1/* SPDX-License-Identifier: GPL-2.0-only 2 * SPDX-FileCopyrightText: Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved. 3 * 4 * Header file for NVIDIA Security Engine driver. 5 */ 6 7#ifndef _TEGRA_SE_H 8#define _TEGRA_SE_H 9 10#include <linux/bitfield.h> 11#include <linux/iommu.h> 12#include <linux/host1x.h> 13#include <crypto/aead.h> 14#include <crypto/engine.h> 15#include <crypto/hash.h> 16#include <crypto/sha1.h> 17#include <crypto/sha3.h> 18#include <crypto/skcipher.h> 19 20#define SE_OWNERSHIP 0x14 21#define SE_OWNERSHIP_UID(x) FIELD_GET(GENMASK(7, 0), x) 22#define TEGRA_GPSE_ID 3 23 24#define SE_STREAM_ID 0x90 25 26#define SE_SHA_CFG 0x4004 27#define SE_SHA_KEY_ADDR 0x4094 28#define SE_SHA_KEY_DATA 0x4098 29#define SE_SHA_KEYMANIFEST 0x409c 30#define SE_SHA_CRYPTO_CFG 0x40a4 31#define SE_SHA_KEY_DST 0x40a8 32#define SE_SHA_SRC_KSLT 0x4180 33#define SE_SHA_TGT_KSLT 0x4184 34#define SE_SHA_MSG_LENGTH 0x401c 35#define SE_SHA_OPERATION 0x407c 36#define SE_SHA_HASH_RESULT 0x40b0 37 38#define SE_SHA_ENC_MODE(x) FIELD_PREP(GENMASK(31, 24), x) 39#define SE_SHA_ENC_MODE_SHA1 SE_SHA_ENC_MODE(0) 40#define SE_SHA_ENC_MODE_SHA224 SE_SHA_ENC_MODE(4) 41#define SE_SHA_ENC_MODE_SHA256 SE_SHA_ENC_MODE(5) 42#define SE_SHA_ENC_MODE_SHA384 SE_SHA_ENC_MODE(6) 43#define SE_SHA_ENC_MODE_SHA512 SE_SHA_ENC_MODE(7) 44#define SE_SHA_ENC_MODE_SHA_CTX_INTEGRITY SE_SHA_ENC_MODE(8) 45#define SE_SHA_ENC_MODE_SHA3_224 SE_SHA_ENC_MODE(9) 46#define SE_SHA_ENC_MODE_SHA3_256 SE_SHA_ENC_MODE(10) 47#define SE_SHA_ENC_MODE_SHA3_384 SE_SHA_ENC_MODE(11) 48#define SE_SHA_ENC_MODE_SHA3_512 SE_SHA_ENC_MODE(12) 49#define SE_SHA_ENC_MODE_SHAKE128 SE_SHA_ENC_MODE(13) 50#define SE_SHA_ENC_MODE_SHAKE256 SE_SHA_ENC_MODE(14) 51#define SE_SHA_ENC_MODE_HMAC_SHA256_1KEY SE_SHA_ENC_MODE(0) 52#define SE_SHA_ENC_MODE_HMAC_SHA256_2KEY SE_SHA_ENC_MODE(1) 53#define SE_SHA_ENC_MODE_SM3_256 SE_SHA_ENC_MODE(0) 54 55#define SE_SHA_CFG_ENC_ALG(x) FIELD_PREP(GENMASK(15, 12), x) 56#define SE_SHA_ENC_ALG_NOP SE_SHA_CFG_ENC_ALG(0) 57#define SE_SHA_ENC_ALG_SHA_ENC SE_SHA_CFG_ENC_ALG(1) 58#define SE_SHA_ENC_ALG_RNG SE_SHA_CFG_ENC_ALG(2) 59#define SE_SHA_ENC_ALG_SHA SE_SHA_CFG_ENC_ALG(3) 60#define SE_SHA_ENC_ALG_SM3 SE_SHA_CFG_ENC_ALG(4) 61#define SE_SHA_ENC_ALG_HMAC SE_SHA_CFG_ENC_ALG(7) 62#define SE_SHA_ENC_ALG_KDF SE_SHA_CFG_ENC_ALG(8) 63#define SE_SHA_ENC_ALG_KEY_INVLD SE_SHA_CFG_ENC_ALG(10) 64#define SE_SHA_ENC_ALG_KEY_INQUIRE SE_SHA_CFG_ENC_ALG(12) 65#define SE_SHA_ENC_ALG_INS SE_SHA_CFG_ENC_ALG(13) 66 67#define SE_SHA_OP_LASTBUF FIELD_PREP(BIT(16), 1) 68#define SE_SHA_OP_WRSTALL FIELD_PREP(BIT(15), 1) 69 70#define SE_SHA_OP_OP(x) FIELD_PREP(GENMASK(2, 0), x) 71#define SE_SHA_OP_START SE_SHA_OP_OP(1) 72#define SE_SHA_OP_RESTART_OUT SE_SHA_OP_OP(2) 73#define SE_SHA_OP_RESTART_IN SE_SHA_OP_OP(4) 74#define SE_SHA_OP_RESTART_INOUT SE_SHA_OP_OP(5) 75#define SE_SHA_OP_DUMMY SE_SHA_OP_OP(6) 76 77#define SE_SHA_CFG_DEC_ALG(x) FIELD_PREP(GENMASK(11, 8), x) 78#define SE_SHA_DEC_ALG_NOP SE_SHA_CFG_DEC_ALG(0) 79#define SE_SHA_DEC_ALG_AES_DEC SE_SHA_CFG_DEC_ALG(1) 80#define SE_SHA_DEC_ALG_HMAC SE_SHA_CFG_DEC_ALG(7) 81#define SE_SHA_DEC_ALG_HMAC_VERIFY SE_SHA_CFG_DEC_ALG(9) 82 83#define SE_SHA_CFG_DST(x) FIELD_PREP(GENMASK(4, 2), x) 84#define SE_SHA_DST_MEMORY SE_SHA_CFG_DST(0) 85#define SE_SHA_DST_HASH_REG SE_SHA_CFG_DST(1) 86#define SE_SHA_DST_KEYTABLE SE_SHA_CFG_DST(2) 87#define SE_SHA_DST_SRK SE_SHA_CFG_DST(3) 88 89#define SE_SHA_TASK_HASH_INIT BIT(0) 90 91/* AES Configuration */ 92#define SE_AES0_CFG 0x1004 93#define SE_AES0_CRYPTO_CONFIG 0x1008 94#define SE_AES0_KEY_DST 0x1030 95#define SE_AES0_OPERATION 0x1038 96#define SE_AES0_LINEAR_CTR 0x101c 97#define SE_AES0_LAST_BLOCK 0x102c 98#define SE_AES0_KEY_ADDR 0x10bc 99#define SE_AES0_KEY_DATA 0x10c0 100#define SE_AES0_CMAC_RESULT 0x10c4 101#define SE_AES0_SRC_KSLT 0x1100 102#define SE_AES0_TGT_KSLT 0x1104 103#define SE_AES0_KEYMANIFEST 0x1114 104#define SE_AES0_AAD_LEN 0x112c 105#define SE_AES0_CRYPTO_MSG_LEN 0x1134 106 107#define SE_AES1_CFG 0x2004 108#define SE_AES1_CRYPTO_CONFIG 0x2008 109#define SE_AES1_KEY_DST 0x2030 110#define SE_AES1_OPERATION 0x2038 111#define SE_AES1_LINEAR_CTR 0x201c 112#define SE_AES1_LAST_BLOCK 0x202c 113#define SE_AES1_KEY_ADDR 0x20bc 114#define SE_AES1_KEY_DATA 0x20c0 115#define SE_AES1_CMAC_RESULT 0x20c4 116#define SE_AES1_SRC_KSLT 0x2100 117#define SE_AES1_TGT_KSLT 0x2104 118#define SE_AES1_KEYMANIFEST 0x2114 119#define SE_AES1_AAD_LEN 0x212c 120#define SE_AES1_CRYPTO_MSG_LEN 0x2134 121 122#define SE_AES_CFG_ENC_MODE(x) FIELD_PREP(GENMASK(31, 24), x) 123#define SE_AES_ENC_MODE_GMAC SE_AES_CFG_ENC_MODE(3) 124#define SE_AES_ENC_MODE_GCM SE_AES_CFG_ENC_MODE(4) 125#define SE_AES_ENC_MODE_GCM_FINAL SE_AES_CFG_ENC_MODE(5) 126#define SE_AES_ENC_MODE_CMAC SE_AES_CFG_ENC_MODE(7) 127#define SE_AES_ENC_MODE_CBC_MAC SE_AES_CFG_ENC_MODE(12) 128 129#define SE_AES_CFG_DEC_MODE(x) FIELD_PREP(GENMASK(23, 16), x) 130#define SE_AES_DEC_MODE_GMAC SE_AES_CFG_DEC_MODE(3) 131#define SE_AES_DEC_MODE_GCM SE_AES_CFG_DEC_MODE(4) 132#define SE_AES_DEC_MODE_GCM_FINAL SE_AES_CFG_DEC_MODE(5) 133#define SE_AES_DEC_MODE_CBC_MAC SE_AES_CFG_DEC_MODE(12) 134 135#define SE_AES_CFG_ENC_ALG(x) FIELD_PREP(GENMASK(15, 12), x) 136#define SE_AES_ENC_ALG_NOP SE_AES_CFG_ENC_ALG(0) 137#define SE_AES_ENC_ALG_AES_ENC SE_AES_CFG_ENC_ALG(1) 138#define SE_AES_ENC_ALG_RNG SE_AES_CFG_ENC_ALG(2) 139#define SE_AES_ENC_ALG_SHA SE_AES_CFG_ENC_ALG(3) 140#define SE_AES_ENC_ALG_HMAC SE_AES_CFG_ENC_ALG(7) 141#define SE_AES_ENC_ALG_KDF SE_AES_CFG_ENC_ALG(8) 142#define SE_AES_ENC_ALG_INS SE_AES_CFG_ENC_ALG(13) 143 144#define SE_AES_CFG_DEC_ALG(x) FIELD_PREP(GENMASK(11, 8), x) 145#define SE_AES_DEC_ALG_NOP SE_AES_CFG_DEC_ALG(0) 146#define SE_AES_DEC_ALG_AES_DEC SE_AES_CFG_DEC_ALG(1) 147 148#define SE_AES_CFG_DST(x) FIELD_PREP(GENMASK(4, 2), x) 149#define SE_AES_DST_MEMORY SE_AES_CFG_DST(0) 150#define SE_AES_DST_HASH_REG SE_AES_CFG_DST(1) 151#define SE_AES_DST_KEYTABLE SE_AES_CFG_DST(2) 152#define SE_AES_DST_SRK SE_AES_CFG_DST(3) 153 154/* AES Crypto Configuration */ 155#define SE_AES_KEY2_INDEX(x) FIELD_PREP(GENMASK(31, 28), x) 156#define SE_AES_KEY_INDEX(x) FIELD_PREP(GENMASK(27, 24), x) 157 158#define SE_AES_CRYPTO_CFG_SCC_DIS FIELD_PREP(BIT(20), 1) 159 160#define SE_AES_CRYPTO_CFG_CTR_CNTN(x) FIELD_PREP(GENMASK(18, 11), x) 161 162#define SE_AES_CRYPTO_CFG_IV_MODE(x) FIELD_PREP(BIT(10), x) 163#define SE_AES_IV_MODE_SWIV SE_AES_CRYPTO_CFG_IV_MODE(0) 164#define SE_AES_IV_MODE_HWIV SE_AES_CRYPTO_CFG_IV_MODE(1) 165 166#define SE_AES_CRYPTO_CFG_CORE_SEL(x) FIELD_PREP(BIT(9), x) 167#define SE_AES_CORE_SEL_DECRYPT SE_AES_CRYPTO_CFG_CORE_SEL(0) 168#define SE_AES_CORE_SEL_ENCRYPT SE_AES_CRYPTO_CFG_CORE_SEL(1) 169 170#define SE_AES_CRYPTO_CFG_IV_SEL(x) FIELD_PREP(GENMASK(8, 7), x) 171#define SE_AES_IV_SEL_UPDATED SE_AES_CRYPTO_CFG_IV_SEL(1) 172#define SE_AES_IV_SEL_REG SE_AES_CRYPTO_CFG_IV_SEL(2) 173#define SE_AES_IV_SEL_RANDOM SE_AES_CRYPTO_CFG_IV_SEL(3) 174 175#define SE_AES_CRYPTO_CFG_VCTRAM_SEL(x) FIELD_PREP(GENMASK(6, 5), x) 176#define SE_AES_VCTRAM_SEL_MEMORY SE_AES_CRYPTO_CFG_VCTRAM_SEL(0) 177#define SE_AES_VCTRAM_SEL_TWEAK SE_AES_CRYPTO_CFG_VCTRAM_SEL(1) 178#define SE_AES_VCTRAM_SEL_AESOUT SE_AES_CRYPTO_CFG_VCTRAM_SEL(2) 179#define SE_AES_VCTRAM_SEL_PREV_MEM SE_AES_CRYPTO_CFG_VCTRAM_SEL(3) 180 181#define SE_AES_CRYPTO_CFG_INPUT_SEL(x) FIELD_PREP(GENMASK(4, 3), x) 182#define SE_AES_INPUT_SEL_MEMORY SE_AES_CRYPTO_CFG_INPUT_SEL(0) 183#define SE_AES_INPUT_SEL_RANDOM SE_AES_CRYPTO_CFG_INPUT_SEL(1) 184#define SE_AES_INPUT_SEL_AESOUT SE_AES_CRYPTO_CFG_INPUT_SEL(2) 185#define SE_AES_INPUT_SEL_LINEAR_CTR SE_AES_CRYPTO_CFG_INPUT_SEL(3) 186#define SE_AES_INPUT_SEL_REG SE_AES_CRYPTO_CFG_INPUT_SEL(1) 187 188#define SE_AES_CRYPTO_CFG_XOR_POS(x) FIELD_PREP(GENMASK(2, 1), x) 189#define SE_AES_XOR_POS_BYPASS SE_AES_CRYPTO_CFG_XOR_POS(0) 190#define SE_AES_XOR_POS_BOTH SE_AES_CRYPTO_CFG_XOR_POS(1) 191#define SE_AES_XOR_POS_TOP SE_AES_CRYPTO_CFG_XOR_POS(2) 192#define SE_AES_XOR_POS_BOTTOM SE_AES_CRYPTO_CFG_XOR_POS(3) 193 194#define SE_AES_CRYPTO_CFG_HASH_EN(x) FIELD_PREP(BIT(0), x) 195#define SE_AES_HASH_DISABLE SE_AES_CRYPTO_CFG_HASH_EN(0) 196#define SE_AES_HASH_ENABLE SE_AES_CRYPTO_CFG_HASH_EN(1) 197 198#define SE_LAST_BLOCK_VAL(x) FIELD_PREP(GENMASK(19, 0), x) 199#define SE_LAST_BLOCK_RES_BITS(x) FIELD_PREP(GENMASK(26, 20), x) 200 201#define SE_AES_OP_LASTBUF FIELD_PREP(BIT(16), 1) 202#define SE_AES_OP_WRSTALL FIELD_PREP(BIT(15), 1) 203#define SE_AES_OP_FINAL FIELD_PREP(BIT(5), 1) 204#define SE_AES_OP_INIT FIELD_PREP(BIT(4), 1) 205 206#define SE_AES_OP_OP(x) FIELD_PREP(GENMASK(2, 0), x) 207#define SE_AES_OP_START SE_AES_OP_OP(1) 208#define SE_AES_OP_RESTART_OUT SE_AES_OP_OP(2) 209#define SE_AES_OP_RESTART_IN SE_AES_OP_OP(4) 210#define SE_AES_OP_RESTART_INOUT SE_AES_OP_OP(5) 211#define SE_AES_OP_DUMMY SE_AES_OP_OP(6) 212 213#define SE_KAC_SIZE(x) FIELD_PREP(GENMASK(15, 14), x) 214#define SE_KAC_SIZE_128 SE_KAC_SIZE(0) 215#define SE_KAC_SIZE_192 SE_KAC_SIZE(1) 216#define SE_KAC_SIZE_256 SE_KAC_SIZE(2) 217 218#define SE_KAC_EXPORTABLE FIELD_PREP(BIT(12), 1) 219 220#define SE_KAC_PURPOSE(x) FIELD_PREP(GENMASK(11, 8), x) 221#define SE_KAC_ENC SE_KAC_PURPOSE(0) 222#define SE_KAC_CMAC SE_KAC_PURPOSE(1) 223#define SE_KAC_HMAC SE_KAC_PURPOSE(2) 224#define SE_KAC_GCM_KW SE_KAC_PURPOSE(3) 225#define SE_KAC_HMAC_KDK SE_KAC_PURPOSE(6) 226#define SE_KAC_HMAC_KDD SE_KAC_PURPOSE(7) 227#define SE_KAC_HMAC_KDD_KUW SE_KAC_PURPOSE(8) 228#define SE_KAC_XTS SE_KAC_PURPOSE(9) 229#define SE_KAC_GCM SE_KAC_PURPOSE(10) 230 231#define SE_KAC_USER_NS FIELD_PREP(GENMASK(6, 4), 3) 232 233#define SE_AES_KEY_DST_INDEX(x) FIELD_PREP(GENMASK(11, 8), x) 234#define SE_ADDR_HI_MSB(x) FIELD_PREP(GENMASK(31, 24), x) 235#define SE_ADDR_HI_SZ(x) FIELD_PREP(GENMASK(23, 0), x) 236 237#define SE_CFG_AES_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \ 238 SE_AES_DEC_ALG_NOP | \ 239 SE_AES_DST_MEMORY) 240 241#define SE_CFG_AES_DECRYPT (SE_AES_ENC_ALG_NOP | \ 242 SE_AES_DEC_ALG_AES_DEC | \ 243 SE_AES_DST_MEMORY) 244 245#define SE_CFG_GMAC_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \ 246 SE_AES_DEC_ALG_NOP | \ 247 SE_AES_ENC_MODE_GMAC | \ 248 SE_AES_DST_MEMORY) 249 250#define SE_CFG_GMAC_DECRYPT (SE_AES_ENC_ALG_NOP | \ 251 SE_AES_DEC_ALG_AES_DEC | \ 252 SE_AES_DEC_MODE_GMAC | \ 253 SE_AES_DST_MEMORY) 254 255#define SE_CFG_GCM_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \ 256 SE_AES_DEC_ALG_NOP | \ 257 SE_AES_ENC_MODE_GCM | \ 258 SE_AES_DST_MEMORY) 259 260#define SE_CFG_GCM_DECRYPT (SE_AES_ENC_ALG_NOP | \ 261 SE_AES_DEC_ALG_AES_DEC | \ 262 SE_AES_DEC_MODE_GCM | \ 263 SE_AES_DST_MEMORY) 264 265#define SE_CFG_GCM_FINAL_ENCRYPT (SE_AES_ENC_ALG_AES_ENC | \ 266 SE_AES_DEC_ALG_NOP | \ 267 SE_AES_ENC_MODE_GCM_FINAL | \ 268 SE_AES_DST_MEMORY) 269 270#define SE_CFG_GCM_FINAL_DECRYPT (SE_AES_ENC_ALG_NOP | \ 271 SE_AES_DEC_ALG_AES_DEC | \ 272 SE_AES_DEC_MODE_GCM_FINAL | \ 273 SE_AES_DST_MEMORY) 274 275#define SE_CFG_CMAC (SE_AES_ENC_ALG_AES_ENC | \ 276 SE_AES_ENC_MODE_CMAC | \ 277 SE_AES_DST_HASH_REG) 278 279#define SE_CFG_CBC_MAC (SE_AES_ENC_ALG_AES_ENC | \ 280 SE_AES_ENC_MODE_CBC_MAC) 281 282#define SE_CFG_INS (SE_AES_ENC_ALG_INS | \ 283 SE_AES_DEC_ALG_NOP) 284 285#define SE_CRYPTO_CFG_ECB_ENCRYPT (SE_AES_INPUT_SEL_MEMORY | \ 286 SE_AES_XOR_POS_BYPASS | \ 287 SE_AES_CORE_SEL_ENCRYPT) 288 289#define SE_CRYPTO_CFG_ECB_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \ 290 SE_AES_XOR_POS_BYPASS | \ 291 SE_AES_CORE_SEL_DECRYPT) 292 293#define SE_CRYPTO_CFG_CBC_ENCRYPT (SE_AES_INPUT_SEL_MEMORY | \ 294 SE_AES_VCTRAM_SEL_AESOUT | \ 295 SE_AES_XOR_POS_TOP | \ 296 SE_AES_CORE_SEL_ENCRYPT | \ 297 SE_AES_IV_SEL_REG) 298 299#define SE_CRYPTO_CFG_CBC_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \ 300 SE_AES_VCTRAM_SEL_PREV_MEM | \ 301 SE_AES_XOR_POS_BOTTOM | \ 302 SE_AES_CORE_SEL_DECRYPT | \ 303 SE_AES_IV_SEL_REG) 304 305#define SE_CRYPTO_CFG_CTR (SE_AES_INPUT_SEL_LINEAR_CTR | \ 306 SE_AES_VCTRAM_SEL_MEMORY | \ 307 SE_AES_XOR_POS_BOTTOM | \ 308 SE_AES_CORE_SEL_ENCRYPT | \ 309 SE_AES_CRYPTO_CFG_CTR_CNTN(1) | \ 310 SE_AES_IV_SEL_REG) 311 312#define SE_CRYPTO_CFG_XTS_ENCRYPT (SE_AES_INPUT_SEL_MEMORY | \ 313 SE_AES_VCTRAM_SEL_TWEAK | \ 314 SE_AES_XOR_POS_BOTH | \ 315 SE_AES_CORE_SEL_ENCRYPT | \ 316 SE_AES_IV_SEL_REG) 317 318#define SE_CRYPTO_CFG_XTS_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \ 319 SE_AES_VCTRAM_SEL_TWEAK | \ 320 SE_AES_XOR_POS_BOTH | \ 321 SE_AES_CORE_SEL_DECRYPT | \ 322 SE_AES_IV_SEL_REG) 323 324#define SE_CRYPTO_CFG_XTS_DECRYPT (SE_AES_INPUT_SEL_MEMORY | \ 325 SE_AES_VCTRAM_SEL_TWEAK | \ 326 SE_AES_XOR_POS_BOTH | \ 327 SE_AES_CORE_SEL_DECRYPT | \ 328 SE_AES_IV_SEL_REG) 329 330#define SE_CRYPTO_CFG_CBC_MAC (SE_AES_INPUT_SEL_MEMORY | \ 331 SE_AES_VCTRAM_SEL_AESOUT | \ 332 SE_AES_XOR_POS_TOP | \ 333 SE_AES_CORE_SEL_ENCRYPT | \ 334 SE_AES_HASH_ENABLE | \ 335 SE_AES_IV_SEL_REG) 336 337#define HASH_RESULT_REG_COUNT 50 338#define CMAC_RESULT_REG_COUNT 4 339 340#define SE_CRYPTO_CTR_REG_COUNT 4 341#define SE_MAX_KEYSLOT 15 342#define SE_MAX_MEM_ALLOC SZ_4M 343#define SE_AES_BUFLEN 0x8000 344#define SE_SHA_BUFLEN 0x2000 345 346#define SHA_FIRST BIT(0) 347#define SHA_UPDATE BIT(1) 348#define SHA_FINAL BIT(2) 349 350/* Security Engine operation modes */ 351enum se_aes_alg { 352 SE_ALG_CBC, /* Cipher Block Chaining (CBC) mode */ 353 SE_ALG_ECB, /* Electronic Codebook (ECB) mode */ 354 SE_ALG_CTR, /* Counter (CTR) mode */ 355 SE_ALG_XTS, /* XTS mode */ 356 SE_ALG_GMAC, /* GMAC mode */ 357 SE_ALG_GCM, /* GCM mode */ 358 SE_ALG_GCM_FINAL, /* GCM FINAL mode */ 359 SE_ALG_CMAC, /* Cipher-based MAC (CMAC) mode */ 360 SE_ALG_CBC_MAC, /* CBC MAC mode */ 361}; 362 363enum se_hash_alg { 364 SE_ALG_RNG_DRBG, /* Deterministic Random Bit Generator */ 365 SE_ALG_SHA1, /* Secure Hash Algorithm-1 (SHA1) mode */ 366 SE_ALG_SHA224, /* Secure Hash Algorithm-224 (SHA224) mode */ 367 SE_ALG_SHA256, /* Secure Hash Algorithm-256 (SHA256) mode */ 368 SE_ALG_SHA384, /* Secure Hash Algorithm-384 (SHA384) mode */ 369 SE_ALG_SHA512, /* Secure Hash Algorithm-512 (SHA512) mode */ 370 SE_ALG_SHA3_224, /* Secure Hash Algorithm3-224 (SHA3-224) mode */ 371 SE_ALG_SHA3_256, /* Secure Hash Algorithm3-256 (SHA3-256) mode */ 372 SE_ALG_SHA3_384, /* Secure Hash Algorithm3-384 (SHA3-384) mode */ 373 SE_ALG_SHA3_512, /* Secure Hash Algorithm3-512 (SHA3-512) mode */ 374 SE_ALG_SHAKE128, /* Secure Hash Algorithm3 (SHAKE128) mode */ 375 SE_ALG_SHAKE256, /* Secure Hash Algorithm3 (SHAKE256) mode */ 376 SE_ALG_HMAC_SHA224, /* Hash based MAC (HMAC) - 224 */ 377 SE_ALG_HMAC_SHA256, /* Hash based MAC (HMAC) - 256 */ 378 SE_ALG_HMAC_SHA384, /* Hash based MAC (HMAC) - 384 */ 379 SE_ALG_HMAC_SHA512, /* Hash based MAC (HMAC) - 512 */ 380}; 381 382struct tegra_se_alg { 383 struct tegra_se *se_dev; 384 const char *alg_base; 385 386 union { 387 struct skcipher_engine_alg skcipher; 388 struct aead_engine_alg aead; 389 struct ahash_engine_alg ahash; 390 } alg; 391}; 392 393struct tegra_se_regs { 394 u32 op; 395 u32 config; 396 u32 last_blk; 397 u32 linear_ctr; 398 u32 out_addr; 399 u32 aad_len; 400 u32 cryp_msg_len; 401 u32 manifest; 402 u32 key_addr; 403 u32 key_data; 404 u32 key_dst; 405 u32 result; 406}; 407 408struct tegra_se_hw { 409 const struct tegra_se_regs *regs; 410 int (*init_alg)(struct tegra_se *se); 411 void (*deinit_alg)(struct tegra_se *se); 412 bool support_sm_alg; 413 u32 host1x_class; 414 u32 kac_ver; 415}; 416 417struct tegra_se { 418 int (*manifest)(u32 user, u32 alg, u32 keylen); 419 const struct tegra_se_hw *hw; 420 struct host1x_client client; 421 struct host1x_channel *channel; 422 struct tegra_se_cmdbuf *cmdbuf; 423 struct crypto_engine *engine; 424 struct host1x_syncpt *syncpt; 425 struct device *dev; 426 struct clk *clk; 427 unsigned int opcode_addr; 428 unsigned int stream_id; 429 unsigned int syncpt_id; 430 void __iomem *base; 431 u32 owner; 432}; 433 434struct tegra_se_cmdbuf { 435 dma_addr_t iova; 436 u32 *addr; 437 struct device *dev; 438 struct kref ref; 439 struct host1x_bo bo; 440 ssize_t size; 441 u32 words; 442}; 443 444struct tegra_se_datbuf { 445 u8 *buf; 446 dma_addr_t addr; 447 ssize_t size; 448}; 449 450static inline int se_algname_to_algid(const char *name) 451{ 452 if (!strcmp(name, "cbc(aes)")) 453 return SE_ALG_CBC; 454 else if (!strcmp(name, "ecb(aes)")) 455 return SE_ALG_ECB; 456 else if (!strcmp(name, "ctr(aes)")) 457 return SE_ALG_CTR; 458 else if (!strcmp(name, "xts(aes)")) 459 return SE_ALG_XTS; 460 else if (!strcmp(name, "cmac(aes)")) 461 return SE_ALG_CMAC; 462 else if (!strcmp(name, "gcm(aes)")) 463 return SE_ALG_GCM; 464 else if (!strcmp(name, "ccm(aes)")) 465 return SE_ALG_CBC_MAC; 466 467 else if (!strcmp(name, "sha1")) 468 return SE_ALG_SHA1; 469 else if (!strcmp(name, "sha224")) 470 return SE_ALG_SHA224; 471 else if (!strcmp(name, "sha256")) 472 return SE_ALG_SHA256; 473 else if (!strcmp(name, "sha384")) 474 return SE_ALG_SHA384; 475 else if (!strcmp(name, "sha512")) 476 return SE_ALG_SHA512; 477 else if (!strcmp(name, "sha3-224")) 478 return SE_ALG_SHA3_224; 479 else if (!strcmp(name, "sha3-256")) 480 return SE_ALG_SHA3_256; 481 else if (!strcmp(name, "sha3-384")) 482 return SE_ALG_SHA3_384; 483 else if (!strcmp(name, "sha3-512")) 484 return SE_ALG_SHA3_512; 485 else if (!strcmp(name, "hmac(sha224)")) 486 return SE_ALG_HMAC_SHA224; 487 else if (!strcmp(name, "hmac(sha256)")) 488 return SE_ALG_HMAC_SHA256; 489 else if (!strcmp(name, "hmac(sha384)")) 490 return SE_ALG_HMAC_SHA384; 491 else if (!strcmp(name, "hmac(sha512)")) 492 return SE_ALG_HMAC_SHA512; 493 else 494 return -EINVAL; 495} 496 497/* Functions */ 498int tegra_init_aes(struct tegra_se *se); 499int tegra_init_hash(struct tegra_se *se); 500void tegra_deinit_aes(struct tegra_se *se); 501void tegra_deinit_hash(struct tegra_se *se); 502int tegra_key_submit(struct tegra_se *se, const u8 *key, 503 u32 keylen, u32 alg, u32 *keyid); 504void tegra_key_invalidate(struct tegra_se *se, u32 keyid, u32 alg); 505int tegra_se_host1x_submit(struct tegra_se *se, u32 size); 506 507/* HOST1x OPCODES */ 508static inline u32 host1x_opcode_setpayload(unsigned int payload) 509{ 510 return (9 << 28) | payload; 511} 512 513static inline u32 host1x_opcode_incr_w(unsigned int offset) 514{ 515 /* 22-bit offset supported */ 516 return (10 << 28) | offset; 517} 518 519static inline u32 host1x_opcode_nonincr_w(unsigned int offset) 520{ 521 /* 22-bit offset supported */ 522 return (11 << 28) | offset; 523} 524 525static inline u32 host1x_opcode_incr(unsigned int offset, unsigned int count) 526{ 527 return (1 << 28) | (offset << 16) | count; 528} 529 530static inline u32 host1x_opcode_nonincr(unsigned int offset, unsigned int count) 531{ 532 return (2 << 28) | (offset << 16) | count; 533} 534 535static inline u32 host1x_uclass_incr_syncpt_cond_f(u32 v) 536{ 537 return (v & 0xff) << 10; 538} 539 540static inline u32 host1x_uclass_incr_syncpt_indx_f(u32 v) 541{ 542 return (v & 0x3ff) << 0; 543} 544 545static inline u32 host1x_uclass_wait_syncpt_r(void) 546{ 547 return 0x8; 548} 549 550static inline u32 host1x_uclass_incr_syncpt_r(void) 551{ 552 return 0x0; 553} 554 555#define se_host1x_opcode_incr_w(x) host1x_opcode_incr_w((x) / 4) 556#define se_host1x_opcode_nonincr_w(x) host1x_opcode_nonincr_w((x) / 4) 557#define se_host1x_opcode_incr(x, y) host1x_opcode_incr((x) / 4, y) 558#define se_host1x_opcode_nonincr(x, y) host1x_opcode_nonincr((x) / 4, y) 559 560#endif /*_TEGRA_SE_H*/ 561