From cebda9e613a5f8c74f80361c425a00d68250eb7a Mon Sep 17 00:00:00 2001
From: Romain Dolbeau <romain@dolbeau.org>
Date: Sun, 24 Jan 2021 06:47:05 -0500
Subject: [PATCH] HW post-increment of counter in AES for GCM

---
 NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.c | 52 +++++++++++++++++++++++-
 NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.h |  1 +
 sbus-to-ztex-gateware/sbus_fsm.vhd       |  6 +++
 3 files changed, 58 insertions(+), 1 deletion(-)

diff --git a/NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.c b/NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.c
index c07d44d..b863e3f 100644
--- a/NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.c
+++ b/NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.c
@@ -151,9 +151,15 @@ struct rdfpga_256bits {
 #define RDFPGA_WL   _IOW(0, 5, uint32_t)
 
 #define RDFPGA_AESWK   _IOW(0, 10, struct rdfpga_128bits)
-#define RDFPGA_AESWK256   _IOW(0, 13, struct rdfpga_256bits)
 #define RDFPGA_AESWD   _IOW(0, 11, struct rdfpga_128bits)
 #define RDFPGA_AESRO   _IOR(0, 12, struct rdfpga_128bits)
+#define RDFPGA_AESWK256   _IOW(0, 13, struct rdfpga_256bits)
+#define RDFPGA_AESGCMF   _IOWR(0, 14, struct rdfpga_128bits)
+#define RDFPGA_AESGCMN   _IOR(0, 15, struct rdfpga_128bits)
+
+#if 0
+#define RDFPGA_AESRD   _IOR(0, 100, struct rdfpga_128bits) /* fixme: remove */
+#endif
 
 int
 rdfpga_ioctl (dev_t dev, u_long cmd, void *data, int flag, struct lwp *l)
@@ -223,6 +229,50 @@ rdfpga_ioctl (dev_t dev, u_long cmd, void *data, int flag, struct lwp *l)
 		for (i = 0 ; i < 2 ; i++)
 			bits->x[i] = bus_space_read_8(sc->sc_bustag, sc->sc_bhregs, (RDFPGA_REG_AES128_OUT + (i*8)));
                 break;
+        case RDFPGA_AESGCMF:
+		if ((err = rdfpga_wait_aes_ready(sc)) != 0)
+		  return err;
+		for (i = 0 ; i < 2 ; i++)
+		  bus_space_write_8(sc->sc_bustag, sc->sc_bhregs, (RDFPGA_REG_AES128_DATA + (i*8)), bits->x[i] );
+		ctrl = RDFPGA_MASK_AES128_START | RDFPGA_MASK_AES128_GCMPOSTINC;
+		if (sc->aes_key_refresh != 0x8000) {
+		  ctrl |= RDFPGA_MASK_AES128_NEWKEY;
+		  sc->aes_key_refresh = 0x8000;
+		}
+		if (sc->aes_key_bits == 1) {
+		  ctrl |= RDFPGA_MASK_AES128_AES256;
+		}
+	        bus_space_write_4(sc->sc_bustag, sc->sc_bhregs, RDFPGA_REG_AES128_CTRL, ctrl);
+		if ((err = rdfpga_wait_aes_ready(sc)) != 0)
+		  return err;
+		for (i = 0 ; i < 2 ; i++)
+			bits->x[i] = bus_space_read_8(sc->sc_bustag, sc->sc_bhregs, (RDFPGA_REG_AES128_OUT + (i*8)));
+                break;
+        case RDFPGA_AESGCMN:
+		if ((err = rdfpga_wait_aes_ready(sc)) != 0)
+		  return err;
+		ctrl = RDFPGA_MASK_AES128_START | RDFPGA_MASK_AES128_GCMPOSTINC;
+		if (sc->aes_key_refresh != 0x8000) {
+		  ctrl |= RDFPGA_MASK_AES128_NEWKEY;
+		  sc->aes_key_refresh = 0x8000;
+		}
+		if (sc->aes_key_bits == 1) {
+		  ctrl |= RDFPGA_MASK_AES128_AES256;
+		}
+	        bus_space_write_4(sc->sc_bustag, sc->sc_bhregs, RDFPGA_REG_AES128_CTRL, ctrl);
+		if ((err = rdfpga_wait_aes_ready(sc)) != 0)
+		  return err;
+		for (i = 0 ; i < 2 ; i++)
+			bits->x[i] = bus_space_read_8(sc->sc_bustag, sc->sc_bhregs, (RDFPGA_REG_AES128_OUT + (i*8)));
+                break;
+#if 0
+        case RDFPGA_AESRD: /* fixme: disable */
+		if ((err = rdfpga_wait_aes_ready(sc)) != 0)
+		  return err;
+		for (i = 0 ; i < 2 ; i++)
+			bits->x[i] = bus_space_read_8(sc->sc_bustag, sc->sc_bhregs, (RDFPGA_REG_AES128_DATA + (i*8)));
+                break;
+#endif
         default:
                 err = EINVAL;
                 break;
diff --git a/NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.h b/NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.h
index c019035..d3371d8 100644
--- a/NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.h
+++ b/NetBSD/9.0/usr/src/sys/dev/sbus/rdfpga.h
@@ -99,5 +99,6 @@ struct rdfpga_softc {
 #define RDFPGA_MASK_AES128_CBCMOD 0x08000000
 #define RDFPGA_MASK_AES128_AES256 0x04000000
 #define RDFPGA_MASK_AES128_DEC    0x02000000
+#define RDFPGA_MASK_AES128_GCMPOSTINC 0x01000000
 
