[oe] [PATCH 1/3] linux-omap-psp: add OCF support
Chase Maupin
chasemaupin03 at gmail.com
Wed Jan 5 21:39:30 CET 2011
* Add a patch to put OCF support into the linux-omap-psp kernel
for am37x-evm devices, which is the only device that this has
been validated on.
* Add support to the defconfig file for am37x-evm for OCF
* Bump the MACHINE_KERNEL_PR
Signed-off-by: Chase Maupin <Chase.Maupin at ti.com>
---
conf/machine/include/omap3.inc | 2 +-
...x-omap3-PSP-3.0.1.6-kernel-with-OCF-Linux.patch |88794 ++++++++++++++++++++
.../linux-omap-psp-2.6.32/am37x-evm/defconfig | 21 +
recipes/linux/linux-omap-psp_2.6.32.bb | 2 +
4 files changed, 88818 insertions(+), 1 deletions(-)
create mode 100644 recipes/linux/linux-omap-psp-2.6.32/am37x-evm/0001-linux-omap3-PSP-3.0.1.6-kernel-with-OCF-Linux.patch
diff --git a/conf/machine/include/omap3.inc b/conf/machine/include/omap3.inc
index 36f11b0..9bcfe48 100644
--- a/conf/machine/include/omap3.inc
+++ b/conf/machine/include/omap3.inc
@@ -4,7 +4,7 @@ TARGET_ARCH = "arm"
require conf/machine/include/tune-cortexa8.inc
PREFERRED_PROVIDER_virtual/kernel = "linux-omap"
# Increase this everytime you change something in the kernel
-MACHINE_KERNEL_PR = "r97"
+MACHINE_KERNEL_PR = "r98"
KERNEL_IMAGETYPE = "uImage"
diff --git a/recipes/linux/linux-omap-psp-2.6.32/am37x-evm/0001-linux-omap3-PSP-3.0.1.6-kernel-with-OCF-Linux.patch b/recipes/linux/linux-omap-psp-2.6.32/am37x-evm/0001-linux-omap3-PSP-3.0.1.6-kernel-with-OCF-Linux.patch
new file mode 100644
index 0000000..044e3b6
--- /dev/null
+++ b/recipes/linux/linux-omap-psp-2.6.32/am37x-evm/0001-linux-omap3-PSP-3.0.1.6-kernel-with-OCF-Linux.patch
@@ -0,0 +1,88794 @@
+From 5cf66ebe920ac1fd26c6cf99ee9aed77acba1434 Mon Sep 17 00:00:00 2001
+From: Greg Turner <gregturner at ti.com>
+Date: Tue, 4 Jan 2011 15:12:06 -0600
+Subject: [PATCH] linux-omap3: PSP 3.0.1.6 kernel with OCF-Linux
+
+* PSP 3.0.1.6 kernel source patched with OCF-Linux 20100325
+* OCF-Linux is from community source code
+* Header file cryptodev.h is moved to include/crypto
+
+Signed-off-by: Greg Turner <gregturner at ti.com>
+---
+ crypto/Kconfig | 3 +
+ crypto/Makefile | 2 +
+ crypto/ocf/Config.in | 36 +
+ crypto/ocf/Kconfig | 119 +
+ crypto/ocf/Makefile | 124 +
+ crypto/ocf/README | 167 ++
+ crypto/ocf/c7108/Makefile | 12 +
+ crypto/ocf/c7108/aes-7108.c | 839 ++++++
+ crypto/ocf/c7108/aes-7108.h | 134 +
+ crypto/ocf/criov.c | 215 ++
+ crypto/ocf/crypto.c | 1784 +++++++++++
+ crypto/ocf/cryptocteon/Makefile | 17 +
+ crypto/ocf/cryptocteon/cavium_crypto.c | 2283 ++++++++++++++
+ crypto/ocf/cryptocteon/cryptocteon.c | 574 ++++
+ crypto/ocf/cryptodev.c | 1061 +++++++
+ crypto/ocf/cryptodev.h | 479 +++
+ crypto/ocf/cryptosoft.c | 1210 ++++++++
+ crypto/ocf/ep80579/Makefile | 119 +
+ crypto/ocf/ep80579/icp_asym.c | 1334 +++++++++
+ crypto/ocf/ep80579/icp_common.c | 773 +++++
+ crypto/ocf/ep80579/icp_ocf.h | 376 +++
+ crypto/ocf/ep80579/icp_sym.c | 1153 ++++++++
+ crypto/ocf/hifn/Makefile | 13 +
+ crypto/ocf/hifn/hifn7751.c | 2976 +++++++++++++++++++
+ crypto/ocf/hifn/hifn7751reg.h | 540 ++++
+ crypto/ocf/hifn/hifn7751var.h | 369 +++
+ crypto/ocf/hifn/hifnHIPP.c | 420 +++
+ crypto/ocf/hifn/hifnHIPPreg.h | 46 +
+ crypto/ocf/hifn/hifnHIPPvar.h | 93 +
+ crypto/ocf/ixp4xx/Makefile | 104 +
+ crypto/ocf/ixp4xx/ixp4xx.c | 1324 +++++++++
+ crypto/ocf/kirkwood/Makefile | 19 +
+ crypto/ocf/kirkwood/cesa/AES/mvAes.h | 62 +
+ crypto/ocf/kirkwood/cesa/AES/mvAesAlg.c | 317 ++
+ crypto/ocf/kirkwood/cesa/AES/mvAesAlg.h | 19 +
+ crypto/ocf/kirkwood/cesa/AES/mvAesApi.c | 312 ++
+ crypto/ocf/kirkwood/cesa/mvCesa.c | 3126 ++++++++++++++++++++
+ crypto/ocf/kirkwood/cesa/mvCesa.h | 412 +++
+ crypto/ocf/kirkwood/cesa/mvCesaDebug.c | 484 +++
+ crypto/ocf/kirkwood/cesa/mvCesaRegs.h | 357 +++
+ crypto/ocf/kirkwood/cesa/mvCesaTest.c | 3096 +++++++++++++++++++
+ crypto/ocf/kirkwood/cesa/mvLru.c | 158 +
+ crypto/ocf/kirkwood/cesa/mvLru.h | 112 +
+ crypto/ocf/kirkwood/cesa/mvMD5.c | 349 +++
+ crypto/ocf/kirkwood/cesa/mvMD5.h | 93 +
+ crypto/ocf/kirkwood/cesa/mvSHA1.c | 239 ++
+ crypto/ocf/kirkwood/cesa/mvSHA1.h | 88 +
+ crypto/ocf/kirkwood/cesa_ocf_drv.c | 1296 ++++++++
+ crypto/ocf/kirkwood/mvHal/common/mv802_3.h | 213 ++
+ crypto/ocf/kirkwood/mvHal/common/mvCommon.c | 277 ++
+ crypto/ocf/kirkwood/mvHal/common/mvCommon.h | 308 ++
+ crypto/ocf/kirkwood/mvHal/common/mvDebug.c | 326 ++
+ crypto/ocf/kirkwood/mvHal/common/mvDebug.h | 178 ++
+ crypto/ocf/kirkwood/mvHal/common/mvDeviceId.h | 225 ++
+ crypto/ocf/kirkwood/mvHal/common/mvHalVer.h | 73 +
+ crypto/ocf/kirkwood/mvHal/common/mvStack.c | 100 +
+ crypto/ocf/kirkwood/mvHal/common/mvStack.h | 140 +
+ crypto/ocf/kirkwood/mvHal/common/mvTypes.h | 245 ++
+ crypto/ocf/kirkwood/mvHal/dbg-trace.c | 110 +
+ crypto/ocf/kirkwood/mvHal/dbg-trace.h | 24 +
+ .../mvHal/kw_family/boardEnv/mvBoardEnvLib.c | 2513 ++++++++++++++++
+ .../mvHal/kw_family/boardEnv/mvBoardEnvLib.h | 376 +++
+ .../mvHal/kw_family/boardEnv/mvBoardEnvSpec.c | 848 ++++++
+ .../mvHal/kw_family/boardEnv/mvBoardEnvSpec.h | 262 ++
+ crypto/ocf/kirkwood/mvHal/kw_family/cpu/mvCpu.c | 320 ++
+ crypto/ocf/kirkwood/mvHal/kw_family/cpu/mvCpu.h | 99 +
+ .../mvHal/kw_family/ctrlEnv/mvCtrlEnvAddrDec.c | 296 ++
+ .../mvHal/kw_family/ctrlEnv/mvCtrlEnvAddrDec.h | 203 ++
+ .../mvHal/kw_family/ctrlEnv/mvCtrlEnvAsm.h | 98 +
+ .../mvHal/kw_family/ctrlEnv/mvCtrlEnvLib.c | 1825 ++++++++++++
+ .../mvHal/kw_family/ctrlEnv/mvCtrlEnvLib.h | 185 ++
+ .../mvHal/kw_family/ctrlEnv/mvCtrlEnvRegs.h | 419 +++
+ .../mvHal/kw_family/ctrlEnv/mvCtrlEnvSpec.h | 257 ++
+ .../mvHal/kw_family/ctrlEnv/sys/mvAhbToMbus.c | 1048 +++++++
+ .../mvHal/kw_family/ctrlEnv/sys/mvAhbToMbus.h | 130 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvAhbToMbusRegs.h | 143 +
+ .../kirkwood/mvHal/kw_family/ctrlEnv/sys/mvCpuIf.c | 1036 +++++++
+ .../kirkwood/mvHal/kw_family/ctrlEnv/sys/mvCpuIf.h | 120 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvCpuIfRegs.h | 304 ++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysAudio.c | 324 ++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysAudio.h | 123 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysCesa.c | 382 +++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysCesa.h | 100 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysDram.c | 348 +++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysDram.h | 80 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysGbe.c | 658 ++++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysGbe.h | 113 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysPex.c | 1697 +++++++++++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysPex.h | 348 +++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysSata.c | 430 +++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysSata.h | 128 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysSdmmc.c | 427 +++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysSdmmc.h | 125 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysTdm.c | 462 +++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysTdm.h | 106 +
+ .../kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysTs.c | 591 ++++
+ .../kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysTs.h | 110 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysUsb.c | 497 ++++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysUsb.h | 125 +
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysXor.c | 662 +++++
+ .../mvHal/kw_family/ctrlEnv/sys/mvSysXor.h | 140 +
+ .../ocf/kirkwood/mvHal/kw_family/device/mvDevice.c | 75 +
+ .../ocf/kirkwood/mvHal/kw_family/device/mvDevice.h | 74 +
+ .../kirkwood/mvHal/kw_family/device/mvDeviceRegs.h | 101 +
+ crypto/ocf/kirkwood/mvHal/linux_oss/mvOs.c | 211 ++
+ crypto/ocf/kirkwood/mvHal/linux_oss/mvOs.h | 423 +++
+ crypto/ocf/kirkwood/mvHal/linux_oss/mvOsSata.h | 158 +
+ crypto/ocf/kirkwood/mvHal/mvSysHwConfig.h | 375 +++
+ crypto/ocf/kirkwood/mvHal/mv_hal/cntmr/mvCntmr.c | 376 +++
+ crypto/ocf/kirkwood/mvHal/mv_hal/cntmr/mvCntmr.h | 121 +
+ .../ocf/kirkwood/mvHal/mv_hal/cntmr/mvCntmrRegs.h | 121 +
+ crypto/ocf/kirkwood/mvHal/mv_hal/cpu/mvCpuCntrs.c | 207 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/cpu/mvCpuCntrs.h | 213 ++
+ .../ocf/kirkwood/mvHal/mv_hal/cpu/mvCpuL2Cntrs.c | 143 +
+ .../ocf/kirkwood/mvHal/mv_hal/cpu/mvCpuL2Cntrs.h | 151 +
+ crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDram.c | 1479 +++++++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDram.h | 191 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDramIf.c | 1599 ++++++++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDramIf.h | 179 ++
+ .../kirkwood/mvHal/mv_hal/ddr1_2/mvDramIfConfig.h | 192 ++
+ .../kirkwood/mvHal/mv_hal/ddr1_2/mvDramIfRegs.h | 306 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/mvDramIf.c | 1855 ++++++++++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/mvDramIf.h | 172 ++
+ .../kirkwood/mvHal/mv_hal/ddr2/mvDramIfConfig.h | 157 +
+ .../ocf/kirkwood/mvHal/mv_hal/ddr2/mvDramIfRegs.h | 423 +++
+ .../mvHal/mv_hal/ddr2/mvDramIfStaticInit.h | 179 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/spd/mvSpd.c | 1474 +++++++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/spd/mvSpd.h | 192 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEth.c | 2952 ++++++++++++++++++
+ .../ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEthDebug.c | 748 +++++
+ .../ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEthDebug.h | 146 +
+ .../ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEthGbe.h | 751 +++++
+ .../ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEthRegs.h | 700 +++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/eth/mvEth.h | 356 +++
+ crypto/ocf/kirkwood/mvHal/mv_hal/gpp/mvGpp.c | 362 +++
+ crypto/ocf/kirkwood/mvHal/mv_hal/gpp/mvGpp.h | 118 +
+ crypto/ocf/kirkwood/mvHal/mv_hal/gpp/mvGppRegs.h | 116 +
+ crypto/ocf/kirkwood/mvHal/mv_hal/pci-if/mvPciIf.c | 669 +++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/pci-if/mvPciIf.h | 134 +
+ .../ocf/kirkwood/mvHal/mv_hal/pci-if/mvPciIfRegs.h | 245 ++
+ .../mvHal/mv_hal/pci-if/pci_util/mvPciUtils.c | 1006 +++++++
+ .../mvHal/mv_hal/pci-if/pci_util/mvPciUtils.h | 323 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/pci/mvPci.c | 1047 +++++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/pci/mvPci.h | 185 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/pci/mvPciRegs.h | 411 +++
+ crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvPex.c | 1143 +++++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvPex.h | 168 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvPexRegs.h | 751 +++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvVrtBrgPex.c | 313 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvVrtBrgPex.h | 82 +
+ crypto/ocf/kirkwood/mvHal/mv_hal/sflash/mvSFlash.c | 1522 ++++++++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/sflash/mvSFlash.h | 166 ++
+ .../kirkwood/mvHal/mv_hal/sflash/mvSFlashSpec.h | 233 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpi.c | 576 ++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpi.h | 94 +
+ crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpiCmnd.c | 249 ++
+ crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpiCmnd.h | 82 +
+ crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpiSpec.h | 98 +
+ crypto/ocf/kirkwood/mvHal/mv_hal/twsi/mvTwsi.c | 1023 +++++++
+ crypto/ocf/kirkwood/mvHal/mv_hal/twsi/mvTwsi.h | 121 +
+ crypto/ocf/kirkwood/mvHal/mv_hal/twsi/mvTwsiSpec.h | 160 +
+ crypto/ocf/ocf-bench.c | 436 +++
+ crypto/ocf/ocf-compat.h | 294 ++
+ crypto/ocf/ocfnull/Makefile | 12 +
+ crypto/ocf/ocfnull/ocfnull.c | 203 ++
+ crypto/ocf/pasemi/Makefile | 12 +
+ crypto/ocf/pasemi/pasemi.c | 1009 +++++++
+ crypto/ocf/pasemi/pasemi_fnu.h | 410 +++
+ crypto/ocf/random.c | 322 ++
+ crypto/ocf/rndtest.c | 300 ++
+ crypto/ocf/rndtest.h | 54 +
+ crypto/ocf/safe/Makefile | 12 +
+ crypto/ocf/safe/md5.c | 308 ++
+ crypto/ocf/safe/md5.h | 76 +
+ crypto/ocf/safe/safe.c | 2288 ++++++++++++++
+ crypto/ocf/safe/safereg.h | 421 +++
+ crypto/ocf/safe/safevar.h | 230 ++
+ crypto/ocf/safe/sha1.c | 279 ++
+ crypto/ocf/safe/sha1.h | 72 +
+ crypto/ocf/talitos/Makefile | 12 +
+ crypto/ocf/talitos/talitos.c | 1359 +++++++++
+ crypto/ocf/talitos/talitos_dev.h | 277 ++
+ crypto/ocf/talitos/talitos_soft.h | 77 +
+ crypto/ocf/uio.h | 54 +
+ drivers/char/random.c | 65 +
+ fs/fcntl.c | 1 +
+ include/crypto/cryptodev.h | 479 +++
+ include/linux/miscdevice.h | 1 +
+ include/linux/random.h | 29 +
+ kernel/pid.c | 1 +
+ 190 files changed, 87205 insertions(+), 0 deletions(-)
+ create mode 100644 crypto/ocf/Config.in
+ create mode 100644 crypto/ocf/Kconfig
+ create mode 100644 crypto/ocf/Makefile
+ create mode 100644 crypto/ocf/README
+ create mode 100644 crypto/ocf/c7108/Makefile
+ create mode 100644 crypto/ocf/c7108/aes-7108.c
+ create mode 100644 crypto/ocf/c7108/aes-7108.h
+ create mode 100644 crypto/ocf/criov.c
+ create mode 100644 crypto/ocf/crypto.c
+ create mode 100644 crypto/ocf/cryptocteon/Makefile
+ create mode 100644 crypto/ocf/cryptocteon/cavium_crypto.c
+ create mode 100644 crypto/ocf/cryptocteon/cryptocteon.c
+ create mode 100644 crypto/ocf/cryptodev.c
+ create mode 100644 crypto/ocf/cryptodev.h
+ create mode 100644 crypto/ocf/cryptosoft.c
+ create mode 100644 crypto/ocf/ep80579/Makefile
+ create mode 100644 crypto/ocf/ep80579/icp_asym.c
+ create mode 100644 crypto/ocf/ep80579/icp_common.c
+ create mode 100644 crypto/ocf/ep80579/icp_ocf.h
+ create mode 100644 crypto/ocf/ep80579/icp_sym.c
+ create mode 100644 crypto/ocf/hifn/Makefile
+ create mode 100644 crypto/ocf/hifn/hifn7751.c
+ create mode 100644 crypto/ocf/hifn/hifn7751reg.h
+ create mode 100644 crypto/ocf/hifn/hifn7751var.h
+ create mode 100644 crypto/ocf/hifn/hifnHIPP.c
+ create mode 100644 crypto/ocf/hifn/hifnHIPPreg.h
+ create mode 100644 crypto/ocf/hifn/hifnHIPPvar.h
+ create mode 100644 crypto/ocf/ixp4xx/Makefile
+ create mode 100644 crypto/ocf/ixp4xx/ixp4xx.c
+ create mode 100644 crypto/ocf/kirkwood/Makefile
+ create mode 100644 crypto/ocf/kirkwood/cesa/AES/mvAes.h
+ create mode 100644 crypto/ocf/kirkwood/cesa/AES/mvAesAlg.c
+ create mode 100644 crypto/ocf/kirkwood/cesa/AES/mvAesAlg.h
+ create mode 100644 crypto/ocf/kirkwood/cesa/AES/mvAesApi.c
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvCesa.c
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvCesa.h
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvCesaDebug.c
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvCesaRegs.h
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvCesaTest.c
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvLru.c
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvLru.h
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvMD5.c
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvMD5.h
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvSHA1.c
+ create mode 100644 crypto/ocf/kirkwood/cesa/mvSHA1.h
+ create mode 100644 crypto/ocf/kirkwood/cesa_ocf_drv.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mv802_3.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mvCommon.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mvCommon.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mvDebug.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mvDebug.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mvDeviceId.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mvHalVer.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mvStack.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mvStack.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/common/mvTypes.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/dbg-trace.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/dbg-trace.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/boardEnv/mvBoardEnvLib.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/boardEnv/mvBoardEnvLib.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/boardEnv/mvBoardEnvSpec.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/boardEnv/mvBoardEnvSpec.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/cpu/mvCpu.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/cpu/mvCpu.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/mvCtrlEnvAddrDec.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/mvCtrlEnvAddrDec.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/mvCtrlEnvAsm.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/mvCtrlEnvLib.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/mvCtrlEnvLib.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/mvCtrlEnvRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/mvCtrlEnvSpec.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvAhbToMbus.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvAhbToMbus.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvAhbToMbusRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvCpuIf.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvCpuIf.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvCpuIfRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysAudio.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysAudio.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysCesa.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysCesa.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysDram.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysDram.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysGbe.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysGbe.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysPex.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysPex.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysSata.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysSata.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysSdmmc.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysSdmmc.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysTdm.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysTdm.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysTs.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysTs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysUsb.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysUsb.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysXor.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/ctrlEnv/sys/mvSysXor.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/device/mvDevice.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/device/mvDevice.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/kw_family/device/mvDeviceRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/linux_oss/mvOs.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/linux_oss/mvOs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/linux_oss/mvOsSata.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mvSysHwConfig.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/cntmr/mvCntmr.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/cntmr/mvCntmr.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/cntmr/mvCntmrRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/cpu/mvCpuCntrs.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/cpu/mvCpuCntrs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/cpu/mvCpuL2Cntrs.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/cpu/mvCpuL2Cntrs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDram.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDram.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDramIf.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDramIf.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDramIfConfig.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr1_2/mvDramIfRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/mvDramIf.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/mvDramIf.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/mvDramIfConfig.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/mvDramIfRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/mvDramIfStaticInit.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/spd/mvSpd.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/ddr2/spd/mvSpd.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEth.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEthDebug.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEthDebug.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEthGbe.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/eth/gbe/mvEthRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/eth/mvEth.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/gpp/mvGpp.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/gpp/mvGpp.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/gpp/mvGppRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pci-if/mvPciIf.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pci-if/mvPciIf.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pci-if/mvPciIfRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pci-if/pci_util/mvPciUtils.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pci-if/pci_util/mvPciUtils.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pci/mvPci.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pci/mvPci.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pci/mvPciRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvPex.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvPex.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvPexRegs.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvVrtBrgPex.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/pex/mvVrtBrgPex.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/sflash/mvSFlash.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/sflash/mvSFlash.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/sflash/mvSFlashSpec.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpi.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpi.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpiCmnd.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpiCmnd.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/spi/mvSpiSpec.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/twsi/mvTwsi.c
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/twsi/mvTwsi.h
+ create mode 100644 crypto/ocf/kirkwood/mvHal/mv_hal/twsi/mvTwsiSpec.h
+ create mode 100644 crypto/ocf/ocf-bench.c
+ create mode 100644 crypto/ocf/ocf-compat.h
+ create mode 100644 crypto/ocf/ocfnull/Makefile
+ create mode 100644 crypto/ocf/ocfnull/ocfnull.c
+ create mode 100644 crypto/ocf/pasemi/Makefile
+ create mode 100644 crypto/ocf/pasemi/pasemi.c
+ create mode 100644 crypto/ocf/pasemi/pasemi_fnu.h
+ create mode 100644 crypto/ocf/random.c
+ create mode 100644 crypto/ocf/rndtest.c
+ create mode 100644 crypto/ocf/rndtest.h
+ create mode 100644 crypto/ocf/safe/Makefile
+ create mode 100644 crypto/ocf/safe/md5.c
+ create mode 100644 crypto/ocf/safe/md5.h
+ create mode 100644 crypto/ocf/safe/safe.c
+ create mode 100644 crypto/ocf/safe/safereg.h
+ create mode 100644 crypto/ocf/safe/safevar.h
+ create mode 100644 crypto/ocf/safe/sha1.c
+ create mode 100644 crypto/ocf/safe/sha1.h
+ create mode 100644 crypto/ocf/talitos/Makefile
+ create mode 100644 crypto/ocf/talitos/talitos.c
+ create mode 100644 crypto/ocf/talitos/talitos_dev.h
+ create mode 100644 crypto/ocf/talitos/talitos_soft.h
+ create mode 100644 crypto/ocf/uio.h
+ create mode 100644 include/crypto/cryptodev.h
+
+diff --git a/crypto/Kconfig b/crypto/Kconfig
+index 81c185a..9f1c30f 100644
+--- a/crypto/Kconfig
++++ b/crypto/Kconfig
+@@ -822,3 +822,6 @@ config CRYPTO_ANSI_CPRNG
+ source "drivers/crypto/Kconfig"
+
+ endif # if CRYPTO
++
++source "crypto/ocf/Kconfig"
++
+diff --git a/crypto/Makefile b/crypto/Makefile
+index 9e8f619..79631fc 100644
+--- a/crypto/Makefile
++++ b/crypto/Makefile
+@@ -85,6 +85,8 @@ obj-$(CONFIG_CRYPTO_ANSI_CPRNG) += ansi_cprng.o
+ obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o
+ obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o
+
++obj-$(CONFIG_OCF_OCF) += ocf/
++
+ #
+ # generic algorithms and the async_tx api
+ #
+diff --git a/crypto/ocf/Config.in b/crypto/ocf/Config.in
+new file mode 100644
+index 0000000..d722cba
+--- /dev/null
++++ b/crypto/ocf/Config.in
+@@ -0,0 +1,36 @@
++#############################################################################
++
++mainmenu_option next_comment
++comment 'OCF Configuration'
++tristate 'OCF (Open Cryptograhic Framework)' CONFIG_OCF_OCF
++dep_mbool ' enable fips RNG checks (fips check on RNG data before use)' \
++ CONFIG_OCF_FIPS $CONFIG_OCF_OCF
++dep_mbool ' enable harvesting entropy for /dev/random' \
++ CONFIG_OCF_RANDOMHARVEST $CONFIG_OCF_OCF
++dep_tristate ' cryptodev (user space support)' \
++ CONFIG_OCF_CRYPTODEV $CONFIG_OCF_OCF
++dep_tristate ' cryptosoft (software crypto engine)' \
++ CONFIG_OCF_CRYPTOSOFT $CONFIG_OCF_OCF
++dep_tristate ' safenet (HW crypto engine)' \
++ CONFIG_OCF_SAFE $CONFIG_OCF_OCF
++dep_tristate ' IXP4xx (HW crypto engine)' \
++ CONFIG_OCF_IXP4XX $CONFIG_OCF_OCF
++dep_mbool ' Enable IXP4xx HW to perform SHA1 and MD5 hashing (very slow)' \
++ CONFIG_OCF_IXP4XX_SHA1_MD5 $CONFIG_OCF_IXP4XX
++dep_tristate ' hifn (HW crypto engine)' \
++ CONFIG_OCF_HIFN $CONFIG_OCF_OCF
++dep_tristate ' talitos (HW crypto engine)' \
++ CONFIG_OCF_TALITOS $CONFIG_OCF_OCF
++dep_tristate ' pasemi (HW crypto engine)' \
++ CONFIG_OCF_PASEMI $CONFIG_OCF_OCF
++dep_tristate ' ep80579 (HW crypto engine)' \
++ CONFIG_OCF_EP80579 $CONFIG_OCF_OCF
++dep_tristate ' Micronas c7108 (HW crypto engine)' \
++ CONFIG_OCF_C7108 $CONFIG_OCF_OCF
++dep_tristate ' ocfnull (does no crypto)' \
++ CONFIG_OCF_OCFNULL $CONFIG_OCF_OCF
++dep_tristate ' ocf-bench (HW crypto in-kernel benchmark)' \
++ CONFIG_OCF_BENCH $CONFIG_OCF_OCF
++endmenu
++
++#############################################################################
+diff --git a/crypto/ocf/Kconfig b/crypto/ocf/Kconfig
+new file mode 100644
+index 0000000..b9c24ff
+--- /dev/null
++++ b/crypto/ocf/Kconfig
+@@ -0,0 +1,119 @@
++menu "OCF Configuration"
++
++config OCF_OCF
++ tristate "OCF (Open Cryptograhic Framework)"
++ help
++ A linux port of the OpenBSD/FreeBSD crypto framework.
++
++config OCF_RANDOMHARVEST
++ bool "crypto random --- harvest entropy for /dev/random"
++ depends on OCF_OCF
++ help
++ Includes code to harvest random numbers from devices that support it.
++
++config OCF_FIPS
++ bool "enable fips RNG checks"
++ depends on OCF_OCF && OCF_RANDOMHARVEST
++ help
++ Run all RNG provided data through a fips check before
++ adding it /dev/random's entropy pool.
++
++config OCF_CRYPTODEV
++ tristate "cryptodev (user space support)"
++ depends on OCF_OCF
++ help
++ The user space API to access crypto hardware.
++
++config OCF_CRYPTOSOFT
++ tristate "cryptosoft (software crypto engine)"
++ depends on OCF_OCF
++ help
++ A software driver for the OCF framework that uses
++ the kernel CryptoAPI.
++
++config OCF_SAFE
++ tristate "safenet (HW crypto engine)"
++ depends on OCF_OCF
++ help
++ A driver for a number of the safenet Excel crypto accelerators.
++ Currently tested and working on the 1141 and 1741.
++
++config OCF_IXP4XX
++ tristate "IXP4xx (HW crypto engine)"
++ depends on OCF_OCF
++ help
++ XScale IXP4xx crypto accelerator driver. Requires the
++ Intel Access library.
++
++config OCF_IXP4XX_SHA1_MD5
++ bool "IXP4xx SHA1 and MD5 Hashing"
++ depends on OCF_IXP4XX
++ help
++ Allows the IXP4xx crypto accelerator to perform SHA1 and MD5 hashing.
++ Note: this is MUCH slower than using cryptosoft (software crypto engine).
++
++config OCF_HIFN
++ tristate "hifn (HW crypto engine)"
++ depends on OCF_OCF
++ help
++ OCF driver for various HIFN based crypto accelerators.
++ (7951, 7955, 7956, 7751, 7811)
++
++config OCF_HIFNHIPP
++ tristate "Hifn HIPP (HW packet crypto engine)"
++ depends on OCF_OCF
++ help
++ OCF driver for various HIFN (HIPP) based crypto accelerators
++ (7855)
++
++config OCF_TALITOS
++ tristate "talitos (HW crypto engine)"
++ depends on OCF_OCF
++ help
++ OCF driver for Freescale's security engine (SEC/talitos).
++
++config OCF_PASEMI
++ tristate "pasemi (HW crypto engine)"
++ depends on OCF_OCF && PPC_PASEMI
++ help
++ OCF driver for the PA Semi PWRficient DMA Engine
++
++config OCF_EP80579
++ tristate "ep80579 (HW crypto engine)"
++ depends on OCF_OCF
++ help
++ OCF driver for the Intel EP80579 Integrated Processor Product Line.
++
++config OCF_CRYPTOCTEON
++ tristate "cryptocteon (HW crypto engine)"
++ depends on OCF_OCF
++ help
++ OCF driver for the Cavium OCTEON Processors.
++
++config OCF_KIRKWOOD
++ tristate "kirkwood (HW crypto engine)"
++ depends on OCF_OCF
++ help
++ OCF driver for the Marvell Kirkwood (88F6xxx) Processors.
++
++config OCF_C7108
++ tristate "Micronas 7108 (HW crypto engine)"
++ depends on OCF_OCF
++ help
++ OCF driver for the Microna 7108 Cipher processors.
++
++config OCF_OCFNULL
++ tristate "ocfnull (fake crypto engine)"
++ depends on OCF_OCF
++ help
++ OCF driver for measuring ipsec overheads (does no crypto)
++
++config OCF_BENCH
++ tristate "ocf-bench (HW crypto in-kernel benchmark)"
++ depends on OCF_OCF
++ help
++ A very simple encryption test for the in-kernel interface
++ of OCF. Also includes code to benchmark the IXP Access library
++ for comparison.
++
++endmenu
+diff --git a/crypto/ocf/Makefile b/crypto/ocf/Makefile
+new file mode 100644
+index 0000000..fa951f4
+--- /dev/null
++++ b/crypto/ocf/Makefile
+@@ -0,0 +1,124 @@
++# for SGlinux builds
++-include $(ROOTDIR)/modules/.config
++
++OCF_OBJS = crypto.o criov.o
++
++ifdef CONFIG_OCF_RANDOMHARVEST
++ OCF_OBJS += random.o
++endif
++
++ifdef CONFIG_OCF_FIPS
++ OCF_OBJS += rndtest.o
++endif
++
++# Add in autoconf.h to get #defines for CONFIG_xxx
++AUTOCONF_H=$(ROOTDIR)/modules/autoconf.h
++ifeq ($(AUTOCONF_H), $(wildcard $(AUTOCONF_H)))
++ EXTRA_CFLAGS += -include $(AUTOCONF_H)
++ export EXTRA_CFLAGS
++endif
++
++ifndef obj
++ obj ?= .
++ _obj = subdir
++ mod-subdirs := safe hifn ixp4xx talitos ocfnull
++ export-objs += crypto.o criov.o random.o
++ list-multi += ocf.o
++ _slash :=
++else
++ _obj = obj
++ _slash := /
++endif
++
++EXTRA_CFLAGS += -I$(obj)/.
++
++obj-$(CONFIG_OCF_OCF) += ocf.o
++obj-$(CONFIG_OCF_CRYPTODEV) += cryptodev.o
++obj-$(CONFIG_OCF_CRYPTOSOFT) += cryptosoft.o
++obj-$(CONFIG_OCF_BENCH) += ocf-bench.o
++
++$(_obj)-$(CONFIG_OCF_SAFE) += safe$(_slash)
++$(_obj)-$(CONFIG_OCF_HIFN) += hifn$(_slash)
++$(_obj)-$(CONFIG_OCF_IXP4XX) += ixp4xx$(_slash)
++$(_obj)-$(CONFIG_OCF_TALITOS) += talitos$(_slash)
++$(_obj)-$(CONFIG_OCF_PASEMI) += pasemi$(_slash)
++$(_obj)-$(CONFIG_OCF_EP80579) += ep80579$(_slash)
++$(_obj)-$(CONFIG_OCF_CRYPTOCTEON) += cryptocteon$(_slash)
++$(_obj)-$(CONFIG_OCF_KIRKWOOD) += kirkwood$(_slash)
++$(_obj)-$(CONFIG_OCF_OCFNULL) += ocfnull$(_slash)
++$(_obj)-$(CONFIG_OCF_C7108) += c7108$(_slash)
++
++ocf-objs := $(OCF_OBJS)
++
++$(list-multi) dummy1: $(ocf-objs)
++ $(LD) -r -o $@ $(ocf-objs)
++
++.PHONY:
++clean:
++ rm -f *.o *.ko .*.o.flags .*.ko.cmd .*.o.cmd .*.mod.o.cmd *.mod.c
++ rm -f */*.o */*.ko */.*.o.cmd */.*.ko.cmd */.*.mod.o.cmd */*.mod.c */.*.o.flags
++
++ifdef TOPDIR
++-include $(TOPDIR)/Rules.make
++endif
++
++#
++# release gen targets
++#
++
++.PHONY: patch
++patch:
++ REL=`date +%Y%m%d`; \
++ patch=ocf-linux-$$REL.patch; \
++ patch24=ocf-linux-24-$$REL.patch; \
++ patch26=ocf-linux-26-$$REL.patch; \
++ ( \
++ find . -name Makefile; \
++ find . -name Config.in; \
++ find . -name Kconfig; \
++ find . -name README; \
++ find . -name '*.[ch]' | grep -v '.mod.c'; \
++ ) | while read t; do \
++ diff -Nau /dev/null $$t | sed 's?^+++ \./?+++ linux/crypto/ocf/?'; \
++ done > $$patch; \
++ cat patches/linux-2.4.35-ocf.patch $$patch > $$patch24; \
++ cat patches/linux-2.6.33-ocf.patch $$patch > $$patch26
++
++.PHONY: tarball
++tarball:
++ REL=`date +%Y%m%d`; RELDIR=/tmp/ocf-linux-$$REL; \
++ CURDIR=`pwd`; \
++ rm -rf /tmp/ocf-linux-$$REL*; \
++ mkdir -p $$RELDIR/tools; \
++ cp README* $$RELDIR; \
++ cp patches/openss*.patch $$RELDIR; \
++ cp patches/crypto-tools.patch $$RELDIR; \
++ cp tools/[!C]* $$RELDIR/tools; \
++ cd ..; \
++ tar cvf $$RELDIR/ocf-linux.tar \
++ --exclude=CVS \
++ --exclude=.* \
++ --exclude=*.o \
++ --exclude=*.ko \
++ --exclude=*.mod.* \
++ --exclude=README* \
++ --exclude=ocf-*.patch \
++ --exclude=ocf/patches/openss*.patch \
++ --exclude=ocf/patches/crypto-tools.patch \
++ --exclude=ocf/tools \
++ ocf; \
++ gzip -9 $$RELDIR/ocf-linux.tar; \
++ cd /tmp; \
++ tar cvf ocf-linux-$$REL.tar ocf-linux-$$REL; \
++ gzip -9 ocf-linux-$$REL.tar; \
++ cd $$CURDIR/../../user; \
++ rm -rf /tmp/crypto-tools-$$REL*; \
++ tar cvf /tmp/crypto-tools-$$REL.tar \
++ --exclude=CVS \
++ --exclude=.* \
++ --exclude=*.o \
++ --exclude=cryptotest \
++ --exclude=cryptokeytest \
++ crypto-tools; \
++ gzip -9 /tmp/crypto-tools-$$REL.tar
++
+diff --git a/crypto/ocf/README b/crypto/ocf/README
+new file mode 100644
+index 0000000..5ac39f7
+--- /dev/null
++++ b/crypto/ocf/README
+@@ -0,0 +1,167 @@
++README - ocf-linux-20100325
++---------------------------
++
++This README provides instructions for getting ocf-linux compiled and
++operating in a generic linux environment. For other information you
++might like to visit the home page for this project:
++
++ http://ocf-linux.sourceforge.net/
++
++Adding OCF to linux
++-------------------
++
++ Not much in this file for now, just some notes. I usually build
++ the ocf support as modules but it can be built into the kernel as
++ well. To use it:
++
++ * mknod /dev/crypto c 10 70
++
++ * to add OCF to your kernel source, you have two options. Apply
++ the kernel specific patch:
++
++ cd linux-2.4*; gunzip < ocf-linux-24-XXXXXXXX.patch.gz | patch -p1
++ cd linux-2.6*; gunzip < ocf-linux-26-XXXXXXXX.patch.gz | patch -p1
++
++ if you do one of the above, then you can proceed to the next step,
++ or you can do the above process by hand with using the patches against
++ linux-2.4.35 and 2.6.33 to include the ocf code under crypto/ocf.
++ Here's how to add it:
++
++ for 2.4.35 (and later)
++
++ cd linux-2.4.35/crypto
++ tar xvzf ocf-linux.tar.gz
++ cd ..
++ patch -p1 < crypto/ocf/patches/linux-2.4.35-ocf.patch
++
++ for 2.6.23 (and later), find the kernel patch specific (or nearest)
++ to your kernel versions and then:
++
++ cd linux-2.6.NN/crypto
++ tar xvzf ocf-linux.tar.gz
++ cd ..
++ patch -p1 < crypto/ocf/patches/linux-2.6.NN-ocf.patch
++
++ It should be easy to take this patch and apply it to other more
++ recent versions of the kernels. The same patches should also work
++ relatively easily on kernels as old as 2.6.11 and 2.4.18.
++
++ * under 2.4 if you are on a non-x86 platform, you may need to:
++
++ cp linux-2.X.x/include/asm-i386/kmap_types.h linux-2.X.x/include/asm-YYY
++
++ so that you can build the kernel crypto support needed for the cryptosoft
++ driver.
++
++ * For simplicity you should enable all the crypto support in your kernel
++ except for the test driver. Likewise for the OCF options. Do not
++ enable OCF crypto drivers for HW that you do not have (for example
++ ixp4xx will not compile on non-Xscale systems).
++
++ * make sure that cryptodev.h (from ocf-linux.tar.gz) is installed as
++ crypto/cryptodev.h in an include directory that is used for building
++ applications for your platform. For example on a host system that
++ might be:
++
++ /usr/include/crypto/cryptodev.h
++
++ * patch your openssl-0.9.8n code with the openssl-0.9.8n.patch.
++ (NOTE: there is no longer a need to patch ssh). The patch is against:
++ openssl-0_9_8e
++
++ If you need a patch for an older version of openssl, you should look
++ to older OCF releases. This patch is unlikely to work on older
++ openssl versions.
++
++ openssl-0.9.8n.patch
++ - enables --with-cryptodev for non BSD systems
++ - adds -cpu option to openssl speed for calculating CPU load
++ under linux
++ - fixes null pointer in openssl speed multi thread output.
++ - fixes test keys to work with linux crypto's more stringent
++ key checking.
++ - adds MD5/SHA acceleration (Ronen Shitrit), only enabled
++ with the --with-cryptodev-digests option
++ - fixes bug in engine code caching.
++
++ * build crypto-tools-XXXXXXXX.tar.gz if you want to try some of the BSD
++ tools for testing OCF (ie., cryptotest).
++
++How to load the OCF drivers
++---------------------------
++
++ First insert the base modules:
++
++ insmod ocf
++ insmod cryptodev
++
++ You can then install the software OCF driver with:
++
++ insmod cryptosoft
++
++ and one or more of the OCF HW drivers with:
++
++ insmod safe
++ insmod hifn7751
++ insmod ixp4xx
++ ...
++
++ all the drivers take a debug option to enable verbose debug so that
++ you can see what is going on. For debug you load them as:
++
++ insmod ocf crypto_debug=1
++ insmod cryptodev cryptodev_debug=1
++ insmod cryptosoft swcr_debug=1
++
++ You may load more than one OCF crypto driver but then there is no guarantee
++ as to which will be used.
++
++ You can also enable debug at run time on 2.6 systems with the following:
++
++ echo 1 > /sys/module/ocf/parameters/crypto_debug
++ echo 1 > /sys/module/cryptodev/parameters/cryptodev_debug
++ echo 1 > /sys/module/cryptosoft/parameters/swcr_debug
++ echo 1 > /sys/module/hifn7751/parameters/hifn_debug
++ echo 1 > /sys/module/safe/parameters/safe_debug
++ echo 1 > /sys/module/ixp4xx/parameters/ixp_debug
++ ...
++
++Testing the OCF support
++-----------------------
++
++ run "cryptotest", it should do a short test for a couple of
++ des packets. If it does everything is working.
++
++ If this works, then ssh will use the driver when invoked as:
++
++ ssh -c 3des username at host
++
++ to see for sure that it is operating, enable debug as defined above.
++
++ To get a better idea of performance run:
++
++ cryptotest 100 4096
++
++ There are more options to cryptotest, see the help.
++
++ It is also possible to use openssl to test the speed of the crypto
++ drivers.
++
++ openssl speed -evp des -engine cryptodev -elapsed
++ openssl speed -evp des3 -engine cryptodev -elapsed
++ openssl speed -evp aes128 -engine cryptodev -elapsed
++
++ and multiple threads (10) with:
++
++ openssl speed -evp des -engine cryptodev -elapsed -multi 10
++ openssl speed -evp des3 -engine cryptodev -elapsed -multi 10
++ openssl speed -evp aes128 -engine cryptodev -elapsed -multi 10
++
++ for public key testing you can try:
++
++ cryptokeytest
++ openssl speed -engine cryptodev rsa -elapsed
++ openssl speed -engine cryptodev dsa -elapsed
++
++David McCullough
++david_mccullough at mcafee.com
+diff --git a/crypto/ocf/c7108/Makefile b/crypto/ocf/c7108/Makefile
+new file mode 100644
+index 0000000..e7e634b
+--- /dev/null
++++ b/crypto/ocf/c7108/Makefile
+@@ -0,0 +1,12 @@
++# for SGlinux builds
++-include $(ROOTDIR)/modules/.config
++
++obj-$(CONFIG_OCF_C7108) += aes-7108.o
++
++obj ?= .
++EXTRA_CFLAGS += -I$(obj)/.. -I$(obj)/
++
++ifdef TOPDIR
++-include $(TOPDIR)/Rules.make
++endif
++
+diff --git a/crypto/ocf/c7108/aes-7108.c b/crypto/ocf/c7108/aes-7108.c
+new file mode 100644
+index 0000000..a5ac054
+--- /dev/null
++++ b/crypto/ocf/c7108/aes-7108.c
+@@ -0,0 +1,839 @@
++/*
++ * Copyright (C) 2006 Micronas USA
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored in part by the Defense Advanced Research Projects
++ * Agency (DARPA) and Air Force Research Laboratory, Air Force
++ * Materiel Command, USAF, under agreement number F30602-01-2-0537.
++ *
++ */
++
++//#include <linux/config.h>
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/list.h>
++#include <linux/slab.h>
++#include <linux/sched.h>
++#include <linux/wait.h>
++#include <linux/crypto.h>
++#include <linux/mm.h>
++#include <linux/skbuff.h>
++#include <linux/random.h>
++#include <asm/io.h>
++#include <asm/delay.h>
++//#include <asm/scatterlist.h>
++#include <linux/scatterlist.h>
++#include <linux/dma-mapping.h>
++#include <linux/highmem.h>
++#include <cryptodev.h>
++#include <uio.h>
++#include <aes-7108.h>
++
++/* Runtime mode */
++static int c7108_crypto_mode = C7108_AES_CTRL_MODE_CTR;
++//static int c7108_crypto_mode = C7108_AES_CTRL_MODE_CBC;
++
++static int32_t c7108_id = -1;
++static struct cipher_7108 **c7108_sessions = NULL;
++static u_int32_t c7108_sesnum = 0;
++static unsigned long iobar;
++
++/* Crypto entry points */
++static int c7108_process(void *, struct cryptop *, int);
++static int c7108_newsession(void *, u_int32_t *, struct cryptoini *);
++static int c7108_freesession(void *, u_int64_t);
++
++/* Globals */
++static int debug = 0;
++static spinlock_t csr_mutex;
++
++/* Generic controller-based lock */
++#define AES_LOCK()\
++ spin_lock(&csr_mutex)
++#define AES_UNLOCK()\
++ spin_unlock(&csr_mutex)
++
++/* 7108 AES register access */
++#define c7108_reg_wr8(a,d) iowrite8(d, (void*)(iobar+(a)))
++#define c7108_reg_wr16(a,d) iowrite16(d, (void*)(iobar+(a)))
++#define c7108_reg_wr32(a,d) iowrite32(d, (void*)(iobar+(a)))
++#define c7108_reg_rd8(a) ioread8((void*)(iobar+(a)))
++#define c7108_reg_rd16(a) ioread16((void*)(iobar+(a)))
++#define c7108_reg_rd32(a) ioread32((void*)(iobar+(a)))
++
++static int
++c7108_xlate_key(int klen, u8* k8ptr, u32* k32ptr)
++{
++ int i, nw=0;
++ nw = ((klen >= 256) ? 8 : (klen >= 192) ? 6 : 4);
++ for ( i = 0; i < nw; i++) {
++ k32ptr[i] = (k8ptr[i+3] << 24) | (k8ptr[i+2] << 16) |
++ (k8ptr[i+1] << 8) | k8ptr[i];
++
++ }
++ return 0;
++}
++
++static int
++c7108_cache_key(int klen, u32* k32ptr, u8* k8ptr)
++{
++ int i, nb=0;
++ u8* ptr = (u8*)k32ptr;
++ nb = ((klen >= 256) ? 32 : (klen >= 192) ? 24 : 16);
++ for ( i = 0; i < nb; i++)
++ k8ptr[i] = ptr[i];
++ return 0;
++}
++
++static int
++c7108_aes_setup_dma(u32 src, u32 dst, u32 len)
++{
++ if (len < 16) {
++ printk("len < 16\n");
++ return -10;
++ }
++ if (len % 16) {
++ printk("len not multiple of 16\n");
++ return -11;
++ }
++ c7108_reg_wr16(C7108_AES_DMA_SRC0_LO, (u16) src);
++ c7108_reg_wr16(C7108_AES_DMA_SRC0_HI, (u16)((src & 0xffff0000) >> 16));
++ c7108_reg_wr16(C7108_AES_DMA_DST0_LO, (u16) dst);
++ c7108_reg_wr16(C7108_AES_DMA_DST0_HI, (u16)((dst & 0xffff0000) >> 16));
++ c7108_reg_wr16(C7108_AES_DMA_LEN, (u16) ((len / 16) - 1));
++
++ return 0;
++}
++
++static int
++c7108_aes_set_hw_iv(u8 iv[16])
++{
++ c7108_reg_wr16(C7108_AES_IV0_LO, (u16) ((iv[1] << 8) | iv[0]));
++ c7108_reg_wr16(C7108_AES_IV0_HI, (u16) ((iv[3] << 8) | iv[2]));
++ c7108_reg_wr16(C7108_AES_IV1_LO, (u16) ((iv[5] << 8) | iv[4]));
++ c7108_reg_wr16(C7108_AES_IV1_HI, (u16) ((iv[7] << 8) | iv[6]));
++ c7108_reg_wr16(C7108_AES_IV2_LO, (u16) ((iv[9] << 8) | iv[8]));
++ c7108_reg_wr16(C7108_AES_IV2_HI, (u16) ((iv[11] << 8) | iv[10]));
++ c7108_reg_wr16(C7108_AES_IV3_LO, (u16) ((iv[13] << 8) | iv[12]));
++ c7108_reg_wr16(C7108_AES_IV3_HI, (u16) ((iv[15] << 8) | iv[14]));
++
++ return 0;
++}
++
++static void
++c7108_aes_read_dkey(u32 * dkey)
++{
++ dkey[0] = (c7108_reg_rd16(C7108_AES_EKEY0_HI) << 16) |
++ c7108_reg_rd16(C7108_AES_EKEY0_LO);
++ dkey[1] = (c7108_reg_rd16(C7108_AES_EKEY1_HI) << 16) |
++ c7108_reg_rd16(C7108_AES_EKEY1_LO);
++ dkey[2] = (c7108_reg_rd16(C7108_AES_EKEY2_HI) << 16) |
++ c7108_reg_rd16(C7108_AES_EKEY2_LO);
++ dkey[3] = (c7108_reg_rd16(C7108_AES_EKEY3_HI) << 16) |
++ c7108_reg_rd16(C7108_AES_EKEY3_LO);
++ dkey[4] = (c7108_reg_rd16(C7108_AES_EKEY4_HI) << 16) |
++ c7108_reg_rd16(C7108_AES_EKEY4_LO);
++ dkey[5] = (c7108_reg_rd16(C7108_AES_EKEY5_HI) << 16) |
++ c7108_reg_rd16(C7108_AES_EKEY5_LO);
++ dkey[6] = (c7108_reg_rd16(C7108_AES_EKEY6_HI) << 16) |
++ c7108_reg_rd16(C7108_AES_EKEY6_LO);
++ dkey[7] = (c7108_reg_rd16(C7108_AES_EKEY7_HI) << 16) |
++ c7108_reg_rd16(C7108_AES_EKEY7_LO);
++}
++
++static int
++c7108_aes_cipher(int op,
++ u32 dst,
++ u32 src,
++ u32 len,
++ int klen,
++ u16 mode,
++ u32 key[8],
++ u8 iv[16])
++{
++ int rv = 0, cnt=0;
++ u16 ctrl = 0, stat = 0;
++
++ AES_LOCK();
++
++ /* Setup key length */
++ if (klen == 128) {
++ ctrl |= C7108_AES_KEY_LEN_128;
++ } else if (klen == 192) {
++ ctrl |= C7108_AES_KEY_LEN_192;
++ } else if (klen == 256) {
++ ctrl |= C7108_AES_KEY_LEN_256;
++ } else {
++ AES_UNLOCK();
++ return -3;
++ }
++
++ /* Check opcode */
++ if (C7108_AES_ENCRYPT == op) {
++ ctrl |= C7108_AES_ENCRYPT;
++ } else if (C7108_AES_DECRYPT == op) {
++ ctrl |= C7108_AES_DECRYPT;
++ } else {
++ AES_UNLOCK();
++ return -4;
++ }
++
++ /* check mode */
++ if ( (mode != C7108_AES_CTRL_MODE_CBC) &&
++ (mode != C7108_AES_CTRL_MODE_CFB) &&
++ (mode != C7108_AES_CTRL_MODE_OFB) &&
++ (mode != C7108_AES_CTRL_MODE_CTR) &&
++ (mode != C7108_AES_CTRL_MODE_ECB) ) {
++ AES_UNLOCK();
++ return -5;
++ }
++
++ /* Now set mode */
++ ctrl |= mode;
++
++ /* For CFB, OFB, and CTR, neither backward key
++ * expansion nor key inversion is required.
++ */
++ if ( (C7108_AES_DECRYPT == op) &&
++ (C7108_AES_CTRL_MODE_CBC == mode ||
++ C7108_AES_CTRL_MODE_ECB == mode ) ){
++
++ /* Program Key */
++ c7108_reg_wr16(C7108_AES_KEY0_LO, (u16) key[4]);
++ c7108_reg_wr16(C7108_AES_KEY0_HI, (u16) (key[4] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY1_LO, (u16) key[5]);
++ c7108_reg_wr16(C7108_AES_KEY1_HI, (u16) (key[5] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY2_LO, (u16) key[6]);
++ c7108_reg_wr16(C7108_AES_KEY2_HI, (u16) (key[6] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY3_LO, (u16) key[7]);
++ c7108_reg_wr16(C7108_AES_KEY3_HI, (u16) (key[7] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY6_LO, (u16) key[2]);
++ c7108_reg_wr16(C7108_AES_KEY6_HI, (u16) (key[2] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY7_LO, (u16) key[3]);
++ c7108_reg_wr16(C7108_AES_KEY7_HI, (u16) (key[3] >> 16));
++
++
++ if (192 == klen) {
++ c7108_reg_wr16(C7108_AES_KEY4_LO, (u16) key[7]);
++ c7108_reg_wr16(C7108_AES_KEY4_HI, (u16) (key[7] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY5_LO, (u16) key[7]);
++ c7108_reg_wr16(C7108_AES_KEY5_HI, (u16) (key[7] >> 16));
++
++ } else if (256 == klen) {
++ /* 256 */
++ c7108_reg_wr16(C7108_AES_KEY4_LO, (u16) key[0]);
++ c7108_reg_wr16(C7108_AES_KEY4_HI, (u16) (key[0] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY5_LO, (u16) key[1]);
++ c7108_reg_wr16(C7108_AES_KEY5_HI, (u16) (key[1] >> 16));
++
++ }
++
++ } else {
++ /* Program Key */
++ c7108_reg_wr16(C7108_AES_KEY0_LO, (u16) key[0]);
++ c7108_reg_wr16(C7108_AES_KEY0_HI, (u16) (key[0] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY1_LO, (u16) key[1]);
++ c7108_reg_wr16(C7108_AES_KEY1_HI, (u16) (key[1] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY2_LO, (u16) key[2]);
++ c7108_reg_wr16(C7108_AES_KEY2_HI, (u16) (key[2] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY3_LO, (u16) key[3]);
++ c7108_reg_wr16(C7108_AES_KEY3_HI, (u16) (key[3] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY4_LO, (u16) key[4]);
++ c7108_reg_wr16(C7108_AES_KEY4_HI, (u16) (key[4] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY5_LO, (u16) key[5]);
++ c7108_reg_wr16(C7108_AES_KEY5_HI, (u16) (key[5] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY6_LO, (u16) key[6]);
++ c7108_reg_wr16(C7108_AES_KEY6_HI, (u16) (key[6] >> 16));
++ c7108_reg_wr16(C7108_AES_KEY7_LO, (u16) key[7]);
++ c7108_reg_wr16(C7108_AES_KEY7_HI, (u16) (key[7] >> 16));
++
++ }
++
++ /* Set IV always */
++ c7108_aes_set_hw_iv(iv);
++
++ /* Program DMA addresses */
++ if ((rv = c7108_aes_setup_dma(src, dst, len)) < 0) {
++ AES_UNLOCK();
++ return rv;
++ }
++
++
++ /* Start AES cipher */
++ c7108_reg_wr16(C7108_AES_CTRL, ctrl | C7108_AES_GO);
++
++ //printk("Ctrl: 0x%x\n", ctrl | C7108_AES_GO);
++ do {
++ /* TODO: interrupt mode */
++ // printk("aes_stat=0x%x\n", stat);
++ //udelay(100);
++ } while ((cnt++ < 1000000) &&
++ !((stat=c7108_reg_rd16(C7108_AES_CTRL))&C7108_AES_OP_DONE));
++
++
++ if ((mode == C7108_AES_CTRL_MODE_ECB)||
++ (mode == C7108_AES_CTRL_MODE_CBC)) {
++ /* Save out key when the lock is held ... */
++ c7108_aes_read_dkey(key);
++ }
++
++ AES_UNLOCK();
++ return 0;
++
++}
++
++/*
++ * Generate a new crypto device session.
++ */
++static int
++c7108_newsession(void *arg, u_int32_t *sid, struct cryptoini *cri)
++{
++ struct cipher_7108 **swd;
++ u_int32_t i;
++ char *algo;
++ int mode, xfm_type;
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (sid == NULL || cri == NULL) {
++ dprintk("%s,%d - EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ if (c7108_sessions) {
++ for (i = 1; i < c7108_sesnum; i++)
++ if (c7108_sessions[i] == NULL)
++ break;
++ } else
++ i = 1; /* NB: to silence compiler warning */
++
++ if (c7108_sessions == NULL || i == c7108_sesnum) {
++ if (c7108_sessions == NULL) {
++ i = 1; /* We leave c7108_sessions[0] empty */
++ c7108_sesnum = CRYPTO_SW_SESSIONS;
++ } else
++ c7108_sesnum *= 2;
++
++ swd = kmalloc(c7108_sesnum * sizeof(struct cipher_7108 *),
++ GFP_ATOMIC);
++ if (swd == NULL) {
++ /* Reset session number */
++ if (c7108_sesnum == CRYPTO_SW_SESSIONS)
++ c7108_sesnum = 0;
++ else
++ c7108_sesnum /= 2;
++ dprintk("%s,%d: ENOBUFS\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ memset(swd, 0, c7108_sesnum * sizeof(struct cipher_7108 *));
++
++ /* Copy existing sessions */
++ if (c7108_sessions) {
++ memcpy(swd, c7108_sessions,
++ (c7108_sesnum / 2) * sizeof(struct cipher_7108 *));
++ kfree(c7108_sessions);
++ }
++
++ c7108_sessions = swd;
++
++ }
++
++ swd = &c7108_sessions[i];
++ *sid = i;
++
++ while (cri) {
++ *swd = (struct cipher_7108 *)
++ kmalloc(sizeof(struct cipher_7108), GFP_ATOMIC);
++ if (*swd == NULL) {
++ c7108_freesession(NULL, i);
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ memset(*swd, 0, sizeof(struct cipher_7108));
++
++ algo = NULL;
++ mode = 0;
++ xfm_type = HW_TYPE_CIPHER;
++
++ switch (cri->cri_alg) {
++
++ case CRYPTO_AES_CBC:
++ algo = "aes";
++ mode = CRYPTO_TFM_MODE_CBC;
++ c7108_crypto_mode = C7108_AES_CTRL_MODE_CBC;
++ break;
++#if 0
++ case CRYPTO_AES_CTR:
++ algo = "aes_ctr";
++ mode = CRYPTO_TFM_MODE_CBC;
++ c7108_crypto_mode = C7108_AES_CTRL_MODE_CTR;
++ break;
++ case CRYPTO_AES_ECB:
++ algo = "aes_ecb";
++ mode = CRYPTO_TFM_MODE_CBC;
++ c7108_crypto_mode = C7108_AES_CTRL_MODE_ECB;
++ break;
++ case CRYPTO_AES_OFB:
++ algo = "aes_ofb";
++ mode = CRYPTO_TFM_MODE_CBC;
++ c7108_crypto_mode = C7108_AES_CTRL_MODE_OFB;
++ break;
++ case CRYPTO_AES_CFB:
++ algo = "aes_cfb";
++ mode = CRYPTO_TFM_MODE_CBC;
++ c7108_crypto_mode = C7108_AES_CTRL_MODE_CFB;
++ break;
++#endif
++ default:
++ printk("unsupported crypto algorithm: %d\n",
++ cri->cri_alg);
++ return -EINVAL;
++ break;
++ }
++
++
++ if (!algo || !*algo) {
++ printk("cypher_7108_crypto: Unknown algo 0x%x\n",
++ cri->cri_alg);
++ c7108_freesession(NULL, i);
++ return EINVAL;
++ }
++
++ if (xfm_type == HW_TYPE_CIPHER) {
++ if (debug) {
++ dprintk("%s key:", __FUNCTION__);
++ for (i = 0; i < (cri->cri_klen + 7) / 8; i++)
++ dprintk("%s0x%02x", (i % 8) ? " " : "\n ",
++ cri->cri_key[i]);
++ dprintk("\n");
++ }
++
++ } else if (xfm_type == SW_TYPE_HMAC ||
++ xfm_type == SW_TYPE_HASH) {
++ printk("cypher_7108_crypto: HMAC unsupported!\n");
++ return -EINVAL;
++ c7108_freesession(NULL, i);
++ } else {
++ printk("cypher_7108_crypto: "
++ "Unhandled xfm_type %d\n", xfm_type);
++ c7108_freesession(NULL, i);
++ return EINVAL;
++ }
++
++ (*swd)->cri_alg = cri->cri_alg;
++ (*swd)->xfm_type = xfm_type;
++
++ cri = cri->cri_next;
++ swd = &((*swd)->next);
++ }
++ return 0;
++}
++
++/*
++ * Free a session.
++ */
++static int
++c7108_freesession(void *arg, u_int64_t tid)
++{
++ struct cipher_7108 *swd;
++ u_int32_t sid = CRYPTO_SESID2LID(tid);
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (sid > c7108_sesnum || c7108_sessions == NULL ||
++ c7108_sessions[sid] == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return(EINVAL);
++ }
++
++ /* Silently accept and return */
++ if (sid == 0)
++ return(0);
++
++ while ((swd = c7108_sessions[sid]) != NULL) {
++ c7108_sessions[sid] = swd->next;
++ kfree(swd);
++ }
++ return 0;
++}
++
++/*
++ * Process a hardware request.
++ */
++static int
++c7108_process(void *arg, struct cryptop *crp, int hint)
++{
++ struct cryptodesc *crd;
++ struct cipher_7108 *sw;
++ u_int32_t lid;
++ int type;
++ u32 hwkey[8];
++
++#define SCATTERLIST_MAX 16
++ struct scatterlist sg[SCATTERLIST_MAX];
++ int sg_num, sg_len, skip;
++ struct sk_buff *skb = NULL;
++ struct uio *uiop = NULL;
++
++ dprintk("%s()\n", __FUNCTION__);
++ /* Sanity check */
++ if (crp == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ crp->crp_etype = 0;
++
++ if (crp->crp_desc == NULL || crp->crp_buf == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ crp->crp_etype = EINVAL;
++ goto done;
++ }
++
++ lid = crp->crp_sid & 0xffffffff;
++ if (lid >= c7108_sesnum || lid == 0 || c7108_sessions == NULL ||
++ c7108_sessions[lid] == NULL) {
++ crp->crp_etype = ENOENT;
++ dprintk("%s,%d: ENOENT\n", __FILE__, __LINE__);
++ goto done;
++ }
++
++ /*
++ * do some error checking outside of the loop for SKB and IOV
++ * processing this leaves us with valid skb or uiop pointers
++ * for later
++ */
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ skb = (struct sk_buff *) crp->crp_buf;
++ if (skb_shinfo(skb)->nr_frags >= SCATTERLIST_MAX) {
++ printk("%s,%d: %d nr_frags > SCATTERLIST_MAX",
++ __FILE__, __LINE__,
++ skb_shinfo(skb)->nr_frags);
++ goto done;
++ }
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ uiop = (struct uio *) crp->crp_buf;
++ if (uiop->uio_iovcnt > SCATTERLIST_MAX) {
++ printk("%s,%d: %d uio_iovcnt > SCATTERLIST_MAX",
++ __FILE__, __LINE__,
++ uiop->uio_iovcnt);
++ goto done;
++ }
++ }
++
++ /* Go through crypto descriptors, processing as we go */
++ for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
++ /*
++ * Find the crypto context.
++ *
++ * XXX Note that the logic here prevents us from having
++ * XXX the same algorithm multiple times in a session
++ * XXX (or rather, we can but it won't give us the right
++ * XXX results). To do that, we'd need some way of differentiating
++ * XXX between the various instances of an algorithm (so we can
++ * XXX locate the correct crypto context).
++ */
++ for (sw = c7108_sessions[lid];
++ sw && sw->cri_alg != crd->crd_alg;
++ sw = sw->next)
++ ;
++
++ /* No such context ? */
++ if (sw == NULL) {
++ crp->crp_etype = EINVAL;
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ goto done;
++ }
++
++ skip = crd->crd_skip;
++
++ /*
++ * setup the SG list skip from the start of the buffer
++ */
++ memset(sg, 0, sizeof(sg));
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ int i, len;
++ type = CRYPTO_BUF_SKBUF;
++
++ sg_num = 0;
++ sg_len = 0;
++
++ if (skip < skb_headlen(skb)) {
++ //sg[sg_num].page = virt_to_page(skb->data + skip);
++ //sg[sg_num].offset = offset_in_page(skb->data + skip);
++ len = skb_headlen(skb) - skip;
++ if (len + sg_len > crd->crd_len)
++ len = crd->crd_len - sg_len;
++ //sg[sg_num].length = len;
++ sg_set_page(&sg[sg_num], virt_to_page(skb->data + skip), len, offset_in_page(skb->data + skip));
++ sg_len += sg[sg_num].length;
++ sg_num++;
++ skip = 0;
++ } else
++ skip -= skb_headlen(skb);
++
++ for (i = 0; sg_len < crd->crd_len &&
++ i < skb_shinfo(skb)->nr_frags &&
++ sg_num < SCATTERLIST_MAX; i++) {
++ if (skip < skb_shinfo(skb)->frags[i].size) {
++ //sg[sg_num].page = skb_shinfo(skb)->frags[i].page;
++ //sg[sg_num].offset = skb_shinfo(skb)->frags[i].page_offset + skip;
++ len = skb_shinfo(skb)->frags[i].size - skip;
++ if (len + sg_len > crd->crd_len)
++ len = crd->crd_len - sg_len;
++ //sg[sg_num].length = len;
++ sg_set_page(&sg[sg_num], skb_shinfo(skb)->frags[i].page, len, skb_shinfo(skb)->frags[i].page_offset + skip);
++ sg_len += sg[sg_num].length;
++ sg_num++;
++ skip = 0;
++ } else
++ skip -= skb_shinfo(skb)->frags[i].size;
++ }
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ int len;
++ type = CRYPTO_BUF_IOV;
++ sg_len = 0;
++ for (sg_num = 0; sg_len < crd->crd_len &&
++ sg_num < uiop->uio_iovcnt &&
++ sg_num < SCATTERLIST_MAX; sg_num++) {
++ if (skip < uiop->uio_iov[sg_num].iov_len) {
++ //sg[sg_num].page = virt_to_page(uiop->uio_iov[sg_num].iov_base+skip);
++ //sg[sg_num].offset = offset_in_page(uiop->uio_iov[sg_num].iov_base+skip);
++ len = uiop->uio_iov[sg_num].iov_len - skip;
++ if (len + sg_len > crd->crd_len)
++ len = crd->crd_len - sg_len;
++ //sg[sg_num].length = len;
++ sg_set_page(&sg[sg_num], virt_to_page(uiop->uio_iov[sg_num].iov_base+skip), len, offset_in_page(uiop->uio_iov[sg_num].iov_base+skip));
++ sg_len += sg[sg_num].length;
++ skip = 0;
++ } else
++ skip -= uiop->uio_iov[sg_num].iov_len;
++ }
++ } else {
++ type = CRYPTO_BUF_CONTIG;
++ //sg[0].page = virt_to_page(crp->crp_buf + skip);
++ //sg[0].offset = offset_in_page(crp->crp_buf + skip);
++ sg_len = (crp->crp_ilen - skip);
++ if (sg_len > crd->crd_len)
++ sg_len = crd->crd_len;
++ //sg[0].length = sg_len;
++ sg_set_page(&sg[0], virt_to_page(crp->crp_buf + skip), sg_len, offset_in_page(crp->crp_buf + skip));
++ sg_num = 1;
++ }
++
++
++ switch (sw->xfm_type) {
++
++ case HW_TYPE_CIPHER: {
++
++ unsigned char iv[64];
++ unsigned char *ivp = iv;
++ int i;
++ int ivsize = 16; /* fixed for AES */
++ int blocksize = 16; /* fixed for AES */
++
++ if (sg_len < blocksize) {
++ crp->crp_etype = EINVAL;
++ dprintk("%s,%d: EINVAL len %d < %d\n",
++ __FILE__, __LINE__,
++ sg_len,
++ blocksize);
++ goto done;
++ }
++
++ if (ivsize > sizeof(iv)) {
++ crp->crp_etype = EINVAL;
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ goto done;
++ }
++
++ if (crd->crd_flags & CRD_F_ENCRYPT) { /* encrypt */
++
++ if (crd->crd_flags & CRD_F_IV_EXPLICIT) {
++ ivp = crd->crd_iv;
++ } else {
++ get_random_bytes(ivp, ivsize);
++ }
++ /*
++ * do we have to copy the IV back to the buffer ?
++ */
++ if ((crd->crd_flags & CRD_F_IV_PRESENT) == 0) {
++ crypto_copyback(crp->crp_buf,
++ crd->crd_inject,
++ ivsize,
++ (caddr_t)ivp);
++ }
++
++ c7108_xlate_key(crd->crd_klen,
++ (u8*)crd->crd_key, (u32*)hwkey);
++
++ /* Encrypt SG list */
++ for (i = 0; i < sg_num; i++) {
++ sg[i].dma_address =
++ dma_map_single(NULL,
++ kmap(sg_page(&sg[i])) + sg[i].offset, sg_len, DMA_BIDIRECTIONAL);
++#if 0
++ printk("sg[%d]:0x%08x, off 0x%08x "
++ "kmap 0x%08x phys 0x%08x\n",
++ i, sg[i].page, sg[i].offset,
++ kmap(sg[i].page) + sg[i].offset,
++ sg[i].dma_address);
++#endif
++ c7108_aes_cipher(C7108_AES_ENCRYPT,
++ sg[i].dma_address,
++ sg[i].dma_address,
++ sg_len,
++ crd->crd_klen,
++ c7108_crypto_mode,
++ hwkey,
++ ivp);
++
++ if ((c7108_crypto_mode == C7108_AES_CTRL_MODE_CBC)||
++ (c7108_crypto_mode == C7108_AES_CTRL_MODE_ECB)) {
++ /* Read back expanded key and cache it in key
++ * context.
++ * NOTE: for ECB/CBC modes only (not CTR, CFB, OFB)
++ * where you set the key once.
++ */
++ c7108_cache_key(crd->crd_klen,
++ (u32*)hwkey, (u8*)crd->crd_key);
++#if 0
++ printk("%s expanded key:", __FUNCTION__);
++ for (i = 0; i < (crd->crd_klen + 7) / 8; i++)
++ printk("%s0x%02x", (i % 8) ? " " : "\n ",
++ crd->crd_key[i]);
++ printk("\n");
++#endif
++ }
++ }
++ }
++ else { /*decrypt */
++
++ if (crd->crd_flags & CRD_F_IV_EXPLICIT) {
++ ivp = crd->crd_iv;
++ } else {
++ crypto_copydata(crp->crp_buf, crd->crd_inject,
++ ivsize, (caddr_t)ivp);
++ }
++
++ c7108_xlate_key(crd->crd_klen,
++ (u8*)crd->crd_key, (u32*)hwkey);
++
++ /* Decrypt SG list */
++ for (i = 0; i < sg_num; i++) {
++ sg[i].dma_address =
++ dma_map_single(NULL,
++ kmap(sg_page(&sg[i])) + sg[i].offset,
++ sg_len, DMA_BIDIRECTIONAL);
++
++#if 0
++ printk("sg[%d]:0x%08x, off 0x%08x "
++ "kmap 0x%08x phys 0x%08x\n",
++ i, sg[i].page, sg[i].offset,
++ kmap(sg[i].page) + sg[i].offset,
++ sg[i].dma_address);
++#endif
++ c7108_aes_cipher(C7108_AES_DECRYPT,
++ sg[i].dma_address,
++ sg[i].dma_address,
++ sg_len,
++ crd->crd_klen,
++ c7108_crypto_mode,
++ hwkey,
++ ivp);
++ }
++ }
++ } break;
++ case SW_TYPE_HMAC:
++ case SW_TYPE_HASH:
++ crp->crp_etype = EINVAL;
++ goto done;
++ break;
++
++ case SW_TYPE_COMP:
++ crp->crp_etype = EINVAL;
++ goto done;
++ break;
++
++ default:
++ /* Unknown/unsupported algorithm */
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ crp->crp_etype = EINVAL;
++ goto done;
++ }
++ }
++
++done:
++ crypto_done(crp);
++ return 0;
++}
++
++static struct {
++ softc_device_decl sc_dev;
++} a7108dev;
++
++static device_method_t a7108_methods = {
++/* crypto device methods */
++ DEVMETHOD(cryptodev_newsession, c7108_newsession),
++ DEVMETHOD(cryptodev_freesession, c7108_freesession),
++ DEVMETHOD(cryptodev_process, c7108_process),
++ DEVMETHOD(cryptodev_kprocess, NULL)
++};
++
++static int
++cypher_7108_crypto_init(void)
++{
++ dprintk("%s(%p)\n", __FUNCTION__, cypher_7108_crypto_init);
++
++ iobar = (unsigned long)ioremap(CCU_AES_REG_BASE, 0x4000);
++ printk("7108: AES @ 0x%08x (0x%08x phys) %s mode\n",
++ iobar, CCU_AES_REG_BASE,
++ c7108_crypto_mode & C7108_AES_CTRL_MODE_CBC ? "CBC" :
++ c7108_crypto_mode & C7108_AES_CTRL_MODE_ECB ? "ECB" :
++ c7108_crypto_mode & C7108_AES_CTRL_MODE_CTR ? "CTR" :
++ c7108_crypto_mode & C7108_AES_CTRL_MODE_CFB ? "CFB" :
++ c7108_crypto_mode & C7108_AES_CTRL_MODE_OFB ? "OFB" : "???");
++ csr_mutex = SPIN_LOCK_UNLOCKED;
++
++ memset(&a7108dev, 0, sizeof(a7108dev));
++ softc_device_init(&a7108dev, "aes7108", 0, a7108_methods);
++
++ c7108_id = crypto_get_driverid(softc_get_device(&a7108dev), CRYPTOCAP_F_HARDWARE);
++ if (c7108_id < 0)
++ panic("7108: crypto device cannot initialize!");
++
++// crypto_register(c7108_id, CRYPTO_AES_CBC, 0, 0, c7108_newsession, c7108_freesession, c7108_process, NULL);
++ crypto_register(c7108_id, CRYPTO_AES_CBC, 0, 0);
++
++ return(0);
++}
++
++static void
++cypher_7108_crypto_exit(void)
++{
++ dprintk("%s()\n", __FUNCTION__);
++ crypto_unregister_all(c7108_id);
++ c7108_id = -1;
++}
++
++module_init(cypher_7108_crypto_init);
++module_exit(cypher_7108_crypto_exit);
++
++MODULE_LICENSE("Dual BSD/GPL");
++MODULE_DESCRIPTION("Cypher 7108 Crypto (OCF module for kernel crypto)");
+diff --git a/crypto/ocf/c7108/aes-7108.h b/crypto/ocf/c7108/aes-7108.h
+new file mode 100644
+index 0000000..0c7bfcb
+--- /dev/null
++++ b/crypto/ocf/c7108/aes-7108.h
+@@ -0,0 +1,134 @@
++/*
++ * Copyright (C) 2006 Micronas USA
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored in part by the Defense Advanced Research Projects
++ * Agency (DARPA) and Air Force Research Laboratory, Air Force
++ * Materiel Command, USAF, under agreement number F30602-01-2-0537.
++ *
++ */
++
++#ifndef __AES_7108_H__
++#define __AES_7108_H__
++
++/* Cypher 7108 AES Controller Hardware */
++#define CCU_REG_BASE 0x1b500000
++#define CCU_AES_REG_BASE (CCU_REG_BASE + 0x100)
++#define C7108_AES_KEY0_LO (0x0000)
++#define C7108_AES_KEY0_HI (0x0004)
++#define C7108_AES_KEY1_LO (0x0008)
++#define C7108_AES_KEY1_HI (0x000c)
++#define C7108_AES_KEY2_LO (0x0010)
++#define C7108_AES_KEY2_HI (0x0014)
++#define C7108_AES_KEY3_LO (0x0018)
++#define C7108_AES_KEY3_HI (0x001c)
++#define C7108_AES_KEY4_LO (0x0020)
++#define C7108_AES_KEY4_HI (0x0024)
++#define C7108_AES_KEY5_LO (0x0028)
++#define C7108_AES_KEY5_HI (0x002c)
++#define C7108_AES_KEY6_LO (0x0030)
++#define C7108_AES_KEY6_HI (0x0034)
++#define C7108_AES_KEY7_LO (0x0038)
++#define C7108_AES_KEY7_HI (0x003c)
++#define C7108_AES_IV0_LO (0x0040)
++#define C7108_AES_IV0_HI (0x0044)
++#define C7108_AES_IV1_LO (0x0048)
++#define C7108_AES_IV1_HI (0x004c)
++#define C7108_AES_IV2_LO (0x0050)
++#define C7108_AES_IV2_HI (0x0054)
++#define C7108_AES_IV3_LO (0x0058)
++#define C7108_AES_IV3_HI (0x005c)
++
++#define C7108_AES_DMA_SRC0_LO (0x0068) /* Bits 0:15 */
++#define C7108_AES_DMA_SRC0_HI (0x006c) /* Bits 27:16 */
++#define C7108_AES_DMA_DST0_LO (0x0070) /* Bits 0:15 */
++#define C7108_AES_DMA_DST0_HI (0x0074) /* Bits 27:16 */
++#define C7108_AES_DMA_LEN (0x0078) /*Bytes:(Count+1)x16 */
++
++/* AES/Copy engine control register */
++#define C7108_AES_CTRL (0x007c) /* AES control */
++#define C7108_AES_CTRL_RS (1<<0) /* Which set of src/dst to use */
++
++/* AES Cipher mode, controlled by setting Bits 2:0 */
++#define C7108_AES_CTRL_MODE_CBC 0
++#define C7108_AES_CTRL_MODE_CFB (1<<0)
++#define C7108_AES_CTRL_MODE_OFB (1<<1)
++#define C7108_AES_CTRL_MODE_CTR ((1<<0)|(1<<1))
++#define C7108_AES_CTRL_MODE_ECB (1<<2)
++
++/* AES Key length , Bits 5:4 */
++#define C7108_AES_KEY_LEN_128 0 /* 00 */
++#define C7108_AES_KEY_LEN_192 (1<<4) /* 01 */
++#define C7108_AES_KEY_LEN_256 (1<<5) /* 10 */
++
++/* AES Operation (crypt/decrypt), Bit 3 */
++#define C7108_AES_DECRYPT (1<<3) /* Clear for encrypt */
++#define C7108_AES_ENCRYPT 0
++#define C7108_AES_INTR (1<<13) /* Set on done trans from 0->1*/
++#define C7108_AES_GO (1<<14) /* Run */
++#define C7108_AES_OP_DONE (1<<15) /* Set when complete */
++
++
++/* Expanded key registers */
++#define C7108_AES_EKEY0_LO (0x0080)
++#define C7108_AES_EKEY0_HI (0x0084)
++#define C7108_AES_EKEY1_LO (0x0088)
++#define C7108_AES_EKEY1_HI (0x008c)
++#define C7108_AES_EKEY2_LO (0x0090)
++#define C7108_AES_EKEY2_HI (0x0094)
++#define C7108_AES_EKEY3_LO (0x0098)
++#define C7108_AES_EKEY3_HI (0x009c)
++#define C7108_AES_EKEY4_LO (0x00a0)
++#define C7108_AES_EKEY4_HI (0x00a4)
++#define C7108_AES_EKEY5_LO (0x00a8)
++#define C7108_AES_EKEY5_HI (0x00ac)
++#define C7108_AES_EKEY6_LO (0x00b0)
++#define C7108_AES_EKEY6_HI (0x00b4)
++#define C7108_AES_EKEY7_LO (0x00b8)
++#define C7108_AES_EKEY7_HI (0x00bc)
++#define C7108_AES_OK (0x00fc) /* Reset: "OK" */
++
++#define offset_in_page(p) ((unsigned long)(p) & ~PAGE_MASK)
++
++/* Software session entry */
++
++#define HW_TYPE_CIPHER 0
++#define SW_TYPE_HMAC 1
++#define SW_TYPE_AUTH2 2
++#define SW_TYPE_HASH 3
++#define SW_TYPE_COMP 4
++
++struct cipher_7108 {
++ int xfm_type;
++ int cri_alg;
++ union {
++ struct {
++ char sw_key[HMAC_BLOCK_LEN];
++ int sw_klen;
++ int sw_authlen;
++ } hmac;
++ } u;
++ struct cipher_7108 *next;
++};
++
++
++
++#endif /* __C7108_AES_7108_H__ */
+diff --git a/crypto/ocf/criov.c b/crypto/ocf/criov.c
+new file mode 100644
+index 0000000..6d7d3ad
+--- /dev/null
++++ b/crypto/ocf/criov.c
+@@ -0,0 +1,215 @@
++/* $OpenBSD: criov.c,v 1.9 2002/01/29 15:48:29 jason Exp $ */
++
++/*
++ * Linux port done by David McCullough <david_mccullough at mcafee.com>
++ * Copyright (C) 2006-2010 David McCullough
++ * Copyright (C) 2004-2005 Intel Corporation.
++ * The license and original author are listed below.
++ *
++ * Copyright (c) 1999 Theo de Raadt
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++__FBSDID("$FreeBSD: src/sys/opencrypto/criov.c,v 1.5 2006/06/04 22:15:13 pjd Exp $");
++ */
++
++#ifndef AUTOCONF_INCLUDED
++#include <linux/config.h>
++#endif
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/slab.h>
++#include <linux/uio.h>
++#include <linux/skbuff.h>
++#include <linux/kernel.h>
++#include <linux/mm.h>
++#include <asm/io.h>
++
++#include <uio.h>
++#include <cryptodev.h>
++
++/*
++ * This macro is only for avoiding code duplication, as we need to skip
++ * given number of bytes in the same way in three functions below.
++ */
++#define CUIO_SKIP() do { \
++ KASSERT(off >= 0, ("%s: off %d < 0", __func__, off)); \
++ KASSERT(len >= 0, ("%s: len %d < 0", __func__, len)); \
++ while (off > 0) { \
++ KASSERT(iol >= 0, ("%s: empty in skip", __func__)); \
++ if (off < iov->iov_len) \
++ break; \
++ off -= iov->iov_len; \
++ iol--; \
++ iov++; \
++ } \
++} while (0)
++
++void
++cuio_copydata(struct uio* uio, int off, int len, caddr_t cp)
++{
++ struct iovec *iov = uio->uio_iov;
++ int iol = uio->uio_iovcnt;
++ unsigned count;
++
++ CUIO_SKIP();
++ while (len > 0) {
++ KASSERT(iol >= 0, ("%s: empty", __func__));
++ count = min((int)(iov->iov_len - off), len);
++ memcpy(cp, ((caddr_t)iov->iov_base) + off, count);
++ len -= count;
++ cp += count;
++ off = 0;
++ iol--;
++ iov++;
++ }
++}
++
++void
++cuio_copyback(struct uio* uio, int off, int len, caddr_t cp)
++{
++ struct iovec *iov = uio->uio_iov;
++ int iol = uio->uio_iovcnt;
++ unsigned count;
++
++ CUIO_SKIP();
++ while (len > 0) {
++ KASSERT(iol >= 0, ("%s: empty", __func__));
++ count = min((int)(iov->iov_len - off), len);
++ memcpy(((caddr_t)iov->iov_base) + off, cp, count);
++ len -= count;
++ cp += count;
++ off = 0;
++ iol--;
++ iov++;
++ }
++}
++
++/*
++ * Return a pointer to iov/offset of location in iovec list.
++ */
++struct iovec *
++cuio_getptr(struct uio *uio, int loc, int *off)
++{
++ struct iovec *iov = uio->uio_iov;
++ int iol = uio->uio_iovcnt;
++
++ while (loc >= 0) {
++ /* Normal end of search */
++ if (loc < iov->iov_len) {
++ *off = loc;
++ return (iov);
++ }
++
++ loc -= iov->iov_len;
++ if (iol == 0) {
++ if (loc == 0) {
++ /* Point at the end of valid data */
++ *off = iov->iov_len;
++ return (iov);
++ } else
++ return (NULL);
++ } else {
++ iov++, iol--;
++ }
++ }
++
++ return (NULL);
++}
++
++EXPORT_SYMBOL(cuio_copyback);
++EXPORT_SYMBOL(cuio_copydata);
++EXPORT_SYMBOL(cuio_getptr);
++
++
++static void
++skb_copy_bits_back(struct sk_buff *skb, int offset, caddr_t cp, int len)
++{
++ int i;
++ if (offset < skb_headlen(skb)) {
++ memcpy(skb->data + offset, cp, min_t(int, skb_headlen(skb), len));
++ len -= skb_headlen(skb);
++ cp += skb_headlen(skb);
++ }
++ offset -= skb_headlen(skb);
++ for (i = 0; len > 0 && i < skb_shinfo(skb)->nr_frags; i++) {
++ if (offset < skb_shinfo(skb)->frags[i].size) {
++ memcpy(page_address(skb_shinfo(skb)->frags[i].page) +
++ skb_shinfo(skb)->frags[i].page_offset,
++ cp, min_t(int, skb_shinfo(skb)->frags[i].size, len));
++ len -= skb_shinfo(skb)->frags[i].size;
++ cp += skb_shinfo(skb)->frags[i].size;
++ }
++ offset -= skb_shinfo(skb)->frags[i].size;
++ }
++}
++
++void
++crypto_copyback(int flags, caddr_t buf, int off, int size, caddr_t in)
++{
++
++ if ((flags & CRYPTO_F_SKBUF) != 0)
++ skb_copy_bits_back((struct sk_buff *)buf, off, in, size);
++ else if ((flags & CRYPTO_F_IOV) != 0)
++ cuio_copyback((struct uio *)buf, off, size, in);
++ else
++ bcopy(in, buf + off, size);
++}
++
++void
++crypto_copydata(int flags, caddr_t buf, int off, int size, caddr_t out)
++{
++
++ if ((flags & CRYPTO_F_SKBUF) != 0)
++ skb_copy_bits((struct sk_buff *)buf, off, out, size);
++ else if ((flags & CRYPTO_F_IOV) != 0)
++ cuio_copydata((struct uio *)buf, off, size, out);
++ else
++ bcopy(buf + off, out, size);
++}
++
++int
++crypto_apply(int flags, caddr_t buf, int off, int len,
++ int (*f)(void *, void *, u_int), void *arg)
++{
++#if 0
++ int error;
++
++ if ((flags & CRYPTO_F_SKBUF) != 0)
++ error = XXXXXX((struct mbuf *)buf, off, len, f, arg);
++ else if ((flags & CRYPTO_F_IOV) != 0)
++ error = cuio_apply((struct uio *)buf, off, len, f, arg);
++ else
++ error = (*f)(arg, buf + off, len);
++ return (error);
++#else
++ KASSERT(0, ("crypto_apply not implemented!\n"));
++#endif
++ return 0;
++}
++
++EXPORT_SYMBOL(crypto_copyback);
++EXPORT_SYMBOL(crypto_copydata);
++EXPORT_SYMBOL(crypto_apply);
++
+diff --git a/crypto/ocf/crypto.c b/crypto/ocf/crypto.c
+new file mode 100644
+index 0000000..9735f0c
+--- /dev/null
++++ b/crypto/ocf/crypto.c
+@@ -0,0 +1,1784 @@
++/*-
++ * Linux port done by David McCullough <david_mccullough at mcafee.com>
++ * Copyright (C) 2006-2010 David McCullough
++ * Copyright (C) 2004-2005 Intel Corporation.
++ * The license and original author are listed below.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * Copyright (c) 2002-2006 Sam Leffler. All rights reserved.
++ *
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ */
++
++#if 0
++#include <sys/cdefs.h>
++__FBSDID("$FreeBSD: src/sys/opencrypto/crypto.c,v 1.27 2007/03/21 03:42:51 sam Exp $");
++#endif
++
++/*
++ * Cryptographic Subsystem.
++ *
++ * This code is derived from the Openbsd Cryptographic Framework (OCF)
++ * that has the copyright shown below. Very little of the original
++ * code remains.
++ */
++/*-
++ * The author of this code is Angelos D. Keromytis (angelos at cis.upenn.edu)
++ *
++ * This code was written by Angelos D. Keromytis in Athens, Greece, in
++ * February 2000. Network Security Technologies Inc. (NSTI) kindly
++ * supported the development of this code.
++ *
++ * Copyright (c) 2000, 2001 Angelos D. Keromytis
++ *
++ * Permission to use, copy, and modify this software with or without fee
++ * is hereby granted, provided that this entire notice is included in
++ * all source code copies of any software which is or includes a copy or
++ * modification of this software.
++ *
++ * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
++ * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
++ * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
++ * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
++ * PURPOSE.
++ *
++__FBSDID("$FreeBSD: src/sys/opencrypto/crypto.c,v 1.16 2005/01/07 02:29:16 imp Exp $");
++ */
++
++
++#ifndef AUTOCONF_INCLUDED
++#include <linux/config.h>
++#endif
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/list.h>
++#include <linux/slab.h>
++#include <linux/wait.h>
++#include <linux/sched.h>
++#include <linux/spinlock.h>
++#include <linux/version.h>
++#include <cryptodev.h>
++
++/*
++ * keep track of whether or not we have been initialised, a big
++ * issue if we are linked into the kernel and a driver gets started before
++ * us
++ */
++static int crypto_initted = 0;
++
++/*
++ * Crypto drivers register themselves by allocating a slot in the
++ * crypto_drivers table with crypto_get_driverid() and then registering
++ * each algorithm they support with crypto_register() and crypto_kregister().
++ */
++
++/*
++ * lock on driver table
++ * we track its state as spin_is_locked does not do anything on non-SMP boxes
++ */
++static spinlock_t crypto_drivers_lock;
++static int crypto_drivers_locked; /* for non-SMP boxes */
++
++#define CRYPTO_DRIVER_LOCK() \
++ ({ \
++ spin_lock_irqsave(&crypto_drivers_lock, d_flags); \
++ crypto_drivers_locked = 1; \
++ dprintk("%s,%d: DRIVER_LOCK()\n", __FILE__, __LINE__); \
++ })
++#define CRYPTO_DRIVER_UNLOCK() \
++ ({ \
++ dprintk("%s,%d: DRIVER_UNLOCK()\n", __FILE__, __LINE__); \
++ crypto_drivers_locked = 0; \
++ spin_unlock_irqrestore(&crypto_drivers_lock, d_flags); \
++ })
++#define CRYPTO_DRIVER_ASSERT() \
++ ({ \
++ if (!crypto_drivers_locked) { \
++ dprintk("%s,%d: DRIVER_ASSERT!\n", __FILE__, __LINE__); \
++ } \
++ })
++
++/*
++ * Crypto device/driver capabilities structure.
++ *
++ * Synchronization:
++ * (d) - protected by CRYPTO_DRIVER_LOCK()
++ * (q) - protected by CRYPTO_Q_LOCK()
++ * Not tagged fields are read-only.
++ */
++struct cryptocap {
++ device_t cc_dev; /* (d) device/driver */
++ u_int32_t cc_sessions; /* (d) # of sessions */
++ u_int32_t cc_koperations; /* (d) # os asym operations */
++ /*
++ * Largest possible operator length (in bits) for each type of
++ * encryption algorithm. XXX not used
++ */
++ u_int16_t cc_max_op_len[CRYPTO_ALGORITHM_MAX + 1];
++ u_int8_t cc_alg[CRYPTO_ALGORITHM_MAX + 1];
++ u_int8_t cc_kalg[CRK_ALGORITHM_MAX + 1];
++
++ int cc_flags; /* (d) flags */
++#define CRYPTOCAP_F_CLEANUP 0x80000000 /* needs resource cleanup */
++ int cc_qblocked; /* (q) symmetric q blocked */
++ int cc_kqblocked; /* (q) asymmetric q blocked */
++
++ int cc_unqblocked; /* (q) symmetric q blocked */
++ int cc_unkqblocked; /* (q) asymmetric q blocked */
++};
++static struct cryptocap *crypto_drivers = NULL;
++static int crypto_drivers_num = 0;
++
++/*
++ * There are two queues for crypto requests; one for symmetric (e.g.
++ * cipher) operations and one for asymmetric (e.g. MOD)operations.
++ * A single mutex is used to lock access to both queues. We could
++ * have one per-queue but having one simplifies handling of block/unblock
++ * operations.
++ */
++static int crp_sleep = 0;
++static LIST_HEAD(crp_q); /* request queues */
++static LIST_HEAD(crp_kq);
++
++static spinlock_t crypto_q_lock;
++
++int crypto_all_qblocked = 0; /* protect with Q_LOCK */
++module_param(crypto_all_qblocked, int, 0444);
++MODULE_PARM_DESC(crypto_all_qblocked, "Are all crypto queues blocked");
++
++int crypto_all_kqblocked = 0; /* protect with Q_LOCK */
++module_param(crypto_all_kqblocked, int, 0444);
++MODULE_PARM_DESC(crypto_all_kqblocked, "Are all asym crypto queues blocked");
++
++#define CRYPTO_Q_LOCK() \
++ ({ \
++ spin_lock_irqsave(&crypto_q_lock, q_flags); \
++ dprintk("%s,%d: Q_LOCK()\n", __FILE__, __LINE__); \
++ })
++#define CRYPTO_Q_UNLOCK() \
++ ({ \
++ dprintk("%s,%d: Q_UNLOCK()\n", __FILE__, __LINE__); \
++ spin_unlock_irqrestore(&crypto_q_lock, q_flags); \
++ })
++
++/*
++ * There are two queues for processing completed crypto requests; one
++ * for the symmetric and one for the asymmetric ops. We only need one
++ * but have two to avoid type futzing (cryptop vs. cryptkop). A single
++ * mutex is used to lock access to both queues. Note that this lock
++ * must be separate from the lock on request queues to insure driver
++ * callbacks don't generate lock order reversals.
++ */
++static LIST_HEAD(crp_ret_q); /* callback queues */
++static LIST_HEAD(crp_ret_kq);
++
++static spinlock_t crypto_ret_q_lock;
++#define CRYPTO_RETQ_LOCK() \
++ ({ \
++ spin_lock_irqsave(&crypto_ret_q_lock, r_flags); \
++ dprintk("%s,%d: RETQ_LOCK\n", __FILE__, __LINE__); \
++ })
++#define CRYPTO_RETQ_UNLOCK() \
++ ({ \
++ dprintk("%s,%d: RETQ_UNLOCK\n", __FILE__, __LINE__); \
++ spin_unlock_irqrestore(&crypto_ret_q_lock, r_flags); \
++ })
++#define CRYPTO_RETQ_EMPTY() (list_empty(&crp_ret_q) && list_empty(&crp_ret_kq))
++
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,20)
++static kmem_cache_t *cryptop_zone;
++static kmem_cache_t *cryptodesc_zone;
++#else
++static struct kmem_cache *cryptop_zone;
++static struct kmem_cache *cryptodesc_zone;
++#endif
++
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,27)
++#include <linux/sched.h>
++#define kill_proc(p,s,v) send_sig(s,find_task_by_vpid(p),0)
++#endif
++
++#define debug crypto_debug
++int crypto_debug = 0;
++module_param(crypto_debug, int, 0644);
++MODULE_PARM_DESC(crypto_debug, "Enable debug");
++EXPORT_SYMBOL(crypto_debug);
++
++/*
++ * Maximum number of outstanding crypto requests before we start
++ * failing requests. We need this to prevent DOS when too many
++ * requests are arriving for us to keep up. Otherwise we will
++ * run the system out of memory. Since crypto is slow, we are
++ * usually the bottleneck that needs to say, enough is enough.
++ *
++ * We cannot print errors when this condition occurs, we are already too
++ * slow, printing anything will just kill us
++ */
++
++static int crypto_q_cnt = 0;
++module_param(crypto_q_cnt, int, 0444);
++MODULE_PARM_DESC(crypto_q_cnt,
++ "Current number of outstanding crypto requests");
++
++static int crypto_q_max = 1000;
++module_param(crypto_q_max, int, 0644);
++MODULE_PARM_DESC(crypto_q_max,
++ "Maximum number of outstanding crypto requests");
++
++#define bootverbose crypto_verbose
++static int crypto_verbose = 0;
++module_param(crypto_verbose, int, 0644);
++MODULE_PARM_DESC(crypto_verbose,
++ "Enable verbose crypto startup");
++
++int crypto_usercrypto = 1; /* userland may do crypto reqs */
++module_param(crypto_usercrypto, int, 0644);
++MODULE_PARM_DESC(crypto_usercrypto,
++ "Enable/disable user-mode access to crypto support");
++
++int crypto_userasymcrypto = 1; /* userland may do asym crypto reqs */
++module_param(crypto_userasymcrypto, int, 0644);
++MODULE_PARM_DESC(crypto_userasymcrypto,
++ "Enable/disable user-mode access to asymmetric crypto support");
++
++int crypto_devallowsoft = 0; /* only use hardware crypto */
++module_param(crypto_devallowsoft, int, 0644);
++MODULE_PARM_DESC(crypto_devallowsoft,
++ "Enable/disable use of software crypto support");
++
++/*
++ * This parameter controls the maximum number of crypto operations to
++ * do consecutively in the crypto kernel thread before scheduling to allow
++ * other processes to run. Without it, it is possible to get into a
++ * situation where the crypto thread never allows any other processes to run.
++ * Default to 1000 which should be less than one second.
++ */
++static int crypto_max_loopcount = 1000;
++module_param(crypto_max_loopcount, int, 0644);
++MODULE_PARM_DESC(crypto_max_loopcount,
++ "Maximum number of crypto ops to do before yielding to other processes");
++
++static pid_t cryptoproc = (pid_t) -1;
++static struct completion cryptoproc_exited;
++static DECLARE_WAIT_QUEUE_HEAD(cryptoproc_wait);
++static pid_t cryptoretproc = (pid_t) -1;
++static struct completion cryptoretproc_exited;
++static DECLARE_WAIT_QUEUE_HEAD(cryptoretproc_wait);
++
++static int crypto_proc(void *arg);
++static int crypto_ret_proc(void *arg);
++static int crypto_invoke(struct cryptocap *cap, struct cryptop *crp, int hint);
++static int crypto_kinvoke(struct cryptkop *krp, int flags);
++static void crypto_exit(void);
++static int crypto_init(void);
++
++static struct cryptostats cryptostats;
++
++static struct cryptocap *
++crypto_checkdriver(u_int32_t hid)
++{
++ if (crypto_drivers == NULL)
++ return NULL;
++ return (hid >= crypto_drivers_num ? NULL : &crypto_drivers[hid]);
++}
++
++/*
++ * Compare a driver's list of supported algorithms against another
++ * list; return non-zero if all algorithms are supported.
++ */
++static int
++driver_suitable(const struct cryptocap *cap, const struct cryptoini *cri)
++{
++ const struct cryptoini *cr;
++
++ /* See if all the algorithms are supported. */
++ for (cr = cri; cr; cr = cr->cri_next)
++ if (cap->cc_alg[cr->cri_alg] == 0)
++ return 0;
++ return 1;
++}
++
++/*
++ * Select a driver for a new session that supports the specified
++ * algorithms and, optionally, is constrained according to the flags.
++ * The algorithm we use here is pretty stupid; just use the
++ * first driver that supports all the algorithms we need. If there
++ * are multiple drivers we choose the driver with the fewest active
++ * sessions. We prefer hardware-backed drivers to software ones.
++ *
++ * XXX We need more smarts here (in real life too, but that's
++ * XXX another story altogether).
++ */
++static struct cryptocap *
++crypto_select_driver(const struct cryptoini *cri, int flags)
++{
++ struct cryptocap *cap, *best;
++ int match, hid;
++
++ CRYPTO_DRIVER_ASSERT();
++
++ /*
++ * Look first for hardware crypto devices if permitted.
++ */
++ if (flags & CRYPTOCAP_F_HARDWARE)
++ match = CRYPTOCAP_F_HARDWARE;
++ else
++ match = CRYPTOCAP_F_SOFTWARE;
++ best = NULL;
++again:
++ for (hid = 0; hid < crypto_drivers_num; hid++) {
++ cap = &crypto_drivers[hid];
++ /*
++ * If it's not initialized, is in the process of
++ * going away, or is not appropriate (hardware
++ * or software based on match), then skip.
++ */
++ if (cap->cc_dev == NULL ||
++ (cap->cc_flags & CRYPTOCAP_F_CLEANUP) ||
++ (cap->cc_flags & match) == 0)
++ continue;
++
++ /* verify all the algorithms are supported. */
++ if (driver_suitable(cap, cri)) {
++ if (best == NULL ||
++ cap->cc_sessions < best->cc_sessions)
++ best = cap;
++ }
++ }
++ if (best != NULL)
++ return best;
++ if (match == CRYPTOCAP_F_HARDWARE && (flags & CRYPTOCAP_F_SOFTWARE)) {
++ /* sort of an Algol 68-style for loop */
++ match = CRYPTOCAP_F_SOFTWARE;
++ goto again;
++ }
++ return best;
++}
++
++/*
++ * Create a new session. The crid argument specifies a crypto
++ * driver to use or constraints on a driver to select (hardware
++ * only, software only, either). Whatever driver is selected
++ * must be capable of the requested crypto algorithms.
++ */
++int
++crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int crid)
++{
++ struct cryptocap *cap;
++ u_int32_t hid, lid;
++ int err;
++ unsigned long d_flags;
++
++ CRYPTO_DRIVER_LOCK();
++ if ((crid & (CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE)) == 0) {
++ /*
++ * Use specified driver; verify it is capable.
++ */
++ cap = crypto_checkdriver(crid);
++ if (cap != NULL && !driver_suitable(cap, cri))
++ cap = NULL;
++ } else {
++ /*
++ * No requested driver; select based on crid flags.
++ */
++ cap = crypto_select_driver(cri, crid);
++ /*
++ * if NULL then can't do everything in one session.
++ * XXX Fix this. We need to inject a "virtual" session
++ * XXX layer right about here.
++ */
++ }
++ if (cap != NULL) {
++ /* Call the driver initialization routine. */
++ hid = cap - crypto_drivers;
++ lid = hid; /* Pass the driver ID. */
++ cap->cc_sessions++;
++ CRYPTO_DRIVER_UNLOCK();
++ err = CRYPTODEV_NEWSESSION(cap->cc_dev, &lid, cri);
++ CRYPTO_DRIVER_LOCK();
++ if (err == 0) {
++ (*sid) = (cap->cc_flags & 0xff000000)
++ | (hid & 0x00ffffff);
++ (*sid) <<= 32;
++ (*sid) |= (lid & 0xffffffff);
++ } else
++ cap->cc_sessions--;
++ } else
++ err = EINVAL;
++ CRYPTO_DRIVER_UNLOCK();
++ return err;
++}
++
++static void
++crypto_remove(struct cryptocap *cap)
++{
++ CRYPTO_DRIVER_ASSERT();
++ if (cap->cc_sessions == 0 && cap->cc_koperations == 0)
++ bzero(cap, sizeof(*cap));
++}
++
++/*
++ * Delete an existing session (or a reserved session on an unregistered
++ * driver).
++ */
++int
++crypto_freesession(u_int64_t sid)
++{
++ struct cryptocap *cap;
++ u_int32_t hid;
++ int err = 0;
++ unsigned long d_flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++ CRYPTO_DRIVER_LOCK();
++
++ if (crypto_drivers == NULL) {
++ err = EINVAL;
++ goto done;
++ }
++
++ /* Determine two IDs. */
++ hid = CRYPTO_SESID2HID(sid);
++
++ if (hid >= crypto_drivers_num) {
++ dprintk("%s - INVALID DRIVER NUM %d\n", __FUNCTION__, hid);
++ err = ENOENT;
++ goto done;
++ }
++ cap = &crypto_drivers[hid];
++
++ if (cap->cc_dev) {
++ CRYPTO_DRIVER_UNLOCK();
++ /* Call the driver cleanup routine, if available, unlocked. */
++ err = CRYPTODEV_FREESESSION(cap->cc_dev, sid);
++ CRYPTO_DRIVER_LOCK();
++ }
++
++ if (cap->cc_sessions)
++ cap->cc_sessions--;
++
++ if (cap->cc_flags & CRYPTOCAP_F_CLEANUP)
++ crypto_remove(cap);
++
++done:
++ CRYPTO_DRIVER_UNLOCK();
++ return err;
++}
++
++/*
++ * Return an unused driver id. Used by drivers prior to registering
++ * support for the algorithms they handle.
++ */
++int32_t
++crypto_get_driverid(device_t dev, int flags)
++{
++ struct cryptocap *newdrv;
++ int i;
++ unsigned long d_flags;
++
++ if ((flags & (CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE)) == 0) {
++ printf("%s: no flags specified when registering driver\n",
++ device_get_nameunit(dev));
++ return -1;
++ }
++
++ CRYPTO_DRIVER_LOCK();
++
++ for (i = 0; i < crypto_drivers_num; i++) {
++ if (crypto_drivers[i].cc_dev == NULL &&
++ (crypto_drivers[i].cc_flags & CRYPTOCAP_F_CLEANUP) == 0) {
++ break;
++ }
++ }
++
++ /* Out of entries, allocate some more. */
++ if (i == crypto_drivers_num) {
++ /* Be careful about wrap-around. */
++ if (2 * crypto_drivers_num <= crypto_drivers_num) {
++ CRYPTO_DRIVER_UNLOCK();
++ printk("crypto: driver count wraparound!\n");
++ return -1;
++ }
++
++ newdrv = kmalloc(2 * crypto_drivers_num * sizeof(struct cryptocap),
++ GFP_KERNEL);
++ if (newdrv == NULL) {
++ CRYPTO_DRIVER_UNLOCK();
++ printk("crypto: no space to expand driver table!\n");
++ return -1;
++ }
++
++ memcpy(newdrv, crypto_drivers,
++ crypto_drivers_num * sizeof(struct cryptocap));
++ memset(&newdrv[crypto_drivers_num], 0,
++ crypto_drivers_num * sizeof(struct cryptocap));
++
++ crypto_drivers_num *= 2;
++
++ kfree(crypto_drivers);
++ crypto_drivers = newdrv;
++ }
++
++ /* NB: state is zero'd on free */
++ crypto_drivers[i].cc_sessions = 1; /* Mark */
++ crypto_drivers[i].cc_dev = dev;
++ crypto_drivers[i].cc_flags = flags;
++ if (bootverbose)
++ printf("crypto: assign %s driver id %u, flags %u\n",
++ device_get_nameunit(dev), i, flags);
++
++ CRYPTO_DRIVER_UNLOCK();
++
++ return i;
++}
++
++/*
++ * Lookup a driver by name. We match against the full device
++ * name and unit, and against just the name. The latter gives
++ * us a simple widlcarding by device name. On success return the
++ * driver/hardware identifier; otherwise return -1.
++ */
++int
++crypto_find_driver(const char *match)
++{
++ int i, len = strlen(match);
++ unsigned long d_flags;
++
++ CRYPTO_DRIVER_LOCK();
++ for (i = 0; i < crypto_drivers_num; i++) {
++ device_t dev = crypto_drivers[i].cc_dev;
++ if (dev == NULL ||
++ (crypto_drivers[i].cc_flags & CRYPTOCAP_F_CLEANUP))
++ continue;
++ if (strncmp(match, device_get_nameunit(dev), len) == 0 ||
++ strncmp(match, device_get_name(dev), len) == 0)
++ break;
++ }
++ CRYPTO_DRIVER_UNLOCK();
++ return i < crypto_drivers_num ? i : -1;
++}
++
++/*
++ * Return the device_t for the specified driver or NULL
++ * if the driver identifier is invalid.
++ */
++device_t
++crypto_find_device_byhid(int hid)
++{
++ struct cryptocap *cap = crypto_checkdriver(hid);
++ return cap != NULL ? cap->cc_dev : NULL;
++}
++
++/*
++ * Return the device/driver capabilities.
++ */
++int
++crypto_getcaps(int hid)
++{
++ struct cryptocap *cap = crypto_checkdriver(hid);
++ return cap != NULL ? cap->cc_flags : 0;
++}
++
++/*
++ * Register support for a key-related algorithm. This routine
++ * is called once for each algorithm supported a driver.
++ */
++int
++crypto_kregister(u_int32_t driverid, int kalg, u_int32_t flags)
++{
++ struct cryptocap *cap;
++ int err;
++ unsigned long d_flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++ CRYPTO_DRIVER_LOCK();
++
++ cap = crypto_checkdriver(driverid);
++ if (cap != NULL &&
++ (CRK_ALGORITM_MIN <= kalg && kalg <= CRK_ALGORITHM_MAX)) {
++ /*
++ * XXX Do some performance testing to determine placing.
++ * XXX We probably need an auxiliary data structure that
++ * XXX describes relative performances.
++ */
++
++ cap->cc_kalg[kalg] = flags | CRYPTO_ALG_FLAG_SUPPORTED;
++ if (bootverbose)
++ printf("crypto: %s registers key alg %u flags %u\n"
++ , device_get_nameunit(cap->cc_dev)
++ , kalg
++ , flags
++ );
++ err = 0;
++ } else
++ err = EINVAL;
++
++ CRYPTO_DRIVER_UNLOCK();
++ return err;
++}
++
++/*
++ * Register support for a non-key-related algorithm. This routine
++ * is called once for each such algorithm supported by a driver.
++ */
++int
++crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen,
++ u_int32_t flags)
++{
++ struct cryptocap *cap;
++ int err;
++ unsigned long d_flags;
++
++ dprintk("%s(id=0x%x, alg=%d, maxoplen=%d, flags=0x%x)\n", __FUNCTION__,
++ driverid, alg, maxoplen, flags);
++
++ CRYPTO_DRIVER_LOCK();
++
++ cap = crypto_checkdriver(driverid);
++ /* NB: algorithms are in the range [1..max] */
++ if (cap != NULL &&
++ (CRYPTO_ALGORITHM_MIN <= alg && alg <= CRYPTO_ALGORITHM_MAX)) {
++ /*
++ * XXX Do some performance testing to determine placing.
++ * XXX We probably need an auxiliary data structure that
++ * XXX describes relative performances.
++ */
++
++ cap->cc_alg[alg] = flags | CRYPTO_ALG_FLAG_SUPPORTED;
++ cap->cc_max_op_len[alg] = maxoplen;
++ if (bootverbose)
++ printf("crypto: %s registers alg %u flags %u maxoplen %u\n"
++ , device_get_nameunit(cap->cc_dev)
++ , alg
++ , flags
++ , maxoplen
++ );
++ cap->cc_sessions = 0; /* Unmark */
++ err = 0;
++ } else
++ err = EINVAL;
++
++ CRYPTO_DRIVER_UNLOCK();
++ return err;
++}
++
++static void
++driver_finis(struct cryptocap *cap)
++{
++ u_int32_t ses, kops;
++
++ CRYPTO_DRIVER_ASSERT();
++
++ ses = cap->cc_sessions;
++ kops = cap->cc_koperations;
++ bzero(cap, sizeof(*cap));
++ if (ses != 0 || kops != 0) {
++ /*
++ * If there are pending sessions,
++ * just mark as invalid.
++ */
++ cap->cc_flags |= CRYPTOCAP_F_CLEANUP;
++ cap->cc_sessions = ses;
++ cap->cc_koperations = kops;
++ }
++}
++
++/*
++ * Unregister a crypto driver. If there are pending sessions using it,
++ * leave enough information around so that subsequent calls using those
++ * sessions will correctly detect the driver has been unregistered and
++ * reroute requests.
++ */
++int
++crypto_unregister(u_int32_t driverid, int alg)
++{
++ struct cryptocap *cap;
++ int i, err;
++ unsigned long d_flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++ CRYPTO_DRIVER_LOCK();
++
++ cap = crypto_checkdriver(driverid);
++ if (cap != NULL &&
++ (CRYPTO_ALGORITHM_MIN <= alg && alg <= CRYPTO_ALGORITHM_MAX) &&
++ cap->cc_alg[alg] != 0) {
++ cap->cc_alg[alg] = 0;
++ cap->cc_max_op_len[alg] = 0;
++
++ /* Was this the last algorithm ? */
++ for (i = 1; i <= CRYPTO_ALGORITHM_MAX; i++)
++ if (cap->cc_alg[i] != 0)
++ break;
++
++ if (i == CRYPTO_ALGORITHM_MAX + 1)
++ driver_finis(cap);
++ err = 0;
++ } else
++ err = EINVAL;
++ CRYPTO_DRIVER_UNLOCK();
++ return err;
++}
++
++/*
++ * Unregister all algorithms associated with a crypto driver.
++ * If there are pending sessions using it, leave enough information
++ * around so that subsequent calls using those sessions will
++ * correctly detect the driver has been unregistered and reroute
++ * requests.
++ */
++int
++crypto_unregister_all(u_int32_t driverid)
++{
++ struct cryptocap *cap;
++ int err;
++ unsigned long d_flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++ CRYPTO_DRIVER_LOCK();
++ cap = crypto_checkdriver(driverid);
++ if (cap != NULL) {
++ driver_finis(cap);
++ err = 0;
++ } else
++ err = EINVAL;
++ CRYPTO_DRIVER_UNLOCK();
++
++ return err;
++}
++
++/*
++ * Clear blockage on a driver. The what parameter indicates whether
++ * the driver is now ready for cryptop's and/or cryptokop's.
++ */
++int
++crypto_unblock(u_int32_t driverid, int what)
++{
++ struct cryptocap *cap;
++ int err;
++ unsigned long q_flags;
++
++ CRYPTO_Q_LOCK();
++ cap = crypto_checkdriver(driverid);
++ if (cap != NULL) {
++ if (what & CRYPTO_SYMQ) {
++ cap->cc_qblocked = 0;
++ cap->cc_unqblocked = 0;
++ crypto_all_qblocked = 0;
++ }
++ if (what & CRYPTO_ASYMQ) {
++ cap->cc_kqblocked = 0;
++ cap->cc_unkqblocked = 0;
++ crypto_all_kqblocked = 0;
++ }
++ if (crp_sleep)
++ wake_up_interruptible(&cryptoproc_wait);
++ err = 0;
++ } else
++ err = EINVAL;
++ CRYPTO_Q_UNLOCK(); //DAVIDM should this be a driver lock
++
++ return err;
++}
++
++/*
++ * Add a crypto request to a queue, to be processed by the kernel thread.
++ */
++int
++crypto_dispatch(struct cryptop *crp)
++{
++ struct cryptocap *cap;
++ int result = -1;
++ unsigned long q_flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ cryptostats.cs_ops++;
++
++ CRYPTO_Q_LOCK();
++ if (crypto_q_cnt >= crypto_q_max) {
++ CRYPTO_Q_UNLOCK();
++ cryptostats.cs_drops++;
++ return ENOMEM;
++ }
++ crypto_q_cnt++;
++
++ /* make sure we are starting a fresh run on this crp. */
++ crp->crp_flags &= ~CRYPTO_F_DONE;
++ crp->crp_etype = 0;
++
++ /*
++ * Caller marked the request to be processed immediately; dispatch
++ * it directly to the driver unless the driver is currently blocked.
++ */
++ if ((crp->crp_flags & CRYPTO_F_BATCH) == 0) {
++ int hid = CRYPTO_SESID2HID(crp->crp_sid);
++ cap = crypto_checkdriver(hid);
++ /* Driver cannot disappear when there is an active session. */
++ KASSERT(cap != NULL, ("%s: Driver disappeared.", __func__));
++ if (!cap->cc_qblocked) {
++ crypto_all_qblocked = 0;
++ crypto_drivers[hid].cc_unqblocked = 1;
++ CRYPTO_Q_UNLOCK();
++ result = crypto_invoke(cap, crp, 0);
++ CRYPTO_Q_LOCK();
++ if (result == ERESTART)
++ if (crypto_drivers[hid].cc_unqblocked)
++ crypto_drivers[hid].cc_qblocked = 1;
++ crypto_drivers[hid].cc_unqblocked = 0;
++ }
++ }
++ if (result == ERESTART) {
++ /*
++ * The driver ran out of resources, mark the
++ * driver ``blocked'' for cryptop's and put
++ * the request back in the queue. It would
++ * best to put the request back where we got
++ * it but that's hard so for now we put it
++ * at the front. This should be ok; putting
++ * it at the end does not work.
++ */
++ list_add(&crp->crp_next, &crp_q);
++ cryptostats.cs_blocks++;
++ result = 0;
++ } else if (result == -1) {
++ TAILQ_INSERT_TAIL(&crp_q, crp, crp_next);
++ result = 0;
++ }
++ if (crp_sleep)
++ wake_up_interruptible(&cryptoproc_wait);
++ CRYPTO_Q_UNLOCK();
++ return result;
++}
++
++/*
++ * Add an asymetric crypto request to a queue,
++ * to be processed by the kernel thread.
++ */
++int
++crypto_kdispatch(struct cryptkop *krp)
++{
++ int error;
++ unsigned long q_flags;
++
++ cryptostats.cs_kops++;
++
++ error = crypto_kinvoke(krp, krp->krp_crid);
++ if (error == ERESTART) {
++ CRYPTO_Q_LOCK();
++ TAILQ_INSERT_TAIL(&crp_kq, krp, krp_next);
++ if (crp_sleep)
++ wake_up_interruptible(&cryptoproc_wait);
++ CRYPTO_Q_UNLOCK();
++ error = 0;
++ }
++ return error;
++}
++
++/*
++ * Verify a driver is suitable for the specified operation.
++ */
++static __inline int
++kdriver_suitable(const struct cryptocap *cap, const struct cryptkop *krp)
++{
++ return (cap->cc_kalg[krp->krp_op] & CRYPTO_ALG_FLAG_SUPPORTED) != 0;
++}
++
++/*
++ * Select a driver for an asym operation. The driver must
++ * support the necessary algorithm. The caller can constrain
++ * which device is selected with the flags parameter. The
++ * algorithm we use here is pretty stupid; just use the first
++ * driver that supports the algorithms we need. If there are
++ * multiple suitable drivers we choose the driver with the
++ * fewest active operations. We prefer hardware-backed
++ * drivers to software ones when either may be used.
++ */
++static struct cryptocap *
++crypto_select_kdriver(const struct cryptkop *krp, int flags)
++{
++ struct cryptocap *cap, *best, *blocked;
++ int match, hid;
++
++ CRYPTO_DRIVER_ASSERT();
++
++ /*
++ * Look first for hardware crypto devices if permitted.
++ */
++ if (flags & CRYPTOCAP_F_HARDWARE)
++ match = CRYPTOCAP_F_HARDWARE;
++ else
++ match = CRYPTOCAP_F_SOFTWARE;
++ best = NULL;
++ blocked = NULL;
++again:
++ for (hid = 0; hid < crypto_drivers_num; hid++) {
++ cap = &crypto_drivers[hid];
++ /*
++ * If it's not initialized, is in the process of
++ * going away, or is not appropriate (hardware
++ * or software based on match), then skip.
++ */
++ if (cap->cc_dev == NULL ||
++ (cap->cc_flags & CRYPTOCAP_F_CLEANUP) ||
++ (cap->cc_flags & match) == 0)
++ continue;
++
++ /* verify all the algorithms are supported. */
++ if (kdriver_suitable(cap, krp)) {
++ if (best == NULL ||
++ cap->cc_koperations < best->cc_koperations)
++ best = cap;
++ }
++ }
++ if (best != NULL)
++ return best;
++ if (match == CRYPTOCAP_F_HARDWARE && (flags & CRYPTOCAP_F_SOFTWARE)) {
++ /* sort of an Algol 68-style for loop */
++ match = CRYPTOCAP_F_SOFTWARE;
++ goto again;
++ }
++ return best;
++}
++
++/*
++ * Dispatch an assymetric crypto request.
++ */
++static int
++crypto_kinvoke(struct cryptkop *krp, int crid)
++{
++ struct cryptocap *cap = NULL;
++ int error;
++ unsigned long d_flags;
++
++ KASSERT(krp != NULL, ("%s: krp == NULL", __func__));
++ KASSERT(krp->krp_callback != NULL,
++ ("%s: krp->crp_callback == NULL", __func__));
++
++ CRYPTO_DRIVER_LOCK();
++ if ((crid & (CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE)) == 0) {
++ cap = crypto_checkdriver(crid);
++ if (cap != NULL) {
++ /*
++ * Driver present, it must support the necessary
++ * algorithm and, if s/w drivers are excluded,
++ * it must be registered as hardware-backed.
++ */
++ if (!kdriver_suitable(cap, krp) ||
++ (!crypto_devallowsoft &&
++ (cap->cc_flags & CRYPTOCAP_F_HARDWARE) == 0))
++ cap = NULL;
++ }
++ } else {
++ /*
++ * No requested driver; select based on crid flags.
++ */
++ if (!crypto_devallowsoft) /* NB: disallow s/w drivers */
++ crid &= ~CRYPTOCAP_F_SOFTWARE;
++ cap = crypto_select_kdriver(krp, crid);
++ }
++ if (cap != NULL && !cap->cc_kqblocked) {
++ krp->krp_hid = cap - crypto_drivers;
++ cap->cc_koperations++;
++ CRYPTO_DRIVER_UNLOCK();
++ error = CRYPTODEV_KPROCESS(cap->cc_dev, krp, 0);
++ CRYPTO_DRIVER_LOCK();
++ if (error == ERESTART) {
++ cap->cc_koperations--;
++ CRYPTO_DRIVER_UNLOCK();
++ return (error);
++ }
++ /* return the actual device used */
++ krp->krp_crid = krp->krp_hid;
++ } else {
++ /*
++ * NB: cap is !NULL if device is blocked; in
++ * that case return ERESTART so the operation
++ * is resubmitted if possible.
++ */
++ error = (cap == NULL) ? ENODEV : ERESTART;
++ }
++ CRYPTO_DRIVER_UNLOCK();
++
++ if (error) {
++ krp->krp_status = error;
++ crypto_kdone(krp);
++ }
++ return 0;
++}
++
++
++/*
++ * Dispatch a crypto request to the appropriate crypto devices.
++ */
++static int
++crypto_invoke(struct cryptocap *cap, struct cryptop *crp, int hint)
++{
++ KASSERT(crp != NULL, ("%s: crp == NULL", __func__));
++ KASSERT(crp->crp_callback != NULL,
++ ("%s: crp->crp_callback == NULL", __func__));
++ KASSERT(crp->crp_desc != NULL, ("%s: crp->crp_desc == NULL", __func__));
++
++ dprintk("%s()\n", __FUNCTION__);
++
++#ifdef CRYPTO_TIMING
++ if (crypto_timing)
++ crypto_tstat(&cryptostats.cs_invoke, &crp->crp_tstamp);
++#endif
++ if (cap->cc_flags & CRYPTOCAP_F_CLEANUP) {
++ struct cryptodesc *crd;
++ u_int64_t nid;
++
++ /*
++ * Driver has unregistered; migrate the session and return
++ * an error to the caller so they'll resubmit the op.
++ *
++ * XXX: What if there are more already queued requests for this
++ * session?
++ */
++ crypto_freesession(crp->crp_sid);
++
++ for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next)
++ crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI);
++
++ /* XXX propagate flags from initial session? */
++ if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI),
++ CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE) == 0)
++ crp->crp_sid = nid;
++
++ crp->crp_etype = EAGAIN;
++ crypto_done(crp);
++ return 0;
++ } else {
++ /*
++ * Invoke the driver to process the request.
++ */
++ return CRYPTODEV_PROCESS(cap->cc_dev, crp, hint);
++ }
++}
++
++/*
++ * Release a set of crypto descriptors.
++ */
++void
++crypto_freereq(struct cryptop *crp)
++{
++ struct cryptodesc *crd;
++
++ if (crp == NULL)
++ return;
++
++#ifdef DIAGNOSTIC
++ {
++ struct cryptop *crp2;
++ unsigned long q_flags;
++
++ CRYPTO_Q_LOCK();
++ TAILQ_FOREACH(crp2, &crp_q, crp_next) {
++ KASSERT(crp2 != crp,
++ ("Freeing cryptop from the crypto queue (%p).",
++ crp));
++ }
++ CRYPTO_Q_UNLOCK();
++ CRYPTO_RETQ_LOCK();
++ TAILQ_FOREACH(crp2, &crp_ret_q, crp_next) {
++ KASSERT(crp2 != crp,
++ ("Freeing cryptop from the return queue (%p).",
++ crp));
++ }
++ CRYPTO_RETQ_UNLOCK();
++ }
++#endif
++
++ while ((crd = crp->crp_desc) != NULL) {
++ crp->crp_desc = crd->crd_next;
++ kmem_cache_free(cryptodesc_zone, crd);
++ }
++ kmem_cache_free(cryptop_zone, crp);
++}
++
++/*
++ * Acquire a set of crypto descriptors.
++ */
++struct cryptop *
++crypto_getreq(int num)
++{
++ struct cryptodesc *crd;
++ struct cryptop *crp;
++
++ crp = kmem_cache_alloc(cryptop_zone, SLAB_ATOMIC);
++ if (crp != NULL) {
++ memset(crp, 0, sizeof(*crp));
++ INIT_LIST_HEAD(&crp->crp_next);
++ init_waitqueue_head(&crp->crp_waitq);
++ while (num--) {
++ crd = kmem_cache_alloc(cryptodesc_zone, SLAB_ATOMIC);
++ if (crd == NULL) {
++ crypto_freereq(crp);
++ return NULL;
++ }
++ memset(crd, 0, sizeof(*crd));
++ crd->crd_next = crp->crp_desc;
++ crp->crp_desc = crd;
++ }
++ }
++ return crp;
++}
++
++/*
++ * Invoke the callback on behalf of the driver.
++ */
++void
++crypto_done(struct cryptop *crp)
++{
++ unsigned long q_flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++ if ((crp->crp_flags & CRYPTO_F_DONE) == 0) {
++ crp->crp_flags |= CRYPTO_F_DONE;
++ CRYPTO_Q_LOCK();
++ crypto_q_cnt--;
++ CRYPTO_Q_UNLOCK();
++ } else
++ printk("crypto: crypto_done op already done, flags 0x%x",
++ crp->crp_flags);
++ if (crp->crp_etype != 0)
++ cryptostats.cs_errs++;
++ /*
++ * CBIMM means unconditionally do the callback immediately;
++ * CBIFSYNC means do the callback immediately only if the
++ * operation was done synchronously. Both are used to avoid
++ * doing extraneous context switches; the latter is mostly
++ * used with the software crypto driver.
