1/* SPDX-License-Identifier: GPL-2.0-only */
2/*
3 * Copyright 2016 Broadcom
4 */
5
6/*
7 * This file contains the definition of SPU messages. There are currently two
8 * SPU message formats: SPU-M and SPU2. The hardware uses different values to
9 * identify the same things in SPU-M vs SPU2. So this file defines values that
10 * are hardware independent. Software can use these values for any version of
11 * SPU hardware. These values are used in APIs in spu.c. Functions internal to
12 * spu.c and spu2.c convert these to hardware-specific values.
13 */
14
15#ifndef _SPU_H
16#define _SPU_H
17
18#include <linux/types.h>
19#include <linux/scatterlist.h>
20#include <crypto/sha1.h>
21#include <crypto/sha2.h>
22
23enum spu_cipher_alg {
24 CIPHER_ALG_NONE = 0x0,
25 CIPHER_ALG_RC4 = 0x1,
26 CIPHER_ALG_DES = 0x2,
27 CIPHER_ALG_3DES = 0x3,
28 CIPHER_ALG_AES = 0x4,
29 CIPHER_ALG_LAST = 0x5
30};
31
32enum spu_cipher_mode {
33 CIPHER_MODE_NONE = 0x0,
34 CIPHER_MODE_ECB = 0x0,
35 CIPHER_MODE_CBC = 0x1,
36 CIPHER_MODE_OFB = 0x2,
37 CIPHER_MODE_CFB = 0x3,
38 CIPHER_MODE_CTR = 0x4,
39 CIPHER_MODE_CCM = 0x5,
40 CIPHER_MODE_GCM = 0x6,
41 CIPHER_MODE_XTS = 0x7,
42 CIPHER_MODE_LAST = 0x8
43};
44
45enum spu_cipher_type {
46 CIPHER_TYPE_NONE = 0x0,
47 CIPHER_TYPE_DES = 0x0,
48 CIPHER_TYPE_3DES = 0x0,
49 CIPHER_TYPE_INIT = 0x0, /* used for ARC4 */
50 CIPHER_TYPE_AES128 = 0x0,
51 CIPHER_TYPE_AES192 = 0x1,
52 CIPHER_TYPE_UPDT = 0x1, /* used for ARC4 */
53 CIPHER_TYPE_AES256 = 0x2,
54};
55
56enum hash_alg {
57 HASH_ALG_NONE = 0x0,
58 HASH_ALG_MD5 = 0x1,
59 HASH_ALG_SHA1 = 0x2,
60 HASH_ALG_SHA224 = 0x3,
61 HASH_ALG_SHA256 = 0x4,
62 HASH_ALG_AES = 0x5,
63 HASH_ALG_SHA384 = 0x6,
64 HASH_ALG_SHA512 = 0x7,
65 /* Keep SHA3 algorithms at the end always */
66 HASH_ALG_SHA3_224 = 0x8,
67 HASH_ALG_SHA3_256 = 0x9,
68 HASH_ALG_SHA3_384 = 0xa,
69 HASH_ALG_SHA3_512 = 0xb,
70 HASH_ALG_LAST
71};
72
73enum hash_mode {
74 HASH_MODE_NONE = 0x0,
75 HASH_MODE_HASH = 0x0,
76 HASH_MODE_XCBC = 0x0,
77 HASH_MODE_CMAC = 0x1,
78 HASH_MODE_CTXT = 0x1,
79 HASH_MODE_HMAC = 0x2,
80 HASH_MODE_RABIN = 0x4,
81 HASH_MODE_FHMAC = 0x6,
82 HASH_MODE_CCM = 0x5,
83 HASH_MODE_GCM = 0x6,
84};
85
86enum hash_type {
87 HASH_TYPE_NONE = 0x0,
88 HASH_TYPE_FULL = 0x0,
89 HASH_TYPE_INIT = 0x1,
90 HASH_TYPE_UPDT = 0x2,
91 HASH_TYPE_FIN = 0x3,
92 HASH_TYPE_AES128 = 0x0,
93 HASH_TYPE_AES192 = 0x1,
94 HASH_TYPE_AES256 = 0x2
95};
96
97enum aead_type {
98 AES_CCM,
99 AES_GCM,
100 AUTHENC,
101 AEAD_TYPE_LAST
102};
103
104extern char *hash_alg_name[HASH_ALG_LAST];
105extern char *aead_alg_name[AEAD_TYPE_LAST];
