[PATCH v2] ecc: delete a useless function declaration
This function declaration has been added in 'ecc_curve.h', delete it in 'crypto/ecc.h'. Fixes: 4e6602916bc6(crypto: ecdsa - Add support for ECDSA ...) Signed-off-by: Meng Yu --- v1 -> v2: Modify the 'Fixes tag' from '14bb76768275' to '4e6602916bc6 '. --- crypto/ecc.h | 8 1 file changed, 8 deletions(-) diff --git a/crypto/ecc.h b/crypto/ecc.h index 46aa9bc..a006132 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -56,14 +56,6 @@ static inline void ecc_swap_digits(const u64 *in, u64 *out, unsigned int ndigits } /** - * ecc_get_curve() - Get a curve given its curve_id - * @curve_id: Id of the curve - * - * Returns pointer to the curve data, NULL if curve is not available - */ -const struct ecc_curve *ecc_get_curve(unsigned int curve_id); - -/** * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use -- 2.8.1
[PATCH] ecc: delete a useless function declaration
This function declaration has been added in 'ecc_curve.h', delete it in 'crypto/ecc.h'. Fixes: 14bb76768275(crypto: ecc - expose ecc curves) Signed-off-by: Meng Yu --- crypto/ecc.h | 8 1 file changed, 8 deletions(-) diff --git a/crypto/ecc.h b/crypto/ecc.h index 46aa9bc..a006132 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -56,14 +56,6 @@ static inline void ecc_swap_digits(const u64 *in, u64 *out, unsigned int ndigits } /** - * ecc_get_curve() - Get a curve given its curve_id - * @curve_id: Id of the curve - * - * Returns pointer to the curve data, NULL if curve is not available - */ -const struct ecc_curve *ecc_get_curve(unsigned int curve_id); - -/** * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use -- 2.8.1
[PATCH 2/2] Bluetooth: Coding style fix
1. Add space when needed; 2. Block comments style fix; 3. Move open brace '{' following function definitions to the next line; 4. Remove unnecessary braces '{}' for single statement blocks. Signed-off-by: Meng Yu --- net/bluetooth/6lowpan.c | 3 +-- net/bluetooth/hci_debugfs.c | 8 net/bluetooth/hci_event.c | 2 +- net/bluetooth/hci_request.c | 6 ++ net/bluetooth/l2cap_core.c | 5 +++-- 5 files changed, 11 insertions(+), 13 deletions(-) diff --git a/net/bluetooth/6lowpan.c b/net/bluetooth/6lowpan.c index 19f7e42..97617d0 100644 --- a/net/bluetooth/6lowpan.c +++ b/net/bluetooth/6lowpan.c @@ -205,8 +205,7 @@ static inline struct lowpan_peer *peer_lookup_dst(struct lowpan_btle_dev *dev, } } - /* use the neighbour cache for matching addresses assigned by SLAAC - */ + /* use the neighbour cache for matching addresses assigned by SLAAC */ neigh = __ipv6_neigh_lookup(dev->netdev, nexthop); if (neigh) { list_for_each_entry_rcu(peer, &dev->peers, list) { diff --git a/net/bluetooth/hci_debugfs.c b/net/bluetooth/hci_debugfs.c index 1a0ab58..47f4f21 100644 --- a/net/bluetooth/hci_debugfs.c +++ b/net/bluetooth/hci_debugfs.c @@ -274,7 +274,7 @@ static ssize_t use_debug_keys_read(struct file *file, char __user *user_buf, struct hci_dev *hdev = file->private_data; char buf[3]; - buf[0] = hci_dev_test_flag(hdev, HCI_USE_DEBUG_KEYS) ? 'Y': 'N'; + buf[0] = hci_dev_test_flag(hdev, HCI_USE_DEBUG_KEYS) ? 'Y' : 'N'; buf[1] = '\n'; buf[2] = '\0'; return simple_read_from_buffer(user_buf, count, ppos, buf, 2); @@ -292,7 +292,7 @@ static ssize_t sc_only_mode_read(struct file *file, char __user *user_buf, struct hci_dev *hdev = file->private_data; char buf[3]; - buf[0] = hci_dev_test_flag(hdev, HCI_SC_ONLY) ? 'Y': 'N'; + buf[0] = hci_dev_test_flag(hdev, HCI_SC_ONLY) ? 'Y' : 'N'; buf[1] = '\n'; buf[2] = '\0'; return simple_read_from_buffer(user_buf, count, ppos, buf, 2); @@ -428,7 +428,7 @@ static ssize_t ssp_debug_mode_read(struct file *file, char __user *user_buf, struct hci_dev *hdev = file->private_data; char buf[3]; - buf[0] = hdev->ssp_debug_mode ? 'Y': 'N'; + buf[0] = hdev->ssp_debug_mode ? 'Y' : 'N'; buf[1] = '\n'; buf[2] = '\0'; return simple_read_from_buffer(user_buf, count, ppos, buf, 2); @@ -742,7 +742,7 @@ static ssize_t force_static_address_read(struct file *file, struct hci_dev *hdev = file->private_data; char buf[3]; - buf[0] = hci_dev_test_flag(hdev, HCI_FORCE_STATIC_ADDR) ? 'Y': 'N'; + buf[0] = hci_dev_test_flag(hdev, HCI_FORCE_STATIC_ADDR) ? 'Y' : 'N'; buf[1] = '\n'; buf[2] = '\0'; return simple_read_from_buffer(user_buf, count, ppos, buf, 2); diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index 341c8ce..593eafa 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c @@ -5891,7 +5891,7 @@ static void hci_le_remote_conn_param_req_evt(struct hci_dev *hdev, params->conn_latency = latency; params->supervision_timeout = timeout; store_hint = 0x01; - } else{ + } else { store_hint = 0x00; } diff --git a/net/bluetooth/hci_request.c b/net/bluetooth/hci_request.c index 8ace5d3..6cd9d41 100644 --- a/net/bluetooth/hci_request.c +++ b/net/bluetooth/hci_request.c @@ -1647,9 +1647,8 @@ static u8 create_default_scan_rsp_data(struct hci_dev *hdev, u8 *ptr) { u8 scan_rsp_len = 0; - if (hdev->appearance) { + if (hdev->appearance) scan_rsp_len = append_appearance(hdev, ptr, scan_rsp_len); - } return append_local_name(hdev, ptr, scan_rsp_len); } @@ -1667,9 +1666,8 @@ static u8 create_instance_scan_rsp_data(struct hci_dev *hdev, u8 instance, instance_flags = adv_instance->flags; - if ((instance_flags & MGMT_ADV_FLAG_APPEARANCE) && hdev->appearance) { + if ((instance_flags & MGMT_ADV_FLAG_APPEARANCE) && hdev->appearance) scan_rsp_len = append_appearance(hdev, ptr, scan_rsp_len); - } memcpy(&ptr[scan_rsp_len], adv_instance->scan_rsp_data, adv_instance->scan_rsp_len); diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index ccfe8ad..6e10cb8 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c @@ -652,7 +652,7 @@ void l2cap_chan_del(struct l2cap_chan
[PATCH 0/2] net/Blutooth - Coding style fix
Remove 'return' in void function and fix some coding style Meng Yu (2): Bluetooth: Remove 'return' in void function Bluetooth: Coding style fix net/bluetooth/6lowpan.c | 5 + net/bluetooth/hci_debugfs.c | 8 net/bluetooth/hci_event.c | 2 +- net/bluetooth/hci_request.c | 6 ++ net/bluetooth/l2cap_core.c | 7 +++ 5 files changed, 11 insertions(+), 17 deletions(-) -- 2.8.1
[PATCH 1/2] Bluetooth: Remove 'return' in void function
void function return statements are not generally useful. Signed-off-by: Meng Yu --- net/bluetooth/6lowpan.c| 2 -- net/bluetooth/l2cap_core.c | 2 -- 2 files changed, 4 deletions(-) diff --git a/net/bluetooth/6lowpan.c b/net/bluetooth/6lowpan.c index cff4944..19f7e42 100644 --- a/net/bluetooth/6lowpan.c +++ b/net/bluetooth/6lowpan.c @@ -841,8 +841,6 @@ static void chan_close_cb(struct l2cap_chan *chan) } else { spin_unlock(&devices_lock); } - - return; } static void chan_state_change_cb(struct l2cap_chan *chan, int state, int err) diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index 56e1975..ccfe8ad 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c @@ -676,8 +676,6 @@ void l2cap_chan_del(struct l2cap_chan *chan, int err) skb_queue_purge(&chan->tx_q); break; } - - return; } EXPORT_SYMBOL_GPL(l2cap_chan_del); -- 2.8.1
[PATCH] crypto: hisilicon/hpre - Add processing of src_data in 'CURVE25519'
HPRE can only deal with src_data smaller than 'p' in 'CURVE25519' algorithm, but 'rfc7748' says: 'Implementations MUST accept non-canonical values and process them as if they had been reduced modulo the field prime' So we get its modulus to p, and then deal it with HPRE. Signed-off-by: Meng Yu --- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 22 ++ 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d743c54..f363653 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1729,6 +1729,17 @@ static int hpre_curve25519_msg_request_set(struct hpre_ctx *ctx, return 0; } +static void hpre_curve25519_src_modulo_p(u8 *ptr) +{ + int i; + + for (i = 0; i < CURVE25519_KEY_SIZE - 1; i++) + ptr[i] = 0; + + /* The modulus is ptr's last byte minus '0xed'(last byte of p) */ + ptr[i] -= 0xed; +} + static int hpre_curve25519_src_init(struct hpre_asym_request *hpre_req, struct scatterlist *data, unsigned int len) { @@ -1767,10 +1778,13 @@ static int hpre_curve25519_src_init(struct hpre_asym_request *hpre_req, curve = ecc_get_curve25519(); fill_curve_param(p, curve->p, CURVE25519_KEY_SIZE, curve->g.ndigits); - if (memcmp(ptr, p, ctx->key_sz) >= 0) { - dev_err(dev, "gx is out of p!\n"); - goto err; - } + + /* +* When src_data equals (2^255 - 19) ~ (2^255 - 1), it is out of p, +* we get its modulus to p, and then use it. +*/ + if (memcmp(ptr, p, ctx->key_sz) >= 0) + hpre_curve25519_src_modulo_p(ptr); hpre_req->src = ptr; msg->in = cpu_to_le64(dma); -- 2.8.1
[PATCH] pkcs7: Use octal permissions '0444'
Fixed following checkpatch warning: Symbolic permissions 'S_IWUSR | S_IRUGO' are not preferred. Consider using octal permissions '0644'. Signed-off-by: Meng Yu --- crypto/asymmetric_keys/pkcs7_key_type.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/asymmetric_keys/pkcs7_key_type.c b/crypto/asymmetric_keys/pkcs7_key_type.c index b930d3b..55a5be7 100644 --- a/crypto/asymmetric_keys/pkcs7_key_type.c +++ b/crypto/asymmetric_keys/pkcs7_key_type.c @@ -18,7 +18,7 @@ MODULE_DESCRIPTION("PKCS#7 testing key type"); MODULE_AUTHOR("Red Hat, Inc."); static unsigned pkcs7_usage; -module_param_named(usage, pkcs7_usage, uint, S_IWUSR | S_IRUGO); +module_param_named(usage, pkcs7_usage, uint, 0644); MODULE_PARM_DESC(pkcs7_usage, "Usage to specify when verifying the PKCS#7 message"); -- 2.8.1
[PATCH] crypto: hisilicon/hpre - rsa key should not be empty
We should ensure key is not empty before we set key. Signed-off-by: Meng Yu --- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 53068d2..7cf7d80 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1093,6 +1093,9 @@ static int hpre_rsa_setpubkey(struct crypto_akcipher *tfm, const void *key, struct hpre_ctx *ctx = akcipher_tfm_ctx(tfm); int ret; + if (!key || !keylen) + return -EINVAL; + ret = crypto_akcipher_set_pub_key(ctx->rsa.soft_tfm, key, keylen); if (ret) return ret; @@ -1106,6 +1109,9 @@ static int hpre_rsa_setprivkey(struct crypto_akcipher *tfm, const void *key, struct hpre_ctx *ctx = akcipher_tfm_ctx(tfm); int ret; + if (!key || !keylen) + return -EINVAL; + ret = crypto_akcipher_set_priv_key(ctx->rsa.soft_tfm, key, keylen); if (ret) return ret; -- 2.8.1
[PATCH v2] Bluetooth: SCO - Remove trailing semicolon in macros
Macros should not use a trailing semicolon. Signed-off-by: Meng Yu --- Changes in v2 -Modify comments net/bluetooth/sco.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c index 22a110f..3bd4156 100644 --- a/net/bluetooth/sco.c +++ b/net/bluetooth/sco.c @@ -51,8 +51,8 @@ struct sco_conn { unsigned intmtu; }; -#define sco_conn_lock(c) spin_lock(&c->lock); -#define sco_conn_unlock(c) spin_unlock(&c->lock); +#define sco_conn_lock(c) spin_lock(&c->lock) +#define sco_conn_unlock(c) spin_unlock(&c->lock) static void sco_sock_close(struct sock *sk); static void sco_sock_kill(struct sock *sk); -- 2.8.1
[PATCH] Bluetooth: SCO - Remove trailing semicolon in macros
remove trailing semicolon in macros and coding style fix. Signed-off-by: Meng Yu --- net/bluetooth/sco.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c index 22a110f..3bd4156 100644 --- a/net/bluetooth/sco.c +++ b/net/bluetooth/sco.c @@ -51,8 +51,8 @@ struct sco_conn { unsigned intmtu; }; -#define sco_conn_lock(c) spin_lock(&c->lock); -#define sco_conn_unlock(c) spin_unlock(&c->lock); +#define sco_conn_lock(c) spin_lock(&c->lock) +#define sco_conn_unlock(c) spin_unlock(&c->lock) static void sco_sock_close(struct sock *sk); static void sco_sock_kill(struct sock *sk); -- 2.8.1
[PATCH v2] Bluetooth: Remove trailing semicolon in macros
remove trailing semicolon in macros and coding style fix. Signed-off-by: Meng Yu --- Changes in v2 -Re-base in bluetooth-next net/bluetooth/smp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index efc19f9..2def906 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -54,7 +54,7 @@ #define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd) /* Keys which are not distributed with Secure Connections */ -#define SMP_SC_NO_DIST (SMP_DIST_ENC_KEY | SMP_DIST_LINK_KEY); +#define SMP_SC_NO_DIST (SMP_DIST_ENC_KEY | SMP_DIST_LINK_KEY) #define SMP_TIMEOUTmsecs_to_jiffies(3) @@ -398,7 +398,7 @@ static int smp_e(const u8 *k, u8 *r) SMP_DBG("r %16phN", r); - memzero_explicit(&ctx, sizeof (ctx)); + memzero_explicit(&ctx, sizeof(ctx)); return err; } -- 2.8.1
[PATCH] umem: remove useless 'u64' in 'cpu_to_le64'
The 'u64' cast is redundant in 'cpu_to_le64' and coding style fix. Signed-off-by: Meng Yu --- drivers/block/umem.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/block/umem.c b/drivers/block/umem.c index 982732db..3b21b98 100644 --- a/drivers/block/umem.c +++ b/drivers/block/umem.c @@ -380,14 +380,14 @@ static int add_bio(struct cardinfo *card) desc->data_dma_handle = dma_handle; - desc->pci_addr = cpu_to_le64((u64)desc->data_dma_handle); + desc->pci_addr = cpu_to_le64(desc->data_dma_handle); desc->local_addr = cpu_to_le64(card->current_iter.bi_sector << 9); desc->transfer_size = cpu_to_le32(vec.bv_len); offset = (((char *)&desc->sem_control_bits) - ((char *)p->desc)); - desc->sem_addr = cpu_to_le64((u64)(p->page_dma+offset)); + desc->sem_addr = cpu_to_le64(p->page_dma + offset); desc->zero1 = desc->zero2 = 0; offset = (((char *)(desc+1)) - ((char *)p->desc)); - desc->next_desc_addr = cpu_to_le64(p->page_dma+offset); + desc->next_desc_addr = cpu_to_le64(p->page_dma + offset); desc->control_bits = cpu_to_le32(DMASCR_GO|DMASCR_ERR_INT_EN| DMASCR_PARITY_INT_EN| DMASCR_CHAIN_EN | -- 2.8.1
[PATCH] crypto: atmel-ecc - fix W=1 "cannot understand" warning
Fix kernel-doc warnings due to missing "struct" keyword. The warning likes: drivers/crypto/atmel-ecc.c:40: warning: cannot understand function prototype: 'struct atmel_ecdh_ctx ' Signed-off-by: Meng Yu --- drivers/crypto/atmel-ecc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/atmel-ecc.c b/drivers/crypto/atmel-ecc.c index 515946c..333fbef 100644 --- a/drivers/crypto/atmel-ecc.c +++ b/drivers/crypto/atmel-ecc.c @@ -26,7 +26,7 @@ static struct atmel_ecc_driver_data driver_data; /** - * atmel_ecdh_ctx - transformation context + * struct atmel_ecdh_ctx - transformation context * @client : pointer to i2c client device * @fallback : used for unsupported curves or when user wants to use its own * private key. -- 2.8.1
[PATCH] Bluetooth: Remove trailing semicolon in macros
1. remove trailing semicolon in macros; 2. fix some coding style. Signed-off-by: Meng Yu --- net/bluetooth/smp.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index 26e8cfad..07a193e 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -55,7 +55,7 @@ #define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd) /* Keys which are not distributed with Secure Connections */ -#define SMP_SC_NO_DIST (SMP_DIST_ENC_KEY | SMP_DIST_LINK_KEY); +#define SMP_SC_NO_DIST (SMP_DIST_ENC_KEY | SMP_DIST_LINK_KEY) #define SMP_TIMEOUTmsecs_to_jiffies(3) @@ -403,7 +403,7 @@ static int smp_e(const u8 *k, u8 *r) SMP_DBG("r %16phN", r); - memzero_explicit(&ctx, sizeof (ctx)); + memzero_explicit(&ctx, sizeof(ctx)); return err; } @@ -866,7 +866,7 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth, memset(smp->tk, 0, sizeof(smp->tk)); clear_bit(SMP_FLAG_TK_VALID, &smp->flags); - BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io); + BT_DBG("%s: auth:%d lcl:%d rem:%d", __func__, auth, local_io, remote_io); /* If neither side wants MITM, either "just" confirm an incoming * request or use just-works for outgoing ones. The JUST_CFM -- 2.8.1
[PATCH] crypto: Correct an error in the comments
Remove repeated word 'bit' in comments. Signed-off-by: Meng Yu --- crypto/ecc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index 0798a18..63ba70b 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -137,7 +137,7 @@ bool vli_is_zero(const u64 *vli, unsigned int ndigits) } EXPORT_SYMBOL(vli_is_zero); -/* Returns nonzero if bit bit of vli is set. */ +/* Returns nonzero if bit of vli is set. */ static u64 vli_test_bit(const u64 *vli, unsigned int bit) { return (vli[bit / 64] & ((u64)1 << (bit % 64))); -- 2.8.1
[PATCH v10 3/7] crypto: move curve_id of ECDH from the key to algorithm name
1. crypto and crypto/atmel-ecc: Move curve id of ECDH from the key into the algorithm name instead in crypto and atmel-ecc, so ECDH algorithm name change form 'ecdh' to 'ecdh-nist-pxxx', and we cannot use 'curve_id' in 'struct ecdh'; 2. crypto/testmgr and net/bluetooth: Modify 'testmgr.c', 'testmgr.h' and 'net/bluetooth' to adapt the modification. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- crypto/ecdh.c | 72 +++-- crypto/ecdh_helper.c| 4 +-- crypto/testmgr.c| 13 ++-- crypto/testmgr.h| 34 ++--- drivers/crypto/atmel-ecc.c | 28 +- include/crypto/ecdh.h | 2 -- net/bluetooth/ecdh_helper.c | 2 -- net/bluetooth/selftest.c| 2 +- net/bluetooth/smp.c | 6 ++-- 9 files changed, 89 insertions(+), 74 deletions(-) diff --git a/crypto/ecdh.c b/crypto/ecdh.c index 96f80c8..04a427b 100644 --- a/crypto/ecdh.c +++ b/crypto/ecdh.c @@ -23,33 +23,16 @@ static inline struct ecdh_ctx *ecdh_get_ctx(struct crypto_kpp *tfm) return kpp_tfm_ctx(tfm); } -static unsigned int ecdh_supported_curve(unsigned int curve_id) -{ - switch (curve_id) { - case ECC_CURVE_NIST_P192: return ECC_CURVE_NIST_P192_DIGITS; - case ECC_CURVE_NIST_P256: return ECC_CURVE_NIST_P256_DIGITS; - default: return 0; - } -} - static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, unsigned int len) { struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); struct ecdh params; - unsigned int ndigits; if (crypto_ecdh_decode_key(buf, len, ¶ms) < 0 || - params.key_size > sizeof(ctx->private_key)) + params.key_size > sizeof(u64) * ctx->ndigits) return -EINVAL; - ndigits = ecdh_supported_curve(params.curve_id); - if (!ndigits) - return -EINVAL; - - ctx->curve_id = params.curve_id; - ctx->ndigits = ndigits; - if (!params.key || !params.key_size) return ecc_gen_privkey(ctx->curve_id, ctx->ndigits, ctx->private_key); @@ -140,13 +123,24 @@ static unsigned int ecdh_max_size(struct crypto_kpp *tfm) return ctx->ndigits << (ECC_DIGITS_TO_BYTES_SHIFT + 1); } -static struct kpp_alg ecdh = { +static int ecdh_nist_p192_init_tfm(struct crypto_kpp *tfm) +{ + struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); + + ctx->curve_id = ECC_CURVE_NIST_P192; + ctx->ndigits = ECC_CURVE_NIST_P192_DIGITS; + + return 0; +} + +static struct kpp_alg ecdh_nist_p192 = { .set_secret = ecdh_set_secret, .generate_public_key = ecdh_compute_value, .compute_shared_secret = ecdh_compute_value, .max_size = ecdh_max_size, + .init = ecdh_nist_p192_init_tfm, .base = { - .cra_name = "ecdh", + .cra_name = "ecdh-nist-p192", .cra_driver_name = "ecdh-generic", .cra_priority = 100, .cra_module = THIS_MODULE, @@ -154,14 +148,48 @@ static struct kpp_alg ecdh = { }, }; +static int ecdh_nist_p256_init_tfm(struct crypto_kpp *tfm) +{ + struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); + + ctx->curve_id = ECC_CURVE_NIST_P256; + ctx->ndigits = ECC_CURVE_NIST_P256_DIGITS; + + return 0; +} + +static struct kpp_alg ecdh_nist_p256 = { + .set_secret = ecdh_set_secret, + .generate_public_key = ecdh_compute_value, + .compute_shared_secret = ecdh_compute_value, + .max_size = ecdh_max_size, + .init = ecdh_nist_p256_init_tfm, + .base = { + .cra_name = "ecdh-nist-p256", + .cra_driver_name = "ecdh-generic", + .cra_priority = 100, + .cra_module = THIS_MODULE, + .cra_ctxsize = sizeof(struct ecdh_ctx), + }, +}; + +static bool ecdh_nist_p192_registered; + static int ecdh_init(void) { - return crypto_register_kpp(&ecdh); + int ret; + + ret = crypto_register_kpp(&ecdh_nist_p192); + ecdh_nist_p192_registered = ret == 0; + + return crypto_register_kpp(&ecdh_nist_p256); } static void ecdh_exit(void) { - crypto_unregister_kpp(&ecdh); + if (ecdh_nist_p192_registered) + crypto_unregister_kpp(&ecdh_nist_p192); + crypto_unregister_kpp(&ecdh_nist_p256); } subsys_initcall(ecdh_init); diff --git a/crypto/ecdh_helper.c b/crypto/ecdh_helper.c index fca63b5..f18f902 100644 --- a/crypto/ecdh_helper.c +++ b/crypto/ecdh_helper.c @@ -10,7 +10,7 @@ #include #include -#define ECDH_KPP_SECRET_MIN_SIZE (sizeof(struct kpp_secret) + 2 * sizeof(short)) +#define ECDH_K
[PATCH v10 4/7] crypto: and expose ecc curves
Move 'ecc_get_curve' to 'include/crypto/ecc_curve.h', so everyone in kernel tree can easily get ecc curve params; Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c | 5 - crypto/ecc.h | 37 ++-- include/crypto/ecc_curve.h | 53 ++ 3 files changed, 59 insertions(+), 36 deletions(-) create mode 100644 include/crypto/ecc_curve.h diff --git a/crypto/ecc.c b/crypto/ecc.c index c80aa25..4b55ad0 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -24,6 +24,7 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include #include #include #include @@ -42,7 +43,8 @@ typedef struct { u64 m_high; } uint128_t; -static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) + +const struct ecc_curve *ecc_get_curve(unsigned int curve_id) { switch (curve_id) { /* In FIPS mode only allow P256 and higher */ @@ -54,6 +56,7 @@ static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) return NULL; } } +EXPORT_SYMBOL(ecc_get_curve); static u64 *ecc_alloc_digits_space(unsigned int ndigits) { diff --git a/crypto/ecc.h b/crypto/ecc.h index d4e546b..38a81d4 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -26,6 +26,8 @@ #ifndef _CRYPTO_ECC_H #define _CRYPTO_ECC_H +#include + /* One digit is u64 qword. */ #define ECC_CURVE_NIST_P192_DIGITS 3 #define ECC_CURVE_NIST_P256_DIGITS 4 @@ -33,44 +35,9 @@ #define ECC_DIGITS_TO_BYTES_SHIFT 3 -/** - * struct ecc_point - elliptic curve point in affine coordinates - * - * @x: X coordinate in vli form. - * @y: Y coordinate in vli form. - * @ndigits: Length of vlis in u64 qwords. - */ -struct ecc_point { - u64 *x; - u64 *y; - u8 ndigits; -}; - #define ECC_POINT_INIT(x, y, ndigits) (struct ecc_point) { x, y, ndigits } /** - * struct ecc_curve - definition of elliptic curve - * - * @name: Short name of the curve. - * @g: Generator point of the curve. - * @p: Prime number, if Barrett's reduction is used for this curve - * pre-calculated value 'mu' is appended to the @p after ndigits. - * Use of Barrett's reduction is heuristically determined in - * vli_mmod_fast(). - * @n: Order of the curve group. - * @a: Curve parameter a. - * @b: Curve parameter b. - */ -struct ecc_curve { - char *name; - struct ecc_point g; - u64 *p; - u64 *n; - u64 *a; - u64 *b; -}; - -/** * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use diff --git a/include/crypto/ecc_curve.h b/include/crypto/ecc_curve.h new file mode 100644 index 000..19a35da --- /dev/null +++ b/include/crypto/ecc_curve.h @@ -0,0 +1,53 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* Copyright (c) 2021 HiSilicon */ + +#ifndef _CRYTO_ECC_CURVE_H +#define _CRYTO_ECC_CURVE_H + +#include + +/** + * struct ecc_point - elliptic curve point in affine coordinates + * + * @x: X coordinate in vli form. + * @y: Y coordinate in vli form. + * @ndigits: Length of vlis in u64 qwords. + */ +struct ecc_point { + u64 *x; + u64 *y; + u8 ndigits; +}; + +/** + * struct ecc_curve - definition of elliptic curve + * + * @name: Short name of the curve. + * @g: Generator point of the curve. + * @p: Prime number, if Barrett's reduction is used for this curve + * pre-calculated value 'mu' is appended to the @p after ndigits. + * Use of Barrett's reduction is heuristically determined in + * vli_mmod_fast(). + * @n: Order of the curve group. + * @a: Curve parameter a. + * @b: Curve parameter b. + */ +struct ecc_curve { + char *name; + struct ecc_point g; + u64 *p; + u64 *n; + u64 *a; + u64 *b; +}; + +/** + * ecc_get_curve() - get elliptic curve; + * @curve_id: Curves IDs: + * defined in 'include/crypto/ecdh.h'; + * + * Returns curve if get curve succssful, NULL otherwise + */ +const struct ecc_curve *ecc_get_curve(unsigned int curve_id); + +#endif -- 2.8.1
[PATCH v10 2/7] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index cc50f23..02193e1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -92,7 +100,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index e7a2c70..76f0a87 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -226,13 +226,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH v10 5/7] crypto: hisilicon/hpre - add 'ECDH' algorithm
1. Enable 'ECDH' algorithm in Kunpeng 930; 2. HPRE ECDH Support: ecdh-nist-p192, ecdh-nist-p256. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 515 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + 3 files changed, 513 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 02193e1..50e6b2e 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -83,6 +83,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -104,5 +105,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..a6010b1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,8 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include +#include #include #include #include @@ -36,6 +38,13 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P256_N_SIZE 32 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 + typedef void (*hpre_cb)(struct hpre_ctx *ctx, void *sqe); struct hpre_rsa_ctx { @@ -61,14 +70,25 @@ struct hpre_dh_ctx { * else if base if the counterpart public key we * compute the shared secret * ZZ = yb^xa mod p; [RFC2631 sec 2.1.1] +* low address: d--->n, please refer to Hisilicon HPRE UM */ - char *xa_p; /* low address: d--->n, please refer to Hisilicon HPRE UM */ + char *xa_p; dma_addr_t dma_xa_p; char *g; /* m */ dma_addr_t dma_g; }; +struct hpre_ecdh_ctx { + /* low address: p->a->k->b */ + unsigned char *p; + dma_addr_t dma_p; + + /* low address: x->y */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -80,7 +100,10 @@ struct hpre_ctx { union { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; + struct hpre_ecdh_ctx ecdh; }; + /* for ecc algorithms */ + unsigned int curve_id; }; struct hpre_asym_request { @@ -91,6 +114,7 @@ struct hpre_asym_request { union { struct akcipher_request *rsa; struct kpp_request *dh; + struct kpp_request *ecdh; } areq; int err; int req_id; @@ -1115,6 +1139,416 @@ static void hpre_rsa_exit_tfm(struct crypto_akcipher *tfm) crypto_free_akcipher(ctx->rsa.soft_tfm); } +static void hpre_key_to_big_end(u8 *data, int len) +{ + int i, j; + u8 tmp; + + for (i = 0; i < len / 2; i++) { + j = len - i - 1; + tmp = data[j]; + data[j] = data[i]; + data[i] = tmp; + } +} + +static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, + bool is_ecdh) +{ + struct device *dev = HPRE_DEV(ctx); + unsigned int sz = ctx->key_sz; + unsigned int shift = sz << 1; + + if (is_clear_all) + hisi_qm_stop_qp(ctx->qp); + + if (is_ecdh && ctx->ecdh.p) { + /* ecdh: p->a->k->b */ + memzero_explicit(ctx->ecdh.p + shift, sz); + dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); + ctx->ecdh.p = NULL; + } + + hpre_ctx_clear(ctx, is_clear_all); +} + +static unsigned int hpre_ecdh_supported_curve(unsigned short id) +{ + switch (id) { + case ECC_CURVE_NIST_P192: + case ECC_CURVE_NIST_P256: + return HPRE_ECC_HW256_KSZ_B; + default: + break; + } + + return 0; +} + +static void fill_curve_param(void *addr, u64 *param, unsigned int cur_sz, u8 ndigits) +{ + unsigned int sz = cur_sz - (ndigits - 1) * sizeof(u64); + u8 i = 0; + + while (i < ndigits - 1) { + memcpy(addr + sizeof(u64) * i, ¶m[i], sizeof(u64)); + i++; + } + + memcpy(addr + sizeof(u64) * i, ¶m[ndigits - 1], sz); + hpre_key_to_big_end((u8 *)addr, cur_sz); +} + +static int hpre_ecdh_fill_curve(struct hpre_ctx *ctx, struct ecdh *params, + unsigned int cur_sz) +{ + unsigned int shifta = ctx->key_sz <<
[PATCH v10 7/7] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 366 +++- 3 files changed, 361 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/hisilicon/Kconfig b/drivers/crypto/hisilicon/Kconfig index 8431926..c45adb1 100644 --- a/drivers/crypto/hisilicon/Kconfig +++ b/drivers/crypto/hisilicon/Kconfig @@ -65,6 +65,7 @@ config CRYPTO_DEV_HISI_HPRE depends on UACCE || UACCE=n depends on ARM64 || (COMPILE_TEST && 64BIT) depends on ACPI + select CRYPTO_LIB_CURVE25519_GENERIC select CRYPTO_DEV_HISI_QM select CRYPTO_DH select CRYPTO_RSA diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 50e6b2e..92892e3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -84,6 +84,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a6010b1..53068d2 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -89,6 +90,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -101,6 +112,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -115,6 +127,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -437,7 +450,6 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) struct hpre_sqe *sqe = resp; struct hpre_asym_request *req = ctx->req_list[le16_to_cpu(sqe->tag)]; - if (unlikely(!req)) { atomic64_inc(&dfx[HPRE_INVALID_REQ_CNT].value); return; @@ -1167,6 +1179,12 @@ static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, memzero_explicit(ctx->ecdh.p + shift, sz); dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); ctx->ecdh.p = NULL; + } else if (!is_ecdh && ctx->curve25519.p) { + /* curve25519: p->a->k */ + memzero_explicit(ctx->curve25519.p + shift, sz); + dma_free_coherent(dev, sz << 2, ctx->curve25519.p, + ctx->curve25519.dma_p); + ctx->curve25519.p = NULL; } hpre_ctx_clear(ctx, is_clear_all); @@ -1549,6 +1567,312 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_curve25519_fill_curve(struct hpre_ctx *ctx, const void *buf, + unsigned int len) +{ + u8 secret[CURVE25519_KEY_SIZE] = { 0 }; + unsigned int sz = ctx->key_sz; + const struct ecc_curve *curve; + unsigned int shift = sz << 1; + void *p; + + /* +* The key from 'buf' is in little-endian, we should preprocess it as +* the description in rfc7748: "k[0] &= 248, k[31] &= 127, k[31] |= 64", +* then convert it to big endian. Only in this way, the result can be +* the same as the software curve-25519 that exists in crypto. +*/ + memcpy(secret, buf, len); + curve25519_clamp_secret(secret); + hpre_key_to_big_end(secret, CURVE25519_KEY_SIZE); + + p = ctx->curve25519.p + sz - len; + + curve = ecc_get_curve25519(); + + /* fill curve parameters */ + fill_curve_param(p, curve->p, len, curve->g.ndigits); + fill_curve_param(p + sz, curve->a, len, curve->g.ndigits); + memcpy(p + shift, secret, len); + fill_curve_param(p + shift + sz, c