++ */
++ if ((crp->crp_flags & CRYPTO_F_CBIMM) ||
++ ((crp->crp_flags & CRYPTO_F_CBIFSYNC) &&
++ (CRYPTO_SESID2CAPS(crp->crp_sid) & CRYPTOCAP_F_SYNC))) {
++ /*
++ * Do the callback directly. This is ok when the
++ * callback routine does very little (e.g. the
++ * /dev/crypto callback method just does a wakeup).
++ */
++ crp->crp_callback(crp);
++ } else {
++ unsigned long r_flags;
++ /*
++ * Normal case; queue the callback for the thread.
++ */
++ CRYPTO_RETQ_LOCK();
++ if (CRYPTO_RETQ_EMPTY())
++ wake_up_interruptible(&cryptoretproc_wait);/* shared wait channel */
++ TAILQ_INSERT_TAIL(&crp_ret_q, crp, crp_next);
++ CRYPTO_RETQ_UNLOCK();
++ }
++}
++
++/*
++ * Invoke the callback on behalf of the driver.
++ */
++void
++crypto_kdone(struct cryptkop *krp)
++{
++ struct cryptocap *cap;
++ unsigned long d_flags;
++
++ if ((krp->krp_flags & CRYPTO_KF_DONE) != 0)
++ printk("crypto: crypto_kdone op already done, flags 0x%x",
++ krp->krp_flags);
++ krp->krp_flags |= CRYPTO_KF_DONE;
++ if (krp->krp_status != 0)
++ cryptostats.cs_kerrs++;
++
++ CRYPTO_DRIVER_LOCK();
++ /* XXX: What if driver is loaded in the meantime? */
++ if (krp->krp_hid < crypto_drivers_num) {
++ cap = &crypto_drivers[krp->krp_hid];
++ cap->cc_koperations--;
++ KASSERT(cap->cc_koperations >= 0, ("cc_koperations < 0"));
++ if (cap->cc_flags & CRYPTOCAP_F_CLEANUP)
++ crypto_remove(cap);
++ }
++ CRYPTO_DRIVER_UNLOCK();
++
++ /*
++ * CBIMM means unconditionally do the callback immediately;
++ * This is used to avoid doing extraneous context switches
++ */
++ if ((krp->krp_flags & CRYPTO_KF_CBIMM)) {
++ /*
++ * Do the callback directly. This is ok when the
++ * callback routine does very little (e.g. the
++ * /dev/crypto callback method just does a wakeup).
++ */
++ krp->krp_callback(krp);
++ } else {
++ unsigned long r_flags;
++ /*
++ * Normal case; queue the callback for the thread.
++ */
++ CRYPTO_RETQ_LOCK();
++ if (CRYPTO_RETQ_EMPTY())
++ wake_up_interruptible(&cryptoretproc_wait);/* shared wait channel */
++ TAILQ_INSERT_TAIL(&crp_ret_kq, krp, krp_next);
++ CRYPTO_RETQ_UNLOCK();
++ }
++}
++
++int
++crypto_getfeat(int *featp)
++{
++ int hid, kalg, feat = 0;
++ unsigned long d_flags;
++
++ CRYPTO_DRIVER_LOCK();
++ for (hid = 0; hid < crypto_drivers_num; hid++) {
++ const struct cryptocap *cap = &crypto_drivers[hid];
++
++ if ((cap->cc_flags & CRYPTOCAP_F_SOFTWARE) &&
++ !crypto_devallowsoft) {
++ continue;
++ }
++ for (kalg = 0; kalg < CRK_ALGORITHM_MAX; kalg++)
++ if (cap->cc_kalg[kalg] & CRYPTO_ALG_FLAG_SUPPORTED)
++ feat |= 1 << kalg;
++ }
++ CRYPTO_DRIVER_UNLOCK();
++ *featp = feat;
++ return (0);
++}
++
++/*
++ * Crypto thread, dispatches crypto requests.
++ */
++static int
++crypto_proc(void *arg)
++{
++ struct cryptop *crp, *submit;
++ struct cryptkop *krp, *krpp;
++ struct cryptocap *cap;
++ u_int32_t hid;
++ int result, hint;
++ unsigned long q_flags;
++ int loopcount = 0;
++
++ ocf_daemonize("crypto");
++
++ CRYPTO_Q_LOCK();
++ for (;;) {
++ /*
++ * we need to make sure we don't get into a busy loop with nothing
++ * to do, the two crypto_all_*blocked vars help us find out when
++ * we are all full and can do nothing on any driver or Q. If so we
++ * wait for an unblock.
++ */
++ crypto_all_qblocked = !list_empty(&crp_q);
++
++ /*
++ * Find the first element in the queue that can be
++ * processed and look-ahead to see if multiple ops
++ * are ready for the same driver.
++ */
++ submit = NULL;
++ hint = 0;
++ list_for_each_entry(crp, &crp_q, crp_next) {
++ hid = CRYPTO_SESID2HID(crp->crp_sid);
++ cap = crypto_checkdriver(hid);
++ /*
++ * Driver cannot disappear when there is an active
++ * session.
++ */
++ KASSERT(cap != NULL, ("%s:%u Driver disappeared.",
++ __func__, __LINE__));
++ if (cap == NULL || cap->cc_dev == NULL) {
++ /* Op needs to be migrated, process it. */
++ if (submit == NULL)
++ submit = crp;
++ break;
++ }
++ if (!cap->cc_qblocked) {
++ if (submit != NULL) {
++ /*
++ * We stop on finding another op,
++ * regardless whether its for the same
++ * driver or not. We could keep
++ * searching the queue but it might be
++ * better to just use a per-driver
++ * queue instead.
++ */
++ if (CRYPTO_SESID2HID(submit->crp_sid) == hid)
++ hint = CRYPTO_HINT_MORE;
++ break;
++ } else {
++ submit = crp;
++ if ((submit->crp_flags & CRYPTO_F_BATCH) == 0)
++ break;
++ /* keep scanning for more are q'd */
++ }
++ }
++ }
++ if (submit != NULL) {
++ hid = CRYPTO_SESID2HID(submit->crp_sid);
++ crypto_all_qblocked = 0;
++ list_del(&submit->crp_next);
++ crypto_drivers[hid].cc_unqblocked = 1;
++ cap = crypto_checkdriver(hid);
++ CRYPTO_Q_UNLOCK();
++ KASSERT(cap != NULL, ("%s:%u Driver disappeared.",
++ __func__, __LINE__));
++ result = crypto_invoke(cap, submit, hint);
++ CRYPTO_Q_LOCK();
++ if (result == ERESTART) {
++ /*
++ * The driver ran out of resources, mark the
++ * driver ``blocked'' for cryptop's and put
++ * the request back in the queue. It would
++ * best to put the request back where we got
++ * it but that's hard so for now we put it
++ * at the front. This should be ok; putting
++ * it at the end does not work.
++ */
++ /* XXX validate sid again? */
++ list_add(&submit->crp_next, &crp_q);
++ cryptostats.cs_blocks++;
++ if (crypto_drivers[hid].cc_unqblocked)
++ crypto_drivers[hid].cc_qblocked=0;
++ crypto_drivers[hid].cc_unqblocked=0;
++ }
++ crypto_drivers[hid].cc_unqblocked = 0;
++ }
++
++ crypto_all_kqblocked = !list_empty(&crp_kq);
++
++ /* As above, but for key ops */
++ krp = NULL;
++ list_for_each_entry(krpp, &crp_kq, krp_next) {
++ cap = crypto_checkdriver(krpp->krp_hid);
++ if (cap == NULL || cap->cc_dev == NULL) {
++ /*
++ * Operation needs to be migrated, invalidate
++ * the assigned device so it will reselect a
++ * new one below. Propagate the original
++ * crid selection flags if supplied.
++ */
++ krp->krp_hid = krp->krp_crid &
++ (CRYPTOCAP_F_SOFTWARE|CRYPTOCAP_F_HARDWARE);
++ if (krp->krp_hid == 0)
++ krp->krp_hid =
++ CRYPTOCAP_F_SOFTWARE|CRYPTOCAP_F_HARDWARE;
++ break;
++ }
++ if (!cap->cc_kqblocked) {
++ krp = krpp;
++ break;
++ }
++ }
++ if (krp != NULL) {
++ crypto_all_kqblocked = 0;
++ list_del(&krp->krp_next);
++ crypto_drivers[krp->krp_hid].cc_kqblocked = 1;
++ CRYPTO_Q_UNLOCK();
++ result = crypto_kinvoke(krp, krp->krp_hid);
++ CRYPTO_Q_LOCK();
++ if (result == ERESTART) {
++ /*
++ * The driver ran out of resources, mark the
++ * driver ``blocked'' for cryptkop's and put
++ * the request back in the queue. It would
++ * best to put the request back where we got
++ * it but that's hard so for now we put it
++ * at the front. This should be ok; putting
++ * it at the end does not work.
++ */
++ /* XXX validate sid again? */
++ list_add(&krp->krp_next, &crp_kq);
++ cryptostats.cs_kblocks++;
++ } else
++ crypto_drivers[krp->krp_hid].cc_kqblocked = 0;
++ }
++
++ if (submit == NULL && krp == NULL) {
++ /*
++ * Nothing more to be processed. Sleep until we're
++ * woken because there are more ops to process.
++ * This happens either by submission or by a driver
++ * becoming unblocked and notifying us through
++ * crypto_unblock. Note that when we wakeup we
++ * start processing each queue again from the
++ * front. It's not clear that it's important to
++ * preserve this ordering since ops may finish
++ * out of order if dispatched to different devices
++ * and some become blocked while others do not.
++ */
++ dprintk("%s - sleeping (qe=%d qb=%d kqe=%d kqb=%d)\n",
++ __FUNCTION__,
++ list_empty(&crp_q), crypto_all_qblocked,
++ list_empty(&crp_kq), crypto_all_kqblocked);
++ loopcount = 0;
++ CRYPTO_Q_UNLOCK();
++ crp_sleep = 1;
++ wait_event_interruptible(cryptoproc_wait,
++ !(list_empty(&crp_q) || crypto_all_qblocked) ||
++ !(list_empty(&crp_kq) || crypto_all_kqblocked) ||
++ cryptoproc == (pid_t) -1);
++ crp_sleep = 0;
++ if (signal_pending (current)) {
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
++ spin_lock_irq(¤t->sigmask_lock);
++#endif
++ flush_signals(current);
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
++ spin_unlock_irq(¤t->sigmask_lock);
++#endif
++ }
++ CRYPTO_Q_LOCK();
++ dprintk("%s - awake\n", __FUNCTION__);
++ if (cryptoproc == (pid_t) -1)
++ break;
++ cryptostats.cs_intrs++;
++ } else if (loopcount > crypto_max_loopcount) {
++ /*
++ * Give other processes a chance to run if we've
++ * been using the CPU exclusively for a while.
++ */
++ loopcount = 0;
++ schedule();
++ }
++ loopcount++;
++ }
++ CRYPTO_Q_UNLOCK();
++ complete_and_exit(&cryptoproc_exited, 0);
++}
++
++/*
++ * Crypto returns thread, does callbacks for processed crypto requests.
++ * Callbacks are done here, rather than in the crypto drivers, because
++ * callbacks typically are expensive and would slow interrupt handling.
++ */
++static int
++crypto_ret_proc(void *arg)
++{
++ struct cryptop *crpt;
++ struct cryptkop *krpt;
++ unsigned long r_flags;
++
++ ocf_daemonize("crypto_ret");
++
++ CRYPTO_RETQ_LOCK();
++ for (;;) {
++ /* Harvest return q's for completed ops */
++ crpt = NULL;
++ if (!list_empty(&crp_ret_q))
++ crpt = list_entry(crp_ret_q.next, typeof(*crpt), crp_next);
++ if (crpt != NULL)
++ list_del(&crpt->crp_next);
++
++ krpt = NULL;
++ if (!list_empty(&crp_ret_kq))
++ krpt = list_entry(crp_ret_kq.next, typeof(*krpt), krp_next);
++ if (krpt != NULL)
++ list_del(&krpt->krp_next);
++
++ if (crpt != NULL || krpt != NULL) {
++ CRYPTO_RETQ_UNLOCK();
++ /*
++ * Run callbacks unlocked.
++ */
++ if (crpt != NULL)
++ crpt->crp_callback(crpt);
++ if (krpt != NULL)
++ krpt->krp_callback(krpt);
++ CRYPTO_RETQ_LOCK();
++ } else {
++ /*
++ * Nothing more to be processed. Sleep until we're
++ * woken because there are more returns to process.
++ */
++ dprintk("%s - sleeping\n", __FUNCTION__);
++ CRYPTO_RETQ_UNLOCK();
++ wait_event_interruptible(cryptoretproc_wait,
++ cryptoretproc == (pid_t) -1 ||
++ !list_empty(&crp_ret_q) ||
++ !list_empty(&crp_ret_kq));
++ if (signal_pending (current)) {
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
++ spin_lock_irq(¤t->sigmask_lock);
++#endif
++ flush_signals(current);
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
++ spin_unlock_irq(¤t->sigmask_lock);
++#endif
++ }
++ CRYPTO_RETQ_LOCK();
++ dprintk("%s - awake\n", __FUNCTION__);
++ if (cryptoretproc == (pid_t) -1) {
++ dprintk("%s - EXITING!\n", __FUNCTION__);
++ break;
++ }
++ cryptostats.cs_rets++;
++ }
++ }
++ CRYPTO_RETQ_UNLOCK();
++ complete_and_exit(&cryptoretproc_exited, 0);
++}
++
++
++#if 0 /* should put this into /proc or something */
++static void
++db_show_drivers(void)
++{
++ int hid;
++
++ db_printf("%12s %4s %4s %8s %2s %2s\n"
++ , "Device"
++ , "Ses"
++ , "Kops"
++ , "Flags"
++ , "QB"
++ , "KB"
++ );
++ for (hid = 0; hid < crypto_drivers_num; hid++) {
++ const struct cryptocap *cap = &crypto_drivers[hid];
++ if (cap->cc_dev == NULL)
++ continue;
++ db_printf("%-12s %4u %4u %08x %2u %2u\n"
++ , device_get_nameunit(cap->cc_dev)
++ , cap->cc_sessions
++ , cap->cc_koperations
++ , cap->cc_flags
++ , cap->cc_qblocked
++ , cap->cc_kqblocked
++ );
++ }
++}
++
++DB_SHOW_COMMAND(crypto, db_show_crypto)
++{
++ struct cryptop *crp;
++
++ db_show_drivers();
++ db_printf("\n");
++
++ db_printf("%4s %8s %4s %4s %4s %4s %8s %8s\n",
++ "HID", "Caps", "Ilen", "Olen", "Etype", "Flags",
++ "Desc", "Callback");
++ TAILQ_FOREACH(crp, &crp_q, crp_next) {
++ db_printf("%4u %08x %4u %4u %4u %04x %8p %8p\n"
++ , (int) CRYPTO_SESID2HID(crp->crp_sid)
++ , (int) CRYPTO_SESID2CAPS(crp->crp_sid)
++ , crp->crp_ilen, crp->crp_olen
++ , crp->crp_etype
++ , crp->crp_flags
++ , crp->crp_desc
++ , crp->crp_callback
++ );
++ }
++ if (!TAILQ_EMPTY(&crp_ret_q)) {
++ db_printf("\n%4s %4s %4s %8s\n",
++ "HID", "Etype", "Flags", "Callback");
++ TAILQ_FOREACH(crp, &crp_ret_q, crp_next) {
++ db_printf("%4u %4u %04x %8p\n"
++ , (int) CRYPTO_SESID2HID(crp->crp_sid)
++ , crp->crp_etype
++ , crp->crp_flags
++ , crp->crp_callback
++ );
++ }
++ }
++}
++
++DB_SHOW_COMMAND(kcrypto, db_show_kcrypto)
++{
++ struct cryptkop *krp;
++
++ db_show_drivers();
++ db_printf("\n");
++
++ db_printf("%4s %5s %4s %4s %8s %4s %8s\n",
++ "Op", "Status", "#IP", "#OP", "CRID", "HID", "Callback");
++ TAILQ_FOREACH(krp, &crp_kq, krp_next) {
++ db_printf("%4u %5u %4u %4u %08x %4u %8p\n"
++ , krp->krp_op
++ , krp->krp_status
++ , krp->krp_iparams, krp->krp_oparams
++ , krp->krp_crid, krp->krp_hid
++ , krp->krp_callback
++ );
++ }
++ if (!TAILQ_EMPTY(&crp_ret_q)) {
++ db_printf("%4s %5s %8s %4s %8s\n",
++ "Op", "Status", "CRID", "HID", "Callback");
++ TAILQ_FOREACH(krp, &crp_ret_kq, krp_next) {
++ db_printf("%4u %5u %08x %4u %8p\n"
++ , krp->krp_op
++ , krp->krp_status
++ , krp->krp_crid, krp->krp_hid
++ , krp->krp_callback
++ );
++ }
++ }
++}
++#endif
++
++
++static int
++crypto_init(void)
++{
++ int error;
++
++ dprintk("%s(%p)\n", __FUNCTION__, (void *) crypto_init);
++
++ if (crypto_initted)
++ return 0;
++ crypto_initted = 1;
++
++ spin_lock_init(&crypto_drivers_lock);
++ spin_lock_init(&crypto_q_lock);
++ spin_lock_init(&crypto_ret_q_lock);
++
++ cryptop_zone = kmem_cache_create("cryptop", sizeof(struct cryptop),
++ 0, SLAB_HWCACHE_ALIGN, NULL
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
++ , NULL
++#endif
++ );
++
++ cryptodesc_zone = kmem_cache_create("cryptodesc", sizeof(struct cryptodesc),
++ 0, SLAB_HWCACHE_ALIGN, NULL
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
++ , NULL
++#endif
++ );
++
++ if (cryptodesc_zone == NULL || cryptop_zone == NULL) {
++ printk("crypto: crypto_init cannot setup crypto zones\n");
++ error = ENOMEM;
++ goto bad;
++ }
++
++ crypto_drivers_num = CRYPTO_DRIVERS_INITIAL;
++ crypto_drivers = kmalloc(crypto_drivers_num * sizeof(struct cryptocap),
++ GFP_KERNEL);
++ if (crypto_drivers == NULL) {
++ printk("crypto: crypto_init cannot setup crypto drivers\n");
++ error = ENOMEM;
++ goto bad;
++ }
++
++ memset(crypto_drivers, 0, crypto_drivers_num * sizeof(struct cryptocap));
++
++ init_completion(&cryptoproc_exited);
++ init_completion(&cryptoretproc_exited);
++
++ cryptoproc = 0; /* to avoid race condition where proc runs first */
++ cryptoproc = kernel_thread(crypto_proc, NULL, CLONE_FS|CLONE_FILES);
++ if (cryptoproc < 0) {
++ error = cryptoproc;
++ printk("crypto: crypto_init cannot start crypto thread; error %d",
++ error);
++ goto bad;
++ }
++
++ cryptoretproc = 0; /* to avoid race condition where proc runs first */
++ cryptoretproc = kernel_thread(crypto_ret_proc, NULL, CLONE_FS|CLONE_FILES);
++ if (cryptoretproc < 0) {
++ error = cryptoretproc;
++ printk("crypto: crypto_init cannot start cryptoret thread; error %d",
++ error);
++ goto bad;
++ }
++
++ return 0;
++bad:
++ crypto_exit();
++ return error;
++}
++
++
++static void
++crypto_exit(void)
++{
++ pid_t p;
++ unsigned long d_flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ /*
++ * Terminate any crypto threads.
++ */
++
++ CRYPTO_DRIVER_LOCK();
++ p = cryptoproc;
++ cryptoproc = (pid_t) -1;
++ kill_proc(p, SIGTERM, 1);
++ wake_up_interruptible(&cryptoproc_wait);
++ CRYPTO_DRIVER_UNLOCK();
++
++ wait_for_completion(&cryptoproc_exited);
++
++ CRYPTO_DRIVER_LOCK();
++ p = cryptoretproc;
++ cryptoretproc = (pid_t) -1;
++ kill_proc(p, SIGTERM, 1);
++ wake_up_interruptible(&cryptoretproc_wait);
++ CRYPTO_DRIVER_UNLOCK();
++
++ wait_for_completion(&cryptoretproc_exited);
++
++ /* XXX flush queues??? */
++
++ /*
++ * Reclaim dynamically allocated resources.
++ */
++ if (crypto_drivers != NULL)
++ kfree(crypto_drivers);
++
++ if (cryptodesc_zone != NULL)
++ kmem_cache_destroy(cryptodesc_zone);
++ if (cryptop_zone != NULL)
++ kmem_cache_destroy(cryptop_zone);
++}
++
++
++EXPORT_SYMBOL(crypto_newsession);
++EXPORT_SYMBOL(crypto_freesession);
++EXPORT_SYMBOL(crypto_get_driverid);
++EXPORT_SYMBOL(crypto_kregister);
++EXPORT_SYMBOL(crypto_register);
++EXPORT_SYMBOL(crypto_unregister);
++EXPORT_SYMBOL(crypto_unregister_all);
++EXPORT_SYMBOL(crypto_unblock);
++EXPORT_SYMBOL(crypto_dispatch);
++EXPORT_SYMBOL(crypto_kdispatch);
++EXPORT_SYMBOL(crypto_freereq);
++EXPORT_SYMBOL(crypto_getreq);
++EXPORT_SYMBOL(crypto_done);
++EXPORT_SYMBOL(crypto_kdone);
++EXPORT_SYMBOL(crypto_getfeat);
++EXPORT_SYMBOL(crypto_userasymcrypto);
++EXPORT_SYMBOL(crypto_getcaps);
++EXPORT_SYMBOL(crypto_find_driver);
++EXPORT_SYMBOL(crypto_find_device_byhid);
++
++module_init(crypto_init);
++module_exit(crypto_exit);
++
++MODULE_LICENSE("BSD");
++MODULE_AUTHOR("David McCullough <david_mccullough at mcafee.com>");
++MODULE_DESCRIPTION("OCF (OpenBSD Cryptographic Framework)");
+diff --git a/crypto/ocf/cryptocteon/Makefile b/crypto/ocf/cryptocteon/Makefile
+new file mode 100644
+index 0000000..eeed0d6
+--- /dev/null
++++ b/crypto/ocf/cryptocteon/Makefile
+@@ -0,0 +1,17 @@
++# for SGlinux builds
++-include $(ROOTDIR)/modules/.config
++
++obj-$(CONFIG_OCF_CRYPTOCTEON) += cryptocteon.o
++
++obj ?= .
++EXTRA_CFLAGS += -I$(obj)/.. -I$(obj)/
++
++ifdef CONFIG_OCF_CRYPTOCTEON
++# you need the cavium crypto component installed
++EXTRA_CFLAGS += -I$(ROOTDIR)/prop/include
++endif
++
++ifdef TOPDIR
++-include $(TOPDIR)/Rules.make
++endif
++
+diff --git a/crypto/ocf/cryptocteon/cavium_crypto.c b/crypto/ocf/cryptocteon/cavium_crypto.c
+new file mode 100644
+index 0000000..ceaf77c
+--- /dev/null
++++ b/crypto/ocf/cryptocteon/cavium_crypto.c
+@@ -0,0 +1,2283 @@
++/*
++ * Copyright (c) 2009 David McCullough <david.mccullough at securecomputing.com>
++ *
++ * Copyright (c) 2003-2007 Cavium Networks (support at cavium.com). All rights
++ * reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions are met:
++ * 1. Redistributions of source code must retain the above copyright notice,
++ * this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright notice,
++ * this list of conditions and the following disclaimer in the documentation
++ * and/or other materials provided with the distribution.
++ * 3. All advertising materials mentioning features or use of this software
++ * must display the following acknowledgement:
++ * This product includes software developed by Cavium Networks
++ * 4. Cavium Networks' name may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ * This Software, including technical data, may be subject to U.S. export
++ * control laws, including the U.S. Export Administration Act and its
++ * associated regulations, and may be subject to export or import regulations
++ * in other countries. You warrant that You will comply strictly in all
++ * respects with all such regulations and acknowledge that you have the
++ * responsibility to obtain licenses to export, re-export or import the
++ * Software.
++ *
++ * TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE SOFTWARE IS PROVIDED "AS IS" AND
++ * WITH ALL FAULTS AND CAVIUM MAKES NO PROMISES, REPRESENTATIONS OR WARRANTIES,
++ * EITHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, WITH RESPECT TO THE
++ * SOFTWARE, INCLUDING ITS CONDITION, ITS CONFORMITY TO ANY REPRESENTATION OR
++ * DESCRIPTION, OR THE EXISTENCE OF ANY LATENT OR PATENT DEFECTS, AND CAVIUM
++ * SPECIFICALLY DISCLAIMS ALL IMPLIED (IF ANY) WARRANTIES OF TITLE,
++ * MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR A PARTICULAR PURPOSE, LACK OF
++ * VIRUSES, ACCURACY OR COMPLETENESS, QUIET ENJOYMENT, QUIET POSSESSION OR
++ * CORRESPONDENCE TO DESCRIPTION. THE ENTIRE RISK ARISING OUT OF USE OR
++ * PERFORMANCE OF THE SOFTWARE LIES WITH YOU.
++*/
++/****************************************************************************/
++
++#include <linux/scatterlist.h>
++#include <asm/octeon/octeon.h>
++#include "octeon-asm.h"
++
++/****************************************************************************/
++
++extern unsigned long octeon_crypto_enable(struct octeon_cop2_state *);
++extern void octeon_crypto_disable(struct octeon_cop2_state *, unsigned long);
++
++#define SG_INIT(s, p, i, l) \
++ { \
++ (i) = 0; \
++ (l) = (s)[0].length; \
++ (p) = (typeof(p)) sg_virt((s)); \
++ CVMX_PREFETCH0((p)); \
++ }
++
++#define SG_CONSUME(s, p, i, l) \
++ { \
++ (p)++; \
++ (l) -= sizeof(*(p)); \
++ if ((l) < 0) { \
++ dprintk("%s, %d: l = %d\n", __FILE__, __LINE__, l); \
++ } else if ((l) == 0) { \
++ (i)++; \
++ (l) = (s)[0].length; \
++ (p) = (typeof(p)) sg_virt(s); \
++ CVMX_PREFETCH0((p)); \
++ } \
++ }
++
++#define ESP_HEADER_LENGTH 8
++#define DES_CBC_IV_LENGTH 8
++#define AES_CBC_IV_LENGTH 16
++#define ESP_HMAC_LEN 12
++
++#define ESP_HEADER_LENGTH 8
++#define DES_CBC_IV_LENGTH 8
++
++/****************************************************************************/
++
++#define CVM_LOAD_SHA_UNIT(dat, next) { \
++ if (next == 0) { \
++ next = 1; \
++ CVMX_MT_HSH_DAT (dat, 0); \
++ } else if (next == 1) { \
++ next = 2; \
++ CVMX_MT_HSH_DAT (dat, 1); \
++ } else if (next == 2) { \
++ next = 3; \
++ CVMX_MT_HSH_DAT (dat, 2); \
++ } else if (next == 3) { \
++ next = 4; \
++ CVMX_MT_HSH_DAT (dat, 3); \
++ } else if (next == 4) { \
++ next = 5; \
++ CVMX_MT_HSH_DAT (dat, 4); \
++ } else if (next == 5) { \
++ next = 6; \
++ CVMX_MT_HSH_DAT (dat, 5); \
++ } else if (next == 6) { \
++ next = 7; \
++ CVMX_MT_HSH_DAT (dat, 6); \
++ } else { \
++ CVMX_MT_HSH_STARTSHA (dat); \
++ next = 0; \
++ } \
++}
++
++#define CVM_LOAD2_SHA_UNIT(dat1, dat2, next) { \
++ if (next == 0) { \
++ CVMX_MT_HSH_DAT (dat1, 0); \
++ CVMX_MT_HSH_DAT (dat2, 1); \
++ next = 2; \
++ } else if (next == 1) { \
++ CVMX_MT_HSH_DAT (dat1, 1); \
++ CVMX_MT_HSH_DAT (dat2, 2); \
++ next = 3; \
++ } else if (next == 2) { \
++ CVMX_MT_HSH_DAT (dat1, 2); \
++ CVMX_MT_HSH_DAT (dat2, 3); \
++ next = 4; \
++ } else if (next == 3) { \
++ CVMX_MT_HSH_DAT (dat1, 3); \
++ CVMX_MT_HSH_DAT (dat2, 4); \
++ next = 5; \
++ } else if (next == 4) { \
++ CVMX_MT_HSH_DAT (dat1, 4); \
++ CVMX_MT_HSH_DAT (dat2, 5); \
++ next = 6; \
++ } else if (next == 5) { \
++ CVMX_MT_HSH_DAT (dat1, 5); \
++ CVMX_MT_HSH_DAT (dat2, 6); \
++ next = 7; \
++ } else if (next == 6) { \
++ CVMX_MT_HSH_DAT (dat1, 6); \
++ CVMX_MT_HSH_STARTSHA (dat2); \
++ next = 0; \
++ } else { \
++ CVMX_MT_HSH_STARTSHA (dat1); \
++ CVMX_MT_HSH_DAT (dat2, 0); \
++ next = 1; \
++ } \
++}
++
++/****************************************************************************/
++
++#define CVM_LOAD_MD5_UNIT(dat, next) { \
++ if (next == 0) { \
++ next = 1; \
++ CVMX_MT_HSH_DAT (dat, 0); \
++ } else if (next == 1) { \
++ next = 2; \
++ CVMX_MT_HSH_DAT (dat, 1); \
++ } else if (next == 2) { \
++ next = 3; \
++ CVMX_MT_HSH_DAT (dat, 2); \
++ } else if (next == 3) { \
++ next = 4; \
++ CVMX_MT_HSH_DAT (dat, 3); \
++ } else if (next == 4) { \
++ next = 5; \
++ CVMX_MT_HSH_DAT (dat, 4); \
++ } else if (next == 5) { \
++ next = 6; \
++ CVMX_MT_HSH_DAT (dat, 5); \
++ } else if (next == 6) { \
++ next = 7; \
++ CVMX_MT_HSH_DAT (dat, 6); \
++ } else { \
++ CVMX_MT_HSH_STARTMD5 (dat); \
++ next = 0; \
++ } \
++}
++
++#define CVM_LOAD2_MD5_UNIT(dat1, dat2, next) { \
++ if (next == 0) { \
++ CVMX_MT_HSH_DAT (dat1, 0); \
++ CVMX_MT_HSH_DAT (dat2, 1); \
++ next = 2; \
++ } else if (next == 1) { \
++ CVMX_MT_HSH_DAT (dat1, 1); \
++ CVMX_MT_HSH_DAT (dat2, 2); \
++ next = 3; \
++ } else if (next == 2) { \
++ CVMX_MT_HSH_DAT (dat1, 2); \
++ CVMX_MT_HSH_DAT (dat2, 3); \
++ next = 4; \
++ } else if (next == 3) { \
++ CVMX_MT_HSH_DAT (dat1, 3); \
++ CVMX_MT_HSH_DAT (dat2, 4); \
++ next = 5; \
++ } else if (next == 4) { \
++ CVMX_MT_HSH_DAT (dat1, 4); \
++ CVMX_MT_HSH_DAT (dat2, 5); \
++ next = 6; \
++ } else if (next == 5) { \
++ CVMX_MT_HSH_DAT (dat1, 5); \
++ CVMX_MT_HSH_DAT (dat2, 6); \
++ next = 7; \
++ } else if (next == 6) { \
++ CVMX_MT_HSH_DAT (dat1, 6); \
++ CVMX_MT_HSH_STARTMD5 (dat2); \
++ next = 0; \
++ } else { \
++ CVMX_MT_HSH_STARTMD5 (dat1); \
++ CVMX_MT_HSH_DAT (dat2, 0); \
++ next = 1; \
++ } \
++}
++
++/****************************************************************************/
++
++static inline uint64_t
++swap64(uint64_t a)
++{
++ return ((a >> 56) |
++ (((a >> 48) & 0xfful) << 8) |
++ (((a >> 40) & 0xfful) << 16) |
++ (((a >> 32) & 0xfful) << 24) |
++ (((a >> 24) & 0xfful) << 32) |
++ (((a >> 16) & 0xfful) << 40) |
++ (((a >> 8) & 0xfful) << 48) | (((a >> 0) & 0xfful) << 56));
++}
++
++/****************************************************************************/
++
++void
++octo_calc_hash(__u8 auth, unsigned char *key, uint64_t *inner, uint64_t *outer)
++{
++ uint8_t hash_key[64];
++ uint64_t *key1;
++ register uint64_t xor1 = 0x3636363636363636ULL;
++ register uint64_t xor2 = 0x5c5c5c5c5c5c5c5cULL;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ memset(hash_key, 0, sizeof(hash_key));
++ memcpy(hash_key, (uint8_t *) key, (auth ? 20 : 16));
++ key1 = (uint64_t *) hash_key;
++ flags = octeon_crypto_enable(&state);
++ if (auth) {
++ CVMX_MT_HSH_IV(0x67452301EFCDAB89ULL, 0);
++ CVMX_MT_HSH_IV(0x98BADCFE10325476ULL, 1);
++ CVMX_MT_HSH_IV(0xC3D2E1F000000000ULL, 2);
++ } else {
++ CVMX_MT_HSH_IV(0x0123456789ABCDEFULL, 0);
++ CVMX_MT_HSH_IV(0xFEDCBA9876543210ULL, 1);
++ }
++
++ CVMX_MT_HSH_DAT((*key1 ^ xor1), 0);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor1), 1);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor1), 2);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor1), 3);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor1), 4);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor1), 5);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor1), 6);
++ key1++;
++ if (auth)
++ CVMX_MT_HSH_STARTSHA((*key1 ^ xor1));
++ else
++ CVMX_MT_HSH_STARTMD5((*key1 ^ xor1));
++
++ CVMX_MF_HSH_IV(inner[0], 0);
++ CVMX_MF_HSH_IV(inner[1], 1);
++ if (auth) {
++ inner[2] = 0;
++ CVMX_MF_HSH_IV(((uint64_t *) inner)[2], 2);
++ }
++
++ memset(hash_key, 0, sizeof(hash_key));
++ memcpy(hash_key, (uint8_t *) key, (auth ? 20 : 16));
++ key1 = (uint64_t *) hash_key;
++ if (auth) {
++ CVMX_MT_HSH_IV(0x67452301EFCDAB89ULL, 0);
++ CVMX_MT_HSH_IV(0x98BADCFE10325476ULL, 1);
++ CVMX_MT_HSH_IV(0xC3D2E1F000000000ULL, 2);
++ } else {
++ CVMX_MT_HSH_IV(0x0123456789ABCDEFULL, 0);
++ CVMX_MT_HSH_IV(0xFEDCBA9876543210ULL, 1);
++ }
++
++ CVMX_MT_HSH_DAT((*key1 ^ xor2), 0);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor2), 1);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor2), 2);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor2), 3);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor2), 4);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor2), 5);
++ key1++;
++ CVMX_MT_HSH_DAT((*key1 ^ xor2), 6);
++ key1++;
++ if (auth)
++ CVMX_MT_HSH_STARTSHA((*key1 ^ xor2));
++ else
++ CVMX_MT_HSH_STARTMD5((*key1 ^ xor2));
++
++ CVMX_MF_HSH_IV(outer[0], 0);
++ CVMX_MF_HSH_IV(outer[1], 1);
++ if (auth) {
++ outer[2] = 0;
++ CVMX_MF_HSH_IV(outer[2], 2);
++ }
++ octeon_crypto_disable(&state, flags);
++ return;
++}
++
++/****************************************************************************/
++/* DES functions */
++
++int
++octo_des_cbc_encrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ uint64_t *data;
++ int data_i, data_l;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x7) || (crypt_off + crypt_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load 3DES Key */
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ if (od->octo_encklen == 24) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ } else if (od->octo_encklen == 8) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 2);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++
++ CVMX_MT_3DES_IV(* (uint64_t *) ivp);
++
++ while (crypt_off > 0) {
++ SG_CONSUME(sg, data, data_i, data_l);
++ crypt_off -= 8;
++ }
++
++ while (crypt_len > 0) {
++ CVMX_MT_3DES_ENC_CBC(*data);
++ CVMX_MF_3DES_RESULT(*data);
++ SG_CONSUME(sg, data, data_i, data_l);
++ crypt_len -= 8;
++ }
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++
++int
++octo_des_cbc_decrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ uint64_t *data;
++ int data_i, data_l;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x7) || (crypt_off + crypt_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load 3DES Key */
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ if (od->octo_encklen == 24) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ } else if (od->octo_encklen == 8) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 2);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++
++ CVMX_MT_3DES_IV(* (uint64_t *) ivp);
++
++ while (crypt_off > 0) {
++ SG_CONSUME(sg, data, data_i, data_l);
++ crypt_off -= 8;
++ }
++
++ while (crypt_len > 0) {
++ CVMX_MT_3DES_DEC_CBC(*data);
++ CVMX_MF_3DES_RESULT(*data);
++ SG_CONSUME(sg, data, data_i, data_l);
++ crypt_len -= 8;
++ }
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++/****************************************************************************/
++/* AES functions */
++
++int
++octo_aes_cbc_encrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ uint64_t *data, *pdata;
++ int data_i, data_l;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x7) || (crypt_off + crypt_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load AES Key */
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++
++ if (od->octo_encklen == 16) {
++ CVMX_MT_AES_KEY(0x0, 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 24) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 32) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[3], 3);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++ CVMX_MT_AES_KEYLENGTH(od->octo_encklen / 8 - 1);
++
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[0], 0);
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[1], 1);
++
++ while (crypt_off > 0) {
++ SG_CONSUME(sg, data, data_i, data_l);
++ crypt_off -= 8;
++ }
++
++ while (crypt_len > 0) {
++ pdata = data;
++ CVMX_MT_AES_ENC_CBC0(*data);
++ SG_CONSUME(sg, data, data_i, data_l);
++ CVMX_MT_AES_ENC_CBC1(*data);
++ CVMX_MF_AES_RESULT(*pdata, 0);
++ CVMX_MF_AES_RESULT(*data, 1);
++ SG_CONSUME(sg, data, data_i, data_l);
++ crypt_len -= 16;
++ }
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++
++int
++octo_aes_cbc_decrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ uint64_t *data, *pdata;
++ int data_i, data_l;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x7) || (crypt_off + crypt_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load AES Key */
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++
++ if (od->octo_encklen == 16) {
++ CVMX_MT_AES_KEY(0x0, 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 24) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 32) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[3], 3);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++ CVMX_MT_AES_KEYLENGTH(od->octo_encklen / 8 - 1);
++
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[0], 0);
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[1], 1);
++
++ while (crypt_off > 0) {
++ SG_CONSUME(sg, data, data_i, data_l);
++ crypt_off -= 8;
++ }
++
++ while (crypt_len > 0) {
++ pdata = data;
++ CVMX_MT_AES_DEC_CBC0(*data);
++ SG_CONSUME(sg, data, data_i, data_l);
++ CVMX_MT_AES_DEC_CBC1(*data);
++ CVMX_MF_AES_RESULT(*pdata, 0);
++ CVMX_MF_AES_RESULT(*data, 1);
++ SG_CONSUME(sg, data, data_i, data_l);
++ crypt_len -= 16;
++ }
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++/****************************************************************************/
++/* MD5 */
++
++int
++octo_null_md5_encrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ uint64_t *data;
++ uint64_t tmp1, tmp2;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 ||
++ (auth_off & 0x7) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data, data_i, data_l);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* Load MD5 IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++
++ while (auth_off > 0) {
++ SG_CONSUME(sg, data, data_i, data_l);
++ auth_off -= 8;
++ }
++
++ while (auth_len > 0) {
++ CVM_LOAD_MD5_UNIT(*data, next);
++ auth_len -= 8;
++ SG_CONSUME(sg, data, data_i, data_l);
++ }
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_MD5_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_MD5_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVMX_ES64(tmp1, ((alen + 64) << 3));
++ CVM_LOAD_MD5_UNIT(tmp1, next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ CVMX_MT_HSH_DAT(0x8000000000000000ULL, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_ES64(tmp1, ((64 + 16) << 3));
++ CVMX_MT_HSH_STARTMD5(tmp1);
++
++ /* save the HMAC */
++ SG_INIT(sg, data, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data, data_i, data_l);
++ icv_off -= 8;
++ }
++ CVMX_MF_HSH_IV(*data, 0);
++ SG_CONSUME(sg, data, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *(uint32_t *)data = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++/****************************************************************************/
++/* SHA1 */
++
++int
++octo_null_sha1_encrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ uint64_t *data;
++ uint64_t tmp1, tmp2, tmp3;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 ||
++ (auth_off & 0x7) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data, data_i, data_l);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* Load SHA1 IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hminner[2], 2);
++
++ while (auth_off > 0) {
++ SG_CONSUME(sg, data, data_i, data_l);
++ auth_off -= 8;
++ }
++
++ while (auth_len > 0) {
++ CVM_LOAD_SHA_UNIT(*data, next);
++ auth_len -= 8;
++ SG_CONSUME(sg, data, data_i, data_l);
++ }
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_MD5_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_SHA_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_SHA_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVM_LOAD_SHA_UNIT((uint64_t) ((alen + 64) << 3), next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++ tmp3 = 0;
++ CVMX_MF_HSH_IV(tmp3, 2);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hmouter[2], 2);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ tmp3 |= 0x0000000080000000;
++ CVMX_MT_HSH_DAT(tmp3, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_MT_HSH_STARTSHA((uint64_t) ((64 + 20) << 3));
++
++ /* save the HMAC */
++ SG_INIT(sg, data, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data, data_i, data_l);
++ icv_off -= 8;
++ }
++ CVMX_MF_HSH_IV(*data, 0);
++ SG_CONSUME(sg, data, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *(uint32_t *)data = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++/****************************************************************************/
++/* DES MD5 */
++
++int
++octo_des_cbc_md5_encrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ union {
++ uint32_t data32[2];
++ uint64_t data64[1];
++ } mydata;
++ uint64_t *data = &mydata.data64[0];
++ uint32_t *data32;
++ uint64_t tmp1, tmp2;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x3) || (crypt_off + crypt_len > sg_len) ||
++ (crypt_len & 0x7) ||
++ (auth_len & 0x7) ||
++ (auth_off & 0x3) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data32, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load 3DES Key */
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ if (od->octo_encklen == 24) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ } else if (od->octo_encklen == 8) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 2);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++
++ CVMX_MT_3DES_IV(* (uint64_t *) ivp);
++
++ /* Load MD5 IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++
++ while (crypt_off > 0 && auth_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ crypt_off -= 4;
++ auth_off -= 4;
++ }
++
++ while (crypt_len > 0 || auth_len > 0) {
++ uint32_t *first = data32;
++ mydata.data32[0] = *first;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata.data32[1] = *data32;
++ if (crypt_off <= 0) {
++ if (crypt_len > 0) {
++ CVMX_MT_3DES_ENC_CBC(*data);
++ CVMX_MF_3DES_RESULT(*data);
++ crypt_len -= 8;
++ }
++ } else
++ crypt_off -= 8;
++ if (auth_off <= 0) {
++ if (auth_len > 0) {
++ CVM_LOAD_MD5_UNIT(*data, next);
++ auth_len -= 8;
++ }
++ } else
++ auth_off -= 8;
++ *first = mydata.data32[0];
++ *data32 = mydata.data32[1];
++ SG_CONSUME(sg, data32, data_i, data_l);
++ }
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_MD5_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_MD5_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVMX_ES64(tmp1, ((alen + 64) << 3));
++ CVM_LOAD_MD5_UNIT(tmp1, next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ CVMX_MT_HSH_DAT(0x8000000000000000ULL, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_ES64(tmp1, ((64 + 16) << 3));
++ CVMX_MT_HSH_STARTMD5(tmp1);
++
++ /* save the HMAC */
++ SG_INIT(sg, data32, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ icv_off -= 4;
++ }
++ CVMX_MF_HSH_IV(tmp1, 0);
++ *data32 = (uint32_t) (tmp1 >> 32);
++ SG_CONSUME(sg, data32, data_i, data_l);
++ *data32 = (uint32_t) tmp1;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *data32 = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++int
++octo_des_cbc_md5_decrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ union {
++ uint32_t data32[2];
++ uint64_t data64[1];
++ } mydata;
++ uint64_t *data = &mydata.data64[0];
++ uint32_t *data32;
++ uint64_t tmp1, tmp2;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x3) || (crypt_off + crypt_len > sg_len) ||
++ (crypt_len & 0x7) ||
++ (auth_len & 0x7) ||
++ (auth_off & 0x3) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data32, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load 3DES Key */
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ if (od->octo_encklen == 24) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ } else if (od->octo_encklen == 8) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 2);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++
++ CVMX_MT_3DES_IV(* (uint64_t *) ivp);
++
++ /* Load MD5 IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++
++ while (crypt_off > 0 && auth_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ crypt_off -= 4;
++ auth_off -= 4;
++ }
++
++ while (crypt_len > 0 || auth_len > 0) {
++ uint32_t *first = data32;
++ mydata.data32[0] = *first;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata.data32[1] = *data32;
++ if (auth_off <= 0) {
++ if (auth_len > 0) {
++ CVM_LOAD_MD5_UNIT(*data, next);
++ auth_len -= 8;
++ }
++ } else
++ auth_off -= 8;
++ if (crypt_off <= 0) {
++ if (crypt_len > 0) {
++ CVMX_MT_3DES_DEC_CBC(*data);
++ CVMX_MF_3DES_RESULT(*data);
++ crypt_len -= 8;
++ }
++ } else
++ crypt_off -= 8;
++ *first = mydata.data32[0];
++ *data32 = mydata.data32[1];
++ SG_CONSUME(sg, data32, data_i, data_l);
++ }
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_MD5_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_MD5_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVMX_ES64(tmp1, ((alen + 64) << 3));
++ CVM_LOAD_MD5_UNIT(tmp1, next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ CVMX_MT_HSH_DAT(0x8000000000000000ULL, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_ES64(tmp1, ((64 + 16) << 3));
++ CVMX_MT_HSH_STARTMD5(tmp1);
++
++ /* save the HMAC */
++ SG_INIT(sg, data32, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ icv_off -= 4;
++ }
++ CVMX_MF_HSH_IV(tmp1, 0);
++ *data32 = (uint32_t) (tmp1 >> 32);
++ SG_CONSUME(sg, data32, data_i, data_l);
++ *data32 = (uint32_t) tmp1;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *data32 = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++/****************************************************************************/
++/* DES SHA */
++
++int
++octo_des_cbc_sha1_encrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ union {
++ uint32_t data32[2];
++ uint64_t data64[1];
++ } mydata;
++ uint64_t *data = &mydata.data64[0];
++ uint32_t *data32;
++ uint64_t tmp1, tmp2, tmp3;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x3) || (crypt_off + crypt_len > sg_len) ||
++ (crypt_len & 0x7) ||
++ (auth_len & 0x7) ||
++ (auth_off & 0x3) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data32, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load 3DES Key */
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ if (od->octo_encklen == 24) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ } else if (od->octo_encklen == 8) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 2);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++
++ CVMX_MT_3DES_IV(* (uint64_t *) ivp);
++
++ /* Load SHA1 IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hminner[2], 2);
++
++ while (crypt_off > 0 && auth_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ crypt_off -= 4;
++ auth_off -= 4;
++ }
++
++ while (crypt_len > 0 || auth_len > 0) {
++ uint32_t *first = data32;
++ mydata.data32[0] = *first;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata.data32[1] = *data32;
++ if (crypt_off <= 0) {
++ if (crypt_len > 0) {
++ CVMX_MT_3DES_ENC_CBC(*data);
++ CVMX_MF_3DES_RESULT(*data);
++ crypt_len -= 8;
++ }
++ } else
++ crypt_off -= 8;
++ if (auth_off <= 0) {
++ if (auth_len > 0) {
++ CVM_LOAD_SHA_UNIT(*data, next);
++ auth_len -= 8;
++ }
++ } else
++ auth_off -= 8;
++ *first = mydata.data32[0];
++ *data32 = mydata.data32[1];
++ SG_CONSUME(sg, data32, data_i, data_l);
++ }
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_SHA_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_SHA_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_SHA_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_SHA_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVM_LOAD_SHA_UNIT((uint64_t) ((alen + 64) << 3), next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++ tmp3 = 0;
++ CVMX_MF_HSH_IV(tmp3, 2);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hmouter[2], 2);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ tmp3 |= 0x0000000080000000;
++ CVMX_MT_HSH_DAT(tmp3, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_MT_HSH_STARTSHA((uint64_t) ((64 + 20) << 3));
++
++ /* save the HMAC */
++ SG_INIT(sg, data32, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ icv_off -= 4;
++ }
++ CVMX_MF_HSH_IV(tmp1, 0);
++ *data32 = (uint32_t) (tmp1 >> 32);
++ SG_CONSUME(sg, data32, data_i, data_l);
++ *data32 = (uint32_t) tmp1;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *data32 = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++int
++octo_des_cbc_sha1_decrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ union {
++ uint32_t data32[2];
++ uint64_t data64[1];
++ } mydata;
++ uint64_t *data = &mydata.data64[0];
++ uint32_t *data32;
++ uint64_t tmp1, tmp2, tmp3;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x3) || (crypt_off + crypt_len > sg_len) ||
++ (crypt_len & 0x7) ||
++ (auth_len & 0x7) ||
++ (auth_off & 0x3) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data32, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load 3DES Key */
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ if (od->octo_encklen == 24) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ } else if (od->octo_encklen == 8) {
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 1);
++ CVMX_MT_3DES_KEY(((uint64_t *) od->octo_enckey)[0], 2);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++
++ CVMX_MT_3DES_IV(* (uint64_t *) ivp);
++
++ /* Load SHA1 IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hminner[2], 2);
++
++ while (crypt_off > 0 && auth_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ crypt_off -= 4;
++ auth_off -= 4;
++ }
++
++ while (crypt_len > 0 || auth_len > 0) {
++ uint32_t *first = data32;
++ mydata.data32[0] = *first;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata.data32[1] = *data32;
++ if (auth_off <= 0) {
++ if (auth_len > 0) {
++ CVM_LOAD_SHA_UNIT(*data, next);
++ auth_len -= 8;
++ }
++ } else
++ auth_off -= 8;
++ if (crypt_off <= 0) {
++ if (crypt_len > 0) {
++ CVMX_MT_3DES_DEC_CBC(*data);
++ CVMX_MF_3DES_RESULT(*data);
++ crypt_len -= 8;
++ }
++ } else
++ crypt_off -= 8;
++ *first = mydata.data32[0];
++ *data32 = mydata.data32[1];
++ SG_CONSUME(sg, data32, data_i, data_l);
++ }
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_SHA_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_SHA_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_SHA_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_SHA_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVM_LOAD_SHA_UNIT((uint64_t) ((alen + 64) << 3), next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++ tmp3 = 0;
++ CVMX_MF_HSH_IV(tmp3, 2);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hmouter[2], 2);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ tmp3 |= 0x0000000080000000;
++ CVMX_MT_HSH_DAT(tmp3, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_MT_HSH_STARTSHA((uint64_t) ((64 + 20) << 3));
++ /* save the HMAC */
++ SG_INIT(sg, data32, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ icv_off -= 4;
++ }
++ CVMX_MF_HSH_IV(tmp1, 0);
++ *data32 = (uint32_t) (tmp1 >> 32);
++ SG_CONSUME(sg, data32, data_i, data_l);
++ *data32 = (uint32_t) tmp1;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *data32 = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++/****************************************************************************/
++/* AES MD5 */
++
++int
++octo_aes_cbc_md5_encrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ union {
++ uint32_t data32[2];
++ uint64_t data64[1];
++ } mydata[2];
++ uint64_t *pdata = &mydata[0].data64[0];
++ uint64_t *data = &mydata[1].data64[0];
++ uint32_t *data32;
++ uint64_t tmp1, tmp2;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x3) || (crypt_off + crypt_len > sg_len) ||
++ (crypt_len & 0x7) ||
++ (auth_len & 0x7) ||
++ (auth_off & 0x3) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data32, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load AES Key */
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++
++ if (od->octo_encklen == 16) {
++ CVMX_MT_AES_KEY(0x0, 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 24) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 32) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[3], 3);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++ CVMX_MT_AES_KEYLENGTH(od->octo_encklen / 8 - 1);
++
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[0], 0);
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[1], 1);
++
++ /* Load MD5 IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++
++ while (crypt_off > 0 && auth_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ crypt_off -= 4;
++ auth_off -= 4;
++ }
++
++ /* align auth and crypt */
++ while (crypt_off > 0 && auth_len > 0) {
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVM_LOAD_MD5_UNIT(*pdata, next);
++ crypt_off -= 8;
++ auth_len -= 8;
++ }
++
++ while (crypt_len > 0) {
++ uint32_t *pdata32[3];
++
++ pdata32[0] = data32;
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++
++ pdata32[1] = data32;
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++
++ pdata32[2] = data32;
++ mydata[1].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++
++ mydata[1].data32[1] = *data32;
++
++ CVMX_MT_AES_ENC_CBC0(*pdata);
++ CVMX_MT_AES_ENC_CBC1(*data);
++ CVMX_MF_AES_RESULT(*pdata, 0);
++ CVMX_MF_AES_RESULT(*data, 1);
++ crypt_len -= 16;
++
++ if (auth_len > 0) {
++ CVM_LOAD_MD5_UNIT(*pdata, next);
++ auth_len -= 8;
++ }
++ if (auth_len > 0) {
++ CVM_LOAD_MD5_UNIT(*data, next);
++ auth_len -= 8;
++ }
++
++ *pdata32[0] = mydata[0].data32[0];
++ *pdata32[1] = mydata[0].data32[1];
++ *pdata32[2] = mydata[1].data32[0];
++ *data32 = mydata[1].data32[1];
++
++ SG_CONSUME(sg, data32, data_i, data_l);
++ }
++
++ /* finish any left over hashing */
++ while (auth_len > 0) {
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVM_LOAD_MD5_UNIT(*pdata, next);
++ auth_len -= 8;
++ }
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_MD5_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_MD5_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVMX_ES64(tmp1, ((alen + 64) << 3));
++ CVM_LOAD_MD5_UNIT(tmp1, next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ CVMX_MT_HSH_DAT(0x8000000000000000ULL, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_ES64(tmp1, ((64 + 16) << 3));
++ CVMX_MT_HSH_STARTMD5(tmp1);
++
++ /* save the HMAC */
++ SG_INIT(sg, data32, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ icv_off -= 4;
++ }
++ CVMX_MF_HSH_IV(tmp1, 0);
++ *data32 = (uint32_t) (tmp1 >> 32);
++ SG_CONSUME(sg, data32, data_i, data_l);
++ *data32 = (uint32_t) tmp1;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *data32 = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++int
++octo_aes_cbc_md5_decrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ union {
++ uint32_t data32[2];
++ uint64_t data64[1];
++ } mydata[2];
++ uint64_t *pdata = &mydata[0].data64[0];
++ uint64_t *data = &mydata[1].data64[0];
++ uint32_t *data32;
++ uint64_t tmp1, tmp2;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x3) || (crypt_off + crypt_len > sg_len) ||
++ (crypt_len & 0x7) ||
++ (auth_len & 0x7) ||
++ (auth_off & 0x3) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data32, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load AES Key */
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++
++ if (od->octo_encklen == 16) {
++ CVMX_MT_AES_KEY(0x0, 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 24) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 32) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[3], 3);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++ CVMX_MT_AES_KEYLENGTH(od->octo_encklen / 8 - 1);
++
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[0], 0);
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[1], 1);
++
++ /* Load MD5 IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++
++ while (crypt_off > 0 && auth_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ crypt_off -= 4;
++ auth_off -= 4;
++ }
++
++ /* align auth and crypt */
++ while (crypt_off > 0 && auth_len > 0) {
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVM_LOAD_MD5_UNIT(*pdata, next);
++ crypt_off -= 8;
++ auth_len -= 8;
++ }
++
++ while (crypt_len > 0) {
++ uint32_t *pdata32[3];
++
++ pdata32[0] = data32;
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ pdata32[1] = data32;
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ pdata32[2] = data32;
++ mydata[1].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[1].data32[1] = *data32;
++
++ if (auth_len > 0) {
++ CVM_LOAD_MD5_UNIT(*pdata, next);
++ auth_len -= 8;
++ }
++
++ if (auth_len > 0) {
++ CVM_LOAD_MD5_UNIT(*data, next);
++ auth_len -= 8;
++ }
++
++ CVMX_MT_AES_DEC_CBC0(*pdata);
++ CVMX_MT_AES_DEC_CBC1(*data);
++ CVMX_MF_AES_RESULT(*pdata, 0);
++ CVMX_MF_AES_RESULT(*data, 1);
++ crypt_len -= 16;
++
++ *pdata32[0] = mydata[0].data32[0];
++ *pdata32[1] = mydata[0].data32[1];
++ *pdata32[2] = mydata[1].data32[0];
++ *data32 = mydata[1].data32[1];
++
++ SG_CONSUME(sg, data32, data_i, data_l);
++ }
++
++ /* finish left over hash if any */
++ while (auth_len > 0) {
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVM_LOAD_MD5_UNIT(*pdata, next);
++ auth_len -= 8;
++ }
++
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_MD5_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_MD5_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVMX_ES64(tmp1, ((alen + 64) << 3));
++ CVM_LOAD_MD5_UNIT(tmp1, next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ CVMX_MT_HSH_DAT(0x8000000000000000ULL, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_ES64(tmp1, ((64 + 16) << 3));
++ CVMX_MT_HSH_STARTMD5(tmp1);
++
++ /* save the HMAC */
++ SG_INIT(sg, data32, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ icv_off -= 4;
++ }
++ CVMX_MF_HSH_IV(tmp1, 0);
++ *data32 = (uint32_t) (tmp1 >> 32);
++ SG_CONSUME(sg, data32, data_i, data_l);
++ *data32 = (uint32_t) tmp1;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *data32 = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++/****************************************************************************/
++/* AES SHA1 */
++
++int
++octo_aes_cbc_sha1_encrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ union {
++ uint32_t data32[2];
++ uint64_t data64[1];
++ } mydata[2];
++ uint64_t *pdata = &mydata[0].data64[0];
++ uint64_t *data = &mydata[1].data64[0];
++ uint32_t *data32;
++ uint64_t tmp1, tmp2, tmp3;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s(a_off=%d a_len=%d c_off=%d c_len=%d icv_off=%d)\n",
++ __FUNCTION__, auth_off, auth_len, crypt_off, crypt_len, icv_off);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x3) || (crypt_off + crypt_len > sg_len) ||
++ (crypt_len & 0x7) ||
++ (auth_len & 0x7) ||
++ (auth_off & 0x3) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data32, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load AES Key */
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++
++ if (od->octo_encklen == 16) {
++ CVMX_MT_AES_KEY(0x0, 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 24) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 32) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[3], 3);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++ CVMX_MT_AES_KEYLENGTH(od->octo_encklen / 8 - 1);
++
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[0], 0);
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[1], 1);
++
++ /* Load SHA IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hminner[2], 2);
++
++ while (crypt_off > 0 && auth_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ crypt_off -= 4;
++ auth_off -= 4;
++ }
++
++ /* align auth and crypt */
++ while (crypt_off > 0 && auth_len > 0) {
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVM_LOAD_SHA_UNIT(*pdata, next);
++ crypt_off -= 8;
++ auth_len -= 8;
++ }
++
++ while (crypt_len > 0) {
++ uint32_t *pdata32[3];
++
++ pdata32[0] = data32;
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ pdata32[1] = data32;
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ pdata32[2] = data32;
++ mydata[1].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[1].data32[1] = *data32;
++
++ CVMX_MT_AES_ENC_CBC0(*pdata);
++ CVMX_MT_AES_ENC_CBC1(*data);
++ CVMX_MF_AES_RESULT(*pdata, 0);
++ CVMX_MF_AES_RESULT(*data, 1);
++ crypt_len -= 16;
++
++ if (auth_len > 0) {
++ CVM_LOAD_SHA_UNIT(*pdata, next);
++ auth_len -= 8;
++ }
++ if (auth_len > 0) {
++ CVM_LOAD_SHA_UNIT(*data, next);
++ auth_len -= 8;
++ }
++
++ *pdata32[0] = mydata[0].data32[0];
++ *pdata32[1] = mydata[0].data32[1];
++ *pdata32[2] = mydata[1].data32[0];
++ *data32 = mydata[1].data32[1];
++
++ SG_CONSUME(sg, data32, data_i, data_l);
++ }
++
++ /* finish and hashing */
++ while (auth_len > 0) {
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVM_LOAD_SHA_UNIT(*pdata, next);
++ auth_len -= 8;
++ }
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_SHA_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_SHA_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_SHA_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_SHA_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVM_LOAD_SHA_UNIT((uint64_t) ((alen + 64) << 3), next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++ tmp3 = 0;
++ CVMX_MF_HSH_IV(tmp3, 2);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hmouter[2], 2);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ tmp3 |= 0x0000000080000000;
++ CVMX_MT_HSH_DAT(tmp3, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_MT_HSH_STARTSHA((uint64_t) ((64 + 20) << 3));
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_MD5_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* save the HMAC */
++ SG_INIT(sg, data32, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ icv_off -= 4;
++ }
++ CVMX_MF_HSH_IV(tmp1, 0);
++ *data32 = (uint32_t) (tmp1 >> 32);
++ SG_CONSUME(sg, data32, data_i, data_l);
++ *data32 = (uint32_t) tmp1;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *data32 = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++int
++octo_aes_cbc_sha1_decrypt(
++ struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp)
++{
++ register int next = 0;
++ union {
++ uint32_t data32[2];
++ uint64_t data64[1];
++ } mydata[2];
++ uint64_t *pdata = &mydata[0].data64[0];
++ uint64_t *data = &mydata[1].data64[0];
++ uint32_t *data32;
++ uint64_t tmp1, tmp2, tmp3;
++ int data_i, data_l, alen = auth_len;
++ struct octeon_cop2_state state;
++ unsigned long flags;
++
++ dprintk("%s(a_off=%d a_len=%d c_off=%d c_len=%d icv_off=%d)\n",
++ __FUNCTION__, auth_off, auth_len, crypt_off, crypt_len, icv_off);
++
++ if (unlikely(od == NULL || sg==NULL || sg_len==0 || ivp==NULL ||
++ (crypt_off & 0x3) || (crypt_off + crypt_len > sg_len) ||
++ (crypt_len & 0x7) ||
++ (auth_len & 0x7) ||
++ (auth_off & 0x3) || (auth_off + auth_len > sg_len))) {
++ dprintk("%s: Bad parameters od=%p sg=%p sg_len=%d "
++ "auth_off=%d auth_len=%d crypt_off=%d crypt_len=%d "
++ "icv_off=%d ivp=%p\n", __FUNCTION__, od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ return -EINVAL;
++ }
++
++ SG_INIT(sg, data32, data_i, data_l);
++
++ CVMX_PREFETCH0(ivp);
++ CVMX_PREFETCH0(od->octo_enckey);
++
++ flags = octeon_crypto_enable(&state);
++
++ /* load AES Key */
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[0], 0);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[1], 1);
++
++ if (od->octo_encklen == 16) {
++ CVMX_MT_AES_KEY(0x0, 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 24) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(0x0, 3);
++ } else if (od->octo_encklen == 32) {
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[2], 2);
++ CVMX_MT_AES_KEY(((uint64_t *) od->octo_enckey)[3], 3);
++ } else {
++ octeon_crypto_disable(&state, flags);
++ dprintk("%s: Bad key length %d\n", __FUNCTION__, od->octo_encklen);
++ return -EINVAL;
++ }
++ CVMX_MT_AES_KEYLENGTH(od->octo_encklen / 8 - 1);
++
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[0], 0);
++ CVMX_MT_AES_IV(((uint64_t *) ivp)[1], 1);
++
++ /* Load SHA1 IV */
++ CVMX_MT_HSH_IV(od->octo_hminner[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hminner[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hminner[2], 2);
++
++ while (crypt_off > 0 && auth_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ crypt_off -= 4;
++ auth_off -= 4;
++ }
++
++ /* align auth and crypt */
++ while (crypt_off > 0 && auth_len > 0) {
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVM_LOAD_SHA_UNIT(*pdata, next);
++ crypt_off -= 8;
++ auth_len -= 8;
++ }
++
++ while (crypt_len > 0) {
++ uint32_t *pdata32[3];
++
++ pdata32[0] = data32;
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ pdata32[1] = data32;
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ pdata32[2] = data32;
++ mydata[1].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[1].data32[1] = *data32;
++
++ if (auth_len > 0) {
++ CVM_LOAD_SHA_UNIT(*pdata, next);
++ auth_len -= 8;
++ }
++ if (auth_len > 0) {
++ CVM_LOAD_SHA_UNIT(*data, next);
++ auth_len -= 8;
++ }
++
++ CVMX_MT_AES_DEC_CBC0(*pdata);
++ CVMX_MT_AES_DEC_CBC1(*data);
++ CVMX_MF_AES_RESULT(*pdata, 0);
++ CVMX_MF_AES_RESULT(*data, 1);
++ crypt_len -= 16;
++
++ *pdata32[0] = mydata[0].data32[0];
++ *pdata32[1] = mydata[0].data32[1];
++ *pdata32[2] = mydata[1].data32[0];
++ *data32 = mydata[1].data32[1];
++
++ SG_CONSUME(sg, data32, data_i, data_l);
++ }
++
++ /* finish and leftover hashing */
++ while (auth_len > 0) {
++ mydata[0].data32[0] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ mydata[0].data32[1] = *data32;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVM_LOAD_SHA_UNIT(*pdata, next);
++ auth_len -= 8;
++ }
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_SHA_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_SHA_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_SHA_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* Finish Inner hash */
++ while (next != 7) {
++ CVM_LOAD_SHA_UNIT(((uint64_t) 0x0ULL), next);
++ }
++ CVM_LOAD_SHA_UNIT((uint64_t) ((alen + 64) << 3), next);
++
++ /* Get the inner hash of HMAC */
++ CVMX_MF_HSH_IV(tmp1, 0);
++ CVMX_MF_HSH_IV(tmp2, 1);
++ tmp3 = 0;
++ CVMX_MF_HSH_IV(tmp3, 2);
++
++ /* Initialize hash unit */
++ CVMX_MT_HSH_IV(od->octo_hmouter[0], 0);
++ CVMX_MT_HSH_IV(od->octo_hmouter[1], 1);
++ CVMX_MT_HSH_IV(od->octo_hmouter[2], 2);
++
++ CVMX_MT_HSH_DAT(tmp1, 0);
++ CVMX_MT_HSH_DAT(tmp2, 1);
++ tmp3 |= 0x0000000080000000;
++ CVMX_MT_HSH_DAT(tmp3, 2);
++ CVMX_MT_HSH_DATZ(3);
++ CVMX_MT_HSH_DATZ(4);
++ CVMX_MT_HSH_DATZ(5);
++ CVMX_MT_HSH_DATZ(6);
++ CVMX_MT_HSH_STARTSHA((uint64_t) ((64 + 20) << 3));
++
++ /* finish the hash */
++ CVMX_PREFETCH0(od->octo_hmouter);
++#if 0
++ if (unlikely(inplen)) {
++ uint64_t tmp = 0;
++ uint8_t *p = (uint8_t *) & tmp;
++ p[inplen] = 0x80;
++ do {
++ inplen--;
++ p[inplen] = ((uint8_t *) data)[inplen];
++ } while (inplen);
++ CVM_LOAD_MD5_UNIT(tmp, next);
++ } else {
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++ }
++#else
++ CVM_LOAD_MD5_UNIT(0x8000000000000000ULL, next);
++#endif
++
++ /* save the HMAC */
++ SG_INIT(sg, data32, data_i, data_l);
++ while (icv_off > 0) {
++ SG_CONSUME(sg, data32, data_i, data_l);
++ icv_off -= 4;
++ }
++ CVMX_MF_HSH_IV(tmp1, 0);
++ *data32 = (uint32_t) (tmp1 >> 32);
++ SG_CONSUME(sg, data32, data_i, data_l);
++ *data32 = (uint32_t) tmp1;
++ SG_CONSUME(sg, data32, data_i, data_l);
++ CVMX_MF_HSH_IV(tmp1, 1);
++ *data32 = (uint32_t) (tmp1 >> 32);
++
++ octeon_crypto_disable(&state, flags);
++ return 0;
++}
++
++/****************************************************************************/
+diff --git a/crypto/ocf/cryptocteon/cryptocteon.c b/crypto/ocf/cryptocteon/cryptocteon.c
+new file mode 100644
+index 0000000..9940f59
+--- /dev/null
++++ b/crypto/ocf/cryptocteon/cryptocteon.c
+@@ -0,0 +1,574 @@
++/*
++ * Octeon Crypto for OCF
++ *
++ * Written by David McCullough <david_mccullough at mcafee.com>
++ * Copyright (C) 2009-2010 David McCullough
++ *
++ * LICENSE TERMS
++ *
++ * The free distribution and use of this software in both source and binary
++ * form is allowed (with or without changes) provided that:
++ *
++ * 1. distributions of this source code include the above copyright
++ * notice, this list of conditions and the following disclaimer;
++ *
++ * 2. distributions in binary form include the above copyright
++ * notice, this list of conditions and the following disclaimer
++ * in the documentation and/or other associated materials;
++ *
++ * 3. the copyright holder's name is not used to endorse products
++ * built using this software without specific written permission.
++ *
++ * DISCLAIMER
++ *
++ * This software is provided 'as is' with no explicit or implied warranties
++ * in respect of its properties, including, but not limited to, correctness
++ * and/or fitness for purpose.
++ * ---------------------------------------------------------------------------
++ */
++
++#ifndef AUTOCONF_INCLUDED
++#include <linux/config.h>
++#endif
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/list.h>
++#include <linux/slab.h>
++#include <linux/sched.h>
++#include <linux/wait.h>
++#include <linux/crypto.h>
++#include <linux/mm.h>
++#include <linux/skbuff.h>
++#include <linux/random.h>
++#include <linux/scatterlist.h>
++
++#include <cryptodev.h>
++#include <uio.h>
++
++struct {
++ softc_device_decl sc_dev;
++} octo_softc;
++
++#define offset_in_page(p) ((unsigned long)(p) & ~PAGE_MASK)
++
++struct octo_sess {
++ int octo_encalg;
++ #define MAX_CIPHER_KEYLEN 64
++ char octo_enckey[MAX_CIPHER_KEYLEN];
++ int octo_encklen;
++
++ int octo_macalg;
++ #define MAX_HASH_KEYLEN 64
++ char octo_mackey[MAX_HASH_KEYLEN];
++ int octo_macklen;
++ int octo_mackey_set;
++
++ int octo_mlen;
++ int octo_ivsize;
++
++#if 0
++ int (*octo_decrypt)(struct scatterlist *sg, int sg_len,
++ uint8_t *key, int key_len, uint8_t * iv,
++ uint64_t *hminner, uint64_t *hmouter);
++
++ int (*octo_encrypt)(struct scatterlist *sg, int sg_len,
++ uint8_t *key, int key_len, uint8_t * iv,
++ uint64_t *hminner, uint64_t *hmouter);
++#else
++ int (*octo_encrypt)(struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp);
++ int (*octo_decrypt)(struct octo_sess *od,
++ struct scatterlist *sg, int sg_len,
++ int auth_off, int auth_len,
++ int crypt_off, int crypt_len,
++ int icv_off, uint8_t *ivp);
++#endif
++
++ uint64_t octo_hminner[3];
++ uint64_t octo_hmouter[3];
++};
++
++int32_t octo_id = -1;
++module_param(octo_id, int, 0444);
++MODULE_PARM_DESC(octo_id, "Read-Only OCF ID for cryptocteon driver");
++
++static struct octo_sess **octo_sessions = NULL;
++static u_int32_t octo_sesnum = 0;
++
++static int octo_process(device_t, struct cryptop *, int);
++static int octo_newsession(device_t, u_int32_t *, struct cryptoini *);
++static int octo_freesession(device_t, u_int64_t);
++
++static device_method_t octo_methods = {
++ /* crypto device methods */
++ DEVMETHOD(cryptodev_newsession, octo_newsession),
++ DEVMETHOD(cryptodev_freesession,octo_freesession),
++ DEVMETHOD(cryptodev_process, octo_process),
++};
++
++#define debug octo_debug
++int octo_debug = 0;
++module_param(octo_debug, int, 0644);
++MODULE_PARM_DESC(octo_debug, "Enable debug");
++
++
++#include "cavium_crypto.c"
++
++
++/*
++ * Generate a new octo session. We artifically limit it to a single
++ * hash/cipher or hash-cipher combo just to make it easier, most callers
++ * do not expect more than this anyway.
++ */
++static int
++octo_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
++{
++ struct cryptoini *c, *encini = NULL, *macini = NULL;
++ struct octo_sess **ocd;
++ int i;
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (sid == NULL || cri == NULL) {
++ dprintk("%s,%d - EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ /*
++ * To keep it simple, we only handle hash, cipher or hash/cipher in a
++ * session, you cannot currently do multiple ciphers/hashes in one
++ * session even though it would be possibel to code this driver to
++ * handle it.
++ */
++ for (i = 0, c = cri; c && i < 2; i++) {
++ if (c->cri_alg == CRYPTO_MD5_HMAC ||
++ c->cri_alg == CRYPTO_SHA1_HMAC ||
++ c->cri_alg == CRYPTO_NULL_HMAC) {
++ if (macini) {
++ break;
++ }
++ macini = c;
++ }
++ if (c->cri_alg == CRYPTO_DES_CBC ||
++ c->cri_alg == CRYPTO_3DES_CBC ||
++ c->cri_alg == CRYPTO_AES_CBC ||
++ c->cri_alg == CRYPTO_NULL_CBC) {
++ if (encini) {
++ break;
++ }
++ encini = c;
++ }
++ c = c->cri_next;
++ }
++ if (!macini && !encini) {
++ dprintk("%s,%d - EINVAL bad cipher/hash or combination\n",
++ __FILE__, __LINE__);
++ return EINVAL;
++ }
++ if (c) {
++ dprintk("%s,%d - EINVAL cannot handle chained cipher/hash combos\n",
++ __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ /*
++ * So we have something we can do, lets setup the session
++ */
++
++ if (octo_sessions) {
++ for (i = 1; i < octo_sesnum; i++)
++ if (octo_sessions[i] == NULL)
++ break;
++ } else
++ i = 1; /* NB: to silence compiler warning */
++
++ if (octo_sessions == NULL || i == octo_sesnum) {
++ if (octo_sessions == NULL) {
++ i = 1; /* We leave octo_sessions[0] empty */
++ octo_sesnum = CRYPTO_SW_SESSIONS;
++ } else
++ octo_sesnum *= 2;
++
++ ocd = kmalloc(octo_sesnum * sizeof(struct octo_sess *), SLAB_ATOMIC);
++ if (ocd == NULL) {
++ /* Reset session number */
++ if (octo_sesnum == CRYPTO_SW_SESSIONS)
++ octo_sesnum = 0;
++ else
++ octo_sesnum /= 2;
++ dprintk("%s,%d: ENOBUFS\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ memset(ocd, 0, octo_sesnum * sizeof(struct octo_sess *));
++
++ /* Copy existing sessions */
++ if (octo_sessions) {
++ memcpy(ocd, octo_sessions,
++ (octo_sesnum / 2) * sizeof(struct octo_sess *));
++ kfree(octo_sessions);
++ }
++
++ octo_sessions = ocd;
++ }
++
++ ocd = &octo_sessions[i];
++ *sid = i;
++
++
++ *ocd = (struct octo_sess *) kmalloc(sizeof(struct octo_sess), SLAB_ATOMIC);
++ if (*ocd == NULL) {
++ octo_freesession(NULL, i);
++ dprintk("%s,%d: ENOBUFS\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ memset(*ocd, 0, sizeof(struct octo_sess));
++
++ if (encini && encini->cri_key) {
++ (*ocd)->octo_encklen = (encini->cri_klen + 7) / 8;
++ memcpy((*ocd)->octo_enckey, encini->cri_key, (*ocd)->octo_encklen);
++ }
++
++ if (macini && macini->cri_key) {
++ (*ocd)->octo_macklen = (macini->cri_klen + 7) / 8;
++ memcpy((*ocd)->octo_mackey, macini->cri_key, (*ocd)->octo_macklen);
++ }
++
++ (*ocd)->octo_mlen = 0;
++ if (encini && encini->cri_mlen)
++ (*ocd)->octo_mlen = encini->cri_mlen;
++ else if (macini && macini->cri_mlen)
++ (*ocd)->octo_mlen = macini->cri_mlen;
++ else
++ (*ocd)->octo_mlen = 12;
++
++ /*
++ * point c at the enc if it exists, otherwise the mac
++ */
++ c = encini ? encini : macini;
++
++ switch (c->cri_alg) {
++ case CRYPTO_DES_CBC:
++ case CRYPTO_3DES_CBC:
++ (*ocd)->octo_ivsize = 8;
++ switch (macini ? macini->cri_alg : -1) {
++ case CRYPTO_MD5_HMAC:
++ (*ocd)->octo_encrypt = octo_des_cbc_md5_encrypt;
++ (*ocd)->octo_decrypt = octo_des_cbc_md5_decrypt;
++ octo_calc_hash(0, macini->cri_key, (*ocd)->octo_hminner,
++ (*ocd)->octo_hmouter);
++ break;
++ case CRYPTO_SHA1_HMAC:
++ (*ocd)->octo_encrypt = octo_des_cbc_sha1_encrypt;
++ (*ocd)->octo_decrypt = octo_des_cbc_sha1_encrypt;
++ octo_calc_hash(1, macini->cri_key, (*ocd)->octo_hminner,
++ (*ocd)->octo_hmouter);
++ break;
++ case -1:
++ (*ocd)->octo_encrypt = octo_des_cbc_encrypt;
++ (*ocd)->octo_decrypt = octo_des_cbc_decrypt;
++ break;
++ default:
++ octo_freesession(NULL, i);
++ dprintk("%s,%d: EINVALn", __FILE__, __LINE__);
++ return EINVAL;
++ }
++ break;
++ case CRYPTO_AES_CBC:
++ (*ocd)->octo_ivsize = 16;
++ switch (macini ? macini->cri_alg : -1) {
++ case CRYPTO_MD5_HMAC:
++ (*ocd)->octo_encrypt = octo_aes_cbc_md5_encrypt;
++ (*ocd)->octo_decrypt = octo_aes_cbc_md5_decrypt;
++ octo_calc_hash(0, macini->cri_key, (*ocd)->octo_hminner,
++ (*ocd)->octo_hmouter);
++ break;
++ case CRYPTO_SHA1_HMAC:
++ (*ocd)->octo_encrypt = octo_aes_cbc_sha1_encrypt;
++ (*ocd)->octo_decrypt = octo_aes_cbc_sha1_decrypt;
++ octo_calc_hash(1, macini->cri_key, (*ocd)->octo_hminner,
++ (*ocd)->octo_hmouter);
++ break;
++ case -1:
++ (*ocd)->octo_encrypt = octo_aes_cbc_encrypt;
++ (*ocd)->octo_decrypt = octo_aes_cbc_decrypt;
++ break;
++ default:
++ octo_freesession(NULL, i);
++ dprintk("%s,%d: EINVALn", __FILE__, __LINE__);
++ return EINVAL;
++ }
++ break;
++ case CRYPTO_MD5_HMAC:
++ (*ocd)->octo_encrypt = octo_null_md5_encrypt;
++ (*ocd)->octo_decrypt = octo_null_md5_encrypt;
++ octo_calc_hash(0, macini->cri_key, (*ocd)->octo_hminner,
++ (*ocd)->octo_hmouter);
++ break;
++ case CRYPTO_SHA1_HMAC:
++ (*ocd)->octo_encrypt = octo_null_sha1_encrypt;
++ (*ocd)->octo_decrypt = octo_null_sha1_encrypt;
++ octo_calc_hash(1, macini->cri_key, (*ocd)->octo_hminner,
++ (*ocd)->octo_hmouter);
++ break;
++ default:
++ octo_freesession(NULL, i);
++ dprintk("%s,%d: EINVALn", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ (*ocd)->octo_encalg = encini ? encini->cri_alg : -1;
++ (*ocd)->octo_macalg = macini ? macini->cri_alg : -1;
++
++ return 0;
++}
++
++/*
++ * Free a session.
++ */
++static int
++octo_freesession(device_t dev, u_int64_t tid)
++{
++ u_int32_t sid = CRYPTO_SESID2LID(tid);
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (sid > octo_sesnum || octo_sessions == NULL ||
++ octo_sessions[sid] == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return(EINVAL);
++ }
++
++ /* Silently accept and return */
++ if (sid == 0)
++ return(0);
++
++ if (octo_sessions[sid])
++ kfree(octo_sessions[sid]);
++ octo_sessions[sid] = NULL;
++ return 0;
++}
++
++/*
++ * Process a request.
++ */
++static int
++octo_process(device_t dev, struct cryptop *crp, int hint)
++{
++ struct cryptodesc *crd;
++ struct octo_sess *od;
++ u_int32_t lid;
++#define SCATTERLIST_MAX 16
++ struct scatterlist sg[SCATTERLIST_MAX];
++ int sg_num, sg_len;
++ struct sk_buff *skb = NULL;
++ struct uio *uiop = NULL;
++ struct cryptodesc *enccrd = NULL, *maccrd = NULL;
++ unsigned char *ivp = NULL;
++ unsigned char iv_data[HASH_MAX_LEN];
++ int auth_off = 0, auth_len = 0, crypt_off = 0, crypt_len = 0, icv_off = 0;
++
++ dprintk("%s()\n", __FUNCTION__);
++ /* Sanity check */
++ if (crp == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ crp->crp_etype = 0;
++
++ if (crp->crp_desc == NULL || crp->crp_buf == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ crp->crp_etype = EINVAL;
++ goto done;
++ }
++
++ lid = crp->crp_sid & 0xffffffff;
++ if (lid >= octo_sesnum || lid == 0 || octo_sessions == NULL ||
++ octo_sessions[lid] == NULL) {
++ crp->crp_etype = ENOENT;
++ dprintk("%s,%d: ENOENT\n", __FILE__, __LINE__);
++ goto done;
++ }
++ od = octo_sessions[lid];
++
++ /*
++ * do some error checking outside of the loop for SKB and IOV processing
++ * this leaves us with valid skb or uiop pointers for later
++ */
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ skb = (struct sk_buff *) crp->crp_buf;
++ if (skb_shinfo(skb)->nr_frags >= SCATTERLIST_MAX) {
++ printk("%s,%d: %d nr_frags > SCATTERLIST_MAX", __FILE__, __LINE__,
++ skb_shinfo(skb)->nr_frags);
++ goto done;
++ }
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ uiop = (struct uio *) crp->crp_buf;
++ if (uiop->uio_iovcnt > SCATTERLIST_MAX) {
++ printk("%s,%d: %d uio_iovcnt > SCATTERLIST_MAX", __FILE__, __LINE__,
++ uiop->uio_iovcnt);
++ goto done;
++ }
++ }
++
++ /* point our enccrd and maccrd appropriately */
++ crd = crp->crp_desc;
++ if (crd->crd_alg == od->octo_encalg) enccrd = crd;
++ if (crd->crd_alg == od->octo_macalg) maccrd = crd;
++ crd = crd->crd_next;
++ if (crd) {
++ if (crd->crd_alg == od->octo_encalg) enccrd = crd;
++ if (crd->crd_alg == od->octo_macalg) maccrd = crd;
++ crd = crd->crd_next;
++ }
++ if (crd) {
++ crp->crp_etype = EINVAL;
++ dprintk("%s,%d: ENOENT - descriptors do not match session\n",
++ __FILE__, __LINE__);
++ goto done;
++ }
++
++ if (enccrd) {
++ if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) {
++ ivp = enccrd->crd_iv;
++ } else {
++ ivp = iv_data;
++ crypto_copydata(crp->crp_flags, crp->crp_buf,
++ enccrd->crd_inject, od->octo_ivsize, (caddr_t) ivp);
++ }
++
++ if (maccrd) {
++ auth_off = maccrd->crd_skip;
++ auth_len = maccrd->crd_len;
++ icv_off = maccrd->crd_inject;
++ }
++
++ crypt_off = enccrd->crd_skip;
++ crypt_len = enccrd->crd_len;
++ } else { /* if (maccrd) */
++ auth_off = maccrd->crd_skip;
++ auth_len = maccrd->crd_len;
++ icv_off = maccrd->crd_inject;
++ }
++
++
++ /*
++ * setup the SG list to cover the buffer
++ */
++ memset(sg, 0, sizeof(sg));
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ int i, len;
++
++ sg_num = 0;
++ sg_len = 0;
++
++ len = skb_headlen(skb);
++ sg_set_page(&sg[sg_num], virt_to_page(skb->data), len,
++ offset_in_page(skb->data));
++ sg_len += len;
++ sg_num++;
++
++ for (i = 0; i < skb_shinfo(skb)->nr_frags && sg_num < SCATTERLIST_MAX;
++ i++) {
++ len = skb_shinfo(skb)->frags[i].size;
++ sg_set_page(&sg[sg_num], skb_shinfo(skb)->frags[i].page,
++ len, skb_shinfo(skb)->frags[i].page_offset);
++ sg_len += len;
++ sg_num++;
++ }
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ int len;
++
++ sg_len = 0;
++ for (sg_num = 0; sg_len < crp->crp_ilen &&
++ sg_num < uiop->uio_iovcnt &&
++ sg_num < SCATTERLIST_MAX; sg_num++) {
++ len = uiop->uio_iov[sg_num].iov_len;
++ sg_set_page(&sg[sg_num],
++ virt_to_page(uiop->uio_iov[sg_num].iov_base), len,
++ offset_in_page(uiop->uio_iov[sg_num].iov_base));
++ sg_len += len;
++ }
++ } else {
++ sg_len = crp->crp_ilen;
++ sg_set_page(&sg[0], virt_to_page(crp->crp_buf), sg_len,
++ offset_in_page(crp->crp_buf));
++ sg_num = 1;
++ }
++
++
++ /*
++ * setup a new explicit key
++ */
++ if (enccrd) {
++ if (enccrd->crd_flags & CRD_F_KEY_EXPLICIT) {
++ od->octo_encklen = (enccrd->crd_klen + 7) / 8;
++ memcpy(od->octo_enckey, enccrd->crd_key, od->octo_encklen);
++ }
++ }
++ if (maccrd) {
++ if (maccrd->crd_flags & CRD_F_KEY_EXPLICIT) {
++ od->octo_macklen = (maccrd->crd_klen + 7) / 8;
++ memcpy(od->octo_mackey, maccrd->crd_key, od->octo_macklen);
++ od->octo_mackey_set = 0;
++ }
++ if (!od->octo_mackey_set) {
++ octo_calc_hash(maccrd->crd_alg == CRYPTO_MD5_HMAC ? 0 : 1,
++ maccrd->crd_key, od->octo_hminner, od->octo_hmouter);
++ od->octo_mackey_set = 1;
++ }
++ }
++
++
++ if (!enccrd || (enccrd->crd_flags & CRD_F_ENCRYPT))
++ (*od->octo_encrypt)(od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++ else
++ (*od->octo_decrypt)(od, sg, sg_len,
++ auth_off, auth_len, crypt_off, crypt_len, icv_off, ivp);
++
++done:
++ crypto_done(crp);
++ return 0;
++}
++
++static int
++cryptocteon_init(void)
++{
++ dprintk("%s(%p)\n", __FUNCTION__, cryptocteon_init);
++
++ softc_device_init(&octo_softc, "cryptocteon", 0, octo_methods);
++
++ octo_id = crypto_get_driverid(softc_get_device(&octo_softc),
++ CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SYNC);
++ if (octo_id < 0) {
++ printk("Cryptocteon device cannot initialize!");
++ return -ENODEV;
++ }
++
++ crypto_register(octo_id, CRYPTO_MD5_HMAC, 0,0);
++ crypto_register(octo_id, CRYPTO_SHA1_HMAC, 0,0);
++ //crypto_register(octo_id, CRYPTO_MD5, 0,0);
++ //crypto_register(octo_id, CRYPTO_SHA1, 0,0);
++ crypto_register(octo_id, CRYPTO_DES_CBC, 0,0);
++ crypto_register(octo_id, CRYPTO_3DES_CBC, 0,0);
++ crypto_register(octo_id, CRYPTO_AES_CBC, 0,0);
++
++ return(0);
++}
++
++static void
++cryptocteon_exit(void)
++{
++ dprintk("%s()\n", __FUNCTION__);
++ crypto_unregister_all(octo_id);
++ octo_id = -1;
++}
++
++module_init(cryptocteon_init);
++module_exit(cryptocteon_exit);
++
++MODULE_LICENSE("BSD");
++MODULE_AUTHOR("David McCullough <david_mccullough at mcafee.com>");
++MODULE_DESCRIPTION("Cryptocteon (OCF module for Cavium OCTEON crypto)");
+diff --git a/crypto/ocf/cryptodev.c b/crypto/ocf/cryptodev.c
+new file mode 100644
+index 0000000..87a4c37
+--- /dev/null
++++ b/crypto/ocf/cryptodev.c
+@@ -0,0 +1,1061 @@
++/* $OpenBSD: cryptodev.c,v 1.52 2002/06/19 07:22:46 deraadt Exp $ */
++
++/*-
++ * Linux port done by David McCullough <david_mccullough at mcafee.com>
++ * Copyright (C) 2006-2010 David McCullough
++ * Copyright (C) 2004-2005 Intel Corporation.
++ * The license and original author are listed below.
++ *
++ * Copyright (c) 2001 Theo de Raadt
++ * Copyright (c) 2002-2006 Sam Leffler, Errno Consulting
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored in part by the Defense Advanced Research Projects
++ * Agency (DARPA) and Air Force Research Laboratory, Air Force
++ * Materiel Command, USAF, under agreement number F30602-01-2-0537.
++ *
++__FBSDID("$FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.34 2007/05/09 19:37:02 gnn Exp $");
++ */
++
++#ifndef AUTOCONF_INCLUDED
++#include <linux/config.h>
++#endif
++#include <linux/types.h>
++#include <linux/time.h>
++#include <linux/delay.h>
++#include <linux/list.h>
++#include <linux/init.h>
++#include <linux/sched.h>
++#include <linux/unistd.h>
++#include <linux/module.h>
++#include <linux/wait.h>
++#include <linux/slab.h>
++#include <linux/fs.h>
++#include <linux/dcache.h>
++#include <linux/file.h>
++#include <linux/mount.h>
++#include <linux/miscdevice.h>
++#include <linux/version.h>
++#include <asm/uaccess.h>
++
++#include <cryptodev.h>
++#include <uio.h>
++
++extern asmlinkage long sys_dup(unsigned int fildes);
++
++#define debug cryptodev_debug
++int cryptodev_debug = 0;
++module_param(cryptodev_debug, int, 0644);
++MODULE_PARM_DESC(cryptodev_debug, "Enable cryptodev debug");
++
++struct csession_info {
++ u_int16_t blocksize;
++ u_int16_t minkey, maxkey;
++
++ u_int16_t keysize;
++ /* u_int16_t hashsize; */
++ u_int16_t authsize;
++ u_int16_t authkey;
++ /* u_int16_t ctxsize; */
++};
++
++struct csession {
++ struct list_head list;
++ u_int64_t sid;
++ u_int32_t ses;
++
++ wait_queue_head_t waitq;
++
++ u_int32_t cipher;
++
++ u_int32_t mac;
++
++ caddr_t key;
++ int keylen;
++ u_char tmp_iv[EALG_MAX_BLOCK_LEN];
++
++ caddr_t mackey;
++ int mackeylen;
++
++ struct csession_info info;
++
++ struct iovec iovec;
++ struct uio uio;
++ int error;
++};
++
++struct fcrypt {
++ struct list_head csessions;
++ int sesn;
++};
++
++static struct csession *csefind(struct fcrypt *, u_int);
++static int csedelete(struct fcrypt *, struct csession *);
++static struct csession *cseadd(struct fcrypt *, struct csession *);
++static struct csession *csecreate(struct fcrypt *, u_int64_t,
++ struct cryptoini *crie, struct cryptoini *cria, struct csession_info *);
++static int csefree(struct csession *);
++
++static int cryptodev_op(struct csession *, struct crypt_op *);
++static int cryptodev_key(struct crypt_kop *);
++static int cryptodev_find(struct crypt_find_op *);
++
++static int cryptodev_cb(void *);
++static int cryptodev_open(struct inode *inode, struct file *filp);
++
++/*
++ * Check a crypto identifier to see if it requested
++ * a valid crid and it's capabilities match.
++ */
++static int
++checkcrid(int crid)
++{
++ int hid = crid & ~(CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE);
++ int typ = crid & (CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE);
++ int caps = 0;
++
++ /* if the user hasn't selected a driver, then just call newsession */
++ if (hid == 0 && typ != 0)
++ return 0;
++
++ caps = crypto_getcaps(hid);
++
++ /* didn't find anything with capabilities */
++ if (caps == 0) {
++ dprintk("%s: hid=%x typ=%x not matched\n", __FUNCTION__, hid, typ);
++ return EINVAL;
++ }
++
++ /* the user didn't specify SW or HW, so the driver is ok */
++ if (typ == 0)
++ return 0;
++
++ /* if the type specified didn't match */
++ if (typ != (caps & (CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE))) {
++ dprintk("%s: hid=%x typ=%x caps=%x not matched\n", __FUNCTION__,
++ hid, typ, caps);
++ return EINVAL;
++ }
++
++ return 0;
++}
++
++static int
++cryptodev_op(struct csession *cse, struct crypt_op *cop)
++{
++ struct cryptop *crp = NULL;
++ struct cryptodesc *crde = NULL, *crda = NULL;
++ int error = 0;
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (cop->len > CRYPTO_MAX_DATA_LEN) {
++ dprintk("%s: %d > %d\n", __FUNCTION__, cop->len, CRYPTO_MAX_DATA_LEN);
++ return (E2BIG);
++ }
++
++ if (cse->info.blocksize && (cop->len % cse->info.blocksize) != 0) {
++ dprintk("%s: blocksize=%d len=%d\n", __FUNCTION__, cse->info.blocksize,
++ cop->len);
++ return (EINVAL);
++ }
++
++ cse->uio.uio_iov = &cse->iovec;
++ cse->uio.uio_iovcnt = 1;
++ cse->uio.uio_offset = 0;
++#if 0
++ cse->uio.uio_resid = cop->len;
++ cse->uio.uio_segflg = UIO_SYSSPACE;
++ cse->uio.uio_rw = UIO_WRITE;
++ cse->uio.uio_td = td;
++#endif
++ cse->uio.uio_iov[0].iov_len = cop->len;
++ if (cse->info.authsize)
++ cse->uio.uio_iov[0].iov_len += cse->info.authsize;
++ cse->uio.uio_iov[0].iov_base = kmalloc(cse->uio.uio_iov[0].iov_len,
++ GFP_KERNEL);
++
++ if (cse->uio.uio_iov[0].iov_base == NULL) {
++ dprintk("%s: iov_base kmalloc(%d) failed\n", __FUNCTION__,
++ (int)cse->uio.uio_iov[0].iov_len);
++ return (ENOMEM);
++ }
++
++ crp = crypto_getreq((cse->info.blocksize != 0) + (cse->info.authsize != 0));
++ if (crp == NULL) {
++ dprintk("%s: ENOMEM\n", __FUNCTION__);
++ error = ENOMEM;
++ goto bail;
++ }
++
++ if (cse->info.authsize && cse->info.blocksize) {
++ if (cop->op == COP_ENCRYPT) {
++ crde = crp->crp_desc;
++ crda = crde->crd_next;
++ } else {
++ crda = crp->crp_desc;
++ crde = crda->crd_next;
++ }
++ } else if (cse->info.authsize) {
++ crda = crp->crp_desc;
++ } else if (cse->info.blocksize) {
++ crde = crp->crp_desc;
++ } else {
++ dprintk("%s: bad request\n", __FUNCTION__);
++ error = EINVAL;
++ goto bail;
++ }
++
++ if ((error = copy_from_user(cse->uio.uio_iov[0].iov_base, cop->src,
++ cop->len))) {
++ dprintk("%s: bad copy\n", __FUNCTION__);
++ goto bail;
++ }
++
++ if (crda) {
++ crda->crd_skip = 0;
++ crda->crd_len = cop->len;
++ crda->crd_inject = cop->len;
++
++ crda->crd_alg = cse->mac;
++ crda->crd_key = cse->mackey;
++ crda->crd_klen = cse->mackeylen * 8;
++ }
++
++ if (crde) {
++ if (cop->op == COP_ENCRYPT)
++ crde->crd_flags |= CRD_F_ENCRYPT;
++ else
++ crde->crd_flags &= ~CRD_F_ENCRYPT;
++ crde->crd_len = cop->len;
++ crde->crd_inject = 0;
++
++ crde->crd_alg = cse->cipher;
++ crde->crd_key = cse->key;
++ crde->crd_klen = cse->keylen * 8;
++ }
++
++ crp->crp_ilen = cse->uio.uio_iov[0].iov_len;
++ crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIMM
++ | (cop->flags & COP_F_BATCH);
++ crp->crp_buf = (caddr_t)&cse->uio;
++ crp->crp_callback = (int (*) (struct cryptop *)) cryptodev_cb;
++ crp->crp_sid = cse->sid;
++ crp->crp_opaque = (void *)cse;
++
++ if (cop->iv) {
++ if (crde == NULL) {
++ error = EINVAL;
++ dprintk("%s no crde\n", __FUNCTION__);
++ goto bail;
++ }
++ if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
++ error = EINVAL;
++ dprintk("%s arc4 with IV\n", __FUNCTION__);
++ goto bail;
++ }
++ if ((error = copy_from_user(cse->tmp_iv, cop->iv,
++ cse->info.blocksize))) {
++ dprintk("%s bad iv copy\n", __FUNCTION__);
++ goto bail;
++ }
++ memcpy(crde->crd_iv, cse->tmp_iv, cse->info.blocksize);
++ crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT;
++ crde->crd_skip = 0;
++ } else if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
++ crde->crd_skip = 0;
++ } else if (crde) {
++ crde->crd_flags |= CRD_F_IV_PRESENT;
++ crde->crd_skip = cse->info.blocksize;
++ crde->crd_len -= cse->info.blocksize;
++ }
++
++ if (cop->mac && crda == NULL) {
++ error = EINVAL;
++ dprintk("%s no crda\n", __FUNCTION__);
++ goto bail;
++ }
++
++ /*
++ * Let the dispatch run unlocked, then, interlock against the
++ * callback before checking if the operation completed and going
++ * to sleep. This insures drivers don't inherit our lock which
++ * results in a lock order reversal between crypto_dispatch forced
++ * entry and the crypto_done callback into us.
++ */
++ error = crypto_dispatch(crp);
++ if (error) {
++ dprintk("%s error in crypto_dispatch\n", __FUNCTION__);
++ goto bail;
++ }
++
++ dprintk("%s about to WAIT\n", __FUNCTION__);
++ /*
++ * we really need to wait for driver to complete to maintain
++ * state, luckily interrupts will be remembered
++ */
++ do {
++ error = wait_event_interruptible(crp->crp_waitq,
++ ((crp->crp_flags & CRYPTO_F_DONE) != 0));
++ /*
++ * we can't break out of this loop or we will leave behind
++ * a huge mess, however, staying here means if your driver
++ * is broken user applications can hang and not be killed.
++ * The solution, fix your driver :-)
++ */
++ if (error) {
++ schedule();
++ error = 0;
++ }
++ } while ((crp->crp_flags & CRYPTO_F_DONE) == 0);
++ dprintk("%s finished WAITING error=%d\n", __FUNCTION__, error);
++
++ if (crp->crp_etype != 0) {
++ error = crp->crp_etype;
++ dprintk("%s error in crp processing\n", __FUNCTION__);
++ goto bail;
++ }
++
++ if (cse->error) {
++ error = cse->error;
++ dprintk("%s error in cse processing\n", __FUNCTION__);
++ goto bail;
++ }
++
++ if (cop->dst && (error = copy_to_user(cop->dst,
++ cse->uio.uio_iov[0].iov_base, cop->len))) {
++ dprintk("%s bad dst copy\n", __FUNCTION__);
++ goto bail;
++ }
++
++ if (cop->mac &&
++ (error=copy_to_user(cop->mac,
++ (caddr_t)cse->uio.uio_iov[0].iov_base + cop->len,
++ cse->info.authsize))) {
++ dprintk("%s bad mac copy\n", __FUNCTION__);
++ goto bail;
++ }
++
++bail:
++ if (crp)
++ crypto_freereq(crp);
++ if (cse->uio.uio_iov[0].iov_base)
++ kfree(cse->uio.uio_iov[0].iov_base);
++
++ return (error);
++}
++
++static int
++cryptodev_cb(void *op)
++{
++ struct cryptop *crp = (struct cryptop *) op;
++ struct csession *cse = (struct csession *)crp->crp_opaque;
++ int error;
++
++ dprintk("%s()\n", __FUNCTION__);
++ error = crp->crp_etype;
++ if (error == EAGAIN) {
++ crp->crp_flags &= ~CRYPTO_F_DONE;
++#ifdef NOTYET
++ /*
++ * DAVIDM I am fairly sure that we should turn this into a batch
++ * request to stop bad karma/lockup, revisit
++ */
++ crp->crp_flags |= CRYPTO_F_BATCH;
++#endif
++ return crypto_dispatch(crp);
++ }
++ if (error != 0 || (crp->crp_flags & CRYPTO_F_DONE)) {
++ cse->error = error;
++ wake_up_interruptible(&crp->crp_waitq);
++ }
++ return (0);
++}
++
++static int
++cryptodevkey_cb(void *op)
++{
++ struct cryptkop *krp = (struct cryptkop *) op;
++ dprintk("%s()\n", __FUNCTION__);
++ wake_up_interruptible(&krp->krp_waitq);
++ return (0);
++}
++
++static int
++cryptodev_key(struct crypt_kop *kop)
++{
++ struct cryptkop *krp = NULL;
++ int error = EINVAL;
++ int in, out, size, i;
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (kop->crk_iparams + kop->crk_oparams > CRK_MAXPARAM) {
++ dprintk("%s params too big\n", __FUNCTION__);
++ return (EFBIG);
++ }
++
++ in = kop->crk_iparams;
++ out = kop->crk_oparams;
++ switch (kop->crk_op) {
++ case CRK_MOD_EXP:
++ if (in == 3 && out == 1)
++ break;
++ return (EINVAL);
++ case CRK_MOD_EXP_CRT:
++ if (in == 6 && out == 1)
++ break;
++ return (EINVAL);
++ case CRK_DSA_SIGN:
++ if (in == 5 && out == 2)
++ break;
++ return (EINVAL);
++ case CRK_DSA_VERIFY:
++ if (in == 7 && out == 0)
++ break;
++ return (EINVAL);
++ case CRK_DH_COMPUTE_KEY:
++ if (in == 3 && out == 1)
++ break;
++ return (EINVAL);
++ default:
++ return (EINVAL);
++ }
++
++ krp = (struct cryptkop *)kmalloc(sizeof *krp, GFP_KERNEL);
++ if (!krp)
++ return (ENOMEM);
++ bzero(krp, sizeof *krp);
++ krp->krp_op = kop->crk_op;
++ krp->krp_status = kop->crk_status;
++ krp->krp_iparams = kop->crk_iparams;
++ krp->krp_oparams = kop->crk_oparams;
++ krp->krp_crid = kop->crk_crid;
++ krp->krp_status = 0;
++ krp->krp_flags = CRYPTO_KF_CBIMM;
++ krp->krp_callback = (int (*) (struct cryptkop *)) cryptodevkey_cb;
++ init_waitqueue_head(&krp->krp_waitq);
++
++ for (i = 0; i < CRK_MAXPARAM; i++)
++ krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits;
++ for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) {
++ size = (krp->krp_param[i].crp_nbits + 7) / 8;
++ if (size == 0)
++ continue;
++ krp->krp_param[i].crp_p = (caddr_t) kmalloc(size, GFP_KERNEL);
++ if (i >= krp->krp_iparams)
++ continue;
++ error = copy_from_user(krp->krp_param[i].crp_p,
++ kop->crk_param[i].crp_p, size);
++ if (error)
++ goto fail;
++ }
++
++ error = crypto_kdispatch(krp);
++ if (error)
++ goto fail;
++
++ do {
++ error = wait_event_interruptible(krp->krp_waitq,
++ ((krp->krp_flags & CRYPTO_KF_DONE) != 0));
++ /*
++ * we can't break out of this loop or we will leave behind
++ * a huge mess, however, staying here means if your driver
++ * is broken user applications can hang and not be killed.
++ * The solution, fix your driver :-)
++ */
++ if (error) {
++ schedule();
++ error = 0;
++ }
++ } while ((krp->krp_flags & CRYPTO_KF_DONE) == 0);
++
++ dprintk("%s finished WAITING error=%d\n", __FUNCTION__, error);
++
++ kop->crk_crid = krp->krp_crid; /* device that did the work */
++ if (krp->krp_status != 0) {
++ error = krp->krp_status;
++ goto fail;
++ }
++
++ for (i = krp->krp_iparams; i < krp->krp_iparams + krp->krp_oparams; i++) {
++ size = (krp->krp_param[i].crp_nbits + 7) / 8;
++ if (size == 0)
++ continue;
++ error = copy_to_user(kop->crk_param[i].crp_p, krp->krp_param[i].crp_p,
++ size);
++ if (error)
++ goto fail;
++ }
++
++fail:
++ if (krp) {
++ kop->crk_status = krp->krp_status;
++ for (i = 0; i < CRK_MAXPARAM; i++) {
++ if (krp->krp_param[i].crp_p)
++ kfree(krp->krp_param[i].crp_p);
++ }
++ kfree(krp);
++ }
++ return (error);
++}
++
++static int
++cryptodev_find(struct crypt_find_op *find)
++{
++ device_t dev;
++
++ if (find->crid != -1) {
++ dev = crypto_find_device_byhid(find->crid);
++ if (dev == NULL)
++ return (ENOENT);
++ strlcpy(find->name, device_get_nameunit(dev),
++ sizeof(find->name));
++ } else {
++ find->crid = crypto_find_driver(find->name);
++ if (find->crid == -1)
++ return (ENOENT);
++ }
++ return (0);
++}
++
++static struct csession *
++csefind(struct fcrypt *fcr, u_int ses)
++{
++ struct csession *cse;
++
++ dprintk("%s()\n", __FUNCTION__);
++ list_for_each_entry(cse, &fcr->csessions, list)
++ if (cse->ses == ses)
++ return (cse);
++ return (NULL);
++}
++
++static int
++csedelete(struct fcrypt *fcr, struct csession *cse_del)
++{
++ struct csession *cse;
++
++ dprintk("%s()\n", __FUNCTION__);
++ list_for_each_entry(cse, &fcr->csessions, list) {
++ if (cse == cse_del) {
++ list_del(&cse->list);
++ return (1);
++ }
++ }
++ return (0);
++}
++
++static struct csession *
++cseadd(struct fcrypt *fcr, struct csession *cse)
++{
++ dprintk("%s()\n", __FUNCTION__);
++ list_add_tail(&cse->list, &fcr->csessions);
++ cse->ses = fcr->sesn++;
++ return (cse);
++}
++
++static struct csession *
++csecreate(struct fcrypt *fcr, u_int64_t sid, struct cryptoini *crie,
++ struct cryptoini *cria, struct csession_info *info)
++{
++ struct csession *cse;
++
++ dprintk("%s()\n", __FUNCTION__);
++ cse = (struct csession *) kmalloc(sizeof(struct csession), GFP_KERNEL);
++ if (cse == NULL)
++ return NULL;
++ memset(cse, 0, sizeof(struct csession));
++
++ INIT_LIST_HEAD(&cse->list);
++ init_waitqueue_head(&cse->waitq);
++
++ cse->key = crie->cri_key;
++ cse->keylen = crie->cri_klen/8;
++ cse->mackey = cria->cri_key;
++ cse->mackeylen = cria->cri_klen/8;
++ cse->sid = sid;
++ cse->cipher = crie->cri_alg;
++ cse->mac = cria->cri_alg;
++ cse->info = *info;
++ cseadd(fcr, cse);
++ return (cse);
++}
++
++static int
++csefree(struct csession *cse)
++{
++ int error;
++
++ dprintk("%s()\n", __FUNCTION__);
++ error = crypto_freesession(cse->sid);
++ if (cse->key)
++ kfree(cse->key);
++ if (cse->mackey)
++ kfree(cse->mackey);
++ kfree(cse);
++ return(error);
++}
++
++static int
++cryptodev_ioctl(
++ struct inode *inode,
++ struct file *filp,
++ unsigned int cmd,
++ unsigned long arg)
++{
++ struct cryptoini cria, crie;
++ struct fcrypt *fcr = filp->private_data;
++ struct csession *cse;
++ struct csession_info info;
++ struct session2_op sop;
++ struct crypt_op cop;
++ struct crypt_kop kop;
++ struct crypt_find_op fop;
++ u_int64_t sid;
++ u_int32_t ses = 0;
++ int feat, fd, error = 0, crid;
++ mm_segment_t fs;
++
++ dprintk("%s(cmd=%x arg=%lx)\n", __FUNCTION__, cmd, arg);
++
++ switch (cmd) {
++
++ case CRIOGET: {
++ dprintk("%s(CRIOGET)\n", __FUNCTION__);
++ fs = get_fs();
++ set_fs(get_ds());
++ for (fd = 0; fd < files_fdtable(current->files)->max_fds; fd++)
++ if (files_fdtable(current->files)->fd[fd] == filp)
++ break;
++ fd = sys_dup(fd);
++ set_fs(fs);
++ put_user(fd, (int *) arg);
++ return IS_ERR_VALUE(fd) ? fd : 0;
++ }
++
++#define CIOCGSESSSTR (cmd == CIOCGSESSION ? "CIOCGSESSION" : "CIOCGSESSION2")
++ case CIOCGSESSION:
++ case CIOCGSESSION2:
++ dprintk("%s(%s)\n", __FUNCTION__, CIOCGSESSSTR);
++ memset(&crie, 0, sizeof(crie));
++ memset(&cria, 0, sizeof(cria));
++ memset(&info, 0, sizeof(info));
++ memset(&sop, 0, sizeof(sop));
++
++ if (copy_from_user(&sop, (void*)arg, (cmd == CIOCGSESSION) ?
++ sizeof(struct session_op) : sizeof(sop))) {
++ dprintk("%s(%s) - bad copy\n", __FUNCTION__, CIOCGSESSSTR);
++ error = EFAULT;
++ goto bail;
++ }
++
++ switch (sop.cipher) {
++ case 0:
++ dprintk("%s(%s) - no cipher\n", __FUNCTION__, CIOCGSESSSTR);
++ break;
++ case CRYPTO_NULL_CBC:
++ info.blocksize = NULL_BLOCK_LEN;
++ info.minkey = NULL_MIN_KEY_LEN;
++ info.maxkey = NULL_MAX_KEY_LEN;
++ break;
++ case CRYPTO_DES_CBC:
++ info.blocksize = DES_BLOCK_LEN;
++ info.minkey = DES_MIN_KEY_LEN;
++ info.maxkey = DES_MAX_KEY_LEN;
++ break;
++ case CRYPTO_3DES_CBC:
++ info.blocksize = DES3_BLOCK_LEN;
++ info.minkey = DES3_MIN_KEY_LEN;
++ info.maxkey = DES3_MAX_KEY_LEN;
++ break;
++ case CRYPTO_BLF_CBC:
++ info.blocksize = BLOWFISH_BLOCK_LEN;
++ info.minkey = BLOWFISH_MIN_KEY_LEN;
++ info.maxkey = BLOWFISH_MAX_KEY_LEN;
++ break;
++ case CRYPTO_CAST_CBC:
++ info.blocksize = CAST128_BLOCK_LEN;
++ info.minkey = CAST128_MIN_KEY_LEN;
++ info.maxkey = CAST128_MAX_KEY_LEN;
++ break;
++ case CRYPTO_SKIPJACK_CBC:
++ info.blocksize = SKIPJACK_BLOCK_LEN;
++ info.minkey = SKIPJACK_MIN_KEY_LEN;
++ info.maxkey = SKIPJACK_MAX_KEY_LEN;
++ break;
++ case CRYPTO_AES_CBC:
++ info.blocksize = AES_BLOCK_LEN;
++ info.minkey = AES_MIN_KEY_LEN;
++ info.maxkey = AES_MAX_KEY_LEN;
++ break;
++ case CRYPTO_ARC4:
++ info.blocksize = ARC4_BLOCK_LEN;
++ info.minkey = ARC4_MIN_KEY_LEN;
++ info.maxkey = ARC4_MAX_KEY_LEN;
++ break;
++ case CRYPTO_CAMELLIA_CBC:
++ info.blocksize = CAMELLIA_BLOCK_LEN;
++ info.minkey = CAMELLIA_MIN_KEY_LEN;
++ info.maxkey = CAMELLIA_MAX_KEY_LEN;
++ break;
++ default:
++ dprintk("%s(%s) - bad cipher\n", __FUNCTION__, CIOCGSESSSTR);
++ error = EINVAL;
++ goto bail;
++ }
++
++ switch (sop.mac) {
++ case 0:
++ dprintk("%s(%s) - no mac\n", __FUNCTION__, CIOCGSESSSTR);
++ break;
++ case CRYPTO_NULL_HMAC:
++ info.authsize = NULL_HASH_LEN;
++ break;
++ case CRYPTO_MD5:
++ info.authsize = MD5_HASH_LEN;
++ break;
++ case CRYPTO_SHA1:
++ info.authsize = SHA1_HASH_LEN;
++ break;
++ case CRYPTO_SHA2_256:
++ info.authsize = SHA2_256_HASH_LEN;
++ break;
++ case CRYPTO_SHA2_384:
++ info.authsize = SHA2_384_HASH_LEN;
++ break;
++ case CRYPTO_SHA2_512:
++ info.authsize = SHA2_512_HASH_LEN;
++ break;
++ case CRYPTO_RIPEMD160:
++ info.authsize = RIPEMD160_HASH_LEN;
++ break;
++ case CRYPTO_MD5_HMAC:
++ info.authsize = MD5_HASH_LEN;
++ info.authkey = 16;
++ break;
++ case CRYPTO_SHA1_HMAC:
++ info.authsize = SHA1_HASH_LEN;
++ info.authkey = 20;
++ break;
++ case CRYPTO_SHA2_256_HMAC:
++ info.authsize = SHA2_256_HASH_LEN;
++ info.authkey = 32;
++ break;
++ case CRYPTO_SHA2_384_HMAC:
++ info.authsize = SHA2_384_HASH_LEN;
++ info.authkey = 48;
++ break;
++ case CRYPTO_SHA2_512_HMAC:
++ info.authsize = SHA2_512_HASH_LEN;
++ info.authkey = 64;
++ break;
++ case CRYPTO_RIPEMD160_HMAC:
++ info.authsize = RIPEMD160_HASH_LEN;
++ info.authkey = 20;
++ break;
++ default:
++ dprintk("%s(%s) - bad mac\n", __FUNCTION__, CIOCGSESSSTR);
++ error = EINVAL;
++ goto bail;
++ }
++
++ if (info.blocksize) {
++ crie.cri_alg = sop.cipher;
++ crie.cri_klen = sop.keylen * 8;
++ if ((info.maxkey && sop.keylen > info.maxkey) ||
++ sop.keylen < info.minkey) {
++ dprintk("%s(%s) - bad key\n", __FUNCTION__, CIOCGSESSSTR);
++ error = EINVAL;
++ goto bail;
++ }
++
++ crie.cri_key = (u_int8_t *) kmalloc(crie.cri_klen/8+1, GFP_KERNEL);
++ if (copy_from_user(crie.cri_key, sop.key,
++ crie.cri_klen/8)) {
++ dprintk("%s(%s) - bad copy\n", __FUNCTION__, CIOCGSESSSTR);
++ error = EFAULT;
++ goto bail;
++ }
++ if (info.authsize)
++ crie.cri_next = &cria;
++ }
++
++ if (info.authsize) {
++ cria.cri_alg = sop.mac;
++ cria.cri_klen = sop.mackeylen * 8;
++ if (info.authkey && sop.mackeylen != info.authkey) {
++ dprintk("%s(%s) - mackeylen %d != %d\n", __FUNCTION__,
++ CIOCGSESSSTR, sop.mackeylen, info.authkey);
++ error = EINVAL;
++ goto bail;
++ }
++
++ if (cria.cri_klen) {
++ cria.cri_key = (u_int8_t *) kmalloc(cria.cri_klen/8,GFP_KERNEL);
++ if (copy_from_user(cria.cri_key, sop.mackey,
++ cria.cri_klen / 8)) {
++ dprintk("%s(%s) - bad copy\n", __FUNCTION__, CIOCGSESSSTR);
++ error = EFAULT;
++ goto bail;
++ }
++ }
++ }
++
++ /* NB: CIOGSESSION2 has the crid */
++ if (cmd == CIOCGSESSION2) {
++ crid = sop.crid;
++ error = checkcrid(crid);
++ if (error) {
++ dprintk("%s(%s) - checkcrid %x\n", __FUNCTION__,
++ CIOCGSESSSTR, error);
++ goto bail;
++ }
++ } else {
++ /* allow either HW or SW to be used */
++ crid = CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE;
++ }
++ error = crypto_newsession(&sid, (info.blocksize ? &crie : &cria), crid);
++ if (error) {
++ dprintk("%s(%s) - newsession %d\n",__FUNCTION__,CIOCGSESSSTR,error);
++ goto bail;
++ }
++
++ cse = csecreate(fcr, sid, &crie, &cria, &info);
++ if (cse == NULL) {
++ crypto_freesession(sid);
++ error = EINVAL;
++ dprintk("%s(%s) - csecreate failed\n", __FUNCTION__, CIOCGSESSSTR);
++ goto bail;
++ }
++ sop.ses = cse->ses;
++
++ if (cmd == CIOCGSESSION2) {
++ /* return hardware/driver id */
++ sop.crid = CRYPTO_SESID2HID(cse->sid);
++ }
++
++ if (copy_to_user((void*)arg, &sop, (cmd == CIOCGSESSION) ?
++ sizeof(struct session_op) : sizeof(sop))) {
++ dprintk("%s(%s) - bad copy\n", __FUNCTION__, CIOCGSESSSTR);
++ error = EFAULT;
++ }
++bail:
++ if (error) {
++ dprintk("%s(%s) - bail %d\n", __FUNCTION__, CIOCGSESSSTR, error);
++ if (crie.cri_key)
++ kfree(crie.cri_key);
++ if (cria.cri_key)
++ kfree(cria.cri_key);
++ }
++ break;
++ case CIOCFSESSION:
++ dprintk("%s(CIOCFSESSION)\n", __FUNCTION__);
++ get_user(ses, (uint32_t*)arg);
++ cse = csefind(fcr, ses);
++ if (cse == NULL) {
++ error = EINVAL;
++ dprintk("%s(CIOCFSESSION) - Fail %d\n", __FUNCTION__, error);
++ break;
++ }
++ csedelete(fcr, cse);
++ error = csefree(cse);
++ break;
++ case CIOCCRYPT:
++ dprintk("%s(CIOCCRYPT)\n", __FUNCTION__);
++ if(copy_from_user(&cop, (void*)arg, sizeof(cop))) {
++ dprintk("%s(CIOCCRYPT) - bad copy\n", __FUNCTION__);
++ error = EFAULT;
++ goto bail;
++ }
++ cse = csefind(fcr, cop.ses);
++ if (cse == NULL) {
++ error = EINVAL;
++ dprintk("%s(CIOCCRYPT) - Fail %d\n", __FUNCTION__, error);
++ break;
++ }
++ error = cryptodev_op(cse, &cop);
++ if(copy_to_user((void*)arg, &cop, sizeof(cop))) {
++ dprintk("%s(CIOCCRYPT) - bad return copy\n", __FUNCTION__);
++ error = EFAULT;
++ goto bail;
++ }
++ break;
++ case CIOCKEY:
++ case CIOCKEY2:
++ dprintk("%s(CIOCKEY)\n", __FUNCTION__);
++ if (!crypto_userasymcrypto)
++ return (EPERM); /* XXX compat? */
++ if(copy_from_user(&kop, (void*)arg, sizeof(kop))) {
++ dprintk("%s(CIOCKEY) - bad copy\n", __FUNCTION__);
++ error = EFAULT;
++ goto bail;
++ }
++ if (cmd == CIOCKEY) {
++ /* NB: crypto core enforces s/w driver use */
++ kop.crk_crid =
++ CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE;
++ }
++ error = cryptodev_key(&kop);
++ if(copy_to_user((void*)arg, &kop, sizeof(kop))) {
++ dprintk("%s(CIOCGKEY) - bad return copy\n", __FUNCTION__);
++ error = EFAULT;
++ goto bail;
++ }
++ break;
++ case CIOCASYMFEAT:
++ dprintk("%s(CIOCASYMFEAT)\n", __FUNCTION__);
++ if (!crypto_userasymcrypto) {
++ /*
++ * NB: if user asym crypto operations are
++ * not permitted return "no algorithms"
++ * so well-behaved applications will just
++ * fallback to doing them in software.
++ */
++ feat = 0;
++ } else
++ error = crypto_getfeat(&feat);
++ if (!error) {
++ error = copy_to_user((void*)arg, &feat, sizeof(feat));
++ }
++ break;
++ case CIOCFINDDEV:
++ if (copy_from_user(&fop, (void*)arg, sizeof(fop))) {
++ dprintk("%s(CIOCFINDDEV) - bad copy\n", __FUNCTION__);
++ error = EFAULT;
++ goto bail;
++ }
++ error = cryptodev_find(&fop);
++ if (copy_to_user((void*)arg, &fop, sizeof(fop))) {
++ dprintk("%s(CIOCFINDDEV) - bad return copy\n", __FUNCTION__);
++ error = EFAULT;
++ goto bail;
++ }
++ break;
++ default:
++ dprintk("%s(unknown ioctl 0x%x)\n", __FUNCTION__, cmd);
++ error = EINVAL;
++ break;
++ }
++ return(-error);
++}
++
++#ifdef HAVE_UNLOCKED_IOCTL
++static long
++cryptodev_unlocked_ioctl(
++ struct file *filp,
++ unsigned int cmd,
++ unsigned long arg)
++{
++ return cryptodev_ioctl(NULL, filp, cmd, arg);
++}
++#endif
++
++static int
++cryptodev_open(struct inode *inode, struct file *filp)
++{
++ struct fcrypt *fcr;
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (filp->private_data) {
++ printk("cryptodev: Private data already exists !\n");
++ return(0);
++ }
++
++ fcr = kmalloc(sizeof(*fcr), GFP_KERNEL);
++ if (!fcr) {
++ dprintk("%s() - malloc failed\n", __FUNCTION__);
++ return(-ENOMEM);
++ }
++ memset(fcr, 0, sizeof(*fcr));
++
++ INIT_LIST_HEAD(&fcr->csessions);
++ filp->private_data = fcr;
++ return(0);
++}
++
++static int
++cryptodev_release(struct inode *inode, struct file *filp)
++{
++ struct fcrypt *fcr = filp->private_data;
++ struct csession *cse, *tmp;
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (!filp) {
++ printk("cryptodev: No private data on release\n");
++ return(0);
++ }
++
++ list_for_each_entry_safe(cse, tmp, &fcr->csessions, list) {
++ list_del(&cse->list);
++ (void)csefree(cse);
++ }
++ filp->private_data = NULL;
++ kfree(fcr);
++ return(0);
++}
++
++static struct file_operations cryptodev_fops = {
++ .owner = THIS_MODULE,
++ .open = cryptodev_open,
++ .release = cryptodev_release,
++ .ioctl = cryptodev_ioctl,
++#ifdef HAVE_UNLOCKED_IOCTL
++ .unlocked_ioctl = cryptodev_unlocked_ioctl,
++#endif
++};
++
++static struct miscdevice cryptodev = {
++ .minor = CRYPTODEV_MINOR,
++ .name = "crypto",
++ .fops = &cryptodev_fops,
++};
++
++static int __init
++cryptodev_init(void)
++{
++ int rc;
++
++ dprintk("%s(%p)\n", __FUNCTION__, cryptodev_init);
++ rc = misc_register(&cryptodev);
++ if (rc) {
++ printk(KERN_ERR "cryptodev: registration of /dev/crypto failed\n");
++ return(rc);
++ }
++
++ return(0);
++}
++
++static void __exit
++cryptodev_exit(void)
++{
++ dprintk("%s()\n", __FUNCTION__);
++ misc_deregister(&cryptodev);
++}
++
++module_init(cryptodev_init);
++module_exit(cryptodev_exit);
++
++MODULE_LICENSE("BSD");
++MODULE_AUTHOR("David McCullough <david_mccullough at mcafee.com>");
++MODULE_DESCRIPTION("Cryptodev (user interface to OCF)");
+diff --git a/crypto/ocf/cryptodev.h b/crypto/ocf/cryptodev.h
+new file mode 100644
+index 0000000..6032317
+--- /dev/null
++++ b/crypto/ocf/cryptodev.h
+@@ -0,0 +1,479 @@
++/* $FreeBSD: src/sys/opencrypto/cryptodev.h,v 1.25 2007/05/09 19:37:02 gnn Exp $ */
++/* $OpenBSD: cryptodev.h,v 1.31 2002/06/11 11:14:29 beck Exp $ */
++
++/*-
++ * Linux port done by David McCullough <david_mccullough at mcafee.com>
++ * Copyright (C) 2006-2010 David McCullough
++ * Copyright (C) 2004-2005 Intel Corporation.
++ * The license and original author are listed below.
++ *
++ * The author of this code is Angelos D. Keromytis (angelos at cis.upenn.edu)
++ * Copyright (c) 2002-2006 Sam Leffler, Errno Consulting
++ *
++ * This code was written by Angelos D. Keromytis in Athens, Greece, in
++ * February 2000. Network Security Technologies Inc. (NSTI) kindly
++ * supported the development of this code.
++ *
++ * Copyright (c) 2000 Angelos D. Keromytis
++ *
++ * Permission to use, copy, and modify this software with or without fee
++ * is hereby granted, provided that this entire notice is included in
++ * all source code copies of any software which is or includes a copy or
++ * modification of this software.
++ *
++ * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
++ * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
++ * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
++ * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
++ * PURPOSE.
++ *
++ * Copyright (c) 2001 Theo de Raadt
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored in part by the Defense Advanced Research Projects
++ * Agency (DARPA) and Air Force Research Laboratory, Air Force
++ * Materiel Command, USAF, under agreement number F30602-01-2-0537.
