1 // SPDX-License-Identifier: GPL-2.0+
3 * Shared descriptors for aead, skcipher algorithms
5 * Copyright 2016-2019 NXP
9 #include "desc_constr.h"
10 #include "caamalg_desc.h"
13 * For aead functions, read payload and write payload,
14 * both of which are specified in req->src and req->dst
16 static inline void aead_append_src_dst(u32
*desc
, u32 msg_type
)
18 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
| KEY_VLF
);
19 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_BOTH
|
20 KEY_VLF
| msg_type
| FIFOLD_TYPE_LASTBOTH
);
23 /* Set DK bit in class 1 operation if shared */
24 static inline void append_dec_op1(u32
*desc
, u32 type
)
26 u32
*jump_cmd
, *uncond_jump_cmd
;
28 /* DK bit is valid only for AES */
29 if ((type
& OP_ALG_ALGSEL_MASK
) != OP_ALG_ALGSEL_AES
) {
30 append_operation(desc
, type
| OP_ALG_AS_INITFINAL
|
35 jump_cmd
= append_jump(desc
, JUMP_TEST_ALL
| JUMP_COND_SHRD
);
36 append_operation(desc
, type
| OP_ALG_AS_INIT
| OP_ALG_DECRYPT
);
37 uncond_jump_cmd
= append_jump(desc
, JUMP_TEST_ALL
);
38 set_jump_tgt_here(desc
, jump_cmd
);
39 append_operation(desc
, type
| OP_ALG_AS_INIT
| OP_ALG_DECRYPT
|
41 set_jump_tgt_here(desc
, uncond_jump_cmd
);
45 * cnstr_shdsc_aead_null_encap - IPSec ESP encapsulation shared descriptor
46 * (non-protocol) with no (null) encryption.
47 * @desc: pointer to buffer used for descriptor construction
48 * @adata: pointer to authentication transform definitions.
49 * A split key is required for SEC Era < 6; the size of the split key
50 * is specified in this case. Valid algorithm values - one of
51 * OP_ALG_ALGSEL_{MD5, SHA1, SHA224, SHA256, SHA384, SHA512} ANDed
52 * with OP_ALG_AAI_HMAC_PRECOMP.
53 * @icvsize: integrity check value (ICV) size (truncated or full)
56 void cnstr_shdsc_aead_null_encap(u32
* const desc
, struct alginfo
*adata
,
57 unsigned int icvsize
, int era
)
59 u32
*key_jump_cmd
, *read_move_cmd
, *write_move_cmd
;
61 init_sh_desc(desc
, HDR_SHARE_SERIAL
);
63 /* Skip if already shared */
64 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
67 if (adata
->key_inline
)
68 append_key_as_imm(desc
, adata
->key_virt
,
69 adata
->keylen_pad
, adata
->keylen
,
70 CLASS_2
| KEY_DEST_MDHA_SPLIT
|
73 append_key(desc
, adata
->key_dma
, adata
->keylen
,
74 CLASS_2
| KEY_DEST_MDHA_SPLIT
| KEY_ENC
);
76 append_proto_dkp(desc
, adata
);
78 set_jump_tgt_here(desc
, key_jump_cmd
);
80 /* assoclen + cryptlen = seqinlen */
81 append_math_sub(desc
, REG3
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
83 /* Prepare to read and write cryptlen + assoclen bytes */
84 append_math_add(desc
, VARSEQINLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
85 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
88 * MOVE_LEN opcode is not available in all SEC HW revisions,
89 * thus need to do some magic, i.e. self-patch the descriptor
92 read_move_cmd
= append_move(desc
, MOVE_SRC_DESCBUF
|
94 (0x6 << MOVE_LEN_SHIFT
));
95 write_move_cmd
= append_move(desc
, MOVE_SRC_MATH3
|
98 (0x8 << MOVE_LEN_SHIFT
));
100 /* Class 2 operation */
101 append_operation(desc
, adata
->algtype
| OP_ALG_AS_INITFINAL
|
104 /* Read and write cryptlen bytes */
105 aead_append_src_dst(desc
, FIFOLD_TYPE_MSG
| FIFOLD_TYPE_FLUSH1
);
107 set_move_tgt_here(desc
, read_move_cmd
);
108 set_move_tgt_here(desc
, write_move_cmd
);
109 append_cmd(desc
, CMD_LOAD
| DISABLE_AUTO_INFO_FIFO
);
110 append_move(desc
, MOVE_SRC_INFIFO_CL
| MOVE_DEST_OUTFIFO
|
114 append_seq_store(desc
, icvsize
, LDST_CLASS_2_CCB
|
115 LDST_SRCDST_BYTE_CONTEXT
);
117 print_hex_dump_debug("aead null enc shdesc@" __stringify(__LINE__
)": ",
118 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
121 EXPORT_SYMBOL(cnstr_shdsc_aead_null_encap
);
124 * cnstr_shdsc_aead_null_decap - IPSec ESP decapsulation shared descriptor
125 * (non-protocol) with no (null) decryption.
126 * @desc: pointer to buffer used for descriptor construction
127 * @adata: pointer to authentication transform definitions.
128 * A split key is required for SEC Era < 6; the size of the split key
129 * is specified in this case. Valid algorithm values - one of
130 * OP_ALG_ALGSEL_{MD5, SHA1, SHA224, SHA256, SHA384, SHA512} ANDed
131 * with OP_ALG_AAI_HMAC_PRECOMP.
132 * @icvsize: integrity check value (ICV) size (truncated or full)
135 void cnstr_shdsc_aead_null_decap(u32
* const desc
, struct alginfo
*adata
,
136 unsigned int icvsize
, int era
)
138 u32
*key_jump_cmd
, *read_move_cmd
, *write_move_cmd
, *jump_cmd
;
140 init_sh_desc(desc
, HDR_SHARE_SERIAL
);
142 /* Skip if already shared */
143 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
146 if (adata
->key_inline
)
147 append_key_as_imm(desc
, adata
->key_virt
,
148 adata
->keylen_pad
, adata
->keylen
,
149 CLASS_2
| KEY_DEST_MDHA_SPLIT
|
152 append_key(desc
, adata
->key_dma
, adata
->keylen
,
153 CLASS_2
| KEY_DEST_MDHA_SPLIT
| KEY_ENC
);
155 append_proto_dkp(desc
, adata
);
157 set_jump_tgt_here(desc
, key_jump_cmd
);
159 /* Class 2 operation */
160 append_operation(desc
, adata
->algtype
| OP_ALG_AS_INITFINAL
|
161 OP_ALG_DECRYPT
| OP_ALG_ICV_ON
);
163 /* assoclen + cryptlen = seqoutlen */
164 append_math_sub(desc
, REG2
, SEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
166 /* Prepare to read and write cryptlen + assoclen bytes */
167 append_math_add(desc
, VARSEQINLEN
, ZERO
, REG2
, CAAM_CMD_SZ
);
168 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG2
, CAAM_CMD_SZ
);
171 * MOVE_LEN opcode is not available in all SEC HW revisions,
172 * thus need to do some magic, i.e. self-patch the descriptor
175 read_move_cmd
= append_move(desc
, MOVE_SRC_DESCBUF
|
177 (0x6 << MOVE_LEN_SHIFT
));
178 write_move_cmd
= append_move(desc
, MOVE_SRC_MATH2
|
181 (0x8 << MOVE_LEN_SHIFT
));
183 /* Read and write cryptlen bytes */
184 aead_append_src_dst(desc
, FIFOLD_TYPE_MSG
| FIFOLD_TYPE_FLUSH1
);
187 * Insert a NOP here, since we need at least 4 instructions between
188 * code patching the descriptor buffer and the location being patched.
