[people/ms/u-boot.git] / drivers / crypto / fsl / jobdesc.c

/*
 * SEC Descriptor Construction Library
 * Basic job descriptor construction
 *
 * Copyright 2014 Freescale Semiconductor, Inc.
 *
 * SPDX-License-Identifier:	GPL-2.0+
 *
 */

#include <common.h>
#include <fsl_sec.h>
#include "desc_constr.h"
#include "jobdesc.h"
#include "rsa_caam.h"

#ifdef CONFIG_MX6
/*!
 * Secure memory run command
 *
 * @param   sec_mem_cmd  Secure memory command register
 * @return  cmd_status  Secure memory command status register
 */
uint32_t secmem_set_cmd(uint32_t sec_mem_cmd)
{
	uint32_t temp_reg;

	sec_out32(CAAM_SMCJR0, sec_mem_cmd);

	do {
		temp_reg = sec_in32(CAAM_SMCSJR0);
	} while (temp_reg & CMD_COMPLETE);

	return temp_reg;
}

/*!
 * CAAM page allocation:
 * Allocates a partition from secure memory, with the id
 * equal to partion_num. This will de-allocate the page
 * if it is already allocated. The partition will have
 * full access permissions. The permissions are set before,
 * running a job descriptor. A memory page of secure RAM
 * is allocated for the partition.
 *
 * @param   page  Number of the page to allocate.
 * @param   partition  Number of the partition to allocate.
 * @return  0 on success, ERROR_IN_PAGE_ALLOC otherwise
 */
int caam_page_alloc(uint8_t page_num, uint8_t partition_num)
{
	uint32_t temp_reg;

	/*
	 * De-Allocate partition_num if already allocated to ARM core
	 */
	if (sec_in32(CAAM_SMPO_0) & PARTITION_OWNER(partition_num)) {
		temp_reg = secmem_set_cmd(PARTITION(partition_num) |
						CMD_PART_DEALLOC);
		if (temp_reg & SMCSJR_AERR) {
			printf("Error: De-allocation status 0x%X\n", temp_reg);
			return ERROR_IN_PAGE_ALLOC;
		}
	}

	/* set the access rights to allow full access */
	sec_out32(CAAM_SMAG1JR0(partition_num), 0xF);
	sec_out32(CAAM_SMAG2JR0(partition_num), 0xF);
	sec_out32(CAAM_SMAPJR0(partition_num), 0xFF);

	/* Now need to allocate partition_num of secure RAM. */
	/* De-Allocate page_num by starting with a page inquiry command */
	temp_reg = secmem_set_cmd(PAGE(page_num) | CMD_INQUIRY);

	/* if the page is owned, de-allocate it */
	if ((temp_reg & SMCSJR_PO) == PAGE_OWNED) {
		temp_reg = secmem_set_cmd(PAGE(page_num) | CMD_PAGE_DEALLOC);
		if (temp_reg & SMCSJR_AERR) {
			printf("Error: Allocation status 0x%X\n", temp_reg);
			return ERROR_IN_PAGE_ALLOC;
		}
	}

	/* Allocate page_num to partition_num */
	temp_reg = secmem_set_cmd(PAGE(page_num) | PARTITION(partition_num)
						| CMD_PAGE_ALLOC);
	if (temp_reg & SMCSJR_AERR) {
		printf("Error: Allocation status 0x%X\n", temp_reg);
		return ERROR_IN_PAGE_ALLOC;
	}
	/* page inquiry command to ensure that the page was allocated */
	temp_reg = secmem_set_cmd(PAGE(page_num) | CMD_INQUIRY);

