Home | History | Annotate | Line # | Download | only in marvell
mvcesa.c revision 1.5 
      1 /*	$NetBSD: mvcesa.c,v 1.5 2022/05/22 11:38:26 riastradh Exp $	*/
      2 /*
      3  * Copyright (c) 2008 KIYOHARA Takashi
      4  * All rights reserved.
      5  *
      6  * Redistribution and use in source and binary forms, with or without
      7  * modification, are permitted provided that the following conditions
      8  * are met:
      9  * 1. Redistributions of source code must retain the above copyright
     10  *    notice, this list of conditions and the following disclaimer.
     11  * 2. Redistributions in binary form must reproduce the above copyright
     12  *    notice, this list of conditions and the following disclaimer in the
     13  *    documentation and/or other materials provided with the distribution.
     14  *
     15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
     16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
     17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
     18  * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
     19  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
     20  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
     21  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
     23  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
     24  * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     25  * POSSIBILITY OF SUCH DAMAGE.
     26  */
     27 
     28 #include <sys/cdefs.h>
     29 __KERNEL_RCSID(0, "$NetBSD: mvcesa.c,v 1.5 2022/05/22 11:38:26 riastradh Exp $");
     30 
     31 #include <sys/param.h>
     32 #include <sys/bus.h>
     33 #include <sys/cprng.h>
     34 #include <sys/device.h>
     35 #include <sys/endian.h>
     36 #include <sys/errno.h>
     37 #include <sys/mbuf.h>
     38 #include <sys/md5.h>
     39 #include <sys/uio.h>
     40 #include <sys/sha1.h>
     41 
     42 #include <opencrypto/cryptodev.h>
     43 #include <opencrypto/xform.h>
     44 
     45 #include <dev/marvell/marvellreg.h>
     46 #include <dev/marvell/marvellvar.h>
     47 #include <dev/marvell/mvcesareg.h>
     48 
     49 #include "locators.h"
     50 
     51 #define MVCESA_SESSION(sid)		((sid) & 0x0fffffff)
     52 #define MVCESA_SID(crd, sesn)		(((crd) << 28) | ((sesn) & 0x0fffffff))
     53 
     54 
     55 struct mvcesa_session {
     56 	int ses_used;
     57 
     58 	int ses_klen;
     59 	uint32_t ses_key[8];
     60 
     61 	uint32_t ses_hminner[5];	/* HMAC inner state */
     62 	uint32_t ses_hmouter[5];	/* HMAC outer state */
     63 };
     64 
     65 struct mvcesa_softc {
     66 	device_t sc_dev;
     67 
     68 	bus_space_tag_t sc_iot;
     69 	bus_space_handle_t sc_ioh;
     70 	bus_dma_tag_t sc_dmat;
     71 
     72 	int sc_cid;
     73 	int sc_nsessions;
     74 	struct mvcesa_session *sc_sessions;
     75 };
     76 
     77 static int mvcesa_match(device_t, cfdata_t, void *);
     78 static void mvcesa_attach(device_t, device_t, void *);
     79 
     80 static int mvcesa_intr(void *);
     81 
     82 static int mvcesa_newsession(void *, u_int32_t *, struct cryptoini *);
     83 static int mvcesa_freesession(void *, u_int64_t);
     84 static int mvcesa_process(void *, struct cryptop *, int);
     85 
     86 static int mvcesa_authentication(struct mvcesa_softc *, struct mvcesa_session *,
     87 				 uint32_t, uint32_t *, uint32_t *, uint64_t,
     88 				 int, int, char *, struct mbuf *, struct uio *);
     89 static int mvcesa_des_encdec(struct mvcesa_softc *, struct mvcesa_session *,
     90 			     uint32_t, uint32_t, uint32_t, uint32_t *, int, int,
     91 			     char *, struct mbuf *, struct uio *);
     92 
     93 
     94 CFATTACH_DECL_NEW(mvcesa_gt, sizeof(struct mvcesa_softc),
     95     mvcesa_match, mvcesa_attach, NULL, NULL);
     96 CFATTACH_DECL_NEW(mvcesa_mbus, sizeof(struct mvcesa_softc),
     97     mvcesa_match, mvcesa_attach, NULL, NULL);
     98 
     99 
    100 /* ARGSUSED */
    101 static int
    102 mvcesa_match(device_t parent, cfdata_t match, void *aux)
    103 {
    104 	struct marvell_attach_args *mva = aux;
    105 
    106 	if (strcmp(mva->mva_name, match->cf_name) != 0)
    107 		return 0;
    108 	if (mva->mva_offset == MVA_OFFSET_DEFAULT ||
    109 	    mva->mva_irq == MVA_IRQ_DEFAULT)
    110 		return 0;
    111 
    112 	mva->mva_size = MVCESA_SIZE;
    113 	return 1;
    114 }
    115 
    116 /* ARGSUSED */
    117 static void
    118 mvcesa_attach(device_t parent, device_t self, void *aux)
    119 {
    120 	struct mvcesa_softc *sc = device_private(self);
    121 	struct marvell_attach_args *mva = aux;
    122 
    123 	aprint_normal(
    124 	    ": Marvell Cryptographic Engines and Security Accelerator\n");
    125 	aprint_naive("\n");
    126 
    127 	sc->sc_dev = self;
    128 	sc->sc_iot = mva->mva_iot;
    129         /* Map I/O registers */
    130 	if (bus_space_subregion(mva->mva_iot, mva->mva_ioh, mva->mva_offset,
    131 	    mva->mva_size, &sc->sc_ioh)) {
    132 		aprint_error_dev(self, "can't map registers\n");
    133 		return;
    134 	}
    135 	sc->sc_dmat = mva->mva_dmat;
    136 
    137 	sc->sc_nsessions = 0;
    138 
    139 	/* Setup Opencrypto stuff */
    140 	sc->sc_cid = crypto_get_driverid(0);
    141 	if (sc->sc_cid < 0) {
    142 		aprint_error_dev(self, "couldn't get crypto driver id\n");
    143 		return;
    144 	}
    145 	crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0,
    146 	    mvcesa_newsession, mvcesa_freesession, mvcesa_process, sc);
    147 	crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0,
    148 	    mvcesa_newsession, mvcesa_freesession, mvcesa_process, sc);
    149 #if __DMA_notyet__
    150 /*
    151  * Don't know how to process to AES CBC in PIO-mode.
    152  * I havn't found IV registers.
    153  */
    154 	crypto_register(sc->sc_cid, CRYPTO_AES_CBC, 0, 0,
    155 	    mvcesa_newsession, mvcesa_freesession, mvcesa_process, sc);
    156 #endif
    157 	crypto_register(sc->sc_cid, CRYPTO_SHA1, 0, 0,
    158 	    mvcesa_newsession, mvcesa_freesession, mvcesa_process, sc);
    159 	crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0,
    160 	    mvcesa_newsession, mvcesa_freesession, mvcesa_process, sc);
    161 	crypto_register(sc->sc_cid, CRYPTO_MD5, 0, 0,
    162 	    mvcesa_newsession, mvcesa_freesession, mvcesa_process, sc);
    163 	crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0,
    164 	    mvcesa_newsession, mvcesa_freesession, mvcesa_process, sc);
    165 
    166 	/* Clear and establish interrupt */
    167 	bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_IC, 0);
    168 	marvell_intr_establish(mva->mva_irq, IPL_NET, mvcesa_intr, sc);
    169 
    170 	bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_IM, 0);
    171 }
    172 
    173 
    174 static int
    175 mvcesa_intr(void *arg)
    176 {
    177 #if 0
    178 	struct mvcesa_softc *sc = (struct mvcesa_softc *)arg;
    179 #endif
    180 	int handled = 0;
    181 
    182 	return handled;
    183 }
    184 
    185 
    186 /*
    187  * Opencrypto functions
    188  */
    189 /*
    190  * Allocate a new 'session' and return an encoded session id.  'sidp'
    191  * contains our registration id, and should contain an encoded session
    192  * id on successful allocation.
