OpenWrt XBurst

OpenWrt XBurst Git Source Tree

Root/target/linux/generic/files/crypto/ocf/ubsec_ssb/ubsec_ssb.c

1
2	/*
3	* Copyright (c) 2008 Daniel Mueller (daniel@danm.de)
4	* Copyright (c) 2007 David McCullough (david_mccullough@securecomputing.com)
5	* Copyright (c) 2000 Jason L. Wright (jason@thought.net)
6	* Copyright (c) 2000 Theo de Raadt (deraadt@openbsd.org)
7	* Copyright (c) 2001 Patrik Lindergren (patrik@ipunplugged.com)
8	*
9	* Redistribution and use in source and binary forms, with or without
10	* modification, are permitted provided that the following conditions
11	* are met:
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	* 2. Redistributions in binary form must reproduce the above copyright
15	* notice, this list of conditions and the following disclaimer in the
16	* documentation and/or other materials provided with the distribution.
17	*
18	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
21	* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
22	* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
23	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
24	* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
27	* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28	* POSSIBILITY OF SUCH DAMAGE.
29	*
30	* Effort sponsored in part by the Defense Advanced Research Projects
31	* Agency (DARPA) and Air Force Research Laboratory, Air Force
32	* Materiel Command, USAF, under agreement number F30602-01-2-0537.
33	*
34	*/
35	#undef UBSEC_DEBUG
36	#undef UBSEC_VERBOSE_DEBUG
37
38	#ifdef UBSEC_VERBOSE_DEBUG
39	#define UBSEC_DEBUG
40	#endif
41
42	/*
43	* uBsec BCM5365 hardware crypto accelerator
44	*/
45
46	#include <linux/kernel.h>
47	#include <linux/module.h>
48	#include <linux/moduleparam.h>
49	#include <linux/proc_fs.h>
50	#include <linux/types.h>
51	#include <linux/init.h>
52	#include <linux/delay.h>
53	#include <linux/interrupt.h>
54	#include <linux/fs.h>
55	#include <linux/random.h>
56	#include <linux/skbuff.h>
57	#include <linux/stat.h>
58	#include <asm/io.h>
59
60	#include <linux/ssb/ssb.h>
61
62	/*
63	* BSD queue
64	*/
65	//#include "bsdqueue.h"
66
67	/*
68	* OCF
69	*/
70	#include <cryptodev.h>
71	#include <uio.h>
72
73	#define HMAC_HACK 1
74
75	#define HMAC_HACK 1
76	#ifdef HMAC_HACK
77	#include <safe/hmachack.h>
78	#include <safe/md5.h>
79	#include <safe/md5.c>
80	#include <safe/sha1.h>
81	#include <safe/sha1.c>
82	#endif
83
84	#include "bsdqueue.h"
85	#include "ubsecreg.h"
86	#include "ubsecvar.h"
87
88	#define DRV_MODULE_NAME "ubsec_ssb"
89	#define PFX DRV_MODULE_NAME ": "
90	#define DRV_MODULE_VERSION "0.02"
91	#define DRV_MODULE_RELDATE "Feb 21, 2009"
92
93	#if 1
94	#define DPRINTF(a...) \
95	if (debug) \
96	{ \
97	printk(DRV_MODULE_NAME ": " a); \
98	}
99	#else
100	#define DPRINTF(a...)
101	#endif
102
103	/*
104	* Prototypes
105	*/
106	static irqreturn_t ubsec_ssb_isr(int, void , struct pt_regs );
107	static int __devinit ubsec_ssb_probe(struct ssb_device *sdev,
108	const struct ssb_device_id *ent);
109	static void __devexit ubsec_ssb_remove(struct ssb_device *sdev);
110	int ubsec_attach(struct ssb_device sdev, const struct ssb_device_id ent,
111	struct device *self);
112	static void ubsec_setup_mackey(struct ubsec_session *ses, int algo,
113	caddr_t key, int klen);
114	static int dma_map_skb(struct ubsec_softc *sc,
115	struct ubsec_dma_alloc* q_map, struct sk_buff skb, int mlen);
116	static int dma_map_uio(struct ubsec_softc *sc,
117	struct ubsec_dma_alloc q_map, struct uio uio, int *mlen);
118	static void dma_unmap(struct ubsec_softc *sc,
119	struct ubsec_dma_alloc *q_map, int mlen);
120	static int ubsec_dmamap_aligned(struct ubsec_softc *sc,
121	const struct ubsec_dma_alloc *q_map, int mlen);
122
123	#ifdef UBSEC_DEBUG
124	static int proc_read(char buf, char *start, off_t offset,
125	int size, int peof, void data);
126	#endif
127
128	void ubsec_reset_board(struct ubsec_softc *);
129	void ubsec_init_board(struct ubsec_softc *);
130	void ubsec_cleanchip(struct ubsec_softc *);
131	void ubsec_totalreset(struct ubsec_softc *);
132	int ubsec_free_q(struct ubsec_softc, struct ubsec_q );
133
134	static int ubsec_newsession(device_t, u_int32_t , struct cryptoini );
135	static int ubsec_freesession(device_t, u_int64_t);
136	static int ubsec_process(device_t, struct cryptop *, int);
137
138	void ubsec_callback(struct ubsec_softc , struct ubsec_q );
139	void ubsec_feed(struct ubsec_softc *);
140	void ubsec_mcopy(struct sk_buff , struct sk_buff , int, int);
141	void ubsec_dma_free(struct ubsec_softc , struct ubsec_dma_alloc );
142	int ubsec_dma_malloc(struct ubsec_softc , struct ubsec_dma_alloc ,
143	size_t, int);
144
145	/* DEBUG crap... */
146	void ubsec_dump_pb(struct ubsec_pktbuf *);
147	void ubsec_dump_mcr(struct ubsec_mcr *);
148
149	#define READ_REG(sc,r) \
150	ssb_read32((sc)->sdev, (r));
151	#define WRITE_REG(sc,r,val) \
152	ssb_write32((sc)->sdev, (r), (val));
153	#define READ_REG_SDEV(sdev,r) \
154	ssb_read32((sdev), (r));
155	#define WRITE_REG_SDEV(sdev,r,val) \
156	ssb_write32((sdev), (r), (val));
157
158	#define SWAP32(x) (x) = htole32(ntohl((x)))
159	#define HTOLE32(x) (x) = htole32(x)
160
161	#ifdef __LITTLE_ENDIAN
162	#define letoh16(x) (x)
163	#define letoh32(x) (x)
164	#endif
165
166	static int debug;
167	module_param(debug, int, 0644);
168	MODULE_PARM_DESC(debug, "Enable debug output");
169
170	#define UBSEC_SSB_MAX_CHIPS 1
171	static struct ubsec_softc *ubsec_chip_idx[UBSEC_SSB_MAX_CHIPS];
172	static struct ubsec_stats ubsecstats;
173
174	#ifdef UBSEC_DEBUG
175	static struct proc_dir_entry *procdebug;
176	#endif
177
178	static struct ssb_device_id ubsec_ssb_tbl[] = {
179	/* Broadcom BCM5365P IPSec Core */
180	SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_IPSEC, SSB_ANY_REV),
181	SSB_DEVTABLE_END
182	};
183
184	static struct ssb_driver ubsec_ssb_driver = {
185	.name = DRV_MODULE_NAME,
186	.id_table = ubsec_ssb_tbl,
187	.probe = ubsec_ssb_probe,
188	.remove = __devexit_p(ubsec_ssb_remove),
189	/*
190	.suspend = ubsec_ssb_suspend,
191	.resume = ubsec_ssb_resume
192	*/
193	};
194
195	static device_method_t ubsec_ssb_methods = {
196	/* crypto device methods */
197	DEVMETHOD(cryptodev_newsession, ubsec_newsession),
198	DEVMETHOD(cryptodev_freesession,ubsec_freesession),
199	DEVMETHOD(cryptodev_process, ubsec_process),
200	};
201
202	#ifdef UBSEC_DEBUG
203	static int
204	proc_read(char buf, char *start, off_t offset,
205	int size, int peof, void data)
206	{
207	int i = 0, byteswritten = 0, ret;
208	unsigned int stat, ctrl;
209	#ifdef UBSEC_VERBOSE_DEBUG
210	struct ubsec_q *q;
211	struct ubsec_dma *dmap;
212	#endif
213
214	while ((i < UBSEC_SSB_MAX_CHIPS) && (ubsec_chip_idx[i] != NULL))
215	{
216	struct ubsec_softc *sc = ubsec_chip_idx[i];
217
218	stat = READ_REG(sc, BS_STAT);
219	ctrl = READ_REG(sc, BS_CTRL);
220	ret = snprintf((buf + byteswritten),
221	(size - byteswritten) ,
222	"DEV %d, DMASTAT %08x, DMACTRL %08x\n", i, stat, ctrl);
223
224	byteswritten += ret;
225
226	#ifdef UBSEC_VERBOSE_DEBUG
227	printf("DEV %d, DMASTAT %08x, DMACTRL %08x\n", i, stat, ctrl);
228
229	/* Dump all queues MCRs */
230	if (!BSD_SIMPLEQ_EMPTY(&sc->sc_qchip)) {
231	BSD_SIMPLEQ_FOREACH(q, &sc->sc_qchip, q_next)
232	{
233	dmap = q->q_dma;
234	ubsec_dump_mcr(&dmap->d_dma->d_mcr);
235	}
236	}
237	#endif
238
239	i++;
240	}
241
242	*peof = 1;
243
244	return byteswritten;
245	}
246	#endif
247
248	/*
249	* map in a given sk_buff
250	*/
251	static int
252	dma_map_skb(struct ubsec_softc sc, struct ubsec_dma_alloc q_map, struct sk_buff skb, int mlen)
253	{
254	int i = 0;
255	dma_addr_t tmp;
256
257	#ifdef UBSEC_DEBUG
258	DPRINTF("%s()\n", __FUNCTION__);
259	#endif
260
261	/*
262	* We support only a limited number of fragments.
