blob: b20822df0dca782b51dc4bc3f78f63a9ebc624b9 [file] [log] [blame]
Gongleid0ee7a12016-10-28 16:33:20 +08001/*
2 * QEMU Crypto Device Implementation
3 *
4 * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
5 *
6 * Authors:
7 * Gonglei <arei.gonglei@huawei.com>
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
Chetan Pant0dda0012020-10-14 13:37:22 +000012 * version 2.1 of the License, or (at your option) any later version.
Gongleid0ee7a12016-10-28 16:33:20 +080013 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 *
22 */
23#ifndef CRYPTODEV_H
24#define CRYPTODEV_H
25
Markus Armbrusterdc5e9ac2019-08-12 07:23:49 +020026#include "qemu/queue.h"
zhenwei pi2580b452023-03-01 18:58:45 +080027#include "qemu/throttle.h"
Gongleid0ee7a12016-10-28 16:33:20 +080028#include "qom/object.h"
zhenwei pi14c9fd12023-03-01 18:58:36 +080029#include "qapi/qapi-types-cryptodev.h"
Gongleid0ee7a12016-10-28 16:33:20 +080030
31/**
32 * CryptoDevBackend:
33 *
34 * The CryptoDevBackend object is an interface
35 * for different cryptodev backends, which provides crypto
36 * operation wrapper.
37 *
38 */
39
40#define TYPE_CRYPTODEV_BACKEND "cryptodev-backend"
41
Eduardo Habkostc821774a2020-08-31 17:07:37 -040042OBJECT_DECLARE_TYPE(CryptoDevBackend, CryptoDevBackendClass,
Eduardo Habkost30b57072020-09-16 14:25:17 -040043 CRYPTODEV_BACKEND)
Gongleid0ee7a12016-10-28 16:33:20 +080044
45
46#define MAX_CRYPTO_QUEUE_NUM 64
47
48typedef struct CryptoDevBackendConf CryptoDevBackendConf;
49typedef struct CryptoDevBackendPeers CryptoDevBackendPeers;
50typedef struct CryptoDevBackendClient
51 CryptoDevBackendClient;
Gongleid0ee7a12016-10-28 16:33:20 +080052
Gonglei9e4f86a2016-10-28 16:33:21 +080053/**
54 * CryptoDevBackendSymSessionInfo:
55 *
Gonglei9e4f86a2016-10-28 16:33:21 +080056 * @cipher_alg: algorithm type of CIPHER
57 * @key_len: byte length of cipher key
58 * @hash_alg: algorithm type of HASH/MAC
59 * @hash_result_len: byte length of HASH operation result
60 * @auth_key_len: byte length of authenticated key
61 * @add_len: byte length of additional authenticated data
62 * @op_type: operation type (refer to virtio_crypto.h)
63 * @direction: encryption or direction for CIPHER
64 * @hash_mode: HASH mode for HASH operation (refer to virtio_crypto.h)
65 * @alg_chain_order: order of algorithm chaining (CIPHER then HASH,
66 * or HASH then CIPHER)
67 * @cipher_key: point to a key of CIPHER
68 * @auth_key: point to an authenticated key of MAC
69 *
70 */
71typedef struct CryptoDevBackendSymSessionInfo {
72 /* corresponding with virtio crypto spec */
Gonglei9e4f86a2016-10-28 16:33:21 +080073 uint32_t cipher_alg;
74 uint32_t key_len;
75 uint32_t hash_alg;
76 uint32_t hash_result_len;
77 uint32_t auth_key_len;
78 uint32_t add_len;
79 uint8_t op_type;
80 uint8_t direction;
81 uint8_t hash_mode;
82 uint8_t alg_chain_order;
83 uint8_t *cipher_key;
84 uint8_t *auth_key;
85} CryptoDevBackendSymSessionInfo;
