1 /*-
2 * Copyright (c) 2003-2012 Broadcom Corporation
3 * All Rights Reserved
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY BROADCOM ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL BROADCOM OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
23 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
24 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
25 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
26 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 *
28 * $FreeBSD: stable/10/sys/mips/nlm/hal/nlmsaelib.h 233541 2012-03-27 11:43:46Z jchandra $
29 */
30
31 #ifndef _NLM_HAL_CRYPTO_H_
32 #define _NLM_HAL_CRYPTO_H_
33
34 #define SAE_CFG_REG 0x00
35 #define SAE_ENG_SEL_0 0x01
36 #define SAE_ENG_SEL_1 0x02
37 #define SAE_ENG_SEL_2 0x03
38 #define SAE_ENG_SEL_3 0x04
39 #define SAE_ENG_SEL_4 0x05
40 #define SAE_ENG_SEL_5 0x06
41 #define SAE_ENG_SEL_6 0x07
42 #define SAE_ENG_SEL_7 0x08
43
44 #define RSA_CFG_REG 0x00
45 #define RSA_ENG_SEL_0 0x01
46 #define RSA_ENG_SEL_1 0x02
47 #define RSA_ENG_SEL_2 0x03
48
49 #define nlm_read_sec_reg(b, r) nlm_read_reg(b, r)
50 #define nlm_write_sec_reg(b, r, v) nlm_write_reg(b, r, v)
51 #define nlm_get_sec_pcibase(node) nlm_pcicfg_base(XLP_IO_SEC_OFFSET(node))
52 #define nlm_get_sec_regbase(node) \
53 (nlm_get_sec_pcibase(node) + XLP_IO_PCI_HDRSZ)
54
55 #define nlm_read_rsa_reg(b, r) nlm_read_reg(b, r)
56 #define nlm_write_rsa_reg(b, r, v) nlm_write_reg(b, r, v)
57 #define nlm_get_rsa_pcibase(node) nlm_pcicfg_base(XLP_IO_RSA_OFFSET(node))
58 #define nlm_get_rsa_regbase(node) \
59 (nlm_get_rsa_pcibase(node) + XLP_IO_PCI_HDRSZ)
60
61 #define nlm_pcibase_sec(node) nlm_pcicfg_base(XLP_IO_SEC_OFFSET(node))
62 #define nlm_qidstart_sec(node) nlm_qidstart_kseg(nlm_pcibase_sec(node))
63 #define nlm_qnum_sec(node) nlm_qnum_kseg(nlm_pcibase_sec(node))
64
65 /*
66 * Since buffer allocation for crypto at kernel is done as malloc, each
67 * segment size is given as page size which is 4K by default
68 */
69 #define NLM_CRYPTO_MAX_SEG_LEN PAGE_SIZE
70
71 #define MAX_KEY_LEN_IN_DW 20
72
73 #define left_shift64(x, bitshift, numofbits) \
74 ((uint64_t)(x) << (bitshift))
75
76 #define left_shift64_mask(x, bitshift, numofbits) \
77 (((uint64_t)(x) & ((1ULL << (numofbits)) - 1)) << (bitshift))
78
79 /**
80 * @brief cipher algorithms
81 * @ingroup crypto
82 */
83 enum nlm_cipher_algo {
84 NLM_CIPHER_BYPASS = 0,
85 NLM_CIPHER_DES = 1,
86 NLM_CIPHER_3DES = 2,
87 NLM_CIPHER_AES128 = 3,
88 NLM_CIPHER_AES192 = 4,
89 NLM_CIPHER_AES256 = 5,
90 NLM_CIPHER_ARC4 = 6,
91 NLM_CIPHER_KASUMI_F8 = 7,
92 NLM_CIPHER_SNOW3G_F8 = 8,
93 NLM_CIPHER_CAMELLIA128 = 9,
94 NLM_CIPHER_CAMELLIA192 = 0xA,
95 NLM_CIPHER_CAMELLIA256 = 0xB,
96 NLM_CIPHER_MAX = 0xC,
97 };
98
99 /**
100 * @brief cipher modes
101 * @ingroup crypto
102 */
103 enum nlm_cipher_mode {
