1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0-only */ 2*4882a593Smuzhiyun /* 3*4882a593Smuzhiyun * AMD Cryptographic Coprocessor (CCP) crypto API support 4*4882a593Smuzhiyun * 5*4882a593Smuzhiyun * Copyright (C) 2013,2017 Advanced Micro Devices, Inc. 6*4882a593Smuzhiyun * 7*4882a593Smuzhiyun * Author: Tom Lendacky <thomas.lendacky@amd.com> 8*4882a593Smuzhiyun */ 9*4882a593Smuzhiyun 10*4882a593Smuzhiyun #ifndef __CCP_CRYPTO_H__ 11*4882a593Smuzhiyun #define __CCP_CRYPTO_H__ 12*4882a593Smuzhiyun 13*4882a593Smuzhiyun #include <linux/list.h> 14*4882a593Smuzhiyun #include <linux/wait.h> 15*4882a593Smuzhiyun #include <linux/ccp.h> 16*4882a593Smuzhiyun #include <crypto/algapi.h> 17*4882a593Smuzhiyun #include <crypto/aes.h> 18*4882a593Smuzhiyun #include <crypto/internal/aead.h> 19*4882a593Smuzhiyun #include <crypto/aead.h> 20*4882a593Smuzhiyun #include <crypto/ctr.h> 21*4882a593Smuzhiyun #include <crypto/hash.h> 22*4882a593Smuzhiyun #include <crypto/sha.h> 23*4882a593Smuzhiyun #include <crypto/akcipher.h> 24*4882a593Smuzhiyun #include <crypto/skcipher.h> 25*4882a593Smuzhiyun #include <crypto/internal/rsa.h> 26*4882a593Smuzhiyun 27*4882a593Smuzhiyun /* We want the module name in front of our messages */ 28*4882a593Smuzhiyun #undef pr_fmt 29*4882a593Smuzhiyun #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 30*4882a593Smuzhiyun 31*4882a593Smuzhiyun #define CCP_LOG_LEVEL KERN_INFO 32*4882a593Smuzhiyun 33*4882a593Smuzhiyun #define CCP_CRA_PRIORITY 300 34*4882a593Smuzhiyun 35*4882a593Smuzhiyun struct ccp_crypto_skcipher_alg { 36*4882a593Smuzhiyun struct list_head entry; 37*4882a593Smuzhiyun 38*4882a593Smuzhiyun u32 mode; 39*4882a593Smuzhiyun 40*4882a593Smuzhiyun struct skcipher_alg alg; 41*4882a593Smuzhiyun }; 42*4882a593Smuzhiyun 43*4882a593Smuzhiyun struct ccp_crypto_aead { 44*4882a593Smuzhiyun struct list_head entry; 45*4882a593Smuzhiyun 46*4882a593Smuzhiyun u32 mode; 47*4882a593Smuzhiyun 48*4882a593Smuzhiyun struct aead_alg alg; 49*4882a593Smuzhiyun }; 50*4882a593Smuzhiyun 51*4882a593Smuzhiyun struct ccp_crypto_ahash_alg { 52*4882a593Smuzhiyun struct list_head entry; 53*4882a593Smuzhiyun 54*4882a593Smuzhiyun const __be32 *init; 55*4882a593Smuzhiyun u32 type; 56*4882a593Smuzhiyun u32 mode; 57*4882a593Smuzhiyun 58*4882a593Smuzhiyun /* Child algorithm used for HMAC, CMAC, etc */ 59*4882a593Smuzhiyun char child_alg[CRYPTO_MAX_ALG_NAME]; 60*4882a593Smuzhiyun 61*4882a593Smuzhiyun struct ahash_alg alg; 62*4882a593Smuzhiyun }; 63*4882a593Smuzhiyun 64*4882a593Smuzhiyun struct ccp_crypto_akcipher_alg { 65*4882a593Smuzhiyun struct list_head entry; 66*4882a593Smuzhiyun 67*4882a593Smuzhiyun struct akcipher_alg alg; 68*4882a593Smuzhiyun }; 69*4882a593Smuzhiyun 70*4882a593Smuzhiyun static inline struct ccp_crypto_skcipher_alg * ccp_crypto_skcipher_alg(struct crypto_skcipher * tfm)71*4882a593Smuzhiyun ccp_crypto_skcipher_alg(struct crypto_skcipher *tfm) 72*4882a593Smuzhiyun { 73*4882a593Smuzhiyun struct skcipher_alg *alg = crypto_skcipher_alg(tfm); 74*4882a593Smuzhiyun 75*4882a593Smuzhiyun return container_of(alg, struct ccp_crypto_skcipher_alg, alg); 76*4882a593Smuzhiyun } 77*4882a593Smuzhiyun 78*4882a593Smuzhiyun static inline struct ccp_crypto_ahash_alg * ccp_crypto_ahash_alg(struct crypto_tfm * tfm)79*4882a593Smuzhiyun ccp_crypto_ahash_alg(struct crypto_tfm *tfm) 80*4882a593Smuzhiyun { 81*4882a593Smuzhiyun struct crypto_alg *alg = tfm->__crt_alg; 82*4882a593Smuzhiyun struct ahash_alg *ahash_alg; 83*4882a593Smuzhiyun 84*4882a593Smuzhiyun ahash_alg = container_of(alg, struct ahash_alg, halg.base); 85*4882a593Smuzhiyun 86*4882a593Smuzhiyun return container_of(ahash_alg, struct ccp_crypto_ahash_alg, alg); 87*4882a593Smuzhiyun } 88*4882a593Smuzhiyun 89*4882a593Smuzhiyun /***** AES related defines *****/ 90*4882a593Smuzhiyun struct ccp_aes_ctx { 91*4882a593Smuzhiyun /* Fallback cipher for XTS with unsupported unit sizes */ 92*4882a593Smuzhiyun struct crypto_skcipher *tfm_skcipher; 93*4882a593Smuzhiyun 94*4882a593Smuzhiyun enum ccp_engine engine; 95*4882a593Smuzhiyun enum ccp_aes_type type; 96*4882a593Smuzhiyun enum ccp_aes_mode mode; 97*4882a593Smuzhiyun 98*4882a593Smuzhiyun struct scatterlist key_sg; 99*4882a593Smuzhiyun unsigned int key_len; 100*4882a593Smuzhiyun u8 key[AES_MAX_KEY_SIZE * 2]; 101*4882a593Smuzhiyun 102*4882a593Smuzhiyun u8 nonce[CTR_RFC3686_NONCE_SIZE]; 103*4882a593Smuzhiyun 104*4882a593Smuzhiyun /* CMAC key structures */ 105*4882a593Smuzhiyun struct scatterlist k1_sg; 106*4882a593Smuzhiyun struct scatterlist k2_sg; 107*4882a593Smuzhiyun unsigned int kn_len; 108*4882a593Smuzhiyun u8 k1[AES_BLOCK_SIZE]; 109*4882a593Smuzhiyun u8 k2[AES_BLOCK_SIZE]; 110*4882a593Smuzhiyun }; 111*4882a593Smuzhiyun 112*4882a593Smuzhiyun struct ccp_aes_req_ctx { 113*4882a593Smuzhiyun struct scatterlist iv_sg; 114*4882a593Smuzhiyun u8 iv[AES_BLOCK_SIZE]; 115*4882a593Smuzhiyun 116*4882a593Smuzhiyun struct scatterlist tag_sg; 117*4882a593Smuzhiyun u8 tag[AES_BLOCK_SIZE]; 118*4882a593Smuzhiyun 119*4882a593Smuzhiyun /* Fields used for RFC3686 requests */ 120*4882a593Smuzhiyun u8 *rfc3686_info; 121*4882a593Smuzhiyun u8 rfc3686_iv[AES_BLOCK_SIZE]; 122*4882a593Smuzhiyun 123*4882a593Smuzhiyun struct ccp_cmd cmd; 124*4882a593Smuzhiyun 125*4882a593Smuzhiyun struct skcipher_request fallback_req; // keep at the end 126*4882a593Smuzhiyun }; 127*4882a593Smuzhiyun 128*4882a593Smuzhiyun struct ccp_aes_cmac_req_ctx { 129*4882a593Smuzhiyun unsigned int null_msg; 130*4882a593Smuzhiyun unsigned int final; 131*4882a593Smuzhiyun 132*4882a593Smuzhiyun struct scatterlist *src; 133*4882a593Smuzhiyun unsigned int nbytes; 134*4882a593Smuzhiyun 135*4882a593Smuzhiyun u64 hash_cnt; 136*4882a593Smuzhiyun unsigned int hash_rem; 137*4882a593Smuzhiyun 138*4882a593Smuzhiyun struct sg_table data_sg; 139*4882a593Smuzhiyun 140*4882a593Smuzhiyun struct scatterlist iv_sg; 141*4882a593Smuzhiyun u8 iv[AES_BLOCK_SIZE]; 142*4882a593Smuzhiyun 143*4882a593Smuzhiyun struct scatterlist buf_sg; 144*4882a593Smuzhiyun unsigned int buf_count; 145*4882a593Smuzhiyun u8 buf[AES_BLOCK_SIZE]; 146*4882a593Smuzhiyun 147*4882a593Smuzhiyun struct scatterlist pad_sg; 148*4882a593Smuzhiyun unsigned int pad_count; 149*4882a593Smuzhiyun u8 pad[AES_BLOCK_SIZE]; 150*4882a593Smuzhiyun 151*4882a593Smuzhiyun struct ccp_cmd cmd; 152*4882a593Smuzhiyun }; 153*4882a593Smuzhiyun 154*4882a593Smuzhiyun struct ccp_aes_cmac_exp_ctx { 155*4882a593Smuzhiyun unsigned int null_msg; 156*4882a593Smuzhiyun 157*4882a593Smuzhiyun u8 iv[AES_BLOCK_SIZE]; 158*4882a593Smuzhiyun 159*4882a593Smuzhiyun unsigned int buf_count; 160*4882a593Smuzhiyun u8 buf[AES_BLOCK_SIZE]; 161*4882a593Smuzhiyun }; 162*4882a593Smuzhiyun 163*4882a593Smuzhiyun /***** 3DES related defines *****/ 164*4882a593Smuzhiyun struct ccp_des3_ctx { 165*4882a593Smuzhiyun enum ccp_engine engine; 166*4882a593Smuzhiyun enum ccp_des3_type type; 167*4882a593Smuzhiyun enum ccp_des3_mode mode; 168*4882a593Smuzhiyun 169*4882a593Smuzhiyun struct scatterlist key_sg; 170*4882a593Smuzhiyun unsigned int key_len; 171*4882a593Smuzhiyun u8 key[AES_MAX_KEY_SIZE]; 172*4882a593Smuzhiyun }; 173*4882a593Smuzhiyun 174*4882a593Smuzhiyun struct ccp_des3_req_ctx { 175*4882a593Smuzhiyun struct scatterlist iv_sg; 176*4882a593Smuzhiyun u8 iv[AES_BLOCK_SIZE]; 177*4882a593Smuzhiyun 178*4882a593Smuzhiyun struct ccp_cmd cmd; 179*4882a593Smuzhiyun }; 180*4882a593Smuzhiyun 181*4882a593Smuzhiyun /* SHA-related defines 182*4882a593Smuzhiyun * These values must be large enough to accommodate any variant 183*4882a593Smuzhiyun */ 184*4882a593Smuzhiyun #define MAX_SHA_CONTEXT_SIZE SHA512_DIGEST_SIZE 185*4882a593Smuzhiyun #define MAX_SHA_BLOCK_SIZE SHA512_BLOCK_SIZE 186*4882a593Smuzhiyun 187*4882a593Smuzhiyun struct ccp_sha_ctx { 188*4882a593Smuzhiyun struct scatterlist opad_sg; 189*4882a593Smuzhiyun unsigned int opad_count; 190*4882a593Smuzhiyun 191*4882a593Smuzhiyun unsigned int key_len; 192*4882a593Smuzhiyun u8 key[MAX_SHA_BLOCK_SIZE]; 193*4882a593Smuzhiyun u8 ipad[MAX_SHA_BLOCK_SIZE]; 194*4882a593Smuzhiyun u8 opad[MAX_SHA_BLOCK_SIZE]; 195*4882a593Smuzhiyun struct crypto_shash *hmac_tfm; 196*4882a593Smuzhiyun }; 197*4882a593Smuzhiyun 198*4882a593Smuzhiyun struct ccp_sha_req_ctx { 199*4882a593Smuzhiyun enum ccp_sha_type type; 200*4882a593Smuzhiyun 201*4882a593Smuzhiyun u64 msg_bits; 202*4882a593Smuzhiyun 203*4882a593Smuzhiyun unsigned int first; 204*4882a593Smuzhiyun unsigned int final; 205*4882a593Smuzhiyun 206*4882a593Smuzhiyun struct scatterlist *src; 207*4882a593Smuzhiyun unsigned int nbytes; 208*4882a593Smuzhiyun 209*4882a593Smuzhiyun u64 hash_cnt; 210*4882a593Smuzhiyun unsigned int hash_rem; 211*4882a593Smuzhiyun 212*4882a593Smuzhiyun struct sg_table data_sg; 213*4882a593Smuzhiyun 214*4882a593Smuzhiyun struct scatterlist ctx_sg; 215*4882a593Smuzhiyun u8 ctx[MAX_SHA_CONTEXT_SIZE]; 216*4882a593Smuzhiyun 217*4882a593Smuzhiyun struct scatterlist buf_sg; 