2 * Freescale FSL CAAM support for crypto API over QI backend.
5 * Copyright 2013-2016 Freescale Semiconductor, Inc.
6 * Copyright 2016-2017 NXP
13 #include "desc_constr.h"
19 #include "caamalg_desc.h"
24 #define CAAM_CRA_PRIORITY 2000
25 /* max key is sum of AES_MAX_KEY_SIZE, max split key size */
26 #define CAAM_MAX_KEY_SIZE (AES_MAX_KEY_SIZE + \
27 SHA512_DIGEST_SIZE * 2)
29 #define DESC_MAX_USED_BYTES (DESC_QI_AEAD_GIVENC_LEN + \
31 #define DESC_MAX_USED_LEN (DESC_MAX_USED_BYTES / CAAM_CMD_SZ)
33 struct caam_alg_entry {
40 struct caam_aead_alg {
42 struct caam_alg_entry caam;
51 u32 sh_desc_enc[DESC_MAX_USED_LEN];
52 u32 sh_desc_dec[DESC_MAX_USED_LEN];
53 u32 sh_desc_givenc[DESC_MAX_USED_LEN];
54 u8 key[CAAM_MAX_KEY_SIZE];
58 unsigned int authsize;
60 spinlock_t lock; /* Protects multiple init of driver context */
61 struct caam_drv_ctx *drv_ctx[NUM_OP];
64 static int aead_set_sh_desc(struct crypto_aead *aead)
66 struct caam_aead_alg *alg = container_of(crypto_aead_alg(aead),
68 struct caam_ctx *ctx = crypto_aead_ctx(aead);
69 unsigned int ivsize = crypto_aead_ivsize(aead);
72 unsigned int data_len[2];
74 const bool ctr_mode = ((ctx->cdata.algtype & OP_ALG_AAI_MASK) ==
75 OP_ALG_AAI_CTR_MOD128);
76 const bool is_rfc3686 = alg->caam.rfc3686;
78 if (!ctx->cdata.keylen || !ctx->authsize)
82 * AES-CTR needs to load IV in CONTEXT1 reg
83 * at an offset of 128bits (16bytes)
84 * CONTEXT1[255:128] = IV
91 * CONTEXT1[255:128] = {NONCE, IV, COUNTER}
94 ctx1_iv_off = 16 + CTR_RFC3686_NONCE_SIZE;
95 nonce = (u32 *)((void *)ctx->key + ctx->adata.keylen_pad +
96 ctx->cdata.keylen - CTR_RFC3686_NONCE_SIZE);
99 data_len[0] = ctx->adata.keylen_pad;
100 data_len[1] = ctx->cdata.keylen;
105 /* aead_encrypt shared descriptor */
106 if (desc_inline_query(DESC_QI_AEAD_ENC_LEN +
107 (is_rfc3686 ? DESC_AEAD_CTR_RFC3686_LEN : 0),
108 DESC_JOB_IO_LEN, data_len, &inl_mask,
109 ARRAY_SIZE(data_len)) < 0)
113 ctx->adata.key_virt = ctx->key;
115 ctx->adata.key_dma = ctx->key_dma;
118 ctx->cdata.key_virt = ctx->key + ctx->adata.keylen_pad;
120 ctx->cdata.key_dma = ctx->key_dma + ctx->adata.keylen_pad;
122 ctx->adata.key_inline = !!(inl_mask & 1);
123 ctx->cdata.key_inline = !!(inl_mask & 2);
125 cnstr_shdsc_aead_encap(ctx->sh_desc_enc, &ctx->cdata, &ctx->adata,
126 ivsize, ctx->authsize, is_rfc3686, nonce,
130 /* aead_decrypt shared descriptor */
131 if (desc_inline_query(DESC_QI_AEAD_DEC_LEN +
132 (is_rfc3686 ? DESC_AEAD_CTR_RFC3686_LEN : 0),
133 DESC_JOB_IO_LEN, data_len, &inl_mask,
134 ARRAY_SIZE(data_len)) < 0)
138 ctx->adata.key_virt = ctx->key;
140 ctx->adata.key_dma = ctx->key_dma;
143 ctx->cdata.key_virt = ctx->key + ctx->adata.keylen_pad;
145 ctx->cdata.key_dma = ctx->key_dma + ctx->adata.keylen_pad;
147 ctx->adata.key_inline = !!(inl_mask & 1);
148 ctx->cdata.key_inline = !!(inl_mask & 2);
150 cnstr_shdsc_aead_decap(ctx->sh_desc_dec, &ctx->cdata, &ctx->adata,
151 ivsize, ctx->authsize, alg->caam.geniv,
152 is_rfc3686, nonce, ctx1_iv_off, true);
154 if (!alg->caam.geniv)
157 /* aead_givencrypt shared descriptor */
158 if (desc_inline_query(DESC_QI_AEAD_GIVENC_LEN +
159 (is_rfc3686 ? DESC_AEAD_CTR_RFC3686_LEN : 0),
160 DESC_JOB_IO_LEN, data_len, &inl_mask,
161 ARRAY_SIZE(data_len)) < 0)
165 ctx->adata.key_virt = ctx->key;
167 ctx->adata.key_dma = ctx->key_dma;
170 ctx->cdata.key_virt = ctx->key + ctx->adata.keylen_pad;
172 ctx->cdata.key_dma = ctx->key_dma + ctx->adata.keylen_pad;
174 ctx->adata.key_inline = !!(inl_mask & 1);
175 ctx->cdata.key_inline = !!(inl_mask & 2);
177 cnstr_shdsc_aead_givencap(ctx->sh_desc_enc, &ctx->cdata, &ctx->adata,
178 ivsize, ctx->authsize, is_rfc3686, nonce,
185 static int aead_setauthsize(struct crypto_aead *authenc, unsigned int authsize)
187 struct caam_ctx *ctx = crypto_aead_ctx(authenc);
189 ctx->authsize = authsize;
190 aead_set_sh_desc(authenc);
195 static int aead_setkey(struct crypto_aead *aead, const u8 *key,
198 struct caam_ctx *ctx = crypto_aead_ctx(aead);
199 struct device *jrdev = ctx->jrdev;
200 struct crypto_authenc_keys keys;
203 if (crypto_authenc_extractkeys(&keys, key, keylen) != 0)
207 dev_err(jrdev, "keylen %d enckeylen %d authkeylen %d\n",
208 keys.authkeylen + keys.enckeylen, keys.enckeylen,
210 print_hex_dump(KERN_ERR, "key in @" __stringify(__LINE__)": ",
211 DUMP_PREFIX_ADDRESS, 16, 4, key, keylen, 1);
214 ret = gen_split_key(jrdev, ctx->key, &ctx->adata, keys.authkey,
215 keys.authkeylen, CAAM_MAX_KEY_SIZE -
220 /* postpend encryption key to auth split key */
221 memcpy(ctx->key + ctx->adata.keylen_pad, keys.enckey, keys.enckeylen);
222 dma_sync_single_for_device(jrdev, ctx->key_dma, ctx->adata.keylen_pad +
223 keys.enckeylen, DMA_TO_DEVICE);
225 print_hex_dump(KERN_ERR, "ctx.key@" __stringify(__LINE__)": ",
226 DUMP_PREFIX_ADDRESS, 16, 4, ctx->key,
227 ctx->adata.keylen_pad + keys.enckeylen, 1);
230 ctx->cdata.keylen = keys.enckeylen;
232 ret = aead_set_sh_desc(aead);
236 /* Now update the driver contexts with the new shared descriptor */
237 if (ctx->drv_ctx[ENCRYPT]) {
238 ret = caam_drv_ctx_update(ctx->drv_ctx[ENCRYPT],
241 dev_err(jrdev, "driver enc context update failed\n");
246 if (ctx->drv_ctx[DECRYPT]) {
247 ret = caam_drv_ctx_update(ctx->drv_ctx[DECRYPT],
250 dev_err(jrdev, "driver dec context update failed\n");
257 crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
261 static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
262 const u8 *key, unsigned int keylen)
264 struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
265 struct crypto_tfm *tfm = crypto_ablkcipher_tfm(ablkcipher);
266 const char *alg_name = crypto_tfm_alg_name(tfm);
267 struct device *jrdev = ctx->jrdev;
268 unsigned int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
270 const bool ctr_mode = ((ctx->cdata.algtype & OP_ALG_AAI_MASK) ==
271 OP_ALG_AAI_CTR_MOD128);
272 const bool is_rfc3686 = (ctr_mode && strstr(alg_name, "rfc3686"));
275 memcpy(ctx->key, key, keylen);
277 print_hex_dump(KERN_ERR, "key in @" __stringify(__LINE__)": ",
278 DUMP_PREFIX_ADDRESS, 16, 4, key, keylen, 1);
281 * AES-CTR needs to load IV in CONTEXT1 reg
282 * at an offset of 128bits (16bytes)
283 * CONTEXT1[255:128] = IV
290 * | CONTEXT1[255:128] = {NONCE, IV, COUNTER}
291 * | *key = {KEY, NONCE}
294 ctx1_iv_off = 16 + CTR_RFC3686_NONCE_SIZE;
295 keylen -= CTR_RFC3686_NONCE_SIZE;
298 dma_sync_single_for_device(jrdev, ctx->key_dma, keylen, DMA_TO_DEVICE);
299 ctx->cdata.keylen = keylen;
300 ctx->cdata.key_virt = ctx->key;
301 ctx->cdata.key_inline = true;
303 /* ablkcipher encrypt, decrypt, givencrypt shared descriptors */
304 cnstr_shdsc_ablkcipher_encap(ctx->sh_desc_enc, &ctx->cdata, ivsize,
305 is_rfc3686, ctx1_iv_off);
306 cnstr_shdsc_ablkcipher_decap(ctx->sh_desc_dec, &ctx->cdata, ivsize,
307 is_rfc3686, ctx1_iv_off);
308 cnstr_shdsc_ablkcipher_givencap(ctx->sh_desc_givenc, &ctx->cdata,
309 ivsize, is_rfc3686, ctx1_iv_off);
311 /* Now update the driver contexts with the new shared descriptor */
312 if (ctx->drv_ctx[ENCRYPT]) {
313 ret = caam_drv_ctx_update(ctx->drv_ctx[ENCRYPT],
316 dev_err(jrdev, "driver enc context update failed\n");
321 if (ctx->drv_ctx[DECRYPT]) {
322 ret = caam_drv_ctx_update(ctx->drv_ctx[DECRYPT],
325 dev_err(jrdev, "driver dec context update failed\n");
330 if (ctx->drv_ctx[GIVENCRYPT]) {
331 ret = caam_drv_ctx_update(ctx->drv_ctx[GIVENCRYPT],
332 ctx->sh_desc_givenc);
334 dev_err(jrdev, "driver givenc context update failed\n");
341 crypto_ablkcipher_set_flags(ablkcipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
345 static int xts_ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
346 const u8 *key, unsigned int keylen)
348 struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
349 struct device *jrdev = ctx->jrdev;
352 if (keylen != 2 * AES_MIN_KEY_SIZE && keylen != 2 * AES_MAX_KEY_SIZE) {
353 dev_err(jrdev, "key size mismatch\n");
357 memcpy(ctx->key, key, keylen);
