Commit 88574332 authored by Mike Healy's avatar Mike Healy Committed by Herbert Xu

crypto: keembay - Add support for Keem Bay OCS AES/SM4

Add support for the AES/SM4 crypto engine included in the Offload and
Crypto Subsystem (OCS) of the Intel Keem Bay SoC, thus enabling
hardware-acceleration for the following transformations:

- ecb(aes), cbc(aes), ctr(aes), cts(cbc(aes)), gcm(aes) and cbc(aes);
  supported for 128-bit and 256-bit keys.

- ecb(sm4), cbc(sm4), ctr(sm4), cts(cbc(sm4)), gcm(sm4) and cbc(sm4);
  supported for 128-bit keys.

The driver passes crypto manager self-tests, including the extra tests
(CRYPTO_MANAGER_EXTRA_TESTS=y).
Signed-off-by: default avatarMike Healy <mikex.healy@intel.com>
Co-developed-by: default avatarDaniele Alessandrelli <daniele.alessandrelli@intel.com>
Signed-off-by: default avatarDaniele Alessandrelli <daniele.alessandrelli@intel.com>
Acked-by: default avatarMark Gross <mgross@linux.intel.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent c7e34aa3
...@@ -8958,6 +8958,16 @@ M: Deepak Saxena <dsaxena@plexity.net> ...@@ -8958,6 +8958,16 @@ M: Deepak Saxena <dsaxena@plexity.net>
S: Maintained S: Maintained
F: drivers/char/hw_random/ixp4xx-rng.c F: drivers/char/hw_random/ixp4xx-rng.c
INTEL KEEM BAY OCS AES/SM4 CRYPTO DRIVER
M: Daniele Alessandrelli <daniele.alessandrelli@intel.com>
S: Maintained
F: Documentation/devicetree/bindings/crypto/intel,keembay-ocs-aes.yaml
F: drivers/crypto/keembay/Kconfig
F: drivers/crypto/keembay/Makefile
F: drivers/crypto/keembay/keembay-ocs-aes-core.c
F: drivers/crypto/keembay/ocs-aes.c
F: drivers/crypto/keembay/ocs-aes.h
INTEL MANAGEMENT ENGINE (mei) INTEL MANAGEMENT ENGINE (mei)
M: Tomas Winkler <tomas.winkler@intel.com> M: Tomas Winkler <tomas.winkler@intel.com>
L: linux-kernel@vger.kernel.org L: linux-kernel@vger.kernel.org
......
...@@ -900,4 +900,6 @@ config CRYPTO_DEV_SA2UL ...@@ -900,4 +900,6 @@ config CRYPTO_DEV_SA2UL
used for crypto offload. Select this if you want to use hardware used for crypto offload. Select this if you want to use hardware
acceleration for cryptographic algorithms on these devices. acceleration for cryptographic algorithms on these devices.
source "drivers/crypto/keembay/Kconfig"
endif # CRYPTO_HW endif # CRYPTO_HW
...@@ -51,3 +51,4 @@ obj-$(CONFIG_CRYPTO_DEV_ARTPEC6) += axis/ ...@@ -51,3 +51,4 @@ obj-$(CONFIG_CRYPTO_DEV_ARTPEC6) += axis/
obj-$(CONFIG_CRYPTO_DEV_ZYNQMP_AES) += xilinx/ obj-$(CONFIG_CRYPTO_DEV_ZYNQMP_AES) += xilinx/
obj-y += hisilicon/ obj-y += hisilicon/
obj-$(CONFIG_CRYPTO_DEV_AMLOGIC_GXL) += amlogic/ obj-$(CONFIG_CRYPTO_DEV_AMLOGIC_GXL) += amlogic/
obj-y += keembay/
config CRYPTO_DEV_KEEMBAY_OCS_AES_SM4
tristate "Support for Intel Keem Bay OCS AES/SM4 HW acceleration"
depends on OF || COMPILE_TEST
select CRYPTO_SKCIPHER
select CRYPTO_AEAD
select CRYPTO_ENGINE
help
Support for Intel Keem Bay Offload and Crypto Subsystem (OCS) AES and
SM4 cihper hardware acceleration for use with Crypto API.
Provides HW acceleration for the following transformations:
cbc(aes), ctr(aes), ccm(aes), gcm(aes), cbc(sm4), ctr(sm4), ccm(sm4)
and gcm(sm4).
Optionally, support for the following transformations can also be
enabled: ecb(aes), cts(cbc(aes)), ecb(sm4) and cts(cbc(sm4)).
config CRYPTO_DEV_KEEMBAY_OCS_AES_SM4_ECB
bool "Support for Intel Keem Bay OCS AES/SM4 ECB HW acceleration"
depends on CRYPTO_DEV_KEEMBAY_OCS_AES_SM4
help
Support for Intel Keem Bay Offload and Crypto Subsystem (OCS)
AES/SM4 ECB mode hardware acceleration for use with Crypto API.
Provides OCS version of ecb(aes) and ecb(sm4)
Intel does not recommend use of ECB mode with AES/SM4.
