1 /* $OpenBSD: hifn7751var.h,v 1.52 2004/01/20 21:01:55 jason Exp $ */
2
3 /*
4 * Invertex AEON / Hifn 7751 driver
5 * Copyright (c) 1999 Invertex Inc. All rights reserved.
6 * Copyright (c) 1999 Theo de Raadt
7 * Copyright (c) 2000-2001 Network Security Technologies, Inc.
8 * http://www.netsec.net
9 *
10 * Please send any comments, feedback, bug-fixes, or feature requests to
11 * software@invertex.com.
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 *
17 * 1. Redistributions of source code must retain the above copyright
18 * notice, this list of conditions and the following disclaimer.
19 * 2. Redistributions in binary form must reproduce the above copyright
20 * notice, this list of conditions and the following disclaimer in the
21 * documentation and/or other materials provided with the distribution.
22 * 3. The name of the author may not be used to endorse or promote products
23 * derived from this software without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
26 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
27 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
28 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
29 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
30 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
31 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 *
36 * Effort sponsored in part by the Defense Advanced Research Projects
37 * Agency (DARPA) and Air Force Research Laboratory, Air Force
38 * Materiel Command, USAF, under agreement number F30602-01-2-0537.
39 *
40 */
41
42 #ifndef __HIFN7751VAR_H__
43 #define __HIFN7751VAR_H__
44
45 #ifdef _KERNEL
46
47 /*
48 * Some configurable values for the driver
49 */
50 #define HIFN_D_CMD_RSIZE 24 /* command descriptors */
51 #define HIFN_D_SRC_RSIZE 80 /* source descriptors */
52 #define HIFN_D_DST_RSIZE 80 /* destination descriptors */
53 #define HIFN_D_RES_RSIZE 24 /* result descriptors */
54
55 /*
56 * Length values for cryptography
57 */
58 #define HIFN_DES_KEY_LENGTH 8
59 #define HIFN_3DES_KEY_LENGTH 24
60 #define HIFN_MAX_CRYPT_KEY_LENGTH HIFN_3DES_KEY_LENGTH
61 #define HIFN_IV_LENGTH 8
62 #define HIFN_AES_IV_LENGTH 16
63 #define HIFN_MAX_IV_LENGTH HIFN_AES_IV_LENGTH
64
65 /*
66 * Length values for authentication
67 */
68 #define HIFN_MAC_KEY_LENGTH 64
69 #define HIFN_MD5_LENGTH 16
70 #define HIFN_SHA1_LENGTH 20
71 #define HIFN_MAC_TRUNC_LENGTH 12
72
73 #define MAX_SCATTER 64
74
75 /*
76 * Data structure to hold all 4 rings and any other ring related data.
77 */
78 struct hifn_dma {
79 /*
80 * Descriptor rings. We add +1 to the size to accommodate the
81 * jump descriptor.
82 */
83 struct hifn_desc cmdr[HIFN_D_CMD_RSIZE+1];
84 struct hifn_desc srcr[HIFN_D_SRC_RSIZE+1];
85 struct hifn_desc dstr[HIFN_D_DST_RSIZE+1];
86 struct hifn_desc resr[HIFN_D_RES_RSIZE+1];
87
88 struct hifn_command *hifn_commands[HIFN_D_RES_RSIZE];
89
90 u_char command_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_COMMAND];
91 u_char result_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_RESULT];
92 u_int32_t slop[HIFN_D_CMD_RSIZE];
93
94 u_int64_t test_src, test_dst;
95
96 /*
97 * Our current positions for insertion and removal from the descriptor
98 * rings.
99 */
100 int cmdi, srci, dsti, resi;
101 volatile int cmdu, srcu, dstu, resu;
102 int cmdk, srck, dstk, resk;
103 };
104
105 struct hifn_session {
106 int hs_used;
107 u_int8_t hs_iv[HIFN_MAX_IV_LENGTH];
108 };
109
110 #define HIFN_RING_SYNC(sc, r, i, f) \
111 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, \
112 offsetof(struct hifn_dma, r[i]), sizeof(struct hifn_desc), (f))
113
114 #define HIFN_CMDR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), cmdr, (i), (f))
115 #define HIFN_RESR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), resr, (i), (f))
116 #define HIFN_SRCR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), srcr, (i), (f))
117 #define HIFN_DSTR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), dstr, (i), (f))
118
119 #define HIFN_CMD_SYNC(sc, i, f) \
120 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, \
121 offsetof(struct hifn_dma, command_bufs[(i)][0]), \
122 HIFN_MAX_COMMAND, (f))
123
124 #define HIFN_RES_SYNC(sc, i, f) \
125 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, \
126 offsetof(struct hifn_dma, result_bufs[(i)][0]), \
127 HIFN_MAX_RESULT, (f))
128
129 /*
130 * Holds data specific to a single HIFN board.
131 */
132 struct hifn_softc {
133 struct device sc_dv; /* generic device */
134 void * sc_ih; /* interrupt handler cookie */
135 u_int32_t sc_dmaier;
136 u_int32_t sc_drammodel; /* 1=dram, 0=sram */
137
138 bus_space_handle_t sc_sh0, sc_sh1;
139 bus_space_tag_t sc_st0, sc_st1;
140 bus_dma_tag_t sc_dmat;
141
142 struct hifn_dma *sc_dma;
143 bus_dmamap_t sc_dmamap;
144 bus_dma_segment_t sc_dmasegs[1];
145 int sc_dmansegs;
146 int32_t sc_cid;
147 int sc_maxses;
148 int sc_nsessions;
149 int sc_ramsize;
150 int sc_flags;
151 #define HIFN_HAS_RNG 0x01 /* includes random number generator */
152 #define HIFN_HAS_PUBLIC 0x02 /* includes public key support */
153 #define HIFN_IS_7811 0x04 /* Hifn 7811 part */
154 #define HIFN_NO_BURSTWRITE 0x08 /* can't handle PCI burst writes */
155 #define HIFN_HAS_LEDS 0x10 /* Has LEDs to blink */
156 #define HIFN_HAS_AES 0x20 /* includes AES support */
157 #define HIFN_IS_7956 0x40 /* Hifn 7955/7956 part */
158 struct timeout sc_rngto, sc_tickto;
159 int sc_rngfirst;
160 int sc_rnghz;
161 int sc_c_busy, sc_s_busy, sc_d_busy, sc_r_busy, sc_active;
162 struct hifn_session *sc_sessions;
163 pci_chipset_tag_t sc_pci_pc;
164 pcitag_t sc_pci_tag;
165 bus_size_t sc_waw_lastreg;
166 int sc_waw_lastgroup;
167 };
168
169 #define WRITE_REG_0(sc,reg,val) hifn_write_4((sc), 0, (reg), (val))
170 #define WRITE_REG_1(sc,reg,val) hifn_write_4((sc), 1, (reg), (val))
171 #define READ_REG_0(sc,reg) hifn_read_4((sc), 0, (reg))
172 #define READ_REG_1(sc,reg) hifn_read_4((sc), 1, (reg))
173
174 #define SET_LED(sc,v) \
175 if (sc->sc_flags & HIFN_HAS_LEDS) \
176 WRITE_REG_1(sc, HIFN_1_7811_MIPSRST, \
177 READ_REG_1(sc, HIFN_1_7811_MIPSRST) | (v))
178 #define CLR_LED(sc,v) \
179 if (sc->sc_flags & HIFN_HAS_LEDS) \
180 WRITE_REG_1(sc, HIFN_1_7811_MIPSRST, \
181 READ_REG_1(sc, HIFN_1_7811_MIPSRST) & ~(v))
182
183 /*
184 * struct hifn_command
185 *
186 * This is the control structure used to pass commands to hifn_encrypt().
187 *
188 * flags
189 * -----
190 * Flags is the bitwise "or" values for command configuration. A single
191 * encrypt direction needs to be set:
192 *
193 * HIFN_ENCODE or HIFN_DECODE
194 *
195 * To use cryptography, a single crypto algorithm must be included:
196 *
197 * HIFN_CRYPT_3DES or HIFN_CRYPT_DES
198 *
199 * To use authentication, a single MAC algorithm must be included:
200 *
201 * HIFN_MAC_MD5 or HIFN_MAC_SHA1
202 *
203 * By default MD5 uses a 16 byte hash and SHA-1 uses a 20 byte hash.
204 * If the value below is set, hash values are truncated or assumed
205 * truncated to 12 bytes:
206 *
207 * HIFN_MAC_TRUNC
208 *
209 * Keys for encryption and authentication can be sent as part of a command,
210 * or the last key value used with a particular session can be retrieved
211 * and used again if either of these flags are not specified.