190 jump_cmd
= append_jump(desc
, JUMP_TEST_ALL
);
191 set_jump_tgt_here(desc
, jump_cmd
);
193 set_move_tgt_here(desc
, read_move_cmd
);
194 set_move_tgt_here(desc
, write_move_cmd
);
195 append_cmd(desc
, CMD_LOAD
| DISABLE_AUTO_INFO_FIFO
);
196 append_move(desc
, MOVE_SRC_INFIFO_CL
| MOVE_DEST_OUTFIFO
|
198 append_cmd(desc
, CMD_LOAD
| ENABLE_AUTO_INFO_FIFO
);
201 append_seq_fifo_load(desc
, icvsize
, FIFOLD_CLASS_CLASS2
|
202 FIFOLD_TYPE_LAST2
| FIFOLD_TYPE_ICV
);
204 print_hex_dump_debug("aead null dec shdesc@" __stringify(__LINE__
)": ",
205 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
208 EXPORT_SYMBOL(cnstr_shdsc_aead_null_decap
);
210 static void init_sh_desc_key_aead(u32
* const desc
,
211 struct alginfo
* const cdata
,
212 struct alginfo
* const adata
,
213 const bool is_rfc3686
, u32
*nonce
, int era
)
216 unsigned int enckeylen
= cdata
->keylen
;
218 /* Note: Context registers are saved. */
219 init_sh_desc(desc
, HDR_SHARE_SERIAL
| HDR_SAVECTX
);
221 /* Skip if already shared */
222 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
227 * | key = {AUTH_KEY, ENC_KEY, NONCE}
228 * | enckeylen = encryption key size + nonce size
231 enckeylen
-= CTR_RFC3686_NONCE_SIZE
;
234 if (adata
->key_inline
)
235 append_key_as_imm(desc
, adata
->key_virt
,
236 adata
->keylen_pad
, adata
->keylen
,
237 CLASS_2
| KEY_DEST_MDHA_SPLIT
|
240 append_key(desc
, adata
->key_dma
, adata
->keylen
,
241 CLASS_2
| KEY_DEST_MDHA_SPLIT
| KEY_ENC
);
243 append_proto_dkp(desc
, adata
);
246 if (cdata
->key_inline
)
247 append_key_as_imm(desc
, cdata
->key_virt
, enckeylen
,
248 enckeylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
250 append_key(desc
, cdata
->key_dma
, enckeylen
, CLASS_1
|
253 /* Load Counter into CONTEXT1 reg */
255 append_load_as_imm(desc
, nonce
, CTR_RFC3686_NONCE_SIZE
,
257 LDST_SRCDST_BYTE_OUTFIFO
| LDST_IMM
);
260 MOVE_DEST_CLASS1CTX
|
261 (16 << MOVE_OFFSET_SHIFT
) |
262 (CTR_RFC3686_NONCE_SIZE
<< MOVE_LEN_SHIFT
));
265 set_jump_tgt_here(desc
, key_jump_cmd
);
269 * cnstr_shdsc_aead_encap - IPSec ESP encapsulation shared descriptor
271 * @desc: pointer to buffer used for descriptor construction
272 * @cdata: pointer to block cipher transform definitions
273 * Valid algorithm values - one of OP_ALG_ALGSEL_{AES, DES, 3DES} ANDed
274 * with OP_ALG_AAI_CBC or OP_ALG_AAI_CTR_MOD128.
275 * @adata: pointer to authentication transform definitions.
276 * A split key is required for SEC Era < 6; the size of the split key
277 * is specified in this case. Valid algorithm values - one of
278 * OP_ALG_ALGSEL_{MD5, SHA1, SHA224, SHA256, SHA384, SHA512} ANDed
279 * with OP_ALG_AAI_HMAC_PRECOMP.
280 * @ivsize: initialization vector size
281 * @icvsize: integrity check value (ICV) size (truncated or full)
282 * @is_rfc3686: true when ctr(aes) is wrapped by rfc3686 template
283 * @nonce: pointer to rfc3686 nonce
284 * @ctx1_iv_off: IV offset in CONTEXT1 register
285 * @is_qi: true when called from caam/qi
288 void cnstr_shdsc_aead_encap(u32
* const desc
, struct alginfo
*cdata
,
289 struct alginfo
*adata
, unsigned int ivsize
,
290 unsigned int icvsize
, const bool is_rfc3686
,
291 u32
*nonce
, const u32 ctx1_iv_off
, const bool is_qi
,
294 /* Note: Context registers are saved. */
295 init_sh_desc_key_aead(desc
, cdata
, adata
, is_rfc3686
, nonce
, era
);
297 /* Class 2 operation */
298 append_operation(desc
, adata
->algtype
| OP_ALG_AS_INITFINAL
|
304 /* REG3 = assoclen */
305 append_seq_load(desc
, 4, LDST_CLASS_DECO
|
306 LDST_SRCDST_WORD_DECO_MATH3
|
307 (4 << LDST_OFFSET_SHIFT
));
309 wait_load_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
310 JUMP_COND_CALM
| JUMP_COND_NCP
|
311 JUMP_COND_NOP
| JUMP_COND_NIP
|
313 set_jump_tgt_here(desc
, wait_load_cmd
);
315 append_seq_load(desc
, ivsize
, LDST_CLASS_1_CCB
|
316 LDST_SRCDST_BYTE_CONTEXT
|
317 (ctx1_iv_off
<< LDST_OFFSET_SHIFT
));
320 /* Read and write assoclen bytes */
321 if (is_qi
|| era
< 3) {
322 append_math_add(desc
, VARSEQINLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
323 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
325 append_math_add(desc
, VARSEQINLEN
, ZERO
, DPOVRD
, CAAM_CMD_SZ
);
326 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, DPOVRD
, CAAM_CMD_SZ
);
329 /* Skip assoc data */
330 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_SKIP
| FIFOLDST_VLF
);
332 /* read assoc before reading payload */
333 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS2
| FIFOLD_TYPE_MSG
|
336 /* Load Counter into CONTEXT1 reg */
338 append_load_imm_be32(desc
, 1, LDST_IMM
| LDST_CLASS_1_CCB
|
339 LDST_SRCDST_BYTE_CONTEXT
|
340 ((ctx1_iv_off
+ CTR_RFC3686_IV_SIZE
) <<
343 /* Class 1 operation */
344 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
347 /* Read and write cryptlen bytes */
348 append_math_add(desc
, VARSEQINLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
349 append_math_add(desc
, VARSEQOUTLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
350 aead_append_src_dst(desc
, FIFOLD_TYPE_MSG1OUT2
);
353 append_seq_store(desc
, icvsize
, LDST_CLASS_2_CCB
|
354 LDST_SRCDST_BYTE_CONTEXT
);
356 print_hex_dump_debug("aead enc shdesc@" __stringify(__LINE__
)": ",
357 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
360 EXPORT_SYMBOL(cnstr_shdsc_aead_encap
);
363 * cnstr_shdsc_aead_decap - IPSec ESP decapsulation shared descriptor
365 * @desc: pointer to buffer used for descriptor construction
366 * @cdata: pointer to block cipher transform definitions
367 * Valid algorithm values - one of OP_ALG_ALGSEL_{AES, DES, 3DES} ANDed
368 * with OP_ALG_AAI_CBC or OP_ALG_AAI_CTR_MOD128.
369 * @adata: pointer to authentication transform definitions.
370 * A split key is required for SEC Era < 6; the size of the split key
371 * is specified in this case. Valid algorithm values - one of
372 * OP_ALG_ALGSEL_{MD5, SHA1, SHA224, SHA256, SHA384, SHA512} ANDed
373 * with OP_ALG_AAI_HMAC_PRECOMP.
