1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
|
/*
*
* sep_crypto.h - Crypto interface structures
*
* Copyright(c) 2009-2011 Intel Corporation. All rights reserved.
* Contributions(c) 2009-2010 Discretix. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation; version 2 of the License.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 59
* Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
* CONTACTS:
*
* Mark Allyn mark.a.allyn@intel.com
* Jayant Mangalampalli jayant.mangalampalli@intel.com
*
* CHANGES:
*
* 2009.06.26 Initial publish
* 2011.02.22 Enable Kernel Crypto
*
*/
/* Constants for SEP (from vendor) */
#define SEP_START_MSG_TOKEN 0x02558808
#define SEP_DES_IV_SIZE_WORDS 2
#define SEP_DES_IV_SIZE_BYTES (SEP_DES_IV_SIZE_WORDS * \
sizeof(u32))
#define SEP_DES_KEY_SIZE_WORDS 2
#define SEP_DES_KEY_SIZE_BYTES (SEP_DES_KEY_SIZE_WORDS * \
sizeof(u32))
#define SEP_DES_BLOCK_SIZE 8
#define SEP_DES_DUMMY_SIZE 16
#define SEP_DES_INIT_OPCODE 0x10
#define SEP_DES_BLOCK_OPCODE 0x11
#define SEP_AES_BLOCK_SIZE_WORDS 4
#define SEP_AES_BLOCK_SIZE_BYTES \
(SEP_AES_BLOCK_SIZE_WORDS * sizeof(u32))
#define SEP_AES_DUMMY_BLOCK_SIZE 16
#define SEP_AES_IV_SIZE_WORDS SEP_AES_BLOCK_SIZE_WORDS
#define SEP_AES_IV_SIZE_BYTES \
(SEP_AES_IV_SIZE_WORDS * sizeof(u32))
#define SEP_AES_KEY_128_SIZE 16
#define SEP_AES_KEY_192_SIZE 24
#define SEP_AES_KEY_256_SIZE 32
#define SEP_AES_KEY_512_SIZE 64
#define SEP_AES_MAX_KEY_SIZE_WORDS 16
#define SEP_AES_MAX_KEY_SIZE_BYTES \
(SEP_AES_MAX_KEY_SIZE_WORDS * sizeof(u32))
#define SEP_AES_WRAP_MIN_SIZE 8
#define SEP_AES_WRAP_MAX_SIZE 0x10000000
#define SEP_AES_WRAP_BLOCK_SIZE_WORDS 2
#define SEP_AES_WRAP_BLOCK_SIZE_BYTES \
(SEP_AES_WRAP_BLOCK_SIZE_WORDS * sizeof(u32))
#define SEP_AES_SECRET_RKEK1 0x1
#define SEP_AES_SECRET_RKEK2 0x2
#define SEP_AES_INIT_OPCODE 0x2
#define SEP_AES_BLOCK_OPCODE 0x3
#define SEP_AES_FINISH_OPCODE 0x4
#define SEP_AES_WRAP_OPCODE 0x6
#define SEP_AES_UNWRAP_OPCODE 0x7
#define SEP_AES_XTS_FINISH_OPCODE 0x8
#define SEP_HASH_RESULT_SIZE_WORDS 16
#define SEP_MD5_DIGEST_SIZE_WORDS 4
#define SEP_MD5_DIGEST_SIZE_BYTES \
(SEP_MD5_DIGEST_SIZE_WORDS * sizeof(u32))
#define SEP_SHA1_DIGEST_SIZE_WORDS 5
#define SEP_SHA1_DIGEST_SIZE_BYTES \
(SEP_SHA1_DIGEST_SIZE_WORDS * sizeof(u32))
#define SEP_SHA224_DIGEST_SIZE_WORDS 7
#define SEP_SHA224_DIGEST_SIZE_BYTES \
(SEP_SHA224_DIGEST_SIZE_WORDS * sizeof(u32))
#define SEP_SHA256_DIGEST_SIZE_WORDS 8
#define SEP_SHA256_DIGEST_SIZE_BYTES \
(SEP_SHA256_DIGEST_SIZE_WORDS * sizeof(u32))
#define SEP_SHA384_DIGEST_SIZE_WORDS 12
#define SEP_SHA384_DIGEST_SIZE_BYTES \
(SEP_SHA384_DIGEST_SIZE_WORDS * sizeof(u32))
#define SEP_SHA512_DIGEST_SIZE_WORDS 16
#define SEP_SHA512_DIGEST_SIZE_BYTES \
(SEP_SHA512_DIGEST_SIZE_WORDS * sizeof(u32))
#define SEP_HASH_BLOCK_SIZE_WORDS 16
#define SEP_HASH_BLOCK_SIZE_BYTES \
(SEP_HASH_BLOCK_SIZE_WORDS * sizeof(u32))
#define SEP_SHA2_BLOCK_SIZE_WORDS 32
#define SEP_SHA2_BLOCK_SIZE_BYTES \
(SEP_SHA2_BLOCK_SIZE_WORDS * sizeof(u32))
#define SEP_HASH_INIT_OPCODE 0x20
#define SEP_HASH_UPDATE_OPCODE 0x21
#define SEP_HASH_FINISH_OPCODE 0x22
#define SEP_HASH_SINGLE_OPCODE 0x23
#define SEP_HOST_ERROR 0x0b000000
#define SEP_OK 0x0
#define SEP_INVALID_START (SEP_HOST_ERROR + 0x3)
#define SEP_WRONG_OPCODE (SEP_HOST_ERROR + 0x1)
#define SEP_TRANSACTION_WAIT_TIME 5
#define SEP_QUEUE_LENGTH 2
/* Macros */
#ifndef __LITTLE_ENDIAN
#define CHG_ENDIAN(val) \
(((val) >> 24) | \
(((val) & 0x00FF0000) >> 8) | \
(((val) & 0x0000FF00) << 8) | \
(((val) & 0x000000FF) << 24))
#else
#define CHG_ENDIAN(val) val
#endif
/* Enums for SEP (from vendor) */
enum des_numkey {
DES_KEY_1 = 1,
DES_KEY_2 = 2,
DES_KEY_3 = 3,
SEP_NUMKEY_OPTIONS,
SEP_NUMKEY_LAST = 0x7fffffff,
};
enum des_enc_mode {
SEP_DES_ENCRYPT = 0,
SEP_DES_DECRYPT = 1,
SEP_DES_ENC_OPTIONS,
SEP_DES_ENC_LAST = 0x7fffffff,
};
enum des_op_mode {
SEP_DES_ECB = 0,
SEP_DES_CBC = 1,
SEP_OP_OPTIONS,
SEP_OP_LAST = 0x7fffffff,
};
enum aes_keysize {
AES_128 = 0,
AES_192 = 1,
AES_256 = 2,
AES_512 = 3,
AES_SIZE_OPTIONS,
AEA_SIZE_LAST = 0x7FFFFFFF,
};
enum aes_enc_mode {
SEP_AES_ENCRYPT = 0,
SEP_AES_DECRYPT = 1,
SEP_AES_ENC_OPTIONS,
SEP_AES_ENC_LAST = 0x7FFFFFFF,
};
enum aes_op_mode {
SEP_AES_ECB = 0,
SEP_AES_CBC = 1,
SEP_AES_MAC = 2,
SEP_AES_CTR = 3,
SEP_AES_XCBC = 4,
SEP_AES_CMAC = 5,
SEP_AES_XTS = 6,
SEP_AES_OP_OPTIONS,
SEP_AES_OP_LAST = 0x7FFFFFFF,
};
enum hash_op_mode {
SEP_HASH_SHA1 = 0,
SEP_HASH_SHA224 = 1,
SEP_HASH_SHA256 = 2,
SEP_HASH_SHA384 = 3,
SEP_HASH_SHA512 = 4,
SEP_HASH_MD5 = 5,
SEP_HASH_OPTIONS,
SEP_HASH_LAST_MODE = 0x7FFFFFFF,
};
/* Structures for SEP (from vendor) */
struct sep_des_internal_key {
u32 key1[SEP_DES_KEY_SIZE_WORDS];
u32 key2[SEP_DES_KEY_SIZE_WORDS];
u32 key3[SEP_DES_KEY_SIZE_WORDS];
};
struct sep_des_internal_context {
u32 iv_context[SEP_DES_IV_SIZE_WORDS];
struct sep_des_internal_key context_key;
enum des_numkey nbr_keys;
enum des_enc_mode encryption;
enum des_op_mode operation;
u8 dummy_block[SEP_DES_DUMMY_SIZE];
};
struct sep_des_private_context {
u32 valid_tag;
u32 iv;
u8 ctx_buf[sizeof(struct sep_des_internal_context)];
};
/* This is the structure passed to SEP via msg area */
struct sep_des_key {
u32 key1[SEP_DES_KEY_SIZE_WORDS];
u32 key2[SEP_DES_KEY_SIZE_WORDS];
u32 key3[SEP_DES_KEY_SIZE_WORDS];
u32 pad[SEP_DES_KEY_SIZE_WORDS];
};
struct sep_aes_internal_context {
u32 aes_ctx_iv[SEP_AES_IV_SIZE_WORDS];
u32 aes_ctx_key[SEP_AES_MAX_KEY_SIZE_WORDS / 2];
enum aes_keysize keysize;
enum aes_enc_mode encmode;
enum aes_op_mode opmode;
u8 secret_key;
u32 no_add_blocks;
u32 last_block_size;
u32 last_block[SEP_AES_BLOCK_SIZE_WORDS];
u32 prev_iv[SEP_AES_BLOCK_SIZE_WORDS];
u32 remaining_size;
union {
struct {
u32 dkey1[SEP_AES_BLOCK_SIZE_WORDS];
u32 dkey2[SEP_AES_BLOCK_SIZE_WORDS];
u32 dkey3[SEP_AES_BLOCK_SIZE_WORDS];
} cmac_data;
struct {
u32 xts_key[SEP_AES_MAX_KEY_SIZE_WORDS / 2];
u32 temp1[SEP_AES_BLOCK_SIZE_WORDS];
u32 temp2[SEP_AES_BLOCK_SIZE_WORDS];
} xtx_data;
} s_data;
u8 dummy_block[SEP_AES_DUMMY_BLOCK_SIZE];
};
struct sep_aes_private_context {
u32 valid_tag;
u32 aes_iv;
u32 op_mode;
u8 cbuff[sizeof(struct sep_aes_internal_context)];
};
struct sep_hash_internal_context {
u32 hash_result[SEP_HASH_RESULT_SIZE_WORDS];
enum hash_op_mode hash_opmode;
u32 previous_data[SEP_SHA2_BLOCK_SIZE_WORDS];
u16 prev_update_bytes;
u32 total_proc_128bit[4];
u16 op_mode_block_size;
u8 dummy_aes_block[SEP_AES_DUMMY_BLOCK_SIZE];
};
struct sep_hash_private_context {
u32 valid_tag;
u32 iv;
u8 internal_context[sizeof(struct sep_hash_internal_context)];
};
union key_t {
struct sep_des_key des;
u32 aes[SEP_AES_MAX_KEY_SIZE_WORDS];
};
/* Context structures for crypto API */
/**
* Structure for this current task context
* This same structure is used for both hash
* and crypt in order to reduce duplicate code
* for stuff that is done for both hash operations
* and crypto operations. We cannot trust that the
* system context is not pulled out from under
* us during operation to operation, so all
* critical stuff such as data pointers must
* be in in a context that is exclusive for this
* particular task at hand.
*/
struct this_task_ctx {
struct sep_device *sep_used;
u32 done;
unsigned char iv[100];
enum des_enc_mode des_encmode;
enum des_op_mode des_opmode;
enum aes_enc_mode aes_encmode;
enum aes_op_mode aes_opmode;
u32 init_opcode;
u32 block_opcode;
size_t data_length;
size_t ivlen;
struct ablkcipher_walk walk;
int i_own_sep; /* Do I have custody of the sep? */
struct sep_call_status call_status;
struct build_dcb_struct_kernel dcb_input_data;
struct sep_dma_context *dma_ctx;
void *dmatables_region;
size_t nbytes;
struct sep_dcblock *dcb_region;
struct sep_queue_info *queue_elem;
int msg_len_words;
unsigned char msg[SEP_DRIVER_MESSAGE_SHARED_AREA_SIZE_IN_BYTES];
void *msgptr;
struct scatterlist *src_sg;
struct scatterlist *dst_sg;
struct scatterlist *src_sg_hold;
struct scatterlist *dst_sg_hold;
struct ahash_request *current_hash_req;
struct ablkcipher_request *current_cypher_req;
enum type_of_request current_request;
int digest_size_words;
int digest_size_bytes;
int block_size_words;
int block_size_bytes;
enum hash_op_mode hash_opmode;
enum hash_stage current_hash_stage;
/**
* Not that this is a pointer. The are_we_done_yet variable is
* allocated by the task function. This way, even if the kernel
* crypto infrastructure has grabbed the task structure out from
* under us, the task function can still see this variable.
*/
int *are_we_done_yet;
unsigned long end_time;
};
struct sep_system_ctx {
union key_t key;
size_t keylen;
int key_sent;
enum des_numkey des_nbr_keys;
enum aes_keysize aes_key_size;
unsigned long end_time;
struct sep_des_private_context des_private_ctx;
struct sep_aes_private_context aes_private_ctx;
struct sep_hash_private_context hash_private_ctx;
};
/* work queue structures */
struct sep_work_struct {
struct work_struct work;
void (*callback)(void *);
void *data;
};
/* Functions */
int sep_crypto_setup(void);
void sep_crypto_takedown(void);
|