[PATCH v10 6/7] crypto: add curve25519 params and expose them
1. Add curve 25519 parameters in 'crypto/ecc_curve_defs.h'; 2. Add curve25519 interface 'ecc_get_curve25519_param' in 'include/crypto/ecc_curve.h', to make its parameters be exposed to everyone in kernel tree. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c | 6 ++ crypto/ecc_curve_defs.h| 17 + include/crypto/ecc_curve.h | 7 +++ 3 files changed, 30 insertions(+) diff --git a/crypto/ecc.c b/crypto/ecc.c index 4b55ad0..0798a18 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -43,6 +43,12 @@ typedef struct { u64 m_high; } uint128_t; +/* Returns curv25519 curve param */ +const struct ecc_curve *ecc_get_curve25519(void) +{ + return &ecc_25519; +} +EXPORT_SYMBOL(ecc_get_curve25519); const struct ecc_curve *ecc_get_curve(unsigned int curve_id) { diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h index 69be6c7..d7769cc 100644 --- a/crypto/ecc_curve_defs.h +++ b/crypto/ecc_curve_defs.h @@ -54,4 +54,21 @@ static struct ecc_curve nist_p256 = { .b = nist_p256_b }; +/* curve25519 */ +static u64 curve25519_g_x[] = { 0x0009, 0x, + 0x, 0x }; +static u64 curve25519_p[] = { 0xffed, 0x, + 0x, 0x7fff }; +static u64 curve25519_a[] = { 0x0001DB41, 0x, + 0x, 0x }; +static const struct ecc_curve ecc_25519 = { + .name = "curve25519", + .g = { + .x = curve25519_g_x, + .ndigits = 4, + }, + .p = curve25519_p, + .a = curve25519_a, +}; + #endif diff --git a/include/crypto/ecc_curve.h b/include/crypto/ecc_curve.h index 19a35da..7096478 100644 --- a/include/crypto/ecc_curve.h +++ b/include/crypto/ecc_curve.h @@ -50,4 +50,11 @@ struct ecc_curve { */ const struct ecc_curve *ecc_get_curve(unsigned int curve_id); +/** + * ecc_get_curve25519() - get curve25519 curve; + * + * Returns curve25519 + */ +const struct ecc_curve *ecc_get_curve25519(void); + #endif -- 2.8.1
[PATCH v10 0/7] add ECDH and CURVE25519 algorithms support for Kunpeng 930
1. Move curve ID from the key into the algorithm name (like 'ecdh-nist-pxxx' so we get its tfm like 'crypto_alloc_kpp("ecdh-nist-p256", 0, 0)'), in 'crypto/ecc.c' (has been verified by testmgr) and 'crypto/atmel-ecc.c' (only compiled, not do test), and modify 'testmgr.c' and 'net/bluetooth/smp.c' (only compiled, not do test) to adapt the modification; 2. Add new file 'include/crypto/ecc_curve.h', and move 'struct ecc_point' and 'struct ecc_curve' definitions to it, also add new APIs 'ecc_get_curveXXX' into it, with these APIs, users in kernel tree can get ECDH and curve25519 parameters; 3. Add ECDH and CURVE25519 algorithms support for Kunpeng 930. v9->v10: - patch #3: delete 'atmel_ecdh_supported_curve' and 'n_sz' in atmel-ecc.c v8->v9: - patch #3: squash patches 3-5 in v8 into one in v9 - patch #4: delete ECDH curve parameters: P224, P384 and P521 - patch #5: delete ecdh-nist-p224, ecdh-nist-p384 and ecdh-nist-p521 support in HPRE v7->v8: - patch #3 and #5: move the curve ID from the key into the algorithm name instead v6->v7: - patch #4: add function interface to expose elliptic curve parameters - patch #4: eliminate warning by 'kernel test robot' - patch #5: add function interface to expose curve25519 parameters v5->v6: - patch #1: add a new patch (the first patch), which is the "depend on" patch before v4->v5: - patch #4: delete P-128 and P-320 curve, as the few using case in the kernel v3 -> v4: - patch #3: add new, and move ecc_curve params to "include/crypto" v2 -> v3: - patch #5: fix sparse warnings - patch #5: add 'CRYPTO_LIB_CURVE25519_GENERIC' in 'Kconfig' v1 -> v2: - patch #5: delete `curve25519_null_point' Meng Yu (7): crypto: hisilicon/hpre - add version adapt to new algorithms crypto: hisilicon/hpre - add algorithm type crypto: move curve_id of ECDH from the key to algorithm name crypto: and expose ecc curves crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: add curve25519 params and expose them crypto: hisilicon/hpre - add 'CURVE25519' algorithm crypto/ecc.c| 11 +- crypto/ecc.h| 37 +- crypto/ecc_curve_defs.h | 17 + crypto/ecdh.c | 72 ++- crypto/ecdh_helper.c| 4 +- crypto/testmgr.c| 13 +- crypto/testmgr.h| 34 +- drivers/crypto/atmel-ecc.c | 28 +- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 17 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 881 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 12 +- drivers/crypto/hisilicon/qm.c | 4 +- drivers/crypto/hisilicon/qm.h | 4 +- drivers/crypto/hisilicon/sec2/sec.h | 4 +- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 +- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 +- drivers/crypto/hisilicon/zip/zip.h | 4 +- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 +- include/crypto/ecc_curve.h | 60 ++ include/crypto/ecdh.h | 2 - net/bluetooth/ecdh_helper.c | 2 - net/bluetooth/selftest.c| 2 +- net/bluetooth/smp.c | 6 +- 24 files changed, 1086 insertions(+), 141 deletions(-) create mode 100644 include/crypto/ecc_curve.h -- 2.8.1
[PATCH v10 1/7] crypto: hisilicon/hpre - add version adapt to new algorithms
A new generation of accelerator Kunpeng930 has appeared, and the corresponding driver needs to be updated to support some new algorithms of Kunpeng930. To be compatible with Kunpeng920, we add parameter 'struct hisi_qm *qm' to sec_algs_(un)register to identify the chip's version. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Longfang Liu --- drivers/crypto/hisilicon/hpre/hpre.h| 5 +++-- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 4 ++-- drivers/crypto/hisilicon/qm.c | 4 ++-- drivers/crypto/hisilicon/qm.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 ++-- drivers/crypto/hisilicon/zip/zip.h | 4 ++-- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 ++-- 9 files changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 181c109..cc50f23 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -93,7 +93,8 @@ struct hpre_sqe { }; struct hisi_qp *hpre_create_qp(void); -int hpre_algs_register(void); -void hpre_algs_unregister(void); +int hpre_algs_register(struct hisi_qm *qm); +void hpre_algs_unregister(struct hisi_qm *qm); + #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a87f990..d89b2f5 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1154,7 +1154,7 @@ static struct kpp_alg dh = { }; #endif -int hpre_algs_register(void) +int hpre_algs_register(struct hisi_qm *qm) { int ret; @@ -1171,7 +1171,7 @@ int hpre_algs_register(void) return ret; } -void hpre_algs_unregister(void) +void hpre_algs_unregister(struct hisi_qm *qm) { crypto_unregister_akcipher(&rsa); #ifdef CONFIG_CRYPTO_DH diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c index 13cb421..bc23174 100644 --- a/drivers/crypto/hisilicon/qm.c +++ b/drivers/crypto/hisilicon/qm.c @@ -4084,7 +4084,7 @@ int hisi_qm_alg_register(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (flag) { - ret = qm_list->register_to_crypto(); + ret = qm_list->register_to_crypto(qm); if (ret) { mutex_lock(&qm_list->lock); list_del(&qm->list); @@ -4115,7 +4115,7 @@ void hisi_qm_alg_unregister(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (list_empty(&qm_list->list)) - qm_list->unregister_from_crypto(); + qm_list->unregister_from_crypto(qm); } EXPORT_SYMBOL_GPL(hisi_qm_alg_unregister); diff --git a/drivers/crypto/hisilicon/qm.h b/drivers/crypto/hisilicon/qm.h index 54967c6..f91110f 100644 --- a/drivers/crypto/hisilicon/qm.h +++ b/drivers/crypto/hisilicon/qm.h @@ -199,8 +199,8 @@ struct hisi_qm_err_ini { struct hisi_qm_list { struct mutex lock; struct list_head list; - int (*register_to_crypto)(void); - void (*unregister_from_crypto)(void); + int (*register_to_crypto)(struct hisi_qm *qm); + void (*unregister_from_crypto)(struct hisi_qm *qm); }; struct hisi_qm { diff --git a/drivers/crypto/hisilicon/sec2/sec.h b/drivers/crypto/hisilicon/sec2/sec.h index 0849191..17ddb20 100644 --- a/drivers/crypto/hisilicon/sec2/sec.h +++ b/drivers/crypto/hisilicon/sec2/sec.h @@ -183,6 +183,6 @@ struct sec_dev { void sec_destroy_qps(struct hisi_qp **qps, int qp_num); struct hisi_qp **sec_create_qps(void); -int sec_register_to_crypto(void); -void sec_unregister_from_crypto(void); +int sec_register_to_crypto(struct hisi_qm *qm); +void sec_unregister_from_crypto(struct hisi_qm *qm); #endif diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 2eaa516..f835514 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1634,7 +1634,7 @@ static struct aead_alg sec_aeads[] = { AES_BLOCK_SIZE, AES_BLOCK_SIZE, SHA512_DIGEST_SIZE), }; -int sec_register_to_crypto(void) +int sec_register_to_crypto(struct hisi_qm *qm) { int ret; @@ -1651,7 +1651,7 @@ int sec_register_to_crypto(void) return ret; } -void sec_unregister_from_crypto(void) +void sec_unregister_from_crypto(struct hisi_qm *qm) { crypto_unregister_skciphers(sec_skciphers, ARRAY_SIZE(sec_skciphers)); diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.h b/drivers/crypto/hisilicon/sec2/sec_crypto.h index b2786e1..0e933e7 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.h +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.h @@ -2
[PATCH v9 4/7] crypto: and expose ecc curves
Move 'ecc_get_curve' to 'include/crypto/ecc_curve.h', so everyone in kernel tree can easily get ecc curve params; Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c | 5 - crypto/ecc.h | 37 ++-- include/crypto/ecc_curve.h | 53 ++ 3 files changed, 59 insertions(+), 36 deletions(-) create mode 100644 include/crypto/ecc_curve.h diff --git a/crypto/ecc.c b/crypto/ecc.c index c80aa25..4b55ad0 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -24,6 +24,7 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include #include #include #include @@ -42,7 +43,8 @@ typedef struct { u64 m_high; } uint128_t; -static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) + +const struct ecc_curve *ecc_get_curve(unsigned int curve_id) { switch (curve_id) { /* In FIPS mode only allow P256 and higher */ @@ -54,6 +56,7 @@ static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) return NULL; } } +EXPORT_SYMBOL(ecc_get_curve); static u64 *ecc_alloc_digits_space(unsigned int ndigits) { diff --git a/crypto/ecc.h b/crypto/ecc.h index d4e546b..38a81d4 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -26,6 +26,8 @@ #ifndef _CRYPTO_ECC_H #define _CRYPTO_ECC_H +#include + /* One digit is u64 qword. */ #define ECC_CURVE_NIST_P192_DIGITS 3 #define ECC_CURVE_NIST_P256_DIGITS 4 @@ -33,44 +35,9 @@ #define ECC_DIGITS_TO_BYTES_SHIFT 3 -/** - * struct ecc_point - elliptic curve point in affine coordinates - * - * @x: X coordinate in vli form. - * @y: Y coordinate in vli form. - * @ndigits: Length of vlis in u64 qwords. - */ -struct ecc_point { - u64 *x; - u64 *y; - u8 ndigits; -}; - #define ECC_POINT_INIT(x, y, ndigits) (struct ecc_point) { x, y, ndigits } /** - * struct ecc_curve - definition of elliptic curve - * - * @name: Short name of the curve. - * @g: Generator point of the curve. - * @p: Prime number, if Barrett's reduction is used for this curve - * pre-calculated value 'mu' is appended to the @p after ndigits. - * Use of Barrett's reduction is heuristically determined in - * vli_mmod_fast(). - * @n: Order of the curve group. - * @a: Curve parameter a. - * @b: Curve parameter b. - */ -struct ecc_curve { - char *name; - struct ecc_point g; - u64 *p; - u64 *n; - u64 *a; - u64 *b; -}; - -/** * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use diff --git a/include/crypto/ecc_curve.h b/include/crypto/ecc_curve.h new file mode 100644 index 000..19a35da --- /dev/null +++ b/include/crypto/ecc_curve.h @@ -0,0 +1,53 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* Copyright (c) 2021 HiSilicon */ + +#ifndef _CRYTO_ECC_CURVE_H +#define _CRYTO_ECC_CURVE_H + +#include + +/** + * struct ecc_point - elliptic curve point in affine coordinates + * + * @x: X coordinate in vli form. + * @y: Y coordinate in vli form. + * @ndigits: Length of vlis in u64 qwords. + */ +struct ecc_point { + u64 *x; + u64 *y; + u8 ndigits; +}; + +/** + * struct ecc_curve - definition of elliptic curve + * + * @name: Short name of the curve. + * @g: Generator point of the curve. + * @p: Prime number, if Barrett's reduction is used for this curve + * pre-calculated value 'mu' is appended to the @p after ndigits. + * Use of Barrett's reduction is heuristically determined in + * vli_mmod_fast(). + * @n: Order of the curve group. + * @a: Curve parameter a. + * @b: Curve parameter b. + */ +struct ecc_curve { + char *name; + struct ecc_point g; + u64 *p; + u64 *n; + u64 *a; + u64 *b; +}; + +/** + * ecc_get_curve() - get elliptic curve; + * @curve_id: Curves IDs: + * defined in 'include/crypto/ecdh.h'; + * + * Returns curve if get curve succssful, NULL otherwise + */ +const struct ecc_curve *ecc_get_curve(unsigned int curve_id); + +#endif -- 2.8.1
[PATCH v9 0/7] add ECDH and CURVE25519 algorithms support for Kunpeng 930
1. Move curve ID from the key into the algorithm name (like 'ecdh-nist-pxxx' so we get its tfm like 'crypto_alloc_kpp("ecdh-nist-p256", 0, 0)'), in 'crypto/ecc.c' (has been verified by testmgr) and 'crypto/atmel-ecc.c' (only compiled, not do test), and modify 'testmgr.c' and 'net/bluetooth/smp.c' (only compiled, not do test) to adapt the modification; 2. Add new file 'include/crypto/ecc_curve.h', and move 'struct ecc_point' and 'struct ecc_curve' definitions to it, also add new APIs 'ecc_get_curveXXX' into it, with these APIs, users in kernel tree can get ECDH and curve25519 parameters; 3. Add ECDH and CURVE25519 algorithms support for Kunpeng 930. v8->v9: - patch #3: squash patches 3-5 in v8 into one in v9 - patch #4: delete ECDH curve parameters: P224, P384 and P521 - patch #5: delete ecdh-nist-p224, ecdh-nist-p384 and ecdh-nist-p521 support in HPRE v7->v8: - patch #3 and #5: move the curve ID from the key into the algorithm name instead v6->v7: - patch #4: add function interface to expose elliptic curve parameters - patch #4: eliminate warning by 'kernel test robot' - patch #5: add function interface to expose curve25519 parameters v5->v6: - patch #1: add a new patch (the first patch), which is the "depend on" patch before v4->v5: - patch #4: delete P-128 and P-320 curve, as the few using case in the kernel v3 -> v4: - patch #3: add new, and move ecc_curve params to "include/crypto" v2 -> v3: - patch #5: fix sparse warnings - patch #5: add 'CRYPTO_LIB_CURVE25519_GENERIC' in 'Kconfig' v1 -> v2: - patch #5: delete `curve25519_null_point' Meng Yu (7): crypto: hisilicon/hpre - add version adapt to new algorithms crypto: hisilicon/hpre - add algorithm type crypto: move curve_id of ECDH from the key to algorithm name crypto: and expose ecc curves crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: add curve25519 params and expose them crypto: hisilicon/hpre - add 'CURVE25519' algorithm crypto/ecc.c| 11 +- crypto/ecc.h| 37 +- crypto/ecc_curve_defs.h | 17 + crypto/ecdh.c | 72 ++- crypto/ecdh_helper.c| 4 +- crypto/testmgr.c| 13 +- crypto/testmgr.h| 34 +- drivers/crypto/atmel-ecc.c | 14 +- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 17 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 881 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 12 +- drivers/crypto/hisilicon/qm.c | 4 +- drivers/crypto/hisilicon/qm.h | 4 +- drivers/crypto/hisilicon/sec2/sec.h | 4 +- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 +- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 +- drivers/crypto/hisilicon/zip/zip.h | 4 +- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 +- include/crypto/ecc_curve.h | 60 ++ include/crypto/ecdh.h | 2 - net/bluetooth/ecdh_helper.c | 2 - net/bluetooth/selftest.c| 2 +- net/bluetooth/smp.c | 6 +- 24 files changed, 1085 insertions(+), 128 deletions(-) create mode 100644 include/crypto/ecc_curve.h -- 2.8.1
[PATCH v9 7/7] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 366 +++- 3 files changed, 361 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/hisilicon/Kconfig b/drivers/crypto/hisilicon/Kconfig index 8431926..c45adb1 100644 --- a/drivers/crypto/hisilicon/Kconfig +++ b/drivers/crypto/hisilicon/Kconfig @@ -65,6 +65,7 @@ config CRYPTO_DEV_HISI_HPRE depends on UACCE || UACCE=n depends on ARM64 || (COMPILE_TEST && 64BIT) depends on ACPI + select CRYPTO_LIB_CURVE25519_GENERIC select CRYPTO_DEV_HISI_QM select CRYPTO_DH select CRYPTO_RSA diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 50e6b2e..92892e3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -84,6 +84,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a6010b1..53068d2 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -89,6 +90,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -101,6 +112,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -115,6 +127,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -437,7 +450,6 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) struct hpre_sqe *sqe = resp; struct hpre_asym_request *req = ctx->req_list[le16_to_cpu(sqe->tag)]; - if (unlikely(!req)) { atomic64_inc(&dfx[HPRE_INVALID_REQ_CNT].value); return; @@ -1167,6 +1179,12 @@ static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, memzero_explicit(ctx->ecdh.p + shift, sz); dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); ctx->ecdh.p = NULL; + } else if (!is_ecdh && ctx->curve25519.p) { + /* curve25519: p->a->k */ + memzero_explicit(ctx->curve25519.p + shift, sz); + dma_free_coherent(dev, sz << 2, ctx->curve25519.p, + ctx->curve25519.dma_p); + ctx->curve25519.p = NULL; } hpre_ctx_clear(ctx, is_clear_all); @@ -1549,6 +1567,312 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_curve25519_fill_curve(struct hpre_ctx *ctx, const void *buf, + unsigned int len) +{ + u8 secret[CURVE25519_KEY_SIZE] = { 0 }; + unsigned int sz = ctx->key_sz; + const struct ecc_curve *curve; + unsigned int shift = sz << 1; + void *p; + + /* +* The key from 'buf' is in little-endian, we should preprocess it as +* the description in rfc7748: "k[0] &= 248, k[31] &= 127, k[31] |= 64", +* then convert it to big endian. Only in this way, the result can be +* the same as the software curve-25519 that exists in crypto. +*/ + memcpy(secret, buf, len); + curve25519_clamp_secret(secret); + hpre_key_to_big_end(secret, CURVE25519_KEY_SIZE); + + p = ctx->curve25519.p + sz - len; + + curve = ecc_get_curve25519(); + + /* fill curve parameters */ + fill_curve_param(p, curve->p, len, curve->g.ndigits); + fill_curve_param(p + sz, curve->a, len, curve->g.ndigits); + memcpy(p + shift, secret, len); + fill_curve_param(p + shift + sz, c
[PATCH v9 6/7] crypto: add curve25519 params and expose them
1. Add curve 25519 parameters in 'crypto/ecc_curve_defs.h'; 2. Add curve25519 interface 'ecc_get_curve25519_param' in 'include/crypto/ecc_curve.h', to make its parameters be exposed to everyone in kernel tree. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c | 6 ++ crypto/ecc_curve_defs.h| 17 + include/crypto/ecc_curve.h | 7 +++ 3 files changed, 30 insertions(+) diff --git a/crypto/ecc.c b/crypto/ecc.c index 4b55ad0..0798a18 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -43,6 +43,12 @@ typedef struct { u64 m_high; } uint128_t; +/* Returns curv25519 curve param */ +const struct ecc_curve *ecc_get_curve25519(void) +{ + return &ecc_25519; +} +EXPORT_SYMBOL(ecc_get_curve25519); const struct ecc_curve *ecc_get_curve(unsigned int curve_id) { diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h index 69be6c7..d7769cc 100644 --- a/crypto/ecc_curve_defs.h +++ b/crypto/ecc_curve_defs.h @@ -54,4 +54,21 @@ static struct ecc_curve nist_p256 = { .b = nist_p256_b }; +/* curve25519 */ +static u64 curve25519_g_x[] = { 0x0009, 0x, + 0x, 0x }; +static u64 curve25519_p[] = { 0xffed, 0x, + 0x, 0x7fff }; +static u64 curve25519_a[] = { 0x0001DB41, 0x, + 0x, 0x }; +static const struct ecc_curve ecc_25519 = { + .name = "curve25519", + .g = { + .x = curve25519_g_x, + .ndigits = 4, + }, + .p = curve25519_p, + .a = curve25519_a, +}; + #endif diff --git a/include/crypto/ecc_curve.h b/include/crypto/ecc_curve.h index 19a35da..7096478 100644 --- a/include/crypto/ecc_curve.h +++ b/include/crypto/ecc_curve.h @@ -50,4 +50,11 @@ struct ecc_curve { */ const struct ecc_curve *ecc_get_curve(unsigned int curve_id); +/** + * ecc_get_curve25519() - get curve25519 curve; + * + * Returns curve25519 + */ +const struct ecc_curve *ecc_get_curve25519(void); + #endif -- 2.8.1
[PATCH v9 2/7] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index cc50f23..02193e1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -92,7 +100,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index e7a2c70..76f0a87 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -226,13 +226,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH v9 5/7] crypto: hisilicon/hpre - add 'ECDH' algorithm
1. Enable 'ECDH' algorithm in Kunpeng 930; 2. HPRE ECDH Support: ecdh-nist-p192, ecdh-nist-p256. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 515 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + 3 files changed, 513 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 02193e1..50e6b2e 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -83,6 +83,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -104,5 +105,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..a6010b1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,8 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include +#include #include #include #include @@ -36,6 +38,13 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P256_N_SIZE 32 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 + typedef void (*hpre_cb)(struct hpre_ctx *ctx, void *sqe); struct hpre_rsa_ctx { @@ -61,14 +70,25 @@ struct hpre_dh_ctx { * else if base if the counterpart public key we * compute the shared secret * ZZ = yb^xa mod p; [RFC2631 sec 2.1.1] +* low address: d--->n, please refer to Hisilicon HPRE UM */ - char *xa_p; /* low address: d--->n, please refer to Hisilicon HPRE UM */ + char *xa_p; dma_addr_t dma_xa_p; char *g; /* m */ dma_addr_t dma_g; }; +struct hpre_ecdh_ctx { + /* low address: p->a->k->b */ + unsigned char *p; + dma_addr_t dma_p; + + /* low address: x->y */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -80,7 +100,10 @@ struct hpre_ctx { union { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; + struct hpre_ecdh_ctx ecdh; }; + /* for ecc algorithms */ + unsigned int curve_id; }; struct hpre_asym_request { @@ -91,6 +114,7 @@ struct hpre_asym_request { union { struct akcipher_request *rsa; struct kpp_request *dh; + struct kpp_request *ecdh; } areq; int err; int req_id; @@ -1115,6 +1139,416 @@ static void hpre_rsa_exit_tfm(struct crypto_akcipher *tfm) crypto_free_akcipher(ctx->rsa.soft_tfm); } +static void hpre_key_to_big_end(u8 *data, int len) +{ + int i, j; + u8 tmp; + + for (i = 0; i < len / 2; i++) { + j = len - i - 1; + tmp = data[j]; + data[j] = data[i]; + data[i] = tmp; + } +} + +static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, + bool is_ecdh) +{ + struct device *dev = HPRE_DEV(ctx); + unsigned int sz = ctx->key_sz; + unsigned int shift = sz << 1; + + if (is_clear_all) + hisi_qm_stop_qp(ctx->qp); + + if (is_ecdh && ctx->ecdh.p) { + /* ecdh: p->a->k->b */ + memzero_explicit(ctx->ecdh.p + shift, sz); + dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); + ctx->ecdh.p = NULL; + } + + hpre_ctx_clear(ctx, is_clear_all); +} + +static unsigned int hpre_ecdh_supported_curve(unsigned short id) +{ + switch (id) { + case ECC_CURVE_NIST_P192: + case ECC_CURVE_NIST_P256: + return HPRE_ECC_HW256_KSZ_B; + default: + break; + } + + return 0; +} + +static void fill_curve_param(void *addr, u64 *param, unsigned int cur_sz, u8 ndigits) +{ + unsigned int sz = cur_sz - (ndigits - 1) * sizeof(u64); + u8 i = 0; + + while (i < ndigits - 1) { + memcpy(addr + sizeof(u64) * i, ¶m[i], sizeof(u64)); + i++; + } + + memcpy(addr + sizeof(u64) * i, ¶m[ndigits - 1], sz); + hpre_key_to_big_end((u8 *)addr, cur_sz); +} + +static int hpre_ecdh_fill_curve(struct hpre_ctx *ctx, struct ecdh *params, + unsigned int cur_sz) +{ + unsigned int shifta = ctx->key_sz <<
[PATCH v9 3/7] crypto: move curve_id of ECDH from the key to algorithm name
1. crypto and crypto/atmel-ecc: Move curve id of ECDH from the key into the algorithm name instead in crypto and atmel-ecc, so ECDH algorithm name change form 'ecdh' to 'ecdh-nist-pxxx', and we cannot use 'curve_id' in 'struct ecdh'; 2. crypto/testmgr and net/bluetooth: Modify 'testmgr.c', 'testmgr.h' and 'net/bluetooth' to adapt the modification. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- crypto/ecdh.c | 72 +++-- crypto/ecdh_helper.c| 4 +-- crypto/testmgr.c| 13 ++-- crypto/testmgr.h| 34 ++--- drivers/crypto/atmel-ecc.c | 14 - include/crypto/ecdh.h | 2 -- net/bluetooth/ecdh_helper.c | 2 -- net/bluetooth/selftest.c| 2 +- net/bluetooth/smp.c | 6 ++-- 9 files changed, 88 insertions(+), 61 deletions(-) diff --git a/crypto/ecdh.c b/crypto/ecdh.c index 96f80c8..04a427b 100644 --- a/crypto/ecdh.c +++ b/crypto/ecdh.c @@ -23,33 +23,16 @@ static inline struct ecdh_ctx *ecdh_get_ctx(struct crypto_kpp *tfm) return kpp_tfm_ctx(tfm); } -static unsigned int ecdh_supported_curve(unsigned int curve_id) -{ - switch (curve_id) { - case ECC_CURVE_NIST_P192: return ECC_CURVE_NIST_P192_DIGITS; - case ECC_CURVE_NIST_P256: return ECC_CURVE_NIST_P256_DIGITS; - default: return 0; - } -} - static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, unsigned int len) { struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); struct ecdh params; - unsigned int ndigits; if (crypto_ecdh_decode_key(buf, len, ¶ms) < 0 || - params.key_size > sizeof(ctx->private_key)) + params.key_size > sizeof(u64) * ctx->ndigits) return -EINVAL; - ndigits = ecdh_supported_curve(params.curve_id); - if (!ndigits) - return -EINVAL; - - ctx->curve_id = params.curve_id; - ctx->ndigits = ndigits; - if (!params.key || !params.key_size) return ecc_gen_privkey(ctx->curve_id, ctx->ndigits, ctx->private_key); @@ -140,13 +123,24 @@ static unsigned int ecdh_max_size(struct crypto_kpp *tfm) return ctx->ndigits << (ECC_DIGITS_TO_BYTES_SHIFT + 1); } -static struct kpp_alg ecdh = { +static int ecdh_nist_p192_init_tfm(struct crypto_kpp *tfm) +{ + struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); + + ctx->curve_id = ECC_CURVE_NIST_P192; + ctx->ndigits = ECC_CURVE_NIST_P192_DIGITS; + + return 0; +} + +static struct kpp_alg ecdh_nist_p192 = { .set_secret = ecdh_set_secret, .generate_public_key = ecdh_compute_value, .compute_shared_secret = ecdh_compute_value, .max_size = ecdh_max_size, + .init = ecdh_nist_p192_init_tfm, .base = { - .cra_name = "ecdh", + .cra_name = "ecdh-nist-p192", .cra_driver_name = "ecdh-generic", .cra_priority = 100, .cra_module = THIS_MODULE, @@ -154,14 +148,48 @@ static struct kpp_alg ecdh = { }, }; +static int ecdh_nist_p256_init_tfm(struct crypto_kpp *tfm) +{ + struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); + + ctx->curve_id = ECC_CURVE_NIST_P256; + ctx->ndigits = ECC_CURVE_NIST_P256_DIGITS; + + return 0; +} + +static struct kpp_alg ecdh_nist_p256 = { + .set_secret = ecdh_set_secret, + .generate_public_key = ecdh_compute_value, + .compute_shared_secret = ecdh_compute_value, + .max_size = ecdh_max_size, + .init = ecdh_nist_p256_init_tfm, + .base = { + .cra_name = "ecdh-nist-p256", + .cra_driver_name = "ecdh-generic", + .cra_priority = 100, + .cra_module = THIS_MODULE, + .cra_ctxsize = sizeof(struct ecdh_ctx), + }, +}; + +static bool ecdh_nist_p192_registered; + static int ecdh_init(void) { - return crypto_register_kpp(&ecdh); + int ret; + + ret = crypto_register_kpp(&ecdh_nist_p192); + ecdh_nist_p192_registered = ret == 0; + + return crypto_register_kpp(&ecdh_nist_p256); } static void ecdh_exit(void) { - crypto_unregister_kpp(&ecdh); + if (ecdh_nist_p192_registered) + crypto_unregister_kpp(&ecdh_nist_p192); + crypto_unregister_kpp(&ecdh_nist_p256); } subsys_initcall(ecdh_init); diff --git a/crypto/ecdh_helper.c b/crypto/ecdh_helper.c index fca63b5..f18f902 100644 --- a/crypto/ecdh_helper.c +++ b/crypto/ecdh_helper.c @@ -10,7 +10,7 @@ #include #include -#define ECDH_KPP_SECRET_MIN_SIZE (sizeof(struct kpp_secret) + 2 * sizeof(short)) +#define ECDH_KPP_SECRET_MIN_SIZE
[PATCH v9 1/7] crypto: hisilicon/hpre - add version adapt to new algorithms