++ *
++ */
++
++#ifndef _CRYPTO_CRYPTO_H_
++#define _CRYPTO_CRYPTO_H_
++
++/* Some initial values */
++#define CRYPTO_DRIVERS_INITIAL 4
++#define CRYPTO_SW_SESSIONS 32
++
++/* Hash values */
++#define NULL_HASH_LEN 0
++#define MD5_HASH_LEN 16
++#define SHA1_HASH_LEN 20
++#define RIPEMD160_HASH_LEN 20
++#define SHA2_256_HASH_LEN 32
++#define SHA2_384_HASH_LEN 48
++#define SHA2_512_HASH_LEN 64
++#define MD5_KPDK_HASH_LEN 16
++#define SHA1_KPDK_HASH_LEN 20
++/* Maximum hash algorithm result length */
++#define HASH_MAX_LEN SHA2_512_HASH_LEN /* Keep this updated */
++
++/* HMAC values */
++#define NULL_HMAC_BLOCK_LEN 1
++#define MD5_HMAC_BLOCK_LEN 64
++#define SHA1_HMAC_BLOCK_LEN 64
++#define RIPEMD160_HMAC_BLOCK_LEN 64
++#define SHA2_256_HMAC_BLOCK_LEN 64
++#define SHA2_384_HMAC_BLOCK_LEN 128
++#define SHA2_512_HMAC_BLOCK_LEN 128
++/* Maximum HMAC block length */
++#define HMAC_MAX_BLOCK_LEN SHA2_512_HMAC_BLOCK_LEN /* Keep this updated */
++#define HMAC_IPAD_VAL 0x36
++#define HMAC_OPAD_VAL 0x5C
++
++/* Encryption algorithm block sizes */
++#define NULL_BLOCK_LEN 1
++#define DES_BLOCK_LEN 8
++#define DES3_BLOCK_LEN 8
++#define BLOWFISH_BLOCK_LEN 8
++#define SKIPJACK_BLOCK_LEN 8
++#define CAST128_BLOCK_LEN 8
++#define RIJNDAEL128_BLOCK_LEN 16
++#define AES_BLOCK_LEN RIJNDAEL128_BLOCK_LEN
++#define CAMELLIA_BLOCK_LEN 16
++#define ARC4_BLOCK_LEN 1
++#define EALG_MAX_BLOCK_LEN AES_BLOCK_LEN /* Keep this updated */
++
++/* Encryption algorithm min and max key sizes */
++#define NULL_MIN_KEY_LEN 0
++#define NULL_MAX_KEY_LEN 0
++#define DES_MIN_KEY_LEN 8
++#define DES_MAX_KEY_LEN 8
++#define DES3_MIN_KEY_LEN 24
++#define DES3_MAX_KEY_LEN 24
++#define BLOWFISH_MIN_KEY_LEN 4
++#define BLOWFISH_MAX_KEY_LEN 56
++#define SKIPJACK_MIN_KEY_LEN 10
++#define SKIPJACK_MAX_KEY_LEN 10
++#define CAST128_MIN_KEY_LEN 5
++#define CAST128_MAX_KEY_LEN 16
++#define RIJNDAEL128_MIN_KEY_LEN 16
++#define RIJNDAEL128_MAX_KEY_LEN 32
++#define AES_MIN_KEY_LEN RIJNDAEL128_MIN_KEY_LEN
++#define AES_MAX_KEY_LEN RIJNDAEL128_MAX_KEY_LEN
++#define CAMELLIA_MIN_KEY_LEN 16
++#define CAMELLIA_MAX_KEY_LEN 32
++#define ARC4_MIN_KEY_LEN 1
++#define ARC4_MAX_KEY_LEN 256
++
++/* Max size of data that can be processed */
++#define CRYPTO_MAX_DATA_LEN 64*1024 - 1
++
++#define CRYPTO_ALGORITHM_MIN 1
++#define CRYPTO_DES_CBC 1
++#define CRYPTO_3DES_CBC 2
++#define CRYPTO_BLF_CBC 3
++#define CRYPTO_CAST_CBC 4
++#define CRYPTO_SKIPJACK_CBC 5
++#define CRYPTO_MD5_HMAC 6
++#define CRYPTO_SHA1_HMAC 7
++#define CRYPTO_RIPEMD160_HMAC 8
++#define CRYPTO_MD5_KPDK 9
++#define CRYPTO_SHA1_KPDK 10
++#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
++#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
++#define CRYPTO_ARC4 12
++#define CRYPTO_MD5 13
++#define CRYPTO_SHA1 14
++#define CRYPTO_NULL_HMAC 15
++#define CRYPTO_NULL_CBC 16
++#define CRYPTO_DEFLATE_COMP 17 /* Deflate compression algorithm */
++#define CRYPTO_SHA2_256_HMAC 18
++#define CRYPTO_SHA2_384_HMAC 19
++#define CRYPTO_SHA2_512_HMAC 20
++#define CRYPTO_CAMELLIA_CBC 21
++#define CRYPTO_SHA2_256 22
++#define CRYPTO_SHA2_384 23
++#define CRYPTO_SHA2_512 24
++#define CRYPTO_RIPEMD160 25
++#define CRYPTO_ALGORITHM_MAX 25 /* Keep updated - see below */
++
++/* Algorithm flags */
++#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */
++#define CRYPTO_ALG_FLAG_RNG_ENABLE 0x02 /* Has HW RNG for DH/DSA */
++#define CRYPTO_ALG_FLAG_DSA_SHA 0x04 /* Can do SHA on msg */
++
++/*
++ * Crypto driver/device flags. They can set in the crid
++ * parameter when creating a session or submitting a key
++ * op to affect the device/driver assigned. If neither
++ * of these are specified then the crid is assumed to hold
++ * the driver id of an existing (and suitable) device that
++ * must be used to satisfy the request.
++ */
++#define CRYPTO_FLAG_HARDWARE 0x01000000 /* hardware accelerated */
++#define CRYPTO_FLAG_SOFTWARE 0x02000000 /* software implementation */
++
++/* NB: deprecated */
++struct session_op {
++ u_int32_t cipher; /* ie. CRYPTO_DES_CBC */
++ u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
++
++ u_int32_t keylen; /* cipher key */
++ caddr_t key;
++ int mackeylen; /* mac key */
++ caddr_t mackey;
++
++ u_int32_t ses; /* returns: session # */
++};
++
++struct session2_op {
++ u_int32_t cipher; /* ie. CRYPTO_DES_CBC */
++ u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
++
++ u_int32_t keylen; /* cipher key */
++ caddr_t key;
++ int mackeylen; /* mac key */
++ caddr_t mackey;
++
++ u_int32_t ses; /* returns: session # */
++ int crid; /* driver id + flags (rw) */
++ int pad[4]; /* for future expansion */
++};
++
++struct crypt_op {
++ u_int32_t ses;
++ u_int16_t op; /* i.e. COP_ENCRYPT */
++#define COP_NONE 0
++#define COP_ENCRYPT 1
++#define COP_DECRYPT 2
++ u_int16_t flags;
++#define COP_F_BATCH 0x0008 /* Batch op if possible */
++ u_int len;
++ caddr_t src, dst; /* become iov[] inside kernel */
++ caddr_t mac; /* must be big enough for chosen MAC */
++ caddr_t iv;
++};
++
++/*
++ * Parameters for looking up a crypto driver/device by
++ * device name or by id. The latter are returned for
++ * created sessions (crid) and completed key operations.
++ */
++struct crypt_find_op {
++ int crid; /* driver id + flags */
++ char name[32]; /* device/driver name */
++};
++
++/* bignum parameter, in packed bytes, ... */
++struct crparam {
++ caddr_t crp_p;
++ u_int crp_nbits;
++};
++
++#define CRK_MAXPARAM 8
++
++struct crypt_kop {
++ u_int crk_op; /* ie. CRK_MOD_EXP or other */
++ u_int crk_status; /* return status */
++ u_short crk_iparams; /* # of input parameters */
++ u_short crk_oparams; /* # of output parameters */
++ u_int crk_crid; /* NB: only used by CIOCKEY2 (rw) */
++ struct crparam crk_param[CRK_MAXPARAM];
++};
++#define CRK_ALGORITM_MIN 0
++#define CRK_MOD_EXP 0
++#define CRK_MOD_EXP_CRT 1
++#define CRK_DSA_SIGN 2
++#define CRK_DSA_VERIFY 3
++#define CRK_DH_COMPUTE_KEY 4
++#define CRK_ALGORITHM_MAX 4 /* Keep updated - see below */
++
++#define CRF_MOD_EXP (1 << CRK_MOD_EXP)
++#define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT)
++#define CRF_DSA_SIGN (1 << CRK_DSA_SIGN)
++#define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY)
++#define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY)
++
++/*
++ * done against open of /dev/crypto, to get a cloned descriptor.
++ * Please use F_SETFD against the cloned descriptor.
++ */
++#define CRIOGET _IOWR('c', 100, u_int32_t)
++#define CRIOASYMFEAT CIOCASYMFEAT
++#define CRIOFINDDEV CIOCFINDDEV
++
++/* the following are done against the cloned descriptor */
++#define CIOCGSESSION _IOWR('c', 101, struct session_op)
++#define CIOCFSESSION _IOW('c', 102, u_int32_t)
++#define CIOCCRYPT _IOWR('c', 103, struct crypt_op)
++#define CIOCKEY _IOWR('c', 104, struct crypt_kop)
++#define CIOCASYMFEAT _IOR('c', 105, u_int32_t)
++#define CIOCGSESSION2 _IOWR('c', 106, struct session2_op)
++#define CIOCKEY2 _IOWR('c', 107, struct crypt_kop)
++#define CIOCFINDDEV _IOWR('c', 108, struct crypt_find_op)
++
++struct cryptotstat {
++ struct timespec acc; /* total accumulated time */
++ struct timespec min; /* min time */
++ struct timespec max; /* max time */
++ u_int32_t count; /* number of observations */
++};
++
++struct cryptostats {
++ u_int32_t cs_ops; /* symmetric crypto ops submitted */
++ u_int32_t cs_errs; /* symmetric crypto ops that failed */
++ u_int32_t cs_kops; /* asymetric/key ops submitted */
++ u_int32_t cs_kerrs; /* asymetric/key ops that failed */
++ u_int32_t cs_intrs; /* crypto swi thread activations */
++ u_int32_t cs_rets; /* crypto return thread activations */
++ u_int32_t cs_blocks; /* symmetric op driver block */
++ u_int32_t cs_kblocks; /* symmetric op driver block */
++ /*
++ * When CRYPTO_TIMING is defined at compile time and the
++ * sysctl debug.crypto is set to 1, the crypto system will
++ * accumulate statistics about how long it takes to process
++ * crypto requests at various points during processing.
++ */
++ struct cryptotstat cs_invoke; /* crypto_dipsatch -> crypto_invoke */
++ struct cryptotstat cs_done; /* crypto_invoke -> crypto_done */
++ struct cryptotstat cs_cb; /* crypto_done -> callback */
++ struct cryptotstat cs_finis; /* callback -> callback return */
++
++ u_int32_t cs_drops; /* crypto ops dropped due to congestion */
++};
++
++#ifdef __KERNEL__
++
++/* Standard initialization structure beginning */
++struct cryptoini {
++ int cri_alg; /* Algorithm to use */
++ int cri_klen; /* Key length, in bits */
++ int cri_mlen; /* Number of bytes we want from the
++ entire hash. 0 means all. */
++ caddr_t cri_key; /* key to use */
++ u_int8_t cri_iv[EALG_MAX_BLOCK_LEN]; /* IV to use */
++ struct cryptoini *cri_next;
++};
++
++/* Describe boundaries of a single crypto operation */
++struct cryptodesc {
++ int crd_skip; /* How many bytes to ignore from start */
++ int crd_len; /* How many bytes to process */
++ int crd_inject; /* Where to inject results, if applicable */
++ int crd_flags;
++
++#define CRD_F_ENCRYPT 0x01 /* Set when doing encryption */
++#define CRD_F_IV_PRESENT 0x02 /* When encrypting, IV is already in
++ place, so don't copy. */
++#define CRD_F_IV_EXPLICIT 0x04 /* IV explicitly provided */
++#define CRD_F_DSA_SHA_NEEDED 0x08 /* Compute SHA-1 of buffer for DSA */
++#define CRD_F_KEY_EXPLICIT 0x10 /* Key explicitly provided */
++#define CRD_F_COMP 0x0f /* Set when doing compression */
++
++ struct cryptoini CRD_INI; /* Initialization/context data */
++#define crd_iv CRD_INI.cri_iv
++#define crd_key CRD_INI.cri_key
++#define crd_alg CRD_INI.cri_alg
++#define crd_klen CRD_INI.cri_klen
++#define crd_mlen CRD_INI.cri_mlen
++
++ struct cryptodesc *crd_next;
++};
++
++/* Structure describing complete operation */
++struct cryptop {
++ struct list_head crp_next;
++ wait_queue_head_t crp_waitq;
++
++ u_int64_t crp_sid; /* Session ID */
++ int crp_ilen; /* Input data total length */
++ int crp_olen; /* Result total length */
++
++ int crp_etype; /*
++ * Error type (zero means no error).
++ * All error codes except EAGAIN
++ * indicate possible data corruption (as in,
++ * the data have been touched). On all
++ * errors, the crp_sid may have changed
++ * (reset to a new one), so the caller
++ * should always check and use the new
++ * value on future requests.
++ */
++ int crp_flags;
++
++#define CRYPTO_F_SKBUF 0x0001 /* Input/output are skbuf chains */
++#define CRYPTO_F_IOV 0x0002 /* Input/output are uio */
++#define CRYPTO_F_REL 0x0004 /* Must return data in same place */
++#define CRYPTO_F_BATCH 0x0008 /* Batch op if possible */
++#define CRYPTO_F_CBIMM 0x0010 /* Do callback immediately */
++#define CRYPTO_F_DONE 0x0020 /* Operation completed */
++#define CRYPTO_F_CBIFSYNC 0x0040 /* Do CBIMM if op is synchronous */
++
++ caddr_t crp_buf; /* Data to be processed */
++ caddr_t crp_opaque; /* Opaque pointer, passed along */
++ struct cryptodesc *crp_desc; /* Linked list of processing descriptors */
++
++ int (*crp_callback)(struct cryptop *); /* Callback function */
++};
++
++#define CRYPTO_BUF_CONTIG 0x0
++#define CRYPTO_BUF_IOV 0x1
++#define CRYPTO_BUF_SKBUF 0x2
++
++#define CRYPTO_OP_DECRYPT 0x0
++#define CRYPTO_OP_ENCRYPT 0x1
++
++/*
++ * Hints passed to process methods.
++ */
++#define CRYPTO_HINT_MORE 0x1 /* more ops coming shortly */
++
++struct cryptkop {
++ struct list_head krp_next;
++ wait_queue_head_t krp_waitq;
++
++ int krp_flags;
++#define CRYPTO_KF_DONE 0x0001 /* Operation completed */
++#define CRYPTO_KF_CBIMM 0x0002 /* Do callback immediately */
++
++ u_int krp_op; /* ie. CRK_MOD_EXP or other */
++ u_int krp_status; /* return status */
++ u_short krp_iparams; /* # of input parameters */
++ u_short krp_oparams; /* # of output parameters */
++ u_int krp_crid; /* desired device, etc. */
++ u_int32_t krp_hid;
++ struct crparam krp_param[CRK_MAXPARAM]; /* kvm */
++ int (*krp_callback)(struct cryptkop *);
++};
++
++#include <ocf-compat.h>
++
++/*
++ * Session ids are 64 bits. The lower 32 bits contain a "local id" which
++ * is a driver-private session identifier. The upper 32 bits contain a
++ * "hardware id" used by the core crypto code to identify the driver and
++ * a copy of the driver's capabilities that can be used by client code to
++ * optimize operation.
++ */
++#define CRYPTO_SESID2HID(_sid) (((_sid) >> 32) & 0x00ffffff)
++#define CRYPTO_SESID2CAPS(_sid) (((_sid) >> 32) & 0xff000000)
++#define CRYPTO_SESID2LID(_sid) (((u_int32_t) (_sid)) & 0xffffffff)
++
++extern int crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard);
++extern int crypto_freesession(u_int64_t sid);
++#define CRYPTOCAP_F_HARDWARE CRYPTO_FLAG_HARDWARE
++#define CRYPTOCAP_F_SOFTWARE CRYPTO_FLAG_SOFTWARE
++#define CRYPTOCAP_F_SYNC 0x04000000 /* operates synchronously */
++extern int32_t crypto_get_driverid(device_t dev, int flags);
++extern int crypto_find_driver(const char *);
++extern device_t crypto_find_device_byhid(int hid);
++extern int crypto_getcaps(int hid);
++extern int crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen,
++ u_int32_t flags);
++extern int crypto_kregister(u_int32_t, int, u_int32_t);
++extern int crypto_unregister(u_int32_t driverid, int alg);
++extern int crypto_unregister_all(u_int32_t driverid);
++extern int crypto_dispatch(struct cryptop *crp);
++extern int crypto_kdispatch(struct cryptkop *);
++#define CRYPTO_SYMQ 0x1
++#define CRYPTO_ASYMQ 0x2
++extern int crypto_unblock(u_int32_t, int);
++extern void crypto_done(struct cryptop *crp);
++extern void crypto_kdone(struct cryptkop *);
++extern int crypto_getfeat(int *);
++
++extern void crypto_freereq(struct cryptop *crp);
++extern struct cryptop *crypto_getreq(int num);
++
++extern int crypto_usercrypto; /* userland may do crypto requests */
++extern int crypto_userasymcrypto; /* userland may do asym crypto reqs */
++extern int crypto_devallowsoft; /* only use hardware crypto */
++
++/*
++ * random number support, crypto_unregister_all will unregister
++ */
++extern int crypto_rregister(u_int32_t driverid,
++ int (*read_random)(void *arg, u_int32_t *buf, int len), void *arg);
++extern int crypto_runregister_all(u_int32_t driverid);
++
++/*
++ * Crypto-related utility routines used mainly by drivers.
++ *
++ * XXX these don't really belong here; but for now they're
++ * kept apart from the rest of the system.
++ */
++struct uio;
++extern void cuio_copydata(struct uio* uio, int off, int len, caddr_t cp);
++extern void cuio_copyback(struct uio* uio, int off, int len, caddr_t cp);
++extern struct iovec *cuio_getptr(struct uio *uio, int loc, int *off);
++
++extern void crypto_copyback(int flags, caddr_t buf, int off, int size,
++ caddr_t in);
++extern void crypto_copydata(int flags, caddr_t buf, int off, int size,
++ caddr_t out);
++extern int crypto_apply(int flags, caddr_t buf, int off, int len,
++ int (*f)(void *, void *, u_int), void *arg);
++
++#endif /* __KERNEL__ */
++#endif /* _CRYPTO_CRYPTO_H_ */
+diff --git a/crypto/ocf/cryptosoft.c b/crypto/ocf/cryptosoft.c
+new file mode 100644
+index 0000000..52e1570
+--- /dev/null
++++ b/crypto/ocf/cryptosoft.c
+@@ -0,0 +1,1210 @@
++/*
++ * An OCF module that uses the linux kernel cryptoapi, based on the
++ * original cryptosoft for BSD by Angelos D. Keromytis (angelos at cis.upenn.edu)
++ * but is mostly unrecognisable,
++ *
++ * Written by David McCullough <david_mccullough at mcafee.com>
++ * Copyright (C) 2004-2010 David McCullough
++ * Copyright (C) 2004-2005 Intel Corporation.
++ *
++ * LICENSE TERMS
++ *
++ * The free distribution and use of this software in both source and binary
++ * form is allowed (with or without changes) provided that:
++ *
++ * 1. distributions of this source code include the above copyright
++ * notice, this list of conditions and the following disclaimer;
++ *
++ * 2. distributions in binary form include the above copyright
++ * notice, this list of conditions and the following disclaimer
++ * in the documentation and/or other associated materials;
++ *
++ * 3. the copyright holder's name is not used to endorse products
++ * built using this software without specific written permission.
++ *
++ * ALTERNATIVELY, provided that this notice is retained in full, this product
++ * may be distributed under the terms of the GNU General Public License (GPL),
++ * in which case the provisions of the GPL apply INSTEAD OF those given above.
++ *
++ * DISCLAIMER
++ *
++ * This software is provided 'as is' with no explicit or implied warranties
++ * in respect of its properties, including, but not limited to, correctness
++ * and/or fitness for purpose.
++ * ---------------------------------------------------------------------------
++ */
++
++#ifndef AUTOCONF_INCLUDED
++#include <linux/config.h>
++#endif
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/list.h>
++#include <linux/slab.h>
++#include <linux/sched.h>
++#include <linux/wait.h>
++#include <linux/crypto.h>
++#include <linux/mm.h>
++#include <linux/skbuff.h>
++#include <linux/random.h>
++#include <linux/version.h>
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,10)
++#include <linux/scatterlist.h>
++#endif
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,29)
++#include <crypto/hash.h>
++#endif
++
++#include <cryptodev.h>
++#include <uio.h>
++
++struct {
++ softc_device_decl sc_dev;
++} swcr_softc;
++
++#define offset_in_page(p) ((unsigned long)(p) & ~PAGE_MASK)
++
++#define SW_TYPE_CIPHER 0x01
++#define SW_TYPE_HMAC 0x02
++#define SW_TYPE_HASH 0x04
++#define SW_TYPE_COMP 0x08
++#define SW_TYPE_BLKCIPHER 0x10
++#define SW_TYPE_ALG_MASK 0x1f
++
++#define SW_TYPE_ASYNC 0x8000
++
++/* We change some of the above if we have an async interface */
++
++#define SW_TYPE_ALG_AMASK (SW_TYPE_ALG_MASK | SW_TYPE_ASYNC)
++
++#define SW_TYPE_ABLKCIPHER (SW_TYPE_BLKCIPHER | SW_TYPE_ASYNC)
++#define SW_TYPE_AHASH (SW_TYPE_HASH | SW_TYPE_ASYNC)
++#define SW_TYPE_AHMAC (SW_TYPE_HMAC | SW_TYPE_ASYNC)
++
++#define SCATTERLIST_MAX 16
++
++struct swcr_data {
++ int sw_type;
++ int sw_alg;
++ struct crypto_tfm *sw_tfm;
++ union {
++ struct {
++ char *sw_key;
++ int sw_klen;
++ int sw_mlen;
++ } hmac;
++ void *sw_comp_buf;
++ } u;
++ struct swcr_data *sw_next;
++};
++
++struct swcr_req {
++ struct swcr_data *sw_head;
++ struct swcr_data *sw;
++ struct cryptop *crp;
++ struct cryptodesc *crd;
++ struct scatterlist sg[SCATTERLIST_MAX];
++ unsigned char iv[EALG_MAX_BLOCK_LEN];
++ char result[HASH_MAX_LEN];
++ void *crypto_req;
++};
++
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,20)
++static kmem_cache_t *swcr_req_cache;
++#else
++static struct kmem_cache *swcr_req_cache;
++#endif
++
++#ifndef CRYPTO_TFM_MODE_CBC
++/*
++ * As of linux-2.6.21 this is no longer defined, and presumably no longer
++ * needed to be passed into the crypto core code.
++ */
++#define CRYPTO_TFM_MODE_CBC 0
++#define CRYPTO_TFM_MODE_ECB 0
++#endif
++
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
++ /*
++ * Linux 2.6.19 introduced a new Crypto API, setup macro's to convert new
++ * API into old API.
++ */
++
++ /* Symmetric/Block Cipher */
++ struct blkcipher_desc
++ {
++ struct crypto_tfm *tfm;
++ void *info;
++ };
++ #define ecb(X) #X , CRYPTO_TFM_MODE_ECB
++ #define cbc(X) #X , CRYPTO_TFM_MODE_CBC
++ #define crypto_has_blkcipher(X, Y, Z) crypto_alg_available(X, 0)
++ #define crypto_blkcipher_cast(X) X
++ #define crypto_blkcipher_tfm(X) X
++ #define crypto_alloc_blkcipher(X, Y, Z) crypto_alloc_tfm(X, mode)
++ #define crypto_blkcipher_ivsize(X) crypto_tfm_alg_ivsize(X)
++ #define crypto_blkcipher_blocksize(X) crypto_tfm_alg_blocksize(X)
++ #define crypto_blkcipher_setkey(X, Y, Z) crypto_cipher_setkey(X, Y, Z)
++ #define crypto_blkcipher_encrypt_iv(W, X, Y, Z) \
++ crypto_cipher_encrypt_iv((W)->tfm, X, Y, Z, (u8 *)((W)->info))
++ #define crypto_blkcipher_decrypt_iv(W, X, Y, Z) \
++ crypto_cipher_decrypt_iv((W)->tfm, X, Y, Z, (u8 *)((W)->info))
++ #define crypto_blkcipher_set_flags(x, y) /* nop */
++
++ /* Hash/HMAC/Digest */
++ struct hash_desc
++ {
++ struct crypto_tfm *tfm;
++ };
++ #define hmac(X) #X , 0
++ #define crypto_has_hash(X, Y, Z) crypto_alg_available(X, 0)
++ #define crypto_hash_cast(X) X
++ #define crypto_hash_tfm(X) X
++ #define crypto_alloc_hash(X, Y, Z) crypto_alloc_tfm(X, mode)
++ #define crypto_hash_digestsize(X) crypto_tfm_alg_digestsize(X)
++ #define crypto_hash_digest(W, X, Y, Z) \
++ crypto_digest_digest((W)->tfm, X, sg_num, Z)
++
++ /* Asymmetric Cipher */
++ #define crypto_has_cipher(X, Y, Z) crypto_alg_available(X, 0)
++
++ /* Compression */
++ #define crypto_has_comp(X, Y, Z) crypto_alg_available(X, 0)
++ #define crypto_comp_tfm(X) X
++ #define crypto_comp_cast(X) X
++ #define crypto_alloc_comp(X, Y, Z) crypto_alloc_tfm(X, mode)
++ #define plain(X) #X , 0
++#else
++ #define ecb(X) "ecb(" #X ")" , 0
++ #define cbc(X) "cbc(" #X ")" , 0
++ #define hmac(X) "hmac(" #X ")" , 0
++ #define plain(X) #X , 0
++#endif /* if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19) */
++
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,22)
++/* no ablkcipher in older kernels */
++#define crypto_alloc_ablkcipher(a,b,c) (NULL)
++#define crypto_ablkcipher_tfm(x) ((struct crypto_tfm *)(x))
++#define crypto_ablkcipher_set_flags(a, b) /* nop */
++#define crypto_ablkcipher_setkey(x, y, z) (-EINVAL)
++#define crypto_has_ablkcipher(a,b,c) (0)
++#else
++#define HAVE_ABLKCIPHER
++#endif
++
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,32)
++/* no ahash in older kernels */
++#define crypto_ahash_tfm(x) ((struct crypto_tfm *)(x))
++#define crypto_alloc_ahash(a,b,c) (NULL)
++#define crypto_ahash_digestsize(x) 0
++#else
++#define HAVE_AHASH
++#endif
++
++struct crypto_details {
++ char *alg_name;
++ int mode;
++ int sw_type;
++};
++
++static struct crypto_details crypto_details[] = {
++ [CRYPTO_DES_CBC] = { cbc(des), SW_TYPE_BLKCIPHER, },
++ [CRYPTO_3DES_CBC] = { cbc(des3_ede), SW_TYPE_BLKCIPHER, },
++ [CRYPTO_BLF_CBC] = { cbc(blowfish), SW_TYPE_BLKCIPHER, },
++ [CRYPTO_CAST_CBC] = { cbc(cast5), SW_TYPE_BLKCIPHER, },
++ [CRYPTO_SKIPJACK_CBC] = { cbc(skipjack), SW_TYPE_BLKCIPHER, },
++ [CRYPTO_MD5_HMAC] = { hmac(md5), SW_TYPE_HMAC, },
++ [CRYPTO_SHA1_HMAC] = { hmac(sha1), SW_TYPE_HMAC, },
++ [CRYPTO_RIPEMD160_HMAC] = { hmac(ripemd160), SW_TYPE_HMAC, },
++ [CRYPTO_MD5_KPDK] = { plain(md5-kpdk), SW_TYPE_HASH, },
++ [CRYPTO_SHA1_KPDK] = { plain(sha1-kpdk), SW_TYPE_HASH, },
++ [CRYPTO_AES_CBC] = { cbc(aes), SW_TYPE_BLKCIPHER, },
++ [CRYPTO_ARC4] = { ecb(arc4), SW_TYPE_BLKCIPHER, },
++ [CRYPTO_MD5] = { plain(md5), SW_TYPE_HASH, },
++ [CRYPTO_SHA1] = { plain(sha1), SW_TYPE_HASH, },
++ [CRYPTO_NULL_HMAC] = { hmac(digest_null), SW_TYPE_HMAC, },
++ [CRYPTO_NULL_CBC] = { cbc(cipher_null), SW_TYPE_BLKCIPHER, },
++ [CRYPTO_DEFLATE_COMP] = { plain(deflate), SW_TYPE_COMP, },
++ [CRYPTO_SHA2_256_HMAC] = { hmac(sha256), SW_TYPE_HMAC, },
++ [CRYPTO_SHA2_384_HMAC] = { hmac(sha384), SW_TYPE_HMAC, },
++ [CRYPTO_SHA2_512_HMAC] = { hmac(sha512), SW_TYPE_HMAC, },
++ [CRYPTO_CAMELLIA_CBC] = { cbc(camellia), SW_TYPE_BLKCIPHER, },
++ [CRYPTO_SHA2_256] = { plain(sha256), SW_TYPE_HASH, },
++ [CRYPTO_SHA2_384] = { plain(sha384), SW_TYPE_HASH, },
++ [CRYPTO_SHA2_512] = { plain(sha512), SW_TYPE_HASH, },
++ [CRYPTO_RIPEMD160] = { plain(ripemd160), SW_TYPE_HASH, },
++};
++
++int32_t swcr_id = -1;
++module_param(swcr_id, int, 0444);
++MODULE_PARM_DESC(swcr_id, "Read-Only OCF ID for cryptosoft driver");
++
++int swcr_fail_if_compression_grows = 1;
++module_param(swcr_fail_if_compression_grows, int, 0644);
++MODULE_PARM_DESC(swcr_fail_if_compression_grows,
++ "Treat compression that results in more data as a failure");
++
++int swcr_no_ahash = 0;
++module_param(swcr_no_ahash, int, 0644);
++MODULE_PARM_DESC(swcr_no_ahash,
++ "Do not use async hash/hmac even if available");
++
++int swcr_no_ablk = 0;
++module_param(swcr_no_ablk, int, 0644);
++MODULE_PARM_DESC(swcr_no_ablk,
++ "Do not use async blk ciphers even if available");
++
++static struct swcr_data **swcr_sessions = NULL;
++static u_int32_t swcr_sesnum = 0;
++
++static int swcr_process(device_t, struct cryptop *, int);
++static int swcr_newsession(device_t, u_int32_t *, struct cryptoini *);
++static int swcr_freesession(device_t, u_int64_t);
++
++static device_method_t swcr_methods = {
++ /* crypto device methods */
++ DEVMETHOD(cryptodev_newsession, swcr_newsession),
++ DEVMETHOD(cryptodev_freesession,swcr_freesession),
++ DEVMETHOD(cryptodev_process, swcr_process),
++};
++
++#define debug swcr_debug
++int swcr_debug = 0;
++module_param(swcr_debug, int, 0644);
++MODULE_PARM_DESC(swcr_debug, "Enable debug");
++
++static void swcr_process_req(struct swcr_req *req);
++
++/*
++ * Generate a new software session.
++ */
++static int
++swcr_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
++{
++ struct swcr_data **swd;
++ u_int32_t i;
++ int error;
++ char *algo;
++ int mode;
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (sid == NULL || cri == NULL) {
++ dprintk("%s,%d - EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ if (swcr_sessions) {
++ for (i = 1; i < swcr_sesnum; i++)
++ if (swcr_sessions[i] == NULL)
++ break;
++ } else
++ i = 1; /* NB: to silence compiler warning */
++
++ if (swcr_sessions == NULL || i == swcr_sesnum) {
++ if (swcr_sessions == NULL) {
++ i = 1; /* We leave swcr_sessions[0] empty */
++ swcr_sesnum = CRYPTO_SW_SESSIONS;
++ } else
++ swcr_sesnum *= 2;
++
++ swd = kmalloc(swcr_sesnum * sizeof(struct swcr_data *), SLAB_ATOMIC);
++ if (swd == NULL) {
++ /* Reset session number */
++ if (swcr_sesnum == CRYPTO_SW_SESSIONS)
++ swcr_sesnum = 0;
++ else
++ swcr_sesnum /= 2;
++ dprintk("%s,%d: ENOBUFS\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ memset(swd, 0, swcr_sesnum * sizeof(struct swcr_data *));
++
++ /* Copy existing sessions */
++ if (swcr_sessions) {
++ memcpy(swd, swcr_sessions,
++ (swcr_sesnum / 2) * sizeof(struct swcr_data *));
++ kfree(swcr_sessions);
++ }
++
++ swcr_sessions = swd;
++ }
++
++ swd = &swcr_sessions[i];
++ *sid = i;
++
++ while (cri) {
++ *swd = (struct swcr_data *) kmalloc(sizeof(struct swcr_data),
++ SLAB_ATOMIC);
++ if (*swd == NULL) {
++ swcr_freesession(NULL, i);
++ dprintk("%s,%d: ENOBUFS\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ memset(*swd, 0, sizeof(struct swcr_data));
++
++ if (cri->cri_alg < 0 ||
++ cri->cri_alg>=sizeof(crypto_details)/sizeof(crypto_details[0])){
++ printk("cryptosoft: Unknown algorithm 0x%x\n", cri->cri_alg);
++ swcr_freesession(NULL, i);
++ return EINVAL;
++ }
++
++ algo = crypto_details[cri->cri_alg].alg_name;
++ if (!algo || !*algo) {
++ printk("cryptosoft: Unsupported algorithm 0x%x\n", cri->cri_alg);
++ swcr_freesession(NULL, i);
++ return EINVAL;
++ }
++
++ mode = crypto_details[cri->cri_alg].mode;
++ (*swd)->sw_type = crypto_details[cri->cri_alg].sw_type;
++ (*swd)->sw_alg = cri->cri_alg;
++
++ /* Algorithm specific configuration */
++ switch (cri->cri_alg) {
++ case CRYPTO_NULL_CBC:
++ cri->cri_klen = 0; /* make it work with crypto API */
++ break;
++ default:
++ break;
++ }
++
++ if ((*swd)->sw_type & SW_TYPE_BLKCIPHER) {
++ dprintk("%s crypto_alloc_*blkcipher(%s, 0x%x)\n", __FUNCTION__,
++ algo, mode);
++
++ /* try async first */
++ (*swd)->sw_tfm = swcr_no_ablk ? NULL :
++ crypto_ablkcipher_tfm(crypto_alloc_ablkcipher(algo, 0, 0));
++ if ((*swd)->sw_tfm) {
++ dprintk("%s %s cipher is async\n", __FUNCTION__, algo);
++ (*swd)->sw_type |= SW_TYPE_ASYNC;
++ } else {
++ dprintk("%s %s cipher is sync\n", __FUNCTION__, algo);
++ (*swd)->sw_tfm = crypto_blkcipher_tfm(
++ crypto_alloc_blkcipher(algo, 0, CRYPTO_ALG_ASYNC));
++ }
++ if (!(*swd)->sw_tfm) {
++ dprintk("cryptosoft: crypto_alloc_blkcipher failed(%s, 0x%x)\n",
++ algo,mode);
++ swcr_freesession(NULL, i);
++ return EINVAL;
++ }
++
++ if (debug) {
++ dprintk("%s key:cri->cri_klen=%d,(cri->cri_klen + 7)/8=%d",
++ __FUNCTION__, cri->cri_klen, (cri->cri_klen + 7) / 8);
++ for (i = 0; i < (cri->cri_klen + 7) / 8; i++)
++ dprintk("%s0x%x", (i % 8) ? " " : "\n ",
++ cri->cri_key[i] & 0xff);
++ dprintk("\n");
++ }
++ if ((*swd)->sw_type & SW_TYPE_ASYNC) {
++ /* OCF doesn't enforce keys */
++ crypto_ablkcipher_set_flags(
++ __crypto_ablkcipher_cast((*swd)->sw_tfm),
++ CRYPTO_TFM_REQ_WEAK_KEY);
++ error = crypto_ablkcipher_setkey(
++ __crypto_ablkcipher_cast((*swd)->sw_tfm),
++ cri->cri_key, (cri->cri_klen + 7) / 8);
++ } else {
++ /* OCF doesn't enforce keys */
++ crypto_blkcipher_set_flags(
++ crypto_blkcipher_cast((*swd)->sw_tfm),
++ CRYPTO_TFM_REQ_WEAK_KEY);
++ error = crypto_blkcipher_setkey(
++ crypto_blkcipher_cast((*swd)->sw_tfm),
++ cri->cri_key, (cri->cri_klen + 7) / 8);
++ }
++ if (error) {
++ printk("cryptosoft: setkey failed %d (crt_flags=0x%x)\n", error,
++ (*swd)->sw_tfm->crt_flags);
++ swcr_freesession(NULL, i);
++ return error;
++ }
++ } else if ((*swd)->sw_type & (SW_TYPE_HMAC | SW_TYPE_HASH)) {
++ dprintk("%s crypto_alloc_*hash(%s, 0x%x)\n", __FUNCTION__,
++ algo, mode);
++
++ /* try async first */
++ (*swd)->sw_tfm = swcr_no_ahash ? NULL :
++ crypto_ahash_tfm(crypto_alloc_ahash(algo, 0, 0));
++ if ((*swd)->sw_tfm) {
++ dprintk("%s %s hash is async\n", __FUNCTION__, algo);
++ (*swd)->sw_type |= SW_TYPE_ASYNC;
++ } else {
++ dprintk("%s %s hash is sync\n", __FUNCTION__, algo);
++ (*swd)->sw_tfm = crypto_hash_tfm(
++ crypto_alloc_hash(algo, 0, CRYPTO_ALG_ASYNC));
++ }
++
++ if (!(*swd)->sw_tfm) {
++ dprintk("cryptosoft: crypto_alloc_hash failed(%s,0x%x)\n",
++ algo, mode);
++ swcr_freesession(NULL, i);
++ return EINVAL;
++ }
++
++ (*swd)->u.hmac.sw_klen = (cri->cri_klen + 7) / 8;
++ (*swd)->u.hmac.sw_key = (char *)kmalloc((*swd)->u.hmac.sw_klen,
++ SLAB_ATOMIC);
++ if ((*swd)->u.hmac.sw_key == NULL) {
++ swcr_freesession(NULL, i);
++ dprintk("%s,%d: ENOBUFS\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ memcpy((*swd)->u.hmac.sw_key, cri->cri_key, (*swd)->u.hmac.sw_klen);
++ if (cri->cri_mlen) {
++ (*swd)->u.hmac.sw_mlen = cri->cri_mlen;
++ } else if ((*swd)->sw_type & SW_TYPE_ASYNC) {
++ (*swd)->u.hmac.sw_mlen = crypto_ahash_digestsize(
++ __crypto_ahash_cast((*swd)->sw_tfm));
++ } else {
++ (*swd)->u.hmac.sw_mlen = crypto_hash_digestsize(
++ crypto_hash_cast((*swd)->sw_tfm));
++ }
++ } else if ((*swd)->sw_type & SW_TYPE_COMP) {
++ (*swd)->sw_tfm = crypto_comp_tfm(
++ crypto_alloc_comp(algo, 0, CRYPTO_ALG_ASYNC));
++ if (!(*swd)->sw_tfm) {
++ dprintk("cryptosoft: crypto_alloc_comp failed(%s,0x%x)\n",
++ algo, mode);
++ swcr_freesession(NULL, i);
++ return EINVAL;
++ }
++ (*swd)->u.sw_comp_buf = kmalloc(CRYPTO_MAX_DATA_LEN, SLAB_ATOMIC);
++ if ((*swd)->u.sw_comp_buf == NULL) {
++ swcr_freesession(NULL, i);
++ dprintk("%s,%d: ENOBUFS\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ } else {
++ printk("cryptosoft: Unhandled sw_type %d\n", (*swd)->sw_type);
++ swcr_freesession(NULL, i);
++ return EINVAL;
++ }
++
++ cri = cri->cri_next;
++ swd = &((*swd)->sw_next);
++ }
++ return 0;
++}
++
++/*
++ * Free a session.
++ */
++static int
++swcr_freesession(device_t dev, u_int64_t tid)
++{
++ struct swcr_data *swd;
++ u_int32_t sid = CRYPTO_SESID2LID(tid);
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (sid > swcr_sesnum || swcr_sessions == NULL ||
++ swcr_sessions[sid] == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return(EINVAL);
++ }
++
++ /* Silently accept and return */
++ if (sid == 0)
++ return(0);
++
++ while ((swd = swcr_sessions[sid]) != NULL) {
++ swcr_sessions[sid] = swd->sw_next;
++ if (swd->sw_tfm) {
++ switch (swd->sw_type & SW_TYPE_ALG_AMASK) {
++#ifdef HAVE_AHASH
++ case SW_TYPE_AHMAC:
++ case SW_TYPE_AHASH:
++ crypto_free_ahash(__crypto_ahash_cast(swd->sw_tfm));
++ break;
++#endif
++#ifdef HAVE_ABLKCIPHER
++ case SW_TYPE_ABLKCIPHER:
++ crypto_free_ablkcipher(__crypto_ablkcipher_cast(swd->sw_tfm));
++ break;
++#endif
++ case SW_TYPE_BLKCIPHER:
++ crypto_free_blkcipher(crypto_blkcipher_cast(swd->sw_tfm));
++ break;
++ case SW_TYPE_HMAC:
++ case SW_TYPE_HASH:
++ crypto_free_hash(crypto_hash_cast(swd->sw_tfm));
++ break;
++ case SW_TYPE_COMP:
++ crypto_free_comp(crypto_comp_cast(swd->sw_tfm));
++ default:
++ crypto_free_tfm(swd->sw_tfm);
++ break;
++ }
++ swd->sw_tfm = NULL;
++ }
++ if (swd->sw_type & SW_TYPE_COMP) {
++ if (swd->u.sw_comp_buf)
++ kfree(swd->u.sw_comp_buf);
++ } else {
++ if (swd->u.hmac.sw_key)
++ kfree(swd->u.hmac.sw_key);
++ }
++ kfree(swd);
++ }
++ return 0;
++}
++
++#if defined(HAVE_ABLKCIPHER) || defined(HAVE_AHASH)
++/* older kernels had no async interface */
++
++static void swcr_process_callback(struct crypto_async_request *creq, int err)
++{
++ struct swcr_req *req = creq->data;
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (err) {
++ if (err == -EINPROGRESS)
++ return;
++ dprintk("%s() fail %d\n", __FUNCTION__, -err);
++ req->crp->crp_etype = -err;
++ goto done;
++ }
++
++ switch (req->sw->sw_type & SW_TYPE_ALG_AMASK) {
++ case SW_TYPE_AHMAC:
++ case SW_TYPE_AHASH:
++ crypto_copyback(req->crp->crp_flags, req->crp->crp_buf,
++ req->crd->crd_inject, req->sw->u.hmac.sw_mlen, req->result);
++ ahash_request_free(req->crypto_req);
++ break;
++ case SW_TYPE_ABLKCIPHER:
++ ablkcipher_request_free(req->crypto_req);
++ break;
++ default:
++ req->crp->crp_etype = EINVAL;
++ goto done;
++ }
++
++ req->crd = req->crd->crd_next;
++ if (req->crd) {
++ swcr_process_req(req);
++ return;
++ }
++
++done:
++ dprintk("%s crypto_done %p\n", __FUNCTION__, req);
++ crypto_done(req->crp);
++ kmem_cache_free(swcr_req_cache, req);
++}
++#endif /* defined(HAVE_ABLKCIPHER) || defined(HAVE_AHASH) */
++
++
++static void swcr_process_req(struct swcr_req *req)
++{
++ struct swcr_data *sw;
++ struct cryptop *crp = req->crp;
++ struct cryptodesc *crd = req->crd;
++ struct sk_buff *skb = (struct sk_buff *) crp->crp_buf;
++ struct uio *uiop = (struct uio *) crp->crp_buf;
++ int sg_num, sg_len, skip;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ /*
++ * Find the crypto context.
++ *
++ * XXX Note that the logic here prevents us from having
++ * XXX the same algorithm multiple times in a session
++ * XXX (or rather, we can but it won't give us the right
++ * XXX results). To do that, we'd need some way of differentiating
++ * XXX between the various instances of an algorithm (so we can
++ * XXX locate the correct crypto context).
++ */
++ for (sw = req->sw_head; sw && sw->sw_alg != crd->crd_alg; sw = sw->sw_next)
++ ;
++
++ /* No such context ? */
++ if (sw == NULL) {
++ crp->crp_etype = EINVAL;
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ goto done;
++ }
++
++ req->sw = sw;
++ skip = crd->crd_skip;
++
++ /*
++ * setup the SG list skip from the start of the buffer
++ */
++ memset(req->sg, 0, sizeof(req->sg));
++ sg_init_table(req->sg, SCATTERLIST_MAX);
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ int i, len;
++
++ sg_num = 0;
++ sg_len = 0;
++
++ if (skip < skb_headlen(skb)) {
++ len = skb_headlen(skb) - skip;
++ if (len + sg_len > crd->crd_len)
++ len = crd->crd_len - sg_len;
++ sg_set_page(&req->sg[sg_num],
++ virt_to_page(skb->data + skip), len,
++ offset_in_page(skb->data + skip));
++ sg_len += len;
++ sg_num++;
++ skip = 0;
++ } else
++ skip -= skb_headlen(skb);
++
++ for (i = 0; sg_len < crd->crd_len &&
++ i < skb_shinfo(skb)->nr_frags &&
++ sg_num < SCATTERLIST_MAX; i++) {
++ if (skip < skb_shinfo(skb)->frags[i].size) {
++ len = skb_shinfo(skb)->frags[i].size - skip;
++ if (len + sg_len > crd->crd_len)
++ len = crd->crd_len - sg_len;
++ sg_set_page(&req->sg[sg_num],
++ skb_shinfo(skb)->frags[i].page,
++ len,
++ skb_shinfo(skb)->frags[i].page_offset + skip);
++ sg_len += len;
++ sg_num++;
++ skip = 0;
++ } else
++ skip -= skb_shinfo(skb)->frags[i].size;
++ }
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ int len;
++
++ sg_len = 0;
++ for (sg_num = 0; sg_len < crd->crd_len &&
++ sg_num < uiop->uio_iovcnt &&
++ sg_num < SCATTERLIST_MAX; sg_num++) {
++ if (skip <= uiop->uio_iov[sg_num].iov_len) {
++ len = uiop->uio_iov[sg_num].iov_len - skip;
++ if (len + sg_len > crd->crd_len)
++ len = crd->crd_len - sg_len;
++ sg_set_page(&req->sg[sg_num],
++ virt_to_page(uiop->uio_iov[sg_num].iov_base+skip),
++ len,
++ offset_in_page(uiop->uio_iov[sg_num].iov_base+skip));
++ sg_len += len;
++ skip = 0;
++ } else
++ skip -= uiop->uio_iov[sg_num].iov_len;
++ }
++ } else {
++ sg_len = (crp->crp_ilen - skip);
++ if (sg_len > crd->crd_len)
++ sg_len = crd->crd_len;
++ sg_set_page(&req->sg[0], virt_to_page(crp->crp_buf + skip),
++ sg_len, offset_in_page(crp->crp_buf + skip));
++ sg_num = 1;
++ }
++
++ switch (sw->sw_type & SW_TYPE_ALG_AMASK) {
++
++#ifdef HAVE_AHASH
++ case SW_TYPE_AHMAC:
++ case SW_TYPE_AHASH:
++ {
++ int ret;
++
++ /* check we have room for the result */
++ if (crp->crp_ilen - crd->crd_inject < sw->u.hmac.sw_mlen) {
++ dprintk("cryptosoft: EINVAL crp_ilen=%d, len=%d, inject=%d "
++ "digestsize=%d\n", crp->crp_ilen, crd->crd_skip + sg_len,
++ crd->crd_inject, sw->u.hmac.sw_mlen);
++ crp->crp_etype = EINVAL;
++ goto done;
++ }
++
++ req->crypto_req =
++ ahash_request_alloc(__crypto_ahash_cast(sw->sw_tfm),GFP_KERNEL);
++ if (!req->crypto_req) {
++ crp->crp_etype = ENOMEM;
++ dprintk("%s,%d: ENOMEM ahash_request_alloc", __FILE__, __LINE__);
++ goto done;
++ }
++
++ ahash_request_set_callback(req->crypto_req,
++ CRYPTO_TFM_REQ_MAY_BACKLOG, swcr_process_callback, req);
++
++ memset(req->result, 0, sizeof(req->result));
++
++ if (sw->sw_type & SW_TYPE_AHMAC)
++ crypto_ahash_setkey(__crypto_ahash_cast(sw->sw_tfm),
++ sw->u.hmac.sw_key, sw->u.hmac.sw_klen);
++ ahash_request_set_crypt(req->crypto_req, req->sg, req->result, sg_len);
++ ret = crypto_ahash_digest(req->crypto_req);
++ switch (ret) {
++ case -EINPROGRESS:
++ case -EBUSY:
++ return;
++ default:
++ case 0:
++ dprintk("hash OP %s %d\n", ret ? "failed" : "success", ret);
++ crp->crp_etype = ret;
++ ahash_request_free(req->crypto_req);
++ goto done;
++ }
++ } break;
++#endif /* HAVE_AHASH */
++
++#ifdef HAVE_ABLKCIPHER
++ case SW_TYPE_ABLKCIPHER: {
++ int ret;
++ unsigned char *ivp = req->iv;
++ int ivsize =
++ crypto_ablkcipher_ivsize(__crypto_ablkcipher_cast(sw->sw_tfm));
++
++ if (sg_len < crypto_ablkcipher_blocksize(
++ __crypto_ablkcipher_cast(sw->sw_tfm))) {
++ crp->crp_etype = EINVAL;
++ dprintk("%s,%d: EINVAL len %d < %d\n", __FILE__, __LINE__,
++ sg_len, crypto_ablkcipher_blocksize(
++ __crypto_ablkcipher_cast(sw->sw_tfm)));
++ goto done;
++ }
++
++ if (ivsize > sizeof(req->iv)) {
++ crp->crp_etype = EINVAL;
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ goto done;
++ }
++
++ req->crypto_req = ablkcipher_request_alloc(
++ __crypto_ablkcipher_cast(sw->sw_tfm), GFP_KERNEL);
++ if (!req->crypto_req) {
++ crp->crp_etype = ENOMEM;
++ dprintk("%s,%d: ENOMEM ablkcipher_request_alloc",
++ __FILE__, __LINE__);
++ goto done;
++ }
++
++ ablkcipher_request_set_callback(req->crypto_req,
++ CRYPTO_TFM_REQ_MAY_BACKLOG, swcr_process_callback, req);
++
++ if (crd->crd_flags & CRD_F_KEY_EXPLICIT) {
++ int i, error;
++
++ if (debug) {
++ dprintk("%s key:", __FUNCTION__);
++ for (i = 0; i < (crd->crd_klen + 7) / 8; i++)
++ dprintk("%s0x%x", (i % 8) ? " " : "\n ",
++ crd->crd_key[i] & 0xff);
++ dprintk("\n");
++ }
++ /* OCF doesn't enforce keys */
++ crypto_ablkcipher_set_flags(__crypto_ablkcipher_cast(sw->sw_tfm),
++ CRYPTO_TFM_REQ_WEAK_KEY);
++ error = crypto_ablkcipher_setkey(
++ __crypto_ablkcipher_cast(sw->sw_tfm), crd->crd_key,
++ (crd->crd_klen + 7) / 8);
++ if (error) {
++ dprintk("cryptosoft: setkey failed %d (crt_flags=0x%x)\n",
++ error, sw->sw_tfm->crt_flags);
++ crp->crp_etype = -error;
++ }
++ }
++
++ if (crd->crd_flags & CRD_F_ENCRYPT) { /* encrypt */
++
++ if (crd->crd_flags & CRD_F_IV_EXPLICIT)
++ ivp = crd->crd_iv;
++ else
++ get_random_bytes(ivp, ivsize);
++ /*
++ * do we have to copy the IV back to the buffer ?
++ */
++ if ((crd->crd_flags & CRD_F_IV_PRESENT) == 0) {
++ crypto_copyback(crp->crp_flags, crp->crp_buf,
++ crd->crd_inject, ivsize, (caddr_t)ivp);
++ }
++ ablkcipher_request_set_crypt(req->crypto_req, req->sg, req->sg,
++ sg_len, ivp);
++ ret = crypto_ablkcipher_encrypt(req->crypto_req);
++
++ } else { /*decrypt */
++
++ if (crd->crd_flags & CRD_F_IV_EXPLICIT)
++ ivp = crd->crd_iv;
++ else
++ crypto_copydata(crp->crp_flags, crp->crp_buf,
++ crd->crd_inject, ivsize, (caddr_t)ivp);
++ ablkcipher_request_set_crypt(req->crypto_req, req->sg, req->sg,
++ sg_len, ivp);
++ ret = crypto_ablkcipher_decrypt(req->crypto_req);
++ }
++
++ switch (ret) {
++ case -EINPROGRESS:
++ case -EBUSY:
++ return;
++ default:
++ case 0:
++ dprintk("crypto OP %s %d\n", ret ? "failed" : "success", ret);
++ crp->crp_etype = ret;
++ goto done;
++ }
++ } break;
++#endif /* HAVE_ABLKCIPHER */
++
++ case SW_TYPE_BLKCIPHER: {
++ unsigned char iv[EALG_MAX_BLOCK_LEN];
++ unsigned char *ivp = iv;
++ struct blkcipher_desc desc;
++ int ivsize = crypto_blkcipher_ivsize(crypto_blkcipher_cast(sw->sw_tfm));
++
++ if (sg_len < crypto_blkcipher_blocksize(
++ crypto_blkcipher_cast(sw->sw_tfm))) {
++ crp->crp_etype = EINVAL;
++ dprintk("%s,%d: EINVAL len %d < %d\n", __FILE__, __LINE__,
++ sg_len, crypto_blkcipher_blocksize(
++ crypto_blkcipher_cast(sw->sw_tfm)));
++ goto done;
++ }
++
++ if (ivsize > sizeof(iv)) {
++ crp->crp_etype = EINVAL;
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ goto done;
++ }
++
++ if (crd->crd_flags & CRD_F_KEY_EXPLICIT) {
++ int i, error;
++
++ if (debug) {
++ dprintk("%s key:", __FUNCTION__);
++ for (i = 0; i < (crd->crd_klen + 7) / 8; i++)
++ dprintk("%s0x%x", (i % 8) ? " " : "\n ",
++ crd->crd_key[i] & 0xff);
++ dprintk("\n");
++ }
++ /* OCF doesn't enforce keys */
++ crypto_blkcipher_set_flags(crypto_blkcipher_cast(sw->sw_tfm),
++ CRYPTO_TFM_REQ_WEAK_KEY);
++ error = crypto_blkcipher_setkey(
++ crypto_blkcipher_cast(sw->sw_tfm), crd->crd_key,
++ (crd->crd_klen + 7) / 8);
++ if (error) {
++ dprintk("cryptosoft: setkey failed %d (crt_flags=0x%x)\n",
++ error, sw->sw_tfm->crt_flags);
++ crp->crp_etype = -error;
++ }
++ }
++
++ memset(&desc, 0, sizeof(desc));
++ desc.tfm = crypto_blkcipher_cast(sw->sw_tfm);
++
++ if (crd->crd_flags & CRD_F_ENCRYPT) { /* encrypt */
++
++ if (crd->crd_flags & CRD_F_IV_EXPLICIT) {
++ ivp = crd->crd_iv;
++ } else {
++ get_random_bytes(ivp, ivsize);
++ }
++ /*
++ * do we have to copy the IV back to the buffer ?
++ */
++ if ((crd->crd_flags & CRD_F_IV_PRESENT) == 0) {
++ crypto_copyback(crp->crp_flags, crp->crp_buf,
++ crd->crd_inject, ivsize, (caddr_t)ivp);
++ }
++ desc.info = ivp;
++ crypto_blkcipher_encrypt_iv(&desc, req->sg, req->sg, sg_len);
++
++ } else { /*decrypt */
++
++ if (crd->crd_flags & CRD_F_IV_EXPLICIT) {
++ ivp = crd->crd_iv;
++ } else {
++ crypto_copydata(crp->crp_flags, crp->crp_buf,
++ crd->crd_inject, ivsize, (caddr_t)ivp);
++ }
++ desc.info = ivp;
++ crypto_blkcipher_decrypt_iv(&desc, req->sg, req->sg, sg_len);
++ }
++ } break;
++
++ case SW_TYPE_HMAC:
++ case SW_TYPE_HASH:
++ {
++ char result[HASH_MAX_LEN];
++ struct hash_desc desc;
++
++ /* check we have room for the result */
++ if (crp->crp_ilen - crd->crd_inject < sw->u.hmac.sw_mlen) {
++ dprintk("cryptosoft: EINVAL crp_ilen=%d, len=%d, inject=%d "
++ "digestsize=%d\n", crp->crp_ilen, crd->crd_skip + sg_len,
++ crd->crd_inject, sw->u.hmac.sw_mlen);
++ crp->crp_etype = EINVAL;
++ goto done;
++ }
++
++ memset(&desc, 0, sizeof(desc));
++ desc.tfm = crypto_hash_cast(sw->sw_tfm);
++
++ memset(result, 0, sizeof(result));
++
++ if (sw->sw_type & SW_TYPE_HMAC) {
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
++ crypto_hmac(sw->sw_tfm, sw->u.hmac.sw_key, &sw->u.hmac.sw_klen,
++ req->sg, sg_num, result);
++#else
++ crypto_hash_setkey(desc.tfm, sw->u.hmac.sw_key,
++ sw->u.hmac.sw_klen);
++ crypto_hash_digest(&desc, req->sg, sg_len, result);
++#endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19) */
++
++ } else { /* SW_TYPE_HASH */
++ crypto_hash_digest(&desc, req->sg, sg_len, result);
++ }
++
++ crypto_copyback(crp->crp_flags, crp->crp_buf,
++ crd->crd_inject, sw->u.hmac.sw_mlen, result);
++ }
++ break;
++
++ case SW_TYPE_COMP: {
++ void *ibuf = NULL;
++ void *obuf = sw->u.sw_comp_buf;
++ int ilen = sg_len, olen = CRYPTO_MAX_DATA_LEN;
++ int ret = 0;
++
++ /*
++ * we need to use an additional copy if there is more than one
++ * input chunk since the kernel comp routines do not handle
++ * SG yet. Otherwise we just use the input buffer as is.
++ * Rather than allocate another buffer we just split the tmp
++ * buffer we already have.
++ * Perhaps we should just use zlib directly ?
++ */
++ if (sg_num > 1) {
++ int blk;
++
++ ibuf = obuf;
++ for (blk = 0; blk < sg_num; blk++) {
++ memcpy(obuf, sg_virt(&req->sg[blk]),
++ req->sg[blk].length);
++ obuf += req->sg[blk].length;
++ }
++ olen -= sg_len;
++ } else
++ ibuf = sg_virt(&req->sg[0]);
++
++ if (crd->crd_flags & CRD_F_ENCRYPT) { /* compress */
++ ret = crypto_comp_compress(crypto_comp_cast(sw->sw_tfm),
++ ibuf, ilen, obuf, &olen);
++ if (!ret && olen > crd->crd_len) {
++ dprintk("cryptosoft: ERANGE compress %d into %d\n",
++ crd->crd_len, olen);
++ if (swcr_fail_if_compression_grows)
++ ret = ERANGE;
++ }
++ } else { /* decompress */
++ ret = crypto_comp_decompress(crypto_comp_cast(sw->sw_tfm),
++ ibuf, ilen, obuf, &olen);
++ if (!ret && (olen + crd->crd_inject) > crp->crp_olen) {
++ dprintk("cryptosoft: ETOOSMALL decompress %d into %d, "
++ "space for %d,at offset %d\n",
++ crd->crd_len, olen, crp->crp_olen, crd->crd_inject);
++ ret = ETOOSMALL;
++ }
++ }
++ if (ret)
++ dprintk("%s,%d: ret = %d\n", __FILE__, __LINE__, ret);
++
++ /*
++ * on success copy result back,
++ * linux crpyto API returns -errno, we need to fix that
++ */
++ crp->crp_etype = ret < 0 ? -ret : ret;
++ if (ret == 0) {
++ /* copy back the result and return it's size */
++ crypto_copyback(crp->crp_flags, crp->crp_buf,
++ crd->crd_inject, olen, obuf);
++ crp->crp_olen = olen;
++ }
++
++
++ } break;
++
++ default:
++ /* Unknown/unsupported algorithm */
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ crp->crp_etype = EINVAL;
++ goto done;
++ }
++
++done:
++ crypto_done(crp);
++ kmem_cache_free(swcr_req_cache, req);
++}
++
++
++/*
++ * Process a crypto request.
++ */
++static int
++swcr_process(device_t dev, struct cryptop *crp, int hint)
++{
++ struct swcr_req *req = NULL;
++ u_int32_t lid;
++
++ dprintk("%s()\n", __FUNCTION__);
++ /* Sanity check */
++ if (crp == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ crp->crp_etype = 0;
++
++ if (crp->crp_desc == NULL || crp->crp_buf == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ crp->crp_etype = EINVAL;
++ goto done;
++ }
++
++ lid = crp->crp_sid & 0xffffffff;
++ if (lid >= swcr_sesnum || lid == 0 || swcr_sessions == NULL ||
++ swcr_sessions[lid] == NULL) {
++ crp->crp_etype = ENOENT;
++ dprintk("%s,%d: ENOENT\n", __FILE__, __LINE__);
++ goto done;
++ }
++
++ /*
++ * do some error checking outside of the loop for SKB and IOV processing
++ * this leaves us with valid skb or uiop pointers for later
++ */
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ struct sk_buff *skb = (struct sk_buff *) crp->crp_buf;
++ if (skb_shinfo(skb)->nr_frags >= SCATTERLIST_MAX) {
++ printk("%s,%d: %d nr_frags > SCATTERLIST_MAX", __FILE__, __LINE__,
++ skb_shinfo(skb)->nr_frags);
++ goto done;
++ }
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ struct uio *uiop = (struct uio *) crp->crp_buf;
++ if (uiop->uio_iovcnt > SCATTERLIST_MAX) {
++ printk("%s,%d: %d uio_iovcnt > SCATTERLIST_MAX", __FILE__, __LINE__,
++ uiop->uio_iovcnt);
++ goto done;
++ }
++ }
++
++ /*
++ * setup a new request ready for queuing
++ */
++ req = kmem_cache_alloc(swcr_req_cache, SLAB_ATOMIC);
++ if (req == NULL) {
++ dprintk("%s,%d: ENOMEM\n", __FILE__, __LINE__);
++ crp->crp_etype = ENOMEM;
++ goto done;
++ }
++ memset(req, 0, sizeof(*req));
++
++ req->sw_head = swcr_sessions[lid];
++ req->crp = crp;
++ req->crd = crp->crp_desc;
++
++ swcr_process_req(req);
++ return 0;
++
++done:
++ crypto_done(crp);
++ if (req)
++ kmem_cache_free(swcr_req_cache, req);
++ return 0;
++}
++
++
++static int
++cryptosoft_init(void)
++{
++ int i, sw_type, mode;
++ char *algo;
++
++ dprintk("%s(%p)\n", __FUNCTION__, cryptosoft_init);
++
++ swcr_req_cache = kmem_cache_create("cryptosoft_req",
++ sizeof(struct swcr_req), 0, SLAB_HWCACHE_ALIGN, NULL
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
++ , NULL
++#endif
++ );
++ if (!swcr_req_cache) {
++ printk("cryptosoft: failed to create request cache\n");
++ return -ENOENT;
++ }
++
++ softc_device_init(&swcr_softc, "cryptosoft", 0, swcr_methods);
++
++ swcr_id = crypto_get_driverid(softc_get_device(&swcr_softc),
++ CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_SYNC);
++ if (swcr_id < 0) {
++ printk("cryptosoft: Software crypto device cannot initialize!");
++ return -ENODEV;
++ }
++
++#define REGISTER(alg) \
++ crypto_register(swcr_id, alg, 0,0)
++
++ for (i = 0; i < sizeof(crypto_details)/sizeof(crypto_details[0]); i++) {
++ int found;
++
++ algo = crypto_details[i].alg_name;
++ if (!algo || !*algo) {
++ dprintk("%s:Algorithm %d not supported\n", __FUNCTION__, i);
++ continue;
++ }
++
++ mode = crypto_details[i].mode;
++ sw_type = crypto_details[i].sw_type;
++
++ found = 0;
++ switch (sw_type & SW_TYPE_ALG_MASK) {
++ case SW_TYPE_CIPHER:
++ found = crypto_has_cipher(algo, 0, CRYPTO_ALG_ASYNC);
++ break;
++ case SW_TYPE_HMAC:
++ found = crypto_has_hash(algo, 0, swcr_no_ahash?CRYPTO_ALG_ASYNC:0);
++ break;
++ case SW_TYPE_HASH:
++ found = crypto_has_hash(algo, 0, swcr_no_ahash?CRYPTO_ALG_ASYNC:0);
++ break;
++ case SW_TYPE_COMP:
++ found = crypto_has_comp(algo, 0, CRYPTO_ALG_ASYNC);
++ break;
++ case SW_TYPE_BLKCIPHER:
++ found = crypto_has_blkcipher(algo, 0, CRYPTO_ALG_ASYNC);
++ if (!found && !swcr_no_ablk)
++ found = crypto_has_ablkcipher(algo, 0, 0);
++ break;
++ }
++ if (found) {
++ REGISTER(i);
++ } else {
++ dprintk("%s:Algorithm Type %d not supported (algorithm %d:'%s')\n",
++ __FUNCTION__, sw_type, i, algo);
++ }
++ }
++ return 0;
++}
++
++static void
++cryptosoft_exit(void)
++{
++ dprintk("%s()\n", __FUNCTION__);
++ crypto_unregister_all(swcr_id);
++ swcr_id = -1;
++ kmem_cache_destroy(swcr_req_cache);
++}
++
++late_initcall(cryptosoft_init);
++module_exit(cryptosoft_exit);
++
++MODULE_LICENSE("Dual BSD/GPL");
++MODULE_AUTHOR("David McCullough <david_mccullough at securecomputing.com>");
++MODULE_DESCRIPTION("Cryptosoft (OCF module for kernel crypto)");
+diff --git a/crypto/ocf/ep80579/Makefile b/crypto/ocf/ep80579/Makefile
+new file mode 100644
+index 0000000..9aab295
+--- /dev/null
++++ b/crypto/ocf/ep80579/Makefile
+@@ -0,0 +1,119 @@
++#########################################################################
++#
++# Targets supported
++# all - builds everything and installs
++# install - identical to all
++# depend - build dependencies
++# clean - clears derived objects except the .depend files
++# distclean- clears all derived objects and the .depend file
++#
++# @par
++# This file is provided under a dual BSD/GPLv2 license. When using or
++# redistributing this file, you may do so under either license.
++#
++# GPL LICENSE SUMMARY
++#
++# Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++#
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of version 2 of the GNU General Public License as
++# published by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++# General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
++# The full GNU General Public License is included in this distribution
++# in the file called LICENSE.GPL.
++#
++# Contact Information:
++# Intel Corporation
++#
++# BSD LICENSE
++#
++# Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++# All rights reserved.
++#
++# Redistribution and use in source and binary forms, with or without
++# modification, are permitted provided that the following conditions
++# are met:
++#
++# * Redistributions of source code must retain the above copyright
++# notice, this list of conditions and the following disclaimer.
++# * Redistributions in binary form must reproduce the above copyright
++# notice, this list of conditions and the following disclaimer in
++# the documentation and/or other materials provided with the
++# distribution.
++# * Neither the name of Intel Corporation nor the names of its
++# contributors may be used to endorse or promote products derived
++# from this software without specific prior written permission.
++#
++# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
++# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
++# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
++# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
++# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++#
++#
++# version: Security.L.1.0.2-229
++############################################################################
++
++
++####################Common variables and definitions########################
++
++ifndef ICP_ROOT
++$(warning ICP_ROOT is undefined. Please set the path to EP80579 release package directory \
++ "-> setenv ICP_ROOT <path>")
++all fastdep:
++ :
++else
++
++ifndef KERNEL_SOURCE_ROOT
++$(error KERNEL_SOURCE_ROOT is undefined. Please set the path to the kernel source directory \
++ "-> setenv KERNEL_SOURCE_ROOT <path>")
++endif
++
++# Ensure The ENV_DIR environmental var is defined.
++ifndef ICP_ENV_DIR
++$(error ICP_ENV_DIR is undefined. Please set the path to EP80579 driver environment.mk file \
++ "-> setenv ICP_ENV_DIR <path>")
++endif
++
++#Add your project environment Makefile
++include ${ICP_ENV_DIR}/environment.mk
++
++#include the makefile with all the default and common Make variable definitions
++include ${ICP_BUILDSYSTEM_PATH}/build_files/common.mk
++
++#Add the name for the executable, Library or Module output definitions
++OUTPUT_NAME= icp_ocf
++
++# List of Source Files to be compiled
++SOURCES= icp_common.c icp_sym.c icp_asym.c icp_ocf_linux.c
++
++#common includes between all supported OSes
++INCLUDES= -I ${ICP_API_DIR} -I${ICP_LAC_API} \
++-I${ICP_OCF_SRC_DIR}
++
++# The location of the os level makefile needs to be changed.
++include ${ICP_ENV_DIR}/${ICP_OS}_${ICP_OS_LEVEL}.mk
++
++# On the line directly below list the outputs you wish to build for,
++# e.g "lib_static lib_shared exe module" as shown below
++install: module
++
++###################Include rules makefiles########################
++include ${ICP_BUILDSYSTEM_PATH}/build_files/rules.mk
++###################End of Rules inclusion#########################
++
++endif
+diff --git a/crypto/ocf/ep80579/icp_asym.c b/crypto/ocf/ep80579/icp_asym.c
+new file mode 100644
+index 0000000..d2641c5
+--- /dev/null
++++ b/crypto/ocf/ep80579/icp_asym.c
+@@ -0,0 +1,1334 @@
++/***************************************************************************
++ *
++ * This file is provided under a dual BSD/GPLv2 license. When using or
++ * redistributing this file, you may do so under either license.
++ *
++ * GPL LICENSE SUMMARY
++ *
++ * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of version 2 of the GNU General Public License as
++ * published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ * General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
++ * The full GNU General Public License is included in this distribution
++ * in the file called LICENSE.GPL.
++ *
++ * Contact Information:
++ * Intel Corporation
++ *
++ * BSD LICENSE
++ *
++ * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * * Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ * * Neither the name of Intel Corporation nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
++ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
++ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
++ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
++ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ *
++ * version: Security.L.1.0.2-229
++ *
++ ***************************************************************************/
++
++#include "icp_ocf.h"
++
++/*The following define values (containing the word 'INDEX') are used to find
++the index of each input buffer of the crypto_kop struct (see OCF cryptodev.h).
++These values were found through analysis of the OCF OpenSSL patch. If the
++calling program uses different input buffer positions, these defines will have
++to be changed.*/
++
++/*DIFFIE HELLMAN buffer index values*/
++#define ICP_DH_KRP_PARAM_PRIME_INDEX (0)
++#define ICP_DH_KRP_PARAM_BASE_INDEX (1)
++#define ICP_DH_KRP_PARAM_PRIVATE_VALUE_INDEX (2)
++#define ICP_DH_KRP_PARAM_RESULT_INDEX (3)
++
++/*MOD EXP buffer index values*/
++#define ICP_MOD_EXP_KRP_PARAM_BASE_INDEX (0)
++#define ICP_MOD_EXP_KRP_PARAM_EXPONENT_INDEX (1)
++#define ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX (2)
++#define ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX (3)
++
++/*MOD EXP CRT buffer index values*/
++#define ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_P_INDEX (0)
++#define ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_Q_INDEX (1)
++#define ICP_MOD_EXP_CRT_KRP_PARAM_I_INDEX (2)
++#define ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DP_INDEX (3)
++#define ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DQ_INDEX (4)
++#define ICP_MOD_EXP_CRT_KRP_PARAM_COEFF_QINV_INDEX (5)
++#define ICP_MOD_EXP_CRT_KRP_PARAM_RESULT_INDEX (6)
++
++/*DSA sign buffer index values*/
++#define ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX (0)
++#define ICP_DSA_SIGN_KRP_PARAM_PRIME_P_INDEX (1)
++#define ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX (2)
++#define ICP_DSA_SIGN_KRP_PARAM_G_INDEX (3)
++#define ICP_DSA_SIGN_KRP_PARAM_X_INDEX (4)
++#define ICP_DSA_SIGN_KRP_PARAM_R_RESULT_INDEX (5)
++#define ICP_DSA_SIGN_KRP_PARAM_S_RESULT_INDEX (6)
++
++/*DSA verify buffer index values*/
++#define ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX (0)
++#define ICP_DSA_VERIFY_KRP_PARAM_PRIME_P_INDEX (1)
++#define ICP_DSA_VERIFY_KRP_PARAM_PRIME_Q_INDEX (2)
++#define ICP_DSA_VERIFY_KRP_PARAM_G_INDEX (3)
++#define ICP_DSA_VERIFY_KRP_PARAM_PUBKEY_INDEX (4)
++#define ICP_DSA_VERIFY_KRP_PARAM_SIG_R_INDEX (5)
++#define ICP_DSA_VERIFY_KRP_PARAM_SIG_S_INDEX (6)
++
++/*DSA sign prime Q vs random number K size check values*/
++#define DONT_RUN_LESS_THAN_CHECK (0)
++#define FAIL_A_IS_GREATER_THAN_B (1)
++#define FAIL_A_IS_EQUAL_TO_B (1)
++#define SUCCESS_A_IS_LESS_THAN_B (0)
++#define DSA_SIGN_RAND_GEN_VAL_CHECK_MAX_ITERATIONS (500)
++
++/* We need to set a cryptokp success value just in case it is set or allocated
++ and not set to zero outside of this module */
++#define CRYPTO_OP_SUCCESS (0)
++
++/*Function to compute Diffie Hellman (DH) phase 1 or phase 2 key values*/
++static int icp_ocfDrvDHComputeKey(struct cryptkop *krp);
++
++/*Function to compute a Modular Exponentiation (Mod Exp)*/
++static int icp_ocfDrvModExp(struct cryptkop *krp);
++
++/*Function to compute a Mod Exp using the Chinease Remainder Theorem*/
++static int icp_ocfDrvModExpCRT(struct cryptkop *krp);
++
++/*Helper function to compute whether the first big number argument is less than
++ the second big number argument */
++static int
++icp_ocfDrvCheckALessThanB(CpaFlatBuffer * pK, CpaFlatBuffer * pQ, int *doCheck);
++
++/*Function to sign an input with DSA R and S keys*/
++static int icp_ocfDrvDsaSign(struct cryptkop *krp);
++
++/*Function to Verify a DSA buffer signature*/
++static int icp_ocfDrvDsaVerify(struct cryptkop *krp);
++
++/*Callback function for DH operation*/
++static void
++icp_ocfDrvDhP1CallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpData, CpaFlatBuffer * pLocalOctetStringPV);
++
++/*Callback function for ME operation*/
++static void
++icp_ocfDrvModExpCallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpData, CpaFlatBuffer * pResult);
++
++/*Callback function for ME CRT operation*/
++static void
++icp_ocfDrvModExpCRTCallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpData, CpaFlatBuffer * pOutputData);
++
++/*Callback function for DSA sign operation*/
++static void
++icp_ocfDrvDsaRSSignCallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpData,
++ CpaBoolean protocolStatus,
++ CpaFlatBuffer * pR, CpaFlatBuffer * pS);
++
++/*Callback function for DSA Verify operation*/
++static void
++icp_ocfDrvDsaVerifyCallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpData, CpaBoolean verifyStatus);
++
++/* Name : icp_ocfDrvPkeProcess
++ *
++ * Description : This function will choose which PKE process to follow
++ * based on the input arguments
++ */
++int icp_ocfDrvPkeProcess(icp_device_t dev, struct cryptkop *krp, int hint)
++{
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++
++ if (NULL == krp) {
++ DPRINTK("%s(): Invalid input parameters, cryptkop = %p\n",
++ __FUNCTION__, krp);
++ return EINVAL;
++ }
++
++ if (CPA_TRUE == icp_atomic_read(&icp_ocfDrvIsExiting)) {
++ krp->krp_status = ECANCELED;
++ return ECANCELED;
++ }
++
++ switch (krp->krp_op) {
++ case CRK_DH_COMPUTE_KEY:
++ DPRINTK("%s() doing DH_COMPUTE_KEY\n", __FUNCTION__);
++ lacStatus = icp_ocfDrvDHComputeKey(krp);
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): icp_ocfDrvDHComputeKey failed "
++ "(%d).\n", __FUNCTION__, lacStatus);
++ krp->krp_status = ECANCELED;
++ return ECANCELED;
++ }
++
++ break;
++
++ case CRK_MOD_EXP:
++ DPRINTK("%s() doing MOD_EXP \n", __FUNCTION__);
++ lacStatus = icp_ocfDrvModExp(krp);
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): icp_ocfDrvModExp failed (%d).\n",
++ __FUNCTION__, lacStatus);
++ krp->krp_status = ECANCELED;
++ return ECANCELED;
++ }
++
++ break;
++
++ case CRK_MOD_EXP_CRT:
++ DPRINTK("%s() doing MOD_EXP_CRT \n", __FUNCTION__);
++ lacStatus = icp_ocfDrvModExpCRT(krp);
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): icp_ocfDrvModExpCRT "
++ "failed (%d).\n", __FUNCTION__, lacStatus);
++ krp->krp_status = ECANCELED;
++ return ECANCELED;
++ }
++
++ break;
++
++ case CRK_DSA_SIGN:
++ DPRINTK("%s() doing DSA_SIGN \n", __FUNCTION__);
++ lacStatus = icp_ocfDrvDsaSign(krp);
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): icp_ocfDrvDsaSign "
++ "failed (%d).\n", __FUNCTION__, lacStatus);
++ krp->krp_status = ECANCELED;
++ return ECANCELED;
++ }
++
++ break;
++
++ case CRK_DSA_VERIFY:
++ DPRINTK("%s() doing DSA_VERIFY \n", __FUNCTION__);
++ lacStatus = icp_ocfDrvDsaVerify(krp);
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): icp_ocfDrvDsaVerify "
++ "failed (%d).\n", __FUNCTION__, lacStatus);
++ krp->krp_status = ECANCELED;
++ return ECANCELED;
++ }
++
++ break;
++
++ default:
++ EPRINTK("%s(): Asymettric function not "
++ "supported (%d).\n", __FUNCTION__, krp->krp_op);
++ krp->krp_status = EOPNOTSUPP;
++ return EOPNOTSUPP;
++ }
++
++ return ICP_OCF_DRV_STATUS_SUCCESS;
++}
++
++/* Name : icp_ocfDrvSwapBytes
++ *
++ * Description : This function is used to swap the byte order of a buffer.
++ * It has been seen that in general we are passed little endian byte order
++ * buffers, but LAC only accepts big endian byte order buffers.
++ */
++static void inline icp_ocfDrvSwapBytes(u_int8_t * num, u_int32_t buff_len_bytes)
++{
++
++ int i;
++ u_int8_t *end_ptr;
++ u_int8_t hold_val;
++
++ end_ptr = num + (buff_len_bytes - 1);
++ buff_len_bytes = buff_len_bytes >> 1;
++ for (i = 0; i < buff_len_bytes; i++) {
++ hold_val = *num;
++ *num = *end_ptr;
++ num++;
++ *end_ptr = hold_val;
++ end_ptr--;
++ }
++}
++
++/* Name : icp_ocfDrvDHComputeKey
++ *
++ * Description : This function will map Diffie Hellman calls from OCF
++ * to the LAC API. OCF uses this function for Diffie Hellman Phase1 and
++ * Phase2. LAC has a separate Diffie Hellman Phase2 call, however both phases
++ * break down to a modular exponentiation.
++ */
++static int icp_ocfDrvDHComputeKey(struct cryptkop *krp)
++{
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++ void *callbackTag = NULL;
++ CpaCyDhPhase1KeyGenOpData *pPhase1OpData = NULL;
++ CpaFlatBuffer *pLocalOctetStringPV = NULL;
++ uint32_t dh_prime_len_bytes = 0, dh_prime_len_bits = 0;
++
++ /* Input checks - check prime is a multiple of 8 bits to allow for
++ allocation later */
++ dh_prime_len_bits =
++ (krp->krp_param[ICP_DH_KRP_PARAM_PRIME_INDEX].crp_nbits);
++
++ /* LAC can reject prime lengths based on prime key sizes, we just
++ need to make sure we can allocate space for the base and
++ exponent buffers correctly */
++ if ((dh_prime_len_bits % NUM_BITS_IN_BYTE) != 0) {
++ APRINTK("%s(): Warning Prime number buffer size is not a "
++ "multiple of 8 bits\n", __FUNCTION__);
++ }
++
++ /* Result storage space should be the same size as the prime as this
++ value can take up the same amount of storage space */
++ if (dh_prime_len_bits !=
++ krp->krp_param[ICP_DH_KRP_PARAM_RESULT_INDEX].crp_nbits) {
++ DPRINTK("%s(): Return Buffer must be the same size "
++ "as the Prime buffer\n", __FUNCTION__);
++ krp->krp_status = EINVAL;
++ return EINVAL;
++ }
++ /* Switch to size in bytes */
++ BITS_TO_BYTES(dh_prime_len_bytes, dh_prime_len_bits);
++
++ callbackTag = krp;
++
++/*All allocations are set to ICP_M_NOWAIT due to the possibility of getting
++called in interrupt context*/
++ pPhase1OpData = icp_kmem_cache_zalloc(drvDH_zone, ICP_M_NOWAIT);
++ if (NULL == pPhase1OpData) {
++ APRINTK("%s():Failed to get memory for key gen data\n",
++ __FUNCTION__);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ pLocalOctetStringPV =
++ icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
++ if (NULL == pLocalOctetStringPV) {
++ APRINTK("%s():Failed to get memory for pLocalOctetStringPV\n",
++ __FUNCTION__);
++ ICP_CACHE_FREE(drvDH_zone, pPhase1OpData);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ /* Link parameters */
++ pPhase1OpData->primeP.pData =
++ krp->krp_param[ICP_DH_KRP_PARAM_PRIME_INDEX].crp_p;
++
++ pPhase1OpData->primeP.dataLenInBytes = dh_prime_len_bytes;
++
++ icp_ocfDrvSwapBytes(pPhase1OpData->primeP.pData, dh_prime_len_bytes);
++
++ pPhase1OpData->baseG.pData =
++ krp->krp_param[ICP_DH_KRP_PARAM_BASE_INDEX].crp_p;
++
++ BITS_TO_BYTES(pPhase1OpData->baseG.dataLenInBytes,
++ krp->krp_param[ICP_DH_KRP_PARAM_BASE_INDEX].crp_nbits);
++
++ icp_ocfDrvSwapBytes(pPhase1OpData->baseG.pData,
++ pPhase1OpData->baseG.dataLenInBytes);
++
++ pPhase1OpData->privateValueX.pData =
++ krp->krp_param[ICP_DH_KRP_PARAM_PRIVATE_VALUE_INDEX].crp_p;
++
++ BITS_TO_BYTES(pPhase1OpData->privateValueX.dataLenInBytes,
++ krp->krp_param[ICP_DH_KRP_PARAM_PRIVATE_VALUE_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(pPhase1OpData->privateValueX.pData,
++ pPhase1OpData->privateValueX.dataLenInBytes);
++
++ /* Output parameters */
++ pLocalOctetStringPV->pData =
++ krp->krp_param[ICP_DH_KRP_PARAM_RESULT_INDEX].crp_p;
++
++ BITS_TO_BYTES(pLocalOctetStringPV->dataLenInBytes,
++ krp->krp_param[ICP_DH_KRP_PARAM_RESULT_INDEX].crp_nbits);
++
++ lacStatus = cpaCyDhKeyGenPhase1(CPA_INSTANCE_HANDLE_SINGLE,
++ icp_ocfDrvDhP1CallBack,
++ callbackTag, pPhase1OpData,
++ pLocalOctetStringPV);
++
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): DH Phase 1 Key Gen failed (%d).\n",
++ __FUNCTION__, lacStatus);
++ icp_ocfDrvFreeFlatBuffer(pLocalOctetStringPV);
++ ICP_CACHE_FREE(drvDH_zone, pPhase1OpData);
++ }
++
++ return lacStatus;
++}
++
++/* Name : icp_ocfDrvModExp
++ *
++ * Description : This function will map ordinary Modular Exponentiation calls
++ * from OCF to the LAC API.
++ *
++ */
++static int icp_ocfDrvModExp(struct cryptkop *krp)
++{
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++ void *callbackTag = NULL;
++ CpaCyLnModExpOpData *pModExpOpData = NULL;
++ CpaFlatBuffer *pResult = NULL;
++
++ if ((krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].crp_nbits %
++ NUM_BITS_IN_BYTE) != 0) {
++ DPRINTK("%s(): Warning - modulus buffer size (%d) is not a "
++ "multiple of 8 bits\n", __FUNCTION__,
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].
++ crp_nbits);
++ }
++
++ /* Result storage space should be the same size as the prime as this
++ value can take up the same amount of storage space */
++ if (krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].crp_nbits >
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX].crp_nbits) {
++ APRINTK("%s(): Return Buffer size must be the same or"
++ " greater than the Modulus buffer\n", __FUNCTION__);
++ krp->krp_status = EINVAL;
++ return EINVAL;
++ }
++
++ callbackTag = krp;
++
++ pModExpOpData = icp_kmem_cache_zalloc(drvLnModExp_zone, ICP_M_NOWAIT);
++ if (NULL == pModExpOpData) {
++ APRINTK("%s():Failed to get memory for key gen data\n",
++ __FUNCTION__);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ pResult = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
++ if (NULL == pResult) {
++ APRINTK("%s():Failed to get memory for ModExp result\n",
++ __FUNCTION__);
++ ICP_CACHE_FREE(drvLnModExp_zone, pModExpOpData);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ /* Link parameters */
++ pModExpOpData->modulus.pData =
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].crp_p;
++ BITS_TO_BYTES(pModExpOpData->modulus.dataLenInBytes,
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(pModExpOpData->modulus.pData,
++ pModExpOpData->modulus.dataLenInBytes);
++
++ DPRINTK("%s : base (%d)\n", __FUNCTION__, krp->
++ krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_nbits);
++ pModExpOpData->base.pData =
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_p;
++ BITS_TO_BYTES(pModExpOpData->base.dataLenInBytes,
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].
++ crp_nbits);
++ icp_ocfDrvSwapBytes(pModExpOpData->base.pData,
++ pModExpOpData->base.dataLenInBytes);
++
++ pModExpOpData->exponent.pData =
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_EXPONENT_INDEX].crp_p;
++ BITS_TO_BYTES(pModExpOpData->exponent.dataLenInBytes,
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_EXPONENT_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(pModExpOpData->exponent.pData,
++ pModExpOpData->exponent.dataLenInBytes);
++ /* Output parameters */
++ pResult->pData =
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX].crp_p,
++ BITS_TO_BYTES(pResult->dataLenInBytes,
++ krp->krp_param[ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX].
++ crp_nbits);
++
++ lacStatus = cpaCyLnModExp(CPA_INSTANCE_HANDLE_SINGLE,
++ icp_ocfDrvModExpCallBack,
++ callbackTag, pModExpOpData, pResult);
++
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): Mod Exp Operation failed (%d).\n",
++ __FUNCTION__, lacStatus);
++ krp->krp_status = ECANCELED;
++ icp_ocfDrvFreeFlatBuffer(pResult);
++ ICP_CACHE_FREE(drvLnModExp_zone, pModExpOpData);
++ }
++
++ return lacStatus;
++}
++
++/* Name : icp_ocfDrvModExpCRT
++ *
++ * Description : This function will map ordinary Modular Exponentiation Chinese
++ * Remainder Theorem implementaion calls from OCF to the LAC API.
++ *
++ * Note : Mod Exp CRT for this driver is accelerated through LAC RSA type 2
++ * decrypt operation. Therefore P and Q input values must always be prime
++ * numbers. Although basic primality checks are done in LAC, it is up to the
++ * user to do any correct prime number checking before passing the inputs.
++ */
++static int icp_ocfDrvModExpCRT(struct cryptkop *krp)
++{
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++ CpaCyRsaDecryptOpData *rsaDecryptOpData = NULL;
++ void *callbackTag = NULL;
++ CpaFlatBuffer *pOutputData = NULL;
++
++ /*Parameter input checks are all done by LAC, no need to repeat
++ them here. */
++ callbackTag = krp;
++
++ rsaDecryptOpData =
++ icp_kmem_cache_zalloc(drvRSADecrypt_zone, ICP_M_NOWAIT);
++ if (NULL == rsaDecryptOpData) {
++ APRINTK("%s():Failed to get memory"
++ " for MOD EXP CRT Op data struct\n", __FUNCTION__);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ rsaDecryptOpData->pRecipientPrivateKey
++ = icp_kmem_cache_zalloc(drvRSAPrivateKey_zone, ICP_M_NOWAIT);
++ if (NULL == rsaDecryptOpData->pRecipientPrivateKey) {
++ APRINTK("%s():Failed to get memory for MOD EXP CRT"
++ " private key values struct\n", __FUNCTION__);
++ ICP_CACHE_FREE(drvRSADecrypt_zone, rsaDecryptOpData);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ rsaDecryptOpData->pRecipientPrivateKey->
++ version = CPA_CY_RSA_VERSION_TWO_PRIME;
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRepType = CPA_CY_RSA_PRIVATE_KEY_REP_TYPE_2;
++
++ pOutputData = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
++ if (NULL == pOutputData) {
++ APRINTK("%s():Failed to get memory"
++ " for MOD EXP CRT output data\n", __FUNCTION__);
++ ICP_CACHE_FREE(drvRSAPrivateKey_zone,
++ rsaDecryptOpData->pRecipientPrivateKey);
++ ICP_CACHE_FREE(drvRSADecrypt_zone, rsaDecryptOpData);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ rsaDecryptOpData->pRecipientPrivateKey->
++ version = CPA_CY_RSA_VERSION_TWO_PRIME;
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRepType = CPA_CY_RSA_PRIVATE_KEY_REP_TYPE_2;
++
++ /* Link parameters */
++ rsaDecryptOpData->inputData.pData =
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_I_INDEX].crp_p;
++ BITS_TO_BYTES(rsaDecryptOpData->inputData.dataLenInBytes,
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_I_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(rsaDecryptOpData->inputData.pData,
++ rsaDecryptOpData->inputData.dataLenInBytes);
++
++ rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.prime1P.pData =
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_P_INDEX].crp_p;
++ BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.
++ prime1P.dataLenInBytes,
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_P_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.prime1P.pData,
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.prime1P.dataLenInBytes);
++
++ rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.prime2Q.pData =
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_Q_INDEX].crp_p;
++ BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.
++ prime2Q.dataLenInBytes,
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_Q_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.prime2Q.pData,
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.prime2Q.dataLenInBytes);
++
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.exponent1Dp.pData =
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DP_INDEX].crp_p;
++ BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.
++ exponent1Dp.dataLenInBytes,
++ krp->
++ krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DP_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.exponent1Dp.pData,
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.exponent1Dp.dataLenInBytes);
++
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.exponent2Dq.pData =
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DQ_INDEX].crp_p;
++ BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.exponent2Dq.dataLenInBytes,
++ krp->
++ krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DQ_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.exponent2Dq.pData,
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.exponent2Dq.dataLenInBytes);
++
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.coefficientQInv.pData =
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_COEFF_QINV_INDEX].crp_p;
++ BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.coefficientQInv.dataLenInBytes,
++ krp->
++ krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_COEFF_QINV_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.coefficientQInv.pData,
++ rsaDecryptOpData->pRecipientPrivateKey->
++ privateKeyRep2.coefficientQInv.dataLenInBytes);
++
++ /* Output Parameter */
++ pOutputData->pData =
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_RESULT_INDEX].crp_p;
++ BITS_TO_BYTES(pOutputData->dataLenInBytes,
++ krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_RESULT_INDEX].
++ crp_nbits);
++
++ lacStatus = cpaCyRsaDecrypt(CPA_INSTANCE_HANDLE_SINGLE,
++ icp_ocfDrvModExpCRTCallBack,
++ callbackTag, rsaDecryptOpData, pOutputData);
++
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): Mod Exp CRT Operation failed (%d).\n",
++ __FUNCTION__, lacStatus);
++ krp->krp_status = ECANCELED;
++ icp_ocfDrvFreeFlatBuffer(pOutputData);
++ ICP_CACHE_FREE(drvRSAPrivateKey_zone,
++ rsaDecryptOpData->pRecipientPrivateKey);
++ ICP_CACHE_FREE(drvRSADecrypt_zone, rsaDecryptOpData);
++ }
++
++ return lacStatus;
++}
++
++/* Name : icp_ocfDrvCheckALessThanB
++ *
++ * Description : This function will check whether the first argument is less
++ * than the second. It is used to check whether the DSA RS sign Random K
++ * value is less than the Prime Q value (as defined in the specification)
++ *
++ */
++static int
++icp_ocfDrvCheckALessThanB(CpaFlatBuffer * pK, CpaFlatBuffer * pQ, int *doCheck)
++{
++
++ uint8_t *MSB_K = pK->pData;
++ uint8_t *MSB_Q = pQ->pData;
++ uint32_t buffer_lengths_in_bytes = pQ->dataLenInBytes;
++
++ if (DONT_RUN_LESS_THAN_CHECK == *doCheck) {
++ return FAIL_A_IS_GREATER_THAN_B;
++ }
++
++/*Check MSBs
++if A == B, check next MSB
++if A > B, return A_IS_GREATER_THAN_B
++if A < B, return A_IS_LESS_THAN_B (success)
++*/
++ while (*MSB_K == *MSB_Q) {
++ MSB_K++;
++ MSB_Q++;
++
++ buffer_lengths_in_bytes--;
++ if (0 == buffer_lengths_in_bytes) {
++ DPRINTK("%s() Buffers have equal value!!\n",
++ __FUNCTION__);
++ return FAIL_A_IS_EQUAL_TO_B;
++ }
++
++ }
++
++ if (*MSB_K < *MSB_Q) {
++ return SUCCESS_A_IS_LESS_THAN_B;
++ } else {
++ return FAIL_A_IS_GREATER_THAN_B;
++ }
++
++}
++
++/* Name : icp_ocfDrvDsaSign
++ *
++ * Description : This function will map DSA RS Sign from OCF to the LAC API.
++ *
++ * NOTE: From looking at OCF patch to OpenSSL and even the number of input
++ * parameters, OCF expects us to generate the random seed value. This value
++ * is generated and passed to LAC, however the number is discared in the
++ * callback and not returned to the user.
++ */
++static int icp_ocfDrvDsaSign(struct cryptkop *krp)
++{
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++ CpaCyDsaRSSignOpData *dsaRsSignOpData = NULL;
++ void *callbackTag = NULL;
++ CpaCyRandGenOpData randGenOpData;
++ int primeQSizeInBytes = 0;
++ int doCheck = 0;
++ CpaFlatBuffer randData;
++ CpaBoolean protocolStatus = CPA_FALSE;
++ CpaFlatBuffer *pR = NULL;
++ CpaFlatBuffer *pS = NULL;
++
++ callbackTag = krp;
++
++ BITS_TO_BYTES(primeQSizeInBytes,
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX].
++ crp_nbits);
++
++ if (DSA_RS_SIGN_PRIMEQ_SIZE_IN_BYTES != primeQSizeInBytes) {
++ APRINTK("%s(): DSA PRIME Q size not equal to the "
++ "FIPS defined 20bytes, = %d\n",
++ __FUNCTION__, primeQSizeInBytes);
++ krp->krp_status = EDOM;
++ return EDOM;
++ }
++
++ dsaRsSignOpData =
++ icp_kmem_cache_zalloc(drvDSARSSign_zone, ICP_M_NOWAIT);
++ if (NULL == dsaRsSignOpData) {
++ APRINTK("%s():Failed to get memory"
++ " for DSA RS Sign Op data struct\n", __FUNCTION__);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ dsaRsSignOpData->K.pData =
++ icp_kmem_cache_alloc(drvDSARSSignKValue_zone, ICP_M_NOWAIT);
++
++ if (NULL == dsaRsSignOpData->K.pData) {
++ APRINTK("%s():Failed to get memory"
++ " for DSA RS Sign Op Random value\n", __FUNCTION__);
++ ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ pR = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
++ if (NULL == pR) {
++ APRINTK("%s():Failed to get memory"
++ " for DSA signature R\n", __FUNCTION__);
++ ICP_CACHE_FREE(drvDSARSSignKValue_zone,
++ dsaRsSignOpData->K.pData);
++ ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ pS = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
++ if (NULL == pS) {
++ APRINTK("%s():Failed to get memory"
++ " for DSA signature S\n", __FUNCTION__);
++ icp_ocfDrvFreeFlatBuffer(pR);
++ ICP_CACHE_FREE(drvDSARSSignKValue_zone,
++ dsaRsSignOpData->K.pData);
++ ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ /*link prime number parameter for ease of processing */
++ dsaRsSignOpData->P.pData =
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_P_INDEX].crp_p;
++ BITS_TO_BYTES(dsaRsSignOpData->P.dataLenInBytes,
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_P_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(dsaRsSignOpData->P.pData,
++ dsaRsSignOpData->P.dataLenInBytes);
++
++ dsaRsSignOpData->Q.pData =
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX].crp_p;
++ BITS_TO_BYTES(dsaRsSignOpData->Q.dataLenInBytes,
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX].
++ crp_nbits);
++
++ icp_ocfDrvSwapBytes(dsaRsSignOpData->Q.pData,
++ dsaRsSignOpData->Q.dataLenInBytes);
++
++ /*generate random number with equal buffer size to Prime value Q,
++ but value less than Q */
++ dsaRsSignOpData->K.dataLenInBytes = dsaRsSignOpData->Q.dataLenInBytes;
++
++ randGenOpData.generateBits = CPA_TRUE;
++ randGenOpData.lenInBytes = dsaRsSignOpData->K.dataLenInBytes;
++
++ icp_ocfDrvPtrAndLenToFlatBuffer(dsaRsSignOpData->K.pData,
++ dsaRsSignOpData->K.dataLenInBytes,
++ &randData);
++
++ doCheck = 0;
++ while (icp_ocfDrvCheckALessThanB(&(dsaRsSignOpData->K),
++ &(dsaRsSignOpData->Q), &doCheck)) {
++
++ if (CPA_STATUS_SUCCESS
++ != cpaCyRandGen(CPA_INSTANCE_HANDLE_SINGLE,
++ NULL, NULL, &randGenOpData, &randData)) {
++ APRINTK("%s(): ERROR - Failed to generate DSA RS Sign K"
++ "value\n", __FUNCTION__);
++ icp_ocfDrvFreeFlatBuffer(pS);
++ icp_ocfDrvFreeFlatBuffer(pR);
++ ICP_CACHE_FREE(drvDSARSSignKValue_zone,
++ dsaRsSignOpData->K.pData);
++ ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
++ krp->krp_status = EAGAIN;
++ return EAGAIN;
++ }
++
++ doCheck++;
++ if (DSA_SIGN_RAND_GEN_VAL_CHECK_MAX_ITERATIONS == doCheck) {
++ APRINTK("%s(): ERROR - Failed to find DSA RS Sign K "
++ "value less than Q value\n", __FUNCTION__);
++ icp_ocfDrvFreeFlatBuffer(pS);
++ icp_ocfDrvFreeFlatBuffer(pR);
++ ICP_CACHE_FREE(drvDSARSSignKValue_zone,
++ dsaRsSignOpData->K.pData);
++ ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
++ krp->krp_status = EAGAIN;
++ return EAGAIN;
++ }
++
++ }
++ /*Rand Data - no need to swap bytes for pK */
++
++ /* Link parameters */
++ dsaRsSignOpData->G.pData =
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_G_INDEX].crp_p;
++ BITS_TO_BYTES(dsaRsSignOpData->G.dataLenInBytes,
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_G_INDEX].crp_nbits);
++
++ icp_ocfDrvSwapBytes(dsaRsSignOpData->G.pData,
++ dsaRsSignOpData->G.dataLenInBytes);
++
++ dsaRsSignOpData->X.pData =
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_X_INDEX].crp_p;
++ BITS_TO_BYTES(dsaRsSignOpData->X.dataLenInBytes,
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_X_INDEX].crp_nbits);
++ icp_ocfDrvSwapBytes(dsaRsSignOpData->X.pData,
++ dsaRsSignOpData->X.dataLenInBytes);
++
++ /*OpenSSL dgst parameter is left in big endian byte order,
++ therefore no byte swap is required */
++ dsaRsSignOpData->M.pData =
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX].crp_p;
++ BITS_TO_BYTES(dsaRsSignOpData->M.dataLenInBytes,
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX].
++ crp_nbits);
++
++ /* Output Parameters */
++ pS->pData = krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_S_RESULT_INDEX].crp_p;
++ BITS_TO_BYTES(pS->dataLenInBytes,
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_S_RESULT_INDEX].
++ crp_nbits);
++
++ pR->pData = krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_R_RESULT_INDEX].crp_p;
++ BITS_TO_BYTES(pR->dataLenInBytes,
++ krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_R_RESULT_INDEX].
++ crp_nbits);
++
++ lacStatus = cpaCyDsaSignRS(CPA_INSTANCE_HANDLE_SINGLE,
++ icp_ocfDrvDsaRSSignCallBack,
++ callbackTag, dsaRsSignOpData,
++ &protocolStatus, pR, pS);
++
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): DSA RS Sign Operation failed (%d).\n",
++ __FUNCTION__, lacStatus);
++ krp->krp_status = ECANCELED;
++ icp_ocfDrvFreeFlatBuffer(pS);
++ icp_ocfDrvFreeFlatBuffer(pR);
++ ICP_CACHE_FREE(drvDSARSSignKValue_zone,
++ dsaRsSignOpData->K.pData);
++ ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
++ }
++
++ return lacStatus;
++}
++
++/* Name : icp_ocfDrvDsaVerify
++ *
++ * Description : This function will map DSA RS Verify from OCF to the LAC API.
++ *
++ */
++static int icp_ocfDrvDsaVerify(struct cryptkop *krp)
++{
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++ CpaCyDsaVerifyOpData *dsaVerifyOpData = NULL;
++ void *callbackTag = NULL;
++ CpaBoolean verifyStatus = CPA_FALSE;
++
++ callbackTag = krp;
++
++ dsaVerifyOpData =
++ icp_kmem_cache_zalloc(drvDSAVerify_zone, ICP_M_NOWAIT);
++ if (NULL == dsaVerifyOpData) {
++ APRINTK("%s():Failed to get memory"
++ " for DSA Verify Op data struct\n", __FUNCTION__);
++ krp->krp_status = ENOMEM;
++ return ENOMEM;
++ }
++
++ /* Link parameters */
++ dsaVerifyOpData->P.pData =
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PRIME_P_INDEX].crp_p;
++ BITS_TO_BYTES(dsaVerifyOpData->P.dataLenInBytes,
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PRIME_P_INDEX].
++ crp_nbits);
++ icp_ocfDrvSwapBytes(dsaVerifyOpData->P.pData,
++ dsaVerifyOpData->P.dataLenInBytes);
++
++ dsaVerifyOpData->Q.pData =
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PRIME_Q_INDEX].crp_p;
++ BITS_TO_BYTES(dsaVerifyOpData->Q.dataLenInBytes,
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PRIME_Q_INDEX].
++ crp_nbits);
++ icp_ocfDrvSwapBytes(dsaVerifyOpData->Q.pData,
++ dsaVerifyOpData->Q.dataLenInBytes);
++
++ dsaVerifyOpData->G.pData =
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_G_INDEX].crp_p;
++ BITS_TO_BYTES(dsaVerifyOpData->G.dataLenInBytes,
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_G_INDEX].
++ crp_nbits);
++ icp_ocfDrvSwapBytes(dsaVerifyOpData->G.pData,
++ dsaVerifyOpData->G.dataLenInBytes);
++
++ dsaVerifyOpData->Y.pData =
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PUBKEY_INDEX].crp_p;
++ BITS_TO_BYTES(dsaVerifyOpData->Y.dataLenInBytes,
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PUBKEY_INDEX].
++ crp_nbits);
++ icp_ocfDrvSwapBytes(dsaVerifyOpData->Y.pData,
++ dsaVerifyOpData->Y.dataLenInBytes);
++
++ /*OpenSSL dgst parameter is left in big endian byte order,
++ therefore no byte swap is required */
++ dsaVerifyOpData->M.pData =
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX].crp_p;
++ BITS_TO_BYTES(dsaVerifyOpData->M.dataLenInBytes,
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX].
++ crp_nbits);
++
++ dsaVerifyOpData->R.pData =
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_SIG_R_INDEX].crp_p;
++ BITS_TO_BYTES(dsaVerifyOpData->R.dataLenInBytes,
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_SIG_R_INDEX].
++ crp_nbits);
++ icp_ocfDrvSwapBytes(dsaVerifyOpData->R.pData,
++ dsaVerifyOpData->R.dataLenInBytes);
++
++ dsaVerifyOpData->S.pData =
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_SIG_S_INDEX].crp_p;
++ BITS_TO_BYTES(dsaVerifyOpData->S.dataLenInBytes,
++ krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_SIG_S_INDEX].
++ crp_nbits);
++ icp_ocfDrvSwapBytes(dsaVerifyOpData->S.pData,
++ dsaVerifyOpData->S.dataLenInBytes);
++
++ lacStatus = cpaCyDsaVerify(CPA_INSTANCE_HANDLE_SINGLE,
++ icp_ocfDrvDsaVerifyCallBack,
++ callbackTag, dsaVerifyOpData, &verifyStatus);
++
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): DSA Verify Operation failed (%d).\n",
++ __FUNCTION__, lacStatus);
++ ICP_CACHE_FREE(drvDSAVerify_zone, dsaVerifyOpData);
++ krp->krp_status = ECANCELED;
++ }
++
++ return lacStatus;
++}
++
++/* Name : icp_ocfDrvDhP1Callback
++ *
++ * Description : When this function returns it signifies that the LAC
++ * component has completed the DH operation.
++ */
++static void
++icp_ocfDrvDhP1CallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpData, CpaFlatBuffer * pLocalOctetStringPV)
++{
++ struct cryptkop *krp = NULL;
++ CpaCyDhPhase1KeyGenOpData *pPhase1OpData = NULL;
++
++ if (NULL == callbackTag) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "callbackTag data is NULL\n", __FUNCTION__);
++ return;
++ }
++ krp = (struct cryptkop *)callbackTag;
++
++ if (NULL == pOpData) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "Operation Data is NULL\n", __FUNCTION__);
++ krp->krp_status = ECANCELED;
++ crypto_kdone(krp);
++ return;
++ }
++ pPhase1OpData = (CpaCyDhPhase1KeyGenOpData *) pOpData;
++
++ if (NULL == pLocalOctetStringPV) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "pLocalOctetStringPV Data is NULL\n", __FUNCTION__);
++ memset(pPhase1OpData, 0, sizeof(CpaCyDhPhase1KeyGenOpData));
++ ICP_CACHE_FREE(drvDH_zone, pPhase1OpData);
++ krp->krp_status = ECANCELED;
++ crypto_kdone(krp);
++ return;
++ }
++
++ if (CPA_STATUS_SUCCESS == status) {
++ krp->krp_status = CRYPTO_OP_SUCCESS;
++ } else {
++ APRINTK("%s(): Diffie Hellman Phase1 Key Gen failed - "
++ "Operation Status = %d\n", __FUNCTION__, status);
++ krp->krp_status = ECANCELED;
++ }
++
++ icp_ocfDrvSwapBytes(pLocalOctetStringPV->pData,
++ pLocalOctetStringPV->dataLenInBytes);
++
++ icp_ocfDrvFreeFlatBuffer(pLocalOctetStringPV);
++ memset(pPhase1OpData, 0, sizeof(CpaCyDhPhase1KeyGenOpData));
++ ICP_CACHE_FREE(drvDH_zone, pPhase1OpData);
++
++ crypto_kdone(krp);
++
++ return;
++}
++
++/* Name : icp_ocfDrvModExpCallBack
++ *
++ * Description : When this function returns it signifies that the LAC
++ * component has completed the Mod Exp operation.
++ */
++static void
++icp_ocfDrvModExpCallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpdata, CpaFlatBuffer * pResult)
++{
++ struct cryptkop *krp = NULL;
++ CpaCyLnModExpOpData *pLnModExpOpData = NULL;
++
++ if (NULL == callbackTag) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "callbackTag data is NULL\n", __FUNCTION__);
++ return;
++ }
++ krp = (struct cryptkop *)callbackTag;
++
++ if (NULL == pOpdata) {
++ DPRINTK("%s(): Invalid Mod Exp input parameters - "
++ "Operation Data is NULL\n", __FUNCTION__);
++ krp->krp_status = ECANCELED;
++ crypto_kdone(krp);
++ return;
++ }
++ pLnModExpOpData = (CpaCyLnModExpOpData *) pOpdata;
++
++ if (NULL == pResult) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "pResult data is NULL\n", __FUNCTION__);
++ krp->krp_status = ECANCELED;
++ memset(pLnModExpOpData, 0, sizeof(CpaCyLnModExpOpData));
++ ICP_CACHE_FREE(drvLnModExp_zone, pLnModExpOpData);
++ crypto_kdone(krp);
++ return;
++ }
++
++ if (CPA_STATUS_SUCCESS == status) {
++ krp->krp_status = CRYPTO_OP_SUCCESS;
++ } else {
++ APRINTK("%s(): LAC Mod Exp Operation failed - "
++ "Operation Status = %d\n", __FUNCTION__, status);
++ krp->krp_status = ECANCELED;
++ }
++
++ icp_ocfDrvSwapBytes(pResult->pData, pResult->dataLenInBytes);
++
++ /*switch base size value back to original */
++ if (pLnModExpOpData->base.pData ==
++ (uint8_t *) & (krp->
++ krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].
++ crp_nbits)) {
++ *((uint32_t *) pLnModExpOpData->base.pData) =
++ ntohl(*((uint32_t *) pLnModExpOpData->base.pData));
++ }
++ icp_ocfDrvFreeFlatBuffer(pResult);
++ memset(pLnModExpOpData, 0, sizeof(CpaCyLnModExpOpData));
++ ICP_CACHE_FREE(drvLnModExp_zone, pLnModExpOpData);
++
++ crypto_kdone(krp);
++
++ return;
++
++}
++
++/* Name : icp_ocfDrvModExpCRTCallBack
++ *
++ * Description : When this function returns it signifies that the LAC
++ * component has completed the Mod Exp CRT operation.
++ */
++static void
++icp_ocfDrvModExpCRTCallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpData, CpaFlatBuffer * pOutputData)
++{
++ struct cryptkop *krp = NULL;
++ CpaCyRsaDecryptOpData *pDecryptData = NULL;
++
++ if (NULL == callbackTag) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "callbackTag data is NULL\n", __FUNCTION__);
++ return;
++ }
++
++ krp = (struct cryptkop *)callbackTag;
++
++ if (NULL == pOpData) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "Operation Data is NULL\n", __FUNCTION__);
++ krp->krp_status = ECANCELED;
++ crypto_kdone(krp);
++ return;
++ }
++ pDecryptData = (CpaCyRsaDecryptOpData *) pOpData;
++
++ if (NULL == pOutputData) {
++ DPRINTK("%s(): Invalid input parameter - "
++ "pOutputData is NULL\n", __FUNCTION__);
++ memset(pDecryptData->pRecipientPrivateKey, 0,
++ sizeof(CpaCyRsaPrivateKey));
++ ICP_CACHE_FREE(drvRSAPrivateKey_zone,
++ pDecryptData->pRecipientPrivateKey);
++ memset(pDecryptData, 0, sizeof(CpaCyRsaDecryptOpData));
++ ICP_CACHE_FREE(drvRSADecrypt_zone, pDecryptData);
++ krp->krp_status = ECANCELED;
++ crypto_kdone(krp);
++ return;
++ }
++
++ if (CPA_STATUS_SUCCESS == status) {
++ krp->krp_status = CRYPTO_OP_SUCCESS;
++ } else {
++ APRINTK("%s(): LAC Mod Exp CRT operation failed - "
++ "Operation Status = %d\n", __FUNCTION__, status);
++ krp->krp_status = ECANCELED;
++ }
++
++ icp_ocfDrvSwapBytes(pOutputData->pData, pOutputData->dataLenInBytes);
++
++ icp_ocfDrvFreeFlatBuffer(pOutputData);
++ memset(pDecryptData->pRecipientPrivateKey, 0,
++ sizeof(CpaCyRsaPrivateKey));
++ ICP_CACHE_FREE(drvRSAPrivateKey_zone,
++ pDecryptData->pRecipientPrivateKey);
++ memset(pDecryptData, 0, sizeof(CpaCyRsaDecryptOpData));
++ ICP_CACHE_FREE(drvRSADecrypt_zone, pDecryptData);
++
++ crypto_kdone(krp);
++
++ return;
++}
++
++/* Name : icp_ocfDrvDsaRSSignCallBack
++ *
++ * Description : When this function returns it signifies that the LAC
++ * component has completed the DSA RS sign operation.
++ */
++static void
++icp_ocfDrvDsaRSSignCallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpData,
++ CpaBoolean protocolStatus,
++ CpaFlatBuffer * pR, CpaFlatBuffer * pS)
++{
++ struct cryptkop *krp = NULL;
++ CpaCyDsaRSSignOpData *pSignData = NULL;
++
++ if (NULL == callbackTag) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "callbackTag data is NULL\n", __FUNCTION__);
++ return;
++ }
++
++ krp = (struct cryptkop *)callbackTag;
++
++ if (NULL == pOpData) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "Operation Data is NULL\n", __FUNCTION__);
++ krp->krp_status = ECANCELED;
++ crypto_kdone(krp);
++ return;
++ }
++ pSignData = (CpaCyDsaRSSignOpData *) pOpData;
++
++ if (NULL == pR) {
++ DPRINTK("%s(): Invalid input parameter - "
++ "pR sign is NULL\n", __FUNCTION__);
++ icp_ocfDrvFreeFlatBuffer(pS);
++ ICP_CACHE_FREE(drvDSARSSign_zone, pSignData);
++ krp->krp_status = ECANCELED;
++ crypto_kdone(krp);
++ return;
++ }
++
++ if (NULL == pS) {
++ DPRINTK("%s(): Invalid input parameter - "
++ "pS sign is NULL\n", __FUNCTION__);
++ icp_ocfDrvFreeFlatBuffer(pR);
++ ICP_CACHE_FREE(drvDSARSSign_zone, pSignData);
++ krp->krp_status = ECANCELED;
++ crypto_kdone(krp);
++ return;
++ }
++
++ if (CPA_STATUS_SUCCESS != status) {
++ APRINTK("%s(): LAC DSA RS Sign operation failed - "
++ "Operation Status = %d\n", __FUNCTION__, status);
++ krp->krp_status = ECANCELED;
++ } else {
++ krp->krp_status = CRYPTO_OP_SUCCESS;
++
++ if (CPA_TRUE != protocolStatus) {
++ DPRINTK("%s(): LAC DSA RS Sign operation failed due "
++ "to protocol error\n", __FUNCTION__);
++ krp->krp_status = EIO;
++ }
++ }
++
++ /* Swap bytes only when the callback status is successful and
++ protocolStatus is set to true */
++ if (CPA_STATUS_SUCCESS == status && CPA_TRUE == protocolStatus) {
++ icp_ocfDrvSwapBytes(pR->pData, pR->dataLenInBytes);
++ icp_ocfDrvSwapBytes(pS->pData, pS->dataLenInBytes);
++ }
++
++ icp_ocfDrvFreeFlatBuffer(pR);
++ icp_ocfDrvFreeFlatBuffer(pS);
++ memset(pSignData->K.pData, 0, pSignData->K.dataLenInBytes);
++ ICP_CACHE_FREE(drvDSARSSignKValue_zone, pSignData->K.pData);
++ memset(pSignData, 0, sizeof(CpaCyDsaRSSignOpData));
++ ICP_CACHE_FREE(drvDSARSSign_zone, pSignData);
++ crypto_kdone(krp);
++
++ return;
++}
++
++/* Name : icp_ocfDrvDsaVerifyCallback
++ *
++ * Description : When this function returns it signifies that the LAC
++ * component has completed the DSA Verify operation.
++ */
++static void
++icp_ocfDrvDsaVerifyCallBack(void *callbackTag,
++ CpaStatus status,
++ void *pOpData, CpaBoolean verifyStatus)
++{
++
++ struct cryptkop *krp = NULL;
++ CpaCyDsaVerifyOpData *pVerData = NULL;
++
++ if (NULL == callbackTag) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "callbackTag data is NULL\n", __FUNCTION__);
++ return;
++ }
++
++ krp = (struct cryptkop *)callbackTag;
++
++ if (NULL == pOpData) {
++ DPRINTK("%s(): Invalid input parameters - "
++ "Operation Data is NULL\n", __FUNCTION__);
++ krp->krp_status = ECANCELED;
++ crypto_kdone(krp);
++ return;
++ }
++ pVerData = (CpaCyDsaVerifyOpData *) pOpData;
++
++ if (CPA_STATUS_SUCCESS != status) {
++ APRINTK("%s(): LAC DSA Verify operation failed - "
++ "Operation Status = %d\n", __FUNCTION__, status);
++ krp->krp_status = ECANCELED;
++ } else {
++ krp->krp_status = CRYPTO_OP_SUCCESS;
++
++ if (CPA_TRUE != verifyStatus) {
++ DPRINTK("%s(): DSA signature invalid\n", __FUNCTION__);
++ krp->krp_status = EIO;
++ }
++ }
++
++ /* Swap bytes only when the callback status is successful and
++ verifyStatus is set to true */
++ /*Just swapping back the key values for now. Possibly all
++ swapped buffers need to be reverted */
++ if (CPA_STATUS_SUCCESS == status && CPA_TRUE == verifyStatus) {
++ icp_ocfDrvSwapBytes(pVerData->R.pData,
++ pVerData->R.dataLenInBytes);
++ icp_ocfDrvSwapBytes(pVerData->S.pData,
++ pVerData->S.dataLenInBytes);
++ }
++
++ memset(pVerData, 0, sizeof(CpaCyDsaVerifyOpData));
++ ICP_CACHE_FREE(drvDSAVerify_zone, pVerData);
++ crypto_kdone(krp);
++
++ return;
++}
+diff --git a/crypto/ocf/ep80579/icp_common.c b/crypto/ocf/ep80579/icp_common.c
+new file mode 100644
+index 0000000..5d46c0a
+--- /dev/null
++++ b/crypto/ocf/ep80579/icp_common.c
+@@ -0,0 +1,773 @@
++/*************************************************************************
++ *
++ * This file is provided under a dual BSD/GPLv2 license. When using or
++ * redistributing this file, you may do so under either license.
++ *
++ * GPL LICENSE SUMMARY
++ *
++ * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of version 2 of the GNU General Public License as
++ * published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ * General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
++ * The full GNU General Public License is included in this distribution
++ * in the file called LICENSE.GPL.
++ *
++ * Contact Information:
++ * Intel Corporation
++ *
++ * BSD LICENSE
++ *
++ * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * * Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ * * Neither the name of Intel Corporation nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
++ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
++ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
++ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
++ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ *
++ * version: Security.L.1.0.2-229
++ *
++ ***************************************************************************/
++
++/*
++ * An OCF module that uses Intel® QuickAssist Integrated Accelerator to do the
++ * crypto.
++ *
++ * This driver requires the ICP Access Library that is available from Intel in
++ * order to operate.
++ */
++
++#include "icp_ocf.h"
++
++#define ICP_OCF_COMP_NAME "ICP_OCF"
++#define ICP_OCF_VER_MAIN (2)
++#define ICP_OCF_VER_MJR (1)
++#define ICP_OCF_VER_MNR (0)
++
++#define MAX_DEREG_RETRIES (100)
++#define DEFAULT_DEREG_RETRIES (10)
++#define DEFAULT_DEREG_DELAY_IN_JIFFIES (10)
++
++/* This defines the maximum number of sessions possible between OCF
++ and the OCF EP80579 Driver. If set to zero, there is no limit. */
++#define DEFAULT_OCF_TO_DRV_MAX_SESSION_COUNT (0)
++#define NUM_SUPPORTED_CAPABILITIES (21)
++
++/*Slab zone names*/
++#define ICP_SESSION_DATA_NAME "icp_ocf.SesDat"
++#define ICP_OP_DATA_NAME "icp_ocf.OpDat"
++#define ICP_DH_NAME "icp_ocf.DH"
++#define ICP_MODEXP_NAME "icp_ocf.ModExp"
++#define ICP_RSA_DECRYPT_NAME "icp_ocf.RSAdec"
++#define ICP_RSA_PKEY_NAME "icp_ocf.RSApk"
++#define ICP_DSA_SIGN_NAME "icp_ocf.DSAsg"
++#define ICP_DSA_VER_NAME "icp_ocf.DSAver"
++#define ICP_RAND_VAL_NAME "icp_ocf.DSArnd"
++#define ICP_FLAT_BUFF_NAME "icp_ocf.FB"
++
++/*Slabs zones*/
++icp_kmem_cache drvSessionData_zone = NULL;
++icp_kmem_cache drvOpData_zone = NULL;
++icp_kmem_cache drvDH_zone = NULL;
++icp_kmem_cache drvLnModExp_zone = NULL;
++icp_kmem_cache drvRSADecrypt_zone = NULL;
++icp_kmem_cache drvRSAPrivateKey_zone = NULL;
++icp_kmem_cache drvDSARSSign_zone = NULL;
++icp_kmem_cache drvDSARSSignKValue_zone = NULL;
++icp_kmem_cache drvDSAVerify_zone = NULL;
++
++/*Slab zones for flatbuffers and bufferlist*/
++icp_kmem_cache drvFlatBuffer_zone = NULL;
++
++static inline int icp_cache_null_check(void)
++{
++ return (drvSessionData_zone && drvOpData_zone
++ && drvDH_zone && drvLnModExp_zone && drvRSADecrypt_zone
++ && drvRSAPrivateKey_zone && drvDSARSSign_zone
++ && drvDSARSSign_zone && drvDSARSSignKValue_zone
++ && drvDSAVerify_zone && drvFlatBuffer_zone);
++}
++
++/*Function to free all allocated slab caches before exiting the module*/
++static void icp_ocfDrvFreeCaches(void);
++
++int32_t icp_ocfDrvDriverId = INVALID_DRIVER_ID;
++
++/* Module parameter - gives the number of times LAC deregistration shall be
++ re-tried */
++int num_dereg_retries = DEFAULT_DEREG_RETRIES;
++
++/* Module parameter - gives the delay time in jiffies before a LAC session
++ shall be attempted to be deregistered again */
++int dereg_retry_delay_in_jiffies = DEFAULT_DEREG_DELAY_IN_JIFFIES;
++
++/* Module parameter - gives the maximum number of sessions possible between
++ OCF and the OCF EP80579 Driver. If set to zero, there is no limit.*/
++int max_sessions = DEFAULT_OCF_TO_DRV_MAX_SESSION_COUNT;
++
++/* This is set when the module is removed from the system, no further
++ processing can take place if this is set */
++icp_atomic_t icp_ocfDrvIsExiting = ICP_ATOMIC_INIT(0);
++
++/* This is used to show how many lac sessions were not deregistered*/
++icp_atomic_t lac_session_failed_dereg_count = ICP_ATOMIC_INIT(0);
++
++/* This is used to track the number of registered sessions between OCF and
++ * and the OCF EP80579 driver, when max_session is set to value other than
++ * zero. This ensures that the max_session set for the OCF and the driver
++ * is equal to the LAC registered sessions */
++icp_atomic_t num_ocf_to_drv_registered_sessions = ICP_ATOMIC_INIT(0);
++
++/* Head of linked list used to store session data */
++icp_drvSessionListHead_t icp_ocfDrvGlobalSymListHead;
++icp_drvSessionListHead_t icp_ocfDrvGlobalSymListHead_FreeMemList;
++
++icp_spinlock_t icp_ocfDrvSymSessInfoListSpinlock;
++
++/*Below pointer is only used in linux, FreeBSD uses the name to
++create its own variable name*/
++icp_workqueue *icp_ocfDrvFreeLacSessionWorkQ = NULL;
++ICP_WORKQUEUE_DEFINE_THREAD(icp_ocfDrvFreeLacSessionWorkQ);
++
++struct icp_drvBuffListInfo defBuffListInfo;
++
++/* Name : icp_ocfDrvInit
++ *
++ * Description : This function will register all the symmetric and asymmetric
++ * functionality that will be accelerated by the hardware. It will also
++ * get a unique driver ID from the OCF and initialise all slab caches
++ */
++ICP_MODULE_INIT_FUNC(icp_ocfDrvInit)
++{
++ int ocfStatus = 0;
++
++ IPRINTK("=== %s ver %d.%d.%d ===\n", ICP_OCF_COMP_NAME,
++ ICP_OCF_VER_MAIN, ICP_OCF_VER_MJR, ICP_OCF_VER_MNR);
++
++ if (MAX_DEREG_RETRIES < num_dereg_retries) {
++ EPRINTK("Session deregistration retry count set to greater "
++ "than %d", MAX_DEREG_RETRIES);
++ icp_module_return_code(EINVAL);
++ }
++
++ /* Initialize and Start the Cryptographic component */
++ if (CPA_STATUS_SUCCESS !=
++ cpaCyStartInstance(CPA_INSTANCE_HANDLE_SINGLE)) {
++ EPRINTK("Failed to initialize and start the instance "
++ "of the Cryptographic component.\n");
++ return icp_module_return_code(EINVAL);
++ }
++
++ icp_spin_lock_init(&icp_ocfDrvSymSessInfoListSpinlock);
++
++ /* Set the default size of BufferList to allocate */
++ memset(&defBuffListInfo, 0, sizeof(struct icp_drvBuffListInfo));
++ if (ICP_OCF_DRV_STATUS_SUCCESS !=
++ icp_ocfDrvBufferListMemInfo(ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS,
++ &defBuffListInfo)) {
++ EPRINTK("Failed to get bufferlist memory info.\n");
++ return icp_module_return_code(ENOMEM);
++ }
++
++ /*Register OCF EP80579 Driver with OCF */
++ icp_ocfDrvDriverId = ICP_CRYPTO_GET_DRIVERID();
++
++ if (icp_ocfDrvDriverId < 0) {
++ EPRINTK("%s : ICP driver failed to register with OCF!\n",
++ __FUNCTION__);
++ return icp_module_return_code(ENODEV);
++ }
++
++ /*Create all the slab caches used by the OCF EP80579 Driver */
++ drvSessionData_zone =
++ ICP_CACHE_CREATE(ICP_SESSION_DATA_NAME, struct icp_drvSessionData);
++
++ /*
++ * Allocation of the OpData includes the allocation space for meta data.
