1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2017 Conrad Meyer <cem@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #pragma once 30 31 #define CMD_QUEUE_MASK_OFFSET 0x000 32 #define CMD_QUEUE_PRIO_OFFSET 0x004 33 #define CMD_REQID_CONFIG_OFFSET 0x008 34 #define TRNG_OUT_OFFSET 0x00C 35 #define CMD_CMD_TIMEOUT_OFFSET 0x010 36 #define LSB_PUBLIC_MASK_LO_OFFSET 0x018 37 #define LSB_PUBLIC_MASK_HI_OFFSET 0x01C 38 #define LSB_PRIVATE_MASK_LO_OFFSET 0x020 39 #define LSB_PRIVATE_MASK_HI_OFFSET 0x024 40 41 #define VERSION_REG 0x100 42 #define VERSION_NUM_MASK 0x3F 43 #define VERSION_CAP_MASK 0x7FC0 44 #define VERSION_CAP_AES (1 << 6) 45 #define VERSION_CAP_3DES (1 << 7) 46 #define VERSION_CAP_SHA (1 << 8) 47 #define VERSION_CAP_RSA (1 << 9) 48 #define VERSION_CAP_ECC (1 << 10) 49 #define VERSION_CAP_ZDE (1 << 11) 50 #define VERSION_CAP_ZCE (1 << 12) 51 #define VERSION_CAP_TRNG (1 << 13) 52 #define VERSION_CAP_ELFC (1 << 14) 53 #define VERSION_NUMVQM_SHIFT 15 54 #define VERSION_NUMVQM_MASK 0xF 55 #define VERSION_LSBSIZE_SHIFT 19 56 #define VERSION_LSBSIZE_MASK 0x3FF 57 58 #define CMD_Q_CONTROL_BASE 0x000 59 #define CMD_Q_TAIL_LO_BASE 0x004 60 #define CMD_Q_HEAD_LO_BASE 0x008 61 #define CMD_Q_INT_ENABLE_BASE 0x00C 62 #define CMD_Q_INTERRUPT_STATUS_BASE 0x010 63 64 #define CMD_Q_STATUS_BASE 0x100 65 #define CMD_Q_INT_STATUS_BASE 0x104 66 67 #define CMD_Q_STATUS_INCR 0x1000 68 69 /* Don't think there's much point in keeping these -- OS can't access: */ 70 #define CMD_CONFIG_0_OFFSET 0x6000 71 #define CMD_TRNG_CTL_OFFSET 0x6008 72 #define CMD_AES_MASK_OFFSET 0x6010 73 #define CMD_CLK_GATE_CTL_OFFSET 0x603C 74 75 /* CMD_Q_CONTROL_BASE bits */ 76 #define CMD_Q_RUN (1 << 0) 77 #define CMD_Q_HALTED (1 << 1) 78 #define CMD_Q_MEM_LOCATION (1 << 2) 79 #define CMD_Q_SIZE_SHIFT 3 80 #define CMD_Q_SIZE_MASK 0x1F 81 #define CMD_Q_PTR_HI_SHIFT 16 82 #define CMD_Q_PTR_HI_MASK 0xFFFF 83 84 /* 85 * The following bits are used for both CMD_Q_INT_ENABLE_BASE and 86 * CMD_Q_INTERRUPT_STATUS_BASE. 87 */ 88 #define INT_COMPLETION (1 << 0) 89 #define INT_ERROR (1 << 1) 90 #define INT_QUEUE_STOPPED (1 << 2) 91 #define INT_QUEUE_EMPTY (1 << 3) 92 #define ALL_INTERRUPTS (INT_COMPLETION | \ 93 INT_ERROR | \ 94 INT_QUEUE_STOPPED | \ 95 INT_QUEUE_EMPTY) 96 97 #define STATUS_ERROR_MASK 0x3F 98 #define STATUS_JOBSTATUS_SHIFT 7 99 #define STATUS_JOBSTATUS_MASK 0x7 100 #define STATUS_ERRORSOURCE_SHIFT 10 101 #define STATUS_ERRORSOURCE_MASK 0x3 102 #define STATUS_VLSB_FAULTBLOCK_SHIFT 12 103 #define STATUS_VLSB_FAULTBLOCK_MASK 0x7 104 105 /* From JOBSTATUS field in STATUS register above */ 106 #define JOBSTATUS_IDLE 0 107 #define JOBSTATUS_ACTIVE_WAITING 1 108 #define JOBSTATUS_ACTIVE 2 109 #define JOBSTATUS_WAIT_ABORT 3 110 #define JOBSTATUS_DYN_ERROR 4 111 #define JOBSTATUS_PREPARE_HALT 5 112 113 /* From ERRORSOURCE field in STATUS register */ 114 #define ERRORSOURCE_INPUT_MEMORY 0 115 #define ERRORSOURCE_CMD_DESCRIPTOR 1 116 #define ERRORSOURCE_INPUT_DATA 2 117 #define ERRORSOURCE_KEY_DATA 3 118 119 #define Q_DESC_SIZE sizeof(struct ccp_desc) 120 121 enum ccp_aes_mode { 122 CCP_AES_MODE_ECB = 0, 123 CCP_AES_MODE_CBC, 124 CCP_AES_MODE_OFB, 125 CCP_AES_MODE_CFB, 126 CCP_AES_MODE_CTR, 127 CCP_AES_MODE_CMAC, 128 CCP_AES_MODE_GHASH, 129 CCP_AES_MODE_GCTR, 130 CCP_AES_MODE_IAPM_NIST, 131 CCP_AES_MODE_IAPM_IPSEC, 132 133 /* Not a real hardware mode; used as a sentinel value internally. */ 134 CCP_AES_MODE_XTS, 135 }; 136 137 enum ccp_aes_ghash_mode { 138 CCP_AES_MODE_GHASH_AAD = 0, 139 CCP_AES_MODE_GHASH_FINAL, 140 }; 141 142 enum ccp_aes_type { 143 CCP_AES_TYPE_128 = 0, 144 CCP_AES_TYPE_192, 145 CCP_AES_TYPE_256, 146 }; 147 148 enum ccp_des_mode { 149 CCP_DES_MODE_ECB = 0, 150 CCP_DES_MODE_CBC, 151 CCP_DES_MODE_CFB, 152 }; 153 154 enum ccp_des_type { 155 CCP_DES_TYPE_128 = 0, /* 112 + 16 parity */ 156 CCP_DES_TYPE_192, /* 168 + 24 parity */ 157 }; 158 159 enum ccp_sha_type { 160 CCP_SHA_TYPE_1 = 1, 161 CCP_SHA_TYPE_224, 162 CCP_SHA_TYPE_256, 163 CCP_SHA_TYPE_384, 164 CCP_SHA_TYPE_512, 165 CCP_SHA_TYPE_RSVD1, 166 CCP_SHA_TYPE_RSVD2, 167 CCP_SHA3_TYPE_224, 168 CCP_SHA3_TYPE_256, 169 CCP_SHA3_TYPE_384, 170 CCP_SHA3_TYPE_512, 171 }; 172 173 enum ccp_cipher_algo { 174 CCP_CIPHER_ALGO_AES_CBC = 0, 175 CCP_CIPHER_ALGO_AES_ECB, 176 CCP_CIPHER_ALGO_AES_CTR, 177 CCP_CIPHER_ALGO_AES_GCM, 178 CCP_CIPHER_ALGO_3DES_CBC, 179 }; 180 181 enum ccp_cipher_dir { 182 CCP_CIPHER_DIR_DECRYPT = 0, 183 CCP_CIPHER_DIR_ENCRYPT = 1, 184 }; 185 186 enum ccp_hash_algo { 187 CCP_AUTH_ALGO_SHA1 = 0, 188 CCP_AUTH_ALGO_SHA1_HMAC, 189 CCP_AUTH_ALGO_SHA224, 190 CCP_AUTH_ALGO_SHA224_HMAC, 191 CCP_AUTH_ALGO_SHA3_224, 192 CCP_AUTH_ALGO_SHA3_224_HMAC, 193 CCP_AUTH_ALGO_SHA256, 194 CCP_AUTH_ALGO_SHA256_HMAC, 195 CCP_AUTH_ALGO_SHA3_256, 196 CCP_AUTH_ALGO_SHA3_256_HMAC, 197 CCP_AUTH_ALGO_SHA384, 198 CCP_AUTH_ALGO_SHA384_HMAC, 199 CCP_AUTH_ALGO_SHA3_384, 200 CCP_AUTH_ALGO_SHA3_384_HMAC, 201 CCP_AUTH_ALGO_SHA512, 202 CCP_AUTH_ALGO_SHA512_HMAC, 203 CCP_AUTH_ALGO_SHA3_512, 204 CCP_AUTH_ALGO_SHA3_512_HMAC, 205 CCP_AUTH_ALGO_AES_CMAC, 206 CCP_AUTH_ALGO_AES_GCM, 207 }; 208 209 enum ccp_hash_op { 210 CCP_AUTH_OP_GENERATE = 0, 211 CCP_AUTH_OP_VERIFY = 1, 212 }; 213 214 enum ccp_engine { 215 CCP_ENGINE_AES = 0, 216 CCP_ENGINE_XTS_AES, 217 CCP_ENGINE_3DES, 218 CCP_ENGINE_SHA, 219 CCP_ENGINE_RSA, 220 