linux/drivers/crypto/ccp/ccp-crypto.h

/*
 * AMD Cryptographic Coprocessor (CCP) crypto API support
 *
 * Copyright (C) 2013 Advanced Micro Devices, Inc.
 *
 * Author: Tom Lendacky <thomas.lendacky@amd.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

#ifndef __CCP_CRYPTO_H__
#define __CCP_CRYPTO_H__

#include <linux/list.h>
#include <linux/wait.h>
#include <linux/pci.h>
#include <linux/ccp.h>
#include <linux/crypto.h>
#include <crypto/algapi.h>
#include <crypto/aes.h>
#include <crypto/ctr.h>
#include <crypto/hash.h>
#include <crypto/sha.h>

#define CCP_CRA_PRIORITY	300

struct ccp_crypto_ablkcipher_alg {
	struct list_head entry;

	u32 mode;

	struct crypto_alg alg;
};

struct ccp_crypto_ahash_alg {
	struct list_head entry;

	const __be32 *init;
	u32 type;
	u32 mode;

	/* Child algorithm used for HMAC, CMAC, etc */
	char child_alg[CRYPTO_MAX_ALG_NAME];

	struct ahash_alg alg;
};

static inline struct ccp_crypto_ablkcipher_alg *
	ccp_crypto_ablkcipher_alg(struct crypto_tfm *tfm)
{
	struct crypto_alg *alg = tfm->__crt_alg;

	return container_of(alg, struct ccp_crypto_ablkcipher_alg, alg);
}

static inline struct ccp_crypto_ahash_alg *
	ccp_crypto_ahash_alg(struct crypto_tfm *tfm)
{
	struct crypto_alg *alg = tfm->__crt_alg;
	struct ahash_alg *ahash_alg;

	ahash_alg = container_of(alg, struct ahash_alg, halg.base);

	return container_of(ahash_alg, struct ccp_crypto_ahash_alg, alg);
}

/***** AES related defines *****/
struct ccp_aes_ctx {
	/* Fallback cipher for XTS with unsupported unit sizes */
	struct crypto_ablkcipher *tfm_ablkcipher;

	/* Cipher used to generate CMAC K1/K2 keys */
	struct crypto_cipher *tfm_cipher;

	enum ccp_engine engine;
	enum ccp_aes_type type;
	enum ccp_aes_mode mode;

	struct scatterlist key_sg;
	unsigned int key_len;
	u8 key[AES_MAX_KEY_SIZE];

	u8 nonce[CTR_RFC3686_NONCE_SIZE];

	/* CMAC key structures */
	struct scatterlist k1_sg;
	struct scatterlist k2_sg;
	unsigned int kn_len;
	u8 k1[AES_BLOCK_SIZE];
	u8 k2[AES_BLOCK_SIZE];
};

struct ccp_aes_req_ctx {
	struct scatterlist iv_sg;
	u8 iv[AES_BLOCK_SIZE];

	/* Fields used for RFC3686 requests */
	u8 *rfc3686_info;
	u8 rfc3686_iv[AES_BLOCK_SIZE];

	struct ccp_cmd cmd;
};

struct ccp_aes_cmac_req_ctx {
	unsigned int null_msg;
	unsigned int final;

	struct scatterlist *src;
	unsigned int nbytes;

	u64 hash_cnt;
	unsigned int hash_rem;

	struct sg_table data_sg;

	struct scatterlist iv_sg;
	u8 iv[AES_BLOCK_SIZE];

	struct scatterlist buf_sg;
	unsigned int buf_count;
	u8 buf[AES_BLOCK_SIZE];

	struct scatterlist pad_sg;
	unsigned int pad_count;
	u8 pad[AES_BLOCK_SIZE];

	struct ccp_cmd cmd;
};

/***** SHA related defines *****/
#define MAX_SHA_CONTEXT_SIZE	SHA256_DIGEST_SIZE
#define MAX_SHA_BLOCK_SIZE	SHA256_BLOCK_SIZE

struct ccp_sha_ctx {
	struct scatterlist opad_sg;
	unsigned int opad_count;

	unsigned int key_len;
	u8 key[MAX_SHA_BLOCK_SIZE];
	u8 ipad[MAX_SHA_BLOCK_SIZE];
	u8 opad[MAX_SHA_BLOCK_SIZE];
	struct crypto_shash *hmac_tfm;
};

struct ccp_sha_req_ctx {
	enum ccp_sha_type type;

	u64 msg_bits;

	unsigned int first;
	unsigned int final;

	struct scatterlist *src;
	unsigned int nbytes;

	u64 hash_cnt;
	unsigned int hash_rem;

	struct sg_table data_sg;

	struct scatterlist ctx_sg;
	u8 ctx[MAX_SHA_CONTEXT_SIZE];

	struct scatterlist buf_sg;
	unsigned int buf_count;
	u8 buf[MAX_SHA_BLOCK_SIZE];

	/* CCP driver command */
	struct ccp_cmd cmd;
};

