search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Use unlikely() on unlikely situations.
[cryptodev-linux.git] / cryptodev_main.c
blob5adbe40b94169aebd07ead866fe16ef38dd3cb90
1 /*
2 * Driver for /dev/crypto device (aka CryptoDev)
3 *
4 * Copyright (c) 2004 Michal Ludvig <mludvig@logix.net.nz>, SuSE Labs
5 * Copyright (c) 2009,2010 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6 *
7 * This file is part of linux cryptodev.
8 *
9 * cryptodev is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * cryptodev is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 /*
24 * Device /dev/crypto provides an interface for
25 * accessing kernel CryptoAPI algorithms (ciphers,
26 * hashes) from userspace programs.
27 *
28 * /dev/crypto interface was originally introduced in
29 * OpenBSD and this module attempts to keep the API.
30 *
31 */
32
33 #include <linux/crypto.h>
34 #include <linux/mm.h>
35 #include <linux/highmem.h>
36 #include <linux/random.h>
37 #include "cryptodev.h"
38 #include <asm/uaccess.h>
39 #include <asm/ioctl.h>
40 #include <linux/scatterlist.h>
41 #include "cryptodev_int.h"
42
43 MODULE_AUTHOR("Nikos Mavrogiannopoulos <nmav@gnutls.org>");
44 MODULE_DESCRIPTION("CryptoDev driver");
45 MODULE_LICENSE("GPL");
46
47 /* ====== Compile-time config ====== */
48
49 #define CRYPTODEV_STATS
50
51 /* ====== Module parameters ====== */
52
53 int cryptodev_verbosity = 0;
54 module_param(cryptodev_verbosity, int, 0644);
55 MODULE_PARM_DESC(cryptodev_verbosity, "0: normal, 1: verbose, 2: debug");
56
57 #ifdef CRYPTODEV_STATS
58 static int enable_stats = 0;
59 module_param(enable_stats, int, 0644);
60 MODULE_PARM_DESC(enable_stats, "collect statictics about cryptodev usage");
61 #endif
62
63 /* ====== CryptoAPI ====== */
64
65 #define FILL_SG(sg,ptr,len) \
66 do { \
67 (sg)->page = virt_to_page(ptr); \
68 (sg)->offset = offset_in_page(ptr); \
69 (sg)->length = len; \
70 (sg)->dma_address = 0; \
71 } while (0)
72
73 struct csession {
74 struct list_head entry;
75 struct semaphore sem;
76 struct cipher_data cdata;
77 struct hash_data hdata;
78 uint32_t sid;
79 #ifdef CRYPTODEV_STATS
80 #if ! ((COP_ENCRYPT < 2) && (COP_DECRYPT < 2))
81 #error Struct csession.stat uses COP_{ENCRYPT,DECRYPT} as indices. Do something!
82 #endif
83 unsigned long long stat[2];
84 size_t stat_max_size, stat_count;
85 #endif
86 };
87
88 struct fcrypt {
89 struct list_head list;
90 struct semaphore sem;
91 };
92
93 /* Prepare session for future use. */
94 static int
95 crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
96 {
97 struct csession *ses_new, *ses_ptr;
98 int ret = 0;
99 const char *alg_name=NULL;
100 const char *hash_name=NULL;
101 int hmac_mode = 1;
102
103 /* Does the request make sense? */
104 if (unlikely(!sop->cipher && !sop->mac)) {
105 dprintk(1,KERN_DEBUG,"Both 'cipher' and 'mac' unset.\n");
106 return -EINVAL;
107 }
108
109 switch (sop->cipher) {
110 case 0:
111 break;
112 case CRYPTO_DES_CBC:
113 alg_name = "cbc(des)";
114 break;
115 case CRYPTO_3DES_CBC:
116 alg_name = "cbc(des3_ede)";
117 break;