86
87/**
zhenwei pi0e660a62022-06-11 14:42:43 +080088 * CryptoDevBackendAsymSessionInfo:
89 */
90typedef struct CryptoDevBackendRsaPara {
91 uint32_t padding_algo;
92 uint32_t hash_algo;
93} CryptoDevBackendRsaPara;
94
95typedef struct CryptoDevBackendAsymSessionInfo {
96 /* corresponding with virtio crypto spec */
97 uint32_t algo;
98 uint32_t keytype;
99 uint32_t keylen;
100 uint8_t *key;
101 union {
102 CryptoDevBackendRsaPara rsa;
103 } u;
104} CryptoDevBackendAsymSessionInfo;
105
106typedef struct CryptoDevBackendSessionInfo {
107 uint32_t op_code;
108 union {
109 CryptoDevBackendSymSessionInfo sym_sess_info;
110 CryptoDevBackendAsymSessionInfo asym_sess_info;
111 } u;
Lei He2fda1012022-10-08 16:50:27 +0800112 uint64_t session_id;
zhenwei pi0e660a62022-06-11 14:42:43 +0800113} CryptoDevBackendSessionInfo;
114
115/**
Gonglei9e4f86a2016-10-28 16:33:21 +0800116 * CryptoDevBackendSymOpInfo:
117 *
Gonglei9e4f86a2016-10-28 16:33:21 +0800118 * @aad_len: byte length of additional authenticated data
119 * @iv_len: byte length of initialization vector or counter
120 * @src_len: byte length of source data
121 * @dst_len: byte length of destination data
122 * @digest_result_len: byte length of hash digest result
123 * @hash_start_src_offset: Starting point for hash processing, specified
124 * as number of bytes from start of packet in source data, only used for
125 * algorithm chain
126 * @cipher_start_src_offset: Starting point for cipher processing, specified
127 * as number of bytes from start of packet in source data, only used for
128 * algorithm chain
129 * @len_to_hash: byte length of source data on which the hash
130 * operation will be computed, only used for algorithm chain
131 * @len_to_cipher: byte length of source data on which the cipher
132 * operation will be computed, only used for algorithm chain
133 * @op_type: operation type (refer to virtio_crypto.h)
134 * @iv: point to the initialization vector or counter
135 * @src: point to the source data
136 * @dst: point to the destination data
137 * @aad_data: point to the additional authenticated data
138 * @digest_result: point to the digest result data
139 * @data[0]: point to the extensional memory by one memory allocation
140 *
141 */
142typedef struct CryptoDevBackendSymOpInfo {
Gonglei9e4f86a2016-10-28 16:33:21 +0800143 uint32_t aad_len;
144 uint32_t iv_len;
145 uint32_t src_len;
146 uint32_t dst_len;
147 uint32_t digest_result_len;
148 uint32_t hash_start_src_offset;
149 uint32_t cipher_start_src_offset;
150 uint32_t len_to_hash;
151 uint32_t len_to_cipher;
152 uint8_t op_type;
153 uint8_t *iv;
154 uint8_t *src;
155 uint8_t *dst;
156 uint8_t *aad_data;
157 uint8_t *digest_result;
Philippe Mathieu-Daudéf7795e42020-03-04 16:38:15 +0100158 uint8_t data[];
Gonglei9e4f86a2016-10-28 16:33:21 +0800159} CryptoDevBackendSymOpInfo;
Gongleid0ee7a12016-10-28 16:33:20 +0800160
