2 * drivers/crypto/tegra-aes.c
4 * Driver for NVIDIA Tegra AES hardware engine residing inside the
5 * Bit Stream Engine for Video (BSEV) hardware block.
7 * The programming sequence for this engine is with the help
8 * of commands which travel via a command queue residing between the
9 * CPU and the BSEV block. The BSEV engine has an internal RAM (VRAM)
10 * where the final input plaintext, keys and the IV have to be copied
11 * before starting the encrypt/decrypt operation.
13 * Copyright (c) 2010, NVIDIA Corporation.
15 * This program is free software; you can redistribute it and/or modify
16 * it under the terms of the GNU General Public License as published by
17 * the Free Software Foundation; either version 2 of the License, or
18 * (at your option) any later version.
20 * This program is distributed in the hope that it will be useful, but WITHOUT
21 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
22 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
25 * You should have received a copy of the GNU General Public License along
26 * with this program; if not, write to the Free Software Foundation, Inc.,
27 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
30 #include <linux/module.h>
31 #include <linux/init.h>
32 #include <linux/errno.h>
33 #include <linux/kernel.h>
34 #include <linux/clk.h>
35 #include <linux/platform_device.h>
36 #include <linux/scatterlist.h>
37 #include <linux/dma-mapping.h>
39 #include <linux/mutex.h>
40 #include <linux/interrupt.h>
41 #include <linux/completion.h>
42 #include <linux/workqueue.h>
44 #include <crypto/scatterwalk.h>
45 #include <crypto/aes.h>
46 #include <crypto/internal/rng.h>
48 #include "tegra-aes.h"
50 #define FLAGS_MODE_MASK 0x00FF
51 #define FLAGS_ENCRYPT BIT(0)
52 #define FLAGS_CBC BIT(1)
53 #define FLAGS_GIV BIT(2)
54 #define FLAGS_RNG BIT(3)
55 #define FLAGS_OFB BIT(4)
56 #define FLAGS_NEW_KEY BIT(5)
57 #define FLAGS_NEW_IV BIT(6)
58 #define FLAGS_INIT BIT(7)
59 #define FLAGS_FAST BIT(8)
63 * Defines AES engine Max process bytes size in one go, which takes 1 msec.
64 * AES engine spends about 176 cycles/16-bytes or 11 cycles/byte
65 * The duration CPU can use the BSE to 1 msec, then the number of available
66 * cycles of AVP/BSE is 216K. In this duration, AES can process 216/11 ~= 19KB
67 * Based on this AES_HW_DMA_BUFFER_SIZE_BYTES is configured to 16KB.
69 #define AES_HW_DMA_BUFFER_SIZE_BYTES 0x4000
72 * The key table length is 64 bytes
73 * (This includes first upto 32 bytes key + 16 bytes original initial vector
74 * and 16 bytes updated initial vector)
76 #define AES_HW_KEY_TABLE_LENGTH_BYTES 64
79 * The memory being used is divides as follows:
81 * 2. Original IV - 16 bytes
82 * 3. Updated IV - 16 bytes
83 * 4. Key schedule - 256 bytes
85 * 1+2+3 constitute the hw key table.
87 #define AES_HW_IV_SIZE 16
88 #define AES_HW_KEYSCHEDULE_LEN 256
89 #define AES_IVKEY_SIZE (AES_HW_KEY_TABLE_LENGTH_BYTES + AES_HW_KEYSCHEDULE_LEN)
91 /* Define commands required for AES operation */
93 CMD_BLKSTARTENGINE = 0x0E,