A new generation of accelerator Kunpeng930 has appeared, and the corresponding driver needs to be updated to support some new algorithms of Kunpeng930. To be compatible with Kunpeng920, we add parameter 'struct hisi_qm *qm' to sec_algs_(un)register to identify the chip's version. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Longfang Liu --- drivers/crypto/hisilicon/hpre/hpre.h| 5 +++-- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 4 ++-- drivers/crypto/hisilicon/qm.c | 4 ++-- drivers/crypto/hisilicon/qm.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 ++-- drivers/crypto/hisilicon/zip/zip.h | 4 ++-- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 ++-- 9 files changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 181c109..cc50f23 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -93,7 +93,8 @@ struct hpre_sqe { }; struct hisi_qp *hpre_create_qp(void); -int hpre_algs_register(void); -void hpre_algs_unregister(void); +int hpre_algs_register(struct hisi_qm *qm); +void hpre_algs_unregister(struct hisi_qm *qm); + #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a87f990..d89b2f5 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1154,7 +1154,7 @@ static struct kpp_alg dh = { }; #endif -int hpre_algs_register(void) +int hpre_algs_register(struct hisi_qm *qm) { int ret; @@ -1171,7 +1171,7 @@ int hpre_algs_register(void) return ret; } -void hpre_algs_unregister(void) +void hpre_algs_unregister(struct hisi_qm *qm) { crypto_unregister_akcipher(&rsa); #ifdef CONFIG_CRYPTO_DH diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c index 13cb421..bc23174 100644 --- a/drivers/crypto/hisilicon/qm.c +++ b/drivers/crypto/hisilicon/qm.c @@ -4084,7 +4084,7 @@ int hisi_qm_alg_register(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (flag) { - ret = qm_list->register_to_crypto(); + ret = qm_list->register_to_crypto(qm); if (ret) { mutex_lock(&qm_list->lock); list_del(&qm->list); @@ -4115,7 +4115,7 @@ void hisi_qm_alg_unregister(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (list_empty(&qm_list->list)) - qm_list->unregister_from_crypto(); + qm_list->unregister_from_crypto(qm); } EXPORT_SYMBOL_GPL(hisi_qm_alg_unregister); diff --git a/drivers/crypto/hisilicon/qm.h b/drivers/crypto/hisilicon/qm.h index 54967c6..f91110f 100644 --- a/drivers/crypto/hisilicon/qm.h +++ b/drivers/crypto/hisilicon/qm.h @@ -199,8 +199,8 @@ struct hisi_qm_err_ini { struct hisi_qm_list { struct mutex lock; struct list_head list; - int (*register_to_crypto)(void); - void (*unregister_from_crypto)(void); + int (*register_to_crypto)(struct hisi_qm *qm); + void (*unregister_from_crypto)(struct hisi_qm *qm); }; struct hisi_qm { diff --git a/drivers/crypto/hisilicon/sec2/sec.h b/drivers/crypto/hisilicon/sec2/sec.h index 0849191..17ddb20 100644 --- a/drivers/crypto/hisilicon/sec2/sec.h +++ b/drivers/crypto/hisilicon/sec2/sec.h @@ -183,6 +183,6 @@ struct sec_dev { void sec_destroy_qps(struct hisi_qp **qps, int qp_num); struct hisi_qp **sec_create_qps(void); -int sec_register_to_crypto(void); -void sec_unregister_from_crypto(void); +int sec_register_to_crypto(struct hisi_qm *qm); +void sec_unregister_from_crypto(struct hisi_qm *qm); #endif diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 2eaa516..f835514 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1634,7 +1634,7 @@ static struct aead_alg sec_aeads[] = { AES_BLOCK_SIZE, AES_BLOCK_SIZE, SHA512_DIGEST_SIZE), }; -int sec_register_to_crypto(void) +int sec_register_to_crypto(struct hisi_qm *qm) { int ret; @@ -1651,7 +1651,7 @@ int sec_register_to_crypto(void) return ret; } -void sec_unregister_from_crypto(void) +void sec_unregister_from_crypto(struct hisi_qm *qm) { crypto_unregister_skciphers(sec_skciphers, ARRAY_SIZE(sec_skciphers)); diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.h b/drivers/crypto/hisilicon/sec2/sec_crypto.h index b2786e1..0e933e7 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.h +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.h @@ -2
[PATCH v8 6/9] crypto: add new ecc curve and expose them
1. Add ecc curves(P224, P384, P521) for ECDH; 2. Reorder ECC 'Curves ID' in 'include/crypto/ecdh.h'; 3. Move 'ecc_get_curve' to 'include/crypto/ecc_curve.h', so everyone in kernel tree can easily get ecc curve params; Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c | 11 - crypto/ecc.h | 37 +--- crypto/ecc_curve_defs.h| 106 + include/crypto/ecc_curve.h | 53 +++ include/crypto/ecdh.h | 5 ++- 5 files changed, 175 insertions(+), 37 deletions(-) create mode 100644 include/crypto/ecc_curve.h diff --git a/crypto/ecc.c b/crypto/ecc.c index c80aa25..a631d3e 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -24,6 +24,7 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include #include #include #include @@ -42,18 +43,26 @@ typedef struct { u64 m_high; } uint128_t; -static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) + +const struct ecc_curve *ecc_get_curve(unsigned int curve_id) { switch (curve_id) { /* In FIPS mode only allow P256 and higher */ case ECC_CURVE_NIST_P192: return fips_enabled ? NULL : &nist_p192; + case ECC_CURVE_NIST_P224: + return &nist_p224; case ECC_CURVE_NIST_P256: return &nist_p256; + case ECC_CURVE_NIST_P384: + return &nist_p384; + case ECC_CURVE_NIST_P521: + return &nist_p521; default: return NULL; } } +EXPORT_SYMBOL(ecc_get_curve); static u64 *ecc_alloc_digits_space(unsigned int ndigits) { diff --git a/crypto/ecc.h b/crypto/ecc.h index d4e546b..38a81d4 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -26,6 +26,8 @@ #ifndef _CRYPTO_ECC_H #define _CRYPTO_ECC_H +#include + /* One digit is u64 qword. */ #define ECC_CURVE_NIST_P192_DIGITS 3 #define ECC_CURVE_NIST_P256_DIGITS 4 @@ -33,44 +35,9 @@ #define ECC_DIGITS_TO_BYTES_SHIFT 3 -/** - * struct ecc_point - elliptic curve point in affine coordinates - * - * @x: X coordinate in vli form. - * @y: Y coordinate in vli form. - * @ndigits: Length of vlis in u64 qwords. - */ -struct ecc_point { - u64 *x; - u64 *y; - u8 ndigits; -}; - #define ECC_POINT_INIT(x, y, ndigits) (struct ecc_point) { x, y, ndigits } /** - * struct ecc_curve - definition of elliptic curve - * - * @name: Short name of the curve. - * @g: Generator point of the curve. - * @p: Prime number, if Barrett's reduction is used for this curve - * pre-calculated value 'mu' is appended to the @p after ndigits. - * Use of Barrett's reduction is heuristically determined in - * vli_mmod_fast(). - * @n: Order of the curve group. - * @a: Curve parameter a. - * @b: Curve parameter b. - */ -struct ecc_curve { - char *name; - struct ecc_point g; - u64 *p; - u64 *n; - u64 *a; - u64 *b; -}; - -/** * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h index 69be6c7..bcd7b58 100644 --- a/crypto/ecc_curve_defs.h +++ b/crypto/ecc_curve_defs.h @@ -15,6 +15,7 @@ static u64 nist_p192_a[] = { 0xFFFCull, 0xFFFEull, 0xull }; static u64 nist_p192_b[] = { 0xFEB8DEECC146B9B1ull, 0x0FA7E9AB72243049ull, 0x64210519E59C80E7ull }; + static struct ecc_curve nist_p192 = { .name = "nist_192", .g = { @@ -28,6 +29,32 @@ static struct ecc_curve nist_p192 = { .b = nist_p192_b }; +/* NIST P-224 */ +static u64 nist_p224_g_x[] = { 0x343280D6115C1D21ull, 0x4A03C1D356C21122ull, + 0x6BB4BF7F321390B9ull, 0xB70E0CBDull }; +static u64 nist_p224_g_y[] = { 0x44d5819985007e34ull, 0xcd4375a05a074764ull, + 0xb5f723fb4c22dfe6ull, 0xbd376388ull }; +static u64 nist_p224_p[] = { 0x0001ull, 0xull, + 0xull, 0xull }; +static u64 nist_p224_n[] = { 0x13DD29455C5C2A3Dull, 0x16A2E0B8F03Eull, + 0xull, 0xull }; +static u64 nist_p224_a[] = { 0xFFFEull, 0xFFFEull, + 0xull, 0xull }; +static u64 nist_p224_b[] = { 0x270B39432355FFB4ull, 0x5044B0B7D7BFD8BAull, + 0x0C04B3ABF5413256ull, 0xB4050A85ull }; +static struct ecc_curve nist_p224 = { + .name = "nist_224", + .g = { + .x = nist_p224_g_x, + .y = nist_p
[PATCH v8 2/9] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index e784712..7c7bfdd 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -90,7 +98,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 3b3481e..e492103 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -218,13 +218,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH v8 8/9] crypto: add curve25519 params and expose them
1. Add curve 25519 parameters; 2. Add curve25519 function 'ecc_get_curve25519_param', to make its parameters be exposed to everyone in kernel tree. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c | 6 ++ crypto/ecc_curve_defs.h| 18 ++ include/crypto/ecc_curve.h | 7 +++ 3 files changed, 31 insertions(+) diff --git a/crypto/ecc.c b/crypto/ecc.c index a631d3e..d8dbe7a 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -43,6 +43,12 @@ typedef struct { u64 m_high; } uint128_t; +/* Returns curv25519 curve param */ +const struct ecc_curve *ecc_get_curve25519(void) +{ + return &ecc_25519; +} +EXPORT_SYMBOL(ecc_get_curve25519); const struct ecc_curve *ecc_get_curve(unsigned int curve_id) { diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h index bcd7b58..f37eced 100644 --- a/crypto/ecc_curve_defs.h +++ b/crypto/ecc_curve_defs.h @@ -160,4 +160,22 @@ static struct ecc_curve nist_p521 = { .b = nist_p521_b }; +/* curve25519 */ +static u64 curve25519_g_x[] = { 0x0009, 0x, + 0x, 0x }; +static u64 curve25519_p[] = { 0xffed, 0x, + 0x, 0x7fff }; +static u64 curve25519_a[] = { 0x0001DB41, 0x, + 0x, 0x }; +static const struct ecc_curve ecc_25519 = { + .name = "curve25519", + .g = { + .x = curve25519_g_x, + .ndigits = 4, + }, + .p = curve25519_p, + .a = curve25519_a, +}; + + #endif diff --git a/include/crypto/ecc_curve.h b/include/crypto/ecc_curve.h index 19a35da..7096478 100644 --- a/include/crypto/ecc_curve.h +++ b/include/crypto/ecc_curve.h @@ -50,4 +50,11 @@ struct ecc_curve { */ const struct ecc_curve *ecc_get_curve(unsigned int curve_id); +/** + * ecc_get_curve25519() - get curve25519 curve; + * + * Returns curve25519 + */ +const struct ecc_curve *ecc_get_curve25519(void); + #endif -- 2.8.1
[PATCH v8 9/9] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 366 +++- 3 files changed, 361 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/hisilicon/Kconfig b/drivers/crypto/hisilicon/Kconfig index 8431926..c45adb1 100644 --- a/drivers/crypto/hisilicon/Kconfig +++ b/drivers/crypto/hisilicon/Kconfig @@ -65,6 +65,7 @@ config CRYPTO_DEV_HISI_HPRE depends on UACCE || UACCE=n depends on ARM64 || (COMPILE_TEST && 64BIT) depends on ACPI + select CRYPTO_LIB_CURVE25519_GENERIC select CRYPTO_DEV_HISI_QM select CRYPTO_DH select CRYPTO_RSA diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 5a8091a..53a2832 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -82,6 +82,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 49df0ab..a8fc2b4 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -96,6 +97,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -108,6 +119,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -122,6 +134,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -444,7 +457,6 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) struct hpre_sqe *sqe = resp; struct hpre_asym_request *req = ctx->req_list[le16_to_cpu(sqe->tag)]; - if (unlikely(!req)) { atomic64_inc(&dfx[HPRE_INVALID_REQ_CNT].value); return; @@ -1174,6 +1186,12 @@ static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, memzero_explicit(ctx->ecdh.p + shift, sz); dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); ctx->ecdh.p = NULL; + } else if (!is_ecdh && ctx->curve25519.p) { + /* curve25519: p->a->k */ + memzero_explicit(ctx->curve25519.p + shift, sz); + dma_free_coherent(dev, sz << 2, ctx->curve25519.p, + ctx->curve25519.dma_p); + ctx->curve25519.p = NULL; } hpre_ctx_clear(ctx, is_clear_all); @@ -1601,6 +1619,312 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_curve25519_fill_curve(struct hpre_ctx *ctx, const void *buf, + unsigned int len) +{ + u8 secret[CURVE25519_KEY_SIZE] = { 0 }; + unsigned int sz = ctx->key_sz; + const struct ecc_curve *curve; + unsigned int shift = sz << 1; + void *p; + + /* +* The key from 'buf' is in little-endian, we should preprocess it as +* the description in rfc7748: "k[0] &= 248, k[31] &= 127, k[31] |= 64", +* then convert it to big endian. Only in this way, the result can be +* the same as the software curve-25519 that exists in crypto. +*/ + memcpy(secret, buf, len); + curve25519_clamp_secret(secret); + hpre_key_to_big_end(secret, CURVE25519_KEY_SIZE); + + p = ctx->curve25519.p + sz - len; + + curve = ecc_get_curve25519(); + + /* fill curve parameters */ + fill_curve_param(p, curve->p, len, curve->g.ndigits); + fill_curve_param(p + sz, curve->a, len, curve->g.ndigits); + memcpy(p + shift, secret, len); + fill_curve_param(p + shift + sz, curve->g.x, len, curve->g.
[PATCH v8 5/9] crypto: move curve_id of ECDH to algorithm name
1. Move curve id of ECDH from the key into the algorithm name instead in crypto; 2. Modify 'testmgr.c' and 'testmgr.h' to adapt the modification. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecdh.c | 72 +++ crypto/ecdh_helper.c | 4 +-- crypto/testmgr.c | 11 ++-- crypto/testmgr.h | 32 ++- include/crypto/ecdh.h | 2 -- 5 files changed, 74 insertions(+), 47 deletions(-) diff --git a/crypto/ecdh.c b/crypto/ecdh.c index 96f80c8..04a427b 100644 --- a/crypto/ecdh.c +++ b/crypto/ecdh.c @@ -23,33 +23,16 @@ static inline struct ecdh_ctx *ecdh_get_ctx(struct crypto_kpp *tfm) return kpp_tfm_ctx(tfm); } -static unsigned int ecdh_supported_curve(unsigned int curve_id) -{ - switch (curve_id) { - case ECC_CURVE_NIST_P192: return ECC_CURVE_NIST_P192_DIGITS; - case ECC_CURVE_NIST_P256: return ECC_CURVE_NIST_P256_DIGITS; - default: return 0; - } -} - static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, unsigned int len) { struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); struct ecdh params; - unsigned int ndigits; if (crypto_ecdh_decode_key(buf, len, ¶ms) < 0 || - params.key_size > sizeof(ctx->private_key)) + params.key_size > sizeof(u64) * ctx->ndigits) return -EINVAL; - ndigits = ecdh_supported_curve(params.curve_id); - if (!ndigits) - return -EINVAL; - - ctx->curve_id = params.curve_id; - ctx->ndigits = ndigits; - if (!params.key || !params.key_size) return ecc_gen_privkey(ctx->curve_id, ctx->ndigits, ctx->private_key); @@ -140,13 +123,24 @@ static unsigned int ecdh_max_size(struct crypto_kpp *tfm) return ctx->ndigits << (ECC_DIGITS_TO_BYTES_SHIFT + 1); } -static struct kpp_alg ecdh = { +static int ecdh_nist_p192_init_tfm(struct crypto_kpp *tfm) +{ + struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); + + ctx->curve_id = ECC_CURVE_NIST_P192; + ctx->ndigits = ECC_CURVE_NIST_P192_DIGITS; + + return 0; +} + +static struct kpp_alg ecdh_nist_p192 = { .set_secret = ecdh_set_secret, .generate_public_key = ecdh_compute_value, .compute_shared_secret = ecdh_compute_value, .max_size = ecdh_max_size, + .init = ecdh_nist_p192_init_tfm, .base = { - .cra_name = "ecdh", + .cra_name = "ecdh-nist-p192", .cra_driver_name = "ecdh-generic", .cra_priority = 100, .cra_module = THIS_MODULE, @@ -154,14 +148,48 @@ static struct kpp_alg ecdh = { }, }; +static int ecdh_nist_p256_init_tfm(struct crypto_kpp *tfm) +{ + struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); + + ctx->curve_id = ECC_CURVE_NIST_P256; + ctx->ndigits = ECC_CURVE_NIST_P256_DIGITS; + + return 0; +} + +static struct kpp_alg ecdh_nist_p256 = { + .set_secret = ecdh_set_secret, + .generate_public_key = ecdh_compute_value, + .compute_shared_secret = ecdh_compute_value, + .max_size = ecdh_max_size, + .init = ecdh_nist_p256_init_tfm, + .base = { + .cra_name = "ecdh-nist-p256", + .cra_driver_name = "ecdh-generic", + .cra_priority = 100, + .cra_module = THIS_MODULE, + .cra_ctxsize = sizeof(struct ecdh_ctx), + }, +}; + +static bool ecdh_nist_p192_registered; + static int ecdh_init(void) { - return crypto_register_kpp(&ecdh); + int ret; + + ret = crypto_register_kpp(&ecdh_nist_p192); + ecdh_nist_p192_registered = ret == 0; + + return crypto_register_kpp(&ecdh_nist_p256); } static void ecdh_exit(void) { - crypto_unregister_kpp(&ecdh); + if (ecdh_nist_p192_registered) + crypto_unregister_kpp(&ecdh_nist_p192); + crypto_unregister_kpp(&ecdh_nist_p256); } subsys_initcall(ecdh_init); diff --git a/crypto/ecdh_helper.c b/crypto/ecdh_helper.c index 66fcb2e..c79696f 100644 --- a/crypto/ecdh_helper.c +++ b/crypto/ecdh_helper.c @@ -10,7 +10,7 @@ #include #include -#define ECDH_KPP_SECRET_MIN_SIZE (sizeof(struct kpp_secret) + 2 * sizeof(short)) +#define ECDH_KPP_SECRET_MIN_SIZE (sizeof(struct kpp_secret) + sizeof(short)) static inline u8 *ecdh_pack_data(void *dst, const void *src, size_t sz) { @@ -46,7 +46,6 @@ int crypto_ecdh_encode_key(char *buf, unsigned int len, return -EINVAL; ptr = ecdh_pack_data(ptr, &secret, sizeof(secret)); - ptr = ecdh_pack_data(ptr, ¶ms->curve_id, sizeof(params->curve_id)); ptr = ecdh_pack_data(ptr, ¶ms->key_size, sizeof(params->key_size));
[PATCH v8 4/9] net/bluetooth: modify ECDH name in 'crypto_alloc_kpp'
Algorithm name of ECDH will be changed in crypto, so we modify its name when we call ECDH. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- net/bluetooth/ecdh_helper.c | 2 -- net/bluetooth/selftest.c| 2 +- net/bluetooth/smp.c | 6 +++--- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/net/bluetooth/ecdh_helper.c b/net/bluetooth/ecdh_helper.c index 3226fe0..989401f 100644 --- a/net/bluetooth/ecdh_helper.c +++ b/net/bluetooth/ecdh_helper.c @@ -126,8 +126,6 @@ int set_ecdh_privkey(struct crypto_kpp *tfm, const u8 private_key[32]) int err; struct ecdh p = {0}; - p.curve_id = ECC_CURVE_NIST_P256; - if (private_key) { tmp = kmalloc(32, GFP_KERNEL); if (!tmp) diff --git a/net/bluetooth/selftest.c b/net/bluetooth/selftest.c index f71c6fa..f49604d 100644 --- a/net/bluetooth/selftest.c +++ b/net/bluetooth/selftest.c @@ -205,7 +205,7 @@ static int __init test_ecdh(void) calltime = ktime_get(); - tfm = crypto_alloc_kpp("ecdh", 0, 0); + tfm = crypto_alloc_kpp("ecdh-nist-p256", 0, 0); if (IS_ERR(tfm)) { BT_ERR("Unable to create ECDH crypto context"); err = PTR_ERR(tfm); diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index c659c46..5de73de 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -1387,7 +1387,7 @@ static struct smp_chan *smp_chan_create(struct l2cap_conn *conn) goto zfree_smp; } - smp->tfm_ecdh = crypto_alloc_kpp("ecdh", 0, 0); + smp->tfm_ecdh = crypto_alloc_kpp("ecdh-nist-p256", 0, 0); if (IS_ERR(smp->tfm_ecdh)) { BT_ERR("Unable to create ECDH crypto context"); goto free_shash; @@ -3282,7 +3282,7 @@ static struct l2cap_chan *smp_add_cid(struct hci_dev *hdev, u16 cid) return ERR_CAST(tfm_cmac); } - tfm_ecdh = crypto_alloc_kpp("ecdh", 0, 0); + tfm_ecdh = crypto_alloc_kpp("ecdh-nist-p256", 0, 0); if (IS_ERR(tfm_ecdh)) { BT_ERR("Unable to create ECDH crypto context"); crypto_free_shash(tfm_cmac); @@ -3807,7 +3807,7 @@ int __init bt_selftest_smp(void) return PTR_ERR(tfm_cmac); } - tfm_ecdh = crypto_alloc_kpp("ecdh", 0, 0); + tfm_ecdh = crypto_alloc_kpp("ecdh-nist-p256", 0, 0); if (IS_ERR(tfm_ecdh)) { BT_ERR("Unable to create ECDH crypto context"); crypto_free_shash(tfm_cmac); -- 2.8.1
[PATCH v8 3/9] crypto: atmel-ecc - move curve_id of ECDH from the key to algorithm name
As curve id of ECDH will be moved from its key into algorithm name, we cannot use 'curve_id' in 'struct ecdh', so we should modify ECDH driver in atmel, and make ECDH algorithm name be the same as crypto (like 'ecdh-nist-pxxx'); Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/atmel-ecc.c | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/crypto/atmel-ecc.c b/drivers/crypto/atmel-ecc.c index 9bd8e51..9ade6ad 100644 --- a/drivers/crypto/atmel-ecc.c +++ b/drivers/crypto/atmel-ecc.c @@ -104,7 +104,7 @@ static int atmel_ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, return -EINVAL; } - ctx->n_sz = atmel_ecdh_supported_curve(params.curve_id); + ctx->n_sz = atmel_ecdh_supported_curve(ctx->curve_id); if (!ctx->n_sz || params.key_size) { /* fallback to ecdh software implementation */ ctx->do_fallback = true; @@ -125,7 +125,6 @@ static int atmel_ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, goto free_cmd; ctx->do_fallback = false; - ctx->curve_id = params.curve_id; atmel_i2c_init_genkey_cmd(cmd, DATA_SLOT_2); @@ -263,6 +262,7 @@ static int atmel_ecdh_init_tfm(struct crypto_kpp *tfm) struct crypto_kpp *fallback; struct atmel_ecdh_ctx *ctx = kpp_tfm_ctx(tfm); + ctx->curve_id = ECC_CURVE_NIST_P256; ctx->client = atmel_ecc_i2c_client_alloc(); if (IS_ERR(ctx->client)) { pr_err("tfm - i2c_client binding failed\n"); @@ -306,7 +306,7 @@ static unsigned int atmel_ecdh_max_size(struct crypto_kpp *tfm) return ATMEL_ECC_PUBKEY_SIZE; } -static struct kpp_alg atmel_ecdh = { +static struct kpp_alg atmel_ecdh_nist_p256 = { .set_secret = atmel_ecdh_set_secret, .generate_public_key = atmel_ecdh_generate_public_key, .compute_shared_secret = atmel_ecdh_compute_shared_secret, @@ -315,7 +315,7 @@ static struct kpp_alg atmel_ecdh = { .max_size = atmel_ecdh_max_size, .base = { .cra_flags = CRYPTO_ALG_NEED_FALLBACK, - .cra_name = "ecdh", + .cra_name = "ecdh-nist-p256", .cra_driver_name = "atmel-ecdh", .cra_priority = ATMEL_ECC_PRIORITY, .cra_module = THIS_MODULE, @@ -340,14 +340,14 @@ static int atmel_ecc_probe(struct i2c_client *client, &driver_data.i2c_client_list); spin_unlock(&driver_data.i2c_list_lock); - ret = crypto_register_kpp(&atmel_ecdh); + ret = crypto_register_kpp(&atmel_ecdh_nist_p256); if (ret) { spin_lock(&driver_data.i2c_list_lock); list_del(&i2c_priv->i2c_client_list_node); spin_unlock(&driver_data.i2c_list_lock); dev_err(&client->dev, "%s alg registration failed\n", - atmel_ecdh.base.cra_driver_name); + atmel_ecdh_nist_p256.base.cra_driver_name); } else { dev_info(&client->dev, "atmel ecc algorithms registered in /proc/crypto\n"); } @@ -365,7 +365,7 @@ static int atmel_ecc_remove(struct i2c_client *client) return -EBUSY; } - crypto_unregister_kpp(&atmel_ecdh); + crypto_unregister_kpp(&atmel_ecdh_nist_p256); spin_lock(&driver_data.i2c_list_lock); list_del(&i2c_priv->i2c_client_list_node); -- 2.8.1
[PATCH v8 7/9] crypto: hisilicon/hpre - add 'ECDH' algorithm
1. Enable 'ECDH' algorithm in Kunpeng 930; 2. HPRE ECDH Support: ecdh-nist-p192, ecdh-nist-p224, ecdh-nist-p256, ecdh-nist-p384, ecdh-nist-p521. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 641 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + 3 files changed, 639 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 7c7bfdd..5a8091a 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -81,6 +81,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -102,5 +103,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..49df0ab 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,8 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include +#include #include #include #include @@ -36,6 +38,20 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P224_N_SIZE 28 +#define HPRE_ECC_NIST_P256_N_SIZE 32 +#define HPRE_ECC_NIST_P384_N_SIZE 48 +#define HPRE_ECC_NIST_P521_N_SIZE 66 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 +#define HPRE_ECC_HW384_KSZ_B 48 +#define HPRE_ECC_HW576_KSZ_B 72 + +#define HPRE_ECDH_MAX_SZ HPRE_ECC_HW576_KSZ_B + typedef void (*hpre_cb)(struct hpre_ctx *ctx, void *sqe); struct hpre_rsa_ctx { @@ -61,14 +77,25 @@ struct hpre_dh_ctx { * else if base if the counterpart public key we * compute the shared secret * ZZ = yb^xa mod p; [RFC2631 sec 2.1.1] +* low address: d--->n, please refer to Hisilicon HPRE UM */ - char *xa_p; /* low address: d--->n, please refer to Hisilicon HPRE UM */ + char *xa_p; dma_addr_t dma_xa_p; char *g; /* m */ dma_addr_t dma_g; }; +struct hpre_ecdh_ctx { + /* low address: p->a->k->b */ + unsigned char *p; + dma_addr_t dma_p; + + /* low address: x->y */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -80,7 +107,10 @@ struct hpre_ctx { union { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; + struct hpre_ecdh_ctx ecdh; }; + /* for ecc algorithms */ + unsigned int curve_id; }; struct hpre_asym_request { @@ -91,6 +121,7 @@ struct hpre_asym_request { union { struct akcipher_request *rsa; struct kpp_request *dh; + struct kpp_request *ecdh; } areq; int err; int req_id; @@ -1115,6 +1146,461 @@ static void hpre_rsa_exit_tfm(struct crypto_akcipher *tfm) crypto_free_akcipher(ctx->rsa.soft_tfm); } +static void hpre_key_to_big_end(u8 *data, int len) +{ + int i, j; + u8 tmp; + + for (i = 0; i < len / 2; i++) { + j = len - i - 1; + tmp = data[j]; + data[j] = data[i]; + data[i] = tmp; + } +} + +static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, + bool is_ecdh) +{ + struct device *dev = HPRE_DEV(ctx); + unsigned int sz = ctx->key_sz; + unsigned int shift = sz << 1; + + if (is_clear_all) + hisi_qm_stop_qp(ctx->qp); + + if (is_ecdh && ctx->ecdh.p) { + /* ecdh: p->a->k->b */ + memzero_explicit(ctx->ecdh.p + shift, sz); + dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); + ctx->ecdh.p = NULL; + } + + hpre_ctx_clear(ctx, is_clear_all); +} + +/* + * The bits of 192/224/256/384/521 are supported by HPRE, + * and convert the bits like: + * bits<=256, bits=256; 256key_sz << 1; + unsigned int shiftb = ctx->key_sz << 2; + void *p = ctx->ecdh.p + ctx->key_sz - cur_sz; + void *a = ctx->ecdh.p + shifta - cur_sz; + void *b = ctx->ecdh.p + shiftb - cur_sz; + void *x = ctx->ecdh.g + ctx->key_sz - cur_sz; + void *y = ctx->ecdh.g + shifta - cur_sz; + const struct ecc_curve *curve = ecc_get_curve(ctx->curve_id); + char *n;
[PATCH v8 0/9] add ECDH and CURVE25519 algorithms support for Kunpeng 930
1. Move curve ID from the key into the algorithm name (like 'ecdh-nist-pxxx' so we get its tfm like 'crypto_alloc_kpp("ecdh-nist-p256", 0, 0)'), in 'crypto/ecc.c' (has been verified by testmgr) and 'crypto/atmel-ecc.c' (only compiled, not do test), and modify 'testmgr.c' and 'net/bluetooth/smp.c' (only compiled, not do test) to adapt the modification; 2. Add new elliptic(nist-p224, nist-p384, nist-p521) curve parameters definitions, and reorder ECDH 'Curves IDs'; 3. Add new file 'include/crypto/ecc_curve.h', and move 'struct ecc_point' and 'struct ecc_curve' definitions to it, also add new APIs 'ecc_get_curveXXX' into it, with these APIs, users in kernel tree can get ECDH and curve25519 parameters; 4. Add ECDH and CURVE25519 algorithms support for Kunpeng 930. v7->v8: - patch #3 and #5: move the curve ID from the key into the algorithm name instead v6->v7: - patch #4: add function interface to expose elliptic curve parameters - patch #4: eliminate warning by 'kernel test robot' - patch #5: add function interface to expose curve25519 parameters v5->v6: - patch #1: add a new patch (the first patch), which is the "depend on" patch before v4->v5: - patch #4: delete P-128 and P-320 curve, as the few using case in the kernel v3 -> v4: - patch #3: add new, and move ecc_curve params to "include/crypto" v2 -> v3: - patch #5: fix sparse warnings - patch #5: add 'CRYPTO_LIB_CURVE25519_GENERIC' in 'Kconfig' v1 -> v2: - patch #5: delete `curve25519_null_point' Meng Yu (9): crypto: hisilicon/hpre - add version adapt to new algorithms crypto: hisilicon/hpre - add algorithm type crypto: atmel-ecc - move curve_id of ECDH from the key to algorithm name net/bluetooth: modify ECDH name in 'crypto_alloc_kpp' crypto: move curve_id of ECDH to algorithm name crypto: add new ecc curve and expose them crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: add curve25519 params and expose them crypto: hisilicon/hpre - add 'CURVE25519' algorithm crypto/ecc.c| 17 +- crypto/ecc.h| 37 +- crypto/ecc_curve_defs.h | 124 +++ crypto/ecdh.c | 72 +- crypto/ecdh_helper.c|4 +- crypto/testmgr.c| 11 +- crypto/testmgr.h| 32 +- drivers/crypto/atmel-ecc.c | 14 +- drivers/crypto/hisilicon/Kconfig|1 + drivers/crypto/hisilicon/hpre/hpre.h| 17 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 1097 +-- drivers/crypto/hisilicon/hpre/hpre_main.c | 12 +- drivers/crypto/hisilicon/qm.c |4 +- drivers/crypto/hisilicon/qm.h |4 +- drivers/crypto/hisilicon/sec2/sec.h |4 +- drivers/crypto/hisilicon/sec2/sec_crypto.c |4 +- drivers/crypto/hisilicon/sec2/sec_crypto.h |4 +- drivers/crypto/hisilicon/zip/zip.h |4 +- drivers/crypto/hisilicon/zip/zip_crypto.c |4 +- include/crypto/ecc_curve.h | 60 ++ include/crypto/ecdh.h |7 +- net/bluetooth/ecdh_helper.c |2 - net/bluetooth/selftest.c|2 +- net/bluetooth/smp.c |6 +- 24 files changed, 1370 insertions(+), 173 deletions(-) create mode 100644 include/crypto/ecc_curve.h -- 2.8.1
[PATCH v8 1/9] crypto: hisilicon/hpre - add version adapt to new algorithms
A new generation of accelerator Kunpeng930 has appeared, and the corresponding driver needs to be updated to support some new algorithms of Kunpeng930. To be compatible with Kunpeng920, we add parameter 'struct hisi_qm *qm' to sec_algs_(un)register to identify the chip's version. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Longfang Liu --- drivers/crypto/hisilicon/hpre/hpre.h| 5 +++-- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 4 ++-- drivers/crypto/hisilicon/qm.c | 4 ++-- drivers/crypto/hisilicon/qm.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 ++-- drivers/crypto/hisilicon/zip/zip.h | 4 ++-- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 ++-- 9 files changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index f69252b..e784712 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -91,7 +91,8 @@ struct hpre_sqe { }; struct hisi_qp *hpre_create_qp(void); -int hpre_algs_register(void); -void hpre_algs_unregister(void); +int hpre_algs_register(struct hisi_qm *qm); +void hpre_algs_unregister(struct hisi_qm *qm); + #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a87f990..d89b2f5 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1154,7 +1154,7 @@ static struct kpp_alg dh = { }; #endif -int hpre_algs_register(void) +int hpre_algs_register(struct hisi_qm *qm) { int ret; @@ -1171,7 +1171,7 @@ int hpre_algs_register(void) return ret; } -void hpre_algs_unregister(void) +void hpre_algs_unregister(struct hisi_qm *qm) { crypto_unregister_akcipher(&rsa); #ifdef CONFIG_CRYPTO_DH diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c index 904b99a..5e9d8d7 100644 --- a/drivers/crypto/hisilicon/qm.c +++ b/drivers/crypto/hisilicon/qm.c @@ -4015,7 +4015,7 @@ int hisi_qm_alg_register(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (flag) { - ret = qm_list->register_to_crypto(); + ret = qm_list->register_to_crypto(qm); if (ret) { mutex_lock(&qm_list->lock); list_del(&qm->list); @@ -4046,7 +4046,7 @@ void hisi_qm_alg_unregister(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (list_empty(&qm_list->list)) - qm_list->unregister_from_crypto(); + qm_list->unregister_from_crypto(qm); } EXPORT_SYMBOL_GPL(hisi_qm_alg_unregister); diff --git a/drivers/crypto/hisilicon/qm.h b/drivers/crypto/hisilicon/qm.h index c1dd0fc..7d0d626 100644 --- a/drivers/crypto/hisilicon/qm.h +++ b/drivers/crypto/hisilicon/qm.h @@ -198,8 +198,8 @@ struct hisi_qm_err_ini { struct hisi_qm_list { struct mutex lock; struct list_head list; - int (*register_to_crypto)(void); - void (*unregister_from_crypto)(void); + int (*register_to_crypto)(struct hisi_qm *qm); + void (*unregister_from_crypto)(struct hisi_qm *qm); }; struct hisi_qm { diff --git a/drivers/crypto/hisilicon/sec2/sec.h b/drivers/crypto/hisilicon/sec2/sec.h index 0849191..17ddb20 100644 --- a/drivers/crypto/hisilicon/sec2/sec.h +++ b/drivers/crypto/hisilicon/sec2/sec.h @@ -183,6 +183,6 @@ struct sec_dev { void sec_destroy_qps(struct hisi_qp **qps, int qp_num); struct hisi_qp **sec_create_qps(void); -int sec_register_to_crypto(void); -void sec_unregister_from_crypto(void); +int sec_register_to_crypto(struct hisi_qm *qm); +void sec_unregister_from_crypto(struct hisi_qm *qm); #endif diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 2eaa516..f835514 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1634,7 +1634,7 @@ static struct aead_alg sec_aeads[] = { AES_BLOCK_SIZE, AES_BLOCK_SIZE, SHA512_DIGEST_SIZE), }; -int sec_register_to_crypto(void) +int sec_register_to_crypto(struct hisi_qm *qm) { int ret; @@ -1651,7 +1651,7 @@ int sec_register_to_crypto(void) return ret; } -void sec_unregister_from_crypto(void) +void sec_unregister_from_crypto(struct hisi_qm *qm) { crypto_unregister_skciphers(sec_skciphers, ARRAY_SIZE(sec_skciphers)); diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.h b/drivers/crypto/hisilicon/sec2/sec_crypto.h index b2786e1..0e933e7 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.h +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.h @@ -2