104 NLM_CIPHER_MODE_ECB = 0,
105 NLM_CIPHER_MODE_CBC = 1,
106 NLM_CIPHER_MODE_CFB = 2,
107 NLM_CIPHER_MODE_OFB = 3,
108 NLM_CIPHER_MODE_CTR = 4,
109 NLM_CIPHER_MODE_AES_F8 = 5,
110 NLM_CIPHER_MODE_GCM = 6,
111 NLM_CIPHER_MODE_CCM = 7,
112 NLM_CIPHER_MODE_UNDEFINED1 = 8,
113 NLM_CIPHER_MODE_UNDEFINED2 = 9,
114 NLM_CIPHER_MODE_LRW = 0xA,
115 NLM_CIPHER_MODE_XTS = 0xB,
116 NLM_CIPHER_MODE_MAX = 0xC,
117 };
118
119 /**
120 * @brief hash algorithms
121 * @ingroup crypto
122 */
123 enum nlm_hash_algo {
124 NLM_HASH_BYPASS = 0,
125 NLM_HASH_MD5 = 1,
126 NLM_HASH_SHA = 2,
127 NLM_HASH_UNDEFINED = 3,
128 NLM_HASH_AES128 = 4,
129 NLM_HASH_AES192 = 5,
130 NLM_HASH_AES256 = 6,
131 NLM_HASH_KASUMI_F9 = 7,
132 NLM_HASH_SNOW3G_F9 = 8,
133 NLM_HASH_CAMELLIA128 = 9,
134 NLM_HASH_CAMELLIA192 = 0xA,
135 NLM_HASH_CAMELLIA256 = 0xB,
136 NLM_HASH_GHASH = 0xC,
137 NLM_HASH_MAX = 0xD
138 };
139
140 /**
141 * @brief hash modes
142 * @ingroup crypto
143 */
144 enum nlm_hash_mode {
145 NLM_HASH_MODE_SHA1 = 0, /* Only SHA */
146 NLM_HASH_MODE_SHA224 = 1, /* Only SHA */
147 NLM_HASH_MODE_SHA256 = 2, /* Only SHA */
148 NLM_HASH_MODE_SHA384 = 3, /* Only SHA */
149 NLM_HASH_MODE_SHA512 = 4, /* Only SHA */
150 NLM_HASH_MODE_CMAC = 5, /* AES and Camellia */
151 NLM_HASH_MODE_XCBC = 6, /* AES and Camellia */
152 NLM_HASH_MODE_CBC_MAC = 7, /* AES and Camellia */
153 NLM_HASH_MODE_CCM = 8, /* AES */
154 NLM_HASH_MODE_GCM = 9, /* AES */
155 NLM_HASH_MODE_MAX = 0xA,
156 };
157
158 /**
159 * @brief crypto control descriptor, should be cache aligned
160 * @ingroup crypto
161 */
162 struct nlm_crypto_pkt_ctrl {
163 uint64_t desc0;
164 /* combination of cipher and hash keys */
165 uint64_t key[MAX_KEY_LEN_IN_DW];
166 uint32_t cipherkeylen;
167 uint32_t hashkeylen;
168 uint32_t taglen;
169 };
170
171 /**
172 * @brief crypto packet descriptor, should be cache aligned
173 * @ingroup crypto
174 */
175 struct nlm_crypto_pkt_param {
176 uint64_t desc0;
177 uint64_t desc1;
178 uint64_t desc2;
179 uint64_t desc3;
180 uint64_t segment[1][2];
181 };
182
183 static __inline__ uint64_t
nlm_crypto_form_rsa_ecc_fmn_entry0(unsigned int l3alloc,unsigned int type,unsigned int func,uint64_t srcaddr)184 nlm_crypto_form_rsa_ecc_fmn_entry0(unsigned int l3alloc, unsigned int type,
185 unsigned int func, uint64_t srcaddr)
186 {
187 return (left_shift64(l3alloc, 61, 1) |
188 left_shift64(type, 46, 7) |
189 left_shift64(func, 40, 6) |
190 left_shift64(srcaddr, 0, 40));
191 }
192
193 static __inline__ uint64_t
nlm_crypto_form_rsa_ecc_fmn_entry1(unsigned int dstclobber,unsigned int l3alloc,unsigned int fbvc,uint64_t dstaddr)194 nlm_crypto_form_rsa_ecc_fmn_entry1(unsigned int dstclobber,
195 unsigned int l3alloc, unsigned int fbvc, uint64_t dstaddr)
196 {
197 return (left_shift64(dstclobber, 62, 1) |
198 left_shift64(l3alloc, 61, 1) |
