xref: /illumos-gate/usr/src/uts/common/sys/crypto/dca.h (revision a386cc11a86ecb60f5a48078d22c1500e2ad003e)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #ifndef	_SYS_CRYPTO_DCA_H
28 #define	_SYS_CRYPTO_DCA_H
29 
30 #ifdef	__cplusplus
31 extern "C" {
32 #endif
33 
34 #include <sys/types.h>
35 #include <sys/varargs.h>
36 
37 #include <sys/crypto/spi.h>
38 
39 /*
40  * Deimos - cryptographic acceleration based upon Broadcom 582x.
41  *
42  * Note: Everything in this file is private to the Deimos device
43  *	 driver!  Do not include this in any other file.
44  */
45 
46 #define	DRIVER			"dca"
47 #define	DCA_MANUFACTURER_ID	"SUNWdca"
48 
49 #ifdef _KERNEL
50 
51 /*
52  * Tunables.
53  */
54 #define	MCR1LOWATER	16	/* these numbers favor overall throughput */
55 #define	MCR1HIWATER	24
56 #define	MCR1MAXREQS	8
57 #define	MCR2LOWATER	16
58 #define	MCR2HIWATER	24
59 #define	MCR2MAXREQS	4
60 #define	MAXMCR		2	/* there are 2 mcrs */
61 #define	MAXREQSPERMCR	16	/* there are 4 subunits serviced by MCR2 */
62 #define	MAXFRAGS	6	/* Limit on the number of fragments */
63 #define	MAXWORK		6	/* How many work structures to preallocate */
64 
65 /*
66  * These are constants.  Do not change them.
67  */
68 #if defined(i386) || defined(__i386) || defined(__amd64)
69 #define	MAXPACKET	0xefff	/* rootnex INT_MAX_BUF hack. */
70 #else
71 #define	MAXPACKET	0xffff	/* Max size of a packet or fragment */
72 #endif
73 #define	DESBLOCK	8	/* Size of a DES or 3DES block */
74 #define	DSAPARTLEN	20	/* Size of fixed DSA parts (r, s, q, x, v) */
75 #define	DSASIGLEN	40	/* Size of a DSA signature */
76 #define	SHA1LEN		20	/* Size of a SHA1 hash */
77 #define	SECOND		1000000	/* One second in usec */
78 #define	MSEC		1000	/* One millisecond in usec */
79 #define	DES_KEYSIZE	8
80 #define	DES_IV_LEN	8
81 #define	DES3_KEYSIZE	(3 * DES_KEYSIZE)
82 
83 /*
84  * Mechanism info structure passed to KCF during registration.
85  */
86 
87 #define	MD5_HMAC_BLOCK_SIZE	64	/* MD5-HMAC block size */
88 #define	MD5_HMAC_MIN_KEY_LEN	1	/* MD5-HMAC min key length in bytes */
89 #define	MD5_HMAC_MAX_KEY_LEN	64	/* MD5-HMAC max key length in bytes */
90 
91 #define	SHA1_HMAC_BLOCK_SIZE	64	/* SHA1-HMAC block size */
92 #define	SHA1_HMAC_MIN_KEY_LEN	1	/* SHA1-HMAC min key length in bytes */
93 #define	SHA1_HMAC_MAX_KEY_LEN	64	/* SHA1-HMAC max key length in bytes */
94 
95 #define	DES_KEY_LEN		8	/* DES key length in bytes */
96 #define	DES3_MIN_KEY_LEN	16	/* 3DES min key length in bytes */
97 #define	DES3_MAX_KEY_LEN	24	/* 3DES max key length in bytes */
98 
99 #define	DSA_MIN_KEY_LEN		64	/* DSA min key length in bytes */
100 #define	DSA_MAX_KEY_LEN		128	/* DSA max key length in bytes */
101 
102 #define	RSA_MIN_KEY_LEN		32	/* RSA min key length in bytes */
103 #define	RSA_MAX_KEY_LEN		256	/* RSA max key length in bytes */
104 
105 /*
106  * RSA implementation.
107  */
108 
109 #define	DCA_RSA_ENC	0
110 #define	DCA_RSA_DEC	1
111 #define	DCA_RSA_SIGN	2
112 #define	DCA_RSA_VRFY	3
113 #define	DCA_RSA_SIGNR	4
114 #define	DCA_RSA_VRFYR	5
115 
116 /*
117  * DSA implementation.
118  */
119 
120 #define	DCA_DSA_SIGN	0
121 #define	DCA_DSA_VRFY	1
122 
123 /*
124  * FMA eclass index definitions. Note that this enum must be consistent
125  * with the dca_fma_eclass_sca1000 and dca_fma_eclass_sca500 string arrays.
126  */
127 typedef enum dca_fma_eclass {
128 	DCA_FM_ECLASS_HW_DEVICE = 0,
129 	DCA_FM_ECLASS_HW_TIMEOUT,
130 	DCA_FM_ECLASS_NONE
131 } dca_fma_eclass_t;
132 
133 /*
134  * Forward typedefs.
135  */
136 typedef struct dca dca_t;
137 typedef struct dca_chain dca_chain_t;
138 typedef struct dca_listnode dca_listnode_t;
139 typedef struct dca_worklist dca_worklist_t;
140 typedef struct dca_work dca_work_t;
141 typedef struct dca_request dca_request_t;
142 typedef struct dca_stat dca_stat_t;
143 typedef struct dca_cookie dca_cookie_t;
144 typedef struct dca_device dca_device_t;
145 
146 /*
147  * This structure is used to identify a specific board.
