xref: /netbsd-src/sys/dev/pci/ubsecreg.h (revision b7b7574d3bf8eeb51a1fa3977b59142ec6434a55) 
1 /*	$NetBSD: ubsecreg.h,v 1.4 2014/04/19 12:29:24 bad Exp $	*/
2 /*	$OpenBSD: ubsecreg.h,v 1.29 2009/03/25 12:17:30 reyk Exp $	*/
3 
4 /*
5  * Copyright (c) 2000 Theo de Raadt
6  * Copyright (c) 2001 Patrik Lindergren (patrik@ipunplugged.com)
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28  *
29  * Effort sponsored in part by the Defense Advanced Research Projects
30  * Agency (DARPA) and Air Force Research Laboratory, Air Force
31  * Materiel Command, USAF, under agreement number F30602-01-2-0537.
32  *
33  */
34 
35 /*
36  * Register definitions for 5601 BlueSteel Networks Ubiquitous Broadband
37  * Security "uBSec" chip.  Definitions from revision 2.8 of the product
38  * datasheet.
39  */
40 
41 #define BS_BAR			0x10	/* DMA base address register */
42 #define	BS_TRDY_TIMEOUT		0x40	/* TRDY timeout */
43 #define	BS_RETRY_TIMEOUT	0x41	/* DMA retry timeout */
44 
45 #define	UBS_PCI_RTY_SHIFT			8
46 #define	UBS_PCI_RTY_MASK			0xff
47 #define	UBS_PCI_RTY(misc) \
48     (((misc) >> UBS_PCI_RTY_SHIFT) & UBS_PCI_RTY_MASK)
49 
50 #define	UBS_PCI_TOUT_SHIFT			0
51 #define	UBS_PCI_TOUT_MASK			0xff
52 #define	UBS_PCI_TOUT(misc) \
53     (((misc) >> PCI_TOUT_SHIFT) & PCI_TOUT_MASK)
54 
55 /*
56  * DMA Control & Status Registers (offset from BS_BAR)
57  */
58 #define	BS_MCR1		0x00	/* DMA Master Command Record 1 */
59 #define	BS_CTRL		0x04	/* DMA Control */
60 #define	BS_STAT		0x08	/* DMA Status */
61 #define	BS_ERR		0x0c	/* DMA Error Address */
62 #define	BS_MCR2		0x10	/* DMA Master Command Record 2 */
63 #define	BS_MCR3		0x0014	/* 5827+, DMA Master Command Record 3 */
64 #define	BS_MCR4		0x001c	/* 5827+, DMA Master Command Record 4 */
65 #define	BS_CFG		0x0700	/* 5827+, Configuration Register */
66 #define	BS_INT		0x0f00	/* 5827+, Interrupt Register */
67 
68 /* BS_CTRL - DMA Control */
69 #define	BS_CTRL_RESET		0x80000000	/* hardware reset, 5805/5820 */
70 #define	BS_CTRL_MCR2INT		0x40000000	/* enable intr MCR for MCR2 */
71 #define	BS_CTRL_MCR1INT		0x20000000	/* enable intr MCR for MCR1 */
72 #define	BS_CTRL_OFM		0x10000000	/* Output fragment mode */
73 #define	BS_CTRL_BE32		0x08000000	/* big-endian, 32bit bytes */
74 #define	BS_CTRL_BE64		0x04000000	/* big-endian, 64bit bytes */
75 #define	BS_CTRL_DMAERR		0x02000000	/* enable intr DMA error */
76 #define	BS_CTRL_RNG_M		0x01800000	/* RNG mode */
77 #define	BS_CTRL_RNG_1		0x00000000	/* 1bit rn/one slow clock */
78 #define	BS_CTRL_RNG_4		0x00800000	/* 1bit rn/four slow clocks */
79 #define	BS_CTRL_RNG_8		0x01000000	/* 1bit rn/eight slow clocks */
