Update the header based on the newset virtio
crypto spec, so that the virtio crypto can
support both session and stateless based
crypto services and keep compatibility with
the pre-existing code by introducing five feature bits.
Signed-off-by: Gonglei <arei.gong...@huawei.com>
---
include/standard-headers/linux/virtio_crypto.h | 210 ++++++++++++++++++++++++-
1 file changed, 208 insertions(+), 2 deletions(-)
diff --git a/include/standard-headers/linux/virtio_crypto.h
b/include/standard-headers/linux/virtio_crypto.h
index 5ff0b4e..c447829 100644
--- a/include/standard-headers/linux/virtio_crypto.h
+++ b/include/standard-headers/linux/virtio_crypto.h
@@ -33,11 +33,20 @@
#include "standard-headers/linux/virtio_config.h"
+/* The crypto service for virtio crypto */
#define VIRTIO_CRYPTO_SERVICE_CIPHER 0
#define VIRTIO_CRYPTO_SERVICE_HASH 1
#define VIRTIO_CRYPTO_SERVICE_MAC 2
#define VIRTIO_CRYPTO_SERVICE_AEAD 3
+/* The feature bitmap for virtio crypto */
+#define VIRTIO_CRYPTO_F_MUX_MODE 0 /* Multiplexing mode is available */
+#define VIRTIO_CRYPTO_F_CIPHER_STATELESS_MODE 1
+#define VIRTIO_CRYPTO_F_HASH_STATELESS_MODE 2
+#define VIRTIO_CRYPTO_F_MAC_STATELESS_MODE 3
+#define VIRTIO_CRYPTO_F_AEAD_STATELESS_MODE 4
+
+
#define VIRTIO_CRYPTO_OPCODE(service, op) (((service) << 8) | (op))
struct virtio_crypto_ctrl_header {
@@ -166,8 +175,8 @@ struct virtio_crypto_aead_session_para {
uint32_t algo;
/* length of key */
uint32_t key_len;
- /* hash result length */
- uint32_t hash_result_len;
+ /* Authentication tag length */
+ uint32_t tag_len;
/* length of the additional authenticated data (AAD) in bytes */
uint32_t aad_len;
/* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
@@ -271,6 +280,8 @@ struct virtio_crypto_op_header {
uint32_t algo;
/* session_id should be service-specific algorithms */
uint64_t session_id;
+#define VIRTIO_CRYPTO_FLAG_SESSION_MODE 1
+#define VIRTIO_CRYPTO_FLAG_STATELESS_MODE 2
/* control flag to control the request */
uint32_t flag;
uint32_t padding;
@@ -403,6 +414,201 @@ struct virtio_crypto_op_data_req {
} u;
};
+struct virtio_crypto_cipher_para_stateless {
+ struct {
+ /* See VIRTIO_CRYPTO_CIPHER* above */
+ uint32_t algo;
+ /* length of key */
+ uint32_t keylen;
+
+ /* See VIRTIO_CRYPTO_OP_* above */
+ uint32_t op;
+ } sess_para;
+
+ /*
+ * Byte Length of valid IV/Counter
+ */
+ uint32_t iv_len;
+ /* length of source data */
+ uint32_t src_data_len;
+ /* length of dst data */
+ uint32_t dst_data_len;
+};
+
+struct virtio_crypto_alg_chain_data_para_stateless {
+ struct {
+ /* See VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_* above */
+ uint32_t alg_chain_order;
+ /* length of the additional authenticated data in bytes */
+ uint32_t aad_len;
+
+ struct {
+ /* See VIRTIO_CRYPTO_CIPHER* above */
+ uint32_t algo;
+ /* length of key */
+ uint32_t keylen;
+ /* See VIRTIO_CRYPTO_OP_* above */
+ uint32_t op;
+ } cipher;
+
+ struct {
+ /* See VIRTIO_CRYPTO_HASH_* or _MAC_* above */
+ uint32_t algo;
+ /* length of authenticated key */
+ uint32_t auth_key_len;
+ /* See VIRTIO_CRYPTO_SYM_HASH_MODE_* above */
+ uint32_t hash_mode;
+ } hash;
+ } sess_para;
+
+ uint32_t iv_len;
+ /* Length of source data */
+ uint32_t src_data_len;
+ /* Length of destination data */
+ uint32_t dst_data_len;
+ /* Starting point for cipher processing in source data */
+ uint32_t cipher_start_src_offset;
+ /* Length of the source data that the cipher will be computed on */
+ uint32_t len_to_cipher;
+ /* Starting point for hash processing in source data */
+ uint32_t hash_start_src_offset;
+ /* Length of the source data that the hash will be computed on */
+ uint32_t len_to_hash;
+ /* Length of the additional auth data */
+ uint32_t aad_len;
+ /* Length of the hash result */
+ uint32_t hash_result_len;
+ uint32_t reserved;
+};
+
+struct virtio_crypto_hash_para_stateless {
+ struct {
+ /* See VIRTIO_CRYPTO_HASH_* above */
+ uint32_t algo;
+ } sess_para;
+
+ /* length of source data */
+ uint32_t src_data_len;
+ /* hash result length */
+ uint32_t hash_result_len;
+ uint32_t reserved;
+};
+
+struct virtio_crypto_mac_para_stateless {
+ struct {
+ /* See VIRTIO_CRYPTO_MAC_* above */
+ uint32_t algo;
+ /* length of authenticated key */
+ uint32_t auth_key_len;
+ } sess_para;
+
+ /* length of source data */
+ uint32_t src_data_len;
+ /* hash result length */
+ uint32_t hash_result_len;
+};
+
+struct virtio_crypto_aead_para_stateless {
+ struct {
+ /* See VIRTIO_CRYPTO_AEAD_* above */
+ uint32_t algo;
+ /* length of key */
+ uint32_t key_len;
+ /* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
+ uint32_t op;
+ } sess_para;
+
+ /*
+ * Byte Length of valid IV data pointed to by the below iv_addr
+ * parameter.
+ */
+ uint32_t iv_len;
+ /* Authentication tag length */
+ uint32_t tag_len;
+ /* length of the additional authenticated data (AAD) in bytes */
+ uint32_t aad_len;
+ /* length of source data */
+ uint32_t src_data_len;
+ /* length of dst data, it should be at least src_data_len + tag_len */
+ uint32_t dst_data_len;
+};
+
+struct virtio_crypto_cipher_data_req_stateless {
+ /* Device-readable part */
+ struct virtio_crypto_cipher_para_stateless para;
+ uint8_t padding[48];
+};
+
+struct virtio_crypto_hash_data_req_stateless {
+ /* Device-readable part */
+ struct virtio_crypto_hash_para_stateless para;
+ uint8_t padding[64];
+};
+
+struct virtio_crypto_mac_data_req_stateless {
+ /* Device-readable part */
+ struct virtio_crypto_mac_para_stateless para;
+ uint8_t padding[64];
+};
+
+struct virtio_crypto_alg_chain_data_req_stateless {
+ /* Device-readable part */
+ struct virtio_crypto_alg_chain_data_para_stateless para;
+};
+
+struct virtio_crypto_sym_data_req_stateless {
+ union {
+ struct virtio_crypto_cipher_data_req_stateless cipher;
+ struct virtio_crypto_alg_chain_data_req_stateless chain;
+ uint8_t padding[72];
+ } u;
+
+ /* See above VIRTIO_CRYPTO_SYM_OP_* */
+ uint32_t op_type;
+ uint32_t padding;
+};
+
+struct virtio_crypto_aead_data_req_stateless {
+ /* Device-readable part */
+ struct virtio_crypto_aead_para_stateless para;
+ uint8_t padding[48];
+};
+
+/* The request of the data virtqueue's packet */
+struct virtio_crypto_op_data_req_mux {
+ /* The size is 24 byte */
+ struct virtio_crypto_op_header header;
+
+ union {
+ struct {
+ struct virtio_crypto_sym_data_req data;
+ uint8_t padding[56];
+ } sym_req;
+ struct {
+ struct virtio_crypto_hash_data_req data;
+ uint8_t padding[56];
+ } hash_req;
+ struct {
+ struct virtio_crypto_mac_data_req data;
+ uint8_t padding[56];
+ } mac_req;
+ struct {
+ struct virtio_crypto_aead_data_req data;
+ uint8_t padding[56];
+ } aead_req;
+
+ struct virtio_crypto_sym_data_req_stateless sym_stateless_req;
+ struct virtio_crypto_hash_data_req_stateless hash_stateless_req;
+ struct virtio_crypto_mac_data_req_stateless mac_stateless_req;
+ struct virtio_crypto_aead_data_req_stateless aead_stateless_req;
+ /*
+ * Making the request's total size is equal to 128 byte, and
+ * reserving 24 byte for future extension.
+ */
+ uint8_t padding[104];
+ } u;
+};
+
#define VIRTIO_CRYPTO_OK 0
#define VIRTIO_CRYPTO_ERR 1
#define VIRTIO_CRYPTO_BADMSG 2
--
1.8.3.1