[PATCH v7 2/7] crypto: hisilicon/hpre - add some updates to adapt to Kunpeng 930
From: Hui Tang HPRE of Kunpeng 930 is updated on cluster numbers and configurations of Kunpeng 920 HPRE, so we try to update this driver to make it running okay on both chips. Signed-off-by: Hui Tang Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h | 8 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 93 +-- 2 files changed, 68 insertions(+), 33 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index e784712..cc50f23 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -14,8 +14,7 @@ enum { HPRE_CLUSTER0, HPRE_CLUSTER1, HPRE_CLUSTER2, - HPRE_CLUSTER3, - HPRE_CLUSTERS_NUM, + HPRE_CLUSTER3 }; enum hpre_ctrl_dbgfs_file { @@ -36,7 +35,10 @@ enum hpre_dfx_dbgfs_file { HPRE_DFX_FILE_NUM }; -#define HPRE_DEBUGFS_FILE_NUM(HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM - 1) +#define HPRE_CLUSTERS_NUM_V2 (HPRE_CLUSTER3 + 1) +#define HPRE_CLUSTERS_NUM_V3 1 +#define HPRE_CLUSTERS_NUM_MAX HPRE_CLUSTERS_NUM_V2 +#define HPRE_DEBUGFS_FILE_NUM (HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM_MAX - 1) struct hpre_debugfs_file { int index; diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index ad8b691..52827b0 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -30,6 +30,8 @@ #define HPRE_BD_ARUSR_CFG 0x301030 #define HPRE_BD_AWUSR_CFG 0x301034 #define HPRE_TYPES_ENB 0x301038 +#define HPRE_RSA_ENB BIT(0) +#define HPRE_ECC_ENB BIT(1) #define HPRE_DATA_RUSER_CFG0x30103c #define HPRE_DATA_WUSER_CFG0x301040 #define HPRE_INT_MASK 0x301400 @@ -74,7 +76,8 @@ #define HPRE_QM_AXI_CFG_MASK 0x #define HPRE_QM_VFG_AX_MASK0xff #define HPRE_BD_USR_MASK 0x3 -#define HPRE_CLUSTER_CORE_MASK 0xf +#define HPRE_CLUSTER_CORE_MASK_V2 0xf +#define HPRE_CLUSTER_CORE_MASK_V3 0xff #define HPRE_AM_OOO_SHUTDOWN_ENB 0x301044 #define HPRE_AM_OOO_SHUTDOWN_ENABLEBIT(0) @@ -87,6 +90,11 @@ #define HPRE_QM_PM_FLR BIT(11) #define HPRE_QM_SRIOV_FLR BIT(12) +#define HPRE_CLUSTERS_NUM(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTERS_NUM_V3 : HPRE_CLUSTERS_NUM_V2) +#define HPRE_CLUSTER_CORE_MASK(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTER_CORE_MASK_V3 :\ + HPRE_CLUSTER_CORE_MASK_V2) #define HPRE_VIA_MSI_DSM 1 #define HPRE_SQE_MASK_OFFSET 8 #define HPRE_SQE_MASK_LEN 24 @@ -276,8 +284,40 @@ static int hpre_cfg_by_dsm(struct hisi_qm *qm) return 0; } +static int hpre_set_cluster(struct hisi_qm *qm) +{ + u32 cluster_core_mask = HPRE_CLUSTER_CORE_MASK(qm); + u8 clusters_num = HPRE_CLUSTERS_NUM(qm); + struct device *dev = &qm->pdev->dev; + unsigned long offset; + u32 val = 0; + int ret, i; + + for (i = 0; i < clusters_num; i++) { + offset = i * HPRE_CLSTR_ADDR_INTRVL; + + /* clusters initiating */ + writel(cluster_core_mask, + HPRE_ADDR(qm, offset + HPRE_CORE_ENB)); + writel(0x1, HPRE_ADDR(qm, offset + HPRE_CORE_INI_CFG)); + ret = readl_relaxed_poll_timeout(HPRE_ADDR(qm, offset + + HPRE_CORE_INI_STATUS), val, + ((val & cluster_core_mask) == + cluster_core_mask), + HPRE_REG_RD_INTVRL_US, + HPRE_REG_RD_TMOUT_US); + if (ret) { + dev_err(dev, + "cluster %d int st status timeout!\n", i); + return -ETIMEDOUT; + } + } + + return 0; +} + /* - * For Hi1620, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). + * For Kunpeng 920, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). * Or it may stay in D3 state when we bind and unbind hpre quickly, * as it does FLR triggered by hardware. */ @@ -295,9 +335,8 @@ static void disable_flr_of_bme(struct hisi_qm *qm) static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) { struct device *dev = &qm->pdev->dev; - unsigned long offset; - int ret, i; u32 val; + int ret; writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_ARUSER_M_CFG_ENABLE)); writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_AWUSER_M_CFG_ENABLE)); @@ -308,7 +347,12 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) val |= BI
[PATCH v7 6/7] crypto: hisilicon/hpre - add 'ECDH' algorithm
1. Enable 'ECDH' algorithm in Kunpeng 930; 2. HPRE ECDH Support ECC curve: P192, P224, P256, P384, P521. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 493 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + 3 files changed, 491 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 02193e1..50e6b2e 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -83,6 +83,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -104,5 +105,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..778a0057 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,8 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include +#include #include #include #include @@ -36,6 +38,20 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P224_N_SIZE 28 +#define HPRE_ECC_NIST_P256_N_SIZE 32 +#define HPRE_ECC_NIST_P384_N_SIZE 48 +#define HPRE_ECC_NIST_P521_N_SIZE 66 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 +#define HPRE_ECC_HW384_KSZ_B 48 +#define HPRE_ECC_HW576_KSZ_B 72 + +#define HPRE_ECDH_MAX_SZ HPRE_ECC_HW576_KSZ_B + typedef void (*hpre_cb)(struct hpre_ctx *ctx, void *sqe); struct hpre_rsa_ctx { @@ -61,14 +77,25 @@ struct hpre_dh_ctx { * else if base if the counterpart public key we * compute the shared secret * ZZ = yb^xa mod p; [RFC2631 sec 2.1.1] +* low address: d--->n, please refer to Hisilicon HPRE UM */ - char *xa_p; /* low address: d--->n, please refer to Hisilicon HPRE UM */ + char *xa_p; dma_addr_t dma_xa_p; char *g; /* m */ dma_addr_t dma_g; }; +struct hpre_ecdh_ctx { + /* low address: p->a->k->b */ + unsigned char *p; + dma_addr_t dma_p; + + /* low address: x->y */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -80,7 +107,10 @@ struct hpre_ctx { union { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; + struct hpre_ecdh_ctx ecdh; }; + /* for ecc algorithms */ + unsigned int curve_id; }; struct hpre_asym_request { @@ -91,6 +121,7 @@ struct hpre_asym_request { union { struct akcipher_request *rsa; struct kpp_request *dh; + struct kpp_request *ecdh; } areq; int err; int req_id; @@ -1115,6 +1146,428 @@ static void hpre_rsa_exit_tfm(struct crypto_akcipher *tfm) crypto_free_akcipher(ctx->rsa.soft_tfm); } +static void hpre_key_to_big_end(u8 *data, int len) +{ + int i, j; + u8 tmp; + + for (i = 0; i < len / 2; i++) { + j = len - i - 1; + tmp = data[j]; + data[j] = data[i]; + data[i] = tmp; + } +} + +static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, + bool is_ecdh) +{ + struct device *dev = HPRE_DEV(ctx); + unsigned int sz = ctx->key_sz; + unsigned int shift = sz << 1; + + if (is_clear_all) + hisi_qm_stop_qp(ctx->qp); + + if (is_ecdh && ctx->ecdh.p) { + /* ecdh: p->a->k->b */ + memzero_explicit(ctx->ecdh.p + shift, sz); + dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); + ctx->ecdh.p = NULL; + } + + ctx->curve_id = 0; + hpre_ctx_clear(ctx, is_clear_all); +} + +/* + * The bits of 192/224/256/384/521 are supported by HPRE, + * and convert the bits like: + * bits<=256, bits=256; 256key_sz << 1; + unsigned int shiftb = ctx->key_sz << 2; + void *p = ctx->ecdh.p + ctx->key_sz - cur_sz; + void *a = ctx->ecdh.p + shifta - cur_sz; + void *b = ctx->ecdh.p + shiftb - cur_sz; + void *x = ctx->ecdh.g + ctx->key_sz - cur_sz; + void *y = ctx->ecdh.g + shifta - cur_sz; + const struct ecc_curve *curve; + char *n; + + n = kzalloc(ctx->key_sz, GFP_KERNEL); + if (u
[PATCH v7 4/7] crypto: add ecc curve and expose them
1. Add ecc curves(P224, P384, P521) for ECDH; 2. Reorder ECC 'Curves ID' in 'include/crypto/ecdh.h', and modify 'curve_id' used in 'testmgr.h'; 3. Add function 'ecc_get_curve_param' in 'include/crypto/ecc_curve.h' for users, so everyone in the kernel tree can easily get ecc curve params; Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- crypto/ecc.c | 15 - crypto/ecc.h | 37 +-- crypto/ecc_curve_defs.h| 152 ++--- crypto/testmgr.h | 12 ++-- include/crypto/ecc_curve.h | 53 include/crypto/ecdh.h | 5 +- 6 files changed, 207 insertions(+), 67 deletions(-) create mode 100644 include/crypto/ecc_curve.h diff --git a/crypto/ecc.c b/crypto/ecc.c index c80aa25..cfa1dc3 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -24,6 +24,7 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include #include #include #include @@ -42,14 +43,24 @@ typedef struct { u64 m_high; } uint128_t; +/* Returns CURVE if get curve succssful, NULL otherwise */ +const struct ecc_curve *ecc_get_curve_by_id(unsigned int curve_id) +{ + if (curve_id >= ECC_CURVE_NIST_P192 && curve_id <= ECC_CURVE_NIST_P521) + return &ecc_curve_list[curve_id - 1]; + + return NULL; +} +EXPORT_SYMBOL(ecc_get_curve_by_id); + static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) { switch (curve_id) { /* In FIPS mode only allow P256 and higher */ case ECC_CURVE_NIST_P192: - return fips_enabled ? NULL : &nist_p192; + return fips_enabled ? NULL : ecc_get_curve_by_id(curve_id); case ECC_CURVE_NIST_P256: - return &nist_p256; + return ecc_get_curve_by_id(curve_id); default: return NULL; } diff --git a/crypto/ecc.h b/crypto/ecc.h index d4e546b..38a81d4 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -26,6 +26,8 @@ #ifndef _CRYPTO_ECC_H #define _CRYPTO_ECC_H +#include + /* One digit is u64 qword. */ #define ECC_CURVE_NIST_P192_DIGITS 3 #define ECC_CURVE_NIST_P256_DIGITS 4 @@ -33,44 +35,9 @@ #define ECC_DIGITS_TO_BYTES_SHIFT 3 -/** - * struct ecc_point - elliptic curve point in affine coordinates - * - * @x: X coordinate in vli form. - * @y: Y coordinate in vli form. - * @ndigits: Length of vlis in u64 qwords. - */ -struct ecc_point { - u64 *x; - u64 *y; - u8 ndigits; -}; - #define ECC_POINT_INIT(x, y, ndigits) (struct ecc_point) { x, y, ndigits } /** - * struct ecc_curve - definition of elliptic curve - * - * @name: Short name of the curve. - * @g: Generator point of the curve. - * @p: Prime number, if Barrett's reduction is used for this curve - * pre-calculated value 'mu' is appended to the @p after ndigits. - * Use of Barrett's reduction is heuristically determined in - * vli_mmod_fast(). - * @n: Order of the curve group. - * @a: Curve parameter a. - * @b: Curve parameter b. - */ -struct ecc_curve { - char *name; - struct ecc_point g; - u64 *p; - u64 *n; - u64 *a; - u64 *b; -}; - -/** * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h index 69be6c7..b81e580 100644 --- a/crypto/ecc_curve_defs.h +++ b/crypto/ecc_curve_defs.h @@ -15,18 +15,20 @@ static u64 nist_p192_a[] = { 0xFFFCull, 0xFFFEull, 0xull }; static u64 nist_p192_b[] = { 0xFEB8DEECC146B9B1ull, 0x0FA7E9AB72243049ull, 0x64210519E59C80E7ull }; -static struct ecc_curve nist_p192 = { - .name = "nist_192", - .g = { - .x = nist_p192_g_x, - .y = nist_p192_g_y, - .ndigits = 3, - }, - .p = nist_p192_p, - .n = nist_p192_n, - .a = nist_p192_a, - .b = nist_p192_b -}; + +/* NIST P-224 */ +static u64 nist_p224_g_x[] = { 0x343280D6115C1D21ull, 0x4A03C1D356C21122ull, + 0x6BB4BF7F321390B9ull, 0xB70E0CBDull }; +static u64 nist_p224_g_y[] = { 0x44d5819985007e34ull, 0xcd4375a05a074764ull, + 0xb5f723fb4c22dfe6ull, 0xbd376388ull }; +static u64 nist_p224_p[] = { 0x0001ull, 0xull, + 0xull, 0xull }; +static u64 nist_p224_n[] = { 0x13DD29455C5C2A3Dull, 0x16A2E0B8F03Eull, + 0xull, 0xull }; +static u64 nist_p224_a[] = { 0xFFFEull, 0x
[PATCH v7 5/7] crypto: add curve 25519 and expose them
1. Add curve 25519 parameters; 2. Add curve25519 function 'ecc_get_curve25519_param', to be exposed to everyone in kernel tree. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c | 7 +++ crypto/ecc_curve_defs.h| 17 + include/crypto/ecc_curve.h | 7 +++ 3 files changed, 31 insertions(+) diff --git a/crypto/ecc.c b/crypto/ecc.c index cfa1dc3..025b5e6e 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -53,6 +53,13 @@ const struct ecc_curve *ecc_get_curve_by_id(unsigned int curve_id) } EXPORT_SYMBOL(ecc_get_curve_by_id); +/* Returns curv25519 curve param */ +const struct ecc_curve *ecc_get_curve25519(void) +{ + return &ecc_25519; +} +EXPORT_SYMBOL(ecc_get_curve25519); + static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) { switch (curve_id) { diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h index b81e580..91b3d4b 100644 --- a/crypto/ecc_curve_defs.h +++ b/crypto/ecc_curve_defs.h @@ -160,4 +160,21 @@ static const struct ecc_curve ecc_curve_list[] = { } }; +/* curve25519 */ +static u64 curve25519_g_x[] = { 0x0009, 0x, + 0x, 0x }; +static u64 curve25519_p[] = { 0xffed, 0x, + 0x, 0x7fff }; +static u64 curve25519_a[] = { 0x0001DB41, 0x, +0x, 0x }; +static const struct ecc_curve ecc_25519 = { + .name = "curve25519", + .g = { + .x = curve25519_g_x, + .ndigits = 4, + }, + .p = curve25519_p, + .a = curve25519_a, +}; + #endif diff --git a/include/crypto/ecc_curve.h b/include/crypto/ecc_curve.h index a3adf1e..2d22647 100644 --- a/include/crypto/ecc_curve.h +++ b/include/crypto/ecc_curve.h @@ -50,4 +50,11 @@ struct ecc_curve { */ const struct ecc_curve *ecc_get_curve_by_id(unsigned int curve_id); +/** + * ecc_get_curve25519() - get curve25519 curve; + * + * Returns curve25519 + */ +const struct ecc_curve *ecc_get_curve25519(void); + #endif \ No newline at end of file -- 2.8.1
[PATCH v7 0/7] add ECDH and CURVE25519 algorithms support for Kunpeng 930
1. Add some new elliptic curve parameters definitions, and reorder ECC 'Curves IDs'; 2. Add interface to get elliptic curve by curve_id in "include/crypto/ecc_curve.h" by curve_id; 3. Add ECDH and CURVE25519 algorithms support for Kunpeng 930. v6->v7: - patch #4: add function interface to expose elliptic curve parameters - patch #4: eliminate warning by 'kernel test robot' - patch #5: add function interface to expose curve25519 parameters v5->v6: - patch #1: add a new patch (the first patch), which is the "depend on" patch before v4->v5: - patch #4: delete P-128 and P-320 curve, as the few using case in the kernel v3 -> v4: - patch #3: add new, move ecc_curve params to "include/crypto" v2 -> v3: - patch #5: fix sparse warnings - patch #5: add 'CRYPTO_LIB_CURVE25519_GENERIC' in 'Kconfig' v1 -> v2: - patch #5: delete `curve25519_null_point' Hui Tang (1): crypto: hisilicon/hpre - add some updates to adapt to Kunpeng 930 Meng Yu (6): crypto: hisilicon/hpre - add version adapt to new algorithms crypto: hisilicon/hpre - add algorithm type crypto: add ecc curve and expose them crypto: add curve 25519 and expose them crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: hisilicon/hpre - add 'CURVE25519' algorithm crypto/ecc.c| 22 +- crypto/ecc.h| 37 +- crypto/ecc_curve_defs.h | 163 +- crypto/testmgr.h| 12 +- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 25 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 861 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 105 ++-- drivers/crypto/hisilicon/qm.c | 4 +- drivers/crypto/hisilicon/qm.h | 4 +- drivers/crypto/hisilicon/sec2/sec.h | 4 +- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 +- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 +- drivers/crypto/hisilicon/zip/zip.h | 4 +- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 +- include/crypto/ecc_curve.h | 60 ++ include/crypto/ecdh.h | 5 +- 17 files changed, 1191 insertions(+), 128 deletions(-) create mode 100644 include/crypto/ecc_curve.h -- 2.8.1
[PATCH v7 3/7] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index cc50f23..02193e1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -92,7 +100,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 52827b0..d3ec3b4 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -223,13 +223,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH v7 7/7] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 370 +++- 3 files changed, 364 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/Kconfig b/drivers/crypto/hisilicon/Kconfig index 8431926..c45adb1 100644 --- a/drivers/crypto/hisilicon/Kconfig +++ b/drivers/crypto/hisilicon/Kconfig @@ -65,6 +65,7 @@ config CRYPTO_DEV_HISI_HPRE depends on UACCE || UACCE=n depends on ARM64 || (COMPILE_TEST && 64BIT) depends on ACPI + select CRYPTO_LIB_CURVE25519_GENERIC select CRYPTO_DEV_HISI_QM select CRYPTO_DH select CRYPTO_RSA diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 50e6b2e..92892e3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -84,6 +84,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 778a0057..5b67f45 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -96,6 +97,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -108,6 +119,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -122,6 +134,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -444,7 +457,6 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) struct hpre_sqe *sqe = resp; struct hpre_asym_request *req = ctx->req_list[le16_to_cpu(sqe->tag)]; - if (unlikely(!req)) { atomic64_inc(&dfx[HPRE_INVALID_REQ_CNT].value); return; @@ -1174,6 +1186,12 @@ static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, memzero_explicit(ctx->ecdh.p + shift, sz); dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); ctx->ecdh.p = NULL; + } else if (!is_ecdh && ctx->curve25519.p) { + /* curve25519: p->a->k */ + memzero_explicit(ctx->curve25519.p + shift, sz); + dma_free_coherent(dev, sz << 2, ctx->curve25519.p, + ctx->curve25519.dma_p); + ctx->curve25519.p = NULL; } ctx->curve_id = 0; @@ -1568,6 +1586,313 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_curve25519_fill_curve(struct hpre_ctx *ctx, const void *buf, + unsigned int len) +{ + u8 secret[CURVE25519_KEY_SIZE] = { 0 }; + unsigned int sz = ctx->key_sz; + const struct ecc_curve *curve; + unsigned int shift = sz << 1; + void *p; + + /* +* The key from 'buf' is in little-endian, we should preprocess it as +* the description in rfc7748: "k[0] &= 248, k[31] &= 127, k[31] |= 64", +* then convert it to big endian. Only in this way, the result can be +* the same as the software curve-25519 that exists in crypto. +*/ + memcpy(secret, buf, len); + curve25519_clamp_secret(secret); + hpre_key_to_big_end(secret, CURVE25519_KEY_SIZE); + + p = ctx->curve25519.p + sz - len; + + curve = ecc_get_curve25519(); + + /* fill curve parameters */ + fill_curve_param(p, curve->p, len, curve->g.ndigits); + fill_curve_param(p + sz, curve->a, len, curve->g.ndigits); + memcpy(p + shift, secret, len); + fill_curve_param(p + shift + sz, curve->g.x, len, curve->
[PATCH v7 1/7] crypto: hisilicon/hpre - add version adapt to new algorithms
A new generation of accelerator Kunpeng930 has appeared, and the corresponding driver needs to be updated to support some new algorithms of Kunpeng930. To be compatible with Kunpeng920, we add parameter 'struct hisi_qm *qm' to sec_algs_(un)register to identify the chip's version. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Longfang Liu --- drivers/crypto/hisilicon/hpre/hpre.h| 5 +++-- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 4 ++-- drivers/crypto/hisilicon/qm.c | 4 ++-- drivers/crypto/hisilicon/qm.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 ++-- drivers/crypto/hisilicon/zip/zip.h | 4 ++-- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 ++-- 9 files changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index f69252b..e784712 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -91,7 +91,8 @@ struct hpre_sqe { }; struct hisi_qp *hpre_create_qp(void); -int hpre_algs_register(void); -void hpre_algs_unregister(void); +int hpre_algs_register(struct hisi_qm *qm); +void hpre_algs_unregister(struct hisi_qm *qm); + #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a87f990..d89b2f5 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1154,7 +1154,7 @@ static struct kpp_alg dh = { }; #endif -int hpre_algs_register(void) +int hpre_algs_register(struct hisi_qm *qm) { int ret; @@ -1171,7 +1171,7 @@ int hpre_algs_register(void) return ret; } -void hpre_algs_unregister(void) +void hpre_algs_unregister(struct hisi_qm *qm) { crypto_unregister_akcipher(&rsa); #ifdef CONFIG_CRYPTO_DH diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c index 904b99a..5e9d8d7 100644 --- a/drivers/crypto/hisilicon/qm.c +++ b/drivers/crypto/hisilicon/qm.c @@ -4015,7 +4015,7 @@ int hisi_qm_alg_register(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (flag) { - ret = qm_list->register_to_crypto(); + ret = qm_list->register_to_crypto(qm); if (ret) { mutex_lock(&qm_list->lock); list_del(&qm->list); @@ -4046,7 +4046,7 @@ void hisi_qm_alg_unregister(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (list_empty(&qm_list->list)) - qm_list->unregister_from_crypto(); + qm_list->unregister_from_crypto(qm); } EXPORT_SYMBOL_GPL(hisi_qm_alg_unregister); diff --git a/drivers/crypto/hisilicon/qm.h b/drivers/crypto/hisilicon/qm.h index c1dd0fc..7d0d626 100644 --- a/drivers/crypto/hisilicon/qm.h +++ b/drivers/crypto/hisilicon/qm.h @@ -198,8 +198,8 @@ struct hisi_qm_err_ini { struct hisi_qm_list { struct mutex lock; struct list_head list; - int (*register_to_crypto)(void); - void (*unregister_from_crypto)(void); + int (*register_to_crypto)(struct hisi_qm *qm); + void (*unregister_from_crypto)(struct hisi_qm *qm); }; struct hisi_qm { diff --git a/drivers/crypto/hisilicon/sec2/sec.h b/drivers/crypto/hisilicon/sec2/sec.h index 0849191..17ddb20 100644 --- a/drivers/crypto/hisilicon/sec2/sec.h +++ b/drivers/crypto/hisilicon/sec2/sec.h @@ -183,6 +183,6 @@ struct sec_dev { void sec_destroy_qps(struct hisi_qp **qps, int qp_num); struct hisi_qp **sec_create_qps(void); -int sec_register_to_crypto(void); -void sec_unregister_from_crypto(void); +int sec_register_to_crypto(struct hisi_qm *qm); +void sec_unregister_from_crypto(struct hisi_qm *qm); #endif diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 2eaa516..f835514 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1634,7 +1634,7 @@ static struct aead_alg sec_aeads[] = { AES_BLOCK_SIZE, AES_BLOCK_SIZE, SHA512_DIGEST_SIZE), }; -int sec_register_to_crypto(void) +int sec_register_to_crypto(struct hisi_qm *qm) { int ret; @@ -1651,7 +1651,7 @@ int sec_register_to_crypto(void) return ret; } -void sec_unregister_from_crypto(void) +void sec_unregister_from_crypto(struct hisi_qm *qm) { crypto_unregister_skciphers(sec_skciphers, ARRAY_SIZE(sec_skciphers)); diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.h b/drivers/crypto/hisilicon/sec2/sec_crypto.h index b2786e1..0e933e7 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.h +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.h @@ -2
[PATCH v6 1/6] crypto: hisilicon/hpre - add version adapt to new algorithms
A new generation of accelerator Kunpeng930 has appeared, and the corresponding driver needs to be updated to support some new algorithms of Kunpeng930. To be compatible with Kunpeng920, we add parameter 'struct hisi_qm *qm' to sec_algs_(un)register to identify the chip's version. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Longfang Liu --- drivers/crypto/hisilicon/hpre/hpre.h| 5 +++-- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 4 ++-- drivers/crypto/hisilicon/qm.c | 4 ++-- drivers/crypto/hisilicon/qm.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 ++-- drivers/crypto/hisilicon/zip/zip.h | 4 ++-- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 ++-- 9 files changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index f69252b..e784712 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -91,7 +91,8 @@ struct hpre_sqe { }; struct hisi_qp *hpre_create_qp(void); -int hpre_algs_register(void); -void hpre_algs_unregister(void); +int hpre_algs_register(struct hisi_qm *qm); +void hpre_algs_unregister(struct hisi_qm *qm); + #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a87f990..d89b2f5 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1154,7 +1154,7 @@ static struct kpp_alg dh = { }; #endif -int hpre_algs_register(void) +int hpre_algs_register(struct hisi_qm *qm) { int ret; @@ -1171,7 +1171,7 @@ int hpre_algs_register(void) return ret; } -void hpre_algs_unregister(void) +void hpre_algs_unregister(struct hisi_qm *qm) { crypto_unregister_akcipher(&rsa); #ifdef CONFIG_CRYPTO_DH diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c index 10a04ab..9bbefe0 100644 --- a/drivers/crypto/hisilicon/qm.c +++ b/drivers/crypto/hisilicon/qm.c @@ -4015,7 +4015,7 @@ int hisi_qm_alg_register(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (flag) { - ret = qm_list->register_to_crypto(); + ret = qm_list->register_to_crypto(qm); if (ret) { mutex_lock(&qm_list->lock); list_del(&qm->list); @@ -4046,7 +4046,7 @@ void hisi_qm_alg_unregister(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (list_empty(&qm_list->list)) - qm_list->unregister_from_crypto(); + qm_list->unregister_from_crypto(qm); } EXPORT_SYMBOL_GPL(hisi_qm_alg_unregister); diff --git a/drivers/crypto/hisilicon/qm.h b/drivers/crypto/hisilicon/qm.h index 8624d12..a63256a 100644 --- a/drivers/crypto/hisilicon/qm.h +++ b/drivers/crypto/hisilicon/qm.h @@ -193,8 +193,8 @@ struct hisi_qm_err_ini { struct hisi_qm_list { struct mutex lock; struct list_head list; - int (*register_to_crypto)(void); - void (*unregister_from_crypto)(void); + int (*register_to_crypto)(struct hisi_qm *qm); + void (*unregister_from_crypto)(struct hisi_qm *qm); }; struct hisi_qm { diff --git a/drivers/crypto/hisilicon/sec2/sec.h b/drivers/crypto/hisilicon/sec2/sec.h index 0849191..17ddb20 100644 --- a/drivers/crypto/hisilicon/sec2/sec.h +++ b/drivers/crypto/hisilicon/sec2/sec.h @@ -183,6 +183,6 @@ struct sec_dev { void sec_destroy_qps(struct hisi_qp **qps, int qp_num); struct hisi_qp **sec_create_qps(void); -int sec_register_to_crypto(void); -void sec_unregister_from_crypto(void); +int sec_register_to_crypto(struct hisi_qm *qm); +void sec_unregister_from_crypto(struct hisi_qm *qm); #endif diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 2eaa516..f835514 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1634,7 +1634,7 @@ static struct aead_alg sec_aeads[] = { AES_BLOCK_SIZE, AES_BLOCK_SIZE, SHA512_DIGEST_SIZE), }; -int sec_register_to_crypto(void) +int sec_register_to_crypto(struct hisi_qm *qm) { int ret; @@ -1651,7 +1651,7 @@ int sec_register_to_crypto(void) return ret; } -void sec_unregister_from_crypto(void) +void sec_unregister_from_crypto(struct hisi_qm *qm) { crypto_unregister_skciphers(sec_skciphers, ARRAY_SIZE(sec_skciphers)); diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.h b/drivers/crypto/hisilicon/sec2/sec_crypto.h index b2786e1..0e933e7 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.h +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.h @@ -2
[PATCH v6 6/6] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
1. Add 'CURVE25519' curve parameter definition to 'include/crypto/ecc_curve_defs.h'; 2. Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 364 +++- include/crypto/ecc_curve_defs.h | 17 ++ 4 files changed, 375 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/Kconfig b/drivers/crypto/hisilicon/Kconfig index 8431926..c45adb1 100644 --- a/drivers/crypto/hisilicon/Kconfig +++ b/drivers/crypto/hisilicon/Kconfig @@ -65,6 +65,7 @@ config CRYPTO_DEV_HISI_HPRE depends on UACCE || UACCE=n depends on ARM64 || (COMPILE_TEST && 64BIT) depends on ACPI + select CRYPTO_LIB_CURVE25519_GENERIC select CRYPTO_DEV_HISI_QM select CRYPTO_DH select CRYPTO_RSA diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 50e6b2e..92892e3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -84,6 +84,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index fe2f5ab..34bb4a0 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -96,6 +97,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -108,6 +119,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -122,6 +134,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -444,7 +457,6 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) struct hpre_sqe *sqe = resp; struct hpre_asym_request *req = ctx->req_list[le16_to_cpu(sqe->tag)]; - if (unlikely(!req)) { atomic64_inc(&dfx[HPRE_INVALID_REQ_CNT].value); return; @@ -1174,6 +1186,12 @@ static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, memzero_explicit(ctx->ecdh.p + shift, sz); dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); ctx->ecdh.p = NULL; + } else if (!is_ecdh && ctx->curve25519.p) { + /* curve25519: p->a->k */ + memzero_explicit(ctx->curve25519.p + shift, sz); + dma_free_coherent(dev, sz << 2, ctx->curve25519.p, + ctx->curve25519.dma_p); + ctx->curve25519.p = NULL; } ctx->curve_id = 0; @@ -1577,6 +1595,307 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_curve25519_fill_curve(struct hpre_ctx *ctx, const void *buf, + unsigned int len) +{ + u8 secret[CURVE25519_KEY_SIZE] = { 0 }; + unsigned int sz = ctx->key_sz; + unsigned int shift = sz << 1; + void *p; + + /** +* The key from 'buf' is in little-endian, we should preprocess it as +* the description in rfc7748: "k[0] &= 248, k[31] &= 127, k[31] |= 64", +* then convert it to big endian. Only in this way, the result can be +* the same as the software curve-25519 that exists in crypto. +*/ + memcpy(secret, buf, len); + curve25519_clamp_secret(secret); + hpre_key_to_big_end(secret, CURVE25519_KEY_SIZE); + + p = ctx->curve25519.p + sz - len; + + /* fill curve parameters */ + fill_curve_param(p, ecc_25519.p, len, ecc_25519.g.ndigits); + fill_curve_param(p + sz, ecc_25519.a, len, ecc_25519.g.ndigits); +
