Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit 7d024608265eb815ae4ce1e5da097ec9d800dda4

Authored by Herbert Xu
1 parent f63559bef3
Exists in master and in 7 other branches imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-l5.0.0_1.0.0-ga

crypto: padlock - Use shash fallback for sha 

This patch changes padlock sha fallback to shash instead of hash.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Showing 1 changed file with 52 additions and 30 deletions Inline Diff

drivers/crypto/padlock-sha.c
Diff comments   View file @ 7d02460
1 /* 1 /*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * Support for VIA PadLock hardware crypto engine. 4 * Support for VIA PadLock hardware crypto engine.
5 * 5 *
6 * Copyright (c) 2006 Michal Ludvig <michal@logix.cz> 6 * Copyright (c) 2006 Michal Ludvig <michal@logix.cz>
7 * 7 *
8 * This program is free software; you can redistribute it and/or modify 8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by 9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or 10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version. 11 * (at your option) any later version.
12 * 12 *
13 */ 13 */
14 14
15 #include <crypto/algapi.h> 15 #include <crypto/internal/hash.h>
16 #include <crypto/sha.h> 16 #include <crypto/sha.h>
17 #include <linux/err.h> 17 #include <linux/err.h>
18 #include <linux/module.h> 18 #include <linux/module.h>
19 #include <linux/init.h> 19 #include <linux/init.h>
20 #include <linux/errno.h> 20 #include <linux/errno.h>
21 #include <linux/cryptohash.h>
22 #include <linux/interrupt.h> 21 #include <linux/interrupt.h>
23 #include <linux/kernel.h> 22 #include <linux/kernel.h>
24 #include <linux/scatterlist.h> 23 #include <linux/scatterlist.h>
25 #include <asm/i387.h> 24 #include <asm/i387.h>
26 #include "padlock.h" 25 #include "padlock.h"
27 26
28 #define SHA1_DEFAULT_FALLBACK "sha1-generic"
29 #define SHA256_DEFAULT_FALLBACK "sha256-generic"
30
31 struct padlock_sha_ctx { 27 struct padlock_sha_ctx {
32 char *data; 28 char *data;
33 size_t used; 29 size_t used;
34 int bypass; 30 int bypass;
35 void (*f_sha_padlock)(const char *in, char *out, int count); 31 void (*f_sha_padlock)(const char *in, char *out, int count);
36 struct hash_desc fallback; 32 struct shash_desc *fallback;
37 }; 33 };
38 34
39 static inline struct padlock_sha_ctx *ctx(struct crypto_tfm *tfm) 35 static inline struct padlock_sha_ctx *ctx(struct crypto_tfm *tfm)
40 { 36 {
41 return crypto_tfm_ctx(tfm); 37 return crypto_tfm_ctx(tfm);
42 } 38 }
43 39
44 /* We'll need aligned address on the stack */ 40 /* We'll need aligned address on the stack */
45 #define NEAREST_ALIGNED(ptr) \ 41 #define NEAREST_ALIGNED(ptr) \
46 ((void *)ALIGN((size_t)(ptr), PADLOCK_ALIGNMENT)) 42 ((void *)ALIGN((size_t)(ptr), PADLOCK_ALIGNMENT))
47 43
48 static struct crypto_alg sha1_alg, sha256_alg; 44 static struct crypto_alg sha1_alg, sha256_alg;
