hisilicon/sec/sec_drv.h

0001 /* SPDX-License-Identifier: GPL-2.0 */
0002 /* Copyright (c) 2016-2017 HiSilicon Limited. */
0003
0004 #ifndef _SEC_DRV_H_
0005 #define _SEC_DRV_H_
0006
0007 #include <crypto/algapi.h>
0008 #include <linux/kfifo.h>
0009
0010 #define SEC_MAX_SGE_NUM         64
0011 #define SEC_HW_RING_NUM         3
0012
0013 #define SEC_CMD_RING            0
0014 #define SEC_OUTORDER_RING       1
0015 #define SEC_DBG_RING            2
0016
0017 /* A reasonable length to balance memory use against flexibility */
0018 #define SEC_QUEUE_LEN           512
0019
0020 #define SEC_MAX_SGE_NUM   64
0021
0022 struct sec_bd_info {
0023 #define SEC_BD_W0_T_LEN_M           GENMASK(4, 0)
0024 #define SEC_BD_W0_T_LEN_S           0
0025
0026 #define SEC_BD_W0_C_WIDTH_M         GENMASK(6, 5)
0027 #define SEC_BD_W0_C_WIDTH_S         5
0028 #define   SEC_C_WIDTH_AES_128BIT        0
0029 #define   SEC_C_WIDTH_AES_8BIT      1
0030 #define   SEC_C_WIDTH_AES_1BIT      2
0031 #define   SEC_C_WIDTH_DES_64BIT     0
0032 #define   SEC_C_WIDTH_DES_8BIT      1
0033 #define   SEC_C_WIDTH_DES_1BIT      2
0034
0035 #define SEC_BD_W0_C_MODE_M          GENMASK(9, 7)
0036 #define SEC_BD_W0_C_MODE_S          7
0037 #define   SEC_C_MODE_ECB            0
0038 #define   SEC_C_MODE_CBC            1
0039 #define   SEC_C_MODE_CTR            4
0040 #define   SEC_C_MODE_CCM            5
0041 #define   SEC_C_MODE_GCM            6
0042 #define   SEC_C_MODE_XTS            7
0043
0044 #define SEC_BD_W0_SEQ               BIT(10)
0045 #define SEC_BD_W0_DE                BIT(11)
0046 #define SEC_BD_W0_DAT_SKIP_M            GENMASK(13, 12)
0047 #define SEC_BD_W0_DAT_SKIP_S            12
0048 #define SEC_BD_W0_C_GRAN_SIZE_19_16_M       GENMASK(17, 14)
0049 #define SEC_BD_W0_C_GRAN_SIZE_19_16_S       14
0050
0051 #define SEC_BD_W0_CIPHER_M          GENMASK(19, 18)
0052 #define SEC_BD_W0_CIPHER_S          18
0053 #define   SEC_CIPHER_NULL           0
0054 #define   SEC_CIPHER_ENCRYPT            1
0055 #define   SEC_CIPHER_DECRYPT            2
0056
0057 #define SEC_BD_W0_AUTH_M            GENMASK(21, 20)
0058 #define SEC_BD_W0_AUTH_S            20
0059 #define   SEC_AUTH_NULL             0
0060 #define   SEC_AUTH_MAC              1
0061 #define   SEC_AUTH_VERIF            2
0062
0063 #define SEC_BD_W0_AI_GEN            BIT(22)
0064 #define SEC_BD_W0_CI_GEN            BIT(23)
0065 #define SEC_BD_W0_NO_HPAD           BIT(24)
0066 #define SEC_BD_W0_HM_M              GENMASK(26, 25)
0067 #define SEC_BD_W0_HM_S              25
0068 #define SEC_BD_W0_ICV_OR_SKEY_EN_M      GENMASK(28, 27)
0069 #define SEC_BD_W0_ICV_OR_SKEY_EN_S      27
0070
0071 /* Multi purpose field - gran size bits for send, flag for recv */
0072 #define SEC_BD_W0_FLAG_M            GENMASK(30, 29)
0073 #define SEC_BD_W0_C_GRAN_SIZE_21_20_M       GENMASK(30, 29)
0074 #define SEC_BD_W0_FLAG_S            29
0075 #define SEC_BD_W0_C_GRAN_SIZE_21_20_S       29
0076
0077 #define SEC_BD_W0_DONE              BIT(31)
0078     u32 w0;
0079
0080 #define SEC_BD_W1_AUTH_GRAN_SIZE_M      GENMASK(21, 0)
0081 #define SEC_BD_W1_AUTH_GRAN_SIZE_S      0