/***** Common Context Structure *****/
struct ccp_ctx {
	int (*complete)(struct crypto_async_request *req, int ret);

	union {
		struct ccp_aes_ctx aes;
		struct ccp_sha_ctx sha;
	} u;
};

int ccp_crypto_enqueue_request(struct crypto_async_request *req,
			       struct ccp_cmd *cmd);
struct scatterlist *ccp_crypto_sg_table_add(struct sg_table *table,
					    struct scatterlist *sg_add);

int ccp_register_aes_algs(struct list_head *head);
int ccp_register_aes_cmac_algs(struct list_head *head);
int ccp_register_aes_xts_algs(struct list_head *head);
int ccp_register_sha_algs(struct list_head *head);

#endif
crypto: ccp - crypto API interface to the CCP device driver These routines provide the support for the interface between the crypto API and the AMD CCP. This includes insuring that requests associated with a given tfm on the same cpu are processed in the order received. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2013-11-12 21:46:22 +04:00			`/*`
			`* AMD Cryptographic Coprocessor (CCP) crypto API support`
			`*`
			`* Copyright (C) 2013 Advanced Micro Devices, Inc.`
			`*`
			`* Author: Tom Lendacky <thomas.lendacky@amd.com>`
			`*`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License version 2 as`
			`* published by the Free Software Foundation.`
			`*/`

			`#ifndef __CCP_CRYPTO_H__`
			`#define __CCP_CRYPTO_H__`

			`#include <linux/list.h>`
			`#include <linux/wait.h>`
			`#include <linux/pci.h>`
			`#include <linux/ccp.h>`
			`#include <linux/crypto.h>`
			`#include <crypto/algapi.h>`
			`#include <crypto/aes.h>`
			`#include <crypto/ctr.h>`
			`#include <crypto/hash.h>`
			`#include <crypto/sha.h>`

			`#define CCP_CRA_PRIORITY 300`

			`struct ccp_crypto_ablkcipher_alg {`
			`struct list_head entry;`

			`u32 mode;`

			`struct crypto_alg alg;`
			`};`

			`struct ccp_crypto_ahash_alg {`
			`struct list_head entry;`

crypto: ccp - Fix sparse warnings in ccp-crypto-sha.c The sha initialization data generated the following sparse warnings: sparse: incorrect type in initializer (different base types) expected unsigned int got restricted __be32 [usertype] <noident> Change the initialization data type from u32 to __be32. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2013-12-10 20:38:33 +04:00			`const __be32 *init;`
crypto: ccp - crypto API interface to the CCP device driver These routines provide the support for the interface between the crypto API and the AMD CCP. This includes insuring that requests associated with a given tfm on the same cpu are processed in the order received. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2013-11-12 21:46:22 +04:00			`u32 type;`
			`u32 mode;`

			`/* Child algorithm used for HMAC, CMAC, etc */`
			`char child_alg[CRYPTO_MAX_ALG_NAME];`

			`struct ahash_alg alg;`
			`};`

			`static inline struct ccp_crypto_ablkcipher_alg *`
			`ccp_crypto_ablkcipher_alg(struct crypto_tfm *tfm)`
			`{`
			`struct crypto_alg *alg = tfm->__crt_alg;`

			`return container_of(alg, struct ccp_crypto_ablkcipher_alg, alg);`
			`}`

			`static inline struct ccp_crypto_ahash_alg *`
			`ccp_crypto_ahash_alg(struct crypto_tfm *tfm)`
			`{`
			`struct crypto_alg *alg = tfm->__crt_alg;`
			`struct ahash_alg *ahash_alg;`

			`ahash_alg = container_of(alg, struct ahash_alg, halg.base);`

			`return container_of(ahash_alg, struct ccp_crypto_ahash_alg, alg);`
			`}`

			`/*** AES related defines ***/`
			`struct ccp_aes_ctx {`
			`/* Fallback cipher for XTS with unsupported unit sizes */`
			`struct crypto_ablkcipher *tfm_ablkcipher;`

			`/* Cipher used to generate CMAC K1/K2 keys */`
			`struct crypto_cipher *tfm_cipher;`

			`enum ccp_engine engine;`
			`enum ccp_aes_type type;`
			`enum ccp_aes_mode mode;`

			`struct scatterlist key_sg;`
			`unsigned int key_len;`
			`u8 key[AES_MAX_KEY_SIZE];`

			`u8 nonce[CTR_RFC3686_NONCE_SIZE];`

			`/* CMAC key structures */`
			`struct scatterlist k1_sg;`
			`struct scatterlist k2_sg;`
			`unsigned int kn_len;`
			`u8 k1[AES_BLOCK_SIZE];`
			`u8 k2[AES_BLOCK_SIZE];`
			`};`

			`struct ccp_aes_req_ctx {`
			`struct scatterlist iv_sg;`
			`u8 iv[AES_BLOCK_SIZE];`

			`/* Fields used for RFC3686 requests */`
			`u8 *rfc3686_info;`
			`u8 rfc3686_iv[AES_BLOCK_SIZE];`

			`struct ccp_cmd cmd;`
			`};`

			`struct ccp_aes_cmac_req_ctx {`
			`unsigned int null_msg;`
			`unsigned int final;`

crypto: ccp - Change data length declarations to u64 When performing a hash operation if the amount of data buffered and a request at or near the maximum data length is received then the length calcuation could wrap causing an error in executing the hash operation. Fix this by using a u64 type for the input and output data lengths in all CCP operations. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2014-01-06 23:34:17 +04:00			`struct scatterlist *src;`
			`unsigned int nbytes;`

			`u64 hash_cnt;`
crypto: ccp - crypto API interface to the CCP device driver These routines provide the support for the interface between the crypto API and the AMD CCP. This includes insuring that requests associated with a given tfm on the same cpu are processed in the order received. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2013-11-12 21:46:22 +04:00			`unsigned int hash_rem;`

			`struct sg_table data_sg;`

			`struct scatterlist iv_sg;`
			`u8 iv[AES_BLOCK_SIZE];`

			`struct scatterlist buf_sg;`
			`unsigned int buf_count;`
			`u8 buf[AES_BLOCK_SIZE];`

			`struct scatterlist pad_sg;`
			`unsigned int pad_count;`
			`u8 pad[AES_BLOCK_SIZE];`

			`struct ccp_cmd cmd;`
			`};`

			`/*** SHA related defines ***/`
			`#define MAX_SHA_CONTEXT_SIZE SHA256_DIGEST_SIZE`
			`#define MAX_SHA_BLOCK_SIZE SHA256_BLOCK_SIZE`

			`struct ccp_sha_ctx {`
crypto: ccp - Move HMAC calculation down to ccp ops file Move the support to perform an HMAC calculation into the CCP operations file. This eliminates the need to perform a synchronous SHA operation used to calculate the HMAC. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2014-01-25 02:18:02 +04:00			`struct scatterlist opad_sg;`
			`unsigned int opad_count;`

crypto: ccp - crypto API interface to the CCP device driver These routines provide the support for the interface between the crypto API and the AMD CCP. This includes insuring that requests associated with a given tfm on the same cpu are processed in the order received. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2013-11-12 21:46:22 +04:00			`unsigned int key_len;`
			`u8 key[MAX_SHA_BLOCK_SIZE];`
			`u8 ipad[MAX_SHA_BLOCK_SIZE];`
			`u8 opad[MAX_SHA_BLOCK_SIZE];`
crypto: ccp - Move HMAC calculation down to ccp ops file Move the support to perform an HMAC calculation into the CCP operations file. This eliminates the need to perform a synchronous SHA operation used to calculate the HMAC. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2014-01-25 02:18:02 +04:00			`struct crypto_shash *hmac_tfm;`
crypto: ccp - crypto API interface to the CCP device driver These routines provide the support for the interface between the crypto API and the AMD CCP. This includes insuring that requests associated with a given tfm on the same cpu are processed in the order received. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2013-11-12 21:46:22 +04:00			`};`

			`struct ccp_sha_req_ctx {`
			`enum ccp_sha_type type;`

			`u64 msg_bits;`

			`unsigned int first;`
			`unsigned int final;`

crypto: ccp - Change data length declarations to u64 When performing a hash operation if the amount of data buffered and a request at or near the maximum data length is received then the length calcuation could wrap causing an error in executing the hash operation. Fix this by using a u64 type for the input and output data lengths in all CCP operations. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2014-01-06 23:34:17 +04:00			`struct scatterlist *src;`
			`unsigned int nbytes;`

			`u64 hash_cnt;`
crypto: ccp - crypto API interface to the CCP device driver These routines provide the support for the interface between the crypto API and the AMD CCP. This includes insuring that requests associated with a given tfm on the same cpu are processed in the order received. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2013-11-12 21:46:22 +04:00			`unsigned int hash_rem;`

			`struct sg_table data_sg;`

			`struct scatterlist ctx_sg;`
			`u8 ctx[MAX_SHA_CONTEXT_SIZE];`

			`struct scatterlist buf_sg;`
			`unsigned int buf_count;`
			`u8 buf[MAX_SHA_BLOCK_SIZE];`

			`/* CCP driver command */`
			`struct ccp_cmd cmd;`
			`};`

			`/*** Common Context Structure ***/`
			`struct ccp_ctx {`
			`int (complete)(struct crypto_async_request req, int ret);`

			`union {`
			`struct ccp_aes_ctx aes;`
			`struct ccp_sha_ctx sha;`
			`} u;`
			`};`

			`int ccp_crypto_enqueue_request(struct crypto_async_request *req,`
			`struct ccp_cmd *cmd);`
			`struct scatterlist ccp_crypto_sg_table_add(struct sg_table table,`
			`struct scatterlist *sg_add);`

			`int ccp_register_aes_algs(struct list_head *head);`
			`int ccp_register_aes_cmac_algs(struct list_head *head);`
			`int ccp_register_aes_xts_algs(struct list_head *head);`
			`int ccp_register_sha_algs(struct list_head *head);`

			`#endif`