx.unit_no = src_des;
|
|
cipher_ctx.blocklength = DES_BLOCK_LENGTH;
|
|
break;
|
|
case cryptocop_alg_3des:
|
|
cipher_ctx.ciph_conf = 1;
|
|
cipher_ctx.unit_no = src_des;
|
|
cipher_ctx.blocklength = DES_BLOCK_LENGTH;
|
|
break;
|
|
case cryptocop_alg_aes:
|
|
cipher_ctx.ciph_conf = 2;
|
|
cipher_ctx.unit_no = src_aes;
|
|
cipher_ctx.blocklength = AES_BLOCK_LENGTH;
|
|
break;
|
|
default:
|
|
panic("cryptocop_setup_dma_list: impossible algorithm %d\n", tctx->init.alg);
|
|
}
|
|
(*int_op)->tdes_mode = tctx->init.tdes_mode;
|
|
break;
|
|
case cryptocop_alg_md5:
|
|
case cryptocop_alg_sha1:
|
|
/* digest */
|
|
if (digest_ctx.tcfg != NULL){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: multiple digests in operation.\n"));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
digest_ctx.tcfg = tcfg;
|
|
digest_ctx.tctx = tctx;
|
|
digest_ctx.hash_mode = 0; /* Don't use explicit IV in this API. */
|
|
switch (tctx->init.alg){
|
|
case cryptocop_alg_md5:
|
|
digest_ctx.blocklength = MD5_BLOCK_LENGTH;
|
|
digest_ctx.unit_no = src_md5;
|
|
digest_ctx.hash_conf = 1; /* 1 => MD-5 */
|
|
break;
|
|
case cryptocop_alg_sha1:
|
|
digest_ctx.blocklength = SHA1_BLOCK_LENGTH;
|
|
digest_ctx.unit_no = src_sha1;
|
|
digest_ctx.hash_conf = 0; /* 0 => SHA-1 */
|
|
break;
|
|
default:
|
|
panic("cryptocop_setup_dma_list: impossible digest algorithm\n");
|
|
}
|
|
break;
|
|
case cryptocop_alg_csum:
|
|
/* digest */
|
|
if (csum_ctx.tcfg != NULL){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: multiple checksums in operation.\n"));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
(*int_op)->csum_mode = tctx->init.csum_mode;
|
|
csum_ctx.tcfg = tcfg;
|
|
csum_ctx.tctx = tctx;
|
|
break;
|
|
default:
|
|
/* no algorithm. */
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: invalid algorithm %d specified in tfrm %d.\n", tctx->init.alg, tcfg->tid));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
tcfg = tcfg->next;
|
|
}
|
|
/* Download key if a cipher is used. */
|
|
if (cipher_ctx.tcfg && (cipher_ctx.tctx->init.alg != cryptocop_alg_mem2mem)){
|
|
struct cryptocop_dma_desc *key_desc = NULL;
|
|
|
|
failed = setup_key_dl_desc(&cipher_ctx, &key_desc, alloc_flag);
|
|
if (failed) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: setup key dl\n"));
|
|
goto error_cleanup;
|
|
}
|
|
current_out_cdesc->next = key_desc;
|
|
current_out_cdesc = key_desc;
|
|
indata_ix += (unsigned int)(key_desc->dma_descr->after - key_desc->dma_descr->buf);
|
|
|
|
/* Download explicit IV if a cipher is used and CBC mode and explicit IV selected. */
|
|
if ((cipher_ctx.tctx->init.cipher_mode == cryptocop_cipher_mode_cbc) && (cipher_ctx.tcfg->flags & CRYPTOCOP_EXPLICIT_IV)) {
|
|
struct cryptocop_dma_desc *iv_desc = NULL;
|
|
|
|
DEBUG(printk("cryptocop_setup_dma_list: setup cipher CBC IV descriptor.\n"));
|
|
|
|
failed = setup_cipher_iv_desc(&cipher_ctx, &iv_desc, alloc_flag);
|
|
if (failed) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: CBC IV descriptor.\n"));
|
|
goto error_cleanup;
|
|
}
|
|
current_out_cdesc->next = iv_desc;
|
|
current_out_cdesc = iv_desc;
|
|
indata_ix += (unsigned int)(iv_desc->dma_descr->after - iv_desc->dma_descr->buf);
|
|
}
|
|
}
|
|
|
|
/* Process descriptors. */
|
|
odsc = operation->tfrm_op.desc;
|
|
while (odsc) {
|
|
struct cryptocop_desc_cfg *dcfg = odsc->cfg;
|
|
struct strcop_meta_out meta_out = {0};
|
|
size_t desc_len = odsc->length;
|
|
int active_count, eop_needed_count;
|
|
|
|
output_tc = NULL;
|
|
|
|
DEBUG(printk("cryptocop_setup_dma_list: parsing an operation descriptor\n"));
|
|
|
|
while (dcfg) {
|
|
struct cryptocop_tfrm_ctx *tc = NULL;
|
|
|
|
DEBUG(printk("cryptocop_setup_dma_list: parsing an operation descriptor configuration.\n"));
|
|
/* Get the local context for the transform and mark it as the output unit if it produces output. */
|
|
if (digest_ctx.tcfg && (digest_ctx.tcfg->tid == dcfg->tid)){
|
|
tc = &digest_ctx;
|
|
} else if (cipher_ctx.tcfg && (cipher_ctx.tcfg->tid == dcfg->tid)){
|
|
tc = &cipher_ctx;
|
|
} else if (csum_ctx.tcfg && (csum_ctx.tcfg->tid == dcfg->tid)){
|
|
tc = &csum_ctx;
|
|
}
|
|
if (!tc) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: invalid transform %d specified in descriptor.\n", dcfg->tid));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
if (tc->done) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: completed transform %d reused.\n", dcfg->tid));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
if (!tc->active) {
|
|
tc->start_ix = indata_ix;
|
|
tc->active = 1;
|
|
}
|
|
|
|
tc->previous_src = tc->current_src;
|
|
tc->prev_src = tc->curr_src;
|
|
/* Map source unit id to DMA source config. */
|
|
switch (dcfg->src){
|
|
case cryptocop_source_dma:
|
|
tc->current_src = src_dma;
|
|
break;
|
|
case cryptocop_source_des:
|
|
tc->current_src = src_des;
|
|
break;
|
|
case cryptocop_source_3des:
|
|
tc->current_src = src_des;
|
|
break;
|
|
case cryptocop_source_aes:
|
|
tc->current_src = src_aes;
|
|
break;
|
|
case cryptocop_source_md5:
|
|
case cryptocop_source_sha1:
|
|
case cryptocop_source_csum:
|
|
case cryptocop_source_none:
|
|
default:
|
|
/* We do not allow using accumulating style units (SHA-1, MD5, checksum) as sources to other units.
|
|
*/
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: bad unit source configured %d.\n", dcfg->src));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
if (tc->current_src != src_dma) {
|
|
/* Find the unit we are sourcing from. */
|
|
if (digest_ctx.unit_no == tc->current_src){
|
|
tc->curr_src = &digest_ctx;
|
|
} else if (cipher_ctx.unit_no == tc->current_src){
|
|
tc->curr_src = &cipher_ctx;
|
|
} else if (csum_ctx.unit_no == tc->current_src){
|
|
tc->curr_src = &csum_ctx;
|
|
}
|
|
if ((tc->curr_src == tc) && (tc->unit_no != src_dma)){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: unit %d configured to source from itself.\n", tc->unit_no));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
} else {
|
|
tc->curr_src = NULL;
|
|
}
|
|
|
|
/* Detect source switch. */
|
|
DEBUG(printk("cryptocop_setup_dma_list: tc->active=%d tc->unit_no=%d tc->current_src=%d tc->previous_src=%d, tc->curr_src=0x%p, tc->prev_srv=0x%p\n", tc->active, tc->unit_no, tc->current_src, tc->previous_src, tc->curr_src, tc->prev_src));
|
|
if (tc->active && (tc->current_src != tc->previous_src)) {
|
|
/* Only allow source switch when both the old source unit and the new one have
|
|
* no pending data to process (i.e. the consumed length must be a multiple of the
|
|
* transform blocklength). */
|
|
/* Note: if the src == NULL we are actually sourcing from DMA out. */
|
|
if (((tc->prev_src != NULL) && (tc->prev_src->consumed % tc->prev_src->blocklength)) ||
|
|
((tc->curr_src != NULL) && (tc->curr_src->consumed % tc->curr_src->blocklength)))
|
|
{
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: can only disconnect from or connect to a unit on a multiple of the blocklength, old: cons=%d, prod=%d, block=%d, new: cons=%d prod=%d, block=%d.\n", tc->prev_src ? tc->prev_src->consumed : INT_MIN, tc->prev_src ? tc->prev_src->produced : INT_MIN, tc->prev_src ? tc->prev_src->blocklength : INT_MIN, tc->curr_src ? tc->curr_src->consumed : INT_MIN, tc->curr_src ? tc->curr_src->produced : INT_MIN, tc->curr_src ? tc->curr_src->blocklength : INT_MIN));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
}
|
|
/* Detect unit deactivation. */
|
|
if (dcfg->last) {
|
|
/* Length check of this is handled below. */
|
|
tc->done = 1;
|
|
}
|
|
dcfg = dcfg->next;
|
|
} /* while (dcfg) */
|
|
DEBUG(printk("cryptocop_setup_dma_list: parsing operation descriptor configuration complete.\n"));
|
|
|
|
if (cipher_ctx.active && (cipher_ctx.curr_src != NULL) && !cipher_ctx.curr_src->active){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: cipher source from inactive unit %d\n", cipher_ctx.curr_src->unit_no));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
if (digest_ctx.active && (digest_ctx.curr_src != NULL) && !digest_ctx.curr_src->active){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: digest source from inactive unit %d\n", digest_ctx.curr_src->unit_no));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
if (csum_ctx.active && (csum_ctx.curr_src != NULL) && !csum_ctx.curr_src->active){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: cipher source from inactive unit %d\n", csum_ctx.curr_src->unit_no));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
|
|
/* Update consumed and produced lengths.
|
|
|
|
The consumed length accounting here is actually cheating. If a unit source from DMA (or any
|
|
other unit that process data in blocks of one octet) it is correct, but if it source from a
|
|
block processing unit, i.e. a cipher, it will be temporarily incorrect at some times. However
|
|
since it is only allowed--by the HW--to change source to or from a block processing unit at times where that
|
|
unit has processed an exact multiple of its block length the end result will be correct.
|
|
Beware that if the source change restriction change this code will need to be (much) reworked.
|
|
*/
|
|
DEBUG(printk("cryptocop_setup_dma_list: desc->length=%d, desc_len=%d.\n", odsc->length, desc_len));
|
|
|
|
if (csum_ctx.active) {
|
|
csum_ctx.consumed += desc_len;
|
|
if (csum_ctx.done) {
|
|
csum_ctx.produced = 2;
|
|
}
|
|
DEBUG(printk("cryptocop_setup_dma_list: csum_ctx producing: consumed=%d, produced=%d, blocklength=%d.\n", csum_ctx.consumed, csum_ctx.produced, csum_ctx.blocklength));
|
|
}
|
|
if (digest_ctx.active) {
|
|
digest_ctx.consumed += desc_len;
|
|
if (digest_ctx.done) {
|
|
if (digest_ctx.unit_no == src_md5) {
|
|
digest_ctx.produced = MD5_STATE_LENGTH;
|
|
} else {
|
|
digest_ctx.produced = SHA1_STATE_LENGTH;
|
|
}
|
|
}
|
|
DEBUG(printk("cryptocop_setup_dma_list: digest_ctx producing: consumed=%d, produced=%d, blocklength=%d.\n", digest_ctx.consumed, digest_ctx.produced, digest_ctx.blocklength));
|
|
}
|
|
if (cipher_ctx.active) {
|
|
/* Ciphers are allowed only to source from DMA out. That is filtered above. */
|
|
assert(cipher_ctx.current_src == src_dma);
|
|
cipher_ctx.consumed += desc_len;
|
|
cipher_ctx.produced = cipher_ctx.blocklength * (cipher_ctx.consumed / cipher_ctx.blocklength);
|
|
if (cipher_ctx.cbcmode && !(cipher_ctx.tcfg->flags & CRYPTOCOP_EXPLICIT_IV) && cipher_ctx.produced){
|
|
cipher_ctx.produced -= cipher_ctx.blocklength; /* Compensate for CBC iv. */
|
|
}
|
|
DEBUG(printk("cryptocop_setup_dma_list: cipher_ctx producing: consumed=%d, produced=%d, blocklength=%d.\n", cipher_ctx.consumed, cipher_ctx.produced, cipher_ctx.blocklength));
|
|
}
|
|
|
|
/* Setup the DMA out descriptors. */
|
|
/* Configure the metadata. */
|
|
active_count = 0;
|
|
eop_needed_count = 0;
|
|
if (cipher_ctx.active) {
|
|
++active_count;
|
|
if (cipher_ctx.unit_no == src_dma){
|
|
/* mem2mem */
|
|
meta_out.ciphsel = src_none;
|
|
} else {
|
|
meta_out.ciphsel = cipher_ctx.current_src;
|
|
}
|
|
meta_out.ciphconf = cipher_ctx.ciph_conf;
|
|
meta_out.cbcmode = cipher_ctx.cbcmode;
|
|
meta_out.decrypt = cipher_ctx.decrypt;
|
|
DEBUG(printk("set ciphsel=%d ciphconf=%d cbcmode=%d decrypt=%d\n", meta_out.ciphsel, meta_out.ciphconf, meta_out.cbcmode, meta_out.decrypt));
|
|
if (cipher_ctx.done) ++eop_needed_count;
|
|
} else {
|
|
meta_out.ciphsel = src_none;
|
|
}
|
|
|
|
if (digest_ctx.active) {
|
|
++active_count;
|
|
meta_out.hashsel = digest_ctx.current_src;
|
|
meta_out.hashconf = digest_ctx.hash_conf;
|
|
meta_out.hashmode = 0; /* Explicit mode is not used here. */
|
|
DEBUG(printk("set hashsel=%d hashconf=%d hashmode=%d\n", meta_out.hashsel, meta_out.hashconf, meta_out.hashmode));
|
|
if (digest_ctx.done) {
|
|
assert(digest_ctx.pad_descs == NULL);
|
|
failed = create_pad_descriptor(&digest_ctx, &digest_ctx.pad_descs, alloc_flag);
|
|
if (failed) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: failed digest pad creation.\n"));
|
|
goto error_cleanup;
|
|
}
|
|
}
|
|
} else {
|
|
meta_out.hashsel = src_none;
|
|
}
|
|
|
|
if (csum_ctx.active) {
|
|
++active_count;
|
|
meta_out.csumsel = csum_ctx.current_src;
|
|
if (csum_ctx.done) {
|
|
assert(csum_ctx.pad_descs == NULL);
|
|
failed = create_pad_descriptor(&csum_ctx, &csum_ctx.pad_descs, alloc_flag);
|
|
if (failed) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: failed csum pad creation.\n"));
|
|
goto error_cleanup;
|
|
}
|
|
}
|
|
} else {
|
|
meta_out.csumsel = src_none;
|
|
}
|
|
DEBUG(printk("cryptocop_setup_dma_list: %d eop needed, %d active units\n", eop_needed_count, active_count));
|
|
/* Setup DMA out descriptors for the indata. */
|
|
failed = create_output_descriptors(operation, &iniov_ix, &iniov_offset, desc_len, ¤t_out_cdesc, &meta_out, alloc_flag);
|
|
if (failed) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: create_output_descriptors %d\n", failed));
|
|
goto error_cleanup;
|
|
}
|
|
/* Setup out EOP. If there are active units that are not done here they cannot get an EOP
|
|
* so we ust setup a zero length descriptor to DMA to signal EOP only to done units.
