tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1/* SPDX-License-Identifier: GPL-2.0-only
2 * SPDX-FileCopyrightText: Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
3 *
4 * Header file for NVIDIA Security Engine driver.
5 */
6
7#ifndef _TEGRA_SE_H
8#define _TEGRA_SE_H
9
10#include <linux/bitfield.h>
11#include <linux/iommu.h>
12#include <linux/host1x.h>
13#include <crypto/aead.h>
14#include <crypto/engine.h>
15#include <crypto/hash.h>
16#include <crypto/sha1.h>
17#include <crypto/sha3.h>
18#include <crypto/skcipher.h>
19
20#define SE_OWNERSHIP 0x14
21#define SE_OWNERSHIP_UID(x) FIELD_GET(GENMASK(7, 0), x)
22#define TEGRA_GPSE_ID 3
23
24#define SE_STREAM_ID 0x90
25
26#define SE_SHA_CFG 0x4004
27#define SE_SHA_IN_ADDR 0x400c
28#define SE_SHA_KEY_ADDR 0x4094
29#define SE_SHA_KEY_DATA 0x4098
30#define SE_SHA_KEYMANIFEST 0x409c
31#define SE_SHA_CRYPTO_CFG 0x40a4
32#define SE_SHA_KEY_DST 0x40a8
33#define SE_SHA_SRC_KSLT 0x4180
34#define SE_SHA_TGT_KSLT 0x4184
35#define SE_SHA_MSG_LENGTH 0x401c
36#define SE_SHA_OPERATION 0x407c
37#define SE_SHA_HASH_RESULT 0x40b0
38
39#define SE_SHA_ENC_MODE(x) FIELD_PREP(GENMASK(31, 24), x)
40#define SE_SHA_ENC_MODE_SHA1 SE_SHA_ENC_MODE(0)
41#define SE_SHA_ENC_MODE_SHA224 SE_SHA_ENC_MODE(4)
42#define SE_SHA_ENC_MODE_SHA256 SE_SHA_ENC_MODE(5)
43#define SE_SHA_ENC_MODE_SHA384 SE_SHA_ENC_MODE(6)
44#define SE_SHA_ENC_MODE_SHA512 SE_SHA_ENC_MODE(7)
45#define SE_SHA_ENC_MODE_SHA_CTX_INTEGRITY SE_SHA_ENC_MODE(8)
46#define SE_SHA_ENC_MODE_SHA3_224 SE_SHA_ENC_MODE(9)
47#define SE_SHA_ENC_MODE_SHA3_256 SE_SHA_ENC_MODE(10)
48#define SE_SHA_ENC_MODE_SHA3_384 SE_SHA_ENC_MODE(11)
49#define SE_SHA_ENC_MODE_SHA3_512 SE_SHA_ENC_MODE(12)
50#define SE_SHA_ENC_MODE_SHAKE128 SE_SHA_ENC_MODE(13)
51#define SE_SHA_ENC_MODE_SHAKE256 SE_SHA_ENC_MODE(14)
52#define SE_SHA_ENC_MODE_HMAC_SHA256_1KEY SE_SHA_ENC_MODE(0)
53#define SE_SHA_ENC_MODE_HMAC_SHA256_2KEY SE_SHA_ENC_MODE(1)
54#define SE_SHA_ENC_MODE_SM3_256 SE_SHA_ENC_MODE(0)
55
56#define SE_SHA_CFG_ENC_ALG(x) FIELD_PREP(GENMASK(15, 12), x)
57#define SE_SHA_ENC_ALG_NOP SE_SHA_CFG_ENC_ALG(0)
58#define SE_SHA_ENC_ALG_SHA_ENC SE_SHA_CFG_ENC_ALG(1)
59#define SE_SHA_ENC_ALG_RNG SE_SHA_CFG_ENC_ALG(2)
60#define SE_SHA_ENC_ALG_SHA SE_SHA_CFG_ENC_ALG(3)
61#define SE_SHA_ENC_ALG_SM3 SE_SHA_CFG_ENC_ALG(4)
62#define SE_SHA_ENC_ALG_HMAC SE_SHA_CFG_ENC_ALG(7)
63#define SE_SHA_ENC_ALG_KDF SE_SHA_CFG_ENC_ALG(8)
64#define SE_SHA_ENC_ALG_KEY_INVLD SE_SHA_CFG_ENC_ALG(10)
65#define SE_SHA_ENC_ALG_KEY_INQUIRE SE_SHA_CFG_ENC_ALG(12)
66#define SE_SHA_ENC_ALG_INS SE_SHA_CFG_ENC_ALG(13)
67
68#define SE_SHA_OP_LASTBUF FIELD_PREP(BIT(16), 1)
69#define SE_SHA_OP_WRSTALL FIELD_PREP(BIT(15), 1)
70
71#define SE_SHA_OP_OP(x) FIELD_PREP(GENMASK(2, 0), x)
72#define SE_SHA_OP_START SE_SHA_OP_OP(1)
73#define SE_SHA_OP_RESTART_OUT SE_SHA_OP_OP(2)
74#define SE_SHA_OP_RESTART_IN SE_SHA_OP_OP(4)
75#define SE_SHA_OP_RESTART_INOUT SE_SHA_OP_OP(5)
76#define SE_SHA_OP_DUMMY SE_SHA_OP_OP(6)
77
78#define SE_SHA_CFG_DEC_ALG(x) FIELD_PREP(GENMASK(11, 8), x)
79#define SE_SHA_DEC_ALG_NOP SE_SHA_CFG_DEC_ALG(0)
80#define SE_SHA_DEC_ALG_AES_DEC SE_SHA_CFG_DEC_ALG(1)
81#define SE_SHA_DEC_ALG_HMAC SE_SHA_CFG_DEC_ALG(7)
82#define SE_SHA_DEC_ALG_HMAC_VERIFY SE_SHA_CFG_DEC_ALG(9)
83
84#define SE_SHA_CFG_DST(x) FIELD_PREP(GENMASK(4, 2), x)
85#define SE_SHA_DST_MEMORY SE_SHA_CFG_DST(0)
86#define SE_SHA_DST_HASH_REG SE_SHA_CFG_DST(1)
87#define SE_SHA_DST_KEYTABLE SE_SHA_CFG_DST(2)
88#define SE_SHA_DST_SRK SE_SHA_CFG_DST(3)
89
90#define SE_SHA_TASK_HASH_INIT BIT(0)
91
92/* AES Configuration */
93#define SE_AES0_CFG 0x1004
94#define SE_AES0_CRYPTO_CONFIG 0x1008
95#define SE_AES0_KEY_DST 0x1030
96#define SE_AES0_OPERATION 0x1038
97#define SE_AES0_LINEAR_CTR 0x101c
98#define SE_AES0_LAST_BLOCK 0x102c
99#define SE_AES0_KEY_ADDR 0x10bc
100#define SE_AES0_KEY_DATA 0x10c0
101#define SE_AES0_CMAC_RESULT 0x10c4
102#define SE_AES0_SRC_KSLT 0x1100
103#define SE_AES0_TGT_KSLT 0x1104
104#define SE_AES0_KEYMANIFEST 0x1114
105#define SE_AES0_AAD_LEN 0x112c
106#define SE_AES0_CRYPTO_MSG_LEN 0x1134
107
108#define SE_AES1_CFG 0x2004
109#define SE_AES1_CRYPTO_CONFIG 0x2008
110#define SE_AES1_KEY_DST 0x2030
111#define SE_AES1_OPERATION 0x2038
112#define SE_AES1_LINEAR_CTR 0x201c
113#define SE_AES1_LAST_BLOCK 0x202c
114#define SE_AES1_KEY_ADDR 0x20bc
115#define SE_AES1_KEY_DATA 0x20c0
116#define SE_AES1_CMAC_RESULT 0x20c4
117#define SE_AES1_SRC_KSLT 0x2100
118#define SE_AES1_TGT_KSLT 0x2104
119#define SE_AES1_KEYMANIFEST 0x2114
120#define SE_AES1_AAD_LEN 0x212c
121#define SE_AES1_CRYPTO_MSG_LEN 0x2134
122
123#define SE_AES_CFG_ENC_MODE(x) FIELD_PREP(GENMASK(31, 24), x)
124#define SE_AES_ENC_MODE_GMAC SE_AES_CFG_ENC_MODE(3)
125#define SE_AES_ENC_MODE_GCM SE_AES_CFG_ENC_MODE(4)
126#define SE_AES_ENC_MODE_GCM_FINAL SE_AES_CFG_ENC_MODE(5)
127#define SE_AES_ENC_MODE_CMAC SE_AES_CFG_ENC_MODE(7)
128#define SE_AES_ENC_MODE_CBC_MAC SE_AES_CFG_ENC_MODE(12)
129
130#define SE_AES_CFG_DEC_MODE(x) FIELD_PREP(GENMASK(23, 16), x)
131#define SE_AES_DEC_MODE_GMAC SE_AES_CFG_DEC_MODE(3)
132#define SE_AES_DEC_MODE_GCM SE_AES_CFG_DEC_MODE(4)
