safe.c revision 159226
1/*- 2 * Copyright (c) 2003 Sam Leffler, Errno Consulting 3 * Copyright (c) 2003 Global Technology Associates, Inc. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28#include <sys/cdefs.h> 29__FBSDID("$FreeBSD: head/sys/dev/safe/safe.c 159226 2006-06-04 14:14:35Z pjd $"); 30 31/* 32 * SafeNet SafeXcel-1141 hardware crypto accelerator 33 */ 34#include "opt_safe.h" 35 36#include <sys/param.h> 37#include <sys/systm.h> 38#include <sys/proc.h> 39#include <sys/errno.h> 40#include <sys/malloc.h> 41#include <sys/kernel.h> 42#include <sys/mbuf.h> 43#include <sys/module.h> 44#include <sys/lock.h> 45#include <sys/mutex.h> 46#include <sys/sysctl.h> 47#include <sys/endian.h> 48 49#include <vm/vm.h> 50#include <vm/pmap.h> 51 52#include <machine/bus.h> 53#include <machine/resource.h> 54#include <sys/bus.h> 55#include <sys/rman.h> 56 57#include <crypto/sha1.h> 58#include <opencrypto/cryptodev.h> 59#include <opencrypto/cryptosoft.h> 60#include <sys/md5.h> 61#include <sys/random.h> 62 63#include <dev/pci/pcivar.h> 64#include <dev/pci/pcireg.h> 65 66#ifdef SAFE_RNDTEST 67#include <dev/rndtest/rndtest.h> 68#endif 69#include <dev/safe/safereg.h> 70#include <dev/safe/safevar.h> 71 72#ifndef bswap32 73#define bswap32 NTOHL 74#endif 75 76/* 77 * Prototypes and count for the pci_device structure 78 */ 79static int safe_probe(device_t); 80static int safe_attach(device_t); 81static int safe_detach(device_t); 82static int safe_suspend(device_t); 83static int safe_resume(device_t); 84static void safe_shutdown(device_t); 85 86static device_method_t safe_methods[] = { 87 /* Device interface */ 88 DEVMETHOD(device_probe, safe_probe), 89 DEVMETHOD(device_attach, safe_attach), 90 DEVMETHOD(device_detach, safe_detach), 91 DEVMETHOD(device_suspend, safe_suspend), 92 DEVMETHOD(device_resume, safe_resume), 93 DEVMETHOD(device_shutdown, safe_shutdown), 94 95 /* bus interface */ 96 DEVMETHOD(bus_print_child, bus_generic_print_child), 97 DEVMETHOD(bus_driver_added, bus_generic_driver_added), 98 99 { 0, 0 } 100}; 101static driver_t safe_driver = { 102 "safe", 103 safe_methods, 104 sizeof (struct safe_softc) 105}; 106static devclass_t safe_devclass; 107 108DRIVER_MODULE(safe, pci, safe_driver, safe_devclass, 0, 0); 109MODULE_DEPEND(safe, crypto, 1, 1, 1); 110#ifdef SAFE_RNDTEST 111MODULE_DEPEND(safe, rndtest, 1, 1, 1); 112#endif 113 114static void safe_intr(void *); 115static int safe_newsession(void *, u_int32_t *, struct cryptoini *); 116static int safe_freesession(void *, u_int64_t); 117static int safe_process(void *, struct cryptop *, int); 118static void safe_callback(struct safe_softc *, struct safe_ringentry *); 119static void safe_feed(struct safe_softc *, struct safe_ringentry *); 120static void safe_mcopy(struct mbuf *, struct mbuf *, u_int); 121#ifndef SAFE_NO_RNG 122static void safe_rng_init(struct safe_softc *); 123static void safe_rng(void *); 124#endif /* SAFE_NO_RNG */ 125static int safe_dma_malloc(struct safe_softc *, bus_size_t, 126 struct safe_dma_alloc *, int); 127#define safe_dma_sync(_dma, _flags) \ 128 bus_dmamap_sync((_dma)->dma_tag, (_dma)->dma_map, (_flags)) 129static void safe_dma_free(struct safe_softc *, struct safe_dma_alloc *); 130static int safe_dmamap_aligned(const struct safe_operand *); 131static int safe_dmamap_uniform(const struct safe_operand *); 132 133static void safe_reset_board(struct safe_softc *); 134static void safe_init_board(struct safe_softc *); 135static void safe_init_pciregs(device_t dev); 136static void safe_cleanchip(struct safe_softc *); 137static void safe_totalreset(struct safe_softc *); 138 139static int safe_free_entry(struct safe_softc *, struct safe_ringentry *); 140 141SYSCTL_NODE(_hw, OID_AUTO, safe, CTLFLAG_RD, 0, "SafeNet driver parameters"); 142 143#ifdef SAFE_DEBUG 144static void safe_dump_dmastatus(struct safe_softc *, const char *); 145static void safe_dump_ringstate(struct safe_softc *, const char *); 146static void safe_dump_intrstate(struct safe_softc *, const char *); 147static void safe_dump_request(struct safe_softc *, const char *, 148 struct safe_ringentry *); 149 150static struct safe_softc *safec; /* for use by hw.safe.dump */ 151 152static int safe_debug = 0; 153SYSCTL_INT(_hw_safe, OID_AUTO, debug, CTLFLAG_RW, &safe_debug, 154 0, "control debugging msgs"); 155#define DPRINTF(_x) if (safe_debug) printf _x 156#else 157#define DPRINTF(_x) 158#endif 159 160#define READ_REG(sc,r) \ 161 bus_space_read_4((sc)->sc_st, (sc)->sc_sh, (r)) 162 163#define WRITE_REG(sc,reg,val) \ 164 bus_space_write_4((sc)->sc_st, (sc)->sc_sh, reg, val) 165 166struct safe_stats safestats; 167SYSCTL_STRUCT(_hw_safe, OID_AUTO, stats, CTLFLAG_RD, &safestats, 168 safe_stats, "driver statistics"); 169#ifndef SAFE_NO_RNG 170static int safe_rnginterval = 1; /* poll once a second */ 171SYSCTL_INT(_hw_safe, OID_AUTO, rnginterval, CTLFLAG_RW, &safe_rnginterval, 172 0, "RNG polling interval (secs)"); 173static int safe_rngbufsize = 16; /* 64 bytes each poll */ 174SYSCTL_INT(_hw_safe, OID_AUTO, rngbufsize, CTLFLAG_RW, &safe_rngbufsize, 175 0, "RNG polling buffer size (32-bit words)"); 176static int safe_rngmaxalarm = 8; /* max alarms before reset */ 177SYSCTL_INT(_hw_safe, OID_AUTO, rngmaxalarm, CTLFLAG_RW, &safe_rngmaxalarm, 178 0, "RNG max alarms before reset"); 179#endif /* SAFE_NO_RNG */ 180 181static int 182safe_probe(device_t dev) 183{ 184 if (pci_get_vendor(dev) == PCI_VENDOR_SAFENET && 185 pci_get_device(dev) == PCI_PRODUCT_SAFEXCEL) 186 return (BUS_PROBE_DEFAULT); 187 return (ENXIO); 188} 189 190static const char* 191safe_partname(struct safe_softc *sc) 192{ 193 /* XXX sprintf numbers when not decoded */ 194 switch (pci_get_vendor(sc->sc_dev)) { 195 case PCI_VENDOR_SAFENET: 196 switch (pci_get_device(sc->sc_dev)) { 197 case PCI_PRODUCT_SAFEXCEL: return "SafeNet SafeXcel-1141"; 198 } 199 return "SafeNet unknown-part"; 200 } 201 return "Unknown-vendor unknown-part"; 202} 203 204#ifndef SAFE_NO_RNG 205static void 206default_harvest(struct rndtest_state *rsp, void *buf, u_int count) 207{ 208 random_harvest(buf, count, count*NBBY, 0, RANDOM_PURE); 209} 210#endif /* SAFE_NO_RNG */ 211 212static int 213safe_attach(device_t dev) 214{ 215 struct safe_softc *sc = device_get_softc(dev); 216 u_int32_t raddr; 217 u_int32_t cmd, i, devinfo; 218 int rid; 219 220 bzero(sc, sizeof (*sc)); 221 sc->sc_dev = dev; 222 223 /* XXX handle power management */ 224 225 cmd = pci_read_config(dev, PCIR_COMMAND, 4); 226 cmd |= PCIM_CMD_MEMEN | PCIM_CMD_BUSMASTEREN; 227 pci_write_config(dev, PCIR_COMMAND, cmd, 4); 228 cmd = pci_read_config(dev, PCIR_COMMAND, 4); 229 230 if (!(cmd & PCIM_CMD_MEMEN)) { 231 device_printf(dev, "failed to enable memory mapping\n"); 232 goto bad; 233 } 234 235 if (!(cmd & PCIM_CMD_BUSMASTEREN)) { 236 device_printf(dev, "failed to enable bus mastering\n"); 237 goto bad; 238 } 239 240 /* 241 * Setup memory-mapping of PCI registers. 242 */ 243 rid = BS_BAR; 244 sc->sc_sr = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid, 245 RF_ACTIVE); 246 if (sc->sc_sr == NULL) { 247 device_printf(dev, "cannot map register space\n"); 248 goto bad; 249 } 250 sc->sc_st = rman_get_bustag(sc->sc_sr); 251 sc->sc_sh = rman_get_bushandle(sc->sc_sr); 252 253 /* 254 * Arrange interrupt line. 255 */ 256 rid = 0; 257 sc->sc_irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid, 258 RF_SHAREABLE|RF_ACTIVE); 259 if (sc->sc_irq == NULL) { 260 device_printf(dev, "could not map interrupt\n"); 261 goto bad1; 262 } 263 /* 264 * NB: Network code assumes we are blocked with splimp() 265 * so make sure the IRQ is mapped appropriately. 