	/* if the page is not owned => problem */
	if ((temp_reg & SMCSJR_PO) != PAGE_OWNED) {
		printf("Allocation of page %d in partition %d failed 0x%X\n",
		       temp_reg, page_num, partition_num);

		return ERROR_IN_PAGE_ALLOC;
	}

	return 0;
}

int inline_cnstr_jobdesc_blob_dek(uint32_t *desc, const uint8_t *plain_txt,
				       uint8_t *dek_blob, uint32_t in_sz)
{
	uint32_t ret = 0;
	u32 aad_w1, aad_w2;
	/* output blob will have 32 bytes key blob in beginning and
	 * 16 byte HMAC identifier at end of data blob */
	uint32_t out_sz = in_sz + KEY_BLOB_SIZE + MAC_SIZE;
	/* Setting HDR for blob */
	uint8_t wrapped_key_hdr[8] = {HDR_TAG, 0x00, WRP_HDR_SIZE + out_sz,
			     HDR_PAR, HAB_MOD, HAB_ALG, in_sz, HAB_FLG};

	/* initialize the blob array */
	memset(dek_blob, 0, out_sz + 8);
	/* Copy the header into the DEK blob buffer */
	memcpy(dek_blob, wrapped_key_hdr, sizeof(wrapped_key_hdr));

	/* allocating secure memory */
	ret = caam_page_alloc(PAGE_1, PARTITION_1);
	if (ret)
		return ret;

	/* Write DEK to secure memory */
	memcpy((uint32_t *)SEC_MEM_PAGE1, (uint32_t *)plain_txt, in_sz);

	unsigned long start = (unsigned long)SEC_MEM_PAGE1 &
				~(ARCH_DMA_MINALIGN - 1);
	unsigned long end = ALIGN(start + 0x1000, ARCH_DMA_MINALIGN);
	flush_dcache_range(start, end);

	/* Now configure the access rights of the partition */
	sec_out32(CAAM_SMAG1JR0(PARTITION_1), KS_G1); /* set group 1 */
	sec_out32(CAAM_SMAG2JR0(PARTITION_1), 0);     /* clear group 2 */
	sec_out32(CAAM_SMAPJR0(PARTITION_1), PERM);   /* set perm & locks */

	/* construct aad for AES */
	aad_w1 = (in_sz << OP_ALG_ALGSEL_SHIFT) | KEY_AES_SRC | LD_CCM_MODE;
	aad_w2 = 0x0;

	init_job_desc(desc, 0);

	append_cmd(desc, CMD_LOAD | CLASS_2 | KEY_IMM | KEY_ENC |
				(0x0c << LDST_OFFSET_SHIFT) | 0x08);

	append_u32(desc, aad_w1);

	append_u32(desc, aad_w2);

	append_cmd_ptr(desc, (dma_addr_t)SEC_MEM_PAGE1, in_sz, CMD_SEQ_IN_PTR);

	append_cmd_ptr(desc, (dma_addr_t)dek_blob + 8, out_sz, CMD_SEQ_OUT_PTR);

	append_operation(desc, OP_TYPE_ENCAP_PROTOCOL | OP_PCLID_BLOB |
						OP_PCLID_SECMEM);

	return ret;
}
#endif

void inline_cnstr_jobdesc_hash(uint32_t *desc,
			  const uint8_t *msg, uint32_t msgsz, uint8_t *digest,
			  u32 alg_type, uint32_t alg_size, int sg_tbl)
{
	/* SHA 256 , output is of length 32 words */
	uint32_t storelen = alg_size;
	u32 options;
	dma_addr_t dma_addr_in, dma_addr_out;

	dma_addr_in = virt_to_phys((void *)msg);
	dma_addr_out = virt_to_phys((void *)digest);

	init_job_desc(desc, 0);
	append_operation(desc, OP_TYPE_CLASS2_ALG |
			 OP_ALG_AAI_HASH | OP_ALG_AS_INITFINAL |
			 OP_ALG_ENCRYPT | OP_ALG_ICV_OFF | alg_type);

	options = LDST_CLASS_2_CCB | FIFOLD_TYPE_MSG | FIFOLD_TYPE_LAST2;
	if (sg_tbl)
		options |= FIFOLDST_SGF;
	if (msgsz > 0xffff) {
		options |= FIFOLDST_EXT;
		append_fifo_load(desc, dma_addr_in, 0, options);
		append_cmd(desc, msgsz);
	} else {
		append_fifo_load(desc, dma_addr_in, msgsz, options);
	}

	append_store(desc, dma_addr_out, storelen,
		     LDST_CLASS_2_CCB | LDST_SRCDST_BYTE_CONTEXT);
}

void inline_cnstr_jobdesc_blob_encap(uint32_t *desc, uint8_t *key_idnfr,
				     uint8_t *plain_txt, uint8_t *enc_blob,
				     uint32_t in_sz)
{
	dma_addr_t dma_addr_key_idnfr, dma_addr_in, dma_addr_out;
	uint32_t key_sz = KEY_IDNFR_SZ_BYTES;
	/* output blob will have 32 bytes key blob in beginning and
	 * 16 byte HMAC identifier at end of data blob */
	uint32_t out_sz = in_sz + KEY_BLOB_SIZE + MAC_SIZE;

	dma_addr_key_idnfr = virt_to_phys((void *)key_idnfr);
	dma_addr_in	= virt_to_phys((void *)plain_txt);
	dma_addr_out	= virt_to_phys((void *)enc_blob);

	init_job_desc(desc, 0);

	append_key(desc, dma_addr_key_idnfr, key_sz, CLASS_2);

	append_seq_in_ptr(desc, dma_addr_in, in_sz, 0);

	append_seq_out_ptr(desc, dma_addr_out, out_sz, 0);

	append_operation(desc, OP_TYPE_ENCAP_PROTOCOL | OP_PCLID_BLOB);
}

void inline_cnstr_jobdesc_blob_decap(uint32_t *desc, uint8_t *key_idnfr,
				     uint8_t *enc_blob, uint8_t *plain_txt,
				     uint32_t out_sz)
{
	dma_addr_t dma_addr_key_idnfr, dma_addr_in, dma_addr_out;
	uint32_t key_sz = KEY_IDNFR_SZ_BYTES;
	uint32_t in_sz = out_sz + KEY_BLOB_SIZE + MAC_SIZE;

	dma_addr_key_idnfr = virt_to_phys((void *)key_idnfr);
	dma_addr_in	= virt_to_phys((void *)enc_blob);
	dma_addr_out	= virt_to_phys((void *)plain_txt);

	init_job_desc(desc, 0);

	append_key(desc, dma_addr_key_idnfr, key_sz, CLASS_2);

	append_seq_in_ptr(desc, dma_addr_in, in_sz, 0);

	append_seq_out_ptr(desc, dma_addr_out, out_sz, 0);

	append_operation(desc, OP_TYPE_DECAP_PROTOCOL | OP_PCLID_BLOB);
}

/*
 * Descriptor to instantiate RNG State Handle 0 in normal mode and
 * load the JDKEK, TDKEK and TDSK registers
 */
void inline_cnstr_jobdesc_rng_instantiation(uint32_t *desc)
{
	u32 *jump_cmd;

	init_job_desc(desc, 0);

	/* INIT RNG in non-test mode */
	append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
			 OP_ALG_AS_INIT);

	/* wait for done */
	jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1);
	set_jump_tgt_here(desc, jump_cmd);

	/*
	 * load 1 to clear written reg:
	 * resets the done interrrupt and returns the RNG to idle.
	 */
	append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW);

	/* generate secure keys (non-test) */
	append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
			 OP_ALG_RNG4_SK);
}