374 * @ivsize: initialization vector size
375 * @icvsize: integrity check value (ICV) size (truncated or full)
376 * @is_rfc3686: true when ctr(aes) is wrapped by rfc3686 template
377 * @nonce: pointer to rfc3686 nonce
378 * @ctx1_iv_off: IV offset in CONTEXT1 register
379 * @is_qi: true when called from caam/qi
382 void cnstr_shdsc_aead_decap(u32
* const desc
, struct alginfo
*cdata
,
383 struct alginfo
*adata
, unsigned int ivsize
,
384 unsigned int icvsize
, const bool geniv
,
385 const bool is_rfc3686
, u32
*nonce
,
386 const u32 ctx1_iv_off
, const bool is_qi
, int era
)
388 /* Note: Context registers are saved. */
389 init_sh_desc_key_aead(desc
, cdata
, adata
, is_rfc3686
, nonce
, era
);
391 /* Class 2 operation */
392 append_operation(desc
, adata
->algtype
| OP_ALG_AS_INITFINAL
|
393 OP_ALG_DECRYPT
| OP_ALG_ICV_ON
);
398 /* REG3 = assoclen */
399 append_seq_load(desc
, 4, LDST_CLASS_DECO
|
400 LDST_SRCDST_WORD_DECO_MATH3
|
401 (4 << LDST_OFFSET_SHIFT
));
403 wait_load_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
404 JUMP_COND_CALM
| JUMP_COND_NCP
|
405 JUMP_COND_NOP
| JUMP_COND_NIP
|
407 set_jump_tgt_here(desc
, wait_load_cmd
);
410 append_seq_load(desc
, ivsize
, LDST_CLASS_1_CCB
|
411 LDST_SRCDST_BYTE_CONTEXT
|
412 (ctx1_iv_off
<< LDST_OFFSET_SHIFT
));
415 /* Read and write assoclen bytes */
416 if (is_qi
|| era
< 3) {
417 append_math_add(desc
, VARSEQINLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
419 append_math_add_imm_u32(desc
, VARSEQOUTLEN
, REG3
, IMM
,
422 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG3
,
425 append_math_add(desc
, VARSEQINLEN
, ZERO
, DPOVRD
, CAAM_CMD_SZ
);
427 append_math_add_imm_u32(desc
, VARSEQOUTLEN
, DPOVRD
, IMM
,
430 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, DPOVRD
,
434 /* Skip assoc data */
435 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_SKIP
| FIFOLDST_VLF
);
437 /* read assoc before reading payload */
438 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS2
| FIFOLD_TYPE_MSG
|
442 append_seq_load(desc
, ivsize
, LDST_CLASS_1_CCB
|
443 LDST_SRCDST_BYTE_CONTEXT
|
444 (ctx1_iv_off
<< LDST_OFFSET_SHIFT
));
445 append_move(desc
, MOVE_SRC_CLASS1CTX
| MOVE_DEST_CLASS2INFIFO
|
446 (ctx1_iv_off
<< MOVE_OFFSET_SHIFT
) | ivsize
);
449 /* Load Counter into CONTEXT1 reg */
451 append_load_imm_be32(desc
, 1, LDST_IMM
| LDST_CLASS_1_CCB
|
452 LDST_SRCDST_BYTE_CONTEXT
|
453 ((ctx1_iv_off
+ CTR_RFC3686_IV_SIZE
) <<
456 /* Choose operation */
458 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
461 append_dec_op1(desc
, cdata
->algtype
);
463 /* Read and write cryptlen bytes */
464 append_math_add(desc
, VARSEQINLEN
, SEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
465 append_math_add(desc
, VARSEQOUTLEN
, SEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
466 aead_append_src_dst(desc
, FIFOLD_TYPE_MSG
);
469 append_seq_fifo_load(desc
, icvsize
, FIFOLD_CLASS_CLASS2
|
470 FIFOLD_TYPE_LAST2
| FIFOLD_TYPE_ICV
);
472 print_hex_dump_debug("aead dec shdesc@" __stringify(__LINE__
)": ",
473 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
476 EXPORT_SYMBOL(cnstr_shdsc_aead_decap
);
479 * cnstr_shdsc_aead_givencap - IPSec ESP encapsulation shared descriptor
480 * (non-protocol) with HW-generated initialization
482 * @desc: pointer to buffer used for descriptor construction
483 * @cdata: pointer to block cipher transform definitions
484 * Valid algorithm values - one of OP_ALG_ALGSEL_{AES, DES, 3DES} ANDed
485 * with OP_ALG_AAI_CBC or OP_ALG_AAI_CTR_MOD128.
486 * @adata: pointer to authentication transform definitions.
487 * A split key is required for SEC Era < 6; the size of the split key
488 * is specified in this case. Valid algorithm values - one of
489 * OP_ALG_ALGSEL_{MD5, SHA1, SHA224, SHA256, SHA384, SHA512} ANDed
490 * with OP_ALG_AAI_HMAC_PRECOMP.
491 * @ivsize: initialization vector size
492 * @icvsize: integrity check value (ICV) size (truncated or full)
493 * @is_rfc3686: true when ctr(aes) is wrapped by rfc3686 template
494 * @nonce: pointer to rfc3686 nonce
495 * @ctx1_iv_off: IV offset in CONTEXT1 register
496 * @is_qi: true when called from caam/qi
499 void cnstr_shdsc_aead_givencap(u32
* const desc
, struct alginfo
*cdata
,
500 struct alginfo
*adata
, unsigned int ivsize
,
501 unsigned int icvsize
, const bool is_rfc3686
,
502 u32
*nonce
, const u32 ctx1_iv_off
,
503 const bool is_qi
, int era
)
508 /* Note: Context registers are saved. */
509 init_sh_desc_key_aead(desc
, cdata
, adata
, is_rfc3686
, nonce
, era
);
514 /* REG3 = assoclen */
515 append_seq_load(desc
, 4, LDST_CLASS_DECO
|
516 LDST_SRCDST_WORD_DECO_MATH3
|
517 (4 << LDST_OFFSET_SHIFT
));
519 wait_load_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
520 JUMP_COND_CALM
| JUMP_COND_NCP
|
521 JUMP_COND_NOP
| JUMP_COND_NIP
|
523 set_jump_tgt_here(desc
, wait_load_cmd
);
528 append_seq_load(desc
, ivsize
, LDST_CLASS_1_CCB
|
529 LDST_SRCDST_BYTE_CONTEXT
|
530 (ctx1_iv_off
<< LDST_OFFSET_SHIFT
));
536 geniv
= NFIFOENTRY_STYPE_PAD
| NFIFOENTRY_DEST_DECO
|
537 NFIFOENTRY_DTYPE_MSG
| NFIFOENTRY_LC1
|
538 NFIFOENTRY_PTYPE_RND
| (ivsize
<< NFIFOENTRY_DLEN_SHIFT
);
539 append_load_imm_u32(desc
, geniv
, LDST_CLASS_IND_CCB
|
540 LDST_SRCDST_WORD_INFO_FIFO
| LDST_IMM
);
541 append_cmd(desc
, CMD_LOAD
| DISABLE_AUTO_INFO_FIFO
);
542 append_move(desc
, MOVE_WAITCOMP
|
543 MOVE_SRC_INFIFO
| MOVE_DEST_CLASS1CTX
|
544 (ctx1_iv_off
<< MOVE_OFFSET_SHIFT
) |
545 (ivsize
<< MOVE_LEN_SHIFT
));
546 append_cmd(desc
, CMD_LOAD
| ENABLE_AUTO_INFO_FIFO
);
549 /* Copy IV to class 1 context */
550 append_move(desc
, MOVE_SRC_CLASS1CTX
| MOVE_DEST_OUTFIFO
|
551 (ctx1_iv_off
<< MOVE_OFFSET_SHIFT
) |
552 (ivsize
<< MOVE_LEN_SHIFT
));
554 /* Return to encryption */
555 append_operation(desc
, adata
->algtype
| OP_ALG_AS_INITFINAL
|
558 /* Read and write assoclen bytes */
559 if (is_qi
|| era
< 3) {
560 append_math_add(desc
, VARSEQINLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
561 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
563 append_math_add(desc
, VARSEQINLEN
, ZERO
, DPOVRD
, CAAM_CMD_SZ
);
564 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, DPOVRD
, CAAM_CMD_SZ
);
567 /* Skip assoc data */
568 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_SKIP
| FIFOLDST_VLF
);
570 /* read assoc before reading payload */
571 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS2
| FIFOLD_TYPE_MSG
|
574 /* Copy iv from outfifo to class 2 fifo */
575 moveiv
= NFIFOENTRY_STYPE_OFIFO
| NFIFOENTRY_DEST_CLASS2
|
576 NFIFOENTRY_DTYPE_MSG
| (ivsize
<< NFIFOENTRY_DLEN_SHIFT
);
577 append_load_imm_u32(desc
, moveiv
, LDST_CLASS_IND_CCB
|
578 LDST_SRCDST_WORD_INFO_FIFO
| LDST_IMM
);
579 append_load_imm_u32(desc
, ivsize
, LDST_CLASS_2_CCB
|
580 LDST_SRCDST_WORD_DATASZ_REG
| LDST_IMM
);
582 /* Load Counter into CONTEXT1 reg */
584 append_load_imm_be32(desc
, 1, LDST_IMM
| LDST_CLASS_1_CCB
|
585 LDST_SRCDST_BYTE_CONTEXT
|
586 ((ctx1_iv_off
+ CTR_RFC3686_IV_SIZE
) <<
589 /* Class 1 operation */
590 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
593 /* Will write ivsize + cryptlen */
594 append_math_add(desc
, VARSEQOUTLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
596 /* Not need to reload iv */
597 append_seq_fifo_load(desc
, ivsize
,
600 /* Will read cryptlen */
601 append_math_add(desc
, VARSEQINLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
604 * Wait for IV transfer (ofifo -> class2) to finish before starting
605 * ciphertext transfer (ofifo -> external memory).
607 wait_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
| JUMP_COND_NIFP
);
608 set_jump_tgt_here(desc
, wait_cmd
);
610 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_BOTH
| KEY_VLF
|
611 FIFOLD_TYPE_MSG1OUT2
| FIFOLD_TYPE_LASTBOTH
);
612 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
| KEY_VLF
);
615 append_seq_store(desc
, icvsize
, LDST_CLASS_2_CCB
|
616 LDST_SRCDST_BYTE_CONTEXT
);
618 print_hex_dump_debug("aead givenc shdesc@" __stringify(__LINE__
)": ",
619 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
622 EXPORT_SYMBOL(cnstr_shdsc_aead_givencap
);
625 * cnstr_shdsc_gcm_encap - gcm encapsulation shared descriptor
626 * @desc: pointer to buffer used for descriptor construction
627 * @cdata: pointer to block cipher transform definitions
628 * Valid algorithm values - OP_ALG_ALGSEL_AES ANDed with OP_ALG_AAI_GCM.