263	*/
264	if (unlikely((skb_shinfo(skb)->nr_frags + 1) >= UBS_MAX_SCATTER))
265	{
266	printk(KERN_ERR "Only %d scatter fragments are supported.\n", UBS_MAX_SCATTER);
267	return (-ENOMEM);
268	}
269
270	#ifdef UBSEC_VERBOSE_DEBUG
271	DPRINTF("%s - map %d 0x%x %d\n", __FUNCTION__, 0, (unsigned int)skb->data, skb_headlen(skb));
272	#endif
273
274	/* first data package */
275	tmp = dma_map_single(sc->sc_dv,
276	skb->data,
277	skb_headlen(skb),
278	DMA_BIDIRECTIONAL);
279
280	q_map[i].dma_paddr = tmp;
281	q_map[i].dma_vaddr = skb->data;
282	q_map[i].dma_size = skb_headlen(skb);
283
284	if (unlikely(tmp == 0))
285	{
286	printk(KERN_ERR "Could not map memory region for dma.\n");
287	return (-EINVAL);
288	}
289
290	#ifdef UBSEC_VERBOSE_DEBUG
291	DPRINTF("%s - map %d done physical addr 0x%x\n", __FUNCTION__, 0, (unsigned int)tmp);
292	#endif
293
294
295	/* all other data packages */
296	for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) {
297
298	#ifdef UBSEC_VERBOSE_DEBUG
299	DPRINTF("%s - map %d 0x%x %d\n", __FUNCTION__, i + 1,
300	(unsigned int)page_address(skb_frag_page(&skb_shinfo(skb)->frags[i])) +
301	skb_shinfo(skb)->frags[i].page_offset, skb_shinfo(skb)->frags[i].size);
302	#endif
303
304	tmp = dma_map_single(sc->sc_dv,
305	page_address(skb_frag_page(&skb_shinfo(skb)->frags[i])) +
306	skb_shinfo(skb)->frags[i].page_offset,
307	skb_shinfo(skb)->frags[i].size,
308	DMA_BIDIRECTIONAL);
309
310	q_map[i + 1].dma_paddr = tmp;
311	q_map[i + 1].dma_vaddr = (void*)(page_address(skb_frag_page(&skb_shinfo(skb)->frags[i])) +
312	skb_shinfo(skb)->frags[i].page_offset);
313	q_map[i + 1].dma_size = skb_shinfo(skb)->frags[i].size;
314
315	if (unlikely(tmp == 0))
316	{
317	printk(KERN_ERR "Could not map memory region for dma.\n");
318	return (-EINVAL);
319	}
320
321	#ifdef UBSEC_VERBOSE_DEBUG
322	DPRINTF("%s - map %d done physical addr 0x%x\n", __FUNCTION__, i + 1, (unsigned int)tmp);
323	#endif
324
325	}
326	*mlen = i + 1;
327
328	return(0);
329	}
330
331	/*
332	* map in a given uio buffer
333	*/
334
335	static int
336	dma_map_uio(struct ubsec_softc sc, struct ubsec_dma_alloc q_map, struct uio uio, int mlen)
337	{
338	struct iovec *iov = uio->uio_iov;
339	int n;
340	dma_addr_t tmp;
341
342	#ifdef UBSEC_DEBUG
343	DPRINTF("%s()\n", __FUNCTION__);
344	#endif
345
346	/*
347	* We support only a limited number of fragments.
348	*/
349	if (unlikely(uio->uio_iovcnt >= UBS_MAX_SCATTER))
350	{
351	printk(KERN_ERR "Only %d scatter fragments are supported.\n", UBS_MAX_SCATTER);
352	return (-ENOMEM);
353	}
354
355	for (n = 0; n < uio->uio_iovcnt; n++) {
356	#ifdef UBSEC_VERBOSE_DEBUG
357	DPRINTF("%s - map %d 0x%x %d\n", __FUNCTION__, n, (unsigned int)iov->iov_base, iov->iov_len);
358	#endif
359	tmp = dma_map_single(sc->sc_dv,
360	iov->iov_base,
361	iov->iov_len,
362	DMA_BIDIRECTIONAL);
363
364	q_map[n].dma_paddr = tmp;
365	q_map[n].dma_vaddr = iov->iov_base;
366	q_map[n].dma_size = iov->iov_len;
367
368	if (unlikely(tmp == 0))
369	{
370	printk(KERN_ERR "Could not map memory region for dma.\n");
371	return (-EINVAL);
372	}
373
374	#ifdef UBSEC_VERBOSE_DEBUG
375	DPRINTF("%s - map %d done physical addr 0x%x\n", __FUNCTION__, n, (unsigned int)tmp);
376	#endif
377
378	iov++;
379	}
380	*mlen = n;
381
382	return(0);
383	}
384
385	static void
386	dma_unmap(struct ubsec_softc sc, struct ubsec_dma_alloc q_map, int mlen)
387	{
388	int i;
389
390	#ifdef UBSEC_DEBUG
391	DPRINTF("%s()\n", __FUNCTION__);
392	#endif
393
394	for(i = 0; i < mlen; i++)
395	{
396	#ifdef UBSEC_VERBOSE_DEBUG
397	DPRINTF("%s - unmap %d 0x%x %d\n", __FUNCTION__, i, (unsigned int)q_map[i].dma_paddr, q_map[i].dma_size);
398	#endif
399	dma_unmap_single(sc->sc_dv,
400	q_map[i].dma_paddr,
401	q_map[i].dma_size,
402	DMA_BIDIRECTIONAL);
403	}
404	return;
405	}
406
407	/*
408	* Is the operand suitable aligned for direct DMA. Each
409	* segment must be aligned on a 32-bit boundary and all
410	* but the last segment must be a multiple of 4 bytes.
411	*/
412	static int
413	ubsec_dmamap_aligned(struct ubsec_softc sc, const struct ubsec_dma_alloc q_map, int mlen)
414	{
415	int i;
416
417	#ifdef UBSEC_DEBUG
418	DPRINTF("%s()\n", __FUNCTION__);
419	#endif
420
421	for (i = 0; i < mlen; i++) {
422	if (q_map[i].dma_paddr & 3)
423	return (0);
424	if (i != (mlen - 1) && (q_map[i].dma_size & 3))
425	return (0);
426	}
427	return (1);
428	}
429
430
431	#define N(a) (sizeof(a) / sizeof (a[0]))
432	static void
433	ubsec_setup_mackey(struct ubsec_session *ses, int algo, caddr_t key, int klen)
434	{
435	#ifdef HMAC_HACK
436	MD5_CTX md5ctx;
437	SHA1_CTX sha1ctx;
438	int i;
439
440	#ifdef UBSEC_DEBUG
441	DPRINTF("%s()\n", __FUNCTION__);
442	#endif
443
444	for (i = 0; i < klen; i++)
445	key[i] ^= HMAC_IPAD_VAL;
446
447	if (algo == CRYPTO_MD5_HMAC) {
448	MD5Init(&md5ctx);
449	MD5Update(&md5ctx, key, klen);
450	MD5Update(&md5ctx, hmac_ipad_buffer, MD5_HMAC_BLOCK_LEN - klen);
451	bcopy(md5ctx.md5_st8, ses->ses_hminner, sizeof(md5ctx.md5_st8));
452	} else {
453	SHA1Init(&sha1ctx);
454	SHA1Update(&sha1ctx, key, klen);
455	SHA1Update(&sha1ctx, hmac_ipad_buffer,
456	SHA1_HMAC_BLOCK_LEN - klen);
457	bcopy(sha1ctx.h.b32, ses->ses_hminner, sizeof(sha1ctx.h.b32));
458	}
459
460	for (i = 0; i < klen; i++)
461	key[i] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL);
462
463	if (algo == CRYPTO_MD5_HMAC) {
464	MD5Init(&md5ctx);
465	MD5Update(&md5ctx, key, klen);
466	MD5Update(&md5ctx, hmac_opad_buffer, MD5_HMAC_BLOCK_LEN - klen);
467	bcopy(md5ctx.md5_st8, ses->ses_hmouter, sizeof(md5ctx.md5_st8));
468	} else {
469	SHA1Init(&sha1ctx);
470	SHA1Update(&sha1ctx, key, klen);
471	SHA1Update(&sha1ctx, hmac_opad_buffer,
472	SHA1_HMAC_BLOCK_LEN - klen);
473	bcopy(sha1ctx.h.b32, ses->ses_hmouter, sizeof(sha1ctx.h.b32));
474	}
475
476	for (i = 0; i < klen; i++)
477	key[i] ^= HMAC_OPAD_VAL;
478
479	#else /* HMAC_HACK */
480	DPRINTF("md5/sha not implemented\n");
481	#endif /* HMAC_HACK */
482	}
483	#undef N
484
485	static int
486	__devinit ubsec_ssb_probe(struct ssb_device *sdev,
487	const struct ssb_device_id *ent)
488	{
489	int err;
490
491	#ifdef UBSEC_DEBUG
492	DPRINTF("%s()\n", __FUNCTION__);
493	#endif
494
495	err = ssb_bus_powerup(sdev->bus, 0);
496	if (err) {
497	dev_err(sdev->dev, "Failed to powerup the bus\n");
498	goto err_out;
499	}
500
501	err = request_irq(sdev->irq, (irq_handler_t)ubsec_ssb_isr,
502	IRQF_DISABLED \| IRQF_SHARED, DRV_MODULE_NAME, sdev);
503	if (err) {
504	dev_err(sdev->dev, "Could not request irq\n");
505	goto err_out_powerdown;
506	}
507
508	#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,36))
509	err = dma_set_mask(sdev->dma_dev, DMA_BIT_MASK(32)) \|\|
510	dma_set_coherent_mask(sdev->dma_dev, DMA_BIT_MASK(32));
511	#else
512	err = ssb_dma_set_mask(sdev, DMA_32BIT_MASK);
513	#endif
514	if (err) {
515	dev_err(sdev->dev,
516	"Required 32BIT DMA mask unsupported by the system.\n");
517	goto err_out_free_irq;
518	}
519
520	printk(KERN_INFO "Sentry5(tm) ROBOGateway(tm) IPSec Core at IRQ %u\n",
521	sdev->irq);
522
523	DPRINTF("Vendor: %x, core id: %x, revision: %x\n",
524	sdev->id.vendor, sdev->id.coreid, sdev->id.revision);
525
526	ssb_device_enable(sdev, 0);
527
528	if (ubsec_attach(sdev, ent, sdev->dev) != 0)
529	goto err_out_disable;
530
531	#ifdef UBSEC_DEBUG
532	procdebug = create_proc_entry(DRV_MODULE_NAME, S_IRUSR, NULL);
533	if (procdebug)
534	{
535	procdebug->read_proc = proc_read;
536	procdebug->data = NULL;
537	} else
538	DPRINTF("Unable to create proc file.\n");
539	#endif
540
541	return 0;
542
543	err_out_disable:
544	ssb_device_disable(sdev, 0);
545
546	err_out_free_irq:
547	free_irq(sdev->irq, sdev);
548
549	err_out_powerdown:
550	ssb_bus_may_powerdown(sdev->bus);
551
552	err_out:
553	return err;
554	}
555
556	static void __devexit ubsec_ssb_remove(struct ssb_device *sdev) {
557
558	struct ubsec_softc *sc;
559	unsigned int ctrlflgs;
560	struct ubsec_dma *dmap;
561	u_int32_t i;
562
563	#ifdef UBSEC_DEBUG
564	DPRINTF("%s()\n", __FUNCTION__);
565	#endif
566
567	ctrlflgs = READ_REG_SDEV(sdev, BS_CTRL);
568	/* disable all IPSec Core interrupts globally */
569	ctrlflgs ^= (BS_CTRL_MCR1INT \| BS_CTRL_MCR2INT \|
570	BS_CTRL_DMAERR);
571	WRITE_REG_SDEV(sdev, BS_CTRL, ctrlflgs);
572
573	free_irq(sdev->irq, sdev);
574
575	sc = (struct ubsec_softc *)ssb_get_drvdata(sdev);
576
577	/* unregister all crypto algorithms */
578	crypto_unregister_all(sc->sc_cid);
579
580	/* Free queue / dma memory */
581	for (i = 0; i < UBS_MAX_NQUEUE; i++) {
582	struct ubsec_q *q;
583
584	q = sc->sc_queuea[i];
585	if (q != NULL)
586	{
587	dmap = q->q_dma;
588	if (dmap != NULL)
589	{
590	ubsec_dma_free(sc, &dmap->d_alloc);
591	q->q_dma = NULL;
592	}
593	kfree(q);
594	}
595	sc->sc_queuea[i] = NULL;
596	}
597
598	ssb_device_disable(sdev, 0);
599	ssb_bus_may_powerdown(sdev->bus);
600	ssb_set_drvdata(sdev, NULL);
601
602	#ifdef UBSEC_DEBUG
603	if (procdebug)
604	remove_proc_entry(DRV_MODULE_NAME, NULL);
605	#endif
606