++ * The memory after the opData structure is reserved for this meta data.
++ */
++ drvOpData_zone =
++ icp_kmem_cache_create(ICP_OP_DATA_NAME,
++ sizeof(struct icp_drvOpData) +
++ defBuffListInfo.metaSize,
++ ICP_KERNEL_CACHE_ALIGN,
++ ICP_KERNEL_CACHE_NOINIT);
++
++ drvDH_zone = ICP_CACHE_CREATE(ICP_DH_NAME, CpaCyDhPhase1KeyGenOpData);
++
++ drvLnModExp_zone =
++ ICP_CACHE_CREATE(ICP_MODEXP_NAME, CpaCyLnModExpOpData);
++
++ drvRSADecrypt_zone =
++ ICP_CACHE_CREATE(ICP_RSA_DECRYPT_NAME, CpaCyRsaDecryptOpData);
++
++ drvRSAPrivateKey_zone =
++ ICP_CACHE_CREATE(ICP_RSA_PKEY_NAME, CpaCyRsaPrivateKey);
++
++ drvDSARSSign_zone =
++ ICP_CACHE_CREATE(ICP_DSA_SIGN_NAME, CpaCyDsaRSSignOpData);
++
++ /*too awkward to use a macro here */
++ drvDSARSSignKValue_zone =
++ ICP_CACHE_CREATE(ICP_RAND_VAL_NAME,
++ DSA_RS_SIGN_PRIMEQ_SIZE_IN_BYTES);
++
++ drvDSAVerify_zone =
++ ICP_CACHE_CREATE(ICP_DSA_VER_NAME, CpaCyDsaVerifyOpData);
++
++ drvFlatBuffer_zone =
++ ICP_CACHE_CREATE(ICP_FLAT_BUFF_NAME, CpaFlatBuffer);
++
++ if (0 == icp_cache_null_check()) {
++ icp_ocfDrvFreeCaches();
++ EPRINTK("%s() line %d: Not enough memory!\n",
++ __FUNCTION__, __LINE__);
++ return ENOMEM;
++ }
++
++ /* Register the ICP symmetric crypto support. */
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_NULL_CBC, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_DES_CBC, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_3DES_CBC, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_AES_CBC, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_ARC4, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_MD5, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_MD5_HMAC, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA1, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA1_HMAC, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_256, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_256_HMAC,
++ ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_384, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_384_HMAC,
++ ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_512, ocfStatus);
++ ICP_REG_SYM_WITH_OCF(icp_ocfDrvDriverId, CRYPTO_SHA2_512_HMAC,
++ ocfStatus);
++
++ /* Register the ICP asymmetric algorithm support */
++ ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_DH_COMPUTE_KEY,
++ ocfStatus);
++ ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_MOD_EXP, ocfStatus);
++ ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_MOD_EXP_CRT, ocfStatus);
++ ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_DSA_SIGN, ocfStatus);
++ ICP_REG_ASYM_WITH_OCF(icp_ocfDrvDriverId, CRK_DSA_VERIFY, ocfStatus);
++
++ /* Register the ICP random number generator support */
++ ICP_REG_RAND_WITH_OCF(icp_ocfDrvDriverId,
++ icp_ocfDrvReadRandom, NULL, ocfStatus);
++
++ if (OCF_ZERO_FUNCTIONALITY_REGISTERED == ocfStatus) {
++ DPRINTK("%s: Failed to register any device capabilities\n",
++ __FUNCTION__);
++ icp_ocfDrvFreeCaches();
++ icp_ocfDrvDriverId = INVALID_DRIVER_ID;
++ return icp_module_return_code(ECANCELED);
++ }
++
++ DPRINTK("%s: Registered %d of %d device capabilities\n",
++ __FUNCTION__, ocfStatus, NUM_SUPPORTED_CAPABILITIES);
++
++ /*Session data linked list used during module exit */
++ ICP_INIT_LIST_HEAD(&icp_ocfDrvGlobalSymListHead);
++ ICP_INIT_LIST_HEAD(&icp_ocfDrvGlobalSymListHead_FreeMemList);
++
++ ICP_WORKQUEUE_CREATE(icp_ocfDrvFreeLacSessionWorkQ, "icpwq");
++ if (ICP_WORKQUEUE_NULL_CHECK(icp_ocfDrvFreeLacSessionWorkQ)) {
++ EPRINTK("%s: Failed to create single "
++ "thread workqueue\n", __FUNCTION__);
++ icp_ocfDrvFreeCaches();
++ icp_ocfDrvDriverId = INVALID_DRIVER_ID;
++ return icp_module_return_code(ENOMEM);
++ }
++
++ return icp_module_return_code(0);
++}
++
++/* Name : icp_ocfDrvExit
++ *
++ * Description : This function will deregister all the symmetric sessions
++ * registered with the LAC component. It will also deregister all symmetric
++ * and asymmetric functionality that can be accelerated by the hardware via OCF
++ * and random number generation if it is enabled.
++ */
++ICP_MODULE_EXIT_FUNC(icp_ocfDrvExit)
++{
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++ struct icp_drvSessionData *sessionData = NULL;
++ struct icp_drvSessionData *tempSessionData = NULL;
++ int i, remaining_delay_time_in_jiffies = 0;
++
++ /* For FreeBSD the invariant macro below makes function to return */
++ /* with EBUSY value in the case of any session which has been regi- */
++ /* stered with LAC not being deregistered. */
++ /* The Linux implementation is empty since it is purely to compensate */
++ /* for a limitation of the FreeBSD 7.1 Opencrypto framework. */
++
++ ICP_MODULE_EXIT_INV();
++
++ /* There is a possibility of a process or new session command being */
++ /* sent before this variable is incremented. The aim of this variable */
++ /* is to stop a loop of calls creating a deadlock situation which */
++ /* would prevent the driver from exiting. */
++ icp_atomic_set(&icp_ocfDrvIsExiting, 1);
++
++ /*Existing sessions will be routed to another driver after these calls */
++ crypto_unregister_all(icp_ocfDrvDriverId);
++ crypto_runregister_all(icp_ocfDrvDriverId);
++
++ if (ICP_WORKQUEUE_NULL_CHECK(icp_ocfDrvFreeLacSessionWorkQ)) {
++ DPRINTK("%s: workqueue already "
++ "destroyed, therefore module exit "
++ " function already called. Exiting.\n", __FUNCTION__);
++ return ICP_MODULE_EXIT_FUNC_RETURN_VAL;
++ }
++ /*If any sessions are waiting to be deregistered, do that. This also
++ flushes the work queue */
++ ICP_WORKQUEUE_DESTROY(icp_ocfDrvFreeLacSessionWorkQ);
++
++ /*ENTER CRITICAL SECTION */
++ icp_spin_lockbh_lock(&icp_ocfDrvSymSessInfoListSpinlock);
++
++ ICP_LIST_FOR_EACH_ENTRY_SAFE(tempSessionData, sessionData,
++ &icp_ocfDrvGlobalSymListHead, listNode) {
++ for (i = 0; i < num_dereg_retries; i++) {
++ /*No harm if bad input - LAC will handle error cases */
++ if (ICP_SESSION_RUNNING == tempSessionData->inUse) {
++ lacStatus =
++ cpaCySymRemoveSession
++ (CPA_INSTANCE_HANDLE_SINGLE,
++ tempSessionData->sessHandle);
++ if (CPA_STATUS_SUCCESS == lacStatus) {
++ /* Succesfully deregistered */
++ break;
++ } else if (CPA_STATUS_RETRY != lacStatus) {
++ icp_atomic_inc
++ (&lac_session_failed_dereg_count);
++ break;
++ }
++
++ /*schedule_timout returns the time left for completion if
++ * this task is set to TASK_INTERRUPTIBLE */
++ remaining_delay_time_in_jiffies =
++ dereg_retry_delay_in_jiffies;
++ while (0 > remaining_delay_time_in_jiffies) {
++ remaining_delay_time_in_jiffies =
++ icp_schedule_timeout
++ (&icp_ocfDrvSymSessInfoListSpinlock,
++ remaining_delay_time_in_jiffies);
++ }
++
++ DPRINTK
++ ("%s(): Retry %d to deregistrate the session\n",
++ __FUNCTION__, i);
++ }
++ }
++
++ /*remove from current list */
++ ICP_LIST_DEL(tempSessionData, listNode);
++ /*add to free mem linked list */
++ ICP_LIST_ADD(tempSessionData,
++ &icp_ocfDrvGlobalSymListHead_FreeMemList,
++ listNode);
++
++ }
++
++ /*EXIT CRITICAL SECTION */
++ icp_spin_lockbh_unlock(&icp_ocfDrvSymSessInfoListSpinlock);
++
++ /*set back to initial values */
++ sessionData = NULL;
++ /*still have a reference in our list! */
++ tempSessionData = NULL;
++ /*free memory */
++
++ ICP_LIST_FOR_EACH_ENTRY_SAFE(tempSessionData, sessionData,
++ &icp_ocfDrvGlobalSymListHead_FreeMemList,
++ listNode) {
++
++ ICP_LIST_DEL(tempSessionData, listNode);
++ /* Free allocated CpaCySymSessionCtx */
++ if (NULL != tempSessionData->sessHandle) {
++ icp_kfree(tempSessionData->sessHandle);
++ }
++ memset(tempSessionData, 0, sizeof(struct icp_drvSessionData));
++ ICP_CACHE_FREE(drvSessionData_zone, tempSessionData);
++ }
++
++ if (0 != icp_atomic_read(&lac_session_failed_dereg_count)) {
++ DPRINTK("%s(): %d LAC sessions were not deregistered "
++ "correctly. This is not a clean exit! \n",
++ __FUNCTION__,
++ icp_atomic_read(&lac_session_failed_dereg_count));
++ }
++
++ icp_ocfDrvFreeCaches();
++ icp_ocfDrvDriverId = INVALID_DRIVER_ID;
++
++ icp_spin_lock_destroy(&icp_ocfDrvSymSessInfoListSpinlock);
++
++ /* Shutdown the Cryptographic component */
++ lacStatus = cpaCyStopInstance(CPA_INSTANCE_HANDLE_SINGLE);
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ DPRINTK("%s(): Failed to stop instance of the "
++ "Cryptographic component.(status == %d)\n",
++ __FUNCTION__, lacStatus);
++ }
++
++ return ICP_MODULE_EXIT_FUNC_RETURN_VAL;
++}
++
++/* Name : icp_ocfDrvFreeCaches
++ *
++ * Description : This function deregisters all slab caches
++ */
++static void icp_ocfDrvFreeCaches(void)
++{
++ icp_atomic_set(&icp_ocfDrvIsExiting, 1);
++
++ /*Sym Zones */
++ ICP_CACHE_DESTROY(drvSessionData_zone);
++ ICP_CACHE_DESTROY(drvOpData_zone);
++
++ /*Asym zones */
++ ICP_CACHE_DESTROY(drvDH_zone);
++ ICP_CACHE_DESTROY(drvLnModExp_zone);
++ ICP_CACHE_DESTROY(drvRSADecrypt_zone);
++ ICP_CACHE_DESTROY(drvRSAPrivateKey_zone);
++ ICP_CACHE_DESTROY(drvDSARSSignKValue_zone);
++ ICP_CACHE_DESTROY(drvDSARSSign_zone);
++ ICP_CACHE_DESTROY(drvDSAVerify_zone);
++
++ /*FlatBuffer and BufferList Zones */
++ ICP_CACHE_DESTROY(drvFlatBuffer_zone);
++
++}
++
++/* Name : icp_ocfDrvDeregRetry
++ *
++ * Description : This function will try to farm the session deregistration
++ * off to a work queue. If it fails, nothing more can be done and it
++ * returns an error
++ */
++int icp_ocfDrvDeregRetry(CpaCySymSessionCtx sessionToDeregister)
++{
++ struct icp_ocfDrvFreeLacSession *workstore = NULL;
++
++ DPRINTK("%s(): Retry - Deregistering session (%p)\n",
++ __FUNCTION__, sessionToDeregister);
++
++ /*make sure the session is not available to be allocated during this
++ process */
++ icp_atomic_inc(&lac_session_failed_dereg_count);
++
++ /*Farm off to work queue */
++ workstore =
++ icp_kmalloc(sizeof(struct icp_ocfDrvFreeLacSession), ICP_M_NOWAIT);
++ if (NULL == workstore) {
++ DPRINTK("%s(): unable to free session - no memory available "
++ "for work queue\n", __FUNCTION__);
++ return ENOMEM;
++ }
++
++ workstore->sessionToDeregister = sessionToDeregister;
++
++ icp_init_work(&(workstore->work),
++ icp_ocfDrvDeferedFreeLacSessionTaskFn, workstore);
++
++ ICP_WORKQUEUE_ENQUEUE(icp_ocfDrvFreeLacSessionWorkQ,
++ &(workstore->work));
++
++ return ICP_OCF_DRV_STATUS_SUCCESS;
++
++}
++
++/* Name : icp_ocfDrvDeferedFreeLacSessionProcess
++ *
++ * Description : This function will retry (module input parameter)
++ * 'num_dereg_retries' times to deregister any symmetric session that recieves a
++ * CPA_STATUS_RETRY message from the LAC component. This function is run in
++ * Thread context because it is called from a worker thread
++ */
++void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg)
++{
++ struct icp_ocfDrvFreeLacSession *workstore = NULL;
++ CpaCySymSessionCtx sessionToDeregister = NULL;
++ int i = 0;
++ int remaining_delay_time_in_jiffies = 0;
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++
++ workstore = (struct icp_ocfDrvFreeLacSession *)arg;
++ if (NULL == workstore) {
++ DPRINTK("%s() function called with null parameter \n",
++ __FUNCTION__);
++ return;
++ }
++
++ sessionToDeregister = workstore->sessionToDeregister;
++ icp_kfree(workstore);
++
++ /*if exiting, give deregistration one more blast only */
++ if (icp_atomic_read(&icp_ocfDrvIsExiting) == CPA_TRUE) {
++ lacStatus = cpaCySymRemoveSession(CPA_INSTANCE_HANDLE_SINGLE,
++ sessionToDeregister);
++
++ if (lacStatus != CPA_STATUS_SUCCESS) {
++ DPRINTK("%s() Failed to Dereg LAC session %p "
++ "during module exit\n", __FUNCTION__,
++ sessionToDeregister);
++ return;
++ }
++
++ icp_atomic_dec(&lac_session_failed_dereg_count);
++ return;
++ }
++
++ for (i = 0; i <= num_dereg_retries; i++) {
++ lacStatus = cpaCySymRemoveSession(CPA_INSTANCE_HANDLE_SINGLE,
++ sessionToDeregister);
++
++ if (lacStatus == CPA_STATUS_SUCCESS) {
++ icp_atomic_dec(&lac_session_failed_dereg_count);
++ return;
++ }
++ if (lacStatus != CPA_STATUS_RETRY) {
++ DPRINTK("%s() Failed to deregister session - lacStatus "
++ " = %d", __FUNCTION__, lacStatus);
++ break;
++ }
++
++ /*schedule_timout returns the time left for completion if this
++ task is set to TASK_INTERRUPTIBLE */
++ remaining_delay_time_in_jiffies = dereg_retry_delay_in_jiffies;
++ while (0 < remaining_delay_time_in_jiffies) {
++ remaining_delay_time_in_jiffies =
++ icp_schedule_timeout(NULL,
++ remaining_delay_time_in_jiffies);
++ }
++
++ }
++
++ DPRINTK("%s(): Unable to deregister session\n", __FUNCTION__);
++ DPRINTK("%s(): Number of unavailable LAC sessions = %d\n", __FUNCTION__,
++ icp_atomic_read(&lac_session_failed_dereg_count));
++}
++
++/* Name : icp_ocfDrvPtrAndLenToFlatBuffer
++ *
++ * Description : This function converts a "pointer and length" buffer
++ * structure to Fredericksburg Flat Buffer (CpaFlatBuffer) format.
++ *
++ * This function assumes that the data passed in are valid.
++ */
++inline void
++icp_ocfDrvPtrAndLenToFlatBuffer(void *pData, uint32_t len,
++ CpaFlatBuffer * pFlatBuffer)
++{
++ pFlatBuffer->pData = pData;
++ pFlatBuffer->dataLenInBytes = len;
++}
++
++/* Name : icp_ocfDrvPtrAndLenToBufferList
++ *
++ * Description : This function converts a "pointer and length" buffer
++ * structure to Fredericksburg Scatter/Gather Buffer (CpaBufferList) format.
++ *
++ * This function assumes that the data passed in are valid.
++ */
++inline void
++icp_ocfDrvPtrAndLenToBufferList(void *pDataIn, uint32_t length,
++ CpaBufferList * pBufferList)
++{
++ pBufferList->numBuffers = 1;
++ pBufferList->pBuffers->pData = pDataIn;
++ pBufferList->pBuffers->dataLenInBytes = length;
++}
++
++/* Name : icp_ocfDrvBufferListToPtrAndLen
++ *
++ * Description : This function converts Fredericksburg Scatter/Gather Buffer
++ * (CpaBufferList) format to a "pointer and length" buffer structure.
++ *
++ * This function assumes that the data passed in are valid.
++ */
++inline void
++icp_ocfDrvBufferListToPtrAndLen(CpaBufferList * pBufferList,
++ void **ppDataOut, uint32_t * pLength)
++{
++ *ppDataOut = pBufferList->pBuffers->pData;
++ *pLength = pBufferList->pBuffers->dataLenInBytes;
++}
++
++/* Name : icp_ocfDrvBufferListMemInfo
++ *
++ * Description : This function will set the number of flat buffers in
++ * bufferlist, the size of memory to allocate for the pPrivateMetaData
++ * member of the CpaBufferList.
++ */
++int
++icp_ocfDrvBufferListMemInfo(uint16_t numBuffers,
++ struct icp_drvBuffListInfo *buffListInfo)
++{
++ buffListInfo->numBuffers = numBuffers;
++
++ if (CPA_STATUS_SUCCESS !=
++ cpaCyBufferListGetMetaSize(CPA_INSTANCE_HANDLE_SINGLE,
++ buffListInfo->numBuffers,
++ &(buffListInfo->metaSize))) {
++ EPRINTK("%s() Failed to get buffer list meta size.\n",
++ __FUNCTION__);
++ return ICP_OCF_DRV_STATUS_FAIL;
++ }
++
++ return ICP_OCF_DRV_STATUS_SUCCESS;
++}
++
++/* Name : icp_ocfDrvFreeFlatBuffer
++ *
++ * Description : This function will deallocate flat buffer.
++ */
++inline void icp_ocfDrvFreeFlatBuffer(CpaFlatBuffer * pFlatBuffer)
++{
++ if (pFlatBuffer != NULL) {
++ memset(pFlatBuffer, 0, sizeof(CpaFlatBuffer));
++ ICP_CACHE_FREE(drvFlatBuffer_zone, pFlatBuffer);
++ }
++}
++
++/* Name : icp_ocfDrvAllocMetaData
++ *
++ * Description : This function will allocate memory for the
++ * pPrivateMetaData member of CpaBufferList.
++ */
++inline int
++icp_ocfDrvAllocMetaData(CpaBufferList * pBufferList,
++ struct icp_drvOpData *pOpData)
++{
++ Cpa32U metaSize = 0;
++
++ if (pBufferList->numBuffers <= ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS) {
++ uint8_t *pOpDataStartAddr = (uint8_t *) pOpData;
++
++ if (0 == defBuffListInfo.metaSize) {
++ pBufferList->pPrivateMetaData = NULL;
++ return ICP_OCF_DRV_STATUS_SUCCESS;
++ }
++ /*
++ * The meta data allocation has been included as part of the
++ * op data. It has been pre-allocated in memory just after the
++ * icp_drvOpData structure.
++ */
++ pBufferList->pPrivateMetaData = (void *)(pOpDataStartAddr +
++ sizeof(struct
++ icp_drvOpData));
++ } else {
++ if (CPA_STATUS_SUCCESS !=
++ cpaCyBufferListGetMetaSize(CPA_INSTANCE_HANDLE_SINGLE,
++ pBufferList->numBuffers,
++ &metaSize)) {
++ EPRINTK("%s() Failed to get buffer list meta size.\n",
++ __FUNCTION__);
++ return ICP_OCF_DRV_STATUS_FAIL;
++ }
++
++ if (0 == metaSize) {
++ pBufferList->pPrivateMetaData = NULL;
++ return ICP_OCF_DRV_STATUS_SUCCESS;
++ }
++
++ pBufferList->pPrivateMetaData =
++ icp_kmalloc(metaSize, ICP_M_NOWAIT);
++ }
++ if (NULL == pBufferList->pPrivateMetaData) {
++ EPRINTK("%s() Failed to allocate pPrivateMetaData.\n",
++ __FUNCTION__);
++ return ICP_OCF_DRV_STATUS_FAIL;
++ }
++
++ return ICP_OCF_DRV_STATUS_SUCCESS;
++}
++
++/* Name : icp_ocfDrvFreeMetaData
++ *
++ * Description : This function will deallocate pPrivateMetaData memory.
++ */
++inline void icp_ocfDrvFreeMetaData(CpaBufferList * pBufferList)
++{
++ if (NULL == pBufferList->pPrivateMetaData) {
++ return;
++ }
++
++ /*
++ * Only free the meta data if the BufferList has more than
++ * ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS number of buffers.
++ * Otherwise, the meta data shall be freed when the icp_drvOpData is
++ * freed.
++ */
++ if (ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS < pBufferList->numBuffers) {
++ icp_kfree(pBufferList->pPrivateMetaData);
++ }
++}
++
++/* Module declaration, init and exit functions */
++ICP_DECLARE_MODULE(icp_ocf, icp_ocfDrvInit, icp_ocfDrvExit);
++ICP_MODULE_DESCRIPTION("OCF Driver for Intel Quick Assist crypto acceleration");
++ICP_MODULE_VERSION(icp_ocf, ICP_OCF_VER_MJR);
++ICP_MODULE_LICENSE("Dual BSD/GPL");
++ICP_MODULE_AUTHOR("Intel");
++
++/* Module parameters */
++ICP_MODULE_PARAM_INT(icp_ocf, num_dereg_retries,
++ "Number of times to retry LAC Sym Session Deregistration. "
++ "Default 10, Max 100");
++ICP_MODULE_PARAM_INT(icp_ocf, dereg_retry_delay_in_jiffies, "Delay in jiffies "
++ "(added to a schedule() function call) before a LAC Sym "
++ "Session Dereg is retried. Default 10");
++ICP_MODULE_PARAM_INT(icp_ocf, max_sessions,
++ "This sets the maximum number of sessions "
++ "between OCF and this driver. If this value is set to zero,"
++ "max session count checking is disabled. Default is zero(0)");
++
++/* Module dependencies */
++#define MODULE_MIN_VER 1
++#define CRYPTO_MAX_VER 3
++#define LAC_MAX_VER 2
++
++ICP_MODULE_DEPEND(icp_ocf, crypto, MODULE_MIN_VER, MODULE_MIN_VER,
++ CRYPTO_MAX_VER);
++ICP_MODULE_DEPEND(icp_ocf, cryptodev, MODULE_MIN_VER, MODULE_MIN_VER,
++ CRYPTO_MAX_VER);
++ICP_MODULE_DEPEND(icp_ocf, icp_crypto, MODULE_MIN_VER, MODULE_MIN_VER,
++ LAC_MAX_VER);
+diff --git a/crypto/ocf/ep80579/icp_ocf.h b/crypto/ocf/ep80579/icp_ocf.h
+new file mode 100644
+index 0000000..d9dde87
+--- /dev/null
++++ b/crypto/ocf/ep80579/icp_ocf.h
+@@ -0,0 +1,376 @@
++/***************************************************************************
++ *
++ * This file is provided under a dual BSD/GPLv2 license. When using or
++ * redistributing this file, you may do so under either license.
++ *
++ * GPL LICENSE SUMMARY
++ *
++ * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of version 2 of the GNU General Public License as
++ * published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ * General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
++ * The full GNU General Public License is included in this distribution
++ * in the file called LICENSE.GPL.
++ *
++ * Contact Information:
++ * Intel Corporation
++ *
++ * BSD LICENSE
++ *
++ * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * * Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ * * Neither the name of Intel Corporation nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
++ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
++ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
++ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
++ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ *
++ * version: Security.L.1.0.2-229
++ *
++ ***************************************************************************/
++
++/*
++ * OCF driver header file for the Intel ICP processor.
++ */
++
++#ifndef ICP_OCF_H_
++#define ICP_OCF_H_
++
++#include <cpa.h>
++#include <cpa_cy_im.h>
++#include <cpa_cy_sym.h>
++#include <cpa_cy_rand.h>
++#include <cpa_cy_dh.h>
++#include <cpa_cy_rsa.h>
++#include <cpa_cy_ln.h>
++#include <cpa_cy_common.h>
++#include <cpa_cy_dsa.h>
++
++#include "icp_os.h"
++
++#define NUM_BITS_IN_BYTE (8)
++#define NUM_BITS_IN_BYTE_MINUS_ONE (NUM_BITS_IN_BYTE -1)
++#define INVALID_DRIVER_ID (-1)
++#define RETURN_RAND_NUM_GEN_FAILED (-1)
++
++/*This is the max block cipher initialisation vector*/
++#define MAX_IV_LEN_IN_BYTES (20)
++/*This is used to check whether the OCF to this driver session limit has
++ been disabled*/
++#define NO_OCF_TO_DRV_MAX_SESSIONS (0)
++
++/*OCF values mapped here*/
++#define ICP_SHA1_DIGEST_SIZE_IN_BYTES (SHA1_HASH_LEN)
++#define ICP_SHA256_DIGEST_SIZE_IN_BYTES (SHA2_256_HASH_LEN)
++#define ICP_SHA384_DIGEST_SIZE_IN_BYTES (SHA2_384_HASH_LEN)
++#define ICP_SHA512_DIGEST_SIZE_IN_BYTES (SHA2_512_HASH_LEN)
++#define ICP_MD5_DIGEST_SIZE_IN_BYTES (MD5_HASH_LEN)
++#define ARC4_COUNTER_LEN (ARC4_BLOCK_LEN)
++
++#define OCF_REGISTRATION_STATUS_SUCCESS (0)
++#define OCF_ZERO_FUNCTIONALITY_REGISTERED (0)
++#define ICP_OCF_DRV_NO_CRYPTO_PROCESS_ERROR (0)
++#define ICP_OCF_DRV_STATUS_SUCCESS (0)
++#define ICP_OCF_DRV_STATUS_FAIL (1)
++
++/*Turn on/off debug options*/
++#define ICP_OCF_PRINT_DEBUG_MESSAGES (0)
++#define ICP_OCF_PRINT_KERN_ALERT (1)
++#define ICP_OCF_PRINT_KERN_ERRS (1)
++
++#if ICP_OCF_PRINT_DEBUG_MESSAGES == 1
++#define DPRINTK(args...) \
++{ \
++ ICP_IPRINTK(args); \
++}
++
++#else //ICP_OCF_PRINT_DEBUG_MESSAGES == 1
++
++#define DPRINTK(args...)
++
++#endif //ICP_OCF_PRINT_DEBUG_MESSAGES == 1
++
++#if ICP_OCF_PRINT_KERN_ALERT == 1
++#define APRINTK(args...) \
++{ \
++ ICP_APRINTK(args); \
++}
++
++#else //ICP_OCF_PRINT_KERN_ALERT == 1
++
++#define APRINTK(args...)
++
++#endif //ICP_OCF_PRINT_KERN_ALERT == 1
++
++#if ICP_OCF_PRINT_KERN_ERRS == 1
++#define EPRINTK(args...) \
++{ \
++ ICP_EPRINTK(args); \
++}
++
++#else //ICP_OCF_PRINT_KERN_ERRS == 1
++
++#define EPRINTK(args...)
++
++#endif //ICP_OCF_PRINT_KERN_ERRS == 1
++
++#define IPRINTK(args...) \
++{ \
++ ICP_IPRINTK(args); \
++}
++
++/*DSA Prime Q size in bytes (as defined in the standard) */
++#define DSA_RS_SIGN_PRIMEQ_SIZE_IN_BYTES (20)
++
++#define BITS_TO_BYTES(bytes, bits) \
++ bytes = (bits + NUM_BITS_IN_BYTE_MINUS_ONE) / NUM_BITS_IN_BYTE
++
++typedef enum {
++ ICP_OCF_DRV_ALG_CIPHER = 0,
++ ICP_OCF_DRV_ALG_HASH
++} icp_ocf_drv_alg_type_t;
++
++typedef ICP_LIST_HEAD(icp_drvSessionListHead_s,
++ icp_drvSessionData) icp_drvSessionListHead_t;
++
++/*Values used to derisk chances of performs being called against
++deregistered sessions (for which the slab page has been reclaimed)
++This is not a fix - since page frames are reclaimed from a slab, one cannot
++rely on that memory not being re-used by another app.*/
++typedef enum {
++ ICP_SESSION_INITIALISED = 0x5C5C5C,
++ ICP_SESSION_RUNNING = 0x005C00,
++ ICP_SESSION_DEREGISTERED = 0xC5C5C5
++} usage_derisk;
++
++/* This struct is required for deferred session
++ deregistration as a work queue function can
++ only have one argument*/
++struct icp_ocfDrvFreeLacSession {
++ CpaCySymSessionCtx sessionToDeregister;
++ icp_workstruct work;
++};
++
++/*
++This is the OCF<->OCF_DRV session object:
++
++1.listNode
++ The first member is a listNode. These session objects are added to a linked
++ list in order to make it easier to remove them all at session exit time.
++
++2.inUse
++ The second member is used to give the session object state and derisk the
++ possibility of OCF batch calls executing against a deregistered session (as
++ described above).
++
++3.sessHandle
++ The third member is a LAC<->OCF_DRV session handle (initialised with the first
++ perform request for that session).
++
++4.lacSessCtx
++ The fourth is the LAC session context. All the parameters for this structure
++ are only known when the first perform request for this session occurs. That is
++ why the OCF EP80579 Driver only registers a new LAC session at perform time
++*/
++struct icp_drvSessionData {
++ ICP_LIST_ENTRY(icp_drvSessionData) listNode;
++ usage_derisk inUse;
++ CpaCySymSessionCtx sessHandle;
++ CpaCySymSessionSetupData lacSessCtx;
++};
++
++/* These are all defined in icp_common.c */
++extern icp_atomic_t lac_session_failed_dereg_count;
++extern icp_atomic_t icp_ocfDrvIsExiting;
++extern icp_atomic_t num_ocf_to_drv_registered_sessions;
++
++extern int32_t icp_ocfDrvDriverId;
++
++extern icp_drvSessionListHead_t icp_ocfDrvGlobalSymListHead;
++extern icp_drvSessionListHead_t icp_ocfDrvGlobalSymListHead_FreeMemList;
++extern icp_workqueue *icp_ocfDrvFreeLacSessionWorkQ;
++extern icp_spinlock_t icp_ocfDrvSymSessInfoListSpinlock;
++
++/*Slab zones for symettric functionality, instantiated in icp_common.c*/
++extern icp_kmem_cache drvSessionData_zone;
++extern icp_kmem_cache drvOpData_zone;
++
++/*Slabs zones for asymettric functionality, instantiated in icp_common.c*/
++extern icp_kmem_cache drvDH_zone;
++extern icp_kmem_cache drvLnModExp_zone;
++extern icp_kmem_cache drvRSADecrypt_zone;
++extern icp_kmem_cache drvRSAPrivateKey_zone;
++extern icp_kmem_cache drvDSARSSign_zone;
++extern icp_kmem_cache drvDSARSSignKValue_zone;
++extern icp_kmem_cache drvDSAVerify_zone;
++
++/* Module parameters defined in icp_cpmmon.c*/
++
++/* Module parameters - gives the number of times LAC deregistration shall be
++ re-tried */
++extern int num_dereg_retries;
++
++/* Module parameter - gives the delay time in jiffies before a LAC session
++ shall be attempted to be deregistered again */
++extern int dereg_retry_delay_in_jiffies;
++
++/* Module parameter - gives the maximum number of sessions possible between
++ OCF and the OCF EP80579 Driver. If set to zero, there is no limit.*/
++extern int max_sessions;
++
++/*Slab zones for flatbuffers and bufferlist*/
++extern icp_kmem_cache drvFlatBuffer_zone;
++
++#define ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS (16)
++
++struct icp_drvBuffListInfo {
++ Cpa16U numBuffers;
++ Cpa32U metaSize;
++ Cpa32U metaOffset;
++ Cpa32U buffListSize;
++};
++
++extern struct icp_drvBuffListInfo defBuffListInfo;
++
++/* This struct is used to keep a reference to the relevant node in the list
++ of sessionData structs, to the buffer type required by OCF and to the OCF
++ provided crp struct that needs to be returned. All this info is needed in
++ the callback function.*/
++struct icp_drvOpData {
++ CpaCySymOpData lacOpData;
++ uint32_t digestSizeInBytes;
++ struct cryptop *crp;
++ uint8_t bufferType;
++ uint8_t ivData[MAX_IV_LEN_IN_BYTES];
++ uint16_t numBufferListArray;
++ CpaBufferList srcBuffer;
++ CpaFlatBuffer bufferListArray[ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS];
++ CpaBoolean verifyResult;
++};
++
++/* Create a new session between OCF and this driver*/
++int icp_ocfDrvNewSession(icp_device_t dev, uint32_t * sild,
++ struct cryptoini *cri);
++
++/* Free a session between this driver and the Quick Assist Framework*/
++int icp_ocfDrvFreeLACSession(icp_device_t dev, uint64_t sid);
++
++/* Defer freeing a Quick Assist session*/
++void icp_ocfDrvDeferedFreeLacSessionProcess(void *arg);
++
++/* Process OCF cryptographic request for a symmetric algorithm*/
++int icp_ocfDrvSymProcess(icp_device_t dev, struct cryptop *crp, int hint);
++
++/* Process OCF cryptographic request for an asymmetric algorithm*/
++int icp_ocfDrvPkeProcess(icp_device_t dev, struct cryptkop *krp, int hint);
++
++/* Populate a buffer with random data*/
++int icp_ocfDrvReadRandom(void *arg, uint32_t * buf, int maxwords);
++
++/* Retry Quick Assist session deregistration*/
++int icp_ocfDrvDeregRetry(CpaCySymSessionCtx sessionToDeregister);
++
++/* Convert an OS scatter gather list to a CPA buffer list*/
++int icp_ocfDrvPacketBuffToBufferList(icp_packet_buffer_t * pPacketBuffer,
++ CpaBufferList * bufferList);
++
++/* Convert a CPA buffer list to an OS scatter gather list*/
++int icp_ocfDrvBufferListToPacketBuff(CpaBufferList * bufferList,
++ icp_packet_buffer_t ** pPacketBuffer);
++
++/* Get the number of buffers in an OS scatter gather list*/
++uint16_t icp_ocfDrvGetPacketBuffFrags(icp_packet_buffer_t * pPacketBuffer);
++
++/* Convert a single OS buffer to a CPA Flat Buffer*/
++void icp_ocfDrvSinglePacketBuffToFlatBuffer(icp_packet_buffer_t * pPacketBuffer,
++ CpaFlatBuffer * pFlatBuffer);
++
++/* Add pointer and length to a CPA Flat Buffer structure*/
++void icp_ocfDrvPtrAndLenToFlatBuffer(void *pData, uint32_t len,
++ CpaFlatBuffer * pFlatBuffer);
++
++/* Convert pointer and length values to a CPA buffer list*/
++void icp_ocfDrvPtrAndLenToBufferList(void *pDataIn, uint32_t length,
++ CpaBufferList * pBufferList);
++
++/* Convert a CPA buffer list to pointer and length values*/
++void icp_ocfDrvBufferListToPtrAndLen(CpaBufferList * pBufferList,
++ void **ppDataOut, uint32_t * pLength);
++
++/* Set the number of flat buffers in bufferlist and the size of memory
++ to allocate for the pPrivateMetaData member of the CpaBufferList.*/
++int icp_ocfDrvBufferListMemInfo(uint16_t numBuffers,
++ struct icp_drvBuffListInfo *buffListInfo);
++
++/* Find pointer position of the digest within an OS scatter gather list*/
++uint8_t *icp_ocfDrvPacketBufferDigestPointerFind(struct icp_drvOpData
++ *drvOpData,
++ int offsetInBytes,
++ uint32_t digestSizeInBytes);
++
++/*This top level function is used to find a pointer to where a digest is
++ stored/needs to be inserted. */
++uint8_t *icp_ocfDrvDigestPointerFind(struct icp_drvOpData *drvOpData,
++ struct cryptodesc *crp_desc);
++
++/* Free a CPA flat buffer*/
++void icp_ocfDrvFreeFlatBuffer(CpaFlatBuffer * pFlatBuffer);
++
++/* This function will allocate memory for the pPrivateMetaData
++ member of CpaBufferList. */
++int icp_ocfDrvAllocMetaData(CpaBufferList * pBufferList,
++ struct icp_drvOpData *pOpData);
++
++/* Free data allocated for the pPrivateMetaData
++ member of CpaBufferList.*/
++void icp_ocfDrvFreeMetaData(CpaBufferList * pBufferList);
++
++#define ICP_CACHE_CREATE(cache_ID, cache_name) \
++ icp_kmem_cache_create(cache_ID, sizeof(cache_name),ICP_KERNEL_CACHE_ALIGN,\
++ ICP_KERNEL_CACHE_NOINIT)
++
++#define ICP_CACHE_FREE(args...) \
++ icp_kmem_cache_free (args)
++
++#define ICP_CACHE_DESTROY(slab_zone)\
++{\
++ if(NULL != slab_zone){\
++ icp_kmem_cache_destroy(slab_zone);\
++ slab_zone = NULL;\
++ }\
++}
++
++#endif
++/* ICP_OCF_H_ */
+diff --git a/crypto/ocf/ep80579/icp_sym.c b/crypto/ocf/ep80579/icp_sym.c
+new file mode 100644
+index 0000000..e1c7148
+--- /dev/null
++++ b/crypto/ocf/ep80579/icp_sym.c
+@@ -0,0 +1,1153 @@
++/***************************************************************************
++ *
++ * This file is provided under a dual BSD/GPLv2 license. When using or
++ * redistributing this file, you may do so under either license.
++ *
++ * GPL LICENSE SUMMARY
++ *
++ * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of version 2 of the GNU General Public License as
++ * published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ * General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
++ * The full GNU General Public License is included in this distribution
++ * in the file called LICENSE.GPL.
++ *
++ * Contact Information:
++ * Intel Corporation
++ *
++ * BSD LICENSE
++ *
++ * Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * * Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * * Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ * * Neither the name of Intel Corporation nor the names of its
++ * contributors may be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
++ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
++ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
++ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
++ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ *
++ * version: Security.L.1.0.2-229
++ *
++ ***************************************************************************/
++/*
++ * An OCF module that uses the API for Intel® QuickAssist Technology to do the
++ * cryptography.
++ *
++ * This driver requires the ICP Access Library that is available from Intel in
++ * order to operate.
++ */
++
++#include "icp_ocf.h"
++
++/*This is the call back function for all symmetric cryptographic processes.
++ Its main functionality is to free driver crypto operation structure and to
++ call back to OCF*/
++static void
++icp_ocfDrvSymCallBack(void *callbackTag,
++ CpaStatus status,
++ const CpaCySymOp operationType,
++ void *pOpData,
++ CpaBufferList * pDstBuffer, CpaBoolean verifyResult);
++
++/*This function is used to extract crypto processing information from the OCF
++ inputs, so as that it may be passed onto LAC*/
++static int
++icp_ocfDrvProcessDataSetup(struct icp_drvOpData *drvOpData,
++ struct cryptodesc *crp_desc);
++
++/*This function checks whether the crp_desc argument pertains to a digest or a
++ cipher operation*/
++static int icp_ocfDrvAlgCheck(struct cryptodesc *crp_desc);
++
++/*This function copies all the passed in session context information and stores
++ it in a LAC context structure*/
++static int
++icp_ocfDrvAlgorithmSetup(struct cryptoini *cri,
++ CpaCySymSessionSetupData * lacSessCtx);
++
++/*This function is used to free an OCF->OCF_DRV session object*/
++static void icp_ocfDrvFreeOCFSession(struct icp_drvSessionData *sessionData);
++
++/*max IOV buffs supported in a UIO structure*/
++#define NUM_IOV_SUPPORTED (1)
++
++/* Name : icp_ocfDrvSymCallBack
++ *
++ * Description : When this function returns it signifies that the LAC
++ * component has completed the relevant symmetric operation.
++ *
++ * Notes : The callbackTag is a pointer to an icp_drvOpData. This memory
++ * object was passed to LAC for the cryptographic processing and contains all
++ * the relevant information for cleaning up buffer handles etc. so that the
++ * OCF EP80579 Driver portion of this crypto operation can be fully completed.
++ */
++static void
++icp_ocfDrvSymCallBack(void *callbackTag,
++ CpaStatus status,
++ const CpaCySymOp operationType,
++ void *pOpData,
++ CpaBufferList * pDstBuffer, CpaBoolean verifyResult)
++{
++ struct cryptop *crp = NULL;
++ struct icp_drvOpData *temp_drvOpData =
++ (struct icp_drvOpData *)callbackTag;
++ uint64_t *tempBasePtr = NULL;
++ uint32_t tempLen = 0;
++
++ if (NULL == temp_drvOpData) {
++ DPRINTK("%s(): The callback from the LAC component"
++ " has failed due to Null userOpaque data"
++ "(status == %d).\n", __FUNCTION__, status);
++ DPRINTK("%s(): Unable to call OCF back! \n", __FUNCTION__);
++ return;
++ }
++
++ crp = temp_drvOpData->crp;
++ crp->crp_etype = ICP_OCF_DRV_NO_CRYPTO_PROCESS_ERROR;
++
++ if (NULL == pOpData) {
++ DPRINTK("%s(): The callback from the LAC component"
++ " has failed due to Null Symmetric Op data"
++ "(status == %d).\n", __FUNCTION__, status);
++ crp->crp_etype = ECANCELED;
++ crypto_done(crp);
++ return;
++ }
++
++ if (NULL == pDstBuffer) {
++ DPRINTK("%s(): The callback from the LAC component"
++ " has failed due to Null Dst Bufferlist data"
++ "(status == %d).\n", __FUNCTION__, status);
++ crp->crp_etype = ECANCELED;
++ crypto_done(crp);
++ return;
++ }
++
++ if (CPA_STATUS_SUCCESS == status) {
++
++ if (temp_drvOpData->bufferType == ICP_CRYPTO_F_PACKET_BUF) {
++ if (ICP_OCF_DRV_STATUS_SUCCESS !=
++ icp_ocfDrvBufferListToPacketBuff(pDstBuffer,
++ (icp_packet_buffer_t
++ **)
++ & (crp->crp_buf))) {
++ EPRINTK("%s(): BufferList to SkBuff "
++ "conversion error.\n", __FUNCTION__);
++ crp->crp_etype = EPERM;
++ }
++ } else {
++ icp_ocfDrvBufferListToPtrAndLen(pDstBuffer,
++ (void **)&tempBasePtr,
++ &tempLen);
++ crp->crp_olen = (int)tempLen;
++ }
++
++ } else {
++ DPRINTK("%s(): The callback from the LAC component has failed"
++ "(status == %d).\n", __FUNCTION__, status);
++
++ crp->crp_etype = ECANCELED;
++ }
++
++ if (temp_drvOpData->numBufferListArray >
++ ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS) {
++ icp_kfree(pDstBuffer->pBuffers);
++ }
++ icp_ocfDrvFreeMetaData(pDstBuffer);
++ ICP_CACHE_FREE(drvOpData_zone, temp_drvOpData);
++
++ /* Invoke the OCF callback function */
++ crypto_done(crp);
++
++ return;
++}
++
++/* Name : icp_ocfDrvNewSession
++ *
++ * Description : This function will create a new Driver<->OCF session
++ *
++ * Notes : LAC session registration happens during the first perform call.
++ * That is the first time we know all information about a given session.
++ */
++int icp_ocfDrvNewSession(icp_device_t dev, uint32_t * sid,
++ struct cryptoini *cri)
++{
++ struct icp_drvSessionData *sessionData = NULL;
++ uint32_t delete_session = 0;
++
++ /* The SID passed in should be our driver ID. We can return the */
++ /* local ID (LID) which is a unique identifier which we can use */
++ /* to differentiate between the encrypt/decrypt LAC session handles */
++ if (NULL == sid) {
++ EPRINTK("%s(): Invalid input parameters - NULL sid.\n",
++ __FUNCTION__);
++ return EINVAL;
++ }
++
++ if (NULL == cri) {
++ EPRINTK("%s(): Invalid input parameters - NULL cryptoini.\n",
++ __FUNCTION__);
++ return EINVAL;
++ }
++
++ if (icp_ocfDrvDriverId != *sid) {
++ EPRINTK("%s(): Invalid input parameters - bad driver ID\n",
++ __FUNCTION__);
++ EPRINTK("\t sid = 0x08%p \n \t cri = 0x08%p \n", sid, cri);
++ return EINVAL;
++ }
++
++ sessionData = icp_kmem_cache_zalloc(drvSessionData_zone, ICP_M_NOWAIT);
++ if (NULL == sessionData) {
++ DPRINTK("%s():No memory for Session Data\n", __FUNCTION__);
++ return ENOMEM;
++ }
++
++ /*ENTER CRITICAL SECTION */
++ icp_spin_lockbh_lock(&icp_ocfDrvSymSessInfoListSpinlock);
++ /*put this check in the spinlock so no new sessions can be added to the
++ linked list when we are exiting */
++ if (CPA_TRUE == icp_atomic_read(&icp_ocfDrvIsExiting)) {
++ delete_session++;
++
++ } else if (NO_OCF_TO_DRV_MAX_SESSIONS != max_sessions) {
++ if (icp_atomic_read(&num_ocf_to_drv_registered_sessions) >=
++ (max_sessions -
++ icp_atomic_read(&lac_session_failed_dereg_count))) {
++ delete_session++;
++ } else {
++ icp_atomic_inc(&num_ocf_to_drv_registered_sessions);
++ /* Add to session data linked list */
++ ICP_LIST_ADD(sessionData, &icp_ocfDrvGlobalSymListHead,
++ listNode);
++ }
++
++ } else if (NO_OCF_TO_DRV_MAX_SESSIONS == max_sessions) {
++ ICP_LIST_ADD(sessionData, &icp_ocfDrvGlobalSymListHead,
++ listNode);
++ }
++
++ sessionData->inUse = ICP_SESSION_INITIALISED;
++
++ /*EXIT CRITICAL SECTION */
++ icp_spin_lockbh_unlock(&icp_ocfDrvSymSessInfoListSpinlock);
++
++ if (delete_session) {
++ DPRINTK("%s():No Session handles available\n", __FUNCTION__);
++ ICP_CACHE_FREE(drvSessionData_zone, sessionData);
++ return EPERM;
++ }
++
++ if (ICP_OCF_DRV_STATUS_SUCCESS !=
++ icp_ocfDrvAlgorithmSetup(cri, &(sessionData->lacSessCtx))) {
++ DPRINTK("%s():algorithm not supported\n", __FUNCTION__);
++ icp_ocfDrvFreeOCFSession(sessionData);
++ return EINVAL;
++ }
++
++ if (cri->cri_next) {
++ if (cri->cri_next->cri_next != NULL) {
++ DPRINTK("%s():only two chained algorithms supported\n",
++ __FUNCTION__);
++ icp_ocfDrvFreeOCFSession(sessionData);
++ return EPERM;
++ }
++
++ if (ICP_OCF_DRV_STATUS_SUCCESS !=
++ icp_ocfDrvAlgorithmSetup(cri->cri_next,
++ &(sessionData->lacSessCtx))) {
++ DPRINTK("%s():second algorithm not supported\n",
++ __FUNCTION__);
++ icp_ocfDrvFreeOCFSession(sessionData);
++ return EINVAL;
++ }
++
++ sessionData->lacSessCtx.symOperation =
++ CPA_CY_SYM_OP_ALGORITHM_CHAINING;
++ }
++
++ *sid = (uint32_t) sessionData;
++
++ return ICP_OCF_DRV_STATUS_SUCCESS;
++}
++
++/* Name : icp_ocfDrvAlgorithmSetup
++ *
++ * Description : This function builds the session context data from the
++ * information supplied through OCF. Algorithm chain order and whether the
++ * session is Encrypt/Decrypt can only be found out at perform time however, so
++ * the session is registered with LAC at that time.
++ */
++static int
++icp_ocfDrvAlgorithmSetup(struct cryptoini *cri,
++ CpaCySymSessionSetupData * lacSessCtx)
++{
++
++ lacSessCtx->sessionPriority = CPA_CY_PRIORITY_NORMAL;
++
++ switch (cri->cri_alg) {
++
++ case CRYPTO_NULL_CBC:
++ DPRINTK("%s(): NULL CBC\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_CIPHER;
++ lacSessCtx->cipherSetupData.cipherAlgorithm =
++ CPA_CY_SYM_CIPHER_NULL;
++ lacSessCtx->cipherSetupData.cipherKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->cipherSetupData.pCipherKey = cri->cri_key;
++ break;
++
++ case CRYPTO_DES_CBC:
++ DPRINTK("%s(): DES CBC\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_CIPHER;
++ lacSessCtx->cipherSetupData.cipherAlgorithm =
++ CPA_CY_SYM_CIPHER_DES_CBC;
++ lacSessCtx->cipherSetupData.cipherKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->cipherSetupData.pCipherKey = cri->cri_key;
++ break;
++
++ case CRYPTO_3DES_CBC:
++ DPRINTK("%s(): 3DES CBC\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_CIPHER;
++ lacSessCtx->cipherSetupData.cipherAlgorithm =
++ CPA_CY_SYM_CIPHER_3DES_CBC;
++ lacSessCtx->cipherSetupData.cipherKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->cipherSetupData.pCipherKey = cri->cri_key;
++ break;
++
++ case CRYPTO_AES_CBC:
++ DPRINTK("%s(): AES CBC\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_CIPHER;
++ lacSessCtx->cipherSetupData.cipherAlgorithm =
++ CPA_CY_SYM_CIPHER_AES_CBC;
++ lacSessCtx->cipherSetupData.cipherKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->cipherSetupData.pCipherKey = cri->cri_key;
++ break;
++
++ case CRYPTO_ARC4:
++ DPRINTK("%s(): ARC4\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_CIPHER;
++ lacSessCtx->cipherSetupData.cipherAlgorithm =
++ CPA_CY_SYM_CIPHER_ARC4;
++ lacSessCtx->cipherSetupData.cipherKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->cipherSetupData.pCipherKey = cri->cri_key;
++ break;
++
++ case CRYPTO_SHA1:
++ DPRINTK("%s(): SHA1\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_PLAIN;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_SHA1_DIGEST_SIZE_IN_BYTES);
++
++ break;
++
++ case CRYPTO_SHA1_HMAC:
++ DPRINTK("%s(): SHA1_HMAC\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_AUTH;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_SHA1_DIGEST_SIZE_IN_BYTES);
++ lacSessCtx->hashSetupData.authModeSetupData.authKey =
++ cri->cri_key;
++ lacSessCtx->hashSetupData.authModeSetupData.authKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->hashSetupData.authModeSetupData.aadLenInBytes = 0;
++
++ break;
++
++ case CRYPTO_SHA2_256:
++ DPRINTK("%s(): SHA256\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm =
++ CPA_CY_SYM_HASH_SHA256;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_PLAIN;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_SHA256_DIGEST_SIZE_IN_BYTES);
++
++ break;
++
++ case CRYPTO_SHA2_256_HMAC:
++ DPRINTK("%s(): SHA256_HMAC\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm =
++ CPA_CY_SYM_HASH_SHA256;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_AUTH;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_SHA256_DIGEST_SIZE_IN_BYTES);
++ lacSessCtx->hashSetupData.authModeSetupData.authKey =
++ cri->cri_key;
++ lacSessCtx->hashSetupData.authModeSetupData.authKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->hashSetupData.authModeSetupData.aadLenInBytes = 0;
++
++ break;
++
++ case CRYPTO_SHA2_384:
++ DPRINTK("%s(): SHA384\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm =
++ CPA_CY_SYM_HASH_SHA384;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_PLAIN;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_SHA384_DIGEST_SIZE_IN_BYTES);
++
++ break;
++
++ case CRYPTO_SHA2_384_HMAC:
++ DPRINTK("%s(): SHA384_HMAC\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm =
++ CPA_CY_SYM_HASH_SHA384;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_AUTH;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_SHA384_DIGEST_SIZE_IN_BYTES);
++ lacSessCtx->hashSetupData.authModeSetupData.authKey =
++ cri->cri_key;
++ lacSessCtx->hashSetupData.authModeSetupData.authKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->hashSetupData.authModeSetupData.aadLenInBytes = 0;
++
++ break;
++
++ case CRYPTO_SHA2_512:
++ DPRINTK("%s(): SHA512\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm =
++ CPA_CY_SYM_HASH_SHA512;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_PLAIN;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_SHA512_DIGEST_SIZE_IN_BYTES);
++
++ break;
++
++ case CRYPTO_SHA2_512_HMAC:
++ DPRINTK("%s(): SHA512_HMAC\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm =
++ CPA_CY_SYM_HASH_SHA512;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_AUTH;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_SHA512_DIGEST_SIZE_IN_BYTES);
++ lacSessCtx->hashSetupData.authModeSetupData.authKey =
++ cri->cri_key;
++ lacSessCtx->hashSetupData.authModeSetupData.authKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->hashSetupData.authModeSetupData.aadLenInBytes = 0;
++
++ break;
++
++ case CRYPTO_MD5:
++ DPRINTK("%s(): MD5\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_MD5;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_PLAIN;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_MD5_DIGEST_SIZE_IN_BYTES);
++
++ break;
++
++ case CRYPTO_MD5_HMAC:
++ DPRINTK("%s(): MD5_HMAC\n", __FUNCTION__);
++ lacSessCtx->symOperation = CPA_CY_SYM_OP_HASH;
++ lacSessCtx->hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_MD5;
++ lacSessCtx->hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_AUTH;
++ lacSessCtx->hashSetupData.digestResultLenInBytes =
++ (cri->cri_mlen ?
++ cri->cri_mlen : ICP_MD5_DIGEST_SIZE_IN_BYTES);
++ lacSessCtx->hashSetupData.authModeSetupData.authKey =
++ cri->cri_key;
++ lacSessCtx->hashSetupData.authModeSetupData.authKeyLenInBytes =
++ cri->cri_klen / NUM_BITS_IN_BYTE;
++ lacSessCtx->hashSetupData.authModeSetupData.aadLenInBytes = 0;
++
++ break;
++
++ default:
++ DPRINTK("%s(): ALG Setup FAIL\n", __FUNCTION__);
++ return ICP_OCF_DRV_STATUS_FAIL;
++ }
++
++ return ICP_OCF_DRV_STATUS_SUCCESS;
++}
++
++/* Name : icp_ocfDrvFreeOCFSession
++ *
++ * Description : This function deletes all existing Session data representing
++ * the Cryptographic session established between OCF and this driver. This
++ * also includes freeing the memory allocated for the session context. The
++ * session object is also removed from the session linked list.
++ */
++static void icp_ocfDrvFreeOCFSession(struct icp_drvSessionData *sessionData)
++{
++
++ sessionData->inUse = ICP_SESSION_DEREGISTERED;
++
++ /*ENTER CRITICAL SECTION */
++ icp_spin_lockbh_lock(&icp_ocfDrvSymSessInfoListSpinlock);
++
++ if (CPA_TRUE == icp_atomic_read(&icp_ocfDrvIsExiting)) {
++ /*If the Driver is exiting, allow that process to
++ handle any deletions */
++ /*EXIT CRITICAL SECTION */
++ icp_spin_lockbh_unlock(&icp_ocfDrvSymSessInfoListSpinlock);
++ return;
++ }
++
++ icp_atomic_dec(&num_ocf_to_drv_registered_sessions);
++
++ ICP_LIST_DEL(sessionData, listNode);
++
++ /*EXIT CRITICAL SECTION */
++ icp_spin_lockbh_unlock(&icp_ocfDrvSymSessInfoListSpinlock);
++
++ if (NULL != sessionData->sessHandle) {
++ icp_kfree(sessionData->sessHandle);
++ }
++ ICP_CACHE_FREE(drvSessionData_zone, sessionData);
++}
++
++/* Name : icp_ocfDrvFreeLACSession
++ *
++ * Description : This attempts to deregister a LAC session. If it fails, the
++ * deregistation retry function is called.
++ */
++int icp_ocfDrvFreeLACSession(icp_device_t dev, uint64_t sid)
++{
++ CpaCySymSessionCtx sessionToDeregister = NULL;
++ struct icp_drvSessionData *sessionData = NULL;
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++ int retval = 0;
++
++ sessionData = (struct icp_drvSessionData *)CRYPTO_SESID2LID(sid);
++ if (NULL == sessionData) {
++ EPRINTK("%s(): OCF Free session called with Null Session ID.\n",
++ __FUNCTION__);
++ return EINVAL;
++ }
++
++ sessionToDeregister = sessionData->sessHandle;
++
++ if ((ICP_SESSION_INITIALISED != sessionData->inUse) &&
++ (ICP_SESSION_RUNNING != sessionData->inUse) &&
++ (ICP_SESSION_DEREGISTERED != sessionData->inUse)) {
++ DPRINTK("%s() Session not initialised.\n", __FUNCTION__);
++ return EINVAL;
++ }
++
++ if (ICP_SESSION_RUNNING == sessionData->inUse) {
++ lacStatus = cpaCySymRemoveSession(CPA_INSTANCE_HANDLE_SINGLE,
++ sessionToDeregister);
++ if (CPA_STATUS_RETRY == lacStatus) {
++ if (ICP_OCF_DRV_STATUS_SUCCESS !=
++ icp_ocfDrvDeregRetry(&sessionToDeregister)) {
++ /* the retry function increments the
++ dereg failed count */
++ DPRINTK("%s(): LAC failed to deregister the "
++ "session. (localSessionId= %p)\n",
++ __FUNCTION__, sessionToDeregister);
++ retval = EPERM;
++ }
++
++ } else if (CPA_STATUS_SUCCESS != lacStatus) {
++ DPRINTK("%s(): LAC failed to deregister the session. "
++ "localSessionId= %p, lacStatus = %d\n",
++ __FUNCTION__, sessionToDeregister, lacStatus);
++ icp_atomic_inc(&lac_session_failed_dereg_count);
++ retval = EPERM;
++ }
++ } else {
++ DPRINTK("%s() Session not registered with LAC.\n",
++ __FUNCTION__);
++ }
++
++ icp_ocfDrvFreeOCFSession(sessionData);
++ return retval;
++
++}
++
++/* Name : icp_ocfDrvAlgCheck
++ *
++ * Description : This function checks whether the cryptodesc argument pertains
++ * to a sym or hash function
++ */
++static int icp_ocfDrvAlgCheck(struct cryptodesc *crp_desc)
++{
++
++ if (crp_desc->crd_alg == CRYPTO_3DES_CBC ||
++ crp_desc->crd_alg == CRYPTO_AES_CBC ||
++ crp_desc->crd_alg == CRYPTO_DES_CBC ||
++ crp_desc->crd_alg == CRYPTO_NULL_CBC ||
++ crp_desc->crd_alg == CRYPTO_ARC4) {
++ return ICP_OCF_DRV_ALG_CIPHER;
++ }
++
++ return ICP_OCF_DRV_ALG_HASH;
++}
++
++/* Name : icp_ocfDrvSymProcess
++ *
++ * Description : This function will map symmetric functionality calls from OCF
++ * to the LAC API. It will also allocate memory to store the session context.
++ *
++ * Notes: If it is the first perform call for a given session, then a LAC
++ * session is registered. After the session is registered, no checks as
++ * to whether session paramaters have changed (e.g. alg chain order) are
++ * done.
++ */
++int icp_ocfDrvSymProcess(icp_device_t dev, struct cryptop *crp, int hint)
++{
++ struct icp_drvSessionData *sessionData = NULL;
++ struct icp_drvOpData *drvOpData = NULL;
++ CpaStatus lacStatus = CPA_STATUS_SUCCESS;
++ Cpa32U sessionCtxSizeInBytes = 0;
++
++ if (NULL == crp) {
++ DPRINTK("%s(): Invalid input parameters, cryptop is NULL\n",
++ __FUNCTION__);
++ return EINVAL;
++ }
++
++ if (NULL == crp->crp_desc) {
++ DPRINTK("%s(): Invalid input parameters, no crp_desc attached "
++ "to crp\n", __FUNCTION__);
++ crp->crp_etype = EINVAL;
++ return EINVAL;
++ }
++
++ if (NULL == crp->crp_buf) {
++ DPRINTK("%s(): Invalid input parameters, no buffer attached "
++ "to crp\n", __FUNCTION__);
++ crp->crp_etype = EINVAL;
++ return EINVAL;
++ }
++
++ if (CPA_TRUE == icp_atomic_read(&icp_ocfDrvIsExiting)) {
++ crp->crp_etype = EFAULT;
++ return EFAULT;
++ }
++
++ sessionData = (struct icp_drvSessionData *)
++ (CRYPTO_SESID2LID(crp->crp_sid));
++ if (NULL == sessionData) {
++ DPRINTK("%s(): Invalid input parameters, Null Session ID \n",
++ __FUNCTION__);
++ crp->crp_etype = EINVAL;
++ return EINVAL;
++ }
++
++/*If we get a request against a deregisted session, cancel operation*/
++ if (ICP_SESSION_DEREGISTERED == sessionData->inUse) {
++ DPRINTK("%s(): Session ID %d was deregistered \n",
++ __FUNCTION__, (int)(CRYPTO_SESID2LID(crp->crp_sid)));
++ crp->crp_etype = EFAULT;
++ return EFAULT;
++ }
++
++/*If none of the session states are set, then the session structure was either
++ not initialised properly or we are reading from a freed memory area (possible
++ due to OCF batch mode not removing queued requests against deregistered
++ sessions*/
++ if (ICP_SESSION_INITIALISED != sessionData->inUse &&
++ ICP_SESSION_RUNNING != sessionData->inUse) {
++ DPRINTK("%s(): Session - ID %d - not properly initialised or "
++ "memory freed back to the kernel \n",
++ __FUNCTION__, (int)(CRYPTO_SESID2LID(crp->crp_sid)));
++ crp->crp_etype = EINVAL;
++ return EINVAL;
++ }
++
++ /*For the below checks, remember error checking is already done in LAC.
++ We're not validating inputs subsequent to registration */
++ if (sessionData->inUse == ICP_SESSION_INITIALISED) {
++ DPRINTK("%s(): Initialising session\n", __FUNCTION__);
++
++ if (NULL != crp->crp_desc->crd_next) {
++ if (ICP_OCF_DRV_ALG_CIPHER ==
++ icp_ocfDrvAlgCheck(crp->crp_desc)) {
++
++ sessionData->lacSessCtx.algChainOrder =
++ CPA_CY_SYM_ALG_CHAIN_ORDER_CIPHER_THEN_HASH;
++
++ if (crp->crp_desc->crd_flags & CRD_F_ENCRYPT) {
++ sessionData->lacSessCtx.cipherSetupData.
++ cipherDirection =
++ CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT;
++ } else {
++ sessionData->lacSessCtx.cipherSetupData.
++ cipherDirection =
++ CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT;
++ }
++ } else {
++ sessionData->lacSessCtx.algChainOrder =
++ CPA_CY_SYM_ALG_CHAIN_ORDER_HASH_THEN_CIPHER;
++
++ if (crp->crp_desc->crd_next->crd_flags &
++ CRD_F_ENCRYPT) {
++ sessionData->lacSessCtx.cipherSetupData.
++ cipherDirection =
++ CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT;
++ } else {
++ sessionData->lacSessCtx.cipherSetupData.
++ cipherDirection =
++ CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT;
++ }
++
++ }
++
++ } else if (ICP_OCF_DRV_ALG_CIPHER ==
++ icp_ocfDrvAlgCheck(crp->crp_desc)) {
++ if (crp->crp_desc->crd_flags & CRD_F_ENCRYPT) {
++ sessionData->lacSessCtx.cipherSetupData.
++ cipherDirection =
++ CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT;
++ } else {
++ sessionData->lacSessCtx.cipherSetupData.
++ cipherDirection =
++ CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT;
++ }
++
++ }
++
++ /*No action required for standalone Auth here */
++
++ /* Allocate memory for SymSessionCtx before the Session Registration */
++ lacStatus =
++ cpaCySymSessionCtxGetSize(CPA_INSTANCE_HANDLE_SINGLE,
++ &(sessionData->lacSessCtx),
++ &sessionCtxSizeInBytes);
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): cpaCySymSessionCtxGetSize failed - %d\n",
++ __FUNCTION__, lacStatus);
++ crp->crp_etype = EINVAL;
++ return EINVAL;
++ }
++ sessionData->sessHandle =
++ icp_kmalloc(sessionCtxSizeInBytes, ICP_M_NOWAIT);
++ if (NULL == sessionData->sessHandle) {
++ EPRINTK
++ ("%s(): Failed to get memory for SymSessionCtx\n",
++ __FUNCTION__);
++ crp->crp_etype = ENOMEM;
++ return ENOMEM;
++ }
++
++ lacStatus = cpaCySymInitSession(CPA_INSTANCE_HANDLE_SINGLE,
++ icp_ocfDrvSymCallBack,
++ &(sessionData->lacSessCtx),
++ sessionData->sessHandle);
++
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): cpaCySymInitSession failed -%d \n",
++ __FUNCTION__, lacStatus);
++ crp->crp_etype = EFAULT;
++ return EFAULT;
++ }
++
++ sessionData->inUse = ICP_SESSION_RUNNING;
++ }
++
++ drvOpData = icp_kmem_cache_zalloc(drvOpData_zone, ICP_M_NOWAIT);
++ if (NULL == drvOpData) {
++ EPRINTK("%s():Failed to get memory for drvOpData\n",
++ __FUNCTION__);
++ crp->crp_etype = ENOMEM;
++ return ENOMEM;
++ }
++
++ drvOpData->lacOpData.pSessionCtx = sessionData->sessHandle;
++ drvOpData->digestSizeInBytes = sessionData->lacSessCtx.hashSetupData.
++ digestResultLenInBytes;
++ drvOpData->crp = crp;
++
++ /* Set the default buffer list array memory allocation */
++ drvOpData->srcBuffer.pBuffers = drvOpData->bufferListArray;
++ drvOpData->numBufferListArray = ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS;
++
++ if (ICP_OCF_DRV_STATUS_SUCCESS !=
++ icp_ocfDrvProcessDataSetup(drvOpData, drvOpData->crp->crp_desc)) {
++ crp->crp_etype = EINVAL;
++ goto err;
++ }
++
++ if (drvOpData->crp->crp_desc->crd_next != NULL) {
++ if (icp_ocfDrvProcessDataSetup(drvOpData, drvOpData->crp->
++ crp_desc->crd_next)) {
++ crp->crp_etype = EINVAL;
++ goto err;
++ }
++
++ }
++
++ /*
++ * Allocate buffer list array memory if the data fragment is more than
++ * the default number (ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS) and not
++ * calculated already
++ */
++ if (crp->crp_flags & ICP_CRYPTO_F_PACKET_BUF) {
++ if (NULL == drvOpData->lacOpData.pDigestResult) {
++ drvOpData->numBufferListArray =
++ icp_ocfDrvGetPacketBuffFrags((icp_packet_buffer_t *)
++ crp->crp_buf);
++ }
++
++ if (ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS <
++ drvOpData->numBufferListArray) {
++ DPRINTK("%s() numBufferListArray more than default\n",
++ __FUNCTION__);
++ drvOpData->srcBuffer.pBuffers = NULL;
++ drvOpData->srcBuffer.pBuffers =
++ icp_kmalloc(drvOpData->numBufferListArray *
++ sizeof(CpaFlatBuffer), ICP_M_NOWAIT);
++ if (NULL == drvOpData->srcBuffer.pBuffers) {
++ EPRINTK("%s() Failed to get memory for "
++ "pBuffers\n", __FUNCTION__);
++ ICP_CACHE_FREE(drvOpData_zone, drvOpData);
++ crp->crp_etype = ENOMEM;
++ return ENOMEM;
++ }
++ }
++ }
++
++ /*
++ * Check the type of buffer structure we got and convert it into
++ * CpaBufferList format.
++ */
++ if (crp->crp_flags & ICP_CRYPTO_F_PACKET_BUF) {
++ if (ICP_OCF_DRV_STATUS_SUCCESS !=
++ icp_ocfDrvPacketBuffToBufferList((icp_packet_buffer_t *)
++ crp->crp_buf,
++ &(drvOpData->srcBuffer))) {
++ EPRINTK("%s():Failed to translate from packet buffer "
++ "to bufferlist\n", __FUNCTION__);
++ crp->crp_etype = EINVAL;
++ goto err;
++ }
++
++ drvOpData->bufferType = ICP_CRYPTO_F_PACKET_BUF;
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ /* OCF only supports IOV of one entry. */
++ if (NUM_IOV_SUPPORTED ==
++ ((struct uio *)(crp->crp_buf))->uio_iovcnt) {
++
++ icp_ocfDrvPtrAndLenToBufferList(((struct uio *)(crp->
++ crp_buf))->
++ uio_iov[0].iov_base,
++ ((struct uio *)(crp->
++ crp_buf))->
++ uio_iov[0].iov_len,
++ &(drvOpData->
++ srcBuffer));
++
++ drvOpData->bufferType = CRYPTO_F_IOV;
++
++ } else {
++ DPRINTK("%s():Unable to handle IOVs with lengths of "
++ "greater than one!\n", __FUNCTION__);
++ crp->crp_etype = EINVAL;
++ goto err;
++ }
++
++ } else {
++ icp_ocfDrvPtrAndLenToBufferList(crp->crp_buf,
++ crp->crp_ilen,
++ &(drvOpData->srcBuffer));
++
++ drvOpData->bufferType = CRYPTO_BUF_CONTIG;
++ }
++
++ /* Allocate srcBuffer's private meta data */
++ if (ICP_OCF_DRV_STATUS_SUCCESS !=
++ icp_ocfDrvAllocMetaData(&(drvOpData->srcBuffer), drvOpData)) {
++ EPRINTK("%s() icp_ocfDrvAllocMetaData failed\n", __FUNCTION__);
++ memset(&(drvOpData->lacOpData), 0, sizeof(CpaCySymOpData));
++ crp->crp_etype = EINVAL;
++ goto err;
++ }
++
++ /* Perform "in-place" crypto operation */
++ lacStatus = cpaCySymPerformOp(CPA_INSTANCE_HANDLE_SINGLE,
++ (void *)drvOpData,
++ &(drvOpData->lacOpData),
++ &(drvOpData->srcBuffer),
++ &(drvOpData->srcBuffer),
++ &(drvOpData->verifyResult));
++ if (CPA_STATUS_RETRY == lacStatus) {
++ DPRINTK("%s(): cpaCySymPerformOp retry, lacStatus = %d\n",
++ __FUNCTION__, lacStatus);
++ memset(&(drvOpData->lacOpData), 0, sizeof(CpaCySymOpData));
++ crp->crp_etype = ERESTART;
++ goto err;
++ }
++ if (CPA_STATUS_SUCCESS != lacStatus) {
++ EPRINTK("%s(): cpaCySymPerformOp failed, lacStatus = %d\n",
++ __FUNCTION__, lacStatus);
++ memset(&(drvOpData->lacOpData), 0, sizeof(CpaCySymOpData));
++ crp->crp_etype = EINVAL;
++ goto err;
++ }
++
++ return 0; //OCF success status value
++
++ err:
++ if (drvOpData->numBufferListArray > ICP_OCF_DRV_DEFAULT_BUFFLIST_ARRAYS) {
++ icp_kfree(drvOpData->srcBuffer.pBuffers);
++ }
++ icp_ocfDrvFreeMetaData(&(drvOpData->srcBuffer));
++ ICP_CACHE_FREE(drvOpData_zone, drvOpData);
++
++ return crp->crp_etype;
++}
++
++/* Name : icp_ocfDrvProcessDataSetup
++ *
++ * Description : This function will setup all the cryptographic operation data
++ * that is required by LAC to execute the operation.
++ */
++static int icp_ocfDrvProcessDataSetup(struct icp_drvOpData *drvOpData,
++ struct cryptodesc *crp_desc)
++{
++ CpaCyRandGenOpData randGenOpData;
++ CpaFlatBuffer randData;
++
++ drvOpData->lacOpData.packetType = CPA_CY_SYM_PACKET_TYPE_FULL;
++
++ /* Convert from the cryptop to the ICP LAC crypto parameters */
++ switch (crp_desc->crd_alg) {
++ case CRYPTO_NULL_CBC:
++ drvOpData->lacOpData.
++ cryptoStartSrcOffsetInBytes = crp_desc->crd_skip;
++ drvOpData->lacOpData.
++ messageLenToCipherInBytes = crp_desc->crd_len;
++ drvOpData->verifyResult = CPA_FALSE;
++ drvOpData->lacOpData.ivLenInBytes = NULL_BLOCK_LEN;
++ break;
++ case CRYPTO_DES_CBC:
++ drvOpData->lacOpData.
++ cryptoStartSrcOffsetInBytes = crp_desc->crd_skip;
++ drvOpData->lacOpData.
++ messageLenToCipherInBytes = crp_desc->crd_len;
++ drvOpData->verifyResult = CPA_FALSE;
++ drvOpData->lacOpData.ivLenInBytes = DES_BLOCK_LEN;
++ break;
++ case CRYPTO_3DES_CBC:
++ drvOpData->lacOpData.
++ cryptoStartSrcOffsetInBytes = crp_desc->crd_skip;
++ drvOpData->lacOpData.
++ messageLenToCipherInBytes = crp_desc->crd_len;
++ drvOpData->verifyResult = CPA_FALSE;
++ drvOpData->lacOpData.ivLenInBytes = DES3_BLOCK_LEN;
++ break;
++ case CRYPTO_ARC4:
++ drvOpData->lacOpData.
++ cryptoStartSrcOffsetInBytes = crp_desc->crd_skip;
++ drvOpData->lacOpData.
++ messageLenToCipherInBytes = crp_desc->crd_len;
++ drvOpData->verifyResult = CPA_FALSE;
++ drvOpData->lacOpData.ivLenInBytes = ARC4_COUNTER_LEN;
++ break;
++ case CRYPTO_AES_CBC:
++ drvOpData->lacOpData.
++ cryptoStartSrcOffsetInBytes = crp_desc->crd_skip;
++ drvOpData->lacOpData.
++ messageLenToCipherInBytes = crp_desc->crd_len;
++ drvOpData->verifyResult = CPA_FALSE;
++ drvOpData->lacOpData.ivLenInBytes = RIJNDAEL128_BLOCK_LEN;
++ break;
++ case CRYPTO_SHA1:
++ case CRYPTO_SHA1_HMAC:
++ case CRYPTO_SHA2_256:
++ case CRYPTO_SHA2_256_HMAC:
++ case CRYPTO_SHA2_384:
++ case CRYPTO_SHA2_384_HMAC:
++ case CRYPTO_SHA2_512:
++ case CRYPTO_SHA2_512_HMAC:
++ case CRYPTO_MD5:
++ case CRYPTO_MD5_HMAC:
++ drvOpData->lacOpData.
++ hashStartSrcOffsetInBytes = crp_desc->crd_skip;
++ drvOpData->lacOpData.
++ messageLenToHashInBytes = crp_desc->crd_len;
++ drvOpData->lacOpData.
++ pDigestResult =
++ icp_ocfDrvDigestPointerFind(drvOpData, crp_desc);
++
++ if (NULL == drvOpData->lacOpData.pDigestResult) {
++ DPRINTK("%s(): ERROR - could not calculate "
++ "Digest Result memory address\n", __FUNCTION__);
++ return ICP_OCF_DRV_STATUS_FAIL;
++ }
++
++ drvOpData->lacOpData.digestVerify = CPA_FALSE;
++ break;
++ default:
++ DPRINTK("%s(): Crypto process error - algorithm not "
++ "found \n", __FUNCTION__);
++ return ICP_OCF_DRV_STATUS_FAIL;
++ }
++
++ /* Figure out what the IV is supposed to be */
++ if ((crp_desc->crd_alg == CRYPTO_DES_CBC) ||
++ (crp_desc->crd_alg == CRYPTO_3DES_CBC) ||
++ (crp_desc->crd_alg == CRYPTO_AES_CBC)) {
++ /*ARC4 doesn't use an IV */
++ if (crp_desc->crd_flags & CRD_F_IV_EXPLICIT) {
++ /* Explicit IV provided to OCF */
++ drvOpData->lacOpData.pIv = crp_desc->crd_iv;
++ } else {
++ /* IV is not explicitly provided to OCF */
++
++ /* Point the LAC OP Data IV pointer to our allocated
++ storage location for this session. */
++ drvOpData->lacOpData.pIv = drvOpData->ivData;
++
++ if ((crp_desc->crd_flags & CRD_F_ENCRYPT) &&
++ ((crp_desc->crd_flags & CRD_F_IV_PRESENT) == 0)) {
++
++ /* Encrypting - need to create IV */
++ randGenOpData.generateBits = CPA_TRUE;
++ randGenOpData.lenInBytes = MAX_IV_LEN_IN_BYTES;
++
++ icp_ocfDrvPtrAndLenToFlatBuffer((Cpa8U *)
++ drvOpData->
++ ivData,
++ MAX_IV_LEN_IN_BYTES,
++ &randData);
++
++ if (CPA_STATUS_SUCCESS !=
++ cpaCyRandGen(CPA_INSTANCE_HANDLE_SINGLE,
++ NULL, NULL,
++ &randGenOpData, &randData)) {
++ DPRINTK("%s(): ERROR - Failed to"
++ " generate"
++ " Initialisation Vector\n",
++ __FUNCTION__);
++ return ICP_OCF_DRV_STATUS_FAIL;
++ }
++
++ crypto_copyback(drvOpData->crp->
++ crp_flags,
++ drvOpData->crp->crp_buf,
++ crp_desc->crd_inject,
++ drvOpData->lacOpData.
++ ivLenInBytes,
++ (caddr_t) (drvOpData->lacOpData.
++ pIv));
++ } else {
++ /* Reading IV from buffer */
++ crypto_copydata(drvOpData->crp->
++ crp_flags,
++ drvOpData->crp->crp_buf,
++ crp_desc->crd_inject,
++ drvOpData->lacOpData.
++ ivLenInBytes,
++ (caddr_t) (drvOpData->lacOpData.
++ pIv));
++ }
++
++ }
++
++ }
++
++ return ICP_OCF_DRV_STATUS_SUCCESS;
++}
++
++/* Name : icp_ocfDrvDigestPointerFind
++ *
++ * Description : This function is used to find the memory address of where the
++ * digest information shall be stored in. Input buffer types are an skbuff, iov
++ * or flat buffer. The address is found using the buffer data start address and
++ * an offset.
++ *
++ * Note: In the case of a linux skbuff, the digest address may exist within
++ * a memory space linked to from the start buffer. These linked memory spaces
++ * must be traversed by the data length offset in order to find the digest start
++ * address. Whether there is enough space for the digest must also be checked.
++ */
++uint8_t *icp_ocfDrvDigestPointerFind(struct icp_drvOpData * drvOpData,
++ struct cryptodesc * crp_desc)
++{
++
++ int offsetInBytes = crp_desc->crd_inject;
++ uint32_t digestSizeInBytes = drvOpData->digestSizeInBytes;
++ uint8_t *flat_buffer_base = NULL;
++ int flat_buffer_length = 0;
++
++ if (drvOpData->crp->crp_flags & ICP_CRYPTO_F_PACKET_BUF) {
++
++ return icp_ocfDrvPacketBufferDigestPointerFind(drvOpData,
++ offsetInBytes,
++ digestSizeInBytes);
++
++ } else {
++ /* IOV or flat buffer */
++ if (drvOpData->crp->crp_flags & CRYPTO_F_IOV) {
++ /*single IOV check has already been done */
++ flat_buffer_base = ((struct uio *)
++ (drvOpData->crp->crp_buf))->
++ uio_iov[0].iov_base;
++ flat_buffer_length = ((struct uio *)
++ (drvOpData->crp->crp_buf))->
++ uio_iov[0].iov_len;
++ } else {
++ flat_buffer_base = (uint8_t *) drvOpData->crp->crp_buf;
++ flat_buffer_length = drvOpData->crp->crp_ilen;
++ }
++
++ if (flat_buffer_length < (offsetInBytes + digestSizeInBytes)) {
++ DPRINTK("%s() Not enough space for Digest "
++ "(IOV/Flat Buffer) \n", __FUNCTION__);
++ return NULL;
++ } else {
++ return (uint8_t *) (flat_buffer_base + offsetInBytes);
++ }
++ }
++ DPRINTK("%s() Should not reach this point\n", __FUNCTION__);
++ return NULL;
++}
+diff --git a/crypto/ocf/hifn/Makefile b/crypto/ocf/hifn/Makefile
+new file mode 100644
+index 0000000..163fed0
+--- /dev/null
++++ b/crypto/ocf/hifn/Makefile
+@@ -0,0 +1,13 @@
++# for SGlinux builds
++-include $(ROOTDIR)/modules/.config
++
++obj-$(CONFIG_OCF_HIFN) += hifn7751.o
++obj-$(CONFIG_OCF_HIFNHIPP) += hifnHIPP.o
++
++obj ?= .
++EXTRA_CFLAGS += -I$(obj)/.. -I$(obj)/
++
++ifdef TOPDIR
++-include $(TOPDIR)/Rules.make
++endif
++
+diff --git a/crypto/ocf/hifn/hifn7751.c b/crypto/ocf/hifn/hifn7751.c
+new file mode 100644
+index 0000000..6136e84
+--- /dev/null
++++ b/crypto/ocf/hifn/hifn7751.c
+@@ -0,0 +1,2976 @@
++/* $OpenBSD: hifn7751.c,v 1.120 2002/05/17 00:33:34 deraadt Exp $ */
++
++/*-
++ * Invertex AEON / Hifn 7751 driver
++ * Copyright (c) 1999 Invertex Inc. All rights reserved.
++ * Copyright (c) 1999 Theo de Raadt
++ * Copyright (c) 2000-2001 Network Security Technologies, Inc.
++ * http://www.netsec.net
++ * Copyright (c) 2003 Hifn Inc.
++ *
++ * This driver is based on a previous driver by Invertex, for which they
++ * requested: Please send any comments, feedback, bug-fixes, or feature
++ * requests to software at invertex.com.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored in part by the Defense Advanced Research Projects
++ * Agency (DARPA) and Air Force Research Laboratory, Air Force
++ * Materiel Command, USAF, under agreement number F30602-01-2-0537.
++ *
++ *
++__FBSDID("$FreeBSD: src/sys/dev/hifn/hifn7751.c,v 1.40 2007/03/21 03:42:49 sam Exp $");
++ */
++
++/*
++ * Driver for various Hifn encryption processors.
++ */
++#ifndef AUTOCONF_INCLUDED
++#include <linux/config.h>
++#endif
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/list.h>
++#include <linux/slab.h>
++#include <linux/wait.h>
++#include <linux/sched.h>
++#include <linux/pci.h>
++#include <linux/delay.h>
++#include <linux/interrupt.h>
++#include <linux/spinlock.h>
++#include <linux/random.h>
++#include <linux/version.h>
++#include <linux/skbuff.h>
++#include <asm/io.h>
++
++#include <cryptodev.h>
++#include <uio.h>
++#include <hifn/hifn7751reg.h>
++#include <hifn/hifn7751var.h>
++
++#if 1
++#define DPRINTF(a...) if (hifn_debug) { \
++ printk("%s: ", sc ? \
++ device_get_nameunit(sc->sc_dev) : "hifn"); \
++ printk(a); \
++ } else
++#else
++#define DPRINTF(a...)
++#endif
++
++static inline int
++pci_get_revid(struct pci_dev *dev)
++{
++ u8 rid = 0;
++ pci_read_config_byte(dev, PCI_REVISION_ID, &rid);
++ return rid;
++}
++
++static struct hifn_stats hifnstats;
++
++#define debug hifn_debug
++int hifn_debug = 0;
++module_param(hifn_debug, int, 0644);
++MODULE_PARM_DESC(hifn_debug, "Enable debug");
++
++int hifn_maxbatch = 1;
++module_param(hifn_maxbatch, int, 0644);
++MODULE_PARM_DESC(hifn_maxbatch, "max ops to batch w/o interrupt");
++
++int hifn_cache_linesize = 0x10;
++module_param(hifn_cache_linesize, int, 0444);
++MODULE_PARM_DESC(hifn_cache_linesize, "PCI config cache line size");
++
++#ifdef MODULE_PARM
++char *hifn_pllconfig = NULL;
++MODULE_PARM(hifn_pllconfig, "s");
++#else
++char hifn_pllconfig[32]; /* This setting is RO after loading */
++module_param_string(hifn_pllconfig, hifn_pllconfig, 32, 0444);
++#endif
++MODULE_PARM_DESC(hifn_pllconfig, "PLL config, ie., pci66, ext33, ...");
++
++#ifdef HIFN_VULCANDEV
++#include <sys/conf.h>
++#include <sys/uio.h>
++
++static struct cdevsw vulcanpk_cdevsw; /* forward declaration */
++#endif
++
++/*
++ * Prototypes and count for the pci_device structure
++ */
++static int hifn_probe(struct pci_dev *dev, const struct pci_device_id *ent);
++static void hifn_remove(struct pci_dev *dev);
++
++static int hifn_newsession(device_t, u_int32_t *, struct cryptoini *);
++static int hifn_freesession(device_t, u_int64_t);
++static int hifn_process(device_t, struct cryptop *, int);
++
++static device_method_t hifn_methods = {
++ /* crypto device methods */
++ DEVMETHOD(cryptodev_newsession, hifn_newsession),
++ DEVMETHOD(cryptodev_freesession,hifn_freesession),
++ DEVMETHOD(cryptodev_process, hifn_process),
++};
++
++static void hifn_reset_board(struct hifn_softc *, int);
++static void hifn_reset_puc(struct hifn_softc *);
++static void hifn_puc_wait(struct hifn_softc *);
++static int hifn_enable_crypto(struct hifn_softc *);
++static void hifn_set_retry(struct hifn_softc *sc);
++static void hifn_init_dma(struct hifn_softc *);
++static void hifn_init_pci_registers(struct hifn_softc *);
++static int hifn_sramsize(struct hifn_softc *);
++static int hifn_dramsize(struct hifn_softc *);
++static int hifn_ramtype(struct hifn_softc *);
++static void hifn_sessions(struct hifn_softc *);
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
++static irqreturn_t hifn_intr(int irq, void *arg);
++#else
++static irqreturn_t hifn_intr(int irq, void *arg, struct pt_regs *regs);
++#endif
++static u_int hifn_write_command(struct hifn_command *, u_int8_t *);
++static u_int32_t hifn_next_signature(u_int32_t a, u_int cnt);
++static void hifn_callback(struct hifn_softc *, struct hifn_command *, u_int8_t *);
++static int hifn_crypto(struct hifn_softc *, struct hifn_command *, struct cryptop *, int);
++static int hifn_readramaddr(struct hifn_softc *, int, u_int8_t *);
++static int hifn_writeramaddr(struct hifn_softc *, int, u_int8_t *);
++static int hifn_dmamap_load_src(struct hifn_softc *, struct hifn_command *);
++static int hifn_dmamap_load_dst(struct hifn_softc *, struct hifn_command *);
++static int hifn_init_pubrng(struct hifn_softc *);
++static void hifn_tick(unsigned long arg);
++static void hifn_abort(struct hifn_softc *);
++static void hifn_alloc_slot(struct hifn_softc *, int *, int *, int *, int *);
++
++static void hifn_write_reg_0(struct hifn_softc *, bus_size_t, u_int32_t);
++static void hifn_write_reg_1(struct hifn_softc *, bus_size_t, u_int32_t);
++
++#ifdef CONFIG_OCF_RANDOMHARVEST
++static int hifn_read_random(void *arg, u_int32_t *buf, int len);
++#endif
++
++#define HIFN_MAX_CHIPS 8
++static struct hifn_softc *hifn_chip_idx[HIFN_MAX_CHIPS];
++
++static __inline u_int32_t
++READ_REG_0(struct hifn_softc *sc, bus_size_t reg)
++{
++ u_int32_t v = readl(sc->sc_bar0 + reg);
++ sc->sc_bar0_lastreg = (bus_size_t) -1;
++ return (v);
++}
++#define WRITE_REG_0(sc, reg, val) hifn_write_reg_0(sc, reg, val)
++
++static __inline u_int32_t
++READ_REG_1(struct hifn_softc *sc, bus_size_t reg)
++{
++ u_int32_t v = readl(sc->sc_bar1 + reg);
++ sc->sc_bar1_lastreg = (bus_size_t) -1;
++ return (v);
++}
++#define WRITE_REG_1(sc, reg, val) hifn_write_reg_1(sc, reg, val)
++
++/*
++ * map in a given buffer (great on some arches :-)
++ */
++
++static int
++pci_map_uio(struct hifn_softc *sc, struct hifn_operand *buf, struct uio *uio)
++{
++ struct iovec *iov = uio->uio_iov;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ buf->mapsize = 0;
++ for (buf->nsegs = 0; buf->nsegs < uio->uio_iovcnt; ) {
++ buf->segs[buf->nsegs].ds_addr = pci_map_single(sc->sc_pcidev,
++ iov->iov_base, iov->iov_len,
++ PCI_DMA_BIDIRECTIONAL);
++ buf->segs[buf->nsegs].ds_len = iov->iov_len;
++ buf->mapsize += iov->iov_len;
++ iov++;
++ buf->nsegs++;
++ }
++ /* identify this buffer by the first segment */
++ buf->map = (void *) buf->segs[0].ds_addr;
++ return(0);
++}
++
++/*
++ * map in a given sk_buff
++ */
++
++static int
++pci_map_skb(struct hifn_softc *sc,struct hifn_operand *buf,struct sk_buff *skb)
++{
++ int i;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ buf->mapsize = 0;
++
++ buf->segs[0].ds_addr = pci_map_single(sc->sc_pcidev,
++ skb->data, skb_headlen(skb), PCI_DMA_BIDIRECTIONAL);
++ buf->segs[0].ds_len = skb_headlen(skb);
++ buf->mapsize += buf->segs[0].ds_len;
++
++ buf->nsegs = 1;
++
++ for (i = 0; i < skb_shinfo(skb)->nr_frags; ) {
++ buf->segs[buf->nsegs].ds_len = skb_shinfo(skb)->frags[i].size;
++ buf->segs[buf->nsegs].ds_addr = pci_map_single(sc->sc_pcidev,
++ page_address(skb_shinfo(skb)->frags[i].page) +
++ skb_shinfo(skb)->frags[i].page_offset,
++ buf->segs[buf->nsegs].ds_len, PCI_DMA_BIDIRECTIONAL);
++ buf->mapsize += buf->segs[buf->nsegs].ds_len;
++ buf->nsegs++;
++ }
++
++ /* identify this buffer by the first segment */
++ buf->map = (void *) buf->segs[0].ds_addr;
++ return(0);
++}
++
++/*
++ * map in a given contiguous buffer
++ */
++
++static int
++pci_map_buf(struct hifn_softc *sc,struct hifn_operand *buf, void *b, int len)
++{
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ buf->mapsize = 0;
++ buf->segs[0].ds_addr = pci_map_single(sc->sc_pcidev,
++ b, len, PCI_DMA_BIDIRECTIONAL);
++ buf->segs[0].ds_len = len;
++ buf->mapsize += buf->segs[0].ds_len;
++ buf->nsegs = 1;
++
++ /* identify this buffer by the first segment */
++ buf->map = (void *) buf->segs[0].ds_addr;
++ return(0);
++}
++
++#if 0 /* not needed at this time */
++static void
++pci_sync_iov(struct hifn_softc *sc, struct hifn_operand *buf)
++{
++ int i;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++ for (i = 0; i < buf->nsegs; i++)
++ pci_dma_sync_single_for_cpu(sc->sc_pcidev, buf->segs[i].ds_addr,
++ buf->segs[i].ds_len, PCI_DMA_BIDIRECTIONAL);
++}
++#endif
++
++static void
++pci_unmap_buf(struct hifn_softc *sc, struct hifn_operand *buf)
++{
++ int i;
++ DPRINTF("%s()\n", __FUNCTION__);
++ for (i = 0; i < buf->nsegs; i++) {
++ pci_unmap_single(sc->sc_pcidev, buf->segs[i].ds_addr,
++ buf->segs[i].ds_len, PCI_DMA_BIDIRECTIONAL);
++ buf->segs[i].ds_addr = 0;
++ buf->segs[i].ds_len = 0;
++ }
++ buf->nsegs = 0;
++ buf->mapsize = 0;
++ buf->map = 0;
++}
++
++static const char*
++hifn_partname(struct hifn_softc *sc)
++{
++ /* XXX sprintf numbers when not decoded */
++ switch (pci_get_vendor(sc->sc_pcidev)) {
++ case PCI_VENDOR_HIFN:
++ switch (pci_get_device(sc->sc_pcidev)) {
++ case PCI_PRODUCT_HIFN_6500: return "Hifn 6500";
++ case PCI_PRODUCT_HIFN_7751: return "Hifn 7751";
++ case PCI_PRODUCT_HIFN_7811: return "Hifn 7811";
++ case PCI_PRODUCT_HIFN_7951: return "Hifn 7951";
++ case PCI_PRODUCT_HIFN_7955: return "Hifn 7955";
++ case PCI_PRODUCT_HIFN_7956: return "Hifn 7956";
++ }
++ return "Hifn unknown-part";
++ case PCI_VENDOR_INVERTEX:
++ switch (pci_get_device(sc->sc_pcidev)) {
++ case PCI_PRODUCT_INVERTEX_AEON: return "Invertex AEON";
++ }
++ return "Invertex unknown-part";
++ case PCI_VENDOR_NETSEC:
++ switch (pci_get_device(sc->sc_pcidev)) {
++ case PCI_PRODUCT_NETSEC_7751: return "NetSec 7751";
++ }
++ return "NetSec unknown-part";
++ }
++ return "Unknown-vendor unknown-part";
++}
++
++static u_int
++checkmaxmin(struct pci_dev *dev, const char *what, u_int v, u_int min, u_int max)
++{
++ struct hifn_softc *sc = pci_get_drvdata(dev);
++ if (v > max) {
++ device_printf(sc->sc_dev, "Warning, %s %u out of range, "
++ "using max %u\n", what, v, max);
++ v = max;
++ } else if (v < min) {
++ device_printf(sc->sc_dev, "Warning, %s %u out of range, "
++ "using min %u\n", what, v, min);
++ v = min;
++ }
++ return v;
++}
++
++/*
++ * Select PLL configuration for 795x parts. This is complicated in
++ * that we cannot determine the optimal parameters without user input.
++ * The reference clock is derived from an external clock through a
++ * multiplier. The external clock is either the host bus (i.e. PCI)
++ * or an external clock generator. When using the PCI bus we assume
++ * the clock is either 33 or 66 MHz; for an external source we cannot
++ * tell the speed.
++ *
++ * PLL configuration is done with a string: "pci" for PCI bus, or "ext"
++ * for an external source, followed by the frequency. We calculate
++ * the appropriate multiplier and PLL register contents accordingly.
++ * When no configuration is given we default to "pci66" since that
++ * always will allow the card to work. If a card is using the PCI
++ * bus clock and in a 33MHz slot then it will be operating at half
++ * speed until the correct information is provided.
++ *
++ * We use a default setting of "ext66" because according to Mike Ham
++ * of HiFn, almost every board in existence has an external crystal
++ * populated at 66Mhz. Using PCI can be a problem on modern motherboards,
++ * because PCI33 can have clocks from 0 to 33Mhz, and some have
++ * non-PCI-compliant spread-spectrum clocks, which can confuse the pll.
++ */
++static void
++hifn_getpllconfig(struct pci_dev *dev, u_int *pll)
++{
++ const char *pllspec = hifn_pllconfig;
++ u_int freq, mul, fl, fh;
++ u_int32_t pllconfig;
++ char *nxt;
++
++ if (pllspec == NULL)
++ pllspec = "ext66";
++ fl = 33, fh = 66;
++ pllconfig = 0;
++ if (strncmp(pllspec, "ext", 3) == 0) {
++ pllspec += 3;
++ pllconfig |= HIFN_PLL_REF_SEL;
++ switch (pci_get_device(dev)) {
++ case PCI_PRODUCT_HIFN_7955:
++ case PCI_PRODUCT_HIFN_7956:
++ fl = 20, fh = 100;
++ break;
++#ifdef notyet
++ case PCI_PRODUCT_HIFN_7954:
++ fl = 20, fh = 66;
++ break;
++#endif
++ }
++ } else if (strncmp(pllspec, "pci", 3) == 0)
++ pllspec += 3;
++ freq = strtoul(pllspec, &nxt, 10);
++ if (nxt == pllspec)
++ freq = 66;
++ else
++ freq = checkmaxmin(dev, "frequency", freq, fl, fh);
++ /*
++ * Calculate multiplier. We target a Fck of 266 MHz,
++ * allowing only even values, possibly rounded down.
++ * Multipliers > 8 must set the charge pump current.
++ */
++ mul = checkmaxmin(dev, "PLL divisor", (266 / freq) &~ 1, 2, 12);
++ pllconfig |= (mul / 2 - 1) << HIFN_PLL_ND_SHIFT;
++ if (mul > 8)
++ pllconfig |= HIFN_PLL_IS;
++ *pll = pllconfig;
++}
++
++/*
++ * Attach an interface that successfully probed.
++ */
++static int
++hifn_probe(struct pci_dev *dev, const struct pci_device_id *ent)
++{
++ struct hifn_softc *sc = NULL;
++ char rbase;
++ u_int16_t ena, rev;
++ int rseg, rc;
++ unsigned long mem_start, mem_len;
++ static int num_chips = 0;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ if (pci_enable_device(dev) < 0)
++ return(-ENODEV);
++
++ if (pci_set_mwi(dev))
++ return(-ENODEV);
++
++ if (!dev->irq) {
++ printk("hifn: found device with no IRQ assigned. check BIOS settings!");
++ pci_disable_device(dev);
++ return(-ENODEV);
++ }
++
++ sc = (struct hifn_softc *) kmalloc(sizeof(*sc), GFP_KERNEL);
++ if (!sc)
++ return(-ENOMEM);
++ memset(sc, 0, sizeof(*sc));
++
++ softc_device_init(sc, "hifn", num_chips, hifn_methods);
++
++ sc->sc_pcidev = dev;
++ sc->sc_irq = -1;
++ sc->sc_cid = -1;
++ sc->sc_num = num_chips++;
++ if (sc->sc_num < HIFN_MAX_CHIPS)
++ hifn_chip_idx[sc->sc_num] = sc;
++
++ pci_set_drvdata(sc->sc_pcidev, sc);
++
++ spin_lock_init(&sc->sc_mtx);
++
++ /* XXX handle power management */
++
++ /*
++ * The 7951 and 795x have a random number generator and
++ * public key support; note this.
++ */
++ if (pci_get_vendor(dev) == PCI_VENDOR_HIFN &&
++ (pci_get_device(dev) == PCI_PRODUCT_HIFN_7951 ||
++ pci_get_device(dev) == PCI_PRODUCT_HIFN_7955 ||
++ pci_get_device(dev) == PCI_PRODUCT_HIFN_7956))
++ sc->sc_flags = HIFN_HAS_RNG | HIFN_HAS_PUBLIC;
++ /*
++ * The 7811 has a random number generator and
++ * we also note it's identity 'cuz of some quirks.
++ */
++ if (pci_get_vendor(dev) == PCI_VENDOR_HIFN &&
++ pci_get_device(dev) == PCI_PRODUCT_HIFN_7811)
++ sc->sc_flags |= HIFN_IS_7811 | HIFN_HAS_RNG;
++
++ /*
++ * The 795x parts support AES.
++ */
++ if (pci_get_vendor(dev) == PCI_VENDOR_HIFN &&
++ (pci_get_device(dev) == PCI_PRODUCT_HIFN_7955 ||
++ pci_get_device(dev) == PCI_PRODUCT_HIFN_7956)) {
++ sc->sc_flags |= HIFN_IS_7956 | HIFN_HAS_AES;
++ /*
++ * Select PLL configuration. This depends on the
++ * bus and board design and must be manually configured
++ * if the default setting is unacceptable.
++ */
++ hifn_getpllconfig(dev, &sc->sc_pllconfig);
++ }
++
++ /*
++ * Setup PCI resources. Note that we record the bus
++ * tag and handle for each register mapping, this is
++ * used by the READ_REG_0, WRITE_REG_0, READ_REG_1,
++ * and WRITE_REG_1 macros throughout the driver.
++ */
++ mem_start = pci_resource_start(sc->sc_pcidev, 0);
++ mem_len = pci_resource_len(sc->sc_pcidev, 0);
++ sc->sc_bar0 = (ocf_iomem_t) ioremap(mem_start, mem_len);
++ if (!sc->sc_bar0) {
++ device_printf(sc->sc_dev, "cannot map bar%d register space\n", 0);
++ goto fail;
++ }
++ sc->sc_bar0_lastreg = (bus_size_t) -1;
++
++ mem_start = pci_resource_start(sc->sc_pcidev, 1);
++ mem_len = pci_resource_len(sc->sc_pcidev, 1);
++ sc->sc_bar1 = (ocf_iomem_t) ioremap(mem_start, mem_len);
++ if (!sc->sc_bar1) {
++ device_printf(sc->sc_dev, "cannot map bar%d register space\n", 1);
++ goto fail;
++ }
++ sc->sc_bar1_lastreg = (bus_size_t) -1;
++
++ /* fix up the bus size */
++ if (pci_set_dma_mask(dev, DMA_32BIT_MASK)) {
++ device_printf(sc->sc_dev, "No usable DMA configuration, aborting.\n");
++ goto fail;
++ }
++ if (pci_set_consistent_dma_mask(dev, DMA_32BIT_MASK)) {
++ device_printf(sc->sc_dev,
++ "No usable consistent DMA configuration, aborting.\n");
++ goto fail;
++ }
++
++ hifn_set_retry(sc);
++
++ /*
++ * Setup the area where the Hifn DMA's descriptors
++ * and associated data structures.
++ */
++ sc->sc_dma = (struct hifn_dma *) pci_alloc_consistent(dev,
++ sizeof(*sc->sc_dma),
++ &sc->sc_dma_physaddr);
++ if (!sc->sc_dma) {
++ device_printf(sc->sc_dev, "cannot alloc sc_dma\n");
++ goto fail;
++ }
++ bzero(sc->sc_dma, sizeof(*sc->sc_dma));
++
++ /*
++ * Reset the board and do the ``secret handshake''
++ * to enable the crypto support. Then complete the
++ * initialization procedure by setting up the interrupt
++ * and hooking in to the system crypto support so we'll
++ * get used for system services like the crypto device,
++ * IPsec, RNG device, etc.
++ */
++ hifn_reset_board(sc, 0);
++
++ if (hifn_enable_crypto(sc) != 0) {
++ device_printf(sc->sc_dev, "crypto enabling failed\n");
++ goto fail;
++ }
++ hifn_reset_puc(sc);
++
++ hifn_init_dma(sc);
++ hifn_init_pci_registers(sc);
++
++ pci_set_master(sc->sc_pcidev);
++
++ /* XXX can't dynamically determine ram type for 795x; force dram */
++ if (sc->sc_flags & HIFN_IS_7956)
++ sc->sc_drammodel = 1;
++ else if (hifn_ramtype(sc))
++ goto fail;
++
++ if (sc->sc_drammodel == 0)
++ hifn_sramsize(sc);
++ else
++ hifn_dramsize(sc);
++
++ /*
++ * Workaround for NetSec 7751 rev A: half ram size because two
++ * of the address lines were left floating
++ */
++ if (pci_get_vendor(dev) == PCI_VENDOR_NETSEC &&
++ pci_get_device(dev) == PCI_PRODUCT_NETSEC_7751 &&
++ pci_get_revid(dev) == 0x61) /*XXX???*/
++ sc->sc_ramsize >>= 1;
++
++ /*
++ * Arrange the interrupt line.
++ */
++ rc = request_irq(dev->irq, hifn_intr, IRQF_SHARED, "hifn", sc);
++ if (rc) {
++ device_printf(sc->sc_dev, "could not map interrupt: %d\n", rc);
++ goto fail;
++ }
++ sc->sc_irq = dev->irq;
++
++ hifn_sessions(sc);
++
++ /*
++ * NB: Keep only the low 16 bits; this masks the chip id
++ * from the 7951.
++ */
++ rev = READ_REG_1(sc, HIFN_1_REVID) & 0xffff;
++
++ rseg = sc->sc_ramsize / 1024;
++ rbase = 'K';
++ if (sc->sc_ramsize >= (1024 * 1024)) {
++ rbase = 'M';
++ rseg /= 1024;
++ }
++ device_printf(sc->sc_dev, "%s, rev %u, %d%cB %cram",
++ hifn_partname(sc), rev,
++ rseg, rbase, sc->sc_drammodel ? 'd' : 's');
++ if (sc->sc_flags & HIFN_IS_7956)
++ printf(", pll=0x%x<%s clk, %ux mult>",
++ sc->sc_pllconfig,
++ sc->sc_pllconfig & HIFN_PLL_REF_SEL ? "ext" : "pci",
++ 2 + 2*((sc->sc_pllconfig & HIFN_PLL_ND) >> 11));
++ printf("\n");
++
++ sc->sc_cid = crypto_get_driverid(softc_get_device(sc),CRYPTOCAP_F_HARDWARE);
++ if (sc->sc_cid < 0) {
++ device_printf(sc->sc_dev, "could not get crypto driver id\n");
++ goto fail;
++ }
++
++ WRITE_REG_0(sc, HIFN_0_PUCNFG,
++ READ_REG_0(sc, HIFN_0_PUCNFG) | HIFN_PUCNFG_CHIPID);
++ ena = READ_REG_0(sc, HIFN_0_PUSTAT) & HIFN_PUSTAT_CHIPENA;
++
++ switch (ena) {
++ case HIFN_PUSTAT_ENA_2:
++ crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0);
++ crypto_register(sc->sc_cid, CRYPTO_ARC4, 0, 0);
++ if (sc->sc_flags & HIFN_HAS_AES)
++ crypto_register(sc->sc_cid, CRYPTO_AES_CBC, 0, 0);
++ /*FALLTHROUGH*/
++ case HIFN_PUSTAT_ENA_1:
++ crypto_register(sc->sc_cid, CRYPTO_MD5, 0, 0);
++ crypto_register(sc->sc_cid, CRYPTO_SHA1, 0, 0);
++ crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0);
++ crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0);
++ crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0);
++ break;
++ }
++
++ if (sc->sc_flags & (HIFN_HAS_PUBLIC | HIFN_HAS_RNG))
++ hifn_init_pubrng(sc);
++
++ init_timer(&sc->sc_tickto);
++ sc->sc_tickto.function = hifn_tick;
++ sc->sc_tickto.data = (unsigned long) sc->sc_num;
++ mod_timer(&sc->sc_tickto, jiffies + HZ);
++
++ return (0);
++
++fail:
++ if (sc->sc_cid >= 0)
++ crypto_unregister_all(sc->sc_cid);
++ if (sc->sc_irq != -1)
++ free_irq(sc->sc_irq, sc);
++ if (sc->sc_dma) {
++ /* Turn off DMA polling */
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_MSTRESET |
++ HIFN_DMACNFG_DMARESET | HIFN_DMACNFG_MODE);
++
++ pci_free_consistent(sc->sc_pcidev,
++ sizeof(*sc->sc_dma),
++ sc->sc_dma, sc->sc_dma_physaddr);
++ }
++ kfree(sc);
++ return (-ENXIO);
++}
++
++/*
++ * Detach an interface that successfully probed.
++ */
++static void
++hifn_remove(struct pci_dev *dev)
++{
++ struct hifn_softc *sc = pci_get_drvdata(dev);
++ unsigned long l_flags;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ KASSERT(sc != NULL, ("hifn_detach: null software carrier!"));
++
++ /* disable interrupts */
++ HIFN_LOCK(sc);
++ WRITE_REG_1(sc, HIFN_1_DMA_IER, 0);
++ HIFN_UNLOCK(sc);
++
++ /*XXX other resources */
++ del_timer_sync(&sc->sc_tickto);
++
++ /* Turn off DMA polling */
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_MSTRESET |
++ HIFN_DMACNFG_DMARESET | HIFN_DMACNFG_MODE);
++
++ crypto_unregister_all(sc->sc_cid);
++
++ free_irq(sc->sc_irq, sc);
++
++ pci_free_consistent(sc->sc_pcidev, sizeof(*sc->sc_dma),
++ sc->sc_dma, sc->sc_dma_physaddr);
++}
++
++
++static int
++hifn_init_pubrng(struct hifn_softc *sc)
++{
++ int i;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ if ((sc->sc_flags & HIFN_IS_7811) == 0) {
++ /* Reset 7951 public key/rng engine */
++ WRITE_REG_1(sc, HIFN_1_PUB_RESET,
++ READ_REG_1(sc, HIFN_1_PUB_RESET) | HIFN_PUBRST_RESET);
++
++ for (i = 0; i < 100; i++) {
++ DELAY(1000);
++ if ((READ_REG_1(sc, HIFN_1_PUB_RESET) &
++ HIFN_PUBRST_RESET) == 0)
++ break;
++ }
++
++ if (i == 100) {
++ device_printf(sc->sc_dev, "public key init failed\n");
++ return (1);
++ }
++ }
++
++ /* Enable the rng, if available */
++#ifdef CONFIG_OCF_RANDOMHARVEST
++ if (sc->sc_flags & HIFN_HAS_RNG) {
++ if (sc->sc_flags & HIFN_IS_7811) {
++ u_int32_t r;
++ r = READ_REG_1(sc, HIFN_1_7811_RNGENA);
++ if (r & HIFN_7811_RNGENA_ENA) {
++ r &= ~HIFN_7811_RNGENA_ENA;
++ WRITE_REG_1(sc, HIFN_1_7811_RNGENA, r);
++ }
++ WRITE_REG_1(sc, HIFN_1_7811_RNGCFG,
++ HIFN_7811_RNGCFG_DEFL);
++ r |= HIFN_7811_RNGENA_ENA;
++ WRITE_REG_1(sc, HIFN_1_7811_RNGENA, r);
++ } else
++ WRITE_REG_1(sc, HIFN_1_RNG_CONFIG,
++ READ_REG_1(sc, HIFN_1_RNG_CONFIG) |
++ HIFN_RNGCFG_ENA);
++
++ sc->sc_rngfirst = 1;
++ crypto_rregister(sc->sc_cid, hifn_read_random, sc);
++ }
++#endif
++
++ /* Enable public key engine, if available */
++ if (sc->sc_flags & HIFN_HAS_PUBLIC) {
++ WRITE_REG_1(sc, HIFN_1_PUB_IEN, HIFN_PUBIEN_DONE);
++ sc->sc_dmaier |= HIFN_DMAIER_PUBDONE;
++ WRITE_REG_1(sc, HIFN_1_DMA_IER, sc->sc_dmaier);
++#ifdef HIFN_VULCANDEV
++ sc->sc_pkdev = make_dev(&vulcanpk_cdevsw, 0,
++ UID_ROOT, GID_WHEEL, 0666,
++ "vulcanpk");
++ sc->sc_pkdev->si_drv1 = sc;
++#endif
++ }
++
++ return (0);
++}
++
++#ifdef CONFIG_OCF_RANDOMHARVEST
++static int
++hifn_read_random(void *arg, u_int32_t *buf, int len)
++{
++ struct hifn_softc *sc = (struct hifn_softc *) arg;
++ u_int32_t sts;
++ int i, rc = 0;
++
++ if (len <= 0)
++ return rc;
++
++ if (sc->sc_flags & HIFN_IS_7811) {
++ /* ONLY VALID ON 7811!!!! */
++ for (i = 0; i < 5; i++) {
++ sts = READ_REG_1(sc, HIFN_1_7811_RNGSTS);
++ if (sts & HIFN_7811_RNGSTS_UFL) {
++ device_printf(sc->sc_dev,
++ "RNG underflow: disabling\n");
++ /* DAVIDM perhaps return -1 */
++ break;
++ }
++ if ((sts & HIFN_7811_RNGSTS_RDY) == 0)
++ break;
++
++ /*
++ * There are at least two words in the RNG FIFO
++ * at this point.
++ */
++ if (rc < len)
++ buf[rc++] = READ_REG_1(sc, HIFN_1_7811_RNGDAT);
++ if (rc < len)
++ buf[rc++] = READ_REG_1(sc, HIFN_1_7811_RNGDAT);
++ }
++ } else
++ buf[rc++] = READ_REG_1(sc, HIFN_1_RNG_DATA);
++
++ /* NB: discard first data read */
++ if (sc->sc_rngfirst) {
++ sc->sc_rngfirst = 0;
++ rc = 0;
++ }
++
++ return(rc);
++}
++#endif /* CONFIG_OCF_RANDOMHARVEST */
++
++static void
++hifn_puc_wait(struct hifn_softc *sc)
++{
++ int i;
++ int reg = HIFN_0_PUCTRL;
++
++ if (sc->sc_flags & HIFN_IS_7956) {
++ reg = HIFN_0_PUCTRL2;
++ }
++
++ for (i = 5000; i > 0; i--) {
++ DELAY(1);
++ if (!(READ_REG_0(sc, reg) & HIFN_PUCTRL_RESET))
++ break;
++ }
++ if (!i)
++ device_printf(sc->sc_dev, "proc unit did not reset(0x%x)\n",
++ READ_REG_0(sc, HIFN_0_PUCTRL));
++}
++
++/*
++ * Reset the processing unit.
++ */
++static void
++hifn_reset_puc(struct hifn_softc *sc)
++{
++ /* Reset processing unit */
++ int reg = HIFN_0_PUCTRL;
++
++ if (sc->sc_flags & HIFN_IS_7956) {
++ reg = HIFN_0_PUCTRL2;
++ }
++ WRITE_REG_0(sc, reg, HIFN_PUCTRL_DMAENA);
++
++ hifn_puc_wait(sc);
++}
++
++/*
++ * Set the Retry and TRDY registers; note that we set them to
++ * zero because the 7811 locks up when forced to retry (section
++ * 3.6 of "Specification Update SU-0014-04". Not clear if we
++ * should do this for all Hifn parts, but it doesn't seem to hurt.
++ */
++static void
++hifn_set_retry(struct hifn_softc *sc)
++{
++ DPRINTF("%s()\n", __FUNCTION__);
++ /* NB: RETRY only responds to 8-bit reads/writes */
++ pci_write_config_byte(sc->sc_pcidev, HIFN_RETRY_TIMEOUT, 0);
++ pci_write_config_dword(sc->sc_pcidev, HIFN_TRDY_TIMEOUT, 0);
++ /* piggy back the cache line setting here */
++ pci_write_config_byte(sc->sc_pcidev, PCI_CACHE_LINE_SIZE, hifn_cache_linesize);
++}
++
++/*
++ * Resets the board. Values in the regesters are left as is
++ * from the reset (i.e. initial values are assigned elsewhere).
++ */
++static void
++hifn_reset_board(struct hifn_softc *sc, int full)
++{
++ u_int32_t reg;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++ /*
++ * Set polling in the DMA configuration register to zero. 0x7 avoids
++ * resetting the board and zeros out the other fields.
++ */
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_MSTRESET |
++ HIFN_DMACNFG_DMARESET | HIFN_DMACNFG_MODE);
++
++ /*
++ * Now that polling has been disabled, we have to wait 1 ms
++ * before resetting the board.
++ */
++ DELAY(1000);
++
++ /* Reset the DMA unit */
++ if (full) {
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_MODE);
++ DELAY(1000);
++ } else {
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG,
++ HIFN_DMACNFG_MODE | HIFN_DMACNFG_MSTRESET);
++ hifn_reset_puc(sc);
++ }
++
++ KASSERT(sc->sc_dma != NULL, ("hifn_reset_board: null DMA tag!"));
++ bzero(sc->sc_dma, sizeof(*sc->sc_dma));
++
++ /* Bring dma unit out of reset */
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_MSTRESET |
++ HIFN_DMACNFG_DMARESET | HIFN_DMACNFG_MODE);
++
++ hifn_puc_wait(sc);
++ hifn_set_retry(sc);
++
++ if (sc->sc_flags & HIFN_IS_7811) {
++ for (reg = 0; reg < 1000; reg++) {
++ if (READ_REG_1(sc, HIFN_1_7811_MIPSRST) &
++ HIFN_MIPSRST_CRAMINIT)
++ break;
++ DELAY(1000);
++ }
++ if (reg == 1000)
++ device_printf(sc->sc_dev, ": cram init timeout\n");
++ } else {
++ /* set up DMA configuration register #2 */
++ /* turn off all PK and BAR0 swaps */
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG2,
++ (3 << HIFN_DMACNFG2_INIT_WRITE_BURST_SHIFT)|
++ (3 << HIFN_DMACNFG2_INIT_READ_BURST_SHIFT)|
++ (2 << HIFN_DMACNFG2_TGT_WRITE_BURST_SHIFT)|
++ (2 << HIFN_DMACNFG2_TGT_READ_BURST_SHIFT));
++ }
++}
++
++static u_int32_t
++hifn_next_signature(u_int32_t a, u_int cnt)
++{
++ int i;
++ u_int32_t v;
++
++ for (i = 0; i < cnt; i++) {
++
++ /* get the parity */
++ v = a & 0x80080125;
++ v ^= v >> 16;
++ v ^= v >> 8;
++ v ^= v >> 4;
++ v ^= v >> 2;
++ v ^= v >> 1;
++
++ a = (v & 1) ^ (a << 1);
++ }
++
++ return a;
++}
++
++
++/*
++ * Checks to see if crypto is already enabled. If crypto isn't enable,
++ * "hifn_enable_crypto" is called to enable it. The check is important,
++ * as enabling crypto twice will lock the board.
++ */
++static int
++hifn_enable_crypto(struct hifn_softc *sc)
++{
++ u_int32_t dmacfg, ramcfg, encl, addr, i;
++ char offtbl[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
++ 0x00, 0x00, 0x00, 0x00 };
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ ramcfg = READ_REG_0(sc, HIFN_0_PUCNFG);
++ dmacfg = READ_REG_1(sc, HIFN_1_DMA_CNFG);
++
++ /*
++ * The RAM config register's encrypt level bit needs to be set before
++ * every read performed on the encryption level register.
++ */
++ WRITE_REG_0(sc, HIFN_0_PUCNFG, ramcfg | HIFN_PUCNFG_CHIPID);
++
++ encl = READ_REG_0(sc, HIFN_0_PUSTAT) & HIFN_PUSTAT_CHIPENA;
++
++ /*
++ * Make sure we don't re-unlock. Two unlocks kills chip until the
++ * next reboot.
++ */
++ if (encl == HIFN_PUSTAT_ENA_1 || encl == HIFN_PUSTAT_ENA_2) {
++#ifdef HIFN_DEBUG
++ if (hifn_debug)
++ device_printf(sc->sc_dev,
++ "Strong crypto already enabled!\n");
++#endif
++ goto report;
++ }
++
++ if (encl != 0 && encl != HIFN_PUSTAT_ENA_0) {
++#ifdef HIFN_DEBUG
++ if (hifn_debug)
++ device_printf(sc->sc_dev,
++ "Unknown encryption level 0x%x\n", encl);
++#endif
++ return 1;
++ }
++
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_UNLOCK |
++ HIFN_DMACNFG_MSTRESET | HIFN_DMACNFG_DMARESET | HIFN_DMACNFG_MODE);
++ DELAY(1000);
++ addr = READ_REG_1(sc, HIFN_UNLOCK_SECRET1);
++ DELAY(1000);
++ WRITE_REG_1(sc, HIFN_UNLOCK_SECRET2, 0);
++ DELAY(1000);
++
++ for (i = 0; i <= 12; i++) {
++ addr = hifn_next_signature(addr, offtbl[i] + 0x101);
++ WRITE_REG_1(sc, HIFN_UNLOCK_SECRET2, addr);
++
++ DELAY(1000);
++ }
++
++ WRITE_REG_0(sc, HIFN_0_PUCNFG, ramcfg | HIFN_PUCNFG_CHIPID);
++ encl = READ_REG_0(sc, HIFN_0_PUSTAT) & HIFN_PUSTAT_CHIPENA;
++
++#ifdef HIFN_DEBUG
++ if (hifn_debug) {
++ if (encl != HIFN_PUSTAT_ENA_1 && encl != HIFN_PUSTAT_ENA_2)
++ device_printf(sc->sc_dev, "Engine is permanently "
++ "locked until next system reset!\n");
++ else
++ device_printf(sc->sc_dev, "Engine enabled "
++ "successfully!\n");
++ }
++#endif
++
++report:
++ WRITE_REG_0(sc, HIFN_0_PUCNFG, ramcfg);
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, dmacfg);
++
++ switch (encl) {
++ case HIFN_PUSTAT_ENA_1:
++ case HIFN_PUSTAT_ENA_2:
++ break;
++ case HIFN_PUSTAT_ENA_0:
++ default:
++ device_printf(sc->sc_dev, "disabled\n");
++ break;
++ }
++
++ return 0;
++}
++
++/*
++ * Give initial values to the registers listed in the "Register Space"
++ * section of the HIFN Software Development reference manual.
++ */
++static void
++hifn_init_pci_registers(struct hifn_softc *sc)
++{
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ /* write fixed values needed by the Initialization registers */
++ WRITE_REG_0(sc, HIFN_0_PUCTRL, HIFN_PUCTRL_DMAENA);
++ WRITE_REG_0(sc, HIFN_0_FIFOCNFG, HIFN_FIFOCNFG_THRESHOLD);
++ WRITE_REG_0(sc, HIFN_0_PUIER, HIFN_PUIER_DSTOVER);
++
++ /* write all 4 ring address registers */
++ WRITE_REG_1(sc, HIFN_1_DMA_CRAR, sc->sc_dma_physaddr +
++ offsetof(struct hifn_dma, cmdr[0]));
++ WRITE_REG_1(sc, HIFN_1_DMA_SRAR, sc->sc_dma_physaddr +
++ offsetof(struct hifn_dma, srcr[0]));
++ WRITE_REG_1(sc, HIFN_1_DMA_DRAR, sc->sc_dma_physaddr +
++ offsetof(struct hifn_dma, dstr[0]));
++ WRITE_REG_1(sc, HIFN_1_DMA_RRAR, sc->sc_dma_physaddr +
++ offsetof(struct hifn_dma, resr[0]));
++
++ DELAY(2000);
++
++ /* write status register */
++ WRITE_REG_1(sc, HIFN_1_DMA_CSR,
++ HIFN_DMACSR_D_CTRL_DIS | HIFN_DMACSR_R_CTRL_DIS |
++ HIFN_DMACSR_S_CTRL_DIS | HIFN_DMACSR_C_CTRL_DIS |
++ HIFN_DMACSR_D_ABORT | HIFN_DMACSR_D_DONE | HIFN_DMACSR_D_LAST |
++ HIFN_DMACSR_D_WAIT | HIFN_DMACSR_D_OVER |
++ HIFN_DMACSR_R_ABORT | HIFN_DMACSR_R_DONE | HIFN_DMACSR_R_LAST |
++ HIFN_DMACSR_R_WAIT | HIFN_DMACSR_R_OVER |
++ HIFN_DMACSR_S_ABORT | HIFN_DMACSR_S_DONE | HIFN_DMACSR_S_LAST |
++ HIFN_DMACSR_S_WAIT |
++ HIFN_DMACSR_C_ABORT | HIFN_DMACSR_C_DONE | HIFN_DMACSR_C_LAST |
++ HIFN_DMACSR_C_WAIT |
++ HIFN_DMACSR_ENGINE |
++ ((sc->sc_flags & HIFN_HAS_PUBLIC) ?
++ HIFN_DMACSR_PUBDONE : 0) |
++ ((sc->sc_flags & HIFN_IS_7811) ?
++ HIFN_DMACSR_ILLW | HIFN_DMACSR_ILLR : 0));
++
++ sc->sc_d_busy = sc->sc_r_busy = sc->sc_s_busy = sc->sc_c_busy = 0;
++ sc->sc_dmaier |= HIFN_DMAIER_R_DONE | HIFN_DMAIER_C_ABORT |
++ HIFN_DMAIER_D_OVER | HIFN_DMAIER_R_OVER |
++ HIFN_DMAIER_S_ABORT | HIFN_DMAIER_D_ABORT | HIFN_DMAIER_R_ABORT |
++ ((sc->sc_flags & HIFN_IS_7811) ?
++ HIFN_DMAIER_ILLW | HIFN_DMAIER_ILLR : 0);
++ sc->sc_dmaier &= ~HIFN_DMAIER_C_WAIT;
++ WRITE_REG_1(sc, HIFN_1_DMA_IER, sc->sc_dmaier);
++
++
++ if (sc->sc_flags & HIFN_IS_7956) {
++ u_int32_t pll;
++
++ WRITE_REG_0(sc, HIFN_0_PUCNFG, HIFN_PUCNFG_COMPSING |
++ HIFN_PUCNFG_TCALLPHASES |
++ HIFN_PUCNFG_TCDRVTOTEM | HIFN_PUCNFG_BUS32);
++
++ /* turn off the clocks and insure bypass is set */
++ pll = READ_REG_1(sc, HIFN_1_PLL);
++ pll = (pll &~ (HIFN_PLL_PK_CLK_SEL | HIFN_PLL_PE_CLK_SEL))
++ | HIFN_PLL_BP | HIFN_PLL_MBSET;
++ WRITE_REG_1(sc, HIFN_1_PLL, pll);
++ DELAY(10*1000); /* 10ms */
++
++ /* change configuration */
++ pll = (pll &~ HIFN_PLL_CONFIG) | sc->sc_pllconfig;
++ WRITE_REG_1(sc, HIFN_1_PLL, pll);
++ DELAY(10*1000); /* 10ms */
++
++ /* disable bypass */
++ pll &= ~HIFN_PLL_BP;
++ WRITE_REG_1(sc, HIFN_1_PLL, pll);
++ /* enable clocks with new configuration */
++ pll |= HIFN_PLL_PK_CLK_SEL | HIFN_PLL_PE_CLK_SEL;
++ WRITE_REG_1(sc, HIFN_1_PLL, pll);
++ } else {
++ WRITE_REG_0(sc, HIFN_0_PUCNFG, HIFN_PUCNFG_COMPSING |
++ HIFN_PUCNFG_DRFR_128 | HIFN_PUCNFG_TCALLPHASES |
++ HIFN_PUCNFG_TCDRVTOTEM | HIFN_PUCNFG_BUS32 |
++ (sc->sc_drammodel ? HIFN_PUCNFG_DRAM : HIFN_PUCNFG_SRAM));
++ }
++
++ WRITE_REG_0(sc, HIFN_0_PUISR, HIFN_PUISR_DSTOVER);
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_MSTRESET |
++ HIFN_DMACNFG_DMARESET | HIFN_DMACNFG_MODE | HIFN_DMACNFG_LAST |
++ ((HIFN_POLL_FREQUENCY << 16 ) & HIFN_DMACNFG_POLLFREQ) |
++ ((HIFN_POLL_SCALAR << 8) & HIFN_DMACNFG_POLLINVAL));
++}
++
++/*
++ * The maximum number of sessions supported by the card
++ * is dependent on the amount of context ram, which
++ * encryption algorithms are enabled, and how compression
++ * is configured. This should be configured before this
++ * routine is called.
