[mirror_qemu.git] / include / standard-headers / linux / virtio_crypto.h

#ifndef _VIRTIO_CRYPTO_H
#define _VIRTIO_CRYPTO_H
/* This header is BSD licensed so anyone can use the definitions to implement
 * compatible drivers/servers.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of IBM nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL IBM OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */
#include "standard-headers/linux/types.h"
#include "standard-headers/linux/virtio_types.h"
#include "standard-headers/linux/virtio_ids.h"
#include "standard-headers/linux/virtio_config.h"


#define VIRTIO_CRYPTO_SERVICE_CIPHER 0
#define VIRTIO_CRYPTO_SERVICE_HASH   1
#define VIRTIO_CRYPTO_SERVICE_MAC    2
#define VIRTIO_CRYPTO_SERVICE_AEAD   3
#define VIRTIO_CRYPTO_SERVICE_AKCIPHER 4

#define VIRTIO_CRYPTO_OPCODE(service, op)   (((service) << 8) | (op))

struct virtio_crypto_ctrl_header {
#define VIRTIO_CRYPTO_CIPHER_CREATE_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x02)
#define VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x03)
#define VIRTIO_CRYPTO_HASH_CREATE_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x02)
#define VIRTIO_CRYPTO_HASH_DESTROY_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x03)
#define VIRTIO_CRYPTO_MAC_CREATE_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x02)
#define VIRTIO_CRYPTO_MAC_DESTROY_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x03)
#define VIRTIO_CRYPTO_AEAD_CREATE_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x02)
#define VIRTIO_CRYPTO_AEAD_DESTROY_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x03)
#define VIRTIO_CRYPTO_AKCIPHER_CREATE_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x04)
#define VIRTIO_CRYPTO_AKCIPHER_DESTROY_SESSION \
	   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x05)
	uint32_t opcode;
	uint32_t algo;
	uint32_t flag;
	/* data virtqueue id */
	uint32_t queue_id;
};

struct virtio_crypto_cipher_session_para {
#define VIRTIO_CRYPTO_NO_CIPHER                 0
#define VIRTIO_CRYPTO_CIPHER_ARC4               1
#define VIRTIO_CRYPTO_CIPHER_AES_ECB            2
#define VIRTIO_CRYPTO_CIPHER_AES_CBC            3
#define VIRTIO_CRYPTO_CIPHER_AES_CTR            4
#define VIRTIO_CRYPTO_CIPHER_DES_ECB            5
#define VIRTIO_CRYPTO_CIPHER_DES_CBC            6
#define VIRTIO_CRYPTO_CIPHER_3DES_ECB           7
#define VIRTIO_CRYPTO_CIPHER_3DES_CBC           8
#define VIRTIO_CRYPTO_CIPHER_3DES_CTR           9
#define VIRTIO_CRYPTO_CIPHER_KASUMI_F8          10
#define VIRTIO_CRYPTO_CIPHER_SNOW3G_UEA2        11
#define VIRTIO_CRYPTO_CIPHER_AES_F8             12
#define VIRTIO_CRYPTO_CIPHER_AES_XTS            13
#define VIRTIO_CRYPTO_CIPHER_ZUC_EEA3           14
	uint32_t algo;
	/* length of key */
	uint32_t keylen;

#define VIRTIO_CRYPTO_OP_ENCRYPT  1
#define VIRTIO_CRYPTO_OP_DECRYPT  2
	/* encrypt or decrypt */
	uint32_t op;
	uint32_t padding;
};

struct virtio_crypto_session_input {
	/* Device-writable part */
	uint64_t session_id;
	uint32_t status;
	uint32_t padding;
};

struct virtio_crypto_cipher_session_req {
	struct virtio_crypto_cipher_session_para para;
	uint8_t padding[32];
};

struct virtio_crypto_hash_session_para {
#define VIRTIO_CRYPTO_NO_HASH            0
#define VIRTIO_CRYPTO_HASH_MD5           1
#define VIRTIO_CRYPTO_HASH_SHA1          2
#define VIRTIO_CRYPTO_HASH_SHA_224       3
#define VIRTIO_CRYPTO_HASH_SHA_256       4
#define VIRTIO_CRYPTO_HASH_SHA_384       5
#define VIRTIO_CRYPTO_HASH_SHA_512       6
#define VIRTIO_CRYPTO_HASH_SHA3_224      7
#define VIRTIO_CRYPTO_HASH_SHA3_256      8
#define VIRTIO_CRYPTO_HASH_SHA3_384      9
#define VIRTIO_CRYPTO_HASH_SHA3_512      10
#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE128      11
#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE256      12
	uint32_t algo;
	/* hash result length */
	uint32_t hash_result_len;
	uint8_t padding[8];
};

struct virtio_crypto_hash_create_session_req {
	struct virtio_crypto_hash_session_para para;
	uint8_t padding[40];
};

