keystone-sa-hlp.h
10.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
/*
* Keystone crypto accelerator driver
*
* Copyright (C) 2015 Texas Instruments Incorporated - http://www.ti.com
*
* Authors: Sandeep Nair
* Vitaly Andrianov
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* version 2 as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*/
#ifndef _KEYSTONE_SA_HLP_
#define _KEYSTONE_SA_HLP_
#include <linux/soc/ti/knav_dma.h>
#include <linux/soc/ti/knav_qmss.h>
#include <linux/interrupt.h>
#include <linux/hw_random.h>
#include <linux/skbuff.h>
/* Enable the below macro for testing with run-time
* self tests in the cryptographic algorithm manager
* framework */
/* #define TEST */
/* For enabling debug prints */
/* #define DEBUG */
/* Algorithm constants */
#define MD5_BLOCK_SIZE 64
#define AES_XCBC_DIGEST_SIZE 16
/* Values for NULL algorithms */
#define NULL_KEY_SIZE 0
#define NULL_BLOCK_SIZE 1
#define NULL_DIGEST_SIZE 0
#define NULL_IV_SIZE 0
/* Number of 32 bit words in EPIB */
#define SA_DMA_NUM_EPIB_WORDS 4
/* Number of 32 bit words in PS data */
#define SA_DMA_NUM_PS_WORDS 16
/* Number of meta data elements passed in descriptor to SA */
#define SA_NUM_DMA_META_ELEMS 2
/* Maximum number of simultaeneous security contexts
* supported by the driver */
#define SA_MAX_NUM_CTX 512
/* Encoding used to identify the typo of crypto operation
* performed on the packet when the packet is returned
* by SA
*/
#define SA_REQ_SUBTYPE_ENC 0x0001
#define SA_REQ_SUBTYPE_DEC 0x0002
#define SA_REQ_SUBTYPE_SHIFT 16
#define SA_REQ_SUBTYPE_MASK 0xffff
/* Maximum size of authentication tag
* NOTE: update this macro as we start supporting
* algorithms with bigger digest size
*/
#define SA_MAX_AUTH_TAG_SZ SHA1_DIGEST_SIZE
/* Memory map of the SA register set */
struct sa_mmr_regs {
u32 PID;
u32 EFUSE_EN;
u32 CMD_STATUS;
u32 BLKMGR_PA_BLKS;
u32 PA_FLOWID;
u32 CDMA_FLOWID;
u32 PA_ENG_ID;
u32 CDMA_ENG_ID;
u8 RSVD0[224];
u32 CTXCACH_CTRL;
u32 CTXCACH_SC_PTR;
u32 CTXCACH_SC_ID;
u32 CTXCACH_MISSCNT;
};
/*
* Register Overlay Structure for TRNG module
*/
struct sa_trng_regs {
u32 TRNG_OUTPUT_L;
u32 TRNG_OUTPUT_H;
u32 TRNG_STATUS;
u32 TRNG_INTMASK;
u32 TRNG_INTACK;
u32 TRNG_CONTROL;
u32 TRNG_CONFIG;
u32 TRNG_ALARMCNT;
u32 TRNG_FROENABLE;
u32 TRNG_FRODETUNE;
u32 TRNG_ALARMMASK;
u32 TRNG_ALARMSTOP;
u32 TRNG_LFSR_L;
u32 TRNG_LFSR_M;
u32 TRNG_LFSR_H;
u32 TRNG_COUNT;
u32 TRNG_TEST;
};
struct sa_regs {
struct sa_mmr_regs mmr;
};
/* Driver statistics */
struct sa_drv_stats {
/* Number of data pkts dropped while submitting to CP_ACE */
atomic_t tx_dropped;
/* Number of tear-down pkts dropped while submitting to CP_ACE */
atomic_t sc_tear_dropped;
/* Number of crypto requests sent to CP_ACE */
atomic_t tx_pkts;
/* Number of crypto request completions received from CP_ACE */
atomic_t rx_pkts;
};
/* Crypto driver instance data */
struct keystone_crypto_data {
struct platform_device *pdev;
struct clk *clk;
struct tasklet_struct rx_task;
struct tasklet_struct tx_task;
struct dma_pool *sc_pool;
struct kmem_cache *dma_req_ctx_cache;
struct sa_regs *regs;
struct sa_trng_regs *trng_regs;
void *rx_chan;
void *rx_fdq[KNAV_DMA_FDQ_PER_CHAN];
void *rx_compl_q;
void *tx_chan;
void *tx_submit_q;
void *tx_compl_q;
u32 tx_submit_qid;
u32 tx_compl_qid;
