root/drivers/crypto/bcm/spu2.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. spu2_ciph_type_name
  2. spu2_ciph_mode_name
  3. spu2_hash_type_name
  4. spu2_hash_mode_name
  5. spu2_cipher_mode_xlate
  6. spu2_cipher_xlate
  7. spu2_hash_mode_xlate
  8. spu2_hash_xlate
  9. spu2_dump_fmd_ctrl0
  10. spu2_dump_fmd_ctrl1
  11. spu2_dump_fmd_ctrl2
  12. spu2_dump_fmd_ctrl3
  13. spu2_dump_fmd
  14. spu2_dump_omd
  15. spu2_dump_msg_hdr
  16. spu2_fmd_init
  17. spu2_fmd_ctrl0_write
  18. spu2_fmd_ctrl1_write
  19. spu2_fmd_ctrl2_write
  20. spu2_fmd_ctrl3_write
  21. spu2_ctx_max_payload
  22. spu2_payload_length
  23. spu2_response_hdr_len
  24. spu2_hash_pad_len
  25. spu2_gcm_ccm_pad_len
  26. spu2_assoc_resp_len
  27. spu2_aead_ivlen
  28. spu2_hash_type
  29. spu2_digest_size
  30. spu2_create_request
  31. spu2_cipher_req_init
  32. spu2_cipher_req_finish
  33. spu2_request_pad
  34. spu2_xts_tweak_in_payload
  35. spu2_tx_status_len
  36. spu2_rx_status_len
  37. spu2_status_process
  38. spu2_ccm_update_iv
  39. spu2_wordalign_padlen

   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /*
   3  * Copyright 2016 Broadcom
   4  */
   5 
   6 /*
   7  * This file works with the SPU2 version of the SPU. SPU2 has different message
   8  * formats than the previous version of the SPU. All SPU message format
   9  * differences should be hidden in the spux.c,h files.
  10  */
  11 
  12 #include <linux/kernel.h>
  13 #include <linux/string.h>
  14 
  15 #include "util.h"
  16 #include "spu.h"
  17 #include "spu2.h"
  18 
  19 #define SPU2_TX_STATUS_LEN  0   /* SPU2 has no STATUS in input packet */
  20 
  21 /*
  22  * Controlled by pkt_stat_cnt field in CRYPTO_SS_SPU0_CORE_SPU2_CONTROL0
  23  * register. Defaults to 2.
  24  */
  25 #define SPU2_RX_STATUS_LEN  2
  26 
  27 enum spu2_proto_sel {
  28         SPU2_PROTO_RESV = 0,
  29         SPU2_MACSEC_SECTAG8_ECB = 1,
  30         SPU2_MACSEC_SECTAG8_SCB = 2,
  31         SPU2_MACSEC_SECTAG16 = 3,
  32         SPU2_MACSEC_SECTAG16_8_XPN = 4,
  33         SPU2_IPSEC = 5,
  34         SPU2_IPSEC_ESN = 6,
  35         SPU2_TLS_CIPHER = 7,
  36         SPU2_TLS_AEAD = 8,
  37         SPU2_DTLS_CIPHER = 9,
  38         SPU2_DTLS_AEAD = 10
  39 };
  40 
  41 static char *spu2_cipher_type_names[] = { "None", "AES128", "AES192", "AES256",
  42         "DES", "3DES"
  43 };
  44 
  45 static char *spu2_cipher_mode_names[] = { "ECB", "CBC", "CTR", "CFB", "OFB",
  46         "XTS", "CCM", "GCM"
  47 };
  48 
  49 static char *spu2_hash_type_names[] = { "None", "AES128", "AES192", "AES256",
  50         "Reserved", "Reserved", "MD5", "SHA1", "SHA224", "SHA256", "SHA384",
  51         "SHA512", "SHA512/224", "SHA512/256", "SHA3-224", "SHA3-256",
  52         "SHA3-384", "SHA3-512"
  53 };
  54 
  55 static char *spu2_hash_mode_names[] = { "CMAC", "CBC-MAC", "XCBC-MAC", "HMAC",
  56         "Rabin", "CCM", "GCM", "Reserved"
  57 };
  58 
  59 static char *spu2_ciph_type_name(enum spu2_cipher_type cipher_type)
  60 {
  61         if (cipher_type >= SPU2_CIPHER_TYPE_LAST)
  62                 return "Reserved";
  63         return spu2_cipher_type_names[cipher_type];
  64 }
  65 
  66 static char *spu2_ciph_mode_name(enum spu2_cipher_mode cipher_mode)
  67 {
  68         if (cipher_mode >= SPU2_CIPHER_MODE_LAST)
  69                 return "Reserved";
  70         return spu2_cipher_mode_names[cipher_mode];
  71 }
  72 
  73 static char *spu2_hash_type_name(enum spu2_hash_type hash_type)
  74 {
  75         if (hash_type >= SPU2_HASH_TYPE_LAST)
  76                 return "Reserved";
  77         return spu2_hash_type_names[hash_type];
  78 }
  79 
  80 static char *spu2_hash_mode_name(enum spu2_hash_mode hash_mode)
  81 {
  82         if (hash_mode >= SPU2_HASH_MODE_LAST)
  83                 return "Reserved";
  84         return spu2_hash_mode_names[hash_mode];
  85 }
  86 
  87 /*
  88  * Convert from a software cipher mode value to the corresponding value
  89  * for SPU2.
  90  */
  91 static int spu2_cipher_mode_xlate(enum spu_cipher_mode cipher_mode,
  92                                   enum spu2_cipher_mode *spu2_mode)
  93 {
  94         switch (cipher_mode) {
  95         case CIPHER_MODE_ECB:
  96                 *spu2_mode = SPU2_CIPHER_MODE_ECB;
  97                 break;
  98         case CIPHER_MODE_CBC:
  99                 *spu2_mode = SPU2_CIPHER_MODE_CBC;
 100                 break;
 101         case CIPHER_MODE_OFB:
 102                 *spu2_mode = SPU2_CIPHER_MODE_OFB;
 103                 break;
 104         case CIPHER_MODE_CFB:
 105                 *spu2_mode = SPU2_CIPHER_MODE_CFB;
 106                 break;
 107         case CIPHER_MODE_CTR:
 108                 *spu2_mode = SPU2_CIPHER_MODE_CTR;
 109                 break;
 110         case CIPHER_MODE_CCM:
 111                 *spu2_mode = SPU2_CIPHER_MODE_CCM;
 112                 break;
 113         case CIPHER_MODE_GCM:
 114                 *spu2_mode = SPU2_CIPHER_MODE_GCM;
 115                 break;
 116         case CIPHER_MODE_XTS:
 117                 *spu2_mode = SPU2_CIPHER_MODE_XTS;
 118                 break;
 119         default:
 120                 return -EINVAL;
 121         }
 122         return 0;
 123 }
 124 
 125 /**
 126  * spu2_cipher_xlate() - Convert a cipher {alg/mode/type} triple to a SPU2
 127  * cipher type and mode.
 128  * @cipher_alg:  [in]  cipher algorithm value from software enumeration
 129  * @cipher_mode: [in]  cipher mode value from software enumeration
 130  * @cipher_type: [in]  cipher type value from software enumeration
 131  * @spu2_type:   [out] cipher type value used by spu2 hardware
 132  * @spu2_mode:   [out] cipher mode value used by spu2 hardware
 133  *
 134  * Return:  0 if successful
 135  */
 136 static int spu2_cipher_xlate(enum spu_cipher_alg cipher_alg,
 137                              enum spu_cipher_mode cipher_mode,
 138                              enum spu_cipher_type cipher_type,
 139                              enum spu2_cipher_type *spu2_type,
 140                              enum spu2_cipher_mode *spu2_mode)
 141 {
 142         int err;
 143 
 144         err = spu2_cipher_mode_xlate(cipher_mode, spu2_mode);
 145         if (err) {
 146                 flow_log("Invalid cipher mode %d\n", cipher_mode);
 147                 return err;
 148         }
 149 
 150         switch (cipher_alg) {
 151         case CIPHER_ALG_NONE:
 152                 *spu2_type = SPU2_CIPHER_TYPE_NONE;
 153                 break;
 154         case CIPHER_ALG_RC4:
 155                 /* SPU2 does not support RC4 */
 156                 err = -EINVAL;
 157                 *spu2_type = SPU2_CIPHER_TYPE_NONE;
 158                 break;
 159         case CIPHER_ALG_DES:
 160                 *spu2_type = SPU2_CIPHER_TYPE_DES;
 161                 break;
 162         case CIPHER_ALG_3DES:
 163                 *spu2_type = SPU2_CIPHER_TYPE_3DES;
 164                 break;
 165         case CIPHER_ALG_AES:
 166                 switch (cipher_type) {
 167                 case CIPHER_TYPE_AES128:
 168                         *spu2_type = SPU2_CIPHER_TYPE_AES128;
 169                         break;
 170                 case CIPHER_TYPE_AES192:
 171                         *spu2_type = SPU2_CIPHER_TYPE_AES192;
 172                         break;
 173                 case CIPHER_TYPE_AES256:
 174                         *spu2_type = SPU2_CIPHER_TYPE_AES256;
 175                         break;
 176                 default:
 177                         err = -EINVAL;
 178                 }
 179                 break;
 180         case CIPHER_ALG_LAST:
 181         default:
 182                 err = -EINVAL;
 183                 break;
 184         }
 185 
 186         if (err)
 187                 flow_log("Invalid cipher alg %d or type %d\n",
 188                          cipher_alg, cipher_type);
 189         return err;
 190 }
 191 
 192 /*
 193  * Convert from a software hash mode value to the corresponding value
 194  * for SPU2. Note that HASH_MODE_NONE and HASH_MODE_XCBC have the same value.
 195  */
 196 static int spu2_hash_mode_xlate(enum hash_mode hash_mode,
 197                                 enum spu2_hash_mode *spu2_mode)
 198 {
 199         switch (hash_mode) {
 200         case HASH_MODE_XCBC:
 201                 *spu2_mode = SPU2_HASH_MODE_XCBC_MAC;
 202                 break;
 203         case HASH_MODE_CMAC:
 204                 *spu2_mode = SPU2_HASH_MODE_CMAC;
 205                 break;
 206         case HASH_MODE_HMAC:
 207                 *spu2_mode = SPU2_HASH_MODE_HMAC;
 208                 break;
 209         case HASH_MODE_CCM:
 210                 *spu2_mode = SPU2_HASH_MODE_CCM;
 211                 break;
 212         case HASH_MODE_GCM:
 213                 *spu2_mode = SPU2_HASH_MODE_GCM;
 214                 break;
 215         default:
 216                 return -EINVAL;
 217         }
 218         return 0;
 219 }
 220 
 221 /**
 222  * spu2_hash_xlate() - Convert a hash {alg/mode/type} triple to a SPU2 hash type
 223  * and mode.
 224  * @hash_alg:  [in] hash algorithm value from software enumeration
 225  * @hash_mode: [in] hash mode value from software enumeration
 226  * @hash_type: [in] hash type value from software enumeration
 227  * @ciph_type: [in] cipher type value from software enumeration
 228  * @spu2_type: [out] hash type value used by SPU2 hardware
 229  * @spu2_mode: [out] hash mode value used by SPU2 hardware
 230  *
 231  * Return:  0 if successful
 232  */
 233 static int
 234 spu2_hash_xlate(enum hash_alg hash_alg, enum hash_mode hash_mode,
 235                 enum hash_type hash_type, enum spu_cipher_type ciph_type,
 236                 enum spu2_hash_type *spu2_type, enum spu2_hash_mode *spu2_mode)
 237 {
 238         int err;
 239 
 240         err = spu2_hash_mode_xlate(hash_mode, spu2_mode);
 241         if (err) {
 242                 flow_log("Invalid hash mode %d\n", hash_mode);
 243                 return err;
 244         }
 245 
 246         switch (hash_alg) {
 247         case HASH_ALG_NONE:
 248                 *spu2_type = SPU2_HASH_TYPE_NONE;
 249                 break;
 250         case HASH_ALG_MD5:
 251                 *spu2_type = SPU2_HASH_TYPE_MD5;
 252                 break;
 253         case HASH_ALG_SHA1:
 254                 *spu2_type = SPU2_HASH_TYPE_SHA1;
 255                 break;
 256         case HASH_ALG_SHA224:
 257                 *spu2_type = SPU2_HASH_TYPE_SHA224;
 258                 break;
 259         case HASH_ALG_SHA256:
 260                 *spu2_type = SPU2_HASH_TYPE_SHA256;
 261                 break;
 262         case HASH_ALG_SHA384:
 263                 *spu2_type = SPU2_HASH_TYPE_SHA384;
 264                 break;
 265         case HASH_ALG_SHA512:
 266                 *spu2_type = SPU2_HASH_TYPE_SHA512;
 267                 break;
 268         case HASH_ALG_AES:
 269                 switch (ciph_type) {
 270                 case CIPHER_TYPE_AES128:
 271                         *spu2_type = SPU2_HASH_TYPE_AES128;
 272                         break;
 273                 case CIPHER_TYPE_AES192:
 274                         *spu2_type = SPU2_HASH_TYPE_AES192;
 275                         break;
 276                 case CIPHER_TYPE_AES256:
 277                         *spu2_type = SPU2_HASH_TYPE_AES256;
 278                         break;
 279                 default:
 280                         err = -EINVAL;
 281                 }
 282                 break;
 283         case HASH_ALG_SHA3_224:
 284                 *spu2_type = SPU2_HASH_TYPE_SHA3_224;
 285                 break;
 286         case HASH_ALG_SHA3_256:
 287                 *spu2_type = SPU2_HASH_TYPE_SHA3_256;
 288                 break;
 289         case HASH_ALG_SHA3_384:
 290                 *spu2_type = SPU2_HASH_TYPE_SHA3_384;
 291                 break;
 292         case HASH_ALG_SHA3_512:
 293                 *spu2_type = SPU2_HASH_TYPE_SHA3_512;
 294                 break;
 295         case HASH_ALG_LAST:
 296         default:
 297                 err = -EINVAL;
 298                 break;
 299         }
 300 
 301         if (err)
 302                 flow_log("Invalid hash alg %d or type %d\n",
 303                          hash_alg, hash_type);
 304         return err;
 305 }
 306 
 307 /* Dump FMD ctrl0. The ctrl0 input is in host byte order */
 308 static void spu2_dump_fmd_ctrl0(u64 ctrl0)
 309 {
 310         enum spu2_cipher_type ciph_type;
 311         enum spu2_cipher_mode ciph_mode;
 312         enum spu2_hash_type hash_type;
 313         enum spu2_hash_mode hash_mode;
 314         char *ciph_name;
 315         char *ciph_mode_name;
 316         char *hash_name;
 317         char *hash_mode_name;
 318         u8 cfb;
 319         u8 proto;
 320 
 321         packet_log(" FMD CTRL0 %#16llx\n", ctrl0);
 322         if (ctrl0 & SPU2_CIPH_ENCRYPT_EN)
 323                 packet_log("  encrypt\n");
 324         else
 325                 packet_log("  decrypt\n");
 326 
 327         ciph_type = (ctrl0 & SPU2_CIPH_TYPE) >> SPU2_CIPH_TYPE_SHIFT;
 328         ciph_name = spu2_ciph_type_name(ciph_type);
 329         packet_log("  Cipher type: %s\n", ciph_name);
 330 
 331         if (ciph_type != SPU2_CIPHER_TYPE_NONE) {
 332                 ciph_mode = (ctrl0 & SPU2_CIPH_MODE) >> SPU2_CIPH_MODE_SHIFT;
 333                 ciph_mode_name = spu2_ciph_mode_name(ciph_mode);
 334                 packet_log("  Cipher mode: %s\n", ciph_mode_name);
 335         }
 336 
 337         cfb = (ctrl0 & SPU2_CFB_MASK) >> SPU2_CFB_MASK_SHIFT;
 338         packet_log("  CFB %#x\n", cfb);
 339 
 340         proto = (ctrl0 & SPU2_PROTO_SEL) >> SPU2_PROTO_SEL_SHIFT;
 341         packet_log("  protocol %#x\n", proto);
 342 
 343         if (ctrl0 & SPU2_HASH_FIRST)
 344                 packet_log("  hash first\n");
 345         else
 346                 packet_log("  cipher first\n");
 347 
 348         if (ctrl0 & SPU2_CHK_TAG)
 349                 packet_log("  check tag\n");
 350 
 351         hash_type = (ctrl0 & SPU2_HASH_TYPE) >> SPU2_HASH_TYPE_SHIFT;
 352         hash_name = spu2_hash_type_name(hash_type);
 353         packet_log("  Hash type: %s\n", hash_name);
 354 
 355         if (hash_type != SPU2_HASH_TYPE_NONE) {
 356                 hash_mode = (ctrl0 & SPU2_HASH_MODE) >> SPU2_HASH_MODE_SHIFT;
 357                 hash_mode_name = spu2_hash_mode_name(hash_mode);
 358                 packet_log("  Hash mode: %s\n", hash_mode_name);
 359         }
 360 
 361         if (ctrl0 & SPU2_CIPH_PAD_EN) {
 362                 packet_log("  Cipher pad: %#2llx\n",
 363                            (ctrl0 & SPU2_CIPH_PAD) >> SPU2_CIPH_PAD_SHIFT);
 364         }
 365 }
 366 
 367 /* Dump FMD ctrl1. The ctrl1 input is in host byte order */
 368 static void spu2_dump_fmd_ctrl1(u64 ctrl1)
 369 {
 370         u8 hash_key_len;
 371         u8 ciph_key_len;
 372         u8 ret_iv_len;
 373         u8 iv_offset;
 374         u8 iv_len;
 375         u8 hash_tag_len;
 376         u8 ret_md;
 377 
 378         packet_log(" FMD CTRL1 %#16llx\n", ctrl1);
 379         if (ctrl1 & SPU2_TAG_LOC)
 380                 packet_log("  Tag after payload\n");
 381 
 382         packet_log("  Msg includes ");
 383         if (ctrl1 & SPU2_HAS_FR_DATA)
 384                 packet_log("FD ");
 385         if (ctrl1 & SPU2_HAS_AAD1)
 386                 packet_log("AAD1 ");
 387         if (ctrl1 & SPU2_HAS_NAAD)
 388                 packet_log("NAAD ");
 389         if (ctrl1 & SPU2_HAS_AAD2)
 390                 packet_log("AAD2 ");
 391         if (ctrl1 & SPU2_HAS_ESN)
 392                 packet_log("ESN ");
 393         packet_log("\n");
 394 
 395         hash_key_len = (ctrl1 & SPU2_HASH_KEY_LEN) >> SPU2_HASH_KEY_LEN_SHIFT;
 396         packet_log("  Hash key len %u\n", hash_key_len);
 397 
 398         ciph_key_len = (ctrl1 & SPU2_CIPH_KEY_LEN) >> SPU2_CIPH_KEY_LEN_SHIFT;
 399         packet_log("  Cipher key len %u\n", ciph_key_len);
 400 
 401         if (ctrl1 & SPU2_GENIV)
 402                 packet_log("  Generate IV\n");
 403 
 404         if (ctrl1 & SPU2_HASH_IV)
 405                 packet_log("  IV included in hash\n");
 406 
 407         if (ctrl1 & SPU2_RET_IV)
 408                 packet_log("  Return IV in output before payload\n");
 409 
 410         ret_iv_len = (ctrl1 & SPU2_RET_IV_LEN) >> SPU2_RET_IV_LEN_SHIFT;
 411         packet_log("  Length of returned IV %u bytes\n",
 412                    ret_iv_len ? ret_iv_len : 16);
 413 
 414         iv_offset = (ctrl1 & SPU2_IV_OFFSET) >> SPU2_IV_OFFSET_SHIFT;
 415         packet_log("  IV offset %u\n", iv_offset);
 416 
 417         iv_len = (ctrl1 & SPU2_IV_LEN) >> SPU2_IV_LEN_SHIFT;
 418         packet_log("  Input IV len %u bytes\n", iv_len);
 419 
 420         hash_tag_len = (ctrl1 & SPU2_HASH_TAG_LEN) >> SPU2_HASH_TAG_LEN_SHIFT;
 421         packet_log("  Hash tag length %u bytes\n", hash_tag_len);
 422 
 423         packet_log("  Return ");
 424         ret_md = (ctrl1 & SPU2_RETURN_MD) >> SPU2_RETURN_MD_SHIFT;
 425         if (ret_md)
 426                 packet_log("FMD ");
 427         if (ret_md == SPU2_RET_FMD_OMD)
 428                 packet_log("OMD ");
 429         else if (ret_md == SPU2_RET_FMD_OMD_IV)
 430                 packet_log("OMD IV ");
 431         if (ctrl1 & SPU2_RETURN_FD)
 432                 packet_log("FD ");
 433         if (ctrl1 & SPU2_RETURN_AAD1)
 434                 packet_log("AAD1 ");
 435         if (ctrl1 & SPU2_RETURN_NAAD)
 436                 packet_log("NAAD ");
 437         if (ctrl1 & SPU2_RETURN_AAD2)
 438                 packet_log("AAD2 ");
 439         if (ctrl1 & SPU2_RETURN_PAY)
 440                 packet_log("Payload");
 441         packet_log("\n");
 442 }
 443 
 444 /* Dump FMD ctrl2. The ctrl2 input is in host byte order */
 445 static void spu2_dump_fmd_ctrl2(u64 ctrl2)
 446 {
 447         packet_log(" FMD CTRL2 %#16llx\n", ctrl2);
 448 
 449         packet_log("  AAD1 offset %llu length %llu bytes\n",
 450                    ctrl2 & SPU2_AAD1_OFFSET,
 451                    (ctrl2 & SPU2_AAD1_LEN) >> SPU2_AAD1_LEN_SHIFT);
 452         packet_log("  AAD2 offset %llu\n",
 453                    (ctrl2 & SPU2_AAD2_OFFSET) >> SPU2_AAD2_OFFSET_SHIFT);
 454         packet_log("  Payload offset %llu\n",
 455                    (ctrl2 & SPU2_PL_OFFSET) >> SPU2_PL_OFFSET_SHIFT);
 456 }
 457 
 458 /* Dump FMD ctrl3. The ctrl3 input is in host byte order */
 459 static void spu2_dump_fmd_ctrl3(u64 ctrl3)
 460 {
 461         packet_log(" FMD CTRL3 %#16llx\n", ctrl3);
 462 
 463         packet_log("  Payload length %llu bytes\n", ctrl3 & SPU2_PL_LEN);
 464         packet_log("  TLS length %llu bytes\n",
 465                    (ctrl3 & SPU2_TLS_LEN) >> SPU2_TLS_LEN_SHIFT);
 466 }
 467 
 468 static void spu2_dump_fmd(struct SPU2_FMD *fmd)
 469 {
 470         spu2_dump_fmd_ctrl0(le64_to_cpu(fmd->ctrl0));
 471         spu2_dump_fmd_ctrl1(le64_to_cpu(fmd->ctrl1));
 472         spu2_dump_fmd_ctrl2(le64_to_cpu(fmd->ctrl2));
 473         spu2_dump_fmd_ctrl3(le64_to_cpu(fmd->ctrl3));
 474 }
 475 
 476 static void spu2_dump_omd(u8 *omd, u16 hash_key_len, u16 ciph_key_len,
 477                           u16 hash_iv_len, u16 ciph_iv_len)
 478 {
 479         u8 *ptr = omd;
 480 
 481         packet_log(" OMD:\n");
 482 
 483         if (hash_key_len) {
 484                 packet_log("  Hash Key Length %u bytes\n", hash_key_len);
 485                 packet_dump("  KEY: ", ptr, hash_key_len);
 486                 ptr += hash_key_len;
 487         }
 488 
 489         if (ciph_key_len) {
 490                 packet_log("  Cipher Key Length %u bytes\n", ciph_key_len);
 491                 packet_dump("  KEY: ", ptr, ciph_key_len);
 492                 ptr += ciph_key_len;
 493         }
 494 
 495         if (hash_iv_len) {
 496                 packet_log("  Hash IV Length %u bytes\n", hash_iv_len);
 497                 packet_dump("  hash IV: ", ptr, hash_iv_len);
 498                 ptr += ciph_key_len;
 499         }
 500 
 501         if (ciph_iv_len) {
 502                 packet_log("  Cipher IV Length %u bytes\n", ciph_iv_len);
 503                 packet_dump("  cipher IV: ", ptr, ciph_iv_len);
 504         }
 505 }
 506 
 507 /* Dump a SPU2 header for debug */
 508 void spu2_dump_msg_hdr(u8 *buf, unsigned int buf_len)
 509 {
 510         struct SPU2_FMD *fmd = (struct SPU2_FMD *)buf;
 511         u8 *omd;
 512         u64 ctrl1;
 513         u16 hash_key_len;
 514         u16 ciph_key_len;
 515         u16 hash_iv_len;
 516         u16 ciph_iv_len;
 517         u16 omd_len;
 518 
 519         packet_log("\n");
 520         packet_log("SPU2 message header %p len: %u\n", buf, buf_len);
 521 
 522         spu2_dump_fmd(fmd);
 523         omd = (u8 *)(fmd + 1);
 524 
 525         ctrl1 = le64_to_cpu(fmd->ctrl1);
 526         hash_key_len = (ctrl1 & SPU2_HASH_KEY_LEN) >> SPU2_HASH_KEY_LEN_SHIFT;
 527         ciph_key_len = (ctrl1 & SPU2_CIPH_KEY_LEN) >> SPU2_CIPH_KEY_LEN_SHIFT;
 528         hash_iv_len = 0;
 529         ciph_iv_len = (ctrl1 & SPU2_IV_LEN) >> SPU2_IV_LEN_SHIFT;
 530         spu2_dump_omd(omd, hash_key_len, ciph_key_len, hash_iv_len,
 531                       ciph_iv_len);
 532 
 533         /* Double check sanity */
 534         omd_len = hash_key_len + ciph_key_len + hash_iv_len + ciph_iv_len;
 535         if (FMD_SIZE + omd_len != buf_len) {
 536                 packet_log
 537                     (" Packet parsed incorrectly. buf_len %u, sum of MD %zu\n",
 538                      buf_len, FMD_SIZE + omd_len);
 539         }
 540         packet_log("\n");
 541 }
 542 
 543 /**
 544  * spu2_fmd_init() - At setkey time, initialize the fixed meta data for
 545  * subsequent ablkcipher requests for this context.
 546  * @spu2_cipher_type:  Cipher algorithm
 547  * @spu2_mode:         Cipher mode
 548  * @cipher_key_len:    Length of cipher key, in bytes
 549  * @cipher_iv_len:     Length of cipher initialization vector, in bytes
 550  *
 551  * Return:  0 (success)
 552  */
 553 static int spu2_fmd_init(struct SPU2_FMD *fmd,
 554                          enum spu2_cipher_type spu2_type,
 555                          enum spu2_cipher_mode spu2_mode,
 556                          u32 cipher_key_len, u32 cipher_iv_len)
 557 {
 558         u64 ctrl0;
 559         u64 ctrl1;
 560         u64 ctrl2;
 561         u64 ctrl3;
 562         u32 aad1_offset;
 563         u32 aad2_offset;
 564         u16 aad1_len = 0;
 565         u64 payload_offset;
 566 
 567         ctrl0 = (spu2_type << SPU2_CIPH_TYPE_SHIFT) |
 568             (spu2_mode << SPU2_CIPH_MODE_SHIFT);
 569 
 570         ctrl1 = (cipher_key_len << SPU2_CIPH_KEY_LEN_SHIFT) |
 571             ((u64)cipher_iv_len << SPU2_IV_LEN_SHIFT) |
 572             ((u64)SPU2_RET_FMD_ONLY << SPU2_RETURN_MD_SHIFT) | SPU2_RETURN_PAY;
 573 
 574         /*
 575          * AAD1 offset is from start of FD. FD length is always 0 for this
 576          * driver. So AAD1_offset is always 0.
 577          */
 578         aad1_offset = 0;
 579         aad2_offset = aad1_offset;
 580         payload_offset = 0;
 581         ctrl2 = aad1_offset |
 582             (aad1_len << SPU2_AAD1_LEN_SHIFT) |
 583             (aad2_offset << SPU2_AAD2_OFFSET_SHIFT) |
 584             (payload_offset << SPU2_PL_OFFSET_SHIFT);
 585 
 586         ctrl3 = 0;
 587 
 588         fmd->ctrl0 = cpu_to_le64(ctrl0);
 589         fmd->ctrl1 = cpu_to_le64(ctrl1);
 590         fmd->ctrl2 = cpu_to_le64(ctrl2);
 591         fmd->ctrl3 = cpu_to_le64(ctrl3);
 592 
 593         return 0;
 594 }
 595 
 596 /**
 597  * spu2_fmd_ctrl0_write() - Write ctrl0 field in fixed metadata (FMD) field of
 598  * SPU request packet.
 599  * @fmd:            Start of FMD field to be written
 600  * @is_inbound:     true if decrypting. false if encrypting.
 601  * @authFirst:      true if alg authenticates before encrypting
 602  * @protocol:       protocol selector
 603  * @cipher_type:    cipher algorithm
 604  * @cipher_mode:    cipher mode
 605  * @auth_type:      authentication type
 606  * @auth_mode:      authentication mode
 607  */
 608 static void spu2_fmd_ctrl0_write(struct SPU2_FMD *fmd,
 609                                  bool is_inbound, bool auth_first,
 610                                  enum spu2_proto_sel protocol,
 611                                  enum spu2_cipher_type cipher_type,
 612                                  enum spu2_cipher_mode cipher_mode,
 613                                  enum spu2_hash_type auth_type,
 614                                  enum spu2_hash_mode auth_mode)
 615 {
 616         u64 ctrl0 = 0;
 617 
 618         if ((cipher_type != SPU2_CIPHER_TYPE_NONE) && !is_inbound)
 619                 ctrl0 |= SPU2_CIPH_ENCRYPT_EN;
 620 
 621         ctrl0 |= ((u64)cipher_type << SPU2_CIPH_TYPE_SHIFT) |
 622             ((u64)cipher_mode << SPU2_CIPH_MODE_SHIFT);
 623 
 624         if (protocol)
 625                 ctrl0 |= (u64)protocol << SPU2_PROTO_SEL_SHIFT;
 626 
 627         if (auth_first)
 628                 ctrl0 |= SPU2_HASH_FIRST;
 629 
 630         if (is_inbound && (auth_type != SPU2_HASH_TYPE_NONE))
 631                 ctrl0 |= SPU2_CHK_TAG;
 632 
 633         ctrl0 |= (((u64)auth_type << SPU2_HASH_TYPE_SHIFT) |
 634                   ((u64)auth_mode << SPU2_HASH_MODE_SHIFT));
 635 
 636         fmd->ctrl0 = cpu_to_le64(ctrl0);
 637 }
 638 
 639 /**
 640  * spu2_fmd_ctrl1_write() - Write ctrl1 field in fixed metadata (FMD) field of
 641  * SPU request packet.
 642  * @fmd:            Start of FMD field to be written
 643  * @assoc_size:     Length of additional associated data, in bytes
 644  * @auth_key_len:   Length of authentication key, in bytes
 645  * @cipher_key_len: Length of cipher key, in bytes
 646  * @gen_iv:         If true, hw generates IV and returns in response
 647  * @hash_iv:        IV participates in hash. Used for IPSEC and TLS.
 648  * @return_iv:      Return IV in output packet before payload
 649  * @ret_iv_len:     Length of IV returned from SPU, in bytes
 650  * @ret_iv_offset:  Offset into full IV of start of returned IV
 651  * @cipher_iv_len:  Length of input cipher IV, in bytes
 652  * @digest_size:    Length of digest (aka, hash tag or ICV), in bytes
 653  * @return_payload: Return payload in SPU response
 654  * @return_md : return metadata in SPU response
 655  *
 656  * Packet can have AAD2 w/o AAD1. For algorithms currently supported,
 657  * associated data goes in AAD2.
 658  */
 659 static void spu2_fmd_ctrl1_write(struct SPU2_FMD *fmd, bool is_inbound,
 660                                  u64 assoc_size,
 661                                  u64 auth_key_len, u64 cipher_key_len,
 662                                  bool gen_iv, bool hash_iv, bool return_iv,
 663                                  u64 ret_iv_len, u64 ret_iv_offset,
 664                                  u64 cipher_iv_len, u64 digest_size,
 665                                  bool return_payload, bool return_md)
 666 {
 667         u64 ctrl1 = 0;
 668 
 669         if (is_inbound && digest_size)
 670                 ctrl1 |= SPU2_TAG_LOC;
 671 
 672         if (assoc_size) {
 673                 ctrl1 |= SPU2_HAS_AAD2;
 674                 ctrl1 |= SPU2_RETURN_AAD2;  /* need aad2 for gcm aes esp */
 675         }
 676 
 677         if (auth_key_len)
 678                 ctrl1 |= ((auth_key_len << SPU2_HASH_KEY_LEN_SHIFT) &
 679                           SPU2_HASH_KEY_LEN);
 680 
 681         if (cipher_key_len)
 682                 ctrl1 |= ((cipher_key_len << SPU2_CIPH_KEY_LEN_SHIFT) &
 683                           SPU2_CIPH_KEY_LEN);
 684 
 685         if (gen_iv)
 686                 ctrl1 |= SPU2_GENIV;
 687 
 688         if (hash_iv)
 689                 ctrl1 |= SPU2_HASH_IV;
 690 
 691         if (return_iv) {
 692                 ctrl1 |= SPU2_RET_IV;
 693                 ctrl1 |= ret_iv_len << SPU2_RET_IV_LEN_SHIFT;
 694                 ctrl1 |= ret_iv_offset << SPU2_IV_OFFSET_SHIFT;
 695         }
 696 
 697         ctrl1 |= ((cipher_iv_len << SPU2_IV_LEN_SHIFT) & SPU2_IV_LEN);
 698 
 699         if (digest_size)
 700                 ctrl1 |= ((digest_size << SPU2_HASH_TAG_LEN_SHIFT) &
 701                           SPU2_HASH_TAG_LEN);
 702 
 703         /* Let's ask for the output pkt to include FMD, but don't need to
 704          * get keys and IVs back in OMD.
 705          */
 706         if (return_md)
 707                 ctrl1 |= ((u64)SPU2_RET_FMD_ONLY << SPU2_RETURN_MD_SHIFT);
 708         else
 709                 ctrl1 |= ((u64)SPU2_RET_NO_MD << SPU2_RETURN_MD_SHIFT);
 710 
 711         /* Crypto API does not get assoc data back. So no need for AAD2. */
 712 
 713         if (return_payload)
 714                 ctrl1 |= SPU2_RETURN_PAY;
 715 
 716         fmd->ctrl1 = cpu_to_le64(ctrl1);
 717 }
 718 
 719 /**
 720  * spu2_fmd_ctrl2_write() - Set the ctrl2 field in the fixed metadata field of
 721  * SPU2 header.
 722  * @fmd:            Start of FMD field to be written
 723  * @cipher_offset:  Number of bytes from Start of Packet (end of FD field) where
 724  *                  data to be encrypted or decrypted begins
 725  * @auth_key_len:   Length of authentication key, in bytes
 726  * @auth_iv_len:    Length of authentication initialization vector, in bytes
 727  * @cipher_key_len: Length of cipher key, in bytes
 728  * @cipher_iv_len:  Length of cipher IV, in bytes
 729  */
 730 static void spu2_fmd_ctrl2_write(struct SPU2_FMD *fmd, u64 cipher_offset,
 731                                  u64 auth_key_len, u64 auth_iv_len,
 732                                  u64 cipher_key_len, u64 cipher_iv_len)
 733 {
 734         u64 ctrl2;
 735         u64 aad1_offset;
 736         u64 aad2_offset;
 737         u16 aad1_len = 0;
 738         u64 payload_offset;
 739 
 740         /* AAD1 offset is from start of FD. FD length always 0. */
 741         aad1_offset = 0;
 742 
 743         aad2_offset = aad1_offset;
 744         payload_offset = cipher_offset;
 745         ctrl2 = aad1_offset |
 746             (aad1_len << SPU2_AAD1_LEN_SHIFT) |
 747             (aad2_offset << SPU2_AAD2_OFFSET_SHIFT) |
 748             (payload_offset << SPU2_PL_OFFSET_SHIFT);
 749 
 750         fmd->ctrl2 = cpu_to_le64(ctrl2);
 751 }
 752 
 753 /**
 754  * spu2_fmd_ctrl3_write() - Set the ctrl3 field in FMD
 755  * @fmd:          Fixed meta data. First field in SPU2 msg header.
 756  * @payload_len:  Length of payload, in bytes
 757  */
 758 static void spu2_fmd_ctrl3_write(struct SPU2_FMD *fmd, u64 payload_len)
 759 {
 760         u64 ctrl3;
 761 
 762         ctrl3 = payload_len & SPU2_PL_LEN;
 763 
 764         fmd->ctrl3 = cpu_to_le64(ctrl3);
 765 }
 766 
 767 /**
 768  * spu2_ctx_max_payload() - Determine the maximum length of the payload for a
 769  * SPU message for a given cipher and hash alg context.
 770  * @cipher_alg:         The cipher algorithm
 771  * @cipher_mode:        The cipher mode
 772  * @blocksize:          The size of a block of data for this algo
 773  *
 774  * For SPU2, the hardware generally ignores the PayloadLen field in ctrl3 of
 775  * FMD and just keeps computing until it receives a DMA descriptor with the EOF
 776  * flag set. So we consider the max payload to be infinite. AES CCM is an
 777  * exception.
 778  *
 779  * Return: Max payload length in bytes
 780  */
 781 u32 spu2_ctx_max_payload(enum spu_cipher_alg cipher_alg,
 782                          enum spu_cipher_mode cipher_mode,
 783                          unsigned int blocksize)
 784 {
 785         if ((cipher_alg == CIPHER_ALG_AES) &&
 786             (cipher_mode == CIPHER_MODE_CCM)) {
 787                 u32 excess = SPU2_MAX_PAYLOAD % blocksize;
 788 
 789                 return SPU2_MAX_PAYLOAD - excess;
 790         } else {
 791                 return SPU_MAX_PAYLOAD_INF;
 792         }
 793 }
 794 
 795 /**
 796  * spu_payload_length() -  Given a SPU2 message header, extract the payload
 797  * length.
 798  * @spu_hdr:  Start of SPU message header (FMD)
 799  *
 800  * Return: payload length, in bytes
 801  */
 802 u32 spu2_payload_length(u8 *spu_hdr)
 803 {
 804         struct SPU2_FMD *fmd = (struct SPU2_FMD *)spu_hdr;
 805         u32 pl_len;
 806         u64 ctrl3;
 807 
 808         ctrl3 = le64_to_cpu(fmd->ctrl3);
 809         pl_len = ctrl3 & SPU2_PL_LEN;
 810 
 811         return pl_len;
 812 }
 813 
 814 /**
 815  * spu_response_hdr_len() - Determine the expected length of a SPU response
 816  * header.
 817  * @auth_key_len:  Length of authentication key, in bytes
 818  * @enc_key_len:   Length of encryption key, in bytes
 819  *
 820  * For SPU2, includes just FMD. OMD is never requested.
 821  *
 822  * Return: Length of FMD, in bytes
 823  */
 824 u16 spu2_response_hdr_len(u16 auth_key_len, u16 enc_key_len, bool is_hash)
 825 {
 826         return FMD_SIZE;
 827 }
 828 
 829 /**
 830  * spu_hash_pad_len() - Calculate the length of hash padding required to extend
 831  * data to a full block size.
 832  * @hash_alg:        hash algorithm
 833  * @hash_mode:       hash mode
 834  * @chunksize:       length of data, in bytes
 835  * @hash_block_size: size of a hash block, in bytes
 836  *
 837  * SPU2 hardware does all hash padding
 838  *
 839  * Return:  length of hash pad in bytes
 840  */
 841 u16 spu2_hash_pad_len(enum hash_alg hash_alg, enum hash_mode hash_mode,
 842                       u32 chunksize, u16 hash_block_size)
 843 {
 844         return 0;
 845 }
 846 
 847 /**
 848  * spu2_gcm_ccm_padlen() -  Determine the length of GCM/CCM padding for either
 849  * the AAD field or the data.
 850  *
 851  * Return:  0. Unlike SPU-M, SPU2 hardware does any GCM/CCM padding required.
 852  */
 853 u32 spu2_gcm_ccm_pad_len(enum spu_cipher_mode cipher_mode,
 854                          unsigned int data_size)
 855 {
 856         return 0;
 857 }
 858 
 859 /**
 860  * spu_assoc_resp_len() - Determine the size of the AAD2 buffer needed to catch
 861  * associated data in a SPU2 output packet.
 862  * @cipher_mode:   cipher mode
 863  * @assoc_len:     length of additional associated data, in bytes
 864  * @iv_len:        length of initialization vector, in bytes
 865  * @is_encrypt:    true if encrypting. false if decrypt.
 866  *
 867  * Return: Length of buffer to catch associated data in response
 868  */
 869 u32 spu2_assoc_resp_len(enum spu_cipher_mode cipher_mode,
 870                         unsigned int assoc_len, unsigned int iv_len,
 871                         bool is_encrypt)
 872 {
 873         u32 resp_len = assoc_len;
 874 
 875         if (is_encrypt)
 876                 /* gcm aes esp has to write 8-byte IV in response */
 877                 resp_len += iv_len;
 878         return resp_len;
 879 }
 880 
 881 /*
 882  * spu_aead_ivlen() - Calculate the length of the AEAD IV to be included
 883  * in a SPU request after the AAD and before the payload.
 884  * @cipher_mode:  cipher mode
 885  * @iv_ctr_len:   initialization vector length in bytes
 886  *
 887  * For SPU2, AEAD IV is included in OMD and does not need to be repeated
 888  * prior to the payload.
 889  *
 890  * Return: Length of AEAD IV in bytes
 891  */
 892 u8 spu2_aead_ivlen(enum spu_cipher_mode cipher_mode, u16 iv_len)
 893 {
 894         return 0;
 895 }
 896 
 897 /**
 898  * spu2_hash_type() - Determine the type of hash operation.
 899  * @src_sent:  The number of bytes in the current request that have already
 900  *             been sent to the SPU to be hashed.
 901  *
 902  * SPU2 always does a FULL hash operation
 903  */
 904 enum hash_type spu2_hash_type(u32 src_sent)
 905 {
 906         return HASH_TYPE_FULL;
 907 }
 908 
 909 /**
 910  * spu2_digest_size() - Determine the size of a hash digest to expect the SPU to
 911  * return.
 912  * alg_digest_size: Number of bytes in the final digest for the given algo
 913  * alg:             The hash algorithm
 914  * htype:           Type of hash operation (init, update, full, etc)
 915  *
 916  */
 917 u32 spu2_digest_size(u32 alg_digest_size, enum hash_alg alg,
 918                      enum hash_type htype)
 919 {
 920         return alg_digest_size;
 921 }
 922 
 923 /**
 924  * spu_create_request() - Build a SPU2 request message header, includint FMD and
 925  * OMD.
 926  * @spu_hdr: Start of buffer where SPU request header is to be written
 927  * @req_opts: SPU request message options
 928  * @cipher_parms: Parameters related to cipher algorithm
 929  * @hash_parms:   Parameters related to hash algorithm
 930  * @aead_parms:   Parameters related to AEAD operation
 931  * @data_size:    Length of data to be encrypted or authenticated. If AEAD, does
 932  *                not include length of AAD.
 933  *
 934  * Construct the message starting at spu_hdr. Caller should allocate this buffer
 935  * in DMA-able memory at least SPU_HEADER_ALLOC_LEN bytes long.
 936  *
 937  * Return: the length of the SPU header in bytes. 0 if an error occurs.
 938  */
 939 u32 spu2_create_request(u8 *spu_hdr,
 940                         struct spu_request_opts *req_opts,
 941                         struct spu_cipher_parms *cipher_parms,
 942                         struct spu_hash_parms *hash_parms,
 943                         struct spu_aead_parms *aead_parms,
 944                         unsigned int data_size)
 945 {
 946         struct SPU2_FMD *fmd;
 947         u8 *ptr;
 948         unsigned int buf_len;
 949         int err;
 950         enum spu2_cipher_type spu2_ciph_type = SPU2_CIPHER_TYPE_NONE;
 951         enum spu2_cipher_mode spu2_ciph_mode;
 952         enum spu2_hash_type spu2_auth_type = SPU2_HASH_TYPE_NONE;
 953         enum spu2_hash_mode spu2_auth_mode;
 954         bool return_md = true;
 955         enum spu2_proto_sel proto = SPU2_PROTO_RESV;
 956 
 957         /* size of the payload */
 958         unsigned int payload_len =
 959             hash_parms->prebuf_len + data_size + hash_parms->pad_len -
 960             ((req_opts->is_aead && req_opts->is_inbound) ?
 961              hash_parms->digestsize : 0);
 962 
 963         /* offset of prebuf or data from start of AAD2 */
 964         unsigned int cipher_offset = aead_parms->assoc_size +
 965                         aead_parms->aad_pad_len + aead_parms->iv_len;
 966 
 967 #ifdef DEBUG
 968         /* total size of the data following OMD (without STAT word padding) */
 969         unsigned int real_db_size = spu_real_db_size(aead_parms->assoc_size,
 970                                                  aead_parms->iv_len,
 971                                                  hash_parms->prebuf_len,
 972                                                  data_size,
 973                                                  aead_parms->aad_pad_len,
 974                                                  aead_parms->data_pad_len,
 975                                                  hash_parms->pad_len);
 976 #endif
 977         unsigned int assoc_size = aead_parms->assoc_size;
 978 
 979         if (req_opts->is_aead &&
 980             (cipher_parms->alg == CIPHER_ALG_AES) &&
 981             (cipher_parms->mode == CIPHER_MODE_GCM))
 982                 /*
 983                  * On SPU 2, aes gcm cipher first on encrypt, auth first on
 984                  * decrypt
 985                  */
 986                 req_opts->auth_first = req_opts->is_inbound;
 987 
 988         /* and do opposite for ccm (auth 1st on encrypt) */
 989         if (req_opts->is_aead &&
 990             (cipher_parms->alg == CIPHER_ALG_AES) &&
 991             (cipher_parms->mode == CIPHER_MODE_CCM))
 992                 req_opts->auth_first = !req_opts->is_inbound;
 993 
 994         flow_log("%s()\n", __func__);
 995         flow_log("  in:%u authFirst:%u\n",
 996                  req_opts->is_inbound, req_opts->auth_first);
 997         flow_log("  cipher alg:%u mode:%u type %u\n", cipher_parms->alg,
 998                  cipher_parms->mode, cipher_parms->type);
 999         flow_log("  is_esp: %s\n", req_opts->is_esp ? "yes" : "no");
1000         flow_log("    key: %d\n", cipher_parms->key_len);
1001         flow_dump("    key: ", cipher_parms->key_buf, cipher_parms->key_len);
1002         flow_log("    iv: %d\n", cipher_parms->iv_len);
1003         flow_dump("    iv: ", cipher_parms->iv_buf, cipher_parms->iv_len);
1004         flow_log("  auth alg:%u mode:%u type %u\n",
1005                  hash_parms->alg, hash_parms->mode, hash_parms->type);
1006         flow_log("  digestsize: %u\n", hash_parms->digestsize);
1007         flow_log("  authkey: %d\n", hash_parms->key_len);
1008         flow_dump("  authkey: ", hash_parms->key_buf, hash_parms->key_len);
1009         flow_log("  assoc_size:%u\n", assoc_size);
1010         flow_log("  prebuf_len:%u\n", hash_parms->prebuf_len);
1011         flow_log("  data_size:%u\n", data_size);
1012         flow_log("  hash_pad_len:%u\n", hash_parms->pad_len);
1013         flow_log("  real_db_size:%u\n", real_db_size);
1014         flow_log("  cipher_offset:%u payload_len:%u\n",
1015                  cipher_offset, payload_len);
1016         flow_log("  aead_iv: %u\n", aead_parms->iv_len);
1017 
1018         /* Convert to spu2 values for cipher alg, hash alg */
1019         err = spu2_cipher_xlate(cipher_parms->alg, cipher_parms->mode,
1020                                 cipher_parms->type,
1021                                 &spu2_ciph_type, &spu2_ciph_mode);
1022 
1023         /* If we are doing GCM hashing only - either via rfc4543 transform
1024          * or because we happen to do GCM with AAD only and no payload - we
1025          * need to configure hardware to use hash key rather than cipher key
1026          * and put data into payload.  This is because unlike SPU-M, running
1027          * GCM cipher with 0 size payload is not permitted.
1028          */
1029         if ((req_opts->is_rfc4543) ||
1030             ((spu2_ciph_mode == SPU2_CIPHER_MODE_GCM) &&
1031             (payload_len == 0))) {
1032                 /* Use hashing (only) and set up hash key */
1033                 spu2_ciph_type = SPU2_CIPHER_TYPE_NONE;
1034                 hash_parms->key_len = cipher_parms->key_len;
1035                 memcpy(hash_parms->key_buf, cipher_parms->key_buf,
1036                        cipher_parms->key_len);
1037                 cipher_parms->key_len = 0;
1038 
1039                 if (req_opts->is_rfc4543)
1040                         payload_len += assoc_size;
1041                 else
1042                         payload_len = assoc_size;
1043                 cipher_offset = 0;
1044                 assoc_size = 0;
1045         }
1046 
1047         if (err)
1048                 return 0;
1049 
1050         flow_log("spu2 cipher type %s, cipher mode %s\n",
1051                  spu2_ciph_type_name(spu2_ciph_type),
1052                  spu2_ciph_mode_name(spu2_ciph_mode));
1053 
1054         err = spu2_hash_xlate(hash_parms->alg, hash_parms->mode,
1055                               hash_parms->type,
1056                               cipher_parms->type,
1057                               &spu2_auth_type, &spu2_auth_mode);
1058         if (err)
1059                 return 0;
1060 
1061         flow_log("spu2 hash type %s, hash mode %s\n",
1062                  spu2_hash_type_name(spu2_auth_type),
1063                  spu2_hash_mode_name(spu2_auth_mode));
1064 
1065         fmd = (struct SPU2_FMD *)spu_hdr;
1066 
1067         spu2_fmd_ctrl0_write(fmd, req_opts->is_inbound, req_opts->auth_first,
1068                              proto, spu2_ciph_type, spu2_ciph_mode,
1069                              spu2_auth_type, spu2_auth_mode);
1070 
1071         spu2_fmd_ctrl1_write(fmd, req_opts->is_inbound, assoc_size,
1072                              hash_parms->key_len, cipher_parms->key_len,
1073                              false, false,
1074                              aead_parms->return_iv, aead_parms->ret_iv_len,
1075                              aead_parms->ret_iv_off,
1076                              cipher_parms->iv_len, hash_parms->digestsize,
1077                              !req_opts->bd_suppress, return_md);
1078 
1079         spu2_fmd_ctrl2_write(fmd, cipher_offset, hash_parms->key_len, 0,
1080                              cipher_parms->key_len, cipher_parms->iv_len);
1081 
1082         spu2_fmd_ctrl3_write(fmd, payload_len);
1083 
1084         ptr = (u8 *)(fmd + 1);
1085         buf_len = sizeof(struct SPU2_FMD);
1086 
1087         /* Write OMD */
1088         if (hash_parms->key_len) {
1089                 memcpy(ptr, hash_parms->key_buf, hash_parms->key_len);
1090                 ptr += hash_parms->key_len;
1091                 buf_len += hash_parms->key_len;
1092         }
1093         if (cipher_parms->key_len) {
1094                 memcpy(ptr, cipher_parms->key_buf, cipher_parms->key_len);
1095                 ptr += cipher_parms->key_len;
1096                 buf_len += cipher_parms->key_len;
1097         }
1098         if (cipher_parms->iv_len) {
1099                 memcpy(ptr, cipher_parms->iv_buf, cipher_parms->iv_len);
1100                 ptr += cipher_parms->iv_len;
1101                 buf_len += cipher_parms->iv_len;
1102         }
1103 
1104         packet_dump("  SPU request header: ", spu_hdr, buf_len);
1105 
1106         return buf_len;
1107 }
1108 
1109 /**
1110  * spu_cipher_req_init() - Build an ablkcipher SPU2 request message header,
1111  * including FMD and OMD.
1112  * @spu_hdr:       Location of start of SPU request (FMD field)
1113  * @cipher_parms:  Parameters describing cipher request
1114  *
1115  * Called at setkey time to initialize a msg header that can be reused for all
1116  * subsequent ablkcipher requests. Construct the message starting at spu_hdr.
1117  * Caller should allocate this buffer in DMA-able memory at least
1118  * SPU_HEADER_ALLOC_LEN bytes long.
1119  *
1120  * Return: the total length of the SPU header (FMD and OMD) in bytes. 0 if an
1121  * error occurs.
1122  */
1123 u16 spu2_cipher_req_init(u8 *spu_hdr, struct spu_cipher_parms *cipher_parms)
1124 {
1125         struct SPU2_FMD *fmd;
1126         u8 *omd;
1127         enum spu2_cipher_type spu2_type = SPU2_CIPHER_TYPE_NONE;
1128         enum spu2_cipher_mode spu2_mode;
1129         int err;
1130 
1131         flow_log("%s()\n", __func__);
1132         flow_log("  cipher alg:%u mode:%u type %u\n", cipher_parms->alg,
1133                  cipher_parms->mode, cipher_parms->type);
1134         flow_log("  cipher_iv_len: %u\n", cipher_parms->iv_len);
1135         flow_log("    key: %d\n", cipher_parms->key_len);
1136         flow_dump("    key: ", cipher_parms->key_buf, cipher_parms->key_len);
1137 
1138         /* Convert to spu2 values */
1139         err = spu2_cipher_xlate(cipher_parms->alg, cipher_parms->mode,
1140                                 cipher_parms->type, &spu2_type, &spu2_mode);
1141         if (err)
1142                 return 0;
1143 
1144         flow_log("spu2 cipher type %s, cipher mode %s\n",
1145                  spu2_ciph_type_name(spu2_type),
1146                  spu2_ciph_mode_name(spu2_mode));
1147 
1148         /* Construct the FMD header */
1149         fmd = (struct SPU2_FMD *)spu_hdr;
1150         err = spu2_fmd_init(fmd, spu2_type, spu2_mode, cipher_parms->key_len,
1151                             cipher_parms->iv_len);
1152         if (err)
1153                 return 0;
1154 
1155         /* Write cipher key to OMD */
1156         omd = (u8 *)(fmd + 1);
1157         if (cipher_parms->key_buf && cipher_parms->key_len)
1158                 memcpy(omd, cipher_parms->key_buf, cipher_parms->key_len);
1159 
1160         packet_dump("  SPU request header: ", spu_hdr,
1161                     FMD_SIZE + cipher_parms->key_len + cipher_parms->iv_len);
1162 
1163         return FMD_SIZE + cipher_parms->key_len + cipher_parms->iv_len;
1164 }
1165 
1166 /**
1167  * spu_cipher_req_finish() - Finish building a SPU request message header for a
1168  * block cipher request.
1169  * @spu_hdr:         Start of the request message header (MH field)
1170  * @spu_req_hdr_len: Length in bytes of the SPU request header
1171  * @isInbound:       0 encrypt, 1 decrypt
1172  * @cipher_parms:    Parameters describing cipher operation to be performed
1173  * @update_key:      If true, rewrite the cipher key in SCTX
1174  * @data_size:       Length of the data in the BD field
1175  *
1176  * Assumes much of the header was already filled in at setkey() time in
1177  * spu_cipher_req_init().
1178  * spu_cipher_req_init() fills in the encryption key. For RC4, when submitting a
1179  * request for a non-first chunk, we use the 260-byte SUPDT field from the
1180  * previous response as the key. update_key is true for this case. Unused in all
1181  * other cases.
1182  */
1183 void spu2_cipher_req_finish(u8 *spu_hdr,
1184                             u16 spu_req_hdr_len,
1185                             unsigned int is_inbound,
1186                             struct spu_cipher_parms *cipher_parms,
1187                             bool update_key,
1188                             unsigned int data_size)
1189 {
1190         struct SPU2_FMD *fmd;
1191         u8 *omd;                /* start of optional metadata */
1192         u64 ctrl0;
1193         u64 ctrl3;
1194 
1195         flow_log("%s()\n", __func__);
1196         flow_log(" in: %u\n", is_inbound);
1197         flow_log(" cipher alg: %u, cipher_type: %u\n", cipher_parms->alg,
1198                  cipher_parms->type);
1199         if (update_key) {
1200                 flow_log(" cipher key len: %u\n", cipher_parms->key_len);
1201                 flow_dump("  key: ", cipher_parms->key_buf,
1202                           cipher_parms->key_len);
1203         }
1204         flow_log(" iv len: %d\n", cipher_parms->iv_len);
1205         flow_dump("    iv: ", cipher_parms->iv_buf, cipher_parms->iv_len);
1206         flow_log(" data_size: %u\n", data_size);
1207 
1208         fmd = (struct SPU2_FMD *)spu_hdr;
1209         omd = (u8 *)(fmd + 1);
1210 
1211         /*
1212          * FMD ctrl0 was initialized at setkey time. update it to indicate
1213          * whether we are encrypting or decrypting.
1214          */
1215         ctrl0 = le64_to_cpu(fmd->ctrl0);
1216         if (is_inbound)
1217                 ctrl0 &= ~SPU2_CIPH_ENCRYPT_EN; /* decrypt */
1218         else
1219                 ctrl0 |= SPU2_CIPH_ENCRYPT_EN;  /* encrypt */
1220         fmd->ctrl0 = cpu_to_le64(ctrl0);
1221 
1222         if (cipher_parms->alg && cipher_parms->iv_buf && cipher_parms->iv_len) {
1223                 /* cipher iv provided so put it in here */
1224                 memcpy(omd + cipher_parms->key_len, cipher_parms->iv_buf,
1225                        cipher_parms->iv_len);
1226         }
1227 
1228         ctrl3 = le64_to_cpu(fmd->ctrl3);
1229         data_size &= SPU2_PL_LEN;
1230         ctrl3 |= data_size;
1231         fmd->ctrl3 = cpu_to_le64(ctrl3);
1232 
1233         packet_dump("  SPU request header: ", spu_hdr, spu_req_hdr_len);
1234 }
1235 
1236 /**
1237  * spu_request_pad() - Create pad bytes at the end of the data.
1238  * @pad_start:      Start of buffer where pad bytes are to be written
1239  * @gcm_padding:    Length of GCM padding, in bytes
1240  * @hash_pad_len:   Number of bytes of padding extend data to full block
1241  * @auth_alg:       Authentication algorithm
1242  * @auth_mode:      Authentication mode
1243  * @total_sent:     Length inserted at end of hash pad
1244  * @status_padding: Number of bytes of padding to align STATUS word
1245  *
1246  * There may be three forms of pad:
1247  *  1. GCM pad - for GCM mode ciphers, pad to 16-byte alignment
1248  *  2. hash pad - pad to a block length, with 0x80 data terminator and
1249  *                size at the end
1250  *  3. STAT pad - to ensure the STAT field is 4-byte aligned
1251  */
1252 void spu2_request_pad(u8 *pad_start, u32 gcm_padding, u32 hash_pad_len,
1253                       enum hash_alg auth_alg, enum hash_mode auth_mode,
1254                       unsigned int total_sent, u32 status_padding)
1255 {
1256         u8 *ptr = pad_start;
1257 
1258         /* fix data alignent for GCM */
1259         if (gcm_padding > 0) {
1260                 flow_log("  GCM: padding to 16 byte alignment: %u bytes\n",
1261                          gcm_padding);
1262                 memset(ptr, 0, gcm_padding);
1263                 ptr += gcm_padding;
1264         }
1265 
1266         if (hash_pad_len > 0) {
1267                 /* clear the padding section */
1268                 memset(ptr, 0, hash_pad_len);
1269 
1270                 /* terminate the data */
1271                 *ptr = 0x80;
1272                 ptr += (hash_pad_len - sizeof(u64));
1273 
1274                 /* add the size at the end as required per alg */
1275                 if (auth_alg == HASH_ALG_MD5)
1276                         *(u64 *)ptr = cpu_to_le64((u64)total_sent * 8);
1277                 else            /* SHA1, SHA2-224, SHA2-256 */
1278                         *(u64 *)ptr = cpu_to_be64((u64)total_sent * 8);
1279                 ptr += sizeof(u64);
1280         }
1281 
1282         /* pad to a 4byte alignment for STAT */
1283         if (status_padding > 0) {
1284                 flow_log("  STAT: padding to 4 byte alignment: %u bytes\n",
1285                          status_padding);
1286 
1287                 memset(ptr, 0, status_padding);
1288                 ptr += status_padding;
1289         }
1290 }
1291 
1292 /**
1293  * spu2_xts_tweak_in_payload() - Indicate that SPU2 does NOT place the XTS
1294  * tweak field in the packet payload (it uses IV instead)
1295  *
1296  * Return: 0
1297  */
1298 u8 spu2_xts_tweak_in_payload(void)
1299 {
1300         return 0;
1301 }
1302 
1303 /**
1304  * spu2_tx_status_len() - Return the length of the STATUS field in a SPU
1305  * response message.
1306  *
1307  * Return: Length of STATUS field in bytes.
1308  */
1309 u8 spu2_tx_status_len(void)
1310 {
1311         return SPU2_TX_STATUS_LEN;
1312 }
1313 
1314 /**
1315  * spu2_rx_status_len() - Return the length of the STATUS field in a SPU
1316  * response message.
1317  *
1318  * Return: Length of STATUS field in bytes.
1319  */
1320 u8 spu2_rx_status_len(void)
1321 {
1322         return SPU2_RX_STATUS_LEN;
1323 }
1324 
1325 /**
1326  * spu_status_process() - Process the status from a SPU response message.
1327  * @statp:  start of STATUS word
1328  *
1329  * Return:  0 - if status is good and response should be processed
1330  *         !0 - status indicates an error and response is invalid
1331  */
1332 int spu2_status_process(u8 *statp)
1333 {
1334         /* SPU2 status is 2 bytes by default - SPU_RX_STATUS_LEN */
1335         u16 status = le16_to_cpu(*(__le16 *)statp);
1336 
1337         if (status == 0)
1338                 return 0;
1339 
1340         flow_log("rx status is %#x\n", status);
1341         if (status == SPU2_INVALID_ICV)
1342                 return SPU_INVALID_ICV;
1343 
1344         return -EBADMSG;
1345 }
1346 
1347 /**
1348  * spu2_ccm_update_iv() - Update the IV as per the requirements for CCM mode.
1349  *
1350  * @digestsize:         Digest size of this request
1351  * @cipher_parms:       (pointer to) cipher parmaeters, includes IV buf & IV len
1352  * @assoclen:           Length of AAD data
1353  * @chunksize:          length of input data to be sent in this req
1354  * @is_encrypt:         true if this is an output/encrypt operation
1355  * @is_esp:             true if this is an ESP / RFC4309 operation
1356  *
1357  */
1358 void spu2_ccm_update_iv(unsigned int digestsize,
1359                         struct spu_cipher_parms *cipher_parms,
1360                         unsigned int assoclen, unsigned int chunksize,
1361                         bool is_encrypt, bool is_esp)
1362 {
1363         int L;  /* size of length field, in bytes */
1364 
1365         /*
1366          * In RFC4309 mode, L is fixed at 4 bytes; otherwise, IV from
1367          * testmgr contains (L-1) in bottom 3 bits of first byte,
1368          * per RFC 3610.
1369          */
1370         if (is_esp)
1371                 L = CCM_ESP_L_VALUE;
1372         else
1373                 L = ((cipher_parms->iv_buf[0] & CCM_B0_L_PRIME) >>
1374                       CCM_B0_L_PRIME_SHIFT) + 1;
1375 
1376         /* SPU2 doesn't want these length bytes nor the first byte... */
1377         cipher_parms->iv_len -= (1 + L);
1378         memmove(cipher_parms->iv_buf, &cipher_parms->iv_buf[1],
1379                 cipher_parms->iv_len);
1380 }
1381 
1382 /**
1383  * spu2_wordalign_padlen() - SPU2 does not require padding.
1384  * @data_size: length of data field in bytes
1385  *
1386  * Return: length of status field padding, in bytes (always 0 on SPU2)
1387  */
1388 u32 spu2_wordalign_padlen(u32 data_size)
1389 {
1390         return 0;
1391 }

/* [<][>][^][v][top][bottom][index][help] */