199 left_shift64(fbvc, 40, 12) |
200 left_shift64(dstaddr, 0, 40));
201 }
202
203 /**
204 * @brief Generate cypto control descriptor
205 * @ingroup crypto
206 * hmac : 1 for hash with hmac
207 * hashalg, see hash_alg enums
208 * hashmode, see hash_mode enums
209 * cipherhalg, see cipher_alg enums
210 * ciphermode, see cipher_mode enums
211 * arc4_cipherkeylen : length of arc4 cipher key, 0 is interpreted as 32
212 * arc4_keyinit :
213 * cfbmask : cipher text for feedback,
214 * 0(1 bit), 1(2 bits), 2(4 bits), 3(8 bits), 4(16bits), 5(32 bits),
215 * 6(64 bits), 7(128 bits)
216 */
217 static __inline__ uint64_t
nlm_crypto_form_pkt_ctrl_desc(unsigned int hmac,unsigned int hashalg,unsigned int hashmode,unsigned int cipheralg,unsigned int ciphermode,unsigned int arc4_cipherkeylen,unsigned int arc4_keyinit,unsigned int cfbmask)218 nlm_crypto_form_pkt_ctrl_desc(unsigned int hmac, unsigned int hashalg,
219 unsigned int hashmode, unsigned int cipheralg, unsigned int ciphermode,
220 unsigned int arc4_cipherkeylen, unsigned int arc4_keyinit,
221 unsigned int cfbmask)
222 {
223 return (left_shift64(hmac, 61, 1) |
224 left_shift64(hashalg, 52, 8) |
225 left_shift64(hashmode, 43, 8) |
226 left_shift64(cipheralg, 34, 8) |
227 left_shift64(ciphermode, 25, 8) |
228 left_shift64(arc4_cipherkeylen, 18, 5) |
229 left_shift64(arc4_keyinit, 17, 1) |
230 left_shift64(cfbmask, 0, 3));
231 }
232 /**
233 * @brief Generate cypto packet descriptor 0
234 * @ingroup crypto
235 * tls : 1 (tls enabled) 0(tls disabled)
236 * hash_source : 1 (encrypted data is sent to the auth engine)
237 * 0 (plain data is sent to the auth engine)
238 * hashout_l3alloc : 1 (auth output is transited through l3 cache)
239 * encrypt : 1 (for encrypt) 0 (for decrypt)
240 * ivlen : iv length in bytes
241 * hashdst_addr : hash out physical address, byte aligned
242 */
243 static __inline__ uint64_t
nlm_crypto_form_pkt_desc0(unsigned int tls,unsigned int hash_source,unsigned int hashout_l3alloc,unsigned int encrypt,unsigned int ivlen,uint64_t hashdst_addr)244 nlm_crypto_form_pkt_desc0(unsigned int tls, unsigned int hash_source,
245 unsigned int hashout_l3alloc, unsigned int encrypt, unsigned int ivlen,
246 uint64_t hashdst_addr)
247 {
248 return (left_shift64(tls, 63, 1) |
249 left_shift64(hash_source, 62, 1) |
250 left_shift64(hashout_l3alloc, 60, 1) |
251 left_shift64(encrypt, 59, 1) |
252 left_shift64_mask((ivlen - 1), 41, 16) |
253 left_shift64(hashdst_addr, 0, 40));
254 }
255
256 /**
257 * @brief Generate cypto packet descriptor 1
258 * @ingroup crypto
259 * cipherlen : cipher length in bytes
260 * hashlen : hash length in bytes
261 */
262 static __inline__ uint64_t
nlm_crypto_form_pkt_desc1(unsigned int cipherlen,unsigned int hashlen)263 nlm_crypto_form_pkt_desc1(unsigned int cipherlen, unsigned int hashlen)
264 {
