1/*-
2 * Copyright (c) 2003 Sam Leffler, Errno Consulting
3 * Copyright (c) 2003 Global Technology Associates, Inc.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28#include <sys/cdefs.h>
29__FBSDID("$FreeBSD: head/sys/dev/safe/safe.c 227309 2011-11-07 15:43:11Z ed $");
30
31/*
32 * SafeNet SafeXcel-1141 hardware crypto accelerator
33 */
34#include "opt_safe.h"
35
36#include <sys/param.h>
37#include <sys/systm.h>
38#include <sys/proc.h>
39#include <sys/errno.h>
40#include <sys/malloc.h>
41#include <sys/kernel.h>
42#include <sys/mbuf.h>
43#include <sys/module.h>
44#include <sys/lock.h>
45#include <sys/mutex.h>
46#include <sys/sysctl.h>
47#include <sys/endian.h>
48
49#include <vm/vm.h>
50#include <vm/pmap.h>
51
52#include <machine/bus.h>
53#include <machine/resource.h>
54#include <sys/bus.h>
55#include <sys/rman.h>
56
57#include <crypto/sha1.h>
58#include <opencrypto/cryptodev.h>
59#include <opencrypto/cryptosoft.h>
60#include <sys/md5.h>
61#include <sys/random.h>
62#include <sys/kobj.h>
63
64#include "cryptodev_if.h"
65
66#include <dev/pci/pcivar.h>
67#include <dev/pci/pcireg.h>
68
69#ifdef SAFE_RNDTEST
70#include <dev/rndtest/rndtest.h>
71#endif
72#include <dev/safe/safereg.h>
73#include <dev/safe/safevar.h>
74
75#ifndef bswap32
76#define bswap32 NTOHL
77#endif
78
79/*
80 * Prototypes and count for the pci_device structure
81 */
82static int safe_probe(device_t);
83static int safe_attach(device_t);
84static int safe_detach(device_t);
85static int safe_suspend(device_t);
86static int safe_resume(device_t);
87static int safe_shutdown(device_t);
88
89static int safe_newsession(device_t, u_int32_t *, struct cryptoini *);
90static int safe_freesession(device_t, u_int64_t);
91static int safe_process(device_t, struct cryptop *, int);
92
93static device_method_t safe_methods[] = {
94 /* Device interface */
95 DEVMETHOD(device_probe, safe_probe),
96 DEVMETHOD(device_attach, safe_attach),
97 DEVMETHOD(device_detach, safe_detach),
98 DEVMETHOD(device_suspend, safe_suspend),
99 DEVMETHOD(device_resume, safe_resume),
100 DEVMETHOD(device_shutdown, safe_shutdown),
101
102 /* bus interface */
103 DEVMETHOD(bus_print_child, bus_generic_print_child),
104 DEVMETHOD(bus_driver_added, bus_generic_driver_added),
105
106 /* crypto device methods */
107 DEVMETHOD(cryptodev_newsession, safe_newsession),
108 DEVMETHOD(cryptodev_freesession,safe_freesession),
109 DEVMETHOD(cryptodev_process, safe_process),
110
111 { 0, 0 }
112};
113static driver_t safe_driver = {
114 "safe",
115 safe_methods,
116 sizeof (struct safe_softc)
117};
118static devclass_t safe_devclass;
119
120DRIVER_MODULE(safe, pci, safe_driver, safe_devclass, 0, 0);
121MODULE_DEPEND(safe, crypto, 1, 1, 1);
122#ifdef SAFE_RNDTEST
123MODULE_DEPEND(safe, rndtest, 1, 1, 1);
124#endif
125
126static void safe_intr(void *);
127static void safe_callback(struct safe_softc *, struct safe_ringentry *);
128static void safe_feed(struct safe_softc *, struct safe_ringentry *);
129static void safe_mcopy(struct mbuf *, struct mbuf *, u_int);
130#ifndef SAFE_NO_RNG
131static void safe_rng_init(struct safe_softc *);
132static void safe_rng(void *);
133#endif /* SAFE_NO_RNG */
134static int safe_dma_malloc(struct safe_softc *, bus_size_t,
135 struct safe_dma_alloc *, int);
136#define safe_dma_sync(_dma, _flags) \
137 bus_dmamap_sync((_dma)->dma_tag, (_dma)->dma_map, (_flags))
138static void safe_dma_free(struct safe_softc *, struct safe_dma_alloc *);
139static int safe_dmamap_aligned(const struct safe_operand *);
140static int safe_dmamap_uniform(const struct safe_operand *);
141
142static void safe_reset_board(struct safe_softc *);
143static void safe_init_board(struct safe_softc *);
144static void safe_init_pciregs(device_t dev);
145static void safe_cleanchip(struct safe_softc *);
146static void safe_totalreset(struct safe_softc *);
147
148static int safe_free_entry(struct safe_softc *, struct safe_ringentry *);
149
150static SYSCTL_NODE(_hw, OID_AUTO, safe, CTLFLAG_RD, 0,
151 "SafeNet driver parameters");
152
153#ifdef SAFE_DEBUG
154static void safe_dump_dmastatus(struct safe_softc *, const char *);
155static void safe_dump_ringstate(struct safe_softc *, const char *);
156static void safe_dump_intrstate(struct safe_softc *, const char *);
157static void safe_dump_request(struct safe_softc *, const char *,
158 struct safe_ringentry *);
159
160static struct safe_softc *safec; /* for use by hw.safe.dump */
161
162static int safe_debug = 0;
163SYSCTL_INT(_hw_safe, OID_AUTO, debug, CTLFLAG_RW, &safe_debug,
164 0, "control debugging msgs");
165#define DPRINTF(_x) if (safe_debug) printf _x
166#else
167#define DPRINTF(_x)
168#endif
169
170#define READ_REG(sc,r) \
171 bus_space_read_4((sc)->sc_st, (sc)->sc_sh, (r))
172
173#define WRITE_REG(sc,reg,val) \
174 bus_space_write_4((sc)->sc_st, (sc)->sc_sh, reg, val)
175
176struct safe_stats safestats;
177SYSCTL_STRUCT(_hw_safe, OID_AUTO, stats, CTLFLAG_RD, &safestats,
178 safe_stats, "driver statistics");
179#ifndef SAFE_NO_RNG
180static int safe_rnginterval = 1; /* poll once a second */
181SYSCTL_INT(_hw_safe, OID_AUTO, rnginterval, CTLFLAG_RW, &safe_rnginterval,
182 0, "RNG polling interval (secs)");
183static int safe_rngbufsize = 16; /* 64 bytes each poll */
184SYSCTL_INT(_hw_safe, OID_AUTO, rngbufsize, CTLFLAG_RW, &safe_rngbufsize,
185 0, "RNG polling buffer size (32-bit words)");
186static int safe_rngmaxalarm = 8; /* max alarms before reset */
187SYSCTL_INT(_hw_safe, OID_AUTO, rngmaxalarm, CTLFLAG_RW, &safe_rngmaxalarm,
188 0, "RNG max alarms before reset");
189#endif /* SAFE_NO_RNG */
190
191static int
192safe_probe(device_t dev)
193{
194 if (pci_get_vendor(dev) == PCI_VENDOR_SAFENET &&
195 pci_get_device(dev) == PCI_PRODUCT_SAFEXCEL)
196 return (BUS_PROBE_DEFAULT);
197 return (ENXIO);
198}
199
200static const char*
201safe_partname(struct safe_softc *sc)
202{
203 /* XXX sprintf numbers when not decoded */
204 switch (pci_get_vendor(sc->sc_dev)) {
205 case PCI_VENDOR_SAFENET:
206 switch (pci_get_device(sc->sc_dev)) {
207 case PCI_PRODUCT_SAFEXCEL: return "SafeNet SafeXcel-1141";
208 }
209 return "SafeNet unknown-part";
210 }
211 return "Unknown-vendor unknown-part";
212}
213
214#ifndef SAFE_NO_RNG
215static void
216default_harvest(struct rndtest_state *rsp, void *buf, u_int count)
217{
218 random_harvest(buf, count, count*NBBY, 0, RANDOM_PURE);
219}
220#endif /* SAFE_NO_RNG */
221
222static int
223safe_attach(device_t dev)
224{
225 struct safe_softc *sc = device_get_softc(dev);
226 u_int32_t raddr;
227 u_int32_t cmd, i, devinfo;
228 int rid;
229
230 bzero(sc, sizeof (*sc));
231 sc->sc_dev = dev;
232
233 /* XXX handle power management */
234
235 cmd = pci_read_config(dev, PCIR_COMMAND, 4);
236 cmd |= PCIM_CMD_MEMEN | PCIM_CMD_BUSMASTEREN;
237 pci_write_config(dev, PCIR_COMMAND, cmd, 4);
238 cmd = pci_read_config(dev, PCIR_COMMAND, 4);
239
240 if (!(cmd & PCIM_CMD_MEMEN)) {
241 device_printf(dev, "failed to enable memory mapping\n");
242 goto bad;
243 }
244
245 if (!(cmd & PCIM_CMD_BUSMASTEREN)) {
246 device_printf(dev, "failed to enable bus mastering\n");
247 goto bad;
248 }
249
250 /*
251 * Setup memory-mapping of PCI registers.
252 */
253 rid = BS_BAR;
254 sc->sc_sr = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid,
255 RF_ACTIVE);
256 if (sc->sc_sr == NULL) {
257 device_printf(dev, "cannot map register space\n");
258 goto bad;
259 }
260 sc->sc_st = rman_get_bustag(sc->sc_sr);
261 sc->sc_sh = rman_get_bushandle(sc->sc_sr);
262
263 /*
264 * Arrange interrupt line.
265 */
266 rid = 0;
267 sc->sc_irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid,
268 RF_SHAREABLE|RF_ACTIVE);
269 if (sc->sc_irq == NULL) {
270 device_printf(dev, "could not map interrupt\n");
271 goto bad1;
272 }
273 /*
274 * NB: Network code assumes we are blocked with splimp()
275 * so make sure the IRQ is mapped appropriately.
276 */
277 if (bus_setup_intr(dev, sc->sc_irq, INTR_TYPE_NET | INTR_MPSAFE,
278 NULL, safe_intr, sc, &sc->sc_ih)) {
279 device_printf(dev, "could not establish interrupt\n");
280 goto bad2;
281 }
282
283 sc->sc_cid = crypto_get_driverid(dev, CRYPTOCAP_F_HARDWARE);
284 if (sc->sc_cid < 0) {
285 device_printf(dev, "could not get crypto driver id\n");
286 goto bad3;
287 }
288
289 sc->sc_chiprev = READ_REG(sc, SAFE_DEVINFO) &
290 (SAFE_DEVINFO_REV_MAJ | SAFE_DEVINFO_REV_MIN);
291
292 /*
293 * Setup DMA descriptor area.
294 */
295 if (bus_dma_tag_create(NULL, /* parent */
296 1, /* alignment */
297 SAFE_DMA_BOUNDARY, /* boundary */
298 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */
299 BUS_SPACE_MAXADDR, /* highaddr */
300 NULL, NULL, /* filter, filterarg */
301 SAFE_MAX_DMA, /* maxsize */
302 SAFE_MAX_PART, /* nsegments */
303 SAFE_MAX_SSIZE, /* maxsegsize */
304 BUS_DMA_ALLOCNOW, /* flags */
305 NULL, NULL, /* locking */
306 &sc->sc_srcdmat)) {
307 device_printf(dev, "cannot allocate DMA tag\n");
308 goto bad4;
309 }
310 if (bus_dma_tag_create(NULL, /* parent */
311 1, /* alignment */
312 SAFE_MAX_DSIZE, /* boundary */
313 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */
314 BUS_SPACE_MAXADDR, /* highaddr */
315 NULL, NULL, /* filter, filterarg */
316 SAFE_MAX_DMA, /* maxsize */
317 SAFE_MAX_PART, /* nsegments */
318 SAFE_MAX_DSIZE, /* maxsegsize */
319 BUS_DMA_ALLOCNOW, /* flags */
320 NULL, NULL, /* locking */
321 &sc->sc_dstdmat)) {
322 device_printf(dev, "cannot allocate DMA tag\n");
323 goto bad4;
324 }
325
326 /*
327 * Allocate packet engine descriptors.
328 */
329 if (safe_dma_malloc(sc,
330 SAFE_MAX_NQUEUE * sizeof (struct safe_ringentry),
331 &sc->sc_ringalloc, 0)) {
332 device_printf(dev, "cannot allocate PE descriptor ring\n");
333 bus_dma_tag_destroy(sc->sc_srcdmat);
334 goto bad4;
335 }
336 /*
337 * Hookup the static portion of all our data structures.
338 */
339 sc->sc_ring = (struct safe_ringentry *) sc->sc_ringalloc.dma_vaddr;
340 sc->sc_ringtop = sc->sc_ring + SAFE_MAX_NQUEUE;
341 sc->sc_front = sc->sc_ring;
342 sc->sc_back = sc->sc_ring;
343 raddr = sc->sc_ringalloc.dma_paddr;
344 bzero(sc->sc_ring, SAFE_MAX_NQUEUE * sizeof(struct safe_ringentry));
345 for (i = 0; i < SAFE_MAX_NQUEUE; i++) {
346 struct safe_ringentry *re = &sc->sc_ring[i];
347
348 re->re_desc.d_sa = raddr +
349 offsetof(struct safe_ringentry, re_sa);
350 re->re_sa.sa_staterec = raddr +
351 offsetof(struct safe_ringentry, re_sastate);
352
353 raddr += sizeof (struct safe_ringentry);
354 }
355 mtx_init(&sc->sc_ringmtx, device_get_nameunit(dev),
356 "packet engine ring", MTX_DEF);
357
358 /*
359 * Allocate scatter and gather particle descriptors.
360 */
361 if (safe_dma_malloc(sc, SAFE_TOTAL_SPART * sizeof (struct safe_pdesc),
362 &sc->sc_spalloc, 0)) {
363 device_printf(dev, "cannot allocate source particle "
364 "descriptor ring\n");
365 mtx_destroy(&sc->sc_ringmtx);
366 safe_dma_free(sc, &sc->sc_ringalloc);
367 bus_dma_tag_destroy(sc->sc_srcdmat);
368 goto bad4;
369 }
370 sc->sc_spring = (struct safe_pdesc *) sc->sc_spalloc.dma_vaddr;
371 sc->sc_springtop = sc->sc_spring + SAFE_TOTAL_SPART;
372 sc->sc_spfree = sc->sc_spring;
373 bzero(sc->sc_spring, SAFE_TOTAL_SPART * sizeof(struct safe_pdesc));
374
375 if (safe_dma_malloc(sc, SAFE_TOTAL_DPART * sizeof (struct safe_pdesc),
376 &sc->sc_dpalloc, 0)) {
377 device_printf(dev, "cannot allocate destination particle "
378 "descriptor ring\n");
379 mtx_destroy(&sc->sc_ringmtx);
380 safe_dma_free(sc, &sc->sc_spalloc);
381 safe_dma_free(sc, &sc->sc_ringalloc);
382 bus_dma_tag_destroy(sc->sc_dstdmat);
383 goto bad4;
384 }
385 sc->sc_dpring = (struct safe_pdesc *) sc->sc_dpalloc.dma_vaddr;
386 sc->sc_dpringtop = sc->sc_dpring + SAFE_TOTAL_DPART;
387 sc->sc_dpfree = sc->sc_dpring;
388 bzero(sc->sc_dpring, SAFE_TOTAL_DPART * sizeof(struct safe_pdesc));
389
390 device_printf(sc->sc_dev, "%s", safe_partname(sc));
391
392 devinfo = READ_REG(sc, SAFE_DEVINFO);
393 if (devinfo & SAFE_DEVINFO_RNG) {
394 sc->sc_flags |= SAFE_FLAGS_RNG;
395 printf(" rng");
396 }
397 if (devinfo & SAFE_DEVINFO_PKEY) {
398#if 0
399 printf(" key");
400 sc->sc_flags |= SAFE_FLAGS_KEY;
401 crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0);
402 crypto_kregister(sc->sc_cid, CRK_MOD_EXP_CRT, 0);
403#endif
404 }
405 if (devinfo & SAFE_DEVINFO_DES) {
406 printf(" des/3des");
407 crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0);
408 crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0);
409 }
410 if (devinfo & SAFE_DEVINFO_AES) {
411 printf(" aes");
412 crypto_register(sc->sc_cid, CRYPTO_AES_CBC, 0, 0);
413 }
414 if (devinfo & SAFE_DEVINFO_MD5) {
415 printf(" md5");
416 crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0);
417 }
418 if (devinfo & SAFE_DEVINFO_SHA1) {
419 printf(" sha1");
420 crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0);
421 }
422 printf(" null");
423 crypto_register(sc->sc_cid, CRYPTO_NULL_CBC, 0, 0);
424 crypto_register(sc->sc_cid, CRYPTO_NULL_HMAC, 0, 0);
425 /* XXX other supported algorithms */
426 printf("\n");
427
428 safe_reset_board(sc); /* reset h/w */
429 safe_init_pciregs(dev); /* init pci settings */
430 safe_init_board(sc); /* init h/w */
431
432#ifndef SAFE_NO_RNG
433 if (sc->sc_flags & SAFE_FLAGS_RNG) {
434#ifdef SAFE_RNDTEST
435 sc->sc_rndtest = rndtest_attach(dev);
436 if (sc->sc_rndtest)
437 sc->sc_harvest = rndtest_harvest;
438 else
439 sc->sc_harvest = default_harvest;
440#else
441 sc->sc_harvest = default_harvest;
442#endif
443 safe_rng_init(sc);
444
445 callout_init(&sc->sc_rngto, CALLOUT_MPSAFE);
446 callout_reset(&sc->sc_rngto, hz*safe_rnginterval, safe_rng, sc);
447 }
448#endif /* SAFE_NO_RNG */
449#ifdef SAFE_DEBUG
450 safec = sc; /* for use by hw.safe.dump */
451#endif
452 return (0);
453bad4:
454 crypto_unregister_all(sc->sc_cid);
455bad3:
456 bus_teardown_intr(dev, sc->sc_irq, sc->sc_ih);
457bad2:
458 bus_release_resource(dev, SYS_RES_IRQ, 0, sc->sc_irq);
459bad1:
460 bus_release_resource(dev, SYS_RES_MEMORY, BS_BAR, sc->sc_sr);
461bad:
462 return (ENXIO);
463}
464
465/*
466 * Detach a device that successfully probed.
467 */
468static int
469safe_detach(device_t dev)
470{
471 struct safe_softc *sc = device_get_softc(dev);
472
473 /* XXX wait/abort active ops */
474
475 WRITE_REG(sc, SAFE_HI_MASK, 0); /* disable interrupts */
476
477 callout_stop(&sc->sc_rngto);
478
479 crypto_unregister_all(sc->sc_cid);
480
481#ifdef SAFE_RNDTEST
482 if (sc->sc_rndtest)
483 rndtest_detach(sc->sc_rndtest);
484#endif
485
486 safe_cleanchip(sc);
487 safe_dma_free(sc, &sc->sc_dpalloc);
488 safe_dma_free(sc, &sc->sc_spalloc);
489 mtx_destroy(&sc->sc_ringmtx);
490 safe_dma_free(sc, &sc->sc_ringalloc);
491
492 bus_generic_detach(dev);
493 bus_teardown_intr(dev, sc->sc_irq, sc->sc_ih);
494 bus_release_resource(dev, SYS_RES_IRQ, 0, sc->sc_irq);
495
496 bus_dma_tag_destroy(sc->sc_srcdmat);
497 bus_dma_tag_destroy(sc->sc_dstdmat);
498 bus_release_resource(dev, SYS_RES_MEMORY, BS_BAR, sc->sc_sr);
499
500 return (0);
501}
502
503/*
504 * Stop all chip i/o so that the kernel's probe routines don't
505 * get confused by errant DMAs when rebooting.
506 */
507static int
508safe_shutdown(device_t dev)
509{
510#ifdef notyet
511 safe_stop(device_get_softc(dev));
512#endif
513 return (0);
514}
515
516/*
517 * Device suspend routine.
518 */
519static int
520safe_suspend(device_t dev)
521{
522 struct safe_softc *sc = device_get_softc(dev);
523
524#ifdef notyet
525 /* XXX stop the device and save PCI settings */
526#endif
527 sc->sc_suspended = 1;
528
529 return (0);
530}
531
532static int
533safe_resume(device_t dev)
534{
535 struct safe_softc *sc = device_get_softc(dev);
536
537#ifdef notyet
538 /* XXX retore PCI settings and start the device */
539#endif
540 sc->sc_suspended = 0;
541 return (0);
542}
543
544/*
545 * SafeXcel Interrupt routine
546 */
547static void
548safe_intr(void *arg)
549{
550 struct safe_softc *sc = arg;
551 volatile u_int32_t stat;
552
553 stat = READ_REG(sc, SAFE_HM_STAT);
554 if (stat == 0) /* shared irq, not for us */
555 return;
556
557 WRITE_REG(sc, SAFE_HI_CLR, stat); /* IACK */
558
559 if ((stat & SAFE_INT_PE_DDONE)) {
560 /*
561 * Descriptor(s) done; scan the ring and
562 * process completed operations.
563 */
564 mtx_lock(&sc->sc_ringmtx);
565 while (sc->sc_back != sc->sc_front) {
566 struct safe_ringentry *re = sc->sc_back;
567#ifdef SAFE_DEBUG
568 if (safe_debug) {
569 safe_dump_ringstate(sc, __func__);
570 safe_dump_request(sc, __func__, re);
571 }
572#endif
573 /*
574 * safe_process marks ring entries that were allocated
575 * but not used with a csr of zero. This insures the
576 * ring front pointer never needs to be set backwards
577 * in the event that an entry is allocated but not used
578 * because of a setup error.