629 * @ivsize: initialization vector size
630 * @icvsize: integrity check value (ICV) size (truncated or full)
631 * @is_qi: true when called from caam/qi
633 void cnstr_shdsc_gcm_encap(u32
* const desc
, struct alginfo
*cdata
,
634 unsigned int ivsize
, unsigned int icvsize
,
637 u32
*key_jump_cmd
, *zero_payload_jump_cmd
, *zero_assoc_jump_cmd1
,
638 *zero_assoc_jump_cmd2
;
640 init_sh_desc(desc
, HDR_SHARE_SERIAL
);
642 /* skip key loading if they are loaded due to sharing */
643 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
645 if (cdata
->key_inline
)
646 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
647 cdata
->keylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
649 append_key(desc
, cdata
->key_dma
, cdata
->keylen
, CLASS_1
|
651 set_jump_tgt_here(desc
, key_jump_cmd
);
653 /* class 1 operation */
654 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
660 /* REG3 = assoclen */
661 append_seq_load(desc
, 4, LDST_CLASS_DECO
|
662 LDST_SRCDST_WORD_DECO_MATH3
|
663 (4 << LDST_OFFSET_SHIFT
));
665 wait_load_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
666 JUMP_COND_CALM
| JUMP_COND_NCP
|
667 JUMP_COND_NOP
| JUMP_COND_NIP
|
669 set_jump_tgt_here(desc
, wait_load_cmd
);
671 append_math_sub_imm_u32(desc
, VARSEQOUTLEN
, SEQINLEN
, IMM
,
674 append_math_sub(desc
, VARSEQOUTLEN
, SEQINLEN
, REG0
,
678 /* if assoclen + cryptlen is ZERO, skip to ICV write */
679 zero_assoc_jump_cmd2
= append_jump(desc
, JUMP_TEST_ALL
|
683 append_seq_fifo_load(desc
, ivsize
, FIFOLD_CLASS_CLASS1
|
684 FIFOLD_TYPE_IV
| FIFOLD_TYPE_FLUSH1
);
686 /* if assoclen is ZERO, skip reading the assoc data */
687 append_math_add(desc
, VARSEQINLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
688 zero_assoc_jump_cmd1
= append_jump(desc
, JUMP_TEST_ALL
|
691 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
693 /* skip assoc data */
694 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_SKIP
| FIFOLDST_VLF
);
696 /* cryptlen = seqinlen - assoclen */
697 append_math_sub(desc
, VARSEQOUTLEN
, SEQINLEN
, REG3
, CAAM_CMD_SZ
);
699 /* if cryptlen is ZERO jump to zero-payload commands */
700 zero_payload_jump_cmd
= append_jump(desc
, JUMP_TEST_ALL
|
703 /* read assoc data */
704 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
705 FIFOLD_TYPE_AAD
| FIFOLD_TYPE_FLUSH1
);
706 set_jump_tgt_here(desc
, zero_assoc_jump_cmd1
);
708 append_math_sub(desc
, VARSEQINLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
710 /* write encrypted data */
711 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
| FIFOLDST_VLF
);
713 /* read payload data */
714 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
715 FIFOLD_TYPE_MSG
| FIFOLD_TYPE_LAST1
);
717 /* jump to ICV writing */
719 append_jump(desc
, JUMP_TEST_ALL
| 4);
721 append_jump(desc
, JUMP_TEST_ALL
| 2);
723 /* zero-payload commands */
724 set_jump_tgt_here(desc
, zero_payload_jump_cmd
);
726 /* read assoc data */
727 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
728 FIFOLD_TYPE_AAD
| FIFOLD_TYPE_LAST1
);
730 /* jump to ICV writing */
731 append_jump(desc
, JUMP_TEST_ALL
| 2);
733 /* There is no input data */
734 set_jump_tgt_here(desc
, zero_assoc_jump_cmd2
);
737 append_seq_fifo_load(desc
, ivsize
, FIFOLD_CLASS_CLASS1
|
738 FIFOLD_TYPE_IV
| FIFOLD_TYPE_FLUSH1
|
742 append_seq_store(desc
, icvsize
, LDST_CLASS_1_CCB
|
743 LDST_SRCDST_BYTE_CONTEXT
);
745 print_hex_dump_debug("gcm enc shdesc@" __stringify(__LINE__
)": ",
746 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
749 EXPORT_SYMBOL(cnstr_shdsc_gcm_encap
);
752 * cnstr_shdsc_gcm_decap - gcm decapsulation shared descriptor
753 * @desc: pointer to buffer used for descriptor construction
754 * @cdata: pointer to block cipher transform definitions
755 * Valid algorithm values - OP_ALG_ALGSEL_AES ANDed with OP_ALG_AAI_GCM.
756 * @ivsize: initialization vector size
757 * @icvsize: integrity check value (ICV) size (truncated or full)
758 * @is_qi: true when called from caam/qi
760 void cnstr_shdsc_gcm_decap(u32
* const desc
, struct alginfo
*cdata
,
761 unsigned int ivsize
, unsigned int icvsize
,
764 u32
*key_jump_cmd
, *zero_payload_jump_cmd
, *zero_assoc_jump_cmd1
;
766 init_sh_desc(desc
, HDR_SHARE_SERIAL
);
768 /* skip key loading if they are loaded due to sharing */
769 key_jump_cmd
= append_jump(desc
, JUMP_JSL
|
770 JUMP_TEST_ALL
| JUMP_COND_SHRD
);
771 if (cdata
->key_inline
)
772 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
773 cdata
->keylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
775 append_key(desc
, cdata
->key_dma
, cdata
->keylen
, CLASS_1
|
777 set_jump_tgt_here(desc
, key_jump_cmd
);
779 /* class 1 operation */
780 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
781 OP_ALG_DECRYPT
| OP_ALG_ICV_ON
);
786 /* REG3 = assoclen */
787 append_seq_load(desc
, 4, LDST_CLASS_DECO
|
788 LDST_SRCDST_WORD_DECO_MATH3
|
789 (4 << LDST_OFFSET_SHIFT
));
791 wait_load_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
792 JUMP_COND_CALM
| JUMP_COND_NCP
|
793 JUMP_COND_NOP
| JUMP_COND_NIP
|
795 set_jump_tgt_here(desc
, wait_load_cmd
);
797 append_seq_fifo_load(desc
, ivsize
, FIFOLD_CLASS_CLASS1
|
798 FIFOLD_TYPE_IV
| FIFOLD_TYPE_FLUSH1
);
801 /* if assoclen is ZERO, skip reading the assoc data */
802 append_math_add(desc
, VARSEQINLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
803 zero_assoc_jump_cmd1
= append_jump(desc
, JUMP_TEST_ALL
|
806 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
808 /* skip assoc data */
809 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_SKIP
| FIFOLDST_VLF
);
811 /* read assoc data */
812 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
813 FIFOLD_TYPE_AAD
| FIFOLD_TYPE_FLUSH1
);
815 set_jump_tgt_here(desc
, zero_assoc_jump_cmd1
);
817 /* cryptlen = seqoutlen - assoclen */
818 append_math_sub(desc
, VARSEQINLEN
, SEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
820 /* jump to zero-payload command if cryptlen is zero */
821 zero_payload_jump_cmd
= append_jump(desc
, JUMP_TEST_ALL
|
824 append_math_sub(desc
, VARSEQOUTLEN
, SEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
826 /* store encrypted data */
827 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
| FIFOLDST_VLF
);
829 /* read payload data */
830 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
831 FIFOLD_TYPE_MSG
| FIFOLD_TYPE_FLUSH1
);
833 /* zero-payload command */
834 set_jump_tgt_here(desc
, zero_payload_jump_cmd
);
837 append_seq_fifo_load(desc
, icvsize
, FIFOLD_CLASS_CLASS1
|
838 FIFOLD_TYPE_ICV
| FIFOLD_TYPE_LAST1
);
840 print_hex_dump_debug("gcm dec shdesc@" __stringify(__LINE__
)": ",
841 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
844 EXPORT_SYMBOL(cnstr_shdsc_gcm_decap
);
847 * cnstr_shdsc_rfc4106_encap - IPSec ESP gcm encapsulation shared descriptor
849 * @desc: pointer to buffer used for descriptor construction
850 * @cdata: pointer to block cipher transform definitions
851 * Valid algorithm values - OP_ALG_ALGSEL_AES ANDed with OP_ALG_AAI_GCM.
852 * @ivsize: initialization vector size
853 * @icvsize: integrity check value (ICV) size (truncated or full)
854 * @is_qi: true when called from caam/qi
856 * Input sequence: AAD | PTXT
857 * Output sequence: AAD | CTXT | ICV
858 * AAD length (assoclen), which includes the IV length, is available in Math3.