265 return (left_shift64_mask((cipherlen - 1), 32, 32) |
266 left_shift64_mask((hashlen - 1), 0, 32));
267 }
268
269 /**
270 * @brief Generate cypto packet descriptor 2
271 * @ingroup crypto
272 * ivoff : iv offset, offset from start of src data addr
273 * ciperbit_cnt : number of valid bits in the last input byte to the cipher,
274 * 0 (8 bits), 1 (1 bit)..7 (7 bits)
275 * cipheroff : cipher offset, offset from start of src data addr
276 * hashbit_cnt : number of valid bits in the last input byte to the auth
277 * 0 (8 bits), 1 (1 bit)..7 (7 bits)
278 * hashclobber : 1 (hash output will be written as multiples of cachelines, no
279 * read modify write)
280 * hashoff : hash offset, offset from start of src data addr
281 */
282
283 static __inline__ uint64_t
nlm_crypto_form_pkt_desc2(unsigned int ivoff,unsigned int cipherbit_cnt,unsigned int cipheroff,unsigned int hashbit_cnt,unsigned int hashclobber,unsigned int hashoff)284 nlm_crypto_form_pkt_desc2(unsigned int ivoff, unsigned int cipherbit_cnt,
285 unsigned int cipheroff, unsigned int hashbit_cnt, unsigned int hashclobber,
286 unsigned int hashoff)
287 {
288 return (left_shift64(ivoff , 45, 16) |
289 left_shift64(cipherbit_cnt, 42, 3) |
290 left_shift64(cipheroff, 22, 16) |
291 left_shift64(hashbit_cnt, 19, 3) |
292 left_shift64(hashclobber, 18, 1) |
293 left_shift64(hashoff, 0, 16));
294 }
295
296 /**
297 * @brief Generate cypto packet descriptor 3
298 * @ingroup crypto
299 * designer_vc : designer freeback fmn destination id
300 * taglen : length in bits of the tag generated by the auth engine
301 * md5 (128 bits), sha1 (160), sha224 (224), sha384 (384),
302 * sha512 (512), Kasumi (32), snow3g (32), gcm (128)
303 * hmacpad : 1 if hmac padding is already done
304 */
305 static __inline__ uint64_t
nlm_crypto_form_pkt_desc3(unsigned int designer_vc,unsigned int taglen,unsigned int arc4_state_save_l3,unsigned int arc4_save_state,unsigned int hmacpad)306 nlm_crypto_form_pkt_desc3(unsigned int designer_vc, unsigned int taglen,
307 unsigned int arc4_state_save_l3, unsigned int arc4_save_state,
308 unsigned int hmacpad)
309 {
310 return (left_shift64(designer_vc, 48, 16) |
311 left_shift64(taglen, 11, 16) |
312 left_shift64(arc4_state_save_l3, 8, 1) |
313 left_shift64(arc4_save_state, 6, 1) |
314 left_shift64(hmacpad, 5, 1));
315 }
316
317 /**
318 * @brief Generate cypto packet descriptor 4
319 * @ingroup crypto
320 * srcfraglen : length of the source fragment(header + data + tail) in bytes
321 * srcfragaddr : physical address of the srouce fragment
322 */
323 static __inline__ uint64_t
nlm_crypto_form_pkt_desc4(uint64_t srcfraglen,unsigned int srcfragaddr)324 nlm_crypto_form_pkt_desc4(uint64_t srcfraglen,
325 unsigned int srcfragaddr )
326 {
327 return (left_shift64_mask((srcfraglen - 1), 48, 16) |
328 left_shift64(srcfragaddr, 0, 40));
329 }
330
331 /**
332 * @brief Generate cypto packet descriptor 5
333 * @ingroup crypto
334 * dstfraglen : length of the dst fragment(header + data + tail) in bytes
335 * chipherout_l3alloc : 1(cipher output is transited through l3 cache)
336 * cipherclobber : 1 (cipher output will be written as multiples of cachelines,
337 * no read modify write)
338 * chiperdst_addr : physical address of the cipher destination address
339 */
340 static __inline__ uint64_t
nlm_crypto_form_pkt_desc5(unsigned int dstfraglen,unsigned int cipherout_l3alloc,unsigned int cipherclobber,uint64_t cipherdst_addr)341 nlm_crypto_form_pkt_desc5(unsigned int dstfraglen,
342 unsigned int cipherout_l3alloc, unsigned int cipherclobber,
343 uint64_t cipherdst_addr)
344
345 {
346 return (left_shift64_mask((dstfraglen - 1), 48, 16) |
347 left_shift64(cipherout_l3alloc, 46, 1) |
348 left_shift64(cipherclobber, 41, 1) |
349 left_shift64(cipherdst_addr, 0, 40));
350 }
351
352 /**
353 * @brief Generate crypto packet fmn message entry 0
354 * @ingroup crypto
355 * freeback_vc: freeback response destination address
356 * designer_fblen : Designer freeback length, 1 - 4
357 * designerdesc_valid : designer desc valid or not
358 * cipher_keylen : cipher key length in bytes
359 * ctrldesc_addr : physicall address of the control descriptor
360 */
361 static __inline__ uint64_t
nlm_crypto_form_pkt_fmn_entry0(unsigned int freeback_vc,unsigned int designer_fblen,unsigned int designerdesc_valid,unsigned int cipher_keylen,uint64_t cntldesc_addr)362 nlm_crypto_form_pkt_fmn_entry0(unsigned int freeback_vc,
363 unsigned int designer_fblen, unsigned int designerdesc_valid,
364 unsigned int cipher_keylen, uint64_t cntldesc_addr)
365 {
366 return (left_shift64(freeback_vc, 48, 16) |
367 left_shift64_mask(designer_fblen - 1, 46, 2) |
368 left_shift64(designerdesc_valid, 45, 1) |
369 left_shift64_mask(((cipher_keylen + 7) >> 3), 40, 5) |
370 left_shift64(cntldesc_addr >> 6, 0, 34));
371 }
372
373 /**
374 * @brief Generate crypto packet fmn message entry 1
375 * @ingroup crypto
376 * arc4load_state : 1 if load state required 0 otherwise
377 * hash_keylen : hash key length in bytes
378 * pktdesc_size : packet descriptor size in bytes
379 * pktdesc_addr : physicall address of the packet descriptor
380 */
381 static __inline__ uint64_t
nlm_crypto_form_pkt_fmn_entry1(unsigned int arc4load_state,unsigned int hash_keylen,unsigned int pktdesc_size,uint64_t pktdesc_addr)382 nlm_crypto_form_pkt_fmn_entry1(unsigned int arc4load_state,
383 unsigned int hash_keylen, unsigned int pktdesc_size,
384 uint64_t pktdesc_addr)
385 {
386 return (left_shift64(arc4load_state, 63, 1) |
387 left_shift64_mask(((hash_keylen + 7) >> 3), 56, 5) |
388 left_shift64_mask(((pktdesc_size >> 4) - 1), 43, 12) |
389 left_shift64(pktdesc_addr >> 6, 0, 34));
390 }
391
392 static __inline__ int
