1 // SPDX-License-Identifier: GPL-2.0-only
3 * sha2-ce-glue.c - SHA-224/SHA-256 using ARMv8 Crypto Extensions
5 * Copyright (C) 2014 - 2017 Linaro Ltd <ard.biesheuvel@linaro.org>
10 #include <asm/unaligned.h>
11 #include <crypto/internal/hash.h>
12 #include <crypto/internal/simd.h>
13 #include <crypto/sha.h>
14 #include <crypto/sha256_base.h>
15 #include <linux/cpufeature.h>
16 #include <linux/crypto.h>
17 #include <linux/module.h>
19 MODULE_DESCRIPTION("SHA-224/SHA-256 secure hash using ARMv8 Crypto Extensions");
20 MODULE_AUTHOR("Ard Biesheuvel <ard.biesheuvel@linaro.org>");
21 MODULE_LICENSE("GPL v2");
23 struct sha256_ce_state {
24 struct sha256_state sst;
28 asmlinkage void sha2_ce_transform(struct sha256_ce_state *sst, u8 const *src,
31 static void __sha2_ce_transform(struct sha256_state *sst, u8 const *src,
34 sha2_ce_transform(container_of(sst, struct sha256_ce_state, sst), src,
38 const u32 sha256_ce_offsetof_count = offsetof(struct sha256_ce_state,
40 const u32 sha256_ce_offsetof_finalize = offsetof(struct sha256_ce_state,
43 asmlinkage void sha256_block_data_order(u32 *digest, u8 const *src, int blocks);
45 static void __sha256_block_data_order(struct sha256_state *sst, u8 const *src,
48 sha256_block_data_order(sst->state, src, blocks);
51 static int sha256_ce_update(struct shash_desc *desc, const u8 *data,
54 struct sha256_ce_state *sctx = shash_desc_ctx(desc);
56 if (!crypto_simd_usable())
57 return sha256_base_do_update(desc, data, len,
58 __sha256_block_data_order);
62 sha256_base_do_update(desc, data, len, __sha2_ce_transform);
68 static int sha256_ce_finup(struct shash_desc *desc, const u8 *data,
69 unsigned int len, u8 *out)
71 struct sha256_ce_state *sctx = shash_desc_ctx(desc);
72 bool finalize = !sctx->sst.count && !(len % SHA256_BLOCK_SIZE) && len;
74 if (!crypto_simd_usable()) {
76 sha256_base_do_update(desc, data, len,
77 __sha256_block_data_order);
78 sha256_base_do_finalize(desc, __sha256_block_data_order);
79 return sha256_base_finish(desc, out);
83 * Allow the asm code to perform the finalization if there is no
84 * partial data and the input is a round multiple of the block size.
86 sctx->finalize = finalize;
89 sha256_base_do_update(desc, data, len, __sha2_ce_transform);
91 sha256_base_do_finalize(desc, __sha2_ce_transform);
93 return sha256_base_finish(desc, out);
96 static int sha256_ce_final(struct shash_desc *desc, u8 *out)
98 struct sha256_ce_state *sctx = shash_desc_ctx(desc);
100 if (!crypto_simd_usable()) {
101 sha256_base_do_finalize(desc, __sha256_block_data_order);
102 return sha256_base_finish(desc, out);
107 sha256_base_do_finalize(desc, __sha2_ce_transform);
109 return sha256_base_finish(desc, out);
112 static int sha256_ce_export(struct shash_desc *desc, void *out)
114 struct sha256_ce_state *sctx = shash_desc_ctx(desc);
116 memcpy(out, &sctx->sst, sizeof(struct sha256_state));
120 static int sha256_ce_import(struct shash_desc *desc, const void *in)
122 struct sha256_ce_state *sctx = shash_desc_ctx(desc);
124 memcpy(&sctx->sst, in, sizeof(struct sha256_state));
129 static struct shash_alg algs[] = { {
130 .init = sha224_base_init,
131 .update = sha256_ce_update,
132 .final = sha256_ce_final,
133 .finup = sha256_ce_finup,
134 .export = sha256_ce_export,
135 .import = sha256_ce_import,
136 .descsize = sizeof(struct sha256_ce_state),
137 .statesize = sizeof(struct sha256_state),
138 .digestsize = SHA224_DIGEST_SIZE,
140 .cra_name = "sha224",
141 .cra_driver_name = "sha224-ce",
143 .cra_blocksize = SHA256_BLOCK_SIZE,
144 .cra_module = THIS_MODULE,
147 .init = sha256_base_init,
148 .update = sha256_ce_update,
149 .final = sha256_ce_final,
150 .finup = sha256_ce_finup,
151 .export = sha256_ce_export,
152 .import = sha256_ce_import,
153 .descsize = sizeof(struct sha256_ce_state),
154 .statesize = sizeof(struct sha256_state),
155 .digestsize = SHA256_DIGEST_SIZE,
157 .cra_name = "sha256",
158 .cra_driver_name = "sha256-ce",
160 .cra_blocksize = SHA256_BLOCK_SIZE,
161 .cra_module = THIS_MODULE,
165 static int __init sha2_ce_mod_init(void)
167 return crypto_register_shashes(algs, ARRAY_SIZE(algs));
170 static void __exit sha2_ce_mod_fini(void)
172 crypto_unregister_shashes(algs, ARRAY_SIZE(algs));
175 module_cpu_feature_match(SHA2, sha2_ce_mod_init);
176 module_exit(sha2_ce_mod_fini);