    193  */
    194 static int
    195 mvcesa_newsession(void *arg, u_int32_t *sidp, struct cryptoini *cri)
    196 {
    197 	struct mvcesa_softc *sc = (struct mvcesa_softc *)arg;
    198 	struct cryptoini *c;
    199 	struct mvcesa_session *ses = NULL;
    200 	int sesn, count, enc, mac, i;
    201 
    202 	KASSERT(sc != NULL /*, ("mvcesa_newsession: null softc")*/);
    203 	if (sidp == NULL || cri == NULL || sc == NULL)
    204 		return EINVAL;
    205 
    206 	for (sesn = 0; sesn < sc->sc_nsessions; sesn++)
    207 		if (sc->sc_sessions[sesn].ses_used == 0) {
    208 			ses = sc->sc_sessions + sesn;
    209 			break;
    210 		}
    211 
    212 	if (ses == NULL) {
    213 		sesn = sc->sc_nsessions;
    214 		ses = malloc((sesn + 1) * sizeof(*ses), M_DEVBUF, M_NOWAIT);
    215 		if (ses == NULL)
    216 			return ENOMEM;
    217 		if (sesn != 0) {
    218 			memcpy(ses, sc->sc_sessions, sesn * sizeof(*ses));
    219 			memset(sc->sc_sessions, 0, sesn * sizeof(*ses));
    220 			free(sc->sc_sessions, M_DEVBUF);
    221 		}
    222 		sc->sc_sessions = ses;
    223 		ses = sc->sc_sessions + sesn;
    224 		sc->sc_nsessions++;
    225 	}
    226 	memset(ses, 0, sizeof(*ses));
    227 
    228 	count = 0;
    229 	enc = mac = 0;
    230 	for (c = cri; c != NULL; c = c->cri_next) {
    231 		switch (c->cri_alg) {
    232 		case CRYPTO_DES_CBC:
    233 		case CRYPTO_3DES_CBC:
    234 			if (enc)
    235 				return EINVAL;
    236 			enc = 1;
    237 
    238 			/* Go ahead and compute key in CESA's byte order */
    239 			ses->ses_klen = c->cri_klen;
    240 			memcpy(ses->ses_key, c->cri_key, c->cri_klen / 8);
    241 			switch (c->cri_alg) {
    242 			case CRYPTO_3DES_CBC:
    243 				ses->ses_key[5] = htobe32(ses->ses_key[5]);
    244 				ses->ses_key[4] = htobe32(ses->ses_key[4]);
    245 				ses->ses_key[3] = htobe32(ses->ses_key[3]);
    246 				ses->ses_key[2] = htobe32(ses->ses_key[2]);
    247 
    248 				/* FALLTHROUGH */
    249 			case CRYPTO_DES_CBC:
    250 				ses->ses_key[1] = htobe32(ses->ses_key[1]);
    251 				ses->ses_key[0] = htobe32(ses->ses_key[0]);
    252 			}
    253 			break;
    254 
    255 		case CRYPTO_SHA1_HMAC:
    256 		case CRYPTO_MD5_HMAC:
    257 		{
    258 			MD5_CTX md5ctx;
    259 			SHA1_CTX sha1ctx;
    260 			int klen_bytes = c->cri_klen / 8;
    261 
    262 			KASSERT(c->cri_klen == 512);
    263 
    264 			for (i = 0; i < klen_bytes; i++)
    265 				c->cri_key[i] ^= HMAC_IPAD_VAL;
    266 			if (c->cri_alg == CRYPTO_MD5_HMAC_96) {
    267 				MD5Init(&md5ctx);
    268 				MD5Update(&md5ctx, c->cri_key, klen_bytes);
    269 				MD5Update(&md5ctx, hmac_ipad_buffer,
    270 				    HMAC_BLOCK_LEN - klen_bytes);
    271 				memcpy(ses->ses_hminner, md5ctx.state,
    272 				    sizeof(md5ctx.state));
    273 			} else {
    274 				SHA1Init(&sha1ctx);
    275 				SHA1Update(&sha1ctx, c->cri_key, klen_bytes);
    276 				SHA1Update(&sha1ctx, hmac_ipad_buffer,
    277 				    HMAC_BLOCK_LEN - klen_bytes);
    278 				memcpy(ses->ses_hminner, sha1ctx.state,
    279 				    sizeof(sha1ctx.state));
    280 			}
    281 
    282 			for (i = 0; i < klen_bytes; i++)
    283 				c->cri_key[i] ^=
    284 				    (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL);
    285 			if (c->cri_alg == CRYPTO_MD5_HMAC_96) {
    286 				MD5Init(&md5ctx);
    287 				MD5Update(&md5ctx, c->cri_key, klen_bytes);
