1
// SPDX-License-Identifier: GPL-2.0-only
2
/*
3
 * AMD Cryptographic Coprocessor (CCP) crypto API support
4
 *
5
 * Copyright (C) 2013,2017 Advanced Micro Devices, Inc.
6
 *
7
 * Author: Tom Lendacky <[email protected]>
8
 */
9

10
#include <crypto/internal/akcipher.h>
11
#include <crypto/internal/hash.h>
12
#include <crypto/internal/skcipher.h>
13
#include <linux/ccp.h>
14
#include <linux/err.h>
15
#include <linux/kernel.h>
16
#include <linux/list.h>
17
#include <linux/module.h>
18
#include <linux/scatterlist.h>
19
#include <linux/slab.h>
20
#include <linux/spinlock.h>
21

22
#include "ccp-crypto.h"
23

24
MODULE_AUTHOR("Tom Lendacky <[email protected]>");
25
MODULE_LICENSE("GPL");
26
MODULE_VERSION("1.0.0");
27
MODULE_DESCRIPTION("AMD Cryptographic Coprocessor crypto API support");
28

29
static unsigned int aes_disable;
30
module_param(aes_disable, uint, 0444);
31
MODULE_PARM_DESC(aes_disable, "Disable use of AES - any non-zero value");
32

33
static unsigned int sha_disable;
34
module_param(sha_disable, uint, 0444);
35
MODULE_PARM_DESC(sha_disable, "Disable use of SHA - any non-zero value");
36

37
static unsigned int des3_disable;
38
module_param(des3_disable, uint, 0444);
39
MODULE_PARM_DESC(des3_disable, "Disable use of 3DES - any non-zero value");
40

41
static unsigned int rsa_disable;
42
module_param(rsa_disable, uint, 0444);
43
MODULE_PARM_DESC(rsa_disable, "Disable use of RSA - any non-zero value");
44

45
/* List heads for the supported algorithms */
46
static LIST_HEAD(hash_algs);
47
static LIST_HEAD(skcipher_algs);
48
static LIST_HEAD(aead_algs);
49
static LIST_HEAD(akcipher_algs);
50

51
/* For any tfm, requests for that tfm must be returned on the order
52
 * received.  With multiple queues available, the CCP can process more
53
 * than one cmd at a time.  Therefore we must maintain a cmd list to insure
54
 * the proper ordering of requests on a given tfm.
55
 */
56
struct ccp_crypto_queue {
57
	struct list_head cmds;
58
	struct list_head *backlog;
59
	unsigned int cmd_count;
60
};
61

62
#define CCP_CRYPTO_MAX_QLEN	100
63

64
static struct ccp_crypto_queue req_queue;
65
static DEFINE_SPINLOCK(req_queue_lock);
66

67
struct ccp_crypto_cmd {
68
	struct list_head entry;
69

70
	struct ccp_cmd *cmd;
71

72
	/* Save the crypto_tfm and crypto_async_request addresses
73
	 * separately to avoid any reference to a possibly invalid
74
	 * crypto_async_request structure after invoking the request
75
	 * callback
76
	 */
77
	struct crypto_async_request *req;
78
	struct crypto_tfm *tfm;
79

80
	/* Used for held command processing to determine state */
81
	int ret;
82
};
83

84
static inline bool ccp_crypto_success(int err)
85
{
86
	if (err && (err != -EINPROGRESS) && (err != -EBUSY))
87
		return false;
88

89
	return true;
90
}
91

92
static struct ccp_crypto_cmd *ccp_crypto_cmd_complete(
93
	struct ccp_crypto_cmd *crypto_cmd, struct ccp_crypto_cmd **backlog)
94
{
95
	struct ccp_crypto_cmd *held = NULL, *tmp;
96
	unsigned long flags;
97

