[thirdparty/qemu.git] / backends / cryptodev-builtin.c

/*
 * QEMU Cryptodev backend for QEMU cipher APIs
 *
 * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
 *
 * Authors:
 *    Gonglei <arei.gonglei@huawei.com>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
 *
 */

#include "qemu/osdep.h"
#include "sysemu/cryptodev.h"
#include "qapi/error.h"
#include "standard-headers/linux/virtio_crypto.h"
#include "crypto/cipher.h"
#include "crypto/akcipher.h"
#include "qom/object.h"


/**
 * @TYPE_CRYPTODEV_BACKEND_BUILTIN:
 * name of backend that uses QEMU cipher API
 */
#define TYPE_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"

OBJECT_DECLARE_SIMPLE_TYPE(CryptoDevBackendBuiltin, CRYPTODEV_BACKEND_BUILTIN)


typedef struct CryptoDevBackendBuiltinSession {
    QCryptoCipher *cipher;
    uint8_t direction; /* encryption or decryption */
    uint8_t type; /* cipher? hash? aead? */
    QCryptoAkCipher *akcipher;
    QTAILQ_ENTRY(CryptoDevBackendBuiltinSession) next;
} CryptoDevBackendBuiltinSession;

/* Max number of symmetric/asymmetric sessions */
#define MAX_NUM_SESSIONS 256

#define CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN    512
#define CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN  64

struct CryptoDevBackendBuiltin {
    CryptoDevBackend parent_obj;

    CryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
};

static void cryptodev_builtin_init_akcipher(CryptoDevBackend *backend)
{
    QCryptoAkCipherOptions opts;

    opts.alg = QCRYPTO_AKCIPHER_ALG_RSA;
    opts.u.rsa.padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
    if (qcrypto_akcipher_supports(&opts)) {
        backend->conf.crypto_services |=
                     (1u << QCRYPTODEV_BACKEND_SERVICE_AKCIPHER);
        backend->conf.akcipher_algo = 1u << VIRTIO_CRYPTO_AKCIPHER_RSA;
    }
}

static void cryptodev_builtin_init(
             CryptoDevBackend *backend, Error **errp)
{
    /* Only support one queue */
    int queues = backend->conf.peers.queues;
    CryptoDevBackendClient *cc;

    if (queues != 1) {
        error_setg(errp,
                  "Only support one queue in cryptdov-builtin backend");
        return;
    }

    cc = cryptodev_backend_new_client();
    cc->info_str = g_strdup_printf("cryptodev-builtin0");
    cc->queue_index = 0;
    cc->type = QCRYPTODEV_BACKEND_TYPE_BUILTIN;
    backend->conf.peers.ccs[0] = cc;

    backend->conf.crypto_services =
                         1u << QCRYPTODEV_BACKEND_SERVICE_CIPHER |
                         1u << QCRYPTODEV_BACKEND_SERVICE_HASH |
                         1u << QCRYPTODEV_BACKEND_SERVICE_MAC;
    backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
    backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
    /*
     * Set the Maximum length of crypto request.
     * Why this value? Just avoid to overflow when
     * memory allocation for each crypto request.
     */
    backend->conf.max_size = LONG_MAX - sizeof(CryptoDevBackendOpInfo);
    backend->conf.max_cipher_key_len = CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN;
    backend->conf.max_auth_key_len = CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN;
    cryptodev_builtin_init_akcipher(backend);

    cryptodev_backend_set_ready(backend, true);
}

static int
cryptodev_builtin_get_unused_session_index(
                 CryptoDevBackendBuiltin *builtin)
{
    size_t i;

    for (i = 0; i < MAX_NUM_SESSIONS; i++) {
        if (builtin->sessions[i] == NULL) {
            return i;
        }
    }

    return -1;
}

#define AES_KEYSIZE_128 16
#define AES_KEYSIZE_192 24
#define AES_KEYSIZE_256 32
#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256
#define AES_KEYSIZE_256_XTS 64

static int
cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp)
{
    int algo;

    if (key_len == AES_KEYSIZE_128) {
        algo = QCRYPTO_CIPHER_ALG_AES_128;
    } else if (key_len == AES_KEYSIZE_192) {
        algo = QCRYPTO_CIPHER_ALG_AES_192;
    } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */
        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
            algo = QCRYPTO_CIPHER_ALG_AES_128;
        } else {
            algo = QCRYPTO_CIPHER_ALG_AES_256;
        }
    } else if (key_len == AES_KEYSIZE_256_XTS) {
        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
            algo = QCRYPTO_CIPHER_ALG_AES_256;
        } else {
            goto err;
        }
    } else {
        goto err;
    }

    return algo;

err:
   error_setg(errp, "Unsupported key length :%u", key_len);
   return -1;
}

static int cryptodev_builtin_get_rsa_hash_algo(
    int virtio_rsa_hash, Error **errp)
{
    switch (virtio_rsa_hash) {
    case VIRTIO_CRYPTO_RSA_MD5:
        return QCRYPTO_HASH_ALG_MD5;

    case VIRTIO_CRYPTO_RSA_SHA1:
        return QCRYPTO_HASH_ALG_SHA1;

    case VIRTIO_CRYPTO_RSA_SHA256:
        return QCRYPTO_HASH_ALG_SHA256;

    case VIRTIO_CRYPTO_RSA_SHA512:
        return QCRYPTO_HASH_ALG_SHA512;

    default:
        error_setg(errp, "Unsupported rsa hash algo: %d", virtio_rsa_hash);
        return -1;
    }
}

static int cryptodev_builtin_set_rsa_options(
                    int virtio_padding_algo,
                    int virtio_hash_algo,
                    QCryptoAkCipherOptionsRSA *opt,
                    Error **errp)
{
    if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_PKCS1_PADDING) {
        int hash_alg;

        hash_alg = cryptodev_builtin_get_rsa_hash_algo(virtio_hash_algo, errp);
        if (hash_alg < 0) {
            return -1;
        }
        opt->hash_alg = hash_alg;
        opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1;
        return 0;
    }

