1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * talitos - Freescale Integrated Security Engine (SEC) device driver
4  *
5  * Copyright (c) 2008-2011 Freescale Semiconductor, Inc.
6  *
7  * Scatterlist Crypto API glue code copied from files with the following:
8  * Copyright (c) 2006-2007 Herbert Xu <herbert@gondor.apana.org.au>
9  *
10  * Crypto algorithm registration code copied from hifn driver:
11  * 2007+ Copyright (c) Evgeniy Polyakov <johnpol@2ka.mipt.ru>
12  * All rights reserved.
13  */
14 
15 #include <linux/kernel.h>
16 #include <linux/module.h>
17 #include <linux/mod_devicetable.h>
18 #include <linux/device.h>
19 #include <linux/interrupt.h>
20 #include <linux/crypto.h>
21 #include <linux/hw_random.h>
22 #include <linux/of_address.h>
23 #include <linux/of_irq.h>
24 #include <linux/of_platform.h>
25 #include <linux/dma-mapping.h>
26 #include <linux/io.h>
27 #include <linux/spinlock.h>
28 #include <linux/rtnetlink.h>
29 #include <linux/slab.h>
30 
31 #include <crypto/algapi.h>
32 #include <crypto/aes.h>
33 #include <crypto/internal/des.h>
34 #include <crypto/sha1.h>
35 #include <crypto/sha2.h>
36 #include <crypto/md5.h>
37 #include <crypto/internal/aead.h>
38 #include <crypto/authenc.h>
39 #include <crypto/internal/skcipher.h>
40 #include <crypto/hash.h>
41 #include <crypto/internal/hash.h>
42 #include <crypto/scatterwalk.h>
43 
44 #include "talitos.h"
45 
to_talitos_ptr(struct talitos_ptr * ptr,dma_addr_t dma_addr,unsigned int len,bool is_sec1)46 static void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr,
47 			   unsigned int len, bool is_sec1)
48 {
49 	ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
50 	if (is_sec1) {
51 		ptr->len1 = cpu_to_be16(len);
52 	} else {
53 		ptr->len = cpu_to_be16(len);
54 		ptr->eptr = upper_32_bits(dma_addr);
55 	}
56 }
57 
copy_talitos_ptr(struct talitos_ptr * dst_ptr,struct talitos_ptr * src_ptr,bool is_sec1)58 static void copy_talitos_ptr(struct talitos_ptr *dst_ptr,
59 			     struct talitos_ptr *src_ptr, bool is_sec1)
60 {
61 	dst_ptr->ptr = src_ptr->ptr;
62 	if (is_sec1) {
63 		dst_ptr->len1 = src_ptr->len1;
64 	} else {
65 		dst_ptr->len = src_ptr->len;
66 		dst_ptr->eptr = src_ptr->eptr;
67 	}
68 }
69 
from_talitos_ptr_len(struct talitos_ptr * ptr,bool is_sec1)70 static unsigned short from_talitos_ptr_len(struct talitos_ptr *ptr,
71 					   bool is_sec1)
72 {
73 	if (is_sec1)
74 		return be16_to_cpu(ptr->len1);
75 	else
76 		return be16_to_cpu(ptr->len);
77 }
78 
to_talitos_ptr_ext_set(struct talitos_ptr * ptr,u8 val,bool is_sec1)79 static void to_talitos_ptr_ext_set(struct talitos_ptr *ptr, u8 val,
80 				   bool is_sec1)
81 {
82 	if (!is_sec1)
83 		ptr->j_extent = val;
84 }
85 
to_talitos_ptr_ext_or(struct talitos_ptr * ptr,u8 val,bool is_sec1)86 static void to_talitos_ptr_ext_or(struct talitos_ptr *ptr, u8 val, bool is_sec1)
87 {
88 	if (!is_sec1)
89 		ptr->j_extent |= val;
90 }
91 
92 /*
93  * map virtual single (contiguous) pointer to h/w descriptor pointer
94  */
__map_single_talitos_ptr(struct device * dev,struct talitos_ptr * ptr,unsigned int len,void * data,enum dma_data_direction dir,unsigned long attrs)95 static void __map_single_talitos_ptr(struct device *dev,
96 				     struct talitos_ptr *ptr,
97 				     unsigned int len, void *data,
98 				     enum dma_data_direction dir,
99 				     unsigned long attrs)
100 {
101 	dma_addr_t dma_addr = dma_map_single_attrs(dev, data, len, dir, attrs);
102 	struct talitos_private *priv = dev_get_drvdata(dev);
103 	bool is_sec1 = has_ftr_sec1(priv);
104 
105 	to_talitos_ptr(ptr, dma_addr, len, is_sec1);
106 }
107 
map_single_talitos_ptr(struct device * dev,struct talitos_ptr * ptr,unsigned int len,void * data,enum dma_data_direction dir)108 static void map_single_talitos_ptr(struct device *dev,
109 				   struct talitos_ptr *ptr,
110 				   unsigned int len, void *data,
111 				   enum dma_data_direction dir)
112 {
113 	__map_single_talitos_ptr(dev, ptr, len, data, dir, 0);
114 }
115 
map_single_talitos_ptr_nosync(struct device * dev,struct talitos_ptr * ptr,unsigned int len,void * data,enum dma_data_direction dir)116 static void map_single_talitos_ptr_nosync(struct device *dev,
117 					  struct talitos_ptr *ptr,
118 					  unsigned int len, void *data,
119 					  enum dma_data_direction dir)
120 {
121 	__map_single_talitos_ptr(dev, ptr, len, data, dir,
122 				 DMA_ATTR_SKIP_CPU_SYNC);
123 }
124 
125 /*
126  * unmap bus single (contiguous) h/w descriptor pointer
127  */
unmap_single_talitos_ptr(struct device * dev,struct talitos_ptr * ptr,enum dma_data_direction dir)128 static void unmap_single_talitos_ptr(struct device *dev,
129 				     struct talitos_ptr *ptr,
130 				     enum dma_data_direction dir)
131 {
132 	struct talitos_private *priv = dev_get_drvdata(dev);
133 	bool is_sec1 = has_ftr_sec1(priv);
134 
135 	dma_unmap_single(dev, be32_to_cpu(ptr->ptr),
136 			 from_talitos_ptr_len(ptr, is_sec1), dir);
137 }
138 
reset_channel(struct device * dev,int ch)139 static int reset_channel(struct device *dev, int ch)
140 {
141 	struct talitos_private *priv = dev_get_drvdata(dev);
142 	unsigned int timeout = TALITOS_TIMEOUT;
143 	bool is_sec1 = has_ftr_sec1(priv);
144 
145 	if (is_sec1) {
146 		setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO,
147 			  TALITOS1_CCCR_LO_RESET);
148 
149 		while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR_LO) &
150 			TALITOS1_CCCR_LO_RESET) && --timeout)
151 			cpu_relax();
152 	} else {
153 		setbits32(priv->chan[ch].reg + TALITOS_CCCR,
154 			  TALITOS2_CCCR_RESET);
155 
156 		while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) &
157 			TALITOS2_CCCR_RESET) && --timeout)
158 			cpu_relax();
159 	}
160 
161 	if (timeout == 0) {
162 		dev_err(dev, "failed to reset channel %d\n", ch);
163 		return -EIO;
164 	}
165 
166 	/* set 36-bit addressing, done writeback enable and done IRQ enable */
167 	setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO, TALITOS_CCCR_LO_EAE |
168 		  TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE);
169 	/* enable chaining descriptors */
170 	if (is_sec1)
171 		setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO,
172 			  TALITOS_CCCR_LO_NE);
173 
174 	/* and ICCR writeback, if available */
175 	if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
176 		setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO,
177 		          TALITOS_CCCR_LO_IWSE);
178 
179 	return 0;
180 }
181 
reset_device(struct device * dev)182 static int reset_device(struct device *dev)
183 {
184 	struct talitos_private *priv = dev_get_drvdata(dev);
185 	unsigned int timeout = TALITOS_TIMEOUT;
186 	bool is_sec1 = has_ftr_sec1(priv);
187 	u32 mcr = is_sec1 ? TALITOS1_MCR_SWR : TALITOS2_MCR_SWR;
188 
189 	setbits32(priv->reg + TALITOS_MCR, mcr);
190 
191 	while ((in_be32(priv->reg + TALITOS_MCR) & mcr)
192 	       && --timeout)
193 		cpu_relax();
194 
195 	if (priv->irq[1]) {
196 		mcr = TALITOS_MCR_RCA1 | TALITOS_MCR_RCA3;
197 		setbits32(priv->reg + TALITOS_MCR, mcr);
198 	}
199 
200 	if (timeout == 0) {
201 		dev_err(dev, "failed to reset device\n");
202 		return -EIO;
203 	}
204 
205 	return 0;
206 }
207 
208 /*
209  * Reset and initialize the device
210  */
init_device(struct device * dev)211 static int init_device(struct device *dev)
212 {
213 	struct talitos_private *priv = dev_get_drvdata(dev);
214 	int ch, err;
215 	bool is_sec1 = has_ftr_sec1(priv);
216 
217 	/*
218 	 * Master reset
219 	 * errata documentation: warning: certain SEC interrupts
220 	 * are not fully cleared by writing the MCR:SWR bit,
221 	 * set bit twice to completely reset
222 	 */
223 	err = reset_device(dev);
224 	if (err)
225 		return err;
226 
227 	err = reset_device(dev);
228 	if (err)
229 		return err;
230 
231 	/* reset channels */
232 	for (ch = 0; ch < priv->num_channels; ch++) {
233 		err = reset_channel(dev, ch);
234 		if (err)
235 			return err;
236 	}
237 
238 	/* enable channel done and error interrupts */
239 	if (is_sec1) {
240 		clrbits32(priv->reg + TALITOS_IMR, TALITOS1_IMR_INIT);
241 		clrbits32(priv->reg + TALITOS_IMR_LO, TALITOS1_IMR_LO_INIT);
242 		/* disable parity error check in DEU (erroneous? test vect.) */
243 		setbits32(priv->reg_deu + TALITOS_EUICR, TALITOS1_DEUICR_KPE);
244 	} else {
245 		setbits32(priv->reg + TALITOS_IMR, TALITOS2_IMR_INIT);
246 		setbits32(priv->reg + TALITOS_IMR_LO, TALITOS2_IMR_LO_INIT);
247 	}
248 
249 	/* disable integrity check error interrupts (use writeback instead) */
250 	if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
251 		setbits32(priv->reg_mdeu + TALITOS_EUICR_LO,
252 		          TALITOS_MDEUICR_LO_ICE);
253 
254 	return 0;
255 }
256 
257 /**
258  * talitos_submit - submits a descriptor to the device for processing
259  * @dev:	the SEC device to be used
260  * @ch:		the SEC device channel to be used
261  * @desc:	the descriptor to be processed by the device
262  * @callback:	whom to call when processing is complete
263  * @context:	a handle for use by caller (optional)
264  *
265  * desc must contain valid dma-mapped (bus physical) address pointers.
266  * callback must check err and feedback in descriptor header
267  * for device processing status.
268  */
talitos_submit(struct device * dev,int ch,struct talitos_desc * desc,void (* callback)(struct device * dev,struct talitos_desc * desc,void * context,int error),void * context)269 static int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc,
270 			  void (*callback)(struct device *dev,
271 					   struct talitos_desc *desc,
272 					   void *context, int error),
273 			  void *context)
274 {
275 	struct talitos_private *priv = dev_get_drvdata(dev);
276 	struct talitos_request *request;
277 	unsigned long flags;
278 	int head;
279 	bool is_sec1 = has_ftr_sec1(priv);
280 
281 	spin_lock_irqsave(&priv->chan[ch].head_lock, flags);
282 
283 	if (!atomic_inc_not_zero(&priv->chan[ch].submit_count)) {
284 		/* h/w fifo is full */
285 		spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
286 		return -EAGAIN;
287 	}
288 
289 	head = priv->chan[ch].head;
290 	request = &priv->chan[ch].fifo[head];
291 
292 	/* map descriptor and save caller data */
293 	if (is_sec1) {
294 		desc->hdr1 = desc->hdr;
295 		request->dma_desc = dma_map_single(dev, &desc->hdr1,
296 						   TALITOS_DESC_SIZE,
297 						   DMA_BIDIRECTIONAL);
298 	} else {
299 		request->dma_desc = dma_map_single(dev, desc,
300 						   TALITOS_DESC_SIZE,
301 						   DMA_BIDIRECTIONAL);
302 	}
303 	request->callback = callback;
304 	request->context = context;
305 
306 	/* increment fifo head */
307 	priv->chan[ch].head = (priv->chan[ch].head + 1) & (priv->fifo_len - 1);
308 
309 	smp_wmb();
310 	request->desc = desc;
311 
312 	/* GO! */
313 	wmb();
314 	out_be32(priv->chan[ch].reg + TALITOS_FF,
315 		 upper_32_bits(request->dma_desc));
316 	out_be32(priv->chan[ch].reg + TALITOS_FF_LO,
317 		 lower_32_bits(request->dma_desc));
318 
319 	spin_unlock_irqrestore(&priv->chan[ch].head_lock, flags);
320 
321 	return -EINPROGRESS;
322 }
323 
get_request_hdr(struct talitos_request * request,bool is_sec1)324 static __be32 get_request_hdr(struct talitos_request *request, bool is_sec1)
325 {
326 	struct talitos_edesc *edesc;
327 
328 	if (!is_sec1)
329 		return request->desc->hdr;
330 
331 	if (!request->desc->next_desc)
332 		return request->desc->hdr1;
333 
334 	edesc = container_of(request->desc, struct talitos_edesc, desc);
335 
336 	return ((struct talitos_desc *)(edesc->buf + edesc->dma_len))->hdr1;
337 }
338 
339 /*
340  * process what was done, notify callback of error if not
341  */
flush_channel(struct device * dev,int ch,int error,int reset_ch)342 static void flush_channel(struct device *dev, int ch, int error, int reset_ch)
343 {
344 	struct talitos_private *priv = dev_get_drvdata(dev);
345 	struct talitos_request *request, saved_req;
346 	unsigned long flags;
347 	int tail, status;
348 	bool is_sec1 = has_ftr_sec1(priv);
349 
350 	spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
351 
352 	tail = priv->chan[ch].tail;
353 	while (priv->chan[ch].fifo[tail].desc) {
354 		__be32 hdr;
355 
356 		request = &priv->chan[ch].fifo[tail];
357 
358 		/* descriptors with their done bits set don't get the error */
359 		rmb();
360 		hdr = get_request_hdr(request, is_sec1);
361 
362 		if ((hdr & DESC_HDR_DONE) == DESC_HDR_DONE)
363 			status = 0;
364 		else
365 			if (!error)
366 				break;
367 			else
368 				status = error;
369 
370 		dma_unmap_single(dev, request->dma_desc,
371 				 TALITOS_DESC_SIZE,
372 				 DMA_BIDIRECTIONAL);
373 
374 		/* copy entries so we can call callback outside lock */
375 		saved_req.desc = request->desc;
376 		saved_req.callback = request->callback;
377 		saved_req.context = request->context;
378 
379 		/* release request entry in fifo */
380 		smp_wmb();
381 		request->desc = NULL;
382 
383 		/* increment fifo tail */
384 		priv->chan[ch].tail = (tail + 1) & (priv->fifo_len - 1);
385 
386 		spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
387 
388 		atomic_dec(&priv->chan[ch].submit_count);
389 
390 		saved_req.callback(dev, saved_req.desc, saved_req.context,
391 				   status);
392 		/* channel may resume processing in single desc error case */
393 		if (error && !reset_ch && status == error)
394 			return;
395 		spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
396 		tail = priv->chan[ch].tail;
397 	}
398 
399 	spin_unlock_irqrestore(&priv->chan[ch].tail_lock, flags);
400 }
401 
402 /*
403  * process completed requests for channels that have done status
404  */
405 #define DEF_TALITOS1_DONE(name, ch_done_mask)				\
406 static void talitos1_done_##name(unsigned long data)			\
407 {									\
408 	struct device *dev = (struct device *)data;			\
409 	struct talitos_private *priv = dev_get_drvdata(dev);		\
410 	unsigned long flags;						\
411 									\
412 	if (ch_done_mask & 0x10000000)					\
413 		flush_channel(dev, 0, 0, 0);			\
414 	if (ch_done_mask & 0x40000000)					\
415 		flush_channel(dev, 1, 0, 0);			\
416 	if (ch_done_mask & 0x00010000)					\
417 		flush_channel(dev, 2, 0, 0);			\
418 	if (ch_done_mask & 0x00040000)					\
419 		flush_channel(dev, 3, 0, 0);			\
420 									\
421 	/* At this point, all completed channels have been processed */	\
422 	/* Unmask done interrupts for channels completed later on. */	\
423 	spin_lock_irqsave(&priv->reg_lock, flags);			\
424 	clrbits32(priv->reg + TALITOS_IMR, ch_done_mask);		\
425 	clrbits32(priv->reg + TALITOS_IMR_LO, TALITOS1_IMR_LO_INIT);	\
426 	spin_unlock_irqrestore(&priv->reg_lock, flags);			\
427 }
428 
429 DEF_TALITOS1_DONE(4ch, TALITOS1_ISR_4CHDONE)
DEF_TALITOS1_DONE(ch0,TALITOS1_ISR_CH_0_DONE)430 DEF_TALITOS1_DONE(ch0, TALITOS1_ISR_CH_0_DONE)
431 
432 #define DEF_TALITOS2_DONE(name, ch_done_mask)				\