struct virtio_crypto_mac_session_para {
#define VIRTIO_CRYPTO_NO_MAC                       0
#define VIRTIO_CRYPTO_MAC_HMAC_MD5                 1
#define VIRTIO_CRYPTO_MAC_HMAC_SHA1                2
#define VIRTIO_CRYPTO_MAC_HMAC_SHA_224             3
#define VIRTIO_CRYPTO_MAC_HMAC_SHA_256             4
#define VIRTIO_CRYPTO_MAC_HMAC_SHA_384             5
#define VIRTIO_CRYPTO_MAC_HMAC_SHA_512             6
#define VIRTIO_CRYPTO_MAC_CMAC_3DES                25
#define VIRTIO_CRYPTO_MAC_CMAC_AES                 26
#define VIRTIO_CRYPTO_MAC_KASUMI_F9                27
#define VIRTIO_CRYPTO_MAC_SNOW3G_UIA2              28
#define VIRTIO_CRYPTO_MAC_GMAC_AES                 41
#define VIRTIO_CRYPTO_MAC_GMAC_TWOFISH             42
#define VIRTIO_CRYPTO_MAC_CBCMAC_AES               49
#define VIRTIO_CRYPTO_MAC_CBCMAC_KASUMI_F9         50
#define VIRTIO_CRYPTO_MAC_XCBC_AES                 53
	uint32_t algo;
	/* hash result length */
	uint32_t hash_result_len;
	/* length of authenticated key */
	uint32_t auth_key_len;
	uint32_t padding;
};

struct virtio_crypto_mac_create_session_req {
	struct virtio_crypto_mac_session_para para;
	uint8_t padding[40];
};

struct virtio_crypto_aead_session_para {
#define VIRTIO_CRYPTO_NO_AEAD     0
#define VIRTIO_CRYPTO_AEAD_GCM    1
#define VIRTIO_CRYPTO_AEAD_CCM    2
#define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
	uint32_t algo;
	/* length of key */
	uint32_t key_len;
	/* hash result length */
	uint32_t hash_result_len;
	/* length of the additional authenticated data (AAD) in bytes */
	uint32_t aad_len;
	/* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
	uint32_t op;
	uint32_t padding;
};

struct virtio_crypto_aead_create_session_req {
	struct virtio_crypto_aead_session_para para;
	uint8_t padding[32];
};

struct virtio_crypto_rsa_session_para {
#define VIRTIO_CRYPTO_RSA_RAW_PADDING   0
#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING 1
	uint32_t padding_algo;

#define VIRTIO_CRYPTO_RSA_NO_HASH   0
#define VIRTIO_CRYPTO_RSA_MD2       1
#define VIRTIO_CRYPTO_RSA_MD3       2
#define VIRTIO_CRYPTO_RSA_MD4       3
#define VIRTIO_CRYPTO_RSA_MD5       4
#define VIRTIO_CRYPTO_RSA_SHA1      5
#define VIRTIO_CRYPTO_RSA_SHA256    6
#define VIRTIO_CRYPTO_RSA_SHA384    7
#define VIRTIO_CRYPTO_RSA_SHA512    8
#define VIRTIO_CRYPTO_RSA_SHA224    9
	uint32_t hash_algo;
};

struct virtio_crypto_ecdsa_session_para {
#define VIRTIO_CRYPTO_CURVE_UNKNOWN   0
#define VIRTIO_CRYPTO_CURVE_NIST_P192 1
#define VIRTIO_CRYPTO_CURVE_NIST_P224 2
#define VIRTIO_CRYPTO_CURVE_NIST_P256 3
#define VIRTIO_CRYPTO_CURVE_NIST_P384 4
#define VIRTIO_CRYPTO_CURVE_NIST_P521 5
	uint32_t curve_id;
	uint32_t padding;
};

struct virtio_crypto_akcipher_session_para {
#define VIRTIO_CRYPTO_NO_AKCIPHER    0
#define VIRTIO_CRYPTO_AKCIPHER_RSA   1
#define VIRTIO_CRYPTO_AKCIPHER_DSA   2
#define VIRTIO_CRYPTO_AKCIPHER_ECDSA 3
	uint32_t algo;

#define VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PUBLIC  1
#define VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PRIVATE 2
	uint32_t keytype;
	uint32_t keylen;

	union {
		struct virtio_crypto_rsa_session_para rsa;
		struct virtio_crypto_ecdsa_session_para ecdsa;
	} u;
};

struct virtio_crypto_akcipher_create_session_req {
	struct virtio_crypto_akcipher_session_para para;
	uint8_t padding[36];
};

struct virtio_crypto_alg_chain_session_para {
#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_HASH_THEN_CIPHER  1
#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_CIPHER_THEN_HASH  2
	uint32_t alg_chain_order;
/* Plain hash */
#define VIRTIO_CRYPTO_SYM_HASH_MODE_PLAIN    1
/* Authenticated hash (mac) */
#define VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH     2
/* Nested hash */
#define VIRTIO_CRYPTO_SYM_HASH_MODE_NESTED   3
	uint32_t hash_mode;
	struct virtio_crypto_cipher_session_para cipher_param;
	union {
		struct virtio_crypto_hash_session_para hash_param;
		struct virtio_crypto_mac_session_para mac_param;
		uint8_t padding[16];
	} u;
	/* length of the additional authenticated data (AAD) in bytes */
	uint32_t aad_len;
	uint32_t padding;
};

struct virtio_crypto_alg_chain_session_req {
	struct virtio_crypto_alg_chain_session_para para;
};

struct virtio_crypto_sym_create_session_req {
	union {
		struct virtio_crypto_cipher_session_req cipher;
		struct virtio_crypto_alg_chain_session_req chain;
		uint8_t padding[48];
	} u;

	/* Device-readable part */

/* No operation */
#define VIRTIO_CRYPTO_SYM_OP_NONE  0
/* Cipher only operation on the data */
#define VIRTIO_CRYPTO_SYM_OP_CIPHER  1
/*
 * Chain any cipher with any hash or mac operation. The order
 * depends on the value of alg_chain_order param
 */
#define VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING  2
	uint32_t op_type;
	uint32_t padding;
};

struct virtio_crypto_destroy_session_req {
	/* Device-readable part */
	uint64_t  session_id;
	uint8_t padding[48];
};

/* The request of the control virtqueue's packet */
struct virtio_crypto_op_ctrl_req {
	struct virtio_crypto_ctrl_header header;

	union {
		struct virtio_crypto_sym_create_session_req
			sym_create_session;
		struct virtio_crypto_hash_create_session_req
			hash_create_session;
		struct virtio_crypto_mac_create_session_req
			mac_create_session;
		struct virtio_crypto_aead_create_session_req
			aead_create_session;
		struct virtio_crypto_akcipher_create_session_req
			akcipher_create_session;
		struct virtio_crypto_destroy_session_req
			destroy_session;
		uint8_t padding[56];
	} u;
};

struct virtio_crypto_op_header {
#define VIRTIO_CRYPTO_CIPHER_ENCRYPT \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x00)
#define VIRTIO_CRYPTO_CIPHER_DECRYPT \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x01)
#define VIRTIO_CRYPTO_HASH \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x00)
#define VIRTIO_CRYPTO_MAC \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x00)
#define VIRTIO_CRYPTO_AEAD_ENCRYPT \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
#define VIRTIO_CRYPTO_AEAD_DECRYPT \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
#define VIRTIO_CRYPTO_AKCIPHER_ENCRYPT \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x00)
#define VIRTIO_CRYPTO_AKCIPHER_DECRYPT \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x01)
#define VIRTIO_CRYPTO_AKCIPHER_SIGN \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x02)
#define VIRTIO_CRYPTO_AKCIPHER_VERIFY \
	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x03)
	uint32_t opcode;
	/* algo should be service-specific algorithms */
	uint32_t algo;
	/* session_id should be service-specific algorithms */
	uint64_t session_id;
	/* control flag to control the request */
	uint32_t flag;
	uint32_t padding;
};

struct virtio_crypto_cipher_para {
	/*
	 * Byte Length of valid IV/Counter
	 *
	 * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
	 *   SNOW3G in UEA2 mode, this is the length of the IV (which
	 *   must be the same as the block length of the cipher).
	 * For block ciphers in CTR mode, this is the length of the counter
	 *   (which must be the same as the block length of the cipher).
	 * For AES-XTS, this is the 128bit tweak, i, from IEEE Std 1619-2007.
	 *
	 * The IV/Counter will be updated after every partial cryptographic
	 * operation.
	 */
	uint32_t iv_len;
	/* length of source data */
	uint32_t src_data_len;
	/* length of dst data */
	uint32_t dst_data_len;
	uint32_t padding;
};

struct virtio_crypto_hash_para {
	/* length of source data */
	uint32_t src_data_len;
	/* hash result length */
	uint32_t hash_result_len;
};

struct virtio_crypto_mac_para {
	struct virtio_crypto_hash_para hash;
};

struct virtio_crypto_aead_para {
	/*
	 * Byte Length of valid IV data pointed to by the below iv_addr
	 * parameter.
	 *
	 * For GCM mode, this is either 12 (for 96-bit IVs) or 16, in which
	 *   case iv_addr points to J0.
	 * For CCM mode, this is the length of the nonce, which can be in the
	 *   range 7 to 13 inclusive.
	 */
	uint32_t iv_len;
	/* length of additional auth data */
	uint32_t aad_len;
	/* length of source data */
	uint32_t src_data_len;
	/* length of dst data */
	uint32_t dst_data_len;
};

struct virtio_crypto_cipher_data_req {
	/* Device-readable part */
	struct virtio_crypto_cipher_para para;
	uint8_t padding[24];
};

struct virtio_crypto_hash_data_req {
	/* Device-readable part */
	struct virtio_crypto_hash_para para;
	uint8_t padding[40];
};

struct virtio_crypto_mac_data_req {
	/* Device-readable part */
	struct virtio_crypto_mac_para para;
	uint8_t padding[40];
};

struct virtio_crypto_alg_chain_data_para {
	uint32_t iv_len;
	/* Length of source data */
	uint32_t src_data_len;
	/* Length of destination data */
	uint32_t dst_data_len;
	/* Starting point for cipher processing in source data */
	uint32_t cipher_start_src_offset;
	/* Length of the source data that the cipher will be computed on */
	uint32_t len_to_cipher;
	/* Starting point for hash processing in source data */
	uint32_t hash_start_src_offset;
	/* Length of the source data that the hash will be computed on */
	uint32_t len_to_hash;
	/* Length of the additional auth data */
	uint32_t aad_len;
	/* Length of the hash result */
	uint32_t hash_result_len;
	uint32_t reserved;
};

struct virtio_crypto_alg_chain_data_req {
	/* Device-readable part */
	struct virtio_crypto_alg_chain_data_para para;
};

struct virtio_crypto_sym_data_req {
	union {
		struct virtio_crypto_cipher_data_req cipher;
		struct virtio_crypto_alg_chain_data_req chain;
		uint8_t padding[40];
	} u;

	/* See above VIRTIO_CRYPTO_SYM_OP_* */
	uint32_t op_type;
	uint32_t padding;
};

struct virtio_crypto_aead_data_req {
	/* Device-readable part */
	struct virtio_crypto_aead_para para;
	uint8_t padding[32];
};

struct virtio_crypto_akcipher_para {
	uint32_t src_data_len;
	uint32_t dst_data_len;
};

struct virtio_crypto_akcipher_data_req {
	struct virtio_crypto_akcipher_para para;
	uint8_t padding[40];
};

