feat(hal/spi_flash_encrypted): Enable pseudo rounds function during XTS-AES operations

2025-10-05 04:49:21 +00:00 · 2025-01-17 10:51:09 +05:30
parent 7d803e661e
commit e3acb360e3
8 changed files with 146 additions and 9 deletions
--- a/components/soc/esp32h2/include/soc/Kconfig.soc_caps.in
+++ b/components/soc/esp32h2/include/soc/Kconfig.soc_caps.in
@@ -1279,6 +1279,10 @@ config SOC_FLASH_ENCRYPTION_XTS_AES_128
    bool
    default y

+config SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND
+    bool
+    default y
+
 config SOC_APM_CTRL_FILTER_SUPPORTED
    bool
    default y
--- a/components/soc/esp32h2/include/soc/soc_caps.h
+++ b/components/soc/esp32h2/include/soc/soc_caps.h
@@ -509,6 +509,7 @@
 #define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX   (64)
 #define SOC_FLASH_ENCRYPTION_XTS_AES        1
 #define SOC_FLASH_ENCRYPTION_XTS_AES_128    1
+#define SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND  1 /*!< Only avliable in chip version above 1.2*/

 /*-------------------------- APM CAPS ----------------------------------------*/
 #define SOC_APM_CTRL_FILTER_SUPPORTED   1 /*!< Support for APM control filter */
--- a/components/soc/esp32h2/register/soc/spi_mem_struct.h
+++ b/components/soc/esp32h2/register/soc/spi_mem_struct.h
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@@ -1033,7 +1033,16 @@ typedef volatile struct spi_mem_dev_s {
        };
        uint32_t val;
    } dpa_ctrl;
-    uint32_t reserved_38c;
+    union {
+        struct {
+            uint32_t reg_mode_pseudo                :    2;  /*Set the mode of pseudo. 2'b00: crypto without pseudo. 2'b01: state T with pseudo and state D without pseudo. 2'b10: state T with pseudo and state D with few pseudo. 2'b11: crypto with pseudo.*/
+            uint32_t reg_pseudo_rng_cnt             :    3;  /*xts aes peseudo function base round that must be performed.*/
+            uint32_t reg_pseudo_base                :    4;  /*xts aes peseudo function base round that must be performed.*/
+            uint32_t reg_pseudo_inc                 :    2;  /*xts aes peseudo function increment round that will be performed randomly between 0 & 2**(inc+1).*/
+            uint32_t reserved11                     :    21;  /*reserved*/
+        };
+        uint32_t val;
+    } xts_pseudo_round_conf;
    uint32_t reserved_390;
    uint32_t reserved_394;
    uint32_t reserved_398;
--- a/components/soc/esp32h2/register/soc/xts_aes_reg.h
+++ b/components/soc/esp32h2/register/soc/xts_aes_reg.h
@@ -1,5 +1,5 @@
 /**
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
 *
 *  SPDX-License-Identifier: Apache-2.0
 */
@@ -124,6 +124,42 @@ formance of cryption will decrease together with this number increasing).*/
 #define XTS_AES_CRYPT_SECURITY_LEVEL_V  0x7
 #define XTS_AES_CRYPT_SECURITY_LEVEL_S  0

+/** XTS_AES_PSEUDO_ROUND_CONF_REG register
+ *  SPI memory encryption PSEUDO register
+ */
+#define XTS_AES_PSEUDO_ROUND_CONF_REG(i) (REG_SPI_MEM_BASE(i) + 0x38c)
+/** XTS_AES_MODE_PSEUDO : R/W; bitpos: [1:0]; default: 0;
+ *  Set the mode of pseudo. 2'b00: crypto without pseudo. 2'b01: state T with pseudo
+ *  and state D without pseudo. 2'b10: state T with pseudo and state D with few pseudo.
+ *  2'b11: crypto with pseudo.
+ */
+#define XTS_AES_MODE_PSEUDO    0x00000003U
+#define XTS_AES_MODE_PSEUDO_M  (XTS_AES_MODE_PSEUDO_V << XTS_AES_MODE_PSEUDO_S)
+#define XTS_AES_MODE_PSEUDO_V  0x00000003U
+#define XTS_AES_MODE_PSEUDO_S  0
+/** XTS_AES_PSEUDO_RNG_CNT : R/W; bitpos: [4:2]; default: 7;
+ *  xts aes peseudo function base round that must be performed.
+ */
+#define XTS_AES_PSEUDO_RNG_CNT    0x00000007U
+#define XTS_AES_PSEUDO_RNG_CNT_M  (XTS_AES_PSEUDO_RNG_CNT_V << XTS_AES_PSEUDO_RNG_CNT_S)
+#define XTS_AES_PSEUDO_RNG_CNT_V  0x00000007U
+#define XTS_AES_PSEUDO_RNG_CNT_S  2
+/** XTS_AES_PSEUDO_BASE : R/W; bitpos: [8:5]; default: 2;
+ *  xts aes peseudo function base round that must be performed.
+ */
+#define XTS_AES_PSEUDO_BASE    0x0000000FU
+#define XTS_AES_PSEUDO_BASE_M  (XTS_AES_PSEUDO_BASE_V << XTS_AES_PSEUDO_BASE_S)
+#define XTS_AES_PSEUDO_BASE_V  0x0000000FU
+#define XTS_AES_PSEUDO_BASE_S  5
+/** XTS_AES_PSEUDO_INC : R/W; bitpos: [10:9]; default: 2;
+ *  xts aes peseudo function increment round that will be performed randomly between 0 &
+ *  2**(inc+1).
+ */
+#define XTS_AES_PSEUDO_INC    0x00000003U
+#define XTS_AES_PSEUDO_INC_M  (XTS_AES_PSEUDO_INC_V << XTS_AES_PSEUDO_INC_S)
+#define XTS_AES_PSEUDO_INC_V  0x00000003U
+#define XTS_AES_PSEUDO_INC_S  9
+
 #ifdef __cplusplus
 }
 #endif