/* This function is called from an interrupt handler */ void nlm_xlprsaecc_msgring_handler(int vc, int size, int code, int src_id, struct nlm_fmn_msg *msg, void *data) { struct xlp_rsa_command *cmd; struct xlp_rsa_softc *sc; struct crparam *outparam; int ostart; KASSERT(code == FMN_SWCODE_RSA, ("%s: bad code = %d, expected code = %d\n", __func__, code, FMN_SWCODE_RSA)); sc = data; KASSERT(src_id >= sc->rsaecc_vc_start && src_id <= sc->rsaecc_vc_end, ("%s: bad src_id = %d, expect %d - %d\n", __func__, src_id, sc->rsaecc_vc_start, sc->rsaecc_vc_end)); cmd = (struct xlp_rsa_command *)(uintptr_t)msg->msg[1]; KASSERT(cmd != NULL, ("%s:cmd not received properly\n", __func__)); if (RSA_ERROR(msg->msg[0]) != 0) { printf("%s: Message rcv msg0 %llx msg1 %llx err %x \n", __func__, (unsigned long long)msg->msg[0], (unsigned long long)msg->msg[1], (int)RSA_ERROR(msg->msg[0])); cmd->krp->krp_status = EBADMSG; } if (cmd->krp != NULL) { ostart = cmd->krp->krp_iparams; outparam = &cmd->krp->krp_param[ostart]; xlp_rsa_inp2hwformat(cmd->rsasrc + cmd->rsaopsize * ostart, outparam->crp_p, howmany(outparam->crp_nbits, 8), 1); crypto_kdone(cmd->krp); } xlp_free_cmd_params(cmd); }
static int xlp_rsa_kprocess(device_t dev, struct cryptkop *krp, int hint) { struct xlp_rsa_softc *sc = device_get_softc(dev); struct xlp_rsa_command *cmd; struct crparam *kp; int err, i; if (krp == NULL || krp->krp_callback == NULL) return (EINVAL); cmd = malloc(sizeof(struct xlp_rsa_command), M_DEVBUF, M_NOWAIT | M_ZERO); KASSERT(cmd != NULL, ("%s:cmd is NULL\n", __func__)); cmd->krp = krp; #ifdef NLM_RSA_DEBUG print_krp_params(krp); #endif err = EOPNOTSUPP; switch (krp->krp_op) { case CRK_MOD_EXP: if (krp->krp_iparams == 3 && krp->krp_oparams == 1) break; goto errout; default: device_printf(dev, "Op:%d not yet supported\n", krp->krp_op); goto errout; } err = xlp_get_rsa_opsize(cmd, krp->krp_param[krp->krp_iparams - 1].crp_nbits); if (err != 0) { err = EINVAL; goto errout; } cmd->rsafn = 0; /* Mod Exp */ cmd->rsasrc = malloc( cmd->rsaopsize * (krp->krp_iparams + krp->krp_oparams), M_DEVBUF, M_NOWAIT | M_ZERO); if (cmd->rsasrc == NULL) { err = ENOMEM; goto errout; } for (i = 0, kp = krp->krp_param; i < krp->krp_iparams; i++, kp++) { KASSERT(kp->crp_nbits != 0, ("%s: parameter[%d]'s length is zero\n", __func__, i)); xlp_rsa_inp2hwformat(kp->crp_p, cmd->rsasrc + i * cmd->rsaopsize, howmany(kp->crp_nbits, 8), 0); } err = nlm_crypto_complete_rsa_request(sc, cmd); if (err != 0) goto errout; return (0); errout: xlp_free_cmd_params(cmd); krp->krp_status = err; crypto_kdone(krp); return (err); }
