1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * AMD Cryptographic Coprocessor (CCP) crypto API support
4 *
5 * Copyright (C) 2013,2017 Advanced Micro Devices, Inc.
6 *
7 * Author: Tom Lendacky <thomas.lendacky@amd.com>
8 */
9
10#include <linux/module.h>
11#include <linux/moduleparam.h>
12#include <linux/kernel.h>
13#include <linux/list.h>
14#include <linux/ccp.h>
15#include <linux/scatterlist.h>
16#include <crypto/internal/hash.h>
17#include <crypto/internal/akcipher.h>
18
19#include "ccp-crypto.h"
20
21MODULE_AUTHOR("Tom Lendacky <thomas.lendacky@amd.com>");
22MODULE_LICENSE("GPL");
23MODULE_VERSION("1.0.0");
24MODULE_DESCRIPTION("AMD Cryptographic Coprocessor crypto API support");
25
26static unsigned int aes_disable;
27module_param(aes_disable, uint, 0444);
28MODULE_PARM_DESC(aes_disable, "Disable use of AES - any non-zero value");
29
30static unsigned int sha_disable;
31module_param(sha_disable, uint, 0444);
32MODULE_PARM_DESC(sha_disable, "Disable use of SHA - any non-zero value");
33
34static unsigned int des3_disable;
35module_param(des3_disable, uint, 0444);
36MODULE_PARM_DESC(des3_disable, "Disable use of 3DES - any non-zero value");
37
38static unsigned int rsa_disable;
39module_param(rsa_disable, uint, 0444);
40MODULE_PARM_DESC(rsa_disable, "Disable use of RSA - any non-zero value");
41
42/* List heads for the supported algorithms */
43static LIST_HEAD(hash_algs);
44static LIST_HEAD(skcipher_algs);
45static LIST_HEAD(aead_algs);
46static LIST_HEAD(akcipher_algs);
47
48/* For any tfm, requests for that tfm must be returned on the order
49 * received.  With multiple queues available, the CCP can process more
50 * than one cmd at a time.  Therefore we must maintain a cmd list to insure
51 * the proper ordering of requests on a given tfm.
52 */
53struct ccp_crypto_queue {
54	struct list_head cmds;
55	struct list_head *backlog;
56	unsigned int cmd_count;
57};
58
59#define CCP_CRYPTO_MAX_QLEN	100
60
61static struct ccp_crypto_queue req_queue;
62static spinlock_t req_queue_lock;
63
64struct ccp_crypto_cmd {
65	struct list_head entry;
66
67	struct ccp_cmd *cmd;
68
69	/* Save the crypto_tfm and crypto_async_request addresses
70	 * separately to avoid any reference to a possibly invalid
71	 * crypto_async_request structure after invoking the request
72	 * callback
73	 */
74	struct crypto_async_request *req;
75	struct crypto_tfm *tfm;
76
77	/* Used for held command processing to determine state */
78	int ret;
79};
80
81struct ccp_crypto_cpu {
82	struct work_struct work;
83	struct completion completion;
84	struct ccp_crypto_cmd *crypto_cmd;
85	int err;
86};
87
88static inline bool ccp_crypto_success(int err)
89{
90	if (err && (err != -EINPROGRESS) && (err != -EBUSY))
91		return false;
92
93	return true;
94}
95
96static struct ccp_crypto_cmd *ccp_crypto_cmd_complete(
97	struct ccp_crypto_cmd *crypto_cmd, struct ccp_crypto_cmd **backlog)
98{
99	struct ccp_crypto_cmd *held = NULL, *tmp;
100	unsigned long flags;
101
102	*backlog = NULL;
103
104	spin_lock_irqsave(&req_queue_lock, flags);
105
106	/* Held cmds will be after the current cmd in the queue so start
107	 * searching for a cmd with a matching tfm for submission.
108	 */
109	tmp = crypto_cmd;
110	list_for_each_entry_continue(tmp, &req_queue.cmds, entry) {
111		if (crypto_cmd->tfm != tmp->tfm)
112			continue;
113		held = tmp;
114		break;
115	}
116
117	/* Process the backlog:
118	 *   Because cmds can be executed from any point in the cmd list
119	 *   special precautions have to be taken when handling the backlog.