133#define SE_AES_DEC_MODE_GCM_FINAL SE_AES_CFG_DEC_MODE(5)
134#define SE_AES_DEC_MODE_CBC_MAC SE_AES_CFG_DEC_MODE(12)
135
136#define SE_AES_CFG_ENC_ALG(x) FIELD_PREP(GENMASK(15, 12), x)
137#define SE_AES_ENC_ALG_NOP SE_AES_CFG_ENC_ALG(0)
138#define SE_AES_ENC_ALG_AES_ENC SE_AES_CFG_ENC_ALG(1)
139#define SE_AES_ENC_ALG_RNG SE_AES_CFG_ENC_ALG(2)
140#define SE_AES_ENC_ALG_SHA SE_AES_CFG_ENC_ALG(3)
141#define SE_AES_ENC_ALG_HMAC SE_AES_CFG_ENC_ALG(7)
142#define SE_AES_ENC_ALG_KDF SE_AES_CFG_ENC_ALG(8)
143#define SE_AES_ENC_ALG_INS SE_AES_CFG_ENC_ALG(13)
144
145#define SE_AES_CFG_DEC_ALG(x) FIELD_PREP(GENMASK(11, 8), x)
146#define SE_AES_DEC_ALG_NOP SE_AES_CFG_DEC_ALG(0)
147#define SE_AES_DEC_ALG_AES_DEC SE_AES_CFG_DEC_ALG(1)
148
149#define SE_AES_CFG_DST(x) FIELD_PREP(GENMASK(4, 2), x)
150#define SE_AES_DST_MEMORY SE_AES_CFG_DST(0)
151#define SE_AES_DST_HASH_REG SE_AES_CFG_DST(1)
152#define SE_AES_DST_KEYTABLE SE_AES_CFG_DST(2)
153#define SE_AES_DST_SRK SE_AES_CFG_DST(3)
154
155/* AES Crypto Configuration */
156#define SE_AES_KEY2_INDEX(x) FIELD_PREP(GENMASK(31, 28), x)
157#define SE_AES_KEY_INDEX(x) FIELD_PREP(GENMASK(27, 24), x)
158
159#define SE_AES_CRYPTO_CFG_SCC_DIS FIELD_PREP(BIT(20), 1)
160
161#define SE_AES_CRYPTO_CFG_CTR_CNTN(x) FIELD_PREP(GENMASK(18, 11), x)
162
163#define SE_AES_CRYPTO_CFG_IV_MODE(x) FIELD_PREP(BIT(10), x)
164#define SE_AES_IV_MODE_SWIV SE_AES_CRYPTO_CFG_IV_MODE(0)
165#define SE_AES_IV_MODE_HWIV SE_AES_CRYPTO_CFG_IV_MODE(1)
166
167#define SE_AES_CRYPTO_CFG_CORE_SEL(x) FIELD_PREP(BIT(9), x)
168#define SE_AES_CORE_SEL_DECRYPT SE_AES_CRYPTO_CFG_CORE_SEL(0)
169#define SE_AES_CORE_SEL_ENCRYPT SE_AES_CRYPTO_CFG_CORE_SEL(1)
170
171#define SE_AES_CRYPTO_CFG_IV_SEL(x) FIELD_PREP(GENMASK(8, 7), x)
172#define SE_AES_IV_SEL_UPDATED SE_AES_CRYPTO_CFG_IV_SEL(1)
173#define SE_AES_IV_SEL_REG SE_AES_CRYPTO_CFG_IV_SEL(2)
174#define SE_AES_IV_SEL_RANDOM SE_AES_CRYPTO_CFG_IV_SEL(3)
175
176#define SE_AES_CRYPTO_CFG_VCTRAM_SEL(x) FIELD_PREP(GENMASK(6, 5), x)
177#define SE_AES_VCTRAM_SEL_MEMORY SE_AES_CRYPTO_CFG_VCTRAM_SEL(0)
178#define SE_AES_VCTRAM_SEL_TWEAK SE_AES_CRYPTO_CFG_VCTRAM_SEL(1)
179#define SE_AES_VCTRAM_SEL_AESOUT SE_AES_CRYPTO_CFG_VCTRAM_SEL(2)
180#define SE_AES_VCTRAM_SEL_PREV_MEM SE_AES_CRYPTO_CFG_VCTRAM_SEL(3)
181
182#define SE_AES_CRYPTO_CFG_INPUT_SEL(x) FIELD_PREP(GENMASK(4, 3), x)
183#define SE_AES_INPUT_SEL_MEMORY SE_AES_CRYPTO_CFG_INPUT_SEL(0)
184#define SE_AES_INPUT_SEL_RANDOM SE_AES_CRYPTO_CFG_INPUT_SEL(1)
185#define SE_AES_INPUT_SEL_AESOUT SE_AES_CRYPTO_CFG_INPUT_SEL(2)
186#define SE_AES_INPUT_SEL_LINEAR_CTR SE_AES_CRYPTO_CFG_INPUT_SEL(3)
