Subject: Please review design of Security Engine driver for Au1550
To: None <port-evbmips@NetBSD.org>
From: Shigeyuki Fukushima <shige@netbsd.org>
List: port-evbmips
Date: 03/10/2006 04:34:16
This is a multi-part message in MIME format.
--------------020903070303090708050904
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Hi,
Now I'm trying to develop a driver for Au1550's Security Engine.
There is a Security Engine function *only* on Au1550.
(c.f. Au1200 has `AES Cryptography Engine'.
This should be implemented as another cryptographic device ?
# For now, other AuXXX have no security function on chip.
Please review design of its driver.
I think that we should implement it as an opencrypto device.
I attached frame of codes in this mail.
The point of argument:
1. Device Naming
2. Whether apply OpenCrypto Framework or not.
3. Whether need an RNG-only device or not.
4. (other thing...)
Have you something good idea?
--
Kind Regards,
--- shige
Shigeyuki Fukushima <shige@{FreeBSD,jp.FreeBSD,NetBSD}.org>
--------------020903070303090708050904
Content-Type: text/plain;
name="aucrypto.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="aucrypto.diff"
? sys/arch/mips/alchemy/dev/aucrypto.c
? sys/arch/mips/alchemy/dev/aucryptoreg.h
Index: sys/arch/mips/alchemy/au1550.c
===================================================================
RCS file: /cvsroot/src/sys/arch/mips/alchemy/au1550.c,v
retrieving revision 1.7
diff -u -r1.7 au1550.c
--- sys/arch/mips/alchemy/au1550.c 24 Feb 2006 14:34:31 -0000 1.7
+++ sys/arch/mips/alchemy/au1550.c 9 Mar 2006 19:19:28 -0000
@@ -189,6 +189,7 @@
{ "aupsc", { PSC1_BASE }, { 11, -1 }},
{ "aupsc", { PSC2_BASE }, { 12, -1 }},
{ "aupsc", { PSC3_BASE }, { 13, -1 }},
+ { "aucrypto", { CRYPTO_BASE }, { 4, -1 }},
#if 0
{ "usbd", { USBD_BASE }, { 24, 25 }},
{ "aucrypto", { CRYPTO_BASE }, { 4, -1 }},
Index: sys/arch/mips/alchemy/include/aureg.h
===================================================================
RCS file: /cvsroot/src/sys/arch/mips/alchemy/include/aureg.h,v
retrieving revision 1.15
diff -u -r1.15 aureg.h
--- sys/arch/mips/alchemy/include/aureg.h 1 Mar 2006 18:35:28 -0000 1.15
+++ sys/arch/mips/alchemy/include/aureg.h 9 Mar 2006 19:19:28 -0000
@@ -132,6 +132,12 @@
*/
/************************************************************************/
+/******************** Security Engine registers *********************/
+/************************************************************************/
+
+#define CRYPTO_BASE 0x14008000
+
+/************************************************************************/
/************* Programable Serial Controller registers **************/
/************************************************************************/
Index: sys/arch/mips/conf/files.alchemy
===================================================================
RCS file: /cvsroot/src/sys/arch/mips/conf/files.alchemy,v
retrieving revision 1.11
diff -u -r1.11 files.alchemy
--- sys/arch/mips/conf/files.alchemy 6 Mar 2006 17:16:45 -0000 1.11
+++ sys/arch/mips/conf/files.alchemy 9 Mar 2006 19:19:28 -0000
@@ -69,6 +69,11 @@
attach ausmbus at aupsc
file arch/mips/alchemy/dev/ausmbus_psc.c ausmbus
+# On-chip Security Engine
+device aucrypto: opencrypto
+attach aucrypto at aubus
+file arch/mips/alchemy/dev/aucrypto.c aucrypto
+
# On-chip PCMCIA
#
# XXX: NOTE: As of Feb. 22, 2006, the aupcmcia bus is not quite
--------------020903070303090708050904
Content-Type: text/plain;
name="aucrypto.c"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="aucrypto.c"
/* $NetBSD$ */
/*-
* Copyright (c) 2006 Shigeyuki Fukushima.
* All rights reserved.