49 45
50 static void padlock_sha_bypass(struct crypto_tfm *tfm) 46 static int padlock_sha_bypass(struct crypto_tfm *tfm)
51 { 47 {
48 int err = 0;
49
52 if (ctx(tfm)->bypass) 50 if (ctx(tfm)->bypass)
53 return; 51 goto out;
54 52
55 crypto_hash_init(&ctx(tfm)->fallback); 53 err = crypto_shash_init(ctx(tfm)->fallback);
56 if (ctx(tfm)->data && ctx(tfm)->used) { 54 if (err)
57 struct scatterlist sg; 55 goto out;
58 56
59 sg_init_one(&sg, ctx(tfm)->data, ctx(tfm)->used); 57 if (ctx(tfm)->data && ctx(tfm)->used)
60 crypto_hash_update(&ctx(tfm)->fallback, &sg, sg.length); 58 err = crypto_shash_update(ctx(tfm)->fallback, ctx(tfm)->data,
61 } 59 ctx(tfm)->used);
62 60
63 ctx(tfm)->used = 0; 61 ctx(tfm)->used = 0;
64 ctx(tfm)->bypass = 1; 62 ctx(tfm)->bypass = 1;
63
64 out:
65 return err;
65 } 66 }
66 67
67 static void padlock_sha_init(struct crypto_tfm *tfm) 68 static void padlock_sha_init(struct crypto_tfm *tfm)
68 { 69 {
69 ctx(tfm)->used = 0; 70 ctx(tfm)->used = 0;
70 ctx(tfm)->bypass = 0; 71 ctx(tfm)->bypass = 0;
71 } 72 }
72 73
73 static void padlock_sha_update(struct crypto_tfm *tfm, 74 static void padlock_sha_update(struct crypto_tfm *tfm,
74 const uint8_t *data, unsigned int length) 75 const uint8_t *data, unsigned int length)
75 { 76 {
77 int err;
78
76 /* Our buffer is always one page. */ 79 /* Our buffer is always one page. */
77 if (unlikely(!ctx(tfm)->bypass && 80 if (unlikely(!ctx(tfm)->bypass &&
78 (ctx(tfm)->used + length > PAGE_SIZE))) 81 (ctx(tfm)->used + length > PAGE_SIZE))) {
79 padlock_sha_bypass(tfm); 82 err = padlock_sha_bypass(tfm);
83 BUG_ON(err);
84 }
80 85
81 if (unlikely(ctx(tfm)->bypass)) { 86 if (unlikely(ctx(tfm)->bypass)) {
82 struct scatterlist sg; 87 err = crypto_shash_update(ctx(tfm)->fallback, data, length);
83 sg_init_one(&sg, (uint8_t *)data, length); 88 BUG_ON(err);
84 crypto_hash_update(&ctx(tfm)->fallback, &sg, length);
85 return; 89 return;
86 } 90 }
87 91
88 memcpy(ctx(tfm)->data + ctx(tfm)->used, data, length); 92 memcpy(ctx(tfm)->data + ctx(tfm)->used, data, length);
89 ctx(tfm)->used += length; 93 ctx(tfm)->used += length;
90 } 94 }
91 95
92 static inline void padlock_output_block(uint32_t *src, 96 static inline void padlock_output_block(uint32_t *src,
93 uint32_t *dst, size_t count) 97 uint32_t *dst, size_t count)
94 { 98 {
95 while (count--) 99 while (count--)
96 *dst++ = swab32(*src++); 100 *dst++ = swab32(*src++);
97 } 101 }
98 102
99 static void padlock_do_sha1(const char *in, char *out, int count) 103 static void padlock_do_sha1(const char *in, char *out, int count)
100 { 104 {
101 /* We can't store directly to *out as it may be unaligned. */ 105 /* We can't store directly to *out as it may be unaligned. */
102 /* BTW Don't reduce the buffer size below 128 Bytes! 106 /* BTW Don't reduce the buffer size below 128 Bytes!