    if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_RAW_PADDING) {
        opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
        return 0;
    }

    error_setg(errp, "Unsupported rsa padding algo: %d", virtio_padding_algo);
    return -1;
}

static int cryptodev_builtin_create_cipher_session(
                    CryptoDevBackendBuiltin *builtin,
                    CryptoDevBackendSymSessionInfo *sess_info,
                    Error **errp)
{
    int algo;
    int mode;
    QCryptoCipher *cipher;
    int index;
    CryptoDevBackendBuiltinSession *sess;

    if (sess_info->op_type != VIRTIO_CRYPTO_SYM_OP_CIPHER) {
        error_setg(errp, "Unsupported optype :%u", sess_info->op_type);
        return -1;
    }

    index = cryptodev_builtin_get_unused_session_index(builtin);
    if (index < 0) {
        error_setg(errp, "Total number of sessions created exceeds %u",
                  MAX_NUM_SESSIONS);
        return -1;
    }

    switch (sess_info->cipher_alg) {
    case VIRTIO_CRYPTO_CIPHER_AES_ECB:
        mode = QCRYPTO_CIPHER_MODE_ECB;
        algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
                                                    mode, errp);
        if (algo < 0)  {
            return -1;
        }
        break;
    case VIRTIO_CRYPTO_CIPHER_AES_CBC:
        mode = QCRYPTO_CIPHER_MODE_CBC;
        algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
                                                    mode, errp);
        if (algo < 0)  {
            return -1;
        }
        break;
    case VIRTIO_CRYPTO_CIPHER_AES_CTR:
        mode = QCRYPTO_CIPHER_MODE_CTR;
        algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
                                                    mode, errp);
        if (algo < 0)  {
            return -1;
        }
        break;
    case VIRTIO_CRYPTO_CIPHER_AES_XTS:
        mode = QCRYPTO_CIPHER_MODE_XTS;
        algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
                                                    mode, errp);
        if (algo < 0)  {
            return -1;
        }
        break;
    case VIRTIO_CRYPTO_CIPHER_3DES_ECB:
        mode = QCRYPTO_CIPHER_MODE_ECB;
        algo = QCRYPTO_CIPHER_ALG_3DES;
        break;
    case VIRTIO_CRYPTO_CIPHER_3DES_CBC:
        mode = QCRYPTO_CIPHER_MODE_CBC;
        algo = QCRYPTO_CIPHER_ALG_3DES;
        break;
    case VIRTIO_CRYPTO_CIPHER_3DES_CTR:
        mode = QCRYPTO_CIPHER_MODE_CTR;
        algo = QCRYPTO_CIPHER_ALG_3DES;
        break;
    default:
        error_setg(errp, "Unsupported cipher alg :%u",
                   sess_info->cipher_alg);
        return -1;
    }

    cipher = qcrypto_cipher_new(algo, mode,
                               sess_info->cipher_key,
                               sess_info->key_len,
                               errp);
    if (!cipher) {
        return -1;
    }

    sess = g_new0(CryptoDevBackendBuiltinSession, 1);
    sess->cipher = cipher;
    sess->direction = sess_info->direction;
    sess->type = sess_info->op_type;

    builtin->sessions[index] = sess;

    return index;
}

static int cryptodev_builtin_create_akcipher_session(
                    CryptoDevBackendBuiltin *builtin,
                    CryptoDevBackendAsymSessionInfo *sess_info,
                    Error **errp)
{
    CryptoDevBackendBuiltinSession *sess;
    QCryptoAkCipher *akcipher;
    int index;
    QCryptoAkCipherKeyType type;
    QCryptoAkCipherOptions opts;

    switch (sess_info->algo) {
    case VIRTIO_CRYPTO_AKCIPHER_RSA:
        opts.alg = QCRYPTO_AKCIPHER_ALG_RSA;
        if (cryptodev_builtin_set_rsa_options(sess_info->u.rsa.padding_algo,
            sess_info->u.rsa.hash_algo, &opts.u.rsa, errp) != 0) {
            return -1;
        }
        break;

    /* TODO support DSA&ECDSA until qemu crypto framework support these */

    default:
        error_setg(errp, "Unsupported akcipher alg %u", sess_info->algo);
        return -1;
    }

    switch (sess_info->keytype) {
    case VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PUBLIC:
        type = QCRYPTO_AKCIPHER_KEY_TYPE_PUBLIC;
        break;

    case VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PRIVATE:
        type = QCRYPTO_AKCIPHER_KEY_TYPE_PRIVATE;
        break;

    default:
        error_setg(errp, "Unsupported akcipher keytype %u", sess_info->keytype);
        return -1;
    }

    index = cryptodev_builtin_get_unused_session_index(builtin);
    if (index < 0) {
        error_setg(errp, "Total number of sessions created exceeds %u",
                   MAX_NUM_SESSIONS);
        return -1;
    }

    akcipher = qcrypto_akcipher_new(&opts, type, sess_info->key,
                                    sess_info->keylen, errp);
    if (!akcipher) {
        return -1;
    }

    sess = g_new0(CryptoDevBackendBuiltinSession, 1);
    sess->akcipher = akcipher;

    builtin->sessions[index] = sess;

    return index;
}

static int cryptodev_builtin_create_session(
           CryptoDevBackend *backend,
           CryptoDevBackendSessionInfo *sess_info,
           uint32_t queue_index,
           CryptoDevCompletionFunc cb,
           void *opaque)
{
    CryptoDevBackendBuiltin *builtin =
                      CRYPTODEV_BACKEND_BUILTIN(backend);
    CryptoDevBackendSymSessionInfo *sym_sess_info;
    CryptoDevBackendAsymSessionInfo *asym_sess_info;
    int ret, status;
    Error *local_error = NULL;

