drivers/crypto/sa2ul.h at v5.12-rc4

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / drivers / crypto / sa2ul.h
at v5.12-rc4 402 lines 12 kB view raw
wrap content
  1/* SPDX-License-Identifier: GPL-2.0 */
  2/*
  3 * K3 SA2UL crypto accelerator driver
  4 *
  5 * Copyright (C) 2018-2020 Texas Instruments Incorporated - http://www.ti.com
  6 *
  7 * Authors:	Keerthy
  8 *		Vitaly Andrianov
  9 *		Tero Kristo
 10 */
 11
 12#ifndef _K3_SA2UL_
 13#define _K3_SA2UL_
 14
 15#include <crypto/aes.h>
 16#include <crypto/sha1.h>
 17#include <crypto/sha2.h>
 18
 19#define SA_ENGINE_ENABLE_CONTROL	0x1000
 20
 21struct sa_tfm_ctx;
 22/*
 23 * SA_ENGINE_ENABLE_CONTROL register bits
 24 */
 25#define SA_EEC_ENCSS_EN			0x00000001
 26#define SA_EEC_AUTHSS_EN		0x00000002
 27#define SA_EEC_TRNG_EN			0x00000008
 28#define SA_EEC_PKA_EN			0x00000010
 29#define SA_EEC_CTXCACH_EN		0x00000080
 30#define SA_EEC_CPPI_PORT_IN_EN		0x00000200
 31#define SA_EEC_CPPI_PORT_OUT_EN		0x00000800
 32
 33/*
 34 * Encoding used to identify the typo of crypto operation
 35 * performed on the packet when the packet is returned
 36 * by SA
 37 */
 38#define SA_REQ_SUBTYPE_ENC	0x0001
 39#define SA_REQ_SUBTYPE_DEC	0x0002
 40#define SA_REQ_SUBTYPE_SHIFT	16
 41#define SA_REQ_SUBTYPE_MASK	0xffff
 42
 43/* Number of 32 bit words in EPIB  */
 44#define SA_DMA_NUM_EPIB_WORDS   4
 45
 46/* Number of 32 bit words in PS data  */
 47#define SA_DMA_NUM_PS_WORDS     16
 48#define NKEY_SZ			3
 49#define MCI_SZ			27
 50
 51/*
 52 * Maximum number of simultaeneous security contexts
 53 * supported by the driver
 54 */
 55#define SA_MAX_NUM_CTX	512
 56
 57/*
 58 * Assumption: CTX size is multiple of 32
 59 */
 60#define SA_CTX_SIZE_TO_DMA_SIZE(ctx_sz) \
 61		((ctx_sz) ? ((ctx_sz) / 32 - 1) : 0)
 62
 63#define SA_CTX_ENC_KEY_OFFSET   32
 64#define SA_CTX_ENC_AUX1_OFFSET  64
 65#define SA_CTX_ENC_AUX2_OFFSET  96
 66#define SA_CTX_ENC_AUX3_OFFSET  112
 67#define SA_CTX_ENC_AUX4_OFFSET  128
 68
 69/* Next Engine Select code in CP_ACE */
 70#define SA_ENG_ID_EM1   2       /* Enc/Dec engine with AES/DEC core */
 71#define SA_ENG_ID_EM2   3       /* Encryption/Decryption enginefor pass 2 */
 72#define SA_ENG_ID_AM1   4       /* Auth. engine with SHA1/MD5/SHA2 core */
 73#define SA_ENG_ID_AM2   5       /*  Authentication engine for pass 2 */
 74#define SA_ENG_ID_OUTPORT2 20   /*  Egress module 2  */
 75
 76/*
 77 * Command Label Definitions
 78 */
 79#define SA_CMDL_OFFSET_NESC           0      /* Next Engine Select Code */
 80#define SA_CMDL_OFFSET_LABEL_LEN      1      /* Engine Command Label Length */
 81/* 16-bit Length of Data to be processed */
 82#define SA_CMDL_OFFSET_DATA_LEN       2
 83#define SA_CMDL_OFFSET_DATA_OFFSET    4      /* Stat Data Offset */
 84#define SA_CMDL_OFFSET_OPTION_CTRL1   5      /* Option Control Byte 1 */
 85#define SA_CMDL_OFFSET_OPTION_CTRL2   6      /* Option Control Byte 2 */
 86#define SA_CMDL_OFFSET_OPTION_CTRL3   7      /* Option Control Byte 3 */
 87#define SA_CMDL_OFFSET_OPTION_BYTE    8
 88
 89#define SA_CMDL_HEADER_SIZE_BYTES	8
 90
 91#define SA_CMDL_OPTION_BYTES_MAX_SIZE     72
 92#define SA_CMDL_MAX_SIZE_BYTES (SA_CMDL_HEADER_SIZE_BYTES + \
 93				SA_CMDL_OPTION_BYTES_MAX_SIZE)
 94
 95/* SWINFO word-0 flags */
 96#define SA_SW_INFO_FLAG_EVICT   0x0001
 97#define SA_SW_INFO_FLAG_TEAR    0x0002
 98#define SA_SW_INFO_FLAG_NOPD    0x0004
 99
100/*
101 * This type represents the various packet types to be processed
102 * by the PHP engine in SA.