358 dma_sync_single_for_device(jrdev, ctx->key_dma, keylen, DMA_TO_DEVICE);
359 ctx->cdata.keylen = keylen;
360 ctx->cdata.key_virt = ctx->key;
361 ctx->cdata.key_inline = true;
363 /* xts ablkcipher encrypt, decrypt shared descriptors */
364 cnstr_shdsc_xts_ablkcipher_encap(ctx->sh_desc_enc, &ctx->cdata);
365 cnstr_shdsc_xts_ablkcipher_decap(ctx->sh_desc_dec, &ctx->cdata);
367 /* Now update the driver contexts with the new shared descriptor */
368 if (ctx->drv_ctx[ENCRYPT]) {
369 ret = caam_drv_ctx_update(ctx->drv_ctx[ENCRYPT],
372 dev_err(jrdev, "driver enc context update failed\n");
377 if (ctx->drv_ctx[DECRYPT]) {
378 ret = caam_drv_ctx_update(ctx->drv_ctx[DECRYPT],
381 dev_err(jrdev, "driver dec context update failed\n");
388 crypto_ablkcipher_set_flags(ablkcipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
393 * aead_edesc - s/w-extended aead descriptor
394 * @src_nents: number of segments in input scatterlist
395 * @dst_nents: number of segments in output scatterlist
396 * @iv_dma: dma address of iv for checking continuity and link table
397 * @qm_sg_bytes: length of dma mapped h/w link table
398 * @qm_sg_dma: bus physical mapped address of h/w link table
399 * @assoclen: associated data length, in CAAM endianness
400 * @assoclen_dma: bus physical mapped address of req->assoclen
401 * @drv_req: driver-specific request structure
402 * @sgt: the h/w link table, followed by IV
409 dma_addr_t qm_sg_dma;
410 unsigned int assoclen;
411 dma_addr_t assoclen_dma;
412 struct caam_drv_req drv_req;
413 struct qm_sg_entry sgt[0];
417 * ablkcipher_edesc - s/w-extended ablkcipher descriptor
418 * @src_nents: number of segments in input scatterlist
419 * @dst_nents: number of segments in output scatterlist
420 * @iv_dma: dma address of iv for checking continuity and link table
421 * @qm_sg_bytes: length of dma mapped h/w link table
422 * @qm_sg_dma: bus physical mapped address of h/w link table
423 * @drv_req: driver-specific request structure
424 * @sgt: the h/w link table, followed by IV
426 struct ablkcipher_edesc {
431 dma_addr_t qm_sg_dma;
432 struct caam_drv_req drv_req;
433 struct qm_sg_entry sgt[0];
436 static struct caam_drv_ctx *get_drv_ctx(struct caam_ctx *ctx,
440 * This function is called on the fast path with values of 'type'
441 * known at compile time. Invalid arguments are not expected and
442 * thus no checks are made.
444 struct caam_drv_ctx *drv_ctx = ctx->drv_ctx[type];
447 if (unlikely(!drv_ctx)) {
448 spin_lock(&ctx->lock);
450 /* Read again to check if some other core init drv_ctx */
451 drv_ctx = ctx->drv_ctx[type];
456 desc = ctx->sh_desc_enc;
457 else if (type == DECRYPT)
458 desc = ctx->sh_desc_dec;
459 else /* (type == GIVENCRYPT) */
460 desc = ctx->sh_desc_givenc;
462 cpu = smp_processor_id();
463 drv_ctx = caam_drv_ctx_init(ctx->qidev, &cpu, desc);
464 if (likely(!IS_ERR_OR_NULL(drv_ctx)))
465 drv_ctx->op_type = type;
467 ctx->drv_ctx[type] = drv_ctx;
470 spin_unlock(&ctx->lock);
476 static void caam_unmap(struct device *dev, struct scatterlist *src,
477 struct scatterlist *dst, int src_nents,
478 int dst_nents, dma_addr_t iv_dma, int ivsize,
479 enum optype op_type, dma_addr_t qm_sg_dma,
484 dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE);
485 dma_unmap_sg(dev, dst, dst_nents, DMA_FROM_DEVICE);
487 dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL);
491 dma_unmap_single(dev, iv_dma, ivsize,
492 op_type == GIVENCRYPT ? DMA_FROM_DEVICE :
495 dma_unmap_single(dev, qm_sg_dma, qm_sg_bytes, DMA_TO_DEVICE);
498 static void aead_unmap(struct device *dev,
499 struct aead_edesc *edesc,
500 struct aead_request *req)
502 struct crypto_aead *aead = crypto_aead_reqtfm(req);
503 int ivsize = crypto_aead_ivsize(aead);
505 caam_unmap(dev, req->src, req->dst, edesc->src_nents, edesc->dst_nents,
506 edesc->iv_dma, ivsize, edesc->drv_req.drv_ctx->op_type,
507 edesc->qm_sg_dma, edesc->qm_sg_bytes);
508 dma_unmap_single(dev, edesc->assoclen_dma, 4, DMA_TO_DEVICE);
511 static void ablkcipher_unmap(struct device *dev,
512 struct ablkcipher_edesc *edesc,
513 struct ablkcipher_request *req)
515 struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
516 int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
518 caam_unmap(dev, req->src, req->dst, edesc->src_nents, edesc->dst_nents,
519 edesc->iv_dma, ivsize, edesc->drv_req.drv_ctx->op_type,
520 edesc->qm_sg_dma, edesc->qm_sg_bytes);
523 static void aead_done(struct caam_drv_req *drv_req, u32 status)
525 struct device *qidev;
526 struct aead_edesc *edesc;
527 struct aead_request *aead_req = drv_req->app_ctx;
528 struct crypto_aead *aead = crypto_aead_reqtfm(aead_req);
529 struct caam_ctx *caam_ctx = crypto_aead_ctx(aead);
532 qidev = caam_ctx->qidev;
534 if (unlikely(status)) {
535 caam_jr_strstatus(qidev, status);
539 edesc = container_of(drv_req, typeof(*edesc), drv_req);
540 aead_unmap(qidev, edesc, aead_req);
542 aead_request_complete(aead_req, ecode);
543 qi_cache_free(edesc);
547 * allocate and map the aead extended descriptor
549 static struct aead_edesc *aead_edesc_alloc(struct aead_request *req,
552 struct crypto_aead *aead = crypto_aead_reqtfm(req);
553 struct caam_ctx *ctx = crypto_aead_ctx(aead);
554 struct caam_aead_alg *alg = container_of(crypto_aead_alg(aead),
556 struct device *qidev = ctx->qidev;
557 gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
558 GFP_KERNEL : GFP_ATOMIC;
559 int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
560 struct aead_edesc *edesc;
561 dma_addr_t qm_sg_dma, iv_dma = 0;
563 unsigned int authsize = ctx->authsize;
564 int qm_sg_index = 0, qm_sg_ents = 0, qm_sg_bytes;
566 struct qm_sg_entry *sg_table, *fd_sgt;
567 struct caam_drv_ctx *drv_ctx;
568 enum optype op_type = encrypt ? ENCRYPT : DECRYPT;
570 drv_ctx = get_drv_ctx(ctx, op_type);
571 if (unlikely(IS_ERR_OR_NULL(drv_ctx)))
572 return (struct aead_edesc *)drv_ctx;
574 /* allocate space for base edesc and hw desc commands, link tables */
575 edesc = qi_cache_alloc(GFP_DMA | flags);
576 if (unlikely(!edesc)) {
577 dev_err(qidev, "could not allocate extended descriptor\n");
578 return ERR_PTR(-ENOMEM);
581 if (likely(req->src == req->dst)) {
582 src_nents = sg_nents_for_len(req->src, req->assoclen +
584 (encrypt ? authsize : 0));
585 if (unlikely(src_nents < 0)) {
586 dev_err(qidev, "Insufficient bytes (%d) in src S/G\n",
587 req->assoclen + req->cryptlen +
588 (encrypt ? authsize : 0));
589 qi_cache_free(edesc);
590 return ERR_PTR(src_nents);
593 mapped_src_nents = dma_map_sg(qidev, req->src, src_nents,
595 if (unlikely(!mapped_src_nents)) {
596 dev_err(qidev, "unable to map source\n");
597 qi_cache_free(edesc);
598 return ERR_PTR(-ENOMEM);
601 src_nents = sg_nents_for_len(req->src, req->assoclen +
603 if (unlikely(src_nents < 0)) {
604 dev_err(qidev, "Insufficient bytes (%d) in src S/G\n",
605 req->assoclen + req->cryptlen);
606 qi_cache_free(edesc);
607 return ERR_PTR(src_nents);
610 dst_nents = sg_nents_for_len(req->dst, req->assoclen +
612 (encrypt ? authsize :
614 if (unlikely(dst_nents < 0)) {
615 dev_err(qidev, "Insufficient bytes (%d) in dst S/G\n",
616 req->assoclen + req->cryptlen +
617 (encrypt ? authsize : (-authsize)));
618 qi_cache_free(edesc);
619 return ERR_PTR(dst_nents);
623 mapped_src_nents = dma_map_sg(qidev, req->src,
624 src_nents, DMA_TO_DEVICE);
625 if (unlikely(!mapped_src_nents)) {
626 dev_err(qidev, "unable to map source\n");
627 qi_cache_free(edesc);
628 return ERR_PTR(-ENOMEM);
631 mapped_src_nents = 0;
634 mapped_dst_nents = dma_map_sg(qidev, req->dst, dst_nents,
636 if (unlikely(!mapped_dst_nents)) {
637 dev_err(qidev, "unable to map destination\n");
638 dma_unmap_sg(qidev, req->src, src_nents, DMA_TO_DEVICE);
639 qi_cache_free(edesc);
640 return ERR_PTR(-ENOMEM);
644 if ((alg->caam.rfc3686 && encrypt) || !alg->caam.geniv)
645 ivsize = crypto_aead_ivsize(aead);
648 * Create S/G table: req->assoclen, [IV,] req->src [, req->dst].