/* The request of the data virtqueue's packet */
struct virtio_crypto_op_data_req {
	struct virtio_crypto_op_header header;

	union {
		struct virtio_crypto_sym_data_req  sym_req;
		struct virtio_crypto_hash_data_req hash_req;
		struct virtio_crypto_mac_data_req mac_req;
		struct virtio_crypto_aead_data_req aead_req;
		struct virtio_crypto_akcipher_data_req akcipher_req;
		uint8_t padding[48];
	} u;
};

#define VIRTIO_CRYPTO_OK        0
#define VIRTIO_CRYPTO_ERR       1
#define VIRTIO_CRYPTO_BADMSG    2
#define VIRTIO_CRYPTO_NOTSUPP   3
#define VIRTIO_CRYPTO_INVSESS   4 /* Invalid session id */
#define VIRTIO_CRYPTO_NOSPC     5 /* no free session ID */
#define VIRTIO_CRYPTO_KEY_REJECTED 6 /* Signature verification failed */

/* The accelerator hardware is ready */
#define VIRTIO_CRYPTO_S_HW_READY  (1 << 0)

struct virtio_crypto_config {
	/* See VIRTIO_CRYPTO_OP_* above */
	uint32_t  status;

	/*
	 * Maximum number of data queue
	 */
	uint32_t  max_dataqueues;

	/*
	 * Specifies the services mask which the device support,
	 * see VIRTIO_CRYPTO_SERVICE_* above
	 */
	uint32_t crypto_services;

	/* Detailed algorithms mask */
	uint32_t cipher_algo_l;
	uint32_t cipher_algo_h;
	uint32_t hash_algo;
	uint32_t mac_algo_l;
	uint32_t mac_algo_h;
	uint32_t aead_algo;
	/* Maximum length of cipher key */
	uint32_t max_cipher_key_len;
	/* Maximum length of authenticated key */
	uint32_t max_auth_key_len;
	uint32_t akcipher_algo;
	/* Maximum size of each crypto request's content */
	uint64_t max_size;
};