607	}
608
609
610	int
611	ubsec_attach(struct ssb_device sdev, const struct ssb_device_id ent,
612	struct device *self)
613	{
614	struct ubsec_softc *sc = NULL;
615	struct ubsec_dma *dmap;
616	u_int32_t i;
617	static int num_chips = 0;
618
619	#ifdef UBSEC_DEBUG
620	DPRINTF("%s()\n", __FUNCTION__);
621	#endif
622
623	sc = (struct ubsec_softc ) kmalloc(sizeof(sc), GFP_KERNEL);
624	if (!sc)
625	return(-ENOMEM);
626	memset(sc, 0, sizeof(*sc));
627
628	sc->sc_dv = sdev->dev;
629	sc->sdev = sdev;
630
631	spin_lock_init(&sc->sc_ringmtx);
632
633	softc_device_init(sc, "ubsec_ssb", num_chips, ubsec_ssb_methods);
634
635	/* Maybe someday there are boards with more than one chip available */
636	if (num_chips < UBSEC_SSB_MAX_CHIPS) {
637	ubsec_chip_idx[device_get_unit(sc->sc_dev)] = sc;
638	num_chips++;
639	}
640
641	ssb_set_drvdata(sdev, sc);
642
643	BSD_SIMPLEQ_INIT(&sc->sc_queue);
644	BSD_SIMPLEQ_INIT(&sc->sc_qchip);
645	BSD_SIMPLEQ_INIT(&sc->sc_queue2);
646	BSD_SIMPLEQ_INIT(&sc->sc_qchip2);
647	BSD_SIMPLEQ_INIT(&sc->sc_q2free);
648
649	sc->sc_statmask = BS_STAT_MCR1_DONE \| BS_STAT_DMAERR;
650
651	sc->sc_cid = crypto_get_driverid(softc_get_device(sc), CRYPTOCAP_F_HARDWARE);
652	if (sc->sc_cid < 0) {
653	device_printf(sc->sc_dev, "could not get crypto driver id\n");
654	return -1;
655	}
656
657	BSD_SIMPLEQ_INIT(&sc->sc_freequeue);
658	dmap = sc->sc_dmaa;
659	for (i = 0; i < UBS_MAX_NQUEUE; i++, dmap++) {
660	struct ubsec_q *q;
661
662	q = (struct ubsec_q *)kmalloc(sizeof(struct ubsec_q), GFP_KERNEL);
663	if (q == NULL) {
664	printf(": can't allocate queue buffers\n");
665	break;
666	}
667
668	if (ubsec_dma_malloc(sc, &dmap->d_alloc, sizeof(struct ubsec_dmachunk),0)) {
669	printf(": can't allocate dma buffers\n");
670	kfree(q);
671	break;
672	}
673	dmap->d_dma = (struct ubsec_dmachunk *)dmap->d_alloc.dma_vaddr;
674
675	q->q_dma = dmap;
676	sc->sc_queuea[i] = q;
677
678	BSD_SIMPLEQ_INSERT_TAIL(&sc->sc_freequeue, q, q_next);
679	}
680
681	/*
682	* Reset Broadcom chip
683	*/
684	ubsec_reset_board(sc);
685
686	/*
687	* Init Broadcom chip
688	*/
689	ubsec_init_board(sc);
690
691	/* supported crypto algorithms */
692	crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0);
693	crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0);
694
695	if (sc->sc_flags & UBS_FLAGS_AES) {
696	crypto_register(sc->sc_cid, CRYPTO_AES_CBC, 0, 0);
697	printf(KERN_INFO DRV_MODULE_NAME ": DES 3DES AES128 AES192 AES256 MD5_HMAC SHA1_HMAC\n");
698	}
699	else
700	printf(KERN_INFO DRV_MODULE_NAME ": DES 3DES MD5_HMAC SHA1_HMAC\n");
701
702	crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0);
703	crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0);
704
705	return 0;
706	}
707
708	/*
709	* UBSEC Interrupt routine
710	*/
711	static irqreturn_t
712	ubsec_ssb_isr(int irq, void arg, struct pt_regs regs)
713	{
714	struct ubsec_softc *sc = NULL;
715	volatile u_int32_t stat;
716	struct ubsec_q *q;
717	struct ubsec_dma *dmap;
718	int npkts = 0, i;
719
720	#ifdef UBSEC_VERBOSE_DEBUG
721	DPRINTF("%s()\n", __FUNCTION__);
722	#endif
723
724	sc = (struct ubsec_softc *)ssb_get_drvdata(arg);
725
726	stat = READ_REG(sc, BS_STAT);
727
728	stat &= sc->sc_statmask;
729	if (stat == 0)
730	return IRQ_NONE;
731
732	WRITE_REG(sc, BS_STAT, stat); /* IACK */
733
734	/*
735	* Check to see if we have any packets waiting for us
736	*/
737	if ((stat & BS_STAT_MCR1_DONE)) {
738	while (!BSD_SIMPLEQ_EMPTY(&sc->sc_qchip)) {
739	q = BSD_SIMPLEQ_FIRST(&sc->sc_qchip);
740	dmap = q->q_dma;
741
742	if ((dmap->d_dma->d_mcr.mcr_flags & htole16(UBS_MCR_DONE)) == 0)
743	{
744	DPRINTF("error while processing MCR. Flags = %x\n", dmap->d_dma->d_mcr.mcr_flags);
745	break;
746	}
747
748	BSD_SIMPLEQ_REMOVE_HEAD(&sc->sc_qchip, q_next);
749
750	npkts = q->q_nstacked_mcrs;
751	/*
752	* search for further sc_qchip ubsec_q's that share
753	* the same MCR, and complete them too, they must be
754	* at the top.
755	*/
756	for (i = 0; i < npkts; i++) {
757	if(q->q_stacked_mcr[i])
758	ubsec_callback(sc, q->q_stacked_mcr[i]);
759	else
760	break;
761	}
762	ubsec_callback(sc, q);
763	}
764
765	/*
766	* Don't send any more packet to chip if there has been
767	* a DMAERR.
768	*/
769	if (likely(!(stat & BS_STAT_DMAERR)))
770	ubsec_feed(sc);
771	else
772	DPRINTF("DMA error occurred. Stop feeding crypto chip.\n");
773	}
774
775	/*
776	* Check to see if we got any DMA Error
777	*/
778	if (stat & BS_STAT_DMAERR) {
779	volatile u_int32_t a = READ_REG(sc, BS_ERR);
780
781	printf(KERN_ERR "%s: dmaerr %s@%08x\n", DRV_MODULE_NAME,
782	(a & BS_ERR_READ) ? "read" : "write", a & BS_ERR_ADDR);
783
784	ubsecstats.hst_dmaerr++;
785	ubsec_totalreset(sc);
786	ubsec_feed(sc);
787	}
788
789	return IRQ_HANDLED;
790	}
791
792	/*
793	* ubsec_feed() - aggregate and post requests to chip
794	* It is assumed that the caller set splnet()
795	*/
796	void
797	ubsec_feed(struct ubsec_softc *sc)
798	{
799	#ifdef UBSEC_VERBOSE_DEBUG
800	static int max;
801	#endif
802	struct ubsec_q q, q2;
803	int npkts, i;
804	void *v;
805	u_int32_t stat;
806
807	npkts = sc->sc_nqueue;
808	if (npkts > UBS_MAX_AGGR)
809	npkts = UBS_MAX_AGGR;
810	if (npkts < 2)
811	goto feed1;
812
813	stat = READ_REG(sc, BS_STAT);
814
815	if (stat & (BS_STAT_MCR1_FULL \| BS_STAT_DMAERR)) {
816	if(stat & BS_STAT_DMAERR) {
817	ubsec_totalreset(sc);
818	ubsecstats.hst_dmaerr++;
819	}
820	return;
821	}
822
823	#ifdef UBSEC_VERBOSE_DEBUG
824	DPRINTF("merging %d records\n", npkts);
825
826	/* XXX temporary aggregation statistics reporting code */
827	if (max < npkts) {
828	max = npkts;
829	DPRINTF("%s: new max aggregate %d\n", DRV_MODULE_NAME, max);
830	}
831	#endif /* UBSEC_VERBOSE_DEBUG */
832
833	q = BSD_SIMPLEQ_FIRST(&sc->sc_queue);
834	BSD_SIMPLEQ_REMOVE_HEAD(&sc->sc_queue, q_next);
835	--sc->sc_nqueue;
836
837	#if 0
838	/*
839	* XXX
840	* We use dma_map_single() - no sync required!
841	*/
842
843	bus_dmamap_sync(sc->sc_dmat, q->q_src_map,
844	0, q->q_src_map->dm_mapsize, BUS_DMASYNC_PREWRITE);
845	if (q->q_dst_map != NULL)
846	bus_dmamap_sync(sc->sc_dmat, q->q_dst_map,
847	0, q->q_dst_map->dm_mapsize, BUS_DMASYNC_PREREAD);
848	#endif
849
850	q->q_nstacked_mcrs = npkts - 1; /* Number of packets stacked */
851
852	for (i = 0; i < q->q_nstacked_mcrs; i++) {
853	q2 = BSD_SIMPLEQ_FIRST(&sc->sc_queue);
854
855	#if 0
856	bus_dmamap_sync(sc->sc_dmat, q2->q_src_map,
857	0, q2->q_src_map->dm_mapsize, BUS_DMASYNC_PREWRITE);
858	if (q2->q_dst_map != NULL)
859	bus_dmamap_sync(sc->sc_dmat, q2->q_dst_map,
860	0, q2->q_dst_map->dm_mapsize, BUS_DMASYNC_PREREAD);
861	#endif
862	BSD_SIMPLEQ_REMOVE_HEAD(&sc->sc_queue, q_next);
863	--sc->sc_nqueue;
864
865	v = ((char *)&q2->q_dma->d_dma->d_mcr) + sizeof(struct ubsec_mcr) -
866	sizeof(struct ubsec_mcr_add);
867	bcopy(v, &q->q_dma->d_dma->d_mcradd[i], sizeof(struct ubsec_mcr_add));
868	q->q_stacked_mcr[i] = q2;
869	}
870	q->q_dma->d_dma->d_mcr.mcr_pkts = htole16(npkts);
871	BSD_SIMPLEQ_INSERT_TAIL(&sc->sc_qchip, q, q_next);
872	#if 0
873	bus_dmamap_sync(sc->sc_dmat, q->q_dma->d_alloc.dma_map,
874	0, q->q_dma->d_alloc.dma_map->dm_mapsize,
875	BUS_DMASYNC_PREREAD \| BUS_DMASYNC_PREWRITE);
876	#endif
877	WRITE_REG(sc, BS_MCR1, q->q_dma->d_alloc.dma_paddr +
878	offsetof(struct ubsec_dmachunk, d_mcr));
879	#ifdef UBSEC_VERBOSE_DEBUG
880	DPRINTF("feed (1): q->chip %p %08x %08x\n", q,
881	(u_int32_t)q->q_dma->d_alloc.dma_paddr,
882	(u_int32_t)(q->q_dma->d_alloc.dma_paddr +
883	offsetof(struct ubsec_dmachunk, d_mcr)));
884	#endif /* UBSEC_DEBUG */
885	return;
886
887	feed1:
888	while (!BSD_SIMPLEQ_EMPTY(&sc->sc_queue)) {
889	stat = READ_REG(sc, BS_STAT);
890
891	if (stat & (BS_STAT_MCR1_FULL \| BS_STAT_DMAERR)) {
892	if(stat & BS_STAT_DMAERR) {
893	ubsec_totalreset(sc);
894	ubsecstats.hst_dmaerr++;
895	}
896	break;
897	}
898
899	q = BSD_SIMPLEQ_FIRST(&sc->sc_queue);
900
901	#if 0
902	bus_dmamap_sync(sc->sc_dmat, q->q_src_map,
903	0, q->q_src_map->dm_mapsize, BUS_DMASYNC_PREWRITE);
904	if (q->q_dst_map != NULL)
905	bus_dmamap_sync(sc->sc_dmat, q->q_dst_map,
906	0, q->q_dst_map->dm_mapsize, BUS_DMASYNC_PREREAD);
907	bus_dmamap_sync(sc->sc_dmat, q->q_dma->d_alloc.dma_map,
908	0, q->q_dma->d_alloc.dma_map->dm_mapsize,
909	BUS_DMASYNC_PREREAD \| BUS_DMASYNC_PREWRITE);
910	#endif
911
912	WRITE_REG(sc, BS_MCR1, q->q_dma->d_alloc.dma_paddr +
913	offsetof(struct ubsec_dmachunk, d_mcr));
914	#ifdef UBSEC_VERBOSE_DEBUG
915	DPRINTF("feed (2): q->chip %p %08x %08x\n", q,
916	(u_int32_t)q->q_dma->d_alloc.dma_paddr,
917	(u_int32_t)(q->q_dma->d_alloc.dma_paddr +
918	offsetof(struct ubsec_dmachunk, d_mcr)));
919	#endif /* UBSEC_DEBUG */
920	BSD_SIMPLEQ_REMOVE_HEAD(&sc->sc_queue, q_next);
921	--sc->sc_nqueue;
922	BSD_SIMPLEQ_INSERT_TAIL(&sc->sc_qchip, q, q_next);
923	}
924	}
925
926	/*
927	* Allocate a new 'session' and return an encoded session id. 'sidp'
928	* contains our registration id, and should contain an encoded session
929	* id on successful allocation.