98
	*backlog = NULL;
99

100
	spin_lock_irqsave(&req_queue_lock, flags);
101

102
	/* Held cmds will be after the current cmd in the queue so start
103
	 * searching for a cmd with a matching tfm for submission.
104
	 */
105
	tmp = crypto_cmd;
106
	list_for_each_entry_continue(tmp, &req_queue.cmds, entry) {
107
		if (crypto_cmd->tfm != tmp->tfm)
108
			continue;
109
		held = tmp;
110
		break;
111
	}
112

113
	/* Process the backlog:
114
	 *   Because cmds can be executed from any point in the cmd list
115
	 *   special precautions have to be taken when handling the backlog.
116
	 */
117
	if (req_queue.backlog != &req_queue.cmds) {
118
		/* Skip over this cmd if it is the next backlog cmd */
119
		if (req_queue.backlog == &crypto_cmd->entry)
120
			req_queue.backlog = crypto_cmd->entry.next;
121

122
		*backlog = container_of(req_queue.backlog,
123
					struct ccp_crypto_cmd, entry);
124
		req_queue.backlog = req_queue.backlog->next;
125

126
		/* Skip over this cmd if it is now the next backlog cmd */
127
		if (req_queue.backlog == &crypto_cmd->entry)
128
			req_queue.backlog = crypto_cmd->entry.next;
129
	}
130

131
	/* Remove the cmd entry from the list of cmds */
132
	req_queue.cmd_count--;
133
	list_del(&crypto_cmd->entry);
134

135
	spin_unlock_irqrestore(&req_queue_lock, flags);
136

137
	return held;
138
}
139

140
static void ccp_crypto_complete(void *data, int err)
141
{
142
	struct ccp_crypto_cmd *crypto_cmd = data;
143
	struct ccp_crypto_cmd *held, *next, *backlog;
144
	struct crypto_async_request *req = crypto_cmd->req;
145
	struct ccp_ctx *ctx = crypto_tfm_ctx_dma(req->tfm);
146
	int ret;
147

148
	if (err == -EINPROGRESS) {
149
		/* Only propagate the -EINPROGRESS if necessary */
150
		if (crypto_cmd->ret == -EBUSY) {
151
			crypto_cmd->ret = -EINPROGRESS;
152
			crypto_request_complete(req, -EINPROGRESS);
153
		}
154

155
		return;
156
	}
157

158
	/* Operation has completed - update the queue before invoking
159
	 * the completion callbacks and retrieve the next cmd (cmd with
160
	 * a matching tfm) that can be submitted to the CCP.
161
	 */
162
	held = ccp_crypto_cmd_complete(crypto_cmd, &backlog);
163
	if (backlog) {
164
		backlog->ret = -EINPROGRESS;
165
		crypto_request_complete(backlog->req, -EINPROGRESS);
166
	}
167

168
	/* Transition the state from -EBUSY to -EINPROGRESS first */
169
	if (crypto_cmd->ret == -EBUSY)
170
		crypto_request_complete(req, -EINPROGRESS);
171

172
	/* Completion callbacks */
173
	ret = err;
174
	if (ctx->complete)
175
		ret = ctx->complete(req, ret);
176
	crypto_request_complete(req, ret);
177

178
	/* Submit the next cmd */
179
	while (held) {
180
		/* Since we have already queued the cmd, we must indicate that
181
		 * we can backlog so as not to "lose" this request.
182
		 */
183
		held->cmd->flags |= CCP_CMD_MAY_BACKLOG;
184
		ret = ccp_enqueue_cmd(held->cmd);
185
		if (ccp_crypto_success(ret))
186
			break;
187

188
		/* Error occurred, report it and get the next entry */
189
		ctx = crypto_tfm_ctx_dma(held->req->tfm);
190
		if (ctx->complete)
191
			ret = ctx->complete(held->req, ret);
192
		crypto_request_complete(held->req, ret);
193

194
		next = ccp_crypto_cmd_complete(held, &backlog);
195
		if (backlog) {
196
			backlog->ret = -EINPROGRESS;
197
			crypto_request_complete(backlog->req, -EINPROGRESS);
198
		}
199