zhenwei pi0e660a62022-06-11 14:42:43 +0800161
162/**
163 * CryptoDevBackendAsymOpInfo:
164 *
165 * @src_len: byte length of source data
166 * @dst_len: byte length of destination data
167 * @src: point to the source data
168 * @dst: point to the destination data
169 *
170 */
171typedef struct CryptoDevBackendAsymOpInfo {
172 uint32_t src_len;
173 uint32_t dst_len;
174 uint8_t *src;
175 uint8_t *dst;
176} CryptoDevBackendAsymOpInfo;
177
zhenwei pi2cb06922023-03-01 18:58:43 +0800178typedef void (*CryptoDevCompletionFunc) (void *opaque, int ret);
179
zhenwei pi0e660a62022-06-11 14:42:43 +0800180typedef struct CryptoDevBackendOpInfo {
Markus Armbrusterb1019992024-09-04 13:18:35 +0200181 QCryptodevBackendAlgoType algtype;
zhenwei pi0e660a62022-06-11 14:42:43 +0800182 uint32_t op_code;
zhenwei pi2cb06922023-03-01 18:58:43 +0800183 uint32_t queue_index;
184 CryptoDevCompletionFunc cb;
185 void *opaque; /* argument for cb */
zhenwei pi0e660a62022-06-11 14:42:43 +0800186 uint64_t session_id;
187 union {
188 CryptoDevBackendSymOpInfo *sym_op_info;
189 CryptoDevBackendAsymOpInfo *asym_op_info;
190 } u;
zhenwei pi2580b452023-03-01 18:58:45 +0800191 QTAILQ_ENTRY(CryptoDevBackendOpInfo) next;
zhenwei pi0e660a62022-06-11 14:42:43 +0800192} CryptoDevBackendOpInfo;
193
Eduardo Habkostdb1015e2020-09-03 16:43:22 -0400194struct CryptoDevBackendClass {
Gongleid0ee7a12016-10-28 16:33:20 +0800195 ObjectClass parent_class;
196
197 void (*init)(CryptoDevBackend *backend, Error **errp);
198 void (*cleanup)(CryptoDevBackend *backend, Error **errp);
Gonglei9e4f86a2016-10-28 16:33:21 +0800199
Lei He2fda1012022-10-08 16:50:27 +0800200 int (*create_session)(CryptoDevBackend *backend,
201 CryptoDevBackendSessionInfo *sess_info,
202 uint32_t queue_index,
203 CryptoDevCompletionFunc cb,
204 void *opaque);
205
Gonglei9e4f86a2016-10-28 16:33:21 +0800206 int (*close_session)(CryptoDevBackend *backend,
Lei He2fda1012022-10-08 16:50:27 +0800207 uint64_t session_id,
208 uint32_t queue_index,
209 CryptoDevCompletionFunc cb,
210 void *opaque);
211
zhenwei pi0e660a62022-06-11 14:42:43 +0800212 int (*do_op)(CryptoDevBackend *backend,
zhenwei pi2cb06922023-03-01 18:58:43 +0800213 CryptoDevBackendOpInfo *op_info);
Eduardo Habkostdb1015e2020-09-03 16:43:22 -0400214};
Gongleid0ee7a12016-10-28 16:33:20 +0800215
Gongleid0ee7a12016-10-28 16:33:20 +0800216struct CryptoDevBackendClient {
zhenwei pi14c9fd12023-03-01 18:58:36 +0800217 QCryptodevBackendType type;
Gongleid0ee7a12016-10-28 16:33:20 +0800218 char *info_str;
219 unsigned int queue_index;
Gonglei5da73da2018-03-01 21:46:29 +0800220 int vring_enable;
Gongleid0ee7a12016-10-28 16:33:20 +0800221 QTAILQ_ENTRY(CryptoDevBackendClient) next;
222};
223
224struct CryptoDevBackendPeers {
225 CryptoDevBackendClient *ccs[MAX_CRYPTO_QUEUE_NUM];
226 uint32_t queues;
227};
228
229struct CryptoDevBackendConf {
230 CryptoDevBackendPeers peers;
231
232 /* Supported service mask */
233 uint32_t crypto_services;
234
235 /* Detailed algorithms mask */
236 uint32_t cipher_algo_l;
237 uint32_t cipher_algo_h;
238 uint32_t hash_algo;
239 uint32_t mac_algo_l;
240 uint32_t mac_algo_h;
241 uint32_t aead_algo;
zhenwei pi0e660a62022-06-11 14:42:43 +0800242 uint32_t akcipher_algo;
Gongleid0ee7a12016-10-28 16:33:20 +0800243 /* Maximum length of cipher key */
244 uint32_t max_cipher_key_len;
245 /* Maximum length of authenticated key */
246 uint32_t max_auth_key_len;
247 /* Maximum size of each crypto request's content */
248 uint64_t max_size;
249};
250
zhenwei pie7a775f2023-03-01 18:58:44 +0800251typedef struct CryptodevBackendSymStat {
252 int64_t encrypt_ops;
253 int64_t decrypt_ops;
254 int64_t encrypt_bytes;
255 int64_t decrypt_bytes;
256} CryptodevBackendSymStat;
257
258typedef struct CryptodevBackendAsymStat {
259 int64_t encrypt_ops;
260 int64_t decrypt_ops;
261 int64_t sign_ops;
262 int64_t verify_ops;
263 int64_t encrypt_bytes;
264 int64_t decrypt_bytes;
265 int64_t sign_bytes;
266 int64_t verify_bytes;
267} CryptodevBackendAsymStat;
268
Gongleid0ee7a12016-10-28 16:33:20 +0800269struct CryptoDevBackend {
270 Object parent_obj;
271
272 bool ready;
Gonglei46fd1702016-12-22 11:12:38 +0800273 /* Tag the cryptodev backend is used by virtio-crypto or not */
274 bool is_used;
Gongleid0ee7a12016-10-28 16:33:20 +0800275 CryptoDevBackendConf conf;
zhenwei pie7a775f2023-03-01 18:58:44 +0800276 CryptodevBackendSymStat *sym_stat;
277 CryptodevBackendAsymStat *asym_stat;
zhenwei pi2580b452023-03-01 18:58:45 +0800278
279 ThrottleState ts;
280 ThrottleTimers tt;
281 ThrottleConfig tc;
282 QTAILQ_HEAD(, CryptoDevBackendOpInfo) opinfos;
Gongleid0ee7a12016-10-28 16:33:20 +0800283};
284
zhenwei pie7a775f2023-03-01 18:58:44 +0800285#define CryptodevSymStatInc(be, op, bytes) do { \
286 be->sym_stat->op##_bytes += (bytes); \
287 be->sym_stat->op##_ops += 1; \
288} while (/*CONSTCOND*/0)
289
290#define CryptodevSymStatIncEncrypt(be, bytes) \
291 CryptodevSymStatInc(be, encrypt, bytes)
292
293#define CryptodevSymStatIncDecrypt(be, bytes) \
294 CryptodevSymStatInc(be, decrypt, bytes)
295
296#define CryptodevAsymStatInc(be, op, bytes) do { \
297 be->asym_stat->op##_bytes += (bytes); \
298 be->asym_stat->op##_ops += 1; \
299} while (/*CONSTCOND*/0)
300
301#define CryptodevAsymStatIncEncrypt(be, bytes) \
302 CryptodevAsymStatInc(be, encrypt, bytes)
303
304#define CryptodevAsymStatIncDecrypt(be, bytes) \
305 CryptodevAsymStatInc(be, decrypt, bytes)
306
307#define CryptodevAsymStatIncSign(be, bytes) \
308 CryptodevAsymStatInc(be, sign, bytes)
309
310#define CryptodevAsymStatIncVerify(be, bytes) \
311 CryptodevAsymStatInc(be, verify, bytes)
312
313
Gongleid0ee7a12016-10-28 16:33:20 +0800314/**
315 * cryptodev_backend_new_client:
Gongleid0ee7a12016-10-28 16:33:20 +0800316 *
zhenwei pi3f478372023-03-01 18:58:37 +0800317 * Creates a new cryptodev backend client object.
Gongleid0ee7a12016-10-28 16:33:20 +0800318 *
319 * The returned object must be released with
320 * cryptodev_backend_free_client() when no
321 * longer required
322 *
323 * Returns: a new cryptodev backend client object
324 */
zhenwei pi3f478372023-03-01 18:58:37 +0800325CryptoDevBackendClient *cryptodev_backend_new_client(void);
326
Gongleid0ee7a12016-10-28 16:33:20 +0800327/**
328 * cryptodev_backend_free_client:
329 * @cc: the cryptodev backend client object
330 *
331 * Release the memory associated with @cc that
332 * was previously allocated by cryptodev_backend_new_client()
333 */
334void cryptodev_backend_free_client(
335 CryptoDevBackendClient *cc);
336
337/**
338 * cryptodev_backend_cleanup:
339 * @backend: the cryptodev backend object
340 * @errp: pointer to a NULL-initialized error object
341 *
Michael Tokareva1a62ce2023-07-14 14:33:02 +0300342 * Clean the resource associated with @backend that realizaed
Gongleid0ee7a12016-10-28 16:33:20 +0800343 * by the specific backend's init() callback
344 */
345void cryptodev_backend_cleanup(
346 CryptoDevBackend *backend,
347 Error **errp);
348
Gonglei9e4f86a2016-10-28 16:33:21 +0800349/**
zhenwei pi0e660a62022-06-11 14:42:43 +0800350 * cryptodev_backend_create_session:
Gonglei9e4f86a2016-10-28 16:33:21 +0800351 * @backend: the cryptodev backend object
352 * @sess_info: parameters needed by session creating
353 * @queue_index: queue index of cryptodev backend client
354 * @errp: pointer to a NULL-initialized error object
Lei He2fda1012022-10-08 16:50:27 +0800355 * @cb: callback when session create is compeleted
356 * @opaque: parameter passed to callback
Gonglei9e4f86a2016-10-28 16:33:21 +0800357 *
Lei He2fda1012022-10-08 16:50:27 +0800358 * Create a session for symmetric/asymmetric algorithms
Gonglei9e4f86a2016-10-28 16:33:21 +0800359 *
Lei He2fda1012022-10-08 16:50:27 +0800360 * Returns: 0 for success and cb will be called when creation is completed,
361 * negative value for error, and cb will not be called.
Gonglei9e4f86a2016-10-28 16:33:21 +0800362 */
Lei He2fda1012022-10-08 16:50:27 +0800363int cryptodev_backend_create_session(
Gonglei9e4f86a2016-10-28 16:33:21 +0800364 CryptoDevBackend *backend,
zhenwei pi0e660a62022-06-11 14:42:43 +0800365 CryptoDevBackendSessionInfo *sess_info,
Lei He2fda1012022-10-08 16:50:27 +0800366 uint32_t queue_index,
367 CryptoDevCompletionFunc cb,
368 void *opaque);
Gonglei9e4f86a2016-10-28 16:33:21 +0800369
370/**
zhenwei pi0e660a62022-06-11 14:42:43 +0800371 * cryptodev_backend_close_session:
Gonglei9e4f86a2016-10-28 16:33:21 +0800372 * @backend: the cryptodev backend object
373 * @session_id: the session id
374 * @queue_index: queue index of cryptodev backend client
375 * @errp: pointer to a NULL-initialized error object
Lei He2fda1012022-10-08 16:50:27 +0800376 * @cb: callback when session create is compeleted
377 * @opaque: parameter passed to callback
Gonglei9e4f86a2016-10-28 16:33:21 +0800378 *
zhenwei pi0e660a62022-06-11 14:42:43 +0800379 * Close a session for which was previously
380 * created by cryptodev_backend_create_session()
Gonglei9e4f86a2016-10-28 16:33:21 +0800381 *
Lei He2fda1012022-10-08 16:50:27 +0800382 * Returns: 0 for success and cb will be called when creation is completed,
383 * negative value for error, and cb will not be called.
Gonglei9e4f86a2016-10-28 16:33:21 +0800384 */
zhenwei pi0e660a62022-06-11 14:42:43 +0800385int cryptodev_backend_close_session(
Gonglei9e4f86a2016-10-28 16:33:21 +0800386 CryptoDevBackend *backend,
387 uint64_t session_id,
Lei He2fda1012022-10-08 16:50:27 +0800388 uint32_t queue_index,
389 CryptoDevCompletionFunc cb,
390 void *opaque);
Gonglei9e4f86a2016-10-28 16:33:21 +0800391
392/**
Gongleid6634ac2016-10-28 16:33:29 +0800393 * cryptodev_backend_crypto_operation:
Gonglei9e4f86a2016-10-28 16:33:21 +0800394 * @backend: the cryptodev backend object
zhenwei pi2cb06922023-03-01 18:58:43 +0800395 * @op_info: pointer to a CryptoDevBackendOpInfo object
Gonglei9e4f86a2016-10-28 16:33:21 +0800396 *
zhenwei pi2cb06922023-03-01 18:58:43 +0800397 * Do crypto operation, such as encryption, decryption, signature and
398 * verification
Gonglei9e4f86a2016-10-28 16:33:21 +0800399 *
Lei He2fda1012022-10-08 16:50:27 +0800400 * Returns: 0 for success and cb will be called when creation is completed,
401 * negative value for error, and cb will not be called.
Gonglei9e4f86a2016-10-28 16:33:21 +0800402 */
Gongleid6634ac2016-10-28 16:33:29 +0800403int cryptodev_backend_crypto_operation(
Gonglei9e4f86a2016-10-28 16:33:21 +0800404 CryptoDevBackend *backend,
zhenwei pi2cb06922023-03-01 18:58:43 +0800405 CryptoDevBackendOpInfo *op_info);
Gonglei9e4f86a2016-10-28 16:33:21 +0800406
Gonglei46fd1702016-12-22 11:12:38 +0800407/**
408 * cryptodev_backend_set_used:
409 * @backend: the cryptodev backend object
Michael Tokareva1a62ce2023-07-14 14:33:02 +0300410 * @used: true or false
Gonglei46fd1702016-12-22 11:12:38 +0800411 *
412 * Set the cryptodev backend is used by virtio-crypto or not
413 */
414void cryptodev_backend_set_used(CryptoDevBackend *backend, bool used);
415
416/**
417 * cryptodev_backend_is_used:
418 * @backend: the cryptodev backend object
419 *
420 * Return the status that the cryptodev backend is used
421 * by virtio-crypto or not
422 *
423 * Returns: true on used, or false on not used
424 */
425bool cryptodev_backend_is_used(CryptoDevBackend *backend);
426
Gonglei6138dbd2016-12-22 11:12:39 +0800427/**
428 * cryptodev_backend_set_ready:
429 * @backend: the cryptodev backend object
Michael Tokareva1a62ce2023-07-14 14:33:02 +0300430 * @ready: true or false
Gonglei6138dbd2016-12-22 11:12:39 +0800431 *
432 * Set the cryptodev backend is ready or not, which is called
433 * by the children of the cryptodev banckend interface.
434 */
435void cryptodev_backend_set_ready(CryptoDevBackend *backend, bool ready);
436
437/**
438 * cryptodev_backend_is_ready:
439 * @backend: the cryptodev backend object
440 *
441 * Return the status that the cryptodev backend is ready or not
442 *
443 * Returns: true on ready, or false on not ready
444 */
445bool cryptodev_backend_is_ready(CryptoDevBackend *backend);
Gonglei46fd1702016-12-22 11:12:38 +0800446
Gongleid0ee7a12016-10-28 16:33:20 +0800447#endif /* CRYPTODEV_H */