Commit 88574332 authored by Mike Healy's avatar Mike Healy Committed by Herbert Xu

crypto: keembay - Add support for Keem Bay OCS AES/SM4

Add support for the AES/SM4 crypto engine included in the Offload and
Crypto Subsystem (OCS) of the Intel Keem Bay SoC, thus enabling
hardware-acceleration for the following transformations:

- ecb(aes), cbc(aes), ctr(aes), cts(cbc(aes)), gcm(aes) and cbc(aes);
  supported for 128-bit and 256-bit keys.

- ecb(sm4), cbc(sm4), ctr(sm4), cts(cbc(sm4)), gcm(sm4) and cbc(sm4);
  supported for 128-bit keys.

The driver passes crypto manager self-tests, including the extra tests
(CRYPTO_MANAGER_EXTRA_TESTS=y).
Signed-off-by: default avatarMike Healy <mikex.healy@intel.com>
Co-developed-by: default avatarDaniele Alessandrelli <daniele.alessandrelli@intel.com>
Signed-off-by: default avatarDaniele Alessandrelli <daniele.alessandrelli@intel.com>
Acked-by: default avatarMark Gross <mgross@linux.intel.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent c7e34aa3
......@@ -8958,6 +8958,16 @@ M: Deepak Saxena <dsaxena@plexity.net>
S: Maintained
F: drivers/char/hw_random/ixp4xx-rng.c
INTEL KEEM BAY OCS AES/SM4 CRYPTO DRIVER
M: Daniele Alessandrelli <daniele.alessandrelli@intel.com>
S: Maintained
F: Documentation/devicetree/bindings/crypto/intel,keembay-ocs-aes.yaml
F: drivers/crypto/keembay/Kconfig
F: drivers/crypto/keembay/Makefile
F: drivers/crypto/keembay/keembay-ocs-aes-core.c
F: drivers/crypto/keembay/ocs-aes.c
F: drivers/crypto/keembay/ocs-aes.h
INTEL MANAGEMENT ENGINE (mei)
M: Tomas Winkler <tomas.winkler@intel.com>
L: linux-kernel@vger.kernel.org
......
......@@ -900,4 +900,6 @@ config CRYPTO_DEV_SA2UL
used for crypto offload. Select this if you want to use hardware
acceleration for cryptographic algorithms on these devices.
source "drivers/crypto/keembay/Kconfig"
endif # CRYPTO_HW
......@@ -51,3 +51,4 @@ obj-$(CONFIG_CRYPTO_DEV_ARTPEC6) += axis/
obj-$(CONFIG_CRYPTO_DEV_ZYNQMP_AES) += xilinx/
obj-y += hisilicon/
obj-$(CONFIG_CRYPTO_DEV_AMLOGIC_GXL) += amlogic/
obj-y += keembay/
config CRYPTO_DEV_KEEMBAY_OCS_AES_SM4
tristate "Support for Intel Keem Bay OCS AES/SM4 HW acceleration"
depends on OF || COMPILE_TEST
select CRYPTO_SKCIPHER
select CRYPTO_AEAD
select CRYPTO_ENGINE
help
Support for Intel Keem Bay Offload and Crypto Subsystem (OCS) AES and
SM4 cihper hardware acceleration for use with Crypto API.
Provides HW acceleration for the following transformations:
cbc(aes), ctr(aes), ccm(aes), gcm(aes), cbc(sm4), ctr(sm4), ccm(sm4)
and gcm(sm4).
Optionally, support for the following transformations can also be
enabled: ecb(aes), cts(cbc(aes)), ecb(sm4) and cts(cbc(sm4)).
config CRYPTO_DEV_KEEMBAY_OCS_AES_SM4_ECB
bool "Support for Intel Keem Bay OCS AES/SM4 ECB HW acceleration"
depends on CRYPTO_DEV_KEEMBAY_OCS_AES_SM4
help
Support for Intel Keem Bay Offload and Crypto Subsystem (OCS)
AES/SM4 ECB mode hardware acceleration for use with Crypto API.
Provides OCS version of ecb(aes) and ecb(sm4)
Intel does not recommend use of ECB mode with AES/SM4.
config CRYPTO_DEV_KEEMBAY_OCS_AES_SM4_CTS
bool "Support for Intel Keem Bay OCS AES/SM4 CTS HW acceleration"
depends on CRYPTO_DEV_KEEMBAY_OCS_AES_SM4
help
Support for Intel Keem Bay Offload and Crypto Subsystem (OCS)
AES/SM4 CBC with CTS mode hardware acceleration for use with
Crypto API.
