2 * SHA-512 routines supporting the Power 7+ Nest Accelerators driver
4 * Copyright (C) 2011-2012 International Business Machines Inc.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; version 2 only.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19 * Author: Kent Yoder <yoder1@us.ibm.com>
22 #include <crypto/internal/hash.h>
23 #include <crypto/sha.h>
24 #include <linux/module.h>
27 #include "nx_csbcpb.h"
31 static int nx_sha512_init(struct shash_desc *desc)
33 struct sha512_state *sctx = shash_desc_ctx(desc);
34 struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(&desc->tfm->base);
39 nx_ctx_init(nx_ctx, HCOP_FC_SHA);
41 memset(sctx, 0, sizeof *sctx);
43 nx_ctx->ap = &nx_ctx->props[NX_PROPS_SHA512];
45 NX_CPB_SET_DIGEST_SIZE(nx_ctx->csbcpb, NX_DS_SHA512);
47 max_sg_len = min_t(u64, nx_ctx->ap->sglen,
48 nx_driver.of.max_sg_len/sizeof(struct nx_sg));
49 max_sg_len = min_t(u64, max_sg_len,
50 nx_ctx->ap->databytelen/NX_PAGE_SIZE);
52 len = SHA512_DIGEST_SIZE;
53 out_sg = nx_build_sg_list(nx_ctx->out_sg, (u8 *)sctx->state,
55 nx_ctx->op.outlen = (nx_ctx->out_sg - out_sg) * sizeof(struct nx_sg);
57 if (len != SHA512_DIGEST_SIZE)
60 sctx->state[0] = __cpu_to_be64(SHA512_H0);
61 sctx->state[1] = __cpu_to_be64(SHA512_H1);
62 sctx->state[2] = __cpu_to_be64(SHA512_H2);
63 sctx->state[3] = __cpu_to_be64(SHA512_H3);
64 sctx->state[4] = __cpu_to_be64(SHA512_H4);
65 sctx->state[5] = __cpu_to_be64(SHA512_H5);
66 sctx->state[6] = __cpu_to_be64(SHA512_H6);
67 sctx->state[7] = __cpu_to_be64(SHA512_H7);
73 static int nx_sha512_update(struct shash_desc *desc, const u8 *data,
76 struct sha512_state *sctx = shash_desc_ctx(desc);
77 struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(&desc->tfm->base);
78 struct nx_csbcpb *csbcpb = (struct nx_csbcpb *)nx_ctx->csbcpb;
80 u64 to_process, leftover = 0, total;
81 unsigned long irq_flags;
85 u64 buf_len = (sctx->count[0] % SHA512_BLOCK_SIZE);
87 spin_lock_irqsave(&nx_ctx->lock, irq_flags);
89 /* 2 cases for total data len:
90 * 1: < SHA512_BLOCK_SIZE: copy into state, return 0
91 * 2: >= SHA512_BLOCK_SIZE: process X blocks, copy in leftover
93 total = (sctx->count[0] % SHA512_BLOCK_SIZE) + len;
94 if (total < SHA512_BLOCK_SIZE) {
95 memcpy(sctx->buf + buf_len, data, len);
96 sctx->count[0] += len;
100 memcpy(csbcpb->cpb.sha512.message_digest, sctx->state, SHA512_DIGEST_SIZE);
101 NX_CPB_FDM(csbcpb) |= NX_FDM_INTERMEDIATE;
102 NX_CPB_FDM(csbcpb) |= NX_FDM_CONTINUATION;
104 in_sg = nx_ctx->in_sg;
105 max_sg_len = min_t(u64, nx_ctx->ap->sglen,
106 nx_driver.of.max_sg_len/sizeof(struct nx_sg));
107 max_sg_len = min_t(u64, max_sg_len,
108 nx_ctx->ap->databytelen/NX_PAGE_SIZE);
112 * to_process: the SHA512_BLOCK_SIZE data chunk to process in
113 * this update. This value is also restricted by the sg list
116 to_process = total - leftover;
117 to_process = to_process & ~(SHA512_BLOCK_SIZE - 1);
118 leftover = total - to_process;
122 in_sg = nx_build_sg_list(nx_ctx->in_sg,
124 &data_len, max_sg_len);
126 if (data_len != buf_len) {
132 data_len = to_process - buf_len;
133 in_sg = nx_build_sg_list(in_sg, (u8 *) data,
134 &data_len, max_sg_len);
136 nx_ctx->op.inlen = (nx_ctx->in_sg - in_sg) * sizeof(struct nx_sg);
138 if (data_len != (to_process - buf_len)) {
143 to_process = (data_len + buf_len);
144 leftover = total - to_process;
147 * we've hit the nx chip previously and we're updating
148 * again, so copy over the partial digest.
150 memcpy(csbcpb->cpb.sha512.input_partial_digest,
151 csbcpb->cpb.sha512.message_digest,
154 if (!nx_ctx->op.inlen || !nx_ctx->op.outlen) {
159 rc = nx_hcall_sync(nx_ctx, &nx_ctx->op,
160 desc->flags & CRYPTO_TFM_REQ_MAY_SLEEP);
164 atomic_inc(&(nx_ctx->stats->sha512_ops));
167 data += to_process - buf_len;
170 } while (leftover >= SHA512_BLOCK_SIZE);
172 /* copy the leftover back into the state struct */
174 memcpy(sctx->buf, data, leftover);
175 sctx->count[0] += len;
176 memcpy(sctx->state, csbcpb->cpb.sha512.message_digest, SHA512_DIGEST_SIZE);
178 spin_unlock_irqrestore(&nx_ctx->lock, irq_flags);
182 static int nx_sha512_final(struct shash_desc *desc, u8 *out)
184 struct sha512_state *sctx = shash_desc_ctx(desc);
185 struct nx_crypto_ctx *nx_ctx = crypto_tfm_ctx(&desc->tfm->base);
186 struct nx_csbcpb *csbcpb = (struct nx_csbcpb *)nx_ctx->csbcpb;
187 struct nx_sg *in_sg, *out_sg;
190 unsigned long irq_flags;
194 spin_lock_irqsave(&nx_ctx->lock, irq_flags);
196 max_sg_len = min_t(u64, nx_ctx->ap->sglen,
197 nx_driver.of.max_sg_len/sizeof(struct nx_sg));
198 max_sg_len = min_t(u64, max_sg_len,
199 nx_ctx->ap->databytelen/NX_PAGE_SIZE);
201 /* final is represented by continuing the operation and indicating that
202 * this is not an intermediate operation */
203 if (sctx->count[0] >= SHA512_BLOCK_SIZE) {
204 /* we've hit the nx chip previously, now we're finalizing,
205 * so copy over the partial digest */
206 memcpy(csbcpb->cpb.sha512.input_partial_digest, sctx->state,
208 NX_CPB_FDM(csbcpb) &= ~NX_FDM_INTERMEDIATE;
209 NX_CPB_FDM(csbcpb) |= NX_FDM_CONTINUATION;
211 NX_CPB_FDM(csbcpb) &= ~NX_FDM_INTERMEDIATE;
212 NX_CPB_FDM(csbcpb) &= ~NX_FDM_CONTINUATION;
215 NX_CPB_FDM(csbcpb) &= ~NX_FDM_INTERMEDIATE;
217 count0 = sctx->count[0] * 8;
219 csbcpb->cpb.sha512.message_bit_length_lo = count0;
221 len = sctx->count[0] & (SHA512_BLOCK_SIZE - 1);
222 in_sg = nx_build_sg_list(nx_ctx->in_sg, sctx->buf, &len,
225 if (len != (sctx->count[0] & (SHA512_BLOCK_SIZE - 1))) {
230 len = SHA512_DIGEST_SIZE;
231 out_sg = nx_build_sg_list(nx_ctx->out_sg, out, &len,
234 nx_ctx->op.inlen = (nx_ctx->in_sg - in_sg) * sizeof(struct nx_sg);
235 nx_ctx->op.outlen = (nx_ctx->out_sg - out_sg) * sizeof(struct nx_sg);
237 if (!nx_ctx->op.outlen) {
242 rc = nx_hcall_sync(nx_ctx, &nx_ctx->op,
243 desc->flags & CRYPTO_TFM_REQ_MAY_SLEEP);
247 atomic_inc(&(nx_ctx->stats->sha512_ops));
248 atomic64_add(sctx->count[0], &(nx_ctx->stats->sha512_bytes));
250 memcpy(out, csbcpb->cpb.sha512.message_digest, SHA512_DIGEST_SIZE);
252 spin_unlock_irqrestore(&nx_ctx->lock, irq_flags);
256 static int nx_sha512_export(struct shash_desc *desc, void *out)
258 struct sha512_state *sctx = shash_desc_ctx(desc);
260 memcpy(out, sctx, sizeof(*sctx));
265 static int nx_sha512_import(struct shash_desc *desc, const void *in)
267 struct sha512_state *sctx = shash_desc_ctx(desc);
269 memcpy(sctx, in, sizeof(*sctx));
274 struct shash_alg nx_shash_sha512_alg = {
275 .digestsize = SHA512_DIGEST_SIZE,
276 .init = nx_sha512_init,
277 .update = nx_sha512_update,
278 .final = nx_sha512_final,
279 .export = nx_sha512_export,
280 .import = nx_sha512_import,
281 .descsize = sizeof(struct sha512_state),
282 .statesize = sizeof(struct sha512_state),
284 .cra_name = "sha512",
285 .cra_driver_name = "sha512-nx",
287 .cra_flags = CRYPTO_ALG_TYPE_SHASH,
288 .cra_blocksize = SHA512_BLOCK_SIZE,
289 .cra_module = THIS_MODULE,
290 .cra_ctxsize = sizeof(struct nx_crypto_ctx),
291 .cra_init = nx_crypto_ctx_sha_init,
292 .cra_exit = nx_crypto_ctx_exit,