95 CMD_DMACOMPLETE = 0x11,
100 /* Define sub-commands */
102 SUBCMD_VRAM_SEL = 0x1,
103 SUBCMD_CRYPTO_TABLE_SEL = 0x3,
104 SUBCMD_KEY_TABLE_SEL = 0x8,
107 /* memdma_vd command */
108 #define MEMDMA_DIR_DTOVRAM 0 /* sdram -> vram */
109 #define MEMDMA_DIR_VTODRAM 1 /* vram -> sdram */
110 #define MEMDMA_DIR_SHIFT 25
111 #define MEMDMA_NUM_WORDS_SHIFT 12
113 /* command queue bit shifts */
115 CMDQ_KEYTABLEADDR_SHIFT = 0,
116 CMDQ_KEYTABLEID_SHIFT = 17,
117 CMDQ_VRAMSEL_SHIFT = 23,
118 CMDQ_TABLESEL_SHIFT = 24,
119 CMDQ_OPCODE_SHIFT = 26,
123 * The secure key slot contains a unique secure key generated
124 * and loaded by the bootloader. This slot is marked as non-accessible
127 #define SSK_SLOT_NUM 4
129 #define AES_NR_KEYSLOTS 8
130 #define TEGRA_AES_QUEUE_LENGTH 50
131 #define DEFAULT_RNG_BLK_SZ 16
133 /* The command queue depth */
134 #define AES_HW_MAX_ICQ_LENGTH 5
136 struct tegra_aes_slot {
137 struct list_head node;
141 static struct tegra_aes_slot ssk = {
142 .slot_num = SSK_SLOT_NUM,
145 struct tegra_aes_reqctx {
149 struct tegra_aes_dev {
151 void __iomem *io_base;
152 dma_addr_t ivkey_phys_base;
153 void __iomem *ivkey_base;
155 struct tegra_aes_ctx *ctx;
158 struct completion op_complete;
160 dma_addr_t dma_buf_in;
162 dma_addr_t dma_buf_out;
164 u8 dt[DEFAULT_RNG_BLK_SZ];
168 struct crypto_queue queue;
169 struct tegra_aes_slot *slots;
170 struct ablkcipher_request *req;
172 struct scatterlist *in_sg;
174 struct scatterlist *out_sg;
178 static struct tegra_aes_dev *aes_dev;
180 struct tegra_aes_ctx {
181 struct tegra_aes_dev *dd;
183 struct tegra_aes_slot *slot;
184 u8 key[AES_MAX_KEY_SIZE];
188 static struct tegra_aes_ctx rng_ctx = {
189 .flags = FLAGS_NEW_KEY,
190 .keylen = AES_KEYSIZE_128,
193 /* keep registered devices data here */
194 static struct list_head dev_list;
195 static DEFINE_SPINLOCK(list_lock);
196 static DEFINE_MUTEX(aes_lock);
198 static void aes_workqueue_handler(struct work_struct *work);
199 static DECLARE_WORK(aes_work, aes_workqueue_handler);
200 static struct workqueue_struct *aes_wq;
202 static inline u32 aes_readl(struct tegra_aes_dev *dd, u32 offset)
204 return readl(dd->io_base + offset);
207 static inline void aes_writel(struct tegra_aes_dev *dd, u32 val, u32 offset)
209 writel(val, dd->io_base + offset);
212 static int aes_start_crypt(struct tegra_aes_dev *dd, u32 in_addr, u32 out_addr,
213 int nblocks, int mode, bool upd_iv)
215 u32 cmdq[AES_HW_MAX_ICQ_LENGTH];
216 int i, eng_busy, icq_empty, ret;
219 /* reset all the interrupt bits */
220 aes_writel(dd, 0xFFFFFFFF, TEGRA_AES_INTR_STATUS);
222 /* enable error, dma xfer complete interrupts */
223 aes_writel(dd, 0x33, TEGRA_AES_INT_ENB);
225 cmdq[0] = CMD_DMASETUP << CMDQ_OPCODE_SHIFT;
227 cmdq[2] = CMD_BLKSTARTENGINE << CMDQ_OPCODE_SHIFT | (nblocks-1);
228 cmdq[3] = CMD_DMACOMPLETE << CMDQ_OPCODE_SHIFT;
230 value = aes_readl(dd, TEGRA_AES_CMDQUE_CONTROL);
231 /* access SDRAM through AHB */
232 value &= ~TEGRA_AES_CMDQ_CTRL_SRC_STM_SEL_FIELD;
233 value &= ~TEGRA_AES_CMDQ_CTRL_DST_STM_SEL_FIELD;
234 value |= TEGRA_AES_CMDQ_CTRL_SRC_STM_SEL_FIELD |
235 TEGRA_AES_CMDQ_CTRL_DST_STM_SEL_FIELD |
236 TEGRA_AES_CMDQ_CTRL_ICMDQEN_FIELD;
237 aes_writel(dd, value, TEGRA_AES_CMDQUE_CONTROL);
238 dev_dbg(dd->dev, "cmd_q_ctrl=0x%x", value);
240 value = (0x1 << TEGRA_AES_SECURE_INPUT_ALG_SEL_SHIFT) |
241 ((dd->ctx->keylen * 8) <<
242 TEGRA_AES_SECURE_INPUT_KEY_LEN_SHIFT) |
243 ((u32)upd_iv << TEGRA_AES_SECURE_IV_SELECT_SHIFT);
245 if (mode & FLAGS_CBC) {
246 value |= ((((mode & FLAGS_ENCRYPT) ? 2 : 3)
247 << TEGRA_AES_SECURE_XOR_POS_SHIFT) |
248 (((mode & FLAGS_ENCRYPT) ? 2 : 3)
249 << TEGRA_AES_SECURE_VCTRAM_SEL_SHIFT) |
250 ((mode & FLAGS_ENCRYPT) ? 1 : 0)
251 << TEGRA_AES_SECURE_CORE_SEL_SHIFT);
252 } else if (mode & FLAGS_OFB) {
253 value |= ((TEGRA_AES_SECURE_XOR_POS_FIELD) |
254 (2 << TEGRA_AES_SECURE_INPUT_SEL_SHIFT) |
255 (TEGRA_AES_SECURE_CORE_SEL_FIELD));
256 } else if (mode & FLAGS_RNG) {
257 value |= (((mode & FLAGS_ENCRYPT) ? 1 : 0)
258 << TEGRA_AES_SECURE_CORE_SEL_SHIFT |
259 TEGRA_AES_SECURE_RNG_ENB_FIELD);
261 value |= (((mode & FLAGS_ENCRYPT) ? 1 : 0)
262 << TEGRA_AES_SECURE_CORE_SEL_SHIFT);
265 dev_dbg(dd->dev, "secure_in_sel=0x%x", value);
266 aes_writel(dd, value, TEGRA_AES_SECURE_INPUT_SELECT);
268 aes_writel(dd, out_addr, TEGRA_AES_SECURE_DEST_ADDR);
269 INIT_COMPLETION(dd->op_complete);
271 for (i = 0; i < AES_HW_MAX_ICQ_LENGTH - 1; i++) {
273 value = aes_readl(dd, TEGRA_AES_INTR_STATUS);
274 eng_busy = value & TEGRA_AES_ENGINE_BUSY_FIELD;
275 icq_empty = value & TEGRA_AES_ICQ_EMPTY_FIELD;
276 } while (eng_busy && !icq_empty);
277 aes_writel(dd, cmdq[i], TEGRA_AES_ICMDQUE_WR);
280 ret = wait_for_completion_timeout(&dd->op_complete,
281 msecs_to_jiffies(150));
283 dev_err(dd->dev, "timed out (0x%x)\n",
284 aes_readl(dd, TEGRA_AES_INTR_STATUS));
288 aes_writel(dd, cmdq[AES_HW_MAX_ICQ_LENGTH - 1], TEGRA_AES_ICMDQUE_WR);
292 static void aes_release_key_slot(struct tegra_aes_slot *slot)
294 if (slot->slot_num == SSK_SLOT_NUM)
297 spin_lock(&list_lock);
298 list_add_tail(&slot->node, &dev_list);
300 spin_unlock(&list_lock);
303 static struct tegra_aes_slot *aes_find_key_slot(void)
305 struct tegra_aes_slot *slot = NULL;
306 struct list_head *new_head;
309 spin_lock(&list_lock);
310 empty = list_empty(&dev_list);
312 slot = list_entry(&dev_list, struct tegra_aes_slot, node);
313 new_head = dev_list.next;
315 dev_list.next = new_head->next;
316 dev_list.prev = NULL;
318 spin_unlock(&list_lock);
323 static int aes_set_key(struct tegra_aes_dev *dd)
326 struct tegra_aes_ctx *ctx = dd->ctx;
327 int eng_busy, icq_empty, dma_busy;
328 bool use_ssk = false;
331 if (!dd->ctx->slot) {
332 dev_dbg(dd->dev, "using ssk");
333 dd->ctx->slot = &ssk;
337 /* enable key schedule generation in hardware */
338 value = aes_readl(dd, TEGRA_AES_SECURE_CONFIG_EXT);
339 value &= ~TEGRA_AES_SECURE_KEY_SCH_DIS_FIELD;
340 aes_writel(dd, value, TEGRA_AES_SECURE_CONFIG_EXT);
342 /* select the key slot */
343 value = aes_readl(dd, TEGRA_AES_SECURE_CONFIG);
344 value &= ~TEGRA_AES_SECURE_KEY_INDEX_FIELD;
