1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Glue code for AES encryption optimized for sparc64 crypto opcodes.
4 * This is based largely upon arch/x86/crypto/aesni-intel_glue.c
6 * Copyright (C) 2008, Intel Corp.
7 * Author: Huang Ying <ying.huang@intel.com>
9 * Added RFC4106 AES-GCM support for 128-bit keys under the AEAD
10 * interface for 64-bit kernels.
11 * Authors: Adrian Hoban <adrian.hoban@intel.com>
12 * Gabriele Paoloni <gabriele.paoloni@intel.com>
13 * Tadeusz Struk (tadeusz.struk@intel.com)
14 * Aidan O'Mahony (aidan.o.mahony@intel.com)
15 * Copyright (c) 2010, Intel Corporation.
18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
20 #include <linux/crypto.h>
21 #include <linux/init.h>
22 #include <linux/module.h>
24 #include <linux/types.h>
25 #include <crypto/algapi.h>
26 #include <crypto/aes.h>
28 #include <asm/fpumacro.h>
29 #include <asm/pstate.h>
35 void (*encrypt)(const u64 *key, const u32 *input, u32 *output);
36 void (*decrypt)(const u64 *key, const u32 *input, u32 *output);
37 void (*load_encrypt_keys)(const u64 *key);
38 void (*load_decrypt_keys)(const u64 *key);
39 void (*ecb_encrypt)(const u64 *key, const u64 *input, u64 *output,
41 void (*ecb_decrypt)(const u64 *key, const u64 *input, u64 *output,
43 void (*cbc_encrypt)(const u64 *key, const u64 *input, u64 *output,
44 unsigned int len, u64 *iv);
45 void (*cbc_decrypt)(const u64 *key, const u64 *input, u64 *output,
46 unsigned int len, u64 *iv);
47 void (*ctr_crypt)(const u64 *key, const u64 *input, u64 *output,
48 unsigned int len, u64 *iv);
51 struct crypto_sparc64_aes_ctx {
53 u64 key[AES_MAX_KEYLENGTH / sizeof(u64)];
55 u32 expanded_key_length;
58 extern void aes_sparc64_encrypt_128(const u64 *key, const u32 *input,
60 extern void aes_sparc64_encrypt_192(const u64 *key, const u32 *input,
62 extern void aes_sparc64_encrypt_256(const u64 *key, const u32 *input,
65 extern void aes_sparc64_decrypt_128(const u64 *key, const u32 *input,
67 extern void aes_sparc64_decrypt_192(const u64 *key, const u32 *input,
69 extern void aes_sparc64_decrypt_256(const u64 *key, const u32 *input,
72 extern void aes_sparc64_load_encrypt_keys_128(const u64 *key);
73 extern void aes_sparc64_load_encrypt_keys_192(const u64 *key);
74 extern void aes_sparc64_load_encrypt_keys_256(const u64 *key);
76 extern void aes_sparc64_load_decrypt_keys_128(const u64 *key);
77 extern void aes_sparc64_load_decrypt_keys_192(const u64 *key);
78 extern void aes_sparc64_load_decrypt_keys_256(const u64 *key);
80 extern void aes_sparc64_ecb_encrypt_128(const u64 *key, const u64 *input,
81 u64 *output, unsigned int len);
82 extern void aes_sparc64_ecb_encrypt_192(const u64 *key, const u64 *input,
83 u64 *output, unsigned int len);
84 extern void aes_sparc64_ecb_encrypt_256(const u64 *key, const u64 *input,
85 u64 *output, unsigned int len);
87 extern void aes_sparc64_ecb_decrypt_128(const u64 *key, const u64 *input,
88 u64 *output, unsigned int len);
89 extern void aes_sparc64_ecb_decrypt_192(const u64 *key, const u64 *input,
90 u64 *output, unsigned int len);
91 extern void aes_sparc64_ecb_decrypt_256(const u64 *key, const u64 *input,
92 u64 *output, unsigned int len);
94 extern void aes_sparc64_cbc_encrypt_128(const u64 *key, const u64 *input,
95 u64 *output, unsigned int len,
98 extern void aes_sparc64_cbc_encrypt_192(const u64 *key, const u64 *input,
99 u64 *output, unsigned int len,
102 extern void aes_sparc64_cbc_encrypt_256(const u64 *key, const u64 *input,
103 u64 *output, unsigned int len,