    switch (sess_info->op_code) {
    case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
        sym_sess_info = &sess_info->u.sym_sess_info;
        ret = cryptodev_builtin_create_cipher_session(
                    builtin, sym_sess_info, &local_error);
        break;

    case VIRTIO_CRYPTO_AKCIPHER_CREATE_SESSION:
        asym_sess_info = &sess_info->u.asym_sess_info;
        ret = cryptodev_builtin_create_akcipher_session(
                           builtin, asym_sess_info, &local_error);
        break;

    case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
    case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
    default:
        error_setg(&local_error, "Unsupported opcode :%" PRIu32 "",
                   sess_info->op_code);
        return -VIRTIO_CRYPTO_NOTSUPP;
    }

    if (local_error) {
        error_report_err(local_error);
    }
    if (ret < 0) {
        status = -VIRTIO_CRYPTO_ERR;
    } else {
        sess_info->session_id = ret;
        status = VIRTIO_CRYPTO_OK;
    }
    if (cb) {
        cb(opaque, status);
    }
    return 0;
}

static int cryptodev_builtin_close_session(
           CryptoDevBackend *backend,
           uint64_t session_id,
           uint32_t queue_index,
           CryptoDevCompletionFunc cb,
           void *opaque)
{
    CryptoDevBackendBuiltin *builtin =
                      CRYPTODEV_BACKEND_BUILTIN(backend);
    CryptoDevBackendBuiltinSession *session;

    if (session_id >= MAX_NUM_SESSIONS || !builtin->sessions[session_id]) {
        return -VIRTIO_CRYPTO_INVSESS;
    }

    session = builtin->sessions[session_id];
    if (session->cipher) {
        qcrypto_cipher_free(session->cipher);
    } else if (session->akcipher) {
        qcrypto_akcipher_free(session->akcipher);
    }

    g_free(session);
    builtin->sessions[session_id] = NULL;
    if (cb) {
        cb(opaque, VIRTIO_CRYPTO_OK);
    }
    return 0;
}

static int cryptodev_builtin_sym_operation(
                 CryptoDevBackendBuiltinSession *sess,
                 CryptoDevBackendSymOpInfo *op_info, Error **errp)
{
    int ret;

    if (op_info->op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
        error_setg(errp,
               "Algorithm chain is unsupported for cryptdoev-builtin");
        return -VIRTIO_CRYPTO_NOTSUPP;
    }

    if (op_info->iv_len > 0) {
        ret = qcrypto_cipher_setiv(sess->cipher, op_info->iv,
                                   op_info->iv_len, errp);
        if (ret < 0) {
            return -VIRTIO_CRYPTO_ERR;
        }
    }

    if (sess->direction == VIRTIO_CRYPTO_OP_ENCRYPT) {
        ret = qcrypto_cipher_encrypt(sess->cipher, op_info->src,
                                     op_info->dst, op_info->src_len, errp);
        if (ret < 0) {
            return -VIRTIO_CRYPTO_ERR;
        }
    } else {
        ret = qcrypto_cipher_decrypt(sess->cipher, op_info->src,
                                     op_info->dst, op_info->src_len, errp);
        if (ret < 0) {
            return -VIRTIO_CRYPTO_ERR;
        }
    }

    return VIRTIO_CRYPTO_OK;
}

static int cryptodev_builtin_asym_operation(
                 CryptoDevBackendBuiltinSession *sess, uint32_t op_code,
                 CryptoDevBackendAsymOpInfo *op_info, Error **errp)
{
    int ret;

    switch (op_code) {
    case VIRTIO_CRYPTO_AKCIPHER_ENCRYPT:
        ret = qcrypto_akcipher_encrypt(sess->akcipher,
                                       op_info->src, op_info->src_len,
                                       op_info->dst, op_info->dst_len, errp);
        break;

    case VIRTIO_CRYPTO_AKCIPHER_DECRYPT:
        ret = qcrypto_akcipher_decrypt(sess->akcipher,
                                       op_info->src, op_info->src_len,
                                       op_info->dst, op_info->dst_len, errp);
        break;

    case VIRTIO_CRYPTO_AKCIPHER_SIGN:
        ret = qcrypto_akcipher_sign(sess->akcipher,
                                    op_info->src, op_info->src_len,
                                    op_info->dst, op_info->dst_len, errp);
        break;

    case VIRTIO_CRYPTO_AKCIPHER_VERIFY:
        ret = qcrypto_akcipher_verify(sess->akcipher,
                                      op_info->src, op_info->src_len,
                                      op_info->dst, op_info->dst_len, errp);
        break;

    default:
        return -VIRTIO_CRYPTO_ERR;
    }

    if (ret < 0) {
        if (op_code == VIRTIO_CRYPTO_AKCIPHER_VERIFY) {
            return -VIRTIO_CRYPTO_KEY_REJECTED;
        }
        return -VIRTIO_CRYPTO_ERR;
    }

    /* Buffer is too short, typically the driver should handle this case */
    if (unlikely(ret > op_info->dst_len)) {
        if (errp && !*errp) {
            error_setg(errp, "dst buffer too short");
        }

        return -VIRTIO_CRYPTO_ERR;
    }

    op_info->dst_len = ret;

    return VIRTIO_CRYPTO_OK;
}

static int cryptodev_builtin_operation(
                 CryptoDevBackend *backend,
                 CryptoDevBackendOpInfo *op_info)
{
    CryptoDevBackendBuiltin *builtin =
                      CRYPTODEV_BACKEND_BUILTIN(backend);
    CryptoDevBackendBuiltinSession *sess;
    CryptoDevBackendSymOpInfo *sym_op_info;
    CryptoDevBackendAsymOpInfo *asym_op_info;
    QCryptodevBackendAlgType algtype = op_info->algtype;
    int status = -VIRTIO_CRYPTO_ERR;
    Error *local_error = NULL;

    if (op_info->session_id >= MAX_NUM_SESSIONS ||
              builtin->sessions[op_info->session_id] == NULL) {
        error_setg(&local_error, "Cannot find a valid session id: %" PRIu64 "",
                   op_info->session_id);
        return -VIRTIO_CRYPTO_INVSESS;
    }