++ */
++static void
++hifn_sessions(struct hifn_softc *sc)
++{
++ u_int32_t pucnfg;
++ int ctxsize;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ pucnfg = READ_REG_0(sc, HIFN_0_PUCNFG);
++
++ if (pucnfg & HIFN_PUCNFG_COMPSING) {
++ if (pucnfg & HIFN_PUCNFG_ENCCNFG)
++ ctxsize = 128;
++ else
++ ctxsize = 512;
++ /*
++ * 7955/7956 has internal context memory of 32K
++ */
++ if (sc->sc_flags & HIFN_IS_7956)
++ sc->sc_maxses = 32768 / ctxsize;
++ else
++ sc->sc_maxses = 1 +
++ ((sc->sc_ramsize - 32768) / ctxsize);
++ } else
++ sc->sc_maxses = sc->sc_ramsize / 16384;
++
++ if (sc->sc_maxses > 2048)
++ sc->sc_maxses = 2048;
++}
++
++/*
++ * Determine ram type (sram or dram). Board should be just out of a reset
++ * state when this is called.
++ */
++static int
++hifn_ramtype(struct hifn_softc *sc)
++{
++ u_int8_t data[8], dataexpect[8];
++ int i;
++
++ for (i = 0; i < sizeof(data); i++)
++ data[i] = dataexpect[i] = 0x55;
++ if (hifn_writeramaddr(sc, 0, data))
++ return (-1);
++ if (hifn_readramaddr(sc, 0, data))
++ return (-1);
++ if (bcmp(data, dataexpect, sizeof(data)) != 0) {
++ sc->sc_drammodel = 1;
++ return (0);
++ }
++
++ for (i = 0; i < sizeof(data); i++)
++ data[i] = dataexpect[i] = 0xaa;
++ if (hifn_writeramaddr(sc, 0, data))
++ return (-1);
++ if (hifn_readramaddr(sc, 0, data))
++ return (-1);
++ if (bcmp(data, dataexpect, sizeof(data)) != 0) {
++ sc->sc_drammodel = 1;
++ return (0);
++ }
++
++ return (0);
++}
++
++#define HIFN_SRAM_MAX (32 << 20)
++#define HIFN_SRAM_STEP_SIZE 16384
++#define HIFN_SRAM_GRANULARITY (HIFN_SRAM_MAX / HIFN_SRAM_STEP_SIZE)
++
++static int
++hifn_sramsize(struct hifn_softc *sc)
++{
++ u_int32_t a;
++ u_int8_t data[8];
++ u_int8_t dataexpect[sizeof(data)];
++ int32_t i;
++
++ for (i = 0; i < sizeof(data); i++)
++ data[i] = dataexpect[i] = i ^ 0x5a;
++
++ for (i = HIFN_SRAM_GRANULARITY - 1; i >= 0; i--) {
++ a = i * HIFN_SRAM_STEP_SIZE;
++ bcopy(&i, data, sizeof(i));
++ hifn_writeramaddr(sc, a, data);
++ }
++
++ for (i = 0; i < HIFN_SRAM_GRANULARITY; i++) {
++ a = i * HIFN_SRAM_STEP_SIZE;
++ bcopy(&i, dataexpect, sizeof(i));
++ if (hifn_readramaddr(sc, a, data) < 0)
++ return (0);
++ if (bcmp(data, dataexpect, sizeof(data)) != 0)
++ return (0);
++ sc->sc_ramsize = a + HIFN_SRAM_STEP_SIZE;
++ }
++
++ return (0);
++}
++
++/*
++ * XXX For dram boards, one should really try all of the
++ * HIFN_PUCNFG_DSZ_*'s. This just assumes that PUCNFG
++ * is already set up correctly.
++ */
++static int
++hifn_dramsize(struct hifn_softc *sc)
++{
++ u_int32_t cnfg;
++
++ if (sc->sc_flags & HIFN_IS_7956) {
++ /*
++ * 7955/7956 have a fixed internal ram of only 32K.
++ */
++ sc->sc_ramsize = 32768;
++ } else {
++ cnfg = READ_REG_0(sc, HIFN_0_PUCNFG) &
++ HIFN_PUCNFG_DRAMMASK;
++ sc->sc_ramsize = 1 << ((cnfg >> 13) + 18);
++ }
++ return (0);
++}
++
++static void
++hifn_alloc_slot(struct hifn_softc *sc, int *cmdp, int *srcp, int *dstp, int *resp)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ if (dma->cmdi == HIFN_D_CMD_RSIZE) {
++ dma->cmdi = 0;
++ dma->cmdr[HIFN_D_CMD_RSIZE].l = htole32(HIFN_D_JUMP|HIFN_D_MASKDONEIRQ);
++ wmb();
++ dma->cmdr[HIFN_D_CMD_RSIZE].l |= htole32(HIFN_D_VALID);
++ HIFN_CMDR_SYNC(sc, HIFN_D_CMD_RSIZE,
++ BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
++ }
++ *cmdp = dma->cmdi++;
++ dma->cmdk = dma->cmdi;
++
++ if (dma->srci == HIFN_D_SRC_RSIZE) {
++ dma->srci = 0;
++ dma->srcr[HIFN_D_SRC_RSIZE].l = htole32(HIFN_D_JUMP|HIFN_D_MASKDONEIRQ);
++ wmb();
++ dma->srcr[HIFN_D_SRC_RSIZE].l |= htole32(HIFN_D_VALID);
++ HIFN_SRCR_SYNC(sc, HIFN_D_SRC_RSIZE,
++ BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
++ }
++ *srcp = dma->srci++;
++ dma->srck = dma->srci;
++
++ if (dma->dsti == HIFN_D_DST_RSIZE) {
++ dma->dsti = 0;
++ dma->dstr[HIFN_D_DST_RSIZE].l = htole32(HIFN_D_JUMP|HIFN_D_MASKDONEIRQ);
++ wmb();
++ dma->dstr[HIFN_D_DST_RSIZE].l |= htole32(HIFN_D_VALID);
++ HIFN_DSTR_SYNC(sc, HIFN_D_DST_RSIZE,
++ BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
++ }
++ *dstp = dma->dsti++;
++ dma->dstk = dma->dsti;
++
++ if (dma->resi == HIFN_D_RES_RSIZE) {
++ dma->resi = 0;
++ dma->resr[HIFN_D_RES_RSIZE].l = htole32(HIFN_D_JUMP|HIFN_D_MASKDONEIRQ);
++ wmb();
++ dma->resr[HIFN_D_RES_RSIZE].l |= htole32(HIFN_D_VALID);
++ HIFN_RESR_SYNC(sc, HIFN_D_RES_RSIZE,
++ BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
++ }
++ *resp = dma->resi++;
++ dma->resk = dma->resi;
++}
++
++static int
++hifn_writeramaddr(struct hifn_softc *sc, int addr, u_int8_t *data)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++ hifn_base_command_t wc;
++ const u_int32_t masks = HIFN_D_VALID | HIFN_D_LAST | HIFN_D_MASKDONEIRQ;
++ int r, cmdi, resi, srci, dsti;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ wc.masks = htole16(3 << 13);
++ wc.session_num = htole16(addr >> 14);
++ wc.total_source_count = htole16(8);
++ wc.total_dest_count = htole16(addr & 0x3fff);
++
++ hifn_alloc_slot(sc, &cmdi, &srci, &dsti, &resi);
++
++ WRITE_REG_1(sc, HIFN_1_DMA_CSR,
++ HIFN_DMACSR_C_CTRL_ENA | HIFN_DMACSR_S_CTRL_ENA |
++ HIFN_DMACSR_D_CTRL_ENA | HIFN_DMACSR_R_CTRL_ENA);
++
++ /* build write command */
++ bzero(dma->command_bufs[cmdi], HIFN_MAX_COMMAND);
++ *(hifn_base_command_t *)dma->command_bufs[cmdi] = wc;
++ bcopy(data, &dma->test_src, sizeof(dma->test_src));
++
++ dma->srcr[srci].p = htole32(sc->sc_dma_physaddr
++ + offsetof(struct hifn_dma, test_src));
++ dma->dstr[dsti].p = htole32(sc->sc_dma_physaddr
++ + offsetof(struct hifn_dma, test_dst));
++
++ dma->cmdr[cmdi].l = htole32(16 | masks);
++ dma->srcr[srci].l = htole32(8 | masks);
++ dma->dstr[dsti].l = htole32(4 | masks);
++ dma->resr[resi].l = htole32(4 | masks);
++
++ for (r = 10000; r >= 0; r--) {
++ DELAY(10);
++ if ((dma->resr[resi].l & htole32(HIFN_D_VALID)) == 0)
++ break;
++ }
++ if (r == 0) {
++ device_printf(sc->sc_dev, "writeramaddr -- "
++ "result[%d](addr %d) still valid\n", resi, addr);
++ r = -1;
++ return (-1);
++ } else
++ r = 0;
++
++ WRITE_REG_1(sc, HIFN_1_DMA_CSR,
++ HIFN_DMACSR_C_CTRL_DIS | HIFN_DMACSR_S_CTRL_DIS |
++ HIFN_DMACSR_D_CTRL_DIS | HIFN_DMACSR_R_CTRL_DIS);
++
++ return (r);
++}
++
++static int
++hifn_readramaddr(struct hifn_softc *sc, int addr, u_int8_t *data)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++ hifn_base_command_t rc;
++ const u_int32_t masks = HIFN_D_VALID | HIFN_D_LAST | HIFN_D_MASKDONEIRQ;
++ int r, cmdi, srci, dsti, resi;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ rc.masks = htole16(2 << 13);
++ rc.session_num = htole16(addr >> 14);
++ rc.total_source_count = htole16(addr & 0x3fff);
++ rc.total_dest_count = htole16(8);
++
++ hifn_alloc_slot(sc, &cmdi, &srci, &dsti, &resi);
++
++ WRITE_REG_1(sc, HIFN_1_DMA_CSR,
++ HIFN_DMACSR_C_CTRL_ENA | HIFN_DMACSR_S_CTRL_ENA |
++ HIFN_DMACSR_D_CTRL_ENA | HIFN_DMACSR_R_CTRL_ENA);
++
++ bzero(dma->command_bufs[cmdi], HIFN_MAX_COMMAND);
++ *(hifn_base_command_t *)dma->command_bufs[cmdi] = rc;
++
++ dma->srcr[srci].p = htole32(sc->sc_dma_physaddr +
++ offsetof(struct hifn_dma, test_src));
++ dma->test_src = 0;
++ dma->dstr[dsti].p = htole32(sc->sc_dma_physaddr +
++ offsetof(struct hifn_dma, test_dst));
++ dma->test_dst = 0;
++ dma->cmdr[cmdi].l = htole32(8 | masks);
++ dma->srcr[srci].l = htole32(8 | masks);
++ dma->dstr[dsti].l = htole32(8 | masks);
++ dma->resr[resi].l = htole32(HIFN_MAX_RESULT | masks);
++
++ for (r = 10000; r >= 0; r--) {
++ DELAY(10);
++ if ((dma->resr[resi].l & htole32(HIFN_D_VALID)) == 0)
++ break;
++ }
++ if (r == 0) {
++ device_printf(sc->sc_dev, "readramaddr -- "
++ "result[%d](addr %d) still valid\n", resi, addr);
++ r = -1;
++ } else {
++ r = 0;
++ bcopy(&dma->test_dst, data, sizeof(dma->test_dst));
++ }
++
++ WRITE_REG_1(sc, HIFN_1_DMA_CSR,
++ HIFN_DMACSR_C_CTRL_DIS | HIFN_DMACSR_S_CTRL_DIS |
++ HIFN_DMACSR_D_CTRL_DIS | HIFN_DMACSR_R_CTRL_DIS);
++
++ return (r);
++}
++
++/*
++ * Initialize the descriptor rings.
++ */
++static void
++hifn_init_dma(struct hifn_softc *sc)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++ int i;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ hifn_set_retry(sc);
++
++ /* initialize static pointer values */
++ for (i = 0; i < HIFN_D_CMD_RSIZE; i++)
++ dma->cmdr[i].p = htole32(sc->sc_dma_physaddr +
++ offsetof(struct hifn_dma, command_bufs[i][0]));
++ for (i = 0; i < HIFN_D_RES_RSIZE; i++)
++ dma->resr[i].p = htole32(sc->sc_dma_physaddr +
++ offsetof(struct hifn_dma, result_bufs[i][0]));
++
++ dma->cmdr[HIFN_D_CMD_RSIZE].p =
++ htole32(sc->sc_dma_physaddr + offsetof(struct hifn_dma, cmdr[0]));
++ dma->srcr[HIFN_D_SRC_RSIZE].p =
++ htole32(sc->sc_dma_physaddr + offsetof(struct hifn_dma, srcr[0]));
++ dma->dstr[HIFN_D_DST_RSIZE].p =
++ htole32(sc->sc_dma_physaddr + offsetof(struct hifn_dma, dstr[0]));
++ dma->resr[HIFN_D_RES_RSIZE].p =
++ htole32(sc->sc_dma_physaddr + offsetof(struct hifn_dma, resr[0]));
++
++ dma->cmdu = dma->srcu = dma->dstu = dma->resu = 0;
++ dma->cmdi = dma->srci = dma->dsti = dma->resi = 0;
++ dma->cmdk = dma->srck = dma->dstk = dma->resk = 0;
++}
++
++/*
++ * Writes out the raw command buffer space. Returns the
++ * command buffer size.
++ */
++static u_int
++hifn_write_command(struct hifn_command *cmd, u_int8_t *buf)
++{
++ struct hifn_softc *sc = NULL;
++ u_int8_t *buf_pos;
++ hifn_base_command_t *base_cmd;
++ hifn_mac_command_t *mac_cmd;
++ hifn_crypt_command_t *cry_cmd;
++ int using_mac, using_crypt, len, ivlen;
++ u_int32_t dlen, slen;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ buf_pos = buf;
++ using_mac = cmd->base_masks & HIFN_BASE_CMD_MAC;
++ using_crypt = cmd->base_masks & HIFN_BASE_CMD_CRYPT;
++
++ base_cmd = (hifn_base_command_t *)buf_pos;
++ base_cmd->masks = htole16(cmd->base_masks);
++ slen = cmd->src_mapsize;
++ if (cmd->sloplen)
++ dlen = cmd->dst_mapsize - cmd->sloplen + sizeof(u_int32_t);
++ else
++ dlen = cmd->dst_mapsize;
++ base_cmd->total_source_count = htole16(slen & HIFN_BASE_CMD_LENMASK_LO);
++ base_cmd->total_dest_count = htole16(dlen & HIFN_BASE_CMD_LENMASK_LO);
++ dlen >>= 16;
++ slen >>= 16;
++ base_cmd->session_num = htole16(
++ ((slen << HIFN_BASE_CMD_SRCLEN_S) & HIFN_BASE_CMD_SRCLEN_M) |
++ ((dlen << HIFN_BASE_CMD_DSTLEN_S) & HIFN_BASE_CMD_DSTLEN_M));
++ buf_pos += sizeof(hifn_base_command_t);
++
++ if (using_mac) {
++ mac_cmd = (hifn_mac_command_t *)buf_pos;
++ dlen = cmd->maccrd->crd_len;
++ mac_cmd->source_count = htole16(dlen & 0xffff);
++ dlen >>= 16;
++ mac_cmd->masks = htole16(cmd->mac_masks |
++ ((dlen << HIFN_MAC_CMD_SRCLEN_S) & HIFN_MAC_CMD_SRCLEN_M));
++ mac_cmd->header_skip = htole16(cmd->maccrd->crd_skip);
++ mac_cmd->reserved = 0;
++ buf_pos += sizeof(hifn_mac_command_t);
++ }
++
++ if (using_crypt) {
++ cry_cmd = (hifn_crypt_command_t *)buf_pos;
++ dlen = cmd->enccrd->crd_len;
++ cry_cmd->source_count = htole16(dlen & 0xffff);
++ dlen >>= 16;
++ cry_cmd->masks = htole16(cmd->cry_masks |
++ ((dlen << HIFN_CRYPT_CMD_SRCLEN_S) & HIFN_CRYPT_CMD_SRCLEN_M));
++ cry_cmd->header_skip = htole16(cmd->enccrd->crd_skip);
++ cry_cmd->reserved = 0;
++ buf_pos += sizeof(hifn_crypt_command_t);
++ }
++
++ if (using_mac && cmd->mac_masks & HIFN_MAC_CMD_NEW_KEY) {
++ bcopy(cmd->mac, buf_pos, HIFN_MAC_KEY_LENGTH);
++ buf_pos += HIFN_MAC_KEY_LENGTH;
++ }
++
++ if (using_crypt && cmd->cry_masks & HIFN_CRYPT_CMD_NEW_KEY) {
++ switch (cmd->cry_masks & HIFN_CRYPT_CMD_ALG_MASK) {
++ case HIFN_CRYPT_CMD_ALG_3DES:
++ bcopy(cmd->ck, buf_pos, HIFN_3DES_KEY_LENGTH);
++ buf_pos += HIFN_3DES_KEY_LENGTH;
++ break;
++ case HIFN_CRYPT_CMD_ALG_DES:
++ bcopy(cmd->ck, buf_pos, HIFN_DES_KEY_LENGTH);
++ buf_pos += HIFN_DES_KEY_LENGTH;
++ break;
++ case HIFN_CRYPT_CMD_ALG_RC4:
++ len = 256;
++ do {
++ int clen;
++
++ clen = MIN(cmd->cklen, len);
++ bcopy(cmd->ck, buf_pos, clen);
++ len -= clen;
++ buf_pos += clen;
++ } while (len > 0);
++ bzero(buf_pos, 4);
++ buf_pos += 4;
++ break;
++ case HIFN_CRYPT_CMD_ALG_AES:
++ /*
++ * AES keys are variable 128, 192 and
++ * 256 bits (16, 24 and 32 bytes).
++ */
++ bcopy(cmd->ck, buf_pos, cmd->cklen);
++ buf_pos += cmd->cklen;
++ break;
++ }
++ }
++
++ if (using_crypt && cmd->cry_masks & HIFN_CRYPT_CMD_NEW_IV) {
++ switch (cmd->cry_masks & HIFN_CRYPT_CMD_ALG_MASK) {
++ case HIFN_CRYPT_CMD_ALG_AES:
++ ivlen = HIFN_AES_IV_LENGTH;
++ break;
++ default:
++ ivlen = HIFN_IV_LENGTH;
++ break;
++ }
++ bcopy(cmd->iv, buf_pos, ivlen);
++ buf_pos += ivlen;
++ }
++
++ if ((cmd->base_masks & (HIFN_BASE_CMD_MAC|HIFN_BASE_CMD_CRYPT)) == 0) {
++ bzero(buf_pos, 8);
++ buf_pos += 8;
++ }
++
++ return (buf_pos - buf);
++}
++
++static int
++hifn_dmamap_aligned(struct hifn_operand *op)
++{
++ struct hifn_softc *sc = NULL;
++ int i;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ for (i = 0; i < op->nsegs; i++) {
++ if (op->segs[i].ds_addr & 3)
++ return (0);
++ if ((i != (op->nsegs - 1)) && (op->segs[i].ds_len & 3))
++ return (0);
++ }
++ return (1);
++}
++
++static __inline int
++hifn_dmamap_dstwrap(struct hifn_softc *sc, int idx)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++
++ if (++idx == HIFN_D_DST_RSIZE) {
++ dma->dstr[idx].l = htole32(HIFN_D_VALID | HIFN_D_JUMP |
++ HIFN_D_MASKDONEIRQ);
++ HIFN_DSTR_SYNC(sc, idx,
++ BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++ idx = 0;
++ }
++ return (idx);
++}
++
++static int
++hifn_dmamap_load_dst(struct hifn_softc *sc, struct hifn_command *cmd)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++ struct hifn_operand *dst = &cmd->dst;
++ u_int32_t p, l;
++ int idx, used = 0, i;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ idx = dma->dsti;
++ for (i = 0; i < dst->nsegs - 1; i++) {
++ dma->dstr[idx].p = htole32(dst->segs[i].ds_addr);
++ dma->dstr[idx].l = htole32(HIFN_D_MASKDONEIRQ | dst->segs[i].ds_len);
++ wmb();
++ dma->dstr[idx].l |= htole32(HIFN_D_VALID);
++ HIFN_DSTR_SYNC(sc, idx,
++ BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++ used++;
++
++ idx = hifn_dmamap_dstwrap(sc, idx);
++ }
++
++ if (cmd->sloplen == 0) {
++ p = dst->segs[i].ds_addr;
++ l = HIFN_D_MASKDONEIRQ | HIFN_D_LAST |
++ dst->segs[i].ds_len;
++ } else {
++ p = sc->sc_dma_physaddr +
++ offsetof(struct hifn_dma, slop[cmd->slopidx]);
++ l = HIFN_D_MASKDONEIRQ | HIFN_D_LAST |
++ sizeof(u_int32_t);
++
++ if ((dst->segs[i].ds_len - cmd->sloplen) != 0) {
++ dma->dstr[idx].p = htole32(dst->segs[i].ds_addr);
++ dma->dstr[idx].l = htole32(HIFN_D_MASKDONEIRQ |
++ (dst->segs[i].ds_len - cmd->sloplen));
++ wmb();
++ dma->dstr[idx].l |= htole32(HIFN_D_VALID);
++ HIFN_DSTR_SYNC(sc, idx,
++ BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++ used++;
++
++ idx = hifn_dmamap_dstwrap(sc, idx);
++ }
++ }
++ dma->dstr[idx].p = htole32(p);
++ dma->dstr[idx].l = htole32(l);
++ wmb();
++ dma->dstr[idx].l |= htole32(HIFN_D_VALID);
++ HIFN_DSTR_SYNC(sc, idx, BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++ used++;
++
++ idx = hifn_dmamap_dstwrap(sc, idx);
++
++ dma->dsti = idx;
++ dma->dstu += used;
++ return (idx);
++}
++
++static __inline int
++hifn_dmamap_srcwrap(struct hifn_softc *sc, int idx)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++
++ if (++idx == HIFN_D_SRC_RSIZE) {
++ dma->srcr[idx].l = htole32(HIFN_D_VALID |
++ HIFN_D_JUMP | HIFN_D_MASKDONEIRQ);
++ HIFN_SRCR_SYNC(sc, HIFN_D_SRC_RSIZE,
++ BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
++ idx = 0;
++ }
++ return (idx);
++}
++
++static int
++hifn_dmamap_load_src(struct hifn_softc *sc, struct hifn_command *cmd)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++ struct hifn_operand *src = &cmd->src;
++ int idx, i;
++ u_int32_t last = 0;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ idx = dma->srci;
++ for (i = 0; i < src->nsegs; i++) {
++ if (i == src->nsegs - 1)
++ last = HIFN_D_LAST;
++
++ dma->srcr[idx].p = htole32(src->segs[i].ds_addr);
++ dma->srcr[idx].l = htole32(src->segs[i].ds_len |
++ HIFN_D_MASKDONEIRQ | last);
++ wmb();
++ dma->srcr[idx].l |= htole32(HIFN_D_VALID);
++ HIFN_SRCR_SYNC(sc, idx,
++ BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
++
++ idx = hifn_dmamap_srcwrap(sc, idx);
++ }
++ dma->srci = idx;
++ dma->srcu += src->nsegs;
++ return (idx);
++}
++
++
++static int
++hifn_crypto(
++ struct hifn_softc *sc,
++ struct hifn_command *cmd,
++ struct cryptop *crp,
++ int hint)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++ u_int32_t cmdlen, csr;
++ int cmdi, resi, err = 0;
++ unsigned long l_flags;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ /*
++ * need 1 cmd, and 1 res
++ *
++ * NB: check this first since it's easy.
++ */
++ HIFN_LOCK(sc);
++ if ((dma->cmdu + 1) > HIFN_D_CMD_RSIZE ||
++ (dma->resu + 1) > HIFN_D_RES_RSIZE) {
++#ifdef HIFN_DEBUG
++ if (hifn_debug) {
++ device_printf(sc->sc_dev,
++ "cmd/result exhaustion, cmdu %u resu %u\n",
++ dma->cmdu, dma->resu);
++ }
++#endif
++ hifnstats.hst_nomem_cr++;
++ sc->sc_needwakeup |= CRYPTO_SYMQ;
++ HIFN_UNLOCK(sc);
++ return (ERESTART);
++ }
++
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ if (pci_map_skb(sc, &cmd->src, cmd->src_skb)) {
++ hifnstats.hst_nomem_load++;
++ err = ENOMEM;
++ goto err_srcmap1;
++ }
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ if (pci_map_uio(sc, &cmd->src, cmd->src_io)) {
++ hifnstats.hst_nomem_load++;
++ err = ENOMEM;
++ goto err_srcmap1;
++ }
++ } else {
++ if (pci_map_buf(sc, &cmd->src, cmd->src_buf, crp->crp_ilen)) {
++ hifnstats.hst_nomem_load++;
++ err = ENOMEM;
++ goto err_srcmap1;
++ }
++ }
++
++ if (hifn_dmamap_aligned(&cmd->src)) {
++ cmd->sloplen = cmd->src_mapsize & 3;
++ cmd->dst = cmd->src;
++ } else {
++ if (crp->crp_flags & CRYPTO_F_IOV) {
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ err = EINVAL;
++ goto err_srcmap;
++ } else if (crp->crp_flags & CRYPTO_F_SKBUF) {
++#ifdef NOTYET
++ int totlen, len;
++ struct mbuf *m, *m0, *mlast;
++
++ KASSERT(cmd->dst_m == cmd->src_m,
++ ("hifn_crypto: dst_m initialized improperly"));
++ hifnstats.hst_unaligned++;
++ /*
++ * Source is not aligned on a longword boundary.
++ * Copy the data to insure alignment. If we fail
++ * to allocate mbufs or clusters while doing this
++ * we return ERESTART so the operation is requeued
++ * at the crypto later, but only if there are
++ * ops already posted to the hardware; otherwise we
++ * have no guarantee that we'll be re-entered.
++ */
++ totlen = cmd->src_mapsize;
++ if (cmd->src_m->m_flags & M_PKTHDR) {
++ len = MHLEN;
++ MGETHDR(m0, M_DONTWAIT, MT_DATA);
++ if (m0 && !m_dup_pkthdr(m0, cmd->src_m, M_DONTWAIT)) {
++ m_free(m0);
++ m0 = NULL;
++ }
++ } else {
++ len = MLEN;
++ MGET(m0, M_DONTWAIT, MT_DATA);
++ }
++ if (m0 == NULL) {
++ hifnstats.hst_nomem_mbuf++;
++ err = dma->cmdu ? ERESTART : ENOMEM;
++ goto err_srcmap;
++ }
++ if (totlen >= MINCLSIZE) {
++ MCLGET(m0, M_DONTWAIT);
++ if ((m0->m_flags & M_EXT) == 0) {
++ hifnstats.hst_nomem_mcl++;
++ err = dma->cmdu ? ERESTART : ENOMEM;
++ m_freem(m0);
++ goto err_srcmap;
++ }
++ len = MCLBYTES;
++ }
++ totlen -= len;
++ m0->m_pkthdr.len = m0->m_len = len;
++ mlast = m0;
++
++ while (totlen > 0) {
++ MGET(m, M_DONTWAIT, MT_DATA);
++ if (m == NULL) {
++ hifnstats.hst_nomem_mbuf++;
++ err = dma->cmdu ? ERESTART : ENOMEM;
++ m_freem(m0);
++ goto err_srcmap;
++ }
++ len = MLEN;
++ if (totlen >= MINCLSIZE) {
++ MCLGET(m, M_DONTWAIT);
++ if ((m->m_flags & M_EXT) == 0) {
++ hifnstats.hst_nomem_mcl++;
++ err = dma->cmdu ? ERESTART : ENOMEM;
++ mlast->m_next = m;
++ m_freem(m0);
++ goto err_srcmap;
++ }
++ len = MCLBYTES;
++ }
++
++ m->m_len = len;
++ m0->m_pkthdr.len += len;
++ totlen -= len;
++
++ mlast->m_next = m;
++ mlast = m;
++ }
++ cmd->dst_m = m0;
++#else
++ device_printf(sc->sc_dev,
++ "%s,%d: CRYPTO_F_SKBUF unaligned not implemented\n",
++ __FILE__, __LINE__);
++ err = EINVAL;
++ goto err_srcmap;
++#endif
++ } else {
++ device_printf(sc->sc_dev,
++ "%s,%d: unaligned contig buffers not implemented\n",
++ __FILE__, __LINE__);
++ err = EINVAL;
++ goto err_srcmap;
++ }
++ }
++
++ if (cmd->dst_map == NULL) {
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ if (pci_map_skb(sc, &cmd->dst, cmd->dst_skb)) {
++ hifnstats.hst_nomem_map++;
++ err = ENOMEM;
++ goto err_dstmap1;
++ }
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ if (pci_map_uio(sc, &cmd->dst, cmd->dst_io)) {
++ hifnstats.hst_nomem_load++;
++ err = ENOMEM;
++ goto err_dstmap1;
++ }
++ } else {
++ if (pci_map_buf(sc, &cmd->dst, cmd->dst_buf, crp->crp_ilen)) {
++ hifnstats.hst_nomem_load++;
++ err = ENOMEM;
++ goto err_dstmap1;
++ }
++ }
++ }
++
++#ifdef HIFN_DEBUG
++ if (hifn_debug) {
++ device_printf(sc->sc_dev,
++ "Entering cmd: stat %8x ien %8x u %d/%d/%d/%d n %d/%d\n",
++ READ_REG_1(sc, HIFN_1_DMA_CSR),
++ READ_REG_1(sc, HIFN_1_DMA_IER),
++ dma->cmdu, dma->srcu, dma->dstu, dma->resu,
++ cmd->src_nsegs, cmd->dst_nsegs);
++ }
++#endif
++
++#if 0
++ if (cmd->src_map == cmd->dst_map) {
++ bus_dmamap_sync(sc->sc_dmat, cmd->src_map,
++ BUS_DMASYNC_PREWRITE|BUS_DMASYNC_PREREAD);
++ } else {
++ bus_dmamap_sync(sc->sc_dmat, cmd->src_map,
++ BUS_DMASYNC_PREWRITE);
++ bus_dmamap_sync(sc->sc_dmat, cmd->dst_map,
++ BUS_DMASYNC_PREREAD);
++ }
++#endif
++
++ /*
++ * need N src, and N dst
++ */
++ if ((dma->srcu + cmd->src_nsegs) > HIFN_D_SRC_RSIZE ||
++ (dma->dstu + cmd->dst_nsegs + 1) > HIFN_D_DST_RSIZE) {
++#ifdef HIFN_DEBUG
++ if (hifn_debug) {
++ device_printf(sc->sc_dev,
++ "src/dst exhaustion, srcu %u+%u dstu %u+%u\n",
++ dma->srcu, cmd->src_nsegs,
++ dma->dstu, cmd->dst_nsegs);
++ }
++#endif
++ hifnstats.hst_nomem_sd++;
++ err = ERESTART;
++ goto err_dstmap;
++ }
++
++ if (dma->cmdi == HIFN_D_CMD_RSIZE) {
++ dma->cmdi = 0;
++ dma->cmdr[HIFN_D_CMD_RSIZE].l = htole32(HIFN_D_JUMP|HIFN_D_MASKDONEIRQ);
++ wmb();
++ dma->cmdr[HIFN_D_CMD_RSIZE].l |= htole32(HIFN_D_VALID);
++ HIFN_CMDR_SYNC(sc, HIFN_D_CMD_RSIZE,
++ BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
++ }
++ cmdi = dma->cmdi++;
++ cmdlen = hifn_write_command(cmd, dma->command_bufs[cmdi]);
++ HIFN_CMD_SYNC(sc, cmdi, BUS_DMASYNC_PREWRITE);
++
++ /* .p for command/result already set */
++ dma->cmdr[cmdi].l = htole32(cmdlen | HIFN_D_LAST |
++ HIFN_D_MASKDONEIRQ);
++ wmb();
++ dma->cmdr[cmdi].l |= htole32(HIFN_D_VALID);
++ HIFN_CMDR_SYNC(sc, cmdi,
++ BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
++ dma->cmdu++;
++
++ /*
++ * We don't worry about missing an interrupt (which a "command wait"
++ * interrupt salvages us from), unless there is more than one command
++ * in the queue.
++ */
++ if (dma->cmdu > 1) {
++ sc->sc_dmaier |= HIFN_DMAIER_C_WAIT;
++ WRITE_REG_1(sc, HIFN_1_DMA_IER, sc->sc_dmaier);
++ }
++
++ hifnstats.hst_ipackets++;
++ hifnstats.hst_ibytes += cmd->src_mapsize;
++
++ hifn_dmamap_load_src(sc, cmd);
++
++ /*
++ * Unlike other descriptors, we don't mask done interrupt from
++ * result descriptor.
++ */
++#ifdef HIFN_DEBUG
++ if (hifn_debug)
++ device_printf(sc->sc_dev, "load res\n");
++#endif
++ if (dma->resi == HIFN_D_RES_RSIZE) {
++ dma->resi = 0;
++ dma->resr[HIFN_D_RES_RSIZE].l = htole32(HIFN_D_JUMP|HIFN_D_MASKDONEIRQ);
++ wmb();
++ dma->resr[HIFN_D_RES_RSIZE].l |= htole32(HIFN_D_VALID);
++ HIFN_RESR_SYNC(sc, HIFN_D_RES_RSIZE,
++ BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++ }
++ resi = dma->resi++;
++ KASSERT(dma->hifn_commands[resi] == NULL,
++ ("hifn_crypto: command slot %u busy", resi));
++ dma->hifn_commands[resi] = cmd;
++ HIFN_RES_SYNC(sc, resi, BUS_DMASYNC_PREREAD);
++ if ((hint & CRYPTO_HINT_MORE) && sc->sc_curbatch < hifn_maxbatch) {
++ dma->resr[resi].l = htole32(HIFN_MAX_RESULT |
++ HIFN_D_LAST | HIFN_D_MASKDONEIRQ);
++ wmb();
++ dma->resr[resi].l |= htole32(HIFN_D_VALID);
++ sc->sc_curbatch++;
++ if (sc->sc_curbatch > hifnstats.hst_maxbatch)
++ hifnstats.hst_maxbatch = sc->sc_curbatch;
++ hifnstats.hst_totbatch++;
++ } else {
++ dma->resr[resi].l = htole32(HIFN_MAX_RESULT | HIFN_D_LAST);
++ wmb();
++ dma->resr[resi].l |= htole32(HIFN_D_VALID);
++ sc->sc_curbatch = 0;
++ }
++ HIFN_RESR_SYNC(sc, resi,
++ BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++ dma->resu++;
++
++ if (cmd->sloplen)
++ cmd->slopidx = resi;
++
++ hifn_dmamap_load_dst(sc, cmd);
++
++ csr = 0;
++ if (sc->sc_c_busy == 0) {
++ csr |= HIFN_DMACSR_C_CTRL_ENA;
++ sc->sc_c_busy = 1;
++ }
++ if (sc->sc_s_busy == 0) {
++ csr |= HIFN_DMACSR_S_CTRL_ENA;
++ sc->sc_s_busy = 1;
++ }
++ if (sc->sc_r_busy == 0) {
++ csr |= HIFN_DMACSR_R_CTRL_ENA;
++ sc->sc_r_busy = 1;
++ }
++ if (sc->sc_d_busy == 0) {
++ csr |= HIFN_DMACSR_D_CTRL_ENA;
++ sc->sc_d_busy = 1;
++ }
++ if (csr)
++ WRITE_REG_1(sc, HIFN_1_DMA_CSR, csr);
++
++#ifdef HIFN_DEBUG
++ if (hifn_debug) {
++ device_printf(sc->sc_dev, "command: stat %8x ier %8x\n",
++ READ_REG_1(sc, HIFN_1_DMA_CSR),
++ READ_REG_1(sc, HIFN_1_DMA_IER));
++ }
++#endif
++
++ sc->sc_active = 5;
++ HIFN_UNLOCK(sc);
++ KASSERT(err == 0, ("hifn_crypto: success with error %u", err));
++ return (err); /* success */
++
++err_dstmap:
++ if (cmd->src_map != cmd->dst_map)
++ pci_unmap_buf(sc, &cmd->dst);
++err_dstmap1:
++err_srcmap:
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ if (cmd->src_skb != cmd->dst_skb)
++#ifdef NOTYET
++ m_freem(cmd->dst_m);
++#else
++ device_printf(sc->sc_dev,
++ "%s,%d: CRYPTO_F_SKBUF src != dst not implemented\n",
++ __FILE__, __LINE__);
++#endif
++ }
++ pci_unmap_buf(sc, &cmd->src);
++err_srcmap1:
++ HIFN_UNLOCK(sc);
++ return (err);
++}
++
++static void
++hifn_tick(unsigned long arg)
++{
++ struct hifn_softc *sc;
++ unsigned long l_flags;
++
++ if (arg >= HIFN_MAX_CHIPS)
++ return;
++ sc = hifn_chip_idx[arg];
++ if (!sc)
++ return;
++
++ HIFN_LOCK(sc);
++ if (sc->sc_active == 0) {
++ struct hifn_dma *dma = sc->sc_dma;
++ u_int32_t r = 0;
++
++ if (dma->cmdu == 0 && sc->sc_c_busy) {
++ sc->sc_c_busy = 0;
++ r |= HIFN_DMACSR_C_CTRL_DIS;
++ }
++ if (dma->srcu == 0 && sc->sc_s_busy) {
++ sc->sc_s_busy = 0;
++ r |= HIFN_DMACSR_S_CTRL_DIS;
++ }
++ if (dma->dstu == 0 && sc->sc_d_busy) {
++ sc->sc_d_busy = 0;
++ r |= HIFN_DMACSR_D_CTRL_DIS;
++ }
++ if (dma->resu == 0 && sc->sc_r_busy) {
++ sc->sc_r_busy = 0;
++ r |= HIFN_DMACSR_R_CTRL_DIS;
++ }
++ if (r)
++ WRITE_REG_1(sc, HIFN_1_DMA_CSR, r);
++ } else
++ sc->sc_active--;
++ HIFN_UNLOCK(sc);
++ mod_timer(&sc->sc_tickto, jiffies + HZ);
++}
++
++static irqreturn_t
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
++hifn_intr(int irq, void *arg)
++#else
++hifn_intr(int irq, void *arg, struct pt_regs *regs)
++#endif
++{
++ struct hifn_softc *sc = arg;
++ struct hifn_dma *dma;
++ u_int32_t dmacsr, restart;
++ int i, u;
++ unsigned long l_flags;
++
++ dmacsr = READ_REG_1(sc, HIFN_1_DMA_CSR);
++
++ /* Nothing in the DMA unit interrupted */
++ if ((dmacsr & sc->sc_dmaier) == 0)
++ return IRQ_NONE;
++
++ HIFN_LOCK(sc);
++
++ dma = sc->sc_dma;
++
++#ifdef HIFN_DEBUG
++ if (hifn_debug) {
++ device_printf(sc->sc_dev,
++ "irq: stat %08x ien %08x damier %08x i %d/%d/%d/%d k %d/%d/%d/%d u %d/%d/%d/%d\n",
++ dmacsr, READ_REG_1(sc, HIFN_1_DMA_IER), sc->sc_dmaier,
++ dma->cmdi, dma->srci, dma->dsti, dma->resi,
++ dma->cmdk, dma->srck, dma->dstk, dma->resk,
++ dma->cmdu, dma->srcu, dma->dstu, dma->resu);
++ }
++#endif
++
++ WRITE_REG_1(sc, HIFN_1_DMA_CSR, dmacsr & sc->sc_dmaier);
++
++ if ((sc->sc_flags & HIFN_HAS_PUBLIC) &&
++ (dmacsr & HIFN_DMACSR_PUBDONE))
++ WRITE_REG_1(sc, HIFN_1_PUB_STATUS,
++ READ_REG_1(sc, HIFN_1_PUB_STATUS) | HIFN_PUBSTS_DONE);
++
++ restart = dmacsr & (HIFN_DMACSR_D_OVER | HIFN_DMACSR_R_OVER);
++ if (restart)
++ device_printf(sc->sc_dev, "overrun %x\n", dmacsr);
++
++ if (sc->sc_flags & HIFN_IS_7811) {
++ if (dmacsr & HIFN_DMACSR_ILLR)
++ device_printf(sc->sc_dev, "illegal read\n");
++ if (dmacsr & HIFN_DMACSR_ILLW)
++ device_printf(sc->sc_dev, "illegal write\n");
++ }
++
++ restart = dmacsr & (HIFN_DMACSR_C_ABORT | HIFN_DMACSR_S_ABORT |
++ HIFN_DMACSR_D_ABORT | HIFN_DMACSR_R_ABORT);
++ if (restart) {
++ device_printf(sc->sc_dev, "abort, resetting.\n");
++ hifnstats.hst_abort++;
++ hifn_abort(sc);
++ HIFN_UNLOCK(sc);
++ return IRQ_HANDLED;
++ }
++
++ if ((dmacsr & HIFN_DMACSR_C_WAIT) && (dma->cmdu == 0)) {
++ /*
++ * If no slots to process and we receive a "waiting on
++ * command" interrupt, we disable the "waiting on command"
++ * (by clearing it).
++ */
++ sc->sc_dmaier &= ~HIFN_DMAIER_C_WAIT;
++ WRITE_REG_1(sc, HIFN_1_DMA_IER, sc->sc_dmaier);
++ }
++
++ /* clear the rings */
++ i = dma->resk; u = dma->resu;
++ while (u != 0) {
++ HIFN_RESR_SYNC(sc, i,
++ BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
++ if (dma->resr[i].l & htole32(HIFN_D_VALID)) {
++ HIFN_RESR_SYNC(sc, i,
++ BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++ break;
++ }
++
++ if (i != HIFN_D_RES_RSIZE) {
++ struct hifn_command *cmd;
++ u_int8_t *macbuf = NULL;
++
++ HIFN_RES_SYNC(sc, i, BUS_DMASYNC_POSTREAD);
++ cmd = dma->hifn_commands[i];
++ KASSERT(cmd != NULL,
++ ("hifn_intr: null command slot %u", i));
++ dma->hifn_commands[i] = NULL;
++
++ if (cmd->base_masks & HIFN_BASE_CMD_MAC) {
++ macbuf = dma->result_bufs[i];
++ macbuf += 12;
++ }
++
++ hifn_callback(sc, cmd, macbuf);
++ hifnstats.hst_opackets++;
++ u--;
++ }
++
++ if (++i == (HIFN_D_RES_RSIZE + 1))
++ i = 0;
++ }
++ dma->resk = i; dma->resu = u;
++
++ i = dma->srck; u = dma->srcu;
++ while (u != 0) {
++ if (i == HIFN_D_SRC_RSIZE)
++ i = 0;
++ HIFN_SRCR_SYNC(sc, i,
++ BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
++ if (dma->srcr[i].l & htole32(HIFN_D_VALID)) {
++ HIFN_SRCR_SYNC(sc, i,
++ BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++ break;
++ }
++ i++, u--;
++ }
++ dma->srck = i; dma->srcu = u;
++
++ i = dma->cmdk; u = dma->cmdu;
++ while (u != 0) {
++ HIFN_CMDR_SYNC(sc, i,
++ BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
++ if (dma->cmdr[i].l & htole32(HIFN_D_VALID)) {
++ HIFN_CMDR_SYNC(sc, i,
++ BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++ break;
++ }
++ if (i != HIFN_D_CMD_RSIZE) {
++ u--;
++ HIFN_CMD_SYNC(sc, i, BUS_DMASYNC_POSTWRITE);
++ }
++ if (++i == (HIFN_D_CMD_RSIZE + 1))
++ i = 0;
++ }
++ dma->cmdk = i; dma->cmdu = u;
++
++ HIFN_UNLOCK(sc);
++
++ if (sc->sc_needwakeup) { /* XXX check high watermark */
++ int wakeup = sc->sc_needwakeup & (CRYPTO_SYMQ|CRYPTO_ASYMQ);
++#ifdef HIFN_DEBUG
++ if (hifn_debug)
++ device_printf(sc->sc_dev,
++ "wakeup crypto (%x) u %d/%d/%d/%d\n",
++ sc->sc_needwakeup,
++ dma->cmdu, dma->srcu, dma->dstu, dma->resu);
++#endif
++ sc->sc_needwakeup &= ~wakeup;
++ crypto_unblock(sc->sc_cid, wakeup);
++ }
++
++ return IRQ_HANDLED;
++}
++
++/*
++ * Allocate a new 'session' and return an encoded session id. 'sidp'
++ * contains our registration id, and should contain an encoded session
++ * id on successful allocation.
++ */
++static int
++hifn_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri)
++{
++ struct hifn_softc *sc = device_get_softc(dev);
++ struct cryptoini *c;
++ int mac = 0, cry = 0, sesn;
++ struct hifn_session *ses = NULL;
++ unsigned long l_flags;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ KASSERT(sc != NULL, ("hifn_newsession: null softc"));
++ if (sidp == NULL || cri == NULL || sc == NULL) {
++ DPRINTF("%s,%d: %s - EINVAL\n", __FILE__, __LINE__, __FUNCTION__);
++ return (EINVAL);
++ }
++
++ HIFN_LOCK(sc);
++ if (sc->sc_sessions == NULL) {
++ ses = sc->sc_sessions = (struct hifn_session *)kmalloc(sizeof(*ses),
++ SLAB_ATOMIC);
++ if (ses == NULL) {
++ HIFN_UNLOCK(sc);
++ return (ENOMEM);
++ }
++ sesn = 0;
++ sc->sc_nsessions = 1;
++ } else {
++ for (sesn = 0; sesn < sc->sc_nsessions; sesn++) {
++ if (!sc->sc_sessions[sesn].hs_used) {
++ ses = &sc->sc_sessions[sesn];
++ break;
++ }
++ }
++
++ if (ses == NULL) {
++ sesn = sc->sc_nsessions;
++ ses = (struct hifn_session *)kmalloc((sesn + 1) * sizeof(*ses),
++ SLAB_ATOMIC);
++ if (ses == NULL) {
++ HIFN_UNLOCK(sc);
++ return (ENOMEM);
++ }
++ bcopy(sc->sc_sessions, ses, sesn * sizeof(*ses));
++ bzero(sc->sc_sessions, sesn * sizeof(*ses));
++ kfree(sc->sc_sessions);
++ sc->sc_sessions = ses;
++ ses = &sc->sc_sessions[sesn];
++ sc->sc_nsessions++;
++ }
++ }
++ HIFN_UNLOCK(sc);
++
++ bzero(ses, sizeof(*ses));
++ ses->hs_used = 1;
++
++ for (c = cri; c != NULL; c = c->cri_next) {
++ switch (c->cri_alg) {
++ case CRYPTO_MD5:
++ case CRYPTO_SHA1:
++ case CRYPTO_MD5_HMAC:
++ case CRYPTO_SHA1_HMAC:
++ if (mac) {
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ return (EINVAL);
++ }
++ mac = 1;
++ ses->hs_mlen = c->cri_mlen;
++ if (ses->hs_mlen == 0) {
++ switch (c->cri_alg) {
++ case CRYPTO_MD5:
++ case CRYPTO_MD5_HMAC:
++ ses->hs_mlen = 16;
++ break;
++ case CRYPTO_SHA1:
++ case CRYPTO_SHA1_HMAC:
++ ses->hs_mlen = 20;
++ break;
++ }
++ }
++ break;
++ case CRYPTO_DES_CBC:
++ case CRYPTO_3DES_CBC:
++ case CRYPTO_AES_CBC:
++ /* XXX this may read fewer, does it matter? */
++ read_random(ses->hs_iv,
++ c->cri_alg == CRYPTO_AES_CBC ?
++ HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH);
++ /*FALLTHROUGH*/
++ case CRYPTO_ARC4:
++ if (cry) {
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ return (EINVAL);
++ }
++ cry = 1;
++ break;
++ default:
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ return (EINVAL);
++ }
++ }
++ if (mac == 0 && cry == 0) {
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ return (EINVAL);
++ }
++
++ *sidp = HIFN_SID(device_get_unit(sc->sc_dev), sesn);
++
++ return (0);
++}
++
++/*
++ * Deallocate a session.
++ * XXX this routine should run a zero'd mac/encrypt key into context ram.
++ * XXX to blow away any keys already stored there.
++ */
++static int
++hifn_freesession(device_t dev, u_int64_t tid)
++{
++ struct hifn_softc *sc = device_get_softc(dev);
++ int session, error;
++ u_int32_t sid = CRYPTO_SESID2LID(tid);
++ unsigned long l_flags;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ KASSERT(sc != NULL, ("hifn_freesession: null softc"));
++ if (sc == NULL) {
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ return (EINVAL);
++ }
++
++ HIFN_LOCK(sc);
++ session = HIFN_SESSION(sid);
++ if (session < sc->sc_nsessions) {
++ bzero(&sc->sc_sessions[session], sizeof(struct hifn_session));
++ error = 0;
++ } else {
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ error = EINVAL;
++ }
++ HIFN_UNLOCK(sc);
++
++ return (error);
++}
++
++static int
++hifn_process(device_t dev, struct cryptop *crp, int hint)
++{
++ struct hifn_softc *sc = device_get_softc(dev);
++ struct hifn_command *cmd = NULL;
++ int session, err, ivlen;
++ struct cryptodesc *crd1, *crd2, *maccrd, *enccrd;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ if (crp == NULL || crp->crp_callback == NULL) {
++ hifnstats.hst_invalid++;
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ return (EINVAL);
++ }
++ session = HIFN_SESSION(crp->crp_sid);
++
++ if (sc == NULL || session >= sc->sc_nsessions) {
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ err = EINVAL;
++ goto errout;
++ }
++
++ cmd = kmalloc(sizeof(struct hifn_command), SLAB_ATOMIC);
++ if (cmd == NULL) {
++ hifnstats.hst_nomem++;
++ err = ENOMEM;
++ goto errout;
++ }
++ memset(cmd, 0, sizeof(*cmd));
++
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ cmd->src_skb = (struct sk_buff *)crp->crp_buf;
++ cmd->dst_skb = (struct sk_buff *)crp->crp_buf;
++ } else if (crp->crp_flags & CRYPTO_F_IOV) {
++ cmd->src_io = (struct uio *)crp->crp_buf;
++ cmd->dst_io = (struct uio *)crp->crp_buf;
++ } else {
++ cmd->src_buf = crp->crp_buf;
++ cmd->dst_buf = crp->crp_buf;
++ }
++
++ crd1 = crp->crp_desc;
++ if (crd1 == NULL) {
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ err = EINVAL;
++ goto errout;
++ }
++ crd2 = crd1->crd_next;
++
++ if (crd2 == NULL) {
++ if (crd1->crd_alg == CRYPTO_MD5_HMAC ||
++ crd1->crd_alg == CRYPTO_SHA1_HMAC ||
++ crd1->crd_alg == CRYPTO_SHA1 ||
++ crd1->crd_alg == CRYPTO_MD5) {
++ maccrd = crd1;
++ enccrd = NULL;
++ } else if (crd1->crd_alg == CRYPTO_DES_CBC ||
++ crd1->crd_alg == CRYPTO_3DES_CBC ||
++ crd1->crd_alg == CRYPTO_AES_CBC ||
++ crd1->crd_alg == CRYPTO_ARC4) {
++ if ((crd1->crd_flags & CRD_F_ENCRYPT) == 0)
++ cmd->base_masks |= HIFN_BASE_CMD_DECODE;
++ maccrd = NULL;
++ enccrd = crd1;
++ } else {
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ err = EINVAL;
++ goto errout;
++ }
++ } else {
++ if ((crd1->crd_alg == CRYPTO_MD5_HMAC ||
++ crd1->crd_alg == CRYPTO_SHA1_HMAC ||
++ crd1->crd_alg == CRYPTO_MD5 ||
++ crd1->crd_alg == CRYPTO_SHA1) &&
++ (crd2->crd_alg == CRYPTO_DES_CBC ||
++ crd2->crd_alg == CRYPTO_3DES_CBC ||
++ crd2->crd_alg == CRYPTO_AES_CBC ||
++ crd2->crd_alg == CRYPTO_ARC4) &&
++ ((crd2->crd_flags & CRD_F_ENCRYPT) == 0)) {
++ cmd->base_masks = HIFN_BASE_CMD_DECODE;
++ maccrd = crd1;
++ enccrd = crd2;
++ } else if ((crd1->crd_alg == CRYPTO_DES_CBC ||
++ crd1->crd_alg == CRYPTO_ARC4 ||
++ crd1->crd_alg == CRYPTO_3DES_CBC ||
++ crd1->crd_alg == CRYPTO_AES_CBC) &&
++ (crd2->crd_alg == CRYPTO_MD5_HMAC ||
++ crd2->crd_alg == CRYPTO_SHA1_HMAC ||
++ crd2->crd_alg == CRYPTO_MD5 ||
++ crd2->crd_alg == CRYPTO_SHA1) &&
++ (crd1->crd_flags & CRD_F_ENCRYPT)) {
++ enccrd = crd1;
++ maccrd = crd2;
++ } else {
++ /*
++ * We cannot order the 7751 as requested
++ */
++ DPRINTF("%s,%d: %s %d,%d,%d - EINVAL\n",__FILE__,__LINE__,__FUNCTION__, crd1->crd_alg, crd2->crd_alg, crd1->crd_flags & CRD_F_ENCRYPT);
++ err = EINVAL;
++ goto errout;
++ }
++ }
++
++ if (enccrd) {
++ cmd->enccrd = enccrd;
++ cmd->base_masks |= HIFN_BASE_CMD_CRYPT;
++ switch (enccrd->crd_alg) {
++ case CRYPTO_ARC4:
++ cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_RC4;
++ break;
++ case CRYPTO_DES_CBC:
++ cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_DES |
++ HIFN_CRYPT_CMD_MODE_CBC |
++ HIFN_CRYPT_CMD_NEW_IV;
++ break;
++ case CRYPTO_3DES_CBC:
++ cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_3DES |
++ HIFN_CRYPT_CMD_MODE_CBC |
++ HIFN_CRYPT_CMD_NEW_IV;
++ break;
++ case CRYPTO_AES_CBC:
++ cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_AES |
++ HIFN_CRYPT_CMD_MODE_CBC |
++ HIFN_CRYPT_CMD_NEW_IV;
++ break;
++ default:
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ err = EINVAL;
++ goto errout;
++ }
++ if (enccrd->crd_alg != CRYPTO_ARC4) {
++ ivlen = ((enccrd->crd_alg == CRYPTO_AES_CBC) ?
++ HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH);
++ if (enccrd->crd_flags & CRD_F_ENCRYPT) {
++ if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
++ bcopy(enccrd->crd_iv, cmd->iv, ivlen);
++ else
++ bcopy(sc->sc_sessions[session].hs_iv,
++ cmd->iv, ivlen);
++
++ if ((enccrd->crd_flags & CRD_F_IV_PRESENT)
++ == 0) {
++ crypto_copyback(crp->crp_flags,
++ crp->crp_buf, enccrd->crd_inject,
++ ivlen, cmd->iv);
++ }
++ } else {
++ if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
++ bcopy(enccrd->crd_iv, cmd->iv, ivlen);
++ else {
++ crypto_copydata(crp->crp_flags,
++ crp->crp_buf, enccrd->crd_inject,
++ ivlen, cmd->iv);
++ }
++ }
++ }
++
++ if (enccrd->crd_flags & CRD_F_KEY_EXPLICIT)
++ cmd->cry_masks |= HIFN_CRYPT_CMD_NEW_KEY;
++ cmd->ck = enccrd->crd_key;
++ cmd->cklen = enccrd->crd_klen >> 3;
++ cmd->cry_masks |= HIFN_CRYPT_CMD_NEW_KEY;
++
++ /*
++ * Need to specify the size for the AES key in the masks.
++ */
++ if ((cmd->cry_masks & HIFN_CRYPT_CMD_ALG_MASK) ==
++ HIFN_CRYPT_CMD_ALG_AES) {
++ switch (cmd->cklen) {
++ case 16:
++ cmd->cry_masks |= HIFN_CRYPT_CMD_KSZ_128;
++ break;
++ case 24:
++ cmd->cry_masks |= HIFN_CRYPT_CMD_KSZ_192;
++ break;
++ case 32:
++ cmd->cry_masks |= HIFN_CRYPT_CMD_KSZ_256;
++ break;
++ default:
++ DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
++ err = EINVAL;
++ goto errout;
++ }
++ }
++ }
++
++ if (maccrd) {
++ cmd->maccrd = maccrd;
++ cmd->base_masks |= HIFN_BASE_CMD_MAC;
++
++ switch (maccrd->crd_alg) {
++ case CRYPTO_MD5:
++ cmd->mac_masks |= HIFN_MAC_CMD_ALG_MD5 |
++ HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HASH |
++ HIFN_MAC_CMD_POS_IPSEC;
++ break;
++ case CRYPTO_MD5_HMAC:
++ cmd->mac_masks |= HIFN_MAC_CMD_ALG_MD5 |
++ HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HMAC |
++ HIFN_MAC_CMD_POS_IPSEC | HIFN_MAC_CMD_TRUNC;
++ break;
++ case CRYPTO_SHA1:
++ cmd->mac_masks |= HIFN_MAC_CMD_ALG_SHA1 |
++ HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HASH |
++ HIFN_MAC_CMD_POS_IPSEC;
++ break;
++ case CRYPTO_SHA1_HMAC:
++ cmd->mac_masks |= HIFN_MAC_CMD_ALG_SHA1 |
++ HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HMAC |
++ HIFN_MAC_CMD_POS_IPSEC | HIFN_MAC_CMD_TRUNC;
++ break;
++ }
++
++ if (maccrd->crd_alg == CRYPTO_SHA1_HMAC ||
++ maccrd->crd_alg == CRYPTO_MD5_HMAC) {
++ cmd->mac_masks |= HIFN_MAC_CMD_NEW_KEY;
++ bcopy(maccrd->crd_key, cmd->mac, maccrd->crd_klen >> 3);
++ bzero(cmd->mac + (maccrd->crd_klen >> 3),
++ HIFN_MAC_KEY_LENGTH - (maccrd->crd_klen >> 3));
++ }
++ }
++
++ cmd->crp = crp;
++ cmd->session_num = session;
++ cmd->softc = sc;
++
++ err = hifn_crypto(sc, cmd, crp, hint);
++ if (!err) {
++ return 0;
++ } else if (err == ERESTART) {
++ /*
++ * There weren't enough resources to dispatch the request
++ * to the part. Notify the caller so they'll requeue this
++ * request and resubmit it again soon.
++ */
++#ifdef HIFN_DEBUG
++ if (hifn_debug)
++ device_printf(sc->sc_dev, "requeue request\n");
++#endif
++ kfree(cmd);
++ sc->sc_needwakeup |= CRYPTO_SYMQ;
++ return (err);
++ }
++
++errout:
++ if (cmd != NULL)
++ kfree(cmd);
++ if (err == EINVAL)
++ hifnstats.hst_invalid++;
++ else
++ hifnstats.hst_nomem++;
++ crp->crp_etype = err;
++ crypto_done(crp);
++ return (err);
++}
++
++static void
++hifn_abort(struct hifn_softc *sc)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++ struct hifn_command *cmd;
++ struct cryptop *crp;
++ int i, u;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ i = dma->resk; u = dma->resu;
++ while (u != 0) {
++ cmd = dma->hifn_commands[i];
++ KASSERT(cmd != NULL, ("hifn_abort: null command slot %u", i));
++ dma->hifn_commands[i] = NULL;
++ crp = cmd->crp;
++
++ if ((dma->resr[i].l & htole32(HIFN_D_VALID)) == 0) {
++ /* Salvage what we can. */
++ u_int8_t *macbuf;
++
++ if (cmd->base_masks & HIFN_BASE_CMD_MAC) {
++ macbuf = dma->result_bufs[i];
++ macbuf += 12;
++ } else
++ macbuf = NULL;
++ hifnstats.hst_opackets++;
++ hifn_callback(sc, cmd, macbuf);
++ } else {
++#if 0
++ if (cmd->src_map == cmd->dst_map) {
++ bus_dmamap_sync(sc->sc_dmat, cmd->src_map,
++ BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE);
++ } else {
++ bus_dmamap_sync(sc->sc_dmat, cmd->src_map,
++ BUS_DMASYNC_POSTWRITE);
++ bus_dmamap_sync(sc->sc_dmat, cmd->dst_map,
++ BUS_DMASYNC_POSTREAD);
++ }
++#endif
++
++ if (cmd->src_skb != cmd->dst_skb) {
++#ifdef NOTYET
++ m_freem(cmd->src_m);
++ crp->crp_buf = (caddr_t)cmd->dst_m;
++#else
++ device_printf(sc->sc_dev,
++ "%s,%d: CRYPTO_F_SKBUF src != dst not implemented\n",
++ __FILE__, __LINE__);
++#endif
++ }
++
++ /* non-shared buffers cannot be restarted */
++ if (cmd->src_map != cmd->dst_map) {
++ /*
++ * XXX should be EAGAIN, delayed until
++ * after the reset.
++ */
++ crp->crp_etype = ENOMEM;
++ pci_unmap_buf(sc, &cmd->dst);
++ } else
++ crp->crp_etype = ENOMEM;
++
++ pci_unmap_buf(sc, &cmd->src);
++
++ kfree(cmd);
++ if (crp->crp_etype != EAGAIN)
++ crypto_done(crp);
++ }
++
++ if (++i == HIFN_D_RES_RSIZE)
++ i = 0;
++ u--;
++ }
++ dma->resk = i; dma->resu = u;
++
++ hifn_reset_board(sc, 1);
++ hifn_init_dma(sc);
++ hifn_init_pci_registers(sc);
++}
++
++static void
++hifn_callback(struct hifn_softc *sc, struct hifn_command *cmd, u_int8_t *macbuf)
++{
++ struct hifn_dma *dma = sc->sc_dma;
++ struct cryptop *crp = cmd->crp;
++ struct cryptodesc *crd;
++ int i, u, ivlen;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++#if 0
++ if (cmd->src_map == cmd->dst_map) {
++ bus_dmamap_sync(sc->sc_dmat, cmd->src_map,
++ BUS_DMASYNC_POSTWRITE | BUS_DMASYNC_POSTREAD);
++ } else {
++ bus_dmamap_sync(sc->sc_dmat, cmd->src_map,
++ BUS_DMASYNC_POSTWRITE);
++ bus_dmamap_sync(sc->sc_dmat, cmd->dst_map,
++ BUS_DMASYNC_POSTREAD);
++ }
++#endif
++
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++ if (cmd->src_skb != cmd->dst_skb) {
++#ifdef NOTYET
++ crp->crp_buf = (caddr_t)cmd->dst_m;
++ totlen = cmd->src_mapsize;
++ for (m = cmd->dst_m; m != NULL; m = m->m_next) {
++ if (totlen < m->m_len) {
++ m->m_len = totlen;
++ totlen = 0;
++ } else
++ totlen -= m->m_len;
++ }
++ cmd->dst_m->m_pkthdr.len = cmd->src_m->m_pkthdr.len;
++ m_freem(cmd->src_m);
++#else
++ device_printf(sc->sc_dev,
++ "%s,%d: CRYPTO_F_SKBUF src != dst not implemented\n",
++ __FILE__, __LINE__);
++#endif
++ }
++ }
++
++ if (cmd->sloplen != 0) {
++ crypto_copyback(crp->crp_flags, crp->crp_buf,
++ cmd->src_mapsize - cmd->sloplen, cmd->sloplen,
++ (caddr_t)&dma->slop[cmd->slopidx]);
++ }
++
++ i = dma->dstk; u = dma->dstu;
++ while (u != 0) {
++ if (i == HIFN_D_DST_RSIZE)
++ i = 0;
++#if 0
++ bus_dmamap_sync(sc->sc_dmat, sc->sc_dmamap,
++ BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
++#endif
++ if (dma->dstr[i].l & htole32(HIFN_D_VALID)) {
++#if 0
++ bus_dmamap_sync(sc->sc_dmat, sc->sc_dmamap,
++ BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
++#endif
++ break;
++ }
++ i++, u--;
++ }
++ dma->dstk = i; dma->dstu = u;
++
++ hifnstats.hst_obytes += cmd->dst_mapsize;
++
++ if ((cmd->base_masks & (HIFN_BASE_CMD_CRYPT | HIFN_BASE_CMD_DECODE)) ==
++ HIFN_BASE_CMD_CRYPT) {
++ for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
++ if (crd->crd_alg != CRYPTO_DES_CBC &&
++ crd->crd_alg != CRYPTO_3DES_CBC &&
++ crd->crd_alg != CRYPTO_AES_CBC)
++ continue;
++ ivlen = ((crd->crd_alg == CRYPTO_AES_CBC) ?
++ HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH);
++ crypto_copydata(crp->crp_flags, crp->crp_buf,
++ crd->crd_skip + crd->crd_len - ivlen, ivlen,
++ cmd->softc->sc_sessions[cmd->session_num].hs_iv);
++ break;
++ }
++ }
++
++ if (macbuf != NULL) {
++ for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
++ int len;
++
++ if (crd->crd_alg != CRYPTO_MD5 &&
++ crd->crd_alg != CRYPTO_SHA1 &&
++ crd->crd_alg != CRYPTO_MD5_HMAC &&
++ crd->crd_alg != CRYPTO_SHA1_HMAC) {
++ continue;
++ }
++ len = cmd->softc->sc_sessions[cmd->session_num].hs_mlen;
++ crypto_copyback(crp->crp_flags, crp->crp_buf,
++ crd->crd_inject, len, macbuf);
++ break;
++ }
++ }
++
++ if (cmd->src_map != cmd->dst_map)
++ pci_unmap_buf(sc, &cmd->dst);
++ pci_unmap_buf(sc, &cmd->src);
++ kfree(cmd);
++ crypto_done(crp);
++}
++
++/*
++ * 7811 PB3 rev/2 parts lock-up on burst writes to Group 0
++ * and Group 1 registers; avoid conditions that could create
++ * burst writes by doing a read in between the writes.
++ *
++ * NB: The read we interpose is always to the same register;
++ * we do this because reading from an arbitrary (e.g. last)
++ * register may not always work.
++ */
++static void
++hifn_write_reg_0(struct hifn_softc *sc, bus_size_t reg, u_int32_t val)
++{
++ if (sc->sc_flags & HIFN_IS_7811) {
++ if (sc->sc_bar0_lastreg == reg - 4)
++ readl(sc->sc_bar0 + HIFN_0_PUCNFG);
++ sc->sc_bar0_lastreg = reg;
++ }
++ writel(val, sc->sc_bar0 + reg);
++}
++
++static void
++hifn_write_reg_1(struct hifn_softc *sc, bus_size_t reg, u_int32_t val)
++{
++ if (sc->sc_flags & HIFN_IS_7811) {
++ if (sc->sc_bar1_lastreg == reg - 4)
++ readl(sc->sc_bar1 + HIFN_1_REVID);
++ sc->sc_bar1_lastreg = reg;
++ }
++ writel(val, sc->sc_bar1 + reg);
++}
++
++
++static struct pci_device_id hifn_pci_tbl[] = {
++ { PCI_VENDOR_HIFN, PCI_PRODUCT_HIFN_7951,
++ PCI_ANY_ID, PCI_ANY_ID, 0, 0, },
++ { PCI_VENDOR_HIFN, PCI_PRODUCT_HIFN_7955,
++ PCI_ANY_ID, PCI_ANY_ID, 0, 0, },
++ { PCI_VENDOR_HIFN, PCI_PRODUCT_HIFN_7956,
++ PCI_ANY_ID, PCI_ANY_ID, 0, 0, },
++ { PCI_VENDOR_NETSEC, PCI_PRODUCT_NETSEC_7751,
++ PCI_ANY_ID, PCI_ANY_ID, 0, 0, },
++ { PCI_VENDOR_INVERTEX, PCI_PRODUCT_INVERTEX_AEON,
++ PCI_ANY_ID, PCI_ANY_ID, 0, 0, },
++ { PCI_VENDOR_HIFN, PCI_PRODUCT_HIFN_7811,
++ PCI_ANY_ID, PCI_ANY_ID, 0, 0, },
++ /*
++ * Other vendors share this PCI ID as well, such as
++ * http://www.powercrypt.com, and obviously they also
++ * use the same key.
++ */
++ { PCI_VENDOR_HIFN, PCI_PRODUCT_HIFN_7751,
++ PCI_ANY_ID, PCI_ANY_ID, 0, 0, },
++ { 0, 0, 0, 0, 0, 0, }
++};
++MODULE_DEVICE_TABLE(pci, hifn_pci_tbl);
++
++static struct pci_driver hifn_driver = {
++ .name = "hifn",
++ .id_table = hifn_pci_tbl,
++ .probe = hifn_probe,
++ .remove = hifn_remove,
++ /* add PM stuff here one day */
++};
++
++static int __init hifn_init (void)
++{
++ struct hifn_softc *sc = NULL;
++ int rc;
++
++ DPRINTF("%s(%p)\n", __FUNCTION__, hifn_init);
++
++ rc = pci_register_driver(&hifn_driver);
++ pci_register_driver_compat(&hifn_driver, rc);
++
++ return rc;
++}
++
++static void __exit hifn_exit (void)
++{
++ pci_unregister_driver(&hifn_driver);
++}
++
++module_init(hifn_init);
++module_exit(hifn_exit);
++
++MODULE_LICENSE("BSD");
++MODULE_AUTHOR("David McCullough <david_mccullough at mcafee.com>");
++MODULE_DESCRIPTION("OCF driver for hifn PCI crypto devices");
+diff --git a/crypto/ocf/hifn/hifn7751reg.h b/crypto/ocf/hifn/hifn7751reg.h
+new file mode 100644
+index 0000000..ccf54f9
+--- /dev/null
++++ b/crypto/ocf/hifn/hifn7751reg.h
+@@ -0,0 +1,540 @@
++/* $FreeBSD: src/sys/dev/hifn/hifn7751reg.h,v 1.7 2007/03/21 03:42:49 sam Exp $ */
++/* $OpenBSD: hifn7751reg.h,v 1.35 2002/04/08 17:49:42 jason Exp $ */
++
++/*-
++ * Invertex AEON / Hifn 7751 driver
++ * Copyright (c) 1999 Invertex Inc. All rights reserved.
++ * Copyright (c) 1999 Theo de Raadt
++ * Copyright (c) 2000-2001 Network Security Technologies, Inc.
++ * http://www.netsec.net
++ *
++ * Please send any comments, feedback, bug-fixes, or feature requests to
++ * software at invertex.com.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored in part by the Defense Advanced Research Projects
++ * Agency (DARPA) and Air Force Research Laboratory, Air Force
++ * Materiel Command, USAF, under agreement number F30602-01-2-0537.
++ *
++ */
++#ifndef __HIFN_H__
++#define __HIFN_H__
++
++/*
++ * Some PCI configuration space offset defines. The names were made
++ * identical to the names used by the Linux kernel.
++ */
++#define HIFN_BAR0 PCIR_BAR(0) /* PUC register map */
++#define HIFN_BAR1 PCIR_BAR(1) /* DMA register map */
++#define HIFN_TRDY_TIMEOUT 0x40
++#define HIFN_RETRY_TIMEOUT 0x41
++
++/*
++ * PCI vendor and device identifiers
++ * (the names are preserved from their OpenBSD source).
++ */
++#define PCI_VENDOR_HIFN 0x13a3 /* Hifn */
++#define PCI_PRODUCT_HIFN_7751 0x0005 /* 7751 */
++#define PCI_PRODUCT_HIFN_6500 0x0006 /* 6500 */
++#define PCI_PRODUCT_HIFN_7811 0x0007 /* 7811 */
++#define PCI_PRODUCT_HIFN_7855 0x001f /* 7855 */
++#define PCI_PRODUCT_HIFN_7951 0x0012 /* 7951 */
++#define PCI_PRODUCT_HIFN_7955 0x0020 /* 7954/7955 */
++#define PCI_PRODUCT_HIFN_7956 0x001d /* 7956 */
++
++#define PCI_VENDOR_INVERTEX 0x14e1 /* Invertex */
++#define PCI_PRODUCT_INVERTEX_AEON 0x0005 /* AEON */
++
++#define PCI_VENDOR_NETSEC 0x1660 /* NetSec */
++#define PCI_PRODUCT_NETSEC_7751 0x7751 /* 7751 */
++
++/*
++ * The values below should multiple of 4 -- and be large enough to handle
++ * any command the driver implements.
++ *
++ * MAX_COMMAND = base command + mac command + encrypt command +
++ * mac-key + rc4-key
++ * MAX_RESULT = base result + mac result + mac + encrypt result
++ *
++ *
++ */
++#define HIFN_MAX_COMMAND (8 + 8 + 8 + 64 + 260)
++#define HIFN_MAX_RESULT (8 + 4 + 20 + 4)
++
++/*
++ * hifn_desc_t
++ *
++ * Holds an individual descriptor for any of the rings.
++ */
++typedef struct hifn_desc {
++ volatile u_int32_t l; /* length and status bits */
++ volatile u_int32_t p;
++} hifn_desc_t;
++
++/*
++ * Masks for the "length" field of struct hifn_desc.
++ */
++#define HIFN_D_LENGTH 0x0000ffff /* length bit mask */
++#define HIFN_D_MASKDONEIRQ 0x02000000 /* mask the done interrupt */
++#define HIFN_D_DESTOVER 0x04000000 /* destination overflow */
++#define HIFN_D_OVER 0x08000000 /* overflow */
++#define HIFN_D_LAST 0x20000000 /* last descriptor in chain */
++#define HIFN_D_JUMP 0x40000000 /* jump descriptor */
++#define HIFN_D_VALID 0x80000000 /* valid bit */
++
++
++/*
++ * Processing Unit Registers (offset from BASEREG0)
++ */
++#define HIFN_0_PUDATA 0x00 /* Processing Unit Data */
++#define HIFN_0_PUCTRL 0x04 /* Processing Unit Control */
++#define HIFN_0_PUISR 0x08 /* Processing Unit Interrupt Status */
++#define HIFN_0_PUCNFG 0x0c /* Processing Unit Configuration */
++#define HIFN_0_PUIER 0x10 /* Processing Unit Interrupt Enable */
++#define HIFN_0_PUSTAT 0x14 /* Processing Unit Status/Chip ID */
++#define HIFN_0_FIFOSTAT 0x18 /* FIFO Status */
++#define HIFN_0_FIFOCNFG 0x1c /* FIFO Configuration */
++#define HIFN_0_PUCTRL2 0x28 /* Processing Unit Control (2nd map) */
++#define HIFN_0_MUTE1 0x80
++#define HIFN_0_MUTE2 0x90
++#define HIFN_0_SPACESIZE 0x100 /* Register space size */
++
++/* Processing Unit Control Register (HIFN_0_PUCTRL) */
++#define HIFN_PUCTRL_CLRSRCFIFO 0x0010 /* clear source fifo */
++#define HIFN_PUCTRL_STOP 0x0008 /* stop pu */
++#define HIFN_PUCTRL_LOCKRAM 0x0004 /* lock ram */
++#define HIFN_PUCTRL_DMAENA 0x0002 /* enable dma */
++#define HIFN_PUCTRL_RESET 0x0001 /* Reset processing unit */
++
++/* Processing Unit Interrupt Status Register (HIFN_0_PUISR) */
++#define HIFN_PUISR_CMDINVAL 0x8000 /* Invalid command interrupt */
++#define HIFN_PUISR_DATAERR 0x4000 /* Data error interrupt */
++#define HIFN_PUISR_SRCFIFO 0x2000 /* Source FIFO ready interrupt */
++#define HIFN_PUISR_DSTFIFO 0x1000 /* Destination FIFO ready interrupt */
++#define HIFN_PUISR_DSTOVER 0x0200 /* Destination overrun interrupt */
++#define HIFN_PUISR_SRCCMD 0x0080 /* Source command interrupt */
++#define HIFN_PUISR_SRCCTX 0x0040 /* Source context interrupt */
++#define HIFN_PUISR_SRCDATA 0x0020 /* Source data interrupt */
++#define HIFN_PUISR_DSTDATA 0x0010 /* Destination data interrupt */
++#define HIFN_PUISR_DSTRESULT 0x0004 /* Destination result interrupt */
++
++/* Processing Unit Configuration Register (HIFN_0_PUCNFG) */
++#define HIFN_PUCNFG_DRAMMASK 0xe000 /* DRAM size mask */
++#define HIFN_PUCNFG_DSZ_256K 0x0000 /* 256k dram */
++#define HIFN_PUCNFG_DSZ_512K 0x2000 /* 512k dram */
++#define HIFN_PUCNFG_DSZ_1M 0x4000 /* 1m dram */
++#define HIFN_PUCNFG_DSZ_2M 0x6000 /* 2m dram */
++#define HIFN_PUCNFG_DSZ_4M 0x8000 /* 4m dram */
++#define HIFN_PUCNFG_DSZ_8M 0xa000 /* 8m dram */
++#define HIFN_PUNCFG_DSZ_16M 0xc000 /* 16m dram */
++#define HIFN_PUCNFG_DSZ_32M 0xe000 /* 32m dram */
++#define HIFN_PUCNFG_DRAMREFRESH 0x1800 /* DRAM refresh rate mask */
++#define HIFN_PUCNFG_DRFR_512 0x0000 /* 512 divisor of ECLK */
++#define HIFN_PUCNFG_DRFR_256 0x0800 /* 256 divisor of ECLK */
++#define HIFN_PUCNFG_DRFR_128 0x1000 /* 128 divisor of ECLK */
++#define HIFN_PUCNFG_TCALLPHASES 0x0200 /* your guess is as good as mine... */
++#define HIFN_PUCNFG_TCDRVTOTEM 0x0100 /* your guess is as good as mine... */
++#define HIFN_PUCNFG_BIGENDIAN 0x0080 /* DMA big endian mode */
++#define HIFN_PUCNFG_BUS32 0x0040 /* Bus width 32bits */
++#define HIFN_PUCNFG_BUS16 0x0000 /* Bus width 16 bits */
++#define HIFN_PUCNFG_CHIPID 0x0020 /* Allow chipid from PUSTAT */
++#define HIFN_PUCNFG_DRAM 0x0010 /* Context RAM is DRAM */
++#define HIFN_PUCNFG_SRAM 0x0000 /* Context RAM is SRAM */
++#define HIFN_PUCNFG_COMPSING 0x0004 /* Enable single compression context */
++#define HIFN_PUCNFG_ENCCNFG 0x0002 /* Encryption configuration */
++
++/* Processing Unit Interrupt Enable Register (HIFN_0_PUIER) */
++#define HIFN_PUIER_CMDINVAL 0x8000 /* Invalid command interrupt */
++#define HIFN_PUIER_DATAERR 0x4000 /* Data error interrupt */
++#define HIFN_PUIER_SRCFIFO 0x2000 /* Source FIFO ready interrupt */
++#define HIFN_PUIER_DSTFIFO 0x1000 /* Destination FIFO ready interrupt */
++#define HIFN_PUIER_DSTOVER 0x0200 /* Destination overrun interrupt */
++#define HIFN_PUIER_SRCCMD 0x0080 /* Source command interrupt */
++#define HIFN_PUIER_SRCCTX 0x0040 /* Source context interrupt */
++#define HIFN_PUIER_SRCDATA 0x0020 /* Source data interrupt */
++#define HIFN_PUIER_DSTDATA 0x0010 /* Destination data interrupt */
++#define HIFN_PUIER_DSTRESULT 0x0004 /* Destination result interrupt */
++
++/* Processing Unit Status Register/Chip ID (HIFN_0_PUSTAT) */
++#define HIFN_PUSTAT_CMDINVAL 0x8000 /* Invalid command interrupt */
++#define HIFN_PUSTAT_DATAERR 0x4000 /* Data error interrupt */
++#define HIFN_PUSTAT_SRCFIFO 0x2000 /* Source FIFO ready interrupt */
++#define HIFN_PUSTAT_DSTFIFO 0x1000 /* Destination FIFO ready interrupt */
++#define HIFN_PUSTAT_DSTOVER 0x0200 /* Destination overrun interrupt */
++#define HIFN_PUSTAT_SRCCMD 0x0080 /* Source command interrupt */
++#define HIFN_PUSTAT_SRCCTX 0x0040 /* Source context interrupt */
++#define HIFN_PUSTAT_SRCDATA 0x0020 /* Source data interrupt */
++#define HIFN_PUSTAT_DSTDATA 0x0010 /* Destination data interrupt */
++#define HIFN_PUSTAT_DSTRESULT 0x0004 /* Destination result interrupt */
++#define HIFN_PUSTAT_CHIPREV 0x00ff /* Chip revision mask */
++#define HIFN_PUSTAT_CHIPENA 0xff00 /* Chip enabled mask */
++#define HIFN_PUSTAT_ENA_2 0x1100 /* Level 2 enabled */
++#define HIFN_PUSTAT_ENA_1 0x1000 /* Level 1 enabled */
++#define HIFN_PUSTAT_ENA_0 0x3000 /* Level 0 enabled */
++#define HIFN_PUSTAT_REV_2 0x0020 /* 7751 PT6/2 */
++#define HIFN_PUSTAT_REV_3 0x0030 /* 7751 PT6/3 */
++
++/* FIFO Status Register (HIFN_0_FIFOSTAT) */
++#define HIFN_FIFOSTAT_SRC 0x7f00 /* Source FIFO available */
++#define HIFN_FIFOSTAT_DST 0x007f /* Destination FIFO available */
++
++/* FIFO Configuration Register (HIFN_0_FIFOCNFG) */
++#define HIFN_FIFOCNFG_THRESHOLD 0x0400 /* must be written as this value */
++
++/*
++ * DMA Interface Registers (offset from BASEREG1)
++ */
++#define HIFN_1_DMA_CRAR 0x0c /* DMA Command Ring Address */
++#define HIFN_1_DMA_SRAR 0x1c /* DMA Source Ring Address */
++#define HIFN_1_DMA_RRAR 0x2c /* DMA Result Ring Address */
++#define HIFN_1_DMA_DRAR 0x3c /* DMA Destination Ring Address */
++#define HIFN_1_DMA_CSR 0x40 /* DMA Status and Control */
++#define HIFN_1_DMA_IER 0x44 /* DMA Interrupt Enable */
++#define HIFN_1_DMA_CNFG 0x48 /* DMA Configuration */
++#define HIFN_1_PLL 0x4c /* 7955/7956: PLL config */
++#define HIFN_1_7811_RNGENA 0x60 /* 7811: rng enable */
++#define HIFN_1_7811_RNGCFG 0x64 /* 7811: rng config */
++#define HIFN_1_7811_RNGDAT 0x68 /* 7811: rng data */
++#define HIFN_1_7811_RNGSTS 0x6c /* 7811: rng status */
++#define HIFN_1_DMA_CNFG2 0x6c /* 7955/7956: dma config #2 */
++#define HIFN_1_7811_MIPSRST 0x94 /* 7811: MIPS reset */
++#define HIFN_1_REVID 0x98 /* Revision ID */
++
++#define HIFN_1_PUB_RESET 0x204 /* Public/RNG Reset */
++#define HIFN_1_PUB_BASE 0x300 /* Public Base Address */
++#define HIFN_1_PUB_OPLEN 0x304 /* 7951-compat Public Operand Length */
++#define HIFN_1_PUB_OP 0x308 /* 7951-compat Public Operand */
++#define HIFN_1_PUB_STATUS 0x30c /* 7951-compat Public Status */
++#define HIFN_1_PUB_IEN 0x310 /* Public Interrupt enable */
++#define HIFN_1_RNG_CONFIG 0x314 /* RNG config */
++#define HIFN_1_RNG_DATA 0x318 /* RNG data */
++#define HIFN_1_PUB_MODE 0x320 /* PK mode */
++#define HIFN_1_PUB_FIFO_OPLEN 0x380 /* first element of oplen fifo */
++#define HIFN_1_PUB_FIFO_OP 0x384 /* first element of op fifo */
++#define HIFN_1_PUB_MEM 0x400 /* start of Public key memory */
++#define HIFN_1_PUB_MEMEND 0xbff /* end of Public key memory */
++
++/* DMA Status and Control Register (HIFN_1_DMA_CSR) */
++#define HIFN_DMACSR_D_CTRLMASK 0xc0000000 /* Destinition Ring Control */
++#define HIFN_DMACSR_D_CTRL_NOP 0x00000000 /* Dest. Control: no-op */
++#define HIFN_DMACSR_D_CTRL_DIS 0x40000000 /* Dest. Control: disable */
++#define HIFN_DMACSR_D_CTRL_ENA 0x80000000 /* Dest. Control: enable */
++#define HIFN_DMACSR_D_ABORT 0x20000000 /* Destinition Ring PCIAbort */
++#define HIFN_DMACSR_D_DONE 0x10000000 /* Destinition Ring Done */
++#define HIFN_DMACSR_D_LAST 0x08000000 /* Destinition Ring Last */
++#define HIFN_DMACSR_D_WAIT 0x04000000 /* Destinition Ring Waiting */
++#define HIFN_DMACSR_D_OVER 0x02000000 /* Destinition Ring Overflow */
++#define HIFN_DMACSR_R_CTRL 0x00c00000 /* Result Ring Control */
++#define HIFN_DMACSR_R_CTRL_NOP 0x00000000 /* Result Control: no-op */
++#define HIFN_DMACSR_R_CTRL_DIS 0x00400000 /* Result Control: disable */
++#define HIFN_DMACSR_R_CTRL_ENA 0x00800000 /* Result Control: enable */
++#define HIFN_DMACSR_R_ABORT 0x00200000 /* Result Ring PCI Abort */
++#define HIFN_DMACSR_R_DONE 0x00100000 /* Result Ring Done */
++#define HIFN_DMACSR_R_LAST 0x00080000 /* Result Ring Last */
++#define HIFN_DMACSR_R_WAIT 0x00040000 /* Result Ring Waiting */
++#define HIFN_DMACSR_R_OVER 0x00020000 /* Result Ring Overflow */
++#define HIFN_DMACSR_S_CTRL 0x0000c000 /* Source Ring Control */
++#define HIFN_DMACSR_S_CTRL_NOP 0x00000000 /* Source Control: no-op */
++#define HIFN_DMACSR_S_CTRL_DIS 0x00004000 /* Source Control: disable */
++#define HIFN_DMACSR_S_CTRL_ENA 0x00008000 /* Source Control: enable */
++#define HIFN_DMACSR_S_ABORT 0x00002000 /* Source Ring PCI Abort */
++#define HIFN_DMACSR_S_DONE 0x00001000 /* Source Ring Done */
++#define HIFN_DMACSR_S_LAST 0x00000800 /* Source Ring Last */
++#define HIFN_DMACSR_S_WAIT 0x00000400 /* Source Ring Waiting */
++#define HIFN_DMACSR_ILLW 0x00000200 /* Illegal write (7811 only) */
++#define HIFN_DMACSR_ILLR 0x00000100 /* Illegal read (7811 only) */
++#define HIFN_DMACSR_C_CTRL 0x000000c0 /* Command Ring Control */
++#define HIFN_DMACSR_C_CTRL_NOP 0x00000000 /* Command Control: no-op */
++#define HIFN_DMACSR_C_CTRL_DIS 0x00000040 /* Command Control: disable */
++#define HIFN_DMACSR_C_CTRL_ENA 0x00000080 /* Command Control: enable */
++#define HIFN_DMACSR_C_ABORT 0x00000020 /* Command Ring PCI Abort */
++#define HIFN_DMACSR_C_DONE 0x00000010 /* Command Ring Done */
++#define HIFN_DMACSR_C_LAST 0x00000008 /* Command Ring Last */
++#define HIFN_DMACSR_C_WAIT 0x00000004 /* Command Ring Waiting */
++#define HIFN_DMACSR_PUBDONE 0x00000002 /* Public op done (7951 only) */
++#define HIFN_DMACSR_ENGINE 0x00000001 /* Command Ring Engine IRQ */
++
++/* DMA Interrupt Enable Register (HIFN_1_DMA_IER) */
++#define HIFN_DMAIER_D_ABORT 0x20000000 /* Destination Ring PCIAbort */
++#define HIFN_DMAIER_D_DONE 0x10000000 /* Destination Ring Done */
++#define HIFN_DMAIER_D_LAST 0x08000000 /* Destination Ring Last */
++#define HIFN_DMAIER_D_WAIT 0x04000000 /* Destination Ring Waiting */
++#define HIFN_DMAIER_D_OVER 0x02000000 /* Destination Ring Overflow */
++#define HIFN_DMAIER_R_ABORT 0x00200000 /* Result Ring PCI Abort */
++#define HIFN_DMAIER_R_DONE 0x00100000 /* Result Ring Done */
++#define HIFN_DMAIER_R_LAST 0x00080000 /* Result Ring Last */
++#define HIFN_DMAIER_R_WAIT 0x00040000 /* Result Ring Waiting */
++#define HIFN_DMAIER_R_OVER 0x00020000 /* Result Ring Overflow */
++#define HIFN_DMAIER_S_ABORT 0x00002000 /* Source Ring PCI Abort */
++#define HIFN_DMAIER_S_DONE 0x00001000 /* Source Ring Done */
++#define HIFN_DMAIER_S_LAST 0x00000800 /* Source Ring Last */
++#define HIFN_DMAIER_S_WAIT 0x00000400 /* Source Ring Waiting */
++#define HIFN_DMAIER_ILLW 0x00000200 /* Illegal write (7811 only) */
++#define HIFN_DMAIER_ILLR 0x00000100 /* Illegal read (7811 only) */
++#define HIFN_DMAIER_C_ABORT 0x00000020 /* Command Ring PCI Abort */
++#define HIFN_DMAIER_C_DONE 0x00000010 /* Command Ring Done */
++#define HIFN_DMAIER_C_LAST 0x00000008 /* Command Ring Last */
++#define HIFN_DMAIER_C_WAIT 0x00000004 /* Command Ring Waiting */
++#define HIFN_DMAIER_PUBDONE 0x00000002 /* public op done (7951 only) */
++#define HIFN_DMAIER_ENGINE 0x00000001 /* Engine IRQ */
++
++/* DMA Configuration Register (HIFN_1_DMA_CNFG) */
++#define HIFN_DMACNFG_BIGENDIAN 0x10000000 /* big endian mode */
++#define HIFN_DMACNFG_POLLFREQ 0x00ff0000 /* Poll frequency mask */
++#define HIFN_DMACNFG_UNLOCK 0x00000800
++#define HIFN_DMACNFG_POLLINVAL 0x00000700 /* Invalid Poll Scalar */
++#define HIFN_DMACNFG_LAST 0x00000010 /* Host control LAST bit */
++#define HIFN_DMACNFG_MODE 0x00000004 /* DMA mode */
++#define HIFN_DMACNFG_DMARESET 0x00000002 /* DMA Reset # */
++#define HIFN_DMACNFG_MSTRESET 0x00000001 /* Master Reset # */
++
++/* DMA Configuration Register (HIFN_1_DMA_CNFG2) */
++#define HIFN_DMACNFG2_PKSWAP32 (1 << 19) /* swap the OPLEN/OP reg */
++#define HIFN_DMACNFG2_PKSWAP8 (1 << 18) /* swap the bits of OPLEN/OP */
++#define HIFN_DMACNFG2_BAR0_SWAP32 (1<<17) /* swap the bytes of BAR0 */
++#define HIFN_DMACNFG2_BAR1_SWAP8 (1<<16) /* swap the bits of BAR0 */
++#define HIFN_DMACNFG2_INIT_WRITE_BURST_SHIFT 12
++#define HIFN_DMACNFG2_INIT_READ_BURST_SHIFT 8
++#define HIFN_DMACNFG2_TGT_WRITE_BURST_SHIFT 4
++#define HIFN_DMACNFG2_TGT_READ_BURST_SHIFT 0
++
++/* 7811 RNG Enable Register (HIFN_1_7811_RNGENA) */
++#define HIFN_7811_RNGENA_ENA 0x00000001 /* enable RNG */
++
++/* 7811 RNG Config Register (HIFN_1_7811_RNGCFG) */
++#define HIFN_7811_RNGCFG_PRE1 0x00000f00 /* first prescalar */
++#define HIFN_7811_RNGCFG_OPRE 0x00000080 /* output prescalar */
++#define HIFN_7811_RNGCFG_DEFL 0x00000f80 /* 2 words/ 1/100 sec */
++
++/* 7811 RNG Status Register (HIFN_1_7811_RNGSTS) */
++#define HIFN_7811_RNGSTS_RDY 0x00004000 /* two numbers in FIFO */
++#define HIFN_7811_RNGSTS_UFL 0x00001000 /* rng underflow */
++
++/* 7811 MIPS Reset Register (HIFN_1_7811_MIPSRST) */
++#define HIFN_MIPSRST_BAR2SIZE 0xffff0000 /* sdram size */
++#define HIFN_MIPSRST_GPRAMINIT 0x00008000 /* gpram can be accessed */
++#define HIFN_MIPSRST_CRAMINIT 0x00004000 /* ctxram can be accessed */
++#define HIFN_MIPSRST_LED2 0x00000400 /* external LED2 */
++#define HIFN_MIPSRST_LED1 0x00000200 /* external LED1 */
++#define HIFN_MIPSRST_LED0 0x00000100 /* external LED0 */
++#define HIFN_MIPSRST_MIPSDIS 0x00000004 /* disable MIPS */
++#define HIFN_MIPSRST_MIPSRST 0x00000002 /* warm reset MIPS */
++#define HIFN_MIPSRST_MIPSCOLD 0x00000001 /* cold reset MIPS */
++
++/* Public key reset register (HIFN_1_PUB_RESET) */
++#define HIFN_PUBRST_RESET 0x00000001 /* reset public/rng unit */
++
++/* Public operation register (HIFN_1_PUB_OP) */
++#define HIFN_PUBOP_AOFFSET 0x0000003e /* A offset */
++#define HIFN_PUBOP_BOFFSET 0x00000fc0 /* B offset */
++#define HIFN_PUBOP_MOFFSET 0x0003f000 /* M offset */
++#define HIFN_PUBOP_OP_MASK 0x003c0000 /* Opcode: */
++#define HIFN_PUBOP_OP_NOP 0x00000000 /* NOP */
++#define HIFN_PUBOP_OP_ADD 0x00040000 /* ADD */
++#define HIFN_PUBOP_OP_ADDC 0x00080000 /* ADD w/carry */
++#define HIFN_PUBOP_OP_SUB 0x000c0000 /* SUB */
++#define HIFN_PUBOP_OP_SUBC 0x00100000 /* SUB w/carry */
++#define HIFN_PUBOP_OP_MODADD 0x00140000 /* Modular ADD */
++#define HIFN_PUBOP_OP_MODSUB 0x00180000 /* Modular SUB */
++#define HIFN_PUBOP_OP_INCA 0x001c0000 /* INC A */
++#define HIFN_PUBOP_OP_DECA 0x00200000 /* DEC A */
++#define HIFN_PUBOP_OP_MULT 0x00240000 /* MULT */
++#define HIFN_PUBOP_OP_MODMULT 0x00280000 /* Modular MULT */
++#define HIFN_PUBOP_OP_MODRED 0x002c0000 /* Modular Red */
++#define HIFN_PUBOP_OP_MODEXP 0x00300000 /* Modular Exp */
++
++/* Public operand length register (HIFN_1_PUB_OPLEN) */
++#define HIFN_PUBOPLEN_MODLEN 0x0000007f
++#define HIFN_PUBOPLEN_EXPLEN 0x0003ff80
++#define HIFN_PUBOPLEN_REDLEN 0x003c0000
++
++/* Public status register (HIFN_1_PUB_STATUS) */
++#define HIFN_PUBSTS_DONE 0x00000001 /* operation done */
++#define HIFN_PUBSTS_CARRY 0x00000002 /* carry */
++#define HIFN_PUBSTS_FIFO_EMPTY 0x00000100 /* fifo empty */
++#define HIFN_PUBSTS_FIFO_FULL 0x00000200 /* fifo full */
++#define HIFN_PUBSTS_FIFO_OVFL 0x00000400 /* fifo overflow */
++#define HIFN_PUBSTS_FIFO_WRITE 0x000f0000 /* fifo write */
++#define HIFN_PUBSTS_FIFO_READ 0x0f000000 /* fifo read */
++
++/* Public interrupt enable register (HIFN_1_PUB_IEN) */
++#define HIFN_PUBIEN_DONE 0x00000001 /* operation done interrupt */
++
++/* Random number generator config register (HIFN_1_RNG_CONFIG) */
++#define HIFN_RNGCFG_ENA 0x00000001 /* enable rng */
++
++/*
++ * Register offsets in register set 1
++ */
++
++#define HIFN_UNLOCK_SECRET1 0xf4
++#define HIFN_UNLOCK_SECRET2 0xfc
++
++/*
++ * PLL config register
++ *
++ * This register is present only on 7954/7955/7956 parts. It must be
++ * programmed according to the bus interface method used by the h/w.
++ * Note that the parts require a stable clock. Since the PCI clock
++ * may vary the reference clock must usually be used. To avoid
++ * overclocking the core logic, setup must be done carefully, refer
++ * to the driver for details. The exact multiplier required varies
++ * by part and system configuration; refer to the Hifn documentation.
++ */
++#define HIFN_PLL_REF_SEL 0x00000001 /* REF/HBI clk selection */
++#define HIFN_PLL_BP 0x00000002 /* bypass (used during setup) */
++/* bit 2 reserved */
++#define HIFN_PLL_PK_CLK_SEL 0x00000008 /* public key clk select */
++#define HIFN_PLL_PE_CLK_SEL 0x00000010 /* packet engine clk select */
++/* bits 5-9 reserved */
++#define HIFN_PLL_MBSET 0x00000400 /* must be set to 1 */
++#define HIFN_PLL_ND 0x00003800 /* Fpll_ref multiplier select */
++#define HIFN_PLL_ND_SHIFT 11
++#define HIFN_PLL_ND_2 0x00000000 /* 2x */
++#define HIFN_PLL_ND_4 0x00000800 /* 4x */
++#define HIFN_PLL_ND_6 0x00001000 /* 6x */
++#define HIFN_PLL_ND_8 0x00001800 /* 8x */
++#define HIFN_PLL_ND_10 0x00002000 /* 10x */
++#define HIFN_PLL_ND_12 0x00002800 /* 12x */
++/* bits 14-15 reserved */
++#define HIFN_PLL_IS 0x00010000 /* charge pump current select */
++/* bits 17-31 reserved */
++
++/*
++ * Board configuration specifies only these bits.
++ */
++#define HIFN_PLL_CONFIG (HIFN_PLL_IS|HIFN_PLL_ND|HIFN_PLL_REF_SEL)
++
++/*
++ * Public Key Engine Mode Register
++ */
++#define HIFN_PKMODE_HOSTINVERT (1 << 0) /* HOST INVERT */
++#define HIFN_PKMODE_ENHANCED (1 << 1) /* Enable enhanced mode */
++
++
++/*********************************************************************
++ * Structs for board commands
++ *
++ *********************************************************************/
++
++/*
++ * Structure to help build up the command data structure.
++ */
++typedef struct hifn_base_command {
++ volatile u_int16_t masks;
++ volatile u_int16_t session_num;
++ volatile u_int16_t total_source_count;
++ volatile u_int16_t total_dest_count;
++} hifn_base_command_t;
++
++#define HIFN_BASE_CMD_MAC 0x0400
++#define HIFN_BASE_CMD_CRYPT 0x0800
++#define HIFN_BASE_CMD_DECODE 0x2000
++#define HIFN_BASE_CMD_SRCLEN_M 0xc000
++#define HIFN_BASE_CMD_SRCLEN_S 14
++#define HIFN_BASE_CMD_DSTLEN_M 0x3000
++#define HIFN_BASE_CMD_DSTLEN_S 12
++#define HIFN_BASE_CMD_LENMASK_HI 0x30000
++#define HIFN_BASE_CMD_LENMASK_LO 0x0ffff
++
++/*
++ * Structure to help build up the command data structure.
++ */
++typedef struct hifn_crypt_command {
++ volatile u_int16_t masks;
++ volatile u_int16_t header_skip;
++ volatile u_int16_t source_count;
++ volatile u_int16_t reserved;
++} hifn_crypt_command_t;
++
++#define HIFN_CRYPT_CMD_ALG_MASK 0x0003 /* algorithm: */
++#define HIFN_CRYPT_CMD_ALG_DES 0x0000 /* DES */
++#define HIFN_CRYPT_CMD_ALG_3DES 0x0001 /* 3DES */
++#define HIFN_CRYPT_CMD_ALG_RC4 0x0002 /* RC4 */
++#define HIFN_CRYPT_CMD_ALG_AES 0x0003 /* AES */
++#define HIFN_CRYPT_CMD_MODE_MASK 0x0018 /* Encrypt mode: */
++#define HIFN_CRYPT_CMD_MODE_ECB 0x0000 /* ECB */
++#define HIFN_CRYPT_CMD_MODE_CBC 0x0008 /* CBC */
++#define HIFN_CRYPT_CMD_MODE_CFB 0x0010 /* CFB */
++#define HIFN_CRYPT_CMD_MODE_OFB 0x0018 /* OFB */
++#define HIFN_CRYPT_CMD_CLR_CTX 0x0040 /* clear context */
++#define HIFN_CRYPT_CMD_NEW_KEY 0x0800 /* expect new key */
++#define HIFN_CRYPT_CMD_NEW_IV 0x1000 /* expect new iv */
++
++#define HIFN_CRYPT_CMD_SRCLEN_M 0xc000
++#define HIFN_CRYPT_CMD_SRCLEN_S 14
++
++#define HIFN_CRYPT_CMD_KSZ_MASK 0x0600 /* AES key size: */
++#define HIFN_CRYPT_CMD_KSZ_128 0x0000 /* 128 bit */
++#define HIFN_CRYPT_CMD_KSZ_192 0x0200 /* 192 bit */
++#define HIFN_CRYPT_CMD_KSZ_256 0x0400 /* 256 bit */
++
++/*
++ * Structure to help build up the command data structure.
++ */
++typedef struct hifn_mac_command {
++ volatile u_int16_t masks;
++ volatile u_int16_t header_skip;
++ volatile u_int16_t source_count;
++ volatile u_int16_t reserved;
++} hifn_mac_command_t;
++
++#define HIFN_MAC_CMD_ALG_MASK 0x0001
++#define HIFN_MAC_CMD_ALG_SHA1 0x0000
++#define HIFN_MAC_CMD_ALG_MD5 0x0001
++#define HIFN_MAC_CMD_MODE_MASK 0x000c
++#define HIFN_MAC_CMD_MODE_HMAC 0x0000
++#define HIFN_MAC_CMD_MODE_SSL_MAC 0x0004
++#define HIFN_MAC_CMD_MODE_HASH 0x0008
++#define HIFN_MAC_CMD_MODE_FULL 0x0004
++#define HIFN_MAC_CMD_TRUNC 0x0010
++#define HIFN_MAC_CMD_RESULT 0x0020
++#define HIFN_MAC_CMD_APPEND 0x0040
++#define HIFN_MAC_CMD_SRCLEN_M 0xc000
++#define HIFN_MAC_CMD_SRCLEN_S 14
++
++/*
++ * MAC POS IPsec initiates authentication after encryption on encodes
++ * and before decryption on decodes.
++ */
++#define HIFN_MAC_CMD_POS_IPSEC 0x0200
++#define HIFN_MAC_CMD_NEW_KEY 0x0800
++
++/*
++ * The poll frequency and poll scalar defines are unshifted values used
++ * to set fields in the DMA Configuration Register.
++ */
++#ifndef HIFN_POLL_FREQUENCY
++#define HIFN_POLL_FREQUENCY 0x1
++#endif
++
++#ifndef HIFN_POLL_SCALAR
++#define HIFN_POLL_SCALAR 0x0
++#endif
++
++#define HIFN_MAX_SEGLEN 0xffff /* maximum dma segment len */
++#define HIFN_MAX_DMALEN 0x3ffff /* maximum dma length */
++#endif /* __HIFN_H__ */
+diff --git a/crypto/ocf/hifn/hifn7751var.h b/crypto/ocf/hifn/hifn7751var.h
+new file mode 100644
+index 0000000..9a5f231
+--- /dev/null
++++ b/crypto/ocf/hifn/hifn7751var.h
+@@ -0,0 +1,369 @@
++/* $FreeBSD: src/sys/dev/hifn/hifn7751var.h,v 1.9 2007/03/21 03:42:49 sam Exp $ */
++/* $OpenBSD: hifn7751var.h,v 1.42 2002/04/08 17:49:42 jason Exp $ */
++
++/*-
++ * Invertex AEON / Hifn 7751 driver
++ * Copyright (c) 1999 Invertex Inc. All rights reserved.
++ * Copyright (c) 1999 Theo de Raadt
++ * Copyright (c) 2000-2001 Network Security Technologies, Inc.
++ * http://www.netsec.net
++ *
++ * Please send any comments, feedback, bug-fixes, or feature requests to
++ * software at invertex.com.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored in part by the Defense Advanced Research Projects
++ * Agency (DARPA) and Air Force Research Laboratory, Air Force
++ * Materiel Command, USAF, under agreement number F30602-01-2-0537.
++ *
++ */
++
++#ifndef __HIFN7751VAR_H__
++#define __HIFN7751VAR_H__
++
++#ifdef __KERNEL__
++
++/*
++ * Some configurable values for the driver. By default command+result
++ * descriptor rings are the same size. The src+dst descriptor rings
++ * are sized at 3.5x the number of potential commands. Slower parts
++ * (e.g. 7951) tend to run out of src descriptors; faster parts (7811)
++ * src+cmd/result descriptors. It's not clear that increasing the size
++ * of the descriptor rings helps performance significantly as other
++ * factors tend to come into play (e.g. copying misaligned packets).
++ */
++#define HIFN_D_CMD_RSIZE 24 /* command descriptors */
++#define HIFN_D_SRC_RSIZE ((HIFN_D_CMD_RSIZE * 7) / 2) /* source descriptors */
++#define HIFN_D_RES_RSIZE HIFN_D_CMD_RSIZE /* result descriptors */
++#define HIFN_D_DST_RSIZE HIFN_D_SRC_RSIZE /* destination descriptors */
++
++/*
++ * Length values for cryptography
++ */
++#define HIFN_DES_KEY_LENGTH 8
++#define HIFN_3DES_KEY_LENGTH 24
++#define HIFN_MAX_CRYPT_KEY_LENGTH HIFN_3DES_KEY_LENGTH
++#define HIFN_IV_LENGTH 8
++#define HIFN_AES_IV_LENGTH 16
++#define HIFN_MAX_IV_LENGTH HIFN_AES_IV_LENGTH
++
++/*
++ * Length values for authentication
++ */
++#define HIFN_MAC_KEY_LENGTH 64
++#define HIFN_MD5_LENGTH 16
++#define HIFN_SHA1_LENGTH 20
++#define HIFN_MAC_TRUNC_LENGTH 12
++
++#define MAX_SCATTER 64
++
++/*
++ * Data structure to hold all 4 rings and any other ring related data.
++ */
++struct hifn_dma {
++ /*
++ * Descriptor rings. We add +1 to the size to accomidate the
++ * jump descriptor.
++ */
++ struct hifn_desc cmdr[HIFN_D_CMD_RSIZE+1];
++ struct hifn_desc srcr[HIFN_D_SRC_RSIZE+1];
++ struct hifn_desc dstr[HIFN_D_DST_RSIZE+1];
++ struct hifn_desc resr[HIFN_D_RES_RSIZE+1];
++
++ struct hifn_command *hifn_commands[HIFN_D_RES_RSIZE];
++
++ u_char command_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_COMMAND];
++ u_char result_bufs[HIFN_D_CMD_RSIZE][HIFN_MAX_RESULT];
++ u_int32_t slop[HIFN_D_CMD_RSIZE];
++
++ u_int64_t test_src, test_dst;
++
++ /*
++ * Our current positions for insertion and removal from the desriptor
++ * rings.
++ */
++ int cmdi, srci, dsti, resi;
++ volatile int cmdu, srcu, dstu, resu;
++ int cmdk, srck, dstk, resk;
++};
++
++struct hifn_session {
++ int hs_used;
++ int hs_mlen;
++ u_int8_t hs_iv[HIFN_MAX_IV_LENGTH];
++};
++
++#define HIFN_RING_SYNC(sc, r, i, f) \
++ /* DAVIDM bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f)) */
++
++#define HIFN_CMDR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), cmdr, (i), (f))
++#define HIFN_RESR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), resr, (i), (f))
++#define HIFN_SRCR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), srcr, (i), (f))
++#define HIFN_DSTR_SYNC(sc, i, f) HIFN_RING_SYNC((sc), dstr, (i), (f))
++
++#define HIFN_CMD_SYNC(sc, i, f) \
++ /* DAVIDM bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f)) */
++
++#define HIFN_RES_SYNC(sc, i, f) \
++ /* DAVIDM bus_dmamap_sync((sc)->sc_dmat, (sc)->sc_dmamap, (f)) */
++
++typedef int bus_size_t;
++
++/*
++ * Holds data specific to a single HIFN board.
++ */
++struct hifn_softc {
++ softc_device_decl sc_dev;
++
++ struct pci_dev *sc_pcidev; /* PCI device pointer */
++ spinlock_t sc_mtx; /* per-instance lock */
++
++ int sc_num; /* for multiple devs */
++
++ ocf_iomem_t sc_bar0;
++ bus_size_t sc_bar0_lastreg;/* bar0 last reg written */
++ ocf_iomem_t sc_bar1;
++ bus_size_t sc_bar1_lastreg;/* bar1 last reg written */
++
++ int sc_irq;
++
++ u_int32_t sc_dmaier;
++ u_int32_t sc_drammodel; /* 1=dram, 0=sram */
++ u_int32_t sc_pllconfig; /* 7954/7955/7956 PLL config */
++
++ struct hifn_dma *sc_dma;
++ dma_addr_t sc_dma_physaddr;/* physical address of sc_dma */
++
++ int sc_dmansegs;
++ int32_t sc_cid;
++ int sc_maxses;
++ int sc_nsessions;
++ struct hifn_session *sc_sessions;
++ int sc_ramsize;
++ int sc_flags;
++#define HIFN_HAS_RNG 0x1 /* includes random number generator */
++#define HIFN_HAS_PUBLIC 0x2 /* includes public key support */
++#define HIFN_HAS_AES 0x4 /* includes AES support */
++#define HIFN_IS_7811 0x8 /* Hifn 7811 part */
++#define HIFN_IS_7956 0x10 /* Hifn 7956/7955 don't have SDRAM */
++
++ struct timer_list sc_tickto; /* for managing DMA */
++
++ int sc_rngfirst;
++ int sc_rnghz; /* RNG polling frequency */
++
++ int sc_c_busy; /* command ring busy */
++ int sc_s_busy; /* source data ring busy */
++ int sc_d_busy; /* destination data ring busy */
++ int sc_r_busy; /* result ring busy */
++ int sc_active; /* for initial countdown */
++ int sc_needwakeup; /* ops q'd wating on resources */
++ int sc_curbatch; /* # ops submitted w/o int */
++ int sc_suspended;
++#ifdef HIFN_VULCANDEV
++ struct cdev *sc_pkdev;
++#endif
++};
++
++#define HIFN_LOCK(_sc) spin_lock_irqsave(&(_sc)->sc_mtx, l_flags)
++#define HIFN_UNLOCK(_sc) spin_unlock_irqrestore(&(_sc)->sc_mtx, l_flags)
++
++/*
++ * hifn_command_t
++ *
++ * This is the control structure used to pass commands to hifn_encrypt().
++ *
++ * flags
++ * -----
++ * Flags is the bitwise "or" values for command configuration. A single
++ * encrypt direction needs to be set:
++ *
++ * HIFN_ENCODE or HIFN_DECODE
++ *
++ * To use cryptography, a single crypto algorithm must be included:
++ *
++ * HIFN_CRYPT_3DES or HIFN_CRYPT_DES
++ *
++ * To use authentication is used, a single MAC algorithm must be included:
++ *
++ * HIFN_MAC_MD5 or HIFN_MAC_SHA1
++ *
++ * By default MD5 uses a 16 byte hash and SHA-1 uses a 20 byte hash.
++ * If the value below is set, hash values are truncated or assumed
++ * truncated to 12 bytes:
++ *
++ * HIFN_MAC_TRUNC
++ *
++ * Keys for encryption and authentication can be sent as part of a command,
++ * or the last key value used with a particular session can be retrieved
++ * and used again if either of these flags are not specified.
++ *
++ * HIFN_CRYPT_NEW_KEY, HIFN_MAC_NEW_KEY
++ *
++ * session_num
++ * -----------
++ * A number between 0 and 2048 (for DRAM models) or a number between
++ * 0 and 768 (for SRAM models). Those who don't want to use session
++ * numbers should leave value at zero and send a new crypt key and/or
++ * new MAC key on every command. If you use session numbers and
++ * don't send a key with a command, the last key sent for that same
++ * session number will be used.
++ *
++ * Warning: Using session numbers and multiboard at the same time
++ * is currently broken.
++ *
++ * mbuf
++ * ----
++ * Either fill in the mbuf pointer and npa=0 or
++ * fill packp[] and packl[] and set npa to > 0
++ *
++ * mac_header_skip
++ * ---------------
++ * The number of bytes of the source_buf that are skipped over before
++ * authentication begins. This must be a number between 0 and 2^16-1
++ * and can be used by IPsec implementers to skip over IP headers.
++ * *** Value ignored if authentication not used ***
++ *
++ * crypt_header_skip
++ * -----------------
++ * The number of bytes of the source_buf that are skipped over before
++ * the cryptographic operation begins. This must be a number between 0
++ * and 2^16-1. For IPsec, this number will always be 8 bytes larger
++ * than the auth_header_skip (to skip over the ESP header).
++ * *** Value ignored if cryptography not used ***
++ *
++ */
++struct hifn_operand {
++ union {
++ struct sk_buff *skb;
++ struct uio *io;
++ unsigned char *buf;
++ } u;
++ void *map;
++ bus_size_t mapsize;
++ int nsegs;
++ struct {
++ dma_addr_t ds_addr;
++ int ds_len;
++ } segs[MAX_SCATTER];
++};
++
++struct hifn_command {
++ u_int16_t session_num;
++ u_int16_t base_masks, cry_masks, mac_masks;
++ u_int8_t iv[HIFN_MAX_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH];
++ int cklen;
++ int sloplen, slopidx;
++
++ struct hifn_operand src;
++ struct hifn_operand dst;
++
++ struct hifn_softc *softc;
++ struct cryptop *crp;
++ struct cryptodesc *enccrd, *maccrd;
++};
++
++#define src_skb src.u.skb
++#define src_io src.u.io
++#define src_map src.map
++#define src_mapsize src.mapsize
++#define src_segs src.segs
++#define src_nsegs src.nsegs
++#define src_buf src.u.buf
++
++#define dst_skb dst.u.skb
++#define dst_io dst.u.io
++#define dst_map dst.map
++#define dst_mapsize dst.mapsize
++#define dst_segs dst.segs
++#define dst_nsegs dst.nsegs
++#define dst_buf dst.u.buf
++
++/*
++ * Return values for hifn_crypto()
++ */
++#define HIFN_CRYPTO_SUCCESS 0
++#define HIFN_CRYPTO_BAD_INPUT (-1)
++#define HIFN_CRYPTO_RINGS_FULL (-2)
++
++/**************************************************************************
++ *
++ * Function: hifn_crypto
++ *
++ * Purpose: Called by external drivers to begin an encryption on the
++ * HIFN board.
++ *
++ * Blocking/Non-blocking Issues
++ * ============================
++ * The driver cannot block in hifn_crypto (no calls to tsleep) currently.
++ * hifn_crypto() returns HIFN_CRYPTO_RINGS_FULL if there is not enough
++ * room in any of the rings for the request to proceed.
++ *
++ * Return Values
++ * =============
++ * 0 for success, negative values on error
++ *
++ * Defines for negative error codes are:
++ *
++ * HIFN_CRYPTO_BAD_INPUT : The passed in command had invalid settings.
++ * HIFN_CRYPTO_RINGS_FULL : All DMA rings were full and non-blocking
++ * behaviour was requested.
++ *
++ *************************************************************************/
++
++/*
++ * Convert back and forth from 'sid' to 'card' and 'session'
++ */
++#define HIFN_CARD(sid) (((sid) & 0xf0000000) >> 28)
++#define HIFN_SESSION(sid) ((sid) & 0x000007ff)
++#define HIFN_SID(crd,ses) (((crd) << 28) | ((ses) & 0x7ff))
++
++#endif /* _KERNEL */
++
++struct hifn_stats {
++ u_int64_t hst_ibytes;
++ u_int64_t hst_obytes;
++ u_int32_t hst_ipackets;
++ u_int32_t hst_opackets;
++ u_int32_t hst_invalid;
++ u_int32_t hst_nomem; /* malloc or one of hst_nomem_* */
++ u_int32_t hst_abort;
++ u_int32_t hst_noirq; /* IRQ for no reason */
++ u_int32_t hst_totbatch; /* ops submitted w/o interrupt */
++ u_int32_t hst_maxbatch; /* max ops submitted together */
++ u_int32_t hst_unaligned; /* unaligned src caused copy */
++ /*
++ * The following divides hst_nomem into more specific buckets.
++ */
++ u_int32_t hst_nomem_map; /* bus_dmamap_create failed */
++ u_int32_t hst_nomem_load; /* bus_dmamap_load_* failed */
++ u_int32_t hst_nomem_mbuf; /* MGET* failed */
++ u_int32_t hst_nomem_mcl; /* MCLGET* failed */
++ u_int32_t hst_nomem_cr; /* out of command/result descriptor */
++ u_int32_t hst_nomem_sd; /* out of src/dst descriptors */
++};
++
++#endif /* __HIFN7751VAR_H__ */
+diff --git a/crypto/ocf/hifn/hifnHIPP.c b/crypto/ocf/hifn/hifnHIPP.c
+new file mode 100644
+index 0000000..45ad7ba
+--- /dev/null
++++ b/crypto/ocf/hifn/hifnHIPP.c
+@@ -0,0 +1,420 @@
++/*-
++ * Driver for Hifn HIPP-I/II chipset
++ * Copyright (c) 2006 Michael Richardson <mcr at xelerance.com>
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored by Hifn Inc.
++ *
++ */
++
++/*
++ * Driver for various Hifn encryption processors.
++ */
++#ifndef AUTOCONF_INCLUDED
++#include <linux/config.h>
++#endif
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/list.h>
++#include <linux/slab.h>
++#include <linux/wait.h>
++#include <linux/sched.h>
++#include <linux/pci.h>
++#include <linux/delay.h>
++#include <linux/interrupt.h>
++#include <linux/spinlock.h>
++#include <linux/random.h>
++#include <linux/version.h>
++#include <linux/skbuff.h>
++#include <linux/uio.h>
++#include <linux/sysfs.h>
++#include <linux/miscdevice.h>
++#include <asm/io.h>
++
++#include <cryptodev.h>
++
++#include "hifnHIPPreg.h"
++#include "hifnHIPPvar.h"
++
++#if 1
++#define DPRINTF(a...) if (hipp_debug) { \
++ printk("%s: ", sc ? \
++ device_get_nameunit(sc->sc_dev) : "hifn"); \
++ printk(a); \
++ } else
++#else
++#define DPRINTF(a...)
++#endif
++
++typedef int bus_size_t;
++
++static inline int
++pci_get_revid(struct pci_dev *dev)
++{
++ u8 rid = 0;
++ pci_read_config_byte(dev, PCI_REVISION_ID, &rid);
++ return rid;
++}
++
++#define debug hipp_debug
++int hipp_debug = 0;
++module_param(hipp_debug, int, 0644);
++MODULE_PARM_DESC(hipp_debug, "Enable debug");
++
++int hipp_maxbatch = 1;
++module_param(hipp_maxbatch, int, 0644);
++MODULE_PARM_DESC(hipp_maxbatch, "max ops to batch w/o interrupt");
++
++static int hipp_probe(struct pci_dev *dev, const struct pci_device_id *ent);
++static void hipp_remove(struct pci_dev *dev);
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
++static irqreturn_t hipp_intr(int irq, void *arg);
++#else
++static irqreturn_t hipp_intr(int irq, void *arg, struct pt_regs *regs);
++#endif
++
++static int hipp_num_chips = 0;
++static struct hipp_softc *hipp_chip_idx[HIPP_MAX_CHIPS];
++
++static int hipp_newsession(device_t, u_int32_t *, struct cryptoini *);
++static int hipp_freesession(device_t, u_int64_t);
++static int hipp_process(device_t, struct cryptop *, int);
++
++static device_method_t hipp_methods = {
++ /* crypto device methods */
++ DEVMETHOD(cryptodev_newsession, hipp_newsession),
++ DEVMETHOD(cryptodev_freesession,hipp_freesession),
++ DEVMETHOD(cryptodev_process, hipp_process),
++};
++
++static __inline u_int32_t
++READ_REG(struct hipp_softc *sc, unsigned int barno, bus_size_t reg)
++{
++ u_int32_t v = readl(sc->sc_bar[barno] + reg);
++ //sc->sc_bar0_lastreg = (bus_size_t) -1;
++ return (v);
++}
++static __inline void
++WRITE_REG(struct hipp_softc *sc, unsigned int barno, bus_size_t reg, u_int32_t val)
++{
++ writel(val, sc->sc_bar[barno] + reg);
++}
++
++#define READ_REG_0(sc, reg) READ_REG(sc, 0, reg)
++#define WRITE_REG_0(sc, reg, val) WRITE_REG(sc,0, reg, val)
++#define READ_REG_1(sc, reg) READ_REG(sc, 1, reg)
++#define WRITE_REG_1(sc, reg, val) WRITE_REG(sc,1, reg, val)
++
++static int
++hipp_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri)
++{
++ return EINVAL;
++}
++
++static int
++hipp_freesession(device_t dev, u_int64_t tid)
++{
++ return EINVAL;
++}
++
++static int
++hipp_process(device_t dev, struct cryptop *crp, int hint)
++{
++ return EINVAL;
++}
++
++static const char*
++hipp_partname(struct hipp_softc *sc, char buf[128], size_t blen)
++{
++ char *n = NULL;
++
++ switch (pci_get_vendor(sc->sc_pcidev)) {
++ case PCI_VENDOR_HIFN:
++ switch (pci_get_device(sc->sc_pcidev)) {
++ case PCI_PRODUCT_HIFN_7855: n = "Hifn 7855";
++ case PCI_PRODUCT_HIFN_8155: n = "Hifn 8155";
++ case PCI_PRODUCT_HIFN_6500: n = "Hifn 6500";
++ }
++ }
++
++ if(n==NULL) {
++ snprintf(buf, blen, "VID=%02x,PID=%02x",
++ pci_get_vendor(sc->sc_pcidev),
++ pci_get_device(sc->sc_pcidev));
++ } else {
++ buf[0]='\0';
++ strncat(buf, n, blen);
++ }
++ return buf;
++}
++
++struct hipp_fs_entry {
++ struct attribute attr;
++ /* other stuff */
++};
++
++
++static ssize_t
++cryptoid_show(struct device *dev,
++ struct device_attribute *attr,
++ char *buf)
++{
++ struct hipp_softc *sc;
++
++ sc = pci_get_drvdata(to_pci_dev (dev));
++ return sprintf (buf, "%d\n", sc->sc_cid);
++}
++
++struct device_attribute hipp_dev_cryptoid = __ATTR_RO(cryptoid);
++
++/*
++ * Attach an interface that successfully probed.
++ */
++static int
++hipp_probe(struct pci_dev *dev, const struct pci_device_id *ent)
++{
++ struct hipp_softc *sc = NULL;
++ int i;
++ //char rbase;
++ //u_int16_t ena;
++ int rev;
++ //int rseg;
++ int rc;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ if (pci_enable_device(dev) < 0)
++ return(-ENODEV);
++
++ if (pci_set_mwi(dev))
++ return(-ENODEV);
++
++ if (!dev->irq) {
++ printk("hifn: found device with no IRQ assigned. check BIOS settings!");
++ pci_disable_device(dev);
++ return(-ENODEV);
++ }
++
++ sc = (struct hipp_softc *) kmalloc(sizeof(*sc), GFP_KERNEL);
++ if (!sc)
++ return(-ENOMEM);
++ memset(sc, 0, sizeof(*sc));
++
++ softc_device_init(sc, "hifn-hipp", hipp_num_chips, hipp_methods);
++
++ sc->sc_pcidev = dev;
++ sc->sc_irq = -1;
++ sc->sc_cid = -1;
++ sc->sc_num = hipp_num_chips++;
++
++ if (sc->sc_num < HIPP_MAX_CHIPS)
++ hipp_chip_idx[sc->sc_num] = sc;
++
++ pci_set_drvdata(sc->sc_pcidev, sc);
++
++ spin_lock_init(&sc->sc_mtx);
++
++ /*
++ * Setup PCI resources.
++ * The READ_REG_0, WRITE_REG_0, READ_REG_1,
++ * and WRITE_REG_1 macros throughout the driver are used
++ * to permit better debugging.
++ */
++ for(i=0; i<4; i++) {
++ unsigned long mem_start, mem_len;
++ mem_start = pci_resource_start(sc->sc_pcidev, i);
++ mem_len = pci_resource_len(sc->sc_pcidev, i);
++ sc->sc_barphy[i] = (caddr_t)mem_start;
++ sc->sc_bar[i] = (ocf_iomem_t) ioremap(mem_start, mem_len);
++ if (!sc->sc_bar[i]) {
++ device_printf(sc->sc_dev, "cannot map bar%d register space\n", i);
++ goto fail;
++ }
++ }
++
++ //hipp_reset_board(sc, 0);
++ pci_set_master(sc->sc_pcidev);
++
++ /*
++ * Arrange the interrupt line.
