// SPDX-License-Identifier: GPL-2.0-or-later

  /*
   * Glue Code for assembler optimized version of Blowfish
   *

   * Copyright (c) 2011 Jussi Kivilinna <jussi.kivilinna@mbnet.fi>

   *

   * CBC & ECB parts based on code (crypto/cbc.c,ecb.c) by:
   *   Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>
   * CTR part based on code (crypto/ctr.c) by:
   *   (C) Copyright IBM Corp. 2007 - Joy Latten <latten@us.ibm.com>

   */

  #include <crypto/algapi.h>

  #include <crypto/blowfish.h>

  #include <crypto/internal/skcipher.h>

  #include <linux/crypto.h>
  #include <linux/init.h>
  #include <linux/module.h>
  #include <linux/types.h>

  
  /* regular block cipher functions */
  asmlinkage void __blowfish_enc_blk(struct bf_ctx *ctx, u8 *dst, const u8 *src,
  				   bool xor);
  asmlinkage void blowfish_dec_blk(struct bf_ctx *ctx, u8 *dst, const u8 *src);
  
  /* 4-way parallel cipher functions */
  asmlinkage void __blowfish_enc_blk_4way(struct bf_ctx *ctx, u8 *dst,
  					const u8 *src, bool xor);
  asmlinkage void blowfish_dec_blk_4way(struct bf_ctx *ctx, u8 *dst,
  				      const u8 *src);

  
  static inline void blowfish_enc_blk(struct bf_ctx *ctx, u8 *dst, const u8 *src)
  {
  	__blowfish_enc_blk(ctx, dst, src, false);
  }
  
  static inline void blowfish_enc_blk_xor(struct bf_ctx *ctx, u8 *dst,
  					const u8 *src)
  {
  	__blowfish_enc_blk(ctx, dst, src, true);
  }
  
  static inline void blowfish_enc_blk_4way(struct bf_ctx *ctx, u8 *dst,
  					 const u8 *src)
  {
  	__blowfish_enc_blk_4way(ctx, dst, src, false);
  }
  
  static inline void blowfish_enc_blk_xor_4way(struct bf_ctx *ctx, u8 *dst,
  				      const u8 *src)
  {
  	__blowfish_enc_blk_4way(ctx, dst, src, true);
  }

  
  static void blowfish_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
  {
  	blowfish_enc_blk(crypto_tfm_ctx(tfm), dst, src);
  }
  
  static void blowfish_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
  {
  	blowfish_dec_blk(crypto_tfm_ctx(tfm), dst, src);
  }

  static int blowfish_setkey_skcipher(struct crypto_skcipher *tfm,
  				    const u8 *key, unsigned int keylen)
  {
  	return blowfish_setkey(&tfm->base, key, keylen);
  }
  
  static int ecb_crypt(struct skcipher_request *req,

  		     void (*fn)(struct bf_ctx *, u8 *, const u8 *),
  		     void (*fn_4way)(struct bf_ctx *, u8 *, const u8 *))
  {

  	unsigned int bsize = BF_BLOCK_SIZE;

  	struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
  	struct bf_ctx *ctx = crypto_skcipher_ctx(tfm);
  	struct skcipher_walk walk;

  	unsigned int nbytes;
  	int err;

  	err = skcipher_walk_virt(&walk, req, false);

  	while ((nbytes = walk.nbytes)) {
  		u8 *wsrc = walk.src.virt.addr;
  		u8 *wdst = walk.dst.virt.addr;

  
  		/* Process four block batch */
  		if (nbytes >= bsize * 4) {
  			do {
  				fn_4way(ctx, wdst, wsrc);
  
  				wsrc += bsize * 4;
  				wdst += bsize * 4;
  				nbytes -= bsize * 4;
  			} while (nbytes >= bsize * 4);
  
  			if (nbytes < bsize)
  				goto done;
  		}
  
  		/* Handle leftovers */
  		do {
  			fn(ctx, wdst, wsrc);
  
  			wsrc += bsize;
  			wdst += bsize;
  			nbytes -= bsize;
  		} while (nbytes >= bsize);
  
  done:

  		err = skcipher_walk_done(&walk, nbytes);

