crypto: se: tegra: Support for Security Engine

Added support for Security Engine. Following HW features are supported: CBC,ECB,CTR,OFB,SHA1,SHA224,SHA384,SHA512 and AES-CMAC Original-Change-Id: Ic45c29add689f55be68966d333d1cb7cdb378353 Reviewed-on: http://git-master/r/29950 Tested-by: Mallikarjun Kasoju <mkasoju@nvidia.com> Reviewed-by: Varun Wadekar <vwadekar@nvidia.com> Reviewed-by: Bharat Nihalani <bnihalani@nvidia.com> Rebase-Id: R57f92020a7a713f624afe3b1d42da489bf89daba
author: Kasoju Mallikarjun <mkasoju@nvidia.com> 2011-05-03 21:59:05 +0530
committer: Dan Willemsen <dwillemsen@nvidia.com> 2012-03-22 01:17:16 -0700
commit: 6fd7947dba284becc4a8610c7469760fa9cf16b1 (patch)
tree: 4e1ef93af60ea6bbde68370dc42cbf59fa0c1a1b /drivers/crypto/tegra-se.h
parent: 0dd2648bc369eee5ef5f96b5d426e55d9d38058d (diff)
1 files changed, 283 insertions, 0 deletions
diff --git a/drivers/crypto/tegra-se.h b/drivers/crypto/tegra-se.h
new file mode 100644
index 000000000000..bc2ea191bd2d
--- /dev/null
+++ b/drivers/crypto/tegra-se.h
@@ -0,0 +1,283 @@
+/*
+ * Driver for Tegra Security Engine
+ *
+ * Copyright (c) 2011, NVIDIA Corporation.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+#ifndef _CRYPTO_TEGRA_SE_H
+#define _CRYPTO_TEGRA_SE_H
+
+#include <crypto/hash.h>
+#include <crypto/sha.h>
+
+#define PFX	"tegra-se: "
+
+#define TEGRA_SE_CRA_PRIORITY	300
+#define TEGRA_SE_COMPOSITE_PRIORITY 400
+#define TEGRA_SE_CRYPTO_QUEUE_LENGTH 50
+#define SE_MAX_SRC_SG_COUNT		50
+#define SE_MAX_DST_SG_COUNT		50
+
+#define TEGRA_SE_KEYSLOT_COUNT		16
+
+/* SE register definitions */
+#define SE_CONFIG_REG_OFFSET		0x014
+#define SE_CONFIG_ENC_ALG_SHIFT		12
+#define SE_CONFIG_DEC_ALG_SHIFT		8
+#define ALG_AES_ENC		1
+#define ALG_RNG			2
+#define ALG_SHA			3
+#define ALG_AES_DEC		1
+#define SE_CONFIG_ENC_ALG(x)		(x << SE_CONFIG_ENC_ALG_SHIFT)
+#define SE_CONFIG_DEC_ALG(x)		(x << SE_CONFIG_DEC_ALG_SHIFT)
+#define SE_CONFIG_DST_SHIFT			2
+#define DST_MEMORY		0
+#define DST_HASHREG		1
+#define DST_KEYTAB		2
+#define DST_SRK			3
+#define SE_CONFIG_DST(x)			(x << SE_CONFIG_DST_SHIFT)
+#define SE_CONFIG_ENC_MODE_SHIFT	24
+#define SE_CONFIG_DEC_MODE_SHIFT	16
+#define MODE_KEY128		0
+#define MODE_KEY192		1
+#define MODE_KEY256		2
+#define MODE_SHA1		0
+#define MODE_SHA224		4
+#define MODE_SHA256		5
+#define MODE_SHA384		6
+#define MODE_SHA512		7
+#define SE_CONFIG_ENC_MODE(x)		(x << SE_CONFIG_ENC_MODE_SHIFT)
+#define SE_CONFIG_DEC_MODE(x)		(x << SE_CONFIG_DEC_MODE_SHIFT)
+
+#define SE_KEYTABLE_REG_OFFSET		0x31c
+#define SE_KEYTABLE_SLOT_SHIFT		4
+#define SE_KEYTABLE_SLOT(x)			(x << SE_KEYTABLE_SLOT_SHIFT)
