Root/drivers/staging/sep/sep_crypto.h

1/*
2 *
3 * sep_crypto.h - Crypto interface structures
4 *
5 * Copyright(c) 2009-2011 Intel Corporation. All rights reserved.
6 * Contributions(c) 2009-2010 Discretix. All rights reserved.
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the Free
10 * Software Foundation; version 2 of the License.
11 *
12 * This program is distributed in the hope that it will be useful, but WITHOUT
13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * more details.
16 *
17 * You should have received a copy of the GNU General Public License along with
18 * this program; if not, write to the Free Software Foundation, Inc., 59
19 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
20 *
21 * CONTACTS:
22 *
23 * Mark Allyn mark.a.allyn@intel.com
24 * Jayant Mangalampalli jayant.mangalampalli@intel.com
25 *
26 * CHANGES:
27 *
28 * 2009.06.26 Initial publish
29 * 2011.02.22 Enable Kernel Crypto
30 *
31 */
32
33/* Constants for SEP (from vendor) */
34#define SEP_START_MSG_TOKEN 0x02558808
35
36#define SEP_DES_IV_SIZE_WORDS 2
37#define SEP_DES_IV_SIZE_BYTES (SEP_DES_IV_SIZE_WORDS * \
38    sizeof(u32))
39#define SEP_DES_KEY_SIZE_WORDS 2
40#define SEP_DES_KEY_SIZE_BYTES (SEP_DES_KEY_SIZE_WORDS * \
41    sizeof(u32))
42#define SEP_DES_BLOCK_SIZE 8
43#define SEP_DES_DUMMY_SIZE 16
44
45#define SEP_DES_INIT_OPCODE 0x10
46#define SEP_DES_BLOCK_OPCODE 0x11
47
48#define SEP_AES_BLOCK_SIZE_WORDS 4
49#define SEP_AES_BLOCK_SIZE_BYTES \
50    (SEP_AES_BLOCK_SIZE_WORDS * sizeof(u32))
51
52#define SEP_AES_DUMMY_BLOCK_SIZE 16
53#define SEP_AES_IV_SIZE_WORDS SEP_AES_BLOCK_SIZE_WORDS
54#define SEP_AES_IV_SIZE_BYTES \
55    (SEP_AES_IV_SIZE_WORDS * sizeof(u32))
56
57#define SEP_AES_KEY_128_SIZE 16
58#define SEP_AES_KEY_192_SIZE 24
59#define SEP_AES_KEY_256_SIZE 32
60#define SEP_AES_KEY_512_SIZE 64
61#define SEP_AES_MAX_KEY_SIZE_WORDS 16
62#define SEP_AES_MAX_KEY_SIZE_BYTES \
63    (SEP_AES_MAX_KEY_SIZE_WORDS * sizeof(u32))
64
65#define SEP_AES_WRAP_MIN_SIZE 8
66#define SEP_AES_WRAP_MAX_SIZE 0x10000000
67
68#define SEP_AES_WRAP_BLOCK_SIZE_WORDS 2
69#define SEP_AES_WRAP_BLOCK_SIZE_BYTES \
70    (SEP_AES_WRAP_BLOCK_SIZE_WORDS * sizeof(u32))
71
72#define SEP_AES_SECRET_RKEK1 0x1
73#define SEP_AES_SECRET_RKEK2 0x2
74
75#define SEP_AES_INIT_OPCODE 0x2
76#define SEP_AES_BLOCK_OPCODE 0x3
77#define SEP_AES_FINISH_OPCODE 0x4
78#define SEP_AES_WRAP_OPCODE 0x6
79#define SEP_AES_UNWRAP_OPCODE 0x7
80#define SEP_AES_XTS_FINISH_OPCODE 0x8
81
82#define SEP_HASH_RESULT_SIZE_WORDS 16
83#define SEP_MD5_DIGEST_SIZE_WORDS 4
84#define SEP_MD5_DIGEST_SIZE_BYTES \
85    (SEP_MD5_DIGEST_SIZE_WORDS * sizeof(u32))
86#define SEP_SHA1_DIGEST_SIZE_WORDS 5
87#define SEP_SHA1_DIGEST_SIZE_BYTES \
88    (SEP_SHA1_DIGEST_SIZE_WORDS * sizeof(u32))