579 */
580 if (re->re_desc.d_csr != 0) {
581 if (!SAFE_PE_CSR_IS_DONE(re->re_desc.d_csr))
582 break;
583 if (!SAFE_PE_LEN_IS_DONE(re->re_desc.d_len))
584 break;
585 sc->sc_nqchip--;
586 safe_callback(sc, re);
587 }
588 if (++(sc->sc_back) == sc->sc_ringtop)
589 sc->sc_back = sc->sc_ring;
590 }
591 mtx_unlock(&sc->sc_ringmtx);
592 }
593
594 /*
595 * Check to see if we got any DMA Error
596 */
597 if (stat & SAFE_INT_PE_ERROR) {
598 DPRINTF(("dmaerr dmastat %08x\n",
599 READ_REG(sc, SAFE_PE_DMASTAT)));
600 safestats.st_dmaerr++;
601 safe_totalreset(sc);
602#if 0
603 safe_feed(sc);
604#endif
605 }
606
607 if (sc->sc_needwakeup) { /* XXX check high watermark */
608 int wakeup = sc->sc_needwakeup & (CRYPTO_SYMQ|CRYPTO_ASYMQ);
609 DPRINTF(("%s: wakeup crypto %x\n", __func__,
610 sc->sc_needwakeup));
611 sc->sc_needwakeup &= ~wakeup;
612 crypto_unblock(sc->sc_cid, wakeup);
613 }
614}
615
616/*
617 * safe_feed() - post a request to chip
618 */
619static void
620safe_feed(struct safe_softc *sc, struct safe_ringentry *re)
621{
622 bus_dmamap_sync(sc->sc_srcdmat, re->re_src_map, BUS_DMASYNC_PREWRITE);
623 if (re->re_dst_map != NULL)
624 bus_dmamap_sync(sc->sc_dstdmat, re->re_dst_map,
625 BUS_DMASYNC_PREREAD);
626 /* XXX have no smaller granularity */
627 safe_dma_sync(&sc->sc_ringalloc,
628 BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
629 safe_dma_sync(&sc->sc_spalloc, BUS_DMASYNC_PREWRITE);
630 safe_dma_sync(&sc->sc_dpalloc, BUS_DMASYNC_PREWRITE);
631
632#ifdef SAFE_DEBUG
633 if (safe_debug) {
634 safe_dump_ringstate(sc, __func__);
635 safe_dump_request(sc, __func__, re);
636 }
637#endif
638 sc->sc_nqchip++;
639 if (sc->sc_nqchip > safestats.st_maxqchip)
640 safestats.st_maxqchip = sc->sc_nqchip;
641 /* poke h/w to check descriptor ring, any value can be written */
642 WRITE_REG(sc, SAFE_HI_RD_DESCR, 0);
643}
644
645#define N(a) (sizeof(a) / sizeof (a[0]))
646static void
647safe_setup_enckey(struct safe_session *ses, caddr_t key)
648{
649 int i;
650
651 bcopy(key, ses->ses_key, ses->ses_klen / 8);
652
653 /* PE is little-endian, insure proper byte order */
654 for (i = 0; i < N(ses->ses_key); i++)
655 ses->ses_key[i] = htole32(ses->ses_key[i]);
656}
657
658static void
659safe_setup_mackey(struct safe_session *ses, int algo, caddr_t key, int klen)
660{
661 MD5_CTX md5ctx;
662 SHA1_CTX sha1ctx;
663 int i;
664
665
666 for (i = 0; i < klen; i++)
667 key[i] ^= HMAC_IPAD_VAL;
668
669 if (algo == CRYPTO_MD5_HMAC) {
670 MD5Init(&md5ctx);
671 MD5Update(&md5ctx, key, klen);
672 MD5Update(&md5ctx, hmac_ipad_buffer, MD5_HMAC_BLOCK_LEN - klen);
673 bcopy(md5ctx.state, ses->ses_hminner, sizeof(md5ctx.state));
674 } else {
675 SHA1Init(&sha1ctx);
676 SHA1Update(&sha1ctx, key, klen);
677 SHA1Update(&sha1ctx, hmac_ipad_buffer,
678 SHA1_HMAC_BLOCK_LEN - klen);
679 bcopy(sha1ctx.h.b32, ses->ses_hminner, sizeof(sha1ctx.h.b32));
680 }
681
682 for (i = 0; i < klen; i++)
683 key[i] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL);
684
685 if (algo == CRYPTO_MD5_HMAC) {
686 MD5Init(&md5ctx);
687 MD5Update(&md5ctx, key, klen);
688 MD5Update(&md5ctx, hmac_opad_buffer, MD5_HMAC_BLOCK_LEN - klen);
689 bcopy(md5ctx.state, ses->ses_hmouter, sizeof(md5ctx.state));
690 } else {
691 SHA1Init(&sha1ctx);
692 SHA1Update(&sha1ctx, key, klen);
693 SHA1Update(&sha1ctx, hmac_opad_buffer,
694 SHA1_HMAC_BLOCK_LEN - klen);
695 bcopy(sha1ctx.h.b32, ses->ses_hmouter, sizeof(sha1ctx.h.b32));
696 }
697
698 for (i = 0; i < klen; i++)
699 key[i] ^= HMAC_OPAD_VAL;
700
701 /* PE is little-endian, insure proper byte order */
702 for (i = 0; i < N(ses->ses_hminner); i++) {
703 ses->ses_hminner[i] = htole32(ses->ses_hminner[i]);
704 ses->ses_hmouter[i] = htole32(ses->ses_hmouter[i]);
705 }
706}
707#undef N
708
709/*
710 * Allocate a new 'session' and return an encoded session id. 'sidp'
711 * contains our registration id, and should contain an encoded session
712 * id on successful allocation.
713 */
714static int
715safe_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri)
716{
717 struct safe_softc *sc = device_get_softc(dev);
718 struct cryptoini *c, *encini = NULL, *macini = NULL;
719 struct safe_session *ses = NULL;
720 int sesn;
721
722 if (sidp == NULL || cri == NULL || sc == NULL)
723 return (EINVAL);
724
725 for (c = cri; c != NULL; c = c->cri_next) {
726 if (c->cri_alg == CRYPTO_MD5_HMAC ||
727 c->cri_alg == CRYPTO_SHA1_HMAC ||
728 c->cri_alg == CRYPTO_NULL_HMAC) {
729 if (macini)
730 return (EINVAL);
731 macini = c;
732 } else if (c->cri_alg == CRYPTO_DES_CBC ||
733 c->cri_alg == CRYPTO_3DES_CBC ||
734 c->cri_alg == CRYPTO_AES_CBC ||
735 c->cri_alg == CRYPTO_NULL_CBC) {
736 if (encini)
737 return (EINVAL);
738 encini = c;
739 } else
740 return (EINVAL);
741 }
742 if (encini == NULL && macini == NULL)
743 return (EINVAL);
744 if (encini) { /* validate key length */
745 switch (encini->cri_alg) {
746 case CRYPTO_DES_CBC:
747 if (encini->cri_klen != 64)
748 return (EINVAL);
749 break;
750 case CRYPTO_3DES_CBC:
751 if (encini->cri_klen != 192)
752 return (EINVAL);
753 break;
754 case CRYPTO_AES_CBC:
755 if (encini->cri_klen != 128 &&
756 encini->cri_klen != 192 &&
757 encini->cri_klen != 256)
758 return (EINVAL);
759 break;
760 }
761 }
762
763 if (sc->sc_sessions == NULL) {
764 ses = sc->sc_sessions = (struct safe_session *)malloc(
765 sizeof(struct safe_session), M_DEVBUF, M_NOWAIT);
766 if (ses == NULL)
767 return (ENOMEM);
768 sesn = 0;
769 sc->sc_nsessions = 1;
770 } else {
771 for (sesn = 0; sesn < sc->sc_nsessions; sesn++) {
772 if (sc->sc_sessions[sesn].ses_used == 0) {
773 ses = &sc->sc_sessions[sesn];
774 break;
775 }
776 }
777
778 if (ses == NULL) {
779 sesn = sc->sc_nsessions;
780 ses = (struct safe_session *)malloc((sesn + 1) *
781 sizeof(struct safe_session), M_DEVBUF, M_NOWAIT);
782 if (ses == NULL)
783 return (ENOMEM);
784 bcopy(sc->sc_sessions, ses, sesn *
785 sizeof(struct safe_session));
786 bzero(sc->sc_sessions, sesn *
787 sizeof(struct safe_session));
788 free(sc->sc_sessions, M_DEVBUF);
789 sc->sc_sessions = ses;
790 ses = &sc->sc_sessions[sesn];
791 sc->sc_nsessions++;
792 }
793 }
794
795 bzero(ses, sizeof(struct safe_session));
796 ses->ses_used = 1;
797
798 if (encini) {
799 /* get an IV */
800 /* XXX may read fewer than requested */
801 read_random(ses->ses_iv, sizeof(ses->ses_iv));
802
803 ses->ses_klen = encini->cri_klen;
804 if (encini->cri_key != NULL)
805 safe_setup_enckey(ses, encini->cri_key);
806 }
807
808 if (macini) {
809 ses->ses_mlen = macini->cri_mlen;
810 if (ses->ses_mlen == 0) {
811 if (macini->cri_alg == CRYPTO_MD5_HMAC)
812 ses->ses_mlen = MD5_HASH_LEN;
813 else
814 ses->ses_mlen = SHA1_HASH_LEN;
815 }
816
817 if (macini->cri_key != NULL) {
818 safe_setup_mackey(ses, macini->cri_alg, macini->cri_key,
819 macini->cri_klen / 8);
820 }
821 }
822
823 *sidp = SAFE_SID(device_get_unit(sc->sc_dev), sesn);
824 return (0);
825}
826
827/*
828 * Deallocate a session.
829 */
830static int
831safe_freesession(device_t dev, u_int64_t tid)
832{
833 struct safe_softc *sc = device_get_softc(dev);
834 int session, ret;
835 u_int32_t sid = ((u_int32_t) tid) & 0xffffffff;
836
837 if (sc == NULL)
838 return (EINVAL);
839
840 session = SAFE_SESSION(sid);
841 if (session < sc->sc_nsessions) {
842 bzero(&sc->sc_sessions[session], sizeof(sc->sc_sessions[session]));
843 ret = 0;
844 } else
845 ret = EINVAL;
846 return (ret);
847}
848
849static void
850safe_op_cb(void *arg, bus_dma_segment_t *seg, int nsegs, bus_size_t mapsize, int error)
851{
852 struct safe_operand *op = arg;
853
854 DPRINTF(("%s: mapsize %u nsegs %d error %d\n", __func__,
855 (u_int) mapsize, nsegs, error));
856 if (error != 0)
857 return;
858 op->mapsize = mapsize;
859 op->nsegs = nsegs;
860 bcopy(seg, op->segs, nsegs * sizeof (seg[0]));
861}
862
863static int
864safe_process(device_t dev, struct cryptop *crp, int hint)
865{
866 struct safe_softc *sc = device_get_softc(dev);
867 int err = 0, i, nicealign, uniform;
868 struct cryptodesc *crd1, *crd2, *maccrd, *enccrd;
869 int bypass, oplen, ivsize;
870 caddr_t iv;
871 int16_t coffset;
872 struct safe_session *ses;
873 struct safe_ringentry *re;
874 struct safe_sarec *sa;
875 struct safe_pdesc *pd;
876 u_int32_t cmd0, cmd1, staterec;
877
878 if (crp == NULL || crp->crp_callback == NULL || sc == NULL) {
879 safestats.st_invalid++;
880 return (EINVAL);
881 }
882 if (SAFE_SESSION(crp->crp_sid) >= sc->sc_nsessions) {
883 safestats.st_badsession++;
884 return (EINVAL);
885 }
886
887 mtx_lock(&sc->sc_ringmtx);
888 if (sc->sc_front == sc->sc_back && sc->sc_nqchip != 0) {
889 safestats.st_ringfull++;
890 sc->sc_needwakeup |= CRYPTO_SYMQ;
891 mtx_unlock(&sc->sc_ringmtx);
892 return (ERESTART);
893 }
894 re = sc->sc_front;
895
896 staterec = re->re_sa.sa_staterec; /* save */
897 /* NB: zero everything but the PE descriptor */
898 bzero(&re->re_sa, sizeof(struct safe_ringentry) - sizeof(re->re_desc));
899 re->re_sa.sa_staterec = staterec; /* restore */
900
901 re->re_crp = crp;
902 re->re_sesn = SAFE_SESSION(crp->crp_sid);
903
904 if (crp->crp_flags & CRYPTO_F_IMBUF) {
905 re->re_src_m = (struct mbuf *)crp->crp_buf;
906 re->re_dst_m = (struct mbuf *)crp->crp_buf;
907 } else if (crp->crp_flags & CRYPTO_F_IOV) {
908 re->re_src_io = (struct uio *)crp->crp_buf;
909 re->re_dst_io = (struct uio *)crp->crp_buf;
910 } else {
911 safestats.st_badflags++;
912 err = EINVAL;
913 goto errout; /* XXX we don't handle contiguous blocks! */
914 }
915
916 sa = &re->re_sa;
917 ses = &sc->sc_sessions[re->re_sesn];
918
919 crd1 = crp->crp_desc;
920 if (crd1 == NULL) {
921 safestats.st_nodesc++;
922 err = EINVAL;
923 goto errout;
924 }
925 crd2 = crd1->crd_next;
926
927 cmd0 = SAFE_SA_CMD0_BASIC; /* basic group operation */
928 cmd1 = 0;
929 if (crd2 == NULL) {
930 if (crd1->crd_alg == CRYPTO_MD5_HMAC ||
931 crd1->crd_alg == CRYPTO_SHA1_HMAC ||
932 crd1->crd_alg == CRYPTO_NULL_HMAC) {
933 maccrd = crd1;
934 enccrd = NULL;
935 cmd0 |= SAFE_SA_CMD0_OP_HASH;
936 } else if (crd1->crd_alg == CRYPTO_DES_CBC ||
937 crd1->crd_alg == CRYPTO_3DES_CBC ||
938 crd1->crd_alg == CRYPTO_AES_CBC ||
939 crd1->crd_alg == CRYPTO_NULL_CBC) {
940 maccrd = NULL;
941 enccrd = crd1;
942 cmd0 |= SAFE_SA_CMD0_OP_CRYPT;
943 } else {
944 safestats.st_badalg++;
945 err = EINVAL;
946 goto errout;
947 }
948 } else {
949 if ((crd1->crd_alg == CRYPTO_MD5_HMAC ||
950 crd1->crd_alg == CRYPTO_SHA1_HMAC ||
951 crd1->crd_alg == CRYPTO_NULL_HMAC) &&
952 (crd2->crd_alg == CRYPTO_DES_CBC ||
953 crd2->crd_alg == CRYPTO_3DES_CBC ||
954 crd2->crd_alg == CRYPTO_AES_CBC ||
955 crd2->crd_alg == CRYPTO_NULL_CBC) &&
956 ((crd2->crd_flags & CRD_F_ENCRYPT) == 0)) {
957 maccrd = crd1;
958 enccrd = crd2;
959 } else if ((crd1->crd_alg == CRYPTO_DES_CBC ||
960 crd1->crd_alg == CRYPTO_3DES_CBC ||
961 crd1->crd_alg == CRYPTO_AES_CBC ||
962 crd1->crd_alg == CRYPTO_NULL_CBC) &&
963 (crd2->crd_alg == CRYPTO_MD5_HMAC ||
964 crd2->crd_alg == CRYPTO_SHA1_HMAC ||
965 crd2->crd_alg == CRYPTO_NULL_HMAC) &&
966 (crd1->crd_flags & CRD_F_ENCRYPT)) {
967 enccrd = crd1;
968 maccrd = crd2;
969 } else {
970 safestats.st_badalg++;
971 err = EINVAL;
972 goto errout;
973 }
974 cmd0 |= SAFE_SA_CMD0_OP_BOTH;
975 }
976
977 if (enccrd) {
978 if (enccrd->crd_flags & CRD_F_KEY_EXPLICIT)
979 safe_setup_enckey(ses, enccrd->crd_key);
980
981 if (enccrd->crd_alg == CRYPTO_DES_CBC) {
982 cmd0 |= SAFE_SA_CMD0_DES;
983 cmd1 |= SAFE_SA_CMD1_CBC;
984 ivsize = 2*sizeof(u_int32_t);
985 } else if (enccrd->crd_alg == CRYPTO_3DES_CBC) {
986 cmd0 |= SAFE_SA_CMD0_3DES;
987 cmd1 |= SAFE_SA_CMD1_CBC;
988 ivsize = 2*sizeof(u_int32_t);
989 } else if (enccrd->crd_alg == CRYPTO_AES_CBC) {
990 cmd0 |= SAFE_SA_CMD0_AES;
991 cmd1 |= SAFE_SA_CMD1_CBC;
992 if (ses->ses_klen == 128)
993 cmd1 |= SAFE_SA_CMD1_AES128;
994 else if (ses->ses_klen == 192)
995 cmd1 |= SAFE_SA_CMD1_AES192;
996 else
997 cmd1 |= SAFE_SA_CMD1_AES256;
998 ivsize = 4*sizeof(u_int32_t);
999 } else {
1000 cmd0 |= SAFE_SA_CMD0_CRYPT_NULL;
1001 ivsize = 0;
1002 }
1003
1004 /*
1005 * Setup encrypt/decrypt state. When using basic ops
1006 * we can't use an inline IV because hash/crypt offset
1007 * must be from the end of the IV to the start of the
1008 * crypt data and this leaves out the preceding header
1009 * from the hash calculation. Instead we place the IV
1010 * in the state record and set the hash/crypt offset to
1011 * copy both the header+IV.
1012 */
1013 if (enccrd->crd_flags & CRD_F_ENCRYPT) {
1014 cmd0 |= SAFE_SA_CMD0_OUTBOUND;
1015
1016 if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
1017 iv = enccrd->crd_iv;
1018 else
1019 iv = (caddr_t) ses->ses_iv;
1020 if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) {
1021 crypto_copyback(crp->crp_flags, crp->crp_buf,
1022 enccrd->crd_inject, ivsize, iv);
1023 }
1024 bcopy(iv, re->re_sastate.sa_saved_iv, ivsize);
1025 cmd0 |= SAFE_SA_CMD0_IVLD_STATE | SAFE_SA_CMD0_SAVEIV;
1026 re->re_flags |= SAFE_QFLAGS_COPYOUTIV;
1027 } else {
1028 cmd0 |= SAFE_SA_CMD0_INBOUND;
1029
1030 if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) {
1031 bcopy(enccrd->crd_iv,
1032 re->re_sastate.sa_saved_iv, ivsize);
1033 } else {
1034 crypto_copydata(crp->crp_flags, crp->crp_buf,
1035 enccrd->crd_inject, ivsize,
1036 (caddr_t)re->re_sastate.sa_saved_iv);
1037 }
1038 cmd0 |= SAFE_SA_CMD0_IVLD_STATE;
1039 }
1040 /*
1041 * For basic encryption use the zero pad algorithm.
1042 * This pads results to an 8-byte boundary and
1043 * suppresses padding verification for inbound (i.e.
1044 * decrypt) operations.
1045 *
1046 * NB: Not sure if the 8-byte pad boundary is a problem.
1047 */
1048 cmd0 |= SAFE_SA_CMD0_PAD_ZERO;
1049
1050 /* XXX assert key bufs have the same size */
1051 bcopy(ses->ses_key, sa->sa_key, sizeof(sa->sa_key));
1052 }
1053
1054 if (maccrd) {
1055 if (maccrd->crd_flags & CRD_F_KEY_EXPLICIT) {
1056 safe_setup_mackey(ses, maccrd->crd_alg,
1057 maccrd->crd_key, maccrd->crd_klen / 8);
1058 }
1059
1060 if (maccrd->crd_alg == CRYPTO_MD5_HMAC) {
1061 cmd0 |= SAFE_SA_CMD0_MD5;
1062 cmd1 |= SAFE_SA_CMD1_HMAC; /* NB: enable HMAC */
1063 } else if (maccrd->crd_alg == CRYPTO_SHA1_HMAC) {
1064 cmd0 |= SAFE_SA_CMD0_SHA1;
1065 cmd1 |= SAFE_SA_CMD1_HMAC; /* NB: enable HMAC */
1066 } else {
1067 cmd0 |= SAFE_SA_CMD0_HASH_NULL;
1068 }
1069 /*
1070 * Digest data is loaded from the SA and the hash
1071 * result is saved to the state block where we
1072 * retrieve it for return to the caller.
1073 */
1074 /* XXX assert digest bufs have the same size */
1075 bcopy(ses->ses_hminner, sa->sa_indigest,
1076 sizeof(sa->sa_indigest));
1077 bcopy(ses->ses_hmouter, sa->sa_outdigest,
1078 sizeof(sa->sa_outdigest));
1079
1080 cmd0 |= SAFE_SA_CMD0_HSLD_SA | SAFE_SA_CMD0_SAVEHASH;
1081 re->re_flags |= SAFE_QFLAGS_COPYOUTICV;
1082 }
1083
1084 if (enccrd && maccrd) {
1085 /*
1086 * The offset from hash data to the start of
1087 * crypt data is the difference in the skips.
1088 */
1089 bypass = maccrd->crd_skip;
1090 coffset = enccrd->crd_skip - maccrd->crd_skip;
1091 if (coffset < 0) {
1092 DPRINTF(("%s: hash does not precede crypt; "
1093 "mac skip %u enc skip %u\n",
1094 __func__, maccrd->crd_skip, enccrd->crd_skip));
1095 safestats.st_skipmismatch++;
1096 err = EINVAL;
1097 goto errout;
1098 }
1099 oplen = enccrd->crd_skip + enccrd->crd_len;
1100 if (maccrd->crd_skip + maccrd->crd_len != oplen) {
1101 DPRINTF(("%s: hash amount %u != crypt amount %u\n",
1102 __func__, maccrd->crd_skip + maccrd->crd_len,
1103 oplen));
1104 safestats.st_lenmismatch++;
1105 err = EINVAL;
1106 goto errout;
1107 }
1108#ifdef SAFE_DEBUG
1109 if (safe_debug) {
1110 printf("mac: skip %d, len %d, inject %d\n",
1111 maccrd->crd_skip, maccrd->crd_len,
1112 maccrd->crd_inject);
1113 printf("enc: skip %d, len %d, inject %d\n",
1114 enccrd->crd_skip, enccrd->crd_len,
1115 enccrd->crd_inject);
1116 printf("bypass %d coffset %d oplen %d\n",
1117 bypass, coffset, oplen);
1118 }
1119#endif
1120 if (coffset & 3) { /* offset must be 32-bit aligned */
1121 DPRINTF(("%s: coffset %u misaligned\n",
1122 __func__, coffset));
1123 safestats.st_coffmisaligned++;
1124 err = EINVAL;
1125 goto errout;
1126 }
1127 coffset >>= 2;
1128 if (coffset > 255) { /* offset must be <256 dwords */
1129 DPRINTF(("%s: coffset %u too big\n",
1130 __func__, coffset));
1131 safestats.st_cofftoobig++;
1132 err = EINVAL;
1133 goto errout;
1134 }
1135 /*
1136 * Tell the hardware to copy the header to the output.
1137 * The header is defined as the data from the end of
1138 * the bypass to the start of data to be encrypted.
1139 * Typically this is the inline IV. Note that you need
1140 * to do this even if src+dst are the same; it appears
1141 * that w/o this bit the crypted data is written
1142 * immediately after the bypass data.
1143 */
1144 cmd1 |= SAFE_SA_CMD1_HDRCOPY;
1145 /*
1146 * Disable IP header mutable bit handling. This is
1147 * needed to get correct HMAC calculations.