212 *
213 * HIFN_CRYPT_NEW_KEY, HIFN_MAC_NEW_KEY
214 *
215 * session_num
216 * -----------
217 * A number between 0 and 2048 (for DRAM models) or a number between
218 * 0 and 768 (for SRAM models). Those who don't want to use session
219 * numbers should leave value at zero and send a new crypt key and/or
220 * new MAC key on every command. If you use session numbers and
221 * don't send a key with a command, the last key sent for that same
222 * session number will be used.
223 *
224 * Warning: Using session numbers and multiboard at the same time
225 * is currently broken.
226 *
227 * mbuf
228 * ----
229 * Either fill in the mbuf pointer and npa=0 or
230 * fill packp[] and packl[] and set npa to > 0
231 *
232 * mac_header_skip
233 * ---------------
234 * The number of bytes of the source_buf that are skipped over before
235 * authentication begins. This must be a number between 0 and 2^16-1
236 * and can be used by IPsec implementers to skip over IP headers.
237 * *** Value ignored if authentication not used ***
238 *
239 * crypt_header_skip
240 * -----------------
241 * The number of bytes of the source_buf that are skipped over before
242 * the cryptographic operation begins. This must be a number between 0
243 * and 2^16-1. For IPsec, this number will always be 8 bytes larger
244 * than the auth_header_skip (to skip over the ESP header).
245 * *** Value ignored if cryptography not used ***
246 *
247 */
248 struct hifn_command {
249 u_int16_t session_num;
250 u_int16_t base_masks, cry_masks, mac_masks, comp_masks;
251 u_int8_t iv[HIFN_MAX_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH];
252 int cklen;
253 int sloplen, slopidx;
254
255 union {
256 struct mbuf *src_m;
257 struct uio *src_io;
258 } srcu;
259 bus_dmamap_t src_map;
260
261 union {
262 struct mbuf *dst_m;
263 struct uio *dst_io;
264 } dstu;
265 bus_dmamap_t dst_map;
266
267 struct hifn_softc *softc;
268 struct cryptop *crp;
269 struct cryptodesc *enccrd, *maccrd, *compcrd;
270 void (*cmd_callback)(struct hifn_softc *, struct hifn_command *,
271 u_int8_t *);
272 };
273
274 /*
275 * Return values for hifn_crypto()
276 */
277 #define HIFN_CRYPTO_SUCCESS 0
278 #define HIFN_CRYPTO_BAD_INPUT (-1)
279 #define HIFN_CRYPTO_RINGS_FULL (-2)
280
281 /**************************************************************************
282 *
283 * Function: hifn_crypto
284 *
285 * Purpose: Called by external drivers to begin an encryption on the
286 * HIFN board.
287 *
288 * Blocking/Non-blocking Issues
289 * ============================
290 * The driver cannot block in hifn_crypto (no calls to tsleep) currently.
291 * hifn_crypto() returns HIFN_CRYPTO_RINGS_FULL if there is not enough
292 * room in any of the rings for the request to proceed.
293 *
294 * Return Values
295 * =============
296 * 0 for success, negative values on error
297 *
298 * Defines for negative error codes are:
299 *
300 * HIFN_CRYPTO_BAD_INPUT : The passed in command had invalid settings.
301 * HIFN_CRYPTO_RINGS_FULL : All DMA rings were full and non-blocking
302 * behaviour was requested.
303 *
304 *************************************************************************/
305
306 /*
307 * Convert back and forth from 'sid' to 'card' and 'session'
308 */
309 #define HIFN_CARD(sid) (((sid) & 0xf0000000) >> 28)
310 #define HIFN_SESSION(sid) ((sid) & 0x000007ff)
311 #define HIFN_SID(crd,ses) (((crd) << 28) | ((ses) & 0x7ff))
312
313 #endif /* _KERNEL */
314
315 struct hifn_stats {
316 u_int64_t hst_ibytes;
317 u_int64_t hst_obytes;
318 u_int32_t hst_ipackets;
319 u_int32_t hst_opackets;
320 u_int32_t hst_invalid;
321 u_int32_t hst_nomem;
322 u_int32_t hst_abort;
323 };
324
325 #endif /* __HIFN7751VAR_H__ */