930	*/
931	static int
932	ubsec_newsession(device_t dev, u_int32_t sidp, struct cryptoini cri)
933	{
934	struct cryptoini c, encini = NULL, *macini = NULL;
935	struct ubsec_softc *sc = NULL;
936	struct ubsec_session *ses = NULL;
937	int sesn, i;
938
939	#ifdef UBSEC_DEBUG
940	DPRINTF("%s()\n", __FUNCTION__);
941	#endif
942
943	if (sidp == NULL \|\| cri == NULL)
944	return (EINVAL);
945
946	sc = device_get_softc(dev);
947
948	if (sc == NULL)
949	return (EINVAL);
950
951	for (c = cri; c != NULL; c = c->cri_next) {
952	if (c->cri_alg == CRYPTO_MD5_HMAC \|\|
953	c->cri_alg == CRYPTO_SHA1_HMAC) {
954	if (macini)
955	return (EINVAL);
956	macini = c;
957	} else if (c->cri_alg == CRYPTO_DES_CBC \|\|
958	c->cri_alg == CRYPTO_3DES_CBC \|\|
959	c->cri_alg == CRYPTO_AES_CBC) {
960	if (encini)
961	return (EINVAL);
962	encini = c;
963	} else
964	return (EINVAL);
965	}
966	if (encini == NULL && macini == NULL)
967	return (EINVAL);
968
969	if (sc->sc_sessions == NULL) {
970	ses = sc->sc_sessions = (struct ubsec_session *)kmalloc(
971	sizeof(struct ubsec_session), SLAB_ATOMIC);
972	if (ses == NULL)
973	return (ENOMEM);
974	memset(ses, 0, sizeof(struct ubsec_session));
975	sesn = 0;
976	sc->sc_nsessions = 1;
977	} else {
978	for (sesn = 0; sesn < sc->sc_nsessions; sesn++) {
979	if (sc->sc_sessions[sesn].ses_used == 0) {
980	ses = &sc->sc_sessions[sesn];
981	break;
982	}
983	}
984
985	if (ses == NULL) {
986	sesn = sc->sc_nsessions;
987	ses = (struct ubsec_session )kmalloc((sesn + 1)
988	sizeof(struct ubsec_session), SLAB_ATOMIC);
989	if (ses == NULL)
990	return (ENOMEM);
991	memset(ses, 0, (sesn + 1) * sizeof(struct ubsec_session));
992	bcopy(sc->sc_sessions, ses, sesn *
993	sizeof(struct ubsec_session));
994	bzero(sc->sc_sessions, sesn *
995	sizeof(struct ubsec_session));
996	kfree(sc->sc_sessions);
997	sc->sc_sessions = ses;
998	ses = &sc->sc_sessions[sesn];
999	sc->sc_nsessions++;
1000	}
1001	}
1002
1003	bzero(ses, sizeof(struct ubsec_session));
1004	ses->ses_used = 1;
1005	if (encini) {
1006	/* get an IV */
1007	/* XXX may read fewer than requested */
1008	read_random(ses->ses_iv, sizeof(ses->ses_iv));
1009
1010	/* Go ahead and compute key in ubsec's byte order */
1011	if (encini->cri_alg == CRYPTO_DES_CBC) {
1012	/* DES uses the same key three times:
1013	* 1st encrypt -> 2nd decrypt -> 3nd encrypt */
1014	bcopy(encini->cri_key, &ses->ses_key[0], 8);
1015	bcopy(encini->cri_key, &ses->ses_key[2], 8);
1016	bcopy(encini->cri_key, &ses->ses_key[4], 8);
1017	ses->ses_keysize = 192; /* Fake! Actually its only 64bits ..
1018	oh no it is even less: 54bits. */
1019	} else if(encini->cri_alg == CRYPTO_3DES_CBC) {
1020	bcopy(encini->cri_key, ses->ses_key, 24);
1021	ses->ses_keysize = 192;
1022	} else if(encini->cri_alg == CRYPTO_AES_CBC) {
1023	ses->ses_keysize = encini->cri_klen;
1024
1025	if (ses->ses_keysize != 128 &&
1026	ses->ses_keysize != 192 &&
1027	ses->ses_keysize != 256)
1028	{
1029	DPRINTF("unsupported AES key size: %d\n", ses->ses_keysize);
1030	return (EINVAL);
1031	}
1032	bcopy(encini->cri_key, ses->ses_key, (ses->ses_keysize / 8));
1033	}
1034
1035	/* Hardware requires the keys in little endian byte order */
1036	for (i=0; i < (ses->ses_keysize / 32); i++)
1037	SWAP32(ses->ses_key[i]);
1038	}
1039
1040	if (macini) {
1041	ses->ses_mlen = macini->cri_mlen;
1042
1043	if (ses->ses_mlen == 0 \|\|
1044	ses->ses_mlen > SHA1_HASH_LEN) {
1045
1046	if (macini->cri_alg == CRYPTO_MD5_HMAC \|\|
1047	macini->cri_alg == CRYPTO_SHA1_HMAC)
1048	{
1049	ses->ses_mlen = DEFAULT_HMAC_LEN;
1050	} else
1051	{
1052	/*
1053	* Reserved for future usage. MD5/SHA1 calculations have
1054	* different hash sizes.
1055	*/
1056	printk(KERN_ERR DRV_MODULE_NAME ": unsupported hash operation with mac/hash len: %d\n", ses->ses_mlen);
1057	return (EINVAL);
1058	}
1059
1060	}
1061
1062	if (macini->cri_key != NULL) {
1063	ubsec_setup_mackey(ses, macini->cri_alg, macini->cri_key,
1064	macini->cri_klen / 8);
1065	}
1066	}
1067
1068	*sidp = UBSEC_SID(device_get_unit(sc->sc_dev), sesn);
1069	return (0);
1070	}
1071
1072	/*
1073	* Deallocate a session.
1074	*/
1075	static int
1076	ubsec_freesession(device_t dev, u_int64_t tid)
1077	{
1078	struct ubsec_softc *sc = device_get_softc(dev);
1079	int session;
1080	u_int32_t sid = ((u_int32_t)tid) & 0xffffffff;
1081
1082	#ifdef UBSEC_DEBUG
1083	DPRINTF("%s()\n", __FUNCTION__);
1084	#endif
1085
1086	if (sc == NULL)
1087	return (EINVAL);
1088
1089	session = UBSEC_SESSION(sid);
1090	if (session < sc->sc_nsessions) {
1091	bzero(&sc->sc_sessions[session], sizeof(sc->sc_sessions[session]));
1092	return (0);
1093	} else
1094	return (EINVAL);
1095	}
1096
1097	static int
1098	ubsec_process(device_t dev, struct cryptop *crp, int hint)
1099	{
1100	struct ubsec_q *q = NULL;
1101	int err = 0, i, j, nicealign;
1102	struct ubsec_softc *sc = device_get_softc(dev);
1103	struct cryptodesc crd1, crd2, maccrd, enccrd;
1104	int encoffset = 0, macoffset = 0, cpskip, cpoffset;
1105	int sskip, dskip, stheend, dtheend, ivsize = 8;
1106	int16_t coffset;
1107	struct ubsec_session *ses;
1108	struct ubsec_generic_ctx ctx;
1109	struct ubsec_dma *dmap = NULL;
1110	unsigned long flags;
1111
1112	#ifdef UBSEC_DEBUG
1113	DPRINTF("%s()\n", __FUNCTION__);
1114	#endif
1115
1116	if (unlikely(crp == NULL \|\| crp->crp_callback == NULL)) {
1117	ubsecstats.hst_invalid++;
1118	return (EINVAL);
1119	}
1120
1121	if (unlikely(sc == NULL))
1122	return (EINVAL);
1123
1124	#ifdef UBSEC_VERBOSE_DEBUG
1125	DPRINTF("spin_lock_irqsave\n");
1126	#endif
1127	spin_lock_irqsave(&sc->sc_ringmtx, flags);
1128	//spin_lock_irq(&sc->sc_ringmtx);
1129
1130	if (BSD_SIMPLEQ_EMPTY(&sc->sc_freequeue)) {
1131	ubsecstats.hst_queuefull++;
1132	#ifdef UBSEC_VERBOSE_DEBUG
1133	DPRINTF("spin_unlock_irqrestore\n");
1134	#endif
1135	spin_unlock_irqrestore(&sc->sc_ringmtx, flags);
1136	//spin_unlock_irq(&sc->sc_ringmtx);
1137	err = ENOMEM;
1138	goto errout2;
1139	}
1140
1141	q = BSD_SIMPLEQ_FIRST(&sc->sc_freequeue);
1142	BSD_SIMPLEQ_REMOVE_HEAD(&sc->sc_freequeue, q_next);