649 * Input is not contiguous.
651 qm_sg_ents = 1 + !!ivsize + mapped_src_nents +
652 (mapped_dst_nents > 1 ? mapped_dst_nents : 0);
653 sg_table = &edesc->sgt[0];
654 qm_sg_bytes = qm_sg_ents * sizeof(*sg_table);
655 if (unlikely(offsetof(struct aead_edesc, sgt) + qm_sg_bytes + ivsize >
656 CAAM_QI_MEMCACHE_SIZE)) {
657 dev_err(qidev, "No space for %d S/G entries and/or %dB IV\n",
659 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
661 qi_cache_free(edesc);
662 return ERR_PTR(-ENOMEM);
666 u8 *iv = (u8 *)(sg_table + qm_sg_ents);
668 /* Make sure IV is located in a DMAable area */
669 memcpy(iv, req->iv, ivsize);
671 iv_dma = dma_map_single(qidev, iv, ivsize, DMA_TO_DEVICE);
672 if (dma_mapping_error(qidev, iv_dma)) {
673 dev_err(qidev, "unable to map IV\n");
674 caam_unmap(qidev, req->src, req->dst, src_nents,
675 dst_nents, 0, 0, 0, 0, 0);
676 qi_cache_free(edesc);
677 return ERR_PTR(-ENOMEM);
681 edesc->src_nents = src_nents;
682 edesc->dst_nents = dst_nents;
683 edesc->iv_dma = iv_dma;
684 edesc->drv_req.app_ctx = req;
685 edesc->drv_req.cbk = aead_done;
686 edesc->drv_req.drv_ctx = drv_ctx;
688 edesc->assoclen = cpu_to_caam32(req->assoclen);
689 edesc->assoclen_dma = dma_map_single(qidev, &edesc->assoclen, 4,
691 if (dma_mapping_error(qidev, edesc->assoclen_dma)) {
692 dev_err(qidev, "unable to map assoclen\n");
693 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
694 iv_dma, ivsize, op_type, 0, 0);
695 qi_cache_free(edesc);
696 return ERR_PTR(-ENOMEM);
699 dma_to_qm_sg_one(sg_table, edesc->assoclen_dma, 4, 0);
702 dma_to_qm_sg_one(sg_table + qm_sg_index, iv_dma, ivsize, 0);
705 sg_to_qm_sg_last(req->src, mapped_src_nents, sg_table + qm_sg_index, 0);
706 qm_sg_index += mapped_src_nents;
708 if (mapped_dst_nents > 1)
709 sg_to_qm_sg_last(req->dst, mapped_dst_nents, sg_table +
712 qm_sg_dma = dma_map_single(qidev, sg_table, qm_sg_bytes, DMA_TO_DEVICE);
713 if (dma_mapping_error(qidev, qm_sg_dma)) {
714 dev_err(qidev, "unable to map S/G table\n");
715 dma_unmap_single(qidev, edesc->assoclen_dma, 4, DMA_TO_DEVICE);
716 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
717 iv_dma, ivsize, op_type, 0, 0);
718 qi_cache_free(edesc);
719 return ERR_PTR(-ENOMEM);
722 edesc->qm_sg_dma = qm_sg_dma;
723 edesc->qm_sg_bytes = qm_sg_bytes;
725 out_len = req->assoclen + req->cryptlen +
726 (encrypt ? ctx->authsize : (-ctx->authsize));
727 in_len = 4 + ivsize + req->assoclen + req->cryptlen;
729 fd_sgt = &edesc->drv_req.fd_sgt[0];
730 dma_to_qm_sg_one_last_ext(&fd_sgt[1], qm_sg_dma, in_len, 0);
732 if (req->dst == req->src) {
733 if (mapped_src_nents == 1)
734 dma_to_qm_sg_one(&fd_sgt[0], sg_dma_address(req->src),
737 dma_to_qm_sg_one_ext(&fd_sgt[0], qm_sg_dma +
738 (1 + !!ivsize) * sizeof(*sg_table),
740 } else if (mapped_dst_nents == 1) {
741 dma_to_qm_sg_one(&fd_sgt[0], sg_dma_address(req->dst), out_len,
744 dma_to_qm_sg_one_ext(&fd_sgt[0], qm_sg_dma + sizeof(*sg_table) *
745 qm_sg_index, out_len, 0);
751 static inline int aead_crypt(struct aead_request *req, bool encrypt)
753 struct aead_edesc *edesc;
754 struct crypto_aead *aead = crypto_aead_reqtfm(req);
755 struct caam_ctx *ctx = crypto_aead_ctx(aead);
758 if (unlikely(caam_congested))
761 /* allocate extended descriptor */
762 edesc = aead_edesc_alloc(req, encrypt);
763 if (IS_ERR_OR_NULL(edesc))
764 return PTR_ERR(edesc);
766 /* Create and submit job descriptor */
767 ret = caam_qi_enqueue(ctx->qidev, &edesc->drv_req);
771 aead_unmap(ctx->qidev, edesc, req);
772 qi_cache_free(edesc);
778 static int aead_encrypt(struct aead_request *req)
780 return aead_crypt(req, true);
783 static int aead_decrypt(struct aead_request *req)
785 return aead_crypt(req, false);
788 static void ablkcipher_done(struct caam_drv_req *drv_req, u32 status)
790 struct ablkcipher_edesc *edesc;
791 struct ablkcipher_request *req = drv_req->app_ctx;
792 struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
793 struct caam_ctx *caam_ctx = crypto_ablkcipher_ctx(ablkcipher);
794 struct device *qidev = caam_ctx->qidev;
795 int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
798 dev_err(qidev, "%s %d: status 0x%x\n", __func__, __LINE__, status);
801 edesc = container_of(drv_req, typeof(*edesc), drv_req);
804 caam_jr_strstatus(qidev, status);
807 print_hex_dump(KERN_ERR, "dstiv @" __stringify(__LINE__)": ",
808 DUMP_PREFIX_ADDRESS, 16, 4, req->info,
809 edesc->src_nents > 1 ? 100 : ivsize, 1);
810 caam_dump_sg(KERN_ERR, "dst @" __stringify(__LINE__)": ",
811 DUMP_PREFIX_ADDRESS, 16, 4, req->dst,
812 edesc->dst_nents > 1 ? 100 : req->nbytes, 1);
815 ablkcipher_unmap(qidev, edesc, req);
817 /* In case initial IV was generated, copy it in GIVCIPHER request */
818 if (edesc->drv_req.drv_ctx->op_type == GIVENCRYPT) {
820 struct skcipher_givcrypt_request *greq;
822 greq = container_of(req, struct skcipher_givcrypt_request,
824 iv = (u8 *)edesc->sgt + edesc->qm_sg_bytes;
825 memcpy(greq->giv, iv, ivsize);
829 * The crypto API expects us to set the IV (req->info) to the last
830 * ciphertext block. This is used e.g. by the CTS mode.
