mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-12-22 20:23:57 +08:00
49 lines
1.8 KiB
ReStructuredText
49 lines
1.8 KiB
ReStructuredText
|
=============
|
||
|
CRYPTO ENGINE
|
||
|
=============
|
||
|
|
||
|
Overview
|
||
|
--------
|
||
|
The crypto engine API (CE), is a crypto queue manager.
|
||
|
|
||
|
Requirement
|
||
|
-----------
|
||
|
You have to put at start of your tfm_ctx the struct crypto_engine_ctx
|
||
|
struct your_tfm_ctx {
|
||
|
struct crypto_engine_ctx enginectx;
|
||
|
...
|
||
|
};
|
||
|
Why: Since CE manage only crypto_async_request, it cannot know the underlying
|
||
|
request_type and so have access only on the TFM.
|
||
|
So using container_of for accessing __ctx is impossible.
|
||
|
Furthermore, the crypto engine cannot know the "struct your_tfm_ctx",
|
||
|
so it must assume that crypto_engine_ctx is at start of it.
|
||
|
|
||
|
Order of operations
|
||
|
-------------------
|
||
|
You have to obtain a struct crypto_engine via crypto_engine_alloc_init().
|
||
|
And start it via crypto_engine_start().
|
||
|
|
||
|
Before transferring any request, you have to fill the enginectx.
|
||
|
- prepare_request: (taking a function pointer) If you need to do some processing before doing the request
|
||
|
- unprepare_request: (taking a function pointer) Undoing what's done in prepare_request
|
||
|
- do_one_request: (taking a function pointer) Do encryption for current request
|
||
|
|
||
|
Note: that those three functions get the crypto_async_request associated with the received request.
|
||
|
So your need to get the original request via container_of(areq, struct yourrequesttype_request, base);
|
||
|
|
||
|
When your driver receive a crypto_request, you have to transfer it to
|
||
|
the cryptoengine via one of:
|
||
|
- crypto_transfer_ablkcipher_request_to_engine()
|
||
|
- crypto_transfer_aead_request_to_engine()
|
||
|
- crypto_transfer_akcipher_request_to_engine()
|
||
|
- crypto_transfer_hash_request_to_engine()
|
||
|
- crypto_transfer_skcipher_request_to_engine()
|
||
|
|
||
|
At the end of the request process, a call to one of the following function is needed:
|
||
|
- crypto_finalize_ablkcipher_request
|
||
|
- crypto_finalize_aead_request
|
||
|
- crypto_finalize_akcipher_request
|
||
|
- crypto_finalize_hash_request
|
||
|
- crypto_finalize_skcipher_request
|