1143	#ifdef UBSEC_VERBOSE_DEBUG
1144	DPRINTF("spin_unlock_irqrestore\n");
1145	#endif
1146	spin_unlock_irqrestore(&sc->sc_ringmtx, flags);
1147	//spin_unlock_irq(&sc->sc_ringmtx);
1148
1149	dmap = q->q_dma; /* Save dma pointer */
1150	bzero(q, sizeof(struct ubsec_q));
1151	bzero(&ctx, sizeof(ctx));
1152
1153	q->q_sesn = UBSEC_SESSION(crp->crp_sid);
1154	q->q_dma = dmap;
1155	ses = &sc->sc_sessions[q->q_sesn];
1156
1157	if (crp->crp_flags & CRYPTO_F_SKBUF) {
1158	q->q_src_m = (struct sk_buff *)crp->crp_buf;
1159	q->q_dst_m = (struct sk_buff *)crp->crp_buf;
1160	} else if (crp->crp_flags & CRYPTO_F_IOV) {
1161	q->q_src_io = (struct uio *)crp->crp_buf;
1162	q->q_dst_io = (struct uio *)crp->crp_buf;
1163	} else {
1164	err = EINVAL;
1165	goto errout; /* XXX we don't handle contiguous blocks! */
1166	}
1167
1168	bzero(&dmap->d_dma->d_mcr, sizeof(struct ubsec_mcr));
1169
1170	dmap->d_dma->d_mcr.mcr_pkts = htole16(1);
1171	dmap->d_dma->d_mcr.mcr_flags = 0;
1172	q->q_crp = crp;
1173
1174	crd1 = crp->crp_desc;
1175	if (crd1 == NULL) {
1176	err = EINVAL;
1177	goto errout;
1178	}
1179	crd2 = crd1->crd_next;
1180
1181	if (crd2 == NULL) {
1182	if (crd1->crd_alg == CRYPTO_MD5_HMAC \|\|
1183	crd1->crd_alg == CRYPTO_SHA1_HMAC) {
1184	maccrd = crd1;
1185	enccrd = NULL;
1186	} else if (crd1->crd_alg == CRYPTO_DES_CBC \|\|
1187	crd1->crd_alg == CRYPTO_3DES_CBC \|\|
1188	crd1->crd_alg == CRYPTO_AES_CBC) {
1189	maccrd = NULL;
1190	enccrd = crd1;
1191	} else {
1192	err = EINVAL;
1193	goto errout;
1194	}
1195	} else {
1196	if ((crd1->crd_alg == CRYPTO_MD5_HMAC \|\|
1197	crd1->crd_alg == CRYPTO_SHA1_HMAC) &&
1198	(crd2->crd_alg == CRYPTO_DES_CBC \|\|
1199	crd2->crd_alg == CRYPTO_3DES_CBC \|\|
1200	crd2->crd_alg == CRYPTO_AES_CBC) &&
1201	((crd2->crd_flags & CRD_F_ENCRYPT) == 0)) {
1202	maccrd = crd1;
1203	enccrd = crd2;
1204	} else if ((crd1->crd_alg == CRYPTO_DES_CBC \|\|
1205	crd1->crd_alg == CRYPTO_3DES_CBC \|\|
1206	crd1->crd_alg == CRYPTO_AES_CBC) &&
1207	(crd2->crd_alg == CRYPTO_MD5_HMAC \|\|
1208	crd2->crd_alg == CRYPTO_SHA1_HMAC) &&
1209	(crd1->crd_flags & CRD_F_ENCRYPT)) {
1210	enccrd = crd1;
1211	maccrd = crd2;
1212	} else {
1213	/*
1214	* We cannot order the ubsec as requested
1215	*/
1216	printk(KERN_ERR DRV_MODULE_NAME ": got wrong algorithm/signature order.\n");
1217	err = EINVAL;
1218	goto errout;
1219	}
1220	}
1221
1222	/* Encryption/Decryption requested */
1223	if (enccrd) {
1224	encoffset = enccrd->crd_skip;
1225
1226	if (enccrd->crd_alg == CRYPTO_DES_CBC \|\|
1227	enccrd->crd_alg == CRYPTO_3DES_CBC)
1228	{
1229	ctx.pc_flags \|= htole16(UBS_PKTCTX_ENC_3DES);
1230	ctx.pc_type = htole16(UBS_PKTCTX_TYPE_IPSEC_DES);
1231	ivsize = 8; /* [3]DES uses 64bit IVs */
1232	} else {
1233	ctx.pc_flags \|= htole16(UBS_PKTCTX_ENC_AES);
1234	ctx.pc_type = htole16(UBS_PKTCTX_TYPE_IPSEC_AES);
1235	ivsize = 16; /* AES uses 128bit IVs / [3]DES 64bit IVs */
1236
1237	switch(ses->ses_keysize)
1238	{
1239	case 128:
1240	ctx.pc_flags \|= htole16(UBS_PKTCTX_AES128);
1241	break;
1242	case 192:
1243	ctx.pc_flags \|= htole16(UBS_PKTCTX_AES192);
1244	break;
1245	case 256:
1246	ctx.pc_flags \|= htole16(UBS_PKTCTX_AES256);
1247	break;
1248	default:
1249	DPRINTF("invalid AES key size: %d\n", ses->ses_keysize);
1250	err = EINVAL;
1251	goto errout;
1252	}
1253	}
1254
1255	if (enccrd->crd_flags & CRD_F_ENCRYPT) {
1256	/* Direction: Outbound */
1257
1258	q->q_flags \|= UBSEC_QFLAGS_COPYOUTIV;
1259
1260	if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) {
1261	bcopy(enccrd->crd_iv, ctx.pc_iv, ivsize);
1262	} else {
1263	for(i=0; i < (ivsize / 4); i++)
1264	ctx.pc_iv[i] = ses->ses_iv[i];
1265	}
1266
1267	/* If there is no IV in the buffer -> copy it here */
1268	if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) {
1269	if (crp->crp_flags & CRYPTO_F_SKBUF)
1270	/*
1271	m_copyback(q->q_src_m,
1272	enccrd->crd_inject,
1273	8, ctx.pc_iv);
1274	*/
1275	crypto_copyback(crp->crp_flags, (caddr_t)q->q_src_m,
1276	enccrd->crd_inject, ivsize, (caddr_t)ctx.pc_iv);
1277	else if (crp->crp_flags & CRYPTO_F_IOV)
1278	/*
1279	cuio_copyback(q->q_src_io,
1280	enccrd->crd_inject,
1281	8, ctx.pc_iv);
1282	*/
1283	crypto_copyback(crp->crp_flags, (caddr_t)q->q_src_io,
1284	enccrd->crd_inject, ivsize, (caddr_t)ctx.pc_iv);
1285	}
1286	} else {
1287	/* Direction: Inbound */
1288
1289	ctx.pc_flags \|= htole16(UBS_PKTCTX_INBOUND);
1290
1291	if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
1292	bcopy(enccrd->crd_iv, ctx.pc_iv, ivsize);
1293	else if (crp->crp_flags & CRYPTO_F_SKBUF)
1294	/*
1295	m_copydata(q->q_src_m, enccrd->crd_inject,
1296	8, (caddr_t)ctx.pc_iv);
1297	*/
1298	crypto_copydata(crp->crp_flags, (caddr_t)q->q_src_m,
1299	enccrd->crd_inject, ivsize,
1300	(caddr_t)ctx.pc_iv);
1301	else if (crp->crp_flags & CRYPTO_F_IOV)
1302	/*
1303	cuio_copydata(q->q_src_io,
1304	enccrd->crd_inject, 8,
1305	(caddr_t)ctx.pc_iv);
1306	*/
1307	crypto_copydata(crp->crp_flags, (caddr_t)q->q_src_io,
1308	enccrd->crd_inject, ivsize,
1309	(caddr_t)ctx.pc_iv);
1310
1311	}
1312
1313	/* Even though key & IV sizes differ from cipher to cipher
1314	* copy / swap the full array lengths. Let the compiler unroll
1315	* the loop to increase the cpu pipeline performance... */
1316	for(i=0; i < 8; i++)
1317	ctx.pc_key[i] = ses->ses_key[i];
1318	for(i=0; i < 4; i++)
1319	SWAP32(ctx.pc_iv[i]);
1320	}
1321
1322	/* Authentication requested */
1323	if (maccrd) {
1324	macoffset = maccrd->crd_skip;
1325
1326	if (maccrd->crd_alg == CRYPTO_MD5_HMAC)
1327	ctx.pc_flags \|= htole16(UBS_PKTCTX_AUTH_MD5);
1328	else
1329	ctx.pc_flags \|= htole16(UBS_PKTCTX_AUTH_SHA1);
1330
1331	for (i = 0; i < 5; i++) {
1332	ctx.pc_hminner[i] = ses->ses_hminner[i];
1333	ctx.pc_hmouter[i] = ses->ses_hmouter[i];
1334
1335	HTOLE32(ctx.pc_hminner[i]);
1336	HTOLE32(ctx.pc_hmouter[i]);
1337	}
1338	}
1339
1340	if (enccrd && maccrd) {
1341	/*
1342	* ubsec cannot handle packets where the end of encryption
1343	* and authentication are not the same, or where the
1344	* encrypted part begins before the authenticated part.