    sess = builtin->sessions[op_info->session_id];
    if (algtype == QCRYPTODEV_BACKEND_ALG_SYM) {
        sym_op_info = op_info->u.sym_op_info;
        status = cryptodev_builtin_sym_operation(sess, sym_op_info,
                                                 &local_error);
    } else if (algtype == QCRYPTODEV_BACKEND_ALG_ASYM) {
        asym_op_info = op_info->u.asym_op_info;
        status = cryptodev_builtin_asym_operation(sess, op_info->op_code,
                                                  asym_op_info, &local_error);
    }

    if (local_error) {
        error_report_err(local_error);
    }
    if (op_info->cb) {
        op_info->cb(op_info->opaque, status);
    }
    return 0;
}

static void cryptodev_builtin_cleanup(
             CryptoDevBackend *backend,
             Error **errp)
{
    CryptoDevBackendBuiltin *builtin =
                      CRYPTODEV_BACKEND_BUILTIN(backend);
    size_t i;
    int queues = backend->conf.peers.queues;
    CryptoDevBackendClient *cc;

    for (i = 0; i < MAX_NUM_SESSIONS; i++) {
        if (builtin->sessions[i] != NULL) {
            cryptodev_builtin_close_session(backend, i, 0, NULL, NULL);
        }
    }

    for (i = 0; i < queues; i++) {
        cc = backend->conf.peers.ccs[i];
        if (cc) {
            cryptodev_backend_free_client(cc);
            backend->conf.peers.ccs[i] = NULL;
        }
    }

    cryptodev_backend_set_ready(backend, false);
}

static void
cryptodev_builtin_class_init(ObjectClass *oc, void *data)
{
    CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);

    bc->init = cryptodev_builtin_init;
    bc->cleanup = cryptodev_builtin_cleanup;
    bc->create_session = cryptodev_builtin_create_session;
    bc->close_session = cryptodev_builtin_close_session;
    bc->do_op = cryptodev_builtin_operation;
}

static const TypeInfo cryptodev_builtin_info = {
    .name = TYPE_CRYPTODEV_BACKEND_BUILTIN,
    .parent = TYPE_CRYPTODEV_BACKEND,
    .class_init = cryptodev_builtin_class_init,
    .instance_size = sizeof(CryptoDevBackendBuiltin),
};

static void
cryptodev_builtin_register_types(void)
{
    type_register_static(&cryptodev_builtin_info);
}

