Commit 1c876a90 authored by Gilad Ben-Yossef's avatar Gilad Ben-Yossef Committed by Herbert Xu
Browse files

crypto: ccree - add support for CryptoCell 703 



Add support for Arm TrustZone CryptoCell 703.
The 703 is a variant of the CryptoCell 713 that supports only
algorithms certified by the Chinesse Office of the State Commercial
Cryptography Administration (OSCCA).

Signed-off-by: default avatarGilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 946dca8f

drivers/crypto/Kconfig

+1 −1
Original line number Diff line number Diff line
@@ -767,7 +767,7 @@ config CRYPTO_DEV_CCREE 
	help

	  Say 'Y' to enable a driver for the REE interface of the Arm

	  TrustZone CryptoCell family of processors. Currently the

	  CryptoCell 713, 712, 710 and 630 are supported.

	  CryptoCell 713, 703, 712, 710 and 630 are supported.

	  Choose this if you wish to use hardware acceleration of

	  cryptographic operations on the system REE.

	  If unsure say Y.

drivers/crypto/ccree/cc_aead.c

+15 −1
Original line number Diff line number Diff line
@@ -2367,6 +2367,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_SHA1,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "authenc(hmac(sha1),cbc(des3_ede))",
@@ -2386,6 +2387,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_DES,

		.auth_mode = DRV_HASH_SHA1,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "authenc(hmac(sha256),cbc(aes))",
@@ -2405,6 +2407,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_SHA256,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "authenc(hmac(sha256),cbc(des3_ede))",
@@ -2424,6 +2427,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_DES,

		.auth_mode = DRV_HASH_SHA256,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "authenc(xcbc(aes),cbc(aes))",
@@ -2443,6 +2447,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_XCBC_MAC,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
@@ -2462,6 +2467,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_SHA1,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
@@ -2481,6 +2487,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_SHA256,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "authenc(xcbc(aes),rfc3686(ctr(aes)))",
@@ -2500,6 +2507,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_XCBC_MAC,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "ccm(aes)",
@@ -2519,6 +2527,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_NULL,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "rfc4309(ccm(aes))",
@@ -2538,6 +2547,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_NULL,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "gcm(aes)",
@@ -2557,6 +2567,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_NULL,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "rfc4106(gcm(aes))",
@@ -2576,6 +2587,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_NULL,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "rfc4543(gcm(aes))",
@@ -2595,6 +2607,7 @@ static struct cc_alg_template aead_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.auth_mode = DRV_HASH_NULL,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

};
@@ -2679,7 +2692,8 @@ int cc_aead_alloc(struct cc_drvdata *drvdata) 


	/* Linux crypto */

	for (alg = 0; alg < ARRAY_SIZE(aead_algs); alg++) {

		if (aead_algs[alg].min_hw_rev > drvdata->hw_rev)

		if ((aead_algs[alg].min_hw_rev > drvdata->hw_rev) ||

		    !(drvdata->std_bodies & aead_algs[alg].std_body))

			continue;



		t_alg = cc_create_aead_alg(&aead_algs[alg], dev);

drivers/crypto/ccree/cc_cipher.c

+37 −1
Original line number Diff line number Diff line
@@ -833,6 +833,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_XTS,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "xts512(paes)",
@@ -850,6 +851,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 512,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "xts4096(paes)",
@@ -867,6 +869,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 4096,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "essiv(paes)",
@@ -883,6 +886,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_ESSIV,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "essiv512(paes)",
@@ -900,6 +904,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 512,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "essiv4096(paes)",
@@ -917,6 +922,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 4096,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "bitlocker(paes)",
@@ -933,6 +939,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_BITLOCKER,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "bitlocker512(paes)",
@@ -950,6 +957,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 512,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "bitlocker4096(paes)",
@@ -967,6 +975,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 4096,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "ecb(paes)",
@@ -983,6 +992,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_ECB,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "cbc(paes)",
@@ -999,6 +1009,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CBC,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "ofb(paes)",
@@ -1015,6 +1026,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_OFB,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "cts(cbc(paes))",
@@ -1031,6 +1043,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CBC_CTS,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "ctr(paes)",
@@ -1047,6 +1060,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CTR,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "xts(aes)",
@@ -1063,6 +1077,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_XTS,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "xts512(aes)",
@@ -1080,6 +1095,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 512,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "xts4096(aes)",
@@ -1097,6 +1113,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 4096,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "essiv(aes)",
@@ -1113,6 +1130,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_ESSIV,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "essiv512(aes)",
@@ -1130,6 +1148,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 512,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "essiv4096(aes)",
@@ -1147,6 +1166,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 4096,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "bitlocker(aes)",
@@ -1163,6 +1183,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_BITLOCKER,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "bitlocker512(aes)",
@@ -1180,6 +1201,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 512,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "bitlocker4096(aes)",
@@ -1197,6 +1219,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.flow_mode = S_DIN_to_AES,

		.data_unit = 4096,

		.min_hw_rev = CC_HW_REV_712,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "ecb(aes)",
@@ -1213,6 +1236,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_ECB,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "cbc(aes)",
@@ -1229,6 +1253,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CBC,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "ofb(aes)",
@@ -1245,6 +1270,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_OFB,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "cts(cbc(aes))",
@@ -1261,6 +1287,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CBC_CTS,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "ctr(aes)",
@@ -1277,6 +1304,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CTR,

		.flow_mode = S_DIN_to_AES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "cbc(des3_ede)",
@@ -1293,6 +1321,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CBC,

		.flow_mode = S_DIN_to_DES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "ecb(des3_ede)",
@@ -1309,6 +1338,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_ECB,