[PATCH v6 5/6] crypto: hisilicon/hpre - add 'ECDH' algorithm
1. Add some new 'ECDH' curve parameter definitions to 'include/crypto/ecc_curve_defs.h', and reorder ECC 'Curves IDs' in 'include/crypto/ecdh.h'; 2. Enable 'ECDH' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c| 4 +- crypto/testmgr.h| 12 +- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 502 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + include/crypto/ecc_curve_defs.h | 149 +++-- include/crypto/ecdh.h | 5 +- 7 files changed, 638 insertions(+), 37 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index f23efdd..6adcae2 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -46,9 +46,9 @@ static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) switch (curve_id) { /* In FIPS mode only allow P256 and higher */ case ECC_CURVE_NIST_P192: - return fips_enabled ? NULL : &nist_p192; + return fips_enabled ? NULL : &ecc_curve_list[ECC_CURVE_NIST_P192 - 1]; case ECC_CURVE_NIST_P256: - return &nist_p256; + return &ecc_curve_list[ECC_CURVE_NIST_P256 - 1]; default: return NULL; } diff --git a/crypto/testmgr.h b/crypto/testmgr.h index 8c83811..7fe0fb9 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -2307,12 +2307,12 @@ static const struct kpp_testvec ecdh_tv_template[] = { #ifdef __LITTLE_ENDIAN "\x02\x00" /* type */ "\x28\x00" /* len */ - "\x02\x00" /* curve_id */ + "\x03\x00" /* curve_id */ "\x20\x00" /* key_size */ #else "\x00\x02" /* type */ "\x00\x28" /* len */ - "\x00\x02" /* curve_id */ + "\x00\x03" /* curve_id */ "\x00\x20" /* key_size */ #endif "\x24\xd1\x21\xeb\xe5\xcf\x2d\x83" @@ -2351,24 +2351,24 @@ static const struct kpp_testvec ecdh_tv_template[] = { #ifdef __LITTLE_ENDIAN "\x02\x00" /* type */ "\x08\x00" /* len */ - "\x02\x00" /* curve_id */ + "\x03\x00" /* curve_id */ "\x00\x00", /* key_size */ #else "\x00\x02" /* type */ "\x00\x08" /* len */ - "\x00\x02" /* curve_id */ + "\x00\x03" /* curve_id */ "\x00\x00", /* key_size */ #endif .b_secret = #ifdef __LITTLE_ENDIAN "\x02\x00" /* type */ "\x28\x00" /* len */ - "\x02\x00" /* curve_id */ + "\x03\x00" /* curve_id */ "\x20\x00" /* key_size */ #else "\x00\x02" /* type */ "\x00\x28" /* len */ - "\x00\x02" /* curve_id */ + "\x00\x03" /* curve_id */ "\x00\x20" /* key_size */ #endif "\x24\xd1\x21\xeb\xe5\xcf\x2d\x83" diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 02193e1..50e6b2e 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -83,6 +83,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -104,5 +105,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..fe2f5ab 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,8 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include +#include #include #include #include @@ -36,6 +38,20 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P224_N_SIZE 28 +#define HPRE_ECC_NIST_P256_N_SIZE 32 +#define HPRE_ECC_NIST_P384_N_SIZE 48 +#define HPRE_ECC_NIST_P521_N_SIZE 66 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 +#define HPRE_ECC_HW384_KSZ_B 48 +#define HPRE_ECC_HW576_KSZ_B 72 + +#define HPRE_ECDH_MAX_SZ HPRE_ECC_HW576_KSZ_B + typedef void (*hpre_cb)(struct hpre_ctx *ctx, void *sqe); struct hpre_rsa_ctx { @@ -61,14 +77,25 @@ struct hpre_dh_ctx { * else if base if the counterpart public key we * compute the shared secret * ZZ = yb^xa mod p; [RFC2631 sec 2.1.1] +* low addr
[PATCH v6 2/6] crypto: hisilicon/hpre - add some updates to adapt to Kunpeng 930
From: Hui Tang HPRE of Kunpeng 930 is updated on cluster numbers and configurations of Kunpeng 920 HPRE, so we try to update this driver to make it running okay on both chips. Signed-off-by: Hui Tang Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h | 8 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 93 +-- 2 files changed, 68 insertions(+), 33 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index e784712..cc50f23 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -14,8 +14,7 @@ enum { HPRE_CLUSTER0, HPRE_CLUSTER1, HPRE_CLUSTER2, - HPRE_CLUSTER3, - HPRE_CLUSTERS_NUM, + HPRE_CLUSTER3 }; enum hpre_ctrl_dbgfs_file { @@ -36,7 +35,10 @@ enum hpre_dfx_dbgfs_file { HPRE_DFX_FILE_NUM }; -#define HPRE_DEBUGFS_FILE_NUM(HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM - 1) +#define HPRE_CLUSTERS_NUM_V2 (HPRE_CLUSTER3 + 1) +#define HPRE_CLUSTERS_NUM_V3 1 +#define HPRE_CLUSTERS_NUM_MAX HPRE_CLUSTERS_NUM_V2 +#define HPRE_DEBUGFS_FILE_NUM (HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM_MAX - 1) struct hpre_debugfs_file { int index; diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index ad8b691..52827b0 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -30,6 +30,8 @@ #define HPRE_BD_ARUSR_CFG 0x301030 #define HPRE_BD_AWUSR_CFG 0x301034 #define HPRE_TYPES_ENB 0x301038 +#define HPRE_RSA_ENB BIT(0) +#define HPRE_ECC_ENB BIT(1) #define HPRE_DATA_RUSER_CFG0x30103c #define HPRE_DATA_WUSER_CFG0x301040 #define HPRE_INT_MASK 0x301400 @@ -74,7 +76,8 @@ #define HPRE_QM_AXI_CFG_MASK 0x #define HPRE_QM_VFG_AX_MASK0xff #define HPRE_BD_USR_MASK 0x3 -#define HPRE_CLUSTER_CORE_MASK 0xf +#define HPRE_CLUSTER_CORE_MASK_V2 0xf +#define HPRE_CLUSTER_CORE_MASK_V3 0xff #define HPRE_AM_OOO_SHUTDOWN_ENB 0x301044 #define HPRE_AM_OOO_SHUTDOWN_ENABLEBIT(0) @@ -87,6 +90,11 @@ #define HPRE_QM_PM_FLR BIT(11) #define HPRE_QM_SRIOV_FLR BIT(12) +#define HPRE_CLUSTERS_NUM(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTERS_NUM_V3 : HPRE_CLUSTERS_NUM_V2) +#define HPRE_CLUSTER_CORE_MASK(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTER_CORE_MASK_V3 :\ + HPRE_CLUSTER_CORE_MASK_V2) #define HPRE_VIA_MSI_DSM 1 #define HPRE_SQE_MASK_OFFSET 8 #define HPRE_SQE_MASK_LEN 24 @@ -276,8 +284,40 @@ static int hpre_cfg_by_dsm(struct hisi_qm *qm) return 0; } +static int hpre_set_cluster(struct hisi_qm *qm) +{ + u32 cluster_core_mask = HPRE_CLUSTER_CORE_MASK(qm); + u8 clusters_num = HPRE_CLUSTERS_NUM(qm); + struct device *dev = &qm->pdev->dev; + unsigned long offset; + u32 val = 0; + int ret, i; + + for (i = 0; i < clusters_num; i++) { + offset = i * HPRE_CLSTR_ADDR_INTRVL; + + /* clusters initiating */ + writel(cluster_core_mask, + HPRE_ADDR(qm, offset + HPRE_CORE_ENB)); + writel(0x1, HPRE_ADDR(qm, offset + HPRE_CORE_INI_CFG)); + ret = readl_relaxed_poll_timeout(HPRE_ADDR(qm, offset + + HPRE_CORE_INI_STATUS), val, + ((val & cluster_core_mask) == + cluster_core_mask), + HPRE_REG_RD_INTVRL_US, + HPRE_REG_RD_TMOUT_US); + if (ret) { + dev_err(dev, + "cluster %d int st status timeout!\n", i); + return -ETIMEDOUT; + } + } + + return 0; +} + /* - * For Hi1620, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). + * For Kunpeng 920, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). * Or it may stay in D3 state when we bind and unbind hpre quickly, * as it does FLR triggered by hardware. */ @@ -295,9 +335,8 @@ static void disable_flr_of_bme(struct hisi_qm *qm) static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) { struct device *dev = &qm->pdev->dev; - unsigned long offset; - int ret, i; u32 val; + int ret; writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_ARUSER_M_CFG_ENABLE)); writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_AWUSER_M_CFG_ENABLE)); @@ -308,7 +347,12 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) val |= BI
[PATCH v6 0/6] add ECDH and CURVE25519 algorithms support for Kunpeng 930
1. Move elliptic curve parameter definitions out to "include/crypto"; 2. Add some new elliptic curve parameters definitions, and reorder ECC 'Curves IDs'; 3. Add ECDH and CURVE25519 algorithms support for Kunpeng 930. v5->v6: - patch #1: add a new patch (the first patch), which is the "depend on" patch before v4->v5: - patch #4: delete P-128 and P-320 curve, as the few using case in the kernel v3 -> v4: - patch #3: add new, move ecc_curve params to "include/crypto" v2 -> v3: - patch #5: fix sparse warnings - patch #5: add 'CRYPTO_LIB_CURVE25519_GENERIC' in 'Kconfig' v1 -> v2: - patch #5: delete `curve25519_null_point' Hui Tang (1): crypto: hisilicon/hpre - add some updates to adapt to Kunpeng 930 Meng Yu (5): crypto: hisilicon/hpre - add version adapt to new algorithms crypto: hisilicon/hpre - add algorithm type crypto: expose elliptic curve parameters as Crypto APIs crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: hisilicon/hpre - add 'CURVE25519' algorithm crypto/ecc.c| 5 +- crypto/ecc.h| 37 +- crypto/ecc_curve_defs.h | 57 -- crypto/ecrdsa_defs.h| 2 +- crypto/testmgr.h| 12 +- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 25 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 864 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 105 ++-- drivers/crypto/hisilicon/qm.c | 4 +- drivers/crypto/hisilicon/qm.h | 4 +- drivers/crypto/hisilicon/sec2/sec.h | 4 +- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 +- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 +- drivers/crypto/hisilicon/zip/zip.h | 4 +- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 +- include/crypto/ecc_curve_defs.h | 212 +++ include/crypto/ecdh.h | 5 +- 18 files changed, 1186 insertions(+), 167 deletions(-) delete mode 100644 crypto/ecc_curve_defs.h create mode 100644 include/crypto/ecc_curve_defs.h -- 2.8.1
[PATCH v6 3/6] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index cc50f23..02193e1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -92,7 +100,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 52827b0..d3ec3b4 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -223,13 +223,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH v6 4/6] crypto: expose elliptic curve parameters as Crypto APIs
Move elliptic curves definition to 'include/crypto/ecc_curve_defs.h', so all can use it, Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c| 1 - crypto/ecc.h| 37 + crypto/ecc_curve_defs.h | 57 - crypto/ecrdsa_defs.h| 2 +- include/crypto/ecc_curve_defs.h | 92 + 5 files changed, 95 insertions(+), 94 deletions(-) delete mode 100644 crypto/ecc_curve_defs.h create mode 100644 include/crypto/ecc_curve_defs.h diff --git a/crypto/ecc.c b/crypto/ecc.c index c80aa25..f23efdd 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -35,7 +35,6 @@ #include #include "ecc.h" -#include "ecc_curve_defs.h" typedef struct { u64 m_low; diff --git a/crypto/ecc.h b/crypto/ecc.h index d4e546b..e5afaf3 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -26,6 +26,8 @@ #ifndef _CRYPTO_ECC_H #define _CRYPTO_ECC_H +#include + /* One digit is u64 qword. */ #define ECC_CURVE_NIST_P192_DIGITS 3 #define ECC_CURVE_NIST_P256_DIGITS 4 @@ -33,44 +35,9 @@ #define ECC_DIGITS_TO_BYTES_SHIFT 3 -/** - * struct ecc_point - elliptic curve point in affine coordinates - * - * @x: X coordinate in vli form. - * @y: Y coordinate in vli form. - * @ndigits: Length of vlis in u64 qwords. - */ -struct ecc_point { - u64 *x; - u64 *y; - u8 ndigits; -}; - #define ECC_POINT_INIT(x, y, ndigits) (struct ecc_point) { x, y, ndigits } /** - * struct ecc_curve - definition of elliptic curve - * - * @name: Short name of the curve. - * @g: Generator point of the curve. - * @p: Prime number, if Barrett's reduction is used for this curve - * pre-calculated value 'mu' is appended to the @p after ndigits. - * Use of Barrett's reduction is heuristically determined in - * vli_mmod_fast(). - * @n: Order of the curve group. - * @a: Curve parameter a. - * @b: Curve parameter b. - */ -struct ecc_curve { - char *name; - struct ecc_point g; - u64 *p; - u64 *n; - u64 *a; - u64 *b; -}; - -/** * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h deleted file mode 100644 index 69be6c7..000 --- a/crypto/ecc_curve_defs.h +++ /dev/null @@ -1,57 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 */ -#ifndef _CRYTO_ECC_CURVE_DEFS_H -#define _CRYTO_ECC_CURVE_DEFS_H - -/* NIST P-192: a = p - 3 */ -static u64 nist_p192_g_x[] = { 0xF4FF0AFD82FF1012ull, 0x7CBF20EB43A18800ull, - 0x188DA80EB03090F6ull }; -static u64 nist_p192_g_y[] = { 0x73F977A11E794811ull, 0x631011ED6B24CDD5ull, - 0x07192B95FFC8DA78ull }; -static u64 nist_p192_p[] = { 0xull, 0xFFFEull, - 0xull }; -static u64 nist_p192_n[] = { 0x146BC9B1B4D22831ull, 0x99DEF836ull, - 0xull }; -static u64 nist_p192_a[] = { 0xFFFCull, 0xFFFEull, - 0xull }; -static u64 nist_p192_b[] = { 0xFEB8DEECC146B9B1ull, 0x0FA7E9AB72243049ull, - 0x64210519E59C80E7ull }; -static struct ecc_curve nist_p192 = { - .name = "nist_192", - .g = { - .x = nist_p192_g_x, - .y = nist_p192_g_y, - .ndigits = 3, - }, - .p = nist_p192_p, - .n = nist_p192_n, - .a = nist_p192_a, - .b = nist_p192_b -}; - -/* NIST P-256: a = p - 3 */ -static u64 nist_p256_g_x[] = { 0xF4A13945D898C296ull, 0x77037D812DEB33A0ull, - 0xF8BCE6E563A440F2ull, 0x6B17D1F2E12C4247ull }; -static u64 nist_p256_g_y[] = { 0xCBB6406837BF51F5ull, 0x2BCE33576B315ECEull, - 0x8EE7EB4A7C0F9E16ull, 0x4FE342E2FE1A7F9Bull }; -static u64 nist_p256_p[] = { 0xull, 0xull, - 0xull, 0x0001ull }; -static u64 nist_p256_n[] = { 0xF3B9CAC2FC632551ull, 0xBCE6FAADA7179E84ull, - 0xull, 0xull }; -static u64 nist_p256_a[] = { 0xFFFCull, 0xull, - 0xull, 0x0001ull }; -static u64 nist_p256_b[] = { 0x3BCE3C3E27D2604Bull, 0x651D06B0CC53B0F6ull, - 0xB3EBBD55769886BCull, 0x5AC635D8AA3A93E7ull }; -static struct ecc_curve nist_p256 = { - .name = "nist_256", - .g = { - .x = nist_p256_g_x, - .y = nist_p256_g_y, - .ndigits = 4, - }, - .p = nist_p256_p, -
[PATCH v5 4/5] crypto: hisilicon/hpre - add 'ECDH' algorithm
1. Add some new 'ECDH' curve parameter definitions to 'include/crypto/ecc_curve_defs.h', and reorder ECC 'Curves IDs' in 'include/crypto/ecdh.h'; 2. Enable 'ECDH' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c| 4 +- crypto/testmgr.h| 12 +- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 502 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + include/crypto/ecc_curve_defs.h | 149 +++-- include/crypto/ecdh.h | 5 +- 7 files changed, 638 insertions(+), 37 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index f23efdd..6adcae2 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -46,9 +46,9 @@ static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) switch (curve_id) { /* In FIPS mode only allow P256 and higher */ case ECC_CURVE_NIST_P192: - return fips_enabled ? NULL : &nist_p192; + return fips_enabled ? NULL : &ecc_curve_list[ECC_CURVE_NIST_P192 - 1]; case ECC_CURVE_NIST_P256: - return &nist_p256; + return &ecc_curve_list[ECC_CURVE_NIST_P256 - 1]; default: return NULL; } diff --git a/crypto/testmgr.h b/crypto/testmgr.h index 8c83811..7fe0fb9 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -2307,12 +2307,12 @@ static const struct kpp_testvec ecdh_tv_template[] = { #ifdef __LITTLE_ENDIAN "\x02\x00" /* type */ "\x28\x00" /* len */ - "\x02\x00" /* curve_id */ + "\x03\x00" /* curve_id */ "\x20\x00" /* key_size */ #else "\x00\x02" /* type */ "\x00\x28" /* len */ - "\x00\x02" /* curve_id */ + "\x00\x03" /* curve_id */ "\x00\x20" /* key_size */ #endif "\x24\xd1\x21\xeb\xe5\xcf\x2d\x83" @@ -2351,24 +2351,24 @@ static const struct kpp_testvec ecdh_tv_template[] = { #ifdef __LITTLE_ENDIAN "\x02\x00" /* type */ "\x08\x00" /* len */ - "\x02\x00" /* curve_id */ + "\x03\x00" /* curve_id */ "\x00\x00", /* key_size */ #else "\x00\x02" /* type */ "\x00\x08" /* len */ - "\x00\x02" /* curve_id */ + "\x00\x03" /* curve_id */ "\x00\x00", /* key_size */ #endif .b_secret = #ifdef __LITTLE_ENDIAN "\x02\x00" /* type */ "\x28\x00" /* len */ - "\x02\x00" /* curve_id */ + "\x03\x00" /* curve_id */ "\x20\x00" /* key_size */ #else "\x00\x02" /* type */ "\x00\x28" /* len */ - "\x00\x02" /* curve_id */ + "\x00\x03" /* curve_id */ "\x00\x20" /* key_size */ #endif "\x24\xd1\x21\xeb\xe5\xcf\x2d\x83" diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 02193e1..50e6b2e 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -83,6 +83,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -104,5 +105,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..fe2f5ab 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,8 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include +#include #include #include #include @@ -36,6 +38,20 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P224_N_SIZE 28 +#define HPRE_ECC_NIST_P256_N_SIZE 32 +#define HPRE_ECC_NIST_P384_N_SIZE 48 +#define HPRE_ECC_NIST_P521_N_SIZE 66 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 +#define HPRE_ECC_HW384_KSZ_B 48 +#define HPRE_ECC_HW576_KSZ_B 72 + +#define HPRE_ECDH_MAX_SZ HPRE_ECC_HW576_KSZ_B + typedef void (*hpre_cb)(struct hpre_ctx *ctx, void *sqe); struct hpre_rsa_ctx { @@ -61,14 +77,25 @@ struct hpre_dh_ctx { * else if base if the counterpart public key we * compute the shared secret * ZZ = yb^xa mod p; [RFC2631 sec 2.1.1] +* low addr
[PATCH v5 3/5] crypto: expose elliptic curve parameters as Crypto APIs
Move elliptic curves definition to 'include/crypto/ecc_curve_defs.h', so all can use it, Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c| 1 - crypto/ecc.h| 37 + crypto/ecc_curve_defs.h | 57 - crypto/ecrdsa_defs.h| 2 +- include/crypto/ecc_curve_defs.h | 92 + 5 files changed, 95 insertions(+), 94 deletions(-) delete mode 100644 crypto/ecc_curve_defs.h create mode 100644 include/crypto/ecc_curve_defs.h diff --git a/crypto/ecc.c b/crypto/ecc.c index c80aa25..f23efdd 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -35,7 +35,6 @@ #include #include "ecc.h" -#include "ecc_curve_defs.h" typedef struct { u64 m_low; diff --git a/crypto/ecc.h b/crypto/ecc.h index d4e546b..e5afaf3 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -26,6 +26,8 @@ #ifndef _CRYPTO_ECC_H #define _CRYPTO_ECC_H +#include + /* One digit is u64 qword. */ #define ECC_CURVE_NIST_P192_DIGITS 3 #define ECC_CURVE_NIST_P256_DIGITS 4 @@ -33,44 +35,9 @@ #define ECC_DIGITS_TO_BYTES_SHIFT 3 -/** - * struct ecc_point - elliptic curve point in affine coordinates - * - * @x: X coordinate in vli form. - * @y: Y coordinate in vli form. - * @ndigits: Length of vlis in u64 qwords. - */ -struct ecc_point { - u64 *x; - u64 *y; - u8 ndigits; -}; - #define ECC_POINT_INIT(x, y, ndigits) (struct ecc_point) { x, y, ndigits } /** - * struct ecc_curve - definition of elliptic curve - * - * @name: Short name of the curve. - * @g: Generator point of the curve. - * @p: Prime number, if Barrett's reduction is used for this curve - * pre-calculated value 'mu' is appended to the @p after ndigits. - * Use of Barrett's reduction is heuristically determined in - * vli_mmod_fast(). - * @n: Order of the curve group. - * @a: Curve parameter a. - * @b: Curve parameter b. - */ -struct ecc_curve { - char *name; - struct ecc_point g; - u64 *p; - u64 *n; - u64 *a; - u64 *b; -}; - -/** * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h deleted file mode 100644 index 69be6c7..000 --- a/crypto/ecc_curve_defs.h +++ /dev/null @@ -1,57 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 */ -#ifndef _CRYTO_ECC_CURVE_DEFS_H -#define _CRYTO_ECC_CURVE_DEFS_H - -/* NIST P-192: a = p - 3 */ -static u64 nist_p192_g_x[] = { 0xF4FF0AFD82FF1012ull, 0x7CBF20EB43A18800ull, - 0x188DA80EB03090F6ull }; -static u64 nist_p192_g_y[] = { 0x73F977A11E794811ull, 0x631011ED6B24CDD5ull, - 0x07192B95FFC8DA78ull }; -static u64 nist_p192_p[] = { 0xull, 0xFFFEull, - 0xull }; -static u64 nist_p192_n[] = { 0x146BC9B1B4D22831ull, 0x99DEF836ull, - 0xull }; -static u64 nist_p192_a[] = { 0xFFFCull, 0xFFFEull, - 0xull }; -static u64 nist_p192_b[] = { 0xFEB8DEECC146B9B1ull, 0x0FA7E9AB72243049ull, - 0x64210519E59C80E7ull }; -static struct ecc_curve nist_p192 = { - .name = "nist_192", - .g = { - .x = nist_p192_g_x, - .y = nist_p192_g_y, - .ndigits = 3, - }, - .p = nist_p192_p, - .n = nist_p192_n, - .a = nist_p192_a, - .b = nist_p192_b -}; - -/* NIST P-256: a = p - 3 */ -static u64 nist_p256_g_x[] = { 0xF4A13945D898C296ull, 0x77037D812DEB33A0ull, - 0xF8BCE6E563A440F2ull, 0x6B17D1F2E12C4247ull }; -static u64 nist_p256_g_y[] = { 0xCBB6406837BF51F5ull, 0x2BCE33576B315ECEull, - 0x8EE7EB4A7C0F9E16ull, 0x4FE342E2FE1A7F9Bull }; -static u64 nist_p256_p[] = { 0xull, 0xull, - 0xull, 0x0001ull }; -static u64 nist_p256_n[] = { 0xF3B9CAC2FC632551ull, 0xBCE6FAADA7179E84ull, - 0xull, 0xull }; -static u64 nist_p256_a[] = { 0xFFFCull, 0xull, - 0xull, 0x0001ull }; -static u64 nist_p256_b[] = { 0x3BCE3C3E27D2604Bull, 0x651D06B0CC53B0F6ull, - 0xB3EBBD55769886BCull, 0x5AC635D8AA3A93E7ull }; -static struct ecc_curve nist_p256 = { - .name = "nist_256", - .g = { - .x = nist_p256_g_x, - .y = nist_p256_g_y, - .ndigits = 4, - }, - .p = nist_p256_p, -
[PATCH v5 1/5] crypto: hisilicon/hpre - add some updates to adapt to Kunpeng 930
From: Hui Tang HPRE of Kunpeng 930 is updated on cluster numbers and configurations of Kunpeng 920 HPRE, so we try to update this driver to make it running okay on both chips. Signed-off-by: Hui Tang Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h | 8 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 93 +-- 2 files changed, 68 insertions(+), 33 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index e784712..cc50f23 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -14,8 +14,7 @@ enum { HPRE_CLUSTER0, HPRE_CLUSTER1, HPRE_CLUSTER2, - HPRE_CLUSTER3, - HPRE_CLUSTERS_NUM, + HPRE_CLUSTER3 }; enum hpre_ctrl_dbgfs_file { @@ -36,7 +35,10 @@ enum hpre_dfx_dbgfs_file { HPRE_DFX_FILE_NUM }; -#define HPRE_DEBUGFS_FILE_NUM(HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM - 1) +#define HPRE_CLUSTERS_NUM_V2 (HPRE_CLUSTER3 + 1) +#define HPRE_CLUSTERS_NUM_V3 1 +#define HPRE_CLUSTERS_NUM_MAX HPRE_CLUSTERS_NUM_V2 +#define HPRE_DEBUGFS_FILE_NUM (HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM_MAX - 1) struct hpre_debugfs_file { int index; diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index e5c9919..fc7173a 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -29,6 +29,8 @@ #define HPRE_BD_ARUSR_CFG 0x301030 #define HPRE_BD_AWUSR_CFG 0x301034 #define HPRE_TYPES_ENB 0x301038 +#define HPRE_RSA_ENB BIT(0) +#define HPRE_ECC_ENB BIT(1) #define HPRE_DATA_RUSER_CFG0x30103c #define HPRE_DATA_WUSER_CFG0x301040 #define HPRE_INT_MASK 0x301400 @@ -73,7 +75,8 @@ #define HPRE_QM_AXI_CFG_MASK 0x #define HPRE_QM_VFG_AX_MASK0xff #define HPRE_BD_USR_MASK 0x3 -#define HPRE_CLUSTER_CORE_MASK 0xf +#define HPRE_CLUSTER_CORE_MASK_V2 0xf +#define HPRE_CLUSTER_CORE_MASK_V3 0xff #define HPRE_AM_OOO_SHUTDOWN_ENB 0x301044 #define HPRE_AM_OOO_SHUTDOWN_ENABLEBIT(0) @@ -86,6 +89,11 @@ #define HPRE_QM_PM_FLR BIT(11) #define HPRE_QM_SRIOV_FLR BIT(12) +#define HPRE_CLUSTERS_NUM(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTERS_NUM_V3 : HPRE_CLUSTERS_NUM_V2) +#define HPRE_CLUSTER_CORE_MASK(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTER_CORE_MASK_V3 :\ + HPRE_CLUSTER_CORE_MASK_V2) #define HPRE_VIA_MSI_DSM 1 #define HPRE_SQE_MASK_OFFSET 8 #define HPRE_SQE_MASK_LEN 24 @@ -238,8 +246,40 @@ static int hpre_cfg_by_dsm(struct hisi_qm *qm) return 0; } +static int hpre_set_cluster(struct hisi_qm *qm) +{ + u32 cluster_core_mask = HPRE_CLUSTER_CORE_MASK(qm); + u8 clusters_num = HPRE_CLUSTERS_NUM(qm); + struct device *dev = &qm->pdev->dev; + unsigned long offset; + u32 val = 0; + int ret, i; + + for (i = 0; i < clusters_num; i++) { + offset = i * HPRE_CLSTR_ADDR_INTRVL; + + /* clusters initiating */ + writel(cluster_core_mask, + HPRE_ADDR(qm, offset + HPRE_CORE_ENB)); + writel(0x1, HPRE_ADDR(qm, offset + HPRE_CORE_INI_CFG)); + ret = readl_relaxed_poll_timeout(HPRE_ADDR(qm, offset + + HPRE_CORE_INI_STATUS), val, + ((val & cluster_core_mask) == + cluster_core_mask), + HPRE_REG_RD_INTVRL_US, + HPRE_REG_RD_TMOUT_US); + if (ret) { + dev_err(dev, + "cluster %d int st status timeout!\n", i); + return -ETIMEDOUT; + } + } + + return 0; +} + /* - * For Hi1620, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). + * For Kunpeng 920, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). * Or it may stay in D3 state when we bind and unbind hpre quickly, * as it does FLR triggered by hardware. */ @@ -257,9 +297,8 @@ static void disable_flr_of_bme(struct hisi_qm *qm) static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) { struct device *dev = &qm->pdev->dev; - unsigned long offset; - int ret, i; u32 val; + int ret; writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_ARUSER_M_CFG_ENABLE)); writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_AWUSER_M_CFG_ENABLE)); @@ -270,7 +309,12 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) val |= BI
[PATCH v5 5/5] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
1. Add 'CURVE25519' curve parameter definition to 'include/crypto/ecc_curve_defs.h'; 2. Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 364 +++- include/crypto/ecc_curve_defs.h | 17 ++ 4 files changed, 375 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/Kconfig b/drivers/crypto/hisilicon/Kconfig index 8431926..c45adb1 100644 --- a/drivers/crypto/hisilicon/Kconfig +++ b/drivers/crypto/hisilicon/Kconfig @@ -65,6 +65,7 @@ config CRYPTO_DEV_HISI_HPRE depends on UACCE || UACCE=n depends on ARM64 || (COMPILE_TEST && 64BIT) depends on ACPI + select CRYPTO_LIB_CURVE25519_GENERIC select CRYPTO_DEV_HISI_QM select CRYPTO_DH select CRYPTO_RSA diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 50e6b2e..92892e3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -84,6 +84,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index fe2f5ab..34bb4a0 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -96,6 +97,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -108,6 +119,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -122,6 +134,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -444,7 +457,6 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) struct hpre_sqe *sqe = resp; struct hpre_asym_request *req = ctx->req_list[le16_to_cpu(sqe->tag)]; - if (unlikely(!req)) { atomic64_inc(&dfx[HPRE_INVALID_REQ_CNT].value); return; @@ -1174,6 +1186,12 @@ static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, memzero_explicit(ctx->ecdh.p + shift, sz); dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); ctx->ecdh.p = NULL; + } else if (!is_ecdh && ctx->curve25519.p) { + /* curve25519: p->a->k */ + memzero_explicit(ctx->curve25519.p + shift, sz); + dma_free_coherent(dev, sz << 2, ctx->curve25519.p, + ctx->curve25519.dma_p); + ctx->curve25519.p = NULL; } ctx->curve_id = 0; @@ -1577,6 +1595,307 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_curve25519_fill_curve(struct hpre_ctx *ctx, const void *buf, + unsigned int len) +{ + u8 secret[CURVE25519_KEY_SIZE] = { 0 }; + unsigned int sz = ctx->key_sz; + unsigned int shift = sz << 1; + void *p; + + /** +* The key from 'buf' is in little-endian, we should preprocess it as +* the description in rfc7748: "k[0] &= 248, k[31] &= 127, k[31] |= 64", +* then convert it to big endian. Only in this way, the result can be +* the same as the software curve-25519 that exists in crypto. +*/ + memcpy(secret, buf, len); + curve25519_clamp_secret(secret); + hpre_key_to_big_end(secret, CURVE25519_KEY_SIZE); + + p = ctx->curve25519.p + sz - len; + + /* fill curve parameters */ + fill_curve_param(p, ecc_25519.p, len, ecc_25519.g.ndigits); + fill_curve_param(p + sz, ecc_25519.a, len, ecc_25519.g.ndigits); +
[PATCH v5 2/5] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index cc50f23..02193e1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -92,7 +100,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index fc7173a..1ae8fa1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -209,13 +209,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH v5 0/5] add ECDH and CURVE25519 algorithms support for Kunpeng 930
1. Move elliptic curve parameter definitions out to "include/crypto"; 2. Add some new elliptic curve parameters definitions, and reorder ECC 'Curves IDs'; 3. Add ECDH and CURVE25519 algorithms support for Kunpeng 930. These patches depend on: [v2,1/6] crypto: hisilicon/hpre - add version adapt to new algorithms, https://patchwork.kernel.org/project/linux-crypto/patch/1607598607-8728- 2-git-send-email-liulongf...@huawei.com/ v4->v5: - patch #4: delete P-128 and P-320 curve, as the few using case in the kernel v3 -> v4: - patch #3: add new, move ecc_curve params to "include/crypto" v2 -> v3: - patch #5: fix sparse warnings - patch #5: add 'CRYPTO_LIB_CURVE25519_GENERIC' in 'Kconfig' v1 -> v2: - patch #5: delete `curve25519_null_point' Hui Tang (1): crypto: hisilicon/hpre - add some updates to adapt to Kunpeng 930 Meng Yu (4): crypto: hisilicon/hpre - add algorithm type crypto: expose elliptic curve parameters as Crypto APIs crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: hisilicon/hpre - add 'CURVE25519' algorithm crypto/ecc.c| 5 +- crypto/ecc.h| 37 +- crypto/ecc_curve_defs.h | 57 -- crypto/ecrdsa_defs.h| 2 +- crypto/testmgr.h| 12 +- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 22 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 860 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 105 ++-- include/crypto/ecc_curve_defs.h | 212 +++ include/crypto/ecdh.h | 5 +- 11 files changed, 1168 insertions(+), 150 deletions(-) delete mode 100644 crypto/ecc_curve_defs.h create mode 100644 include/crypto/ecc_curve_defs.h -- 2.8.1
[PATCH v4 5/5] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