static int xlp_sec_process(device_t dev, struct cryptop *crp, int hint) { struct xlp_sec_softc *sc = device_get_softc(dev); struct xlp_sec_command *cmd = NULL; int session, err = -1, ret = 0; struct cryptodesc *crd1, *crd2; struct xlp_sec_session *ses; unsigned int nsegs = 0; if (crp == NULL || crp->crp_callback == NULL) { return (EINVAL); } session = XLP_SEC_SESSION(crp->crp_sid); if (sc == NULL || session >= sc->sc_nsessions) { err = EINVAL; goto errout; } ses = &sc->sc_sessions[session]; if ((cmd = malloc(sizeof(struct xlp_sec_command), M_DEVBUF, M_NOWAIT | M_ZERO)) == NULL) { err = ENOMEM; goto errout; } cmd->crp = crp; cmd->session_num = session; cmd->hash_dst_len = ses->hs_mlen; if ((crd1 = crp->crp_desc) == NULL) { err = EINVAL; goto errout; } crd2 = crd1->crd_next; if ((ret = xlp_get_nsegs(crp, &nsegs)) != 0) { err = EINVAL; goto errout; } if (((crd1 != NULL) && (crd1->crd_flags & CRD_F_IV_EXPLICIT)) || ((crd2 != NULL) && (crd2->crd_flags & CRD_F_IV_EXPLICIT))) { /* Since IV is given as separate segment to avoid copy */ nsegs += 1; } cmd->nsegs = nsegs; if ((err = xlp_alloc_cmd_params(cmd, nsegs)) != 0) goto errout; if ((crd1 != NULL) && (crd2 == NULL)) { if (crd1->crd_alg == CRYPTO_DES_CBC || crd1->crd_alg == CRYPTO_3DES_CBC || crd1->crd_alg == CRYPTO_AES_CBC || crd1->crd_alg == CRYPTO_ARC4) { cmd->enccrd = crd1; cmd->maccrd = NULL; if ((ret = nlm_get_cipher_param(cmd)) != 0) { err = EINVAL; goto errout; } if (crd1->crd_flags & CRD_F_IV_EXPLICIT) cmd->cipheroff = cmd->ivlen; else cmd->cipheroff = cmd->enccrd->crd_skip; cmd->cipherlen = cmd->enccrd->crd_len; if (crd1->crd_flags & CRD_F_IV_PRESENT) cmd->ivoff = 0; else cmd->ivoff = cmd->enccrd->crd_inject; if ((err = xlp_copyiv(sc, cmd, cmd->enccrd)) != 0) goto errout; if ((err = nlm_crypto_do_cipher(sc, cmd)) != 0) goto errout; } else if (crd1->crd_alg == CRYPTO_MD5_HMAC || crd1->crd_alg == CRYPTO_SHA1_HMAC || crd1->crd_alg == CRYPTO_SHA1 || crd1->crd_alg == CRYPTO_MD5) { cmd->enccrd = NULL; cmd->maccrd = crd1; if ((ret = nlm_get_digest_param(cmd)) != 0) { err = EINVAL; goto errout; } cmd->hashoff = cmd->maccrd->crd_skip; cmd->hashlen = cmd->maccrd->crd_len; cmd->hmacpad = 0; cmd->hashsrc = 0; if ((err = nlm_crypto_do_digest(sc, cmd)) != 0) goto errout; } else { err = EINVAL; goto errout; } } else if( (crd1 != NULL) && (crd2 != NULL) ) { if ((crd1->crd_alg == CRYPTO_MD5_HMAC || crd1->crd_alg == CRYPTO_SHA1_HMAC || crd1->crd_alg == CRYPTO_MD5 || crd1->crd_alg == CRYPTO_SHA1) && (crd2->crd_alg == CRYPTO_DES_CBC || crd2->crd_alg == CRYPTO_3DES_CBC || crd2->crd_alg == CRYPTO_AES_CBC || crd2->crd_alg == CRYPTO_ARC4)) { cmd->maccrd = crd1; cmd->enccrd = crd2; } else if ((crd1->crd_alg == CRYPTO_DES_CBC || crd1->crd_alg == CRYPTO_ARC4 || crd1->crd_alg == CRYPTO_3DES_CBC || crd1->crd_alg == CRYPTO_AES_CBC) && (crd2->crd_alg == CRYPTO_MD5_HMAC || crd2->crd_alg == CRYPTO_SHA1_HMAC || crd2->crd_alg == CRYPTO_MD5 || crd2->crd_alg == CRYPTO_SHA1)) { cmd->enccrd = crd1; cmd->maccrd = crd2; } else { err = EINVAL; goto errout; } if ((ret = nlm_get_cipher_param(cmd)) != 0) { err = EINVAL; goto errout; } if ((ret = nlm_get_digest_param(cmd)) != 0) { err = EINVAL; goto errout; } cmd->ivoff = cmd->enccrd->crd_inject; cmd->hashoff = cmd->maccrd->crd_skip; cmd->hashlen = cmd->maccrd->crd_len; cmd->hmacpad = 0; if (cmd->enccrd->crd_flags & CRD_F_ENCRYPT) cmd->hashsrc = 1; else cmd->hashsrc = 0; cmd->cipheroff = cmd->enccrd->crd_skip; cmd->cipherlen = cmd->enccrd->crd_len; if ((err = xlp_copyiv(sc, cmd, cmd->enccrd)) != 0) goto errout; if ((err = nlm_crypto_do_cipher_digest(sc, cmd)) != 0) goto errout; } else { err = EINVAL; goto errout; } return (0); errout: xlp_free_cmd_params(cmd); if (err == ERESTART) { sc->sc_needwakeup |= CRYPTO_SYMQ; creditleft = 0; return (err); } crp->crp_etype = err; crypto_done(crp); return (err); }
static int xlp_rsa_init(struct xlp_rsa_softc *sc, int node) { struct xlp_rsa_command *cmd = NULL; uint32_t fbvc, dstvc, endsel, regval; struct nlm_fmn_msg m; int err, ret, i; uint64_t base; /* Register interrupt handler for the RSA/ECC CMS messages */ if (register_msgring_handler(sc->rsaecc_vc_start, sc->rsaecc_vc_end, nlm_xlprsaecc_msgring_handler, sc) != 0) { err = -1; printf("Couldn't register rsa/ecc msgring handler\n"); goto errout; } fbvc = nlm_cpuid() * 4 + XLPGE_FB_VC; /* Do the CMS credit initialization */ /* Currently it is configured by default to 50 when kernel comes up */ #if BYTE_ORDER == LITTLE_ENDIAN for (i = 0; i < nitems(nlm_rsa_ucode_data); i++) nlm_rsa_ucode_data[i] = htobe64(nlm_rsa_ucode_data[i]); #endif for (dstvc = sc->rsaecc_vc_start; dstvc <= sc->rsaecc_vc_end; dstvc++) { cmd = malloc(sizeof(struct xlp_rsa_command), M_DEVBUF, M_NOWAIT | M_ZERO); KASSERT(cmd != NULL, ("%s:cmd is NULL\n", __func__)); cmd->rsasrc = contigmalloc(sizeof(nlm_rsa_ucode_data), M_DEVBUF, (M_WAITOK | M_ZERO), 0UL /* low address */, -1UL /* high address */, XLP_L2L3_CACHELINE_SIZE /* alignment */, 0UL /* boundary */); KASSERT(cmd->rsasrc != NULL, ("%s:cmd->rsasrc is NULL\n", __func__)); memcpy(cmd->rsasrc, nlm_rsa_ucode_data, sizeof(nlm_rsa_ucode_data)); m.msg[0] = nlm_crypto_form_rsa_ecc_fmn_entry0(1, 0x70, 0, vtophys(cmd->rsasrc)); m.msg[1] = nlm_crypto_form_rsa_ecc_fmn_entry1(0, 1, fbvc, vtophys(cmd->rsasrc)); /* Software scratch pad */ m.msg[2] = (uintptr_t)cmd; m.msg[3] = 0; ret = nlm_fmn_msgsend(dstvc, 