200
		kfree(held);
201
		held = next;
202
	}
203

204
	kfree(crypto_cmd);
205
}
206

207
static int ccp_crypto_enqueue_cmd(struct ccp_crypto_cmd *crypto_cmd)
208
{
209
	struct ccp_crypto_cmd *active = NULL, *tmp;
210
	unsigned long flags;
211
	bool free_cmd = true;
212
	int ret;
213

214
	spin_lock_irqsave(&req_queue_lock, flags);
215

216
	/* Check if the cmd can/should be queued */
217
	if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) {
218
		if (!(crypto_cmd->cmd->flags & CCP_CMD_MAY_BACKLOG)) {
219
			ret = -ENOSPC;
220
			goto e_lock;
221
		}
222
	}
223

224
	/* Look for an entry with the same tfm.  If there is a cmd
225
	 * with the same tfm in the list then the current cmd cannot
226
	 * be submitted to the CCP yet.
227
	 */
228
	list_for_each_entry(tmp, &req_queue.cmds, entry) {
229
		if (crypto_cmd->tfm != tmp->tfm)
230
			continue;
231
		active = tmp;
232
		break;
233
	}
234

235
	ret = -EINPROGRESS;
236
	if (!active) {
237
		ret = ccp_enqueue_cmd(crypto_cmd->cmd);
238
		if (!ccp_crypto_success(ret))
239
			goto e_lock;	/* Error, don't queue it */
240
	}
241

242
	if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) {
243
		ret = -EBUSY;
244
		if (req_queue.backlog == &req_queue.cmds)
245
			req_queue.backlog = &crypto_cmd->entry;
246
	}
247
	crypto_cmd->ret = ret;
248

249
	req_queue.cmd_count++;
250
	list_add_tail(&crypto_cmd->entry, &req_queue.cmds);
251

252
	free_cmd = false;
253

254
e_lock:
255
	spin_unlock_irqrestore(&req_queue_lock, flags);
256

257
	if (free_cmd)
258
		kfree(crypto_cmd);
259

260
	return ret;
261
}
262

263
/**
264
 * ccp_crypto_enqueue_request - queue an crypto async request for processing
265
 *				by the CCP
266
 *
267
 * @req: crypto_async_request struct to be processed
268
 * @cmd: ccp_cmd struct to be sent to the CCP
269
 */
270
int ccp_crypto_enqueue_request(struct crypto_async_request *req,
271
			       struct ccp_cmd *cmd)
272
{
273
	struct ccp_crypto_cmd *crypto_cmd;
274
	gfp_t gfp;
275

276
	gfp = req->flags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : GFP_ATOMIC;
277

278
	crypto_cmd = kzalloc(sizeof(*crypto_cmd), gfp);
279
	if (!crypto_cmd)
280
		return -ENOMEM;
281

282
	/* The tfm pointer must be saved and not referenced from the
283
	 * crypto_async_request (req) pointer because it is used after
284
	 * completion callback for the request and the req pointer
285
	 * might not be valid anymore.
286
	 */
287
	crypto_cmd->cmd = cmd;
288
	crypto_cmd->req = req;
289
	crypto_cmd->tfm = req->tfm;
290

291
	cmd->callback = ccp_crypto_complete;
292
	cmd->data = crypto_cmd;
293

294
	if (req->flags & CRYPTO_TFM_REQ_MAY_BACKLOG)
295
		cmd->flags |= CCP_CMD_MAY_BACKLOG;
296
	else
297
		cmd->flags &= ~CCP_CMD_MAY_BACKLOG;
298

299
	return ccp_crypto_enqueue_cmd(crypto_cmd);
300
}
301

302
struct scatterlist *ccp_crypto_sg_table_add(struct sg_table *table,
303
					    struct scatterlist *sg_add)
304
{
305
	struct scatterlist *sg, *sg_last = NULL;
306