433 static void talitos2_done_##name(unsigned long data)			\
434 {									\
435 	struct device *dev = (struct device *)data;			\
436 	struct talitos_private *priv = dev_get_drvdata(dev);		\
437 	unsigned long flags;						\
438 									\
439 	if (ch_done_mask & 1)						\
440 		flush_channel(dev, 0, 0, 0);				\
441 	if (ch_done_mask & (1 << 2))					\
442 		flush_channel(dev, 1, 0, 0);				\
443 	if (ch_done_mask & (1 << 4))					\
444 		flush_channel(dev, 2, 0, 0);				\
445 	if (ch_done_mask & (1 << 6))					\
446 		flush_channel(dev, 3, 0, 0);				\
447 									\
448 	/* At this point, all completed channels have been processed */	\
449 	/* Unmask done interrupts for channels completed later on. */	\
450 	spin_lock_irqsave(&priv->reg_lock, flags);			\
451 	setbits32(priv->reg + TALITOS_IMR, ch_done_mask);		\
452 	setbits32(priv->reg + TALITOS_IMR_LO, TALITOS2_IMR_LO_INIT);	\
453 	spin_unlock_irqrestore(&priv->reg_lock, flags);			\
454 }
455 
456 DEF_TALITOS2_DONE(4ch, TALITOS2_ISR_4CHDONE)
457 DEF_TALITOS2_DONE(ch0, TALITOS2_ISR_CH_0_DONE)
458 DEF_TALITOS2_DONE(ch0_2, TALITOS2_ISR_CH_0_2_DONE)
459 DEF_TALITOS2_DONE(ch1_3, TALITOS2_ISR_CH_1_3_DONE)
460 
461 /*
462  * locate current (offending) descriptor
463  */
464 static __be32 current_desc_hdr(struct device *dev, int ch)
465 {
466 	struct talitos_private *priv = dev_get_drvdata(dev);
467 	int tail, iter;
468 	dma_addr_t cur_desc;
469 
470 	cur_desc = ((u64)in_be32(priv->chan[ch].reg + TALITOS_CDPR)) << 32;
471 	cur_desc |= in_be32(priv->chan[ch].reg + TALITOS_CDPR_LO);
472 
473 	if (!cur_desc) {
474 		dev_err(dev, "CDPR is NULL, giving up search for offending descriptor\n");
475 		return 0;
476 	}
477 
478 	tail = priv->chan[ch].tail;
479 
480 	iter = tail;
481 	while (priv->chan[ch].fifo[iter].dma_desc != cur_desc &&
482 	       priv->chan[ch].fifo[iter].desc->next_desc != cpu_to_be32(cur_desc)) {
483 		iter = (iter + 1) & (priv->fifo_len - 1);
484 		if (iter == tail) {
485 			dev_err(dev, "couldn't locate current descriptor\n");
486 			return 0;
487 		}
488 	}
489 
490 	if (priv->chan[ch].fifo[iter].desc->next_desc == cpu_to_be32(cur_desc)) {
491 		struct talitos_edesc *edesc;
492 
493 		edesc = container_of(priv->chan[ch].fifo[iter].desc,
494 				     struct talitos_edesc, desc);
495 		return ((struct talitos_desc *)
496 			(edesc->buf + edesc->dma_len))->hdr;
497 	}
498 
499 	return priv->chan[ch].fifo[iter].desc->hdr;
500 }
501 
502 /*
503  * user diagnostics; report root cause of error based on execution unit status
504  */
report_eu_error(struct device * dev,int ch,__be32 desc_hdr)505 static void report_eu_error(struct device *dev, int ch, __be32 desc_hdr)
506 {
507 	struct talitos_private *priv = dev_get_drvdata(dev);
508 	int i;
509 
510 	if (!desc_hdr)
511 		desc_hdr = cpu_to_be32(in_be32(priv->chan[ch].reg + TALITOS_DESCBUF));
512 
513 	switch (desc_hdr & DESC_HDR_SEL0_MASK) {
514 	case DESC_HDR_SEL0_AFEU:
515 		dev_err(dev, "AFEUISR 0x%08x_%08x\n",
516 			in_be32(priv->reg_afeu + TALITOS_EUISR),
517 			in_be32(priv->reg_afeu + TALITOS_EUISR_LO));
518 		break;
519 	case DESC_HDR_SEL0_DEU:
520 		dev_err(dev, "DEUISR 0x%08x_%08x\n",
521 			in_be32(priv->reg_deu + TALITOS_EUISR),
522 			in_be32(priv->reg_deu + TALITOS_EUISR_LO));
523 		break;
524 	case DESC_HDR_SEL0_MDEUA:
525 	case DESC_HDR_SEL0_MDEUB:
526 		dev_err(dev, "MDEUISR 0x%08x_%08x\n",
527 			in_be32(priv->reg_mdeu + TALITOS_EUISR),
528 			in_be32(priv->reg_mdeu + TALITOS_EUISR_LO));
529 		break;
530 	case DESC_HDR_SEL0_RNG:
531 		dev_err(dev, "RNGUISR 0x%08x_%08x\n",
532 			in_be32(priv->reg_rngu + TALITOS_ISR),
533 			in_be32(priv->reg_rngu + TALITOS_ISR_LO));
534 		break;
535 	case DESC_HDR_SEL0_PKEU:
536 		dev_err(dev, "PKEUISR 0x%08x_%08x\n",
537 			in_be32(priv->reg_pkeu + TALITOS_EUISR),
538 			in_be32(priv->reg_pkeu + TALITOS_EUISR_LO));
539 		break;
540 	case DESC_HDR_SEL0_AESU:
541 		dev_err(dev, "AESUISR 0x%08x_%08x\n",
542 			in_be32(priv->reg_aesu + TALITOS_EUISR),
543 			in_be32(priv->reg_aesu + TALITOS_EUISR_LO));
544 		break;
545 	case DESC_HDR_SEL0_CRCU:
546 		dev_err(dev, "CRCUISR 0x%08x_%08x\n",
547 			in_be32(priv->reg_crcu + TALITOS_EUISR),
548 			in_be32(priv->reg_crcu + TALITOS_EUISR_LO));
549 		break;
550 	case DESC_HDR_SEL0_KEU:
551 		dev_err(dev, "KEUISR 0x%08x_%08x\n",
552 			in_be32(priv->reg_pkeu + TALITOS_EUISR),
553 			in_be32(priv->reg_pkeu + TALITOS_EUISR_LO));
554 		break;
555 	}
556 
557 	switch (desc_hdr & DESC_HDR_SEL1_MASK) {
558 	case DESC_HDR_SEL1_MDEUA:
559 	case DESC_HDR_SEL1_MDEUB:
560 		dev_err(dev, "MDEUISR 0x%08x_%08x\n",
561 			in_be32(priv->reg_mdeu + TALITOS_EUISR),
562 			in_be32(priv->reg_mdeu + TALITOS_EUISR_LO));
563 		break;
564 	case DESC_HDR_SEL1_CRCU:
565 		dev_err(dev, "CRCUISR 0x%08x_%08x\n",
566 			in_be32(priv->reg_crcu + TALITOS_EUISR),
567 			in_be32(priv->reg_crcu + TALITOS_EUISR_LO));
568 		break;
569 	}
570 
571 	for (i = 0; i < 8; i++)
572 		dev_err(dev, "DESCBUF 0x%08x_%08x\n",
573 			in_be32(priv->chan[ch].reg + TALITOS_DESCBUF + 8*i),
574 			in_be32(priv->chan[ch].reg + TALITOS_DESCBUF_LO + 8*i));
575 }
576 
577 /*
578  * recover from error interrupts
579  */
talitos_error(struct device * dev,u32 isr,u32 isr_lo)580 static void talitos_error(struct device *dev, u32 isr, u32 isr_lo)
581 {
582 	struct talitos_private *priv = dev_get_drvdata(dev);
583 	unsigned int timeout = TALITOS_TIMEOUT;
584 	int ch, error, reset_dev = 0;
585 	u32 v_lo;
586 	bool is_sec1 = has_ftr_sec1(priv);
587 	int reset_ch = is_sec1 ? 1 : 0; /* only SEC2 supports continuation */
588 
589 	for (ch = 0; ch < priv->num_channels; ch++) {
590 		/* skip channels without errors */
591 		if (is_sec1) {
592 			/* bits 29, 31, 17, 19 */
593 			if (!(isr & (1 << (29 + (ch & 1) * 2 - (ch & 2) * 6))))
594 				continue;
595 		} else {
596 			if (!(isr & (1 << (ch * 2 + 1))))
597 				continue;
598 		}
599 
600 		error = -EINVAL;
601 
602 		v_lo = in_be32(priv->chan[ch].reg + TALITOS_CCPSR_LO);
603 
604 		if (v_lo & TALITOS_CCPSR_LO_DOF) {
605 			dev_err(dev, "double fetch fifo overflow error\n");
606 			error = -EAGAIN;
607 			reset_ch = 1;
608 		}
609 		if (v_lo & TALITOS_CCPSR_LO_SOF) {
610 			/* h/w dropped descriptor */
611 			dev_err(dev, "single fetch fifo overflow error\n");
612 			error = -EAGAIN;
613 		}
614 		if (v_lo & TALITOS_CCPSR_LO_MDTE)
615 			dev_err(dev, "master data transfer error\n");
616 		if (v_lo & TALITOS_CCPSR_LO_SGDLZ)
617 			dev_err(dev, is_sec1 ? "pointer not complete error\n"
618 					     : "s/g data length zero error\n");
619 		if (v_lo & TALITOS_CCPSR_LO_FPZ)
620 			dev_err(dev, is_sec1 ? "parity error\n"
621 					     : "fetch pointer zero error\n");
622 		if (v_lo & TALITOS_CCPSR_LO_IDH)
623 			dev_err(dev, "illegal descriptor header error\n");
624 		if (v_lo & TALITOS_CCPSR_LO_IEU)
625 			dev_err(dev, is_sec1 ? "static assignment error\n"
626 					     : "invalid exec unit error\n");
627 		if (v_lo & TALITOS_CCPSR_LO_EU)
628 			report_eu_error(dev, ch, current_desc_hdr(dev, ch));
629 		if (!is_sec1) {
630 			if (v_lo & TALITOS_CCPSR_LO_GB)
631 				dev_err(dev, "gather boundary error\n");
632 			if (v_lo & TALITOS_CCPSR_LO_GRL)
633 				dev_err(dev, "gather return/length error\n");
634 			if (v_lo & TALITOS_CCPSR_LO_SB)
635 				dev_err(dev, "scatter boundary error\n");
636 			if (v_lo & TALITOS_CCPSR_LO_SRL)
637 				dev_err(dev, "scatter return/length error\n");
638 		}
639 
640 		flush_channel(dev, ch, error, reset_ch);
641 
642 		if (reset_ch) {
643 			reset_channel(dev, ch);
644 		} else {
645 			setbits32(priv->chan[ch].reg + TALITOS_CCCR,
646 				  TALITOS2_CCCR_CONT);
647 			setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO, 0);
648 			while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) &
649 			       TALITOS2_CCCR_CONT) && --timeout)
650 				cpu_relax();
651 			if (timeout == 0) {
652 				dev_err(dev, "failed to restart channel %d\n",
653 					ch);
654 				reset_dev = 1;
655 			}
656 		}
657 	}
658 	if (reset_dev || (is_sec1 && isr & ~TALITOS1_ISR_4CHERR) ||
659 	    (!is_sec1 && isr & ~TALITOS2_ISR_4CHERR) || isr_lo) {
660 		if (is_sec1 && (isr_lo & TALITOS1_ISR_TEA_ERR))
661 			dev_err(dev, "TEA error: ISR 0x%08x_%08x\n",
662 				isr, isr_lo);
663 		else
664 			dev_err(dev, "done overflow, internal time out, or "
665 				"rngu error: ISR 0x%08x_%08x\n", isr, isr_lo);
666 
667 		/* purge request queues */
668 		for (ch = 0; ch < priv->num_channels; ch++)
669 			flush_channel(dev, ch, -EIO, 1);
670 
671 		/* reset and reinitialize the device */
672 		init_device(dev);
673 	}
674 }
675 
676 #define DEF_TALITOS1_INTERRUPT(name, ch_done_mask, ch_err_mask, tlet)	       \
677 static irqreturn_t talitos1_interrupt_##name(int irq, void *data)	       \
678 {									       \
679 	struct device *dev = data;					       \
680 	struct talitos_private *priv = dev_get_drvdata(dev);		       \
681 	u32 isr, isr_lo;						       \
682 	unsigned long flags;						       \
683 									       \
684 	spin_lock_irqsave(&priv->reg_lock, flags);			       \
685 	isr = in_be32(priv->reg + TALITOS_ISR);				       \
686 	isr_lo = in_be32(priv->reg + TALITOS_ISR_LO);			       \
687 	/* Acknowledge interrupt */					       \
688 	out_be32(priv->reg + TALITOS_ICR, isr & (ch_done_mask | ch_err_mask)); \
689 	out_be32(priv->reg + TALITOS_ICR_LO, isr_lo);			       \
690 									       \
691 	if (unlikely(isr & ch_err_mask || isr_lo & TALITOS1_IMR_LO_INIT)) {    \
692 		spin_unlock_irqrestore(&priv->reg_lock, flags);		       \
693 		talitos_error(dev, isr & ch_err_mask, isr_lo);		       \
694 	}								       \
695 	else {								       \
696 		if (likely(isr & ch_done_mask)) {			       \
697 			/* mask further done interrupts. */		       \
698 			setbits32(priv->reg + TALITOS_IMR, ch_done_mask);      \
699 			/* done_task will unmask done interrupts at exit */    \
700 			tasklet_schedule(&priv->done_task[tlet]);	       \
701 		}							       \
702 		spin_unlock_irqrestore(&priv->reg_lock, flags);		       \
703 	}								       \
704 									       \
705 	return (isr & (ch_done_mask | ch_err_mask) || isr_lo) ? IRQ_HANDLED :  \
706 								IRQ_NONE;      \
707 }
708 
709 DEF_TALITOS1_INTERRUPT(4ch, TALITOS1_ISR_4CHDONE, TALITOS1_ISR_4CHERR, 0)
710 
711 #define DEF_TALITOS2_INTERRUPT(name, ch_done_mask, ch_err_mask, tlet)	       \
712 static irqreturn_t talitos2_interrupt_##name(int irq, void *data)	       \
713 {									       \
714 	struct device *dev = data;					       \
715 	struct talitos_private *priv = dev_get_drvdata(dev);		       \
716 	u32 isr, isr_lo;						       \
717 	unsigned long flags;						       \
718 									       \
719 	spin_lock_irqsave(&priv->reg_lock, flags);			       \
720 	isr = in_be32(priv->reg + TALITOS_ISR);				       \
721 	isr_lo = in_be32(priv->reg + TALITOS_ISR_LO);			       \
722 	/* Acknowledge interrupt */					       \
723 	out_be32(priv->reg + TALITOS_ICR, isr & (ch_done_mask | ch_err_mask)); \
724 	out_be32(priv->reg + TALITOS_ICR_LO, isr_lo);			       \
725 									       \
726 	if (unlikely(isr & ch_err_mask || isr_lo)) {			       \
727 		spin_unlock_irqrestore(&priv->reg_lock, flags);		       \
728 		talitos_error(dev, isr & ch_err_mask, isr_lo);		       \
729 	}								       \
730 	else {								       \
731 		if (likely(isr & ch_done_mask)) {			       \
732 			/* mask further done interrupts. */		       \
733 			clrbits32(priv->reg + TALITOS_IMR, ch_done_mask);      \
734 			/* done_task will unmask done interrupts at exit */    \
735 			tasklet_schedule(&priv->done_task[tlet]);	       \
736 		}							       \
737 		spin_unlock_irqrestore(&priv->reg_lock, flags);		       \
738 	}								       \
739 									       \
740 	return (isr & (ch_done_mask | ch_err_mask) || isr_lo) ? IRQ_HANDLED :  \
741 								IRQ_NONE;      \
742 }
743 
744 DEF_TALITOS2_INTERRUPT(4ch, TALITOS2_ISR_4CHDONE, TALITOS2_ISR_4CHERR, 0)
745 DEF_TALITOS2_INTERRUPT(ch0_2, TALITOS2_ISR_CH_0_2_DONE, TALITOS2_ISR_CH_0_2_ERR,
746 		       0)
747 DEF_TALITOS2_INTERRUPT(ch1_3, TALITOS2_ISR_CH_1_3_DONE, TALITOS2_ISR_CH_1_3_ERR,
748 		       1)
749 
750 /*
751  * hwrng
752  */
talitos_rng_data_present(struct hwrng * rng,int wait)753 static int talitos_rng_data_present(struct hwrng *rng, int wait)
754 {
755 	struct device *dev = (struct device *)rng->priv;
756 	struct talitos_private *priv = dev_get_drvdata(dev);
757 	u32 ofl;
758 	int i;
759 
760 	for (i = 0; i < 20; i++) {
761 		ofl = in_be32(priv->reg_rngu + TALITOS_EUSR_LO) &
762 		      TALITOS_RNGUSR_LO_OFL;
763 		if (ofl || !wait)
764 			break;
765 		udelay(10);
766 	}
767 
768 	return !!ofl;
769 }
770 
talitos_rng_data_read(struct hwrng * rng,u32 * data)771 static int talitos_rng_data_read(struct hwrng *rng, u32 *data)
772 {
773 	struct device *dev = (struct device *)rng->priv;
774 	struct talitos_private *priv = dev_get_drvdata(dev);
775 
776 	/* rng fifo requires 64-bit accesses */
777 	*data = in_be32(priv->reg_rngu + TALITOS_EU_FIFO);
778 	*data = in_be32(priv->reg_rngu + TALITOS_EU_FIFO_LO);
779 
780 	return sizeof(u32);
781 }
782 
talitos_rng_init(struct hwrng * rng)783 static int talitos_rng_init(struct hwrng *rng)
784 {
785 	struct device *dev = (struct device *)rng->priv;
786 	struct talitos_private *priv = dev_get_drvdata(dev);
787 	unsigned int timeout = TALITOS_TIMEOUT;
788 
789 	setbits32(priv->reg_rngu + TALITOS_EURCR_LO, TALITOS_RNGURCR_LO_SR);
790 	while (!(in_be32(priv->reg_rngu + TALITOS_EUSR_LO)
791 		 & TALITOS_RNGUSR_LO_RD)
792 	       && --timeout)
793 		cpu_relax();
794 	if (timeout == 0) {
795 		dev_err(dev, "failed to reset rng hw\n");
796 		return -ENODEV;
797 	}
798 
799 	/* start generating */
800 	setbits32(priv->reg_rngu + TALITOS_EUDSR_LO, 0);
801 
802 	return 0;
803 }
804 
talitos_register_rng(struct device * dev)805 static int talitos_register_rng(struct device *dev)
806 {
807 	struct talitos_private *priv = dev_get_drvdata(dev);
808 	int err;
809 
810 	priv->rng.name		= dev_driver_string(dev);
811 	priv->rng.init		= talitos_rng_init;
812 	priv->rng.data_present	= talitos_rng_data_present;
813 	priv->rng.data_read	= talitos_rng_data_read;
814 	priv->rng.priv		= (unsigned long)dev;
815 
816 	err = hwrng_register(&priv->rng);
817 	if (!err)
818 		priv->rng_registered = true;
819 
820 	return err;
821 }
822 
talitos_unregister_rng(struct device * dev)823 static void talitos_unregister_rng(struct device *dev)
824 {
825 	struct talitos_private *priv = dev_get_drvdata(dev);
826 
827 	if (!priv->rng_registered)
828 		return;
829 
830 	hwrng_unregister(&priv->rng);
831 	priv->rng_registered = false;
832 }
833 
834 /*
835  * crypto alg
836  */
837 #define TALITOS_CRA_PRIORITY		3000
838 /*
839  * Defines a priority for doing AEAD with descriptors type
840  * HMAC_SNOOP_NO_AFEA (HSNA) instead of type IPSEC_ESP
841  */
