/*
* arch/ubicom32/crypto/aes_ubicom32.c
* Ubicom32 implementation of the AES Cipher Algorithm.
*
* (C) Copyright 2009, Ubicom, Inc.
*
* This file is part of the Ubicom32 Linux Kernel Port.
*
* The Ubicom32 Linux Kernel Port is free software: you can redistribute
* it and/or modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation, either version 2 of the
* License, or (at your option) any later version.
*
* The Ubicom32 Linux Kernel Port is distributed in the hope that it
* will be useful, but WITHOUT ANY WARRANTY; without even the implied
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
* the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with the Ubicom32 Linux Kernel Port. If not,
* see .
*
* Ubicom32 implementation derived from (with many thanks):
* arch/m68knommu
* arch/blackfin
* arch/parisc
*/
#include
#include
#include
#include
#include
#include
#include "crypto_ubicom32.h"
#include
struct ubicom32_aes_ctx {
u8 key[AES_MAX_KEY_SIZE];
u32 ctrl;
int key_len;
};
static inline void aes_hw_set_key(const u8 *key, u8 key_len)
{
/*
* switch case has more overhead than 4 move.4 instructions, so just copy 256 bits
*/
SEC_SET_KEY_256(key);
}
static inline void aes_hw_set_iv(const u8 *iv)
{
SEC_SET_IV_4W(iv);
}
static inline void aes_hw_cipher(u8 *out, const u8 *in)
{
SEC_SET_INPUT_4W(in);
asm volatile (
" ; start AES by writing 0x40(SECURITY_BASE) \n\t"
" move.4 0x40(%0), #0x01 \n\t"
" pipe_flush 0 \n\t"
" \n\t"
" ; wait for the module to calculate the output \n\t"
" btst 0x04(%0), #0 \n\t"
" jmpne.f .-4 \n\t"
:
: "a" (SEC_BASE)
: "cc"
);
SEC_GET_OUTPUT_4W(out);
}
static int __ocm_text aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
unsigned int key_len)
{
struct ubicom32_aes_ctx *uctx = crypto_tfm_ctx(tfm);
uctx->key_len = key_len;
memcpy(uctx->key, in_key, key_len);
/*
* leave out HASH_ALG (none = 0), CBC (no = 0), DIR (unknown) yet
*/
switch (uctx->key_len) {
case 16:
uctx->ctrl = SEC_KEY_128_BITS | SEC_ALG_AES;
break;
case 24:
uctx->ctrl = SEC_KEY_192_BITS | SEC_ALG_AES;
break;
case 32:
uctx->ctrl = SEC_KEY_256_BITS | SEC_ALG_AES;
break;
}
return 0;
}
static inline void aes_cipher(struct crypto_tfm *tfm, u8 *out, const u8 *in, u32 extra_flags)
{
const struct ubicom32_aes_ctx *uctx = crypto_tfm_ctx(tfm);
hw_crypto_lock();
hw_crypto_check();
hw_crypto_set_ctrl(uctx->ctrl | extra_flags);
aes_hw_set_key(uctx->key, uctx->key_len);
aes_hw_cipher(out, in);
hw_crypto_unlock();
}
static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
{
aes_cipher(tfm, out, in, SEC_DIR_ENCRYPT);
}
static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
{
aes_cipher(tfm, out, in, SEC_DIR_DECRYPT);
}
static struct crypto_alg aes_alg = {
.cra_name = "aes",
.cra_driver_name = "aes-ubicom32",
.cra_priority = CRYPTO_UBICOM32_PRIORITY,
.cra_flags = CRYPTO_ALG_TYPE_CIPHER,
.cra_blocksize = AES_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct ubicom32_aes_ctx),
.cra_alignmask = CRYPTO_UBICOM32_ALIGNMENT - 1,
.cra_module = THIS_MODULE,
.cra_list = LIST_HEAD_INIT(aes_alg.cra_list),
.cra_u = {
.cipher = {
.cia_min_keysize = AES_MIN_KEY_SIZE,
.cia_max_keysize = AES_MAX_KEY_SIZE,
.cia_setkey = aes_set_key,
.cia_encrypt = aes_encrypt,
.cia_decrypt = aes_decrypt,
}
}
};
static void __ocm_text ecb_aes_crypt_loop(u8 *out, u8 *in, unsigned int n)
{
while (likely(n)) {
aes_hw_cipher(out, in);
out += AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
n -= AES_BLOCK_SIZE;
}
}
static int __ocm_text ecb_aes_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
