LXR linux/include/uapi/linux/virtio

   1#ifndef _VIRTIO_CRYPTO_H
   2#define _VIRTIO_CRYPTO_H
   3/* This header is BSD licensed so anyone can use the definitions to implement
   4 * compatible drivers/servers.
   5 *
   6 * Redistribution and use in source and binary forms, with or without
   7 * modification, are permitted provided that the following conditions
   8 * are met:
   9 * 1. Redistributions of source code must retain the above copyright
  10 *    notice, this list of conditions and the following disclaimer.
  11 * 2. Redistributions in binary form must reproduce the above copyright
  12 *    notice, this list of conditions and the following disclaimer in the
  13 *    documentation and/or other materials provided with the distribution.
  14 * 3. Neither the name of IBM nor the names of its contributors
  15 *    may be used to endorse or promote products derived from this software
  16 *    without specific prior written permission.
  17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  19 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  20 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL IBM OR
  21 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  22 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  23 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
  24 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
  26 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
  27 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  28 * SUCH DAMAGE.
  29 */
  30#include <linux/types.h>
  31#include <linux/virtio_types.h>
  32#include <linux/virtio_ids.h>
  33#include <linux/virtio_config.h>
  34
  35
  36#define VIRTIO_CRYPTO_SERVICE_CIPHER 0
  37#define VIRTIO_CRYPTO_SERVICE_HASH   1
  38#define VIRTIO_CRYPTO_SERVICE_MAC    2
  39#define VIRTIO_CRYPTO_SERVICE_AEAD   3
  40
  41#define VIRTIO_CRYPTO_OPCODE(service, op)   (((service) << 8) | (op))
  42
  43struct virtio_crypto_ctrl_header {
  44#define VIRTIO_CRYPTO_CIPHER_CREATE_SESSION \
  45           VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x02)
  46#define VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION \
  47           VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x03)
  48#define VIRTIO_CRYPTO_HASH_CREATE_SESSION \
  49           VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x02)
  50#define VIRTIO_CRYPTO_HASH_DESTROY_SESSION \
  51           VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x03)
  52#define VIRTIO_CRYPTO_MAC_CREATE_SESSION \
  53           VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x02)
  54#define VIRTIO_CRYPTO_MAC_DESTROY_SESSION \
  55           VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x03)
  56#define VIRTIO_CRYPTO_AEAD_CREATE_SESSION \
  57           VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x02)
  58#define VIRTIO_CRYPTO_AEAD_DESTROY_SESSION \
  59           VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x03)
  60        __le32 opcode;
  61        __le32 algo;
  62        __le32 flag;
  63        /* data virtqueue id */
  64        __le32 queue_id;
  65};
  66
  67struct virtio_crypto_cipher_session_para {
  68#define VIRTIO_CRYPTO_NO_CIPHER                 0
  69#define VIRTIO_CRYPTO_CIPHER_ARC4               1
  70#define VIRTIO_CRYPTO_CIPHER_AES_ECB            2
  71#define VIRTIO_CRYPTO_CIPHER_AES_CBC            3
  72#define VIRTIO_CRYPTO_CIPHER_AES_CTR            4
  73#define VIRTIO_CRYPTO_CIPHER_DES_ECB            5
  74#define VIRTIO_CRYPTO_CIPHER_DES_CBC            6
  75#define VIRTIO_CRYPTO_CIPHER_3DES_ECB           7
  76#define VIRTIO_CRYPTO_CIPHER_3DES_CBC           8
  77#define VIRTIO_CRYPTO_CIPHER_3DES_CTR           9
  78#define VIRTIO_CRYPTO_CIPHER_KASUMI_F8          10
  79#define VIRTIO_CRYPTO_CIPHER_SNOW3G_UEA2        11
  80#define VIRTIO_CRYPTO_CIPHER_AES_F8             12
  81#define VIRTIO_CRYPTO_CIPHER_AES_XTS            13
  82#define VIRTIO_CRYPTO_CIPHER_ZUC_EEA3           14
  83        __le32 algo;
  84        /* length of key */
  85        __le32 keylen;
  86
  87#define VIRTIO_CRYPTO_OP_ENCRYPT  1
  88#define VIRTIO_CRYPTO_OP_DECRYPT  2
  89        /* encrypt or decrypt */
  90        __le32 op;
  91        __le32 padding;
  92};
  93
  94struct virtio_crypto_session_input {
  95        /* Device-writable part */
  96        __le64 session_id;
  97        __le32 status;
  98        __le32 padding;
  99};
 100
 101struct virtio_crypto_cipher_session_req {
 102        struct virtio_crypto_cipher_session_para para;
 103        __u8 padding[32];
 104};
 105
 106struct virtio_crypto_hash_session_para {
 107#define VIRTIO_CRYPTO_NO_HASH            0
 108#define VIRTIO_CRYPTO_HASH_MD5           1
 109#define VIRTIO_CRYPTO_HASH_SHA1          2
 110#define VIRTIO_CRYPTO_HASH_SHA_224       3
 111#define VIRTIO_CRYPTO_HASH_SHA_256       4
 112#define VIRTIO_CRYPTO_HASH_SHA_384       5
 113#define VIRTIO_CRYPTO_HASH_SHA_512       6
 114#define VIRTIO_CRYPTO_HASH_SHA3_224      7
 115#define VIRTIO_CRYPTO_HASH_SHA3_256      8
 116#define VIRTIO_CRYPTO_HASH_SHA3_384      9
 117#define VIRTIO_CRYPTO_HASH_SHA3_512      10
 118#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE128      11
 119#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE256      12
 120        __le32 algo;
 121        /* hash result length */
 122        __le32 hash_result_len;
 123        __u8 padding[8];
 124};
 125
 126struct virtio_crypto_hash_create_session_req {
 127        struct virtio_crypto_hash_session_para para;
 128        __u8 padding[40];
 129};
 130
 131struct virtio_crypto_mac_session_para {
 132#define VIRTIO_CRYPTO_NO_MAC                       0
 133#define VIRTIO_CRYPTO_MAC_HMAC_MD5                 1
 134#define VIRTIO_CRYPTO_MAC_HMAC_SHA1                2
 135#define VIRTIO_CRYPTO_MAC_HMAC_SHA_224             3
 136#define VIRTIO_CRYPTO_MAC_HMAC_SHA_256             4
 137#define VIRTIO_CRYPTO_MAC_HMAC_SHA_384             5
 138#define VIRTIO_CRYPTO_MAC_HMAC_SHA_512             6
 139#define VIRTIO_CRYPTO_MAC_CMAC_3DES                25
 140#define VIRTIO_CRYPTO_MAC_CMAC_AES                 26
 141#define VIRTIO_CRYPTO_MAC_KASUMI_F9                27
 142#define VIRTIO_CRYPTO_MAC_SNOW3G_UIA2              28
 143#define VIRTIO_CRYPTO_MAC_GMAC_AES                 41
 144#define VIRTIO_CRYPTO_MAC_GMAC_TWOFISH             42
 145#define VIRTIO_CRYPTO_MAC_CBCMAC_AES               49
 146#define VIRTIO_CRYPTO_MAC_CBCMAC_KASUMI_F9         50
 147#define VIRTIO_CRYPTO_MAC_XCBC_AES                 53
 148        __le32 algo;
 149        /* hash result length */
 150        __le32 hash_result_len;
 151        /* length of authenticated key */
 152        __le32 auth_key_len;
 153        __le32 padding;
 154};
 155
 156struct virtio_crypto_mac_create_session_req {
 157        struct virtio_crypto_mac_session_para para;
 158        __u8 padding[40];
 159};
 160
 161struct virtio_crypto_aead_session_para {
 162#define VIRTIO_CRYPTO_NO_AEAD     0
 163#define VIRTIO_CRYPTO_AEAD_GCM    1
 164#define VIRTIO_CRYPTO_AEAD_CCM    2
 165#define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
 166        __le32 algo;
 167        /* length of key */
 168        __le32 key_len;
 169        /* hash result length */
 170        __le32 hash_result_len;
 171        /* length of the additional authenticated data (AAD) in bytes */
 172        __le32 aad_len;
 173        /* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
 174        __le32 op;
 175        __le32 padding;
 176};
 177
 178struct virtio_crypto_aead_create_session_req {
 179        struct virtio_crypto_aead_session_para para;
 180        __u8 padding[32];
 181};
 182
 183struct virtio_crypto_alg_chain_session_para {
 184#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_HASH_THEN_CIPHER  1
 185#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_CIPHER_THEN_HASH  2
 186        __le32 alg_chain_order;
 187/* Plain hash */
 188#define VIRTIO_CRYPTO_SYM_HASH_MODE_PLAIN    1
 189/* Authenticated hash (mac) */
 190#define VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH     2
 191/* Nested hash */
 192#define VIRTIO_CRYPTO_SYM_HASH_MODE_NESTED   3
 193        __le32 hash_mode;
 194        struct virtio_crypto_cipher_session_para cipher_param;
 195        union {
 196                struct virtio_crypto_hash_session_para hash_param;
 197                struct virtio_crypto_mac_session_para mac_param;
 198                __u8 padding[16];
 199        } u;
 200        /* length of the additional authenticated data (AAD) in bytes */
 201        __le32 aad_len;
 202        __le32 padding;
 203};
 204
 205struct virtio_crypto_alg_chain_session_req {
 206        struct virtio_crypto_alg_chain_session_para para;