 #endif /* _RDFPGA_H_ */
diff --git a/sbus-to-ztex-gateware/sbus_fsm.vhd b/sbus-to-ztex-gateware/sbus_fsm.vhd
index 73ea8c0..3439c66 100644
--- a/sbus-to-ztex-gateware/sbus_fsm.vhd
+++ b/sbus-to-ztex-gateware/sbus_fsm.vhd
@@ -150,6 +150,7 @@ ENTITY SBusFSM is
   constant AES128_CTRL_CBCMOD_IDX : integer := 27;
   constant AES128_CTRL_AES256_IDX : integer := 26;
   constant AES128_CTRL_DEC_IDX    : integer := 25;
+  constant AES128_CTRL_GCMPOSTINC_IDX : integer := 24;
   
   CONSTANT REG_INDEX_TRNG_DATA    : integer := 0;
   CONSTANT REG_INDEX_TRNG_TIMER   : integer := 1;
@@ -468,6 +469,7 @@ ARCHITECTURE RTL OF SBusFSM IS
       (REG_OFFSET_AESDMA_CTRL = value) OR
       (REG_OFFSET_AESDMAW_CTRL = value) OR
       (REG_OFFSET_AES128_CTRL = value)
+      -- OR (REG_OFFSET_IS_AESDATA(value))
       ;
   end function;
 
@@ -1720,6 +1722,10 @@ BEGIN
                 REGISTERS(reg_bank_size*reg_bank_crypto_idx + REG_INDEX_AES128_DATA3) & REGISTERS(reg_bank_size*reg_bank_crypto_idx + REG_INDEX_AES128_DATA4);
               fifo_toaes_wr_en <= '1';
               AES_State <= AES_CRYPT1;
+              IF (REGISTERS(reg_bank_size*reg_bank_crypto_idx + REG_INDEX_AES128_CTRL)(AES128_CTRL_GCMPOSTINC_IDX) = '1') THEN
+                REGISTERS(reg_bank_size*reg_bank_crypto_idx + REG_INDEX_AES128_DATA4) <= 
+                  conv_std_logic_vector(conv_integer(REGISTERS(reg_bank_size*reg_bank_crypto_idx + REG_INDEX_AES128_DATA4))+1,32);
+              END IF;
             END IF;
           END IF;