106 extern void aes_sparc64_cbc_decrypt_128(const u64 *key, const u64 *input,
107 u64 *output, unsigned int len,
110 extern void aes_sparc64_cbc_decrypt_192(const u64 *key, const u64 *input,
111 u64 *output, unsigned int len,
114 extern void aes_sparc64_cbc_decrypt_256(const u64 *key, const u64 *input,
115 u64 *output, unsigned int len,
118 extern void aes_sparc64_ctr_crypt_128(const u64 *key, const u64 *input,
119 u64 *output, unsigned int len,
121 extern void aes_sparc64_ctr_crypt_192(const u64 *key, const u64 *input,
122 u64 *output, unsigned int len,
124 extern void aes_sparc64_ctr_crypt_256(const u64 *key, const u64 *input,
125 u64 *output, unsigned int len,
128 static struct aes_ops aes128_ops = {
129 .encrypt = aes_sparc64_encrypt_128,
130 .decrypt = aes_sparc64_decrypt_128,
131 .load_encrypt_keys = aes_sparc64_load_encrypt_keys_128,
132 .load_decrypt_keys = aes_sparc64_load_decrypt_keys_128,
133 .ecb_encrypt = aes_sparc64_ecb_encrypt_128,
134 .ecb_decrypt = aes_sparc64_ecb_decrypt_128,
135 .cbc_encrypt = aes_sparc64_cbc_encrypt_128,
136 .cbc_decrypt = aes_sparc64_cbc_decrypt_128,
137 .ctr_crypt = aes_sparc64_ctr_crypt_128,
140 static struct aes_ops aes192_ops = {
141 .encrypt = aes_sparc64_encrypt_192,
142 .decrypt = aes_sparc64_decrypt_192,
143 .load_encrypt_keys = aes_sparc64_load_encrypt_keys_192,
144 .load_decrypt_keys = aes_sparc64_load_decrypt_keys_192,
145 .ecb_encrypt = aes_sparc64_ecb_encrypt_192,
146 .ecb_decrypt = aes_sparc64_ecb_decrypt_192,
147 .cbc_encrypt = aes_sparc64_cbc_encrypt_192,
148 .cbc_decrypt = aes_sparc64_cbc_decrypt_192,
149 .ctr_crypt = aes_sparc64_ctr_crypt_192,
152 static struct aes_ops aes256_ops = {
153 .encrypt = aes_sparc64_encrypt_256,
154 .decrypt = aes_sparc64_decrypt_256,
155 .load_encrypt_keys = aes_sparc64_load_encrypt_keys_256,
156 .load_decrypt_keys = aes_sparc64_load_decrypt_keys_256,
157 .ecb_encrypt = aes_sparc64_ecb_encrypt_256,
158 .ecb_decrypt = aes_sparc64_ecb_decrypt_256,
159 .cbc_encrypt = aes_sparc64_cbc_encrypt_256,
160 .cbc_decrypt = aes_sparc64_cbc_decrypt_256,
161 .ctr_crypt = aes_sparc64_ctr_crypt_256,
164 extern void aes_sparc64_key_expand(const u32 *in_key, u64 *output_key,
165 unsigned int key_len);
167 static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
168 unsigned int key_len)
170 struct crypto_sparc64_aes_ctx *ctx = crypto_tfm_ctx(tfm);
171 u32 *flags = &tfm->crt_flags;
174 case AES_KEYSIZE_128:
175 ctx->expanded_key_length = 0xb0;
176 ctx->ops = &aes128_ops;
179 case AES_KEYSIZE_192:
180 ctx->expanded_key_length = 0xd0;
181 ctx->ops = &aes192_ops;
184 case AES_KEYSIZE_256:
185 ctx->expanded_key_length = 0xf0;
186 ctx->ops = &aes256_ops;
190 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
194 aes_sparc64_key_expand((const u32 *)in_key, &ctx->key[0], key_len);
195 ctx->key_length = key_len;
200 static void aes_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
202 struct crypto_sparc64_aes_ctx *ctx = crypto_tfm_ctx(tfm);
204 ctx->ops->encrypt(&ctx->key[0], (const u32 *) src, (u32 *) dst);
207 static void aes_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
209 struct crypto_sparc64_aes_ctx *ctx = crypto_tfm_ctx(tfm);
211 ctx->ops->decrypt(&ctx->key[0], (const u32 *) src, (u32 *) dst);
214 #define AES_BLOCK_MASK (~(AES_BLOCK_SIZE-1))
216 static int ecb_encrypt(struct blkcipher_desc *desc,
217 struct scatterlist *dst, struct scatterlist *src,
220 struct crypto_sparc64_aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
221 struct blkcipher_walk walk;
224 blkcipher_walk_init(&walk, dst, src, nbytes);
225 err = blkcipher_walk_virt(desc, &walk);
