2 /* $OpenBSD: hifn7751var.h,v 1.42 2002/04/08 17:49:42 jason Exp $ */
5 * Invertex AEON / Hifn 7751 driver
6 * Copyright (c) 1999 Invertex Inc. All rights reserved.
7 * Copyright (c) 1999 Theo de Raadt
8 * Copyright (c) 2000-2001 Network Security Technologies, Inc.
9 * http://www.netsec.net
11 * Please send any comments, feedback, bug-fixes, or feature requests to
12 * software@invertex.com.
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
18 * 1. Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in the
22 * documentation and/or other materials provided with the distribution.
23 * 3. The name of the author may not be used to endorse or promote products
24 * derived from this software without specific prior written permission.
27 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
28 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
29 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
30 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
31 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
32 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
33 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
34 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
35 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38 * Effort sponsored in part by the Defense Advanced Research Projects
39 * Agency (DARPA) and Air Force Research Laboratory, Air Force
40 * Materiel Command, USAF, under agreement number F30602-01-2-0537.
44 #ifndef __HIFN7751VAR_H__
45 #define __HIFN7751VAR_H__
50 * Some configurable values for the driver. By default command+result
51 * descriptor rings are the same size. The src+dst descriptor rings
52 * are sized at 3.5x the number of potential commands. Slower parts
53 * (e.g. 7951) tend to run out of src descriptors; faster parts (7811)
54 * src+cmd/result descriptors. It's not clear that increasing the size
55 * of the descriptor rings helps performance significantly as other
56 * factors tend to come into play (e.g. copying misaligned packets).
58 #define HIFN_D_CMD_RSIZE 24 /* command descriptors */
59 #define HIFN_D_SRC_RSIZE ((HIFN_D_CMD_RSIZE * 7) / 2) /* source descriptors */
60 #define HIFN_D_RES_RSIZE HIFN_D_CMD_RSIZE /* result descriptors */
61 #define HIFN_D_DST_RSIZE HIFN_D_SRC_RSIZE /* destination descriptors */
64 * Length values for cryptography
66 #define HIFN_DES_KEY_LENGTH 8
67 #define HIFN_3DES_KEY_LENGTH 24
68 #define HIFN_MAX_CRYPT_KEY_LENGTH HIFN_3DES_KEY_LENGTH
69 #define HIFN_IV_LENGTH 8
70 #define HIFN_AES_IV_LENGTH 16
71 #define HIFN_MAX_IV_LENGTH HIFN_AES_IV_LENGTH
74 * Length values for authentication
76 #define HIFN_MAC_KEY_LENGTH 64
77 #define HIFN_MD5_LENGTH 16
78 #define HIFN_SHA1_LENGTH 20
79 #define HIFN_MAC_TRUNC_LENGTH 12
81 #define MAX_SCATTER 64
84 * Data structure to hold all 4 rings and any other ring related data
85 * that should reside in DMA.
89 * Descriptor rings. We add +1 to the size to accomidate the
92 struct hifn_desc cmdr[HIFN_D_CMD_RSIZE+1];
93 struct hifn_desc srcr[HIFN_D_SRC_RSIZE+1];
94 struct hifn_desc dstr[HIFN_D_DST_RSIZE+1];
95 struct hifn_desc resr[HIFN_D_RES_RSIZE+1];
98 u_char command_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_COMMAND];
99 u_char result_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_RESULT];
100 u_int32_t slop[HIFN_D_CMD_RSIZE];
101 u_int64_t test_src, test_dst;
105 struct hifn_session {
108 u_int8_t hs_iv[HIFN_MAX_IV_LENGTH];
111 #define HIFN_RING_SYNC(sc, r, i, f) \
112 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f))
114 #define HIFN_CMDR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), cmdr, (i), (f))
115 #define HIFN_RESR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), resr, (i), (f))
116 #define HIFN_SRCR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), srcr, (i), (f))
117 #define HIFN_DSTR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), dstr, (i), (f))
119 #define HIFN_CMD_SYNC(sc, i, f) \
120 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f))
122 #define HIFN_RES_SYNC(sc, i, f) \
123 bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f))
126 * Holds data specific to a single HIFN board.
