cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

sha1-spe-glue.c (4625B)

      1// SPDX-License-Identifier: GPL-2.0-or-later
      2/*
      3 * Glue code for SHA-1 implementation for SPE instructions (PPC)
      4 *
      5 * Based on generic implementation.
      6 *
      7 * Copyright (c) 2015 Markus Stockhausen <stockhausen@collogia.de>
      8 */
      9
     10#include <crypto/internal/hash.h>
     11#include <linux/init.h>
     12#include <linux/module.h>
     13#include <linux/mm.h>
     14#include <linux/types.h>
     15#include <crypto/sha1.h>
     16#include <crypto/sha1_base.h>
     17#include <asm/byteorder.h>
     18#include <asm/switch_to.h>
     19#include <linux/hardirq.h>
     20
     21/*
     22 * MAX_BYTES defines the number of bytes that are allowed to be processed
     23 * between preempt_disable() and preempt_enable(). SHA1 takes ~1000
     24 * operations per 64 bytes. e500 cores can issue two arithmetic instructions
     25 * per clock cycle using one 32/64 bit unit (SU1) and one 32 bit unit (SU2).
     26 * Thus 2KB of input data will need an estimated maximum of 18,000 cycles.
     27 * Headroom for cache misses included. Even with the low end model clocked
     28 * at 667 MHz this equals to a critical time window of less than 27us.
     29 *
     30 */
     31#define MAX_BYTES 2048
     32
     33extern void ppc_spe_sha1_transform(u32 *state, const u8 *src, u32 blocks);
     34
     35static void spe_begin(void)
     36{
     37	/* We just start SPE operations and will save SPE registers later. */
     38	preempt_disable();
     39	enable_kernel_spe();
     40}
     41
     42static void spe_end(void)
     43{
     44	disable_kernel_spe();
     45	/* reenable preemption */
     46	preempt_enable();
     47}
     48
     49static inline void ppc_sha1_clear_context(struct sha1_state *sctx)
     50{
     51	int count = sizeof(struct sha1_state) >> 2;
     52	u32 *ptr = (u32 *)sctx;
     53
     54	/* make sure we can clear the fast way */
     55	BUILD_BUG_ON(sizeof(struct sha1_state) % 4);
     56	do { *ptr++ = 0; } while (--count);
     57}
     58
     59static int ppc_spe_sha1_update(struct shash_desc *desc, const u8 *data,
     60			unsigned int len)
     61{
     62	struct sha1_state *sctx = shash_desc_ctx(desc);
     63	const unsigned int offset = sctx->count & 0x3f;
     64	const unsigned int avail = 64 - offset;
     65	unsigned int bytes;
     66	const u8 *src = data;
     67
     68	if (avail > len) {
     69		sctx->count += len;
     70		memcpy((char *)sctx->buffer + offset, src, len);
     71		return 0;
     72	}
     73
     74	sctx->count += len;
     75
     76	if (offset) {
     77		memcpy((char *)sctx->buffer + offset, src, avail);
     78
     79		spe_begin();
     80		ppc_spe_sha1_transform(sctx->state, (const u8 *)sctx->buffer, 1);
     81		spe_end();
     82
     83		len -= avail;
     84		src += avail;
     85	}
     86
     87	while (len > 63) {
     88		bytes = (len > MAX_BYTES) ? MAX_BYTES : len;
     89		bytes = bytes & ~0x3f;
     90
     91		spe_begin();
     92		ppc_spe_sha1_transform(sctx->state, src, bytes >> 6);
     93		spe_end();
     94
     95		src += bytes;
     96		len -= bytes;
     97	}
     98
     99	memcpy((char *)sctx->buffer, src, len);
    100	return 0;
    101}
    102
    103static int ppc_spe_sha1_final(struct shash_desc *desc, u8 *out)
    104{
    105	struct sha1_state *sctx = shash_desc_ctx(desc);
    106	const unsigned int offset = sctx->count & 0x3f;
    107	char *p = (char *)sctx->buffer + offset;
    108	int padlen;
    109	__be64 *pbits = (__be64 *)(((char *)&sctx->buffer) + 56);
    110	__be32 *dst = (__be32 *)out;
    111
    112	padlen = 55 - offset;
    113	*p++ = 0x80;
    114
    115	spe_begin();
    116
    117	if (padlen < 0) {
    118		memset(p, 0x00, padlen + sizeof (u64));
    119		ppc_spe_sha1_transform(sctx->state, sctx->buffer, 1);
    120		p = (char *)sctx->buffer;
    121		padlen = 56;
    122	}
    123
    124	memset(p, 0, padlen);
    125	*pbits = cpu_to_be64(sctx->count << 3);
    126	ppc_spe_sha1_transform(sctx->state, sctx->buffer, 1);
    127
    128	spe_end();
    129
    130	dst[0] = cpu_to_be32(sctx->state[0]);
    131	dst[1] = cpu_to_be32(sctx->state[1]);
    132	dst[2] = cpu_to_be32(sctx->state[2]);
    133	dst[3] = cpu_to_be32(sctx->state[3]);
    134	dst[4] = cpu_to_be32(sctx->state[4]);
    135
    136	ppc_sha1_clear_context(sctx);
    137	return 0;
    138}
    139
    140static int ppc_spe_sha1_export(struct shash_desc *desc, void *out)
    141{
    142	struct sha1_state *sctx = shash_desc_ctx(desc);
    143
    144	memcpy(out, sctx, sizeof(*sctx));
    145	return 0;
    146}
    147
    148static int ppc_spe_sha1_import(struct shash_desc *desc, const void *in)
    149{
    150	struct sha1_state *sctx = shash_desc_ctx(desc);
    151
    152	memcpy(sctx, in, sizeof(*sctx));
    153	return 0;
    154}
    155
    156static struct shash_alg alg = {
    157	.digestsize	=	SHA1_DIGEST_SIZE,
    158	.init		=	sha1_base_init,
    159	.update		=	ppc_spe_sha1_update,
    160	.final		=	ppc_spe_sha1_final,
    161	.export		=	ppc_spe_sha1_export,
    162	.import		=	ppc_spe_sha1_import,
    163	.descsize	=	sizeof(struct sha1_state),
    164	.statesize	=	sizeof(struct sha1_state),
    165	.base		=	{
    166		.cra_name	=	"sha1",
    167		.cra_driver_name=	"sha1-ppc-spe",
    168		.cra_priority	=	300,
    169		.cra_blocksize	=	SHA1_BLOCK_SIZE,
    170		.cra_module	=	THIS_MODULE,
    171	}
    172};
    173
    174static int __init ppc_spe_sha1_mod_init(void)
    175{
    176	return crypto_register_shash(&alg);
    177}
    178
    179static void __exit ppc_spe_sha1_mod_fini(void)
    180{
    181	crypto_unregister_shash(&alg);
    182}
    183
    184module_init(ppc_spe_sha1_mod_init);
    185module_exit(ppc_spe_sha1_mod_fini);
    186
    187MODULE_LICENSE("GPL");
    188MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm, SPE optimized");
    189
    190MODULE_ALIAS_CRYPTO("sha1");
    191MODULE_ALIAS_CRYPTO("sha1-ppc-spe");