|
|
* If there is a pad descriptor EOP for the padded unit will be EOPed by it.
|
|
*/
|
|
assert(active_count >= eop_needed_count);
|
|
assert((eop_needed_count == 0) || (eop_needed_count == 1));
|
|
if (eop_needed_count) {
|
|
/* This means that the bulk operation (cipeher/m2m) is terminated. */
|
|
if (active_count > 1) {
|
|
/* Use zero length EOP descriptor. */
|
|
struct cryptocop_dma_desc *ed = alloc_cdesc(alloc_flag);
|
|
struct strcop_meta_out ed_mo = {0};
|
|
if (!ed) {
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: alloc EOP descriptor for cipher\n"));
|
|
failed = -ENOMEM;
|
|
goto error_cleanup;
|
|
}
|
|
|
|
assert(cipher_ctx.active && cipher_ctx.done);
|
|
|
|
if (cipher_ctx.unit_no == src_dma){
|
|
/* mem2mem */
|
|
ed_mo.ciphsel = src_none;
|
|
} else {
|
|
ed_mo.ciphsel = cipher_ctx.current_src;
|
|
}
|
|
ed_mo.ciphconf = cipher_ctx.ciph_conf;
|
|
ed_mo.cbcmode = cipher_ctx.cbcmode;
|
|
ed_mo.decrypt = cipher_ctx.decrypt;
|
|
|
|
ed->free_buf = NULL;
|
|
ed->dma_descr->wait = 1;
|
|
ed->dma_descr->out_eop = 1;
|
|
|
|
ed->dma_descr->buf = (char*)virt_to_phys(&ed); /* Use any valid physical address for zero length descriptor. */
|
|
ed->dma_descr->after = ed->dma_descr->buf;
|
|
ed->dma_descr->md = REG_TYPE_CONV(unsigned short int, struct strcop_meta_out, ed_mo);
|
|
current_out_cdesc->next = ed;
|
|
current_out_cdesc = ed;
|
|
} else {
|
|
/* Set EOP in the current out descriptor since the only active module is
|
|
* the one needing the EOP. */
|
|
|
|
current_out_cdesc->dma_descr->out_eop = 1;
|
|
}
|
|
}
|
|
|
|
if (cipher_ctx.done && cipher_ctx.active) cipher_ctx.active = 0;
|
|
if (digest_ctx.done && digest_ctx.active) digest_ctx.active = 0;
|
|
if (csum_ctx.done && csum_ctx.active) csum_ctx.active = 0;
|
|
indata_ix += odsc->length;
|
|
odsc = odsc->next;
|
|
} /* while (odsc) */ /* Process descriptors. */
|
|
DEBUG(printk("cryptocop_setup_dma_list: done parsing operation descriptors\n"));
|
|
if (cipher_ctx.tcfg && (cipher_ctx.active || !cipher_ctx.done)){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: cipher operation not terminated.\n"));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
if (digest_ctx.tcfg && (digest_ctx.active || !digest_ctx.done)){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: digest operation not terminated.\n"));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
if (csum_ctx.tcfg && (csum_ctx.active || !csum_ctx.done)){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: csum operation not terminated.\n"));
|
|
failed = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
|
|
failed = append_input_descriptors(operation, ¤t_in_cdesc, ¤t_out_cdesc, &cipher_ctx, alloc_flag);
|
|
if (failed){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: append_input_descriptors cipher_ctx %d\n", failed));
|
|
goto error_cleanup;
|
|
}
|
|
failed = append_input_descriptors(operation, ¤t_in_cdesc, ¤t_out_cdesc, &digest_ctx, alloc_flag);
|
|
if (failed){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: append_input_descriptors cipher_ctx %d\n", failed));
|
|
goto error_cleanup;
|
|
}
|
|
failed = append_input_descriptors(operation, ¤t_in_cdesc, ¤t_out_cdesc, &csum_ctx, alloc_flag);
|
|
if (failed){
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: append_input_descriptors cipher_ctx %d\n", failed));
|
|
goto error_cleanup;
|
|
}
|
|
|
|
DEBUG(printk("cryptocop_setup_dma_list: int_op=0x%p, *int_op=0x%p\n", int_op, *int_op));
|
|
(*int_op)->cdesc_out = out_cdesc_head.next;
|
|
(*int_op)->cdesc_in = in_cdesc_head.next;
|
|
DEBUG(printk("cryptocop_setup_dma_list: out_cdesc_head=0x%p in_cdesc_head=0x%p\n", (*int_op)->cdesc_out, (*int_op)->cdesc_in));
|
|
|
|
setup_descr_chain(out_cdesc_head.next);
|
|
setup_descr_chain(in_cdesc_head.next);
|
|
|
|
/* Last but not least: mark the last DMA in descriptor for a INTR and EOL and the the
|
|
* last DMA out descriptor for EOL.
|
|
*/
|
|
current_in_cdesc->dma_descr->intr = 1;
|
|
current_in_cdesc->dma_descr->eol = 1;
|
|
current_out_cdesc->dma_descr->eol = 1;
|
|
|
|
/* Setup DMA contexts. */
|
|
(*int_op)->ctx_out.next = NULL;
|
|
(*int_op)->ctx_out.eol = 1;
|
|
(*int_op)->ctx_out.intr = 0;
|
|
(*int_op)->ctx_out.store_mode = 0;
|
|
(*int_op)->ctx_out.en = 0;
|
|
(*int_op)->ctx_out.dis = 0;
|
|
(*int_op)->ctx_out.md0 = 0;
|
|
(*int_op)->ctx_out.md1 = 0;
|
|
(*int_op)->ctx_out.md2 = 0;
|
|
(*int_op)->ctx_out.md3 = 0;
|
|
(*int_op)->ctx_out.md4 = 0;
|
|
(*int_op)->ctx_out.saved_data = (dma_descr_data*)virt_to_phys((*int_op)->cdesc_out->dma_descr);
|
|
(*int_op)->ctx_out.saved_data_buf = (*int_op)->cdesc_out->dma_descr->buf; /* Already physical address. */
|
|
|
|
(*int_op)->ctx_in.next = NULL;
|
|
(*int_op)->ctx_in.eol = 1;
|
|
(*int_op)->ctx_in.intr = 0;
|
|
(*int_op)->ctx_in.store_mode = 0;
|
|
(*int_op)->ctx_in.en = 0;
|
|
(*int_op)->ctx_in.dis = 0;
|
|
(*int_op)->ctx_in.md0 = 0;
|
|
(*int_op)->ctx_in.md1 = 0;
|
|
(*int_op)->ctx_in.md2 = 0;
|
|
(*int_op)->ctx_in.md3 = 0;
|
|
(*int_op)->ctx_in.md4 = 0;
|
|
|
|
(*int_op)->ctx_in.saved_data = (dma_descr_data*)virt_to_phys((*int_op)->cdesc_in->dma_descr);
|
|
(*int_op)->ctx_in.saved_data_buf = (*int_op)->cdesc_in->dma_descr->buf; /* Already physical address. */
|
|
|
|
DEBUG(printk("cryptocop_setup_dma_list: done\n"));
|
|
return 0;
|
|
|
|
error_cleanup:
|
|
{
|
|
/* Free all allocated resources. */
|
|
struct cryptocop_dma_desc *tmp_cdesc;
|
|
while (digest_ctx.pad_descs){
|
|
tmp_cdesc = digest_ctx.pad_descs->next;
|
|
free_cdesc(digest_ctx.pad_descs);
|
|
digest_ctx.pad_descs = tmp_cdesc;
|
|
}
|
|
while (csum_ctx.pad_descs){
|
|
tmp_cdesc = csum_ctx.pad_descs->next;
|
|
free_cdesc(csum_ctx.pad_descs);
|
|
csum_ctx.pad_descs = tmp_cdesc;
|
|
}
|
|
assert(cipher_ctx.pad_descs == NULL); /* The ciphers are never padded. */
|
|
|
|
if (*int_op != NULL) delete_internal_operation(*int_op);
|
|
}
|
|
DEBUG_API(printk("cryptocop_setup_dma_list: done with error %d\n", failed));
|
|
return failed;
|
|
}
|
|
|
|
|
|
static void delete_internal_operation(struct cryptocop_int_operation *iop)
|
|
{
|
|
void *ptr = iop->alloc_ptr;
|
|
struct cryptocop_dma_desc *cd = iop->cdesc_out;
|
|
struct cryptocop_dma_desc *next;
|
|
|
|
DEBUG(printk("delete_internal_operation: iop=0x%p, alloc_ptr=0x%p\n", iop, ptr));
|
|
|
|
while (cd) {
|
|
next = cd->next;
|
|
free_cdesc(cd);
|
|
cd = next;
|
|
}
|
|
cd = iop->cdesc_in;
|
|
while (cd) {
|
|
next = cd->next;
|
|
free_cdesc(cd);
|
|
cd = next;
|
|
}
|
|
kfree(ptr);
|
|
}
|
|
|
|
#define MD5_MIN_PAD_LENGTH (9)
|
|
#define MD5_PAD_LENGTH_FIELD_LENGTH (8)
|
|
|
|
static int create_md5_pad(int alloc_flag, unsigned long long hashed_length, char **pad, size_t *pad_length)
|
|
{
|
|
size_t padlen = MD5_BLOCK_LENGTH - (hashed_length % MD5_BLOCK_LENGTH);
|
|
unsigned char *p;
|
|
int i;
|
|
unsigned long long int bit_length = hashed_length << 3;
|
|
|
|
if (padlen < MD5_MIN_PAD_LENGTH) padlen += MD5_BLOCK_LENGTH;
|
|
|
|
p = kmalloc(padlen, alloc_flag);
|
|
if (!pad) return -ENOMEM;
|
|
|
|
*p = 0x80;
|
|
memset(p+1, 0, padlen - 1);
|
|
|
|
DEBUG(printk("create_md5_pad: hashed_length=%lld bits == %lld bytes\n", bit_length, hashed_length));
|
|
|
|
i = padlen - MD5_PAD_LENGTH_FIELD_LENGTH;
|
|
while (bit_length != 0){
|
|
p[i++] = bit_length % 0x100;
|
|
bit_length >>= 8;
|
|
}
|
|
|
|
*pad = (char*)p;
|
|
*pad_length = padlen;
|
|
|
|
return 0;
|
|
}
|
|
|
|
#define SHA1_MIN_PAD_LENGTH (9)
|
|
#define SHA1_PAD_LENGTH_FIELD_LENGTH (8)
|
|
|
|
static int create_sha1_pad(int alloc_flag, unsigned long long hashed_length, char **pad, size_t *pad_length)
|
|
{
|
|
size_t padlen = SHA1_BLOCK_LENGTH - (hashed_length % SHA1_BLOCK_LENGTH);
|
|
unsigned char *p;
|
|
int i;
|
|
unsigned long long int bit_length = hashed_length << 3;
|
|
|
|
if (padlen < SHA1_MIN_PAD_LENGTH) padlen += SHA1_BLOCK_LENGTH;
|
|
|
|
p = kmalloc(padlen, alloc_flag);
|
|
if (!pad) return -ENOMEM;
|
|
|
|
*p = 0x80;
|
|
memset(p+1, 0, padlen - 1);
|
|
|
|
DEBUG(printk("create_sha1_pad: hashed_length=%lld bits == %lld bytes\n", bit_length, hashed_length));
|
|
|
|
i = padlen - 1;
|
|
while (bit_length != 0){
|
|
p[i--] = bit_length % 0x100;
|
|
bit_length >>= 8;
|
|
}
|
|
|
|
*pad = (char*)p;
|
|
*pad_length = padlen;
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
static int transform_ok(struct cryptocop_transform_init *tinit)
|
|
{
|
|
switch (tinit->alg){
|
|
case cryptocop_alg_csum:
|
|
switch (tinit->csum_mode){
|
|
case cryptocop_csum_le:
|
|
case cryptocop_csum_be:
|
|
break;
|
|
default:
|
|
DEBUG_API(printk("transform_ok: Bad mode set for csum transform\n"));
|
|
return -EINVAL;
|
|
}
|
|
case cryptocop_alg_mem2mem:
|
|
case cryptocop_alg_md5:
|
|
case cryptocop_alg_sha1:
|
|
if (tinit->keylen != 0) {
|
|
DEBUG_API(printk("transform_ok: non-zero keylength, %d, for a digest/csum algorithm\n", tinit->keylen));
|
|
return -EINVAL; /* This check is a bit strict. */
|
|
}
|
|
break;
|
|
case cryptocop_alg_des:
|
|
if (tinit->keylen != 64) {
|
|
DEBUG_API(printk("transform_ok: keylen %d invalid for DES\n", tinit->keylen));
|
|
return -EINVAL;
|
|
}
|
|
break;
|
|
case cryptocop_alg_3des:
|
|
if (tinit->keylen != 192) {
|
|
DEBUG_API(printk("transform_ok: keylen %d invalid for 3DES\n", tinit->keylen));
|
|
return -EINVAL;
|
|
}
|
|
break;
|
|
case cryptocop_alg_aes:
|
|
if (tinit->keylen != 128 && tinit->keylen != 192 && tinit->keylen != 256) {
|
|
DEBUG_API(printk("transform_ok: keylen %d invalid for AES\n", tinit->keylen));
|
|
return -EINVAL;
|
|
}
|
|
break;
|
|
case cryptocop_no_alg:
|
|
default:
|
|
DEBUG_API(printk("transform_ok: no such algorithm %d\n", tinit->alg));
|
|
return -EINVAL;
|
|
}
|
|
|
|
switch (tinit->alg){
|
|
case cryptocop_alg_des:
|
|
case cryptocop_alg_3des:
|
|
case cryptocop_alg_aes:
|
|
if (tinit->cipher_mode != cryptocop_cipher_mode_ecb && tinit->cipher_mode != cryptocop_cipher_mode_cbc) return -EINVAL;
|
|
default:
|
|
break;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
|
|
int cryptocop_new_session(cryptocop_session_id *sid, struct cryptocop_transform_init *tinit, int alloc_flag)
|
|
{
|
|
struct cryptocop_session *sess;
|
|
struct cryptocop_transform_init *tfrm_in = tinit;
|
|
struct cryptocop_transform_init *tmp_in;
|
|
int no_tfrms = 0;
|
|
int i;
|
|
unsigned long int flags;
|
|
|
|
init_stream_coprocessor(); /* For safety if we are called early */
|
|
|
|
while (tfrm_in){
|
|
int err;
|
|
++no_tfrms;
|
|
if ((err = transform_ok(tfrm_in))) {
|
|
DEBUG_API(printk("cryptocop_new_session, bad transform\n"));
|
|
return err;
|
|
}
|
|
tfrm_in = tfrm_in->next;
|
|
}
|
|
if (0 == no_tfrms) {
|
|
DEBUG_API(printk("cryptocop_new_session, no transforms specified\n"));
|
|
return -EINVAL;
|
|
}
|
|
|
|
sess = kmalloc(sizeof(struct cryptocop_session), alloc_flag);
|
|
if (!sess){
|
|
DEBUG_API(printk("cryptocop_new_session, kmalloc cryptocop_session\n"));
|
|
return -ENOMEM;
|
|
}
|
|
|
|
sess->tfrm_ctx = kmalloc(no_tfrms * sizeof(struct cryptocop_transform_ctx), alloc_flag);
|
|
if (!sess->tfrm_ctx) {
|
|
DEBUG_API(printk("cryptocop_new_session, kmalloc cryptocop_transform_ctx\n"));
|
|
kfree(sess);
|
|
return -ENOMEM;
|
|
}
|
|
|
|
tfrm_in = tinit;
|
|
for (i = 0; i < no_tfrms; i++){
|
|
tmp_in = tfrm_in->next;
|
|
while (tmp_in){
|
|
if (tmp_in->tid == tfrm_in->tid) {
|
|
DEBUG_API(printk("cryptocop_new_session, duplicate transform ids\n"));
|
|
kfree(sess->tfrm_ctx);
|
|
kfree(sess);
|
|
return -EINVAL;
|
|
}
|
|
tmp_in = tmp_in->next;
|
|
}
|
|
memcpy(&sess->tfrm_ctx[i].init, tfrm_in, sizeof(struct cryptocop_transform_init));
|
|
sess->tfrm_ctx[i].dec_key_set = 0;
|
|
sess->tfrm_ctx[i].next = &sess->tfrm_ctx[i] + 1;
|
|
|
|
tfrm_in = tfrm_in->next;
|
|
}
|
|
sess->tfrm_ctx[i-1].next = NULL;
|
|
|
|
spin_lock_irqsave(&cryptocop_sessions_lock, flags);
|
|
sess->sid = next_sid;
|
|
next_sid++;
|
|
/* TODO If we are really paranoid we should do duplicate check to handle sid wraparound.
