1 /*	$OpenBSD: safevar.h,v 1.5 2003/08/20 16:28:35 jason Exp $	*/
2 
3 /*-
4  * Copyright (c) 2003 Sam Leffler, Errno Consulting
5  * Copyright (c) 2003 Global Technology Associates, Inc.
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * $FreeBSD: /repoman/r/ncvs/src/sys/dev/safe/safevar.h,v 1.1 2003/07/21 21:46:07 sam Exp $
30  */
31 #ifndef _SAFE_SAFEVAR_H_
32 #define	_SAFE_SAFEVAR_H_
33 
34 /* public key parameter locations */
35 #define	SAFE_CRK_PARAM_BASE	0
36 #define	SAFE_CRK_PARAM_EXP	1
37 #define	SAFE_CRK_PARAM_MOD	2
38 
39 /* Maximum queue length */
40 #ifndef SAFE_MAX_NQUEUE
41 #define SAFE_MAX_NQUEUE	60
42 #endif
43 
44 #define	SAFE_MAX_PART		64	/* Maximum scatter/gather depth */
45 #define	SAFE_DMA_BOUNDARY	0	/* No boundary for source DMA ops */
46 #define	SAFE_MAX_DSIZE		MCLBYTES /* Fixed scatter particle size */
47 #define	SAFE_MAX_SSIZE		0x0ffff	/* Maximum gather particle size */
48 #define	SAFE_MAX_DMA		0xfffff	/* Maximum PE operand size (20 bits) */
49 /* total src+dst particle descriptors */
50 #define	SAFE_TOTAL_DPART	(SAFE_MAX_NQUEUE * SAFE_MAX_PART)
51 #define	SAFE_TOTAL_SPART	(SAFE_MAX_NQUEUE * SAFE_MAX_PART)
52 
53 #define	SAFE_RNG_MAXBUFSIZ	128	/* 32-bit words */
54 
55 #define	SAFE_CARD(sid)		(((sid) & 0xf0000000) >> 28)
56 #define	SAFE_SESSION(sid)	( (sid) & 0x0fffffff)
57 #define	SAFE_SID(crd, sesn)	(((crd) << 28) | ((sesn) & 0x0fffffff))
58 
59 #ifdef _KERNEL
60 /*
61  * State associated with the allocation of each chunk
62  * of memory setup for DMA.
63  */
64 struct safe_dma_alloc {
65 	u_int32_t		dma_paddr;	/* physical address */
66 	caddr_t			dma_vaddr;	/* virtual address */
67 	bus_dmamap_t		dma_map;	/* associated map */
68 	bus_dma_segment_t	dma_seg;
69 	bus_size_t		dma_size;	/* mapped memory size (bytes) */
70 	int			dma_nseg;	/* number of segments */
71 };
72 
73 /*
74  * Cryptographic operand state.  One of these exists for each
75  * source and destination operand passed in from the crypto
76  * subsystem.  When possible source and destination operands
77  * refer to the same memory.  More often they are distinct.
78  * We track the virtual address of each operand as well as
79  * where each is mapped for DMA.
80  */
81 struct safe_operand {
82 	union {
83 		struct mbuf *m;
84 		struct uio *io;
85 	} u;
86 	bus_dmamap_t		map;
87 };
88 
89 /*
90  * Packet engine ring entry and cryptographic operation state.
91  * The packet engine requires a ring of descriptors that contain
92  * pointers to various cryptographic state.  However the ring
93  * configuration register allows you to specify an arbitrary size
94  * for ring entries.  We use this feature to collect most of the
95  * state for each cryptographic request into one spot.  Other than
96  * ring entries only the ``particle descriptors'' (scatter/gather
97  * lists) and the actual operand data are kept separate.  The
98  * particle descriptors must also be organized in rings.  The
99  * operand data can be located aribtrarily (modulo alignment constraints).
100  *
101  * Note that the descriptor ring is mapped onto the PCI bus so
102  * the hardware can DMA data.  This means the entire ring must be
103  * contiguous.