345 value |= (ctx->slot->slot_num << TEGRA_AES_SECURE_KEY_INDEX_SHIFT);
346 aes_writel(dd, value, TEGRA_AES_SECURE_CONFIG);
351 /* copy the key table from sdram to vram */
352 cmdq[0] = CMD_MEMDMAVD << CMDQ_OPCODE_SHIFT |
353 MEMDMA_DIR_DTOVRAM << MEMDMA_DIR_SHIFT |
354 AES_HW_KEY_TABLE_LENGTH_BYTES / sizeof(u32) <<
355 MEMDMA_NUM_WORDS_SHIFT;
356 cmdq[1] = (u32)dd->ivkey_phys_base;
358 aes_writel(dd, cmdq[0], TEGRA_AES_ICMDQUE_WR);
359 aes_writel(dd, cmdq[1], TEGRA_AES_ICMDQUE_WR);
362 value = aes_readl(dd, TEGRA_AES_INTR_STATUS);
363 eng_busy = value & TEGRA_AES_ENGINE_BUSY_FIELD;
364 icq_empty = value & TEGRA_AES_ICQ_EMPTY_FIELD;
365 dma_busy = value & TEGRA_AES_DMA_BUSY_FIELD;
366 } while (eng_busy && !icq_empty && dma_busy);
368 /* settable command to get key into internal registers */
369 value = CMD_SETTABLE << CMDQ_OPCODE_SHIFT |
370 SUBCMD_CRYPTO_TABLE_SEL << CMDQ_TABLESEL_SHIFT |
371 SUBCMD_VRAM_SEL << CMDQ_VRAMSEL_SHIFT |
372 (SUBCMD_KEY_TABLE_SEL | ctx->slot->slot_num) <<
373 CMDQ_KEYTABLEID_SHIFT;
374 aes_writel(dd, value, TEGRA_AES_ICMDQUE_WR);
377 value = aes_readl(dd, TEGRA_AES_INTR_STATUS);
378 eng_busy = value & TEGRA_AES_ENGINE_BUSY_FIELD;
379 icq_empty = value & TEGRA_AES_ICQ_EMPTY_FIELD;
380 } while (eng_busy && !icq_empty);
385 static int tegra_aes_handle_req(struct tegra_aes_dev *dd)
387 struct crypto_async_request *async_req, *backlog;
388 struct crypto_ablkcipher *tfm;
389 struct tegra_aes_ctx *ctx;
390 struct tegra_aes_reqctx *rctx;
391 struct ablkcipher_request *req;
393 int dma_max = AES_HW_DMA_BUFFER_SIZE_BYTES;
394 int ret = 0, nblocks, total;
396 dma_addr_t addr_in, addr_out;
397 struct scatterlist *in_sg, *out_sg;
402 spin_lock_irqsave(&dd->lock, flags);
403 backlog = crypto_get_backlog(&dd->queue);
404 async_req = crypto_dequeue_request(&dd->queue);
406 clear_bit(FLAGS_BUSY, &dd->flags);
407 spin_unlock_irqrestore(&dd->lock, flags);
413 backlog->complete(backlog, -EINPROGRESS);
415 req = ablkcipher_request_cast(async_req);
417 dev_dbg(dd->dev, "%s: get new req\n", __func__);
419 if (!req->src || !req->dst)
422 /* take mutex to access the aes hw */
423 mutex_lock(&aes_lock);
425 /* assign new request to device */
427 dd->total = req->nbytes;
429 dd->in_sg = req->src;
431 dd->out_sg = req->dst;
438 tfm = crypto_ablkcipher_reqtfm(req);
439 rctx = ablkcipher_request_ctx(req);
440 ctx = crypto_ablkcipher_ctx(tfm);
441 rctx->mode &= FLAGS_MODE_MASK;
442 dd->flags = (dd->flags & ~FLAGS_MODE_MASK) | rctx->mode;
444 dd->iv = (u8 *)req->info;
445 dd->ivlen = crypto_ablkcipher_ivsize(tfm);
447 /* assign new context to device */
451 if (ctx->flags & FLAGS_NEW_KEY) {
453 memcpy(dd->ivkey_base, ctx->key, ctx->keylen);
454 memset(dd->ivkey_base + ctx->keylen, 0, AES_HW_KEY_TABLE_LENGTH_BYTES - ctx->keylen);
456 ctx->flags &= ~FLAGS_NEW_KEY;
459 if (((dd->flags & FLAGS_CBC) || (dd->flags & FLAGS_OFB)) && dd->iv) {
460 /* set iv to the aes hw slot
461 * Hw generates updated iv only after iv is set in slot.
462 * So key and iv is passed asynchronously.