type_init(cryptodev_builtin_register_types);
Commit	Line	Data
1653a5f3 GA	1	/*
	2	* QEMU Cryptodev backend for QEMU cipher APIs
	3	*
	4	* Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
	5	*
	6	* Authors:
	7	* Gonglei <arei.gonglei@huawei.com>
	8	*
	9	* This library is free software; you can redistribute it and/or
	10	* modify it under the terms of the GNU Lesser General Public
	11	* License as published by the Free Software Foundation; either
0dda001b	12	* version 2.1 of the License, or (at your option) any later version.
1653a5f3 GA	13	*
	14	* This library is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	* Lesser General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU Lesser General Public
	20	* License along with this library; if not, see <http://www.gnu.org/licenses/>.
	21	*
	22	*/
	23
	24	#include "qemu/osdep.h"
	25	#include "sysemu/cryptodev.h"
1653a5f3 GA	26	#include "qapi/error.h"
	27	#include "standard-headers/linux/virtio_crypto.h"
	28	#include "crypto/cipher.h"
0e660a6f	29	#include "crypto/akcipher.h"
db1015e9	30	#include "qom/object.h"
1653a5f3 GA	31
	32
	33	/**
	34	* @TYPE_CRYPTODEV_BACKEND_BUILTIN:
	35	* name of backend that uses QEMU cipher API
	36	*/
	37	#define TYPE_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"
	38
8063396b	39	OBJECT_DECLARE_SIMPLE_TYPE(CryptoDevBackendBuiltin, CRYPTODEV_BACKEND_BUILTIN)
1653a5f3	40
1653a5f3 GA	41
	42	typedef struct CryptoDevBackendBuiltinSession {
	43	QCryptoCipher *cipher;
	44	uint8_t direction; /* encryption or decryption */
	45	uint8_t type; /* cipher? hash? aead? */
0e660a6f	46	QCryptoAkCipher *akcipher;
1653a5f3 GA	47	QTAILQ_ENTRY(CryptoDevBackendBuiltinSession) next;
	48	} CryptoDevBackendBuiltinSession;
	49
0e660a6f	50	/* Max number of symmetric/asymmetric sessions */
1653a5f3 GA	51	#define MAX_NUM_SESSIONS 256
	52
	53	#define CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN 512
	54	#define CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN 64
	55
	56	struct CryptoDevBackendBuiltin {
	57	CryptoDevBackend parent_obj;
	58
	59	CryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
	60	};
	61
abca0fc3 ZP	62	static void cryptodev_builtin_init_akcipher(CryptoDevBackend *backend)
	63	{
	64	QCryptoAkCipherOptions opts;
	65
	66	opts.alg = QCRYPTO_AKCIPHER_ALG_RSA;
	67	opts.u.rsa.padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
	68	if (qcrypto_akcipher_supports(&opts)) {
	69	backend->conf.crypto_services \|=
	70	(1u << QCRYPTODEV_BACKEND_SERVICE_AKCIPHER);
	71	backend->conf.akcipher_algo = 1u << VIRTIO_CRYPTO_AKCIPHER_RSA;
	72	}
	73	}
	74
1653a5f3 GA	75	static void cryptodev_builtin_init(
	76	CryptoDevBackend backend, Error *errp)
	77	{
	78	/* Only support one queue */
	79	int queues = backend->conf.peers.queues;
	80	CryptoDevBackendClient *cc;
	81
	82	if (queues != 1) {
	83	error_setg(errp,
	84	"Only support one queue in cryptdov-builtin backend");
	85	return;
	86	}
	87
3f478371	88	cc = cryptodev_backend_new_client();
1653a5f3 GA	89	cc->info_str = g_strdup_printf("cryptodev-builtin0");
1653a5f3 GA	90	cc->queue_index = 0;
14c9fd16	91	cc->type = QCRYPTODEV_BACKEND_TYPE_BUILTIN;
1653a5f3 GA	92	backend->conf.peers.ccs[0] = cc;
	93
	94	backend->conf.crypto_services =
bc304a64 ZP	95	1u << QCRYPTODEV_BACKEND_SERVICE_CIPHER \|
bc304a64 ZP	96	1u << QCRYPTODEV_BACKEND_SERVICE_HASH \|
abca0fc3	97	1u << QCRYPTODEV_BACKEND_SERVICE_MAC;
1653a5f3 GA	98	backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
	99	backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
	100	/*
	101	* Set the Maximum length of crypto request.
	102	* Why this value? Just avoid to overflow when
	103	* memory allocation for each crypto request.
	104	*/
0e660a6f	105	backend->conf.max_size = LONG_MAX - sizeof(CryptoDevBackendOpInfo);
1653a5f3 GA	106	backend->conf.max_cipher_key_len = CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN;
1653a5f3 GA	107	backend->conf.max_auth_key_len = CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN;
abca0fc3	108	cryptodev_builtin_init_akcipher(backend);
6138dbda GA	109
6138dbda GA	110	cryptodev_backend_set_ready(backend, true);
1653a5f3 GA	111	}
	112
	113	static int
	114	cryptodev_builtin_get_unused_session_index(
	115	CryptoDevBackendBuiltin *builtin)
	116	{
	117	size_t i;
	118
	119	for (i = 0; i < MAX_NUM_SESSIONS; i++) {
	120	if (builtin->sessions[i] == NULL) {
	121	return i;
	122	}
	123	}
	124
	125	return -1;
	126	}
	127
465f2fed LM	128	#define AES_KEYSIZE_128 16
	129	#define AES_KEYSIZE_192 24
	130	#define AES_KEYSIZE_256 32
	131	#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256
	132	#define AES_KEYSIZE_256_XTS 64
	133
1653a5f3	134	static int
465f2fed	135	cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp)
1653a5f3 GA	136	{
	137	int algo;
	138
465f2fed	139	if (key_len == AES_KEYSIZE_128) {
1653a5f3	140	algo = QCRYPTO_CIPHER_ALG_AES_128;
465f2fed	141	} else if (key_len == AES_KEYSIZE_192) {
1653a5f3	142	algo = QCRYPTO_CIPHER_ALG_AES_192;
465f2fed LM	143	} else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */
	144	if (mode == QCRYPTO_CIPHER_MODE_XTS) {
	145	algo = QCRYPTO_CIPHER_ALG_AES_128;
	146	} else {
	147	algo = QCRYPTO_CIPHER_ALG_AES_256;
	148	}
	149	} else if (key_len == AES_KEYSIZE_256_XTS) {
	150	if (mode == QCRYPTO_CIPHER_MODE_XTS) {
	151	algo = QCRYPTO_CIPHER_ALG_AES_256;
	152	} else {
	153	goto err;
	154	}
1653a5f3	155	} else {
465f2fed	156	goto err;
1653a5f3 GA	157	}
	158
	159	return algo;
465f2fed LM	160
	161	err:
	162	error_setg(errp, "Unsupported key length :%u", key_len);
	163	return -1;
1653a5f3 GA	164	}
1653a5f3 GA	165
0e660a6f ZP	166	static int cryptodev_builtin_get_rsa_hash_algo(
	167	int virtio_rsa_hash, Error **errp)
	168	{
	169	switch (virtio_rsa_hash) {
	170	case VIRTIO_CRYPTO_RSA_MD5:
	171	return QCRYPTO_HASH_ALG_MD5;
	172
	173	case VIRTIO_CRYPTO_RSA_SHA1:
	174	return QCRYPTO_HASH_ALG_SHA1;
	175
	176	case VIRTIO_CRYPTO_RSA_SHA256:
	177	return QCRYPTO_HASH_ALG_SHA256;
	178
	179	case VIRTIO_CRYPTO_RSA_SHA512:
	180	return QCRYPTO_HASH_ALG_SHA512;
	181
	182	default:
	183	error_setg(errp, "Unsupported rsa hash algo: %d", virtio_rsa_hash);
	184	return -1;
	185	}
	186	}
	187
	188	static int cryptodev_builtin_set_rsa_options(
	189	int virtio_padding_algo,
	190	int virtio_hash_algo,
	191	QCryptoAkCipherOptionsRSA *opt,
	192	Error **errp)
	193	{
	194	if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_PKCS1_PADDING) {
	195	int hash_alg;
	196
	197	hash_alg = cryptodev_builtin_get_rsa_hash_algo(virtio_hash_algo, errp);
	198	if (hash_alg < 0) {
	199	return -1;
	200	}
	201	opt->hash_alg = hash_alg;
	202	opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1;
	203	return 0;
	204	}
	205
	206	if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_RAW_PADDING) {
	207	opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
	208	return 0;
	209	}
	210
	211	error_setg(errp, "Unsupported rsa padding algo: %d", virtio_padding_algo);
	212	return -1;
	213	}
	214
1653a5f3 GA	215	static int cryptodev_builtin_create_cipher_session(
	216	CryptoDevBackendBuiltin *builtin,
	217	CryptoDevBackendSymSessionInfo *sess_info,
	218	Error **errp)
	219	{
	220	int algo;
	221	int mode;
	222	QCryptoCipher *cipher;
	223	int index;
	224	CryptoDevBackendBuiltinSession *sess;
	225
	226	if (sess_info->op_type != VIRTIO_CRYPTO_SYM_OP_CIPHER) {
	227	error_setg(errp, "Unsupported optype :%u", sess_info->op_type);
	228	return -1;
	229	}
	230
	231	index = cryptodev_builtin_get_unused_session_index(builtin);
	232	if (index < 0) {
	233	error_setg(errp, "Total number of sessions created exceeds %u",
	234	MAX_NUM_SESSIONS);
	235	return -1;
	236	}
	237
	238	switch (sess_info->cipher_alg) {
	239	case VIRTIO_CRYPTO_CIPHER_AES_ECB:
465f2fed	240	mode = QCRYPTO_CIPHER_MODE_ECB;
1653a5f3	241	algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
465f2fed	242	mode, errp);
1653a5f3 GA	243	if (algo < 0) {
	244	return -1;
	245	}
1653a5f3 GA	246	break;
1653a5f3 GA	247	case VIRTIO_CRYPTO_CIPHER_AES_CBC:
465f2fed	248	mode = QCRYPTO_CIPHER_MODE_CBC;
1653a5f3	249	algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
465f2fed	250	mode, errp);
1653a5f3 GA	251	if (algo < 0) {
	252	return -1;
	253	}
1653a5f3 GA	254	break;
1653a5f3 GA	255	case VIRTIO_CRYPTO_CIPHER_AES_CTR:
465f2fed	256	mode = QCRYPTO_CIPHER_MODE_CTR;
1653a5f3	257	algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
465f2fed	258	mode, errp);
1653a5f3 GA	259	if (algo < 0) {
	260	return -1;
	261	}
1653a5f3	262	break;
eaa57403 LM	263	case VIRTIO_CRYPTO_CIPHER_AES_XTS:
	264	mode = QCRYPTO_CIPHER_MODE_XTS;
	265	algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
	266	mode, errp);
	267	if (algo < 0) {
	268	return -1;
	269	}
	270	break;
48ae36c0 LM	271	case VIRTIO_CRYPTO_CIPHER_3DES_ECB:
	272	mode = QCRYPTO_CIPHER_MODE_ECB;
	273	algo = QCRYPTO_CIPHER_ALG_3DES;
	274	break;
	275	case VIRTIO_CRYPTO_CIPHER_3DES_CBC:
	276	mode = QCRYPTO_CIPHER_MODE_CBC;
	277	algo = QCRYPTO_CIPHER_ALG_3DES;
	278	break;
	279	case VIRTIO_CRYPTO_CIPHER_3DES_CTR:
	280	mode = QCRYPTO_CIPHER_MODE_CTR;
	281	algo = QCRYPTO_CIPHER_ALG_3DES;
	282	break;
1653a5f3 GA	283	default:
	284	error_setg(errp, "Unsupported cipher alg :%u",
	285	sess_info->cipher_alg);
	286	return -1;
	287	}
	288
	289	cipher = qcrypto_cipher_new(algo, mode,
	290	sess_info->cipher_key,
	291	sess_info->key_len,
	292	errp);
	293	if (!cipher) {
	294	return -1;
	295	}
	296
	297	sess = g_new0(CryptoDevBackendBuiltinSession, 1);
	298	sess->cipher = cipher;
	299	sess->direction = sess_info->direction;
	300	sess->type = sess_info->op_type;
	301
	302	builtin->sessions[index] = sess;
	303
	304	return index;
	305	}
	306
0e660a6f ZP	307	static int cryptodev_builtin_create_akcipher_session(
	308	CryptoDevBackendBuiltin *builtin,
	309	CryptoDevBackendAsymSessionInfo *sess_info,
	310	Error **errp)
	311	{
	312	CryptoDevBackendBuiltinSession *sess;
	313	QCryptoAkCipher *akcipher;
	314	int index;
	315	QCryptoAkCipherKeyType type;
	316	QCryptoAkCipherOptions opts;
	317
	318	switch (sess_info->algo) {
	319	case VIRTIO_CRYPTO_AKCIPHER_RSA:
	320	opts.alg = QCRYPTO_AKCIPHER_ALG_RSA;
	321	if (cryptodev_builtin_set_rsa_options(sess_info->u.rsa.padding_algo,
	322	sess_info->u.rsa.hash_algo, &opts.u.rsa, errp) != 0) {
	323	return -1;
	324	}
	325	break;
	326
	327	/* TODO support DSA&ECDSA until qemu crypto framework support these */
	328
	329	default:
	330	error_setg(errp, "Unsupported akcipher alg %u", sess_info->algo);
	331	return -1;
	332	}
	333
	334	switch (sess_info->keytype) {
	335	case VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PUBLIC:
	336	type = QCRYPTO_AKCIPHER_KEY_TYPE_PUBLIC;
	337	break;
	338
	339	case VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PRIVATE:
	340	type = QCRYPTO_AKCIPHER_KEY_TYPE_PRIVATE;
	341	break;
	342
	343	default:
	344	error_setg(errp, "Unsupported akcipher keytype %u", sess_info->keytype);
	345	return -1;
	346	}
	347
	348	index = cryptodev_builtin_get_unused_session_index(builtin);
	349	if (index < 0) {
	350	error_setg(errp, "Total number of sessions created exceeds %u",
	351	MAX_NUM_SESSIONS);
	352	return -1;
	353	}
	354
	355	akcipher = qcrypto_akcipher_new(&opts, type, sess_info->key,
	356	sess_info->keylen, errp);
	357	if (!akcipher) {
	358	return -1;
	359	}
	360
	361	sess = g_new0(CryptoDevBackendBuiltinSession, 1);
	362	sess->akcipher = akcipher;
	363
	364	builtin->sessions[index] = sess;
	365
	366	return index;
	367	}
	368
2fda101d	369	static int cryptodev_builtin_create_session(
1653a5f3	370	CryptoDevBackend *backend,
0e660a6f	371	CryptoDevBackendSessionInfo *sess_info,
2fda101d LH	372	uint32_t queue_index,
	373	CryptoDevCompletionFunc cb,
	374	void *opaque)
1653a5f3 GA	375	{
	376	CryptoDevBackendBuiltin *builtin =
	377	CRYPTODEV_BACKEND_BUILTIN(backend);
0e660a6f ZP	378	CryptoDevBackendSymSessionInfo *sym_sess_info;
0e660a6f ZP	379	CryptoDevBackendAsymSessionInfo *asym_sess_info;
2fda101d LH	380	int ret, status;
2fda101d LH	381	Error *local_error = NULL;
1653a5f3 GA	382
	383	switch (sess_info->op_code) {
	384	case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
0e660a6f	385	sym_sess_info = &sess_info->u.sym_sess_info;
2fda101d LH	386	ret = cryptodev_builtin_create_cipher_session(
	387	builtin, sym_sess_info, &local_error);
	388	break;
0e660a6f ZP	389
	390	case VIRTIO_CRYPTO_AKCIPHER_CREATE_SESSION:
	391	asym_sess_info = &sess_info->u.asym_sess_info;
2fda101d LH	392	ret = cryptodev_builtin_create_akcipher_session(
	393	builtin, asym_sess_info, &local_error);
	394	break;
0e660a6f	395
1653a5f3 GA	396	case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
	397	case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
	398	default:
2fda101d	399	error_setg(&local_error, "Unsupported opcode :%" PRIu32 "",
1653a5f3	400	sess_info->op_code);
2fda101d	401	return -VIRTIO_CRYPTO_NOTSUPP;
1653a5f3 GA	402	}
1653a5f3 GA	403
2fda101d LH	404	if (local_error) {
	405	error_report_err(local_error);
	406	}
	407	if (ret < 0) {
	408	status = -VIRTIO_CRYPTO_ERR;
	409	} else {
	410	sess_info->session_id = ret;
	411	status = VIRTIO_CRYPTO_OK;
	412	}
	413	if (cb) {
	414	cb(opaque, status);
	415	}
	416	return 0;
1653a5f3 GA	417	}
1653a5f3 GA	418
0e660a6f	419	static int cryptodev_builtin_close_session(
1653a5f3 GA	420	CryptoDevBackend *backend,
1653a5f3 GA	421	uint64_t session_id,
2fda101d LH	422	uint32_t queue_index,
	423	CryptoDevCompletionFunc cb,
	424	void *opaque)
1653a5f3 GA	425	{
	426	CryptoDevBackendBuiltin *builtin =
	427	CRYPTODEV_BACKEND_BUILTIN(backend);
0e660a6f	428	CryptoDevBackendBuiltinSession *session;
1653a5f3	429
eaf2bd29 PMD	430	if (session_id >= MAX_NUM_SESSIONS \|\| !builtin->sessions[session_id]) {
	431	return -VIRTIO_CRYPTO_INVSESS;
	432	}
1653a5f3	433
0e660a6f ZP	434	session = builtin->sessions[session_id];
	435	if (session->cipher) {
	436	qcrypto_cipher_free(session->cipher);
	437	} else if (session->akcipher) {
	438	qcrypto_akcipher_free(session->akcipher);
	439	}
	440
	441	g_free(session);
1653a5f3	442	builtin->sessions[session_id] = NULL;
2fda101d LH	443	if (cb) {
	444	cb(opaque, VIRTIO_CRYPTO_OK);
	445	}
1653a5f3 GA	446	return 0;
	447	}
	448
	449	static int cryptodev_builtin_sym_operation(
0e660a6f ZP	450	CryptoDevBackendBuiltinSession *sess,
0e660a6f ZP	451	CryptoDevBackendSymOpInfo op_info, Error *errp)
1653a5f3	452	{
1653a5f3 GA	453	int ret;
1653a5f3 GA	454
1653a5f3 GA	455	if (op_info->op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
	456	error_setg(errp,
	457	"Algorithm chain is unsupported for cryptdoev-builtin");
	458	return -VIRTIO_CRYPTO_NOTSUPP;
	459	}
	460
50d19cf3 LM	461	if (op_info->iv_len > 0) {
	462	ret = qcrypto_cipher_setiv(sess->cipher, op_info->iv,
	463	op_info->iv_len, errp);
	464	if (ret < 0) {
	465	return -VIRTIO_CRYPTO_ERR;
	466	}
1653a5f3 GA	467	}
	468
	469	if (sess->direction == VIRTIO_CRYPTO_OP_ENCRYPT) {
	470	ret = qcrypto_cipher_encrypt(sess->cipher, op_info->src,
	471	op_info->dst, op_info->src_len, errp);
	472	if (ret < 0) {
	473	return -VIRTIO_CRYPTO_ERR;
	474	}
	475	} else {
	476	ret = qcrypto_cipher_decrypt(sess->cipher, op_info->src,
