xref: /openbmc/qemu/hw/misc/aspeed_hace.c (revision 6016b7b46edb714a53a31536b30ead9c3aafaef7)
1 /*
2  * ASPEED Hash and Crypto Engine
3  *
4  * Copyright (C) 2021 IBM Corp.
5  *
6  * Joel Stanley <joel@jms.id.au>
7  *
8  * SPDX-License-Identifier: GPL-2.0-or-later
9  */
10 
11 #include "qemu/osdep.h"
12 #include "qemu/log.h"
13 #include "qemu/error-report.h"
14 #include "hw/misc/aspeed_hace.h"
15 #include "qapi/error.h"
16 #include "migration/vmstate.h"
17 #include "crypto/hash.h"
18 #include "hw/qdev-properties.h"
19 #include "hw/irq.h"
20 
21 #define R_CRYPT_CMD     (0x10 / 4)
22 
23 #define R_STATUS        (0x1c / 4)
24 #define HASH_IRQ        BIT(9)
25 #define CRYPT_IRQ       BIT(12)
26 #define TAG_IRQ         BIT(15)
27 
28 #define R_HASH_SRC      (0x20 / 4)
29 #define R_HASH_DEST     (0x24 / 4)
30 #define R_HASH_SRC_LEN  (0x2c / 4)
31 
32 #define R_HASH_CMD      (0x30 / 4)
33 /* Hash algorithm selection */
34 #define  HASH_ALGO_MASK                 (BIT(4) | BIT(5) | BIT(6))
35 #define  HASH_ALGO_MD5                  0
36 #define  HASH_ALGO_SHA1                 BIT(5)
37 #define  HASH_ALGO_SHA224               BIT(6)
38 #define  HASH_ALGO_SHA256               (BIT(4) | BIT(6))
39 #define  HASH_ALGO_SHA512_SERIES        (BIT(5) | BIT(6))
40 /* SHA512 algorithm selection */
41 #define  SHA512_HASH_ALGO_MASK          (BIT(10) | BIT(11) | BIT(12))
42 #define  HASH_ALGO_SHA512_SHA512        0
43 #define  HASH_ALGO_SHA512_SHA384        BIT(10)
44 #define  HASH_ALGO_SHA512_SHA256        BIT(11)
45 #define  HASH_ALGO_SHA512_SHA224        (BIT(10) | BIT(11))
46 /* HMAC modes */
47 #define  HASH_HMAC_MASK                 (BIT(7) | BIT(8))
48 #define  HASH_DIGEST                    0
49 #define  HASH_DIGEST_HMAC               BIT(7)
50 #define  HASH_DIGEST_ACCUM              BIT(8)
51 #define  HASH_HMAC_KEY                  (BIT(7) | BIT(8))
52 /* Cascaded operation modes */
53 #define  HASH_ONLY                      0
54 #define  HASH_ONLY2                     BIT(0)
55 #define  HASH_CRYPT_THEN_HASH           BIT(1)
56 #define  HASH_HASH_THEN_CRYPT           (BIT(0) | BIT(1))
57 /* Other cmd bits */
58 #define  HASH_IRQ_EN                    BIT(9)
59 #define  HASH_SG_EN                     BIT(18)
60 /* Scatter-gather data list */
61 #define SG_LIST_LEN_SIZE                4
62 #define SG_LIST_LEN_MASK                0x0FFFFFFF
63 #define SG_LIST_LEN_LAST                BIT(31)
64 #define SG_LIST_ADDR_SIZE               4
65 #define SG_LIST_ADDR_MASK               0x7FFFFFFF
66 #define SG_LIST_ENTRY_SIZE              (SG_LIST_LEN_SIZE + SG_LIST_ADDR_SIZE)
67 #define ASPEED_HACE_MAX_SG              256        /* max number of entries */
68 
69 static const struct {
70     uint32_t mask;
71     QCryptoHashAlgorithm algo;
72 } hash_algo_map[] = {
73     { HASH_ALGO_MD5, QCRYPTO_HASH_ALG_MD5 },
74     { HASH_ALGO_SHA1, QCRYPTO_HASH_ALG_SHA1 },
75     { HASH_ALGO_SHA224, QCRYPTO_HASH_ALG_SHA224 },
76     { HASH_ALGO_SHA256, QCRYPTO_HASH_ALG_SHA256 },
77     { HASH_ALGO_SHA512_SERIES | HASH_ALGO_SHA512_SHA512, QCRYPTO_HASH_ALG_SHA512 },