0082 #define SEC_BD_W1_M_KEY_EN          BIT(22)
0083 #define SEC_BD_W1_BD_INVALID            BIT(23)
0084 #define SEC_BD_W1_ADDR_TYPE         BIT(24)
0085
0086 #define SEC_BD_W1_A_ALG_M           GENMASK(28, 25)
0087 #define SEC_BD_W1_A_ALG_S           25
0088 #define   SEC_A_ALG_SHA1            0
0089 #define   SEC_A_ALG_SHA256          1
0090 #define   SEC_A_ALG_MD5             2
0091 #define   SEC_A_ALG_SHA224          3
0092 #define   SEC_A_ALG_HMAC_SHA1           8
0093 #define   SEC_A_ALG_HMAC_SHA224         10
0094 #define   SEC_A_ALG_HMAC_SHA256         11
0095 #define   SEC_A_ALG_HMAC_MD5            12
0096 #define   SEC_A_ALG_AES_XCBC            13
0097 #define   SEC_A_ALG_AES_CMAC            14
0098
0099 #define SEC_BD_W1_C_ALG_M           GENMASK(31, 29)
0100 #define SEC_BD_W1_C_ALG_S           29
0101 #define   SEC_C_ALG_DES             0
0102 #define   SEC_C_ALG_3DES            1
0103 #define   SEC_C_ALG_AES             2
0104
0105     u32 w1;
0106
0107 #define SEC_BD_W2_C_GRAN_SIZE_15_0_M        GENMASK(15, 0)
0108 #define SEC_BD_W2_C_GRAN_SIZE_15_0_S        0
0109 #define SEC_BD_W2_GRAN_NUM_M            GENMASK(31, 16)
0110 #define SEC_BD_W2_GRAN_NUM_S            16
0111     u32 w2;
0112
0113 #define SEC_BD_W3_AUTH_LEN_OFFSET_M     GENMASK(9, 0)
0114 #define SEC_BD_W3_AUTH_LEN_OFFSET_S     0
0115 #define SEC_BD_W3_CIPHER_LEN_OFFSET_M       GENMASK(19, 10)
0116 #define SEC_BD_W3_CIPHER_LEN_OFFSET_S       10
0117 #define SEC_BD_W3_MAC_LEN_M         GENMASK(24, 20)
0118 #define SEC_BD_W3_MAC_LEN_S         20
0119 #define SEC_BD_W3_A_KEY_LEN_M           GENMASK(29, 25)
0120 #define SEC_BD_W3_A_KEY_LEN_S           25
0121 #define SEC_BD_W3_C_KEY_LEN_M           GENMASK(31, 30)
0122 #define SEC_BD_W3_C_KEY_LEN_S           30
0123 #define   SEC_KEY_LEN_AES_128           0
0124 #define   SEC_KEY_LEN_AES_192           1
0125 #define   SEC_KEY_LEN_AES_256           2
0126 #define   SEC_KEY_LEN_DES           1
0127 #define   SEC_KEY_LEN_3DES_3_KEY        1
0128 #define   SEC_KEY_LEN_3DES_2_KEY        3
0129     u32 w3;
0130
0131     /* W4,5 */
0132     union {
0133         u32 authkey_addr_lo;
0134         u32 authiv_addr_lo;
0135     };
0136     union {
0137         u32 authkey_addr_hi;
0138         u32 authiv_addr_hi;
0139     };
0140
0141     /* W6,7 */
0142     u32 cipher_key_addr_lo;
0143     u32 cipher_key_addr_hi;
0144
0145     /* W8,9 */
0146     u32 cipher_iv_addr_lo;
0147     u32 cipher_iv_addr_hi;
0148
0149     /* W10,11 */
0150     u32 data_addr_lo;
0151     u32 data_addr_hi;
0152
0153     /* W12,13 */
0154     u32 mac_addr_lo;
0155     u32 mac_addr_hi;
0156
0157     /* W14,15 */
0158     u32 cipher_destin_addr_lo;
0159     u32 cipher_destin_addr_hi;
0160 };
0161
0162 enum sec_mem_region {
0163     SEC_COMMON = 0,
0164     SEC_SAA,
0165     SEC_NUM_ADDR_REGIONS
0166 };
0167
0168 #define SEC_NAME_SIZE               64
0169 #define SEC_Q_NUM               16
0170
0171
0172 /**
0173  * struct sec_queue_ring_cmd - store information about a SEC HW cmd ring
0174  * @used: Local counter used to cheaply establish if the ring is empty.
0175  * @lock: Protect against simultaneous adjusting of the read and write pointers.
0176  * @vaddr: Virtual address for the ram pages used for the ring.
0177  * @paddr: Physical address of the dma mapped region of ram used for the ring.
0178  * @callback: Callback function called on a ring element completing.
0179  */
0180 struct sec_queue_ring_cmd {
0181     atomic_t used;
0182     struct mutex lock;
0183     struct sec_bd_info *vaddr;
0184     dma_addr_t paddr;
0185     void (*callback)(struct sec_bd_info *resp, void *ctx);
0186 };
0187
0188 struct sec_debug_bd_info;
0189 struct sec_queue_ring_db {
0190     struct sec_debug_bd_info *vaddr;
0191     dma_addr_t paddr;
0192 };
0193
0194 struct sec_out_bd_info;
0195 struct sec_queue_ring_cq {
0196     struct sec_out_bd_info *vaddr;
0197     dma_addr_t paddr;
0198 };
0199
0200 struct sec_dev_info;
0201
0202 enum sec_cipher_alg {
0203     SEC_C_DES_ECB_64,
0204     SEC_C_DES_CBC_64,
0205
0206     SEC_C_3DES_ECB_192_3KEY,
0207     SEC_C_3DES_ECB_192_2KEY,
0208
0209     SEC_C_3DES_CBC_192_3KEY,
0210     SEC_C_3DES_CBC_192_2KEY,
0211
0212     SEC_C_AES_ECB_128,
0213     SEC_C_AES_ECB_192,
0214     SEC_C_AES_ECB_256,
0215
0216     SEC_C_AES_CBC_128,
0217     SEC_C_AES_CBC_192,
0218     SEC_C_AES_CBC_256,
0219
0220     SEC_C_AES_CTR_128,
0221     SEC_C_AES_CTR_192,
0222     SEC_C_AES_CTR_256,
0223
0224     SEC_C_AES_XTS_128,
0225     SEC_C_AES_XTS_256,
0226
0227     SEC_C_NULL,
0228 };
0229
0230 /**
0231  * struct sec_alg_tfm_ctx - hardware specific tranformation context
0232  * @cipher_alg: Cipher algorithm enabled include encryption mode.
0233  * @key: Key storage if required.
0234  * @pkey: DMA address for the key storage.
0235  * @req_template: Request template to save time on setup.
0236  * @queue: The hardware queue associated with this tfm context.
0237  * @lock: Protect key and pkey to ensure they are consistent
0238  * @auth_buf: Current context buffer for auth operations.
0239  * @backlog: The backlog queue used for cases where our buffers aren't
0240  * large enough.
0241  */
0242 struct sec_alg_tfm_ctx {
0243     enum sec_cipher_alg cipher_alg;
0244     u8 *key;
0245     dma_addr_t pkey;
0246     struct sec_bd_info req_template;
0247     struct sec_queue *queue;
0248     struct mutex lock;
0249     u8 *auth_buf;
0250     struct list_head backlog;
0251 };
0252
0253 /**
0254  * struct sec_request - data associate with a single crypto request
0255  * @elements: List of subparts of this request (hardware size restriction)
0256  * @num_elements: The number of subparts (used as an optimization)
0257  * @lock: Protect elements of this structure against concurrent change.
0258  * @tfm_ctx: hardware specific context.
0259  * @len_in: length of in sgl from upper layers
0260  * @len_out: length of out sgl from upper layers
0261  * @dma_iv: initialization vector - phsyical address
0262  * @err: store used to track errors across subelements of this request.
0263  * @req_base: pointer to base element of associate crypto context.
0264  * This is needed to allow shared handling skcipher, ahash etc.
0265  * @cb: completion callback.
0266  * @backlog_head: list head to allow backlog maintenance.
0267  *
0268  * The hardware is limited in the maximum size of data that it can
0269  * process from a single BD.  Typically this is fairly large (32MB)
0270  * but still requires the complexity of splitting the incoming
0271  * skreq up into a number of elements complete with appropriate
0272  * iv chaining.
0273  */
0274 struct sec_request {
0275     struct list_head elements;
0276     int num_elements;
0277     struct mutex lock;
0278     struct sec_alg_tfm_ctx *tfm_ctx;
0279     int len_in;
0280     int len_out;
0281     dma_addr_t dma_iv;
0282     int err;
0283     struct crypto_async_request *req_base;
0284     void (*cb)(struct sec_bd_info *resp, struct crypto_async_request *req);
0285     struct list_head backlog_head;
0286 };
0287
0288 /**
0289  * struct sec_request_el - A subpart of a request.
0290  * @head: allow us to attach this to the list in the sec_request
0291  * @req: hardware block descriptor corresponding to this request subpart
0292  * @in: hardware sgl for input - virtual address
0293  * @dma_in: hardware sgl for input - physical address
0294  * @sgl_in: scatterlist for this request subpart
0295  * @out: hardware sgl for output - virtual address
0296  * @dma_out: hardware sgl for output - physical address
0297  * @sgl_out: scatterlist for this request subpart
0298  * @sec_req: The request which this subpart forms a part of
0299  * @el_length: Number of bytes in this subpart. Needed to locate
0300  * last ivsize chunk for iv chaining.
0301  */
0302 struct sec_request_el {
0303     struct list_head head;
0304     struct sec_bd_info req;
0305     struct sec_hw_sgl *in;
0306     dma_addr_t dma_in;
0307     struct scatterlist *sgl_in;
0308     struct sec_hw_sgl *out;
0309     dma_addr_t dma_out;
0310     struct scatterlist *sgl_out;
0311     struct sec_request *sec_req;
0312     size_t el_length;
0313 };
0314
0315 /**
0316  * struct sec_queue - All the information about a HW queue
0317  * @dev_info: The parent SEC device to which this queue belongs.
0318  * @task_irq: Completion interrupt for the queue.
0319  * @name: Human readable queue description also used as irq name.
0320  * @ring: The several HW rings associated with one queue.
0321  * @regs: The iomapped device registers
0322  * @queue_id: Index of the queue used for naming and resource selection.
0323  * @in_use: Flag to say if the queue is in use.
0324  * @expected: The next expected element to finish assuming we were in order.
0325  * @uprocessed: A bitmap to track which OoO elements are done but not handled.
0326  * @softqueue: A software queue used when chaining requirements prevent direct
0327  *   use of the hardware queues.
0328  * @havesoftqueue: A flag to say we have a queues - as we may need one for the
0329  *   current mode.
0330  * @queuelock: Protect the soft queue from concurrent changes to avoid some
0331  *   potential loss of data races.
0332  * @shadow: Pointers back to the shadow copy of the hardware ring element
0333  *   need because we can't store any context reference in the bd element.
0334  */
0335 struct sec_queue {
0336     struct sec_dev_info *dev_info;
0337     int task_irq;
0338     char name[SEC_NAME_SIZE];
0339     struct sec_queue_ring_cmd ring_cmd;
0340     struct sec_queue_ring_cq ring_cq;
0341     struct sec_queue_ring_db ring_db;
0342     void __iomem *regs;
0343     u32 queue_id;
0344     bool in_use;
0345     int expected;
0346
0347     DECLARE_BITMAP(unprocessed, SEC_QUEUE_LEN);
0348     DECLARE_KFIFO_PTR(softqueue, typeof(struct sec_request_el *));
0349     bool havesoftqueue;
0350     spinlock_t queuelock;
0351     void *shadow[SEC_QUEUE_LEN];
0352 };
0353
0354 /**
0355  * struct sec_hw_sge: Track each of the 64 element SEC HW SGL entries
0356  * @buf: The IOV dma address for this entry.
0357  * @len: Length of this IOV.
0358  * @pad: Reserved space.
0359  */
0360 struct sec_hw_sge {
0361     dma_addr_t buf;
0362     unsigned int len;
0363     unsigned int pad;
0364 };
0365
0366 /**
0367  * struct sec_hw_sgl: One hardware SGL entry.
0368  * @next_sgl: The next entry if we need to chain dma address. Null if last.
0369  * @entry_sum_in_chain: The full count of SGEs - only matters for first SGL.
0370  * @entry_sum_in_sgl: The number of SGEs in this SGL element.
0371  * @flag: Unused in skciphers.
0372  * @serial_num: Unsued in skciphers.
0373  * @cpuid: Currently unused.
0374  * @data_bytes_in_sgl: Count of bytes from all SGEs in this SGL.
0375  * @next: Virtual address used to stash the next sgl - useful in completion.
0376  * @reserved: A reserved field not currently used.
0377  * @sge_entries: The (up to) 64 Scatter Gather Entries, representing IOVs.
0378  * @node: Currently unused.
0379  */
0380 struct sec_hw_sgl {
0381     dma_addr_t next_sgl;
0382     u16 entry_sum_in_chain;
0383     u16 entry_sum_in_sgl;
0384     u32 flag;
0385     u64 serial_num;
0386     u32 cpuid;
0387     u32 data_bytes_in_sgl;
0388     struct sec_hw_sgl *next;
0389     u64 reserved;
0390     struct sec_hw_sge  sge_entries[SEC_MAX_SGE_NUM];
0391     u8 node[16];
0392 };
0393
0394 struct dma_pool;
0395
0396 /**
0397  * struct sec_dev_info: The full SEC unit comprising queues and processors.
0398  * @sec_id: Index used to track which SEC this is when more than one is present.
0399  * @num_saas: The number of backed processors enabled.
0400  * @regs: iomapped register regions shared by whole SEC unit.
0401  * @dev_lock: Protects concurrent queue allocation / freeing for the SEC.
0402  * @queues: The 16 queues that this SEC instance provides.
0403  * @dev: Device pointer.
0404  * @hw_sgl_pool: DMA pool used to mimise mapping for the scatter gather lists.
0405  */
0406 struct sec_dev_info {
0407     int sec_id;
0408     int num_saas;
0409     void __iomem *regs[SEC_NUM_ADDR_REGIONS];
0410     struct mutex dev_lock;
0411     int queues_in_use;
0412     struct sec_queue queues[SEC_Q_NUM];
0413     struct device *dev;
0414     struct dma_pool *hw_sgl_pool;
0415 };
0416
0417 int sec_queue_send(struct sec_queue *queue, struct sec_bd_info *msg, void *ctx);
0418 bool sec_queue_can_enqueue(struct sec_queue *queue, int num);
0419 int sec_queue_stop_release(struct sec_queue *queue);
0420 struct sec_queue *sec_queue_alloc_start_safe(void);
0421 bool sec_queue_empty(struct sec_queue *queue);
0422
0423 /* Algorithm specific elements from sec_algs.c */
0424 void sec_alg_callback(struct sec_bd_info *resp, void *ctx);
0425 int sec_algs_register(void);
0426 void sec_algs_unregister(void);
0427
0428 #endif /* _SEC_DRV_H_ */