From: Jamie Iles Subject: Re: [PATCH v7 2/2] crypto: driver for Tegra AES hardware Date: Fri, 18 Nov 2011 10:02:39 +0000 Message-ID: <20111118100239.GA8023@totoro> References: <1321594953-13390-1-git-send-email-vwadekar@nvidia.com> <1321594953-13390-3-git-send-email-vwadekar@nvidia.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: linux-crypto@vger.kernel.org, linux-tegra@vger.kernel.org, olof@lixom.net, ccross@android.com To: Varun Wadekar Return-path: Received: from mail-ww0-f44.google.com ([74.125.82.44]:64213 "EHLO mail-ww0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756535Ab1KRKCo (ORCPT ); Fri, 18 Nov 2011 05:02:44 -0500 Content-Disposition: inline In-Reply-To: <1321594953-13390-3-git-send-email-vwadekar@nvidia.com> Sender: linux-crypto-owner@vger.kernel.org List-ID: Hi Varun, Just a couple of nitpicks inline, otherwise looks good to me. Jamie On Fri, Nov 18, 2011 at 11:12:33AM +0530, Varun Wadekar wrote: > driver supports ecb/cbc/ofb/ansi_x9.31rng modes, > 128, 192 and 256-bit key sizes > > Signed-off-by: Varun Wadekar > --- > drivers/crypto/Kconfig | 11 + > drivers/crypto/Makefile | 1 + > drivers/crypto/tegra-aes.c | 1102 ++++++++++++++++++++++++++++++++++++++++++++ > drivers/crypto/tegra-aes.h | 103 ++++ > 4 files changed, 1217 insertions(+), 0 deletions(-) > create mode 100644 drivers/crypto/tegra-aes.c > create mode 100644 drivers/crypto/tegra-aes.h > > diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig > index 6d16b4b..e707979 100644 > --- a/drivers/crypto/Kconfig > +++ b/drivers/crypto/Kconfig > @@ -293,4 +293,15 @@ config CRYPTO_DEV_S5P > Select this to offload Samsung S5PV210 or S5PC110 from AES > algorithms execution. > > +config CRYPTO_DEV_TEGRA_AES > + tristate "Support for TEGRA AES hw engine" > + depends on ARCH_TEGRA > + select CRYPTO_AES > + help > + TEGRA processors have AES module accelerator. Select this if you > + want to use the TEGRA module for AES algorithms. > + > + To compile this driver as a module, choose M here: the module > + will be called tegra-aes. > + > endif # CRYPTO_HW > diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile > index 53ea501..f3e64ea 100644 > --- a/drivers/crypto/Makefile > +++ b/drivers/crypto/Makefile > @@ -13,3 +13,4 @@ obj-$(CONFIG_CRYPTO_DEV_OMAP_SHAM) += omap-sham.o > obj-$(CONFIG_CRYPTO_DEV_OMAP_AES) += omap-aes.o > obj-$(CONFIG_CRYPTO_DEV_PICOXCELL) += picoxcell_crypto.o > obj-$(CONFIG_CRYPTO_DEV_S5P) += s5p-sss.o > +obj-$(CONFIG_CRYPTO_DEV_TEGRA_AES) += tegra-aes.o > diff --git a/drivers/crypto/tegra-aes.c b/drivers/crypto/tegra-aes.c > new file mode 100644 > index 0000000..914eb6e > --- /dev/null > +++ b/drivers/crypto/tegra-aes.c > @@ -0,0 +1,1102 @@ > +/* > + * drivers/crypto/tegra-aes.c > + * > + * Driver for NVIDIA Tegra AES hardware engine residing inside the > + * Bit Stream Engine for Video (BSEV) hardware block. > + * > + * The programming sequence for this engine is with the help > + * of commands which travel via a command queue residing between the > + * CPU and the BSEV block. The BSEV engine has an internal RAM (VRAM) > + * where the final input plaintext, keys and the IV have to be copied > + * before starting the encrypt/decrypt operation. > + * > + * Copyright (c) 2010, NVIDIA Corporation. > + * > + * This program is free software; you can redistribute it and/or modify > + * it under the terms of the GNU General Public License as published by > + * the Free Software Foundation; either version 2 of the License, or > + * (at your option) any later version. > + * > + * This program is distributed in the hope that it will be useful, but WITHOUT > + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or > + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for > + * more details. > + * > + * You should have received a copy of the GNU General Public License along > + * with this program; if not, write to the Free Software Foundation, Inc., > + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. > + */ > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +#include > + > +#include > +#include > +#include > + > +#include "tegra-aes.h" > + > +#define FLAGS_MODE_MASK 0x00FF > +#define FLAGS_ENCRYPT BIT(0) > +#define FLAGS_CBC BIT(1) > +#define FLAGS_GIV BIT(2) > +#define FLAGS_RNG BIT(3) > +#define FLAGS_OFB BIT(4) > +#define FLAGS_NEW_KEY BIT(5) > +#define FLAGS_NEW_IV BIT(6) > +#define FLAGS_INIT BIT(7) > +#define FLAGS_FAST BIT(8) > +#define FLAGS_BUSY 9 > + > +/* > + * Defines AES engine Max process bytes size in one go, which takes 1 msec. > + * AES engine spends about 176 cycles/16-bytes or 11 cycles/byte > + * The duration CPU can use the BSE to 1 msec, then the number of available > + * cycles of AVP/BSE is 216K. In this duration, AES can process 216/11 ~= 19KB > + * Based on this AES_HW_DMA_BUFFER_SIZE_BYTES is configured to 16KB. > + */ > +#define AES_HW_DMA_BUFFER_SIZE_BYTES 0x4000 > + > +/* > + * The key table length is 64 bytes > + * (This includes first upto 32 bytes key + 16 bytes original initial vector > + * and 16 bytes updated initial vector) > + */ > +#define AES_HW_KEY_TABLE_LENGTH_BYTES 64 > + > +/* > + * The memory being used is divides as follows: > + * 1. Key - 32 bytes > + * 2. Original IV - 16 bytes > + * 3. Updated IV - 16 bytes > + * 4. Key schedule - 256 bytes > + * > + * 1+2+3 constitute the hw key table. > + */ > +#define AES_HW_IV_SIZE 16 > +#define AES_HW_KEYSCHEDULE_LEN 256 > +#define AES_IVKEY_SIZE (AES_HW_KEY_TABLE_LENGTH_BYTES + AES_HW_KEYSCHEDULE_LEN) > + > +/* Define commands required for AES operation */ > +enum { > + CMD_BLKSTARTENGINE = 0x0E, > + CMD_DMASETUP = 0x10, > + CMD_DMACOMPLETE = 0x11, > + CMD_SETTABLE = 0x15, > + CMD_MEMDMAVD = 0x22, > +}; > + > +/* Define sub-commands */ > +enum { > + SUBCMD_VRAM_SEL = 0x1, > + SUBCMD_CRYPTO_TABLE_SEL = 0x3, > + SUBCMD_KEY_TABLE_SEL = 0x8, > +}; > + > +/* memdma_vd command */ > +#define MEMDMA_DIR_DTOVRAM 0 /* sdram -> vram */ > +#define MEMDMA_DIR_VTODRAM 1 /* vram -> sdram */ > +#define MEMDMA_DIR_SHIFT 25 > +#define MEMDMA_NUM_WORDS_SHIFT 12 > + > +/* command queue bit shifts */ > +enum { > + CMDQ_KEYTABLEADDR_SHIFT = 0, > + CMDQ_KEYTABLEID_SHIFT = 17, > + CMDQ_VRAMSEL_SHIFT = 23, > + CMDQ_TABLESEL_SHIFT = 24, > + CMDQ_OPCODE_SHIFT = 26, > +}; > + > +/* > + * The secure key slot contains a unique secure key generated > + * and loaded by the bootloader. This slot is marked as non-accessible > + * to the kernel. > + */ > +#define SSK_SLOT_NUM 4 > + > +#define AES_NR_KEYSLOTS 8 > +#define TEGRA_AES_QUEUE_LENGTH 50 > +#define DEFAULT_RNG_BLK_SZ 16 > + > +/* The command queue depth */ > +#define AES_HW_MAX_ICQ_LENGTH 5 > + > +struct tegra_aes_slot { > + struct list_head node; > + int slot_num; > + bool available; > +}; > + > +static struct tegra_aes_slot ssk = { > + .slot_num = SSK_SLOT_NUM, > + .available = true, > +}; > + > +struct tegra_aes_reqctx { > + unsigned long mode; > +}; > + > +struct tegra_aes_dev { > + struct device *dev; > + void __iomem *io_base; > + dma_addr_t ivkey_phys_base; > + void __iomem *ivkey_base; > + struct clk *aes_clk; > + struct tegra_aes_ctx *ctx; > + int irq; > + unsigned long flags; > + struct completion op_complete; > + u32 *buf_in; > + dma_addr_t dma_buf_in; > + u32 *buf_out; > + dma_addr_t dma_buf_out; > + u8 *iv; > + u8 dt[DEFAULT_RNG_BLK_SZ]; > + int ivlen; > + u64 ctr; > + spinlock_t lock; > + struct crypto_queue queue; > + struct tegra_aes_slot *slots; > + struct ablkcipher_request *req; > + size_t total; > + struct scatterlist *in_sg; > + size_t in_offset; > + struct scatterlist *out_sg; > + size_t out_offset; > +}; > + > +static struct tegra_aes_dev *aes_dev; > + > +struct tegra_aes_ctx { > + struct tegra_aes_dev *dd; > + unsigned long flags; > + struct tegra_aes_slot *slot; > + u8 key[AES_MAX_KEY_SIZE]; > + int keylen; size_t? > +}; > + > +static struct tegra_aes_ctx rng_ctx = { > + .flags = FLAGS_NEW_KEY, > + .keylen = AES_KEYSIZE_128, > +}; > + > +/* keep registered devices data here */ > +static LIST_HEAD(dev_list); > +static DEFINE_SPINLOCK(list_lock); > +static DEFINE_MUTEX(aes_lock); > + > +static void aes_workqueue_handler(struct work_struct *work); > +static DECLARE_WORK(aes_work, aes_workqueue_handler); > +static struct workqueue_struct *aes_wq; > + > +extern unsigned long long tegra_chip_uid(void); > + > +static inline u32 aes_readl(struct tegra_aes_dev *dd, u32 offset) > +{ > + return readl(dd->io_base + offset); > +} > + > +static inline void aes_writel(struct tegra_aes_dev *dd, u32 val, u32 offset) > +{ > + writel(val, dd->io_base + offset); > +} > + > +static int aes_start_crypt(struct tegra_aes_dev *dd, u32 in_addr, u32 out_addr, > + int nblocks, int mode, bool upd_iv) > +{ > + u32 cmdq[AES_HW_MAX_ICQ_LENGTH]; > + int i, eng_busy, icq_empty, ret; > + u32 value; > + > + /* reset all the interrupt bits */ > + aes_writel(dd, 0xFFFFFFFF, TEGRA_AES_INTR_STATUS); > + > + /* enable error, dma xfer complete interrupts */ > + aes_writel(dd, 0x33, TEGRA_AES_INT_ENB); > + > + cmdq[0] = CMD_DMASETUP << CMDQ_OPCODE_SHIFT; > + cmdq[1] = in_addr; > + cmdq[2] = CMD_BLKSTARTENGINE << CMDQ_OPCODE_SHIFT | (nblocks-1); > + cmdq[3] = CMD_DMACOMPLETE << CMDQ_OPCODE_SHIFT; > + > + value = aes_readl(dd, TEGRA_AES_CMDQUE_CONTROL); > + /* access SDRAM through AHB */ > + value &= ~TEGRA_AES_CMDQ_CTRL_SRC_STM_SEL_FIELD; > + value &= ~TEGRA_AES_CMDQ_CTRL_DST_STM_SEL_FIELD; > + value |= TEGRA_AES_CMDQ_CTRL_SRC_STM_SEL_FIELD | > + TEGRA_AES_CMDQ_CTRL_DST_STM_SEL_FIELD | > + TEGRA_AES_CMDQ_CTRL_ICMDQEN_FIELD; > + aes_writel(dd, value, TEGRA_AES_CMDQUE_CONTROL); > + dev_dbg(dd->dev, "cmd_q_ctrl=0x%x", value); > + > + value = (0x1 << TEGRA_AES_SECURE_INPUT_ALG_SEL_SHIFT) | > + ((dd->ctx->keylen * 8) << > + TEGRA_AES_SECURE_INPUT_KEY_LEN_SHIFT) | > + ((u32)upd_iv << TEGRA_AES_SECURE_IV_SELECT_SHIFT); > + > + if (mode & FLAGS_CBC) { > + value |= ((((mode & FLAGS_ENCRYPT) ? 2 : 3) > + << TEGRA_AES_SECURE_XOR_POS_SHIFT) | > + (((mode & FLAGS_ENCRYPT) ? 2 : 3) > + << TEGRA_AES_SECURE_VCTRAM_SEL_SHIFT) | > + ((mode & FLAGS_ENCRYPT) ? 1 : 0) > + << TEGRA_AES_SECURE_CORE_SEL_SHIFT); > + } else if (mode & FLAGS_OFB) { > + value |= ((TEGRA_AES_SECURE_XOR_POS_FIELD) | > + (2 << TEGRA_AES_SECURE_INPUT_SEL_SHIFT) | > + (TEGRA_AES_SECURE_CORE_SEL_FIELD)); > + } else if (mode & FLAGS_RNG) { > + value |= (((mode & FLAGS_ENCRYPT) ? 1 : 0) > + << TEGRA_AES_SECURE_CORE_SEL_SHIFT | > + TEGRA_AES_SECURE_RNG_ENB_FIELD); > + } else { > + value |= (((mode & FLAGS_ENCRYPT) ? 1 : 0) > + << TEGRA_AES_SECURE_CORE_SEL_SHIFT); > + } > + > + dev_dbg(dd->dev, "secure_in_sel=0x%x", value); > + aes_writel(dd, value, TEGRA_AES_SECURE_INPUT_SELECT); > + > + aes_writel(dd, out_addr, TEGRA_AES_SECURE_DEST_ADDR); > + INIT_COMPLETION(dd->op_complete); > + > + for (i = 0; i < AES_HW_MAX_ICQ_LENGTH - 1; i++) { > + do { > + value = aes_readl(dd, TEGRA_AES_INTR_STATUS); > + eng_busy = value & TEGRA_AES_ENGINE_BUSY_FIELD; > + icq_empty = value & TEGRA_AES_ICQ_EMPTY_FIELD; > + } while (eng_busy & (!icq_empty)); > + aes_writel(dd, cmdq[i], TEGRA_AES_ICMDQUE_WR); > + } > + > + ret = wait_for_completion_timeout(&dd->op_complete, > + msecs_to_jiffies(150)); > + if (ret == 0) { > + dev_err(dd->dev, "timed out (0x%x)\n", > + aes_readl(dd, TEGRA_AES_INTR_STATUS)); > + return -ETIMEDOUT; > + } > + > + aes_writel(dd, cmdq[AES_HW_MAX_ICQ_LENGTH - 1], TEGRA_AES_ICMDQUE_WR); > + return 0; > +} > + > +static void aes_release_key_slot(struct tegra_aes_ctx *ctx) > +{ > + spin_lock(&list_lock); > + ctx->slot->available = true; > + ctx->slot = NULL; > + spin_unlock(&list_lock); > +} > + > +static struct tegra_aes_slot *aes_find_key_slot(struct tegra_aes_dev *dd) > +{ > + struct tegra_aes_slot *slot = NULL; > + bool found = false; > + > + spin_lock(&list_lock); > + list_for_each_entry(slot, &dev_list, node) { > + dev_dbg(dd->dev, "empty:%d, num:%d\n", slot->available, > + slot->slot_num); > + if (slot->available) { > + slot->available = false; > + found = true; > + break; > + } > + } > + spin_unlock(&list_lock); > + > + return found ? slot : NULL; > +} I wonder if rather than doing this search each time if it would be worth just having a list of available slots, then allocating one is just an empty test and delete. Releasing just adds to the list. > + > +static int aes_set_key(struct tegra_aes_dev *dd) > +{ > + u32 value, cmdq[2]; > + struct tegra_aes_ctx *ctx = dd->ctx; > + int eng_busy, icq_empty, dma_busy; > + bool use_ssk = false; > + > + /* use ssk? */ > + if (!dd->ctx->slot) { > + dev_dbg(dd->dev, "using ssk"); > + dd->ctx->slot = &ssk; > + use_ssk = true; > + } > + > + /* enable key schedule generation in hardware */ > + value = aes_readl(dd, TEGRA_AES_SECURE_CONFIG_EXT); > + value &= ~TEGRA_AES_SECURE_KEY_SCH_DIS_FIELD; > + aes_writel(dd, value, TEGRA_AES_SECURE_CONFIG_EXT); > + > + /* select the key slot */ > + value = aes_readl(dd, TEGRA_AES_SECURE_CONFIG); > + value &= ~TEGRA_AES_SECURE_KEY_INDEX_FIELD; > + value |= (ctx->slot->slot_num << TEGRA_AES_SECURE_KEY_INDEX_SHIFT); > + aes_writel(dd, value, TEGRA_AES_SECURE_CONFIG); > + > + if (use_ssk) > + return 0; > + > + /* copy the key table from sdram to vram */ > + cmdq[0] = CMD_MEMDMAVD << CMDQ_OPCODE_SHIFT | > + MEMDMA_DIR_DTOVRAM << MEMDMA_DIR_SHIFT | > + AES_HW_KEY_TABLE_LENGTH_BYTES / sizeof(u32) << > + MEMDMA_NUM_WORDS_SHIFT; > + cmdq[1] = (u32)dd->ivkey_phys_base; > + > + aes_writel(dd, cmdq[0], TEGRA_AES_ICMDQUE_WR); > + aes_writel(dd, cmdq[1], TEGRA_AES_ICMDQUE_WR); > + > + do { > + value = aes_readl(dd, TEGRA_AES_INTR_STATUS); > + eng_busy = value & TEGRA_AES_ENGINE_BUSY_FIELD; > + icq_empty = value & TEGRA_AES_ICQ_EMPTY_FIELD; > + dma_busy = value & TEGRA_AES_DMA_BUSY_FIELD; > + } while (eng_busy & (!icq_empty) & dma_busy); > + > + /* settable command to get key into internal registers */ > + value = CMD_SETTABLE << CMDQ_OPCODE_SHIFT | > + SUBCMD_CRYPTO_TABLE_SEL << CMDQ_TABLESEL_SHIFT | > + SUBCMD_VRAM_SEL << CMDQ_VRAMSEL_SHIFT | > + (SUBCMD_KEY_TABLE_SEL | ctx->slot->slot_num) << > + CMDQ_KEYTABLEID_SHIFT; > + aes_writel(dd, value, TEGRA_AES_ICMDQUE_WR); > + > + do { > + value = aes_readl(dd, TEGRA_AES_INTR_STATUS); > + eng_busy = value & TEGRA_AES_ENGINE_BUSY_FIELD; > + icq_empty = value & TEGRA_AES_ICQ_EMPTY_FIELD; > + } while (eng_busy & (!icq_empty)); > + > + return 0; > +} > + > +static int tegra_aes_handle_req(struct tegra_aes_dev *dd) > +{ > + struct crypto_async_request *async_req, *backlog; > + struct crypto_ablkcipher *tfm; > + struct tegra_aes_ctx *ctx; > + struct tegra_aes_reqctx *rctx; > + struct