266 */ 267 if (bus_setup_intr(dev, sc->sc_irq, INTR_TYPE_NET | INTR_MPSAFE, 268 safe_intr, sc, &sc->sc_ih)) { 269 device_printf(dev, "could not establish interrupt\n"); 270 goto bad2; 271 } 272 273 sc->sc_cid = crypto_get_driverid(0); 274 if (sc->sc_cid < 0) { 275 device_printf(dev, "could not get crypto driver id\n"); 276 goto bad3; 277 } 278 279 sc->sc_chiprev = READ_REG(sc, SAFE_DEVINFO) & 280 (SAFE_DEVINFO_REV_MAJ | SAFE_DEVINFO_REV_MIN); 281 282 /* 283 * Setup DMA descriptor area. 284 */ 285 if (bus_dma_tag_create(NULL, /* parent */ 286 1, /* alignment */ 287 SAFE_DMA_BOUNDARY, /* boundary */ 288 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */ 289 BUS_SPACE_MAXADDR, /* highaddr */ 290 NULL, NULL, /* filter, filterarg */ 291 SAFE_MAX_DMA, /* maxsize */ 292 SAFE_MAX_PART, /* nsegments */ 293 SAFE_MAX_SSIZE, /* maxsegsize */ 294 BUS_DMA_ALLOCNOW, /* flags */ 295 NULL, NULL, /* locking */ 296 &sc->sc_srcdmat)) { 297 device_printf(dev, "cannot allocate DMA tag\n"); 298 goto bad4; 299 } 300 if (bus_dma_tag_create(NULL, /* parent */ 301 sizeof(u_int32_t), /* alignment */ 302 SAFE_MAX_DSIZE, /* boundary */ 303 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */ 304 BUS_SPACE_MAXADDR, /* highaddr */ 305 NULL, NULL, /* filter, filterarg */ 306 SAFE_MAX_DMA, /* maxsize */ 307 SAFE_MAX_PART, /* nsegments */ 308 SAFE_MAX_DSIZE, /* maxsegsize */ 309 BUS_DMA_ALLOCNOW, /* flags */ 310 NULL, NULL, /* locking */ 311 &sc->sc_dstdmat)) { 312 device_printf(dev, "cannot allocate DMA tag\n"); 313 goto bad4; 314 } 315 316 /* 317 * Allocate packet engine descriptors. 318 */ 319 if (safe_dma_malloc(sc, 320 SAFE_MAX_NQUEUE * sizeof (struct safe_ringentry), 321 &sc->sc_ringalloc, 0)) { 322 device_printf(dev, "cannot allocate PE descriptor ring\n"); 323 bus_dma_tag_destroy(sc->sc_srcdmat); 324 goto bad4; 325 } 326 /* 327 * Hookup the static portion of all our data structures. 328 */ 329 sc->sc_ring = (struct safe_ringentry *) sc->sc_ringalloc.dma_vaddr; 330 sc->sc_ringtop = sc->sc_ring + SAFE_MAX_NQUEUE; 331 sc->sc_front = sc->sc_ring; 332 sc->sc_back = sc->sc_ring; 333 raddr = sc->sc_ringalloc.dma_paddr; 334 bzero(sc->sc_ring, SAFE_MAX_NQUEUE * sizeof(struct safe_ringentry)); 335 for (i = 0; i < SAFE_MAX_NQUEUE; i++) { 336 struct safe_ringentry *re = &sc->sc_ring[i]; 337 338 re->re_desc.d_sa = raddr + 339 offsetof(struct safe_ringentry, re_sa); 340 re->re_sa.sa_staterec = raddr + 341 offsetof(struct safe_ringentry, re_sastate); 342 343 raddr += sizeof (struct safe_ringentry); 344 } 345 mtx_init(&sc->sc_ringmtx, device_get_nameunit(dev), 346 "packet engine ring", MTX_DEF); 347 348 /* 349 * Allocate scatter and gather particle descriptors. 350 */ 351 if (safe_dma_malloc(sc, SAFE_TOTAL_SPART * sizeof (struct safe_pdesc), 352 &sc->sc_spalloc, 0)) { 353 device_printf(dev, "cannot allocate source particle " 354 "descriptor ring\n"); 355 mtx_destroy(&sc->sc_ringmtx); 356 safe_dma_free(sc, &sc->sc_ringalloc); 357 bus_dma_tag_destroy(sc->sc_srcdmat); 358 goto bad4; 359 } 360 sc->sc_spring = (struct safe_pdesc *) sc->sc_spalloc.dma_vaddr; 361 sc->sc_springtop = sc->sc_spring + SAFE_TOTAL_SPART; 362 sc->sc_spfree = sc->sc_spring; 363 bzero(sc->sc_spring, SAFE_TOTAL_SPART * sizeof(struct safe_pdesc)); 364 365 if (safe_dma_malloc(sc, SAFE_TOTAL_DPART * sizeof (struct safe_pdesc), 366 &sc->sc_dpalloc, 0)) { 367 device_printf(dev, "cannot allocate destination particle " 368 "descriptor ring\n"); 369 mtx_destroy(&sc->sc_ringmtx); 370 safe_dma_free(sc, &sc->sc_spalloc); 371 safe_dma_free(sc, &sc->sc_ringalloc); 372 bus_dma_tag_destroy(sc->sc_dstdmat); 373 goto bad4; 374 } 375 sc->sc_dpring = (struct safe_pdesc *) sc->sc_dpalloc.dma_vaddr; 376 sc->sc_dpringtop = sc->sc_dpring + SAFE_TOTAL_DPART; 377 sc->sc_dpfree = sc->sc_dpring; 378 bzero(sc->sc_dpring, SAFE_TOTAL_DPART * sizeof(struct safe_pdesc)); 379 380 device_printf(sc->sc_dev, "%s", safe_partname(sc)); 381 382 devinfo = READ_REG(sc, SAFE_DEVINFO); 383 if (devinfo & SAFE_DEVINFO_RNG) { 384 sc->sc_flags |= SAFE_FLAGS_RNG; 385 printf(" rng"); 386 } 387 if (devinfo & SAFE_DEVINFO_PKEY) { 388#if 0 389 printf(" key"); 390 sc->sc_flags |= SAFE_FLAGS_KEY; 391 crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0, 392 safe_kprocess, sc); 393 crypto_kregister(sc->sc_cid, CRK_MOD_EXP_CRT, 0, 394 safe_kprocess, sc); 395#endif 396 } 397 if (devinfo & SAFE_DEVINFO_DES) { 398 printf(" des/3des"); 399 crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0, 400 safe_newsession, safe_freesession, safe_process, sc); 401 crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0, 402 safe_newsession, safe_freesession, safe_process, sc); 403 } 404 if (devinfo & SAFE_DEVINFO_AES) { 405 printf(" aes"); 406 crypto_register(sc->sc_cid, CRYPTO_AES_CBC, 0, 0, 407 safe_newsession, safe_freesession, safe_process, sc); 408 } 409 if (devinfo & SAFE_DEVINFO_MD5) { 410 printf(" md5"); 411 crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0, 412 safe_newsession, safe_freesession, safe_process, sc); 413 } 414 if (devinfo & SAFE_DEVINFO_SHA1) { 415 printf(" sha1"); 416 crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0, 417 safe_newsession, safe_freesession, safe_process, sc); 418 } 419 printf(" null"); 420 crypto_register(sc->sc_cid, CRYPTO_NULL_CBC, 0, 0, 421 safe_newsession, safe_freesession, safe_process, sc); 422 crypto_register(sc->sc_cid, CRYPTO_NULL_HMAC, 0, 0, 423 safe_newsession, safe_freesession, safe_process, sc); 424 /* XXX other supported algorithms */ 425 printf("\n"); 426 427 safe_reset_board(sc); /* reset h/w */ 428 safe_init_pciregs(dev); /* init pci settings */ 429 safe_init_board(sc); /* init h/w */ 430 431#ifndef SAFE_NO_RNG 432 if (sc->sc_flags & SAFE_FLAGS_RNG) { 433#ifdef SAFE_RNDTEST 434 sc->sc_rndtest = rndtest_attach(dev); 435 if (sc->sc_rndtest) 436 sc->sc_harvest = rndtest_harvest; 437 else 438 sc->sc_harvest = default_harvest; 439#else 440 sc->sc_harvest = default_harvest; 441#endif 442 safe_rng_init(sc); 443 444 callout_init(&sc->sc_rngto, CALLOUT_MPSAFE); 445 callout_reset(&sc->sc_rngto, hz*safe_rnginterval, safe_rng, sc); 446 } 447#endif /* SAFE_NO_RNG */ 448#ifdef SAFE_DEBUG 449 safec = sc; /* for use by hw.safe.dump */ 450#endif 451 return (0); 452bad4: 453 crypto_unregister_all(sc->sc_cid); 454bad3: 455 bus_teardown_intr(dev, sc->sc_irq, sc->sc_ih); 456bad2: 457 bus_release_resource(dev, SYS_RES_IRQ, 0, sc->sc_irq); 458bad1: 459 bus_release_resource(dev, SYS_RES_MEMORY, BS_BAR, sc->sc_sr); 460bad: 461 return (ENXIO); 462} 463 464/* 465 * Detach a device that successfully probed. 466 */ 467static int 468safe_detach(device_t dev) 469{ 470 struct safe_softc *sc = device_get_softc(dev); 471 472 /* XXX wait/abort active ops */ 473 474 WRITE_REG(sc, SAFE_HI_MASK, 0); /* disable interrupts */ 475 476 callout_stop(&sc->sc_rngto); 477 478 crypto_unregister_all(sc->sc_cid); 479 480#ifdef SAFE_RNDTEST 481 if (sc->sc_rndtest) 482 rndtest_detach(sc->sc_rndtest); 483#endif 484 485 safe_cleanchip(sc); 486 safe_dma_free(sc, &sc->sc_dpalloc); 487 safe_dma_free(sc, &sc->sc_spalloc); 488 mtx_destroy(&sc->sc_ringmtx); 489 safe_dma_free(sc, &sc->sc_ringalloc); 490 491 bus_generic_detach(dev); 492 bus_teardown_intr(dev, sc->sc_irq, sc->sc_ih); 493 bus_release_resource(dev, SYS_RES_IRQ, 0, sc->sc_irq); 494 495 bus_dma_tag_destroy(sc->sc_srcdmat); 496 bus_dma_tag_destroy(sc->sc_dstdmat); 497 bus_release_resource(dev, SYS_RES_MEMORY, BS_BAR, sc->sc_sr); 498 499 return (0); 500} 501 502/* 503 * Stop all chip i/o so that the kernel's probe routines don't 504 * get confused by errant DMAs when rebooting. 505 */ 506static void 507safe_shutdown(device_t dev) 508{ 509#ifdef notyet 510 safe_stop(device_get_softc(dev)); 511#endif 512} 513 514/* 515 * Device suspend routine. 516 */ 517static int 518safe_suspend(device_t dev) 519{ 520 struct safe_softc *sc = device_get_softc(dev); 521 522#ifdef notyet 523 /* XXX stop the device and save PCI settings */ 524#endif 525 sc->sc_suspended = 1; 526 527 return (0); 528} 529 530static int 531safe_resume(device_t dev) 532{ 533 struct safe_softc *sc = device_get_softc(dev); 534 535#ifdef notyet 536 /* XXX retore PCI settings and start the device */ 537#endif 538 sc->sc_suspended = 0; 539 return (0); 540} 541 542/* 543 * SafeXcel Interrupt routine 544 */ 545static void 546safe_intr(void *arg) 547{ 548 struct safe_softc *sc = arg; 549 volatile u_int32_t stat; 550 551 stat = READ_REG(sc, SAFE_HM_STAT); 552 if (stat == 0) /* shared irq, not for us */ 553 return; 554 555 WRITE_REG(sc, SAFE_HI_CLR, stat); /* IACK */ 556 557 if ((stat & SAFE_INT_PE_DDONE)) { 558 /* 559 * Descriptor(s) done; scan the ring and 560 * process completed operations. 561 */ 562 mtx_lock(&sc->sc_ringmtx); 563 while (sc->sc_back != sc->sc_front) { 564 struct safe_ringentry *re = sc->sc_back; 565#ifdef SAFE_DEBUG 566 if (safe_debug) { 567 safe_dump_ringstate(sc, __func__); 568 safe_dump_request(sc, __func__, re); 569 } 570#endif 571 /* 572 * safe_process marks ring entries that were allocated 573 * but not used with a csr of zero. This insures the 574 * ring front pointer never needs to be set backwards 575 * in the event that an entry is allocated but not used 576 * because of a setup error. 