+#define SE_KEYTABLE_QUAD_SHIFT		2
+#define QUAD_KEYS_128	0
+#define QUAD_KEYS_192	1
+#define QUAD_KEYS_256	1
+#define QUAD_ORG_IV		2
+#define QUAD_UPDTD_IV	3
+#define SE_KEYTABLE_QUAD(x)			(x << SE_KEYTABLE_QUAD_SHIFT)
+#define SE_KEYTABLE_OP_TYPE_SHIFT	9
+#define OP_READ			0
+#define OP_WRITE		1
+#define SE_KEYTABLE_OP_TYPE(x)		(x << SE_KEYTABLE_OP_TYPE_SHIFT)
+#define SE_KEYTABLE_TABLE_SEL_SHIFT		8
+#define TABLE_KEYIV		0
+#define TABLE_SCHEDULE	1
+#define SE_KEYTABLE_TABLE_SEL(x)	(x << SE_KEYTABLE_TABLE_SEL_SHIFT)
+#define SE_KEYTABLE_PKT_SHIFT		0
+#define SE_KEYTABLE_PKT(x)			(x << SE_KEYTABLE_PKT_SHIFT)
+
+#define SE_CRYPTO_REG_OFFSET		0x304
+#define SE_CRYPTO_HASH_SHIFT		0
+#define HASH_DISABLE	0
+#define HASH_ENABLE		1
+#define SE_CRYPTO_HASH(x)			(x << SE_CRYPTO_HASH_SHIFT)
+#define SE_CRYPTO_XOR_POS_SHIFT		1
+#define XOR_BYPASS		0
+#define XOR_TOP			2
+#define XOR_BOTTOM		3
+#define SE_CRYPTO_XOR_POS(x)		(x << SE_CRYPTO_XOR_POS_SHIFT)
+#define SE_CRYPTO_INPUT_SEL_SHIFT	3
+#define INPUT_AHB		0
+#define INPUT_LFSR		1
+#define INPUT_AESOUT	2
+#define INPUT_LNR_CTR	3
+#define SE_CRYPTO_INPUT_SEL(x)		(x << SE_CRYPTO_INPUT_SEL_SHIFT)
+#define SE_CRYPTO_VCTRAM_SEL_SHIFT	5
+#define VCTRAM_AHB		0
+#define VCTRAM_AESOUT	2
+#define VCTRAM_PREVAHB	3
+#define SE_CRYPTO_VCTRAM_SEL(x)		(x << SE_CRYPTO_VCTRAM_SEL_SHIFT)
+#define SE_CRYPTO_IV_SEL_SHIFT		7
+#define IV_ORIGINAL		0
+#define IV_UPDATED		1
+#define SE_CRYPTO_IV_SEL(x)			(x << SE_CRYPTO_IV_SEL_SHIFT)
+#define SE_CRYPTO_CORE_SEL_SHIFT	8
+#define CORE_DECRYPT	0
+#define CORE_ENCRYPT	1
+#define SE_CRYPTO_CORE_SEL(x)		(x << SE_CRYPTO_CORE_SEL_SHIFT)
+#define SE_CRYPTO_CTR_VAL_SHIFT		11
+#define SE_CRYPTO_CTR_VAL(x)		(x << SE_CRYPTO_CTR_VAL_SHIFT)
+#define SE_CRYPTO_KEY_INDEX_SHIFT	24
+#define SE_CRYPTO_KEY_INDEX(x)		(x << SE_CRYPTO_KEY_INDEX_SHIFT)
+#define SE_CRYPTO_CTR_CNTN_SHIFT	11
+#define SE_CRYPTO_CTR_CNTN(x)		(x << SE_CRYPTO_CTR_CNTN_SHIFT)
+
+#define SE_CRYPTO_CTR_REG_COUNT		4
+#define SE_CRYPTO_CTR_REG_OFFSET	0x308
+
+#define SE_OPERATION_REG_OFFSET		0x008
+#define SE_OPERATION_SHIFT			0
+#define OP_ABORT		0
+#define OP_SRART		1
+#define OP_RESTART		2
+#define OP_CTX_SAVE		3
+#define SE_OPERATION(x)				(x << SE_OPERATION_SHIFT)
+
+
+#define SE_INT_ENABLE_REG_OFFSET	0x00c
+#define SE_INT_STATUS_REG_OFFSET	0x010
+#define INT_DISABLE		0
+#define INT_ENABLE		1
+#define INT_UNSET		0
+#define INT_SET			1
+#define SE_INT_OP_DONE_SHIFT		4
+#define SE_INT_OP_DONE(x)			(x << SE_INT_OP_DONE_SHIFT)
+#define SE_INT_ERROR_SHIFT		16
+#define SE_INT_ERROR(x)			(x << SE_INT_ERROR_SHIFT)
+
+