832 if (edesc->drv_req.drv_ctx->op_type != DECRYPT)
833 scatterwalk_map_and_copy(req->info, req->dst, req->nbytes -
836 qi_cache_free(edesc);
837 ablkcipher_request_complete(req, status);
840 static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request
843 struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
844 struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
845 struct device *qidev = ctx->qidev;
846 gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
847 GFP_KERNEL : GFP_ATOMIC;
848 int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
849 struct ablkcipher_edesc *edesc;
852 int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
853 int dst_sg_idx, qm_sg_ents, qm_sg_bytes;
854 struct qm_sg_entry *sg_table, *fd_sgt;
855 struct caam_drv_ctx *drv_ctx;
856 enum optype op_type = encrypt ? ENCRYPT : DECRYPT;
858 drv_ctx = get_drv_ctx(ctx, op_type);
859 if (unlikely(IS_ERR_OR_NULL(drv_ctx)))
860 return (struct ablkcipher_edesc *)drv_ctx;
862 src_nents = sg_nents_for_len(req->src, req->nbytes);
863 if (unlikely(src_nents < 0)) {
864 dev_err(qidev, "Insufficient bytes (%d) in src S/G\n",
866 return ERR_PTR(src_nents);
869 if (unlikely(req->src != req->dst)) {
870 dst_nents = sg_nents_for_len(req->dst, req->nbytes);
871 if (unlikely(dst_nents < 0)) {
872 dev_err(qidev, "Insufficient bytes (%d) in dst S/G\n",
874 return ERR_PTR(dst_nents);
877 mapped_src_nents = dma_map_sg(qidev, req->src, src_nents,
879 if (unlikely(!mapped_src_nents)) {
880 dev_err(qidev, "unable to map source\n");
881 return ERR_PTR(-ENOMEM);
884 mapped_dst_nents = dma_map_sg(qidev, req->dst, dst_nents,
886 if (unlikely(!mapped_dst_nents)) {
887 dev_err(qidev, "unable to map destination\n");
888 dma_unmap_sg(qidev, req->src, src_nents, DMA_TO_DEVICE);
889 return ERR_PTR(-ENOMEM);
892 mapped_src_nents = dma_map_sg(qidev, req->src, src_nents,
894 if (unlikely(!mapped_src_nents)) {
895 dev_err(qidev, "unable to map source\n");
896 return ERR_PTR(-ENOMEM);
900 qm_sg_ents = 1 + mapped_src_nents;
901 dst_sg_idx = qm_sg_ents;
903 qm_sg_ents += mapped_dst_nents > 1 ? mapped_dst_nents : 0;
904 qm_sg_bytes = qm_sg_ents * sizeof(struct qm_sg_entry);
905 if (unlikely(offsetof(struct ablkcipher_edesc, sgt) + qm_sg_bytes +
906 ivsize > CAAM_QI_MEMCACHE_SIZE)) {
907 dev_err(qidev, "No space for %d S/G entries and/or %dB IV\n",
909 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
911 return ERR_PTR(-ENOMEM);
914 /* allocate space for base edesc, link tables and IV */
915 edesc = qi_cache_alloc(GFP_DMA | flags);
916 if (unlikely(!edesc)) {
917 dev_err(qidev, "could not allocate extended descriptor\n");
918 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
920 return ERR_PTR(-ENOMEM);
923 /* Make sure IV is located in a DMAable area */
924 sg_table = &edesc->sgt[0];
925 iv = (u8 *)(sg_table + qm_sg_ents);
926 memcpy(iv, req->info, ivsize);
928 iv_dma = dma_map_single(qidev, iv, ivsize, DMA_TO_DEVICE);
929 if (dma_mapping_error(qidev, iv_dma)) {
930 dev_err(qidev, "unable to map IV\n");
931 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
933 qi_cache_free(edesc);
934 return ERR_PTR(-ENOMEM);
937 edesc->src_nents = src_nents;
938 edesc->dst_nents = dst_nents;
939 edesc->iv_dma = iv_dma;
940 edesc->qm_sg_bytes = qm_sg_bytes;
941 edesc->drv_req.app_ctx = req;
942 edesc->drv_req.cbk = ablkcipher_done;
943 edesc->drv_req.drv_ctx = drv_ctx;
945 dma_to_qm_sg_one(sg_table, iv_dma, ivsize, 0);
946 sg_to_qm_sg_last(req->src, mapped_src_nents, sg_table + 1, 0);
948 if (mapped_dst_nents > 1)
949 sg_to_qm_sg_last(req->dst, mapped_dst_nents, sg_table +
952 edesc->qm_sg_dma = dma_map_single(qidev, sg_table, edesc->qm_sg_bytes,
954 if (dma_mapping_error(qidev, edesc->qm_sg_dma)) {
955 dev_err(qidev, "unable to map S/G table\n");
956 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
957 iv_dma, ivsize, op_type, 0, 0);
958 qi_cache_free(edesc);
959 return ERR_PTR(-ENOMEM);
962 fd_sgt = &edesc->drv_req.fd_sgt[0];
964 dma_to_qm_sg_one_last_ext(&fd_sgt[1], edesc->qm_sg_dma,
965 ivsize + req->nbytes, 0);
967 if (req->src == req->dst) {
968 dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma +
969 sizeof(*sg_table), req->nbytes, 0);
970 } else if (mapped_dst_nents > 1) {
971 dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma + dst_sg_idx *
972 sizeof(*sg_table), req->nbytes, 0);
974 dma_to_qm_sg_one(&fd_sgt[0], sg_dma_address(req->dst),
981 static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
982 struct skcipher_givcrypt_request *creq)
984 struct ablkcipher_request *req = &creq->creq;
985 struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
986 struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
987 struct device *qidev = ctx->qidev;
988 gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
989 GFP_KERNEL : GFP_ATOMIC;
990 int src_nents, mapped_src_nents, dst_nents, mapped_dst_nents;
991 struct ablkcipher_edesc *edesc;
994 int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
995 struct qm_sg_entry *sg_table, *fd_sgt;
996 int dst_sg_idx, qm_sg_ents, qm_sg_bytes;
997 struct caam_drv_ctx *drv_ctx;
999 drv_ctx = get_drv_ctx(ctx, GIVENCRYPT);
1000 if (unlikely(IS_ERR_OR_NULL(drv_ctx)))
1001 return (struct ablkcipher_edesc *)drv_ctx;
1003 src_nents = sg_nents_for_len(req->src, req->nbytes);
1004 if (unlikely(src_nents < 0)) {
1005 dev_err(qidev, "Insufficient bytes (%d) in src S/G\n",
1007 return ERR_PTR(src_nents);
1010 if (unlikely(req->src != req->dst)) {
1011 dst_nents = sg_nents_for_len(req->dst, req->nbytes);
1012 if (unlikely(dst_nents < 0)) {
1013 dev_err(qidev, "Insufficient bytes (%d) in dst S/G\n",
1015 return ERR_PTR(dst_nents);
1018 mapped_src_nents = dma_map_sg(qidev, req->src, src_nents,
1020 if (unlikely(!mapped_src_nents)) {
1021 dev_err(qidev, "unable to map source\n");
1022 return ERR_PTR(-ENOMEM);
1025 mapped_dst_nents = dma_map_sg(qidev, req->dst, dst_nents,
1027 if (unlikely(!mapped_dst_nents)) {
1028 dev_err(qidev, "unable to map destination\n");
1029 dma_unmap_sg(qidev, req->src, src_nents, DMA_TO_DEVICE);
1030 return ERR_PTR(-ENOMEM);
1033 mapped_src_nents = dma_map_sg(qidev, req->src, src_nents,
1035 if (unlikely(!mapped_src_nents)) {
1036 dev_err(qidev, "unable to map source\n");
1037 return ERR_PTR(-ENOMEM);
1040 dst_nents = src_nents;
1041 mapped_dst_nents = src_nents;
1044 qm_sg_ents = mapped_src_nents > 1 ? mapped_src_nents : 0;
1045 dst_sg_idx = qm_sg_ents;
1047 qm_sg_ents += 1 + mapped_dst_nents;
1048 qm_sg_bytes = qm_sg_ents * sizeof(struct qm_sg_entry);
1049 if (unlikely(offsetof(struct ablkcipher_edesc, sgt) + qm_sg_bytes +
1050 ivsize > CAAM_QI_MEMCACHE_SIZE)) {
1051 dev_err(qidev, "No space for %d S/G entries and/or %dB IV\n",
1052 qm_sg_ents, ivsize);
1053 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
1055 return ERR_PTR(-ENOMEM);
1058 /* allocate space for base edesc, link tables and IV */
1059 edesc = qi_cache_alloc(GFP_DMA | flags);
1061 dev_err(qidev, "could not allocate extended descriptor\n");
1062 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
1064 return ERR_PTR(-ENOMEM);
1067 /* Make sure IV is located in a DMAable area */
1068 sg_table = &edesc->sgt[0];
1069 iv = (u8 *)(sg_table + qm_sg_ents);
1070 iv_dma = dma_map_single(qidev, iv, ivsize, DMA_FROM_DEVICE);
1071 if (dma_mapping_error(qidev, iv_dma)) {
1072 dev_err(qidev, "unable to map IV\n");
1073 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents, 0,
1075 qi_cache_free(edesc);
1076 return ERR_PTR(-ENOMEM);
1079 edesc->src_nents = src_nents;
1080 edesc->dst_nents = dst_nents;
1081 edesc->iv_dma = iv_dma;
1082 edesc->qm_sg_bytes = qm_sg_bytes;
1083 edesc->drv_req.app_ctx = req;
1084 edesc->drv_req.cbk = ablkcipher_done;
1085 edesc->drv_req.drv_ctx = drv_ctx;
1087 if (mapped_src_nents > 1)
1088 sg_to_qm_sg_last(req->src, mapped_src_nents, sg_table, 0);