  	}
  
  	return err;
  }

  static int ecb_encrypt(struct skcipher_request *req)

  {

  	return ecb_crypt(req, blowfish_enc_blk, blowfish_enc_blk_4way);

  }

  static int ecb_decrypt(struct skcipher_request *req)

  {

  	return ecb_crypt(req, blowfish_dec_blk, blowfish_dec_blk_4way);

  }

  static unsigned int __cbc_encrypt(struct bf_ctx *ctx,
  				  struct skcipher_walk *walk)

  {

  	unsigned int bsize = BF_BLOCK_SIZE;
  	unsigned int nbytes = walk->nbytes;
  	u64 *src = (u64 *)walk->src.virt.addr;
  	u64 *dst = (u64 *)walk->dst.virt.addr;
  	u64 *iv = (u64 *)walk->iv;
  
  	do {
  		*dst = *src ^ *iv;
  		blowfish_enc_blk(ctx, (u8 *)dst, (u8 *)dst);
  		iv = dst;
  
  		src += 1;
  		dst += 1;
  		nbytes -= bsize;
  	} while (nbytes >= bsize);
  
  	*(u64 *)walk->iv = *iv;
  	return nbytes;
  }

  static int cbc_encrypt(struct skcipher_request *req)

  {

  	struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
  	struct bf_ctx *ctx = crypto_skcipher_ctx(tfm);
  	struct skcipher_walk walk;
  	unsigned int nbytes;

  	int err;

  	err = skcipher_walk_virt(&walk, req, false);

  
  	while ((nbytes = walk.nbytes)) {

  		nbytes = __cbc_encrypt(ctx, &walk);
  		err = skcipher_walk_done(&walk, nbytes);

  	}
  
  	return err;
  }

  static unsigned int __cbc_decrypt(struct bf_ctx *ctx,
  				  struct skcipher_walk *walk)

  {

  	unsigned int bsize = BF_BLOCK_SIZE;
  	unsigned int nbytes = walk->nbytes;
  	u64 *src = (u64 *)walk->src.virt.addr;
  	u64 *dst = (u64 *)walk->dst.virt.addr;
  	u64 ivs[4 - 1];
  	u64 last_iv;
  
  	/* Start of the last block. */
  	src += nbytes / bsize - 1;
  	dst += nbytes / bsize - 1;
  
  	last_iv = *src;
  
  	/* Process four block batch */
  	if (nbytes >= bsize * 4) {
  		do {
  			nbytes -= bsize * 4 - bsize;
  			src -= 4 - 1;
  			dst -= 4 - 1;
  
  			ivs[0] = src[0];
  			ivs[1] = src[1];
  			ivs[2] = src[2];
  
  			blowfish_dec_blk_4way(ctx, (u8 *)dst, (u8 *)src);
  
  			dst[1] ^= ivs[0];
  			dst[2] ^= ivs[1];
  			dst[3] ^= ivs[2];
  
  			nbytes -= bsize;
  			if (nbytes < bsize)
  				goto done;
  
  			*dst ^= *(src - 1);
  			src -= 1;
  			dst -= 1;
  		} while (nbytes >= bsize * 4);

  	}
  
  	/* Handle leftovers */
  	for (;;) {
  		blowfish_dec_blk(ctx, (u8 *)dst, (u8 *)src);
  
  		nbytes -= bsize;
  		if (nbytes < bsize)
  			break;
  
  		*dst ^= *(src - 1);
  		src -= 1;
  		dst -= 1;
  	}
  
  done:
  	*dst ^= *(u64 *)walk->iv;
  	*(u64 *)walk->iv = last_iv;
  
  	return nbytes;
  }

  static int cbc_decrypt(struct skcipher_request *req)

  {

  	struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
  	struct bf_ctx *ctx = crypto_skcipher_ctx(tfm);
  	struct skcipher_walk walk;
  	unsigned int nbytes;

  	int err;

  	err = skcipher_walk_virt(&walk, req, false);

  
  	while ((nbytes = walk.nbytes)) {

  		nbytes = __cbc_decrypt(ctx, &walk);
  		err = skcipher_walk_done(&walk, nbytes);