    288 				MD5Update(&md5ctx, hmac_opad_buffer,
    289 				    HMAC_BLOCK_LEN - klen_bytes);
    290 				memcpy(ses->ses_hmouter, md5ctx.state,
    291 				    sizeof(md5ctx.state));
    292 			} else {
    293 				SHA1Init(&sha1ctx);
    294 				SHA1Update(&sha1ctx, c->cri_key, klen_bytes);
    295 				SHA1Update(&sha1ctx, hmac_opad_buffer,
    296 				    HMAC_BLOCK_LEN - klen_bytes);
    297 				memcpy(ses->ses_hmouter, sha1ctx.state,
    298 				    sizeof(sha1ctx.state));
    299 			}
    300 
    301 			for (i = 0; i < klen_bytes; i++)
    302 				c->cri_key[i] ^= HMAC_OPAD_VAL;
    303 		}
    304 			/* FALLTHROUGH */
    305 
    306 		case CRYPTO_SHA1:
    307 		case CRYPTO_MD5:
    308 			if (mac)
    309 				return EINVAL;
    310 			mac = 1;
    311 		}
    312 		count++;
    313 	}
    314 	if (count > 2) {
    315 		mvcesa_freesession(sc, sesn);
    316 		return EINVAL;
    317 	}
    318 
    319 	*sidp = MVCESA_SID(device_unit(sc->sc_dev), sesn);
    320 	ses->ses_used = 1;
    321 
    322 	return 0;
    323 }
    324 
    325 /*
    326  * Deallocate a session.
    327  */
    328 static int
    329 mvcesa_freesession(void *arg, u_int64_t tid)
    330 {
    331 	struct mvcesa_softc *sc = (struct mvcesa_softc *)arg;
    332 	int session;
    333 	uint32_t sid = ((uint32_t)tid) & 0xffffffff;
    334 
    335 	session = MVCESA_SESSION(sid);
    336 	KASSERTMSG(session >= 0, "session=%d", session);
    337 	KASSERTMSG(session < sc->sc_nsessions, "session=%d nsessions=%d",
    338 	    session, sc->sc_nsessions);
    339 
    340 	memset(&sc->sc_sessions[session], 0, sizeof(sc->sc_sessions[session]));
    341 	return (0);
    342 }
    343 
    344 static int
    345 mvcesa_process(void *arg, struct cryptop *crp, int hint)
    346 {
    347 	struct mvcesa_softc *sc = arg;
    348 	struct mvcesa_session *ses;
    349 	struct cryptodesc *crd;
    350 	struct mbuf *m = NULL;
    351 	struct uio *uio = NULL;
    352 	int session;
    353 	char *buf = NULL;
    354 
    355 	session = MVCESA_SESSION(crp->crp_sid);
    356 	KASSERTMSG(session < sc->sc_nsessions, "session=%d nsessions=%d",
    357 	    session, sc->sc_nsessions);
    358 	ses = &sc->sc_sessions[session];
    359 
    360 	if (crp->crp_flags & CRYPTO_F_IMBUF)
    361 		m = (struct mbuf *)crp->crp_buf;
    362 	else if (crp->crp_flags & CRYPTO_F_IOV)
    363 		uio = (struct uio *)crp->crp_buf;
    364 	else
    365 		buf = (char *)crp->crp_buf;
    366 
    367 	if (0 /* DMA support */) {
    368 		/* not yet... */
    369 
    370 		goto done;
    371 	}
    372 
    373 	/* PIO operation */
    374 
    375 	for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
    376 		switch (crd->crd_alg) {
    377 		case CRYPTO_DES_CBC:
    378 		case CRYPTO_3DES_CBC:
    379 		{
    380 			uint32_t alg, mode, dir, *iv, ivbuf[2];
    381 
    382 			mode = MVCESA_DESE_C_DESMODE_CBC;
    383 			if (crd->crd_alg == CRYPTO_DES_CBC)
    384 				alg = MVCESA_DESE_C_ALGORITHM_DES;
    385 			else {	/* CRYPTO_3DES_CBC */
    386 				alg = MVCESA_DESE_C_ALGORITHM_3DES;
    387 				mode |= MVCESA_DESE_C_3DESMODE_EDE;
    388 			}
    389 			if (crd->crd_flags & CRD_F_ENCRYPT) {
    390 				dir = MVCESA_DESE_C_DIRECTION_ENC;
    391 				if (crd->crd_flags & CRD_F_IV_EXPLICIT)
    392 					iv = (uint32_t *)crd->crd_iv;
    393 				else {
