2 * SHA-512 routines supporting the Power 7+ Nest Accelerators driver
4 * Copyright (C) 2011-2012 International Business Machines Inc.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; version 2 only.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19 * Author: Kent Yoder <yoder1@us.ibm.com>
22 #include <crypto/internal/hash.h>
23 #include <crypto/sha.h>
24 #include <linux/module.h>
27 #include "nx_csbcpb.h"
31 static int nx_crypto_ctx_sha512_init(struct crypto_tfm *tfm)
33 struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(tfm);
36 err = nx_crypto_ctx_sha_init(tfm);
40 nx_ctx_init(nx_ctx, HCOP_FC_SHA);
42 nx_ctx->ap = &nx_ctx->props[NX_PROPS_SHA512];
44 NX_CPB_SET_DIGEST_SIZE(nx_ctx->csbcpb, NX_DS_SHA512);
49 static int nx_sha512_init(struct shash_desc *desc)
51 struct sha512_state *sctx = shash_desc_ctx(desc);
53 memset(sctx, 0, sizeof *sctx);
55 sctx->state[0] = __cpu_to_be64(SHA512_H0);
56 sctx->state[1] = __cpu_to_be64(SHA512_H1);
57 sctx->state[2] = __cpu_to_be64(SHA512_H2);
58 sctx->state[3] = __cpu_to_be64(SHA512_H3);
59 sctx->state[4] = __cpu_to_be64(SHA512_H4);
60 sctx->state[5] = __cpu_to_be64(SHA512_H5);
61 sctx->state[6] = __cpu_to_be64(SHA512_H6);
62 sctx->state[7] = __cpu_to_be64(SHA512_H7);
68 static int nx_sha512_update(struct shash_desc *desc, const u8 *data,
71 struct sha512_state *sctx = shash_desc_ctx(desc);
72 struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(&desc->tfm->base);
73 struct nx_csbcpb *csbcpb = (struct nx_csbcpb *)nx_ctx->csbcpb;
76 u64 to_process, leftover = 0, total;
77 unsigned long irq_flags;
81 u64 buf_len = (sctx->count[0] % SHA512_BLOCK_SIZE);
83 spin_lock_irqsave(&nx_ctx->lock, irq_flags);
85 /* 2 cases for total data len:
86 * 1: < SHA512_BLOCK_SIZE: copy into state, return 0
87 * 2: >= SHA512_BLOCK_SIZE: process X blocks, copy in leftover
89 total = (sctx->count[0] % SHA512_BLOCK_SIZE) + len;
90 if (total < SHA512_BLOCK_SIZE) {
91 memcpy(sctx->buf + buf_len, data, len);
92 sctx->count[0] += len;
96 memcpy(csbcpb->cpb.sha512.message_digest, sctx->state, SHA512_DIGEST_SIZE);
97 NX_CPB_FDM(csbcpb) |= NX_FDM_INTERMEDIATE;
98 NX_CPB_FDM(csbcpb) |= NX_FDM_CONTINUATION;
100 in_sg = nx_ctx->in_sg;
101 max_sg_len = min_t(u64, nx_ctx->ap->sglen,
102 nx_driver.of.max_sg_len/sizeof(struct nx_sg));
103 max_sg_len = min_t(u64, max_sg_len,
104 nx_ctx->ap->databytelen/NX_PAGE_SIZE);
106 data_len = SHA512_DIGEST_SIZE;
107 out_sg = nx_build_sg_list(nx_ctx->out_sg, (u8 *)sctx->state,
108 &data_len, max_sg_len);
109 nx_ctx->op.outlen = (nx_ctx->out_sg - out_sg) * sizeof(struct nx_sg);
111 if (data_len != SHA512_DIGEST_SIZE) {
118 * to_process: the SHA512_BLOCK_SIZE data chunk to process in
119 * this update. This value is also restricted by the sg list
122 to_process = total - leftover;
123 to_process = to_process & ~(SHA512_BLOCK_SIZE - 1);
124 leftover = total - to_process;
128 in_sg = nx_build_sg_list(nx_ctx->in_sg,
130 &data_len, max_sg_len);
132 if (data_len != buf_len) {
138 data_len = to_process - buf_len;
139 in_sg = nx_build_sg_list(in_sg, (u8 *) data,
140 &data_len, max_sg_len);
142 nx_ctx->op.inlen = (nx_ctx->in_sg - in_sg) * sizeof(struct nx_sg);
144 if (data_len != (to_process - buf_len)) {
149 to_process = (data_len + buf_len);
150 leftover = total - to_process;
153 * we've hit the nx chip previously and we're updating
154 * again, so copy over the partial digest.