		.flow_mode = S_DIN_to_DES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "cbc(des)",
@@ -1325,6 +1355,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CBC,

		.flow_mode = S_DIN_to_DES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "ecb(des)",
@@ -1341,6 +1372,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_ECB,

		.flow_mode = S_DIN_to_DES,

		.min_hw_rev = CC_HW_REV_630,

		.std_body = CC_STD_NIST,

	},

	{

		.name = "cbc(sm4)",
@@ -1357,6 +1389,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CBC,

		.flow_mode = S_DIN_to_SM4,

		.min_hw_rev = CC_HW_REV_713,

		.std_body = CC_STD_OSCCA,

	},

	{

		.name = "ecb(sm4)",
@@ -1373,6 +1406,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_ECB,

		.flow_mode = S_DIN_to_SM4,

		.min_hw_rev = CC_HW_REV_713,

		.std_body = CC_STD_OSCCA,

	},

	{

		.name = "ctr(sm4)",
@@ -1389,6 +1423,7 @@ static const struct cc_alg_template skcipher_algs[] = { 
		.cipher_mode = DRV_CIPHER_CTR,

		.flow_mode = S_DIN_to_SM4,

		.min_hw_rev = CC_HW_REV_713,

		.std_body = CC_STD_OSCCA,

	},

};
@@ -1464,7 +1499,8 @@ int cc_cipher_alloc(struct cc_drvdata *drvdata) 
	dev_dbg(dev, "Number of algorithms = %zu\n",

		ARRAY_SIZE(skcipher_algs));

	for (alg = 0; alg < ARRAY_SIZE(skcipher_algs); alg++) {

		if (skcipher_algs[alg].min_hw_rev > drvdata->hw_rev)

		if ((skcipher_algs[alg].min_hw_rev > drvdata->hw_rev) ||

		    !(drvdata->std_bodies & skcipher_algs[alg].std_body))

			continue;



		dev_dbg(dev, "creating %s\n", skcipher_algs[alg].driver_name);

drivers/crypto/ccree/cc_driver.c

+15 −4
Original line number Diff line number Diff line
@@ -39,27 +39,37 @@ struct cc_hw_data { 
	char *name;

	enum cc_hw_rev rev;

	u32 sig;

	int std_bodies;

};



/* Hardware revisions defs. */



/* The 703 is a OSCCA only variant of the 713 */

static const struct cc_hw_data cc703_hw = {

	.name = "703", .rev = CC_HW_REV_713, .std_bodies = CC_STD_OSCCA

};



static const struct cc_hw_data cc713_hw = {

	.name = "713", .rev = CC_HW_REV_713

	.name = "713", .rev = CC_HW_REV_713, .std_bodies = CC_STD_ALL

};



static const struct cc_hw_data cc712_hw = {

	.name = "712", .rev = CC_HW_REV_712, .sig =  0xDCC71200U

	.name = "712", .rev = CC_HW_REV_712, .sig =  0xDCC71200U,

	.std_bodies = CC_STD_ALL

};



static const struct cc_hw_data cc710_hw = {

	.name = "710", .rev = CC_HW_REV_710, .sig =  0xDCC63200U

	.name = "710", .rev = CC_HW_REV_710, .sig =  0xDCC63200U,

	.std_bodies = CC_STD_ALL

};



static const struct cc_hw_data cc630p_hw = {

	.name = "630P", .rev = CC_HW_REV_630, .sig = 0xDCC63000U

	.name = "630P", .rev = CC_HW_REV_630, .sig = 0xDCC63000U,

	.std_bodies = CC_STD_ALL

};



static const struct of_device_id arm_ccree_dev_of_match[] = {

	{ .compatible = "arm,cryptocell-703-ree", .data = &cc703_hw },

	{ .compatible = "arm,cryptocell-713-ree", .data = &cc713_hw },

	{ .compatible = "arm,cryptocell-712-ree", .data = &cc712_hw },

	{ .compatible = "arm,cryptocell-710-ree", .data = &cc710_hw },
@@ -209,6 +219,7 @@ static int init_cc_resources(struct platform_device *plat_dev) 
	hw_rev = (struct cc_hw_data *)dev_id->data;

	new_drvdata->hw_rev_name = hw_rev->name;

	new_drvdata->hw_rev = hw_rev->rev;

	new_drvdata->std_bodies = hw_rev->std_bodies;



	if (hw_rev->rev >= CC_HW_REV_712) {

		new_drvdata->axim_mon_offset = CC_REG(AXIM_MON_COMP);

drivers/crypto/ccree/cc_driver.h

+8 −0
Original line number Diff line number Diff line
@@ -45,6 +45,12 @@ enum cc_hw_rev { 
	CC_HW_REV_713 = 713

};



enum cc_std_body {

	CC_STD_NIST = 0x1,

	CC_STD_OSCCA = 0x2,

	CC_STD_ALL = 0x3

};



#define CC_COHERENT_CACHE_PARAMS 0xEEE



/* Maximum DMA mask supported by IP */
@@ -131,6 +137,7 @@ struct cc_drvdata { 
	u32 axim_mon_offset;

	u32 sig_offset;

	u32 ver_offset;

	int std_bodies;

};



struct cc_crypto_alg {
@@ -156,6 +163,7 @@ struct cc_alg_template { 
	int flow_mode; /* Note: currently, refers to the cipher mode only. */

	int auth_mode;

	u32 min_hw_rev;

	enum cc_std_body std_body;

	unsigned int data_unit;

	struct cc_drvdata *drvdata;

};

CRA Git | Maintained and supported by SUSTech CRA and CCSE