ablkcipher_request *req; > + unsigned long flags; > + int dma_max = AES_HW_DMA_BUFFER_SIZE_BYTES; > + int ret = 0, nblocks, total; > + int count = 0; > + dma_addr_t addr_in, addr_out; > + struct scatterlist *in_sg, *out_sg; > + > + if (!dd) > + return -EINVAL; > + > + spin_lock_irqsave(&dd->lock, flags); > + backlog = crypto_get_backlog(&dd->queue); > + async_req = crypto_dequeue_request(&dd->queue); > + if (!async_req) > + clear_bit(FLAGS_BUSY, &dd->flags); > + spin_unlock_irqrestore(&dd->lock, flags); > + > + if (!async_req) > + return -ENODATA; > + > + if (backlog) > + backlog->complete(backlog, -EINPROGRESS); > + > + req = ablkcipher_request_cast(async_req); > + > + dev_dbg(dd->dev, "%s: get new req\n", __func__); > + > + if (!req->src || !req->dst) > + return -EINVAL; > + > + /* take mutex to access the aes hw */ > + mutex_lock(&aes_lock); > + > + /* assign new request to device */ > + dd->req = req; > + dd->total = req->nbytes; > + dd->in_offset = 0; > + dd->in_sg = req->src; > + dd->out_offset = 0; > + dd->out_sg = req->dst; > + > + in_sg = dd->in_sg; > + out_sg = dd->out_sg; > + > + total = dd->total; > + > + tfm = crypto_ablkcipher_reqtfm(req); > + rctx = ablkcipher_request_ctx(req); > + ctx = crypto_ablkcipher_ctx(tfm); > + rctx->mode &= FLAGS_MODE_MASK; > + dd->flags = (dd->flags & ~FLAGS_MODE_MASK) | rctx->mode; > + > + dd->iv = (u8 *)req->info; > + dd->ivlen = crypto_ablkcipher_ivsize(tfm); > + > + /* assign new context to device */ > + ctx->dd = dd; > + dd->ctx = ctx; > + > + if (ctx->flags & FLAGS_NEW_KEY) { > + /* copy the key */ > + memcpy(dd->ivkey_base, ctx->key, ctx->keylen); > + memset(dd->ivkey_base + ctx->keylen, 0, AES_HW_KEY_TABLE_LENGTH_BYTES - ctx->keylen); > + aes_set_key(dd); > + ctx->flags &= ~FLAGS_NEW_KEY; > + } > + > + if (((dd->flags & FLAGS_CBC) || (dd->flags & FLAGS_OFB)) && dd->iv) { > + /* set iv to the aes hw slot > + * Hw generates updated iv only after iv is set in slot. > + * So key and iv is passed asynchronously. > + */ > + memcpy(dd->buf_in, dd->iv, dd->ivlen); > + > + ret = aes_start_crypt(dd, (u32)dd->dma_buf_in, > + dd->dma_buf_out, 1, FLAGS_CBC, false); > + if (ret < 0) { > + dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret); > + goto out; > + } > + } > + > + while (total) { > + dev_dbg(dd->dev, "remain: %d\n", total); > + ret = dma_map_sg(dd->dev, in_sg, 1, DMA_TO_DEVICE); > + if (!ret) { > + dev_err(dd->dev, "dma_map_sg() error\n"); > + goto out; > + } > + > + ret = dma_map_sg(dd->dev, out_sg, 1, DMA_FROM_DEVICE); > + if (!ret) { > + dev_err(dd->dev, "dma_map_sg() error\n"); > + dma_unmap_sg(dd->dev, dd->in_sg, > + 1, DMA_TO_DEVICE); > + goto out; > + } > + > + addr_in = sg_dma_address(in_sg); > + addr_out = sg_dma_address(out_sg); > + dd->flags |= FLAGS_FAST; > + count = min_t(int, sg_dma_len(in_sg), dma_max); > + WARN_ON(sg_dma_len(in_sg) != sg_dma_len(out_sg)); > + nblocks = DIV_ROUND_UP(count, AES_BLOCK_SIZE); > + > + ret = aes_start_crypt(dd, addr_in, addr_out, nblocks, > + dd->flags, true); > + > + dma_unmap_sg(dd->dev, out_sg, 1, DMA_FROM_DEVICE); > + dma_unmap_sg(dd->dev, in_sg, 1, DMA_TO_DEVICE); > + > + if (ret < 0) { > + dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret); > + goto out; > + } > + dd->flags &= ~FLAGS_FAST; > + > + dev_dbg(dd->dev, "out: copied %d\n", count); > + total -= count; > + in_sg = sg_next(in_sg); > + out_sg = sg_next(out_sg); > + WARN_ON(((total != 0) && (!in_sg || !out_sg))); > + } > + > +out: > + mutex_unlock(&aes_lock); > + > + dd->total = total; > + > + if (dd->req->base.complete) > + dd->req->base.complete(&dd->req->base, ret); > + > + dev_dbg(dd->dev, "%s: exit\n", __func__); > + return ret; > +} > + > +static int tegra_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, > + unsigned int keylen) > +{ > + struct tegra_aes_ctx *ctx = crypto_ablkcipher_ctx(tfm); > + struct tegra_aes_dev *dd = aes_dev; > + struct tegra_aes_slot *key_slot; > + > + if ((keylen != AES_KEYSIZE_128) && (keylen != AES_KEYSIZE_192) && > + (keylen != AES_KEYSIZE_256)) { > + dev_err(dd->dev, "unsupported key size\n"); > + crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); > + return -EINVAL; > + } > + > + dev_dbg(dd->dev, "keylen: %d\n", keylen); > + > + ctx->dd = dd; > + > + if (key) { > + if (!ctx->slot) { > + key_slot = aes_find_key_slot(dd); > + if (!key_slot) { > + dev_err(dd->dev, "no empty slot\n"); > + return -ENOMEM; > + } > + > + ctx->slot = key_slot; > + } > + > + memcpy(ctx->key, key, keylen); > + ctx->keylen = keylen; > + } > + > + ctx->flags |= FLAGS_NEW_KEY; > + dev_dbg(dd->dev, "done\n"); > + return 0; > +} > + > +static void aes_workqueue_handler(struct work_struct *work) > +{ > + struct tegra_aes_dev *dd = aes_dev; > + int ret; > + > + clk_enable(dd->aes_clk); The return value of clk_enable() should really be checked. > + > + /* empty the crypto queue and then return */ > + do { > + ret = tegra_aes_handle_req(dd); > + } while (!ret); > + > + clk_disable(dd->aes_clk); > +} > + > +static irqreturn_t aes_irq(int irq, void *dev_id) > +{ > + struct tegra_aes_dev *dd = (struct tegra_aes_dev *)dev_id; > + u32 value = aes_readl(dd, TEGRA_AES_INTR_STATUS); > + int busy = test_bit(FLAGS_BUSY, &dd->flags); > + > + if (!busy) { > + dev_dbg(dd->dev, "spurious interrupt\n"); > + return IRQ_NONE; > + } > + > + dev_dbg(dd->dev, "irq_stat: 0x%x\n", value); > + if (value & TEGRA_AES_INT_ERROR_MASK) > + aes_writel(dd, TEGRA_AES_INT_ERROR_MASK, TEGRA_AES_INTR_STATUS); > + > + if (!