*
* Written by Shigeyuki Fukushima.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
* GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD$");
#include "locators.h"
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/device.h>
#include <machine/bus.h>
#include <machine/cpu.h>
#include <opencrypto/cryptodev.h>
#include <mips/alchemy/include/aubusvar.h>
#include <mips/alchemy/include/aureg.h>
#include <mips/alchemy/dev/aucryptoreg.h>
struct aucrypto_softc {
struct device sc_dev;
bus_space_tag_t sc_bust;
bus_space_handle_t sc_bush;
int32_t sc_cid; /* crypto tag */
};
static int aucrypto_match(struct device *, struct cfdata *, void *);
static void aucrypto_attach(struct device *, struct device *, void *);
CFATTACH_DECL(aucrypto, sizeof(struct aucrypto_softc),
aucrypto_match, aucrypto_attach, NULL, NULL);
static int aucrypto_newsession(void*, uint32_t*, struct cryptoini*);
static int aucrypto_process(void*, struct cryptop *, int);
static int aucrypto_freesession(void*, uint64_t);
static int
aucrypto_match(struct device *parent, struct cfdata *cf, void *aux)
{
struct aubus_attach_args *aa = (struct aubus_attach_args *)aux;
if (strcmp(aa->aa_name, cf->cf_name) != 0)
return 0;
return 1;
}
static void
aucrypto_attach(struct device *parent, struct device *self, void *aux)
{
struct aucrypto_softc *sc = (struct aucrypto_softc *)self;
struct aubus_attach_args *aa = aux;
uint32_t rv;
sc->sc_bust = aa->aa_st;
if (bus_space_map(sc->sc_bust, aa->aa_addr,
AUCRYPTO_SIZE, 0, &sc->sc_bush) != 0) {
aprint_error(": unable to map device registers\n");
return;
}
aprint_normal(": Alchemy Security Engine\n");
sc->sc_cid = crypto_get_driverid(0);
if (sc->sc_cid < 0) {
aprint_error("%s: couldn't get crypto driver id\n",
sc->sc_dev.dv_xname);
return;
}
crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0,
aucrypto_newsession, aucrypto_freesession,
aucrypto_process, sc);
crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0,
aucrypto_newsession, aucrypto_freesession,
aucrypto_process, sc);
crypto_register(sc->sc_cid, CRYPTO_AES_CBC, 0, 0,
aucrypto_newsession, aucrypto_freesession,
aucrypto_process, sc);
crypto_register(sc->sc_cid, CRYPTO_ARC4, 0, 0,
aucrypto_newsession, aucrypto_freesession,
aucrypto_process, sc);
crypto_register(sc->sc_cid, CRYPTO_MD5, 0, 0,
aucrypto_newsession, aucrypto_freesession,
aucrypto_process, sc);
crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0,
aucrypto_newsession, aucrypto_freesession,
aucrypto_process, sc);
crypto_register(sc->sc_cid, CRYPTO_SHA1, 0, 0,
aucrypto_newsession, aucrypto_freesession,
aucrypto_process, sc);
crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0,
aucrypto_newsession, aucrypto_freesession,
aucrypto_process, sc);
rv = bus_space_read_4(sc->sc_bust, sc->sc_bush, AUCRYPTO_SEC_SYSENABLE);
bus_space_write_4(sc->sc_bust, sc->sc_bush,
AUCRYPTO_SEC_SYSENABLE, (rv | AUCRYPTO_SEC_SYSENABLE_CE));
delay(1);
/* XXX: now implementing (other initialization ops) */
#ifdef AUCRYPTO_DEBUG
printf("Register sec_sysenable: 0x%08x\n", rv);
rv = bus_space_read_4(sc->sc_bust, sc->sc_bush, AUCRYPTO_SEC_SYSENABLE);
printf("Register sec_sysenable: 0x%08x\n", rv);
#endif
}
static int
aucrypto_newsession(void *arg, uint32_t *sidp, struct cryptoini *cri)
{
struct aucrypto_softc *sc;
sc = arg;
KASSERT(sc != NULL);
/* XXX: now implementing */
return 0;
}
static int
aucrypto_process(void *arg, struct cryptop *crp, int hint)
{
struct aucrypto_softc *sc;
sc = arg;
KASSERT(sc != NULL);
/* XXX: now implementing */
return 0;
}
static int
aucrypto_freesession(void *arg, uint64_t tid)
{
struct aucrypto_softc *sc;
sc = arg;
KASSERT(sc != NULL);
/* XXX: now implementing */
return 0;
}
--------------020903070303090708050904
Content-Type: text/plain;
name="aucryptoreg.h"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="aucryptoreg.h"
/* $NetBSD$ */
/*-
* Copyright (c) 2006 Shigeyuki Fukushima.