187#define SE_AES_INPUT_SEL_REG SE_AES_CRYPTO_CFG_INPUT_SEL(1)
188
189#define SE_AES_CRYPTO_CFG_XOR_POS(x) FIELD_PREP(GENMASK(2, 1), x)
190#define SE_AES_XOR_POS_BYPASS SE_AES_CRYPTO_CFG_XOR_POS(0)
191#define SE_AES_XOR_POS_BOTH SE_AES_CRYPTO_CFG_XOR_POS(1)
192#define SE_AES_XOR_POS_TOP SE_AES_CRYPTO_CFG_XOR_POS(2)
193#define SE_AES_XOR_POS_BOTTOM SE_AES_CRYPTO_CFG_XOR_POS(3)
194
195#define SE_AES_CRYPTO_CFG_HASH_EN(x) FIELD_PREP(BIT(0), x)
196#define SE_AES_HASH_DISABLE SE_AES_CRYPTO_CFG_HASH_EN(0)
197#define SE_AES_HASH_ENABLE SE_AES_CRYPTO_CFG_HASH_EN(1)
198
199#define SE_LAST_BLOCK_VAL(x) FIELD_PREP(GENMASK(19, 0), x)
200#define SE_LAST_BLOCK_RES_BITS(x) FIELD_PREP(GENMASK(26, 20), x)
201
202#define SE_AES_OP_LASTBUF FIELD_PREP(BIT(16), 1)
203#define SE_AES_OP_WRSTALL FIELD_PREP(BIT(15), 1)
204#define SE_AES_OP_FINAL FIELD_PREP(BIT(5), 1)
205#define SE_AES_OP_INIT FIELD_PREP(BIT(4), 1)
206
207#define SE_AES_OP_OP(x) FIELD_PREP(GENMASK(2, 0), x)
208#define SE_AES_OP_START SE_AES_OP_OP(1)
209#define SE_AES_OP_RESTART_OUT SE_AES_OP_OP(2)
210#define SE_AES_OP_RESTART_IN SE_AES_OP_OP(4)
211#define SE_AES_OP_RESTART_INOUT SE_AES_OP_OP(5)
212#define SE_AES_OP_DUMMY SE_AES_OP_OP(6)
213
214#define SE_KAC_SIZE(x) FIELD_PREP(GENMASK(15, 14), x)
215#define SE_KAC_SIZE_128 SE_KAC_SIZE(0)
216#define SE_KAC_SIZE_192 SE_KAC_SIZE(1)
217#define SE_KAC_SIZE_256 SE_KAC_SIZE(2)
218
219#define SE_KAC_EXPORTABLE FIELD_PREP(BIT(12), 1)
220
221#define SE_KAC_PURPOSE(x) FIELD_PREP(GENMASK(11, 8), x)
222#define SE_KAC_ENC SE_KAC_PURPOSE(0)
223#define SE_KAC_CMAC SE_KAC_PURPOSE(1)
224#define SE_KAC_HMAC SE_KAC_PURPOSE(2)
225#define SE_KAC_GCM_KW SE_KAC_PURPOSE(3)
226#define SE_KAC_HMAC_KDK SE_KAC_PURPOSE(6)
227#define SE_KAC_HMAC_KDD SE_KAC_PURPOSE(7)
228#define SE_KAC_HMAC_KDD_KUW SE_KAC_PURPOSE(8)
229#define SE_KAC_XTS SE_KAC_PURPOSE(9)
230#define SE_KAC_GCM SE_KAC_PURPOSE(10)
231
232#define SE_KAC_USER_NS FIELD_PREP(GENMASK(6, 4), 3)
233
234#define SE_AES_KEY_DST_INDEX(x) FIELD_PREP(GENMASK(11, 8), x)
235#define SE_ADDR_HI_MSB(x) FIELD_PREP(GENMASK(31, 24), x)
236#define SE_ADDR_HI_SZ(x) FIELD_PREP(GENMASK(23, 0), x)
237
238#define SE_CFG_AES_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \
239 SE_AES_DEC_ALG_NOP | \
240 SE_AES_DST_MEMORY)
241
242#define SE_CFG_AES_DECRYPT (SE_AES_ENC_ALG_NOP | \
243 SE_AES_DEC_ALG_AES_DEC | \
244 SE_AES_DST_MEMORY)
245
246#define SE_CFG_GMAC_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \
247 SE_AES_DEC_ALG_NOP | \
248 SE_AES_ENC_MODE_GMAC | \
249 SE_AES_DST_MEMORY)
250
251#define SE_CFG_GMAC_DECRYPT (SE_AES_ENC_ALG_NOP | \
252 SE_AES_DEC_ALG_AES_DEC | \
253 SE_AES_DEC_MODE_GMAC | \
254 SE_AES_DST_MEMORY)
255
256#define SE_CFG_GCM_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \
257 SE_AES_DEC_ALG_NOP | \
258 SE_AES_ENC_MODE_GCM | \
259 SE_AES_DST_MEMORY)
260
261#define SE_CFG_GCM_DECRYPT (SE_AES_ENC_ALG_NOP | \
262 SE_AES_DEC_ALG_AES_DEC | \
263 SE_AES_DEC_MODE_GCM | \
264 SE_AES_DST_MEMORY)
265
266#define SE_CFG_GCM_FINAL_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \
267 SE_AES_DEC_ALG_NOP | \
268 SE_AES_ENC_MODE_GCM_FINAL | \
269 SE_AES_DST_MEMORY)
270
271#define SE_CFG_GCM_FINAL_DECRYPT (SE_AES_ENC_ALG_NOP | \
272 SE_AES_DEC_ALG_AES_DEC | \
273 SE_AES_DEC_MODE_GCM_FINAL | \
274 SE_AES_DST_MEMORY)
275
276#define SE_CFG_CMAC (SE_AES_ENC_ALG_AES_ENC | \
277 SE_AES_ENC_MODE_CMAC | \
278 SE_AES_DST_HASH_REG)
279
280#define SE_CFG_CBC_MAC (SE_AES_ENC_ALG_AES_ENC | \
281 SE_AES_ENC_MODE_CBC_MAC)
282
283#define SE_CFG_INS (SE_AES_ENC_ALG_INS | \
284 SE_AES_DEC_ALG_NOP)
285
286#define SE_CRYPTO_CFG_ECB_ENCRYPT (SE_AES_INPUT_SEL_MEMORY | \
287 SE_AES_XOR_POS_BYPASS | \
288 SE_AES_CORE_SEL_ENCRYPT)
289
290#define SE_CRYPTO_CFG_ECB_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \
291 SE_AES_XOR_POS_BYPASS | \
292 SE_AES_CORE_SEL_DECRYPT)
293
294#define SE_CRYPTO_CFG_CBC_ENCRYPT (SE_AES_INPUT_SEL_MEMORY | \
295 SE_AES_VCTRAM_SEL_AESOUT | \
296 SE_AES_XOR_POS_TOP | \
297 SE_AES_CORE_SEL_ENCRYPT | \
298 SE_AES_IV_SEL_REG)
299
300#define SE_CRYPTO_CFG_CBC_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \
301 SE_AES_VCTRAM_SEL_PREV_MEM | \
302 SE_AES_XOR_POS_BOTTOM | \
303 SE_AES_CORE_SEL_DECRYPT | \
304 SE_AES_IV_SEL_REG)
305
306#define SE_CRYPTO_CFG_CTR (SE_AES_INPUT_SEL_LINEAR_CTR | \
307 SE_AES_VCTRAM_SEL_MEMORY | \
308 SE_AES_XOR_POS_BOTTOM | \
309 SE_AES_CORE_SEL_ENCRYPT | \
310 SE_AES_CRYPTO_CFG_CTR_CNTN(1) | \
311 SE_AES_IV_SEL_REG)
312
313#define SE_CRYPTO_CFG_XTS_ENCRYPT (SE_AES_INPUT_SEL_MEMORY | \
314 SE_AES_VCTRAM_SEL_TWEAK | \
315 SE_AES_XOR_POS_BOTH | \
316 SE_AES_CORE_SEL_ENCRYPT | \
317 SE_AES_IV_SEL_REG)
318
319#define SE_CRYPTO_CFG_XTS_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \
320 SE_AES_VCTRAM_SEL_TWEAK | \
321 SE_AES_XOR_POS_BOTH | \
322 SE_AES_CORE_SEL_DECRYPT | \
323 SE_AES_IV_SEL_REG)
324
325#define SE_CRYPTO_CFG_XTS_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \
326 SE_AES_VCTRAM_SEL_TWEAK | \
327 SE_AES_XOR_POS_BOTH | \
328 SE_AES_CORE_SEL_DECRYPT | \
329 SE_AES_IV_SEL_REG)
330