464 memcpy(dd->buf_in, dd->iv, dd->ivlen);
466 ret = aes_start_crypt(dd, (u32)dd->dma_buf_in,
467 dd->dma_buf_out, 1, FLAGS_CBC, false);
469 dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret);
475 dev_dbg(dd->dev, "remain: %d\n", total);
476 ret = dma_map_sg(dd->dev, in_sg, 1, DMA_TO_DEVICE);
478 dev_err(dd->dev, "dma_map_sg() error\n");
482 ret = dma_map_sg(dd->dev, out_sg, 1, DMA_FROM_DEVICE);
484 dev_err(dd->dev, "dma_map_sg() error\n");
485 dma_unmap_sg(dd->dev, dd->in_sg,
490 addr_in = sg_dma_address(in_sg);
491 addr_out = sg_dma_address(out_sg);
492 dd->flags |= FLAGS_FAST;
493 count = min_t(int, sg_dma_len(in_sg), dma_max);
494 WARN_ON(sg_dma_len(in_sg) != sg_dma_len(out_sg));
495 nblocks = DIV_ROUND_UP(count, AES_BLOCK_SIZE);
497 ret = aes_start_crypt(dd, addr_in, addr_out, nblocks,
500 dma_unmap_sg(dd->dev, out_sg, 1, DMA_FROM_DEVICE);
501 dma_unmap_sg(dd->dev, in_sg, 1, DMA_TO_DEVICE);
504 dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret);
507 dd->flags &= ~FLAGS_FAST;
509 dev_dbg(dd->dev, "out: copied %d\n", count);
511 in_sg = sg_next(in_sg);
512 out_sg = sg_next(out_sg);
513 WARN_ON(((total != 0) && (!in_sg || !out_sg)));
517 mutex_unlock(&aes_lock);
521 if (dd->req->base.complete)
522 dd->req->base.complete(&dd->req->base, ret);
524 dev_dbg(dd->dev, "%s: exit\n", __func__);
528 static int tegra_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
531 struct tegra_aes_ctx *ctx = crypto_ablkcipher_ctx(tfm);
532 struct tegra_aes_dev *dd = aes_dev;
533 struct tegra_aes_slot *key_slot;
535 if ((keylen != AES_KEYSIZE_128) && (keylen != AES_KEYSIZE_192) &&
536 (keylen != AES_KEYSIZE_256)) {
537 dev_err(dd->dev, "unsupported key size\n");
538 crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
542 dev_dbg(dd->dev, "keylen: %d\n", keylen);
548 key_slot = aes_find_key_slot();
550 dev_err(dd->dev, "no empty slot\n");
554 ctx->slot = key_slot;
557 memcpy(ctx->key, key, keylen);
558 ctx->keylen = keylen;
561 ctx->flags |= FLAGS_NEW_KEY;
562 dev_dbg(dd->dev, "done\n");
566 static void aes_workqueue_handler(struct work_struct *work)
568 struct tegra_aes_dev *dd = aes_dev;
571 ret = clk_prepare_enable(dd->aes_clk);
573 BUG_ON("clock enable failed");
575 /* empty the crypto queue and then return */
577 ret = tegra_aes_handle_req(dd);
580 clk_disable_unprepare(dd->aes_clk);
583 static irqreturn_t aes_irq(int irq, void *dev_id)
585 struct tegra_aes_dev *dd = (struct tegra_aes_dev *)dev_id;
586 u32 value = aes_readl(dd, TEGRA_AES_INTR_STATUS);
587 int busy = test_bit(FLAGS_BUSY, &dd->flags);
590 dev_dbg(dd->dev, "spurious interrupt\n");
594 dev_dbg(dd->dev, "irq_stat: 0x%x\n", value);
595 if (value & TEGRA_AES_INT_ERROR_MASK)
596 aes_writel(dd, TEGRA_AES_INT_ERROR_MASK, TEGRA_AES_INTR_STATUS);
598 if (!(value & TEGRA_AES_ENGINE_BUSY_FIELD))
599 complete(&dd->op_complete);
606 static int tegra_aes_crypt(struct ablkcipher_request *req, unsigned long mode)
608 struct tegra_aes_reqctx *rctx = ablkcipher_request_ctx(req);
609 struct tegra_aes_dev *dd = aes_dev;
614 dev_dbg(dd->dev, "nbytes: %d, enc: %d, cbc: %d, ofb: %d\n",
615 req->nbytes, !!(mode & FLAGS_ENCRYPT),
616 !!(mode & FLAGS_CBC), !!(mode & FLAGS_OFB));
620 spin_lock_irqsave(&dd->lock, flags);
621 err = ablkcipher_enqueue_request(&dd->queue, req);
622 busy = test_and_set_bit(FLAGS_BUSY, &dd->flags);
