2 * Copyright (c) 2003-2012 Broadcom Corporation
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
16 * THIS SOFTWARE IS PROVIDED BY BROADCOM ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL BROADCOM OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
23 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
24 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
25 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
26 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 #include <sys/cdefs.h>
30 __FBSDID("$FreeBSD$");
32 #include <sys/param.h>
33 #include <sys/types.h>
34 #include <sys/systm.h>
35 #include <sys/kernel.h>
36 #include <sys/module.h>
37 #include <sys/malloc.h>
40 #include <sys/mutex.h>
43 #include <machine/bus.h>
44 #include <machine/md_var.h>
45 #include <machine/cpuregs.h>
50 #include <opencrypto/cryptodev.h>
52 #include <mips/nlm/hal/haldefs.h>
53 #include <mips/nlm/hal/cop2.h>
54 #include <mips/nlm/hal/fmn.h>
55 #include <mips/nlm/hal/mips-extns.h>
56 #include <mips/nlm/hal/nlmsaelib.h>
57 #include <mips/nlm/dev/sec/nlmseclib.h>
60 nlm_crypto_complete_sec_request(struct xlp_sec_softc *sc,
61 struct xlp_sec_command *cmd)
67 fbvc = nlm_cpuid() / CMS_MAX_VCPU_VC;
68 m.msg[0] = m.msg[1] = m.msg[2] = m.msg[3] = 0;
70 m.msg[0] = nlm_crypto_form_pkt_fmn_entry0(fbvc, 0, 0,
71 cmd->ctrlp->cipherkeylen, vtophys(cmd->ctrlp));
73 m.msg[1] = nlm_crypto_form_pkt_fmn_entry1(0, cmd->ctrlp->hashkeylen,
74 NLM_CRYPTO_PKT_DESC_SIZE(cmd->nsegs), vtophys(cmd->paramp));
76 /* Software scratch pad */
77 m.msg[2] = (uintptr_t)cmd;
80 /* Send the message to sec/rsa engine vc */
81 ret = nlm_fmn_msgsend(sc->sec_vc_start, sc->sec_msgsz,
82 FMN_SWCODE_CRYPTO, &m);
85 printf("%s: msgsnd failed (%x)\n", __func__, ret);
93 nlm_crypto_form_srcdst_segs(struct xlp_sec_command *cmd)
95 unsigned int srcseg = 0, dstseg = 0;
96 struct cryptodesc *cipdesc = NULL;
97 struct cryptop *crp = NULL;
100 cipdesc = cmd->enccrd;
102 if (cipdesc != NULL) {
103 /* IV is given as ONE segment to avoid copy */
104 if (cipdesc->crd_flags & CRD_F_IV_EXPLICIT) {
105 srcseg = nlm_crypto_fill_src_seg(cmd->paramp, srcseg,
106 cmd->iv, cmd->ivlen);
107 dstseg = nlm_crypto_fill_dst_seg(cmd->paramp, dstseg,
108 cmd->iv, cmd->ivlen);
112 if (crp->crp_flags & CRYPTO_F_IMBUF) {
113 struct mbuf *m = NULL;
115 m = (struct mbuf *)crp->crp_buf;
117 srcseg = nlm_crypto_fill_src_seg(cmd->paramp, srcseg,
118 mtod(m,caddr_t), m->m_len);
119 if (cipdesc != NULL) {
120 dstseg = nlm_crypto_fill_dst_seg(cmd->paramp,
121 dstseg, mtod(m,caddr_t), m->m_len);
125 } else if (crp->crp_flags & CRYPTO_F_IOV) {
126 struct uio *uio = NULL;
127 struct iovec *iov = NULL;
130 uio = (struct uio *)crp->crp_buf;
131 iov = (struct iovec *)uio->uio_iov;
132 iol = uio->uio_iovcnt;
135 srcseg = nlm_crypto_fill_src_seg(cmd->paramp, srcseg,
136 (caddr_t)iov->iov_base, iov->iov_len);
137 if (cipdesc != NULL) {
138 dstseg = nlm_crypto_fill_dst_seg(cmd->paramp,
139 dstseg, (caddr_t)iov->iov_base,
146 srcseg = nlm_crypto_fill_src_seg(cmd->paramp, srcseg,
147 ((caddr_t)crp->crp_buf), crp->crp_ilen);
148 if (cipdesc != NULL) {
149 dstseg = nlm_crypto_fill_dst_seg(cmd->paramp, dstseg,
150 ((caddr_t)crp->crp_buf), crp->crp_ilen);
157 nlm_crypto_do_cipher(struct xlp_sec_softc *sc, struct xlp_sec_command *cmd)
159 struct cryptodesc *cipdesc = NULL;
160 unsigned char *cipkey = NULL;
163 cipdesc = cmd->enccrd;
164 cipkey = (unsigned char *)cipdesc->crd_key;
165 if (cmd->cipheralg == NLM_CIPHER_3DES) {
166 if (!(cipdesc->crd_flags & CRD_F_ENCRYPT)) {
168 k = (uint64_t *)cipdesc->crd_key;
169 tkey = (uint64_t *)cmd->des3key;
173 cipkey = (unsigned char *)tkey;
176 nlm_crypto_fill_pkt_ctrl(cmd->ctrlp, 0, NLM_HASH_BYPASS, 0,
177 cmd->cipheralg, cmd->ciphermode, cipkey,
178 (cipdesc->crd_klen >> 3), NULL, 0);
180 nlm_crypto_fill_cipher_pkt_param(cmd->ctrlp, cmd->paramp,
181 (cipdesc->crd_flags & CRD_F_ENCRYPT) ? 1 : 0, cmd->ivoff,
182 cmd->ivlen, cmd->cipheroff, cmd->cipherlen);
183 nlm_crypto_form_srcdst_segs(cmd);
185 ret = nlm_crypto_complete_sec_request(sc, cmd);
190 nlm_crypto_do_digest(struct xlp_sec_softc *sc, struct xlp_sec_command *cmd)
192 struct cryptodesc *digdesc = NULL;
195 digdesc = cmd->maccrd;
197 nlm_crypto_fill_pkt_ctrl(cmd->ctrlp, (digdesc->crd_klen) ? 1 : 0,
198 cmd->hashalg, cmd->hashmode, NLM_CIPHER_BYPASS, 0,
199 NULL, 0, digdesc->crd_key, digdesc->crd_klen >> 3);
201 nlm_crypto_fill_auth_pkt_param(cmd->ctrlp, cmd->paramp,
202 cmd->hashoff, cmd->hashlen, cmd->hmacpad,
203 (unsigned char *)cmd->hashdest);
205 nlm_crypto_form_srcdst_segs(cmd);
207 ret = nlm_crypto_complete_sec_request(sc, cmd);
213 nlm_crypto_do_cipher_digest(struct xlp_sec_softc *sc,
214 struct xlp_sec_command *cmd)
216 struct cryptodesc *cipdesc=NULL, *digdesc=NULL;
217 unsigned char *cipkey = NULL;
220 cipdesc = cmd->enccrd;
221 digdesc = cmd->maccrd;
223 cipkey = (unsigned char *)cipdesc->crd_key;
224 if (cmd->cipheralg == NLM_CIPHER_3DES) {
225 if (!(cipdesc->crd_flags & CRD_F_ENCRYPT)) {
227 k = (uint64_t *)cipdesc->crd_key;
228 tkey = (uint64_t *)cmd->des3key;
232 cipkey = (unsigned char *)tkey;
235 nlm_crypto_fill_pkt_ctrl(cmd->ctrlp, (digdesc->crd_klen) ? 1 : 0,
236 cmd->hashalg, cmd->hashmode, cmd->cipheralg, cmd->ciphermode,
237 cipkey, (cipdesc->crd_klen >> 3),
238 digdesc->crd_key, (digdesc->crd_klen >> 3));
240 nlm_crypto_fill_cipher_auth_pkt_param(cmd->ctrlp, cmd->paramp,
241 (cipdesc->crd_flags & CRD_F_ENCRYPT) ? 1 : 0, cmd->hashsrc,
242 cmd->ivoff, cmd->ivlen, cmd->hashoff, cmd->hashlen,
243 cmd->hmacpad, cmd->cipheroff, cmd->cipherlen,
244 (unsigned char *)cmd->hashdest);
246 nlm_crypto_form_srcdst_segs(cmd);
248 ret = nlm_crypto_complete_sec_request(sc, cmd);
253 nlm_get_digest_param(struct xlp_sec_command *cmd)
255 switch(cmd->maccrd->crd_alg) {
257 cmd->hashalg = NLM_HASH_MD5;
258 cmd->hashmode = NLM_HASH_MODE_SHA1;
261 cmd->hashalg = NLM_HASH_SHA;
262 cmd->hashmode = NLM_HASH_MODE_SHA1;
264 case CRYPTO_MD5_HMAC:
265 cmd->hashalg = NLM_HASH_MD5;
266 cmd->hashmode = NLM_HASH_MODE_SHA1;
268 case CRYPTO_SHA1_HMAC:
269 cmd->hashalg = NLM_HASH_SHA;
270 cmd->hashmode = NLM_HASH_MODE_SHA1;
279 nlm_get_cipher_param(struct xlp_sec_command *cmd)
281 switch(cmd->enccrd->crd_alg) {
283 cmd->cipheralg = NLM_CIPHER_DES;
284 cmd->ciphermode = NLM_CIPHER_MODE_CBC;
285 cmd->ivlen = XLP_SEC_DES_IV_LENGTH;
287 case CRYPTO_3DES_CBC:
288 cmd->cipheralg = NLM_CIPHER_3DES;
289 cmd->ciphermode = NLM_CIPHER_MODE_CBC;
290 cmd->ivlen = XLP_SEC_DES_IV_LENGTH;
293 cmd->cipheralg = NLM_CIPHER_AES128;
294 cmd->ciphermode = NLM_CIPHER_MODE_CBC;
295 cmd->ivlen = XLP_SEC_AES_IV_LENGTH;
298 cmd->cipheralg = NLM_CIPHER_ARC4;
299 cmd->ciphermode = NLM_CIPHER_MODE_ECB;
300 cmd->ivlen = XLP_SEC_ARC4_IV_LENGTH;