103 * It is used to identify the corresponding PHP processing function.
104 */
105#define SA_CTX_PE_PKT_TYPE_3GPP_AIR    0    /* 3GPP Air Cipher */
106#define SA_CTX_PE_PKT_TYPE_SRTP        1    /* SRTP */
107#define SA_CTX_PE_PKT_TYPE_IPSEC_AH    2    /* IPSec Authentication Header */
108/* IPSec Encapsulating Security Payload */
109#define SA_CTX_PE_PKT_TYPE_IPSEC_ESP   3
110/* Indicates that it is in data mode, It may not be used by PHP */
111#define SA_CTX_PE_PKT_TYPE_NONE        4
112#define SA_CTX_ENC_TYPE1_SZ     64      /* Encryption SC with Key only */
113#define SA_CTX_ENC_TYPE2_SZ     96      /* Encryption SC with Key and Aux1 */
114
115#define SA_CTX_AUTH_TYPE1_SZ    64      /* Auth SC with Key only */
116#define SA_CTX_AUTH_TYPE2_SZ    96      /* Auth SC with Key and Aux1 */
117/* Size of security context for PHP engine */
118#define SA_CTX_PHP_PE_CTX_SZ    64
119
120#define SA_CTX_MAX_SZ (64 + SA_CTX_ENC_TYPE2_SZ + SA_CTX_AUTH_TYPE2_SZ)
121
122/*
123 * Encoding of F/E control in SCCTL
124 *  Bit 0-1: Fetch PHP Bytes
125 *  Bit 2-3: Fetch Encryption/Air Ciphering Bytes
126 *  Bit 4-5: Fetch Authentication Bytes or Encr pass 2
127 *  Bit 6-7: Evict PHP Bytes
128 *
129 *  where   00 = 0 bytes
130 *          01 = 64 bytes
131 *          10 = 96 bytes
132 *          11 = 128 bytes
133 */
134#define SA_CTX_DMA_SIZE_0       0
135#define SA_CTX_DMA_SIZE_64      1
136#define SA_CTX_DMA_SIZE_96      2
137#define SA_CTX_DMA_SIZE_128     3
138
139/*
140 * Byte offset of the owner word in SCCTL
141 * in the security context
142 */
143#define SA_CTX_SCCTL_OWNER_OFFSET 0
144
145#define SA_CTX_ENC_KEY_OFFSET   32
146#define SA_CTX_ENC_AUX1_OFFSET  64
147#define SA_CTX_ENC_AUX2_OFFSET  96
148#define SA_CTX_ENC_AUX3_OFFSET  112
149#define SA_CTX_ENC_AUX4_OFFSET  128
150
151#define SA_SCCTL_FE_AUTH_ENC	0x65
152#define SA_SCCTL_FE_ENC		0x8D
153
154#define SA_ALIGN_MASK		(sizeof(u32) - 1)
155#define SA_ALIGNED		__aligned(32)
156
157#define SA_AUTH_SW_CTRL_MD5	1
158#define SA_AUTH_SW_CTRL_SHA1	2
159#define SA_AUTH_SW_CTRL_SHA224	3
160#define SA_AUTH_SW_CTRL_SHA256	4
161#define SA_AUTH_SW_CTRL_SHA384	5
162#define SA_AUTH_SW_CTRL_SHA512	6
163
164/* SA2UL can only handle maximum data size of 64KB */
165#define SA_MAX_DATA_SZ		U16_MAX
166
167/*
168 * SA2UL can provide unpredictable results with packet sizes that fall
169 * the following range, so avoid using it.