623 spin_unlock_irqrestore(&dd->lock, flags);
626 queue_work(aes_wq, &aes_work);
631 static int tegra_aes_ecb_encrypt(struct ablkcipher_request *req)
633 return tegra_aes_crypt(req, FLAGS_ENCRYPT);
636 static int tegra_aes_ecb_decrypt(struct ablkcipher_request *req)
638 return tegra_aes_crypt(req, 0);
641 static int tegra_aes_cbc_encrypt(struct ablkcipher_request *req)
643 return tegra_aes_crypt(req, FLAGS_ENCRYPT | FLAGS_CBC);
646 static int tegra_aes_cbc_decrypt(struct ablkcipher_request *req)
648 return tegra_aes_crypt(req, FLAGS_CBC);
651 static int tegra_aes_ofb_encrypt(struct ablkcipher_request *req)
653 return tegra_aes_crypt(req, FLAGS_ENCRYPT | FLAGS_OFB);
656 static int tegra_aes_ofb_decrypt(struct ablkcipher_request *req)
658 return tegra_aes_crypt(req, FLAGS_OFB);
661 static int tegra_aes_get_random(struct crypto_rng *tfm, u8 *rdata,
664 struct tegra_aes_dev *dd = aes_dev;
665 struct tegra_aes_ctx *ctx = &rng_ctx;
667 u8 *dest = rdata, *dt = dd->dt;
669 /* take mutex to access the aes hw */
670 mutex_lock(&aes_lock);
672 ret = clk_prepare_enable(dd->aes_clk);
674 mutex_unlock(&aes_lock);
680 dd->flags = FLAGS_ENCRYPT | FLAGS_RNG;
682 memcpy(dd->buf_in, dt, DEFAULT_RNG_BLK_SZ);
684 ret = aes_start_crypt(dd, (u32)dd->dma_buf_in,
685 (u32)dd->dma_buf_out, 1, dd->flags, true);
687 dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret);
691 memcpy(dest, dd->buf_out, dlen);
694 for (i = DEFAULT_RNG_BLK_SZ - 1; i >= 0; i--) {
701 clk_disable_unprepare(dd->aes_clk);
702 mutex_unlock(&aes_lock);
704 dev_dbg(dd->dev, "%s: done\n", __func__);
708 static int tegra_aes_rng_reset(struct crypto_rng *tfm, u8 *seed,
711 struct tegra_aes_dev *dd = aes_dev;
712 struct tegra_aes_ctx *ctx = &rng_ctx;
713 struct tegra_aes_slot *key_slot;
715 u8 tmp[16]; /* 16 bytes = 128 bits of entropy */
719 dev_err(dd->dev, "ctx=0x%x, dd=0x%x\n",
720 (unsigned int)ctx, (unsigned int)dd);
724 if (slen < (DEFAULT_RNG_BLK_SZ + AES_KEYSIZE_128)) {
725 dev_err(dd->dev, "seed size invalid");
729 /* take mutex to access the aes hw */
730 mutex_lock(&aes_lock);
733 key_slot = aes_find_key_slot();
735 dev_err(dd->dev, "no empty slot\n");
736 mutex_unlock(&aes_lock);
739 ctx->slot = key_slot;
746 ctx->keylen = AES_KEYSIZE_128;
747 ctx->flags |= FLAGS_NEW_KEY;
749 /* copy the key to the key slot */
750 memcpy(dd->ivkey_base, seed + DEFAULT_RNG_BLK_SZ, AES_KEYSIZE_128);
751 memset(dd->ivkey_base + AES_KEYSIZE_128, 0, AES_HW_KEY_TABLE_LENGTH_BYTES - AES_KEYSIZE_128);
756 dd->flags = FLAGS_ENCRYPT | FLAGS_RNG;
758 ret = clk_prepare_enable(dd->aes_clk);
760 mutex_unlock(&aes_lock);
766 /* set seed to the aes hw slot */
767 memcpy(dd->buf_in, dd->iv, DEFAULT_RNG_BLK_SZ);
768 ret = aes_start_crypt(dd, (u32)dd->dma_buf_in,
769 dd->dma_buf_out, 1, FLAGS_CBC, false);
771 dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret);
775 if (dd->ivlen >= (2 * DEFAULT_RNG_BLK_SZ + AES_KEYSIZE_128)) {
776 dt = dd->iv + DEFAULT_RNG_BLK_SZ + AES_KEYSIZE_128;
778 get_random_bytes(tmp, sizeof(tmp));
781 memcpy(dd->dt, dt, DEFAULT_RNG_BLK_SZ);
784 clk_disable_unprepare(dd->aes_clk);
785 mutex_unlock(&aes_lock);
787 dev_dbg(dd->dev, "%s: done\n", __func__);
791 static int tegra_aes_cra_init(struct crypto_tfm *tfm)
793 tfm->crt_ablkcipher.reqsize = sizeof(struct tegra_aes_reqctx);
798 void tegra_aes_cra_exit(struct crypto_tfm *tfm)
800 struct tegra_aes_ctx *ctx =