u32 rx_compl_qid;
const char *rx_chan_name;
const char *tx_chan_name;
u32 tx_queue_depth;
u32 rx_queue_depths[KNAV_DMA_FDQ_PER_CHAN];
u32 rx_buffer_sizes[KNAV_DMA_FDQ_PER_CHAN];
u32 rx_pool_size;
u32 rx_pool_region_id;
void *rx_pool;
u32 tx_pool_size;
u32 tx_pool_region_id;
void *tx_pool;
struct hwrng rng;
spinlock_t scid_lock; /* lock for SC-ID allocation */
spinlock_t trng_lock; /* reading random data from TRNG */
struct kobject stats_kobj;
/* Security context data */
u16 sc_id_start;
u16 sc_id_end;
u16 sc_id;
/* Bitmap to keep track of Security context ID's */
unsigned long ctx_bm[DIV_ROUND_UP(SA_MAX_NUM_CTX,
BITS_PER_LONG)];
/* Driver stats */
struct sa_drv_stats stats;
atomic_t rx_dma_page_cnt; /* N buf from 2nd pool available */
atomic_t tx_dma_desc_cnt; /* Tx DMA desc-s available */
};
/* Packet structure used in Rx */
#define SA_SGLIST_SIZE (MAX_SKB_FRAGS + SA_NUM_DMA_META_ELEMS)
struct sa_packet {
struct scatterlist sg[SA_SGLIST_SIZE];
int sg_ents;
struct keystone_crypto_data *priv;
struct dma_chan *chan;
struct dma_async_tx_descriptor *desc;
dma_cookie_t cookie;
u32 epib[SA_DMA_NUM_EPIB_WORDS];
u32 psdata[SA_DMA_NUM_PS_WORDS];
struct completion complete;
void *data;
};
/* Command label updation info */
struct sa_cmdl_param_info {
u16 index;
u16 offset;
u16 size;
};
/* Maximum length of Auxiliary data in 32bit words */
#define SA_MAX_AUX_DATA_WORDS 8
struct sa_cmdl_upd_info {
u16 flags;
u16 submode;
struct sa_cmdl_param_info enc_size;
struct sa_cmdl_param_info enc_size2;
struct sa_cmdl_param_info enc_offset;
struct sa_cmdl_param_info enc_iv;
struct sa_cmdl_param_info enc_iv2;
struct sa_cmdl_param_info aad;
struct sa_cmdl_param_info payload;
struct sa_cmdl_param_info auth_size;
struct sa_cmdl_param_info auth_size2;
struct sa_cmdl_param_info auth_offset;
struct sa_cmdl_param_info auth_iv;
struct sa_cmdl_param_info aux_key_info;
u32 aux_key[SA_MAX_AUX_DATA_WORDS];
};
enum sa_submode {
SA_MODE_GEN = 0,
SA_MODE_CCM,
SA_MODE_GCM,
SA_MODE_GMAC
};
/* TFM Context info */
/* Number of 32bit words appended after the command label
* in PSDATA to identify the crypto request context.
* word-0: Request type
* word-1: pointer to request
*/
#define SA_NUM_PSDATA_CTX_WORDS 4
/* Maximum size of Command label in 32 words */
#define SA_MAX_CMDL_WORDS (SA_DMA_NUM_PS_WORDS - SA_NUM_PSDATA_CTX_WORDS)
struct sa_ctx_info {
u8 *sc;
dma_addr_t sc_phys;
u16 sc_id;
u16 cmdl_size;
u32 cmdl[SA_MAX_CMDL_WORDS];
struct sa_cmdl_upd_info cmdl_upd_info;
/* Store Auxiliary data such as K2/K3 subkeys in AES-XCBC */
u32 epib[SA_DMA_NUM_EPIB_WORDS];
u32 rx_flow;
u32 rx_compl_qid;
};
struct sa_tfm_ctx {
struct keystone_crypto_data *dev_data;
struct sa_ctx_info enc;
struct sa_ctx_info dec;
struct sa_ctx_info auth;
};
/* Tx DMA callback param */
struct sa_dma_req_ctx {
struct keystone_crypto_data *dev_data;
u32 cmdl[SA_MAX_CMDL_WORDS + SA_NUM_PSDATA_CTX_WORDS];
unsigned map_idx;
struct sg_table sg_tbl;
dma_cookie_t cookie;
struct dma_chan *tx_chan;
bool pkt;
};
/* Encryption algorithms */
enum sa_ealg_id {
SA_EALG_ID_NONE = 0, /* No encryption */
SA_EALG_ID_NULL, /* NULL encryption */
SA_EALG_ID_AES_CTR, /* AES Counter mode */
SA_EALG_ID_AES_F8, /* AES F8 mode */
SA_EALG_ID_AES_CBC, /* AES CBC mode */
SA_EALG_ID_DES_CBC, /* DES CBC mode */
SA_EALG_ID_3DES_CBC, /* 3DES CBC mode */
SA_EALG_ID_CCM, /* Counter with CBC-MAC mode */
SA_EALG_ID_GCM, /* Galois Counter mode */
SA_EALG_ID_LAST
};
/* Authentication algorithms */
enum sa_aalg_id {
SA_AALG_ID_NONE = 0, /* No Authentication */
SA_AALG_ID_NULL = SA_EALG_ID_LAST, /* NULL Authentication */
SA_AALG_ID_MD5, /* MD5 mode */
SA_AALG_ID_SHA1, /* SHA1 mode */
SA_AALG_ID_SHA2_224, /* 224-bit SHA2 mode */
SA_AALG_ID_SHA2_256, /* 256-bit SHA2 mode */
SA_AALG_ID_HMAC_MD5, /* HMAC with MD5 mode */
SA_AALG_ID_HMAC_SHA1, /* HMAC with SHA1 mode */
SA_AALG_ID_HMAC_SHA2_224, /* HMAC with 224-bit SHA2 mode */
SA_AALG_ID_HMAC_SHA2_256, /* HMAC with 256-bit SHA2 mode */
SA_AALG_ID_GMAC, /* Galois Message
Authentication Code mode */
SA_AALG_ID_CMAC, /* Cipher-based Message
Authentication Code mode */
SA_AALG_ID_CBC_MAC, /* Cipher Block Chaining */
SA_AALG_ID_AES_XCBC /* AES Extended
Cipher Block Chaining */
};
/* Mode control engine algorithms used to index the
* mode control instruction tables
*/
enum sa_eng_algo_id {
SA_ENG_ALGO_ECB = 0,
SA_ENG_ALGO_CBC,
SA_ENG_ALGO_CFB,
SA_ENG_ALGO_OFB,
SA_ENG_ALGO_CTR,
SA_ENG_ALGO_F8,
SA_ENG_ALGO_GCM,
SA_ENG_ALGO_GMAC,
SA_ENG_ALGO_CCM,
SA_ENG_ALGO_CMAC,
SA_ENG_ALGO_CBCMAC,
SA_NUM_ENG_ALGOS
};
struct sa_eng_info {
u8 eng_id;
u16 sc_size;
};
#define DMA_HAS_PSINFO BIT(31)
#define DMA_HAS_EPIB BIT(30)
void sa_register_algos(const struct device *dev);
void sa_unregister_algos(const struct device *dev);
void sa_tx_completion_process(struct keystone_crypto_data *dev_data);
void sa_rx_completion_process(struct keystone_crypto_data *dev_data);
void sa_set_sc_auth(u16 alg_id, const u8 *key, u16 key_sz, u8 *sc_buf);
int sa_set_sc_enc(u16 alg_id, const u8 *key, u16 key_sz,
u16 aad_len, u8 enc, u8 *sc_buf);
void sa_swiz_128(u8 *in, u8 *out, u16 len);
void sa_conv_calg_to_salg(const char *cra_name, int *ealg_id, int *aalg_id);
void sa_get_engine_info(int alg_id, struct sa_eng_info *info);
int sa_get_hash_size(u16 aalg_id);
#define AES_MAXNR 14
struct asm_aes_key {
unsigned int rd_key[4 * (AES_MAXNR + 1)];
int rounds;
};
/* AES encryption functions defined in aes-armv4.S */
asmlinkage void AES_encrypt(const u8 *in, u8 *out, struct asm_aes_key *key);
asmlinkage int private_AES_set_encrypt_key(const unsigned char *user_key,
const int bits, struct asm_aes_key *key);
/*
* Derive sub-key k1, k2 and k3 used in the AES XCBC MAC mode
* detailed in RFC 3566
*/
static inline int sa_aes_xcbc_subkey(u8 *sub_key1, u8 *sub_key2,
u8 *sub_key3, const u8 *key,
u16 key_sz)
{
struct asm_aes_key enc_key;
if (private_AES_set_encrypt_key(key, (key_sz * 8), &enc_key) == -1) {
pr_err("%s: failed to set enc key\n", __func__);
return -1;
}
if (sub_key1) {
memset(sub_key1, 0x01, AES_BLOCK_SIZE);
AES_encrypt(sub_key1, sub_key1, &enc_key);
}
if (sub_key2) {
memset(sub_key2, 0x02, AES_BLOCK_SIZE);
AES_encrypt(sub_key2, sub_key2, &enc_key);
}
if (sub_key3) {
memset(sub_key3, 0x03, AES_BLOCK_SIZE);
AES_encrypt(sub_key3, sub_key3, &enc_key);
}
return 0;
}
extern const uint8_t sa_eng_aes_enc_mci_tbl[11][3][27];
extern const uint8_t sa_eng_aes_dec_mci_tbl[11][3][27];
extern const uint8_t sa_eng_3des_enc_mci_tbl[4][27];
extern const uint8_t sa_eng_3des_dec_mci_tbl[4][27];
extern struct device *sa_ks2_dev;
#endif /* _KEYSTONE_SA_HLP_ */