1. Add 'CURVE25519' curve parameter definition to 'include/crypto/ecc_curve_defs.h'; 2. Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 364 +++- include/crypto/ecc_curve_defs.h | 17 ++ 4 files changed, 375 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/Kconfig b/drivers/crypto/hisilicon/Kconfig index 8431926..c45adb1 100644 --- a/drivers/crypto/hisilicon/Kconfig +++ b/drivers/crypto/hisilicon/Kconfig @@ -65,6 +65,7 @@ config CRYPTO_DEV_HISI_HPRE depends on UACCE || UACCE=n depends on ARM64 || (COMPILE_TEST && 64BIT) depends on ACPI + select CRYPTO_LIB_CURVE25519_GENERIC select CRYPTO_DEV_HISI_QM select CRYPTO_DH select CRYPTO_RSA diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 50e6b2e..92892e3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -84,6 +84,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 58f847b..e135732 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -98,6 +99,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -110,6 +121,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -124,6 +136,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -446,7 +459,6 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) struct hpre_sqe *sqe = resp; struct hpre_asym_request *req = ctx->req_list[le16_to_cpu(sqe->tag)]; - if (unlikely(!req)) { atomic64_inc(&dfx[HPRE_INVALID_REQ_CNT].value); return; @@ -1176,6 +1188,12 @@ static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, memzero_explicit(ctx->ecdh.p + shift, sz); dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); ctx->ecdh.p = NULL; + } else if (!is_ecdh && ctx->curve25519.p) { + /* curve25519: p->a->k */ + memzero_explicit(ctx->curve25519.p + shift, sz); + dma_free_coherent(dev, sz << 2, ctx->curve25519.p, + ctx->curve25519.dma_p); + ctx->curve25519.p = NULL; } ctx->curve_id = 0; @@ -1585,6 +1603,307 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_curve25519_fill_curve(struct hpre_ctx *ctx, const void *buf, + unsigned int len) +{ + u8 secret[CURVE25519_KEY_SIZE] = { 0 }; + unsigned int sz = ctx->key_sz; + unsigned int shift = sz << 1; + void *p; + + /** +* The key from 'buf' is in little-endian, we should preprocess it as +* the description in rfc7748: "k[0] &= 248, k[31] &= 127, k[31] |= 64", +* then convert it to big endian. Only in this way, the result can be +* the same as the software curve-25519 that exists in crypto. +*/ + memcpy(secret, buf, len); + curve25519_clamp_secret(secret); + hpre_key_to_big_end(secret, CURVE25519_KEY_SIZE); + + p = ctx->curve25519.p + sz - len; + + /* fill curve parameters */ + fill_curve_param(p, ecc_25519.p, len, ecc_25519.g.ndigits); + fill_curve_param(p + sz, ecc_25519.a, len, ecc_25519.g.ndigits); +
[PATCH v4 4/5] crypto: hisilicon/hpre - add 'ECDH' algorithm
1. Add some new 'ECDH' curve parameter definitions to 'include/crypto/ecc_curve_defs.h', and reorder ECC 'Curves IDs' in 'include/crypto/ecdh.h'; 2. Enable 'ECDH' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c| 4 +- crypto/testmgr.h| 12 +- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 510 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + include/crypto/ecc_curve_defs.h | 198 +-- include/crypto/ecdh.h | 9 +- 7 files changed, 698 insertions(+), 38 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index f23efdd..6adcae2 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -46,9 +46,9 @@ static inline const struct ecc_curve *ecc_get_curve(unsigned int curve_id) switch (curve_id) { /* In FIPS mode only allow P256 and higher */ case ECC_CURVE_NIST_P192: - return fips_enabled ? NULL : &nist_p192; + return fips_enabled ? NULL : &ecc_curve_list[ECC_CURVE_NIST_P192 - 1]; case ECC_CURVE_NIST_P256: - return &nist_p256; + return &ecc_curve_list[ECC_CURVE_NIST_P256 - 1]; default: return NULL; } diff --git a/crypto/testmgr.h b/crypto/testmgr.h index 8c83811..371692e 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -2268,12 +2268,12 @@ static const struct kpp_testvec ecdh_tv_template[] = { #ifdef __LITTLE_ENDIAN "\x02\x00" /* type */ "\x20\x00" /* len */ - "\x01\x00" /* curve_id */ + "\x02\x00" /* curve_id */ "\x18\x00" /* key_size */ #else "\x00\x02" /* type */ "\x00\x20" /* len */ - "\x00\x01" /* curve_id */ + "\x00\x02" /* curve_id */ "\x00\x18" /* key_size */ #endif "\xb5\x05\xb1\x71\x1e\xbf\x8c\xda" @@ -2307,12 +2307,12 @@ static const struct kpp_testvec ecdh_tv_template[] = { #ifdef __LITTLE_ENDIAN "\x02\x00" /* type */ "\x28\x00" /* len */ - "\x02\x00" /* curve_id */ + "\x04\x00" /* curve_id */ "\x20\x00" /* key_size */ #else "\x00\x02" /* type */ "\x00\x28" /* len */ - "\x00\x02" /* curve_id */ + "\x00\x04" /* curve_id */ "\x00\x20" /* key_size */ #endif "\x24\xd1\x21\xeb\xe5\xcf\x2d\x83" @@ -2351,12 +2351,12 @@ static const struct kpp_testvec ecdh_tv_template[] = { #ifdef __LITTLE_ENDIAN "\x02\x00" /* type */ "\x08\x00" /* len */ - "\x02\x00" /* curve_id */ + "\x04\x00" /* curve_id */ "\x00\x00", /* key_size */ #else "\x00\x02" /* type */ "\x00\x08" /* len */ - "\x00\x02" /* curve_id */ + "\x00\x04" /* curve_id */ "\x00\x00", /* key_size */ #endif .b_secret = diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 02193e1..50e6b2e 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -83,6 +83,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -104,5 +105,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..58f847b 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,8 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include +#include #include #include #include @@ -36,6 +38,22 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P128_N_SIZE 16 +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P224_N_SIZE 28 +#define HPRE_ECC_NIST_P256_N_SIZE 32 +#define HPRE_ECC_NIST_P320_N_SIZE 40 +#define HPRE_ECC_NIST_P384_N_SIZE 48 +#define HPRE_ECC_NIST_P521_N_SIZE 66 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 +#define HPRE_ECC_HW384_KSZ_B 48 +#define HPRE_ECC_HW576_KSZ_B 72 + +#define HPRE_ECDH_MAX_SZ HPRE_ECC_HW576_KSZ_B + typedef void (*hpre_cb)(struct hpre_ctx *ctx, void *sqe); struct hpre_rsa_ctx { @@ -61,14 +79,25 @@ struct hpre_dh
[PATCH v4 2/5] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index cc50f23..02193e1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -92,7 +100,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index fc7173a..1ae8fa1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -209,13 +209,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH v4 1/5] crypto: hisilicon/hpre - add some updates to adapt to Kunpeng 930
From: Hui Tang HPRE of Kunpeng 930 is updated on cluster numbers and configurations of Kunpeng 920 HPRE, so we try to update this driver to make it running okay on both chips. Signed-off-by: Hui Tang Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h | 8 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 93 +-- 2 files changed, 68 insertions(+), 33 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index e784712..cc50f23 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -14,8 +14,7 @@ enum { HPRE_CLUSTER0, HPRE_CLUSTER1, HPRE_CLUSTER2, - HPRE_CLUSTER3, - HPRE_CLUSTERS_NUM, + HPRE_CLUSTER3 }; enum hpre_ctrl_dbgfs_file { @@ -36,7 +35,10 @@ enum hpre_dfx_dbgfs_file { HPRE_DFX_FILE_NUM }; -#define HPRE_DEBUGFS_FILE_NUM(HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM - 1) +#define HPRE_CLUSTERS_NUM_V2 (HPRE_CLUSTER3 + 1) +#define HPRE_CLUSTERS_NUM_V3 1 +#define HPRE_CLUSTERS_NUM_MAX HPRE_CLUSTERS_NUM_V2 +#define HPRE_DEBUGFS_FILE_NUM (HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM_MAX - 1) struct hpre_debugfs_file { int index; diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index e5c9919..fc7173a 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -29,6 +29,8 @@ #define HPRE_BD_ARUSR_CFG 0x301030 #define HPRE_BD_AWUSR_CFG 0x301034 #define HPRE_TYPES_ENB 0x301038 +#define HPRE_RSA_ENB BIT(0) +#define HPRE_ECC_ENB BIT(1) #define HPRE_DATA_RUSER_CFG0x30103c #define HPRE_DATA_WUSER_CFG0x301040 #define HPRE_INT_MASK 0x301400 @@ -73,7 +75,8 @@ #define HPRE_QM_AXI_CFG_MASK 0x #define HPRE_QM_VFG_AX_MASK0xff #define HPRE_BD_USR_MASK 0x3 -#define HPRE_CLUSTER_CORE_MASK 0xf +#define HPRE_CLUSTER_CORE_MASK_V2 0xf +#define HPRE_CLUSTER_CORE_MASK_V3 0xff #define HPRE_AM_OOO_SHUTDOWN_ENB 0x301044 #define HPRE_AM_OOO_SHUTDOWN_ENABLEBIT(0) @@ -86,6 +89,11 @@ #define HPRE_QM_PM_FLR BIT(11) #define HPRE_QM_SRIOV_FLR BIT(12) +#define HPRE_CLUSTERS_NUM(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTERS_NUM_V3 : HPRE_CLUSTERS_NUM_V2) +#define HPRE_CLUSTER_CORE_MASK(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTER_CORE_MASK_V3 :\ + HPRE_CLUSTER_CORE_MASK_V2) #define HPRE_VIA_MSI_DSM 1 #define HPRE_SQE_MASK_OFFSET 8 #define HPRE_SQE_MASK_LEN 24 @@ -238,8 +246,40 @@ static int hpre_cfg_by_dsm(struct hisi_qm *qm) return 0; } +static int hpre_set_cluster(struct hisi_qm *qm) +{ + u32 cluster_core_mask = HPRE_CLUSTER_CORE_MASK(qm); + u8 clusters_num = HPRE_CLUSTERS_NUM(qm); + struct device *dev = &qm->pdev->dev; + unsigned long offset; + u32 val = 0; + int ret, i; + + for (i = 0; i < clusters_num; i++) { + offset = i * HPRE_CLSTR_ADDR_INTRVL; + + /* clusters initiating */ + writel(cluster_core_mask, + HPRE_ADDR(qm, offset + HPRE_CORE_ENB)); + writel(0x1, HPRE_ADDR(qm, offset + HPRE_CORE_INI_CFG)); + ret = readl_relaxed_poll_timeout(HPRE_ADDR(qm, offset + + HPRE_CORE_INI_STATUS), val, + ((val & cluster_core_mask) == + cluster_core_mask), + HPRE_REG_RD_INTVRL_US, + HPRE_REG_RD_TMOUT_US); + if (ret) { + dev_err(dev, + "cluster %d int st status timeout!\n", i); + return -ETIMEDOUT; + } + } + + return 0; +} + /* - * For Hi1620, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). + * For Kunpeng 920, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). * Or it may stay in D3 state when we bind and unbind hpre quickly, * as it does FLR triggered by hardware. */ @@ -257,9 +297,8 @@ static void disable_flr_of_bme(struct hisi_qm *qm) static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) { struct device *dev = &qm->pdev->dev; - unsigned long offset; - int ret, i; u32 val; + int ret; writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_ARUSER_M_CFG_ENABLE)); writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_AWUSER_M_CFG_ENABLE)); @@ -270,7 +309,12 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) val |= BI
[PATCH v4 3/5] crypto: expose elliptic curve parameters as Crypto APIs
Move elliptic curves definition to 'include/crypto/ecc_curve_defs.h', so all can use it, Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c| 1 - crypto/ecc.h| 37 + crypto/ecc_curve_defs.h | 57 - crypto/ecrdsa_defs.h| 2 +- include/crypto/ecc_curve_defs.h | 92 + 5 files changed, 95 insertions(+), 94 deletions(-) delete mode 100644 crypto/ecc_curve_defs.h create mode 100644 include/crypto/ecc_curve_defs.h diff --git a/crypto/ecc.c b/crypto/ecc.c index c80aa25..f23efdd 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -35,7 +35,6 @@ #include #include "ecc.h" -#include "ecc_curve_defs.h" typedef struct { u64 m_low; diff --git a/crypto/ecc.h b/crypto/ecc.h index d4e546b..e5afaf3 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -26,6 +26,8 @@ #ifndef _CRYPTO_ECC_H #define _CRYPTO_ECC_H +#include + /* One digit is u64 qword. */ #define ECC_CURVE_NIST_P192_DIGITS 3 #define ECC_CURVE_NIST_P256_DIGITS 4 @@ -33,44 +35,9 @@ #define ECC_DIGITS_TO_BYTES_SHIFT 3 -/** - * struct ecc_point - elliptic curve point in affine coordinates - * - * @x: X coordinate in vli form. - * @y: Y coordinate in vli form. - * @ndigits: Length of vlis in u64 qwords. - */ -struct ecc_point { - u64 *x; - u64 *y; - u8 ndigits; -}; - #define ECC_POINT_INIT(x, y, ndigits) (struct ecc_point) { x, y, ndigits } /** - * struct ecc_curve - definition of elliptic curve - * - * @name: Short name of the curve. - * @g: Generator point of the curve. - * @p: Prime number, if Barrett's reduction is used for this curve - * pre-calculated value 'mu' is appended to the @p after ndigits. - * Use of Barrett's reduction is heuristically determined in - * vli_mmod_fast(). - * @n: Order of the curve group. - * @a: Curve parameter a. - * @b: Curve parameter b. - */ -struct ecc_curve { - char *name; - struct ecc_point g; - u64 *p; - u64 *n; - u64 *a; - u64 *b; -}; - -/** * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h deleted file mode 100644 index 69be6c7..000 --- a/crypto/ecc_curve_defs.h +++ /dev/null @@ -1,57 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 */ -#ifndef _CRYTO_ECC_CURVE_DEFS_H -#define _CRYTO_ECC_CURVE_DEFS_H - -/* NIST P-192: a = p - 3 */ -static u64 nist_p192_g_x[] = { 0xF4FF0AFD82FF1012ull, 0x7CBF20EB43A18800ull, - 0x188DA80EB03090F6ull }; -static u64 nist_p192_g_y[] = { 0x73F977A11E794811ull, 0x631011ED6B24CDD5ull, - 0x07192B95FFC8DA78ull }; -static u64 nist_p192_p[] = { 0xull, 0xFFFEull, - 0xull }; -static u64 nist_p192_n[] = { 0x146BC9B1B4D22831ull, 0x99DEF836ull, - 0xull }; -static u64 nist_p192_a[] = { 0xFFFCull, 0xFFFEull, - 0xull }; -static u64 nist_p192_b[] = { 0xFEB8DEECC146B9B1ull, 0x0FA7E9AB72243049ull, - 0x64210519E59C80E7ull }; -static struct ecc_curve nist_p192 = { - .name = "nist_192", - .g = { - .x = nist_p192_g_x, - .y = nist_p192_g_y, - .ndigits = 3, - }, - .p = nist_p192_p, - .n = nist_p192_n, - .a = nist_p192_a, - .b = nist_p192_b -}; - -/* NIST P-256: a = p - 3 */ -static u64 nist_p256_g_x[] = { 0xF4A13945D898C296ull, 0x77037D812DEB33A0ull, - 0xF8BCE6E563A440F2ull, 0x6B17D1F2E12C4247ull }; -static u64 nist_p256_g_y[] = { 0xCBB6406837BF51F5ull, 0x2BCE33576B315ECEull, - 0x8EE7EB4A7C0F9E16ull, 0x4FE342E2FE1A7F9Bull }; -static u64 nist_p256_p[] = { 0xull, 0xull, - 0xull, 0x0001ull }; -static u64 nist_p256_n[] = { 0xF3B9CAC2FC632551ull, 0xBCE6FAADA7179E84ull, - 0xull, 0xull }; -static u64 nist_p256_a[] = { 0xFFFCull, 0xull, - 0xull, 0x0001ull }; -static u64 nist_p256_b[] = { 0x3BCE3C3E27D2604Bull, 0x651D06B0CC53B0F6ull, - 0xB3EBBD55769886BCull, 0x5AC635D8AA3A93E7ull }; -static struct ecc_curve nist_p256 = { - .name = "nist_256", - .g = { - .x = nist_p256_g_x, - .y = nist_p256_g_y, - .ndigits = 4, - }, - .p = nist_p256_p, -
[PATCH v4 0/5] add ECDH and CURVE25519 algorithms support for Kunpeng 930
1. Move elliptic curve parameter definitions out to "include/crypto"; 2. Add some new elliptic curve parameters definitions, and reorder ECC 'Curves IDs'; 3. Add ECDH and CURVE25519 algorithms support for Kunpeng 930. These patches depend on: [v2,1/6] crypto: hisilicon/hpre - add version adapt to new algorithms, https://patchwork.kernel.org/project/linux-crypto/patch/1607598607-8728- 2-git-send-email-liulongf...@huawei.com/ v3 -> v4: - patch #3: add new, move ecc_curve params to "include/crypto" v2 -> v3: - patch #5: fix sparse warnings - patch #5: add 'CRYPTO_LIB_CURVE25519_GENERIC' in 'Kconfig' v1 -> v2: - patch #5: delete `curve25519_null_point' Hui Tang (1): crypto: hisilicon/hpre - add some updates to adapt to Kunpeng 930 Meng Yu (4): crypto: hisilicon/hpre - add algorithm type crypto: expose elliptic curve parameters as Crypto APIs crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: hisilicon/hpre - add 'CURVE25519' algorithm crypto/ecc.c| 5 +- crypto/ecc.h| 37 +- crypto/ecc_curve_defs.h | 57 -- crypto/ecrdsa_defs.h| 2 +- crypto/testmgr.h| 12 +- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 22 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 868 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 105 +++- include/crypto/ecc_curve_defs.h | 261 + include/crypto/ecdh.h | 9 +- 11 files changed, 1228 insertions(+), 151 deletions(-) delete mode 100644 crypto/ecc_curve_defs.h create mode 100644 include/crypto/ecc_curve_defs.h -- 2.8.1
[PATCH v3 2/5] crypto: hisilicon/hpre - add version adapt to new algorithms
'DH' and 'RSA' algorithms are supported by Kunpeng 920 and Kunpeng 930, but some new algrithms(like ECDH) are only supported by Kunpeng 930, so we add parameter 'struct hisi_qm *qm' to 'hpre_algs_(un)register' to identify the chip's version. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 5 +++-- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 4 ++-- drivers/crypto/hisilicon/qm.c | 4 ++-- drivers/crypto/hisilicon/qm.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 ++-- drivers/crypto/hisilicon/zip/zip.h | 4 ++-- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 ++-- 9 files changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 181c109..cc50f23 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -93,7 +93,8 @@ struct hpre_sqe { }; struct hisi_qp *hpre_create_qp(void); -int hpre_algs_register(void); -void hpre_algs_unregister(void); +int hpre_algs_register(struct hisi_qm *qm); +void hpre_algs_unregister(struct hisi_qm *qm); + #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a87f990..d89b2f5 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1154,7 +1154,7 @@ static struct kpp_alg dh = { }; #endif -int hpre_algs_register(void) +int hpre_algs_register(struct hisi_qm *qm) { int ret; @@ -1171,7 +1171,7 @@ int hpre_algs_register(void) return ret; } -void hpre_algs_unregister(void) +void hpre_algs_unregister(struct hisi_qm *qm) { crypto_unregister_akcipher(&rsa); #ifdef CONFIG_CRYPTO_DH diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c index f21ccae..e25636b 100644 --- a/drivers/crypto/hisilicon/qm.c +++ b/drivers/crypto/hisilicon/qm.c @@ -4012,7 +4012,7 @@ int hisi_qm_alg_register(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (flag) { - ret = qm_list->register_to_crypto(); + ret = qm_list->register_to_crypto(qm); if (ret) { mutex_lock(&qm_list->lock); list_del(&qm->list); @@ -4040,7 +4040,7 @@ void hisi_qm_alg_unregister(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (list_empty(&qm_list->list)) - qm_list->unregister_from_crypto(); + qm_list->unregister_from_crypto(qm); } EXPORT_SYMBOL_GPL(hisi_qm_alg_unregister); diff --git a/drivers/crypto/hisilicon/qm.h b/drivers/crypto/hisilicon/qm.h index 8624d12..a63256a 100644 --- a/drivers/crypto/hisilicon/qm.h +++ b/drivers/crypto/hisilicon/qm.h @@ -193,8 +193,8 @@ struct hisi_qm_err_ini { struct hisi_qm_list { struct mutex lock; struct list_head list; - int (*register_to_crypto)(void); - void (*unregister_from_crypto)(void); + int (*register_to_crypto)(struct hisi_qm *qm); + void (*unregister_from_crypto)(struct hisi_qm *qm); }; struct hisi_qm { diff --git a/drivers/crypto/hisilicon/sec2/sec.h b/drivers/crypto/hisilicon/sec2/sec.h index 0849191..17ddb20 100644 --- a/drivers/crypto/hisilicon/sec2/sec.h +++ b/drivers/crypto/hisilicon/sec2/sec.h @@ -183,6 +183,6 @@ struct sec_dev { void sec_destroy_qps(struct hisi_qp **qps, int qp_num); struct hisi_qp **sec_create_qps(void); -int sec_register_to_crypto(void); -void sec_unregister_from_crypto(void); +int sec_register_to_crypto(struct hisi_qm *qm); +void sec_unregister_from_crypto(struct hisi_qm *qm); #endif diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 87bc08a..f512ce2 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1632,7 +1632,7 @@ static struct aead_alg sec_aeads[] = { AES_BLOCK_SIZE, AES_BLOCK_SIZE, SHA512_DIGEST_SIZE), }; -int sec_register_to_crypto(void) +int sec_register_to_crypto(struct hisi_qm *qm) { int ret; @@ -1649,7 +1649,7 @@ int sec_register_to_crypto(void) return ret; } -void sec_unregister_from_crypto(void) +void sec_unregister_from_crypto(struct hisi_qm *qm) { crypto_unregister_skciphers(sec_skciphers, ARRAY_SIZE(sec_skciphers)); diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.h b/drivers/crypto/hisilicon/sec2/sec_crypto.h index b2786e1..0e933e7 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.h +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.h @@ -211,6 +211,6 @@ str
[PATCH v3 3/5] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index cc50f23..02193e1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -92,7 +100,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index fc7173a..1ae8fa1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -209,13 +209,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH v3 4/5] crypto: hisilicon/hpre - add 'ECDH' algorithm
Enable 'ECDH' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 802 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + 3 files changed, 800 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 02193e1..50e6b2e 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -83,6 +83,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -104,5 +105,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..b7814ce 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,7 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include #include #include #include @@ -36,6 +37,342 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* HPRE support 7 curves (include curve P192 and P256 in ecdh.h) */ +#define HPRE_ECC_CURVE_NIST_P128 0X0003 +#define HPRE_ECC_CURVE_NIST_P320 0X0004 +#define HPRE_ECC_CURVE_NIST_P384 0X0005 +#define HPRE_ECC_CURVE_NIST_P521 0X0006 +#define HPRE_ECC_CURVE_NIST_P224 0X0007 + +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P128_N_SIZE 16 +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P224_N_SIZE 28 +#define HPRE_ECC_NIST_P256_N_SIZE 32 +#define HPRE_ECC_NIST_P320_N_SIZE 40 +#define HPRE_ECC_NIST_P384_N_SIZE 48 +#define HPRE_ECC_NIST_P521_N_SIZE 66 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 +#define HPRE_ECC_HW384_KSZ_B 48 +#define HPRE_ECC_HW576_KSZ_B 72 + +#define HPRE_ECDH_MAX_SZ HPRE_ECC_HW576_KSZ_B + +struct curve_param_desc { + __u32 id; + const unsigned char *p; + const unsigned char *a; + const unsigned char *b; + const unsigned char *gx; + const unsigned char *gy; + const unsigned char *n; +}; + +/* ECC CURVE PARAMS */ +/* 128 bits */ +static const unsigned char ecdh_p128_p[] = { + 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF +}; +static const unsigned char ecdh_p128_a[] = { + 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFC +}; +static const unsigned char ecdh_p128_b[] = { + 0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, 0xD8, 0x24, 0x99, 0x3C, + 0x2C, 0xEE, 0x5E, 0xD3 +}; +static const unsigned char ecdh_p128_x[] = { + 0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, 0x0C, 0x28, 0x60, 0x7C, + 0xA5, 0x2C, 0x5B, 0x86 +}; +static const unsigned char ecdh_p128_y[] = { + 0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d, 0xa2, 0x92, + 0xdd, 0xed, 0x7a, 0x83 +}; +static const unsigned char ecdh_p128_n[] = { + 0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x75, 0xA3, 0x0D, 0x1B, + 0x90, 0x38, 0xA1, 0x15 +}; + +/* 192 bits */ +static const unsigned char ecdh_p192_p[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; +static const unsigned char ecdh_p192_a[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC +}; +static const unsigned char ecdh_p192_b[] = { + 0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, 0x0F, 0xA7, 0xE9, 0xAB, + 0x72, 0x24, 0x30, 0x49, 0xFE, 0xB8, 0xDE, 0xEC, 0xC1, 0x46, 0xB9, 0xB1 +}; +static const unsigned char ecdh_p192_x[] = { + 0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, 0x7C, 0xBF, 0x20, 0xEB, + 0x43, 0xA1, 0x88, 0x00, 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12 +}; +static const unsigned char ecdh_p192_y[] = { + 0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10, 0x11, 0xed, + 0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1, 0x1e, 0x79, 0x48, 0x11 +}; +static const unsigned char ecdh_p192_n[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0x99, 0xDE, 0xF8, 0x36, 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31 +}; + +/* 224 bits */ +static const unsigned char ecdh_p224_p[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01 +}; +static cons
[PATCH v3 1/5] crypto: hisilicon/hpre - add initial settings adapt to 'Kunpeng 930'
From: Hui Tang HPRE of Kunpeng 930 is updated on cluster numbers and configurations of Kunpeng 920 HPRE, so we try to update this driver to make it running okay on both chips. Signed-off-by: Hui Tang Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h | 8 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 93 +-- 2 files changed, 68 insertions(+), 33 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index f69252b..181c109 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -14,8 +14,7 @@ enum { HPRE_CLUSTER0, HPRE_CLUSTER1, HPRE_CLUSTER2, - HPRE_CLUSTER3, - HPRE_CLUSTERS_NUM, + HPRE_CLUSTER3 }; enum hpre_ctrl_dbgfs_file { @@ -36,7 +35,10 @@ enum hpre_dfx_dbgfs_file { HPRE_DFX_FILE_NUM }; -#define HPRE_DEBUGFS_FILE_NUM(HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM - 1) +#define HPRE_CLUSTERS_NUM_V2 (HPRE_CLUSTER3 + 1) +#define HPRE_CLUSTERS_NUM_V3 1 +#define HPRE_CLUSTERS_NUM_MAX HPRE_CLUSTERS_NUM_V2 +#define HPRE_DEBUGFS_FILE_NUM (HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM_MAX - 1) struct hpre_debugfs_file { int index; diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index e5c9919..fc7173a 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -29,6 +29,8 @@ #define HPRE_BD_ARUSR_CFG 0x301030 #define HPRE_BD_AWUSR_CFG 0x301034 #define HPRE_TYPES_ENB 0x301038 +#define HPRE_RSA_ENB BIT(0) +#define HPRE_ECC_ENB BIT(1) #define HPRE_DATA_RUSER_CFG0x30103c #define HPRE_DATA_WUSER_CFG0x301040 #define HPRE_INT_MASK 0x301400 @@ -73,7 +75,8 @@ #define HPRE_QM_AXI_CFG_MASK 0x #define HPRE_QM_VFG_AX_MASK0xff #define HPRE_BD_USR_MASK 0x3 -#define HPRE_CLUSTER_CORE_MASK 0xf +#define HPRE_CLUSTER_CORE_MASK_V2 0xf +#define HPRE_CLUSTER_CORE_MASK_V3 0xff #define HPRE_AM_OOO_SHUTDOWN_ENB 0x301044 #define HPRE_AM_OOO_SHUTDOWN_ENABLEBIT(0) @@ -86,6 +89,11 @@ #define HPRE_QM_PM_FLR BIT(11) #define HPRE_QM_SRIOV_FLR BIT(12) +#define HPRE_CLUSTERS_NUM(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTERS_NUM_V3 : HPRE_CLUSTERS_NUM_V2) +#define HPRE_CLUSTER_CORE_MASK(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTER_CORE_MASK_V3 :\ + HPRE_CLUSTER_CORE_MASK_V2) #define HPRE_VIA_MSI_DSM 1 #define HPRE_SQE_MASK_OFFSET 8 #define HPRE_SQE_MASK_LEN 24 @@ -238,8 +246,40 @@ static int hpre_cfg_by_dsm(struct hisi_qm *qm) return 0; } +static int hpre_set_cluster(struct hisi_qm *qm) +{ + u32 cluster_core_mask = HPRE_CLUSTER_CORE_MASK(qm); + u8 clusters_num = HPRE_CLUSTERS_NUM(qm); + struct device *dev = &qm->pdev->dev; + unsigned long offset; + u32 val = 0; + int ret, i; + + for (i = 0; i < clusters_num; i++) { + offset = i * HPRE_CLSTR_ADDR_INTRVL; + + /* clusters initiating */ + writel(cluster_core_mask, + HPRE_ADDR(qm, offset + HPRE_CORE_ENB)); + writel(0x1, HPRE_ADDR(qm, offset + HPRE_CORE_INI_CFG)); + ret = readl_relaxed_poll_timeout(HPRE_ADDR(qm, offset + + HPRE_CORE_INI_STATUS), val, + ((val & cluster_core_mask) == + cluster_core_mask), + HPRE_REG_RD_INTVRL_US, + HPRE_REG_RD_TMOUT_US); + if (ret) { + dev_err(dev, + "cluster %d int st status timeout!\n", i); + return -ETIMEDOUT; + } + } + + return 0; +} + /* - * For Hi1620, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). + * For Kunpeng 920, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). * Or it may stay in D3 state when we bind and unbind hpre quickly, * as it does FLR triggered by hardware. */ @@ -257,9 +297,8 @@ static void disable_flr_of_bme(struct hisi_qm *qm) static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) { struct device *dev = &qm->pdev->dev; - unsigned long offset; - int ret, i; u32 val; + int ret; writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_ARUSER_M_CFG_ENABLE)); writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_AWUSER_M_CFG_ENABLE)); @@ -270,7 +309,12 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) val |= BI
[PATCH v3 5/5] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 394 +++- 3 files changed, 388 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/Kconfig b/drivers/crypto/hisilicon/Kconfig index 9c3b3ca..bf2f0e3 100644 --- a/drivers/crypto/hisilicon/Kconfig +++ b/drivers/crypto/hisilicon/Kconfig @@ -65,6 +65,7 @@ config CRYPTO_DEV_HISI_HPRE depends on UACCE || UACCE=n depends on ARM64 || (COMPILE_TEST && 64BIT) depends on ACPI + select CRYPTO_LIB_CURVE25519_GENERIC select CRYPTO_DEV_HISI_QM select CRYPTO_DH select CRYPTO_RSA diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 50e6b2e..92892e3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -84,6 +84,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index b7814ce..8c4d52c 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -70,6 +71,25 @@ struct curve_param_desc { const unsigned char *n; }; +/* curve25519 CURVE PARAMS, in big-endian order */ +/* p = (2 ^ 255 - 19) */ +static const unsigned char curve25519_p[] = { + 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xed +}; + /* a = (486662 - 2) / 4 = 121665 */ +static const unsigned char curve25519_a[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xDB, 0x41 +}; +static const unsigned char curve25519_x[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09 +}; + /* ECC CURVE PARAMS */ /* 128 bits */ static const unsigned char ecdh_p128_p[] = { @@ -417,6 +437,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -429,6 +459,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -443,6 +474,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -765,7 +797,6 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) struct hpre_sqe *sqe = resp; struct hpre_asym_request *req = ctx->req_list[le16_to_cpu(sqe->tag)]; - if (unlikely(!req)) { atomic64_inc(&dfx[HPRE_INVALID_REQ_CNT].value); return; @@ -1482,6 +1513,12 @@ static void hpre_ecc_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all, memzero_explicit(ctx->ecdh.p + shift, sz); dma_free_coherent(dev, sz << 3, ctx->ecdh.p, ctx->ecdh.dma_p); ctx->ecdh.p = NULL; + } else if (!is_ecdh && ctx->curve25519.p) { + /* curve25519: p->a->k */ + memzero_explicit(ctx->curve25519.p + shift, sz); + dma_free_coherent(dev, sz << 2, ctx->curve25519.p, + ctx->curve25519.dma_p); + ctx->curve25519.p = NULL; } ctx->curve_id = 0; @@ -1877,6 +1914,318 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_key_to_big_end(u8 *data, int len) +{ + int i, j; + u8 tmp; + + for
