1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2017 Conrad Meyer <cem@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * 28 * $FreeBSD$ 29 */ 30 31 #pragma once 32 33 #define CMD_QUEUE_MASK_OFFSET 0x000 34 #define CMD_QUEUE_PRIO_OFFSET 0x004 35 #define CMD_REQID_CONFIG_OFFSET 0x008 36 #define TRNG_OUT_OFFSET 0x00C 37 #define CMD_CMD_TIMEOUT_OFFSET 0x010 38 #define LSB_PUBLIC_MASK_LO_OFFSET 0x018 39 #define LSB_PUBLIC_MASK_HI_OFFSET 0x01C 40 #define LSB_PRIVATE_MASK_LO_OFFSET 0x020 41 #define LSB_PRIVATE_MASK_HI_OFFSET 0x024 42 43 #define VERSION_REG 0x100 44 #define VERSION_NUM_MASK 0x3F 45 #define VERSION_CAP_MASK 0x7FC0 46 #define VERSION_CAP_AES (1 << 6) 47 #define VERSION_CAP_3DES (1 << 7) 48 #define VERSION_CAP_SHA (1 << 8) 49 #define VERSION_CAP_RSA (1 << 9) 50 #define VERSION_CAP_ECC (1 << 10) 51 #define VERSION_CAP_ZDE (1 << 11) 52 #define VERSION_CAP_ZCE (1 << 12) 53 #define VERSION_CAP_TRNG (1 << 13) 54 #define VERSION_CAP_ELFC (1 << 14) 55 #define VERSION_NUMVQM_SHIFT 15 56 #define VERSION_NUMVQM_MASK 0xF 57 #define VERSION_LSBSIZE_SHIFT 19 58 #define VERSION_LSBSIZE_MASK 0x3FF 59 60 #define CMD_Q_CONTROL_BASE 0x000 61 #define CMD_Q_TAIL_LO_BASE 0x004 62 #define CMD_Q_HEAD_LO_BASE 0x008 63 #define CMD_Q_INT_ENABLE_BASE 0x00C 64 #define CMD_Q_INTERRUPT_STATUS_BASE 0x010 65 66 #define CMD_Q_STATUS_BASE 0x100 67 #define CMD_Q_INT_STATUS_BASE 0x104 68 69 #define CMD_Q_STATUS_INCR 0x1000 70 71 /* Don't think there's much point in keeping these -- OS can't access: */ 72 #define CMD_CONFIG_0_OFFSET 0x6000 73 #define CMD_TRNG_CTL_OFFSET 0x6008 74 #define CMD_AES_MASK_OFFSET 0x6010 75 #define CMD_CLK_GATE_CTL_OFFSET 0x603C 76 77 /* CMD_Q_CONTROL_BASE bits */ 78 #define CMD_Q_RUN (1 << 0) 79 #define CMD_Q_HALTED (1 << 1) 80 #define CMD_Q_MEM_LOCATION (1 << 2) 81 #define CMD_Q_SIZE_SHIFT 3 82 #define CMD_Q_SIZE_MASK 0x1F 83 #define CMD_Q_PTR_HI_SHIFT 16 84 #define CMD_Q_PTR_HI_MASK 0xFFFF 85 86 /* 87 * The following bits are used for both CMD_Q_INT_ENABLE_BASE and 88 * CMD_Q_INTERRUPT_STATUS_BASE. 89 */ 90 #define INT_COMPLETION (1 << 0) 91 #define INT_ERROR (1 << 1) 92 #define INT_QUEUE_STOPPED (1 << 2) 93 #define INT_QUEUE_EMPTY (1 << 3) 94 #define ALL_INTERRUPTS (INT_COMPLETION | \ 95 INT_ERROR | \ 96 INT_QUEUE_STOPPED | \ 97 INT_QUEUE_EMPTY) 98 99 #define STATUS_ERROR_MASK 0x3F 100 #define STATUS_JOBSTATUS_SHIFT 7 101 #define STATUS_JOBSTATUS_MASK 0x7 102 #define STATUS_ERRORSOURCE_SHIFT 10 103 #define STATUS_ERRORSOURCE_MASK 0x3 104 #define STATUS_VLSB_FAULTBLOCK_SHIFT 12 105 #define STATUS_VLSB_FAULTBLOCK_MASK 0x7 106 107 /* From JOBSTATUS field in STATUS register above */ 108 #define JOBSTATUS_IDLE 0 