331#define SE_CRYPTO_CFG_CBC_MAC (SE_AES_INPUT_SEL_MEMORY | \
332 SE_AES_VCTRAM_SEL_AESOUT | \
333 SE_AES_XOR_POS_TOP | \
334 SE_AES_CORE_SEL_ENCRYPT | \
335 SE_AES_HASH_ENABLE | \
336 SE_AES_IV_SEL_REG)
337
338#define HASH_RESULT_REG_COUNT 50
339#define CMAC_RESULT_REG_COUNT 4
340
341#define SE_CRYPTO_CTR_REG_COUNT 4
342#define SE_MAX_KEYSLOT 15
343#define SE_MAX_MEM_ALLOC SZ_4M
344
345#define TEGRA_AES_RESERVED_KSLT 14
346#define TEGRA_XTS_RESERVED_KSLT 15
347
348#define SHA_FIRST BIT(0)
349#define SHA_INIT BIT(1)
350#define SHA_UPDATE BIT(2)
351#define SHA_FINAL BIT(3)
352
353/* Security Engine operation modes */
354enum se_aes_alg {
355 SE_ALG_CBC, /* Cipher Block Chaining (CBC) mode */
356 SE_ALG_ECB, /* Electronic Codebook (ECB) mode */
357 SE_ALG_CTR, /* Counter (CTR) mode */
358 SE_ALG_XTS, /* XTS mode */
359 SE_ALG_GMAC, /* GMAC mode */
360 SE_ALG_GCM, /* GCM mode */
361 SE_ALG_GCM_FINAL, /* GCM FINAL mode */
362 SE_ALG_CMAC, /* Cipher-based MAC (CMAC) mode */
363 SE_ALG_CBC_MAC, /* CBC MAC mode */
364};
365
366enum se_hash_alg {
367 SE_ALG_RNG_DRBG, /* Deterministic Random Bit Generator */
368 SE_ALG_SHA1, /* Secure Hash Algorithm-1 (SHA1) mode */
369 SE_ALG_SHA224, /* Secure Hash Algorithm-224 (SHA224) mode */
370 SE_ALG_SHA256, /* Secure Hash Algorithm-256 (SHA256) mode */
371 SE_ALG_SHA384, /* Secure Hash Algorithm-384 (SHA384) mode */
372 SE_ALG_SHA512, /* Secure Hash Algorithm-512 (SHA512) mode */
373 SE_ALG_SHA3_224, /* Secure Hash Algorithm3-224 (SHA3-224) mode */
374 SE_ALG_SHA3_256, /* Secure Hash Algorithm3-256 (SHA3-256) mode */
375 SE_ALG_SHA3_384, /* Secure Hash Algorithm3-384 (SHA3-384) mode */
376 SE_ALG_SHA3_512, /* Secure Hash Algorithm3-512 (SHA3-512) mode */
377 SE_ALG_SHAKE128, /* Secure Hash Algorithm3 (SHAKE128) mode */
378 SE_ALG_SHAKE256, /* Secure Hash Algorithm3 (SHAKE256) mode */
379 SE_ALG_HMAC_SHA224, /* Hash based MAC (HMAC) - 224 */
380 SE_ALG_HMAC_SHA256, /* Hash based MAC (HMAC) - 256 */
381 SE_ALG_HMAC_SHA384, /* Hash based MAC (HMAC) - 384 */
382 SE_ALG_HMAC_SHA512, /* Hash based MAC (HMAC) - 512 */
383};
384
385struct tegra_se_alg {
386 struct tegra_se *se_dev;
387 const char *alg_base;
388
389 union {
390 struct skcipher_engine_alg skcipher;
391 struct aead_engine_alg aead;
392 struct ahash_engine_alg ahash;
393 } alg;
394};
395
396struct tegra_se_regs {
397 u32 op;
398 u32 config;
399 u32 last_blk;
400 u32 linear_ctr;
401 u32 out_addr;
402 u32 aad_len;
403 u32 cryp_msg_len;
404 u32 manifest;
405 u32 key_addr;
406 u32 key_data;
407 u32 key_dst;
408 u32 result;
409};
410
411struct tegra_se_hw {
412 const struct tegra_se_regs *regs;
413 int (*init_alg)(struct tegra_se *se);
414 void (*deinit_alg)(struct tegra_se *se);
415 bool support_sm_alg;
416 u32 host1x_class;
417 u32 kac_ver;
418};
419
420struct tegra_se {
421 int (*manifest)(u32 user, u32 alg, u32 keylen);
422 const struct tegra_se_hw *hw;
423 struct host1x_client client;
424 struct host1x_channel *channel;
425 struct tegra_se_cmdbuf *cmdbuf;
426 struct tegra_se_cmdbuf *keybuf;
427 struct crypto_engine *engine;
428 struct host1x_syncpt *syncpt;
429 struct device *dev;
430 struct clk *clk;
431 unsigned int opcode_addr;
432 unsigned int stream_id;
433 unsigned int syncpt_id;
434 void __iomem *base;
435 u32 owner;
436};
437
438struct tegra_se_cmdbuf {
439 dma_addr_t iova;
440 u32 *addr;
441 struct device *dev;
442 struct kref ref;
443 struct host1x_bo bo;
444 ssize_t size;
445 u32 words;
446};
447
448struct tegra_se_datbuf {
449 u8 *buf;
450 dma_addr_t addr;
451 ssize_t size;
452};
453
454static inline int se_algname_to_algid(const char *name)
455{
456 if (!strcmp(name, "cbc(aes)"))
457 return SE_ALG_CBC;
458 else if (!strcmp(name, "ecb(aes)"))
459 return SE_ALG_ECB;
460 else if (!strcmp(name, "ctr(aes)"))
461 return SE_ALG_CTR;
462 else if (!strcmp(name, "xts(aes)"))
463 return SE_ALG_XTS;
464 else if (!strcmp(name, "cmac(aes)"))
465 return SE_ALG_CMAC;
466 else if (!strcmp(name, "gcm(aes)"))
467 return SE_ALG_GCM;
468 else if (!strcmp(name, "ccm(aes)"))
469 return SE_ALG_CBC_MAC;
470
471 else if (!strcmp(name, "sha1"))
472 return SE_ALG_SHA1;
473 else if (!strcmp(name, "sha224"))
474 return SE_ALG_SHA224;
475 else if (!strcmp(name, "sha256"))
476 return SE_ALG_SHA256;
477 else if (!strcmp(name, "sha384"))
478 return SE_ALG_SHA384;
479 else if (!strcmp(name, "sha512"))
480 return SE_ALG_SHA512;
481 else if (!strcmp(name, "sha3-224"))
482 return SE_ALG_SHA3_224;
483 else if (!strcmp(name, "sha3-256"))
484 return SE_ALG_SHA3_256;
485 else if (!strcmp(name, "sha3-384"))
486 return SE_ALG_SHA3_384;
487 else if (!strcmp(name, "sha3-512"))
488 return SE_ALG_SHA3_512;
489 else if (!strcmp(name, "hmac(sha224)"))
490 return SE_ALG_HMAC_SHA224;
491 else if (!strcmp(name, "hmac(sha256)"))
492 return SE_ALG_HMAC_SHA256;
493 else if (!strcmp(name, "hmac(sha384)"))
494 return SE_ALG_HMAC_SHA384;
495 else if (!strcmp(name, "hmac(sha512)"))
496 return SE_ALG_HMAC_SHA512;
497 else
498 return -EINVAL;
499}
500
501/* Functions */
502int tegra_init_aes(struct tegra_se *se);
503int tegra_init_hash(struct tegra_se *se);
504void tegra_deinit_aes(struct tegra_se *se);