80 #define	BS_CTRL_RNG_16		0x01800000	/* 1bit rn/16 slow clocks */
81 #define	BS_CTRL_SWNORM		0x00400000	/* 582[01], sw normalization */
82 #define	BS_CTRL_MCR3INT		0x00400000	/* 5827+, intr for MCR3 */
83 #define	BS_CTRL_MCR4INT		0x00200000	/* 5827+, intr for MCR4 */
84 #define	BS_CTRL_BSIZE240	0x000f0000	/* 5827+, burst size 240 */
85 #define	BS_CTRL_FRAG_M		0x0000ffff	/* output fragment size mask */
86 #define	BS_CTRL_LITTLE_ENDIAN	(BS_CTRL_BE32 | BS_CTRL_BE64)
87 
88 /* BS_STAT - DMA Status */
89 #define	BS_STAT_MCR1_BUSY	0x80000000	/* MCR1 is busy */
90 #define	BS_STAT_MCR1_FULL	0x40000000	/* MCR1 is full */
91 #define	BS_STAT_MCR1_DONE	0x20000000	/* MCR1 is done */
92 #define	BS_STAT_DMAERR		0x10000000	/* DMA error */
93 #define	BS_STAT_MCR2_FULL	0x08000000	/* MCR2 is full */
94 #define	BS_STAT_MCR2_DONE	0x04000000	/* MCR2 is done */
95 #define	BS_STAT_MCR1_ALLEMPTY	0x02000000	/* 5821, MCR1 is empty */
96 #define	BS_STAT_MCR2_ALLEMPTY	0x01000000	/* 5821, MCR2 is empty */
97 #define	BS_STAT_MCR3_ALLEMPTY	0x00800000	/* 5827+, MCR3 is empty */
98 #define	BS_STAT_MCR4_ALLEMPTY	0x00400000	/* 5827+, MCR4 is empty */
99 #define	BS_STAT_MCR3_FULL	0x00080000	/* 5827+, MCR3 is full */
100 #define	BS_STAT_MCR3_DONE	0x00040000	/* 5827+, MCR3 is done */
101 #define	BS_STAT_MCR4_FULL	0x00020000	/* 5827+, MCR4 is full */
102 #define	BS_STAT_MCR4_DONE	0x00010000	/* 5827+, MCR4 is done */
103 
104 /* BS_ERR - DMA Error Address */
105 #define	BS_ERR_ADDR		0xfffffffc	/* error address mask */
106 #define	BS_ERR_READ		0x00000002	/* fault was on read */
107 
108 /* BS_CFG */
109 #define	BS_CFG_RNG		0x00000001	/* 5827+, enable RNG */
110 
111 /* BS_INT */
112 #define	BS_INT_DMAINT		0x80000000	/* 5827+, enable DMA intr */
113 
114 /* DES/3DES */
115 struct ubsec_pktctx {
116 	u_int32_t	pc_deskey[6];		/* 3DES key */
117 	u_int32_t	pc_hminner[5];		/* hmac inner state */
118 	u_int32_t	pc_hmouter[5];		/* hmac outer state */
119 	u_int32_t	pc_iv[2];		/* [3]DES iv */
120 	u_int16_t	pc_flags;		/* flags, below */
121 	u_int16_t	pc_offset;		/* crypto offset */
122 };
123 #define	UBS_PKTCTX_ENC_3DES	0x8000		/* use 3des */
124 #define	UBS_PKTCTX_ENC_NONE	0x0000		/* no encryption */
125 #define	UBS_PKTCTX_INBOUND	0x4000		/* inbound packet */
126 #define	UBS_PKTCTX_AUTH		0x3000		/* authentication mask */
127 #define	UBS_PKTCTX_AUTH_NONE	0x0000		/* no authentication */
128 #define	UBS_PKTCTX_AUTH_MD5	0x1000		/* use hmac-md5 */
129 #define	UBS_PKTCTX_AUTH_SHA1	0x2000		/* use hmac-sha1 */
130 
131 /* "Long" cryptographic operations on newer chipsets */
132 #define	UBS_PKTCTX_TYPE_IPSEC_3DES	0x0000