78     { HASH_ALGO_SHA512_SERIES | HASH_ALGO_SHA512_SHA384, QCRYPTO_HASH_ALG_SHA384 },
79     { HASH_ALGO_SHA512_SERIES | HASH_ALGO_SHA512_SHA256, QCRYPTO_HASH_ALG_SHA256 },
80 };
81 
82 static int hash_algo_lookup(uint32_t reg)
83 {
84     int i;
85 
86     reg &= HASH_ALGO_MASK | SHA512_HASH_ALGO_MASK;
87 
88     for (i = 0; i < ARRAY_SIZE(hash_algo_map); i++) {
89         if (reg == hash_algo_map[i].mask) {
90             return hash_algo_map[i].algo;
91         }
92     }
93 
94     return -1;
95 }
96 
97 static void do_hash_operation(AspeedHACEState *s, int algo, bool sg_mode)
98 {
99     struct iovec iov[ASPEED_HACE_MAX_SG];
100     g_autofree uint8_t *digest_buf;
101     size_t digest_len = 0;
102     int i;
103 
104     if (sg_mode) {
105         uint32_t len = 0;
106 
107         for (i = 0; !(len & SG_LIST_LEN_LAST); i++) {
108             uint32_t addr, src;
109             hwaddr plen;
110 
111             if (i == ASPEED_HACE_MAX_SG) {
112                 qemu_log_mask(LOG_GUEST_ERROR,
113                         "aspeed_hace: guest failed to set end of sg list marker\n");
114                 break;
115             }
116 
117             src = s->regs[R_HASH_SRC] + (i * SG_LIST_ENTRY_SIZE);
118 
119             len = address_space_ldl_le(&s->dram_as, src,
120                                        MEMTXATTRS_UNSPECIFIED, NULL);
121 
122             addr = address_space_ldl_le(&s->dram_as, src + SG_LIST_LEN_SIZE,
123                                         MEMTXATTRS_UNSPECIFIED, NULL);
124             addr &= SG_LIST_ADDR_MASK;
125 
126             iov[i].iov_len = len & SG_LIST_LEN_MASK;
127             plen = iov[i].iov_len;
128             iov[i].iov_base = address_space_map(&s->dram_as, addr, &plen, false,
129                                                 MEMTXATTRS_UNSPECIFIED);
130         }
131     } else {
132         hwaddr len = s->regs[R_HASH_SRC_LEN];
133 
134         iov[0].iov_len = len;
135         iov[0].iov_base = address_space_map(&s->dram_as, s->regs[R_HASH_SRC],
136                                             &len, false,
137                                             MEMTXATTRS_UNSPECIFIED);
138         i = 1;
139     }
140 
141     if (qcrypto_hash_bytesv(algo, iov, i, &digest_buf, &digest_len, NULL) < 0) {
142         qemu_log_mask(LOG_GUEST_ERROR, "%s: qcrypto failed\n", __func__);
143         return;
144     }
145 
146     if (address_space_write(&s->dram_as, s->regs[R_HASH_DEST],
147                             MEMTXATTRS_UNSPECIFIED,
148                             digest_buf, digest_len)) {
149         qemu_log_mask(LOG_GUEST_ERROR,
150                       "aspeed_hace: address space write failed\n");
151     }
152 
153     for (; i > 0; i--) {
154         address_space_unmap(&s->dram_as, iov[i - 1].iov_base,
155                             iov[i - 1].iov_len, false,
156                             iov[i - 1].iov_len);
157     }
158 
159     /*
160      * Set status bits to indicate completion. Testing shows hardware sets
161      * these irrespective of HASH_IRQ_EN.
