Skip to content

Commit 5c83e8e

Browse files
ofirdrangherbertx
ofirdrang
authored and
herbertx
committed
crypto: ccree - fix FDE descriptor sequence
In FDE mode (xts, essiv and bitlocker) the cryptocell hardware requires that the the XEX key will be loaded after Key1. Signed-off-by: Ofir Drang <[email protected]> Cc: [email protected] Signed-off-by: Herbert Xu <[email protected]>
1 parent 8b0c436 commit 5c83e8e

File tree

1 file changed

+45
-3
lines changed

1 file changed

+45
-3
lines changed

drivers/crypto/ccree/cc_cipher.c

Lines changed: 45 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -520,6 +520,7 @@ static void cc_setup_readiv_desc(struct crypto_tfm *tfm,
520520
}
521521
}
522522

523+
523524
static void cc_setup_state_desc(struct crypto_tfm *tfm,
524525
struct cipher_req_ctx *req_ctx,
525526
unsigned int ivsize, unsigned int nbytes,
@@ -531,8 +532,6 @@ static void cc_setup_state_desc(struct crypto_tfm *tfm,
531532
int cipher_mode = ctx_p->cipher_mode;
532533
int flow_mode = ctx_p->flow_mode;
533534
int direction = req_ctx->gen_ctx.op_type;
534-
dma_addr_t key_dma_addr = ctx_p->user.key_dma_addr;
535-
unsigned int key_len = ctx_p->keylen;
536535
dma_addr_t iv_dma_addr = req_ctx->gen_ctx.iv_dma_addr;
537536
unsigned int du_size = nbytes;
538537

@@ -567,6 +566,47 @@ static void cc_setup_state_desc(struct crypto_tfm *tfm,
567566
break;
568567
case DRV_CIPHER_XTS:
569568
case DRV_CIPHER_ESSIV:
569+
case DRV_CIPHER_BITLOCKER:
570+
break;
571+
default:
572+
dev_err(dev, "Unsupported cipher mode (%d)\n", cipher_mode);
573+
}
574+
}
575+
576+
577+
static void cc_setup_xex_state_desc(struct crypto_tfm *tfm,
578+
struct cipher_req_ctx *req_ctx,
579+
unsigned int ivsize, unsigned int nbytes,
580+
struct cc_hw_desc desc[],
581+
unsigned int *seq_size)
582+
{
583+
struct cc_cipher_ctx *ctx_p = crypto_tfm_ctx(tfm);
584+
struct device *dev = drvdata_to_dev(ctx_p->drvdata);
585+
int cipher_mode = ctx_p->cipher_mode;
586+
int flow_mode = ctx_p->flow_mode;
587+
int direction = req_ctx->gen_ctx.op_type;
588+
dma_addr_t key_dma_addr = ctx_p->user.key_dma_addr;
589+
unsigned int key_len = ctx_p->keylen;
590+
dma_addr_t iv_dma_addr = req_ctx->gen_ctx.iv_dma_addr;
591+
unsigned int du_size = nbytes;
592+
593+
struct cc_crypto_alg *cc_alg =
594+
container_of(tfm->__crt_alg, struct cc_crypto_alg,
595+
skcipher_alg.base);
596+
597+
if (cc_alg->data_unit)
598+
du_size = cc_alg->data_unit;
599+
600+
switch (cipher_mode) {
601+
case DRV_CIPHER_ECB:
602+
break;
603+
case DRV_CIPHER_CBC:
604+
case DRV_CIPHER_CBC_CTS:
605+
case DRV_CIPHER_CTR:
606+
case DRV_CIPHER_OFB:
607+
break;
608+
case DRV_CIPHER_XTS:
609+
case DRV_CIPHER_ESSIV:
570610
case DRV_CIPHER_BITLOCKER:
571611
/* load XEX key */
572612
hw_desc_init(&desc[*seq_size]);
@@ -877,12 +917,14 @@ static int cc_cipher_process(struct skcipher_request *req,
877917

878918
/* STAT_PHASE_2: Create sequence */
879919

880-
/* Setup IV and XEX key used */
920+
/* Setup state (IV) */
881921
cc_setup_state_desc(tfm, req_ctx, ivsize, nbytes, desc, &seq_len);
882922
/* Setup MLLI line, if needed */
883923
cc_setup_mlli_desc(tfm, req_ctx, dst, src, nbytes, req, desc, &seq_len);
884924
/* Setup key */
885925
cc_setup_key_desc(tfm, req_ctx, nbytes, desc, &seq_len);
926+
/* Setup state (IV and XEX key) */
927+
cc_setup_xex_state_desc(tfm, req_ctx, ivsize, nbytes, desc, &seq_len);
886928
/* Data processing */
887929
cc_setup_flow_desc(tfm, req_ctx, dst, src, nbytes, desc, &seq_len);
888930
/* Read next IV */

0 commit comments

Comments
 (0)