[PATCH v3 0/5] crypto: hisilicon/hpre - add something for Kunpeng 930
Add algorithms(ECDH and CURVE25519) in Kunpeng 930. v2 -> v3: - patch #1: add a 'Signed-off-by' from its author - patch #5: fix sparse warnings - patch #5: add 'CRYPTO_LIB_CURVE25519_GENERIC' in 'Kconfig' v1 -> v2: - patch #5: delete 'curve25519_null_point' Hui Tang (1): crypto: hisilicon/hpre - add initial settings adapt to 'Kunpeng 930' Meng Yu (4): crypto: hisilicon/hpre - add version adapt to new algorithms crypto: hisilicon/hpre - add algorithm type crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: hisilicon/hpre - add 'CURVE25519' algorithm drivers/crypto/hisilicon/Kconfig|1 + drivers/crypto/hisilicon/hpre/hpre.h| 25 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 1194 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 105 ++- drivers/crypto/hisilicon/qm.c |4 +- drivers/crypto/hisilicon/qm.h |4 +- drivers/crypto/hisilicon/sec2/sec.h |4 +- drivers/crypto/hisilicon/sec2/sec_crypto.c |4 +- drivers/crypto/hisilicon/sec2/sec_crypto.h |4 +- drivers/crypto/hisilicon/zip/zip.h |4 +- drivers/crypto/hisilicon/zip/zip_crypto.c |4 +- 11 files changed, 1289 insertions(+), 64 deletions(-) -- 2.8.1
[PATCH v2 3/5] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index cc50f23..02193e1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -92,7 +100,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 719f8715..c3c18da 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -209,13 +209,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH v2 1/5] crypto: hisilicon/hpre - add initial settings adapt to 'Kunpeng 930'
From: Hui Tang HPRE device 'Kunpeng 930' is updated based on 'Kunpeng 920', and they are not all the same, such as cluster numbers and configuration of some registers, so we try to update this driver to make it running okay not only on 'Kunpeng 920', but also okay on 'Kunpeng 930' in this patch. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h | 8 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 93 +-- 2 files changed, 68 insertions(+), 33 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index f69252b..181c109 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -14,8 +14,7 @@ enum { HPRE_CLUSTER0, HPRE_CLUSTER1, HPRE_CLUSTER2, - HPRE_CLUSTER3, - HPRE_CLUSTERS_NUM, + HPRE_CLUSTER3 }; enum hpre_ctrl_dbgfs_file { @@ -36,7 +35,10 @@ enum hpre_dfx_dbgfs_file { HPRE_DFX_FILE_NUM }; -#define HPRE_DEBUGFS_FILE_NUM(HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM - 1) +#define HPRE_CLUSTERS_NUM_V2 (HPRE_CLUSTER3 + 1) +#define HPRE_CLUSTERS_NUM_V3 1 +#define HPRE_CLUSTERS_NUM_MAX HPRE_CLUSTERS_NUM_V2 +#define HPRE_DEBUGFS_FILE_NUM (HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM_MAX - 1) struct hpre_debugfs_file { int index; diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index a33394d..719f8715 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -29,6 +29,8 @@ #define HPRE_BD_ARUSR_CFG 0x301030 #define HPRE_BD_AWUSR_CFG 0x301034 #define HPRE_TYPES_ENB 0x301038 +#define HPRE_RSA_ENB BIT(0) +#define HPRE_ECC_ENB BIT(1) #define HPRE_DATA_RUSER_CFG0x30103c #define HPRE_DATA_WUSER_CFG0x301040 #define HPRE_INT_MASK 0x301400 @@ -73,7 +75,8 @@ #define HPRE_QM_AXI_CFG_MASK 0x #define HPRE_QM_VFG_AX_MASK0xff #define HPRE_BD_USR_MASK 0x3 -#define HPRE_CLUSTER_CORE_MASK 0xf +#define HPRE_CLUSTER_CORE_MASK_V2 0xf +#define HPRE_CLUSTER_CORE_MASK_V3 0xff #define HPRE_AM_OOO_SHUTDOWN_ENB 0x301044 #define HPRE_AM_OOO_SHUTDOWN_ENABLEBIT(0) @@ -86,6 +89,11 @@ #define HPRE_QM_PM_FLR BIT(11) #define HPRE_QM_SRIOV_FLR BIT(12) +#define HPRE_CLUSTERS_NUM(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTERS_NUM_V3 : HPRE_CLUSTERS_NUM_V2) +#define HPRE_CLUSTER_CORE_MASK(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTER_CORE_MASK_V3 :\ + HPRE_CLUSTER_CORE_MASK_V2) #define HPRE_VIA_MSI_DSM 1 #define HPRE_SQE_MASK_OFFSET 8 #define HPRE_SQE_MASK_LEN 24 @@ -238,8 +246,40 @@ static int hpre_cfg_by_dsm(struct hisi_qm *qm) return 0; } +static int hpre_set_cluster(struct hisi_qm *qm) +{ + u32 cluster_core_mask = HPRE_CLUSTER_CORE_MASK(qm); + u8 clusters_num = HPRE_CLUSTERS_NUM(qm); + struct device *dev = &qm->pdev->dev; + unsigned long offset; + u32 val = 0; + int ret, i; + + for (i = 0; i < clusters_num; i++) { + offset = i * HPRE_CLSTR_ADDR_INTRVL; + + /* clusters initiating */ + writel(cluster_core_mask, + HPRE_ADDR(qm, offset + HPRE_CORE_ENB)); + writel(0x1, HPRE_ADDR(qm, offset + HPRE_CORE_INI_CFG)); + ret = readl_relaxed_poll_timeout(HPRE_ADDR(qm, offset + + HPRE_CORE_INI_STATUS), val, + ((val & cluster_core_mask) == + cluster_core_mask), + HPRE_REG_RD_INTVRL_US, + HPRE_REG_RD_TMOUT_US); + if (ret) { + dev_err(dev, + "cluster %d int st status timeout!\n", i); + return -ETIMEDOUT; + } + } + + return 0; +} + /* - * For Hi1620, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). + * For Kunpeng 920, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). * Or it may stay in D3 state when we bind and unbind hpre quickly, * as it does FLR triggered by hardware. */ @@ -257,9 +297,8 @@ static void disable_flr_of_bme(struct hisi_qm *qm) static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) { struct device *dev = &qm->pdev->dev; - unsigned long offset; - int ret, i; u32 val; + int ret; writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_ARUSER_M_CFG_ENABLE)); writel(HPRE
[PATCH v2 0/5] crypto: hisilicon/hpre - add something for 'Kunpeng 930'
1. Add initial settings, version and new type to adapt 'Kunpeng 930'; 2. Add algorithms(ECDH and CURVE25519) in 'Kunpeng 930'; Hui Tang (1): crypto: hisilicon/hpre - add initial settings adapt to 'Kunpeng 930' Meng Yu (4): crypto: hisilicon/hpre - add version adapt to new algorithms crypto: hisilicon/hpre - add algorithm type crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: hisilicon/hpre - add 'CURVE25519' algorithm drivers/crypto/hisilicon/hpre/hpre.h| 25 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 1187 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 105 ++- drivers/crypto/hisilicon/qm.c |4 +- drivers/crypto/hisilicon/qm.h |4 +- drivers/crypto/hisilicon/sec2/sec.h |4 +- drivers/crypto/hisilicon/sec2/sec_crypto.c |4 +- drivers/crypto/hisilicon/sec2/sec_crypto.h |4 +- drivers/crypto/hisilicon/zip/zip.h |4 +- drivers/crypto/hisilicon/zip/zip_crypto.c |4 +- 10 files changed, 1282 insertions(+), 63 deletions(-) -- 2.8.1
[PATCH v2 5/5] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
Enable 'CURVE25519' algorithm in 'Kunpeng 930'. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 387 +++- 2 files changed, 381 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 50e6b2e..92892e3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -84,6 +84,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index b7814ce..668a2a2 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -70,6 +71,25 @@ struct curve_param_desc { const unsigned char *n; }; +/* curve25519 CURVE PARAMS, in big-endian order */ +/* p = (2 ^ 255 - 19) */ +static const unsigned char curve25519_p[] = { + 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xed +}; + /* a = (486662 - 2) / 4 = 121665 */ +static const unsigned char curve25519_a[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xDB, 0x41 +}; +static const unsigned char curve25519_x[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09 +}; + /* ECC CURVE PARAMS */ /* 128 bits */ static const unsigned char ecdh_p128_p[] = { @@ -417,6 +437,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -429,6 +459,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -443,6 +474,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -1877,6 +1909,318 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_key_to_big_end(u8 *data, int len) +{ + int i, j; + u8 tmp; + + for (i = 0; i < len / 2; i++) { + j = len - i - 1; + tmp = data[j]; + data[j] = data[i]; + data[i] = tmp; + } +} + +static void hpre_curve25519_fill_curve(struct hpre_ctx *ctx, const void *buf, + unsigned int len) +{ + u8 secret[CURVE25519_KEY_SIZE] = { 0 }; + unsigned int sz = ctx->key_sz; + unsigned int shift = sz << 1; + void *p; + + /** +* The key from 'buf' is in little-endian, we should preprocess it as +* the description in rfc7748: "k[0] &= 248, k[31] &= 127, k[31] |= 64", +* then convert it to big endian. Only in this way, the result can be +* the same as the software curve-25519 that exists in crypto. +*/ + memcpy(secret, buf, len); + curve25519_clamp_secret(secret); + hpre_key_to_big_end(secret, CURVE25519_KEY_SIZE); + + p = ctx->curve25519.p + sz - len; + + /* fill curve parameters */ + memcpy(p, curve25519_p, len); + memcpy(p + sz, curve25519_a, len); + memcpy(p + shift, secret, len); + memcpy(p + shift + sz, curve25519_x, len); + memzero_explicit(secret, CURVE25519_KEY_SIZE); +} + +static int hpre_curve25519_set_param(struct hpre_ctx *ctx, const void *buf, +unsigned int len) +{ + struct device *dev = HPRE_DEV(ctx); + unsigned int sz = ctx->key_sz; + unsigned int shi
[PATCH v2 4/5] crypto: hisilicon/hpre - add 'ECDH' algorithm
Enable 'ECDH' algorithm in 'Kunpeng 930'. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 802 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + 3 files changed, 800 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 02193e1..50e6b2e 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -83,6 +83,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -104,5 +105,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..b7814ce 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,7 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include #include #include #include @@ -36,6 +37,342 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* HPRE support 7 curves (include curve P192 and P256 in ecdh.h) */ +#define HPRE_ECC_CURVE_NIST_P128 0X0003 +#define HPRE_ECC_CURVE_NIST_P320 0X0004 +#define HPRE_ECC_CURVE_NIST_P384 0X0005 +#define HPRE_ECC_CURVE_NIST_P521 0X0006 +#define HPRE_ECC_CURVE_NIST_P224 0X0007 + +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P128_N_SIZE 16 +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P224_N_SIZE 28 +#define HPRE_ECC_NIST_P256_N_SIZE 32 +#define HPRE_ECC_NIST_P320_N_SIZE 40 +#define HPRE_ECC_NIST_P384_N_SIZE 48 +#define HPRE_ECC_NIST_P521_N_SIZE 66 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 +#define HPRE_ECC_HW384_KSZ_B 48 +#define HPRE_ECC_HW576_KSZ_B 72 + +#define HPRE_ECDH_MAX_SZ HPRE_ECC_HW576_KSZ_B + +struct curve_param_desc { + __u32 id; + const unsigned char *p; + const unsigned char *a; + const unsigned char *b; + const unsigned char *gx; + const unsigned char *gy; + const unsigned char *n; +}; + +/* ECC CURVE PARAMS */ +/* 128 bits */ +static const unsigned char ecdh_p128_p[] = { + 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF +}; +static const unsigned char ecdh_p128_a[] = { + 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFC +}; +static const unsigned char ecdh_p128_b[] = { + 0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, 0xD8, 0x24, 0x99, 0x3C, + 0x2C, 0xEE, 0x5E, 0xD3 +}; +static const unsigned char ecdh_p128_x[] = { + 0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, 0x0C, 0x28, 0x60, 0x7C, + 0xA5, 0x2C, 0x5B, 0x86 +}; +static const unsigned char ecdh_p128_y[] = { + 0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d, 0xa2, 0x92, + 0xdd, 0xed, 0x7a, 0x83 +}; +static const unsigned char ecdh_p128_n[] = { + 0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x75, 0xA3, 0x0D, 0x1B, + 0x90, 0x38, 0xA1, 0x15 +}; + +/* 192 bits */ +static const unsigned char ecdh_p192_p[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; +static const unsigned char ecdh_p192_a[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC +}; +static const unsigned char ecdh_p192_b[] = { + 0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, 0x0F, 0xA7, 0xE9, 0xAB, + 0x72, 0x24, 0x30, 0x49, 0xFE, 0xB8, 0xDE, 0xEC, 0xC1, 0x46, 0xB9, 0xB1 +}; +static const unsigned char ecdh_p192_x[] = { + 0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, 0x7C, 0xBF, 0x20, 0xEB, + 0x43, 0xA1, 0x88, 0x00, 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12 +}; +static const unsigned char ecdh_p192_y[] = { + 0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10, 0x11, 0xed, + 0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1, 0x1e, 0x79, 0x48, 0x11 +}; +static const unsigned char ecdh_p192_n[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0x99, 0xDE, 0xF8, 0x36, 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31 +}; + +/* 224 bits */ +static const unsigned char ecdh_p224_p[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x
[PATCH v2 2/5] crypto: hisilicon/hpre - add version adapt to new algorithms
'DH' and 'RSA' algorithms are supported by 'Kunpeng 920' and 'Kunpeng 930', but some new algrithms(like ECDH) are only supported by 'Kunpeng 930', so we add parameter 'struct hisi_qm *qm' to hpre_algs_(un)register to identify the chip's version. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 5 +++-- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 4 ++-- drivers/crypto/hisilicon/qm.c | 4 ++-- drivers/crypto/hisilicon/qm.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 ++-- drivers/crypto/hisilicon/zip/zip.h | 4 ++-- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 ++-- 9 files changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 181c109..cc50f23 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -93,7 +93,8 @@ struct hpre_sqe { }; struct hisi_qp *hpre_create_qp(void); -int hpre_algs_register(void); -void hpre_algs_unregister(void); +int hpre_algs_register(struct hisi_qm *qm); +void hpre_algs_unregister(struct hisi_qm *qm); + #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a87f990..d89b2f5 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1154,7 +1154,7 @@ static struct kpp_alg dh = { }; #endif -int hpre_algs_register(void) +int hpre_algs_register(struct hisi_qm *qm) { int ret; @@ -1171,7 +1171,7 @@ int hpre_algs_register(void) return ret; } -void hpre_algs_unregister(void) +void hpre_algs_unregister(struct hisi_qm *qm) { crypto_unregister_akcipher(&rsa); #ifdef CONFIG_CRYPTO_DH diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c index 050fe4e..0c2e16d 100644 --- a/drivers/crypto/hisilicon/qm.c +++ b/drivers/crypto/hisilicon/qm.c @@ -3973,7 +3973,7 @@ int hisi_qm_alg_register(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (flag) { - ret = qm_list->register_to_crypto(); + ret = qm_list->register_to_crypto(qm); if (ret) { mutex_lock(&qm_list->lock); list_del(&qm->list); @@ -4001,7 +4001,7 @@ void hisi_qm_alg_unregister(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (list_empty(&qm_list->list)) - qm_list->unregister_from_crypto(); + qm_list->unregister_from_crypto(qm); } EXPORT_SYMBOL_GPL(hisi_qm_alg_unregister); diff --git a/drivers/crypto/hisilicon/qm.h b/drivers/crypto/hisilicon/qm.h index 0420f4c..4de763a 100644 --- a/drivers/crypto/hisilicon/qm.h +++ b/drivers/crypto/hisilicon/qm.h @@ -193,8 +193,8 @@ struct hisi_qm_err_ini { struct hisi_qm_list { struct mutex lock; struct list_head list; - int (*register_to_crypto)(void); - void (*unregister_from_crypto)(void); + int (*register_to_crypto)(struct hisi_qm *qm); + void (*unregister_from_crypto)(struct hisi_qm *qm); }; struct hisi_qm { diff --git a/drivers/crypto/hisilicon/sec2/sec.h b/drivers/crypto/hisilicon/sec2/sec.h index 0849191..17ddb20 100644 --- a/drivers/crypto/hisilicon/sec2/sec.h +++ b/drivers/crypto/hisilicon/sec2/sec.h @@ -183,6 +183,6 @@ struct sec_dev { void sec_destroy_qps(struct hisi_qp **qps, int qp_num); struct hisi_qp **sec_create_qps(void); -int sec_register_to_crypto(void); -void sec_unregister_from_crypto(void); +int sec_register_to_crypto(struct hisi_qm *qm); +void sec_unregister_from_crypto(struct hisi_qm *qm); #endif diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 87bc08a..f512ce2 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1632,7 +1632,7 @@ static struct aead_alg sec_aeads[] = { AES_BLOCK_SIZE, AES_BLOCK_SIZE, SHA512_DIGEST_SIZE), }; -int sec_register_to_crypto(void) +int sec_register_to_crypto(struct hisi_qm *qm) { int ret; @@ -1649,7 +1649,7 @@ int sec_register_to_crypto(void) return ret; } -void sec_unregister_from_crypto(void) +void sec_unregister_from_crypto(struct hisi_qm *qm) { crypto_unregister_skciphers(sec_skciphers, ARRAY_SIZE(sec_skciphers)); diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.h b/drivers/crypto/hisilicon/sec2/sec_crypto.h index b2786e1..0e933e7 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.h +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.h @@
[PATCH 5/5] crypto: hisilicon/hpre - add 'CURVE25519' algorithm
Enable 'CURVE25519' algorithm in 'Kunpeng 930'. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 390 +++- 2 files changed, 384 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 50e6b2e..92892e3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -84,6 +84,8 @@ enum hpre_alg_type { HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, HPRE_ALG_ECC_MUL = 0xD, + /* shared by x25519 and x448, but x448 is not supported now */ + HPRE_ALG_CURVE25519_MUL = 0x10, }; struct hpre_sqe { diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index b7814ce..fae99ed 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 /* Copyright (c) 2019 HiSilicon Limited. */ #include +#include #include #include #include @@ -70,6 +71,28 @@ struct curve_param_desc { const unsigned char *n; }; +/* curve25519 */ +const u8 curve25519_null_point[CURVE25519_KEY_SIZE] __aligned(32) = { 0 }; + +/* curve25519 CURVE PARAMS, in big-endian order */ +/* p = (2 ^ 255 - 19) */ +static const unsigned char curve25519_p[] = { + 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xed +}; + /* a = (486662 - 2) / 4 = 121665 */ +static const unsigned char curve25519_a[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xDB, 0x41 +}; +static const unsigned char curve25519_x[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09 +}; + /* ECC CURVE PARAMS */ /* 128 bits */ static const unsigned char ecdh_p128_p[] = { @@ -417,6 +440,16 @@ struct hpre_ecdh_ctx { dma_addr_t dma_g; }; +struct hpre_curve25519_ctx { + /* low address: p->a->k */ + unsigned char *p; + dma_addr_t dma_p; + + /* gx coordinate */ + unsigned char *g; + dma_addr_t dma_g; +}; + struct hpre_ctx { struct hisi_qp *qp; struct hpre_asym_request **req_list; @@ -429,6 +462,7 @@ struct hpre_ctx { struct hpre_rsa_ctx rsa; struct hpre_dh_ctx dh; struct hpre_ecdh_ctx ecdh; + struct hpre_curve25519_ctx curve25519; }; /* for ecc algorithms */ unsigned int curve_id; @@ -443,6 +477,7 @@ struct hpre_asym_request { struct akcipher_request *rsa; struct kpp_request *dh; struct kpp_request *ecdh; + struct kpp_request *curve25519; } areq; int err; int req_id; @@ -1877,6 +1912,318 @@ static void hpre_ecdh_exit_tfm(struct crypto_kpp *tfm) hpre_ecc_clear_ctx(ctx, true, true); } +static void hpre_key_to_big_end(u8 *data, int len) +{ + int i, j; + u8 tmp; + + for (i = 0; i < len / 2; i++) { + j = len - i - 1; + tmp = data[j]; + data[j] = data[i]; + data[i] = tmp; + } +} + +static void hpre_curve25519_fill_curve(struct hpre_ctx *ctx, const void *buf, + unsigned int len) +{ + u8 secret[CURVE25519_KEY_SIZE] = { 0 }; + unsigned int sz = ctx->key_sz; + unsigned int shift = sz << 1; + void *p; + + /** +* The key from 'buf' is in little-endian, we should preprocess it as +* the description in rfc7748: "k[0] &= 248, k[31] &= 127, k[31] |= 64", +* then convert it to big endian. Only in this way, the result can be +* the same as the software curve-25519 that exists in crypto. +*/ + memcpy(secret, buf, len); + curve25519_clamp_secret(secret); + hpre_key_to_big_end(secret, CURVE25519_KEY_SIZE); + + p = ctx->curve25519.p + sz - len; + + /* fill curve parameters */ + memcpy(p, curve25519_p, len); + memcpy(p + sz, curve25519_a, len); + memcpy(p + shift, secret, len); + memcpy(p + shift + sz, curve25519_x, len); + memzero_explicit(secret, CURVE25519_KEY_SIZE); +} + +static int hpre_curve25519_set_param(struct hpre_ctx *ctx, const void *buf, +unsigned int len) +{ + struct device *dev = HPRE_DEV(ctx); +
[PATCH 1/5] crypto: hisilicon/hpre - add initial settings adapt to 'Kunpeng 930'
From: Hui Tang HPRE device 'Kunpeng 930' is updated based on 'Kunpeng 920', and they are not all the same, such as cluster numbers and configuration of some registers, so we try to update this driver to make it running okay not only on 'Kunpeng 920', but also okay on 'Kunpeng 930' in this patch. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h | 8 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 93 +-- 2 files changed, 68 insertions(+), 33 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index f69252b..181c109 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -14,8 +14,7 @@ enum { HPRE_CLUSTER0, HPRE_CLUSTER1, HPRE_CLUSTER2, - HPRE_CLUSTER3, - HPRE_CLUSTERS_NUM, + HPRE_CLUSTER3 }; enum hpre_ctrl_dbgfs_file { @@ -36,7 +35,10 @@ enum hpre_dfx_dbgfs_file { HPRE_DFX_FILE_NUM }; -#define HPRE_DEBUGFS_FILE_NUM(HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM - 1) +#define HPRE_CLUSTERS_NUM_V2 (HPRE_CLUSTER3 + 1) +#define HPRE_CLUSTERS_NUM_V3 1 +#define HPRE_CLUSTERS_NUM_MAX HPRE_CLUSTERS_NUM_V2 +#define HPRE_DEBUGFS_FILE_NUM (HPRE_DEBUG_FILE_NUM + HPRE_CLUSTERS_NUM_MAX - 1) struct hpre_debugfs_file { int index; diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index a33394d..719f8715 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -29,6 +29,8 @@ #define HPRE_BD_ARUSR_CFG 0x301030 #define HPRE_BD_AWUSR_CFG 0x301034 #define HPRE_TYPES_ENB 0x301038 +#define HPRE_RSA_ENB BIT(0) +#define HPRE_ECC_ENB BIT(1) #define HPRE_DATA_RUSER_CFG0x30103c #define HPRE_DATA_WUSER_CFG0x301040 #define HPRE_INT_MASK 0x301400 @@ -73,7 +75,8 @@ #define HPRE_QM_AXI_CFG_MASK 0x #define HPRE_QM_VFG_AX_MASK0xff #define HPRE_BD_USR_MASK 0x3 -#define HPRE_CLUSTER_CORE_MASK 0xf +#define HPRE_CLUSTER_CORE_MASK_V2 0xf +#define HPRE_CLUSTER_CORE_MASK_V3 0xff #define HPRE_AM_OOO_SHUTDOWN_ENB 0x301044 #define HPRE_AM_OOO_SHUTDOWN_ENABLEBIT(0) @@ -86,6 +89,11 @@ #define HPRE_QM_PM_FLR BIT(11) #define HPRE_QM_SRIOV_FLR BIT(12) +#define HPRE_CLUSTERS_NUM(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTERS_NUM_V3 : HPRE_CLUSTERS_NUM_V2) +#define HPRE_CLUSTER_CORE_MASK(qm) \ + (((qm)->ver >= QM_HW_V3) ? HPRE_CLUSTER_CORE_MASK_V3 :\ + HPRE_CLUSTER_CORE_MASK_V2) #define HPRE_VIA_MSI_DSM 1 #define HPRE_SQE_MASK_OFFSET 8 #define HPRE_SQE_MASK_LEN 24 @@ -238,8 +246,40 @@ static int hpre_cfg_by_dsm(struct hisi_qm *qm) return 0; } +static int hpre_set_cluster(struct hisi_qm *qm) +{ + u32 cluster_core_mask = HPRE_CLUSTER_CORE_MASK(qm); + u8 clusters_num = HPRE_CLUSTERS_NUM(qm); + struct device *dev = &qm->pdev->dev; + unsigned long offset; + u32 val = 0; + int ret, i; + + for (i = 0; i < clusters_num; i++) { + offset = i * HPRE_CLSTR_ADDR_INTRVL; + + /* clusters initiating */ + writel(cluster_core_mask, + HPRE_ADDR(qm, offset + HPRE_CORE_ENB)); + writel(0x1, HPRE_ADDR(qm, offset + HPRE_CORE_INI_CFG)); + ret = readl_relaxed_poll_timeout(HPRE_ADDR(qm, offset + + HPRE_CORE_INI_STATUS), val, + ((val & cluster_core_mask) == + cluster_core_mask), + HPRE_REG_RD_INTVRL_US, + HPRE_REG_RD_TMOUT_US); + if (ret) { + dev_err(dev, + "cluster %d int st status timeout!\n", i); + return -ETIMEDOUT; + } + } + + return 0; +} + /* - * For Hi1620, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). + * For Kunpeng 920, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). * Or it may stay in D3 state when we bind and unbind hpre quickly, * as it does FLR triggered by hardware. */ @@ -257,9 +297,8 @@ static void disable_flr_of_bme(struct hisi_qm *qm) static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) { struct device *dev = &qm->pdev->dev; - unsigned long offset; - int ret, i; u32 val; + int ret; writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_ARUSER_M_CFG_ENABLE)); writel(HPRE
[PATCH 2/5] crypto: hisilicon/hpre - add version adapt to new algorithms
'DH' and 'RSA' algorithms are supported by 'Kunpeng 920' and 'Kunpeng 930', but some new algrithms(like ECDH) are only supported by 'Kunpeng 930', so we add parameter 'struct hisi_qm *qm' to hpre_algs_(un)register to identify the chip's version. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 5 +++-- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 4 ++-- drivers/crypto/hisilicon/qm.c | 4 ++-- drivers/crypto/hisilicon/qm.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec.h | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.c | 4 ++-- drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 ++-- drivers/crypto/hisilicon/zip/zip.h | 4 ++-- drivers/crypto/hisilicon/zip/zip_crypto.c | 4 ++-- 9 files changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 181c109..cc50f23 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -93,7 +93,8 @@ struct hpre_sqe { }; struct hisi_qp *hpre_create_qp(void); -int hpre_algs_register(void); -void hpre_algs_unregister(void); +int hpre_algs_register(struct hisi_qm *qm); +void hpre_algs_unregister(struct hisi_qm *qm); + #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a87f990..d89b2f5 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1154,7 +1154,7 @@ static struct kpp_alg dh = { }; #endif -int hpre_algs_register(void) +int hpre_algs_register(struct hisi_qm *qm) { int ret; @@ -1171,7 +1171,7 @@ int hpre_algs_register(void) return ret; } -void hpre_algs_unregister(void) +void hpre_algs_unregister(struct hisi_qm *qm) { crypto_unregister_akcipher(&rsa); #ifdef CONFIG_CRYPTO_DH diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/crypto/hisilicon/qm.c index 050fe4e..0c2e16d 100644 --- a/drivers/crypto/hisilicon/qm.c +++ b/drivers/crypto/hisilicon/qm.c @@ -3973,7 +3973,7 @@ int hisi_qm_alg_register(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (flag) { - ret = qm_list->register_to_crypto(); + ret = qm_list->register_to_crypto(qm); if (ret) { mutex_lock(&qm_list->lock); list_del(&qm->list); @@ -4001,7 +4001,7 @@ void hisi_qm_alg_unregister(struct hisi_qm *qm, struct hisi_qm_list *qm_list) mutex_unlock(&qm_list->lock); if (list_empty(&qm_list->list)) - qm_list->unregister_from_crypto(); + qm_list->unregister_from_crypto(qm); } EXPORT_SYMBOL_GPL(hisi_qm_alg_unregister); diff --git a/drivers/crypto/hisilicon/qm.h b/drivers/crypto/hisilicon/qm.h index 0420f4c..4de763a 100644 --- a/drivers/crypto/hisilicon/qm.h +++ b/drivers/crypto/hisilicon/qm.h @@ -193,8 +193,8 @@ struct hisi_qm_err_ini { struct hisi_qm_list { struct mutex lock; struct list_head list; - int (*register_to_crypto)(void); - void (*unregister_from_crypto)(void); + int (*register_to_crypto)(struct hisi_qm *qm); + void (*unregister_from_crypto)(struct hisi_qm *qm); }; struct hisi_qm { diff --git a/drivers/crypto/hisilicon/sec2/sec.h b/drivers/crypto/hisilicon/sec2/sec.h index 0849191..17ddb20 100644 --- a/drivers/crypto/hisilicon/sec2/sec.h +++ b/drivers/crypto/hisilicon/sec2/sec.h @@ -183,6 +183,6 @@ struct sec_dev { void sec_destroy_qps(struct hisi_qp **qps, int qp_num); struct hisi_qp **sec_create_qps(void); -int sec_register_to_crypto(void); -void sec_unregister_from_crypto(void); +int sec_register_to_crypto(struct hisi_qm *qm); +void sec_unregister_from_crypto(struct hisi_qm *qm); #endif diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c index 87bc08a..f512ce2 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.c +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c @@ -1632,7 +1632,7 @@ static struct aead_alg sec_aeads[] = { AES_BLOCK_SIZE, AES_BLOCK_SIZE, SHA512_DIGEST_SIZE), }; -int sec_register_to_crypto(void) +int sec_register_to_crypto(struct hisi_qm *qm) { int ret; @@ -1649,7 +1649,7 @@ int sec_register_to_crypto(void) return ret; } -void sec_unregister_from_crypto(void) +void sec_unregister_from_crypto(struct hisi_qm *qm) { crypto_unregister_skciphers(sec_skciphers, ARRAY_SIZE(sec_skciphers)); diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.h b/drivers/crypto/hisilicon/sec2/sec_crypto.h index b2786e1..0e933e7 100644 --- a/drivers/crypto/hisilicon/sec2/sec_crypto.h +++ b/drivers/crypto/hisilicon/sec2/sec_crypto.h @@
[PATCH 0/5] crypto: hisilicon/hpre - add something for 'Kunpeng 930'
1. Add initial settings, version and new type to adapt 'Kunpeng 930'; 2. Add algorithms(ECDH and CURVE25519) in 'Kunpeng 930'; Hui Tang (1): crypto: hisilicon/hpre - add initial settings adapt to 'Kunpeng 930' Meng Yu (4): crypto: hisilicon/hpre - add version adapt to new algorithms crypto: hisilicon/hpre - add algorithm type crypto: hisilicon/hpre - add 'ECDH' algorithm crypto: hisilicon/hpre - add 'CURVE25519' algorithm drivers/crypto/hisilicon/hpre/hpre.h| 25 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 1190 ++- drivers/crypto/hisilicon/hpre/hpre_main.c | 105 ++- drivers/crypto/hisilicon/qm.c |4 +- drivers/crypto/hisilicon/qm.h |4 +- drivers/crypto/hisilicon/sec2/sec.h |4 +- drivers/crypto/hisilicon/sec2/sec_crypto.c |4 +- drivers/crypto/hisilicon/sec2/sec_crypto.h |4 +- drivers/crypto/hisilicon/zip/zip.h |4 +- drivers/crypto/hisilicon/zip/zip_crypto.c |4 +- 10 files changed, 1285 insertions(+), 63 deletions(-) -- 2.8.1
[PATCH 3/5] crypto: hisilicon/hpre - add algorithm type
