2 * Copyright (C) 2012-2017 ARM Limited or its affiliates.
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, see <http://www.gnu.org/licenses/>.
17 #include <linux/platform_device.h>
18 #include <crypto/ctr.h>
19 #include "ssi_config.h"
20 #include "ssi_driver.h"
21 #include "ssi_ivgen.h"
22 #include "ssi_request_mgr.h"
23 #include "ssi_sram_mgr.h"
24 #include "ssi_buffer_mgr.h"
26 /* The max. size of pool *MUST* be <= SRAM total size */
27 #define SSI_IVPOOL_SIZE 1024
28 /* The first 32B fraction of pool are dedicated to the
29 * next encryption "key" & "IV" for pool regeneration
31 #define SSI_IVPOOL_META_SIZE (CC_AES_IV_SIZE + AES_KEYSIZE_128)
32 #define SSI_IVPOOL_GEN_SEQ_LEN 4
35 * struct ssi_ivgen_ctx -IV pool generation context
36 * @pool: the start address of the iv-pool resides in internal RAM
37 * @ctr_key_dma: address of pool's encryption key material in internal RAM
38 * @ctr_iv_dma: address of pool's counter iv in internal RAM
39 * @next_iv_ofs: the offset to the next available IV in pool
40 * @pool_meta: virt. address of the initial enc. key/IV
41 * @pool_meta_dma: phys. address of the initial enc. key/IV
43 struct ssi_ivgen_ctx {
45 ssi_sram_addr_t ctr_key;
46 ssi_sram_addr_t ctr_iv;
49 dma_addr_t pool_meta_dma;
53 * Generates SSI_IVPOOL_SIZE of random bytes by
54 * encrypting 0's using AES128-CTR.
56 * \param ivgen iv-pool context
57 * \param iv_seq IN/OUT array to the descriptors sequence
58 * \param iv_seq_len IN/OUT pointer to the sequence length
60 static int ssi_ivgen_generate_pool(
61 struct ssi_ivgen_ctx *ivgen_ctx,
62 struct cc_hw_desc iv_seq[],
63 unsigned int *iv_seq_len)
65 unsigned int idx = *iv_seq_len;
67 if ((*iv_seq_len + SSI_IVPOOL_GEN_SEQ_LEN) > SSI_IVPOOL_SEQ_LEN) {
68 /* The sequence will be longer than allowed */
72 hw_desc_init(&iv_seq[idx]);
73 set_din_sram(&iv_seq[idx], ivgen_ctx->ctr_key, AES_KEYSIZE_128);
74 set_setup_mode(&iv_seq[idx], SETUP_LOAD_KEY0);
75 set_cipher_config0(&iv_seq[idx], DESC_DIRECTION_ENCRYPT_ENCRYPT);
76 set_flow_mode(&iv_seq[idx], S_DIN_to_AES);
77 set_key_size_aes(&iv_seq[idx], CC_AES_128_BIT_KEY_SIZE);
78 set_cipher_mode(&iv_seq[idx], DRV_CIPHER_CTR);
81 /* Setup cipher state */
82 hw_desc_init(&iv_seq[idx]);
83 set_din_sram(&iv_seq[idx], ivgen_ctx->ctr_iv, CC_AES_IV_SIZE);
84 set_cipher_config0(&iv_seq[idx], DESC_DIRECTION_ENCRYPT_ENCRYPT);
85 set_flow_mode(&iv_seq[idx], S_DIN_to_AES);
86 set_setup_mode(&iv_seq[idx], SETUP_LOAD_STATE1);
87 set_key_size_aes(&iv_seq[idx], CC_AES_128_BIT_KEY_SIZE);
88 set_cipher_mode(&iv_seq[idx], DRV_CIPHER_CTR);
91 /* Perform dummy encrypt to skip first block */
92 hw_desc_init(&iv_seq[idx]);
93 set_din_const(&iv_seq[idx], 0, CC_AES_IV_SIZE);
94 set_dout_sram(&iv_seq[idx], ivgen_ctx->pool, CC_AES_IV_SIZE);
95 set_flow_mode(&iv_seq[idx], DIN_AES_DOUT);
98 /* Generate IV pool */
99 hw_desc_init(&iv_seq[idx]);
100 set_din_const(&iv_seq[idx], 0, SSI_IVPOOL_SIZE);
101 set_dout_sram(&iv_seq[idx], ivgen_ctx->pool, SSI_IVPOOL_SIZE);
102 set_flow_mode(&iv_seq[idx], DIN_AES_DOUT);
105 *iv_seq_len = idx; /* Update sequence length */
107 /* queue ordering assures pool readiness */
108 ivgen_ctx->next_iv_ofs = SSI_IVPOOL_META_SIZE;
114 * Generates the initial pool in SRAM.
115 * This function should be invoked when resuming DX driver.
119 * \return int Zero for success, negative value otherwise.
121 int ssi_ivgen_init_sram_pool(struct ssi_drvdata *drvdata)
123 struct ssi_ivgen_ctx *ivgen_ctx = drvdata->ivgen_handle;
124 struct cc_hw_desc iv_seq[SSI_IVPOOL_SEQ_LEN];
125 unsigned int iv_seq_len = 0;
128 /* Generate initial enc. key/iv */
129 get_random_bytes(ivgen_ctx->pool_meta, SSI_IVPOOL_META_SIZE);
131 /* The first 32B reserved for the enc. Key/IV */
132 ivgen_ctx->ctr_key = ivgen_ctx->pool;
133 ivgen_ctx->ctr_iv = ivgen_ctx->pool + AES_KEYSIZE_128;
135 /* Copy initial enc. key and IV to SRAM at a single descriptor */
136 hw_desc_init(&iv_seq[iv_seq_len]);
137 set_din_type(&iv_seq[iv_seq_len], DMA_DLLI, ivgen_ctx->pool_meta_dma,
138 SSI_IVPOOL_META_SIZE, NS_BIT);
139 set_dout_sram(&iv_seq[iv_seq_len], ivgen_ctx->pool,
140 SSI_IVPOOL_META_SIZE);
141 set_flow_mode(&iv_seq[iv_seq_len], BYPASS);
144 /* Generate initial pool */
145 rc = ssi_ivgen_generate_pool(ivgen_ctx, iv_seq, &iv_seq_len);
149 /* Fire-and-forget */
150 return send_request_init(drvdata, iv_seq, iv_seq_len);
154 * Free iv-pool and ivgen context.