118 case CRYPTO_BLF_CBC:
119 alg_name = "cbc(blowfish)";
120 break;
121 case CRYPTO_AES_CBC:
122 alg_name = "cbc(aes)";
123 break;
124 case CRYPTO_CAMELLIA_CBC:
125 alg_name = "cbc(camelia)";
126 break;
127 default:
128 dprintk(1,KERN_DEBUG,"%s: bad cipher: %d\n", __func__, sop->cipher);
129 return -EINVAL;
130 }
131
132 switch (sop->mac) {
133 case 0:
134 break;
135 case CRYPTO_MD5_HMAC:
136 hash_name = "hmac(md5)";
137 break;
138 case CRYPTO_RIPEMD160_HMAC:
139 hash_name = "hmac(rmd160)";
140 break;
141 case CRYPTO_SHA1_HMAC:
142 hash_name = "hmac(sha1)";
143 break;
144 case CRYPTO_SHA2_256_HMAC:
145 hash_name = "hmac(sha256)";
146 break;
147 case CRYPTO_SHA2_384_HMAC:
148 hash_name = "hmac(sha384)";
149 break;
150 case CRYPTO_SHA2_512_HMAC:
151 hash_name = "hmac(sha512)";
152 break;
153
154 /* non-hmac cases */
155 case CRYPTO_MD5:
156 hash_name = "md5";
157 hmac_mode = 0;
158 break;
159 case CRYPTO_RIPEMD160:
160 hash_name = "rmd160";
161 hmac_mode = 0;
162 break;
163 case CRYPTO_SHA1:
164 hash_name = "sha1";
165 hmac_mode = 0;
166 break;
167 case CRYPTO_SHA2_256:
168 hash_name = "sha256";
169 hmac_mode = 0;
170 break;
171 case CRYPTO_SHA2_384:
172 hash_name = "sha384";
173 hmac_mode = 0;
174 break;
175 case CRYPTO_SHA2_512:
176 hash_name = "sha512";
177 hmac_mode = 0;
178 break;
179
180 default:
181 dprintk(1,KERN_DEBUG,"%s: bad mac: %d\n", __func__, sop->mac);
182 return -EINVAL;
183 }
184
185 /* Create a session and put it to the list. */
186 ses_new = kmalloc(sizeof(*ses_new), GFP_KERNEL);
187 if(!ses_new) {
188 ret = -ENOMEM;
189 goto error;
190 }
191
192 memset(ses_new, 0, sizeof(*ses_new));
193
194 /* Set-up crypto transform. */
195 if (alg_name) {
196
197 ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, sop->key, sop->keylen);
198 if (ret < 0) {
199 return ret;
200 }
201 }
202
203 if (hash_name) {
204 ret = cryptodev_hash_init(&ses_new->hdata, hash_name, hmac_mode, sop->mackey, sop->mackeylen);
205 if (ret != 0) {
206 dprintk(1,KERN_DEBUG,"%s: Failed to load transform for %s\n", __func__,
207 hash_name);
208 return -EINVAL;
209 }
210 }
211
212 /* put the new session to the list */
213 get_random_bytes(&ses_new->sid, sizeof(ses_new->sid));
214 init_MUTEX(&ses_new->sem);
215
216 down(&fcr->sem);
217 restart:
218 list_for_each_entry(ses_ptr, &fcr->list, entry) {
219 /* Check for duplicate SID */
220 if (unlikely(ses_new->sid == ses_ptr->sid)) {
221 get_random_bytes(&ses_new->sid, sizeof(ses_new->sid));
222 /* Unless we have a broken RNG this
223 shouldn't loop forever... ;-) */
224 goto restart;
225 }
226 }
227
228 list_add(&ses_new->entry, &fcr->list);
229 up(&fcr->sem);
230
231 /* Fill in some values for the user. */
232 sop->ses = ses_new->sid;
233
234 return 0;
235
236 error:
237 cryptodev_cipher_deinit( &ses_new->cdata);
238 cryptodev_hash_deinit( &ses_new->hdata);
239
240 return ret;
241
242 }
243
244 /* Everything that needs to be done when remowing a session. */
245 static inline void
246 crypto_destroy_session(struct csession *ses_ptr)
247 {
248 if(down_trylock(&ses_ptr->sem)) {