3, FMN_SWCODE_RSA, &m); if (ret != 0) { err = -1; printf("%s: msgsnd failed (%x)\n", __func__, ret); goto errout; } } /* Configure so that all VCs send request to all RSA pipes */ base = nlm_get_rsa_regbase(node); if (nlm_is_xlp3xx()) { endsel = 1; regval = 0xFFFF; } else { endsel = 3; regval = 0x07FFFFFF; } for (i = 0; i < endsel; i++) nlm_write_rsa_reg(base, RSA_ENG_SEL_0 + i, regval); return (0); errout: xlp_free_cmd_params(cmd); return (err); }
/* This function is called from an interrupt handler */ void nlm_xlpsec_msgring_handler(int vc, int size, int code, int src_id, struct nlm_fmn_msg *msg, void *data) { struct xlp_sec_command *cmd = NULL; struct xlp_sec_softc *sc = NULL; struct cryptodesc *crd = NULL; unsigned int ivlen = 0; KASSERT(code == FMN_SWCODE_CRYPTO, ("%s: bad code = %d, expected code = %d\n", __FUNCTION__, code, FMN_SWCODE_CRYPTO)); sc = (struct xlp_sec_softc *)data; KASSERT(src_id >= sc->sec_vc_start && src_id <= sc->sec_vc_end, ("%s: bad src_id = %d, expect %d - %d\n", __FUNCTION__, src_id, sc->sec_vc_start, sc->sec_vc_end)); cmd = (struct xlp_sec_command *)(uintptr_t)msg->msg[0]; KASSERT(cmd != NULL && cmd->crp != NULL, ("%s :cmd not received properly\n",__FUNCTION__)); KASSERT(CRYPTO_ERROR(msg->msg[1]) == 0, ("%s: Message rcv msg0 %llx msg1 %llx err %x \n", __FUNCTION__, (unsigned long long)msg->msg[0], (unsigned long long)msg->msg[1], (int)CRYPTO_ERROR(msg->msg[1]))); crd = cmd->enccrd; /* Copy the last 8 or 16 bytes to the session iv, so that in few * cases this will be used as IV for the next request */ if (crd != NULL) { if ((crd->crd_alg == CRYPTO_DES_CBC || crd->crd_alg == CRYPTO_3DES_CBC || crd->crd_alg == CRYPTO_AES_CBC) && (crd->crd_flags & CRD_F_ENCRYPT)) { ivlen = ((crd->crd_alg == CRYPTO_AES_CBC) ? XLP_SEC_AES_IV_LENGTH : XLP_SEC_DES_IV_LENGTH); crypto_copydata(cmd->crp->crp_flags, cmd->crp->crp_buf, crd->crd_skip + crd->crd_len - ivlen, ivlen, sc->sc_sessions[cmd->session_num].ses_iv); } } /* If there are not enough credits to send, then send request * will fail with ERESTART and the driver will be blocked until it is * unblocked here after knowing that there are sufficient credits to * send the request again. */ if (sc->sc_needwakeup) { atomic_add_int(&creditleft, sc->sec_msgsz); if (creditleft >= (NLM_CRYPTO_LEFT_REQS)) { crypto_unblock(sc->sc_cid, sc->sc_needwakeup); sc->sc_needwakeup &= (~(CRYPTO_SYMQ | CRYPTO_ASYMQ)); } } if(cmd->maccrd) { crypto_copyback(cmd->crp->crp_flags, cmd->crp->crp_buf, cmd->maccrd->crd_inject, cmd->hash_dst_len, cmd->hashdest); } /* This indicates completion of the crypto operation */ crypto_done(cmd->crp); xlp_free_cmd_params(cmd); return; }