1104477Ssam/* $FreeBSD$ */ 2104477Ssam/* $OpenBSD: hifn7751var.h,v 1.42 2002/04/08 17:49:42 jason Exp $ */ 3104477Ssam 4139749Simp/*- 5104477Ssam * Invertex AEON / Hifn 7751 driver 6104477Ssam * Copyright (c) 1999 Invertex Inc. All rights reserved. 7104477Ssam * Copyright (c) 1999 Theo de Raadt 8104477Ssam * Copyright (c) 2000-2001 Network Security Technologies, Inc. 9104477Ssam * http://www.netsec.net 10104477Ssam * 11104477Ssam * Please send any comments, feedback, bug-fixes, or feature requests to 12104477Ssam * software@invertex.com. 13104477Ssam * 14104477Ssam * Redistribution and use in source and binary forms, with or without 15104477Ssam * modification, are permitted provided that the following conditions 16104477Ssam * are met: 17104477Ssam * 18104477Ssam * 1. Redistributions of source code must retain the above copyright 19104477Ssam * notice, this list of conditions and the following disclaimer. 20104477Ssam * 2. Redistributions in binary form must reproduce the above copyright 21104477Ssam * notice, this list of conditions and the following disclaimer in the 22104477Ssam * documentation and/or other materials provided with the distribution. 23104477Ssam * 3. The name of the author may not be used to endorse or promote products 24104477Ssam * derived from this software without specific prior written permission. 25104477Ssam * 26104477Ssam * 27104477Ssam * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 28104477Ssam * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 29104477Ssam * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 30104477Ssam * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 31104477Ssam * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 32104477Ssam * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 33104477Ssam * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 34104477Ssam * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 35104477Ssam * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 36104477Ssam * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 37104477Ssam * 38104477Ssam * Effort sponsored in part by the Defense Advanced Research Projects 39104477Ssam * Agency (DARPA) and Air Force Research Laboratory, Air Force 40104477Ssam * Materiel Command, USAF, under agreement number F30602-01-2-0537. 41104477Ssam * 42104477Ssam */ 43104477Ssam 44104477Ssam#ifndef __HIFN7751VAR_H__ 45104477Ssam#define __HIFN7751VAR_H__ 46104477Ssam 47104477Ssam#ifdef _KERNEL 48104477Ssam 49104477Ssam/* 50104477Ssam * Some configurable values for the driver. By default command+result 51104477Ssam * descriptor rings are the same size. The src+dst descriptor rings 52104477Ssam * are sized at 3.5x the number of potential commands. Slower parts 53104477Ssam * (e.g. 7951) tend to run out of src descriptors; faster parts (7811) 54104477Ssam * src+cmd/result descriptors. It's not clear that increasing the size 55104477Ssam * of the descriptor rings helps performance significantly as other 56104477Ssam * factors tend to come into play (e.g. copying misaligned packets). 57104477Ssam */ 58104477Ssam#define HIFN_D_CMD_RSIZE 24 /* command descriptors */ 59104477Ssam#define HIFN_D_SRC_RSIZE ((HIFN_D_CMD_RSIZE * 7) / 2) /* source descriptors */ 60104477Ssam#define HIFN_D_RES_RSIZE HIFN_D_CMD_RSIZE /* result descriptors */ 61104477Ssam#define HIFN_D_DST_RSIZE HIFN_D_SRC_RSIZE /* destination descriptors */ 62104477Ssam 63104477Ssam/* 64104477Ssam * Length values for cryptography 65104477Ssam */ 66104477Ssam#define HIFN_DES_KEY_LENGTH 8 67104477Ssam#define HIFN_3DES_KEY_LENGTH 24 68104477Ssam#define HIFN_MAX_CRYPT_KEY_LENGTH HIFN_3DES_KEY_LENGTH 69104477Ssam#define HIFN_IV_LENGTH 8 70120915Ssam#define HIFN_AES_IV_LENGTH 16 71120915Ssam#define HIFN_MAX_IV_LENGTH HIFN_AES_IV_LENGTH 72104477Ssam 73104477Ssam/* 74104477Ssam * Length values for authentication 75104477Ssam */ 76104477Ssam#define HIFN_MAC_KEY_LENGTH 64 77104477Ssam#define HIFN_MD5_LENGTH 16 78104477Ssam#define HIFN_SHA1_LENGTH 20 79104477Ssam#define HIFN_MAC_TRUNC_LENGTH 12 80104477Ssam 81104477Ssam#define MAX_SCATTER 64 82104477Ssam 83104477Ssam/* 84213091Sgonzo * Data structure to hold all 4 rings and any other ring related data 85213091Sgonzo * that should reside in DMA. 86104477Ssam */ 87104477Ssamstruct hifn_dma { 88104477Ssam /* 89104477Ssam * Descriptor rings. We add +1 to the size to accomidate the 90104477Ssam * jump descriptor. 91104477Ssam */ 92104477Ssam struct hifn_desc cmdr[HIFN_D_CMD_RSIZE+1]; 93104477Ssam struct hifn_desc srcr[HIFN_D_SRC_RSIZE+1]; 94104477Ssam struct hifn_desc dstr[HIFN_D_DST_RSIZE+1]; 95104477Ssam struct hifn_desc resr[HIFN_D_RES_RSIZE+1]; 96104477Ssam 97104477Ssam 98104477Ssam u_char command_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_COMMAND]; 99104477Ssam u_char result_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_RESULT]; 100104477Ssam u_int32_t slop[HIFN_D_CMD_RSIZE]; 101104477Ssam u_int64_t test_src, test_dst; 102213091Sgonzo} ; 103104477Ssam 104104477Ssam 105104477Ssamstruct hifn_session { 106136526Ssam int hs_used; 107158705Spjd int hs_mlen; 108120915Ssam u_int8_t hs_iv[HIFN_MAX_IV_LENGTH]; 109104477Ssam}; 110104477Ssam 111104477Ssam#define HIFN_RING_SYNC(sc, r, i, f) \ 112104477Ssam bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f)) 113104477Ssam 114104477Ssam#define HIFN_CMDR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), cmdr, (i), (f)) 115104477Ssam#define HIFN_RESR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), resr, (i), (f)) 116104477Ssam#define HIFN_SRCR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), srcr, (i), (f)) 117104477Ssam#define HIFN_DSTR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), dstr, (i), (f)) 118104477Ssam 119104477Ssam#define HIFN_CMD_SYNC(sc, i, f) \ 120104477Ssam bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f)) 121104477Ssam 122104477Ssam#define HIFN_RES_SYNC(sc, i, f) \ 123104477Ssam bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f)) 124104477Ssam 125104477Ssam/* 126104477Ssam * Holds data specific to a single HIFN board. 127104477Ssam */ 128104477Ssamstruct hifn_softc { 129104477Ssam device_t sc_dev; /* device backpointer */ 130104477Ssam struct mtx sc_mtx; /* per-instance lock */ 131104477Ssam bus_dma_tag_t sc_dmat; /* parent DMA tag decriptor */ 132104477Ssam struct resource *sc_bar0res; 133104477Ssam bus_space_handle_t sc_sh0; /* bar0 bus space handle */ 134104477Ssam bus_space_tag_t sc_st0; /* bar0 bus space tag */ 135104477Ssam bus_size_t sc_bar0_lastreg;/* bar0 last reg written */ 136104477Ssam struct resource *sc_bar1res; 137104477Ssam bus_space_handle_t sc_sh1; /* bar1 bus space handle */ 138104477Ssam