/* Change key size to bytes form bits in calling function*/
void inline_cnstr_jobdesc_pkha_rsaexp(uint32_t *desc,
				      struct pk_in_params *pkin, uint8_t *out,
				      uint32_t out_siz)
{
	dma_addr_t dma_addr_e, dma_addr_a, dma_addr_n, dma_addr_out;

	dma_addr_e = virt_to_phys((void *)pkin->e);
	dma_addr_a = virt_to_phys((void *)pkin->a);
	dma_addr_n = virt_to_phys((void *)pkin->n);
	dma_addr_out = virt_to_phys((void *)out);

	init_job_desc(desc, 0);
	append_key(desc, dma_addr_e, pkin->e_siz, KEY_DEST_PKHA_E | CLASS_1);

	append_fifo_load(desc, dma_addr_a,
			 pkin->a_siz, LDST_CLASS_1_CCB | FIFOLD_TYPE_PK_A);

	append_fifo_load(desc, dma_addr_n,
			 pkin->n_siz, LDST_CLASS_1_CCB | FIFOLD_TYPE_PK_N);

	append_operation(desc, OP_TYPE_PK | OP_ALG_PK | OP_ALG_PKMODE_MOD_EXPO);

	append_fifo_store(desc, dma_addr_out, out_siz,
			  LDST_CLASS_1_CCB | FIFOST_TYPE_PKHA_B);
}
Commit	Line	Data
b9eebfad RG	1	/*
	2	* SEC Descriptor Construction Library
	3	* Basic job descriptor construction
	4	*
	5	* Copyright 2014 Freescale Semiconductor, Inc.
	6	*
	7	* SPDX-License-Identifier: GPL-2.0+
	8	*
	9	*/
	10
	11	#include <common.h>
0200020b	12	#include <fsl_sec.h>
b9eebfad RG	13	#include "desc_constr.h"
b9eebfad RG	14	#include "jobdesc.h"
34276478	15	#include "rsa_caam.h"
b9eebfad	16
0200020b RC	17	#ifdef CONFIG_MX6
	18	/*!
	19	* Secure memory run command
	20	*
	21	* @param sec_mem_cmd Secure memory command register
	22	* @return cmd_status Secure memory command status register
	23	*/
	24	uint32_t secmem_set_cmd(uint32_t sec_mem_cmd)
	25	{
	26	uint32_t temp_reg;
	27
	28	sec_out32(CAAM_SMCJR0, sec_mem_cmd);
	29
	30	do {
	31	temp_reg = sec_in32(CAAM_SMCSJR0);
	32	} while (temp_reg & CMD_COMPLETE);
	33
	34	return temp_reg;
	35	}
	36
	37	/*!
	38	* CAAM page allocation:
	39	* Allocates a partition from secure memory, with the id
	40	* equal to partion_num. This will de-allocate the page
	41	* if it is already allocated. The partition will have
	42	* full access permissions. The permissions are set before,
	43	* running a job descriptor. A memory page of secure RAM
	44	* is allocated for the partition.
	45	*
	46	* @param page Number of the page to allocate.
	47	* @param partition Number of the partition to allocate.
	48	* @return 0 on success, ERROR_IN_PAGE_ALLOC otherwise
	49	*/
	50	int caam_page_alloc(uint8_t page_num, uint8_t partition_num)
	51	{
	52	uint32_t temp_reg;
	53
	54	/*
	55	* De-Allocate partition_num if already allocated to ARM core
	56	*/
	57	if (sec_in32(CAAM_SMPO_0) & PARTITION_OWNER(partition_num)) {
	58	temp_reg = secmem_set_cmd(PARTITION(partition_num) \|
	59	CMD_PART_DEALLOC);
	60	if (temp_reg & SMCSJR_AERR) {
	61	printf("Error: De-allocation status 0x%X\n", temp_reg);
	62	return ERROR_IN_PAGE_ALLOC;
	63	}
	64	}
	65
	66	/* set the access rights to allow full access */
	67	sec_out32(CAAM_SMAG1JR0(partition_num), 0xF);
	68	sec_out32(CAAM_SMAG2JR0(partition_num), 0xF);
	69	sec_out32(CAAM_SMAPJR0(partition_num), 0xFF);
	70
	71	/* Now need to allocate partition_num of secure RAM. */
	72	/* De-Allocate page_num by starting with a page inquiry command */
	73	temp_reg = secmem_set_cmd(PAGE(page_num) \| CMD_INQUIRY);
	74
	75	/* if the page is owned, de-allocate it */
	76	if ((temp_reg & SMCSJR_PO) == PAGE_OWNED) {
	77	temp_reg = secmem_set_cmd(PAGE(page_num) \| CMD_PAGE_DEALLOC);
	78	if (temp_reg & SMCSJR_AERR) {
	79	printf("Error: Allocation status 0x%X\n", temp_reg);
	80	return ERROR_IN_PAGE_ALLOC;
81	}
82	}
83
84	/* Allocate page_num to partition_num */
85	temp_reg = secmem_set_cmd(PAGE(page_num) \| PARTITION(partition_num)
86	\| CMD_PAGE_ALLOC);
87	if (temp_reg & SMCSJR_AERR) {
88	printf("Error: Allocation status 0x%X\n", temp_reg);
89	return ERROR_IN_PAGE_ALLOC;
90	}
91	/* page inquiry command to ensure that the page was allocated */
92	temp_reg = secmem_set_cmd(PAGE(page_num) \| CMD_INQUIRY);
93
94	/* if the page is not owned => problem */
95	if ((temp_reg & SMCSJR_PO) != PAGE_OWNED) {
96	printf("Allocation of page %d in partition %d failed 0x%X\n",
97	temp_reg, page_num, partition_num);
98
99	return ERROR_IN_PAGE_ALLOC;
100	}
101
102	return 0;
103	}
104
105	int inline_cnstr_jobdesc_blob_dek(uint32_t desc, const uint8_t plain_txt,
106	uint8_t *dek_blob, uint32_t in_sz)
107	{
108	uint32_t ret = 0;
109	u32 aad_w1, aad_w2;
110	/* output blob will have 32 bytes key blob in beginning and
111	* 16 byte HMAC identifier at end of data blob */
112	uint32_t out_sz = in_sz + KEY_BLOB_SIZE + MAC_SIZE;
113	/* Setting HDR for blob */
114	uint8_t wrapped_key_hdr[8] = {HDR_TAG, 0x00, WRP_HDR_SIZE + out_sz,
115	HDR_PAR, HAB_MOD, HAB_ALG, in_sz, HAB_FLG};
116
117	/* initialize the blob array */
118	memset(dek_blob, 0, out_sz + 8);
119	/* Copy the header into the DEK blob buffer */
120	memcpy(dek_blob, wrapped_key_hdr, sizeof(wrapped_key_hdr));
121
122	/* allocating secure memory */
123	ret = caam_page_alloc(PAGE_1, PARTITION_1);
124	if (ret)
125	return ret;
126
127	/* Write DEK to secure memory */
128	memcpy((uint32_t )SEC_MEM_PAGE1, (uint32_t )plain_txt, in_sz);
129
130	unsigned long start = (unsigned long)SEC_MEM_PAGE1 &
131	~(ARCH_DMA_MINALIGN - 1);
132	unsigned long end = ALIGN(start + 0x1000, ARCH_DMA_MINALIGN);
133	flush_dcache_range(start, end);
134
135	/* Now configure the access rights of the partition */
136	sec_out32(CAAM_SMAG1JR0(PARTITION_1), KS_G1); /* set group 1 */
137	sec_out32(CAAM_SMAG2JR0(PARTITION_1), 0); /* clear group 2 */
138	sec_out32(CAAM_SMAPJR0(PARTITION_1), PERM); /* set perm & locks */
139
140	/* construct aad for AES */
141	aad_w1 = (in_sz << OP_ALG_ALGSEL_SHIFT) \| KEY_AES_SRC \| LD_CCM_MODE;
142	aad_w2 = 0x0;
143
144	init_job_desc(desc, 0);
145
146	append_cmd(desc, CMD_LOAD \| CLASS_2 \| KEY_IMM \| KEY_ENC \|
147	(0x0c << LDST_OFFSET_SHIFT) \| 0x08);
148
149	append_u32(desc, aad_w1);
150
151	append_u32(desc, aad_w2);
152
153	append_cmd_ptr(desc, (dma_addr_t)SEC_MEM_PAGE1, in_sz, CMD_SEQ_IN_PTR);
154
155	append_cmd_ptr(desc, (dma_addr_t)dek_blob + 8, out_sz, CMD_SEQ_OUT_PTR);
156
157	append_operation(desc, OP_TYPE_ENCAP_PROTOCOL \| OP_PCLID_BLOB \|
158	OP_PCLID_SECMEM);
159
160	return ret;
161	}
162	#endif
c5de15cb	163
b9eebfad RG	164	void inline_cnstr_jobdesc_hash(uint32_t *desc,
	165	const uint8_t msg, uint32_t msgsz, uint8_t digest,
	166	u32 alg_type, uint32_t alg_size, int sg_tbl)
	167	{
	168	/* SHA 256 , output is of length 32 words */
	169	uint32_t storelen = alg_size;
	170	u32 options;
	171	dma_addr_t dma_addr_in, dma_addr_out;
	172
	173	dma_addr_in = virt_to_phys((void *)msg);
	174	dma_addr_out = virt_to_phys((void *)digest);
	175
	176	init_job_desc(desc, 0);
	177	append_operation(desc, OP_TYPE_CLASS2_ALG \|
	178	OP_ALG_AAI_HASH \| OP_ALG_AS_INITFINAL \|
	179	OP_ALG_ENCRYPT \| OP_ALG_ICV_OFF \| alg_type);
	180
	181	options = LDST_CLASS_2_CCB \| FIFOLD_TYPE_MSG \| FIFOLD_TYPE_LAST2;
	182	if (sg_tbl)
	183	options \|= FIFOLDST_SGF;
	184	if (msgsz > 0xffff) {
	185	options \|= FIFOLDST_EXT;
	186	append_fifo_load(desc, dma_addr_in, 0, options);
	187	append_cmd(desc, msgsz);
	188	} else {
	189	append_fifo_load(desc, dma_addr_in, msgsz, options);
	190	}
	191
	192	append_store(desc, dma_addr_out, storelen,
	193	LDST_CLASS_2_CCB \| LDST_SRCDST_BYTE_CONTEXT);
	194	}
c5de15cb RG	195
	196	void inline_cnstr_jobdesc_blob_encap(uint32_t desc, uint8_t key_idnfr,
	197	uint8_t plain_txt, uint8_t enc_blob,
	198	uint32_t in_sz)
	199	{
	200	dma_addr_t dma_addr_key_idnfr, dma_addr_in, dma_addr_out;
	201	uint32_t key_sz = KEY_IDNFR_SZ_BYTES;
	202	/* output blob will have 32 bytes key blob in beginning and
	203	* 16 byte HMAC identifier at end of data blob */
	204	uint32_t out_sz = in_sz + KEY_BLOB_SIZE + MAC_SIZE;
	205
	206	dma_addr_key_idnfr = virt_to_phys((void *)key_idnfr);
	207	dma_addr_in = virt_to_phys((void *)plain_txt);
	208	dma_addr_out = virt_to_phys((void *)enc_blob);
	209
	210	init_job_desc(desc, 0);
	211
	212	append_key(desc, dma_addr_key_idnfr, key_sz, CLASS_2);
	213
	214	append_seq_in_ptr(desc, dma_addr_in, in_sz, 0);
	215
	216	append_seq_out_ptr(desc, dma_addr_out, out_sz, 0);
	217
	218	append_operation(desc, OP_TYPE_ENCAP_PROTOCOL \| OP_PCLID_BLOB);
	219	}
	220
	221	void inline_cnstr_jobdesc_blob_decap(uint32_t desc, uint8_t key_idnfr,
	222	uint8_t enc_blob, uint8_t plain_txt,
	223	uint32_t out_sz)
	224	{
	225	dma_addr_t dma_addr_key_idnfr, dma_addr_in, dma_addr_out;
	226	uint32_t key_sz = KEY_IDNFR_SZ_BYTES;
	227	uint32_t in_sz = out_sz + KEY_BLOB_SIZE + MAC_SIZE;
	228
	229	dma_addr_key_idnfr = virt_to_phys((void *)key_idnfr);
	230	dma_addr_in = virt_to_phys((void *)enc_blob);
	231	dma_addr_out = virt_to_phys((void *)plain_txt);
	232
	233	init_job_desc(desc, 0);
	234
	235	append_key(desc, dma_addr_key_idnfr, key_sz, CLASS_2);
	236
	237	append_seq_in_ptr(desc, dma_addr_in, in_sz, 0);
	238
	239	append_seq_out_ptr(desc, dma_addr_out, out_sz, 0);
	240
	241	append_operation(desc, OP_TYPE_DECAP_PROTOCOL \| OP_PCLID_BLOB);
	242	}
	243
	244	/*
	245	* Descriptor to instantiate RNG State Handle 0 in normal mode and
	246	* load the JDKEK, TDKEK and TDSK registers
	247	*/
	248	void inline_cnstr_jobdesc_rng_instantiation(uint32_t *desc)
	249	{
	250	u32 *jump_cmd;
	251
	252	init_job_desc(desc, 0);
	253
	254	/* INIT RNG in non-test mode */
	255	append_operation(desc, OP_TYPE_CLASS1_ALG \| OP_ALG_ALGSEL_RNG \|
	256	OP_ALG_AS_INIT);
	257
	258	/* wait for done */
259	jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1);
260	set_jump_tgt_here(desc, jump_cmd);
261
262	/*
263	* load 1 to clear written reg:
264	* resets the done interrrupt and returns the RNG to idle.
265	*/
266	append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW);
267
268	/* generate secure keys (non-test) */
269	append_operation(desc, OP_TYPE_CLASS1_ALG \| OP_ALG_ALGSEL_RNG \|
270	OP_ALG_RNG4_SK);
271	}
34276478 RG	272
	273	/* Change key size to bytes form bits in calling function*/
	274	void inline_cnstr_jobdesc_pkha_rsaexp(uint32_t *desc,
	275	struct pk_in_params pkin, uint8_t out,
	276	uint32_t out_siz)
	277	{
	278	dma_addr_t dma_addr_e, dma_addr_a, dma_addr_n, dma_addr_out;
	279
	280	dma_addr_e = virt_to_phys((void *)pkin->e);
	281	dma_addr_a = virt_to_phys((void *)pkin->a);
	282	dma_addr_n = virt_to_phys((void *)pkin->n);
	283	dma_addr_out = virt_to_phys((void *)out);
	284
	285	init_job_desc(desc, 0);
	286	append_key(desc, dma_addr_e, pkin->e_siz, KEY_DEST_PKHA_E \| CLASS_1);
	287
	288	append_fifo_load(desc, dma_addr_a,
	289	pkin->a_siz, LDST_CLASS_1_CCB \| FIFOLD_TYPE_PK_A);
	290
	291	append_fifo_load(desc, dma_addr_n,
	292	pkin->n_siz, LDST_CLASS_1_CCB \| FIFOLD_TYPE_PK_N);
	293
	294	append_operation(desc, OP_TYPE_PK \| OP_ALG_PK \| OP_ALG_PKMODE_MOD_EXPO);
	295
	296	append_fifo_store(desc, dma_addr_out, out_siz,
	297	LDST_CLASS_1_CCB \| FIFOST_TYPE_PKHA_B);
	298	}