1 /* 2 * AMD Cryptographic Coprocessor (CCP) driver 3 * 4 * Copyright (C) 2013 Advanced Micro Devices, Inc. 5 * 6 * Author: Tom Lendacky <thomas.lendacky@amd.com> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13 #ifndef __CPP_H__ 14 #define __CPP_H__ 15 16 #include <linux/scatterlist.h> 17 #include <linux/workqueue.h> 18 #include <linux/list.h> 19 #include <crypto/aes.h> 20 #include <crypto/sha.h> 21 22 23 struct ccp_device; 24 struct ccp_cmd; 25 26 #if defined(CONFIG_CRYPTO_DEV_CCP_DD) || \ 27 defined(CONFIG_CRYPTO_DEV_CCP_DD_MODULE) 28 29 /** 30 * ccp_present - check if a CCP device is present 31 * 32 * Returns zero if a CCP device is present, -ENODEV otherwise. 33 */ 34 int ccp_present(void); 35 36 /** 37 * ccp_enqueue_cmd - queue an operation for processing by the CCP 38 * 39 * @cmd: ccp_cmd struct to be processed 40 * 41 * Refer to the ccp_cmd struct below for required fields. 42 * 43 * Queue a cmd to be processed by the CCP. If queueing the cmd 44 * would exceed the defined length of the cmd queue the cmd will 45 * only be queued if the CCP_CMD_MAY_BACKLOG flag is set and will 46 * result in a return code of -EBUSY. 47 * 48 * The callback routine specified in the ccp_cmd struct will be 49 * called to notify the caller of completion (if the cmd was not 50 * backlogged) or advancement out of the backlog. If the cmd has 51 * advanced out of the backlog the "err" value of the callback 52 * will be -EINPROGRESS. Any other "err" value during callback is 53 * the result of the operation. 54 * 55 * The cmd has been successfully queued if: 56 * the return code is -EINPROGRESS or 57 * the return code is -EBUSY and CCP_CMD_MAY_BACKLOG flag is set 58 */ 59 int ccp_enqueue_cmd(struct ccp_cmd *cmd); 60 61 #else /* CONFIG_CRYPTO_DEV_CCP_DD is not enabled */ 62 63 static inline int ccp_present(void) 64 { 65 return -ENODEV; 66 } 67 68 static inline int ccp_enqueue_cmd(struct ccp_cmd *cmd) 69 { 70 return -ENODEV; 71 } 72 73 #endif /* CONFIG_CRYPTO_DEV_CCP_DD */ 74 75 76 /***** AES engine *****/ 77 /** 78 * ccp_aes_type - AES key size 79 * 80 * @CCP_AES_TYPE_128: 128-bit key 81 * @CCP_AES_TYPE_192: 192-bit key 82 * @CCP_AES_TYPE_256: 256-bit key 83 */ 84 enum ccp_aes_type { 85 CCP_AES_TYPE_128 = 0, 86 CCP_AES_TYPE_192, 87 CCP_AES_TYPE_256, 88 CCP_AES_TYPE__LAST, 89 }; 90 91 /** 92 * ccp_aes_mode - AES operation mode 93 * 94 * @CCP_AES_MODE_ECB: ECB mode 95 * @CCP_AES_MODE_CBC: CBC mode 96 * @CCP_AES_MODE_OFB: OFB mode 97 * @CCP_AES_MODE_CFB: CFB mode 98 * @CCP_AES_MODE_CTR: CTR mode 99 * @CCP_AES_MODE_CMAC: CMAC mode 100 */ 101 enum ccp_aes_mode { 102 CCP_AES_MODE_ECB = 0, 103 CCP_AES_MODE_CBC, 104 CCP_AES_MODE_OFB, 105 CCP_AES_MODE_CFB, 106 CCP_AES_MODE_CTR, 107 CCP_AES_MODE_CMAC, 108 CCP_AES_MODE__LAST, 109 }; 110 111 /** 112 * ccp_aes_mode - AES operation mode 113 * 114 * @CCP_AES_ACTION_DECRYPT: AES decrypt operation 115 * @CCP_AES_ACTION_ENCRYPT: AES encrypt operation 116 */ 117 enum ccp_aes_action { 118 CCP_AES_ACTION_DECRYPT = 0, 119 CCP_AES_ACTION_ENCRYPT, 120 CCP_AES_ACTION__LAST, 121 }; 122 123 /** 124 * struct ccp_aes_engine - CCP AES operation 125 * @type: AES operation key size 126 * @mode: AES operation mode 127 * @action: AES operation (decrypt/encrypt) 128 * @key: key to be used for this AES operation 129 * @key_len: length in bytes of key 130 * @iv: IV to be used for this AES operation 131 * @iv_len: length in bytes of iv 132 * @src: data to be used for this operation 133 * @dst: data produced by this operation 134 * @src_len: length in bytes of data used for this operation 135 * @cmac_final: indicates final operation when running in CMAC mode 136 * @cmac_key: K1/K2 key used in final CMAC operation 137 * @cmac_key_len: length in bytes of cmac_key 138 * 139 * Variables required to be set when calling ccp_enqueue_cmd(): 140 * - type, mode, action, key, key_len, src, dst, src_len 141 * - iv, iv_len for any mode other than ECB 142 * - cmac_final for CMAC mode 143 * - cmac_key, cmac_key_len for CMAC mode if cmac_final is non-zero 144 * 145 * The iv variable is used as both input and output. On completion of the 146 * AES operation the new IV overwrites the old IV. 147 */ 148 struct ccp_aes_engine { 149 enum ccp_aes_type type; 150 enum ccp_aes_mode mode; 151 enum ccp_aes_action action; 152 153 struct scatterlist *key; 154 u32 key_len; /* In bytes */ 155 156 struct scatterlist *iv; 157 u32 iv_len; /* In bytes */ 158 159 struct scatterlist *src, *dst; 160 u64 src_len; /* In bytes */ 161 162 u32 cmac_final; /* Indicates final cmac cmd */ 163 struct scatterlist *cmac_key; /* K1/K2 cmac key required for 164 * final cmac cmd */ 165 u32 cmac_key_len; /* In bytes */ 166 }; 167 168 /***** XTS-AES engine *****/ 169 /** 170 * ccp_xts_aes_unit_size - XTS unit size 171 * 172 * @CCP_XTS_AES_UNIT_SIZE_16: Unit size of 16 bytes 173 * @CCP_XTS_AES_UNIT_SIZE_512: Unit size of 512 bytes 174 * @CCP_XTS_AES_UNIT_SIZE_1024: Unit size of 1024 bytes 175 * @CCP_XTS_AES_UNIT_SIZE_2048: Unit size of 2048 bytes 176 * @CCP_XTS_AES_UNIT_SIZE_4096: Unit size of 4096 bytes 177 */ 178 enum ccp_xts_aes_unit_size { 179 CCP_XTS_AES_UNIT_SIZE_16 = 0, 180 CCP_XTS_AES_UNIT_SIZE_512, 181 CCP_XTS_AES_UNIT_SIZE_1024, 182 CCP_XTS_AES_UNIT_SIZE_2048, 183 CCP_XTS_AES_UNIT_SIZE_4096, 184 CCP_XTS_AES_UNIT_SIZE__LAST, 185 }; 186 187 /** 188 * struct ccp_xts_aes_engine - CCP XTS AES operation 189 * @action: AES operation (decrypt/encrypt) 190 * @unit_size: unit size of the XTS operation 191 * @key: key to be used for this XTS AES operation 192 * @key_len: length in bytes of key 193 * @iv: IV to be used for this XTS AES operation 194 * @iv_len: length in bytes of iv 195 * @src: data to be used for this operation 196 * @dst: data produced by this operation 197 * @src_len: length in bytes of data used for this operation 198 * @final: indicates final XTS operation 199 * 200 * Variables required to be set when calling ccp_enqueue_cmd(): 201 * - action, unit_size, key, key_len, iv, iv_len, src, dst, src_len, final 202 * 203 * The iv variable is used as both input and output. On completion of the 204 * AES operation the new IV overwrites the old IV. 205 */ 206 struct ccp_xts_aes_engine { 207 enum ccp_aes_action action; 208 enum ccp_xts_aes_unit_size unit_size; 209 210 struct scatterlist *key; 211 u32 key_len; /* In bytes */ 212 213 struct scatterlist *iv; 214 u32 iv_len; /* In bytes */ 215 216 struct scatterlist *src, *dst; 217 u64 src_len; /* In bytes */ 218 219 u32 final; 220 }; 221 222 /***** SHA engine *****/ 223 #define CCP_SHA_BLOCKSIZE SHA256_BLOCK_SIZE 224 #define CCP_SHA_CTXSIZE SHA256_DIGEST_SIZE 225 226 /** 227 * ccp_sha_type - type of SHA operation 228 * 229 * @CCP_SHA_TYPE_1: SHA-1 operation 230 * @CCP_SHA_TYPE_224: SHA-224 operation 231 * @CCP_SHA_TYPE_256: SHA-256 operation 232 */ 233 enum ccp_sha_type { 234 CCP_SHA_TYPE_1 = 1, 235 CCP_SHA_TYPE_224, 236 CCP_SHA_TYPE_256, 237 CCP_SHA_TYPE__LAST, 238 }; 239 240 /** 241 * struct ccp_sha_engine - CCP SHA operation 242 * @type: Type of SHA operation 243 * @ctx: current hash value 244 * @ctx_len: length in bytes of hash value 245 * @src: data to be used for this operation 246 * @src_len: length in bytes of data used for this operation 247 * @opad: data to be used for final HMAC operation 248 * @opad_len: length in bytes of data used for final HMAC operation 249 * @first: indicates first SHA operation 250 * @final: indicates final SHA operation 251 * @msg_bits: total length of the message in bits used in final SHA operation 252 * 253 * Variables required to be set when calling ccp_enqueue_cmd(): 254 * - type, ctx, ctx_len, src, src_len, final 255 * - msg_bits if final is non-zero 256 * 257 * The ctx variable is used as both input and output. On completion of the 258 * SHA operation the new hash value overwrites the old hash value. 259 */ 260 struct ccp_sha_engine { 261 enum ccp_sha_type type; 262 263 struct scatterlist *ctx; 264 u32 ctx_len; /* In bytes */ 265 266 struct scatterlist *src; 267 u64 src_len; /* In bytes */ 268 269 struct scatterlist *opad; 270 u32 opad_len; /* In bytes */ 271 272 u32 first; /* Indicates first sha cmd */ 273 u32 final; /* Indicates final sha cmd */ 274 u64 msg_bits; /* Message length in bits required for 275 * final sha cmd */ 276 }; 277 278 /***** RSA engine *****/ 279 /** 280 * struct ccp_rsa_engine - CCP RSA operation 281 * @key_size: length in bits of RSA key 282 * @exp: RSA exponent 283 * @exp_len: length in bytes of exponent 284 * @mod: RSA modulus 285 * @mod_len: length in bytes of modulus 286 * @src: data to be used for this operation 287 * @dst: data produced by this operation 288 * @src_len: length in bytes of data used for this operation 289 * 290 * Variables required to be set when calling ccp_enqueue_cmd(): 291 * - key_size, exp, exp_len, mod, mod_len, src, dst, src_len 292 */ 293 struct ccp_rsa_engine { 294 u32 key_size; /* In bits */ 295 296 struct scatterlist *exp; 297 u32 exp_len; /* In bytes */ 298 299 struct scatterlist *mod; 300 u32 mod_len; /* In bytes */ 301 302 struct scatterlist *src, *dst; 303 u32 src_len; /* In bytes */ 304 }; 305 306 /***** Passthru engine *****/ 307 /** 308 * ccp_passthru_bitwise - type of bitwise passthru operation 309 * 310 * @CCP_PASSTHRU_BITWISE_NOOP: no bitwise operation performed 311 * @CCP_PASSTHRU_BITWISE_AND: perform bitwise AND of src with mask 312 * @CCP_PASSTHRU_BITWISE_OR: perform bitwise OR of src with mask 313 * @CCP_PASSTHRU_BITWISE_XOR: perform bitwise XOR of src with mask 314 * @CCP_PASSTHRU_BITWISE_MASK: overwrite with mask 315 */ 316 enum ccp_passthru_bitwise { 317 CCP_PASSTHRU_BITWISE_NOOP = 0, 318 CCP_PASSTHRU_BITWISE_AND, 319 CCP_PASSTHRU_BITWISE_OR, 320 CCP_PASSTHRU_BITWISE_XOR, 321 CCP_PASSTHRU_BITWISE_MASK, 322 CCP_PASSTHRU_BITWISE__LAST, 323 }; 324 325 /** 326 * ccp_passthru_byteswap - type of byteswap passthru operation 327 * 328 * @CCP_PASSTHRU_BYTESWAP_NOOP: no byte swapping performed 329 * @CCP_PASSTHRU_BYTESWAP_32BIT: swap bytes within 32-bit words 330 * @CCP_PASSTHRU_BYTESWAP_256BIT: swap bytes within 256-bit words 331 */ 332 enum ccp_passthru_byteswap { 333 CCP_PASSTHRU_BYTESWAP_NOOP = 0, 334 CCP_PASSTHRU_BYTESWAP_32BIT, 335 CCP_PASSTHRU_BYTESWAP_256BIT, 336 CCP_PASSTHRU_BYTESWAP__LAST, 337 }; 338 339 /** 340 * struct ccp_passthru_engine - CCP pass-through operation 341 * @bit_mod: bitwise operation to perform 342 * @byte_swap: byteswap operation to perform 343 * @mask: mask to be applied to data 344 * @mask_len: length in bytes of mask 345 * @src: data to be used for this operation 346 * @dst: data produced by this operation 347 * @src_len: length in bytes of data used for this operation 348 * @final: indicate final pass-through operation 349 * 350 * Variables required to be set when calling ccp_enqueue_cmd(): 351 * - bit_mod, byte_swap, src, dst, src_len 352 * - mask, mask_len if bit_mod is not CCP_PASSTHRU_BITWISE_NOOP 353 */ 354 struct ccp_passthru_engine { 355 enum ccp_passthru_bitwise bit_mod; 356 enum ccp_passthru_byteswap byte_swap; 357 358 struct scatterlist *mask; 359 u32 mask_len; /* In bytes */ 360 361 struct scatterlist *src, *dst; 362 u64 src_len; /* In bytes */ 363 364 u32 final; 365 }; 366 367 /***** ECC engine *****/ 368 #define CCP_ECC_MODULUS_BYTES 48 /* 384-bits */ 369 #define CCP_ECC_MAX_OPERANDS 6 370 #define CCP_ECC_MAX_OUTPUTS 3 371 372 /** 373 * ccp_ecc_function - type of ECC function 374 * 375 * @CCP_ECC_FUNCTION_MMUL_384BIT: 384-bit modular multiplication 376 * @CCP_ECC_FUNCTION_MADD_384BIT: 384-bit modular addition 377 * @CCP_ECC_FUNCTION_MINV_384BIT: 384-bit multiplicative inverse 378 * @CCP_ECC_FUNCTION_PADD_384BIT: 384-bit point addition 379 * @CCP_ECC_FUNCTION_PMUL_384BIT: 384-bit point multiplication 380 * @CCP_ECC_FUNCTION_PDBL_384BIT: 384-bit point doubling 381 */ 382 enum ccp_ecc_function { 383 CCP_ECC_FUNCTION_MMUL_384BIT = 0, 384 CCP_ECC_FUNCTION_MADD_384BIT, 385 CCP_ECC_FUNCTION_MINV_384BIT, 386 CCP_ECC_FUNCTION_PADD_384BIT, 387 CCP_ECC_FUNCTION_PMUL_384BIT, 388 CCP_ECC_FUNCTION_PDBL_384BIT, 389 }; 390 391 /** 392 * struct ccp_ecc_modular_math - CCP ECC modular math parameters 393 * @operand_1: first operand for the modular math operation 394 * @operand_1_len: length of the first operand 395 * @operand_2: second operand for the modular math operation 396 * (not used for CCP_ECC_FUNCTION_MINV_384BIT) 397 * @operand_2_len: length of the second operand 398 * (not used for CCP_ECC_FUNCTION_MINV_384BIT) 399 * @result: result of the modular math operation 400 * @result_len: length of the supplied result buffer 401 */ 402 struct ccp_ecc_modular_math { 403 struct scatterlist *operand_1; 404 unsigned int operand_1_len; /* In bytes */ 405 406 struct scatterlist *operand_2; 407 unsigned int operand_2_len; /* In bytes */ 408 409 struct scatterlist *result; 410 unsigned int result_len; /* In bytes */ 411 }; 412 413 /** 414 * struct ccp_ecc_point - CCP ECC point definition 415 * @x: the x coordinate of the ECC point 416 * @x_len: the length of the x coordinate 417 * @y: the y coordinate of the ECC point 418 * @y_len: the length of the y coordinate 419 */ 420 struct ccp_ecc_point { 421 struct scatterlist *x; 422 unsigned int x_len; /* In bytes */ 423 424 struct scatterlist *y; 425 unsigned int y_len; /* In bytes */ 426 }; 427 428 /** 429 * struct ccp_ecc_point_math - CCP ECC point math parameters 430 * @point_1: the first point of the ECC point math operation 431 * @point_2: the second point of the ECC point math operation 432 * (only used for CCP_ECC_FUNCTION_PADD_384BIT) 433 * @domain_a: the a parameter of the ECC curve 434 * @domain_a_len: the length of the a parameter 435 * @scalar: the scalar parameter for the point match operation 436 * (only used for CCP_ECC_FUNCTION_PMUL_384BIT) 437 * @scalar_len: the length of the scalar parameter 438 * (only used for CCP_ECC_FUNCTION_PMUL_384BIT) 439 * @result: the point resulting from the point math operation 440 */ 441 struct ccp_ecc_point_math { 442 struct ccp_ecc_point point_1; 443 struct ccp_ecc_point point_2; 444 445 struct scatterlist *domain_a; 446 unsigned int domain_a_len; /* In bytes */ 447 448 struct scatterlist *scalar; 449 unsigned int scalar_len; /* In bytes */ 450 451 struct ccp_ecc_point result; 452 }; 453 454 /** 455 * struct ccp_ecc_engine - CCP ECC operation 456 * @function: ECC function to perform 457 * @mod: ECC modulus 458 * @mod_len: length in bytes of modulus 459 * @mm: module math parameters 460 * @pm: point math parameters 461 * @ecc_result: result of the ECC operation 462 * 463 * Variables required to be set when calling ccp_enqueue_cmd(): 464 * - function, mod, mod_len 465 * - operand, operand_len, operand_count, output, output_len, output_count 466 * - ecc_result 467 */ 468 struct ccp_ecc_engine { 469 enum ccp_ecc_function function; 470 471 struct scatterlist *mod; 472 u32 mod_len; /* In bytes */ 473 474 union { 475 struct ccp_ecc_modular_math mm; 476 struct ccp_ecc_point_math pm; 477 } u; 478 479 u16 ecc_result; 480 }; 481 482 483 /** 484 * ccp_engine - CCP operation identifiers 485 * 486 * @CCP_ENGINE_AES: AES operation 487 * @CCP_ENGINE_XTS_AES: 128-bit XTS AES operation 488 * @CCP_ENGINE_RSVD1: unused 489 * @CCP_ENGINE_SHA: SHA operation 490 * @CCP_ENGINE_RSA: RSA operation 491 * @CCP_ENGINE_PASSTHRU: pass-through operation 492 * @CCP_ENGINE_ZLIB_DECOMPRESS: unused 493 * @CCP_ENGINE_ECC: ECC operation 494 */ 495 enum ccp_engine { 496 CCP_ENGINE_AES = 0, 497 CCP_ENGINE_XTS_AES_128, 498 CCP_ENGINE_RSVD1, 499 CCP_ENGINE_SHA, 500 CCP_ENGINE_RSA, 501 CCP_ENGINE_PASSTHRU, 502 CCP_ENGINE_ZLIB_DECOMPRESS, 503 CCP_ENGINE_ECC, 504 CCP_ENGINE__LAST, 505 }; 506 507 /* Flag values for flags member of ccp_cmd */ 508 #define CCP_CMD_MAY_BACKLOG 0x00000001 509 510 /** 511 * struct ccp_cmd - CPP operation request 512 * @entry: list element (ccp driver use only) 513 * @work: work element used for callbacks (ccp driver use only) 514 * @ccp: CCP device to be run on (ccp driver use only) 515 * @ret: operation return code (ccp driver use only) 516 * @flags: cmd processing flags 517 * @engine: CCP operation to perform 518 * @engine_error: CCP engine return code 519 * @u: engine specific structures, refer to specific engine struct below 520 * @callback: operation completion callback function 521 * @data: parameter value to be supplied to the callback function 522 * 523 * Variables required to be set when calling ccp_enqueue_cmd(): 524 * - engine, callback 525 * - See the operation structures below for what is required for each 526 * operation. 527 */ 528 struct ccp_cmd { 529 /* The list_head, work_struct, ccp and ret variables are for use 530 * by the CCP driver only. 531 */ 532 struct list_head entry; 533 struct work_struct work; 534 struct ccp_device *ccp; 535 int ret; 536 537 u32 flags; 538 539 enum ccp_engine engine; 540 u32 engine_error; 541 542 union { 543 struct ccp_aes_engine aes; 544 struct ccp_xts_aes_engine xts; 545 struct ccp_sha_engine sha; 546 struct ccp_rsa_engine rsa; 547 struct ccp_passthru_engine passthru; 548 struct ccp_ecc_engine ecc; 549 } u; 550 551 /* Completion callback support */ 552 void (*callback)(void *data, int err); 553 void *data; 554 }; 555 556 #endif 557