860 void cnstr_shdsc_rfc4106_encap(u32
* const desc
, struct alginfo
*cdata
,
861 unsigned int ivsize
, unsigned int icvsize
,
864 u32
*key_jump_cmd
, *zero_cryptlen_jump_cmd
, *skip_instructions
;
865 init_sh_desc(desc
, HDR_SHARE_SERIAL
);
867 /* Skip key loading if it is loaded due to sharing */
868 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
870 if (cdata
->key_inline
)
871 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
872 cdata
->keylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
874 append_key(desc
, cdata
->key_dma
, cdata
->keylen
, CLASS_1
|
876 set_jump_tgt_here(desc
, key_jump_cmd
);
878 /* Class 1 operation */
879 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
885 /* REG3 = assoclen */
886 append_seq_load(desc
, 4, LDST_CLASS_DECO
|
887 LDST_SRCDST_WORD_DECO_MATH3
|
888 (4 << LDST_OFFSET_SHIFT
));
890 wait_load_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
891 JUMP_COND_CALM
| JUMP_COND_NCP
|
892 JUMP_COND_NOP
| JUMP_COND_NIP
|
894 set_jump_tgt_here(desc
, wait_load_cmd
);
896 /* Read salt and IV */
897 append_fifo_load_as_imm(desc
, (void *)(cdata
->key_virt
+
898 cdata
->keylen
), 4, FIFOLD_CLASS_CLASS1
|
900 append_seq_fifo_load(desc
, ivsize
, FIFOLD_CLASS_CLASS1
|
901 FIFOLD_TYPE_IV
| FIFOLD_TYPE_FLUSH1
);
904 append_math_sub_imm_u32(desc
, VARSEQINLEN
, REG3
, IMM
, ivsize
);
905 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
908 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_SKIP
| FIFOLDST_VLF
);
910 /* Read cryptlen and set this value into VARSEQOUTLEN */
911 append_math_sub(desc
, VARSEQOUTLEN
, SEQINLEN
, REG3
, CAAM_CMD_SZ
);
913 /* If cryptlen is ZERO jump to AAD command */
914 zero_cryptlen_jump_cmd
= append_jump(desc
, JUMP_TEST_ALL
|
918 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
919 FIFOLD_TYPE_AAD
| FIFOLD_TYPE_FLUSH1
);
921 /* Workaround for erratum A-005473 (simultaneous SEQ FIFO skips) */
922 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
);
925 append_seq_fifo_load(desc
, ivsize
, FIFOLD_CLASS_SKIP
);
926 append_math_add(desc
, VARSEQINLEN
, VARSEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
928 /* Write encrypted data */
929 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
| FIFOLDST_VLF
);
931 /* Read payload data */
932 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
933 FIFOLD_TYPE_MSG
| FIFOLD_TYPE_LAST1
);
935 /* Jump instructions to avoid double reading of AAD */
936 skip_instructions
= append_jump(desc
, JUMP_TEST_ALL
);
938 /* There is no input data, cryptlen = 0 */
939 set_jump_tgt_here(desc
, zero_cryptlen_jump_cmd
);
942 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
943 FIFOLD_TYPE_AAD
| FIFOLD_TYPE_LAST1
);
945 set_jump_tgt_here(desc
, skip_instructions
);
948 append_seq_store(desc
, icvsize
, LDST_CLASS_1_CCB
|
949 LDST_SRCDST_BYTE_CONTEXT
);
951 print_hex_dump_debug("rfc4106 enc shdesc@" __stringify(__LINE__
)": ",
952 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
955 EXPORT_SYMBOL(cnstr_shdsc_rfc4106_encap
);
958 * cnstr_shdsc_rfc4106_decap - IPSec ESP gcm decapsulation shared descriptor
960 * @desc: pointer to buffer used for descriptor construction
961 * @cdata: pointer to block cipher transform definitions
962 * Valid algorithm values - OP_ALG_ALGSEL_AES ANDed with OP_ALG_AAI_GCM.
963 * @ivsize: initialization vector size
964 * @icvsize: integrity check value (ICV) size (truncated or full)
965 * @is_qi: true when called from caam/qi
967 void cnstr_shdsc_rfc4106_decap(u32
* const desc
, struct alginfo
*cdata
,
968 unsigned int ivsize
, unsigned int icvsize
,
973 init_sh_desc(desc
, HDR_SHARE_SERIAL
);
975 /* Skip key loading if it is loaded due to sharing */
976 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
978 if (cdata
->key_inline
)
979 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
980 cdata
->keylen
, CLASS_1
|
983 append_key(desc
, cdata
->key_dma
, cdata
->keylen
, CLASS_1
|
985 set_jump_tgt_here(desc
, key_jump_cmd
);
987 /* Class 1 operation */
988 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
989 OP_ALG_DECRYPT
| OP_ALG_ICV_ON
);
994 /* REG3 = assoclen */
995 append_seq_load(desc
, 4, LDST_CLASS_DECO
|
996 LDST_SRCDST_WORD_DECO_MATH3
|
997 (4 << LDST_OFFSET_SHIFT
));
999 wait_load_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
1000 JUMP_COND_CALM
| JUMP_COND_NCP
|
1001 JUMP_COND_NOP
| JUMP_COND_NIP
|
1003 set_jump_tgt_here(desc
, wait_load_cmd
);
1005 /* Read salt and IV */
1006 append_fifo_load_as_imm(desc
, (void *)(cdata
->key_virt
+
1007 cdata
->keylen
), 4, FIFOLD_CLASS_CLASS1
|
1009 append_seq_fifo_load(desc
, ivsize
, FIFOLD_CLASS_CLASS1
|
1010 FIFOLD_TYPE_IV
| FIFOLD_TYPE_FLUSH1
);
1013 append_math_sub_imm_u32(desc
, VARSEQINLEN
, REG3
, IMM
, ivsize
);
1014 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
1016 /* Read assoc data */
1017 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
1018 FIFOLD_TYPE_AAD
| FIFOLD_TYPE_FLUSH1
);
1021 append_seq_fifo_load(desc
, ivsize
, FIFOLD_CLASS_SKIP
);
1023 /* Will read cryptlen bytes */
1024 append_math_sub(desc
, VARSEQINLEN
, SEQOUTLEN
, REG3
, CAAM_CMD_SZ
);
1026 /* Workaround for erratum A-005473 (simultaneous SEQ FIFO skips) */
1027 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLD_TYPE_MSG
);
1029 /* Skip assoc data */
1030 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_SKIP
| FIFOLDST_VLF
);
1032 /* Will write cryptlen bytes */
1033 append_math_sub(desc
, VARSEQOUTLEN
, SEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
1035 /* Store payload data */
1036 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
| FIFOLDST_VLF
);
1038 /* Read encrypted data */
1039 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
| FIFOLDST_VLF
|
1040 FIFOLD_TYPE_MSG
| FIFOLD_TYPE_FLUSH1
);
1043 append_seq_fifo_load(desc
, icvsize
, FIFOLD_CLASS_CLASS1
|
1044 FIFOLD_TYPE_ICV
| FIFOLD_TYPE_LAST1
);
1046 print_hex_dump_debug("rfc4106 dec shdesc@" __stringify(__LINE__
)": ",
1047 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
1050 EXPORT_SYMBOL(cnstr_shdsc_rfc4106_decap
);
1053 * cnstr_shdsc_rfc4543_encap - IPSec ESP gmac encapsulation shared descriptor
1055 * @desc: pointer to buffer used for descriptor construction
1056 * @cdata: pointer to block cipher transform definitions
1057 * Valid algorithm values - OP_ALG_ALGSEL_AES ANDed with OP_ALG_AAI_GCM.