|
|
* OTOH 2^64 is a really large number of session. */
|
|
if (next_sid == 0) next_sid = 1;
|
|
|
|
/* Prepend to session list. */
|
|
sess->next = cryptocop_sessions;
|
|
cryptocop_sessions = sess;
|
|
spin_unlock_irqrestore(&cryptocop_sessions_lock, flags);
|
|
*sid = sess->sid;
|
|
return 0;
|
|
}
|
|
|
|
|
|
int cryptocop_free_session(cryptocop_session_id sid)
|
|
{
|
|
struct cryptocop_transform_ctx *tc;
|
|
struct cryptocop_session *sess = NULL;
|
|
struct cryptocop_session *psess = NULL;
|
|
unsigned long int flags;
|
|
int i;
|
|
LIST_HEAD(remove_list);
|
|
struct list_head *node, *tmp;
|
|
struct cryptocop_prio_job *pj;
|
|
|
|
DEBUG(printk("cryptocop_free_session: sid=%lld\n", sid));
|
|
|
|
spin_lock_irqsave(&cryptocop_sessions_lock, flags);
|
|
sess = cryptocop_sessions;
|
|
while (sess && sess->sid != sid){
|
|
psess = sess;
|
|
sess = sess->next;
|
|
}
|
|
if (sess){
|
|
if (psess){
|
|
psess->next = sess->next;
|
|
} else {
|
|
cryptocop_sessions = sess->next;
|
|
}
|
|
}
|
|
spin_unlock_irqrestore(&cryptocop_sessions_lock, flags);
|
|
|
|
if (!sess) return -EINVAL;
|
|
|
|
/* Remove queued jobs. */
|
|
spin_lock_irqsave(&cryptocop_job_queue_lock, flags);
|
|
|
|
for (i = 0; i < cryptocop_prio_no_prios; i++){
|
|
if (!list_empty(&(cryptocop_job_queues[i].jobs))){
|
|
list_for_each_safe(node, tmp, &(cryptocop_job_queues[i].jobs)) {
|
|
pj = list_entry(node, struct cryptocop_prio_job, node);
|
|
if (pj->oper->sid == sid) {
|
|
list_move_tail(node, &remove_list);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
spin_unlock_irqrestore(&cryptocop_job_queue_lock, flags);
|
|
|
|
list_for_each_safe(node, tmp, &remove_list) {
|
|
list_del(node);
|
|
pj = list_entry(node, struct cryptocop_prio_job, node);
|
|
pj->oper->operation_status = -EAGAIN; /* EAGAIN is not ideal for job/session terminated but it's the best choice I know of. */
|
|
DEBUG(printk("cryptocop_free_session: pj=0x%p, pj->oper=0x%p, pj->iop=0x%p\n", pj, pj->oper, pj->iop));
|
|
pj->oper->cb(pj->oper, pj->oper->cb_data);
|
|
delete_internal_operation(pj->iop);
|
|
kfree(pj);
|
|
}
|
|
|
|
tc = sess->tfrm_ctx;
|
|
/* Erase keying data. */
|
|
while (tc){
|
|
DEBUG(printk("cryptocop_free_session: memset keys, tfrm id=%d\n", tc->init.tid));
|
|
memset(tc->init.key, 0xff, CRYPTOCOP_MAX_KEY_LENGTH);
|
|
memset(tc->dec_key, 0xff, CRYPTOCOP_MAX_KEY_LENGTH);
|
|
tc = tc->next;
|
|
}
|
|
kfree(sess->tfrm_ctx);
|
|
kfree(sess);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static struct cryptocop_session *get_session(cryptocop_session_id sid)
|
|
{
|
|
struct cryptocop_session *sess;
|
|
unsigned long int flags;
|
|
|
|
spin_lock_irqsave(&cryptocop_sessions_lock, flags);
|
|
sess = cryptocop_sessions;
|
|
while (sess && (sess->sid != sid)){
|
|
sess = sess->next;
|
|
}
|
|
spin_unlock_irqrestore(&cryptocop_sessions_lock, flags);
|
|
|
|
return sess;
|
|
}
|
|
|
|
static struct cryptocop_transform_ctx *get_transform_ctx(struct cryptocop_session *sess, cryptocop_tfrm_id tid)
|
|
{
|
|
struct cryptocop_transform_ctx *tc = sess->tfrm_ctx;
|
|
|
|
DEBUG(printk("get_transform_ctx, sess=0x%p, tid=%d\n", sess, tid));
|
|
assert(sess != NULL);
|
|
while (tc && tc->init.tid != tid){
|
|
DEBUG(printk("tc=0x%p, tc->next=0x%p\n", tc, tc->next));
|
|
tc = tc->next;
|
|
}
|
|
DEBUG(printk("get_transform_ctx, returning tc=0x%p\n", tc));
|
|
return tc;
|
|
}
|
|
|
|
|
|
|
|
/* The AES s-transform matrix (s-box). */
|
|
static const u8 aes_sbox[256] = {
|
|
99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118,
|
|
202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
|
|
183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21,
|
|
4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117,
|
|
9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132,
|
|
83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207,
|
|
208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
|
|
81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210,
|
|
205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115,
|
|
96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219,
|
|
224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121,
|
|
231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8,
|
|
186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138,
|
|
112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
|
|
225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
|
|
140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22
|
|
};
|
|
|
|
/* AES has a 32 bit word round constants for each round in the
|
|
* key schedule. round_constant[i] is really Rcon[i+1] in FIPS187.
|
|
*/
|
|
static u32 round_constant[11] = {
|
|
0x01000000, 0x02000000, 0x04000000, 0x08000000,
|
|
0x10000000, 0x20000000, 0x40000000, 0x80000000,
|
|
0x1B000000, 0x36000000, 0x6C000000
|
|
};
|
|
|
|
/* Apply the s-box to each of the four occtets in w. */
|
|
static u32 aes_ks_subword(const u32 w)
|
|
{
|
|
u8 bytes[4];
|
|
|
|
*(u32*)(&bytes[0]) = w;
|
|
bytes[0] = aes_sbox[bytes[0]];
|
|
bytes[1] = aes_sbox[bytes[1]];
|
|
bytes[2] = aes_sbox[bytes[2]];
|
|
bytes[3] = aes_sbox[bytes[3]];
|
|
return *(u32*)(&bytes[0]);
|
|
}
|
|
|
|
/* The encrypt (forward) Rijndael key schedule algorithm pseudo code:
|
|
* (Note that AES words are 32 bit long)
|
|
*
|
|
* KeyExpansion(byte key[4*Nk], word w[Nb*(Nr+1)], Nk){
|
|
* word temp
|
|
* i = 0
|
|
* while (i < Nk) {
|
|
* w[i] = word(key[4*i, 4*i + 1, 4*i + 2, 4*i + 3])
|
|
* i = i + 1
|
|
* }
|
|
* i = Nk
|
|
*
|
|
* while (i < (Nb * (Nr + 1))) {
|
|
* temp = w[i - 1]
|
|
* if ((i mod Nk) == 0) {
|
|
* temp = SubWord(RotWord(temp)) xor Rcon[i/Nk]
|
|
* }
|
|
* else if ((Nk > 6) && ((i mod Nk) == 4)) {
|
|
* temp = SubWord(temp)
|
|
* }
|
|
* w[i] = w[i - Nk] xor temp
|
|
* }
|
|
* RotWord(t) does a 8 bit cyclic shift left on a 32 bit word.
|
|
* SubWord(t) applies the AES s-box individually to each octet
|
|
* in a 32 bit word.
|
|
*
|
|
* For AES Nk can have the values 4, 6, and 8 (corresponding to
|
|
* values for Nr of 10, 12, and 14). Nb is always 4.
|
|
*
|
|
* To construct w[i], w[i - 1] and w[i - Nk] must be
|
|
* available. Consequently we must keep a state of the last Nk words
|
|
* to be able to create the last round keys.
|
|
*/
|
|
static void get_aes_decrypt_key(unsigned char *dec_key, const unsigned char *key, unsigned int keylength)
|
|
{
|
|
u32 temp;
|
|
u32 w_ring[8]; /* nk is max 8, use elements 0..(nk - 1) as a ringbuffer */
|
|
u8 w_last_ix;
|
|
int i;
|
|
u8 nr, nk;
|
|
|
|
switch (keylength){
|
|
case 128:
|
|
nk = 4;
|
|
nr = 10;
|
|
break;
|
|
case 192:
|
|
nk = 6;
|
|
nr = 12;
|
|
break;
|
|
case 256:
|
|
nk = 8;
|
|
nr = 14;
|
|
break;
|
|
default:
|
|
panic("stream co-processor: bad aes key length in get_aes_decrypt_key\n");
|
|
};
|
|
|
|
/* Need to do host byte order correction here since key is byte oriented and the
|
|
* kx algorithm is word (u32) oriented. */
|
|
for (i = 0; i < nk; i+=1) {
|
|
w_ring[i] = be32_to_cpu(*(u32*)&key[4*i]);
|
|
}
|
|
|
|
i = (int)nk;
|
|
w_last_ix = i - 1;
|
|
while (i < (4 * (nr + 2))) {
|
|
temp = w_ring[w_last_ix];
|
|
if (!(i % nk)) {
|
|
/* RotWord(temp) */
|
|
temp = (temp << 8) | (temp >> 24);
|
|
temp = aes_ks_subword(temp);
|
|
temp ^= round_constant[i/nk - 1];
|
|
} else if ((nk > 6) && ((i % nk) == 4)) {
|
|
temp = aes_ks_subword(temp);
|
|
}
|
|
w_last_ix = (w_last_ix + 1) % nk; /* This is the same as (i-Nk) mod Nk */
|
|
temp ^= w_ring[w_last_ix];
|
|
w_ring[w_last_ix] = temp;
|
|
|
|
/* We need the round keys for round Nr+1 and Nr+2 (round key
|
|
* Nr+2 is the round key beyond the last one used when
|
|
* encrypting). Rounds are numbered starting from 0, Nr=10
|
|
* implies 11 rounds are used in encryption/decryption.