103 * PadLock microcode needs it that big. */ 107 * PadLock microcode needs it that big. */
104 char buf[128+16]; 108 char buf[128+16];
105 char *result = NEAREST_ALIGNED(buf); 109 char *result = NEAREST_ALIGNED(buf);
106 int ts_state; 110 int ts_state;
107 111
108 ((uint32_t *)result)[0] = SHA1_H0; 112 ((uint32_t *)result)[0] = SHA1_H0;
109 ((uint32_t *)result)[1] = SHA1_H1; 113 ((uint32_t *)result)[1] = SHA1_H1;
110 ((uint32_t *)result)[2] = SHA1_H2; 114 ((uint32_t *)result)[2] = SHA1_H2;
111 ((uint32_t *)result)[3] = SHA1_H3; 115 ((uint32_t *)result)[3] = SHA1_H3;
112 ((uint32_t *)result)[4] = SHA1_H4; 116 ((uint32_t *)result)[4] = SHA1_H4;
113 117
114 /* prevent taking the spurious DNA fault with padlock. */ 118 /* prevent taking the spurious DNA fault with padlock. */
115 ts_state = irq_ts_save(); 119 ts_state = irq_ts_save();
116 asm volatile (".byte 0xf3,0x0f,0xa6,0xc8" /* rep xsha1 */ 120 asm volatile (".byte 0xf3,0x0f,0xa6,0xc8" /* rep xsha1 */
117 : "+S"(in), "+D"(result) 121 : "+S"(in), "+D"(result)
118 : "c"(count), "a"(0)); 122 : "c"(count), "a"(0));
119 irq_ts_restore(ts_state); 123 irq_ts_restore(ts_state);
120 124
121 padlock_output_block((uint32_t *)result, (uint32_t *)out, 5); 125 padlock_output_block((uint32_t *)result, (uint32_t *)out, 5);
122 } 126 }
123 127
124 static void padlock_do_sha256(const char *in, char *out, int count) 128 static void padlock_do_sha256(const char *in, char *out, int count)
125 { 129 {
126 /* We can't store directly to *out as it may be unaligned. */ 130 /* We can't store directly to *out as it may be unaligned. */
127 /* BTW Don't reduce the buffer size below 128 Bytes! 131 /* BTW Don't reduce the buffer size below 128 Bytes!
128 * PadLock microcode needs it that big. */ 132 * PadLock microcode needs it that big. */
129 char buf[128+16]; 133 char buf[128+16];
130 char *result = NEAREST_ALIGNED(buf); 134 char *result = NEAREST_ALIGNED(buf);
131 int ts_state; 135 int ts_state;
132 136
133 ((uint32_t *)result)[0] = SHA256_H0; 137 ((uint32_t *)result)[0] = SHA256_H0;
134 ((uint32_t *)result)[1] = SHA256_H1; 138 ((uint32_t *)result)[1] = SHA256_H1;
135 ((uint32_t *)result)[2] = SHA256_H2; 139 ((uint32_t *)result)[2] = SHA256_H2;
136 ((uint32_t *)result)[3] = SHA256_H3; 140 ((uint32_t *)result)[3] = SHA256_H3;
137 ((uint32_t *)result)[4] = SHA256_H4; 141 ((uint32_t *)result)[4] = SHA256_H4;
138 ((uint32_t *)result)[5] = SHA256_H5; 142 ((uint32_t *)result)[5] = SHA256_H5;
139 ((uint32_t *)result)[6] = SHA256_H6; 143 ((uint32_t *)result)[6] = SHA256_H6;
140 ((uint32_t *)result)[7] = SHA256_H7; 144 ((uint32_t *)result)[7] = SHA256_H7;
141 145
142 /* prevent taking the spurious DNA fault with padlock. */ 146 /* prevent taking the spurious DNA fault with padlock. */
143 ts_state = irq_ts_save(); 147 ts_state = irq_ts_save();
144 asm volatile (".byte 0xf3,0x0f,0xa6,0xd0" /* rep xsha256 */ 148 asm volatile (".byte 0xf3,0x0f,0xa6,0xd0" /* rep xsha256 */
145 : "+S"(in), "+D"(result) 149 : "+S"(in), "+D"(result)
146 : "c"(count), "a"(0)); 150 : "c"(count), "a"(0));