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpre_main.c | 11 +-- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index cc50f23..02193e1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -10,6 +10,14 @@ #define HPRE_PF_DEF_Q_NUM 64 #define HPRE_PF_DEF_Q_BASE 0 +/* + * type used in qm sqc DW6. + * 0 - Algorithm which has been supported in V2, like RSA, DH and so on; + * 1 - ECC algorithm in V3. + */ +#define HPRE_V2_ALG_TYPE 0 +#define HPRE_V3_ECC_ALG_TYPE 1 + enum { HPRE_CLUSTER0, HPRE_CLUSTER1, @@ -92,7 +100,7 @@ struct hpre_sqe { __le32 rsvd1[_HPRE_SQE_ALIGN_EXT]; }; -struct hisi_qp *hpre_create_qp(void); +struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d89b2f5..712bea9 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -152,12 +152,12 @@ static void hpre_rm_req_from_ctx(struct hpre_asym_request *hpre_req) } } -static struct hisi_qp *hpre_get_qp_and_start(void) +static struct hisi_qp *hpre_get_qp_and_start(u8 type) { struct hisi_qp *qp; int ret; - qp = hpre_create_qp(); + qp = hpre_create_qp(type); if (!qp) { pr_err("Can not create hpre qp!\n"); return ERR_PTR(-ENODEV); @@ -422,11 +422,11 @@ static void hpre_alg_cb(struct hisi_qp *qp, void *resp) req->cb(ctx, resp); } -static int hpre_ctx_init(struct hpre_ctx *ctx) +static int hpre_ctx_init(struct hpre_ctx *ctx, u8 type) { struct hisi_qp *qp; - qp = hpre_get_qp_and_start(); + qp = hpre_get_qp_and_start(type); if (IS_ERR(qp)) return PTR_ERR(qp); @@ -674,7 +674,7 @@ static int hpre_dh_init_tfm(struct crypto_kpp *tfm) { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); - return hpre_ctx_init(ctx); + return hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); } static void hpre_dh_exit_tfm(struct crypto_kpp *tfm) @@ -1100,7 +1100,7 @@ static int hpre_rsa_init_tfm(struct crypto_akcipher *tfm) return PTR_ERR(ctx->rsa.soft_tfm); } - ret = hpre_ctx_init(ctx); + ret = hpre_ctx_init(ctx, HPRE_V2_ALG_TYPE); if (ret) crypto_free_akcipher(ctx->rsa.soft_tfm); diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 719f8715..c3c18da 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -209,13 +209,20 @@ static u32 vfs_num; module_param_cb(vfs_num, &vfs_num_ops, &vfs_num, 0444); MODULE_PARM_DESC(vfs_num, "Number of VFs to enable(1-63), 0(default)"); -struct hisi_qp *hpre_create_qp(void) +struct hisi_qp *hpre_create_qp(u8 type) { int node = cpu_to_node(smp_processor_id()); struct hisi_qp *qp = NULL; int ret; - ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, 0, node, &qp); + if (type != HPRE_V2_ALG_TYPE && type != HPRE_V3_ECC_ALG_TYPE) + return NULL; + + /* +* type: 0 - RSA/DH. algorithm supported in V2, +* 1 - ECC algorithm in V3. +*/ + ret = hisi_qm_alloc_qps_node(&hpre_devices, 1, type, node, &qp); if (!ret) return qp; -- 2.8.1
[PATCH 4/5] crypto: hisilicon/hpre - add 'ECDH' algorithm
Enable 'ECDH' algorithm in 'Kunpeng 930'. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 802 +++- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + 3 files changed, 800 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index 02193e1..50e6b2e 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -83,6 +83,7 @@ enum hpre_alg_type { HPRE_ALG_KG_CRT = 0x3, HPRE_ALG_DH_G2 = 0x4, HPRE_ALG_DH = 0x5, + HPRE_ALG_ECC_MUL = 0xD, }; struct hpre_sqe { @@ -104,5 +105,4 @@ struct hisi_qp *hpre_create_qp(u8 type); int hpre_algs_register(struct hisi_qm *qm); void hpre_algs_unregister(struct hisi_qm *qm); - #endif diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 712bea9..b7814ce 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -2,6 +2,7 @@ /* Copyright (c) 2019 HiSilicon Limited. */ #include #include +#include #include #include #include @@ -36,6 +37,342 @@ struct hpre_ctx; #define HPRE_DFX_SEC_TO_US 100 #define HPRE_DFX_US_TO_NS 1000 +/* HPRE support 7 curves (include curve P192 and P256 in ecdh.h) */ +#define HPRE_ECC_CURVE_NIST_P128 0X0003 +#define HPRE_ECC_CURVE_NIST_P320 0X0004 +#define HPRE_ECC_CURVE_NIST_P384 0X0005 +#define HPRE_ECC_CURVE_NIST_P521 0X0006 +#define HPRE_ECC_CURVE_NIST_P224 0X0007 + +/* size in bytes of the n prime */ +#define HPRE_ECC_NIST_P128_N_SIZE 16 +#define HPRE_ECC_NIST_P192_N_SIZE 24 +#define HPRE_ECC_NIST_P224_N_SIZE 28 +#define HPRE_ECC_NIST_P256_N_SIZE 32 +#define HPRE_ECC_NIST_P320_N_SIZE 40 +#define HPRE_ECC_NIST_P384_N_SIZE 48 +#define HPRE_ECC_NIST_P521_N_SIZE 66 + +/* size in bytes */ +#define HPRE_ECC_HW256_KSZ_B 32 +#define HPRE_ECC_HW384_KSZ_B 48 +#define HPRE_ECC_HW576_KSZ_B 72 + +#define HPRE_ECDH_MAX_SZ HPRE_ECC_HW576_KSZ_B + +struct curve_param_desc { + __u32 id; + const unsigned char *p; + const unsigned char *a; + const unsigned char *b; + const unsigned char *gx; + const unsigned char *gy; + const unsigned char *n; +}; + +/* ECC CURVE PARAMS */ +/* 128 bits */ +static const unsigned char ecdh_p128_p[] = { + 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF +}; +static const unsigned char ecdh_p128_a[] = { + 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFC +}; +static const unsigned char ecdh_p128_b[] = { + 0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, 0xD8, 0x24, 0x99, 0x3C, + 0x2C, 0xEE, 0x5E, 0xD3 +}; +static const unsigned char ecdh_p128_x[] = { + 0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, 0x0C, 0x28, 0x60, 0x7C, + 0xA5, 0x2C, 0x5B, 0x86 +}; +static const unsigned char ecdh_p128_y[] = { + 0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d, 0xa2, 0x92, + 0xdd, 0xed, 0x7a, 0x83 +}; +static const unsigned char ecdh_p128_n[] = { + 0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x75, 0xA3, 0x0D, 0x1B, + 0x90, 0x38, 0xA1, 0x15 +}; + +/* 192 bits */ +static const unsigned char ecdh_p192_p[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; +static const unsigned char ecdh_p192_a[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC +}; +static const unsigned char ecdh_p192_b[] = { + 0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, 0x0F, 0xA7, 0xE9, 0xAB, + 0x72, 0x24, 0x30, 0x49, 0xFE, 0xB8, 0xDE, 0xEC, 0xC1, 0x46, 0xB9, 0xB1 +}; +static const unsigned char ecdh_p192_x[] = { + 0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, 0x7C, 0xBF, 0x20, 0xEB, + 0x43, 0xA1, 0x88, 0x00, 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12 +}; +static const unsigned char ecdh_p192_y[] = { + 0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10, 0x11, 0xed, + 0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1, 0x1e, 0x79, 0x48, 0x11 +}; +static const unsigned char ecdh_p192_n[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0x99, 0xDE, 0xF8, 0x36, 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31 +}; + +/* 224 bits */ +static const unsigned char ecdh_p224_p[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x
[PATCH 3/3] crypto: hisilicon/hpre - fix a bug in dh algorithm
Using 'g' equals 5 in dh algorithm may cause an error like this: arm-smmu-v3 arm-smmu-v3.1.auto: event 0x10 received: dh: Party A: generate public key test failed. err -22 11375.065672] dh alg: dh: test failed on vector 1, err=-22 arm-smmu-v3 arm-smmu-v3.1.auto: 0x7910 arm-smmu-v3 arm-smmu-v3.1.auto: 0x12080080 hpre-dh self test failed arm-smmu-v3 arm-smmu-v3.1.auto: 0x arm-smmu-v3 arm-smmu-v3.1.auto: 0x arm-smmu-v3 arm-smmu-v3.1.auto: event 0x10 received: arm-smmu-v3 arm-smmu-v3.1.auto: 0x7910 arm-smmu-v3 arm-smmu-v3.1.auto: 0x12080083 arm-smmu-v3 arm-smmu-v3.1.auto: 0x00c0 arm-smmu-v3 arm-smmu-v3.1.auto: 0x arm-smmu-v3 arm-smmu-v3.1.auto: event 0x10 received: arm-smmu-v3 arm-smmu-v3.1.auto: 0x7910 arm-smmu-v3 arm-smmu-v3.1.auto: 0x12080081 arm-smmu-v3 arm-smmu-v3.1.auto: 0x0040 arm-smmu-v3 arm-smmu-v3.1.auto: 0x arm-smmu-v3 arm-smmu-v3.1.auto: event 0x10 received: arm-smmu-v3 arm-smmu-v3.1.auto: 0x7910 arm-smmu-v3 arm-smmu-v3.1.auto: 0x12080082 arm-smmu-v3 arm-smmu-v3.1.auto: 0x0080 arm-smmu-v3 arm-smmu-v3.1.auto: 0x hisi_hpre :79:00.0: dat_rd_poison_int_set [error status=0x8] found hisi_hpre :79:00.0: ooo_rdrsp_err_int_set [error status=0xfc00] found hisi_hpre :79:00.0: Controller resetting... hisi_hpre :79:00.0: Controller reset complete {2}[Hardware Error]: Hardware error from APEI Generic Hardware Error Source: 0 {2}[Hardware Error]: event severity: recoverable {2}[Hardware Error]: Error 0, type: recoverable {2}[Hardware Error]: section type: unknown, c8b328a8-9917-4af6-9a13-2e08ab2e7586 {2}[Hardware Error]: section length: 0x4c as we didn't allocate memory for msg->in. Fixes: c8b4b477079d("crypto: hisilicon - add HiSilicon HPRE accelerator") Signed-off-by: Meng Yu --- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index 0cbe99a1..2d91593 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -528,6 +528,8 @@ static int hpre_dh_compute_value(struct kpp_request *req) ret = hpre_hw_data_init(hpre_req, req->src, req->src_len, 1, 1); if (unlikely(ret)) goto clear_all; + } else { + msg->in = cpu_to_le64((u64)ctx->dh.dma_g); } ret = hpre_hw_data_init(hpre_req, req->dst, req->dst_len, 0, 1); -- 2.8.1
[PATCH 2/3] crypto: hisilicon/hpre - adjust some coding style
Adjust some coding style to make code aligned. Signed-off-by: Meng Yu --- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 13 + 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d685992..0cbe99a1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -188,8 +188,7 @@ static int hpre_get_data_dma_addr(struct hpre_asym_request *hpre_req, hpre_req->dst = NULL; dma_dir = DMA_FROM_DEVICE; } - *tmp = dma_map_single(dev, sg_virt(data), - len, dma_dir); + *tmp = dma_map_single(dev, sg_virt(data), len, dma_dir); if (unlikely(dma_mapping_error(dev, *tmp))) { dev_err(dev, "dma map data err!\n"); return -ENOMEM; @@ -239,8 +238,8 @@ static int hpre_hw_data_init(struct hpre_asym_request *hpre_req, ((is_dh && !is_src) || !is_dh)) ret = hpre_get_data_dma_addr(hpre_req, data, len, is_src, &tmp); else - ret = hpre_prepare_dma_buf(hpre_req, data, len, - is_src, &tmp); + ret = hpre_prepare_dma_buf(hpre_req, data, len, is_src, &tmp); + if (unlikely(ret)) return ret; @@ -267,11 +266,9 @@ static void hpre_hw_data_clr_all(struct hpre_ctx *ctx, if (src) { if (req->src) - dma_free_coherent(dev, ctx->key_sz, - req->src, tmp); + dma_free_coherent(dev, ctx->key_sz, req->src, tmp); else - dma_unmap_single(dev, tmp, -ctx->key_sz, DMA_TO_DEVICE); + dma_unmap_single(dev, tmp, ctx->key_sz, DMA_TO_DEVICE); } tmp = le64_to_cpu(sqe->out); -- 2.8.1
[PATCH 1/3] crypto: hisilicon/hpre - delete an useless member
Remove unused member 'debug_root' in 'struct hpre_debug'. Fixes: 848974151618("crypto: hisilicon - Add debugfs for HPRE") Fixes: dadbe4c11753("crypto: hisilicon/hpre - update debugfs ...") Signed-off-by: Meng Yu --- drivers/crypto/hisilicon/hpre/hpre.h | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre.h b/drivers/crypto/hisilicon/hpre/hpre.h index ed730d1..f69252b 100644 --- a/drivers/crypto/hisilicon/hpre/hpre.h +++ b/drivers/crypto/hisilicon/hpre/hpre.h @@ -56,7 +56,6 @@ struct hpre_dfx { * Just relevant for PF. */ struct hpre_debug { - struct dentry *debug_root; struct hpre_dfx dfx[HPRE_DFX_FILE_NUM]; struct hpre_debugfs_file files[HPRE_DEBUGFS_FILE_NUM]; }; -- 2.8.1
[PATCH 0/3] crypto: hisilicon/hpre - misc clean up and fixes
Adjust some tiny coding problems and fix a bug of DH algorithm. Meng Yu (3): crypto: hisilicon/hpre - delete an useless member crypto: hisilicon/hpre - adjust some coding style crypto: hisilicon/hpre - fix a bug in dh algorithm drivers/crypto/hisilicon/hpre/hpre.h| 1 - drivers/crypto/hisilicon/hpre/hpre_crypto.c | 15 +++ 2 files changed, 7 insertions(+), 9 deletions(-) -- 2.8.1
[PATCH v2 1/6] crypto: hisilicon/hpre - Init the value of current_q of debugfs
Initialize current queue number as HPRE_PF_DEF_Q_NUM, or it is zero and we can't set its value by "current_q_write". Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Hui Tang --- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index a3ee127..3131347 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -732,6 +732,7 @@ static int hpre_qm_init(struct hisi_qm *qm, struct pci_dev *pdev) if (qm->fun_type == QM_HW_PF) { qm->qp_base = HPRE_PF_DEF_Q_BASE; qm->qp_num = pf_q_num; + qm->debug.curr_qm_qp_num = pf_q_num; qm->qm_list = &hpre_devices; } -- 2.8.1
[PATCH v2 6/6] crypto: hisilicon/hpre - disable FLR triggered by hardware
From: Hui Tang for Hi1620 hardware, we should disable these hardware flr: 1. BME_FLR - bit 7, 2. PM_FLR - bit 11, 3. SRIOV_FLR - bit 12, Or HPRE may goto D3 state, when we bind and unbind HPRE quickly, as it does FLR triggered by BME/PM/SRIOV. Fixes: c8b4b477079d("crypto: hisilicon - add HiSilicon HPRE accelerator") Signed-off-by: Hui Tang Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre_main.c | 26 ++ 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index b69cea3..b135c74 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -82,6 +82,10 @@ #define HPRE_CORE_ECC_2BIT_ERR BIT(1) #define HPRE_OOO_ECC_2BIT_ERR BIT(5) +#define HPRE_QM_BME_FLRBIT(7) +#define HPRE_QM_PM_FLR BIT(11) +#define HPRE_QM_SRIOV_FLR BIT(12) + #define HPRE_VIA_MSI_DSM 1 #define HPRE_SQE_MASK_OFFSET 8 #define HPRE_SQE_MASK_LEN 24 @@ -230,6 +234,22 @@ static int hpre_cfg_by_dsm(struct hisi_qm *qm) return 0; } +/* + * For Hi1620, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). + * Or it may stay in D3 state when we bind and unbind hpre quickly, + * as it does FLR triggered by hardware. + */ +static void disable_flr_of_bme(struct hisi_qm *qm) +{ + u32 val; + + val = readl(HPRE_ADDR(qm, QM_PEH_AXUSER_CFG)); + val &= ~(HPRE_QM_BME_FLR | HPRE_QM_SRIOV_FLR); + val |= HPRE_QM_PM_FLR; + writel(val, HPRE_ADDR(qm, QM_PEH_AXUSER_CFG)); + writel(PEH_AXUSER_CFG_ENABLE, HPRE_ADDR(qm, QM_PEH_AXUSER_CFG_ENABLE)); +} + static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) { struct device *dev = &qm->pdev->dev; @@ -241,10 +261,6 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_AWUSER_M_CFG_ENABLE)); writel_relaxed(HPRE_QM_AXI_CFG_MASK, HPRE_ADDR(qm, QM_AXI_M_CFG)); - /* disable FLR triggered by BME(bus master enable) */ - writel(PEH_AXUSER_CFG, HPRE_ADDR(qm, QM_PEH_AXUSER_CFG)); - writel(PEH_AXUSER_CFG_ENABLE, HPRE_ADDR(qm, QM_PEH_AXUSER_CFG_ENABLE)); - /* HPRE need more time, we close this interrupt */ val = readl_relaxed(HPRE_ADDR(qm, HPRE_QM_ABNML_INT_MASK)); val |= BIT(HPRE_TIMEOUT_ABNML_BIT); @@ -295,6 +311,8 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) if (ret) dev_err(dev, "acpi_evaluate_dsm err.\n"); + disable_flr_of_bme(qm); + return ret; } -- 2.8.1
[PATCH v2 0/6] crypto: hisilicon/hpre bugfix - misc fixes
Bugfix: crypto: hisilicon/hpre - modify the macros, add a switch in sriov_configure, unified debugfs interface, and disable hardware FLR. Hui Tang (2): crypto: hisilicon/hpre - HPRE_OVERTIME_THRHLD can be written by debugfs crypto: hisilicon/hpre - disable FLR triggered by hardware Meng Yu (4): crypto: hisilicon/hpre - Init the value of current_q of debugfs crypto: hisilicon/hpre - Modify the Macro definition and format crypto: hisilicon/hpre - Add a switch in sriov_configure crypto: hisilicon/hpre - update debugfs interface parameters drivers/crypto/hisilicon/hpre/hpre_main.c | 111 +- 1 file changed, 62 insertions(+), 49 deletions(-) -- 2.8.1
[PATCH v2 3/6] crypto: hisilicon/hpre - Modify the Macro definition and format
1. Bit 1 to bit 5 are NFE, not CE. 2. Macro 'HPRE_VF_NUM' is defined in 'qm.h', so delete it here. 3. Delete multiple blank lines. 4. Adjust format alignment. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Longfang Liu --- drivers/crypto/hisilicon/hpre/hpre_main.c | 12 +--- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 23f2e5c..da17729 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -12,7 +12,6 @@ #include #include "hpre.h" -#define HPRE_VF_NUM63 #define HPRE_QUEUE_NUM_V2 1024 #define HPRE_QM_ABNML_INT_MASK 0x14 #define HPRE_CTRL_CNT_CLR_CE_BIT BIT(0) @@ -46,9 +45,9 @@ #define HPRE_CORE_IS_SCHD_OFFSET 0x90 #define HPRE_RAS_CE_ENB0x301410 -#define HPRE_HAC_RAS_CE_ENABLE 0x3f +#define HPRE_HAC_RAS_CE_ENABLE 0x1 #define HPRE_RAS_NFE_ENB 0x301414 -#define HPRE_HAC_RAS_NFE_ENABLE0x3fffc0 +#define HPRE_HAC_RAS_NFE_ENABLE0x3e #define HPRE_RAS_FE_ENB0x301418 #define HPRE_HAC_RAS_FE_ENABLE 0 @@ -264,7 +263,7 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) writel(HPRE_BD_USR_MASK, HPRE_ADDR(qm, HPRE_BD_AWUSR_CFG)); writel(0x1, HPRE_ADDR(qm, HPRE_RDCHN_INI_CFG)); ret = readl_relaxed_poll_timeout(HPRE_ADDR(qm, HPRE_RDCHN_INI_ST), val, - val & BIT(0), +val & BIT(0), HPRE_REG_RD_INTVRL_US, HPRE_REG_RD_TMOUT_US); if (ret) { @@ -372,7 +371,6 @@ static int hpre_current_qm_write(struct hpre_debugfs_file *file, u32 val) u32 num_vfs = qm->vfs_num; u32 vfq_num, tmp; - if (val > num_vfs) return -EINVAL; @@ -449,7 +447,7 @@ static int hpre_cluster_inqry_write(struct hpre_debugfs_file *file, u32 val) } static ssize_t hpre_ctrl_debug_read(struct file *filp, char __user *buf, - size_t count, loff_t *pos) + size_t count, loff_t *pos) { struct hpre_debugfs_file *file = filp->private_data; char tbuf[HPRE_DBGFS_VAL_MAX_LEN]; @@ -477,7 +475,7 @@ static ssize_t hpre_ctrl_debug_read(struct file *filp, char __user *buf, } static ssize_t hpre_ctrl_debug_write(struct file *filp, const char __user *buf, - size_t count, loff_t *pos) +size_t count, loff_t *pos) { struct hpre_debugfs_file *file = filp->private_data; char tbuf[HPRE_DBGFS_VAL_MAX_LEN]; -- 2.8.1
[PATCH v2 4/6] crypto: hisilicon/hpre - Add a switch in sriov_configure
If CONFIG_PCI_IOV is not enabled, we can not use "sriov_configure". Fixes: 5ec302a364bf("crypto: hisilicon - add SRIOV support for HPRE") Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Shukun Tan --- drivers/crypto/hisilicon/hpre/hpre_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index da17729..37c2bc5 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -925,7 +925,8 @@ static struct pci_driver hpre_pci_driver = { .id_table = hpre_dev_ids, .probe = hpre_probe, .remove = hpre_remove, - .sriov_configure= hisi_qm_sriov_configure, + .sriov_configure= IS_ENABLED(CONFIG_PCI_IOV) ? + hisi_qm_sriov_configure : NULL, .err_handler= &hpre_err_handler, }; -- 2.8.1
[PATCH v2 5/6] crypto: hisilicon/hpre - update debugfs interface parameters
Update debugfs interface parameters, and adjust the processing logic inside the corresponding function. Fixes: 848974151618("crypto: hisilicon - Add debugfs for HPRE") Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre_main.c | 59 ++- 1 file changed, 26 insertions(+), 33 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 37c2bc5..b69cea3 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -563,15 +563,17 @@ static int hpre_debugfs_atomic64_set(void *data, u64 val) DEFINE_DEBUGFS_ATTRIBUTE(hpre_atomic64_ops, hpre_debugfs_atomic64_get, hpre_debugfs_atomic64_set, "%llu\n"); -static int hpre_create_debugfs_file(struct hpre_debug *dbg, struct dentry *dir, +static int hpre_create_debugfs_file(struct hisi_qm *qm, struct dentry *dir, enum hpre_ctrl_dbgfs_file type, int indx) { + struct hpre *hpre = container_of(qm, struct hpre, qm); + struct hpre_debug *dbg = &hpre->debug; struct dentry *file_dir; if (dir) file_dir = dir; else - file_dir = dbg->debug_root; + file_dir = qm->debug.debug_root; if (type >= HPRE_DEBUG_FILE_NUM) return -EINVAL; @@ -586,10 +588,8 @@ static int hpre_create_debugfs_file(struct hpre_debug *dbg, struct dentry *dir, return 0; } -static int hpre_pf_comm_regs_debugfs_init(struct hpre_debug *debug) +static int hpre_pf_comm_regs_debugfs_init(struct hisi_qm *qm) { - struct hpre *hpre = container_of(debug, struct hpre, debug); - struct hisi_qm *qm = &hpre->qm; struct device *dev = &qm->pdev->dev; struct debugfs_regset32 *regset; @@ -601,14 +601,12 @@ static int hpre_pf_comm_regs_debugfs_init(struct hpre_debug *debug) regset->nregs = ARRAY_SIZE(hpre_com_dfx_regs); regset->base = qm->io_base; - debugfs_create_regset32("regs", 0444, debug->debug_root, regset); + debugfs_create_regset32("regs", 0444, qm->debug.debug_root, regset); return 0; } -static int hpre_cluster_debugfs_init(struct hpre_debug *debug) +static int hpre_cluster_debugfs_init(struct hisi_qm *qm) { - struct hpre *hpre = container_of(debug, struct hpre, debug); - struct hisi_qm *qm = &hpre->qm; struct device *dev = &qm->pdev->dev; char buf[HPRE_DBGFS_VAL_MAX_LEN]; struct debugfs_regset32 *regset; @@ -619,7 +617,7 @@ static int hpre_cluster_debugfs_init(struct hpre_debug *debug) ret = snprintf(buf, HPRE_DBGFS_VAL_MAX_LEN, "cluster%d", i); if (ret < 0) return -EINVAL; - tmp_d = debugfs_create_dir(buf, debug->debug_root); + tmp_d = debugfs_create_dir(buf, qm->debug.debug_root); regset = devm_kzalloc(dev, sizeof(*regset), GFP_KERNEL); if (!regset) @@ -630,7 +628,7 @@ static int hpre_cluster_debugfs_init(struct hpre_debug *debug) regset->base = qm->io_base + hpre_cluster_offsets[i]; debugfs_create_regset32("regs", 0444, tmp_d, regset); - ret = hpre_create_debugfs_file(debug, tmp_d, HPRE_CLUSTER_CTRL, + ret = hpre_create_debugfs_file(qm, tmp_d, HPRE_CLUSTER_CTRL, i + HPRE_CLUSTER_CTRL); if (ret) return ret; @@ -639,32 +637,31 @@ static int hpre_cluster_debugfs_init(struct hpre_debug *debug) return 0; } -static int hpre_ctrl_debug_init(struct hpre_debug *debug) +static int hpre_ctrl_debug_init(struct hisi_qm *qm) { int ret; - ret = hpre_create_debugfs_file(debug, NULL, HPRE_CURRENT_QM, + ret = hpre_create_debugfs_file(qm, NULL, HPRE_CURRENT_QM, HPRE_CURRENT_QM); if (ret) return ret; - ret = hpre_create_debugfs_file(debug, NULL, HPRE_CLEAR_ENABLE, + ret = hpre_create_debugfs_file(qm, NULL, HPRE_CLEAR_ENABLE, HPRE_CLEAR_ENABLE); if (ret) return ret; - ret = hpre_pf_comm_regs_debugfs_init(debug); + ret = hpre_pf_comm_regs_debugfs_init(qm); if (ret) return ret; - return hpre_cluster_debugfs_init(debug); + return hpre_cluster_debugfs_init(qm); } -static void hpre_dfx_debug_init(struct hpre_debug *debug) +static void hpre_dfx_debug_init(struct hisi_qm *qm) { - struct hpre *hpre = container_of(debug, struct hpre, debug); + struct hpre *hpre = container_of(qm, struct hpre, qm); struct hpre_dfx *dfx = hpre->debug.dfx; -
[PATCH v2 2/6] crypto: hisilicon/hpre - HPRE_OVERTIME_THRHLD can be written by debugfs
From: Hui Tang Registers in "hpre_dfx_files" can only be cleaned to zero but HPRE_OVERTIME_THRHLD, which can be written as any number. Fixes: 64a6301ebee7("crypto: hisilicon/hpre - add debugfs for ...") Signed-off-by: Hui Tang Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Zhou Wang --- drivers/crypto/hisilicon/hpre/hpre_main.c | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 3131347..23f2e5c 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -548,13 +548,15 @@ static int hpre_debugfs_atomic64_get(void *data, u64 *val) static int hpre_debugfs_atomic64_set(void *data, u64 val) { struct hpre_dfx *dfx_item = data; - struct hpre_dfx *hpre_dfx = dfx_item - HPRE_OVERTIME_THRHLD; + struct hpre_dfx *hpre_dfx = NULL; - if (val) + if (dfx_item->type == HPRE_OVERTIME_THRHLD) { + hpre_dfx = dfx_item - HPRE_OVERTIME_THRHLD; + atomic64_set(&hpre_dfx[HPRE_OVER_THRHLD_CNT].value, 0); + } else if (val) { return -EINVAL; + } - if (dfx_item->type == HPRE_OVERTIME_THRHLD) - atomic64_set(&hpre_dfx[HPRE_OVER_THRHLD_CNT].value, 0); atomic64_set(&dfx_item->value, val); return 0; -- 2.8.1
[PATCH 5/6] crypto: hisilicon/hpre - update debugfs interface parameters
Update debugfs interface parameters, and adjust the processing logic inside the corresponding function. Fixes: 848974151618("crypto: hisilicon - Add debugfs for HPRE") Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre_main.c | 61 ++- 1 file changed, 27 insertions(+), 34 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index bfe8a91..6f7a453 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -567,15 +567,17 @@ static int hpre_debugfs_atomic64_set(void *data, u64 val) DEFINE_DEBUGFS_ATTRIBUTE(hpre_atomic64_ops, hpre_debugfs_atomic64_get, hpre_debugfs_atomic64_set, "%llu\n"); -static int hpre_create_debugfs_file(struct hpre_debug *dbg, struct dentry *dir, +static int hpre_create_debugfs_file(struct hisi_qm *qm, struct dentry *dir, enum hpre_ctrl_dbgfs_file type, int indx) { + struct hpre *hpre = container_of(qm, struct hpre, qm); + struct hpre_debug *dbg = &hpre->debug; struct dentry *file_dir; if (dir) file_dir = dir; else - file_dir = dbg->debug_root; + file_dir = qm->debug.debug_root; if (type >= HPRE_DEBUG_FILE_NUM) return -EINVAL; @@ -590,10 +592,8 @@ static int hpre_create_debugfs_file(struct hpre_debug *dbg, struct dentry *dir, return 0; } -static int hpre_pf_comm_regs_debugfs_init(struct hpre_debug *debug) +static int hpre_pf_comm_regs_debugfs_init(struct hisi_qm *qm) { - struct hpre *hpre = container_of(debug, struct hpre, debug); - struct hisi_qm *qm = &hpre->qm; struct device *dev = &qm->pdev->dev; struct debugfs_regset32 *regset; @@ -605,14 +605,13 @@ static int hpre_pf_comm_regs_debugfs_init(struct hpre_debug *debug) regset->nregs = ARRAY_SIZE(hpre_com_dfx_regs); regset->base = qm->io_base; - debugfs_create_regset32("regs", 0444, debug->debug_root, regset); + debugfs_create_regset32("regs", 0444, qm->debug.debug_root, regset); return 0; } -static int hpre_cluster_debugfs_init(struct hpre_debug *debug) +static int hpre_cluster_debugfs_init(struct hisi_qm *qm) { - struct hpre *hpre = container_of(debug, struct hpre, debug); - struct hisi_qm *qm = &hpre->qm; + struct hpre *hpre = container_of(qm, struct hpre, qm); struct device *dev = &qm->pdev->dev; char buf[HPRE_DBGFS_VAL_MAX_LEN]; struct debugfs_regset32 *regset; @@ -623,7 +622,7 @@ static int hpre_cluster_debugfs_init(struct hpre_debug *debug) ret = snprintf(buf, HPRE_DBGFS_VAL_MAX_LEN, "cluster%d", i); if (ret < 0) return -EINVAL; - tmp_d = debugfs_create_dir(buf, debug->debug_root); + tmp_d = debugfs_create_dir(buf, qm->debug.debug_root); regset = devm_kzalloc(dev, sizeof(*regset), GFP_KERNEL); if (!regset) @@ -634,7 +633,7 @@ static int hpre_cluster_debugfs_init(struct hpre_debug *debug) regset->base = qm->io_base + hpre_cluster_offsets[i]; debugfs_create_regset32("regs", 0444, tmp_d, regset); - ret = hpre_create_debugfs_file(debug, tmp_d, HPRE_CLUSTER_CTRL, + ret = hpre_create_debugfs_file(qm, tmp_d, HPRE_CLUSTER_CTRL, i + HPRE_CLUSTER_CTRL); if (ret) return ret; @@ -643,32 +642,31 @@ static int hpre_cluster_debugfs_init(struct hpre_debug *debug) return 0; } -static int hpre_ctrl_debug_init(struct hpre_debug *debug) +static int hpre_ctrl_debug_init(struct hisi_qm *qm) { int ret; - ret = hpre_create_debugfs_file(debug, NULL, HPRE_CURRENT_QM, + ret = hpre_create_debugfs_file(qm, NULL, HPRE_CURRENT_QM, HPRE_CURRENT_QM); if (ret) return ret; - ret = hpre_create_debugfs_file(debug, NULL, HPRE_CLEAR_ENABLE, + ret = hpre_create_debugfs_file(qm, NULL, HPRE_CLEAR_ENABLE, HPRE_CLEAR_ENABLE); if (ret) return ret; - ret = hpre_pf_comm_regs_debugfs_init(debug); + ret = hpre_pf_comm_regs_debugfs_init(qm); if (ret) return ret; - return hpre_cluster_debugfs_init(debug); + return hpre_cluster_debugfs_init(qm); } -static void hpre_dfx_debug_init(struct hpre_debug *debug) +static void hpre_dfx_debug_init(struct hisi_qm *qm) { - struct hpre *hpre = container_of(debug, struct hpre, debug); + struct hpre *hpre = container_of(qm, struct hpr
[PATCH 1/6] crypto: hisilicon/hpre - Init the value of current_q of debugfs
Initialize current queue number as HPRE_PF_DEF_Q_NUM, or it is zero and we can't set its value by "current_q_write". Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reviewed-by: Hui Tang --- drivers/crypto/hisilicon/hpre/hpre_main.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 52d605b..624276b 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -737,6 +737,7 @@ static int hpre_qm_init(struct hisi_qm *qm, struct pci_dev *pdev) if (qm->fun_type == QM_HW_PF) { qm->qp_base = HPRE_PF_DEF_Q_BASE; qm->qp_num = pf_q_num; + qm->debug.curr_qm_qp_num = pf_q_num; qm->qm_list = &hpre_devices; } -- 2.8.1
[PATCH 6/6] crypto: hisilicon/hpre - disable FLR triggered by hardware
From: Hui Tang for Hi1620 hardware, we should disable these hardware flr: 1. BME_FLR - bit 7, 2. PM_FLR - bit 11, 3. SRIOV_FLR - bit 12, Or HPRE may goto D3 state, when we bind and unbind HPRE quickly, as it does FLR triggered by BME/PM/SRIOV. Fixes: c8b4b477079d("crypto: hisilicon - add HiSilicon HPRE accelerator") Signed-off-by: Hui Tang Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre_main.c | 25 + 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_main.c b/drivers/crypto/hisilicon/hpre/hpre_main.c index 6f7a453..6d8a110 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_main.c +++ b/drivers/crypto/hisilicon/hpre/hpre_main.c @@ -82,6 +82,10 @@ #define HPRE_CORE_ECC_2BIT_ERR BIT(1) #define HPRE_OOO_ECC_2BIT_ERR BIT(5) +#define HPRE_QM_BME_FLRBIT(7) +#define HPRE_QM_PM_FLR BIT(11) +#define HPRE_QM_SRIOV_FLR BIT(12) + #define HPRE_VIA_MSI_DSM 1 #define HPRE_SQE_MASK_OFFSET 8 #define HPRE_SQE_MASK_LEN 24 @@ -234,6 +238,21 @@ static int hpre_cfg_by_dsm(struct hisi_qm *qm) return 0; } +/* for Hi1620, we shoul disable FLR triggered by hardware (BME/PM/SRIOV). + * Or it may stay in D3 state when we bind and unbind hpre quickly, + * as it does FLR triggered by hardware. + */ +static void disable_flr_of_bme(struct hisi_qm *qm) +{ + u32 val; + + val = readl(HPRE_ADDR(qm, QM_PEH_AXUSER_CFG)); + val &= ~(HPRE_QM_BME_FLR | HPRE_QM_SRIOV_FLR); + val |= HPRE_QM_PM_FLR; + writel(val, HPRE_ADDR(qm, QM_PEH_AXUSER_CFG)); + writel(PEH_AXUSER_CFG_ENABLE, HPRE_ADDR(qm, QM_PEH_AXUSER_CFG_ENABLE)); +} + static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) { struct device *dev = &qm->pdev->dev; @@ -245,10 +264,6 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) writel(HPRE_QM_USR_CFG_MASK, HPRE_ADDR(qm, QM_AWUSER_M_CFG_ENABLE)); writel_relaxed(HPRE_QM_AXI_CFG_MASK, HPRE_ADDR(qm, QM_AXI_M_CFG)); - /* disable FLR triggered by BME(bus master enable) */ - writel(PEH_AXUSER_CFG, HPRE_ADDR(qm, QM_PEH_AXUSER_CFG)); - writel(PEH_AXUSER_CFG_ENABLE, HPRE_ADDR(qm, QM_PEH_AXUSER_CFG_ENABLE)); - /* HPRE need more time, we close this interrupt */ val = readl_relaxed(HPRE_ADDR(qm, HPRE_QM_ABNML_INT_MASK)); val |= BIT(HPRE_TIMEOUT_ABNML_BIT); @@ -299,6 +314,8 @@ static int hpre_set_user_domain_and_cache(struct hisi_qm *qm) if (ret) dev_err(dev, "acpi_evaluate_dsm err.\n"); + disable_flr_of_bme(qm); + return ret; } -- 2.8.1