config CRYPTO_DEV_KEEMBAY_OCS_AES_SM4_CTS
bool "Support for Intel Keem Bay OCS AES/SM4 CTS HW acceleration"
depends on CRYPTO_DEV_KEEMBAY_OCS_AES_SM4
help
Support for Intel Keem Bay Offload and Crypto Subsystem (OCS)
AES/SM4 CBC with CTS mode hardware acceleration for use with
Crypto API.
Provides OCS version of cts(cbc(aes)) and cts(cbc(sm4)).
Intel does not recommend use of CTS mode with AES/SM4.
#
# Makefile for Intel Keem Bay OCS Crypto API Linux drivers
#
obj-$(CONFIG_CRYPTO_DEV_KEEMBAY_OCS_AES_SM4) += keembay-ocs-aes.o
keembay-ocs-aes-objs := keembay-ocs-aes-core.o ocs-aes.o
This diff is collapsed.
This diff is collapsed.
/* SPDX-License-Identifier: GPL-2.0-only */
/*
* Intel Keem Bay OCS AES Crypto Driver.
*
* Copyright (C) 2018-2020 Intel Corporation
*/
#ifndef _CRYPTO_OCS_AES_H
#define _CRYPTO_OCS_AES_H
#include <linux/dma-mapping.h>
enum ocs_cipher {
OCS_AES = 0,
OCS_SM4 = 1,
};
enum ocs_mode {
OCS_MODE_ECB = 0,
OCS_MODE_CBC = 1,
OCS_MODE_CTR = 2,
OCS_MODE_CCM = 6,
OCS_MODE_GCM = 7,
OCS_MODE_CTS = 9,
};
enum ocs_instruction {
OCS_ENCRYPT = 0,
OCS_DECRYPT = 1,
OCS_EXPAND = 2,
OCS_BYPASS = 3,
};
/**
* struct ocs_aes_dev - AES device context.
* @list: List head for insertion into device list hold
* by driver.
* @dev: OCS AES device.
* @irq: IRQ number.
* @base_reg: IO base address of OCS AES.
* @irq_copy_completion: Completion to indicate IRQ has been triggered.
* @dma_err_mask: Error reported by OCS DMA interrupts.
* @engine: Crypto engine for the device.
*/
struct ocs_aes_dev {
struct list_head list;
struct device *dev;
int irq;
void __iomem *base_reg;
struct completion irq_completion;
u32 dma_err_mask;
struct crypto_engine *engine;
};
/**
* struct ocs_dll_desc - Descriptor of an OCS DMA Linked List.
* @vaddr: Virtual address of the linked list head.
* @dma_addr: DMA address of the linked list head.
* @size: Size (in bytes) of the linked list.
*/
struct ocs_dll_desc {
void *vaddr;
dma_addr_t dma_addr;
size_t size;
};
int ocs_aes_set_key(struct ocs_aes_dev *aes_dev, const u32 key_size,
const u8 *key, const enum ocs_cipher cipher);
int ocs_aes_op(struct ocs_aes_dev *aes_dev,
enum ocs_mode mode,
enum ocs_cipher cipher,
enum ocs_instruction instruction,
dma_addr_t dst_dma_list,
dma_addr_t src_dma_list,
u32 src_size,
u8 *iv,
u32 iv_size);
/**
* ocs_aes_bypass_op() - Use OCS DMA to copy data.
* @aes_dev: The OCS AES device to use.
* @dst_dma_list: The OCS DMA list mapping the memory where input data
* will be copied to.
* @src_dma_list: The OCS DMA list mapping input data.
* @src_size: The amount of data to copy.
*/
static inline int ocs_aes_bypass_op(struct ocs_aes_dev *aes_dev,
dma_addr_t dst_dma_list,
dma_addr_t src_dma_list, u32 src_size)
{
return ocs_aes_op(aes_dev, OCS_MODE_ECB, OCS_AES, OCS_BYPASS,
dst_dma_list, src_dma_list, src_size, NULL, 0);
}
int ocs_aes_gcm_op(struct ocs_aes_dev *aes_dev,
enum ocs_cipher cipher,
enum ocs_instruction instruction,
dma_addr_t dst_dma_list,
dma_addr_t src_dma_list,
u32 src_size,
const u8 *iv,
dma_addr_t aad_dma_list,
u32 aad_size,
u8 *out_tag,
u32 tag_size);
int ocs_aes_ccm_op(struct ocs_aes_dev *aes_dev,
enum ocs_cipher cipher,
enum ocs_instruction instruction,
dma_addr_t dst_dma_list,
dma_addr_t src_dma_list,
u32 src_size,
u8 *iv,
dma_addr_t adata_dma_list,
u32 adata_size,
u8 *in_tag,
u32 tag_size);
int ocs_create_linked_list_from_sg(const struct ocs_aes_dev *aes_dev,
struct scatterlist *sg,
int sg_dma_count,
struct ocs_dll_desc *dll_desc,
size_t data_size,
size_t data_offset);
irqreturn_t ocs_aes_irq_handler(int irq, void *dev_id);
#endif
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment