xref: /openbmc/linux/drivers/crypto/bcm/spu2.h (revision 7f2e85840871f199057e65232ebde846192ed989)
1 /*
2  * Copyright 2016 Broadcom
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License, version 2, as
6  * published by the Free Software Foundation (the "GPL").
7  *
8  * This program is distributed in the hope that it will be useful, but
9  * WITHOUT ANY WARRANTY; without even the implied warranty of
10  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
11  * General Public License version 2 (GPLv2) for more details.
12  *
13  * You should have received a copy of the GNU General Public License
14  * version 2 (GPLv2) along with this source code.
15  */
16 
17 /*
18  * This file contains SPU message definitions specific to SPU2.
19  */
20 
21 #ifndef _SPU2_H
22 #define _SPU2_H
23 
24 enum spu2_cipher_type {
25 	SPU2_CIPHER_TYPE_NONE = 0x0,
26 	SPU2_CIPHER_TYPE_AES128 = 0x1,
27 	SPU2_CIPHER_TYPE_AES192 = 0x2,
28 	SPU2_CIPHER_TYPE_AES256 = 0x3,
29 	SPU2_CIPHER_TYPE_DES = 0x4,
30 	SPU2_CIPHER_TYPE_3DES = 0x5,
31 	SPU2_CIPHER_TYPE_LAST
32 };
33 
34 enum spu2_cipher_mode {
35 	SPU2_CIPHER_MODE_ECB = 0x0,
36 	SPU2_CIPHER_MODE_CBC = 0x1,
37 	SPU2_CIPHER_MODE_CTR = 0x2,
38 	SPU2_CIPHER_MODE_CFB = 0x3,
39 	SPU2_CIPHER_MODE_OFB = 0x4,
40 	SPU2_CIPHER_MODE_XTS = 0x5,
41 	SPU2_CIPHER_MODE_CCM = 0x6,
42 	SPU2_CIPHER_MODE_GCM = 0x7,
43 	SPU2_CIPHER_MODE_LAST
44 };
45 
46 enum spu2_hash_type {
47 	SPU2_HASH_TYPE_NONE = 0x0,
48 	SPU2_HASH_TYPE_AES128 = 0x1,
49 	SPU2_HASH_TYPE_AES192 = 0x2,
50 	SPU2_HASH_TYPE_AES256 = 0x3,
51 	SPU2_HASH_TYPE_MD5 = 0x6,
52 	SPU2_HASH_TYPE_SHA1 = 0x7,
53 	SPU2_HASH_TYPE_SHA224 = 0x8,
54 	SPU2_HASH_TYPE_SHA256 = 0x9,
55 	SPU2_HASH_TYPE_SHA384 = 0xa,
56 	SPU2_HASH_TYPE_SHA512 = 0xb,
57 	SPU2_HASH_TYPE_SHA512_224 = 0xc,
58 	SPU2_HASH_TYPE_SHA512_256 = 0xd,
59 	SPU2_HASH_TYPE_SHA3_224 = 0xe,
60 	SPU2_HASH_TYPE_SHA3_256 = 0xf,
61 	SPU2_HASH_TYPE_SHA3_384 = 0x10,
62 	SPU2_HASH_TYPE_SHA3_512 = 0x11,
63 	SPU2_HASH_TYPE_LAST
64 };
65 
66 enum spu2_hash_mode {
67 	SPU2_HASH_MODE_CMAC = 0x0,
68 	SPU2_HASH_MODE_CBC_MAC = 0x1,
69 	SPU2_HASH_MODE_XCBC_MAC = 0x2,
70 	SPU2_HASH_MODE_HMAC = 0x3,
71 	SPU2_HASH_MODE_RABIN = 0x4,
72 	SPU2_HASH_MODE_CCM = 0x5,
73 	SPU2_HASH_MODE_GCM = 0x6,
74 	SPU2_HASH_MODE_RESERVED = 0x7,
75 	SPU2_HASH_MODE_LAST
76 };
77 
78 enum spu2_ret_md_opts {
79 	SPU2_RET_NO_MD = 0,	/* return no metadata */
80 	SPU2_RET_FMD_OMD = 1,	/* return both FMD and OMD */
81 	SPU2_RET_FMD_ONLY = 2,	/* return only FMD */
82 	SPU2_RET_FMD_OMD_IV = 3,	/* return FMD and OMD with just IVs */
83 };
84 
85 /* Fixed Metadata format */
86 struct SPU2_FMD {
87 	u64 ctrl0;
88 	u64 ctrl1;
89 	u64 ctrl2;
90 	u64 ctrl3;
91 };
92 
93 #define FMD_SIZE  sizeof(struct SPU2_FMD)
94 
95 /* Fixed part of request message header length in bytes. Just FMD. */
96 #define SPU2_REQ_FIXED_LEN FMD_SIZE
97 #define SPU2_HEADER_ALLOC_LEN (SPU_REQ_FIXED_LEN + \
98 				2 * MAX_KEY_SIZE + 2 * MAX_IV_SIZE)
99 
100 /* FMD ctrl0 field masks */
101 #define SPU2_CIPH_ENCRYPT_EN            0x1 /* 0: decrypt, 1: encrypt */
102 #define SPU2_CIPH_TYPE                 0xF0 /* one of spu2_cipher_type */
103 #define SPU2_CIPH_TYPE_SHIFT              4
104 #define SPU2_CIPH_MODE                0xF00 /* one of spu2_cipher_mode */
105 #define SPU2_CIPH_MODE_SHIFT              8
106 #define SPU2_CFB_MASK                0x7000 /* cipher feedback mask */
107 #define SPU2_CFB_MASK_SHIFT              12
108 #define SPU2_PROTO_SEL             0xF00000 /* MACsec, IPsec, TLS... */
109 #define SPU2_PROTO_SEL_SHIFT             20
110 #define SPU2_HASH_FIRST           0x1000000 /* 1: hash input is input pkt
111 					     * data
112 					     */
113 #define SPU2_CHK_TAG              0x2000000 /* 1: check digest provided */
114 #define SPU2_HASH_TYPE          0x1F0000000 /* one of spu2_hash_type */
115 #define SPU2_HASH_TYPE_SHIFT             28
116 #define SPU2_HASH_MODE         0xF000000000 /* one of spu2_hash_mode */
117 #define SPU2_HASH_MODE_SHIFT             36
118 #define SPU2_CIPH_PAD_EN     0x100000000000 /* 1: Add pad to end of payload for
119 					     *    enc
120 					     */
121 #define SPU2_CIPH_PAD      0xFF000000000000 /* cipher pad value */
122 #define SPU2_CIPH_PAD_SHIFT              48
123 
124 /* FMD ctrl1 field masks */
125 #define SPU2_TAG_LOC                    0x1 /* 1: end of payload, 0: undef */
126 #define SPU2_HAS_FR_DATA                0x2 /* 1: msg has frame data */
127 #define SPU2_HAS_AAD1                   0x4 /* 1: msg has AAD1 field */
128 #define SPU2_HAS_NAAD                   0x8 /* 1: msg has NAAD field */
129 #define SPU2_HAS_AAD2                  0x10 /* 1: msg has AAD2 field */
130 #define SPU2_HAS_ESN                   0x20 /* 1: msg has ESN field */
131 #define SPU2_HASH_KEY_LEN            0xFF00 /* len of hash key in bytes.
132 					     * HMAC only.
133 					     */
134 #define SPU2_HASH_KEY_LEN_SHIFT           8
135 #define SPU2_CIPH_KEY_LEN         0xFF00000 /* len of cipher key in bytes */
136 #define SPU2_CIPH_KEY_LEN_SHIFT          20
137 #define SPU2_GENIV               0x10000000 /* 1: hw generates IV */
138 #define SPU2_HASH_IV             0x20000000 /* 1: IV incl in hash */
139 #define SPU2_RET_IV              0x40000000 /* 1: return IV in output msg
140 					     *    b4 payload
141 					     */
142 #define SPU2_RET_IV_LEN         0xF00000000 /* length in bytes of IV returned.
143 					     * 0 = 16 bytes
144 					     */
145 #define SPU2_RET_IV_LEN_SHIFT            32
146 #define SPU2_IV_OFFSET         0xF000000000 /* gen IV offset */
147 #define SPU2_IV_OFFSET_SHIFT             36
148 #define SPU2_IV_LEN          0x1F0000000000 /* length of input IV in bytes */
149 #define SPU2_IV_LEN_SHIFT                40
150 #define SPU2_HASH_TAG_LEN  0x7F000000000000 /* hash tag length in bytes */
151 #define SPU2_HASH_TAG_LEN_SHIFT          48
152 #define SPU2_RETURN_MD    0x300000000000000 /* return metadata */
153 #define SPU2_RETURN_MD_SHIFT             56
154 #define SPU2_RETURN_FD    0x400000000000000
155 #define SPU2_RETURN_AAD1  0x800000000000000
156 #define SPU2_RETURN_NAAD 0x1000000000000000
157 #define SPU2_RETURN_AAD2 0x2000000000000000
158 #define SPU2_RETURN_PAY  0x4000000000000000 /* return payload */
159 
160 /* FMD ctrl2 field masks */
161 #define SPU2_AAD1_OFFSET              0xFFF /* byte offset of AAD1 field */
162 #define SPU2_AAD1_LEN               0xFF000 /* length of AAD1 in bytes */
163 #define SPU2_AAD1_LEN_SHIFT              12
164 #define SPU2_AAD2_OFFSET         0xFFF00000 /* byte offset of AAD2 field */
165 #define SPU2_AAD2_OFFSET_SHIFT           20
166 #define SPU2_PL_OFFSET   0xFFFFFFFF00000000 /* payload offset from AAD2 */
167 #define SPU2_PL_OFFSET_SHIFT             32
168 
169 /* FMD ctrl3 field masks */
170 #define SPU2_PL_LEN              0xFFFFFFFF /* payload length in bytes */
171 #define SPU2_TLS_LEN         0xFFFF00000000 /* TLS encrypt: cipher len
172 					     * TLS decrypt: compressed len
173 					     */
174 #define SPU2_TLS_LEN_SHIFT               32
175 
176 /*
177  * Max value that can be represented in the Payload Length field of the
178  * ctrl3 word of FMD.
179  */
180 #define SPU2_MAX_PAYLOAD  SPU2_PL_LEN
181 
182 /* Error values returned in STATUS field of response messages */
183 #define SPU2_INVALID_ICV  1
184 
185 void spu2_dump_msg_hdr(u8 *buf, unsigned int buf_len);
186 u32 spu2_ctx_max_payload(enum spu_cipher_alg cipher_alg,
187 			 enum spu_cipher_mode cipher_mode,
188 			 unsigned int blocksize);
189 u32 spu2_payload_length(u8 *spu_hdr);
190 u16 spu2_response_hdr_len(u16 auth_key_len, u16 enc_key_len, bool is_hash);
191 u16 spu2_hash_pad_len(enum hash_alg hash_alg, enum hash_mode hash_mode,
192 		      u32 chunksize, u16 hash_block_size);
193 u32 spu2_gcm_ccm_pad_len(enum spu_cipher_mode cipher_mode,
194 			 unsigned int data_size);
195 u32 spu2_assoc_resp_len(enum spu_cipher_mode cipher_mode,
196 			unsigned int assoc_len, unsigned int iv_len,
197 			bool is_encrypt);
198 u8 spu2_aead_ivlen(enum spu_cipher_mode cipher_mode,
199 		   u16 iv_len);
200 enum hash_type spu2_hash_type(u32 src_sent);
201 u32 spu2_digest_size(u32 alg_digest_size, enum hash_alg alg,
202 		     enum hash_type htype);
203 u32 spu2_create_request(u8 *spu_hdr,
204 			struct spu_request_opts *req_opts,
205 			struct spu_cipher_parms *cipher_parms,
206 			struct spu_hash_parms *hash_parms,
207 			struct spu_aead_parms *aead_parms,
208 			unsigned int data_size);
209 u16 spu2_cipher_req_init(u8 *spu_hdr, struct spu_cipher_parms *cipher_parms);
210 void spu2_cipher_req_finish(u8 *spu_hdr,
211 			    u16 spu_req_hdr_len,
212 			    unsigned int is_inbound,
213 			    struct spu_cipher_parms *cipher_parms,
214 			    bool update_key,
215 			    unsigned int data_size);
216 void spu2_request_pad(u8 *pad_start, u32 gcm_padding, u32 hash_pad_len,
217 		      enum hash_alg auth_alg, enum hash_mode auth_mode,
218 		      unsigned int total_sent, u32 status_padding);
219 u8 spu2_xts_tweak_in_payload(void);
220 u8 spu2_tx_status_len(void);
221 u8 spu2_rx_status_len(void);
222 int spu2_status_process(u8 *statp);
223 void spu2_ccm_update_iv(unsigned int digestsize,
224 			struct spu_cipher_parms *cipher_parms,
225 			unsigned int assoclen, unsigned int chunksize,
226 			bool is_encrypt, bool is_esp);
227 u32 spu2_wordalign_padlen(u32 data_size);
228 #endif
229