Provides OCS version of cts(cbc(aes)) and cts(cbc(sm4)).
Intel does not recommend use of CTS mode with AES/SM4.
#
# Makefile for Intel Keem Bay OCS Crypto API Linux drivers
#
obj-$(CONFIG_CRYPTO_DEV_KEEMBAY_OCS_AES_SM4) += keembay-ocs-aes.o
keembay-ocs-aes-objs := keembay-ocs-aes-core.o ocs-aes.o
This diff is collapsed.
This diff is collapsed.
/* SPDX-License-Identifier: GPL-2.0-only */
/*
* Intel Keem Bay OCS AES Crypto Driver.
*
* Copyright (C) 2018-2020 Intel Corporation
*/
#ifndef _CRYPTO_OCS_AES_H
#define _CRYPTO_OCS_AES_H
#include <linux/dma-mapping.h>
enum ocs_cipher {
OCS_AES = 0,
OCS_SM4 = 1,
};
enum ocs_mode {
OCS_MODE_ECB = 0,
OCS_MODE_CBC = 1,
OCS_MODE_CTR = 2,
OCS_MODE_CCM = 6,
OCS_MODE_GCM = 7,
OCS_MODE_CTS = 9,
};
enum ocs_instruction {
OCS_ENCRYPT = 0,
OCS_DECRYPT = 1,
OCS_EXPAND = 2,
OCS_BYPASS = 3,
};
/**
* struct ocs_aes_dev - AES device context.
* @list: List head for insertion into device list hold
* by driver.
* @dev: OCS AES device.
* @irq: IRQ number.
* @base_reg: IO base address of OCS AES.
* @irq_copy_completion: Completion to indicate IRQ has been triggered.
* @dma_err_mask: Error reported by OCS DMA interrupts.
* @engine: Crypto engine for the device.
*/
struct ocs_aes_dev {
struct list_head list;
struct device *dev;
int irq;
void __iomem *base_reg;
struct completion irq_completion;
u32 dma_err_mask;
struct crypto_engine *engine;
};
/**
* struct ocs_dll_desc - Descriptor of an OCS DMA Linked List.
* @vaddr: Virtual address of the linked list head.
* @dma_addr: DMA address of the linked list head.
* @size: Size (in bytes) of the linked list.
*/
struct ocs_dll_desc {
void *vaddr;
dma_addr_t dma_addr;
size_t size;
};
int ocs_aes_set_key(struct ocs_aes_dev *aes_dev, const u32 key_size,
const u8 *key, const enum ocs_cipher cipher);
int ocs_aes_op(struct ocs_aes_dev *aes_dev,
enum ocs_mode mode,
enum ocs_cipher cipher,
enum ocs_instruction instruction,
dma_addr_t dst_dma_list,
dma_addr_t src_dma_list,
u32 src_size,
u8 *iv,
u32 iv_size);
/**
* ocs_aes_bypass_op() - Use OCS DMA to copy data.
* @aes_dev: The OCS AES device to use.
* @dst_dma_list: The OCS DMA list mapping the memory where input data
* will be copied to.
* @src_dma_list: The OCS DMA list mapping input data.
* @src_size: The amount of data to copy.
*/
static inline int ocs_aes_bypass_op(struct ocs_aes_dev *aes_dev,
dma_addr_t dst_dma_list,
dma_addr_t src_dma_list, u32 src_size)
{
return ocs_aes_op(aes_dev, OCS_MODE_ECB, OCS_AES, OCS_BYPASS,
dst_dma_list, src_dma_list, src_size, NULL, 0);
}
int ocs_aes_gcm_op(struct ocs_aes_dev *aes_dev,
enum ocs_cipher cipher,
enum ocs_instruction instruction,
dma_addr_t dst_dma_list,
dma_addr_t src_dma_list,
u32 src_size,
const u8 *iv,
dma_addr_t aad_dma_list,
u32 aad_size,
u8 *out_tag,
u32 tag_size);
int ocs_aes_ccm_op(struct ocs_aes_dev *aes_dev,
enum ocs_cipher cipher,
enum ocs_instruction instruction,
dma_addr_t dst_dma_list,
dma_addr_t src_dma_list,
u32 src_size,
u8 *iv,
dma_addr_t adata_dma_list,
u32 adata_size,
u8 *in_tag,
u32 tag_size);
int ocs_create_linked_list_from_sg(const struct ocs_aes_dev *aes_dev,
struct scatterlist *sg,
int sg_dma_count,
struct ocs_dll_desc *dll_desc,
size_t data_size,
size_t data_offset);
irqreturn_t ocs_aes_irq_handler(int irq, void *dev_id);
#endif
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment