mirror of
https://github.com/torvalds/linux.git
synced 2025-11-04 02:30:34 +02:00
6d2bce6a15
static checker warning:
drivers/crypto/atmel-ecc.c:281 atmel_ecdh_done()
warn: assigning (-22) to unsigned variable 'status'
Similar warning can be raised in atmel_ecc_work_handler()
when atmel_ecc_send_receive() returns an error. Fix this too.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
781 lines
21 KiB
C
781 lines
21 KiB
C
/*
|
|
* Microchip / Atmel ECC (I2C) driver.
|
|
*
|
|
* Copyright (c) 2017, Microchip Technology Inc.
|
|
* Author: Tudor Ambarus <tudor.ambarus@microchip.com>
|
|
*
|
|
* This software is licensed under the terms of the GNU General Public
|
|
* License version 2, as published by the Free Software Foundation, and
|
|
* may be copied, distributed, and modified under those terms.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
*/
|
|
|
|
#include <linux/bitrev.h>
|
|
#include <linux/crc16.h>
|
|
#include <linux/delay.h>
|
|
#include <linux/device.h>
|
|
#include <linux/err.h>
|
|
#include <linux/errno.h>
|
|
#include <linux/i2c.h>
|
|
#include <linux/init.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/module.h>
|
|
#include <linux/of_device.h>
|
|
#include <linux/scatterlist.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/workqueue.h>
|
|
#include <crypto/internal/kpp.h>
|
|
#include <crypto/ecdh.h>
|
|
#include <crypto/kpp.h>
|
|
#include "atmel-ecc.h"
|
|
|
|
/* Used for binding tfm objects to i2c clients. */
|
|
struct atmel_ecc_driver_data {
|
|
struct list_head i2c_client_list;
|
|
spinlock_t i2c_list_lock;
|
|
} ____cacheline_aligned;
|
|
|
|
static struct atmel_ecc_driver_data driver_data;
|
|
|
|
/**
|
|
* atmel_ecc_i2c_client_priv - i2c_client private data
|
|
* @client : pointer to i2c client device
|
|
* @i2c_client_list_node: part of i2c_client_list
|
|
* @lock : lock for sending i2c commands
|
|
* @wake_token : wake token array of zeros
|
|
* @wake_token_sz : size in bytes of the wake_token
|
|
* @tfm_count : number of active crypto transformations on i2c client
|
|
*
|
|
* Reads and writes from/to the i2c client are sequential. The first byte
|
|
* transmitted to the device is treated as the byte size. Any attempt to send
|
|
* more than this number of bytes will cause the device to not ACK those bytes.
|
|
* After the host writes a single command byte to the input buffer, reads are
|
|
* prohibited until after the device completes command execution. Use a mutex
|
|
* when sending i2c commands.
|
|
*/
|
|
struct atmel_ecc_i2c_client_priv {
|
|
struct i2c_client *client;
|
|
struct list_head i2c_client_list_node;
|
|
struct mutex lock;
|
|
u8 wake_token[WAKE_TOKEN_MAX_SIZE];
|
|
size_t wake_token_sz;
|
|
atomic_t tfm_count ____cacheline_aligned;
|
|
};
|
|
|
|
/**
|
|
* atmel_ecdh_ctx - transformation context
|
|
* @client : pointer to i2c client device
|
|
* @fallback : used for unsupported curves or when user wants to use its own
|
|
* private key.
|
|
* @public_key : generated when calling set_secret(). It's the responsibility
|
|
* of the user to not call set_secret() while
|
|
* generate_public_key() or compute_shared_secret() are in flight.
|
|
* @curve_id : elliptic curve id
|
|
* @n_sz : size in bytes of the n prime
|
|
* @do_fallback: true when the device doesn't support the curve or when the user
|
|
* wants to use its own private key.
|
|
*/
|
|
struct atmel_ecdh_ctx {
|
|
struct i2c_client *client;
|
|
struct crypto_kpp *fallback;
|
|
const u8 *public_key;
|
|
unsigned int curve_id;
|
|
size_t n_sz;
|
|
bool do_fallback;
|
|
};
|
|
|
|
/**
|
|
* atmel_ecc_work_data - data structure representing the work
|
|
* @ctx : transformation context.
|
|
* @cbk : pointer to a callback function to be invoked upon completion of this
|
|
* request. This has the form:
|
|
* callback(struct atmel_ecc_work_data *work_data, void *areq, u8 status)
|
|
* where:
|
|
* @work_data: data structure representing the work
|
|
* @areq : optional pointer to an argument passed with the original
|
|
* request.
|
|
* @status : status returned from the i2c client device or i2c error.
|
|
* @areq: optional pointer to a user argument for use at callback time.
|
|
* @work: describes the task to be executed.
|
|
* @cmd : structure used for communicating with the device.
|
|
*/
|
|
struct atmel_ecc_work_data {
|
|
struct atmel_ecdh_ctx *ctx;
|
|
void (*cbk)(struct atmel_ecc_work_data *work_data, void *areq,
|
|
int status);
|
|
void *areq;
|
|
struct work_struct work;
|
|
struct atmel_ecc_cmd cmd;
|
|
};
|
|
|
|
static u16 atmel_ecc_crc16(u16 crc, const u8 *buffer, size_t len)
|
|
{
|
|
return cpu_to_le16(bitrev16(crc16(crc, buffer, len)));
|
|
}
|
|
|
|
/**
|
|
* atmel_ecc_checksum() - Generate 16-bit CRC as required by ATMEL ECC.
|
|
* CRC16 verification of the count, opcode, param1, param2 and data bytes.
|
|
* The checksum is saved in little-endian format in the least significant
|
|
* two bytes of the command. CRC polynomial is 0x8005 and the initial register
|
|
* value should be zero.
|
|
*
|
|
* @cmd : structure used for communicating with the device.
|
|
*/
|
|
static void atmel_ecc_checksum(struct atmel_ecc_cmd *cmd)
|
|
{
|
|
u8 *data = &cmd->count;
|
|
size_t len = cmd->count - CRC_SIZE;
|
|
u16 *crc16 = (u16 *)(data + len);
|
|
|
|
*crc16 = atmel_ecc_crc16(0, data, len);
|
|
}
|
|
|
|
static void atmel_ecc_init_read_cmd(struct atmel_ecc_cmd *cmd)
|
|
{
|
|
cmd->word_addr = COMMAND;
|
|
cmd->opcode = OPCODE_READ;
|
|
/*
|
|
* Read the word from Configuration zone that contains the lock bytes
|
|
* (UserExtra, Selector, LockValue, LockConfig).
|
|
*/
|
|
cmd->param1 = CONFIG_ZONE;
|
|
cmd->param2 = DEVICE_LOCK_ADDR;
|
|
cmd->count = READ_COUNT;
|
|
|
|
atmel_ecc_checksum(cmd);
|
|
|
|
cmd->msecs = MAX_EXEC_TIME_READ;
|
|
cmd->rxsize = READ_RSP_SIZE;
|
|
}
|
|
|
|
static void atmel_ecc_init_genkey_cmd(struct atmel_ecc_cmd *cmd, u16 keyid)
|
|
{
|
|
cmd->word_addr = COMMAND;
|
|
cmd->count = GENKEY_COUNT;
|
|
cmd->opcode = OPCODE_GENKEY;
|
|
cmd->param1 = GENKEY_MODE_PRIVATE;
|
|
/* a random private key will be generated and stored in slot keyID */
|
|
cmd->param2 = cpu_to_le16(keyid);
|
|
|
|
atmel_ecc_checksum(cmd);
|
|
|
|
cmd->msecs = MAX_EXEC_TIME_GENKEY;
|
|
cmd->rxsize = GENKEY_RSP_SIZE;
|
|
}
|
|
|
|
static int atmel_ecc_init_ecdh_cmd(struct atmel_ecc_cmd *cmd,
|
|
struct scatterlist *pubkey)
|
|
{
|
|
size_t copied;
|
|
|
|
cmd->word_addr = COMMAND;
|
|
cmd->count = ECDH_COUNT;
|
|
cmd->opcode = OPCODE_ECDH;
|
|
cmd->param1 = ECDH_PREFIX_MODE;
|
|
/* private key slot */
|
|
cmd->param2 = cpu_to_le16(DATA_SLOT_2);
|
|
|
|
/*
|
|
* The device only supports NIST P256 ECC keys. The public key size will
|
|
* always be the same. Use a macro for the key size to avoid unnecessary
|
|
* computations.
|
|
*/
|
|
copied = sg_copy_to_buffer(pubkey, 1, cmd->data, ATMEL_ECC_PUBKEY_SIZE);
|
|
if (copied != ATMEL_ECC_PUBKEY_SIZE)
|
|
return -EINVAL;
|
|
|
|
atmel_ecc_checksum(cmd);
|
|
|
|
cmd->msecs = MAX_EXEC_TIME_ECDH;
|
|
cmd->rxsize = ECDH_RSP_SIZE;
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* After wake and after execution of a command, there will be error, status, or
|
|
* result bytes in the device's output register that can be retrieved by the
|
|
* system. When the length of that group is four bytes, the codes returned are
|
|
* detailed in error_list.
|
|
*/
|
|
static int atmel_ecc_status(struct device *dev, u8 *status)
|
|
{
|
|
size_t err_list_len = ARRAY_SIZE(error_list);
|
|
int i;
|
|
u8 err_id = status[1];
|
|
|
|
if (*status != STATUS_SIZE)
|
|
return 0;
|
|
|
|
if (err_id == STATUS_WAKE_SUCCESSFUL || err_id == STATUS_NOERR)
|
|
return 0;
|
|
|
|
for (i = 0; i < err_list_len; i++)
|
|
if (error_list[i].value == err_id)
|
|
break;
|
|
|
|
/* if err_id is not in the error_list then ignore it */
|
|
if (i != err_list_len) {
|
|
dev_err(dev, "%02x: %s:\n", err_id, error_list[i].error_text);
|
|
return err_id;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int atmel_ecc_wakeup(struct i2c_client *client)
|
|
{
|
|
struct atmel_ecc_i2c_client_priv *i2c_priv = i2c_get_clientdata(client);
|
|
u8 status[STATUS_RSP_SIZE];
|
|
int ret;
|
|
|
|
/*
|
|
* The device ignores any levels or transitions on the SCL pin when the
|
|
* device is idle, asleep or during waking up. Don't check for error
|
|
* when waking up the device.
|
|
*/
|
|
i2c_master_send(client, i2c_priv->wake_token, i2c_priv->wake_token_sz);
|
|
|
|
/*
|
|
* Wait to wake the device. Typical execution times for ecdh and genkey
|
|
* are around tens of milliseconds. Delta is chosen to 50 microseconds.
|
|
*/
|
|
usleep_range(TWHI_MIN, TWHI_MAX);
|
|
|
|
ret = i2c_master_recv(client, status, STATUS_SIZE);
|
|
if (ret < 0)
|
|
return ret;
|
|
|
|
return atmel_ecc_status(&client->dev, status);
|
|
}
|
|
|
|
static int atmel_ecc_sleep(struct i2c_client *client)
|
|
{
|
|
u8 sleep = SLEEP_TOKEN;
|
|
|
|
return i2c_master_send(client, &sleep, 1);
|
|
}
|
|
|
|
static void atmel_ecdh_done(struct atmel_ecc_work_data *work_data, void *areq,
|
|
int status)
|
|
{
|
|
struct kpp_request *req = areq;
|
|
struct atmel_ecdh_ctx *ctx = work_data->ctx;
|
|
struct atmel_ecc_cmd *cmd = &work_data->cmd;
|
|
size_t copied;
|
|
size_t n_sz = ctx->n_sz;
|
|
|
|
if (status)
|
|
goto free_work_data;
|
|
|
|
/* copy the shared secret */
|
|
copied = sg_copy_from_buffer(req->dst, 1, &cmd->data[RSP_DATA_IDX],
|
|
n_sz);
|
|
if (copied != n_sz)
|
|
status = -EINVAL;
|
|
|
|
/* fall through */
|
|
free_work_data:
|
|
kzfree(work_data);
|
|
kpp_request_complete(req, status);
|
|
}
|
|
|
|
/*
|
|
* atmel_ecc_send_receive() - send a command to the device and receive its
|
|
* response.
|
|
* @client: i2c client device
|
|
* @cmd : structure used to communicate with the device
|
|
*
|
|
* After the device receives a Wake token, a watchdog counter starts within the
|
|
* device. After the watchdog timer expires, the device enters sleep mode
|
|
* regardless of whether some I/O transmission or command execution is in
|
|
* progress. If a command is attempted when insufficient time remains prior to
|
|
* watchdog timer execution, the device will return the watchdog timeout error
|
|
* code without attempting to execute the command. There is no way to reset the
|
|
* counter other than to put the device into sleep or idle mode and then
|
|
* wake it up again.
|
|
*/
|
|
static int atmel_ecc_send_receive(struct i2c_client *client,
|
|
struct atmel_ecc_cmd *cmd)
|
|
{
|
|
struct atmel_ecc_i2c_client_priv *i2c_priv = i2c_get_clientdata(client);
|
|
int ret;
|
|
|
|
mutex_lock(&i2c_priv->lock);
|
|
|
|
ret = atmel_ecc_wakeup(client);
|
|
if (ret)
|
|
goto err;
|
|
|
|
/* send the command */
|
|
ret = i2c_master_send(client, (u8 *)cmd, cmd->count + WORD_ADDR_SIZE);
|
|
if (ret < 0)
|
|
goto err;
|
|
|
|
/* delay the appropriate amount of time for command to execute */
|
|
msleep(cmd->msecs);
|
|
|
|
/* receive the response */
|
|
ret = i2c_master_recv(client, cmd->data, cmd->rxsize);
|
|
if (ret < 0)
|
|
goto err;
|
|
|
|
/* put the device into low-power mode */
|
|
ret = atmel_ecc_sleep(client);
|
|
if (ret < 0)
|
|
goto err;
|
|
|
|
mutex_unlock(&i2c_priv->lock);
|
|
return atmel_ecc_status(&client->dev, cmd->data);
|
|
err:
|
|
mutex_unlock(&i2c_priv->lock);
|
|
return ret;
|
|
}
|
|
|
|
static void atmel_ecc_work_handler(struct work_struct *work)
|
|
{
|
|
struct atmel_ecc_work_data *work_data =
|
|
container_of(work, struct atmel_ecc_work_data, work);
|
|
struct atmel_ecc_cmd *cmd = &work_data->cmd;
|
|
struct i2c_client *client = work_data->ctx->client;
|
|
int status;
|
|
|
|
status = atmel_ecc_send_receive(client, cmd);
|
|
work_data->cbk(work_data, work_data->areq, status);
|
|
}
|
|
|
|
static void atmel_ecc_enqueue(struct atmel_ecc_work_data *work_data,
|
|
void (*cbk)(struct atmel_ecc_work_data *work_data,
|
|
void *areq, int status),
|
|
void *areq)
|
|
{
|
|
work_data->cbk = (void *)cbk;
|
|
work_data->areq = areq;
|
|
|
|
INIT_WORK(&work_data->work, atmel_ecc_work_handler);
|
|
schedule_work(&work_data->work);
|
|
}
|
|
|
|
static unsigned int atmel_ecdh_supported_curve(unsigned int curve_id)
|
|
{
|
|
if (curve_id == ECC_CURVE_NIST_P256)
|
|
return ATMEL_ECC_NIST_P256_N_SIZE;
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* A random private key is generated and stored in the device. The device
|
|
* returns the pair public key.
|
|
*/
|
|
static int atmel_ecdh_set_secret(struct crypto_kpp *tfm, const void *buf,
|
|
unsigned int len)
|
|
{
|
|
struct atmel_ecdh_ctx *ctx = kpp_tfm_ctx(tfm);
|
|
struct atmel_ecc_cmd *cmd;
|
|
void *public_key;
|
|
struct ecdh params;
|
|
int ret = -ENOMEM;
|
|
|
|
/* free the old public key, if any */
|
|
kfree(ctx->public_key);
|
|
/* make sure you don't free the old public key twice */
|
|
ctx->public_key = NULL;
|
|
|
|
if (crypto_ecdh_decode_key(buf, len, ¶ms) < 0) {
|
|
dev_err(&ctx->client->dev, "crypto_ecdh_decode_key failed\n");
|
|
return -EINVAL;
|
|
}
|
|
|
|
ctx->n_sz = atmel_ecdh_supported_curve(params.curve_id);
|
|
if (!ctx->n_sz || params.key_size) {
|
|
/* fallback to ecdh software implementation */
|
|
ctx->do_fallback = true;
|
|
return crypto_kpp_set_secret(ctx->fallback, buf, len);
|
|
}
|
|
|
|
cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
|
|
if (!cmd)
|
|
return -ENOMEM;
|
|
|
|
/*
|
|
* The device only supports NIST P256 ECC keys. The public key size will
|
|
* always be the same. Use a macro for the key size to avoid unnecessary
|
|
* computations.
|
|
*/
|
|
public_key = kmalloc(ATMEL_ECC_PUBKEY_SIZE, GFP_KERNEL);
|
|
if (!public_key)
|
|
goto free_cmd;
|
|
|
|
ctx->do_fallback = false;
|
|
ctx->curve_id = params.curve_id;
|
|
|
|
atmel_ecc_init_genkey_cmd(cmd, DATA_SLOT_2);
|
|
|
|
ret = atmel_ecc_send_receive(ctx->client, cmd);
|
|
if (ret)
|
|
goto free_public_key;
|
|
|
|
/* save the public key */
|
|
memcpy(public_key, &cmd->data[RSP_DATA_IDX], ATMEL_ECC_PUBKEY_SIZE);
|
|
ctx->public_key = public_key;
|
|
|
|
kfree(cmd);
|
|
return 0;
|
|
|
|
free_public_key:
|
|
kfree(public_key);
|
|
free_cmd:
|
|
kfree(cmd);
|
|
return ret;
|
|
}
|
|
|
|
static int atmel_ecdh_generate_public_key(struct kpp_request *req)
|
|
{
|
|
struct crypto_kpp *tfm = crypto_kpp_reqtfm(req);
|
|
struct atmel_ecdh_ctx *ctx = kpp_tfm_ctx(tfm);
|
|
size_t copied;
|
|
int ret = 0;
|
|
|
|
if (ctx->do_fallback) {
|
|
kpp_request_set_tfm(req, ctx->fallback);
|
|
return crypto_kpp_generate_public_key(req);
|
|
}
|
|
|
|
/* public key was saved at private key generation */
|
|
copied = sg_copy_from_buffer(req->dst, 1, ctx->public_key,
|
|
ATMEL_ECC_PUBKEY_SIZE);
|
|
if (copied != ATMEL_ECC_PUBKEY_SIZE)
|
|
ret = -EINVAL;
|
|
|
|
return ret;
|
|
}
|
|
|
|
static int atmel_ecdh_compute_shared_secret(struct kpp_request *req)
|
|
{
|
|
struct crypto_kpp *tfm = crypto_kpp_reqtfm(req);
|
|
struct atmel_ecdh_ctx *ctx = kpp_tfm_ctx(tfm);
|
|
struct atmel_ecc_work_data *work_data;
|
|
gfp_t gfp;
|
|
int ret;
|
|
|
|
if (ctx->do_fallback) {
|
|
kpp_request_set_tfm(req, ctx->fallback);
|
|
return crypto_kpp_compute_shared_secret(req);
|
|
}
|
|
|
|
gfp = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? GFP_KERNEL :
|
|
GFP_ATOMIC;
|
|
|
|
work_data = kmalloc(sizeof(*work_data), gfp);
|
|
if (!work_data)
|
|
return -ENOMEM;
|
|
|
|
work_data->ctx = ctx;
|
|
|
|
ret = atmel_ecc_init_ecdh_cmd(&work_data->cmd, req->src);
|
|
if (ret)
|
|
goto free_work_data;
|
|
|
|
atmel_ecc_enqueue(work_data, atmel_ecdh_done, req);
|
|
|
|
return -EINPROGRESS;
|
|
|
|
free_work_data:
|
|
kfree(work_data);
|
|
return ret;
|
|
}
|
|
|
|
static struct i2c_client *atmel_ecc_i2c_client_alloc(void)
|
|
{
|
|
struct atmel_ecc_i2c_client_priv *i2c_priv, *min_i2c_priv = NULL;
|
|
struct i2c_client *client = ERR_PTR(-ENODEV);
|
|
int min_tfm_cnt = INT_MAX;
|
|
int tfm_cnt;
|
|
|
|
spin_lock(&driver_data.i2c_list_lock);
|
|
|
|
if (list_empty(&driver_data.i2c_client_list)) {
|
|
spin_unlock(&driver_data.i2c_list_lock);
|
|
return ERR_PTR(-ENODEV);
|
|
}
|
|
|
|
list_for_each_entry(i2c_priv, &driver_data.i2c_client_list,
|
|
i2c_client_list_node) {
|
|
tfm_cnt = atomic_read(&i2c_priv->tfm_count);
|
|
if (tfm_cnt < min_tfm_cnt) {
|
|
min_tfm_cnt = tfm_cnt;
|
|
min_i2c_priv = i2c_priv;
|
|
}
|
|
if (!min_tfm_cnt)
|
|
break;
|
|
}
|
|
|
|
if (min_i2c_priv) {
|
|
atomic_inc(&min_i2c_priv->tfm_count);
|
|
client = min_i2c_priv->client;
|
|
}
|
|
|
|
spin_unlock(&driver_data.i2c_list_lock);
|
|
|
|
return client;
|
|
}
|
|
|
|
static void atmel_ecc_i2c_client_free(struct i2c_client *client)
|
|
{
|
|
struct atmel_ecc_i2c_client_priv *i2c_priv = i2c_get_clientdata(client);
|
|
|
|
atomic_dec(&i2c_priv->tfm_count);
|
|
}
|
|
|
|
static int atmel_ecdh_init_tfm(struct crypto_kpp *tfm)
|
|
{
|
|
const char *alg = kpp_alg_name(tfm);
|
|
struct crypto_kpp *fallback;
|
|
struct atmel_ecdh_ctx *ctx = kpp_tfm_ctx(tfm);
|
|
|
|
ctx->client = atmel_ecc_i2c_client_alloc();
|
|
if (IS_ERR(ctx->client)) {
|
|
pr_err("tfm - i2c_client binding failed\n");
|
|
return PTR_ERR(ctx->client);
|
|
}
|
|
|
|
fallback = crypto_alloc_kpp(alg, 0, CRYPTO_ALG_NEED_FALLBACK);
|
|
if (IS_ERR(fallback)) {
|
|
dev_err(&ctx->client->dev, "Failed to allocate transformation for '%s': %ld\n",
|
|
alg, PTR_ERR(fallback));
|
|
return PTR_ERR(fallback);
|
|
}
|
|
|
|
crypto_kpp_set_flags(fallback, crypto_kpp_get_flags(tfm));
|
|
|
|
dev_info(&ctx->client->dev, "Using '%s' as fallback implementation.\n",
|
|
crypto_tfm_alg_driver_name(crypto_kpp_tfm(fallback)));
|
|
|
|
ctx->fallback = fallback;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void atmel_ecdh_exit_tfm(struct crypto_kpp *tfm)
|
|
{
|
|
struct atmel_ecdh_ctx *ctx = kpp_tfm_ctx(tfm);
|
|
|
|
kfree(ctx->public_key);
|
|
crypto_free_kpp(ctx->fallback);
|
|
atmel_ecc_i2c_client_free(ctx->client);
|
|
}
|
|
|
|
static unsigned int atmel_ecdh_max_size(struct crypto_kpp *tfm)
|
|
{
|
|
struct atmel_ecdh_ctx *ctx = kpp_tfm_ctx(tfm);
|
|
|
|
if (ctx->fallback)
|
|
return crypto_kpp_maxsize(ctx->fallback);
|
|
|
|
/*
|
|
* The device only supports NIST P256 ECC keys. The public key size will
|
|
* always be the same. Use a macro for the key size to avoid unnecessary
|
|
* computations.
|
|
*/
|
|
return ATMEL_ECC_PUBKEY_SIZE;
|
|
}
|
|
|
|
static struct kpp_alg atmel_ecdh = {
|
|
.set_secret = atmel_ecdh_set_secret,
|
|
.generate_public_key = atmel_ecdh_generate_public_key,
|
|
.compute_shared_secret = atmel_ecdh_compute_shared_secret,
|
|
.init = atmel_ecdh_init_tfm,
|
|
.exit = atmel_ecdh_exit_tfm,
|
|
.max_size = atmel_ecdh_max_size,
|
|
.base = {
|
|
.cra_flags = CRYPTO_ALG_NEED_FALLBACK,
|
|
.cra_name = "ecdh",
|
|
.cra_driver_name = "atmel-ecdh",
|
|
.cra_priority = ATMEL_ECC_PRIORITY,
|
|
.cra_module = THIS_MODULE,
|
|
.cra_ctxsize = sizeof(struct atmel_ecdh_ctx),
|
|
},
|
|
};
|
|
|
|
static inline size_t atmel_ecc_wake_token_sz(u32 bus_clk_rate)
|
|
{
|
|
u32 no_of_bits = DIV_ROUND_UP(TWLO_USEC * bus_clk_rate, USEC_PER_SEC);
|
|
|
|
/* return the size of the wake_token in bytes */
|
|
return DIV_ROUND_UP(no_of_bits, 8);
|
|
}
|
|
|
|
static int device_sanity_check(struct i2c_client *client)
|
|
{
|
|
struct atmel_ecc_cmd *cmd;
|
|
int ret;
|
|
|
|
cmd = kmalloc(sizeof(*cmd), GFP_KERNEL);
|
|
if (!cmd)
|
|
return -ENOMEM;
|
|
|
|
atmel_ecc_init_read_cmd(cmd);
|
|
|
|
ret = atmel_ecc_send_receive(client, cmd);
|
|
if (ret)
|
|
goto free_cmd;
|
|
|
|
/*
|
|
* It is vital that the Configuration, Data and OTP zones be locked
|
|
* prior to release into the field of the system containing the device.
|
|
* Failure to lock these zones may permit modification of any secret
|
|
* keys and may lead to other security problems.
|
|
*/
|
|
if (cmd->data[LOCK_CONFIG_IDX] || cmd->data[LOCK_VALUE_IDX]) {
|
|
dev_err(&client->dev, "Configuration or Data and OTP zones are unlocked!\n");
|
|
ret = -ENOTSUPP;
|
|
}
|
|
|
|
/* fall through */
|
|
free_cmd:
|
|
kfree(cmd);
|
|
return ret;
|
|
}
|
|
|
|
static int atmel_ecc_probe(struct i2c_client *client,
|
|
const struct i2c_device_id *id)
|
|
{
|
|
struct atmel_ecc_i2c_client_priv *i2c_priv;
|
|
struct device *dev = &client->dev;
|
|
int ret;
|
|
u32 bus_clk_rate;
|
|
|
|
if (!i2c_check_functionality(client->adapter, I2C_FUNC_I2C)) {
|
|
dev_err(dev, "I2C_FUNC_I2C not supported\n");
|
|
return -ENODEV;
|
|
}
|
|
|
|
ret = of_property_read_u32(client->adapter->dev.of_node,
|
|
"clock-frequency", &bus_clk_rate);
|
|
if (ret) {
|
|
dev_err(dev, "of: failed to read clock-frequency property\n");
|
|
return ret;
|
|
}
|
|
|
|
if (bus_clk_rate > 1000000L) {
|
|
dev_err(dev, "%d exceeds maximum supported clock frequency (1MHz)\n",
|
|
bus_clk_rate);
|
|
return -EINVAL;
|
|
}
|
|
|
|
i2c_priv = devm_kmalloc(dev, sizeof(*i2c_priv), GFP_KERNEL);
|
|
if (!i2c_priv)
|
|
return -ENOMEM;
|
|
|
|
i2c_priv->client = client;
|
|
mutex_init(&i2c_priv->lock);
|
|
|
|
/*
|
|
* WAKE_TOKEN_MAX_SIZE was calculated for the maximum bus_clk_rate -
|
|
* 1MHz. The previous bus_clk_rate check ensures us that wake_token_sz
|
|
* will always be smaller than or equal to WAKE_TOKEN_MAX_SIZE.