|
|
*/
|
|
if (i >= (4 * nr)) {
|
|
/* Need to do host byte order correction here, the key
|
|
* is byte oriented. */
|
|
*(u32*)dec_key = cpu_to_be32(temp);
|
|
dec_key += 4;
|
|
}
|
|
++i;
|
|
}
|
|
}
|
|
|
|
|
|
/**** Job/operation management. ****/
|
|
|
|
int cryptocop_job_queue_insert_csum(struct cryptocop_operation *operation)
|
|
{
|
|
return cryptocop_job_queue_insert(cryptocop_prio_kernel_csum, operation);
|
|
}
|
|
|
|
int cryptocop_job_queue_insert_crypto(struct cryptocop_operation *operation)
|
|
{
|
|
return cryptocop_job_queue_insert(cryptocop_prio_kernel, operation);
|
|
}
|
|
|
|
int cryptocop_job_queue_insert_user_job(struct cryptocop_operation *operation)
|
|
{
|
|
return cryptocop_job_queue_insert(cryptocop_prio_user, operation);
|
|
}
|
|
|
|
static int cryptocop_job_queue_insert(cryptocop_queue_priority prio, struct cryptocop_operation *operation)
|
|
{
|
|
int ret;
|
|
struct cryptocop_prio_job *pj = NULL;
|
|
unsigned long int flags;
|
|
|
|
DEBUG(printk("cryptocop_job_queue_insert(%d, 0x%p)\n", prio, operation));
|
|
|
|
if (!operation || !operation->cb){
|
|
DEBUG_API(printk("cryptocop_job_queue_insert oper=0x%p, NULL operation or callback\n", operation));
|
|
return -EINVAL;
|
|
}
|
|
|
|
if ((ret = cryptocop_job_setup(&pj, operation)) != 0){
|
|
DEBUG_API(printk("cryptocop_job_queue_insert: job setup failed\n"));
|
|
return ret;
|
|
}
|
|
assert(pj != NULL);
|
|
|
|
spin_lock_irqsave(&cryptocop_job_queue_lock, flags);
|
|
list_add_tail(&pj->node, &cryptocop_job_queues[prio].jobs);
|
|
spin_unlock_irqrestore(&cryptocop_job_queue_lock, flags);
|
|
|
|
/* Make sure a job is running */
|
|
cryptocop_start_job();
|
|
return 0;
|
|
}
|
|
|
|
static void cryptocop_do_tasklet(unsigned long unused);
|
|
DECLARE_TASKLET (cryptocop_tasklet, cryptocop_do_tasklet, 0);
|
|
|
|
static void cryptocop_do_tasklet(unsigned long unused)
|
|
{
|
|
struct list_head *node;
|
|
struct cryptocop_prio_job *pj = NULL;
|
|
unsigned long flags;
|
|
|
|
DEBUG(printk("cryptocop_do_tasklet: entering\n"));
|
|
|
|
do {
|
|
spin_lock_irqsave(&cryptocop_completed_jobs_lock, flags);
|
|
if (!list_empty(&cryptocop_completed_jobs)){
|
|
node = cryptocop_completed_jobs.next;
|
|
list_del(node);
|
|
pj = list_entry(node, struct cryptocop_prio_job, node);
|
|
} else {
|
|
pj = NULL;
|
|
}
|
|
spin_unlock_irqrestore(&cryptocop_completed_jobs_lock, flags);
|
|
if (pj) {
|
|
assert(pj->oper != NULL);
|
|
|
|
/* Notify consumer of operation completeness. */
|
|
DEBUG(printk("cryptocop_do_tasklet: callback 0x%p, data 0x%p\n", pj->oper->cb, pj->oper->cb_data));
|
|
|
|
pj->oper->operation_status = 0; /* Job is completed. */
|
|
pj->oper->cb(pj->oper, pj->oper->cb_data);
|
|
delete_internal_operation(pj->iop);
|
|
kfree(pj);
|
|
}
|
|
} while (pj != NULL);
|
|
|
|
DEBUG(printk("cryptocop_do_tasklet: exiting\n"));
|
|
}
|
|
|
|
static irqreturn_t
|
|
dma_done_interrupt(int irq, void *dev_id, struct pt_regs * regs)
|
|
{
|
|
struct cryptocop_prio_job *done_job;
|
|
reg_dma_rw_ack_intr ack_intr = {
|
|
.data = 1,
|
|
};
|
|
|
|
REG_WR (dma, regi_dma9, rw_ack_intr, ack_intr);
|
|
|
|
DEBUG(printk("cryptocop DMA done\n"));
|
|
|
|
spin_lock(&running_job_lock);
|
|
if (cryptocop_running_job == NULL){
|
|
printk("stream co-processor got interrupt when not busy\n");
|
|
spin_unlock(&running_job_lock);
|
|
return IRQ_HANDLED;
|
|
}
|
|
done_job = cryptocop_running_job;
|
|
cryptocop_running_job = NULL;
|
|
spin_unlock(&running_job_lock);
|
|
|
|
/* Start processing a job. */
|
|
if (!spin_trylock(&cryptocop_process_lock)){
|
|
DEBUG(printk("cryptocop irq handler, not starting a job\n"));
|
|
} else {
|
|
cryptocop_start_job();
|
|
spin_unlock(&cryptocop_process_lock);
|
|
}
|
|
|
|
done_job->oper->operation_status = 0; /* Job is completed. */
|
|
if (done_job->oper->fast_callback){
|
|
/* This operation wants callback from interrupt. */
|
|
done_job->oper->cb(done_job->oper, done_job->oper->cb_data);
|
|
delete_internal_operation(done_job->iop);
|
|
kfree(done_job);
|
|
} else {
|
|
spin_lock(&cryptocop_completed_jobs_lock);
|
|
list_add_tail(&(done_job->node), &cryptocop_completed_jobs);
|
|
spin_unlock(&cryptocop_completed_jobs_lock);
|
|
tasklet_schedule(&cryptocop_tasklet);
|
|
}
|
|
|
|
DEBUG(printk("cryptocop leave irq handler\n"));
|
|
return IRQ_HANDLED;
|
|
}
|
|
|
|
|
|
/* Setup interrupts and DMA channels. */
|
|
static int init_cryptocop(void)
|
|
{
|
|
unsigned long flags;
|
|
reg_intr_vect_rw_mask intr_mask;
|
|
reg_dma_rw_cfg dma_cfg = {.en = 1};
|
|
reg_dma_rw_intr_mask intr_mask_in = {.data = regk_dma_yes}; /* Only want descriptor interrupts from the DMA in channel. */
|
|
reg_dma_rw_ack_intr ack_intr = {.data = 1,.in_eop = 1 };
|
|
reg_strcop_rw_cfg strcop_cfg = {
|
|
.ipend = regk_strcop_little,
|
|
.td1 = regk_strcop_e,
|
|
.td2 = regk_strcop_d,
|
|
.td3 = regk_strcop_e,
|
|
.ignore_sync = 0,
|
|
.en = 1
|
|
};
|
|
|
|
if (request_irq(DMA9_INTR_VECT, dma_done_interrupt, 0, "stream co-processor DMA", NULL)) panic("request_irq stream co-processor irq dma9");
|
|
|
|
(void)crisv32_request_dma(8, "strcop", DMA_PANIC_ON_ERROR, 0, dma_strp);
|
|
(void)crisv32_request_dma(9, "strcop", DMA_PANIC_ON_ERROR, 0, dma_strp);
|
|
|
|
local_irq_save(flags);
|
|
|
|
/* Reset and enable the cryptocop. */
|
|
strcop_cfg.en = 0;
|
|
REG_WR(strcop, regi_strcop, rw_cfg, strcop_cfg);
|
|
strcop_cfg.en = 1;
|
|
REG_WR(strcop, regi_strcop, rw_cfg, strcop_cfg);
|
|
|
|
/* Enable DMA9 interrupt */
|
|
intr_mask = REG_RD(intr_vect, regi_irq, rw_mask);
|
|
intr_mask.dma9 = 1;
|
|
REG_WR(intr_vect, regi_irq, rw_mask, intr_mask);
|
|
|
|
/* Enable DMAs. */
|
|
REG_WR(dma, regi_dma9, rw_cfg, dma_cfg); /* input DMA */
|
|
REG_WR(dma, regi_dma8, rw_cfg, dma_cfg); /* output DMA */
|
|
|
|
/* Set up wordsize = 4 for DMAs. */
|
|
DMA_WR_CMD (regi_dma8, regk_dma_set_w_size4);
|
|
DMA_WR_CMD (regi_dma9, regk_dma_set_w_size4);
|
|
|
|
/* Enable interrupts. */
|
|
REG_WR(dma, regi_dma9, rw_intr_mask, intr_mask_in);
|
|
|
|
/* Clear intr ack. */
|
|
REG_WR(dma, regi_dma9, rw_ack_intr, ack_intr);
|
|
|
|
local_irq_restore(flags);
|
|
|
|
return 0;
|
|
}
|
|
|
|
/* Free used cryptocop hw resources (interrupt and DMA channels). */
|
|
static void release_cryptocop(void)
|
|
{
|
|
unsigned long flags;
|
|
reg_intr_vect_rw_mask intr_mask;
|
|
reg_dma_rw_cfg dma_cfg = {.en = 0};
|
|
reg_dma_rw_intr_mask intr_mask_in = {0};
|
|
reg_dma_rw_ack_intr ack_intr = {.data = 1,.in_eop = 1 };
|
|
|
|
local_irq_save(flags);
|
|
|
|
/* Clear intr ack. */
|
|
REG_WR(dma, regi_dma9, rw_ack_intr, ack_intr);
|
|
|
|
/* Disable DMA9 interrupt */
|
|
intr_mask = REG_RD(intr_vect, regi_irq, rw_mask);
|
|
intr_mask.dma9 = 0;
|
|
REG_WR(intr_vect, regi_irq, rw_mask, intr_mask);
|
|
|
|
/* Disable DMAs. */
|
|
REG_WR(dma, regi_dma9, rw_cfg, dma_cfg); /* input DMA */
|
|
REG_WR(dma, regi_dma8, rw_cfg, dma_cfg); /* output DMA */
|
|
|
|
/* Disable interrupts. */
|
|
REG_WR(dma, regi_dma9, rw_intr_mask, intr_mask_in);
|
|
|
|
local_irq_restore(flags);
|
|
|
|
free_irq(DMA9_INTR_VECT, NULL);
|
|
|
|
(void)crisv32_free_dma(8);
|
|
(void)crisv32_free_dma(9);
|
|
}
|
|
|
|
|
|
/* Init job queue. */
|
|
static int cryptocop_job_queue_init(void)
|
|
{
|
|
int i;
|
|
|
|
INIT_LIST_HEAD(&cryptocop_completed_jobs);
|
|
|
|
for (i = 0; i < cryptocop_prio_no_prios; i++){
|
|
cryptocop_job_queues[i].prio = (cryptocop_queue_priority)i;
|
|
INIT_LIST_HEAD(&cryptocop_job_queues[i].jobs);
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
|
|
static void cryptocop_job_queue_close(void)
|
|
{
|
|
struct list_head *node, *tmp;
|
|
struct cryptocop_prio_job *pj = NULL;
|
|
unsigned long int process_flags, flags;
|
|
int i;
|
|
|
|
/* FIXME: This is as yet untested code. */
|
|
|
|
/* Stop strcop from getting an operation to process while we are closing the
|
|
module. */
|
|
spin_lock_irqsave(&cryptocop_process_lock, process_flags);
|
|
|
|
/* Empty the job queue. */
|
|
for (i = 0; i < cryptocop_prio_no_prios; i++){
|
|
if (!list_empty(&(cryptocop_job_queues[i].jobs))){
|
|
list_for_each_safe(node, tmp, &(cryptocop_job_queues[i].jobs)) {
|
|
pj = list_entry(node, struct cryptocop_prio_job, node);
|
|
list_del(node);
|
|
|
|
/* Call callback to notify consumer of job removal. */
|
|
DEBUG(printk("cryptocop_job_queue_close: callback 0x%p, data 0x%p\n", pj->oper->cb, pj->oper->cb_data));
|
|
pj->oper->operation_status = -EINTR; /* Job is terminated without completion. */
|
|
pj->oper->cb(pj->oper, pj->oper->cb_data);
|
|
|
|
delete_internal_operation(pj->iop);
|
|
kfree(pj);
|
|
}
|
|
}
|
|
}
|
|
spin_unlock_irqrestore(&cryptocop_process_lock, process_flags);
|
|
|
|
/* Remove the running job, if any. */
|
|
spin_lock_irqsave(&running_job_lock, flags);
|
|
if (cryptocop_running_job){
|
|
reg_strcop_rw_cfg rw_cfg;
|
|
reg_dma_rw_cfg dma_out_cfg, dma_in_cfg;
|
|
|
|
/* Stop DMA. */
|
|
dma_out_cfg = REG_RD(dma, regi_dma8, rw_cfg);
|
|
dma_out_cfg.en = regk_dma_no;
|
|
REG_WR(dma, regi_dma8, rw_cfg, dma_out_cfg);
|
|
|
|
dma_in_cfg = REG_RD(dma, regi_dma9, rw_cfg);
|
|
dma_in_cfg.en = regk_dma_no;
|
|
REG_WR(dma, regi_dma9, rw_cfg, dma_in_cfg);
|
|
|
|
/* Disble the cryptocop. */
|
|
rw_cfg = REG_RD(strcop, regi_strcop, rw_cfg);
|
|
rw_cfg.en = 0;
|
|
REG_WR(strcop, regi_strcop, rw_cfg, rw_cfg);
|
|
|
|
pj = cryptocop_running_job;
|
|
cryptocop_running_job = NULL;
|
|
|
|
/* Call callback to notify consumer of job removal. */
|
|
DEBUG(printk("cryptocop_job_queue_close: callback 0x%p, data 0x%p\n", pj->oper->cb, pj->oper->cb_data));
|
|
pj->oper->operation_status = -EINTR; /* Job is terminated without completion. */
|
|
pj->oper->cb(pj->oper, pj->oper->cb_data);
|
|
|
|
delete_internal_operation(pj->iop);
|
|
kfree(pj);
|
|
}
|
|
spin_unlock_irqrestore(&running_job_lock, flags);
|
|
|
|
/* Remove completed jobs, if any. */
|
|
spin_lock_irqsave(&cryptocop_completed_jobs_lock, flags);
|
|
|
|
list_for_each_safe(node, tmp, &cryptocop_completed_jobs) {
|
|
pj = list_entry(node, struct cryptocop_prio_job, node);
|
|
list_del(node);
|
|
/* Call callback to notify consumer of job removal. */
|
|
DEBUG(printk("cryptocop_job_queue_close: callback 0x%p, data 0x%p\n", pj->oper->cb, pj->oper->cb_data));
|
|
pj->oper->operation_status = -EINTR; /* Job is terminated without completion. */
|
|
pj->oper->cb(pj->oper, pj->oper->cb_data);
|
|
|
|
delete_internal_operation(pj->iop);
|
|
kfree(pj);
|
|
}
|
|
