sec_crypto.h - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
sec_crypto.h (6677B)
      1/* SPDX-License-Identifier: GPL-2.0 */
      2/* Copyright (c) 2019 HiSilicon Limited. */
      3
      4#ifndef __HISI_SEC_V2_CRYPTO_H
      5#define __HISI_SEC_V2_CRYPTO_H
      6
      7#define SEC_AIV_SIZE		12
      8#define SEC_IV_SIZE		24
      9#define SEC_MAX_KEY_SIZE	64
     10#define SEC_COMM_SCENE		0
     11#define SEC_MIN_BLOCK_SZ	1
     12
     13enum sec_calg {
     14	SEC_CALG_3DES = 0x1,
     15	SEC_CALG_AES  = 0x2,
     16	SEC_CALG_SM4  = 0x3,
     17};
     18
     19enum sec_hash_alg {
     20	SEC_A_HMAC_SHA1   = 0x10,
     21	SEC_A_HMAC_SHA256 = 0x11,
     22	SEC_A_HMAC_SHA512 = 0x15,
     23};
     24
     25enum sec_mac_len {
     26	SEC_HMAC_CCM_MAC   = 16,
     27	SEC_HMAC_GCM_MAC   = 16,
     28	SEC_SM3_MAC        = 32,
     29	SEC_HMAC_SM3_MAC   = 32,
     30	SEC_HMAC_MD5_MAC   = 16,
     31	SEC_HMAC_SHA1_MAC   = 20,
     32	SEC_HMAC_SHA256_MAC = 32,
     33	SEC_HMAC_SHA512_MAC = 64,
     34};
     35
     36enum sec_cmode {
     37	SEC_CMODE_ECB    = 0x0,
     38	SEC_CMODE_CBC    = 0x1,
     39	SEC_CMODE_CFB    = 0x2,
     40	SEC_CMODE_OFB    = 0x3,
     41	SEC_CMODE_CTR    = 0x4,
     42	SEC_CMODE_CCM    = 0x5,
     43	SEC_CMODE_GCM    = 0x6,
     44	SEC_CMODE_XTS    = 0x7,
     45};
     46
     47enum sec_ckey_type {
     48	SEC_CKEY_128BIT = 0x0,
     49	SEC_CKEY_192BIT = 0x1,
     50	SEC_CKEY_256BIT = 0x2,
     51	SEC_CKEY_3DES_3KEY = 0x1,
     52	SEC_CKEY_3DES_2KEY = 0x3,
     53};
     54
     55enum sec_bd_type {
     56	SEC_BD_TYPE1 = 0x1,
     57	SEC_BD_TYPE2 = 0x2,
     58	SEC_BD_TYPE3 = 0x3,
     59};
     60
     61enum sec_auth {
     62	SEC_NO_AUTH = 0x0,
     63	SEC_AUTH_TYPE1 = 0x1,
     64	SEC_AUTH_TYPE2 = 0x2,
     65};
     66
     67enum sec_cipher_dir {
     68	SEC_CIPHER_ENC = 0x1,
     69	SEC_CIPHER_DEC = 0x2,
     70};
     71
     72enum sec_addr_type {
     73	SEC_PBUF = 0x0,
     74	SEC_SGL  = 0x1,
     75	SEC_PRP  = 0x2,
     76};
     77
     78struct bd_status {
     79	u64 tag;
     80	u8 done;
     81	u8 err_type;
     82	u16 flag;
     83	u16 icv;
     84};
     85
     86enum {
     87	AUTHPAD_PAD,
     88	AUTHPAD_NOPAD,
     89};
     90
     91enum {
     92	AIGEN_GEN,
     93	AIGEN_NOGEN,
     94};
     95
     96struct sec_sqe_type2 {
     97	/*
     98	 * mac_len: 0~4 bits
     99	 * a_key_len: 5~10 bits
    100	 * a_alg: 11~16 bits
    101	 */
    102	__le32 mac_key_alg;
    103
    104	/*
    105	 * c_icv_len: 0~5 bits
    106	 * c_width: 6~8 bits
    107	 * c_key_len: 9~11 bits
    108	 * c_mode: 12~15 bits
    109	 */
    110	__le16 icvw_kmode;
    111
    112	/* c_alg: 0~3 bits */
    113	__u8 c_alg;
    114	__u8 rsvd4;
    115
    116	/*
    117	 * a_len: 0~23 bits
    118	 * iv_offset_l: 24~31 bits
    119	 */
    120	__le32 alen_ivllen;
    121
    122	/*
    123	 * c_len: 0~23 bits
    124	 * iv_offset_h: 24~31 bits
    125	 */
    126	__le32 clen_ivhlen;
    127
    128	__le16 auth_src_offset;
    129	__le16 cipher_src_offset;
    130	__le16 cs_ip_header_offset;
    131	__le16 cs_udp_header_offset;
    132	__le16 pass_word_len;
    133	__le16 dk_len;
    134	__u8 salt3;
    135	__u8 salt2;