147 irq_ts_restore(ts_state); 151 irq_ts_restore(ts_state);
148 152
149 padlock_output_block((uint32_t *)result, (uint32_t *)out, 8); 153 padlock_output_block((uint32_t *)result, (uint32_t *)out, 8);
150 } 154 }
151 155
152 static void padlock_sha_final(struct crypto_tfm *tfm, uint8_t *out) 156 static void padlock_sha_final(struct crypto_tfm *tfm, uint8_t *out)
153 { 157 {
158 int err;
159
154 if (unlikely(ctx(tfm)->bypass)) { 160 if (unlikely(ctx(tfm)->bypass)) {
155 crypto_hash_final(&ctx(tfm)->fallback, out); 161 err = crypto_shash_final(ctx(tfm)->fallback, out);
162 BUG_ON(err);
156 ctx(tfm)->bypass = 0; 163 ctx(tfm)->bypass = 0;
157 return; 164 return;
158 } 165 }
159 166
160 /* Pass the input buffer to PadLock microcode... */ 167 /* Pass the input buffer to PadLock microcode... */
161 ctx(tfm)->f_sha_padlock(ctx(tfm)->data, out, ctx(tfm)->used); 168 ctx(tfm)->f_sha_padlock(ctx(tfm)->data, out, ctx(tfm)->used);
162 169
163 ctx(tfm)->used = 0; 170 ctx(tfm)->used = 0;
164 } 171 }
165 172
166 static int padlock_cra_init(struct crypto_tfm *tfm) 173 static int padlock_cra_init(struct crypto_tfm *tfm)
167 { 174 {
168 const char *fallback_driver_name = tfm->__crt_alg->cra_name; 175 const char *fallback_driver_name = tfm->__crt_alg->cra_name;
169 struct crypto_hash *fallback_tfm; 176 struct crypto_shash *fallback_tfm;
177 int err = -ENOMEM;
170 178
171 /* For now we'll allocate one page. This 179 /* For now we'll allocate one page. This
172 * could eventually be configurable one day. */ 180 * could eventually be configurable one day. */
173 ctx(tfm)->data = (char *)__get_free_page(GFP_KERNEL); 181 ctx(tfm)->data = (char *)__get_free_page(GFP_KERNEL);
174 if (!ctx(tfm)->data) 182 if (!ctx(tfm)->data)
175 return -ENOMEM; 183 goto out;
176 184
177 /* Allocate a fallback and abort if it failed. */ 185 /* Allocate a fallback and abort if it failed. */
178 fallback_tfm = crypto_alloc_hash(fallback_driver_name, 0, 186 fallback_tfm = crypto_alloc_shash(fallback_driver_name, 0,
179 CRYPTO_ALG_ASYNC | 187 CRYPTO_ALG_NEED_FALLBACK);
180 CRYPTO_ALG_NEED_FALLBACK);
181 if (IS_ERR(fallback_tfm)) { 188 if (IS_ERR(fallback_tfm)) {
182 printk(KERN_WARNING PFX "Fallback driver '%s' could not be loaded!\n", 189 printk(KERN_WARNING PFX "Fallback driver '%s' could not be loaded!\n",
183 fallback_driver_name); 190 fallback_driver_name);
184 free_page((unsigned long)(ctx(tfm)->data)); 191 err = PTR_ERR(fallback_tfm);
185 return PTR_ERR(fallback_tfm); 192 goto out_free_page;
186 } 193 }
187 194
188 ctx(tfm)->fallback.tfm = fallback_tfm; 195 ctx(tfm)->fallback = kmalloc(sizeof(struct shash_desc) +
196 crypto_shash_descsize(fallback_tfm),
197 GFP_KERNEL);
198 if (!ctx(tfm)->fallback)
199 goto out_free_tfm;
200
201 ctx(tfm)->fallback->tfm = fallback_tfm;
202 ctx(tfm)->fallback->flags = 0;
189 return 0; 203 return 0;
204
205 out_free_tfm:
206 crypto_free_shash(fallback_tfm);
207 out_free_page:
208 free_page((unsigned long)(ctx(tfm)->data));
209 out:
210 return err;
190 } 211 }
191 212