109 #define JOBSTATUS_ACTIVE_WAITING 1 110 #define JOBSTATUS_ACTIVE 2 111 #define JOBSTATUS_WAIT_ABORT 3 112 #define JOBSTATUS_DYN_ERROR 4 113 #define JOBSTATUS_PREPARE_HALT 5 114 115 /* From ERRORSOURCE field in STATUS register */ 116 #define ERRORSOURCE_INPUT_MEMORY 0 117 #define ERRORSOURCE_CMD_DESCRIPTOR 1 118 #define ERRORSOURCE_INPUT_DATA 2 119 #define ERRORSOURCE_KEY_DATA 3 120 121 #define Q_DESC_SIZE sizeof(struct ccp_desc) 122 123 enum ccp_aes_mode { 124 CCP_AES_MODE_ECB = 0, 125 CCP_AES_MODE_CBC, 126 CCP_AES_MODE_OFB, 127 CCP_AES_MODE_CFB, 128 CCP_AES_MODE_CTR, 129 CCP_AES_MODE_CMAC, 130 CCP_AES_MODE_GHASH, 131 CCP_AES_MODE_GCTR, 132 CCP_AES_MODE_IAPM_NIST, 133 CCP_AES_MODE_IAPM_IPSEC, 134 135 /* Not a real hardware mode; used as a sentinel value internally. */ 136 CCP_AES_MODE_XTS, 137 }; 138 139 enum ccp_aes_ghash_mode { 140 CCP_AES_MODE_GHASH_AAD = 0, 141 CCP_AES_MODE_GHASH_FINAL, 142 }; 143 144 enum ccp_aes_type { 145 CCP_AES_TYPE_128 = 0, 146 CCP_AES_TYPE_192, 147 CCP_AES_TYPE_256, 148 }; 149 150 enum ccp_des_mode { 151 CCP_DES_MODE_ECB = 0, 152 CCP_DES_MODE_CBC, 153 CCP_DES_MODE_CFB, 154 }; 155 156 enum ccp_des_type { 157 CCP_DES_TYPE_128 = 0, /* 112 + 16 parity */ 158 CCP_DES_TYPE_192, /* 168 + 24 parity */ 159 }; 160 161 enum ccp_sha_type { 162 CCP_SHA_TYPE_1 = 1, 163 CCP_SHA_TYPE_224, 164 CCP_SHA_TYPE_256, 165 CCP_SHA_TYPE_384, 166 CCP_SHA_TYPE_512, 167 CCP_SHA_TYPE_RSVD1, 168 CCP_SHA_TYPE_RSVD2, 169 CCP_SHA3_TYPE_224, 170 CCP_SHA3_TYPE_256, 171 CCP_SHA3_TYPE_384, 172 CCP_SHA3_TYPE_512, 173 }; 174 175 enum ccp_cipher_algo { 176 CCP_CIPHER_ALGO_AES_CBC = 0, 177 CCP_CIPHER_ALGO_AES_ECB, 178 CCP_CIPHER_ALGO_AES_CTR, 179 CCP_CIPHER_ALGO_AES_GCM, 180 CCP_CIPHER_ALGO_3DES_CBC, 181 }; 182 183 enum ccp_cipher_dir { 184 CCP_CIPHER_DIR_DECRYPT = 0, 185 CCP_CIPHER_DIR_ENCRYPT = 1, 186 }; 187 188 enum ccp_hash_algo { 189 CCP_AUTH_ALGO_SHA1 = 0, 190 CCP_AUTH_ALGO_SHA1_HMAC, 191 CCP_AUTH_ALGO_SHA224, 192 CCP_AUTH_ALGO_SHA224_HMAC, 193 CCP_AUTH_ALGO_SHA3_224, 194 CCP_AUTH_ALGO_SHA3_224_HMAC, 195 CCP_AUTH_ALGO_SHA256, 196 CCP_AUTH_ALGO_SHA256_HMAC, 197 CCP_AUTH_ALGO_SHA3_256, 198 CCP_AUTH_ALGO_SHA3_256_HMAC, 199 CCP_AUTH_ALGO_SHA384, 200 CCP_AUTH_ALGO_SHA384_HMAC, 201 CCP_AUTH_ALGO_SHA3_384, 202 CCP_AUTH_ALGO_SHA3_384_HMAC, 203 CCP_AUTH_ALGO_SHA512, 204 CCP_AUTH_ALGO_SHA512_HMAC, 205 CCP_AUTH_ALGO_SHA3_512, 206 CCP_AUTH_ALGO_SHA3_512_HMAC, 207 CCP_AUTH_ALGO_AES_CMAC, 208 CCP_AUTH_ALGO_AES_GCM, 209 }; 210 211 enum ccp_hash_op { 212 CCP_AUTH_OP_GENERATE = 0, 213 CCP_AUTH_OP_VERIFY = 1, 214 }; 215 216 enum ccp_engine { 217 CCP_ENGINE_AES = 0, 218 CCP_ENGINE_XTS_AES, 219 CCP_ENGINE_3DES, 220 CCP_ENGINE_SHA, 221 CCP_ENGINE_RSA, 222 CCP_ENGINE_PASSTHRU, 223 CCP_ENGINE_ZLIB_DECOMPRESS, 224 CCP_ENGINE_ECC, 225 }; 226 227 enum ccp_xts_unitsize { 228 CCP_XTS_AES_UNIT_SIZE_16 = 0, 229 CCP_XTS_AES_UNIT_SIZE_512, 230 CCP_XTS_AES_UNIT_SIZE_1024, 231 CCP_XTS_AES_UNIT_SIZE_2048, 232 CCP_XTS_AES_UNIT_SIZE_4096, 233 }; 234 235 enum ccp_passthru_bitwise { 236 CCP_PASSTHRU_BITWISE_NOOP = 0, 237 CCP_PASSTHRU_BITWISE_AND, 238 CCP_PASSTHRU_BITWISE_OR, 239 CCP_PASSTHRU_BITWISE_XOR, 240 CCP_PASSTHRU_BITWISE_MASK, 241 }; 242 243 enum ccp_passthru_byteswap { 244 CCP_PASSTHRU_BYTESWAP_NOOP = 0, 245 CCP_PASSTHRU_BYTESWAP_32BIT, 246 CCP_PASSTHRU_BYTESWAP_256BIT, 247 }; 248 249 /** 250 * descriptor for version 5 CPP commands 251 * 8 32-bit words: 252 * word 0: function; engine; control bits 253 * word 1: length of source data 254 * word 2: low 32 bits of source pointer 255 * word 3: upper 16 bits of source pointer; source memory type 256 * word 4: low 32 bits of destination pointer 257 * word 5: upper 16 bits of destination pointer; destination memory 258 * type 259 * word 6: low 32 bits of key pointer 260 * word 7: upper 16 bits of key pointer; key memory type 261 */ 262 263 struct ccp_desc { 264 union dword0 { 265 struct { 266 uint32_t hoc:1; /* Halt on completion */ 267 uint32_t ioc:1; /* Intr. on completion */ 268 uint32_t reserved_1:1; 269 uint32_t som:1; /* Start of message */ 270 uint32_t eom:1; /* End " */ 271 uint32_t size:7; 272 uint32_t encrypt:1; 273 uint32_t mode:5; 274 uint32_t type:2; 275 uint32_t engine:4; 276 uint32_t prot:1; 277 uint32_t reserved_2:7; 278 } aes; 279 struct { 280 uint32_t hoc:1; /* Halt on completion */ 281 uint32_t ioc:1; /* Intr. on completion */ 282 uint32_t reserved_1:1; 283 uint32_t som:1; /* Start of message */ 284 uint32_t eom:1; /* End " */ 285 uint32_t size:7; 286 uint32_t encrypt:1; 287 uint32_t mode:5; 288 uint32_t type:2; 289 uint32_t engine:4; 290 uint32_t prot:1; 291 uint32_t reserved_2:7; 292 } des; 293 struct { 294 uint32_t hoc:1; /* Halt on completion */ 295 uint32_t ioc:1; /* Intr. on completion */ 296 uint32_t reserved_1:1; 297 uint32_t som:1; /* Start of message */ 298 uint32_t eom:1; /* End " */ 299 uint32_t size:7; 300 uint32_t encrypt:1; 301 uint32_t reserved_2:5; 302 uint32_t type:2; 303 uint32_t engine:4; 304 uint32_t prot:1; 305 uint32_t reserved_3:7; 306 } aes_xts; 307 struct { 308 uint32_t hoc:1; /* Halt on completion */ 309 uint32_t ioc:1; /* Intr. on completion */ 310 uint32_t reserved_1:1; 311 uint32_t som:1; /* Start of message */ 312 uint32_t eom:1; /* End " */ 313 uint32_t reserved_2:10; 314 uint32_t type:4; 315 uint32_t reserved_3:1; 316 uint32_t engine:4; 317 uint32_t prot:1; 318 uint32_t reserved_4:7; 319 } sha; 320 struct { 321 uint32_t hoc:1; /* Halt on completion */ 322 uint32_t ioc:1; /* Intr. on completion */ 323 uint32_t reserved_1:1; 324 uint32_t som:1; /* Start of message */ 325 uint32_t eom:1; /* End " */ 326 uint32_t mode:3; 327 uint32_t size:12; 328 uint32_t engine:4; 329 uint32_t prot:1; 330 uint32_t reserved_2:7; 331 } rsa; 332 struct { 333 uint32_t hoc:1; /* Halt on completion */ 334 uint32_t ioc:1; /* Intr. on completion */ 335 uint32_t reserved_1:1; 336 uint32_t som:1; /* Start of message */ 337 uint32_t eom:1; /* End " */ 338 uint32_t byteswap:2; 339 uint32_t bitwise:3; 340 uint32_t reflect:2; 341 uint32_t reserved_2:8; 342 uint32_t engine:4; 343 uint32_t prot:1; 344 uint32_t reserved_3:7; 345 } pt; 346 struct { 347 uint32_t hoc:1; /* Halt on completion */ 348 uint32_t ioc:1; /* Intr. on completion */ 349 uint32_t reserved_1:1; 350 uint32_t som:1; /* Start of message */ 351 uint32_t eom:1; /* End " */ 352 uint32_t reserved_2:13; 353 uint32_t reserved_3:2; 354 uint32_t engine:4; 355 uint32_t prot:1; 356 uint32_t reserved_4:7; 357 } zlib; 358 struct { 359 uint32_t hoc:1; /* Halt on completion */ 360 uint32_t ioc:1; /* Intr. on completion */ 361 uint32_t reserved_1:1; 362 uint32_t som:1; /* Start of message */ 363 uint32_t eom:1; /* End " */ 364 uint32_t size:10; 365 uint32_t type:2; 366 uint32_t mode:3; 367 uint32_t engine:4; 368 uint32_t prot:1; 369 uint32_t reserved_2:7; 370 } ecc; 371 struct { 372 uint32_t hoc:1; /* Halt on completion */ 373 uint32_t ioc:1; /* Intr. on completion */ 374 uint32_t reserved_1:1; 375 uint32_t som:1; /* Start of message */ 376 uint32_t eom:1; /* End " */ 377 uint32_t function:15; 378 uint32_t engine:4; 379 uint32_t prot:1; 380 uint32_t reserved_2:7; 381 } /* generic */; 382 }; 383 384 uint32_t length; 385 uint32_t src_lo; 386 387 struct dword3 { 388 uint32_t src_hi:16; 389 uint32_t src_mem:2; 390 uint32_t lsb_ctx_id:8; 391 uint32_t reserved_3:5; 392 uint32_t src_fixed:1; 393 }; 394 395 union dword4 { 396 uint32_t dst_lo; /* NON-SHA */ 397 uint32_t sha_len_lo; /* SHA */ 398 }; 399 400 union dword5 { 401 struct { 402 uint32_t dst_hi:16; 403 uint32_t dst_mem:2; 404 uint32_t reserved_4:13; 405 uint32_t dst_fixed:1; 406 }; 407 uint32_t sha_len_hi; 408 }; 409 410 uint32_t key_lo; 411 412 struct dword7 { 413 uint32_t key_hi:16; 414 uint32_t key_mem:2; 415 uint32_t reserved_5:14; 416 }; 417 }; 418 419 enum ccp_memtype { 420 CCP_MEMTYPE_SYSTEM = 0, 421 CCP_MEMTYPE_SB, 422 CCP_MEMTYPE_LOCAL, 423 }; 424 425 enum ccp_cmd_order { 426 CCP_CMD_CIPHER = 0, 427 CCP_CMD_AUTH, 428 CCP_CMD_CIPHER_HASH, 429 CCP_CMD_HASH_CIPHER, 430 CCP_CMD_COMBINED, 431 CCP_CMD_NOT_SUPPORTED, 432 }; 433