170 */
171#define SA_UNSAFE_DATA_SZ_MIN	240
172#define SA_UNSAFE_DATA_SZ_MAX	256
173
174/**
175 * struct sa_crypto_data - Crypto driver instance data
176 * @base: Base address of the register space
177 * @pdev: Platform device pointer
178 * @sc_pool: security context pool
179 * @dev: Device pointer
180 * @scid_lock: secure context ID lock
181 * @sc_id_start: starting index for SC ID
182 * @sc_id_end: Ending index for SC ID
183 * @sc_id: Security Context ID
184 * @ctx_bm: Bitmap to keep track of Security context ID's
185 * @ctx: SA tfm context pointer
186 * @dma_rx1: Pointer to DMA rx channel for sizes < 256 Bytes
187 * @dma_rx2: Pointer to DMA rx channel for sizes > 256 Bytes
188 * @dma_tx: Pointer to DMA TX channel
189 */
190struct sa_crypto_data {
191	void __iomem *base;
192	struct platform_device	*pdev;
193	struct dma_pool		*sc_pool;
194	struct device *dev;
195	spinlock_t	scid_lock; /* lock for SC-ID allocation */
196	/* Security context data */
197	u16		sc_id_start;
198	u16		sc_id_end;
199	u16		sc_id;
200	unsigned long	ctx_bm[DIV_ROUND_UP(SA_MAX_NUM_CTX,
201				BITS_PER_LONG)];
202	struct sa_tfm_ctx	*ctx;
203	struct dma_chan		*dma_rx1;
204	struct dma_chan		*dma_rx2;
205	struct dma_chan		*dma_tx;
206};
207
208/**
209 * struct sa_cmdl_param_info: Command label parameters info
210 * @index: Index of the parameter in the command label format
211 * @offset: the offset of the parameter
212 * @size: Size of the parameter
213 */
214struct sa_cmdl_param_info {
215	u16	index;
216	u16	offset;
217	u16	size;
218};
219
220/* Maximum length of Auxiliary data in 32bit words */
221#define SA_MAX_AUX_DATA_WORDS	8
222
223/**
224 * struct sa_cmdl_upd_info: Command label updation info
225 * @flags: flags in command label
226 * @submode: Encryption submodes
227 * @enc_size: Size of first pass encryption size
228 * @enc_size2: Size of second pass encryption size
229 * @enc_offset: Encryption payload offset in the packet
230 * @enc_iv: Encryption initialization vector for pass2
231 * @enc_iv2: Encryption initialization vector for pass2
232 * @aad: Associated data
233 * @payload: Payload info
234 * @auth_size: Authentication size for pass 1
235 * @auth_size2: Authentication size for pass 2
236 * @auth_offset: Authentication payload offset
237 * @auth_iv: Authentication initialization vector
238 * @aux_key_info: Authentication aux key information
239 * @aux_key: Aux key for authentication
240 */
241struct sa_cmdl_upd_info {
242	u16	flags;
243	u16	submode;
244	struct sa_cmdl_param_info	enc_size;
245	struct sa_cmdl_param_info	enc_size2;
246	struct sa_cmdl_param_info	enc_offset;
247	struct sa_cmdl_param_info	enc_iv;
248	struct sa_cmdl_param_info	enc_iv2;
249	struct sa_cmdl_param_info	aad;
250	struct sa_cmdl_param_info	payload;
251	struct sa_cmdl_param_info	auth_size;
252	struct sa_cmdl_param_info	auth_size2;
253	struct sa_cmdl_param_info	auth_offset;
254	struct sa_cmdl_param_info	auth_iv;
255	struct sa_cmdl_param_info	aux_key_info;
256	u32				aux_key[SA_MAX_AUX_DATA_WORDS];
257};
258
259/*
260 * Number of 32bit words appended after the command label
261 * in PSDATA to identify the crypto request context.
262 * word-0: Request type
263 * word-1: pointer to request
264 */
265#define SA_PSDATA_CTX_WORDS 4
266
267/* Maximum size of Command label in 32 words */
268#define SA_MAX_CMDL_WORDS (SA_DMA_NUM_PS_WORDS - SA_PSDATA_CTX_WORDS)
269
270/**
271 * struct sa_ctx_info: SA context information
272 * @sc: Pointer to security context
273 * @sc_phys: Security context physical address that is passed on to SA2UL
274 * @sc_id: Security context ID
275 * @cmdl_size: Command label size
276 * @cmdl: Command label for a particular iteration
277 * @cmdl_upd_info: structure holding command label updation info
278 * @epib: Extended protocol information block words
279 */
280struct sa_ctx_info {