(value & TEGRA_AES_ENGINE_BUSY_FIELD)) > + complete(&dd->op_complete); > + else > + return IRQ_NONE; > + > + return IRQ_HANDLED; > +} > + > +static int tegra_aes_crypt(struct ablkcipher_request *req, unsigned long mode) > +{ > + struct tegra_aes_reqctx *rctx = ablkcipher_request_ctx(req); > + struct tegra_aes_dev *dd = aes_dev; > + unsigned long flags; > + int err = 0; > + int busy; > + > + dev_dbg(dd->dev, "nbytes: %d, enc: %d, cbc: %d, ofb: %d\n", > + req->nbytes, !!(mode & FLAGS_ENCRYPT), > + !!(mode & FLAGS_CBC), !!(mode & FLAGS_OFB)); > + > + rctx->mode = mode; > + > + spin_lock_irqsave(&dd->lock, flags); > + err = ablkcipher_enqueue_request(&dd->queue, req); > + busy = test_and_set_bit(FLAGS_BUSY, &dd->flags); > + spin_unlock_irqrestore(&dd->lock, flags); > + > + if (!busy) > + queue_work(aes_wq, &aes_work); > + > + return err; > +} > + > +static int tegra_aes_ecb_encrypt(struct ablkcipher_request *req) > +{ > + return tegra_aes_crypt(req, FLAGS_ENCRYPT); > +} > + > +static int tegra_aes_ecb_decrypt(struct ablkcipher_request *req) > +{ > + return tegra_aes_crypt(req, 0); > +} > + > +static int tegra_aes_cbc_encrypt(struct ablkcipher_request *req) > +{ > + return tegra_aes_crypt(req, FLAGS_ENCRYPT | FLAGS_CBC); > +} > + > +static int tegra_aes_cbc_decrypt(struct ablkcipher_request *req) > +{ > + return tegra_aes_crypt(req, FLAGS_CBC); > +} > + > +static int tegra_aes_ofb_encrypt(struct ablkcipher_request *req) > +{ > + return tegra_aes_crypt(req, FLAGS_ENCRYPT | FLAGS_OFB); > +} > + > +static int tegra_aes_ofb_decrypt(struct ablkcipher_request *req) > +{ > + return tegra_aes_crypt(req, FLAGS_OFB); > +} > + > +static int tegra_aes_get_random(struct crypto_rng *tfm, u8 *rdata, > + unsigned int dlen) > +{ > + struct tegra_aes_dev *dd = aes_dev; > + struct tegra_aes_ctx *ctx = &rng_ctx; > + int ret, i; > + u8 *dest = rdata, *dt = dd->dt; > + > + /* take mutex to access the aes hw */ > + mutex_lock(&aes_lock); > + > + clk_enable(dd->aes_clk); > + > + ctx->dd = dd; > + dd->ctx = ctx; > + dd->flags = FLAGS_ENCRYPT | FLAGS_RNG; > + > + memcpy(dd->buf_in, dt, DEFAULT_RNG_BLK_SZ); > + > + ret = aes_start_crypt(dd, (u32)dd->dma_buf_in, > + (u32)dd->dma_buf_out, 1, dd->flags, true); > + if (ret < 0) { > + dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret); > + dlen = ret; > + goto out; > + } > + memcpy(dest, dd->buf_out, dlen); > + > + /* update the DT */ > + for (i = DEFAULT_RNG_BLK_SZ - 1; i >= 0; i--) { > + dt[i] += 1; > + if (dt[i] != 0) > + break; > + } > + > +out: > + clk_disable(dd->aes_clk); > + mutex_unlock(&aes_lock); > + > + dev_dbg(dd->dev, "%s: done\n", __func__); > + return dlen; > +} > + > +static int tegra_aes_rng_reset(struct crypto_rng *tfm, u8 *seed, > + unsigned int slen) > +{ > + struct tegra_aes_dev *dd = aes_dev; > + struct tegra_aes_ctx *ctx = &rng_ctx; > + struct tegra_aes_slot *key_slot; > + struct timespec ts; > + int ret = 0; > + u64 nsec, tmp[2]; > + u8 *dt; > + > + if (!ctx || !dd) { > + dev_err(dd->dev, "ctx=0x%x, dd=0x%x\n", > + (unsigned int)ctx, (unsigned int)dd); > + return -EINVAL; > + } > + > + if (slen < (DEFAULT_RNG_BLK_SZ + AES_KEYSIZE_128)) { > + dev_err(dd->dev, "seed size invalid"); > + return -ENOMEM; > + } > + > + /* take mutex to access the aes hw */ > + mutex_lock(&aes_lock); > + > + if (!ctx->slot) { > + key_slot = aes_find_key_slot(dd); > + if (!key_slot) { > + dev_err(dd->dev, "no empty slot\n"); > + mutex_unlock(&aes_lock); > + return -ENOMEM; > + } > + ctx->slot = key_slot; > + } > + > + ctx->dd = dd; > + dd->ctx = ctx; > + dd->ctr = 0; > + > + ctx->keylen = AES_KEYSIZE_128; > + ctx->flags |= FLAGS_NEW_KEY; > + > + /* copy the key to the key slot */ > + memcpy(dd->ivkey_base, seed + DEFAULT_RNG_BLK_SZ, AES_KEYSIZE_128); > + memset(dd->ivkey_base + AES_KEYSIZE_128, 0, AES_HW_KEY_TABLE_LENGTH_BYTES - AES_KEYSIZE_128); > + > + dd->iv = seed; > + dd->ivlen = slen; > + > + dd->flags = FLAGS_ENCRYPT | FLAGS_RNG; > + > + clk_enable(dd->aes_clk); > + > + aes_set_key(dd); > + > + /* set seed to the aes hw slot */ > + memcpy(dd->buf_in, dd->iv, DEFAULT_RNG_BLK_SZ); > + ret = aes_start_crypt(dd, (u32)dd->dma_buf_in, > + dd->dma_buf_out, 1, FLAGS_CBC, false); > + if (ret < 