nlm_crypto_get_hklen_taglen(enum nlm_hash_algo hashalg,enum nlm_hash_mode hashmode,unsigned int * taglen,unsigned int * hklen)393 nlm_crypto_get_hklen_taglen(enum nlm_hash_algo hashalg,
394 enum nlm_hash_mode hashmode, unsigned int *taglen, unsigned int *hklen)
395 {
396 if (hashalg == NLM_HASH_MD5) {
397 *taglen = 128;
398 *hklen = 64;
399 } else if (hashalg == NLM_HASH_SHA) {
400 switch (hashmode) {
401 case NLM_HASH_MODE_SHA1:
402 *taglen = 160;
403 *hklen = 64;
404 break;
405 case NLM_HASH_MODE_SHA224:
406 *taglen = 224;
407 *hklen = 64;
408 break;
409 case NLM_HASH_MODE_SHA256:
410 *taglen = 256;
411 *hklen = 64;
412 break;
413 case NLM_HASH_MODE_SHA384:
414 *taglen = 384;
415 *hklen = 128;
416 break;
417 case NLM_HASH_MODE_SHA512:
418 *taglen = 512;
419 *hklen = 128;
420 break;
421 default:
422 printf("Error : invalid shaid (%s)\n", __func__);
423 return (-1);
424 }
425 } else if (hashalg == NLM_HASH_KASUMI_F9) {
426 *taglen = 32;
427 *hklen = 0;
428 } else if (hashalg == NLM_HASH_SNOW3G_F9) {
429 *taglen = 32;
430 *hklen = 0;
431 } else if (hashmode == NLM_HASH_MODE_XCBC) {
432 *taglen = 128;
433 *hklen = 0;
434 } else if (hashmode == NLM_HASH_MODE_GCM) {
435 *taglen = 128;
436 *hklen = 0;
437 } else if (hashalg == NLM_HASH_BYPASS) {
438 *taglen = 0;
439 *hklen = 0;
440 } else {
441 printf("Error:Hash alg/mode not found\n");
442 return (-1);
443 }
444
445 /* TODO : Add remaining cases */
446 return (0);
447 }
448
449 /**
450 * @brief Generate fill cryto control info structure
451 * @ingroup crypto
452 * hmac : 1 for hash with hmac
453 * hashalg: see above, hash_alg enums
454 * hashmode: see above, hash_mode enums
455 * cipherhalg: see above, cipher_alg enums
456 * ciphermode: see above, cipher_mode enums
457 *
458 */
459 static __inline__ int
nlm_crypto_fill_pkt_ctrl(struct nlm_crypto_pkt_ctrl * ctrl,unsigned int hmac,enum nlm_hash_algo hashalg,enum nlm_hash_mode hashmode,enum nlm_cipher_algo cipheralg,enum nlm_cipher_mode ciphermode,unsigned char * cipherkey,unsigned int cipherkeylen,unsigned char * hashkey,unsigned int hashkeylen)460 nlm_crypto_fill_pkt_ctrl(struct nlm_crypto_pkt_ctrl *ctrl, unsigned int hmac,
461 enum nlm_hash_algo hashalg, enum nlm_hash_mode hashmode,
462 enum nlm_cipher_algo cipheralg, enum nlm_cipher_mode ciphermode,
463 unsigned char *cipherkey, unsigned int cipherkeylen,
464 unsigned char *hashkey, unsigned int hashkeylen)
465 {
466 unsigned int taglen = 0, hklen = 0;
467
468 ctrl->desc0 = nlm_crypto_form_pkt_ctrl_desc(hmac, hashalg, hashmode,
469 cipheralg, ciphermode, 0, 0, 0);
470 memset(ctrl->key, 0, sizeof(ctrl->key));
471 if (cipherkey)
472 memcpy(ctrl->key, cipherkey, cipherkeylen);
473 if (hashkey)
474 memcpy((unsigned char *)&ctrl->key[(cipherkeylen + 7) / 8],
475 hashkey, hashkeylen);
476 if (nlm_crypto_get_hklen_taglen(hashalg, hashmode, &taglen, &hklen)
