• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Glue Code for assembler optimized version of Blowfish
3  *
4  * Copyright (c) 2011 Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
5  *
6  * CBC & ECB parts based on code (crypto/cbc.c,ecb.c) by:
7  *   Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>
8  * CTR part based on code (crypto/ctr.c) by:
9  *   (C) Copyright IBM Corp. 2007 - Joy Latten <latten@us.ibm.com>
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License
22  * along with this program; if not, write to the Free Software
23  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
24  * USA
25  *
26  */
27 
28 #include <asm/processor.h>
29 #include <crypto/blowfish.h>
30 #include <linux/crypto.h>
31 #include <linux/init.h>
32 #include <linux/module.h>
33 #include <linux/types.h>
34 #include <crypto/algapi.h>
35 
36 /* regular block cipher functions */
37 asmlinkage void __blowfish_enc_blk(struct bf_ctx *ctx, u8 *dst, const u8 *src,
38 				   bool xor);
39 asmlinkage void blowfish_dec_blk(struct bf_ctx *ctx, u8 *dst, const u8 *src);
40 
41 /* 4-way parallel cipher functions */
42 asmlinkage void __blowfish_enc_blk_4way(struct bf_ctx *ctx, u8 *dst,
43 					const u8 *src, bool xor);
44 asmlinkage void blowfish_dec_blk_4way(struct bf_ctx *ctx, u8 *dst,
45 				      const u8 *src);
46 
blowfish_enc_blk(struct bf_ctx * ctx,u8 * dst,const u8 * src)47 static inline void blowfish_enc_blk(struct bf_ctx *ctx, u8 *dst, const u8 *src)
48 {
49 	__blowfish_enc_blk(ctx, dst, src, false);
50 }
51 
blowfish_enc_blk_xor(struct bf_ctx * ctx,u8 * dst,const u8 * src)52 static inline void blowfish_enc_blk_xor(struct bf_ctx *ctx, u8 *dst,
53 					const u8 *src)
54 {
55 	__blowfish_enc_blk(ctx, dst, src, true);
56 }
57 
blowfish_enc_blk_4way(struct bf_ctx * ctx,u8 * dst,const u8 * src)58 static inline void blowfish_enc_blk_4way(struct bf_ctx *ctx, u8 *dst,
59 					 const u8 *src)
60 {
61 	__blowfish_enc_blk_4way(ctx, dst, src, false);
62 }
63 
blowfish_enc_blk_xor_4way(struct bf_ctx * ctx,u8 * dst,const u8 * src)64 static inline void blowfish_enc_blk_xor_4way(struct bf_ctx *ctx, u8 *dst,
65 				      const u8 *src)
66 {
67 	__blowfish_enc_blk_4way(ctx, dst, src, true);
68 }
69 
blowfish_encrypt(struct crypto_tfm * tfm,u8 * dst,const u8 * src)70 static void blowfish_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
71 {
72 	blowfish_enc_blk(crypto_tfm_ctx(tfm), dst, src);
73 }
74 
blowfish_decrypt(struct crypto_tfm * tfm,u8 * dst,const u8 * src)75 static void blowfish_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
76 {
77 	blowfish_dec_blk(crypto_tfm_ctx(tfm), dst, src);
78 }
79 
ecb_crypt(struct blkcipher_desc * desc,struct blkcipher_walk * walk,void (* fn)(struct bf_ctx *,u8 *,const u8 *),void (* fn_4way)(struct bf_ctx *,u8 *,const u8 *))80 static int ecb_crypt(struct blkcipher_desc *desc, struct blkcipher_walk *walk,
81 		     void (*fn)(struct bf_ctx *, u8 *, const u8 *),