+#define SE_IN_LL_ADDR_REG_OFFSET	0x018
+#define SE_OUT_LL_ADDR_REG_OFFSET	0x024
+
+#define SE_KEYTABLE_DATA0_REG_OFFSET	0x320
+#define SE_KEYTABLE_REG_MAX_DATA		16
+
+#define SE_BLOCK_COUNT_REG_OFFSET	0x318
+
+#define SE_SPARE_0_REG_OFFSET		0x80c
+
+#define SE_SHA_CONFIG_REG_OFFSET	0x200
+#define SHA_DISABLE		0
+#define SHA_ENABLE		1
+
+#define SE_SHA_MSG_LENGTH_REG_OFFSET	0x204
+#define SE_SHA_MSG_LEFT_REG_OFFSET		0x214
+
+
+#define SE_HASH_RESULT_REG_COUNT	16
+#define SE_HASH_RESULT_REG_OFFSET	0x030
+
+
+#define TEGRA_SE_KEY_256_SIZE		32
+#define TEGRA_SE_KEY_192_SIZE		24
+#define TEGRA_SE_KEY_128_SIZE		16
+#define TEGRA_SE_AES_BLOCK_SIZE		16
+#define TEGRA_SE_AES_MIN_KEY_SIZE	16
+#define TEGRA_SE_AES_MAX_KEY_SIZE	32
+#define TEGRA_SE_AES_IV_SIZE		16
+#define TEGRA_SE_RNG_IV_SIZE		16
+#define TEGRA_SE_RNG_DT_SIZE		16
+#define TEGRA_SE_RNG_KEY_SIZE		16
+#define TEGRA_SE_RNG_SEED_SIZE		(TEGRA_SE_RNG_IV_SIZE + \
+						TEGRA_SE_RNG_KEY_SIZE + \
+						TEGRA_SE_RNG_DT_SIZE)
+#define TEGRA_SE_AES_CMAC_DIGEST_SIZE	16
+
+
+/* Security Engine operation modes */
+enum tegra_se_aes_op_mode {
+	SE_AES_OP_MODE_CBC,	/* Cipher Block Chaining (CBC) mode */
+	SE_AES_OP_MODE_ECB,	/* Electronic Codebook (ECB) mode */
+	SE_AES_OP_MODE_CTR,	/* Counter (CTR) mode */
+	SE_AES_OP_MODE_OFB,	/* Output feedback (CFB) mode */
+	SE_AES_OP_MODE_RNG_X931,	/* Random number generator (RNG) mode */
+	SE_AES_OP_MODE_CMAC,	/* Cipher-based MAC (CMAC) mode */
+	SE_AES_OP_MODE_SHA1,	/* Secure Hash Algorithm-1 (SHA1) mode */
+	SE_AES_OP_MODE_SHA224,	/* Secure Hash Algorithm-224  (SHA224) mode */
+	SE_AES_OP_MODE_SHA256,	/* Secure Hash Algorithm-256  (SHA256) mode */
+	SE_AES_OP_MODE_SHA384,	/* Secure Hash Algorithm-384  (SHA384) mode */
+	SE_AES_OP_MODE_SHA512	/* Secure Hash Algorithm-512  (SHA512) mode */
+};
+
+/* Security Engine key table type */
+enum tegra_se_key_table_type {
+	SE_KEY_TABLE_TYPE_KEY,	/* Key */
+	SE_KEY_TABLE_TYPE_ORGIV,	/* Original IV */
+	SE_KEY_TABLE_TYPE_UPDTDIV	/* Updated IV */
+};
+
+/* Security Engine request context */
+struct tegra_se_req_context {
+	enum tegra_se_aes_op_mode op_mode; /* Security Engine operation mode */
+	bool encrypt;	/* Operation type */
+};
+
+/* Security Engine AES context */
+struct tegra_se_aes_context {
+	struct tegra_se_dev *se_dev;	/* Security Engine device */
+	struct tegra_se_slot *slot;	/* Security Engine key slot */
+	u32 keylen;	/* key length in bits */
+	u32 op_mode;	/* AES operation mode */
+};
+
+/* Security Engine randon number generator context */
+struct tegra_se_rng_context {
+	struct tegra_se_dev *se_dev;	/* Security Engine device */