spin_unlock_irqrestore(&cryptocop_completed_jobs_lock, flags);
|
|
}
|
|
|
|
|
|
static void cryptocop_start_job(void)
|
|
{
|
|
int i;
|
|
struct cryptocop_prio_job *pj;
|
|
unsigned long int flags;
|
|
unsigned long int running_job_flags;
|
|
reg_strcop_rw_cfg rw_cfg = {.en = 1, .ignore_sync = 0};
|
|
|
|
DEBUG(printk("cryptocop_start_job: entering\n"));
|
|
|
|
spin_lock_irqsave(&running_job_lock, running_job_flags);
|
|
if (cryptocop_running_job != NULL){
|
|
/* Already running. */
|
|
DEBUG(printk("cryptocop_start_job: already running, exit\n"));
|
|
spin_unlock_irqrestore(&running_job_lock, running_job_flags);
|
|
return;
|
|
}
|
|
spin_lock_irqsave(&cryptocop_job_queue_lock, flags);
|
|
|
|
/* Check the queues in priority order. */
|
|
for (i = cryptocop_prio_kernel_csum; (i < cryptocop_prio_no_prios) && list_empty(&cryptocop_job_queues[i].jobs); i++);
|
|
if (i == cryptocop_prio_no_prios) {
|
|
spin_unlock_irqrestore(&cryptocop_job_queue_lock, flags);
|
|
spin_unlock_irqrestore(&running_job_lock, running_job_flags);
|
|
DEBUG(printk("cryptocop_start_job: no jobs to run\n"));
|
|
return; /* No jobs to run */
|
|
}
|
|
DEBUG(printk("starting job for prio %d\n", i));
|
|
|
|
/* TODO: Do not starve lower priority jobs. Let in a lower
|
|
* prio job for every N-th processed higher prio job or some
|
|
* other scheduling policy. This could reasonably be
|
|
* tweakable since the optimal balance would depend on the
|
|
* type of load on the system. */
|
|
|
|
/* Pull the DMA lists from the job and start the DMA client. */
|
|
pj = list_entry(cryptocop_job_queues[i].jobs.next, struct cryptocop_prio_job, node);
|
|
list_del(&pj->node);
|
|
spin_unlock_irqrestore(&cryptocop_job_queue_lock, flags);
|
|
cryptocop_running_job = pj;
|
|
|
|
/* Set config register (3DES and CSUM modes). */
|
|
switch (pj->iop->tdes_mode){
|
|
case cryptocop_3des_eee:
|
|
rw_cfg.td1 = regk_strcop_e;
|
|
rw_cfg.td2 = regk_strcop_e;
|
|
rw_cfg.td3 = regk_strcop_e;
|
|
break;
|
|
case cryptocop_3des_eed:
|
|
rw_cfg.td1 = regk_strcop_e;
|
|
rw_cfg.td2 = regk_strcop_e;
|
|
rw_cfg.td3 = regk_strcop_d;
|
|
break;
|
|
case cryptocop_3des_ede:
|
|
rw_cfg.td1 = regk_strcop_e;
|
|
rw_cfg.td2 = regk_strcop_d;
|
|
rw_cfg.td3 = regk_strcop_e;
|
|
break;
|
|
case cryptocop_3des_edd:
|
|
rw_cfg.td1 = regk_strcop_e;
|
|
rw_cfg.td2 = regk_strcop_d;
|
|
rw_cfg.td3 = regk_strcop_d;
|
|
break;
|
|
case cryptocop_3des_dee:
|
|
rw_cfg.td1 = regk_strcop_d;
|
|
rw_cfg.td2 = regk_strcop_e;
|
|
rw_cfg.td3 = regk_strcop_e;
|
|
break;
|
|
case cryptocop_3des_ded:
|
|
rw_cfg.td1 = regk_strcop_d;
|
|
rw_cfg.td2 = regk_strcop_e;
|
|
rw_cfg.td3 = regk_strcop_d;
|
|
break;
|
|
case cryptocop_3des_dde:
|
|
rw_cfg.td1 = regk_strcop_d;
|
|
rw_cfg.td2 = regk_strcop_d;
|
|
rw_cfg.td3 = regk_strcop_e;
|
|
break;
|
|
case cryptocop_3des_ddd:
|
|
rw_cfg.td1 = regk_strcop_d;
|
|
rw_cfg.td2 = regk_strcop_d;
|
|
rw_cfg.td3 = regk_strcop_d;
|
|
break;
|
|
default:
|
|
DEBUG(printk("cryptocop_setup_dma_list: bad 3DES mode\n"));
|
|
}
|
|
switch (pj->iop->csum_mode){
|
|
case cryptocop_csum_le:
|
|
rw_cfg.ipend = regk_strcop_little;
|
|
break;
|
|
case cryptocop_csum_be:
|
|
rw_cfg.ipend = regk_strcop_big;
|
|
break;
|
|
default:
|
|
DEBUG(printk("cryptocop_setup_dma_list: bad checksum mode\n"));
|
|
}
|
|
REG_WR(strcop, regi_strcop, rw_cfg, rw_cfg);
|
|
|
|
DEBUG(printk("cryptocop_start_job: starting DMA, new cryptocop_running_job=0x%p\n"
|
|
"ctx_in: 0x%p, phys: 0x%p\n"
|
|
"ctx_out: 0x%p, phys: 0x%p\n",
|
|
pj,
|
|
&pj->iop->ctx_in, (char*)virt_to_phys(&pj->iop->ctx_in),
|
|
&pj->iop->ctx_out, (char*)virt_to_phys(&pj->iop->ctx_out)));
|
|
|
|
/* Start input DMA. */
|
|
DMA_START_CONTEXT(regi_dma9, virt_to_phys(&pj->iop->ctx_in));
|
|
|
|
/* Start output DMA. */
|
|
DMA_START_CONTEXT(regi_dma8, virt_to_phys(&pj->iop->ctx_out));
|
|
|
|
spin_unlock_irqrestore(&running_job_lock, running_job_flags);
|
|
DEBUG(printk("cryptocop_start_job: exiting\n"));
|
|
}
|
|
|
|
|
|
static int cryptocop_job_setup(struct cryptocop_prio_job **pj, struct cryptocop_operation *operation)
|
|
{
|
|
int err;
|
|
int alloc_flag = operation->in_interrupt ? GFP_ATOMIC : GFP_KERNEL;
|
|
void *iop_alloc_ptr = NULL;
|
|
|
|
*pj = kmalloc(sizeof (struct cryptocop_prio_job), alloc_flag);
|
|
if (!*pj) return -ENOMEM;
|
|
|
|
DEBUG(printk("cryptocop_job_setup: operation=0x%p\n", operation));
|
|
|
|
(*pj)->oper = operation;
|
|
DEBUG(printk("cryptocop_job_setup, cb=0x%p cb_data=0x%p\n", (*pj)->oper->cb, (*pj)->oper->cb_data));
|
|
|
|
if (operation->use_dmalists) {
|
|
DEBUG(print_user_dma_lists(&operation->list_op));
|
|
if (!operation->list_op.inlist || !operation->list_op.outlist || !operation->list_op.out_data_buf || !operation->list_op.in_data_buf){
|
|
DEBUG_API(printk("cryptocop_job_setup: bad indata (use_dmalists)\n"));
|
|
kfree(*pj);
|
|
return -EINVAL;
|
|
}
|
|
iop_alloc_ptr = kmalloc(DESCR_ALLOC_PAD + sizeof(struct cryptocop_int_operation), alloc_flag);
|
|
if (!iop_alloc_ptr) {
|
|
DEBUG_API(printk("cryptocop_job_setup: kmalloc cryptocop_int_operation\n"));
|
|
kfree(*pj);
|
|
return -ENOMEM;
|
|
}
|
|
(*pj)->iop = (struct cryptocop_int_operation*)(((unsigned long int)(iop_alloc_ptr + DESCR_ALLOC_PAD + offsetof(struct cryptocop_int_operation, ctx_out)) & ~0x0000001F) - offsetof(struct cryptocop_int_operation, ctx_out));
|
|
DEBUG(memset((*pj)->iop, 0xff, sizeof(struct cryptocop_int_operation)));
|
|
(*pj)->iop->alloc_ptr = iop_alloc_ptr;
|
|
(*pj)->iop->sid = operation->sid;
|
|
(*pj)->iop->cdesc_out = NULL;
|
|
(*pj)->iop->cdesc_in = NULL;
|
|
(*pj)->iop->tdes_mode = operation->list_op.tdes_mode;
|
|
(*pj)->iop->csum_mode = operation->list_op.csum_mode;
|
|
(*pj)->iop->ddesc_out = operation->list_op.outlist;
|
|
(*pj)->iop->ddesc_in = operation->list_op.inlist;
|
|
|
|
/* Setup DMA contexts. */
|
|
(*pj)->iop->ctx_out.next = NULL;
|
|
(*pj)->iop->ctx_out.eol = 1;
|
|
(*pj)->iop->ctx_out.saved_data = operation->list_op.outlist;
|
|
(*pj)->iop->ctx_out.saved_data_buf = operation->list_op.out_data_buf;
|
|
|
|
(*pj)->iop->ctx_in.next = NULL;
|
|
(*pj)->iop->ctx_in.eol = 1;
|
|
(*pj)->iop->ctx_in.saved_data = operation->list_op.inlist;
|
|
(*pj)->iop->ctx_in.saved_data_buf = operation->list_op.in_data_buf;
|
|
} else {
|
|
if ((err = cryptocop_setup_dma_list(operation, &(*pj)->iop, alloc_flag))) {
|
|
DEBUG_API(printk("cryptocop_job_setup: cryptocop_setup_dma_list failed %d\n", err));
|
|
kfree(*pj);
|
|
return err;
|
|
}
|
|
}
|
|
DEBUG(print_dma_descriptors((*pj)->iop));
|
|
|
|
DEBUG(printk("cryptocop_job_setup, DMA list setup successful\n"));
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
static int cryptocop_open(struct inode *inode, struct file *filp)
|
|
{
|
|
int p = iminor(inode);
|
|
|
|
if (p != CRYPTOCOP_MINOR) return -EINVAL;
|
|
|
|
filp->private_data = NULL;
|
|
return 0;
|
|
}
|
|
|
|
|
|
static int cryptocop_release(struct inode *inode, struct file *filp)
|
|
{
|
|
struct cryptocop_private *dev = filp->private_data;
|
|
struct cryptocop_private *dev_next;
|
|
|
|
while (dev){
|
|
dev_next = dev->next;
|
|
if (dev->sid != CRYPTOCOP_SESSION_ID_NONE) {
|
|
(void)cryptocop_free_session(dev->sid);
|
|
}
|
|
kfree(dev);
|
|
dev = dev_next;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
static int cryptocop_ioctl_close_session(struct inode *inode, struct file *filp,
|
|
unsigned int cmd, unsigned long arg)
|
|
{
|
|
struct cryptocop_private *dev = filp->private_data;
|
|
struct cryptocop_private *prev_dev = NULL;
|
|
struct strcop_session_op *sess_op = (struct strcop_session_op *)arg;
|
|
struct strcop_session_op sop;
|
|
int err;
|
|
|
|
DEBUG(printk("cryptocop_ioctl_close_session\n"));
|
|
|
|
if (!access_ok(VERIFY_READ, sess_op, sizeof(struct strcop_session_op)))
|
|
return -EFAULT;
|
|
err = copy_from_user(&sop, sess_op, sizeof(struct strcop_session_op));
|
|
if (err) return -EFAULT;
|
|
|
|
while (dev && (dev->sid != sop.ses_id)) {
|
|
prev_dev = dev;
|
|
dev = dev->next;
|
|
}
|
|
if (dev){
|
|
if (prev_dev){
|
|
prev_dev->next = dev->next;
|
|
} else {
|
|
filp->private_data = dev->next;
|
|
}
|
|
err = cryptocop_free_session(dev->sid);
|
|
if (err) return -EFAULT;
|
|
} else {
|
|
DEBUG_API(printk("cryptocop_ioctl_close_session: session %lld not found\n", sop.ses_id));
|
|
return -EINVAL;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
|
|
static void ioctl_process_job_callback(struct cryptocop_operation *op, void*cb_data)
|
|
{
|
|
struct ioctl_job_cb_ctx *jc = (struct ioctl_job_cb_ctx *)cb_data;
|
|
|
|
DEBUG(printk("ioctl_process_job_callback: op=0x%p, cb_data=0x%p\n", op, cb_data));
|
|
|
|
jc->processed = 1;
|
|
wake_up(&cryptocop_ioc_process_wq);
|
|
}
|
|
|
|
|
|
#define CRYPTOCOP_IOCTL_CIPHER_TID (1)
|
|
#define CRYPTOCOP_IOCTL_DIGEST_TID (2)
|
|
#define CRYPTOCOP_IOCTL_CSUM_TID (3)
|
|
|
|
static size_t first_cfg_change_ix(struct strcop_crypto_op *crp_op)
|
|
{
|
|
size_t ch_ix = 0;
|
|
|
|
if (crp_op->do_cipher) ch_ix = crp_op->cipher_start;
|
|
if (crp_op->do_digest && (crp_op->digest_start < ch_ix)) ch_ix = crp_op->digest_start;
|
|
if (crp_op->do_csum && (crp_op->csum_start < ch_ix)) ch_ix = crp_op->csum_start;
|
|
|
|
DEBUG(printk("first_cfg_change_ix: ix=%d\n", ch_ix));
|
|
return ch_ix;
|
|
}
|
|
|
|
|
|
static size_t next_cfg_change_ix(struct strcop_crypto_op *crp_op, size_t ix)
|
|
{
|
|
size_t ch_ix = INT_MAX;
|
|
size_t tmp_ix = 0;
|
|
|
|
if (crp_op->do_cipher && ((crp_op->cipher_start + crp_op->cipher_len) > ix)){
|
|
if (crp_op->cipher_start > ix) {
|
|
ch_ix = crp_op->cipher_start;
|
|
} else {
|
|
ch_ix = crp_op->cipher_start + crp_op->cipher_len;
|
|
}
|
|
}
|
|
if (crp_op->do_digest && ((crp_op->digest_start + crp_op->digest_len) > ix)){
|
|
if (crp_op->digest_start > ix) {
|
|
tmp_ix = crp_op->digest_start;
|
|
} else {
|
|
tmp_ix = crp_op->digest_start + crp_op->digest_len;
|
|
}
|
|
if (tmp_ix < ch_ix) ch_ix = tmp_ix;
|
|
}
|
|
if (crp_op->do_csum && ((crp_op->csum_start + crp_op->csum_len) > ix)){
|
|
if (crp_op->csum_start > ix) {
|
|
tmp_ix = crp_op->csum_start;
|
|
} else {
|
|
tmp_ix = crp_op->csum_start + crp_op->csum_len;
|
|
}
|
|
if (tmp_ix < ch_ix) ch_ix = tmp_ix;
|
|
}
|
|
if (ch_ix == INT_MAX) ch_ix = ix;
|
|
DEBUG(printk("next_cfg_change_ix prev ix=%d, next ix=%d\n", ix, ch_ix));
|
|
return ch_ix;
|
|
}
|
|
|
|
|
|
/* Map map_length bytes from the pages starting on *pageix and *pageoffset to iovecs starting on *iovix.