842 #define TALITOS_CRA_PRIORITY_AEAD_HSNA	(TALITOS_CRA_PRIORITY - 1)
843 #ifdef CONFIG_CRYPTO_DEV_TALITOS2
844 #define TALITOS_MAX_KEY_SIZE		(AES_MAX_KEY_SIZE + SHA512_BLOCK_SIZE)
845 #else
846 #define TALITOS_MAX_KEY_SIZE		(AES_MAX_KEY_SIZE + SHA256_BLOCK_SIZE)
847 #endif
848 #define TALITOS_MAX_IV_LENGTH		16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */
849 
850 struct talitos_ctx {
851 	struct device *dev;
852 	int ch;
853 	__be32 desc_hdr_template;
854 	u8 key[TALITOS_MAX_KEY_SIZE];
855 	u8 iv[TALITOS_MAX_IV_LENGTH];
856 	dma_addr_t dma_key;
857 	unsigned int keylen;
858 	unsigned int enckeylen;
859 	unsigned int authkeylen;
860 };
861 
862 #define HASH_MAX_BLOCK_SIZE		SHA512_BLOCK_SIZE
863 #define TALITOS_MDEU_MAX_CONTEXT_SIZE	TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
864 
865 struct talitos_ahash_req_ctx {
866 	u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
867 	unsigned int hw_context_size;
868 	u8 buf[2][HASH_MAX_BLOCK_SIZE];
869 	int buf_idx;
870 	unsigned int swinit;
871 	unsigned int first;
872 	unsigned int last;
873 	unsigned int to_hash_later;
874 	unsigned int nbuf;
875 	struct scatterlist bufsl[2];
876 	struct scatterlist *psrc;
877 };
878 
879 struct talitos_export_state {
880 	u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
881 	u8 buf[HASH_MAX_BLOCK_SIZE];
882 	unsigned int swinit;
883 	unsigned int first;
884 	unsigned int last;
885 	unsigned int to_hash_later;
886 	unsigned int nbuf;
887 };
888 
aead_setkey(struct crypto_aead * authenc,const u8 * key,unsigned int keylen)889 static int aead_setkey(struct crypto_aead *authenc,
890 		       const u8 *key, unsigned int keylen)
891 {
892 	struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
893 	struct device *dev = ctx->dev;
894 	struct crypto_authenc_keys keys;
895 
896 	if (crypto_authenc_extractkeys(&keys, key, keylen) != 0)
897 		goto badkey;
898 
899 	if (keys.authkeylen + keys.enckeylen > TALITOS_MAX_KEY_SIZE)
900 		goto badkey;
901 
902 	if (ctx->keylen)
903 		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
904 
905 	memcpy(ctx->key, keys.authkey, keys.authkeylen);
906 	memcpy(&ctx->key[keys.authkeylen], keys.enckey, keys.enckeylen);
907 
908 	ctx->keylen = keys.authkeylen + keys.enckeylen;
909 	ctx->enckeylen = keys.enckeylen;
910 	ctx->authkeylen = keys.authkeylen;
911 	ctx->dma_key = dma_map_single(dev, ctx->key, ctx->keylen,
912 				      DMA_TO_DEVICE);
913 
914 	memzero_explicit(&keys, sizeof(keys));
915 	return 0;
916 
917 badkey:
918 	memzero_explicit(&keys, sizeof(keys));
919 	return -EINVAL;
920 }
921 
aead_des3_setkey(struct crypto_aead * authenc,const u8 * key,unsigned int keylen)922 static int aead_des3_setkey(struct crypto_aead *authenc,
923 			    const u8 *key, unsigned int keylen)
924 {
925 	struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
926 	struct device *dev = ctx->dev;
927 	struct crypto_authenc_keys keys;
928 	int err;
929 
930 	err = crypto_authenc_extractkeys(&keys, key, keylen);
931 	if (unlikely(err))
932 		goto out;
933 
934 	err = -EINVAL;
935 	if (keys.authkeylen + keys.enckeylen > TALITOS_MAX_KEY_SIZE)
936 		goto out;
937 
938 	err = verify_aead_des3_key(authenc, keys.enckey, keys.enckeylen);
939 	if (err)
940 		goto out;
941 
942 	if (ctx->keylen)
943 		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
944 
945 	memcpy(ctx->key, keys.authkey, keys.authkeylen);
946 	memcpy(&ctx->key[keys.authkeylen], keys.enckey, keys.enckeylen);
947 
948 	ctx->keylen = keys.authkeylen + keys.enckeylen;
949 	ctx->enckeylen = keys.enckeylen;
950 	ctx->authkeylen = keys.authkeylen;
951 	ctx->dma_key = dma_map_single(dev, ctx->key, ctx->keylen,
952 				      DMA_TO_DEVICE);
953 
954 out:
955 	memzero_explicit(&keys, sizeof(keys));
956 	return err;
957 }
958 
talitos_sg_unmap(struct device * dev,struct talitos_edesc * edesc,struct scatterlist * src,struct scatterlist * dst,unsigned int len,unsigned int offset)959 static void talitos_sg_unmap(struct device *dev,
960 			     struct talitos_edesc *edesc,
961 			     struct scatterlist *src,
962 			     struct scatterlist *dst,
963 			     unsigned int len, unsigned int offset)
964 {
965 	struct talitos_private *priv = dev_get_drvdata(dev);
966 	bool is_sec1 = has_ftr_sec1(priv);
967 	unsigned int src_nents = edesc->src_nents ? : 1;
968 	unsigned int dst_nents = edesc->dst_nents ? : 1;
969 
970 	if (is_sec1 && dst && dst_nents > 1) {
971 		dma_sync_single_for_device(dev, edesc->dma_link_tbl + offset,
972 					   len, DMA_FROM_DEVICE);
973 		sg_pcopy_from_buffer(dst, dst_nents, edesc->buf + offset, len,
974 				     offset);
975 	}
976 	if (src != dst) {
977 		if (src_nents == 1 || !is_sec1)
978 			dma_unmap_sg(dev, src, src_nents, DMA_TO_DEVICE);
979 
980 		if (dst && (dst_nents == 1 || !is_sec1))
981 			dma_unmap_sg(dev, dst, dst_nents, DMA_FROM_DEVICE);
982 	} else if (src_nents == 1 || !is_sec1) {
983 		dma_unmap_sg(dev, src, src_nents, DMA_BIDIRECTIONAL);
984 	}
985 }
986 
ipsec_esp_unmap(struct device * dev,struct talitos_edesc * edesc,struct aead_request * areq,bool encrypt)987 static void ipsec_esp_unmap(struct device *dev,
988 			    struct talitos_edesc *edesc,
989 			    struct aead_request *areq, bool encrypt)
990 {
991 	struct crypto_aead *aead = crypto_aead_reqtfm(areq);
992 	struct talitos_ctx *ctx = crypto_aead_ctx(aead);
993 	unsigned int ivsize = crypto_aead_ivsize(aead);
994 	unsigned int authsize = crypto_aead_authsize(aead);
995 	unsigned int cryptlen = areq->cryptlen - (encrypt ? 0 : authsize);
996 	bool is_ipsec_esp = edesc->desc.hdr & DESC_HDR_TYPE_IPSEC_ESP;
997 	struct talitos_ptr *civ_ptr = &edesc->desc.ptr[is_ipsec_esp ? 2 : 3];
998 
999 	if (is_ipsec_esp)
1000 		unmap_single_talitos_ptr(dev, &edesc->desc.ptr[6],
1001 					 DMA_FROM_DEVICE);
1002 	unmap_single_talitos_ptr(dev, civ_ptr, DMA_TO_DEVICE);
1003 
1004 	talitos_sg_unmap(dev, edesc, areq->src, areq->dst,
1005 			 cryptlen + authsize, areq->assoclen);
1006 
1007 	if (edesc->dma_len)
1008 		dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
1009 				 DMA_BIDIRECTIONAL);
1010 
1011 	if (!is_ipsec_esp) {
1012 		unsigned int dst_nents = edesc->dst_nents ? : 1;
1013 
1014 		sg_pcopy_to_buffer(areq->dst, dst_nents, ctx->iv, ivsize,
1015 				   areq->assoclen + cryptlen - ivsize);
1016 	}
1017 }
1018 
1019 /*
1020  * ipsec_esp descriptor callbacks
1021  */
ipsec_esp_encrypt_done(struct device * dev,struct talitos_desc * desc,void * context,int err)1022 static void ipsec_esp_encrypt_done(struct device *dev,
1023 				   struct talitos_desc *desc, void *context,
1024 				   int err)
1025 {
1026 	struct aead_request *areq = context;
1027 	struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
1028 	unsigned int ivsize = crypto_aead_ivsize(authenc);
1029 	struct talitos_edesc *edesc;
1030 
1031 	edesc = container_of(desc, struct talitos_edesc, desc);
1032 
1033 	ipsec_esp_unmap(dev, edesc, areq, true);
1034 
1035 	dma_unmap_single(dev, edesc->iv_dma, ivsize, DMA_TO_DEVICE);
1036 
1037 	kfree(edesc);
1038 
1039 	aead_request_complete(areq, err);
1040 }
1041 
ipsec_esp_decrypt_swauth_done(struct device * dev,struct talitos_desc * desc,void * context,int err)1042 static void ipsec_esp_decrypt_swauth_done(struct device *dev,
1043 					  struct talitos_desc *desc,
1044 					  void *context, int err)
1045 {
1046 	struct aead_request *req = context;
1047 	struct crypto_aead *authenc = crypto_aead_reqtfm(req);
1048 	unsigned int authsize = crypto_aead_authsize(authenc);
1049 	struct talitos_edesc *edesc;
1050 	char *oicv, *icv;
1051 
1052 	edesc = container_of(desc, struct talitos_edesc, desc);
1053 
1054 	ipsec_esp_unmap(dev, edesc, req, false);
1055 
1056 	if (!err) {
1057 		/* auth check */
1058 		oicv = edesc->buf + edesc->dma_len;
1059 		icv = oicv - authsize;
1060 
1061 		err = crypto_memneq(oicv, icv, authsize) ? -EBADMSG : 0;
1062 	}
1063 
1064 	kfree(edesc);
1065 
1066 	aead_request_complete(req, err);
1067 }
1068 
ipsec_esp_decrypt_hwauth_done(struct device * dev,struct talitos_desc * desc,void * context,int err)1069 static void ipsec_esp_decrypt_hwauth_done(struct device *dev,
1070 					  struct talitos_desc *desc,
1071 					  void *context, int err)
1072 {
1073 	struct aead_request *req = context;
1074 	struct talitos_edesc *edesc;
1075 
1076 	edesc = container_of(desc, struct talitos_edesc, desc);
1077 
1078 	ipsec_esp_unmap(dev, edesc, req, false);
1079 
1080 	/* check ICV auth status */
1081 	if (!err && ((desc->hdr_lo & DESC_HDR_LO_ICCR1_MASK) !=
1082 		     DESC_HDR_LO_ICCR1_PASS))
1083 		err = -EBADMSG;
1084 
1085 	kfree(edesc);
1086 
1087 	aead_request_complete(req, err);
1088 }
1089 
1090 /*
1091  * convert scatterlist to SEC h/w link table format
1092  * stop at cryptlen bytes
1093  */
sg_to_link_tbl_offset(struct scatterlist * sg,int sg_count,unsigned int offset,int datalen,int elen,struct talitos_ptr * link_tbl_ptr,int align)1094 static int sg_to_link_tbl_offset(struct scatterlist *sg, int sg_count,
1095 				 unsigned int offset, int datalen, int elen,
1096 				 struct talitos_ptr *link_tbl_ptr, int align)
1097 {
1098 	int n_sg = elen ? sg_count + 1 : sg_count;
1099 	int count = 0;
1100 	int cryptlen = datalen + elen;
1101 	int padding = ALIGN(cryptlen, align) - cryptlen;
1102 
1103 	while (cryptlen && sg && n_sg--) {
1104 		unsigned int len = sg_dma_len(sg);
1105 
1106 		if (offset >= len) {
1107 			offset -= len;
1108 			goto next;
1109 		}
1110 
1111 		len -= offset;
1112 
1113 		if (len > cryptlen)
1114 			len = cryptlen;
1115 
1116 		if (datalen > 0 && len > datalen) {
1117 			to_talitos_ptr(link_tbl_ptr + count,
1118 				       sg_dma_address(sg) + offset, datalen, 0);
1119 			to_talitos_ptr_ext_set(link_tbl_ptr + count, 0, 0);
1120 			count++;
1121 			len -= datalen;
1122 			offset += datalen;
1123 		}
1124 		to_talitos_ptr(link_tbl_ptr + count,
1125 			       sg_dma_address(sg) + offset, sg_next(sg) ? len : len + padding, 0);
1126 		to_talitos_ptr_ext_set(link_tbl_ptr + count, 0, 0);
1127 		count++;
1128 		cryptlen -= len;
1129 		datalen -= len;
1130 		offset = 0;
1131 
1132 next:
1133 		sg = sg_next(sg);
1134 	}
1135 
1136 	/* tag end of link table */
1137 	if (count > 0)
1138 		to_talitos_ptr_ext_set(link_tbl_ptr + count - 1,
1139 				       DESC_PTR_LNKTBL_RET, 0);
1140 
1141 	return count;
1142 }
1143 
talitos_sg_map_ext(struct device * dev,struct scatterlist * src,unsigned int len,struct talitos_edesc * edesc,struct talitos_ptr * ptr,int sg_count,unsigned int offset,int tbl_off,int elen,bool force,int align)1144 static int talitos_sg_map_ext(struct device *dev, struct scatterlist *src,
1145 			      unsigned int len, struct talitos_edesc *edesc,
1146 			      struct talitos_ptr *ptr, int sg_count,
1147 			      unsigned int offset, int tbl_off, int elen,
1148 			      bool force, int align)
1149 {
1150 	struct talitos_private *priv = dev_get_drvdata(dev);
1151 	bool is_sec1 = has_ftr_sec1(priv);
1152 	int aligned_len = ALIGN(len, align);
1153 
1154 	if (!src) {
1155 		to_talitos_ptr(ptr, 0, 0, is_sec1);
1156 		return 1;
1157 	}
1158 	to_talitos_ptr_ext_set(ptr, elen, is_sec1);
1159 	if (sg_count == 1 && !force) {
1160 		to_talitos_ptr(ptr, sg_dma_address(src) + offset, aligned_len, is_sec1);
1161 		return sg_count;
1162 	}
1163 	if (is_sec1) {
1164 		to_talitos_ptr(ptr, edesc->dma_link_tbl + offset, aligned_len, is_sec1);
1165 		return sg_count;
1166 	}
1167 	sg_count = sg_to_link_tbl_offset(src, sg_count, offset, len, elen,
1168 					 &edesc->link_tbl[tbl_off], align);
1169 	if (sg_count == 1 && !force) {
1170 		/* Only one segment now, so no link tbl needed*/
1171 		copy_talitos_ptr(ptr, &edesc->link_tbl[tbl_off], is_sec1);
1172 		return sg_count;
1173 	}
1174 	to_talitos_ptr(ptr, edesc->dma_link_tbl +
1175 			    tbl_off * sizeof(struct talitos_ptr), aligned_len, is_sec1);
1176 	to_talitos_ptr_ext_or(ptr, DESC_PTR_LNKTBL_JUMP, is_sec1);
1177 
1178 	return sg_count;
1179 }
1180 
talitos_sg_map(struct device * dev,struct scatterlist * src,unsigned int len,struct talitos_edesc * edesc,struct talitos_ptr * ptr,int sg_count,unsigned int offset,int tbl_off)1181 static int talitos_sg_map(struct device *dev, struct scatterlist *src,
1182 			  unsigned int len, struct talitos_edesc *edesc,
1183 			  struct talitos_ptr *ptr, int sg_count,
1184 			  unsigned int offset, int tbl_off)
1185 {
1186 	return talitos_sg_map_ext(dev, src, len, edesc, ptr, sg_count, offset,
1187 				  tbl_off, 0, false, 1);
1188 }
1189 
1190 /*
1191  * fill in and submit ipsec_esp descriptor
1192  */
ipsec_esp(struct talitos_edesc * edesc,struct aead_request * areq,bool encrypt,void (* callback)(struct device * dev,struct talitos_desc * desc,void * context,int error))1193 static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq,
1194 		     bool encrypt,
1195 		     void (*callback)(struct device *dev,
1196 				      struct talitos_desc *desc,
1197 				      void *context, int error))
1198 {
1199 	struct crypto_aead *aead = crypto_aead_reqtfm(areq);
1200 	unsigned int authsize = crypto_aead_authsize(aead);
1201 	struct talitos_ctx *ctx = crypto_aead_ctx(aead);
1202 	struct device *dev = ctx->dev;
1203 	struct talitos_desc *desc = &edesc->desc;
1204 	unsigned int cryptlen = areq->cryptlen - (encrypt ? 0 : authsize);
1205 	unsigned int ivsize = crypto_aead_ivsize(aead);
1206 	int tbl_off = 0;
1207 	int sg_count, ret;
1208 	int elen = 0;
1209 	bool sync_needed = false;
1210 	struct talitos_private *priv = dev_get_drvdata(dev);
1211 	bool is_sec1 = has_ftr_sec1(priv);
1212 	bool is_ipsec_esp = desc->hdr & DESC_HDR_TYPE_IPSEC_ESP;
1213 	struct talitos_ptr *civ_ptr = &desc->ptr[is_ipsec_esp ? 2 : 3];
1214 	struct talitos_ptr *ckey_ptr = &desc->ptr[is_ipsec_esp ? 3 : 2];
1215 	dma_addr_t dma_icv = edesc->dma_link_tbl + edesc->dma_len - authsize;
1216 
1217 	/* hmac key */
1218 	to_talitos_ptr(&desc->ptr[0], ctx->dma_key, ctx->authkeylen, is_sec1);
1219 
1220 	sg_count = edesc->src_nents ?: 1;
1221 	if (is_sec1 && sg_count > 1)
1222 		sg_copy_to_buffer(areq->src, sg_count, edesc->buf,
1223 				  areq->assoclen + cryptlen);
1224 	else
1225 		sg_count = dma_map_sg(dev, areq->src, sg_count,
1226 				      (areq->src == areq->dst) ?
1227 				      DMA_BIDIRECTIONAL : DMA_TO_DEVICE);
1228 
1229 	/* hmac data */
1230 	ret = talitos_sg_map(dev, areq->src, areq->assoclen, edesc,
1231 			     &desc->ptr[1], sg_count, 0, tbl_off);
1232 
1233 	if (ret > 1) {
1234 		tbl_off += ret;
1235 		sync_needed = true;
1236 	}
1237 
1238 	/* cipher iv */
1239 	to_talitos_ptr(civ_ptr, edesc->iv_dma, ivsize, is_sec1);
1240 
1241 	/* cipher key */
1242 	to_talitos_ptr(ckey_ptr, ctx->dma_key  + ctx->authkeylen,
1243 		       ctx->enckeylen, is_sec1);
1244 
1245 	/*
1246 	 * cipher in
1247 	 * map and adjust cipher len to aead request cryptlen.
1248 	 * extent is bytes of HMAC postpended to ciphertext,
1249 	 * typically 12 for ipsec
1250 	 */
1251 	if (is_ipsec_esp && (desc->hdr & DESC_HDR_MODE1_MDEU_CICV))
1252 		elen = authsize;
1253 
1254 	ret = talitos_sg_map_ext(dev, areq->src, cryptlen, edesc, &desc->ptr[4],
1255 				 sg_count, areq->assoclen, tbl_off, elen,
1256 				 false, 1);
1257 
1258 	if (ret > 1) {
1259 		tbl_off += ret;
1260 		sync_needed = true;
1261 	}
1262 
1263 	/* cipher out */
1264 	if (areq->src != areq->dst) {
1265 		sg_count = edesc->dst_nents ? : 1;
1266 		if (!is_sec1 || sg_count == 1)
1267 			dma_map_sg(dev, areq->dst, sg_count, DMA_FROM_DEVICE);
1268 	}
1269 
1270 	if (is_ipsec_esp && encrypt)
1271 		elen = authsize;
1272 	else
1273 		elen = 0;
1274 	ret = talitos_sg_map_ext(dev, areq->dst, cryptlen, edesc, &desc->ptr[5],
1275 				 sg_count, areq->assoclen, tbl_off, elen,
1276 				 is_ipsec_esp && !encrypt, 1);
1277 	tbl_off += ret;
1278 
1279 	if (!encrypt && is_ipsec_esp) {
1280 		struct talitos_ptr *tbl_ptr = &edesc->link_tbl[tbl_off];
1281 
1282 		/* Add an entry to the link table for ICV data */
1283 		to_talitos_ptr_ext_set(tbl_ptr - 1, 0, is_sec1);
1284 		to_talitos_ptr_ext_set(tbl_ptr, DESC_PTR_LNKTBL_RET, is_sec1);
1285 
1286 		/* icv data follows link tables */
1287 		to_talitos_ptr(tbl_ptr, dma_icv, authsize, is_sec1);
1288 		to_talitos_ptr_ext_or(&desc->ptr[5], authsize, is_sec1);
1289 		sync_needed = true;
1290 	} else if (!encrypt) {
1291 		to_talitos_ptr(&desc->ptr[6], dma_icv, authsize, is_sec1);
1292 		sync_needed = true;
1293 	} else if (!is_ipsec_esp) {
1294 		talitos_sg_map(dev, areq->dst, authsize, edesc, &desc->ptr[6],
1295 			       sg_count, areq->assoclen + cryptlen, tbl_off);
1296 	}
1297 
1298 	/* iv out */
1299 	if (is_ipsec_esp)
1300 		map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv,
1301 				       DMA_FROM_DEVICE);
1302 
1303 	if (sync_needed)
1304 		dma_sync_single_for_device(dev, edesc->dma_link_tbl,
1305 					   edesc->dma_len,
1306 					   DMA_BIDIRECTIONAL);
1307 
1308 	ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
1309 	if (ret != -EINPROGRESS) {
1310 		ipsec_esp_unmap(dev, edesc, areq, encrypt);
1311 		kfree(edesc);
1312 	}
1313 	return ret;
1314 }
1315 
1316 /*
1317  * allocate and map the extended descriptor
1318  */
talitos_edesc_alloc(struct device * dev,struct scatterlist * src,struct scatterlist * dst,u8 * iv,unsigned int assoclen,unsigned int cryptlen,unsigned int authsize,unsigned int ivsize,int icv_stashing,u32 cryptoflags,bool encrypt)1319 static struct talitos_edesc *talitos_edesc_alloc(struct device *dev,
1320 						 struct scatterlist *src,
1321 						 struct scatterlist *dst,
1322 						 u8 *iv,
1323 						 unsigned int assoclen,
1324 						 unsigned int cryptlen,
1325 						 unsigned int authsize,
1326 						 unsigned int ivsize,
1327 						 int icv_stashing,
1328 						 u32 cryptoflags,
1329 						 bool encrypt)
1330 {
1331 	struct talitos_edesc *edesc;
1332 	int src_nents, dst_nents, alloc_len, dma_len, src_len, dst_len;
1333 	dma_addr_t iv_dma = 0;
1334 	gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL :
1335 		      GFP_ATOMIC;
1336 	struct talitos_private *priv = dev_get_drvdata(dev);
1337 	bool is_sec1 = has_ftr_sec1(priv);
1338 	int max_len = is_sec1 ? TALITOS1_MAX_DATA_LEN : TALITOS2_MAX_DATA_LEN;
1339 
1340 	if (cryptlen + authsize > max_len) {
1341 		dev_err(dev, "length exceeds h/w max limit\n");
1342 		return ERR_PTR(-EINVAL);
1343 	}
1344 
1345 	if (!dst || dst == src) {
1346 		src_len = assoclen + cryptlen + authsize;
1347 		src_nents = sg_nents_for_len(src, src_len);
1348 		if (src_nents < 0) {
1349 			dev_err(dev, "Invalid number of src SG.\n");
1350 			return ERR_PTR(-EINVAL);
1351 		}
1352 		src_nents = (src_nents == 1) ? 0 : src_nents;
1353 		dst_nents = dst ? src_nents : 0;
1354 		dst_len = 0;
1355 	} else { /* dst && dst != src*/
1356 		src_len = assoclen + cryptlen + (encrypt ? 0 : authsize);
1357 		src_nents = sg_nents_for_len(src, src_len);
1358 		if (src_nents < 0) {
1359 			dev_err(dev, "Invalid number of src SG.\n");
1360 			return ERR_PTR(-EINVAL);
1361 		}
1362 		src_nents = (src_nents == 1) ? 0 : src_nents;
1363 		dst_len = assoclen + cryptlen + (encrypt ? authsize : 0);
1364 		dst_nents = sg_nents_for_len(dst, dst_len);
1365 		if (dst_nents < 0) {
1366 			dev_err(dev, "Invalid number of dst SG.\n");
1367 			return ERR_PTR(-EINVAL);
1368 		}
1369 		dst_nents = (dst_nents == 1) ? 0 : dst_nents;
1370 	}
1371 
1372 	/*
1373 	 * allocate space for base edesc plus the link tables,
1374 	 * allowing for two separate entries for AD and generated ICV (+ 2),
1375 	 * and space for two sets of ICVs (stashed and generated)
1376 	 */
1377 	alloc_len = sizeof(struct talitos_edesc);
1378 	if (src_nents || dst_nents || !encrypt) {
1379 		if (is_sec1)
1380 			dma_len = (src_nents ? src_len : 0) +
1381 				  (dst_nents ? dst_len : 0) + authsize;
1382 		else
1383 			dma_len = (src_nents + dst_nents + 2) *
1384 				  sizeof(struct talitos_ptr) + authsize;
1385 		alloc_len += dma_len;
1386 	} else {
1387 		dma_len = 0;
1388 	}
1389 	alloc_len += icv_stashing ? authsize : 0;
1390 
1391 	/* if its a ahash, add space for a second desc next to the first one */
1392 	if (is_sec1 && !dst)
1393 		alloc_len += sizeof(struct talitos_desc);
1394 	alloc_len += ivsize;
1395 
1396 	edesc = kmalloc(alloc_len, GFP_DMA | flags);
1397 	if (!edesc)
1398 		return ERR_PTR(-ENOMEM);
1399 	if (ivsize) {
1400 		iv = memcpy(((u8 *)edesc) + alloc_len - ivsize, iv, ivsize);
1401 		iv_dma = dma_map_single(dev, iv, ivsize, DMA_TO_DEVICE);
1402 	}
1403 	memset(&edesc->desc, 0, sizeof(edesc->desc));
1404 
1405 	edesc->src_nents = src_nents;
1406 	edesc->dst_nents = dst_nents;
1407 	edesc->iv_dma = iv_dma;
1408 	edesc->dma_len = dma_len;
1409 	if (dma_len)
1410 		edesc->dma_link_tbl = dma_map_single(dev, &edesc->link_tbl[0],
1411 						     edesc->dma_len,
1412 						     DMA_BIDIRECTIONAL);
1413 
1414 	return edesc;
1415 }
1416 
aead_edesc_alloc(struct aead_request * areq,u8 * iv,int icv_stashing,bool encrypt)1417 static struct talitos_edesc *aead_edesc_alloc(struct aead_request *areq, u8 *iv,
1418 					      int icv_stashing, bool encrypt)
1419 {
1420 	struct crypto_aead *authenc = crypto_aead_reqtfm(areq);
1421 	unsigned int authsize = crypto_aead_authsize(authenc);
1422 	struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1423 	unsigned int ivsize = crypto_aead_ivsize(authenc);
1424 	unsigned int cryptlen = areq->cryptlen - (encrypt ? 0 : authsize);
1425 
1426 	return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst,
1427 				   iv, areq->assoclen, cryptlen,
1428 				   authsize, ivsize, icv_stashing,
1429 				   areq->base.flags, encrypt);
1430 }
1431 
aead_encrypt(struct aead_request * req)1432 static int aead_encrypt(struct aead_request *req)
1433 {
1434 	struct crypto_aead *authenc = crypto_aead_reqtfm(req);
1435 	struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1436 	struct talitos_edesc *edesc;
1437 
1438 	/* allocate extended descriptor */
1439 	edesc = aead_edesc_alloc(req, req->iv, 0, true);
1440 	if (IS_ERR(edesc))
1441 		return PTR_ERR(edesc);
1442 
1443 	/* set encrypt */
1444 	edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1445 
1446 	return ipsec_esp(edesc, req, true, ipsec_esp_encrypt_done);
1447 }
1448 
aead_decrypt(struct aead_request * req)1449 static int aead_decrypt(struct aead_request *req)
1450 {
1451 	struct crypto_aead *authenc = crypto_aead_reqtfm(req);
1452 	unsigned int authsize = crypto_aead_authsize(authenc);
1453 	struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
1454 	struct talitos_private *priv = dev_get_drvdata(ctx->dev);
1455 	struct talitos_edesc *edesc;
1456 	void *icvdata;
1457 
1458 	/* allocate extended descriptor */
1459 	edesc = aead_edesc_alloc(req, req->iv, 1, false);
1460 	if (IS_ERR(edesc))
1461 		return PTR_ERR(edesc);
1462 
1463 	if ((edesc->desc.hdr & DESC_HDR_TYPE_IPSEC_ESP) &&
1464 	    (priv->features & TALITOS_FTR_HW_AUTH_CHECK) &&
1465 	    ((!edesc->src_nents && !edesc->dst_nents) ||
1466 	     priv->features & TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT)) {
1467 
1468 		/* decrypt and check the ICV */
1469 		edesc->desc.hdr = ctx->desc_hdr_template |
1470 				  DESC_HDR_DIR_INBOUND |
1471 				  DESC_HDR_MODE1_MDEU_CICV;
1472 
1473 		/* reset integrity check result bits */
1474 
1475 		return ipsec_esp(edesc, req, false,
1476 				 ipsec_esp_decrypt_hwauth_done);
1477 	}
1478 
1479 	/* Have to check the ICV with software */
1480 	edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
1481 
1482 	/* stash incoming ICV for later cmp with ICV generated by the h/w */
1483 	icvdata = edesc->buf + edesc->dma_len;
1484 
1485 	sg_pcopy_to_buffer(req->src, edesc->src_nents ? : 1, icvdata, authsize,
1486 			   req->assoclen + req->cryptlen - authsize);
1487 
1488 	return ipsec_esp(edesc, req, false, ipsec_esp_decrypt_swauth_done);
1489 }
1490 
skcipher_setkey(struct crypto_skcipher * cipher,const u8 * key,unsigned int keylen)1491 static int skcipher_setkey(struct crypto_skcipher *cipher,
1492 			     const u8 *key, unsigned int keylen)
1493 {
1494 	struct talitos_ctx *ctx = crypto_skcipher_ctx(cipher);
1495 	struct device *dev = ctx->dev;
1496 
1497 	if (ctx->keylen)
1498 		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
1499 
1500 	memcpy(&ctx->key, key, keylen);
1501 	ctx->keylen = keylen;
1502 
1503 	ctx->dma_key = dma_map_single(dev, ctx->key, keylen, DMA_TO_DEVICE);
1504 
1505 	return 0;
1506 }
1507 
skcipher_des_setkey(struct crypto_skcipher * cipher,const u8 * key,unsigned int keylen)1508 static int skcipher_des_setkey(struct crypto_skcipher *cipher,
1509 				 const u8 *key, unsigned int keylen)
1510 {
1511 	return verify_skcipher_des_key(cipher, key) ?:
1512 	       skcipher_setkey(cipher, key, keylen);
1513 }
1514 
skcipher_des3_setkey(struct crypto_skcipher * cipher,const u8 * key,unsigned int keylen)1515 static int skcipher_des3_setkey(struct crypto_skcipher *cipher,
1516 				  const u8 *key, unsigned int keylen)
1517 {
1518 	return verify_skcipher_des3_key(cipher, key) ?:
1519 	       skcipher_setkey(cipher, key, keylen);
1520 }
1521 
skcipher_aes_setkey(struct crypto_skcipher * cipher,const u8 * key,unsigned int keylen)1522 static int skcipher_aes_setkey(struct crypto_skcipher *cipher,
1523 				  const u8 *key, unsigned int keylen)
1524 {
1525 	if (keylen == AES_KEYSIZE_128 || keylen == AES_KEYSIZE_192 ||
1526 	    keylen == AES_KEYSIZE_256)
1527 		return skcipher_setkey(cipher, key, keylen);
1528 
1529 	return -EINVAL;
1530 }
1531 
common_nonsnoop_unmap(struct device * dev,struct talitos_edesc * edesc,struct skcipher_request * areq)1532 static void common_nonsnoop_unmap(struct device *dev,
1533 				  struct talitos_edesc *edesc,
1534 				  struct skcipher_request *areq)
1535 {
1536 	unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
1537 
1538 	talitos_sg_unmap(dev, edesc, areq->src, areq->dst, areq->cryptlen, 0);
1539 	unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE);
1540 
1541 	if (edesc->dma_len)
1542 		dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
1543 				 DMA_BIDIRECTIONAL);
1544 }
1545 
skcipher_done(struct device * dev,struct talitos_desc * desc,void * context,int err)1546 static void skcipher_done(struct device *dev,
1547 			    struct talitos_desc *desc, void *context,
1548 			    int err)
1549 {
1550 	struct skcipher_request *areq = context;
1551 	struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(areq);
1552 	struct talitos_ctx *ctx = crypto_skcipher_ctx(cipher);
1553 	unsigned int ivsize = crypto_skcipher_ivsize(cipher);
1554 	struct talitos_edesc *edesc;
1555 
1556 	edesc = container_of(desc, struct talitos_edesc, desc);
1557 
1558 	common_nonsnoop_unmap(dev, edesc, areq);
1559 	memcpy(areq->iv, ctx->iv, ivsize);
1560 
1561 	kfree(edesc);
1562 
1563 	areq->base.complete(&areq->base, err);
1564 }
1565 
common_nonsnoop(struct talitos_edesc * edesc,struct skcipher_request * areq,void (* callback)(struct device * dev,struct talitos_desc * desc,void * context,int error))1566 static int common_nonsnoop(struct talitos_edesc *edesc,
1567 			   struct skcipher_request *areq,
1568 			   void (*callback) (struct device *dev,
1569 					     struct talitos_desc *desc,
1570 					     void *context, int error))
1571 {
1572 	struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(areq);
1573 	struct talitos_ctx *ctx = crypto_skcipher_ctx(cipher);
1574 	struct device *dev = ctx->dev;
1575 	struct talitos_desc *desc = &edesc->desc;
1576 	unsigned int cryptlen = areq->cryptlen;
1577 	unsigned int ivsize = crypto_skcipher_ivsize(cipher);
1578 	int sg_count, ret;
1579 	bool sync_needed = false;
1580 	struct talitos_private *priv = dev_get_drvdata(dev);
1581 	bool is_sec1 = has_ftr_sec1(priv);
1582 	bool is_ctr = (desc->hdr & DESC_HDR_SEL0_MASK) == DESC_HDR_SEL0_AESU &&
1583 		      (desc->hdr & DESC_HDR_MODE0_AESU_MASK) == DESC_HDR_MODE0_AESU_CTR;
1584 
1585 	/* first DWORD empty */
1586 
1587 	/* cipher iv */
1588 	to_talitos_ptr(&desc->ptr[1], edesc->iv_dma, ivsize, is_sec1);
1589 
1590 	/* cipher key */
1591 	to_talitos_ptr(&desc->ptr[2], ctx->dma_key, ctx->keylen, is_sec1);
1592 
1593 	sg_count = edesc->src_nents ?: 1;
1594 	if (is_sec1 && sg_count > 1)
1595 		sg_copy_to_buffer(areq->src, sg_count, edesc->buf,
1596 				  cryptlen);
1597 	else
1598 		sg_count = dma_map_sg(dev, areq->src, sg_count,
1599 				      (areq->src == areq->dst) ?
1600 				      DMA_BIDIRECTIONAL : DMA_TO_DEVICE);
1601 	/*
1602 	 * cipher in
1603 	 */
1604 	sg_count = talitos_sg_map_ext(dev, areq->src, cryptlen, edesc, &desc->ptr[3],
1605 				      sg_count, 0, 0, 0, false, is_ctr ? 16 : 1);
1606 	if (sg_count > 1)
1607 		sync_needed = true;
1608 
1609 	/* cipher out */
1610 	if (areq->src != areq->dst) {
1611 		sg_count = edesc->dst_nents ? : 1;
1612 		if (!is_sec1 || sg_count == 1)
1613 			dma_map_sg(dev, areq->dst, sg_count, DMA_FROM_DEVICE);
1614 	}
1615 
1616 	ret = talitos_sg_map(dev, areq->dst, cryptlen, edesc, &desc->ptr[4],
1617 			     sg_count, 0, (edesc->src_nents + 1));
1618 	if (ret > 1)
1619 		sync_needed = true;
1620 
1621 	/* iv out */
1622 	map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv,
1623 			       DMA_FROM_DEVICE);
1624 
1625 	/* last DWORD empty */
1626 
1627 	if (sync_needed)
1628 		dma_sync_single_for_device(dev, edesc->dma_link_tbl,
1629 					   edesc->dma_len, DMA_BIDIRECTIONAL);
1630 
1631 	ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
1632 	if (ret != -EINPROGRESS) {
1633 		common_nonsnoop_unmap(dev, edesc, areq);
1634 		kfree(edesc);
1635 	}
1636 	return ret;
1637 }
1638 
skcipher_edesc_alloc(struct skcipher_request * areq,bool encrypt)1639 static struct talitos_edesc *skcipher_edesc_alloc(struct skcipher_request *
1640 						    areq, bool encrypt)
1641 {
1642 	struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(areq);
1643 	struct talitos_ctx *ctx = crypto_skcipher_ctx(cipher);
1644 	unsigned int ivsize = crypto_skcipher_ivsize(cipher);
1645 
1646 	return talitos_edesc_alloc(ctx->dev, areq->src, areq->dst,
1647 				   areq->iv, 0, areq->cryptlen, 0, ivsize, 0,
1648 				   areq->base.flags, encrypt);
1649 }
1650 
skcipher_encrypt(struct skcipher_request * areq)1651 static int skcipher_encrypt(struct skcipher_request *areq)
1652 {
1653 	struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(areq);
1654 	struct talitos_ctx *ctx = crypto_skcipher_ctx(cipher);
1655 	struct talitos_edesc *edesc;
1656 	unsigned int blocksize =
1657 			crypto_tfm_alg_blocksize(crypto_skcipher_tfm(cipher));
1658 
1659 	if (!areq->cryptlen)
1660 		return 0;
1661 
1662 	if (areq->cryptlen % blocksize)
1663 		return -EINVAL;
1664 
1665 	/* allocate extended descriptor */
1666 	edesc = skcipher_edesc_alloc(areq, true);
1667 	if (IS_ERR(edesc))
1668 		return PTR_ERR(edesc);
1669 
1670 	/* set encrypt */
1671 	edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_MODE0_ENCRYPT;
1672 
1673 	return common_nonsnoop(edesc, areq, skcipher_done);
1674 }
1675 
skcipher_decrypt(struct skcipher_request * areq)1676 static int skcipher_decrypt(struct skcipher_request *areq)
1677 {
1678 	struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(areq);
1679 	struct talitos_ctx *ctx = crypto_skcipher_ctx(cipher);
1680 	struct talitos_edesc *edesc;
1681 	unsigned int blocksize =
1682 			crypto_tfm_alg_blocksize(crypto_skcipher_tfm(cipher));
1683 
1684 	if (!areq->cryptlen)
1685 		return 0;
1686 
1687 	if (areq->cryptlen % blocksize)
1688 		return -EINVAL;
1689 
1690 	/* allocate extended descriptor */
1691 	edesc = skcipher_edesc_alloc(areq, false);
1692 	if (IS_ERR(edesc))
1693 		return PTR_ERR(edesc);
1694 
1695 	edesc->desc.hdr = ctx->desc_hdr_template | DESC_HDR_DIR_INBOUND;
1696 
1697 	return common_nonsnoop(edesc, areq, skcipher_done);
1698 }
1699 
common_nonsnoop_hash_unmap(struct device * dev,struct talitos_edesc * edesc,struct ahash_request * areq)1700 static void common_nonsnoop_hash_unmap(struct device *dev,
1701 				       struct talitos_edesc *edesc,
1702 				       struct ahash_request *areq)
1703 {
1704 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1705 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1706 	struct talitos_private *priv = dev_get_drvdata(dev);
1707 	bool is_sec1 = has_ftr_sec1(priv);
1708 	struct talitos_desc *desc = &edesc->desc;
1709 	struct talitos_desc *desc2 = (struct talitos_desc *)
1710 				     (edesc->buf + edesc->dma_len);
1711 
1712 	unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
1713 	if (desc->next_desc &&
1714 	    desc->ptr[5].ptr != desc2->ptr[5].ptr)
1715 		unmap_single_talitos_ptr(dev, &desc2->ptr[5], DMA_FROM_DEVICE);
1716 	if (req_ctx->last)
1717 		memcpy(areq->result, req_ctx->hw_context,
1718 		       crypto_ahash_digestsize(tfm));
1719 
1720 	if (req_ctx->psrc)
1721 		talitos_sg_unmap(dev, edesc, req_ctx->psrc, NULL, 0, 0);
1722 
1723 	/* When using hashctx-in, must unmap it. */
1724 	if (from_talitos_ptr_len(&edesc->desc.ptr[1], is_sec1))
1725 		unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1],
1726 					 DMA_TO_DEVICE);
1727 	else if (desc->next_desc)
1728 		unmap_single_talitos_ptr(dev, &desc2->ptr[1],
1729 					 DMA_TO_DEVICE);
1730 
1731 	if (is_sec1 && req_ctx->nbuf)
1732 		unmap_single_talitos_ptr(dev, &desc->ptr[3],
1733 					 DMA_TO_DEVICE);
1734 
1735 	if (edesc->dma_len)
1736 		dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
1737 				 DMA_BIDIRECTIONAL);
1738 
1739 	if (edesc->desc.next_desc)
1740 		dma_unmap_single(dev, be32_to_cpu(edesc->desc.next_desc),
1741 				 TALITOS_DESC_SIZE, DMA_BIDIRECTIONAL);
1742 }
1743 
ahash_done(struct device * dev,struct talitos_desc * desc,void * context,int err)1744 static void ahash_done(struct device *dev,
1745 		       struct talitos_desc *desc, void *context,
1746 		       int err)
1747 {
1748 	struct ahash_request *areq = context;
1749 	struct talitos_edesc *edesc =
1750 		 container_of(desc, struct talitos_edesc, desc);
1751 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1752 
1753 	if (!req_ctx->last && req_ctx->to_hash_later) {
1754 		/* Position any partial block for next update/final/finup */
1755 		req_ctx->buf_idx = (req_ctx->buf_idx + 1) & 1;
1756 		req_ctx->nbuf = req_ctx->to_hash_later;
1757 	}
1758 	common_nonsnoop_hash_unmap(dev, edesc, areq);
1759 
1760 	kfree(edesc);
1761 
1762 	areq->base.complete(&areq->base, err);
1763 }
1764 
1765 /*
1766  * SEC1 doesn't like hashing of 0 sized message, so we do the padding
1767  * ourself and submit a padded block
1768  */
talitos_handle_buggy_hash(struct talitos_ctx * ctx,struct talitos_edesc * edesc,struct talitos_ptr * ptr)1769 static void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
1770 			       struct talitos_edesc *edesc,
1771 			       struct talitos_ptr *ptr)
1772 {
1773 	static u8 padded_hash[64] = {
1774 		0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1775 		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1776 		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1777 		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1778 	};
1779 
1780 	pr_err_once("Bug in SEC1, padding ourself\n");
1781 	edesc->desc.hdr &= ~DESC_HDR_MODE0_MDEU_PAD;
1782 	map_single_talitos_ptr(ctx->dev, ptr, sizeof(padded_hash),
1783 			       (char *)padded_hash, DMA_TO_DEVICE);
1784 }
1785 
common_nonsnoop_hash(struct talitos_edesc * edesc,struct ahash_request * areq,unsigned int length,void (* callback)(struct device * dev,struct talitos_desc * desc,void * context,int error))1786 static int common_nonsnoop_hash(struct talitos_edesc *edesc,
1787 				struct ahash_request *areq, unsigned int length,
1788 				void (*callback) (struct device *dev,
1789 						  struct talitos_desc *desc,
1790 						  void *context, int error))
1791 {
1792 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1793 	struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1794 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1795 	struct device *dev = ctx->dev;
1796 	struct talitos_desc *desc = &edesc->desc;
1797 	int ret;
1798 	bool sync_needed = false;
1799 	struct talitos_private *priv = dev_get_drvdata(dev);
1800 	bool is_sec1 = has_ftr_sec1(priv);
1801 	int sg_count;
1802 
1803 	/* first DWORD empty */
1804 
1805 	/* hash context in */
1806 	if (!req_ctx->first || req_ctx->swinit) {
1807 		map_single_talitos_ptr_nosync(dev, &desc->ptr[1],
1808 					      req_ctx->hw_context_size,
1809 					      req_ctx->hw_context,
1810 					      DMA_TO_DEVICE);
1811 		req_ctx->swinit = 0;
1812 	}
1813 	/* Indicate next op is not the first. */
1814 	req_ctx->first = 0;
1815 
1816 	/* HMAC key */
1817 	if (ctx->keylen)
1818 		to_talitos_ptr(&desc->ptr[2], ctx->dma_key, ctx->keylen,
1819 			       is_sec1);
1820 
1821 	if (is_sec1 && req_ctx->nbuf)
1822 		length -= req_ctx->nbuf;
1823 
1824 	sg_count = edesc->src_nents ?: 1;
1825 	if (is_sec1 && sg_count > 1)
1826 		sg_copy_to_buffer(req_ctx->psrc, sg_count, edesc->buf, length);
1827 	else if (length)
1828 		sg_count = dma_map_sg(dev, req_ctx->psrc, sg_count,
1829 				      DMA_TO_DEVICE);
1830 	/*
1831 	 * data in
1832 	 */
1833 	if (is_sec1 && req_ctx->nbuf) {
1834 		map_single_talitos_ptr(dev, &desc->ptr[3], req_ctx->nbuf,
1835 				       req_ctx->buf[req_ctx->buf_idx],
1836 				       DMA_TO_DEVICE);
1837 	} else {
1838 		sg_count = talitos_sg_map(dev, req_ctx->psrc, length, edesc,
1839 					  &desc->ptr[3], sg_count, 0, 0);
1840 		if (sg_count > 1)
1841 			sync_needed = true;
1842 	}
1843 
1844 	/* fifth DWORD empty */
1845 
1846 	/* hash/HMAC out -or- hash context out */
1847 	if (req_ctx->last)
1848 		map_single_talitos_ptr(dev, &desc->ptr[5],
1849 				       crypto_ahash_digestsize(tfm),
1850 				       req_ctx->hw_context, DMA_FROM_DEVICE);
1851 	else
1852 		map_single_talitos_ptr_nosync(dev, &desc->ptr[5],
1853 					      req_ctx->hw_context_size,
1854 					      req_ctx->hw_context,
1855 					      DMA_FROM_DEVICE);
1856 
1857 	/* last DWORD empty */
1858 
1859 	if (is_sec1 && from_talitos_ptr_len(&desc->ptr[3], true) == 0)
1860 		talitos_handle_buggy_hash(ctx, edesc, &desc->ptr[3]);
1861 
1862 	if (is_sec1 && req_ctx->nbuf && length) {
1863 		struct talitos_desc *desc2 = (struct talitos_desc *)
1864 					     (edesc->buf + edesc->dma_len);
1865 		dma_addr_t next_desc;
1866 
1867 		memset(desc2, 0, sizeof(*desc2));
1868 		desc2->hdr = desc->hdr;
1869 		desc2->hdr &= ~DESC_HDR_MODE0_MDEU_INIT;
1870 		desc2->hdr1 = desc2->hdr;
1871 		desc->hdr &= ~DESC_HDR_MODE0_MDEU_PAD;
1872 		desc->hdr |= DESC_HDR_MODE0_MDEU_CONT;
1873 		desc->hdr &= ~DESC_HDR_DONE_NOTIFY;
1874 
1875 		if (desc->ptr[1].ptr)
1876 			copy_talitos_ptr(&desc2->ptr[1], &desc->ptr[1],
1877 					 is_sec1);
1878 		else
1879 			map_single_talitos_ptr_nosync(dev, &desc2->ptr[1],
1880 						      req_ctx->hw_context_size,
1881 						      req_ctx->hw_context,
1882 						      DMA_TO_DEVICE);
1883 		copy_talitos_ptr(&desc2->ptr[2], &desc->ptr[2], is_sec1);
1884 		sg_count = talitos_sg_map(dev, req_ctx->psrc, length, edesc,
1885 					  &desc2->ptr[3], sg_count, 0, 0);
1886 		if (sg_count > 1)
1887 			sync_needed = true;
1888 		copy_talitos_ptr(&desc2->ptr[5], &desc->ptr[5], is_sec1);
1889 		if (req_ctx->last)
1890 			map_single_talitos_ptr_nosync(dev, &desc->ptr[5],
1891 						      req_ctx->hw_context_size,
1892 						      req_ctx->hw_context,
1893 						      DMA_FROM_DEVICE);
1894 
1895 		next_desc = dma_map_single(dev, &desc2->hdr1, TALITOS_DESC_SIZE,
1896 					   DMA_BIDIRECTIONAL);
1897 		desc->next_desc = cpu_to_be32(next_desc);
1898 	}
1899 
1900 	if (sync_needed)
1901 		dma_sync_single_for_device(dev, edesc->dma_link_tbl,
1902 					   edesc->dma_len, DMA_BIDIRECTIONAL);
1903 
1904 	ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
1905 	if (ret != -EINPROGRESS) {
1906 		common_nonsnoop_hash_unmap(dev, edesc, areq);
1907 		kfree(edesc);
1908 	}
1909 	return ret;
1910 }
1911 
ahash_edesc_alloc(struct ahash_request * areq,unsigned int nbytes)1912 static struct talitos_edesc *ahash_edesc_alloc(struct ahash_request *areq,
1913 					       unsigned int nbytes)
1914 {
1915 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1916 	struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1917 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1918 	struct talitos_private *priv = dev_get_drvdata(ctx->dev);
1919 	bool is_sec1 = has_ftr_sec1(priv);
1920 
1921 	if (is_sec1)
1922 		nbytes -= req_ctx->nbuf;
1923 
1924 	return talitos_edesc_alloc(ctx->dev, req_ctx->psrc, NULL, NULL, 0,
1925 				   nbytes, 0, 0, 0, areq->base.flags, false);
1926 }
1927 
ahash_init(struct ahash_request * areq)1928 static int ahash_init(struct ahash_request *areq)
1929 {
1930 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1931 	struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1932 	struct device *dev = ctx->dev;
1933 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1934 	unsigned int size;
1935 	dma_addr_t dma;
1936 
1937 	/* Initialize the context */
1938 	req_ctx->buf_idx = 0;
1939 	req_ctx->nbuf = 0;
1940 	req_ctx->first = 1; /* first indicates h/w must init its context */
1941 	req_ctx->swinit = 0; /* assume h/w init of context */
1942 	size =	(crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE)
1943 			? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256
1944 			: TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512;
1945 	req_ctx->hw_context_size = size;
1946 
1947 	dma = dma_map_single(dev, req_ctx->hw_context, req_ctx->hw_context_size,
1948 			     DMA_TO_DEVICE);
1949 	dma_unmap_single(dev, dma, req_ctx->hw_context_size, DMA_TO_DEVICE);
1950 
1951 	return 0;
1952 }
1953 
1954 /*
1955  * on h/w without explicit sha224 support, we initialize h/w context
1956  * manually with sha224 constants, and tell it to run sha256.
1957  */
ahash_init_sha224_swinit(struct ahash_request * areq)1958 static int ahash_init_sha224_swinit(struct ahash_request *areq)
1959 {
1960 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1961 
1962 	req_ctx->hw_context[0] = SHA224_H0;
1963 	req_ctx->hw_context[1] = SHA224_H1;
1964 	req_ctx->hw_context[2] = SHA224_H2;
1965 	req_ctx->hw_context[3] = SHA224_H3;
1966 	req_ctx->hw_context[4] = SHA224_H4;
1967 	req_ctx->hw_context[5] = SHA224_H5;
1968 	req_ctx->hw_context[6] = SHA224_H6;
1969 	req_ctx->hw_context[7] = SHA224_H7;
1970 
1971 	/* init 64-bit count */
1972 	req_ctx->hw_context[8] = 0;
1973 	req_ctx->hw_context[9] = 0;
1974 
1975 	ahash_init(areq);
1976 	req_ctx->swinit = 1;/* prevent h/w initting context with sha256 values*/
1977 
1978 	return 0;
1979 }
1980 
ahash_process_req(struct ahash_request * areq,unsigned int nbytes)1981 static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
1982 {
1983 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
1984 	struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
1985 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
1986 	struct talitos_edesc *edesc;
1987 	unsigned int blocksize =
1988 			crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
1989 	unsigned int nbytes_to_hash;
1990 	unsigned int to_hash_later;
1991 	unsigned int nsg;
1992 	int nents;
1993 	struct device *dev = ctx->dev;
1994 	struct talitos_private *priv = dev_get_drvdata(dev);
1995 	bool is_sec1 = has_ftr_sec1(priv);
1996 	u8 *ctx_buf = req_ctx->buf[req_ctx->buf_idx];
1997 
1998 	if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) {
1999 		/* Buffer up to one whole block */
2000 		nents = sg_nents_for_len(areq->src, nbytes);
2001 		if (nents < 0) {
2002 			dev_err(ctx->dev, "Invalid number of src SG.\n");
2003 			return nents;
2004 		}
2005 		sg_copy_to_buffer(areq->src, nents,
2006 				  ctx_buf + req_ctx->nbuf, nbytes);
2007 		req_ctx->nbuf += nbytes;
2008 		return 0;
2009 	}
2010 
2011 	/* At least (blocksize + 1) bytes are available to hash */
2012 	nbytes_to_hash = nbytes + req_ctx->nbuf;
2013 	to_hash_later = nbytes_to_hash & (blocksize - 1);
2014 
2015 	if (req_ctx->last)
2016 		to_hash_later = 0;
2017 	else if (to_hash_later)
2018 		/* There is a partial block. Hash the full block(s) now */
2019 		nbytes_to_hash -= to_hash_later;
2020 	else {
2021 		/* Keep one block buffered */
2022 		nbytes_to_hash -= blocksize;
2023 		to_hash_later = blocksize;
2024 	}
2025 
2026 	/* Chain in any previously buffered data */
2027 	if (!is_sec1 && req_ctx->nbuf) {
2028 		nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
2029 		sg_init_table(req_ctx->bufsl, nsg);
2030 		sg_set_buf(req_ctx->bufsl, ctx_buf, req_ctx->nbuf);
2031 		if (nsg > 1)
2032 			sg_chain(req_ctx->bufsl, 2, areq->src);
2033 		req_ctx->psrc = req_ctx->bufsl;
2034 	} else if (is_sec1 && req_ctx->nbuf && req_ctx->nbuf < blocksize) {
2035 		int offset;
2036 
2037 		if (nbytes_to_hash > blocksize)
2038 			offset = blocksize - req_ctx->nbuf;
2039 		else
2040 			offset = nbytes_to_hash - req_ctx->nbuf;
2041 		nents = sg_nents_for_len(areq->src, offset);
2042 		if (nents < 0) {
2043 			dev_err(ctx->dev, "Invalid number of src SG.\n");
2044 			return nents;
2045 		}
2046 		sg_copy_to_buffer(areq->src, nents,
2047 				  ctx_buf + req_ctx->nbuf, offset);
2048 		req_ctx->nbuf += offset;
2049 		req_ctx->psrc = scatterwalk_ffwd(req_ctx->bufsl, areq->src,
2050 						 offset);
2051 	} else
2052 		req_ctx->psrc = areq->src;
2053 
2054 	if (to_hash_later) {
2055 		nents = sg_nents_for_len(areq->src, nbytes);
2056 		if (nents < 0) {
2057 			dev_err(ctx->dev, "Invalid number of src SG.\n");
2058 			return nents;
2059 		}
2060 		sg_pcopy_to_buffer(areq->src, nents,
2061 				   req_ctx->buf[(req_ctx->buf_idx + 1) & 1],
2062 				      to_hash_later,
2063 				      nbytes - to_hash_later);
2064 	}
2065 	req_ctx->to_hash_later = to_hash_later;
2066 
2067 	/* Allocate extended descriptor */
2068 	edesc = ahash_edesc_alloc(areq, nbytes_to_hash);
2069 	if (IS_ERR(edesc))
2070 		return PTR_ERR(edesc);
2071 
2072 	edesc->desc.hdr = ctx->desc_hdr_template;
2073 
2074 	/* On last one, request SEC to pad; otherwise continue */
2075 	if (req_ctx->last)
2076 		edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_PAD;
2077 	else
2078 		edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_CONT;
2079 
2080 	/* request SEC to INIT hash. */
2081 	if (req_ctx->first && !req_ctx->swinit)
2082 		edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_INIT;
2083 
2084 	/* When the tfm context has a keylen, it's an HMAC.
2085 	 * A first or last (ie. not middle) descriptor must request HMAC.
2086 	 */
2087 	if (ctx->keylen && (req_ctx->first || req_ctx->last))
2088 		edesc->desc.hdr |= DESC_HDR_MODE0_MDEU_HMAC;
2089 
2090 	return common_nonsnoop_hash(edesc, areq, nbytes_to_hash, ahash_done);
2091 }
2092 
ahash_update(struct ahash_request * areq)2093 static int ahash_update(struct ahash_request *areq)
2094 {
2095 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
2096 
2097 	req_ctx->last = 0;
2098 
2099 	return ahash_process_req(areq, areq->nbytes);
2100 }
2101 
ahash_final(struct ahash_request * areq)2102 static int ahash_final(struct ahash_request *areq)
2103 {
2104 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
2105 
2106 	req_ctx->last = 1;
2107 
2108 	return ahash_process_req(areq, 0);
2109 }
2110 
ahash_finup(struct ahash_request * areq)2111 static int ahash_finup(struct ahash_request *areq)
2112 {
2113 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
2114 
2115 	req_ctx->last = 1;
2116 
2117 	return ahash_process_req(areq, areq->nbytes);
2118 }
2119 
ahash_digest(struct ahash_request * areq)2120 static int ahash_digest(struct ahash_request *areq)
2121 {
2122 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
2123 	struct crypto_ahash *ahash = crypto_ahash_reqtfm(areq);
2124 
2125 	ahash->init(areq);
2126 	req_ctx->last = 1;
2127 
2128 	return ahash_process_req(areq, areq->nbytes);
2129 }
2130 
ahash_export(struct ahash_request * areq,void * out)2131 static int ahash_export(struct ahash_request *areq, void *out)
2132 {
2133 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
2134 	struct talitos_export_state *export = out;
2135 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
2136 	struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
2137 	struct device *dev = ctx->dev;
2138 	dma_addr_t dma;
2139 
2140 	dma = dma_map_single(dev, req_ctx->hw_context, req_ctx->hw_context_size,
2141 			     DMA_FROM_DEVICE);
2142 	dma_unmap_single(dev, dma, req_ctx->hw_context_size, DMA_FROM_DEVICE);
2143 
2144 	memcpy(export->hw_context, req_ctx->hw_context,
2145 	       req_ctx->hw_context_size);
2146 	memcpy(export->buf, req_ctx->buf[req_ctx->buf_idx], req_ctx->nbuf);
2147 	export->swinit = req_ctx->swinit;
2148 	export->first = req_ctx->first;
2149 	export->last = req_ctx->last;
2150 	export->to_hash_later = req_ctx->to_hash_later;
2151 	export->nbuf = req_ctx->nbuf;
2152 
2153 	return 0;
2154 }
2155 
ahash_import(struct ahash_request * areq,const void * in)2156 static int ahash_import(struct ahash_request *areq, const void *in)
2157 {
2158 	struct talitos_ahash_req_ctx *req_ctx = ahash_request_ctx(areq);
2159 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
2160 	struct talitos_ctx *ctx = crypto_ahash_ctx(tfm);
2161 	struct device *dev = ctx->dev;
2162 	const struct talitos_export_state *export = in;
2163 	unsigned int size;
2164 	dma_addr_t dma;
2165 
2166 	memset(req_ctx, 0, sizeof(*req_ctx));
2167 	size = (crypto_ahash_digestsize(tfm) <= SHA256_DIGEST_SIZE)
2168 			? TALITOS_MDEU_CONTEXT_SIZE_MD5_SHA1_SHA256
2169 			: TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512;
2170 	req_ctx->hw_context_size = size;
2171 	memcpy(req_ctx->hw_context, export->hw_context, size);
2172 	memcpy(req_ctx->buf[0], export->buf, export->nbuf);
2173 	req_ctx->swinit = export->swinit;
2174 	req_ctx->first = export->first;
2175 	req_ctx->last = export->last;
2176 	req_ctx->to_hash_later = export->to_hash_later;
2177 	req_ctx->nbuf = export->nbuf;
2178 
2179 	dma = dma_map_single(dev, req_ctx->hw_context, req_ctx->hw_context_size,
2180 			     DMA_TO_DEVICE);
2181 	dma_unmap_single(dev, dma, req_ctx->hw_context_size, DMA_TO_DEVICE);
2182 
2183 	return 0;
2184 }
2185 
keyhash(struct crypto_ahash * tfm,const u8 * key,unsigned int keylen,u8 * hash)2186 static int keyhash(struct crypto_ahash *tfm, const u8 *key, unsigned int keylen,
2187 		   u8 *hash)
2188 {
2189 	struct talitos_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm));
2190 
2191 	struct scatterlist sg[1];
2192 	struct ahash_request *req;
2193 	struct crypto_wait wait;
2194 	int ret;
2195 
2196 	crypto_init_wait(&wait);
2197 
2198 	req = ahash_request_alloc(tfm, GFP_KERNEL);
2199 	if (!req)
2200 		return -ENOMEM;
2201 
2202 	/* Keep tfm keylen == 0 during hash of the long key */
2203 	ctx->keylen = 0;
2204 	ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
2205 				   crypto_req_done, &wait);
2206 
2207 	sg_init_one(&sg[0], key, keylen);
2208 
2209 	ahash_request_set_crypt(req, sg, hash, keylen);
2210 	ret = crypto_wait_req(crypto_ahash_digest(req), &wait);
2211 
2212 	ahash_request_free(req);
2213 
2214 	return ret;
2215 }
2216 
ahash_setkey(struct crypto_ahash * tfm,const u8 * key,unsigned int keylen)2217 static int ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
2218 			unsigned int keylen)
2219 {
2220 	struct talitos_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm));
2221 	struct device *dev = ctx->dev;
2222 	unsigned int blocksize =
2223 			crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
2224 	unsigned int digestsize = crypto_ahash_digestsize(tfm);
2225 	unsigned int keysize = keylen;
2226 	u8 hash[SHA512_DIGEST_SIZE];
2227 	int ret;
2228 
2229 	if (keylen <= blocksize)
2230 		memcpy(ctx->key, key, keysize);
2231 	else {
2232 		/* Must get the hash of the long key */
2233 		ret = keyhash(tfm, key, keylen, hash);
2234 
2235 		if (ret)
2236 			return -EINVAL;
2237 
2238 		keysize = digestsize;
2239 		memcpy(ctx->key, hash, digestsize);
2240 	}
2241 
2242 	if (ctx->keylen)
2243 		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
2244 
2245 	ctx->keylen = keysize;
2246 	ctx->dma_key = dma_map_single(dev, ctx->key, keysize, DMA_TO_DEVICE);
2247 
2248 	return 0;
2249 }
2250 
2251 
2252 struct talitos_alg_template {
2253 	u32 type;
2254 	u32 priority;
2255 	union {
2256 		struct skcipher_alg skcipher;
2257 		struct ahash_alg hash;
2258 		struct aead_alg aead;
2259 	} alg;
2260 	__be32 desc_hdr_template;
2261 };
2262 
2263 static struct talitos_alg_template driver_algs[] = {
2264 	/* AEAD algorithms.  These use a single-pass ipsec_esp descriptor */
2265 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2266 		.alg.aead = {
2267 			.base = {
2268 				.cra_name = "authenc(hmac(sha1),cbc(aes))",
2269 				.cra_driver_name = "authenc-hmac-sha1-"
2270 						   "cbc-aes-talitos",
2271 				.cra_blocksize = AES_BLOCK_SIZE,
2272 				.cra_flags = CRYPTO_ALG_ASYNC |
2273 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2274 			},
2275 			.ivsize = AES_BLOCK_SIZE,
2276 			.maxauthsize = SHA1_DIGEST_SIZE,
2277 		},
2278 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2279 			             DESC_HDR_SEL0_AESU |
2280 		                     DESC_HDR_MODE0_AESU_CBC |
2281 		                     DESC_HDR_SEL1_MDEUA |
2282 		                     DESC_HDR_MODE1_MDEU_INIT |
2283 		                     DESC_HDR_MODE1_MDEU_PAD |
2284 		                     DESC_HDR_MODE1_MDEU_SHA1_HMAC,
2285 	},
2286 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2287 		.priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
2288 		.alg.aead = {
2289 			.base = {
2290 				.cra_name = "authenc(hmac(sha1),cbc(aes))",
2291 				.cra_driver_name = "authenc-hmac-sha1-"
2292 						   "cbc-aes-talitos-hsna",
2293 				.cra_blocksize = AES_BLOCK_SIZE,
2294 				.cra_flags = CRYPTO_ALG_ASYNC |
2295 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2296 			},
2297 			.ivsize = AES_BLOCK_SIZE,
2298 			.maxauthsize = SHA1_DIGEST_SIZE,
2299 		},
2300 		.desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
2301 				     DESC_HDR_SEL0_AESU |
2302 				     DESC_HDR_MODE0_AESU_CBC |
2303 				     DESC_HDR_SEL1_MDEUA |
2304 				     DESC_HDR_MODE1_MDEU_INIT |
2305 				     DESC_HDR_MODE1_MDEU_PAD |
2306 				     DESC_HDR_MODE1_MDEU_SHA1_HMAC,
2307 	},
2308 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2309 		.alg.aead = {
2310 			.base = {
2311 				.cra_name = "authenc(hmac(sha1),"
2312 					    "cbc(des3_ede))",
2313 				.cra_driver_name = "authenc-hmac-sha1-"
2314 						   "cbc-3des-talitos",
2315 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2316 				.cra_flags = CRYPTO_ALG_ASYNC |
2317 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2318 			},
2319 			.ivsize = DES3_EDE_BLOCK_SIZE,
2320 			.maxauthsize = SHA1_DIGEST_SIZE,
2321 			.setkey = aead_des3_setkey,
2322 		},
2323 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2324 			             DESC_HDR_SEL0_DEU |
2325 		                     DESC_HDR_MODE0_DEU_CBC |
2326 		                     DESC_HDR_MODE0_DEU_3DES |
2327 		                     DESC_HDR_SEL1_MDEUA |
2328 		                     DESC_HDR_MODE1_MDEU_INIT |
2329 		                     DESC_HDR_MODE1_MDEU_PAD |
2330 		                     DESC_HDR_MODE1_MDEU_SHA1_HMAC,
2331 	},
2332 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2333 		.priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
2334 		.alg.aead = {
2335 			.base = {
2336 				.cra_name = "authenc(hmac(sha1),"
2337 					    "cbc(des3_ede))",
2338 				.cra_driver_name = "authenc-hmac-sha1-"
2339 						   "cbc-3des-talitos-hsna",
2340 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2341 				.cra_flags = CRYPTO_ALG_ASYNC |
2342 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2343 			},
2344 			.ivsize = DES3_EDE_BLOCK_SIZE,
2345 			.maxauthsize = SHA1_DIGEST_SIZE,
2346 			.setkey = aead_des3_setkey,
2347 		},
2348 		.desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
2349 				     DESC_HDR_SEL0_DEU |
2350 				     DESC_HDR_MODE0_DEU_CBC |
2351 				     DESC_HDR_MODE0_DEU_3DES |
2352 				     DESC_HDR_SEL1_MDEUA |
2353 				     DESC_HDR_MODE1_MDEU_INIT |
2354 				     DESC_HDR_MODE1_MDEU_PAD |
2355 				     DESC_HDR_MODE1_MDEU_SHA1_HMAC,
2356 	},
2357 	{       .type = CRYPTO_ALG_TYPE_AEAD,
2358 		.alg.aead = {
2359 			.base = {
2360 				.cra_name = "authenc(hmac(sha224),cbc(aes))",
2361 				.cra_driver_name = "authenc-hmac-sha224-"
2362 						   "cbc-aes-talitos",
2363 				.cra_blocksize = AES_BLOCK_SIZE,
2364 				.cra_flags = CRYPTO_ALG_ASYNC |
2365 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2366 			},
2367 			.ivsize = AES_BLOCK_SIZE,
2368 			.maxauthsize = SHA224_DIGEST_SIZE,
2369 		},
2370 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2371 				     DESC_HDR_SEL0_AESU |
2372 				     DESC_HDR_MODE0_AESU_CBC |
2373 				     DESC_HDR_SEL1_MDEUA |
2374 				     DESC_HDR_MODE1_MDEU_INIT |
2375 				     DESC_HDR_MODE1_MDEU_PAD |
2376 				     DESC_HDR_MODE1_MDEU_SHA224_HMAC,
2377 	},
2378 	{       .type = CRYPTO_ALG_TYPE_AEAD,
2379 		.priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
2380 		.alg.aead = {
2381 			.base = {
2382 				.cra_name = "authenc(hmac(sha224),cbc(aes))",
2383 				.cra_driver_name = "authenc-hmac-sha224-"
2384 						   "cbc-aes-talitos-hsna",
2385 				.cra_blocksize = AES_BLOCK_SIZE,
2386 				.cra_flags = CRYPTO_ALG_ASYNC |
2387 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2388 			},
2389 			.ivsize = AES_BLOCK_SIZE,
2390 			.maxauthsize = SHA224_DIGEST_SIZE,
2391 		},
2392 		.desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
2393 				     DESC_HDR_SEL0_AESU |
2394 				     DESC_HDR_MODE0_AESU_CBC |
2395 				     DESC_HDR_SEL1_MDEUA |
2396 				     DESC_HDR_MODE1_MDEU_INIT |
2397 				     DESC_HDR_MODE1_MDEU_PAD |
2398 				     DESC_HDR_MODE1_MDEU_SHA224_HMAC,
2399 	},
2400 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2401 		.alg.aead = {
2402 			.base = {
2403 				.cra_name = "authenc(hmac(sha224),"
2404 					    "cbc(des3_ede))",
2405 				.cra_driver_name = "authenc-hmac-sha224-"
2406 						   "cbc-3des-talitos",
2407 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2408 				.cra_flags = CRYPTO_ALG_ASYNC |
2409 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2410 			},
2411 			.ivsize = DES3_EDE_BLOCK_SIZE,
2412 			.maxauthsize = SHA224_DIGEST_SIZE,
2413 			.setkey = aead_des3_setkey,
2414 		},
2415 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2416 			             DESC_HDR_SEL0_DEU |
2417 		                     DESC_HDR_MODE0_DEU_CBC |
2418 		                     DESC_HDR_MODE0_DEU_3DES |
2419 		                     DESC_HDR_SEL1_MDEUA |
2420 		                     DESC_HDR_MODE1_MDEU_INIT |
2421 		                     DESC_HDR_MODE1_MDEU_PAD |
2422 		                     DESC_HDR_MODE1_MDEU_SHA224_HMAC,
2423 	},
2424 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2425 		.priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
2426 		.alg.aead = {
2427 			.base = {
2428 				.cra_name = "authenc(hmac(sha224),"
2429 					    "cbc(des3_ede))",
2430 				.cra_driver_name = "authenc-hmac-sha224-"
2431 						   "cbc-3des-talitos-hsna",
2432 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2433 				.cra_flags = CRYPTO_ALG_ASYNC |
2434 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2435 			},
2436 			.ivsize = DES3_EDE_BLOCK_SIZE,
2437 			.maxauthsize = SHA224_DIGEST_SIZE,
2438 			.setkey = aead_des3_setkey,
2439 		},
2440 		.desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
2441 				     DESC_HDR_SEL0_DEU |
2442 				     DESC_HDR_MODE0_DEU_CBC |
2443 				     DESC_HDR_MODE0_DEU_3DES |
2444 				     DESC_HDR_SEL1_MDEUA |
2445 				     DESC_HDR_MODE1_MDEU_INIT |
2446 				     DESC_HDR_MODE1_MDEU_PAD |
2447 				     DESC_HDR_MODE1_MDEU_SHA224_HMAC,
2448 	},
2449 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2450 		.alg.aead = {
2451 			.base = {
2452 				.cra_name = "authenc(hmac(sha256),cbc(aes))",
2453 				.cra_driver_name = "authenc-hmac-sha256-"
2454 						   "cbc-aes-talitos",
2455 				.cra_blocksize = AES_BLOCK_SIZE,
2456 				.cra_flags = CRYPTO_ALG_ASYNC |
2457 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2458 			},
2459 			.ivsize = AES_BLOCK_SIZE,
2460 			.maxauthsize = SHA256_DIGEST_SIZE,
2461 		},
2462 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2463 			             DESC_HDR_SEL0_AESU |
2464 		                     DESC_HDR_MODE0_AESU_CBC |
2465 		                     DESC_HDR_SEL1_MDEUA |
2466 		                     DESC_HDR_MODE1_MDEU_INIT |
2467 		                     DESC_HDR_MODE1_MDEU_PAD |
2468 		                     DESC_HDR_MODE1_MDEU_SHA256_HMAC,
2469 	},
2470 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2471 		.priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
2472 		.alg.aead = {
2473 			.base = {
2474 				.cra_name = "authenc(hmac(sha256),cbc(aes))",
2475 				.cra_driver_name = "authenc-hmac-sha256-"
2476 						   "cbc-aes-talitos-hsna",
2477 				.cra_blocksize = AES_BLOCK_SIZE,
2478 				.cra_flags = CRYPTO_ALG_ASYNC |
2479 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2480 			},
2481 			.ivsize = AES_BLOCK_SIZE,
2482 			.maxauthsize = SHA256_DIGEST_SIZE,
2483 		},
2484 		.desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
2485 				     DESC_HDR_SEL0_AESU |
2486 				     DESC_HDR_MODE0_AESU_CBC |
2487 				     DESC_HDR_SEL1_MDEUA |
2488 				     DESC_HDR_MODE1_MDEU_INIT |
2489 				     DESC_HDR_MODE1_MDEU_PAD |
2490 				     DESC_HDR_MODE1_MDEU_SHA256_HMAC,
2491 	},
2492 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2493 		.alg.aead = {
2494 			.base = {
2495 				.cra_name = "authenc(hmac(sha256),"
2496 					    "cbc(des3_ede))",
2497 				.cra_driver_name = "authenc-hmac-sha256-"
2498 						   "cbc-3des-talitos",
2499 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2500 				.cra_flags = CRYPTO_ALG_ASYNC |
2501 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2502 			},
2503 			.ivsize = DES3_EDE_BLOCK_SIZE,
2504 			.maxauthsize = SHA256_DIGEST_SIZE,
2505 			.setkey = aead_des3_setkey,
2506 		},
2507 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2508 			             DESC_HDR_SEL0_DEU |
2509 		                     DESC_HDR_MODE0_DEU_CBC |
2510 		                     DESC_HDR_MODE0_DEU_3DES |
2511 		                     DESC_HDR_SEL1_MDEUA |
2512 		                     DESC_HDR_MODE1_MDEU_INIT |
2513 		                     DESC_HDR_MODE1_MDEU_PAD |
2514 		                     DESC_HDR_MODE1_MDEU_SHA256_HMAC,
2515 	},
2516 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2517 		.priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
2518 		.alg.aead = {
2519 			.base = {
2520 				.cra_name = "authenc(hmac(sha256),"
2521 					    "cbc(des3_ede))",
2522 				.cra_driver_name = "authenc-hmac-sha256-"
2523 						   "cbc-3des-talitos-hsna",
2524 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2525 				.cra_flags = CRYPTO_ALG_ASYNC |
2526 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2527 			},
2528 			.ivsize = DES3_EDE_BLOCK_SIZE,
2529 			.maxauthsize = SHA256_DIGEST_SIZE,
2530 			.setkey = aead_des3_setkey,
2531 		},
2532 		.desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
2533 				     DESC_HDR_SEL0_DEU |
2534 				     DESC_HDR_MODE0_DEU_CBC |
2535 				     DESC_HDR_MODE0_DEU_3DES |
2536 				     DESC_HDR_SEL1_MDEUA |
2537 				     DESC_HDR_MODE1_MDEU_INIT |
2538 				     DESC_HDR_MODE1_MDEU_PAD |
2539 				     DESC_HDR_MODE1_MDEU_SHA256_HMAC,
2540 	},
2541 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2542 		.alg.aead = {
2543 			.base = {
2544 				.cra_name = "authenc(hmac(sha384),cbc(aes))",
2545 				.cra_driver_name = "authenc-hmac-sha384-"
2546 						   "cbc-aes-talitos",
2547 				.cra_blocksize = AES_BLOCK_SIZE,
2548 				.cra_flags = CRYPTO_ALG_ASYNC |
2549 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2550 			},
2551 			.ivsize = AES_BLOCK_SIZE,
2552 			.maxauthsize = SHA384_DIGEST_SIZE,
2553 		},
2554 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2555 			             DESC_HDR_SEL0_AESU |
2556 		                     DESC_HDR_MODE0_AESU_CBC |
2557 		                     DESC_HDR_SEL1_MDEUB |
2558 		                     DESC_HDR_MODE1_MDEU_INIT |
2559 		                     DESC_HDR_MODE1_MDEU_PAD |
2560 		                     DESC_HDR_MODE1_MDEUB_SHA384_HMAC,
2561 	},
2562 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2563 		.alg.aead = {
2564 			.base = {
2565 				.cra_name = "authenc(hmac(sha384),"
2566 					    "cbc(des3_ede))",
2567 				.cra_driver_name = "authenc-hmac-sha384-"
2568 						   "cbc-3des-talitos",
2569 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2570 				.cra_flags = CRYPTO_ALG_ASYNC |
2571 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2572 			},
2573 			.ivsize = DES3_EDE_BLOCK_SIZE,
2574 			.maxauthsize = SHA384_DIGEST_SIZE,
2575 			.setkey = aead_des3_setkey,
2576 		},
2577 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2578 			             DESC_HDR_SEL0_DEU |
2579 		                     DESC_HDR_MODE0_DEU_CBC |
2580 		                     DESC_HDR_MODE0_DEU_3DES |
2581 		                     DESC_HDR_SEL1_MDEUB |
2582 		                     DESC_HDR_MODE1_MDEU_INIT |
2583 		                     DESC_HDR_MODE1_MDEU_PAD |
2584 		                     DESC_HDR_MODE1_MDEUB_SHA384_HMAC,
2585 	},
2586 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2587 		.alg.aead = {
2588 			.base = {
2589 				.cra_name = "authenc(hmac(sha512),cbc(aes))",
2590 				.cra_driver_name = "authenc-hmac-sha512-"
2591 						   "cbc-aes-talitos",
2592 				.cra_blocksize = AES_BLOCK_SIZE,
2593 				.cra_flags = CRYPTO_ALG_ASYNC |
2594 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2595 			},
2596 			.ivsize = AES_BLOCK_SIZE,
2597 			.maxauthsize = SHA512_DIGEST_SIZE,
2598 		},
2599 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2600 			             DESC_HDR_SEL0_AESU |
2601 		                     DESC_HDR_MODE0_AESU_CBC |
2602 		                     DESC_HDR_SEL1_MDEUB |
2603 		                     DESC_HDR_MODE1_MDEU_INIT |
2604 		                     DESC_HDR_MODE1_MDEU_PAD |
2605 		                     DESC_HDR_MODE1_MDEUB_SHA512_HMAC,
2606 	},
2607 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2608 		.alg.aead = {
2609 			.base = {
2610 				.cra_name = "authenc(hmac(sha512),"
2611 					    "cbc(des3_ede))",
2612 				.cra_driver_name = "authenc-hmac-sha512-"
2613 						   "cbc-3des-talitos",
2614 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2615 				.cra_flags = CRYPTO_ALG_ASYNC |
2616 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2617 			},
2618 			.ivsize = DES3_EDE_BLOCK_SIZE,
2619 			.maxauthsize = SHA512_DIGEST_SIZE,
2620 			.setkey = aead_des3_setkey,
2621 		},
2622 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2623 			             DESC_HDR_SEL0_DEU |
2624 		                     DESC_HDR_MODE0_DEU_CBC |
2625 		                     DESC_HDR_MODE0_DEU_3DES |
2626 		                     DESC_HDR_SEL1_MDEUB |
2627 		                     DESC_HDR_MODE1_MDEU_INIT |
2628 		                     DESC_HDR_MODE1_MDEU_PAD |
2629 		                     DESC_HDR_MODE1_MDEUB_SHA512_HMAC,
2630 	},
2631 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2632 		.alg.aead = {
2633 			.base = {
2634 				.cra_name = "authenc(hmac(md5),cbc(aes))",
2635 				.cra_driver_name = "authenc-hmac-md5-"
2636 						   "cbc-aes-talitos",
2637 				.cra_blocksize = AES_BLOCK_SIZE,
2638 				.cra_flags = CRYPTO_ALG_ASYNC |
2639 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2640 			},
2641 			.ivsize = AES_BLOCK_SIZE,
2642 			.maxauthsize = MD5_DIGEST_SIZE,
2643 		},
2644 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2645 			             DESC_HDR_SEL0_AESU |
2646 		                     DESC_HDR_MODE0_AESU_CBC |
2647 		                     DESC_HDR_SEL1_MDEUA |
2648 		                     DESC_HDR_MODE1_MDEU_INIT |
2649 		                     DESC_HDR_MODE1_MDEU_PAD |
2650 		                     DESC_HDR_MODE1_MDEU_MD5_HMAC,
2651 	},
2652 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2653 		.priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
2654 		.alg.aead = {
2655 			.base = {
2656 				.cra_name = "authenc(hmac(md5),cbc(aes))",
2657 				.cra_driver_name = "authenc-hmac-md5-"
2658 						   "cbc-aes-talitos-hsna",
2659 				.cra_blocksize = AES_BLOCK_SIZE,
2660 				.cra_flags = CRYPTO_ALG_ASYNC |
2661 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2662 			},
2663 			.ivsize = AES_BLOCK_SIZE,
2664 			.maxauthsize = MD5_DIGEST_SIZE,
2665 		},
2666 		.desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
2667 				     DESC_HDR_SEL0_AESU |
2668 				     DESC_HDR_MODE0_AESU_CBC |
2669 				     DESC_HDR_SEL1_MDEUA |
2670 				     DESC_HDR_MODE1_MDEU_INIT |
2671 				     DESC_HDR_MODE1_MDEU_PAD |
2672 				     DESC_HDR_MODE1_MDEU_MD5_HMAC,
2673 	},
2674 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2675 		.alg.aead = {
2676 			.base = {
2677 				.cra_name = "authenc(hmac(md5),cbc(des3_ede))",
2678 				.cra_driver_name = "authenc-hmac-md5-"
2679 						   "cbc-3des-talitos",
2680 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2681 				.cra_flags = CRYPTO_ALG_ASYNC |
2682 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2683 			},
2684 			.ivsize = DES3_EDE_BLOCK_SIZE,
2685 			.maxauthsize = MD5_DIGEST_SIZE,
2686 			.setkey = aead_des3_setkey,
2687 		},
2688 		.desc_hdr_template = DESC_HDR_TYPE_IPSEC_ESP |
2689 			             DESC_HDR_SEL0_DEU |
2690 		                     DESC_HDR_MODE0_DEU_CBC |
2691 		                     DESC_HDR_MODE0_DEU_3DES |
2692 		                     DESC_HDR_SEL1_MDEUA |
2693 		                     DESC_HDR_MODE1_MDEU_INIT |
2694 		                     DESC_HDR_MODE1_MDEU_PAD |
2695 		                     DESC_HDR_MODE1_MDEU_MD5_HMAC,
2696 	},
2697 	{	.type = CRYPTO_ALG_TYPE_AEAD,
2698 		.priority = TALITOS_CRA_PRIORITY_AEAD_HSNA,
2699 		.alg.aead = {
2700 			.base = {
2701 				.cra_name = "authenc(hmac(md5),cbc(des3_ede))",
2702 				.cra_driver_name = "authenc-hmac-md5-"
2703 						   "cbc-3des-talitos-hsna",
2704 				.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2705 				.cra_flags = CRYPTO_ALG_ASYNC |
2706 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2707 			},
2708 			.ivsize = DES3_EDE_BLOCK_SIZE,
2709 			.maxauthsize = MD5_DIGEST_SIZE,
2710 			.setkey = aead_des3_setkey,
2711 		},
2712 		.desc_hdr_template = DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU |
2713 				     DESC_HDR_SEL0_DEU |
2714 				     DESC_HDR_MODE0_DEU_CBC |
2715 				     DESC_HDR_MODE0_DEU_3DES |
2716 				     DESC_HDR_SEL1_MDEUA |
2717 				     DESC_HDR_MODE1_MDEU_INIT |
2718 				     DESC_HDR_MODE1_MDEU_PAD |
2719 				     DESC_HDR_MODE1_MDEU_MD5_HMAC,
2720 	},
2721 	/* SKCIPHER algorithms. */
2722 	{	.type = CRYPTO_ALG_TYPE_SKCIPHER,
2723 		.alg.skcipher = {
2724 			.base.cra_name = "ecb(aes)",
2725 			.base.cra_driver_name = "ecb-aes-talitos",
2726 			.base.cra_blocksize = AES_BLOCK_SIZE,
2727 			.base.cra_flags = CRYPTO_ALG_ASYNC |
2728 					  CRYPTO_ALG_ALLOCATES_MEMORY,
2729 			.min_keysize = AES_MIN_KEY_SIZE,
2730 			.max_keysize = AES_MAX_KEY_SIZE,
2731 			.setkey = skcipher_aes_setkey,
2732 		},
2733 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2734 				     DESC_HDR_SEL0_AESU,
2735 	},
2736 	{	.type = CRYPTO_ALG_TYPE_SKCIPHER,
2737 		.alg.skcipher = {
2738 			.base.cra_name = "cbc(aes)",
2739 			.base.cra_driver_name = "cbc-aes-talitos",
2740 			.base.cra_blocksize = AES_BLOCK_SIZE,
2741 			.base.cra_flags = CRYPTO_ALG_ASYNC |
2742 					  CRYPTO_ALG_ALLOCATES_MEMORY,
2743 			.min_keysize = AES_MIN_KEY_SIZE,
2744 			.max_keysize = AES_MAX_KEY_SIZE,
2745 			.ivsize = AES_BLOCK_SIZE,
2746 			.setkey = skcipher_aes_setkey,
2747 		},
2748 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2749 				     DESC_HDR_SEL0_AESU |
2750 				     DESC_HDR_MODE0_AESU_CBC,
2751 	},
2752 	{	.type = CRYPTO_ALG_TYPE_SKCIPHER,
2753 		.alg.skcipher = {
2754 			.base.cra_name = "ctr(aes)",
2755 			.base.cra_driver_name = "ctr-aes-talitos",
2756 			.base.cra_blocksize = 1,
2757 			.base.cra_flags = CRYPTO_ALG_ASYNC |
2758 					  CRYPTO_ALG_ALLOCATES_MEMORY,
2759 			.min_keysize = AES_MIN_KEY_SIZE,
2760 			.max_keysize = AES_MAX_KEY_SIZE,
2761 			.ivsize = AES_BLOCK_SIZE,
2762 			.setkey = skcipher_aes_setkey,
2763 		},
2764 		.desc_hdr_template = DESC_HDR_TYPE_AESU_CTR_NONSNOOP |
2765 				     DESC_HDR_SEL0_AESU |
2766 				     DESC_HDR_MODE0_AESU_CTR,
2767 	},
2768 	{	.type = CRYPTO_ALG_TYPE_SKCIPHER,
2769 		.alg.skcipher = {
2770 			.base.cra_name = "ctr(aes)",
2771 			.base.cra_driver_name = "ctr-aes-talitos",
2772 			.base.cra_blocksize = 1,
2773 			.base.cra_flags = CRYPTO_ALG_ASYNC |
2774 					  CRYPTO_ALG_ALLOCATES_MEMORY,
2775 			.min_keysize = AES_MIN_KEY_SIZE,
2776 			.max_keysize = AES_MAX_KEY_SIZE,
2777 			.ivsize = AES_BLOCK_SIZE,
2778 			.setkey = skcipher_aes_setkey,
2779 		},
2780 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2781 				     DESC_HDR_SEL0_AESU |
2782 				     DESC_HDR_MODE0_AESU_CTR,
2783 	},
2784 	{	.type = CRYPTO_ALG_TYPE_SKCIPHER,
2785 		.alg.skcipher = {
2786 			.base.cra_name = "ecb(des)",
2787 			.base.cra_driver_name = "ecb-des-talitos",
2788 			.base.cra_blocksize = DES_BLOCK_SIZE,
2789 			.base.cra_flags = CRYPTO_ALG_ASYNC |
2790 					  CRYPTO_ALG_ALLOCATES_MEMORY,
2791 			.min_keysize = DES_KEY_SIZE,
2792 			.max_keysize = DES_KEY_SIZE,
2793 			.setkey = skcipher_des_setkey,
2794 		},
2795 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2796 				     DESC_HDR_SEL0_DEU,
2797 	},
2798 	{	.type = CRYPTO_ALG_TYPE_SKCIPHER,
2799 		.alg.skcipher = {
2800 			.base.cra_name = "cbc(des)",
2801 			.base.cra_driver_name = "cbc-des-talitos",
2802 			.base.cra_blocksize = DES_BLOCK_SIZE,
2803 			.base.cra_flags = CRYPTO_ALG_ASYNC |
2804 					  CRYPTO_ALG_ALLOCATES_MEMORY,
2805 			.min_keysize = DES_KEY_SIZE,
2806 			.max_keysize = DES_KEY_SIZE,
2807 			.ivsize = DES_BLOCK_SIZE,
2808 			.setkey = skcipher_des_setkey,
2809 		},
2810 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2811 				     DESC_HDR_SEL0_DEU |
2812 				     DESC_HDR_MODE0_DEU_CBC,
2813 	},
2814 	{	.type = CRYPTO_ALG_TYPE_SKCIPHER,
2815 		.alg.skcipher = {
2816 			.base.cra_name = "ecb(des3_ede)",
2817 			.base.cra_driver_name = "ecb-3des-talitos",
2818 			.base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2819 			.base.cra_flags = CRYPTO_ALG_ASYNC |
2820 					  CRYPTO_ALG_ALLOCATES_MEMORY,
2821 			.min_keysize = DES3_EDE_KEY_SIZE,
2822 			.max_keysize = DES3_EDE_KEY_SIZE,
2823 			.setkey = skcipher_des3_setkey,
2824 		},
2825 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2826 				     DESC_HDR_SEL0_DEU |
2827 				     DESC_HDR_MODE0_DEU_3DES,
2828 	},
2829 	{	.type = CRYPTO_ALG_TYPE_SKCIPHER,
2830 		.alg.skcipher = {
2831 			.base.cra_name = "cbc(des3_ede)",
2832 			.base.cra_driver_name = "cbc-3des-talitos",
2833 			.base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
2834 			.base.cra_flags = CRYPTO_ALG_ASYNC |
2835 					  CRYPTO_ALG_ALLOCATES_MEMORY,
2836 			.min_keysize = DES3_EDE_KEY_SIZE,
2837 			.max_keysize = DES3_EDE_KEY_SIZE,
2838 			.ivsize = DES3_EDE_BLOCK_SIZE,
2839 			.setkey = skcipher_des3_setkey,
2840 		},
2841 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2842 			             DESC_HDR_SEL0_DEU |
2843 		                     DESC_HDR_MODE0_DEU_CBC |
2844 		                     DESC_HDR_MODE0_DEU_3DES,
2845 	},
2846 	/* AHASH algorithms. */
2847 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2848 		.alg.hash = {
2849 			.halg.digestsize = MD5_DIGEST_SIZE,
2850 			.halg.statesize = sizeof(struct talitos_export_state),
2851 			.halg.base = {
2852 				.cra_name = "md5",
2853 				.cra_driver_name = "md5-talitos",
2854 				.cra_blocksize = MD5_HMAC_BLOCK_SIZE,
2855 				.cra_flags = CRYPTO_ALG_ASYNC |
2856 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2857 			}
2858 		},
2859 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2860 				     DESC_HDR_SEL0_MDEUA |
2861 				     DESC_HDR_MODE0_MDEU_MD5,
2862 	},
2863 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2864 		.alg.hash = {
2865 			.halg.digestsize = SHA1_DIGEST_SIZE,
2866 			.halg.statesize = sizeof(struct talitos_export_state),
2867 			.halg.base = {
2868 				.cra_name = "sha1",
2869 				.cra_driver_name = "sha1-talitos",
2870 				.cra_blocksize = SHA1_BLOCK_SIZE,
2871 				.cra_flags = CRYPTO_ALG_ASYNC |
2872 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2873 			}
2874 		},
2875 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2876 				     DESC_HDR_SEL0_MDEUA |
2877 				     DESC_HDR_MODE0_MDEU_SHA1,
2878 	},
2879 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2880 		.alg.hash = {
2881 			.halg.digestsize = SHA224_DIGEST_SIZE,
2882 			.halg.statesize = sizeof(struct talitos_export_state),
2883 			.halg.base = {
2884 				.cra_name = "sha224",
2885 				.cra_driver_name = "sha224-talitos",
2886 				.cra_blocksize = SHA224_BLOCK_SIZE,
2887 				.cra_flags = CRYPTO_ALG_ASYNC |
2888 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2889 			}
2890 		},
2891 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2892 				     DESC_HDR_SEL0_MDEUA |
2893 				     DESC_HDR_MODE0_MDEU_SHA224,
2894 	},
2895 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2896 		.alg.hash = {
2897 			.halg.digestsize = SHA256_DIGEST_SIZE,
2898 			.halg.statesize = sizeof(struct talitos_export_state),
2899 			.halg.base = {
2900 				.cra_name = "sha256",
2901 				.cra_driver_name = "sha256-talitos",
2902 				.cra_blocksize = SHA256_BLOCK_SIZE,
2903 				.cra_flags = CRYPTO_ALG_ASYNC |
2904 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2905 			}
2906 		},
2907 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2908 				     DESC_HDR_SEL0_MDEUA |
2909 				     DESC_HDR_MODE0_MDEU_SHA256,
2910 	},
2911 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2912 		.alg.hash = {
2913 			.halg.digestsize = SHA384_DIGEST_SIZE,
2914 			.halg.statesize = sizeof(struct talitos_export_state),
2915 			.halg.base = {
2916 				.cra_name = "sha384",
2917 				.cra_driver_name = "sha384-talitos",
2918 				.cra_blocksize = SHA384_BLOCK_SIZE,
2919 				.cra_flags = CRYPTO_ALG_ASYNC |
2920 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2921 			}
2922 		},
2923 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2924 				     DESC_HDR_SEL0_MDEUB |
2925 				     DESC_HDR_MODE0_MDEUB_SHA384,
2926 	},
2927 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2928 		.alg.hash = {
2929 			.halg.digestsize = SHA512_DIGEST_SIZE,
2930 			.halg.statesize = sizeof(struct talitos_export_state),
2931 			.halg.base = {
2932 				.cra_name = "sha512",
2933 				.cra_driver_name = "sha512-talitos",
2934 				.cra_blocksize = SHA512_BLOCK_SIZE,
2935 				.cra_flags = CRYPTO_ALG_ASYNC |
2936 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2937 			}
2938 		},
2939 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2940 				     DESC_HDR_SEL0_MDEUB |
2941 				     DESC_HDR_MODE0_MDEUB_SHA512,
2942 	},
2943 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2944 		.alg.hash = {
2945 			.halg.digestsize = MD5_DIGEST_SIZE,
2946 			.halg.statesize = sizeof(struct talitos_export_state),
2947 			.halg.base = {
2948 				.cra_name = "hmac(md5)",
2949 				.cra_driver_name = "hmac-md5-talitos",
2950 				.cra_blocksize = MD5_HMAC_BLOCK_SIZE,
2951 				.cra_flags = CRYPTO_ALG_ASYNC |
2952 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2953 			}
2954 		},
2955 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2956 				     DESC_HDR_SEL0_MDEUA |
2957 				     DESC_HDR_MODE0_MDEU_MD5,
2958 	},
2959 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2960 		.alg.hash = {
2961 			.halg.digestsize = SHA1_DIGEST_SIZE,
2962 			.halg.statesize = sizeof(struct talitos_export_state),
2963 			.halg.base = {
2964 				.cra_name = "hmac(sha1)",
2965 				.cra_driver_name = "hmac-sha1-talitos",
2966 				.cra_blocksize = SHA1_BLOCK_SIZE,
2967 				.cra_flags = CRYPTO_ALG_ASYNC |
2968 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2969 			}
2970 		},
2971 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2972 				     DESC_HDR_SEL0_MDEUA |
2973 				     DESC_HDR_MODE0_MDEU_SHA1,
2974 	},
2975 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2976 		.alg.hash = {
2977 			.halg.digestsize = SHA224_DIGEST_SIZE,
2978 			.halg.statesize = sizeof(struct talitos_export_state),
2979 			.halg.base = {
2980 				.cra_name = "hmac(sha224)",
2981 				.cra_driver_name = "hmac-sha224-talitos",
2982 				.cra_blocksize = SHA224_BLOCK_SIZE,
2983 				.cra_flags = CRYPTO_ALG_ASYNC |
2984 					     CRYPTO_ALG_ALLOCATES_MEMORY,
2985 			}
2986 		},
2987 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
2988 				     DESC_HDR_SEL0_MDEUA |
2989 				     DESC_HDR_MODE0_MDEU_SHA224,
2990 	},
2991 	{	.type = CRYPTO_ALG_TYPE_AHASH,
2992 		.alg.hash = {
2993 			.halg.digestsize = SHA256_DIGEST_SIZE,
2994 			.halg.statesize = sizeof(struct talitos_export_state),
2995 			.halg.base = {
2996 				.cra_name = "hmac(sha256)",
2997 				.cra_driver_name = "hmac-sha256-talitos",
2998 				.cra_blocksize = SHA256_BLOCK_SIZE,
2999 				.cra_flags = CRYPTO_ALG_ASYNC |
3000 					     CRYPTO_ALG_ALLOCATES_MEMORY,
3001 			}
3002 		},
3003 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
3004 				     DESC_HDR_SEL0_MDEUA |
3005 				     DESC_HDR_MODE0_MDEU_SHA256,
3006 	},
3007 	{	.type = CRYPTO_ALG_TYPE_AHASH,
3008 		.alg.hash = {
3009 			.halg.digestsize = SHA384_DIGEST_SIZE,
3010 			.halg.statesize = sizeof(struct talitos_export_state),
3011 			.halg.base = {
3012 				.cra_name = "hmac(sha384)",
3013 				.cra_driver_name = "hmac-sha384-talitos",
3014 				.cra_blocksize = SHA384_BLOCK_SIZE,
3015 				.cra_flags = CRYPTO_ALG_ASYNC |
3016 					     CRYPTO_ALG_ALLOCATES_MEMORY,
3017 			}
3018 		},
3019 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
3020 				     DESC_HDR_SEL0_MDEUB |
3021 				     DESC_HDR_MODE0_MDEUB_SHA384,
3022 	},
3023 	{	.type = CRYPTO_ALG_TYPE_AHASH,
3024 		.alg.hash = {
3025 			.halg.digestsize = SHA512_DIGEST_SIZE,
3026 			.halg.statesize = sizeof(struct talitos_export_state),
3027 			.halg.base = {
3028 				.cra_name = "hmac(sha512)",
3029 				.cra_driver_name = "hmac-sha512-talitos",
3030 				.cra_blocksize = SHA512_BLOCK_SIZE,
3031 				.cra_flags = CRYPTO_ALG_ASYNC |
3032 					     CRYPTO_ALG_ALLOCATES_MEMORY,
3033 			}
3034 		},
3035 		.desc_hdr_template = DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
3036 				     DESC_HDR_SEL0_MDEUB |
3037 				     DESC_HDR_MODE0_MDEUB_SHA512,
3038 	}
3039 };
3040 
3041 struct talitos_crypto_alg {
3042 	struct list_head entry;
3043 	struct device *dev;
3044 	struct talitos_alg_template algt;
3045 };
3046 
talitos_init_common(struct talitos_ctx * ctx,struct talitos_crypto_alg * talitos_alg)3047 static int talitos_init_common(struct talitos_ctx *ctx,
3048 			       struct talitos_crypto_alg *talitos_alg)
3049 {
3050 	struct talitos_private *priv;
3051 
3052 	/* update context with ptr to dev */
3053 	ctx->dev = talitos_alg->dev;
3054 
3055 	/* assign SEC channel to tfm in round-robin fashion */
3056 	priv = dev_get_drvdata(ctx->dev);
3057 	ctx->ch = atomic_inc_return(&priv->last_chan) &
3058 		  (priv->num_channels - 1);
3059 
3060 	/* copy descriptor header template value */
3061 	ctx->desc_hdr_template = talitos_alg->algt.desc_hdr_template;
3062 
3063 	/* select done notification */
3064 	ctx->desc_hdr_template |= DESC_HDR_DONE_NOTIFY;
3065 
3066 	return 0;
3067 }
3068 
talitos_cra_init_aead(struct crypto_aead * tfm)3069 static int talitos_cra_init_aead(struct crypto_aead *tfm)
3070 {
3071 	struct aead_alg *alg = crypto_aead_alg(tfm);
3072 	struct talitos_crypto_alg *talitos_alg;
3073 	struct talitos_ctx *ctx = crypto_aead_ctx(tfm);
3074 
3075 	talitos_alg = container_of(alg, struct talitos_crypto_alg,
3076 				   algt.alg.aead);
3077 
3078 	return talitos_init_common(ctx, talitos_alg);
3079 }
3080 
talitos_cra_init_skcipher(struct crypto_skcipher * tfm)3081 static int talitos_cra_init_skcipher(struct crypto_skcipher *tfm)
3082 {
3083 	struct skcipher_alg *alg = crypto_skcipher_alg(tfm);
3084 	struct talitos_crypto_alg *talitos_alg;
3085 	struct talitos_ctx *ctx = crypto_skcipher_ctx(tfm);
3086 
3087 	talitos_alg = container_of(alg, struct talitos_crypto_alg,
3088 				   algt.alg.skcipher);
3089 
3090 	return talitos_init_common(ctx, talitos_alg);
3091 }
3092 
talitos_cra_init_ahash(struct crypto_tfm * tfm)3093 static int talitos_cra_init_ahash(struct crypto_tfm *tfm)
3094 {
3095 	struct crypto_alg *alg = tfm->__crt_alg;
3096 	struct talitos_crypto_alg *talitos_alg;
3097 	struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
3098 
3099 	talitos_alg = container_of(__crypto_ahash_alg(alg),
3100 				   struct talitos_crypto_alg,
3101 				   algt.alg.hash);
3102 
3103 	ctx->keylen = 0;
3104 	crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
3105 				 sizeof(struct talitos_ahash_req_ctx));
3106 
3107 	return talitos_init_common(ctx, talitos_alg);
3108 }
3109 
talitos_cra_exit(struct crypto_tfm * tfm)3110 static void talitos_cra_exit(struct crypto_tfm *tfm)
3111 {
3112 	struct talitos_ctx *ctx = crypto_tfm_ctx(tfm);
3113 	struct device *dev = ctx->dev;
3114 
3115 	if (ctx->keylen)
3116 		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
3117 }
3118 
3119 /*
3120  * given the alg's descriptor header template, determine whether descriptor
3121  * type and primary/secondary execution units required match the hw
3122  * capabilities description provided in the device tree node.