226 desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
228 ctx->ops->load_encrypt_keys(&ctx->key[0]);
229 while ((nbytes = walk.nbytes)) {
230 unsigned int block_len = nbytes & AES_BLOCK_MASK;
232 if (likely(block_len)) {
233 ctx->ops->ecb_encrypt(&ctx->key[0],
234 (const u64 *)walk.src.virt.addr,
235 (u64 *) walk.dst.virt.addr,
238 nbytes &= AES_BLOCK_SIZE - 1;
239 err = blkcipher_walk_done(desc, &walk, nbytes);
245 static int ecb_decrypt(struct blkcipher_desc *desc,
246 struct scatterlist *dst, struct scatterlist *src,
249 struct crypto_sparc64_aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
250 struct blkcipher_walk walk;
254 blkcipher_walk_init(&walk, dst, src, nbytes);
255 err = blkcipher_walk_virt(desc, &walk);
256 desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
258 ctx->ops->load_decrypt_keys(&ctx->key[0]);
259 key_end = &ctx->key[ctx->expanded_key_length / sizeof(u64)];
260 while ((nbytes = walk.nbytes)) {
261 unsigned int block_len = nbytes & AES_BLOCK_MASK;
263 if (likely(block_len)) {
264 ctx->ops->ecb_decrypt(key_end,
265 (const u64 *) walk.src.virt.addr,
266 (u64 *) walk.dst.virt.addr, block_len);
268 nbytes &= AES_BLOCK_SIZE - 1;
269 err = blkcipher_walk_done(desc, &walk, nbytes);
276 static int cbc_encrypt(struct blkcipher_desc *desc,
277 struct scatterlist *dst, struct scatterlist *src,
280 struct crypto_sparc64_aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
281 struct blkcipher_walk walk;
284 blkcipher_walk_init(&walk, dst, src, nbytes);
285 err = blkcipher_walk_virt(desc, &walk);
286 desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
288 ctx->ops->load_encrypt_keys(&ctx->key[0]);
289 while ((nbytes = walk.nbytes)) {
290 unsigned int block_len = nbytes & AES_BLOCK_MASK;
292 if (likely(block_len)) {
293 ctx->ops->cbc_encrypt(&ctx->key[0],
294 (const u64 *)walk.src.virt.addr,
295 (u64 *) walk.dst.virt.addr,
296 block_len, (u64 *) walk.iv);
298 nbytes &= AES_BLOCK_SIZE - 1;
299 err = blkcipher_walk_done(desc, &walk, nbytes);
305 static int cbc_decrypt(struct blkcipher_desc *desc,
306 struct scatterlist *dst, struct scatterlist *src,
309 struct crypto_sparc64_aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
310 struct blkcipher_walk walk;
314 blkcipher_walk_init(&walk, dst, src, nbytes);
315 err = blkcipher_walk_virt(desc, &walk);
316 desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
318 ctx->ops->load_decrypt_keys(&ctx->key[0]);
319 key_end = &ctx->key[ctx->expanded_key_length / sizeof(u64)];
320 while ((nbytes = walk.nbytes)) {
321 unsigned int block_len = nbytes & AES_BLOCK_MASK;
323 if (likely(block_len)) {
324 ctx->ops->cbc_decrypt(key_end,
325 (const u64 *) walk.src.virt.addr,
326 (u64 *) walk.dst.virt.addr,
327 block_len, (u64 *) walk.iv);
329 nbytes &= AES_BLOCK_SIZE - 1;
330 err = blkcipher_walk_done(desc, &walk, nbytes);
337 static void ctr_crypt_final(struct crypto_sparc64_aes_ctx *ctx,
338 struct blkcipher_walk *walk)
340 u8 *ctrblk = walk->iv;
341 u64 keystream[AES_BLOCK_SIZE / sizeof(u64)];
342 u8 *src = walk->src.virt.addr;
343 u8 *dst = walk->dst.virt.addr;
344 unsigned int nbytes = walk->nbytes;
346 ctx->ops->ecb_encrypt(&ctx->key[0], (const u64 *)ctrblk,
347 keystream, AES_BLOCK_SIZE);
348 crypto_xor_cpy(dst, (u8 *) keystream, src, nbytes);
349 crypto_inc(ctrblk, AES_BLOCK_SIZE);
352 static int ctr_crypt(struct blkcipher_desc *desc,
353 struct scatterlist *dst, struct scatterlist *src,
356 struct crypto_sparc64_aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