    394 					cprng_fast(ivbuf, sizeof(ivbuf));
    395 					iv = ivbuf;
    396 				}
    397 				if (!(crd->crd_flags & CRD_F_IV_PRESENT)) {
    398 					if (m != NULL)
    399 						m_copyback(m, crd->crd_inject,
    400 						    8, iv);
    401 					else if (uio != NULL)
    402 						cuio_copyback(uio,
    403 						    crd->crd_inject, 8, iv);
    404 				}
    405 			} else {
    406 				dir = MVCESA_DESE_C_DIRECTION_DEC;
    407 				if (crd->crd_flags & CRD_F_IV_EXPLICIT)
    408 					iv = (uint32_t *)crd->crd_iv;
    409 				else {
    410 					if (m != NULL)
    411 						m_copydata(m, crd->crd_inject,
    412 						    8, ivbuf);
    413 					else if (uio != NULL)
    414 						cuio_copydata(uio,
    415 						    crd->crd_inject, 8, ivbuf);
    416 					iv = ivbuf;
    417 				}
    418 			}
    419 
    420 			crp->crp_etype = mvcesa_des_encdec(sc, ses,
    421 			    alg, mode, dir, iv, crd->crd_skip, crd->crd_len,
    422 			    buf, m, uio);
    423 			break;
    424 		}
    425 
    426 		case CRYPTO_SHA1:
    427 		case CRYPTO_SHA1_HMAC:
    428 		case CRYPTO_MD5:
    429 		case CRYPTO_MD5_HMAC:
    430 		{
    431 			uint64_t bits;
    432 			uint32_t alg, *iv = NULL, digest[512 / 8 / 4], dlen;
    433 
    434 			if (crd->crd_alg == CRYPTO_SHA1 ||
    435 			    crd->crd_alg == CRYPTO_SHA1_HMAC) {
    436 				alg = MVCESA_SHA1MD5I_AC_ALGORITHM_SHA1;
    437 				dlen = 160;
    438 			} else {	/* CRYPTO_MD5 || CRYPTO_MD5_HMAC */
    439 				alg = MVCESA_SHA1MD5I_AC_ALGORITHM_MD5;
    440 				dlen = 128;
    441 			}
    442 			bits = crd->crd_len << 3;
    443 			if (crd->crd_alg == CRYPTO_SHA1_HMAC ||
    444 			    crd->crd_alg == CRYPTO_MD5_HMAC) {
    445 				iv = ses->ses_hminner;
    446 				bits += 512;
    447 			}
    448 
    449 			crp->crp_etype = mvcesa_authentication(sc, ses,
    450 			    alg, iv, digest, bits, crd->crd_skip, crd->crd_len,
    451 			    buf, m, uio);
    452 			if (crp->crp_etype != 0)
    453 				break;
    454 
    455 			if (crd->crd_alg == CRYPTO_SHA1_HMAC ||
    456 			    crd->crd_alg == CRYPTO_MD5_HMAC)
    457 				crp->crp_etype = mvcesa_authentication(sc,
    458 				    ses, alg, ses->ses_hmouter, digest,
    459 				    512 + dlen, 0, dlen, (char *)digest, NULL,
    460 				    NULL);
    461 			if (crp->crp_etype != 0)
    462 				break;
    463 
    464 			/* Inject the authentication data */
    465 			if (buf != NULL)
    466 				memcpy(buf + crd->crd_inject, digest, dlen / 8);
    467 			else if (m != NULL)
    468 				m_copyback(m, crd->crd_inject, dlen / 8,
    469 				    digest);
    470 			else if (uio != NULL)
    471 				memcpy(crp->crp_mac, digest, dlen / 8);
    472 		}
    473 		}
    474 		if (crp->crp_etype != 0)
    475 			break;
    476 	}
    477 
    478 done:
    479 	DPRINTF(("request %08x done\n", (uint32_t)crp));
    480 	crypto_done(crp);
    481 	return 0;
    482 }
    483 
    484 
    485 static int
    486 mvcesa_authentication(struct mvcesa_softc *sc, struct mvcesa_session *ses,
    487 		      uint32_t alg, uint32_t *iv, uint32_t *digest,
    488 		      uint64_t bits, int skip, int len, char *buf,
    489 		      struct mbuf *m, struct uio *uio)
    490 {
    491 	uint32_t cmd, bswp, data = 0;
    492 	int dlen, off, i, s;
    493 
    494 	/*
    495 	 * SHA/MD5 algorithms work in 512-bit chunks, equal to 16 words.