106
107struct spu_request_opts {
108 bool is_inbound;
109 bool auth_first;
110 bool is_aead;
111 bool is_esp;
112 bool bd_suppress;
113 bool is_rfc4543;
114};
115
116struct spu_cipher_parms {
117 enum spu_cipher_alg alg;
118 enum spu_cipher_mode mode;
119 enum spu_cipher_type type;
120 u8 *key_buf;
121 u16 key_len;
122 /* iv_buf and iv_len include salt, if applicable */
123 u8 *iv_buf;
124 u16 iv_len;
125};
126
127struct spu_hash_parms {
128 enum hash_alg alg;
129 enum hash_mode mode;
130 enum hash_type type;
131 u8 digestsize;
132 u8 *key_buf;
133 u16 key_len;
134 u16 prebuf_len;
135 /* length of hash pad. signed, needs to handle roll-overs */
136 int pad_len;
137};
138
139struct spu_aead_parms {
140 u32 assoc_size;
141 u16 iv_len; /* length of IV field between assoc data and data */
142 u8 aad_pad_len; /* For AES GCM/CCM, length of padding after AAD */
143 u8 data_pad_len;/* For AES GCM/CCM, length of padding after data */
144 bool return_iv; /* True if SPU should return an IV */
145 u32 ret_iv_len; /* Length in bytes of returned IV */
146 u32 ret_iv_off; /* Offset into full IV if partial IV returned */
147};
148
149/************** SPU sizes ***************/
150
151#define SPU_RX_STATUS_LEN 4
152
153/* Max length of padding for 4-byte alignment of STATUS field */
154#define SPU_STAT_PAD_MAX 4
155
156/* Max length of pad fragment. 4 is for 4-byte alignment of STATUS field */
157#define SPU_PAD_LEN_MAX (SPU_GCM_CCM_ALIGN + MAX_HASH_BLOCK_SIZE + \
158 SPU_STAT_PAD_MAX)
159
160/* GCM and CCM require 16-byte alignment */
161#define SPU_GCM_CCM_ALIGN 16
162
163/* Length up SUPDT field in SPU response message for RC4 */
164#define SPU_SUPDT_LEN 260
165
166/* SPU status error codes. These used as common error codes across all
167 * SPU variants.
168 */
169#define SPU_INVALID_ICV 1
170
171/* Indicates no limit to the length of the payload in a SPU message */
172#define SPU_MAX_PAYLOAD_INF 0xFFFFFFFF
173
174/* Size of XTS tweak ("i" parameter), in bytes */
175#define SPU_XTS_TWEAK_SIZE 16
176
177/* CCM B_0 field definitions, common for SPU-M and SPU2 */
178#define CCM_B0_ADATA 0x40
179#define CCM_B0_ADATA_SHIFT 6
180#define CCM_B0_M_PRIME 0x38
181#define CCM_B0_M_PRIME_SHIFT 3
182#define CCM_B0_L_PRIME 0x07
183#define CCM_B0_L_PRIME_SHIFT 0
184#define CCM_ESP_L_VALUE 4
185
186/**
187 * spu_req_incl_icv() - Return true if SPU request message should include the
188 * ICV as a separate buffer.
189 * @cipher_mode: the cipher mode being requested
190 * @is_encrypt: true if encrypting. false if decrypting.
191 *
192 * Return: true if ICV to be included as separate buffer
193 */
194static __always_inline bool spu_req_incl_icv(enum spu_cipher_mode cipher_mode,
195 bool is_encrypt)
196{
197 if ((cipher_mode == CIPHER_MODE_GCM) && !is_encrypt)
198 return true;
199 if ((cipher_mode == CIPHER_MODE_CCM) && !is_encrypt)
200 return true;
201
202 return false;
203}
204
205static __always_inline u32 spu_real_db_size(u32 assoc_size,
206 u32 aead_iv_buf_len,
207 u32 prebuf_len,
208 u32 data_size,
209 u32 aad_pad_len,
210 u32 gcm_pad_len,
211 u32 hash_pad_len)
212{
213 return assoc_size + aead_iv_buf_len + prebuf_len + data_size +
214 aad_pad_len + gcm_pad_len + hash_pad_len;
215}
216
217/************** SPU Functions Prototypes **************/
218
219void spum_dump_msg_hdr(u8 *buf, unsigned int buf_len);
220
221u32 spum_ns2_ctx_max_payload(enum spu_cipher_alg cipher_alg,
222 enum spu_cipher_mode cipher_mode,
223 unsigned int blocksize);
224u32 spum_nsp_ctx_max_payload(enum spu_cipher_alg cipher_alg,
225 enum spu_cipher_mode cipher_mode,
226 unsigned int blocksize);
227u32 spum_payload_length(u8 *spu_hdr);
228u16 spum_response_hdr_len(u16 auth_key_len, u16 enc_key_len, bool is_hash);
229u16 spum_hash_pad_len(enum hash_alg hash_alg, enum hash_mode hash_mode,
230 u32 chunksize, u16 hash_block_size);
231u32 spum_gcm_ccm_pad_len(enum spu_cipher_mode cipher_mode,
232 unsigned int data_size);
233u32 spum_assoc_resp_len(enum spu_cipher_mode cipher_mode,
234 unsigned int assoc_len, unsigned int iv_len,
235 bool is_encrypt);
236u8 spum_aead_ivlen(enum spu_cipher_mode cipher_mode, u16 iv_len);
237bool spu_req_incl_icv(enum spu_cipher_mode cipher_mode, bool is_encrypt);
238enum hash_type spum_hash_type(u32 src_sent);
239u32 spum_digest_size(u32 alg_digest_size, enum hash_alg alg,
240 enum hash_type htype);
241
242u32 spum_create_request(u8 *spu_hdr,
243 struct spu_request_opts *req_opts,
244 struct spu_cipher_parms *cipher_parms,
245 struct spu_hash_parms *hash_parms,
246 struct spu_aead_parms *aead_parms,
247 unsigned int data_size);
248
249u16 spum_cipher_req_init(u8 *spu_hdr, struct spu_cipher_parms *cipher_parms);
250
251void spum_cipher_req_finish(u8 *spu_hdr,
252 u16 spu_req_hdr_len,
253 unsigned int is_inbound,
254 struct spu_cipher_parms *cipher_parms,
255 unsigned int data_size);
256
257void spum_request_pad(u8 *pad_start,
258 u32 gcm_padding,
259 u32 hash_pad_len,
260 enum hash_alg auth_alg,
261 enum hash_mode auth_mode,
262 unsigned int total_sent, u32 status_padding);
263
264u8 spum_xts_tweak_in_payload(void);
265u8 spum_tx_status_len(void);
266u8 spum_rx_status_len(void);
267int spum_status_process(u8 *statp);
268
269void spum_ccm_update_iv(unsigned int digestsize,
270 struct spu_cipher_parms *cipher_parms,
271 unsigned int assoclen,
272 unsigned int chunksize,
273 bool is_encrypt,
274 bool is_esp);
275u32 spum_wordalign_padlen(u32 data_size);
276#endif
277

source code of linux/drivers/crypto/bcm/spu.h