bus_space_tag_t sc_st1; /* bar1 bus space tag */ 139104477Ssam bus_size_t sc_bar1_lastreg;/* bar1 last reg written */ 140104477Ssam struct resource *sc_irq; 141104477Ssam void *sc_intrhand; /* interrupt handle */ 142104477Ssam 143104477Ssam u_int32_t sc_dmaier; 144104477Ssam u_int32_t sc_drammodel; /* 1=dram, 0=sram */ 145140480Ssam u_int32_t sc_pllconfig; /* 7954/7955/7956 PLL config */ 146104477Ssam 147104477Ssam struct hifn_dma *sc_dma; 148104477Ssam bus_dmamap_t sc_dmamap; 149104477Ssam bus_dma_segment_t sc_dmasegs[1]; 150104477Ssam bus_addr_t sc_dma_physaddr;/* physical address of sc_dma */ 151104477Ssam int sc_dmansegs; 152213091Sgonzo struct hifn_command *sc_hifn_commands[HIFN_D_RES_RSIZE]; 153213091Sgonzo /* 154213091Sgonzo * Our current positions for insertion and removal from the desriptor 155213091Sgonzo * rings. 156213091Sgonzo */ 157213091Sgonzo int sc_cmdi, sc_srci, sc_dsti, sc_resi; 158213091Sgonzo volatile int sc_cmdu, sc_srcu, sc_dstu, sc_resu; 159213091Sgonzo int sc_cmdk, sc_srck, sc_dstk, sc_resk; 160213091Sgonzo 161104477Ssam int32_t sc_cid; 162104477Ssam int sc_maxses; 163136526Ssam int sc_nsessions; 164136526Ssam struct hifn_session *sc_sessions; 165104477Ssam int sc_ramsize; 166104477Ssam int sc_flags; 167104477Ssam#define HIFN_HAS_RNG 0x1 /* includes random number generator */ 168104477Ssam#define HIFN_HAS_PUBLIC 0x2 /* includes public key support */ 169120915Ssam#define HIFN_HAS_AES 0x4 /* includes AES support */ 170120915Ssam#define HIFN_IS_7811 0x8 /* Hifn 7811 part */ 171120915Ssam#define HIFN_IS_7956 0x10 /* Hifn 7956/7955 don't have SDRAM */ 172104477Ssam struct callout sc_rngto; /* for polling RNG */ 173104477Ssam struct callout sc_tickto; /* for managing DMA */ 174104477Ssam int sc_rngfirst; 175104477Ssam int sc_rnghz; /* RNG polling frequency */ 176112124Ssam struct rndtest_state *sc_rndtest; /* RNG test state */ 177112124Ssam void (*sc_harvest)(struct rndtest_state *, 178112124Ssam void *, u_int); 179104477Ssam int sc_c_busy; /* command ring busy */ 180104477Ssam int sc_s_busy; /* source data ring busy */ 181104477Ssam int sc_d_busy; /* destination data ring busy */ 182104477Ssam int sc_r_busy; /* result ring busy */ 183104477Ssam int sc_active; /* for initial countdown */ 184104477Ssam int sc_needwakeup; /* ops q'd wating on resources */ 185104477Ssam int sc_curbatch; /* # ops submitted w/o int */ 186104477Ssam int sc_suspended; 187167755Ssam#ifdef HIFN_VULCANDEV 188167755Ssam struct cdev *sc_pkdev; 189167755Ssam#endif 190104477Ssam}; 191104477Ssam 192104477Ssam#define HIFN_LOCK(_sc) mtx_lock(&(_sc)->sc_mtx) 193104477Ssam#define HIFN_UNLOCK(_sc) mtx_unlock(&(_sc)->sc_mtx) 194104477Ssam 195104477Ssam/* 196104477Ssam * hifn_command_t 197104477Ssam * 198104477Ssam * This is the control structure used to pass commands to hifn_encrypt(). 199104477Ssam * 200104477Ssam * flags 201104477Ssam * ----- 202104477Ssam * Flags is the bitwise "or" values for command configuration. A single 203104477Ssam * encrypt direction needs to be set: 204104477Ssam * 205104477Ssam * HIFN_ENCODE or HIFN_DECODE 206104477Ssam * 207104477Ssam * To use cryptography, a single crypto algorithm must be included: 208104477Ssam * 209104477Ssam * HIFN_CRYPT_3DES or HIFN_CRYPT_DES 210104477Ssam * 211104477Ssam * To use authentication is used, a single MAC algorithm must be included: 212104477Ssam * 213104477Ssam * HIFN_MAC_MD5 or HIFN_MAC_SHA1 214104477Ssam * 215104477Ssam * By default MD5 uses a 16 byte hash and SHA-1 uses a 20 byte hash. 216104477Ssam * If the value below is set, hash values are truncated or assumed 217104477Ssam * truncated to 12 bytes: 218104477Ssam * 219104477Ssam * HIFN_MAC_TRUNC 220104477Ssam * 221104477Ssam * Keys for encryption and authentication can be sent as part of a command, 222104477Ssam * or the last key value used with a particular session can be retrieved 223104477Ssam * and used again if either of these flags are not specified. 224104477Ssam * 225104477Ssam * HIFN_CRYPT_NEW_KEY, HIFN_MAC_NEW_KEY 226104477Ssam * 227104477Ssam * session_num 228104477Ssam * ----------- 229104477Ssam * A number between 0 and 2048 (for DRAM models) or a number between 230104477Ssam * 0 and 768 (for SRAM models). Those who don't want to use session 231104477Ssam * numbers should leave value at zero and send a new crypt key and/or 232104477Ssam * new MAC key on every command. If you use session numbers and 233104477Ssam * don't send a key with a command, the last key sent for that same 234104477Ssam * session number will be used. 235104477Ssam * 236104477Ssam * Warning: Using session numbers and multiboard at the same time 237104477Ssam * is currently broken. 238104477Ssam * 239104477Ssam * mbuf 240104477Ssam * ---- 241104477Ssam * Either fill in the mbuf pointer and npa=0 or 242104477Ssam * fill packp[] and packl[] and set npa to > 0 243104477Ssam * 244104477Ssam * mac_header_skip 245104477Ssam * --------------- 246104477Ssam * The number of bytes of the source_buf that are skipped over before 247104477Ssam * authentication begins. This must be a number between 0 and 2^16-1 248104477Ssam * and can be used by IPsec implementers to skip over IP headers. 249104477Ssam * *** Value ignored if authentication not used *** 250104477Ssam * 251104477Ssam * crypt_header_skip 252104477Ssam * ----------------- 253104477Ssam * The number of bytes of the source_buf that are skipped over before 254104477Ssam * the cryptographic operation begins. This must be a number between 0 255104477Ssam * and 2^16-1. For IPsec, this number will always be 8 bytes larger 256104477Ssam * than the auth_header_skip (to skip over the ESP header). 257104477Ssam * *** Value ignored if cryptography not used *** 258104477Ssam * 259104477Ssam */ 260104477Ssamstruct hifn_operand { 261104477Ssam union { 262104477Ssam struct mbuf *m; 263104477Ssam struct uio *io; 264104477Ssam } u; 265104477Ssam bus_dmamap_t map; 266104477Ssam bus_size_t mapsize; 267104477Ssam int nsegs; 268104477Ssam bus_dma_segment_t segs[MAX_SCATTER]; 269104477Ssam}; 270104477Ssamstruct hifn_command { 271104477Ssam u_int16_t session_num; 272104477Ssam u_int16_t base_masks, cry_masks, mac_masks; 273120915Ssam u_int8_t iv[HIFN_MAX_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH]; 274104477Ssam int cklen; 275104477Ssam int sloplen, slopidx; 276104477Ssam 277104477Ssam struct hifn_operand src; 278104477Ssam struct hifn_operand dst; 279104477Ssam 280104477Ssam struct hifn_softc *softc; 281104477Ssam struct cryptop *crp; 282104477Ssam struct cryptodesc *enccrd, *maccrd; 283104477Ssam}; 284104477Ssam 285104477Ssam#define src_m src.u.m 286104477Ssam#define src_io src.u.io 287104477Ssam#define src_map src.map 288104477Ssam#define src_mapsize src.mapsize 289104477Ssam#define src_segs src.segs 290104477Ssam#define src_nsegs src.nsegs 291104477Ssam 292104477Ssam#define dst_m dst.u.m 293104477Ssam#define dst_io dst.u.io 294104477Ssam#define dst_map dst.map 295104477Ssam#define dst_mapsize dst.mapsize 296104477Ssam#define dst_segs dst.segs 297104477Ssam#define dst_nsegs dst.nsegs 298104477Ssam 299104477Ssam/* 300104477Ssam * Return values for hifn_crypto() 301104477Ssam */ 302104477Ssam#define HIFN_CRYPTO_SUCCESS 0 303104477Ssam#define HIFN_CRYPTO_BAD_INPUT (-1) 304104477Ssam#define HIFN_CRYPTO_RINGS_FULL (-2) 305104477Ssam 306104477Ssam/************************************************************************** 307104477Ssam * 308104477Ssam * Function: hifn_crypto 309104477Ssam * 310104477Ssam * Purpose: Called by external drivers to begin an encryption on the 311104477Ssam * HIFN board. 312104477Ssam * 313104477Ssam * Blocking/Non-blocking Issues 314104477Ssam * ============================ 315104477Ssam * The driver cannot block in hifn_crypto (no calls to tsleep) currently. 316104477Ssam * hifn_crypto() returns HIFN_CRYPTO_RINGS_FULL if there is not enough 317104477Ssam * room in any of the rings for the request to proceed. 318104477Ssam * 319104477Ssam * Return Values 320104477Ssam * ============= 321104477Ssam * 0 for success, negative values on error 322104477Ssam * 323104477Ssam * Defines for negative error codes are: 324104477Ssam * 325104477Ssam * HIFN_CRYPTO_BAD_INPUT : The passed in command had invalid settings. 326104477Ssam * HIFN_CRYPTO_RINGS_FULL : All DMA rings were full and non-blocking 327104477Ssam * behaviour was requested. 328104477Ssam * 329104477Ssam *************************************************************************/ 330104477Ssam 331104477Ssam/* 332104477Ssam * Convert back and forth from 'sid' to 'card' and 'session' 333104477Ssam */ 334104477Ssam#define HIFN_CARD(sid) (((sid) & 0xf0000000) >> 28) 335104477Ssam#define HIFN_SESSION(sid) ((sid) & 0x000007ff) 336104477Ssam#define HIFN_SID(crd,ses) (((crd) << 28) | ((ses) & 0x7ff)) 337104477Ssam 338104477Ssam#endif /* _KERNEL */ 339104477Ssam 340104477Ssamstruct hifn_stats { 341104477Ssam u_int64_t hst_ibytes; 342104477Ssam u_int64_t hst_obytes; 343104477Ssam u_int32_t hst_ipackets; 344104477Ssam u_int32_t hst_opackets; 345104477Ssam u_int32_t hst_invalid; 346104477Ssam u_int32_t hst_nomem; /* malloc or one of hst_nomem_* */ 347104477Ssam u_int32_t hst_abort; 348104477Ssam u_int32_t hst_noirq; /* IRQ for no reason */ 349104477Ssam u_int32_t hst_totbatch; /* ops submitted w/o interrupt */ 350104477Ssam u_int32_t hst_maxbatch; /* max ops submitted together */ 351104477Ssam u_int32_t hst_unaligned; /* unaligned src caused copy */ 352104477Ssam /* 353104477Ssam * The following divides hst_nomem into more specific buckets. 354104477Ssam */ 355104477Ssam u_int32_t hst_nomem_map; /* bus_dmamap_create failed */ 356104477Ssam u_int32_t hst_nomem_load; /* bus_dmamap_load_* failed */ 357104477Ssam u_int32_t hst_nomem_mbuf; /* MGET* failed */ 358104477Ssam u_int32_t hst_nomem_mcl; /* MCLGET* failed */ 359104477Ssam u_int32_t hst_nomem_cr; /* out of command/result descriptor */ 360104477Ssam u_int32_t hst_nomem_sd; /* out of src/dst descriptors */ 361104477Ssam}; 362104477Ssam 363104477Ssam#endif /* __HIFN7751VAR_H__ */ 364