104  */
105 struct safe_ringentry {
106 	struct safe_desc	re_desc;	/* command descriptor */
107 	struct safe_sarec	re_sa;		/* SA record */
108 	struct safe_sastate	re_sastate;	/* SA state record */
109 	struct cryptop		*re_crp;	/* crypto operation */
110 
111 	struct safe_operand	re_src;		/* source operand */
112 	struct safe_operand	re_dst;		/* destination operand */
113 
114 	int			re_sesn;	/* crypto session ID */
115 	int			re_flags;
116 #define	SAFE_QFLAGS_COPYOUTIV	0x1		/* copy back on completion */
117 #define	SAFE_QFLAGS_COPYOUTICV	0x2		/* copy back on completion */
118 };
119 
120 #define	re_src_m	re_src.u.m
121 #define	re_src_io	re_src.u.io
122 #define	re_src_map	re_src.map
123 #define	re_src_nsegs	re_src.map->dm_nsegs
124 #define	re_src_segs	re_src.map->dm_segs
125 #define	re_src_mapsize	re_src.map->dm_mapsize
126 
127 #define	re_dst_m	re_dst.u.m
128 #define	re_dst_io	re_dst.u.io
129 #define	re_dst_map	re_dst.map
130 #define	re_dst_nsegs	re_dst.map->dm_nsegs
131 #define	re_dst_segs	re_dst.map->dm_segs
132 #define	re_dst_mapsize	re_dst.map->dm_mapsize
133 
134 struct rndstate_test;
135 
136 struct safe_session {
137 	u_int32_t	ses_used;
138 	u_int32_t	ses_klen;		/* key length in bits */
139 	u_int32_t	ses_key[8];		/* DES/3DES/AES key */
140 	u_int32_t	ses_hminner[5];		/* hmac inner state */
141 	u_int32_t	ses_hmouter[5];		/* hmac outer state */
142 	u_int32_t	ses_iv[4];		/* DES/3DES/AES iv */
143 };
144 
145 struct safe_pkq {
146 	SIMPLEQ_ENTRY(safe_pkq)	pkq_next;
147 	struct cryptkop *pkq_krp;
148 };
149 
150 struct safe_softc {
151 	struct device		sc_dev;		/* device backpointer */
152 	struct resource		*sc_irq;
153 	void			*sc_ih;		/* interrupt handler cookie */
154 	bus_space_handle_t	sc_sh;		/* memory handle */
155 	bus_space_tag_t		sc_st;		/* memory tag */
156 	struct resource		*sc_sr;		/* memory resource */
157 	bus_dma_tag_t		sc_dmat;
158 	u_int			sc_chiprev;	/* major/minor chip revision */
159 	int			sc_suspended;
160 	int			sc_needwakeup;	/* notify crypto layer */
161 	int32_t			sc_cid;		/* crypto tag */
162 	struct safe_dma_alloc	sc_ringalloc;	/* PE ring allocation state */
163 	struct safe_ringentry	*sc_ring;	/* PE ring */
164 	struct safe_ringentry	*sc_ringtop;	/* PE ring top */
165 	struct safe_ringentry	*sc_front;	/* next free entry */
166 	struct safe_ringentry	*sc_back;	/* next pending entry */
167 	int			sc_nqchip;	/* # passed to chip */
168 	struct safe_pdesc	*sc_spring;	/* src particle ring */
169 	struct safe_pdesc	*sc_springtop;	/* src particle ring top */
170 	struct safe_pdesc	*sc_spfree;	/* next free src particle */
171 	struct safe_dma_alloc	sc_spalloc;	/* src particle ring state */
172 	struct safe_pdesc	*sc_dpring;	/* dest particle ring */
173 	struct safe_pdesc	*sc_dpringtop;	/* dest particle ring top */
174 	struct safe_pdesc	*sc_dpfree;	/* next free dest particle */
175 	struct safe_dma_alloc	sc_dpalloc;	/* dst particle ring state */
176 	int			sc_nsessions;	/* # of sessions */
177 	struct safe_session	*sc_sessions;	/* sessions */
178 
179 	struct timeout		sc_rngto;	/* rng timeout */
180 	struct timeout		sc_pkto;	/* pk timeout */
181 	SIMPLEQ_HEAD(, safe_pkq)	sc_pkq;
182 	struct safe_pkq		*sc_pkq_cur;
183 	u_int32_t		sc_pk_reslen, sc_pk_resoff;
184 };
185 #endif /* _KERNEL */
186 
187 struct safe_stats {
188 	u_int64_t st_ibytes;
189 	u_int64_t st_obytes;
190 	u_int32_t st_ipackets;
191 	u_int32_t st_opackets;
192 	u_int32_t st_invalid;		/* invalid argument */
193 	u_int32_t st_badsession;	/* invalid session id */
194 	u_int32_t st_badflags;		/* flags indicate !(mbuf | uio) */
195 	u_int32_t st_nodesc;		/* op submitted w/o descriptors */
196 	u_int32_t st_badalg;		/* unsupported algorithm */
197 	u_int32_t st_ringfull;		/* PE descriptor ring full */
198 	u_int32_t st_peoperr;		/* PE marked error */
199 	u_int32_t st_dmaerr;		/* PE DMA error */
200 	u_int32_t st_bypasstoobig;	/* bypass > 96 bytes */
201 	u_int32_t st_skipmismatch;	/* enc part begins before auth part */
202 	u_int32_t st_lenmismatch;	/* enc length different auth length */
203 	u_int32_t st_coffmisaligned;	/* crypto offset not 32-bit aligned */
204 	u_int32_t st_cofftoobig;	/* crypto offset > 255 words */
205 	u_int32_t st_iovmisaligned;	/* iov op not aligned */
206 	u_int32_t st_iovnotuniform;	/* iov op not suitable */
207 	u_int32_t st_unaligned;		/* unaligned src caused copy */
208 	u_int32_t st_notuniform;	/* non-uniform src caused copy */
209 	u_int32_t st_nomap;		/* bus_dmamap_create failed */
210 	u_int32_t st_noload;		/* bus_dmamap_load_* failed */
211 	u_int32_t st_nombuf;		/* MGET* failed */
212 	u_int32_t st_nomcl;		/* MCLGET* failed */
213 	u_int32_t st_maxqchip;		/* max mcr1 ops out for processing */
214 	u_int32_t st_rng;		/* RNG requests */
215 	u_int32_t st_rngalarm;		/* RNG alarm requests */
216 	u_int32_t st_noicvcopy;		/* ICV data copies suppressed */
217 };
218 #endif /* _SAFE_SAFEVAR_H_ */
219