801 crypto_ablkcipher_ctx((struct crypto_ablkcipher *)tfm);
803 if (ctx && ctx->slot)
804 aes_release_key_slot(ctx->slot);
807 static struct crypto_alg algs[] = {
809 .cra_name = "ecb(aes)",
810 .cra_driver_name = "ecb-aes-tegra",
812 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
813 .cra_blocksize = AES_BLOCK_SIZE,
815 .cra_type = &crypto_ablkcipher_type,
816 .cra_u.ablkcipher = {
817 .min_keysize = AES_MIN_KEY_SIZE,
818 .max_keysize = AES_MAX_KEY_SIZE,
819 .setkey = tegra_aes_setkey,
820 .encrypt = tegra_aes_ecb_encrypt,
821 .decrypt = tegra_aes_ecb_decrypt,
824 .cra_name = "cbc(aes)",
825 .cra_driver_name = "cbc-aes-tegra",
827 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
828 .cra_blocksize = AES_BLOCK_SIZE,
830 .cra_type = &crypto_ablkcipher_type,
831 .cra_u.ablkcipher = {
832 .min_keysize = AES_MIN_KEY_SIZE,
833 .max_keysize = AES_MAX_KEY_SIZE,
834 .ivsize = AES_MIN_KEY_SIZE,
835 .setkey = tegra_aes_setkey,
836 .encrypt = tegra_aes_cbc_encrypt,
837 .decrypt = tegra_aes_cbc_decrypt,
840 .cra_name = "ofb(aes)",
841 .cra_driver_name = "ofb-aes-tegra",
843 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
844 .cra_blocksize = AES_BLOCK_SIZE,
846 .cra_type = &crypto_ablkcipher_type,
847 .cra_u.ablkcipher = {
848 .min_keysize = AES_MIN_KEY_SIZE,
849 .max_keysize = AES_MAX_KEY_SIZE,
850 .ivsize = AES_MIN_KEY_SIZE,
851 .setkey = tegra_aes_setkey,
852 .encrypt = tegra_aes_ofb_encrypt,
853 .decrypt = tegra_aes_ofb_decrypt,
856 .cra_name = "ansi_cprng",
857 .cra_driver_name = "rng-aes-tegra",
858 .cra_flags = CRYPTO_ALG_TYPE_RNG,
859 .cra_ctxsize = sizeof(struct tegra_aes_ctx),
860 .cra_type = &crypto_rng_type,
862 .rng_make_random = tegra_aes_get_random,
863 .rng_reset = tegra_aes_rng_reset,
864 .seedsize = AES_KEYSIZE_128 + (2 * DEFAULT_RNG_BLK_SZ),
869 static int tegra_aes_probe(struct platform_device *pdev)
871 struct device *dev = &pdev->dev;
872 struct tegra_aes_dev *dd;
873 struct resource *res;
874 int err = -ENOMEM, i = 0, j;
876 dd = devm_kzalloc(dev, sizeof(struct tegra_aes_dev), GFP_KERNEL);
878 dev_err(dev, "unable to alloc data struct.\n");
883 platform_set_drvdata(pdev, dd);
885 dd->slots = devm_kzalloc(dev, sizeof(struct tegra_aes_slot) *
886 AES_NR_KEYSLOTS, GFP_KERNEL);
887 if (dd->slots == NULL) {
888 dev_err(dev, "unable to alloc slot struct.\n");
892 spin_lock_init(&dd->lock);
893 crypto_init_queue(&dd->queue, TEGRA_AES_QUEUE_LENGTH);
895 /* Get the module base address */
896 res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
898 dev_err(dev, "invalid resource type: base\n");
903 if (!devm_request_mem_region(&pdev->dev, res->start,
905 dev_name(&pdev->dev))) {
906 dev_err(&pdev->dev, "Couldn't request MEM resource\n");
910 dd->io_base = devm_ioremap(dev, res->start, resource_size(res));
912 dev_err(dev, "can't ioremap register space\n");
917 /* Initialize the vde clock */
918 dd->aes_clk = clk_get(dev, "vde");
919 if (IS_ERR(dd->aes_clk)) {
920 dev_err(dev, "iclock intialization failed.\n");
925 err = clk_set_rate(dd->aes_clk, ULONG_MAX);
927 dev_err(dd->dev, "iclk set_rate fail(%d)\n", err);
932 * the foll contiguous memory is allocated as follows -
933 * - hardware key table
936 dd->ivkey_base = dma_alloc_coherent(dev, AES_HW_KEY_TABLE_LENGTH_BYTES,
937 &dd->ivkey_phys_base,
939 if (!dd->ivkey_base) {
940 dev_err(dev, "can not allocate iv/key buffer\n");
