xref: /optee_os/core/drivers/crypto/hisilicon/sec_main.h (revision 562874beda99c45a47e8e1927a832ba33c65bc11) 
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /* Copyright (c) 2022-2024 HiSilicon Limited. */
3 #ifndef __SEC_MAIN_H
4 #define __SEC_MAIN_H
5 
6 #include "hisi_qm.h"
7 
8 #ifdef CFG_HISILICON_ACC_V3
9 #define SEC_BAR			0x160000000
10 #else
11 #define SEC_BAR			0x141800000
12 #endif
13 #define SEC_SIZE		0x400000
14 
15 #define SEC_SQE_SIZE		128
16 #define SEC_SQE_LOG2_SIZE	7
17 #define AES_KEYSIZE_128		16
18 #define AES_KEYSIZE_192		24
19 #define AES_KEYSIZE_256		32
20 #define SEC_HW_TASK_DONE	0x1
21 #define SEC_DONE_MASK		0x0001
22 #define SEC_ICV_MASK		0x000E
23 #define SEC_HW_ICV_ERR		0x2
24 #define SEC_ENCODE_BYTES	4
25 #define BYTE_BITS		0x8
26 
27 #define SEC_SCENE_OFFSET	3
28 #define SEC_DE_OFFSET		1
29 #define SEC_CIPHER_OFFSET	4
30 #define SEC_AUTH_OFFSET		6
31 #define SEC_CMODE_OFFSET	12
32 #define SEC_CKEY_OFFSET		9
33 #define SEC_AKEY_OFFSET		5
34 #define SEC_AEAD_ALG_OFFSET	11
35 #define SEC_HUK_OFFSET		4
36 #define SEC_APAD_OFFSET		2
37 
38 #define SEC_DE_OFFSET_V3	9
39 #define SEC_SCENE_OFFSET_V3	5
40 #define SEC_CKEY_OFFSET_V3	13
41 #define SEC_CALG_OFFSET_V3	4
42 #define SEC_AKEY_OFFSET_V3	9
43 #define SEC_MAC_OFFSET_V3	4
44 #define SEC_AUTH_ALG_OFFSET_V3	15
45 #define SEC_CIPHER_AUTH_V3	0xbf
46 #define SEC_AUTH_CIPHER_V3	0x40
47 #define SEC_AI_GEN_OFFSET_V3	2
48 #define SEC_SEQ_OFFSET_V3	6
49 #define SEC_ICV_LEN_OFFSET_V3	4
50 #define SEC_DK_LEN_OFFSET_V3	16
51 #define SEC_KEY_SEL_OFFSET_V3	21
52 #define SEC_GET_FIELD(val, mask, shift) (((val) & (mask)) >> (shift))
53 
54 struct hisi_sec_sqe_type2 {
55 	/*
56 	 * mac_len: 0~4 bits
57 	 * a_key_len: 5~10 bits
58 	 * a_alg: 11~16 bits
59 	 */
60 	uint32_t mac_key_alg;
61 
62 	/*
63 	 * c_icv_len: 0~5 bits
64 	 * c_width: 6~8 bits
65 	 * c_key_len: 9~11 bits
66 	 * c_mode: 12~15 bits
67 	 */
68 	uint16_t icvw_kmode;
69 
70 	/* c_alg: 0~3 bits */
71 	uint8_t c_alg;
72 
73 	uint8_t rsvd4;
74 	/*
75 	 * a_len: 0~23 bits
76 	 * iv_offset_l: 24~31 bits
77 	 */
78 	uint32_t alen_ivllen;
79 
80 	/*
81 	 * c_len: 0~23 bits
82 	 * iv_offset_h: 24~31 bits
83 	 */
84 	uint32_t clen_ivhlen;
85 
86 	uint16_t auth_src_offset;
87 	uint16_t cipher_src_offset;
88 	uint16_t cs_ip_header_offset;
89 	uint16_t cs_udp_header_offset;
90 	uint16_t pass_word_len;
91 	uint16_t dk_len;
92 	uint8_t salt3;
93 	uint8_t salt2;
94 	uint8_t salt1;
95 	uint8_t salt0;
96 
97 	uint16_t tag;
98 	uint16_t rsvd5;
99 
100 	/*
101 	 * c_pad_type: 0~3 bits
102 	 * c_pad_len: 4~11 bits
103 	 * c_pad_data_type: 12~15 bits
104 	 */
105 	uint16_t cph_pad;
106 	/* c_pad_len_field: 0~1 bits */
107 	uint16_t c_pad_len_field;
108 
109 	uint64_t long_a_data_len;
110 	uint64_t a_ivin_addr;
111 	uint64_t a_key_addr;
112 	uint64_t mac_addr;
113 	uint64_t c_ivin_addr;
114 	uint64_t c_key_addr;
115 	uint64_t data_src_addr;
116 	uint64_t data_dst_addr;
117 
118 	/*
119 	 * done: 0 bit
120 	 * icv: 1~3 bits
121 	 * csc: 4~6 bits
122 	 * flag: 7~10 bits
123 	 */
124 	uint16_t done_flag;
125 
126 	uint8_t error_type;
127 	uint8_t warning_type;
128 	uint8_t mac_i3;
129 	uint8_t mac_i2;
130 	uint8_t mac_i1;
131 	uint8_t mac_i0;
132 	uint16_t check_sum_i;
133 	uint8_t tls_pad_len_i;
134 	uint8_t rsvd12;
135 	uint32_t counter;
136 };
137 
138 struct hisi_sec_sqe {
139 	/*
140 	 * type:  0~3 bits;
141 	 * cipher: 4~5 bits;
142 	 * auth: 6~7 bits;
143 	 */
144 	uint8_t type_auth_cipher;
145 	/*
146 	 * seq: 0 bits;
147 	 * de: 1~2 bits;
148 	 * scene: 3~6 bits;
149 	 * src_addr_type: 7 bits;
150 	 */
151 	uint8_t sds_sa_type;
152 	/*
153 	 * src_addr_type: 0~1 bits not used now.
154 	 * dst_addr_type: 2~4 bits;
155 	 * mac_addr_type: 5~7 bits;
156 	 */
157 	uint8_t sdm_addr_type;
158 
159 	uint8_t rsvd0;
160 	/*
161 	 * nonce_len(type): 0~3 bits;
162 	 * huk: 4 bit;
163 	 * key_s: 5 bit
164 	 * ci_gen: 6~7 bits
165 	 */
166 	uint8_t huk_ci_key;
167 	/*
168 	 * ai_gen: 0~1 bits;
169 	 * a_pad : 2~3 bits;
170 	 * c_s : 4~5 bits;
171 	 */
172 	uint8_t ai_apd_cs;
173 	/*
174 	 * rhf(type2): 0 bit;
175 	 * c_key_type: 1~2 bits;
176 	 * a_key_type: 3~4 bits
177 	 * write_frame_len(type2): 5~7bits;
178 	 */
179 	uint8_t rca_key_frm;
180 
181 	uint8_t iv_tls_ld;
182 	struct hisi_sec_sqe_type2 type2; /* the other scene */
183 };
184 
185 struct bd3_stream_scene {
186 	uint64_t c_ivin_addr;
187 	uint64_t long_a_data_len;
188 
189 	/*
190 	 * auth_pad: 0~1 bits
191 	 * stream_protocol: 2~4 bits
192 	 * reserved: 5~7 bits
193 	 */
194 	uint8_t auth_pad;
195 	uint8_t plaintext_type;
196 	uint16_t pad_len_1p3;
197 } __packed __aligned(4);
198 
199 struct bd3_no_scene {
200 	uint64_t c_ivin_addr;
201 	uint32_t rsvd0;
202 	uint32_t rsvd1;
203 	uint32_t rsvd2;
204 } __packed __aligned(4);
205 
206 struct bd3_pbkdf2_scene {
207 	uint64_t c_ivin_addr;
208 
209 	/*
210 	 * pbkdf2_salt_len: 0~23 bits
211 	 * rsvd0: 24~31 bits
212 	 */
213 	uint32_t pbkdf2_salt_len;
214 
215 	/*
216 	 * c_num: 0~23 bits
217 	 * rsvd1: 24~31 bits
218 	 */
219 	uint32_t c_num;
220 
221 	/*
222 	 * pass_word_len: 0~15 bits
223 	 * dk_len: 16~31 bits
224 	 */
225 	uint32_t pass_word_dk_len;
226 } __packed __aligned(4);
227 
228 struct hisi_sec_bd3_sqe {
229 	/*
230 	 * type: 0~3 bit
231 	 * bd_invalid: 4 bit
232 	 * scene: 5~8 bit
233 	 * de: 9~10 bit
234 	 * src_addr_type: 11~13 bit
235 	 * dst_addr_type: 14~16 bit
236 	 * mac_addr_type: 17~19 bit
237 	 * reserved: 20~31 bits
238 	 */
239 	uint32_t bd_param;
240 
241 	/*
242 	 * cipher: 0~1 bits
243 	 * ci_gen: 2~3 bit
244 	 * c_icv_len: 4~9 bit
245 	 * c_width: 10~12 bits
246 	 * c_key_len: 13~15 bits
247 	 */
248 	uint16_t c_icv_key;
249 
250 	/*
251 	 * c_mode : 0~3 bits
252 	 * c_alg : 4~7 bits
253 	 */
254 	uint8_t c_mode_alg;
255 
256 	/*
257 	 * nonce_len : 0~3 bits
258 	 * huk : 4 bits
259 	 * cal_iv_addr_en : 5 bits
260 	 * seq : 6 bits
261 	 * reserved : 7 bits
262 	 */
263 	uint8_t huk_iv_seq;
264 
265 	uint64_t tag;
266 	uint64_t data_src_addr;
267 	uint64_t a_key_addr;
268 	uint64_t a_ivin_addr;
269 	uint64_t rsvd;
270 	uint64_t c_key_addr;
271 
272 	/*
273 	 * auth: 0~1 bits
274 	 * ai_gen: 2~3 bits
275 	 * mac_len: 4~8 bits
276 	 * akey_len: 9~14 bits
277 	 * a_alg: 15~20 bits
278 	 * key_sel: 21~24 bits
279 	 * ctr_count_mode/sm4_xts: 25~26 bits
280 	 * sva_prefetch: 27 bits
281 	 * key_wrap_num:28~30 bits
282 	 * update_key: 31 bits
283 	 */
284 	uint32_t auth_mac_key;
285 	uint32_t salt;
286 	uint16_t auth_src_offset;
287 	uint16_t cipher_src_offset;
288 
289 	/*
290 	 * auth_len: 0~23 bit
291 	 * auth_key_offset: 24~31 bits
292 	 */
293 	uint32_t a_len_key;
294 
295 	/*
296 	 * cipher_len: 0~23 bit
297 	 * auth_ivin_offset: 24~31 bits
298 	 */
299 	uint32_t c_len_ivin;
300 	uint64_t data_dst_addr;
301 	uint64_t mac_addr;
302 	union {
303 		struct bd3_stream_scene stream_scene;
304 		struct bd3_no_scene no_scene;
305 		struct bd3_pbkdf2_scene pbkdf2_scene;
306 	};
307 
308 	/*
309 	 * done: 0 bit
310 	 * icv: 1~3 bit
311 	 * csc: 4~6 bit
312 	 * flag: 7~10 bit
313 	 * reserved: 11~15 bit
314 	 */
315 	uint16_t done_flag;
316 	uint8_t error_type;
317 	uint8_t warning_type;
318 	uint64_t kek_key_addr;
319 	uint32_t counter;
320 } __packed __aligned(4);
321 
322 enum sec_bd_type {
323 	BD_TYPE1 = 0x1,
324 	BD_TYPE2 = 0x2,
325 	BD_TYPE3 = 0x3,
326 };
327 
328 enum sec_bd_scene {
329 	SCENE_NOTHING = 0x0,
330 	SCENE_STREAM = 0x7,
331 	SCENE_PBKDF2 = 0x8,
332 };
333 
334 enum sec_auth_dir {
335 	NO_AUTH,
336 	AUTH_MAC_CALCULATE,
337 	AUTH_MAC_VERIFY,
338 };
339 
340 enum sec_bd_seq {
341 	DATA_DST_ADDR_DISABLE,
342 	DATA_DST_ADDR_ENABLE,
343 };
344 
345 /*
346  * Create task queue pair for SEC.
347  *
348  * @sq_type Task type of the submmission queue.
349  */
350 struct hisi_qp *sec_create_qp(uint8_t sq_type);
351 
352 #endif
353