1090 dma_to_qm_sg_one(sg_table + dst_sg_idx, iv_dma, ivsize, 0);
1091 sg_to_qm_sg_last(req->dst, mapped_dst_nents, sg_table + dst_sg_idx + 1,
1094 edesc->qm_sg_dma = dma_map_single(qidev, sg_table, edesc->qm_sg_bytes,
1096 if (dma_mapping_error(qidev, edesc->qm_sg_dma)) {
1097 dev_err(qidev, "unable to map S/G table\n");
1098 caam_unmap(qidev, req->src, req->dst, src_nents, dst_nents,
1099 iv_dma, ivsize, GIVENCRYPT, 0, 0);
1100 qi_cache_free(edesc);
1101 return ERR_PTR(-ENOMEM);
1104 fd_sgt = &edesc->drv_req.fd_sgt[0];
1106 if (mapped_src_nents > 1)
1107 dma_to_qm_sg_one_ext(&fd_sgt[1], edesc->qm_sg_dma, req->nbytes,
1110 dma_to_qm_sg_one(&fd_sgt[1], sg_dma_address(req->src),
1113 dma_to_qm_sg_one_ext(&fd_sgt[0], edesc->qm_sg_dma + dst_sg_idx *
1114 sizeof(*sg_table), ivsize + req->nbytes, 0);
1119 static inline int ablkcipher_crypt(struct ablkcipher_request *req, bool encrypt)
1121 struct ablkcipher_edesc *edesc;
1122 struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
1123 struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
1124 int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
1127 if (unlikely(caam_congested))
1130 /* allocate extended descriptor */
1131 edesc = ablkcipher_edesc_alloc(req, encrypt);
1133 return PTR_ERR(edesc);
1136 * The crypto API expects us to set the IV (req->info) to the last
1140 scatterwalk_map_and_copy(req->info, req->src, req->nbytes -
1143 ret = caam_qi_enqueue(ctx->qidev, &edesc->drv_req);
1147 ablkcipher_unmap(ctx->qidev, edesc, req);
1148 qi_cache_free(edesc);
1154 static int ablkcipher_encrypt(struct ablkcipher_request *req)
1156 return ablkcipher_crypt(req, true);
1159 static int ablkcipher_decrypt(struct ablkcipher_request *req)
1161 return ablkcipher_crypt(req, false);
1164 static int ablkcipher_givencrypt(struct skcipher_givcrypt_request *creq)
1166 struct ablkcipher_request *req = &creq->creq;
1167 struct ablkcipher_edesc *edesc;
1168 struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
1169 struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
1172 if (unlikely(caam_congested))
1175 /* allocate extended descriptor */
1176 edesc = ablkcipher_giv_edesc_alloc(creq);
1178 return PTR_ERR(edesc);
1180 ret = caam_qi_enqueue(ctx->qidev, &edesc->drv_req);
1184 ablkcipher_unmap(ctx->qidev, edesc, req);
1185 qi_cache_free(edesc);
1191 #define template_ablkcipher template_u.ablkcipher
1192 struct caam_alg_template {
1193 char name[CRYPTO_MAX_ALG_NAME];
1194 char driver_name[CRYPTO_MAX_ALG_NAME];
1195 unsigned int blocksize;
1198 struct ablkcipher_alg ablkcipher;
1200 u32 class1_alg_type;
1201 u32 class2_alg_type;
1204 static struct caam_alg_template driver_algs[] = {
1205 /* ablkcipher descriptor */
1208 .driver_name = "cbc-aes-caam-qi",
1209 .blocksize = AES_BLOCK_SIZE,
1210 .type = CRYPTO_ALG_TYPE_GIVCIPHER,
1211 .template_ablkcipher = {
1212 .setkey = ablkcipher_setkey,
1213 .encrypt = ablkcipher_encrypt,
1214 .decrypt = ablkcipher_decrypt,
1215 .givencrypt = ablkcipher_givencrypt,
1216 .geniv = "<built-in>",
1217 .min_keysize = AES_MIN_KEY_SIZE,
1218 .max_keysize = AES_MAX_KEY_SIZE,
1219 .ivsize = AES_BLOCK_SIZE,
1221 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1224 .name = "cbc(des3_ede)",
1225 .driver_name = "cbc-3des-caam-qi",
1226 .blocksize = DES3_EDE_BLOCK_SIZE,
1227 .type = CRYPTO_ALG_TYPE_GIVCIPHER,
1228 .template_ablkcipher = {
1229 .setkey = ablkcipher_setkey,
1230 .encrypt = ablkcipher_encrypt,
1231 .decrypt = ablkcipher_decrypt,
1232 .givencrypt = ablkcipher_givencrypt,
1233 .geniv = "<built-in>",
1234 .min_keysize = DES3_EDE_KEY_SIZE,
1235 .max_keysize = DES3_EDE_KEY_SIZE,
1236 .ivsize = DES3_EDE_BLOCK_SIZE,
1238 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1242 .driver_name = "cbc-des-caam-qi",
1243 .blocksize = DES_BLOCK_SIZE,
1244 .type = CRYPTO_ALG_TYPE_GIVCIPHER,
1245 .template_ablkcipher = {
1246 .setkey = ablkcipher_setkey,
1247 .encrypt = ablkcipher_encrypt,
1248 .decrypt = ablkcipher_decrypt,
1249 .givencrypt = ablkcipher_givencrypt,
1250 .geniv = "<built-in>",
1251 .min_keysize = DES_KEY_SIZE,
1252 .max_keysize = DES_KEY_SIZE,
1253 .ivsize = DES_BLOCK_SIZE,
1255 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
1259 .driver_name = "ctr-aes-caam-qi",
1261 .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
1262 .template_ablkcipher = {
1263 .setkey = ablkcipher_setkey,
1264 .encrypt = ablkcipher_encrypt,
1265 .decrypt = ablkcipher_decrypt,
1267 .min_keysize = AES_MIN_KEY_SIZE,
1268 .max_keysize = AES_MAX_KEY_SIZE,
1269 .ivsize = AES_BLOCK_SIZE,
1271 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CTR_MOD128,
1274 .name = "rfc3686(ctr(aes))",
1275 .driver_name = "rfc3686-ctr-aes-caam-qi",
1277 .type = CRYPTO_ALG_TYPE_GIVCIPHER,
1278 .template_ablkcipher = {
1279 .setkey = ablkcipher_setkey,
1280 .encrypt = ablkcipher_encrypt,
1281 .decrypt = ablkcipher_decrypt,
1282 .givencrypt = ablkcipher_givencrypt,
1283 .geniv = "<built-in>",
1284 .min_keysize = AES_MIN_KEY_SIZE +
1285 CTR_RFC3686_NONCE_SIZE,
1286 .max_keysize = AES_MAX_KEY_SIZE +
1287 CTR_RFC3686_NONCE_SIZE,
1288 .ivsize = CTR_RFC3686_IV_SIZE,
1290 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CTR_MOD128,
1294 .driver_name = "xts-aes-caam-qi",
1295 .blocksize = AES_BLOCK_SIZE,
1296 .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
1297 .template_ablkcipher = {
1298 .setkey = xts_ablkcipher_setkey,
1299 .encrypt = ablkcipher_encrypt,
1300 .decrypt = ablkcipher_decrypt,
1302 .min_keysize = 2 * AES_MIN_KEY_SIZE,
1303 .max_keysize = 2 * AES_MAX_KEY_SIZE,
1304 .ivsize = AES_BLOCK_SIZE,
1306 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_XTS,
1310 static struct caam_aead_alg driver_aeads[] = {
1311 /* single-pass ipsec_esp descriptor */
1315 .cra_name = "authenc(hmac(md5),cbc(aes))",
1316 .cra_driver_name = "authenc-hmac-md5-"
1318 .cra_blocksize = AES_BLOCK_SIZE,
1320 .setkey = aead_setkey,
1321 .setauthsize = aead_setauthsize,
1322 .encrypt = aead_encrypt,
1323 .decrypt = aead_decrypt,
1324 .ivsize = AES_BLOCK_SIZE,
1325 .maxauthsize = MD5_DIGEST_SIZE,
1328 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1329 .class2_alg_type = OP_ALG_ALGSEL_MD5 |
1330 OP_ALG_AAI_HMAC_PRECOMP,
1336 .cra_name = "echainiv(authenc(hmac(md5),"
1338 .cra_driver_name = "echainiv-authenc-hmac-md5-"
1340 .cra_blocksize = AES_BLOCK_SIZE,
1342 .setkey = aead_setkey,
1343 .setauthsize = aead_setauthsize,
1344 .encrypt = aead_encrypt,
1345 .decrypt = aead_decrypt,
1346 .ivsize = AES_BLOCK_SIZE,
1347 .maxauthsize = MD5_DIGEST_SIZE,
1350 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1351 .class2_alg_type = OP_ALG_ALGSEL_MD5 |
1352 OP_ALG_AAI_HMAC_PRECOMP,
1359 .cra_name = "authenc(hmac(sha1),cbc(aes))",
1360 .cra_driver_name = "authenc-hmac-sha1-"
1362 .cra_blocksize = AES_BLOCK_SIZE,
1364 .setkey = aead_setkey,
1365 .setauthsize = aead_setauthsize,
1366 .encrypt = aead_encrypt,
1367 .decrypt = aead_decrypt,
1368 .ivsize = AES_BLOCK_SIZE,
1369 .maxauthsize = SHA1_DIGEST_SIZE,
1372 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1373 .class2_alg_type = OP_ALG_ALGSEL_SHA1 |
1374 OP_ALG_AAI_HMAC_PRECOMP,
1380 .cra_name = "echainiv(authenc(hmac(sha1),"
1382 .cra_driver_name = "echainiv-authenc-"
1383 "hmac-sha1-cbc-aes-caam-qi",
1384 .cra_blocksize = AES_BLOCK_SIZE,
1386 .setkey = aead_setkey,
1387 .setauthsize = aead_setauthsize,
1388 .encrypt = aead_encrypt,
1389 .decrypt = aead_decrypt,
1390 .ivsize = AES_BLOCK_SIZE,
1391 .maxauthsize = SHA1_DIGEST_SIZE,
1394 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1395 .class2_alg_type = OP_ALG_ALGSEL_SHA1 |
1396 OP_ALG_AAI_HMAC_PRECOMP,
1403 .cra_name = "authenc(hmac(sha224),cbc(aes))",
1404 .cra_driver_name = "authenc-hmac-sha224-"
1406 .cra_blocksize = AES_BLOCK_SIZE,
1408 .setkey = aead_setkey,
1409 .setauthsize = aead_setauthsize,
1410 .encrypt = aead_encrypt,
1411 .decrypt = aead_decrypt,
1412 .ivsize = AES_BLOCK_SIZE,
1413 .maxauthsize = SHA224_DIGEST_SIZE,
1416 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1417 .class2_alg_type = OP_ALG_ALGSEL_SHA224 |
1418 OP_ALG_AAI_HMAC_PRECOMP,
1424 .cra_name = "echainiv(authenc(hmac(sha224),"
1426 .cra_driver_name = "echainiv-authenc-"
1427 "hmac-sha224-cbc-aes-caam-qi",
1428 .cra_blocksize = AES_BLOCK_SIZE,
1430 .setkey = aead_setkey,
1431 .setauthsize = aead_setauthsize,
1432 .encrypt = aead_encrypt,
1433 .decrypt = aead_decrypt,
1434 .ivsize = AES_BLOCK_SIZE,
1435 .maxauthsize = SHA224_DIGEST_SIZE,
1438 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1439 .class2_alg_type = OP_ALG_ALGSEL_SHA224 |
1440 OP_ALG_AAI_HMAC_PRECOMP,
1447 .cra_name = "authenc(hmac(sha256),cbc(aes))",
1448 .cra_driver_name = "authenc-hmac-sha256-"
1450 .cra_blocksize = AES_BLOCK_SIZE,
1452 .setkey = aead_setkey,
1453 .setauthsize = aead_setauthsize,
1454 .encrypt = aead_encrypt,
1455 .decrypt = aead_decrypt,
1456 .ivsize = AES_BLOCK_SIZE,
1457 .maxauthsize = SHA256_DIGEST_SIZE,
1460 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1461 .class2_alg_type = OP_ALG_ALGSEL_SHA256 |
1462 OP_ALG_AAI_HMAC_PRECOMP,
1468 .cra_name = "echainiv(authenc(hmac(sha256),"
1470 .cra_driver_name = "echainiv-authenc-"
1471 "hmac-sha256-cbc-aes-"
1473 .cra_blocksize = AES_BLOCK_SIZE,
1475 .setkey = aead_setkey,
1476 .setauthsize = aead_setauthsize,
1477 .encrypt = aead_encrypt,
1478 .decrypt = aead_decrypt,
1479 .ivsize = AES_BLOCK_SIZE,
1480 .maxauthsize = SHA256_DIGEST_SIZE,
1483 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1484 .class2_alg_type = OP_ALG_ALGSEL_SHA256 |
1485 OP_ALG_AAI_HMAC_PRECOMP,
1492 .cra_name = "authenc(hmac(sha384),cbc(aes))",
1493 .cra_driver_name = "authenc-hmac-sha384-"
1495 .cra_blocksize = AES_BLOCK_SIZE,
1497 .setkey = aead_setkey,
1498 .setauthsize = aead_setauthsize,
1499 .encrypt = aead_encrypt,
1500 .decrypt = aead_decrypt,
1501 .ivsize = AES_BLOCK_SIZE,
1502 .maxauthsize = SHA384_DIGEST_SIZE,
1505 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1506 .class2_alg_type = OP_ALG_ALGSEL_SHA384 |
1507 OP_ALG_AAI_HMAC_PRECOMP,
1513 .cra_name = "echainiv(authenc(hmac(sha384),"
1515 .cra_driver_name = "echainiv-authenc-"
1516 "hmac-sha384-cbc-aes-"
1518 .cra_blocksize = AES_BLOCK_SIZE,
1520 .setkey = aead_setkey,
1521 .setauthsize = aead_setauthsize,
1522 .encrypt = aead_encrypt,
1523 .decrypt = aead_decrypt,
1524 .ivsize = AES_BLOCK_SIZE,
1525 .maxauthsize = SHA384_DIGEST_SIZE,
1528 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1529 .class2_alg_type = OP_ALG_ALGSEL_SHA384 |
1530 OP_ALG_AAI_HMAC_PRECOMP,
1537 .cra_name = "authenc(hmac(sha512),cbc(aes))",
1538 .cra_driver_name = "authenc-hmac-sha512-"
1540 .cra_blocksize = AES_BLOCK_SIZE,
1542 .setkey = aead_setkey,
1543 .setauthsize = aead_setauthsize,
1544 .encrypt = aead_encrypt,
1545 .decrypt = aead_decrypt,
1546 .ivsize = AES_BLOCK_SIZE,
1547 .maxauthsize = SHA512_DIGEST_SIZE,
1550 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1551 .class2_alg_type = OP_ALG_ALGSEL_SHA512 |
1552 OP_ALG_AAI_HMAC_PRECOMP,
1558 .cra_name = "echainiv(authenc(hmac(sha512),"
1560 .cra_driver_name = "echainiv-authenc-"
1561 "hmac-sha512-cbc-aes-"
1563 .cra_blocksize = AES_BLOCK_SIZE,
1565 .setkey = aead_setkey,
1566 .setauthsize = aead_setauthsize,
1567 .encrypt = aead_encrypt,
1568 .decrypt = aead_decrypt,
1569 .ivsize = AES_BLOCK_SIZE,
1570 .maxauthsize = SHA512_DIGEST_SIZE,
1573 .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
1574 .class2_alg_type = OP_ALG_ALGSEL_SHA512 |
1575 OP_ALG_AAI_HMAC_PRECOMP,
1582 .cra_name = "authenc(hmac(md5),cbc(des3_ede))",
1583 .cra_driver_name = "authenc-hmac-md5-"
1584 "cbc-des3_ede-caam-qi",
1585 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1587 .setkey = aead_setkey,
1588 .setauthsize = aead_setauthsize,
1589 .encrypt = aead_encrypt,
1590 .decrypt = aead_decrypt,
1591 .ivsize = DES3_EDE_BLOCK_SIZE,
1592 .maxauthsize = MD5_DIGEST_SIZE,
1595 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1596 .class2_alg_type = OP_ALG_ALGSEL_MD5 |
1597 OP_ALG_AAI_HMAC_PRECOMP,
1603 .cra_name = "echainiv(authenc(hmac(md5),"
1605 .cra_driver_name = "echainiv-authenc-hmac-md5-"
1606 "cbc-des3_ede-caam-qi",
1607 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1609 .setkey = aead_setkey,
1610 .setauthsize = aead_setauthsize,
1611 .encrypt = aead_encrypt,
1612 .decrypt = aead_decrypt,
1613 .ivsize = DES3_EDE_BLOCK_SIZE,
1614 .maxauthsize = MD5_DIGEST_SIZE,
1617 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1618 .class2_alg_type = OP_ALG_ALGSEL_MD5 |
1619 OP_ALG_AAI_HMAC_PRECOMP,
1626 .cra_name = "authenc(hmac(sha1),"
1628 .cra_driver_name = "authenc-hmac-sha1-"
1629 "cbc-des3_ede-caam-qi",
1630 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1632 .setkey = aead_setkey,
1633 .setauthsize = aead_setauthsize,
1634 .encrypt = aead_encrypt,
1635 .decrypt = aead_decrypt,
1636 .ivsize = DES3_EDE_BLOCK_SIZE,
1637 .maxauthsize = SHA1_DIGEST_SIZE,
1640 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1641 .class2_alg_type = OP_ALG_ALGSEL_SHA1 |
1642 OP_ALG_AAI_HMAC_PRECOMP,
1648 .cra_name = "echainiv(authenc(hmac(sha1),"
1650 .cra_driver_name = "echainiv-authenc-"
1652 "cbc-des3_ede-caam-qi",
1653 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1655 .setkey = aead_setkey,
1656 .setauthsize = aead_setauthsize,
1657 .encrypt = aead_encrypt,
1658 .decrypt = aead_decrypt,
1659 .ivsize = DES3_EDE_BLOCK_SIZE,
1660 .maxauthsize = SHA1_DIGEST_SIZE,
1663 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1664 .class2_alg_type = OP_ALG_ALGSEL_SHA1 |
1665 OP_ALG_AAI_HMAC_PRECOMP,
1672 .cra_name = "authenc(hmac(sha224),"
1674 .cra_driver_name = "authenc-hmac-sha224-"
1675 "cbc-des3_ede-caam-qi",
1676 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1678 .setkey = aead_setkey,
1679 .setauthsize = aead_setauthsize,
1680 .encrypt = aead_encrypt,
1681 .decrypt = aead_decrypt,
1682 .ivsize = DES3_EDE_BLOCK_SIZE,
1683 .maxauthsize = SHA224_DIGEST_SIZE,
1686 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1687 .class2_alg_type = OP_ALG_ALGSEL_SHA224 |
1688 OP_ALG_AAI_HMAC_PRECOMP,
1694 .cra_name = "echainiv(authenc(hmac(sha224),"
1696 .cra_driver_name = "echainiv-authenc-"
1698 "cbc-des3_ede-caam-qi",
1699 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1701 .setkey = aead_setkey,
1702 .setauthsize = aead_setauthsize,
1703 .encrypt = aead_encrypt,
1704 .decrypt = aead_decrypt,
1705 .ivsize = DES3_EDE_BLOCK_SIZE,
1706 .maxauthsize = SHA224_DIGEST_SIZE,
1709 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1710 .class2_alg_type = OP_ALG_ALGSEL_SHA224 |
1711 OP_ALG_AAI_HMAC_PRECOMP,
1718 .cra_name = "authenc(hmac(sha256),"
1720 .cra_driver_name = "authenc-hmac-sha256-"
1721 "cbc-des3_ede-caam-qi",
1722 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1724 .setkey = aead_setkey,
1725 .setauthsize = aead_setauthsize,
1726 .encrypt = aead_encrypt,
1727 .decrypt = aead_decrypt,
1728 .ivsize = DES3_EDE_BLOCK_SIZE,
1729 .maxauthsize = SHA256_DIGEST_SIZE,
1732 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1733 .class2_alg_type = OP_ALG_ALGSEL_SHA256 |
1734 OP_ALG_AAI_HMAC_PRECOMP,
1740 .cra_name = "echainiv(authenc(hmac(sha256),"
1742 .cra_driver_name = "echainiv-authenc-"
1744 "cbc-des3_ede-caam-qi",
1745 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1747 .setkey = aead_setkey,
1748 .setauthsize = aead_setauthsize,
1749 .encrypt = aead_encrypt,
1750 .decrypt = aead_decrypt,
1751 .ivsize = DES3_EDE_BLOCK_SIZE,
1752 .maxauthsize = SHA256_DIGEST_SIZE,
1755 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1756 .class2_alg_type = OP_ALG_ALGSEL_SHA256 |
1757 OP_ALG_AAI_HMAC_PRECOMP,
1764 .cra_name = "authenc(hmac(sha384),"