  	}
  
  	return err;
  }

  static void ctr_crypt_final(struct bf_ctx *ctx, struct skcipher_walk *walk)

  {
  	u8 *ctrblk = walk->iv;
  	u8 keystream[BF_BLOCK_SIZE];
  	u8 *src = walk->src.virt.addr;
  	u8 *dst = walk->dst.virt.addr;
  	unsigned int nbytes = walk->nbytes;
  
  	blowfish_enc_blk(ctx, keystream, ctrblk);

  	crypto_xor_cpy(dst, keystream, src, nbytes);

  
  	crypto_inc(ctrblk, BF_BLOCK_SIZE);
  }

  static unsigned int __ctr_crypt(struct bf_ctx *ctx, struct skcipher_walk *walk)

  {

  	unsigned int bsize = BF_BLOCK_SIZE;
  	unsigned int nbytes = walk->nbytes;
  	u64 *src = (u64 *)walk->src.virt.addr;
  	u64 *dst = (u64 *)walk->dst.virt.addr;
  	u64 ctrblk = be64_to_cpu(*(__be64 *)walk->iv);
  	__be64 ctrblocks[4];
  
  	/* Process four block batch */
  	if (nbytes >= bsize * 4) {
  		do {
  			if (dst != src) {
  				dst[0] = src[0];
  				dst[1] = src[1];
  				dst[2] = src[2];
  				dst[3] = src[3];
  			}
  
  			/* create ctrblks for parallel encrypt */
  			ctrblocks[0] = cpu_to_be64(ctrblk++);
  			ctrblocks[1] = cpu_to_be64(ctrblk++);
  			ctrblocks[2] = cpu_to_be64(ctrblk++);
  			ctrblocks[3] = cpu_to_be64(ctrblk++);
  
  			blowfish_enc_blk_xor_4way(ctx, (u8 *)dst,
  						  (u8 *)ctrblocks);
  
  			src += 4;
  			dst += 4;
  		} while ((nbytes -= bsize * 4) >= bsize * 4);
  
  		if (nbytes < bsize)
  			goto done;
  	}
  
  	/* Handle leftovers */
  	do {
  		if (dst != src)
  			*dst = *src;
  
  		ctrblocks[0] = cpu_to_be64(ctrblk++);
  
  		blowfish_enc_blk_xor(ctx, (u8 *)dst, (u8 *)ctrblocks);
  
  		src += 1;
  		dst += 1;
  	} while ((nbytes -= bsize) >= bsize);
  
  done:
  	*(__be64 *)walk->iv = cpu_to_be64(ctrblk);
  	return nbytes;
  }

  static int ctr_crypt(struct skcipher_request *req)

  {

  	struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
  	struct bf_ctx *ctx = crypto_skcipher_ctx(tfm);
  	struct skcipher_walk walk;
  	unsigned int nbytes;

  	int err;

  	err = skcipher_walk_virt(&walk, req, false);

  
  	while ((nbytes = walk.nbytes) >= BF_BLOCK_SIZE) {

  		nbytes = __ctr_crypt(ctx, &walk);
  		err = skcipher_walk_done(&walk, nbytes);

  	}

  	if (nbytes) {
  		ctr_crypt_final(ctx, &walk);
  		err = skcipher_walk_done(&walk, 0);

  	}
  
  	return err;
  }

  static struct crypto_alg bf_cipher_alg = {

  	.cra_name		= "blowfish",
  	.cra_driver_name	= "blowfish-asm",
  	.cra_priority		= 200,
  	.cra_flags		= CRYPTO_ALG_TYPE_CIPHER,
  	.cra_blocksize		= BF_BLOCK_SIZE,
  	.cra_ctxsize		= sizeof(struct bf_ctx),

  	.cra_alignmask		= 0,

  	.cra_module		= THIS_MODULE,

  	.cra_u = {
  		.cipher = {
  			.cia_min_keysize	= BF_MIN_KEY_SIZE,
  			.cia_max_keysize	= BF_MAX_KEY_SIZE,
  			.cia_setkey		= blowfish_setkey,
  			.cia_encrypt		= blowfish_encrypt,
  			.cia_decrypt		= blowfish_decrypt,
  		}
  	}