	477	op_info->dst, op_info->src_len, errp);
	478	if (ret < 0) {
	479	return -VIRTIO_CRYPTO_ERR;
	480	}
	481	}
0e660a6f ZP	482
	483	return VIRTIO_CRYPTO_OK;
	484	}
	485
	486	static int cryptodev_builtin_asym_operation(
	487	CryptoDevBackendBuiltinSession *sess, uint32_t op_code,
	488	CryptoDevBackendAsymOpInfo op_info, Error *errp)
	489	{
	490	int ret;
	491
	492	switch (op_code) {
	493	case VIRTIO_CRYPTO_AKCIPHER_ENCRYPT:
	494	ret = qcrypto_akcipher_encrypt(sess->akcipher,
	495	op_info->src, op_info->src_len,
	496	op_info->dst, op_info->dst_len, errp);
	497	break;
	498
	499	case VIRTIO_CRYPTO_AKCIPHER_DECRYPT:
	500	ret = qcrypto_akcipher_decrypt(sess->akcipher,
	501	op_info->src, op_info->src_len,
	502	op_info->dst, op_info->dst_len, errp);
	503	break;
	504
	505	case VIRTIO_CRYPTO_AKCIPHER_SIGN:
	506	ret = qcrypto_akcipher_sign(sess->akcipher,
	507	op_info->src, op_info->src_len,
	508	op_info->dst, op_info->dst_len, errp);
	509	break;
	510
	511	case VIRTIO_CRYPTO_AKCIPHER_VERIFY:
	512	ret = qcrypto_akcipher_verify(sess->akcipher,
	513	op_info->src, op_info->src_len,
	514	op_info->dst, op_info->dst_len, errp);
	515	break;
	516
	517	default:
	518	return -VIRTIO_CRYPTO_ERR;
	519	}
	520
	521	if (ret < 0) {
	522	if (op_code == VIRTIO_CRYPTO_AKCIPHER_VERIFY) {
	523	return -VIRTIO_CRYPTO_KEY_REJECTED;
	524	}
	525	return -VIRTIO_CRYPTO_ERR;
	526	}
	527
	528	/* Buffer is too short, typically the driver should handle this case */
	529	if (unlikely(ret > op_info->dst_len)) {
	530	if (errp && !*errp) {
	531	error_setg(errp, "dst buffer too short");
	532	}
	533
	534	return -VIRTIO_CRYPTO_ERR;
	535	}
	536
	537	op_info->dst_len = ret;
	538
1653a5f3 GA	539	return VIRTIO_CRYPTO_OK;
	540	}
	541
0e660a6f ZP	542	static int cryptodev_builtin_operation(
0e660a6f ZP	543	CryptoDevBackend *backend,
2cb06927	544	CryptoDevBackendOpInfo *op_info)
0e660a6f ZP	545	{
	546	CryptoDevBackendBuiltin *builtin =
	547	CRYPTODEV_BACKEND_BUILTIN(backend);
	548	CryptoDevBackendBuiltinSession *sess;
	549	CryptoDevBackendSymOpInfo *sym_op_info;
	550	CryptoDevBackendAsymOpInfo *asym_op_info;
999c789f	551	QCryptodevBackendAlgType algtype = op_info->algtype;
2fda101d LH	552	int status = -VIRTIO_CRYPTO_ERR;
2fda101d LH	553	Error *local_error = NULL;
0e660a6f ZP	554
	555	if (op_info->session_id >= MAX_NUM_SESSIONS \|\|
	556	builtin->sessions[op_info->session_id] == NULL) {
2fda101d	557	error_setg(&local_error, "Cannot find a valid session id: %" PRIu64 "",
0e660a6f ZP	558	op_info->session_id);
	559	return -VIRTIO_CRYPTO_INVSESS;
	560	}
	561
	562	sess = builtin->sessions[op_info->session_id];
999c789f	563	if (algtype == QCRYPTODEV_BACKEND_ALG_SYM) {
0e660a6f	564	sym_op_info = op_info->u.sym_op_info;
2fda101d LH	565	status = cryptodev_builtin_sym_operation(sess, sym_op_info,
2fda101d LH	566	&local_error);
999c789f	567	} else if (algtype == QCRYPTODEV_BACKEND_ALG_ASYM) {
0e660a6f	568	asym_op_info = op_info->u.asym_op_info;
2fda101d LH	569	status = cryptodev_builtin_asym_operation(sess, op_info->op_code,
2fda101d LH	570	asym_op_info, &local_error);
0e660a6f ZP	571	}
0e660a6f ZP	572
2fda101d LH	573	if (local_error) {
	574	error_report_err(local_error);
	575	}
2cb06927 ZP	576	if (op_info->cb) {
2cb06927 ZP	577	op_info->cb(op_info->opaque, status);
2fda101d LH	578	}
2fda101d LH	579	return 0;
0e660a6f ZP	580	}
0e660a6f ZP	581
1653a5f3 GA	582	static void cryptodev_builtin_cleanup(
	583	CryptoDevBackend *backend,
	584	Error **errp)
	585	{
	586	CryptoDevBackendBuiltin *builtin =
	587	CRYPTODEV_BACKEND_BUILTIN(backend);
	588	size_t i;
	589	int queues = backend->conf.peers.queues;
	590	CryptoDevBackendClient *cc;
	591
	592	for (i = 0; i < MAX_NUM_SESSIONS; i++) {
	593	if (builtin->sessions[i] != NULL) {
2fda101d	594	cryptodev_builtin_close_session(backend, i, 0, NULL, NULL);
1653a5f3 GA	595	}
	596	}
	597
1653a5f3 GA	598	for (i = 0; i < queues; i++) {
	599	cc = backend->conf.peers.ccs[i];
	600	if (cc) {
	601	cryptodev_backend_free_client(cc);
	602	backend->conf.peers.ccs[i] = NULL;
	603	}
	604	}
6138dbda GA	605
6138dbda GA	606	cryptodev_backend_set_ready(backend, false);
1653a5f3 GA	607	}
	608
	609	static void
	610	cryptodev_builtin_class_init(ObjectClass oc, void data)
	611	{
	612	CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
	613
	614	bc->init = cryptodev_builtin_init;
	615	bc->cleanup = cryptodev_builtin_cleanup;
0e660a6f ZP	616	bc->create_session = cryptodev_builtin_create_session;
	617	bc->close_session = cryptodev_builtin_close_session;
	618	bc->do_op = cryptodev_builtin_operation;
1653a5f3 GA	619	}
	620
	621	static const TypeInfo cryptodev_builtin_info = {
	622	.name = TYPE_CRYPTODEV_BACKEND_BUILTIN,
	623	.parent = TYPE_CRYPTODEV_BACKEND,
	624	.class_init = cryptodev_builtin_class_init,
	625	.instance_size = sizeof(CryptoDevBackendBuiltin),
	626	};
	627
	628	static void
	629	cryptodev_builtin_register_types(void)
	630	{
	631	type_register_static(&cryptodev_builtin_info);
	632	}
	633
	634	type_init(cryptodev_builtin_register_types);