1058 * @ivsize: initialization vector size
1059 * @icvsize: integrity check value (ICV) size (truncated or full)
1060 * @is_qi: true when called from caam/qi
1062 void cnstr_shdsc_rfc4543_encap(u32
* const desc
, struct alginfo
*cdata
,
1063 unsigned int ivsize
, unsigned int icvsize
,
1066 u32
*key_jump_cmd
, *read_move_cmd
, *write_move_cmd
;
1068 init_sh_desc(desc
, HDR_SHARE_SERIAL
);
1070 /* Skip key loading if it is loaded due to sharing */
1071 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
1073 if (cdata
->key_inline
)
1074 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
1075 cdata
->keylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
1077 append_key(desc
, cdata
->key_dma
, cdata
->keylen
, CLASS_1
|
1078 KEY_DEST_CLASS_REG
);
1079 set_jump_tgt_here(desc
, key_jump_cmd
);
1081 /* Class 1 operation */
1082 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
1086 /* assoclen is not needed, skip it */
1087 append_seq_fifo_load(desc
, 4, FIFOLD_CLASS_SKIP
);
1089 /* Read salt and IV */
1090 append_fifo_load_as_imm(desc
, (void *)(cdata
->key_virt
+
1091 cdata
->keylen
), 4, FIFOLD_CLASS_CLASS1
|
1093 append_seq_fifo_load(desc
, ivsize
, FIFOLD_CLASS_CLASS1
|
1094 FIFOLD_TYPE_IV
| FIFOLD_TYPE_FLUSH1
);
1097 /* assoclen + cryptlen = seqinlen */
1098 append_math_sub(desc
, REG3
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
1101 * MOVE_LEN opcode is not available in all SEC HW revisions,
1102 * thus need to do some magic, i.e. self-patch the descriptor
1105 read_move_cmd
= append_move(desc
, MOVE_SRC_DESCBUF
| MOVE_DEST_MATH3
|
1106 (0x6 << MOVE_LEN_SHIFT
));
1107 write_move_cmd
= append_move(desc
, MOVE_SRC_MATH3
| MOVE_DEST_DESCBUF
|
1108 (0x8 << MOVE_LEN_SHIFT
) | MOVE_WAITCOMP
);
1110 /* Will read assoclen + cryptlen bytes */
1111 append_math_sub(desc
, VARSEQINLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
1113 /* Will write assoclen + cryptlen bytes */
1114 append_math_sub(desc
, VARSEQOUTLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
1116 /* Read and write assoclen + cryptlen bytes */
1117 aead_append_src_dst(desc
, FIFOLD_TYPE_AAD
);
1119 set_move_tgt_here(desc
, read_move_cmd
);
1120 set_move_tgt_here(desc
, write_move_cmd
);
1121 append_cmd(desc
, CMD_LOAD
| DISABLE_AUTO_INFO_FIFO
);
1122 /* Move payload data to OFIFO */
1123 append_move(desc
, MOVE_SRC_INFIFO_CL
| MOVE_DEST_OUTFIFO
);
1126 append_seq_store(desc
, icvsize
, LDST_CLASS_1_CCB
|
1127 LDST_SRCDST_BYTE_CONTEXT
);
1129 print_hex_dump_debug("rfc4543 enc shdesc@" __stringify(__LINE__
)": ",
1130 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
1133 EXPORT_SYMBOL(cnstr_shdsc_rfc4543_encap
);
1136 * cnstr_shdsc_rfc4543_decap - IPSec ESP gmac decapsulation shared descriptor
1138 * @desc: pointer to buffer used for descriptor construction
1139 * @cdata: pointer to block cipher transform definitions
1140 * Valid algorithm values - OP_ALG_ALGSEL_AES ANDed with OP_ALG_AAI_GCM.
1141 * @ivsize: initialization vector size
1142 * @icvsize: integrity check value (ICV) size (truncated or full)
1143 * @is_qi: true when called from caam/qi
1145 void cnstr_shdsc_rfc4543_decap(u32
* const desc
, struct alginfo
*cdata
,
1146 unsigned int ivsize
, unsigned int icvsize
,
1149 u32
*key_jump_cmd
, *read_move_cmd
, *write_move_cmd
;
1151 init_sh_desc(desc
, HDR_SHARE_SERIAL
);
1153 /* Skip key loading if it is loaded due to sharing */
1154 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
1156 if (cdata
->key_inline
)
1157 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
1158 cdata
->keylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
1160 append_key(desc
, cdata
->key_dma
, cdata
->keylen
, CLASS_1
|
1161 KEY_DEST_CLASS_REG
);
1162 set_jump_tgt_here(desc
, key_jump_cmd
);
1164 /* Class 1 operation */
1165 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
1166 OP_ALG_DECRYPT
| OP_ALG_ICV_ON
);
1169 /* assoclen is not needed, skip it */
1170 append_seq_fifo_load(desc
, 4, FIFOLD_CLASS_SKIP
);
1172 /* Read salt and IV */
1173 append_fifo_load_as_imm(desc
, (void *)(cdata
->key_virt
+
1174 cdata
->keylen
), 4, FIFOLD_CLASS_CLASS1
|
1176 append_seq_fifo_load(desc
, ivsize
, FIFOLD_CLASS_CLASS1
|
1177 FIFOLD_TYPE_IV
| FIFOLD_TYPE_FLUSH1
);
1180 /* assoclen + cryptlen = seqoutlen */
1181 append_math_sub(desc
, REG3
, SEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
1184 * MOVE_LEN opcode is not available in all SEC HW revisions,
1185 * thus need to do some magic, i.e. self-patch the descriptor
1188 read_move_cmd
= append_move(desc
, MOVE_SRC_DESCBUF
| MOVE_DEST_MATH3
|
1189 (0x6 << MOVE_LEN_SHIFT
));
1190 write_move_cmd
= append_move(desc
, MOVE_SRC_MATH3
| MOVE_DEST_DESCBUF
|
1191 (0x8 << MOVE_LEN_SHIFT
) | MOVE_WAITCOMP
);
1193 /* Will read assoclen + cryptlen bytes */
1194 append_math_sub(desc
, VARSEQINLEN
, SEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
1196 /* Will write assoclen + cryptlen bytes */
1197 append_math_sub(desc
, VARSEQOUTLEN
, SEQOUTLEN
, REG0
, CAAM_CMD_SZ
);
1199 /* Store payload data */
1200 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
| FIFOLDST_VLF
);
1202 /* In-snoop assoclen + cryptlen data */
1203 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_BOTH
| FIFOLDST_VLF
|
1204 FIFOLD_TYPE_AAD
| FIFOLD_TYPE_LAST2FLUSH1
);
1206 set_move_tgt_here(desc
, read_move_cmd
);
1207 set_move_tgt_here(desc
, write_move_cmd
);
1208 append_cmd(desc
, CMD_LOAD
| DISABLE_AUTO_INFO_FIFO
);
1209 /* Move payload data to OFIFO */
1210 append_move(desc
, MOVE_SRC_INFIFO_CL
| MOVE_DEST_OUTFIFO
);
1211 append_cmd(desc
, CMD_LOAD
| ENABLE_AUTO_INFO_FIFO
);
1214 append_seq_fifo_load(desc
, icvsize
, FIFOLD_CLASS_CLASS1
|
1215 FIFOLD_TYPE_ICV
| FIFOLD_TYPE_LAST1
);
1217 print_hex_dump_debug("rfc4543 dec shdesc@" __stringify(__LINE__
)": ",
1218 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
1221 EXPORT_SYMBOL(cnstr_shdsc_rfc4543_decap
);
1224 * cnstr_shdsc_chachapoly - Chacha20 + Poly1305 generic AEAD (rfc7539) and
1225 * IPsec ESP (rfc7634, a.k.a. rfc7539esp) shared
1226 * descriptor (non-protocol).
1227 * @desc: pointer to buffer used for descriptor construction
1228 * @cdata: pointer to block cipher transform definitions
1229 * Valid algorithm values - OP_ALG_ALGSEL_CHACHA20 ANDed with
1231 * @adata: pointer to authentication transform definitions
1232 * Valid algorithm values - OP_ALG_ALGSEL_POLY1305 ANDed with
1234 * @ivsize: initialization vector size
1235 * @icvsize: integrity check value (ICV) size (truncated or full)
1236 * @encap: true if encapsulation, false if decapsulation
1237 * @is_qi: true when called from caam/qi
1239 void cnstr_shdsc_chachapoly(u32
* const desc
, struct alginfo
*cdata
,
1240 struct alginfo
*adata
, unsigned int ivsize
,
1241 unsigned int icvsize
, const bool encap
,
1244 u32
*key_jump_cmd
, *wait_cmd
;
1246 const bool is_ipsec
= (ivsize
!= CHACHAPOLY_IV_SIZE
);
1248 /* Note: Context registers are saved. */
1249 init_sh_desc(desc
, HDR_SHARE_SERIAL
| HDR_SAVECTX
);
1251 /* skip key loading if they are loaded due to sharing */
1252 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
1255 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
, cdata
->keylen
,
1256 CLASS_1
| KEY_DEST_CLASS_REG
);
1258 /* For IPsec load the salt from keymat in the context register */
1260 append_load_as_imm(desc
, cdata
->key_virt
+ cdata
->keylen
, 4,
1261 LDST_CLASS_1_CCB
| LDST_SRCDST_BYTE_CONTEXT
|
1262 4 << LDST_OFFSET_SHIFT
);
1264 set_jump_tgt_here(desc
, key_jump_cmd
);
1266 /* Class 2 and 1 operations: Poly & ChaCha */
1268 append_operation(desc
, adata
->algtype
| OP_ALG_AS_INITFINAL
|
1270 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
1273 append_operation(desc
, adata
->algtype
| OP_ALG_AS_INITFINAL
|
1274 OP_ALG_DECRYPT
| OP_ALG_ICV_ON
);
1275 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
1281 u32 ctx1_iv_off
= is_ipsec
? 8 : 4;
1283 /* REG3 = assoclen */
1284 append_seq_load(desc
, 4, LDST_CLASS_DECO
|
1285 LDST_SRCDST_WORD_DECO_MATH3
|
1286 4 << LDST_OFFSET_SHIFT
);
1288 wait_load_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
1289 JUMP_COND_CALM
| JUMP_COND_NCP
|
1290 JUMP_COND_NOP
| JUMP_COND_NIP
|
1292 set_jump_tgt_here(desc
, wait_load_cmd
);
1294 append_seq_load(desc
, ivsize
, LDST_CLASS_1_CCB
|
1295 LDST_SRCDST_BYTE_CONTEXT
|
1296 ctx1_iv_off
<< LDST_OFFSET_SHIFT
);
1301 * Read associated data from the input and send them to class1 and
1302 * class2 alignment blocks. From class1 send data to output fifo and
1303 * then write it to memory since we don't need to encrypt AD.