  };
  
  static struct skcipher_alg bf_skcipher_algs[] = {
  	{
  		.base.cra_name		= "ecb(blowfish)",
  		.base.cra_driver_name	= "ecb-blowfish-asm",
  		.base.cra_priority	= 300,
  		.base.cra_blocksize	= BF_BLOCK_SIZE,
  		.base.cra_ctxsize	= sizeof(struct bf_ctx),
  		.base.cra_module	= THIS_MODULE,
  		.min_keysize		= BF_MIN_KEY_SIZE,
  		.max_keysize		= BF_MAX_KEY_SIZE,
  		.setkey			= blowfish_setkey_skcipher,
  		.encrypt		= ecb_encrypt,
  		.decrypt		= ecb_decrypt,
  	}, {
  		.base.cra_name		= "cbc(blowfish)",
  		.base.cra_driver_name	= "cbc-blowfish-asm",
  		.base.cra_priority	= 300,
  		.base.cra_blocksize	= BF_BLOCK_SIZE,
  		.base.cra_ctxsize	= sizeof(struct bf_ctx),
  		.base.cra_module	= THIS_MODULE,
  		.min_keysize		= BF_MIN_KEY_SIZE,
  		.max_keysize		= BF_MAX_KEY_SIZE,
  		.ivsize			= BF_BLOCK_SIZE,
  		.setkey			= blowfish_setkey_skcipher,
  		.encrypt		= cbc_encrypt,
  		.decrypt		= cbc_decrypt,
  	}, {
  		.base.cra_name		= "ctr(blowfish)",
  		.base.cra_driver_name	= "ctr-blowfish-asm",
  		.base.cra_priority	= 300,
  		.base.cra_blocksize	= 1,
  		.base.cra_ctxsize	= sizeof(struct bf_ctx),
  		.base.cra_module	= THIS_MODULE,
  		.min_keysize		= BF_MIN_KEY_SIZE,
  		.max_keysize		= BF_MAX_KEY_SIZE,
  		.ivsize			= BF_BLOCK_SIZE,
  		.chunksize		= BF_BLOCK_SIZE,
  		.setkey			= blowfish_setkey_skcipher,
  		.encrypt		= ctr_crypt,
  		.decrypt		= ctr_crypt,

  	},

  };

  static bool is_blacklisted_cpu(void)
  {
  	if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL)
  		return false;
  
  	if (boot_cpu_data.x86 == 0x0f) {
  		/*
  		 * On Pentium 4, blowfish-x86_64 is slower than generic C
  		 * implementation because use of 64bit rotates (which are really
  		 * slow on P4). Therefore blacklist P4s.
  		 */
  		return true;
  	}
  
  	return false;
  }
  
  static int force;
  module_param(force, int, 0);
  MODULE_PARM_DESC(force, "Force module load, ignore CPU blacklist");

  static int __init init(void)
  {

  	int err;

  	if (!force && is_blacklisted_cpu()) {
  		printk(KERN_INFO
  			"blowfish-x86_64: performance on this CPU "
  			"would be suboptimal: disabling "
  			"blowfish-x86_64.
  ");
  		return -ENODEV;
  	}

  	err = crypto_register_alg(&bf_cipher_alg);
  	if (err)
  		return err;
  
  	err = crypto_register_skciphers(bf_skcipher_algs,
  					ARRAY_SIZE(bf_skcipher_algs));
  	if (err)
  		crypto_unregister_alg(&bf_cipher_alg);
  
  	return err;

  }
  
  static void __exit fini(void)
  {

  	crypto_unregister_alg(&bf_cipher_alg);
  	crypto_unregister_skciphers(bf_skcipher_algs,
  				    ARRAY_SIZE(bf_skcipher_algs));

  }
  
  module_init(init);
  module_exit(fini);
  
  MODULE_LICENSE("GPL");
  MODULE_DESCRIPTION("Blowfish Cipher Algorithm, asm optimized");

  MODULE_ALIAS_CRYPTO("blowfish");
  MODULE_ALIAS_CRYPTO("blowfish-asm");