1345	*/
1346	if (((encoffset + enccrd->crd_len) !=
1347	(macoffset + maccrd->crd_len)) \|\|
1348	(enccrd->crd_skip < maccrd->crd_skip)) {
1349	err = EINVAL;
1350	goto errout;
1351	}
1352	sskip = maccrd->crd_skip;
1353	cpskip = dskip = enccrd->crd_skip;
1354	stheend = maccrd->crd_len;
1355	dtheend = enccrd->crd_len;
1356	coffset = enccrd->crd_skip - maccrd->crd_skip;
1357	cpoffset = cpskip + dtheend;
1358	#ifdef UBSEC_DEBUG
1359	DPRINTF("mac: skip %d, len %d, inject %d\n",
1360	maccrd->crd_skip, maccrd->crd_len, maccrd->crd_inject);
1361	DPRINTF("enc: skip %d, len %d, inject %d\n",
1362	enccrd->crd_skip, enccrd->crd_len, enccrd->crd_inject);
1363	DPRINTF("src: skip %d, len %d\n", sskip, stheend);
1364	DPRINTF("dst: skip %d, len %d\n", dskip, dtheend);
1365	DPRINTF("ubs: coffset %d, pktlen %d, cpskip %d, cpoffset %d\n",
1366	coffset, stheend, cpskip, cpoffset);
1367	#endif
1368	} else {
1369	cpskip = dskip = sskip = macoffset + encoffset;
1370	dtheend = stheend = (enccrd)?enccrd->crd_len:maccrd->crd_len;
1371	cpoffset = cpskip + dtheend;
1372	coffset = 0;
1373	}
1374	ctx.pc_offset = htole16(coffset >> 2);
1375
1376	#if 0
1377	if (bus_dmamap_create(sc->sc_dmat, 0xfff0, UBS_MAX_SCATTER,
1378	0xfff0, 0, BUS_DMA_NOWAIT, &q->q_src_map) != 0) {
1379	err = ENOMEM;
1380	goto errout;
1381	}
1382	#endif
1383
1384	if (crp->crp_flags & CRYPTO_F_SKBUF) {
1385	#if 0
1386	if (bus_dmamap_load_mbuf(sc->sc_dmat, q->q_src_map,
1387	q->q_src_m, BUS_DMA_NOWAIT) != 0) {
1388	bus_dmamap_destroy(sc->sc_dmat, q->q_src_map);
1389	q->q_src_map = NULL;
1390	err = ENOMEM;
1391	goto errout;
1392	}
1393	#endif
1394	err = dma_map_skb(sc, q->q_src_map, q->q_src_m, &q->q_src_len);
1395	if (unlikely(err != 0))
1396	goto errout;
1397
1398	} else if (crp->crp_flags & CRYPTO_F_IOV) {
1399	#if 0
1400	if (bus_dmamap_load_uio(sc->sc_dmat, q->q_src_map,
1401	q->q_src_io, BUS_DMA_NOWAIT) != 0) {
1402	bus_dmamap_destroy(sc->sc_dmat, q->q_src_map);
1403	q->q_src_map = NULL;
1404	err = ENOMEM;
1405	goto errout;
1406	}
1407	#endif
1408	err = dma_map_uio(sc, q->q_src_map, q->q_src_io, &q->q_src_len);
1409	if (unlikely(err != 0))
1410	goto errout;
1411	}
1412
1413	/*
1414	* Check alignment
1415	*/
1416	nicealign = ubsec_dmamap_aligned(sc, q->q_src_map, q->q_src_len);
1417
1418	dmap->d_dma->d_mcr.mcr_pktlen = htole16(stheend);
1419
1420	#ifdef UBSEC_DEBUG
1421	DPRINTF("src skip: %d\n", sskip);
1422	#endif
1423	for (i = j = 0; i < q->q_src_len; i++) {
1424	struct ubsec_pktbuf *pb;
1425	size_t packl = q->q_src_map[i].dma_size;
1426	dma_addr_t packp = q->q_src_map[i].dma_paddr;
1427
1428	if (sskip >= packl) {
1429	sskip -= packl;
1430	continue;
1431	}
1432
1433	packl -= sskip;
1434	packp += sskip;
1435	sskip = 0;
1436
1437	/* maximum fragment size is 0xfffc */
1438	if (packl > 0xfffc) {
1439	DPRINTF("Error: fragment size is bigger than 0xfffc.\n");
1440	err = EIO;
1441	goto errout;
1442	}
1443
1444	if (j == 0)
1445	pb = &dmap->d_dma->d_mcr.mcr_ipktbuf;
1446	else
1447	pb = &dmap->d_dma->d_sbuf[j - 1];
1448
1449	pb->pb_addr = htole32(packp);
1450
1451	if (stheend) {
1452	if (packl > stheend) {
1453	pb->pb_len = htole32(stheend);
1454	stheend = 0;
1455	} else {
1456	pb->pb_len = htole32(packl);
1457	stheend -= packl;
1458	}
1459	} else
1460	pb->pb_len = htole32(packl);
1461
1462	if ((i + 1) == q->q_src_len)
1463	pb->pb_next = 0;
1464	else
1465	pb->pb_next = htole32(dmap->d_alloc.dma_paddr +
1466	offsetof(struct ubsec_dmachunk, d_sbuf[j]));
1467	j++;
1468	}
1469
1470	if (enccrd == NULL && maccrd != NULL) {
1471	/* Authentication only */
1472	dmap->d_dma->d_mcr.mcr_opktbuf.pb_addr = 0;
1473	dmap->d_dma->d_mcr.mcr_opktbuf.pb_len = 0;
1474	dmap->d_dma->d_mcr.mcr_opktbuf.pb_next =
1475	htole32(dmap->d_alloc.dma_paddr +
1476	offsetof(struct ubsec_dmachunk, d_macbuf[0]));
1477	#ifdef UBSEC_DEBUG
1478	DPRINTF("opkt: %x %x %x\n",
1479	dmap->d_dma->d_mcr.mcr_opktbuf.pb_addr,
1480	dmap->d_dma->d_mcr.mcr_opktbuf.pb_len,
1481	dmap->d_dma->d_mcr.mcr_opktbuf.pb_next);
1482	#endif
1483	} else {
1484	if (crp->crp_flags & CRYPTO_F_IOV) {
1485	if (!nicealign) {
1486	err = EINVAL;
1487	goto errout;
1488	}
1489	#if 0
1490	if (bus_dmamap_create(sc->sc_dmat, 0xfff0,
1491	UBS_MAX_SCATTER, 0xfff0, 0, BUS_DMA_NOWAIT,
1492	&q->q_dst_map) != 0) {
1493	err = ENOMEM;
1494	goto errout;
1495	}
1496	if (bus_dmamap_load_uio(sc->sc_dmat, q->q_dst_map,
1497	q->q_dst_io, BUS_DMA_NOWAIT) != 0) {
1498	bus_dmamap_destroy(sc->sc_dmat, q->q_dst_map);
1499	q->q_dst_map = NULL;
1500	goto errout;
1501	}
1502	#endif
1503
1504	/* HW shall copy the result into the source memory */
1505	for(i = 0; i < q->q_src_len; i++)
1506	q->q_dst_map[i] = q->q_src_map[i];
1507
1508	q->q_dst_len = q->q_src_len;
1509	q->q_has_dst = 0;
1510
1511	} else if (crp->crp_flags & CRYPTO_F_SKBUF) {
1512	if (nicealign) {
1513
1514	/* HW shall copy the result into the source memory */
1515	q->q_dst_m = q->q_src_m;
1516	for(i = 0; i < q->q_src_len; i++)
1517	q->q_dst_map[i] = q->q_src_map[i];
1518
1519	q->q_dst_len = q->q_src_len;
1520	q->q_has_dst = 0;
1521
1522	} else {
1523	#ifdef NOTYET
1524	int totlen, len;
1525	struct sk_buff m, top, **mp;
1526
1527	totlen = q->q_src_map->dm_mapsize;
1528	if (q->q_src_m->m_flags & M_PKTHDR) {
1529	len = MHLEN;
1530	MGETHDR(m, M_DONTWAIT, MT_DATA);
1531	} else {
1532	len = MLEN;
1533	MGET(m, M_DONTWAIT, MT_DATA);
1534	}
1535	if (m == NULL) {
1536	err = ENOMEM;
1537	goto errout;
1538	}
1539	if (len == MHLEN)
1540	M_DUP_PKTHDR(m, q->q_src_m);
1541	if (totlen >= MINCLSIZE) {
1542	MCLGET(m, M_DONTWAIT);
1543	if (m->m_flags & M_EXT)
1544	len = MCLBYTES;
1545	}
1546	m->m_len = len;
1547	top = NULL;
1548	mp = &top;
1549
1550	while (totlen > 0) {
1551	if (top) {
1552	MGET(m, M_DONTWAIT, MT_DATA);
1553	if (m == NULL) {
1554	m_freem(top);
1555	err = ENOMEM;
1556	goto errout;
1557	}
1558	len = MLEN;
1559	}
1560	if (top && totlen >= MINCLSIZE) {
1561	MCLGET(m, M_DONTWAIT);
1562	if (m->m_flags & M_EXT)
1563	len = MCLBYTES;
1564	}
1565	m->m_len = len = min(totlen, len);
1566	totlen -= len;
1567	*mp = m;
1568	mp = &m->m_next;
1569	}
1570	q->q_dst_m = top;
1571	ubsec_mcopy(q->q_src_m, q->q_dst_m,
1572	cpskip, cpoffset);
1573	if (bus_dmamap_create(sc->sc_dmat, 0xfff0,
1574	UBS_MAX_SCATTER, 0xfff0, 0, BUS_DMA_NOWAIT,
1575	&q->q_dst_map) != 0) {
1576	err = ENOMEM;
1577	goto errout;
1578	}
1579	if (bus_dmamap_load_mbuf(sc->sc_dmat,
1580	q->q_dst_map, q->q_dst_m,
1581	BUS_DMA_NOWAIT) != 0) {
1582	bus_dmamap_destroy(sc->sc_dmat,
1583	q->q_dst_map);
1584	q->q_dst_map = NULL;
1585	err = ENOMEM;
1586	goto errout;
1587	}
1588	#else
1589	device_printf(sc->sc_dev,
1590	"%s,%d: CRYPTO_F_SKBUF unaligned not implemented\n",
1591	__FILE__, __LINE__);
1592	err = EINVAL;
1593	goto errout;
1594	#endif
1595	}
1596	} else {
1597	err = EINVAL;
1598	goto errout;
1599	}
1600
1601	#ifdef UBSEC_DEBUG
1602	DPRINTF("dst skip: %d\n", dskip);
1603	#endif
1604	for (i = j = 0; i < q->q_dst_len; i++) {
1605	struct ubsec_pktbuf *pb;
1606	size_t packl = q->q_dst_map[i].dma_size;
1607	dma_addr_t packp = q->q_dst_map[i].dma_paddr;
1608
1609	if (dskip >= packl) {
1610	dskip -= packl;
1611	continue;
1612	}
1613
1614	packl -= dskip;
1615	packp += dskip;
1616	dskip = 0;
1617
1618	if (packl > 0xfffc) {
1619	DPRINTF("Error: fragment size is bigger than 0xfffc.\n");
1620	err = EIO;
1621	goto errout;
1622	}
1623
1624	if (j == 0)
1625	pb = &dmap->d_dma->d_mcr.mcr_opktbuf;
1626	else
1627	pb = &dmap->d_dma->d_dbuf[j - 1];
1628
1629	pb->pb_addr = htole32(packp);
1630
1631	if (dtheend) {
1632	if (packl > dtheend) {
1633	pb->pb_len = htole32(dtheend);
1634	dtheend = 0;
1635	} else {
1636	pb->pb_len = htole32(packl);
1637	dtheend -= packl;
1638	}
1639	} else
1640	pb->pb_len = htole32(packl);
1641
1642	if ((i + 1) == q->q_dst_len) {
1643	if (maccrd)
1644	/* Authentication:
1645	* The last fragment of the output buffer
1646	* contains the HMAC. */
1647	pb->pb_next = htole32(dmap->d_alloc.dma_paddr +
1648	offsetof(struct ubsec_dmachunk, d_macbuf[0]));
1649	else
1650	pb->pb_next = 0;
1651	} else
1652	pb->pb_next = htole32(dmap->d_alloc.dma_paddr +
1653	offsetof(struct ubsec_dmachunk, d_dbuf[j]));
1654	j++;
1655	}
1656	}
1657
1658	dmap->d_dma->d_mcr.mcr_cmdctxp = htole32(dmap->d_alloc.dma_paddr +
1659	offsetof(struct ubsec_dmachunk, d_ctx));
1660
1661	if (sc->sc_flags & UBS_FLAGS_LONGCTX) {
1662	/* new Broadcom cards with dynamic long command context structure */
1663
1664	if (enccrd != NULL &&
1665	enccrd->crd_alg == CRYPTO_AES_CBC)
1666	{
1667	struct ubsec_pktctx_aes128 *ctxaes128;
1668	struct ubsec_pktctx_aes192 *ctxaes192;
1669	struct ubsec_pktctx_aes256 *ctxaes256;
1670
1671	switch(ses->ses_keysize)
1672	{
1673	/* AES 128bit */
1674	case 128:
1675	ctxaes128 = (struct ubsec_pktctx_aes128 *)
1676	(dmap->d_alloc.dma_vaddr +
1677	offsetof(struct ubsec_dmachunk, d_ctx));
1678
1679	ctxaes128->pc_len = htole16(sizeof(struct ubsec_pktctx_aes128));
1680	ctxaes128->pc_type = ctx.pc_type;
1681	ctxaes128->pc_flags = ctx.pc_flags;
1682	ctxaes128->pc_offset = ctx.pc_offset;
1683	for (i = 0; i < 4; i++)
1684	ctxaes128->pc_aeskey[i] = ctx.pc_key[i];
1685	for (i = 0; i < 5; i++)
1686	ctxaes128->pc_hminner[i] = ctx.pc_hminner[i];
1687	for (i = 0; i < 5; i++)
1688	ctxaes128->pc_hmouter[i] = ctx.pc_hmouter[i];
1689	for (i = 0; i < 4; i++)
1690	ctxaes128->pc_iv[i] = ctx.pc_iv[i];
1691	break;
1692
1693	/* AES 192bit */
1694	case 192:
1695	ctxaes192 = (struct ubsec_pktctx_aes192 *)
1696	(dmap->d_alloc.dma_vaddr +
1697	offsetof(struct ubsec_dmachunk, d_ctx));
1698
1699	ctxaes192->pc_len = htole16(sizeof(struct ubsec_pktctx_aes192));
1700	ctxaes192->pc_type = ctx.pc_type;
1701	ctxaes192->pc_flags = ctx.pc_flags;
1702	ctxaes192->pc_offset = ctx.pc_offset;
1703	for (i = 0; i < 6; i++)
1704	ctxaes192->pc_aeskey[i] = ctx.pc_key[i];
1705	for (i = 0; i < 5; i++)
1706	ctxaes192->pc_hminner[i] = ctx.pc_hminner[i];
1707	for (i = 0; i < 5; i++)
1708	ctxaes192->pc_hmouter[i] = ctx.pc_hmouter[i];
1709	for (i = 0; i < 4; i++)
1710	ctxaes192->pc_iv[i] = ctx.pc_iv[i];
1711	break;
1712
1713	/* AES 256bit */
1714	case 256:
1715	ctxaes256 = (struct ubsec_pktctx_aes256 *)
1716	(dmap->d_alloc.dma_vaddr +
1717	offsetof(struct ubsec_dmachunk, d_ctx));
1718
1719	ctxaes256->pc_len = htole16(sizeof(struct ubsec_pktctx_aes256));
1720	ctxaes256->pc_type = ctx.pc_type;
1721	ctxaes256->pc_flags = ctx.pc_flags;
1722	ctxaes256->pc_offset = ctx.pc_offset;
1723	for (i = 0; i < 8; i++)
1724	ctxaes256->pc_aeskey[i] = ctx.pc_key[i];
1725	for (i = 0; i < 5; i++)
1726	ctxaes256->pc_hminner[i] = ctx.pc_hminner[i];
1727	for (i = 0; i < 5; i++)
1728	ctxaes256->pc_hmouter[i] = ctx.pc_hmouter[i];
1729	for (i = 0; i < 4; i++)
1730	ctxaes256->pc_iv[i] = ctx.pc_iv[i];
1731	break;
1732
1733	}
1734	} else {
1735	/*
1736	* [3]DES / MD5_HMAC / SHA1_HMAC
1737	*
1738	* MD5_HMAC / SHA1_HMAC can use the IPSEC 3DES operation without
1739	* encryption.
