safe.c revision 227309
1/*- 2 * Copyright (c) 2003 Sam Leffler, Errno Consulting 3 * Copyright (c) 2003 Global Technology Associates, Inc. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28#include <sys/cdefs.h> 29__FBSDID("$FreeBSD: head/sys/dev/safe/safe.c 227309 2011-11-07 15:43:11Z ed $"); 30 31/* 32 * SafeNet SafeXcel-1141 hardware crypto accelerator 33 */ 34#include "opt_safe.h" 35 36#include <sys/param.h> 37#include <sys/systm.h> 38#include <sys/proc.h> 39#include <sys/errno.h> 40#include <sys/malloc.h> 41#include <sys/kernel.h> 42#include <sys/mbuf.h> 43#include <sys/module.h> 44#include <sys/lock.h> 45#include <sys/mutex.h> 46#include <sys/sysctl.h> 47#include <sys/endian.h> 48 49#include <vm/vm.h> 50#include <vm/pmap.h> 51 52#include <machine/bus.h> 53#include <machine/resource.h> 54#include <sys/bus.h> 55#include <sys/rman.h> 56 57#include <crypto/sha1.h> 58#include <opencrypto/cryptodev.h> 59#include <opencrypto/cryptosoft.h> 60#include <sys/md5.h> 61#include <sys/random.h> 62#include <sys/kobj.h> 63 64#include "cryptodev_if.h" 65 66#include <dev/pci/pcivar.h> 67#include <dev/pci/pcireg.h> 68 69#ifdef SAFE_RNDTEST 70#include <dev/rndtest/rndtest.h> 71#endif 72#include <dev/safe/safereg.h> 73#include <dev/safe/safevar.h> 74 75#ifndef bswap32 76#define bswap32 NTOHL 77#endif 78 79/* 80 * Prototypes and count for the pci_device structure 81 */ 82static int safe_probe(device_t); 83static int safe_attach(device_t); 84static int safe_detach(device_t); 85static int safe_suspend(device_t); 86static int safe_resume(device_t); 87static int safe_shutdown(device_t); 88 89static int safe_newsession(device_t, u_int32_t *, struct cryptoini *); 90static int safe_freesession(device_t, u_int64_t); 91static int safe_process(device_t, struct cryptop *, int); 92 93static device_method_t safe_methods[] = { 94 /* Device interface */ 95 DEVMETHOD(device_probe, safe_probe), 96 DEVMETHOD(device_attach, safe_attach), 97 DEVMETHOD(device_detach, safe_detach), 98 DEVMETHOD(device_suspend, safe_suspend), 99 DEVMETHOD(device_resume, safe_resume), 100 DEVMETHOD(device_shutdown, safe_shutdown), 101 102 /* bus interface */ 103 DEVMETHOD(bus_print_child, bus_generic_print_child), 104 DEVMETHOD(bus_driver_added, bus_generic_driver_added), 105 106 /* crypto device methods */ 107 DEVMETHOD(cryptodev_newsession, safe_newsession), 108 DEVMETHOD(cryptodev_freesession,safe_freesession), 109 DEVMETHOD(cryptodev_process, safe_process), 110 111 { 0, 0 } 112}; 113static driver_t safe_driver = { 114 "safe", 115 safe_methods, 116 sizeof (struct safe_softc) 117}; 118static devclass_t safe_devclass; 119 120DRIVER_MODULE(safe, pci, safe_driver, safe_devclass, 0, 0); 121MODULE_DEPEND(safe, crypto, 1, 1, 1); 122#ifdef SAFE_RNDTEST 123MODULE_DEPEND(safe, rndtest, 1, 1, 1); 124#endif 125 126static void safe_intr(void *); 127static void safe_callback(struct safe_softc *, struct safe_ringentry *); 128static void safe_feed(struct safe_softc *, struct safe_ringentry *); 129static void safe_mcopy(struct mbuf *, struct mbuf *, u_int); 130#ifndef SAFE_NO_RNG 131static void safe_rng_init(struct safe_softc *); 132static void safe_rng(void *); 133#endif /* SAFE_NO_RNG */ 134static int safe_dma_malloc(struct safe_softc *, bus_size_t, 135 struct safe_dma_alloc *, int); 136#define safe_dma_sync(_dma, _flags) \ 137 bus_dmamap_sync((_dma)->dma_tag, (_dma)->dma_map, (_flags)) 138static void safe_dma_free(struct safe_softc *, struct safe_dma_alloc *); 139static int safe_dmamap_aligned(const struct safe_operand *); 140static int safe_dmamap_uniform(const struct safe_operand *); 141 142static void safe_reset_board(struct safe_softc *); 143static void safe_init_board(struct safe_softc *); 144static void safe_init_pciregs(device_t dev); 145static void safe_cleanchip(struct safe_softc *); 146static void safe_totalreset(struct safe_softc *); 147 148static int safe_free_entry(struct safe_softc *, struct safe_ringentry *); 149 150static SYSCTL_NODE(_hw, OID_AUTO, safe, CTLFLAG_RD, 0, 151 "SafeNet driver parameters"); 152 153#ifdef SAFE_DEBUG 154static void safe_dump_dmastatus(struct safe_softc *, const char *); 155static void safe_dump_ringstate(struct safe_softc *, const char *); 156static void safe_dump_intrstate(struct safe_softc *, const char *); 157static void safe_dump_request(struct safe_softc *, const char *, 158 struct safe_ringentry *); 159 160static struct safe_softc *safec; /* for use by hw.safe.dump */ 161 162static int safe_debug = 0; 163SYSCTL_INT(_hw_safe, OID_AUTO, debug, CTLFLAG_RW, &safe_debug, 164 0, "control debugging msgs"); 165#define DPRINTF(_x) if (safe_debug) printf _x 166#else 167#define DPRINTF(_x) 168#endif 169 170#define READ_REG(sc,r) \ 171 bus_space_read_4((sc)->sc_st, (sc)->sc_sh, (r)) 172 173#define WRITE_REG(sc,reg,val) \ 174 bus_space_write_4((sc)->sc_st, (sc)->sc_sh, reg, val) 175 176struct safe_stats safestats; 177SYSCTL_STRUCT(_hw_safe, OID_AUTO, stats, CTLFLAG_RD, &safestats, 178 safe_stats, "driver statistics"); 179#ifndef SAFE_NO_RNG 180static int safe_rnginterval = 1; /* poll once a second */ 181SYSCTL_INT(_hw_safe, OID_AUTO, rnginterval, CTLFLAG_RW, &safe_rnginterval, 182 0, "RNG polling interval (secs)"); 183static int safe_rngbufsize = 16; /* 64 bytes each poll */ 184SYSCTL_INT(_hw_safe, OID_AUTO, rngbufsize, CTLFLAG_RW, &safe_rngbufsize, 185 0, "RNG polling buffer size (32-bit words)"); 186static int safe_rngmaxalarm = 8; /* max alarms before reset */ 187SYSCTL_INT(_hw_safe, OID_AUTO, rngmaxalarm, CTLFLAG_RW, &safe_rngmaxalarm, 188 0, "RNG max alarms before reset"); 189#endif /* SAFE_NO_RNG */ 190 191static int 192safe_probe(device_t dev) 193{ 194 if (pci_get_vendor(dev) == PCI_VENDOR_SAFENET && 195 pci_get_device(dev) == PCI_PRODUCT_SAFEXCEL) 196 return (BUS_PROBE_DEFAULT); 197 return (ENXIO); 198} 199 200static const char* 201safe_partname(struct safe_softc *sc) 202{ 203 /* XXX sprintf numbers when not decoded */ 204 switch (pci_get_vendor(sc->sc_dev)) { 205 case PCI_VENDOR_SAFENET: 206 switch (pci_get_device(sc->sc_dev)) { 207 case PCI_PRODUCT_SAFEXCEL: return "SafeNet SafeXcel-1141"; 208 } 209 return "SafeNet unknown-part"; 210 } 211 return "Unknown-vendor unknown-part"; 212} 213 214#ifndef SAFE_NO_RNG 215static void 216default_harvest(struct rndtest_state *rsp, void *buf, u_int count) 217{ 218 random_harvest(buf, count, count*NBBY, 0, RANDOM_PURE); 219} 220#endif /* SAFE_NO_RNG */ 221 222static int 223safe_attach(device_t dev) 224{ 225 struct safe_softc *sc = device_get_softc(dev); 226 u_int32_t raddr; 227 u_int32_t cmd, i, devinfo; 228 int rid; 229 230 bzero(sc, sizeof (*sc)); 231 sc->sc_dev = dev; 232 233 /* XXX handle power management */ 234 235 cmd = pci_read_config(dev, PCIR_COMMAND, 4); 236 cmd |= PCIM_CMD_MEMEN | PCIM_CMD_BUSMASTEREN; 237 pci_write_config(dev, PCIR_COMMAND, cmd, 4); 238 cmd = pci_read_config(dev, PCIR_COMMAND, 4); 239 240 if (!(cmd & PCIM_CMD_MEMEN)) { 241 device_printf(dev, "failed to enable memory mapping\n"); 242 goto bad; 243 } 244 245 if (!(cmd & PCIM_CMD_BUSMASTEREN)) { 246 device_printf(dev, "failed to enable bus mastering\n"); 247 goto bad; 248 } 249 250 /* 251 * Setup memory-mapping of PCI registers. 252 */ 253 rid = BS_BAR; 254 sc->sc_sr = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid, 255 RF_ACTIVE); 256 if (sc->sc_sr == NULL) { 257 device_printf(dev, "cannot map register space\n"); 258 goto bad; 259 } 260 sc->sc_st = rman_get_bustag(sc->sc_sr); 261 sc->sc_sh = rman_get_bushandle(sc->sc_sr); 262 263 /* 264 * Arrange interrupt line. 265 */ 266 rid = 0; 267 sc->sc_irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid, 268 RF_SHAREABLE|RF_ACTIVE); 269 if (sc->sc_irq == NULL) { 270 device_printf(dev, "could not map interrupt\n"); 271 goto bad1; 272 } 273 /* 274 * NB: Network code assumes we are blocked with splimp() 275 * so make sure the IRQ is mapped appropriately. 276 */ 277 if (bus_setup_intr(dev, sc->sc_irq, INTR_TYPE_NET | INTR_MPSAFE, 278 NULL, safe_intr, sc, &sc->sc_ih)) { 279 device_printf(dev, "could not establish interrupt\n"); 280 goto bad2; 281 } 282 283 sc->sc_cid = crypto_get_driverid(dev, CRYPTOCAP_F_HARDWARE); 284 if (sc->sc_cid < 0) { 285 device_printf(dev, "could not get crypto driver id\n"); 286 goto bad3; 287 } 288 289 sc->sc_chiprev = READ_REG(sc, SAFE_DEVINFO) & 290 (SAFE_DEVINFO_REV_MAJ | SAFE_DEVINFO_REV_MIN); 291 292 /* 293 * Setup DMA descriptor area. 294 */ 295 if (bus_dma_tag_create(NULL, /* parent */ 296 1, /* alignment */ 297 SAFE_DMA_BOUNDARY, /* boundary */ 298 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */ 299 BUS_SPACE_MAXADDR, /* highaddr */ 300 NULL, NULL, /* filter, filterarg */ 301 SAFE_MAX_DMA, /* maxsize */ 302 SAFE_MAX_PART, /* nsegments */ 303 SAFE_MAX_SSIZE, /* maxsegsize */ 304 BUS_DMA_ALLOCNOW, /* flags */ 305 NULL, NULL, /* locking */ 306 &sc->sc_srcdmat)) { 307 device_printf(dev, "cannot allocate DMA tag\n"); 308 goto bad4; 309 } 310 if (bus_dma_tag_create(NULL, /* parent */ 311 1, /* alignment */ 312 SAFE_MAX_DSIZE, /* boundary */ 313 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */ 314 BUS_SPACE_MAXADDR, /* highaddr */ 315 NULL, NULL, /* filter, filterarg */ 316 SAFE_MAX_DMA, /* maxsize */ 317 SAFE_MAX_PART, /* nsegments */ 318 SAFE_MAX_DSIZE, /* maxsegsize */ 319 BUS_DMA_ALLOCNOW, /* flags */ 320 NULL, NULL, /* locking */ 321 &sc->sc_dstdmat)) { 322 device_printf(dev, "cannot allocate DMA tag\n"); 323 goto bad4; 324 } 325 326 /* 327 * Allocate packet engine descriptors. 328 */ 329 if (safe_dma_malloc(sc, 330 SAFE_MAX_NQUEUE * sizeof (struct safe_ringentry), 331 &sc->sc_ringalloc, 0)) { 332 device_printf(dev, "cannot allocate PE descriptor ring\n"); 333 bus_dma_tag_destroy(sc->sc_srcdmat); 334 goto bad4; 335 } 336 /* 337 * Hookup the static portion of all our data structures. 338 */ 339 sc->sc_ring = (struct safe_ringentry *) sc->sc_ringalloc.dma_vaddr; 340 sc->sc_ringtop = sc->sc_ring + SAFE_MAX_NQUEUE; 341 sc->sc_front = sc->sc_ring; 342 sc->sc_back = sc->sc_ring; 343 raddr = sc->sc_ringalloc.dma_paddr; 344 bzero(sc->sc_ring, SAFE_MAX_NQUEUE * sizeof(struct safe_ringentry)); 345 for (i = 0; i < SAFE_MAX_NQUEUE; i++) { 346 struct safe_ringentry *re = &sc->sc_ring[i]; 347 348 re->re_desc.d_sa = raddr + 349 offsetof(struct safe_ringentry, re_sa); 350 re->re_sa.sa_staterec = raddr + 351 offsetof(struct safe_ringentry, re_sastate); 352 353 raddr += sizeof (struct safe_ringentry); 354 } 355 mtx_init(&sc->sc_ringmtx, device_get_nameunit(dev), 356 "packet engine ring", MTX_DEF); 357 358 /* 359 * Allocate scatter and gather particle descriptors. 360 */ 361 if (safe_dma_malloc(sc, SAFE_TOTAL_SPART * sizeof (struct safe_pdesc), 362 &sc->sc_spalloc, 0)) { 363 device_printf(dev, "cannot allocate source particle " 364 "descriptor ring\n"); 365 mtx_destroy(&sc->sc_ringmtx); 366 safe_dma_free(sc, &sc->sc_ringalloc); 367 bus_dma_tag_destroy(sc->sc_srcdmat); 368 goto bad4; 369 } 370 sc->sc_spring = (struct safe_pdesc *) sc->sc_spalloc.dma_vaddr; 371 sc->sc_springtop = sc->sc_spring + SAFE_TOTAL_SPART; 372 sc->sc_spfree = sc->sc_spring; 373 bzero(sc->sc_spring, SAFE_TOTAL_SPART * sizeof(struct safe_pdesc)); 374 375 if (safe_dma_malloc(sc, SAFE_TOTAL_DPART * sizeof (struct safe_pdesc), 376 &sc->sc_dpalloc, 0)) { 377 device_printf(dev, "cannot allocate destination particle " 378 "descriptor ring\n"); 379 mtx_destroy(&sc->sc_ringmtx); 380 safe_dma_free(sc, &sc->sc_spalloc); 381 safe_dma_free(sc, &sc->sc_ringalloc); 382 bus_dma_tag_destroy(sc->sc_dstdmat); 383 goto bad4; 384 } 385 sc->sc_dpring = (struct safe_pdesc *) sc->sc_dpalloc.dma_vaddr; 386 sc->sc_dpringtop = sc->sc_dpring + SAFE_TOTAL_DPART; 387 sc->sc_dpfree = sc->sc_dpring; 388 bzero(sc->sc_dpring, SAFE_TOTAL_DPART * sizeof(struct safe_pdesc)); 389 390 device_printf(sc->sc_dev, "%s", safe_partname(sc)); 391 392 devinfo = READ_REG(sc, SAFE_DEVINFO); 393 if (devinfo & SAFE_DEVINFO_RNG) { 394 sc->sc_flags |= SAFE_FLAGS_RNG; 395 printf(" rng"); 396 } 397 if (devinfo & SAFE_DEVINFO_PKEY) { 398#if 0 399 printf(" key"); 400 sc->sc_flags |= SAFE_FLAGS_KEY; 401 crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0); 402 crypto_kregister(sc->sc_cid, CRK_MOD_EXP_CRT, 0); 403#endif 404 } 405 if (devinfo & SAFE_DEVINFO_DES) { 406 printf(" des/3des"); 407 crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0); 408 crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0); 409 } 410 if (devinfo & SAFE_DEVINFO_AES) { 411 printf(" aes"); 412 crypto_register(sc->sc_cid, CRYPTO_AES_CBC, 0, 0); 413 } 414 if (devinfo & SAFE_DEVINFO_MD5) { 415 printf(" md5"); 416 crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0); 417 } 418 if (devinfo & SAFE_DEVINFO_SHA1) { 419 printf(" sha1"); 420 crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0); 421 } 422 printf(" null"); 423 crypto_register(sc->sc_cid, CRYPTO_NULL_CBC, 0, 0); 424 crypto_register(sc->sc_cid, CRYPTO_NULL_HMAC, 0, 0); 425 /* XXX other supported algorithms */ 426 printf("\n"); 427 428 safe_reset_board(sc); /* reset h/w */ 429 safe_init_pciregs(dev); /* init pci settings */ 430 safe_init_board(sc); /* init h/w */ 431 432#ifndef SAFE_NO_RNG 433 if (sc->sc_flags & SAFE_FLAGS_RNG) { 434#ifdef SAFE_RNDTEST 435 sc->sc_rndtest = rndtest_attach(dev); 436 if (sc->sc_rndtest) 437 sc->sc_harvest = rndtest_harvest; 438 else 439 sc->sc_harvest = default_harvest; 440#else 441 sc->sc_harvest = default_harvest; 442#endif 443 safe_rng_init(sc); 444 445 callout_init(&sc->sc_rngto, CALLOUT_MPSAFE); 446 callout_reset(&sc->sc_rngto, hz*safe_rnginterval, safe_rng, sc); 447 } 448#endif /* SAFE_NO_RNG */ 449#ifdef SAFE_DEBUG 450 safec = sc; /* for use by hw.safe.dump */ 451#endif 452 return (0); 453bad4: 454 crypto_unregister_all(sc->sc_cid); 455bad3: 456 bus_teardown_intr(dev, sc->sc_irq, sc->sc_ih); 457bad2: 458 bus_release_resource(dev, SYS_RES_IRQ, 0, sc->sc_irq); 459bad1: 460 bus_release_resource(dev, SYS_RES_MEMORY, BS_BAR, sc->sc_sr); 461bad: 462 return (ENXIO); 463} 464 465/* 466 * Detach a device that successfully probed. 467 */ 468static int 469safe_detach(device_t dev) 470{ 471 struct safe_softc *sc = device_get_softc(dev); 472 473 /* XXX wait/abort active ops */ 474 475 WRITE_REG(sc, SAFE_HI_MASK, 0); /* disable interrupts */ 476 477 callout_stop(&sc->sc_rngto); 478 479 crypto_unregister_all(sc->sc_cid); 480 481#ifdef SAFE_RNDTEST 482 if (sc->sc_rndtest) 483 rndtest_detach(sc->sc_rndtest); 484#endif 485 486 safe_cleanchip(sc); 487 safe_dma_free(sc, &sc->sc_dpalloc); 488 safe_dma_free(sc, &sc->sc_spalloc); 489 mtx_destroy(&sc->sc_ringmtx); 490 safe_dma_free(sc, &sc->sc_ringalloc); 491 492 bus_generic_detach(dev); 493 bus_teardown_intr(dev, sc->sc_irq, sc->sc_ih); 494 bus_release_resource(dev, SYS_RES_IRQ, 0, sc->sc_irq); 495 496 bus_dma_tag_destroy(sc->sc_srcdmat); 497 bus_dma_tag_destroy(sc->sc_dstdmat); 498 bus_release_resource(dev, SYS_RES_MEMORY, BS_BAR, sc->sc_sr); 499 500 return (0); 501} 502 503/* 504 * Stop all chip i/o so that the kernel's probe routines don't 505 * get confused by errant DMAs when rebooting. 506 */ 507static int 508safe_shutdown(device_t dev) 509{ 510#ifdef notyet 511 safe_stop(device_get_softc(dev)); 512#endif 513 return (0); 514} 515 516/* 517 * Device suspend routine. 518 */ 519static int 520safe_suspend(device_t dev) 521{ 522 struct safe_softc *sc = device_get_softc(dev); 523 524#ifdef notyet 525 /* XXX stop the device and save PCI settings */ 526#endif 527 sc->sc_suspended = 1; 528 529 return (0); 530} 531 532static int 533safe_resume(device_t dev) 534{ 535 struct safe_softc *sc = device_get_softc(dev); 536 537#ifdef notyet 538 /* XXX retore PCI settings and start the device */ 539#endif 540 sc->sc_suspended = 0; 541 return (0); 542} 543 544/* 545 * SafeXcel Interrupt routine 546 */ 547static void 548safe_intr(void *arg) 549{ 550 struct safe_softc *sc = arg; 551 volatile u_int32_t stat; 552 553 stat = READ_REG(sc, SAFE_HM_STAT); 554 if (stat == 0) /* shared irq, not for us */ 555 return; 556 557 WRITE_REG(sc, SAFE_HI_CLR, stat); /* IACK */ 558 559 if ((stat & SAFE_INT_PE_DDONE)) { 560 /* 561 * Descriptor(s) done; scan the ring and 562 * process completed operations. 563 */ 564 mtx_lock(&sc->sc_ringmtx); 565 while (sc->sc_back != sc->sc_front) { 566 struct safe_ringentry *re = sc->sc_back; 567#ifdef SAFE_DEBUG 568 if (safe_debug) { 569 safe_dump_ringstate(sc, __func__); 570 safe_dump_request(sc, __func__, re); 571 } 572#endif 573 /* 574 * safe_process marks ring entries that were allocated 575 * but not used with a csr of zero. This insures the 576 * ring front pointer never needs to be set backwards 577 * in the event that an entry is allocated but not used 578 * because of a setup error. 579 */ 580 if (re->re_desc.d_csr != 0) { 581 if (!SAFE_PE_CSR_IS_DONE(re->re_desc.d_csr)) 582 break; 583 if (!SAFE_PE_LEN_IS_DONE(re->re_desc.d_len)) 584 break; 585 sc->sc_nqchip--; 586 safe_callback(sc, re); 587 } 588 if (++(sc->sc_back) == sc->sc_ringtop) 589 sc->sc_back = sc->sc_ring; 590 } 591 mtx_unlock(&sc->sc_ringmtx); 592 } 593 594 /* 595 * Check to see if we got any DMA Error 596 */ 597 if (stat & SAFE_INT_PE_ERROR) { 598 DPRINTF(("dmaerr dmastat %08x\n", 599 READ_REG(sc, SAFE_PE_DMASTAT))); 600 safestats.st_dmaerr++; 601 safe_totalreset(sc); 602#if 0 603 safe_feed(sc); 604#endif 605 } 606 607 if (sc->sc_needwakeup) { /* XXX check high watermark */ 608 int wakeup = sc->sc_needwakeup & (CRYPTO_SYMQ|CRYPTO_ASYMQ); 609 DPRINTF(("%s: wakeup crypto %x\n", __func__, 610 sc->sc_needwakeup)); 611 sc->sc_needwakeup &= ~wakeup; 612 crypto_unblock(sc->sc_cid, wakeup); 613 } 614} 615 616/* 617 * safe_feed() - post a request to chip 618 */ 619static void 620safe_feed(struct safe_softc *sc, struct safe_ringentry *re) 621{ 622 bus_dmamap_sync(sc->sc_srcdmat, re->re_src_map, BUS_DMASYNC_PREWRITE); 623 if (re->re_dst_map != NULL) 624 bus_dmamap_sync(sc->sc_dstdmat, re->re_dst_map, 625 BUS_DMASYNC_PREREAD); 626 /* XXX have no smaller granularity */ 627 safe_dma_sync(&sc->sc_ringalloc, 628 BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); 629 safe_dma_sync(&sc->sc_spalloc, BUS_DMASYNC_PREWRITE); 630 safe_dma_sync(&sc->sc_dpalloc, BUS_DMASYNC_PREWRITE); 631 632#ifdef SAFE_DEBUG 633 if (safe_debug) { 634 safe_dump_ringstate(sc, __func__); 635 safe_dump_request(sc, __func__, re); 636 } 637#endif 638 sc->sc_nqchip++; 639 if (sc->sc_nqchip > safestats.st_maxqchip) 640 safestats.st_maxqchip = sc->sc_nqchip; 641 /* poke h/w to check descriptor ring, any value can be written */ 642 WRITE_REG(sc, SAFE_HI_RD_DESCR, 0); 643} 644 645#define N(a) (sizeof(a) / sizeof (a[0])) 646static void 647safe_setup_enckey(struct safe_session *ses, caddr_t key) 648{ 649 int i; 650 651 bcopy(key, ses->ses_key, ses->ses_klen / 8); 652 653 /* PE is little-endian, insure proper byte order */ 654 for (i = 0; i < N(ses->ses_key); i++) 655 ses->ses_key[i] = htole32(ses->ses_key[i]); 656} 657 658static void 659safe_setup_mackey(struct safe_session *ses, int algo, caddr_t key, int klen) 660{ 661 MD5_CTX md5ctx; 662 SHA1_CTX sha1ctx; 663 int i; 664 665 666 for (i = 0; i < klen; i++) 667 key[i] ^= HMAC_IPAD_VAL; 668 669 if (algo == CRYPTO_MD5_HMAC) { 670 MD5Init(&md5ctx); 671 MD5Update(&md5ctx, key, klen); 672 MD5Update(&md5ctx, hmac_ipad_buffer, MD5_HMAC_BLOCK_LEN - klen); 673 bcopy(md5ctx.state, ses->ses_hminner, sizeof(md5ctx.state)); 674 } else { 675 SHA1Init(&sha1ctx); 676 SHA1Update(&sha1ctx, key, klen); 677 SHA1Update(&sha1ctx, hmac_ipad_buffer, 678 SHA1_HMAC_BLOCK_LEN - klen); 679 bcopy(sha1ctx.h.b32, ses->ses_hminner, sizeof(sha1ctx.h.b32)); 680 } 681 682 for (i = 0; i < klen; i++) 683 key[i] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL); 684 685 if (algo == CRYPTO_MD5_HMAC) { 686 MD5Init(&md5ctx); 687 MD5Update(&md5ctx, key, klen); 688 MD5Update(&md5ctx, hmac_opad_buffer, MD5_HMAC_BLOCK_LEN - klen); 689 bcopy(md5ctx.state, ses->ses_hmouter, sizeof(md5ctx.state)); 690 } else { 691 SHA1Init(&sha1ctx); 692 SHA1Update(&sha1ctx, key, klen); 693 SHA1Update(&sha1ctx, hmac_opad_buffer, 694 SHA1_HMAC_BLOCK_LEN - klen); 695 bcopy(sha1ctx.h.b32, ses->ses_hmouter, sizeof(sha1ctx.h.b32)); 696 } 697 698 for (i = 0; i < klen; i++) 699 key[i] ^= HMAC_OPAD_VAL; 700 701 /* PE is little-endian, insure proper byte order */ 702 for (i = 0; i < N(ses->ses_hminner); i++) { 703 ses->ses_hminner[i] = htole32(ses->ses_hminner[i]); 704 ses->ses_hmouter[i] = htole32(ses->ses_hmouter[i]); 705 } 706} 707#undef N 708 709/* 710 * Allocate a new 'session' and return an encoded session id. 'sidp' 711 * contains our registration id, and should contain an encoded session 712 * id on successful allocation. 713 */ 714static int 715safe_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri) 716{ 717 struct safe_softc *sc = device_get_softc(dev); 718 struct cryptoini *c, *encini = NULL, *macini = NULL; 719 struct safe_session *ses = NULL; 720 int sesn; 721 722 if (sidp == NULL || cri == NULL || sc == NULL) 723 return (EINVAL); 724 725 for (c = cri; c != NULL; c = c->cri_next) { 726 if (c->cri_alg == CRYPTO_MD5_HMAC || 727 c->cri_alg == CRYPTO_SHA1_HMAC || 728 c->cri_alg == CRYPTO_NULL_HMAC) { 729 if (macini) 730 return (EINVAL); 731 macini = c; 732 } else if (c->cri_alg == CRYPTO_DES_CBC || 733 c->cri_alg == CRYPTO_3DES_CBC || 734 c->cri_alg == CRYPTO_AES_CBC || 735 c->cri_alg == CRYPTO_NULL_CBC) { 736 if (encini) 737 return (EINVAL); 738 encini = c; 739 } else 740 return (EINVAL); 741 } 742 if (encini == NULL && macini == NULL) 743 return (EINVAL); 744 if (encini) { /* validate key length */ 745 switch (encini->cri_alg) { 746 case CRYPTO_DES_CBC: 747 if (encini->cri_klen != 64) 748 return (EINVAL); 749 break; 750 case CRYPTO_3DES_CBC: 751 if (encini->cri_klen != 192) 752 return (EINVAL); 753 break; 754 case CRYPTO_AES_CBC: 755 if (encini->cri_klen != 128 && 756 encini->cri_klen != 192 && 757 encini->cri_klen != 256) 758 return (EINVAL); 759 break; 760 } 761 } 762 763 if (sc->sc_sessions == NULL) { 764 ses = sc->sc_sessions = (struct safe_session *)malloc( 765 sizeof(struct safe_session), M_DEVBUF, M_NOWAIT); 766 if (ses == NULL) 767 return (ENOMEM); 768 sesn = 0; 769 sc->sc_nsessions = 1; 770 } else { 771 for (sesn = 0; sesn < sc->sc_nsessions; sesn++) { 772 if (sc->sc_sessions[sesn].ses_used == 0) { 773 ses = &sc->sc_sessions[sesn]; 774 break; 775 } 776 } 777 778 if (ses == NULL) { 779 sesn = sc->sc_nsessions; 780 ses = (struct safe_session *)malloc((sesn + 1) * 781 sizeof(struct safe_session), M_DEVBUF, M_NOWAIT); 782 if (ses == NULL) 783 return (ENOMEM); 784 bcopy(sc->sc_sessions, ses, sesn * 785 sizeof(struct safe_session)); 786 bzero(sc->sc_sessions, sesn * 787 sizeof(struct safe_session)); 788 free(sc->sc_sessions, M_DEVBUF); 789 sc->sc_sessions = ses; 790 ses = &sc->sc_sessions[sesn]; 791 sc->sc_nsessions++; 792 } 793 } 794 795 bzero(ses, sizeof(struct safe_session)); 796 ses->ses_used = 1; 797 798 if (encini) { 799 /* get an IV */ 800 /* XXX may read fewer than requested */ 801 read_random(ses->ses_iv, sizeof(ses->ses_iv)); 802 803 ses->ses_klen = encini->cri_klen; 804 if (encini->cri_key != NULL) 805 safe_setup_enckey(ses, encini->cri_key); 806 } 807 808 if (macini) { 809 ses->ses_mlen = macini->cri_mlen; 810 if (ses->ses_mlen == 0) { 811 if (macini->cri_alg == CRYPTO_MD5_HMAC) 812 ses->ses_mlen = MD5_HASH_LEN; 813 else 814 ses->ses_mlen = SHA1_HASH_LEN; 815 } 816 817 if (macini->cri_key != NULL) { 818 safe_setup_mackey(ses, macini->cri_alg, macini->cri_key, 819 macini->cri_klen / 8); 820 } 821 } 822 823 *sidp = SAFE_SID(device_get_unit(sc->sc_dev), sesn); 824 return (0); 825} 826 827/* 828 * Deallocate a session. 829 */ 830static int 831safe_freesession(device_t dev, u_int64_t tid) 832{ 833 struct safe_softc *sc = device_get_softc(dev); 834 int session, ret; 835 u_int32_t sid = ((u_int32_t) tid) & 0xffffffff; 836 837 if (sc == NULL) 838 return (EINVAL); 839 840 session = SAFE_SESSION(sid); 841 if (session < sc->sc_nsessions) { 842 bzero(&sc->sc_sessions[session], sizeof(sc->sc_sessions[session])); 843 ret = 0; 844 } else 845 ret = EINVAL; 846 return (ret); 847} 848 849static void 850safe_op_cb(void *arg, bus_dma_segment_t *seg, int nsegs, bus_size_t mapsize, int error) 851{ 852 struct safe_operand *op = arg; 853 854 DPRINTF(("%s: mapsize %u nsegs %d error %d\n", __func__, 855 (u_int) mapsize, nsegs, error)); 856 if (error != 0) 857 return; 858 op->mapsize = mapsize; 859 op->nsegs = nsegs; 860 bcopy(seg, op->segs, nsegs * sizeof (seg[0])); 861} 862 863static int 864safe_process(device_t dev, struct cryptop *crp, int hint) 865{ 866 struct safe_softc *sc = device_get_softc(dev); 867 int err = 0, i, nicealign, uniform; 868 struct cryptodesc *crd1, *crd2, *maccrd, *enccrd; 869 int bypass, oplen, ivsize; 870 caddr_t iv; 871 int16_t coffset; 872 struct safe_session *ses; 873 struct safe_ringentry *re; 874 struct safe_sarec *sa; 875 struct safe_pdesc *pd; 876 u_int32_t cmd0, cmd1, staterec; 877 878 if (crp == NULL || crp->crp_callback == NULL || sc == NULL) { 879 safestats.st_invalid++; 880 return (EINVAL); 881 } 882 if (SAFE_SESSION(crp->crp_sid) >= sc->sc_nsessions) { 883 safestats.st_badsession++; 884 return (EINVAL); 885 } 886 887 mtx_lock(&sc->sc_ringmtx); 888 if (sc->sc_front == sc->sc_back && sc->sc_nqchip != 0) { 889 safestats.st_ringfull++; 890 sc->sc_needwakeup |= CRYPTO_SYMQ; 891 mtx_unlock(&sc->sc_ringmtx); 892 return (ERESTART); 893 } 894 re = sc->sc_front; 895 896 staterec = re->re_sa.sa_staterec; /* save */ 897 /* NB: zero everything but the PE descriptor */ 898 bzero(&re->re_sa, sizeof(struct safe_ringentry) - sizeof(re->re_desc)); 899 re->re_sa.sa_staterec = staterec; /* restore */ 900 901 re->re_crp = crp; 902 re->re_sesn = SAFE_SESSION(crp->crp_sid); 903 904 if (crp->crp_flags & CRYPTO_F_IMBUF) { 905 re->re_src_m = (struct mbuf *)crp->crp_buf; 906 re->re_dst_m = (struct mbuf *)crp->crp_buf; 907 } else if (crp->crp_flags & CRYPTO_F_IOV) { 908 re->re_src_io = (struct uio *)crp->crp_buf; 909 re->re_dst_io = (struct uio *)crp->crp_buf; 910 } else { 911 safestats.st_badflags++; 912 err = EINVAL; 913 goto errout; /* XXX we don't handle contiguous blocks! */ 914 } 915 916 sa = &re->re_sa; 917 ses = &sc->sc_sessions[re->re_sesn]; 918 919 crd1 = crp->crp_desc; 920 if (crd1 == NULL) { 921 safestats.st_nodesc++; 922 err = EINVAL; 923 goto errout; 924 } 925 crd2 = crd1->crd_next; 926 927 cmd0 = SAFE_SA_CMD0_BASIC; /* basic group operation */ 928 cmd1 = 0; 929 if (crd2 == NULL) { 930 if (crd1->crd_alg == CRYPTO_MD5_HMAC || 931 crd1->crd_alg == CRYPTO_SHA1_HMAC || 932 crd1->crd_alg == CRYPTO_NULL_HMAC) { 933 maccrd = crd1; 934 enccrd = NULL; 935 cmd0 |= SAFE_SA_CMD0_OP_HASH; 936 } else if (crd1->crd_alg == CRYPTO_DES_CBC || 937 crd1->crd_alg == CRYPTO_3DES_CBC || 938 crd1->crd_alg == CRYPTO_AES_CBC || 939 crd1->crd_alg == CRYPTO_NULL_CBC) { 940 maccrd = NULL; 941 enccrd = crd1; 942 cmd0 |= SAFE_SA_CMD0_OP_CRYPT; 943 } else { 944 safestats.st_badalg++; 945 err = EINVAL; 946 goto errout; 947 } 948 } else { 949 if ((crd1->crd_alg == CRYPTO_MD5_HMAC || 950 crd1->crd_alg == CRYPTO_SHA1_HMAC || 951 crd1->crd_alg == CRYPTO_NULL_HMAC) && 952 (crd2->crd_alg == CRYPTO_DES_CBC || 953 crd2->crd_alg == CRYPTO_3DES_CBC || 954 crd2->crd_alg == CRYPTO_AES_CBC || 955 crd2->crd_alg == CRYPTO_NULL_CBC) && 956 ((crd2->crd_flags & CRD_F_ENCRYPT) == 0)) { 957 maccrd = crd1; 958 enccrd = crd2; 959 } else if ((crd1->crd_alg == CRYPTO_DES_CBC || 960 crd1->crd_alg == CRYPTO_3DES_CBC || 961 crd1->crd_alg == CRYPTO_AES_CBC || 962 crd1->crd_alg == CRYPTO_NULL_CBC) && 963 (crd2->crd_alg == CRYPTO_MD5_HMAC || 964 crd2->crd_alg == CRYPTO_SHA1_HMAC || 965 crd2->crd_alg == CRYPTO_NULL_HMAC) && 966 (crd1->crd_flags & CRD_F_ENCRYPT)) { 967 enccrd = crd1; 968 maccrd = crd2; 969 } else { 970 safestats.st_badalg++; 971 err = EINVAL; 972 goto errout; 973 } 974 cmd0 |= SAFE_SA_CMD0_OP_BOTH; 975 } 976 977 if (enccrd) { 978 if (enccrd->crd_flags & CRD_F_KEY_EXPLICIT) 979 safe_setup_enckey(ses, enccrd->crd_key); 980 981 if (enccrd->crd_alg == CRYPTO_DES_CBC) { 982 cmd0 |= SAFE_SA_CMD0_DES; 983 cmd1 |= SAFE_SA_CMD1_CBC; 984 ivsize = 2*sizeof(u_int32_t); 985 } else if (enccrd->crd_alg == CRYPTO_3DES_CBC) { 986 cmd0 |= SAFE_SA_CMD0_3DES; 987 cmd1 |= SAFE_SA_CMD1_CBC; 988 ivsize = 2*sizeof(u_int32_t); 989 } else if (enccrd->crd_alg == CRYPTO_AES_CBC) { 990 cmd0 |= SAFE_SA_CMD0_AES; 991 cmd1 |= SAFE_SA_CMD1_CBC; 992 if (ses->ses_klen == 128) 993 cmd1 |= SAFE_SA_CMD1_AES128; 994 else if (ses->ses_klen == 192) 995 cmd1 |= SAFE_SA_CMD1_AES192; 996 else 997 cmd1 |= SAFE_SA_CMD1_AES256; 998 ivsize = 4*sizeof(u_int32_t); 999 } else { 1000 cmd0 |= SAFE_SA_CMD0_CRYPT_NULL; 1001 ivsize = 0; 1002 } 1003 1004 /* 1005 * Setup encrypt/decrypt state. When using basic ops 1006 * we can't use an inline IV because hash/crypt offset 1007 * must be from the end of the IV to the start of the 1008 * crypt data and this leaves out the preceding header 1009 * from the hash calculation. Instead we place the IV 1010 * in the state record and set the hash/crypt offset to 1011 * copy both the header+IV. 1012 */ 1013 if (enccrd->crd_flags & CRD_F_ENCRYPT) { 1014 cmd0 |= SAFE_SA_CMD0_OUTBOUND; 1015 1016 if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) 1017 iv = enccrd->crd_iv; 1018 else 1019 iv = (caddr_t) ses->ses_iv; 1020 if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) { 1021 crypto_copyback(crp->crp_flags, crp->crp_buf, 1022 enccrd->crd_inject, ivsize, iv); 1023 } 1024 bcopy(iv, re->re_sastate.sa_saved_iv, ivsize); 1025 cmd0 |= SAFE_SA_CMD0_IVLD_STATE | SAFE_SA_CMD0_SAVEIV; 1026 re->re_flags |= SAFE_QFLAGS_COPYOUTIV; 1027 } else { 1028 cmd0 |= SAFE_SA_CMD0_INBOUND; 1029 1030 if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) { 1031 bcopy(enccrd->crd_iv, 1032 re->re_sastate.sa_saved_iv, ivsize); 1033 } else { 1034 crypto_copydata(crp->crp_flags, crp->crp_buf, 1035 enccrd->crd_inject, ivsize, 1036 (caddr_t)re->re_sastate.sa_saved_iv); 1037 } 1038 cmd0 |= SAFE_SA_CMD0_IVLD_STATE; 1039 } 1040 /* 1041 * For basic encryption use the zero pad algorithm. 1042 * This pads results to an 8-byte boundary and 1043 * suppresses padding verification for inbound (i.e. 1044 * decrypt) operations. 1045 * 1046 * NB: Not sure if the 8-byte pad boundary is a problem. 1047 */ 1048 cmd0 |= SAFE_SA_CMD0_PAD_ZERO; 1049 1050 /* XXX assert key bufs have the same size */ 1051 bcopy(ses->ses_key, sa->sa_key, sizeof(sa->sa_key)); 1052 } 1053 1054 if (maccrd) { 1055 if (maccrd->crd_flags & CRD_F_KEY_EXPLICIT) { 1056 safe_setup_mackey(ses, maccrd->crd_alg, 1057 maccrd->crd_key, maccrd->crd_klen / 8); 1058 } 1059 1060 if (maccrd->crd_alg == CRYPTO_MD5_HMAC) { 1061 cmd0 |= SAFE_SA_CMD0_MD5; 1062 cmd1 |= SAFE_SA_CMD1_HMAC; /* NB: enable HMAC */ 1063 } else if (maccrd->crd_alg == CRYPTO_SHA1_HMAC) { 1064 cmd0 |= SAFE_SA_CMD0_SHA1; 1065 cmd1 |= SAFE_SA_CMD1_HMAC; /* NB: enable HMAC */ 1066 } else { 1067 cmd0 |= SAFE_SA_CMD0_HASH_NULL; 1068 } 1069 /* 1070 * Digest data is loaded from the SA and the hash 1071 * result is saved to the state block where we 1072 * retrieve it for return to the caller. 1073 */ 1074 /* XXX assert digest bufs have the same size */ 1075 bcopy(ses->ses_hminner, sa->sa_indigest, 1076 sizeof(sa->sa_indigest)); 1077 bcopy(ses->ses_hmouter, sa->sa_outdigest, 1078 sizeof(sa->sa_outdigest)); 1079 1080 cmd0 |= SAFE_SA_CMD0_HSLD_SA | SAFE_SA_CMD0_SAVEHASH; 1081 re->re_flags |= SAFE_QFLAGS_COPYOUTICV; 1082 } 1083 1084 if (enccrd && maccrd) { 1085 /* 1086 * The offset from hash data to the start of 1087 * crypt data is the difference in the skips. 1088 */ 1089 bypass = maccrd->crd_skip; 1090 coffset = enccrd->crd_skip - maccrd->crd_skip; 1091 if (coffset < 0) { 1092 DPRINTF(("%s: hash does not precede crypt; " 1093 "mac skip %u enc skip %u\n", 1094 __func__, maccrd->crd_skip, enccrd->crd_skip)); 1095 safestats.st_skipmismatch++; 1096 err = EINVAL; 1097 goto errout; 1098 } 1099 oplen = enccrd->crd_skip + enccrd->crd_len; 1100 if (maccrd->crd_skip + maccrd->crd_len != oplen) { 1101 DPRINTF(("%s: hash amount %u != crypt amount %u\n", 1102 __func__, maccrd->crd_skip + maccrd->crd_len, 1103 oplen)); 1104 safestats.st_lenmismatch++; 1105 err = EINVAL; 1106 goto errout; 1107 } 1108#ifdef SAFE_DEBUG 1109 if (safe_debug) { 1110 printf("mac: skip %d, len %d, inject %d\n", 1111 maccrd->crd_skip, maccrd->crd_len, 1112 maccrd->crd_inject); 1113 printf("enc: skip %d, len %d, inject %d\n", 1114 enccrd->crd_skip, enccrd->crd_len, 1115 enccrd->crd_inject); 1116 printf("bypass %d coffset %d oplen %d\n", 1117 bypass, coffset, oplen); 1118 } 1119#endif 1120 if (coffset & 3) { /* offset must be 32-bit aligned */ 1121 DPRINTF(("%s: coffset %u misaligned\n", 1122 __func__, coffset)); 1123 safestats.st_coffmisaligned++; 1124 err = EINVAL; 1125 goto errout; 1126 } 1127 coffset >>= 2; 1128 if (coffset > 255) { /* offset must be <256 dwords */ 1129 DPRINTF(("%s: coffset %u too big\n", 1130 __func__, coffset)); 1131 safestats.st_cofftoobig++; 1132 err = EINVAL; 1133 goto errout; 1134 } 1135 /* 1136 * Tell the hardware to copy the header to the output. 1137 * The header is defined as the data from the end of 1138 * the bypass to the start of data to be encrypted. 1139 * Typically this is the inline IV. Note that you need 1140 * to do this even if src+dst are the same; it appears 1141 * that w/o this bit the crypted data is written 1142 * immediately after the bypass data. 1143 */ 1144 cmd1 |= SAFE_SA_CMD1_HDRCOPY; 1145 /* 1146 * Disable IP header mutable bit handling. This is 1147 * needed to get correct HMAC calculations. 1148 */ 1149 cmd1 |= SAFE_SA_CMD1_MUTABLE; 1150 } else { 1151 if (enccrd) { 1152 bypass = enccrd->crd_skip; 1153 oplen = bypass + enccrd->crd_len; 1154 } else { 1155 bypass = maccrd->crd_skip; 1156 oplen = bypass + maccrd->crd_len; 1157 } 1158 coffset = 0; 1159 } 1160 /* XXX verify multiple of 4 when using s/g */ 1161 if (bypass > 96) { /* bypass offset must be <= 96 bytes */ 1162 DPRINTF(("%s: bypass %u too big\n", __func__, bypass)); 1163 safestats.st_bypasstoobig++; 1164 err = EINVAL; 1165 goto errout; 1166 } 1167 1168 if (bus_dmamap_create(sc->sc_srcdmat, BUS_DMA_NOWAIT, &re->re_src_map)) { 1169 safestats.st_nomap++; 1170 err = ENOMEM; 1171 goto errout; 1172 } 1173 if (crp->crp_flags & CRYPTO_F_IMBUF) { 1174 if (bus_dmamap_load_mbuf(sc->sc_srcdmat, re->re_src_map, 1175 re->re_src_m, safe_op_cb, 1176 &re->re_src, BUS_DMA_NOWAIT) != 0) { 1177 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map); 1178 re->re_src_map = NULL; 1179 safestats.st_noload++; 1180 err = ENOMEM; 1181 goto errout; 1182 } 1183 } else if (crp->crp_flags & CRYPTO_F_IOV) { 1184 if (bus_dmamap_load_uio(sc->sc_srcdmat, re->re_src_map, 1185 re->re_src_io, safe_op_cb, 1186 &re->re_src, BUS_DMA_NOWAIT) != 0) { 1187 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map); 1188 re->re_src_map = NULL; 1189 safestats.st_noload++; 1190 err = ENOMEM; 1191 goto errout; 1192 } 1193 } 1194 nicealign = safe_dmamap_aligned(&re->re_src); 1195 uniform = safe_dmamap_uniform(&re->re_src); 1196 1197 DPRINTF(("src nicealign %u uniform %u nsegs %u\n", 1198 nicealign, uniform, re->re_src.nsegs)); 1199 if (re->re_src.nsegs > 1) { 1200 re->re_desc.d_src = sc->sc_spalloc.dma_paddr + 1201 ((caddr_t) sc->sc_spfree - (caddr_t) sc->sc_spring); 1202 for (i = 0; i < re->re_src_nsegs; i++) { 1203 /* NB: no need to check if there's space */ 1204 pd = sc->sc_spfree; 1205 if (++(sc->sc_spfree) == sc->sc_springtop) 1206 sc->sc_spfree = sc->sc_spring; 1207 1208 KASSERT((pd->pd_flags&3) == 0 || 1209 (pd->pd_flags&3) == SAFE_PD_DONE, 1210 ("bogus source particle descriptor; flags %x", 1211 pd->pd_flags)); 1212 pd->pd_addr = re->re_src_segs[i].ds_addr; 1213 pd->pd_size = re->re_src_segs[i].ds_len; 1214 pd->pd_flags = SAFE_PD_READY; 1215 } 1216 cmd0 |= SAFE_SA_CMD0_IGATHER; 1217 } else { 1218 /* 1219 * No need for gather, reference the operand directly. 1220 */ 1221 re->re_desc.d_src = re->re_src_segs[0].ds_addr; 1222 } 1223 1224 if (enccrd == NULL && maccrd != NULL) { 1225 /* 1226 * Hash op; no destination needed. 1227 */ 1228 } else { 1229 if (crp->crp_flags & CRYPTO_F_IOV) { 1230 if (!nicealign) { 1231 safestats.st_iovmisaligned++; 1232 err = EINVAL; 1233 goto errout; 1234 } 1235 if (uniform != 1) { 1236 /* 1237 * Source is not suitable for direct use as 1238 * the destination. Create a new scatter/gather 1239 * list based on the destination requirements 1240 * and check if that's ok. 1241 */ 1242 if (bus_dmamap_create(sc->sc_dstdmat, 1243 BUS_DMA_NOWAIT, &re->re_dst_map)) { 1244 safestats.st_nomap++; 1245 err = ENOMEM; 1246 goto errout; 1247 } 1248 if (bus_dmamap_load_uio(sc->sc_dstdmat, 1249 re->re_dst_map, re->re_dst_io, 1250 safe_op_cb, &re->re_dst, 1251 BUS_DMA_NOWAIT) != 0) { 1252 bus_dmamap_destroy(sc->sc_dstdmat, 1253 re->re_dst_map); 1254 re->re_dst_map = NULL; 1255 safestats.st_noload++; 1256 err = ENOMEM; 1257 goto errout; 1258 } 1259 uniform = safe_dmamap_uniform(&re->re_dst); 1260 if (!uniform) { 1261 /* 1262 * There's no way to handle the DMA 1263 * requirements with this uio. We 1264 * could create a separate DMA area for 1265 * the result and then copy it back, 1266 * but for now we just bail and return 1267 * an error. Note that uio requests 1268 * > SAFE_MAX_DSIZE are handled because 1269 * the DMA map and segment list for the 1270 * destination wil result in a 1271 * destination particle list that does 1272 * the necessary scatter DMA. 1273 */ 1274 safestats.st_iovnotuniform++; 1275 err = EINVAL; 1276 goto errout; 1277 } 1278 } else 1279 re->re_dst = re->re_src; 1280 } else if (crp->crp_flags & CRYPTO_F_IMBUF) { 1281 if (nicealign && uniform == 1) { 1282 /* 1283 * Source layout is suitable for direct 1284 * sharing of the DMA map and segment list. 1285 */ 1286 re->re_dst = re->re_src; 1287 } else if (nicealign && uniform == 2) { 1288 /* 1289 * The source is properly aligned but requires a 1290 * different particle list to handle DMA of the 1291 * result. Create a new map and do the load to 1292 * create the segment list. The particle 1293 * descriptor setup code below will handle the 1294 * rest. 1295 */ 1296 if (bus_dmamap_create(sc->sc_dstdmat, 1297 BUS_DMA_NOWAIT, &re->re_dst_map)) { 1298 safestats.st_nomap++; 1299 err = ENOMEM; 1300 goto errout; 1301 } 1302 if (bus_dmamap_load_mbuf(sc->sc_dstdmat, 1303 re->re_dst_map, re->re_dst_m, 1304 safe_op_cb, &re->re_dst, 1305 BUS_DMA_NOWAIT) != 0) { 1306 bus_dmamap_destroy(sc->sc_dstdmat, 1307 re->re_dst_map); 1308 re->re_dst_map = NULL; 1309 safestats.st_noload++; 1310 err = ENOMEM; 1311 goto errout; 1312 } 1313 } else { /* !(aligned and/or uniform) */ 1314 int totlen, len; 1315 struct mbuf *m, *top, **mp; 1316 1317 /* 1318 * DMA constraints require that we allocate a 1319 * new mbuf chain for the destination. We 1320 * allocate an entire new set of mbufs of 1321 * optimal/required size and then tell the 1322 * hardware to copy any bits that are not 1323 * created as a byproduct of the operation. 1324 */ 1325 if (!nicealign) 1326 safestats.st_unaligned++; 1327 if (!uniform) 1328 safestats.st_notuniform++; 1329 totlen = re->re_src_mapsize; 1330 if (re->re_src_m->m_flags & M_PKTHDR) { 1331 len = MHLEN; 1332 MGETHDR(m, M_DONTWAIT, MT_DATA); 1333 if (m && !m_dup_pkthdr(m, re->re_src_m, 1334 M_DONTWAIT)) { 1335 m_free(m); 1336 m = NULL; 1337 } 1338 } else { 1339 len = MLEN; 1340 MGET(m, M_DONTWAIT, MT_DATA); 1341 } 1342 if (m == NULL) { 1343 safestats.st_nombuf++; 1344 err = sc->sc_nqchip ? ERESTART : ENOMEM; 1345 goto errout; 1346 } 1347 if (totlen >= MINCLSIZE) { 1348 MCLGET(m, M_DONTWAIT); 1349 if ((m->m_flags & M_EXT) == 0) { 1350 m_free(m); 1351 safestats.st_nomcl++; 1352 err = sc->sc_nqchip ? 1353 ERESTART : ENOMEM; 1354 goto errout; 1355 } 1356 len = MCLBYTES; 1357 } 1358 m->m_len = len; 1359 top = NULL; 1360 mp = ⊤ 1361 1362 while (totlen > 0) { 1363 if (top) { 1364 MGET(m, M_DONTWAIT, MT_DATA); 1365 if (m == NULL) { 1366 m_freem(top); 1367 safestats.st_nombuf++; 1368 err = sc->sc_nqchip ? 1369 ERESTART : ENOMEM; 1370 goto errout; 1371 } 1372 len = MLEN; 1373 } 1374 if (top && totlen >= MINCLSIZE) { 1375 MCLGET(m, M_DONTWAIT); 1376 if ((m->m_flags & M_EXT) == 0) { 1377 *mp = m; 1378 m_freem(top); 1379 safestats.st_nomcl++; 1380 err = sc->sc_nqchip ? 1381 ERESTART : ENOMEM; 1382 goto errout; 1383 } 1384 len = MCLBYTES; 1385 } 1386 m->m_len = len = min(totlen, len); 1387 totlen -= len; 1388 *mp = m; 1389 mp = &m->m_next; 1390 } 1391 re->re_dst_m = top; 1392 if (bus_dmamap_create(sc->sc_dstdmat, 1393 BUS_DMA_NOWAIT, &re->re_dst_map) != 0) { 1394 safestats.st_nomap++; 1395 err = ENOMEM; 1396 goto errout; 1397 } 1398 if (bus_dmamap_load_mbuf(sc->sc_dstdmat, 1399 re->re_dst_map, re->re_dst_m, 1400 safe_op_cb, &re->re_dst, 1401 BUS_DMA_NOWAIT) != 0) { 1402 bus_dmamap_destroy(sc->sc_dstdmat, 1403 re->re_dst_map); 1404 re->re_dst_map = NULL; 1405 safestats.st_noload++; 1406 err = ENOMEM; 1407 goto errout; 1408 } 1409 if (re->re_src.mapsize > oplen) { 1410 /* 1411 * There's data following what the 1412 * hardware will copy for us. If this 1413 * isn't just the ICV (that's going to 1414 * be written on completion), copy it 1415 * to the new mbufs 1416 */ 1417 if (!(maccrd && 1418 (re->re_src.mapsize-oplen) == 12 && 1419 maccrd->crd_inject == oplen)) 1420 safe_mcopy(re->re_src_m, 1421 re->re_dst_m, 1422 oplen); 1423 else 1424 safestats.st_noicvcopy++; 1425 } 1426 } 1427 } else { 1428 safestats.st_badflags++; 1429 err = EINVAL; 1430 goto errout; 1431 } 1432 1433 if (re->re_dst.nsegs > 1) { 1434 re->re_desc.d_dst = sc->sc_dpalloc.dma_paddr + 1435 ((caddr_t) sc->sc_dpfree - (caddr_t) sc->sc_dpring); 1436 for (i = 0; i < re->re_dst_nsegs; i++) { 1437 pd = sc->sc_dpfree; 1438 KASSERT((pd->pd_flags&3) == 0 || 1439 (pd->pd_flags&3) == SAFE_PD_DONE, 1440 ("bogus dest particle descriptor; flags %x", 1441 pd->pd_flags)); 1442 if (++(sc->sc_dpfree) == sc->sc_dpringtop) 1443 sc->sc_dpfree = sc->sc_dpring; 1444 pd->pd_addr = re->re_dst_segs[i].ds_addr; 1445 pd->pd_flags = SAFE_PD_READY; 1446 } 1447 cmd0 |= SAFE_SA_CMD0_OSCATTER; 1448 } else { 1449 /* 1450 * No need for scatter, reference the operand directly. 1451 */ 1452 re->re_desc.d_dst = re->re_dst_segs[0].ds_addr; 1453 } 1454 } 1455 1456 /* 1457 * All done with setup; fillin the SA command words 1458 * and the packet engine descriptor. The operation 1459 * is now ready for submission to the hardware. 1460 */ 1461 sa->sa_cmd0 = cmd0 | SAFE_SA_CMD0_IPCI | SAFE_SA_CMD0_OPCI; 1462 sa->sa_cmd1 = cmd1 1463 | (coffset << SAFE_SA_CMD1_OFFSET_S) 1464 | SAFE_SA_CMD1_SAREV1 /* Rev 1 SA data structure */ 1465 | SAFE_SA_CMD1_SRPCI 1466 ; 1467 /* 1468 * NB: the order of writes is important here. In case the 1469 * chip is scanning the ring because of an outstanding request 1470 * it might nab this one too. In that case we need to make 1471 * sure the setup is complete before we write the length 1472 * field of the descriptor as it signals the descriptor is 1473 * ready for processing. 1474 */ 1475 re->re_desc.d_csr = SAFE_PE_CSR_READY | SAFE_PE_CSR_SAPCI; 1476 if (maccrd) 1477 re->re_desc.d_csr |= SAFE_PE_CSR_LOADSA | SAFE_PE_CSR_HASHFINAL; 1478 re->re_desc.d_len = oplen 1479 | SAFE_PE_LEN_READY 1480 | (bypass << SAFE_PE_LEN_BYPASS_S) 1481 ; 1482 1483 safestats.st_ipackets++; 1484 safestats.st_ibytes += oplen; 1485 1486 if (++(sc->sc_front) == sc->sc_ringtop) 1487 sc->sc_front = sc->sc_ring; 1488 1489 /* XXX honor batching */ 1490 safe_feed(sc, re); 1491 mtx_unlock(&sc->sc_ringmtx); 1492 return (0); 1493 1494errout: 1495 if ((re->re_dst_m != NULL) && (re->re_src_m != re->re_dst_m)) 1496 m_freem(re->re_dst_m); 1497 1498 if (re->re_dst_map != NULL && re->re_dst_map != re->re_src_map) { 1499 bus_dmamap_unload(sc->sc_dstdmat, re->re_dst_map); 1500 bus_dmamap_destroy(sc->sc_dstdmat, re->re_dst_map); 1501 } 1502 if (re->re_src_map != NULL) { 1503 bus_dmamap_unload(sc->sc_srcdmat, re->re_src_map); 1504 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map); 1505 } 1506 mtx_unlock(&sc->sc_ringmtx); 1507 if (err != ERESTART) { 1508 crp->crp_etype = err; 1509 crypto_done(crp); 1510 } else { 1511 sc->sc_needwakeup |= CRYPTO_SYMQ; 1512 } 1513 return (err); 1514} 1515 1516static void 1517safe_callback(struct safe_softc *sc, struct safe_ringentry *re) 1518{ 1519 struct cryptop *crp = (struct cryptop *)re->re_crp; 1520 struct cryptodesc *crd; 1521 1522 safestats.st_opackets++; 1523 safestats.st_obytes += re->re_dst.mapsize; 1524 1525 safe_dma_sync(&sc->sc_ringalloc, 1526 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 1527 if (re->re_desc.d_csr & SAFE_PE_CSR_STATUS) { 1528 device_printf(sc->sc_dev, "csr 0x%x cmd0 0x%x cmd1 0x%x\n", 1529 re->re_desc.d_csr, 1530 re->re_sa.sa_cmd0, re->re_sa.sa_cmd1); 1531 safestats.st_peoperr++; 1532 crp->crp_etype = EIO; /* something more meaningful? */ 1533 } 1534 if (re->re_dst_map != NULL && re->re_dst_map != re->re_src_map) { 1535 bus_dmamap_sync(sc->sc_dstdmat, re->re_dst_map, 1536 BUS_DMASYNC_POSTREAD); 1537 bus_dmamap_unload(sc->sc_dstdmat, re->re_dst_map); 1538 bus_dmamap_destroy(sc->sc_dstdmat, re->re_dst_map); 1539 } 1540 bus_dmamap_sync(sc->sc_srcdmat, re->re_src_map, BUS_DMASYNC_POSTWRITE); 1541 bus_dmamap_unload(sc->sc_srcdmat, re->re_src_map); 1542 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map); 1543 1544 /* 1545 * If result was written to a differet mbuf chain, swap 1546 * it in as the return value and reclaim the original. 1547 */ 1548 if ((crp->crp_flags & CRYPTO_F_IMBUF) && re->re_src_m != re->re_dst_m) { 1549 m_freem(re->re_src_m); 1550 crp->crp_buf = (caddr_t)re->re_dst_m; 1551 } 1552 1553 if (re->re_flags & SAFE_QFLAGS_COPYOUTIV) { 1554 /* copy out IV for future use */ 1555 for (crd = crp->crp_desc; crd; crd = crd->crd_next) { 1556 int ivsize; 1557 1558 if (crd->crd_alg == CRYPTO_DES_CBC || 1559 crd->crd_alg == CRYPTO_3DES_CBC) { 1560 ivsize = 2*sizeof(u_int32_t); 1561 } else if (crd->crd_alg == CRYPTO_AES_CBC) { 1562 ivsize = 4*sizeof(u_int32_t); 1563 } else 1564 continue; 1565 crypto_copydata(crp->crp_flags, crp->crp_buf, 1566 crd->crd_skip + crd->crd_len - ivsize, ivsize, 1567 (caddr_t)sc->sc_sessions[re->re_sesn].ses_iv); 1568 break; 1569 } 1570 } 1571 1572 if (re->re_flags & SAFE_QFLAGS_COPYOUTICV) { 1573 /* copy out ICV result */ 1574 for (crd = crp->crp_desc; crd; crd = crd->crd_next) { 1575 if (!(crd->crd_alg == CRYPTO_MD5_HMAC || 1576 crd->crd_alg == CRYPTO_SHA1_HMAC || 1577 crd->crd_alg == CRYPTO_NULL_HMAC)) 1578 continue; 1579 if (crd->crd_alg == CRYPTO_SHA1_HMAC) { 1580 /* 1581 * SHA-1 ICV's are byte-swapped; fix 'em up 1582 * before copy them to their destination. 1583 */ 1584 re->re_sastate.sa_saved_indigest[0] = 1585 bswap32(re->re_sastate.sa_saved_indigest[0]); 1586 re->re_sastate.sa_saved_indigest[1] = 1587 bswap32(re->re_sastate.sa_saved_indigest[1]); 1588 re->re_sastate.sa_saved_indigest[2] = 1589 bswap32(re->re_sastate.sa_saved_indigest[2]); 1590 } 1591 crypto_copyback(crp->crp_flags, crp->crp_buf, 1592 crd->crd_inject, 1593 sc->sc_sessions[re->re_sesn].ses_mlen, 1594 (caddr_t)re->re_sastate.sa_saved_indigest); 1595 break; 1596 } 1597 } 1598 crypto_done(crp); 1599} 1600 1601/* 1602 * Copy all data past offset from srcm to dstm. 1603 */ 1604static void 1605safe_mcopy(struct mbuf *srcm, struct mbuf *dstm, u_int offset) 1606{ 1607 u_int j, dlen, slen; 1608 caddr_t dptr, sptr; 1609 1610 /* 1611 * Advance src and dst to offset. 1612 */ 1613 j = offset; 1614 while (j >= 0) { 1615 if (srcm->m_len > j) 1616 break; 1617 j -= srcm->m_len; 1618 srcm = srcm->m_next; 1619 if (srcm == NULL) 1620 return; 1621 } 1622 sptr = mtod(srcm, caddr_t) + j; 1623 slen = srcm->m_len - j; 1624 1625 j = offset; 1626 while (j >= 0) { 1627 if (dstm->m_len > j) 1628 break; 1629 j -= dstm->m_len; 1630 dstm = dstm->m_next; 1631 if (dstm == NULL) 1632 return; 1633 } 1634 dptr = mtod(dstm, caddr_t) + j; 1635 dlen = dstm->m_len - j; 1636 1637 /* 1638 * Copy everything that remains. 1639 */ 1640 for (;;) { 1641 j = min(slen, dlen); 1642 bcopy(sptr, dptr, j); 1643 if (slen == j) { 1644 srcm = srcm->m_next; 1645 if (srcm == NULL) 1646 return; 1647 sptr = srcm->m_data; 1648 slen = srcm->m_len; 1649 } else 1650 sptr += j, slen -= j; 1651 if (dlen == j) { 1652 dstm = dstm->m_next; 1653 if (dstm == NULL) 1654 return; 1655 dptr = dstm->m_data; 1656 dlen = dstm->m_len; 1657 } else 1658 dptr += j, dlen -= j; 1659 } 1660} 1661 1662#ifndef SAFE_NO_RNG 1663#define SAFE_RNG_MAXWAIT 1000 1664 1665static void 1666safe_rng_init(struct safe_softc *sc) 1667{ 1668 u_int32_t w, v; 1669 int i; 1670 1671 WRITE_REG(sc, SAFE_RNG_CTRL, 0); 1672 /* use default value according to the manual */ 1673 WRITE_REG(sc, SAFE_RNG_CNFG, 0x834); /* magic from SafeNet */ 1674 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0); 1675 1676 /* 1677 * There is a bug in rev 1.0 of the 1140 that when the RNG 1678 * is brought out of reset the ready status flag does not 1679 * work until the RNG has finished its internal initialization. 1680 * 1681 * So in order to determine the device is through its 1682 * initialization we must read the data register, using the 1683 * status reg in the read in case it is initialized. Then read 1684 * the data register until it changes from the first read. 1685 * Once it changes read the data register until it changes 1686 * again. At this time the RNG is considered initialized. 1687 * This could take between 750ms - 1000ms in time. 1688 */ 1689 i = 0; 1690 w = READ_REG(sc, SAFE_RNG_OUT); 1691 do { 1692 v = READ_REG(sc, SAFE_RNG_OUT); 1693 if (v != w) { 1694 w = v; 1695 break; 1696 } 1697 DELAY(10); 1698 } while (++i < SAFE_RNG_MAXWAIT); 1699 1700 /* Wait Until data changes again */ 1701 i = 0; 1702 do { 1703 v = READ_REG(sc, SAFE_RNG_OUT); 1704 if (v != w) 1705 break; 1706 DELAY(10); 1707 } while (++i < SAFE_RNG_MAXWAIT); 1708} 1709 1710static __inline void 1711safe_rng_disable_short_cycle(struct safe_softc *sc) 1712{ 1713 WRITE_REG(sc, SAFE_RNG_CTRL, 1714 READ_REG(sc, SAFE_RNG_CTRL) &~ SAFE_RNG_CTRL_SHORTEN); 1715} 1716 1717static __inline void 1718safe_rng_enable_short_cycle(struct safe_softc *sc) 1719{ 1720 WRITE_REG(sc, SAFE_RNG_CTRL, 1721 READ_REG(sc, SAFE_RNG_CTRL) | SAFE_RNG_CTRL_SHORTEN); 1722} 1723 1724static __inline u_int32_t 1725safe_rng_read(struct safe_softc *sc) 1726{ 1727 int i; 1728 1729 i = 0; 1730 while (READ_REG(sc, SAFE_RNG_STAT) != 0 && ++i < SAFE_RNG_MAXWAIT) 1731 ; 1732 return READ_REG(sc, SAFE_RNG_OUT); 1733} 1734 1735static void 1736safe_rng(void *arg) 1737{ 1738 struct safe_softc *sc = arg; 1739 u_int32_t buf[SAFE_RNG_MAXBUFSIZ]; /* NB: maybe move to softc */ 1740 u_int maxwords; 1741 int i; 1742 1743 safestats.st_rng++; 1744 /* 1745 * Fetch the next block of data. 1746 */ 1747 maxwords = safe_rngbufsize; 1748 if (maxwords > SAFE_RNG_MAXBUFSIZ) 1749 maxwords = SAFE_RNG_MAXBUFSIZ; 1750retry: 1751 for (i = 0; i < maxwords; i++) 1752 buf[i] = safe_rng_read(sc); 1753 /* 1754 * Check the comparator alarm count and reset the h/w if 1755 * it exceeds our threshold. This guards against the 1756 * hardware oscillators resonating with external signals. 1757 */ 1758 if (READ_REG(sc, SAFE_RNG_ALM_CNT) > safe_rngmaxalarm) { 1759 u_int32_t freq_inc, w; 1760 1761 DPRINTF(("%s: alarm count %u exceeds threshold %u\n", __func__, 1762 READ_REG(sc, SAFE_RNG_ALM_CNT), safe_rngmaxalarm)); 1763 safestats.st_rngalarm++; 1764 safe_rng_enable_short_cycle(sc); 1765 freq_inc = 18; 1766 for (i = 0; i < 64; i++) { 1767 w = READ_REG(sc, SAFE_RNG_CNFG); 1768 freq_inc = ((w + freq_inc) & 0x3fL); 1769 w = ((w & ~0x3fL) | freq_inc); 1770 WRITE_REG(sc, SAFE_RNG_CNFG, w); 1771 1772 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0); 1773 1774 (void) safe_rng_read(sc); 1775 DELAY(25); 1776 1777 if (READ_REG(sc, SAFE_RNG_ALM_CNT) == 0) { 1778 safe_rng_disable_short_cycle(sc); 1779 goto retry; 1780 } 1781 freq_inc = 1; 1782 } 1783 safe_rng_disable_short_cycle(sc); 1784 } else 1785 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0); 1786 1787 (*sc->sc_harvest)(sc->sc_rndtest, buf, maxwords*sizeof (u_int32_t)); 1788 callout_reset(&sc->sc_rngto, 1789 hz * (safe_rnginterval ? safe_rnginterval : 1), safe_rng, sc); 1790} 1791#endif /* SAFE_NO_RNG */ 1792 1793static void 1794safe_dmamap_cb(void *arg, bus_dma_segment_t *segs, int nseg, int error) 1795{ 1796 bus_addr_t *paddr = (bus_addr_t*) arg; 1797 *paddr = segs->ds_addr; 1798} 1799 1800static int 1801safe_dma_malloc( 1802 struct safe_softc *sc, 1803 bus_size_t size, 1804 struct safe_dma_alloc *dma, 1805 int mapflags 1806) 1807{ 1808 int r; 1809 1810 r = bus_dma_tag_create(NULL, /* parent */ 1811 sizeof(u_int32_t), 0, /* alignment, bounds */ 1812 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */ 1813 BUS_SPACE_MAXADDR, /* highaddr */ 1814 NULL, NULL, /* filter, filterarg */ 1815 size, /* maxsize */ 1816 1, /* nsegments */ 1817 size, /* maxsegsize */ 1818 BUS_DMA_ALLOCNOW, /* flags */ 1819 NULL, NULL, /* locking */ 1820 &dma->dma_tag); 1821 if (r != 0) { 1822 device_printf(sc->sc_dev, "safe_dma_malloc: " 1823 "bus_dma_tag_create failed; error %u\n", r); 1824 goto fail_0; 1825 } 1826 1827 r = bus_dmamap_create(dma->dma_tag, BUS_DMA_NOWAIT, &dma->dma_map); 1828 if (r != 0) { 1829 device_printf(sc->sc_dev, "safe_dma_malloc: " 1830 "bus_dmamap_create failed; error %u\n", r); 1831 goto fail_1; 1832 } 1833 1834 r = bus_dmamem_alloc(dma->dma_tag, (void**) &dma->dma_vaddr, 1835 BUS_DMA_NOWAIT, &dma->dma_map); 1836 if (r != 0) { 1837 device_printf(sc->sc_dev, "safe_dma_malloc: " 1838 "bus_dmammem_alloc failed; size %zu, error %u\n", 1839 size, r); 1840 goto fail_2; 1841 } 1842 1843 r = bus_dmamap_load(dma->dma_tag, dma->dma_map, dma->dma_vaddr, 1844 size, 1845 safe_dmamap_cb, 1846 &dma->dma_paddr, 1847 mapflags | BUS_DMA_NOWAIT); 1848 if (r != 0) { 1849 device_printf(sc->sc_dev, "safe_dma_malloc: " 1850 "bus_dmamap_load failed; error %u\n", r); 1851 goto fail_3; 1852 } 1853 1854 dma->dma_size = size; 1855 return (0); 1856 1857fail_3: 1858 bus_dmamap_unload(dma->dma_tag, dma->dma_map); 1859fail_2: 1860 bus_dmamem_free(dma->dma_tag, dma->dma_vaddr, dma->dma_map); 1861fail_1: 1862 bus_dmamap_destroy(dma->dma_tag, dma->dma_map); 1863 bus_dma_tag_destroy(dma->dma_tag); 1864fail_0: 1865 dma->dma_map = NULL; 1866 dma->dma_tag = NULL; 1867 return (r); 1868} 1869 1870static void 1871safe_dma_free(struct safe_softc *sc, struct safe_dma_alloc *dma) 1872{ 1873 bus_dmamap_unload(dma->dma_tag, dma->dma_map); 1874 bus_dmamem_free(dma->dma_tag, dma->dma_vaddr, dma->dma_map); 1875 bus_dmamap_destroy(dma->dma_tag, dma->dma_map); 1876 bus_dma_tag_destroy(dma->dma_tag); 1877} 1878 1879/* 1880 * Resets the board. Values in the regesters are left as is 1881 * from the reset (i.e. initial values are assigned elsewhere). 1882 */ 1883static void 1884safe_reset_board(struct safe_softc *sc) 1885{ 1886 u_int32_t v; 1887 /* 1888 * Reset the device. The manual says no delay 1889 * is needed between marking and clearing reset. 1890 */ 1891 v = READ_REG(sc, SAFE_PE_DMACFG) &~ 1892 (SAFE_PE_DMACFG_PERESET | SAFE_PE_DMACFG_PDRRESET | 1893 SAFE_PE_DMACFG_SGRESET); 1894 WRITE_REG(sc, SAFE_PE_DMACFG, v 1895 | SAFE_PE_DMACFG_PERESET 1896 | SAFE_PE_DMACFG_PDRRESET 1897 | SAFE_PE_DMACFG_SGRESET); 1898 WRITE_REG(sc, SAFE_PE_DMACFG, v); 1899} 1900 1901/* 1902 * Initialize registers we need to touch only once. 1903 */ 1904static void 1905safe_init_board(struct safe_softc *sc) 1906{ 1907 u_int32_t v, dwords; 1908 1909 v = READ_REG(sc, SAFE_PE_DMACFG); 1910 v &=~ SAFE_PE_DMACFG_PEMODE; 1911 v |= SAFE_PE_DMACFG_FSENA /* failsafe enable */ 1912 | SAFE_PE_DMACFG_GPRPCI /* gather ring on PCI */ 1913 | SAFE_PE_DMACFG_SPRPCI /* scatter ring on PCI */ 1914 | SAFE_PE_DMACFG_ESDESC /* endian-swap descriptors */ 1915 | SAFE_PE_DMACFG_ESSA /* endian-swap SA's */ 1916 | SAFE_PE_DMACFG_ESPDESC /* endian-swap part. desc's */ 1917 ; 1918 WRITE_REG(sc, SAFE_PE_DMACFG, v); 1919#if 0 1920 /* XXX select byte swap based on host byte order */ 1921 WRITE_REG(sc, SAFE_ENDIAN, 0x1b); 1922#endif 1923 if (sc->sc_chiprev == SAFE_REV(1,0)) { 1924 /* 1925 * Avoid large PCI DMA transfers. Rev 1.0 has a bug where 1926 * "target mode transfers" done while the chip is DMA'ing 1927 * >1020 bytes cause the hardware to lockup. To avoid this 1928 * we reduce the max PCI transfer size and use small source 1929 * particle descriptors (<= 256 bytes). 1930 */ 1931 WRITE_REG(sc, SAFE_DMA_CFG, 256); 1932 device_printf(sc->sc_dev, 1933 "Reduce max DMA size to %u words for rev %u.%u WAR\n", 1934 (READ_REG(sc, SAFE_DMA_CFG)>>2) & 0xff, 1935 SAFE_REV_MAJ(sc->sc_chiprev), 1936 SAFE_REV_MIN(sc->sc_chiprev)); 1937 } 1938 1939 /* NB: operands+results are overlaid */ 1940 WRITE_REG(sc, SAFE_PE_PDRBASE, sc->sc_ringalloc.dma_paddr); 1941 WRITE_REG(sc, SAFE_PE_RDRBASE, sc->sc_ringalloc.dma_paddr); 1942 /* 1943 * Configure ring entry size and number of items in the ring. 1944 */ 1945 KASSERT((sizeof(struct safe_ringentry) % sizeof(u_int32_t)) == 0, 1946 ("PE ring entry not 32-bit aligned!")); 1947 dwords = sizeof(struct safe_ringentry) / sizeof(u_int32_t); 1948 WRITE_REG(sc, SAFE_PE_RINGCFG, 1949 (dwords << SAFE_PE_RINGCFG_OFFSET_S) | SAFE_MAX_NQUEUE); 1950 WRITE_REG(sc, SAFE_PE_RINGPOLL, 0); /* disable polling */ 1951 1952 WRITE_REG(sc, SAFE_PE_GRNGBASE, sc->sc_spalloc.dma_paddr); 1953 WRITE_REG(sc, SAFE_PE_SRNGBASE, sc->sc_dpalloc.dma_paddr); 1954 WRITE_REG(sc, SAFE_PE_PARTSIZE, 1955 (SAFE_TOTAL_DPART<<16) | SAFE_TOTAL_SPART); 1956 /* 1957 * NB: destination particles are fixed size. We use 1958 * an mbuf cluster and require all results go to 1959 * clusters or smaller. 1960 */ 1961 WRITE_REG(sc, SAFE_PE_PARTCFG, SAFE_MAX_DSIZE); 1962 1963 /* it's now safe to enable PE mode, do it */ 1964 WRITE_REG(sc, SAFE_PE_DMACFG, v | SAFE_PE_DMACFG_PEMODE); 1965 1966 /* 1967 * Configure hardware to use level-triggered interrupts and 1968 * to interrupt after each descriptor is processed. 1969 */ 1970 WRITE_REG(sc, SAFE_HI_CFG, SAFE_HI_CFG_LEVEL); 1971 WRITE_REG(sc, SAFE_HI_DESC_CNT, 1); 1972 WRITE_REG(sc, SAFE_HI_MASK, SAFE_INT_PE_DDONE | SAFE_INT_PE_ERROR); 1973} 1974 1975/* 1976 * Init PCI registers 1977 */ 1978static void 1979safe_init_pciregs(device_t dev) 1980{ 1981} 1982 1983/* 1984 * Clean up after a chip crash. 1985 * It is assumed that the caller in splimp() 1986 */ 1987static void 1988safe_cleanchip(struct safe_softc *sc) 1989{ 1990 1991 if (sc->sc_nqchip != 0) { 1992 struct safe_ringentry *re = sc->sc_back; 1993 1994 while (re != sc->sc_front) { 1995 if (re->re_desc.d_csr != 0) 1996 safe_free_entry(sc, re); 1997 if (++re == sc->sc_ringtop) 1998 re = sc->sc_ring; 1999 } 2000 sc->sc_back = re; 2001 sc->sc_nqchip = 0; 2002 } 2003} 2004 2005/* 2006 * free a safe_q 2007 * It is assumed that the caller is within splimp(). 2008 */ 2009static int 2010safe_free_entry(struct safe_softc *sc, struct safe_ringentry *re) 2011{ 2012 struct cryptop *crp; 2013 2014 /* 2015 * Free header MCR 2016 */ 2017 if ((re->re_dst_m != NULL) && (re->re_src_m != re->re_dst_m)) 2018 m_freem(re->re_dst_m); 2019 2020 crp = (struct cryptop *)re->re_crp; 2021 2022 re->re_desc.d_csr = 0; 2023 2024 crp->crp_etype = EFAULT; 2025 crypto_done(crp); 2026 return(0); 2027} 2028 2029/* 2030 * Routine to reset the chip and clean up. 2031 * It is assumed that the caller is in splimp() 2032 */ 2033static void 2034safe_totalreset(struct safe_softc *sc) 2035{ 2036 safe_reset_board(sc); 2037 safe_init_board(sc); 2038 safe_cleanchip(sc); 2039} 2040 2041/* 2042 * Is the operand suitable aligned for direct DMA. Each 2043 * segment must be aligned on a 32-bit boundary and all 2044 * but the last segment must be a multiple of 4 bytes. 2045 */ 2046static int 2047safe_dmamap_aligned(const struct safe_operand *op) 2048{ 2049 int i; 2050 2051 for (i = 0; i < op->nsegs; i++) { 2052 if (op->segs[i].ds_addr & 3) 2053 return (0); 2054 if (i != (op->nsegs - 1) && (op->segs[i].ds_len & 3)) 2055 return (0); 2056 } 2057 return (1); 2058} 2059 2060/* 2061 * Is the operand suitable for direct DMA as the destination 2062 * of an operation. The hardware requires that each ``particle'' 2063 * but the last in an operation result have the same size. We 2064 * fix that size at SAFE_MAX_DSIZE bytes. This routine returns 2065 * 0 if some segment is not a multiple of of this size, 1 if all 2066 * segments are exactly this size, or 2 if segments are at worst 2067 * a multple of this size. 2068 */ 2069static int 2070safe_dmamap_uniform(const struct safe_operand *op) 2071{ 2072 int result = 1; 2073 2074 if (op->nsegs > 0) { 2075 int i; 2076 2077 for (i = 0; i < op->nsegs-1; i++) { 2078 if (op->segs[i].ds_len % SAFE_MAX_DSIZE) 2079 return (0); 2080 if (op->segs[i].ds_len != SAFE_MAX_DSIZE) 2081 result = 2; 2082 } 2083 } 2084 return (result); 2085} 2086 2087#ifdef SAFE_DEBUG 2088static void 2089safe_dump_dmastatus(struct safe_softc *sc, const char *tag) 2090{ 2091 printf("%s: ENDIAN 0x%x SRC 0x%x DST 0x%x STAT 0x%x\n" 2092 , tag 2093 , READ_REG(sc, SAFE_DMA_ENDIAN) 2094 , READ_REG(sc, SAFE_DMA_SRCADDR) 2095 , READ_REG(sc, SAFE_DMA_DSTADDR) 2096 , READ_REG(sc, SAFE_DMA_STAT) 2097 ); 2098} 2099 2100static void 2101safe_dump_intrstate(struct safe_softc *sc, const char *tag) 2102{ 2103 printf("%s: HI_CFG 0x%x HI_MASK 0x%x HI_DESC_CNT 0x%x HU_STAT 0x%x HM_STAT 0x%x\n" 2104 , tag 2105 , READ_REG(sc, SAFE_HI_CFG) 2106 , READ_REG(sc, SAFE_HI_MASK) 2107 , READ_REG(sc, SAFE_HI_DESC_CNT) 2108 , READ_REG(sc, SAFE_HU_STAT) 2109 , READ_REG(sc, SAFE_HM_STAT) 2110 ); 2111} 2112 2113static void 2114safe_dump_ringstate(struct safe_softc *sc, const char *tag) 2115{ 2116 u_int32_t estat = READ_REG(sc, SAFE_PE_ERNGSTAT); 2117 2118 /* NB: assume caller has lock on ring */ 2119 printf("%s: ERNGSTAT %x (next %u) back %lu front %lu\n", 2120 tag, 2121 estat, (estat >> SAFE_PE_ERNGSTAT_NEXT_S), 2122 (unsigned long)(sc->sc_back - sc->sc_ring), 2123 (unsigned long)(sc->sc_front - sc->sc_ring)); 2124} 2125 2126static void 2127safe_dump_request(struct safe_softc *sc, const char* tag, struct safe_ringentry *re) 2128{ 2129 int ix, nsegs; 2130 2131 ix = re - sc->sc_ring; 2132 printf("%s: %p (%u): csr %x src %x dst %x sa %x len %x\n" 2133 , tag 2134 , re, ix 2135 , re->re_desc.d_csr 2136 , re->re_desc.d_src 2137 , re->re_desc.d_dst 2138 , re->re_desc.d_sa 2139 , re->re_desc.d_len 2140 ); 2141 if (re->re_src.nsegs > 1) { 2142 ix = (re->re_desc.d_src - sc->sc_spalloc.dma_paddr) / 2143 sizeof(struct safe_pdesc); 2144 for (nsegs = re->re_src.nsegs; nsegs; nsegs--) { 2145 printf(" spd[%u] %p: %p size %u flags %x" 2146 , ix, &sc->sc_spring[ix] 2147 , (caddr_t)(uintptr_t) sc->sc_spring[ix].pd_addr 2148 , sc->sc_spring[ix].pd_size 2149 , sc->sc_spring[ix].pd_flags 2150 ); 2151 if (sc->sc_spring[ix].pd_size == 0) 2152 printf(" (zero!)"); 2153 printf("\n"); 2154 if (++ix == SAFE_TOTAL_SPART) 2155 ix = 0; 2156 } 2157 } 2158 if (re->re_dst.nsegs > 1) { 2159 ix = (re->re_desc.d_dst - sc->sc_dpalloc.dma_paddr) / 2160 sizeof(struct safe_pdesc); 2161 for (nsegs = re->re_dst.nsegs; nsegs; nsegs--) { 2162 printf(" dpd[%u] %p: %p flags %x\n" 2163 , ix, &sc->sc_dpring[ix] 2164 , (caddr_t)(uintptr_t) sc->sc_dpring[ix].pd_addr 2165 , sc->sc_dpring[ix].pd_flags 2166 ); 2167 if (++ix == SAFE_TOTAL_DPART) 2168 ix = 0; 2169 } 2170 } 2171 printf("sa: cmd0 %08x cmd1 %08x staterec %x\n", 2172 re->re_sa.sa_cmd0, re->re_sa.sa_cmd1, re->re_sa.sa_staterec); 2173 printf("sa: key %x %x %x %x %x %x %x %x\n" 2174 , re->re_sa.sa_key[0] 2175 , re->re_sa.sa_key[1] 2176 , re->re_sa.sa_key[2] 2177 , re->re_sa.sa_key[3] 2178 , re->re_sa.sa_key[4] 2179 , re->re_sa.sa_key[5] 2180 , re->re_sa.sa_key[6] 2181 , re->re_sa.sa_key[7] 2182 ); 2183 printf("sa: indigest %x %x %x %x %x\n" 2184 , re->re_sa.sa_indigest[0] 2185 , re->re_sa.sa_indigest[1] 2186 , re->re_sa.sa_indigest[2] 2187 , re->re_sa.sa_indigest[3] 2188 , re->re_sa.sa_indigest[4] 2189 ); 2190 printf("sa: outdigest %x %x %x %x %x\n" 2191 , re->re_sa.sa_outdigest[0] 2192 , re->re_sa.sa_outdigest[1] 2193 , re->re_sa.sa_outdigest[2] 2194 , re->re_sa.sa_outdigest[3] 2195 , re->re_sa.sa_outdigest[4] 2196 ); 2197 printf("sr: iv %x %x %x %x\n" 2198 , re->re_sastate.sa_saved_iv[0] 2199 , re->re_sastate.sa_saved_iv[1] 2200 , re->re_sastate.sa_saved_iv[2] 2201 , re->re_sastate.sa_saved_iv[3] 2202 ); 2203 printf("sr: hashbc %u indigest %x %x %x %x %x\n" 2204 , re->re_sastate.sa_saved_hashbc 2205 , re->re_sastate.sa_saved_indigest[0] 2206 , re->re_sastate.sa_saved_indigest[1] 2207 , re->re_sastate.sa_saved_indigest[2] 2208 , re->re_sastate.sa_saved_indigest[3] 2209 , re->re_sastate.sa_saved_indigest[4] 2210 ); 2211} 2212 2213static void 2214safe_dump_ring(struct safe_softc *sc, const char *tag) 2215{ 2216 mtx_lock(&sc->sc_ringmtx); 2217 printf("\nSafeNet Ring State:\n"); 2218 safe_dump_intrstate(sc, tag); 2219 safe_dump_dmastatus(sc, tag); 2220 safe_dump_ringstate(sc, tag); 2221 if (sc->sc_nqchip) { 2222 struct safe_ringentry *re = sc->sc_back; 2223 do { 2224 safe_dump_request(sc, tag, re); 2225 if (++re == sc->sc_ringtop) 2226 re = sc->sc_ring; 2227 } while (re != sc->sc_front); 2228 } 2229 mtx_unlock(&sc->sc_ringmtx); 2230} 2231 2232static int 2233sysctl_hw_safe_dump(SYSCTL_HANDLER_ARGS) 2234{ 2235 char dmode[64]; 2236 int error; 2237 2238 strncpy(dmode, "", sizeof(dmode) - 1); 2239 dmode[sizeof(dmode) - 1] = '\0'; 2240 error = sysctl_handle_string(oidp, &dmode[0], sizeof(dmode), req); 2241 2242 if (error == 0 && req->newptr != NULL) { 2243 struct safe_softc *sc = safec; 2244 2245 if (!sc) 2246 return EINVAL; 2247 if (strncmp(dmode, "dma", 3) == 0) 2248 safe_dump_dmastatus(sc, "safe0"); 2249 else if (strncmp(dmode, "int", 3) == 0) 2250 safe_dump_intrstate(sc, "safe0"); 2251 else if (strncmp(dmode, "ring", 4) == 0) 2252 safe_dump_ring(sc, "safe0"); 2253 else 2254 return EINVAL; 2255 } 2256 return error; 2257} 2258SYSCTL_PROC(_hw_safe, OID_AUTO, dump, CTLTYPE_STRING | CTLFLAG_RW, 2259 0, 0, sysctl_hw_safe_dump, "A", "Dump driver state"); 2260#endif /* SAFE_DEBUG */ 2261