120	 */
121	if (req_queue.backlog != &req_queue.cmds) {
122		/* Skip over this cmd if it is the next backlog cmd */
123		if (req_queue.backlog == &crypto_cmd->entry)
124			req_queue.backlog = crypto_cmd->entry.next;
125
126		*backlog = container_of(req_queue.backlog,
127					struct ccp_crypto_cmd, entry);
128		req_queue.backlog = req_queue.backlog->next;
129
130		/* Skip over this cmd if it is now the next backlog cmd */
131		if (req_queue.backlog == &crypto_cmd->entry)
132			req_queue.backlog = crypto_cmd->entry.next;
133	}
134
135	/* Remove the cmd entry from the list of cmds */
136	req_queue.cmd_count--;
137	list_del(&crypto_cmd->entry);
138
139	spin_unlock_irqrestore(&req_queue_lock, flags);
140
141	return held;
142}
143
144static void ccp_crypto_complete(void *data, int err)
145{
146	struct ccp_crypto_cmd *crypto_cmd = data;
147	struct ccp_crypto_cmd *held, *next, *backlog;
148	struct crypto_async_request *req = crypto_cmd->req;
149	struct ccp_ctx *ctx = crypto_tfm_ctx(req->tfm);
150	int ret;
151
152	if (err == -EINPROGRESS) {
153		/* Only propagate the -EINPROGRESS if necessary */
154		if (crypto_cmd->ret == -EBUSY) {
155			crypto_cmd->ret = -EINPROGRESS;
156			req->complete(req, -EINPROGRESS);
157		}
158
159		return;
160	}
161
162	/* Operation has completed - update the queue before invoking
163	 * the completion callbacks and retrieve the next cmd (cmd with
164	 * a matching tfm) that can be submitted to the CCP.
165	 */
166	held = ccp_crypto_cmd_complete(crypto_cmd, &backlog);
167	if (backlog) {
168		backlog->ret = -EINPROGRESS;
169		backlog->req->complete(backlog->req, -EINPROGRESS);
170	}
171
172	/* Transition the state from -EBUSY to -EINPROGRESS first */
173	if (crypto_cmd->ret == -EBUSY)
174		req->complete(req, -EINPROGRESS);
175
176	/* Completion callbacks */
177	ret = err;
178	if (ctx->complete)
179		ret = ctx->complete(req, ret);
180	req->complete(req, ret);
181
182	/* Submit the next cmd */
183	while (held) {
184		/* Since we have already queued the cmd, we must indicate that
185		 * we can backlog so as not to "lose" this request.
186		 */
187		held->cmd->flags |= CCP_CMD_MAY_BACKLOG;
188		ret = ccp_enqueue_cmd(held->cmd);
189		if (ccp_crypto_success(ret))
190			break;
191
192		/* Error occurred, report it and get the next entry */
193		ctx = crypto_tfm_ctx(held->req->tfm);
194		if (ctx->complete)
195			ret = ctx->complete(held->req, ret);
196		held->req->complete(held->req, ret);
197
198		next = ccp_crypto_cmd_complete(held, &backlog);
199		if (backlog) {
200			backlog->ret = -EINPROGRESS;
201			backlog->req->complete(backlog->req, -EINPROGRESS);
202		}
203
204		kfree(held);
205		held = next;
206	}
207
208	kfree(crypto_cmd);
209}
210
211static int ccp_crypto_enqueue_cmd(struct ccp_crypto_cmd *crypto_cmd)
212{
213	struct ccp_crypto_cmd *active = NULL, *tmp;
214	unsigned long flags;
215	bool free_cmd = true;
216	int ret;
217
218	spin_lock_irqsave(&req_queue_lock, flags);
219
220	/* Check if the cmd can/should be queued */
221	if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) {
222		if (!(crypto_cmd->cmd->flags & CCP_CMD_MAY_BACKLOG)) {
223			ret = -ENOSPC;
224			goto e_lock;
225		}
226	}
227
228	/* Look for an entry with the same tfm.  If there is a cmd
229	 * with the same tfm in the list then the current cmd cannot
230	 * be submitted to the CCP yet.
231	 */
232	list_for_each_entry(tmp, &req_queue.cmds, entry) {
233		if (crypto_cmd->tfm != tmp->tfm)
234			continue;
235		active = tmp;
236		break;
237	}
238
239	ret = -EINPROGRESS;
240	if (!active) {
241		ret = ccp_enqueue_cmd(crypto_cmd->cmd);
242		if (!ccp_crypto_success(ret))
243			goto e_lock;	/* Error, don't queue it */
244	}
245
246	if (req_queue.cmd_count >= CCP_CRYPTO_MAX_QLEN) {
247		ret = -EBUSY;
248		if (req_queue.backlog == &req_queue.cmds)
249			req_queue.backlog = &crypto_cmd->entry;
250	}
251	crypto_cmd->ret = ret;
252
253	req_queue.cmd_count++;
254	list_add_tail(&crypto_cmd->entry, &req_queue.cmds);
255
256	free_cmd = false;
257
258e_lock:
259	spin_unlock_irqrestore(&req_queue_lock, flags);
260
261	if (free_cmd)
262		kfree(crypto_cmd);
263
264	return ret;
265}
266
267/**
268 * ccp_crypto_enqueue_request - queue an crypto async request for processing
269 *				by the CCP
270 *
271 * @req: crypto_async_request struct to be processed
272 * @cmd: ccp_cmd struct to be sent to the CCP
273 */
274int ccp_crypto_enqueue_request(struct crypto_async_request *req,
275			       struct ccp_cmd *cmd)
276{
277	struct ccp_crypto_cmd *crypto_cmd;
278	gfp_t gfp;
279
280	gfp = req->flags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL : GFP_ATOMIC;
281
282	crypto_cmd = kzalloc(sizeof(*crypto_cmd), gfp);
283	if (!crypto_cmd)
284		return -ENOMEM;
285
286	/* The tfm pointer must be saved and not referenced from the
287	 * crypto_async_request (req) pointer because it is used after
288	 * completion callback for the request and the req pointer
289	 * might not be valid anymore.