|
|
* Return -1 for ok, 0 for fail. */
|
|
static int map_pages_to_iovec(struct iovec *iov, int iovlen, int *iovix, struct page **pages, int nopages, int *pageix, int *pageoffset, int map_length )
|
|
{
|
|
int tmplen;
|
|
|
|
assert(iov != NULL);
|
|
assert(iovix != NULL);
|
|
assert(pages != NULL);
|
|
assert(pageix != NULL);
|
|
assert(pageoffset != NULL);
|
|
|
|
DEBUG(printk("map_pages_to_iovec, map_length=%d, iovlen=%d, *iovix=%d, nopages=%d, *pageix=%d, *pageoffset=%d\n", map_length, iovlen, *iovix, nopages, *pageix, *pageoffset));
|
|
|
|
while (map_length > 0){
|
|
DEBUG(printk("map_pages_to_iovec, map_length=%d, iovlen=%d, *iovix=%d, nopages=%d, *pageix=%d, *pageoffset=%d\n", map_length, iovlen, *iovix, nopages, *pageix, *pageoffset));
|
|
if (*iovix >= iovlen){
|
|
DEBUG_API(printk("map_page_to_iovec: *iovix=%d >= iovlen=%d\n", *iovix, iovlen));
|
|
return 0;
|
|
}
|
|
if (*pageix >= nopages){
|
|
DEBUG_API(printk("map_page_to_iovec: *pageix=%d >= nopages=%d\n", *pageix, nopages));
|
|
return 0;
|
|
}
|
|
iov[*iovix].iov_base = (unsigned char*)page_address(pages[*pageix]) + *pageoffset;
|
|
tmplen = PAGE_SIZE - *pageoffset;
|
|
if (tmplen < map_length){
|
|
(*pageoffset) = 0;
|
|
(*pageix)++;
|
|
} else {
|
|
tmplen = map_length;
|
|
(*pageoffset) += map_length;
|
|
}
|
|
DEBUG(printk("mapping %d bytes from page %d (or %d) to iovec %d\n", tmplen, *pageix, *pageix-1, *iovix));
|
|
iov[*iovix].iov_len = tmplen;
|
|
map_length -= tmplen;
|
|
(*iovix)++;
|
|
}
|
|
DEBUG(printk("map_page_to_iovec, exit, *iovix=%d\n", *iovix));
|
|
return -1;
|
|
}
|
|
|
|
|
|
|
|
static int cryptocop_ioctl_process(struct inode *inode, struct file *filp, unsigned int cmd, unsigned long arg)
|
|
{
|
|
int i;
|
|
struct cryptocop_private *dev = filp->private_data;
|
|
struct strcop_crypto_op *crp_oper = (struct strcop_crypto_op *)arg;
|
|
struct strcop_crypto_op oper = {0};
|
|
int err = 0;
|
|
struct cryptocop_operation *cop = NULL;
|
|
|
|
struct ioctl_job_cb_ctx *jc = NULL;
|
|
|
|
struct page **inpages = NULL;
|
|
struct page **outpages = NULL;
|
|
int noinpages = 0;
|
|
int nooutpages = 0;
|
|
|
|
struct cryptocop_desc descs[5]; /* Max 5 descriptors are needed, there are three transforms that
|
|
* can get connected/disconnected on different places in the indata. */
|
|
struct cryptocop_desc_cfg dcfgs[5*3];
|
|
int desc_ix = 0;
|
|
int dcfg_ix = 0;
|
|
struct cryptocop_tfrm_cfg ciph_tcfg = {0};
|
|
struct cryptocop_tfrm_cfg digest_tcfg = {0};
|
|
struct cryptocop_tfrm_cfg csum_tcfg = {0};
|
|
|
|
unsigned char *digest_result = NULL;
|
|
int digest_length = 0;
|
|
int cblocklen = 0;
|
|
unsigned char csum_result[CSUM_BLOCK_LENGTH];
|
|
struct cryptocop_session *sess;
|
|
|
|
int iovlen = 0;
|
|
int iovix = 0;
|
|
int pageix = 0;
|
|
int pageoffset = 0;
|
|
|
|
size_t prev_ix = 0;
|
|
size_t next_ix;
|
|
|
|
int cipher_active, digest_active, csum_active;
|
|
int end_digest, end_csum;
|
|
int digest_done = 0;
|
|
int cipher_done = 0;
|
|
int csum_done = 0;
|
|
|
|
DEBUG(printk("cryptocop_ioctl_process\n"));
|
|
|
|
if (!access_ok(VERIFY_WRITE, crp_oper, sizeof(struct strcop_crypto_op))){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: !access_ok crp_oper!\n"));
|
|
return -EFAULT;
|
|
}
|
|
if (copy_from_user(&oper, crp_oper, sizeof(struct strcop_crypto_op))) {
|
|
DEBUG_API(printk("cryptocop_ioctl_process: copy_from_user\n"));
|
|
return -EFAULT;
|
|
}
|
|
DEBUG(print_strcop_crypto_op(&oper));
|
|
|
|
while (dev && dev->sid != oper.ses_id) dev = dev->next;
|
|
if (!dev){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: session %lld not found\n", oper.ses_id));
|
|
return -EINVAL;
|
|
}
|
|
|
|
/* Check buffers. */
|
|
if (((oper.indata + oper.inlen) < oper.indata) || ((oper.cipher_outdata + oper.cipher_outlen) < oper.cipher_outdata)){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: user buffers wrapped around, bad user!\n"));
|
|
return -EINVAL;
|
|
}
|
|
|
|
if (!access_ok(VERIFY_WRITE, oper.cipher_outdata, oper.cipher_outlen)){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: !access_ok out data!\n"));
|
|
return -EFAULT;
|
|
}
|
|
if (!access_ok(VERIFY_READ, oper.indata, oper.inlen)){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: !access_ok in data!\n"));
|
|
return -EFAULT;
|
|
}
|
|
|
|
cop = kmalloc(sizeof(struct cryptocop_operation), GFP_KERNEL);
|
|
if (!cop) {
|
|
DEBUG_API(printk("cryptocop_ioctl_process: kmalloc\n"));
|
|
return -ENOMEM;
|
|
}
|
|
jc = kmalloc(sizeof(struct ioctl_job_cb_ctx), GFP_KERNEL);
|
|
if (!jc) {
|
|
DEBUG_API(printk("cryptocop_ioctl_process: kmalloc\n"));
|
|
err = -ENOMEM;
|
|
goto error_cleanup;
|
|
}
|
|
jc->processed = 0;
|
|
|
|
cop->cb_data = jc;
|
|
cop->cb = ioctl_process_job_callback;
|
|
cop->operation_status = 0;
|
|
cop->use_dmalists = 0;
|
|
cop->in_interrupt = 0;
|
|
cop->fast_callback = 0;
|
|
cop->tfrm_op.tfrm_cfg = NULL;
|
|
cop->tfrm_op.desc = NULL;
|
|
cop->tfrm_op.indata = NULL;
|
|
cop->tfrm_op.incount = 0;
|
|
cop->tfrm_op.inlen = 0;
|
|
cop->tfrm_op.outdata = NULL;
|
|
cop->tfrm_op.outcount = 0;
|
|
cop->tfrm_op.outlen = 0;
|
|
|
|
sess = get_session(oper.ses_id);
|
|
if (!sess){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: bad session id.\n"));
|
|
kfree(cop);
|
|
kfree(jc);
|
|
return -EINVAL;
|
|
}
|
|
|
|
if (oper.do_cipher) {
|
|
unsigned int cipher_outlen = 0;
|
|
struct cryptocop_transform_ctx *tc = get_transform_ctx(sess, CRYPTOCOP_IOCTL_CIPHER_TID);
|
|
if (!tc) {
|
|
DEBUG_API(printk("cryptocop_ioctl_process: no cipher transform in session.\n"));
|
|
err = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
ciph_tcfg.tid = CRYPTOCOP_IOCTL_CIPHER_TID;
|
|
ciph_tcfg.inject_ix = 0;
|
|
ciph_tcfg.flags = 0;
|
|
if ((oper.cipher_start < 0) || (oper.cipher_len <= 0) || (oper.cipher_start > oper.inlen) || ((oper.cipher_start + oper.cipher_len) > oper.inlen)){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: bad cipher length\n"));
|
|
kfree(cop);
|
|
kfree(jc);
|
|
return -EINVAL;
|
|
}
|
|
cblocklen = tc->init.alg == cryptocop_alg_aes ? AES_BLOCK_LENGTH : DES_BLOCK_LENGTH;
|
|
if (oper.cipher_len % cblocklen) {
|
|
kfree(cop);
|
|
kfree(jc);
|
|
DEBUG_API(printk("cryptocop_ioctl_process: cipher inlength not multiple of block length.\n"));
|
|
return -EINVAL;
|
|
}
|
|
cipher_outlen = oper.cipher_len;
|
|
if (tc->init.cipher_mode == cryptocop_cipher_mode_cbc){
|
|
if (oper.cipher_explicit) {
|
|
ciph_tcfg.flags |= CRYPTOCOP_EXPLICIT_IV;
|
|
memcpy(ciph_tcfg.iv, oper.cipher_iv, cblocklen);
|
|
} else {
|
|
cipher_outlen = oper.cipher_len - cblocklen;
|
|
}
|
|
} else {
|
|
if (oper.cipher_explicit){
|
|
kfree(cop);
|
|
kfree(jc);
|
|
DEBUG_API(printk("cryptocop_ioctl_process: explicit_iv when not CBC mode\n"));
|
|
return -EINVAL;
|
|
}
|
|
}
|
|
if (oper.cipher_outlen != cipher_outlen) {
|
|
kfree(cop);
|
|
kfree(jc);
|
|
DEBUG_API(printk("cryptocop_ioctl_process: cipher_outlen incorrect, should be %d not %d.\n", cipher_outlen, oper.cipher_outlen));
|
|
return -EINVAL;
|
|
}
|
|
|
|
if (oper.decrypt){
|
|
ciph_tcfg.flags |= CRYPTOCOP_DECRYPT;
|
|
} else {
|
|
ciph_tcfg.flags |= CRYPTOCOP_ENCRYPT;
|
|
}
|
|
ciph_tcfg.next = cop->tfrm_op.tfrm_cfg;
|
|
cop->tfrm_op.tfrm_cfg = &ciph_tcfg;
|
|
}
|
|
if (oper.do_digest){
|
|
struct cryptocop_transform_ctx *tc = get_transform_ctx(sess, CRYPTOCOP_IOCTL_DIGEST_TID);
|
|
if (!tc) {
|
|
DEBUG_API(printk("cryptocop_ioctl_process: no digest transform in session.\n"));
|
|
err = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
digest_length = tc->init.alg == cryptocop_alg_md5 ? 16 : 20;
|
|
digest_result = kmalloc(digest_length, GFP_KERNEL);
|
|
if (!digest_result) {
|
|
DEBUG_API(printk("cryptocop_ioctl_process: kmalloc digest_result\n"));
|
|
err = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
DEBUG(memset(digest_result, 0xff, digest_length));
|
|
|
|
digest_tcfg.tid = CRYPTOCOP_IOCTL_DIGEST_TID;
|
|
digest_tcfg.inject_ix = 0;
|
|
ciph_tcfg.inject_ix += digest_length;
|
|
if ((oper.digest_start < 0) || (oper.digest_len <= 0) || (oper.digest_start > oper.inlen) || ((oper.digest_start + oper.digest_len) > oper.inlen)){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: bad digest length\n"));
|
|
err = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
|
|
digest_tcfg.next = cop->tfrm_op.tfrm_cfg;
|
|
cop->tfrm_op.tfrm_cfg = &digest_tcfg;
|
|
}
|
|
if (oper.do_csum){
|
|
csum_tcfg.tid = CRYPTOCOP_IOCTL_CSUM_TID;
|
|
csum_tcfg.inject_ix = digest_length;
|
|
ciph_tcfg.inject_ix += 2;
|
|
|
|
if ((oper.csum_start < 0) || (oper.csum_len <= 0) || (oper.csum_start > oper.inlen) || ((oper.csum_start + oper.csum_len) > oper.inlen)){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: bad csum length\n"));
|
|
kfree(cop);
|
|
kfree(jc);
|
|
return -EINVAL;
|
|
}
|
|
|
|
csum_tcfg.next = cop->tfrm_op.tfrm_cfg;
|
|
cop->tfrm_op.tfrm_cfg = &csum_tcfg;
|
|
}
|
|
|
|
prev_ix = first_cfg_change_ix(&oper);
|
|
if (prev_ix > oper.inlen) {
|
|
DEBUG_API(printk("cryptocop_ioctl_process: length mismatch\n"));
|
|
nooutpages = noinpages = 0;
|
|
err = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
DEBUG(printk("cryptocop_ioctl_process: inlen=%d, cipher_outlen=%d\n", oper.inlen, oper.cipher_outlen));
|
|
|
|
/* Map user pages for in and out data of the operation. */
|
|
noinpages = (((unsigned long int)(oper.indata + prev_ix) & ~PAGE_MASK) + oper.inlen - 1 - prev_ix + ~PAGE_MASK) >> PAGE_SHIFT;
|
|
DEBUG(printk("cryptocop_ioctl_process: noinpages=%d\n", noinpages));
|
|
inpages = kmalloc(noinpages * sizeof(struct page*), GFP_KERNEL);
|
|
if (!inpages){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: kmalloc inpages\n"));
|
|
nooutpages = noinpages = 0;
|
|
err = -ENOMEM;
|
|
goto error_cleanup;
|
|
}
|
|
if (oper.do_cipher){
|
|
nooutpages = (((unsigned long int)oper.cipher_outdata & ~PAGE_MASK) + oper.cipher_outlen - 1 + ~PAGE_MASK) >> PAGE_SHIFT;
|
|
DEBUG(printk("cryptocop_ioctl_process: nooutpages=%d\n", nooutpages));
|
|
outpages = kmalloc(nooutpages * sizeof(struct page*), GFP_KERNEL);
|
|
if (!outpages){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: kmalloc outpages\n"));
|
|
nooutpages = noinpages = 0;
|
|
err = -ENOMEM;
|
|
goto error_cleanup;
|
|
}
|
|
}
|
|
|
|
/* Acquire the mm page semaphore. */
|
|
down_read(¤t->mm->mmap_sem);
|
|
|
|
err = get_user_pages(current,
|
|
current->mm,
|
|
(unsigned long int)(oper.indata + prev_ix),
|
|
noinpages,
|
|
0, /* read access only for in data */
|
|
0, /* no force */
|
|
inpages,
|
|
NULL);
|
|
|
|
if (err < 0) {
|
|
up_read(¤t->mm->mmap_sem);
|
|
nooutpages = noinpages = 0;
|
|
DEBUG_API(printk("cryptocop_ioctl_process: get_user_pages indata\n"));
|
|
goto error_cleanup;
|
|
}
|
|
noinpages = err;
|
|
if (oper.do_cipher){
|
|
err = get_user_pages(current,
|
|
current->mm,
|
|
(unsigned long int)oper.cipher_outdata,
|
|
nooutpages,
|
|
1, /* write access for out data */
|
|
0, /* no force */
|
|
outpages,
|
|
NULL);
|
|
up_read(¤t->mm->mmap_sem);
|
|
if (err < 0) {
|
|
nooutpages = 0;
|
|
DEBUG_API(printk("cryptocop_ioctl_process: get_user_pages outdata\n"));
|
|
goto error_cleanup;
|
|
}
|
|
nooutpages = err;
|
|
} else {
|
|
up_read(¤t->mm->mmap_sem);
|
|
}
|
|
|
|
/* Add 6 to nooutpages to make room for possibly inserted buffers for storing digest and
|
|
* csum output and splits when units are (dis-)connected. */
|
|
cop->tfrm_op.indata = kmalloc((noinpages) * sizeof(struct iovec), GFP_KERNEL);
|
|
cop->tfrm_op.outdata = kmalloc((6 + nooutpages) * sizeof(struct iovec), GFP_KERNEL);