281	u8		*sc;
282	dma_addr_t	sc_phys;
283	u16		sc_id;
284	u16		cmdl_size;
285	u32		cmdl[SA_MAX_CMDL_WORDS];
286	struct sa_cmdl_upd_info cmdl_upd_info;
287	/* Store Auxiliary data such as K2/K3 subkeys in AES-XCBC */
288	u32		epib[SA_DMA_NUM_EPIB_WORDS];
289};
290
291/**
292 * struct sa_tfm_ctx: TFM context structure
293 * @dev_data: struct sa_crypto_data pointer
294 * @enc: struct sa_ctx_info for encryption
295 * @dec: struct sa_ctx_info for decryption
296 * @keylen: encrption/decryption keylength
297 * @iv_idx: Initialization vector index
298 * @key: encryption key
299 * @fallback: SW fallback algorithm
300 */
301struct sa_tfm_ctx {
302	struct sa_crypto_data *dev_data;
303	struct sa_ctx_info enc;
304	struct sa_ctx_info dec;
305	struct sa_ctx_info auth;
306	int keylen;
307	int iv_idx;
308	u32 key[AES_KEYSIZE_256 / sizeof(u32)];
309	u8 authkey[SHA512_BLOCK_SIZE];
310	struct crypto_shash	*shash;
311	/* for fallback */
312	union {
313		struct crypto_skcipher		*skcipher;
314		struct crypto_ahash		*ahash;
315		struct crypto_aead		*aead;
316	} fallback;
317};
318
319/**
320 * struct sa_sha_req_ctx: Structure used for sha request
321 * @dev_data: struct sa_crypto_data pointer
322 * @cmdl: Complete command label with psdata and epib included
323 * @fallback_req: SW fallback request container
324 */
325struct sa_sha_req_ctx {
326	struct sa_crypto_data	*dev_data;
327	u32			cmdl[SA_MAX_CMDL_WORDS + SA_PSDATA_CTX_WORDS];
328	struct ahash_request	fallback_req;
329};
330
331enum sa_submode {
332	SA_MODE_GEN = 0,
333	SA_MODE_CCM,
334	SA_MODE_GCM,
335	SA_MODE_GMAC
336};
337
338/* Encryption algorithms */
339enum sa_ealg_id {
340	SA_EALG_ID_NONE = 0,        /* No encryption */
341	SA_EALG_ID_NULL,            /* NULL encryption */
342	SA_EALG_ID_AES_CTR,         /* AES Counter mode */
343	SA_EALG_ID_AES_F8,          /* AES F8 mode */
344	SA_EALG_ID_AES_CBC,         /* AES CBC mode */
345	SA_EALG_ID_DES_CBC,         /* DES CBC mode */
346	SA_EALG_ID_3DES_CBC,        /* 3DES CBC mode */
347	SA_EALG_ID_CCM,             /* Counter with CBC-MAC mode */
348	SA_EALG_ID_GCM,             /* Galois Counter mode */
349	SA_EALG_ID_AES_ECB,
350	SA_EALG_ID_LAST
351};
352
353/* Authentication algorithms */
354enum sa_aalg_id {
355	SA_AALG_ID_NONE = 0,      /* No Authentication  */
356	SA_AALG_ID_NULL = SA_EALG_ID_LAST, /* NULL Authentication  */
357	SA_AALG_ID_MD5,           /* MD5 mode */
358	SA_AALG_ID_SHA1,          /* SHA1 mode */
359	SA_AALG_ID_SHA2_224,      /* 224-bit SHA2 mode */
360	SA_AALG_ID_SHA2_256,      /* 256-bit SHA2 mode */
361	SA_AALG_ID_SHA2_512,      /* 512-bit SHA2 mode */
362	SA_AALG_ID_HMAC_MD5,      /* HMAC with MD5 mode */
363	SA_AALG_ID_HMAC_SHA1,     /* HMAC with SHA1 mode */
364	SA_AALG_ID_HMAC_SHA2_224, /* HMAC with 224-bit SHA2 mode */
365	SA_AALG_ID_HMAC_SHA2_256, /* HMAC with 256-bit SHA2 mode */
366	SA_AALG_ID_GMAC,          /* Galois Message Auth. Code mode */
367	SA_AALG_ID_CMAC,          /* Cipher-based Mes. Auth. Code mode */
368	SA_AALG_ID_CBC_MAC,       /* Cipher Block Chaining */
369	SA_AALG_ID_AES_XCBC       /* AES Extended Cipher Block Chaining */
370};
371
372/*
373 * Mode control engine algorithms used to index the
374 * mode control instruction tables
375 */
376enum sa_eng_algo_id {
377	SA_ENG_ALGO_ECB = 0,
378	SA_ENG_ALGO_CBC,
379	SA_ENG_ALGO_CFB,
380	SA_ENG_ALGO_OFB,
381	SA_ENG_ALGO_CTR,
382	SA_ENG_ALGO_F8,
383	SA_ENG_ALGO_F8F9,
384	SA_ENG_ALGO_GCM,
385	SA_ENG_ALGO_GMAC,
386	SA_ENG_ALGO_CCM,
387	SA_ENG_ALGO_CMAC,
388	SA_ENG_ALGO_CBCMAC,
389	SA_NUM_ENG_ALGOS
390};
391
392/**
393 * struct sa_eng_info: Security accelerator engine info
394 * @eng_id: Engine ID
395 * @sc_size: security context size
396 */
397struct sa_eng_info {
398	u8	eng_id;
399	u16	sc_size;
400};
401
402#endif /* _K3_SA2UL_ */
Configure Feed

Configure Feed