249 dprintk(2, KERN_DEBUG, "Waiting for semaphore of sid=0x%08X\n",
250 ses_ptr->sid);
251 down(&ses_ptr->sem);
252 }
253 dprintk(2, KERN_DEBUG, "Removed session 0x%08X\n", ses_ptr->sid);
254 #if defined(CRYPTODEV_STATS)
255 if(enable_stats)
256 dprintk(2, KERN_DEBUG,
257 "Usage in Bytes: enc=%llu, dec=%llu, max=%zu, avg=%lu, cnt=%zu\n",
258 ses_ptr->stat[COP_ENCRYPT], ses_ptr->stat[COP_DECRYPT],
259 ses_ptr->stat_max_size, ses_ptr->stat_count > 0
260 ? ((unsigned long)(ses_ptr->stat[COP_ENCRYPT]+
261 ses_ptr->stat[COP_DECRYPT]) /
262 ses_ptr->stat_count) : 0,
263 ses_ptr->stat_count);
264 #endif
265 cryptodev_cipher_deinit(&ses_ptr->cdata);
266 cryptodev_hash_deinit(&ses_ptr->hdata);
267 up(&ses_ptr->sem);
268 kfree(ses_ptr);
269 }
270
271 /* Look up a session by ID and remove. */
272 static int
273 crypto_finish_session(struct fcrypt *fcr, uint32_t sid)
274 {
275 struct csession *tmp, *ses_ptr;
276 struct list_head *head;
277 int ret = 0;
278
279 down(&fcr->sem);
280 head = &fcr->list;
281 list_for_each_entry_safe(ses_ptr, tmp, head, entry) {
282 if(ses_ptr->sid == sid) {
283 list_del(&ses_ptr->entry);
284 crypto_destroy_session(ses_ptr);
285 break;
286 }
287 }
288
289 if (unlikely(!ses_ptr)) {
290 dprintk(1, KERN_ERR, "Session with sid=0x%08X not found!\n", sid);
291 ret = -ENOENT;
292 }
293 up(&fcr->sem);
294
295 return ret;
296 }
297
298 /* Remove all sessions when closing the file */
299 static int
300 crypto_finish_all_sessions(struct fcrypt *fcr)
301 {
302 struct csession *tmp, *ses_ptr;
303 struct list_head *head;
304
305 down(&fcr->sem);
306
307 head = &fcr->list;
308 list_for_each_entry_safe(ses_ptr, tmp, head, entry) {
309 list_del(&ses_ptr->entry);
310 crypto_destroy_session(ses_ptr);
311 }
312 up(&fcr->sem);
313
314 return 0;
315 }
316
317 /* Look up session by session ID. The returned session is locked. */
318 static struct csession *
319 crypto_get_session_by_sid(struct fcrypt *fcr, uint32_t sid)
320 {
321 struct csession *ses_ptr;
322
323 down(&fcr->sem);
324 list_for_each_entry(ses_ptr, &fcr->list, entry) {
325 if(ses_ptr->sid == sid) {
326 down(&ses_ptr->sem);
327 break;
328 }
329 }
330 up(&fcr->sem);
331
332 return ses_ptr;
333 }
334
335 /* This is the main crypto function - feed it with plaintext
336 and get a ciphertext (or vice versa :-) */
337 static int
338 crypto_run(struct fcrypt *fcr, struct crypt_op *cop)
339 {
340 char *data;
341 char __user *src, __user *dst;
342 struct scatterlist sg;
343 struct csession *ses_ptr;
344 unsigned int ivsize=0;
345 size_t nbytes, bufsize;
346 int ret = 0;
347 uint8_t hash_output[AALG_MAX_RESULT_LEN];
348
349 if (unlikely(cop->op != COP_ENCRYPT && cop->op != COP_DECRYPT)) {
350 dprintk(1, KERN_DEBUG, "invalid operation op=%u\n", cop->op);
351 return -EINVAL;
352 }
353
354 ses_ptr = crypto_get_session_by_sid(fcr, cop->ses);
355 if (unlikely(!ses_ptr)) {
356 dprintk(1, KERN_ERR, "invalid session ID=0x%08X\n", cop->ses);
357 return -EINVAL;
358 }
359
360 nbytes = cop->len;
361 data = (char*)__get_free_page(GFP_KERNEL);
362