148  */
149 struct dca_device {
150 	ushort_t		dd_vendor_id;
151 	ushort_t		dd_device_id;
152 	char			*dd_model;
153 };
154 
155 /*
156  * Structure representing a node in a DMA chain.  (Broadcom calls
157  * these "Data Buffer Chain Entries".)
158  *
159  * note, this structure must be a multiple of sizeof (intptr_t)
160  */
161 struct dca_chain {
162 	/* the descriptor */
163 	caddr_t			dc_desc_kaddr;
164 	/* and the buffer to which it points */
165 	size_t			dc_buffer_length;
166 	ddi_dma_handle_t	dc_buffer_dmah;
167 	caddr_t			dc_buffer_kaddr;
168 	/* physical addresses */
169 	uint32_t		dc_desc_paddr;
170 	uint32_t		dc_buffer_paddr;
171 	uint32_t		dc_next_paddr;
172 };
173 
174 /*
175  * Linked-list linkage.
176  */
177 struct dca_listnode {
178 	dca_listnode_t		*dl_next;
179 	dca_listnode_t		*dl_prev;
180 	dca_listnode_t		*dl_next2;
181 	dca_listnode_t		*dl_prev2;
182 };
183 
184 typedef enum dca_mech_type {
185 	DES_CBC_MECH_INFO_TYPE,		/* SUN_CKM_DES_CBC */
186 	DES3_CBC_MECH_INFO_TYPE,	/* SUN_CKM_DES3_CBC */
187 	DSA_MECH_INFO_TYPE,		/* SUN_CKM_DSA */
188 	RSA_X_509_MECH_INFO_TYPE,	/* SUN_CKM_RSA_X_509 */
189 	RSA_PKCS_MECH_INFO_TYPE		/* SUN_CKM_RSA_PKCS */
190 } dca_mech_type_t;
191 
192 #define	SUN_CKM_DSA			"CKM_DSA"
193 
194 struct dca_rng {
195 	uint32_t		dr_chunklen;
196 };
197 
198 union dca_parameters {
199 	struct dca_rng		dp_rng;
200 };
201 
202 typedef struct dca_ctx {
203 	/*
204 	 * The following are context fields for Deimos 2.0.
205 	 */
206 	crypto_mech_type_t	ctx_cm_type;	/* Mechanism type */
207 	int			mode;		/* Mode of operation */
208 	int 			atomic;		/* Boolean */
209 
210 	/* Fields for RSA and DSA */
211 	uchar_t			*mod;		/* RSA modulus */
212 	unsigned		modlen;		/* RSA modulus length */
213 	unsigned		pqfix;		/* RSA flag */
214 
215 	/* Fields for DES and 3DES */
216 	uint32_t		iv[2];
217 	uint32_t		key[6];
218 	int			residlen;
219 	uchar_t			resid[DESBLOCK];
220 	int			activeresidlen;
221 	uchar_t			activeresid[DESBLOCK];
222 	crypto_data_t		in_dup;		/* input data duplicate */
223 } dca_ctx_t;
224 
225 /*
226  * Work structure.  One of these per actual job submitted to an MCR.
227  * Contains everything we need to submit the job, and everything we
228  * need to notify caller and release resources when the completion
229  * interrupt comes.
230  */
231 struct dca_request {
232 	dca_listnode_t		dr_linkage;
233 	uint16_t		dr_pkt_length;
234 	crypto_req_handle_t	dr_kcf_req;
235 	dca_t			*dr_dca;
236 	dca_worklist_t		*dr_wlp;
237 	/*
238 	 * Consumer's I/O buffers.
239 	 */
240 	crypto_data_t		*dr_in;
241 	crypto_data_t		*dr_out;
242 	dca_ctx_t		dr_ctx;
243 	/*
244 	 * Chains and DMA structures.
245 	 */
246 	size_t			dr_dma_size;
247 	uint32_t		dr_ctx_paddr;
248 	caddr_t			dr_ctx_kaddr;
249 	ddi_acc_handle_t	dr_ctx_acch;
250 	ddi_dma_handle_t	dr_ctx_dmah;
251 	/*
252 	 * Scratch input buffer.
253 	 */
254 	ddi_acc_handle_t	dr_ibuf_acch;
255 	ddi_dma_handle_t	dr_ibuf_dmah;
256 	caddr_t			dr_ibuf_kaddr;
257 	uint32_t		dr_ibuf_paddr;
258 
259 	/*
260 	 * Scratch output buffer.
261 	 */
262 	ddi_acc_handle_t	dr_obuf_acch;
263 	ddi_dma_handle_t	dr_obuf_dmah;
264 	caddr_t			dr_obuf_kaddr;
265 	uint32_t		dr_obuf_paddr;
266 
267 	/*
268 	 * Values to program MCR with.
269 	 */
270 	uint32_t		dr_in_paddr;
271 	uint32_t		dr_out_paddr;
272 	uint32_t		dr_in_next;
273 	uint32_t		dr_out_next;
274 	uint16_t		dr_in_len;
275 	uint16_t		dr_out_len;
276 	/*
277 	 * Callback.
278 	 */
279 	void			(*dr_callback)(dca_request_t *, int);
280 	/*
281 	 * Other stuff.
282 	 */
283 	uint32_t		dr_flags;
284 	/*
285 	 * Algorithm specific parameters.
286 	 */
287 	void			*dr_context;
288 	union dca_parameters	dr_param;
289 	/*
290 	 * Statistics.
291 	 */
292 	int			dr_job_stat;
293 	int			dr_byte_stat;
294 
295 	/* Pre-mapped input and output data buffer chain support */
296 	dca_chain_t		dr_ibuf_head;
297 	dca_chain_t		dr_obuf_head;
298 
299 	/*
300 	 * User buffers are mapped to DMA handles dynamically. The physically
301 	 * contigous blocks ( >= a page) are built into a data buffer chain.
302 	 */
303 	dca_chain_t		dr_chain_in_head;
304 	ddi_dma_handle_t	dr_chain_in_dmah;
305 
306 	dca_chain_t		dr_chain_out_head;
307 	ddi_dma_handle_t	dr_chain_out_dmah;
308 
309 	/* Offset in the context page for storing dynamic buffer chains */
310 	int			dr_offset;
311 
312 	/* Destroy this request if true */
313 	int			destroy;
314 };
315 
316 /*
317  * Request flags (dca_request_t.dr_flags).
318  */
319 #define	DR_INPLACE		0x002
320 #define	DR_SCATTER		0x004
321 #define	DR_GATHER		0x008
322 #define	DR_NOCACHE		0x020
323 #define	DR_ENCRYPT		0x040
324 #define	DR_DECRYPT		0x080
325 #define	DR_TRIPLE		0x100	/* triple DES vs. single DES */
326 #define	DR_ATOMIC		0x200	/* for atomic operation */
327 
328 struct dca_work {
329 	dca_listnode_t		dw_linkage;
330 	dca_worklist_t		*dw_wlp;
331 
332 	/* DMA access to the MCR and context */
333 	ddi_acc_handle_t	dw_mcr_acch;
334 	ddi_dma_handle_t	dw_mcr_dmah;
335 	caddr_t			dw_mcr_kaddr;
336 	uint32_t		dw_mcr_paddr;
337 
338 	dca_request_t		*dw_reqs[MAXREQSPERMCR];
339 	clock_t			dw_lbolt;
340 };
341 
342 /*
343  * MCRs.
344  */
345 #define	MCR1			0x1
346 #define	MCR2			0x2
347 
348 struct dca_worklist {
349 	dca_t			*dwl_dca;
350 	crypto_kcf_provider_handle_t	dwl_prov;
351 	char			dwl_name[16];
352 	int			dwl_mcr;
353 	kmutex_t		dwl_lock;
354 	kmutex_t		dwl_freelock;
355 	kmutex_t		dwl_freereqslock;
356 	kcondvar_t		dwl_cv;
357 	dca_listnode_t		dwl_freereqs;	/* available requests */
358 	dca_listnode_t		dwl_waitq;	/* requests arrive here */
359 	dca_listnode_t		dwl_freework;	/* available work structures */
360 	dca_listnode_t		dwl_runq;	/* work structs sent to chip */
361 	timeout_id_t		dwl_schedtid;
362 	clock_t			dwl_lastsubmit;
363 	int			dwl_count;
364 	int			dwl_busy;
365 	int			dwl_lowater;
366 	int			dwl_hiwater;
367 	int			dwl_reqspermcr;
368 	int			dwl_drain;	/* for DR (suspend) */
369 	/* Kstats */
370 	u_longlong_t		dwl_submit;
371 	u_longlong_t		dwl_flowctl;
372 };
373 
374 /*
375  * Operations for MCR1 (bulk stuff).
376  */
377 #define	CMD_IPSEC		0x0	/* IPsec packet processing */
378 #define	CMD_SSLMAC		0x1	/* SSL HMAC processing */
379 #define	CMD_TLSMAC		0x2	/* TLS HMAC processing */
380 #define	CMD_3DES		0x3	/* SSL/TLS/raw 3DES processing */
381 #define	CMD_RC4			0x4	/* ARCFOUR procesing */
382 #define	CMD_PUREHASH		0x5	/* Pure MD5/SHA1 hash processing */
383 
384 /*
385  * Operations for MCR2 (key stuff).
386  */
387 #define	CMD_DHPUBLIC		0x1	/* DH public key generation */
388 #define	CMD_DHSHARED		0x2	/* DH shared secret generation */
389 #define	CMD_RSAPUBLIC		0x3	/* RSA public key operation */
390 #define	CMD_RSAPRIVATE		0x4	/* RSA private key operation (CRT) */
391 #define	CMD_DSASIGN		0x5	/* DSA signing operation */
392 #define	CMD_DSAVERIFY		0x6	/* DSA verification operation */
393 #define	CMD_RNGDIRECT		0x41	/* Direct access to the RNG */
394 #define	CMD_RNGSHA1		0x42	/* RNG output processed by SHA1 */
395 #define	CMD_MODADD		0x43	/* Modular add */
396 #define	CMD_MODSUB		0x44	/* Moduler subtract */
397 #define	CMD_MODMUL		0x45	/* Modular multiply */
398 #define	CMD_MODREM		0x46	/* Modular remainder */
399 #define	CMD_MODEXP		0x47	/* Modular exponentiation */
400 #define	CMD_MODINV		0x48	/* Modular inverse */
401 
402 /*
403  * Kstats.
404  */
405 #define	DS_3DESJOBS		0
406 #define	DS_3DESBYTES		1
407 #define	DS_RSAPUBLIC		2
408 #define	DS_RSAPRIVATE		3
409 #define	DS_DSASIGN		4
410 #define	DS_DSAVERIFY		5
411 #define	DS_RNGJOBS		6
412 #define	DS_RNGBYTES		7
413 #define	DS_RNGSHA1JOBS		8
414 #define	DS_RNGSHA1BYTES		9
415 #define	DS_MAX			10
416 
417 #if 0
418 /*
419  * note that when reenabling any of these stats, DS_MAX will need to
420  * be adjusted.
421  */
422 #define	DS_RC4JOBS		11
423 #define	DS_RC4BYTES		12
424 #define	DS_DHPUBLIC		13
425 #define	DS_DHSECRET		14
426 #endif
427 
428 struct dca_stat {
429 	kstat_named_t		ds_status;
430 	kstat_named_t		ds_algs[DS_MAX];
431 	struct {
432 		kstat_named_t	ds_submit;
433 		kstat_named_t	ds_flowctl;
434 		kstat_named_t	ds_lowater;
435 		kstat_named_t	ds_hiwater;
436 		kstat_named_t	ds_maxreqs;
437 	}			ds_mcr[MAXMCR];
438 };
439 
440 /*
441  * Blocking structure for ioctls.
442  */
443 struct dca_cookie {
444 	kmutex_t		dc_mx;
445 	kcondvar_t		dc_cv;
446 	int			dc_outstanding;
447 	int			dc_status;
448 };
449 
450 /*
451  * Per instance structure.
452  */
453 struct dca {
454 	dev_info_t		*dca_dip;
455 	kmutex_t		dca_intrlock;
456 	caddr_t			dca_regs;
457 	ddi_acc_handle_t	dca_regs_handle;
458 	ddi_iblock_cookie_t	dca_icookie;
459 	timeout_id_t		dca_jobtid;
460 	ulong_t			dca_pagesize;
461 	unsigned		dca_flags;	/* dev state flags */
462 
463 	/*
464 	 * Work requests.
465 	 */
466 	dca_worklist_t		dca_worklist[MAXMCR];
467 
468 	/*
469 	 * hardware model
470 	 */
471 	char			*dca_model;
472 	ushort_t		dca_devid;
473 
474 	/*
475 	 * Kstats.  There is no standard for what standards
476 	 * Cryptographic Providers should supply, so we're
477 	 * making them up for now.
478 	 */
479 	kstat_t			*dca_ksp;
480 	kstat_t			*dca_intrstats;
481 	u_longlong_t		dca_stats[DS_MAX];
482 
483 	/* For the local random number pool used internally by the dca driver */
484 	char 			*dca_buf1;
485 	char 			*dca_buf2;
486 	char 			*dca_buf_ptr;
487 	int 			dca_index;
488 	uint32_t 		dca_random_filling;
489 	kmutex_t 		dca_random_lock;
490 
491 	/* FMA capabilities */
492 	int			fm_capabilities;	/* FMA capabilities */
493 
494 	kmutex_t		dca_ctx_list_lock;
495 	dca_listnode_t		dca_ctx_list;
496 };
497 
498 /*
499  * Device flags (dca_t.dca_flags)
500  */
501 #define	DCA_FAILED		0x1
502 #define	DCA_POWERMGMT		0x4
503 #define	DCA_RNGSHA1		0x8
504 
505 #define	KIOIP(dca)		KSTAT_INTR_PTR((dca)->dca_intrstats)
506 
507 /*
508  * Scatter/gather checks.
509  */
510 typedef enum dca_sg_param {
511 	DCA_SG_CONTIG = 1,
512 	DCA_SG_WALIGN,
513 	DCA_SG_PALIGN
514 } dca_sg_param_t;
515 
516 #define	FALSE		0
517 #define	TRUE		1
518 
519 /*
520  * PCI configuration registers.
521  */
522 #define	PCI_VENID		0x00	/* vendor id, 16 bits */
523 #define	PCI_DEVID		0x02	/* device id, 16 bits */
524 #define	PCI_COMM		0x04	/* command, 16 bits */
525 #define	PCI_STATUS		0x06	/* status, 16 bits */
526 #define	PCI_REVID		0x08	/* revision id, 8 bits */
527 #define	PCI_PROGCLASS		0x09	/* programming class, 8 bits */
528 #define	PCI_SUBCLASS		0x0A	/* subclass, 8 bits */
529 #define	PCI_CACHELINESZ		0x0C	/* cache line size, 8 bits */
530 #define	PCI_LATTMR		0x0D	/* latency timer, 8 bits */
531 #define	PCI_BIST		0x0F	/* builtin-self-test, 8 bits */
532 #define	PCI_SUBVENID		0x2C	/* subsystem vendor id, 16 bits */
533 #define	PCI_SUBSYSID		0x2E	/* subsystem id, 16 bits */
534 #define	PCI_MINGNT		0x3E	/* min grant for burst, 8 bits */
535 #define	PCI_MAXLAT		0x3F	/* maximum grant for burst, 8 bits */
536 #define	PCI_TRDYTO		0x40	/* TRDY timeout, 8 bits */
537 #define	PCI_RETRIES		0x41	/* retries bus will perform, 8 bits */
538 
539 /*
540  * PCI configuration register bit values.
541  */
542 #define	PCICOMM_FBBE		0x0200	/* fast back-to-back enable */
543 #define	PCICOMM_SEE		0x0100	/* system error enable */
544 #define	PCICOMM_PEE		0x0040	/* parity error enable */
545 #define	PCICOMM_MWIE		0x0010	/* memory write & invalidate enable */
546 #define	PCICOMM_BME		0x0004	/* bus master enable */
547 #define	PCICOMM_MAE		0x0002	/* memory access enable */
548 
549 #define	PCISTAT_PERR		0x8000	/* parity error detected */
550 #define	PCISTAT_SERR		0x4000	/* system error detected */
551 #define	PCISTAT_MABRT		0x2000	/* master abort detected */
552 #define	PCISTAT_TABRT		0x1000	/* target abort detected */
553 #define	PCISTAT_TABRTS		0x0800	/* target abort signaled */
554 #define	PCISTAT_PARITY		0x0100	/* data parity error detected */
555 
556 #define	PCIREVID_DOMESTIC	0x01	/* domestic version */
557 #define	PCIREVID_EXPORT		0xE1	/* export version */
558 
559 /* Note: 5820 errata: BIST feature does not work */
560 #define	PCIBIST_CAP		0x80	/* BIST capable */
561 #define	PCIBIST_START		0x40	/* start BIST test */
562 #define	PCIBIST_ERRMASK		0x0F	/* mask of BIST error codes */
563 
564 /*
565  * Command and Status Registers.
566  */
567 #define	CSR_MCR1		0x00	/* pointer to MCR1 (bulk) */
568 #define	CSR_DMACTL		0x04	/* DMA control */
569 #define	CSR_DMASTAT		0x08	/* DMA status */
570 #define	CSR_DMAEA		0x0C	/* DMA error address */
571 #define	CSR_MCR2		0x10	/* pointer to MCR2 (exponentiator) */
572 
573 /*
574  * Command and status register bits.
575  */
576 #define	DMACTL_RESET		0x80000000U	/* reset the chip */
577 #define	DMACTL_MCR2IE		0x40000000U	/* MCR2 interrupt enable */
578 #define	DMACTL_MCR1IE		0x20000000U	/* MCR1 interrupt enable */
579 #define	DMACTL_OFM		0x10000000U	/* output fragment mode */
580 #define	DMACTL_BE32		0x08000000U	/* 32-bit big endian mode */
581 #define	DMACTL_BE64		0x04000000U	/* 64-bit big endian mode */
582 #define	DMACTL_EIE		0x02000000U	/* error interrupt enable */
583 #define	DMACTL_RNGMASK		0x01800000U	/* RNG mode mask */
584 #define	DMACTL_RNG1		0x00000000U	/* 1 RNG bit per cycle */
585 #define	DMACTL_RNG4		0x00800000U	/* 1 RNG bit per 4 cycles */
586 #define	DMACTL_RNG8		0x01000000U	/* 1 RNG bit per 8 cycles */
587 #define	DMACTL_RNG16		0x01800000U	/* 1 RNG bit per 16 cycles */
588 #define	DMACTL_MODNORM		0x00400000U	/* s/w modulus normalization */
589 #define	DMACTL_RD256		0x00020000U	/* 256 byte read DMA size */
590 #define	DMACTL_FRAGMASK		0x0000FFFFU	/* output fragment size */
591 
592 #define	DMASTAT_MAIP		0x80000000U	/* master access in progress */
593 #define	DMASTAT_MCR1FULL	0x40000000U	/* MCR1 is full */
594 #define	DMASTAT_MCR1INT		0x20000000U	/* MCR1 interrupted */
595 #define	DMASTAT_ERRINT		0x10000000U	/* error interrupted */
596 #define	DMASTAT_MCR2FULL	0x08000000U	/* MCR2 is full */
597 #define	DMASTAT_MCR2INT		0x04000000U	/* MCR2 interrupted */
598 #define	DMASTAT_INTERRUPTS	0x34000000U	/* all interrupts */
599 
600 /*
601  * Offsets of things relative to an MCR.
602  */
603 #define	MCR_COUNT	0	/* 16 bits */
604 #define	MCR_FLAGS	2	/* 16 bits */
605 #define	MCR_CTXADDR	4	/* 32 bits */
606 
607 /*
608  * Basis for size (should be optimized by constant folding):
609  *	4 bytes for flags and #packets.
610  *	for each packet:
611  *		2 descriptors (DESC_SIZE)
612  *		4 bytes for context address
613  *		4 bytes for packet length and reserved
614  */
615 #define	MCR_SIZE	(4 + MAXREQSPERMCR * ((2 * DESC_SIZE) + 8))
616 
617 /*
618  * MCR flags.
619  */
620 #define	MCRFLAG_FINISHED	0x0001		/* MCR processing complete */
621 #define	MCRFLAG_ERROR		0x0002		/* set if an error occured */
622 #define	MCRFLAG_ERRORMASK	0xff00		/* error code bits */
623 
624 /*
625  * Fields within a descriptor (data buffer chain).
626  */
627 #define	DESC_BUFADDR	0	/* 32 bits */
628 #define	DESC_NEXT	4	/* 32 bits */
629 #define	DESC_LENGTH	8	/* 16 bits */
630 #define	DESC_RSVD	10	/* 16 bits */
631 #define	DESC_SIZE	16	/* ROUNDUP(12, 16) - descriptor size (bytes) */
632 
633 /*
634  * Offsets of fields within context structures, see Broadcom spec.
635  */
636 #define	CTX_LENGTH		0	/* 16 bits */
637 #define	CTX_CMD			2	/* 16 bits */
638 #define	CTX_MAXLENGTH		768	/* max size of ctx, fits anything */
639 
640 #define	CTX_3DESDIRECTION	4	/* 16 bits */
641 #define	CTX_3DESKEY1HI		8	/* 32 bits */
642 #define	CTX_3DESKEY1LO		12	/* 32 bits */
643 #define	CTX_3DESKEY2HI		16	/* 32 bits */
644 #define	CTX_3DESKEY2LO		20	/* 32 bits */
645 #define	CTX_3DESKEY3HI		24	/* 32 bits */
646 #define	CTX_3DESKEY3LO		28	/* 32 bits */
647 #define	CTX_3DESIVHI		32	/* 32 bits */
648 #define	CTX_3DESIVLO		36	/* 32 bits */
649 
650 #define	CTX_IPSECFLAGS		4	/* 16 bits */
651 #define	CTX_IPSECOFFSET		6	/* 16 bits */
652 #define	CTX_IPSECKEY1HI		8	/* 32 bits */
653 #define	CTX_IPSECKEY1LO		12	/* 32 bits */
654 #define	CTX_IPSECKEY2HI		16	/* 32 bits */
655 #define	CTX_IPSECKEY2LO		20	/* 32 bits */
656 #define	CTX_IPSECKEY3HI		24	/* 32 bits */
657 #define	CTX_IPSECKEY3LO		28	/* 32 bits */
658 #define	CTX_IPSECIVHI		32	/* 32 bits */
659 #define	CTX_IPSECIVLO		36	/* 32 bits */
660 #define	CTX_IPSECHMACINNER1	40	/* 32 bits */
661 #define	CTX_IPSECHMACINNER2	44	/* 32 bits */
662 #define	CTX_IPSECHMACINNER3	48	/* 32 bits */
663 #define	CTX_IPSECHMACINNER4	52	/* 32 bits */
664 #define	CTX_IPSECHMACINNER5	56	/* 32 bits */
665 #define	CTX_IPSECHMACOUTER1	60	/* 32 bits */
666 #define	CTX_IPSECHMACOUTER2	64	/* 32 bits */
667 #define	CTX_IPSECHMACOUTER3	68	/* 32 bits */
668 #define	CTX_IPSECHMACOUTER4	72	/* 32 bits */
669 #define	CTX_IPSECHMACOUTER5	76	/* 32 bits */
670 
671 #define	CTX_RSAEXPLEN		4	/* 16 bits */
672 #define	CTX_RSAMODLEN		6	/* 16 bits */
673 #define	CTX_RSABIGNUMS		8	/* variable length */
674 #define	CTX_RSAQLEN		4	/* 16 bits */
675 #define	CTX_RSAPLEN		6	/* 16 bits */
676 
677 #define	CTX_DSAMSGTYPE		4	/* 16 bits */
678 #define	CTX_DSARSVD		6	/* 16 bits */
679 #define	CTX_DSARNG		8	/* 16 bits */
680 #define	CTX_DSAPLEN		10	/* 16 bits */
681 #define	CTX_DSABIGNUMS		12	/* variable length */
682 
683 /*
684  * Values for specific operations.
685  */
686 #define	CTX_RNG_LENGTH		64	/* context length for RNG (64 min) */
687 #define	CTX_3DES_LENGTH		64	/* context length for 3DES (64 min) */
688 #define	CTX_3DES_DECRYPT	0x4000	/* perform decryption */
689 #define	CTX_3DES_ENCRYPT	0x0000	/* perform encryption */
690 #define	CTX_IPSEC_LENGTH	80	/* context length for IPsec */
691 #define	CTX_IPSEC_ENCRYPT	0x8000	/* perform encryption */
692 #define	CTX_IPSEC_DECRYPT	0xc000	/* perform decryption */
693 #define	CTX_IPSEC_HMAC_MD5	0x1000	/* HMAC-MD5 authentication */
694 #define	CTX_IPSEC_HMAC_SHA1	0x2000	/* HMAC-MD5 authentication */
695 #define	CTX_DSAMSGTYPE_SHA1	0	/* Message is SHA1 */
696 #define	CTX_DSAMSGTYPE_TEXT	1	/* Generate SHA1 hash first */
697 #define	CTX_DSARNG_GEN		1	/* Generate random k */
698 #define	CTX_DSARNG_SUPPLY	0	/* Random k is supplied */
699 
700 /*
701  * Macros to access fields within the MCR.  Note that this includes the
702  * context fields as well, since the context is just offset from the
703  * base of the MCR.
704  */
705 
706 #define	PUTMCR32(work, reg, val)	\
707 	ddi_put32(work->dw_mcr_acch,	\
708 	(uint32_t *)(work->dw_mcr_kaddr + reg), val)
709 
710 #define	PUTMCR16(work, reg, val)	\
711 	ddi_put16(work->dw_mcr_acch,	\
712 	(uint16_t *)(work->dw_mcr_kaddr + reg), val)
713 
714 #define	GETMCR32(work, reg)	\
715 	ddi_get32(work->dw_mcr_acch, (uint32_t *)(work->dw_mcr_kaddr + reg))
716 
717 #define	GETMCR16(work, reg)	\
718 	ddi_get16(work->dw_mcr_acch, (uint16_t *)(work->dw_mcr_kaddr + reg))
719 
720 #define	PUTDESC32(req, dc_desc_kaddr, reg, val)	\
721 	ddi_put32(req->dr_ctx_acch,	\
722 	(uint32_t *)(dc_desc_kaddr + reg), val)
723 
724 #define	PUTDESC16(req, dc_desc_kaddr, reg, val)	\
725 	ddi_put16(req->dr_ctx_acch,	\
726 	(uint16_t *)(dc_desc_kaddr + reg), val)
727 
728 /* XXX: define the GET forms for descriptors only if needed */
729 
730 #define	PUTCTX32(req, reg, val)	\
731 	ddi_put32(req->dr_ctx_acch,	\
732 	(uint32_t *)(req->dr_ctx_kaddr + reg), val)
733 
734 #define	PUTCTX16(req, reg, val)	\
735 	ddi_put16(req->dr_ctx_acch,	\
736 	(uint16_t *)(req->dr_ctx_kaddr + reg), val)
737 
738 #define	CTXBCOPY(req, src, dst, count)	\
739 	ddi_rep_put8(req->dr_ctx_acch, (uchar_t *)src, (uchar_t *)dst, count, \
740 	DDI_DEV_AUTOINCR)
741 
742 /*
743  * Register access.
744  */
745 #define	GETCSR(dca, reg)	\
746 	ddi_get32(dca->dca_regs_handle, (uint_t *)(dca->dca_regs + reg))
747 
748 #define	PUTCSR(dca, reg, val)	\
749 	ddi_put32(dca->dca_regs_handle, (uint_t *)(dca->dca_regs + reg), val)
750 
751 #define	SETBIT(dca, reg, val)	\
752 	PUTCSR(dca, reg, GETCSR(dca, reg) | val)
753 
754 #define	CLRBIT(dca, reg, val)	\
755 	PUTCSR(dca, reg, GETCSR(dca, reg) & ~val)
756 
757 /*
758  * Used to guarantee alignment.
759  */
760 #define	ROUNDUP(a, n)	(((a) + ((n) - 1)) & ~((n) - 1))
761 #define	ROUNDDOWN(a, n)	(((a) & ~((n) - 1)))
762 #define	HIDBLWORD(x)	(((x) & 0xffffffff00000000ULL) >> 32)
763 #define	LODBLWORD(x)	((x) & 0xffffffffULL)
764 
765 /*
766  * Driver hardening related.
767  */
768 #define	CHECK_REGS(dca)	ddi_check_acc_handle(dca->dca_regs_handle)
769 
770 /*
771  * Other utility macros.
772  */
773 #define	QEMPTY(q)	((q)->dl_next == (q))
774 #define	BITS2BYTES(b)	((b) >> 3)
775 #define	WORKLIST(dca, mcr)	(&((dca)->dca_worklist[mcr - 1]))
776 
777 /*
778  * Debug stuff.
779  */
780 #ifdef	DEBUG
781 #define	DWARN		0x0001
782 #define	DPCI		0x0002
783 #define	DINTR		0x0004
784 #define	DSTART		0x0008
785 #define	DRECLAIM	0x0010
786 #define	DCHATTY		0x0020
787 #define	DMOD		0x0040	/* _init/_fini/_info/attach/detach */
788 #define	DENTRY		0x0080	/* crypto routine entry/exit points */
789 
790 void	dca_dprintf(dca_t *, int, const char *, ...);
791 #define	DBG	dca_dprintf
792 #else
793 #define	DBG(dca, lvl, ...)
794 #endif
795 
796 /*
797  * Some pkcs#11 defines as there are no pkcs#11 header files included.
798  */
799 #define	CKO_PUBLIC_KEY		0x00000002
800 #define	CKO_PRIVATE_KEY		0x00000003
801 
802 #define	CKA_CLASS		0x00000000
803 #define	CKA_VALUE		0x00000011
804 #define	CKA_KEY_TYPE		0x00000100
805 #define	CKA_MODULUS		0x00000120
806 #define	CKA_PUBLIC_EXPONENT	0x00000122
807 #define	CKA_PRIVATE_EXPONENT	0x00000123
808 #define	CKA_PRIME_1		0x00000124
809 #define	CKA_PRIME_2		0x00000125
810 #define	CKA_EXPONENT_1		0x00000126
811 #define	CKA_EXPONENT_2		0x00000127
812 #define	CKA_COEFFICIENT		0x00000128
813 #define	CKA_PRIME		0x00000130
814 #define	CKA_SUBPRIME		0x00000131
815 #define	CKA_BASE		0x00000132
816 /*
817  * Driver globals.