477 < 0)
478 return (-1);
479
480 ctrl->cipherkeylen = cipherkeylen;
481 ctrl->hashkeylen = hklen;
482 ctrl->taglen = taglen;
483
484 /* TODO : add the invalid checks and return error */
485 return (0);
486 }
487
488 /**
489 * @brief Top level function for generation pkt desc 0 to 3 for cipher auth
490 * @ingroup crypto
491 * ctrl : pointer to control structure
492 * param : pointer to the param structure
493 * encrypt : 1(for encrypt) 0(for decrypt)
494 * hash_source : 1(encrypted data is sent to the auth engine) 0(plain data is
495 * sent to the auth engine)
496 * ivoff : iv offset from start of data
497 * ivlen : iv length in bytes
498 * hashoff : hash offset from start of data
499 * hashlen : hash length in bytes
500 * hmacpad : hmac padding required or not, 1 if already padded
501 * cipheroff : cipher offset from start of data
502 * cipherlen : cipher length in bytes
503 * hashdst_addr : hash destination physical address
504 */
505 static __inline__ void
nlm_crypto_fill_cipher_auth_pkt_param(struct nlm_crypto_pkt_ctrl * ctrl,struct nlm_crypto_pkt_param * param,unsigned int encrypt,unsigned int hash_source,unsigned int ivoff,unsigned int ivlen,unsigned int hashoff,unsigned int hashlen,unsigned int hmacpad,unsigned int cipheroff,unsigned int cipherlen,unsigned char * hashdst_addr)506 nlm_crypto_fill_cipher_auth_pkt_param(struct nlm_crypto_pkt_ctrl *ctrl,
507 struct nlm_crypto_pkt_param *param, unsigned int encrypt,
508 unsigned int hash_source, unsigned int ivoff, unsigned int ivlen,
509 unsigned int hashoff, unsigned int hashlen, unsigned int hmacpad,
510 unsigned int cipheroff, unsigned int cipherlen, unsigned char *hashdst_addr)
511 {
512 param->desc0 = nlm_crypto_form_pkt_desc0(0, hash_source, 1, encrypt,
513 ivlen, vtophys(hashdst_addr));
514 param->desc1 = nlm_crypto_form_pkt_desc1(cipherlen, hashlen);
515 param->desc2 = nlm_crypto_form_pkt_desc2(ivoff, 0, cipheroff, 0, 0,
516 hashoff);
517 param->desc3 = nlm_crypto_form_pkt_desc3(0, ctrl->taglen, 0, 0,
518 hmacpad);
519 }
520
521 /**
522 * @brief Top level function for generation pkt desc 0 to 3 for cipher operation
523 * @ingroup crypto
524 * ctrl : pointer to control structure
525 * param : pointer to the param structure
526 * encrypt : 1(for encrypt) 0(for decrypt)
527 * ivoff : iv offset from start of data
528 * ivlen : iv length in bytes
529 * cipheroff : cipher offset from start of data
530 * cipherlen : cipher length in bytes
531 */
532
533
534 static __inline__ void
nlm_crypto_fill_cipher_pkt_param(struct nlm_crypto_pkt_ctrl * ctrl,struct nlm_crypto_pkt_param * param,unsigned int encrypt,unsigned int ivoff,unsigned int ivlen,unsigned int cipheroff,unsigned int cipherlen)535 nlm_crypto_fill_cipher_pkt_param(struct nlm_crypto_pkt_ctrl *ctrl,
536 struct nlm_crypto_pkt_param *param, unsigned int encrypt,