158 void ssi_ivgen_fini(struct ssi_drvdata *drvdata)
160 struct ssi_ivgen_ctx *ivgen_ctx = drvdata->ivgen_handle;
161 struct device *device = &drvdata->plat_dev->dev;
166 if (ivgen_ctx->pool_meta) {
167 memset(ivgen_ctx->pool_meta, 0, SSI_IVPOOL_META_SIZE);
168 dma_free_coherent(device, SSI_IVPOOL_META_SIZE,
169 ivgen_ctx->pool_meta,
170 ivgen_ctx->pool_meta_dma);
173 ivgen_ctx->pool = NULL_SRAM_ADDR;
175 /* release "this" context */
180 * Allocates iv-pool and maps resources.
181 * This function generates the first IV pool.
183 * \param drvdata Driver's private context
185 * \return int Zero for success, negative value otherwise.
187 int ssi_ivgen_init(struct ssi_drvdata *drvdata)
189 struct ssi_ivgen_ctx *ivgen_ctx;
190 struct device *device = &drvdata->plat_dev->dev;
193 /* Allocate "this" context */
194 drvdata->ivgen_handle = kzalloc(sizeof(*drvdata->ivgen_handle),
196 if (!drvdata->ivgen_handle)
199 ivgen_ctx = drvdata->ivgen_handle;
201 /* Allocate pool's header for initial enc. key/IV */
202 ivgen_ctx->pool_meta = dma_alloc_coherent(device, SSI_IVPOOL_META_SIZE,
203 &ivgen_ctx->pool_meta_dma,
205 if (!ivgen_ctx->pool_meta) {
206 dev_err(device, "Not enough memory to allocate DMA of pool_meta (%u B)\n",
207 SSI_IVPOOL_META_SIZE);
211 /* Allocate IV pool in SRAM */
212 ivgen_ctx->pool = cc_sram_alloc(drvdata, SSI_IVPOOL_SIZE);
213 if (ivgen_ctx->pool == NULL_SRAM_ADDR) {
214 dev_err(device, "SRAM pool exhausted\n");
219 return ssi_ivgen_init_sram_pool(drvdata);
222 ssi_ivgen_fini(drvdata);
227 * Acquires 16 Bytes IV from the iv-pool
229 * \param drvdata Driver private context
230 * \param iv_out_dma Array of physical IV out addresses
231 * \param iv_out_dma_len Length of iv_out_dma array (additional elements of iv_out_dma array are ignore)
232 * \param iv_out_size May be 8 or 16 bytes long
233 * \param iv_seq IN/OUT array to the descriptors sequence
234 * \param iv_seq_len IN/OUT pointer to the sequence length
236 * \return int Zero for success, negative value otherwise.
239 struct ssi_drvdata *drvdata,
240 dma_addr_t iv_out_dma[],
241 unsigned int iv_out_dma_len,
242 unsigned int iv_out_size,
243 struct cc_hw_desc iv_seq[],
244 unsigned int *iv_seq_len)
246 struct ssi_ivgen_ctx *ivgen_ctx = drvdata->ivgen_handle;
247 unsigned int idx = *iv_seq_len;
248 struct device *dev = drvdata_to_dev(drvdata);
251 if (iv_out_size != CC_AES_IV_SIZE &&
252 iv_out_size != CTR_RFC3686_IV_SIZE) {
255 if ((iv_out_dma_len + 1) > SSI_IVPOOL_SEQ_LEN) {
256 /* The sequence will be longer than allowed */
260 //check that number of generated IV is limited to max dma address iv buffer size
261 if (iv_out_dma_len > SSI_MAX_IVGEN_DMA_ADDRESSES) {
262 /* The sequence will be longer than allowed */
266 for (t = 0; t < iv_out_dma_len; t++) {
267 /* Acquire IV from pool */
268 hw_desc_init(&iv_seq[idx]);
269 set_din_sram(&iv_seq[idx], (ivgen_ctx->pool +
270 ivgen_ctx->next_iv_ofs),
272 set_dout_dlli(&iv_seq[idx], iv_out_dma[t], iv_out_size,
274 set_flow_mode(&iv_seq[idx], BYPASS);
278 /* Bypass operation is proceeded by crypto sequence, hence must
279 * assure bypass-write-transaction by a memory barrier
281 hw_desc_init(&iv_seq[idx]);
282 set_din_no_dma(&iv_seq[idx], 0, 0xfffff0);
283 set_dout_no_dma(&iv_seq[idx], 0, 0, 1);
286 *iv_seq_len = idx; /* update seq length */
288 /* Update iv index */
289 ivgen_ctx->next_iv_ofs += iv_out_size;
291 if ((SSI_IVPOOL_SIZE - ivgen_ctx->next_iv_ofs) < CC_AES_IV_SIZE) {
292 dev_dbg(dev, "Pool exhausted, regenerating iv-pool\n");
293 /* pool is drained -regenerate it! */
294 return ssi_ivgen_generate_pool(ivgen_ctx, iv_seq, iv_seq_len);