Commit 5060ffc9 authored by Gary R Hook's avatar Gary R Hook Committed by Herbert Xu

crypto: ccp - Add XTS-AES-256 support for CCP version 5

Signed-off-by: default avatarGary R Hook <gary.hook@amd.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 7f7216cf
...@@ -80,19 +80,24 @@ static int ccp_aes_xts_setkey(struct crypto_ablkcipher *tfm, const u8 *key, ...@@ -80,19 +80,24 @@ static int ccp_aes_xts_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
{ {
struct crypto_tfm *xfm = crypto_ablkcipher_tfm(tfm); struct crypto_tfm *xfm = crypto_ablkcipher_tfm(tfm);
struct ccp_ctx *ctx = crypto_tfm_ctx(xfm); struct ccp_ctx *ctx = crypto_tfm_ctx(xfm);
unsigned int ccpversion = ccp_version();
int ret; int ret;
ret = xts_check_key(xfm, key, key_len); ret = xts_check_key(xfm, key, key_len);
if (ret) if (ret)
return ret; return ret;
/* Only support 128-bit AES key with a 128-bit Tweak key, /* Version 3 devices support 128-bit keys; version 5 devices can
* otherwise use the fallback * accommodate 128- and 256-bit keys.
*/ */
switch (key_len) { switch (key_len) {
case AES_KEYSIZE_128 * 2: case AES_KEYSIZE_128 * 2:
memcpy(ctx->u.aes.key, key, key_len); memcpy(ctx->u.aes.key, key, key_len);
break; break;
case AES_KEYSIZE_256 * 2:
if (ccpversion > CCP_VERSION(3, 0))
memcpy(ctx->u.aes.key, key, key_len);
break;
} }
ctx->u.aes.key_len = key_len / 2; ctx->u.aes.key_len = key_len / 2;
sg_init_one(&ctx->u.aes.key_sg, ctx->u.aes.key, key_len); sg_init_one(&ctx->u.aes.key_sg, ctx->u.aes.key, key_len);
...@@ -105,6 +110,8 @@ static int ccp_aes_xts_crypt(struct ablkcipher_request *req, ...@@ -105,6 +110,8 @@ static int ccp_aes_xts_crypt(struct ablkcipher_request *req,
{ {
struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm); struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
struct ccp_aes_req_ctx *rctx = ablkcipher_request_ctx(req); struct ccp_aes_req_ctx *rctx = ablkcipher_request_ctx(req);
unsigned int ccpversion = ccp_version();
unsigned int fallback = 0;
unsigned int unit; unsigned int unit;
u32 unit_size; u32 unit_size;
int ret; int ret;
...@@ -131,8 +138,19 @@ static int ccp_aes_xts_crypt(struct ablkcipher_request *req, ...@@ -131,8 +138,19 @@ static int ccp_aes_xts_crypt(struct ablkcipher_request *req,
break; break;
} }
} }
if ((unit_size == CCP_XTS_AES_UNIT_SIZE__LAST) || /* The CCP has restrictions on block sizes. Also, a version 3 device
(ctx->u.aes.key_len != AES_KEYSIZE_128)) { * only supports AES-128 operations; version 5 CCPs support both
* AES-128 and -256 operations.
*/
if (unit_size == CCP_XTS_AES_UNIT_SIZE__LAST)
fallback = 1;
if ((ccpversion < CCP_VERSION(5, 0)) &&
(ctx->u.aes.key_len != AES_KEYSIZE_128))
fallback = 1;
if ((ctx->u.aes.key_len != AES_KEYSIZE_128) &&
(ctx->u.aes.key_len != AES_KEYSIZE_256))
fallback = 1;
if (fallback) {
SKCIPHER_REQUEST_ON_STACK(subreq, ctx->u.aes.tfm_skcipher); SKCIPHER_REQUEST_ON_STACK(subreq, ctx->u.aes.tfm_skcipher);
/* Use the fallback to process the request for any /* Use the fallback to process the request for any
......
...@@ -99,7 +99,7 @@ struct ccp_aes_ctx { ...@@ -99,7 +99,7 @@ struct ccp_aes_ctx {
struct scatterlist key_sg; struct scatterlist key_sg;
unsigned int key_len; unsigned int key_len;
u8 key[AES_MAX_KEY_SIZE]; u8 key[AES_MAX_KEY_SIZE * 2];
u8 nonce[CTR_RFC3686_NONCE_SIZE]; u8 nonce[CTR_RFC3686_NONCE_SIZE];
......
...@@ -1065,6 +1065,8 @@ static int ccp_run_xts_aes_cmd(struct ccp_cmd_queue *cmd_q, ...@@ -1065,6 +1065,8 @@ static int ccp_run_xts_aes_cmd(struct ccp_cmd_queue *cmd_q,
if (xts->key_len == AES_KEYSIZE_128) if (xts->key_len == AES_KEYSIZE_128)
aestype = CCP_AES_TYPE_128; aestype = CCP_AES_TYPE_128;
else if (xts->key_len == AES_KEYSIZE_256)
aestype = CCP_AES_TYPE_256;
else else
return -EINVAL; return -EINVAL;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment