1 /* SPDX-License-Identifier: GPL-2.0-only
2 * SPDX-FileCopyrightText: Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
3 *
4 * Header file for NVIDIA Security Engine driver.
5 */
6
7 #ifndef _TEGRA_SE_H
8 #define _TEGRA_SE_H
9
10 #include <linux/bitfield.h>
11 #include <linux/iommu.h>
12 #include <linux/host1x.h>
13 #include <crypto/aead.h>
14 #include <crypto/engine.h>
15 #include <crypto/hash.h>
16 #include <crypto/sha1.h>
17 #include <crypto/sha3.h>
18 #include <crypto/skcipher.h>
19
20 #define SE_OWNERSHIP 0x14
21 #define SE_OWNERSHIP_UID(x) FIELD_GET(GENMASK(7, 0), x)
22 #define TEGRA_GPSE_ID 3
23
24 #define SE_STREAM_ID 0x90
25
26 #define SE_SHA_CFG 0x4004
27 #define SE_SHA_KEY_ADDR 0x4094
28 #define SE_SHA_KEY_DATA 0x4098
29 #define SE_SHA_KEYMANIFEST 0x409c
30 #define SE_SHA_CRYPTO_CFG 0x40a4
31 #define SE_SHA_KEY_DST 0x40a8
32 #define SE_SHA_SRC_KSLT 0x4180
33 #define SE_SHA_TGT_KSLT 0x4184
34 #define SE_SHA_MSG_LENGTH 0x401c
35 #define SE_SHA_OPERATION 0x407c
36 #define SE_SHA_HASH_RESULT 0x40b0
37
38 #define SE_SHA_ENC_MODE(x) FIELD_PREP(GENMASK(31, 24), x)
39 #define SE_SHA_ENC_MODE_SHA1 SE_SHA_ENC_MODE(0)
40 #define SE_SHA_ENC_MODE_SHA224 SE_SHA_ENC_MODE(4)
41 #define SE_SHA_ENC_MODE_SHA256 SE_SHA_ENC_MODE(5)
42 #define SE_SHA_ENC_MODE_SHA384 SE_SHA_ENC_MODE(6)
43 #define SE_SHA_ENC_MODE_SHA512 SE_SHA_ENC_MODE(7)
44 #define SE_SHA_ENC_MODE_SHA_CTX_INTEGRITY SE_SHA_ENC_MODE(8)
45 #define SE_SHA_ENC_MODE_SHA3_224 SE_SHA_ENC_MODE(9)
46 #define SE_SHA_ENC_MODE_SHA3_256 SE_SHA_ENC_MODE(10)
47 #define SE_SHA_ENC_MODE_SHA3_384 SE_SHA_ENC_MODE(11)
48 #define SE_SHA_ENC_MODE_SHA3_512 SE_SHA_ENC_MODE(12)
49 #define SE_SHA_ENC_MODE_SHAKE128 SE_SHA_ENC_MODE(13)
50 #define SE_SHA_ENC_MODE_SHAKE256 SE_SHA_ENC_MODE(14)
51 #define SE_SHA_ENC_MODE_HMAC_SHA256_1KEY SE_SHA_ENC_MODE(0)
52 #define SE_SHA_ENC_MODE_HMAC_SHA256_2KEY SE_SHA_ENC_MODE(1)
53 #define SE_SHA_ENC_MODE_SM3_256 SE_SHA_ENC_MODE(0)
54
55 #define SE_SHA_CFG_ENC_ALG(x) FIELD_PREP(GENMASK(15, 12), x)
56 #define SE_SHA_ENC_ALG_NOP SE_SHA_CFG_ENC_ALG(0)
57 #define SE_SHA_ENC_ALG_SHA_ENC SE_SHA_CFG_ENC_ALG(1)
58 #define SE_SHA_ENC_ALG_RNG SE_SHA_CFG_ENC_ALG(2)
59 #define SE_SHA_ENC_ALG_SHA SE_SHA_CFG_ENC_ALG(3)
60 #define SE_SHA_ENC_ALG_SM3 SE_SHA_CFG_ENC_ALG(4)
61 #define SE_SHA_ENC_ALG_HMAC SE_SHA_CFG_ENC_ALG(7)
62 #define SE_SHA_ENC_ALG_KDF SE_SHA_CFG_ENC_ALG(8)
63 #define SE_SHA_ENC_ALG_KEY_INVLD SE_SHA_CFG_ENC_ALG(10)
64 #define SE_SHA_ENC_ALG_KEY_INQUIRE SE_SHA_CFG_ENC_ALG(12)
65 #define SE_SHA_ENC_ALG_INS SE_SHA_CFG_ENC_ALG(13)
66
67 #define SE_SHA_OP_LASTBUF FIELD_PREP(BIT(16), 1)
68 #define SE_SHA_OP_WRSTALL FIELD_PREP(BIT(15), 1)
69
70 #define SE_SHA_OP_OP(x) FIELD_PREP(GENMASK(2, 0), x)
71 #define SE_SHA_OP_START SE_SHA_OP_OP(1)
72 #define SE_SHA_OP_RESTART_OUT SE_SHA_OP_OP(2)
73 #define SE_SHA_OP_RESTART_IN SE_SHA_OP_OP(4)
74 #define SE_SHA_OP_RESTART_INOUT SE_SHA_OP_OP(5)
75 #define SE_SHA_OP_DUMMY SE_SHA_OP_OP(6)
76
77 #define SE_SHA_CFG_DEC_ALG(x) FIELD_PREP(GENMASK(11, 8), x)
78 #define SE_SHA_DEC_ALG_NOP SE_SHA_CFG_DEC_ALG(0)
79 #define SE_SHA_DEC_ALG_AES_DEC SE_SHA_CFG_DEC_ALG(1)
80 #define SE_SHA_DEC_ALG_HMAC SE_SHA_CFG_DEC_ALG(7)
81 #define SE_SHA_DEC_ALG_HMAC_VERIFY SE_SHA_CFG_DEC_ALG(9)
82
83 #define SE_SHA_CFG_DST(x) FIELD_PREP(GENMASK(4, 2), x)
84 #define SE_SHA_DST_MEMORY SE_SHA_CFG_DST(0)
85 #define SE_SHA_DST_HASH_REG SE_SHA_CFG_DST(1)
86 #define SE_SHA_DST_KEYTABLE SE_SHA_CFG_DST(2)
87 #define SE_SHA_DST_SRK SE_SHA_CFG_DST(3)
88
89 #define SE_SHA_TASK_HASH_INIT BIT(0)
90
91 /* AES Configuration */
92 #define SE_AES0_CFG 0x1004
93 #define SE_AES0_CRYPTO_CONFIG 0x1008
94 #define SE_AES0_KEY_DST 0x1030
95 #define SE_AES0_OPERATION 0x1038
96 #define SE_AES0_LINEAR_CTR 0x101c
97 #define SE_AES0_LAST_BLOCK 0x102c
98 #define SE_AES0_KEY_ADDR 0x10bc
99 #define SE_AES0_KEY_DATA 0x10c0
100 #define SE_AES0_CMAC_RESULT 0x10c4
101 #define SE_AES0_SRC_KSLT 0x1100
102 #define SE_AES0_TGT_KSLT 0x1104
103 #define SE_AES0_KEYMANIFEST 0x1114
104 #define SE_AES0_AAD_LEN 0x112c
105 #define SE_AES0_CRYPTO_MSG_LEN 0x1134
106
107 #define SE_AES1_CFG 0x2004
108 #define SE_AES1_CRYPTO_CONFIG 0x2008
109 #define SE_AES1_KEY_DST 0x2030
110 #define SE_AES1_OPERATION 0x2038
111 #define SE_AES1_LINEAR_CTR 0x201c
112 #define SE_AES1_LAST_BLOCK 0x202c
113 #define SE_AES1_KEY_ADDR 0x20bc
114 #define SE_AES1_KEY_DATA 0x20c0
115 #define SE_AES1_CMAC_RESULT 0x20c4
116 #define SE_AES1_SRC_KSLT 0x2100
117 #define SE_AES1_TGT_KSLT 0x2104
118 #define SE_AES1_KEYMANIFEST 0x2114
119 #define SE_AES1_AAD_LEN 0x212c
120 #define SE_AES1_CRYPTO_MSG_LEN 0x2134
121
122 #define SE_AES_CFG_ENC_MODE(x) FIELD_PREP(GENMASK(31, 24), x)
123 #define SE_AES_ENC_MODE_GMAC SE_AES_CFG_ENC_MODE(3)
124 #define SE_AES_ENC_MODE_GCM SE_AES_CFG_ENC_MODE(4)
125 #define SE_AES_ENC_MODE_GCM_FINAL SE_AES_CFG_ENC_MODE(5)
126 #define SE_AES_ENC_MODE_CMAC SE_AES_CFG_ENC_MODE(7)
127 #define SE_AES_ENC_MODE_CBC_MAC SE_AES_CFG_ENC_MODE(12)
128
129 #define SE_AES_CFG_DEC_MODE(x) FIELD_PREP(GENMASK(23, 16), x)
130 #define SE_AES_DEC_MODE_GMAC SE_AES_CFG_DEC_MODE(3)
131 #define SE_AES_DEC_MODE_GCM SE_AES_CFG_DEC_MODE(4)
132 #define SE_AES_DEC_MODE_GCM_FINAL SE_AES_CFG_DEC_MODE(5)
133 #define SE_AES_DEC_MODE_CBC_MAC SE_AES_CFG_DEC_MODE(12)
134
135 #define SE_AES_CFG_ENC_ALG(x) FIELD_PREP(GENMASK(15, 12), x)
136 #define SE_AES_ENC_ALG_NOP SE_AES_CFG_ENC_ALG(0)
137 #define SE_AES_ENC_ALG_AES_ENC SE_AES_CFG_ENC_ALG(1)
138 #define SE_AES_ENC_ALG_RNG SE_AES_CFG_ENC_ALG(2)
139 #define SE_AES_ENC_ALG_SHA SE_AES_CFG_ENC_ALG(3)
140 #define SE_AES_ENC_ALG_HMAC SE_AES_CFG_ENC_ALG(7)
141 #define SE_AES_ENC_ALG_KDF SE_AES_CFG_ENC_ALG(8)
142 #define SE_AES_ENC_ALG_INS SE_AES_CFG_ENC_ALG(13)
143
144 #define SE_AES_CFG_DEC_ALG(x) FIELD_PREP(GENMASK(11, 8), x)
145 #define SE_AES_DEC_ALG_NOP SE_AES_CFG_DEC_ALG(0)
146 #define SE_AES_DEC_ALG_AES_DEC SE_AES_CFG_DEC_ALG(1)
147
148 #define SE_AES_CFG_DST(x) FIELD_PREP(GENMASK(4, 2), x)
149 #define SE_AES_DST_MEMORY SE_AES_CFG_DST(0)
150 #define SE_AES_DST_HASH_REG SE_AES_CFG_DST(1)
151 #define SE_AES_DST_KEYTABLE SE_AES_CFG_DST(2)
152 #define SE_AES_DST_SRK SE_AES_CFG_DST(3)
153
154 /* AES Crypto Configuration */
155 #define SE_AES_KEY2_INDEX(x) FIELD_PREP(GENMASK(31, 28), x)
156 #define SE_AES_KEY_INDEX(x) FIELD_PREP(GENMASK(27, 24), x)
157
158 #define SE_AES_CRYPTO_CFG_SCC_DIS FIELD_PREP(BIT(20), 1)
159
160 #define SE_AES_CRYPTO_CFG_CTR_CNTN(x) FIELD_PREP(GENMASK(18, 11), x)
161
162 #define SE_AES_CRYPTO_CFG_IV_MODE(x) FIELD_PREP(BIT(10), x)
163 #define SE_AES_IV_MODE_SWIV SE_AES_CRYPTO_CFG_IV_MODE(0)
164 #define SE_AES_IV_MODE_HWIV SE_AES_CRYPTO_CFG_IV_MODE(1)
165
166 #define SE_AES_CRYPTO_CFG_CORE_SEL(x) FIELD_PREP(BIT(9), x)
167 #define SE_AES_CORE_SEL_DECRYPT SE_AES_CRYPTO_CFG_CORE_SEL(0)
168 #define SE_AES_CORE_SEL_ENCRYPT SE_AES_CRYPTO_CFG_CORE_SEL(1)
169
170 #define SE_AES_CRYPTO_CFG_IV_SEL(x) FIELD_PREP(GENMASK(8, 7), x)
171 #define SE_AES_IV_SEL_UPDATED SE_AES_CRYPTO_CFG_IV_SEL(1)
172 #define SE_AES_IV_SEL_REG SE_AES_CRYPTO_CFG_IV_SEL(2)
173 #define SE_AES_IV_SEL_RANDOM SE_AES_CRYPTO_CFG_IV_SEL(3)
174
175 #define SE_AES_CRYPTO_CFG_VCTRAM_SEL(x) FIELD_PREP(GENMASK(6, 5), x)
176 #define SE_AES_VCTRAM_SEL_MEMORY SE_AES_CRYPTO_CFG_VCTRAM_SEL(0)
177 #define SE_AES_VCTRAM_SEL_TWEAK SE_AES_CRYPTO_CFG_VCTRAM_SEL(1)
178 #define SE_AES_VCTRAM_SEL_AESOUT SE_AES_CRYPTO_CFG_VCTRAM_SEL(2)
179 #define SE_AES_VCTRAM_SEL_PREV_MEM SE_AES_CRYPTO_CFG_VCTRAM_SEL(3)
180
181 #define SE_AES_CRYPTO_CFG_INPUT_SEL(x) FIELD_PREP(GENMASK(4, 3), x)
182 #define SE_AES_INPUT_SEL_MEMORY SE_AES_CRYPTO_CFG_INPUT_SEL(0)
183 #define SE_AES_INPUT_SEL_RANDOM SE_AES_CRYPTO_CFG_INPUT_SEL(1)
184 #define SE_AES_INPUT_SEL_AESOUT SE_AES_CRYPTO_CFG_INPUT_SEL(2)
185 #define SE_AES_INPUT_SEL_LINEAR_CTR SE_AES_CRYPTO_CFG_INPUT_SEL(3)
186 #define SE_AES_INPUT_SEL_REG SE_AES_CRYPTO_CFG_INPUT_SEL(1)
187
188 #define SE_AES_CRYPTO_CFG_XOR_POS(x) FIELD_PREP(GENMASK(2, 1), x)
189 #define SE_AES_XOR_POS_BYPASS SE_AES_CRYPTO_CFG_XOR_POS(0)
190 #define SE_AES_XOR_POS_BOTH SE_AES_CRYPTO_CFG_XOR_POS(1)
191 #define SE_AES_XOR_POS_TOP SE_AES_CRYPTO_CFG_XOR_POS(2)
192 #define SE_AES_XOR_POS_BOTTOM SE_AES_CRYPTO_CFG_XOR_POS(3)
193
194 #define SE_AES_CRYPTO_CFG_HASH_EN(x) FIELD_PREP(BIT(0), x)
195 #define SE_AES_HASH_DISABLE SE_AES_CRYPTO_CFG_HASH_EN(0)
196 #define SE_AES_HASH_ENABLE SE_AES_CRYPTO_CFG_HASH_EN(1)
197
198 #define SE_LAST_BLOCK_VAL(x) FIELD_PREP(GENMASK(19, 0), x)
199 #define SE_LAST_BLOCK_RES_BITS(x) FIELD_PREP(GENMASK(26, 20), x)
200
201 #define SE_AES_OP_LASTBUF FIELD_PREP(BIT(16), 1)
202 #define SE_AES_OP_WRSTALL FIELD_PREP(BIT(15), 1)
203 #define SE_AES_OP_FINAL FIELD_PREP(BIT(5), 1)
204 #define SE_AES_OP_INIT FIELD_PREP(BIT(4), 1)
205
206 #define SE_AES_OP_OP(x) FIELD_PREP(GENMASK(2, 0), x)
207 #define SE_AES_OP_START SE_AES_OP_OP(1)
208 #define SE_AES_OP_RESTART_OUT SE_AES_OP_OP(2)
209 #define SE_AES_OP_RESTART_IN SE_AES_OP_OP(4)
210 #define SE_AES_OP_RESTART_INOUT SE_AES_OP_OP(5)
211 #define SE_AES_OP_DUMMY SE_AES_OP_OP(6)
212
213 #define SE_KAC_SIZE(x) FIELD_PREP(GENMASK(15, 14), x)
214 #define SE_KAC_SIZE_128 SE_KAC_SIZE(0)
215 #define SE_KAC_SIZE_192 SE_KAC_SIZE(1)
216 #define SE_KAC_SIZE_256 SE_KAC_SIZE(2)
217
218 #define SE_KAC_EXPORTABLE FIELD_PREP(BIT(12), 1)
219
220 #define SE_KAC_PURPOSE(x) FIELD_PREP(GENMASK(11, 8), x)
221 #define SE_KAC_ENC SE_KAC_PURPOSE(0)
222 #define SE_KAC_CMAC SE_KAC_PURPOSE(1)
223 #define SE_KAC_HMAC SE_KAC_PURPOSE(2)
224 #define SE_KAC_GCM_KW SE_KAC_PURPOSE(3)
225 #define SE_KAC_HMAC_KDK SE_KAC_PURPOSE(6)
226 #define SE_KAC_HMAC_KDD SE_KAC_PURPOSE(7)
227 #define SE_KAC_HMAC_KDD_KUW SE_KAC_PURPOSE(8)
228 #define SE_KAC_XTS SE_KAC_PURPOSE(9)
229 #define SE_KAC_GCM SE_KAC_PURPOSE(10)
230
231 #define SE_KAC_USER_NS FIELD_PREP(GENMASK(6, 4), 3)
232
233 #define SE_AES_KEY_DST_INDEX(x) FIELD_PREP(GENMASK(11, 8), x)
234 #define SE_ADDR_HI_MSB(x) FIELD_PREP(GENMASK(31, 24), x)
235 #define SE_ADDR_HI_SZ(x) FIELD_PREP(GENMASK(23, 0), x)
236
237 #define SE_CFG_AES_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \
238 SE_AES_DEC_ALG_NOP | \
239 SE_AES_DST_MEMORY)
240
241 #define SE_CFG_AES_DECRYPT (SE_AES_ENC_ALG_NOP | \
242 SE_AES_DEC_ALG_AES_DEC | \
243 SE_AES_DST_MEMORY)
244
245 #define SE_CFG_GMAC_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \
246 SE_AES_DEC_ALG_NOP | \
247 SE_AES_ENC_MODE_GMAC | \
248 SE_AES_DST_MEMORY)
249
250 #define SE_CFG_GMAC_DECRYPT (SE_AES_ENC_ALG_NOP | \
251 SE_AES_DEC_ALG_AES_DEC | \
252 SE_AES_DEC_MODE_GMAC | \
253 SE_AES_DST_MEMORY)
254
255 #define SE_CFG_GCM_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \
256 SE_AES_DEC_ALG_NOP | \
257 SE_AES_ENC_MODE_GCM | \
258 SE_AES_DST_MEMORY)
259
260 #define SE_CFG_GCM_DECRYPT (SE_AES_ENC_ALG_NOP | \
261 SE_AES_DEC_ALG_AES_DEC | \
262 SE_AES_DEC_MODE_GCM | \
263 SE_AES_DST_MEMORY)
264
265 #define SE_CFG_GCM_FINAL_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \
266 SE_AES_DEC_ALG_NOP | \
267 SE_AES_ENC_MODE_GCM_FINAL | \
268 SE_AES_DST_MEMORY)
269
270 #define SE_CFG_GCM_FINAL_DECRYPT (SE_AES_ENC_ALG_NOP | \
271 SE_AES_DEC_ALG_AES_DEC | \
272 SE_AES_DEC_MODE_GCM_FINAL | \
273 SE_AES_DST_MEMORY)
274
275 #define SE_CFG_CMAC (SE_AES_ENC_ALG_AES_ENC | \
276 SE_AES_ENC_MODE_CMAC | \
277 SE_AES_DST_HASH_REG)
278
279 #define SE_CFG_CBC_MAC (SE_AES_ENC_ALG_AES_ENC | \
280 SE_AES_ENC_MODE_CBC_MAC)
281
282 #define SE_CFG_INS (SE_AES_ENC_ALG_INS | \
283 SE_AES_DEC_ALG_NOP)
284
285 #define SE_CRYPTO_CFG_ECB_ENCRYPT (SE_AES_INPUT_SEL_MEMORY | \
286 SE_AES_XOR_POS_BYPASS | \
287 SE_AES_CORE_SEL_ENCRYPT)
288
289 #define SE_CRYPTO_CFG_ECB_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \
290 SE_AES_XOR_POS_BYPASS | \
291 SE_AES_CORE_SEL_DECRYPT)
292
293 #define SE_CRYPTO_CFG_CBC_ENCRYPT (SE_AES_INPUT_SEL_MEMORY | \
294 SE_AES_VCTRAM_SEL_AESOUT | \
295 SE_AES_XOR_POS_TOP | \
296 SE_AES_CORE_SEL_ENCRYPT | \
297 SE_AES_IV_SEL_REG)
298
299 #define SE_CRYPTO_CFG_CBC_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \
300 SE_AES_VCTRAM_SEL_PREV_MEM | \
301 SE_AES_XOR_POS_BOTTOM | \
302 SE_AES_CORE_SEL_DECRYPT | \
303 SE_AES_IV_SEL_REG)
304
305 #define SE_CRYPTO_CFG_CTR (SE_AES_INPUT_SEL_LINEAR_CTR | \
306 SE_AES_VCTRAM_SEL_MEMORY | \
307 SE_AES_XOR_POS_BOTTOM | \
308 SE_AES_CORE_SEL_ENCRYPT | \
309 SE_AES_CRYPTO_CFG_CTR_CNTN(1) | \
310 SE_AES_IV_SEL_REG)
311
312 #define SE_CRYPTO_CFG_XTS_ENCRYPT (SE_AES_INPUT_SEL_MEMORY | \
313 SE_AES_VCTRAM_SEL_TWEAK | \
314 SE_AES_XOR_POS_BOTH | \
315 SE_AES_CORE_SEL_ENCRYPT | \
316 SE_AES_IV_SEL_REG)
317
318 #define SE_CRYPTO_CFG_XTS_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \
319 SE_AES_VCTRAM_SEL_TWEAK | \
320 SE_AES_XOR_POS_BOTH | \
321 SE_AES_CORE_SEL_DECRYPT | \
322 SE_AES_IV_SEL_REG)
323
324 #define SE_CRYPTO_CFG_XTS_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \
325 SE_AES_VCTRAM_SEL_TWEAK | \
326 SE_AES_XOR_POS_BOTH | \
327 SE_AES_CORE_SEL_DECRYPT | \
328 SE_AES_IV_SEL_REG)
329
330 #define SE_CRYPTO_CFG_CBC_MAC (SE_AES_INPUT_SEL_MEMORY | \
331 SE_AES_VCTRAM_SEL_AESOUT | \
332 SE_AES_XOR_POS_TOP | \
333 SE_AES_CORE_SEL_ENCRYPT | \
334 SE_AES_HASH_ENABLE | \
335 SE_AES_IV_SEL_REG)
336
337 #define HASH_RESULT_REG_COUNT 50
338 #define CMAC_RESULT_REG_COUNT 4
339
340 #define SE_CRYPTO_CTR_REG_COUNT 4
341 #define SE_MAX_KEYSLOT 15
342 #define SE_MAX_MEM_ALLOC SZ_4M
343 #define SE_AES_BUFLEN 0x8000
344 #define SE_SHA_BUFLEN 0x2000
345
346 #define SHA_FIRST BIT(0)
347 #define SHA_UPDATE BIT(1)
348 #define SHA_FINAL BIT(2)
349
350 /* Security Engine operation modes */
351 enum se_aes_alg {
352 SE_ALG_CBC, /* Cipher Block Chaining (CBC) mode */
353 SE_ALG_ECB, /* Electronic Codebook (ECB) mode */
354 SE_ALG_CTR, /* Counter (CTR) mode */
355 SE_ALG_XTS, /* XTS mode */
356 SE_ALG_GMAC, /* GMAC mode */
357 SE_ALG_GCM, /* GCM mode */
358 SE_ALG_GCM_FINAL, /* GCM FINAL mode */
359 SE_ALG_CMAC, /* Cipher-based MAC (CMAC) mode */
360 SE_ALG_CBC_MAC, /* CBC MAC mode */
361 };
362
363 enum se_hash_alg {
364 SE_ALG_RNG_DRBG, /* Deterministic Random Bit Generator */
365 SE_ALG_SHA1, /* Secure Hash Algorithm-1 (SHA1) mode */
366 SE_ALG_SHA224, /* Secure Hash Algorithm-224 (SHA224) mode */
367 SE_ALG_SHA256, /* Secure Hash Algorithm-256 (SHA256) mode */
368 SE_ALG_SHA384, /* Secure Hash Algorithm-384 (SHA384) mode */
369 SE_ALG_SHA512, /* Secure Hash Algorithm-512 (SHA512) mode */
370 SE_ALG_SHA3_224, /* Secure Hash Algorithm3-224 (SHA3-224) mode */
371 SE_ALG_SHA3_256, /* Secure Hash Algorithm3-256 (SHA3-256) mode */
372 SE_ALG_SHA3_384, /* Secure Hash Algorithm3-384 (SHA3-384) mode */
373 SE_ALG_SHA3_512, /* Secure Hash Algorithm3-512 (SHA3-512) mode */
374 SE_ALG_SHAKE128, /* Secure Hash Algorithm3 (SHAKE128) mode */
375 SE_ALG_SHAKE256, /* Secure Hash Algorithm3 (SHAKE256) mode */
376 SE_ALG_HMAC_SHA224, /* Hash based MAC (HMAC) - 224 */
377 SE_ALG_HMAC_SHA256, /* Hash based MAC (HMAC) - 256 */
378 SE_ALG_HMAC_SHA384, /* Hash based MAC (HMAC) - 384 */
379 SE_ALG_HMAC_SHA512, /* Hash based MAC (HMAC) - 512 */
380 };
381
382 struct tegra_se_alg {
383 struct tegra_se *se_dev;
384 const char *alg_base;
385
386 union {
387 struct skcipher_engine_alg skcipher;
388 struct aead_engine_alg aead;
389 struct ahash_engine_alg ahash;
390 } alg;
391 };
392
393 struct tegra_se_regs {
394 u32 op;
395 u32 config;
396 u32 last_blk;
397 u32 linear_ctr;
398 u32 out_addr;
399 u32 aad_len;
400 u32 cryp_msg_len;
401 u32 manifest;
402 u32 key_addr;
403 u32 key_data;
404 u32 key_dst;
405 u32 result;
406 };
407
408 struct tegra_se_hw {
409 const struct tegra_se_regs *regs;
410 int (*init_alg)(struct tegra_se *se);
411 void (*deinit_alg)(struct tegra_se *se);
412 bool support_sm_alg;
413 u32 host1x_class;
414 u32 kac_ver;
415 };
416
417 struct tegra_se {
418 int (*manifest)(u32 user, u32 alg, u32 keylen);
419 const struct tegra_se_hw *hw;
420 struct host1x_client client;
421 struct host1x_channel *channel;
422 struct tegra_se_cmdbuf *cmdbuf;
423 struct crypto_engine *engine;
424 struct host1x_syncpt *syncpt;
425 struct device *dev;
426 struct clk *clk;
427 unsigned int opcode_addr;
428 unsigned int stream_id;
429 unsigned int syncpt_id;
430 void __iomem *base;
431 u32 owner;
432 };
433
434 struct tegra_se_cmdbuf {
435 dma_addr_t iova;
436 u32 *addr;
437 struct device *dev;
438 struct kref ref;
439 struct host1x_bo bo;
440 ssize_t size;
441 u32 words;
442 };
443
444 struct tegra_se_datbuf {
445 u8 *buf;
446 dma_addr_t addr;
447 ssize_t size;
448 };
449
se_algname_to_algid(const char * name)450 static inline int se_algname_to_algid(const char *name)
451 {
452 if (!strcmp(name, "cbc(aes)"))
453 return SE_ALG_CBC;
454 else if (!strcmp(name, "ecb(aes)"))
455 return SE_ALG_ECB;
456 else if (!strcmp(name, "ctr(aes)"))
457 return SE_ALG_CTR;
458 else if (!strcmp(name, "xts(aes)"))
459 return SE_ALG_XTS;
460 else if (!strcmp(name, "cmac(aes)"))
461 return SE_ALG_CMAC;
462 else if (!strcmp(name, "gcm(aes)"))
463 return SE_ALG_GCM;
464 else if (!strcmp(name, "ccm(aes)"))
465 return SE_ALG_CBC_MAC;
466
467 else if (!strcmp(name, "sha1"))
468 return SE_ALG_SHA1;
469 else if (!strcmp(name, "sha224"))
470 return SE_ALG_SHA224;
471 else if (!strcmp(name, "sha256"))
472 return SE_ALG_SHA256;
473 else if (!strcmp(name, "sha384"))
474 return SE_ALG_SHA384;
475 else if (!strcmp(name, "sha512"))
476 return SE_ALG_SHA512;
477 else if (!strcmp(name, "sha3-224"))
478 return SE_ALG_SHA3_224;
479 else if (!strcmp(name, "sha3-256"))
480 return SE_ALG_SHA3_256;
481 else if (!strcmp(name, "sha3-384"))
482 return SE_ALG_SHA3_384;
483 else if (!strcmp(name, "sha3-512"))
484 return SE_ALG_SHA3_512;
485 else if (!strcmp(name, "hmac(sha224)"))
486 return SE_ALG_HMAC_SHA224;
487 else if (!strcmp(name, "hmac(sha256)"))
488 return SE_ALG_HMAC_SHA256;
489 else if (!strcmp(name, "hmac(sha384)"))
490 return SE_ALG_HMAC_SHA384;
491 else if (!strcmp(name, "hmac(sha512)"))
492 return SE_ALG_HMAC_SHA512;
493 else
494 return -EINVAL;
495 }
496
497 /* Functions */
498 int tegra_init_aes(struct tegra_se *se);
499 int tegra_init_hash(struct tegra_se *se);
500 void tegra_deinit_aes(struct tegra_se *se);
501 void tegra_deinit_hash(struct tegra_se *se);
502 int tegra_key_submit(struct tegra_se *se, const u8 *key,
503 u32 keylen, u32 alg, u32 *keyid);
504 void tegra_key_invalidate(struct tegra_se *se, u32 keyid, u32 alg);
505 int tegra_se_host1x_submit(struct tegra_se *se, u32 size);
506
507 /* HOST1x OPCODES */
host1x_opcode_setpayload(unsigned int payload)508 static inline u32 host1x_opcode_setpayload(unsigned int payload)
509 {
510 return (9 << 28) | payload;
511 }
512
host1x_opcode_incr_w(unsigned int offset)513 static inline u32 host1x_opcode_incr_w(unsigned int offset)
514 {
515 /* 22-bit offset supported */
516 return (10 << 28) | offset;
517 }
518
host1x_opcode_nonincr_w(unsigned int offset)519 static inline u32 host1x_opcode_nonincr_w(unsigned int offset)
520 {
521 /* 22-bit offset supported */
522 return (11 << 28) | offset;
523 }
524
host1x_opcode_incr(unsigned int offset,unsigned int count)525 static inline u32 host1x_opcode_incr(unsigned int offset, unsigned int count)
526 {
527 return (1 << 28) | (offset << 16) | count;
528 }
529
host1x_opcode_nonincr(unsigned int offset,unsigned int count)530 static inline u32 host1x_opcode_nonincr(unsigned int offset, unsigned int count)
531 {
532 return (2 << 28) | (offset << 16) | count;
533 }
534
host1x_uclass_incr_syncpt_cond_f(u32 v)535 static inline u32 host1x_uclass_incr_syncpt_cond_f(u32 v)
536 {
537 return (v & 0xff) << 10;
538 }
539
host1x_uclass_incr_syncpt_indx_f(u32 v)540 static inline u32 host1x_uclass_incr_syncpt_indx_f(u32 v)
541 {
542 return (v & 0x3ff) << 0;
543 }
544
host1x_uclass_wait_syncpt_r(void)545 static inline u32 host1x_uclass_wait_syncpt_r(void)
546 {
547 return 0x8;
548 }
549
host1x_uclass_incr_syncpt_r(void)550 static inline u32 host1x_uclass_incr_syncpt_r(void)
551 {
552 return 0x0;
553 }
554
555 #define se_host1x_opcode_incr_w(x) host1x_opcode_incr_w((x) / 4)
556 #define se_host1x_opcode_nonincr_w(x) host1x_opcode_nonincr_w((x) / 4)
557 #define se_host1x_opcode_incr(x, y) host1x_opcode_incr((x) / 4, y)
558 #define se_host1x_opcode_nonincr(x, y) host1x_opcode_nonincr((x) / 4, y)
559
560 #endif /*_TEGRA_SE_H*/
561