129 device_t sc_dev; /* device backpointer */
130 struct mtx sc_mtx; /* per-instance lock */
131 bus_dma_tag_t sc_dmat; /* parent DMA tag decriptor */
132 struct resource *sc_bar0res;
133 bus_space_handle_t sc_sh0; /* bar0 bus space handle */
134 bus_space_tag_t sc_st0; /* bar0 bus space tag */
135 bus_size_t sc_bar0_lastreg;/* bar0 last reg written */
136 struct resource *sc_bar1res;
137 bus_space_handle_t sc_sh1; /* bar1 bus space handle */
138 bus_space_tag_t sc_st1; /* bar1 bus space tag */
139 bus_size_t sc_bar1_lastreg;/* bar1 last reg written */
140 struct resource *sc_irq;
141 void *sc_intrhand; /* interrupt handle */
144 u_int32_t sc_drammodel; /* 1=dram, 0=sram */
145 u_int32_t sc_pllconfig; /* 7954/7955/7956 PLL config */
147 struct hifn_dma *sc_dma;
148 bus_dmamap_t sc_dmamap;
149 bus_dma_segment_t sc_dmasegs[1];
150 bus_addr_t sc_dma_physaddr;/* physical address of sc_dma */
152 struct hifn_command *sc_hifn_commands[HIFN_D_RES_RSIZE];
154 * Our current positions for insertion and removal from the desriptor
157 int sc_cmdi, sc_srci, sc_dsti, sc_resi;
158 volatile int sc_cmdu, sc_srcu, sc_dstu, sc_resu;
159 int sc_cmdk, sc_srck, sc_dstk, sc_resk;
164 struct hifn_session *sc_sessions;
167 #define HIFN_HAS_RNG 0x1 /* includes random number generator */
168 #define HIFN_HAS_PUBLIC 0x2 /* includes public key support */
169 #define HIFN_HAS_AES 0x4 /* includes AES support */
170 #define HIFN_IS_7811 0x8 /* Hifn 7811 part */
171 #define HIFN_IS_7956 0x10 /* Hifn 7956/7955 don't have SDRAM */
172 struct callout sc_rngto; /* for polling RNG */
173 struct callout sc_tickto; /* for managing DMA */
175 int sc_rnghz; /* RNG polling frequency */
176 struct rndtest_state *sc_rndtest; /* RNG test state */
177 void (*sc_harvest)(struct rndtest_state *,
179 int sc_c_busy; /* command ring busy */
180 int sc_s_busy; /* source data ring busy */
181 int sc_d_busy; /* destination data ring busy */
182 int sc_r_busy; /* result ring busy */
183 int sc_active; /* for initial countdown */
184 int sc_needwakeup; /* ops q'd wating on resources */
185 int sc_curbatch; /* # ops submitted w/o int */
187 #ifdef HIFN_VULCANDEV
188 struct cdev *sc_pkdev;
192 #define HIFN_LOCK(_sc) mtx_lock(&(_sc)->sc_mtx)
193 #define HIFN_UNLOCK(_sc) mtx_unlock(&(_sc)->sc_mtx)
198 * This is the control structure used to pass commands to hifn_encrypt().
202 * Flags is the bitwise "or" values for command configuration. A single
203 * encrypt direction needs to be set:
205 * HIFN_ENCODE or HIFN_DECODE
207 * To use cryptography, a single crypto algorithm must be included:
209 * HIFN_CRYPT_3DES or HIFN_CRYPT_DES
211 * To use authentication is used, a single MAC algorithm must be included:
213 * HIFN_MAC_MD5 or HIFN_MAC_SHA1
215 * By default MD5 uses a 16 byte hash and SHA-1 uses a 20 byte hash.
216 * If the value below is set, hash values are truncated or assumed
217 * truncated to 12 bytes:
221 * Keys for encryption and authentication can be sent as part of a command,
222 * or the last key value used with a particular session can be retrieved
223 * and used again if either of these flags are not specified.
225 * HIFN_CRYPT_NEW_KEY, HIFN_MAC_NEW_KEY
229 * A number between 0 and 2048 (for DRAM models) or a number between
230 * 0 and 768 (for SRAM models). Those who don't want to use session
231 * numbers should leave value at zero and send a new crypt key and/or
232 * new MAC key on every command. If you use session numbers and
233 * don't send a key with a command, the last key sent for that same
234 * session number will be used.