|
|
if (!cop->tfrm_op.indata || !cop->tfrm_op.outdata) {
|
|
DEBUG_API(printk("cryptocop_ioctl_process: kmalloc iovecs\n"));
|
|
err = -ENOMEM;
|
|
goto error_cleanup;
|
|
}
|
|
|
|
cop->tfrm_op.inlen = oper.inlen - prev_ix;
|
|
cop->tfrm_op.outlen = 0;
|
|
if (oper.do_cipher) cop->tfrm_op.outlen += oper.cipher_outlen;
|
|
if (oper.do_digest) cop->tfrm_op.outlen += digest_length;
|
|
if (oper.do_csum) cop->tfrm_op.outlen += 2;
|
|
|
|
/* Setup the in iovecs. */
|
|
cop->tfrm_op.incount = noinpages;
|
|
if (noinpages > 1){
|
|
size_t tmplen = cop->tfrm_op.inlen;
|
|
|
|
cop->tfrm_op.indata[0].iov_len = PAGE_SIZE - ((unsigned long int)(oper.indata + prev_ix) & ~PAGE_MASK);
|
|
cop->tfrm_op.indata[0].iov_base = (unsigned char*)page_address(inpages[0]) + ((unsigned long int)(oper.indata + prev_ix) & ~PAGE_MASK);
|
|
tmplen -= cop->tfrm_op.indata[0].iov_len;
|
|
for (i = 1; i<noinpages; i++){
|
|
cop->tfrm_op.indata[i].iov_len = tmplen < PAGE_SIZE ? tmplen : PAGE_SIZE;
|
|
cop->tfrm_op.indata[i].iov_base = (unsigned char*)page_address(inpages[i]);
|
|
tmplen -= PAGE_SIZE;
|
|
}
|
|
} else {
|
|
cop->tfrm_op.indata[0].iov_len = oper.inlen - prev_ix;
|
|
cop->tfrm_op.indata[0].iov_base = (unsigned char*)page_address(inpages[0]) + ((unsigned long int)(oper.indata + prev_ix) & ~PAGE_MASK);
|
|
}
|
|
|
|
iovlen = nooutpages + 6;
|
|
pageoffset = oper.do_cipher ? ((unsigned long int)oper.cipher_outdata & ~PAGE_MASK) : 0;
|
|
|
|
next_ix = next_cfg_change_ix(&oper, prev_ix);
|
|
if (prev_ix == next_ix){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: length configuration broken.\n"));
|
|
err = -EINVAL; /* This should be impossible barring bugs. */
|
|
goto error_cleanup;
|
|
}
|
|
while (prev_ix != next_ix){
|
|
end_digest = end_csum = cipher_active = digest_active = csum_active = 0;
|
|
descs[desc_ix].cfg = NULL;
|
|
descs[desc_ix].length = next_ix - prev_ix;
|
|
|
|
if (oper.do_cipher && (oper.cipher_start < next_ix) && (prev_ix < (oper.cipher_start + oper.cipher_len))) {
|
|
dcfgs[dcfg_ix].tid = CRYPTOCOP_IOCTL_CIPHER_TID;
|
|
dcfgs[dcfg_ix].src = cryptocop_source_dma;
|
|
cipher_active = 1;
|
|
|
|
if (next_ix == (oper.cipher_start + oper.cipher_len)){
|
|
cipher_done = 1;
|
|
dcfgs[dcfg_ix].last = 1;
|
|
} else {
|
|
dcfgs[dcfg_ix].last = 0;
|
|
}
|
|
dcfgs[dcfg_ix].next = descs[desc_ix].cfg;
|
|
descs[desc_ix].cfg = &dcfgs[dcfg_ix];
|
|
++dcfg_ix;
|
|
}
|
|
if (oper.do_digest && (oper.digest_start < next_ix) && (prev_ix < (oper.digest_start + oper.digest_len))) {
|
|
digest_active = 1;
|
|
dcfgs[dcfg_ix].tid = CRYPTOCOP_IOCTL_DIGEST_TID;
|
|
dcfgs[dcfg_ix].src = cryptocop_source_dma;
|
|
if (next_ix == (oper.digest_start + oper.digest_len)){
|
|
assert(!digest_done);
|
|
digest_done = 1;
|
|
dcfgs[dcfg_ix].last = 1;
|
|
} else {
|
|
dcfgs[dcfg_ix].last = 0;
|
|
}
|
|
dcfgs[dcfg_ix].next = descs[desc_ix].cfg;
|
|
descs[desc_ix].cfg = &dcfgs[dcfg_ix];
|
|
++dcfg_ix;
|
|
}
|
|
if (oper.do_csum && (oper.csum_start < next_ix) && (prev_ix < (oper.csum_start + oper.csum_len))){
|
|
csum_active = 1;
|
|
dcfgs[dcfg_ix].tid = CRYPTOCOP_IOCTL_CSUM_TID;
|
|
dcfgs[dcfg_ix].src = cryptocop_source_dma;
|
|
if (next_ix == (oper.csum_start + oper.csum_len)){
|
|
csum_done = 1;
|
|
dcfgs[dcfg_ix].last = 1;
|
|
} else {
|
|
dcfgs[dcfg_ix].last = 0;
|
|
}
|
|
dcfgs[dcfg_ix].next = descs[desc_ix].cfg;
|
|
descs[desc_ix].cfg = &dcfgs[dcfg_ix];
|
|
++dcfg_ix;
|
|
}
|
|
if (!descs[desc_ix].cfg){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: data segment %d (%d to %d) had no active transforms\n", desc_ix, prev_ix, next_ix));
|
|
err = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
descs[desc_ix].next = &(descs[desc_ix]) + 1;
|
|
++desc_ix;
|
|
prev_ix = next_ix;
|
|
next_ix = next_cfg_change_ix(&oper, prev_ix);
|
|
}
|
|
if (desc_ix > 0){
|
|
descs[desc_ix-1].next = NULL;
|
|
} else {
|
|
descs[0].next = NULL;
|
|
}
|
|
if (oper.do_digest) {
|
|
DEBUG(printk("cryptocop_ioctl_process: mapping %d byte digest output to iovec %d\n", digest_length, iovix));
|
|
/* Add outdata iovec, length == <length of type of digest> */
|
|
cop->tfrm_op.outdata[iovix].iov_base = digest_result;
|
|
cop->tfrm_op.outdata[iovix].iov_len = digest_length;
|
|
++iovix;
|
|
}
|
|
if (oper.do_csum) {
|
|
/* Add outdata iovec, length == 2, the length of csum. */
|
|
DEBUG(printk("cryptocop_ioctl_process: mapping 2 byte csum output to iovec %d\n", iovix));
|
|
/* Add outdata iovec, length == <length of type of digest> */
|
|
cop->tfrm_op.outdata[iovix].iov_base = csum_result;
|
|
cop->tfrm_op.outdata[iovix].iov_len = 2;
|
|
++iovix;
|
|
}
|
|
if (oper.do_cipher) {
|
|
if (!map_pages_to_iovec(cop->tfrm_op.outdata, iovlen, &iovix, outpages, nooutpages, &pageix, &pageoffset, oper.cipher_outlen)){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: failed to map pages to iovec.\n"));
|
|
err = -ENOSYS; /* This should be impossible barring bugs. */
|
|
goto error_cleanup;
|
|
}
|
|
}
|
|
DEBUG(printk("cryptocop_ioctl_process: setting cop->tfrm_op.outcount %d\n", iovix));
|
|
cop->tfrm_op.outcount = iovix;
|
|
assert(iovix <= (nooutpages + 6));
|
|
|
|
cop->sid = oper.ses_id;
|
|
cop->tfrm_op.desc = &descs[0];
|
|
|
|
DEBUG(printk("cryptocop_ioctl_process: inserting job, cb_data=0x%p\n", cop->cb_data));
|
|
|
|
if ((err = cryptocop_job_queue_insert_user_job(cop)) != 0) {
|
|
DEBUG_API(printk("cryptocop_ioctl_process: insert job %d\n", err));
|
|
err = -EINVAL;
|
|
goto error_cleanup;
|
|
}
|
|
|
|
DEBUG(printk("cryptocop_ioctl_process: begin wait for result\n"));
|
|
|
|
wait_event(cryptocop_ioc_process_wq, (jc->processed != 0));
|
|
DEBUG(printk("cryptocop_ioctl_process: end wait for result\n"));
|
|
if (!jc->processed){
|
|
printk(KERN_WARNING "cryptocop_ioctl_process: job not processed at completion\n");
|
|
err = -EIO;
|
|
goto error_cleanup;
|
|
}
|
|
|
|
/* Job process done. Cipher output should already be correct in job so no post processing of outdata. */
|
|
DEBUG(printk("cryptocop_ioctl_process: operation_status = %d\n", cop->operation_status));
|
|
if (cop->operation_status == 0){
|
|
if (oper.do_digest){
|
|
DEBUG(printk("cryptocop_ioctl_process: copy %d bytes digest to user\n", digest_length));
|
|
err = copy_to_user((unsigned char*)crp_oper + offsetof(struct strcop_crypto_op, digest), digest_result, digest_length);
|
|
if (0 != err){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: copy_to_user, digest length %d, err %d\n", digest_length, err));
|
|
err = -EFAULT;
|
|
goto error_cleanup;
|
|
}
|
|
}
|
|
if (oper.do_csum){
|
|
DEBUG(printk("cryptocop_ioctl_process: copy 2 bytes checksum to user\n"));
|
|
err = copy_to_user((unsigned char*)crp_oper + offsetof(struct strcop_crypto_op, csum), csum_result, 2);
|
|
if (0 != err){
|
|
DEBUG_API(printk("cryptocop_ioctl_process: copy_to_user, csum, err %d\n", err));
|
|
err = -EFAULT;
|
|
goto error_cleanup;
|
|
}
|
|
}
|
|
err = 0;
|
|
} else {
|
|
DEBUG(printk("cryptocop_ioctl_process: returning err = operation_status = %d\n", cop->operation_status));
|
|
err = cop->operation_status;
|
|
}
|
|
|
|
error_cleanup:
|
|
/* Release page caches. */
|
|
for (i = 0; i < noinpages; i++){
|
|
put_page(inpages[i]);
|
|
}
|
|
for (i = 0; i < nooutpages; i++){
|
|
int spdl_err;
|
|
/* Mark output pages dirty. */
|
|
spdl_err = set_page_dirty_lock(outpages[i]);
|
|
DEBUG(if (spdl_err < 0)printk("cryptocop_ioctl_process: set_page_dirty_lock returned %d\n", spdl_err));
|
|
}
|
|
for (i = 0; i < nooutpages; i++){
|
|
put_page(outpages[i]);
|
|
}
|
|
|
|
kfree(digest_result);
|
|
kfree(inpages);
|
|
kfree(outpages);
|
|
if (cop){
|
|
kfree(cop->tfrm_op.indata);
|
|
kfree(cop->tfrm_op.outdata);
|
|
kfree(cop);
|
|
}
|
|
kfree(jc);
|
|
|
|
DEBUG(print_lock_status());
|
|
|
|
return err;
|
|
}
|
|
|
|
|
|
static int cryptocop_ioctl_create_session(struct inode *inode, struct file *filp, unsigned int cmd, unsigned long arg)
|
|
{
|
|
cryptocop_session_id sid;
|
|
int err;
|
|
struct cryptocop_private *dev;
|
|
struct strcop_session_op *sess_op = (struct strcop_session_op *)arg;
|
|
struct strcop_session_op sop;
|
|
struct cryptocop_transform_init *tis = NULL;
|
|
struct cryptocop_transform_init ti_cipher = {0};
|
|
struct cryptocop_transform_init ti_digest = {0};
|
|
struct cryptocop_transform_init ti_csum = {0};
|
|
|
|
if (!access_ok(VERIFY_WRITE, sess_op, sizeof(struct strcop_session_op)))
|
|
return -EFAULT;
|
|
err = copy_from_user(&sop, sess_op, sizeof(struct strcop_session_op));
|
|
if (err) return -EFAULT;
|
|
if (sop.cipher != cryptocop_cipher_none) {
|
|
if (!access_ok(VERIFY_READ, sop.key, sop.keylen)) return -EFAULT;
|
|
}
|
|
DEBUG(printk("cryptocop_ioctl_create_session, sess_op:\n"));
|
|
|
|
DEBUG(printk("\tcipher:%d\n"
|
|
"\tcipher_mode:%d\n"
|
|
"\tdigest:%d\n"
|
|
"\tcsum:%d\n",
|
|
(int)sop.cipher,
|
|
(int)sop.cmode,
|
|
(int)sop.digest,
|
|
(int)sop.csum));
|
|
|
|
if (sop.cipher != cryptocop_cipher_none){
|
|
/* Init the cipher. */
|
|
switch (sop.cipher){
|
|
case cryptocop_cipher_des:
|
|
ti_cipher.alg = cryptocop_alg_des;
|
|
break;
|
|
case cryptocop_cipher_3des:
|
|
ti_cipher.alg = cryptocop_alg_3des;
|
|
break;
|
|
case cryptocop_cipher_aes:
|
|
ti_cipher.alg = cryptocop_alg_aes;
|
|
break;
|
|
default:
|
|
DEBUG_API(printk("create session, bad cipher algorithm %d\n", sop.cipher));
|
|
return -EINVAL;
|
|
};
|
|
DEBUG(printk("setting cipher transform %d\n", ti_cipher.alg));
|
|
copy_from_user(ti_cipher.key, sop.key, sop.keylen/8);
|
|
ti_cipher.keylen = sop.keylen;
|
|
switch (sop.cmode){
|
|
case cryptocop_cipher_mode_cbc:
|
|
case cryptocop_cipher_mode_ecb:
|
|
ti_cipher.cipher_mode = sop.cmode;
|
|
break;
|
|
default:
|
|
DEBUG_API(printk("create session, bad cipher mode %d\n", sop.cmode));
|
|
return -EINVAL;
|
|
}
|
|
DEBUG(printk("cryptocop_ioctl_create_session: setting CBC mode %d\n", ti_cipher.cipher_mode));
|
|
switch (sop.des3_mode){
|
|
case cryptocop_3des_eee:
|
|
case cryptocop_3des_eed:
|
|
case cryptocop_3des_ede:
|
|
case cryptocop_3des_edd:
|
|
case cryptocop_3des_dee:
|
|
case cryptocop_3des_ded:
|
|
case cryptocop_3des_dde:
|
|
case cryptocop_3des_ddd:
|
|
ti_cipher.tdes_mode = sop.des3_mode;
|
|
break;
|
|
default:
|
|
DEBUG_API(printk("create session, bad 3DES mode %d\n", sop.des3_mode));
|
|
return -EINVAL;
|
|
}
|
|
ti_cipher.tid = CRYPTOCOP_IOCTL_CIPHER_TID;
|
|
ti_cipher.next = tis;
|
|
tis = &ti_cipher;
|
|
} /* if (sop.cipher != cryptocop_cipher_none) */
|
|
if (sop.digest != cryptocop_digest_none){
|
|
DEBUG(printk("setting digest transform\n"));
|
|
switch (sop.digest){
|
|
case cryptocop_digest_md5:
|
|
ti_digest.alg = cryptocop_alg_md5;
|
|
break;
|
|
case cryptocop_digest_sha1:
|
|
ti_digest.alg = cryptocop_alg_sha1;
|
|
break;
|
|
default:
|
|
DEBUG_API(printk("create session, bad digest algorithm %d\n", sop.digest));
|
|
return -EINVAL;
|
|
}
|
|
ti_digest.tid = CRYPTOCOP_IOCTL_DIGEST_TID;
|
|
ti_digest.next = tis;
|
|
tis = &ti_digest;
|
|
} /* if (sop.digest != cryptocop_digest_none) */
|
|
if (sop.csum != cryptocop_csum_none){
|
|
DEBUG(printk("setting csum transform\n"));
|
|
switch (sop.csum){
|
|
case cryptocop_csum_le:
|
|
case cryptocop_csum_be:
|
|
ti_csum.csum_mode = sop.csum;
|
|
break;
|
|
default:
|
|
DEBUG_API(printk("create session, bad checksum algorithm %d\n", sop.csum));
|
|
return -EINVAL;
|
|
}
|
|
ti_csum.alg = cryptocop_alg_csum;
|
|
ti_csum.tid = CRYPTOCOP_IOCTL_CSUM_TID;
|
|
ti_csum.next = tis;
|
|
tis = &ti_csum;
|
|
