From 97434deea43a42c3f596894e71c3b33cfd742eed Mon Sep 17 00:00:00 2001 From: Nagaraj P N Date: Wed, 10 Jul 2024 04:40:18 +0000 Subject: [PATCH] vse: add support for SM4 GMAC Jira ESSS-1417 Change-Id: Ica5cdb08f04e75fba50badb9bd3342f2cd2004b9 Signed-off-by: Nagaraj P N Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3172038 Tested-by: mobile promotions Reviewed-by: mobile promotions --- drivers/crypto/tegra-hv-vse-safety.c | 12 +++++++++--- drivers/crypto/tegra-hv-vse.h | 2 ++ drivers/crypto/tegra-nvvse-cryptodev.c | 1 + include/uapi/misc/tegra-nvvse-cryptodev.h | 5 +++++ 4 files changed, 17 insertions(+), 3 deletions(-) diff --git a/drivers/crypto/tegra-hv-vse-safety.c b/drivers/crypto/tegra-hv-vse-safety.c index 291f6cf8..3ff96906 100644 --- a/drivers/crypto/tegra-hv-vse-safety.c +++ b/drivers/crypto/tegra-hv-vse-safety.c @@ -311,6 +311,7 @@ #define NVVSE_STATUS_SE_SERVER_ERROR 102U #define SE_HW_VALUE_MATCH_CODE 0x5A5A5A5A #define SE_HW_VALUE_MISMATCH_CODE 0xBDBDBDBD + static struct crypto_dev_to_ivc_map g_crypto_to_ivc_map[MAX_NUMBER_MISC_DEVICES]; static bool gcm_supports_dma; @@ -473,6 +474,7 @@ union tegra_virtual_se_aes_args { uint32_t config; u8 expected_tag[TEGRA_VIRTUAL_SE_AES_BLOCK_SIZE]; uint64_t gcm_vrfy_res_addr; + enum vse_sym_cipher_choice sym_ciph; } op_gcm; struct aes_cmac_sv { u8 keyslot[KEYSLOT_SIZE_BYTES]; @@ -490,7 +492,7 @@ union tegra_virtual_se_aes_args { struct aes_rng { struct tegra_virtual_se_addr dst_addr; } op_rng; -} __attribute__((__packed__)); +}; union tegra_virtual_se_sha_args { struct hash { @@ -4902,6 +4904,11 @@ static int tegra_hv_vse_aes_gmac_sv_op_hw_support(struct ahash_request *req, boo } } + if (gmac_ctx->b_is_sm4 == 1U) + ivc_tx->aes.op_gcm.sym_ciph = VSE_SYM_CIPH_SM4; + else + ivc_tx->aes.op_gcm.sym_ciph = VSE_SYM_CIPH_AES; + g_crypto_to_ivc_map[gmac_ctx->node_id].vse_thread_start = true; init_completion(&priv->alg_complete); @@ -4918,10 +4925,9 @@ static int tegra_hv_vse_aes_gmac_sv_op_hw_support(struct ahash_request *req, boo err = status_to_errno(priv->rx_status); goto free_exit; } else { - if (is_last && gmac_req_data->request_type == GMAC_SIGN) { + if (is_last && gmac_req_data->request_type == GMAC_SIGN) /* copy tag to req for last GMAC_SIGN requests */ memcpy(req->result, tag_buf, gmac_ctx->authsize); - } } if (is_last && gmac_req_data->request_type == GMAC_VERIFY) { diff --git a/drivers/crypto/tegra-hv-vse.h b/drivers/crypto/tegra-hv-vse.h index 454a0569..834b787c 100644 --- a/drivers/crypto/tegra-hv-vse.h +++ b/drivers/crypto/tegra-hv-vse.h @@ -134,6 +134,8 @@ struct tegra_virtual_se_aes_gmac_context { bool is_key_slot_allocated; /*Crypto dev instance*/ uint32_t node_id; + /* Flag to indicate if sm4 is enabled*/ + uint8_t b_is_sm4; }; /* Security Engine SHA context */ diff --git a/drivers/crypto/tegra-nvvse-cryptodev.c b/drivers/crypto/tegra-nvvse-cryptodev.c index 63facb62..63f9413a 100644 --- a/drivers/crypto/tegra-nvvse-cryptodev.c +++ b/drivers/crypto/tegra-nvvse-cryptodev.c @@ -1053,6 +1053,7 @@ static int tnvvse_crypto_aes_gmac_sign_verify_init(struct tnvvse_crypto_ctx *ctx gmac_ctx = crypto_ahash_ctx(tfm); gmac_ctx->node_id = ctx->node_id; + gmac_ctx->b_is_sm4 = gmac_sign_verify_ctl->b_is_sm4; driver_name = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm)); if (driver_name == NULL) { diff --git a/include/uapi/misc/tegra-nvvse-cryptodev.h b/include/uapi/misc/tegra-nvvse-cryptodev.h index e8e5a113..f9841712 100644 --- a/include/uapi/misc/tegra-nvvse-cryptodev.h +++ b/include/uapi/misc/tegra-nvvse-cryptodev.h @@ -366,6 +366,11 @@ struct tegra_nvvse_aes_gmac_sign_verify_ctl { * - Non-zero value indicates GMAC verification failure. */ uint8_t result; + /** [in] Flag to indicate SM4 request. + * 0 indicates non-SM4 request + * non-zero indicates SM4 request + */ + uint8_t b_is_sm4; }; #define NVVSE_IOCTL_CMDID_AES_GMAC_SIGN_VERIFY _IOWR(TEGRA_NVVSE_IOC_MAGIC, \ TEGRA_NVVSE_CMDID_AES_GMAC_SIGN_VERIFY, \