+	struct tegra_se_slot *slot;	/* Security Engine key slot */
+	u32 *dt_buf;	/* Destination buffer pointer */
+	dma_addr_t dt_buf_adr;	/* Destination buffer dma address */
+	u32 *rng_buf;	/* RNG buffer pointer */
+	dma_addr_t rng_buf_adr;	/* RNG buffer dma address */
+	bool use_org_iv;	/* Tells whether original IV is be used
+				or not. If it is false updated IV is used*/
+};
+
+/* Security Engine SHA context */
+struct tegra_se_sha_context {
+	struct tegra_se_dev	*se_dev;	/* Security Engine device */
+	u32 op_mode;	/* SHA operation mode */
+};
+
+/* Security Engine AES CMAC context */
+struct tegra_se_aes_cmac_context {
+	struct tegra_se_dev *se_dev;	/* Security Engine device */
+	struct tegra_se_slot *slot;	/* Security Engine key slot */
+	u32 keylen;	/* key length in bits */
+	u8 K1[TEGRA_SE_KEY_128_SIZE];	/* Key1 */
+	u8 K2[TEGRA_SE_KEY_128_SIZE];	/* Key2 */
+	dma_addr_t dma_addr;	/* DMA address of local buffer */
+	u32 buflen;	/* local buffer length */
+	u8	*buffer;	/* local buffer pointer */
+};
+
+/* Security Engine key slot */
+struct tegra_se_slot {
+	struct list_head node;
+	u8 slot_num;	/* Key slot number */
+	bool available; /* Tells whether key slot is free to use */
+};
+
+/* Security Engine Linked List */
+struct tegra_se_ll {
+	dma_addr_t addr; /* DMA buffer address */
+	u32 data_len; /* Data length in DMA buffer */
+};
+
+/* Security Engine device */
+struct tegra_se_dev {
+	struct device *dev;
+	void __iomem *io_reg;	/* device memory/io */
+	int			irq;		/* irq allocated */
+	spinlock_t lock;	/* spin lock */
+	struct clk *pclk;	/* Security Engine clock */
+	struct crypto_queue queue; /* Security Engine crypto queue */
+	struct tegra_se_slot *slot_list;	/* pointer to key slots */
+	u32 *src_ll_buf;	/* pointer to source linked list buffer */
+	dma_addr_t src_ll_buf_adr; /* Source linked list buffer dma address */
+	u32 src_ll_size;	/* Size of source linked list buffer */
+	u32 *dst_ll_buf;	/* pointer to destination linked list buffer */
+	dma_addr_t dst_ll_buf_adr; /* Destination linked list dma address */
+	u32 dst_ll_size;	/* Size of destination linked list buffer */
+	struct completion complete;	/* Tells the task completion */
+	bool work_q_busy;/* Work queue busy status */
+};
+
+#endif /* _CRYPTO_TEGRA_SE_H */
author	Kasoju Mallikarjun <mkasoju@nvidia.com>	2011-05-03 21:59:05 +0530
committer	Dan Willemsen <dwillemsen@nvidia.com>	2012-03-22 01:17:16 -0700
commit	6fd7947dba284becc4a8610c7469760fa9cf16b1 (patch)
tree	4e1ef93af60ea6bbde68370dc42cbf59fa0c1a1b /drivers/crypto/tegra-se.h
parent	0dd2648bc369eee5ef5f96b5d426e55d9d38058d (diff)