363 if (unlikely(!data)) {
364 ret = -ENOMEM;
365 goto out_unlock;
366 }
367 bufsize = PAGE_SIZE < nbytes ? PAGE_SIZE : nbytes;
368
369 nbytes = cop->len;
370
371 if (ses_ptr->hdata.init != 0) {
372 ret = cryptodev_hash_reset(&ses_ptr->hdata);
373 if (unlikely(ret)) {
374 dprintk(1, KERN_ERR,
375 "error in cryptodev_hash_reset()\n");
376 goto out_unlock;
377 }
378 }
379
380 if (ses_ptr->cdata.init != 0) {
381 int blocksize = ses_ptr->cdata.blocksize;
382
383 if (unlikely(nbytes % blocksize)) {
384 dprintk(1, KERN_ERR,
385 "data size (%zu) isn't a multiple of block size (%u)\n",
386 nbytes, blocksize);
387 ret = -EINVAL;
388 goto out_unlock;
389 }
390
391 ivsize = ses_ptr->cdata.ivsize;
392
393 if (cop->iv) {
394 cryptodev_cipher_set_iv(&ses_ptr->cdata, cop->iv, ivsize);
395 }
396 }
397
398 src = cop->src;
399 dst = cop->dst;
400
401
402 while(nbytes > 0) {
403 size_t current_len = nbytes > bufsize ? bufsize : nbytes;
404
405 copy_from_user(data, src, current_len);
406
407 sg_init_one(&sg, data, current_len);
408
409 /* Always hash before encryption and after decryption. Maybe
410 * we should introduce a flag to switch... TBD later on.
411 */
412 if (cop->op == COP_ENCRYPT) {
413 if (ses_ptr->hdata.init != 0) {
414 ret = cryptodev_hash_update(&ses_ptr->hdata, &sg, current_len);
415 if (unlikely(ret)) {
416 dprintk(0, KERN_ERR, "CryptoAPI failure: %d\n",ret);
417 goto out;
418 }
419 }
420 if (ses_ptr->cdata.init != 0) {
421 ret = cryptodev_cipher_encrypt( &ses_ptr->cdata, &sg, &sg, current_len);
422
423 if (unlikely(ret)) {
424 dprintk(0, KERN_ERR, "CryptoAPI failure: %d\n",ret);
425 goto out;
426 }
427 copy_to_user(dst, data, current_len);
428 dst += current_len;
429 }
430 } else {
431 if (ses_ptr->cdata.init != 0) {
432 ret = cryptodev_cipher_decrypt( &ses_ptr->cdata, &sg, &sg, current_len);
433
434 if (unlikely(ret)) {
435 dprintk(0, KERN_ERR, "CryptoAPI failure: %d\n",ret);
436 goto out;
437 }
438 copy_to_user(dst, data, current_len);
439 dst += current_len;
440
441 }
442
443 if (ses_ptr->hdata.init != 0) {
444 ret = cryptodev_hash_update(&ses_ptr->hdata, &sg, current_len);
445 if (unlikely(ret)) {
446 dprintk(0, KERN_ERR, "CryptoAPI failure: %d\n",ret);
447 goto out;
448 }
449 }
450 }
451
452 nbytes -= current_len;
453 src += current_len;
454 }
455
456 if (ses_ptr->hdata.init != 0) {
457 ret = cryptodev_hash_final(&ses_ptr->hdata, hash_output);
458 if (unlikely(ret)) {
459 dprintk(0, KERN_ERR, "CryptoAPI failure: %d\n",ret);
460 goto out;
461 }
462
463 copy_to_user(cop->mac, hash_output, ses_ptr->hdata.digestsize);
464 }
465
466 #if defined(CRYPTODEV_STATS)
467 if (enable_stats) {
468 /* this is safe - we check cop->op at the function entry */
469 ses_ptr->stat[cop->op] += cop->len;
470 if (ses_ptr->stat_max_size < cop->len)
471 ses_ptr->stat_max_size = cop->len;
472 ses_ptr->stat_count++;
473 }
474 #endif
475
476 out:
477 free_page((unsigned long)data);
478
479 out_unlock:
480 up(&ses_ptr->sem);
481
482 return ret;
483 }
484
485 /* ====== /dev/crypto ====== */
486
487 static int