++ */
++ rc = request_irq(dev->irq, hipp_intr, IRQF_SHARED, "hifn", sc);
++ if (rc) {
++ device_printf(sc->sc_dev, "could not map interrupt: %d\n", rc);
++ goto fail;
++ }
++ sc->sc_irq = dev->irq;
++
++ rev = READ_REG_1(sc, HIPP_1_REVID) & 0xffff;
++
++ {
++ char b[32];
++ device_printf(sc->sc_dev, "%s, rev %u",
++ hipp_partname(sc, b, sizeof(b)), rev);
++ }
++
++#if 0
++ if (sc->sc_flags & HIFN_IS_7956)
++ printf(", pll=0x%x<%s clk, %ux mult>",
++ sc->sc_pllconfig,
++ sc->sc_pllconfig & HIFN_PLL_REF_SEL ? "ext" : "pci",
++ 2 + 2*((sc->sc_pllconfig & HIFN_PLL_ND) >> 11));
++#endif
++ printf("\n");
++
++ sc->sc_cid = crypto_get_driverid(softc_get_device(sc),CRYPTOCAP_F_HARDWARE);
++ if (sc->sc_cid < 0) {
++ device_printf(sc->sc_dev, "could not get crypto driver id\n");
++ goto fail;
++ }
++
++#if 0 /* cannot work with a non-GPL module */
++ /* make a sysfs entry to let the world know what entry we got */
++ sysfs_create_file(&sc->sc_pcidev->dev.kobj, &hipp_dev_cryptoid.attr);
++#endif
++
++#if 0
++ init_timer(&sc->sc_tickto);
++ sc->sc_tickto.function = hifn_tick;
++ sc->sc_tickto.data = (unsigned long) sc->sc_num;
++ mod_timer(&sc->sc_tickto, jiffies + HZ);
++#endif
++
++#if 0 /* no code here yet ?? */
++ crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0);
++#endif
++
++ return (0);
++
++fail:
++ if (sc->sc_cid >= 0)
++ crypto_unregister_all(sc->sc_cid);
++ if (sc->sc_irq != -1)
++ free_irq(sc->sc_irq, sc);
++
++#if 0
++ if (sc->sc_dma) {
++ /* Turn off DMA polling */
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_MSTRESET |
++ HIFN_DMACNFG_DMARESET | HIFN_DMACNFG_MODE);
++
++ pci_free_consistent(sc->sc_pcidev,
++ sizeof(*sc->sc_dma),
++ sc->sc_dma, sc->sc_dma_physaddr);
++ }
++#endif
++ kfree(sc);
++ return (-ENXIO);
++}
++
++/*
++ * Detach an interface that successfully probed.
++ */
++static void
++hipp_remove(struct pci_dev *dev)
++{
++ struct hipp_softc *sc = pci_get_drvdata(dev);
++ unsigned long l_flags;
++
++ DPRINTF("%s()\n", __FUNCTION__);
++
++ /* disable interrupts */
++ HIPP_LOCK(sc);
++
++#if 0
++ WRITE_REG_1(sc, HIFN_1_DMA_IER, 0);
++ HIFN_UNLOCK(sc);
++
++ /*XXX other resources */
++ del_timer_sync(&sc->sc_tickto);
++
++ /* Turn off DMA polling */
++ WRITE_REG_1(sc, HIFN_1_DMA_CNFG, HIFN_DMACNFG_MSTRESET |
++ HIFN_DMACNFG_DMARESET | HIFN_DMACNFG_MODE);
++#endif
++
++ crypto_unregister_all(sc->sc_cid);
++
++ free_irq(sc->sc_irq, sc);
++
++#if 0
++ pci_free_consistent(sc->sc_pcidev, sizeof(*sc->sc_dma),
++ sc->sc_dma, sc->sc_dma_physaddr);
++#endif
++}
++
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
++static irqreturn_t hipp_intr(int irq, void *arg)
++#else
++static irqreturn_t hipp_intr(int irq, void *arg, struct pt_regs *regs)
++#endif
++{
++ struct hipp_softc *sc = arg;
++
++ sc = sc; /* shut up compiler */
++
++ return IRQ_HANDLED;
++}
++
++static struct pci_device_id hipp_pci_tbl[] = {
++ { PCI_VENDOR_HIFN, PCI_PRODUCT_HIFN_7855,
++ PCI_ANY_ID, PCI_ANY_ID, 0, 0, },
++ { PCI_VENDOR_HIFN, PCI_PRODUCT_HIFN_8155,
++ PCI_ANY_ID, PCI_ANY_ID, 0, 0, },
++};
++MODULE_DEVICE_TABLE(pci, hipp_pci_tbl);
++
++static struct pci_driver hipp_driver = {
++ .name = "hipp",
++ .id_table = hipp_pci_tbl,
++ .probe = hipp_probe,
++ .remove = hipp_remove,
++ /* add PM stuff here one day */
++};
++
++static int __init hipp_init (void)
++{
++ struct hipp_softc *sc = NULL;
++ int rc;
++
++ DPRINTF("%s(%p)\n", __FUNCTION__, hipp_init);
++
++ rc = pci_register_driver(&hipp_driver);
++ pci_register_driver_compat(&hipp_driver, rc);
++
++ return rc;
++}
++
++static void __exit hipp_exit (void)
++{
++ pci_unregister_driver(&hipp_driver);
++}
++
++module_init(hipp_init);
++module_exit(hipp_exit);
++
++MODULE_LICENSE("BSD");
++MODULE_AUTHOR("Michael Richardson <mcr at xelerance.com>");
++MODULE_DESCRIPTION("OCF driver for hifn HIPP-I/II PCI crypto devices");
+diff --git a/crypto/ocf/hifn/hifnHIPPreg.h b/crypto/ocf/hifn/hifnHIPPreg.h
+new file mode 100644
+index 0000000..8c0e720
+--- /dev/null
++++ b/crypto/ocf/hifn/hifnHIPPreg.h
+@@ -0,0 +1,46 @@
++/*-
++ * Hifn HIPP-I/HIPP-II (7855/8155) driver.
++ * Copyright (c) 2006 Michael Richardson <mcr at xelerance.com>
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored by Hifn inc.
++ *
++ */
++
++#ifndef __HIFNHIPP_H__
++#define __HIFNHIPP_H__
++
++/*
++ * PCI vendor and device identifiers
++ */
++#define PCI_VENDOR_HIFN 0x13a3 /* Hifn */
++#define PCI_PRODUCT_HIFN_6500 0x0006 /* 6500 */
++#define PCI_PRODUCT_HIFN_7855 0x001f /* 7855 */
++#define PCI_PRODUCT_HIFN_8155 0x999 /* XXX 8155 */
++
++#define HIPP_1_REVID 0x01 /* BOGUS */
++
++#endif /* __HIPP_H__ */
+diff --git a/crypto/ocf/hifn/hifnHIPPvar.h b/crypto/ocf/hifn/hifnHIPPvar.h
+new file mode 100644
+index 0000000..61d292f
+--- /dev/null
++++ b/crypto/ocf/hifn/hifnHIPPvar.h
+@@ -0,0 +1,93 @@
++/*
++ * Hifn HIPP-I/HIPP-II (7855/8155) driver.
++ * Copyright (c) 2006 Michael Richardson <mcr at xelerance.com> *
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. The name of the author may not be used to endorse or promote products
++ * derived from this software without specific prior written permission.
++ *
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ *
++ * Effort sponsored by Hifn inc.
++ *
++ */
++
++#ifndef __HIFNHIPPVAR_H__
++#define __HIFNHIPPVAR_H__
++
++#define HIPP_MAX_CHIPS 8
++
++/*
++ * Holds data specific to a single Hifn HIPP-I board.
++ */
++struct hipp_softc {
++ softc_device_decl sc_dev;
++
++ struct pci_dev *sc_pcidev; /* device backpointer */
++ ocf_iomem_t sc_bar[5];
++ caddr_t sc_barphy[5]; /* physical address */
++ int sc_num; /* for multiple devs */
++ spinlock_t sc_mtx; /* per-instance lock */
++ int32_t sc_cid;
++ int sc_irq;
++
++#if 0
++
++ u_int32_t sc_dmaier;
++ u_int32_t sc_drammodel; /* 1=dram, 0=sram */
++ u_int32_t sc_pllconfig; /* 7954/7955/7956 PLL config */
++
++ struct hifn_dma *sc_dma;
++ dma_addr_t sc_dma_physaddr;/* physical address of sc_dma */
++
++ int sc_dmansegs;
++ int sc_maxses;
++ int sc_nsessions;
++ struct hifn_session *sc_sessions;
++ int sc_ramsize;
++ int sc_flags;
++#define HIFN_HAS_RNG 0x1 /* includes random number generator */
++#define HIFN_HAS_PUBLIC 0x2 /* includes public key support */
++#define HIFN_HAS_AES 0x4 /* includes AES support */
++#define HIFN_IS_7811 0x8 /* Hifn 7811 part */
++#define HIFN_IS_7956 0x10 /* Hifn 7956/7955 don't have SDRAM */
++
++ struct timer_list sc_tickto; /* for managing DMA */
++
++ int sc_rngfirst;
++ int sc_rnghz; /* RNG polling frequency */
++
++ int sc_c_busy; /* command ring busy */
++ int sc_s_busy; /* source data ring busy */
++ int sc_d_busy; /* destination data ring busy */
++ int sc_r_busy; /* result ring busy */
++ int sc_active; /* for initial countdown */
++ int sc_needwakeup; /* ops q'd wating on resources */
++ int sc_curbatch; /* # ops submitted w/o int */
++ int sc_suspended;
++ struct miscdevice sc_miscdev;
++#endif
++};
++
++#define HIPP_LOCK(_sc) spin_lock_irqsave(&(_sc)->sc_mtx, l_flags)
++#define HIPP_UNLOCK(_sc) spin_unlock_irqrestore(&(_sc)->sc_mtx, l_flags)
++
++#endif /* __HIFNHIPPVAR_H__ */
+diff --git a/crypto/ocf/ixp4xx/Makefile b/crypto/ocf/ixp4xx/Makefile
+new file mode 100644
+index 0000000..d94a3b7
+--- /dev/null
++++ b/crypto/ocf/ixp4xx/Makefile
+@@ -0,0 +1,104 @@
++# for SGlinux builds
++-include $(ROOTDIR)/modules/.config
++
++#
++# You will need to point this at your Intel ixp425 includes, this portion
++# of the Makefile only really works under SGLinux with the appropriate libs
++# installed. They can be downloaded from http://www.snapgear.org/
++#
++ifeq ($(CONFIG_CPU_IXP46X),y)
++IXPLATFORM = ixp46X
++else
++ifeq ($(CONFIG_CPU_IXP43X),y)
++IXPLATFORM = ixp43X
++else
++IXPLATFORM = ixp42X
++endif
++endif
++
++ifdef CONFIG_IXP400_LIB_2_4
++IX_XSCALE_SW = $(ROOTDIR)/modules/ixp425/ixp400-2.4/ixp400_xscale_sw
++OSAL_DIR = $(ROOTDIR)/modules/ixp425/ixp400-2.4/ixp_osal
++endif
++ifdef CONFIG_IXP400_LIB_2_1
++IX_XSCALE_SW = $(ROOTDIR)/modules/ixp425/ixp400-2.1/ixp400_xscale_sw
++OSAL_DIR = $(ROOTDIR)/modules/ixp425/ixp400-2.1/ixp_osal
++endif
++ifdef CONFIG_IXP400_LIB_2_0
++IX_XSCALE_SW = $(ROOTDIR)/modules/ixp425/ixp400-2.0/ixp400_xscale_sw
++OSAL_DIR = $(ROOTDIR)/modules/ixp425/ixp400-2.0/ixp_osal
++endif
++ifdef IX_XSCALE_SW
++ifdef CONFIG_IXP400_LIB_2_4
++IXP_CFLAGS = \
++ -I$(ROOTDIR)/. \
++ -I$(IX_XSCALE_SW)/src/include \
++ -I$(OSAL_DIR)/common/include/ \
++ -I$(OSAL_DIR)/common/include/modules/ \
++ -I$(OSAL_DIR)/common/include/modules/ddk/ \
++ -I$(OSAL_DIR)/common/include/modules/bufferMgt/ \
++ -I$(OSAL_DIR)/common/include/modules/ioMem/ \
++ -I$(OSAL_DIR)/common/os/linux/include/ \
++ -I$(OSAL_DIR)/common/os/linux/include/core/ \
++ -I$(OSAL_DIR)/common/os/linux/include/modules/ \
++ -I$(OSAL_DIR)/common/os/linux/include/modules/ddk/ \
++ -I$(OSAL_DIR)/common/os/linux/include/modules/bufferMgt/ \
++ -I$(OSAL_DIR)/common/os/linux/include/modules/ioMem/ \
++ -I$(OSAL_DIR)/platforms/$(IXPLATFORM)/include/ \
++ -I$(OSAL_DIR)/platforms/$(IXPLATFORM)/os/linux/include/ \
++ -DENABLE_IOMEM -DENABLE_BUFFERMGT -DENABLE_DDK \
++ -DUSE_IXP4XX_CRYPTO
++else
++IXP_CFLAGS = \
++ -I$(ROOTDIR)/. \
++ -I$(IX_XSCALE_SW)/src/include \
++ -I$(OSAL_DIR)/ \
++ -I$(OSAL_DIR)/os/linux/include/ \
++ -I$(OSAL_DIR)/os/linux/include/modules/ \
++ -I$(OSAL_DIR)/os/linux/include/modules/ioMem/ \
++ -I$(OSAL_DIR)/os/linux/include/modules/bufferMgt/ \
++ -I$(OSAL_DIR)/os/linux/include/core/ \
++ -I$(OSAL_DIR)/os/linux/include/platforms/ \
++ -I$(OSAL_DIR)/os/linux/include/platforms/ixp400/ \
++ -I$(OSAL_DIR)/os/linux/include/platforms/ixp400/ixp425 \
++ -I$(OSAL_DIR)/os/linux/include/platforms/ixp400/ixp465 \
++ -I$(OSAL_DIR)/os/linux/include/core/ \
++ -I$(OSAL_DIR)/include/ \
++ -I$(OSAL_DIR)/include/modules/ \
++ -I$(OSAL_DIR)/include/modules/bufferMgt/ \
++ -I$(OSAL_DIR)/include/modules/ioMem/ \
++ -I$(OSAL_DIR)/include/platforms/ \
++ -I$(OSAL_DIR)/include/platforms/ixp400/ \
++ -DUSE_IXP4XX_CRYPTO
++endif
++endif
++ifdef CONFIG_IXP400_LIB_1_4
++IXP_CFLAGS = \
++ -I$(ROOTDIR)/. \
++ -I$(ROOTDIR)/modules/ixp425/ixp400-1.4/ixp400_xscale_sw/src/include \
++ -I$(ROOTDIR)/modules/ixp425/ixp400-1.4/ixp400_xscale_sw/src/linux \
++ -DUSE_IXP4XX_CRYPTO
++endif
++ifndef IXPDIR
++IXPDIR = ixp-version-is-not-supported
++endif
++
++ifeq ($(CONFIG_CPU_IXP46X),y)
++IXP_CFLAGS += -D__ixp46X
++else
++ifeq ($(CONFIG_CPU_IXP43X),y)
++IXP_CFLAGS += -D__ixp43X
++else
++IXP_CFLAGS += -D__ixp42X
++endif
++endif
++
++obj-$(CONFIG_OCF_IXP4XX) += ixp4xx.o
++
++obj ?= .
++EXTRA_CFLAGS += $(IXP_CFLAGS) -I$(obj)/.. -I$(obj)/.
++
++ifdef TOPDIR
++-include $(TOPDIR)/Rules.make
++endif
++
+diff --git a/crypto/ocf/ixp4xx/ixp4xx.c b/crypto/ocf/ixp4xx/ixp4xx.c
+new file mode 100644
+index 0000000..d5414a4
+--- /dev/null
++++ b/crypto/ocf/ixp4xx/ixp4xx.c
+@@ -0,0 +1,1324 @@
++/*
++ * An OCF module that uses Intels IXP CryptACC API to do the crypto.
++ * This driver requires the IXP400 Access Library that is available
++ * from Intel in order to operate (or compile).
++ *
++ * Written by David McCullough <david_mccullough at mcafee.com>
++ * Copyright (C) 2006-2010 David McCullough
++ * Copyright (C) 2004-2005 Intel Corporation.
++ *
++ * LICENSE TERMS
++ *
++ * The free distribution and use of this software in both source and binary
++ * form is allowed (with or without changes) provided that:
++ *
++ * 1. distributions of this source code include the above copyright
++ * notice, this list of conditions and the following disclaimer;
++ *
++ * 2. distributions in binary form include the above copyright
++ * notice, this list of conditions and the following disclaimer
++ * in the documentation and/or other associated materials;
++ *
++ * 3. the copyright holder's name is not used to endorse products
++ * built using this software without specific written permission.
++ *
++ * ALTERNATIVELY, provided that this notice is retained in full, this product
++ * may be distributed under the terms of the GNU General Public License (GPL),
++ * in which case the provisions of the GPL apply INSTEAD OF those given above.
++ *
++ * DISCLAIMER
++ *
++ * This software is provided 'as is' with no explicit or implied warranties
++ * in respect of its properties, including, but not limited to, correctness
++ * and/or fitness for purpose.
++ */
++
++#ifndef AUTOCONF_INCLUDED
++#include <linux/config.h>
++#endif
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/list.h>
++#include <linux/slab.h>
++#include <linux/sched.h>
++#include <linux/wait.h>
++#include <linux/crypto.h>
++#include <linux/interrupt.h>
++#include <asm/scatterlist.h>
++
++#include <IxTypes.h>
++#include <IxOsBuffMgt.h>
++#include <IxNpeDl.h>
++#include <IxCryptoAcc.h>
++#include <IxQMgr.h>
++#include <IxOsServices.h>
++#include <IxOsCacheMMU.h>
++
++#include <cryptodev.h>
++#include <uio.h>
++
++#ifndef IX_MBUF_PRIV
++#define IX_MBUF_PRIV(x) ((x)->priv)
++#endif
++
++struct ixp_data;
++
++struct ixp_q {
++ struct list_head ixp_q_list;
++ struct ixp_data *ixp_q_data;
++ struct cryptop *ixp_q_crp;
++ struct cryptodesc *ixp_q_ccrd;
++ struct cryptodesc *ixp_q_acrd;
++ IX_MBUF ixp_q_mbuf;
++ UINT8 *ixp_hash_dest; /* Location for hash in client buffer */
++ UINT8 *ixp_hash_src; /* Location of hash in internal buffer */
++ unsigned char ixp_q_iv_data[IX_CRYPTO_ACC_MAX_CIPHER_IV_LENGTH];
++ unsigned char *ixp_q_iv;
++};
++
++struct ixp_data {
++ int ixp_registered; /* is the context registered */
++ int ixp_crd_flags; /* detect direction changes */
++
++ int ixp_cipher_alg;
++ int ixp_auth_alg;
++
++ UINT32 ixp_ctx_id;
++ UINT32 ixp_hash_key_id; /* used when hashing */
++ IxCryptoAccCtx ixp_ctx;
++ IX_MBUF ixp_pri_mbuf;
++ IX_MBUF ixp_sec_mbuf;
++
++ struct work_struct ixp_pending_work;
++ struct work_struct ixp_registration_work;
++ struct list_head ixp_q; /* unprocessed requests */
++};
++
++#ifdef __ixp46X
++
++#define MAX_IOP_SIZE 64 /* words */
++#define MAX_OOP_SIZE 128
++
++#define MAX_PARAMS 3
++
++struct ixp_pkq {
++ struct list_head pkq_list;
++ struct cryptkop *pkq_krp;
++
++ IxCryptoAccPkeEauInOperands pkq_op;
++ IxCryptoAccPkeEauOpResult pkq_result;
++
++ UINT32 pkq_ibuf0[MAX_IOP_SIZE];
++ UINT32 pkq_ibuf1[MAX_IOP_SIZE];
++ UINT32 pkq_ibuf2[MAX_IOP_SIZE];
++ UINT32 pkq_obuf[MAX_OOP_SIZE];
++};
++
++static LIST_HEAD(ixp_pkq); /* current PK wait list */
++static struct ixp_pkq *ixp_pk_cur;
++static spinlock_t ixp_pkq_lock;
++
++#endif /* __ixp46X */
++
++static int ixp_blocked = 0;
++
++static int32_t ixp_id = -1;
++static struct ixp_data **ixp_sessions = NULL;
++static u_int32_t ixp_sesnum = 0;
++
++static int ixp_process(device_t, struct cryptop *, int);
++static int ixp_newsession(device_t, u_int32_t *, struct cryptoini *);
++static int ixp_freesession(device_t, u_int64_t);
++#ifdef __ixp46X
++static int ixp_kprocess(device_t, struct cryptkop *krp, int hint);
++#endif
++
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,20)
++static kmem_cache_t *qcache;
++#else
++static struct kmem_cache *qcache;
++#endif
++
++#define debug ixp_debug
++static int ixp_debug = 0;
++module_param(ixp_debug, int, 0644);
++MODULE_PARM_DESC(ixp_debug, "Enable debug");
++
++static int ixp_init_crypto = 1;
++module_param(ixp_init_crypto, int, 0444); /* RO after load/boot */
++MODULE_PARM_DESC(ixp_init_crypto, "Call ixCryptoAccInit (default is 1)");
++
++static void ixp_process_pending(void *arg);
++static void ixp_registration(void *arg);
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
++static void ixp_process_pending_wq(struct work_struct *work);
++static void ixp_registration_wq(struct work_struct *work);
++#endif
++
++/*
++ * dummy device structure
++ */
++
++static struct {
++ softc_device_decl sc_dev;
++} ixpdev;
++
++static device_method_t ixp_methods = {
++ /* crypto device methods */
++ DEVMETHOD(cryptodev_newsession, ixp_newsession),
++ DEVMETHOD(cryptodev_freesession,ixp_freesession),
++ DEVMETHOD(cryptodev_process, ixp_process),
++#ifdef __ixp46X
++ DEVMETHOD(cryptodev_kprocess, ixp_kprocess),
++#endif
++};
++
++/*
++ * Generate a new software session.
++ */
++static int
++ixp_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
++{
++ struct ixp_data *ixp;
++ u_int32_t i;
++#define AUTH_LEN(cri, def) \
++ (cri->cri_mlen ? cri->cri_mlen : (def))
++
++ dprintk("%s():alg %d\n", __FUNCTION__,cri->cri_alg);
++ if (sid == NULL || cri == NULL) {
++ dprintk("%s,%d - EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ if (ixp_sessions) {
++ for (i = 1; i < ixp_sesnum; i++)
++ if (ixp_sessions[i] == NULL)
++ break;
++ } else
++ i = 1; /* NB: to silence compiler warning */
++
++ if (ixp_sessions == NULL || i == ixp_sesnum) {
++ struct ixp_data **ixpd;
++
++ if (ixp_sessions == NULL) {
++ i = 1; /* We leave ixp_sessions[0] empty */
++ ixp_sesnum = CRYPTO_SW_SESSIONS;
++ } else
++ ixp_sesnum *= 2;
++
++ ixpd = kmalloc(ixp_sesnum * sizeof(struct ixp_data *), SLAB_ATOMIC);
++ if (ixpd == NULL) {
++ /* Reset session number */
++ if (ixp_sesnum == CRYPTO_SW_SESSIONS)
++ ixp_sesnum = 0;
++ else
++ ixp_sesnum /= 2;
++ dprintk("%s,%d: ENOBUFS\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ memset(ixpd, 0, ixp_sesnum * sizeof(struct ixp_data *));
++
++ /* Copy existing sessions */
++ if (ixp_sessions) {
++ memcpy(ixpd, ixp_sessions,
++ (ixp_sesnum / 2) * sizeof(struct ixp_data *));
++ kfree(ixp_sessions);
++ }
++
++ ixp_sessions = ixpd;
++ }
++
++ ixp_sessions[i] = (struct ixp_data *) kmalloc(sizeof(struct ixp_data),
++ SLAB_ATOMIC);
++ if (ixp_sessions[i] == NULL) {
++ ixp_freesession(NULL, i);
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++
++ *sid = i;
++
++ ixp = ixp_sessions[i];
++ memset(ixp, 0, sizeof(*ixp));
++
++ ixp->ixp_cipher_alg = -1;
++ ixp->ixp_auth_alg = -1;
++ ixp->ixp_ctx_id = -1;
++ INIT_LIST_HEAD(&ixp->ixp_q);
++
++ ixp->ixp_ctx.useDifferentSrcAndDestMbufs = 0;
++
++ while (cri) {
++ switch (cri->cri_alg) {
++ case CRYPTO_DES_CBC:
++ ixp->ixp_cipher_alg = cri->cri_alg;
++ ixp->ixp_ctx.cipherCtx.cipherAlgo = IX_CRYPTO_ACC_CIPHER_DES;
++ ixp->ixp_ctx.cipherCtx.cipherMode = IX_CRYPTO_ACC_MODE_CBC;
++ ixp->ixp_ctx.cipherCtx.cipherKeyLen = (cri->cri_klen + 7) / 8;
++ ixp->ixp_ctx.cipherCtx.cipherBlockLen = IX_CRYPTO_ACC_DES_BLOCK_64;
++ ixp->ixp_ctx.cipherCtx.cipherInitialVectorLen =
++ IX_CRYPTO_ACC_DES_IV_64;
++ memcpy(ixp->ixp_ctx.cipherCtx.key.cipherKey,
++ cri->cri_key, (cri->cri_klen + 7) / 8);
++ break;
++
++ case CRYPTO_3DES_CBC:
++ ixp->ixp_cipher_alg = cri->cri_alg;
++ ixp->ixp_ctx.cipherCtx.cipherAlgo = IX_CRYPTO_ACC_CIPHER_3DES;
++ ixp->ixp_ctx.cipherCtx.cipherMode = IX_CRYPTO_ACC_MODE_CBC;
++ ixp->ixp_ctx.cipherCtx.cipherKeyLen = (cri->cri_klen + 7) / 8;
++ ixp->ixp_ctx.cipherCtx.cipherBlockLen = IX_CRYPTO_ACC_DES_BLOCK_64;
++ ixp->ixp_ctx.cipherCtx.cipherInitialVectorLen =
++ IX_CRYPTO_ACC_DES_IV_64;
++ memcpy(ixp->ixp_ctx.cipherCtx.key.cipherKey,
++ cri->cri_key, (cri->cri_klen + 7) / 8);
++ break;
++
++ case CRYPTO_RIJNDAEL128_CBC:
++ ixp->ixp_cipher_alg = cri->cri_alg;
++ ixp->ixp_ctx.cipherCtx.cipherAlgo = IX_CRYPTO_ACC_CIPHER_AES;
++ ixp->ixp_ctx.cipherCtx.cipherMode = IX_CRYPTO_ACC_MODE_CBC;
++ ixp->ixp_ctx.cipherCtx.cipherKeyLen = (cri->cri_klen + 7) / 8;
++ ixp->ixp_ctx.cipherCtx.cipherBlockLen = 16;
++ ixp->ixp_ctx.cipherCtx.cipherInitialVectorLen = 16;
++ memcpy(ixp->ixp_ctx.cipherCtx.key.cipherKey,
++ cri->cri_key, (cri->cri_klen + 7) / 8);
++ break;
++
++ case CRYPTO_MD5:
++ case CRYPTO_MD5_HMAC:
++ ixp->ixp_auth_alg = cri->cri_alg;
++ ixp->ixp_ctx.authCtx.authAlgo = IX_CRYPTO_ACC_AUTH_MD5;
++ ixp->ixp_ctx.authCtx.authDigestLen = AUTH_LEN(cri, MD5_HASH_LEN);
++ ixp->ixp_ctx.authCtx.aadLen = 0;
++ /* Only MD5_HMAC needs a key */
++ if (cri->cri_alg == CRYPTO_MD5_HMAC) {
++ ixp->ixp_ctx.authCtx.authKeyLen = (cri->cri_klen + 7) / 8;
++ if (ixp->ixp_ctx.authCtx.authKeyLen >
++ sizeof(ixp->ixp_ctx.authCtx.key.authKey)) {
++ printk(
++ "ixp4xx: Invalid key length for MD5_HMAC - %d bits\n",
++ cri->cri_klen);
++ ixp_freesession(NULL, i);
++ return EINVAL;
++ }
++ memcpy(ixp->ixp_ctx.authCtx.key.authKey,
++ cri->cri_key, (cri->cri_klen + 7) / 8);
++ }
++ break;
++
++ case CRYPTO_SHA1:
++ case CRYPTO_SHA1_HMAC:
++ ixp->ixp_auth_alg = cri->cri_alg;
++ ixp->ixp_ctx.authCtx.authAlgo = IX_CRYPTO_ACC_AUTH_SHA1;
++ ixp->ixp_ctx.authCtx.authDigestLen = AUTH_LEN(cri, SHA1_HASH_LEN);
++ ixp->ixp_ctx.authCtx.aadLen = 0;
++ /* Only SHA1_HMAC needs a key */
++ if (cri->cri_alg == CRYPTO_SHA1_HMAC) {
++ ixp->ixp_ctx.authCtx.authKeyLen = (cri->cri_klen + 7) / 8;
++ if (ixp->ixp_ctx.authCtx.authKeyLen >
++ sizeof(ixp->ixp_ctx.authCtx.key.authKey)) {
++ printk(
++ "ixp4xx: Invalid key length for SHA1_HMAC - %d bits\n",
++ cri->cri_klen);
++ ixp_freesession(NULL, i);
++ return EINVAL;
++ }
++ memcpy(ixp->ixp_ctx.authCtx.key.authKey,
++ cri->cri_key, (cri->cri_klen + 7) / 8);
++ }
++ break;
++
++ default:
++ printk("ixp: unknown algo 0x%x\n", cri->cri_alg);
++ ixp_freesession(NULL, i);
++ return EINVAL;
++ }
++ cri = cri->cri_next;
++ }
++
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
++ INIT_WORK(&ixp->ixp_pending_work, ixp_process_pending_wq);
++ INIT_WORK(&ixp->ixp_registration_work, ixp_registration_wq);
++#else
++ INIT_WORK(&ixp->ixp_pending_work, ixp_process_pending, ixp);
++ INIT_WORK(&ixp->ixp_registration_work, ixp_registration, ixp);
++#endif
++
++ return 0;
++}
++
++
++/*
++ * Free a session.
++ */
++static int
++ixp_freesession(device_t dev, u_int64_t tid)
++{
++ u_int32_t sid = CRYPTO_SESID2LID(tid);
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (sid > ixp_sesnum || ixp_sessions == NULL ||
++ ixp_sessions[sid] == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ /* Silently accept and return */
++ if (sid == 0)
++ return 0;
++
++ if (ixp_sessions[sid]) {
++ if (ixp_sessions[sid]->ixp_ctx_id != -1) {
++ ixCryptoAccCtxUnregister(ixp_sessions[sid]->ixp_ctx_id);
++ ixp_sessions[sid]->ixp_ctx_id = -1;
++ }
++ kfree(ixp_sessions[sid]);
++ }
++ ixp_sessions[sid] = NULL;
++ if (ixp_blocked) {
++ ixp_blocked = 0;
++ crypto_unblock(ixp_id, CRYPTO_SYMQ);
++ }
++ return 0;
++}
++
++
++/*
++ * callback for when hash processing is complete
++ */
++
++static void
++ixp_hash_perform_cb(
++ UINT32 hash_key_id,
++ IX_MBUF *bufp,
++ IxCryptoAccStatus status)
++{
++ struct ixp_q *q;
++
++ dprintk("%s(%u, %p, 0x%x)\n", __FUNCTION__, hash_key_id, bufp, status);
++
++ if (bufp == NULL) {
++ printk("ixp: NULL buf in %s\n", __FUNCTION__);
++ return;
++ }
++
++ q = IX_MBUF_PRIV(bufp);
++ if (q == NULL) {
++ printk("ixp: NULL priv in %s\n", __FUNCTION__);
++ return;
++ }
++
++ if (status == IX_CRYPTO_ACC_STATUS_SUCCESS) {
++ /* On success, need to copy hash back into original client buffer */
++ memcpy(q->ixp_hash_dest, q->ixp_hash_src,
++ (q->ixp_q_data->ixp_auth_alg == CRYPTO_SHA1) ?
++ SHA1_HASH_LEN : MD5_HASH_LEN);
++ }
++ else {
++ printk("ixp: hash perform failed status=%d\n", status);
++ q->ixp_q_crp->crp_etype = EINVAL;
++ }
++
++ /* Free internal buffer used for hashing */
++ kfree(IX_MBUF_MDATA(&q->ixp_q_mbuf));
++
++ crypto_done(q->ixp_q_crp);
++ kmem_cache_free(qcache, q);
++}
++
++/*
++ * setup a request and perform it
++ */
++static void
++ixp_q_process(struct ixp_q *q)
++{
++ IxCryptoAccStatus status;
++ struct ixp_data *ixp = q->ixp_q_data;
++ int auth_off = 0;
++ int auth_len = 0;
++ int crypt_off = 0;
++ int crypt_len = 0;
++ int icv_off = 0;
++ char *crypt_func;
++
++ dprintk("%s(%p)\n", __FUNCTION__, q);
++
++ if (q->ixp_q_ccrd) {
++ if (q->ixp_q_ccrd->crd_flags & CRD_F_IV_EXPLICIT) {
++ q->ixp_q_iv = q->ixp_q_ccrd->crd_iv;
++ } else {
++ q->ixp_q_iv = q->ixp_q_iv_data;
++ crypto_copydata(q->ixp_q_crp->crp_flags, q->ixp_q_crp->crp_buf,
++ q->ixp_q_ccrd->crd_inject,
++ ixp->ixp_ctx.cipherCtx.cipherInitialVectorLen,
++ (caddr_t) q->ixp_q_iv);
++ }
++
++ if (q->ixp_q_acrd) {
++ auth_off = q->ixp_q_acrd->crd_skip;
++ auth_len = q->ixp_q_acrd->crd_len;
++ icv_off = q->ixp_q_acrd->crd_inject;
++ }
++
++ crypt_off = q->ixp_q_ccrd->crd_skip;
++ crypt_len = q->ixp_q_ccrd->crd_len;
++ } else { /* if (q->ixp_q_acrd) */
++ auth_off = q->ixp_q_acrd->crd_skip;
++ auth_len = q->ixp_q_acrd->crd_len;
++ icv_off = q->ixp_q_acrd->crd_inject;
++ }
++
++ if (q->ixp_q_crp->crp_flags & CRYPTO_F_SKBUF) {
++ struct sk_buff *skb = (struct sk_buff *) q->ixp_q_crp->crp_buf;
++ if (skb_shinfo(skb)->nr_frags) {
++ /*
++ * DAVIDM fix this limitation one day by using
++ * a buffer pool and chaining, it is not currently
++ * needed for current user/kernel space acceleration
++ */
++ printk("ixp: Cannot handle fragmented skb's yet !\n");
++ q->ixp_q_crp->crp_etype = ENOENT;
++ goto done;
++ }
++ IX_MBUF_MLEN(&q->ixp_q_mbuf) =
++ IX_MBUF_PKT_LEN(&q->ixp_q_mbuf) = skb->len;
++ IX_MBUF_MDATA(&q->ixp_q_mbuf) = skb->data;
++ } else if (q->ixp_q_crp->crp_flags & CRYPTO_F_IOV) {
++ struct uio *uiop = (struct uio *) q->ixp_q_crp->crp_buf;
++ if (uiop->uio_iovcnt != 1) {
++ /*
++ * DAVIDM fix this limitation one day by using
++ * a buffer pool and chaining, it is not currently
++ * needed for current user/kernel space acceleration
++ */
++ printk("ixp: Cannot handle more than 1 iovec yet !\n");
++ q->ixp_q_crp->crp_etype = ENOENT;
++ goto done;
++ }
++ IX_MBUF_MLEN(&q->ixp_q_mbuf) =
++ IX_MBUF_PKT_LEN(&q->ixp_q_mbuf) = uiop->uio_iov[0].iov_len;
++ IX_MBUF_MDATA(&q->ixp_q_mbuf) = uiop->uio_iov[0].iov_base;
++ } else /* contig buffer */ {
++ IX_MBUF_MLEN(&q->ixp_q_mbuf) =
++ IX_MBUF_PKT_LEN(&q->ixp_q_mbuf) = q->ixp_q_crp->crp_ilen;
++ IX_MBUF_MDATA(&q->ixp_q_mbuf) = q->ixp_q_crp->crp_buf;
++ }
++
++ IX_MBUF_PRIV(&q->ixp_q_mbuf) = q;
++
++ if (ixp->ixp_auth_alg == CRYPTO_SHA1 || ixp->ixp_auth_alg == CRYPTO_MD5) {
++ /*
++ * For SHA1 and MD5 hash, need to create an internal buffer that is big
++ * enough to hold the original data + the appropriate padding for the
++ * hash algorithm.
++ */
++ UINT8 *tbuf = NULL;
++
++ IX_MBUF_MLEN(&q->ixp_q_mbuf) = IX_MBUF_PKT_LEN(&q->ixp_q_mbuf) =
++ ((IX_MBUF_MLEN(&q->ixp_q_mbuf) * 8) + 72 + 511) / 8;
++ tbuf = kmalloc(IX_MBUF_MLEN(&q->ixp_q_mbuf), SLAB_ATOMIC);
++
++ if (IX_MBUF_MDATA(&q->ixp_q_mbuf) == NULL) {
++ printk("ixp: kmalloc(%u, SLAB_ATOMIC) failed\n",
++ IX_MBUF_MLEN(&q->ixp_q_mbuf));
++ q->ixp_q_crp->crp_etype = ENOMEM;
++ goto done;
++ }
++ memcpy(tbuf, &(IX_MBUF_MDATA(&q->ixp_q_mbuf))[auth_off], auth_len);
++
++ /* Set location in client buffer to copy hash into */
++ q->ixp_hash_dest =
++ &(IX_MBUF_MDATA(&q->ixp_q_mbuf))[auth_off + auth_len];
++
++ IX_MBUF_MDATA(&q->ixp_q_mbuf) = tbuf;
++
++ /* Set location in internal buffer for where hash starts */
++ q->ixp_hash_src = &(IX_MBUF_MDATA(&q->ixp_q_mbuf))[auth_len];
++
++ crypt_func = "ixCryptoAccHashPerform";
++ status = ixCryptoAccHashPerform(ixp->ixp_ctx.authCtx.authAlgo,
++ &q->ixp_q_mbuf, ixp_hash_perform_cb, 0, auth_len, auth_len,
++ &ixp->ixp_hash_key_id);
++ }
++ else {
++ crypt_func = "ixCryptoAccAuthCryptPerform";
++ status = ixCryptoAccAuthCryptPerform(ixp->ixp_ctx_id, &q->ixp_q_mbuf,
++ NULL, auth_off, auth_len, crypt_off, crypt_len, icv_off,
++ q->ixp_q_iv);
++ }
++
++ if (IX_CRYPTO_ACC_STATUS_SUCCESS == status)
++ return;
++
++ if (IX_CRYPTO_ACC_STATUS_QUEUE_FULL == status) {
++ q->ixp_q_crp->crp_etype = ENOMEM;
++ goto done;
++ }
++
++ printk("ixp: %s failed %u\n", crypt_func, status);
++ q->ixp_q_crp->crp_etype = EINVAL;
++
++done:
++ crypto_done(q->ixp_q_crp);
++ kmem_cache_free(qcache, q);
++}
++
++
++/*
++ * because we cannot process the Q from the Register callback
++ * we do it here on a task Q.
++ */
++
++static void
++ixp_process_pending(void *arg)
++{
++ struct ixp_data *ixp = arg;
++ struct ixp_q *q = NULL;
++
++ dprintk("%s(%p)\n", __FUNCTION__, arg);
++
++ if (!ixp)
++ return;
++
++ while (!list_empty(&ixp->ixp_q)) {
++ q = list_entry(ixp->ixp_q.next, struct ixp_q, ixp_q_list);
++ list_del(&q->ixp_q_list);
++ ixp_q_process(q);
++ }
++}
++
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
++static void
++ixp_process_pending_wq(struct work_struct *work)
++{
++ struct ixp_data *ixp = container_of(work, struct ixp_data, ixp_pending_work);
++ ixp_process_pending(ixp);
++}
++#endif
++
++/*
++ * callback for when context registration is complete
++ */
++
++static void
++ixp_register_cb(UINT32 ctx_id, IX_MBUF *bufp, IxCryptoAccStatus status)
++{
++ int i;
++ struct ixp_data *ixp;
++ struct ixp_q *q;
++
++ dprintk("%s(%d, %p, %d)\n", __FUNCTION__, ctx_id, bufp, status);
++
++ /*
++ * free any buffer passed in to this routine
++ */
++ if (bufp) {
++ IX_MBUF_MLEN(bufp) = IX_MBUF_PKT_LEN(bufp) = 0;
++ kfree(IX_MBUF_MDATA(bufp));
++ IX_MBUF_MDATA(bufp) = NULL;
++ }
++
++ for (i = 0; i < ixp_sesnum; i++) {
++ ixp = ixp_sessions[i];
++ if (ixp && ixp->ixp_ctx_id == ctx_id)
++ break;
++ }
++ if (i >= ixp_sesnum) {
++ printk("ixp: invalid context id %d\n", ctx_id);
++ return;
++ }
++
++ if (IX_CRYPTO_ACC_STATUS_WAIT == status) {
++ /* this is normal to free the first of two buffers */
++ dprintk("ixp: register not finished yet.\n");
++ return;
++ }
++
++ if (IX_CRYPTO_ACC_STATUS_SUCCESS != status) {
++ printk("ixp: register failed 0x%x\n", status);
++ while (!list_empty(&ixp->ixp_q)) {
++ q = list_entry(ixp->ixp_q.next, struct ixp_q, ixp_q_list);
++ list_del(&q->ixp_q_list);
++ q->ixp_q_crp->crp_etype = EINVAL;
++ crypto_done(q->ixp_q_crp);
++ kmem_cache_free(qcache, q);
++ }
++ return;
++ }
++
++ /*
++ * we are now registered, we cannot start processing the Q here
++ * or we get strange errors with AES (DES/3DES seem to be ok).
++ */
++ ixp->ixp_registered = 1;
++ schedule_work(&ixp->ixp_pending_work);
++}
++
++
++/*
++ * callback for when data processing is complete
++ */
++
++static void
++ixp_perform_cb(
++ UINT32 ctx_id,
++ IX_MBUF *sbufp,
++ IX_MBUF *dbufp,
++ IxCryptoAccStatus status)
++{
++ struct ixp_q *q;
++
++ dprintk("%s(%d, %p, %p, 0x%x)\n", __FUNCTION__, ctx_id, sbufp,
++ dbufp, status);
++
++ if (sbufp == NULL) {
++ printk("ixp: NULL sbuf in ixp_perform_cb\n");
++ return;
++ }
++
++ q = IX_MBUF_PRIV(sbufp);
++ if (q == NULL) {
++ printk("ixp: NULL priv in ixp_perform_cb\n");
++ return;
++ }
++
++ if (status != IX_CRYPTO_ACC_STATUS_SUCCESS) {
++ printk("ixp: perform failed status=%d\n", status);
++ q->ixp_q_crp->crp_etype = EINVAL;
++ }
++
++ crypto_done(q->ixp_q_crp);
++ kmem_cache_free(qcache, q);
++}
++
++
++/*
++ * registration is not callable at IRQ time, so we defer
++ * to a task queue, this routines completes the registration for us
++ * when the task queue runs
++ *
++ * Unfortunately this means we cannot tell OCF that the driver is blocked,
++ * we do that on the next request.
++ */
++
++static void
++ixp_registration(void *arg)
++{
++ struct ixp_data *ixp = arg;
++ struct ixp_q *q = NULL;
++ IX_MBUF *pri = NULL, *sec = NULL;
++ int status = IX_CRYPTO_ACC_STATUS_SUCCESS;
++
++ if (!ixp) {
++ printk("ixp: ixp_registration with no arg\n");
++ return;
++ }
++
++ if (ixp->ixp_ctx_id != -1) {
++ ixCryptoAccCtxUnregister(ixp->ixp_ctx_id);
++ ixp->ixp_ctx_id = -1;
++ }
++
++ if (list_empty(&ixp->ixp_q)) {
++ printk("ixp: ixp_registration with no Q\n");
++ return;
++ }
++
++ /*
++ * setup the primary and secondary buffers
++ */
++ q = list_entry(ixp->ixp_q.next, struct ixp_q, ixp_q_list);
++ if (q->ixp_q_acrd) {
++ pri = &ixp->ixp_pri_mbuf;
++ sec = &ixp->ixp_sec_mbuf;
++ IX_MBUF_MLEN(pri) = IX_MBUF_PKT_LEN(pri) = 128;
++ IX_MBUF_MDATA(pri) = (unsigned char *) kmalloc(128, SLAB_ATOMIC);
++ IX_MBUF_MLEN(sec) = IX_MBUF_PKT_LEN(sec) = 128;
++ IX_MBUF_MDATA(sec) = (unsigned char *) kmalloc(128, SLAB_ATOMIC);
++ }
++
++ /* Only need to register if a crypt op or HMAC op */
++ if (!(ixp->ixp_auth_alg == CRYPTO_SHA1 ||
++ ixp->ixp_auth_alg == CRYPTO_MD5)) {
++ status = ixCryptoAccCtxRegister(
++ &ixp->ixp_ctx,
++ pri, sec,
++ ixp_register_cb,
++ ixp_perform_cb,
++ &ixp->ixp_ctx_id);
++ }
++ else {
++ /* Otherwise we start processing pending q */
++ schedule_work(&ixp->ixp_pending_work);
++ }
++
++ if (IX_CRYPTO_ACC_STATUS_SUCCESS == status)
++ return;
++
++ if (IX_CRYPTO_ACC_STATUS_EXCEED_MAX_TUNNELS == status) {
++ printk("ixp: ixCryptoAccCtxRegister failed (out of tunnels)\n");
++ ixp_blocked = 1;
++ /* perhaps we should return EGAIN on queued ops ? */
++ return;
++ }
++
++ printk("ixp: ixCryptoAccCtxRegister failed %d\n", status);
++ ixp->ixp_ctx_id = -1;
++
++ /*
++ * everything waiting is toasted
++ */
++ while (!list_empty(&ixp->ixp_q)) {
++ q = list_entry(ixp->ixp_q.next, struct ixp_q, ixp_q_list);
++ list_del(&q->ixp_q_list);
++ q->ixp_q_crp->crp_etype = ENOENT;
++ crypto_done(q->ixp_q_crp);
++ kmem_cache_free(qcache, q);
++ }
++}
++
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
++static void
++ixp_registration_wq(struct work_struct *work)
++{
++ struct ixp_data *ixp = container_of(work, struct ixp_data,
++ ixp_registration_work);
++ ixp_registration(ixp);
++}
++#endif
++
++/*
++ * Process a request.
++ */
++static int
++ixp_process(device_t dev, struct cryptop *crp, int hint)
++{
++ struct ixp_data *ixp;
++ unsigned int lid;
++ struct ixp_q *q = NULL;
++ int status;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ /* Sanity check */
++ if (crp == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ crp->crp_etype = 0;
++
++ if (ixp_blocked)
++ return ERESTART;
++
++ if (crp->crp_desc == NULL || crp->crp_buf == NULL) {
++ dprintk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ crp->crp_etype = EINVAL;
++ goto done;
++ }
++
++ /*
++ * find the session we are using
++ */
++
++ lid = crp->crp_sid & 0xffffffff;
++ if (lid >= ixp_sesnum || lid == 0 || ixp_sessions == NULL ||
++ ixp_sessions[lid] == NULL) {
++ crp->crp_etype = ENOENT;
++ dprintk("%s,%d: ENOENT\n", __FILE__, __LINE__);
++ goto done;
++ }
++ ixp = ixp_sessions[lid];
++
++ /*
++ * setup a new request ready for queuing
++ */
++ q = kmem_cache_alloc(qcache, SLAB_ATOMIC);
++ if (q == NULL) {
++ dprintk("%s,%d: ENOMEM\n", __FILE__, __LINE__);
++ crp->crp_etype = ENOMEM;
++ goto done;
++ }
++ /*
++ * save some cycles by only zeroing the important bits
++ */
++ memset(&q->ixp_q_mbuf, 0, sizeof(q->ixp_q_mbuf));
++ q->ixp_q_ccrd = NULL;
++ q->ixp_q_acrd = NULL;
++ q->ixp_q_crp = crp;
++ q->ixp_q_data = ixp;
++
++ /*
++ * point the cipher and auth descriptors appropriately
++ * check that we have something to do
++ */
++ if (crp->crp_desc->crd_alg == ixp->ixp_cipher_alg)
++ q->ixp_q_ccrd = crp->crp_desc;
++ else if (crp->crp_desc->crd_alg == ixp->ixp_auth_alg)
++ q->ixp_q_acrd = crp->crp_desc;
++ else {
++ crp->crp_etype = ENOENT;
++ dprintk("%s,%d: bad desc match: ENOENT\n", __FILE__, __LINE__);
++ goto done;
++ }
++ if (crp->crp_desc->crd_next) {
++ if (crp->crp_desc->crd_next->crd_alg == ixp->ixp_cipher_alg)
++ q->ixp_q_ccrd = crp->crp_desc->crd_next;
++ else if (crp->crp_desc->crd_next->crd_alg == ixp->ixp_auth_alg)
++ q->ixp_q_acrd = crp->crp_desc->crd_next;
++ else {
++ crp->crp_etype = ENOENT;
++ dprintk("%s,%d: bad desc match: ENOENT\n", __FILE__, __LINE__);
++ goto done;
++ }
++ }
++
++ /*
++ * If there is a direction change for this context then we mark it as
++ * unregistered and re-register is for the new direction. This is not
++ * a very expensive operation and currently only tends to happen when
++ * user-space application are doing benchmarks
++ *
++ * DM - we should be checking for pending requests before unregistering.
++ */
++ if (q->ixp_q_ccrd && ixp->ixp_registered &&
++ ixp->ixp_crd_flags != (q->ixp_q_ccrd->crd_flags & CRD_F_ENCRYPT)) {
++ dprintk("%s - detected direction change on session\n", __FUNCTION__);
++ ixp->ixp_registered = 0;
++ }
++
++ /*
++ * if we are registered, call straight into the perform code
++ */
++ if (ixp->ixp_registered) {
++ ixp_q_process(q);
++ return 0;
++ }
++
++ /*
++ * the only part of the context not set in newsession is the direction
++ * dependent parts
++ */
++ if (q->ixp_q_ccrd) {
++ ixp->ixp_crd_flags = (q->ixp_q_ccrd->crd_flags & CRD_F_ENCRYPT);
++ if (q->ixp_q_ccrd->crd_flags & CRD_F_ENCRYPT) {
++ ixp->ixp_ctx.operation = q->ixp_q_acrd ?
++ IX_CRYPTO_ACC_OP_ENCRYPT_AUTH : IX_CRYPTO_ACC_OP_ENCRYPT;
++ } else {
++ ixp->ixp_ctx.operation = q->ixp_q_acrd ?
++ IX_CRYPTO_ACC_OP_AUTH_DECRYPT : IX_CRYPTO_ACC_OP_DECRYPT;
++ }
++ } else {
++ /* q->ixp_q_acrd must be set if we are here */
++ ixp->ixp_ctx.operation = IX_CRYPTO_ACC_OP_AUTH_CALC;
++ }
++
++ status = list_empty(&ixp->ixp_q);
++ list_add_tail(&q->ixp_q_list, &ixp->ixp_q);
++ if (status)
++ schedule_work(&ixp->ixp_registration_work);
++ return 0;
++
++done:
++ if (q)
++ kmem_cache_free(qcache, q);
++ crypto_done(crp);
++ return 0;
++}
++
++
++#ifdef __ixp46X
++/*
++ * key processing support for the ixp465
++ */
++
++
++/*
++ * copy a BN (LE) into a buffer (BE) an fill out the op appropriately
++ * assume zeroed and only copy bits that are significant
++ */
++
++static int
++ixp_copy_ibuf(struct crparam *p, IxCryptoAccPkeEauOperand *op, UINT32 *buf)
++{
++ unsigned char *src = (unsigned char *) p->crp_p;
++ unsigned char *dst;
++ int len, bits = p->crp_nbits;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if (bits > MAX_IOP_SIZE * sizeof(UINT32) * 8) {
++ dprintk("%s - ibuf too big (%d > %d)\n", __FUNCTION__,
++ bits, MAX_IOP_SIZE * sizeof(UINT32) * 8);
++ return -1;
++ }
++
++ len = (bits + 31) / 32; /* the number UINT32's needed */
++
++ dst = (unsigned char *) &buf[len];
++ dst--;
++
++ while (bits > 0) {
++ *dst-- = *src++;
++ bits -= 8;
++ }
++
++#if 0 /* no need to zero remaining bits as it is done during request alloc */
++ while (dst > (unsigned char *) buf)
++ *dst-- = '\0';
++#endif
++
++ op->pData = buf;
++ op->dataLen = len;
++ return 0;
++}
++
++/*
++ * copy out the result, be as forgiving as we can about small output buffers
++ */
++
++static int
++ixp_copy_obuf(struct crparam *p, IxCryptoAccPkeEauOpResult *op, UINT32 *buf)
++{
++ unsigned char *dst = (unsigned char *) p->crp_p;
++ unsigned char *src = (unsigned char *) buf;
++ int len, z, bits = p->crp_nbits;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ len = op->dataLen * sizeof(UINT32);
++
++ /* skip leading zeroes to be small buffer friendly */
++ z = 0;
++ while (z < len && src[z] == '\0')
++ z++;
++
++ src += len;
++ src--;
++ len -= z;
++
++ while (len > 0 && bits > 0) {
++ *dst++ = *src--;
++ len--;
++ bits -= 8;
++ }
++
++ while (bits > 0) {
++ *dst++ = '\0';
++ bits -= 8;
++ }
++
++ if (len > 0) {
++ dprintk("%s - obuf is %d (z=%d, ob=%d) bytes too small\n",
++ __FUNCTION__, len, z, p->crp_nbits / 8);
++ return -1;
++ }
++
++ return 0;
++}
++
++
++/*
++ * the parameter offsets for exp_mod
++ */
++
++#define IXP_PARAM_BASE 0
++#define IXP_PARAM_EXP 1
++#define IXP_PARAM_MOD 2
++#define IXP_PARAM_RES 3
++
++/*
++ * key processing complete callback, is also used to start processing
++ * by passing a NULL for pResult
++ */
++
++static void
++ixp_kperform_cb(
++ IxCryptoAccPkeEauOperation operation,
++ IxCryptoAccPkeEauOpResult *pResult,
++ BOOL carryOrBorrow,
++ IxCryptoAccStatus status)
++{
++ struct ixp_pkq *q, *tmp;
++ unsigned long flags;
++
++ dprintk("%s(0x%x, %p, %d, 0x%x)\n", __FUNCTION__, operation, pResult,
++ carryOrBorrow, status);
++
++ /* handle a completed request */
++ if (pResult) {
++ if (ixp_pk_cur && &ixp_pk_cur->pkq_result == pResult) {
++ q = ixp_pk_cur;
++ if (status != IX_CRYPTO_ACC_STATUS_SUCCESS) {
++ dprintk("%s() - op failed 0x%x\n", __FUNCTION__, status);
++ q->pkq_krp->krp_status = ERANGE; /* could do better */
++ } else {
++ /* copy out the result */
++ if (ixp_copy_obuf(&q->pkq_krp->krp_param[IXP_PARAM_RES],
++ &q->pkq_result, q->pkq_obuf))
++ q->pkq_krp->krp_status = ERANGE;
++ }
++ crypto_kdone(q->pkq_krp);
++ kfree(q);
++ ixp_pk_cur = NULL;
++ } else
++ printk("%s - callback with invalid result pointer\n", __FUNCTION__);
++ }
++
++ spin_lock_irqsave(&ixp_pkq_lock, flags);
++ if (ixp_pk_cur || list_empty(&ixp_pkq)) {
++ spin_unlock_irqrestore(&ixp_pkq_lock, flags);
++ return;
++ }
++
++ list_for_each_entry_safe(q, tmp, &ixp_pkq, pkq_list) {
++
++ list_del(&q->pkq_list);
++ ixp_pk_cur = q;
++
++ spin_unlock_irqrestore(&ixp_pkq_lock, flags);
++
++ status = ixCryptoAccPkeEauPerform(
++ IX_CRYPTO_ACC_OP_EAU_MOD_EXP,
++ &q->pkq_op,
++ ixp_kperform_cb,
++ &q->pkq_result);
++
++ if (status == IX_CRYPTO_ACC_STATUS_SUCCESS) {
++ dprintk("%s() - ixCryptoAccPkeEauPerform SUCCESS\n", __FUNCTION__);
++ return; /* callback will return here for callback */
++ } else if (status == IX_CRYPTO_ACC_STATUS_RETRY) {
++ printk("%s() - ixCryptoAccPkeEauPerform RETRY\n", __FUNCTION__);
++ } else {
++ printk("%s() - ixCryptoAccPkeEauPerform failed %d\n",
++ __FUNCTION__, status);
++ }
++ q->pkq_krp->krp_status = ERANGE; /* could do better */
++ crypto_kdone(q->pkq_krp);
++ kfree(q);
++ spin_lock_irqsave(&ixp_pkq_lock, flags);
++ }
++ spin_unlock_irqrestore(&ixp_pkq_lock, flags);
++}
++
++
++static int
++ixp_kprocess(device_t dev, struct cryptkop *krp, int hint)
++{
++ struct ixp_pkq *q;
++ int rc = 0;
++ unsigned long flags;
++
++ dprintk("%s l1=%d l2=%d l3=%d l4=%d\n", __FUNCTION__,
++ krp->krp_param[IXP_PARAM_BASE].crp_nbits,
++ krp->krp_param[IXP_PARAM_EXP].crp_nbits,
++ krp->krp_param[IXP_PARAM_MOD].crp_nbits,
++ krp->krp_param[IXP_PARAM_RES].crp_nbits);
++
++
++ if (krp->krp_op != CRK_MOD_EXP) {
++ krp->krp_status = EOPNOTSUPP;
++ goto err;
++ }
++
++ q = (struct ixp_pkq *) kmalloc(sizeof(*q), GFP_KERNEL);
++ if (q == NULL) {
++ krp->krp_status = ENOMEM;
++ goto err;
++ }
++
++ /*
++ * The PKE engine does not appear to zero the output buffer
++ * appropriately, so we need to do it all here.
++ */
++ memset(q, 0, sizeof(*q));
++
++ q->pkq_krp = krp;
++ INIT_LIST_HEAD(&q->pkq_list);
++
++ if (ixp_copy_ibuf(&krp->krp_param[IXP_PARAM_BASE], &q->pkq_op.modExpOpr.M,
++ q->pkq_ibuf0))
++ rc = 1;
++ if (!rc && ixp_copy_ibuf(&krp->krp_param[IXP_PARAM_EXP],
++ &q->pkq_op.modExpOpr.e, q->pkq_ibuf1))
++ rc = 2;
++ if (!rc && ixp_copy_ibuf(&krp->krp_param[IXP_PARAM_MOD],
++ &q->pkq_op.modExpOpr.N, q->pkq_ibuf2))
++ rc = 3;
++
++ if (rc) {
++ kfree(q);
++ krp->krp_status = ERANGE;
++ goto err;
++ }
++
++ q->pkq_result.pData = q->pkq_obuf;
++ q->pkq_result.dataLen =
++ (krp->krp_param[IXP_PARAM_RES].crp_nbits + 31) / 32;
++
++ spin_lock_irqsave(&ixp_pkq_lock, flags);
++ list_add_tail(&q->pkq_list, &ixp_pkq);
++ spin_unlock_irqrestore(&ixp_pkq_lock, flags);
++
++ if (!ixp_pk_cur)
++ ixp_kperform_cb(0, NULL, 0, 0);
++ return (0);
++
++err:
++ crypto_kdone(krp);
++ return (0);
++}
++
++
++
++#ifdef CONFIG_OCF_RANDOMHARVEST
++/*
++ * We run the random number generator output through SHA so that it
++ * is FIPS compliant.
++ */
++
++static volatile int sha_done = 0;
++static unsigned char sha_digest[20];
++
++static void
++ixp_hash_cb(UINT8 *digest, IxCryptoAccStatus status)
++{
++ dprintk("%s(%p, %d)\n", __FUNCTION__, digest, status);
++ if (sha_digest != digest)
++ printk("digest error\n");
++ if (IX_CRYPTO_ACC_STATUS_SUCCESS == status)
++ sha_done = 1;
++ else
++ sha_done = -status;
++}
++
++static int
++ixp_read_random(void *arg, u_int32_t *buf, int maxwords)
++{
++ IxCryptoAccStatus status;
++ int i, n, rc;
++
++ dprintk("%s(%p, %d)\n", __FUNCTION__, buf, maxwords);
++ memset(buf, 0, maxwords * sizeof(*buf));
++ status = ixCryptoAccPkePseudoRandomNumberGet(maxwords, buf);
++ if (status != IX_CRYPTO_ACC_STATUS_SUCCESS) {
++ dprintk("%s: ixCryptoAccPkePseudoRandomNumberGet failed %d\n",
++ __FUNCTION__, status);
++ return 0;
++ }
++
++ /*
++ * run the random data through SHA to make it look more random
++ */
++
++ n = sizeof(sha_digest); /* process digest bytes at a time */
++
++ rc = 0;
++ for (i = 0; i < maxwords; i += n / sizeof(*buf)) {
++ if ((maxwords - i) * sizeof(*buf) < n)
++ n = (maxwords - i) * sizeof(*buf);
++ sha_done = 0;
++ status = ixCryptoAccPkeHashPerform(IX_CRYPTO_ACC_AUTH_SHA1,
++ (UINT8 *) &buf[i], n, ixp_hash_cb, sha_digest);
++ if (status != IX_CRYPTO_ACC_STATUS_SUCCESS) {
++ dprintk("ixCryptoAccPkeHashPerform failed %d\n", status);
++ return -EIO;
++ }
++ while (!sha_done)
++ schedule();
++ if (sha_done < 0) {
++ dprintk("ixCryptoAccPkeHashPerform failed CB %d\n", -sha_done);
++ return 0;
++ }
++ memcpy(&buf[i], sha_digest, n);
++ rc += n / sizeof(*buf);;
++ }
++
++ return rc;
++}
++#endif /* CONFIG_OCF_RANDOMHARVEST */
++
++#endif /* __ixp46X */
++
++
++
++/*
++ * our driver startup and shutdown routines
++ */
++
++static int
++ixp_init(void)
++{
++ dprintk("%s(%p)\n", __FUNCTION__, ixp_init);
++
++ if (ixp_init_crypto && ixCryptoAccInit() != IX_CRYPTO_ACC_STATUS_SUCCESS)
++ printk("ixCryptoAccInit failed, assuming already initialised!\n");
++
++ qcache = kmem_cache_create("ixp4xx_q", sizeof(struct ixp_q), 0,
++ SLAB_HWCACHE_ALIGN, NULL
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
++ , NULL
++#endif
++ );
++ if (!qcache) {
++ printk("failed to create Qcache\n");
++ return -ENOENT;
++ }
++
++ memset(&ixpdev, 0, sizeof(ixpdev));
++ softc_device_init(&ixpdev, "ixp4xx", 0, ixp_methods);
++
++ ixp_id = crypto_get_driverid(softc_get_device(&ixpdev),
++ CRYPTOCAP_F_HARDWARE);
++ if (ixp_id < 0)
++ panic("IXP/OCF crypto device cannot initialize!");
++
++#define REGISTER(alg) \
++ crypto_register(ixp_id,alg,0,0)
++
++ REGISTER(CRYPTO_DES_CBC);
++ REGISTER(CRYPTO_3DES_CBC);
++ REGISTER(CRYPTO_RIJNDAEL128_CBC);
++#ifdef CONFIG_OCF_IXP4XX_SHA1_MD5
++ REGISTER(CRYPTO_MD5);
++ REGISTER(CRYPTO_SHA1);
++#endif
++ REGISTER(CRYPTO_MD5_HMAC);
++ REGISTER(CRYPTO_SHA1_HMAC);
++#undef REGISTER
++
++#ifdef __ixp46X
++ spin_lock_init(&ixp_pkq_lock);
++ /*
++ * we do not enable the go fast options here as they can potentially
++ * allow timing based attacks
++ *
++ * http://www.openssl.org/news/secadv_20030219.txt
++ */
++ ixCryptoAccPkeEauExpConfig(0, 0);
++ crypto_kregister(ixp_id, CRK_MOD_EXP, 0);
++#ifdef CONFIG_OCF_RANDOMHARVEST
++ crypto_rregister(ixp_id, ixp_read_random, NULL);
++#endif
++#endif
++
++ return 0;
++}
++
++static void
++ixp_exit(void)
++{
++ dprintk("%s()\n", __FUNCTION__);
++ crypto_unregister_all(ixp_id);
++ ixp_id = -1;
++ kmem_cache_destroy(qcache);
++ qcache = NULL;
++}
++
++module_init(ixp_init);
++module_exit(ixp_exit);
++
++MODULE_LICENSE("Dual BSD/GPL");
++MODULE_AUTHOR("David McCullough <dmccullough at cyberguard.com>");
++MODULE_DESCRIPTION("ixp (OCF module for IXP4xx crypto)");
+diff --git a/crypto/ocf/kirkwood/Makefile b/crypto/ocf/kirkwood/Makefile
+new file mode 100644
+index 0000000..6dafd00
+--- /dev/null
++++ b/crypto/ocf/kirkwood/Makefile
+@@ -0,0 +1,19 @@
++# for SGlinux builds
++-include $(ROOTDIR)/modules/.config
++
++obj-$(CONFIG_OCF_KIRKWOOD) += mv_cesa.o
++
++mv_cesa-y := cesa/mvCesa.o cesa/mvLru.o cesa/mvMD5.o cesa/mvSHA1.o cesa/AES/mvAesAlg.o cesa/AES/mvAesApi.o cesa/mvCesaDebug.o cesa_ocf_drv.o
++
++# Extra objects required by the CESA driver
++mv_cesa-y += mvHal/kw_family/ctrlEnv/mvCtrlEnvLib.o mvHal/kw_family/boardEnv/mvBoardEnvLib.o mvHal/mv_hal/twsi/mvTwsi.o mvHal/kw_family/ctrlEnv/sys/mvCpuIf.o mvHal/kw_family/ctrlEnv/sys/mvAhbToMbus.o mvHal/kw_family/ctrlEnv/sys/mvSysDram.o mvHal/linux_oss/mvOs.o mvHal/kw_family/ctrlEnv/mvCtrlEnvAddrDec.o mvHal/mv_hal/gpp/mvGpp.o mvHal/kw_family/ctrlEnv/sys/mvSysPex.o mvHal/mv_hal/pex/mvPex.o mvHal/kw_family/boardEnv/mvBoardEnvSpec.o mvHal/common/mvCommon.o mvHal/common/mvDebug.o mvHal/kw_family/ctrlEnv/sys/mvSysCesa.o
++
++ifdef src
++EXTRA_CFLAGS += -I$(src)/.. -I$(src)/cesa -I$(src)/mvHal -I$(src)/mvHal/common -I$(src)/mvHal/kw_family -I$(src)/mvHal/mv_hal -I$(src)/mvHal/linux_oss -I$(src)
++endif
++
++EXTRA_CFLAGS += -DMV_LINUX -DMV_CPU_LE -DMV_ARM -DMV_INCLUDE_CESA -DMV_INCLUDE_PEX -DMV_CACHE_COHERENCY=3
++ifdef TOPDIR
++-include $(TOPDIR)/Rules.make
++endif
++
+diff --git a/crypto/ocf/kirkwood/cesa/AES/mvAes.h b/crypto/ocf/kirkwood/cesa/AES/mvAes.h
+new file mode 100644
+index 0000000..07a8601
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/AES/mvAes.h
+@@ -0,0 +1,62 @@
++/* mvAes.h v2.0 August '99
++ * Reference ANSI C code
++ */
++
++/* AES Cipher header file for ANSI C Submissions
++ Lawrence E. Bassham III
++ Computer Security Division
++ National Institute of Standards and Technology
++
++ April 15, 1998
++
++ This sample is to assist implementers developing to the Cryptographic
++API Profile for AES Candidate Algorithm Submissions. Please consult this
++document as a cross-reference.
++
++ ANY CHANGES, WHERE APPROPRIATE, TO INFORMATION PROVIDED IN THIS FILE
++MUST BE DOCUMENTED. CHANGES ARE ONLY APPROPRIATE WHERE SPECIFIED WITH
++THE STRING "CHANGE POSSIBLE". FUNCTION CALLS AND THEIR PARAMETERS CANNOT
++BE CHANGED. STRUCTURES CAN BE ALTERED TO ALLOW IMPLEMENTERS TO INCLUDE
++IMPLEMENTATION SPECIFIC INFORMATION.
++*/
++
++/* Includes:
++ Standard include files
++*/
++
++#include "mvOs.h"
++
++
++/* Error Codes - CHANGE POSSIBLE: inclusion of additional error codes */
++
++/* Key direction is invalid, e.g., unknown value */
++#define AES_BAD_KEY_DIR -1
++
++/* Key material not of correct length */
++#define AES_BAD_KEY_MAT -2
++
++/* Key passed is not valid */
++#define AES_BAD_KEY_INSTANCE -3
++
++/* Params struct passed to cipherInit invalid */
++#define AES_BAD_CIPHER_MODE -4
++
++/* Cipher in wrong state (e.g., not initialized) */
++#define AES_BAD_CIPHER_STATE -5
++
++#define AES_BAD_CIPHER_INSTANCE -7
++
++
++/* Function protoypes */
++/* CHANGED: makeKey(): parameter blockLen added
++ this parameter is absolutely necessary if you want to
++ setup the round keys in a variable block length setting
++ cipherInit(): parameter blockLen added (for obvious reasons)
++ */
++int aesMakeKey(MV_U8 *expandedKey, MV_U8 *keyMaterial, int keyLen, int blockLen);
++int aesBlockEncrypt128(MV_U8 mode, MV_U8 *IV, MV_U8 *expandedKey, int keyLen,
++ MV_U32 *plain, int numBlocks, MV_U32 *cipher);
++int aesBlockDecrypt128(MV_U8 mode, MV_U8 *IV, MV_U8 *expandedKey, int keyLen,
++ MV_U32 *plain, int numBlocks, MV_U32 *cipher);
++
++
+diff --git a/crypto/ocf/kirkwood/cesa/AES/mvAesAlg.c b/crypto/ocf/kirkwood/cesa/AES/mvAesAlg.c
+new file mode 100644
+index 0000000..a65dc28
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/AES/mvAesAlg.c
+@@ -0,0 +1,317 @@
++/* rijndael-alg-ref.c v2.0 August '99
++ * Reference ANSI C code
++ * authors: Paulo Barreto
++ * Vincent Rijmen, K.U.Leuven
++ *
++ * This code is placed in the public domain.
++ */
++
++#include "mvOs.h"
++
++#include "mvAesAlg.h"
++
++#include "mvAesBoxes.dat"
++
++
++MV_U8 mul1(MV_U8 aa, MV_U8 bb);
++void KeyAddition(MV_U8 a[4][MAXBC], MV_U8 rk[4][MAXBC], MV_U8 BC);
++void ShiftRow128Enc(MV_U8 a[4][MAXBC]);
++void ShiftRow128Dec(MV_U8 a[4][MAXBC]);
++void Substitution(MV_U8 a[4][MAXBC], MV_U8 box[256]);
++void MixColumn(MV_U8 a[4][MAXBC], MV_U8 rk[4][MAXBC]);
++void InvMixColumn(MV_U8 a[4][MAXBC]);
++
++
++#define mul(aa, bb) (mask[bb] & Alogtable[aa + Logtable[bb]])
++
++MV_U8 mul1(MV_U8 aa, MV_U8 bb)
++{
++ return mask[bb] & Alogtable[aa + Logtable[bb]];
++}
++
++
++void KeyAddition(MV_U8 a[4][MAXBC], MV_U8 rk[4][MAXBC], MV_U8 BC)
++{
++ /* Exor corresponding text input and round key input bytes
++ */
++ ((MV_U32*)(&(a[0][0])))[0] ^= ((MV_U32*)(&(rk[0][0])))[0];
++ ((MV_U32*)(&(a[1][0])))[0] ^= ((MV_U32*)(&(rk[1][0])))[0];
++ ((MV_U32*)(&(a[2][0])))[0] ^= ((MV_U32*)(&(rk[2][0])))[0];
++ ((MV_U32*)(&(a[3][0])))[0] ^= ((MV_U32*)(&(rk[3][0])))[0];
++
++}
++
++void ShiftRow128Enc(MV_U8 a[4][MAXBC]) {
++ /* Row 0 remains unchanged
++ * The other three rows are shifted a variable amount
++ */
++ MV_U8 tmp[MAXBC];
++
++ tmp[0] = a[1][1];
++ tmp[1] = a[1][2];
++ tmp[2] = a[1][3];
++ tmp[3] = a[1][0];
++
++ ((MV_U32*)(&(a[1][0])))[0] = ((MV_U32*)(&(tmp[0])))[0];
++ /*
++ a[1][0] = tmp[0];
++ a[1][1] = tmp[1];
++ a[1][2] = tmp[2];
++ a[1][3] = tmp[3];
++ */
++ tmp[0] = a[2][2];
++ tmp[1] = a[2][3];
++ tmp[2] = a[2][0];
++ tmp[3] = a[2][1];
++
++ ((MV_U32*)(&(a[2][0])))[0] = ((MV_U32*)(&(tmp[0])))[0];
++ /*
++ a[2][0] = tmp[0];
++ a[2][1] = tmp[1];
++ a[2][2] = tmp[2];
++ a[2][3] = tmp[3];
++ */
++ tmp[0] = a[3][3];
++ tmp[1] = a[3][0];
++ tmp[2] = a[3][1];
++ tmp[3] = a[3][2];
++
++ ((MV_U32*)(&(a[3][0])))[0] = ((MV_U32*)(&(tmp[0])))[0];
++ /*
++ a[3][0] = tmp[0];
++ a[3][1] = tmp[1];
++ a[3][2] = tmp[2];
++ a[3][3] = tmp[3];
++ */
++}
++
++void ShiftRow128Dec(MV_U8 a[4][MAXBC]) {
++ /* Row 0 remains unchanged
++ * The other three rows are shifted a variable amount
++ */
++ MV_U8 tmp[MAXBC];
++
++ tmp[0] = a[1][3];
++ tmp[1] = a[1][0];
++ tmp[2] = a[1][1];
++ tmp[3] = a[1][2];
++
++ ((MV_U32*)(&(a[1][0])))[0] = ((MV_U32*)(&(tmp[0])))[0];
++ /*
++ a[1][0] = tmp[0];
++ a[1][1] = tmp[1];
++ a[1][2] = tmp[2];
++ a[1][3] = tmp[3];
++ */
++
++ tmp[0] = a[2][2];
++ tmp[1] = a[2][3];
++ tmp[2] = a[2][0];
++ tmp[3] = a[2][1];
++
++ ((MV_U32*)(&(a[2][0])))[0] = ((MV_U32*)(&(tmp[0])))[0];
++ /*
++ a[2][0] = tmp[0];
++ a[2][1] = tmp[1];
++ a[2][2] = tmp[2];
++ a[2][3] = tmp[3];
++ */
++
++ tmp[0] = a[3][1];
++ tmp[1] = a[3][2];
++ tmp[2] = a[3][3];
++ tmp[3] = a[3][0];
++
++ ((MV_U32*)(&(a[3][0])))[0] = ((MV_U32*)(&(tmp[0])))[0];
++ /*
++ a[3][0] = tmp[0];
++ a[3][1] = tmp[1];
++ a[3][2] = tmp[2];
++ a[3][3] = tmp[3];
++ */
++}
++
++void Substitution(MV_U8 a[4][MAXBC], MV_U8 box[256]) {
++ /* Replace every byte of the input by the byte at that place
++ * in the nonlinear S-box
++ */
++ int i, j;
++
++ for(i = 0; i < 4; i++)
++ for(j = 0; j < 4; j++) a[i][j] = box[a[i][j]] ;
++}
++
++void MixColumn(MV_U8 a[4][MAXBC], MV_U8 rk[4][MAXBC]) {
++ /* Mix the four bytes of every column in a linear way
++ */
++ MV_U8 b[4][MAXBC];
++ int i, j;
++
++ for(j = 0; j < 4; j++){
++ b[0][j] = mul(25,a[0][j]) ^ mul(1,a[1][j]) ^ a[2][j] ^ a[3][j];
++ b[1][j] = mul(25,a[1][j]) ^ mul(1,a[2][j]) ^ a[3][j] ^ a[0][j];
++ b[2][j] = mul(25,a[2][j]) ^ mul(1,a[3][j]) ^ a[0][j] ^ a[1][j];
++ b[3][j] = mul(25,a[3][j]) ^ mul(1,a[0][j]) ^ a[1][j] ^ a[2][j];
++ }
++ for(i = 0; i < 4; i++)
++ /*for(j = 0; j < BC; j++) a[i][j] = b[i][j];*/
++ ((MV_U32*)(&(a[i][0])))[0] = ((MV_U32*)(&(b[i][0])))[0] ^ ((MV_U32*)(&(rk[i][0])))[0];;
++}
++
++void InvMixColumn(MV_U8 a[4][MAXBC]) {
++ /* Mix the four bytes of every column in a linear way
++ * This is the opposite operation of Mixcolumn
++ */
++ MV_U8 b[4][MAXBC];
++ int i, j;
++
++ for(j = 0; j < 4; j++){
++ b[0][j] = mul(223,a[0][j]) ^ mul(104,a[1][j]) ^ mul(238,a[2][j]) ^ mul(199,a[3][j]);
++ b[1][j] = mul(223,a[1][j]) ^ mul(104,a[2][j]) ^ mul(238,a[3][j]) ^ mul(199,a[0][j]);
++ b[2][j] = mul(223,a[2][j]) ^ mul(104,a[3][j]) ^ mul(238,a[0][j]) ^ mul(199,a[1][j]);
++ b[3][j] = mul(223,a[3][j]) ^ mul(104,a[0][j]) ^ mul(238,a[1][j]) ^ mul(199,a[2][j]);
++ }
++ for(i = 0; i < 4; i++)
++ /*for(j = 0; j < BC; j++) a[i][j] = b[i][j];*/
++ ((MV_U32*)(&(a[i][0])))[0] = ((MV_U32*)(&(b[i][0])))[0];
++}
++
++int rijndaelKeySched (MV_U8 k[4][MAXKC], int keyBits, int blockBits, MV_U8 W[MAXROUNDS+1][4][MAXBC])
++{
++ /* Calculate the necessary round keys
++ * The number of calculations depends on keyBits and blockBits
++ */
++ int KC, BC, ROUNDS;
++ int i, j, t, rconpointer = 0;
++ MV_U8 tk[4][MAXKC];
++
++ switch (keyBits) {
++ case 128: KC = 4; break;
++ case 192: KC = 6; break;
++ case 256: KC = 8; break;
++ default : return (-1);
++ }
++
++ switch (blockBits) {
++ case 128: BC = 4; break;
++ case 192: BC = 6; break;
++ case 256: BC = 8; break;
++ default : return (-2);
++ }
++
++ switch (keyBits >= blockBits ? keyBits : blockBits) {
++ case 128: ROUNDS = 10; break;
++ case 192: ROUNDS = 12; break;
++ case 256: ROUNDS = 14; break;
++ default : return (-3); /* this cannot happen */
++ }
++
++
++ for(j = 0; j < KC; j++)
++ for(i = 0; i < 4; i++)
++ tk[i][j] = k[i][j];
++ t = 0;
++ /* copy values into round key array */
++ for(j = 0; (j < KC) && (t < (ROUNDS+1)*BC); j++, t++)
++ for(i = 0; i < 4; i++) W[t / BC][i][t % BC] = tk[i][j];
++
++ while (t < (ROUNDS+1)*BC) { /* while not enough round key material calculated */
++ /* calculate new values */
++ for(i = 0; i < 4; i++)
++ tk[i][0] ^= S[tk[(i+1)%4][KC-1]];
++ tk[0][0] ^= rcon[rconpointer++];
++
++ if (KC != 8)
++ for(j = 1; j < KC; j++)
++ for(i = 0; i < 4; i++) tk[i][j] ^= tk[i][j-1];
++ else {
++ for(j = 1; j < KC/2; j++)
++ for(i = 0; i < 4; i++) tk[i][j] ^= tk[i][j-1];
++ for(i = 0; i < 4; i++) tk[i][KC/2] ^= S[tk[i][KC/2 - 1]];
++ for(j = KC/2 + 1; j < KC; j++)
++ for(i = 0; i < 4; i++) tk[i][j] ^= tk[i][j-1];
++ }
++ /* copy values into round key array */
++ for(j = 0; (j < KC) && (t < (ROUNDS+1)*BC); j++, t++)
++ for(i = 0; i < 4; i++) W[t / BC][i][t % BC] = tk[i][j];
++ }
++
++ return 0;
++}
++
++
++
++int rijndaelEncrypt128(MV_U8 a[4][MAXBC], MV_U8 rk[MAXROUNDS+1][4][MAXBC], int rounds)
++{
++ /* Encryption of one block.
++ */
++ int r, BC, ROUNDS;
++
++ BC = 4;
++ ROUNDS = rounds;
++
++ /* begin with a key addition
++ */
++
++ KeyAddition(a,rk[0],BC);
++
++ /* ROUNDS-1 ordinary rounds
++ */
++ for(r = 1; r < ROUNDS; r++) {
++ Substitution(a,S);
++ ShiftRow128Enc(a);
++ MixColumn(a, rk[r]);
++ /*KeyAddition(a,rk[r],BC);*/
++ }
++
++ /* Last round is special: there is no MixColumn
++ */
++ Substitution(a,S);
++ ShiftRow128Enc(a);
++ KeyAddition(a,rk[ROUNDS],BC);
++
++ return 0;
++}
++
++
++int rijndaelDecrypt128(MV_U8 a[4][MAXBC], MV_U8 rk[MAXROUNDS+1][4][MAXBC], int rounds)
++{
++ int r, BC, ROUNDS;
++
++ BC = 4;
++ ROUNDS = rounds;
++
++ /* To decrypt: apply the inverse operations of the encrypt routine,
++ * in opposite order
++ *
++ * (KeyAddition is an involution: it 's equal to its inverse)
++ * (the inverse of Substitution with table S is Substitution with the inverse table of S)
++ * (the inverse of Shiftrow is Shiftrow over a suitable distance)
++ */
++
++ /* First the special round:
++ * without InvMixColumn
++ * with extra KeyAddition
++ */
++ KeyAddition(a,rk[ROUNDS],BC);
++ ShiftRow128Dec(a);
++ Substitution(a,Si);
++
++ /* ROUNDS-1 ordinary rounds
++ */
++ for(r = ROUNDS-1; r > 0; r--) {
++ KeyAddition(a,rk[r],BC);
++ InvMixColumn(a);
++ ShiftRow128Dec(a);
++ Substitution(a,Si);
++
++ }
++
++ /* End with the extra key addition
++ */
++
++ KeyAddition(a,rk[0],BC);
++
++ return 0;
++}
++
+diff --git a/crypto/ocf/kirkwood/cesa/AES/mvAesAlg.h b/crypto/ocf/kirkwood/cesa/AES/mvAesAlg.h
+new file mode 100644
+index 0000000..ec81e40
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/AES/mvAesAlg.h
+@@ -0,0 +1,19 @@
++/* rijndael-alg-ref.h v2.0 August '99
++ * Reference ANSI C code
++ * authors: Paulo Barreto
++ * Vincent Rijmen, K.U.Leuven
++ */
++#ifndef __RIJNDAEL_ALG_H
++#define __RIJNDAEL_ALG_H
++
++#define MAXBC (128/32)
++#define MAXKC (256/32)
++#define MAXROUNDS 14
++
++
++int rijndaelKeySched (MV_U8 k[4][MAXKC], int keyBits, int blockBits, MV_U8 rk[MAXROUNDS+1][4][MAXBC]);
++
++int rijndaelEncrypt128(MV_U8 a[4][MAXBC], MV_U8 rk[MAXROUNDS+1][4][MAXBC], int rounds);
++int rijndaelDecrypt128(MV_U8 a[4][MAXBC], MV_U8 rk[MAXROUNDS+1][4][MAXBC], int rounds);
++
++#endif /* __RIJNDAEL_ALG_H */
+diff --git a/crypto/ocf/kirkwood/cesa/AES/mvAesApi.c b/crypto/ocf/kirkwood/cesa/AES/mvAesApi.c
+new file mode 100644
+index 0000000..b432dc6
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/AES/mvAesApi.c
+@@ -0,0 +1,312 @@
++/* rijndael-api-ref.c v2.1 April 2000
++ * Reference ANSI C code
++ * authors: v2.0 Paulo Barreto
++ * Vincent Rijmen, K.U.Leuven
++ * v2.1 Vincent Rijmen, K.U.Leuven
++ *
++ * This code is placed in the public domain.
++ */
++#include "mvOs.h"
++
++#include "mvAes.h"
++#include "mvAesAlg.h"
++
++
++/* Defines:
++ Add any additional defines you need
++*/
++
++#define MODE_ECB 1 /* Are we ciphering in ECB mode? */
++#define MODE_CBC 2 /* Are we ciphering in CBC mode? */
++#define MODE_CFB1 3 /* Are we ciphering in 1-bit CFB mode? */
++
++
++int aesMakeKey(MV_U8 *expandedKey, MV_U8 *keyMaterial, int keyLen, int blockLen)
++{
++ MV_U8 W[MAXROUNDS+1][4][MAXBC];
++ MV_U8 k[4][MAXKC];
++ MV_U8 j;
++ int i, rounds, KC;
++
++ if (expandedKey == NULL)
++ {
++ return AES_BAD_KEY_INSTANCE;
++ }
++
++ if (!((keyLen == 128) || (keyLen == 192) || (keyLen == 256)))
++ {
++ return AES_BAD_KEY_MAT;
++ }
++
++ if (keyMaterial == NULL)
++ {
++ return AES_BAD_KEY_MAT;
++ }
++
++ /* initialize key schedule: */
++ for(i=0; i<keyLen/8; i++)
++ {
++ j = keyMaterial[i];
++ k[i % 4][i / 4] = j;
++ }
++
++ rijndaelKeySched (k, keyLen, blockLen, W);
++#ifdef MV_AES_DEBUG
++ {
++ MV_U8* pW = &W[0][0][0];
++ int x;
++
++ mvOsPrintf("Expended Key: size = %d\n", sizeof(W));
++ for(i=0; i<sizeof(W); i++)
++ {
++ mvOsPrintf("%02x ", pW[i]);
++ }
++ for(i=0; i<MAXROUNDS+1; i++)
++ {
++ mvOsPrintf("\n Round #%02d: ", i);
++ for(x=0; x<MAXBC; x++)
++ {
++ mvOsPrintf("%02x%02x%02x%02x ",
++ W[i][0][x], W[i][1][x], W[i][2][x], W[i][3][x]);
++ }
++ mvOsPrintf("\n");
++ }
++ }
++#endif /* MV_AES_DEBUG */
++ switch (keyLen)
++ {
++ case 128:
++ rounds = 10;
++ KC = 4;
++ break;
++ case 192:
++ rounds = 12;
++ KC = 6;
++ break;
++ case 256:
++ rounds = 14;
++ KC = 8;
++ break;
++ default :
++ return (-1);
++ }
++
++ for(i=0; i<MAXBC; i++)
++ {
++ for(j=0; j<4; j++)
++ {
++ expandedKey[i*4+j] = W[rounds][j][i];
++ }
++ }
++ for(; i<KC; i++)
++ {
++ for(j=0; j<4; j++)
++ {
++ expandedKey[i*4+j] = W[rounds-1][j][i+MAXBC-KC];
++ }
++ }
++
++
++ return 0;
++}
++
++int aesBlockEncrypt128(MV_U8 mode, MV_U8 *IV, MV_U8 *expandedKey, int keyLen,
++ MV_U32 *plain, int numBlocks, MV_U32 *cipher)
++{
++ int i, j, t;
++ MV_U8 block[4][MAXBC];
++ int rounds;
++ char *input, *outBuffer;
++
++ input = (char*)plain;
++ outBuffer = (char*)cipher;
++
++ /* check parameter consistency: */
++ if( (expandedKey == NULL) || ((keyLen != 128) && (keyLen != 192) && (keyLen != 256)))
++ {
++ return AES_BAD_KEY_MAT;
++ }
++ if ((mode != MODE_ECB && mode != MODE_CBC))
++ {
++ return AES_BAD_CIPHER_STATE;
++ }
++
++ switch (keyLen)
++ {
++ case 128: rounds = 10; break;
++ case 192: rounds = 12; break;
++ case 256: rounds = 14; break;
++ default : return (-3); /* this cannot happen */
++ }
++
++
++ switch (mode)
++ {
++ case MODE_ECB:
++ for (i = 0; i < numBlocks; i++)
++ {
++ for (j = 0; j < 4; j++)
++ {
++ for(t = 0; t < 4; t++)
++ /* parse input stream into rectangular array */
++ block[t][j] = input[16*i+4*j+t] & 0xFF;
++ }
++ rijndaelEncrypt128(block, (MV_U8 (*)[4][MAXBC])expandedKey, rounds);
++ for (j = 0; j < 4; j++)
++ {
++ /* parse rectangular array into output ciphertext bytes */
++ for(t = 0; t < 4; t++)
++ outBuffer[16*i+4*j+t] = (MV_U8) block[t][j];
++
++ }
++ }
++ break;
++
++ case MODE_CBC:
++ for (j = 0; j < 4; j++)
++ {
++ for(t = 0; t < 4; t++)
++ /* parse initial value into rectangular array */
++ block[t][j] = IV[t+4*j] & 0xFF;
++ }
++ for (i = 0; i < numBlocks; i++)
++ {
++ for (j = 0; j < 4; j++)
++ {
++ for(t = 0; t < 4; t++)
++ /* parse input stream into rectangular array and exor with
++ IV or the previous ciphertext */
++ block[t][j] ^= input[16*i+4*j+t] & 0xFF;
++ }
++ rijndaelEncrypt128(block, (MV_U8 (*)[4][MAXBC])expandedKey, rounds);
++ for (j = 0; j < 4; j++)
++ {
++ /* parse rectangular array into output ciphertext bytes */
++ for(t = 0; t < 4; t++)
++ outBuffer[16*i+4*j+t] = (MV_U8) block[t][j];
++ }
++ }
++ break;
++
++ default: return AES_BAD_CIPHER_STATE;
++ }
++
++ return 0;
++}
++
++int aesBlockDecrypt128(MV_U8 mode, MV_U8 *IV, MV_U8 *expandedKey, int keyLen,
++ MV_U32 *srcData, int numBlocks, MV_U32 *dstData)
++{
++ int i, j, t;
++ MV_U8 block[4][MAXBC];
++ MV_U8 iv[4][MAXBC];
++ int rounds;
++ char *input, *outBuffer;
++
++ input = (char*)srcData;
++ outBuffer = (char*)dstData;
++
++ if (expandedKey == NULL)
++ {
++ return AES_BAD_KEY_MAT;
++ }
++
++ /* check parameter consistency: */
++ if (keyLen != 128 && keyLen != 192 && keyLen != 256)
++ {
++ return AES_BAD_KEY_MAT;
++ }
++ if ((mode != MODE_ECB && mode != MODE_CBC))
++ {
++ return AES_BAD_CIPHER_STATE;
++ }
++
++ switch (keyLen)
++ {
++ case 128: rounds = 10; break;
++ case 192: rounds = 12; break;
++ case 256: rounds = 14; break;
++ default : return (-3); /* this cannot happen */
++ }
++
++
++ switch (mode)
++ {
++ case MODE_ECB:
++ for (i = 0; i < numBlocks; i++)
++ {
++ for (j = 0; j < 4; j++)
++ {
++ for(t = 0; t < 4; t++)
++ {
++ /* parse input stream into rectangular array */
++ block[t][j] = input[16*i+4*j+t] & 0xFF;
++ }
++ }
++ rijndaelDecrypt128(block, (MV_U8 (*)[4][MAXBC])expandedKey, rounds);
++ for (j = 0; j < 4; j++)
++ {
++ /* parse rectangular array into output ciphertext bytes */
++ for(t = 0; t < 4; t++)
++ outBuffer[16*i+4*j+t] = (MV_U8) block[t][j];
++ }
++ }
++ break;
++
++ case MODE_CBC:
++ /* first block */
++ for (j = 0; j < 4; j++)
++ {
++ for(t = 0; t < 4; t++)
++ {
++ /* parse input stream into rectangular array */
++ block[t][j] = input[4*j+t] & 0xFF;
++ iv[t][j] = block[t][j];
++ }
++ }
++ rijndaelDecrypt128(block, (MV_U8 (*)[4][MAXBC])expandedKey, rounds);
++
++ for (j = 0; j < 4; j++)
++ {
++ /* exor the IV and parse rectangular array into output ciphertext bytes */
++ for(t = 0; t < 4; t++)
++ {
++ outBuffer[4*j+t] = (MV_U8) (block[t][j] ^ IV[t+4*j]);
++ IV[t+4*j] = iv[t][j];
++ }
++ }
++
++ /* next blocks */
++ for (i = 1; i < numBlocks; i++)
++ {
++ for (j = 0; j < 4; j++)
++ {
++ for(t = 0; t < 4; t++)
++ {
++ /* parse input stream into rectangular array */
++ iv[t][j] = input[16*i+4*j+t] & 0xFF;
++ block[t][j] = iv[t][j];
++ }
++ }
++ rijndaelDecrypt128(block, (MV_U8 (*)[4][MAXBC])expandedKey, rounds);
++
++ for (j = 0; j < 4; j++)
++ {
++ /* exor previous ciphertext block and parse rectangular array
++ into output ciphertext bytes */
++ for(t = 0; t < 4; t++)
++ {
++ outBuffer[16*i+4*j+t] = (MV_U8) (block[t][j] ^ IV[t+4*j]);
++ IV[t+4*j] = iv[t][j];
++ }
++ }
++ }
++ break;
++
++ default: return AES_BAD_CIPHER_STATE;
++ }
++
++ return 0;
++}
++
++
+diff --git a/crypto/ocf/kirkwood/cesa/mvCesa.c b/crypto/ocf/kirkwood/cesa/mvCesa.c
+new file mode 100644
+index 0000000..17ab086
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvCesa.c
+@@ -0,0 +1,3126 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++#include "cesa/mvCesa.h"
++
++#include "ctrlEnv/mvCtrlEnvLib.h"
++#undef CESA_DEBUG
++
++
++/********** Global variables **********/
++
++/* If request size is more than MV_CESA_MAX_BUF_SIZE the
++ * request is processed as fragmented request.
++ */
++
++MV_CESA_STATS cesaStats;
++
++MV_BUF_INFO cesaSramSaBuf;
++short cesaLastSid = -1;
++MV_CESA_SA* pCesaSAD = NULL;
++MV_U16 cesaMaxSA = 0;
++
++MV_CESA_REQ* pCesaReqFirst = NULL;
++MV_CESA_REQ* pCesaReqLast = NULL;
++MV_CESA_REQ* pCesaReqEmpty = NULL;
++MV_CESA_REQ* pCesaReqProcess = NULL;
++int cesaQueueDepth = 0;
++int cesaReqResources = 0;
++
++MV_CESA_SRAM_MAP* cesaSramVirtPtr = NULL;
++MV_U32 cesaCryptEngBase = 0;
++void *cesaOsHandle = NULL;
++#if (MV_CESA_VERSION >= 3)
++MV_U32 cesaChainLength = 0;
++int chainReqNum = 0;
++MV_U32 chainIndex = 0;
++MV_CESA_REQ* pNextActiveChain = 0;
++MV_CESA_REQ* pEndCurrChain = 0;
++MV_BOOL isFirstReq = MV_TRUE;
++#endif
++
++static INLINE MV_U8* mvCesaSramAddrGet(void)
++{
++#ifdef MV_CESA_NO_SRAM
++ return (MV_U8*)cesaSramVirtPtr;
++#else
++ return (MV_U8*)cesaCryptEngBase;
++#endif /* MV_CESA_NO_SRAM */
++}
++
++static INLINE MV_ULONG mvCesaSramVirtToPhys(void* pDev, MV_U8* pSramVirt)
++{
++#ifdef MV_CESA_NO_SRAM
++ return (MV_ULONG)mvOsIoVirtToPhy(NULL, pSramVirt);
++#else
++ return (MV_ULONG)pSramVirt;
++#endif /* MV_CESA_NO_SRAM */
++}
++
++/* Internal Function prototypes */
++
++static INLINE void mvCesaSramDescrBuild(MV_U32 config, int frag,
++ int cryptoOffset, int ivOffset, int cryptoLength,
++ int macOffset, int digestOffset, int macLength, int macTotalLen,
++ MV_CESA_REQ *pCesaReq, MV_DMA_DESC* pDmaDesc);
++
++static INLINE void mvCesaSramSaUpdate(short sid, MV_DMA_DESC *pDmaDesc);
++
++static INLINE int mvCesaDmaCopyPrepare(MV_CESA_MBUF* pMbuf, MV_U8* pSramBuf,
++ MV_DMA_DESC* pDmaDesc, MV_BOOL isToMbuf,
++ int offset, int copySize, MV_BOOL skipFlush);
++
++static void mvCesaHmacIvGet(MV_CESA_MAC_MODE macMode, unsigned char key[], int keyLength,
++ unsigned char innerIV[], unsigned char outerIV[]);
++
++static MV_STATUS mvCesaFragAuthComplete(MV_CESA_REQ* pReq, MV_CESA_SA* pSA,
++ int macDataSize);
++
++static MV_CESA_COMMAND* mvCesaCtrModeInit(void);
++
++static MV_STATUS mvCesaCtrModePrepare(MV_CESA_COMMAND *pCtrModeCmd, MV_CESA_COMMAND *pCmd);
++static MV_STATUS mvCesaCtrModeComplete(MV_CESA_COMMAND *pOrgCmd, MV_CESA_COMMAND *pCmd);
++static void mvCesaCtrModeFinish(MV_CESA_COMMAND *pCmd);
++
++static INLINE MV_STATUS mvCesaReqProcess(MV_CESA_REQ* pReq);
++static MV_STATUS mvCesaFragReqProcess(MV_CESA_REQ* pReq, MV_U8 frag);
++
++static INLINE MV_STATUS mvCesaParamCheck(MV_CESA_SA* pSA, MV_CESA_COMMAND *pCmd, MV_U8* pFixOffset);
++static INLINE MV_STATUS mvCesaFragParamCheck(MV_CESA_SA* pSA, MV_CESA_COMMAND *pCmd);
++
++static INLINE void mvCesaFragSizeFind(MV_CESA_SA* pSA, MV_CESA_REQ* pReq,
++ int cryptoOffset, int macOffset,
++ int* pCopySize, int* pCryptoDataSize, int* pMacDataSize);
++static MV_STATUS mvCesaMbufCacheUnmap(MV_CESA_MBUF* pMbuf, int offset, int size);
++
++
++/* Go to the next request in the request queue */
++static INLINE MV_CESA_REQ* MV_CESA_REQ_NEXT_PTR(MV_CESA_REQ* pReq)
++{
++ if(pReq == pCesaReqLast)
++ return pCesaReqFirst;
++
++ return pReq+1;
++}
++
++#if (MV_CESA_VERSION >= 3)
++/* Go to the previous request in the request queue */
++static INLINE MV_CESA_REQ* MV_CESA_REQ_PREV_PTR(MV_CESA_REQ* pReq)
++{
++ if(pReq == pCesaReqFirst)
++ return pCesaReqLast;
++
++ return pReq-1;
++}
++
++#endif
++
++
++static INLINE void mvCesaReqProcessStart(MV_CESA_REQ* pReq)
++{
++ int frag;
++
++#if (MV_CESA_VERSION >= 3)
++ pReq->state = MV_CESA_CHAIN;
++#else
++ pReq->state = MV_CESA_PROCESS;
++#endif
++ cesaStats.startCount++;
++
++ if(pReq->fragMode == MV_CESA_FRAG_NONE)
++ {
++ frag = 0;
++ }
++ else
++ {
++ frag = pReq->frags.nextFrag;
++ pReq->frags.nextFrag++;
++ }
++#if (MV_CESA_VERSION >= 2)
++ /* Enable TDMA engine */
++ MV_REG_WRITE(MV_CESA_TDMA_CURR_DESC_PTR_REG, 0);
++ MV_REG_WRITE(MV_CESA_TDMA_NEXT_DESC_PTR_REG,
++ (MV_U32)mvCesaVirtToPhys(&pReq->dmaDescBuf, pReq->dma[frag].pDmaFirst));
++#else
++ /* Enable IDMA engine */
++ MV_REG_WRITE(IDMA_CURR_DESC_PTR_REG(0), 0);
++ MV_REG_WRITE(IDMA_NEXT_DESC_PTR_REG(0),
++ (MV_U32)mvCesaVirtToPhys(&pReq->dmaDescBuf, pReq->dma[frag].pDmaFirst));
++#endif /* MV_CESA_VERSION >= 2 */
++
++#if defined(MV_BRIDGE_SYNC_REORDER)
++ mvOsBridgeReorderWA();
++#endif
++
++ /* Start Accelerator */
++ MV_REG_WRITE(MV_CESA_CMD_REG, MV_CESA_CMD_CHAN_ENABLE_MASK);
++}
++
++
++/*******************************************************************************
++* mvCesaHalInit - Initialize the CESA driver
++*
++* DESCRIPTION:
++* This function initialize the CESA driver.
++* 1) Session database
++* 2) Request queue
++* 4) DMA descriptor lists - one list per request. Each list
++* has MV_CESA_MAX_DMA_DESC descriptors.
++*
++* INPUT:
++* numOfSession - maximum number of supported sessions
++* queueDepth - number of elements in the request queue.
++* pSramBase - virtual address of Sram
++* osHandle - A handle used by the OS to allocate memory for the
++* module (Passed to the OS Services layer)
++*
++* RETURN:
++* MV_OK - Success
++* MV_NO_RESOURCE - Fail, can't allocate resources:
++* Session database, request queue,
++* DMA descriptors list, LRU cache database.
++* MV_NOT_ALIGNED - Sram base address is not 8 byte aligned.
++*
++*******************************************************************************/
++MV_STATUS mvCesaHalInit (int numOfSession, int queueDepth, char* pSramBase, MV_U32 cryptEngBase,
++ void *osHandle)
++{
++ int i, req;
++ MV_U32 descOffsetReg, configReg;
++ MV_CESA_SRAM_SA *pSramSA;
++
++
++ mvOsPrintf("mvCesaInit: sessions=%d, queue=%d, pSram=%p\n",
++ numOfSession, queueDepth, pSramBase);
++
++ cesaOsHandle = osHandle;
++ /* Create Session database */
++ pCesaSAD = mvOsMalloc(sizeof(MV_CESA_SA)*numOfSession);
++ if(pCesaSAD == NULL)
++ {
++ mvOsPrintf("mvCesaInit: Can't allocate %u bytes for %d SAs\n",
++ sizeof(MV_CESA_SA)*numOfSession, numOfSession);
++ mvCesaFinish();
++ return MV_NO_RESOURCE;
++ }
++ memset(pCesaSAD, 0, sizeof(MV_CESA_SA)*numOfSession);
++ cesaMaxSA = numOfSession;
++
++ /* Allocate imag of sramSA in the DRAM */
++ cesaSramSaBuf.bufSize = sizeof(MV_CESA_SRAM_SA)*numOfSession +
++ CPU_D_CACHE_LINE_SIZE;
++
++ cesaSramSaBuf.bufVirtPtr = mvOsIoCachedMalloc(osHandle,cesaSramSaBuf.bufSize,
++ &cesaSramSaBuf.bufPhysAddr,
++ &cesaSramSaBuf.memHandle);
++
++ if(cesaSramSaBuf.bufVirtPtr == NULL)
++ {
++ mvOsPrintf("mvCesaInit: Can't allocate %d bytes for sramSA structures\n",
++ cesaSramSaBuf.bufSize);
++ mvCesaFinish();
++ return MV_NO_RESOURCE;
++ }
++ memset(cesaSramSaBuf.bufVirtPtr, 0, cesaSramSaBuf.bufSize);
++ pSramSA = (MV_CESA_SRAM_SA*)MV_ALIGN_UP((MV_ULONG)cesaSramSaBuf.bufVirtPtr,
++ CPU_D_CACHE_LINE_SIZE);
++ for(i=0; i<numOfSession; i++)
++ {
++ pCesaSAD[i].pSramSA = &pSramSA[i];
++ }
++
++ /* Create request queue */
++ pCesaReqFirst = mvOsMalloc(sizeof(MV_CESA_REQ)*queueDepth);
++ if(pCesaReqFirst == NULL)
++ {
++ mvOsPrintf("mvCesaInit: Can't allocate %u bytes for %d requests\n",
++ sizeof(MV_CESA_REQ)*queueDepth, queueDepth);
++ mvCesaFinish();
++ return MV_NO_RESOURCE;
++ }
++ memset(pCesaReqFirst, 0, sizeof(MV_CESA_REQ)*queueDepth);
++ pCesaReqEmpty = pCesaReqFirst;
++ pCesaReqLast = pCesaReqFirst + (queueDepth-1);
++ pCesaReqProcess = pCesaReqEmpty;
++ cesaQueueDepth = queueDepth;
++ cesaReqResources = queueDepth;
++#if (MV_CESA_VERSION >= 3)
++ cesaChainLength = MAX_CESA_CHAIN_LENGTH;
++#endif
++ /* pSramBase must be 8 byte aligned */
++ if( MV_IS_NOT_ALIGN((MV_ULONG)pSramBase, 8) )
++ {
++ mvOsPrintf("mvCesaInit: pSramBase (%p) must be 8 byte aligned\n",
++ pSramBase);
++ mvCesaFinish();
++ return MV_NOT_ALIGNED;
++ }
++ cesaSramVirtPtr = (MV_CESA_SRAM_MAP*)pSramBase;
++
++ cesaCryptEngBase = cryptEngBase;
++
++ /*memset(cesaSramVirtPtr, 0, sizeof(MV_CESA_SRAM_MAP));*/
++
++ /* Clear registers */
++ MV_REG_WRITE( MV_CESA_CFG_REG, 0);
++ MV_REG_WRITE( MV_CESA_ISR_CAUSE_REG, 0);
++ MV_REG_WRITE( MV_CESA_ISR_MASK_REG, 0);
++
++ /* Initialize DMA descriptor lists for all requests in Request queue */
++ descOffsetReg = configReg = 0;
++ for(req=0; req<queueDepth; req++)
++ {
++ int frag;
++ MV_CESA_REQ* pReq;
++ MV_DMA_DESC* pDmaDesc;
++
++ pReq = &pCesaReqFirst[req];
++
++ pReq->cesaDescBuf.bufSize = sizeof(MV_CESA_DESC)*MV_CESA_MAX_REQ_FRAGS +
++ CPU_D_CACHE_LINE_SIZE;
++
++ pReq->cesaDescBuf.bufVirtPtr =
++ mvOsIoCachedMalloc(osHandle,pReq->cesaDescBuf.bufSize,
++ &pReq->cesaDescBuf.bufPhysAddr,
++ &pReq->cesaDescBuf.memHandle);
++
++ if(pReq->cesaDescBuf.bufVirtPtr == NULL)
++ {
++ mvOsPrintf("mvCesaInit: req=%d, Can't allocate %d bytes for CESA descriptors\n",
++ req, pReq->cesaDescBuf.bufSize);
++ mvCesaFinish();
++ return MV_NO_RESOURCE;
++ }
++ memset(pReq->cesaDescBuf.bufVirtPtr, 0, pReq->cesaDescBuf.bufSize);
++ pReq->pCesaDesc = (MV_CESA_DESC*)MV_ALIGN_UP((MV_ULONG)pReq->cesaDescBuf.bufVirtPtr,
++ CPU_D_CACHE_LINE_SIZE);
++
++ pReq->dmaDescBuf.bufSize = sizeof(MV_DMA_DESC)*MV_CESA_MAX_DMA_DESC*MV_CESA_MAX_REQ_FRAGS +
++ CPU_D_CACHE_LINE_SIZE;
++
++ pReq->dmaDescBuf.bufVirtPtr =
++ mvOsIoCachedMalloc(osHandle,pReq->dmaDescBuf.bufSize,
++ &pReq->dmaDescBuf.bufPhysAddr,
++ &pReq->dmaDescBuf.memHandle);
++
++ if(pReq->dmaDescBuf.bufVirtPtr == NULL)
++ {
++ mvOsPrintf("mvCesaInit: req=%d, Can't allocate %d bytes for DMA descriptor list\n",
++ req, pReq->dmaDescBuf.bufSize);
++ mvCesaFinish();
++ return MV_NO_RESOURCE;
++ }
++ memset(pReq->dmaDescBuf.bufVirtPtr, 0, pReq->dmaDescBuf.bufSize);
++ pDmaDesc = (MV_DMA_DESC*)MV_ALIGN_UP((MV_ULONG)pReq->dmaDescBuf.bufVirtPtr,
++ CPU_D_CACHE_LINE_SIZE);
++
++ for(frag=0; frag<MV_CESA_MAX_REQ_FRAGS; frag++)
++ {
++ MV_CESA_DMA* pDma = &pReq->dma[frag];
++
++ pDma->pDmaFirst = pDmaDesc;
++ pDma->pDmaLast = NULL;
++
++ for(i=0; i<MV_CESA_MAX_DMA_DESC-1; i++)
++ {
++ /* link all DMA descriptors together */
++ pDma->pDmaFirst[i].phyNextDescPtr =
++ MV_32BIT_LE(mvCesaVirtToPhys(&pReq->dmaDescBuf, &pDmaDesc[i+1]));
++ }
++ pDma->pDmaFirst[i].phyNextDescPtr = 0;
++ mvOsCacheFlush(NULL, &pDma->pDmaFirst[0], MV_CESA_MAX_DMA_DESC*sizeof(MV_DMA_DESC));
++
++ pDmaDesc += MV_CESA_MAX_DMA_DESC;
++ }
++ }
++ /*mvCesaCryptoIvSet(NULL, MV_CESA_MAX_IV_LENGTH);*/
++ descOffsetReg = (MV_U16)((MV_U8*)&cesaSramVirtPtr->desc - mvCesaSramAddrGet());
++ MV_REG_WRITE(MV_CESA_CHAN_DESC_OFFSET_REG, descOffsetReg);
++
++ configReg |= (MV_CESA_CFG_WAIT_DMA_MASK | MV_CESA_CFG_ACT_DMA_MASK);
++#if (MV_CESA_VERSION >= 3)
++ configReg |= MV_CESA_CFG_CHAIN_MODE_MASK;
++#endif
++
++#if (MV_CESA_VERSION >= 2)
++ /* Initialize TDMA engine */
++ MV_REG_WRITE(MV_CESA_TDMA_CTRL_REG, MV_CESA_TDMA_CTRL_VALUE);
++ MV_REG_WRITE(MV_CESA_TDMA_BYTE_COUNT_REG, 0);
++ MV_REG_WRITE(MV_CESA_TDMA_CURR_DESC_PTR_REG, 0);
++#else
++ /* Initialize IDMA #0 engine */
++ MV_REG_WRITE(IDMA_CTRL_LOW_REG(0), 0);
++ MV_REG_WRITE(IDMA_BYTE_COUNT_REG(0), 0);
++ MV_REG_WRITE(IDMA_CURR_DESC_PTR_REG(0), 0);
++ MV_REG_WRITE(IDMA_CTRL_HIGH_REG(0), ICCHR_ENDIAN_LITTLE
++#ifdef MV_CPU_LE
++ | ICCHR_DESC_BYTE_SWAP_EN
++#endif
++ );
++ /* Clear Cause Byte of IDMA channel to be used */
++ MV_REG_WRITE( IDMA_CAUSE_REG, ~ICICR_CAUSE_MASK_ALL(0));
++ MV_REG_WRITE(IDMA_CTRL_LOW_REG(0), MV_CESA_IDMA_CTRL_LOW_VALUE);
++#endif /* (MV_CESA_VERSION >= 2) */
++
++ /* Set CESA configuration registers */
++ MV_REG_WRITE( MV_CESA_CFG_REG, configReg);
++ mvCesaDebugStatsClear();
++
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaFinish - Shutdown the CESA driver
++*
++* DESCRIPTION:
++* This function shutdown the CESA driver and free all allocted resources.
++*
++* INPUT: None
++*
++* RETURN:
++* MV_OK - Success
++* Other - Fail
++*
++*******************************************************************************/
++MV_STATUS mvCesaFinish (void)
++{
++ int req;
++ MV_CESA_REQ* pReq;
++
++ mvOsPrintf("mvCesaFinish: \n");
++
++ cesaSramVirtPtr = NULL;
++
++ /* Free all resources: DMA list, etc. */
++ for(req=0; req<cesaQueueDepth; req++)
++ {
++ pReq = &pCesaReqFirst[req];
++ if(pReq->dmaDescBuf.bufVirtPtr != NULL)
++ {
++ mvOsIoCachedFree(cesaOsHandle,pReq->dmaDescBuf.bufSize,
++ pReq->dmaDescBuf.bufPhysAddr,
++ pReq->dmaDescBuf.bufVirtPtr,
++ pReq->dmaDescBuf.memHandle);
++ }
++ if(pReq->cesaDescBuf.bufVirtPtr != NULL)
++ {
++ mvOsIoCachedFree(cesaOsHandle,pReq->cesaDescBuf.bufSize,
++ pReq->cesaDescBuf.bufPhysAddr,
++ pReq->cesaDescBuf.bufVirtPtr,
++ pReq->cesaDescBuf.memHandle);
++ }
++ }
++#if (MV_CESA_VERSION < 2)
++ MV_REG_WRITE(IDMA_CTRL_LOW_REG(0), 0);
++#endif /* (MV_CESA_VERSION < 2) */
++
++ /* Free request queue */
++ if(pCesaReqFirst != NULL)
++ {
++ mvOsFree(pCesaReqFirst);
++ pCesaReqFirst = pCesaReqLast = NULL;
++ pCesaReqEmpty = pCesaReqProcess = NULL;
++ cesaQueueDepth = cesaReqResources = 0;
++ }
++ /* Free SA database */
++ if(pCesaSAD != NULL)
++ {
++ mvOsFree(pCesaSAD);
++ pCesaSAD = NULL;
++ cesaMaxSA = 0;
++ }
++ MV_REG_WRITE( MV_CESA_CFG_REG, 0);
++ MV_REG_WRITE( MV_CESA_ISR_CAUSE_REG, 0);
++ MV_REG_WRITE( MV_CESA_ISR_MASK_REG, 0);
++
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaCryptoIvSet - Set IV value for Crypto algorithm working in CBC mode
++*
++* DESCRIPTION:
++* This function set IV value using by Crypto algorithms in CBC mode.
++* Each channel has its own IV value.
++* This function gets IV value from the caller. If no IV value passed from
++* the caller or only part of IV passed, the function will init the rest part
++* of IV value (or the whole IV) by random value.
++*
++* INPUT:
++* MV_U8* pIV - Pointer to IV value supplied by user. If pIV==NULL
++* the function will generate random IV value.
++* int ivSize - size (in bytes) of IV provided by user. If ivSize is
++* smaller than maximum IV size, the function will complete
++* IV by random value.
++*
++* RETURN:
++* MV_OK - Success
++* Other - Fail
++*
++*******************************************************************************/
++MV_STATUS mvCesaCryptoIvSet(MV_U8* pIV, int ivSize)
++{
++ MV_U8* pSramIV;
++#if defined(MV646xx)
++ mvOsPrintf("mvCesaCryptoIvSet: ERR. shouldn't use this call on MV64660\n");
++#endif
++ pSramIV = cesaSramVirtPtr->cryptoIV;
++ if(ivSize > MV_CESA_MAX_IV_LENGTH)
++ {
++ mvOsPrintf("mvCesaCryptoIvSet: ivSize (%d) is too large\n", ivSize);
++ ivSize = MV_CESA_MAX_IV_LENGTH;
++ }
++ if(pIV != NULL)
++ {
++ memcpy(pSramIV, pIV, ivSize);
++ ivSize = MV_CESA_MAX_IV_LENGTH - ivSize;
++ pSramIV += ivSize;
++ }
++
++ while(ivSize > 0)
++ {
++ int size, mv_random = mvOsRand();
++
++ size = MV_MIN(ivSize, sizeof(mv_random));
++ memcpy(pSramIV, (void*)&mv_random, size);
++
++ pSramIV += size;
++ ivSize -= size;
++ }
++/*
++ mvOsCacheFlush(NULL, cesaSramVirtPtr->cryptoIV,
++ MV_CESA_MAX_IV_LENGTH);
++ mvOsCacheInvalidate(NULL, cesaSramVirtPtr->cryptoIV,
++ MV_CESA_MAX_IV_LENGTH);
++*/
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaSessionOpen - Open new uni-directional crypto session
++*
++* DESCRIPTION:
++* This function open new session.
++*
++* INPUT:
++* MV_CESA_OPEN_SESSION *pSession - pointer to new session input parameters
++*
++* OUTPUT:
++* short *pSid - session ID, should be used for all future
++* requests over this session.
++*
++* RETURN:
++* MV_OK - Session opend successfully.
++* MV_FULL - All sessions are in use, no free place in
++* SA database.
++* MV_BAD_PARAM - One of session input parameters is invalid.
++*
++*******************************************************************************/
++MV_STATUS mvCesaSessionOpen(MV_CESA_OPEN_SESSION *pSession, short* pSid)
++{
++ short sid;
++ MV_U32 config = 0;
++ int digestSize;
++
++ cesaStats.openedCount++;
++
++ /* Find free entry in SAD */
++ for(sid=0; sid<cesaMaxSA; sid++)
++ {
++ if(pCesaSAD[sid].valid == 0)
++ {
++ break;
++ }
++ }
++ if(sid == cesaMaxSA)
++ {
++ mvOsPrintf("mvCesaSessionOpen: SA Database is FULL\n");
++ return MV_FULL;
++ }
++
++ /* Check Input parameters for Open session */
++ if (pSession->operation >= MV_CESA_MAX_OPERATION)
++ {
++ mvOsPrintf("mvCesaSessionOpen: Unexpected operation %d\n",
++ pSession->operation);
++ return MV_BAD_PARAM;
++ }
++ config |= (pSession->operation << MV_CESA_OPERATION_OFFSET);
++
++ if( (pSession->direction != MV_CESA_DIR_ENCODE) &&
++ (pSession->direction != MV_CESA_DIR_DECODE) )
++ {
++ mvOsPrintf("mvCesaSessionOpen: Unexpected direction %d\n",
++ pSession->direction);
++ return MV_BAD_PARAM;
++ }
++ config |= (pSession->direction << MV_CESA_DIRECTION_BIT);
++ /* Clear SA entry */
++ /* memset(&pCesaSAD[sid], 0, sizeof(pCesaSAD[sid])); */
++
++ /* Check AUTH parameters and update SA entry */
++ if(pSession->operation != MV_CESA_CRYPTO_ONLY)
++ {
++ /* For HMAC (MD5 and SHA1) - Maximum Key size is 64 bytes */
++ if( (pSession->macMode == MV_CESA_MAC_HMAC_MD5) ||
++ (pSession->macMode == MV_CESA_MAC_HMAC_SHA1) )
++ {
++ if(pSession->macKeyLength > MV_CESA_MAX_MAC_KEY_LENGTH)
++ {
++ mvOsPrintf("mvCesaSessionOpen: macKeyLength %d is too large\n",
++ pSession->macKeyLength);
++ return MV_BAD_PARAM;
++ }
++ mvCesaHmacIvGet(pSession->macMode, pSession->macKey, pSession->macKeyLength,
++ pCesaSAD[sid].pSramSA->macInnerIV,
++ pCesaSAD[sid].pSramSA->macOuterIV);
++ pCesaSAD[sid].macKeyLength = pSession->macKeyLength;
++ }
++ switch(pSession->macMode)
++ {
++ case MV_CESA_MAC_MD5:
++ case MV_CESA_MAC_HMAC_MD5:
++ digestSize = MV_CESA_MD5_DIGEST_SIZE;
++ break;
++
++ case MV_CESA_MAC_SHA1:
++ case MV_CESA_MAC_HMAC_SHA1:
++ digestSize = MV_CESA_SHA1_DIGEST_SIZE;
++ break;
++
++ default:
++ mvOsPrintf("mvCesaSessionOpen: Unexpected macMode %d\n",
++ pSession->macMode);
++ return MV_BAD_PARAM;
++ }
++ config |= (pSession->macMode << MV_CESA_MAC_MODE_OFFSET);
++
++ /* Supported digest sizes: MD5 - 16 bytes (128 bits), */
++ /* SHA1 - 20 bytes (160 bits) or 12 bytes (96 bits) for both */
++ if( (pSession->digestSize != digestSize) && (pSession->digestSize != 12))
++ {
++ mvOsPrintf("mvCesaSessionOpen: Unexpected digest size %d\n",
++ pSession->digestSize);
++ mvOsPrintf("\t Valid values [bytes]: MD5-16, SHA1-20, Both-12\n");
++ return MV_BAD_PARAM;
++ }
++ pCesaSAD[sid].digestSize = pSession->digestSize;
++
++ if(pCesaSAD[sid].digestSize == 12)
++ {
++ /* Set MV_CESA_MAC_DIGEST_SIZE_BIT if digest size is 96 bits */
++ config |= (MV_CESA_MAC_DIGEST_96B << MV_CESA_MAC_DIGEST_SIZE_BIT);
++ }
++ }
++
++ /* Check CRYPTO parameters and update SA entry */
++ if(pSession->operation != MV_CESA_MAC_ONLY)
++ {
++ switch(pSession->cryptoAlgorithm)
++ {
++ case MV_CESA_CRYPTO_DES:
++ pCesaSAD[sid].cryptoKeyLength = MV_CESA_DES_KEY_LENGTH;
++ pCesaSAD[sid].cryptoBlockSize = MV_CESA_DES_BLOCK_SIZE;
++ break;
++
++ case MV_CESA_CRYPTO_3DES:
++ pCesaSAD[sid].cryptoKeyLength = MV_CESA_3DES_KEY_LENGTH;
++ pCesaSAD[sid].cryptoBlockSize = MV_CESA_DES_BLOCK_SIZE;
++ /* Only EDE mode is supported */
++ config |= (MV_CESA_CRYPTO_3DES_EDE <<
++ MV_CESA_CRYPTO_3DES_MODE_BIT);
++ break;
++
++ case MV_CESA_CRYPTO_AES:
++ switch(pSession->cryptoKeyLength)
++ {
++ case 16:
++ pCesaSAD[sid].cryptoKeyLength = MV_CESA_AES_128_KEY_LENGTH;
++ config |= (MV_CESA_CRYPTO_AES_KEY_128 <<
++ MV_CESA_CRYPTO_AES_KEY_LEN_OFFSET);
++ break;
++
++ case 24:
++ pCesaSAD[sid].cryptoKeyLength = MV_CESA_AES_192_KEY_LENGTH;
++ config |= (MV_CESA_CRYPTO_AES_KEY_192 <<
++ MV_CESA_CRYPTO_AES_KEY_LEN_OFFSET);
++ break;
++
++ case 32:
++ default:
++ pCesaSAD[sid].cryptoKeyLength = MV_CESA_AES_256_KEY_LENGTH;
++ config |= (MV_CESA_CRYPTO_AES_KEY_256 <<
++ MV_CESA_CRYPTO_AES_KEY_LEN_OFFSET);
++ break;
++ }
++ pCesaSAD[sid].cryptoBlockSize = MV_CESA_AES_BLOCK_SIZE;
++ break;
++
++ default:
++ mvOsPrintf("mvCesaSessionOpen: Unexpected cryptoAlgorithm %d\n",
++ pSession->cryptoAlgorithm);
++ return MV_BAD_PARAM;
++ }
++ config |= (pSession->cryptoAlgorithm << MV_CESA_CRYPTO_ALG_OFFSET);
++
++ if(pSession->cryptoKeyLength != pCesaSAD[sid].cryptoKeyLength)
++ {
++ mvOsPrintf("cesaSessionOpen: Wrong CryptoKeySize %d != %d\n",
++ pSession->cryptoKeyLength, pCesaSAD[sid].cryptoKeyLength);
++ return MV_BAD_PARAM;
++ }
++
++ /* Copy Crypto key */
++ if( (pSession->cryptoAlgorithm == MV_CESA_CRYPTO_AES) &&
++ (pSession->direction == MV_CESA_DIR_DECODE))
++ {
++ /* Crypto Key for AES decode is computed from original key material */
++ /* and depend on cryptoKeyLength (128/192/256 bits) */
++ aesMakeKey(pCesaSAD[sid].pSramSA->cryptoKey, pSession->cryptoKey,
++ pSession->cryptoKeyLength*8, MV_CESA_AES_BLOCK_SIZE*8);
++ }
++ else
++ {
++ /*panic("mvCesaSessionOpen2");*/
++ memcpy(pCesaSAD[sid].pSramSA->cryptoKey, pSession->cryptoKey,
++ pCesaSAD[sid].cryptoKeyLength);
++
++ }
++
++ switch(pSession->cryptoMode)
++ {
++ case MV_CESA_CRYPTO_ECB:
++ pCesaSAD[sid].cryptoIvSize = 0;
++ break;
++
++ case MV_CESA_CRYPTO_CBC:
++ pCesaSAD[sid].cryptoIvSize = pCesaSAD[sid].cryptoBlockSize;
++ break;
++
++ case MV_CESA_CRYPTO_CTR:
++ /* Supported only for AES algorithm */
++ if(pSession->cryptoAlgorithm != MV_CESA_CRYPTO_AES)
++ {
++ mvOsPrintf("mvCesaSessionOpen: CRYPTO CTR mode supported for AES only\n");
++ return MV_BAD_PARAM;
++ }
++ pCesaSAD[sid].cryptoIvSize = 0;
++ pCesaSAD[sid].ctrMode = 1;
++ /* Replace to ECB mode for HW */
++ pSession->cryptoMode = MV_CESA_CRYPTO_ECB;
++ break;
++
++ default:
++ mvOsPrintf("mvCesaSessionOpen: Unexpected cryptoMode %d\n",
++ pSession->cryptoMode);
++ return MV_BAD_PARAM;
++ }
++
++ config |= (pSession->cryptoMode << MV_CESA_CRYPTO_MODE_BIT);
++ }
++ pCesaSAD[sid].config = config;
++
++ mvOsCacheFlush(NULL, pCesaSAD[sid].pSramSA, sizeof(MV_CESA_SRAM_SA));
++ if(pSid != NULL)
++ *pSid = sid;
++
++ pCesaSAD[sid].valid = 1;
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaSessionClose - Close active crypto session
++*
++* DESCRIPTION:
++* This function closes existing session
++*
++* INPUT:
++* short sid - Unique identifier of the session to be closed
++*
++* RETURN:
++* MV_OK - Session closed successfully.