1148 */
1149 cmd1 |= SAFE_SA_CMD1_MUTABLE;
1150 } else {
1151 if (enccrd) {
1152 bypass = enccrd->crd_skip;
1153 oplen = bypass + enccrd->crd_len;
1154 } else {
1155 bypass = maccrd->crd_skip;
1156 oplen = bypass + maccrd->crd_len;
1157 }
1158 coffset = 0;
1159 }
1160 /* XXX verify multiple of 4 when using s/g */
1161 if (bypass > 96) { /* bypass offset must be <= 96 bytes */
1162 DPRINTF(("%s: bypass %u too big\n", __func__, bypass));
1163 safestats.st_bypasstoobig++;
1164 err = EINVAL;
1165 goto errout;
1166 }
1167
1168 if (bus_dmamap_create(sc->sc_srcdmat, BUS_DMA_NOWAIT, &re->re_src_map)) {
1169 safestats.st_nomap++;
1170 err = ENOMEM;
1171 goto errout;
1172 }
1173 if (crp->crp_flags & CRYPTO_F_IMBUF) {
1174 if (bus_dmamap_load_mbuf(sc->sc_srcdmat, re->re_src_map,
1175 re->re_src_m, safe_op_cb,
1176 &re->re_src, BUS_DMA_NOWAIT) != 0) {
1177 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map);
1178 re->re_src_map = NULL;
1179 safestats.st_noload++;
1180 err = ENOMEM;
1181 goto errout;
1182 }
1183 } else if (crp->crp_flags & CRYPTO_F_IOV) {
1184 if (bus_dmamap_load_uio(sc->sc_srcdmat, re->re_src_map,
1185 re->re_src_io, safe_op_cb,
1186 &re->re_src, BUS_DMA_NOWAIT) != 0) {
1187 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map);
1188 re->re_src_map = NULL;
1189 safestats.st_noload++;
1190 err = ENOMEM;
1191 goto errout;
1192 }
1193 }
1194 nicealign = safe_dmamap_aligned(&re->re_src);
1195 uniform = safe_dmamap_uniform(&re->re_src);
1196
1197 DPRINTF(("src nicealign %u uniform %u nsegs %u\n",
1198 nicealign, uniform, re->re_src.nsegs));
1199 if (re->re_src.nsegs > 1) {
1200 re->re_desc.d_src = sc->sc_spalloc.dma_paddr +
1201 ((caddr_t) sc->sc_spfree - (caddr_t) sc->sc_spring);
1202 for (i = 0; i < re->re_src_nsegs; i++) {
1203 /* NB: no need to check if there's space */
1204 pd = sc->sc_spfree;
1205 if (++(sc->sc_spfree) == sc->sc_springtop)
1206 sc->sc_spfree = sc->sc_spring;
1207
1208 KASSERT((pd->pd_flags&3) == 0 ||
1209 (pd->pd_flags&3) == SAFE_PD_DONE,
1210 ("bogus source particle descriptor; flags %x",
1211 pd->pd_flags));
1212 pd->pd_addr = re->re_src_segs[i].ds_addr;
1213 pd->pd_size = re->re_src_segs[i].ds_len;
1214 pd->pd_flags = SAFE_PD_READY;
1215 }
1216 cmd0 |= SAFE_SA_CMD0_IGATHER;
1217 } else {
1218 /*
1219 * No need for gather, reference the operand directly.
1220 */
1221 re->re_desc.d_src = re->re_src_segs[0].ds_addr;
1222 }
1223
1224 if (enccrd == NULL && maccrd != NULL) {
1225 /*
1226 * Hash op; no destination needed.
1227 */
1228 } else {
1229 if (crp->crp_flags & CRYPTO_F_IOV) {
1230 if (!nicealign) {
1231 safestats.st_iovmisaligned++;
1232 err = EINVAL;
1233 goto errout;
1234 }
1235 if (uniform != 1) {
1236 /*
1237 * Source is not suitable for direct use as
1238 * the destination. Create a new scatter/gather
1239 * list based on the destination requirements
1240 * and check if that's ok.
1241 */
1242 if (bus_dmamap_create(sc->sc_dstdmat,
1243 BUS_DMA_NOWAIT, &re->re_dst_map)) {
1244 safestats.st_nomap++;
1245 err = ENOMEM;
1246 goto errout;
1247 }
1248 if (bus_dmamap_load_uio(sc->sc_dstdmat,
1249 re->re_dst_map, re->re_dst_io,
1250 safe_op_cb, &re->re_dst,
1251 BUS_DMA_NOWAIT) != 0) {
1252 bus_dmamap_destroy(sc->sc_dstdmat,
1253 re->re_dst_map);
1254 re->re_dst_map = NULL;
1255 safestats.st_noload++;
1256 err = ENOMEM;
1257 goto errout;
1258 }
1259 uniform = safe_dmamap_uniform(&re->re_dst);
1260 if (!uniform) {
1261 /*
1262 * There's no way to handle the DMA
1263 * requirements with this uio. We
1264 * could create a separate DMA area for
1265 * the result and then copy it back,
1266 * but for now we just bail and return
1267 * an error. Note that uio requests
1268 * > SAFE_MAX_DSIZE are handled because
1269 * the DMA map and segment list for the
1270 * destination wil result in a
1271 * destination particle list that does
1272 * the necessary scatter DMA.
1273 */
1274 safestats.st_iovnotuniform++;
1275 err = EINVAL;
1276 goto errout;
1277 }
1278 } else
1279 re->re_dst = re->re_src;
1280 } else if (crp->crp_flags & CRYPTO_F_IMBUF) {
1281 if (nicealign && uniform == 1) {
1282 /*
1283 * Source layout is suitable for direct
1284 * sharing of the DMA map and segment list.
1285 */
1286 re->re_dst = re->re_src;
1287 } else if (nicealign && uniform == 2) {
1288 /*
1289 * The source is properly aligned but requires a
1290 * different particle list to handle DMA of the
1291 * result. Create a new map and do the load to
1292 * create the segment list. The particle
1293 * descriptor setup code below will handle the
1294 * rest.
1295 */
1296 if (bus_dmamap_create(sc->sc_dstdmat,
1297 BUS_DMA_NOWAIT, &re->re_dst_map)) {
1298 safestats.st_nomap++;
1299 err = ENOMEM;
1300 goto errout;
1301 }
1302 if (bus_dmamap_load_mbuf(sc->sc_dstdmat,
1303 re->re_dst_map, re->re_dst_m,
1304 safe_op_cb, &re->re_dst,
1305 BUS_DMA_NOWAIT) != 0) {
1306 bus_dmamap_destroy(sc->sc_dstdmat,
1307 re->re_dst_map);
1308 re->re_dst_map = NULL;
1309 safestats.st_noload++;
1310 err = ENOMEM;
1311 goto errout;
1312 }
1313 } else { /* !(aligned and/or uniform) */
1314 int totlen, len;
1315 struct mbuf *m, *top, **mp;
1316
1317 /*
1318 * DMA constraints require that we allocate a
1319 * new mbuf chain for the destination. We
1320 * allocate an entire new set of mbufs of
1321 * optimal/required size and then tell the
1322 * hardware to copy any bits that are not
1323 * created as a byproduct of the operation.
1324 */
1325 if (!nicealign)
1326 safestats.st_unaligned++;
1327 if (!uniform)
1328 safestats.st_notuniform++;
1329 totlen = re->re_src_mapsize;
1330 if (re->re_src_m->m_flags & M_PKTHDR) {
1331 len = MHLEN;
1332 MGETHDR(m, M_DONTWAIT, MT_DATA);
1333 if (m && !m_dup_pkthdr(m, re->re_src_m,
1334 M_DONTWAIT)) {
1335 m_free(m);
1336 m = NULL;
1337 }
1338 } else {
1339 len = MLEN;
1340 MGET(m, M_DONTWAIT, MT_DATA);
1341 }
1342 if (m == NULL) {
1343 safestats.st_nombuf++;
1344 err = sc->sc_nqchip ? ERESTART : ENOMEM;
1345 goto errout;
1346 }
1347 if (totlen >= MINCLSIZE) {
1348 MCLGET(m, M_DONTWAIT);
1349 if ((m->m_flags & M_EXT) == 0) {
1350 m_free(m);
1351 safestats.st_nomcl++;
1352 err = sc->sc_nqchip ?
1353 ERESTART : ENOMEM;
1354 goto errout;
1355 }
1356 len = MCLBYTES;
1357 }
1358 m->m_len = len;
1359 top = NULL;
1360 mp = ⊤
1361
1362 while (totlen > 0) {
1363 if (top) {
1364 MGET(m, M_DONTWAIT, MT_DATA);
1365 if (m == NULL) {
1366 m_freem(top);
1367 safestats.st_nombuf++;
1368 err = sc->sc_nqchip ?
1369 ERESTART : ENOMEM;
1370 goto errout;
1371 }
1372 len = MLEN;
1373 }
1374 if (top && totlen >= MINCLSIZE) {
1375 MCLGET(m, M_DONTWAIT);
1376 if ((m->m_flags & M_EXT) == 0) {
1377 *mp = m;
1378 m_freem(top);
1379 safestats.st_nomcl++;
1380 err = sc->sc_nqchip ?
1381 ERESTART : ENOMEM;
1382 goto errout;
1383 }
1384 len = MCLBYTES;
1385 }
1386 m->m_len = len = min(totlen, len);
1387 totlen -= len;
1388 *mp = m;
1389 mp = &m->m_next;
1390 }
1391 re->re_dst_m = top;
1392 if (bus_dmamap_create(sc->sc_dstdmat,
1393 BUS_DMA_NOWAIT, &re->re_dst_map) != 0) {
1394 safestats.st_nomap++;
1395 err = ENOMEM;
1396 goto errout;
1397 }
1398 if (bus_dmamap_load_mbuf(sc->sc_dstdmat,
1399 re->re_dst_map, re->re_dst_m,
1400 safe_op_cb, &re->re_dst,
1401 BUS_DMA_NOWAIT) != 0) {
1402 bus_dmamap_destroy(sc->sc_dstdmat,
1403 re->re_dst_map);
1404 re->re_dst_map = NULL;
1405 safestats.st_noload++;
1406 err = ENOMEM;
1407 goto errout;
1408 }
1409 if (re->re_src.mapsize > oplen) {
1410 /*
1411 * There's data following what the
1412 * hardware will copy for us. If this
1413 * isn't just the ICV (that's going to
1414 * be written on completion), copy it
1415 * to the new mbufs
1416 */
1417 if (!(maccrd &&
1418 (re->re_src.mapsize-oplen) == 12 &&
1419 maccrd->crd_inject == oplen))
1420 safe_mcopy(re->re_src_m,
1421 re->re_dst_m,
1422 oplen);
1423 else
1424 safestats.st_noicvcopy++;
1425 }
1426 }
1427 } else {
1428 safestats.st_badflags++;
1429 err = EINVAL;
1430 goto errout;
1431 }
1432
1433 if (re->re_dst.nsegs > 1) {
1434 re->re_desc.d_dst = sc->sc_dpalloc.dma_paddr +
1435 ((caddr_t) sc->sc_dpfree - (caddr_t) sc->sc_dpring);
1436 for (i = 0; i < re->re_dst_nsegs; i++) {
1437 pd = sc->sc_dpfree;
1438 KASSERT((pd->pd_flags&3) == 0 ||
1439 (pd->pd_flags&3) == SAFE_PD_DONE,
1440 ("bogus dest particle descriptor; flags %x",
1441 pd->pd_flags));
1442 if (++(sc->sc_dpfree) == sc->sc_dpringtop)
1443 sc->sc_dpfree = sc->sc_dpring;
1444 pd->pd_addr = re->re_dst_segs[i].ds_addr;
1445 pd->pd_flags = SAFE_PD_READY;
1446 }
1447 cmd0 |= SAFE_SA_CMD0_OSCATTER;
1448 } else {
1449 /*
1450 * No need for scatter, reference the operand directly.
1451 */
1452 re->re_desc.d_dst = re->re_dst_segs[0].ds_addr;
1453 }
1454 }
1455
1456 /*
1457 * All done with setup; fillin the SA command words
1458 * and the packet engine descriptor. The operation
1459 * is now ready for submission to the hardware.
1460 */
1461 sa->sa_cmd0 = cmd0 | SAFE_SA_CMD0_IPCI | SAFE_SA_CMD0_OPCI;
1462 sa->sa_cmd1 = cmd1
1463 | (coffset << SAFE_SA_CMD1_OFFSET_S)
1464 | SAFE_SA_CMD1_SAREV1 /* Rev 1 SA data structure */
1465 | SAFE_SA_CMD1_SRPCI
1466 ;
1467 /*
1468 * NB: the order of writes is important here. In case the
1469 * chip is scanning the ring because of an outstanding request
1470 * it might nab this one too. In that case we need to make
1471 * sure the setup is complete before we write the length
1472 * field of the descriptor as it signals the descriptor is
1473 * ready for processing.
1474 */
1475 re->re_desc.d_csr = SAFE_PE_CSR_READY | SAFE_PE_CSR_SAPCI;
1476 if (maccrd)
1477 re->re_desc.d_csr |= SAFE_PE_CSR_LOADSA | SAFE_PE_CSR_HASHFINAL;
1478 re->re_desc.d_len = oplen
1479 | SAFE_PE_LEN_READY
1480 | (bypass << SAFE_PE_LEN_BYPASS_S)
1481 ;
1482
1483 safestats.st_ipackets++;
1484 safestats.st_ibytes += oplen;
1485
1486 if (++(sc->sc_front) == sc->sc_ringtop)
1487 sc->sc_front = sc->sc_ring;
1488
1489 /* XXX honor batching */
1490 safe_feed(sc, re);
1491 mtx_unlock(&sc->sc_ringmtx);
1492 return (0);
1493
1494errout:
1495 if ((re->re_dst_m != NULL) && (re->re_src_m != re->re_dst_m))
1496 m_freem(re->re_dst_m);
1497
1498 if (re->re_dst_map != NULL && re->re_dst_map != re->re_src_map) {
1499 bus_dmamap_unload(sc->sc_dstdmat, re->re_dst_map);
1500 bus_dmamap_destroy(sc->sc_dstdmat, re->re_dst_map);
1501 }
1502 if (re->re_src_map != NULL) {
1503 bus_dmamap_unload(sc->sc_srcdmat, re->re_src_map);
1504 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map);
1505 }
1506 mtx_unlock(&sc->sc_ringmtx);
1507 if (err != ERESTART) {
1508 crp->crp_etype = err;
1509 crypto_done(crp);
1510 } else {
1511 sc->sc_needwakeup |= CRYPTO_SYMQ;
1512 }
1513 return (err);
1514}
1515
1516static void
1517safe_callback(struct safe_softc *sc, struct safe_ringentry *re)
1518{
1519 struct cryptop *crp = (struct cryptop *)re->re_crp;
1520 struct cryptodesc *crd;
1521
1522 safestats.st_opackets++;
1523 safestats.st_obytes += re->re_dst.mapsize;
1524
1525 safe_dma_sync(&sc->sc_ringalloc,
1526 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE);
1527 if (re->re_desc.d_csr & SAFE_PE_CSR_STATUS) {
1528 device_printf(sc->sc_dev, "csr 0x%x cmd0 0x%x cmd1 0x%x\n",
1529 re->re_desc.d_csr,
1530 re->re_sa.sa_cmd0, re->re_sa.sa_cmd1);
1531 safestats.st_peoperr++;
1532 crp->crp_etype = EIO; /* something more meaningful? */
1533 }
1534 if (re->re_dst_map != NULL && re->re_dst_map != re->re_src_map) {
1535 bus_dmamap_sync(sc->sc_dstdmat, re->re_dst_map,
1536 BUS_DMASYNC_POSTREAD);
1537 bus_dmamap_unload(sc->sc_dstdmat, re->re_dst_map);
1538 bus_dmamap_destroy(sc->sc_dstdmat, re->re_dst_map);
1539 }
1540 bus_dmamap_sync(sc->sc_srcdmat, re->re_src_map, BUS_DMASYNC_POSTWRITE);
1541 bus_dmamap_unload(sc->sc_srcdmat, re->re_src_map);
1542 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map);
1543
1544 /*
1545 * If result was written to a differet mbuf chain, swap
1546 * it in as the return value and reclaim the original.
1547 */
1548 if ((crp->crp_flags & CRYPTO_F_IMBUF) && re->re_src_m != re->re_dst_m) {
1549 m_freem(re->re_src_m);
1550 crp->crp_buf = (caddr_t)re->re_dst_m;
1551 }
1552
1553 if (re->re_flags & SAFE_QFLAGS_COPYOUTIV) {
1554 /* copy out IV for future use */
1555 for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
1556 int ivsize;
1557
1558 if (crd->crd_alg == CRYPTO_DES_CBC ||
1559 crd->crd_alg == CRYPTO_3DES_CBC) {
1560 ivsize = 2*sizeof(u_int32_t);
1561 } else if (crd->crd_alg == CRYPTO_AES_CBC) {
1562 ivsize = 4*sizeof(u_int32_t);
1563 } else
1564 continue;
1565 crypto_copydata(crp->crp_flags, crp->crp_buf,
1566 crd->crd_skip + crd->crd_len - ivsize, ivsize,
1567 (caddr_t)sc->sc_sessions[re->re_sesn].ses_iv);
1568 break;
1569 }
1570 }
1571
1572 if (re->re_flags & SAFE_QFLAGS_COPYOUTICV) {
1573 /* copy out ICV result */
1574 for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
1575 if (!(crd->crd_alg == CRYPTO_MD5_HMAC ||
1576 crd->crd_alg == CRYPTO_SHA1_HMAC ||
1577 crd->crd_alg == CRYPTO_NULL_HMAC))
1578 continue;
1579 if (crd->crd_alg == CRYPTO_SHA1_HMAC) {
1580 /*
1581 * SHA-1 ICV's are byte-swapped; fix 'em up
1582 * before copy them to their destination.
1583 */
1584 re->re_sastate.sa_saved_indigest[0] =
1585 bswap32(re->re_sastate.sa_saved_indigest[0]);
1586 re->re_sastate.sa_saved_indigest[1] =
1587 bswap32(re->re_sastate.sa_saved_indigest[1]);
1588 re->re_sastate.sa_saved_indigest[2] =
1589 bswap32(re->re_sastate.sa_saved_indigest[2]);
1590 }
1591 crypto_copyback(crp->crp_flags, crp->crp_buf,
1592 crd->crd_inject,
1593 sc->sc_sessions[re->re_sesn].ses_mlen,
1594 (caddr_t)re->re_sastate.sa_saved_indigest);
1595 break;
1596 }
1597 }
1598 crypto_done(crp);
1599}
1600
1601/*
1602 * Copy all data past offset from srcm to dstm.
1603 */
1604static void
1605safe_mcopy(struct mbuf *srcm, struct mbuf *dstm, u_int offset)
1606{
1607 u_int j, dlen, slen;
1608 caddr_t dptr, sptr;
1609
1610 /*
1611 * Advance src and dst to offset.
1612 */
1613 j = offset;
1614 while (j >= 0) {
1615 if (srcm->m_len > j)
1616 break;
1617 j -= srcm->m_len;
1618 srcm = srcm->m_next;
1619 if (srcm == NULL)
1620 return;
1621 }
1622 sptr = mtod(srcm, caddr_t) + j;
1623 slen = srcm->m_len - j;
1624
1625 j = offset;
1626 while (j >= 0) {
1627 if (dstm->m_len > j)
1628 break;
1629 j -= dstm->m_len;
1630 dstm = dstm->m_next;
1631 if (dstm == NULL)
1632 return;
1633 }
1634 dptr = mtod(dstm, caddr_t) + j;
1635 dlen = dstm->m_len - j;
1636
1637 /*
1638 * Copy everything that remains.
1639 */
1640 for (;;) {
1641 j = min(slen, dlen);
1642 bcopy(sptr, dptr, j);
1643 if (slen == j) {
1644 srcm = srcm->m_next;
1645 if (srcm == NULL)
1646 return;
1647 sptr = srcm->m_data;
1648 slen = srcm->m_len;
1649 } else
1650 sptr += j, slen -= j;
1651 if (dlen == j) {
1652 dstm = dstm->m_next;
1653 if (dstm == NULL)
1654 return;
1655 dptr = dstm->m_data;
1656 dlen = dstm->m_len;
1657 } else
1658 dptr += j, dlen -= j;
1659 }
1660}
1661
1662#ifndef SAFE_NO_RNG
1663#define SAFE_RNG_MAXWAIT 1000
1664
1665static void
1666safe_rng_init(struct safe_softc *sc)
1667{
1668 u_int32_t w, v;
1669 int i;
1670
1671 WRITE_REG(sc, SAFE_RNG_CTRL, 0);
1672 /* use default value according to the manual */
1673 WRITE_REG(sc, SAFE_RNG_CNFG, 0x834); /* magic from SafeNet */
1674 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0);
1675
1676 /*
1677 * There is a bug in rev 1.0 of the 1140 that when the RNG
1678 * is brought out of reset the ready status flag does not
1679 * work until the RNG has finished its internal initialization.
1680 *
1681 * So in order to determine the device is through its
1682 * initialization we must read the data register, using the
1683 * status reg in the read in case it is initialized. Then read
1684 * the data register until it changes from the first read.
1685 * Once it changes read the data register until it changes
1686 * again. At this time the RNG is considered initialized.
1687 * This could take between 750ms - 1000ms in time.
1688 */
1689 i = 0;
1690 w = READ_REG(sc, SAFE_RNG_OUT);
1691 do {
1692 v = READ_REG(sc, SAFE_RNG_OUT);
1693 if (v != w) {
1694 w = v;
1695 break;
1696 }
1697 DELAY(10);
1698 } while (++i < SAFE_RNG_MAXWAIT);
1699
1700 /* Wait Until data changes again */
1701 i = 0;
1702 do {
1703 v = READ_REG(sc, SAFE_RNG_OUT);
1704 if (v != w)
1705 break;
1706 DELAY(10);
1707 } while (++i < SAFE_RNG_MAXWAIT);
1708}
1709
1710static __inline void
1711safe_rng_disable_short_cycle(struct safe_softc *sc)
1712{
1713 WRITE_REG(sc, SAFE_RNG_CTRL,
1714 READ_REG(sc, SAFE_RNG_CTRL) &~ SAFE_RNG_CTRL_SHORTEN);
1715}
1716
1717static __inline void
1718safe_rng_enable_short_cycle(struct safe_softc *sc)
1719{
1720 WRITE_REG(sc, SAFE_RNG_CTRL,
1721 READ_REG(sc, SAFE_RNG_CTRL) | SAFE_RNG_CTRL_SHORTEN);
1722}
1723
1724static __inline u_int32_t
1725safe_rng_read(struct safe_softc *sc)
1726{
1727 int i;
1728
1729 i = 0;
1730 while (READ_REG(sc, SAFE_RNG_STAT) != 0 && ++i < SAFE_RNG_MAXWAIT)
1731 ;
1732 return READ_REG(sc, SAFE_RNG_OUT);
1733}
1734
1735static void
1736safe_rng(void *arg)
1737{
1738 struct safe_softc *sc = arg;
1739 u_int32_t buf[SAFE_RNG_MAXBUFSIZ]; /* NB: maybe move to softc */
1740 u_int maxwords;
1741 int i;
1742
1743 safestats.st_rng++;
1744 /*
1745 * Fetch the next block of data.
