LXR qemu/include/sysemu/cryptodev.h

   1/*
   2 * QEMU Crypto Device Implementation
   3 *
   4 * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
   5 *
   6 * Authors:
   7 *    Gonglei <arei.gonglei@huawei.com>
   8 *
   9 * This library is free software; you can redistribute it and/or
  10 * modify it under the terms of the GNU Lesser General Public
  11 * License as published by the Free Software Foundation; either
  12 * version 2.1 of the License, or (at your option) any later version.
  13 *
  14 * This library is distributed in the hope that it will be useful,
  15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  17 * Lesser General Public License for more details.
  18 *
  19 * You should have received a copy of the GNU Lesser General Public
  20 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
  21 *
  22 */
  23#ifndef CRYPTODEV_H
  24#define CRYPTODEV_H
  25
  26#include "qemu/queue.h"
  27#include "qom/object.h"
  28
  29/**
  30 * CryptoDevBackend:
  31 *
  32 * The CryptoDevBackend object is an interface
  33 * for different cryptodev backends, which provides crypto
  34 * operation wrapper.
  35 *
  36 */
  37
  38#define TYPE_CRYPTODEV_BACKEND "cryptodev-backend"
  39
  40OBJECT_DECLARE_TYPE(CryptoDevBackend, CryptoDevBackendClass,
  41                    CRYPTODEV_BACKEND)
  42
  43
  44#define MAX_CRYPTO_QUEUE_NUM  64
  45
  46typedef struct CryptoDevBackendConf CryptoDevBackendConf;
  47typedef struct CryptoDevBackendPeers CryptoDevBackendPeers;
  48typedef struct CryptoDevBackendClient
  49                     CryptoDevBackendClient;
  50
  51enum CryptoDevBackendAlgType {
  52    CRYPTODEV_BACKEND_ALG_SYM,
  53    CRYPTODEV_BACKEND_ALG__MAX,
  54};
  55
  56/**
  57 * CryptoDevBackendSymSessionInfo:
  58 *
  59 * @op_code: operation code (refer to virtio_crypto.h)
  60 * @cipher_alg: algorithm type of CIPHER
  61 * @key_len: byte length of cipher key
  62 * @hash_alg: algorithm type of HASH/MAC
  63 * @hash_result_len: byte length of HASH operation result
  64 * @auth_key_len: byte length of authenticated key
  65 * @add_len: byte length of additional authenticated data
  66 * @op_type: operation type (refer to virtio_crypto.h)
  67 * @direction: encryption or direction for CIPHER
  68 * @hash_mode: HASH mode for HASH operation (refer to virtio_crypto.h)
  69 * @alg_chain_order: order of algorithm chaining (CIPHER then HASH,
  70 *                   or HASH then CIPHER)
  71 * @cipher_key: point to a key of CIPHER
  72 * @auth_key: point to an authenticated key of MAC
  73 *
  74 */
  75typedef struct CryptoDevBackendSymSessionInfo {
  76    /* corresponding with virtio crypto spec */
  77    uint32_t op_code;
  78    uint32_t cipher_alg;
  79    uint32_t key_len;
  80    uint32_t hash_alg;
  81    uint32_t hash_result_len;
  82    uint32_t auth_key_len;
  83    uint32_t add_len;
  84    uint8_t op_type;
  85    uint8_t direction;
  86    uint8_t hash_mode;
  87    uint8_t alg_chain_order;
  88    uint8_t *cipher_key;
  89    uint8_t *auth_key;
  90} CryptoDevBackendSymSessionInfo;
  91
  92/**
  93 * CryptoDevBackendSymOpInfo:
  94 *
  95 * @session_id: session index which was previously
  96 *              created by cryptodev_backend_sym_create_session()
  97 * @aad_len: byte length of additional authenticated data
  98 * @iv_len: byte length of initialization vector or counter
  99 * @src_len: byte length of source data
 100 * @dst_len: byte length of destination data
 101 * @digest_result_len: byte length of hash digest result
 102 * @hash_start_src_offset: Starting point for hash processing, specified
 103 *  as number of bytes from start of packet in source data, only used for
 104 *  algorithm chain
 105 * @cipher_start_src_offset: Starting point for cipher processing, specified
 106 *  as number of bytes from start of packet in source data, only used for
 107 *  algorithm chain
 108 * @len_to_hash: byte length of source data on which the hash
 109 *  operation will be computed, only used for algorithm chain
 110 * @len_to_cipher: byte length of source data on which the cipher
 111 *  operation will be computed, only used for algorithm chain
 112 * @op_type: operation type (refer to virtio_crypto.h)
 113 * @iv: point to the initialization vector or counter
 114 * @src: point to the source data
 115 * @dst: point to the destination data
 116 * @aad_data: point to the additional authenticated data
 117 * @digest_result: point to the digest result data
 118 * @data[0]: point to the extensional memory by one memory allocation
 119 *
 120 */
 121typedef struct CryptoDevBackendSymOpInfo {
 122    uint64_t session_id;
 123    uint32_t aad_len;
 124    uint32_t iv_len;
 125    uint32_t src_len;
 126    uint32_t dst_len;
 127    uint32_t digest_result_len;
 128    uint32_t hash_start_src_offset;
 129    uint32_t cipher_start_src_offset;
 130    uint32_t len_to_hash;
 131    uint32_t len_to_cipher;
 132    uint8_t op_type;
 133    uint8_t *iv;
 134    uint8_t *src;
 135    uint8_t *dst;
 136    uint8_t *aad_data;
 137    uint8_t *digest_result;
 138    uint8_t data[];
 139} CryptoDevBackendSymOpInfo;
 140
 141struct CryptoDevBackendClass {
 142    ObjectClass parent_class;
 143
 144    void (*init)(CryptoDevBackend *backend, Error **errp);
 145    void (*cleanup)(CryptoDevBackend *backend, Error **errp);
 146
 147    int64_t (*create_session)(CryptoDevBackend *backend,
 148                       CryptoDevBackendSymSessionInfo *sess_info,
 149                       uint32_t queue_index, Error **errp);
 150    int (*close_session)(CryptoDevBackend *backend,
 151                           uint64_t session_id,
 152                           uint32_t queue_index, Error **errp);
 153    int (*do_sym_op)(CryptoDevBackend *backend,
 154                     CryptoDevBackendSymOpInfo *op_info,
 155                     uint32_t queue_index, Error **errp);
 156};
 157
 158typedef enum CryptoDevBackendOptionsType {
 159    CRYPTODEV_BACKEND_TYPE_NONE = 0,
 160    CRYPTODEV_BACKEND_TYPE_BUILTIN = 1,
 161    CRYPTODEV_BACKEND_TYPE_VHOST_USER = 2,
 162    CRYPTODEV_BACKEND_TYPE__MAX,
 163} CryptoDevBackendOptionsType;
 164
 165struct CryptoDevBackendClient {
 166    CryptoDevBackendOptionsType type;
 167    char *model;
 168    char *name;
 169    char *info_str;
 170    unsigned int queue_index;
 171    int vring_enable;
 172    QTAILQ_ENTRY(CryptoDevBackendClient) next;
 173};
 174
 175struct CryptoDevBackendPeers {
 176    CryptoDevBackendClient *ccs[MAX_CRYPTO_QUEUE_NUM];
 177    uint32_t queues;
 178};
 179
 180struct CryptoDevBackendConf {
 181    CryptoDevBackendPeers peers;
 182
 183    /* Supported service mask */
 184    uint32_t crypto_services;
 185
 186    /* Detailed algorithms mask */
 187    uint32_t cipher_algo_l;
 188    uint32_t cipher_algo_h;
 189    uint32_t hash_algo;
 190    uint32_t mac_algo_l;
 191    uint32_t mac_algo_h;
 192    uint32_t aead_algo;
 193    /* Maximum length of cipher key */
 194    uint32_t max_cipher_key_len;
 195    /* Maximum length of authenticated key */
 196    uint32_t max_auth_key_len;
 197    /* Maximum size of each crypto request's content */
 198    uint64_t max_size;
 199};
 200
 201struct CryptoDevBackend {
 202    Object parent_obj;
 203
 204    bool ready;
 205    /* Tag the cryptodev backend is used by virtio-crypto or not */
 206    bool is_used;
 207    CryptoDevBackendConf conf;
 208};
 209
 210/**
 211 * cryptodev_backend_new_client:
 212 * @model: the cryptodev backend model
 213 * @name: the cryptodev backend name, can be NULL
 214 *
 215 * Creates a new cryptodev backend client object
 216 * with the @name in the model @model.