290	 */
291	crypto_cmd->cmd = cmd;
292	crypto_cmd->req = req;
293	crypto_cmd->tfm = req->tfm;
294
295	cmd->callback = ccp_crypto_complete;
296	cmd->data = crypto_cmd;
297
298	if (req->flags & CRYPTO_TFM_REQ_MAY_BACKLOG)
299		cmd->flags |= CCP_CMD_MAY_BACKLOG;
300	else
301		cmd->flags &= ~CCP_CMD_MAY_BACKLOG;
302
303	return ccp_crypto_enqueue_cmd(crypto_cmd);
304}
305
306struct scatterlist *ccp_crypto_sg_table_add(struct sg_table *table,
307					    struct scatterlist *sg_add)
308{
309	struct scatterlist *sg, *sg_last = NULL;
310
311	for (sg = table->sgl; sg; sg = sg_next(sg))
312		if (!sg_page(sg))
313			break;
314	if (WARN_ON(!sg))
315		return NULL;
316
317	for (; sg && sg_add; sg = sg_next(sg), sg_add = sg_next(sg_add)) {
318		sg_set_page(sg, sg_page(sg_add), sg_add->length,
319			    sg_add->offset);
320		sg_last = sg;
321	}
322	if (WARN_ON(sg_add))
323		return NULL;
324
325	return sg_last;
326}
327
328static int ccp_register_algs(void)
329{
330	int ret;
331
332	if (!aes_disable) {
333		ret = ccp_register_aes_algs(&skcipher_algs);
334		if (ret)
335			return ret;
336
337		ret = ccp_register_aes_cmac_algs(&hash_algs);
338		if (ret)
339			return ret;
340
341		ret = ccp_register_aes_xts_algs(&skcipher_algs);
342		if (ret)
343			return ret;
344
345		ret = ccp_register_aes_aeads(&aead_algs);
346		if (ret)
347			return ret;
348	}
349
350	if (!des3_disable) {
351		ret = ccp_register_des3_algs(&skcipher_algs);
352		if (ret)
353			return ret;
354	}
355
356	if (!sha_disable) {
357		ret = ccp_register_sha_algs(&hash_algs);
358		if (ret)
359			return ret;
360	}
361
362	if (!rsa_disable) {
363		ret = ccp_register_rsa_algs(&akcipher_algs);
364		if (ret)
365			return ret;
366	}
367
368	return 0;
369}
370
371static void ccp_unregister_algs(void)
372{
373	struct ccp_crypto_ahash_alg *ahash_alg, *ahash_tmp;
374	struct ccp_crypto_skcipher_alg *ablk_alg, *ablk_tmp;
375	struct ccp_crypto_aead *aead_alg, *aead_tmp;
376	struct ccp_crypto_akcipher_alg *akc_alg, *akc_tmp;
377
378	list_for_each_entry_safe(ahash_alg, ahash_tmp, &hash_algs, entry) {
379		crypto_unregister_ahash(&ahash_alg->alg);
380		list_del(&ahash_alg->entry);
381		kfree(ahash_alg);
382	}
383
384	list_for_each_entry_safe(ablk_alg, ablk_tmp, &skcipher_algs, entry) {
385		crypto_unregister_skcipher(&ablk_alg->alg);
386		list_del(&ablk_alg->entry);
387		kfree(ablk_alg);
388	}
389
390	list_for_each_entry_safe(aead_alg, aead_tmp, &aead_algs, entry) {
391		crypto_unregister_aead(&aead_alg->alg);
392		list_del(&aead_alg->entry);
393		kfree(aead_alg);
394	}
395
396	list_for_each_entry_safe(akc_alg, akc_tmp, &akcipher_algs, entry) {
397		crypto_unregister_akcipher(&akc_alg->alg);
398		list_del(&akc_alg->entry);
399		kfree(akc_alg);
400	}
401}
402
403static int ccp_crypto_init(void)
404{
405	int ret;
406
407	ret = ccp_present();
408	if (ret) {
409		pr_err("Cannot load: there are no available CCPs\n");
410		return ret;
411	}
412
413	spin_lock_init(&req_queue_lock);
414	INIT_LIST_HEAD(&req_queue.cmds);
415	req_queue.backlog = &req_queue.cmds;
416	req_queue.cmd_count = 0;
417
418	ret = ccp_register_algs();
419	if (ret)
420		ccp_unregister_algs();
421
422	return ret;
423}
424
425static void ccp_crypto_exit(void)
426{
427	ccp_unregister_algs();
428}
429
430module_init(ccp_crypto_init);
431module_exit(ccp_crypto_exit);
432