    136	__u8 salt1;
    137	__u8 salt0;
    138
    139	__le16 tag;
    140	__le16 rsvd5;
    141
    142	/*
    143	 * c_pad_type: 0~3 bits
    144	 * c_pad_len: 4~11 bits
    145	 * c_pad_data_type: 12~15 bits
    146	 */
    147	__le16 cph_pad;
    148
    149	/* c_pad_len_field: 0~1 bits */
    150	__le16 c_pad_len_field;
    151
    152	__le64 long_a_data_len;
    153	__le64 a_ivin_addr;
    154	__le64 a_key_addr;
    155	__le64 mac_addr;
    156	__le64 c_ivin_addr;
    157	__le64 c_key_addr;
    158
    159	__le64 data_src_addr;
    160	__le64 data_dst_addr;
    161
    162	/*
    163	 * done: 0 bit
    164	 * icv: 1~3 bits
    165	 * csc: 4~6 bits
    166	 * flag: 7-10 bits
    167	 * dif_check: 11~13 bits
    168	 */
    169	__le16 done_flag;
    170
    171	__u8 error_type;
    172	__u8 warning_type;
    173	__u8 mac_i3;
    174	__u8 mac_i2;
    175	__u8 mac_i1;
    176	__u8 mac_i0;
    177	__le16 check_sum_i;
    178	__u8 tls_pad_len_i;
    179	__u8 rsvd12;
    180	__le32 counter;
    181};
    182
    183struct sec_sqe {
    184	/*
    185	 * type:	0~3 bits
    186	 * cipher:	4~5 bits
    187	 * auth:	6~7 bit s
    188	 */
    189	__u8 type_cipher_auth;
    190
    191	/*
    192	 * seq:	0 bit
    193	 * de:	1~2 bits
    194	 * scene:	3~6 bits
    195	 * src_addr_type: ~7 bit, with sdm_addr_type 0-1 bits
    196	 */
    197	__u8 sds_sa_type;
    198
    199	/*
    200	 * src_addr_type: 0~1 bits, not used now,
    201	 * if support PRP, set this field, or set zero.
    202	 * dst_addr_type: 2~4 bits
    203	 * mac_addr_type: 5~7 bits
    204	 */
    205	__u8 sdm_addr_type;
    206	__u8 rsvd0;
    207
    208	/*
    209	 * nonce_len(type2): 0~3 bits
    210	 * huk(type2): 4 bit
    211	 * key_s(type2): 5 bit
    212	 * ci_gen: 6~7 bits
    213	 */
    214	__u8 huk_key_ci;
    215
    216	/*
    217	 * ai_gen: 0~1 bits
    218	 * a_pad(type2): 2~3 bits
    219	 * c_s(type2): 4~5 bits
    220	 */
    221	__u8 ai_apd_cs;
    222
    223	/*
    224	 * rhf(type2): 0 bit
    225	 * c_key_type: 1~2 bits
    226	 * a_key_type: 3~4 bits
    227	 * write_frame_len(type2): 5~7 bits
    228	 */
    229	__u8 rca_key_frm;
    230
    231	/*
    232	 * cal_iv_addr_en(type2): 0 bit
    233	 * tls_up(type2): 1 bit
    234	 * inveld: 7 bit
    235	 */
    236	__u8 iv_tls_ld;
    237
    238	/* Just using type2 BD now */
    239	struct sec_sqe_type2 type2;
    240};
    241
    242struct bd3_auth_ivin {
    243	__le64 a_ivin_addr;
    244	__le32 rsvd0;
    245	__le32 rsvd1;
    246} __packed __aligned(4);
    247
    248struct bd3_skip_data {
    249	__le32 rsvd0;
    250
    251	/*
    252	 * gran_num: 0~15 bits
    253	 * reserved: 16~31 bits
    254	 */
    255	__le32 gran_num;
    256
    257	/*
    258	 * src_skip_data_len: 0~24 bits
    259	 * reserved: 25~31 bits
    260	 */
    261	__le32 src_skip_data_len;
    262
    263	/*
    264	 * dst_skip_data_len: 0~24 bits
    265	 * reserved: 25~31 bits
    266	 */
    267	__le32 dst_skip_data_len;
    268};
    269
    270struct bd3_stream_scene {
    271	__le64 c_ivin_addr;
    272	__le64 long_a_data_len;
    273
    274	/*
    275	 * auth_pad: 0~1 bits
    276	 * stream_protocol: 2~4 bits
    277	 * reserved: 5~7 bits
    278	 */
    279	__u8 stream_auth_pad;
    280	__u8 plaintext_type;
    281	__le16 pad_len_1p3;
    282} __packed __aligned(4);
    283
    284struct bd3_no_scene {
    285	__le64 c_ivin_addr;
    286	__le32 rsvd0;
    287	__le32 rsvd1;
    288	__le32 rsvd2;
    289} __packed __aligned(4);
    290
    291struct bd3_check_sum {
    292	__u8 rsvd0;
    293	__u8 hac_sva_status;
    294	__le16 check_sum_i;
    295};
    296
    297struct bd3_tls_type_back {
    298	__u8 tls_1p3_type_back;
    299	__u8 hac_sva_status;
    300	__le16 pad_len_1p3_back;
    301};
    302
    303struct sec_sqe3 {
    304	/*
    305	 * type: 0~3 bit
    306	 * bd_invalid: 4 bit
    307	 * scene: 5~8 bit
    308	 * de: 9~10 bit
    309	 * src_addr_type: 11~13 bit
    310	 * dst_addr_type: 14~16 bit
    311	 * mac_addr_type: 17~19 bit
    312	 * reserved: 20~31 bits
    313	 */
    314	__le32 bd_param;
    315
    316	/*
    317	 * cipher: 0~1 bits
    318	 * ci_gen: 2~3 bit
    319	 * c_icv_len: 4~9 bit
    320	 * c_width: 10~12 bits
    321	 * c_key_len: 13~15 bits
    322	 */
    323	__le16 c_icv_key;
    324
    325	/*
    326	 * c_mode : 0~3 bits
    327	 * c_alg : 4~7 bits
    328	 */
    329	__u8 c_mode_alg;
    330
    331	/*
    332	 * nonce_len : 0~3 bits
    333	 * huk : 4 bits
    334	 * cal_iv_addr_en : 5 bits
    335	 * seq : 6 bits
    336	 * reserved : 7 bits
    337	 */
    338	__u8 huk_iv_seq;
    339
    340	__le64 tag;
    341	__le64 data_src_addr;
    342	__le64 a_key_addr;
    343	union {
    344		struct bd3_auth_ivin auth_ivin;
    345		struct bd3_skip_data skip_data;
    346	};
    347
    348	__le64 c_key_addr;
    349
    350	/*
    351	 * auth: 0~1 bits
    352	 * ai_gen: 2~3 bits
    353	 * mac_len: 4~8 bits
    354	 * akey_len: 9~14 bits
    355	 * a_alg: 15~20 bits
    356	 * key_sel: 21~24 bits
    357	 * ctr_count_mode/sm4_xts: 25~26 bits
    358	 * sva_prefetch: 27 bits
    359	 * key_wrap_num: 28~30 bits
    360	 * update_key: 31 bits
    361	 */
    362	__le32 auth_mac_key;
    363	__le32 salt;
    364	__le16 auth_src_offset;
    365	__le16 cipher_src_offset;
    366
    367	/*
    368	 * auth_len: 0~23 bit
    369	 * auth_key_offset: 24~31 bits
    370	 */
    371	__le32 a_len_key;
    372
    373	/*
    374	 * cipher_len: 0~23 bit
    375	 * auth_ivin_offset: 24~31 bits
    376	 */
    377	__le32 c_len_ivin;
    378	__le64 data_dst_addr;
    379	__le64 mac_addr;
    380	union {
    381		struct bd3_stream_scene stream_scene;
    382		struct bd3_no_scene no_scene;
    383	};
    384
    385	/*
    386	 * done: 0 bit
    387	 * icv: 1~3 bit
    388	 * csc: 4~6 bit
    389	 * flag: 7~10 bit
    390	 * reserved: 11~15 bit
    391	 */
    392	__le16 done_flag;
    393	__u8 error_type;
    394	__u8 warning_type;
    395	union {
    396		__le32 mac_i;
    397		__le32 kek_key_addr_l;
    398	};
    399	union {
    400		__le32 kek_key_addr_h;
    401		struct bd3_check_sum check_sum;
    402		struct bd3_tls_type_back tls_type_back;
    403	};
    404	__le32 counter;
    405} __packed __aligned(4);
    406
    407int sec_register_to_crypto(struct hisi_qm *qm);
    408void sec_unregister_from_crypto(struct hisi_qm *qm);
    409#endif