1766 .cra_driver_name = "authenc-hmac-sha384-"
1767 "cbc-des3_ede-caam-qi",
1768 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1770 .setkey = aead_setkey,
1771 .setauthsize = aead_setauthsize,
1772 .encrypt = aead_encrypt,
1773 .decrypt = aead_decrypt,
1774 .ivsize = DES3_EDE_BLOCK_SIZE,
1775 .maxauthsize = SHA384_DIGEST_SIZE,
1778 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1779 .class2_alg_type = OP_ALG_ALGSEL_SHA384 |
1780 OP_ALG_AAI_HMAC_PRECOMP,
1786 .cra_name = "echainiv(authenc(hmac(sha384),"
1788 .cra_driver_name = "echainiv-authenc-"
1790 "cbc-des3_ede-caam-qi",
1791 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1793 .setkey = aead_setkey,
1794 .setauthsize = aead_setauthsize,
1795 .encrypt = aead_encrypt,
1796 .decrypt = aead_decrypt,
1797 .ivsize = DES3_EDE_BLOCK_SIZE,
1798 .maxauthsize = SHA384_DIGEST_SIZE,
1801 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1802 .class2_alg_type = OP_ALG_ALGSEL_SHA384 |
1803 OP_ALG_AAI_HMAC_PRECOMP,
1810 .cra_name = "authenc(hmac(sha512),"
1812 .cra_driver_name = "authenc-hmac-sha512-"
1813 "cbc-des3_ede-caam-qi",
1814 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1816 .setkey = aead_setkey,
1817 .setauthsize = aead_setauthsize,
1818 .encrypt = aead_encrypt,
1819 .decrypt = aead_decrypt,
1820 .ivsize = DES3_EDE_BLOCK_SIZE,
1821 .maxauthsize = SHA512_DIGEST_SIZE,
1824 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1825 .class2_alg_type = OP_ALG_ALGSEL_SHA512 |
1826 OP_ALG_AAI_HMAC_PRECOMP,
1832 .cra_name = "echainiv(authenc(hmac(sha512),"
1834 .cra_driver_name = "echainiv-authenc-"
1836 "cbc-des3_ede-caam-qi",
1837 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1839 .setkey = aead_setkey,
1840 .setauthsize = aead_setauthsize,
1841 .encrypt = aead_encrypt,
1842 .decrypt = aead_decrypt,
1843 .ivsize = DES3_EDE_BLOCK_SIZE,
1844 .maxauthsize = SHA512_DIGEST_SIZE,
1847 .class1_alg_type = OP_ALG_ALGSEL_3DES | OP_ALG_AAI_CBC,
1848 .class2_alg_type = OP_ALG_ALGSEL_SHA512 |
1849 OP_ALG_AAI_HMAC_PRECOMP,
1856 .cra_name = "authenc(hmac(md5),cbc(des))",
1857 .cra_driver_name = "authenc-hmac-md5-"
1859 .cra_blocksize = DES_BLOCK_SIZE,
1861 .setkey = aead_setkey,
1862 .setauthsize = aead_setauthsize,
1863 .encrypt = aead_encrypt,
1864 .decrypt = aead_decrypt,
1865 .ivsize = DES_BLOCK_SIZE,
1866 .maxauthsize = MD5_DIGEST_SIZE,
1869 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
1870 .class2_alg_type = OP_ALG_ALGSEL_MD5 |
1871 OP_ALG_AAI_HMAC_PRECOMP,
1877 .cra_name = "echainiv(authenc(hmac(md5),"
1879 .cra_driver_name = "echainiv-authenc-hmac-md5-"
1881 .cra_blocksize = DES_BLOCK_SIZE,
1883 .setkey = aead_setkey,
1884 .setauthsize = aead_setauthsize,
1885 .encrypt = aead_encrypt,
1886 .decrypt = aead_decrypt,
1887 .ivsize = DES_BLOCK_SIZE,
1888 .maxauthsize = MD5_DIGEST_SIZE,
1891 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
1892 .class2_alg_type = OP_ALG_ALGSEL_MD5 |
1893 OP_ALG_AAI_HMAC_PRECOMP,
1900 .cra_name = "authenc(hmac(sha1),cbc(des))",
1901 .cra_driver_name = "authenc-hmac-sha1-"
1903 .cra_blocksize = DES_BLOCK_SIZE,
1905 .setkey = aead_setkey,
1906 .setauthsize = aead_setauthsize,
1907 .encrypt = aead_encrypt,
1908 .decrypt = aead_decrypt,
1909 .ivsize = DES_BLOCK_SIZE,
1910 .maxauthsize = SHA1_DIGEST_SIZE,
1913 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
1914 .class2_alg_type = OP_ALG_ALGSEL_SHA1 |
1915 OP_ALG_AAI_HMAC_PRECOMP,
1921 .cra_name = "echainiv(authenc(hmac(sha1),"
1923 .cra_driver_name = "echainiv-authenc-"
1924 "hmac-sha1-cbc-des-caam-qi",
1925 .cra_blocksize = DES_BLOCK_SIZE,
1927 .setkey = aead_setkey,
1928 .setauthsize = aead_setauthsize,
1929 .encrypt = aead_encrypt,
1930 .decrypt = aead_decrypt,
1931 .ivsize = DES_BLOCK_SIZE,
1932 .maxauthsize = SHA1_DIGEST_SIZE,
1935 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
1936 .class2_alg_type = OP_ALG_ALGSEL_SHA1 |
1937 OP_ALG_AAI_HMAC_PRECOMP,
1944 .cra_name = "authenc(hmac(sha224),cbc(des))",
1945 .cra_driver_name = "authenc-hmac-sha224-"
1947 .cra_blocksize = DES_BLOCK_SIZE,
1949 .setkey = aead_setkey,
1950 .setauthsize = aead_setauthsize,
1951 .encrypt = aead_encrypt,
1952 .decrypt = aead_decrypt,
1953 .ivsize = DES_BLOCK_SIZE,
1954 .maxauthsize = SHA224_DIGEST_SIZE,
1957 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
1958 .class2_alg_type = OP_ALG_ALGSEL_SHA224 |
1959 OP_ALG_AAI_HMAC_PRECOMP,
1965 .cra_name = "echainiv(authenc(hmac(sha224),"
1967 .cra_driver_name = "echainiv-authenc-"
1968 "hmac-sha224-cbc-des-"
1970 .cra_blocksize = DES_BLOCK_SIZE,
1972 .setkey = aead_setkey,
1973 .setauthsize = aead_setauthsize,
1974 .encrypt = aead_encrypt,
1975 .decrypt = aead_decrypt,
1976 .ivsize = DES_BLOCK_SIZE,
1977 .maxauthsize = SHA224_DIGEST_SIZE,
1980 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
1981 .class2_alg_type = OP_ALG_ALGSEL_SHA224 |
1982 OP_ALG_AAI_HMAC_PRECOMP,
1989 .cra_name = "authenc(hmac(sha256),cbc(des))",
1990 .cra_driver_name = "authenc-hmac-sha256-"
1992 .cra_blocksize = DES_BLOCK_SIZE,
1994 .setkey = aead_setkey,
1995 .setauthsize = aead_setauthsize,
1996 .encrypt = aead_encrypt,
1997 .decrypt = aead_decrypt,
1998 .ivsize = DES_BLOCK_SIZE,
1999 .maxauthsize = SHA256_DIGEST_SIZE,
2002 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
2003 .class2_alg_type = OP_ALG_ALGSEL_SHA256 |
2004 OP_ALG_AAI_HMAC_PRECOMP,
2010 .cra_name = "echainiv(authenc(hmac(sha256),"
2012 .cra_driver_name = "echainiv-authenc-"
2013 "hmac-sha256-cbc-des-"
2015 .cra_blocksize = DES_BLOCK_SIZE,
2017 .setkey = aead_setkey,
2018 .setauthsize = aead_setauthsize,
2019 .encrypt = aead_encrypt,
2020 .decrypt = aead_decrypt,
2021 .ivsize = DES_BLOCK_SIZE,
2022 .maxauthsize = SHA256_DIGEST_SIZE,
2025 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
2026 .class2_alg_type = OP_ALG_ALGSEL_SHA256 |
2027 OP_ALG_AAI_HMAC_PRECOMP,
2034 .cra_name = "authenc(hmac(sha384),cbc(des))",
2035 .cra_driver_name = "authenc-hmac-sha384-"
2037 .cra_blocksize = DES_BLOCK_SIZE,
2039 .setkey = aead_setkey,
2040 .setauthsize = aead_setauthsize,
2041 .encrypt = aead_encrypt,
2042 .decrypt = aead_decrypt,
2043 .ivsize = DES_BLOCK_SIZE,
2044 .maxauthsize = SHA384_DIGEST_SIZE,
2047 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
2048 .class2_alg_type = OP_ALG_ALGSEL_SHA384 |
2049 OP_ALG_AAI_HMAC_PRECOMP,
2055 .cra_name = "echainiv(authenc(hmac(sha384),"
2057 .cra_driver_name = "echainiv-authenc-"
2058 "hmac-sha384-cbc-des-"
2060 .cra_blocksize = DES_BLOCK_SIZE,
2062 .setkey = aead_setkey,
2063 .setauthsize = aead_setauthsize,
2064 .encrypt = aead_encrypt,
2065 .decrypt = aead_decrypt,
2066 .ivsize = DES_BLOCK_SIZE,
2067 .maxauthsize = SHA384_DIGEST_SIZE,
2070 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
2071 .class2_alg_type = OP_ALG_ALGSEL_SHA384 |
2072 OP_ALG_AAI_HMAC_PRECOMP,
2079 .cra_name = "authenc(hmac(sha512),cbc(des))",
2080 .cra_driver_name = "authenc-hmac-sha512-"
2082 .cra_blocksize = DES_BLOCK_SIZE,
2084 .setkey = aead_setkey,
2085 .setauthsize = aead_setauthsize,
2086 .encrypt = aead_encrypt,
2087 .decrypt = aead_decrypt,
2088 .ivsize = DES_BLOCK_SIZE,
2089 .maxauthsize = SHA512_DIGEST_SIZE,
2092 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
2093 .class2_alg_type = OP_ALG_ALGSEL_SHA512 |
2094 OP_ALG_AAI_HMAC_PRECOMP,
2100 .cra_name = "echainiv(authenc(hmac(sha512),"
2102 .cra_driver_name = "echainiv-authenc-"
2103 "hmac-sha512-cbc-des-"
2105 .cra_blocksize = DES_BLOCK_SIZE,
2107 .setkey = aead_setkey,
2108 .setauthsize = aead_setauthsize,
2109 .encrypt = aead_encrypt,
2110 .decrypt = aead_decrypt,
2111 .ivsize = DES_BLOCK_SIZE,
2112 .maxauthsize = SHA512_DIGEST_SIZE,
2115 .class1_alg_type = OP_ALG_ALGSEL_DES | OP_ALG_AAI_CBC,
2116 .class2_alg_type = OP_ALG_ALGSEL_SHA512 |
2117 OP_ALG_AAI_HMAC_PRECOMP,
2123 struct caam_crypto_alg {