488 cryptodev_open(struct inode *inode, struct file *filp)
489 {
490 struct fcrypt *fcr;
491
492 fcr = kmalloc(sizeof(*fcr), GFP_KERNEL);
493 if(!fcr)
494 return -ENOMEM;
495
496 memset(fcr, 0, sizeof(*fcr));
497 init_MUTEX(&fcr->sem);
498 INIT_LIST_HEAD(&fcr->list);
499 filp->private_data = fcr;
500
501 return 0;
502 }
503
504 static int
505 cryptodev_release(struct inode *inode, struct file *filp)
506 {
507 struct fcrypt *fcr = filp->private_data;
508
509 if(fcr) {
510 crypto_finish_all_sessions(fcr);
511 kfree(fcr);
512 filp->private_data = NULL;
513 }
514
515 return 0;
516 }
517
518 static int
519 clonefd(struct file *filp)
520 {
521 struct fdtable *fdt = files_fdtable(current->files);
522 int ret;
523 ret = get_unused_fd();
524 if (ret >= 0) {
525 get_file(filp);
526 FD_SET(ret, fdt->open_fds);
527 fd_install(ret, filp);
528 }
529
530 return ret;
531 }
532
533 static int
534 cryptodev_ioctl(struct inode *inode, struct file *filp,
535 unsigned int cmd, unsigned long arg)
536 {
537 int __user *p = (void __user *)arg;
538 struct session_op sop;
539 struct crypt_op cop;
540 struct fcrypt *fcr = filp->private_data;
541 uint32_t ses;
542 int ret, fd;
543
544 if (unlikely(!fcr))
545 BUG();
546
547 switch (cmd) {
548 case CIOCASYMFEAT:
549 put_user(0, p);
550 return 0;
551 case CRIOGET:
552 fd = clonefd(filp);
553 put_user(fd, p);
554 return 0;
555
556 case CIOCGSESSION:
557 copy_from_user(&sop, (void*)arg, sizeof(sop));
558 ret = crypto_create_session(fcr, &sop);
559 if (unlikely(ret))
560 return ret;
561 copy_to_user((void*)arg, &sop, sizeof(sop));
562 return 0;
563
564 case CIOCFSESSION:
565 get_user(ses, (uint32_t*)arg);
566 ret = crypto_finish_session(fcr, ses);
567 return ret;
568
569 case CIOCCRYPT:
570 copy_from_user(&cop, (void*)arg, sizeof(cop));
571 ret = crypto_run(fcr, &cop);
572 if (unlikely(ret))
573 return ret;
574 copy_to_user((void*)arg, &cop, sizeof(cop));
575 return 0;
576
577 default:
578 return -EINVAL;
579 }
580 }
581
582 struct file_operations cryptodev_fops = {
583 .owner = THIS_MODULE,
584 .open = cryptodev_open,
585 .release = cryptodev_release,
586 .ioctl = cryptodev_ioctl,
587 };
588
589 struct miscdevice cryptodev = {
590 .minor = MISC_DYNAMIC_MINOR,
591 .name = "crypto",
592 .fops = &cryptodev_fops,
593 };
594
595 static int
596 cryptodev_register(void)
597 {
598 int rc;
599
600 rc = misc_register (&cryptodev);
601 if (unlikely(rc)) {
602 printk(KERN_ERR PFX "registeration of /dev/crypto failed\n");
603 return rc;
604 }
605
606 return 0;
607 }
608
609 static void
610 cryptodev_deregister(void)
611 {
612 misc_deregister(&cryptodev);
613 }
614
615 /* ====== Module init/exit ====== */
616
617 int __init init_cryptodev(void)
618 {
619 int rc;
620
621 rc = cryptodev_register();
622 if (unlikely(rc))
623 return rc;
624
625 printk(KERN_INFO PFX "driver loaded.\n");
626
627 return 0;
628 }
629
630 void __exit exit_cryptodev(void)
631 {
632 cryptodev_deregister();
633 printk(KERN_INFO PFX "driver unloaded.\n");
634 }
635
636 module_init(init_cryptodev);
637 module_exit(exit_cryptodev);
Cryptodev for linux