From owner-p4-projects@FreeBSD.ORG Mon Oct 6 11:14:06 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 02F9A16A4C0; Mon, 6 Oct 2003 11:14:06 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B9B6E16A4B3 for ; Mon, 6 Oct 2003 11:14:05 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id D522743FAF for ; Mon, 6 Oct 2003 11:14:04 -0700 (PDT) (envelope-from sam@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id h96IE4XJ051824 for ; Mon, 6 Oct 2003 11:14:04 -0700 (PDT) (envelope-from sam@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.9/8.12.9/Submit) id h96IE406051821 for perforce@freebsd.org; Mon, 6 Oct 2003 11:14:04 -0700 (PDT) (envelope-from sam@freebsd.org) Date: Mon, 6 Oct 2003 11:14:04 -0700 (PDT) Message-Id: <200310061814.h96IE406051821@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to sam@freebsd.org using -f From: Sam Leffler To: Perforce Change Reviews Subject: PERFORCE change 39265 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2003 18:14:06 -0000 http://perforce.freebsd.org/chv.cgi?CH=39265 Change 39265 by sam@sam_ebb on 2003/10/06 11:13:46 support for the 7955+7956 Affected files ... .. //depot/projects/netperf/sys/dev/hifn/hifn7751.c#7 edit .. //depot/projects/netperf/sys/dev/hifn/hifn7751reg.h#3 edit .. //depot/projects/netperf/sys/dev/hifn/hifn7751var.h#2 edit Differences ... ==== //depot/projects/netperf/sys/dev/hifn/hifn7751.c#7 (text+ko) ==== @@ -6,6 +6,7 @@ * Copyright (c) 1999 Theo de Raadt * Copyright (c) 2000-2001 Network Security Technologies, Inc. * http://www.netsec.net + * Copyright (c) 2003 Hifn Inc. * * This driver is based on a previous driver by Invertex, for which they * requested: Please send any comments, feedback, bug-fixes, or feature @@ -43,7 +44,7 @@ __FBSDID("$FreeBSD: src/sys/dev/hifn/hifn7751.c,v 1.22 2003/09/02 17:30:36 jhb Exp $"); /* - * Driver for the Hifn 7751 encryption processor. + * Driver for various Hifn encryption processors. */ #include "opt_hifn.h" @@ -195,6 +196,8 @@ if (pci_get_vendor(dev) == PCI_VENDOR_HIFN && (pci_get_device(dev) == PCI_PRODUCT_HIFN_7751 || pci_get_device(dev) == PCI_PRODUCT_HIFN_7951 || + pci_get_device(dev) == PCI_PRODUCT_HIFN_7955 || + pci_get_device(dev) == PCI_PRODUCT_HIFN_7956 || pci_get_device(dev) == PCI_PRODUCT_HIFN_7811)) return (0); if (pci_get_vendor(dev) == PCI_VENDOR_NETSEC && @@ -221,6 +224,8 @@ case PCI_PRODUCT_HIFN_7751: return "Hifn 7751"; case PCI_PRODUCT_HIFN_7811: return "Hifn 7811"; case PCI_PRODUCT_HIFN_7951: return "Hifn 7951"; + case PCI_PRODUCT_HIFN_7955: return "Hifn 7955"; + case PCI_PRODUCT_HIFN_7956: return "Hifn 7956"; } return "Hifn unknown-part"; case PCI_VENDOR_INVERTEX: @@ -265,11 +270,13 @@ /* XXX handle power management */ /* - * The 7951 has a random number generator and + * The 7951 and 795x have a random number generator and * public key support; note this. */ if (pci_get_vendor(dev) == PCI_VENDOR_HIFN && - pci_get_device(dev) == PCI_PRODUCT_HIFN_7951) + (pci_get_device(dev) == PCI_PRODUCT_HIFN_7951 || + pci_get_device(dev) == PCI_PRODUCT_HIFN_7955 || + pci_get_device(dev) == PCI_PRODUCT_HIFN_7956)) sc->sc_flags = HIFN_HAS_RNG | HIFN_HAS_PUBLIC; /* * The 7811 has a random number generator and @@ -280,6 +287,14 @@ sc->sc_flags |= HIFN_IS_7811 | HIFN_HAS_RNG; /* + * The 795x parts support AES. + */ + if (pci_get_vendor(dev) == PCI_VENDOR_HIFN && + (pci_get_device(dev) == PCI_PRODUCT_HIFN_7955 || + pci_get_device(dev) == PCI_PRODUCT_HIFN_7956)) + sc->sc_flags |= HIFN_IS_7956 | HIFN_HAS_AES; + + /* * Configure support for memory-mapped access to * registers and for DMA operations. */ @@ -395,7 +410,10 @@ hifn_init_dma(sc); hifn_init_pci_registers(sc); - if (hifn_ramtype(sc)) + /* XXX can't dynamically determine ram type for 795x; force dram */ + if (sc->sc_flags & HIFN_IS_7956) + sc->sc_drammodel = 1; + else if (hifn_ramtype(sc)) goto fail_mem; if (sc->sc_drammodel == 0) @@ -467,6 +485,10 @@ hifn_newsession, hifn_freesession, hifn_process, sc); crypto_register(sc->sc_cid, CRYPTO_ARC4, 0, 0, hifn_newsession, hifn_freesession, hifn_process, sc); + if (sc->sc_flags & HIFN_HAS_AES) + crypto_register(sc->sc_cid, CRYPTO_AES_CBC, 0, 0, + hifn_newsession, hifn_freesession, + hifn_process, sc); /*FALLTHROUGH*/ case HIFN_PUSTAT_ENA_1: crypto_register(sc->sc_cid, CRYPTO_MD5, 0, 0, @@ -875,6 +897,16 @@ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, { + PCI_VENDOR_HIFN, + PCI_PRODUCT_HIFN_7955, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00 } + }, { + PCI_VENDOR_HIFN, + PCI_PRODUCT_HIFN_7956, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00 } + }, { PCI_VENDOR_NETSEC, PCI_PRODUCT_NETSEC_7751, { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -1055,10 +1087,18 @@ sc->sc_dmaier &= ~HIFN_DMAIER_C_WAIT; WRITE_REG_1(sc, HIFN_1_DMA_IER, sc->sc_dmaier); - WRITE_REG_0(sc, HIFN_0_PUCNFG, HIFN_PUCNFG_COMPSING | - HIFN_PUCNFG_DRFR_128 | HIFN_PUCNFG_TCALLPHASES | - HIFN_PUCNFG_TCDRVTOTEM | HIFN_PUCNFG_BUS32 | - (sc->sc_drammodel ? HIFN_PUCNFG_DRAM : HIFN_PUCNFG_SRAM)); + + if (sc->sc_flags & HIFN_IS_7956) { + WRITE_REG_0(sc, HIFN_0_PUCNFG, HIFN_PUCNFG_COMPSING | + HIFN_PUCNFG_TCALLPHASES | + HIFN_PUCNFG_TCDRVTOTEM | HIFN_PUCNFG_BUS32); + WRITE_REG_1(sc, HIFN_1_PLL, HIFN_PLL_7956); + } else { + WRITE_REG_0(sc, HIFN_0_PUCNFG, HIFN_PUCNFG_COMPSING | + HIFN_PUCNFG_DRFR_128 | HIFN_PUCNFG_TCALLPHASES | + HIFN_PUCNFG_TCDRVTOTEM | HIFN_PUCNFG_BUS32 | + (sc->sc_drammodel ? HIFN_PUCNFG_DRAM : HIFN_PUCNFG_SRAM)); + } WRITE_REG_0(sc, HIFN_0_PUISR, HIFN_PUISR_DSTOVER); WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_MSTRESET | @@ -1087,8 +1127,14 @@ ctxsize = 128; else ctxsize = 512; - sc->sc_maxses = 1 + - ((sc->sc_ramsize - 32768) / ctxsize); + /* + * 7955/7956 has internal context memory of 32K + */ + if (sc->sc_flags & HIFN_IS_7956) + sc->sc_maxses = 32768 / ctxsize; + else + sc->sc_maxses = 1 + + ((sc->sc_ramsize - 32768) / ctxsize); } else sc->sc_maxses = sc->sc_ramsize / 16384; @@ -1175,9 +1221,16 @@ { u_int32_t cnfg; - cnfg = READ_REG_0(sc, HIFN_0_PUCNFG) & - HIFN_PUCNFG_DRAMMASK; - sc->sc_ramsize = 1 << ((cnfg >> 13) + 18); + if (sc->sc_flags & HIFN_IS_7956) { + /* + * 7955/7956 have a fixed internal ram of only 