156 memcpy(csbcpb->cpb.sha512.input_partial_digest,
157 csbcpb->cpb.sha512.message_digest,
160 if (!nx_ctx->op.inlen || !nx_ctx->op.outlen) {
165 rc = nx_hcall_sync(nx_ctx, &nx_ctx->op,
166 desc->flags & CRYPTO_TFM_REQ_MAY_SLEEP);
170 atomic_inc(&(nx_ctx->stats->sha512_ops));
173 data += to_process - buf_len;
176 } while (leftover >= SHA512_BLOCK_SIZE);
178 /* copy the leftover back into the state struct */
180 memcpy(sctx->buf, data, leftover);
181 sctx->count[0] += len;
182 memcpy(sctx->state, csbcpb->cpb.sha512.message_digest, SHA512_DIGEST_SIZE);
184 spin_unlock_irqrestore(&nx_ctx->lock, irq_flags);
188 static int nx_sha512_final(struct shash_desc *desc, u8 *out)
190 struct sha512_state *sctx = shash_desc_ctx(desc);
191 struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(&desc->tfm->base);
192 struct nx_csbcpb *csbcpb = (struct nx_csbcpb *)nx_ctx->csbcpb;
193 struct nx_sg *in_sg, *out_sg;
196 unsigned long irq_flags;
200 spin_lock_irqsave(&nx_ctx->lock, irq_flags);
202 max_sg_len = min_t(u64, nx_ctx->ap->sglen,
203 nx_driver.of.max_sg_len/sizeof(struct nx_sg));
204 max_sg_len = min_t(u64, max_sg_len,
205 nx_ctx->ap->databytelen/NX_PAGE_SIZE);
207 /* final is represented by continuing the operation and indicating that
208 * this is not an intermediate operation */
209 if (sctx->count[0] >= SHA512_BLOCK_SIZE) {
210 /* we've hit the nx chip previously, now we're finalizing,
211 * so copy over the partial digest */
212 memcpy(csbcpb->cpb.sha512.input_partial_digest, sctx->state,
214 NX_CPB_FDM(csbcpb) &= ~NX_FDM_INTERMEDIATE;
215 NX_CPB_FDM(csbcpb) |= NX_FDM_CONTINUATION;
217 NX_CPB_FDM(csbcpb) &= ~NX_FDM_INTERMEDIATE;
218 NX_CPB_FDM(csbcpb) &= ~NX_FDM_CONTINUATION;
221 NX_CPB_FDM(csbcpb) &= ~NX_FDM_INTERMEDIATE;
223 count0 = sctx->count[0] * 8;
225 csbcpb->cpb.sha512.message_bit_length_lo = count0;
227 len = sctx->count[0] & (SHA512_BLOCK_SIZE - 1);
228 in_sg = nx_build_sg_list(nx_ctx->in_sg, sctx->buf, &len,
231 if (len != (sctx->count[0] & (SHA512_BLOCK_SIZE - 1))) {
236 len = SHA512_DIGEST_SIZE;
237 out_sg = nx_build_sg_list(nx_ctx->out_sg, out, &len,
240 nx_ctx->op.inlen = (nx_ctx->in_sg - in_sg) * sizeof(struct nx_sg);
241 nx_ctx->op.outlen = (nx_ctx->out_sg - out_sg) * sizeof(struct nx_sg);
243 if (!nx_ctx->op.outlen) {
248 rc = nx_hcall_sync(nx_ctx, &nx_ctx->op,
249 desc->flags & CRYPTO_TFM_REQ_MAY_SLEEP);
253 atomic_inc(&(nx_ctx->stats->sha512_ops));
254 atomic64_add(sctx->count[0], &(nx_ctx->stats->sha512_bytes));
256 memcpy(out, csbcpb->cpb.sha512.message_digest, SHA512_DIGEST_SIZE);
258 spin_unlock_irqrestore(&nx_ctx->lock, irq_flags);
262 static int nx_sha512_export(struct shash_desc *desc, void *out)
264 struct sha512_state *sctx = shash_desc_ctx(desc);
266 memcpy(out, sctx, sizeof(*sctx));
271 static int nx_sha512_import(struct shash_desc *desc, const void *in)
273 struct sha512_state *sctx = shash_desc_ctx(desc);
275 memcpy(sctx, in, sizeof(*sctx));
280 struct shash_alg nx_shash_sha512_alg = {
281 .digestsize = SHA512_DIGEST_SIZE,
282 .init = nx_sha512_init,
283 .update = nx_sha512_update,
284 .final = nx_sha512_final,
285 .export = nx_sha512_export,
286 .import = nx_sha512_import,
287 .descsize = sizeof(struct sha512_state),
288 .statesize = sizeof(struct sha512_state),
290 .cra_name = "sha512",
291 .cra_driver_name = "sha512-nx",
293 .cra_flags = CRYPTO_ALG_TYPE_SHASH,
294 .cra_blocksize = SHA512_BLOCK_SIZE,
295 .cra_module = THIS_MODULE,
296 .cra_ctxsize = sizeof(struct nx_crypto_ctx),
297 .cra_init = nx_crypto_ctx_sha512_init,
298 .cra_exit = nx_crypto_ctx_exit,