2124 struct list_head entry;
2125 struct crypto_alg crypto_alg;
2126 struct caam_alg_entry caam;
2129 static int caam_init_common(struct caam_ctx *ctx, struct caam_alg_entry *caam)
2131 struct caam_drv_private *priv;
2134 * distribute tfms across job rings to ensure in-order
2135 * crypto request processing per tfm
2137 ctx->jrdev = caam_jr_alloc();
2138 if (IS_ERR(ctx->jrdev)) {
2139 pr_err("Job Ring Device allocation for transform failed\n");
2140 return PTR_ERR(ctx->jrdev);
2143 ctx->key_dma = dma_map_single(ctx->jrdev, ctx->key, sizeof(ctx->key),
2145 if (dma_mapping_error(ctx->jrdev, ctx->key_dma)) {
2146 dev_err(ctx->jrdev, "unable to map key\n");
2147 caam_jr_free(ctx->jrdev);
2151 /* copy descriptor header template value */
2152 ctx->cdata.algtype = OP_TYPE_CLASS1_ALG | caam->class1_alg_type;
2153 ctx->adata.algtype = OP_TYPE_CLASS2_ALG | caam->class2_alg_type;
2155 priv = dev_get_drvdata(ctx->jrdev->parent);
2156 ctx->qidev = priv->qidev;
2158 spin_lock_init(&ctx->lock);
2159 ctx->drv_ctx[ENCRYPT] = NULL;
2160 ctx->drv_ctx[DECRYPT] = NULL;
2161 ctx->drv_ctx[GIVENCRYPT] = NULL;
2166 static int caam_cra_init(struct crypto_tfm *tfm)
2168 struct crypto_alg *alg = tfm->__crt_alg;
2169 struct caam_crypto_alg *caam_alg = container_of(alg, typeof(*caam_alg),
2171 struct caam_ctx *ctx = crypto_tfm_ctx(tfm);
2173 return caam_init_common(ctx, &caam_alg->caam);
2176 static int caam_aead_init(struct crypto_aead *tfm)
2178 struct aead_alg *alg = crypto_aead_alg(tfm);
2179 struct caam_aead_alg *caam_alg = container_of(alg, typeof(*caam_alg),
2181 struct caam_ctx *ctx = crypto_aead_ctx(tfm);
2183 return caam_init_common(ctx, &caam_alg->caam);
2186 static void caam_exit_common(struct caam_ctx *ctx)
2188 caam_drv_ctx_rel(ctx->drv_ctx[ENCRYPT]);
2189 caam_drv_ctx_rel(ctx->drv_ctx[DECRYPT]);
2190 caam_drv_ctx_rel(ctx->drv_ctx[GIVENCRYPT]);
2192 dma_unmap_single(ctx->jrdev, ctx->key_dma, sizeof(ctx->key),
2195 caam_jr_free(ctx->jrdev);
2198 static void caam_cra_exit(struct crypto_tfm *tfm)
2200 caam_exit_common(crypto_tfm_ctx(tfm));
2203 static void caam_aead_exit(struct crypto_aead *tfm)
2205 caam_exit_common(crypto_aead_ctx(tfm));
2208 static struct list_head alg_list;
2209 static void __exit caam_qi_algapi_exit(void)
2211 struct caam_crypto_alg *t_alg, *n;
2214 for (i = 0; i < ARRAY_SIZE(driver_aeads); i++) {
2215 struct caam_aead_alg *t_alg = driver_aeads + i;
2217 if (t_alg->registered)
2218 crypto_unregister_aead(&t_alg->aead);
2224 list_for_each_entry_safe(t_alg, n, &alg_list, entry) {
2225 crypto_unregister_alg(&t_alg->crypto_alg);
2226 list_del(&t_alg->entry);
2231 static struct caam_crypto_alg *caam_alg_alloc(struct caam_alg_template
2234 struct caam_crypto_alg *t_alg;
2235 struct crypto_alg *alg;
2237 t_alg = kzalloc(sizeof(*t_alg), GFP_KERNEL);
2239 return ERR_PTR(-ENOMEM);
2241 alg = &t_alg->crypto_alg;
2243 snprintf(alg->cra_name, CRYPTO_MAX_ALG_NAME, "%s", template->name);
2244 snprintf(alg->cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s",
2245 template->driver_name);
2246 alg->cra_module = THIS_MODULE;
2247 alg->cra_init = caam_cra_init;
2248 alg->cra_exit = caam_cra_exit;
2249 alg->cra_priority = CAAM_CRA_PRIORITY;
2250 alg->cra_blocksize = template->blocksize;
2251 alg->cra_alignmask = 0;
2252 alg->cra_ctxsize = sizeof(struct caam_ctx);
2253 alg->cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY |
2255 switch (template->type) {
2256 case CRYPTO_ALG_TYPE_GIVCIPHER:
2257 alg->cra_type = &crypto_givcipher_type;
2258 alg->cra_ablkcipher = template->template_ablkcipher;
2260 case CRYPTO_ALG_TYPE_ABLKCIPHER:
2261 alg->cra_type = &crypto_ablkcipher_type;
2262 alg->cra_ablkcipher = template->template_ablkcipher;
2266 t_alg->caam.class1_alg_type = template->class1_alg_type;
2267 t_alg->caam.class2_alg_type = template->class2_alg_type;
2272 static void caam_aead_alg_init(struct caam_aead_alg *t_alg)
2274 struct aead_alg *alg = &t_alg->aead;
2276 alg->base.cra_module = THIS_MODULE;
2277 alg->base.cra_priority = CAAM_CRA_PRIORITY;
2278 alg->base.cra_ctxsize = sizeof(struct caam_ctx);
2279 alg->base.cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_KERN_DRIVER_ONLY;
2281 alg->init = caam_aead_init;
2282 alg->exit = caam_aead_exit;
2285 static int __init caam_qi_algapi_init(void)
2287 struct device_node *dev_node;
2288 struct platform_device *pdev;
2289 struct device *ctrldev;
2290 struct caam_drv_private *priv;
2292 u32 cha_vid, cha_inst, des_inst, aes_inst, md_inst;
2293 unsigned int md_limit = SHA512_DIGEST_SIZE;
2294 bool registered = false;
2296 dev_node = of_find_compatible_node(NULL, NULL, "fsl,sec-v4.0");
2298 dev_node = of_find_compatible_node(NULL, NULL, "fsl,sec4.0");
2303 pdev = of_find_device_by_node(dev_node);
2304 of_node_put(dev_node);
2308 ctrldev = &pdev->dev;
2309 priv = dev_get_drvdata(ctrldev);
2312 * If priv is NULL, it's probably because the caam driver wasn't
2313 * properly initialized (e.g. RNG4 init failed). Thus, bail out here.
2315 if (!priv || !priv->qi_present)
2318 INIT_LIST_HEAD(&alg_list);
2321 * Register crypto algorithms the device supports.
2322 * First, detect presence and attributes of DES, AES, and MD blocks.
2324 cha_vid = rd_reg32(&priv->ctrl->perfmon.cha_id_ls);
2325 cha_inst = rd_reg32(&priv->ctrl->perfmon.cha_num_ls);
2326 des_inst = (cha_inst & CHA_ID_LS_DES_MASK) >> CHA_ID_LS_DES_SHIFT;
2327 aes_inst = (cha_inst & CHA_ID_LS_AES_MASK) >> CHA_ID_LS_AES_SHIFT;
2328 md_inst = (cha_inst & CHA_ID_LS_MD_MASK) >> CHA_ID_LS_MD_SHIFT;
2330 /* If MD is present, limit digest size based on LP256 */
2331 if (md_inst && ((cha_vid & CHA_ID_LS_MD_MASK) == CHA_ID_LS_MD_LP256))
2332 md_limit = SHA256_DIGEST_SIZE;
2334 for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {
2335 struct caam_crypto_alg *t_alg;
2336 struct caam_alg_template *alg = driver_algs + i;
2337 u32 alg_sel = alg->class1_alg_type & OP_ALG_ALGSEL_MASK;
2339 /* Skip DES algorithms if not supported by device */
2341 ((alg_sel == OP_ALG_ALGSEL_3DES) ||
2342 (alg_sel == OP_ALG_ALGSEL_DES)))
2345 /* Skip AES algorithms if not supported by device */
2346 if (!aes_inst && (alg_sel == OP_ALG_ALGSEL_AES))
2349 t_alg = caam_alg_alloc(alg);
2350 if (IS_ERR(t_alg)) {
2351 err = PTR_ERR(t_alg);
2352 dev_warn(priv->qidev, "%s alg allocation failed\n",
2357 err = crypto_register_alg(&t_alg->crypto_alg);
2359 dev_warn(priv->qidev, "%s alg registration failed\n",
2360 t_alg->crypto_alg.cra_driver_name);
2365 list_add_tail(&t_alg->entry, &alg_list);
2369 for (i = 0; i < ARRAY_SIZE(driver_aeads); i++) {
2370 struct caam_aead_alg *t_alg = driver_aeads + i;
2371 u32 c1_alg_sel = t_alg->caam.class1_alg_type &
2373 u32 c2_alg_sel = t_alg->caam.class2_alg_type &
2375 u32 alg_aai = t_alg->caam.class1_alg_type & OP_ALG_AAI_MASK;
2377 /* Skip DES algorithms if not supported by device */
2379 ((c1_alg_sel == OP_ALG_ALGSEL_3DES) ||
2380 (c1_alg_sel == OP_ALG_ALGSEL_DES)))
2383 /* Skip AES algorithms if not supported by device */
2384 if (!aes_inst && (c1_alg_sel == OP_ALG_ALGSEL_AES))
2388 * Check support for AES algorithms not available
2391 if (((cha_vid & CHA_ID_LS_AES_MASK) == CHA_ID_LS_AES_LP) &&
2392 (alg_aai == OP_ALG_AAI_GCM))
2396 * Skip algorithms requiring message digests
2397 * if MD or MD size is not supported by device.
2400 (!md_inst || (t_alg->aead.maxauthsize > md_limit)))
2403 caam_aead_alg_init(t_alg);
2405 err = crypto_register_aead(&t_alg->aead);
2407 pr_warn("%s alg registration failed\n",
2408 t_alg->aead.base.cra_driver_name);
2412 t_alg->registered = true;
2417 dev_info(priv->qidev, "algorithms registered in /proc/crypto\n");
2422 module_init(caam_qi_algapi_init);
2423 module_exit(caam_qi_algapi_exit);
2425 MODULE_LICENSE("GPL");
2426 MODULE_DESCRIPTION("Support for crypto API using CAAM-QI backend");
2427 MODULE_AUTHOR("Freescale Semiconductor");