162      */
163     s->regs[R_STATUS] |= HASH_IRQ;
164 }
165 
166 static uint64_t aspeed_hace_read(void *opaque, hwaddr addr, unsigned int size)
167 {
168     AspeedHACEState *s = ASPEED_HACE(opaque);
169 
170     addr >>= 2;
171 
172     if (addr >= ASPEED_HACE_NR_REGS) {
173         qemu_log_mask(LOG_GUEST_ERROR,
174                       "%s: Out-of-bounds read at offset 0x%" HWADDR_PRIx "\n",
175                       __func__, addr << 2);
176         return 0;
177     }
178 
179     return s->regs[addr];
180 }
181 
182 static void aspeed_hace_write(void *opaque, hwaddr addr, uint64_t data,
183                               unsigned int size)
184 {
185     AspeedHACEState *s = ASPEED_HACE(opaque);
186     AspeedHACEClass *ahc = ASPEED_HACE_GET_CLASS(s);
187 
188     addr >>= 2;
189 
190     if (addr >= ASPEED_HACE_NR_REGS) {
191         qemu_log_mask(LOG_GUEST_ERROR,
192                       "%s: Out-of-bounds write at offset 0x%" HWADDR_PRIx "\n",
193                       __func__, addr << 2);
194         return;
195     }
196 
197     switch (addr) {
198     case R_STATUS:
199         if (data & HASH_IRQ) {
200             data &= ~HASH_IRQ;
201 
202             if (s->regs[addr] & HASH_IRQ) {
203                 qemu_irq_lower(s->irq);
204             }
205         }
206         break;
207     case R_HASH_SRC:
208         data &= ahc->src_mask;
209         break;
210     case R_HASH_DEST:
211         data &= ahc->dest_mask;
212         break;
213     case R_HASH_SRC_LEN:
214         data &= 0x0FFFFFFF;
215         break;
216     case R_HASH_CMD: {
217         int algo;
218         data &= ahc->hash_mask;
219 
220         if ((data & HASH_HMAC_MASK)) {
221             qemu_log_mask(LOG_UNIMP,
222                           "%s: HMAC engine command mode %"PRIx64" not implemented",
223                           __func__, (data & HASH_HMAC_MASK) >> 8);
224         }
225         if (data & BIT(1)) {
226             qemu_log_mask(LOG_UNIMP,
227                           "%s: Cascaded mode not implemented",
228                           __func__);
229         }
230         algo = hash_algo_lookup(data);
231         if (algo < 0) {
232                 qemu_log_mask(LOG_GUEST_ERROR,
233                         "%s: Invalid hash algorithm selection 0x%"PRIx64"\n",
234                         __func__, data & ahc->hash_mask);
235                 break;
236         }
237         do_hash_operation(s, algo, data & HASH_SG_EN);
238 
239         if (data & HASH_IRQ_EN) {
240             qemu_irq_raise(s->irq);
241         }
242         break;
243     }
244     case R_CRYPT_CMD:
245         qemu_log_mask(LOG_UNIMP, "%s: Crypt commands not implemented\n",
246                        __func__);
247         break;
248     default:
249         break;
250     }
251 
252     s->regs[addr] = data;
253 }
254 
255 static const MemoryRegionOps aspeed_hace_ops = {
256     .read = aspeed_hace_read,
257     .write = aspeed_hace_write,
258     .endianness = DEVICE_LITTLE_ENDIAN,
259     .valid = {
260         .min_access_size = 1,
261         .max_access_size = 4,
262     },
263 };
264 
265 static void aspeed_hace_reset(DeviceState *dev)
266 {
267     struct AspeedHACEState *s = ASPEED_HACE(dev);
268 
269     memset(s->regs, 0, sizeof(s->regs));
270 }
271 
272 static void aspeed_hace_realize(DeviceState *dev, Error **errp)
273 {
274     AspeedHACEState *s = ASPEED_HACE(dev);
275     SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
276 
277     sysbus_init_irq(sbd, &s->irq);
278 
279     memory_region_init_io(&s->iomem, OBJECT(s), &aspeed_hace_ops, s,
280             TYPE_ASPEED_HACE, 0x1000);
281 
282     if (!s->dram_mr) {
283         error_setg(errp, TYPE_ASPEED_HACE ": 'dram' link not set");
284         return;
285     }
286 
287     address_space_init(&s->dram_as, s->dram_mr, "dram");
288 
289     sysbus_init_mmio(sbd, &s->iomem);
290 }
291 
292 static Property aspeed_hace_properties[] = {
293     DEFINE_PROP_LINK("dram", AspeedHACEState, dram_mr,
294                      TYPE_MEMORY_REGION, MemoryRegion *),
295     DEFINE_PROP_END_OF_LIST(),
296 };
297 
298 
299 static const VMStateDescription vmstate_aspeed_hace = {
300     .name = TYPE_ASPEED_HACE,
301     .version_id = 1,
302     .minimum_version_id = 1,
303     .fields = (VMStateField[]) {
304         VMSTATE_UINT32_ARRAY(regs, AspeedHACEState, ASPEED_HACE_NR_REGS),
305         VMSTATE_END_OF_LIST(),
306     }
307 };
308 
309 static void aspeed_hace_class_init(ObjectClass *klass, void *data)
310 {
311     DeviceClass *dc = DEVICE_CLASS(klass);
312 
313     dc->realize = aspeed_hace_realize;
314     dc->reset = aspeed_hace_reset;
315     device_class_set_props(dc, aspeed_hace_properties);
316     dc->vmsd = &vmstate_aspeed_hace;
317 }
318 
319 static const TypeInfo aspeed_hace_info = {
320     .name = TYPE_ASPEED_HACE,
321     .parent = TYPE_SYS_BUS_DEVICE,
322     .instance_size = sizeof(AspeedHACEState),
323     .class_init = aspeed_hace_class_init,
324     .class_size = sizeof(AspeedHACEClass)
325 };
326 
327 static void aspeed_ast2400_hace_class_init(ObjectClass *klass, void *data)
328 {
329     DeviceClass *dc = DEVICE_CLASS(klass);
330     AspeedHACEClass *ahc = ASPEED_HACE_CLASS(klass);
331 
332     dc->desc = "AST2400 Hash and Crypto Engine";
333 
334     ahc->src_mask = 0x0FFFFFFF;
335     ahc->dest_mask = 0x0FFFFFF8;
336     ahc->hash_mask = 0x000003ff; /* No SG or SHA512 modes */
337 }
338 
339 static const TypeInfo aspeed_ast2400_hace_info = {
340     .name = TYPE_ASPEED_AST2400_HACE,
341     .parent = TYPE_ASPEED_HACE,
342     .class_init = aspeed_ast2400_hace_class_init,
343 };
344 
345 static void aspeed_ast2500_hace_class_init(ObjectClass *klass, void *data)
346 {
347     DeviceClass *dc = DEVICE_CLASS(klass);
348     AspeedHACEClass *ahc = ASPEED_HACE_CLASS(klass);
349 
350     dc->desc = "AST2500 Hash and Crypto Engine";
351 
352     ahc->src_mask = 0x3fffffff;
353     ahc->dest_mask = 0x3ffffff8;
354     ahc->hash_mask = 0x000003ff; /* No SG or SHA512 modes */
355 }
356 
357 static const TypeInfo aspeed_ast2500_hace_info = {
358     .name = TYPE_ASPEED_AST2500_HACE,
359     .parent = TYPE_ASPEED_HACE,
360     .class_init = aspeed_ast2500_hace_class_init,
361 };
362 
363 static void aspeed_ast2600_hace_class_init(ObjectClass *klass, void *data)
364 {
365     DeviceClass *dc = DEVICE_CLASS(klass);
366     AspeedHACEClass *ahc = ASPEED_HACE_CLASS(klass);
367 
368     dc->desc = "AST2600 Hash and Crypto Engine";
369 
370     ahc->src_mask = 0x7FFFFFFF;
371     ahc->dest_mask = 0x7FFFFFF8;
372     ahc->hash_mask = 0x00147FFF;
373 }
374 
375 static const TypeInfo aspeed_ast2600_hace_info = {
376     .name = TYPE_ASPEED_AST2600_HACE,
377     .parent = TYPE_ASPEED_HACE,
378     .class_init = aspeed_ast2600_hace_class_init,
379 };
380 
381 static void aspeed_hace_register_types(void)
382 {
383     type_register_static(&aspeed_ast2400_hace_info);
384     type_register_static(&aspeed_ast2500_hace_info);
385     type_register_static(&aspeed_ast2600_hace_info);
386     type_register_static(&aspeed_hace_info);
387 }
388 
389 type_init(aspeed_hace_register_types);
390