133 #define	UBS_PKTCTX_TYPE_IPSEC_AES	0x0040
134 
135 struct ubsec_pktctx_hdr {
136 	volatile u_int16_t	ph_len;		/* length of ctx struct */
137 	volatile u_int16_t	ph_type;	/* context type, 0 */
138 	volatile u_int16_t	ph_flags;	/* flags, same as above */
139 	volatile u_int16_t	ph_offset;	/* crypto/auth offset */
140 };
141 
142 /* Long version of DES/3DES */
143 struct ubsec_pktctx_3des {
144 	struct ubsec_pktctx_hdr	pc_hdr;		/* Common header */
145 	volatile u_int32_t	pc_deskey[6];	/* 3DES key */
146 	volatile u_int32_t	pc_iv[2];	/* [3]DES iv */
147 	volatile u_int32_t	pc_hminner[5];	/* hmac inner state */
148 	volatile u_int32_t	pc_hmouter[5];	/* hmac outer state */
149 };
150 
151 /* AES uses different structures for each supported key size */
152 struct ubsec_pktctx_aes128 {
153 	struct ubsec_pktctx_hdr	pc_hdr;		/* Common header */
154 	volatile u_int32_t	pc_aeskey[4];	/* AES128 key */
155 	volatile u_int32_t	pc_iv[4];	/* AES iv/ucv */
156 	volatile u_int32_t	pc_hminner[5];	/* hmac inner state */
157 	volatile u_int32_t	pc_hmouter[5];	/* hmac outer state */
158 };
159 
160 struct ubsec_pktctx_aes192 {
161 	struct ubsec_pktctx_hdr	pc_hdr;		/* Common header */
162 	volatile u_int32_t	pc_aeskey[6];	/* AES192 key */
163 	volatile u_int32_t	pc_iv[4];	/* AES iv/icv */
164 	volatile u_int32_t	pc_hminner[5];	/* hmac inner state */
165 	volatile u_int32_t	pc_hmouter[5];	/* hmac outer state */
166 };
167 
168 struct ubsec_pktctx_aes256 {
169 	struct ubsec_pktctx_hdr	pc_hdr;		/* Common header */
170 	volatile u_int32_t	pc_aeskey[8];	/* AES256 key */
171 	volatile u_int32_t	pc_iv[4];	/* AES iv/icv */
172 	volatile u_int32_t	pc_hminner[5];	/* hmac inner state */
173 	volatile u_int32_t	pc_hmouter[5];	/* hmac outer state */
174 };
175 #define UBS_PKTCTX_ENC_AES	0x8000		/* use aes */
176 #define UBS_PKTCTX_MODE_CBC	0x0000		/* Cipher Block Chaining mode */
177 #define UBS_PKTCTX_MODE_CTR	0x0400		/* Counter mode */
178 #define UBS_PKTCTX_KEYSIZE_128	0x0000		/* AES128 */
179 #define UBS_PKTCTX_KEYSIZE_192	0x0100		/* AES192 */
180 #define UBS_PKTCTX_KEYSIZE_256	0x0200		/* AES256 */
181 
182 struct ubsec_pktbuf {
183 	volatile u_int32_t	pb_addr;	/* address of buffer start */
184 	volatile u_int32_t	pb_next;	/* pointer to next pktbuf */
185 	volatile u_int32_t	pb_len;		/* packet length */
186 };
187 #define	UBS_PKTBUF_LEN		0x0000ffff	/* length mask */
188 
189 struct ubsec_mcr {
190 	volatile u_int16_t	mcr_pkts;	/* #pkts in this mcr */
191 	volatile u_int16_t	mcr_flags;	/* mcr flags (below) */
192 	volatile u_int32_t	mcr_cmdctxp;	/* command ctx pointer */
