tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: qat - refactor FW signing algorithm

The current implementation is designed to support single FW signing
authentication only.
Refactor the implementation to support other FW signing methods.

This does not include any functional change.

Co-developed-by: Suman Kumar Chakraborty <suman.kumar.chakraborty@intel.com>
Signed-off-by: Suman Kumar Chakraborty <suman.kumar.chakraborty@intel.com>
Signed-off-by: Jack Xu <jack.xu@intel.com>
Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Jack Xu and committed by
Herbert Xu 98943958 7e673b80

+84 -70
+84 -70
drivers/crypto/intel/qat/qat_common/qat_uclo.c
··· 1033 1033 return -EFAULT; 1034 1034 } 1035 1035 1036 + static unsigned int qat_uclo_simg_hdr2sign_len(struct icp_qat_fw_loader_handle *handle) 1037 + { 1038 + return ICP_QAT_AE_IMG_OFFSET(handle); 1039 + } 1040 + 1041 + static unsigned int qat_uclo_simg_hdr2cont_len(struct icp_qat_fw_loader_handle *handle) 1042 + { 1043 + return ICP_QAT_AE_IMG_OFFSET(handle); 1044 + } 1045 + 1046 + static unsigned int qat_uclo_simg_fw_type(struct icp_qat_fw_loader_handle *handle, void *img_ptr) 1047 + { 1048 + struct icp_qat_css_hdr *hdr = img_ptr; 1049 + 1050 + return hdr->fw_type; 1051 + } 1052 + 1036 1053 static int qat_uclo_map_suof_file_hdr(struct icp_qat_fw_loader_handle *handle, 1037 1054 struct icp_qat_suof_filehdr *suof_ptr, 1038 1055 int suof_size) ··· 1081 1064 struct icp_qat_suof_chunk_hdr *suof_chunk_hdr) 1082 1065 { 1083 1066 struct icp_qat_suof_handle *suof_handle = handle->sobj_handle; 1084 - unsigned int offset = ICP_QAT_AE_IMG_OFFSET(handle); 1085 - struct icp_qat_simg_ae_mode *ae_mode; 1067 + unsigned int offset = qat_uclo_simg_hdr2cont_len(handle); 1086 1068 struct icp_qat_suof_objhdr *suof_objhdr; 1069 + struct icp_qat_simg_ae_mode *ae_mode; 1087 1070 1088 1071 suof_img_hdr->simg_buf = (suof_handle->suof_buf + 1089 1072 suof_chunk_hdr->offset + ··· 1379 1362 } 1380 1363 1381 1364 static int qat_uclo_check_image(struct icp_qat_fw_loader_handle *handle, 1382 - char *image, unsigned int size, 1365 + void *image, unsigned int size, 1383 1366 unsigned int fw_type) 1384 1367 { 1385 1368 char *fw_type_name = fw_type ? "MMP" : "AE"; 1386 1369 unsigned int css_dword_size = sizeof(u32); 1370 + unsigned int header_len, simg_type; 1371 + struct icp_qat_css_hdr *css_hdr; 1387 1372 1388 1373 if (handle->chip_info->fw_auth) { 1389 - struct icp_qat_css_hdr *css_hdr = (struct icp_qat_css_hdr *)image; 1390 - unsigned int header_len = ICP_QAT_AE_IMG_OFFSET(handle); 1374 + header_len = qat_uclo_simg_hdr2sign_len(handle); 1375 + simg_type = qat_uclo_simg_fw_type(handle, image); 1391 1376 1377 + css_hdr = image; 1392 1378 if ((css_hdr->header_len * css_dword_size) != header_len) 1393 1379 goto err; 1394 1380 if ((css_hdr->size * css_dword_size) != size) 1395 1381 goto err; 1396 - if (fw_type != css_hdr->fw_type) 1382 + if (fw_type != simg_type) 1397 1383 goto err; 1398 1384 if (size <= header_len) 1399 1385 goto err; ··· 1423 1403 return -EINVAL; 1424 1404 } 1425 1405 1426 - static int qat_uclo_map_auth_fw(struct icp_qat_fw_loader_handle *handle, 1427 - char *image, unsigned int size, 1428 - struct icp_qat_fw_auth_desc **desc) 1406 + static int qat_uclo_build_auth_desc_RSA(struct icp_qat_fw_loader_handle *handle, 1407 + char *image, unsigned int size, 1408 + struct icp_firml_dram_desc *dram_desc, 1409 + unsigned int fw_type, struct icp_qat_fw_auth_desc **desc) 1429 1410 { 1430 1411 struct icp_qat_css_hdr *css_hdr = (struct icp_qat_css_hdr *)image; 1431 - struct icp_qat_fw_auth_desc *auth_desc; 1432 - struct icp_qat_auth_chunk *auth_chunk; 1433 - u64 virt_addr, bus_addr, virt_base; 1434 - unsigned int simg_offset = sizeof(*auth_chunk); 1435 1412 struct icp_qat_simg_ae_mode *simg_ae_mode; 1436 - struct icp_firml_dram_desc img_desc; 1437 - int ret; 1413 + struct icp_qat_fw_auth_desc *auth_desc; 1414 + char *virt_addr, *virt_base; 1415 + u64 bus_addr; 1438 1416 1439 - ret = qat_uclo_simg_alloc(handle, &img_desc, ICP_QAT_CSS_RSA4K_MAX_IMAGE_LEN); 1440 - if (ret) { 1441 - pr_err("error, allocate continuous dram fail\n"); 1442 - return ret; 1443 - } 1444 - 1445 - if (!IS_ALIGNED(img_desc.dram_size, 8) || !img_desc.dram_bus_addr) { 1446 - pr_debug("invalid address\n"); 1447 - qat_uclo_simg_free(handle, &img_desc); 1448 - return -EINVAL; 1449 - } 1450 - 1451 - auth_chunk = img_desc.dram_base_addr_v; 1452 - auth_chunk->chunk_size = img_desc.dram_size; 1453 - auth_chunk->chunk_bus_addr = img_desc.dram_bus_addr; 1454 - virt_base = (uintptr_t)img_desc.dram_base_addr_v + simg_offset; 1455 - bus_addr = img_desc.dram_bus_addr + simg_offset; 1456 - auth_desc = img_desc.dram_base_addr_v; 1457 - auth_desc->css_hdr_high = (unsigned int)(bus_addr >> BITS_PER_TYPE(u32)); 1458 - auth_desc->css_hdr_low = (unsigned int)bus_addr; 1417 + virt_base = dram_desc->dram_base_addr_v; 1418 + virt_base += sizeof(struct icp_qat_auth_chunk); 1419 + bus_addr = dram_desc->dram_bus_addr + sizeof(struct icp_qat_auth_chunk); 1420 + auth_desc = dram_desc->dram_base_addr_v; 1421 + auth_desc->css_hdr_high = upper_32_bits(bus_addr); 1422 + auth_desc->css_hdr_low = lower_32_bits(bus_addr); 1459 1423 virt_addr = virt_base; 1460 1424 1461 - memcpy((void *)(uintptr_t)virt_addr, image, sizeof(*css_hdr)); 1425 + memcpy(virt_addr, image, sizeof(*css_hdr)); 1462 1426 /* pub key */ 1463 1427 bus_addr = ADD_ADDR(auth_desc->css_hdr_high, auth_desc->css_hdr_low) + 1464 1428 sizeof(*css_hdr); 1465 1429 virt_addr = virt_addr + sizeof(*css_hdr); 1466 1430 1467 - auth_desc->fwsk_pub_high = (unsigned int)(bus_addr >> BITS_PER_TYPE(u32)); 1468 - auth_desc->fwsk_pub_low = (unsigned int)bus_addr; 1431 + auth_desc->fwsk_pub_high = upper_32_bits(bus_addr); 1432 + auth_desc->fwsk_pub_low = lower_32_bits(bus_addr); 1469 1433 1470 - memcpy((void *)(uintptr_t)virt_addr, 1471 - (void *)(image + sizeof(*css_hdr)), 1472 - ICP_QAT_CSS_FWSK_MODULUS_LEN(handle)); 1434 + memcpy(virt_addr, image + sizeof(*css_hdr), ICP_QAT_CSS_FWSK_MODULUS_LEN(handle)); 1473 1435 /* padding */ 1474 1436 memset((void *)(uintptr_t)(virt_addr + ICP_QAT_CSS_FWSK_MODULUS_LEN(handle)), 1475 1437 0, ICP_QAT_CSS_FWSK_PAD_LEN(handle)); 1476 1438 1477 1439 /* exponent */ 1478 - memcpy((void *)(uintptr_t)(virt_addr + ICP_QAT_CSS_FWSK_MODULUS_LEN(handle) + 1479 - ICP_QAT_CSS_FWSK_PAD_LEN(handle)), 1480 - (void *)(image + sizeof(*css_hdr) + 1481 - ICP_QAT_CSS_FWSK_MODULUS_LEN(handle)), 1482 - sizeof(unsigned int)); 1440 + memcpy(virt_addr + ICP_QAT_CSS_FWSK_MODULUS_LEN(handle) + 1441 + ICP_QAT_CSS_FWSK_PAD_LEN(handle), image + sizeof(*css_hdr) + 1442 + ICP_QAT_CSS_FWSK_MODULUS_LEN(handle), sizeof(unsigned int)); 1483 1443 1484 1444 /* signature */ 1485 1445 bus_addr = ADD_ADDR(auth_desc->fwsk_pub_high, 1486 1446 auth_desc->fwsk_pub_low) + 1487 1447 ICP_QAT_CSS_FWSK_PUB_LEN(handle); 1488 1448 virt_addr = virt_addr + ICP_QAT_CSS_FWSK_PUB_LEN(handle); 1489 - auth_desc->signature_high = (unsigned int)(bus_addr >> BITS_PER_TYPE(u32)); 1490 - auth_desc->signature_low = (unsigned int)bus_addr; 1449 + auth_desc->signature_high = upper_32_bits(bus_addr); 1450 + auth_desc->signature_low = lower_32_bits(bus_addr); 1491 1451 1492 - memcpy((void *)(uintptr_t)virt_addr, 1493 - (void *)(image + sizeof(*css_hdr) + 1494 - ICP_QAT_CSS_FWSK_MODULUS_LEN(handle) + 1495 - ICP_QAT_CSS_FWSK_EXPONENT_LEN(handle)), 1496 - ICP_QAT_CSS_SIGNATURE_LEN(handle)); 1452 + memcpy(virt_addr, image + sizeof(*css_hdr) + ICP_QAT_CSS_FWSK_MODULUS_LEN(handle) + 1453 + ICP_QAT_CSS_FWSK_EXPONENT_LEN(handle), ICP_QAT_CSS_SIGNATURE_LEN(handle)); 1497 1454 1498 1455 bus_addr = ADD_ADDR(auth_desc->signature_high, 1499 1456 auth_desc->signature_low) + 1500 1457 ICP_QAT_CSS_SIGNATURE_LEN(handle); 1501 1458 virt_addr += ICP_QAT_CSS_SIGNATURE_LEN(handle); 1502 1459 1503 - auth_desc->img_high = (unsigned int)(bus_addr >> BITS_PER_TYPE(u32)); 1504 - auth_desc->img_low = (unsigned int)bus_addr; 1505 - auth_desc->img_len = size - ICP_QAT_AE_IMG_OFFSET(handle); 1506 - if (bus_addr + auth_desc->img_len > img_desc.dram_bus_addr + 1507 - ICP_QAT_CSS_RSA4K_MAX_IMAGE_LEN) { 1460 + auth_desc->img_high = upper_32_bits(bus_addr); 1461 + auth_desc->img_low = lower_32_bits(bus_addr); 1462 + auth_desc->img_len = size - qat_uclo_simg_hdr2sign_len(handle); 1463 + if (bus_addr + auth_desc->img_len > 1464 + dram_desc->dram_bus_addr + ICP_QAT_CSS_RSA4K_MAX_IMAGE_LEN) { 1508 1465 pr_err("insufficient memory size for authentication data\n"); 1509 - qat_uclo_simg_free(handle, &img_desc); 1466 + qat_uclo_simg_free(handle, dram_desc); 1510 1467 return -ENOMEM; 1511 1468 } 1512 1469 1513 - memcpy((void *)(uintptr_t)virt_addr, 1514 - (void *)(image + ICP_QAT_AE_IMG_OFFSET(handle)), 1515 - auth_desc->img_len); 1470 + memcpy(virt_addr, image + qat_uclo_simg_hdr2sign_len(handle), auth_desc->img_len); 1516 1471 virt_addr = virt_base; 1517 1472 /* AE firmware */ 1518 - if (((struct icp_qat_css_hdr *)(uintptr_t)virt_addr)->fw_type == 1519 - CSS_AE_FIRMWARE) { 1473 + if (fw_type == CSS_AE_FIRMWARE) { 1520 1474 auth_desc->img_ae_mode_data_high = auth_desc->img_high; 1521 1475 auth_desc->img_ae_mode_data_low = auth_desc->img_low; 1522 1476 bus_addr = ADD_ADDR(auth_desc->img_ae_mode_data_high, 1523 1477 auth_desc->img_ae_mode_data_low) + 1524 1478 sizeof(struct icp_qat_simg_ae_mode); 1525 1479 1526 - auth_desc->img_ae_init_data_high = 1527 - (unsigned int)(bus_addr >> BITS_PER_TYPE(u32)); 1528 - auth_desc->img_ae_init_data_low = (unsigned int)bus_addr; 1480 + auth_desc->img_ae_init_data_high = upper_32_bits(bus_addr); 1481 + auth_desc->img_ae_init_data_low = lower_32_bits(bus_addr); 1529 1482 bus_addr += ICP_QAT_SIMG_AE_INIT_SEQ_LEN; 1530 - auth_desc->img_ae_insts_high = 1531 - (unsigned int)(bus_addr >> BITS_PER_TYPE(u32)); 1532 - auth_desc->img_ae_insts_low = (unsigned int)bus_addr; 1483 + auth_desc->img_ae_insts_high = upper_32_bits(bus_addr); 1484 + auth_desc->img_ae_insts_low = lower_32_bits(bus_addr); 1533 1485 virt_addr += sizeof(struct icp_qat_css_hdr); 1534 1486 virt_addr += ICP_QAT_CSS_FWSK_PUB_LEN(handle); 1535 1487 virt_addr += ICP_QAT_CSS_SIGNATURE_LEN(handle); ··· 1513 1521 } 1514 1522 *desc = auth_desc; 1515 1523 return 0; 1524 + } 1525 + 1526 + static int qat_uclo_map_auth_fw(struct icp_qat_fw_loader_handle *handle, 1527 + char *image, unsigned int size, 1528 + struct icp_qat_fw_auth_desc **desc) 1529 + { 1530 + struct icp_qat_auth_chunk *auth_chunk; 1531 + struct icp_firml_dram_desc img_desc; 1532 + unsigned int simg_fw_type; 1533 + int ret; 1534 + 1535 + ret = qat_uclo_simg_alloc(handle, &img_desc, ICP_QAT_CSS_RSA4K_MAX_IMAGE_LEN); 1536 + if (ret) 1537 + return ret; 1538 + 1539 + simg_fw_type = qat_uclo_simg_fw_type(handle, image); 1540 + auth_chunk = img_desc.dram_base_addr_v; 1541 + auth_chunk->chunk_size = img_desc.dram_size; 1542 + auth_chunk->chunk_bus_addr = img_desc.dram_bus_addr; 1543 + 1544 + return qat_uclo_build_auth_desc_RSA(handle, image, size, &img_desc, 1545 + simg_fw_type, desc); 1516 1546 } 1517 1547 1518 1548 static int qat_uclo_load_fw(struct icp_qat_fw_loader_handle *handle,