* All rights reserved.
*
* Written by Shigeyuki Fukushima.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
* GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _MIPS_ALCHEMY_DEV_AUCRYPTOREG_H_
#define _MIPS_ALCHEMY_DEV_AUCRYPTOREG_H_
/* Memory size for Security Engine registers */
#define AUCRYPTO_SIZE 0x800
/*
* Au1550 Security Engine registers
*
* Registers Prefix Start End
* ------------------------- ---------------- ------ ------
* Command Queue regs AUCRYPTO_SEC_Q 0x0000 0x001F
* System Bus Interface regs AUCRYPTO_SEC_SYS 0x0020 0x003F
* Global regs AUCRYPTO_SEC_GLB 0x0040 0x007F
* Device ID and Control regs AUCRYPTO_SEC_DEV 0x0080 0x009F
* Interrupt Controller regs AUCRYPTO_SEC_INT 0x00A0 0x00BF
* DMA Controller regs AUCRYPTO_SEC_DMA 0x00C0 0x00FF
* RNG regs AUCRYPTO_SEC_RNG 0x0100 0x01FF
* Reserved --- 0x0200 0x05FF
* SA Context regs AUCRYPTO_SEC_SA 0x0600 0x069F
* Input/Output FIFOs AUCRYPTO_SEC_IN 0x06A0 0x06A7
* AUCRYPTO_SEC_OUT
* Reserved --- 0x06A8 0x07FF
*/
/* Command Queue Registers */
#define AUCRYPTO_SEC_QCTRLSTAT 0x0000
#define AUCRYPTO_SEC_QSRCADDR 0x0004
#define AUCRYPTO_SEC_QDSTADDR 0x0008
#define AUCRYPTO_SEC_QSAADDR 0x000c
#define AUCRYPTO_SEC_QLENCTRL 0x0010
/* System Bus Interface Registers */
#define AUCRYPTO_SEC_SYSENABLE 0x0020
#define AUCRYPTO_SEC_SYSENABLE_CE (1u << 0)
#define AUCRYPTO_SEC_SYSHINT 0x0024
#define AUCRYPTO_SEC_SYSBUFSTAT 0x0028
#define AUCRYPTO_SEC_SYSBUSCFG 0x002c
/* Global Registers */
#define AUCRYPTO_SEC_GLBDMACFG 0x0040
#define AUCRYPTO_SEC_GLBDMASTAT 0x0044
#define AUCRYPTO_SEC_GLBPDRBASE 0x0048
#define AUCRYPTO_SEC_GLBRDRBASE 0x004c
#define AUCRYPTO_SEC_GLBRSIZE 0x0050
#define AUCRYPTO_SEC_GLBRPOLL 0x0054
#define AUCRYPTO_SEC_GLBQSTAT 0x0058
#define AUCRYPTO_SEC_GLBEXTRSTAT 0x005c
#define AUCRYPTO_SEC_GLBTHRESH 0x0060
/* Device ID and Control Registers */
#define AUCRYPTO_SEC_DEVCTRL 0x0080
#define AUCRYPTO_SEC_DEVID 0x0084
#define AUCRYPTO_SEC_DEVINFO 0x0088
/* Interrupt Controller Registers */
#define AUCRYPTO_SEC_INTHUSTAT 0x00a0
#define AUCRYPTO_SEC_INTHMSTAT 0x00a4
#define AUCRYPTO_SEC_INTHCLR 0x00a8
#define AUCRYPTO_SEC_INTHMASK 0x00ac
#define AUCRYPTO_SEC_INTHCFG 0x00b0
#define AUCRYPTO_SEC_INTDESCRD 0x00b4
#define AUCRYPTO_SEC_INTDESCCNT 0x00b8
/* DMA Controller Registers */
#define AUCRYPTO_SEC_DMASADDR 0x00c4