CCP_ENGINE_PASSTHRU, 221 CCP_ENGINE_ZLIB_DECOMPRESS, 222 CCP_ENGINE_ECC, 223 }; 224 225 enum ccp_xts_unitsize { 226 CCP_XTS_AES_UNIT_SIZE_16 = 0, 227 CCP_XTS_AES_UNIT_SIZE_512, 228 CCP_XTS_AES_UNIT_SIZE_1024, 229 CCP_XTS_AES_UNIT_SIZE_2048, 230 CCP_XTS_AES_UNIT_SIZE_4096, 231 }; 232 233 enum ccp_passthru_bitwise { 234 CCP_PASSTHRU_BITWISE_NOOP = 0, 235 CCP_PASSTHRU_BITWISE_AND, 236 CCP_PASSTHRU_BITWISE_OR, 237 CCP_PASSTHRU_BITWISE_XOR, 238 CCP_PASSTHRU_BITWISE_MASK, 239 }; 240 241 enum ccp_passthru_byteswap { 242 CCP_PASSTHRU_BYTESWAP_NOOP = 0, 243 CCP_PASSTHRU_BYTESWAP_32BIT, 244 CCP_PASSTHRU_BYTESWAP_256BIT, 245 }; 246 247 /** 248 * descriptor for version 5 CPP commands 249 * 8 32-bit words: 250 * word 0: function; engine; control bits 251 * word 1: length of source data 252 * word 2: low 32 bits of source pointer 253 * word 3: upper 16 bits of source pointer; source memory type 254 * word 4: low 32 bits of destination pointer 255 * word 5: upper 16 bits of destination pointer; destination memory 256 * type 257 * word 6: low 32 bits of key pointer 258 * word 7: upper 16 bits of key pointer; key memory type 259 */ 260 261 struct ccp_desc { 262 union dword0 { 263 struct { 264 uint32_t hoc:1; /* Halt on completion */ 265 uint32_t ioc:1; /* Intr. on completion */ 266 uint32_t reserved_1:1; 267 uint32_t som:1; /* Start of message */ 268 uint32_t eom:1; /* End " */ 269 uint32_t size:7; 270 uint32_t encrypt:1; 271 uint32_t mode:5; 272 uint32_t type:2; 273 uint32_t engine:4; 274 uint32_t prot:1; 275 uint32_t reserved_2:7; 276 } aes; 277 struct { 278 uint32_t hoc:1; /* Halt on completion */ 279 uint32_t ioc:1; /* Intr. on completion */ 280 uint32_t reserved_1:1; 281 uint32_t som:1; /* Start of message */ 282 uint32_t eom:1; /* End " */ 283 uint32_t size:7; 284 uint32_t encrypt:1; 285 uint32_t mode:5; 286 uint32_t type:2; 287 uint32_t engine:4; 288 uint32_t prot:1; 289 uint32_t reserved_2:7; 290 } des; 291 struct { 292 uint32_t hoc:1; /* Halt on completion */ 293 uint32_t ioc:1; /* Intr. on completion */ 294 uint32_t reserved_1:1; 295 uint32_t som:1; /* Start of message */ 296 uint32_t eom:1; /* End " */ 297 uint32_t size:7; 298 uint32_t encrypt:1; 299 uint32_t reserved_2:5; 300 uint32_t type:2; 301 uint32_t engine:4; 302 uint32_t prot:1; 303 uint32_t reserved_3:7; 304 } aes_xts; 305 struct { 306 uint32_t hoc:1; /* Halt on completion */ 307 uint32_t ioc:1; /* Intr. on completion */ 308 uint32_t reserved_1:1; 309 uint32_t som:1; /* Start of message */ 310 uint32_t eom:1; /* End " */ 311 uint32_t reserved_2:10; 312 uint32_t type:4; 313 uint32_t reserved_3:1; 314 uint32_t engine:4; 315 uint32_t prot:1; 316 uint32_t reserved_4:7; 317 } sha; 318 struct { 319 uint32_t hoc:1; /* Halt on completion */ 320 uint32_t ioc:1; /* Intr. on completion */ 321 uint32_t reserved_1:1; 322 uint32_t som:1; /* Start of message */ 323 uint32_t eom:1; /* End " */ 324 uint32_t mode:3; 325 uint32_t size:12; 326 uint32_t engine:4; 327 uint32_t prot:1; 328 uint32_t reserved_2:7; 329 } rsa; 330 struct { 331 uint32_t hoc:1; /* Halt on completion */ 332 uint32_t ioc:1; /* Intr. on completion */ 333 uint32_t reserved_1:1; 334 uint32_t som:1; /* Start of message */ 335 uint32_t eom:1; /* End " */ 336 uint32_t byteswap:2; 337 uint32_t bitwise:3; 338 uint32_t reflect:2; 339 uint32_t reserved_2:8; 340 uint32_t engine:4; 341 uint32_t prot:1; 342 uint32_t reserved_3:7; 343 } pt; 344 struct { 345 uint32_t hoc:1; /* Halt on completion */ 346 uint32_t ioc:1; /* Intr. on completion */ 347 uint32_t reserved_1:1; 348 uint32_t som:1; /* Start of message */ 349 uint32_t eom:1; /* End " */ 350 uint32_t reserved_2:13; 351 uint32_t reserved_3:2; 352 uint32_t engine:4; 353 uint32_t prot:1; 354 uint32_t reserved_4:7; 355 } zlib; 356 struct { 357 uint32_t hoc:1; /* Halt on completion */ 358 uint32_t ioc:1; /* Intr. on completion */ 359 uint32_t reserved_1:1; 360 uint32_t som:1; /* Start of message */ 361 uint32_t eom:1; /* End " */ 362 uint32_t size:10; 363 uint32_t type:2; 364 uint32_t mode:3; 365 uint32_t engine:4; 366 uint32_t prot:1; 367 uint32_t reserved_2:7; 368 } ecc; 369 struct { 370 uint32_t hoc:1; /* Halt on completion */ 371 uint32_t ioc:1; /* Intr. on completion */ 372 uint32_t reserved_1:1; 373 uint32_t som:1; /* Start of message */ 374 uint32_t eom:1; /* End " */ 375 uint32_t function:15; 376 uint32_t engine:4; 377 uint32_t prot:1; 378 uint32_t reserved_2:7; 379 } /* generic */; 380 }; 381 382 uint32_t length; 383 uint32_t src_lo; 384 385 struct dword3 { 386 uint32_t src_hi:16; 387 uint32_t src_mem:2; 388 uint32_t lsb_ctx_id:8; 389 uint32_t reserved_3:5; 390 uint32_t src_fixed:1; 391 }; 392 393 union dword4 { 394 uint32_t dst_lo; /* NON-SHA */ 395 uint32_t sha_len_lo; /* SHA */ 396 }; 397 398 union dword5 { 399 struct { 400 uint32_t dst_hi:16; 401 uint32_t dst_mem:2; 402 uint32_t reserved_4:13; 403 uint32_t dst_fixed:1; 404 }; 405 uint32_t sha_len_hi; 406 }; 407 408 uint32_t key_lo; 409 410 struct dword7 { 411 uint32_t key_hi:16; 412 uint32_t key_mem:2; 413 uint32_t reserved_5:14; 414 }; 415 }; 416 417 enum ccp_memtype { 418 CCP_MEMTYPE_SYSTEM = 0, 419 CCP_MEMTYPE_SB, 420 CCP_MEMTYPE_LOCAL, 421 }; 422 423 enum ccp_cmd_order { 424 CCP_CMD_CIPHER = 0, 425 CCP_CMD_AUTH, 426 CCP_CMD_CIPHER_HASH, 427 CCP_CMD_HASH_CIPHER, 428 CCP_CMD_COMBINED, 429 CCP_CMD_NOT_SUPPORTED, 430 }; 431