1746 */
1747 maxwords = safe_rngbufsize;
1748 if (maxwords > SAFE_RNG_MAXBUFSIZ)
1749 maxwords = SAFE_RNG_MAXBUFSIZ;
1750retry:
1751 for (i = 0; i < maxwords; i++)
1752 buf[i] = safe_rng_read(sc);
1753 /*
1754 * Check the comparator alarm count and reset the h/w if
1755 * it exceeds our threshold. This guards against the
1756 * hardware oscillators resonating with external signals.
1757 */
1758 if (READ_REG(sc, SAFE_RNG_ALM_CNT) > safe_rngmaxalarm) {
1759 u_int32_t freq_inc, w;
1760
1761 DPRINTF(("%s: alarm count %u exceeds threshold %u\n", __func__,
1762 READ_REG(sc, SAFE_RNG_ALM_CNT), safe_rngmaxalarm));
1763 safestats.st_rngalarm++;
1764 safe_rng_enable_short_cycle(sc);
1765 freq_inc = 18;
1766 for (i = 0; i < 64; i++) {
1767 w = READ_REG(sc, SAFE_RNG_CNFG);
1768 freq_inc = ((w + freq_inc) & 0x3fL);
1769 w = ((w & ~0x3fL) | freq_inc);
1770 WRITE_REG(sc, SAFE_RNG_CNFG, w);
1771
1772 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0);
1773
1774 (void) safe_rng_read(sc);
1775 DELAY(25);
1776
1777 if (READ_REG(sc, SAFE_RNG_ALM_CNT) == 0) {
1778 safe_rng_disable_short_cycle(sc);
1779 goto retry;
1780 }
1781 freq_inc = 1;
1782 }
1783 safe_rng_disable_short_cycle(sc);
1784 } else
1785 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0);
1786
1787 (*sc->sc_harvest)(sc->sc_rndtest, buf, maxwords*sizeof (u_int32_t));
1788 callout_reset(&sc->sc_rngto,
1789 hz * (safe_rnginterval ? safe_rnginterval : 1), safe_rng, sc);
1790}
1791#endif /* SAFE_NO_RNG */
1792
1793static void
1794safe_dmamap_cb(void *arg, bus_dma_segment_t *segs, int nseg, int error)
1795{
1796 bus_addr_t *paddr = (bus_addr_t*) arg;
1797 *paddr = segs->ds_addr;
1798}
1799
1800static int
1801safe_dma_malloc(
1802 struct safe_softc *sc,
1803 bus_size_t size,
1804 struct safe_dma_alloc *dma,
1805 int mapflags
1806)
1807{
1808 int r;
1809
1810 r = bus_dma_tag_create(NULL, /* parent */
1811 sizeof(u_int32_t), 0, /* alignment, bounds */
1812 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */
1813 BUS_SPACE_MAXADDR, /* highaddr */
1814 NULL, NULL, /* filter, filterarg */
1815 size, /* maxsize */
1816 1, /* nsegments */
1817 size, /* maxsegsize */
1818 BUS_DMA_ALLOCNOW, /* flags */
1819 NULL, NULL, /* locking */
1820 &dma->dma_tag);
1821 if (r != 0) {
1822 device_printf(sc->sc_dev, "safe_dma_malloc: "
1823 "bus_dma_tag_create failed; error %u\n", r);
1824 goto fail_0;
1825 }
1826
1827 r = bus_dmamap_create(dma->dma_tag, BUS_DMA_NOWAIT, &dma->dma_map);
1828 if (r != 0) {
1829 device_printf(sc->sc_dev, "safe_dma_malloc: "
1830 "bus_dmamap_create failed; error %u\n", r);
1831 goto fail_1;
1832 }
1833
1834 r = bus_dmamem_alloc(dma->dma_tag, (void**) &dma->dma_vaddr,
1835 BUS_DMA_NOWAIT, &dma->dma_map);
1836 if (r != 0) {
1837 device_printf(sc->sc_dev, "safe_dma_malloc: "
1838 "bus_dmammem_alloc failed; size %zu, error %u\n",
1839 size, r);
1840 goto fail_2;
1841 }
1842
1843 r = bus_dmamap_load(dma->dma_tag, dma->dma_map, dma->dma_vaddr,
1844 size,
1845 safe_dmamap_cb,
1846 &dma->dma_paddr,
1847 mapflags | BUS_DMA_NOWAIT);
1848 if (r != 0) {
1849 device_printf(sc->sc_dev, "safe_dma_malloc: "
1850 "bus_dmamap_load failed; error %u\n", r);
1851 goto fail_3;
1852 }
1853
1854 dma->dma_size = size;
1855 return (0);
1856
1857fail_3:
1858 bus_dmamap_unload(dma->dma_tag, dma->dma_map);
1859fail_2:
1860 bus_dmamem_free(dma->dma_tag, dma->dma_vaddr, dma->dma_map);
1861fail_1:
1862 bus_dmamap_destroy(dma->dma_tag, dma->dma_map);
1863 bus_dma_tag_destroy(dma->dma_tag);
1864fail_0:
1865 dma->dma_map = NULL;
1866 dma->dma_tag = NULL;
1867 return (r);
1868}
1869
1870static void
1871safe_dma_free(struct safe_softc *sc, struct safe_dma_alloc *dma)
1872{
1873 bus_dmamap_unload(dma->dma_tag, dma->dma_map);
1874 bus_dmamem_free(dma->dma_tag, dma->dma_vaddr, dma->dma_map);
1875 bus_dmamap_destroy(dma->dma_tag, dma->dma_map);
1876 bus_dma_tag_destroy(dma->dma_tag);
1877}
1878
1879/*
1880 * Resets the board. Values in the regesters are left as is
1881 * from the reset (i.e. initial values are assigned elsewhere).
1882 */
1883static void
1884safe_reset_board(struct safe_softc *sc)
1885{
1886 u_int32_t v;
1887 /*
1888 * Reset the device. The manual says no delay
1889 * is needed between marking and clearing reset.
1890 */
1891 v = READ_REG(sc, SAFE_PE_DMACFG) &~
1892 (SAFE_PE_DMACFG_PERESET | SAFE_PE_DMACFG_PDRRESET |
1893 SAFE_PE_DMACFG_SGRESET);
1894 WRITE_REG(sc, SAFE_PE_DMACFG, v
1895 | SAFE_PE_DMACFG_PERESET
1896 | SAFE_PE_DMACFG_PDRRESET
1897 | SAFE_PE_DMACFG_SGRESET);
1898 WRITE_REG(sc, SAFE_PE_DMACFG, v);
1899}
1900
1901/*
1902 * Initialize registers we need to touch only once.
1903 */
1904static void
1905safe_init_board(struct safe_softc *sc)
1906{
1907 u_int32_t v, dwords;
1908
1909 v = READ_REG(sc, SAFE_PE_DMACFG);
1910 v &=~ SAFE_PE_DMACFG_PEMODE;
1911 v |= SAFE_PE_DMACFG_FSENA /* failsafe enable */
1912 | SAFE_PE_DMACFG_GPRPCI /* gather ring on PCI */
1913 | SAFE_PE_DMACFG_SPRPCI /* scatter ring on PCI */
1914 | SAFE_PE_DMACFG_ESDESC /* endian-swap descriptors */
1915 | SAFE_PE_DMACFG_ESSA /* endian-swap SA's */
1916 | SAFE_PE_DMACFG_ESPDESC /* endian-swap part. desc's */
1917 ;
1918 WRITE_REG(sc, SAFE_PE_DMACFG, v);
1919#if 0
1920 /* XXX select byte swap based on host byte order */
1921 WRITE_REG(sc, SAFE_ENDIAN, 0x1b);
1922#endif
1923 if (sc->sc_chiprev == SAFE_REV(1,0)) {
1924 /*
1925 * Avoid large PCI DMA transfers. Rev 1.0 has a bug where
1926 * "target mode transfers" done while the chip is DMA'ing
1927 * >1020 bytes cause the hardware to lockup. To avoid this
1928 * we reduce the max PCI transfer size and use small source
1929 * particle descriptors (<= 256 bytes).
1930 */
1931 WRITE_REG(sc, SAFE_DMA_CFG, 256);
1932 device_printf(sc->sc_dev,
1933 "Reduce max DMA size to %u words for rev %u.%u WAR\n",
1934 (READ_REG(sc, SAFE_DMA_CFG)>>2) & 0xff,
1935 SAFE_REV_MAJ(sc->sc_chiprev),
1936 SAFE_REV_MIN(sc->sc_chiprev));
1937 }
1938
1939 /* NB: operands+results are overlaid */
1940 WRITE_REG(sc, SAFE_PE_PDRBASE, sc->sc_ringalloc.dma_paddr);
1941 WRITE_REG(sc, SAFE_PE_RDRBASE, sc->sc_ringalloc.dma_paddr);
1942 /*
1943 * Configure ring entry size and number of items in the ring.
1944 */
1945 KASSERT((sizeof(struct safe_ringentry) % sizeof(u_int32_t)) == 0,
1946 ("PE ring entry not 32-bit aligned!"));
1947 dwords = sizeof(struct safe_ringentry) / sizeof(u_int32_t);
1948 WRITE_REG(sc, SAFE_PE_RINGCFG,
1949 (dwords << SAFE_PE_RINGCFG_OFFSET_S) | SAFE_MAX_NQUEUE);
1950 WRITE_REG(sc, SAFE_PE_RINGPOLL, 0); /* disable polling */
1951
1952 WRITE_REG(sc, SAFE_PE_GRNGBASE, sc->sc_spalloc.dma_paddr);
1953 WRITE_REG(sc, SAFE_PE_SRNGBASE, sc->sc_dpalloc.dma_paddr);
1954 WRITE_REG(sc, SAFE_PE_PARTSIZE,
1955 (SAFE_TOTAL_DPART<<16) | SAFE_TOTAL_SPART);
1956 /*
1957 * NB: destination particles are fixed size. We use
1958 * an mbuf cluster and require all results go to
1959 * clusters or smaller.
1960 */
1961 WRITE_REG(sc, SAFE_PE_PARTCFG, SAFE_MAX_DSIZE);
1962
1963 /* it's now safe to enable PE mode, do it */
1964 WRITE_REG(sc, SAFE_PE_DMACFG, v | SAFE_PE_DMACFG_PEMODE);
1965
1966 /*
1967 * Configure hardware to use level-triggered interrupts and
1968 * to interrupt after each descriptor is processed.
1969 */
1970 WRITE_REG(sc, SAFE_HI_CFG, SAFE_HI_CFG_LEVEL);
1971 WRITE_REG(sc, SAFE_HI_DESC_CNT, 1);
1972 WRITE_REG(sc, SAFE_HI_MASK, SAFE_INT_PE_DDONE | SAFE_INT_PE_ERROR);
1973}
1974
1975/*
1976 * Init PCI registers
1977 */
1978static void
1979safe_init_pciregs(device_t dev)
1980{
1981}
1982
1983/*
1984 * Clean up after a chip crash.
1985 * It is assumed that the caller in splimp()
1986 */
1987static void
1988safe_cleanchip(struct safe_softc *sc)
1989{
1990
1991 if (sc->sc_nqchip != 0) {
1992 struct safe_ringentry *re = sc->sc_back;
1993
1994 while (re != sc->sc_front) {
1995 if (re->re_desc.d_csr != 0)
1996 safe_free_entry(sc, re);
1997 if (++re == sc->sc_ringtop)
1998 re = sc->sc_ring;
1999 }
2000 sc->sc_back = re;
2001 sc->sc_nqchip = 0;
2002 }
2003}
2004
2005/*
2006 * free a safe_q
2007 * It is assumed that the caller is within splimp().
2008 */
2009static int
2010safe_free_entry(struct safe_softc *sc, struct safe_ringentry *re)
2011{
2012 struct cryptop *crp;
2013
2014 /*
2015 * Free header MCR
2016 */
2017 if ((re->re_dst_m != NULL) && (re->re_src_m != re->re_dst_m))
2018 m_freem(re->re_dst_m);
2019
2020 crp = (struct cryptop *)re->re_crp;
2021
2022 re->re_desc.d_csr = 0;
2023
2024 crp->crp_etype = EFAULT;
2025 crypto_done(crp);
2026 return(0);
2027}
2028
2029/*
2030 * Routine to reset the chip and clean up.
2031 * It is assumed that the caller is in splimp()
2032 */
2033static void
2034safe_totalreset(struct safe_softc *sc)
2035{
2036 safe_reset_board(sc);
2037 safe_init_board(sc);
2038 safe_cleanchip(sc);
2039}
2040
2041/*
2042 * Is the operand suitable aligned for direct DMA. Each
2043 * segment must be aligned on a 32-bit boundary and all
2044 * but the last segment must be a multiple of 4 bytes.
2045 */
2046static int
2047safe_dmamap_aligned(const struct safe_operand *op)
2048{
2049 int i;
2050
2051 for (i = 0; i < op->nsegs; i++) {
2052 if (op->segs[i].ds_addr & 3)
2053 return (0);
2054 if (i != (op->nsegs - 1) && (op->segs[i].ds_len & 3))
2055 return (0);
2056 }
2057 return (1);
2058}
2059
2060/*
2061 * Is the operand suitable for direct DMA as the destination
2062 * of an operation. The hardware requires that each ``particle''
2063 * but the last in an operation result have the same size. We
2064 * fix that size at SAFE_MAX_DSIZE bytes. This routine returns
2065 * 0 if some segment is not a multiple of of this size, 1 if all
2066 * segments are exactly this size, or 2 if segments are at worst
2067 * a multple of this size.
2068 */
2069static int
2070safe_dmamap_uniform(const struct safe_operand *op)
2071{
2072 int result = 1;
2073
2074 if (op->nsegs > 0) {
2075 int i;
2076
2077 for (i = 0; i < op->nsegs-1; i++) {
2078 if (op->segs[i].ds_len % SAFE_MAX_DSIZE)
2079 return (0);
2080 if (op->segs[i].ds_len != SAFE_MAX_DSIZE)
2081 result = 2;
2082 }
2083 }
2084 return (result);
2085}
2086
2087#ifdef SAFE_DEBUG
2088static void
2089safe_dump_dmastatus(struct safe_softc *sc, const char *tag)
2090{
2091 printf("%s: ENDIAN 0x%x SRC 0x%x DST 0x%x STAT 0x%x\n"
2092 , tag
2093 , READ_REG(sc, SAFE_DMA_ENDIAN)
2094 , READ_REG(sc, SAFE_DMA_SRCADDR)
2095 , READ_REG(sc, SAFE_DMA_DSTADDR)
2096 , READ_REG(sc, SAFE_DMA_STAT)
2097 );
2098}
2099
2100static void
2101safe_dump_intrstate(struct safe_softc *sc, const char *tag)
2102{
2103 printf("%s: HI_CFG 0x%x HI_MASK 0x%x HI_DESC_CNT 0x%x HU_STAT 0x%x HM_STAT 0x%x\n"
2104 , tag
2105 , READ_REG(sc, SAFE_HI_CFG)
2106 , READ_REG(sc, SAFE_HI_MASK)
2107 , READ_REG(sc, SAFE_HI_DESC_CNT)
2108 , READ_REG(sc, SAFE_HU_STAT)
2109 , READ_REG(sc, SAFE_HM_STAT)
2110 );
2111}
2112
2113static void
2114safe_dump_ringstate(struct safe_softc *sc, const char *tag)
2115{
2116 u_int32_t estat = READ_REG(sc, SAFE_PE_ERNGSTAT);
2117
2118 /* NB: assume caller has lock on ring */
2119 printf("%s: ERNGSTAT %x (next %u) back %lu front %lu\n",
2120 tag,
2121 estat, (estat >> SAFE_PE_ERNGSTAT_NEXT_S),
2122 (unsigned long)(sc->sc_back - sc->sc_ring),
2123 (unsigned long)(sc->sc_front - sc->sc_ring));
2124}
2125
2126static void
2127safe_dump_request(struct safe_softc *sc, const char* tag, struct safe_ringentry *re)
2128{
2129 int ix, nsegs;
2130
2131 ix = re - sc->sc_ring;
2132 printf("%s: %p (%u): csr %x src %x dst %x sa %x len %x\n"
2133 , tag
2134 , re, ix
2135 , re->re_desc.d_csr
2136 , re->re_desc.d_src
2137 , re->re_desc.d_dst
2138 , re->re_desc.d_sa
2139 , re->re_desc.d_len
2140 );
2141 if (re->re_src.nsegs > 1) {
2142 ix = (re->re_desc.d_src - sc->sc_spalloc.dma_paddr) /
2143 sizeof(struct safe_pdesc);
2144 for (nsegs = re->re_src.nsegs; nsegs; nsegs--) {
2145 printf(" spd[%u] %p: %p size %u flags %x"
2146 , ix, &sc->sc_spring[ix]
2147 , (caddr_t)(uintptr_t) sc->sc_spring[ix].pd_addr
2148 , sc->sc_spring[ix].pd_size
2149 , sc->sc_spring[ix].pd_flags
2150 );
2151 if (sc->sc_spring[ix].pd_size == 0)
2152 printf(" (zero!)");
2153 printf("\n");
2154 if (++ix == SAFE_TOTAL_SPART)
2155 ix = 0;
2156 }
2157 }
2158 if (re->re_dst.nsegs > 1) {
2159 ix = (re->re_desc.d_dst - sc->sc_dpalloc.dma_paddr) /
2160 sizeof(struct safe_pdesc);
2161 for (nsegs = re->re_dst.nsegs; nsegs; nsegs--) {
2162 printf(" dpd[%u] %p: %p flags %x\n"
2163 , ix, &sc->sc_dpring[ix]
2164 , (caddr_t)(uintptr_t) sc->sc_dpring[ix].pd_addr
2165 , sc->sc_dpring[ix].pd_flags
2166 );
2167 if (++ix == SAFE_TOTAL_DPART)
2168 ix = 0;
2169 }
2170 }
2171 printf("sa: cmd0 %08x cmd1 %08x staterec %x\n",
2172 re->re_sa.sa_cmd0, re->re_sa.sa_cmd1, re->re_sa.sa_staterec);
2173 printf("sa: key %x %x %x %x %x %x %x %x\n"
2174 , re->re_sa.sa_key[0]
2175 , re->re_sa.sa_key[1]
2176 , re->re_sa.sa_key[2]
2177 , re->re_sa.sa_key[3]
2178 , re->re_sa.sa_key[4]
2179 , re->re_sa.sa_key[5]
2180 , re->re_sa.sa_key[6]
2181 , re->re_sa.sa_key[7]
2182 );
2183 printf("sa: indigest %x %x %x %x %x\n"
2184 , re->re_sa.sa_indigest[0]
2185 , re->re_sa.sa_indigest[1]
2186 , re->re_sa.sa_indigest[2]
2187 , re->re_sa.sa_indigest[3]
2188 , re->re_sa.sa_indigest[4]
2189 );
2190 printf("sa: outdigest %x %x %x %x %x\n"
2191 , re->re_sa.sa_outdigest[0]
2192 , re->re_sa.sa_outdigest[1]
2193 , re->re_sa.sa_outdigest[2]
2194 , re->re_sa.sa_outdigest[3]
2195 , re->re_sa.sa_outdigest[4]
2196 );
2197 printf("sr: iv %x %x %x %x\n"
2198 , re->re_sastate.sa_saved_iv[0]
2199 , re->re_sastate.sa_saved_iv[1]
2200 , re->re_sastate.sa_saved_iv[2]
2201 , re->re_sastate.sa_saved_iv[3]
2202 );
2203 printf("sr: hashbc %u indigest %x %x %x %x %x\n"
2204 , re->re_sastate.sa_saved_hashbc
2205 , re->re_sastate.sa_saved_indigest[0]
2206 , re->re_sastate.sa_saved_indigest[1]
2207 , re->re_sastate.sa_saved_indigest[2]
2208 , re->re_sastate.sa_saved_indigest[3]
2209 , re->re_sastate.sa_saved_indigest[4]
2210 );
2211}
2212
2213static void
2214safe_dump_ring(struct safe_softc *sc, const char *tag)
2215{
2216 mtx_lock(&sc->sc_ringmtx);
2217 printf("\nSafeNet Ring State:\n");
2218 safe_dump_intrstate(sc, tag);
2219 safe_dump_dmastatus(sc, tag);
2220 safe_dump_ringstate(sc, tag);
2221 if (sc->sc_nqchip) {
2222 struct safe_ringentry *re = sc->sc_back;
2223 do {
2224 safe_dump_request(sc, tag, re);
2225 if (++re == sc->sc_ringtop)
2226 re = sc->sc_ring;
2227 } while (re != sc->sc_front);
2228 }
2229 mtx_unlock(&sc->sc_ringmtx);
2230}
2231
2232static int
2233sysctl_hw_safe_dump(SYSCTL_HANDLER_ARGS)
2234{
2235 char dmode[64];
2236 int error;
2237
2238 strncpy(dmode, "", sizeof(dmode) - 1);
2239 dmode[sizeof(dmode) - 1] = '\0';
2240 error = sysctl_handle_string(oidp, &dmode[0], sizeof(dmode), req);
2241
2242 if (error == 0 && req->newptr != NULL) {
2243 struct safe_softc *sc = safec;
2244
2245 if (!sc)
2246 return EINVAL;
2247 if (strncmp(dmode, "dma", 3) == 0)
2248 safe_dump_dmastatus(sc, "safe0");
2249 else if (strncmp(dmode, "int", 3) == 0)
2250 safe_dump_intrstate(sc, "safe0");
2251 else if (strncmp(dmode, "ring", 4) == 0)
2252 safe_dump_ring(sc, "safe0");
2253 else
2254 return EINVAL;
2255 }
2256 return error;
2257}
2258SYSCTL_PROC(_hw_safe, OID_AUTO, dump, CTLTYPE_STRING | CTLFLAG_RW,
2259 0, 0, sysctl_hw_safe_dump, "A", "Dump driver state");
2260#endif /* SAFE_DEBUG */
2 * Copyright (c) 2003 Sam Leffler, Errno Consulting
3 * Copyright (c) 2003 Global Technology Associates, Inc.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28#include <sys/cdefs.h>
29__FBSDID("$FreeBSD: head/sys/dev/safe/safe.c 227309 2011-11-07 15:43:11Z ed $");
30
31/*
32 * SafeNet SafeXcel-1141 hardware crypto accelerator
33 */
34#include "opt_safe.h"
35
36#include <sys/param.h>
37#include <sys/systm.h>
38#include <sys/proc.h>
39#include <sys/errno.h>
40#include <sys/malloc.h>
41#include <sys/kernel.h>
42#include <sys/mbuf.h>
43#include <sys/module.h>
44#include <sys/lock.h>
45#include <sys/mutex.h>
46#include <sys/sysctl.h>
47#include <sys/endian.h>
48
49#include <vm/vm.h>