#define AUCRYPTO_SEC_DMADADDR 0x00c8
#define AUCRYPTO_SEC_DMASTAT 0x00cc
#define AUCRYPTO_SEC_DMABURST 0x00d4
#define AUCRYPTO_SEC_DMAENDIAN 0x00e4
/* RNG (Rnadom Number Generator) Registers */
#define AUCRYPTO_SEC_RNGOUT 0x0100
#define AUCRYPTO_SEC_RNGSTAT 0x0104
#define AUCRYPTO_SEC_RNGCTRL 0x0108
#define AUCRYPTO_SEC_RNGA 0x010c
#define AUCRYPTO_SEC_RNGB 0x0110
#define AUCRYPTO_SEC_RNGSEED0 0x0114
#define AUCRYPTO_SEC_RNGSEED1 0x0118
#define AUCRYPTO_SEC_RNGSEED2 0x011c
#define AUCRYPTO_SEC_RNGCNT 0x0120
#define AUCRYPTO_SEC_RNGALARM 0x0124
#define AUCRYPTO_SEC_RNGCFG 0x0128
#define AUCRYPTO_SEC_RNGLFSR1A 0x012c
#define AUCRYPTO_SEC_RNGLFSR1B 0x0130
#define AUCRYPTO_SEC_RNGLFSR2A 0x0134
#define AUCRYPTO_SEC_RNGLFSR2B 0x0138
/* SA Context Registers */
#define AUCRYPTO_SEC_SACMD0 0x0600
#define AUCRYPTO_SEC_SACMD1 0x0604
#define AUCRYPTO_SEC_SAKEY1A 0x0610
#define AUCRYPTO_SEC_SAKEY1B 0x0614
#define AUCRYPTO_SEC_SAKEY2A 0x0618
#define AUCRYPTO_SEC_SAKEY2B 0x061c
#define AUCRYPTO_SEC_SAKEY3A 0x0620
#define AUCRYPTO_SEC_SAKEY3B 0x0624
#define AUCRYPTO_SEC_SAKEY4A 0x0628
#define AUCRYPTO_SEC_SAKEY4B 0x062c
#define AUCRYPTO_SEC_SAINHASH0 0x0630
#define AUCRYPTO_SEC_SAINHASH1 0x0634
#define AUCRYPTO_SEC_SAINHASH2 0x0638
#define AUCRYPTO_SEC_SAINHASH3 0x063c
#define AUCRYPTO_SEC_SAINHASH4 0x0640
#define AUCRYPTO_SEC_SAOUTHASH0 0x0644
#define AUCRYPTO_SEC_SAOUTHASH1 0x0648
#define AUCRYPTO_SEC_SAOUTHASH2 0x065c
#define AUCRYPTO_SEC_SAOUTHASH3 0x0650
#define AUCRYPTO_SEC_SAOUTHASH4 0x0654
#define AUCRYPTO_SEC_SASPI 0x0658
#define AUCRYPTO_SEC_SASEQ 0x065c
#define AUCRYPTO_SEC_SASEQMASK0 0x0660
#define AUCRYPTO_SEC_SASEQMASK1 0x0664
#define AUCRYPTO_SEC_SAIV0 0x066c
#define AUCRYPTO_SEC_SAIV1 0x0670
#define AUCRYPTO_SEC_SAIV2 0x0674
#define AUCRYPTO_SEC_SAIV3 0x0678
#define AUCRYPTO_SEC_SAHASHCNT 0x067c
#define AUCRYPTO_SEC_SAINHASH0SHD 0x0680
#define AUCRYPTO_SEC_SAINHASH1SHD 0x0684
#define AUCRYPTO_SEC_SAINHASH2SHD 0x0688
#define AUCRYPTO_SEC_SAINHASH3SHD 0x068c
#define AUCRYPTO_SEC_SAINHASH4SHD 0x0690
#define AUCRYPTO_SEC_SAICV0 0x0694
#define AUCRYPTO_SEC_SAICV1 0x0698
#define AUCRYPTO_SEC_SAICV2 0x069c
/* Input/Output FIFOs */
#define AUCRYPTO_SEC_INDATA 0x06a0
#define AUCRYPTO_SEC_OUTDATA 0x06a4
#endif /* _MIPS_ALCHEMY_DEV_AUCRYPTOREG_H_ */
--------------020903070303090708050904--