0) { > + dev_err(dd->dev, "aes_start_crypt fail(%d)\n", ret); > + goto out; > + } > + > + if (dd->ivlen >= (2 * DEFAULT_RNG_BLK_SZ + AES_KEYSIZE_128)) { > + dt = dd->iv + DEFAULT_RNG_BLK_SZ + AES_KEYSIZE_128; > + } else { > + getnstimeofday(&ts); > + nsec = timespec_to_ns(&ts); > + do_div(nsec, 1000); > + nsec ^= dd->ctr << 56; > + dd->ctr++; > + tmp[0] = nsec; > + tmp[1] = tegra_chip_uid(); > + dt = (u8 *)tmp; > + } > + memcpy(dd->dt, dt, DEFAULT_RNG_BLK_SZ); > + > +out: > + clk_disable(dd->aes_clk); > + mutex_unlock(&aes_lock); > + > + dev_dbg(dd->dev, "%s: done\n", __func__); > + return ret; > +} > + > +static int tegra_aes_cra_init(struct crypto_tfm *tfm) > +{ > + tfm->crt_ablkcipher.reqsize = sizeof(struct tegra_aes_reqctx); > + > + return 0; > +} > + > +void tegra_aes_cra_exit(struct crypto_tfm *tfm) > +{ > + struct tegra_aes_ctx *ctx = > + crypto_ablkcipher_ctx((struct crypto_ablkcipher *)tfm); > + > + if (ctx && ctx->slot) > + aes_release_key_slot(ctx); > +} > + > +static struct crypto_alg algs[] = { > + { > + .cra_name = "ecb(aes)", > + .cra_driver_name = "ecb-aes-tegra", > + .cra_priority = 300, > + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, > + .cra_blocksize = AES_BLOCK_SIZE, > + .cra_alignmask = 3, > + .cra_type = &crypto_ablkcipher_type, > + .cra_u.ablkcipher = { > + .min_keysize = AES_MIN_KEY_SIZE, > + .max_keysize = AES_MAX_KEY_SIZE, > + .setkey = tegra_aes_setkey, > + .encrypt = tegra_aes_ecb_encrypt, > + .decrypt = tegra_aes_ecb_decrypt, > + }, > + }, { > + .cra_name = "cbc(aes)", > + .cra_driver_name = "cbc-aes-tegra", > + .cra_priority = 300, > + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, > + .cra_blocksize = AES_BLOCK_SIZE, > + .cra_alignmask = 3, > + .cra_type = &crypto_ablkcipher_type, > + .cra_u.ablkcipher = { > + .min_keysize = AES_MIN_KEY_SIZE, > + .max_keysize = AES_MAX_KEY_SIZE, > + .ivsize = AES_MIN_KEY_SIZE, > + .setkey = tegra_aes_setkey, > + .encrypt = tegra_aes_cbc_encrypt, > + .decrypt = tegra_aes_cbc_decrypt, > + } > + }, { > + .cra_name = "ofb(aes)", > + .cra_driver_name = "ofb-aes-tegra", > + .cra_priority = 300, > + .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC, > + .cra_blocksize = AES_BLOCK_SIZE, > + .cra_alignmask = 3, > + .cra_type = &crypto_ablkcipher_type, > + .cra_u.ablkcipher = { > + .min_keysize = AES_MIN_KEY_SIZE, > + .max_keysize = AES_MAX_KEY_SIZE, > + .ivsize = AES_MIN_KEY_SIZE, > + .setkey = tegra_aes_setkey, > + .encrypt = tegra_aes_ofb_encrypt, > + .decrypt = tegra_aes_ofb_decrypt, > + } > + }, { > + .cra_name = "ansi_cprng", > + .cra_driver_name = "rng-aes-tegra", > + .cra_flags = CRYPTO_ALG_TYPE_RNG, > + .cra_ctxsize = sizeof(struct tegra_aes_ctx), > + .cra_type = &crypto_rng_type, > + .cra_u.rng = { > + .rng_make_random = tegra_aes_get_random, > + .rng_reset = tegra_aes_rng_reset, > + .seedsize = AES_KEYSIZE_128 + (2 * DEFAULT_RNG_BLK_SZ), > + } > + } > +}; > + > +static int tegra_aes_probe(struct platform_device *pdev) > +{ > + struct device *dev = &pdev->dev; > + struct tegra_aes_dev *dd; > + struct resource *res; > + int err = -ENOMEM, i = 0, j; > + > + dd = devm_kzalloc(dev, sizeof(struct tegra_aes_dev), GFP_KERNEL); > + if (dd == NULL) { > + dev_err(dev, "unable to alloc data struct.\n"); > + return err; > + } > + > + dd->dev = dev; > + platform_set_drvdata(pdev, dd); > + > + dd->slots = devm_kzalloc(dev, sizeof(struct tegra_aes_slot) * > + AES_NR_KEYSLOTS, GFP_KERNEL); > + if (dd->slots == NULL) { > + dev_err(dev, "unable to alloc slot struct.\n"); > + goto out; > + } > + > + spin_lock_init(&dd->lock); > + crypto_init_queue(&dd->queue, TEGRA_AES_QUEUE_LENGTH); > + > + /* Get the module base address */ > + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); > + if (!res) { > + dev_err(dev, "invalid resource type: base\n"); > + err = -ENODEV; > + goto out; > + } > + > + if (!devm_request_mem_region(&pdev->dev, res->start, > + resource_size(res), > + dev_name(&pdev->dev))) { > + dev_err(&pdev->dev, "Couldn't request MEM resource\n"); > + return -ENODEV; > + } > + > + dd->io_base = devm_ioremap(dev, res->start, resource_size(res)); > + if (!dd->io_base) { > + dev_err(dev, "can't ioremap register space\n"); > + err = -ENOMEM; > + goto out; > + } > + > + /* Initialize the vde clock */ > + dd->aes_clk = clk_get(dev, "vde"); > + if (IS_ERR(dd->aes_clk)) { > + dev_err(dev, "iclock intialization failed.