From afb2145beb9ec224b2eff4af867583d37e4741b4 Mon Sep 17 00:00:00 2001 From: Prashant Parihar Date: Thu, 4 Jul 2024 05:46:39 +0000 Subject: [PATCH] nvvse: Enable SM4 CMAC support Jira ESSS-1409 Change-Id: Ib13b2901cbec8e4b9670fbe43960514e614a60c0 Signed-off-by: Prashant Parihar Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3170104 Reviewed-by: mobile promotions Tested-by: mobile promotions --- drivers/crypto/tegra-hv-vse-safety.c | 23 +++++++++++++++++++++++ drivers/crypto/tegra-hv-vse.h | 2 ++ drivers/crypto/tegra-nvvse-cryptodev.c | 1 + include/uapi/misc/tegra-nvvse-cryptodev.h | 5 +++++ 4 files changed, 31 insertions(+) diff --git a/drivers/crypto/tegra-hv-vse-safety.c b/drivers/crypto/tegra-hv-vse-safety.c index 72fe3c77..291f6cf8 100644 --- a/drivers/crypto/tegra-hv-vse-safety.c +++ b/drivers/crypto/tegra-hv-vse-safety.c @@ -346,6 +346,16 @@ enum cmac_request_type { CMAC_VERIFY }; +/* + * @enum vse_sym_cipher_choice + * @brief Symmetric cipher to be used for CMAC sign/verify + * Currently two choices are supported - AES, SM4. + */ +enum vse_sym_cipher_choice { + VSE_SYM_CIPH_AES = 0, + VSE_SYM_CIPH_SM4 = 0xFFFFFFFF +}; + /* CMAC request data */ struct tegra_vse_cmac_req_data { enum cmac_request_type request_type; @@ -475,6 +485,7 @@ union tegra_virtual_se_aes_args { u8 cmac_result[TEGRA_VIRTUAL_SE_AES_BLOCK_SIZE]; u64 mac_addr; u64 mac_comp_res_addr; + enum vse_sym_cipher_choice sym_ciph; } op_cmac_sv; struct aes_rng { struct tegra_virtual_se_addr dst_addr; @@ -2968,6 +2979,12 @@ static int tegra_hv_vse_safety_cmac_sv_op_hw_verify_supported( memcpy(ivc_tx->aes.op_cmac_sv.keyslot, cmac_ctx->aes_keyslot, KEYSLOT_SIZE_BYTES); ivc_tx->aes.op_cmac_sv.key_length = cmac_ctx->keylen; ivc_tx->aes.op_cmac_sv.config = 0; + + if (cmac_ctx->b_is_sm4 == 1U) + ivc_tx->aes.op_cmac_sv.sym_ciph = VSE_SYM_CIPH_SM4; + else + ivc_tx->aes.op_cmac_sv.sym_ciph = VSE_SYM_CIPH_AES; + if (is_last == true) ivc_tx->aes.op_cmac_sv.config |= TEGRA_VIRTUAL_SE_AES_CMAC_SV_CONFIG_LASTREQ; @@ -3111,6 +3128,12 @@ static int tegra_hv_vse_safety_cmac_sv_op(struct ahash_request *req, bool is_las ivc_tx->aes.op_cmac_sv.lastblock_len = last_block_bytes; ivc_tx->aes.op_cmac_sv.src_addr = src_addr64.addr; ivc_tx->aes.op_cmac_sv.src_buf_size = src_addr64.buf_size; + + if (cmac_ctx->b_is_sm4 == 1U) { + ivc_tx->aes.op_cmac_sv.sym_ciph = VSE_SYM_CIPH_SM4; + } else { + ivc_tx->aes.op_cmac_sv.sym_ciph = VSE_SYM_CIPH_AES; + } sg_pcopy_to_buffer(req->src, (u32)num_sgs, ivc_tx->aes.op_cmac_sv.lastblock, diff --git a/drivers/crypto/tegra-hv-vse.h b/drivers/crypto/tegra-hv-vse.h index f5c61647..454a0569 100644 --- a/drivers/crypto/tegra-hv-vse.h +++ b/drivers/crypto/tegra-hv-vse.h @@ -118,6 +118,8 @@ struct tegra_virtual_se_aes_cmac_context { bool is_key_slot_allocated; /*Crypto dev instance*/ uint32_t node_id; + /* Flag to indicate if sm4 is enabled*/ + uint8_t b_is_sm4; }; /* Security Engine AES GMAC context */ diff --git a/drivers/crypto/tegra-nvvse-cryptodev.c b/drivers/crypto/tegra-nvvse-cryptodev.c index 51e446e2..63facb62 100644 --- a/drivers/crypto/tegra-nvvse-cryptodev.c +++ b/drivers/crypto/tegra-nvvse-cryptodev.c @@ -856,6 +856,7 @@ static int tnvvse_crypto_aes_cmac_sign_verify(struct tnvvse_crypto_ctx *ctx, cmac_ctx = crypto_ahash_ctx(tfm); cmac_ctx->node_id = ctx->node_id; + cmac_ctx->b_is_sm4 = aes_cmac_ctl->is_SM4; driver_name = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm)); if (driver_name == NULL) { diff --git a/include/uapi/misc/tegra-nvvse-cryptodev.h b/include/uapi/misc/tegra-nvvse-cryptodev.h index 5cb36836..e8e5a113 100644 --- a/include/uapi/misc/tegra-nvvse-cryptodev.h +++ b/include/uapi/misc/tegra-nvvse-cryptodev.h @@ -425,6 +425,11 @@ struct tegra_nvvse_aes_cmac_sign_verify_ctl { * - Non-zero value indicates CMAC verification failure. */ uint8_t result; + /** [out] Holds SM4 CMAC flag value for request + * - '0' indicates AES CMAC request + * - Non-zero value indicates SM4 CMAC request. + */ + uint8_t is_SM4; }; #define NVVSE_IOCTL_CMDID_AES_CMAC_SIGN_VERIFY _IOWR(TEGRA_NVVSE_IOC_MAGIC, \ TEGRA_NVVSE_CMDID_AES_CMAC_SIGN_VERIFY, \