1305 nfifo
= NFIFOENTRY_DEST_BOTH
| NFIFOENTRY_FC1
| NFIFOENTRY_FC2
|
1306 NFIFOENTRY_DTYPE_POLY
| NFIFOENTRY_BND
;
1307 append_load_imm_u32(desc
, nfifo
, LDST_CLASS_IND_CCB
|
1308 LDST_SRCDST_WORD_INFO_FIFO_SM
| LDLEN_MATH3
);
1310 append_math_add(desc
, VARSEQINLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
1311 append_math_add(desc
, VARSEQOUTLEN
, ZERO
, REG3
, CAAM_CMD_SZ
);
1312 append_seq_fifo_load(desc
, 0, FIFOLD_TYPE_NOINFOFIFO
|
1313 FIFOLD_CLASS_CLASS1
| LDST_VLF
);
1314 append_move_len(desc
, MOVE_AUX_LS
| MOVE_SRC_AUX_ABLK
|
1315 MOVE_DEST_OUTFIFO
| MOVELEN_MRSEL_MATH3
);
1316 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
| LDST_VLF
);
1318 /* IPsec - copy IV at the output */
1320 append_seq_fifo_store(desc
, ivsize
, FIFOST_TYPE_METADATA
|
1323 wait_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TYPE_LOCAL
|
1324 JUMP_COND_NOP
| JUMP_TEST_ALL
);
1325 set_jump_tgt_here(desc
, wait_cmd
);
1328 /* Read and write cryptlen bytes */
1329 append_math_add(desc
, VARSEQINLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
1330 append_math_add(desc
, VARSEQOUTLEN
, SEQINLEN
, REG0
,
1332 aead_append_src_dst(desc
, FIFOLD_TYPE_MSG1OUT2
);
1335 append_seq_store(desc
, icvsize
, LDST_CLASS_2_CCB
|
1336 LDST_SRCDST_BYTE_CONTEXT
);
1338 /* Read and write cryptlen bytes */
1339 append_math_add(desc
, VARSEQINLEN
, SEQOUTLEN
, REG0
,
1341 append_math_add(desc
, VARSEQOUTLEN
, SEQOUTLEN
, REG0
,
1343 aead_append_src_dst(desc
, FIFOLD_TYPE_MSG
);
1345 /* Load ICV for verification */
1346 append_seq_fifo_load(desc
, icvsize
, FIFOLD_CLASS_CLASS2
|
1347 FIFOLD_TYPE_LAST2
| FIFOLD_TYPE_ICV
);
1350 print_hex_dump_debug("chachapoly shdesc@" __stringify(__LINE__
)": ",
1351 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
1354 EXPORT_SYMBOL(cnstr_shdsc_chachapoly
);
1356 /* For skcipher encrypt and decrypt, read from req->src and write to req->dst */
1357 static inline void skcipher_append_src_dst(u32
*desc
)
1359 append_math_add(desc
, VARSEQOUTLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
1360 append_math_add(desc
, VARSEQINLEN
, SEQINLEN
, REG0
, CAAM_CMD_SZ
);
1361 append_seq_fifo_load(desc
, 0, FIFOLD_CLASS_CLASS1
|
1362 KEY_VLF
| FIFOLD_TYPE_MSG
| FIFOLD_TYPE_LAST1
);
1363 append_seq_fifo_store(desc
, 0, FIFOST_TYPE_MESSAGE_DATA
| KEY_VLF
);
1367 * cnstr_shdsc_skcipher_encap - skcipher encapsulation shared descriptor
1368 * @desc: pointer to buffer used for descriptor construction
1369 * @cdata: pointer to block cipher transform definitions
1370 * Valid algorithm values - one of OP_ALG_ALGSEL_{AES, DES, 3DES} ANDed
1371 * with OP_ALG_AAI_CBC or OP_ALG_AAI_CTR_MOD128
1372 * - OP_ALG_ALGSEL_CHACHA20
1373 * @ivsize: initialization vector size
1374 * @is_rfc3686: true when ctr(aes) is wrapped by rfc3686 template
1375 * @ctx1_iv_off: IV offset in CONTEXT1 register
1377 void cnstr_shdsc_skcipher_encap(u32
* const desc
, struct alginfo
*cdata
,
1378 unsigned int ivsize
, const bool is_rfc3686
,
1379 const u32 ctx1_iv_off
)
1382 u32 options
= cdata
->algtype
| OP_ALG_AS_INIT
| OP_ALG_ENCRYPT
;
1383 bool is_chacha20
= ((cdata
->algtype
& OP_ALG_ALGSEL_MASK
) ==
1384 OP_ALG_ALGSEL_CHACHA20
);
1386 init_sh_desc(desc
, HDR_SHARE_SERIAL
| HDR_SAVECTX
);
1387 /* Skip if already shared */
1388 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
1391 /* Load class1 key only */
1392 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
1393 cdata
->keylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
1395 /* Load nonce into CONTEXT1 reg */
1397 const u8
*nonce
= cdata
->key_virt
+ cdata
->keylen
;
1399 append_load_as_imm(desc
, nonce
, CTR_RFC3686_NONCE_SIZE
,
1400 LDST_CLASS_IND_CCB
|
1401 LDST_SRCDST_BYTE_OUTFIFO
| LDST_IMM
);
1402 append_move(desc
, MOVE_WAITCOMP
| MOVE_SRC_OUTFIFO
|
1403 MOVE_DEST_CLASS1CTX
| (16 << MOVE_OFFSET_SHIFT
) |
1404 (CTR_RFC3686_NONCE_SIZE
<< MOVE_LEN_SHIFT
));
1407 set_jump_tgt_here(desc
, key_jump_cmd
);
1409 /* Load IV, if there is one */
1411 append_seq_load(desc
, ivsize
, LDST_SRCDST_BYTE_CONTEXT
|
1412 LDST_CLASS_1_CCB
| (ctx1_iv_off
<<
1413 LDST_OFFSET_SHIFT
));
1415 /* Load counter into CONTEXT1 reg */
1417 append_load_imm_be32(desc
, 1, LDST_IMM
| LDST_CLASS_1_CCB
|
1418 LDST_SRCDST_BYTE_CONTEXT
|
1419 ((ctx1_iv_off
+ CTR_RFC3686_IV_SIZE
) <<
1420 LDST_OFFSET_SHIFT
));
1422 /* Load operation */
1424 options
|= OP_ALG_AS_FINALIZE
;
1425 append_operation(desc
, options
);
1427 /* Perform operation */
1428 skcipher_append_src_dst(desc
);
1431 if (!is_chacha20
&& ivsize
)
1432 append_seq_store(desc
, ivsize
, LDST_SRCDST_BYTE_CONTEXT
|
1433 LDST_CLASS_1_CCB
| (ctx1_iv_off
<<
1434 LDST_OFFSET_SHIFT
));
1436 print_hex_dump_debug("skcipher enc shdesc@" __stringify(__LINE__
)": ",
1437 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
1440 EXPORT_SYMBOL(cnstr_shdsc_skcipher_encap
);
1443 * cnstr_shdsc_skcipher_decap - skcipher decapsulation shared descriptor
1444 * @desc: pointer to buffer used for descriptor construction
1445 * @cdata: pointer to block cipher transform definitions
1446 * Valid algorithm values - one of OP_ALG_ALGSEL_{AES, DES, 3DES} ANDed
1447 * with OP_ALG_AAI_CBC or OP_ALG_AAI_CTR_MOD128
1448 * - OP_ALG_ALGSEL_CHACHA20
1449 * @ivsize: initialization vector size
1450 * @is_rfc3686: true when ctr(aes) is wrapped by rfc3686 template
1451 * @ctx1_iv_off: IV offset in CONTEXT1 register
1453 void cnstr_shdsc_skcipher_decap(u32
* const desc
, struct alginfo
*cdata
,
1454 unsigned int ivsize
, const bool is_rfc3686
,
1455 const u32 ctx1_iv_off
)
1458 bool is_chacha20
= ((cdata
->algtype
& OP_ALG_ALGSEL_MASK
) ==
1459 OP_ALG_ALGSEL_CHACHA20
);
1461 init_sh_desc(desc
, HDR_SHARE_SERIAL
| HDR_SAVECTX
);
1462 /* Skip if already shared */
1463 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