++* MV_BAD_PARAM - Session identifier is out of valid range.
++* MV_NOT_FOUND - There is no active session with such ID.
++*
++*******************************************************************************/
++MV_STATUS mvCesaSessionClose(short sid)
++{
++ cesaStats.closedCount++;
++
++ if(sid >= cesaMaxSA)
++ {
++ mvOsPrintf("CESA Error: sid (%d) is too big\n", sid);
++ return MV_BAD_PARAM;
++ }
++ if(pCesaSAD[sid].valid == 0)
++ {
++ mvOsPrintf("CESA Warning: Session (sid=%d) is invalid\n", sid);
++ return MV_NOT_FOUND;
++ }
++ if(cesaLastSid == sid)
++ cesaLastSid = -1;
++
++ pCesaSAD[sid].valid = 0;
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaAction - Perform crypto operation
++*
++* DESCRIPTION:
++* This function set new CESA request FIFO queue for further HW processing.
++* The function checks request parameters before set new request to the queue.
++* If one of the CESA channels is ready for processing the request will be
++* passed to HW. When request processing is finished the CESA interrupt will
++* be generated by HW. The caller should call mvCesaReadyGet() function to
++* complete request processing and get result.
++*
++* INPUT:
++* MV_CESA_COMMAND *pCmd - pointer to new CESA request.
++* It includes pointers to Source and Destination
++* buffers, session identifier get from
++* mvCesaSessionOpen() function, pointer to caller
++* private data and all needed crypto parameters.
++*
++* RETURN:
++* MV_OK - request successfully added to request queue
++* and will be processed.
++* MV_NO_MORE - request successfully added to request queue and will
++* be processed, but request queue became Full and next
++* request will not be accepted.
++* MV_NO_RESOURCE - request queue is FULL and the request can not
++* be processed.
++* MV_OUT_OF_CPU_MEM - memory allocation needed for request processing is
++* failed. Request can not be processed.
++* MV_NOT_ALLOWED - This mixed request (CRYPTO+MAC) can not be processed
++* as one request and should be splitted for two requests:
++* CRYPTO_ONLY and MAC_ONLY.
++* MV_BAD_PARAM - One of the request parameters is out of valid range.
++* The request can not be processed.
++*
++*******************************************************************************/
++MV_STATUS mvCesaAction (MV_CESA_COMMAND *pCmd)
++{
++ MV_STATUS status;
++ MV_CESA_REQ* pReq = pCesaReqEmpty;
++ int sid = pCmd->sessionId;
++ MV_CESA_SA* pSA = &pCesaSAD[sid];
++#if (MV_CESA_VERSION >= 3)
++ MV_CESA_REQ* pFromReq;
++ MV_CESA_REQ* pToReq;
++#endif
++ cesaStats.reqCount++;
++
++ /* Check that the request queue is not FULL */
++ if(cesaReqResources == 0)
++ return MV_NO_RESOURCE;
++
++ if( (sid >= cesaMaxSA) || (!pSA->valid) )
++ {
++ mvOsPrintf("CESA Action Error: Session sid=%d is INVALID\n", sid);
++ return MV_BAD_PARAM;
++ }
++ pSA->count++;
++
++ if(pSA->ctrMode)
++ {
++ /* AES in CTR mode can't be mixed with Authentication */
++ if( (pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_CRYPTO_ONLY << MV_CESA_OPERATION_OFFSET) )
++ {
++ mvOsPrintf("mvCesaAction : CRYPTO CTR mode can't be mixed with AUTH\n");
++ return MV_NOT_ALLOWED;
++ }
++ /* All other request parameters should not be checked because key stream */
++ /* (not user data) processed by AES HW engine */
++ pReq->pOrgCmd = pCmd;
++ /* Allocate temporary pCmd structure for Key stream */
++ pCmd = mvCesaCtrModeInit();
++ if(pCmd == NULL)
++ return MV_OUT_OF_CPU_MEM;
++
++ /* Prepare Key stream */
++ mvCesaCtrModePrepare(pCmd, pReq->pOrgCmd);
++ pReq->fixOffset = 0;
++ }
++ else
++ {
++ /* Check request parameters and calculae fixOffset */
++ status = mvCesaParamCheck(pSA, pCmd, &pReq->fixOffset);
++ if(status != MV_OK)
++ {
++ return status;
++ }
++ }
++ pReq->pCmd = pCmd;
++
++ /* Check if the packet need fragmentation */
++ if(pCmd->pSrc->mbufSize <= sizeof(cesaSramVirtPtr->buf) )
++ {
++ /* request size is smaller than single buffer size */
++ pReq->fragMode = MV_CESA_FRAG_NONE;
++
++ /* Prepare NOT fragmented packets */
++ status = mvCesaReqProcess(pReq);
++ if(status != MV_OK)
++ {
++ mvOsPrintf("CesaReady: ReqProcess error: pReq=%p, status=0x%x\n",
++ pReq, status);
++ }
++#if (MV_CESA_VERSION >= 3)
++ pReq->frags.numFrag = 1;
++#endif
++ }
++ else
++ {
++ MV_U8 frag = 0;
++
++ /* request size is larger than buffer size - needs fragmentation */
++
++ /* Check restrictions for processing fragmented packets */
++ status = mvCesaFragParamCheck(pSA, pCmd);
++ if(status != MV_OK)
++ return status;
++
++ pReq->fragMode = MV_CESA_FRAG_FIRST;
++ pReq->frags.nextFrag = 0;
++
++ /* Prepare Process Fragmented packets */
++ while(pReq->fragMode != MV_CESA_FRAG_LAST)
++ {
++ if(frag >= MV_CESA_MAX_REQ_FRAGS)
++ {
++ mvOsPrintf("mvCesaAction Error: Too large request frag=%d\n", frag);
++ return MV_OUT_OF_CPU_MEM;
++ }
++ status = mvCesaFragReqProcess(pReq, frag);
++ if(status == MV_OK) {
++#if (MV_CESA_VERSION >= 3)
++ if(frag) {
++ pReq->dma[frag-1].pDmaLast->phyNextDescPtr =
++ MV_32BIT_LE(mvCesaVirtToPhys(&pReq->dmaDescBuf, pReq->dma[frag].pDmaFirst));
++ mvOsCacheFlush(NULL, pReq->dma[frag-1].pDmaLast, sizeof(MV_DMA_DESC));
++ }
++#endif
++ frag++;
++ }
++ }
++ pReq->frags.numFrag = frag;
++#if (MV_CESA_VERSION >= 3)
++ if(chainReqNum) {
++ chainReqNum += pReq->frags.numFrag;
++ if(chainReqNum >= MAX_CESA_CHAIN_LENGTH)
++ chainReqNum = MAX_CESA_CHAIN_LENGTH;
++ }
++#endif
++ }
++
++ pReq->state = MV_CESA_PENDING;
++
++ pCesaReqEmpty = MV_CESA_REQ_NEXT_PTR(pReq);
++ cesaReqResources -= 1;
++
++/* #ifdef CESA_DEBUG */
++ if( (cesaQueueDepth - cesaReqResources) > cesaStats.maxReqCount)
++ cesaStats.maxReqCount = (cesaQueueDepth - cesaReqResources);
++/* #endif CESA_DEBUG */
++
++ cesaLastSid = sid;
++
++#if (MV_CESA_VERSION >= 3)
++ /* Are we within chain bounderies and follows the first request ? */
++ if((chainReqNum > 0) && (chainReqNum < MAX_CESA_CHAIN_LENGTH)) {
++ if(chainIndex) {
++ pFromReq = MV_CESA_REQ_PREV_PTR(pReq);
++ pToReq = pReq;
++ pReq->state = MV_CESA_CHAIN;
++ /* assume concatenating is possible */
++ pFromReq->dma[pFromReq->frags.numFrag-1].pDmaLast->phyNextDescPtr =
++ MV_32BIT_LE(mvCesaVirtToPhys(&pToReq->dmaDescBuf, pToReq->dma[0].pDmaFirst));
++ mvOsCacheFlush(NULL, pFromReq->dma[pFromReq->frags.numFrag-1].pDmaLast, sizeof(MV_DMA_DESC));
++
++ /* align active & next pointers */
++ if(pNextActiveChain->state != MV_CESA_PENDING)
++ pEndCurrChain = pNextActiveChain = MV_CESA_REQ_NEXT_PTR(pReq);
++ }
++ else { /* we have only one chain, start new one */
++ chainReqNum = 0;
++ chainIndex++;
++ /* align active & next pointers */
++ if(pNextActiveChain->state != MV_CESA_PENDING)
++ pEndCurrChain = pNextActiveChain = pReq;
++ }
++ }
++ else {
++ /* In case we concatenate full chain */
++ if(chainReqNum == MAX_CESA_CHAIN_LENGTH) {
++ chainIndex++;
++ if(pNextActiveChain->state != MV_CESA_PENDING)
++ pEndCurrChain = pNextActiveChain = pReq;
++ chainReqNum = 0;
++ }
++
++ pReq = pCesaReqProcess;
++ if(pReq->state == MV_CESA_PENDING) {
++ pNextActiveChain = pReq;
++ pEndCurrChain = MV_CESA_REQ_NEXT_PTR(pReq);
++ /* Start Process new request */
++ mvCesaReqProcessStart(pReq);
++ }
++ }
++
++ chainReqNum++;
++
++ if((chainIndex < MAX_CESA_CHAIN_LENGTH) && (chainReqNum > cesaStats.maxChainUsage))
++ cesaStats.maxChainUsage = chainReqNum;
++
++#else
++
++ /* Check status of CESA channels and process requests if possible */
++ pReq = pCesaReqProcess;
++ if(pReq->state == MV_CESA_PENDING)
++ {
++ /* Start Process new request */
++ mvCesaReqProcessStart(pReq);
++ }
++#endif
++ /* If request queue became FULL - return MV_NO_MORE */
++ if(cesaReqResources == 0)
++ return MV_NO_MORE;
++
++ return MV_OK;
++
++}
++
++/*******************************************************************************
++* mvCesaReadyGet - Get crypto request that processing is finished
++*
++* DESCRIPTION:
++* This function complete request processing and return ready request to
++* caller. To don't miss interrupts the caller must call this function
++* while MV_OK or MV_TERMINATE values returned.
++*
++* INPUT:
++* MV_U32 chanMap - map of CESA channels finished thier job
++* accordingly with CESA Cause register.
++* MV_CESA_RESULT* pResult - pointer to structure contains information
++* about ready request. It includes pointer to
++* user private structure "pReqPrv", session identifier
++* for this request "sessionId" and return code.
++* Return code set to MV_FAIL if calculated digest value
++* on decode direction is different than digest value
++* in the packet.
++*
++* RETURN:
++* MV_OK - Success, ready request is returned.
++* MV_NOT_READY - Next request is not ready yet. New interrupt will
++* be generated for futher request processing.
++* MV_EMPTY - There is no more request for processing.
++* MV_BUSY - Fragmented request is not ready yet.
++* MV_TERMINATE - Call this function once more to complete processing
++* of fragmented request.
++*
++*******************************************************************************/
++MV_STATUS mvCesaReadyGet(MV_CESA_RESULT* pResult)
++{
++ MV_STATUS status, readyStatus = MV_NOT_READY;
++ MV_U32 statusReg;
++ MV_CESA_REQ* pReq;
++ MV_CESA_SA* pSA;
++
++#if (MV_CESA_VERSION >= 3)
++ if(isFirstReq == MV_TRUE) {
++ if(chainIndex == 0)
++ chainReqNum = 0;
++
++ isFirstReq = MV_FALSE;
++
++ if(pNextActiveChain->state == MV_CESA_PENDING) {
++ /* Start request Process */
++ mvCesaReqProcessStart(pNextActiveChain);
++ pEndCurrChain = pNextActiveChain;
++ if(chainIndex > 0)
++ chainIndex--;
++ /* Update pNextActiveChain to next chain head */
++ while(pNextActiveChain->state == MV_CESA_CHAIN)
++ pNextActiveChain = MV_CESA_REQ_NEXT_PTR(pNextActiveChain);
++ }
++ }
++
++ /* Check if there are more processed requests - can we remove pEndCurrChain ??? */
++ if(pCesaReqProcess == pEndCurrChain) {
++ isFirstReq = MV_TRUE;
++ pEndCurrChain = pNextActiveChain;
++#else
++ if(pCesaReqProcess->state != MV_CESA_PROCESS) {
++#endif
++ return MV_EMPTY;
++ }
++
++#ifdef CESA_DEBUG
++ statusReg = MV_REG_READ(MV_CESA_STATUS_REG);
++ if( statusReg & MV_CESA_STATUS_ACTIVE_MASK )
++ {
++ mvOsPrintf("mvCesaReadyGet: Not Ready, Status = 0x%x\n", statusReg);
++ cesaStats.notReadyCount++;
++ return MV_NOT_READY;
++ }
++#endif /* CESA_DEBUG */
++
++ cesaStats.readyCount++;
++
++ pReq = pCesaReqProcess;
++ pSA = &pCesaSAD[pReq->pCmd->sessionId];
++
++ pResult->retCode = MV_OK;
++ if(pReq->fragMode != MV_CESA_FRAG_NONE)
++ {
++ MV_U8* pNewDigest;
++ int frag;
++#if (MV_CESA_VERSION >= 3)
++ pReq->frags.nextFrag = 1;
++ while(pReq->frags.nextFrag <= pReq->frags.numFrag) {
++#endif
++ frag = (pReq->frags.nextFrag - 1);
++
++ /* Restore DMA descriptor list */
++ pReq->dma[frag].pDmaLast->phyNextDescPtr =
++ MV_32BIT_LE(mvCesaVirtToPhys(&pReq->dmaDescBuf, &pReq->dma[frag].pDmaLast[1]));
++ pReq->dma[frag].pDmaLast = NULL;
++
++ /* Special processing for finished fragmented request */
++ if(pReq->frags.nextFrag >= pReq->frags.numFrag)
++ {
++ mvCesaMbufCacheUnmap(pReq->pCmd->pDst, 0, pReq->pCmd->pDst->mbufSize);
++
++ /* Fragmented packet is ready */
++ if( (pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_CRYPTO_ONLY << MV_CESA_OPERATION_OFFSET) )
++ {
++ int macDataSize = pReq->pCmd->macLength - pReq->frags.macSize;
++
++ if(macDataSize != 0)
++ {
++ /* Calculate all other blocks by SW */
++ mvCesaFragAuthComplete(pReq, pSA, macDataSize);
++ }
++
++ /* Copy new digest from SRAM to the Destination buffer */
++ pNewDigest = cesaSramVirtPtr->buf + pReq->frags.newDigestOffset;
++ status = mvCesaCopyToMbuf(pNewDigest, pReq->pCmd->pDst,
++ pReq->pCmd->digestOffset, pSA->digestSize);
++
++ /* For decryption: Compare new digest value with original one */
++ if((pSA->config & MV_CESA_DIRECTION_MASK) ==
++ (MV_CESA_DIR_DECODE << MV_CESA_DIRECTION_BIT))
++ {
++ if( memcmp(pNewDigest, pReq->frags.orgDigest, pSA->digestSize) != 0)
++ {
++/*
++ mvOsPrintf("Digest error: chan=%d, newDigest=%p, orgDigest=%p, status = 0x%x\n",
++ chan, pNewDigest, pReq->frags.orgDigest, MV_REG_READ(MV_CESA_STATUS_REG));
++*/
++ /* Signiture verification is failed */
++ pResult->retCode = MV_FAIL;
++ }
++ }
++ }
++ readyStatus = MV_OK;
++ }
++#if (MV_CESA_VERSION >= 3)
++ pReq->frags.nextFrag++;
++ }
++#endif
++ }
++ else
++ {
++ mvCesaMbufCacheUnmap(pReq->pCmd->pDst, 0, pReq->pCmd->pDst->mbufSize);
++
++ /* Restore DMA descriptor list */
++ pReq->dma[0].pDmaLast->phyNextDescPtr =
++ MV_32BIT_LE(mvCesaVirtToPhys(&pReq->dmaDescBuf, &pReq->dma[0].pDmaLast[1]));
++ pReq->dma[0].pDmaLast = NULL;
++ if( ((pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_CRYPTO_ONLY << MV_CESA_OPERATION_OFFSET) ) &&
++ ((pSA->config & MV_CESA_DIRECTION_MASK) ==
++ (MV_CESA_DIR_DECODE << MV_CESA_DIRECTION_BIT)) )
++ {
++ /* For AUTH on decode : Check Digest result in Status register */
++ statusReg = MV_REG_READ(MV_CESA_STATUS_REG);
++ if(statusReg & MV_CESA_STATUS_DIGEST_ERR_MASK)
++ {
++/*
++ mvOsPrintf("Digest error: chan=%d, status = 0x%x\n",
++ chan, statusReg);
++*/
++ /* Signiture verification is failed */
++ pResult->retCode = MV_FAIL;
++ }
++ }
++ readyStatus = MV_OK;
++ }
++
++ if(readyStatus == MV_OK)
++ {
++ /* If Request is ready - Prepare pResult structure */
++ pResult->pReqPrv = pReq->pCmd->pReqPrv;
++ pResult->sessionId = pReq->pCmd->sessionId;
++
++ pReq->state = MV_CESA_IDLE;
++ pCesaReqProcess = MV_CESA_REQ_NEXT_PTR(pReq);
++ cesaReqResources++;
++
++ if(pSA->ctrMode)
++ {
++ /* For AES CTR mode - complete processing and free allocated resources */
++ mvCesaCtrModeComplete(pReq->pOrgCmd, pReq->pCmd);
++ mvCesaCtrModeFinish(pReq->pCmd);
++ pReq->pOrgCmd = NULL;
++ }
++ }
++
++#if (MV_CESA_VERSION < 3)
++ if(pCesaReqProcess->state == MV_CESA_PROCESS)
++ {
++ /* Start request Process */
++ mvCesaReqProcessStart(pCesaReqProcess);
++ if(readyStatus == MV_NOT_READY)
++ readyStatus = MV_BUSY;
++ }
++ else if(pCesaReqProcess != pCesaReqEmpty)
++ {
++ /* Start process new request from the queue */
++ mvCesaReqProcessStart(pCesaReqProcess);
++ }
++#endif
++ return readyStatus;
++}
++
++/***************** Functions to work with CESA_MBUF structure ******************/
++
++/*******************************************************************************
++* mvCesaMbufOffset - Locate offset in the Mbuf structure
++*
++* DESCRIPTION:
++* This function locates offset inside Multi-Bufeer structure.
++* It get fragment number and place in the fragment where the offset
++* is located.
++*
++*
++* INPUT:
++* MV_CESA_MBUF* pMbuf - Pointer to multi-buffer structure
++* int offset - Offset from the beginning of the data presented by
++* the Mbuf structure.
++*
++* OUTPUT:
++* int* pBufOffset - Offset from the beginning of the fragment where
++* the offset is located.
++*
++* RETURN:
++* int - Number of fragment, where the offset is located\
++*
++*******************************************************************************/
++int mvCesaMbufOffset(MV_CESA_MBUF* pMbuf, int offset, int* pBufOffset)
++{
++ int frag = 0;
++
++ while(offset > 0)
++ {
++ if(frag >= pMbuf->numFrags)
++ {
++ mvOsPrintf("mvCesaMbufOffset: Error: frag (%d) > numFrags (%d)\n",
++ frag, pMbuf->numFrags);
++ return MV_INVALID;
++ }
++ if(offset < pMbuf->pFrags[frag].bufSize)
++ {
++ break;
++ }
++ offset -= pMbuf->pFrags[frag].bufSize;
++ frag++;
++ }
++ if(pBufOffset != NULL)
++ *pBufOffset = offset;
++
++ return frag;
++}
++
++/*******************************************************************************
++* mvCesaCopyFromMbuf - Copy data from the Mbuf structure to continuous buffer
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_U8* pDstBuf - Pointer to continuous buffer, where data is
++* copied to.
++* MV_CESA_MBUF* pSrcMbuf - Pointer to multi-buffer structure where data is
++* copied from.
++* int offset - Offset in the Mbuf structure where located first
++* byte of data should be copied.
++* int size - Size of data should be copied
++*
++* RETURN:
++* MV_OK - Success, all data is copied successfully.
++* MV_OUT_OF_RANGE - Failed, offset is out of Multi-buffer data range.
++* No data is copied.
++* MV_EMPTY - Multi-buffer structure has not enough data to copy
++* Data from the offset to end of Mbuf data is copied.
++*
++*******************************************************************************/
++MV_STATUS mvCesaCopyFromMbuf(MV_U8* pDstBuf, MV_CESA_MBUF* pSrcMbuf,
++ int offset, int size)
++{
++ int frag, fragOffset, bufSize;
++ MV_U8* pBuf;
++
++ if(size == 0)
++ return MV_OK;
++
++ frag = mvCesaMbufOffset(pSrcMbuf, offset, &fragOffset);
++ if(frag == MV_INVALID)
++ {
++ mvOsPrintf("CESA Mbuf Error: offset (%d) out of range\n", offset);
++ return MV_OUT_OF_RANGE;
++ }
++
++ bufSize = pSrcMbuf->pFrags[frag].bufSize - fragOffset;
++ pBuf = pSrcMbuf->pFrags[frag].bufVirtPtr + fragOffset;
++ while(MV_TRUE)
++ {
++ if(size <= bufSize)
++ {
++ memcpy(pDstBuf, pBuf, size);
++ return MV_OK;
++ }
++ memcpy(pDstBuf, pBuf, bufSize);
++ size -= bufSize;
++ frag++;
++ pDstBuf += bufSize;
++ if(frag >= pSrcMbuf->numFrags)
++ break;
++
++ bufSize = pSrcMbuf->pFrags[frag].bufSize;
++ pBuf = pSrcMbuf->pFrags[frag].bufVirtPtr;
++ }
++ mvOsPrintf("mvCesaCopyFromMbuf: Mbuf is EMPTY - %d bytes isn't copied\n",
++ size);
++ return MV_EMPTY;
++}
++
++/*******************************************************************************
++* mvCesaCopyToMbuf - Copy data from continuous buffer to the Mbuf structure
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_U8* pSrcBuf - Pointer to continuous buffer, where data is
++* copied from.
++* MV_CESA_MBUF* pDstMbuf - Pointer to multi-buffer structure where data is
++* copied to.
++* int offset - Offset in the Mbuf structure where located first
++* byte of data should be copied.
++* int size - Size of data should be copied
++*
++* RETURN:
++* MV_OK - Success, all data is copied successfully.
++* MV_OUT_OF_RANGE - Failed, offset is out of Multi-buffer data range.
++* No data is copied.
++* MV_FULL - Multi-buffer structure has not enough place to copy
++* all data. Data from the offset to end of Mbuf data
++* is copied.
++*
++*******************************************************************************/
++MV_STATUS mvCesaCopyToMbuf(MV_U8* pSrcBuf, MV_CESA_MBUF* pDstMbuf,
++ int offset, int size)
++{
++ int frag, fragOffset, bufSize;
++ MV_U8* pBuf;
++
++ if(size == 0)
++ return MV_OK;
++
++ frag = mvCesaMbufOffset(pDstMbuf, offset, &fragOffset);
++ if(frag == MV_INVALID)
++ {
++ mvOsPrintf("CESA Mbuf Error: offset (%d) out of range\n", offset);
++ return MV_OUT_OF_RANGE;
++ }
++
++ bufSize = pDstMbuf->pFrags[frag].bufSize - fragOffset;
++ pBuf = pDstMbuf->pFrags[frag].bufVirtPtr + fragOffset;
++ while(MV_TRUE)
++ {
++ if(size <= bufSize)
++ {
++ memcpy(pBuf, pSrcBuf, size);
++ return MV_OK;
++ }
++ memcpy(pBuf, pSrcBuf, bufSize);
++ size -= bufSize;
++ frag++;
++ pSrcBuf += bufSize;
++ if(frag >= pDstMbuf->numFrags)
++ break;
++
++ bufSize = pDstMbuf->pFrags[frag].bufSize;
++ pBuf = pDstMbuf->pFrags[frag].bufVirtPtr;
++ }
++ mvOsPrintf("mvCesaCopyToMbuf: Mbuf is FULL - %d bytes isn't copied\n",
++ size);
++ return MV_FULL;
++}
++
++/*******************************************************************************
++* mvCesaMbufCopy - Copy data from one Mbuf structure to the other Mbuf structure
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++*
++* MV_CESA_MBUF* pDstMbuf - Pointer to multi-buffer structure where data is
++* copied to.
++* int dstMbufOffset - Offset in the dstMbuf structure where first byte
++* of data should be copied to.
++* MV_CESA_MBUF* pSrcMbuf - Pointer to multi-buffer structure where data is
++* copied from.
++* int srcMbufOffset - Offset in the srcMbuf structure where first byte
++* of data should be copied from.
++* int size - Size of data should be copied
++*
++* RETURN:
++* MV_OK - Success, all data is copied successfully.
++* MV_OUT_OF_RANGE - Failed, srcMbufOffset or dstMbufOffset is out of
++* srcMbuf or dstMbuf structure correspondently.
++* No data is copied.
++* MV_BAD_SIZE - srcMbuf or dstMbuf structure is too small to copy
++* all data. Partial data is copied
++*
++*******************************************************************************/
++MV_STATUS mvCesaMbufCopy(MV_CESA_MBUF* pMbufDst, int dstMbufOffset,
++ MV_CESA_MBUF* pMbufSrc, int srcMbufOffset, int size)
++{
++ int srcFrag, dstFrag, srcSize, dstSize, srcOffset, dstOffset;
++ int copySize;
++ MV_U8 *pSrc, *pDst;
++
++ if(size == 0)
++ return MV_OK;
++
++ srcFrag = mvCesaMbufOffset(pMbufSrc, srcMbufOffset, &srcOffset);
++ if(srcFrag == MV_INVALID)
++ {
++ mvOsPrintf("CESA srcMbuf Error: offset (%d) out of range\n", srcMbufOffset);
++ return MV_OUT_OF_RANGE;
++ }
++ pSrc = pMbufSrc->pFrags[srcFrag].bufVirtPtr + srcOffset;
++ srcSize = pMbufSrc->pFrags[srcFrag].bufSize - srcOffset;
++
++ dstFrag = mvCesaMbufOffset(pMbufDst, dstMbufOffset, &dstOffset);
++ if(dstFrag == MV_INVALID)
++ {
++ mvOsPrintf("CESA dstMbuf Error: offset (%d) out of range\n", dstMbufOffset);
++ return MV_OUT_OF_RANGE;
++ }
++ pDst = pMbufDst->pFrags[dstFrag].bufVirtPtr + dstOffset;
++ dstSize = pMbufDst->pFrags[dstFrag].bufSize - dstOffset;
++
++ while(size > 0)
++ {
++ copySize = MV_MIN(srcSize, dstSize);
++ if(size <= copySize)
++ {
++ memcpy(pDst, pSrc, size);
++ return MV_OK;
++ }
++ memcpy(pDst, pSrc, copySize);
++ size -= copySize;
++ srcSize -= copySize;
++ dstSize -= copySize;
++
++ if(srcSize == 0)
++ {
++ srcFrag++;
++ if(srcFrag >= pMbufSrc->numFrags)
++ break;
++
++ pSrc = pMbufSrc->pFrags[srcFrag].bufVirtPtr;
++ srcSize = pMbufSrc->pFrags[srcFrag].bufSize;
++ }
++
++ if(dstSize == 0)
++ {
++ dstFrag++;
++ if(dstFrag >= pMbufDst->numFrags)
++ break;
++
++ pDst = pMbufDst->pFrags[dstFrag].bufVirtPtr;
++ dstSize = pMbufDst->pFrags[dstFrag].bufSize;
++ }
++ }
++ mvOsPrintf("mvCesaMbufCopy: BAD size - %d bytes isn't copied\n",
++ size);
++
++ return MV_BAD_SIZE;
++}
++
++static MV_STATUS mvCesaMbufCacheUnmap(MV_CESA_MBUF* pMbuf, int offset, int size)
++{
++ int frag, fragOffset, bufSize;
++ MV_U8* pBuf;
++
++ if(size == 0)
++ return MV_OK;
++
++ frag = mvCesaMbufOffset(pMbuf, offset, &fragOffset);
++ if(frag == MV_INVALID)
++ {
++ mvOsPrintf("CESA Mbuf Error: offset (%d) out of range\n", offset);
++ return MV_OUT_OF_RANGE;
++ }
++
++ bufSize = pMbuf->pFrags[frag].bufSize - fragOffset;
++ pBuf = pMbuf->pFrags[frag].bufVirtPtr + fragOffset;
++ while(MV_TRUE)
++ {
++ if(size <= bufSize)
++ {
++ mvOsCacheUnmap(NULL, mvOsIoVirtToPhy(NULL, pBuf), size);
++ return MV_OK;
++ }
++
++ mvOsCacheUnmap(NULL, mvOsIoVirtToPhy(NULL, pBuf), bufSize);
++ size -= bufSize;
++ frag++;
++ if(frag >= pMbuf->numFrags)
++ break;
++
++ bufSize = pMbuf->pFrags[frag].bufSize;
++ pBuf = pMbuf->pFrags[frag].bufVirtPtr;
++ }
++ mvOsPrintf("%s: Mbuf is FULL - %d bytes isn't Unmapped\n",
++ __FUNCTION__, size);
++ return MV_FULL;
++}
++
++
++/*************************************** Local Functions ******************************/
++
++/*******************************************************************************
++* mvCesaFragReqProcess - Process fragmented request
++*
++* DESCRIPTION:
++* This function processes a fragment of fragmented request (First, Middle or Last)
++*
++*
++* INPUT:
++* MV_CESA_REQ* pReq - Pointer to the request in the request queue.
++*
++* RETURN:
++* MV_OK - The fragment is successfully passed to HW for processing.
++* MV_TERMINATE - Means, that HW finished its work on this packet and no more
++* interrupts will be generated for this request.
++* Function mvCesaReadyGet() must be called to complete request
++* processing and get request result.
++*
++*******************************************************************************/
++static MV_STATUS mvCesaFragReqProcess(MV_CESA_REQ* pReq, MV_U8 frag)
++{
++ int i, copySize, cryptoDataSize, macDataSize, sid;
++ int cryptoIvOffset, digestOffset;
++ MV_U32 config;
++ MV_CESA_COMMAND* pCmd = pReq->pCmd;
++ MV_CESA_SA* pSA;
++ MV_CESA_MBUF* pMbuf;
++ MV_DMA_DESC* pDmaDesc = pReq->dma[frag].pDmaFirst;
++ MV_U8* pSramBuf = cesaSramVirtPtr->buf;
++ int macTotalLen = 0;
++ int fixOffset, cryptoOffset, macOffset;
++
++ cesaStats.fragCount++;
++
++ sid = pReq->pCmd->sessionId;
++
++ pSA = &pCesaSAD[sid];
++
++ cryptoIvOffset = digestOffset = 0;
++ i = macDataSize = 0;
++ cryptoDataSize = 0;
++
++ /* First fragment processing */
++ if(pReq->fragMode == MV_CESA_FRAG_FIRST)
++ {
++ /* pReq->frags monitors processing of fragmented request between fragments */
++ pReq->frags.bufOffset = 0;
++ pReq->frags.cryptoSize = 0;
++ pReq->frags.macSize = 0;
++
++ config = pSA->config | (MV_CESA_FRAG_FIRST << MV_CESA_FRAG_MODE_OFFSET);
++
++ /* fixOffset can be not equal to zero only for FIRST fragment */
++ fixOffset = pReq->fixOffset;
++ /* For FIRST fragment crypto and mac offsets are taken from pCmd */
++ cryptoOffset = pCmd->cryptoOffset;
++ macOffset = pCmd->macOffset;
++
++ copySize = sizeof(cesaSramVirtPtr->buf) - pReq->fixOffset;
++
++ /* Find fragment size: Must meet all requirements for CRYPTO and MAC
++ * cryptoDataSize - size of data will be encrypted/decrypted in this fragment
++ * macDataSize - size of data will be signed/verified in this fragment
++ * copySize - size of data will be copied from srcMbuf to SRAM and
++ * back to dstMbuf for this fragment
++ */
++ mvCesaFragSizeFind(pSA, pReq, cryptoOffset, macOffset,
++ ©Size, &cryptoDataSize, &macDataSize);
++
++ if( (pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_MAC_ONLY << MV_CESA_OPERATION_OFFSET))
++ {
++ /* CryptoIV special processing */
++ if( (pSA->config & MV_CESA_CRYPTO_MODE_MASK) ==
++ (MV_CESA_CRYPTO_CBC << MV_CESA_CRYPTO_MODE_BIT) )
++ {
++ /* In CBC mode for encode direction when IV from user */
++ if( (pCmd->ivFromUser) &&
++ ((pSA->config & MV_CESA_DIRECTION_MASK) ==
++ (MV_CESA_DIR_ENCODE << MV_CESA_DIRECTION_BIT)) )
++ {
++
++ /* For Crypto Encode in CBC mode HW always takes IV from SRAM IVPointer,
++ * (not from IVBufPointer). So when ivFromUser==1, we should copy IV from user place
++ * in the buffer to SRAM IVPointer
++ */
++ i += mvCesaDmaCopyPrepare(pCmd->pSrc, cesaSramVirtPtr->cryptoIV, &pDmaDesc[i],
++ MV_FALSE, pCmd->ivOffset, pSA->cryptoIvSize, pCmd->skipFlush);
++ }
++
++ /* Special processing when IV is not located in the first fragment */
++ if(pCmd->ivOffset > (copySize - pSA->cryptoIvSize))
++ {
++ /* Prepare dummy place for cryptoIV in SRAM */
++ cryptoIvOffset = cesaSramVirtPtr->tempCryptoIV - mvCesaSramAddrGet();
++
++ /* For Decryption: Copy IV value from pCmd->ivOffset to Special SRAM place */
++ if((pSA->config & MV_CESA_DIRECTION_MASK) ==
++ (MV_CESA_DIR_DECODE << MV_CESA_DIRECTION_BIT))
++ {
++ i += mvCesaDmaCopyPrepare(pCmd->pSrc, cesaSramVirtPtr->tempCryptoIV, &pDmaDesc[i],
++ MV_FALSE, pCmd->ivOffset, pSA->cryptoIvSize, pCmd->skipFlush);
++ }
++ else
++ {
++ /* For Encryption when IV is NOT from User: */
++ /* Copy IV from SRAM to buffer (pCmd->ivOffset) */
++ if(pCmd->ivFromUser == 0)
++ {
++ /* copy IV value from cryptoIV to Buffer (pCmd->ivOffset) */
++ i += mvCesaDmaCopyPrepare(pCmd->pSrc, cesaSramVirtPtr->cryptoIV, &pDmaDesc[i],
++ MV_TRUE, pCmd->ivOffset, pSA->cryptoIvSize, pCmd->skipFlush);
++ }
++ }
++ }
++ else
++ {
++ cryptoIvOffset = pCmd->ivOffset;
++ }
++ }
++ }
++
++ if( (pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_CRYPTO_ONLY << MV_CESA_OPERATION_OFFSET) )
++ {
++ /* MAC digest special processing on Decode direction */
++ if((pSA->config & MV_CESA_DIRECTION_MASK) ==
++ (MV_CESA_DIR_DECODE << MV_CESA_DIRECTION_BIT))
++ {
++ /* Save digest from pCmd->digestOffset */
++ mvCesaCopyFromMbuf(pReq->frags.orgDigest,
++ pCmd->pSrc, pCmd->digestOffset, pSA->digestSize);
++
++ /* If pCmd->digestOffset is not located on the first */
++ if(pCmd->digestOffset > (copySize - pSA->digestSize))
++ {
++ MV_U8 digestZero[MV_CESA_MAX_DIGEST_SIZE];
++
++ /* Set zeros to pCmd->digestOffset (DRAM) */
++ memset(digestZero, 0, MV_CESA_MAX_DIGEST_SIZE);
++ mvCesaCopyToMbuf(digestZero, pCmd->pSrc, pCmd->digestOffset, pSA->digestSize);
++
++ /* Prepare dummy place for digest in SRAM */
++ digestOffset = cesaSramVirtPtr->tempDigest - mvCesaSramAddrGet();
++ }
++ else
++ {
++ digestOffset = pCmd->digestOffset;
++ }
++ }
++ }
++ /* Update SA in SRAM */
++ if(cesaLastSid != sid)
++ {
++ mvCesaSramSaUpdate(sid, &pDmaDesc[i]);
++ i++;
++ }
++
++ pReq->fragMode = MV_CESA_FRAG_MIDDLE;
++ }
++ else
++ {
++ /* Continue fragment */
++ fixOffset = 0;
++ cryptoOffset = 0;
++ macOffset = 0;
++ if( (pCmd->pSrc->mbufSize - pReq->frags.bufOffset) <= sizeof(cesaSramVirtPtr->buf))
++ {
++ /* Last fragment */
++ config = pSA->config | (MV_CESA_FRAG_LAST << MV_CESA_FRAG_MODE_OFFSET);
++ pReq->fragMode = MV_CESA_FRAG_LAST;
++ copySize = pCmd->pSrc->mbufSize - pReq->frags.bufOffset;
++
++ if( (pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_CRYPTO_ONLY << MV_CESA_OPERATION_OFFSET) )
++ {
++ macDataSize = pCmd->macLength - pReq->frags.macSize;
++
++ /* If pCmd->digestOffset is not located on last fragment */
++ if(pCmd->digestOffset < pReq->frags.bufOffset)
++ {
++ /* Prepare dummy place for digest in SRAM */
++ digestOffset = cesaSramVirtPtr->tempDigest - mvCesaSramAddrGet();
++ }
++ else
++ {
++ digestOffset = pCmd->digestOffset - pReq->frags.bufOffset;
++ }
++ pReq->frags.newDigestOffset = digestOffset;
++ macTotalLen = pCmd->macLength;
++
++ /* HW can't calculate the Digest correctly for fragmented packets
++ * in the following cases:
++ * - MV88F5182 ||
++ * - MV88F5181L when total macLength more that 16 Kbytes ||
++ * - total macLength more that 64 Kbytes
++ */
++ if( (mvCtrlModelGet() == MV_5182_DEV_ID) ||
++ ( (mvCtrlModelGet() == MV_5181_DEV_ID) &&
++ (mvCtrlRevGet() >= MV_5181L_A0_REV) &&
++ (pCmd->macLength >= (1 << 14)) ) )
++ {
++ return MV_TERMINATE;
++ }
++ }
++ if( (pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_MAC_ONLY << MV_CESA_OPERATION_OFFSET) )
++ {
++ cryptoDataSize = pCmd->cryptoLength - pReq->frags.cryptoSize;
++ }
++
++ /* cryptoIvOffset - don't care */
++ }
++ else
++ {
++ /* WA for MV88F5182 SHA1 and MD5 fragmentation mode */
++ if( (mvCtrlModelGet() == MV_5182_DEV_ID) &&
++ (((pSA->config & MV_CESA_MAC_MODE_MASK) ==
++ (MV_CESA_MAC_MD5 << MV_CESA_MAC_MODE_OFFSET)) ||
++ ((pSA->config & MV_CESA_MAC_MODE_MASK) ==
++ (MV_CESA_MAC_SHA1 << MV_CESA_MAC_MODE_OFFSET))) )
++ {
++ pReq->frags.newDigestOffset = cesaSramVirtPtr->tempDigest - mvCesaSramAddrGet();
++ pReq->fragMode = MV_CESA_FRAG_LAST;
++
++ return MV_TERMINATE;
++ }
++ /* Middle fragment */
++ config = pSA->config | (MV_CESA_FRAG_MIDDLE << MV_CESA_FRAG_MODE_OFFSET);
++ copySize = sizeof(cesaSramVirtPtr->buf);
++ /* digestOffset and cryptoIvOffset - don't care */
++
++ /* Find fragment size */
++ mvCesaFragSizeFind(pSA, pReq, cryptoOffset, macOffset,
++ ©Size, &cryptoDataSize, &macDataSize);
++ }
++ }
++ /********* Prepare DMA descriptors to copy from pSrc to SRAM *********/
++ pMbuf = pCmd->pSrc;
++ i += mvCesaDmaCopyPrepare(pMbuf, pSramBuf + fixOffset, &pDmaDesc[i],
++ MV_FALSE, pReq->frags.bufOffset, copySize, pCmd->skipFlush);
++
++ /* Prepare CESA descriptor to copy from DRAM to SRAM by DMA */
++ mvCesaSramDescrBuild(config, frag,
++ cryptoOffset + fixOffset, cryptoIvOffset + fixOffset,
++ cryptoDataSize, macOffset + fixOffset,
++ digestOffset + fixOffset, macDataSize, macTotalLen,
++ pReq, &pDmaDesc[i]);
++ i++;
++
++ /* Add special descriptor Ownership for CPU */
++ pDmaDesc[i].byteCnt = 0;
++ pDmaDesc[i].phySrcAdd = 0;
++ pDmaDesc[i].phyDestAdd = 0;
++ i++;
++
++ /********* Prepare DMA descriptors to copy from SRAM to pDst *********/
++ pMbuf = pCmd->pDst;
++ i += mvCesaDmaCopyPrepare(pMbuf, pSramBuf + fixOffset, &pDmaDesc[i],
++ MV_TRUE, pReq->frags.bufOffset, copySize, pCmd->skipFlush);
++
++ /* Next field of Last DMA descriptor must be NULL */
++ pDmaDesc[i-1].phyNextDescPtr = 0;
++ pReq->dma[frag].pDmaLast = &pDmaDesc[i-1];
++ mvOsCacheFlush(NULL, pReq->dma[frag].pDmaFirst,
++ i*sizeof(MV_DMA_DESC));
++
++ /*mvCesaDebugDescriptor(&cesaSramVirtPtr->desc[frag]);*/
++
++ pReq->frags.bufOffset += copySize;
++ pReq->frags.cryptoSize += cryptoDataSize;
++ pReq->frags.macSize += macDataSize;
++
++ return MV_OK;
++}
++
++
++/*******************************************************************************
++* mvCesaReqProcess - Process regular (Non-fragmented) request
++*
++* DESCRIPTION:
++* This function processes the whole (not fragmented) request
++*
++* INPUT:
++* MV_CESA_REQ* pReq - Pointer to the request in the request queue.
++*
++* RETURN:
++* MV_OK - The request is successfully passed to HW for processing.
++* Other - Failure. The request will not be processed
++*
++*******************************************************************************/
++static MV_STATUS mvCesaReqProcess(MV_CESA_REQ* pReq)
++{
++ MV_CESA_MBUF *pMbuf;
++ MV_DMA_DESC *pDmaDesc;
++ MV_U8 *pSramBuf;
++ int sid, i, fixOffset;
++ MV_CESA_SA *pSA;
++ MV_CESA_COMMAND *pCmd = pReq->pCmd;
++
++ cesaStats.procCount++;
++
++ sid = pCmd->sessionId;
++ pSA = &pCesaSAD[sid];
++ pDmaDesc = pReq->dma[0].pDmaFirst;
++ pSramBuf = cesaSramVirtPtr->buf;
++ fixOffset = pReq->fixOffset;
++
++/*
++ mvOsPrintf("mvCesaReqProcess: sid=%d, pSA=%p, pDmaDesc=%p, pSramBuf=%p\n",
++ sid, pSA, pDmaDesc, pSramBuf);
++*/
++ i = 0;
++
++ /* Crypto IV Special processing in CBC mode for Encryption direction */
++ if( ((pSA->config & MV_CESA_OPERATION_MASK) != (MV_CESA_MAC_ONLY << MV_CESA_OPERATION_OFFSET)) &&
++ ((pSA->config & MV_CESA_CRYPTO_MODE_MASK) == (MV_CESA_CRYPTO_CBC << MV_CESA_CRYPTO_MODE_BIT)) &&
++ ((pSA->config & MV_CESA_DIRECTION_MASK) == (MV_CESA_DIR_ENCODE << MV_CESA_DIRECTION_BIT)) &&
++ (pCmd->ivFromUser) )
++ {
++ /* For Crypto Encode in CBC mode HW always takes IV from SRAM IVPointer,
++ * (not from IVBufPointer). So when ivFromUser==1, we should copy IV from user place
++ * in the buffer to SRAM IVPointer
++ */
++ i += mvCesaDmaCopyPrepare(pCmd->pSrc, cesaSramVirtPtr->cryptoIV, &pDmaDesc[i],
++ MV_FALSE, pCmd->ivOffset, pSA->cryptoIvSize, pCmd->skipFlush);
++ }
++
++ /* Update SA in SRAM */
++ if(cesaLastSid != sid)
++ {
++ mvCesaSramSaUpdate(sid, &pDmaDesc[i]);
++ i++;
++ }
++
++ /********* Prepare DMA descriptors to copy from pSrc to SRAM *********/
++ pMbuf = pCmd->pSrc;
++ i += mvCesaDmaCopyPrepare(pMbuf, pSramBuf + fixOffset, &pDmaDesc[i],
++ MV_FALSE, 0, pMbuf->mbufSize, pCmd->skipFlush);
++
++ /* Prepare Security Accelerator descriptor to SRAM words 0 - 7 */
++ mvCesaSramDescrBuild(pSA->config, 0, pCmd->cryptoOffset + fixOffset,
++ pCmd->ivOffset + fixOffset, pCmd->cryptoLength,
++ pCmd->macOffset + fixOffset, pCmd->digestOffset + fixOffset,
++ pCmd->macLength, pCmd->macLength, pReq, &pDmaDesc[i]);
++ i++;
++
++ /* Add special descriptor Ownership for CPU */
++ pDmaDesc[i].byteCnt = 0;
++ pDmaDesc[i].phySrcAdd = 0;
++ pDmaDesc[i].phyDestAdd = 0;
++ i++;
++
++ /********* Prepare DMA descriptors to copy from SRAM to pDst *********/
++ pMbuf = pCmd->pDst;
++ i += mvCesaDmaCopyPrepare(pMbuf, pSramBuf + fixOffset, &pDmaDesc[i],
++ MV_TRUE, 0, pMbuf->mbufSize, pCmd->skipFlush);
++
++ /* Next field of Last DMA descriptor must be NULL */
++ pDmaDesc[i-1].phyNextDescPtr = 0;
++ pReq->dma[0].pDmaLast = &pDmaDesc[i-1];
++ mvOsCacheFlush(NULL, pReq->dma[0].pDmaFirst, i*sizeof(MV_DMA_DESC));
++
++ return MV_OK;
++}
++
++
++/*******************************************************************************
++* mvCesaSramDescrBuild - Set CESA descriptor in SRAM
++*
++* DESCRIPTION:
++* This function builds CESA descriptor in SRAM from all Command parameters
++*
++*
++* INPUT:
++* int chan - CESA channel uses the descriptor
++* MV_U32 config - 32 bits of WORD_0 in CESA descriptor structure
++* int cryptoOffset - Offset from the beginning of SRAM buffer where
++* data for encryption/decription is started.
++* int ivOffset - Offset of crypto IV from the SRAM base. Valid only
++* for first fragment.
++* int cryptoLength - Size (in bytes) of data for encryption/descryption
++* operation on this fragment.
++* int macOffset - Offset from the beginning of SRAM buffer where
++* data for Authentication is started
++* int digestOffset - Offset from the beginning of SRAM buffer where
++* digest is located. Valid for first and last fragments.
++* int macLength - Size (in bytes) of data for Authentication
++* operation on this fragment.
++* int macTotalLen - Toatl size (in bytes) of data for Authentication
++* operation on the whole request (packet). Valid for
++* last fragment only.
++*
++* RETURN: None
++*
++*******************************************************************************/
++static void mvCesaSramDescrBuild(MV_U32 config, int frag,
++ int cryptoOffset, int ivOffset, int cryptoLength,
++ int macOffset, int digestOffset, int macLength,
++ int macTotalLen, MV_CESA_REQ* pReq, MV_DMA_DESC* pDmaDesc)
++{
++ MV_CESA_DESC* pCesaDesc = &pReq->pCesaDesc[frag];
++ MV_CESA_DESC* pSramDesc = pSramDesc = &cesaSramVirtPtr->desc;
++ MV_U16 sramBufOffset = (MV_U16)((MV_U8*)cesaSramVirtPtr->buf - mvCesaSramAddrGet());
++
++ pCesaDesc->config = MV_32BIT_LE(config);
++
++ if( (config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_MAC_ONLY << MV_CESA_OPERATION_OFFSET) )
++ {
++ /* word 1 */
++ pCesaDesc->cryptoSrcOffset = MV_16BIT_LE(sramBufOffset + cryptoOffset);
++ pCesaDesc->cryptoDstOffset = MV_16BIT_LE(sramBufOffset + cryptoOffset);
++ /* word 2 */
++ pCesaDesc->cryptoDataLen = MV_16BIT_LE(cryptoLength);
++ /* word 3 */
++ pCesaDesc->cryptoKeyOffset = MV_16BIT_LE((MV_U16)(cesaSramVirtPtr->sramSA.cryptoKey -
++ mvCesaSramAddrGet()));
++ /* word 4 */
++ pCesaDesc->cryptoIvOffset = MV_16BIT_LE((MV_U16)(cesaSramVirtPtr->cryptoIV -
++ mvCesaSramAddrGet()));
++ pCesaDesc->cryptoIvBufOffset = MV_16BIT_LE(sramBufOffset + ivOffset);
++ }
++
++ if( (config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_CRYPTO_ONLY << MV_CESA_OPERATION_OFFSET) )
++ {
++ /* word 5 */
++ pCesaDesc->macSrcOffset = MV_16BIT_LE(sramBufOffset + macOffset);
++ pCesaDesc->macTotalLen = MV_16BIT_LE(macTotalLen);
++
++ /* word 6 */
++ pCesaDesc->macDigestOffset = MV_16BIT_LE(sramBufOffset + digestOffset);
++ pCesaDesc->macDataLen = MV_16BIT_LE(macLength);
++
++ /* word 7 */
++ pCesaDesc->macInnerIvOffset = MV_16BIT_LE((MV_U16)(cesaSramVirtPtr->sramSA.macInnerIV -
++ mvCesaSramAddrGet()));
++ pCesaDesc->macOuterIvOffset = MV_16BIT_LE((MV_U16)(cesaSramVirtPtr->sramSA.macOuterIV -
++ mvCesaSramAddrGet()));
++ }
++ /* Prepare DMA descriptor to CESA descriptor from DRAM to SRAM */
++ pDmaDesc->phySrcAdd = MV_32BIT_LE(mvCesaVirtToPhys(&pReq->cesaDescBuf, pCesaDesc));
++ pDmaDesc->phyDestAdd = MV_32BIT_LE(mvCesaSramVirtToPhys(NULL, (MV_U8*)pSramDesc));
++ pDmaDesc->byteCnt = MV_32BIT_LE(sizeof(MV_CESA_DESC) | BIT31);
++
++ /* flush Source buffer */
++ mvOsCacheFlush(NULL, pCesaDesc, sizeof(MV_CESA_DESC));
++}
++
++/*******************************************************************************
++* mvCesaSramSaUpdate - Move required SA information to SRAM if needed.
++*
++* DESCRIPTION:
++* Copy to SRAM values of the required SA.
++*
++*
++* INPUT:
++* short sid - Session ID needs SRAM Cache update
++* MV_DMA_DESC *pDmaDesc - Pointer to DMA descriptor used to
++* copy SA values from DRAM to SRAM.
++*
++* RETURN:
++* MV_OK - Cache entry for this SA copied to SRAM.
++* MV_NO_CHANGE - Cache entry for this SA already exist in SRAM
++*
++*******************************************************************************/
++static INLINE void mvCesaSramSaUpdate(short sid, MV_DMA_DESC *pDmaDesc)
++{
++ MV_CESA_SA *pSA = &pCesaSAD[sid];
++
++ /* Prepare DMA descriptor to Copy CACHE_SA from SA database in DRAM to SRAM */
++ pDmaDesc->byteCnt = MV_32BIT_LE(sizeof(MV_CESA_SRAM_SA) | BIT31);
++ pDmaDesc->phySrcAdd = MV_32BIT_LE(mvCesaVirtToPhys(&cesaSramSaBuf, pSA->pSramSA));
++ pDmaDesc->phyDestAdd =
++ MV_32BIT_LE(mvCesaSramVirtToPhys(NULL, (MV_U8*)&cesaSramVirtPtr->sramSA));
++
++ /* Source buffer is already flushed during OpenSession*/
++ /*mvOsCacheFlush(NULL, &pSA->sramSA, sizeof(MV_CESA_SRAM_SA));*/
++}
++
++/*******************************************************************************
++* mvCesaDmaCopyPrepare - prepare DMA descriptor list to copy data presented by
++* Mbuf structure from DRAM to SRAM
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_MBUF* pMbuf - pointer to Mbuf structure contains request
++* data in DRAM
++* MV_U8* pSramBuf - pointer to buffer in SRAM where data should
++* be copied to.
++* MV_DMA_DESC* pDmaDesc - pointer to first DMA descriptor for this copy.
++* The function set number of DMA descriptors needed
++* to copy the copySize bytes from Mbuf.
++* MV_BOOL isToMbuf - Copy direction.
++* MV_TRUE means copy from SRAM buffer to Mbuf in DRAM.
++* MV_FALSE means copy from Mbuf in DRAM to SRAM buffer.
++* int offset - Offset in the Mbuf structure that copy should be
++* started from.
++* int copySize - Size of data should be copied.
++*
++* RETURN:
++* int - number of DMA descriptors used for the copy.
++*
++*******************************************************************************/
++#ifndef MV_NETBSD
++static INLINE int mvCesaDmaCopyPrepare(MV_CESA_MBUF* pMbuf, MV_U8* pSramBuf,
++ MV_DMA_DESC* pDmaDesc, MV_BOOL isToMbuf,
++ int offset, int copySize, MV_BOOL skipFlush)
++{
++ int bufOffset, bufSize, size, frag, i;
++ MV_U8* pBuf;
++
++ i = 0;
++
++ /* Calculate start place for copy: fragment number and offset in the fragment */
++ frag = mvCesaMbufOffset(pMbuf, offset, &bufOffset);
++ bufSize = pMbuf->pFrags[frag].bufSize - bufOffset;
++ pBuf = pMbuf->pFrags[frag].bufVirtPtr + bufOffset;
++
++ /* Size accumulate total copy size */
++ size = 0;
++
++ /* Create DMA lists to copy mBuf from pSrc to SRAM */
++ while(size < copySize)
++ {
++ /* Find copy size for each DMA descriptor */
++ bufSize = MV_MIN(bufSize, (copySize - size));
++ pDmaDesc[i].byteCnt = MV_32BIT_LE(bufSize | BIT31);
++ if(isToMbuf)
++ {
++ pDmaDesc[i].phyDestAdd = MV_32BIT_LE(mvOsIoVirtToPhy(NULL, pBuf));
++ pDmaDesc[i].phySrcAdd =
++ MV_32BIT_LE(mvCesaSramVirtToPhys(NULL, (pSramBuf + size)));
++ /* invalidate the buffer */
++ if(skipFlush == MV_FALSE)
++ mvOsCacheInvalidate(NULL, pBuf, bufSize);
++ }
++ else
++ {
++ pDmaDesc[i].phySrcAdd = MV_32BIT_LE(mvOsIoVirtToPhy(NULL, pBuf));
++ pDmaDesc[i].phyDestAdd =
++ MV_32BIT_LE(mvCesaSramVirtToPhys(NULL, (pSramBuf + size)));
++ /* flush the buffer */
++ if(skipFlush == MV_FALSE)
++ mvOsCacheFlush(NULL, pBuf, bufSize);
++ }
++
++ /* Count number of used DMA descriptors */
++ i++;
++ size += bufSize;
++
++ /* go to next fragment in the Mbuf */
++ frag++;
++ pBuf = pMbuf->pFrags[frag].bufVirtPtr;
++ bufSize = pMbuf->pFrags[frag].bufSize;
++ }
++ return i;
++}
++#else /* MV_NETBSD */
++static int mvCesaDmaCopyPrepare(MV_CESA_MBUF* pMbuf, MV_U8* pSramBuf,
++ MV_DMA_DESC* pDmaDesc, MV_BOOL isToMbuf,
++ int offset, int copySize, MV_BOOL skipFlush)
++{
++ int bufOffset, bufSize, thisSize, size, frag, i;
++ MV_ULONG bufPhys, sramPhys;
++ MV_U8* pBuf;
++
++ /*
++ * Calculate start place for copy: fragment number and offset in
++ * the fragment
++ */
++ frag = mvCesaMbufOffset(pMbuf, offset, &bufOffset);
++
++ /*
++ * Get SRAM physical address only once. We can update it in-place
++ * as we build the descriptor chain.
++ */
++ sramPhys = mvCesaSramVirtToPhys(NULL, pSramBuf);
++
++ /*
++ * 'size' accumulates total copy size, 'i' counts desccriptors.
++ */
++ size = i = 0;
++
++ /* Create DMA lists to copy mBuf from pSrc to SRAM */
++ while (size < copySize) {
++ /*
++ * Calculate # of bytes to copy from the current fragment,
++ * and the pointer to the start of data
++ */
++ bufSize = pMbuf->pFrags[frag].bufSize - bufOffset;
++ pBuf = pMbuf->pFrags[frag].bufVirtPtr + bufOffset;
++ bufOffset = 0; /* First frag may be non-zero */
++ frag++;
++
++ /*
++ * As long as there is data in the current fragment...
++ */
++ while (bufSize > 0) {
++ /*
++ * Ensure we don't cross an MMU page boundary.
++ * XXX: This is NetBSD-specific, but it is a
++ * quick and dirty way to fix the problem.
++ * A true HAL would rely on the OS-specific
++ * driver to do this...
++ */
++ thisSize = PAGE_SIZE -
++ (((MV_ULONG)pBuf) & (PAGE_SIZE - 1));
++ thisSize = MV_MIN(bufSize, thisSize);
++ /*
++ * Make sure we don't copy more than requested
++ */
++ if (thisSize > (copySize - size)) {
++ thisSize = copySize - size;
++ bufSize = 0;
++ }
++
++ /*
++ * Physicall address of this fragment
++ */
++ bufPhys = MV_32BIT_LE(mvOsIoVirtToPhy(NULL, pBuf));
++
++ /*
++ * Set up the descriptor
++ */
++ pDmaDesc[i].byteCnt = MV_32BIT_LE(thisSize | BIT31);
++ if(isToMbuf) {
++ pDmaDesc[i].phyDestAdd = bufPhys;
++ pDmaDesc[i].phySrcAdd = MV_32BIT_LE(sramPhys);
++ /* invalidate the buffer */
++ if(skipFlush == MV_FALSE)
++ mvOsCacheInvalidate(NULL, pBuf, thisSize);
++ } else {
++ pDmaDesc[i].phySrcAdd = bufPhys;
++ pDmaDesc[i].phyDestAdd = MV_32BIT_LE(sramPhys);
++ /* flush the buffer */
++ if(skipFlush == MV_FALSE)
++ mvOsCacheFlush(NULL, pBuf, thisSize);
++ }
++
++ pDmaDesc[i].phyNextDescPtr =
++ MV_32BIT_LE(mvOsIoVirtToPhy(NULL,(&pDmaDesc[i+1])));
++
++ /* flush the DMA desc */
++ mvOsCacheFlush(NULL, &pDmaDesc[i], sizeof(MV_DMA_DESC));
++
++ /* Update state */
++ bufSize -= thisSize;
++ sramPhys += thisSize;
++ pBuf += thisSize;
++ size += thisSize;
++ i++;
++ }
++ }
++
++ return i;
++}
++#endif /* MV_NETBSD */
++/*******************************************************************************
++* mvCesaHmacIvGet - Calculate Inner and Outter values from HMAC key
++*
++* DESCRIPTION:
++* This function calculate Inner and Outer values used for HMAC algorithm.
++* This operation allows improve performance fro the whole HMAC processing.
++*
++* INPUT:
++* MV_CESA_MAC_MODE macMode - Authentication mode: HMAC_MD5 or HMAC_SHA1.
++* unsigned char key[] - Pointer to HMAC key.
++* int keyLength - Size of HMAC key (maximum 64 bytes)
++*
++* OUTPUT:
++* unsigned char innerIV[] - HASH(key^inner)
++* unsigned char outerIV[] - HASH(key^outter)
++*
++* RETURN: None
++*
++*******************************************************************************/
++static void mvCesaHmacIvGet(MV_CESA_MAC_MODE macMode, unsigned char key[], int keyLength,
++ unsigned char innerIV[], unsigned char outerIV[])
++{
++ unsigned char inner[MV_CESA_MAX_MAC_KEY_LENGTH];
++ unsigned char outer[MV_CESA_MAX_MAC_KEY_LENGTH];
++ int i, digestSize = 0;
++#if defined(MV_CPU_LE) || defined(MV_PPC)
++ MV_U32 swapped32, val32, *pVal32;
++#endif
++ for(i=0; i<keyLength; i++)
++ {
++ inner[i] = 0x36 ^ key[i];
++ outer[i] = 0x5c ^ key[i];
++ }
++
++ for(i=keyLength; i<MV_CESA_MAX_MAC_KEY_LENGTH; i++)
++ {
++ inner[i] = 0x36;
++ outer[i] = 0x5c;
++ }
++ if(macMode == MV_CESA_MAC_HMAC_MD5)
++ {
++ MV_MD5_CONTEXT ctx;
++
++ mvMD5Init(&ctx);
++ mvMD5Update(&ctx, inner, MV_CESA_MAX_MAC_KEY_LENGTH);
++
++ memcpy(innerIV, ctx.buf, MV_CESA_MD5_DIGEST_SIZE);
++ memset(&ctx, 0, sizeof(ctx));
++
++ mvMD5Init(&ctx);
++ mvMD5Update(&ctx, outer, MV_CESA_MAX_MAC_KEY_LENGTH);
++ memcpy(outerIV, ctx.buf, MV_CESA_MD5_DIGEST_SIZE);
++ memset(&ctx, 0, sizeof(ctx));
++ digestSize = MV_CESA_MD5_DIGEST_SIZE;
++ }
++ else if(macMode == MV_CESA_MAC_HMAC_SHA1)
++ {
++ MV_SHA1_CTX ctx;
++
++ mvSHA1Init(&ctx);
++ mvSHA1Update(&ctx, inner, MV_CESA_MAX_MAC_KEY_LENGTH);
++ memcpy(innerIV, ctx.state, MV_CESA_SHA1_DIGEST_SIZE);
++ memset(&ctx, 0, sizeof(ctx));
++
++ mvSHA1Init(&ctx);
++ mvSHA1Update(&ctx, outer, MV_CESA_MAX_MAC_KEY_LENGTH);
++ memcpy(outerIV, ctx.state, MV_CESA_SHA1_DIGEST_SIZE);
++ memset(&ctx, 0, sizeof(ctx));
++ digestSize = MV_CESA_SHA1_DIGEST_SIZE;
++ }
++ else
++ {
++ mvOsPrintf("hmacGetIV: Unexpected macMode %d\n", macMode);
++ }
++#if defined(MV_CPU_LE) || defined(MV_PPC)
++ /* 32 bits Swap of Inner and Outer values */
++ pVal32 = (MV_U32*)innerIV;
++ for(i=0; i<digestSize/4; i++)
++ {
++ val32 = *pVal32;
++ swapped32 = MV_BYTE_SWAP_32BIT(val32);
++ *pVal32 = swapped32;
++ pVal32++;
++ }
++ pVal32 = (MV_U32*)outerIV;
++ for(i=0; i<digestSize/4; i++)
++ {
++ val32 = *pVal32;
++ swapped32 = MV_BYTE_SWAP_32BIT(val32);
++ *pVal32 = swapped32;
++ pVal32++;
++ }
++#endif /* defined(MV_CPU_LE) || defined(MV_PPC) */
++}
++
++
++/*******************************************************************************
++* mvCesaFragSha1Complete - Complete SHA1 authentication started by HW using SW
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_MBUF* pMbuf - Pointer to Mbuf structure where data
++* for SHA1 is placed.
++* int offset - Offset in the Mbuf structure where
++* unprocessed data for SHA1 is started.
++* MV_U8* pOuterIV - Pointer to OUTER for this session.
++* If pOuterIV==NULL - MAC mode is HASH_SHA1
++* If pOuterIV!=NULL - MAC mode is HMAC_SHA1
++* int macLeftSize - Size of unprocessed data for SHA1.
++* int macTotalSize - Total size of data for SHA1 in the
++* request (processed + unprocessed)
++*
++* OUTPUT:
++* MV_U8* pDigest - Pointer to place where calculated Digest will
++* be stored.
++*
++* RETURN: None
++*
++*******************************************************************************/
++static void mvCesaFragSha1Complete(MV_CESA_MBUF* pMbuf, int offset,
++ MV_U8* pOuterIV, int macLeftSize,
++ int macTotalSize, MV_U8* pDigest)
++{
++ MV_SHA1_CTX ctx;
++ MV_U8 *pData;
++ int i, frag, fragOffset, size;
++
++ /* Read temporary Digest from HW */
++ for(i=0; i<MV_CESA_SHA1_DIGEST_SIZE/4; i++)
++ {
++ ctx.state[i] = MV_REG_READ(MV_CESA_AUTH_INIT_VAL_DIGEST_REG(i));
++ }
++ /* Initialize MV_SHA1_CTX structure */
++ memset(ctx.buffer, 0, 64);
++ /* Set count[0] in bits. 32 bits is enough for 512 MBytes */
++ /* so count[1] is always 0 */
++ ctx.count[0] = ((macTotalSize - macLeftSize) * 8);
++ ctx.count[1] = 0;
++
++ /* If HMAC - add size of Inner block (64 bytes) ro count[0] */
++ if(pOuterIV != NULL)
++ ctx.count[0] += (64 * 8);
++
++ /* Get place of unprocessed data in the Mbuf structure */
++ frag = mvCesaMbufOffset(pMbuf, offset, &fragOffset);
++ if(frag == MV_INVALID)
++ {
++ mvOsPrintf("CESA Mbuf Error: offset (%d) out of range\n", offset);
++ return;
++ }
++
++ pData = pMbuf->pFrags[frag].bufVirtPtr + fragOffset;
++ size = pMbuf->pFrags[frag].bufSize - fragOffset;
++
++ /* Complete Inner part */
++ while(macLeftSize > 0)
++ {
++ if(macLeftSize <= size)
++ {
++ mvSHA1Update(&ctx, pData, macLeftSize);
++ break;
++ }
++ mvSHA1Update(&ctx, pData, size);
++ macLeftSize -= size;
++ frag++;
++ pData = pMbuf->pFrags[frag].bufVirtPtr;
++ size = pMbuf->pFrags[frag].bufSize;
++ }
++ mvSHA1Final(pDigest, &ctx);
++/*
++ mvOsPrintf("mvCesaFragSha1Complete: pOuterIV=%p, macLeftSize=%d, macTotalSize=%d\n",
++ pOuterIV, macLeftSize, macTotalSize);
++ mvDebugMemDump(pDigest, MV_CESA_SHA1_DIGEST_SIZE, 1);
++*/
++
++ if(pOuterIV != NULL)
++ {
++ /* If HMAC - Complete Outer part */
++ for(i=0; i<MV_CESA_SHA1_DIGEST_SIZE/4; i++)
++ {
++#if defined(MV_CPU_LE) || defined(MV_ARM)
++ ctx.state[i] = MV_BYTE_SWAP_32BIT(((MV_U32*)pOuterIV)[i]);
++#else
++ ctx.state[i] = ((MV_U32*)pOuterIV)[i];
++#endif
++ }
++ memset(ctx.buffer, 0, 64);
++
++ ctx.count[0] = 64*8;
++ ctx.count[1] = 0;
++ mvSHA1Update(&ctx, pDigest, MV_CESA_SHA1_DIGEST_SIZE);
++ mvSHA1Final(pDigest, &ctx);
++ }
++}
++
++/*******************************************************************************
++* mvCesaFragMd5Complete - Complete MD5 authentication started by HW using SW
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_MBUF* pMbuf - Pointer to Mbuf structure where data
++* for SHA1 is placed.
++* int offset - Offset in the Mbuf structure where
++* unprocessed data for MD5 is started.
++* MV_U8* pOuterIV - Pointer to OUTER for this session.
++* If pOuterIV==NULL - MAC mode is HASH_MD5
++* If pOuterIV!=NULL - MAC mode is HMAC_MD5
++* int macLeftSize - Size of unprocessed data for MD5.
++* int macTotalSize - Total size of data for MD5 in the
++* request (processed + unprocessed)
++*
++* OUTPUT:
++* MV_U8* pDigest - Pointer to place where calculated Digest will
++* be stored.
++*
++* RETURN: None
++*
++*******************************************************************************/
++static void mvCesaFragMd5Complete(MV_CESA_MBUF* pMbuf, int offset,
++ MV_U8* pOuterIV, int macLeftSize,
++ int macTotalSize, MV_U8* pDigest)
++{
++ MV_MD5_CONTEXT ctx;
++ MV_U8 *pData;
++ int i, frag, fragOffset, size;
++
++ /* Read temporary Digest from HW */
++ for(i=0; i<MV_CESA_MD5_DIGEST_SIZE/4; i++)
++ {
++ ctx.buf[i] = MV_REG_READ(MV_CESA_AUTH_INIT_VAL_DIGEST_REG(i));
++ }
++ memset(ctx.in, 0, 64);
++
++ /* Set count[0] in bits. 32 bits is enough for 512 MBytes */
++ /* so count[1] is always 0 */
++ ctx.bits[0] = ((macTotalSize - macLeftSize) * 8);
++ ctx.bits[1] = 0;
++
++ /* If HMAC - add size of Inner block (64 bytes) ro count[0] */
++ if(pOuterIV != NULL)
++ ctx.bits[0] += (64 * 8);
++
++ frag = mvCesaMbufOffset(pMbuf, offset, &fragOffset);
++ if(frag == MV_INVALID)
++ {
++ mvOsPrintf("CESA Mbuf Error: offset (%d) out of range\n", offset);
++ return;
++ }
++
++ pData = pMbuf->pFrags[frag].bufVirtPtr + fragOffset;
++ size = pMbuf->pFrags[frag].bufSize - fragOffset;
++
++ /* Complete Inner part */
++ while(macLeftSize > 0)
++ {
++ if(macLeftSize <= size)
++ {
++ mvMD5Update(&ctx, pData, macLeftSize);
++ break;
++ }
++ mvMD5Update(&ctx, pData, size);
++ macLeftSize -= size;
++ frag++;
++ pData = pMbuf->pFrags[frag].bufVirtPtr;
++ size = pMbuf->pFrags[frag].bufSize;
++ }
++ mvMD5Final(pDigest, &ctx);
++
++/*
++ mvOsPrintf("mvCesaFragMd5Complete: pOuterIV=%p, macLeftSize=%d, macTotalSize=%d\n",
++ pOuterIV, macLeftSize, macTotalSize);
++ mvDebugMemDump(pDigest, MV_CESA_MD5_DIGEST_SIZE, 1);
++*/
++ if(pOuterIV != NULL)
++ {
++ /* Complete Outer part */
++ for(i=0; i<MV_CESA_MD5_DIGEST_SIZE/4; i++)
++ {
++#if defined(MV_CPU_LE) || defined(MV_ARM)
++ ctx.buf[i] = MV_BYTE_SWAP_32BIT(((MV_U32*)pOuterIV)[i]);
++#else
++ ctx.buf[i] = ((MV_U32*)pOuterIV)[i];
++#endif
++ }
++ memset(ctx.in, 0, 64);
++
++ ctx.bits[0] = 64*8;
++ ctx.bits[1] = 0;
++ mvMD5Update(&ctx, pDigest, MV_CESA_MD5_DIGEST_SIZE);
++ mvMD5Final(pDigest, &ctx);
++ }
++}
++
++/*******************************************************************************
++* mvCesaFragAuthComplete -
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_REQ* pReq,
++* MV_CESA_SA* pSA,
++* int macDataSize
++*
++* RETURN:
++* MV_STATUS
++*
++*******************************************************************************/
++static MV_STATUS mvCesaFragAuthComplete(MV_CESA_REQ* pReq, MV_CESA_SA* pSA,
++ int macDataSize)
++{
++ MV_CESA_COMMAND* pCmd = pReq->pCmd;
++ MV_U8* pDigest;
++ MV_CESA_MAC_MODE macMode;
++ MV_U8* pOuterIV = NULL;
++
++ /* Copy data from Source fragment to Destination */
++ if(pCmd->pSrc != pCmd->pDst)
++ {
++ mvCesaMbufCopy(pCmd->pDst, pReq->frags.bufOffset,
++ pCmd->pSrc, pReq->frags.bufOffset, macDataSize);
++ }
++
++/*
++ mvCesaCopyFromMbuf(cesaSramVirtPtr->buf[0], pCmd->pSrc, pReq->frags.bufOffset, macDataSize);
++ mvCesaCopyToMbuf(cesaSramVirtPtr->buf[0], pCmd->pDst, pReq->frags.bufOffset, macDataSize);
++*/
++ pDigest = (mvCesaSramAddrGet() + pReq->frags.newDigestOffset);
++
++ macMode = (pSA->config & MV_CESA_MAC_MODE_MASK) >> MV_CESA_MAC_MODE_OFFSET;
++/*
++ mvOsPrintf("macDataSize=%d, macLength=%d, digestOffset=%d, macMode=%d\n",
++ macDataSize, pCmd->macLength, pCmd->digestOffset, macMode);
++*/
++ switch(macMode)
++ {
++ case MV_CESA_MAC_HMAC_MD5:
++ pOuterIV = pSA->pSramSA->macOuterIV;
++
++ case MV_CESA_MAC_MD5:
++ mvCesaFragMd5Complete(pCmd->pDst, pReq->frags.bufOffset, pOuterIV,
++ macDataSize, pCmd->macLength, pDigest);
++ break;
++
++ case MV_CESA_MAC_HMAC_SHA1:
++ pOuterIV = pSA->pSramSA->macOuterIV;
++
++ case MV_CESA_MAC_SHA1:
++ mvCesaFragSha1Complete(pCmd->pDst, pReq->frags.bufOffset, pOuterIV,
++ macDataSize, pCmd->macLength, pDigest);
++ break;
++
++ default:
++ mvOsPrintf("mvCesaFragAuthComplete: Unexpected macMode %d\n", macMode);
++ return MV_BAD_PARAM;
++ }
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaCtrModeInit -
++*
++* DESCRIPTION:
++*
++*
++* INPUT: NONE
++*
++*
++* RETURN:
++* MV_CESA_COMMAND*
++*
++*******************************************************************************/
++static MV_CESA_COMMAND* mvCesaCtrModeInit(void)
++{
++ MV_CESA_MBUF *pMbuf;
++ MV_U8 *pBuf;
++ MV_CESA_COMMAND *pCmd;
++
++ pBuf = mvOsMalloc(sizeof(MV_CESA_COMMAND) +
++ sizeof(MV_CESA_MBUF) + sizeof(MV_BUF_INFO) + 100);
++ if(pBuf == NULL)
++ {
++ mvOsPrintf("mvCesaSessionOpen: Can't allocate %u bytes for CTR Mode\n",
++ sizeof(MV_CESA_COMMAND) + sizeof(MV_CESA_MBUF) + sizeof(MV_BUF_INFO) );
++ return NULL;
++ }
++ pCmd = (MV_CESA_COMMAND*)pBuf;
++ pBuf += sizeof(MV_CESA_COMMAND);
++
++ pMbuf = (MV_CESA_MBUF*)pBuf;
++ pBuf += sizeof(MV_CESA_MBUF);
++
++ pMbuf->pFrags = (MV_BUF_INFO*)pBuf;
++
++ pMbuf->numFrags = 1;
++ pCmd->pSrc = pMbuf;
++ pCmd->pDst = pMbuf;
++/*
++ mvOsPrintf("CtrModeInit: pCmd=%p, pSrc=%p, pDst=%p, pFrags=%p\n",
++ pCmd, pCmd->pSrc, pCmd->pDst,
++ pMbuf->pFrags);
++*/
++ return pCmd;
++}
++
++/*******************************************************************************
++* mvCesaCtrModePrepare -
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_COMMAND *pCtrModeCmd, MV_CESA_COMMAND *pCmd
++*
++* RETURN:
++* MV_STATUS
++*
++*******************************************************************************/
++static MV_STATUS mvCesaCtrModePrepare(MV_CESA_COMMAND *pCtrModeCmd, MV_CESA_COMMAND *pCmd)
++{
++ MV_CESA_MBUF *pMbuf;
++ MV_U8 *pBuf, *pIV;
++ MV_U32 counter, *pCounter;
++ int cryptoSize = MV_ALIGN_UP(pCmd->cryptoLength, MV_CESA_AES_BLOCK_SIZE);
++/*
++ mvOsPrintf("CtrModePrepare: pCmd=%p, pCtrSrc=%p, pCtrDst=%p, pOrgCmd=%p, pOrgSrc=%p, pOrgDst=%p\n",
++ pCmd, pCmd->pSrc, pCmd->pDst,
++ pCtrModeCmd, pCtrModeCmd->pSrc, pCtrModeCmd->pDst);
++*/
++ pMbuf = pCtrModeCmd->pSrc;
++
++ /* Allocate buffer for Key stream */
++ pBuf = mvOsIoCachedMalloc(cesaOsHandle,cryptoSize,
++ &pMbuf->pFrags[0].bufPhysAddr,
++ &pMbuf->pFrags[0].memHandle);
++ if(pBuf == NULL)
++ {
++ mvOsPrintf("mvCesaCtrModePrepare: Can't allocate %d bytes\n", cryptoSize);
++ return MV_OUT_OF_CPU_MEM;
++ }
++ memset(pBuf, 0, cryptoSize);
++ mvOsCacheFlush(NULL, pBuf, cryptoSize);
++
++ pMbuf->pFrags[0].bufVirtPtr = pBuf;
++ pMbuf->mbufSize = cryptoSize;
++ pMbuf->pFrags[0].bufSize = cryptoSize;
++
++ pCtrModeCmd->pReqPrv = pCmd->pReqPrv;
++ pCtrModeCmd->sessionId = pCmd->sessionId;
++
++ /* ivFromUser and ivOffset are don't care */
++ pCtrModeCmd->cryptoOffset = 0;
++ pCtrModeCmd->cryptoLength = cryptoSize;
++
++ /* digestOffset, macOffset and macLength are don't care */
++
++ mvCesaCopyFromMbuf(pBuf, pCmd->pSrc, pCmd->ivOffset, MV_CESA_AES_BLOCK_SIZE);
++ pCounter = (MV_U32*)(pBuf + (MV_CESA_AES_BLOCK_SIZE - sizeof(counter)));
++ counter = *pCounter;
++ counter = MV_32BIT_BE(counter);
++ pIV = pBuf;
++ cryptoSize -= MV_CESA_AES_BLOCK_SIZE;
++
++ /* fill key stream */
++ while(cryptoSize > 0)
++ {
++ pBuf += MV_CESA_AES_BLOCK_SIZE;
++ memcpy(pBuf, pIV, MV_CESA_AES_BLOCK_SIZE - sizeof(counter));
++ pCounter = (MV_U32*)(pBuf + (MV_CESA_AES_BLOCK_SIZE - sizeof(counter)));
++ counter++;
++ *pCounter = MV_32BIT_BE(counter);
++ cryptoSize -= MV_CESA_AES_BLOCK_SIZE;
++ }
++
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaCtrModeComplete -
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_COMMAND *pOrgCmd, MV_CESA_COMMAND *pCmd
++*
++* RETURN:
++* MV_STATUS
++*
++*******************************************************************************/
++static MV_STATUS mvCesaCtrModeComplete(MV_CESA_COMMAND *pOrgCmd, MV_CESA_COMMAND *pCmd)
++{
++ int srcFrag, dstFrag, srcOffset, dstOffset, keyOffset, srcSize, dstSize;
++ int cryptoSize = pCmd->cryptoLength;
++ MV_U8 *pSrc, *pDst, *pKey;
++ MV_STATUS status = MV_OK;
++/*
++ mvOsPrintf("CtrModeComplete: pCmd=%p, pCtrSrc=%p, pCtrDst=%p, pOrgCmd=%p, pOrgSrc=%p, pOrgDst=%p\n",
++ pCmd, pCmd->pSrc, pCmd->pDst,
++ pOrgCmd, pOrgCmd->pSrc, pOrgCmd->pDst);
++*/
++ /* XOR source data with key stream to destination data */
++ pKey = pCmd->pDst->pFrags[0].bufVirtPtr;
++ keyOffset = 0;
++
++ if( (pOrgCmd->pSrc != pOrgCmd->pDst) &&
++ (pOrgCmd->cryptoOffset > 0) )
++ {
++ /* Copy Prefix from source buffer to destination buffer */
++
++ status = mvCesaMbufCopy(pOrgCmd->pDst, 0,
++ pOrgCmd->pSrc, 0, pOrgCmd->cryptoOffset);
++/*
++ status = mvCesaCopyFromMbuf(tempBuf, pOrgCmd->pSrc,
++ 0, pOrgCmd->cryptoOffset);
++ status = mvCesaCopyToMbuf(tempBuf, pOrgCmd->pDst,
++ 0, pOrgCmd->cryptoOffset);
++*/
++ }
++
++ srcFrag = mvCesaMbufOffset(pOrgCmd->pSrc, pOrgCmd->cryptoOffset, &srcOffset);
++ pSrc = pOrgCmd->pSrc->pFrags[srcFrag].bufVirtPtr;
++ srcSize = pOrgCmd->pSrc->pFrags[srcFrag].bufSize;
++
++ dstFrag = mvCesaMbufOffset(pOrgCmd->pDst, pOrgCmd->cryptoOffset, &dstOffset);
++ pDst = pOrgCmd->pDst->pFrags[dstFrag].bufVirtPtr;
++ dstSize = pOrgCmd->pDst->pFrags[dstFrag].bufSize;
++
++ while(cryptoSize > 0)
++ {
++ pDst[dstOffset] = (pSrc[srcOffset] ^ pKey[keyOffset]);
++
++ cryptoSize--;
++ dstOffset++;
++ srcOffset++;
++ keyOffset++;
++
++ if(srcOffset >= srcSize)
++ {
++ srcFrag++;
++ srcOffset = 0;
++ pSrc = pOrgCmd->pSrc->pFrags[srcFrag].bufVirtPtr;
++ srcSize = pOrgCmd->pSrc->pFrags[srcFrag].bufSize;
++ }
++
++ if(dstOffset >= dstSize)
++ {
++ dstFrag++;
++ dstOffset = 0;
++ pDst = pOrgCmd->pDst->pFrags[dstFrag].bufVirtPtr;
++ dstSize = pOrgCmd->pDst->pFrags[dstFrag].bufSize;
++ }
++ }
++
++ if(pOrgCmd->pSrc != pOrgCmd->pDst)
++ {
++ /* Copy Suffix from source buffer to destination buffer */
++ srcOffset = pOrgCmd->cryptoOffset + pOrgCmd->cryptoLength;
++
++ if( (pOrgCmd->pDst->mbufSize - srcOffset) > 0)
++ {
++ status = mvCesaMbufCopy(pOrgCmd->pDst, srcOffset,
++ pOrgCmd->pSrc, srcOffset,
++ pOrgCmd->pDst->mbufSize - srcOffset);
++ }
++
++/*
++ status = mvCesaCopyFromMbuf(tempBuf, pOrgCmd->pSrc,
++ srcOffset, pOrgCmd->pSrc->mbufSize - srcOffset);
++ status = mvCesaCopyToMbuf(tempBuf, pOrgCmd->pDst,
++ srcOffset, pOrgCmd->pDst->mbufSize - srcOffset);
++*/
++ }
++
++ /* Free buffer used for Key stream */
++ mvOsIoCachedFree(cesaOsHandle,pCmd->pDst->pFrags[0].bufSize,
++ pCmd->pDst->pFrags[0].bufPhysAddr,
++ pCmd->pDst->pFrags[0].bufVirtPtr,
++ pCmd->pDst->pFrags[0].memHandle);
++
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaCtrModeFinish -
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_COMMAND* pCmd
++*
++* RETURN:
++* MV_STATUS
++*
++*******************************************************************************/
++static void mvCesaCtrModeFinish(MV_CESA_COMMAND* pCmd)
++{
++ mvOsFree(pCmd);
++}
++
++/*******************************************************************************
++* mvCesaParamCheck -
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_SA* pSA, MV_CESA_COMMAND *pCmd, MV_U8* pFixOffset
++*
++* RETURN:
++* MV_STATUS
++*
++*******************************************************************************/
++static MV_STATUS mvCesaParamCheck(MV_CESA_SA* pSA, MV_CESA_COMMAND *pCmd,
++ MV_U8* pFixOffset)
++{
++ MV_U8 fixOffset = 0xFF;
++
++ /* Check AUTH operation parameters */
++ if( ((pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_CRYPTO_ONLY << MV_CESA_OPERATION_OFFSET)) )
++ {
++ /* MAC offset should be at least 4 byte aligned */
++ if( MV_IS_NOT_ALIGN(pCmd->macOffset, 4) )
++ {
++ mvOsPrintf("mvCesaAction: macOffset %d must be 4 byte aligned\n",
++ pCmd->macOffset);
++ return MV_BAD_PARAM;
++ }
++ /* Digest offset must be 4 byte aligned */
++ if( MV_IS_NOT_ALIGN(pCmd->digestOffset, 4) )
++ {
++ mvOsPrintf("mvCesaAction: digestOffset %d must be 4 byte aligned\n",
++ pCmd->digestOffset);
++ return MV_BAD_PARAM;
++ }
++ /* In addition all offsets should be the same alignment: 8 or 4 */
++ if(fixOffset == 0xFF)
++ {
++ fixOffset = (pCmd->macOffset % 8);
++ }
++ else
++ {
++ if( (pCmd->macOffset % 8) != fixOffset)
++ {
++ mvOsPrintf("mvCesaAction: macOffset %d mod 8 must be equal %d\n",
++ pCmd->macOffset, fixOffset);
++ return MV_BAD_PARAM;
++ }
++ }
++ if( (pCmd->digestOffset % 8) != fixOffset)
++ {
++ mvOsPrintf("mvCesaAction: digestOffset %d mod 8 must be equal %d\n",
++ pCmd->digestOffset, fixOffset);
++ return MV_BAD_PARAM;
++ }
++ }
++ /* Check CRYPTO operation parameters */
++ if( ((pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_MAC_ONLY << MV_CESA_OPERATION_OFFSET)) )
++ {
++ /* CryptoOffset should be at least 4 byte aligned */
++ if( MV_IS_NOT_ALIGN(pCmd->cryptoOffset, 4) )
++ {
++ mvOsPrintf("CesaAction: cryptoOffset=%d must be 4 byte aligned\n",
++ pCmd->cryptoOffset);
++ return MV_BAD_PARAM;
++ }
++ /* cryptoLength should be the whole number of blocks */
++ if( MV_IS_NOT_ALIGN(pCmd->cryptoLength, pSA->cryptoBlockSize) )
++ {
++ mvOsPrintf("mvCesaAction: cryptoLength=%d must be %d byte aligned\n",
++ pCmd->cryptoLength, pSA->cryptoBlockSize);
++ return MV_BAD_PARAM;
++ }
++ if(fixOffset == 0xFF)
++ {
++ fixOffset = (pCmd->cryptoOffset % 8);
++ }
++ else
++ {
++ /* In addition all offsets should be the same alignment: 8 or 4 */
++ if( (pCmd->cryptoOffset % 8) != fixOffset)
++ {
++ mvOsPrintf("mvCesaAction: cryptoOffset %d mod 8 must be equal %d \n",
++ pCmd->cryptoOffset, fixOffset);
++ return MV_BAD_PARAM;
++ }
++ }
++
++ /* check for CBC mode */
++ if(pSA->cryptoIvSize > 0)
++ {
++ /* cryptoIV must not be part of CryptoLength */
++ if( ((pCmd->ivOffset + pSA->cryptoIvSize) > pCmd->cryptoOffset) &&
++ (pCmd->ivOffset < (pCmd->cryptoOffset + pCmd->cryptoLength)) )
++ {
++ mvOsPrintf("mvCesaFragParamCheck: cryptoIvOffset (%d) is part of cryptoLength (%d+%d)\n",
++ pCmd->ivOffset, pCmd->macOffset, pCmd->macLength);
++ return MV_BAD_PARAM;
++ }
++
++ /* ivOffset must be 4 byte aligned */
++ if( MV_IS_NOT_ALIGN(pCmd->ivOffset, 4) )
++ {
++ mvOsPrintf("CesaAction: ivOffset=%d must be 4 byte aligned\n",
++ pCmd->ivOffset);
++ return MV_BAD_PARAM;
++ }
++ /* In addition all offsets should be the same alignment: 8 or 4 */
++ if( (pCmd->ivOffset % 8) != fixOffset)
++ {
++ mvOsPrintf("mvCesaAction: ivOffset %d mod 8 must be %d\n",
++ pCmd->ivOffset, fixOffset);
++ return MV_BAD_PARAM;
++ }
++ }
++ }
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaFragParamCheck -
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_SA* pSA, MV_CESA_COMMAND *pCmd
++*
++* RETURN:
++* MV_STATUS
++*
++*******************************************************************************/
++static MV_STATUS mvCesaFragParamCheck(MV_CESA_SA* pSA, MV_CESA_COMMAND *pCmd)
++{
++ int offset;
++
++ if( ((pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_CRYPTO_ONLY << MV_CESA_OPERATION_OFFSET)) )
++ {
++ /* macOffset must be less that SRAM buffer size */
++ if(pCmd->macOffset > (sizeof(cesaSramVirtPtr->buf) - MV_CESA_AUTH_BLOCK_SIZE))
++ {
++ mvOsPrintf("mvCesaFragParamCheck: macOffset is too large (%d)\n",
++ pCmd->macOffset);
++ return MV_BAD_PARAM;
++ }
++ /* macOffset+macSize must be more than mbufSize - SRAM buffer size */
++ if( ((pCmd->macOffset + pCmd->macLength) > pCmd->pSrc->mbufSize) ||
++ ((pCmd->pSrc->mbufSize - (pCmd->macOffset + pCmd->macLength)) >=
++ sizeof(cesaSramVirtPtr->buf)) )
++ {
++ mvOsPrintf("mvCesaFragParamCheck: macLength is too large (%d), mbufSize=%d\n",
++ pCmd->macLength, pCmd->pSrc->mbufSize);
++ return MV_BAD_PARAM;
++ }
++ }
++
++ if( ((pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_MAC_ONLY << MV_CESA_OPERATION_OFFSET)) )
++ {
++ /* cryptoOffset must be less that SRAM buffer size */
++ /* 4 for possible fixOffset */
++ if( (pCmd->cryptoOffset + 4) > (sizeof(cesaSramVirtPtr->buf) - pSA->cryptoBlockSize))
++ {
++ mvOsPrintf("mvCesaFragParamCheck: cryptoOffset is too large (%d)\n",
++ pCmd->cryptoOffset);
++ return MV_BAD_PARAM;
++ }
++
++ /* cryptoOffset+cryptoSize must be more than mbufSize - SRAM buffer size */
++ if( ((pCmd->cryptoOffset + pCmd->cryptoLength) > pCmd->pSrc->mbufSize) ||
++ ((pCmd->pSrc->mbufSize - (pCmd->cryptoOffset + pCmd->cryptoLength)) >=
++ (sizeof(cesaSramVirtPtr->buf) - pSA->cryptoBlockSize)) )
++ {
++ mvOsPrintf("mvCesaFragParamCheck: cryptoLength is too large (%d), mbufSize=%d\n",
++ pCmd->cryptoLength, pCmd->pSrc->mbufSize);
++ return MV_BAD_PARAM;
++ }
++ }
++
++ /* When MAC_THEN_CRYPTO or CRYPTO_THEN_MAC */
++ if( ((pSA->config & MV_CESA_OPERATION_MASK) ==
++ (MV_CESA_MAC_THEN_CRYPTO << MV_CESA_OPERATION_OFFSET)) ||
++ ((pSA->config & MV_CESA_OPERATION_MASK) ==
++ (MV_CESA_CRYPTO_THEN_MAC << MV_CESA_OPERATION_OFFSET)) )
++ {
++ if( (mvCtrlModelGet() == MV_5182_DEV_ID) ||
++ ( (mvCtrlModelGet() == MV_5181_DEV_ID) &&
++ (mvCtrlRevGet() >= MV_5181L_A0_REV) &&
++ (pCmd->macLength >= (1 << 14)) ) )
++ {
++ return MV_NOT_ALLOWED;
++ }
++
++ /* abs(cryptoOffset-macOffset) must be aligned cryptoBlockSize */
++ if(pCmd->cryptoOffset > pCmd->macOffset)
++ {
++ offset = pCmd->cryptoOffset - pCmd->macOffset;
++ }
++ else
++ {
++ offset = pCmd->macOffset - pCmd->cryptoOffset;
++ }
++
++ if( MV_IS_NOT_ALIGN(offset, pSA->cryptoBlockSize) )
++ {
++/*
++ mvOsPrintf("mvCesaFragParamCheck: (cryptoOffset - macOffset) must be %d byte aligned\n",
++ pSA->cryptoBlockSize);
++*/
++ return MV_NOT_ALLOWED;
++ }
++ /* Digest must not be part of CryptoLength */
++ if( ((pCmd->digestOffset + pSA->digestSize) > pCmd->cryptoOffset) &&
++ (pCmd->digestOffset < (pCmd->cryptoOffset + pCmd->cryptoLength)) )
++ {
++/*
++ mvOsPrintf("mvCesaFragParamCheck: digestOffset (%d) is part of cryptoLength (%d+%d)\n",
++ pCmd->digestOffset, pCmd->cryptoOffset, pCmd->cryptoLength);
++*/
++ return MV_NOT_ALLOWED;
++ }
++ }
++ return MV_OK;
++}
++
++/*******************************************************************************
++* mvCesaFragSizeFind -
++*
++* DESCRIPTION:
++*
++*
++* INPUT:
++* MV_CESA_SA* pSA, MV_CESA_COMMAND *pCmd,
++* int cryptoOffset, int macOffset,
++*
++* OUTPUT:
++* int* pCopySize, int* pCryptoDataSize, int* pMacDataSize
++*
++* RETURN:
++* MV_STATUS
++*
++*******************************************************************************/
++static void mvCesaFragSizeFind(MV_CESA_SA* pSA, MV_CESA_REQ* pReq,
++ int cryptoOffset, int macOffset,
++ int* pCopySize, int* pCryptoDataSize, int* pMacDataSize)
++{
++ MV_CESA_COMMAND *pCmd = pReq->pCmd;
++ int cryptoDataSize, macDataSize, copySize;
++
++ cryptoDataSize = macDataSize = 0;
++ copySize = *pCopySize;
++
++ if( (pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_MAC_ONLY << MV_CESA_OPERATION_OFFSET) )
++ {
++ cryptoDataSize = MV_MIN( (copySize - cryptoOffset),
++ (pCmd->cryptoLength - (pReq->frags.cryptoSize + 1)) );
++
++ /* cryptoSize for each fragment must be the whole number of blocksSize */
++ if( MV_IS_NOT_ALIGN(cryptoDataSize, pSA->cryptoBlockSize) )
++ {
++ cryptoDataSize = MV_ALIGN_DOWN(cryptoDataSize, pSA->cryptoBlockSize);
++ copySize = cryptoOffset + cryptoDataSize;
++ }
++ }
++ if( (pSA->config & MV_CESA_OPERATION_MASK) !=
++ (MV_CESA_CRYPTO_ONLY << MV_CESA_OPERATION_OFFSET) )
++ {
++ macDataSize = MV_MIN( (copySize - macOffset),
++ (pCmd->macLength - (pReq->frags.macSize + 1)));
++
++ /* macSize for each fragment (except last) must be the whole number of blocksSize */
++ if( MV_IS_NOT_ALIGN(macDataSize, MV_CESA_AUTH_BLOCK_SIZE) )
++ {
++ macDataSize = MV_ALIGN_DOWN(macDataSize, MV_CESA_AUTH_BLOCK_SIZE);
++ copySize = macOffset + macDataSize;
++ }
++ cryptoDataSize = copySize - cryptoOffset;
++ }
++ *pCopySize = copySize;
++
++ if(pCryptoDataSize != NULL)
++ *pCryptoDataSize = cryptoDataSize;
++
++ if(pMacDataSize != NULL)
++ *pMacDataSize = macDataSize;
++}
+diff --git a/crypto/ocf/kirkwood/cesa/mvCesa.h b/crypto/ocf/kirkwood/cesa/mvCesa.h
+new file mode 100644
+index 0000000..c0abc9b
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvCesa.h
+@@ -0,0 +1,412 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++/*******************************************************************************
++* mvCesa.h - Header File for Cryptographic Engines and Security Accelerator
++*
++* DESCRIPTION:
++* This header file contains macros typedefs and function declaration for
++* the Marvell Cryptographic Engines and Security Accelerator.
++*
++*******************************************************************************/
++
++#ifndef __mvCesa_h__
++#define __mvCesa_h__
++
++#include "mvOs.h"
++#include "mvCommon.h"
++#include "mvDebug.h"
++
++#include "ctrlEnv/mvCtrlEnvSpec.h"
++
++#include "cesa/mvMD5.h"
++#include "cesa/mvSHA1.h"
++
++#include "cesa/mvCesa.h"
++#include "cesa/AES/mvAes.h"
++#include "mvSysHwConfig.h"
++
++#ifdef MV_INCLUDE_IDMA
++#include "idma/mvIdma.h"
++#include "idma/mvIdmaRegs.h"
++#else
++/* Redefine MV_DMA_DESC structure */
++typedef struct _mvDmaDesc
++{
++ MV_U32 byteCnt; /* The total number of bytes to transfer */
++ MV_U32 phySrcAdd; /* The physical source address */
++ MV_U32 phyDestAdd; /* The physical destination address */
++ MV_U32 phyNextDescPtr; /* If we are using chain mode DMA transfer, */
++ /* then this pointer should point to the */
++ /* physical address of the next descriptor, */
++ /* otherwise it should be NULL. */
++}MV_DMA_DESC;
++#endif /* MV_INCLUDE_IDMA */
++
++#include "cesa/mvCesaRegs.h"
++
++#define MV_CESA_AUTH_BLOCK_SIZE 64 /* bytes */
++
++#define MV_CESA_MD5_DIGEST_SIZE 16 /* bytes */
++#define MV_CESA_SHA1_DIGEST_SIZE 20 /* bytes */
++
++#define MV_CESA_MAX_DIGEST_SIZE MV_CESA_SHA1_DIGEST_SIZE
++
++#define MV_CESA_DES_KEY_LENGTH 8 /* bytes = 64 bits */
++#define MV_CESA_3DES_KEY_LENGTH 24 /* bytes = 192 bits */
++#define MV_CESA_AES_128_KEY_LENGTH 16 /* bytes = 128 bits */
++#define MV_CESA_AES_192_KEY_LENGTH 24 /* bytes = 192 bits */
++#define MV_CESA_AES_256_KEY_LENGTH 32 /* bytes = 256 bits */
++
++#define MV_CESA_MAX_CRYPTO_KEY_LENGTH MV_CESA_AES_256_KEY_LENGTH
++
++#define MV_CESA_DES_BLOCK_SIZE 8 /* bytes = 64 bits */
++#define MV_CESA_3DES_BLOCK_SIZE 8 /* bytes = 64 bits */
++
++#define MV_CESA_AES_BLOCK_SIZE 16 /* bytes = 128 bits */
++
++#define MV_CESA_MAX_IV_LENGTH MV_CESA_AES_BLOCK_SIZE
++
++#define MV_CESA_MAX_MAC_KEY_LENGTH 64 /* bytes */
++
++typedef struct
++{
++ MV_U8 cryptoKey[MV_CESA_MAX_CRYPTO_KEY_LENGTH];
++ MV_U8 macKey[MV_CESA_MAX_MAC_KEY_LENGTH];
++ MV_CESA_OPERATION operation;
++ MV_CESA_DIRECTION direction;
++ MV_CESA_CRYPTO_ALG cryptoAlgorithm;
++ MV_CESA_CRYPTO_MODE cryptoMode;
++ MV_U8 cryptoKeyLength;
++ MV_CESA_MAC_MODE macMode;
++ MV_U8 macKeyLength;
++ MV_U8 digestSize;
++
++} MV_CESA_OPEN_SESSION;
++
++typedef struct
++{
++ MV_BUF_INFO *pFrags;
++ MV_U16 numFrags;
++ MV_U16 mbufSize;
++
++} MV_CESA_MBUF;
++
++typedef struct
++{
++ void* pReqPrv; /* instead of reqId */
++ MV_U32 retCode;
++ MV_16 sessionId;
++
++} MV_CESA_RESULT;
++
++typedef void (*MV_CESA_CALLBACK) (MV_CESA_RESULT* pResult);
++
++
++typedef struct
++{
++ void* pReqPrv; /* instead of reqId */
++ MV_CESA_MBUF* pSrc;
++ MV_CESA_MBUF* pDst;
++ MV_CESA_CALLBACK* pFuncCB;
++ MV_16 sessionId;
++ MV_U16 ivFromUser;
++ MV_U16 ivOffset;
++ MV_U16 cryptoOffset;
++ MV_U16 cryptoLength;
++ MV_U16 digestOffset;
++ MV_U16 macOffset;
++ MV_U16 macLength;
++ MV_BOOL skipFlush;
++} MV_CESA_COMMAND;
++
++
++
++MV_STATUS mvCesaHalInit (int numOfSession, int queueDepth, char* pSramBase, MV_U32 cryptEngBase, void *osHandle);
++MV_STATUS mvCesaFinish (void);
++MV_STATUS mvCesaSessionOpen(MV_CESA_OPEN_SESSION *pSession, short* pSid);
++MV_STATUS mvCesaSessionClose(short sid);
++MV_STATUS mvCesaCryptoIvSet(MV_U8* pIV, int ivSize);
++
++MV_STATUS mvCesaAction (MV_CESA_COMMAND* pCmd);
++
++MV_U32 mvCesaInProcessGet(void);
++MV_STATUS mvCesaReadyDispatch(void);
++MV_STATUS mvCesaReadyGet(MV_CESA_RESULT* pResult);
++MV_BOOL mvCesaIsReady(void);
++
++int mvCesaMbufOffset(MV_CESA_MBUF* pMbuf, int offset, int* pBufOffset);
++MV_STATUS mvCesaCopyFromMbuf(MV_U8* pDst, MV_CESA_MBUF* pSrcMbuf,
++ int offset, int size);
++MV_STATUS mvCesaCopyToMbuf(MV_U8* pSrc, MV_CESA_MBUF* pDstMbuf,
++ int offset, int size);
++MV_STATUS mvCesaMbufCopy(MV_CESA_MBUF* pMbufDst, int dstMbufOffset,
++ MV_CESA_MBUF* pMbufSrc, int srcMbufOffset, int size);
++
++/********** Debug functions ********/
++
++void mvCesaDebugMbuf(const char* str, MV_CESA_MBUF *pMbuf, int offset, int size);
++void mvCesaDebugSA(short sid, int mode);
++void mvCesaDebugStats(void);
++void mvCesaDebugStatsClear(void);
++void mvCesaDebugRegs(void);
++void mvCesaDebugStatus(void);
++void mvCesaDebugQueue(int mode);
++void mvCesaDebugSram(int mode);
++void mvCesaDebugSAD(int mode);
++
++
++/******** CESA Private definitions ********/
++#if (MV_CESA_VERSION >= 2)
++#if (MV_CACHE_COHERENCY == MV_CACHE_COHER_SW)
++#define MV_CESA_TDMA_CTRL_VALUE MV_CESA_TDMA_DST_BURST_MASK(MV_CESA_TDMA_BURST_128B) \
++ | MV_CESA_TDMA_SRC_BURST_MASK(MV_CESA_TDMA_BURST_128B) \
++ | MV_CESA_TDMA_OUTSTAND_READ_EN_MASK \
++ | MV_CESA_TDMA_NO_BYTE_SWAP_MASK \
++ | MV_CESA_TDMA_ENABLE_MASK
++#else
++#define MV_CESA_TDMA_CTRL_VALUE MV_CESA_TDMA_DST_BURST_MASK(MV_CESA_TDMA_BURST_32B) \
++ | MV_CESA_TDMA_SRC_BURST_MASK(MV_CESA_TDMA_BURST_128B) \
++ /*| MV_CESA_TDMA_OUTSTAND_READ_EN_MASK */\
++ | MV_CESA_TDMA_ENABLE_MASK
++
++#endif
++#else
++#define MV_CESA_IDMA_CTRL_LOW_VALUE ICCLR_DST_BURST_LIM_128BYTE \
++ | ICCLR_SRC_BURST_LIM_128BYTE \
++ | ICCLR_INT_MODE_MASK \
++ | ICCLR_BLOCK_MODE \
++ | ICCLR_CHAN_ENABLE \
++ | ICCLR_DESC_MODE_16M
++#endif /* MV_CESA_VERSION >= 2 */
++
++#define MV_CESA_MAX_PKT_SIZE (64 * 1024)
++#define MV_CESA_MAX_MBUF_FRAGS 20
++
++#define MV_CESA_MAX_REQ_FRAGS ( (MV_CESA_MAX_PKT_SIZE / MV_CESA_MAX_BUF_SIZE) + 1)
++
++#define MV_CESA_MAX_DMA_DESC (MV_CESA_MAX_MBUF_FRAGS*2 + 5)
++
++#define MAX_CESA_CHAIN_LENGTH 20
++
++typedef enum
++{
++ MV_CESA_IDLE = 0,
++ MV_CESA_PENDING,
++ MV_CESA_PROCESS,
++ MV_CESA_READY,
++#if (MV_CESA_VERSION >= 3)
++ MV_CESA_CHAIN,
++#endif
++} MV_CESA_STATE;
++
++
++/* Session database */
++
++/* Map of Key materials of the session in SRAM.