193 	struct ubsec_pktbuf	mcr_ipktbuf;	/* input chain header */
194 	volatile u_int16_t	mcr_reserved;
195 	volatile u_int16_t	mcr_pktlen;
196 	struct ubsec_pktbuf	mcr_opktbuf;	/* output chain header */
197 };
198 
199 struct ubsec_mcr_add {
200 	volatile u_int32_t	mcr_cmdctxp;	/* command ctx pointer */
201 	struct ubsec_pktbuf	mcr_ipktbuf;	/* input chain header */
202 	volatile u_int16_t	mcr_reserved;
203 	volatile u_int16_t	mcr_pktlen;
204 	struct ubsec_pktbuf	mcr_opktbuf;	/* output chain header */
205 };
206 
207 #define	UBS_MCR_DONE		0x0001		/* mcr has been processed */
208 #define	UBS_MCR_ERROR		0x0002		/* error in processing */
209 #define	UBS_MCR_ERRORCODE	0xff00		/* error type */
210 
211 struct ubsec_ctx_keyop {
212 	volatile u_int16_t	ctx_len;	/* command length */
213 	volatile u_int16_t	ctx_op;		/* operation code */
214 	volatile u_int8_t	ctx_pad[60];	/* padding */
215 };
216 #define	UBS_CTXOP_DHPKGEN	0x01		/* dh public key generation */
217 #define	UBS_CTXOP_DHSSGEN	0x02		/* dh shared secret gen. */
218 #define	UBS_CTXOP_RSAPUB	0x03		/* rsa public key op */
219 #define	UBS_CTXOP_RSAPRIV	0x04		/* rsa private key op */
220 #define	UBS_CTXOP_DSASIGN	0x05		/* dsa signing op */
221 #define	UBS_CTXOP_DSAVRFY	0x06		/* dsa verification */
222 #define	UBS_CTXOP_RNGBYPASS	0x41		/* rng direct test mode */
223 #define	UBS_CTXOP_RNGSHA1	0x42		/* rng sha1 test mode */
224 #define	UBS_CTXOP_MODADD	0x43		/* modular addition */
225 #define	UBS_CTXOP_MODSUB	0x44		/* modular subtraction */
226 #define	UBS_CTXOP_MODMUL	0x45		/* modular multiplication */
227 #define	UBS_CTXOP_MODRED	0x46		/* modular reduction */
228 #define	UBS_CTXOP_MODEXP	0x47		/* modular exponentiation */
229 #define	UBS_CTXOP_MODINV	0x48		/* modular inverse */
230 
231 struct ubsec_ctx_rngbypass {
232 	volatile u_int16_t	rbp_len;	/* command length, 64 */
233 	volatile u_int16_t	rbp_op;		/* rng bypass, 0x41 */
234 	volatile u_int8_t	rbp_pad[60];	/* padding */
235 };
236 
237 /* modexp: C = (M ^ E) mod N */
238 struct ubsec_ctx_modexp {
239 	volatile u_int16_t	me_len;		/* command length */
240 	volatile u_int16_t	me_op;		/* modexp, 0x47 */
241 	volatile u_int16_t	me_E_len;	/* E (bits) */
242 	volatile u_int16_t	me_N_len;	/* N (bits) */
243 	u_int8_t		me_N[2048/8];	/* N */
244 };
245 
246 struct ubsec_ctx_rsapriv {
247 	volatile u_int16_t	rpr_len;	/* command length */
248 	volatile u_int16_t	rpr_op;		/* rsaprivate, 0x04 */
249 	volatile u_int16_t	rpr_q_len;	/* q (bits) */
250 	volatile u_int16_t	rpr_p_len;	/* p (bits) */
251 	u_int8_t		rpr_buf[5 * 1024 / 8];	/* parameters: */
252 						/* p, q, dp, dq, pinv */
253 };
254