root/include/uapi/linux/virtio_crypto.h

/* [<][>][^][v][top][bottom][index][help] */

INCLUDED FROM


   1 #ifndef _VIRTIO_CRYPTO_H
   2 #define _VIRTIO_CRYPTO_H
   3 /* This header is BSD licensed so anyone can use the definitions to implement
   4  * compatible drivers/servers.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  * 1. Redistributions of source code must retain the above copyright
  10  *    notice, this list of conditions and the following disclaimer.
  11  * 2. Redistributions in binary form must reproduce the above copyright
  12  *    notice, this list of conditions and the following disclaimer in the
  13  *    documentation and/or other materials provided with the distribution.
  14  * 3. Neither the name of IBM nor the names of its contributors
  15  *    may be used to endorse or promote products derived from this software
  16  *    without specific prior written permission.
  17  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  18  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  19  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  20  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL IBM OR
  21  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  22  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  23  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
  24  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  25  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
  26  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
  27  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  28  * SUCH DAMAGE.
  29  */
  30 #include <linux/types.h>
  31 #include <linux/virtio_types.h>
  32 #include <linux/virtio_ids.h>
  33 #include <linux/virtio_config.h>
  34 
  35 
  36 #define VIRTIO_CRYPTO_SERVICE_CIPHER 0
  37 #define VIRTIO_CRYPTO_SERVICE_HASH   1
  38 #define VIRTIO_CRYPTO_SERVICE_MAC    2
  39 #define VIRTIO_CRYPTO_SERVICE_AEAD   3
  40 
  41 #define VIRTIO_CRYPTO_OPCODE(service, op)   (((service) << 8) | (op))
  42 
  43 struct virtio_crypto_ctrl_header {
  44 #define VIRTIO_CRYPTO_CIPHER_CREATE_SESSION \
  45            VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x02)
  46 #define VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION \
  47            VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x03)
  48 #define VIRTIO_CRYPTO_HASH_CREATE_SESSION \
  49            VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x02)
  50 #define VIRTIO_CRYPTO_HASH_DESTROY_SESSION \
  51            VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x03)
  52 #define VIRTIO_CRYPTO_MAC_CREATE_SESSION \
  53            VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x02)
  54 #define VIRTIO_CRYPTO_MAC_DESTROY_SESSION \
  55            VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x03)
  56 #define VIRTIO_CRYPTO_AEAD_CREATE_SESSION \
  57            VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x02)
  58 #define VIRTIO_CRYPTO_AEAD_DESTROY_SESSION \
  59            VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x03)
  60         __le32 opcode;
  61         __le32 algo;
  62         __le32 flag;
  63         /* data virtqueue id */
  64         __le32 queue_id;
  65 };
  66 
  67 struct virtio_crypto_cipher_session_para {
  68 #define VIRTIO_CRYPTO_NO_CIPHER                 0
  69 #define VIRTIO_CRYPTO_CIPHER_ARC4               1
  70 #define VIRTIO_CRYPTO_CIPHER_AES_ECB            2
  71 #define VIRTIO_CRYPTO_CIPHER_AES_CBC            3
  72 #define VIRTIO_CRYPTO_CIPHER_AES_CTR            4
  73 #define VIRTIO_CRYPTO_CIPHER_DES_ECB            5
  74 #define VIRTIO_CRYPTO_CIPHER_DES_CBC            6
  75 #define VIRTIO_CRYPTO_CIPHER_3DES_ECB           7
  76 #define VIRTIO_CRYPTO_CIPHER_3DES_CBC           8
  77 #define VIRTIO_CRYPTO_CIPHER_3DES_CTR           9
  78 #define VIRTIO_CRYPTO_CIPHER_KASUMI_F8          10
  79 #define VIRTIO_CRYPTO_CIPHER_SNOW3G_UEA2        11
  80 #define VIRTIO_CRYPTO_CIPHER_AES_F8             12
  81 #define VIRTIO_CRYPTO_CIPHER_AES_XTS            13
  82 #define VIRTIO_CRYPTO_CIPHER_ZUC_EEA3           14
  83         __le32 algo;
  84         /* length of key */
  85         __le32 keylen;
  86 
  87 #define VIRTIO_CRYPTO_OP_ENCRYPT  1
  88 #define VIRTIO_CRYPTO_OP_DECRYPT  2
  89         /* encrypt or decrypt */
  90         __le32 op;
  91         __le32 padding;
  92 };
  93 
  94 struct virtio_crypto_session_input {
  95         /* Device-writable part */
  96         __le64 session_id;
  97         __le32 status;
  98         __le32 padding;
  99 };
 100 
 101 struct virtio_crypto_cipher_session_req {
 102         struct virtio_crypto_cipher_session_para para;
 103         __u8 padding[32];
 104 };
 105 
 106 struct virtio_crypto_hash_session_para {
 107 #define VIRTIO_CRYPTO_NO_HASH            0
 108 #define VIRTIO_CRYPTO_HASH_MD5           1
 109 #define VIRTIO_CRYPTO_HASH_SHA1          2
 110 #define VIRTIO_CRYPTO_HASH_SHA_224       3
 111 #define VIRTIO_CRYPTO_HASH_SHA_256       4
 112 #define VIRTIO_CRYPTO_HASH_SHA_384       5
 113 #define VIRTIO_CRYPTO_HASH_SHA_512       6
 114 #define VIRTIO_CRYPTO_HASH_SHA3_224      7
 115 #define VIRTIO_CRYPTO_HASH_SHA3_256      8
 116 #define VIRTIO_CRYPTO_HASH_SHA3_384      9
 117 #define VIRTIO_CRYPTO_HASH_SHA3_512      10
 118 #define VIRTIO_CRYPTO_HASH_SHA3_SHAKE128      11
 119 #define VIRTIO_CRYPTO_HASH_SHA3_SHAKE256      12
 120         __le32 algo;
 121         /* hash result length */
 122         __le32 hash_result_len;
 123         __u8 padding[8];
 124 };
 125 
 126 struct virtio_crypto_hash_create_session_req {
 127         struct virtio_crypto_hash_session_para para;
 128         __u8 padding[40];
 129 };
 130 
 131 struct virtio_crypto_mac_session_para {
 132 #define VIRTIO_CRYPTO_NO_MAC                       0
 133 #define VIRTIO_CRYPTO_MAC_HMAC_MD5                 1
 134 #define VIRTIO_CRYPTO_MAC_HMAC_SHA1                2
 135 #define VIRTIO_CRYPTO_MAC_HMAC_SHA_224             3
 136 #define VIRTIO_CRYPTO_MAC_HMAC_SHA_256             4
 137 #define VIRTIO_CRYPTO_MAC_HMAC_SHA_384             5
 138 #define VIRTIO_CRYPTO_MAC_HMAC_SHA_512             6
 139 #define VIRTIO_CRYPTO_MAC_CMAC_3DES                25
 140 #define VIRTIO_CRYPTO_MAC_CMAC_AES                 26
 141 #define VIRTIO_CRYPTO_MAC_KASUMI_F9                27
 142 #define VIRTIO_CRYPTO_MAC_SNOW3G_UIA2              28
 143 #define VIRTIO_CRYPTO_MAC_GMAC_AES                 41
 144 #define VIRTIO_CRYPTO_MAC_GMAC_TWOFISH             42
 145 #define VIRTIO_CRYPTO_MAC_CBCMAC_AES               49
 146 #define VIRTIO_CRYPTO_MAC_CBCMAC_KASUMI_F9         50
 147 #define VIRTIO_CRYPTO_MAC_XCBC_AES                 53
 148         __le32 algo;
 149         /* hash result length */
 150         __le32 hash_result_len;
 151         /* length of authenticated key */
 152         __le32 auth_key_len;
 153         __le32 padding;
 154 };
 155 
 156 struct virtio_crypto_mac_create_session_req {
 157         struct virtio_crypto_mac_session_para para;
 158         __u8 padding[40];
 159 };
 160 
 161 struct virtio_crypto_aead_session_para {
 162 #define VIRTIO_CRYPTO_NO_AEAD     0
 163 #define VIRTIO_CRYPTO_AEAD_GCM    1
 164 #define VIRTIO_CRYPTO_AEAD_CCM    2
 165 #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
 166         __le32 algo;
 167         /* length of key */
 168         __le32 key_len;
 169         /* hash result length */
 170         __le32 hash_result_len;
 171         /* length of the additional authenticated data (AAD) in bytes */
 172         __le32 aad_len;
 173         /* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
 174         __le32 op;
 175         __le32 padding;
 176 };
 177 
 178 struct virtio_crypto_aead_create_session_req {
 179         struct virtio_crypto_aead_session_para para;
 180         __u8 padding[32];
 181 };
 182 
 183 struct virtio_crypto_alg_chain_session_para {
 184 #define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_HASH_THEN_CIPHER  1
 185 #define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_CIPHER_THEN_HASH  2
 186         __le32 alg_chain_order;
 187 /* Plain hash */
 188 #define VIRTIO_CRYPTO_SYM_HASH_MODE_PLAIN    1
 189 /* Authenticated hash (mac) */
 190 #define VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH     2
 191 /* Nested hash */
 192 #define VIRTIO_CRYPTO_SYM_HASH_MODE_NESTED   3
 193         __le32 hash_mode;
 194         struct virtio_crypto_cipher_session_para cipher_param;
 195         union {
 196                 struct virtio_crypto_hash_session_para hash_param;
 197                 struct virtio_crypto_mac_session_para mac_param;
 198                 __u8 padding[16];
 199         } u;
 200         /* length of the additional authenticated data (AAD) in bytes */
 201         __le32 aad_len;
 202         __le32 padding;
 203 };
 204 
 205 struct virtio_crypto_alg_chain_session_req {
 206         struct virtio_crypto_alg_chain_session_para para;
 207 };
 208 
 209 struct virtio_crypto_sym_create_session_req {
 210         union {
 211                 struct virtio_crypto_cipher_session_req cipher;
 212                 struct virtio_crypto_alg_chain_session_req chain;
 213                 __u8 padding[48];
 214         } u;
 215 
 216         /* Device-readable part */
 217 
 218 /* No operation */
 219 #define VIRTIO_CRYPTO_SYM_OP_NONE  0
 220 /* Cipher only operation on the data */
 221 #define VIRTIO_CRYPTO_SYM_OP_CIPHER  1
 222 /*
 223  * Chain any cipher with any hash or mac operation. The order
 224  * depends on the value of alg_chain_order param
 225  */
 226 #define VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING  2
 227         __le32 op_type;
 228         __le32 padding;
 229 };
 230 
 231 struct virtio_crypto_destroy_session_req {
 232         /* Device-readable part */
 233         __le64  session_id;
 234         __u8 padding[48];
 235 };
 236 
 237 /* The request of the control virtqueue's packet */
 238 struct virtio_crypto_op_ctrl_req {
 239         struct virtio_crypto_ctrl_header header;
 240 
 241         union {
 242                 struct virtio_crypto_sym_create_session_req
 243                         sym_create_session;
 244                 struct virtio_crypto_hash_create_session_req
 245                         hash_create_session;
 246                 struct virtio_crypto_mac_create_session_req
 247                         mac_create_session;
 248                 struct virtio_crypto_aead_create_session_req
 249                         aead_create_session;
 250                 struct virtio_crypto_destroy_session_req
 251                         destroy_session;
 252                 __u8 padding[56];
 253         } u;
 254 };
 255 
 256 struct virtio_crypto_op_header {
 257 #define VIRTIO_CRYPTO_CIPHER_ENCRYPT \
 258         VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x00)
 259 #define VIRTIO_CRYPTO_CIPHER_DECRYPT \
 260         VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x01)
 261 #define VIRTIO_CRYPTO_HASH \
 262         VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x00)
 263 #define VIRTIO_CRYPTO_MAC \
 264         VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x00)
 265 #define VIRTIO_CRYPTO_AEAD_ENCRYPT \
 266         VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
 267 #define VIRTIO_CRYPTO_AEAD_DECRYPT \
 268         VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
 269         __le32 opcode;
 270         /* algo should be service-specific algorithms */
 271         __le32 algo;
 272         /* session_id should be service-specific algorithms */
 273         __le64 session_id;
 274         /* control flag to control the request */
 275         __le32 flag;
 276         __le32 padding;
 277 };
 278 
 279 struct virtio_crypto_cipher_para {
 280         /*
 281          * Byte Length of valid IV/Counter
 282          *
 283          * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
 284          *   SNOW3G in UEA2 mode, this is the length of the IV (which
 285          *   must be the same as the block length of the cipher).
 286          * For block ciphers in CTR mode, this is the length of the counter
 287          *   (which must be the same as the block length of the cipher).
 288          * For AES-XTS, this is the 128bit tweak, i, from IEEE Std 1619-2007.
 289          *
 290          * The IV/Counter will be updated after every partial cryptographic
 291          * operation.
 292          */
 293         __le32 iv_len;
 294         /* length of source data */
 295         __le32 src_data_len;
 296         /* length of dst data */
 297         __le32 dst_data_len;
 298         __le32 padding;
 299 };
 300 
 301 struct virtio_crypto_hash_para {
 302         /* length of source data */
 303         __le32 src_data_len;
 304         /* hash result length */
 305         __le32 hash_result_len;
 306 };
 307 
 308 struct virtio_crypto_mac_para {
 309         struct virtio_crypto_hash_para hash;
 310 };
 311 
 312 struct virtio_crypto_aead_para {
 313         /*
 314          * Byte Length of valid IV data pointed to by the below iv_addr
 315          * parameter.
 316          *
 317          * For GCM mode, this is either 12 (for 96-bit IVs) or 16, in which
 318          *   case iv_addr points to J0.
 319          * For CCM mode, this is the length of the nonce, which can be in the
 320          *   range 7 to 13 inclusive.
 321          */
 322         __le32 iv_len;
 323         /* length of additional auth data */
 324         __le32 aad_len;
 325         /* length of source data */
 326         __le32 src_data_len;
 327         /* length of dst data */
 328         __le32 dst_data_len;
 329 };
 330 
 331 struct virtio_crypto_cipher_data_req {
 332         /* Device-readable part */
 333         struct virtio_crypto_cipher_para para;
 334         __u8 padding[24];
 335 };
 336 
 337 struct virtio_crypto_hash_data_req {
 338         /* Device-readable part */
 339         struct virtio_crypto_hash_para para;
 340         __u8 padding[40];
 341 };
 342 
 343 struct virtio_crypto_mac_data_req {
 344         /* Device-readable part */
 345         struct virtio_crypto_mac_para para;
 346         __u8 padding[40];
 347 };
 348 
 349 struct virtio_crypto_alg_chain_data_para {
 350         __le32 iv_len;
 351         /* Length of source data */
 352         __le32 src_data_len;
 353         /* Length of destination data */
 354         __le32 dst_data_len;
 355         /* Starting point for cipher processing in source data */
 356         __le32 cipher_start_src_offset;
 357         /* Length of the source data that the cipher will be computed on */
 358         __le32 len_to_cipher;
 359         /* Starting point for hash processing in source data */
 360         __le32 hash_start_src_offset;
 361         /* Length of the source data that the hash will be computed on */
 362         __le32 len_to_hash;
 363         /* Length of the additional auth data */
 364         __le32 aad_len;
 365         /* Length of the hash result */
 366         __le32 hash_result_len;
 367         __le32 reserved;
 368 };
 369 
 370 struct virtio_crypto_alg_chain_data_req {
 371         /* Device-readable part */
 372         struct virtio_crypto_alg_chain_data_para para;
 373 };
 374 
 375 struct virtio_crypto_sym_data_req {
 376         union {
 377                 struct virtio_crypto_cipher_data_req cipher;
 378                 struct virtio_crypto_alg_chain_data_req chain;
 379                 __u8 padding[40];
 380         } u;
 381 
 382         /* See above VIRTIO_CRYPTO_SYM_OP_* */
 383         __le32 op_type;
 384         __le32 padding;
 385 };
 386 
 387 struct virtio_crypto_aead_data_req {
 388         /* Device-readable part */
 389         struct virtio_crypto_aead_para para;
 390         __u8 padding[32];
 391 };
 392 
 393 /* The request of the data virtqueue's packet */
 394 struct virtio_crypto_op_data_req {
 395         struct virtio_crypto_op_header header;
 396 
 397         union {
 398                 struct virtio_crypto_sym_data_req  sym_req;
 399                 struct virtio_crypto_hash_data_req hash_req;
 400                 struct virtio_crypto_mac_data_req mac_req;
 401                 struct virtio_crypto_aead_data_req aead_req;
 402                 __u8 padding[48];
 403         } u;
 404 };
 405 
 406 #define VIRTIO_CRYPTO_OK        0
 407 #define VIRTIO_CRYPTO_ERR       1
 408 #define VIRTIO_CRYPTO_BADMSG    2
 409 #define VIRTIO_CRYPTO_NOTSUPP   3
 410 #define VIRTIO_CRYPTO_INVSESS   4 /* Invalid session id */
 411 
 412 /* The accelerator hardware is ready */
 413 #define VIRTIO_CRYPTO_S_HW_READY  (1 << 0)
 414 
 415 struct virtio_crypto_config {
 416         /* See VIRTIO_CRYPTO_OP_* above */
 417         __u32  status;
 418 
 419         /*
 420          * Maximum number of data queue
 421          */
 422         __u32  max_dataqueues;
 423 
 424         /*
 425          * Specifies the services mask which the device support,
 426          * see VIRTIO_CRYPTO_SERVICE_* above
 427          */
 428         __u32 crypto_services;
 429 
 430         /* Detailed algorithms mask */
 431         __u32 cipher_algo_l;
 432         __u32 cipher_algo_h;
 433         __u32 hash_algo;
 434         __u32 mac_algo_l;
 435         __u32 mac_algo_h;
 436         __u32 aead_algo;
 437         /* Maximum length of cipher key */
 438         __u32 max_cipher_key_len;
 439         /* Maximum length of authenticated key */
 440         __u32 max_auth_key_len;
 441         __u32 reserve;
 442         /* Maximum size of each crypto request's content */
 443         __u64 max_size;
 444 };
 445 
 446 struct virtio_crypto_inhdr {
 447         /* See VIRTIO_CRYPTO_* above */
 448         __u8 status;
 449 };
 450 #endif

/* [<][>][^][v][top][bottom][index][help] */