3123  */
hw_supports(struct device * dev,__be32 desc_hdr_template)3124 static int hw_supports(struct device *dev, __be32 desc_hdr_template)
3125 {
3126 	struct talitos_private *priv = dev_get_drvdata(dev);
3127 	int ret;
3128 
3129 	ret = (1 << DESC_TYPE(desc_hdr_template) & priv->desc_types) &&
3130 	      (1 << PRIMARY_EU(desc_hdr_template) & priv->exec_units);
3131 
3132 	if (SECONDARY_EU(desc_hdr_template))
3133 		ret = ret && (1 << SECONDARY_EU(desc_hdr_template)
3134 		              & priv->exec_units);
3135 
3136 	return ret;
3137 }
3138 
talitos_remove(struct platform_device * ofdev)3139 static int talitos_remove(struct platform_device *ofdev)
3140 {
3141 	struct device *dev = &ofdev->dev;
3142 	struct talitos_private *priv = dev_get_drvdata(dev);
3143 	struct talitos_crypto_alg *t_alg, *n;
3144 	int i;
3145 
3146 	list_for_each_entry_safe(t_alg, n, &priv->alg_list, entry) {
3147 		switch (t_alg->algt.type) {
3148 		case CRYPTO_ALG_TYPE_SKCIPHER:
3149 			crypto_unregister_skcipher(&t_alg->algt.alg.skcipher);
3150 			break;
3151 		case CRYPTO_ALG_TYPE_AEAD:
3152 			crypto_unregister_aead(&t_alg->algt.alg.aead);
3153 			break;
3154 		case CRYPTO_ALG_TYPE_AHASH:
3155 			crypto_unregister_ahash(&t_alg->algt.alg.hash);
3156 			break;
3157 		}
3158 		list_del(&t_alg->entry);
3159 	}
3160 
3161 	if (hw_supports(dev, DESC_HDR_SEL0_RNG))
3162 		talitos_unregister_rng(dev);
3163 
3164 	for (i = 0; i < 2; i++)
3165 		if (priv->irq[i]) {
3166 			free_irq(priv->irq[i], dev);
3167 			irq_dispose_mapping(priv->irq[i]);
3168 		}
3169 
3170 	tasklet_kill(&priv->done_task[0]);
3171 	if (priv->irq[1])
3172 		tasklet_kill(&priv->done_task[1]);
3173 
3174 	return 0;
3175 }
3176 
talitos_alg_alloc(struct device * dev,struct talitos_alg_template * template)3177 static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev,
3178 						    struct talitos_alg_template
3179 						           *template)
3180 {
3181 	struct talitos_private *priv = dev_get_drvdata(dev);
3182 	struct talitos_crypto_alg *t_alg;
3183 	struct crypto_alg *alg;
3184 
3185 	t_alg = devm_kzalloc(dev, sizeof(struct talitos_crypto_alg),
3186 			     GFP_KERNEL);
3187 	if (!t_alg)
3188 		return ERR_PTR(-ENOMEM);
3189 
3190 	t_alg->algt = *template;
3191 
3192 	switch (t_alg->algt.type) {
3193 	case CRYPTO_ALG_TYPE_SKCIPHER:
3194 		alg = &t_alg->algt.alg.skcipher.base;
3195 		alg->cra_exit = talitos_cra_exit;
3196 		t_alg->algt.alg.skcipher.init = talitos_cra_init_skcipher;
3197 		t_alg->algt.alg.skcipher.setkey =
3198 			t_alg->algt.alg.skcipher.setkey ?: skcipher_setkey;
3199 		t_alg->algt.alg.skcipher.encrypt = skcipher_encrypt;
3200 		t_alg->algt.alg.skcipher.decrypt = skcipher_decrypt;
3201 		if (!strcmp(alg->cra_name, "ctr(aes)") && !has_ftr_sec1(priv) &&
3202 		    DESC_TYPE(t_alg->algt.desc_hdr_template) !=
3203 		    DESC_TYPE(DESC_HDR_TYPE_AESU_CTR_NONSNOOP)) {
3204 			devm_kfree(dev, t_alg);
3205 			return ERR_PTR(-ENOTSUPP);
3206 		}
3207 		break;
3208 	case CRYPTO_ALG_TYPE_AEAD:
3209 		alg = &t_alg->algt.alg.aead.base;
3210 		alg->cra_exit = talitos_cra_exit;
3211 		t_alg->algt.alg.aead.init = talitos_cra_init_aead;
3212 		t_alg->algt.alg.aead.setkey = t_alg->algt.alg.aead.setkey ?:
3213 					      aead_setkey;
3214 		t_alg->algt.alg.aead.encrypt = aead_encrypt;
3215 		t_alg->algt.alg.aead.decrypt = aead_decrypt;
3216 		if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) &&
3217 		    !strncmp(alg->cra_name, "authenc(hmac(sha224)", 20)) {
3218 			devm_kfree(dev, t_alg);
3219 			return ERR_PTR(-ENOTSUPP);
3220 		}
3221 		break;
3222 	case CRYPTO_ALG_TYPE_AHASH:
3223 		alg = &t_alg->algt.alg.hash.halg.base;
3224 		alg->cra_init = talitos_cra_init_ahash;
3225 		alg->cra_exit = talitos_cra_exit;
3226 		t_alg->algt.alg.hash.init = ahash_init;
3227 		t_alg->algt.alg.hash.update = ahash_update;
3228 		t_alg->algt.alg.hash.final = ahash_final;
3229 		t_alg->algt.alg.hash.finup = ahash_finup;
3230 		t_alg->algt.alg.hash.digest = ahash_digest;
3231 		if (!strncmp(alg->cra_name, "hmac", 4))
3232 			t_alg->algt.alg.hash.setkey = ahash_setkey;
3233 		t_alg->algt.alg.hash.import = ahash_import;
3234 		t_alg->algt.alg.hash.export = ahash_export;
3235 
3236 		if (!(priv->features & TALITOS_FTR_HMAC_OK) &&
3237 		    !strncmp(alg->cra_name, "hmac", 4)) {
3238 			devm_kfree(dev, t_alg);
3239 			return ERR_PTR(-ENOTSUPP);
3240 		}
3241 		if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) &&
3242 		    (!strcmp(alg->cra_name, "sha224") ||
3243 		     !strcmp(alg->cra_name, "hmac(sha224)"))) {
3244 			t_alg->algt.alg.hash.init = ahash_init_sha224_swinit;
3245 			t_alg->algt.desc_hdr_template =
3246 					DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU |
3247 					DESC_HDR_SEL0_MDEUA |
3248 					DESC_HDR_MODE0_MDEU_SHA256;
3249 		}
3250 		break;
3251 	default:
3252 		dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type);
3253 		devm_kfree(dev, t_alg);
3254 		return ERR_PTR(-EINVAL);
3255 	}
3256 
3257 	alg->cra_module = THIS_MODULE;
3258 	if (t_alg->algt.priority)
3259 		alg->cra_priority = t_alg->algt.priority;
3260 	else
3261 		alg->cra_priority = TALITOS_CRA_PRIORITY;
3262 	if (has_ftr_sec1(priv))
3263 		alg->cra_alignmask = 3;
3264 	else
3265 		alg->cra_alignmask = 0;
3266 	alg->cra_ctxsize = sizeof(struct talitos_ctx);
3267 	alg->cra_flags |= CRYPTO_ALG_KERN_DRIVER_ONLY;
3268 
3269 	t_alg->dev = dev;
3270 
3271 	return t_alg;
3272 }
3273 
talitos_probe_irq(struct platform_device * ofdev)3274 static int talitos_probe_irq(struct platform_device *ofdev)
3275 {
3276 	struct device *dev = &ofdev->dev;
3277 	struct device_node *np = ofdev->dev.of_node;
3278 	struct talitos_private *priv = dev_get_drvdata(dev);
3279 	int err;
3280 	bool is_sec1 = has_ftr_sec1(priv);
3281 
3282 	priv->irq[0] = irq_of_parse_and_map(np, 0);
3283 	if (!priv->irq[0]) {
3284 		dev_err(dev, "failed to map irq\n");
3285 		return -EINVAL;
3286 	}
3287 	if (is_sec1) {
3288 		err = request_irq(priv->irq[0], talitos1_interrupt_4ch, 0,
3289 				  dev_driver_string(dev), dev);
3290 		goto primary_out;
3291 	}
3292 
3293 	priv->irq[1] = irq_of_parse_and_map(np, 1);
3294 
3295 	/* get the primary irq line */
3296 	if (!priv->irq[1]) {
3297 		err = request_irq(priv->irq[0], talitos2_interrupt_4ch, 0,
3298 				  dev_driver_string(dev), dev);
3299 		goto primary_out;
3300 	}
3301 
3302 	err = request_irq(priv->irq[0], talitos2_interrupt_ch0_2, 0,
3303 			  dev_driver_string(dev), dev);
3304 	if (err)
3305 		goto primary_out;
3306 
3307 	/* get the secondary irq line */
3308 	err = request_irq(priv->irq[1], talitos2_interrupt_ch1_3, 0,
3309 			  dev_driver_string(dev), dev);
3310 	if (err) {
3311 		dev_err(dev, "failed to request secondary irq\n");
3312 		irq_dispose_mapping(priv->irq[1]);
3313 		priv->irq[1] = 0;
3314 	}
3315 
3316 	return err;
3317 
3318 primary_out:
3319 	if (err) {
3320 		dev_err(dev, "failed to request primary irq\n");
3321 		irq_dispose_mapping(priv->irq[0]);
3322 		priv->irq[0] = 0;
3323 	}
3324 
3325 	return err;
3326 }
3327 
talitos_probe(struct platform_device * ofdev)3328 static int talitos_probe(struct platform_device *ofdev)
3329 {
3330 	struct device *dev = &ofdev->dev;
3331 	struct device_node *np = ofdev->dev.of_node;
3332 	struct talitos_private *priv;
3333 	int i, err;
3334 	int stride;
3335 	struct resource *res;
3336 
3337 	priv = devm_kzalloc(dev, sizeof(struct talitos_private), GFP_KERNEL);
3338 	if (!priv)
3339 		return -ENOMEM;
3340 
3341 	INIT_LIST_HEAD(&priv->alg_list);
3342 
3343 	dev_set_drvdata(dev, priv);
3344 
3345 	priv->ofdev = ofdev;
3346 
3347 	spin_lock_init(&priv->reg_lock);
3348 
3349 	res = platform_get_resource(ofdev, IORESOURCE_MEM, 0);
3350 	if (!res)
3351 		return -ENXIO;
3352 	priv->reg = devm_ioremap(dev, res->start, resource_size(res));
3353 	if (!priv->reg) {
3354 		dev_err(dev, "failed to of_iomap\n");
3355 		err = -ENOMEM;
3356 		goto err_out;
3357 	}
3358 
3359 	/* get SEC version capabilities from device tree */
3360 	of_property_read_u32(np, "fsl,num-channels", &priv->num_channels);
3361 	of_property_read_u32(np, "fsl,channel-fifo-len", &priv->chfifo_len);
3362 	of_property_read_u32(np, "fsl,exec-units-mask", &priv->exec_units);
3363 	of_property_read_u32(np, "fsl,descriptor-types-mask",
3364 			     &priv->desc_types);
3365 
3366 	if (!is_power_of_2(priv->num_channels) || !priv->chfifo_len ||
3367 	    !priv->exec_units || !priv->desc_types) {
3368 		dev_err(dev, "invalid property data in device tree node\n");
3369 		err = -EINVAL;
3370 		goto err_out;
3371 	}
3372 
3373 	if (of_device_is_compatible(np, "fsl,sec3.0"))
3374 		priv->features |= TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT;
3375 
3376 	if (of_device_is_compatible(np, "fsl,sec2.1"))
3377 		priv->features |= TALITOS_FTR_HW_AUTH_CHECK |
3378 				  TALITOS_FTR_SHA224_HWINIT |
3379 				  TALITOS_FTR_HMAC_OK;
3380 
3381 	if (of_device_is_compatible(np, "fsl,sec1.0"))
3382 		priv->features |= TALITOS_FTR_SEC1;
3383 
3384 	if (of_device_is_compatible(np, "fsl,sec1.2")) {
3385 		priv->reg_deu = priv->reg + TALITOS12_DEU;
3386 		priv->reg_aesu = priv->reg + TALITOS12_AESU;
3387 		priv->reg_mdeu = priv->reg + TALITOS12_MDEU;
3388 		stride = TALITOS1_CH_STRIDE;
3389 	} else if (of_device_is_compatible(np, "fsl,sec1.0")) {
3390 		priv->reg_deu = priv->reg + TALITOS10_DEU;
3391 		priv->reg_aesu = priv->reg + TALITOS10_AESU;
3392 		priv->reg_mdeu = priv->reg + TALITOS10_MDEU;
3393 		priv->reg_afeu = priv->reg + TALITOS10_AFEU;
3394 		priv->reg_rngu = priv->reg + TALITOS10_RNGU;
3395 		priv->reg_pkeu = priv->reg + TALITOS10_PKEU;
3396 		stride = TALITOS1_CH_STRIDE;
3397 	} else {
3398 		priv->reg_deu = priv->reg + TALITOS2_DEU;
3399 		priv->reg_aesu = priv->reg + TALITOS2_AESU;
3400 		priv->reg_mdeu = priv->reg + TALITOS2_MDEU;
3401 		priv->reg_afeu = priv->reg + TALITOS2_AFEU;
3402 		priv->reg_rngu = priv->reg + TALITOS2_RNGU;
3403 		priv->reg_pkeu = priv->reg + TALITOS2_PKEU;
3404 		priv->reg_keu = priv->reg + TALITOS2_KEU;
3405 		priv->reg_crcu = priv->reg + TALITOS2_CRCU;
3406 		stride = TALITOS2_CH_STRIDE;
3407 	}
3408 
3409 	err = talitos_probe_irq(ofdev);
3410 	if (err)
3411 		goto err_out;
3412 
3413 	if (has_ftr_sec1(priv)) {
3414 		if (priv->num_channels == 1)
3415 			tasklet_init(&priv->done_task[0], talitos1_done_ch0,
3416 				     (unsigned long)dev);
3417 		else
3418 			tasklet_init(&priv->done_task[0], talitos1_done_4ch,
3419 				     (unsigned long)dev);
3420 	} else {
3421 		if (priv->irq[1]) {
3422 			tasklet_init(&priv->done_task[0], talitos2_done_ch0_2,
3423 				     (unsigned long)dev);
3424 			tasklet_init(&priv->done_task[1], talitos2_done_ch1_3,
3425 				     (unsigned long)dev);
3426 		} else if (priv->num_channels == 1) {
3427 			tasklet_init(&priv->done_task[0], talitos2_done_ch0,
3428 				     (unsigned long)dev);
3429 		} else {
3430 			tasklet_init(&priv->done_task[0], talitos2_done_4ch,
3431 				     (unsigned long)dev);
3432 		}
3433 	}
3434 
3435 	priv->chan = devm_kcalloc(dev,
3436 				  priv->num_channels,
3437 				  sizeof(struct talitos_channel),
3438 				  GFP_KERNEL);
3439 	if (!priv->chan) {
3440 		dev_err(dev, "failed to allocate channel management space\n");
3441 		err = -ENOMEM;
3442 		goto err_out;
3443 	}
3444 
3445 	priv->fifo_len = roundup_pow_of_two(priv->chfifo_len);
3446 
3447 	for (i = 0; i < priv->num_channels; i++) {
3448 		priv->chan[i].reg = priv->reg + stride * (i + 1);
3449 		if (!priv->irq[1] || !(i & 1))
3450 			priv->chan[i].reg += TALITOS_CH_BASE_OFFSET;
3451 
3452 		spin_lock_init(&priv->chan[i].head_lock);
3453 		spin_lock_init(&priv->chan[i].tail_lock);
3454 
3455 		priv->chan[i].fifo = devm_kcalloc(dev,
3456 						priv->fifo_len,
3457 						sizeof(struct talitos_request),
3458 						GFP_KERNEL);
3459 		if (!priv->chan[i].fifo) {
3460 			dev_err(dev, "failed to allocate request fifo %d\n", i);
3461 			err = -ENOMEM;
3462 			goto err_out;
3463 		}
3464 
3465 		atomic_set(&priv->chan[i].submit_count,
3466 			   -(priv->chfifo_len - 1));
3467 	}
3468 
3469 	dma_set_mask(dev, DMA_BIT_MASK(36));
3470 
3471 	/* reset and initialize the h/w */
3472 	err = init_device(dev);
3473 	if (err) {
3474 		dev_err(dev, "failed to initialize device\n");
3475 		goto err_out;
3476 	}
3477 
3478 	/* register the RNG, if available */
3479 	if (hw_supports(dev, DESC_HDR_SEL0_RNG)) {
3480 		err = talitos_register_rng(dev);
3481 		if (err) {
3482 			dev_err(dev, "failed to register hwrng: %d\n", err);
3483 			goto err_out;
3484 		} else
3485 			dev_info(dev, "hwrng\n");
3486 	}
3487 
3488 	/* register crypto algorithms the device supports */
3489 	for (i = 0; i < ARRAY_SIZE(driver_algs); i++) {
3490 		if (hw_supports(dev, driver_algs[i].desc_hdr_template)) {
3491 			struct talitos_crypto_alg *t_alg;
3492 			struct crypto_alg *alg = NULL;
3493 
3494 			t_alg = talitos_alg_alloc(dev, &driver_algs[i]);
3495 			if (IS_ERR(t_alg)) {
3496 				err = PTR_ERR(t_alg);
3497 				if (err == -ENOTSUPP)
3498 					continue;
3499 				goto err_out;
3500 			}
3501 
3502 			switch (t_alg->algt.type) {
3503 			case CRYPTO_ALG_TYPE_SKCIPHER:
3504 				err = crypto_register_skcipher(
3505 						&t_alg->algt.alg.skcipher);
3506 				alg = &t_alg->algt.alg.skcipher.base;
3507 				break;
3508 
3509 			case CRYPTO_ALG_TYPE_AEAD:
3510 				err = crypto_register_aead(
3511 					&t_alg->algt.alg.aead);
3512 				alg = &t_alg->algt.alg.aead.base;
3513 				break;
3514 
3515 			case CRYPTO_ALG_TYPE_AHASH:
3516 				err = crypto_register_ahash(
3517 						&t_alg->algt.alg.hash);
3518 				alg = &t_alg->algt.alg.hash.halg.base;
3519 				break;
3520 			}
3521 			if (err) {
3522 				dev_err(dev, "%s alg registration failed\n",
3523 					alg->cra_driver_name);
3524 				devm_kfree(dev, t_alg);
3525 			} else
3526 				list_add_tail(&t_alg->entry, &priv->alg_list);
3527 		}
3528 	}
3529 	if (!list_empty(&priv->alg_list))
3530 		dev_info(dev, "%s algorithms registered in /proc/crypto\n",
3531 			 (char *)of_get_property(np, "compatible", NULL));
3532 
3533 	return 0;
3534 
3535 err_out:
3536 	talitos_remove(ofdev);
3537 
3538 	return err;
3539 }
3540 
3541 static const struct of_device_id talitos_match[] = {
3542 #ifdef CONFIG_CRYPTO_DEV_TALITOS1
3543 	{
3544 		.compatible = "fsl,sec1.0",
3545 	},
3546 #endif
3547 #ifdef CONFIG_CRYPTO_DEV_TALITOS2
3548 	{
3549 		.compatible = "fsl,sec2.0",
3550 	},
3551 #endif
3552 	{},
3553 };
3554 MODULE_DEVICE_TABLE(of, talitos_match);
3555 
3556 static struct platform_driver talitos_driver = {
3557 	.driver = {
3558 		.name = "talitos",
3559 		.of_match_table = talitos_match,
3560 	},
3561 	.probe = talitos_probe,
3562 	.remove = talitos_remove,
3563 };
3564 
3565 module_platform_driver(talitos_driver);
3566 
3567 MODULE_LICENSE("GPL");
3568 MODULE_AUTHOR("Kim Phillips <kim.phillips@freescale.com>");
3569 MODULE_DESCRIPTION("Freescale integrated security engine (SEC) driver");
3570