1740	*/
1741	struct ubsec_pktctx_des *ctxdes;
1742
1743	ctxdes = (struct ubsec_pktctx_des *)(dmap->d_alloc.dma_vaddr +
1744	offsetof(struct ubsec_dmachunk, d_ctx));
1745
1746	ctxdes->pc_len = htole16(sizeof(struct ubsec_pktctx_des));
1747	ctxdes->pc_type = ctx.pc_type;
1748	ctxdes->pc_flags = ctx.pc_flags;
1749	ctxdes->pc_offset = ctx.pc_offset;
1750	for (i = 0; i < 6; i++)
1751	ctxdes->pc_deskey[i] = ctx.pc_key[i];
1752	for (i = 0; i < 5; i++)
1753	ctxdes->pc_hminner[i] = ctx.pc_hminner[i];
1754	for (i = 0; i < 5; i++)
1755	ctxdes->pc_hmouter[i] = ctx.pc_hmouter[i];
1756	ctxdes->pc_iv[0] = ctx.pc_iv[0];
1757	ctxdes->pc_iv[1] = ctx.pc_iv[1];
1758	}
1759	} else
1760	{
1761	/* old Broadcom card with fixed small command context structure */
1762
1763	/*
1764	* [3]DES / MD5_HMAC / SHA1_HMAC
1765	*/
1766	struct ubsec_pktctx *ctxs;
1767
1768	ctxs = (struct ubsec_pktctx *)(dmap->d_alloc.dma_vaddr +
1769	offsetof(struct ubsec_dmachunk, d_ctx));
1770
1771	/* transform generic context into small context */
1772	for (i = 0; i < 6; i++)
1773	ctxs->pc_deskey[i] = ctx.pc_key[i];
1774	for (i = 0; i < 5; i++)
1775	ctxs->pc_hminner[i] = ctx.pc_hminner[i];
1776	for (i = 0; i < 5; i++)
1777	ctxs->pc_hmouter[i] = ctx.pc_hmouter[i];
1778	ctxs->pc_iv[0] = ctx.pc_iv[0];
1779	ctxs->pc_iv[1] = ctx.pc_iv[1];
1780	ctxs->pc_flags = ctx.pc_flags;
1781	ctxs->pc_offset = ctx.pc_offset;
1782	}
1783
1784	#ifdef UBSEC_VERBOSE_DEBUG
1785	DPRINTF("spin_lock_irqsave\n");
1786	#endif
1787	spin_lock_irqsave(&sc->sc_ringmtx, flags);
1788	//spin_lock_irq(&sc->sc_ringmtx);
1789
1790	BSD_SIMPLEQ_INSERT_TAIL(&sc->sc_queue, q, q_next);
1791	sc->sc_nqueue++;
1792	ubsecstats.hst_ipackets++;
1793	ubsecstats.hst_ibytes += stheend;
1794	ubsec_feed(sc);
1795
1796	#ifdef UBSEC_VERBOSE_DEBUG
1797	DPRINTF("spin_unlock_irqrestore\n");
1798	#endif
1799	spin_unlock_irqrestore(&sc->sc_ringmtx, flags);
1800	//spin_unlock_irq(&sc->sc_ringmtx);
1801
1802	return (0);
1803
1804	errout:
1805	if (q != NULL) {
1806	#ifdef NOTYET
1807	if ((q->q_dst_m != NULL) && (q->q_src_m != q->q_dst_m))
1808	m_freem(q->q_dst_m);
1809	#endif
1810
1811	if ((q->q_has_dst == 1) && q->q_dst_len > 0) {
1812	#if 0
1813	bus_dmamap_unload(sc->sc_dmat, q->q_dst_map);
1814	bus_dmamap_destroy(sc->sc_dmat, q->q_dst_map);
1815	#endif
1816	dma_unmap(sc, q->q_dst_map, q->q_dst_len);
1817	}
1818	if (q->q_src_len > 0) {
1819	#if 0
1820	bus_dmamap_unload(sc->sc_dmat, q->q_src_map);
1821	bus_dmamap_destroy(sc->sc_dmat, q->q_src_map);
1822	#endif
1823	dma_unmap(sc, q->q_src_map, q->q_src_len);
1824	}
1825
1826	#ifdef UBSEC_VERBOSE_DEBUG
1827	DPRINTF("spin_lock_irqsave\n");
1828	#endif
1829	spin_lock_irqsave(&sc->sc_ringmtx, flags);
1830	//spin_lock_irq(&sc->sc_ringmtx);
1831
1832	BSD_SIMPLEQ_INSERT_TAIL(&sc->sc_freequeue, q, q_next);
1833
1834	#ifdef UBSEC_VERBOSE_DEBUG
1835	DPRINTF("spin_unlock_irqrestore\n");
1836	#endif
1837	spin_unlock_irqrestore(&sc->sc_ringmtx, flags);
1838	//spin_unlock_irq(&sc->sc_ringmtx);
1839
1840	}
1841	if (err == EINVAL)
1842	ubsecstats.hst_invalid++;
1843	else
1844	ubsecstats.hst_nomem++;
1845	errout2:
1846	crp->crp_etype = err;
1847	crypto_done(crp);
1848
1849	#ifdef UBSEC_DEBUG
1850	DPRINTF("%s() err = %x\n", __FUNCTION__, err);
1851	#endif
1852
1853	return (0);
1854	}
1855
1856	void
1857	ubsec_callback(struct ubsec_softc sc, struct ubsec_q q)
1858	{
1859	struct cryptop crp = (struct cryptop )q->q_crp;
1860	struct cryptodesc *crd;
1861	struct ubsec_dma *dmap = q->q_dma;
1862	int ivsize = 8;
1863
1864	#ifdef UBSEC_DEBUG
1865	DPRINTF("%s()\n", __FUNCTION__);
1866	#endif
1867
1868	ubsecstats.hst_opackets++;
1869	ubsecstats.hst_obytes += dmap->d_alloc.dma_size;
1870
1871	#if 0
1872	bus_dmamap_sync(sc->sc_dmat, dmap->d_alloc.dma_map, 0,
1873	dmap->d_alloc.dma_map->dm_mapsize,
1874	BUS_DMASYNC_POSTREAD\|BUS_DMASYNC_POSTWRITE);
1875	if (q->q_dst_map != NULL && q->q_dst_map != q->q_src_map) {
1876	bus_dmamap_sync(sc->sc_dmat, q->q_dst_map,
1877	0, q->q_dst_map->dm_mapsize, BUS_DMASYNC_POSTREAD);
1878	bus_dmamap_unload(sc->sc_dmat, q->q_dst_map);
1879	bus_dmamap_destroy(sc->sc_dmat, q->q_dst_map);
1880	}
1881	bus_dmamap_sync(sc->sc_dmat, q->q_src_map,
1882	0, q->q_src_map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
1883	bus_dmamap_unload(sc->sc_dmat, q->q_src_map);
1884	bus_dmamap_destroy(sc->sc_dmat, q->q_src_map);
1885	#endif
1886
1887	if ((q->q_has_dst == 1) && q->q_dst_len > 0)
1888	dma_unmap(sc, q->q_dst_map, q->q_dst_len);
1889
1890	dma_unmap(sc, q->q_src_map, q->q_src_len);
1891
1892	#ifdef NOTYET
1893	if ((crp->crp_flags & CRYPTO_F_SKBUF) && (q->q_src_m != q->q_dst_m)) {
1894	m_freem(q->q_src_m);
1895	crp->crp_buf = (caddr_t)q->q_dst_m;
1896	}
1897	#endif
1898
1899	/* copy out IV for future use */
1900	if (q->q_flags & UBSEC_QFLAGS_COPYOUTIV) {
1901	for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
1902	if (crd->crd_alg != CRYPTO_DES_CBC &&
1903	crd->crd_alg != CRYPTO_3DES_CBC &&
1904	crd->crd_alg != CRYPTO_AES_CBC)
1905	continue;
1906
1907	if (crd->crd_alg == CRYPTO_AES_CBC)
1908	ivsize = 16;
1909	else
1910	ivsize = 8;
1911
1912	if (crp->crp_flags & CRYPTO_F_SKBUF)
1913	#if 0
1914	m_copydata((struct sk_buff *)crp->crp_buf,
1915	crd->crd_skip + crd->crd_len - 8, 8,
1916	(caddr_t)sc->sc_sessions[q->q_sesn].ses_iv);
1917	#endif
1918	crypto_copydata(crp->crp_flags, (caddr_t)crp->crp_buf,
1919	crd->crd_skip + crd->crd_len - ivsize, ivsize,
1920	(caddr_t)sc->sc_sessions[q->q_sesn].ses_iv);
1921
1922	else if (crp->crp_flags & CRYPTO_F_IOV) {
1923	#if 0
1924	cuio_copydata((struct uio *)crp->crp_buf,
1925	crd->crd_skip + crd->crd_len - 8, 8,
1926	(caddr_t)sc->sc_sessions[q->q_sesn].ses_iv);
1927	#endif
1928	crypto_copydata(crp->crp_flags, (caddr_t)crp->crp_buf,
1929	crd->crd_skip + crd->crd_len - ivsize, ivsize,
1930	(caddr_t)sc->sc_sessions[q->q_sesn].ses_iv);
1931
1932	}
1933	break;
1934	}
1935	}
1936
1937	for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
1938	if (crd->crd_alg != CRYPTO_MD5_HMAC &&
1939	crd->crd_alg != CRYPTO_SHA1_HMAC)
1940	continue;
1941	#if 0
1942	if (crp->crp_flags & CRYPTO_F_SKBUF)
1943	m_copyback((struct sk_buff *)crp->crp_buf,
1944	crd->crd_inject, 12,
1945	dmap->d_dma->d_macbuf);
1946	#endif
1947	#if 0
1948	/* BUG? it does not honor the mac len.. */
1949	crypto_copyback(crp->crp_flags, crp->crp_buf,
1950	crd->crd_inject, 12,
1951	(caddr_t)dmap->d_dma->d_macbuf);
1952	#endif
1953	crypto_copyback(crp->crp_flags, crp->crp_buf,
1954	crd->crd_inject,
1955	sc->sc_sessions[q->q_sesn].ses_mlen,
1956	(caddr_t)dmap->d_dma->d_macbuf);
1957	#if 0
1958	else if (crp->crp_flags & CRYPTO_F_IOV && crp->crp_mac)