50#include <vm/pmap.h>
51
52#include <machine/bus.h>
53#include <machine/resource.h>
54#include <sys/bus.h>
55#include <sys/rman.h>
56
57#include <crypto/sha1.h>
58#include <opencrypto/cryptodev.h>
59#include <opencrypto/cryptosoft.h>
60#include <sys/md5.h>
61#include <sys/random.h>
62#include <sys/kobj.h>
63
64#include "cryptodev_if.h"
65
66#include <dev/pci/pcivar.h>
67#include <dev/pci/pcireg.h>
68
69#ifdef SAFE_RNDTEST
70#include <dev/rndtest/rndtest.h>
71#endif
72#include <dev/safe/safereg.h>
73#include <dev/safe/safevar.h>
74
75#ifndef bswap32
76#define bswap32 NTOHL
77#endif
78
79/*
80 * Prototypes and count for the pci_device structure
81 */
82static int safe_probe(device_t);
83static int safe_attach(device_t);
84static int safe_detach(device_t);
85static int safe_suspend(device_t);
86static int safe_resume(device_t);
87static int safe_shutdown(device_t);
88
89static int safe_newsession(device_t, u_int32_t *, struct cryptoini *);
90static int safe_freesession(device_t, u_int64_t);
91static int safe_process(device_t, struct cryptop *, int);
92
93static device_method_t safe_methods[] = {
94 /* Device interface */
95 DEVMETHOD(device_probe, safe_probe),
96 DEVMETHOD(device_attach, safe_attach),
97 DEVMETHOD(device_detach, safe_detach),
98 DEVMETHOD(device_suspend, safe_suspend),
99 DEVMETHOD(device_resume, safe_resume),
100 DEVMETHOD(device_shutdown, safe_shutdown),
101
102 /* bus interface */
103 DEVMETHOD(bus_print_child, bus_generic_print_child),
104 DEVMETHOD(bus_driver_added, bus_generic_driver_added),
105
106 /* crypto device methods */
107 DEVMETHOD(cryptodev_newsession, safe_newsession),
108 DEVMETHOD(cryptodev_freesession,safe_freesession),
109 DEVMETHOD(cryptodev_process, safe_process),
110
111 { 0, 0 }
112};
113static driver_t safe_driver = {
114 "safe",
115 safe_methods,
116 sizeof (struct safe_softc)
117};
118static devclass_t safe_devclass;
119
120DRIVER_MODULE(safe, pci, safe_driver, safe_devclass, 0, 0);
121MODULE_DEPEND(safe, crypto, 1, 1, 1);
122#ifdef SAFE_RNDTEST
123MODULE_DEPEND(safe, rndtest, 1, 1, 1);
124#endif
125
126static void safe_intr(void *);
127static void safe_callback(struct safe_softc *, struct safe_ringentry *);
128static void safe_feed(struct safe_softc *, struct safe_ringentry *);
129static void safe_mcopy(struct mbuf *, struct mbuf *, u_int);
130#ifndef SAFE_NO_RNG
131static void safe_rng_init(struct safe_softc *);
132static void safe_rng(void *);
133#endif /* SAFE_NO_RNG */
134static int safe_dma_malloc(struct safe_softc *, bus_size_t,
135 struct safe_dma_alloc *, int);
136#define safe_dma_sync(_dma, _flags) \
137 bus_dmamap_sync((_dma)->dma_tag, (_dma)->dma_map, (_flags))
138static void safe_dma_free(struct safe_softc *, struct safe_dma_alloc *);
139static int safe_dmamap_aligned(const struct safe_operand *);
140static int safe_dmamap_uniform(const struct safe_operand *);
141
142static void safe_reset_board(struct safe_softc *);
143static void safe_init_board(struct safe_softc *);
144static void safe_init_pciregs(device_t dev);
145static void safe_cleanchip(struct safe_softc *);
146static void safe_totalreset(struct safe_softc *);
147
148static int safe_free_entry(struct safe_softc *, struct safe_ringentry *);
149
150static SYSCTL_NODE(_hw, OID_AUTO, safe, CTLFLAG_RD, 0,
151 "SafeNet driver parameters");
152
153#ifdef SAFE_DEBUG
154static void safe_dump_dmastatus(struct safe_softc *, const char *);
155static void safe_dump_ringstate(struct safe_softc *, const char *);
156static void safe_dump_intrstate(struct safe_softc *, const char *);
157static void safe_dump_request(struct safe_softc *, const char *,
158 struct safe_ringentry *);
159
160static struct safe_softc *safec; /* for use by hw.safe.dump */
161
162static int safe_debug = 0;
163SYSCTL_INT(_hw_safe, OID_AUTO, debug, CTLFLAG_RW, &safe_debug,
164 0, "control debugging msgs");
165#define DPRINTF(_x) if (safe_debug) printf _x
166#else
167#define DPRINTF(_x)
168#endif
169
170#define READ_REG(sc,r) \
171 bus_space_read_4((sc)->sc_st, (sc)->sc_sh, (r))
172
173#define WRITE_REG(sc,reg,val) \
174 bus_space_write_4((sc)->sc_st, (sc)->sc_sh, reg, val)
175
176struct safe_stats safestats;
177SYSCTL_STRUCT(_hw_safe, OID_AUTO, stats, CTLFLAG_RD, &safestats,
178 safe_stats, "driver statistics");
179#ifndef SAFE_NO_RNG
180static int safe_rnginterval = 1; /* poll once a second */
181SYSCTL_INT(_hw_safe, OID_AUTO, rnginterval, CTLFLAG_RW, &safe_rnginterval,
182 0, "RNG polling interval (secs)");
183static int safe_rngbufsize = 16; /* 64 bytes each poll */
184SYSCTL_INT(_hw_safe, OID_AUTO, rngbufsize, CTLFLAG_RW, &safe_rngbufsize,
185 0, "RNG polling buffer size (32-bit words)");
186static int safe_rngmaxalarm = 8; /* max alarms before reset */
187SYSCTL_INT(_hw_safe, OID_AUTO, rngmaxalarm, CTLFLAG_RW, &safe_rngmaxalarm,
188 0, "RNG max alarms before reset");
189#endif /* SAFE_NO_RNG */
190
191static int
192safe_probe(device_t dev)
193{
194 if (pci_get_vendor(dev) == PCI_VENDOR_SAFENET &&
195 pci_get_device(dev) == PCI_PRODUCT_SAFEXCEL)
196 return (BUS_PROBE_DEFAULT);
197 return (ENXIO);
198}
199
200static const char*
201safe_partname(struct safe_softc *sc)
202{
203 /* XXX sprintf numbers when not decoded */
204 switch (pci_get_vendor(sc->sc_dev)) {
205 case PCI_VENDOR_SAFENET:
206 switch (pci_get_device(sc->sc_dev)) {
207 case PCI_PRODUCT_SAFEXCEL: return "SafeNet SafeXcel-1141";
208 }
209 return "SafeNet unknown-part";
210 }
211 return "Unknown-vendor unknown-part";
212}
213
214#ifndef SAFE_NO_RNG
215static void
216default_harvest(struct rndtest_state *rsp, void *buf, u_int count)
217{
218 random_harvest(buf, count, count*NBBY, 0, RANDOM_PURE);
219}
220#endif /* SAFE_NO_RNG */
221
222static int
223safe_attach(device_t dev)
224{
225 struct safe_softc *sc = device_get_softc(dev);
226 u_int32_t raddr;
227 u_int32_t cmd, i, devinfo;
228 int rid;
229
230 bzero(sc, sizeof (*sc));
231 sc->sc_dev = dev;
232
233 /* XXX handle power management */
234
235 cmd = pci_read_config(dev, PCIR_COMMAND, 4);
236 cmd |= PCIM_CMD_MEMEN | PCIM_CMD_BUSMASTEREN;
237 pci_write_config(dev, PCIR_COMMAND, cmd, 4);
238 cmd = pci_read_config(dev, PCIR_COMMAND, 4);
239
240 if (!(cmd & PCIM_CMD_MEMEN)) {
241 device_printf(dev, "failed to enable memory mapping\n");
242 goto bad;
243 }
244
245 if (!(cmd & PCIM_CMD_BUSMASTEREN)) {
246 device_printf(dev, "failed to enable bus mastering\n");
247 goto bad;
248 }
249
250 /*
251 * Setup memory-mapping of PCI registers.
252 */
253 rid = BS_BAR;
254 sc->sc_sr = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid,
255 RF_ACTIVE);
256 if (sc->sc_sr == NULL) {
257 device_printf(dev, "cannot map register space\n");
258 goto bad;
259 }
260 sc->sc_st = rman_get_bustag(sc->sc_sr);
261 sc->sc_sh = rman_get_bushandle(sc->sc_sr);
262
263 /*
264 * Arrange interrupt line.
265 */
266 rid = 0;
267 sc->sc_irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid,
268 RF_SHAREABLE|RF_ACTIVE);
269 if (sc->sc_irq == NULL) {
270 device_printf(dev, "could not map interrupt\n");
271 goto bad1;
272 }
273 /*
274 * NB: Network code assumes we are blocked with splimp()
275 * so make sure the IRQ is mapped appropriately.
276 */
277 if (bus_setup_intr(dev, sc->sc_irq, INTR_TYPE_NET | INTR_MPSAFE,
278 NULL, safe_intr, sc, &sc->sc_ih)) {
279 device_printf(dev, "could not establish interrupt\n");
280 goto bad2;
281 }
282
283 sc->sc_cid = crypto_get_driverid(dev, CRYPTOCAP_F_HARDWARE);
284 if (sc->sc_cid < 0) {
285 device_printf(dev, "could not get crypto driver id\n");
286 goto bad3;
287 }
288
289 sc->sc_chiprev = READ_REG(sc, SAFE_DEVINFO) &
290 (SAFE_DEVINFO_REV_MAJ | SAFE_DEVINFO_REV_MIN);
291
292 /*
293 * Setup DMA descriptor area.
294 */
295 if (bus_dma_tag_create(NULL, /* parent */
296 1, /* alignment */
297 SAFE_DMA_BOUNDARY, /* boundary */
298 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */
299 BUS_SPACE_MAXADDR, /* highaddr */
300 NULL, NULL, /* filter, filterarg */
301 SAFE_MAX_DMA, /* maxsize */
302 SAFE_MAX_PART, /* nsegments */
303 SAFE_MAX_SSIZE, /* maxsegsize */
304 BUS_DMA_ALLOCNOW, /* flags */
305 NULL, NULL, /* locking */
306 &sc->sc_srcdmat)) {
307 device_printf(dev, "cannot allocate DMA tag\n");
308 goto bad4;
309 }
310 if (bus_dma_tag_create(NULL, /* parent */
311 1, /* alignment */
312 SAFE_MAX_DSIZE, /* boundary */
313 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */
314 BUS_SPACE_MAXADDR, /* highaddr */
315 NULL, NULL, /* filter, filterarg */
316 SAFE_MAX_DMA, /* maxsize */
317 SAFE_MAX_PART, /* nsegments */
318 SAFE_MAX_DSIZE, /* maxsegsize */
319 BUS_DMA_ALLOCNOW, /* flags */
320 NULL, NULL, /* locking */
321 &sc->sc_dstdmat)) {
322 device_printf(dev, "cannot allocate DMA tag\n");
323 goto bad4;
324 }
325
326 /*
327 * Allocate packet engine descriptors.
328 */
329 if (safe_dma_malloc(sc,
330 SAFE_MAX_NQUEUE * sizeof (struct safe_ringentry),
331 &sc->sc_ringalloc, 0)) {
332 device_printf(dev, "cannot allocate PE descriptor ring\n");
333 bus_dma_tag_destroy(sc->sc_srcdmat);
334 goto bad4;
335 }
336 /*
337 * Hookup the static portion of all our data structures.
338 */
339 sc->sc_ring = (struct safe_ringentry *) sc->sc_ringalloc.dma_vaddr;
340 sc->sc_ringtop = sc->sc_ring + SAFE_MAX_NQUEUE;
341 sc->sc_front = sc->sc_ring;
342 sc->sc_back = sc->sc_ring;
343 raddr = sc->sc_ringalloc.dma_paddr;
344 bzero(sc->sc_ring, SAFE_MAX_NQUEUE * sizeof(struct safe_ringentry));
345 for (i = 0; i < SAFE_MAX_NQUEUE; i++) {
346 struct safe_ringentry *re = &sc->sc_ring[i];
347
348 re->re_desc.d_sa = raddr +
349 offsetof(struct safe_ringentry, re_sa);
350 re->re_sa.sa_staterec = raddr +
351 offsetof(struct safe_ringentry, re_sastate);
352
353 raddr += sizeof (struct safe_ringentry);
354 }
355 mtx_init(&sc->sc_ringmtx, device_get_nameunit(dev),
356 "packet engine ring", MTX_DEF);
357
358 /*
359 * Allocate scatter and gather particle descriptors.
360 */
361 if (safe_dma_malloc(sc, SAFE_TOTAL_SPART * sizeof (struct safe_pdesc),
362 &sc->sc_spalloc, 0)) {
363 device_printf(dev, "cannot allocate source particle "
364 "descriptor ring\n");
365 mtx_destroy(&sc->sc_ringmtx);
366 safe_dma_free(sc, &sc->sc_ringalloc);
367 bus_dma_tag_destroy(sc->sc_srcdmat);
368 goto bad4;
369 }
370 sc->sc_spring = (struct safe_pdesc *) sc->sc_spalloc.dma_vaddr;
371 sc->sc_springtop = sc->sc_spring + SAFE_TOTAL_SPART;
372 sc->sc_spfree = sc->sc_spring;
373 bzero(sc->sc_spring, SAFE_TOTAL_SPART * sizeof(struct safe_pdesc));
374
375 if (safe_dma_malloc(sc, SAFE_TOTAL_DPART * sizeof (struct safe_pdesc),
376 &sc->sc_dpalloc, 0)) {
377 device_printf(dev, "cannot allocate destination particle "
378 "descriptor ring\n");
379 mtx_destroy(&sc->sc_ringmtx);
380 safe_dma_free(sc, &sc->sc_spalloc);
381 safe_dma_free(sc, &sc->sc_ringalloc);
382 bus_dma_tag_destroy(sc->sc_dstdmat);
383 goto bad4;
384 }
385 sc->sc_dpring = (struct safe_pdesc *) sc->sc_dpalloc.dma_vaddr;
386 sc->sc_dpringtop = sc->sc_dpring + SAFE_TOTAL_DPART;
387 sc->sc_dpfree = sc->sc_dpring;
388 bzero(sc->sc_dpring, SAFE_TOTAL_DPART * sizeof(struct safe_pdesc));
389
390 device_printf(sc->sc_dev, "%s", safe_partname(sc));
391
392 devinfo = READ_REG(sc, SAFE_DEVINFO);
393 if (devinfo & SAFE_DEVINFO_RNG) {
394 sc->sc_flags |= SAFE_FLAGS_RNG;
395 printf(" rng");
396 }
397 if (devinfo & SAFE_DEVINFO_PKEY) {
398#if 0
399 printf(" key");
400 sc->sc_flags |= SAFE_FLAGS_KEY;
401 crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0);
402 crypto_kregister(sc->sc_cid, CRK_MOD_EXP_CRT, 0);
403#endif
404 }
405 if (devinfo & SAFE_DEVINFO_DES) {
406 printf(" des/3des");
407 crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0);
408 crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0);
409 }
410 if (devinfo & SAFE_DEVINFO_AES) {
411 printf(" aes");
412 crypto_register(sc->sc_cid, CRYPTO_AES_CBC, 0, 0);
413 }
414 if (devinfo & SAFE_DEVINFO_MD5) {
415 printf(" md5");
416 crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0);
417 }
418 if (devinfo & SAFE_DEVINFO_SHA1) {
419 printf(" sha1");
420 crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0);
421 }
422 printf(" null");
423 crypto_register(sc->sc_cid, CRYPTO_NULL_CBC, 0, 0);
424 crypto_register(sc->sc_cid, CRYPTO_NULL_HMAC, 0, 0);
425 /* XXX other supported algorithms */
426 printf("\n");
427
428 safe_reset_board(sc); /* reset h/w */
429 safe_init_pciregs(dev); /* init pci settings */
430 safe_init_board(sc); /* init h/w */
431
432#ifndef SAFE_NO_RNG
433 if (sc->sc_flags & SAFE_FLAGS_RNG) {
434#ifdef SAFE_RNDTEST
435 sc->sc_rndtest = rndtest_attach(dev);
436 if (sc->sc_rndtest)
437 sc->sc_harvest = rndtest_harvest;
438 else
439 sc->sc_harvest = default_harvest;
440#else
441 sc->sc_harvest = default_harvest;
442#endif
443 safe_rng_init(sc);
444
445 callout_init(&sc->sc_rngto, CALLOUT_MPSAFE);
446 callout_reset(&sc->sc_rngto, hz*safe_rnginterval, safe_rng, sc);
447 }
448#endif /* SAFE_NO_RNG */
449#ifdef SAFE_DEBUG
450 safec = sc; /* for use by hw.safe.dump */
451#endif
452 return (0);
453bad4:
454 crypto_unregister_all(sc->sc_cid);
455bad3:
456 bus_teardown_intr(dev, sc->sc_irq, sc->sc_ih);
457bad2:
458 bus_release_resource(dev, SYS_RES_IRQ, 0, sc->sc_irq);
459bad1:
460 bus_release_resource(dev, SYS_RES_MEMORY, BS_BAR, sc->sc_sr);
461bad:
462 return (ENXIO);
463}
464
465/*
466 * Detach a device that successfully probed.
467 */
468static int
469safe_detach(device_t dev)
470{
471 struct safe_softc *sc = device_get_softc(dev);
472
473 /* XXX wait/abort active ops */
474
475 WRITE_REG(sc, SAFE_HI_MASK, 0); /* disable interrupts */
476
477 callout_stop(&sc->sc_rngto);
478
479 crypto_unregister_all(sc->sc_cid);
480
481#ifdef SAFE_RNDTEST
482 if (sc->sc_rndtest)
483 rndtest_detach(sc->sc_rndtest);
484#endif
485
486 safe_cleanchip(sc);
487 safe_dma_free(sc, &sc->sc_dpalloc);
488 safe_dma_free(sc, &sc->sc_spalloc);
489 mtx_destroy(&sc->sc_ringmtx);
490 safe_dma_free(sc, &sc->sc_ringalloc);
491
492 bus_generic_detach(dev);
493 bus_teardown_intr(dev, sc->sc_irq, sc->sc_ih);
494 bus_release_resource(dev, SYS_RES_IRQ, 0, sc->sc_irq);
495
496 bus_dma_tag_destroy(sc->sc_srcdmat);
497 bus_dma_tag_destroy(sc->sc_dstdmat);
498 bus_release_resource(dev, SYS_RES_MEMORY, BS_BAR, sc->sc_sr);
499
500 return (0);
501}
502
503/*
504 * Stop all chip i/o so that the kernel's probe routines don't
505 * get confused by errant DMAs when rebooting.
506 */
507static int
508safe_shutdown(device_t dev)
509{
510#ifdef notyet
511 safe_stop(device_get_softc(dev));
512#endif
513 return (0);
514}
515
516/*
517 * Device suspend routine.
518 */
519static int
520safe_suspend(device_t dev)
521{
522 struct safe_softc *sc = device_get_softc(dev);
523
524#ifdef notyet
525 /* XXX stop the device and save PCI settings */
526#endif
527 sc->sc_suspended = 1;
528
529 return (0);
530}
531
532static int
533safe_resume(device_t dev)
534{
535 struct safe_softc *sc = device_get_softc(dev);
536
537#ifdef notyet
538 /* XXX retore PCI settings and start the device */
539#endif
540 sc->sc_suspended = 0;
541 return (0);
542}
543
544/*
545 * SafeXcel Interrupt routine
546 */
547static void
548safe_intr(void *arg)
549{
550 struct safe_softc *sc = arg;
551 volatile u_int32_t stat;
552
553 stat = READ_REG(sc, SAFE_HM_STAT);
554 if (stat == 0) /* shared irq, not for us */
555 return;
556
557 WRITE_REG(sc, SAFE_HI_CLR, stat); /* IACK */
558
559 if ((stat & SAFE_INT_PE_DDONE)) {
560 /*
561 * Descriptor(s) done; scan the ring and
562 * process completed operations.
563 */
564 mtx_lock(&sc->sc_ringmtx);
565 while (sc->sc_back != sc->sc_front) {
566 struct safe_ringentry *re = sc->sc_back;
567#ifdef SAFE_DEBUG
568 if (safe_debug) {
569 safe_dump_ringstate(sc, __func__);
570 safe_dump_request(sc, __func__, re);
571 }
572#endif
573 /*
574 * safe_process marks ring entries that were allocated
575 * but not used with a csr of zero. This insures the
576 * ring front pointer never needs to be set backwards
577 * in the event that an entry is allocated but not used
578 * because of a setup error.
579 */
580 if (re->re_desc.d_csr != 0) {
581 if (!SAFE_PE_CSR_IS_DONE(re->re_desc.d_csr))
582 break;
583 if (!SAFE_PE_LEN_IS_DONE(re->re_desc.d_len))
584 break;
585 sc->sc_nqchip--;
586 safe_callback(sc, re);
587 }
588 if (++(sc->sc_back) == sc->sc_ringtop)
589 sc->sc_back = sc->sc_ring;
590 }
591 mtx_unlock(&sc->sc_ringmtx);
592 }
593
594 /*
595 * Check to see if we got any DMA Error
596 */
597 if (stat & SAFE_INT_PE_ERROR) {
598 DPRINTF(("dmaerr dmastat %08x\n",
599 READ_REG(sc, SAFE_PE_DMASTAT)));
600 safestats.st_dmaerr++;
601 safe_totalreset(sc);
602#if 0
603 safe_feed(sc);
604#endif
605 }
606
607 if (sc->sc_needwakeup) { /* XXX check high watermark */
608 int wakeup = sc->sc_needwakeup & (CRYPTO_SYMQ|CRYPTO_ASYMQ);
609 DPRINTF(("%s: wakeup crypto %x\n", __func__,
610 sc->sc_needwakeup));
611 sc->sc_needwakeup &= ~wakeup;
612 crypto_unblock(sc->sc_cid, wakeup);
613 }
614}
615
616/*
617 * safe_feed() - post a request to chip
618 */
619static void
620safe_feed(struct safe_softc *sc, struct safe_ringentry *re)
621{
622 bus_dmamap_sync(sc->sc_srcdmat, re->re_src_map, BUS_DMASYNC_PREWRITE);
623 if (re->re_dst_map != NULL)
624 bus_dmamap_sync(sc->sc_dstdmat, re->re_dst_map,
625 BUS_DMASYNC_PREREAD);
626 /* XXX have no smaller granularity */
627 safe_dma_sync(&sc->sc_ringalloc,
628 BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
629 safe_dma_sync(&sc->sc_spalloc, BUS_DMASYNC_PREWRITE);
630 safe_dma_sync(&sc->sc_dpalloc, BUS_DMASYNC_PREWRITE);
631
632#ifdef SAFE_DEBUG
633 if (safe_debug) {
634 safe_dump_ringstate(sc, __func__);
635 safe_dump_request(sc, __func__, re);
636 }
637#endif
638 sc->sc_nqchip++;
639 if (sc->sc_nqchip > safestats.st_maxqchip)
640 safestats.st_maxqchip = sc->sc_nqchip;
641 /* poke h/w to check descriptor ring, any value can be written */
642 WRITE_REG(sc, SAFE_HI_RD_DESCR, 0);
643}
644
645#define N(a) (sizeof(a) / sizeof (a[0]))
646static void
647safe_setup_enckey(struct safe_session *ses, caddr_t key)
648{
649 int i;
650
651 bcopy(key, ses->ses_key, ses->ses_klen / 8);
652
653 /* PE is little-endian, insure proper byte order */
654 for (i = 0; i < N(ses->ses_key); i++)
655 ses->ses_key[i] = htole32(ses->ses_key[i]);
656}
657
658static void
659safe_setup_mackey(struct safe_session *ses, int algo, caddr_t key, int klen)
660{
661 MD5_CTX md5ctx;
662 SHA1_CTX sha1ctx;
663 int i;
664
665
666 for (i = 0; i < klen; i++)
667 key[i] ^= HMAC_IPAD_VAL;
668
669 if (algo == CRYPTO_MD5_HMAC) {
670 MD5Init(&md5ctx);
671 MD5Update(&md5ctx, key, klen);
672 MD5Update(&md5ctx, hmac_ipad_buffer, MD5_HMAC_BLOCK_LEN - klen);
673 bcopy(md5ctx.state, ses->ses_hminner, sizeof(md5ctx.state));
674 } else {
675 SHA1Init(&sha1ctx);
676 SHA1Update(&sha1ctx, key, klen);
677 SHA1Update(&sha1ctx, hmac_ipad_buffer,
678 SHA1_HMAC_BLOCK_LEN - klen);
679 bcopy(sha1ctx.h.b32, ses->ses_hminner, sizeof(sha1ctx.h.b32));
680 }
681
682 for (i = 0; i < klen; i++)
683 key[i] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL);
684
685 if (algo == CRYPTO_MD5_HMAC) {
686 MD5Init(&md5ctx);
687 MD5Update(&md5ctx, key, klen);
688 MD5Update(&md5ctx, hmac_opad_buffer, MD5_HMAC_BLOCK_LEN - klen);
689 bcopy(md5ctx.state, ses->ses_hmouter, sizeof(md5ctx.state));
690 } else {
691 SHA1Init(&sha1ctx);
692 SHA1Update(&sha1ctx, key, klen);
693 SHA1Update(&sha1ctx, hmac_opad_buffer,
694 SHA1_HMAC_BLOCK_LEN - klen);
695 bcopy(sha1ctx.h.b32, ses->ses_hmouter, sizeof(sha1ctx.h.b32));
696 }
697
698 for (i = 0; i < klen; i++)
699 key[i] ^= HMAC_OPAD_VAL;
700
701 /* PE is little-endian, insure proper byte order */
702 for (i = 0; i < N(ses->ses_hminner); i++) {
703 ses->ses_hminner[i] = htole32(ses->ses_hminner[i]);
704 ses->ses_hmouter[i] = htole32(ses->ses_hmouter[i]);
705 }
706}
707#undef N
708
709/*
710 * Allocate a new 'session' and return an encoded session id. 'sidp'
711 * contains our registration id, and should contain an encoded session
712 * id on successful allocation.
713 */
714static int
715safe_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri)
716{
717 struct safe_softc *sc = device_get_softc(dev);
718 struct cryptoini *c, *encini = NULL, *macini = NULL;
719 struct safe_session *ses = NULL;
720 int sesn;
721
722 if (sidp == NULL || cri == NULL || sc == NULL)
723 return (EINVAL);
724
725 for (c = cri; c != NULL; c = c->cri_next) {
726 if (c->cri_alg == CRYPTO_MD5_HMAC ||
727 c->cri_alg == CRYPTO_SHA1_HMAC ||
728 c->cri_alg == CRYPTO_NULL_HMAC) {
729 if (macini)
730 return (EINVAL);
731 macini = c;
732 } else if (c->cri_alg == CRYPTO_DES_CBC ||
733 c->cri_alg == CRYPTO_3DES_CBC ||
734 c->cri_alg == CRYPTO_AES_CBC ||
735 c->cri_alg == CRYPTO_NULL_CBC) {
736 if (encini)
737 return (EINVAL);
738 encini = c;
739 } else
740 return (EINVAL);
741 }
742 if (encini == NULL && macini == NULL)
743 return (EINVAL);
744 if (encini) { /* validate key length */
745 switch (encini->cri_alg) {
746 case CRYPTO_DES_CBC:
747 if (encini->cri_klen != 64)
748 return (EINVAL);
749 break;
750 case CRYPTO_3DES_CBC:
751 if (encini->cri_klen != 192)
752 return (EINVAL);
753 break;
754 case CRYPTO_AES_CBC:
755 if (encini->cri_klen != 128 &&
756 encini->cri_klen != 192 &&
757 encini->cri_klen != 256)
758 return (EINVAL);
759 break;
760 }
761 }
762
763 if (sc->sc_sessions == NULL) {
764 ses = sc->sc_sessions = (struct safe_session *)malloc(
765 sizeof(struct safe_session), M_DEVBUF, M_NOWAIT);
766 if (ses == NULL)
767 return (ENOMEM);
768 sesn = 0;
769 sc->sc_nsessions = 1;
770 } else {
771 for (sesn = 0; sesn < sc->sc_nsessions; sesn++) {
772 if (sc->sc_sessions[sesn].ses_used == 0) {
773 ses = &sc->sc_sessions[sesn];
774 break;
775 }
776 }
777
778 if (ses == NULL) {
779 sesn = sc->sc_nsessions;
780 ses = (struct safe_session *)malloc((sesn + 1) *
781 sizeof(struct safe_session), M_DEVBUF, M_NOWAIT);
782 if (ses == NULL)
783 return (ENOMEM);
784 bcopy(sc->sc_sessions, ses, sesn *
785 sizeof(struct safe_session));
786 bzero(sc->sc_sessions, sesn *
787 sizeof(struct safe_session));
788 free(sc->sc_sessions, M_DEVBUF);
789 sc->sc_sessions = ses;
790 ses = &sc->sc_sessions[sesn];
791 sc->sc_nsessions++;
792 }
793 }
794
795 bzero(ses, sizeof(struct safe_session));
796 ses->ses_used = 1;
797
798 if (encini) {
799 /* get an IV */
800 /* XXX may read fewer than requested */
801 read_random(ses->ses_iv, sizeof(ses->ses_iv));
802
803 ses->ses_klen = encini->cri_klen;
804 if (encini->cri_key != NULL)
805 safe_setup_enckey(ses, encini->cri_key);
806 }
807
808 if (macini) {
809 ses->ses_mlen = macini->cri_mlen;
810 if (ses->ses_mlen == 0) {
811 if (macini->cri_alg == CRYPTO_MD5_HMAC)
812 ses->ses_mlen = MD5_HASH_LEN;
813 else
814 ses->ses_mlen = SHA1_HASH_LEN;
815 }
816
817 if (macini->cri_key != NULL) {
818 safe_setup_mackey(ses, macini->cri_alg, macini->cri_key,
819 macini->cri_klen / 8);
820 }
821 }
822
823 *sidp = SAFE_SID(device_get_unit(sc->sc_dev), sesn);
824 return (0);
825}
826
827/*
828 * Deallocate a session.
829 */
830static int
831safe_freesession(device_t dev, u_int64_t tid)
832{
833 struct safe_softc *sc = device_get_softc(dev);
834 int session, ret;
835 u_int32_t sid = ((u_int32_t) tid) & 0xffffffff;
836
837 if (sc == NULL)
838 return (EINVAL);
839
840 session = SAFE_SESSION(sid);
841 if (session < sc->sc_nsessions) {
842 bzero(&sc->sc_sessions[session], sizeof(sc->sc_sessions[session]));
843 ret = 0;
844 } else
845 ret = EINVAL;
846 return (ret);
847}
848
849static void
850safe_op_cb(void *arg, bus_dma_segment_t *seg, int nsegs, bus_size_t mapsize, int error)
851{
852 struct safe_operand *op = arg;
853
854 DPRINTF(("%s: mapsize %u nsegs %d error %d\n", __func__,
855 (u_int) mapsize, nsegs, error));
856 if (error != 0)
857 return;
858 op->mapsize = mapsize;
859 op->nsegs = nsegs;
860 bcopy(seg, op->segs, nsegs * sizeof (seg[0]));
861}
862
863static int
864safe_process(device_t dev, struct cryptop *crp, int hint)
865{
866 struct safe_softc *sc = device_get_softc(dev);
867 int err = 0, i, nicealign, uniform;
868 struct cryptodesc *crd1, *crd2, *maccrd, *enccrd;
869 int bypass, oplen, ivsize;
870 caddr_t iv;
871 int16_t coffset;
872 struct safe_session *ses;
873 struct safe_ringentry *re;
874 struct safe_sarec *sa;
875 struct safe_pdesc *pd;
876 u_int32_t cmd0, cmd1, staterec;
877
878 if (crp == NULL || crp->crp_callback == NULL || sc == NULL) {
879 safestats.st_invalid++;
880 return (EINVAL);
881 }
882 if (SAFE_SESSION(crp->crp_sid) >= sc->sc_nsessions) {
883 safestats.st_badsession++;
884 return (EINVAL);
885 }
886
887 mtx_lock(&sc->sc_ringmtx);
888 if (sc->sc_front == sc->sc_back && sc->sc_nqchip != 0) {
889 safestats.st_ringfull++;
890 sc->sc_needwakeup |= CRYPTO_SYMQ;
891 mtx_unlock(&sc->sc_ringmtx);
892 return (ERESTART);
893 }
894 re = sc->sc_front;
895
896 staterec = re->re_sa.sa_staterec; /* save */
897 /* NB: zero everything but the PE descriptor */
898 bzero(&re->re_sa, sizeof(struct safe_ringentry) - sizeof(re->re_desc));
899 re->re_sa.sa_staterec = staterec; /* restore */
900
901 re->re_crp = crp;
902 re->re_sesn = SAFE_SESSION(crp->crp_sid);
903
904 if (crp->crp_flags & CRYPTO_F_IMBUF) {
905 re->re_src_m = (struct mbuf *)crp->crp_buf;
906 re->re_dst_m = (struct mbuf *)crp->crp_buf;
907 } else if (crp->crp_flags & CRYPTO_F_IOV) {
908 re->re_src_io = (struct uio *)crp->crp_buf;
909 re->re_dst_io = (struct uio *)crp->crp_buf;
910 } else {
911 safestats.st_badflags++;
912 err = EINVAL;
913 goto errout; /* XXX we don't handle contiguous blocks! */
914 }
915
916 sa = &re->re_sa;
917 ses = &sc->sc_sessions[re->re_sesn];
918
919 crd1 = crp->crp_desc;
920 if (crd1 == NULL) {
921 safestats.st_nodesc++;
922 err = EINVAL;
923 goto errout;
924 }
925 crd2 = crd1->crd_next;
926
927 cmd0 = SAFE_SA_CMD0_BASIC; /* basic group operation */
928 cmd1 = 0;
929 if (crd2 == NULL) {
930 if (crd1->crd_alg == CRYPTO_MD5_HMAC ||
931 crd1->crd_alg == CRYPTO_SHA1_HMAC ||
932 crd1->crd_alg == CRYPTO_NULL_HMAC) {
933 maccrd = crd1;
934 enccrd = NULL;
935 cmd0 |= SAFE_SA_CMD0_OP_HASH;
936 } else if (crd1->crd_alg == CRYPTO_DES_CBC ||
937 crd1->crd_alg == CRYPTO_3DES_CBC ||
938 crd1->crd_alg == CRYPTO_AES_CBC ||
939 crd1->crd_alg == CRYPTO_NULL_CBC) {
940 maccrd = NULL;
941 enccrd = crd1;
942 cmd0 |= SAFE_SA_CMD0_OP_CRYPT;
943 } else {
944 safestats.st_badalg++;
945 err = EINVAL;
946 goto errout;
947 }
948 } else {
949 if ((crd1->crd_alg == CRYPTO_MD5_HMAC ||
950 crd1->crd_alg == CRYPTO_SHA1_HMAC ||
951 crd1->crd_alg == CRYPTO_NULL_HMAC) &&
952 (crd2->crd_alg == CRYPTO_DES_CBC ||
953 crd2->crd_alg == CRYPTO_3DES_CBC ||
954 crd2->crd_alg == CRYPTO_AES_CBC ||
955 crd2->crd_alg == CRYPTO_NULL_CBC) &&
956 ((crd2->crd_flags & CRD_F_ENCRYPT) == 0)) {
957 maccrd = crd1;
958 enccrd = crd2;
959 } else if ((crd1->crd_alg == CRYPTO_DES_CBC ||
960 crd1->crd_alg == CRYPTO_3DES_CBC ||
961 crd1->crd_alg == CRYPTO_AES_CBC ||
962 crd1->crd_alg == CRYPTO_NULL_CBC) &&
963 (crd2->crd_alg == CRYPTO_MD5_HMAC ||
964 crd2->crd_alg == CRYPTO_SHA1_HMAC ||
965 crd2->crd_alg == CRYPTO_NULL_HMAC) &&
966 (crd1->crd_flags & CRD_F_ENCRYPT)) {
967 enccrd = crd1;
968 maccrd = crd2;
969 } else {
970 safestats.st_badalg++;
971 err = EINVAL;
972 goto errout;
973 }
974 cmd0 |= SAFE_SA_CMD0_OP_BOTH;
975 }
976
977 if (enccrd) {
978 if (enccrd->crd_flags & CRD_F_KEY_EXPLICIT)
979 safe_setup_enckey(ses, enccrd->crd_key);
980
981 if (enccrd->crd_alg == CRYPTO_DES_CBC) {
982 cmd0 |= SAFE_SA_CMD0_DES;
983 cmd1 |= SAFE_SA_CMD1_CBC;
984 ivsize = 2*sizeof(u_int32_t);
985 } else if (enccrd->crd_alg == CRYPTO_3DES_CBC) {
986 cmd0 |= SAFE_SA_CMD0_3DES;
987 cmd1 |= SAFE_SA_CMD1_CBC;
988 ivsize = 2*sizeof(u_int32_t);
989 } else if (enccrd->crd_alg == CRYPTO_AES_CBC) {
990 cmd0 |= SAFE_SA_CMD0_AES;
991 cmd1 |= SAFE_SA_CMD1_CBC;
992 if (ses->ses_klen == 128)
993 cmd1 |= SAFE_SA_CMD1_AES128;
994 else if (ses->ses_klen == 192)
995 cmd1 |= SAFE_SA_CMD1_AES192;
996 else
997 cmd1 |= SAFE_SA_CMD1_AES256;
998 ivsize = 4*sizeof(u_int32_t);
999 } else {
1000 cmd0 |= SAFE_SA_CMD0_CRYPT_NULL;
1001 ivsize = 0;
1002 }
1003
1004 /*
1005 * Setup encrypt/decrypt state. When using basic ops
1006 * we can't use an inline IV because hash/crypt offset
1007 * must be from the end of the IV to the start of the
1008 * crypt data and this leaves out the preceding header
1009 * from the hash calculation. Instead we place the IV
1010 * in the state record and set the hash/crypt offset to
1011 * copy both the header+IV.
1012 */
1013 if (enccrd->crd_flags & CRD_F_ENCRYPT) {
1014 cmd0 |= SAFE_SA_CMD0_OUTBOUND;
1015
1016 if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
1017 iv = enccrd->crd_iv;
1018 else
1019 iv = (caddr_t) ses->ses_iv;
1020 if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) {
1021 crypto_copyback(crp->crp_flags, crp->crp_buf,
1022 enccrd->crd_inject, ivsize, iv);
1023 }
1024 bcopy(iv, re->re_sastate.sa_saved_iv, ivsize);
1025 cmd0 |= SAFE_SA_CMD0_IVLD_STATE | SAFE_SA_CMD0_SAVEIV;
1026 re->re_flags |= SAFE_QFLAGS_COPYOUTIV;
1027 } else {
1028 cmd0 |= SAFE_SA_CMD0_INBOUND;
1029
1030 if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) {
1031 bcopy(enccrd->crd_iv,
1032 re->re_sastate.sa_saved_iv, ivsize);
1033 } else {
1034 crypto_copydata(crp->crp_flags, crp->crp_buf,
1035 enccrd->crd_inject, ivsize,
1036 (caddr_t)re->re_sastate.sa_saved_iv);
1037 }
1038 cmd0 |= SAFE_SA_CMD0_IVLD_STATE;
1039 }
1040 /*
1041 * For basic encryption use the zero pad algorithm.
1042 * This pads results to an 8-byte boundary and
1043 * suppresses padding verification for inbound (i.e.
1044 * decrypt) operations.
1045 *
1046 * NB: Not sure if the 8-byte pad boundary is a problem.
1047 */
1048 cmd0 |= SAFE_SA_CMD0_PAD_ZERO;
1049
1050 /* XXX assert key bufs have the same size */
1051 bcopy(ses->ses_key, sa->sa_key, sizeof(sa->sa_key));
1052 }
1053
1054 if (maccrd) {
1055 if (maccrd->crd_flags & CRD_F_KEY_EXPLICIT) {
1056 safe_setup_mackey(ses, maccrd->crd_alg,
1057 maccrd->crd_key, maccrd->crd_klen / 8);
1058 }
1059
1060 if (maccrd->crd_alg == CRYPTO_MD5_HMAC) {
1061 cmd0 |= SAFE_SA_CMD0_MD5;
1062 cmd1 |= SAFE_SA_CMD1_HMAC; /* NB: enable HMAC */
1063 } else if (maccrd->crd_alg == CRYPTO_SHA1_HMAC) {
1064 cmd0 |= SAFE_SA_CMD0_SHA1;
1065 cmd1 |= SAFE_SA_CMD1_HMAC; /* NB: enable HMAC */
1066 } else {
1067 cmd0 |= SAFE_SA_CMD0_HASH_NULL;
1068 }
1069 /*
1070 * Digest data is loaded from the SA and the hash
1071 * result is saved to the state block where we
1072 * retrieve it for return to the caller.
1073 */
1074 /* XXX assert digest bufs have the same size */
1075 bcopy(ses->ses_hminner, sa->sa_indigest,
1076 sizeof(sa->sa_indigest));
1077 bcopy(ses->ses_hmouter, sa->sa_outdigest,
1078 sizeof(sa->sa_outdigest));
1079
1080 cmd0 |= SAFE_SA_CMD0_HSLD_SA | SAFE_SA_CMD0_SAVEHASH;
1081 re->re_flags |= SAFE_QFLAGS_COPYOUTICV;
1082 }
1083
1084 if (enccrd && maccrd) {
1085 /*
1086 * The offset from hash data to the start of
1087 * crypt data is the difference in the skips.
1088 */
1089 bypass = maccrd->crd_skip;
1090 coffset = enccrd->crd_skip - maccrd->crd_skip;
1091 if (coffset < 0) {
1092 DPRINTF(("%s: hash does not precede crypt; "
1093 "mac skip %u enc skip %u\n",
1094 __func__, maccrd->crd_skip, enccrd->crd_skip));
1095 safestats.st_skipmismatch++;
1096 err = EINVAL;
1097 goto errout;
1098 }
1099 oplen = enccrd->crd_skip + enccrd->crd_len;
1100 if (maccrd->crd_skip + maccrd->crd_len != oplen) {
1101 DPRINTF(("%s: hash amount %u != crypt amount %u\n",
1102 __func__, maccrd->crd_skip + maccrd->crd_len,
1103 oplen));
1104 safestats.st_lenmismatch++;
1105 err = EINVAL;
1106 goto errout;
1107 }
1108#ifdef SAFE_DEBUG
1109 if (safe_debug) {
1110 printf("mac: skip %d, len %d, inject %d\n",
1111 maccrd->crd_skip, maccrd->crd_len,
1112 maccrd->crd_inject);
1113 printf("enc: skip %d, len %d, inject %d\n",
1114 enccrd->crd_skip, enccrd->crd_len,
1115 enccrd->crd_inject);
1116 printf("bypass %d coffset %d oplen %d\n",
1117 bypass, coffset, oplen);
1118 }
1119#endif
1120 if (coffset & 3) { /* offset must be 32-bit aligned */
1121 DPRINTF(("%s: coffset %u misaligned\n",
1122 __func__, coffset));
1123 safestats.st_coffmisaligned++;
1124 err = EINVAL;
1125 goto errout;
1126 }
1127 coffset >>= 2;
1128 if (coffset > 255) { /* offset must be <256 dwords */
1129 DPRINTF(("%s: coffset %u too big\n",
1130 __func__, coffset));
1131 safestats.st_cofftoobig++;
1132 err = EINVAL;
1133 goto errout;
1134 }
1135 /*
1136 * Tell the hardware to copy the header to the output.
1137 * The header is defined as the data from the end of
1138 * the bypass to the start of data to be encrypted.
1139 * Typically this is the inline IV. Note that you need
1140 * to do this even if src+dst are the same; it appears
1141 * that w/o this bit the crypted data is written
1142 * immediately after the bypass data.
1143 */
1144 cmd1 |= SAFE_SA_CMD1_HDRCOPY;
1145 /*
1146 * Disable IP header mutable bit handling. This is
1147 * needed to get correct HMAC calculations.
1148 */
1149 cmd1 |= SAFE_SA_CMD1_MUTABLE;
1150 } else {
1151 if (enccrd) {
1152 bypass = enccrd->crd_skip;
1153 oplen = bypass + enccrd->crd_len;
1154 } else {
1155 bypass = maccrd->crd_skip;
1156 oplen = bypass + maccrd->crd_len;
1157 }
1158 coffset = 0;
1159 }
1160 /* XXX verify multiple of 4 when using s/g */
1161 if (bypass > 96) { /* bypass offset must be <= 96 bytes */
1162 DPRINTF(("%s: bypass %u too big\n", __func__, bypass));
1163 safestats.st_bypasstoobig++;
1164 err = EINVAL;
1165 goto errout;
1166 }
1167
1168 if (bus_dmamap_create(sc->sc_srcdmat, BUS_DMA_NOWAIT, &re->re_src_map)) {
1169 safestats.st_nomap++;
1170 err = ENOMEM;
1171 goto errout;
1172 }
1173 if (crp->crp_flags & CRYPTO_F_IMBUF) {
1174 if (bus_dmamap_load_mbuf(sc->sc_srcdmat, re->re_src_map,
1175 re->re_src_m, safe_op_cb,
1176 &re->re_src, BUS_DMA_NOWAIT) != 0) {
1177 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map);
1178 re->re_src_map = NULL;
1179 safestats.st_noload++;
1180 err = ENOMEM;
1181 goto errout;
1182 }
1183 } else if (crp->crp_flags & CRYPTO_F_IOV) {
1184 if (bus_dmamap_load_uio(sc->sc_srcdmat, re->re_src_map,
1185 re->re_src_io, safe_op_cb,
1186 &re->re_src, BUS_DMA_NOWAIT) != 0) {
1187 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map);
1188 re->re_src_map = NULL;
1189 safestats.st_noload++;
1190 err = ENOMEM;
1191 goto errout;
1192 }
1193 }
1194 nicealign = safe_dmamap_aligned(&re->re_src);
1195 uniform = safe_dmamap_uniform(&re->re_src);
1196
1197 DPRINTF(("src nicealign %u uniform %u nsegs %u\n",
1198 nicealign, uniform, re->re_src.nsegs));
1199 if (re->re_src.nsegs > 1) {
1200 re->re_desc.d_src = sc->sc_spalloc.dma_paddr +
1201 ((caddr_t) sc->sc_spfree - (caddr_t) sc->sc_spring);
1202 for (i = 0; i < re->re_src_nsegs; i++) {
1203 /* NB: no need to check if there's space */
1204 pd = sc->sc_spfree;
1205 if (++(sc->sc_spfree) == sc->sc_springtop)
1206 sc->sc_spfree = sc->sc_spring;
1207
1208 KASSERT((pd->pd_flags&3) == 0 ||
1209 (pd->pd_flags&3) == SAFE_PD_DONE,
1210 ("bogus source particle descriptor; flags %x",
1211 pd->pd_flags));
1212 pd->pd_addr = re->re_src_segs[i].ds_addr;
1213 pd->pd_size = re->re_src_segs[i].ds_len;
1214 pd->pd_flags = SAFE_PD_READY;
1215 }
1216 cmd0 |= SAFE_SA_CMD0_IGATHER;
1217 } else {
1218 /*
1219 * No need for gather, reference the operand directly.
1220 */
1221 re->re_desc.d_src = re->re_src_segs[0].ds_addr;
1222 }
1223
1224 if (enccrd == NULL && maccrd != NULL) {
1225 /*
1226 * Hash op; no destination needed.
1227 */
1228 } else {
1229 if (crp->crp_flags & CRYPTO_F_IOV) {
1230 if (!nicealign) {
1231 safestats.st_iovmisaligned++;
1232 err = EINVAL;
1233 goto errout;
1234 }
1235 if (uniform != 1) {
1236 /*
1237 * Source is not suitable for direct use as
1238 * the destination. Create a new scatter/gather
1239 * list based on the destination requirements
1240 * and check if that's ok.
1241 */
1242 if (bus_dmamap_create(sc->sc_dstdmat,
1243 BUS_DMA_NOWAIT, &re->re_dst_map)) {
1244 safestats.st_nomap++;
1245 err = ENOMEM;
1246 goto errout;
1247 }
1248 if (bus_dmamap_load_uio(sc->sc_dstdmat,
1249 re->re_dst_map, re->re_dst_io,
1250 safe_op_cb, &re->re_dst,
1251 BUS_DMA_NOWAIT) != 0) {
1252 bus_dmamap_destroy(sc->sc_dstdmat,
1253 re->re_dst_map);
1254 re->re_dst_map = NULL;
1255 safestats.st_noload++;
1256 err = ENOMEM;
1257 goto errout;
1258 }
1259 uniform = safe_dmamap_uniform(&re->re_dst);
1260 if (!uniform) {
1261 /*
1262 * There's no way to handle the DMA
1263 * requirements with this uio. We
1264 * could create a separate DMA area for
1265 * the result and then copy it back,
1266 * but for now we just bail and return
1267 * an error. Note that uio requests
1268 * > SAFE_MAX_DSIZE are handled because
1269 * the DMA map and segment list for the
1270 * destination wil result in a
1271 * destination particle list that does
1272 * the necessary scatter DMA.
1273 */
1274 safestats.st_iovnotuniform++;
1275 err = EINVAL;
1276 goto errout;
1277 }
1278 } else
1279 re->re_dst = re->re_src;
1280 } else if (crp->crp_flags & CRYPTO_F_IMBUF) {
1281 if (nicealign && uniform == 1) {
1282 /*
1283 * Source layout is suitable for direct
1284 * sharing of the DMA map and segment list.
1285 */
1286 re->re_dst = re->re_src;
1287 } else if (nicealign && uniform == 2) {
1288 /*
1289 * The source is properly aligned but requires a
1290 * different particle list to handle DMA of the
1291 * result. Create a new map and do the load to
1292 * create the segment list. The particle
1293 * descriptor setup code below will handle the
1294 * rest.
1295 */
1296 if (bus_dmamap_create(sc->sc_dstdmat,
1297 BUS_DMA_NOWAIT, &re->re_dst_map)) {
1298 safestats.st_nomap++;
1299 err = ENOMEM;
1300 goto errout;
1301 }
1302 if (bus_dmamap_load_mbuf(sc->sc_dstdmat,
1303 re->re_dst_map, re->re_dst_m,
1304 safe_op_cb, &re->re_dst,
1305 BUS_DMA_NOWAIT) != 0) {
1306 bus_dmamap_destroy(sc->sc_dstdmat,
1307 re->re_dst_map);
1308 re->re_dst_map = NULL;
1309 safestats.st_noload++;
1310 err = ENOMEM;
1311 goto errout;
1312 }
1313 } else { /* !(aligned and/or uniform) */
1314 int totlen, len;
1315 struct mbuf *m, *top, **mp;
1316
1317 /*
1318 * DMA constraints require that we allocate a
1319 * new mbuf chain for the destination. We
1320 * allocate an entire new set of mbufs of
1321 * optimal/required size and then tell the
1322 * hardware to copy any bits that are not
1323 * created as a byproduct of the operation.
1324 */
1325 if (!nicealign)
1326 safestats.st_unaligned++;
1327 if (!uniform)
1328 safestats.st_notuniform++;
1329 totlen = re->re_src_mapsize;
1330 if (re->re_src_m->m_flags & M_PKTHDR) {
1331 len = MHLEN;
1332 MGETHDR(m, M_DONTWAIT, MT_DATA);
1333 if (m && !m_dup_pkthdr(m, re->re_src_m,
1334 M_DONTWAIT)) {
1335 m_free(m);
1336 m = NULL;
1337 }
1338 } else {
1339 len = MLEN;
1340 MGET(m, M_DONTWAIT, MT_DATA);
1341 }
1342 if (m == NULL) {
1343 safestats.st_nombuf++;
1344 err = sc->sc_nqchip ? ERESTART : ENOMEM;
1345 goto errout;
1346 }
1347 if (totlen >= MINCLSIZE) {
1348 MCLGET(m, M_DONTWAIT);
1349 if ((m->m_flags & M_EXT) == 0) {
1350 m_free(m);
1351 safestats.st_nomcl++;
1352 err = sc->sc_nqchip ?
1353 ERESTART : ENOMEM;
1354 goto errout;
1355 }
1356 len = MCLBYTES;
1357 }
1358 m->m_len = len;
1359 top = NULL;
1360 mp = ⊤
1361
1362 while (totlen > 0) {
1363 if (top) {
1364 MGET(m, M_DONTWAIT, MT_DATA);
1365 if (m == NULL) {
1366 m_freem(top);
1367 safestats.st_nombuf++;
1368 err = sc->sc_nqchip ?
1369 ERESTART : ENOMEM;
1370 goto errout;
1371 }
1372 len = MLEN;
1373 }
1374 if (top && totlen >= MINCLSIZE) {
1375 MCLGET(m, M_DONTWAIT);
1376 if ((m->m_flags & M_EXT) == 0) {
1377 *mp = m;
1378 m_freem(top);
1379 safestats.st_nomcl++;
1380 err = sc->sc_nqchip ?
1381 ERESTART : ENOMEM;
1382 goto errout;
1383 }
1384 len = MCLBYTES;
1385 }
1386 m->m_len = len = min(totlen, len);
1387 totlen -= len;
1388 *mp = m;
1389 mp = &m->m_next;
1390 }
1391 re->re_dst_m = top;
1392 if (bus_dmamap_create(sc->sc_dstdmat,
1393 BUS_DMA_NOWAIT, &re->re_dst_map) != 0) {
1394 safestats.st_nomap++;
1395 err = ENOMEM;
1396 goto errout;
1397 }
1398 if (bus_dmamap_load_mbuf(sc->sc_dstdmat,
1399 re->re_dst_map, re->re_dst_m,
1400 safe_op_cb, &re->re_dst,
1401 BUS_DMA_NOWAIT) != 0) {
1402 bus_dmamap_destroy(sc->sc_dstdmat,
1403 re->re_dst_map);
1404 re->re_dst_map = NULL;
1405 safestats.st_noload++;
1406 err = ENOMEM;
1407 goto errout;
1408 }
1409 if (re->re_src.mapsize > oplen) {
1410 /*
1411 * There's data following what the
1412 * hardware will copy for us. If this
1413 * isn't just the ICV (that's going to
1414 * be written on completion), copy it
1415 * to the new mbufs
1416 */
1417 if (!(maccrd &&
1418 (re->re_src.mapsize-oplen) == 12 &&
1419 maccrd->crd_inject == oplen))
1420 safe_mcopy(re->re_src_m,
1421 re->re_dst_m,
1422 oplen);
1423 else
1424 safestats.st_noicvcopy++;
1425 }
1426 }
1427 } else {
1428 safestats.st_badflags++;
1429 err = EINVAL;
1430 goto errout;
1431 }
1432
1433 if (re->re_dst.nsegs > 1) {
1434 re->re_desc.d_dst = sc->sc_dpalloc.dma_paddr +
1435 ((caddr_t) sc->sc_dpfree - (caddr_t) sc->sc_dpring);
1436 for (i = 0; i < re->re_dst_nsegs; i++) {
1437 pd = sc->sc_dpfree;
1438 KASSERT((pd->pd_flags&3) == 0 ||
1439 (pd->pd_flags&3) == SAFE_PD_DONE,
1440 ("bogus dest particle descriptor; flags %x",
1441 pd->pd_flags));
1442 if (++(sc->sc_dpfree) == sc->sc_dpringtop)
1443 sc->sc_dpfree = sc->sc_dpring;
1444 pd->pd_addr = re->re_dst_segs[i].ds_addr;
1445 pd->pd_flags = SAFE_PD_READY;
1446 }
1447 cmd0 |= SAFE_SA_CMD0_OSCATTER;
1448 } else {
1449 /*
1450 * No need for scatter, reference the operand directly.
1451 */
1452 re->re_desc.d_dst = re->re_dst_segs[0].ds_addr;
1453 }
1454 }
1455
1456 /*
1457 * All done with setup; fillin the SA command words
1458 * and the packet engine descriptor. The operation
1459 * is now ready for submission to the hardware.
1460 */
1461 sa->sa_cmd0 = cmd0 | SAFE_SA_CMD0_IPCI | SAFE_SA_CMD0_OPCI;
1462 sa->sa_cmd1 = cmd1
1463 | (coffset << SAFE_SA_CMD1_OFFSET_S)
1464 | SAFE_SA_CMD1_SAREV1 /* Rev 1 SA data structure */
1465 | SAFE_SA_CMD1_SRPCI
1466 ;
1467 /*
1468 * NB: the order of writes is important here. In case the
1469 * chip is scanning the ring because of an outstanding request
1470 * it might nab this one too. In that case we need to make
1471 * sure the setup is complete before we write the length
1472 * field of the descriptor as it signals the descriptor is
1473 * ready for processing.
1474 */
1475 re->re_desc.d_csr = SAFE_PE_CSR_READY | SAFE_PE_CSR_SAPCI;
1476 if (maccrd)
1477 re->re_desc.d_csr |= SAFE_PE_CSR_LOADSA | SAFE_PE_CSR_HASHFINAL;
1478 re->re_desc.d_len = oplen
1479 | SAFE_PE_LEN_READY
1480 | (bypass << SAFE_PE_LEN_BYPASS_S)
1481 ;
1482
1483 safestats.st_ipackets++;
1484 safestats.st_ibytes += oplen;
1485
1486 if (++(sc->sc_front) == sc->sc_ringtop)
1487 sc->sc_front = sc->sc_ring;
1488
1489 /* XXX honor batching */
1490 safe_feed(sc, re);
1491 mtx_unlock(&sc->sc_ringmtx);
1492 return (0);
1493
1494errout:
1495 if ((re->re_dst_m != NULL) && (re->re_src_m != re->re_dst_m))
1496 m_freem(re->re_dst_m);
1497
1498 if (re->re_dst_map != NULL && re->re_dst_map != re->re_src_map) {
1499 bus_dmamap_unload(sc->sc_dstdmat, re->re_dst_map);
1500 bus_dmamap_destroy(sc->sc_dstdmat, re->re_dst_map);
1501 }
1502 if (re->re_src_map != NULL) {
1503 bus_dmamap_unload(sc->sc_srcdmat, re->re_src_map);
1504 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map);
1505 }
1506 mtx_unlock(&sc->sc_ringmtx);
1507 if (err != ERESTART) {
1508 crp->crp_etype = err;
1509 crypto_done(crp);
1510 } else {
1511 sc->sc_needwakeup |= CRYPTO_SYMQ;
1512 }
1513 return (err);
1514}
1515
1516static void
1517safe_callback(struct safe_softc *sc, struct safe_ringentry *re)
1518{
1519 struct cryptop *crp = (struct cryptop *)re->re_crp;
1520 struct cryptodesc *crd;
1521
1522 safestats.st_opackets++;
1523 safestats.st_obytes += re->re_dst.mapsize;
1524
1525 safe_dma_sync(&sc->sc_ringalloc,
1526 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE);
1527 if (re->re_desc.d_csr & SAFE_PE_CSR_STATUS) {
1528 device_printf(sc->sc_dev, "csr 0x%x cmd0 0x%x cmd1 0x%x\n",
1529 re->re_desc.d_csr,
1530 re->re_sa.sa_cmd0, re->re_sa.sa_cmd1);
1531 safestats.st_peoperr++;
1532 crp->crp_etype = EIO; /* something more meaningful? */
1533 }
1534 if (re->re_dst_map != NULL && re->re_dst_map != re->re_src_map) {
1535 bus_dmamap_sync(sc->sc_dstdmat, re->re_dst_map,
1536 BUS_DMASYNC_POSTREAD);
1537 bus_dmamap_unload(sc->sc_dstdmat, re->re_dst_map);
1538 bus_dmamap_destroy(sc->sc_dstdmat, re->re_dst_map);
1539 }
1540 bus_dmamap_sync(sc->sc_srcdmat, re->re_src_map, BUS_DMASYNC_POSTWRITE);
1541 bus_dmamap_unload(sc->sc_srcdmat, re->re_src_map);
1542 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map);
1543
1544 /*
1545 * If result was written to a differet mbuf chain, swap
1546 * it in as the return value and reclaim the original.
1547 */
1548 if ((crp->crp_flags & CRYPTO_F_IMBUF) && re->re_src_m != re->re_dst_m) {
1549 m_freem(re->re_src_m);
1550 crp->crp_buf = (caddr_t)re->re_dst_m;
1551 }
1552
1553 if (re->re_flags & SAFE_QFLAGS_COPYOUTIV) {
1554 /* copy out IV for future use */
1555 for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
1556 int ivsize;
1557
1558 if (crd->crd_alg == CRYPTO_DES_CBC ||
1559 crd->crd_alg == CRYPTO_3DES_CBC) {
1560 ivsize = 2*sizeof(u_int32_t);
1561 } else if (crd->crd_alg == CRYPTO_AES_CBC) {
1562 ivsize = 4*sizeof(u_int32_t);
1563 } else
1564 continue;
1565 crypto_copydata(crp->crp_flags, crp->crp_buf,
1566 crd->crd_skip + crd->crd_len - ivsize, ivsize,
1567 (caddr_t)sc->sc_sessions[re->re_sesn].ses_iv);
1568 break;
1569 }
1570 }
1571
1572 if (re->re_flags & SAFE_QFLAGS_COPYOUTICV) {
1573 /* copy out ICV result */
1574 for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
1575 if (!(crd->crd_alg == CRYPTO_MD5_HMAC ||
1576 crd->crd_alg == CRYPTO_SHA1_HMAC ||
1577 crd->crd_alg == CRYPTO_NULL_HMAC))
1578 continue;
1579 if (crd->crd_alg == CRYPTO_SHA1_HMAC) {
1580 /*
1581 * SHA-1 ICV's are byte-swapped; fix 'em up
1582 * before copy them to their destination.
1583 */
1584 re->re_sastate.sa_saved_indigest[0] =
1585 bswap32(re->re_sastate.sa_saved_indigest[0]);
1586 re->re_sastate.sa_saved_indigest[1] =
1587 bswap32(re->re_sastate.sa_saved_indigest[1]);
1588 re->re_sastate.sa_saved_indigest[2] =
1589 bswap32(re->re_sastate.sa_saved_indigest[2]);
1590 }
1591 crypto_copyback(crp->crp_flags, crp->crp_buf,
1592 crd->crd_inject,
1593 sc->sc_sessions[re->re_sesn].ses_mlen,
1594 (caddr_t)re->re_sastate.sa_saved_indigest);
1595 break;
1596 }
1597 }
1598 crypto_done(crp);
1599}
1600
1601/*
1602 * Copy all data past offset from srcm to dstm.
1603 */
1604static void
1605safe_mcopy(struct mbuf *srcm, struct mbuf *dstm, u_int offset)
1606{
1607 u_int j, dlen, slen;
1608 caddr_t dptr, sptr;
1609
1610 /*
1611 * Advance src and dst to offset.
1612 */
1613 j = offset;
1614 while (j >= 0) {
1615 if (srcm->m_len > j)
1616 break;
1617 j -= srcm->m_len;
1618 srcm = srcm->m_next;
1619 if (srcm == NULL)
1620 return;
1621 }
1622 sptr = mtod(srcm, caddr_t) + j;
1623 slen = srcm->m_len - j;
1624
1625 j = offset;
1626 while (j >= 0) {
1627 if (dstm->m_len > j)
1628 break;
1629 j -= dstm->m_len;
1630 dstm = dstm->m_next;
1631 if (dstm == NULL)
1632 return;
1633 }
1634 dptr = mtod(dstm, caddr_t) + j;
1635 dlen = dstm->m_len - j;
1636
1637 /*
1638 * Copy everything that remains.
1639 */
1640 for (;;) {
1641 j = min(slen, dlen);
1642 bcopy(sptr, dptr, j);
1643 if (slen == j) {
1644 srcm = srcm->m_next;
1645 if (srcm == NULL)
1646 return;
1647 sptr = srcm->m_data;
1648 slen = srcm->m_len;
1649 } else
1650 sptr += j, slen -= j;
1651 if (dlen == j) {
1652 dstm = dstm->m_next;
1653 if (dstm == NULL)
1654 return;
1655 dptr = dstm->m_data;
1656 dlen = dstm->m_len;
1657 } else
1658 dptr += j, dlen -= j;
1659 }
1660}
1661
1662#ifndef SAFE_NO_RNG
1663#define SAFE_RNG_MAXWAIT 1000
1664
1665static void
1666safe_rng_init(struct safe_softc *sc)
1667{
1668 u_int32_t w, v;
1669 int i;
1670
1671 WRITE_REG(sc, SAFE_RNG_CTRL, 0);
1672 /* use default value according to the manual */
1673 WRITE_REG(sc, SAFE_RNG_CNFG, 0x834); /* magic from SafeNet */
1674 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0);
1675
1676 /*
1677 * There is a bug in rev 1.0 of the 1140 that when the RNG
1678 * is brought out of reset the ready status flag does not
1679 * work until the RNG has finished its internal initialization.
1680 *
1681 * So in order to determine the device is through its
1682 * initialization we must read the data register, using the
1683 * status reg in the read in case it is initialized. Then read
1684 * the data register until it changes from the first read.
1685 * Once it changes read the data register until it changes
1686 * again. At this time the RNG is considered initialized.
1687 * This could take between 750ms - 1000ms in time.
1688 */
1689 i = 0;
1690 w = READ_REG(sc, SAFE_RNG_OUT);
1691 do {
1692 v = READ_REG(sc, SAFE_RNG_OUT);
1693 if (v != w) {
1694 w = v;
1695 break;
1696 }
1697 DELAY(10);
1698 } while (++i < SAFE_RNG_MAXWAIT);
1699
1700 /* Wait Until data changes again */
1701 i = 0;
1702 do {
1703 v = READ_REG(sc, SAFE_RNG_OUT);
1704 if (v != w)
1705 break;
1706 DELAY(10);
1707 } while (++i < SAFE_RNG_MAXWAIT);
1708}
1709
1710static __inline void
1711safe_rng_disable_short_cycle(struct safe_softc *sc)
1712{
1713 WRITE_REG(sc, SAFE_RNG_CTRL,
1714 READ_REG(sc, SAFE_RNG_CTRL) &~ SAFE_RNG_CTRL_SHORTEN);
1715}
1716
1717static __inline void
1718safe_rng_enable_short_cycle(struct safe_softc *sc)
1719{
1720 WRITE_REG(sc, SAFE_RNG_CTRL,
1721 READ_REG(sc, SAFE_RNG_CTRL) | SAFE_RNG_CTRL_SHORTEN);
1722}
1723
1724static __inline u_int32_t
1725safe_rng_read(struct safe_softc *sc)
1726{
1727 int i;
1728
1729 i = 0;
1730 while (READ_REG(sc, SAFE_RNG_STAT) != 0 && ++i < SAFE_RNG_MAXWAIT)
1731 ;
1732 return READ_REG(sc, SAFE_RNG_OUT);
1733}
1734
1735static void
1736safe_rng(void *arg)
1737{
1738 struct safe_softc *sc = arg;
1739 u_int32_t buf[SAFE_RNG_MAXBUFSIZ]; /* NB: maybe move to softc */
1740 u_int maxwords;
1741 int i;
1742
1743 safestats.st_rng++;
1744 /*
1745 * Fetch the next block of data.
1746 */
1747 maxwords = safe_rngbufsize;
1748 if (maxwords > SAFE_RNG_MAXBUFSIZ)
1749 maxwords = SAFE_RNG_MAXBUFSIZ;
1750retry:
1751 for (i = 0; i < maxwords; i++)
1752 buf[i] = safe_rng_read(sc);
1753 /*
1754 * Check the comparator alarm count and reset the h/w if
1755 * it exceeds our threshold. This guards against the
1756 * hardware oscillators resonating with external signals.
1757 */
1758 if (READ_REG(sc, SAFE_RNG_ALM_CNT) > safe_rngmaxalarm) {
1759 u_int32_t freq_inc, w;
1760
1761 DPRINTF(("%s: alarm count %u exceeds threshold %u\n", __func__,
1762 READ_REG(sc, SAFE_RNG_ALM_CNT), safe_rngmaxalarm));
1763 safestats.st_rngalarm++;
1764 safe_rng_enable_short_cycle(sc);
1765 freq_inc = 18;
1766 for (i = 0; i < 64; i++) {
1767 w = READ_REG(sc, SAFE_RNG_CNFG);
1768 freq_inc = ((w + freq_inc) & 0x3fL);
1769 w = ((w & ~0x3fL) | freq_inc);
1770 WRITE_REG(sc, SAFE_RNG_CNFG, w);
1771
1772 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0);
1773
1774 (void) safe_rng_read(sc);
1775 DELAY(25);
1776
1777 if (READ_REG(sc, SAFE_RNG_ALM_CNT) == 0) {
1778 safe_rng_disable_short_cycle(sc);
1779 goto retry;
1780 }
1781 freq_inc = 1;
1782 }
1783 safe_rng_disable_short_cycle(sc);
1784 } else
1785 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0);
1786
1787 (*sc->sc_harvest)(sc->sc_rndtest, buf, maxwords*sizeof (u_int32_t));
1788 callout_reset(&sc->sc_rngto,
1789 hz * (safe_rnginterval ? safe_rnginterval : 1), safe_rng, sc);
1790}
1791#endif /* SAFE_NO_RNG */
1792
1793static void
1794safe_dmamap_cb(void *arg, bus_dma_segment_t *segs, int nseg, int error)
1795{
1796 bus_addr_t *paddr = (bus_addr_t*) arg;
1797 *paddr = segs->ds_addr;
1798}
1799
1800static int
1801safe_dma_malloc(
1802 struct safe_softc *sc,
1803 bus_size_t size,
1804 struct safe_dma_alloc *dma,
1805 int mapflags
1806)
1807{
1808 int r;
1809
1810 r = bus_dma_tag_create(NULL, /* parent */
1811 sizeof(u_int32_t), 0, /* alignment, bounds */
1812 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */
1813 BUS_SPACE_MAXADDR, /* highaddr */
1814 NULL, NULL, /* filter, filterarg */
1815 size, /* maxsize */
1816 1, /* nsegments */
1817 size, /* maxsegsize */
1818 BUS_DMA_ALLOCNOW, /* flags */
1819 NULL, NULL, /* locking */
1820 &dma->dma_tag);
1821 if (r != 0) {
1822 device_printf(sc->sc_dev, "safe_dma_malloc: "
1823 "bus_dma_tag_create failed; error %u\n", r);
1824 goto fail_0;
1825 }
1826
1827 r = bus_dmamap_create(dma->dma_tag, BUS_DMA_NOWAIT, &dma->dma_map);
1828 if (r != 0) {
1829 device_printf(sc->sc_dev, "safe_dma_malloc: "
1830 "bus_dmamap_create failed; error %u\n", r);
1831 goto fail_1;
1832 }
1833
1834 r = bus_dmamem_alloc(dma->dma_tag, (void**) &dma->dma_vaddr,
1835 BUS_DMA_NOWAIT, &dma->dma_map);
1836 if (r != 0) {
1837 device_printf(sc->sc_dev, "safe_dma_malloc: "
1838 "bus_dmammem_alloc failed; size %zu, error %u\n",
1839 size, r);
1840 goto fail_2;
1841 }
1842
1843 r = bus_dmamap_load(dma->dma_tag, dma->dma_map, dma->dma_vaddr,
1844 size,
1845 safe_dmamap_cb,
1846 &dma->dma_paddr,
1847 mapflags | BUS_DMA_NOWAIT);
1848 if (r != 0) {
1849 device_printf(sc->sc_dev, "safe_dma_malloc: "
1850 "bus_dmamap_load failed; error %u\n", r);
1851 goto fail_3;
1852 }
1853
1854 dma->dma_size = size;
1855 return (0);
1856
1857fail_3:
1858 bus_dmamap_unload(dma->dma_tag, dma->dma_map);
1859fail_2:
1860 bus_dmamem_free(dma->dma_tag, dma->dma_vaddr, dma->dma_map);
1861fail_1:
1862 bus_dmamap_destroy(dma->dma_tag, dma->dma_map);
1863 bus_dma_tag_destroy(dma->dma_tag);
1864fail_0:
1865 dma->dma_map = NULL;
1866 dma->dma_tag = NULL;
1867 return (r);
1868}
1869
1870static void
1871safe_dma_free(struct safe_softc *sc, struct safe_dma_alloc *dma)
1872{
1873 bus_dmamap_unload(dma->dma_tag, dma->dma_map);
1874 bus_dmamem_free(dma->dma_tag, dma->dma_vaddr, dma->dma_map);
1875 bus_dmamap_destroy(dma->dma_tag, dma->dma_map);
1876 bus_dma_tag_destroy(dma->dma_tag);
1877}
1878
1879/*
1880 * Resets the board. Values in the regesters are left as is
1881 * from the reset (i.e. initial values are assigned elsewhere).
1882 */
1883static void
1884safe_reset_board(struct safe_softc *sc)
1885{
1886 u_int32_t v;
1887 /*
1888 * Reset the device. The manual says no delay
1889 * is needed between marking and clearing reset.
1890 */
1891 v = READ_REG(sc, SAFE_PE_DMACFG) &~
1892 (SAFE_PE_DMACFG_PERESET | SAFE_PE_DMACFG_PDRRESET |
1893 SAFE_PE_DMACFG_SGRESET);
1894 WRITE_REG(sc, SAFE_PE_DMACFG, v
1895 | SAFE_PE_DMACFG_PERESET
1896 | SAFE_PE_DMACFG_PDRRESET
1897 | SAFE_PE_DMACFG_SGRESET);
1898 WRITE_REG(sc, SAFE_PE_DMACFG, v);
1899}
1900
1901/*
1902 * Initialize registers we need to touch only once.
1903 */
1904static void
1905safe_init_board(struct safe_softc *sc)
1906{
1907 u_int32_t v, dwords;
1908
1909 v = READ_REG(sc, SAFE_PE_DMACFG);
1910 v &=~ SAFE_PE_DMACFG_PEMODE;
1911 v |= SAFE_PE_DMACFG_FSENA /* failsafe enable */
1912 | SAFE_PE_DMACFG_GPRPCI /* gather ring on PCI */
1913 | SAFE_PE_DMACFG_SPRPCI /* scatter ring on PCI */
1914 | SAFE_PE_DMACFG_ESDESC /* endian-swap descriptors */
1915 | SAFE_PE_DMACFG_ESSA /* endian-swap SA's */
1916 | SAFE_PE_DMACFG_ESPDESC /* endian-swap part. desc's */
1917 ;
1918 WRITE_REG(sc, SAFE_PE_DMACFG, v);
1919#if 0
1920 /* XXX select byte swap based on host byte order */
1921 WRITE_REG(sc, SAFE_ENDIAN, 0x1b);
1922#endif
1923 if (sc->sc_chiprev == SAFE_REV(1,0)) {
1924 /*
1925 * Avoid large PCI DMA transfers. Rev 1.0 has a bug where
1926 * "target mode transfers" done while the chip is DMA'ing
1927 * >1020 bytes cause the hardware to lockup. To avoid this
1928 * we reduce the max PCI transfer size and use small source
1929 * particle descriptors (<= 256 bytes).
1930 */
1931 WRITE_REG(sc, SAFE_DMA_CFG, 256);
1932 device_printf(sc->sc_dev,
1933 "Reduce max DMA size to %u words for rev %u.%u WAR\n",
1934 (READ_REG(sc, SAFE_DMA_CFG)>>2) & 0xff,
1935 SAFE_REV_MAJ(sc->sc_chiprev),
1936 SAFE_REV_MIN(sc->sc_chiprev));
1937 }
1938
1939 /* NB: operands+results are overlaid */
1940 WRITE_REG(sc, SAFE_PE_PDRBASE, sc->sc_ringalloc.dma_paddr);
1941 WRITE_REG(sc, SAFE_PE_RDRBASE, sc->sc_ringalloc.dma_paddr);
1942 /*
1943 * Configure ring entry size and number of items in the ring.
1944 */
1945 KASSERT((sizeof(struct safe_ringentry) % sizeof(u_int32_t)) == 0,
1946 ("PE ring entry not 32-bit aligned!"));
1947 dwords = sizeof(struct safe_ringentry) / sizeof(u_int32_t);
1948 WRITE_REG(sc, SAFE_PE_RINGCFG,
1949 (dwords << SAFE_PE_RINGCFG_OFFSET_S) | SAFE_MAX_NQUEUE);
1950 WRITE_REG(sc, SAFE_PE_RINGPOLL, 0); /* disable polling */
1951
1952 WRITE_REG(sc, SAFE_PE_GRNGBASE, sc->sc_spalloc.dma_paddr);
1953 WRITE_REG(sc, SAFE_PE_SRNGBASE, sc->sc_dpalloc.dma_paddr);
1954 WRITE_REG(sc, SAFE_PE_PARTSIZE,
1955 (SAFE_TOTAL_DPART<<16) | SAFE_TOTAL_SPART);
1956 /*
1957 * NB: destination particles are fixed size. We use
1958 * an mbuf cluster and require all results go to
1959 * clusters or smaller.
1960 */
1961 WRITE_REG(sc, SAFE_PE_PARTCFG, SAFE_MAX_DSIZE);
1962
1963 /* it's now safe to enable PE mode, do it */
1964 WRITE_REG(sc, SAFE_PE_DMACFG, v | SAFE_PE_DMACFG_PEMODE);
1965
1966 /*
1967 * Configure hardware to use level-triggered interrupts and
1968 * to interrupt after each descriptor is processed.
1969 */
1970 WRITE_REG(sc, SAFE_HI_CFG, SAFE_HI_CFG_LEVEL);
1971 WRITE_REG(sc, SAFE_HI_DESC_CNT, 1);
1972 WRITE_REG(sc, SAFE_HI_MASK, SAFE_INT_PE_DDONE | SAFE_INT_PE_ERROR);
1973}
1974
1975/*
1976 * Init PCI registers
1977 */
1978static void
1979safe_init_pciregs(device_t dev)
1980{
1981}
1982
1983/*
1984 * Clean up after a chip crash.
1985 * It is assumed that the caller in splimp()
1986 */
1987static void
1988safe_cleanchip(struct safe_softc *sc)
1989{
1990
1991 if (sc->sc_nqchip != 0) {
1992 struct safe_ringentry *re = sc->sc_back;
1993
1994 while (re != sc->sc_front) {
1995 if (re->re_desc.d_csr != 0)
1996 safe_free_entry(sc, re);
1997 if (++re == sc->sc_ringtop)
1998 re = sc->sc_ring;
1999 }
2000 sc->sc_back = re;
2001 sc->sc_nqchip = 0;
2002 }
2003}
2004
2005/*
2006 * free a safe_q
2007 * It is assumed that the caller is within splimp().
2008 */
2009static int
2010safe_free_entry(struct safe_softc *sc, struct safe_ringentry *re)
2011{
2012 struct cryptop *crp;
2013
2014 /*
2015 * Free header MCR
2016 */
2017 if ((re->re_dst_m != NULL) && (re->re_src_m != re->re_dst_m))
2018 m_freem(re->re_dst_m);
2019
2020 crp = (struct cryptop *)re->re_crp;
2021
2022 re->re_desc.d_csr = 0;
2023
2024 crp->crp_etype = EFAULT;
2025 crypto_done(crp);
2026 return(0);
2027}
2028
2029/*
2030 * Routine to reset the chip and clean up.
2031 * It is assumed that the caller is in splimp()
2032 */
2033static void
2034safe_totalreset(struct safe_softc *sc)
2035{
2036 safe_reset_board(sc);
2037 safe_init_board(sc);
2038 safe_cleanchip(sc);
2039}
2040
2041/*
2042 * Is the operand suitable aligned for direct DMA. Each
2043 * segment must be aligned on a 32-bit boundary and all
2044 * but the last segment must be a multiple of 4 bytes.
2045 */
2046static int
2047safe_dmamap_aligned(const struct safe_operand *op)
2048{
2049 int i;
2050
2051 for (i = 0; i < op->nsegs; i++) {
2052 if (op->segs[i].ds_addr & 3)
2053 return (0);
2054 if (i != (op->nsegs - 1) && (op->segs[i].ds_len & 3))
2055 return (0);
2056 }
2057 return (1);
2058}
2059
2060/*
2061 * Is the operand suitable for direct DMA as the destination
2062 * of an operation. The hardware requires that each ``particle''
2063 * but the last in an operation result have the same size. We
2064 * fix that size at SAFE_MAX_DSIZE bytes. This routine returns
2065 * 0 if some segment is not a multiple of of this size, 1 if all
2066 * segments are exactly this size, or 2 if segments are at worst
2067 * a multple of this size.
2068 */
2069static int
2070safe_dmamap_uniform(const struct safe_operand *op)
2071{
2072 int result = 1;
2073
2074 if (op->nsegs > 0) {
2075 int i;
2076
2077 for (i = 0; i < op->nsegs-1; i++) {
2078 if (op->segs[i].ds_len % SAFE_MAX_DSIZE)
2079 return (0);
2080 if (op->segs[i].ds_len != SAFE_MAX_DSIZE)
2081 result = 2;
2082 }
2083 }
2084 return (result);
2085}
2086
2087#ifdef SAFE_DEBUG
2088static void
2089safe_dump_dmastatus(struct safe_softc *sc, const char *tag)
2090{
2091 printf("%s: ENDIAN 0x%x SRC 0x%x DST 0x%x STAT 0x%x\n"
2092 , tag
2093 , READ_REG(sc, SAFE_DMA_ENDIAN)
2094 , READ_REG(sc, SAFE_DMA_SRCADDR)
2095 , READ_REG(sc, SAFE_DMA_DSTADDR)
2096 , READ_REG(sc, SAFE_DMA_STAT)
2097 );
2098}
2099
2100static void
2101safe_dump_intrstate(struct safe_softc *sc, const char *tag)
2102{
2103 printf("%s: HI_CFG 0x%x HI_MASK 0x%x HI_DESC_CNT 0x%x HU_STAT 0x%x HM_STAT 0x%x\n"
2104 , tag
2105 , READ_REG(sc, SAFE_HI_CFG)
2106 , READ_REG(sc, SAFE_HI_MASK)
2107 , READ_REG(sc, SAFE_HI_DESC_CNT)
2108 , READ_REG(sc, SAFE_HU_STAT)
2109 , READ_REG(sc, SAFE_HM_STAT)
2110 );
2111}
2112
2113static void
2114safe_dump_ringstate(struct safe_softc *sc, const char *tag)
2115{
2116 u_int32_t estat = READ_REG(sc, SAFE_PE_ERNGSTAT);
2117
2118 /* NB: assume caller has lock on ring */
2119 printf("%s: ERNGSTAT %x (next %u) back %lu front %lu\n",
2120 tag,
2121 estat, (estat >> SAFE_PE_ERNGSTAT_NEXT_S),
2122 (unsigned long)(sc->sc_back - sc->sc_ring),
2123 (unsigned long)(sc->sc_front - sc->sc_ring));
2124}
2125
2126static void
2127safe_dump_request(struct safe_softc *sc, const char* tag, struct safe_ringentry *re)
2128{
2129 int ix, nsegs;
2130
2131 ix = re - sc->sc_ring;
2132 printf("%s: %p (%u): csr %x src %x dst %x sa %x len %x\n"
2133 , tag
2134 , re, ix
2135 , re->re_desc.d_csr
2136 , re->re_desc.d_src
2137 , re->re_desc.d_dst
2138 , re->re_desc.d_sa
2139 , re->re_desc.d_len
2140 );
2141 if (re->re_src.nsegs > 1) {
2142 ix = (re->re_desc.d_src - sc->sc_spalloc.dma_paddr) /
2143 sizeof(struct safe_pdesc);
2144 for (nsegs = re->re_src.nsegs; nsegs; nsegs--) {
2145 printf(" spd[%u] %p: %p size %u flags %x"
2146 , ix, &sc->sc_spring[ix]
2147 , (caddr_t)(uintptr_t) sc->sc_spring[ix].pd_addr
2148 , sc->sc_spring[ix].pd_size
2149 , sc->sc_spring[ix].pd_flags
2150 );
2151 if (sc->sc_spring[ix].pd_size == 0)
2152 printf(" (zero!)");
2153 printf("\n");
2154 if (++ix == SAFE_TOTAL_SPART)
2155 ix = 0;
2156 }
2157 }
2158 if (re->re_dst.nsegs > 1) {
2159 ix = (re->re_desc.d_dst - sc->sc_dpalloc.dma_paddr) /
2160 sizeof(struct safe_pdesc);
2161 for (nsegs = re->re_dst.nsegs; nsegs; nsegs--) {
2162 printf(" dpd[%u] %p: %p flags %x\n"
2163 , ix, &sc->sc_dpring[ix]
2164 , (caddr_t)(uintptr_t) sc->sc_dpring[ix].pd_addr
2165 , sc->sc_dpring[ix].pd_flags
2166 );
2167 if (++ix == SAFE_TOTAL_DPART)
2168 ix = 0;
2169 }
2170 }
2171 printf("sa: cmd0 %08x cmd1 %08x staterec %x\n",
2172 re->re_sa.sa_cmd0, re->re_sa.sa_cmd1, re->re_sa.sa_staterec);
2173 printf("sa: key %x %x %x %x %x %x %x %x\n"
2174 , re->re_sa.sa_key[0]
2175 , re->re_sa.sa_key[1]
2176 , re->re_sa.sa_key[2]
2177 , re->re_sa.sa_key[3]
2178 , re->re_sa.sa_key[4]
2179 , re->re_sa.sa_key[5]
2180 , re->re_sa.sa_key[6]
2181 , re->re_sa.sa_key[7]
2182 );
2183 printf("sa: indigest %x %x %x %x %x\n"
2184 , re->re_sa.sa_indigest[0]
2185 , re->re_sa.sa_indigest[1]
2186 , re->re_sa.sa_indigest[2]
2187 , re->re_sa.sa_indigest[3]
2188 , re->re_sa.sa_indigest[4]
2189 );
2190 printf("sa: outdigest %x %x %x %x %x\n"
2191 , re->re_sa.sa_outdigest[0]
2192 , re->re_sa.sa_outdigest[1]
2193 , re->re_sa.sa_outdigest[2]
2194 , re->re_sa.sa_outdigest[3]
2195 , re->re_sa.sa_outdigest[4]
2196 );
2197 printf("sr: iv %x %x %x %x\n"
2198 , re->re_sastate.sa_saved_iv[0]
2199 , re->re_sastate.sa_saved_iv[1]
2200 , re->re_sastate.sa_saved_iv[2]
2201 , re->re_sastate.sa_saved_iv[3]
2202 );
2203 printf("sr: hashbc %u indigest %x %x %x %x %x\n"
2204 , re->re_sastate.sa_saved_hashbc
2205 , re->re_sastate.sa_saved_indigest[0]
2206 , re->re_sastate.sa_saved_indigest[1]
2207 , re->re_sastate.sa_saved_indigest[2]
2208 , re->re_sastate.sa_saved_indigest[3]
2209 , re->re_sastate.sa_saved_indigest[4]
2210 );
2211}
2212
2213static void
2214safe_dump_ring(struct safe_softc *sc, const char *tag)
2215{
2216 mtx_lock(&sc->sc_ringmtx);
2217 printf("\nSafeNet Ring State:\n");
2218 safe_dump_intrstate(sc, tag);
2219 safe_dump_dmastatus(sc, tag);
2220 safe_dump_ringstate(sc, tag);
2221 if (sc->sc_nqchip) {
2222 struct safe_ringentry *re = sc->sc_back;
2223 do {
2224 safe_dump_request(sc, tag, re);
2225 if (++re == sc->sc_ringtop)
2226 re = sc->sc_ring;
2227 } while (re != sc->sc_front);
2228 }
2229 mtx_unlock(&sc->sc_ringmtx);
2230}
2231
2232static int
2233sysctl_hw_safe_dump(SYSCTL_HANDLER_ARGS)
2234{
2235 char dmode[64];
2236 int error;
2237
2238 strncpy(dmode, "", sizeof(dmode) - 1);
2239 dmode[sizeof(dmode) - 1] = '\0';
2240 error = sysctl_handle_string(oidp, &dmode[0], sizeof(dmode), req);
2241
2242 if (error == 0 && req->newptr != NULL) {
2243 struct safe_softc *sc = safec;
2244
2245 if (!sc)
2246 return EINVAL;
2247 if (strncmp(dmode, "dma", 3) == 0)
2248 safe_dump_dmastatus(sc, "safe0");
2249 else if (strncmp(dmode, "int", 3) == 0)
2250 safe_dump_intrstate(sc, "safe0");
2251 else if (strncmp(dmode, "ring", 4) == 0)
2252 safe_dump_ring(sc, "safe0");
2253 else
2254 return EINVAL;
2255 }
2256 return error;
2257}
2258SYSCTL_PROC(_hw_safe, OID_AUTO, dump, CTLTYPE_STRING | CTLFLAG_RW,
2259 0, 0, sysctl_hw_safe_dump, "A", "Dump driver state");
2260#endif /* SAFE_DEBUG */