1 /* $FreeBSD: src/sys/dev/hifn/hifn7751var.h,v 1.1.2.2 2003/06/04 17:56:59 sam Exp $ */ 2 /* $DragonFly: src/sys/dev/crypto/hifn/hifn7751var.h,v 1.3 2007/12/04 09:11:12 hasso Exp $ */ 3 /* $OpenBSD: hifn7751var.h,v 1.42 2002/04/08 17:49:42 jason Exp $ */ 4 5 /*- 6 * Invertex AEON / Hifn 7751 driver 7 * Copyright (c) 1999 Invertex Inc. All rights reserved. 8 * Copyright (c) 1999 Theo de Raadt 9 * Copyright (c) 2000-2001 Network Security Technologies, Inc. 10 * http://www.netsec.net 11 * 12 * Please send any comments, feedback, bug-fixes, or feature requests to 13 * software@invertex.com. 14 * 15 * Redistribution and use in source and binary forms, with or without 16 * modification, are permitted provided that the following conditions 17 * are met: 18 * 19 * 1. Redistributions of source code must retain the above copyright 20 * notice, this list of conditions and the following disclaimer. 21 * 2. Redistributions in binary form must reproduce the above copyright 22 * notice, this list of conditions and the following disclaimer in the 23 * documentation and/or other materials provided with the distribution. 24 * 3. The name of the author may not be used to endorse or promote products 25 * derived from this software without specific prior written permission. 26 * 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 29 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 30 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 31 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 32 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 33 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 34 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 35 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 37 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 * 39 * Effort sponsored in part by the Defense Advanced Research Projects 40 * Agency (DARPA) and Air Force Research Laboratory, Air Force 41 * Materiel Command, USAF, under agreement number F30602-01-2-0537. 42 * 43 */ 44 45 #ifndef __HIFN7751VAR_H__ 46 #define __HIFN7751VAR_H__ 47 48 #ifdef _KERNEL 49 50 /* 51 * Some configurable values for the driver. By default command+result 52 * descriptor rings are the same size. The src+dst descriptor rings 53 * are sized at 3.5x the number of potential commands. Slower parts 54 * (e.g. 7951) tend to run out of src descriptors; faster parts (7811) 55 * src+cmd/result descriptors. It's not clear that increasing the size 56 * of the descriptor rings helps performance significantly as other 57 * factors tend to come into play (e.g. copying misaligned packets). 58 */ 59 #define HIFN_D_CMD_RSIZE 24 /* command descriptors */ 60 #define HIFN_D_SRC_RSIZE ((HIFN_D_CMD_RSIZE * 7) / 2) /* source descriptors */ 61 #define HIFN_D_RES_RSIZE HIFN_D_CMD_RSIZE /* result descriptors */ 62 #define HIFN_D_DST_RSIZE HIFN_D_SRC_RSIZE /* destination descriptors */ 63 64 /* 65 * Length values for cryptography 66 */ 67 #define HIFN_DES_KEY_LENGTH 8 68 #define HIFN_3DES_KEY_LENGTH 24 69 #define HIFN_MAX_CRYPT_KEY_LENGTH HIFN_3DES_KEY_LENGTH 70 #define HIFN_IV_LENGTH 8 71 #define HIFN_AES_IV_LENGTH 16 72 #define HIFN_MAX_IV_LENGTH HIFN_AES_IV_LENGTH 73 74 /* 75 * Length values for authentication 76 */ 77 #define HIFN_MAC_KEY_LENGTH 64 78 #define HIFN_MD5_LENGTH 16 79 #define HIFN_SHA1_LENGTH 20 80 #define HIFN_MAC_TRUNC_LENGTH 12 81 82 #define MAX_SCATTER 64 83 84 /* 85 * Data structure to hold all 4 rings and any other ring related data. 86 */ 87 struct hifn_dma { 88 /* 89 * Descriptor rings. We add +1 to the size to accomidate the 90 * jump descriptor. 91 */ 92 struct hifn_desc cmdr[HIFN_D_CMD_RSIZE+1]; 93 struct hifn_desc srcr[HIFN_D_SRC_RSIZE+1]; 94 struct hifn_desc dstr[HIFN_D_DST_RSIZE+1]; 95 struct hifn_desc resr[HIFN_D_RES_RSIZE+1]; 96 97 struct hifn_command *hifn_commands[HIFN_D_RES_RSIZE]; 98 99 u_char command_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_COMMAND]; 100 u_char result_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_RESULT]; 101 u_int32_t slop[HIFN_D_CMD_RSIZE]; 102 103 u_int64_t test_src, test_dst; 104 105 /* 106 * Our current positions for insertion and removal from the desriptor 107 * rings. 108 */ 109 int cmdi, srci, dsti, resi; 110 volatile int cmdu, srcu, dstu, resu; 111 int cmdk, srck, dstk, resk; 112 }; 113 114 struct hifn_session { 115 int hs_used; 116 int hs_mlen; 117 u_int8_t hs_iv[HIFN_MAX_IV_LENGTH]; 118 }; 119 120 #define HIFN_RING_SYNC(sc, r, i, f) \ 121 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f)) 122 123 #define HIFN_CMDR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), cmdr, (i), (f)) 124 #define HIFN_RESR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), resr, (i), (f)) 125 #define HIFN_SRCR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), srcr, (i), (f)) 126 #define HIFN_DSTR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), dstr, (i), (f)) 127 128 #define HIFN_CMD_SYNC(sc, i, f) \ 129 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f)) 130 131 #define HIFN_RES_SYNC(sc, i, f) \ 132 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f)) 133 134 /* We use a state machine to on sessions */ 135 #define HS_STATE_FREE 0 /* unused session entry */ 136 #define HS_STATE_USED 1 /* allocated, but key not on card */ 137 #define HS_STATE_KEY 2 /* allocated and key is on card */ 138 139 /* 140 * Holds data specific to a single HIFN board. 141 */ 142 struct hifn_softc { 143 device_t sc_dev; /* device backpointer */ 144 bus_dma_tag_t sc_dmat; /* parent DMA tag decriptor */ 145 struct resource *sc_bar0res; 146 bus_space_handle_t sc_sh0; /* bar0 bus space handle */ 147 bus_space_tag_t sc_st0; /* bar0 bus space tag */ 148 bus_size_t sc_bar0_lastreg;/* bar0 last reg written */ 149 struct resource *sc_bar1res; 150 bus_space_handle_t sc_sh1; /* bar1 bus space handle */ 151 bus_space_tag_t sc_st1; /* bar1 bus space tag */ 152 bus_size_t sc_bar1_lastreg;/* bar1 last reg written */ 153 struct resource *sc_irq; 154 void *sc_intrhand; /* interrupt handle */ 155 156 u_int32_t sc_dmaier; 157 u_int32_t sc_drammodel; /* 1=dram, 0=sram */ 158 u_int32_t sc_pllconfig; /* 7954/7955/7956 PLL config */ 159 160 struct hifn_dma *sc_dma; 161 bus_dmamap_t sc_dmamap; 162 bus_dma_segment_t sc_dmasegs[1]; 163 bus_addr_t sc_dma_physaddr;/* physical address of sc_dma */ 164 int sc_dmansegs; 165 int32_t sc_cid; 166 int sc_maxses; 167 int sc_nsessions; 168 struct hifn_session *sc_sessions; 169 int sc_ramsize; 170 int sc_flags; 171 #define HIFN_HAS_RNG 0x1 /* includes random number generator */ 172 #define HIFN_HAS_PUBLIC 0x2 /* includes public key support */ 173 #define HIFN_HAS_AES 0x4 /* includes AES support */ 174 #define HIFN_IS_7811 0x8 /* Hifn 7811 part */ 175 #define HIFN_IS_7956 0x10 /* Hifn 7956/7955 don't have SDRAM */ 176 struct callout sc_rngto; /* for polling RNG */ 177 struct callout sc_tickto; /* for managing DMA */ 178 int sc_rngfirst; 179 int sc_rnghz; /* RNG polling frequency */ 180 struct rndtest_state *sc_rndtest; /* RNG test state */ 181 void (*sc_harvest)(struct rndtest_state *, 182 void *, u_int); 183 int sc_c_busy; /* command ring busy */ 184 int sc_s_busy; /* source data ring busy */ 185 int sc_d_busy; /* destination data ring busy */ 186 int sc_r_busy; /* result ring busy */ 187 int sc_active; /* for initial countdown */ 188 int sc_needwakeup; /* ops q'd wating on resources */ 189 int sc_curbatch; /* # ops submitted w/o int */ 190 int sc_suspended; 191 }; 192 193 /* 194 * hifn_command_t 195 * 196 * This is the control structure used to pass commands to hifn_encrypt(). 197 * 198 * flags 199 * ----- 200 * Flags is the bitwise "or" values for command configuration. A single 201 * encrypt direction needs to be set: 202 * 203 * HIFN_ENCODE or HIFN_DECODE 204 * 205 * To use cryptography, a single crypto algorithm must be included: 206 * 207 * HIFN_CRYPT_3DES or HIFN_CRYPT_DES 208 * 209 * To use authentication is used, a single MAC algorithm must be included: 210 * 211 * HIFN_MAC_MD5 or HIFN_MAC_SHA1 212 * 213 * By default MD5 uses a 16 byte hash and SHA-1 uses a 20 byte hash. 214 * If the value below is set, hash values are truncated or assumed 215 * truncated to 12 bytes: 216 * 217 * HIFN_MAC_TRUNC 218 * 219 * Keys for encryption and authentication can be sent as part of a command, 220 * or the last key value used with a particular session can be retrieved 221 * and used again if either of these flags are not specified. 222 * 223 * HIFN_CRYPT_NEW_KEY, HIFN_MAC_NEW_KEY 224 * 225 * session_num 226 * ----------- 227 * A number between 0 and 2048 (for DRAM models) or a number between 228 * 0 and 768 (for SRAM models). Those who don't want to use session 229 * numbers should leave value at zero and send a new crypt key and/or 230 * new MAC key on every command. If you use session numbers and 231 * don't send a key with a command, the last key sent for that same 232 * session number will be used. 233 * 234 * Warning: Using session numbers and multiboard at the same time 235 * is currently broken. 236 * 237 * mbuf 238 * ---- 239 * Either fill in the mbuf pointer and npa=0 or 240 * fill packp[] and packl[] and set npa to > 0 241 * 242 * mac_header_skip 243 * --------------- 244 * The number of bytes of the source_buf that are skipped over before 245 * authentication begins. This must be a number between 0 and 2^16-1 246 * and can be used by IPsec implementers to skip over IP headers. 247 * *** Value ignored if authentication not used *** 248 * 249 * crypt_header_skip 250 * ----------------- 251 * The number of bytes of the source_buf that are skipped over before 252 * the cryptographic operation begins. This must be a number between 0 253 * and 2^16-1. For IPsec, this number will always be 8 bytes larger 254 * than the auth_header_skip (to skip over the ESP header). 255 * *** Value ignored if cryptography not used *** 256 * 257 */ 258 struct hifn_operand { 259 union { 260 struct mbuf *m; 261 struct uio *io; 262 } u; 263 bus_dmamap_t map; 264 bus_size_t mapsize; 265 int nsegs; 266 bus_dma_segment_t segs[MAX_SCATTER]; 267 }; 268 struct hifn_command { 269 u_int16_t session_num; 270 u_int16_t base_masks, cry_masks, mac_masks; 271 u_int8_t iv[HIFN_MAX_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH]; 272 int cklen; 273 int sloplen, slopidx; 274 275 struct hifn_operand src; 276 struct hifn_operand dst; 277 278 struct hifn_softc *softc; 279 struct cryptop *crp; 280 struct cryptodesc *enccrd, *maccrd; 281 }; 282 283 #define src_m src.u.m 284 #define src_io src.u.io 285 #define src_map src.map 286 #define src_mapsize src.mapsize 287 #define src_segs src.segs 288 #define src_nsegs src.nsegs 289 290 #define dst_m dst.u.m 291 #define dst_io dst.u.io 292 #define dst_map dst.map 293 #define dst_mapsize dst.mapsize 294 #define dst_segs dst.segs 295 #define dst_nsegs dst.nsegs 296 297 /* 298 * Return values for hifn_crypto() 299 */ 300 #define HIFN_CRYPTO_SUCCESS 0 301 #define HIFN_CRYPTO_BAD_INPUT (-1) 302 #define HIFN_CRYPTO_RINGS_FULL (-2) 303 304 /************************************************************************** 305 * 306 * Function: hifn_crypto 307 * 308 * Purpose: Called by external drivers to begin an encryption on the 309 * HIFN board. 310 * 311 * Blocking/Non-blocking Issues 312 * ============================ 313 * The driver cannot block in hifn_crypto (no calls to tsleep) currently. 314 * hifn_crypto() returns HIFN_CRYPTO_RINGS_FULL if there is not enough 315 * room in any of the rings for the request to proceed. 316 * 317 * Return Values 318 * ============= 319 * 0 for success, negative values on error 320 * 321 * Defines for negative error codes are: 322 * 323 * HIFN_CRYPTO_BAD_INPUT : The passed in command had invalid settings. 324 * HIFN_CRYPTO_RINGS_FULL : All DMA rings were full and non-blocking 325 * behaviour was requested. 326 * 327 *************************************************************************/ 328 329 /* 330 * Convert back and forth from 'sid' to 'card' and 'session' 331 */ 332 #define HIFN_CARD(sid) (((sid) & 0xf0000000) >> 28) 333 #define HIFN_SESSION(sid) ((sid) & 0x000007ff) 334 #define HIFN_SID(crd,ses) (((crd) << 28) | ((ses) & 0x7ff)) 335 336 #endif /* _KERNEL */ 337 338 struct hifn_stats { 339 u_int64_t hst_ibytes; 340 u_int64_t hst_obytes; 341 u_int32_t hst_ipackets; 342 u_int32_t hst_opackets; 343 u_int32_t hst_invalid; 344 u_int32_t hst_nomem; /* malloc or one of hst_nomem_* */ 345 u_int32_t hst_abort; 346 u_int32_t hst_noirq; /* IRQ for no reason */ 347 u_int32_t hst_totbatch; /* ops submitted w/o interrupt */ 348 u_int32_t hst_maxbatch; /* max ops submitted together */ 349 u_int32_t hst_unaligned; /* unaligned src caused copy */ 350 /* 351 * The following divides hst_nomem into more specific buckets. 352 */ 353 u_int32_t hst_nomem_map; /* bus_dmamap_create failed */ 354 u_int32_t hst_nomem_load; /* bus_dmamap_load_* failed */ 355 u_int32_t hst_nomem_mbuf; /* MGET* failed */ 356 u_int32_t hst_nomem_mcl; /* MCLGET* failed */ 357 u_int32_t hst_nomem_cr; /* out of command/result descriptor */ 358 u_int32_t hst_nomem_sd; /* out of src/dst descriptors */ 359 }; 360 361 #endif /* __HIFN7751VAR_H__ */ 362