\n"); > + err = -ENODEV; > + goto out; > + } > + > + err = clk_set_rate(dd->aes_clk, ULONG_MAX); > + if (err) { > + dev_err(dd->dev, "iclk set_rate fail(%d)\n", err); > + goto out; > + } > + > + /* > + * the foll contiguous memory is allocated as follows - > + * - hardware key table > + * - key schedule > + */ > + dd->ivkey_base = dma_alloc_coherent(dev, AES_HW_KEY_TABLE_LENGTH_BYTES, > + &dd->ivkey_phys_base, > + GFP_KERNEL); > + if (!dd->ivkey_base) { > + dev_err(dev, "can not allocate iv/key buffer\n"); > + err = -ENOMEM; > + goto out; > + } > + > + dd->buf_in = dma_alloc_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, > + &dd->dma_buf_in, GFP_KERNEL); > + if (!dd->buf_in) { > + dev_err(dev, "can not allocate dma-in buffer\n"); > + err = -ENOMEM; > + goto out; > + } > + > + dd->buf_out = dma_alloc_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, > + &dd->dma_buf_out, GFP_KERNEL); > + if (!dd->buf_out) { > + dev_err(dev, "can not allocate dma-out buffer\n"); > + err = -ENOMEM; > + goto out; > + } > + > + init_completion(&dd->op_complete); > + aes_wq = alloc_workqueue("tegra_aes_wq", WQ_HIGHPRI | WQ_UNBOUND, 1); > + if (!aes_wq) { > + dev_err(dev, "alloc_workqueue failed\n"); > + goto out; > + } > + > + /* get the irq */ > + res = platform_get_resource(pdev, IORESOURCE_IRQ, 0); > + if (!res) { > + dev_err(dev, "invalid resource type: base\n"); > + err = -ENODEV; > + goto out; > + } > + dd->irq = res->start; > + > + err = request_irq(dd->irq, aes_irq, IRQF_TRIGGER_HIGH | > + IRQF_SHARED, "tegra-aes", dd); devm_request_irq()? > + if (err) { > + dev_err(dev, "request_irq failed\n"); > + goto out; > + } > + > + spin_lock_init(&list_lock); > + spin_lock(&list_lock); > + for (i = 0; i < AES_NR_KEYSLOTS; i++) { > + if (i == SSK_SLOT_NUM) > + continue; > + dd->slots[i].available = true; > + dd->slots[i].slot_num = i; > + INIT_LIST_HEAD(&dd->slots[i].node); > + list_add_tail(&dd->slots[i].node, &dev_list); > + } > + spin_unlock(&list_lock); > + > + aes_dev = dd; > + for (i = 0; i < ARRAY_SIZE(algs); i++) { > + INIT_LIST_HEAD(&algs[i].cra_list); > + > + algs[i].cra_priority = 300; > + algs[i].cra_ctxsize = sizeof(struct tegra_aes_ctx); > + algs[i].cra_module = THIS_MODULE; > + algs[i].cra_init = tegra_aes_cra_init; > + algs[i].cra_exit = tegra_aes_cra_exit; > + > + err = crypto_register_alg(&algs[i]); > + if (err) > + goto out; > + } > + > + dev_info(dev, "registered"); > + return 0; > + > +out: > + for (j = 0; j < i; j++) > + crypto_unregister_alg(&algs[j]); > + if (dd->ivkey_base) > + dma_free_coherent(dev, AES_HW_KEY_TABLE_LENGTH_BYTES, > + dd->ivkey_base, dd->ivkey_phys_base); > + if (dd->buf_in) > + dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, > + dd->buf_in, dd->dma_buf_in); > + if (dd->buf_out) > + dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, > + dd->buf_out, dd->dma_buf_out); > + if (dd->aes_clk) > + clk_put(dd->aes_clk); Note that clk_get() _can_ return NULL as a valid clk even if it doesn't on tegra which makes this check a little difficult. > + if (aes_wq) > + destroy_workqueue(aes_wq); > + free_irq(dd->irq, dd); > + spin_lock(&list_lock); > + list_del(&dev_list); > + spin_unlock(&list_lock); > + > + aes_dev = NULL; > + > + dev_err(dev, "%s: initialization failed.\n", __func__); > + return err; > +} > + > +static int __devexit tegra_aes_remove(struct platform_device *pdev) > +{ > + struct device *dev = &pdev->dev; > + struct tegra_aes_dev *dd = platform_get_drvdata(pdev); > + int i; > + > + cancel_work_sync(&aes_work); > + destroy_workqueue(aes_wq); > + free_irq(dd->irq, dd); > + spin_lock(&list_lock); > + list_del(&dev_list); > + spin_unlock(&list_lock); > + > + for (i = 0; i < ARRAY_SIZE(algs); i++) > + crypto_unregister_alg(&algs[i]); I think you probably want to unregister the algs before freeing the resources in case of a race. > + > + dma_free_coherent(dev, AES_HW_KEY_TABLE_LENGTH_BYTES, > + dd->ivkey_base, dd->ivkey_phys_base); > + dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, > + dd->buf_in, dd->dma_buf_in); > + dma_free_coherent(dev, AES_HW_DMA_BUFFER_SIZE_BYTES, > + dd->buf_out, dd->dma_buf_out); > + clk_put(dd->aes_clk); > + aes_dev = NULL; > + > + return 0; > +} > + > +static struct of_device_id tegra_aes_of_match[] __devinitdata = { > + { .compatible = "nvidia,tegra20-aes", }, > + { .compatible = "nvidia,tegra30-aes", }, > + { }, > +}; > + > +static struct platform_driver tegra_aes_driver = { > + .probe = tegra_aes_probe, > + .remove = __devexit_p(tegra_aes_remove), > + .driver = { > + .name = "tegra-aes", > + .owner = THIS_MODULE, > + .of_match_table = tegra_aes_of_match, > + }, > +}; > + > +static int __init tegra_aes_module_init(void) > +{ > + mutex_init(&aes_lock); > + INIT_LIST_HEAD(&dev_list); I'm not sure that you need these as you have the static initializers. If you remove these then you could use module_platform_driver() from next to remove some of the boilerplate code. > + return platform_driver_register(&tegra_aes_driver); > +} > + > +static void __exit tegra_aes_module_exit(void) > +{ > + platform_driver_unregister(&tegra_aes_driver); > +} > + > +module_init(tegra_aes_module_init); > +module_exit(tegra_aes_module_exit); > + > +MODULE_DESCRIPTION("Tegra AES/OFB/CPRNG hw acceleration support."); > +MODULE_AUTHOR("NVIDIA Corporation"); > +MODULE_LICENSE("GPL