82 		     void (*fn_4way)(struct bf_ctx *, u8 *, const u8 *))
83 {
84 	struct bf_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
85 	unsigned int bsize = BF_BLOCK_SIZE;
86 	unsigned int nbytes;
87 	int err;
88 
89 	err = blkcipher_walk_virt(desc, walk);
90 
91 	while ((nbytes = walk->nbytes)) {
92 		u8 *wsrc = walk->src.virt.addr;
93 		u8 *wdst = walk->dst.virt.addr;
94 
95 		/* Process four block batch */
96 		if (nbytes >= bsize * 4) {
97 			do {
98 				fn_4way(ctx, wdst, wsrc);
99 
100 				wsrc += bsize * 4;
101 				wdst += bsize * 4;
102 				nbytes -= bsize * 4;
103 			} while (nbytes >= bsize * 4);
104 
105 			if (nbytes < bsize)
106 				goto done;
107 		}
108 
109 		/* Handle leftovers */
110 		do {
111 			fn(ctx, wdst, wsrc);
112 
113 			wsrc += bsize;
114 			wdst += bsize;
115 			nbytes -= bsize;
116 		} while (nbytes >= bsize);
117 
118 done:
119 		err = blkcipher_walk_done(desc, walk, nbytes);
120 	}
121 
122 	return err;
123 }
124 
ecb_encrypt(struct blkcipher_desc * desc,struct scatterlist * dst,struct scatterlist * src,unsigned int nbytes)125 static int ecb_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
126 		       struct scatterlist *src, unsigned int nbytes)
127 {
128 	struct blkcipher_walk walk;
129 
130 	blkcipher_walk_init(&walk, dst, src, nbytes);
131 	return ecb_crypt(desc, &walk, blowfish_enc_blk, blowfish_enc_blk_4way);
132 }
133 
ecb_decrypt(struct blkcipher_desc * desc,struct scatterlist * dst,struct scatterlist * src,unsigned int nbytes)134 static int ecb_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
135 		       struct scatterlist *src, unsigned int nbytes)
136 {
137 	struct blkcipher_walk walk;
138 
139 	blkcipher_walk_init(&walk, dst, src, nbytes);
140 	return ecb_crypt(desc, &walk, blowfish_dec_blk, blowfish_dec_blk_4way);
141 }
142 
__cbc_encrypt(struct blkcipher_desc * desc,struct blkcipher_walk * walk)143 static unsigned int __cbc_encrypt(struct blkcipher_desc *desc,
144 				  struct blkcipher_walk *walk)
145 {
146 	struct bf_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
147 	unsigned int bsize = BF_BLOCK_SIZE;
148 	unsigned int nbytes = walk->nbytes;
149 	u64 *src = (u64 *)walk->src.virt.addr;
150 	u64 *dst = (u64 *)walk->dst.virt.addr;
151 	u64 *iv = (u64 *)walk->iv;
152 
153 	do {
154 		*dst = *src ^ *iv;
155 		blowfish_enc_blk(ctx, (u8 *)dst, (u8 *)dst);
156 		iv = dst;
157 
158 		src += 1;
159 		dst += 1;
160 		nbytes -= bsize;
161 	} while (nbytes >= bsize);
162 
163 	*(u64 *)walk->iv = *iv;
164 	return nbytes;
165 }
166 
cbc_encrypt(struct blkcipher_desc * desc,struct scatterlist * dst,struct scatterlist * src,unsigned int nbytes)167 static int cbc_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
168 		       struct scatterlist *src, unsigned int nbytes)
169 {
170 	struct blkcipher_walk walk;
171 	int err;
172 
173 	blkcipher_walk_init(&walk, dst, src, nbytes);
174 	err = blkcipher_walk_virt(desc, &walk);
175 
176 	while ((nbytes = walk.nbytes)) {
177 		nbytes = __cbc_encrypt(desc, &walk);
178 		err = blkcipher_walk_done(desc, &walk, nbytes);
179 	}
180 
181 	return err;
182 }
183 
__cbc_decrypt(struct blkcipher_desc * desc,struct blkcipher_walk * walk)184 static unsigned int __cbc_decrypt(struct blkcipher_desc *desc,
185 				  struct blkcipher_walk *walk)
186 {
187 	struct bf_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
188 	unsigned int bsize = BF_BLOCK_SIZE;
189 	unsigned int nbytes = walk->nbytes;
190 	u64 *src = (u64 *)walk->src.virt.addr;
191 	u64 *dst = (u64 *)walk->dst.virt.addr;
192 	u64 ivs[4 - 1];
193 	u64 last_iv;
194 
195 	/* Start of the last block. */
196 	src += nbytes / bsize - 1;
197 	dst += nbytes / bsize - 1;
198 
199 	last_iv = *src;
200 
201 	/* Process four block batch */
202 	if (nbytes >= bsize * 4) {
203 		do {
204 			nbytes -= bsize * 4 - bsize;
205 			src -= 4 - 1;
206 			dst -= 4 - 1;
207 
208 			ivs[0] = src[0];
209 			ivs[1] = src[1];
210 			ivs[2] = src[2];
211 
212 			blowfish_dec_blk_4way(ctx, (u8 *)dst, (u8 *)src);
213 
214 			dst[1] ^= ivs[0];
215 			dst[2] ^= ivs[1];
216 			dst[3] ^= ivs[2];
217 
218 			nbytes -= bsize;
219 			if (nbytes < bsize)
220 				goto done;
221 
222 			*dst ^= *(src - 1);
223 			src -= 1;
224 			dst -= 1;
225 		} while (nbytes >= bsize * 4);
226 
227 		if (nbytes < bsize)
228 			goto done;
229 	}
230 
231 	/* Handle leftovers */
232 	for (;;) {
233 		blowfish_dec_blk(ctx, (u8 *)dst, (u8 *)src);
234 
235 		nbytes -= bsize;
236 		if (nbytes < bsize)
237 			break;
238 
239 		*dst ^= *(src - 1);
240 		src -= 1;
241 		dst -= 1;
242 	}
243 
244 done:
245 	*dst ^= *(u64 *)walk->iv;
246 	*(u64 *)walk->iv = last_iv;
247 
248 	return nbytes;
249 }
250 
cbc_decrypt(struct blkcipher_desc * desc,struct scatterlist * dst,struct scatterlist * src,unsigned int nbytes)251 static int cbc_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
252 		       struct scatterlist *src, unsigned int nbytes)
253 {
254 	struct blkcipher_walk walk;
255 	int err;
256 
257 	blkcipher_walk_init(&walk, dst, src, nbytes);
258 	err = blkcipher_walk_virt(desc, &walk);
259 
260 	while ((nbytes = walk.nbytes)) {
261 		nbytes = __cbc_decrypt(desc, &walk);
262 		err = blkcipher_walk_done(desc, &walk, nbytes);
263 	}
264 
265 	return err;
266 }
267 
ctr_crypt_final(struct bf_ctx * ctx,struct blkcipher_walk * walk)268 static void ctr_crypt_final(struct bf_ctx *ctx, struct blkcipher_walk *walk)
269 {
270 	u8 *ctrblk = walk->iv;
271 	u8 keystream[BF_BLOCK_SIZE];
272 	u8 *src = walk->src.virt.addr;
273 	u8 *dst = walk->dst.virt.addr;
274 	unsigned int nbytes = walk->nbytes;
275 
276 	blowfish_enc_blk(ctx, keystream, ctrblk);
277 	crypto_xor(keystream, src, nbytes);
278 	memcpy(dst, keystream, nbytes);
279 
280 	crypto_inc(ctrblk, BF_BLOCK_SIZE);
281 }
282 
__ctr_crypt(struct blkcipher_desc * desc,struct blkcipher_walk * walk)283 static unsigned int __ctr_crypt(struct blkcipher_desc *desc,
284 				struct blkcipher_walk *walk)
285 {
286 	struct bf_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
287 	unsigned int bsize = BF_BLOCK_SIZE;
288 	unsigned int nbytes = walk->nbytes;
289 	u64 *src = (u64 *)walk->src.virt.addr;
290 	u64 *dst = (u64 *)walk->dst.virt.addr;
291 	u64 ctrblk = be64_to_cpu(*(__be64 *)walk->iv);
292 	__be64 ctrblocks[4];
293 
294 	/* Process four block batch */
295 	if (nbytes >= bsize * 4) {
296 		do {
297 			if (dst != src) {
298 				dst[0] = src[0];
299 				dst[1] = src[1];
300 				dst[2] = src[2];
301 				dst[3] = src[3];
302 			}
303 
304 			/* create ctrblks for parallel encrypt */
305 			ctrblocks[0] = cpu_to_be64(ctrblk++);
306 			ctrblocks[1] = cpu_to_be64(ctrblk++);
307 			ctrblocks[2] = cpu_to_be64(ctrblk++);
308 			ctrblocks[3] = cpu_to_be64(ctrblk++);
309 
310 			blowfish_enc_blk_xor_4way(ctx, (u8 *)dst,
311 						  (u8 *)ctrblocks);
312 
313 			src += 4;
314 			dst += 4;
315 		} while ((nbytes -= bsize * 4) >= bsize * 4);
316 
317 		if (nbytes < bsize)
318 			goto done;
319 	}
320 
321 	/* Handle leftovers */
322 	do {
323 		if (dst != src)
324 			*dst = *src;
325 
326 		ctrblocks[0] = cpu_to_be64(ctrblk++);
327 
328 		blowfish_enc_blk_xor(ctx, (u8 *)dst, (u8 *)ctrblocks);
329 
330 		src += 1;
331 		dst += 1;
332 	} while ((nbytes -= bsize) >= bsize);
333 
334 done:
335 	*(__be64 *)walk->iv = cpu_to_be64(ctrblk);
336 	return nbytes;
337 }
338 
ctr_crypt(struct blkcipher_desc * desc,struct scatterlist * dst,struct scatterlist * src,unsigned int nbytes)339 static int ctr_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
340 		     struct scatterlist *src, unsigned int nbytes)
341 {
342 	struct blkcipher_walk walk;
343 	int err;
344 
345 	blkcipher_walk_init(&walk, dst, src, nbytes);
346 	err = blkcipher_walk_virt_block(desc, &walk, BF_BLOCK_SIZE);
347 
348 	while ((nbytes = walk.nbytes) >= BF_BLOCK_SIZE) {
349 		nbytes = __ctr_crypt(desc, &walk);
350 		err = blkcipher_walk_done(desc, &walk, nbytes);
351 	}
352 
353 	if (walk.nbytes) {
354 		ctr_crypt_final(crypto_blkcipher_ctx(desc->tfm), &walk);
355 		err = blkcipher_walk_done(desc, &walk, 0);
356 	}
357 
358 	return err;
359 }
360 
361 static struct crypto_alg bf_algs[4] = { {
362 	.cra_name		= "blowfish",
363 	.cra_driver_name	= "blowfish-asm",
364 	.cra_priority		= 200,
365 	.cra_flags		= CRYPTO_ALG_TYPE_CIPHER,
366 	.cra_blocksize		= BF_BLOCK_SIZE,
367 	.cra_ctxsize		= sizeof(struct bf_ctx),
368 	.cra_alignmask		= 0,
369 	.cra_module		= THIS_MODULE,
370 	.cra_list		= LIST_HEAD_INIT(bf_algs[0].cra_list),
371 	.cra_u = {
372 		.cipher = {
373 			.cia_min_keysize	= BF_MIN_KEY_SIZE,
374 			.cia_max_keysize	= BF_MAX_KEY_SIZE,
375 			.cia_setkey		= blowfish_setkey,
376 			.cia_encrypt		= blowfish_encrypt,
377 			.cia_decrypt		= blowfish_decrypt,
378 		}
379 	}
380 }, {
381 	.cra_name		= "ecb(blowfish)",
382 	.cra_driver_name	= "ecb-blowfish-asm",
383 	.cra_priority		= 300,
384 	.cra_flags		= CRYPTO_ALG_TYPE_BLKCIPHER,
385 	.cra_blocksize		= BF_BLOCK_SIZE,
386 	.cra_ctxsize		= sizeof(struct bf_ctx),
387 	.cra_alignmask		= 0,
388 	.cra_type		= &crypto_blkcipher_type,
389 	.cra_module		= THIS_MODULE,
390 	.cra_list		= LIST_HEAD_INIT(bf_algs[1].cra_list),
391 	.cra_u = {
392 		.blkcipher = {
393 			.min_keysize	= BF_MIN_KEY_SIZE,
394 			.max_keysize	= BF_MAX_KEY_SIZE,
395 			.setkey		= blowfish_setkey,
396 			.encrypt	= ecb_encrypt,
397 			.decrypt	= ecb_decrypt,
398 		},
399 	},
400 }, {
401 	.cra_name		= "cbc(blowfish)",
402 	.cra_driver_name	= "cbc-blowfish-asm",
403 	.cra_priority		= 300,
404 	.cra_flags		= CRYPTO_ALG_TYPE_BLKCIPHER,
405 	.cra_blocksize		= BF_BLOCK_SIZE,
406 	.cra_ctxsize		= sizeof(struct bf_ctx),
407 	.cra_alignmask		= 0,
408 	.cra_type		= &crypto_blkcipher_type,
409 	.cra_module		= THIS_MODULE,
410 	.cra_list		= LIST_HEAD_INIT(bf_algs[2].cra_list),
411 	.cra_u = {
412 		.blkcipher = {
413 			.min_keysize	= BF_MIN_KEY_SIZE,
414 			.max_keysize	= BF_MAX_KEY_SIZE,
415 			.ivsize		= BF_BLOCK_SIZE,
416 			.setkey		= blowfish_setkey,
417 			.encrypt	= cbc_encrypt,
418 			.decrypt	= cbc_decrypt,
419 		},
420 	},
421 }, {
422 	.cra_name		= "ctr(blowfish)",
423 	.cra_driver_name	= "ctr-blowfish-asm",
424 	.cra_priority		= 300,
425 	.cra_flags		= CRYPTO_ALG_TYPE_BLKCIPHER,
426 	.cra_blocksize		= 1,
427 	.cra_ctxsize		= sizeof(struct bf_ctx),
428 	.cra_alignmask		= 0,
429 	.cra_type		= &crypto_blkcipher_type,
430 	.cra_module		= THIS_MODULE,
431 	.cra_list		= LIST_HEAD_INIT(bf_algs[3].cra_list),
432 	.cra_u = {
433 		.blkcipher = {
434 			.min_keysize	= BF_MIN_KEY_SIZE,
435 			.max_keysize	= BF_MAX_KEY_SIZE,
436 			.ivsize		= BF_BLOCK_SIZE,
437 			.setkey		= blowfish_setkey,
438 			.encrypt	= ctr_crypt,
439 			.decrypt	= ctr_crypt,
440 		},
441 	},
442 } };
443 
is_blacklisted_cpu(void)444 static bool is_blacklisted_cpu(void)
445 {
446 	if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL)
447 		return false;
448 
449 	if (boot_cpu_data.x86 == 0x0f) {
450 		/*
451 		 * On Pentium 4, blowfish-x86_64 is slower than generic C
452 		 * implementation because use of 64bit rotates (which are really
453 		 * slow on P4). Therefore blacklist P4s.
454 		 */
455 		return true;
456 	}
457 
458 	return false;
459 }
460 
461 static int force;
462 module_param(force, int, 0);
463 MODULE_PARM_DESC(force, "Force module load, ignore CPU blacklist");
464 
init(void)465 static int __init init(void)
466 {
467 	if (!force && is_blacklisted_cpu()) {
468 		printk(KERN_INFO
469 			"blowfish-x86_64: performance on this CPU "
470 			"would be suboptimal: disabling "
471 			"blowfish-x86_64.\n");
472 		return -ENODEV;
473 	}
474 
475 	return crypto_register_algs(bf_algs, ARRAY_SIZE(bf_algs));
476 }
477 
fini(void)478 static void __exit fini(void)
479 {
480 	crypto_unregister_algs(bf_algs, ARRAY_SIZE(bf_algs));
481 }
482 
483 module_init(init);
484 module_exit(fini);
485 
486 MODULE_LICENSE("GPL");
487 MODULE_DESCRIPTION("Blowfish Cipher Algorithm, asm optimized");
488 MODULE_ALIAS("blowfish");
489 MODULE_ALIAS("blowfish-asm");
490