struct scatterlist *src, unsigned int nbytes, u32 extra_flags)
{
const struct ubicom32_aes_ctx *uctx = crypto_blkcipher_ctx(desc->tfm);
int ret;
struct blkcipher_walk walk;
blkcipher_walk_init(&walk, dst, src, nbytes);
ret = blkcipher_walk_virt(desc, &walk);
if (ret) {
return ret;
}
hw_crypto_lock();
hw_crypto_check();
hw_crypto_set_ctrl(uctx->ctrl | extra_flags);
aes_hw_set_key(uctx->key, uctx->key_len);
while (likely((nbytes = walk.nbytes))) {
/* only use complete blocks */
unsigned int n = nbytes & ~(AES_BLOCK_SIZE - 1);
u8 *out = walk.dst.virt.addr;
u8 *in = walk.src.virt.addr;
/* finish n/16 blocks */
ecb_aes_crypt_loop(out, in, n);
nbytes &= AES_BLOCK_SIZE - 1;
ret = blkcipher_walk_done(desc, &walk, nbytes);
}
hw_crypto_unlock();
return ret;
}
static int ecb_aes_encrypt(struct blkcipher_desc *desc,
struct scatterlist *dst, struct scatterlist *src,
unsigned int nbytes)
{
return ecb_aes_crypt(desc, dst, src, nbytes, SEC_DIR_ENCRYPT);
}
static int ecb_aes_decrypt(struct blkcipher_desc *desc,
struct scatterlist *dst, struct scatterlist *src,
unsigned int nbytes)
{
return ecb_aes_crypt(desc, dst, src, nbytes, SEC_DIR_DECRYPT);
}
static struct crypto_alg ecb_aes_alg = {
.cra_name = "ecb(aes)",
.cra_driver_name = "ecb-aes-ubicom32",
.cra_priority = CRYPTO_UBICOM32_COMPOSITE_PRIORITY,
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
.cra_blocksize = AES_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct ubicom32_aes_ctx),
.cra_alignmask = CRYPTO_UBICOM32_ALIGNMENT - 1,
.cra_type = &crypto_blkcipher_type,
.cra_module = THIS_MODULE,
.cra_list = LIST_HEAD_INIT(ecb_aes_alg.cra_list),
.cra_u = {
.blkcipher = {
.min_keysize = AES_MIN_KEY_SIZE,
.max_keysize = AES_MAX_KEY_SIZE,
.setkey = aes_set_key,
.encrypt = ecb_aes_encrypt,
.decrypt = ecb_aes_decrypt,
}
}
};
#if CRYPTO_UBICOM32_LOOP_ASM
void __ocm_text cbc_aes_encrypt_loop(u8 *out, u8 *in, u8 *iv, unsigned int n)
{
asm volatile (
"; set init. iv 4w \n\t"
" move.4 0x50(%0), 0x0(%3) \n\t"
" move.4 0x54(%0), 0x4(%3) \n\t"
" move.4 0x58(%0), 0x8(%3) \n\t"
" move.4 0x5c(%0), 0xc(%3) \n\t"
" \n\t"
"; we know n > 0, so we can always \n\t"
"; load the first block \n\t"
"; set input 4w \n\t"
" move.4 0x30(%0), 0x0(%2) \n\t"
" move.4 0x34(%0), 0x4(%2) \n\t"
" move.4 0x38(%0), 0x8(%2) \n\t"
" move.4 0x3c(%0), 0xc(%2) \n\t"
" \n\t"
"; kickoff hw \n\t"
" move.4 0x40(%0), %2 \n\t"
" \n\t"
"; update n & flush \n\t"
" add.4 %4, #-16, %4 \n\t"
" pipe_flush 0 \n\t"
" \n\t"
"; while (n): work on 2nd block \n\t"
" 1: lsl.4 d15, %4, #0x0 \n\t"
" jmpeq.f 5f \n\t"
" \n\t"
"; set input 4w (2nd) \n\t"
" move.4 0x30(%0), 0x10(%2) \n\t"
" move.4 0x34(%0), 0x14(%2) \n\t"
" move.4 0x38(%0), 0x18(%2) \n\t"
" move.4 0x3c(%0), 0x1c(%2) \n\t"
" \n\t"
"; update n/in asap while waiting \n\t"
" add.4 %4, #-16, %4 \n\t"
" move.4 d15, 16(%2)++ \n\t"
" \n\t"
"; wait for the previous output \n\t"
" btst 0x04(%0), #0 \n\t"
" jmpne.f -4 \n\t"
" \n\t"
"; read previous output \n\t"
" move.4 0x0(%1), 0x50(%0) \n\t"
" move.4 0x4(%1), 0x54(%0) \n\t"
" move.4 0x8(%1), 0x58(%0) \n\t"
" move.4 0xc(%1), 0x5c(%0) \n\t"
" \n\t"
"; kick off hw for 2nd input \n\t"
" move.4 0x40(%0), %2 \n\t"
" \n\t"
"; update out asap \n\t"
" move.4 d15, 16(%1)++ \n\t"
" \n\t"
"; go back to loop \n\t"
" jmpt 1b \n\t"
" \n\t"
"; wait for last output \n\t"
" 5: btst 0x04(%0), #0 \n\t"
" jmpne.f -4 \n\t"
" \n\t"
"; read last output \n\t"
" move.4 0x0(%1), 0x50(%0) \n\t"
" move.4 0x4(%1), 0x54(%0) \n\t"
" move.4 0x8(%1), 0x58(%0) \n\t"
" move.4 0xc(%1), 0x5c(%0) \n\t"
" \n\t"
