1/* $NetBSD: hifn7751var.h,v 1.12 2015/04/14 20:32:36 riastradh Exp $ */
2/* $OpenBSD: hifn7751var.h,v 1.18 2000/06/02 22:36:45 deraadt Exp $ */
3
4/*
5 * Invertex AEON / Hifn 7751 driver
6 * Copyright (c) 1999 Invertex Inc. All rights reserved.
7 * Copyright (c) 1999 Theo de Raadt
8 * Copyright (c) 2000-2001 Network Security Technologies, Inc.
9 * http://www.netsec.net
10 *
11 * Please send any comments, feedback, bug-fixes, or feature requests to
12 * software@invertex.com.
13 *
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
16 * are met:
17 *
18 * 1. Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in the
22 * documentation and/or other materials provided with the distribution.
23 * 3. The name of the author may not be used to endorse or promote products
24 * derived from this software without specific prior written permission.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
27 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
28 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
29 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
30 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
31 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
32 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
33 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 *
37 * Effort sponsored in part by the Defense Advanced Research Projects
38 * Agency (DARPA) and Air Force Research Laboratory, Air Force
39 * Materiel Command, USAF, under agreement number F30602-01-2-0537.
40 *
41 */
42
43#ifndef __DEV_PCI_HIFN7751VAR_H__
44#define __DEV_PCI_HIFN7751VAR_H__
45
46#ifdef _KERNEL
47
48#include <sys/rndsource.h>
49
50/*
51 * Some configurable values for the driver
52 */
53#define HIFN_D_CMD_RSIZE 24 /* command descriptors */
54#define HIFN_D_SRC_RSIZE 80 /* source descriptors */
55#define HIFN_D_DST_RSIZE 80 /* destination descriptors */
56#define HIFN_D_RES_RSIZE 24 /* result descriptors */
57
58/*
59 * Length values for cryptography
60 */
61#define HIFN_DES_KEY_LENGTH 8
62#define HIFN_3DES_KEY_LENGTH 24
63#define HIFN_MAX_CRYPT_KEY_LENGTH HIFN_3DES_KEY_LENGTH
64#define HIFN_IV_LENGTH 8
65#define HIFN_AES_IV_LENGTH 16
66#define HIFN_MAX_IV_LENGTH HIFN_AES_IV_LENGTH
67
68/*
69 * Length values for authentication
70 */
71#define HIFN_MAC_KEY_LENGTH 64
72#define HIFN_MD5_LENGTH 16
73#define HIFN_SHA1_LENGTH 20
74#define HIFN_MAC_TRUNC_LENGTH 12
75
76#define MAX_SCATTER 64
77
78/*
79 * Data structure to hold all 4 rings and any other ring related data.
80 */
81struct hifn_dma {
82 /*
83 * Descriptor rings. We add +1 to the size to accommodate the
84 * jump descriptor.
85 */
86 struct hifn_desc cmdr[HIFN_D_CMD_RSIZE+1];
87 struct hifn_desc srcr[HIFN_D_SRC_RSIZE+1];
88 struct hifn_desc dstr[HIFN_D_DST_RSIZE+1];
89 struct hifn_desc resr[HIFN_D_RES_RSIZE+1];
90
91 struct hifn_command *hifn_commands[HIFN_D_RES_RSIZE];
92
93 u_char command_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_COMMAND];
94 u_char result_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_RESULT];
95 u_int32_t slop[HIFN_D_CMD_RSIZE];
96
97 u_int64_t test_src, test_dst;
98
99 /*
100 * Our current positions for insertion and removal from the descriptor
101 * rings.
102 */
103 int cmdi, srci, dsti, resi;
104 volatile int cmdu, srcu, dstu, resu;
105 int cmdk, srck, dstk, resk;
106};
107
108struct hifn_session {
109 int hs_state;
110 int hs_prev_op; /* XXX collapse into hs_flags? */
111 u_int8_t hs_iv[HIFN_MAX_IV_LENGTH];
112};
113
114/* We use a state machine on sessions */
115#define HS_STATE_FREE 0 /* unused session entry */
116#define HS_STATE_USED 1 /* allocated, but key not on card */
117#define HS_STATE_KEY 2 /* allocated and key is on card */
118
119#define HIFN_RING_SYNC(sc, r, i, f) \
120 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, \
121 offsetof(struct hifn_dma, r[i]), sizeof(struct hifn_desc), (f))
122
123#define HIFN_CMDR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), cmdr, (i), (f))
124#define HIFN_RESR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), resr, (i), (f))
125#define HIFN_SRCR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), srcr, (i), (f))
126#define HIFN_DSTR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), dstr, (i), (f))
127
128#define HIFN_CMD_SYNC(sc, i, f) \
129 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, \
130 offsetof(struct hifn_dma, command_bufs[(i)][0]), \
131 HIFN_MAX_COMMAND, (f))
132
133#define HIFN_RES_SYNC(sc, i, f) \
134 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, \
135 offsetof(struct hifn_dma, result_bufs[(i)][0]), \
136 HIFN_MAX_RESULT, (f))
137
138/*
139 * Holds data specific to a single HIFN board.
140 */
141struct hifn_softc {
142 device_t sc_dv; /* generic device */
143 void * sc_ih; /* interrupt handler cookie */
144 u_int32_t sc_dmaier;
145 u_int32_t sc_drammodel; /* 1=dram, 0=sram */
146
147 bus_space_handle_t sc_sh0, sc_sh1;
148 bus_space_tag_t sc_st0, sc_st1;
149#ifdef __NetBSD__
150 bus_size_t sc_iosz0, sc_iosz1;
151#endif
152 bus_dma_tag_t sc_dmat;
153
154 struct hifn_dma *sc_dma;
155 bus_dmamap_t sc_dmamap;
156 bus_dma_segment_t sc_dmasegs[1];
157 int sc_dmansegs;
158 int32_t sc_cid;
159 int sc_maxses;
160 int sc_ramsize;
161 int sc_flags;
162#define HIFN_HAS_RNG 0x01
163#define HIFN_HAS_PUBLIC 0x02
164#define HIFN_HAS_AES 0x04 /* includes AES support */
165#define HIFN_IS_7811 0x08 /* Hifn 7811 part */
166#define HIFN_IS_7956 0x10 /* Hifn 7956/7955 don't have SDRAM */
167#define HIFN_NO_BURSTWRITE 0x20
168#define HIFN_HAS_LEDS 0x40
169
170#define HIFN_RNG_BITSPER 17 /* From Hifn 6500 paper: 0.06 bits
171 of entropy per RNG register bit
172 worst-case */
173
174 struct callout sc_rngto; /* rng timeout */
175 struct callout sc_tickto; /* led-clear timeout */
176 krndsource_t sc_rnd_source;
177 int sc_rnghz;
178 int sc_rng_need; /* how many bytes wanted */
179 int sc_c_busy; /* command ring busy */
180 int sc_s_busy; /* source data ring busy */
181 int sc_d_busy; /* destination data ring busy */
182 int sc_r_busy; /* result ring busy */
183 int sc_active; /* for initial countdown */
184 int sc_needwakeup; /* ops q'd wating on resources */
185 int sc_curbatch; /* # ops submitted w/o int */
186 int sc_suspended;
187 struct hifn_session sc_sessions[2048];
188 pci_chipset_tag_t sc_pci_pc;
189 pcitag_t sc_pci_tag;
190 bus_size_t sc_waw_lastreg;
191 int sc_waw_lastgroup;
192 kmutex_t sc_mtx;
193};
194
195#define WRITE_REG_0(sc,reg,val) hifn_write_4((sc), 0, (reg), (val))
196#define WRITE_REG_1(sc,reg,val) hifn_write_4((sc), 1, (reg), (val))
197#define READ_REG_0(sc,reg) hifn_read_4((sc), 0, (reg))
198#define READ_REG_1(sc,reg) hifn_read_4((sc), 1, (reg))
199
200#define SET_LED(sc,v) \
201 if (sc->sc_flags & HIFN_HAS_LEDS) \
202 WRITE_REG_1(sc, HIFN_1_7811_MIPSRST, \
203 READ_REG_1(sc, HIFN_1_7811_MIPSRST) | (v))
204#define CLR_LED(sc,v) \
205 if (sc->sc_flags & HIFN_HAS_LEDS) \
206 WRITE_REG_1(sc, HIFN_1_7811_MIPSRST, \
207 READ_REG_1(sc, HIFN_1_7811_MIPSRST) & ~(v))
208
209/*
210 * struct hifn_command
211 *
212 * This is the control structure used to pass commands to hifn_encrypt().
213 *
214 * flags
215 * -----
216 * Flags is the bitwise "or" values for command configuration. A single
217 * encrypt direction needs to be set:
218 *
219 * HIFN_ENCODE or HIFN_DECODE
220 *
221 * To use cryptography, a single crypto algorithm must be included:
222 *
223 * HIFN_CRYPT_3DES or HIFN_CRYPT_DES
224 *
225 * To use authentication, a single MAC algorithm must be included:
226 *
227 * HIFN_MAC_MD5 or HIFN_MAC_SHA1
228 *
229 * By default MD5 uses a 16 byte hash and SHA-1 uses a 20 byte hash.
230 * If the value below is set, hash values are truncated or assumed
231 * truncated to 12 bytes:
232 *
233 * HIFN_MAC_TRUNC
234 *
235 * Keys for encryption and authentication can be sent as part of a command,
236 * or the last key value used with a particular session can be retrieved
237 * and used again if either of these flags are not specified.
238 *
239 * HIFN_CRYPT_NEW_KEY, HIFN_MAC_NEW_KEY
240 *
241 * session_num
242 * -----------
243 * A number between 0 and 2048 (for DRAM models) or a number between
244 * 0 and 768 (for SRAM models). Those who don't want to use session
245 * numbers should leave value at zero and send a new crypt key and/or
246 * new MAC key on every command. If you use session numbers and
247 * don't send a key with a command, the last key sent for that same
248 * session number will be used.
249 *
250 * Warning: Using session numbers and multiboard at the same time
251 * is currently broken.
252 *
253 * mbuf
254 * ----
255 * Either fill in the mbuf pointer and npa=0 or
256 * fill packp[] and packl[] and set npa to > 0
257 *
258 * mac_header_skip
259 * ---------------
260 * The number of bytes of the source_buf that are skipped over before
261 * authentication begins. This must be a number between 0 and 2^16-1
262 * and can be used by IPsec implementers to skip over IP headers.
263 * *** Value ignored if authentication not used ***
264 *
265 * crypt_header_skip
266 * -----------------
267 * The number of bytes of the source_buf that are skipped over before
268 * the cryptographic operation begins. This must be a number between 0
269 * and 2^16-1. For IPsec, this number will always be 8 bytes larger
270 * than the auth_header_skip (to skip over the ESP header).
271 * *** Value ignored if cryptography not used ***
272 *
273 */
274struct hifn_command {
275 u_int16_t session_num;
276 u_int16_t base_masks, cry_masks, mac_masks, comp_masks;
277 u_int8_t iv[HIFN_MAX_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH];
278 int cklen;
279 int sloplen, slopidx;
280
281 union {
282 struct mbuf *src_m;
283 struct uio *src_io;
284 } srcu;
285 bus_dmamap_t src_map;
286
287 union {
288 struct mbuf *dst_m;
289 struct uio *dst_io;
290 } dstu;
291 bus_dmamap_t dst_map;
292
293 u_short mac_header_skip, mac_process_len;
294 u_short crypt_header_skip, crypt_process_len;
295
296 struct hifn_softc *softc;
297 struct cryptop *crp;
298 struct cryptodesc *enccrd, *maccrd, *compcrd;
299
300};
301
302/*
303 * Return values for hifn_crypto()
304 */
305#define HIFN_CRYPTO_SUCCESS 0
306#define HIFN_CRYPTO_BAD_INPUT (-1)
307#define HIFN_CRYPTO_RINGS_FULL (-2)
308
309
310/**************************************************************************
311 *
312 * Function: hifn_crypto
313 *
314 * Purpose: Called by external drivers to begin an encryption on the
315 * HIFN board.
316 *
317 * Blocking/Non-blocking Issues
318 * ============================
319 * The driver cannot block in hifn_crypto (no calls to tsleep) currently.
320 * hifn_crypto() returns HIFN_CRYPTO_RINGS_FULL if there is not enough
321 * room in any of the rings for the request to proceed.
322 *
323 * Return Values
324 * =============
325 * 0 for success, negative values on error
326 *
327 * Defines for negative error codes are:
328 *
329 * HIFN_CRYPTO_BAD_INPUT : The passed in command had invalid settings.
330 * HIFN_CRYPTO_RINGS_FULL : All DMA rings were full and non-blocking
331 * behaviour was requested.
332 *
333 *************************************************************************/
334
335/*
336 * Convert back and forth from 'sid' to 'card' and 'session'
337 */
338#define HIFN_CARD(sid) (((sid) & 0xf0000000) >> 28)
339#define HIFN_SESSION(sid) ((sid) & 0x000007ff)
340#define HIFN_SID(crd,ses) (((crd) << 28) | ((ses) & 0x7ff))
341
342#endif /* _KERNEL */
343
344struct hifn_stats {
345 u_int64_t hst_ibytes;
346 u_int64_t hst_obytes;
347 u_int32_t hst_ipackets;
348 u_int32_t hst_opackets;
349 u_int32_t hst_invalid;
350 u_int32_t hst_nomem;
351 u_int32_t hst_abort;
352};
353
354#endif /* __DEV_PCI_HIFN7751VAR_H__ */
355