 217 *
 218 * The returned object must be released with
 219 * cryptodev_backend_free_client() when no
 220 * longer required
 221 *
 222 * Returns: a new cryptodev backend client object
 223 */
 224CryptoDevBackendClient *
 225cryptodev_backend_new_client(const char *model,
 226                                    const char *name);
 227/**
 228 * cryptodev_backend_free_client:
 229 * @cc: the cryptodev backend client object
 230 *
 231 * Release the memory associated with @cc that
 232 * was previously allocated by cryptodev_backend_new_client()
 233 */
 234void cryptodev_backend_free_client(
 235                  CryptoDevBackendClient *cc);
 236
 237/**
 238 * cryptodev_backend_cleanup:
 239 * @backend: the cryptodev backend object
 240 * @errp: pointer to a NULL-initialized error object
 241 *
 242 * Clean the resouce associated with @backend that realizaed
 243 * by the specific backend's init() callback
 244 */
 245void cryptodev_backend_cleanup(
 246           CryptoDevBackend *backend,
 247           Error **errp);
 248
 249/**
 250 * cryptodev_backend_sym_create_session:
 251 * @backend: the cryptodev backend object
 252 * @sess_info: parameters needed by session creating
 253 * @queue_index: queue index of cryptodev backend client
 254 * @errp: pointer to a NULL-initialized error object
 255 *
 256 * Create a session for symmetric algorithms
 257 *
 258 * Returns: session id on success, or -1 on error
 259 */
 260int64_t cryptodev_backend_sym_create_session(
 261           CryptoDevBackend *backend,
 262           CryptoDevBackendSymSessionInfo *sess_info,
 263           uint32_t queue_index, Error **errp);
 264
 265/**
 266 * cryptodev_backend_sym_close_session:
 267 * @backend: the cryptodev backend object
 268 * @session_id: the session id
 269 * @queue_index: queue index of cryptodev backend client
 270 * @errp: pointer to a NULL-initialized error object
 271 *
 272 * Close a session for symmetric algorithms which was previously
 273 * created by cryptodev_backend_sym_create_session()
 274 *
 275 * Returns: 0 on success, or Negative on error
 276 */
 277int cryptodev_backend_sym_close_session(
 278           CryptoDevBackend *backend,
 279           uint64_t session_id,
 280           uint32_t queue_index, Error **errp);
 281
 282/**
 283 * cryptodev_backend_crypto_operation:
 284 * @backend: the cryptodev backend object
 285 * @opaque: pointer to a VirtIOCryptoReq object
 286 * @queue_index: queue index of cryptodev backend client
 287 * @errp: pointer to a NULL-initialized error object
 288 *
 289 * Do crypto operation, such as encryption and
 290 * decryption
 291 *
 292 * Returns: VIRTIO_CRYPTO_OK on success,
 293 *         or -VIRTIO_CRYPTO_* on error
 294 */
 295int cryptodev_backend_crypto_operation(
 296                 CryptoDevBackend *backend,
 297                 void *opaque,
 298                 uint32_t queue_index, Error **errp);
 299
 300/**
 301 * cryptodev_backend_set_used:
 302 * @backend: the cryptodev backend object
 303 * @used: ture or false
 304 *
 305 * Set the cryptodev backend is used by virtio-crypto or not
 306 */
 307void cryptodev_backend_set_used(CryptoDevBackend *backend, bool used);
 308
 309/**
 310 * cryptodev_backend_is_used:
 311 * @backend: the cryptodev backend object
 312 *
 313 * Return the status that the cryptodev backend is used
 314 * by virtio-crypto or not
 315 *
 316 * Returns: true on used, or false on not used
 317 */
 318bool cryptodev_backend_is_used(CryptoDevBackend *backend);
 319
 320/**
 321 * cryptodev_backend_set_ready:
 322 * @backend: the cryptodev backend object
 323 * @ready: ture or false
 324 *
 325 * Set the cryptodev backend is ready or not, which is called
 326 * by the children of the cryptodev banckend interface.
 327 */
 328void cryptodev_backend_set_ready(CryptoDevBackend *backend, bool ready);
 329
 330/**
 331 * cryptodev_backend_is_ready:
 332 * @backend: the cryptodev backend object
 333 *
 334 * Return the status that the cryptodev backend is ready or not
 335 *
 336 * Returns: true on ready, or false on not ready
 337 */
 338bool cryptodev_backend_is_ready(CryptoDevBackend *backend);
 339
 340#endif /* CRYPTODEV_H */
 341