xref: /dragonfly/sys/dev/crypto/hifn/hifn7751var.h (revision 1975d09e) 
1 /* $FreeBSD: src/sys/dev/hifn/hifn7751var.h,v 1.1.2.2 2003/06/04 17:56:59 sam Exp $ */
2 /* $DragonFly: src/sys/dev/crypto/hifn/hifn7751var.h,v 1.3 2007/12/04 09:11:12 hasso Exp $ */
3 /* $OpenBSD: hifn7751var.h,v 1.42 2002/04/08 17:49:42 jason Exp $ */
4 
5 /*-
6  * Invertex AEON / Hifn 7751 driver
7  * Copyright (c) 1999 Invertex Inc. All rights reserved.
8  * Copyright (c) 1999 Theo de Raadt
9  * Copyright (c) 2000-2001 Network Security Technologies, Inc.
10  *			http://www.netsec.net
11  *
12  * Please send any comments, feedback, bug-fixes, or feature requests to
13  * software@invertex.com.
14  *
15  * Redistribution and use in source and binary forms, with or without
16  * modification, are permitted provided that the following conditions
17  * are met:
18  *
19  * 1. Redistributions of source code must retain the above copyright
20  *    notice, this list of conditions and the following disclaimer.
21  * 2. Redistributions in binary form must reproduce the above copyright
22  *    notice, this list of conditions and the following disclaimer in the
23  *    documentation and/or other materials provided with the distribution.
24  * 3. The name of the author may not be used to endorse or promote products
25  *    derived from this software without specific prior written permission.
26  *
27  *
28  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
29  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
30  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
31  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
32  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
33  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
34  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
35  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
36  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
37  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38  *
39  * Effort sponsored in part by the Defense Advanced Research Projects
40  * Agency (DARPA) and Air Force Research Laboratory, Air Force
41  * Materiel Command, USAF, under agreement number F30602-01-2-0537.
42  *
43  */
44 
45 #ifndef __HIFN7751VAR_H__
46 #define __HIFN7751VAR_H__
47 
48 #ifdef _KERNEL
49 
50 /*
51  * Some configurable values for the driver.  By default command+result
52  * descriptor rings are the same size.  The src+dst descriptor rings
53  * are sized at 3.5x the number of potential commands.  Slower parts
54  * (e.g. 7951) tend to run out of src descriptors; faster parts (7811)
55  * src+cmd/result descriptors.  It's not clear that increasing the size
56  * of the descriptor rings helps performance significantly as other
57  * factors tend to come into play (e.g. copying misaligned packets).
58  */
59 #define	HIFN_D_CMD_RSIZE	24	/* command descriptors */
60 #define	HIFN_D_SRC_RSIZE	((HIFN_D_CMD_RSIZE * 7) / 2)	/* source descriptors */
61 #define	HIFN_D_RES_RSIZE	HIFN_D_CMD_RSIZE	/* result descriptors */
62 #define	HIFN_D_DST_RSIZE	HIFN_D_SRC_RSIZE	/* destination descriptors */
63 
64 /*
65  *  Length values for cryptography
66  */
67 #define HIFN_DES_KEY_LENGTH		8
68 #define HIFN_3DES_KEY_LENGTH		24
69 #define HIFN_MAX_CRYPT_KEY_LENGTH	HIFN_3DES_KEY_LENGTH
70 #define HIFN_IV_LENGTH			8
71 #define HIFN_AES_IV_LENGTH		16
72 #define HIFN_MAX_IV_LENGTH		HIFN_AES_IV_LENGTH
73 
74 /*
75  *  Length values for authentication
76  */
77 #define HIFN_MAC_KEY_LENGTH		64
78 #define HIFN_MD5_LENGTH			16
79 #define HIFN_SHA1_LENGTH		20
80 #define HIFN_MAC_TRUNC_LENGTH		12
81 
82 #define MAX_SCATTER 64
83 
84 /*
85  * Data structure to hold all 4 rings and any other ring related data.
86  */
87 struct hifn_dma {
88 	/*
89 	 *  Descriptor rings.  We add +1 to the size to accomidate the
90 	 *  jump descriptor.
91 	 */
92 	struct hifn_desc	cmdr[HIFN_D_CMD_RSIZE+1];
93 	struct hifn_desc	srcr[HIFN_D_SRC_RSIZE+1];
94 	struct hifn_desc	dstr[HIFN_D_DST_RSIZE+1];
95 	struct hifn_desc	resr[HIFN_D_RES_RSIZE+1];
96 
97 	struct hifn_command	*hifn_commands[HIFN_D_RES_RSIZE];
98 
99 	u_char			command_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_COMMAND];
100 	u_char			result_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_RESULT];
101 	u_int32_t		slop[HIFN_D_CMD_RSIZE];
102 
103 	u_int64_t		test_src, test_dst;
104 
105 	/*
106 	 *  Our current positions for insertion and removal from the desriptor
107 	 *  rings.
108 	 */
109 	int			cmdi, srci, dsti, resi;
110 	volatile int		cmdu, srcu, dstu, resu;
111 	int			cmdk, srck, dstk, resk;
112 };
113 
114 struct hifn_session {
115 	int hs_used;
116 	int hs_mlen;
117 	u_int8_t hs_iv[HIFN_MAX_IV_LENGTH];
118 };
119 
120 #define	HIFN_RING_SYNC(sc, r, i, f)					\
121 	bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f))
122 
123 #define	HIFN_CMDR_SYNC(sc, i, f)	HIFN_RING_SYNC((sc), cmdr, (i), (f))
124 #define	HIFN_RESR_SYNC(sc, i, f)	HIFN_RING_SYNC((sc), resr, (i), (f))
125 #define	HIFN_SRCR_SYNC(sc, i, f)	HIFN_RING_SYNC((sc), srcr, (i), (f))
126 #define	HIFN_DSTR_SYNC(sc, i, f)	HIFN_RING_SYNC((sc), dstr, (i), (f))
127 
128 #define	HIFN_CMD_SYNC(sc, i, f)						\
129 	bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f))
130 
131 #define	HIFN_RES_SYNC(sc, i, f)						\
132 	bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f))
133 
134 /* We use a state machine to on sessions */
135 #define	HS_STATE_FREE	0		/* unused session entry */
136 #define	HS_STATE_USED	1		/* allocated, but key not on card */
137 #define	HS_STATE_KEY	2		/* allocated and key is on card */
138 
139 /*
140  * Holds data specific to a single HIFN board.
141  */
142 struct hifn_softc {
143 	device_t		sc_dev;		/* device backpointer */
144 	struct lock		sc_lock;	/* per-instance lock */
145 	bus_dma_tag_t		sc_dmat;	/* parent DMA tag decriptor */
146 	struct resource		*sc_bar0res;
147 	bus_space_handle_t	sc_sh0;		/* bar0 bus space handle */
148 	bus_space_tag_t		sc_st0;		/* bar0 bus space tag */
149 	bus_size_t		sc_bar0_lastreg;/* bar0 last reg written */
150 	struct resource		*sc_bar1res;
151 	bus_space_handle_t	sc_sh1;		/* bar1 bus space handle */
152 	bus_space_tag_t		sc_st1;		/* bar1 bus space tag */
153 	bus_size_t		sc_bar1_lastreg;/* bar1 last reg written */
154 	struct resource		*sc_irq;
155 	void			*sc_intrhand;	/* interrupt handle */
156 
157 	u_int32_t		sc_dmaier;
158 	u_int32_t		sc_drammodel;	/* 1=dram, 0=sram */
159 	u_int32_t		sc_pllconfig;	/* 7954/7955/7956 PLL config */
160 
161 	struct hifn_dma		*sc_dma;
162 	bus_dmamap_t		sc_dmamap;
163 	bus_dma_segment_t 	sc_dmasegs[1];
164 	bus_addr_t		sc_dma_physaddr;/* physical address of sc_dma */
165 	int			sc_dmansegs;
166 	int32_t			sc_cid;
167 	int			sc_maxses;
168 	int			sc_nsessions;
169 	struct hifn_session	*sc_sessions;
170 	int			sc_ramsize;
171 	int			sc_flags;
172 #define	HIFN_HAS_RNG		0x1	/* includes random number generator */
173 #define	HIFN_HAS_PUBLIC		0x2	/* includes public key support */
174 #define	HIFN_HAS_AES		0x4	/* includes AES support */
175 #define	HIFN_IS_7811		0x8	/* Hifn 7811 part */
176 #define	HIFN_IS_7956		0x10	/* Hifn 7956/7955 don't have SDRAM */