945 dd->buf_in = dma_alloc_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES,
946 &dd->dma_buf_in, GFP_KERNEL);
948 dev_err(dev, "can not allocate dma-in buffer\n");
953 dd->buf_out = dma_alloc_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES,
954 &dd->dma_buf_out, GFP_KERNEL);
956 dev_err(dev, "can not allocate dma-out buffer\n");
961 init_completion(&dd->op_complete);
962 aes_wq = alloc_workqueue("tegra_aes_wq", WQ_HIGHPRI | WQ_UNBOUND, 1);
964 dev_err(dev, "alloc_workqueue failed\n");
970 res = platform_get_resource(pdev, IORESOURCE_IRQ, 0);
972 dev_err(dev, "invalid resource type: base\n");
976 dd->irq = res->start;
978 err = devm_request_irq(dev, dd->irq, aes_irq, IRQF_TRIGGER_HIGH |
979 IRQF_SHARED, "tegra-aes", dd);
981 dev_err(dev, "request_irq failed\n");
985 mutex_init(&aes_lock);
986 INIT_LIST_HEAD(&dev_list);
988 spin_lock_init(&list_lock);
989 spin_lock(&list_lock);
990 for (i = 0; i < AES_NR_KEYSLOTS; i++) {
991 if (i == SSK_SLOT_NUM)
993 dd->slots[i].slot_num = i;
994 INIT_LIST_HEAD(&dd->slots[i].node);
995 list_add_tail(&dd->slots[i].node, &dev_list);
997 spin_unlock(&list_lock);
1000 for (i = 0; i < ARRAY_SIZE(algs); i++) {
1001 algs[i].cra_priority = 300;
1002 algs[i].cra_ctxsize = sizeof(struct tegra_aes_ctx);
1003 algs[i].cra_module = THIS_MODULE;
1004 algs[i].cra_init = tegra_aes_cra_init;
1005 algs[i].cra_exit = tegra_aes_cra_exit;
1007 err = crypto_register_alg(&algs[i]);
1012 dev_info(dev, "registered");
1016 for (j = 0; j < i; j++)
1017 crypto_unregister_alg(&algs[j]);
1019 dma_free_coherent(dev, AES_HW_KEY_TABLE_LENGTH_BYTES,
1020 dd->ivkey_base, dd->ivkey_phys_base);
1022 dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES,
1023 dd->buf_in, dd->dma_buf_in);
1025 dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES,
1026 dd->buf_out, dd->dma_buf_out);
1027 if (!IS_ERR(dd->aes_clk))
1028 clk_put(dd->aes_clk);
1030 destroy_workqueue(aes_wq);
1031 spin_lock(&list_lock);
1032 list_del(&dev_list);
1033 spin_unlock(&list_lock);
1037 dev_err(dev, "%s: initialization failed.\n", __func__);
1041 static int tegra_aes_remove(struct platform_device *pdev)
1043 struct device *dev = &pdev->dev;
1044 struct tegra_aes_dev *dd = platform_get_drvdata(pdev);
1047 for (i = 0; i < ARRAY_SIZE(algs); i++)
1048 crypto_unregister_alg(&algs[i]);
1050 cancel_work_sync(&aes_work);
1051 destroy_workqueue(aes_wq);
1052 spin_lock(&list_lock);
1053 list_del(&dev_list);
1054 spin_unlock(&list_lock);
1056 dma_free_coherent(dev, AES_HW_KEY_TABLE_LENGTH_BYTES,
1057 dd->ivkey_base, dd->ivkey_phys_base);
1058 dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES,
1059 dd->buf_in, dd->dma_buf_in);
1060 dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES,
1061 dd->buf_out, dd->dma_buf_out);
1062 clk_put(dd->aes_clk);
1068 static struct of_device_id tegra_aes_of_match[] = {
1069 { .compatible = "nvidia,tegra20-aes", },
1070 { .compatible = "nvidia,tegra30-aes", },
1074 static struct platform_driver tegra_aes_driver = {
1075 .probe = tegra_aes_probe,
1076 .remove = tegra_aes_remove,
1078 .name = "tegra-aes",
1079 .owner = THIS_MODULE,
1080 .of_match_table = tegra_aes_of_match,
1084 module_platform_driver(tegra_aes_driver);
1086 MODULE_DESCRIPTION("Tegra AES/OFB/CPRNG hw acceleration support.");
1087 MODULE_AUTHOR("NVIDIA Corporation");
1088 MODULE_LICENSE("GPL v2");