LXR qemu/include/sysemu/cryptodev.h

   1/*
   2 * QEMU Crypto Device Implementation
   3 *
   4 * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
   5 *
   6 * Authors:
   7 *    Gonglei <arei.gonglei@huawei.com>
   8 *
   9 * This library is free software; you can redistribute it and/or
  10 * modify it under the terms of the GNU Lesser General Public
  11 * License as published by the Free Software Foundation; either
  12 * version 2 of the License, or (at your option) any later version.
  13 *
  14 * This library is distributed in the hope that it will be useful,
  15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  17 * Lesser General Public License for more details.
  18 *
  19 * You should have received a copy of the GNU Lesser General Public
  20 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
  21 *
  22 */
  23#ifndef CRYPTODEV_H
  24#define CRYPTODEV_H
  25
  26#include "qom/object.h"
  27#include "qemu-common.h"
  28
  29/**
  30 * CryptoDevBackend:
  31 *
  32 * The CryptoDevBackend object is an interface
  33 * for different cryptodev backends, which provides crypto
  34 * operation wrapper.
  35 *
  36 */
  37
  38#define TYPE_CRYPTODEV_BACKEND "cryptodev-backend"
  39
  40#define CRYPTODEV_BACKEND(obj) \
  41    OBJECT_CHECK(CryptoDevBackend, \
  42                 (obj), TYPE_CRYPTODEV_BACKEND)
  43#define CRYPTODEV_BACKEND_GET_CLASS(obj) \
  44    OBJECT_GET_CLASS(CryptoDevBackendClass, \
  45                 (obj), TYPE_CRYPTODEV_BACKEND)
  46#define CRYPTODEV_BACKEND_CLASS(klass) \
  47    OBJECT_CLASS_CHECK(CryptoDevBackendClass, \
  48                (klass), TYPE_CRYPTODEV_BACKEND)
  49
  50
  51#define MAX_CRYPTO_QUEUE_NUM  64
  52
  53typedef struct CryptoDevBackendConf CryptoDevBackendConf;
  54typedef struct CryptoDevBackendPeers CryptoDevBackendPeers;
  55typedef struct CryptoDevBackendClient
  56                     CryptoDevBackendClient;
  57typedef struct CryptoDevBackend CryptoDevBackend;
  58
  59enum CryptoDevBackendAlgType {
  60    CRYPTODEV_BACKEND_ALG_SYM,
  61    CRYPTODEV_BACKEND_ALG__MAX,
  62};
  63
  64/**
  65 * CryptoDevBackendSymSessionInfo:
  66 *
  67 * @op_code: operation code (refer to virtio_crypto.h)
  68 * @cipher_alg: algorithm type of CIPHER
  69 * @key_len: byte length of cipher key
  70 * @hash_alg: algorithm type of HASH/MAC
  71 * @hash_result_len: byte length of HASH operation result
  72 * @auth_key_len: byte length of authenticated key
  73 * @add_len: byte length of additional authenticated data
  74 * @op_type: operation type (refer to virtio_crypto.h)
  75 * @direction: encryption or direction for CIPHER
  76 * @hash_mode: HASH mode for HASH operation (refer to virtio_crypto.h)
  77 * @alg_chain_order: order of algorithm chaining (CIPHER then HASH,
  78 *                   or HASH then CIPHER)
  79 * @cipher_key: point to a key of CIPHER
  80 * @auth_key: point to an authenticated key of MAC
  81 *
  82 */
  83typedef struct CryptoDevBackendSymSessionInfo {
  84    /* corresponding with virtio crypto spec */
  85    uint32_t op_code;
  86    uint32_t cipher_alg;
  87    uint32_t key_len;
  88    uint32_t hash_alg;
  89    uint32_t hash_result_len;
  90    uint32_t auth_key_len;
  91    uint32_t add_len;
  92    uint8_t op_type;
  93    uint8_t direction;
  94    uint8_t hash_mode;
  95    uint8_t alg_chain_order;
  96    uint8_t *cipher_key;
  97    uint8_t *auth_key;
  98} CryptoDevBackendSymSessionInfo;
  99
 100/**
 101 * CryptoDevBackendSymOpInfo:
 102 *
 103 * @session_id: session index which was previously
 104 *              created by cryptodev_backend_sym_create_session()
 105 * @aad_len: byte length of additional authenticated data
 106 * @iv_len: byte length of initialization vector or counter
 107 * @src_len: byte length of source data
 108 * @dst_len: byte length of destination data