307
	for (sg = table->sgl; sg; sg = sg_next(sg))
308
		if (!sg_page(sg))
309
			break;
310
	if (WARN_ON(!sg))
311
		return NULL;
312

313
	for (; sg && sg_add; sg = sg_next(sg), sg_add = sg_next(sg_add)) {
314
		sg_set_page(sg, sg_page(sg_add), sg_add->length,
315
			    sg_add->offset);
316
		sg_last = sg;
317
	}
318
	if (WARN_ON(sg_add))
319
		return NULL;
320

321
	return sg_last;
322
}
323

324
static int ccp_register_algs(void)
325
{
326
	int ret;
327

328
	if (!aes_disable) {
329
		ret = ccp_register_aes_algs(&skcipher_algs);
330
		if (ret)
331
			return ret;
332

333
		ret = ccp_register_aes_cmac_algs(&hash_algs);
334
		if (ret)
335
			return ret;
336

337
		ret = ccp_register_aes_xts_algs(&skcipher_algs);
338
		if (ret)
339
			return ret;
340

341
		ret = ccp_register_aes_aeads(&aead_algs);
342
		if (ret)
343
			return ret;
344
	}
345

346
	if (!des3_disable) {
347
		ret = ccp_register_des3_algs(&skcipher_algs);
348
		if (ret)
349
			return ret;
350
	}
351

352
	if (!sha_disable) {
353
		ret = ccp_register_sha_algs(&hash_algs);
354
		if (ret)
355
			return ret;
356
	}
357

358
	if (!rsa_disable) {
359
		ret = ccp_register_rsa_algs(&akcipher_algs);
360
		if (ret)
361
			return ret;
362
	}
363

364
	return 0;
365
}
366

367
static void ccp_unregister_algs(void)
368
{
369
	struct ccp_crypto_ahash_alg *ahash_alg, *ahash_tmp;
370
	struct ccp_crypto_skcipher_alg *ablk_alg, *ablk_tmp;
371
	struct ccp_crypto_aead *aead_alg, *aead_tmp;
372
	struct ccp_crypto_akcipher_alg *akc_alg, *akc_tmp;
373

374
	list_for_each_entry_safe(ahash_alg, ahash_tmp, &hash_algs, entry) {
375
		crypto_unregister_ahash(&ahash_alg->alg);
376
		list_del(&ahash_alg->entry);
377
		kfree(ahash_alg);
378
	}
379

380
	list_for_each_entry_safe(ablk_alg, ablk_tmp, &skcipher_algs, entry) {
381
		crypto_unregister_skcipher(&ablk_alg->alg);
382
		list_del(&ablk_alg->entry);
383
		kfree(ablk_alg);
384
	}
385

386
	list_for_each_entry_safe(aead_alg, aead_tmp, &aead_algs, entry) {
387
		crypto_unregister_aead(&aead_alg->alg);
388
		list_del(&aead_alg->entry);
389
		kfree(aead_alg);
390
	}
391

392
	list_for_each_entry_safe(akc_alg, akc_tmp, &akcipher_algs, entry) {
393
		crypto_unregister_akcipher(&akc_alg->alg);
394
		list_del(&akc_alg->entry);
395
		kfree(akc_alg);
396
	}
397
}
398

399
static int __init ccp_crypto_init(void)
400
{
401
	int ret;
402

403
	ret = ccp_present();
404
	if (ret) {
405
		pr_err("Cannot load: there are no available CCPs\n");
406
		return ret;
407
	}
408

409
	INIT_LIST_HEAD(&req_queue.cmds);
410
	req_queue.backlog = &req_queue.cmds;
411
	req_queue.cmd_count = 0;
412

413
	ret = ccp_register_algs();
414
	if (ret)
415
		ccp_unregister_algs();
416

417
	return ret;
418
}
419

420
static void __exit ccp_crypto_exit(void)
421
{
422
	ccp_unregister_algs();
423
}
424

425
module_init(ccp_crypto_init);
426
module_exit(ccp_crypto_exit);
427

428