1466 /* Load class1 key only */
1467 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
1468 cdata
->keylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
1470 /* Load nonce into CONTEXT1 reg */
1472 const u8
*nonce
= cdata
->key_virt
+ cdata
->keylen
;
1474 append_load_as_imm(desc
, nonce
, CTR_RFC3686_NONCE_SIZE
,
1475 LDST_CLASS_IND_CCB
|
1476 LDST_SRCDST_BYTE_OUTFIFO
| LDST_IMM
);
1477 append_move(desc
, MOVE_WAITCOMP
| MOVE_SRC_OUTFIFO
|
1478 MOVE_DEST_CLASS1CTX
| (16 << MOVE_OFFSET_SHIFT
) |
1479 (CTR_RFC3686_NONCE_SIZE
<< MOVE_LEN_SHIFT
));
1482 set_jump_tgt_here(desc
, key_jump_cmd
);
1484 /* Load IV, if there is one */
1486 append_seq_load(desc
, ivsize
, LDST_SRCDST_BYTE_CONTEXT
|
1487 LDST_CLASS_1_CCB
| (ctx1_iv_off
<<
1488 LDST_OFFSET_SHIFT
));
1490 /* Load counter into CONTEXT1 reg */
1492 append_load_imm_be32(desc
, 1, LDST_IMM
| LDST_CLASS_1_CCB
|
1493 LDST_SRCDST_BYTE_CONTEXT
|
1494 ((ctx1_iv_off
+ CTR_RFC3686_IV_SIZE
) <<
1495 LDST_OFFSET_SHIFT
));
1497 /* Choose operation */
1499 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INIT
|
1502 append_dec_op1(desc
, cdata
->algtype
);
1504 /* Perform operation */
1505 skcipher_append_src_dst(desc
);
1508 if (!is_chacha20
&& ivsize
)
1509 append_seq_store(desc
, ivsize
, LDST_SRCDST_BYTE_CONTEXT
|
1510 LDST_CLASS_1_CCB
| (ctx1_iv_off
<<
1511 LDST_OFFSET_SHIFT
));
1513 print_hex_dump_debug("skcipher dec shdesc@" __stringify(__LINE__
)": ",
1514 DUMP_PREFIX_ADDRESS
, 16, 4, desc
, desc_bytes(desc
),
1517 EXPORT_SYMBOL(cnstr_shdsc_skcipher_decap
);
1520 * cnstr_shdsc_xts_skcipher_encap - xts skcipher encapsulation shared descriptor
1521 * @desc: pointer to buffer used for descriptor construction
1522 * @cdata: pointer to block cipher transform definitions
1523 * Valid algorithm values - OP_ALG_ALGSEL_AES ANDed with OP_ALG_AAI_XTS.
1525 void cnstr_shdsc_xts_skcipher_encap(u32
* const desc
, struct alginfo
*cdata
)
1528 * Set sector size to a big value, practically disabling
1529 * sector size segmentation in xts implementation. We cannot
1530 * take full advantage of this HW feature with existing
1531 * crypto API / dm-crypt SW architecture.
1533 __be64 sector_size
= cpu_to_be64(BIT(15));
1536 init_sh_desc(desc
, HDR_SHARE_SERIAL
| HDR_SAVECTX
);
1537 /* Skip if already shared */
1538 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
1541 /* Load class1 keys only */
1542 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
1543 cdata
->keylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
1545 /* Load sector size with index 40 bytes (0x28) */
1546 append_load_as_imm(desc
, (void *)§or_size
, 8, LDST_CLASS_1_CCB
|
1547 LDST_SRCDST_BYTE_CONTEXT
|
1548 (0x28 << LDST_OFFSET_SHIFT
));
1550 set_jump_tgt_here(desc
, key_jump_cmd
);
1553 * create sequence for loading the sector index
1554 * Upper 8B of IV - will be used as sector index
1555 * Lower 8B of IV - will be discarded
1557 append_seq_load(desc
, 8, LDST_SRCDST_BYTE_CONTEXT
| LDST_CLASS_1_CCB
|
1558 (0x20 << LDST_OFFSET_SHIFT
));
1559 append_seq_fifo_load(desc
, 8, FIFOLD_CLASS_SKIP
);
1561 /* Load operation */
1562 append_operation(desc
, cdata
->algtype
| OP_ALG_AS_INITFINAL
|
1565 /* Perform operation */
1566 skcipher_append_src_dst(desc
);
1568 /* Store upper 8B of IV */
1569 append_seq_store(desc
, 8, LDST_SRCDST_BYTE_CONTEXT
| LDST_CLASS_1_CCB
|
1570 (0x20 << LDST_OFFSET_SHIFT
));
1572 print_hex_dump_debug("xts skcipher enc shdesc@" __stringify(__LINE__
)
1573 ": ", DUMP_PREFIX_ADDRESS
, 16, 4,
1574 desc
, desc_bytes(desc
), 1);
1576 EXPORT_SYMBOL(cnstr_shdsc_xts_skcipher_encap
);
1579 * cnstr_shdsc_xts_skcipher_decap - xts skcipher decapsulation shared descriptor
1580 * @desc: pointer to buffer used for descriptor construction
1581 * @cdata: pointer to block cipher transform definitions
1582 * Valid algorithm values - OP_ALG_ALGSEL_AES ANDed with OP_ALG_AAI_XTS.
1584 void cnstr_shdsc_xts_skcipher_decap(u32
* const desc
, struct alginfo
*cdata
)
1587 * Set sector size to a big value, practically disabling
1588 * sector size segmentation in xts implementation. We cannot
1589 * take full advantage of this HW feature with existing
1590 * crypto API / dm-crypt SW architecture.
1592 __be64 sector_size
= cpu_to_be64(BIT(15));
1595 init_sh_desc(desc
, HDR_SHARE_SERIAL
| HDR_SAVECTX
);
1596 /* Skip if already shared */
1597 key_jump_cmd
= append_jump(desc
, JUMP_JSL
| JUMP_TEST_ALL
|
1600 /* Load class1 key only */
1601 append_key_as_imm(desc
, cdata
->key_virt
, cdata
->keylen
,
1602 cdata
->keylen
, CLASS_1
| KEY_DEST_CLASS_REG
);
1604 /* Load sector size with index 40 bytes (0x28) */
1605 append_load_as_imm(desc
, (void *)§or_size
, 8, LDST_CLASS_1_CCB
|
1606 LDST_SRCDST_BYTE_CONTEXT
|
1607 (0x28 << LDST_OFFSET_SHIFT
));
1609 set_jump_tgt_here(desc
, key_jump_cmd
);
1612 * create sequence for loading the sector index
1613 * Upper 8B of IV - will be used as sector index
1614 * Lower 8B of IV - will be discarded
1616 append_seq_load(desc
, 8, LDST_SRCDST_BYTE_CONTEXT
| LDST_CLASS_1_CCB
|
1617 (0x20 << LDST_OFFSET_SHIFT
));
1618 append_seq_fifo_load(desc
, 8, FIFOLD_CLASS_SKIP
);
1620 /* Load operation */
1621 append_dec_op1(desc
, cdata
->algtype
);
1623 /* Perform operation */
1624 skcipher_append_src_dst(desc
);
1626 /* Store upper 8B of IV */
1627 append_seq_store(desc
, 8, LDST_SRCDST_BYTE_CONTEXT
| LDST_CLASS_1_CCB
|
1628 (0x20 << LDST_OFFSET_SHIFT
));
1630 print_hex_dump_debug("xts skcipher dec shdesc@" __stringify(__LINE__
)
1631 ": ", DUMP_PREFIX_ADDRESS
, 16, 4, desc
,
1632 desc_bytes(desc
), 1);
1634 EXPORT_SYMBOL(cnstr_shdsc_xts_skcipher_decap
);
1636 MODULE_LICENSE("GPL");
1637 MODULE_DESCRIPTION("FSL CAAM descriptor support");
1638 MODULE_AUTHOR("Freescale Semiconductor - NMG/STC");