537 unsigned int ivoff, unsigned int ivlen, unsigned int cipheroff,
538 unsigned int cipherlen)
539 {
540 param->desc0 = nlm_crypto_form_pkt_desc0(0, 0, 0, encrypt, ivlen, 0ULL);
541 param->desc1 = nlm_crypto_form_pkt_desc1(cipherlen, 1);
542 param->desc2 = nlm_crypto_form_pkt_desc2(ivoff, 0, cipheroff, 0, 0, 0);
543 param->desc3 = nlm_crypto_form_pkt_desc3(0, ctrl->taglen, 0, 0, 0);
544 }
545
546 /**
547 * @brief Top level function for generation pkt desc 0 to 3 for auth operation
548 * @ingroup crypto
549 * ctrl : pointer to control structure
550 * param : pointer to the param structure
551 * hashoff : hash offset from start of data
552 * hashlen : hash length in bytes
553 * hmacpad : hmac padding required or not, 1 if already padded
554 * hashdst_addr : hash destination physical address
555 */
556 static __inline__ void
nlm_crypto_fill_auth_pkt_param(struct nlm_crypto_pkt_ctrl * ctrl,struct nlm_crypto_pkt_param * param,unsigned int hashoff,unsigned int hashlen,unsigned int hmacpad,unsigned char * hashdst_addr)557 nlm_crypto_fill_auth_pkt_param(struct nlm_crypto_pkt_ctrl *ctrl,
558 struct nlm_crypto_pkt_param *param, unsigned int hashoff,
559 unsigned int hashlen, unsigned int hmacpad, unsigned char *hashdst_addr)
560 {
561 param->desc0 = nlm_crypto_form_pkt_desc0(0, 0, 1, 0, 1,
562 vtophys(hashdst_addr));
563 param->desc1 = nlm_crypto_form_pkt_desc1(1, hashlen);
564 param->desc2 = nlm_crypto_form_pkt_desc2(0, 0, 0, 0, 0, hashoff);
565 param->desc3 = nlm_crypto_form_pkt_desc3(0, ctrl->taglen, 0, 0,
566 hmacpad);
567 }
568
569 static __inline__ unsigned int
nlm_crypto_fill_src_seg(struct nlm_crypto_pkt_param * param,int seg,unsigned char * input,unsigned int inlen)570 nlm_crypto_fill_src_seg(struct nlm_crypto_pkt_param *param, int seg,
571 unsigned char *input, unsigned int inlen)
572 {
573 unsigned off = 0, len = 0;
574 unsigned int remlen = inlen;
575
576 for (; remlen > 0;) {
577 len = remlen > NLM_CRYPTO_MAX_SEG_LEN ?
578 NLM_CRYPTO_MAX_SEG_LEN : remlen;
579 param->segment[seg][0] = nlm_crypto_form_pkt_desc4(len,
580 vtophys(input + off));
581 remlen -= len;
582 off += len;
583 seg++;
584 }
585 return (seg);
586 }
587
588 static __inline__ unsigned int
nlm_crypto_fill_dst_seg(struct nlm_crypto_pkt_param * param,int seg,unsigned char * output,unsigned int outlen)589 nlm_crypto_fill_dst_seg(struct nlm_crypto_pkt_param *param,
590 int seg, unsigned char *output, unsigned int outlen)
591 {
592 unsigned off = 0, len = 0;
593 unsigned int remlen = outlen;
594
595 for (; remlen > 0;) {
596 len = remlen > NLM_CRYPTO_MAX_SEG_LEN ?
597 NLM_CRYPTO_MAX_SEG_LEN : remlen;
598 param->segment[seg][1] = nlm_crypto_form_pkt_desc5(len, 1, 0,
599 vtophys(output + off));
600 remlen -= len;
601 off += len;
602 seg++;
603 }
604 return (seg);
605 }
606
607 #endif
608