577 */ 578 if (re->re_desc.d_csr != 0) { 579 if (!SAFE_PE_CSR_IS_DONE(re->re_desc.d_csr)) 580 break; 581 if (!SAFE_PE_LEN_IS_DONE(re->re_desc.d_len)) 582 break; 583 sc->sc_nqchip--; 584 safe_callback(sc, re); 585 } 586 if (++(sc->sc_back) == sc->sc_ringtop) 587 sc->sc_back = sc->sc_ring; 588 } 589 mtx_unlock(&sc->sc_ringmtx); 590 } 591 592 /* 593 * Check to see if we got any DMA Error 594 */ 595 if (stat & SAFE_INT_PE_ERROR) { 596 DPRINTF(("dmaerr dmastat %08x\n", 597 READ_REG(sc, SAFE_PE_DMASTAT))); 598 safestats.st_dmaerr++; 599 safe_totalreset(sc); 600#if 0 601 safe_feed(sc); 602#endif 603 } 604 605 if (sc->sc_needwakeup) { /* XXX check high watermark */ 606 int wakeup = sc->sc_needwakeup & (CRYPTO_SYMQ|CRYPTO_ASYMQ); 607 DPRINTF(("%s: wakeup crypto %x\n", __func__, 608 sc->sc_needwakeup)); 609 sc->sc_needwakeup &= ~wakeup; 610 crypto_unblock(sc->sc_cid, wakeup); 611 } 612} 613 614/* 615 * safe_feed() - post a request to chip 616 */ 617static void 618safe_feed(struct safe_softc *sc, struct safe_ringentry *re) 619{ 620 bus_dmamap_sync(sc->sc_srcdmat, re->re_src_map, BUS_DMASYNC_PREWRITE); 621 if (re->re_dst_map != NULL) 622 bus_dmamap_sync(sc->sc_dstdmat, re->re_dst_map, 623 BUS_DMASYNC_PREREAD); 624 /* XXX have no smaller granularity */ 625 safe_dma_sync(&sc->sc_ringalloc, 626 BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); 627 safe_dma_sync(&sc->sc_spalloc, BUS_DMASYNC_PREWRITE); 628 safe_dma_sync(&sc->sc_dpalloc, BUS_DMASYNC_PREWRITE); 629 630#ifdef SAFE_DEBUG 631 if (safe_debug) { 632 safe_dump_ringstate(sc, __func__); 633 safe_dump_request(sc, __func__, re); 634 } 635#endif 636 sc->sc_nqchip++; 637 if (sc->sc_nqchip > safestats.st_maxqchip) 638 safestats.st_maxqchip = sc->sc_nqchip; 639 /* poke h/w to check descriptor ring, any value can be written */ 640 WRITE_REG(sc, SAFE_HI_RD_DESCR, 0); 641} 642 643#define N(a) (sizeof(a) / sizeof (a[0])) 644static void 645safe_setup_enckey(struct safe_session *ses, caddr_t key) 646{ 647 int i; 648 649 bcopy(key, ses->ses_key, ses->ses_klen / 8); 650 651 /* PE is little-endian, insure proper byte order */ 652 for (i = 0; i < N(ses->ses_key); i++) 653 ses->ses_key[i] = htole32(ses->ses_key[i]); 654} 655 656static void 657safe_setup_mackey(struct safe_session *ses, int algo, caddr_t key, int klen) 658{ 659 MD5_CTX md5ctx; 660 SHA1_CTX sha1ctx; 661 int i; 662 663 664 for (i = 0; i < klen; i++) 665 key[i] ^= HMAC_IPAD_VAL; 666 667 if (algo == CRYPTO_MD5_HMAC) { 668 MD5Init(&md5ctx); 669 MD5Update(&md5ctx, key, klen); 670 MD5Update(&md5ctx, hmac_ipad_buffer, HMAC_BLOCK_LEN - klen); 671 bcopy(md5ctx.state, ses->ses_hminner, sizeof(md5ctx.state)); 672 } else { 673 SHA1Init(&sha1ctx); 674 SHA1Update(&sha1ctx, key, klen); 675 SHA1Update(&sha1ctx, hmac_ipad_buffer, HMAC_BLOCK_LEN - klen); 676 bcopy(sha1ctx.h.b32, ses->ses_hminner, sizeof(sha1ctx.h.b32)); 677 } 678 679 for (i = 0; i < klen; i++) 680 key[i] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL); 681 682 if (algo == CRYPTO_MD5_HMAC) { 683 MD5Init(&md5ctx); 684 MD5Update(&md5ctx, key, klen); 685 MD5Update(&md5ctx, hmac_opad_buffer, HMAC_BLOCK_LEN - klen); 686 bcopy(md5ctx.state, ses->ses_hmouter, sizeof(md5ctx.state)); 687 } else { 688 SHA1Init(&sha1ctx); 689 SHA1Update(&sha1ctx, key, klen); 690 SHA1Update(&sha1ctx, hmac_opad_buffer, HMAC_BLOCK_LEN - klen); 691 bcopy(sha1ctx.h.b32, ses->ses_hmouter, sizeof(sha1ctx.h.b32)); 692 } 693 694 for (i = 0; i < klen; i++) 695 key[i] ^= HMAC_OPAD_VAL; 696 697 /* PE is little-endian, insure proper byte order */ 698 for (i = 0; i < N(ses->ses_hminner); i++) { 699 ses->ses_hminner[i] = htole32(ses->ses_hminner[i]); 700 ses->ses_hmouter[i] = htole32(ses->ses_hmouter[i]); 701 } 702} 703#undef N 704 705/* 706 * Allocate a new 'session' and return an encoded session id. 'sidp' 707 * contains our registration id, and should contain an encoded session 708 * id on successful allocation. 709 */ 710static int 711safe_newsession(void *arg, u_int32_t *sidp, struct cryptoini *cri) 712{ 713 struct cryptoini *c, *encini = NULL, *macini = NULL; 714 struct safe_softc *sc = arg; 715 struct safe_session *ses = NULL; 716 int sesn; 717 718 if (sidp == NULL || cri == NULL || sc == NULL) 719 return (EINVAL); 720 721 for (c = cri; c != NULL; c = c->cri_next) { 722 if (c->cri_alg == CRYPTO_MD5_HMAC || 723 c->cri_alg == CRYPTO_SHA1_HMAC || 724 c->cri_alg == CRYPTO_NULL_HMAC) { 725 if (macini) 726 return (EINVAL); 727 macini = c; 728 } else if (c->cri_alg == CRYPTO_DES_CBC || 729 c->cri_alg == CRYPTO_3DES_CBC || 730 c->cri_alg == CRYPTO_AES_CBC || 731 c->cri_alg == CRYPTO_NULL_CBC) { 732 if (encini) 733 return (EINVAL); 734 encini = c; 735 } else 736 return (EINVAL); 737 } 738 if (encini == NULL && macini == NULL) 739 return (EINVAL); 740 if (encini) { /* validate key length */ 741 switch (encini->cri_alg) { 742 case CRYPTO_DES_CBC: 743 if (encini->cri_klen != 64) 744 return (EINVAL); 745 break; 746 case CRYPTO_3DES_CBC: 747 if (encini->cri_klen != 192) 748 return (EINVAL); 749 break; 750 case CRYPTO_AES_CBC: 751 if (encini->cri_klen != 128 && 752 encini->cri_klen != 192 && 753 encini->cri_klen != 256) 754 return (EINVAL); 755 break; 756 } 757 } 758 759 if (sc->sc_sessions == NULL) { 760 ses = sc->sc_sessions = (struct safe_session *)malloc( 761 sizeof(struct safe_session), M_DEVBUF, M_NOWAIT); 762 if (ses == NULL) 763 return (ENOMEM); 764 sesn = 0; 765 sc->sc_nsessions = 1; 766 } else { 767 for (sesn = 0; sesn < sc->sc_nsessions; sesn++) { 768 if (sc->sc_sessions[sesn].ses_used == 0) { 769 ses = &sc->sc_sessions[sesn]; 770 break; 771 } 772 } 773 774 if (ses == NULL) { 775 sesn = sc->sc_nsessions; 776 ses = (struct safe_session *)malloc((sesn + 1) * 777 sizeof(struct safe_session), M_DEVBUF, M_NOWAIT); 778 if (ses == NULL) 779 return (ENOMEM); 780 bcopy(sc->sc_sessions, ses, sesn * 781 sizeof(struct safe_session)); 782 bzero(sc->sc_sessions, sesn * 783 sizeof(struct safe_session)); 784 free(sc->sc_sessions, M_DEVBUF); 785 sc->sc_sessions = ses; 786 ses = &sc->sc_sessions[sesn]; 787 sc->sc_nsessions++; 788 } 789 } 790 791 bzero(ses, sizeof(struct safe_session)); 792 ses->ses_used = 1; 793 794 if (encini) { 795 /* get an IV */ 796 /* XXX may read fewer than requested */ 797 read_random(ses->ses_iv, sizeof(ses->ses_iv)); 798 799 ses->ses_klen = encini->cri_klen; 800 if (encini->cri_key != NULL) 801 safe_setup_enckey(ses, encini->cri_key); 802 } 803 804 if (macini) { 805 ses->ses_mlen = macini->cri_mlen; 806 if (ses->ses_mlen == 0) { 807 if (macini->cri_alg == CRYPTO_MD5_HMAC) 808 ses->ses_mlen = MD5_DIGEST_LENGTH; 809 else 810 ses->ses_mlen = SHA1_RESULTLEN; 811 } 812 813 if (macini->cri_key != NULL) { 814 safe_setup_mackey(ses, macini->cri_alg, macini->cri_key, 815 macini->cri_klen / 8); 816 } 817 } 818 819 *sidp = SAFE_SID(device_get_unit(sc->sc_dev), sesn); 820 return (0); 821} 822 823/* 824 * Deallocate a session. 825 */ 826static int 827safe_freesession(void *arg, u_int64_t tid) 828{ 829 struct safe_softc *sc = arg; 830 int session, ret; 831 u_int32_t sid = ((u_int32_t) tid) & 0xffffffff; 832 833 if (sc == NULL) 834 return (EINVAL); 835 836 session = SAFE_SESSION(sid); 837 if (session < sc->sc_nsessions) { 838 bzero(&sc->sc_sessions[session], sizeof(sc->sc_sessions[session])); 839 ret = 0; 840 } else 841 ret = EINVAL; 842 return (ret); 843} 844 845static void 846safe_op_cb(void *arg, bus_dma_segment_t *seg, int nsegs, bus_size_t mapsize, int error) 847{ 848 struct safe_operand *op = arg; 849 850 DPRINTF(("%s: mapsize %u nsegs %d error %d\n", __func__, 851 (u_int) mapsize, nsegs, error)); 852 if (error != 0) 853 return; 854 op->mapsize = mapsize; 855 op->nsegs = nsegs; 856 bcopy(seg, op->segs, nsegs * sizeof (seg[0])); 857} 858 859static int 860safe_process(void *arg, struct cryptop *crp, int hint) 861{ 862 int err = 0, i, nicealign, uniform; 863 struct safe_softc *sc = arg; 864 struct cryptodesc *crd1, *crd2, *maccrd, *enccrd; 865 int bypass, oplen, ivsize; 866 caddr_t iv; 867 int16_t coffset; 868 struct safe_session *ses; 869 struct safe_ringentry *re; 870 struct safe_sarec *sa; 871 struct safe_pdesc *pd; 872 u_int32_t cmd0, cmd1, staterec; 873 874 if (crp == NULL || crp->crp_callback == NULL || sc == NULL) { 875 safestats.st_invalid++; 876 return (EINVAL); 877 } 878 if (SAFE_SESSION(crp->crp_sid) >= sc->sc_nsessions) { 879 safestats.st_badsession++; 880 return (EINVAL); 881 } 882 883 mtx_lock(&sc->sc_ringmtx); 884 if (sc->sc_front == sc->sc_back && sc->sc_nqchip != 0) { 885 safestats.st_ringfull++; 886 sc->sc_needwakeup |= CRYPTO_SYMQ; 887 mtx_unlock(&sc->sc_ringmtx); 888 return (ERESTART); 889 } 890 re = sc->sc_front; 891 892 staterec = re->re_sa.sa_staterec; /* save */ 893 /* NB: zero everything but the PE descriptor */ 894 bzero(&re->re_sa, sizeof(struct safe_ringentry) - sizeof(re->re_desc)); 895 re->re_sa.sa_staterec = staterec; /* restore */ 896 897 re->re_crp = crp; 898 re->re_sesn = SAFE_SESSION(crp->crp_sid); 899 900 if (crp->crp_flags & CRYPTO_F_IMBUF) { 901 re->re_src_m = (struct mbuf *)crp->crp_buf; 902 re->re_dst_m = (struct mbuf *)crp->crp_buf; 903 } else if (crp->crp_flags & CRYPTO_F_IOV) { 904 re->re_src_io = (struct uio *)crp->crp_buf; 905 re->re_dst_io = (struct uio *)crp->crp_buf; 906 } else { 907 safestats.st_badflags++; 908 err = EINVAL; 909 goto errout; /* XXX we don't handle contiguous blocks! */ 910 } 911 912 sa = &re->re_sa; 913 ses = &sc->sc_sessions[re->re_sesn]; 914 915 crd1 = crp->crp_desc; 916 if (crd1 == NULL) { 917 safestats.st_nodesc++; 918 err = EINVAL; 919 goto errout; 920 } 921 crd2 = crd1->crd_next; 922 923 cmd0 = SAFE_SA_CMD0_BASIC; /* basic group operation */ 924 cmd1 = 0; 925 if (crd2 == NULL) { 926 if (crd1->crd_alg == CRYPTO_MD5_HMAC || 927 crd1->crd_alg == CRYPTO_SHA1_HMAC || 928 crd1->crd_alg == CRYPTO_NULL_HMAC) { 929 maccrd = crd1; 930 enccrd = NULL; 931 cmd0 |= SAFE_SA_CMD0_OP_HASH; 932 } else if (crd1->crd_alg == CRYPTO_DES_CBC || 933 crd1->crd_alg == CRYPTO_3DES_CBC || 934 crd1->crd_alg == CRYPTO_AES_CBC || 935 crd1->crd_alg == CRYPTO_NULL_CBC) { 936 maccrd = NULL; 937 enccrd = crd1; 938 cmd0 |= SAFE_SA_CMD0_OP_CRYPT; 939 } else { 940 safestats.st_badalg++; 941 err = EINVAL; 942 goto errout; 943 } 944 } else { 945 if ((crd1->crd_alg == CRYPTO_MD5_HMAC || 946 crd1->crd_alg == CRYPTO_SHA1_HMAC || 947 crd1->crd_alg == CRYPTO_NULL_HMAC) && 948 (crd2->crd_alg == CRYPTO_DES_CBC || 949 crd2->crd_alg == CRYPTO_3DES_CBC || 950 crd2->crd_alg == CRYPTO_AES_CBC || 951 crd2->crd_alg == CRYPTO_NULL_CBC) && 952 ((crd2->crd_flags & CRD_F_ENCRYPT) == 0)) { 953 maccrd = crd1; 954 enccrd = crd2; 955 } else if ((crd1->crd_alg == CRYPTO_DES_CBC || 956 crd1->crd_alg == CRYPTO_3DES_CBC || 957 crd1->crd_alg == CRYPTO_AES_CBC || 958 crd1->crd_alg == CRYPTO_NULL_CBC) && 959 (crd2->crd_alg == CRYPTO_MD5_HMAC || 960 crd2->crd_alg == CRYPTO_SHA1_HMAC || 961 crd2->crd_alg == CRYPTO_NULL_HMAC) && 962 (crd1->crd_flags & CRD_F_ENCRYPT)) { 963 enccrd = crd1; 964 maccrd = crd2; 965 } else { 966 safestats.st_badalg++; 967 err = EINVAL; 968 goto errout; 969 } 970 cmd0 |= SAFE_SA_CMD0_OP_BOTH; 971 } 972 973 if (enccrd) { 974 if (enccrd->crd_flags & CRD_F_KEY_EXPLICIT) 975 safe_setup_enckey(ses, enccrd->crd_key); 976 977 if (enccrd->crd_alg == CRYPTO_DES_CBC) { 978 cmd0 |= SAFE_SA_CMD0_DES; 979 cmd1 |= SAFE_SA_CMD1_CBC; 980 ivsize = 2*sizeof(u_int32_t); 981 } else if (enccrd->crd_alg == CRYPTO_3DES_CBC) { 982 cmd0 |= SAFE_SA_CMD0_3DES; 983 cmd1 |= SAFE_SA_CMD1_CBC; 984 ivsize = 2*sizeof(u_int32_t); 985 } else if (enccrd->crd_alg == CRYPTO_AES_CBC) { 986 cmd0 |= SAFE_SA_CMD0_AES; 987 cmd1 |= SAFE_SA_CMD1_CBC; 988 if (ses->ses_klen == 128) 989 cmd1 |= SAFE_SA_CMD1_AES128; 990 else if (ses->ses_klen == 192) 991 cmd1 |= SAFE_SA_CMD1_AES192; 992 else 993 cmd1 |= SAFE_SA_CMD1_AES256; 994 ivsize = 4*sizeof(u_int32_t); 995 } else { 996 cmd0 |= SAFE_SA_CMD0_CRYPT_NULL; 997 ivsize = 0; 998 } 999 1000 /* 1001 * Setup encrypt/decrypt state. When using basic ops 1002 * we can't use an inline IV because hash/crypt offset 1003 * must be from the end of the IV to the start of the 1004 * crypt data and this leaves out the preceding header 1005 * from the hash calculation. Instead we place the IV 1006 * in the state record and set the hash/crypt offset to 1007 * copy both the header+IV. 1008 */ 1009 if (enccrd->crd_flags & CRD_F_ENCRYPT) { 1010 cmd0 |= SAFE_SA_CMD0_OUTBOUND; 1011 1012 if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) 1013 iv = enccrd->crd_iv; 1014 else 1015 iv = (caddr_t) ses->ses_iv; 1016 if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) { 1017 if (crp->crp_flags & CRYPTO_F_IMBUF) 1018 m_copyback(re->re_src_m, 1019 enccrd->crd_inject, ivsize, iv); 1020 else if (crp->crp_flags & CRYPTO_F_IOV) 1021 cuio_copyback(re->re_src_io, 1022 enccrd->crd_inject, ivsize, iv); 1023 } 1024 bcopy(iv, re->re_sastate.sa_saved_iv, ivsize); 1025 cmd0 |= SAFE_SA_CMD0_IVLD_STATE | SAFE_SA_CMD0_SAVEIV; 1026 re->re_flags |= SAFE_QFLAGS_COPYOUTIV; 1027 } else { 1028 cmd0 |= SAFE_SA_CMD0_INBOUND; 1029 1030 if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) 1031 bcopy(enccrd->crd_iv, 1032 re->re_sastate.sa_saved_iv, ivsize); 1033 else if (crp->crp_flags & CRYPTO_F_IMBUF) 1034 m_copydata(re->re_src_m, enccrd->crd_inject, 1035 ivsize, 1036 (caddr_t)re->re_sastate.sa_saved_iv); 1037 else if (crp->crp_flags & CRYPTO_F_IOV) 1038 cuio_copydata(re->re_src_io, enccrd->crd_inject, 1039 ivsize, 1040 (caddr_t)re->re_sastate.sa_saved_iv); 1041 cmd0 |= SAFE_SA_CMD0_IVLD_STATE; 1042 } 1043 /* 1044 * For basic encryption use the zero pad algorithm. 1045 * This pads results to an 8-byte boundary and 1046 * suppresses padding verification for inbound (i.e. 1047 * decrypt) operations. 1048 * 1049 * NB: Not sure if the 8-byte pad boundary is a problem. 1050 */ 1051 cmd0 |= SAFE_SA_CMD0_PAD_ZERO; 1052 1053 /* XXX assert key bufs have the same size */ 1054 bcopy(ses->ses_key, sa->sa_key, sizeof(sa->sa_key)); 1055 } 1056 1057 if (maccrd) { 1058 if (maccrd->crd_flags & CRD_F_KEY_EXPLICIT) { 1059 safe_setup_mackey(ses, maccrd->crd_alg, 1060 maccrd->crd_key, maccrd->crd_klen / 8); 1061 } 1062 1063 if (maccrd->crd_alg == CRYPTO_MD5_HMAC) { 1064 cmd0 |= SAFE_SA_CMD0_MD5; 1065 cmd1 |= SAFE_SA_CMD1_HMAC; /* NB: enable HMAC */ 1066 } else if (maccrd->crd_alg == CRYPTO_SHA1_HMAC) { 1067 cmd0 |= SAFE_SA_CMD0_SHA1; 1068 cmd1 |= SAFE_SA_CMD1_HMAC; /* NB: enable HMAC */ 1069 } else { 1070 cmd0 |= SAFE_SA_CMD0_HASH_NULL; 1071 } 1072 /* 1073 * Digest data is loaded from the SA and the hash 1074 * result is saved to the state block where we 1075 * retrieve it for return to the caller. 1076 */ 1077 /* XXX assert digest bufs have the same size */ 1078 bcopy(ses->ses_hminner, sa->sa_indigest, 1079 sizeof(sa->sa_indigest)); 1080 bcopy(ses->ses_hmouter, sa->sa_outdigest, 1081 sizeof(sa->sa_outdigest)); 1082 1083 cmd0 |= SAFE_SA_CMD0_HSLD_SA | SAFE_SA_CMD0_SAVEHASH; 1084 re->re_flags |= SAFE_QFLAGS_COPYOUTICV; 1085 } 1086 1087 if (enccrd && maccrd) { 1088 /* 1089 * The offset from hash data to the start of 1090 * crypt data is the difference in the skips. 1091 */ 1092 bypass = maccrd->crd_skip; 1093 coffset = enccrd->crd_skip - maccrd->crd_skip; 1094 if (coffset < 0) { 1095 DPRINTF(("%s: hash does not precede crypt; " 1096 "mac skip %u enc skip %u\n", 1097 __func__, maccrd->crd_skip, enccrd->crd_skip)); 1098 safestats.st_skipmismatch++; 1099 err = EINVAL; 1100 goto errout; 1101 } 1102 oplen = enccrd->crd_skip + enccrd->crd_len; 1103 if (maccrd->crd_skip + maccrd->crd_len != oplen) { 1104 DPRINTF(("%s: hash amount %u != crypt amount %u\n", 1105 __func__, maccrd->crd_skip + maccrd->crd_len, 1106 oplen)); 1107 safestats.st_lenmismatch++; 1108 err = EINVAL; 1109 goto errout; 1110 } 1111#ifdef SAFE_DEBUG 1112 if (safe_debug) { 1113 printf("mac: skip %d, len %d, inject %d\n", 1114 maccrd->crd_skip, maccrd->crd_len, 1115 maccrd->crd_inject); 1116 printf("enc: skip %d, len %d, inject %d\n", 1117 enccrd->crd_skip, enccrd->crd_len, 1118 enccrd->crd_inject); 1119 printf("bypass %d coffset %d oplen %d\n", 1120 bypass, coffset, oplen); 1121 } 1122#endif 1123 if (coffset & 3) { /* offset must be 32-bit aligned */ 1124 DPRINTF(("%s: coffset %u misaligned\n", 1125 __func__, coffset)); 1126 safestats.st_coffmisaligned++; 1127 err = EINVAL; 1128 goto errout; 1129 } 1130 coffset >>= 2; 1131 if (coffset > 255) { /* offset must be <256 dwords */ 1132 DPRINTF(("%s: coffset %u too big\n", 1133 __func__, coffset)); 1134 safestats.st_cofftoobig++; 1135 err = EINVAL; 1136 goto errout; 1137 } 1138 /* 1139 * Tell the hardware to copy the header to the output. 1140 * The header is defined as the data from the end of 1141 * the bypass to the start of data to be encrypted. 1142 * Typically this is the inline IV. Note that you need 1143 * to do this even if src+dst are the same; it appears 1144 * that w/o this bit the crypted data is written 1145 * immediately after the bypass data. 1146 */ 1147 cmd1 |= SAFE_SA_CMD1_HDRCOPY; 1148 /* 1149 * Disable IP header mutable bit handling. This is 1150 * needed to get correct HMAC calculations. 1151 */ 1152 cmd1 |= SAFE_SA_CMD1_MUTABLE; 1153 } else { 1154 if (enccrd) { 1155 bypass = enccrd->crd_skip; 1156 oplen = bypass + enccrd->crd_len; 1157 } else { 1158 bypass = maccrd->crd_skip; 1159 oplen = bypass + maccrd->crd_len; 1160 } 1161 coffset = 0; 1162 } 1163 /* XXX verify multiple of 4 when using s/g */ 1164 if (bypass > 96) { /* bypass offset must be <= 96 bytes */ 1165 DPRINTF(("%s: bypass %u too big\n", __func__, bypass)); 1166 safestats.st_bypasstoobig++; 1167 err = EINVAL; 1168 goto errout; 1169 } 1170 1171 if (bus_dmamap_create(sc->sc_srcdmat, BUS_DMA_NOWAIT, &re->re_src_map)) { 1172 safestats.st_nomap++; 1173 err = ENOMEM; 1174 goto errout; 1175 } 1176 if (crp->crp_flags & CRYPTO_F_IMBUF) { 1177 if (bus_dmamap_load_mbuf(sc->sc_srcdmat, re->re_src_map, 1178 re->re_src_m, safe_op_cb, 1179 &re->re_src, BUS_DMA_NOWAIT) != 0) { 1180 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map); 1181 re->re_src_map = NULL; 1182 safestats.st_noload++; 1183 err = ENOMEM; 1184 goto errout; 1185 } 1186 } else if (crp->crp_flags & CRYPTO_F_IOV) { 1187 if (bus_dmamap_load_uio(sc->sc_srcdmat, re->re_src_map, 1188 re->re_src_io, safe_op_cb, 1189 &re->re_src, BUS_DMA_NOWAIT) != 0) { 1190 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map); 1191 re->re_src_map = NULL; 1192 safestats.st_noload++; 1193 err = ENOMEM; 1194 goto errout; 1195 } 1196 } 1197 nicealign = safe_dmamap_aligned(&re->re_src); 1198 uniform = safe_dmamap_uniform(&re->re_src); 1199 1200 DPRINTF(("src nicealign %u uniform %u nsegs %u\n", 1201 nicealign, uniform, re->re_src.nsegs)); 1202 if (re->re_src.nsegs > 1) { 1203 re->re_desc.d_src = sc->sc_spalloc.dma_paddr + 1204 ((caddr_t) sc->sc_spfree - (caddr_t) sc->sc_spring); 1205 for (i = 0; i < re->re_src_nsegs; i++) { 1206 /* NB: no need to check if there's space */ 1207 pd = sc->sc_spfree; 1208 if (++(sc->sc_spfree) == sc->sc_springtop) 1209 sc->sc_spfree = sc->sc_spring; 1210 1211 KASSERT((pd->pd_flags&3) == 0 || 1212 (pd->pd_flags&3) == SAFE_PD_DONE, 1213 ("bogus source particle descriptor; flags %x", 1214 pd->pd_flags)); 1215 pd->pd_addr = re->re_src_segs[i].ds_addr; 1216 pd->pd_size = re->re_src_segs[i].ds_len; 1217 pd->pd_flags = SAFE_PD_READY; 1218 } 1219 cmd0 |= SAFE_SA_CMD0_IGATHER; 1220 } else { 1221 /* 1222 * No need for gather, reference the operand directly. 1223 */ 1224 re->re_desc.d_src = re->re_src_segs[0].ds_addr; 1225 } 1226 1227 if (enccrd == NULL && maccrd != NULL) { 1228 /* 1229 * Hash op; no destination needed. 1230 */ 1231 } else { 1232 if (crp->crp_flags & CRYPTO_F_IOV) { 1233 if (!nicealign) { 1234 safestats.st_iovmisaligned++; 1235 err = EINVAL; 1236 goto errout; 1237 } 1238 if (uniform != 1) { 1239 /* 1240 * Source is not suitable for direct use as 1241 * the destination. Create a new scatter/gather 1242 * list based on the destination requirements 1243 * and check if that's ok. 1244 */ 1245 if (bus_dmamap_create(sc->sc_dstdmat, 1246 BUS_DMA_NOWAIT, &re->re_dst_map)) { 1247 safestats.st_nomap++; 1248 err = ENOMEM; 1249 goto errout; 1250 } 1251 if (bus_dmamap_load_uio(sc->sc_dstdmat, 1252 re->re_dst_map, re->re_dst_io, 1253 safe_op_cb, &re->re_dst, 1254 BUS_DMA_NOWAIT) != 0) { 1255 bus_dmamap_destroy(sc->sc_dstdmat, 1256 re->re_dst_map); 1257 re->re_dst_map = NULL; 1258 safestats.st_noload++; 1259 err = ENOMEM; 1260 goto errout; 1261 } 1262 uniform = safe_dmamap_uniform(&re->re_dst); 1263 if (!uniform) { 1264 /* 1265 * There's no way to handle the DMA 1266 * requirements with this uio. We 1267 * could create a separate DMA area for 1268 * the result and then copy it back, 1269 * but for now we just bail and return 1270 * an error. Note that uio requests 1271 * > SAFE_MAX_DSIZE are handled because 1272 * the DMA map and segment list for the 1273 * destination wil result in a 1274 * destination particle list that does 1275 * the necessary scatter DMA. 1276 */ 1277 safestats.st_iovnotuniform++; 1278 err = EINVAL; 1279 goto errout; 1280 } 1281 } else 1282 re->re_dst = re->re_src; 1283 } else if (crp->crp_flags & CRYPTO_F_IMBUF) { 1284 if (nicealign && uniform == 1) { 1285 /* 1286 * Source layout is suitable for direct 1287 * sharing of the DMA map and segment list. 1288 */ 1289 re->re_dst = re->re_src; 1290 } else if (nicealign && uniform == 2) { 1291 /* 1292 * The source is properly aligned but requires a 1293 * different particle list to handle DMA of the 1294 * result. Create a new map and do the load to 1295 * create the segment list. The particle 1296 * descriptor setup code below will handle the 1297 * rest. 1298 */ 1299 if (bus_dmamap_create(sc->sc_dstdmat, 1300 BUS_DMA_NOWAIT, &re->re_dst_map)) { 1301 safestats.st_nomap++; 1302 err = ENOMEM; 1303 goto errout; 1304 } 1305 if (bus_dmamap_load_mbuf(sc->sc_dstdmat, 1306 re->re_dst_map, re->re_dst_m, 1307 safe_op_cb, &re->re_dst, 1308 BUS_DMA_NOWAIT) != 0) { 1309 bus_dmamap_destroy(sc->sc_dstdmat, 1310 re->re_dst_map); 1311 re->re_dst_map = NULL; 1312 safestats.st_noload++; 1313 err = ENOMEM; 1314 goto errout; 1315 } 1316 } else { /* !(aligned and/or uniform) */ 1317 int totlen, len; 1318 struct mbuf *m, *top, **mp; 1319 1320 /* 1321 * DMA constraints require that we allocate a 1322 * new mbuf chain for the destination. We 1323 * allocate an entire new set of mbufs of 1324 * optimal/required size and then tell the 1325 * hardware to copy any bits that are not 1326 * created as a byproduct of the operation. 1327 */ 1328 if (!nicealign) 1329 safestats.st_unaligned++; 1330 if (!uniform) 1331 safestats.st_notuniform++; 1332 totlen = re->re_src_mapsize; 1333 if (re->re_src_m->m_flags & M_PKTHDR) { 1334 len = MHLEN; 1335 MGETHDR(m, M_DONTWAIT, MT_DATA); 1336 if (m && !m_dup_pkthdr(m, re->re_src_m, 1337 M_DONTWAIT)) { 1338 m_free(m); 1339 m = NULL; 1340 } 1341 } else { 1342 len = MLEN; 1343 MGET(m, M_DONTWAIT, MT_DATA); 1344 } 1345 if (m == NULL) { 1346 safestats.st_nombuf++; 1347 err = sc->sc_nqchip ? ERESTART : ENOMEM; 1348 goto errout; 1349 } 1350 if (totlen >= MINCLSIZE) { 1351 MCLGET(m, M_DONTWAIT); 1352 if ((m->m_flags & M_EXT) == 0) { 1353 m_free(m); 1354 safestats.st_nomcl++; 1355 err = sc->sc_nqchip ? 1356 ERESTART : ENOMEM; 1357 goto errout; 1358 } 1359 len = MCLBYTES; 1360 } 1361 m->m_len = len; 1362 top = NULL; 1363 mp = ⊤ 1364 1365 while (totlen > 0) { 1366 if (top) { 1367 MGET(m, M_DONTWAIT, MT_DATA); 1368 if (m == NULL) { 1369 m_freem(top); 1370 safestats.st_nombuf++; 1371 err = sc->sc_nqchip ? 1372 ERESTART : ENOMEM; 1373 goto errout; 1374 } 1375 len = MLEN; 1376 } 1377 if (top && totlen >= MINCLSIZE) { 1378 MCLGET(m, M_DONTWAIT); 1379 if ((m->m_flags & M_EXT) == 0) { 1380 *mp = m; 1381 m_freem(top); 1382 safestats.st_nomcl++; 1383 err = sc->sc_nqchip ? 1384 ERESTART : ENOMEM; 1385 goto errout; 1386 } 1387 len = MCLBYTES; 1388 } 1389 m->m_len = len = min(totlen, len); 1390 totlen -= len; 1391 *mp = m; 1392 mp = &m->m_next; 1393 } 1394 re->re_dst_m = top; 1395 if (bus_dmamap_create(sc->sc_dstdmat, 1396 BUS_DMA_NOWAIT, &re->re_dst_map) != 0) { 1397 safestats.st_nomap++; 1398 err = ENOMEM; 1399 goto errout; 1400 } 1401 if (bus_dmamap_load_mbuf(sc->sc_dstdmat, 1402 re->re_dst_map, re->re_dst_m, 1403 safe_op_cb, &re->re_dst, 1404 BUS_DMA_NOWAIT) != 0) { 1405 bus_dmamap_destroy(sc->sc_dstdmat, 1406 re->re_dst_map); 1407 re->re_dst_map = NULL; 1408 safestats.st_noload++; 1409 err = ENOMEM; 1410 goto errout; 1411 } 1412 if (re->re_src.mapsize > oplen) { 1413 /* 1414 * There's data following what the 1415 * hardware will copy for us. If this 1416 * isn't just the ICV (that's going to 1417 * be written on completion), copy it 1418 * to the new mbufs 1419 */ 1420 if (!(maccrd && 1421 (re->re_src.mapsize-oplen) == 12 && 1422 maccrd->crd_inject == oplen)) 1423 safe_mcopy(re->re_src_m, 1424 re->re_dst_m, 1425 oplen); 1426 else 1427 safestats.st_noicvcopy++; 1428 } 1429 } 1430 } else { 1431 safestats.st_badflags++; 1432 err = EINVAL; 1433 goto errout; 1434 } 1435 1436 if (re->re_dst.nsegs > 1) { 1437 re->re_desc.d_dst = sc->sc_dpalloc.dma_paddr + 1438 ((caddr_t) sc->sc_dpfree - (caddr_t) sc->sc_dpring); 1439 for (i = 0; i < re->re_dst_nsegs; i++) { 1440 pd = sc->sc_dpfree; 1441 KASSERT((pd->pd_flags&3) == 0 || 1442 (pd->pd_flags&3) == SAFE_PD_DONE, 1443 ("bogus dest particle descriptor; flags %x", 1444 pd->pd_flags)); 1445 if (++(sc->sc_dpfree) == sc->sc_dpringtop) 1446 sc->sc_dpfree = sc->sc_dpring; 1447 pd->pd_addr = re->re_dst_segs[i].ds_addr; 1448 pd->pd_flags = SAFE_PD_READY; 1449 } 1450 cmd0 |= SAFE_SA_CMD0_OSCATTER; 1451 } else { 1452 /* 1453 * No need for scatter, reference the operand directly. 1454 */ 1455 re->re_desc.d_dst = re->re_dst_segs[0].ds_addr; 1456 } 1457 } 1458 1459 /* 1460 * All done with setup; fillin the SA command words 1461 * and the packet engine descriptor. The operation 1462 * is now ready for submission to the hardware. 1463 */ 1464 sa->sa_cmd0 = cmd0 | SAFE_SA_CMD0_IPCI | SAFE_SA_CMD0_OPCI; 1465 sa->sa_cmd1 = cmd1 1466 | (coffset << SAFE_SA_CMD1_OFFSET_S) 1467 | SAFE_SA_CMD1_SAREV1 /* Rev 1 SA data structure */ 1468 | SAFE_SA_CMD1_SRPCI 1469 ; 1470 /* 1471 * NB: the order of writes is important here. In case the 1472 * chip is scanning the ring because of an outstanding request 1473 * it might nab this one too. In that case we need to make 1474 * sure the setup is complete before we write the length 1475 * field of the descriptor as it signals the descriptor is 1476 * ready for processing. 1477 */ 1478 re->re_desc.d_csr = SAFE_PE_CSR_READY | SAFE_PE_CSR_SAPCI; 1479 if (maccrd) 1480 re->re_desc.d_csr |= SAFE_PE_CSR_LOADSA | SAFE_PE_CSR_HASHFINAL; 1481 re->re_desc.d_len = oplen 1482 | SAFE_PE_LEN_READY 1483 | (bypass << SAFE_PE_LEN_BYPASS_S) 1484 ; 1485 1486 safestats.st_ipackets++; 1487 safestats.st_ibytes += oplen; 1488 1489 if (++(sc->sc_front) == sc->sc_ringtop) 1490 sc->sc_front = sc->sc_ring; 1491 1492 /* XXX honor batching */ 1493 safe_feed(sc, re); 1494 mtx_unlock(&sc->sc_ringmtx); 1495 return (0); 1496 1497errout: 1498 if ((re->re_dst_m != NULL) && (re->re_src_m != re->re_dst_m)) 1499 m_freem(re->re_dst_m); 1500 1501 if (re->re_dst_map != NULL && re->re_dst_map != re->re_src_map) { 1502 bus_dmamap_unload(sc->sc_dstdmat, re->re_dst_map); 1503 bus_dmamap_destroy(sc->sc_dstdmat, re->re_dst_map); 1504 } 1505 if (re->re_src_map != NULL) { 1506 bus_dmamap_unload(sc->sc_srcdmat, re->re_src_map); 1507 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map); 1508 } 1509 mtx_unlock(&sc->sc_ringmtx); 1510 if (err != ERESTART) { 1511 crp->crp_etype = err; 1512 crypto_done(crp); 1513 } else { 1514 sc->sc_needwakeup |= CRYPTO_SYMQ; 1515 } 1516 return (err); 1517} 1518 1519static void 1520safe_callback(struct safe_softc *sc, struct safe_ringentry *re) 1521{ 1522 struct cryptop *crp = (struct cryptop *)re->re_crp; 1523 struct cryptodesc *crd; 1524 1525 safestats.st_opackets++; 1526 safestats.st_obytes += re->re_dst.mapsize; 1527 1528 safe_dma_sync(&sc->sc_ringalloc, 1529 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 1530 if (re->re_desc.d_csr & SAFE_PE_CSR_STATUS) { 1531 device_printf(sc->sc_dev, "csr 0x%x cmd0 0x%x cmd1 0x%x\n", 1532 re->re_desc.d_csr, 1533 re->re_sa.sa_cmd0, re->re_sa.sa_cmd1); 1534 safestats.st_peoperr++; 1535 crp->crp_etype = EIO; /* something more meaningful? */ 1536 } 1537 if (re->re_dst_map != NULL && re->re_dst_map != re->re_src_map) { 1538 bus_dmamap_sync(sc->sc_dstdmat, re->re_dst_map, 1539 BUS_DMASYNC_POSTREAD); 1540 bus_dmamap_unload(sc->sc_dstdmat, re->re_dst_map); 1541 bus_dmamap_destroy(sc->sc_dstdmat, re->re_dst_map); 1542 } 1543 bus_dmamap_sync(sc->sc_srcdmat, re->re_src_map, BUS_DMASYNC_POSTWRITE); 1544 bus_dmamap_unload(sc->sc_srcdmat, re->re_src_map); 1545 bus_dmamap_destroy(sc->sc_srcdmat, re->re_src_map); 1546 1547 /* 1548 * If result was written to a differet mbuf chain, swap 1549 * it in as the return value and reclaim the original. 1550 */ 1551 if ((crp->crp_flags & CRYPTO_F_IMBUF) && re->re_src_m != re->re_dst_m) { 1552 m_freem(re->re_src_m); 1553 crp->crp_buf = (caddr_t)re->re_dst_m; 1554 } 1555 1556 if (re->re_flags & SAFE_QFLAGS_COPYOUTIV) { 1557 /* copy out IV for future use */ 1558 for (crd = crp->crp_desc; crd; crd = crd->crd_next) { 1559 int ivsize; 1560 1561 if (crd->crd_alg == CRYPTO_DES_CBC || 1562 crd->crd_alg == CRYPTO_3DES_CBC) { 1563 ivsize = 2*sizeof(u_int32_t); 1564 } else if (crd->crd_alg == CRYPTO_AES_CBC) { 1565 ivsize = 4*sizeof(u_int32_t); 1566 } else 1567 continue; 1568 if (crp->crp_flags & CRYPTO_F_IMBUF) { 1569 m_copydata((struct mbuf *)crp->crp_buf, 1570 crd->crd_skip + crd->crd_len - ivsize, 1571 ivsize, 1572 (caddr_t) sc->sc_sessions[re->re_sesn].ses_iv); 1573 } else if (crp->crp_flags & CRYPTO_F_IOV) { 1574 cuio_copydata((struct uio *)crp->crp_buf, 1575 crd->crd_skip + crd->crd_len - ivsize, 1576 ivsize, 1577 (caddr_t)sc->sc_sessions[re->re_sesn].ses_iv); 1578 } 1579 break; 1580 } 1581 } 1582 1583 if (re->re_flags & SAFE_QFLAGS_COPYOUTICV) { 1584 /* copy out ICV result */ 1585 for (crd = crp->crp_desc; crd; crd = crd->crd_next) { 1586 if (!(crd->crd_alg == CRYPTO_MD5_HMAC || 1587 crd->crd_alg == CRYPTO_SHA1_HMAC || 1588 crd->crd_alg == CRYPTO_NULL_HMAC)) 1589 continue; 1590 if (crd->crd_alg == CRYPTO_SHA1_HMAC) { 1591 /* 1592 * SHA-1 ICV's are byte-swapped; fix 'em up 1593 * before copy them to their destination. 1594 */ 1595 bswap32(re->re_sastate.sa_saved_indigest[0]); 1596 bswap32(re->re_sastate.sa_saved_indigest[1]); 1597 bswap32(re->re_sastate.sa_saved_indigest[2]); 1598 } 1599 if (crp->crp_flags & CRYPTO_F_IMBUF) { 1600 m_copyback((struct mbuf *)crp->crp_buf, 1601 crd->crd_inject, 1602 sc->sc_sessions[re->re_sesn].ses_mlen, 1603 (caddr_t)re->re_sastate.sa_saved_indigest); 1604 } else if (crp->crp_flags & CRYPTO_F_IOV) { 1605 cuio_copyback((struct uio *)crp->crp_buf, 1606 crd->crd_inject, 1607 sc->sc_sessions[re->re_sesn].ses_mlen, 1608 (caddr_t)re->re_sastate.sa_saved_indigest); 1609 } 1610 break; 1611 } 1612 } 1613 crypto_done(crp); 1614} 1615 1616/* 1617 * Copy all data past offset from srcm to dstm. 1618 */ 1619static void 1620safe_mcopy(struct mbuf *srcm, struct mbuf *dstm, u_int offset) 1621{ 1622 u_int j, dlen, slen; 1623 caddr_t dptr, sptr; 1624 1625 /* 1626 * Advance src and dst to offset. 1627 */ 1628 j = offset; 1629 while (j >= 0) { 1630 if (srcm->m_len > j) 1631 break; 1632 j -= srcm->m_len; 1633 srcm = srcm->m_next; 1634 if (srcm == NULL) 1635 return; 1636 } 1637 sptr = mtod(srcm, caddr_t) + j; 1638 slen = srcm->m_len - j; 1639 1640 j = offset; 1641 while (j >= 0) { 1642 if (dstm->m_len > j) 1643 break; 1644 j -= dstm->m_len; 1645 dstm = dstm->m_next; 1646 if (dstm == NULL) 1647 return; 1648 } 1649 dptr = mtod(dstm, caddr_t) + j; 1650 dlen = dstm->m_len - j; 1651 1652 /* 1653 * Copy everything that remains. 1654 */ 1655 for (;;) { 1656 j = min(slen, dlen); 1657 bcopy(sptr, dptr, j); 1658 if (slen == j) { 1659 srcm = srcm->m_next; 1660 if (srcm == NULL) 1661 return; 1662 sptr = srcm->m_data; 1663 slen = srcm->m_len; 1664 } else 1665 sptr += j, slen -= j; 1666 if (dlen == j) { 1667 dstm = dstm->m_next; 1668 if (dstm == NULL) 1669 return; 1670 dptr = dstm->m_data; 1671 dlen = dstm->m_len; 1672 } else 1673 dptr += j, dlen -= j; 1674 } 1675} 1676 1677#ifndef SAFE_NO_RNG 1678#define SAFE_RNG_MAXWAIT 1000 1679 1680static void 1681safe_rng_init(struct safe_softc *sc) 1682{ 1683 u_int32_t w, v; 1684 int i; 1685 1686 WRITE_REG(sc, SAFE_RNG_CTRL, 0); 1687 /* use default value according to the manual */ 1688 WRITE_REG(sc, SAFE_RNG_CNFG, 0x834); /* magic from SafeNet */ 1689 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0); 1690 1691 /* 1692 * There is a bug in rev 1.0 of the 1140 that when the RNG 1693 * is brought out of reset the ready status flag does not 1694 * work until the RNG has finished its internal initialization. 1695 * 1696 * So in order to determine the device is through its 1697 * initialization we must read the data register, using the 1698 * status reg in the read in case it is initialized. Then read 1699 * the data register until it changes from the first read. 1700 * Once it changes read the data register until it changes 1701 * again. At this time the RNG is considered initialized. 1702 * This could take between 750ms - 1000ms in time. 1703 */ 1704 i = 0; 1705 w = READ_REG(sc, SAFE_RNG_OUT); 1706 do { 1707 v = READ_REG(sc, SAFE_RNG_OUT); 1708 if (v != w) { 1709 w = v; 1710 break; 1711 } 1712 DELAY(10); 1713 } while (++i < SAFE_RNG_MAXWAIT); 1714 1715 /* Wait Until data changes again */ 1716 i = 0; 1717 do { 1718 v = READ_REG(sc, SAFE_RNG_OUT); 1719 if (v != w) 1720 break; 1721 DELAY(10); 1722 } while (++i < SAFE_RNG_MAXWAIT); 1723} 1724 1725static __inline void 1726safe_rng_disable_short_cycle(struct safe_softc *sc) 1727{ 1728 WRITE_REG(sc, SAFE_RNG_CTRL, 1729 READ_REG(sc, SAFE_RNG_CTRL) &~ SAFE_RNG_CTRL_SHORTEN); 1730} 1731 1732static __inline void 1733safe_rng_enable_short_cycle(struct safe_softc *sc) 1734{ 1735 WRITE_REG(sc, SAFE_RNG_CTRL, 1736 READ_REG(sc, SAFE_RNG_CTRL) | SAFE_RNG_CTRL_SHORTEN); 1737} 1738 1739static __inline u_int32_t 1740safe_rng_read(struct safe_softc *sc) 1741{ 1742 int i; 1743 1744 i = 0; 1745 while (READ_REG(sc, SAFE_RNG_STAT) != 0 && ++i < SAFE_RNG_MAXWAIT) 1746 ; 1747 return READ_REG(sc, SAFE_RNG_OUT); 1748} 1749 1750static void 1751safe_rng(void *arg) 1752{ 1753 struct safe_softc *sc = arg; 1754 u_int32_t buf[SAFE_RNG_MAXBUFSIZ]; /* NB: maybe move to softc */ 1755 u_int maxwords; 1756 int i; 1757 1758 safestats.st_rng++; 1759 /* 1760 * Fetch the next block of data. 1761 */ 1762 maxwords = safe_rngbufsize; 1763 if (maxwords > SAFE_RNG_MAXBUFSIZ) 1764 maxwords = SAFE_RNG_MAXBUFSIZ; 1765retry: 1766 for (i = 0; i < maxwords; i++) 1767 buf[i] = safe_rng_read(sc); 1768 /* 1769 * Check the comparator alarm count and reset the h/w if 1770 * it exceeds our threshold. This guards against the 1771 * hardware oscillators resonating with external signals. 1772 */ 1773 if (READ_REG(sc, SAFE_RNG_ALM_CNT) > safe_rngmaxalarm) { 1774 u_int32_t freq_inc, w; 1775 1776 DPRINTF(("%s: alarm count %u exceeds threshold %u\n", __func__, 1777 READ_REG(sc, SAFE_RNG_ALM_CNT), safe_rngmaxalarm)); 1778 safestats.st_rngalarm++; 1779 safe_rng_enable_short_cycle(sc); 1780 freq_inc = 18; 1781 for (i = 0; i < 64; i++) { 1782 w = READ_REG(sc, SAFE_RNG_CNFG); 1783 freq_inc = ((w + freq_inc) & 0x3fL); 1784 w = ((w & ~0x3fL) | freq_inc); 1785 WRITE_REG(sc, SAFE_RNG_CNFG, w); 1786 1787 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0); 1788 1789 (void) safe_rng_read(sc); 1790 DELAY(25); 1791 1792 if (READ_REG(sc, SAFE_RNG_ALM_CNT) == 0) { 1793 safe_rng_disable_short_cycle(sc); 1794 goto retry; 1795 } 1796 freq_inc = 1; 1797 } 1798 safe_rng_disable_short_cycle(sc); 1799 } else 1800 WRITE_REG(sc, SAFE_RNG_ALM_CNT, 0); 1801 1802 (*sc->sc_harvest)(sc->sc_rndtest, buf, maxwords*sizeof (u_int32_t)); 1803 callout_reset(&sc->sc_rngto, 1804 hz * (safe_rnginterval ? safe_rnginterval : 1), safe_rng, sc); 1805} 1806#endif /* SAFE_NO_RNG */ 1807 1808static void 1809safe_dmamap_cb(void *arg, bus_dma_segment_t *segs, int nseg, int error) 1810{ 1811 bus_addr_t *paddr = (bus_addr_t*) arg; 1812 *paddr = segs->ds_addr; 1813} 1814 1815static int 1816safe_dma_malloc( 1817 struct safe_softc *sc, 1818 bus_size_t size, 1819 struct safe_dma_alloc *dma, 1820 int mapflags 1821) 1822{ 1823 int r; 1824 1825 r = bus_dma_tag_create(NULL, /* parent */ 1826 sizeof(u_int32_t), 0, /* alignment, bounds */ 1827 BUS_SPACE_MAXADDR_32BIT, /* lowaddr */ 1828 BUS_SPACE_MAXADDR, /* highaddr */ 1829 NULL, NULL, /* filter, filterarg */ 1830 size, /* maxsize */ 1831 1, /* nsegments */ 1832 size, /* maxsegsize */ 1833 BUS_DMA_ALLOCNOW, /* flags */ 1834 NULL, NULL, /* locking */ 1835 &dma->dma_tag); 1836 if (r != 0) { 1837 device_printf(sc->sc_dev, "safe_dma_malloc: " 1838 "bus_dma_tag_create failed; error %u\n", r); 1839 goto fail_0; 1840 } 1841 1842 r = bus_dmamap_create(dma->dma_tag, BUS_DMA_NOWAIT, &dma->dma_map); 1843 if (r != 0) { 1844 device_printf(sc->sc_dev, "safe_dma_malloc: " 1845 "bus_dmamap_create failed; error %u\n", r); 1846 goto fail_1; 1847 } 1848 1849 r = bus_dmamem_alloc(dma->dma_tag, (void**) &dma->dma_vaddr, 1850 BUS_DMA_NOWAIT, &dma->dma_map); 1851 if (r != 0) { 1852 device_printf(sc->sc_dev, "safe_dma_malloc: " 1853 "bus_dmammem_alloc failed; size %zu, error %u\n", 1854 size, r); 1855 goto fail_2; 1856 } 1857 1858 r = bus_dmamap_load(dma->dma_tag, dma->dma_map, dma->dma_vaddr, 1859 size, 1860 safe_dmamap_cb, 1861 &dma->dma_paddr, 1862 mapflags | BUS_DMA_NOWAIT); 1863 if (r != 0) { 1864 device_printf(sc->sc_dev, "safe_dma_malloc: " 1865 "bus_dmamap_load failed; error %u\n", r); 1866 goto fail_3; 1867 } 1868 1869 dma->dma_size = size; 1870 return (0); 1871 1872fail_3: 1873 bus_dmamap_unload(dma->dma_tag, dma->dma_map); 1874fail_2: 1875 bus_dmamem_free(dma->dma_tag, dma->dma_vaddr, dma->dma_map); 1876fail_1: 1877 bus_dmamap_destroy(dma->dma_tag, dma->dma_map); 1878 bus_dma_tag_destroy(dma->dma_tag); 1879fail_0: 1880 dma->dma_map = NULL; 1881 dma->dma_tag = NULL; 1882 return (r); 1883} 1884 1885static void 1886safe_dma_free(struct safe_softc *sc, struct safe_dma_alloc *dma) 1887{ 1888 bus_dmamap_unload(dma->dma_tag, dma->dma_map); 1889 bus_dmamem_free(dma->dma_tag, dma->dma_vaddr, dma->dma_map); 1890 bus_dmamap_destroy(dma->dma_tag, dma->dma_map); 1891 bus_dma_tag_destroy(dma->dma_tag); 1892} 1893 1894/* 1895 * Resets the board. Values in the regesters are left as is 1896 * from the reset (i.e. initial values are assigned elsewhere). 1897 */ 1898static void 1899safe_reset_board(struct safe_softc *sc) 1900{ 1901 u_int32_t v; 1902 /* 1903 * Reset the device. The manual says no delay 1904 * is needed between marking and clearing reset. 1905 */ 1906 v = READ_REG(sc, SAFE_PE_DMACFG) &~ 1907 (SAFE_PE_DMACFG_PERESET | SAFE_PE_DMACFG_PDRRESET | 1908 SAFE_PE_DMACFG_SGRESET); 1909 WRITE_REG(sc, SAFE_PE_DMACFG, v 1910 | SAFE_PE_DMACFG_PERESET 1911 | SAFE_PE_DMACFG_PDRRESET 1912 | SAFE_PE_DMACFG_SGRESET); 1913 WRITE_REG(sc, SAFE_PE_DMACFG, v); 1914} 1915 1916/* 1917 * Initialize registers we need to touch only once. 1918 */ 1919static void 1920safe_init_board(struct safe_softc *sc) 1921{ 1922 u_int32_t v, dwords; 1923 1924 v = READ_REG(sc, SAFE_PE_DMACFG);; 1925 v &=~ SAFE_PE_DMACFG_PEMODE; 1926 v |= SAFE_PE_DMACFG_FSENA /* failsafe enable */ 1927 | SAFE_PE_DMACFG_GPRPCI /* gather ring on PCI */ 1928 | SAFE_PE_DMACFG_SPRPCI /* scatter ring on PCI */ 1929 | SAFE_PE_DMACFG_ESDESC /* endian-swap descriptors */ 1930 | SAFE_PE_DMACFG_ESSA /* endian-swap SA's */ 1931 | SAFE_PE_DMACFG_ESPDESC /* endian-swap part. desc's */ 1932 ; 1933 WRITE_REG(sc, SAFE_PE_DMACFG, v); 1934#if 0 1935 /* XXX select byte swap based on host byte order */ 1936 WRITE_REG(sc, SAFE_ENDIAN, 0x1b); 1937#endif 1938 if (sc->sc_chiprev == SAFE_REV(1,0)) { 1939 /* 1940 * Avoid large PCI DMA transfers. Rev 1.0 has a bug where 1941 * "target mode transfers" done while the chip is DMA'ing 1942 * >1020 bytes cause the hardware to lockup. To avoid this 1943 * we reduce the max PCI transfer size and use small source 1944 * particle descriptors (<= 256 bytes). 1945 */ 1946 WRITE_REG(sc, SAFE_DMA_CFG, 256); 1947 device_printf(sc->sc_dev, 1948 "Reduce max DMA size to %u words for rev %u.%u WAR\n", 1949 (READ_REG(sc, SAFE_DMA_CFG)>>2) & 0xff, 1950 SAFE_REV_MAJ(sc->sc_chiprev), 1951 SAFE_REV_MIN(sc->sc_chiprev)); 1952 } 1953 1954 /* NB: operands+results are overlaid */ 1955 WRITE_REG(sc, SAFE_PE_PDRBASE, sc->sc_ringalloc.dma_paddr); 1956 WRITE_REG(sc, SAFE_PE_RDRBASE, sc->sc_ringalloc.dma_paddr); 1957 /* 1958 * Configure ring entry size and number of items in the ring. 1959 */ 1960 KASSERT((sizeof(struct safe_ringentry) % sizeof(u_int32_t)) == 0, 1961 ("PE ring entry not 32-bit aligned!")); 1962 dwords = sizeof(struct safe_ringentry) / sizeof(u_int32_t); 1963 WRITE_REG(sc, SAFE_PE_RINGCFG, 1964 (dwords << SAFE_PE_RINGCFG_OFFSET_S) | SAFE_MAX_NQUEUE); 1965 WRITE_REG(sc, SAFE_PE_RINGPOLL, 0); /* disable polling */ 1966 1967 WRITE_REG(sc, SAFE_PE_GRNGBASE, sc->sc_spalloc.dma_paddr); 1968 WRITE_REG(sc, SAFE_PE_SRNGBASE, sc->sc_dpalloc.dma_paddr); 1969 WRITE_REG(sc, SAFE_PE_PARTSIZE, 1970 (SAFE_TOTAL_DPART<<16) | SAFE_TOTAL_SPART); 1971 /* 1972 * NB: destination particles are fixed size. We use 1973 * an mbuf cluster and require all results go to 1974 * clusters or smaller. 1975 */ 1976 WRITE_REG(sc, SAFE_PE_PARTCFG, SAFE_MAX_DSIZE); 1977 1978 /* it's now safe to enable PE mode, do it */ 1979 WRITE_REG(sc, SAFE_PE_DMACFG, v | SAFE_PE_DMACFG_PEMODE); 1980 1981 /* 1982 * Configure hardware to use level-triggered interrupts and 1983 * to interrupt after each descriptor is processed. 1984 */ 1985 WRITE_REG(sc, SAFE_HI_CFG, SAFE_HI_CFG_LEVEL); 1986 WRITE_REG(sc, SAFE_HI_DESC_CNT, 1); 1987 WRITE_REG(sc, SAFE_HI_MASK, SAFE_INT_PE_DDONE | SAFE_INT_PE_ERROR); 1988} 1989 1990/* 1991 * Init PCI registers 1992 */ 1993static void 1994safe_init_pciregs(device_t dev) 1995{ 1996} 1997 1998/* 1999 * Clean up after a chip crash. 2000 * It is assumed that the caller in splimp() 2001 */ 2002static void 2003safe_cleanchip(struct safe_softc *sc) 2004{ 2005 2006 if (sc->sc_nqchip != 0) { 2007 struct safe_ringentry *re = sc->sc_back; 2008 2009 while (re != sc->sc_front) { 2010 if (re->re_desc.d_csr != 0) 2011 safe_free_entry(sc, re); 2012 if (++re == sc->sc_ringtop) 2013 re = sc->sc_ring; 2014 } 2015 sc->sc_back = re; 2016 sc->sc_nqchip = 0; 2017 } 2018} 2019 2020/* 2021 * free a safe_q 2022 * It is assumed that the caller is within splimp(). 2023 */ 2024static int 2025safe_free_entry(struct safe_softc *sc, struct safe_ringentry *re) 2026{ 2027 struct cryptop *crp; 2028 2029 /* 2030 * Free header MCR 2031 */ 2032 if ((re->re_dst_m != NULL) && (re->re_src_m != re->re_dst_m)) 2033 m_freem(re->re_dst_m); 2034 2035 crp = (struct cryptop *)re->re_crp; 2036 2037 re->re_desc.d_csr = 0; 2038 2039 crp->crp_etype = EFAULT; 2040 crypto_done(crp); 2041 return(0); 2042} 2043 2044/* 2045 * Routine to reset the chip and clean up. 2046 * It is assumed that the caller is in splimp() 2047 */ 2048static void 2049safe_totalreset(struct safe_softc *sc) 2050{ 2051 safe_reset_board(sc); 2052 safe_init_board(sc); 2053 safe_cleanchip(sc); 2054} 2055 2056/* 2057 * Is the operand suitable aligned for direct DMA. Each 2058 * segment must be aligned on a 32-bit boundary and all 2059 * but the last segment must be a multiple of 4 bytes. 2060 */ 2061static int 2062safe_dmamap_aligned(const struct safe_operand *op) 2063{ 2064 int i; 2065 2066 for (i = 0; i < op->nsegs; i++) { 2067 if (op->segs[i].ds_addr & 3) 2068 return (0); 2069 if (i != (op->nsegs - 1) && (op->segs[i].ds_len & 3)) 2070 return (0); 2071 } 2072 return (1); 2073} 2074 2075/* 2076 * Is the operand suitable for direct DMA as the destination 2077 * of an operation. The hardware requires that each ``particle'' 2078 * but the last in an operation result have the same size. We 2079 * fix that size at SAFE_MAX_DSIZE bytes. This routine returns 2080 * 0 if some segment is not a multiple of of this size, 1 if all 2081 * segments are exactly this size, or 2 if segments are at worst 2082 * a multple of this size. 2083 */ 2084static int 2085safe_dmamap_uniform(const struct safe_operand *op) 2086{ 2087 int result = 1; 2088 2089 if (op->nsegs > 0) { 2090 int i; 2091 2092 for (i = 0; i < op->nsegs-1; i++) { 2093 if (op->segs[i].ds_len % SAFE_MAX_DSIZE) 2094 return (0); 2095 if (op->segs[i].ds_len != SAFE_MAX_DSIZE) 2096 result = 2; 2097 } 2098 } 2099 return (result); 2100} 2101 2102#ifdef SAFE_DEBUG 2103static void 2104safe_dump_dmastatus(struct safe_softc *sc, const char *tag) 2105{ 2106 printf("%s: ENDIAN 0x%x SRC 0x%x DST 0x%x STAT 0x%x\n" 2107 , tag 2108 , READ_REG(sc, SAFE_DMA_ENDIAN) 2109 , READ_REG(sc, SAFE_DMA_SRCADDR) 2110 , READ_REG(sc, SAFE_DMA_DSTADDR) 2111 , READ_REG(sc, SAFE_DMA_STAT) 2112 ); 2113} 2114 2115static void 2116safe_dump_intrstate(struct safe_softc *sc, const char *tag) 2117{ 2118 printf("%s: HI_CFG 0x%x HI_MASK 0x%x HI_DESC_CNT 0x%x HU_STAT 0x%x HM_STAT 0x%x\n" 2119 , tag 2120 , READ_REG(sc, SAFE_HI_CFG) 2121 , READ_REG(sc, SAFE_HI_MASK) 2122 , READ_REG(sc, SAFE_HI_DESC_CNT) 2123 , READ_REG(sc, SAFE_HU_STAT) 2124 , READ_REG(sc, SAFE_HM_STAT) 2125 ); 2126} 2127 2128static void 2129safe_dump_ringstate(struct safe_softc *sc, const char *tag) 2130{ 2131 u_int32_t estat = READ_REG(sc, SAFE_PE_ERNGSTAT); 2132 2133 /* NB: assume caller has lock on ring */ 2134 printf("%s: ERNGSTAT %x (next %u) back %lu front %lu\n", 2135 tag, 2136 estat, (estat >> SAFE_PE_ERNGSTAT_NEXT_S), 2137 (unsigned long)(sc->sc_back - sc->sc_ring), 2138 (unsigned long)(sc->sc_front - sc->sc_ring)); 2139} 2140 2141static void 2142safe_dump_request(struct safe_softc *sc, const char* tag, struct safe_ringentry *re) 2143{ 2144 int ix, nsegs; 2145 2146 ix = re - sc->sc_ring; 2147 printf("%s: %p (%u): csr %x src %x dst %x sa %x len %x\n" 2148 , tag 2149 , re, ix 2150 , re->re_desc.d_csr 2151 , re->re_desc.d_src 2152 , re->re_desc.d_dst 2153 , re->re_desc.d_sa 2154 , re->re_desc.d_len 2155 ); 2156 if (re->re_src.nsegs > 1) { 2157 ix = (re->re_desc.d_src - sc->sc_spalloc.dma_paddr) / 2158 sizeof(struct safe_pdesc); 2159 for (nsegs = re->re_src.nsegs; nsegs; nsegs--) { 2160 printf(" spd[%u] %p: %p size %u flags %x" 2161 , ix, &sc->sc_spring[ix] 2162 , (caddr_t)(uintptr_t) sc->sc_spring[ix].pd_addr 2163 , sc->sc_spring[ix].pd_size 2164 , sc->sc_spring[ix].pd_flags 2165 ); 2166 if (sc->sc_spring[ix].pd_size == 0) 2167 printf(" (zero!)"); 2168 printf("\n"); 2169 if (++ix == SAFE_TOTAL_SPART) 2170 ix = 0; 2171 } 2172 } 2173 if (re->re_dst.nsegs > 1) { 2174 ix = (re->re_desc.d_dst - sc->sc_dpalloc.dma_paddr) / 2175 sizeof(struct safe_pdesc); 2176 for (nsegs = re->re_dst.nsegs; nsegs; nsegs--) { 2177 printf(" dpd[%u] %p: %p flags %x\n" 2178 , ix, &sc->sc_dpring[ix] 2179 , (caddr_t)(uintptr_t) sc->sc_dpring[ix].pd_addr 2180 , sc->sc_dpring[ix].pd_flags 2181 ); 2182 if (++ix == SAFE_TOTAL_DPART) 2183 ix = 0; 2184 } 2185 } 2186 printf("sa: cmd0 %08x cmd1 %08x staterec %x\n", 2187 re->re_sa.sa_cmd0, re->re_sa.sa_cmd1, re->re_sa.sa_staterec); 2188 printf("sa: key %x %x %x %x %x %x %x %x\n" 2189 , re->re_sa.sa_key[0] 2190 , re->re_sa.sa_key[1] 2191 , re->re_sa.sa_key[2] 2192 , re->re_sa.sa_key[3] 2193 , re->re_sa.sa_key[4] 2194 , re->re_sa.sa_key[5] 2195 , re->re_sa.sa_key[6] 2196 , re->re_sa.sa_key[7] 2197 ); 2198 printf("sa: indigest %x %x %x %x %x\n" 2199 , re->re_sa.sa_indigest[0] 2200 , re->re_sa.sa_indigest[1] 2201 , re->re_sa.sa_indigest[2] 2202 , re->re_sa.sa_indigest[3] 2203 , re->re_sa.sa_indigest[4] 2204 ); 2205 printf("sa: outdigest %x %x %x %x %x\n" 2206 , re->re_sa.sa_outdigest[0] 2207 , re->re_sa.sa_outdigest[1] 2208 , re->re_sa.sa_outdigest[2] 2209 , re->re_sa.sa_outdigest[3] 2210 , re->re_sa.sa_outdigest[4] 2211 ); 2212 printf("sr: iv %x %x %x %x\n" 2213 , re->re_sastate.sa_saved_iv[0] 2214 , re->re_sastate.sa_saved_iv[1] 2215 , re->re_sastate.sa_saved_iv[2] 2216 , re->re_sastate.sa_saved_iv[3] 2217 ); 2218 printf("sr: hashbc %u indigest %x %x %x %x %x\n" 2219 , re->re_sastate.sa_saved_hashbc 2220 , re->re_sastate.sa_saved_indigest[0] 2221 , re->re_sastate.sa_saved_indigest[1] 2222 , re->re_sastate.sa_saved_indigest[2] 2223 , re->re_sastate.sa_saved_indigest[3] 2224 , re->re_sastate.sa_saved_indigest[4] 2225 ); 2226} 2227 2228static void 2229safe_dump_ring(struct safe_softc *sc, const char *tag) 2230{ 2231 mtx_lock(&sc->sc_ringmtx); 2232 printf("\nSafeNet Ring State:\n"); 2233 safe_dump_intrstate(sc, tag); 2234 safe_dump_dmastatus(sc, tag); 2235 safe_dump_ringstate(sc, tag); 2236 if (sc->sc_nqchip) { 2237 struct safe_ringentry *re = sc->sc_back; 2238 do { 2239 safe_dump_request(sc, tag, re); 2240 if (++re == sc->sc_ringtop) 2241 re = sc->sc_ring; 2242 } while (re != sc->sc_front); 2243 } 2244 mtx_unlock(&sc->sc_ringmtx); 2245} 2246 2247static int 2248sysctl_hw_safe_dump(SYSCTL_HANDLER_ARGS) 2249{ 2250 char dmode[64]; 2251 int error; 2252 2253 strncpy(dmode, "", sizeof(dmode) - 1); 2254 dmode[sizeof(dmode) - 1] = '\0'; 2255 error = sysctl_handle_string(oidp, &dmode[0], sizeof(dmode), req); 2256 2257 if (error == 0 && req->newptr != NULL) { 2258 struct safe_softc *sc = safec; 2259 2260 if (!sc) 2261 return EINVAL; 2262 if (strncmp(dmode, "dma", 3) == 0) 2263 safe_dump_dmastatus(sc, "safe0"); 2264 else if (strncmp(dmode, "int", 3) == 0) 2265 safe_dump_intrstate(sc, "safe0"); 2266 else if (strncmp(dmode, "ring", 4) == 0) 2267 safe_dump_ring(sc, "safe0"); 2268 else 2269 return EINVAL; 2270 } 2271 return error; 2272} 2273SYSCTL_PROC(_hw_safe, OID_AUTO, dump, CTLTYPE_STRING | CTLFLAG_RW, 2274 0, 0, sysctl_hw_safe_dump, "A", "Dump driver state"); 2275#endif /* SAFE_DEBUG */ 2276