    496 	 */
    497 
    498 	KASSERT(!(len & (512 - 1)) || bits != 0);
    499 	KASSERT(buf != NULL || m != NULL || uio != NULL);
    500 
    501 	cmd = bus_space_read_4(sc->sc_iot, sc->sc_ioh, MVCESA_SHA1MD5I_AC);
    502 	if (!(cmd & MVCESA_SHA1MD5I_AC_TERMINATION))
    503 		return ERESTART;
    504 
    505 	bswp = 0;
    506 	if (alg == MVCESA_SHA1MD5I_AC_ALGORITHM_SHA1) {
    507 		dlen = 160;
    508 		bits = htobe64(bits);
    509 #if BYTE_ORDER == LITTLE_ENDIAN
    510 		bswp = MVCESA_SHA1MD5I_AC_DATABYTESWAP |
    511 		    MVCESA_SHA1MD5I_AC_IVBYTESWAP;
    512 #endif
    513 	} else {	/* MVCESA_SHA1MD5I_AC_ALGORITHM_MD5 */
    514 		dlen = 128;
    515 		bits = htole64(bits);
    516 #if BYTE_ORDER == BIG_ENDIAN
    517 		bswp = MVCESA_SHA1MD5I_AC_DATABYTESWAP |
    518 		    MVCESA_SHA1MD5I_AC_IVBYTESWAP;
    519 #endif
    520 	}
    521 	bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_SHA1MD5I_AC,
    522 	    alg | bswp | MVCESA_SHA1MD5I_AC_MODE_USEIV);
    523 
    524 	if (iv != NULL)
    525 		bus_space_write_region_4(sc->sc_iot, sc->sc_ioh,
    526 		    MVCESA_SHA1MD5I_IVDA, iv, dlen / 4);
    527 
    528 	off = i = 0;
    529 	while (1 /* CONSTCOND */) {
    530 		data = 0;
    531 		if (buf != NULL)
    532 			for (i = 0; i < 512 / 8 && off + i < len; i += s) {
    533 				s = uimin(sizeof(data), len - off - i);
    534 				memcpy(&data, buf + skip + off + i, s);
    535 				if (s == sizeof(data))
    536 					bus_space_write_4(sc->sc_iot,
    537 					    sc->sc_ioh, MVCESA_SHA1MD5I_DI,
    538 					    data);
    539 			}
    540 		else if (m != NULL)
    541 			for (i = 0; i < 512 / 8 && off + i < len; i += s) {
    542 				s = uimin(sizeof(data), len - off - i);
    543 				m_copydata(m, skip + off + i, s, &data);
    544 				if (s == sizeof(data))
    545 					bus_space_write_4(sc->sc_iot,
    546 					    sc->sc_ioh, MVCESA_SHA1MD5I_DI,
    547 					    data);
    548 			}
    549 		else if (uio != NULL)
    550 			for (i = 0; i < 512 / 8 && off + i < len; i += s) {
    551 				s = uimin(sizeof(data), len - off - i);
    552 				cuio_copydata(uio, skip + off + i, s, &data);
    553 				if (s == sizeof(data))
    554 					bus_space_write_4(sc->sc_iot,
    555 					    sc->sc_ioh, MVCESA_SHA1MD5I_DI,
    556 					    data);
    557 			}
    558 
    559 		off += i;
    560 		if (i < 512 / 8)
    561 			break;
    562 
    563 		do {
    564 			cmd = bus_space_read_4(sc->sc_iot, sc->sc_ioh,
    565 			    MVCESA_SHA1MD5I_AC);
    566 		} while (!(cmd & MVCESA_SHA1MD5I_AC_TERMINATION));
    567 
    568 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_SHA1MD5I_AC,
    569 		    alg | bswp | MVCESA_SHA1MD5I_AC_MODE_CONTINUE);
    570 	}
    571 
    572 	if (i < 512 / 8) {
    573 		*((char *)&data + (i % 4)) = 0x80;
    574 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_SHA1MD5I_DI,
    575 		    data);
    576 		i = (i & ~3) + 4;
    577 
    578 		/* Do pad to 512 bits, if chunk size is more than 448 bits. */
    579 		if (i > 448 / 8) {
    580 			for (; i < 512 / 8; i += 4)
    581 				bus_space_write_4(sc->sc_iot, sc->sc_ioh,
    582 				    MVCESA_SHA1MD5I_DI, 0);
    583 			do {
    584 				cmd = bus_space_read_4(sc->sc_iot, sc->sc_ioh,
    585 				    MVCESA_SHA1MD5I_AC);
    586 			} while (!(cmd & MVCESA_SHA1MD5I_AC_TERMINATION));
    587 			i = 0;
    588 		}
    589 		for (; i < 448 / 8; i += 4)
    590 			bus_space_write_4(sc->sc_iot, sc->sc_ioh,
    591 			    MVCESA_SHA1MD5I_DI, 0);
    592 
    593 		/* Set total bits */
    594 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_SHA1MD5I_BCL,
    595 		    bits & 0xffffffff);
    596 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_SHA1MD5I_BCH,
    597 		    bits >> 32);
    598 		do {
    599 			cmd = bus_space_read_4(sc->sc_iot, sc->sc_ioh,
    600 			    MVCESA_SHA1MD5I_AC);
    601 		} while (!(cmd & MVCESA_SHA1MD5I_AC_TERMINATION));
    602 	}
    603 
    604 	if (digest != NULL) {
    605 		/* Read digest */
    606 		bus_space_read_region_4(sc->sc_iot, sc->sc_ioh,
    607 		    MVCESA_SHA1MD5I_IVDA, digest, dlen / 8 / 4);
    608 #if BYTE_ORDER == LITTLE_ENDIAN
    609 		if (alg == MVCESA_SHA1MD5I_AC_ALGORITHM_SHA1)
    610 			for (i = 0; i < dlen / 8 / 4; i++)
    611 				digest[i] = be32toh(digest[i]);
    612 #else
    613 		if (alg == MVCESA_SHA1MD5I_AC_ALGORITHM_MD5)
    614 			for (i = 0; i < dlen / 8 / 4; i++)
    615 				digest[i] = le32toh(digest[i]);
    616 #endif
    617 	}
    618 	return 0;
    619 }
    620 
    621 static int
    622 mvcesa_des_encdec(struct mvcesa_softc *sc, struct mvcesa_session *ses,
    623 		  uint32_t alg, uint32_t mode, uint32_t dir, uint32_t *iv,
    624 		  int skip, int len, char *buf, struct mbuf *m, struct uio *uio)
    625 {
    626 	uint64_t iblk, oblk;
    627 	uint32_t cmd, bswp = 0;
    628 	int i, o, s;
    629 
    630 	KASSERT(buf != NULL || m != NULL || uio != NULL);
    631 
    632 	cmd = bus_space_read_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_C);
    633 	if (!(cmd & MVCESA_DESE_C_TERMINATION))
    634 		return ERESTART;
    635 
    636 #if BYTE_ORDER == LITTLE_ENDIAN
    637 	bswp = MVCESA_DESE_C_DATABYTESWAP | MVCESA_DESE_C_IVBYTESWAP   |
    638 	    MVCESA_DESE_C_OUTBYTESWAP;
    639 #endif
    640 	bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_C,
    641 	    dir | alg | mode | bswp | MVCESA_DESE_C_ALLTERMINATION);
    642 
    643 	bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_K0L,
    644 	    ses->ses_key[1]);
    645 	bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_K0H,
    646 	    ses->ses_key[0]);
    647 	if (alg == MVCESA_DESE_C_ALGORITHM_3DES) {
    648 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_K1L,
    649 		    ses->ses_key[3]);
    650 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_K1H,
    651 		    ses->ses_key[2]);
    652 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_K2L,
    653 		    ses->ses_key[5]);
    654 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_K2H,
    655 		    ses->ses_key[4]);
    656 	}
    657 
    658 	bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_IVL, iv[1]);
    659 	bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_IVH, iv[0]);
    660 
    661 	i = o = 0;
    662 	while (i < len) {
    663 		s = uimin(sizeof(iblk), len - i);
    664 		iblk = 0;
    665 
    666 		if (buf != NULL)
    667 			memcpy(&iblk, buf + skip + i, s);
    668 		else if (m != NULL)
    669 			m_copydata(m, skip + i, s, &iblk);
    670 		else if (uio != NULL)
    671 			cuio_copydata(uio, skip + i, s, &iblk);
    672 
    673 		/*
    674 		 * We have the pipeline that two data enters.