} /* (sop.csum != cryptocop_csum_none) */
|
|
dev = kmalloc(sizeof(struct cryptocop_private), GFP_KERNEL);
|
|
if (!dev){
|
|
DEBUG_API(printk("create session, alloc dev\n"));
|
|
return -ENOMEM;
|
|
}
|
|
|
|
err = cryptocop_new_session(&sid, tis, GFP_KERNEL);
|
|
DEBUG({ if (err) printk("create session, cryptocop_new_session %d\n", err);});
|
|
|
|
if (err) {
|
|
kfree(dev);
|
|
return err;
|
|
}
|
|
sess_op->ses_id = sid;
|
|
dev->sid = sid;
|
|
dev->next = filp->private_data;
|
|
filp->private_data = dev;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int cryptocop_ioctl(struct inode *inode, struct file *filp, unsigned int cmd, unsigned long arg)
|
|
{
|
|
int err = 0;
|
|
if (_IOC_TYPE(cmd) != ETRAXCRYPTOCOP_IOCTYPE) {
|
|
DEBUG_API(printk("cryptocop_ioctl: wrong type\n"));
|
|
return -ENOTTY;
|
|
}
|
|
if (_IOC_NR(cmd) > CRYPTOCOP_IO_MAXNR){
|
|
return -ENOTTY;
|
|
}
|
|
/* Access check of the argument. Some commands, e.g. create session and process op,
|
|
needs additional checks. Those are handled in the command handling functions. */
|
|
if (_IOC_DIR(cmd) & _IOC_READ)
|
|
err = !access_ok(VERIFY_WRITE, (void *)arg, _IOC_SIZE(cmd));
|
|
else if (_IOC_DIR(cmd) & _IOC_WRITE)
|
|
err = !access_ok(VERIFY_READ, (void *)arg, _IOC_SIZE(cmd));
|
|
if (err) return -EFAULT;
|
|
|
|
switch (cmd) {
|
|
case CRYPTOCOP_IO_CREATE_SESSION:
|
|
return cryptocop_ioctl_create_session(inode, filp, cmd, arg);
|
|
case CRYPTOCOP_IO_CLOSE_SESSION:
|
|
return cryptocop_ioctl_close_session(inode, filp, cmd, arg);
|
|
case CRYPTOCOP_IO_PROCESS_OP:
|
|
return cryptocop_ioctl_process(inode, filp, cmd, arg);
|
|
default:
|
|
DEBUG_API(printk("cryptocop_ioctl: unknown command\n"));
|
|
return -ENOTTY;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
|
|
#ifdef LDEBUG
|
|
static void print_dma_descriptors(struct cryptocop_int_operation *iop)
|
|
{
|
|
struct cryptocop_dma_desc *cdesc_out = iop->cdesc_out;
|
|
struct cryptocop_dma_desc *cdesc_in = iop->cdesc_in;
|
|
int i;
|
|
|
|
printk("print_dma_descriptors start\n");
|
|
|
|
printk("iop:\n");
|
|
printk("\tsid: 0x%lld\n", iop->sid);
|
|
|
|
printk("\tcdesc_out: 0x%p\n", iop->cdesc_out);
|
|
printk("\tcdesc_in: 0x%p\n", iop->cdesc_in);
|
|
printk("\tddesc_out: 0x%p\n", iop->ddesc_out);
|
|
printk("\tddesc_in: 0x%p\n", iop->ddesc_in);
|
|
|
|
printk("\niop->ctx_out: 0x%p phys: 0x%p\n", &iop->ctx_out, (char*)virt_to_phys(&iop->ctx_out));
|
|
printk("\tnext: 0x%p\n"
|
|
"\tsaved_data: 0x%p\n"
|
|
"\tsaved_data_buf: 0x%p\n",
|
|
iop->ctx_out.next,
|
|
iop->ctx_out.saved_data,
|
|
iop->ctx_out.saved_data_buf);
|
|
|
|
printk("\niop->ctx_in: 0x%p phys: 0x%p\n", &iop->ctx_in, (char*)virt_to_phys(&iop->ctx_in));
|
|
printk("\tnext: 0x%p\n"
|
|
"\tsaved_data: 0x%p\n"
|
|
"\tsaved_data_buf: 0x%p\n",
|
|
iop->ctx_in.next,
|
|
iop->ctx_in.saved_data,
|
|
iop->ctx_in.saved_data_buf);
|
|
|
|
i = 0;
|
|
while (cdesc_out) {
|
|
dma_descr_data *td;
|
|
printk("cdesc_out %d, desc=0x%p\n", i, cdesc_out->dma_descr);
|
|
printk("\n\tvirt_to_phys(desc): 0x%p\n", (char*)virt_to_phys(cdesc_out->dma_descr));
|
|
td = cdesc_out->dma_descr;
|
|
printk("\n\tbuf: 0x%p\n"
|
|
"\tafter: 0x%p\n"
|
|
"\tmd: 0x%04x\n"
|
|
"\tnext: 0x%p\n",
|
|
td->buf,
|
|
td->after,
|
|
td->md,
|
|
td->next);
|
|
printk("flags:\n"
|
|
"\twait:\t%d\n"
|
|
"\teol:\t%d\n"
|
|
"\touteop:\t%d\n"
|
|
"\tineop:\t%d\n"
|
|
"\tintr:\t%d\n",
|
|
td->wait,
|
|
td->eol,
|
|
td->out_eop,
|
|
td->in_eop,
|
|
td->intr);
|
|
cdesc_out = cdesc_out->next;
|
|
i++;
|
|
}
|
|
i = 0;
|
|
while (cdesc_in) {
|
|
dma_descr_data *td;
|
|
printk("cdesc_in %d, desc=0x%p\n", i, cdesc_in->dma_descr);
|
|
printk("\n\tvirt_to_phys(desc): 0x%p\n", (char*)virt_to_phys(cdesc_in->dma_descr));
|
|
td = cdesc_in->dma_descr;
|
|
printk("\n\tbuf: 0x%p\n"
|
|
"\tafter: 0x%p\n"
|
|
"\tmd: 0x%04x\n"
|
|
"\tnext: 0x%p\n",
|
|
td->buf,
|
|
td->after,
|
|
td->md,
|
|
td->next);
|
|
printk("flags:\n"
|
|
"\twait:\t%d\n"
|
|
"\teol:\t%d\n"
|
|
"\touteop:\t%d\n"
|
|
"\tineop:\t%d\n"
|
|
"\tintr:\t%d\n",
|
|
td->wait,
|
|
td->eol,
|
|
td->out_eop,
|
|
td->in_eop,
|
|
td->intr);
|
|
cdesc_in = cdesc_in->next;
|
|
i++;
|
|
}
|
|
|
|
printk("print_dma_descriptors end\n");
|
|
}
|
|
|
|
|
|
static void print_strcop_crypto_op(struct strcop_crypto_op *cop)
|
|
{
|
|
printk("print_strcop_crypto_op, 0x%p\n", cop);
|
|
|
|
/* Indata. */
|
|
printk("indata=0x%p\n"
|
|
"inlen=%d\n"
|
|
"do_cipher=%d\n"
|
|
"decrypt=%d\n"
|
|
"cipher_explicit=%d\n"
|
|
"cipher_start=%d\n"
|
|
"cipher_len=%d\n"
|
|
"outdata=0x%p\n"
|
|
"outlen=%d\n",
|
|
cop->indata,
|
|
cop->inlen,
|
|
cop->do_cipher,
|
|
cop->decrypt,
|
|
cop->cipher_explicit,
|
|
cop->cipher_start,
|
|
cop->cipher_len,
|
|
cop->cipher_outdata,
|
|
cop->cipher_outlen);
|
|
|
|
printk("do_digest=%d\n"
|
|
"digest_start=%d\n"
|
|
"digest_len=%d\n",
|
|
cop->do_digest,
|
|
cop->digest_start,
|
|
cop->digest_len);
|
|
|
|
printk("do_csum=%d\n"
|
|
"csum_start=%d\n"
|
|
"csum_len=%d\n",
|
|
cop->do_csum,
|
|
cop->csum_start,
|
|
cop->csum_len);
|
|
}
|
|
|
|
static void print_cryptocop_operation(struct cryptocop_operation *cop)
|
|
{
|
|
struct cryptocop_desc *d;
|
|
struct cryptocop_tfrm_cfg *tc;
|
|
struct cryptocop_desc_cfg *dc;
|
|
int i;
|
|
|
|
printk("print_cryptocop_operation, cop=0x%p\n\n", cop);
|
|
printk("sid: %lld\n", cop->sid);
|
|
printk("operation_status=%d\n"
|
|
"use_dmalists=%d\n"
|
|
"in_interrupt=%d\n"
|
|
"fast_callback=%d\n",
|
|
cop->operation_status,
|
|
cop->use_dmalists,
|
|
cop->in_interrupt,
|
|
cop->fast_callback);
|
|
|
|
if (cop->use_dmalists){
|
|
print_user_dma_lists(&cop->list_op);
|
|
} else {
|
|
printk("cop->tfrm_op\n"
|
|
"tfrm_cfg=0x%p\n"
|
|
"desc=0x%p\n"
|
|
"indata=0x%p\n"
|
|
"incount=%d\n"
|
|
"inlen=%d\n"
|
|
"outdata=0x%p\n"
|
|
"outcount=%d\n"
|
|
"outlen=%d\n\n",
|
|
cop->tfrm_op.tfrm_cfg,
|
|
cop->tfrm_op.desc,
|
|
cop->tfrm_op.indata,
|
|
cop->tfrm_op.incount,
|
|
cop->tfrm_op.inlen,
|
|
cop->tfrm_op.outdata,
|
|
cop->tfrm_op.outcount,
|
|
cop->tfrm_op.outlen);
|
|
|
|
tc = cop->tfrm_op.tfrm_cfg;
|
|
while (tc){
|
|
printk("tfrm_cfg, 0x%p\n"
|
|
"tid=%d\n"
|
|
"flags=%d\n"
|
|
"inject_ix=%d\n"
|
|
"next=0x%p\n",
|
|
tc,
|
|
tc->tid,
|
|
tc->flags,
|
|
tc->inject_ix,
|
|
tc->next);
|
|
tc = tc->next;
|
|
}
|
|
d = cop->tfrm_op.desc;
|
|
while (d){
|
|
printk("\n======================desc, 0x%p\n"
|
|
"length=%d\n"
|
|
"cfg=0x%p\n"
|
|
"next=0x%p\n",
|
|
d,
|
|
d->length,
|
|
d->cfg,
|
|
d->next);
|
|
dc = d->cfg;
|
|
while (dc){
|
|
printk("=========desc_cfg, 0x%p\n"
|
|
"tid=%d\n"
|
|
"src=%d\n"
|
|
"last=%d\n"
|
|
"next=0x%p\n",
|
|
dc,
|
|
dc->tid,
|
|
dc->src,
|
|
dc->last,
|
|
dc->next);
|
|
dc = dc->next;
|
|
}
|
|
d = d->next;
|
|
}
|
|
printk("\n====iniov\n");
|
|
for (i = 0; i < cop->tfrm_op.incount; i++){
|
|
printk("indata[%d]\n"
|
|
"base=0x%p\n"
|
|
"len=%d\n",
|
|
i,
|
|
cop->tfrm_op.indata[i].iov_base,
|
|
cop->tfrm_op.indata[i].iov_len);
|
|
}
|
|
printk("\n====outiov\n");
|
|
for (i = 0; i < cop->tfrm_op.outcount; i++){
|
|
printk("outdata[%d]\n"
|
|
"base=0x%p\n"
|
|
"len=%d\n",
|
|
i,
|
|
cop->tfrm_op.outdata[i].iov_base,
|
|
cop->tfrm_op.outdata[i].iov_len);
|
|
}
|
|
}
|
|
printk("------------end print_cryptocop_operation\n");
|
|
}
|
|
|
|
|
|
static void print_user_dma_lists(struct cryptocop_dma_list_operation *dma_op)
|
|
{
|
|
dma_descr_data *dd;
|
|
int i;
|
|
|
|
printk("print_user_dma_lists, dma_op=0x%p\n", dma_op);
|
|
|
|
printk("out_data_buf = 0x%p, phys_to_virt(out_data_buf) = 0x%p\n", dma_op->out_data_buf, phys_to_virt((unsigned long int)dma_op->out_data_buf));
|
|
printk("in_data_buf = 0x%p, phys_to_virt(in_data_buf) = 0x%p\n", dma_op->in_data_buf, phys_to_virt((unsigned long int)dma_op->in_data_buf));
|
|
|
|
printk("##############outlist\n");
|
|
dd = phys_to_virt((unsigned long int)dma_op->outlist);
|
|
i = 0;
|
|
while (dd != NULL) {
|
|
printk("#%d phys_to_virt(desc) 0x%p\n", i, dd);
|
|
printk("\n\tbuf: 0x%p\n"
|
|
"\tafter: 0x%p\n"
|
|
"\tmd: 0x%04x\n"
|
|
"\tnext: 0x%p\n",
|
|
dd->buf,
|
|
dd->after,
|
|
dd->md,
|
|
dd->next);
|
|
printk("flags:\n"
|
|
"\twait:\t%d\n"
|
|
"\teol:\t%d\n"
|
|
"\touteop:\t%d\n"
|
|
"\tineop:\t%d\n"
|
|
"\tintr:\t%d\n",
|
|
dd->wait,
|
|
dd->eol,
|
|
dd->out_eop,
|
|
dd->in_eop,
|
|
dd->intr);
|
|
if (dd->eol)
|
|
dd = NULL;
|
|
else
|
|
dd = phys_to_virt((unsigned long int)dd->next);
|
|
++i;
|
|
}
|
|
|
|
printk("##############inlist\n");
|
|
dd = phys_to_virt((unsigned long int)dma_op->inlist);
|
|
i = 0;
|
|
while (dd != NULL) {
|
|
printk("#%d phys_to_virt(desc) 0x%p\n", i, dd);
|
|
printk("\n\tbuf: 0x%p\n"
|
|
"\tafter: 0x%p\n"
|
|
"\tmd: 0x%04x\n"
|
|
"\tnext: 0x%p\n",
|
|
dd->buf,
|
|
dd->after,
|
|
dd->md,
|
|
dd->next);
|
|
printk("flags:\n"
|
|
"\twait:\t%d\n"
|
|
"\teol:\t%d\n"
|
|
"\touteop:\t%d\n"
|
|
"\tineop:\t%d\n"
|
|
"\tintr:\t%d\n",
|
|
dd->wait,
|
|
dd->eol,
|
|
dd->out_eop,
|
|
dd->in_eop,
|
|
dd->intr);
|
|
if (dd->eol)
|
|
dd = NULL;
|
|
else
|
|
dd = phys_to_virt((unsigned long int)dd->next);
|
|
++i;
|
|
}
|
|
}
|
|
|
|
|
|
static void print_lock_status(void)
|
|
{
|
|
printk("**********************print_lock_status\n");
|
|
printk("cryptocop_completed_jobs_lock %d\n", spin_is_locked(&cryptocop_completed_jobs_lock));
|
|
printk("cryptocop_job_queue_lock %d\n", spin_is_locked(&cryptocop_job_queue_lock));
|
|
printk("descr_pool_lock %d\n", spin_is_locked(&descr_pool_lock));
|
|
printk("cryptocop_sessions_lock %d\n", spin_is_locked(cryptocop_sessions_lock));
|
|
printk("running_job_lock %d\n", spin_is_locked(running_job_lock));
|
|
printk("cryptocop_process_lock %d\n", spin_is_locked(cryptocop_process_lock));
|
|
}
|
|
#endif /* LDEBUG */
|
|
|
|
|
|
static const char cryptocop_name[] = "ETRAX FS stream co-processor";
|
|
|
|
static int init_stream_coprocessor(void)
|
|
{
|
|
int err;
|
|
int i;
|
|
static int initialized = 0;
|
|
|
|
if (initialized)
|
|
return 0;
|
|
|
|
initialized = 1;
|
|
|
|
printk("ETRAX FS stream co-processor driver v0.01, (c) 2003 Axis Communications AB\n");
|
|
|
|
err = register_chrdev(CRYPTOCOP_MAJOR, cryptocop_name, &cryptocop_fops);
|
|
if (err < 0) {
|
|
printk(KERN_ERR "stream co-processor: could not get major number.\n");
|
|
return err;
|
|
}
|
|
|
|
err = init_cryptocop();
|
|
if (err) {
|
|
(void)unregister_chrdev(CRYPTOCOP_MAJOR, cryptocop_name);
|
|
return err;
|
|
}
|
|
err = cryptocop_job_queue_init();
|
|
if (err) {
|
|
release_cryptocop();
|
|
(void)unregister_chrdev(CRYPTOCOP_MAJOR, cryptocop_name);
|
|
return err;
|
|
}
|
|
/* Init the descriptor pool. */
|
|
for (i = 0; i < CRYPTOCOP_DESCRIPTOR_POOL_SIZE - 1; i++) {
|
|
descr_pool[i].from_pool = 1;
|
|
descr_pool[i].next = &descr_pool[i + 1];
|
|
}
|
|
descr_pool[i].from_pool = 1;
|
|
descr_pool[i].next = NULL;
|
|
descr_pool_free_list = &descr_pool[0];
|
|
descr_pool_no_free = CRYPTOCOP_DESCRIPTOR_POOL_SIZE;
|
|
|
|
spin_lock_init(&cryptocop_completed_jobs_lock);
|
|
spin_lock_init(&cryptocop_job_queue_lock);
|
|
spin_lock_init(&descr_pool_lock);
|
|
spin_lock_init(&cryptocop_sessions_lock);
|
|
spin_lock_init(&running_job_lock);
|
|
spin_lock_init(&cryptocop_process_lock);
|
|
|
|
cryptocop_sessions = NULL;
|
|
next_sid = 1;
|
|
|
|
cryptocop_running_job = NULL;
|
|
|
|
printk("stream co-processor: init done.\n");
|
|
return 0;
|
|
}
|
|
|
|
static void __exit exit_stream_coprocessor(void)
|
|
{
|
|
release_cryptocop();
|
|
cryptocop_job_queue_close();
|
|
}
|
|
|
|
module_init(init_stream_coprocessor);
|
|
module_exit(exit_stream_coprocessor);
|
|
|
|
|