cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

ccp-crypto.h (5764B)

      1/* SPDX-License-Identifier: GPL-2.0-only */
      2/*
      3 * AMD Cryptographic Coprocessor (CCP) crypto API support
      4 *
      5 * Copyright (C) 2013,2017 Advanced Micro Devices, Inc.
      6 *
      7 * Author: Tom Lendacky <thomas.lendacky@amd.com>
      8 */
      9
     10#ifndef __CCP_CRYPTO_H__
     11#define __CCP_CRYPTO_H__
     12
     13#include <linux/list.h>
     14#include <linux/wait.h>
     15#include <linux/ccp.h>
     16#include <crypto/algapi.h>
     17#include <crypto/aes.h>
     18#include <crypto/internal/aead.h>
     19#include <crypto/aead.h>
     20#include <crypto/ctr.h>
     21#include <crypto/hash.h>
     22#include <crypto/sha1.h>
     23#include <crypto/sha2.h>
     24#include <crypto/akcipher.h>
     25#include <crypto/skcipher.h>
     26#include <crypto/internal/rsa.h>
     27
     28/* We want the module name in front of our messages */
     29#undef pr_fmt
     30#define	pr_fmt(fmt)	KBUILD_MODNAME ": " fmt
     31
     32#define	CCP_LOG_LEVEL	KERN_INFO
     33
     34#define CCP_CRA_PRIORITY	300
     35
     36struct ccp_crypto_skcipher_alg {
     37	struct list_head entry;
     38
     39	u32 mode;
     40
     41	struct skcipher_alg alg;
     42};
     43
     44struct ccp_crypto_aead {
     45	struct list_head entry;
     46
     47	u32 mode;
     48
     49	struct aead_alg alg;
     50};
     51
     52struct ccp_crypto_ahash_alg {
     53	struct list_head entry;
     54
     55	const __be32 *init;
     56	u32 type;
     57	u32 mode;
     58
     59	/* Child algorithm used for HMAC, CMAC, etc */
     60	char child_alg[CRYPTO_MAX_ALG_NAME];
     61
     62	struct ahash_alg alg;
     63};
     64
     65struct ccp_crypto_akcipher_alg {
     66	struct list_head entry;
     67
     68	struct akcipher_alg alg;
     69};
     70
     71static inline struct ccp_crypto_skcipher_alg *
     72	ccp_crypto_skcipher_alg(struct crypto_skcipher *tfm)
     73{
     74	struct skcipher_alg *alg = crypto_skcipher_alg(tfm);
     75
     76	return container_of(alg, struct ccp_crypto_skcipher_alg, alg);
     77}
     78
     79static inline struct ccp_crypto_ahash_alg *
     80	ccp_crypto_ahash_alg(struct crypto_tfm *tfm)
     81{
     82	struct crypto_alg *alg = tfm->__crt_alg;
     83	struct ahash_alg *ahash_alg;
     84
     85	ahash_alg = container_of(alg, struct ahash_alg, halg.base);
     86
     87	return container_of(ahash_alg, struct ccp_crypto_ahash_alg, alg);
     88}
     89
     90/***** AES related defines *****/
     91struct ccp_aes_ctx {
     92	/* Fallback cipher for XTS with unsupported unit sizes */
     93	struct crypto_skcipher *tfm_skcipher;
     94
     95	enum ccp_engine engine;
     96	enum ccp_aes_type type;
     97	enum ccp_aes_mode mode;
     98
     99	struct scatterlist key_sg;
    100	unsigned int key_len;
    101	u8 key[AES_MAX_KEY_SIZE * 2];
    102
    103	u8 nonce[CTR_RFC3686_NONCE_SIZE];
    104
    105	/* CMAC key structures */
    106	struct scatterlist k1_sg;
    107	struct scatterlist k2_sg;
    108	unsigned int kn_len;
    109	u8 k1[AES_BLOCK_SIZE];
    110	u8 k2[AES_BLOCK_SIZE];
    111};
    112
    113struct ccp_aes_req_ctx {
    114	struct scatterlist iv_sg;
    115	u8 iv[AES_BLOCK_SIZE];
    116
    117	struct scatterlist tag_sg;
    118	u8 tag[AES_BLOCK_SIZE];
    119
    120	/* Fields used for RFC3686 requests */
    121	u8 *rfc3686_info;
    122	u8 rfc3686_iv[AES_BLOCK_SIZE];
    123
    124	struct ccp_cmd cmd;
    125
    126	struct skcipher_request fallback_req;	// keep at the end
    127};
    128
    129struct ccp_aes_cmac_req_ctx {
    130	unsigned int null_msg;
    131	unsigned int final;
    132
    133	struct scatterlist *src;
    134	unsigned int nbytes;
    135
    136	u64 hash_cnt;
    137	unsigned int hash_rem;
    138
    139	struct sg_table data_sg;
    140
    141	struct scatterlist iv_sg;
    142	u8 iv[AES_BLOCK_SIZE];
    143
    144	struct scatterlist buf_sg;
    145	unsigned int buf_count;
    146	u8 buf[AES_BLOCK_SIZE];
    147
    148	struct scatterlist pad_sg;
    149	unsigned int pad_count;
    150	u8 pad[AES_BLOCK_SIZE];
    151
    152	struct ccp_cmd cmd;
    153};
    154
    155struct ccp_aes_cmac_exp_ctx {
    156	unsigned int null_msg;
    157
    158	u8 iv[AES_BLOCK_SIZE];
    159
    160	unsigned int buf_count;
    161	u8 buf[AES_BLOCK_SIZE];
    162};
    163
    164/***** 3DES related defines *****/
    165struct ccp_des3_ctx {
    166	enum ccp_engine engine;
    167	enum ccp_des3_type type;
    168	enum ccp_des3_mode mode;
    169
    170	struct scatterlist key_sg;
    171	unsigned int key_len;
    172	u8 key[AES_MAX_KEY_SIZE];
    173};
    174
    175struct ccp_des3_req_ctx {
    176	struct scatterlist iv_sg;
    177	u8 iv[AES_BLOCK_SIZE];
    178
    179	struct ccp_cmd cmd;
    180};
    181
    182/* SHA-related defines
    183 * These values must be large enough to accommodate any variant
    184 */
    185#define MAX_SHA_CONTEXT_SIZE	SHA512_DIGEST_SIZE
    186#define MAX_SHA_BLOCK_SIZE	SHA512_BLOCK_SIZE
    187
    188struct ccp_sha_ctx {
    189	struct scatterlist opad_sg;
    190	unsigned int opad_count;
    191
    192	unsigned int key_len;
    193	u8 key[MAX_SHA_BLOCK_SIZE];
    194	u8 ipad[MAX_SHA_BLOCK_SIZE];
    195	u8 opad[MAX_SHA_BLOCK_SIZE];
    196	struct crypto_shash *hmac_tfm;
    197};
    198
    199struct ccp_sha_req_ctx {
    200	enum ccp_sha_type type;
    201
    202	u64 msg_bits;
    203
    204	unsigned int first;
    205	unsigned int final;
    206
    207	struct scatterlist *src;
    208	unsigned int nbytes;
    209
    210	u64 hash_cnt;
    211	unsigned int hash_rem;
    212
    213	struct sg_table data_sg;
    214
    215	struct scatterlist ctx_sg;
    216	u8 ctx[MAX_SHA_CONTEXT_SIZE];
    217
    218	struct scatterlist buf_sg;
    219	unsigned int buf_count;
    220	u8 buf[MAX_SHA_BLOCK_SIZE];
    221
    222	/* CCP driver command */
    223	struct ccp_cmd cmd;
    224};
    225
    226struct ccp_sha_exp_ctx {
    227	enum ccp_sha_type type;
    228
    229	u64 msg_bits;
    230
    231	unsigned int first;
    232
    233	u8 ctx[MAX_SHA_CONTEXT_SIZE];
    234
    235	unsigned int buf_count;
    236	u8 buf[MAX_SHA_BLOCK_SIZE];
    237};
    238
    239/***** RSA related defines *****/
    240
    241struct ccp_rsa_ctx {
    242	unsigned int key_len; /* in bits */
    243	struct scatterlist e_sg;
    244	u8 *e_buf;
    245	unsigned int e_len;
    246	struct scatterlist n_sg;
    247	u8 *n_buf;
    248	unsigned int n_len;
    249	struct scatterlist d_sg;
    250	u8 *d_buf;
    251	unsigned int d_len;
    252};
    253
    254struct ccp_rsa_req_ctx {
    255	struct ccp_cmd cmd;
    256};
    257
    258#define	CCP_RSA_MAXMOD	(4 * 1024 / 8)
    259#define	CCP5_RSA_MAXMOD	(16 * 1024 / 8)
    260
    261/***** Common Context Structure *****/
    262struct ccp_ctx {
    263	int (*complete)(struct crypto_async_request *req, int ret);
    264
    265	union {
    266		struct ccp_aes_ctx aes;
    267		struct ccp_rsa_ctx rsa;
    268		struct ccp_sha_ctx sha;
    269		struct ccp_des3_ctx des3;
    270	} u;
    271};
    272
    273int ccp_crypto_enqueue_request(struct crypto_async_request *req,
    274			       struct ccp_cmd *cmd);
    275struct scatterlist *ccp_crypto_sg_table_add(struct sg_table *table,
    276					    struct scatterlist *sg_add);
    277
    278int ccp_register_aes_algs(struct list_head *head);
    279int ccp_register_aes_cmac_algs(struct list_head *head);
    280int ccp_register_aes_xts_algs(struct list_head *head);
    281int ccp_register_aes_aeads(struct list_head *head);
    282int ccp_register_sha_algs(struct list_head *head);
    283int ccp_register_des3_algs(struct list_head *head);
    284int ccp_register_rsa_algs(struct list_head *head);
    285
    286#endif