818  */
819 extern int	dca_mindma;
820 extern int	dca_hardening;
821 
822 /*
823  * Prototypes.
824  */
825 
826 /*
827  * dca_debug.c
828  */
829 void	dca_error(dca_t *, const char *, ...);
830 void	dca_diperror(dev_info_t *, const char *, ...);
831 void	dca_dipverror(dev_info_t *, const char *, va_list);
832 /*
833  * dca_3des.c
834  */
835 int	dca_3desctxinit(crypto_ctx_t *, crypto_mechanism_t *, crypto_key_t *,
836     int, int);
837 int	dca_3des(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
838     crypto_req_handle_t, int);
839 int	dca_3desupdate(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
840     crypto_req_handle_t, int);
841 int	dca_3desfinal(crypto_ctx_t *, crypto_data_t *, int);
842 int	dca_3desatomic(crypto_provider_handle_t, crypto_session_id_t,
843     crypto_mechanism_t *, crypto_key_t *, crypto_data_t *, crypto_data_t *,
844     int, crypto_req_handle_t, int);
845 void	dca_3desctxfree(void *);
846 
847 /*
848  * dca_rsa.c
849  */
850 int	dca_rsastart(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
851     crypto_req_handle_t, int);
852 int	dca_rsainit(crypto_ctx_t *, crypto_mechanism_t *, crypto_key_t *, int);
853 void	dca_rsactxfree(void *);
854 int	dca_rsaatomic(crypto_provider_handle_t, crypto_session_id_t,
855     crypto_mechanism_t *, crypto_key_t *, crypto_data_t *, crypto_data_t *,
856     int, crypto_req_handle_t, int);
857 
858 /*
859  * dca_dsa.c
860  */
861 int	dca_dsa_sign(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
862     crypto_req_handle_t);
863 int	dca_dsa_verify(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
864     crypto_req_handle_t);
865 int	dca_dsainit(crypto_ctx_t *, crypto_mechanism_t *, crypto_key_t *, int,
866     int);
867 void	dca_dsactxfree(void *);
868 int	dca_dsaatomic(crypto_provider_handle_t, crypto_session_id_t,
869     crypto_mechanism_t *, crypto_key_t *, crypto_data_t *, crypto_data_t *,
870     int, crypto_req_handle_t, int);
871 
872 /*
873  * dca_rng.c
874  */
875 int	dca_rng(dca_t *, uchar_t *, size_t len, crypto_req_handle_t);
876 int	dca_random_buffer(dca_t *dca, caddr_t buf, int len);
877 int	dca_random_init();
878 void	dca_random_fini();
879 
880 /*
881  * dca_kstat.c
882  */
883 void	dca_ksinit(dca_t *);
884 /*
885  * dca.c
886  */
887 void	dca_rmqueue(dca_listnode_t *);
888 dca_request_t *dca_getreq(dca_t *, int, int);
889 void	dca_freereq(dca_request_t *);
890 int	dca_bindchains(dca_request_t *, size_t, size_t);
891 int	dca_unbindchains(dca_request_t *);
892 int	dca_start(dca_t *, dca_request_t *, int, int);
893 void	dca_done(dca_request_t *, int);
894 void	dca_destroyreq(dca_request_t *);
895 int	dca_length(crypto_data_t *);
896 int	dca_gather(crypto_data_t *, char *, int, int);
897 int	dca_resid_gather(crypto_data_t *, char *, int *, char *, int);
898 int	dca_scatter(const char *, crypto_data_t *, int, int);
899 int	dca_bcmp_reverse(const void *s1, const void *s2, size_t n);
900 int	dca_dupcrypto(crypto_data_t *, crypto_data_t *);
901 int	dca_verifyio(crypto_data_t *, crypto_data_t *);
902 int	dca_getbufbytes(crypto_data_t *, size_t, int, uchar_t *);
903 int	dca_sgcheck(dca_t *, crypto_data_t *, dca_sg_param_t);
904 crypto_object_attribute_t *
905 	dca_get_key_attr(crypto_key_t *);
906 int	dca_attr_lookup_uint32(crypto_object_attribute_t *, uint_t, uint64_t,
907 	    uint32_t *);
908 int	dca_attr_lookup_uint8_array(crypto_object_attribute_t *, uint_t,
909 	    uint64_t, void **, unsigned int *);
910 crypto_object_attribute_t *
911 	dca_find_attribute(crypto_object_attribute_t *, uint_t, uint64_t);
912 caddr_t	dca_bufdaddr(crypto_data_t *);
913 void	dca_rcoalesce(dca_request_t *, int);
914 void	dca_runcoalesce(dca_request_t *);
915 int	dca_bitlen(unsigned char *, int);
916 uint16_t dca_padhalf(int);
917 uint16_t dca_padfull(int);
918 void	dca_reverse(void *, void *, int, int);
919 int	dca_numcmp(caddr_t, int, caddr_t, int);
920 int dca_check_dma_handle(dca_t *dca, ddi_dma_handle_t handle,
921 	dca_fma_eclass_t eclass_index);
922 int dca_free_context(crypto_ctx_t *ctx);
923 
924 #endif	/* _KERNEL */
925 
926 #ifdef	__cplusplus
927 }
928 #endif
929 
930 #endif	/* _SYS_CRYPTO_DCA_H */
931