192 static int padlock_sha1_cra_init(struct crypto_tfm *tfm) 213 static int padlock_sha1_cra_init(struct crypto_tfm *tfm)
193 { 214 {
194 ctx(tfm)->f_sha_padlock = padlock_do_sha1; 215 ctx(tfm)->f_sha_padlock = padlock_do_sha1;
195 216
196 return padlock_cra_init(tfm); 217 return padlock_cra_init(tfm);
197 } 218 }
198 219
199 static int padlock_sha256_cra_init(struct crypto_tfm *tfm) 220 static int padlock_sha256_cra_init(struct crypto_tfm *tfm)
200 { 221 {
201 ctx(tfm)->f_sha_padlock = padlock_do_sha256; 222 ctx(tfm)->f_sha_padlock = padlock_do_sha256;
202 223
203 return padlock_cra_init(tfm); 224 return padlock_cra_init(tfm);
204 } 225 }
205 226
206 static void padlock_cra_exit(struct crypto_tfm *tfm) 227 static void padlock_cra_exit(struct crypto_tfm *tfm)
207 { 228 {
208 if (ctx(tfm)->data) { 229 if (ctx(tfm)->data) {
209 free_page((unsigned long)(ctx(tfm)->data)); 230 free_page((unsigned long)(ctx(tfm)->data));
210 ctx(tfm)->data = NULL; 231 ctx(tfm)->data = NULL;
211 } 232 }
212 233
213 crypto_free_hash(ctx(tfm)->fallback.tfm); 234 crypto_free_shash(ctx(tfm)->fallback->tfm);
214 ctx(tfm)->fallback.tfm = NULL; 235
236 kzfree(ctx(tfm)->fallback);
215 } 237 }
216 238
217 static struct crypto_alg sha1_alg = { 239 static struct crypto_alg sha1_alg = {
218 .cra_name = "sha1", 240 .cra_name = "sha1",
219 .cra_driver_name = "sha1-padlock", 241 .cra_driver_name = "sha1-padlock",
220 .cra_priority = PADLOCK_CRA_PRIORITY, 242 .cra_priority = PADLOCK_CRA_PRIORITY,
221 .cra_flags = CRYPTO_ALG_TYPE_DIGEST | 243 .cra_flags = CRYPTO_ALG_TYPE_DIGEST |
222 CRYPTO_ALG_NEED_FALLBACK, 244 CRYPTO_ALG_NEED_FALLBACK,
223 .cra_blocksize = SHA1_BLOCK_SIZE, 245 .cra_blocksize = SHA1_BLOCK_SIZE,
224 .cra_ctxsize = sizeof(struct padlock_sha_ctx), 246 .cra_ctxsize = sizeof(struct padlock_sha_ctx),
225 .cra_module = THIS_MODULE, 247 .cra_module = THIS_MODULE,
226 .cra_list = LIST_HEAD_INIT(sha1_alg.cra_list), 248 .cra_list = LIST_HEAD_INIT(sha1_alg.cra_list),
227 .cra_init = padlock_sha1_cra_init, 249 .cra_init = padlock_sha1_cra_init,
228 .cra_exit = padlock_cra_exit, 250 .cra_exit = padlock_cra_exit,
229 .cra_u = { 251 .cra_u = {
230 .digest = { 252 .digest = {
231 .dia_digestsize = SHA1_DIGEST_SIZE, 253 .dia_digestsize = SHA1_DIGEST_SIZE,
232 .dia_init = padlock_sha_init, 254 .dia_init = padlock_sha_init,
233 .dia_update = padlock_sha_update, 255 .dia_update = padlock_sha_update,
234 .dia_final = padlock_sha_final, 256 .dia_final = padlock_sha_final,
235 } 257 }
236 } 258 }
237 }; 259 };
238 260
239 static struct crypto_alg sha256_alg = { 261 static struct crypto_alg sha256_alg = {
240 .cra_name = "sha256", 262 .cra_name = "sha256",
241 .cra_driver_name = "sha256-padlock", 263 .cra_driver_name = "sha256-padlock",
242 .cra_priority = PADLOCK_CRA_PRIORITY, 264 .cra_priority = PADLOCK_CRA_PRIORITY,
243 .cra_flags = CRYPTO_ALG_TYPE_DIGEST | 265 .cra_flags = CRYPTO_ALG_TYPE_DIGEST |
244 CRYPTO_ALG_NEED_FALLBACK, 266 CRYPTO_ALG_NEED_FALLBACK,
245 .cra_blocksize = SHA256_BLOCK_SIZE, 267 .cra_blocksize = SHA256_BLOCK_SIZE,