32K. + */ + sc->sc_ramsize = 32768; + } else { + cnfg = READ_REG_0(sc, HIFN_0_PUCNFG) & + HIFN_PUCNFG_DRAMMASK; + sc->sc_ramsize = 1 << ((cnfg >> 13) + 18); + } return (0); } @@ -1393,7 +1446,7 @@ hifn_base_command_t *base_cmd; hifn_mac_command_t *mac_cmd; hifn_crypt_command_t *cry_cmd; - int using_mac, using_crypt, len; + int using_mac, using_crypt, len, ivlen; u_int32_t dlen, slen; buf_pos = buf; @@ -1453,7 +1506,7 @@ break; case HIFN_CRYPT_CMD_ALG_DES: bcopy(cmd->ck, buf_pos, HIFN_DES_KEY_LENGTH); - buf_pos += cmd->cklen; + buf_pos += HIFN_DES_KEY_LENGTH; break; case HIFN_CRYPT_CMD_ALG_RC4: len = 256; @@ -1468,12 +1521,28 @@ bzero(buf_pos, 4); buf_pos += 4; break; + case HIFN_CRYPT_CMD_ALG_AES: + /* + * AES keys are variable 128, 192 and + * 256 bits (16, 24 and 32 bytes). + */ + bcopy(cmd->ck, buf_pos, cmd->cklen); + buf_pos += cmd->cklen; + break; } } if (using_crypt && cmd->cry_masks & HIFN_CRYPT_CMD_NEW_IV) { - bcopy(cmd->iv, buf_pos, HIFN_IV_LENGTH); - buf_pos += HIFN_IV_LENGTH; + switch (cmd->cry_masks & HIFN_CRYPT_CMD_ALG_MASK) { + case HIFN_CRYPT_CMD_ALG_AES: + ivlen = HIFN_AES_IV_LENGTH; + break; + default: + ivlen = HIFN_IV_LENGTH; + break; + } + bcopy(cmd->iv, buf_pos, ivlen); + buf_pos += ivlen; } if ((cmd->base_masks & (HIFN_BASE_CMD_MAC|HIFN_BASE_CMD_CRYPT)) == 0) { @@ -2161,8 +2230,11 @@ break; case CRYPTO_DES_CBC: case CRYPTO_3DES_CBC: + case CRYPTO_AES_CBC: /* XXX this may read fewer, does it matter? */ - read_random(sc->sc_sessions[i].hs_iv, HIFN_IV_LENGTH); + read_random(sc->sc_sessions[i].hs_iv, + c->cri_alg == CRYPTO_AES_CBC ? + HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH); /*FALLTHROUGH*/ case CRYPTO_ARC4: if (cry) @@ -2211,7 +2283,7 @@ { struct hifn_softc *sc = arg; struct hifn_command *cmd = NULL; - int session, err; + int session, err, ivlen; struct cryptodesc *crd1, *crd2, *maccrd, *enccrd; if (crp == NULL || crp->crp_callback == NULL) { @@ -2259,6 +2331,7 @@ enccrd = NULL; } else if (crd1->crd_alg == CRYPTO_DES_CBC || crd1->crd_alg == CRYPTO_3DES_CBC || + crd1->crd_alg == CRYPTO_AES_CBC || crd1->crd_alg == CRYPTO_ARC4) { if ((crd1->crd_flags & CRD_F_ENCRYPT) == 0) cmd->base_masks |= HIFN_BASE_CMD_DECODE; @@ -2275,6 +2348,7 @@ crd1->crd_alg == CRYPTO_SHA1) && (crd2->crd_alg == CRYPTO_DES_CBC || crd2->crd_alg == CRYPTO_3DES_CBC || + crd2->crd_alg == CRYPTO_AES_CBC || crd2->crd_alg == CRYPTO_ARC4) && ((crd2->crd_flags & CRD_F_ENCRYPT) == 0)) { cmd->base_masks = HIFN_BASE_CMD_DECODE; @@ -2282,7 +2356,8 @@ enccrd = crd2; } else if ((crd1->crd_alg == CRYPTO_DES_CBC || crd1->crd_alg == CRYPTO_ARC4 || - crd1->crd_alg == CRYPTO_3DES_CBC) && + crd1->crd_alg == CRYPTO_3DES_CBC || + crd1->crd_alg == CRYPTO_AES_CBC) && (crd2->crd_alg == CRYPTO_MD5_HMAC || crd2->crd_alg == CRYPTO_SHA1_HMAC || crd2->crd_alg == CRYPTO_MD5 || @@ -2320,48 +2395,72 @@ HIFN_CRYPT_CMD_MODE_CBC | HIFN_CRYPT_CMD_NEW_IV; break; + case CRYPTO_AES_CBC: + cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_AES | + HIFN_CRYPT_CMD_MODE_CBC | + HIFN_CRYPT_CMD_NEW_IV; + break; default: err = EINVAL; goto errout; } if (enccrd->crd_alg != CRYPTO_ARC4) { + ivlen = ((enccrd->crd_alg == CRYPTO_AES_CBC) ? + HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH); if (enccrd->crd_flags & CRD_F_ENCRYPT) { if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) - bcopy(enccrd->crd_iv, cmd->iv, - HIFN_IV_LENGTH); + bcopy(enccrd->crd_iv, cmd->iv, ivlen); else bcopy(sc->sc_sessions[session].hs_iv, - cmd->iv, HIFN_IV_LENGTH); + cmd->iv, ivlen); if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) { if (crp->crp_flags & CRYPTO_F_IMBUF) m_copyback(cmd->src_m, enccrd->crd_inject, - HIFN_IV_LENGTH, cmd->iv); + ivlen, cmd->iv); else if (crp->crp_flags & CRYPTO_F_IOV) cuio_copyback(cmd->src_io, enccrd->crd_inject, - HIFN_IV_LENGTH, cmd->iv); + ivlen, cmd->iv); } } else { if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) - bcopy(enccrd->crd_iv, cmd->iv, - HIFN_IV_LENGTH); + bcopy(enccrd->crd_iv, cmd->iv, ivlen); else if (crp->crp_flags & CRYPTO_F_IMBUF) m_copydata(cmd->src_m, - enccrd->crd_inject, - HIFN_IV_LENGTH, cmd->iv); + enccrd->crd_inject, ivlen, cmd->iv); else if (crp->crp_flags & CRYPTO_F_IOV) cuio_copydata(cmd->src_io, - enccrd->crd_inject, - HIFN_IV_LENGTH, cmd->iv); + enccrd->crd_inject, ivlen, cmd->iv); } } cmd->ck = enccrd->crd_key; cmd->cklen = enccrd->crd_klen >> 3; + /* + * Need to specify the size for the AES key in the masks. + */ + if ((cmd->cry_masks & HIFN_CRYPT_CMD_ALG_MASK) == + HIFN_CRYPT_CMD_ALG_AES) { + switch (cmd->cklen) { + case 16: + cmd->cry_masks |= HIFN_CRYPT_CMD_KSZ_128; + break; + case 24: + cmd->cry_masks |= HIFN_CRYPT_CMD_KSZ_192; + break; + case 32: + cmd->cry_masks |= HIFN_CRYPT_CMD_KSZ_256; + break; + default: + err = EINVAL; + goto errout; + } + } + if (sc->sc_sessions[session].hs_state == HS_STATE_USED) cmd->cry_masks |= HIFN_CRYPT_CMD_NEW_KEY; } @@ -2527,7 +2626,7 @@ struct cryptop *crp = cmd->crp; struct cryptodesc *crd; struct mbuf *m; - int totlen, i, u; + int totlen, i, u, ivlen; if (cmd->src_map == cmd->dst_map) { bus_dmamap_sync(sc->sc_dmat, cmd->src_map, @@ -2587,17 +2686,18 @@ HIFN_BASE_CMD_CRYPT) { for (crd = crp->crp_desc; crd; crd = crd->crd_next) { if (crd->crd_alg != CRYPTO_DES_CBC && - crd->crd_alg != CRYPTO_3DES_CBC) + crd->crd_alg != CRYPTO_3DES_CBC && + crd->crd_alg != CRYPTO_AES_CBC) continue; + ivlen = ((crd->crd_alg == CRYPTO_AES_CBC) ? + HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH); if (crp->crp_flags & CRYPTO_F_IMBUF) m_copydata((struct mbuf *)crp->crp_buf, - crd->crd_skip + crd->crd_len - HIFN_IV_LENGTH, - HIFN_IV_LENGTH, + crd->crd_skip + crd->crd_len - ivlen, ivlen, cmd->softc->sc_sessions[cmd->session_num].hs_iv); else if (crp->crp_flags & CRYPTO_F_IOV) { cuio_copydata((struct uio *)crp->crp_buf, - crd->crd_skip + crd->crd_len - HIFN_IV_LENGTH, - HIFN_IV_LENGTH, + crd->crd_skip + crd->crd_len - ivlen, ivlen, cmd->softc->sc_sessions[cmd->session_num].hs_iv); } break; ==== //depot/projects/netperf/sys/dev/hifn/hifn7751reg.h#3 (text+ko) ==== @@ -63,6 +63,8 @@ #define PCI_PRODUCT_HIFN_6500 0x0006 /* 6500 */ #define PCI_PRODUCT_HIFN_7811 0x0007 /* 7811 */ #define PCI_PRODUCT_HIFN_7951 