177 	struct callout		sc_rngto;	/* for polling RNG */
178 	struct callout		sc_tickto;	/* for managing DMA */
179 	int			sc_rngfirst;
180 	int			sc_rnghz;	/* RNG polling frequency */
181 	struct rndtest_state	*sc_rndtest;	/* RNG test state */
182 	void			(*sc_harvest)(struct rndtest_state *,
183 					void *, u_int);
184 	int			sc_c_busy;	/* command ring busy */
185 	int			sc_s_busy;	/* source data ring busy */
186 	int			sc_d_busy;	/* destination data ring busy */
187 	int			sc_r_busy;	/* result ring busy */
188 	int			sc_active;	/* for initial countdown */
189 	int			sc_needwakeup;	/* ops q'd wating on resources */
190 	int			sc_curbatch;	/* # ops submitted w/o int */
191 	int			sc_suspended;
192 };
193 
194 #define	HIFN_LOCK(_sc)		lockmgr(&(_sc)->sc_lock, LK_EXCLUSIVE)
195 #define	HIFN_UNLOCK(_sc)	lockmgr(&(_sc)->sc_lock, LK_RELEASE)
196 
197 /*
198  *  hifn_command_t
199  *
200  *  This is the control structure used to pass commands to hifn_encrypt().
201  *
202  *  flags
203  *  -----
204  *  Flags is the bitwise "or" values for command configuration.  A single
205  *  encrypt direction needs to be set:
206  *
207  *	HIFN_ENCODE or HIFN_DECODE
208  *
209  *  To use cryptography, a single crypto algorithm must be included:
210  *
211  *	HIFN_CRYPT_3DES or HIFN_CRYPT_DES
212  *
213  *  To use authentication is used, a single MAC algorithm must be included:
214  *
215  *	HIFN_MAC_MD5 or HIFN_MAC_SHA1
216  *
217  *  By default MD5 uses a 16 byte hash and SHA-1 uses a 20 byte hash.
218  *  If the value below is set, hash values are truncated or assumed
219  *  truncated to 12 bytes:
220  *
221  *	HIFN_MAC_TRUNC
222  *
223  *  Keys for encryption and authentication can be sent as part of a command,
224  *  or the last key value used with a particular session can be retrieved
225  *  and used again if either of these flags are not specified.
226  *
227  *	HIFN_CRYPT_NEW_KEY, HIFN_MAC_NEW_KEY
228  *
229  *  session_num
230  *  -----------
231  *  A number between 0 and 2048 (for DRAM models) or a number between
232  *  0 and 768 (for SRAM models).  Those who don't want to use session
233  *  numbers should leave value at zero and send a new crypt key and/or
234  *  new MAC key on every command.  If you use session numbers and
235  *  don't send a key with a command, the last key sent for that same
236  *  session number will be used.
237  *
238  *  Warning:  Using session numbers and multiboard at the same time
239  *            is currently broken.
240  *
241  *  mbuf
242  *  ----
243  *  Either fill in the mbuf pointer and npa=0 or
244  *	 fill packp[] and packl[] and set npa to > 0
245  *
246  *  mac_header_skip
247  *  ---------------
248  *  The number of bytes of the source_buf that are skipped over before
249  *  authentication begins.  This must be a number between 0 and 2^16-1
250  *  and can be used by IPsec implementers to skip over IP headers.
251  *  *** Value ignored if authentication not used ***
252  *
253  *  crypt_header_skip
254  *  -----------------
255  *  The number of bytes of the source_buf that are skipped over before
256  *  the cryptographic operation begins.  This must be a number between 0
257  *  and 2^16-1.  For IPsec, this number will always be 8 bytes larger
258  *  than the auth_header_skip (to skip over the ESP header).
259  *  *** Value ignored if cryptography not used ***
260  *
261  */
262 struct hifn_operand {
263 	union {
264 		struct mbuf *m;
265 		struct uio *io;
266 	} u;
267 	bus_dmamap_t	map;
268 	bus_size_t	mapsize;
269 	int		nsegs;
270 	bus_dma_segment_t segs[MAX_SCATTER];
271 };
272 struct hifn_command {
273 	u_int16_t session_num;
274 	u_int16_t base_masks, cry_masks, mac_masks;
275 	u_int8_t iv[HIFN_MAX_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH];
276 	int cklen;
277 	int sloplen, slopidx;
278 
279 	struct hifn_operand src;
280 	struct hifn_operand dst;
281 
282 	struct hifn_softc *softc;
283 	struct cryptop *crp;
284 	struct cryptodesc *enccrd, *maccrd;
285 };
286 
287 #define	src_m		src.u.m
288 #define	src_io		src.u.io
289 #define	src_map		src.map
290 #define	src_mapsize	src.mapsize
291 #define	src_segs	src.segs
292 #define	src_nsegs	src.nsegs
293 
294 #define	dst_m		dst.u.m
295 #define	dst_io		dst.u.io
296 #define	dst_map		dst.map
297 #define	dst_mapsize	dst.mapsize
298 #define	dst_segs	dst.segs
299 #define	dst_nsegs	dst.nsegs
300 
301 /*
302  *  Return values for hifn_crypto()
303  */
304 #define HIFN_CRYPTO_SUCCESS	0
305 #define HIFN_CRYPTO_BAD_INPUT	(-1)
306 #define HIFN_CRYPTO_RINGS_FULL	(-2)
307 
308 /**************************************************************************
309  *
310  *  Function:  hifn_crypto
311  *
312  *  Purpose:   Called by external drivers to begin an encryption on the
313  *             HIFN board.
314  *
315  *  Blocking/Non-blocking Issues
316  *  ============================
317  *  The driver cannot block in hifn_crypto (no calls to tsleep) currently.
318  *  hifn_crypto() returns HIFN_CRYPTO_RINGS_FULL if there is not enough
319  *  room in any of the rings for the request to proceed.
320  *
321  *  Return Values
322  *  =============
323  *  0 for success, negative values on error
324  *
325  *  Defines for negative error codes are:
326  *
327  *    HIFN_CRYPTO_BAD_INPUT  :  The passed in command had invalid settings.
328  *    HIFN_CRYPTO_RINGS_FULL :  All DMA rings were full and non-blocking
329  *                              behaviour was requested.
330  *
331  *************************************************************************/
332 
333 /*
334  * Convert back and forth from 'sid' to 'card' and 'session'
335  */
336 #define HIFN_CARD(sid)		(((sid) & 0xf0000000) >> 28)
337 #define HIFN_SESSION(sid)	((sid) & 0x000007ff)
338 #define HIFN_SID(crd,ses)	(((crd) << 28) | ((ses) & 0x7ff))
339 
340 #endif /* _KERNEL */
341 
342 struct hifn_stats {
343 	u_int64_t hst_ibytes;
344 	u_int64_t hst_obytes;
345 	u_int32_t hst_ipackets;
346 	u_int32_t hst_opackets;
347 	u_int32_t hst_invalid;
348 	u_int32_t hst_nomem;		/* malloc or one of hst_nomem_* */
349 	u_int32_t hst_abort;
350 	u_int32_t hst_noirq;		/* IRQ for no reason */
351 	u_int32_t hst_totbatch;		/* ops submitted w/o interrupt */
352 	u_int32_t hst_maxbatch;		/* max ops submitted together */
353 	u_int32_t hst_unaligned;	/* unaligned src caused copy */
354 	/*
355 	 * The following divides hst_nomem into more specific buckets.
356 	 */
357 	u_int32_t hst_nomem_map;	/* bus_dmamap_create failed */
358 	u_int32_t hst_nomem_load;	/* bus_dmamap_load_* failed */
359 	u_int32_t hst_nomem_mbuf;	/* MGET* failed */
360 	u_int32_t hst_nomem_mcl;	/* MCLGET* failed */
361 	u_int32_t hst_nomem_cr;		/* out of command/result descriptor */
362 	u_int32_t hst_nomem_sd;		/* out of src/dst descriptors */
363 };
364 
365 #endif /* __HIFN7751VAR_H__ */
366