 207};
 208
 209struct virtio_crypto_sym_create_session_req {
 210        union {
 211                struct virtio_crypto_cipher_session_req cipher;
 212                struct virtio_crypto_alg_chain_session_req chain;
 213                __u8 padding[48];
 214        } u;
 215
 216        /* Device-readable part */
 217
 218/* No operation */
 219#define VIRTIO_CRYPTO_SYM_OP_NONE  0
 220/* Cipher only operation on the data */
 221#define VIRTIO_CRYPTO_SYM_OP_CIPHER  1
 222/*
 223 * Chain any cipher with any hash or mac operation. The order
 224 * depends on the value of alg_chain_order param
 225 */
 226#define VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING  2
 227        __le32 op_type;
 228        __le32 padding;
 229};
 230
 231struct virtio_crypto_destroy_session_req {
 232        /* Device-readable part */
 233        __le64  session_id;
 234        __u8 padding[48];
 235};
 236
 237/* The request of the control virtqueue's packet */
 238struct virtio_crypto_op_ctrl_req {
 239        struct virtio_crypto_ctrl_header header;
 240
 241        union {
 242                struct virtio_crypto_sym_create_session_req
 243                        sym_create_session;
 244                struct virtio_crypto_hash_create_session_req
 245                        hash_create_session;
 246                struct virtio_crypto_mac_create_session_req
 247                        mac_create_session;
 248                struct virtio_crypto_aead_create_session_req
 249                        aead_create_session;
 250                struct virtio_crypto_destroy_session_req
 251                        destroy_session;
 252                __u8 padding[56];
 253        } u;
 254};
 255
 256struct virtio_crypto_op_header {
 257#define VIRTIO_CRYPTO_CIPHER_ENCRYPT \
 258        VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x00)
 259#define VIRTIO_CRYPTO_CIPHER_DECRYPT \
 260        VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x01)
 261#define VIRTIO_CRYPTO_HASH \
 262        VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x00)
 263#define VIRTIO_CRYPTO_MAC \
 264        VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x00)
 265#define VIRTIO_CRYPTO_AEAD_ENCRYPT \
 266        VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
 267#define VIRTIO_CRYPTO_AEAD_DECRYPT \
 268        VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
 269        __le32 opcode;
 270        /* algo should be service-specific algorithms */
 271        __le32 algo;
 272        /* session_id should be service-specific algorithms */
 273        __le64 session_id;
 274        /* control flag to control the request */
 275        __le32 flag;
 276        __le32 padding;
 277};
 278
 279struct virtio_crypto_cipher_para {
 280        /*
 281         * Byte Length of valid IV/Counter
 282         *
 283         * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
 284         *   SNOW3G in UEA2 mode, this is the length of the IV (which
 285         *   must be the same as the block length of the cipher).
 286         * For block ciphers in CTR mode, this is the length of the counter
 287         *   (which must be the same as the block length of the cipher).
 288         * For AES-XTS, this is the 128bit tweak, i, from IEEE Std 1619-2007.
 289         *
 290         * The IV/Counter will be updated after every partial cryptographic
 291         * operation.
 292         */
 293        __le32 iv_len;
 294        /* length of source data */
 295        __le32 src_data_len;
 296        /* length of dst data */
 297        __le32 dst_data_len;
 298        __le32 padding;
 299};
 300
 301struct virtio_crypto_hash_para {
 302        /* length of source data */
 303        __le32 src_data_len;
 304        /* hash result length */
 305        __le32 hash_result_len;
 306};
 307
 308struct virtio_crypto_mac_para {
 309        struct virtio_crypto_hash_para hash;
 310};
 311
 312struct virtio_crypto_aead_para {
 313        /*
 314         * Byte Length of valid IV data pointed to by the below iv_addr
 315         * parameter.
 316         *
 317         * For GCM mode, this is either 12 (for 96-bit IVs) or 16, in which
 318         *   case iv_addr points to J0.
 319         * For CCM mode, this is the length of the nonce, which can be in the
 320         *   range 7 to 13 inclusive.