 109 * @digest_result_len: byte length of hash digest result
 110 * @hash_start_src_offset: Starting point for hash processing, specified
 111 *  as number of bytes from start of packet in source data, only used for
 112 *  algorithm chain
 113 * @cipher_start_src_offset: Starting point for cipher processing, specified
 114 *  as number of bytes from start of packet in source data, only used for
 115 *  algorithm chain
 116 * @len_to_hash: byte length of source data on which the hash
 117 *  operation will be computed, only used for algorithm chain
 118 * @len_to_cipher: byte length of source data on which the cipher
 119 *  operation will be computed, only used for algorithm chain
 120 * @op_type: operation type (refer to virtio_crypto.h)
 121 * @iv: point to the initialization vector or counter
 122 * @src: point to the source data
 123 * @dst: point to the destination data
 124 * @aad_data: point to the additional authenticated data
 125 * @digest_result: point to the digest result data
 126 * @data[0]: point to the extensional memory by one memory allocation
 127 *
 128 */
 129typedef struct CryptoDevBackendSymOpInfo {
 130    uint64_t session_id;
 131    uint32_t aad_len;
 132    uint32_t iv_len;
 133    uint32_t src_len;
 134    uint32_t dst_len;
 135    uint32_t digest_result_len;
 136    uint32_t hash_start_src_offset;
 137    uint32_t cipher_start_src_offset;
 138    uint32_t len_to_hash;
 139    uint32_t len_to_cipher;
 140    uint8_t op_type;
 141    uint8_t *iv;
 142    uint8_t *src;
 143    uint8_t *dst;
 144    uint8_t *aad_data;
 145    uint8_t *digest_result;
 146    uint8_t data[0];
 147} CryptoDevBackendSymOpInfo;
 148
 149typedef struct CryptoDevBackendClass {
 150    ObjectClass parent_class;
 151
 152    void (*init)(CryptoDevBackend *backend, Error **errp);
 153    void (*cleanup)(CryptoDevBackend *backend, Error **errp);
 154
 155    int64_t (*create_session)(CryptoDevBackend *backend,
 156                       CryptoDevBackendSymSessionInfo *sess_info,
 157                       uint32_t queue_index, Error **errp);
 158    int (*close_session)(CryptoDevBackend *backend,
 159                           uint64_t session_id,
 160                           uint32_t queue_index, Error **errp);
 161    int (*do_sym_op)(CryptoDevBackend *backend,
 162                     CryptoDevBackendSymOpInfo *op_info,
 163                     uint32_t queue_index, Error **errp);
 164} CryptoDevBackendClass;
 165
 166
 167struct CryptoDevBackendClient {
 168    char *model;
 169    char *name;
 170    char *info_str;
 171    unsigned int queue_index;
 172    QTAILQ_ENTRY(CryptoDevBackendClient) next;
 173};
 174
 175struct CryptoDevBackendPeers {
 176    CryptoDevBackendClient *ccs[MAX_CRYPTO_QUEUE_NUM];
 177    uint32_t queues;
 178};
 179
 180struct CryptoDevBackendConf {
 181    CryptoDevBackendPeers peers;
 182
 183    /* Supported service mask */
 184    uint32_t crypto_services;
 185
 186    /* Detailed algorithms mask */
 187    uint32_t cipher_algo_l;
 188    uint32_t cipher_algo_h;
 189    uint32_t hash_algo;
 190    uint32_t mac_algo_l;
 191    uint32_t mac_algo_h;
 192    uint32_t aead_algo;
 193    /* Maximum length of cipher key */
 194    uint32_t max_cipher_key_len;
 195    /* Maximum length of authenticated key */
 196    uint32_t max_auth_key_len;
 197    /* Maximum size of each crypto request's content */
 198    uint64_t max_size;
 199};
 200
 201struct CryptoDevBackend {
 202    Object parent_obj;
 203
 204    bool ready;
 205    /* Tag the cryptodev backend is used by virtio-crypto or not */
 206    bool is_used;
 207    CryptoDevBackendConf conf;
 208};
 209
 210/**
 211 * cryptodev_backend_new_client:
 212 * @model: the cryptodev backend model
 213 * @name: the cryptodev backend name, can be NULL
 214 *
 215 * Creates a new cryptodev backend client object
 216 * with the @name in the model @model.
