1 .. SPDX-License-Identifier: GPL-2.0 1 .. SPDX-License-Identifier: GPL-2.0 2 << 3 Crypto Engine 2 Crypto Engine 4 ============= 3 ============= 5 4 6 Overview 5 Overview 7 -------- 6 -------- 8 The crypto engine (CE) API is a crypto queue m 7 The crypto engine (CE) API is a crypto queue manager. 9 8 10 Requirement 9 Requirement 11 ----------- 10 ----------- 12 You must put, at the start of your transform c 11 You must put, at the start of your transform context your_tfm_ctx, the structure 13 crypto_engine: 12 crypto_engine: 14 13 15 :: 14 :: 16 15 17 struct your_tfm_ctx { 16 struct your_tfm_ctx { 18 struct crypto_engine engine; 17 struct crypto_engine engine; 19 ... 18 ... 20 }; 19 }; 21 20 22 The crypto engine only manages asynchronous re 21 The crypto engine only manages asynchronous requests in the form of 23 crypto_async_request. It cannot know the under 22 crypto_async_request. It cannot know the underlying request type and thus only 24 has access to the transform structure. It is n 23 has access to the transform structure. It is not possible to access the context 25 using container_of. In addition, the engine kn 24 using container_of. In addition, the engine knows nothing about your 26 structure "``struct your_tfm_ctx``". The engin 25 structure "``struct your_tfm_ctx``". The engine assumes (requires) the placement 27 of the known member ``struct crypto_engine`` a 26 of the known member ``struct crypto_engine`` at the beginning. 28 27 29 Order of operations 28 Order of operations 30 ------------------- 29 ------------------- 31 You are required to obtain a struct crypto_eng 30 You are required to obtain a struct crypto_engine via ``crypto_engine_alloc_init()``. 32 Start it via ``crypto_engine_start()``. When f 31 Start it via ``crypto_engine_start()``. When finished with your work, shut down the 33 engine using ``crypto_engine_stop()`` and dest 32 engine using ``crypto_engine_stop()`` and destroy the engine with 34 ``crypto_engine_exit()``. 33 ``crypto_engine_exit()``. 35 34 36 Before transferring any request, you have to f 35 Before transferring any request, you have to fill the context enginectx by 37 providing functions for the following: 36 providing functions for the following: 38 37 39 * ``prepare_crypt_hardware``: Called once befo 38 * ``prepare_crypt_hardware``: Called once before any prepare functions are 40 called. 39 called. 41 40 42 * ``unprepare_crypt_hardware``: Called once af 41 * ``unprepare_crypt_hardware``: Called once after all unprepare functions have 43 been called. 42 been called. 44 43 45 * ``prepare_cipher_request``/``prepare_hash_re 44 * ``prepare_cipher_request``/``prepare_hash_request``: Called before each 46 corresponding request is performed. If some 45 corresponding request is performed. If some processing or other preparatory 47 work is required, do it here. 46 work is required, do it here. 48 47 49 * ``unprepare_cipher_request``/``unprepare_has 48 * ``unprepare_cipher_request``/``unprepare_hash_request``: Called after each 50 request is handled. Clean up / undo what was 49 request is handled. Clean up / undo what was done in the prepare function. 51 50 52 * ``cipher_one_request``/``hash_one_request``: 51 * ``cipher_one_request``/``hash_one_request``: Handle the current request by 53 performing the operation. 52 performing the operation. 54 53 55 Note that these functions access the crypto_as 54 Note that these functions access the crypto_async_request structure 56 associated with the received request. You are 55 associated with the received request. You are able to retrieve the original 57 request by using: 56 request by using: 58 57 59 :: 58 :: 60 59 61 container_of(areq, struct yourrequestt 60 container_of(areq, struct yourrequesttype_request, base); 62 61 63 When your driver receives a crypto_request, yo 62 When your driver receives a crypto_request, you must to transfer it to 64 the crypto engine via one of: 63 the crypto engine via one of: 65 64 >> 65 * crypto_transfer_ablkcipher_request_to_engine() >> 66 66 * crypto_transfer_aead_request_to_engine() 67 * crypto_transfer_aead_request_to_engine() 67 68 68 * crypto_transfer_akcipher_request_to_engine() 69 * crypto_transfer_akcipher_request_to_engine() 69 70 70 * crypto_transfer_hash_request_to_engine() 71 * crypto_transfer_hash_request_to_engine() 71 72 72 * crypto_transfer_kpp_request_to_engine() << 73 << 74 * crypto_transfer_skcipher_request_to_engine() 73 * crypto_transfer_skcipher_request_to_engine() 75 74 76 At the end of the request process, a call to o 75 At the end of the request process, a call to one of the following functions is needed: 77 76 >> 77 * crypto_finalize_ablkcipher_request() >> 78 78 * crypto_finalize_aead_request() 79 * crypto_finalize_aead_request() 79 80 80 * crypto_finalize_akcipher_request() 81 * crypto_finalize_akcipher_request() 81 82 82 * crypto_finalize_hash_request() 83 * crypto_finalize_hash_request() 83 << 84 * crypto_finalize_kpp_request() << 85 84 86 * crypto_finalize_skcipher_request() 85 * crypto_finalize_skcipher_request()
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.