 321         */
 322        __le32 iv_len;
 323        /* length of additional auth data */
 324        __le32 aad_len;
 325        /* length of source data */
 326        __le32 src_data_len;
 327        /* length of dst data */
 328        __le32 dst_data_len;
 329};
 330
 331struct virtio_crypto_cipher_data_req {
 332        /* Device-readable part */
 333        struct virtio_crypto_cipher_para para;
 334        __u8 padding[24];
 335};
 336
 337struct virtio_crypto_hash_data_req {
 338        /* Device-readable part */
 339        struct virtio_crypto_hash_para para;
 340        __u8 padding[40];
 341};
 342
 343struct virtio_crypto_mac_data_req {
 344        /* Device-readable part */
 345        struct virtio_crypto_mac_para para;
 346        __u8 padding[40];
 347};
 348
 349struct virtio_crypto_alg_chain_data_para {
 350        __le32 iv_len;
 351        /* Length of source data */
 352        __le32 src_data_len;
 353        /* Length of destination data */
 354        __le32 dst_data_len;
 355        /* Starting point for cipher processing in source data */
 356        __le32 cipher_start_src_offset;
 357        /* Length of the source data that the cipher will be computed on */
 358        __le32 len_to_cipher;
 359        /* Starting point for hash processing in source data */
 360        __le32 hash_start_src_offset;
 361        /* Length of the source data that the hash will be computed on */
 362        __le32 len_to_hash;
 363        /* Length of the additional auth data */
 364        __le32 aad_len;
 365        /* Length of the hash result */
 366        __le32 hash_result_len;
 367        __le32 reserved;
 368};
 369
 370struct virtio_crypto_alg_chain_data_req {
 371        /* Device-readable part */
 372        struct virtio_crypto_alg_chain_data_para para;
 373};
 374
 375struct virtio_crypto_sym_data_req {
 376        union {
 377                struct virtio_crypto_cipher_data_req cipher;
 378                struct virtio_crypto_alg_chain_data_req chain;
 379                __u8 padding[40];
 380        } u;
 381
 382        /* See above VIRTIO_CRYPTO_SYM_OP_* */
 383        __le32 op_type;
 384        __le32 padding;
 385};
 386
 387struct virtio_crypto_aead_data_req {
 388        /* Device-readable part */
 389        struct virtio_crypto_aead_para para;
 390        __u8 padding[32];
 391};
 392
 393/* The request of the data virtqueue's packet */
 394struct virtio_crypto_op_data_req {
 395        struct virtio_crypto_op_header header;
 396
 397        union {
 398                struct virtio_crypto_sym_data_req  sym_req;
 399                struct virtio_crypto_hash_data_req hash_req;
 400                struct virtio_crypto_mac_data_req mac_req;
 401                struct virtio_crypto_aead_data_req aead_req;
 402                __u8 padding[48];
 403        } u;
 404};
 405
 406#define VIRTIO_CRYPTO_OK        0
 407#define VIRTIO_CRYPTO_ERR       1
 408#define VIRTIO_CRYPTO_BADMSG    2
 409#define VIRTIO_CRYPTO_NOTSUPP   3
 410#define VIRTIO_CRYPTO_INVSESS   4 /* Invalid session id */
 411
 412/* The accelerator hardware is ready */
 413#define VIRTIO_CRYPTO_S_HW_READY  (1 << 0)
 414
 415struct virtio_crypto_config {
 416        /* See VIRTIO_CRYPTO_OP_* above */
 417        __le32  status;
 418
 419        /*
 420         * Maximum number of data queue
 421         */
 422        __le32  max_dataqueues;
 423
 424        /*
 425         * Specifies the services mask which the device support,
 426         * see VIRTIO_CRYPTO_SERVICE_* above
 427         */
 428        __le32 crypto_services;
 429
 430        /* Detailed algorithms mask */
 431        __le32 cipher_algo_l;
 432        __le32 cipher_algo_h;
 433        __le32 hash_algo;
 434        __le32 mac_algo_l;
 435        __le32 mac_algo_h;
 436        __le32 aead_algo;
 437        /* Maximum length of cipher key */
 438        __le32 max_cipher_key_len;
 439        /* Maximum length of authenticated key */
 440        __le32 max_auth_key_len;
 441        __le32 reserve;
 442        /* Maximum size of each crypto request's content */
 443        __le64 max_size;
 444};
 445
 446struct virtio_crypto_inhdr {
 447        /* See VIRTIO_CRYPTO_* above */
 448        __u8 status;
 449};
 450#endif
 451