    675 		 */
    676 
    677 		while (1 /* CONSTCOND */) {
    678 			cmd = bus_space_read_4(sc->sc_iot, sc->sc_ioh,
    679 			    MVCESA_DESE_C);
    680 			if (cmd & MVCESA_DESE_C_ALLTERMINATION)
    681 				/* Engine is ready.  Can write two data. */
    682 				break;
    683 			if (cmd & MVCESA_DESE_C_READALLOW) {
    684 				oblk = bus_space_read_4(sc->sc_iot, sc->sc_ioh,
    685 				    MVCESA_DESE_DOH);
    686 				/* XXXX: needs barrier? */
    687 				oblk |= (uint64_t)bus_space_read_4(sc->sc_iot,
    688 				    sc->sc_ioh, MVCESA_DESE_DOL) << 32;
    689 
    690 				if (buf != NULL)
    691 					memcpy(buf + skip + o, &oblk,
    692 					    sizeof(oblk));
    693 				else if (m != NULL)
    694 					m_copydata(m, skip + o, sizeof(oblk),
    695 					    &oblk);
    696 				else if (uio != NULL)
    697 					cuio_copyback(uio, skip + o,
    698 					    sizeof(oblk), &oblk);
    699 				o += sizeof(oblk);
    700 
    701 				/* Can write one data */
    702 				break;
    703 			}
    704 		}
    705 
    706 		/*
    707 		 * Encryption/Decryption calculation time is 9 cycles in DES
    708 		 * mode and 25 cycles in 3DES mode.
    709 		 */
    710 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_DBL,
    711 		    iblk >> 32);
    712 		/* XXXX: needs barrier? */
    713 		bus_space_write_4(sc->sc_iot, sc->sc_ioh, MVCESA_DESE_DBH,
    714 		    iblk & 0xffffffff);
    715 		i += s;
    716 	}
    717 
    718 	while (1 /* CONSTCOND */) {
    719 		cmd = bus_space_read_4(sc->sc_iot, sc->sc_ioh,
    720 		    MVCESA_DESE_C);
    721 		if (cmd & (MVCESA_DESE_C_READALLOW |
    722 					MVCESA_DESE_C_ALLTERMINATION)) {
    723 			oblk = bus_space_read_4(sc->sc_iot, sc->sc_ioh,
    724 			    MVCESA_DESE_DOH);
    725 			/* XXXX: needs barrier? */
    726 			oblk |= (uint64_t)bus_space_read_4(sc->sc_iot,
    727 			    sc->sc_ioh, MVCESA_DESE_DOL) << 32;
    728 
    729 			if (cmd & MVCESA_DESE_C_ALLTERMINATION) {
    730 				/* We can read IV from Data Out Registers. */
    731 				if (dir == MVCESA_DESE_C_DIRECTION_ENC)
    732 					o -= sizeof(oblk);
    733 				else
    734 					break;
    735 			}
    736 			if (buf != NULL)
    737 				memcpy(buf + skip + o, &oblk, sizeof(oblk));
    738 			else if (m != NULL)
    739 				m_copydata(m, skip + o, sizeof(oblk), &oblk);
    740 			else if (uio != NULL)
    741 				cuio_copyback(uio, skip + o, sizeof(oblk),
    742 				    &oblk);
    743 			o += sizeof(oblk);
    744 			if (cmd & MVCESA_DESE_C_ALLTERMINATION)
    745 				break;
    746 		}
    747 	}
    748 
    749 	return 0;
    750 }
    751