505void tegra_deinit_hash(struct tegra_se *se);
506int tegra_key_submit(struct tegra_se *se, const u8 *key,
507 u32 keylen, u32 alg, u32 *keyid);
508
509int tegra_key_submit_reserved(struct tegra_se *se, const u8 *key,
510 u32 keylen, u32 alg, u32 *keyid);
511
512void tegra_key_invalidate(struct tegra_se *se, u32 keyid, u32 alg);
513void tegra_key_invalidate_reserved(struct tegra_se *se, u32 keyid, u32 alg);
514int tegra_se_host1x_submit(struct tegra_se *se, struct tegra_se_cmdbuf *cmdbuf, u32 size);
515
516static inline int tegra_key_submit_reserved_aes(struct tegra_se *se, const u8 *key,
517 u32 keylen, u32 alg, u32 *keyid)
518{
519 *keyid = TEGRA_AES_RESERVED_KSLT;
520 return tegra_key_submit_reserved(se, key, keylen, alg, keyid);
521}
522
523static inline int tegra_key_submit_reserved_xts(struct tegra_se *se, const u8 *key,
524 u32 keylen, u32 alg, u32 *keyid)
525{
526 *keyid = TEGRA_XTS_RESERVED_KSLT;
527 return tegra_key_submit_reserved(se, key, keylen, alg, keyid);
528}
529
530static inline bool tegra_key_is_reserved(u32 keyid)
531{
532 return ((keyid == TEGRA_AES_RESERVED_KSLT) ||
533 (keyid == TEGRA_XTS_RESERVED_KSLT));
534}
535
536/* HOST1x OPCODES */
537static inline u32 host1x_opcode_setpayload(unsigned int payload)
538{
539 return (9 << 28) | payload;
540}
541
542static inline u32 host1x_opcode_incr_w(unsigned int offset)
543{
544 /* 22-bit offset supported */
545 return (10 << 28) | offset;
546}
547
548static inline u32 host1x_opcode_nonincr_w(unsigned int offset)
549{
550 /* 22-bit offset supported */
551 return (11 << 28) | offset;
552}
553
554static inline u32 host1x_opcode_incr(unsigned int offset, unsigned int count)
555{
556 return (1 << 28) | (offset << 16) | count;
557}
558
559static inline u32 host1x_opcode_nonincr(unsigned int offset, unsigned int count)
560{
561 return (2 << 28) | (offset << 16) | count;
562}
563
564static inline u32 host1x_uclass_incr_syncpt_cond_f(u32 v)
565{
566 return (v & 0xff) << 10;
567}
568
569static inline u32 host1x_uclass_incr_syncpt_indx_f(u32 v)
570{
571 return (v & 0x3ff) << 0;
572}
573
574static inline u32 host1x_uclass_wait_syncpt_r(void)
575{
576 return 0x8;
577}
578
579static inline u32 host1x_uclass_incr_syncpt_r(void)
580{
581 return 0x0;
582}
583
584#define se_host1x_opcode_incr_w(x) host1x_opcode_incr_w((x) / 4)
585#define se_host1x_opcode_nonincr_w(x) host1x_opcode_nonincr_w((x) / 4)
586#define se_host1x_opcode_incr(x, y) host1x_opcode_incr((x) / 4, y)
587#define se_host1x_opcode_nonincr(x, y) host1x_opcode_nonincr((x) / 4, y)
588
589#endif /*_TEGRA_SE_H*/