v2"); > diff --git a/drivers/crypto/tegra-aes.h b/drivers/crypto/tegra-aes.h > new file mode 100644 > index 0000000..6006333 > --- /dev/null > +++ b/drivers/crypto/tegra-aes.h > @@ -0,0 +1,103 @@ > +/* > + * Copyright (c) 2010, NVIDIA Corporation. > + * > + * This program is free software; you can redistribute it and/or modify > + * it under the terms of the GNU General Public License as published by > + * the Free Software Foundation; either version 2 of the License, or > + * (at your option) any later version. > + * > + * This program is distributed in the hope that it will be useful, but WITHOUT > + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or > + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for > + * more details. > + * > + * You should have received a copy of the GNU General Public License along > + * with this program; if not, write to the Free Software Foundation, Inc., > + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. > + */ > + > +#ifndef __CRYPTODEV_TEGRA_AES_H > +#define __CRYPTODEV_TEGRA_AES_H > + > +#define TEGRA_AES_ICMDQUE_WR 0x1000 > +#define TEGRA_AES_CMDQUE_CONTROL 0x1008 > +#define TEGRA_AES_INTR_STATUS 0x1018 > +#define TEGRA_AES_INT_ENB 0x1040 > +#define TEGRA_AES_CONFIG 0x1044 > +#define TEGRA_AES_IRAM_ACCESS_CFG 0x10A0 > +#define TEGRA_AES_SECURE_DEST_ADDR 0x1100 > +#define TEGRA_AES_SECURE_INPUT_SELECT 0x1104 > +#define TEGRA_AES_SECURE_CONFIG 0x1108 > +#define TEGRA_AES_SECURE_CONFIG_EXT 0x110C > +#define TEGRA_AES_SECURE_SECURITY 0x1110 > +#define TEGRA_AES_SECURE_HASH_RESULT0 0x1120 > +#define TEGRA_AES_SECURE_HASH_RESULT1 0x1124 > +#define TEGRA_AES_SECURE_HASH_RESULT2 0x1128 > +#define TEGRA_AES_SECURE_HASH_RESULT3 0x112C > +#define TEGRA_AES_SECURE_SEC_SEL0 0x1140 > +#define TEGRA_AES_SECURE_SEC_SEL1 0x1144 > +#define TEGRA_AES_SECURE_SEC_SEL2 0x1148 > +#define TEGRA_AES_SECURE_SEC_SEL3 0x114C > +#define TEGRA_AES_SECURE_SEC_SEL4 0x1150 > +#define TEGRA_AES_SECURE_SEC_SEL5 0x1154 > +#define TEGRA_AES_SECURE_SEC_SEL6 0x1158 > +#define TEGRA_AES_SECURE_SEC_SEL7 0x115C > + > +/* interrupt status reg masks and shifts */ > +#define TEGRA_AES_ENGINE_BUSY_FIELD BIT(0) > +#define TEGRA_AES_ICQ_EMPTY_FIELD BIT(3) > +#define TEGRA_AES_DMA_BUSY_FIELD BIT(23) > + > +/* secure select reg masks and shifts */ > +#define TEGRA_AES_SECURE_SEL0_KEYREAD_ENB0_FIELD BIT(0) > + > +/* secure config ext masks and shifts */ > +#define TEGRA_AES_SECURE_KEY_SCH_DIS_FIELD BIT(15) > + > +/* secure config masks and shifts */ > +#define TEGRA_AES_SECURE_KEY_INDEX_SHIFT 20 > +#define TEGRA_AES_SECURE_KEY_INDEX_FIELD (0x1F << TEGRA_AES_SECURE_KEY_INDEX_SHIFT) > +#define TEGRA_AES_SECURE_BLOCK_CNT_SHIFT 0 > +#define TEGRA_AES_SECURE_BLOCK_CNT_FIELD (0xFFFFF << TEGRA_AES_SECURE_BLOCK_CNT_SHIFT) > + > +/* stream interface select masks and shifts */ > +#define TEGRA_AES_CMDQ_CTRL_UCMDQEN_FIELD BIT(0) > +#define TEGRA_AES_CMDQ_CTRL_ICMDQEN_FIELD BIT(1) > +#define TEGRA_AES_CMDQ_CTRL_SRC_STM_SEL_FIELD BIT(4) > +#define TEGRA_AES_CMDQ_CTRL_DST_STM_SEL_FIELD BIT(5) > + > +/* config register masks and shifts */ > +#define TEGRA_AES_CONFIG_ENDIAN_ENB_FIELD BIT(10) > +#define TEGRA_AES_CONFIG_MODE_SEL_SHIFT 0 > +#define TEGRA_AES_CONFIG_MODE_SEL_FIELD (0x1F << TEGRA_AES_CONFIG_MODE_SEL_SHIFT) > + > +/* extended config */ > +#define TEGRA_AES_SECURE_OFFSET_CNT_SHIFT 24 > +#define TEGRA_AES_SECURE_OFFSET_CNT_FIELD (0xFF << TEGRA_AES_SECURE_OFFSET_CNT_SHIFT) > +#define TEGRA_AES_SECURE_KEYSCHED_GEN_FIELD BIT(15) > + > +/* init vector select */ > +#define TEGRA_AES_SECURE_IV_SELECT_SHIFT 10 > +#define TEGRA_AES_SECURE_IV_SELECT_FIELD BIT(10) > + > +/* secure engine input */ > +#define TEGRA_AES_SECURE_INPUT_ALG_SEL_SHIFT 28 > +#define TEGRA_AES_SECURE_INPUT_ALG_SEL_FIELD (0xF << TEGRA_AES_SECURE_INPUT_ALG_SEL_SHIFT) > +#define TEGRA_AES_SECURE_INPUT_KEY_LEN_SHIFT 16 > +#define TEGRA_AES_SECURE_INPUT_KEY_LEN_FIELD (0xFFF << TEGRA_AES_SECURE_INPUT_KEY_LEN_SHIFT) > +#define TEGRA_AES_SECURE_RNG_ENB_FIELD BIT(11) > +#define TEGRA_AES_SECURE_CORE_SEL_SHIFT 9 > +#define TEGRA_AES_SECURE_CORE_SEL_FIELD BIT(9) > +#define TEGRA_AES_SECURE_VCTRAM_SEL_SHIFT 7 > +#define TEGRA_AES_SECURE_VCTRAM_SEL_FIELD (0x3 << TEGRA_AES_SECURE_VCTRAM_SEL_SHIFT) > +#define TEGRA_AES_SECURE_INPUT_SEL_SHIFT 5 > +#define TEGRA_AES_SECURE_INPUT_SEL_FIELD (0x3 << TEGRA_AES_SECURE_INPUT_SEL_SHIFT) > +#define TEGRA_AES_SECURE_XOR_POS_SHIFT 3 > +#define TEGRA_AES_SECURE_XOR_POS_FIELD (0x3 << TEGRA_AES_SECURE_XOR_POS_SHIFT) > +#define TEGRA_AES_SECURE_HASH_ENB_FIELD BIT(2) > +#define TEGRA_AES_SECURE_ON_THE_FLY_FIELD BIT(0) > + > +/* interrupt error mask */ > +#define TEGRA_AES_INT_ERROR_MASK 0xFFF000 > + > +#endif > -- > 1.7.1 > > -- > To unsubscribe from this list: send the line "unsubscribe linux-crypto" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html