"; copy out iv \n\t"
" move.4 0x0(%3), 0x50(%0) \n\t"
" move.4 0x4(%3), 0x54(%0) \n\t"
" move.4 0x8(%3), 0x58(%0) \n\t"
" move.4 0xc(%3), 0x5c(%0) \n\t"
" \n\t"
:
: "a" (SEC_BASE), "a" (out), "a" (in), "a" (iv), "d" (n)
: "d15", "cc"
);
}
#else
static void __ocm_text cbc_aes_encrypt_loop(u8 *out, u8 *in, u8 *iv, unsigned int n)
{
aes_hw_set_iv(iv);
while (likely(n)) {
aes_hw_cipher(out, in);
out += AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
n -= AES_BLOCK_SIZE;
}
SEC_COPY_4W(iv, out - AES_BLOCK_SIZE);
}
#endif
static void __ocm_text cbc_aes_decrypt_loop(u8 *out, u8 *in, u8 *iv, unsigned int n)
{
while (likely(n)) {
aes_hw_set_iv(iv);
SEC_COPY_4W(iv, in);
aes_hw_cipher(out, in);
out += AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
n -= AES_BLOCK_SIZE;
}
}
static int __ocm_text cbc_aes_crypt(struct blkcipher_desc *desc,
struct scatterlist *dst, struct scatterlist *src,
unsigned int nbytes, u32 extra_flags)
{
struct ubicom32_aes_ctx *uctx = crypto_blkcipher_ctx(desc->tfm);
int ret;
struct blkcipher_walk walk;
blkcipher_walk_init(&walk, dst, src, nbytes);
ret = blkcipher_walk_virt(desc, &walk);
if (unlikely(ret)) {
return ret;
}
hw_crypto_lock();
hw_crypto_check();
hw_crypto_set_ctrl(uctx->ctrl | extra_flags);
aes_hw_set_key(uctx->key, uctx->key_len);
while (likely((nbytes = walk.nbytes))) {
/* only use complete blocks */
unsigned int n = nbytes & ~(AES_BLOCK_SIZE - 1);
if (likely(n)) {
u8 *out = walk.dst.virt.addr;
u8 *in = walk.src.virt.addr;
if (extra_flags & SEC_DIR_ENCRYPT) {
cbc_aes_encrypt_loop(out, in, walk.iv, n);
} else {
cbc_aes_decrypt_loop(out, in, walk.iv, n);
}
}
nbytes &= AES_BLOCK_SIZE - 1;
ret = blkcipher_walk_done(desc, &walk, nbytes);
}
hw_crypto_unlock();
return ret;
}
static int __ocm_text cbc_aes_encrypt(struct blkcipher_desc *desc,
struct scatterlist *dst, struct scatterlist *src,
unsigned int nbytes)
{
return cbc_aes_crypt(desc, dst, src, nbytes, SEC_DIR_ENCRYPT | SEC_CBC_SET);
}
static int __ocm_text cbc_aes_decrypt(struct blkcipher_desc *desc,
struct scatterlist *dst, struct scatterlist *src,
unsigned int nbytes)
{
return cbc_aes_crypt(desc, dst, src, nbytes, SEC_DIR_DECRYPT | SEC_CBC_SET);
}
static struct crypto_alg cbc_aes_alg = {
.cra_name = "cbc(aes)",
.cra_driver_name = "cbc-aes-ubicom32",
.cra_priority = CRYPTO_UBICOM32_COMPOSITE_PRIORITY,
.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
.cra_blocksize = AES_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct ubicom32_aes_ctx),
.cra_alignmask = CRYPTO_UBICOM32_ALIGNMENT - 1,
.cra_type = &crypto_blkcipher_type,
.cra_module = THIS_MODULE,
.cra_list = LIST_HEAD_INIT(cbc_aes_alg.cra_list),
.cra_u = {
.blkcipher = {
.min_keysize = AES_MIN_KEY_SIZE,
.max_keysize = AES_MAX_KEY_SIZE,
.ivsize = AES_BLOCK_SIZE,
.setkey = aes_set_key,
.encrypt = cbc_aes_encrypt,
.decrypt = cbc_aes_decrypt,
}
}
};
static int __init aes_init(void)
{
int ret;
hw_crypto_init();
ret = crypto_register_alg(&aes_alg);
if (ret)
goto aes_err;
ret = crypto_register_alg(&ecb_aes_alg);
if (ret)
goto ecb_aes_err;
ret = crypto_register_alg(&cbc_aes_alg);
if (ret)
goto cbc_aes_err;
out:
return ret;
cbc_aes_err:
crypto_unregister_alg(&ecb_aes_alg);
ecb_aes_err:
crypto_unregister_alg(&aes_alg);
aes_err:
goto out;
}
static void __exit aes_fini(void)
{
crypto_unregister_alg(&cbc_aes_alg);
crypto_unregister_alg(&ecb_aes_alg);
crypto_unregister_alg(&aes_alg);
}
module_init(aes_init);
module_exit(aes_fini);
MODULE_ALIAS("aes");
MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm");
MODULE_LICENSE("GPL");