struct virtio_crypto_inhdr {
	/* See VIRTIO_CRYPTO_* above */
	uint8_t status;
};
#endif
Commit	Line	Data
f43c0076 MT	1	#ifndef _VIRTIO_CRYPTO_H
f43c0076 MT	2	#define _VIRTIO_CRYPTO_H
5551e3a8 GA	3	/* This header is BSD licensed so anyone can use the definitions to implement
	4	* compatible drivers/servers.
	5	*
	6	* Redistribution and use in source and binary forms, with or without
	7	* modification, are permitted provided that the following conditions
	8	* are met:
	9	* 1. Redistributions of source code must retain the above copyright
	10	* notice, this list of conditions and the following disclaimer.
	11	* 2. Redistributions in binary form must reproduce the above copyright
	12	* notice, this list of conditions and the following disclaimer in the
	13	* documentation and/or other materials provided with the distribution.
	14	* 3. Neither the name of IBM nor the names of its contributors
	15	* may be used to endorse or promote products derived from this software
	16	* without specific prior written permission.
f43c0076 MT	17	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	18	* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	19	* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
	20	* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL IBM OR
	21	* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	22	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	23	* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
	24	* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
	25	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
	26	* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
	27	* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	28	* SUCH DAMAGE.
	29	*/
5551e3a8	30	#include "standard-headers/linux/types.h"
5551e3a8	31	#include "standard-headers/linux/virtio_types.h"
f43c0076 MT	32	#include "standard-headers/linux/virtio_ids.h"
f43c0076 MT	33	#include "standard-headers/linux/virtio_config.h"
5551e3a8 GA	34
	35
	36	#define VIRTIO_CRYPTO_SERVICE_CIPHER 0
f43c0076 MT	37	#define VIRTIO_CRYPTO_SERVICE_HASH 1
	38	#define VIRTIO_CRYPTO_SERVICE_MAC 2
	39	#define VIRTIO_CRYPTO_SERVICE_AEAD 3
e4082063	40	#define VIRTIO_CRYPTO_SERVICE_AKCIPHER 4
5551e3a8 GA	41
	42	#define VIRTIO_CRYPTO_OPCODE(service, op) (((service) << 8) \| (op))
	43
	44	struct virtio_crypto_ctrl_header {
	45	#define VIRTIO_CRYPTO_CIPHER_CREATE_SESSION \
f43c0076	46	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x02)
5551e3a8	47	#define VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION \
f43c0076	48	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x03)
5551e3a8	49	#define VIRTIO_CRYPTO_HASH_CREATE_SESSION \
f43c0076	50	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x02)
5551e3a8	51	#define VIRTIO_CRYPTO_HASH_DESTROY_SESSION \
f43c0076	52	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x03)
5551e3a8	53	#define VIRTIO_CRYPTO_MAC_CREATE_SESSION \
f43c0076	54	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x02)
5551e3a8	55	#define VIRTIO_CRYPTO_MAC_DESTROY_SESSION \
f43c0076	56	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x03)
5551e3a8	57	#define VIRTIO_CRYPTO_AEAD_CREATE_SESSION \
f43c0076	58	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x02)
5551e3a8	59	#define VIRTIO_CRYPTO_AEAD_DESTROY_SESSION \
f43c0076	60	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x03)
e4082063 AW	61	#define VIRTIO_CRYPTO_AKCIPHER_CREATE_SESSION \
	62	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x04)
	63	#define VIRTIO_CRYPTO_AKCIPHER_DESTROY_SESSION \
	64	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x05)
f43c0076 MT	65	uint32_t opcode;
	66	uint32_t algo;
	67	uint32_t flag;
	68	/* data virtqueue id */
	69	uint32_t queue_id;
5551e3a8 GA	70	};
	71
	72	struct virtio_crypto_cipher_session_para {
	73	#define VIRTIO_CRYPTO_NO_CIPHER 0
	74	#define VIRTIO_CRYPTO_CIPHER_ARC4 1
	75	#define VIRTIO_CRYPTO_CIPHER_AES_ECB 2
	76	#define VIRTIO_CRYPTO_CIPHER_AES_CBC 3
	77	#define VIRTIO_CRYPTO_CIPHER_AES_CTR 4
	78	#define VIRTIO_CRYPTO_CIPHER_DES_ECB 5
	79	#define VIRTIO_CRYPTO_CIPHER_DES_CBC 6
	80	#define VIRTIO_CRYPTO_CIPHER_3DES_ECB 7
	81	#define VIRTIO_CRYPTO_CIPHER_3DES_CBC 8
	82	#define VIRTIO_CRYPTO_CIPHER_3DES_CTR 9
	83	#define VIRTIO_CRYPTO_CIPHER_KASUMI_F8 10
	84	#define VIRTIO_CRYPTO_CIPHER_SNOW3G_UEA2 11
	85	#define VIRTIO_CRYPTO_CIPHER_AES_F8 12
	86	#define VIRTIO_CRYPTO_CIPHER_AES_XTS 13
	87	#define VIRTIO_CRYPTO_CIPHER_ZUC_EEA3 14
f43c0076 MT	88	uint32_t algo;
	89	/* length of key */
	90	uint32_t keylen;
5551e3a8 GA	91
	92	#define VIRTIO_CRYPTO_OP_ENCRYPT 1
	93	#define VIRTIO_CRYPTO_OP_DECRYPT 2
f43c0076 MT	94	/* encrypt or decrypt */
	95	uint32_t op;
	96	uint32_t padding;
5551e3a8 GA	97	};
	98
	99	struct virtio_crypto_session_input {
f43c0076 MT	100	/* Device-writable part */
	101	uint64_t session_id;
	102	uint32_t status;
	103	uint32_t padding;
5551e3a8 GA	104	};
	105
	106	struct virtio_crypto_cipher_session_req {
f43c0076 MT	107	struct virtio_crypto_cipher_session_para para;
f43c0076 MT	108	uint8_t padding[32];
5551e3a8 GA	109	};
	110
	111	struct virtio_crypto_hash_session_para {
	112	#define VIRTIO_CRYPTO_NO_HASH 0
	113	#define VIRTIO_CRYPTO_HASH_MD5 1
	114	#define VIRTIO_CRYPTO_HASH_SHA1 2
	115	#define VIRTIO_CRYPTO_HASH_SHA_224 3
	116	#define VIRTIO_CRYPTO_HASH_SHA_256 4
	117	#define VIRTIO_CRYPTO_HASH_SHA_384 5
	118	#define VIRTIO_CRYPTO_HASH_SHA_512 6
	119	#define VIRTIO_CRYPTO_HASH_SHA3_224 7
	120	#define VIRTIO_CRYPTO_HASH_SHA3_256 8
	121	#define VIRTIO_CRYPTO_HASH_SHA3_384 9
	122	#define VIRTIO_CRYPTO_HASH_SHA3_512 10
	123	#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE128 11
	124	#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE256 12
f43c0076 MT	125	uint32_t algo;
	126	/* hash result length */
	127	uint32_t hash_result_len;
	128	uint8_t padding[8];
5551e3a8 GA	129	};
	130
	131	struct virtio_crypto_hash_create_session_req {
f43c0076 MT	132	struct virtio_crypto_hash_session_para para;
f43c0076 MT	133	uint8_t padding[40];
5551e3a8 GA	134	};
	135
	136	struct virtio_crypto_mac_session_para {
	137	#define VIRTIO_CRYPTO_NO_MAC 0
	138	#define VIRTIO_CRYPTO_MAC_HMAC_MD5 1
	139	#define VIRTIO_CRYPTO_MAC_HMAC_SHA1 2
	140	#define VIRTIO_CRYPTO_MAC_HMAC_SHA_224 3
	141	#define VIRTIO_CRYPTO_MAC_HMAC_SHA_256 4
	142	#define VIRTIO_CRYPTO_MAC_HMAC_SHA_384 5
	143	#define VIRTIO_CRYPTO_MAC_HMAC_SHA_512 6
	144	#define VIRTIO_CRYPTO_MAC_CMAC_3DES 25
	145	#define VIRTIO_CRYPTO_MAC_CMAC_AES 26
	146	#define VIRTIO_CRYPTO_MAC_KASUMI_F9 27
	147	#define VIRTIO_CRYPTO_MAC_SNOW3G_UIA2 28
	148	#define VIRTIO_CRYPTO_MAC_GMAC_AES 41
	149	#define VIRTIO_CRYPTO_MAC_GMAC_TWOFISH 42
	150	#define VIRTIO_CRYPTO_MAC_CBCMAC_AES 49
	151	#define VIRTIO_CRYPTO_MAC_CBCMAC_KASUMI_F9 50
	152	#define VIRTIO_CRYPTO_MAC_XCBC_AES 53
f43c0076 MT	153	uint32_t algo;
	154	/* hash result length */
	155	uint32_t hash_result_len;
	156	/* length of authenticated key */
	157	uint32_t auth_key_len;
	158	uint32_t padding;
5551e3a8 GA	159	};
	160
	161	struct virtio_crypto_mac_create_session_req {
f43c0076 MT	162	struct virtio_crypto_mac_session_para para;
f43c0076 MT	163	uint8_t padding[40];
5551e3a8 GA	164	};
	165
	166	struct virtio_crypto_aead_session_para {
	167	#define VIRTIO_CRYPTO_NO_AEAD 0
	168	#define VIRTIO_CRYPTO_AEAD_GCM 1
	169	#define VIRTIO_CRYPTO_AEAD_CCM 2
	170	#define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305 3
f43c0076 MT	171	uint32_t algo;
	172	/* length of key */
	173	uint32_t key_len;
	174	/* hash result length */
	175	uint32_t hash_result_len;
	176	/* length of the additional authenticated data (AAD) in bytes */
	177	uint32_t aad_len;
	178	/* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
	179	uint32_t op;
	180	uint32_t padding;
5551e3a8 GA	181	};
	182
	183	struct virtio_crypto_aead_create_session_req {
f43c0076 MT	184	struct virtio_crypto_aead_session_para para;
f43c0076 MT	185	uint8_t padding[32];
5551e3a8 GA	186	};
5551e3a8 GA	187
e4082063 AW	188	struct virtio_crypto_rsa_session_para {
	189	#define VIRTIO_CRYPTO_RSA_RAW_PADDING 0
	190	#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING 1
	191	uint32_t padding_algo;
	192
	193	#define VIRTIO_CRYPTO_RSA_NO_HASH 0
	194	#define VIRTIO_CRYPTO_RSA_MD2 1
	195	#define VIRTIO_CRYPTO_RSA_MD3 2
	196	#define VIRTIO_CRYPTO_RSA_MD4 3
	197	#define VIRTIO_CRYPTO_RSA_MD5 4
	198	#define VIRTIO_CRYPTO_RSA_SHA1 5
	199	#define VIRTIO_CRYPTO_RSA_SHA256 6
	200	#define VIRTIO_CRYPTO_RSA_SHA384 7
	201	#define VIRTIO_CRYPTO_RSA_SHA512 8
	202	#define VIRTIO_CRYPTO_RSA_SHA224 9
	203	uint32_t hash_algo;
	204	};
	205
	206	struct virtio_crypto_ecdsa_session_para {
	207	#define VIRTIO_CRYPTO_CURVE_UNKNOWN 0
	208	#define VIRTIO_CRYPTO_CURVE_NIST_P192 1
	209	#define VIRTIO_CRYPTO_CURVE_NIST_P224 2
	210	#define VIRTIO_CRYPTO_CURVE_NIST_P256 3
	211	#define VIRTIO_CRYPTO_CURVE_NIST_P384 4
	212	#define VIRTIO_CRYPTO_CURVE_NIST_P521 5
	213	uint32_t curve_id;
	214	uint32_t padding;
	215	};
	216
	217	struct virtio_crypto_akcipher_session_para {
	218	#define VIRTIO_CRYPTO_NO_AKCIPHER 0
	219	#define VIRTIO_CRYPTO_AKCIPHER_RSA 1
	220	#define VIRTIO_CRYPTO_AKCIPHER_DSA 2
	221	#define VIRTIO_CRYPTO_AKCIPHER_ECDSA 3
	222	uint32_t algo;
	223
	224	#define VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PUBLIC 1
	225	#define VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PRIVATE 2
	226	uint32_t keytype;
	227	uint32_t keylen;
	228
	229	union {
	230	struct virtio_crypto_rsa_session_para rsa;
	231	struct virtio_crypto_ecdsa_session_para ecdsa;
	232	} u;
	233	};
	234
	235	struct virtio_crypto_akcipher_create_session_req {
	236	struct virtio_crypto_akcipher_session_para para;
	237	uint8_t padding[36];
	238	};
	239
5551e3a8 GA	240	struct virtio_crypto_alg_chain_session_para {
	241	#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_HASH_THEN_CIPHER 1
	242	#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_CIPHER_THEN_HASH 2
f43c0076	243	uint32_t alg_chain_order;
5551e3a8 GA	244	/* Plain hash */
	245	#define VIRTIO_CRYPTO_SYM_HASH_MODE_PLAIN 1
	246	/* Authenticated hash (mac) */
	247	#define VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH 2
	248	/* Nested hash */
	249	#define VIRTIO_CRYPTO_SYM_HASH_MODE_NESTED 3
f43c0076 MT	250	uint32_t hash_mode;
	251	struct virtio_crypto_cipher_session_para cipher_param;
	252	union {
	253	struct virtio_crypto_hash_session_para hash_param;
	254	struct virtio_crypto_mac_session_para mac_param;
	255	uint8_t padding[16];
	256	} u;
	257	/* length of the additional authenticated data (AAD) in bytes */
	258	uint32_t aad_len;
	259	uint32_t padding;
5551e3a8 GA	260	};
	261
	262	struct virtio_crypto_alg_chain_session_req {
f43c0076	263	struct virtio_crypto_alg_chain_session_para para;
5551e3a8 GA	264	};
	265
	266	struct virtio_crypto_sym_create_session_req {
f43c0076 MT	267	union {
	268	struct virtio_crypto_cipher_session_req cipher;
	269	struct virtio_crypto_alg_chain_session_req chain;
	270	uint8_t padding[48];
	271	} u;
5551e3a8	272
f43c0076	273	/* Device-readable part */
5551e3a8 GA	274
	275	/* No operation */
	276	#define VIRTIO_CRYPTO_SYM_OP_NONE 0
	277	/* Cipher only operation on the data */
	278	#define VIRTIO_CRYPTO_SYM_OP_CIPHER 1
f43c0076 MT	279	/*
	280	* Chain any cipher with any hash or mac operation. The order
	281	* depends on the value of alg_chain_order param
	282	*/
5551e3a8	283	#define VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING 2
f43c0076 MT	284	uint32_t op_type;
f43c0076 MT	285	uint32_t padding;
5551e3a8 GA	286	};
	287
	288	struct virtio_crypto_destroy_session_req {
f43c0076 MT	289	/* Device-readable part */
	290	uint64_t session_id;
	291	uint8_t padding[48];
5551e3a8 GA	292	};
5551e3a8 GA	293
f43c0076	294	/* The request of the control virtqueue's packet */
5551e3a8	295	struct virtio_crypto_op_ctrl_req {
f43c0076 MT	296	struct virtio_crypto_ctrl_header header;
	297
	298	union {
	299	struct virtio_crypto_sym_create_session_req
	300	sym_create_session;
	301	struct virtio_crypto_hash_create_session_req
	302	hash_create_session;
	303	struct virtio_crypto_mac_create_session_req
	304	mac_create_session;
	305	struct virtio_crypto_aead_create_session_req
	306	aead_create_session;
e4082063 AW	307	struct virtio_crypto_akcipher_create_session_req
e4082063 AW	308	akcipher_create_session;
f43c0076 MT	309	struct virtio_crypto_destroy_session_req
	310	destroy_session;
	311	uint8_t padding[56];
	312	} u;
5551e3a8 GA	313	};
	314
	315	struct virtio_crypto_op_header {
	316	#define VIRTIO_CRYPTO_CIPHER_ENCRYPT \
f43c0076	317	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x00)
5551e3a8	318	#define VIRTIO_CRYPTO_CIPHER_DECRYPT \
f43c0076	319	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x01)
5551e3a8	320	#define VIRTIO_CRYPTO_HASH \
f43c0076	321	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x00)
5551e3a8	322	#define VIRTIO_CRYPTO_MAC \
f43c0076	323	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x00)
5551e3a8	324	#define VIRTIO_CRYPTO_AEAD_ENCRYPT \
f43c0076	325	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
5551e3a8	326	#define VIRTIO_CRYPTO_AEAD_DECRYPT \
f43c0076	327	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
e4082063 AW	328	#define VIRTIO_CRYPTO_AKCIPHER_ENCRYPT \
	329	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x00)
	330	#define VIRTIO_CRYPTO_AKCIPHER_DECRYPT \
	331	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x01)
	332	#define VIRTIO_CRYPTO_AKCIPHER_SIGN \
	333	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x02)
	334	#define VIRTIO_CRYPTO_AKCIPHER_VERIFY \
	335	VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x03)
f43c0076 MT	336	uint32_t opcode;
	337	/* algo should be service-specific algorithms */
	338	uint32_t algo;
	339	/* session_id should be service-specific algorithms */
	340	uint64_t session_id;
	341	/* control flag to control the request */
	342	uint32_t flag;
	343	uint32_t padding;
5551e3a8 GA	344	};
	345
	346	struct virtio_crypto_cipher_para {
f43c0076 MT	347	/*
	348	* Byte Length of valid IV/Counter
	349	*
	350	* For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
	351	* SNOW3G in UEA2 mode, this is the length of the IV (which
	352	* must be the same as the block length of the cipher).
	353	* For block ciphers in CTR mode, this is the length of the counter
	354	* (which must be the same as the block length of the cipher).
	355	* For AES-XTS, this is the 128bit tweak, i, from IEEE Std 1619-2007.
	356	*
	357	* The IV/Counter will be updated after every partial cryptographic
	358	* operation.
	359	*/
	360	uint32_t iv_len;
	361	/* length of source data */
	362	uint32_t src_data_len;
	363	/* length of dst data */
	364	uint32_t dst_data_len;
	365	uint32_t padding;
5551e3a8 GA	366	};
	367
	368	struct virtio_crypto_hash_para {
f43c0076 MT	369	/* length of source data */
	370	uint32_t src_data_len;
	371	/* hash result length */
	372	uint32_t hash_result_len;
5551e3a8 GA	373	};
	374
	375	struct virtio_crypto_mac_para {
f43c0076	376	struct virtio_crypto_hash_para hash;
5551e3a8 GA	377	};
	378
	379	struct virtio_crypto_aead_para {
f43c0076 MT	380	/*
	381	* Byte Length of valid IV data pointed to by the below iv_addr
	382	* parameter.
	383	*
	384	* For GCM mode, this is either 12 (for 96-bit IVs) or 16, in which
	385	* case iv_addr points to J0.
	386	* For CCM mode, this is the length of the nonce, which can be in the
	387	* range 7 to 13 inclusive.
	388	*/
	389	uint32_t iv_len;
	390	/* length of additional auth data */
	391	uint32_t aad_len;
	392	/* length of source data */
	393	uint32_t src_data_len;
	394	/* length of dst data */
	395	uint32_t dst_data_len;
5551e3a8 GA	396	};
	397
	398	struct virtio_crypto_cipher_data_req {
f43c0076 MT	399	/* Device-readable part */
	400	struct virtio_crypto_cipher_para para;
	401	uint8_t padding[24];
5551e3a8 GA	402	};
	403
	404	struct virtio_crypto_hash_data_req {
f43c0076 MT	405	/* Device-readable part */
	406	struct virtio_crypto_hash_para para;
	407	uint8_t padding[40];
5551e3a8 GA	408	};
	409
	410	struct virtio_crypto_mac_data_req {
f43c0076 MT	411	/* Device-readable part */
	412	struct virtio_crypto_mac_para para;
	413	uint8_t padding[40];
5551e3a8 GA	414	};
	415
	416	struct virtio_crypto_alg_chain_data_para {
f43c0076 MT	417	uint32_t iv_len;
	418	/* Length of source data */
	419	uint32_t src_data_len;
	420	/* Length of destination data */
	421	uint32_t dst_data_len;
	422	/* Starting point for cipher processing in source data */
	423	uint32_t cipher_start_src_offset;
	424	/* Length of the source data that the cipher will be computed on */
	425	uint32_t len_to_cipher;
	426	/* Starting point for hash processing in source data */
	427	uint32_t hash_start_src_offset;
	428	/* Length of the source data that the hash will be computed on */
	429	uint32_t len_to_hash;
	430	/* Length of the additional auth data */
	431	uint32_t aad_len;
	432	/* Length of the hash result */
	433	uint32_t hash_result_len;
	434	uint32_t reserved;
5551e3a8 GA	435	};
	436
	437	struct virtio_crypto_alg_chain_data_req {
f43c0076 MT	438	/* Device-readable part */
f43c0076 MT	439	struct virtio_crypto_alg_chain_data_para para;
5551e3a8 GA	440	};
	441
	442	struct virtio_crypto_sym_data_req {
f43c0076 MT	443	union {
	444	struct virtio_crypto_cipher_data_req cipher;
	445	struct virtio_crypto_alg_chain_data_req chain;
	446	uint8_t padding[40];
	447	} u;
	448
	449	/* See above VIRTIO_CRYPTO_SYM_OP_* */
	450	uint32_t op_type;
	451	uint32_t padding;
5551e3a8 GA	452	};
	453
	454	struct virtio_crypto_aead_data_req {
f43c0076 MT	455	/* Device-readable part */
	456	struct virtio_crypto_aead_para para;
	457	uint8_t padding[32];
5551e3a8 GA	458	};
5551e3a8 GA	459
e4082063 AW	460	struct virtio_crypto_akcipher_para {
	461	uint32_t src_data_len;
	462	uint32_t dst_data_len;
	463	};
	464
	465	struct virtio_crypto_akcipher_data_req {
	466	struct virtio_crypto_akcipher_para para;
	467	uint8_t padding[40];
	468	};
	469
f43c0076	470	/* The request of the data virtqueue's packet */
5551e3a8	471	struct virtio_crypto_op_data_req {
f43c0076 MT	472	struct virtio_crypto_op_header header;
	473
	474	union {
	475	struct virtio_crypto_sym_data_req sym_req;
	476	struct virtio_crypto_hash_data_req hash_req;
	477	struct virtio_crypto_mac_data_req mac_req;
	478	struct virtio_crypto_aead_data_req aead_req;
e4082063	479	struct virtio_crypto_akcipher_data_req akcipher_req;
f43c0076 MT	480	uint8_t padding[48];
f43c0076 MT	481	} u;
5551e3a8 GA	482	};
	483
	484	#define VIRTIO_CRYPTO_OK 0
	485	#define VIRTIO_CRYPTO_ERR 1
	486	#define VIRTIO_CRYPTO_BADMSG 2
	487	#define VIRTIO_CRYPTO_NOTSUPP 3
f43c0076	488	#define VIRTIO_CRYPTO_INVSESS 4 /* Invalid session id */
e4082063 AW	489	#define VIRTIO_CRYPTO_NOSPC 5 /* no free session ID */
e4082063 AW	490	#define VIRTIO_CRYPTO_KEY_REJECTED 6 /* Signature verification failed */
5551e3a8 GA	491
	492	/* The accelerator hardware is ready */
	493	#define VIRTIO_CRYPTO_S_HW_READY (1 << 0)
5551e3a8 GA	494
5551e3a8 GA	495	struct virtio_crypto_config {
f43c0076 MT	496	/* See VIRTIO_CRYPTO_OP_* above */
	497	uint32_t status;
	498
	499	/*
	500	* Maximum number of data queue
	501	*/
	502	uint32_t max_dataqueues;
	503
	504	/*
	505	* Specifies the services mask which the device support,
	506	* see VIRTIO_CRYPTO_SERVICE_* above
	507	*/
	508	uint32_t crypto_services;
	509
	510	/* Detailed algorithms mask */
	511	uint32_t cipher_algo_l;
	512	uint32_t cipher_algo_h;
	513	uint32_t hash_algo;
	514	uint32_t mac_algo_l;
	515	uint32_t mac_algo_h;
	516	uint32_t aead_algo;
	517	/* Maximum length of cipher key */
	518	uint32_t max_cipher_key_len;
	519	/* Maximum length of authenticated key */
	520	uint32_t max_auth_key_len;
e4082063	521	uint32_t akcipher_algo;
f43c0076 MT	522	/* Maximum size of each crypto request's content */
f43c0076 MT	523	uint64_t max_size;
5551e3a8 GA	524	};
	525
	526	struct virtio_crypto_inhdr {
f43c0076 MT	527	/* See VIRTIO_CRYPTO_* above */
f43c0076 MT	528	uint8_t status;
5551e3a8	529	};
f43c0076	530	#endif