236 * Warning: Using session numbers and multiboard at the same time
237 * is currently broken.
241 * Either fill in the mbuf pointer and npa=0 or
242 * fill packp[] and packl[] and set npa to > 0
246 * The number of bytes of the source_buf that are skipped over before
247 * authentication begins. This must be a number between 0 and 2^16-1
248 * and can be used by IPsec implementers to skip over IP headers.
249 * *** Value ignored if authentication not used ***
253 * The number of bytes of the source_buf that are skipped over before
254 * the cryptographic operation begins. This must be a number between 0
255 * and 2^16-1. For IPsec, this number will always be 8 bytes larger
256 * than the auth_header_skip (to skip over the ESP header).
257 * *** Value ignored if cryptography not used ***
260 struct hifn_operand {
268 bus_dma_segment_t segs[MAX_SCATTER];
270 struct hifn_command {
271 u_int16_t session_num;
272 u_int16_t base_masks, cry_masks, mac_masks;
273 u_int8_t iv[HIFN_MAX_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH];
275 int sloplen, slopidx;
277 struct hifn_operand src;
278 struct hifn_operand dst;
280 struct hifn_softc *softc;
282 struct cryptodesc *enccrd, *maccrd;
285 #define src_m src.u.m
286 #define src_io src.u.io
287 #define src_map src.map
288 #define src_mapsize src.mapsize
289 #define src_segs src.segs
290 #define src_nsegs src.nsegs
292 #define dst_m dst.u.m
293 #define dst_io dst.u.io
294 #define dst_map dst.map
295 #define dst_mapsize dst.mapsize
296 #define dst_segs dst.segs
297 #define dst_nsegs dst.nsegs
300 * Return values for hifn_crypto()
302 #define HIFN_CRYPTO_SUCCESS 0
303 #define HIFN_CRYPTO_BAD_INPUT (-1)
304 #define HIFN_CRYPTO_RINGS_FULL (-2)
306 /**************************************************************************
308 * Function: hifn_crypto
310 * Purpose: Called by external drivers to begin an encryption on the
313 * Blocking/Non-blocking Issues
314 * ============================
315 * The driver cannot block in hifn_crypto (no calls to tsleep) currently.
316 * hifn_crypto() returns HIFN_CRYPTO_RINGS_FULL if there is not enough
317 * room in any of the rings for the request to proceed.
321 * 0 for success, negative values on error
323 * Defines for negative error codes are:
325 * HIFN_CRYPTO_BAD_INPUT : The passed in command had invalid settings.
326 * HIFN_CRYPTO_RINGS_FULL : All DMA rings were full and non-blocking
327 * behaviour was requested.
329 *************************************************************************/
332 * Convert back and forth from 'sid' to 'card' and 'session'
334 #define HIFN_CARD(sid) (((sid) & 0xf0000000) >> 28)
335 #define HIFN_SESSION(sid) ((sid) & 0x000007ff)
336 #define HIFN_SID(crd,ses) (((crd) << 28) | ((ses) & 0x7ff))
341 u_int64_t hst_ibytes;
342 u_int64_t hst_obytes;
343 u_int32_t hst_ipackets;
344 u_int32_t hst_opackets;
345 u_int32_t hst_invalid;
346 u_int32_t hst_nomem; /* malloc or one of hst_nomem_* */
348 u_int32_t hst_noirq; /* IRQ for no reason */
349 u_int32_t hst_totbatch; /* ops submitted w/o interrupt */
350 u_int32_t hst_maxbatch; /* max ops submitted together */
351 u_int32_t hst_unaligned; /* unaligned src caused copy */
353 * The following divides hst_nomem into more specific buckets.
355 u_int32_t hst_nomem_map; /* bus_dmamap_create failed */
356 u_int32_t hst_nomem_load; /* bus_dmamap_load_* failed */
357 u_int32_t hst_nomem_mbuf; /* MGET* failed */
358 u_int32_t hst_nomem_mcl; /* MCLGET* failed */
359 u_int32_t hst_nomem_cr; /* out of command/result descriptor */
360 u_int32_t hst_nomem_sd; /* out of src/dst descriptors */
363 #endif /* __HIFN7751VAR_H__ */