1959	bcopy((caddr_t)dmap->d_dma->d_macbuf,
1960	crp->crp_mac, 12);
1961	#endif
1962	break;
1963	}
1964	BSD_SIMPLEQ_INSERT_TAIL(&sc->sc_freequeue, q, q_next);
1965	crypto_done(crp);
1966	}
1967
1968	void
1969	ubsec_mcopy(struct sk_buff srcm, struct sk_buff dstm, int hoffset, int toffset)
1970	{
1971	int i, j, dlen, slen;
1972	caddr_t dptr, sptr;
1973
1974	j = 0;
1975	sptr = srcm->data;
1976	slen = srcm->len;
1977	dptr = dstm->data;
1978	dlen = dstm->len;
1979
1980	while (1) {
1981	for (i = 0; i < min(slen, dlen); i++) {
1982	if (j < hoffset \|\| j >= toffset)
1983	dptr++ = sptr++;
1984	slen--;
1985	dlen--;
1986	j++;
1987	}
1988	if (slen == 0) {
1989	srcm = srcm->next;
1990	if (srcm == NULL)
1991	return;
1992	sptr = srcm->data;
1993	slen = srcm->len;
1994	}
1995	if (dlen == 0) {
1996	dstm = dstm->next;
1997	if (dstm == NULL)
1998	return;
1999	dptr = dstm->data;
2000	dlen = dstm->len;
2001	}
2002	}
2003	}
2004
2005	int
2006	ubsec_dma_malloc(struct ubsec_softc sc, struct ubsec_dma_alloc dma,
2007	size_t size, int mapflags)
2008	{
2009	dma->dma_vaddr = dma_alloc_coherent(sc->sc_dv,
2010	size, &dma->dma_paddr, GFP_KERNEL);
2011
2012	if (likely(dma->dma_vaddr))
2013	{
2014	dma->dma_size = size;
2015	return (0);
2016	}
2017
2018	DPRINTF("could not allocate %d bytes of coherent memory.\n", size);
2019
2020	return (1);
2021	}
2022
2023	void
2024	ubsec_dma_free(struct ubsec_softc sc, struct ubsec_dma_alloc dma)
2025	{
2026	dma_free_coherent(sc->sc_dv, dma->dma_size, dma->dma_vaddr,
2027	dma->dma_paddr);
2028	}
2029
2030	/*
2031	* Resets the board. Values in the regesters are left as is
2032	* from the reset (i.e. initial values are assigned elsewhere).
2033	*/
2034	void
2035	ubsec_reset_board(struct ubsec_softc *sc)
2036	{
2037	volatile u_int32_t ctrl;
2038
2039	#ifdef UBSEC_DEBUG
2040	DPRINTF("%s()\n", __FUNCTION__);
2041	#endif
2042	DPRINTF("Send reset signal to chip.\n");
2043
2044	ctrl = READ_REG(sc, BS_CTRL);
2045	ctrl \|= BS_CTRL_RESET;
2046	WRITE_REG(sc, BS_CTRL, ctrl);
2047
2048	/*
2049	* Wait aprox. 30 PCI clocks = 900 ns = 0.9 us
2050	*/
2051	DELAY(10);
2052	}
2053
2054	/*
2055	* Init Broadcom registers
2056	*/
2057	void
2058	ubsec_init_board(struct ubsec_softc *sc)
2059	{
2060	u_int32_t ctrl;
2061
2062	#ifdef UBSEC_DEBUG
2063	DPRINTF("%s()\n", __FUNCTION__);
2064	#endif
2065	DPRINTF("Initialize chip.\n");
2066
2067	ctrl = READ_REG(sc, BS_CTRL);
2068	ctrl &= ~(BS_CTRL_BE32 \| BS_CTRL_BE64);
2069	ctrl \|= BS_CTRL_LITTLE_ENDIAN \| BS_CTRL_MCR1INT \| BS_CTRL_DMAERR;
2070
2071	WRITE_REG(sc, BS_CTRL, ctrl);
2072
2073	/* Set chip capabilities (BCM5365P) */
2074	sc->sc_flags \|= UBS_FLAGS_LONGCTX \| UBS_FLAGS_AES;
2075	}
2076
2077	/*
2078	* Clean up after a chip crash.
2079	* It is assumed that the caller has spin_lock_irq(sc_ringmtx).
2080	*/
2081	void
2082	ubsec_cleanchip(struct ubsec_softc *sc)
2083	{
2084	struct ubsec_q *q;
2085
2086	#ifdef UBSEC_DEBUG
2087	DPRINTF("%s()\n", __FUNCTION__);
2088	#endif
2089	DPRINTF("Clean up queues after chip crash.\n");
2090
2091	while (!BSD_SIMPLEQ_EMPTY(&sc->sc_qchip)) {
2092	q = BSD_SIMPLEQ_FIRST(&sc->sc_qchip);
2093	BSD_SIMPLEQ_REMOVE_HEAD(&sc->sc_qchip, q_next);
2094	ubsec_free_q(sc, q);
2095	}
2096	}
2097
2098	/*
2099	* free a ubsec_q
2100	* It is assumed that the caller has spin_lock_irq(sc_ringmtx).
2101	*/
2102	int
2103	ubsec_free_q(struct ubsec_softc sc, struct ubsec_q q)
2104	{
2105	struct ubsec_q *q2;
2106	struct cryptop *crp;
2107	int npkts;
2108	int i;
2109
2110	#ifdef UBSEC_DEBUG
2111	DPRINTF("%s()\n", __FUNCTION__);
2112	#endif
2113
2114	npkts = q->q_nstacked_mcrs;
2115
2116	for (i = 0; i < npkts; i++) {
2117	if(q->q_stacked_mcr[i]) {
2118	q2 = q->q_stacked_mcr[i];
2119
2120	if ((q2->q_dst_m != NULL) && (q2->q_src_m != q2->q_dst_m))
2121	#ifdef NOTYET
2122	m_freem(q2->q_dst_m);
2123	#else
2124	printk(KERN_ERR "%s,%d: SKB not supported\n", __FILE__, __LINE__);
2125	#endif
2126
2127	crp = (struct cryptop *)q2->q_crp;
2128
2129	BSD_SIMPLEQ_INSERT_TAIL(&sc->sc_freequeue, q2, q_next);
2130
2131	crp->crp_etype = EFAULT;
2132	crypto_done(crp);
2133	} else {
2134	break;
2135	}
2136	}
2137
2138	/*
2139	* Free header MCR
2140	*/
2141	if ((q->q_dst_m != NULL) && (q->q_src_m != q->q_dst_m))
2142	#ifdef NOTYET
2143	m_freem(q->q_dst_m);
2144	#else
2145	printk(KERN_ERR "%s,%d: SKB not supported\n", __FILE__, __LINE__);
2146	#endif
2147
2148	crp = (struct cryptop *)q->q_crp;
2149
2150	BSD_SIMPLEQ_INSERT_TAIL(&sc->sc_freequeue, q, q_next);
2151
2152	crp->crp_etype = EFAULT;
2153	crypto_done(crp);
2154	return(0);
2155	}
2156
2157	/*
2158	* Routine to reset the chip and clean up.
2159	* It is assumed that the caller has spin_lock_irq(sc_ringmtx).
2160	*/
2161	void
2162	ubsec_totalreset(struct ubsec_softc *sc)
2163	{
2164
2165	#ifdef UBSEC_DEBUG
2166	DPRINTF("%s()\n", __FUNCTION__);
2167	#endif
2168	DPRINTF("initiate total chip reset.. \n");
2169	ubsec_reset_board(sc);
2170	ubsec_init_board(sc);
2171	ubsec_cleanchip(sc);
2172	}
2173
2174	void
2175	ubsec_dump_pb(struct ubsec_pktbuf *pb)
2176	{
2177	printf("addr 0x%x (0x%x) next 0x%x\n",
2178	pb->pb_addr, pb->pb_len, pb->pb_next);
2179	}
2180
2181	void
2182	ubsec_dump_mcr(struct ubsec_mcr *mcr)
2183	{
2184	struct ubsec_mcr_add *ma;
2185	int i;
2186
2187	printf("MCR:\n");
2188	printf(" pkts: %u, flags 0x%x\n",
2189	letoh16(mcr->mcr_pkts), letoh16(mcr->mcr_flags));
2190	ma = (struct ubsec_mcr_add *)&mcr->mcr_cmdctxp;
2191	for (i = 0; i < letoh16(mcr->mcr_pkts); i++) {
2192	printf(" %d: ctx 0x%x len 0x%x rsvd 0x%x\n", i,
2193	letoh32(ma->mcr_cmdctxp), letoh16(ma->mcr_pktlen),
2194	letoh16(ma->mcr_reserved));
2195	printf(" %d: ipkt ", i);
2196	ubsec_dump_pb(&ma->mcr_ipktbuf);
2197	printf(" %d: opkt ", i);
2198	ubsec_dump_pb(&ma->mcr_opktbuf);
2199	ma++;
2200	}
2201	printf("END MCR\n");
2202	}
2203
2204	static int __init mod_init(void) {
2205	return ssb_driver_register(&ubsec_ssb_driver);
2206	}
2207
2208	static void __exit mod_exit(void) {
2209	ssb_driver_unregister(&ubsec_ssb_driver);
2210	}
2211
2212	module_init(mod_init);
2213	module_exit(mod_exit);
2214
2215	// Meta information
2216	MODULE_AUTHOR("Daniel Mueller <daniel@danm.de>");
2217	MODULE_LICENSE("BSD");
2218	MODULE_DESCRIPTION("OCF driver for BCM5365P IPSec Core");
2219	MODULE_VERSION(DRV_MODULE_VERSION);
2220
2221

Download this file

Branches:
backfire
history
master
release_2010-11-17
release_2010-12-14
release_2011-02-23
release_2011-05-28
release_2011-08-27
release_2011-11-13
release_2012-03-18
release_2012-04-09
release_2012-10-11
uclibc_nptl

OpenWrt XBurst

OpenWrt XBurst Git Source Tree

Root/target/linux/generic/files/crypto/ocf/ubsec_ssb/ubsec_ssb.c

interactive