1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* Copyright (c) 2019 HiSilicon Limited. */ 3 4 #ifndef __HISI_SEC_V2_CRYPTO_H 5 #define __HISI_SEC_V2_CRYPTO_H 6 7 #define SEC_AIV_SIZE 12 8 #define SEC_IV_SIZE 24 9 #define SEC_MAX_KEY_SIZE 64 10 #define SEC_MAX_AKEY_SIZE 128 11 #define SEC_COMM_SCENE 0 12 #define SEC_MIN_BLOCK_SZ 1 13 14 enum sec_calg { 15 SEC_CALG_3DES = 0x1, 16 SEC_CALG_AES = 0x2, 17 SEC_CALG_SM4 = 0x3, 18 }; 19 20 enum sec_hash_alg { 21 SEC_A_HMAC_SHA1 = 0x10, 22 SEC_A_HMAC_SHA256 = 0x11, 23 SEC_A_HMAC_SHA512 = 0x15, 24 }; 25 26 enum sec_cmode { 27 SEC_CMODE_ECB = 0x0, 28 SEC_CMODE_CBC = 0x1, 29 SEC_CMODE_CTR = 0x4, 30 SEC_CMODE_CCM = 0x5, 31 SEC_CMODE_GCM = 0x6, 32 SEC_CMODE_XTS = 0x7, 33 }; 34 35 enum sec_ckey_type { 36 SEC_CKEY_128BIT = 0x0, 37 SEC_CKEY_192BIT = 0x1, 38 SEC_CKEY_256BIT = 0x2, 39 SEC_CKEY_3DES_3KEY = 0x1, 40 SEC_CKEY_3DES_2KEY = 0x3, 41 }; 42 43 enum sec_bd_type { 44 SEC_BD_TYPE1 = 0x1, 45 SEC_BD_TYPE2 = 0x2, 46 SEC_BD_TYPE3 = 0x3, 47 }; 48 49 enum sec_auth { 50 SEC_NO_AUTH = 0x0, 51 SEC_AUTH_TYPE1 = 0x1, 52 SEC_AUTH_TYPE2 = 0x2, 53 }; 54 55 enum sec_cipher_dir { 56 SEC_CIPHER_ENC = 0x1, 57 SEC_CIPHER_DEC = 0x2, 58 }; 59 60 enum sec_addr_type { 61 SEC_PBUF = 0x0, 62 SEC_SGL = 0x1, 63 SEC_PRP = 0x2, 64 }; 65 66 struct bd_status { 67 u64 tag; 68 u8 done; 69 u8 err_type; 70 u16 flag; 71 u16 icv; 72 }; 73 74 enum { 75 AUTHPAD_PAD, 76 AUTHPAD_NOPAD, 77 }; 78 79 enum { 80 AIGEN_GEN, 81 AIGEN_NOGEN, 82 }; 83 84 struct sec_sqe_type2 { 85 /* 86 * mac_len: 0~4 bits 87 * a_key_len: 5~10 bits 88 * a_alg: 11~16 bits 89 */ 90 __le32 mac_key_alg; 91 92 /* 93 * c_icv_len: 0~5 bits 94 * c_width: 6~8 bits 95 * c_key_len: 9~11 bits 96 * c_mode: 12~15 bits 97 */ 98 __le16 icvw_kmode; 99 100 /* c_alg: 0~3 bits */ 101 __u8 c_alg; 102 __u8 rsvd4; 103 104 /* 105 * a_len: 0~23 bits 106 * iv_offset_l: 24~31 bits 107 */ 108 __le32 alen_ivllen; 109 110 /* 111 * c_len: 0~23 bits 112 * iv_offset_h: 24~31 bits 113 */ 114 __le32 clen_ivhlen; 115 116 __le16 auth_src_offset; 117 __le16 cipher_src_offset; 118 __le16 cs_ip_header_offset; 119 __le16 cs_udp_header_offset; 120 __le16 pass_word_len; 121 __le16 dk_len; 122 __u8 salt3; 123 __u8 salt2; 124 __u8 salt1; 125 __u8 salt0; 126 127 __le16 tag; 128 __le16 rsvd5; 129 130 /* 131 * c_pad_type: 0~3 bits 132 * c_pad_len: 4~11 bits 133 * c_pad_data_type: 12~15 bits 134 */ 135 __le16 cph_pad; 136 137 /* c_pad_len_field: 0~1 bits */ 138 __le16 c_pad_len_field; 139 140 __le64 long_a_data_len; 141 __le64 a_ivin_addr; 142 __le64 a_key_addr; 143 __le64 mac_addr; 144 __le64 c_ivin_addr; 145 __le64 c_key_addr; 146 147 __le64 data_src_addr; 148 __le64 data_dst_addr; 149 150 /* 151 * done: 0 bit 152 * icv: 1~3 bits 153 * csc: 4~6 bits 154 * flag: 7-10 bits 155 * dif_check: 11~13 bits 156 */ 157 __le16 done_flag; 158 159 __u8 error_type; 160 __u8 warning_type; 161 __u8 mac_i3; 162 __u8 mac_i2; 163 __u8 mac_i1; 164 __u8 mac_i0; 165 __le16 check_sum_i; 166 __u8 tls_pad_len_i; 167 __u8 rsvd12; 168 __le32 counter; 169 }; 170 171 struct sec_sqe { 172 /* 173 * type: 0~3 bits 174 * cipher: 4~5 bits 175 * auth: 6~7 bit s 176 */ 177 __u8 type_cipher_auth; 178 179 /* 180 * seq: 0 bit 181 * de: 1~2 bits 182 * scene: 3~6 bits 183 * src_addr_type: ~7 bit, with sdm_addr_type 0-1 bits 184 */ 185 __u8 sds_sa_type; 186 187 /* 188 * src_addr_type: 0~1 bits, not used now, 189 * if support PRP, set this field, or set zero. 190 * dst_addr_type: 2~4 bits 191 * mac_addr_type: 5~7 bits 192 */ 193 __u8 sdm_addr_type; 194 __u8 rsvd0; 195 196 /* 197 * nonce_len(type2): 0~3 bits 198 * huk(type2): 4 bit 199 * key_s(type2): 5 bit 200 * ci_gen: 6~7 bits 201 */ 202 __u8 huk_key_ci; 203 204 /* 205 * ai_gen: 0~1 bits 206 * a_pad(type2): 2~3 bits 207 * c_s(type2): 4~5 bits 208 */ 209 __u8 ai_apd_cs; 210 211 /* 212 * rhf(type2): 0 bit 213 * c_key_type: 1~2 bits 214 * a_key_type: 3~4 bits 215 * write_frame_len(type2): 5~7 bits 216 */ 217 __u8 rca_key_frm; 218 219 /* 220 * cal_iv_addr_en(type2): 0 bit 221 * tls_up(type2): 1 bit 222 * inveld: 7 bit 223 */ 224 __u8 iv_tls_ld; 225 226 /* Just using type2 BD now */ 227 struct sec_sqe_type2 type2; 228 }; 229 230 struct bd3_auth_ivin { 231 __le64 a_ivin_addr; 232 __le32 rsvd0; 233 __le32 rsvd1; 234 } __packed __aligned(4); 235 236 struct bd3_skip_data { 237 __le32 rsvd0; 238 239 /* 240 * gran_num: 0~15 bits 241 * reserved: 16~31 bits 242 */ 243 __le32 gran_num; 244 245 /* 246 * src_skip_data_len: 0~24 bits 247 * reserved: 25~31 bits 248 */ 249 __le32 src_skip_data_len; 250 251 /* 252 * dst_skip_data_len: 0~24 bits 253 * reserved: 25~31 bits 254 */ 255 __le32 dst_skip_data_len; 256 }; 257 258 struct bd3_stream_scene { 259 __le64 c_ivin_addr; 260 __le64 long_a_data_len; 261 262 /* 263 * auth_pad: 0~1 bits 264 * stream_protocol: 2~4 bits 265 * reserved: 5~7 bits 266 */ 267 __u8 stream_auth_pad; 268 __u8 plaintext_type; 269 __le16 pad_len_1p3; 270 } __packed __aligned(4); 271 272 struct bd3_no_scene { 273 __le64 c_ivin_addr; 274 __le32 rsvd0; 275 __le32 rsvd1; 276 __le32 rsvd2; 277 } __packed __aligned(4); 278 279 struct bd3_check_sum { 280 __u8 rsvd0; 281 __u8 hac_sva_status; 282 __le16 check_sum_i; 283 }; 284 285 struct bd3_tls_type_back { 286 __u8 tls_1p3_type_back; 287 __u8 hac_sva_status; 288 __le16 pad_len_1p3_back; 289 }; 290 291 struct sec_sqe3 { 292 /* 293 * type: 0~3 bit 294 * bd_invalid: 4 bit 295 * scene: 5~8 bit 296 * de: 9~10 bit 297 * src_addr_type: 11~13 bit 298 * dst_addr_type: 14~16 bit 299 * mac_addr_type: 17~19 bit 300 * reserved: 20~31 bits 301 */ 302 __le32 bd_param; 303 304 /* 305 * cipher: 0~1 bits 306 * ci_gen: 2~3 bit 307 * c_icv_len: 4~9 bit 308 * c_width: 10~12 bits 309 * c_key_len: 13~15 bits 310 */ 311 __le16 c_icv_key; 312 313 /* 314 * c_mode : 0~3 bits 315 * c_alg : 4~7 bits 316 */ 317 __u8 c_mode_alg; 318 319 /* 320 * nonce_len : 0~3 bits 321 * huk : 4 bits 322 * cal_iv_addr_en : 5 bits 323 * seq : 6 bits 324 * reserved : 7 bits 325 */ 326 __u8 huk_iv_seq; 327 328 __le64 tag; 329 __le64 data_src_addr; 330 __le64 a_key_addr; 331 union { 332 struct bd3_auth_ivin auth_ivin; 333 struct bd3_skip_data skip_data; 334 }; 335 336 __le64 c_key_addr; 337 338 /* 339 * auth: 0~1 bits 340 * ai_gen: 2~3 bits 341 * mac_len: 4~8 bits 342 * akey_len: 9~14 bits 343 * a_alg: 15~20 bits 344 * key_sel: 21~24 bits 345 * ctr_count_mode/sm4_xts: 25~26 bits 346 * sva_prefetch: 27 bits 347 * key_wrap_num: 28~30 bits 348 * update_key: 31 bits 349 */ 350 __le32 auth_mac_key; 351 __le32 salt; 352 __le16 auth_src_offset; 353 __le16 cipher_src_offset; 354 355 /* 356 * auth_len: 0~23 bit 357 * auth_key_offset: 24~31 bits 358 */ 359 __le32 a_len_key; 360 361 /* 362 * cipher_len: 0~23 bit 363 * auth_ivin_offset: 24~31 bits 364 */ 365 __le32 c_len_ivin; 366 __le64 data_dst_addr; 367 __le64 mac_addr; 368 union { 369 struct bd3_stream_scene stream_scene; 370 struct bd3_no_scene no_scene; 371 }; 372 373 /* 374 * done: 0 bit 375 * icv: 1~3 bit 376 * csc: 4~6 bit 377 * flag: 7~10 bit 378 * reserved: 11~15 bit 379 */ 380 __le16 done_flag; 381 __u8 error_type; 382 __u8 warning_type; 383 union { 384 __le32 mac_i; 385 __le32 kek_key_addr_l; 386 }; 387 union { 388 __le32 kek_key_addr_h; 389 struct bd3_check_sum check_sum; 390 struct bd3_tls_type_back tls_type_back; 391 }; 392 __le32 counter; 393 } __packed __aligned(4); 394 395 int sec_register_to_crypto(struct hisi_qm *qm); 396 void sec_unregister_from_crypto(struct hisi_qm *qm); 397 #endif 398