246 .cra_ctxsize = sizeof(struct padlock_sha_ctx), 268 .cra_ctxsize = sizeof(struct padlock_sha_ctx),
247 .cra_module = THIS_MODULE, 269 .cra_module = THIS_MODULE,
248 .cra_list = LIST_HEAD_INIT(sha256_alg.cra_list), 270 .cra_list = LIST_HEAD_INIT(sha256_alg.cra_list),
249 .cra_init = padlock_sha256_cra_init, 271 .cra_init = padlock_sha256_cra_init,
250 .cra_exit = padlock_cra_exit, 272 .cra_exit = padlock_cra_exit,
251 .cra_u = { 273 .cra_u = {
252 .digest = { 274 .digest = {
253 .dia_digestsize = SHA256_DIGEST_SIZE, 275 .dia_digestsize = SHA256_DIGEST_SIZE,
254 .dia_init = padlock_sha_init, 276 .dia_init = padlock_sha_init,
255 .dia_update = padlock_sha_update, 277 .dia_update = padlock_sha_update,
256 .dia_final = padlock_sha_final, 278 .dia_final = padlock_sha_final,
257 } 279 }
258 } 280 }
259 }; 281 };
260 282
261 static int __init padlock_init(void) 283 static int __init padlock_init(void)
262 { 284 {
263 int rc = -ENODEV; 285 int rc = -ENODEV;
264 286
265 if (!cpu_has_phe) { 287 if (!cpu_has_phe) {
266 printk(KERN_NOTICE PFX "VIA PadLock Hash Engine not detected.\n"); 288 printk(KERN_NOTICE PFX "VIA PadLock Hash Engine not detected.\n");
267 return -ENODEV; 289 return -ENODEV;
268 } 290 }
269 291
270 if (!cpu_has_phe_enabled) { 292 if (!cpu_has_phe_enabled) {
271 printk(KERN_NOTICE PFX "VIA PadLock detected, but not enabled. Hmm, strange...\n"); 293 printk(KERN_NOTICE PFX "VIA PadLock detected, but not enabled. Hmm, strange...\n");
272 return -ENODEV; 294 return -ENODEV;
273 } 295 }
274 296
275 rc = crypto_register_alg(&sha1_alg); 297 rc = crypto_register_alg(&sha1_alg);
276 if (rc) 298 if (rc)
277 goto out; 299 goto out;
278 300
279 rc = crypto_register_alg(&sha256_alg); 301 rc = crypto_register_alg(&sha256_alg);
280 if (rc) 302 if (rc)
281 goto out_unreg1; 303 goto out_unreg1;
282 304
283 printk(KERN_NOTICE PFX "Using VIA PadLock ACE for SHA1/SHA256 algorithms.\n"); 305 printk(KERN_NOTICE PFX "Using VIA PadLock ACE for SHA1/SHA256 algorithms.\n");
284 306
285 return 0; 307 return 0;
286 308
287 out_unreg1: 309 out_unreg1:
288 crypto_unregister_alg(&sha1_alg); 310 crypto_unregister_alg(&sha1_alg);
289 out: 311 out:
290 printk(KERN_ERR PFX "VIA PadLock SHA1/SHA256 initialization failed.\n"); 312 printk(KERN_ERR PFX "VIA PadLock SHA1/SHA256 initialization failed.\n");
291 return rc; 313 return rc;
292 } 314 }
293 315
294 static void __exit padlock_fini(void) 316 static void __exit padlock_fini(void)
295 { 317 {
296 crypto_unregister_alg(&sha1_alg); 318 crypto_unregister_alg(&sha1_alg);
297 crypto_unregister_alg(&sha256_alg); 319 crypto_unregister_alg(&sha256_alg);
298 } 320 }
299 321
300 module_init(padlock_init); 322 module_init(padlock_init);
301 module_exit(padlock_fini); 323 module_exit(padlock_fini);
302 324
303 MODULE_DESCRIPTION("VIA PadLock SHA1/SHA256 algorithms support."); 325 MODULE_DESCRIPTION("VIA PadLock SHA1/SHA256 algorithms support.");
304 MODULE_LICENSE("GPL"); 326 MODULE_LICENSE("GPL");
305 MODULE_AUTHOR("Michal Ludvig"); 327 MODULE_AUTHOR("Michal Ludvig");