|
|
*/
|
|
i2c_priv->wake_token_sz = atmel_ecc_wake_token_sz(bus_clk_rate);
|
|
|
|
memset(i2c_priv->wake_token, 0, sizeof(i2c_priv->wake_token));
|
|
|
|
atomic_set(&i2c_priv->tfm_count, 0);
|
|
|
|
i2c_set_clientdata(client, i2c_priv);
|
|
|
|
ret = device_sanity_check(client);
|
|
if (ret)
|
|
return ret;
|
|
|
|
spin_lock(&driver_data.i2c_list_lock);
|
|
list_add_tail(&i2c_priv->i2c_client_list_node,
|
|
&driver_data.i2c_client_list);
|
|
spin_unlock(&driver_data.i2c_list_lock);
|
|
|
|
ret = crypto_register_kpp(&atmel_ecdh);
|
|
if (ret) {
|
|
spin_lock(&driver_data.i2c_list_lock);
|
|
list_del(&i2c_priv->i2c_client_list_node);
|
|
spin_unlock(&driver_data.i2c_list_lock);
|
|
|
|
dev_err(dev, "%s alg registration failed\n",
|
|
atmel_ecdh.base.cra_driver_name);
|
|
} else {
|
|
dev_info(dev, "atmel ecc algorithms registered in /proc/crypto\n");
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
static int atmel_ecc_remove(struct i2c_client *client)
|
|
{
|
|
struct atmel_ecc_i2c_client_priv *i2c_priv = i2c_get_clientdata(client);
|
|
|
|
/* Return EBUSY if i2c client already allocated. */
|
|
if (atomic_read(&i2c_priv->tfm_count)) {
|
|
dev_err(&client->dev, "Device is busy\n");
|
|
return -EBUSY;
|
|
}
|
|
|
|
crypto_unregister_kpp(&atmel_ecdh);
|
|
|
|
spin_lock(&driver_data.i2c_list_lock);
|
|
list_del(&i2c_priv->i2c_client_list_node);
|
|
spin_unlock(&driver_data.i2c_list_lock);
|
|
|
|
return 0;
|
|
}
|
|
|
|
#ifdef CONFIG_OF
|
|
static const struct of_device_id atmel_ecc_dt_ids[] = {
|
|
{
|
|
.compatible = "atmel,atecc508a",
|
|
}, {
|
|
/* sentinel */
|
|
}
|
|
};
|
|
MODULE_DEVICE_TABLE(of, atmel_ecc_dt_ids);
|
|
#endif
|
|
|
|
static const struct i2c_device_id atmel_ecc_id[] = {
|
|
{ "atecc508a", 0 },
|
|
{ }
|
|
};
|
|
MODULE_DEVICE_TABLE(i2c, atmel_ecc_id);
|
|
|
|
static struct i2c_driver atmel_ecc_driver = {
|
|
.driver = {
|
|
.name = "atmel-ecc",
|
|
.of_match_table = of_match_ptr(atmel_ecc_dt_ids),
|
|
},
|
|
.probe = atmel_ecc_probe,
|
|
.remove = atmel_ecc_remove,
|
|
.id_table = atmel_ecc_id,
|
|
};
|
|
|
|
static int __init atmel_ecc_init(void)
|
|
{
|
|
spin_lock_init(&driver_data.i2c_list_lock);
|
|
INIT_LIST_HEAD(&driver_data.i2c_client_list);
|
|
return i2c_add_driver(&atmel_ecc_driver);
|
|
}
|
|
|
|
static void __exit atmel_ecc_exit(void)
|
|
{
|
|
flush_scheduled_work();
|
|
i2c_del_driver(&atmel_ecc_driver);
|
|
}
|
|
|
|
module_init(atmel_ecc_init);
|
|
module_exit(atmel_ecc_exit);
|
|
|
|
MODULE_AUTHOR("Tudor Ambarus <tudor.ambarus@microchip.com>");
|
|
MODULE_DESCRIPTION("Microchip / Atmel ECC (I2C) driver");
|
|
MODULE_LICENSE("GPL v2");
|