 217 *
 218 * The returned object must be released with
 219 * cryptodev_backend_free_client() when no
 220 * longer required
 221 *
 222 * Returns: a new cryptodev backend client object
 223 */
 224CryptoDevBackendClient *
 225cryptodev_backend_new_client(const char *model,
 226                                    const char *name);
 227/**
 228 * cryptodev_backend_free_client:
 229 * @cc: the cryptodev backend client object
 230 *
 231 * Release the memory associated with @cc that
 232 * was previously allocated by cryptodev_backend_new_client()
 233 */
 234void cryptodev_backend_free_client(
 235                  CryptoDevBackendClient *cc);
 236
 237/**
 238 * cryptodev_backend_cleanup:
 239 * @backend: the cryptodev backend object
 240 * @errp: pointer to a NULL-initialized error object
 241 *
 242 * Clean the resouce associated with @backend that realizaed
 243 * by the specific backend's init() callback
 244 */
 245void cryptodev_backend_cleanup(
 246           CryptoDevBackend *backend,
 247           Error **errp);
 248
 249/**
 250 * cryptodev_backend_sym_create_session:
 251 * @backend: the cryptodev backend object
 252 * @sess_info: parameters needed by session creating
 253 * @queue_index: queue index of cryptodev backend client
 254 * @errp: pointer to a NULL-initialized error object
 255 *
 256 * Create a session for symmetric algorithms
 257 *
 258 * Returns: session id on success, or -1 on error
 259 */
 260int64_t cryptodev_backend_sym_create_session(
 261           CryptoDevBackend *backend,
 262           CryptoDevBackendSymSessionInfo *sess_info,
 263           uint32_t queue_index, Error **errp);
 264
 265/**
 266 * cryptodev_backend_sym_close_session:
 267 * @backend: the cryptodev backend object
 268 * @session_id: the session id
 269 * @queue_index: queue index of cryptodev backend client
 270 * @errp: pointer to a NULL-initialized error object
 271 *
 272 * Close a session for symmetric algorithms which was previously
 273 * created by cryptodev_backend_sym_create_session()
 274 *
 275 * Returns: 0 on success, or Negative on error
 276 */
 277int cryptodev_backend_sym_close_session(
 278           CryptoDevBackend *backend,
 279           uint64_t session_id,
 280           uint32_t queue_index, Error **errp);
 281
 282/**
 283 * cryptodev_backend_crypto_operation:
 284 * @backend: the cryptodev backend object
 285 * @opaque: pointer to a VirtIOCryptoReq object
 286 * @queue_index: queue index of cryptodev backend client
 287 * @errp: pointer to a NULL-initialized error object
 288 *
 289 * Do crypto operation, such as encryption and
 290 * decryption
 291 *
 292 * Returns: VIRTIO_CRYPTO_OK on success,
 293 *         or -VIRTIO_CRYPTO_* on error
 294 */
 295int cryptodev_backend_crypto_operation(
 296                 CryptoDevBackend *backend,
 297                 void *opaque,
 298                 uint32_t queue_index, Error **errp);
 299
 300/**
 301 * cryptodev_backend_set_used:
 302 * @backend: the cryptodev backend object
 303 * @used: ture or false
 304 *
 305 * Set the cryptodev backend is used by virtio-crypto or not
 306 */
 307void cryptodev_backend_set_used(CryptoDevBackend *backend, bool used);
 308
 309/**
 310 * cryptodev_backend_is_used:
 311 * @backend: the cryptodev backend object
 312 *
 313 * Return the status that the cryptodev backend is used
 314 * by virtio-crypto or not
 315 *
 316 * Returns: true on used, or false on not used
 317 */
 318bool cryptodev_backend_is_used(CryptoDevBackend *backend);
 319
 320/**
 321 * cryptodev_backend_set_ready:
 322 * @backend: the cryptodev backend object
 323 * @ready: ture or false
 324 *
 325 * Set the cryptodev backend is ready or not, which is called
 326 * by the children of the cryptodev banckend interface.
 327 */
 328void cryptodev_backend_set_ready(CryptoDevBackend *backend, bool ready);
 329
 330/**
 331 * cryptodev_backend_is_ready:
 332 * @backend: the cryptodev backend object
 333 *
 334 * Return the status that the cryptodev backend is ready or not
 335 *
 336 * Returns: true on ready, or false on not ready
 337 */
 338bool cryptodev_backend_is_ready(CryptoDevBackend *backend);
 339
 340#endif /* CRYPTODEV_H */
 341