218*4882a593Smuzhiyun unsigned int buf_count; 219*4882a593Smuzhiyun u8 buf[MAX_SHA_BLOCK_SIZE]; 220*4882a593Smuzhiyun 221*4882a593Smuzhiyun /* CCP driver command */ 222*4882a593Smuzhiyun struct ccp_cmd cmd; 223*4882a593Smuzhiyun }; 224*4882a593Smuzhiyun 225*4882a593Smuzhiyun struct ccp_sha_exp_ctx { 226*4882a593Smuzhiyun enum ccp_sha_type type; 227*4882a593Smuzhiyun 228*4882a593Smuzhiyun u64 msg_bits; 229*4882a593Smuzhiyun 230*4882a593Smuzhiyun unsigned int first; 231*4882a593Smuzhiyun 232*4882a593Smuzhiyun u8 ctx[MAX_SHA_CONTEXT_SIZE]; 233*4882a593Smuzhiyun 234*4882a593Smuzhiyun unsigned int buf_count; 235*4882a593Smuzhiyun u8 buf[MAX_SHA_BLOCK_SIZE]; 236*4882a593Smuzhiyun }; 237*4882a593Smuzhiyun 238*4882a593Smuzhiyun /***** RSA related defines *****/ 239*4882a593Smuzhiyun 240*4882a593Smuzhiyun struct ccp_rsa_ctx { 241*4882a593Smuzhiyun unsigned int key_len; /* in bits */ 242*4882a593Smuzhiyun struct scatterlist e_sg; 243*4882a593Smuzhiyun u8 *e_buf; 244*4882a593Smuzhiyun unsigned int e_len; 245*4882a593Smuzhiyun struct scatterlist n_sg; 246*4882a593Smuzhiyun u8 *n_buf; 247*4882a593Smuzhiyun unsigned int n_len; 248*4882a593Smuzhiyun struct scatterlist d_sg; 249*4882a593Smuzhiyun u8 *d_buf; 250*4882a593Smuzhiyun unsigned int d_len; 251*4882a593Smuzhiyun }; 252*4882a593Smuzhiyun 253*4882a593Smuzhiyun struct ccp_rsa_req_ctx { 254*4882a593Smuzhiyun struct ccp_cmd cmd; 255*4882a593Smuzhiyun }; 256*4882a593Smuzhiyun 257*4882a593Smuzhiyun #define CCP_RSA_MAXMOD (4 * 1024 / 8) 258*4882a593Smuzhiyun #define CCP5_RSA_MAXMOD (16 * 1024 / 8) 259*4882a593Smuzhiyun 260*4882a593Smuzhiyun /***** Common Context Structure *****/ 261*4882a593Smuzhiyun struct ccp_ctx { 262*4882a593Smuzhiyun int (*complete)(struct crypto_async_request *req, int ret); 263*4882a593Smuzhiyun 264*4882a593Smuzhiyun union { 265*4882a593Smuzhiyun struct ccp_aes_ctx aes; 266*4882a593Smuzhiyun struct ccp_rsa_ctx rsa; 267*4882a593Smuzhiyun struct ccp_sha_ctx sha; 268*4882a593Smuzhiyun struct ccp_des3_ctx des3; 269*4882a593Smuzhiyun } u; 270*4882a593Smuzhiyun }; 271*4882a593Smuzhiyun 272*4882a593Smuzhiyun int ccp_crypto_enqueue_request(struct crypto_async_request *req, 273*4882a593Smuzhiyun struct ccp_cmd *cmd); 274*4882a593Smuzhiyun struct scatterlist *ccp_crypto_sg_table_add(struct sg_table *table, 275*4882a593Smuzhiyun struct scatterlist *sg_add); 276*4882a593Smuzhiyun 277*4882a593Smuzhiyun int ccp_register_aes_algs(struct list_head *head); 278*4882a593Smuzhiyun int ccp_register_aes_cmac_algs(struct list_head *head); 279*4882a593Smuzhiyun int ccp_register_aes_xts_algs(struct list_head *head); 280*4882a593Smuzhiyun int ccp_register_aes_aeads(struct list_head *head); 281*4882a593Smuzhiyun int ccp_register_sha_algs(struct list_head *head); 282*4882a593Smuzhiyun int ccp_register_des3_algs(struct list_head *head); 283*4882a593Smuzhiyun int ccp_register_rsa_algs(struct list_head *head); 284*4882a593Smuzhiyun 285*4882a593Smuzhiyun #endif 286