0x0012 /* 7951 */ +#define PCI_PRODUCT_HIFN_7955 0x0020 /* 7954/7955 */ +#define PCI_PRODUCT_HIFN_7956 0x01d0 /* 7956 */ #define PCI_VENDOR_INVERTEX 0x14e1 /* Invertex */ #define PCI_PRODUCT_INVERTEX_AEON 0x0005 /* AEON */ @@ -210,6 +212,7 @@ #define HIFN_1_DMA_CSR 0x40 /* DMA Status and Control */ #define HIFN_1_DMA_IER 0x44 /* DMA Interrupt Enable */ #define HIFN_1_DMA_CNFG 0x48 /* DMA Configuration */ +#define HIFN_1_PLL 0x4c /* 795x: PLL config */ #define HIFN_1_7811_RNGENA 0x60 /* 7811: rng enable */ #define HIFN_1_7811_RNGCFG 0x64 /* 7811: rng config */ #define HIFN_1_7811_RNGDAT 0x68 /* 7811: rng data */ @@ -369,6 +372,11 @@ #define HIFN_UNLOCK_SECRET1 0xf4 #define HIFN_UNLOCK_SECRET2 0xfc +/* + * PLL config register + */ +#define HIFN_PLL_7956 0x00001d18 /* 7956 PLL config value */ + /********************************************************************* * Structs for board commands * @@ -408,7 +416,8 @@ #define HIFN_CRYPT_CMD_ALG_DES 0x0000 /* DES */ #define HIFN_CRYPT_CMD_ALG_3DES 0x0001 /* 3DES */ #define HIFN_CRYPT_CMD_ALG_RC4 0x0002 /* RC4 */ -#define HIFN_CRYPT_CMD_MODE_MASK 0x0018 /* DES mode: */ +#define HIFN_CRYPT_CMD_ALG_AES 0x0003 /* AES */ +#define HIFN_CRYPT_CMD_MODE_MASK 0x0018 /* Encrypt mode: */ #define HIFN_CRYPT_CMD_MODE_ECB 0x0000 /* ECB */ #define HIFN_CRYPT_CMD_MODE_CBC 0x0008 /* CBC */ #define HIFN_CRYPT_CMD_MODE_CFB 0x0010 /* CFB */ @@ -420,6 +429,11 @@ #define HIFN_CRYPT_CMD_SRCLEN_M 0xc000 #define HIFN_CRYPT_CMD_SRCLEN_S 14 +#define HIFN_CRYPT_CMD_KSZ_MASK 0x0600 /* AES key size: */ +#define HIFN_CRYPT_CMD_KSZ_128 0x0000 /* 128 bit */ +#define HIFN_CRYPT_CMD_KSZ_192 0x0200 /* 192 bit */ +#define HIFN_CRYPT_CMD_KSZ_256 0x0400 /* 256 bit */ + /* * Structure to help build up the command data structure. */ ==== //depot/projects/netperf/sys/dev/hifn/hifn7751var.h#2 (text+ko) ==== @@ -67,6 +67,8 @@ #define HIFN_3DES_KEY_LENGTH 24 #define HIFN_MAX_CRYPT_KEY_LENGTH HIFN_3DES_KEY_LENGTH #define HIFN_IV_LENGTH 8 +#define HIFN_AES_IV_LENGTH 16 +#define HIFN_MAX_IV_LENGTH HIFN_AES_IV_LENGTH /* * Length values for authentication @@ -111,7 +113,7 @@ struct hifn_session { int hs_state; int hs_prev_op; /* XXX collapse into hs_flags? */ - u_int8_t hs_iv[HIFN_IV_LENGTH]; + u_int8_t hs_iv[HIFN_MAX_IV_LENGTH]; }; #define HIFN_RING_SYNC(sc, r, i, f) \ @@ -166,7 +168,9 @@ int sc_flags; #define HIFN_HAS_RNG 0x1 /* includes random number generator */ #define HIFN_HAS_PUBLIC 0x2 /* includes public key support */ -#define HIFN_IS_7811 0x4 /* Hifn 7811 part */ +#define HIFN_HAS_AES 0x4 /* includes AES support */ +#define HIFN_IS_7811 0x8 /* Hifn 7811 part */ +#define HIFN_IS_7956 0x10 /* Hifn 7956/7955 don't have SDRAM */ struct callout sc_rngto; /* for polling RNG */ struct callout sc_tickto; /* for managing DMA */ int sc_rngfirst; @@ -266,7 +270,7 @@ struct hifn_command { u_int16_t session_num; u_int16_t base_masks, cry_masks, mac_masks; - u_int8_t iv[HIFN_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH]; + u_int8_t iv[HIFN_MAX_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH]; int cklen; int sloplen, slopidx;