89#define SEP_SHA224_DIGEST_SIZE_WORDS 7
90#define SEP_SHA224_DIGEST_SIZE_BYTES \
91    (SEP_SHA224_DIGEST_SIZE_WORDS * sizeof(u32))
92#define SEP_SHA256_DIGEST_SIZE_WORDS 8
93#define SEP_SHA256_DIGEST_SIZE_BYTES \
94    (SEP_SHA256_DIGEST_SIZE_WORDS * sizeof(u32))
95#define SEP_SHA384_DIGEST_SIZE_WORDS 12
96#define SEP_SHA384_DIGEST_SIZE_BYTES \
97    (SEP_SHA384_DIGEST_SIZE_WORDS * sizeof(u32))
98#define SEP_SHA512_DIGEST_SIZE_WORDS 16
99#define SEP_SHA512_DIGEST_SIZE_BYTES \
100    (SEP_SHA512_DIGEST_SIZE_WORDS * sizeof(u32))
101#define SEP_HASH_BLOCK_SIZE_WORDS 16
102#define SEP_HASH_BLOCK_SIZE_BYTES \
103    (SEP_HASH_BLOCK_SIZE_WORDS * sizeof(u32))
104#define SEP_SHA2_BLOCK_SIZE_WORDS 32
105#define SEP_SHA2_BLOCK_SIZE_BYTES \
106    (SEP_SHA2_BLOCK_SIZE_WORDS * sizeof(u32))
107
108#define SEP_HASH_INIT_OPCODE 0x20
109#define SEP_HASH_UPDATE_OPCODE 0x21
110#define SEP_HASH_FINISH_OPCODE 0x22
111#define SEP_HASH_SINGLE_OPCODE 0x23
112
113#define SEP_HOST_ERROR 0x0b000000
114#define SEP_OK 0x0
115#define SEP_INVALID_START (SEP_HOST_ERROR + 0x3)
116#define SEP_WRONG_OPCODE (SEP_HOST_ERROR + 0x1)
117
118#define SEP_TRANSACTION_WAIT_TIME 5
119
120#define SEP_QUEUE_LENGTH 2
121/* Macros */
122#ifndef __LITTLE_ENDIAN
123#define CHG_ENDIAN(val) \
124    (((val) >> 24) | \
125    (((val) & 0x00FF0000) >> 8) | \
126    (((val) & 0x0000FF00) << 8) | \
127    (((val) & 0x000000FF) << 24))
128#else
129#define CHG_ENDIAN(val) val
130#endif
131/* Enums for SEP (from vendor) */
132enum des_numkey {
133    DES_KEY_1 = 1,
134    DES_KEY_2 = 2,
135    DES_KEY_3 = 3,
136    SEP_NUMKEY_OPTIONS,
137    SEP_NUMKEY_LAST = 0x7fffffff,
138};
139
140enum des_enc_mode {
141    SEP_DES_ENCRYPT = 0,
142    SEP_DES_DECRYPT = 1,
143    SEP_DES_ENC_OPTIONS,
144    SEP_DES_ENC_LAST = 0x7fffffff,
145};
146
147enum des_op_mode {
148    SEP_DES_ECB = 0,
149    SEP_DES_CBC = 1,
150    SEP_OP_OPTIONS,
151    SEP_OP_LAST = 0x7fffffff,
152};
153
154enum aes_keysize {
155    AES_128 = 0,
156    AES_192 = 1,
157    AES_256 = 2,
158    AES_512 = 3,
159    AES_SIZE_OPTIONS,
160    AEA_SIZE_LAST = 0x7FFFFFFF,
161};
162
163enum aes_enc_mode {
164    SEP_AES_ENCRYPT = 0,
165    SEP_AES_DECRYPT = 1,
166    SEP_AES_ENC_OPTIONS,
167    SEP_AES_ENC_LAST = 0x7FFFFFFF,
168};
169
170enum aes_op_mode {
171    SEP_AES_ECB = 0,
172    SEP_AES_CBC = 1,
173    SEP_AES_MAC = 2,
174    SEP_AES_CTR = 3,
175    SEP_AES_XCBC = 4,
176    SEP_AES_CMAC = 5,
177    SEP_AES_XTS = 6,
178    SEP_AES_OP_OPTIONS,
179    SEP_AES_OP_LAST = 0x7FFFFFFF,
180};
181
182enum hash_op_mode {
183    SEP_HASH_SHA1 = 0,
184    SEP_HASH_SHA224 = 1,
185    SEP_HASH_SHA256 = 2,
186    SEP_HASH_SHA384 = 3,
187    SEP_HASH_SHA512 = 4,
188    SEP_HASH_MD5 = 5,
189    SEP_HASH_OPTIONS,
190    SEP_HASH_LAST_MODE = 0x7FFFFFFF,
191};
192
193/* Structures for SEP (from vendor) */
194struct sep_des_internal_key {
195    u32 key1[SEP_DES_KEY_SIZE_WORDS];
196    u32 key2[SEP_DES_KEY_SIZE_WORDS];
197    u32 key3[SEP_DES_KEY_SIZE_WORDS];
198};
199
200struct sep_des_internal_context {
201    u32 iv_context[SEP_DES_IV_SIZE_WORDS];
202    struct sep_des_internal_key context_key;
203    enum des_numkey nbr_keys;
204    enum des_enc_mode encryption;
205    enum des_op_mode operation;
206    u8 dummy_block[SEP_DES_DUMMY_SIZE];
207};
208
209struct sep_des_private_context {
210    u32 valid_tag;
211    u32 iv;
212    u8 ctx_buf[sizeof(struct sep_des_internal_context)];
213};
214
215/* This is the structure passed to SEP via msg area */
216struct sep_des_key {
217    u32 key1[SEP_DES_KEY_SIZE_WORDS];
218    u32 key2[SEP_DES_KEY_SIZE_WORDS];
219    u32 key3[SEP_DES_KEY_SIZE_WORDS];
220    u32 pad[SEP_DES_KEY_SIZE_WORDS];
221};
222
223struct sep_aes_internal_context {
224    u32 aes_ctx_iv[SEP_AES_IV_SIZE_WORDS];
225    u32 aes_ctx_key[SEP_AES_MAX_KEY_SIZE_WORDS / 2];
226    enum aes_keysize keysize;
227    enum aes_enc_mode encmode;
228    enum aes_op_mode opmode;
229    u8 secret_key;
230    u32 no_add_blocks;
231    u32 last_block_size;
232    u32 last_block[SEP_AES_BLOCK_SIZE_WORDS];
233    u32 prev_iv[SEP_AES_BLOCK_SIZE_WORDS];
234    u32 remaining_size;
235    union {
236        struct {
237            u32 dkey1[SEP_AES_BLOCK_SIZE_WORDS];
238            u32 dkey2[SEP_AES_BLOCK_SIZE_WORDS];
239            u32 dkey3[SEP_AES_BLOCK_SIZE_WORDS];
240        } cmac_data;
241        struct {
242            u32 xts_key[SEP_AES_MAX_KEY_SIZE_WORDS / 2];
243            u32 temp1[SEP_AES_BLOCK_SIZE_WORDS];
244            u32 temp2[SEP_AES_BLOCK_SIZE_WORDS];
245        } xtx_data;
246    } s_data;
247    u8 dummy_block[SEP_AES_DUMMY_BLOCK_SIZE];
248};
249
250struct sep_aes_private_context {
251    u32 valid_tag;
252    u32 aes_iv;
253    u32 op_mode;
254    u8 cbuff[sizeof(struct sep_aes_internal_context)];
255};
256
257struct sep_hash_internal_context {
258    u32 hash_result[SEP_HASH_RESULT_SIZE_WORDS];
259    enum hash_op_mode hash_opmode;
260    u32 previous_data[SEP_SHA2_BLOCK_SIZE_WORDS];
261    u16 prev_update_bytes;
262    u32 total_proc_128bit[4];
263    u16 op_mode_block_size;
264    u8 dummy_aes_block[SEP_AES_DUMMY_BLOCK_SIZE];
265};
266
267struct sep_hash_private_context {
268    u32 valid_tag;
269    u32 iv;
270    u8 internal_context[sizeof(struct sep_hash_internal_context)];
271};
272
273union key_t {
274    struct sep_des_key des;
275    u32 aes[SEP_AES_MAX_KEY_SIZE_WORDS];
276};
277
278/* Context structures for crypto API */
279/**
280 * Structure for this current task context
281 * This same structure is used for both hash
282 * and crypt in order to reduce duplicate code
283 * for stuff that is done for both hash operations
284 * and crypto operations. We cannot trust that the
285 * system context is not pulled out from under
286 * us during operation to operation, so all
287 * critical stuff such as data pointers must
288 * be in in a context that is exclusive for this
289 * particular task at hand.
290 */
291struct this_task_ctx {
292    struct sep_device *sep_used;
293    u32 done;
294    unsigned char iv[100];
295    enum des_enc_mode des_encmode;
296    enum des_op_mode des_opmode;
297    enum aes_enc_mode aes_encmode;
298    enum aes_op_mode aes_opmode;
299    u32 init_opcode;
300    u32 block_opcode;
301    size_t data_length;
302    size_t ivlen;
303    struct ablkcipher_walk walk;
304    int i_own_sep; /* Do I have custody of the sep? */
305    struct sep_call_status call_status;
306    struct build_dcb_struct_kernel dcb_input_data;
307    struct sep_dma_context *dma_ctx;
308    void *dmatables_region;
309    size_t nbytes;
310    struct sep_dcblock *dcb_region;
311    struct sep_queue_info *queue_elem;
312    int msg_len_words;
313    unsigned char msg[SEP_DRIVER_MESSAGE_SHARED_AREA_SIZE_IN_BYTES];
314    void *msgptr;
315    struct scatterlist *src_sg;
316    struct scatterlist *dst_sg;
317    struct scatterlist *src_sg_hold;
318    struct scatterlist *dst_sg_hold;
319    struct ahash_request *current_hash_req;
320    struct ablkcipher_request *current_cypher_req;
321    enum type_of_request current_request;
322    int digest_size_words;
323    int digest_size_bytes;
324    int block_size_words;
325    int block_size_bytes;
326    enum hash_op_mode hash_opmode;
327    enum hash_stage current_hash_stage;
328    /**
329     * Not that this is a pointer. The are_we_done_yet variable is
330     * allocated by the task function. This way, even if the kernel
331     * crypto infrastructure has grabbed the task structure out from
332     * under us, the task function can still see this variable.
333     */
334    int *are_we_done_yet;
335    unsigned long end_time;
336    };
337
338struct sep_system_ctx {
339    union key_t key;
340    size_t keylen;
341    int key_sent;
342    enum des_numkey des_nbr_keys;
343    enum aes_keysize aes_key_size;
344    unsigned long end_time;
345    struct sep_des_private_context des_private_ctx;
346    struct sep_aes_private_context aes_private_ctx;
347    struct sep_hash_private_context hash_private_ctx;
348    };
349
350/* work queue structures */
351struct sep_work_struct {
352    struct work_struct work;
353    void (*callback)(void *);
354    void *data;
355    };
356
357/* Functions */
358int sep_crypto_setup(void);
359void sep_crypto_takedown(void);
360

Archive Download this file



interactive