357 struct blkcipher_walk walk;
360 blkcipher_walk_init(&walk, dst, src, nbytes);
361 err = blkcipher_walk_virt_block(desc, &walk, AES_BLOCK_SIZE);
362 desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
364 ctx->ops->load_encrypt_keys(&ctx->key[0]);
365 while ((nbytes = walk.nbytes) >= AES_BLOCK_SIZE) {
366 unsigned int block_len = nbytes & AES_BLOCK_MASK;
368 if (likely(block_len)) {
369 ctx->ops->ctr_crypt(&ctx->key[0],
370 (const u64 *)walk.src.virt.addr,
371 (u64 *) walk.dst.virt.addr,
372 block_len, (u64 *) walk.iv);
374 nbytes &= AES_BLOCK_SIZE - 1;
375 err = blkcipher_walk_done(desc, &walk, nbytes);
378 ctr_crypt_final(ctx, &walk);
379 err = blkcipher_walk_done(desc, &walk, 0);
385 static struct crypto_alg algs[] = { {
387 .cra_driver_name = "aes-sparc64",
388 .cra_priority = SPARC_CR_OPCODE_PRIORITY,
389 .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
390 .cra_blocksize = AES_BLOCK_SIZE,
391 .cra_ctxsize = sizeof(struct crypto_sparc64_aes_ctx),
393 .cra_module = THIS_MODULE,
396 .cia_min_keysize = AES_MIN_KEY_SIZE,
397 .cia_max_keysize = AES_MAX_KEY_SIZE,
398 .cia_setkey = aes_set_key,
399 .cia_encrypt = aes_encrypt,
400 .cia_decrypt = aes_decrypt
404 .cra_name = "ecb(aes)",
405 .cra_driver_name = "ecb-aes-sparc64",
406 .cra_priority = SPARC_CR_OPCODE_PRIORITY,
407 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
408 .cra_blocksize = AES_BLOCK_SIZE,
409 .cra_ctxsize = sizeof(struct crypto_sparc64_aes_ctx),
411 .cra_type = &crypto_blkcipher_type,
412 .cra_module = THIS_MODULE,
415 .min_keysize = AES_MIN_KEY_SIZE,
416 .max_keysize = AES_MAX_KEY_SIZE,
417 .setkey = aes_set_key,
418 .encrypt = ecb_encrypt,
419 .decrypt = ecb_decrypt,
423 .cra_name = "cbc(aes)",
424 .cra_driver_name = "cbc-aes-sparc64",
425 .cra_priority = SPARC_CR_OPCODE_PRIORITY,
426 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
427 .cra_blocksize = AES_BLOCK_SIZE,
428 .cra_ctxsize = sizeof(struct crypto_sparc64_aes_ctx),
430 .cra_type = &crypto_blkcipher_type,
431 .cra_module = THIS_MODULE,
434 .min_keysize = AES_MIN_KEY_SIZE,
435 .max_keysize = AES_MAX_KEY_SIZE,
436 .ivsize = AES_BLOCK_SIZE,
437 .setkey = aes_set_key,
438 .encrypt = cbc_encrypt,
439 .decrypt = cbc_decrypt,
443 .cra_name = "ctr(aes)",
444 .cra_driver_name = "ctr-aes-sparc64",
445 .cra_priority = SPARC_CR_OPCODE_PRIORITY,
446 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
448 .cra_ctxsize = sizeof(struct crypto_sparc64_aes_ctx),
450 .cra_type = &crypto_blkcipher_type,
451 .cra_module = THIS_MODULE,
454 .min_keysize = AES_MIN_KEY_SIZE,
455 .max_keysize = AES_MAX_KEY_SIZE,
456 .ivsize = AES_BLOCK_SIZE,
457 .setkey = aes_set_key,
458 .encrypt = ctr_crypt,
459 .decrypt = ctr_crypt,
464 static bool __init sparc64_has_aes_opcode(void)
468 if (!(sparc64_elf_hwcap & HWCAP_SPARC_CRYPTO))
471 __asm__ __volatile__("rd %%asr26, %0" : "=r" (cfr));
472 if (!(cfr & CFR_AES))
478 static int __init aes_sparc64_mod_init(void)
480 if (sparc64_has_aes_opcode()) {
481 pr_info("Using sparc64 aes opcodes optimized AES implementation\n");
482 return crypto_register_algs(algs, ARRAY_SIZE(algs));
484 pr_info("sparc64 aes opcodes not available.\n");
488 static void __exit aes_sparc64_mod_fini(void)
490 crypto_unregister_algs(algs, ARRAY_SIZE(algs));
493 module_init(aes_sparc64_mod_init);
494 module_exit(aes_sparc64_mod_fini);
496 MODULE_LICENSE("GPL");
497 MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm, sparc64 aes opcode accelerated");
499 MODULE_ALIAS_CRYPTO("aes");
501 #include "crop_devid.c"
projects / librecmc / linux-libre.git / blob