++ * Each field must be 8 byte aligned
++ * Total size: 32 + 24 + 24 = 80 bytes
++ */
++typedef struct
++{
++ MV_U8 cryptoKey[MV_CESA_MAX_CRYPTO_KEY_LENGTH];
++ MV_U8 macInnerIV[MV_CESA_MAX_DIGEST_SIZE];
++ MV_U8 reservedInner[4];
++ MV_U8 macOuterIV[MV_CESA_MAX_DIGEST_SIZE];
++ MV_U8 reservedOuter[4];
++
++} MV_CESA_SRAM_SA;
++
++typedef struct
++{
++ MV_CESA_SRAM_SA* pSramSA;
++ MV_U32 config;
++ MV_U8 cryptoKeyLength;
++ MV_U8 cryptoIvSize;
++ MV_U8 cryptoBlockSize;
++ MV_U8 digestSize;
++ MV_U8 macKeyLength;
++ MV_U8 valid;
++ MV_U8 ctrMode;
++ MV_U32 count;
++
++} MV_CESA_SA;
++
++/* DMA list management */
++typedef struct
++{
++ MV_DMA_DESC* pDmaFirst;
++ MV_DMA_DESC* pDmaLast;
++
++} MV_CESA_DMA;
++
++
++typedef struct
++{
++ MV_U8 numFrag;
++ MV_U8 nextFrag;
++ int bufOffset;
++ int cryptoSize;
++ int macSize;
++ int newDigestOffset;
++ MV_U8 orgDigest[MV_CESA_MAX_DIGEST_SIZE];
++
++} MV_CESA_FRAGS;
++
++/* Request queue */
++typedef struct
++{
++ MV_U8 state;
++ MV_U8 fragMode;
++ MV_U8 fixOffset;
++ MV_CESA_COMMAND* pCmd;
++ MV_CESA_COMMAND* pOrgCmd;
++ MV_BUF_INFO dmaDescBuf;
++ MV_CESA_DMA dma[MV_CESA_MAX_REQ_FRAGS];
++ MV_BUF_INFO cesaDescBuf;
++ MV_CESA_DESC* pCesaDesc;
++ MV_CESA_FRAGS frags;
++
++
++} MV_CESA_REQ;
++
++
++/* SRAM map */
++/* Total SRAM size calculation */
++/* SRAM size =
++ * MV_CESA_MAX_BUF_SIZE +
++ * sizeof(MV_CESA_DESC) +
++ * MV_CESA_MAX_IV_LENGTH +
++ * MV_CESA_MAX_IV_LENGTH +
++ * MV_CESA_MAX_DIGEST_SIZE +
++ * sizeof(MV_CESA_SRAM_SA)
++ * = 1600 + 32 + 16 + 16 + 24 + 80 + 280 (reserved) = 2048 bytes
++ * = 3200 + 32 + 16 + 16 + 24 + 80 + 728 (reserved) = 4096 bytes
++ */
++typedef struct
++{
++ MV_U8 buf[MV_CESA_MAX_BUF_SIZE];
++ MV_CESA_DESC desc;
++ MV_U8 cryptoIV[MV_CESA_MAX_IV_LENGTH];
++ MV_U8 tempCryptoIV[MV_CESA_MAX_IV_LENGTH];
++ MV_U8 tempDigest[MV_CESA_MAX_DIGEST_SIZE+4];
++ MV_CESA_SRAM_SA sramSA;
++
++} MV_CESA_SRAM_MAP;
++
++
++typedef struct
++{
++ MV_U32 openedCount;
++ MV_U32 closedCount;
++ MV_U32 fragCount;
++ MV_U32 reqCount;
++ MV_U32 maxReqCount;
++ MV_U32 procCount;
++ MV_U32 readyCount;
++ MV_U32 notReadyCount;
++ MV_U32 startCount;
++#if (MV_CESA_VERSION >= 3)
++ MV_U32 maxChainUsage;
++#endif
++
++} MV_CESA_STATS;
++
++
++/* External variables */
++
++extern MV_CESA_STATS cesaStats;
++extern MV_CESA_FRAGS cesaFrags;
++
++extern MV_BUF_INFO cesaSramSaBuf;
++
++extern MV_CESA_SA* pCesaSAD;
++extern MV_U16 cesaMaxSA;
++
++extern MV_CESA_REQ* pCesaReqFirst;
++extern MV_CESA_REQ* pCesaReqLast;
++extern MV_CESA_REQ* pCesaReqEmpty;
++extern MV_CESA_REQ* pCesaReqProcess;
++extern int cesaQueueDepth;
++extern int cesaReqResources;
++#if (MV_CESA_VERSION>= 3)
++extern MV_U32 cesaChainLength;
++#endif
++
++extern MV_CESA_SRAM_MAP* cesaSramVirtPtr;
++extern MV_U32 cesaSramPhysAddr;
++
++static INLINE MV_ULONG mvCesaVirtToPhys(MV_BUF_INFO* pBufInfo, void* pVirt)
++{
++ return (pBufInfo->bufPhysAddr + ((MV_U8*)pVirt - pBufInfo->bufVirtPtr));
++}
++
++/* Additional DEBUG functions */
++void mvCesaDebugSramSA(MV_CESA_SRAM_SA* pSramSA, int mode);
++void mvCesaDebugCmd(MV_CESA_COMMAND* pCmd, int mode);
++void mvCesaDebugDescriptor(MV_CESA_DESC* pDesc);
++
++
++
++#endif /* __mvCesa_h__ */
+diff --git a/crypto/ocf/kirkwood/cesa/mvCesaDebug.c b/crypto/ocf/kirkwood/cesa/mvCesaDebug.c
+new file mode 100644
+index 0000000..31b78a8
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvCesaDebug.c
+@@ -0,0 +1,484 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++#include "mvOs.h"
++#include "mvDebug.h"
++
++#include "cesa/mvMD5.h"
++#include "cesa/mvSHA1.h"
++
++#include "cesa/mvCesa.h"
++#include "cesa/mvCesaRegs.h"
++#include "cesa/AES/mvAes.h"
++
++static const char* mvCesaDebugStateStr(MV_CESA_STATE state)
++{
++ switch(state)
++ {
++ case MV_CESA_IDLE:
++ return "Idle";
++
++ case MV_CESA_PENDING:
++ return "Pend";
++
++ case MV_CESA_PROCESS:
++ return "Proc";
++
++ case MV_CESA_READY:
++ return "Ready";
++
++ default:
++ break;
++ }
++ return "Unknown";
++}
++
++static const char* mvCesaDebugOperStr(MV_CESA_OPERATION oper)
++{
++ switch(oper)
++ {
++ case MV_CESA_MAC_ONLY:
++ return "MacOnly";
++
++ case MV_CESA_CRYPTO_ONLY:
++ return "CryptoOnly";
++
++ case MV_CESA_MAC_THEN_CRYPTO:
++ return "MacCrypto";
++
++ case MV_CESA_CRYPTO_THEN_MAC:
++ return "CryptoMac";
++
++ default:
++ break;
++ }
++ return "Null";
++}
++
++static const char* mvCesaDebugCryptoAlgStr(MV_CESA_CRYPTO_ALG cryptoAlg)
++{
++ switch(cryptoAlg)
++ {
++ case MV_CESA_CRYPTO_DES:
++ return "DES";
++
++ case MV_CESA_CRYPTO_3DES:
++ return "3DES";
++
++ case MV_CESA_CRYPTO_AES:
++ return "AES";
++
++ default:
++ break;
++ }
++ return "Null";
++}
++
++static const char* mvCesaDebugMacModeStr(MV_CESA_MAC_MODE macMode)
++{
++ switch(macMode)
++ {
++ case MV_CESA_MAC_MD5:
++ return "MD5";
++
++ case MV_CESA_MAC_SHA1:
++ return "SHA1";
++
++ case MV_CESA_MAC_HMAC_MD5:
++ return "HMAC-MD5";
++
++ case MV_CESA_MAC_HMAC_SHA1:
++ return "HMAC_SHA1";
++
++ default:
++ break;
++ }
++ return "Null";
++}
++
++void mvCesaDebugCmd(MV_CESA_COMMAND* pCmd, int mode)
++{
++ mvOsPrintf("pCmd=%p, pReqPrv=%p, pSrc=%p, pDst=%p, pCB=%p, sid=%d\n",
++ pCmd, pCmd->pReqPrv, pCmd->pSrc, pCmd->pDst,
++ pCmd->pFuncCB, pCmd->sessionId);
++ mvOsPrintf("isUser=%d, ivOffs=%d, crOffs=%d, crLen=%d, digest=%d, macOffs=%d, macLen=%d\n",
++ pCmd->ivFromUser, pCmd->ivOffset, pCmd->cryptoOffset, pCmd->cryptoLength,
++ pCmd->digestOffset, pCmd->macOffset, pCmd->macLength);
++}
++
++/* no need to use in tool */
++void mvCesaDebugMbuf(const char* str, MV_CESA_MBUF *pMbuf, int offset, int size)
++{
++ int frag, len, fragOffset;
++
++ if(str != NULL)
++ mvOsPrintf("%s: pMbuf=%p, numFrags=%d, mbufSize=%d\n",
++ str, pMbuf, pMbuf->numFrags, pMbuf->mbufSize);
++
++ frag = mvCesaMbufOffset(pMbuf, offset, &fragOffset);
++ if(frag == MV_INVALID)
++ {
++ mvOsPrintf("CESA Mbuf Error: offset (%d) out of range\n", offset);
++ return;
++ }
++
++ for(; frag<pMbuf->numFrags; frag++)
++ {
++ mvOsPrintf("#%2d. bufVirt=%p, bufSize=%d\n",
++ frag, pMbuf->pFrags[frag].bufVirtPtr,
++ pMbuf->pFrags[frag].bufSize);
++ if(size > 0)
++ {
++ len = MV_MIN(pMbuf->pFrags[frag].bufSize, size);
++ mvDebugMemDump(pMbuf->pFrags[frag].bufVirtPtr+fragOffset, len, 1);
++ size -= len;
++ fragOffset = 0;
++ }
++ }
++}
++
++void mvCesaDebugRegs(void)
++{
++ mvOsPrintf("\t CESA Registers:\n");
++
++ mvOsPrintf("MV_CESA_CMD_REG : 0x%X = 0x%08x\n",
++ MV_CESA_CMD_REG,
++ MV_REG_READ( MV_CESA_CMD_REG ) );
++
++ mvOsPrintf("MV_CESA_CHAN_DESC_OFFSET_REG : 0x%X = 0x%08x\n",
++ MV_CESA_CHAN_DESC_OFFSET_REG,
++ MV_REG_READ(MV_CESA_CHAN_DESC_OFFSET_REG) );
++
++ mvOsPrintf("MV_CESA_CFG_REG : 0x%X = 0x%08x\n",
++ MV_CESA_CFG_REG,
++ MV_REG_READ( MV_CESA_CFG_REG ) );
++
++ mvOsPrintf("MV_CESA_STATUS_REG : 0x%X = 0x%08x\n",
++ MV_CESA_STATUS_REG,
++ MV_REG_READ( MV_CESA_STATUS_REG ) );
++
++ mvOsPrintf("MV_CESA_ISR_CAUSE_REG : 0x%X = 0x%08x\n",
++ MV_CESA_ISR_CAUSE_REG,
++ MV_REG_READ( MV_CESA_ISR_CAUSE_REG ) );
++
++ mvOsPrintf("MV_CESA_ISR_MASK_REG : 0x%X = 0x%08x\n",
++ MV_CESA_ISR_MASK_REG,
++ MV_REG_READ( MV_CESA_ISR_MASK_REG ) );
++#if (MV_CESA_VERSION >= 2)
++ mvOsPrintf("MV_CESA_TDMA_CTRL_REG : 0x%X = 0x%08x\n",
++ MV_CESA_TDMA_CTRL_REG,
++ MV_REG_READ( MV_CESA_TDMA_CTRL_REG ) );
++
++ mvOsPrintf("MV_CESA_TDMA_BYTE_COUNT_REG : 0x%X = 0x%08x\n",
++ MV_CESA_TDMA_BYTE_COUNT_REG,
++ MV_REG_READ( MV_CESA_TDMA_BYTE_COUNT_REG ) );
++
++ mvOsPrintf("MV_CESA_TDMA_SRC_ADDR_REG : 0x%X = 0x%08x\n",
++ MV_CESA_TDMA_SRC_ADDR_REG,
++ MV_REG_READ( MV_CESA_TDMA_SRC_ADDR_REG ) );
++
++ mvOsPrintf("MV_CESA_TDMA_DST_ADDR_REG : 0x%X = 0x%08x\n",
++ MV_CESA_TDMA_DST_ADDR_REG,
++ MV_REG_READ( MV_CESA_TDMA_DST_ADDR_REG ) );
++
++ mvOsPrintf("MV_CESA_TDMA_NEXT_DESC_PTR_REG : 0x%X = 0x%08x\n",
++ MV_CESA_TDMA_NEXT_DESC_PTR_REG,
++ MV_REG_READ( MV_CESA_TDMA_NEXT_DESC_PTR_REG ) );
++
++ mvOsPrintf("MV_CESA_TDMA_CURR_DESC_PTR_REG : 0x%X = 0x%08x\n",
++ MV_CESA_TDMA_CURR_DESC_PTR_REG,
++ MV_REG_READ( MV_CESA_TDMA_CURR_DESC_PTR_REG ) );
++
++ mvOsPrintf("MV_CESA_TDMA_ERROR_CAUSE_REG : 0x%X = 0x%08x\n",
++ MV_CESA_TDMA_ERROR_CAUSE_REG,
++ MV_REG_READ( MV_CESA_TDMA_ERROR_CAUSE_REG ) );
++
++ mvOsPrintf("MV_CESA_TDMA_ERROR_MASK_REG : 0x%X = 0x%08x\n",
++ MV_CESA_TDMA_ERROR_MASK_REG,
++ MV_REG_READ( MV_CESA_TDMA_ERROR_CAUSE_REG ) );
++
++#endif
++}
++
++void mvCesaDebugStatus(void)
++{
++ mvOsPrintf("\n\t CESA Status\n\n");
++
++ mvOsPrintf("pReqQ=%p, qDepth=%d, reqSize=%ld bytes, qRes=%d, ",
++ pCesaReqFirst, cesaQueueDepth, sizeof(MV_CESA_REQ),
++ cesaReqResources);
++#if (MV_CESA_VERSION >= 3)
++ mvOsPrintf("chainLength=%u\n",cesaChainLength);
++#else
++ mvOsPrintf("\n");
++#endif
++
++ mvOsPrintf("pSAD=%p, maxSA=%d, sizeSA=%ld bytes\n",
++ pCesaSAD, cesaMaxSA, sizeof(MV_CESA_SA));
++
++ mvOsPrintf("\n");
++
++ mvCesaDebugRegs();
++ mvCesaDebugStats();
++ mvCesaDebugStatsClear();
++}
++
++void mvCesaDebugDescriptor(MV_CESA_DESC* pDesc)
++{
++ mvOsPrintf("config=0x%08x, crSrcOffs=0x%04x, crDstOffs=0x%04x\n",
++ pDesc->config, pDesc->cryptoSrcOffset, pDesc->cryptoDstOffset);
++
++ mvOsPrintf("crLen=0x%04x, crKeyOffs=0x%04x, ivOffs=0x%04x, ivBufOffs=0x%04x\n",
++ pDesc->cryptoDataLen, pDesc->cryptoKeyOffset,
++ pDesc->cryptoIvOffset, pDesc->cryptoIvBufOffset);
++
++ mvOsPrintf("macSrc=0x%04x, digest=0x%04x, macLen=0x%04x, inIv=0x%04x, outIv=0x%04x\n",
++ pDesc->macSrcOffset, pDesc->macDigestOffset, pDesc->macDataLen,
++ pDesc->macInnerIvOffset, pDesc->macOuterIvOffset);
++}
++
++void mvCesaDebugQueue(int mode)
++{
++ mvOsPrintf("\n\t CESA Request Queue:\n\n");
++
++ mvOsPrintf("pFirstReq=%p, pLastReq=%p, qDepth=%d, reqSize=%ld bytes\n",
++ pCesaReqFirst, pCesaReqLast, cesaQueueDepth, sizeof(MV_CESA_REQ));
++
++ mvOsPrintf("pEmpty=%p, pProcess=%p, qResources=%d\n",
++ pCesaReqEmpty, pCesaReqProcess,
++ cesaReqResources);
++
++ if(mode != 0)
++ {
++ int count = 0;
++ MV_CESA_REQ* pReq = pCesaReqFirst;
++
++ for(count=0; count<cesaQueueDepth; count++)
++ {
++ /* Print out requsts */
++ mvOsPrintf("%02d. pReq=%p, state=%s, frag=0x%x, pCmd=%p, pDma=%p, pDesc=%p\n",
++ count, pReq, mvCesaDebugStateStr(pReq->state),
++ pReq->fragMode, pReq->pCmd, pReq->dma[0].pDmaFirst, &pReq->pCesaDesc[0]);
++ if(pReq->fragMode != MV_CESA_FRAG_NONE)
++ {
++ int frag;
++
++ mvOsPrintf("pFrags=%p, num=%d, next=%d, bufOffset=%d, cryptoSize=%d, macSize=%d\n",
++ &pReq->frags, pReq->frags.numFrag, pReq->frags.nextFrag,
++ pReq->frags.bufOffset, pReq->frags.cryptoSize, pReq->frags.macSize);
++ for(frag=0; frag<pReq->frags.numFrag; frag++)
++ {
++ mvOsPrintf("#%d: pDmaFirst=%p, pDesc=%p\n", frag,
++ pReq->dma[frag].pDmaFirst, &pReq->pCesaDesc[frag]);
++ }
++ }
++ if(mode > 1)
++ {
++ /* Print out Command */
++ mvCesaDebugCmd(pReq->pCmd, mode);
++
++ /* Print out Descriptor */
++ mvCesaDebugDescriptor(&pReq->pCesaDesc[0]);
++ }
++ pReq++;
++ }
++ }
++}
++
++
++void mvCesaDebugSramSA(MV_CESA_SRAM_SA* pSramSA, int mode)
++{
++ if(pSramSA == NULL)
++ {
++ mvOsPrintf("cesaSramSA: Unexpected pSramSA=%p\n", pSramSA);
++ return;
++ }
++ mvOsPrintf("pSramSA=%p, sizeSramSA=%ld bytes\n",
++ pSramSA, sizeof(MV_CESA_SRAM_SA));
++
++ if(mode != 0)
++ {
++ mvOsPrintf("cryptoKey=%p, maxCryptoKey=%d bytes\n",
++ pSramSA->cryptoKey, MV_CESA_MAX_CRYPTO_KEY_LENGTH);
++ mvDebugMemDump(pSramSA->cryptoKey, MV_CESA_MAX_CRYPTO_KEY_LENGTH, 1);
++
++ mvOsPrintf("macInnerIV=%p, maxInnerIV=%d bytes\n",
++ pSramSA->macInnerIV, MV_CESA_MAX_DIGEST_SIZE);
++ mvDebugMemDump(pSramSA->macInnerIV, MV_CESA_MAX_DIGEST_SIZE, 1);
++
++ mvOsPrintf("macOuterIV=%p, maxOuterIV=%d bytes\n",
++ pSramSA->macOuterIV, MV_CESA_MAX_DIGEST_SIZE);
++ mvDebugMemDump(pSramSA->macOuterIV, MV_CESA_MAX_DIGEST_SIZE, 1);
++ }
++}
++
++void mvCesaDebugSA(short sid, int mode)
++{
++ MV_CESA_OPERATION oper;
++ MV_CESA_DIRECTION dir;
++ MV_CESA_CRYPTO_ALG cryptoAlg;
++ MV_CESA_CRYPTO_MODE cryptoMode;
++ MV_CESA_MAC_MODE macMode;
++ MV_CESA_SA* pSA = &pCesaSAD[sid];
++
++ if( (pSA->valid) || ((pSA->count != 0) && (mode > 0)) || (mode >= 2) )
++ {
++ mvOsPrintf("\n\nCESA SA Entry #%d (%p) - %s (count=%d)\n",
++ sid, pSA,
++ pSA->valid ? "Valid" : "Invalid", pSA->count);
++
++ oper = (pSA->config & MV_CESA_OPERATION_MASK) >> MV_CESA_OPERATION_OFFSET;
++ dir = (pSA->config & MV_CESA_DIRECTION_MASK) >> MV_CESA_DIRECTION_BIT;
++ mvOsPrintf("%s - %s ", mvCesaDebugOperStr(oper),
++ (dir == MV_CESA_DIR_ENCODE) ? "Encode" : "Decode");
++ if(oper != MV_CESA_MAC_ONLY)
++ {
++ cryptoAlg = (pSA->config & MV_CESA_CRYPTO_ALG_MASK) >> MV_CESA_CRYPTO_ALG_OFFSET;
++ cryptoMode = (pSA->config & MV_CESA_CRYPTO_MODE_MASK) >> MV_CESA_CRYPTO_MODE_BIT;
++ mvOsPrintf("- %s - %s ", mvCesaDebugCryptoAlgStr(cryptoAlg),
++ (cryptoMode == MV_CESA_CRYPTO_ECB) ? "ECB" : "CBC");
++ }
++ if(oper != MV_CESA_CRYPTO_ONLY)
++ {
++ macMode = (pSA->config & MV_CESA_MAC_MODE_MASK) >> MV_CESA_MAC_MODE_OFFSET;
++ mvOsPrintf("- %s ", mvCesaDebugMacModeStr(macMode));
++ }
++ mvOsPrintf("\n");
++
++ if(mode > 0)
++ {
++ mvOsPrintf("config=0x%08x, cryptoKeySize=%d, digestSize=%d\n",
++ pCesaSAD[sid].config, pCesaSAD[sid].cryptoKeyLength,
++ pCesaSAD[sid].digestSize);
++
++ mvCesaDebugSramSA(pCesaSAD[sid].pSramSA, mode);
++ }
++ }
++}
++
++
++/**/
++void mvCesaDebugSram(int mode)
++{
++ mvOsPrintf("\n\t SRAM contents: size=%ld, pVirt=%p\n\n",
++ sizeof(MV_CESA_SRAM_MAP), cesaSramVirtPtr);
++
++ mvOsPrintf("\n\t Sram buffer: size=%d, pVirt=%p\n",
++ MV_CESA_MAX_BUF_SIZE, cesaSramVirtPtr->buf);
++ if(mode != 0)
++ mvDebugMemDump(cesaSramVirtPtr->buf, 64, 1);
++
++ mvOsPrintf("\n");
++ mvOsPrintf("\n\t Sram descriptor: size=%ld, pVirt=%p\n",
++ sizeof(MV_CESA_DESC), &cesaSramVirtPtr->desc);
++ if(mode != 0)
++ {
++ mvOsPrintf("\n");
++ mvCesaDebugDescriptor(&cesaSramVirtPtr->desc);
++ }
++ mvOsPrintf("\n\t Sram IV: size=%d, pVirt=%p\n",
++ MV_CESA_MAX_IV_LENGTH, &cesaSramVirtPtr->cryptoIV);
++ if(mode != 0)
++ {
++ mvOsPrintf("\n");
++ mvDebugMemDump(cesaSramVirtPtr->cryptoIV, MV_CESA_MAX_IV_LENGTH, 1);
++ }
++ mvOsPrintf("\n");
++ mvCesaDebugSramSA(&cesaSramVirtPtr->sramSA, 0);
++}
++
++void mvCesaDebugSAD(int mode)
++{
++ int sid;
++
++ mvOsPrintf("\n\t Cesa SAD status: pSAD=%p, maxSA=%d\n",
++ pCesaSAD, cesaMaxSA);
++
++ for(sid=0; sid<cesaMaxSA; sid++)
++ {
++ mvCesaDebugSA(sid, mode);
++ }
++}
++
++void mvCesaDebugStats(void)
++{
++ mvOsPrintf("\n\t Cesa Statistics\n");
++
++ mvOsPrintf("Opened=%u, Closed=%u\n",
++ cesaStats.openedCount, cesaStats.closedCount);
++ mvOsPrintf("Req=%u, maxReq=%u, frags=%u, start=%u\n",
++ cesaStats.reqCount, cesaStats.maxReqCount,
++ cesaStats.fragCount, cesaStats.startCount);
++#if (MV_CESA_VERSION >= 3)
++ mvOsPrintf("maxChainUsage=%u\n",cesaStats.maxChainUsage);
++#endif
++ mvOsPrintf("\n");
++ mvOsPrintf("proc=%u, ready=%u, notReady=%u\n",
++ cesaStats.procCount, cesaStats.readyCount, cesaStats.notReadyCount);
++}
++
++void mvCesaDebugStatsClear(void)
++{
++ memset(&cesaStats, 0, sizeof(cesaStats));
++}
+diff --git a/crypto/ocf/kirkwood/cesa/mvCesaRegs.h b/crypto/ocf/kirkwood/cesa/mvCesaRegs.h
+new file mode 100644
+index 0000000..6b7ce12
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvCesaRegs.h
+@@ -0,0 +1,357 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++#ifndef __mvCesaRegs_h__
++#define __mvCesaRegs_h__
++
++#include "mvTypes.h"
++
++typedef struct
++{
++ /* word 0 */
++ MV_U32 config;
++ /* word 1 */
++ MV_U16 cryptoSrcOffset;
++ MV_U16 cryptoDstOffset;
++ /* word 2 */
++ MV_U16 cryptoDataLen;
++ MV_U16 reserved1;
++ /* word 3 */
++ MV_U16 cryptoKeyOffset;
++ MV_U16 reserved2;
++ /* word 4 */
++ MV_U16 cryptoIvOffset;
++ MV_U16 cryptoIvBufOffset;
++ /* word 5 */
++ MV_U16 macSrcOffset;
++ MV_U16 macTotalLen;
++ /* word 6 */
++ MV_U16 macDigestOffset;
++ MV_U16 macDataLen;
++ /* word 7 */
++ MV_U16 macInnerIvOffset;
++ MV_U16 macOuterIvOffset;
++
++} MV_CESA_DESC;
++
++/* operation */
++typedef enum
++{
++ MV_CESA_MAC_ONLY = 0,
++ MV_CESA_CRYPTO_ONLY = 1,
++ MV_CESA_MAC_THEN_CRYPTO = 2,
++ MV_CESA_CRYPTO_THEN_MAC = 3,
++
++ MV_CESA_MAX_OPERATION
++
++} MV_CESA_OPERATION;
++
++#define MV_CESA_OPERATION_OFFSET 0
++#define MV_CESA_OPERATION_MASK (0x3 << MV_CESA_OPERATION_OFFSET)
++
++/* mac algorithm */
++typedef enum
++{
++ MV_CESA_MAC_NULL = 0,
++ MV_CESA_MAC_MD5 = 4,
++ MV_CESA_MAC_SHA1 = 5,
++ MV_CESA_MAC_HMAC_MD5 = 6,
++ MV_CESA_MAC_HMAC_SHA1 = 7,
++
++} MV_CESA_MAC_MODE;
++
++#define MV_CESA_MAC_MODE_OFFSET 4
++#define MV_CESA_MAC_MODE_MASK (0x7 << MV_CESA_MAC_MODE_OFFSET)
++
++typedef enum
++{
++ MV_CESA_MAC_DIGEST_FULL = 0,
++ MV_CESA_MAC_DIGEST_96B = 1,
++
++} MV_CESA_MAC_DIGEST_SIZE;
++
++#define MV_CESA_MAC_DIGEST_SIZE_BIT 7
++#define MV_CESA_MAC_DIGEST_SIZE_MASK (1 << MV_CESA_MAC_DIGEST_SIZE_BIT)
++
++
++typedef enum
++{
++ MV_CESA_CRYPTO_NULL = 0,
++ MV_CESA_CRYPTO_DES = 1,
++ MV_CESA_CRYPTO_3DES = 2,
++ MV_CESA_CRYPTO_AES = 3,
++
++} MV_CESA_CRYPTO_ALG;
++
++#define MV_CESA_CRYPTO_ALG_OFFSET 8
++#define MV_CESA_CRYPTO_ALG_MASK (0x3 << MV_CESA_CRYPTO_ALG_OFFSET)
++
++
++/* direction */
++typedef enum
++{
++ MV_CESA_DIR_ENCODE = 0,
++ MV_CESA_DIR_DECODE = 1,
++
++} MV_CESA_DIRECTION;
++
++#define MV_CESA_DIRECTION_BIT 12
++#define MV_CESA_DIRECTION_MASK (1 << MV_CESA_DIRECTION_BIT)
++
++/* crypto IV mode */
++typedef enum
++{
++ MV_CESA_CRYPTO_ECB = 0,
++ MV_CESA_CRYPTO_CBC = 1,
++
++ /* NO HW Support */
++ MV_CESA_CRYPTO_CTR = 10,
++
++} MV_CESA_CRYPTO_MODE;
++
++#define MV_CESA_CRYPTO_MODE_BIT 16
++#define MV_CESA_CRYPTO_MODE_MASK (1 << MV_CESA_CRYPTO_MODE_BIT)
++
++/* 3DES mode */
++typedef enum
++{
++ MV_CESA_CRYPTO_3DES_EEE = 0,
++ MV_CESA_CRYPTO_3DES_EDE = 1,
++
++} MV_CESA_CRYPTO_3DES_MODE;
++
++#define MV_CESA_CRYPTO_3DES_MODE_BIT 20
++#define MV_CESA_CRYPTO_3DES_MODE_MASK (1 << MV_CESA_CRYPTO_3DES_MODE_BIT)
++
++
++/* AES Key Length */
++typedef enum
++{
++ MV_CESA_CRYPTO_AES_KEY_128 = 0,
++ MV_CESA_CRYPTO_AES_KEY_192 = 1,
++ MV_CESA_CRYPTO_AES_KEY_256 = 2,
++
++} MV_CESA_CRYPTO_AES_KEY_LEN;
++
++#define MV_CESA_CRYPTO_AES_KEY_LEN_OFFSET 24
++#define MV_CESA_CRYPTO_AES_KEY_LEN_MASK (0x3 << MV_CESA_CRYPTO_AES_KEY_LEN_OFFSET)
++
++/* Fragmentation mode */
++typedef enum
++{
++ MV_CESA_FRAG_NONE = 0,
++ MV_CESA_FRAG_FIRST = 1,
++ MV_CESA_FRAG_LAST = 2,
++ MV_CESA_FRAG_MIDDLE = 3,
++
++} MV_CESA_FRAG_MODE;
++
++#define MV_CESA_FRAG_MODE_OFFSET 30
++#define MV_CESA_FRAG_MODE_MASK (0x3 << MV_CESA_FRAG_MODE_OFFSET)
++/*---------------------------------------------------------------------------*/
++
++/********** Security Accelerator Command Register **************/
++#define MV_CESA_CMD_REG (MV_CESA_REG_BASE + 0xE00)
++
++#define MV_CESA_CMD_CHAN_ENABLE_BIT 0
++#define MV_CESA_CMD_CHAN_ENABLE_MASK (1 << MV_CESA_CMD_CHAN_ENABLE_BIT)
++
++#define MV_CESA_CMD_CHAN_DISABLE_BIT 2
++#define MV_CESA_CMD_CHAN_DISABLE_MASK (1 << MV_CESA_CMD_CHAN_DISABLE_BIT)
++
++/********** Security Accelerator Descriptor Pointers Register **********/
++#define MV_CESA_CHAN_DESC_OFFSET_REG (MV_CESA_REG_BASE + 0xE04)
++
++/********** Security Accelerator Configuration Register **********/
++#define MV_CESA_CFG_REG (MV_CESA_REG_BASE + 0xE08)
++
++#define MV_CESA_CFG_STOP_DIGEST_ERR_BIT 0
++#define MV_CESA_CFG_STOP_DIGEST_ERR_MASK (1 << MV_CESA_CFG_STOP_DIGEST_ERR_BIT)
++
++#define MV_CESA_CFG_WAIT_DMA_BIT 7
++#define MV_CESA_CFG_WAIT_DMA_MASK (1 << MV_CESA_CFG_WAIT_DMA_BIT)
++
++#define MV_CESA_CFG_ACT_DMA_BIT 9
++#define MV_CESA_CFG_ACT_DMA_MASK (1 << MV_CESA_CFG_ACT_DMA_BIT)
++
++#define MV_CESA_CFG_CHAIN_MODE_BIT 11
++#define MV_CESA_CFG_CHAIN_MODE_MASK (1 << MV_CESA_CFG_CHAIN_MODE_BIT)
++
++/********** Security Accelerator Status Register ***********/
++#define MV_CESA_STATUS_REG (MV_CESA_REG_BASE + 0xE0C)
++
++#define MV_CESA_STATUS_ACTIVE_BIT 0
++#define MV_CESA_STATUS_ACTIVE_MASK (1 << MV_CESA_STATUS_ACTIVE_BIT)
++
++#define MV_CESA_STATUS_DIGEST_ERR_BIT 8
++#define MV_CESA_STATUS_DIGEST_ERR_MASK (1 << MV_CESA_STATUS_DIGEST_ERR_BIT)
++
++
++/* Cryptographic Engines and Security Accelerator Interrupt Cause Register */
++#define MV_CESA_ISR_CAUSE_REG (MV_CESA_REG_BASE + 0xE20)
++
++/* Cryptographic Engines and Security Accelerator Interrupt Mask Register */
++#define MV_CESA_ISR_MASK_REG (MV_CESA_REG_BASE + 0xE24)
++
++#define MV_CESA_CAUSE_AUTH_MASK (1 << 0)
++#define MV_CESA_CAUSE_DES_MASK (1 << 1)
++#define MV_CESA_CAUSE_AES_ENCR_MASK (1 << 2)
++#define MV_CESA_CAUSE_AES_DECR_MASK (1 << 3)
++#define MV_CESA_CAUSE_DES_ALL_MASK (1 << 4)
++
++#define MV_CESA_CAUSE_ACC_BIT 5
++#define MV_CESA_CAUSE_ACC_MASK (1 << MV_CESA_CAUSE_ACC_BIT)
++
++#define MV_CESA_CAUSE_ACC_DMA_BIT 7
++#define MV_CESA_CAUSE_ACC_DMA_MASK (1 << MV_CESA_CAUSE_ACC_DMA_BIT)
++#define MV_CESA_CAUSE_ACC_DMA_ALL_MASK (3 << MV_CESA_CAUSE_ACC_DMA_BIT)
++
++#define MV_CESA_CAUSE_DMA_COMPL_BIT 9
++#define MV_CESA_CAUSE_DMA_COMPL_MASK (1 << MV_CESA_CAUSE_DMA_COMPL_BIT)
++
++#define MV_CESA_CAUSE_DMA_OWN_ERR_BIT 10
++#define MV_CESA_CAUSE_DMA_OWN_ERR_MASK (1 < MV_CESA_CAUSE_DMA_OWN_ERR_BIT)
++
++#define MV_CESA_CAUSE_DMA_CHAIN_PKT_BIT 11
++#define MV_CESA_CAUSE_DMA_CHAIN_PKT_MASK (1 < MV_CESA_CAUSE_DMA_CHAIN_PKT_BIT)
++
++
++#define MV_CESA_AUTH_DATA_IN_REG (MV_CESA_REG_BASE + 0xd38)
++#define MV_CESA_AUTH_BIT_COUNT_LOW_REG (MV_CESA_REG_BASE + 0xd20)
++#define MV_CESA_AUTH_BIT_COUNT_HIGH_REG (MV_CESA_REG_BASE + 0xd24)
++
++#define MV_CESA_AUTH_INIT_VAL_DIGEST_REG(i) (MV_CESA_REG_BASE + 0xd00 + (i<<2))
++
++#define MV_CESA_AUTH_INIT_VAL_DIGEST_A_REG (MV_CESA_REG_BASE + 0xd00)
++#define MV_CESA_AUTH_INIT_VAL_DIGEST_B_REG (MV_CESA_REG_BASE + 0xd04)
++#define MV_CESA_AUTH_INIT_VAL_DIGEST_C_REG (MV_CESA_REG_BASE + 0xd08)
++#define MV_CESA_AUTH_INIT_VAL_DIGEST_D_REG (MV_CESA_REG_BASE + 0xd0c)
++#define MV_CESA_AUTH_INIT_VAL_DIGEST_E_REG (MV_CESA_REG_BASE + 0xd10)
++#define MV_CESA_AUTH_COMMAND_REG (MV_CESA_REG_BASE + 0xd18)
++
++#define MV_CESA_AUTH_ALGORITHM_BIT 0
++#define MV_CESA_AUTH_ALGORITHM_MD5 (0<<AUTH_ALGORITHM_BIT)
++#define MV_CESA_AUTH_ALGORITHM_SHA1 (1<<AUTH_ALGORITHM_BIT)
++
++#define MV_CESA_AUTH_IV_MODE_BIT 1
++#define MV_CESA_AUTH_IV_MODE_INIT (0<<AUTH_IV_MODE_BIT)
++#define MV_CESA_AUTH_IV_MODE_CONTINUE (1<<AUTH_IV_MODE_BIT)
++
++#define MV_CESA_AUTH_DATA_BYTE_SWAP_BIT 2
++#define MV_CESA_AUTH_DATA_BYTE_SWAP_MASK (1<<AUTH_DATA_BYTE_SWAP_BIT)
++
++
++#define MV_CESA_AUTH_IV_BYTE_SWAP_BIT 4
++#define MV_CESA_AUTH_IV_BYTE_SWAP_MASK (1<<AUTH_IV_BYTE_SWAP_BIT)
++
++#define MV_CESA_AUTH_TERMINATION_BIT 31
++#define MV_CESA_AUTH_TERMINATION_MASK (1<<AUTH_TERMINATION_BIT)
++
++
++/*************** TDMA Control Register ************************************************/
++#define MV_CESA_TDMA_CTRL_REG (MV_CESA_TDMA_REG_BASE + 0x840)
++
++#define MV_CESA_TDMA_BURST_32B 3
++#define MV_CESA_TDMA_BURST_128B 4
++
++#define MV_CESA_TDMA_DST_BURST_OFFSET 0
++#define MV_CESA_TDMA_DST_BURST_ALL_MASK (0x7<<MV_CESA_TDMA_DST_BURST_OFFSET)
++#define MV_CESA_TDMA_DST_BURST_MASK(burst) ((burst)<<MV_CESA_TDMA_DST_BURST_OFFSET)
++
++#define MV_CESA_TDMA_OUTSTAND_READ_EN_BIT 4
++#define MV_CESA_TDMA_OUTSTAND_READ_EN_MASK (1<<MV_CESA_TDMA_OUTSTAND_READ_EN_BIT)
++
++#define MV_CESA_TDMA_SRC_BURST_OFFSET 6
++#define MV_CESA_TDMA_SRC_BURST_ALL_MASK (0x7<<MV_CESA_TDMA_SRC_BURST_OFFSET)
++#define MV_CESA_TDMA_SRC_BURST_MASK(burst) ((burst)<<MV_CESA_TDMA_SRC_BURST_OFFSET)
++
++#define MV_CESA_TDMA_CHAIN_MODE_BIT 9
++#define MV_CESA_TDMA_NON_CHAIN_MODE_MASK (1<<MV_CESA_TDMA_CHAIN_MODE_BIT)
++
++#define MV_CESA_TDMA_BYTE_SWAP_BIT 11
++#define MV_CESA_TDMA_BYTE_SWAP_MASK (0 << MV_CESA_TDMA_BYTE_SWAP_BIT)
++#define MV_CESA_TDMA_NO_BYTE_SWAP_MASK (1 << MV_CESA_TDMA_BYTE_SWAP_BIT)
++
++#define MV_CESA_TDMA_ENABLE_BIT 12
++#define MV_CESA_TDMA_ENABLE_MASK (1<<MV_CESA_TDMA_ENABLE_BIT)
++
++#define MV_CESA_TDMA_FETCH_NEXT_DESC_BIT 13
++#define MV_CESA_TDMA_FETCH_NEXT_DESC_MASK (1<<MV_CESA_TDMA_FETCH_NEXT_DESC_BIT)
++
++#define MV_CESA_TDMA_CHAN_ACTIVE_BIT 14
++#define MV_CESA_TDMA_CHAN_ACTIVE_MASK (1<<MV_CESA_TDMA_CHAN_ACTIVE_BIT)
++/*------------------------------------------------------------------------------------*/
++
++#define MV_CESA_TDMA_BYTE_COUNT_REG (MV_CESA_TDMA_REG_BASE + 0x800)
++#define MV_CESA_TDMA_SRC_ADDR_REG (MV_CESA_TDMA_REG_BASE + 0x810)
++#define MV_CESA_TDMA_DST_ADDR_REG (MV_CESA_TDMA_REG_BASE + 0x820)
++#define MV_CESA_TDMA_NEXT_DESC_PTR_REG (MV_CESA_TDMA_REG_BASE + 0x830)
++#define MV_CESA_TDMA_CURR_DESC_PTR_REG (MV_CESA_TDMA_REG_BASE + 0x870)
++
++#define MV_CESA_TDMA_ERROR_CAUSE_REG (MV_CESA_TDMA_REG_BASE + 0x8C0)
++#define MV_CESA_TDMA_ERROR_MASK_REG (MV_CESA_TDMA_REG_BASE + 0x8C4)
++
++
++#endif /* __mvCesaRegs_h__ */
++
+diff --git a/crypto/ocf/kirkwood/cesa/mvCesaTest.c b/crypto/ocf/kirkwood/cesa/mvCesaTest.c
+new file mode 100644
+index 0000000..7463293
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvCesaTest.c
+@@ -0,0 +1,3096 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++#include "mvOs.h"
++
++#if defined(MV_VXWORKS)
++
++#include "sysLib.h"
++#include "logLib.h"
++#include "tickLib.h"
++#include "intLib.h"
++#include "config.h"
++
++
++SEM_ID cesaSemId = NULL;
++SEM_ID cesaWaitSemId = NULL;
++
++#define CESA_TEST_LOCK(flags) flags = intLock()
++#define CESA_TEST_UNLOCK(flags) intUnlock(flags)
++
++#define CESA_TEST_WAIT_INIT() cesaWaitSemId = semBCreate(SEM_Q_PRIORITY, SEM_EMPTY)
++#define CESA_TEST_WAKE_UP() semGive(cesaWaitSemId)
++#define CESA_TEST_WAIT(cond, ms) semTake(cesaWaitSemId, (sysClkRateGet()*ms)/1000)
++
++#define CESA_TEST_TICK_GET() tickGet()
++#define CESA_TEST_TICK_TO_MS(tick) (((tick)*1000)/sysClkRateGet())
++
++#elif defined(MV_LINUX)
++
++#include <linux/wait.h>
++wait_queue_head_t cesaTest_waitq;
++spinlock_t cesaLock;
++
++#define CESA_TEST_LOCK(flags) spin_lock_irqsave( &cesaLock, flags)
++#define CESA_TEST_UNLOCK(flags) spin_unlock_irqrestore( &cesaLock, flags);
++
++#define CESA_TEST_WAIT_INIT() init_waitqueue_head(&cesaTest_waitq)
++#define CESA_TEST_WAKE_UP() wake_up(&cesaTest_waitq)
++#define CESA_TEST_WAIT(cond, ms) wait_event_timeout(cesaTest_waitq, (cond), msecs_to_jiffies(ms))
++
++#define CESA_TEST_TICK_GET() jiffies
++#define CESA_TEST_TICK_TO_MS(tick) jiffies_to_msecs(tick)
++
++#elif defined(MV_NETBSD)
++
++#include <sys/param.h>
++#include <sys/kernel.h>
++static int cesaLock;
++
++#define CESA_TEST_LOCK(flags) flags = splnet()
++#define CESA_TEST_UNLOCK(flags) splx(flags)
++
++#define CESA_TEST_WAIT_INIT() /* nothing */
++#define CESA_TEST_WAKE_UP() wakeup(&cesaLock)
++#define CESA_TEST_WAIT(cond, ms) \
++do { \
++ while (!(cond)) \
++ tsleep(&cesaLock, PWAIT, "cesatest",mstohz(ms)); \
++} while (/*CONSTCOND*/0)
++
++#define CESA_TEST_TICK_GET() hardclock_ticks
++#define CESA_TEST_TICK_TO_MS(tick) ((1000/hz)*(tick))
++
++#define request_irq(i,h,t,n,a) \
++ !mv_intr_establish((i),IPL_NET,(int(*)(void *))(h),(a))
++
++#else
++#error "Only Linux, VxWorks, or NetBSD OS are supported"
++#endif
++
++#include "mvDebug.h"
++
++#include "mvSysHwConfig.h"
++#include "boardEnv/mvBoardEnvLib.h"
++#include "ctrlEnv/sys/mvCpuIf.h"
++#include "cntmr/mvCntmr.h"
++#include "cesa/mvCesa.h"
++#include "cesa/mvCesaRegs.h"
++#include "cesa/mvMD5.h"
++#include "cesa/mvSHA1.h"
++
++#if defined(CONFIG_MV646xx)
++#include "marvell_pic.h"
++#endif
++
++#define MV_CESA_USE_TIMER_ID 0
++#define CESA_DEF_BUF_SIZE 1500
++#define CESA_DEF_BUF_NUM 1
++#define CESA_DEF_SESSION_NUM 32
++
++#define CESA_DEF_ITER_NUM 100
++
++#define CESA_DEF_REQ_SIZE 256
++
++
++/* CESA Tests Debug */
++#undef CESA_TEST_DEBUG
++
++#ifdef CESA_TEST_DEBUG
++
++# define CESA_TEST_DEBUG_PRINT(msg) mvOsPrintf msg
++# define CESA_TEST_DEBUG_CODE(code) code
++
++typedef struct
++{
++ int type; /* 0 - isrEmpty, 1 - cesaReadyGet, 2 - cesaAction */
++ MV_U32 timeStamp;
++ MV_U32 cause;
++ MV_U32 realCause;
++ MV_U32 dmaCause;
++ int resources;
++ MV_CESA_REQ* pReqReady;
++ MV_CESA_REQ* pReqEmpty;
++ MV_CESA_REQ* pReqProcess;
++} MV_CESA_TEST_TRACE;
++
++#define MV_CESA_TEST_TRACE_SIZE 25
++
++static int cesaTestTraceIdx = 0;
++static MV_CESA_TEST_TRACE cesaTestTrace[MV_CESA_TEST_TRACE_SIZE];
++
++static void cesaTestTraceAdd(int type, MV_U32 cause)
++{
++ cesaTestTrace[cesaTestTraceIdx].type = type;
++ cesaTestTrace[cesaTestTraceIdx].cause = cause;
++ cesaTestTrace[cesaTestTraceIdx].realCause = MV_REG_READ(MV_CESA_ISR_CAUSE_REG);
++ cesaTestTrace[cesaTestTraceIdx].dmaCause = MV_REG_READ(IDMA_CAUSE_REG);
++ cesaTestTrace[cesaTestTraceIdx].resources = cesaReqResources;
++ cesaTestTrace[cesaTestTraceIdx].pReqReady = pCesaReqReady;
++ cesaTestTrace[cesaTestTraceIdx].pReqEmpty = pCesaReqEmpty;
++ cesaTestTrace[cesaTestTraceIdx].pReqProcess = pCesaReqProcess;
++ cesaTestTrace[cesaTestTraceIdx].timeStamp = mvCntmrRead(MV_CESA_USE_TIMER_ID);
++ cesaTestTraceIdx++;
++ if(cesaTestTraceIdx == MV_CESA_TEST_TRACE_SIZE)
++ cesaTestTraceIdx = 0;
++}
++
++#else
++
++# define CESA_TEST_DEBUG_PRINT(msg)
++# define CESA_TEST_DEBUG_CODE(code)
++
++#endif /* CESA_TEST_DEBUG */
++
++int cesaExpReqId=0;
++int cesaCbIter=0;
++
++int cesaIdx;
++int cesaIteration;
++int cesaRateSize;
++int cesaReqSize;
++unsigned long cesaTaskId;
++int cesaBufNum;
++int cesaBufSize;
++int cesaCheckOffset;
++int cesaCheckSize;
++int cesaCheckMode;
++int cesaTestIdx;
++int cesaCaseIdx;
++
++
++MV_U32 cesaTestIsrCount = 0;
++MV_U32 cesaTestIsrMissCount = 0;
++
++MV_U32 cesaCryptoError = 0;
++MV_U32 cesaReqIdError = 0;
++MV_U32 cesaError = 0;
++
++char* cesaHexBuffer = NULL;
++
++char* cesaBinBuffer = NULL;
++char* cesaExpBinBuffer = NULL;
++
++char* cesaInputHexStr = NULL;
++char* cesaOutputHexStr = NULL;
++
++MV_BUF_INFO cesaReqBufs[CESA_DEF_REQ_SIZE];
++
++MV_CESA_COMMAND* cesaCmdRing;
++MV_CESA_RESULT cesaResult;
++
++int cesaTestFull = 0;
++
++MV_BOOL cesaIsReady = MV_FALSE;
++MV_U32 cesaCycles = 0;
++MV_U32 cesaBeginTicks = 0;
++MV_U32 cesaEndTicks = 0;
++MV_U32 cesaRate = 0;
++MV_U32 cesaRateAfterDot = 0;
++
++void *cesaTestOSHandle = NULL;
++
++enum
++{
++ CESA_FAST_CHECK_MODE = 0,
++ CESA_FULL_CHECK_MODE,
++ CESA_NULL_CHECK_MODE,
++ CESA_SHOW_CHECK_MODE,
++ CESA_SW_SHOW_CHECK_MODE,
++ CESA_SW_NULL_CHECK_MODE,
++
++ CESA_MAX_CHECK_MODE
++};
++
++enum
++{
++ DES_TEST_TYPE = 0,
++ TRIPLE_DES_TEST_TYPE = 1,
++ AES_TEST_TYPE = 2,
++ MD5_TEST_TYPE = 3,
++ SHA_TEST_TYPE = 4,
++ COMBINED_TEST_TYPE = 5,
++
++ MAX_TEST_TYPE
++};
++
++/* Tests data base */
++typedef struct
++{
++ short sid;
++ char cryptoAlgorithm; /* DES/3DES/AES */
++ char cryptoMode; /* ECB or CBC */
++ char macAlgorithm; /* MD5 / SHA1 */
++ char operation; /* CRYPTO/HMAC/CRYPTO+HMAC/HMAC+CRYPTO */
++ char direction; /* ENCODE(SIGN)/DECODE(VERIFY) */
++ unsigned char* pCryptoKey;
++ int cryptoKeySize;
++ unsigned char* pMacKey;
++ int macKeySize;
++ const char* name;
++
++} MV_CESA_TEST_SESSION;
++
++typedef struct
++{
++ MV_CESA_TEST_SESSION* pSessions;
++ int numSessions;
++
++} MV_CESA_TEST_DB_ENTRY;
++
++typedef struct
++{
++ char* plainHexStr;
++ char* cipherHexStr;
++ unsigned char* pCryptoIV;
++ int cryptoLength;
++ int macLength;
++ int digestOffset;
++
++} MV_CESA_TEST_CASE;
++
++typedef struct
++{
++ int size;
++ const char* outputHexStr;
++
++} MV_CESA_SIZE_TEST;
++
++static unsigned char cryptoKey1[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
++ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
++ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
++
++static unsigned char cryptoKey7[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
++static unsigned char iv1[] = {0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef};
++
++
++static unsigned char cryptoKey2[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
++ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
++
++static unsigned char cryptoKey3[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
++ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
++ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17};
++
++static unsigned char cryptoKey4[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
++ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
++ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
++ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f};
++
++static unsigned char cryptoKey5[] = {0x56, 0xe4, 0x7a, 0x38, 0xc5, 0x59, 0x89, 0x74,
++ 0xbc, 0x46, 0x90, 0x3d, 0xba, 0x29, 0x03, 0x49};
++
++
++static unsigned char key3des1[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
++ 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
++ 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23};
++
++/* Input ASCII string: The quick brown fox jump */
++static char plain3des1[] = "54686520717566636B2062726F776E20666F78206A756D70";
++static char cipher3des1[] = "A826FD8CE53B855FCCE21C8112256FE668D5C05DD9B6B900";
++
++static unsigned char key3des2[] = {0x62, 0x7f, 0x46, 0x0e, 0x08, 0x10, 0x4a, 0x10,
++ 0x43, 0xcd, 0x26, 0x5d, 0x58, 0x40, 0xea, 0xf1,
++ 0x31, 0x3e, 0xdf, 0x97, 0xdf, 0x2a, 0x8a, 0x8c};
++
++static unsigned char iv3des2[] = {0x8e, 0x29, 0xf7, 0x5e, 0xa7, 0x7e, 0x54, 0x75};
++
++static char plain3des2[] = "326a494cd33fe756";
++
++static char cipher3desCbc2[] = "8e29f75ea77e5475"
++ "b22b8d66de970692";
++
++static unsigned char key3des3[] = {0x37, 0xae, 0x5e, 0xbf, 0x46, 0xdf, 0xf2, 0xdc,
++ 0x07, 0x54, 0xb9, 0x4f, 0x31, 0xcb, 0xb3, 0x85,
++ 0x5e, 0x7f, 0xd3, 0x6d, 0xc8, 0x70, 0xbf, 0xae};
++
++static unsigned char iv3des3[] = {0x3d, 0x1d, 0xe3, 0xcc, 0x13, 0x2e, 0x3b, 0x65};
++
++static char plain3des3[] = "84401f78fe6c10876d8ea23094ea5309";
++
++static char cipher3desCbc3[] = "3d1de3cc132e3b65"
++ "7b1f7c7e3b1c948ebd04a75ffba7d2f5";
++
++static unsigned char iv5[] = {0x8c, 0xe8, 0x2e, 0xef, 0xbe, 0xa0, 0xda, 0x3c,
++ 0x44, 0x69, 0x9e, 0xd7, 0xdb, 0x51, 0xb7, 0xd9};
++
++static unsigned char aesCtrKey[] = {0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8,
++ 0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC};
++
++static unsigned char mdKey1[] = {0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
++ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
++
++static unsigned char mdKey2[] = {0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
++ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa};
++
++static unsigned char shaKey1[] = {0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
++ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
++ 0x0b, 0x0b, 0x0b, 0x0b};
++
++static unsigned char shaKey2[] = {0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
++ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
++ 0xaa, 0xaa, 0xaa, 0xaa};
++
++static unsigned char mdKey4[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10};
++
++static unsigned char shaKey4[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
++ 0x11, 0x12, 0x13, 0x14};
++
++
++static MV_CESA_TEST_SESSION desTestSessions[] =
++{
++/*000*/ {-1, MV_CESA_CRYPTO_DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey7, sizeof(cryptoKey7)/sizeof(cryptoKey7[0]),
++ NULL, 0,
++ "DES ECB encode",
++ },
++/*001*/ {-1, MV_CESA_CRYPTO_DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_DECODE,
++ cryptoKey7, sizeof(cryptoKey7)/sizeof(cryptoKey7[0]),
++ NULL, 0,
++ "DES ECB decode",
++ },
++/*002*/ {-1, MV_CESA_CRYPTO_DES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey7, sizeof(cryptoKey7)/sizeof(cryptoKey7[0]),
++ NULL, 0,
++ "DES CBC encode"
++ },
++/*003*/ {-1, MV_CESA_CRYPTO_DES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_DECODE,
++ cryptoKey7, sizeof(cryptoKey7)/sizeof(cryptoKey7[0]),
++ NULL, 0,
++ "DES CBC decode"
++ },
++/*004*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ NULL, 0, NULL, 0,
++ "NULL Crypto Algorithm encode"
++ },
++};
++
++
++static MV_CESA_TEST_SESSION tripleDesTestSessions[] =
++{
++/*100*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey1, sizeof(cryptoKey1)/sizeof(cryptoKey1[0]),
++ NULL, 0,
++ "3DES ECB encode",
++ },
++/*101*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_DECODE,
++ cryptoKey1, sizeof(cryptoKey1)/sizeof(cryptoKey1[0]),
++ NULL, 0,
++ "3DES ECB decode",
++ },
++/*102*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey1, sizeof(cryptoKey1)/sizeof(cryptoKey1[0]),
++ NULL, 0,
++ "3DES CBC encode"
++ },
++/*103*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_DECODE,
++ cryptoKey1, sizeof(cryptoKey1)/sizeof(cryptoKey1[0]),
++ NULL, 0,
++ "3DES CBC decode"
++ },
++/*104*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ key3des1, sizeof(key3des1),
++ NULL, 0,
++ "3DES ECB encode"
++ },
++/*105*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ key3des2, sizeof(key3des2),
++ NULL, 0,
++ "3DES ECB encode"
++ },
++/*106*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ key3des3, sizeof(key3des3),
++ NULL, 0,
++ "3DES ECB encode"
++ },
++};
++
++
++static MV_CESA_TEST_SESSION aesTestSessions[] =
++{
++/*200*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey2, sizeof(cryptoKey2)/sizeof(cryptoKey2[0]),
++ NULL, 0,
++ "AES-128 ECB encode"
++ },
++/*201*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_DECODE,
++ cryptoKey2, sizeof(cryptoKey2)/sizeof(cryptoKey2[0]),
++ NULL, 0,
++ "AES-128 ECB decode"
++ },
++/*202*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey5, sizeof(cryptoKey5)/sizeof(cryptoKey5[0]),
++ NULL, 0,
++ "AES-128 CBC encode"
++ },
++/*203*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_DECODE,
++ cryptoKey5, sizeof(cryptoKey5)/sizeof(cryptoKey5[0]),
++ NULL, 0,
++ "AES-128 CBC decode"
++ },
++/*204*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey3, sizeof(cryptoKey3)/sizeof(cryptoKey3[0]),
++ NULL, 0,
++ "AES-192 ECB encode"
++ },
++/*205*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_DECODE,
++ cryptoKey3, sizeof(cryptoKey3)/sizeof(cryptoKey3[0]),
++ NULL, 0,
++ "AES-192 ECB decode"
++ },
++/*206*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey4, sizeof(cryptoKey4)/sizeof(cryptoKey4[0]),
++ NULL, 0,
++ "AES-256 ECB encode"
++ },
++/*207*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_DECODE,
++ cryptoKey4, sizeof(cryptoKey4)/sizeof(cryptoKey4[0]),
++ NULL, 0,
++ "AES-256 ECB decode"
++ },
++/*208*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_CTR,
++ MV_CESA_MAC_NULL, MV_CESA_CRYPTO_ONLY,
++ MV_CESA_DIR_ENCODE,
++ aesCtrKey, sizeof(aesCtrKey)/sizeof(aesCtrKey[0]),
++ NULL, 0,
++ "AES-128 CTR encode"
++ },
++};
++
++
++static MV_CESA_TEST_SESSION md5TestSessions[] =
++{
++/*300*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_ENCODE,
++ NULL, 0,
++ mdKey1, sizeof(mdKey1),
++ "HMAC-MD5 Generate Signature"
++ },
++/*301*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_DECODE,
++ NULL, 0,
++ mdKey1, sizeof(mdKey1),
++ "HMAC-MD5 Verify Signature"
++ },
++/*302*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_ENCODE,
++ NULL, 0,
++ mdKey2, sizeof(mdKey2),
++ "HMAC-MD5 Generate Signature"
++ },
++/*303*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_DECODE,
++ NULL, 0,
++ mdKey2, sizeof(mdKey2),
++ "HMAC-MD5 Verify Signature"
++ },
++/*304*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_ENCODE,
++ NULL, 0,
++ mdKey4, sizeof(mdKey4),
++ "HMAC-MD5 Generate Signature"
++ },
++/*305*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_MD5, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_ENCODE,
++ NULL, 0,
++ NULL, 0,
++ "HASH-MD5 Generate Signature"
++ },
++};
++
++
++static MV_CESA_TEST_SESSION shaTestSessions[] =
++{
++/*400*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_SHA1, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_ENCODE,
++ NULL, 0,
++ shaKey1, sizeof(shaKey1),
++ "HMAC-SHA1 Generate Signature"
++ },
++/*401*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_SHA1, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_DECODE,
++ NULL, 0,
++ shaKey1, sizeof(shaKey1),
++ "HMAC-SHA1 Verify Signature"
++ },
++/*402*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_SHA1, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_ENCODE,
++ NULL, 0,
++ shaKey2, sizeof(shaKey2),
++ "HMAC-SHA1 Generate Signature"
++ },
++/*403*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_SHA1, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_DECODE,
++ NULL, 0,
++ shaKey2, sizeof(shaKey2),
++ "HMAC-SHA1 Verify Signature"
++ },
++/*404*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_SHA1, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_ENCODE,
++ NULL, 0,
++ shaKey4, sizeof(shaKey4),
++ "HMAC-SHA1 Generate Signature"
++ },
++/*405*/ {-1, MV_CESA_CRYPTO_NULL, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_SHA1, MV_CESA_MAC_ONLY,
++ MV_CESA_DIR_ENCODE,
++ NULL, 0,
++ NULL, 0,
++ "HASH-SHA1 Generate Signature"
++ },
++};
++
++static MV_CESA_TEST_SESSION combinedTestSessions[] =
++{
++/*500*/ {-1, MV_CESA_CRYPTO_DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_CRYPTO_THEN_MAC,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey1, MV_CESA_DES_KEY_LENGTH,
++ mdKey4, sizeof(mdKey4),
++ "DES + MD5 encode"
++ },
++/*501*/ {-1, MV_CESA_CRYPTO_DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_SHA1, MV_CESA_CRYPTO_THEN_MAC,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey1, MV_CESA_DES_KEY_LENGTH,
++ shaKey4, sizeof(shaKey4),
++ "DES + SHA1 encode"
++ },
++/*502*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_CRYPTO_THEN_MAC,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey1, sizeof(cryptoKey1)/sizeof(cryptoKey1[0]),
++ mdKey4, sizeof(mdKey4),
++ "3DES + MD5 encode"
++ },
++/*503*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_SHA1, MV_CESA_CRYPTO_THEN_MAC,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey1, sizeof(cryptoKey1)/sizeof(cryptoKey1[0]),
++ shaKey4, sizeof(shaKey4),
++ "3DES + SHA1 encode"
++ },
++/*504*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_CRYPTO_THEN_MAC,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey1, sizeof(cryptoKey1)/sizeof(cryptoKey1[0]),
++ mdKey4, sizeof(mdKey4),
++ "3DES CBC + MD5 encode"
++ },
++/*505*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_HMAC_SHA1, MV_CESA_CRYPTO_THEN_MAC,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey1, sizeof(cryptoKey1)/sizeof(cryptoKey1[0]),
++ shaKey4, sizeof(shaKey4),
++ "3DES CBC + SHA1 encode"
++ },
++/*506*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_CRYPTO_THEN_MAC,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey5, sizeof(cryptoKey5)/sizeof(cryptoKey5[0]),
++ mdKey4, sizeof(mdKey4),
++ "AES-128 CBC + MD5 encode"
++ },
++/*507*/ {-1, MV_CESA_CRYPTO_AES, MV_CESA_CRYPTO_CBC,
++ MV_CESA_MAC_HMAC_SHA1, MV_CESA_CRYPTO_THEN_MAC,
++ MV_CESA_DIR_ENCODE,
++ cryptoKey5, sizeof(cryptoKey5)/sizeof(cryptoKey5[0]),
++ shaKey4, sizeof(shaKey4),
++ "AES-128 CBC + SHA1 encode"
++ },
++/*508*/ {-1, MV_CESA_CRYPTO_3DES, MV_CESA_CRYPTO_ECB,
++ MV_CESA_MAC_HMAC_MD5, MV_CESA_MAC_THEN_CRYPTO,
++ MV_CESA_DIR_DECODE,
++ cryptoKey1, sizeof(cryptoKey1)/sizeof(cryptoKey1[0]),
++ mdKey4, sizeof(mdKey4),
++ "HMAC-MD5 + 3DES decode"
++ },
++};
++
++
++static MV_CESA_TEST_DB_ENTRY cesaTestsDB[MAX_TEST_TYPE+1] =
++{
++ { desTestSessions, sizeof(desTestSessions)/sizeof(desTestSessions[0]) },
++ { tripleDesTestSessions, sizeof(tripleDesTestSessions)/sizeof(tripleDesTestSessions[0]) },
++ { aesTestSessions, sizeof(aesTestSessions)/sizeof(aesTestSessions[0]) },
++ { md5TestSessions, sizeof(md5TestSessions)/sizeof(md5TestSessions[0]) },
++ { shaTestSessions, sizeof(shaTestSessions)/sizeof(shaTestSessions[0]) },
++ { combinedTestSessions, sizeof(combinedTestSessions)/sizeof(combinedTestSessions[0]) },
++ { NULL, 0 }
++};
++
++
++char cesaNullPlainHexText[] = "000000000000000000000000000000000000000000000000";
++
++char cesaPlainAsciiText[] = "Now is the time for all ";
++char cesaPlainHexEbc[] = "4e6f77206973207468652074696d6520666f7220616c6c20";
++char cesaCipherHexEcb[] = "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53";
++char cesaPlainHexCbc[] = "1234567890abcdef4e6f77206973207468652074696d6520666f7220616c6c20";
++char cesaCipherHexCbc[] = "1234567890abcdefe5c7cdde872bf27c43e934008c389c0f683788499a7c05f6";
++
++char cesaAesPlainHexEcb[] = "000102030405060708090a0b0c0d0e0f";
++char cesaAes128cipherHexEcb[] = "0a940bb5416ef045f1c39458c653ea5a";
++char cesaAes192cipherHexEcb[] = "0060bffe46834bb8da5cf9a61ff220ae";
++char cesaAes256cipherHexEcb[] = "5a6e045708fb7196f02e553d02c3a692";
++
++char cesaAsciiStr1[] = "Hi There";
++char cesaDataHexStr1[] = "4869205468657265";
++char cesaHmacMd5digestHex1[] = "9294727a3638bb1c13f48ef8158bfc9d";
++char cesaHmacSha1digestHex1[] = "b617318655057264e28bc0b6fb378c8ef146be00";
++char cesaDataAndMd5digest1[] = "48692054686572659294727a3638bb1c13f48ef8158bfc9d";
++char cesaDataAndSha1digest1[] = "4869205468657265b617318655057264e28bc0b6fb378c8ef146be00";
++
++char cesaAesPlainText[] = "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf"
++ "b0b1b2b3b4b5b6b7b8b9babbbcbdbebf"
++ "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf"
++ "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf";
++
++char cesaAes128CipherCbc[] = "c30e32ffedc0774e6aff6af0869f71aa"
++ "0f3af07a9a31a9c684db207eb0ef8e4e"
++ "35907aa632c3ffdf868bb7b29d3d46ad"
++ "83ce9f9a102ee99d49a53e87f4c3da55";
++
++char cesaAesIvPlainText[] = "8ce82eefbea0da3c44699ed7db51b7d9"
++ "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf"
++ "b0b1b2b3b4b5b6b7b8b9babbbcbdbebf"
++ "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf"
++ "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf";
++
++char cesaAes128IvCipherCbc[] = "8ce82eefbea0da3c44699ed7db51b7d9"
++ "c30e32ffedc0774e6aff6af0869f71aa"
++ "0f3af07a9a31a9c684db207eb0ef8e4e"
++ "35907aa632c3ffdf868bb7b29d3d46ad"
++ "83ce9f9a102ee99d49a53e87f4c3da55";
++
++char cesaAesCtrPlain[] = "00E0017B27777F3F4A1786F000000001"
++ "000102030405060708090A0B0C0D0E0F"
++ "101112131415161718191A1B1C1D1E1F"
++ "20212223";
++
++char cesaAesCtrCipher[] = "00E0017B27777F3F4A1786F000000001"
++ "C1CF48A89F2FFDD9CF4652E9EFDB72D7"
++ "4540A42BDE6D7836D59A5CEAAEF31053"
++ "25B2072F";
++
++
++
++/* Input cesaHmacHex3 is '0xdd' repeated 50 times */
++char cesaHmacMd5digestHex3[] = "56be34521d144c88dbb8c733f0e8b3f6";
++char cesaHmacSha1digestHex3[] = "125d7342b9ac11cd91a39af48aa17b4f63f175d3";
++char cesaDataHexStr3[50*2+1] = "";
++char cesaDataAndMd5digest3[sizeof(cesaDataHexStr3)+sizeof(cesaHmacMd5digestHex3)+8*2+1] = "";
++char cesaDataAndSha1digest3[sizeof(cesaDataHexStr3)+sizeof(cesaHmacSha1digestHex3)+8*2+1] = "";
++
++/* Ascii string is "abc" */
++char hashHexStr3[] = "616263";
++char hashMd5digest3[] = "900150983cd24fb0d6963f7d28e17f72";
++char hashSha1digest3[] = "a9993e364706816aba3e25717850c26c9cd0d89d";
++
++char hashHexStr80[] = "31323334353637383930"
++ "31323334353637383930"
++ "31323334353637383930"
++ "31323334353637383930"
++ "31323334353637383930"
++ "31323334353637383930"
++ "31323334353637383930"
++ "31323334353637383930";
++
++char hashMd5digest80[] = "57edf4a22be3c955ac49da2e2107b67a";
++
++char tripleDesThenMd5digest80[] = "b7726a03aad490bd6c5a452a89a1b271";
++char tripleDesThenSha1digest80[] = "b2ddeaca91030eab5b95a234ef2c0f6e738ff883";
++
++char cbc3desThenMd5digest80[] = "6f463057e1a90e0e91ae505b527bcec0";
++char cbc3desThenSha1digest80[] = "1b002ed050be743aa98860cf35659646bb8efcc0";
++
++char cbcAes128ThenMd5digest80[] = "6b6e863ac5a71d15e3e9b1c86c9ba05f";
++char cbcAes128ThenSha1digest80[] = "13558472d1fc1c90dffec6e5136c7203452d509b";
++
++
++static MV_CESA_TEST_CASE cesaTestCases[] =
++{
++ /* plainHexStr cipherHexStr IV crypto mac digest */
++ /* Length Length Offset */
++ /*0*/ { NULL, NULL, NULL, 0, 0, -1 },
++ /*1*/ { cesaPlainHexEbc, cesaCipherHexEcb, NULL, 24, 0, -1 },
++ /*2*/ { cesaPlainHexCbc, cesaCipherHexCbc, NULL, 24, 0, -1 },
++ /*3*/ { cesaAesPlainHexEcb, cesaAes128cipherHexEcb, NULL, 16, 0, -1 },
++ /*4*/ { cesaAesPlainHexEcb, cesaAes192cipherHexEcb, NULL, 16, 0, -1 },
++ /*5*/ { cesaAesPlainHexEcb, cesaAes256cipherHexEcb, NULL, 16, 0, -1 },
++ /*6*/ { cesaDataHexStr1, cesaHmacMd5digestHex1, NULL, 0, 8, -1 },
++ /*7*/ { NULL, cesaDataAndMd5digest1, NULL, 0, 8, -1 },
++ /*8*/ { cesaDataHexStr3, cesaHmacMd5digestHex3, NULL, 0, 50, -1 },
++ /*9*/ { NULL, cesaDataAndMd5digest3, NULL, 0, 50, -1 },
++/*10*/ { cesaAesPlainText, cesaAes128IvCipherCbc, iv5, 64, 0, -1 },
++/*11*/ { cesaDataHexStr1, cesaHmacSha1digestHex1, NULL, 0, 8, -1 },
++/*12*/ { NULL, cesaDataAndSha1digest1, NULL, 0, 8, -1 },
++/*13*/ { cesaDataHexStr3, cesaHmacSha1digestHex3, NULL, 0, 50, -1 },
++/*14*/ { NULL, cesaDataAndSha1digest3, NULL, 0, 50, -1 },
++/*15*/ { hashHexStr3, hashMd5digest3, NULL, 0, 3, -1 },
++/*16*/ { hashHexStr3, hashSha1digest3, NULL, 0, 3, -1 },
++/*17*/ { hashHexStr80, tripleDesThenMd5digest80, NULL, 80, 80, -1 },
++/*18*/ { hashHexStr80, tripleDesThenSha1digest80, NULL, 80, 80, -1 },
++/*19*/ { hashHexStr80, cbc3desThenMd5digest80, iv1, 80, 80, -1 },
++/*20*/ { hashHexStr80, cbc3desThenSha1digest80, iv1, 80, 80, -1 },
++/*21*/ { hashHexStr80, cbcAes128ThenMd5digest80, iv5, 80, 80, -1 },
++/*22*/ { hashHexStr80, cbcAes128ThenSha1digest80, iv5, 80, 80, -1 },
++/*23*/ { cesaAesCtrPlain, cesaAesCtrCipher, NULL, 36, 0, -1 },
++/*24*/ { cesaAesIvPlainText, cesaAes128IvCipherCbc, NULL, 64, 0, -1 },
++/*25*/ { plain3des1, cipher3des1, NULL, 0, 0, -1 },
++/*26*/ { plain3des2, cipher3desCbc2, iv3des2,0, 0, -1 },
++/*27*/ { plain3des3, cipher3desCbc3, iv3des3,0, 0, -1 },
++};
++
++
++/* Key = 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
++ * 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
++ * Input 0xdd repeated "size" times
++ */
++static MV_CESA_SIZE_TEST mdMultiSizeTest302[] =
++{
++ { 80, "7a031a640c14a4872814930b1ef3a5b2" },
++ { 512, "5488e6c5a14dc72a79f28312ca5b939b" },
++ { 1000, "d00814f586a8b78a05724239d2531821" },
++ { 1001, "bf07df7b7f49d3f5b5ecacd4e9e63281" },
++ { 1002, "1ed4a1a802e87817a819d4e37bb4d0f7" },
++ { 1003, "5972ab64a4f265ee371dac2f2f137f90" },
++ { 1004, "71f95e7ec3aa7df2548e90898abdb28e" },
++ { 1005, "e082790b4857fcfc266e92e59e608814" },
++ { 1006, "9500f02fd8ac7fde8b10e4fece9a920d" },
++ { 1336, "e42edcce57d0b75b01aa09d71427948b" },
++ { 1344, "bb5454ada0deb49ba0a97ffd60f57071" },
++ { 1399, "0f44d793e744b24d53f44f295082ee8c" },
++ { 1400, "359de8a03a9b707928c6c60e0e8d79f1" },
++ { 1401, "e913858b484cbe2b384099ea88d8855b" },
++ { 1402, "d9848a164af53620e0540c1d7d87629e" },
++ { 1403, "0c9ee1c2c9ef45e9b625c26cbaf3e822" },
++ { 1404, "12edd4f609416e3c936170360561b064" },
++ { 1405, "7fc912718a05446395345009132bf562" },
++ { 1406, "882f17425e579ff0d85a91a59f308aa0" },
++ { 1407, "005cae408630a2fb5db82ad9db7e59da" },
++ { 1408, "64655f8b404b3fea7a3e3e609bc5088f" },
++ { 1409, "4a145284a7f74e01b6bb1a0ec6a0dd80" },
++ { 2048, "67caf64475650732def374ebb8bde3fd" },
++ { 2049, "6c84f11f472825f7e6cd125c2981884b" },
++ { 2050, "8999586754a73a99efbe4dbad2816d41" },
++ { 2051, "ba6946b610e098d286bc81091659dfff" },
++ { 2052, "d0afa01c92d4d13def2b024f36faed83" },
++ { 3072, "61d8beac61806afa2585d74a9a0e6974" },
++ { 3074, "f6501a28dcc24d1e4770505c51a87ed3" },
++ { 3075, "ea4a6929be67e33e61ff475369248b73" },
++ { 4048, "aa8c4d68f282a07e7385acdfa69f4bed" },
++ { 4052, "afb5ed2c0e1d430ea59e59ed5ed6b18a" },
++ { 4058, "9e8553f9bdd43aebe0bd729f0e600c99" },
++ { 6144, "f628f3e5d183fe5cdd3a5abee39cf872" },
++ { 6150, "89a3efcea9a2f25f919168ad4a1fd292" },
++ { 6400, "cdd176b7fb747873efa4da5e32bdf88f" },
++ { 6528, "b1d707b027354aca152c45ee559ccd3f" },
++ { 8192, "c600ea4429ac47f9941f09182166e51a" },
++ {16384, "16e8754bfbeb4c649218422792267a37" },
++ {18432, "0fd0607521b0aa8b52219cfbe215f63e" },
++ { 0, NULL },
++};
++
++/* Key = 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ * 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ */
++static MV_CESA_SIZE_TEST mdMultiSizeTest304[] =
++{
++ { 80, "a456c4723fee6068530af5a2afa71627" },
++ { 512, "f85c2a2344f5de68b432208ad13e5794" },
++ { 1000, "35464d6821fd4a293a41eb84e274c8c5" },
++ { 1001, "c08eedbdce60cceb54bc2d732bb32c8b" },
++ { 1002, "5664f71800c011cc311cb6943339c1b8" },
++ { 1003, "779c723b044c585dc7802b13e8501bdc" },
++ { 1004, "55e500766a2c307bc5c5fdd15e4cacd4" },
++ { 1005, "d5f978954f5c38529d1679d2b714f068" },
++ { 1006, "cd3efc827ce628b7281b72172693abf9" },
++ { 1336, "6f04479910785878ae6335b8d1e87edf" },
++ { 1344, "b6d27b50c2bce1ba2a8e1b5cc4324368" },
++ { 1399, "65f70a1d4c86e5eaeb0704c8a7816795" },
++ { 1400, "3394b5adc4cb3ff98843ca260a44a88a" },
++ { 1401, "3a06f3582033a66a4e57e0603ce94e74" },
++ { 1402, "e4d97f5ed51edc48abfa46eeb5c31752" },
++ { 1403, "3d05e40b080ee3bedf293cb87b7140e7" },
++ { 1404, "8cf294fc3cd153ab18dccb2a52cbf244" },
++ { 1405, "d1487bd42f6edd9b4dab316631159221" },
++ { 1406, "0527123b6bf6936cf5d369dc18c6c70f" },
++ { 1407, "3224a06639db70212a0cd1ae1fcc570a" },
++ { 1408, "a9e13335612c0356f5e2c27086e86c43" },
++ { 1409, "a86d1f37d1ed8a3552e9a4f04dceea98" },
++ { 2048, "396905c9b961cd0f6152abfb69c4449c" },
++ { 2049, "49f39bff85d9dcf059fadb89efc4a70f" },
++ { 2050, "3a2b4823bc4d0415656550226a63e34a" },
++ { 2051, "dec60580d406c782540f398ad0bcc7e0" },
++ { 2052, "32f76610a14310309eb748fe025081bf" },
++ { 3072, "45edc1a42bf9d708a621076b63b774da" },
++ { 3074, "9be1b333fe7c0c9f835fb369dc45f778" },
++ { 3075, "8c06fcac7bd0e7b7a17fd6508c09a549" },
++ { 4048, "0ddaef848184bf0ad98507a10f1e90e4" },
++ { 4052, "81976bcaeb274223983996c137875cb8" },
++ { 4058, "0b0a7a1c82bc7cbc64d8b7cd2dc2bb22" },
++ { 6144, "1c24056f52725ede2dff0d7f9fc9855f" },
++ { 6150, "b7f4b65681c4e43ee68ca466ca9ca4ec" },
++ { 6400, "443bbaab9f7331ddd4bf11b659cd43c8" },
++ { 6528, "216f44f23047cfee03a7a64f88f9a995" },
++ { 8192, "ac7a993b2cad54879dba1bde63e39097" },
++ { 8320, "55ed7be9682d6c0025b3221a62088d08" },
++ {16384, "c6c722087653b62007aea668277175e5" },
++ {18432, "f1faca8e907872c809e14ffbd85792d6" },
++ { 0, NULL },
++};
++
++/* HASH-MD5
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ * repeated "size" times
++ */
++static MV_CESA_SIZE_TEST mdMultiSizeTest305[] =
++{
++ { 80, "57edf4a22be3c955ac49da2e2107b67a" },
++ { 512, "c729ae8f0736cc377a9767a660eaa04e" },
++ { 1000, "f1257a8659eb92d36fe14c6bf3852a6a" },
++ { 1001, "f8a46fe8ea04fdc8c7de0e84042d3878" },
++ { 1002, "da188dd67bff87d58aa3c02af2d0cc0f" },
++ { 1003, "961753017feee04c9b93a8e51658a829" },
++ { 1004, "dd68c4338608dcc87807a711636bf2af" },
++ { 1005, "e338d567d3ce66bf69ada29658a8759b" },
++ { 1006, "443c9811e8b92599b0b149e8d7ec700a" },
++ { 1336, "89a98511706008ba4cbd0b4a24fa5646" },
++ { 1344, "335a919805f370b9e402a62c6fe01739" },
++ { 1399, "5d18d0eddcd84212fe28d812b5e80e3b" },
++ { 1400, "6b695c240d2dffd0dffc99459ca76db6" },
++ { 1401, "49590f61298a76719bc93a57a30136f5" },
++ { 1402, "94c2999fa3ef1910a683d69b2b8476f2" },
++ { 1403, "37073a02ab00ecba2645c57c228860db" },
++ { 1404, "1bcd06994fce28b624f0c5fdc2dcdd2b" },
++ { 1405, "11b93671a64c95079e8cf9e7cddc8b3d" },
++ { 1406, "4b6695772a4c66313fa4871017d05f36" },
++ { 1407, "d1539b97fbfda1c075624e958de19c5b" },
++ { 1408, "b801b9b69920907cd018e8063092ede9" },
++ { 1409, "b765f1406cfe78e238273ed01bbcaf7e" },
++ { 2048, "1d7e2c64ac29e2b3fb4c272844ed31f5" },
++ { 2049, "71d38fac49c6b1f4478d8d88447bcdd0" },
++ { 2050, "141c34a5592b1bebfa731e0b23d0cdba" },
++ { 2051, "c5e1853f21c59f5d6039bd13d4b380d8" },
++ { 2052, "dd44a0d128b63d4b5cccd967906472d7" },
++ { 3072, "37d158e33b21390822739d13db7b87fe" },
++ { 3074, "aef3b209d01d39d0597fe03634bbf441" },
++ { 3075, "335ffb428eabf210bada96d74d5a4012" },
++ { 4048, "2434c2b43d798d2819487a886261fc64" },
++ { 4052, "ac2fa84a8a33065b2e92e36432e861f8" },
++ { 4058, "856781f85616c341c3533d090c1e1e84" },
++ { 6144, "e5d134c652c18bf19833e115f7a82e9b" },
++ { 6150, "a09a353be7795fac2401dac5601872e6" },
++ { 6400, "08b9033ac6a1821398f50af75a2dbc83" },
++ { 6528, "3d47aa193a8540c091e7e02f779e6751" },
++ { 8192, "d3164e710c0626f6f395b38f20141cb7" },
++ { 8320, "b727589d9183ff4e8491dd24466974a3" },
++ {16384, "3f54d970793d2274d5b20d10a69938ac" },
++ {18432, "f558511dcf81985b7a1bb57fad970531" },
++ { 0, NULL },
++};
++
++
++/* Key = 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
++ * 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
++ * 0xaa, 0xaa, 0xaa, 0xaa
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ */
++static MV_CESA_SIZE_TEST shaMultiSizeTest402[] =
++{
++ { 80, "e812f370e659705a1649940d1f78cd7af18affd3" },
++ { 512, "e547f886b2c15d995ed76a8a924cb408c8080f66" },
++ { 1000, "239443194409f1a5342ecde1a092c8f3a3ed790a" },
++ { 1001, "f278ab9a102850a9f48dc4e9e6822afe2d0c52b5" },
++ { 1002, "8bcc667df5ab6ece988b3af361d09747c77f4e72" },
++ { 1003, "0fae6046c7dc1d3e356b25af836f6077a363f338" },
++ { 1004, "0ea48401cc92ae6bc92ae76685269cb0167fbe1a" },
++ { 1005, "ecbcd7c879b295bafcd8766cbeac58cc371e31d1" },
++ { 1006, "eb4a4a3d07d1e9a15e6f1ab8a9c47f243e27324c" },
++ { 1336, "f5950ee1d77c10e9011d2149699c9366fe52529c" },
++ { 1344, "b04263604a63c351b0b3b9cf1785b4bdba6c8838" },
++ { 1399, "8cb1cff61d5b784045974a2fc69386e3b8d24218" },
++ { 1400, "9bb2f3fcbeddb2b90f0be797cd647334a2816d51" },
++ { 1401, "23ae462a7a0cb440f7445791079a5d75a535dd33" },
++ { 1402, "832974b524a4d3f9cc2f45a3cabf5ccef65cd2aa" },
++ { 1403, "d1c683742fe404c3c20d5704a5430e7832a7ec95" },
++ { 1404, "867c79042e64f310628e219d8b85594cd0c7adc3" },
++ { 1405, "c9d81d49d13d94358f56ccfd61af02b36c69f7c3" },
++ { 1406, "0df43daab2786172f9b8d07d61f14a070cf1287a" },
++ { 1407, "0fd8f3ad7f169534b274d4c66bbddd89f759e391" },
++ { 1408, "3987511182b18473a564436003139b808fa46343" },
++ { 1409, "ef667e063c9e9f539a8987a8d0bd3066ee85d901" },
++ { 2048, "921109c99f3fedaca21727156d5f2b4460175327" },
++ { 2049, "47188600dd165eb45f27c27196d3c46f4f042c1b" },
++ { 2050, "8831939904009338de10e7fa670847041387807d" },
++ { 2051, "2f8ebb5db2997d614e767be1050366f3641e7520" },
++ { 2052, "669e51cd730dae158d3bef8adba075bd95a0d011" },
++ { 3072, "cfee66cfd83abc8451af3c96c6b35a41cc6c55f5" },
++ { 3074, "216ea26f02976a261b7d21a4dd3085157bedfabd" },
++ { 3075, "bd612ebba021fd8e012b14c3bd60c8c5161fabc0" },
++ { 4048, "c2564c1fdf2d5e9d7dde7aace2643428e90662e8" },
++ { 4052, "91ce61fe924b445dfe7b5a1dcd10a27caec16df6" },
++ { 4058, "db2a9be5ee8124f091c7ebd699266c5de223c164" },
++ { 6144, "855109903feae2ba3a7a05a326b8a171116eb368" },
++ { 6150, "37520bb3a668294d9c7b073e7e3daf8fee248a78" },
++ { 6400, "60a353c841b6d2b1a05890349dad2fa33c7536b7" },
++ { 6528, "9e53a43a69bb42d7c8522ca8bd632e421d5edb36" },
++ { 8192, "a918cb0da862eaea0a33ee0efea50243e6b4927c" },
++ { 8320, "29a5dcf55d1db29cd113fcf0572ae414f1c71329" },
++ {16384, "6fb27966138e0c8d5a0d65ace817ebd53633cee1" },
++ {18432, "ca09900d891c7c9ae2a559b10f63a217003341c1" },
++ { 0, NULL },
++};
++
++/* Key = 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ * 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10
++ * 0x11, 0x12, 0x13, 0x14
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ */
++static MV_CESA_SIZE_TEST shaMultiSizeTest404[] =
++{
++ { 80, "beaf20a34b06a87558d156c0949bc3957d40222e" },
++ { 512, "3353955358d886bc2940a3c7f337ff7dafb59c7b" },
++ { 1000, "8737a542c5e9b2b6244b757ebb69d5bd602a829f" },
++ { 1001, "fd9e7582d8a5d3c9fe3b923e4e6a41b07a1eb4d4" },
++ { 1002, "a146d14a6fc3c274ff600568f4d75b977989e00d" },
++ { 1003, "be22601bbc027ddef2dec97d30b3dc424fd803c5" },
++ { 1004, "3e71fe99b2fe2b7bfdf4dbf0c7f3da25d7ea35e7" },
++ { 1005, "2c422735d7295408fddd76f5e8a83a2a8da13df3" },
++ { 1006, "6d875319049314b61855101a647b9ba3313428e6" },
++ { 1336, "c1631ea80bad9dc43a180712461b65a0598c711c" },
++ { 1344, "816069bf91d34581005746e2e0283d0f9c7b7605" },
++ { 1399, "4e139866dc61cfcb8b67ca2ebd637b3a538593af" },
++ { 1400, "ff2a0f8dd2b02c5417910f6f55d33a78e081a723" },
++ { 1401, "ab00c12be62336964cbce31ae97fe2a0002984d5" },
++ { 1402, "61349e7f999f3a1acc56c3e9a5060a9c4a7b05b6" },
++ { 1403, "3edbc0f61e435bc1317fa27d840076093fb79353" },
++ { 1404, "d052c6dfdbe63d45dab23ef9893e2aa4636aca1e" },
++ { 1405, "0cc16b7388d67bf0add15a31e6e6c753cfae4987" },
++ { 1406, "c96ba7eaad74253c38c22101b558d2850b1d1b90" },
++ { 1407, "3445428a40d2c6556e7c55797ad8d323b61a48d9" },
++ { 1408, "8d6444f937a09317c89834187b8ea9b8d3a8c56b" },
++ { 1409, "c700acd3ecd19014ea2bdb4d42510c467e088475" },
++ { 2048, "ee27d2a0cb77470c2f496212dfd68b5bb7b04e4b" },
++ { 2049, "683762d7a02983b26a6d046e6451d9cd82c25932" },
++ { 2050, "0fd20f1d55a9ee18363c2a6fd54aa13aee69992f" },
++ { 2051, "86c267d8cc4bc8d59090e4f8b303da960fd228b7" },
++ { 2052, "452395ae05b3ec503eea34f86fc0832485ad97c1" },
++ { 3072, "75198e3cfd0b9bcff2dabdf8e38e6fdaa33ca49a" },
++ { 3074, "4e24785ef080141ce4aab4675986d9acea624d7c" },
++ { 3075, "3a20c5978dd637ec0e809bf84f0d9ccf30bc65bf" },
++ { 4048, "3c32da256be7a7554922bf5fed51b0d2d09e59ad" },
++ { 4052, "fff898426ea16e54325ae391a32c6c9bce4c23c0" },
++ { 4058, "c800b9e562e1c91e1310116341a3c91d37f848ec" },
++ { 6144, "d91d509d0cc4376c2d05bf9a5097717a373530e6" },
++ { 6150, "d957030e0f13c5df07d9eec298542d8f94a07f12" },
++ { 6400, "bb745313c3d7dc17b3f955e5534ad500a1082613" },
++ { 6528, "77905f80d9ca82080bbb3e5654896dabfcfd1bdb" },
++ { 8192, "5237fd9a81830c974396f99f32047586612ff3c0" },
++ { 8320, "57668e28d5f2dba0839518a11db0f6af3d7e08bf" },
++ {16384, "62e093fde467f0748087beea32e9af97d5c61241" },
++ {18432, "845fb33130c7d6ea554fd5aacb9c50cf7ccb5929" },
++ { 0, NULL },
++};
++
++/* HASH-SHA1
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ * repeated "size" times
++ */
++static MV_CESA_SIZE_TEST shaMultiSizeTest405[] =
++{
++ { 80, "50abf5706a150990a08b2c5ea40fa0e585554732" },
++ { 512, "f14516a08948fa27917a974d219741a697ba0087" },
++ { 1000, "0bd18c378d5788817eb4f1e5dc07d867efa5cbf4" },
++ { 1001, "ca29b85c35db1b8aef83c977893a11159d1b7aa2" },
++ { 1002, "d83bc973eaaedb8a31437994dabbb3304b0be086" },
++ { 1003, "2cf7bbef0acd6c00536b5c58ca470df9a3a90b6c" },
++ { 1004, "e4375d09b1223385a8a393066f8209acfd936a80" },
++ { 1005, "1029b38043e027745d019ce1d2d68e3d8b9d8f99" },
++ { 1006, "deea16dcebbd8ac137e2b984deb639b9fb5e9680" },
++ { 1336, "ea031b065fff63dcfb6a41956e4777520cdbc55d" },
++ { 1344, "b52096c6445e6c0a8355995c70dc36ae186c863c" },
++ { 1399, "cde2f6f8379870db4b32cf17471dc828a8dbff2b" },
++ { 1400, "e53ff664064bc09fe5054c650806bd42d8179518" },
++ { 1401, "d1156db5ddafcace64cdb510ff0d4af9b9a8ad64" },
++ { 1402, "34ede0e9a909dd84a2ae291539105c0507b958e1" },
++ { 1403, "a772ca3536da77e6ad3251e4f9e1234a4d7b87c0" },
++ { 1404, "29740fd2b04e7a8bfd32242db6233156ad699948" },
++ { 1405, "65b17397495b70ce4865dad93bf991b74c97cce1" },
++ { 1406, "a7ee89cd0754061fdb91af7ea6abad2c69d542e3" },
++ { 1407, "3eebf82f7420188e23d328b7ce93580b279a5715" },
++ { 1408, "e08d3363a8b9a490dfb3a4c453452b8f114deeec" },
++ { 1409, "95d74df739181a4ff30b8c39e28793a36598e924" },
++ { 2048, "aa40262509c2abf84aab0197f83187fc90056d91" },
++ { 2049, "7dec28ef105bc313bade8d9a7cdeac58b99de5ea" },
++ { 2050, "d2e30f77ec81197de20f56588a156094ecb88450" },
++ { 2051, "6b22ccc874833e96551a39da0c0edcaa0d969d92" },
++ { 2052, "f843141e57875cd669af58744bc60aa9ea59549c" },
++ { 3072, "09c5fedeaa62c132e673cc3c608a00142273d086" },
++ { 3074, "b09e95eea9c7b1b007a58accec488301901a7f3d" },
++ { 3075, "e6226b77b4ada287a8c9bbcf4ed71eec5ce632dc" },
++ { 4048, "e99394894f855821951ddddf5bfc628547435f5c" },
++ { 4052, "32d2f1af38be9cfba6cd03d55a254d0b3e1eb382" },
++ { 4058, "d906552a4f2aca3a22e1fecccbcd183d7289d0ef" },
++ { 6144, "2e7f62d35a860988e1224dc0543204af19316041" },
++ { 6150, "d6b89698ee133df46fec9d552fadc328aa5a1b51" },
++ { 6400, "dff50e90c46853988fa3a4b4ce5dda6945aae976" },
++ { 6528, "9e63ec0430b96db02d38bc78357a2f63de2ab7f8" },
++ { 8192, "971eb71ed60394d5ab5abb12e88420bdd41b5992" },
++ { 8320, "91606a31b46afeaac965cecf87297e791b211013" },
++ {16384, "547f830a5ec1f5f170ce818f156b1002cabc7569" },
++ {18432, "f16f272787f3b8d539652e4dc315af6ab4fda0ef" },
++ { 0, NULL },
++};
++
++/* CryptoKey = 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef;
++ * MacKey = 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ * 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ * Note: only sizes aligned to 3DES block size (8 bytes) allowed
++ */
++static MV_CESA_SIZE_TEST tripleDesMdMultiSizeTest502[] =
++{
++ { 64, "9586962a2aaaef28803dec2e17807a7f" },
++ { 80, "b7726a03aad490bd6c5a452a89a1b271" },
++ { 352, "f1ed9563aecc3c0d2766eb2bed3b4e4c" },
++ { 512, "0f9decb11ab40fe86f4d4d9397bc020e" },
++ { 1000, "3ba69deac12cab8ff9dff7dbd9669927" },
++ { 1336, "6cf47bf1e80e03e2c1d0945bc50d37d2" },
++ { 1344, "4be388dab21ceb3fa1b8d302e9b821f7" },
++ { 1400, "a58b79fb21dd9bfc6ec93e3b99fb0ef1" },
++ { 1408, "8bc97379fc2ac3237effcdd4f7a86528" },
++ { 2048, "1339f03ab3076f25a20bc4cba16eb5bf" },
++ { 3072, "731204d2d90c4b36ae41f5e1fb874288" },
++ { 4048, "c028d998cfda5642547b7e1ed5ea16e4" },
++ { 6144, "b1b19cd910cc51bd22992f1e59f1e068" },
++ { 6400, "44e4613496ba622deb0e7cb768135a2f" },
++ { 6528, "3b06b0a86f8db9cd67f9448dfcf10549" },
++ { 8192, "d581780b7163138a0f412be681457d82" },
++ {16384, "03b8ac05527faaf1bed03df149c65ccf" },
++ {18432, "677c8a86a41dab6c5d81b85b8fb10ff6" },
++ { 0, NULL },
++};
++
++
++/* CryptoKey = 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef;
++ * MacKey = 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ * 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10
++ * 0x11, 0x12, 0x13, 0x14
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ * Note: only sizes aligned to 3DES block size (8 bytes) allowed
++ */
++static MV_CESA_SIZE_TEST tripleDesShaMultiSizeTest503[] =
++{
++ { 64, "44a1e9bcbfc1429630d9ea68b7a48b0427a684f2" },
++ { 80, "b2ddeaca91030eab5b95a234ef2c0f6e738ff883" },
++ { 352, "4b91864c7ff629bdff75d9726421f76705452aaf" },
++ { 512, "6dd37faceeb2aa98ba74f4242ed6734a4d546af5" },
++ { 1000, "463661c30300be512a9df40904f0757cde5f1141" },
++ { 1336, "b931f831d9034fe59c65176400b039fe9c1f44a5" },
++ { 1344, "af8866b1cd4a4887d6185bfe72470ffdfb3648e1" },
++ { 1400, "49c6caf07296d5e31d2504d088bc5b20c3ee7cdb" },
++ { 1408, "fcae8deedbc6ebf0763575dc7e9de075b448a0f4" },
++ { 2048, "edece5012146c1faa0dd10f50b183ba5d2af58ac" },
++ { 3072, "5b83625adb43a488b8d64fecf39bb766818547b7" },
++ { 4048, "d2c533678d26c970293af60f14c8279dc708bfc9" },
++ { 6144, "b8f67af4f991b08b725f969b049ebf813bfacc5c" },
++ { 6400, "d9a6c7f746ac7a60ef2edbed2841cf851c25cfb0" },
++ { 6528, "376792b8c8d18161d15579fb7829e6e3a27e9946" },
++ { 8192, "d890eabdca195b34ef8724b28360cffa92ae5655" },
++ {16384, "a167ee52639ec7bf19aee9c6e8f76667c14134b9" },
++ {18432, "e4396ab56f67296b220985a12078f4a0e365d2cc" },
++ { 0, NULL },
++};
++
++/* CryptoKey = 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef
++ * IV = 0x12345678, 0x90abcdef
++ * MacKey = 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ * 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ * Note: only sizes aligned to 3DES block size (8 bytes) allowed
++ */
++static MV_CESA_SIZE_TEST cbc3desMdMultiSizeTest504[] =
++{
++ { 64, "8d10e00802460ede0058c139ba48bd2d" },
++ { 80, "6f463057e1a90e0e91ae505b527bcec0" },
++ { 352, "4938d48bdf86aece2c6851e7c6079788" },
++ { 512, "516705d59f3cf810ebf2a13a23a7d42e" },
++ { 1000, "a5a000ee5c830e67ddc6a2d2e5644b31" },
++ { 1336, "44af60087b74ed07950088efbe3b126a" },
++ { 1344, "1f5b39e0577920af731dabbfcf6dfc2a" },
++ { 1400, "6804ea640e29b9cd39e08bc37dbce734" },
++ { 1408, "4fb436624b02516fc9d1535466574bf9" },
++ { 2048, "c909b0985c423d8d86719f701e9e83db" },
++ { 3072, "cfe0bc34ef97213ee3d3f8b10122db21" },
++ { 4048, "03ea10b5ae4ddeb20aed6af373082ed1" },
++ { 6144, "b9a0ff4f87fc14b3c2dc6f0ed0998fdf" },
++ { 6400, "6995f85d9d4985dd99e974ec7dda9dd6" },
++ { 6528, "bbbb548ce2fa3d58467f6a6a5168a0e6" },
++ { 8192, "afe101fbe745bb449ae4f50d10801456" },
++ {16384, "9741706d0b1c923340c4660ff97cacdf" },
++ {18432, "b0217becb73cb8f61fd79c7ce9d023fb" },
++ { 0, NULL },
++};
++
++
++/* CryptoKey = 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef;
++ * IV = 0x12345678, 0x90abcdef
++ * MacKey = 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ * 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10
++ * 0x11, 0x12, 0x13, 0x14
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ * Note: only sizes aligned to 3DES block size (8 bytes) allowed
++ */
++static MV_CESA_SIZE_TEST cbc3desShaMultiSizeTest505[] =
++{
++ { 64, "409187e5bdb0be4a7754ca3747f7433dc4f01b98" },
++ { 80, "1b002ed050be743aa98860cf35659646bb8efcc0" },
++ { 352, "6cbf7ebe50fa4fa6eecc19eca23f9eae553ccfff" },
++ { 512, "cfb5253fb4bf72b743320c30c7e48c54965853b0" },
++ { 1000, "95e04e1ca2937e7c5a9aba9e42d2bcdb8a7af21f" },
++ { 1336, "3b5c1f5eee5837ebf67b83ae01405542d77a6627" },
++ { 1344, "2b3d42ab25615437f98a1ee310b81d07a02badc2" },
++ { 1400, "7f8687df7c1af44e4baf3c934b6cca5ab6bc993e" },
++ { 1408, "473a581c5f04f7527d50793c845471ac87e86430" },
++ { 2048, "e41d20cae7ebe34e6e828ed62b1e5734019037bb" },
++ { 3072, "275664afd7a561d804e6b0d204e53939cde653ae" },
++ { 4048, "0d220cc5b34aeeb46bbbd637dde6290b5a8285a3" },
++ { 6144, "cb393ddcc8b1c206060625b7d822ef9839e67bc5" },
++ { 6400, "dd3317e2a627fc04800f74a4b05bfda00fab0347" },
++ { 6528, "8a74c3b2441ab3f5a7e08895cc432566219a7c41" },
++ { 8192, "b8e6ef3a549ed0e005bd5b8b1a5fe6689e9711a7" },
++ {16384, "55f59404008276cdac0e2ba0d193af2d40eac5ce" },
++ {18432, "86ae6c4fc72369a54cce39938e2d0296cd9c6ec5" },
++ { 0, NULL },
++};
++
++
++/* CryptoKey = 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef
++ * IV = 0x12345678, 0x90abcdef
++ * MacKey = 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ * 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ * Note: only sizes aligned to AES block size (16 bytes) allowed
++ */
++static MV_CESA_SIZE_TEST cbcAes128md5multiSizeTest506[] =
++{
++ { 16, "7ca4c2ba866751598720c5c4aa0d6786" },
++ { 64, "7dba7fb988e80da609b1fea7254bced8" },
++ { 80, "6b6e863ac5a71d15e3e9b1c86c9ba05f" },
++ { 352, "a1ceb9c2e3021002400d525187a9f38c" },
++ { 512, "596c055c1c55db748379223164075641" },
++ { 1008, "f920989c02f3b3603f53c99d89492377" },
++ { 1344, "2e496b73759d77ed32ea222dbd2e7b41" },
++ { 1408, "7178c046b3a8d772efdb6a71c4991ea4" },
++ { 2048, "a917f0099c69eb94079a8421714b6aad" },
++ { 3072, "693cd5033d7f5391d3c958519fa9e934" },
++ { 4048, "139dca91bcff65b3c40771749052906b" },
++ { 6144, "428d9cef6df4fb70a6e9b6bbe4819e55" },
++ { 6400, "9c0b909e76daa811e12b1fc17000a0c4" },
++ { 6528, "ad876f6297186a7be1f1b907ed860eda" },
++ { 8192, "479cbbaca37dd3191ea1f3e8134a0ef4" },
++ {16384, "60fda559c74f91df538100c9842f2f15" },
++ {18432, "4a3eb1cba1fa45f3981270953f720c42" },
++ { 0, NULL },
++};
++
++
++/* CryptoKey = 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef,
++ * 0x01234567, 0x89abcdef;
++ * IV = 0x12345678, 0x90abcdef
++ * MacKey = 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
++ * 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10
++ * 0x11, 0x12, 0x13, 0x14
++ * InputHexStr = "31323334353637383930" (ASCII = "1234567890")
++ * Note: only sizes aligned to AES block size (16 bytes) allowed
++ */
++static MV_CESA_SIZE_TEST cbcAes128sha1multiSizeTest507[] =
++{
++ { 16, "9aa8dc1c45f0946daf78057fa978759c625c1fee" },
++ { 64, "9f588fc1ede851e5f8b20256abc9979465ae2189" },
++ { 80, "13558472d1fc1c90dffec6e5136c7203452d509b" },
++ { 352, "6b93518e006cfaa1f7adb24615e7291fb0a27e06" },
++ { 512, "096874951a77fbbf333e49d80c096ee2016e09bd" },
++ { 1008, "696fc203c2e4b5ae0ec5d1db3f623c490bc6dbac" },
++ { 1344, "79bf77509935ccd3528caaac6a5eb6481f74029b" },
++ { 1408, "627f9462b95fc188e8cfa7eec15119bdc5d4fcf1" },
++ { 2048, "3d50d0c005feba92fe41502d609fced9c882b4d1" },
++ { 3072, "758807e5b983e3a91c06fb218fe0f73f77111e94" },
++ { 4048, "ca90e85242e33f005da3504416a52098d0d31fb2" },
++ { 6144, "8044c1d4fd06642dfc46990b4f18b61ef1e972cf" },
++ { 6400, "166f1f4ea57409f04feba9fb1e39af0e00bd6f43" },
++ { 6528, "0389016a39485d6e330f8b4215ddf718b404f7e9" },
++ { 8192, "6df7ee2a8b61d6f7f860ce8dbf778f0c2a5b508b" },
++ {16384, "a70a6d8dfa1f91ded621c3dbaed34162bc48783f" },
++ {18432, "8dfad627922ce15df1eed10bdbed49244efa57db" },
++ { 0, NULL },
++};
++
++
++void cesaTestPrintStatus(void);
++
++
++/*------------------------- LOCAL FUNCTIONs ---------------------------------*/
++MV_STATUS testCmd(int sid, int iter, MV_CESA_COMMAND* pCmd,
++ MV_CESA_TEST_SESSION* pTestSession, MV_U8* pIV, int ivSize);
++MV_STATUS testClose(int idx);
++MV_STATUS testOpen(int idx);
++void close_session(int sid);
++void cesaTestCheckReady(const MV_CESA_RESULT *r);
++void cesaCheckReady(MV_CESA_RESULT* r);
++void printTestResults(int idx, MV_STATUS status, int checkMode);
++void cesaLastResult(void);
++void cesaTestPrintReq(int req, int offset, int size);
++
++void cesaTestPrintStatus(void);
++void cesaTestPrintSession(int idx);
++void sizeTest(int testIdx, int iter, int checkMode);
++void multiTest(int iter, int reqSize, int checkMode);
++void oneTest(int testIdx, int caseIdx,int iter, int reqSize, int checkMode);
++void multiSizeTest(int idx, int iter, int checkMode, char* inputData);
++void cesaTest(int iter, int reqSize, int checkMode);
++void cesaOneTest(int testIdx, int caseIdx,int iter, int reqSize, int checkMode);
++void combiTest(int iter, int reqSize, int checkMode);
++void shaTest(int iter, int reqSize, int checkMode);
++void mdTest(int iter, int reqSize, int checkMode);
++void aesTest(int iter, int reqSize, int checkMode);
++void tripleDesTest(int iter, int reqSize, int checkMode);
++void desTest(int iter, int reqSize, int checkMode);
++void cesaTestStop(void);
++MV_STATUS testRun(int idx, int caseIdx, int iter,int reqSize, int checkMode);
++void cesaTestStart(int bufNum, int bufSize);
++
++
++static MV_U32 getRate(MV_U32* remainder)
++{
++ MV_U32 kBits, milliSec, rate;
++
++ milliSec = 0;
++ if( (cesaEndTicks - cesaBeginTicks) > 0)
++ {
++ milliSec = CESA_TEST_TICK_TO_MS(cesaEndTicks - cesaBeginTicks);
++ }
++ if(milliSec == 0)
++ {
++ if(remainder != NULL)
++ *remainder = 0;
++ return 0;
++ }
++
++ kBits = (cesaIteration*cesaRateSize*8)/1000;
++ rate = kBits/milliSec;
++ if(remainder != NULL)
++ *remainder = ((kBits % milliSec)*10)/milliSec;
++
++ return rate;
++}
++
++static char* extractMbuf(MV_CESA_MBUF *pMbuf,
++ int offset, int size, char* hexStr)
++{
++ mvCesaCopyFromMbuf((MV_U8*)cesaBinBuffer, pMbuf, offset, size);
++ mvBinToHex((const MV_U8*)cesaBinBuffer, hexStr, size);
++
++ return hexStr;
++}
++
++static MV_BOOL cesaCheckMbuf(MV_CESA_MBUF *pMbuf,
++ const char* hexString, int offset,
++ int checkSize)
++{
++ MV_BOOL isFailed = MV_FALSE;
++ MV_STATUS status;
++ int size = strlen(hexString)/2;
++ int checkedSize = 0;
++/*
++ mvOsPrintf("cesaCheckMbuf: pMbuf=%p, offset=%d, checkSize=%d, mBufSize=%d\n",
++ pMbuf, offset, checkSize, pMbuf->mbufSize);
++*/
++ if(pMbuf->mbufSize < (checkSize + offset))
++ {
++ mvOsPrintf("checkSize (%d) is too large: offset=%d, mbufSize=%d\n",
++ checkSize, offset, pMbuf->mbufSize);
++ return MV_TRUE;
++ }
++ status = mvCesaCopyFromMbuf((MV_U8*)cesaBinBuffer, pMbuf, offset, checkSize);
++ if(status != MV_OK)
++ {
++ mvOsPrintf("CesaTest: Can't copy %d bytes from Mbuf=%p to checkBuf=%p\n",
++ checkSize, pMbuf, cesaBinBuffer);
++ return MV_TRUE;
++ }
++/*
++ mvDebugMemDump(cesaBinBuffer, size, 1);
++*/
++ mvHexToBin(hexString, (MV_U8*)cesaExpBinBuffer, size);
++
++ /* Compare buffers */
++ while(checkSize > checkedSize)
++ {
++ size = MV_MIN(size, (checkSize - checkedSize));
++ if(memcmp(cesaExpBinBuffer, &cesaBinBuffer[checkedSize], size) != 0)
++ {
++ mvOsPrintf("CheckMbuf failed: checkSize=%d, size=%d, checkedSize=%d\n",
++ checkSize, size, checkedSize);
++ mvDebugMemDump(&cesaBinBuffer[checkedSize], size, 1);
++ mvDebugMemDump(cesaExpBinBuffer, size, 1);
++
++ isFailed = MV_TRUE;
++ break;
++ }
++ checkedSize += size;
++ }
++
++ return isFailed;
++}
++
++static MV_STATUS cesaSetMbuf(MV_CESA_MBUF *pMbuf,
++ const char* hexString,
++ int offset, int reqSize)
++{
++ MV_STATUS status = MV_OK;
++ int copySize, size = strlen(hexString)/2;
++
++ mvHexToBin(hexString, (MV_U8*)cesaBinBuffer, size);
++
++ copySize = 0;
++ while(reqSize > copySize)
++ {
++ size = MV_MIN(size, (reqSize - copySize));
++
++ status = mvCesaCopyToMbuf((MV_U8*)cesaBinBuffer, pMbuf, offset+copySize, size);
++ if(status != MV_OK)
++ {
++ mvOsPrintf("cesaSetMbuf Error: Copy %d of %d bytes to MBuf\n",
++ copySize, reqSize);
++ break;
++ }
++ copySize += size;
++ }
++ pMbuf->mbufSize = offset+copySize;
++ return status;
++}
++
++static MV_CESA_TEST_SESSION* getTestSessionDb(int idx, int* pTestIdx)
++{
++ int testIdx, dbIdx = idx/100;
++
++ if(dbIdx > MAX_TEST_TYPE)
++ {
++ mvOsPrintf("Wrong index %d - No such test type\n", idx);
++ return NULL;
++ }
++ testIdx = idx % 100;
++
++ if(testIdx >= cesaTestsDB[dbIdx].numSessions)
++ {
++ mvOsPrintf("Wrong index %d - No such test\n", idx);
++ return NULL;
++ }
++ if(pTestIdx != NULL)
++ *pTestIdx = testIdx;
++
++ return cesaTestsDB[dbIdx].pSessions;
++}
++
++/* Debug */
++void cesaTestPrintReq(int req, int offset, int size)
++{
++ MV_CESA_MBUF* pMbuf;
++
++ mvOsPrintf("cesaTestPrintReq: req=%d, offset=%d, size=%d\n",
++ req, offset, size);
++ mvDebugMemDump(cesaCmdRing, 128, 4);
++
++ pMbuf = cesaCmdRing[req].pSrc;
++ mvCesaDebugMbuf("src", pMbuf, offset,size);
++ pMbuf = cesaCmdRing[req].pDst;
++ mvCesaDebugMbuf("dst", pMbuf, offset, size);
++
++ cesaTestPrintStatus();
++}
++
++void cesaLastResult(void)
++{
++ mvOsPrintf("Last Result: ReqId = %d, SessionId = %d, rc = (%d)\n",
++ (MV_U32)cesaResult.pReqPrv, cesaResult.sessionId,
++ cesaResult.retCode);
++}
++
++void printTestResults(int idx, MV_STATUS status, int checkMode)
++{
++ int testIdx;
++ MV_CESA_TEST_SESSION* pTestSessions = getTestSessionDb(idx, &testIdx);
++
++ if(pTestSessions == NULL)
++ return;
++
++ mvOsPrintf("%-35s %4dx%-4d : ", pTestSessions[testIdx].name,
++ cesaIteration, cesaReqSize);
++ if( (status == MV_OK) &&
++ (cesaCryptoError == 0) &&
++ (cesaError == 0) &&
++ (cesaReqIdError == 0) )
++ {
++ mvOsPrintf("Passed, Rate=%3u.%u Mbps (%5u cpp)\n",
++ cesaRate, cesaRateAfterDot, cesaEndTicks - cesaBeginTicks);
++ }
++ else
++ {
++ mvOsPrintf("Failed, Status = 0x%x\n", status);
++ if(cesaCryptoError > 0)
++ mvOsPrintf("cryptoError : %d\n", cesaCryptoError);
++ if(cesaReqIdError > 0)
++ mvOsPrintf("reqIdError : %d\n", cesaReqIdError);
++ if(cesaError > 0)
++ mvOsPrintf("cesaError : %d\n", cesaError);
++ }
++ if(cesaTestIsrMissCount > 0)
++ mvOsPrintf("cesaIsrMissed : %d\n", cesaTestIsrMissCount);
++}
++
++void cesaCheckReady(MV_CESA_RESULT* r)
++{
++ int reqId;
++ MV_CESA_MBUF *pMbuf;
++ MV_BOOL isFailed;
++
++ cesaResult = *r;
++ reqId = (int)cesaResult.pReqPrv;
++ pMbuf = cesaCmdRing[reqId].pDst;
++
++/*
++ mvOsPrintf("cesaCheckReady: reqId=%d, checkOffset=%d, checkSize=%d\n",
++ reqId, cesaCheckOffset, cesaCheckSize);
++*/
++ /* Check expected reqId */
++ if(reqId != cesaExpReqId)
++ {
++ cesaReqIdError++;
++/*
++ mvOsPrintf("CESA reqId Error: cbIter=%d (%d), reqId=%d, expReqId=%d\n",
++ cesaCbIter, cesaIteration, reqId, cesaExpReqId);
++*/
++ }
++ else
++ {
++ if( (cesaCheckMode == CESA_FULL_CHECK_MODE) ||
++ (cesaCheckMode == CESA_FAST_CHECK_MODE) )
++ {
++ if(cesaResult.retCode != MV_OK)
++ {
++ cesaError++;
++
++ mvOsPrintf("CESA Error: cbIter=%d (%d), reqId=%d, rc=%d\n",
++ cesaCbIter, cesaIteration, reqId, cesaResult.retCode);
++ }
++ else
++ {
++ if( (cesaCheckSize > 0) && (cesaOutputHexStr != NULL) )
++ {
++ /* Check expected output */
++
++ isFailed = cesaCheckMbuf(pMbuf, cesaOutputHexStr, cesaCheckOffset, cesaCheckSize);
++ if(isFailed)
++ {
++ mvOsPrintf("CESA Crypto Error: cbIter=%d (%d), reqId=%d\n",
++ cesaCbIter, cesaIteration, reqId);
++
++ CESA_TEST_DEBUG_PRINT(("Error: reqId=%d, reqSize=%d, checkOffset=%d, checkSize=%d\n",
++ reqId, cesaReqSize, cesaCheckOffset, cesaCheckSize));
++
++ CESA_TEST_DEBUG_PRINT(("Output str: %s\n", cesaOutputHexStr));
++
++ CESA_TEST_DEBUG_CODE( mvCesaDebugMbuf("error", pMbuf, 0, cesaCheckOffset+cesaCheckSize) );
++
++ cesaCryptoError++;
++ }
++ }
++ }
++ }
++ }
++ if(cesaCheckMode == CESA_SHOW_CHECK_MODE)
++ {
++ extractMbuf(pMbuf, cesaCheckOffset, cesaCheckSize, cesaHexBuffer);
++ mvOsPrintf("%4d, %s\n", cesaCheckOffset, cesaHexBuffer);
++ }
++
++ cesaCbIter++;
++ if(cesaCbIter >= cesaIteration)
++ {
++ cesaCbIter = 0;
++ cesaExpReqId = 0;
++ cesaIsReady = MV_TRUE;
++
++ cesaEndTicks = CESA_TEST_TICK_GET();
++ cesaRate = getRate(&cesaRateAfterDot);
++ }
++ else
++ {
++ cesaExpReqId = reqId + 1;
++ if(cesaExpReqId == CESA_DEF_REQ_SIZE)
++ cesaExpReqId = 0;
++ }
++}
++
++
++#ifdef MV_NETBSD
++static int cesaTestReadyIsr(void *arg)
++#else
++#ifdef __KERNEL__
++static irqreturn_t cesaTestReadyIsr( int irq , void *dev_id)
++#endif
++#ifdef MV_VXWORKS
++void cesaTestReadyIsr(void)
++#endif
++#endif
++{
++ MV_U32 cause;
++ MV_STATUS status;
++ MV_CESA_RESULT result;
++
++ cesaTestIsrCount++;
++ /* Clear cause register */
++ cause = MV_REG_READ(MV_CESA_ISR_CAUSE_REG);
++ if( (cause & MV_CESA_CAUSE_ACC_DMA_ALL_MASK) == 0)
++ {
++ mvOsPrintf("cesaTestReadyIsr: cause=0x%x\n", cause);
++#ifdef MV_NETBSD
++ return 0;
++#else
++#ifdef __KERNEL__
++ return 1;
++#else
++ return;
++#endif
++#endif
++ }
++
++ MV_REG_WRITE(MV_CESA_ISR_CAUSE_REG, 0);
++
++ while(MV_TRUE)
++ {
++ /* Get Ready requests */
++ status = mvCesaReadyGet(&result);
++ if(status == MV_OK)
++ cesaCheckReady(&result);
++
++ break;
++ }
++ if( (cesaTestFull == 1) && (status != MV_BUSY) )
++ {
++ cesaTestFull = 0;
++ CESA_TEST_WAKE_UP();
++ }
++
++#ifdef __KERNEL__
++ return 1;
++#endif
++}
++
++void
++cesaTestCheckReady(const MV_CESA_RESULT *r)
++{
++ MV_CESA_RESULT result = *r;
++
++ cesaCheckReady(&result);
++
++ if (cesaTestFull == 1) {
++ cesaTestFull = 0;
++ CESA_TEST_WAKE_UP();
++ }
++}
++
++static INLINE int open_session(MV_CESA_OPEN_SESSION* pOs)
++{
++ MV_U16 sid;
++ MV_STATUS status;
++
++ status = mvCesaSessionOpen(pOs, (short*)&sid);
++ if(status != MV_OK)
++ {
++ mvOsPrintf("CesaTest: Can't open new session - status = 0x%x\n",
++ status);
++ return -1;
++ }
++
++ return (int)sid;
++}
++
++void close_session(int sid)
++{
++ MV_STATUS status;
++
++ status = mvCesaSessionClose(sid);
++ if(status != MV_OK)
++ {
++ mvOsPrintf("CesaTest: Can't close session %d - status = 0x%x\n",
++ sid, status);
++ }
++}
++
++MV_STATUS testOpen(int idx)
++{
++ MV_CESA_OPEN_SESSION os;
++ int sid, i, testIdx;
++ MV_CESA_TEST_SESSION* pTestSession;
++ MV_U16 digestSize = 0;
++
++ pTestSession = getTestSessionDb(idx, &testIdx);
++ if(pTestSession == NULL)
++ {
++ mvOsPrintf("Test %d is not exist\n", idx);
++ return MV_BAD_PARAM;
++ }
++ pTestSession = &pTestSession[testIdx];
++
++ if(pTestSession->sid != -1)
++ {
++ mvOsPrintf("Session for test %d already created: sid=%d\n",
++ idx, pTestSession->sid);
++ return MV_OK;
++ }
++
++ os.cryptoAlgorithm = pTestSession->cryptoAlgorithm;
++ os.macMode = pTestSession->macAlgorithm;
++ switch(os.macMode)
++ {
++ case MV_CESA_MAC_MD5:
++ case MV_CESA_MAC_HMAC_MD5:
++ digestSize = MV_CESA_MD5_DIGEST_SIZE;
++ break;
++
++ case MV_CESA_MAC_SHA1:
++ case MV_CESA_MAC_HMAC_SHA1:
++ digestSize = MV_CESA_SHA1_DIGEST_SIZE;
++ break;
++
++ case MV_CESA_MAC_NULL:
++ digestSize = 0;
++ }
++ os.cryptoMode = pTestSession->cryptoMode;
++ os.direction = pTestSession->direction;
++ os.operation = pTestSession->operation;
++
++ for(i=0; i<pTestSession->cryptoKeySize; i++)
++ os.cryptoKey[i] = pTestSession->pCryptoKey[i];
++
++ os.cryptoKeyLength = pTestSession->cryptoKeySize;
++
++ for(i=0; i<pTestSession->macKeySize; i++)
++ os.macKey[i] = pTestSession->pMacKey[i];
++
++ os.macKeyLength = pTestSession->macKeySize;
++ os.digestSize = digestSize;
++
++ sid = open_session(&os);
++ if(sid == -1)
++ {
++ mvOsPrintf("Can't open session for test %d: rc=0x%x\n",
++ idx, cesaResult.retCode);
++ return cesaResult.retCode;
++ }
++ CESA_TEST_DEBUG_PRINT(("Opened session: sid = %d\n", sid));
++ pTestSession->sid = sid;
++ return MV_OK;
++}
++
++MV_STATUS testClose(int idx)
++{
++ int testIdx;
++ MV_CESA_TEST_SESSION* pTestSession;
++
++ pTestSession = getTestSessionDb(idx, &testIdx);
++ if(pTestSession == NULL)
++ {
++ mvOsPrintf("Test %d is not exist\n", idx);
++ return MV_BAD_PARAM;
++ }
++ pTestSession = &pTestSession[testIdx];
++
++ if(pTestSession->sid == -1)
++ {
++ mvOsPrintf("Test session %d is not opened\n", idx);
++ return MV_NO_SUCH;
++ }
++
++ close_session(pTestSession->sid);
++ pTestSession->sid = -1;
++
++ return MV_OK;
++}
++
++MV_STATUS testCmd(int sid, int iter, MV_CESA_COMMAND* pCmd,
++ MV_CESA_TEST_SESSION* pTestSession, MV_U8* pIV, int ivSize)
++{
++ int cmdReqId = 0;
++ int i;
++ MV_STATUS rc = MV_OK;
++ char ivZeroHex[] = "0000";
++
++ if(iter == 0)
++ iter = CESA_DEF_ITER_NUM;
++
++ if(pCmd == NULL)
++ {
++ mvOsPrintf("testCmd failed: pCmd=NULL\n");
++ return MV_BAD_PARAM;
++ }
++ pCmd->sessionId = sid;
++
++ cesaCryptoError = 0;
++ cesaReqIdError = 0;
++ cesaError = 0;
++ cesaTestIsrMissCount = 0;
++ cesaIsReady = MV_FALSE;
++ cesaIteration = iter;
++
++ if(cesaInputHexStr == NULL)
++ cesaInputHexStr = cesaPlainHexEbc;
++
++ for(i=0; i<CESA_DEF_REQ_SIZE; i++)
++ {
++ pCmd->pSrc = (MV_CESA_MBUF*)(cesaCmdRing[i].pSrc);
++ if(pIV != NULL)
++ {
++ /* If IV from SA - set IV in Source buffer to zeros */
++ cesaSetMbuf(pCmd->pSrc, ivZeroHex, 0, pCmd->cryptoOffset);
++ cesaSetMbuf(pCmd->pSrc, cesaInputHexStr, pCmd->cryptoOffset,
++ (cesaReqSize - pCmd->cryptoOffset));
++ }
++ else
++ {
++ cesaSetMbuf(pCmd->pSrc, cesaInputHexStr, 0, cesaReqSize);
++ }
++ pCmd->pDst = (MV_CESA_MBUF*)(cesaCmdRing[i].pDst);
++ cesaSetMbuf(pCmd->pDst, cesaNullPlainHexText, 0, cesaReqSize);
++
++ memcpy(&cesaCmdRing[i], pCmd, sizeof(*pCmd));
++ }
++
++ if(cesaCheckMode == CESA_SW_SHOW_CHECK_MODE)
++ {
++ MV_U8 pDigest[MV_CESA_MAX_DIGEST_SIZE];
++
++ if(pTestSession->macAlgorithm == MV_CESA_MAC_MD5)
++ {
++ mvMD5(pCmd->pSrc->pFrags[0].bufVirtPtr, pCmd->macLength, pDigest);
++ mvOsPrintf("SW HASH_MD5: reqSize=%d, macLength=%d\n",
++ cesaReqSize, pCmd->macLength);
++ mvDebugMemDump(pDigest, MV_CESA_MD5_DIGEST_SIZE, 1);
++ return MV_OK;
++ }
++ if(pTestSession->macAlgorithm == MV_CESA_MAC_SHA1)
++ {
++ mvSHA1(pCmd->pSrc->pFrags[0].bufVirtPtr, pCmd->macLength, pDigest);
++ mvOsPrintf("SW HASH_SHA1: reqSize=%d, macLength=%d\n",
++ cesaReqSize, pCmd->macLength);
++ mvDebugMemDump(pDigest, MV_CESA_SHA1_DIGEST_SIZE, 1);
++ return MV_OK;
++ }
++ }
++
++ cesaBeginTicks = CESA_TEST_TICK_GET();
++ CESA_TEST_DEBUG_CODE( memset(cesaTestTrace, 0, sizeof(cesaTestTrace));
++ cesaTestTraceIdx = 0;
++ );
++
++ if(cesaCheckMode == CESA_SW_NULL_CHECK_MODE)
++ {
++ volatile MV_U8 pDigest[MV_CESA_MAX_DIGEST_SIZE];
++
++ for(i=0; i<iter; i++)
++ {
++ if(pTestSession->macAlgorithm == MV_CESA_MAC_MD5)
++ {
++ mvMD5(pCmd->pSrc->pFrags[0].bufVirtPtr, pCmd->macLength, (unsigned char*)pDigest);
++ }
++ if(pTestSession->macAlgorithm == MV_CESA_MAC_SHA1)
++ {
++ mvSHA1(pCmd->pSrc->pFrags[0].bufVirtPtr, pCmd->macLength, (MV_U8 *)pDigest);
++ }
++ }
++ cesaEndTicks = CESA_TEST_TICK_GET();
++ cesaRate = getRate(&cesaRateAfterDot);
++ cesaIsReady = MV_TRUE;
++
++ return MV_OK;
++ }
++
++ /*cesaTestIsrCount = 0;*/
++ /*mvCesaDebugStatsClear();*/
++
++#ifndef MV_NETBSD
++ MV_REG_WRITE(MV_CESA_ISR_CAUSE_REG, 0);
++#endif
++
++ for(i=0; i<iter; i++)
++ {
++ unsigned long flags;
++
++ pCmd = &cesaCmdRing[cmdReqId];
++ pCmd->pReqPrv = (void*)cmdReqId;
++
++ CESA_TEST_LOCK(flags);
++
++ rc = mvCesaAction(pCmd);
++ if(rc == MV_NO_RESOURCE)
++ cesaTestFull = 1;
++
++ CESA_TEST_UNLOCK(flags);
++
++ if(rc == MV_NO_RESOURCE)
++ {
++ CESA_TEST_LOCK(flags);
++ CESA_TEST_WAIT( (cesaTestFull == 0), 100);
++ CESA_TEST_UNLOCK(flags);
++ if(cesaTestFull == 1)
++ {
++ mvOsPrintf("CESA Test timeout: i=%d, iter=%d, cesaTestFull=%d\n",
++ i, iter, cesaTestFull);
++ cesaTestFull = 0;
++ return MV_TIMEOUT;
++ }
++
++ CESA_TEST_LOCK(flags);
++
++ rc = mvCesaAction(pCmd);
++
++ CESA_TEST_UNLOCK(flags);
++ }
++ if( (rc != MV_OK) && (rc != MV_NO_MORE) )
++ {
++ mvOsPrintf("mvCesaAction failed: rc=%d\n", rc);
++ return rc;
++ }
++
++ cmdReqId++;
++ if(cmdReqId >= CESA_DEF_REQ_SIZE)
++ cmdReqId = 0;
++
++#ifdef MV_LINUX
++ /* Reschedule each 16 requests */
++ if( (i & 0xF) == 0)
++ schedule();
++#endif
++ }
++ return MV_OK;
++}
++
++void cesaTestStart(int bufNum, int bufSize)
++{
++ int i, j, idx;
++ MV_CESA_MBUF *pMbufSrc, *pMbufDst;
++ MV_BUF_INFO *pFragsSrc, *pFragsDst;
++ char *pBuf;
++#ifndef MV_NETBSD
++ int numOfSessions, queueDepth;
++ char *pSram;
++ MV_STATUS status;
++ MV_CPU_DEC_WIN addrDecWin;
++#endif
++
++ cesaCmdRing = mvOsMalloc(sizeof(MV_CESA_COMMAND) * CESA_DEF_REQ_SIZE);
++ if(cesaCmdRing == NULL)
++ {
++ mvOsPrintf("testStart: Can't allocate %ld bytes of memory\n",
++ sizeof(MV_CESA_COMMAND) * CESA_DEF_REQ_SIZE);
++ return;
++ }
++ memset(cesaCmdRing, 0, sizeof(MV_CESA_COMMAND) * CESA_DEF_REQ_SIZE);
++
++ if(bufNum == 0)
++ bufNum = CESA_DEF_BUF_NUM;
++
++ if(bufSize == 0)
++ bufSize = CESA_DEF_BUF_SIZE;
++
++ cesaBufNum = bufNum;
++ cesaBufSize = bufSize;
++ mvOsPrintf("CESA test started: bufNum = %d, bufSize = %d\n",
++ bufNum, bufSize);
++
++ cesaHexBuffer = mvOsMalloc(2*bufNum*bufSize);
++ if(cesaHexBuffer == NULL)
++ {
++ mvOsPrintf("testStart: Can't malloc %d bytes for cesaHexBuffer.\n",
++ 2*bufNum*bufSize);
++ return;
++ }
++ memset(cesaHexBuffer, 0, (2*bufNum*bufSize));
++
++ cesaBinBuffer = mvOsMalloc(bufNum*bufSize);
++ if(cesaBinBuffer == NULL)
++ {
++ mvOsPrintf("testStart: Can't malloc %d bytes for cesaBinBuffer\n",
++ bufNum*bufSize);
++ return;
++ }
++ memset(cesaBinBuffer, 0, (bufNum*bufSize));
++
++ cesaExpBinBuffer = mvOsMalloc(bufNum*bufSize);
++ if(cesaExpBinBuffer == NULL)
++ {
++ mvOsPrintf("testStart: Can't malloc %d bytes for cesaExpBinBuffer\n",
++ bufNum*bufSize);
++ return;
++ }
++ memset(cesaExpBinBuffer, 0, (bufNum*bufSize));
++
++ CESA_TEST_WAIT_INIT();
++
++ pMbufSrc = mvOsMalloc(sizeof(MV_CESA_MBUF) * CESA_DEF_REQ_SIZE);
++ pFragsSrc = mvOsMalloc(sizeof(MV_BUF_INFO) * bufNum * CESA_DEF_REQ_SIZE);
++
++ pMbufDst = mvOsMalloc(sizeof(MV_CESA_MBUF) * CESA_DEF_REQ_SIZE);
++ pFragsDst = mvOsMalloc(sizeof(MV_BUF_INFO) * bufNum * CESA_DEF_REQ_SIZE);
++
++ if( (pMbufSrc == NULL) || (pFragsSrc == NULL) ||
++ (pMbufDst == NULL) || (pFragsDst == NULL) )
++ {
++ mvOsPrintf("testStart: Can't malloc Src and Dst pMbuf and pFrags structures.\n");
++ /* !!!! Dima cesaTestCleanup();*/
++ return;
++ }
++
++ memset(pMbufSrc, 0, sizeof(MV_CESA_MBUF) * CESA_DEF_REQ_SIZE);
++ memset(pFragsSrc, 0, sizeof(MV_BUF_INFO) * bufNum * CESA_DEF_REQ_SIZE);
++
++ memset(pMbufDst, 0, sizeof(MV_CESA_MBUF) * CESA_DEF_REQ_SIZE);
++ memset(pFragsDst, 0, sizeof(MV_BUF_INFO) * bufNum * CESA_DEF_REQ_SIZE);
++
++ mvOsPrintf("Cesa Test Start: pMbufSrc=%p, pFragsSrc=%p, pMbufDst=%p, pFragsDst=%p\n",
++ pMbufSrc, pFragsSrc, pMbufDst, pFragsDst);
++
++ idx = 0;
++ for(i=0; i<CESA_DEF_REQ_SIZE; i++)
++ {
++ pBuf = mvOsIoCachedMalloc(cesaTestOSHandle,bufSize * bufNum * 2,
++ &cesaReqBufs[i].bufPhysAddr,
++ &cesaReqBufs[i].memHandle);
++ if(pBuf == NULL)
++ {
++ mvOsPrintf("testStart: Can't malloc %d bytes for pBuf\n",
++ bufSize * bufNum * 2);
++ return;
++ }
++
++ memset(pBuf, 0, bufSize * bufNum * 2);
++ mvOsCacheFlush(cesaTestOSHandle,pBuf, bufSize * bufNum * 2);
++ if(pBuf == NULL)
++ {
++ mvOsPrintf("cesaTestStart: Can't allocate %d bytes for req_%d buffers\n",
++ bufSize * bufNum * 2, i);
++ return;
++ }
++
++ cesaReqBufs[i].bufVirtPtr = (MV_U8*)pBuf;
++ cesaReqBufs[i].bufSize = bufSize * bufNum * 2;
++
++ cesaCmdRing[i].pSrc = &pMbufSrc[i];
++ cesaCmdRing[i].pSrc->pFrags = &pFragsSrc[idx];
++ cesaCmdRing[i].pSrc->numFrags = bufNum;
++ cesaCmdRing[i].pSrc->mbufSize = 0;
++
++ cesaCmdRing[i].pDst = &pMbufDst[i];
++ cesaCmdRing[i].pDst->pFrags = &pFragsDst[idx];
++ cesaCmdRing[i].pDst->numFrags = bufNum;
++ cesaCmdRing[i].pDst->mbufSize = 0;
++
++ for(j=0; j<bufNum; j++)
++ {
++ cesaCmdRing[i].pSrc->pFrags[j].bufVirtPtr = (MV_U8*)pBuf;
++ cesaCmdRing[i].pSrc->pFrags[j].bufSize = bufSize;
++ pBuf += bufSize;
++ cesaCmdRing[i].pDst->pFrags[j].bufVirtPtr = (MV_U8*)pBuf;
++ cesaCmdRing[i].pDst->pFrags[j].bufSize = bufSize;
++ pBuf += bufSize;
++ }
++ idx += bufNum;
++ }
++
++#ifndef MV_NETBSD
++ if (mvCpuIfTargetWinGet(CRYPT_ENG, &addrDecWin) == MV_OK)
++ pSram = (char*)addrDecWin.addrWin.baseLow;
++ else
++ {
++ mvOsPrintf("mvCesaInit: ERR. mvCpuIfTargetWinGet failed\n");
++ return;
++ }
++
++#ifdef MV_CESA_NO_SRAM
++ pSram = mvOsMalloc(4*1024+8);
++ if(pSram == NULL)
++ {
++ mvOsPrintf("CesaTest: can't allocate %d bytes for SRAM simulation\n",
++ 4*1024+8);
++ /* !!!! Dima cesaTestCleanup();*/
++ return;
++ }
++ pSram = (MV_U8*)MV_ALIGN_UP((MV_U32)pSram, 8);
++#endif /* MV_CESA_NO_SRAM */
++
++ numOfSessions = CESA_DEF_SESSION_NUM;
++ queueDepth = CESA_DEF_REQ_SIZE - MV_CESA_MAX_CHAN;
++
++ status = mvCesaInit(numOfSessions, queueDepth, pSram, NULL);
++ if(status != MV_OK)
++ {
++ mvOsPrintf("mvCesaInit is Failed: status = 0x%x\n", status);
++ /* !!!! Dima cesaTestCleanup();*/
++ return;
++ }
++#endif /* !MV_NETBSD */
++
++ /* Prepare data for tests */
++ for(i=0; i<50; i++)
++ strcat((char*)cesaDataHexStr3, "dd");
++
++ strcpy((char*)cesaDataAndMd5digest3, cesaDataHexStr3);
++ strcpy((char*)cesaDataAndSha1digest3, cesaDataHexStr3);
++
++ /* Digest must be 8 byte aligned */
++ for(; i<56; i++)
++ {
++ strcat((char*)cesaDataAndMd5digest3, "00");
++ strcat((char*)cesaDataAndSha1digest3, "00");
++ }
++ strcat((char*)cesaDataAndMd5digest3, cesaHmacMd5digestHex3);
++ strcat((char*)cesaDataAndSha1digest3, cesaHmacSha1digestHex3);
++
++#ifndef MV_NETBSD
++ MV_REG_WRITE( MV_CESA_ISR_CAUSE_REG, 0);
++ MV_REG_WRITE( MV_CESA_ISR_MASK_REG, MV_CESA_CAUSE_ACC_DMA_MASK);
++#endif
++
++#ifdef MV_VXWORKS
++ {
++ MV_STATUS status;
++
++ status = intConnect((VOIDFUNCPTR *)INT_LVL_CESA, cesaTestReadyIsr, (int)NULL);
++ if (status != OK)
++ {
++ mvOsPrintf("CESA: Can't connect CESA (%d) interrupt, status=0x%x \n",
++ INT_LVL_CESA, status);
++ /* !!!! Dima cesaTestCleanup();*/
++ return;
++ }
++ cesaSemId = semMCreate(SEM_Q_PRIORITY | SEM_INVERSION_SAFE | SEM_DELETE_SAFE);
++ if(cesaSemId == NULL)
++ {
++ mvOsPrintf("cesaTestStart: Can't create semaphore\n");
++ return;
++ }
++ intEnable(INT_LVL_CESA);
++ }
++#endif /* MV_VXWORKS */
++
++#if !defined(MV_NETBSD) && defined(__KERNEL__)
++ if( request_irq(CESA_IRQ, cesaTestReadyIsr, (SA_INTERRUPT) , "cesa_test", NULL ) )
++ {
++ mvOsPrintf( "cannot assign irq\n" );
++ /* !!!! Dima cesaTestCleanup();*/
++ return;
++ }
++ spin_lock_init( &cesaLock );
++#endif
++}
++
++MV_STATUS testRun(int idx, int caseIdx, int iter,
++ int reqSize, int checkMode)
++{
++ int testIdx, count, sid, digestSize;
++ int blockSize;
++ MV_CESA_TEST_SESSION* pTestSession;
++ MV_CESA_COMMAND cmd;
++ MV_STATUS status;
++
++ memset(&cmd, 0, sizeof(cmd));
++
++ pTestSession = getTestSessionDb(idx, &testIdx);
++ if(pTestSession == NULL)
++ {
++ mvOsPrintf("Test %d is not exist\n", idx);
++ return MV_BAD_PARAM;
++ }
++ pTestSession = &pTestSession[testIdx];
++
++ sid = pTestSession->sid;
++ if(sid == -1)
++ {
++ mvOsPrintf("Test %d is not opened\n", idx);
++ return MV_BAD_STATE;
++ }
++ switch(pTestSession->cryptoAlgorithm)
++ {
++ case MV_CESA_CRYPTO_DES:
++ case MV_CESA_CRYPTO_3DES:
++ blockSize = MV_CESA_DES_BLOCK_SIZE;
++ break;
++
++ case MV_CESA_CRYPTO_AES:
++ blockSize = MV_CESA_AES_BLOCK_SIZE;
++ break;
++
++ case MV_CESA_CRYPTO_NULL:
++ blockSize = 0;
++ break;
++
++ default:
++ mvOsPrintf("cesaTestRun: Bad CryptoAlgorithm=%d\n",
++ pTestSession->cryptoAlgorithm);
++ return MV_BAD_PARAM;
++ }
++ switch(pTestSession->macAlgorithm)
++ {
++ case MV_CESA_MAC_MD5:
++ case MV_CESA_MAC_HMAC_MD5:
++ digestSize = MV_CESA_MD5_DIGEST_SIZE;
++ break;
++
++ case MV_CESA_MAC_SHA1:
++ case MV_CESA_MAC_HMAC_SHA1:
++ digestSize = MV_CESA_SHA1_DIGEST_SIZE;
++ break;
++ default:
++ digestSize = 0;
++ }
++
++ if(iter == 0)
++ iter = CESA_DEF_ITER_NUM;
++
++ if(pTestSession->direction == MV_CESA_DIR_ENCODE)
++ {
++ cesaOutputHexStr = cesaTestCases[caseIdx].cipherHexStr;
++ cesaInputHexStr = cesaTestCases[caseIdx].plainHexStr;
++ }
++ else
++ {
++ cesaOutputHexStr = cesaTestCases[caseIdx].plainHexStr;
++ cesaInputHexStr = cesaTestCases[caseIdx].cipherHexStr;
++ }
++
++ cmd.sessionId = sid;
++ if(checkMode == CESA_FAST_CHECK_MODE)
++ {
++ cmd.cryptoLength = cesaTestCases[caseIdx].cryptoLength;
++ cmd.macLength = cesaTestCases[caseIdx].macLength;
++ }
++ else
++ {
++ cmd.cryptoLength = reqSize;
++ cmd.macLength = reqSize;
++ }
++ cesaRateSize = cmd.cryptoLength;
++ cesaReqSize = cmd.cryptoLength;
++ cmd.cryptoOffset = 0;
++ if(pTestSession->operation != MV_CESA_MAC_ONLY)
++ {
++ if( (pTestSession->cryptoMode == MV_CESA_CRYPTO_CBC) ||
++ (pTestSession->cryptoMode == MV_CESA_CRYPTO_CTR) )
++ {
++ cmd.ivOffset = 0;
++ cmd.cryptoOffset = blockSize;
++ if(cesaTestCases[caseIdx].pCryptoIV == NULL)
++ {
++ cmd.ivFromUser = 1;
++ }
++ else
++ {
++ cmd.ivFromUser = 0;
++ mvCesaCryptoIvSet(cesaTestCases[caseIdx].pCryptoIV, blockSize);
++ }
++ cesaReqSize = cmd.cryptoOffset + cmd.cryptoLength;
++ }
++ }
++
++/*
++ mvOsPrintf("ivFromUser=%d, cryptoLength=%d, cesaReqSize=%d, cryptoOffset=%d\n",
++ cmd.ivFromUser, cmd.cryptoLength, cesaReqSize, cmd.cryptoOffset);
++*/
++ if(pTestSession->operation != MV_CESA_CRYPTO_ONLY)
++ {
++ cmd.macOffset = cmd.cryptoOffset;
++
++ if(cesaTestCases[caseIdx].digestOffset == -1)
++ {
++ cmd.digestOffset = cmd.macOffset + cmd.macLength;
++ cmd.digestOffset = MV_ALIGN_UP(cmd.digestOffset, 8);
++ }
++ else
++ {
++ cmd.digestOffset = cesaTestCases[caseIdx].digestOffset;
++ }
++ if( (cmd.digestOffset + digestSize) > cesaReqSize)
++ cesaReqSize = cmd.digestOffset + digestSize;
++ }
++
++ cesaCheckMode = checkMode;
++
++ if(checkMode == CESA_NULL_CHECK_MODE)
++ {
++ cesaCheckSize = 0;
++ cesaCheckOffset = 0;
++ }
++ else
++ {
++ if(pTestSession->operation == MV_CESA_CRYPTO_ONLY)
++ {
++ cesaCheckOffset = 0;
++ cesaCheckSize = cmd.cryptoLength;
++ }
++ else
++ {
++ cesaCheckSize = digestSize;
++ cesaCheckOffset = cmd.digestOffset;
++ }
++ }
++/*
++ mvOsPrintf("reqSize=%d, checkSize=%d, checkOffset=%d, checkMode=%d\n",
++ cesaReqSize, cesaCheckSize, cesaCheckOffset, cesaCheckMode);
++
++ mvOsPrintf("blockSize=%d, ivOffset=%d, ivFromUser=%d, crOffset=%d, crLength=%d\n",
++ blockSize, cmd.ivOffset, cmd.ivFromUser,
++ cmd.cryptoOffset, cmd.cryptoLength);
++
++ mvOsPrintf("macOffset=%d, digestOffset=%d, macLength=%d\n",
++ cmd.macOffset, cmd.digestOffset, cmd.macLength);
++*/
++ status = testCmd(sid, iter, &cmd, pTestSession,
++ cesaTestCases[caseIdx].pCryptoIV, blockSize);
++
++ if(status != MV_OK)
++ return status;
++
++ /* Wait when all callbacks is received */
++ count = 0;
++ while(cesaIsReady == MV_FALSE)
++ {
++ mvOsSleep(10);
++ count++;
++ if(count > 100)
++ {
++ mvOsPrintf("testRun: Timeout occured\n");
++ return MV_TIMEOUT;
++ }
++ }
++
++ return MV_OK;
++}
++
++
++void cesaTestStop(void)
++{
++ MV_CESA_MBUF *pMbufSrc, *pMbufDst;
++ MV_BUF_INFO *pFragsSrc, *pFragsDst;
++ int i;
++
++ /* Release all allocated memories */
++ pMbufSrc = (MV_CESA_MBUF*)(cesaCmdRing[0].pSrc);
++ pFragsSrc = cesaCmdRing[0].pSrc->pFrags;
++
++ pMbufDst = (MV_CESA_MBUF*)(cesaCmdRing[0].pDst);
++ pFragsDst = cesaCmdRing[0].pDst->pFrags;
++
++ mvOsFree(pMbufSrc);
++ mvOsFree(pMbufDst);
++ mvOsFree(pFragsSrc);
++ mvOsFree(pFragsDst);
++
++ for(i=0; i<CESA_DEF_REQ_SIZE; i++)
++ {
++ mvOsIoCachedFree(cesaTestOSHandle,cesaReqBufs[i].bufSize,
++ cesaReqBufs[i].bufPhysAddr,cesaReqBufs[i].bufVirtPtr,
++ cesaReqBufs[i].memHandle);
++ }
++ cesaDataHexStr3[0] = '\0';
++}
++
++void desTest(int iter, int reqSize, int checkMode)
++{
++ int mode, i;
++ MV_STATUS status;
++
++ mode = checkMode;
++ if(checkMode == CESA_FULL_CHECK_MODE)
++ mode = CESA_FAST_CHECK_MODE;
++ i = iter;
++ if(mode != CESA_NULL_CHECK_MODE)
++ i = 1;
++
++ testOpen(0);
++ testOpen(1);
++ testOpen(2);
++ testOpen(3);
++
++/* DES / ECB mode / Encrypt only */
++ status = testRun(0, 1, iter, reqSize, checkMode);
++ printTestResults(0, status, checkMode);
++
++/* DES / ECB mode / Decrypt only */
++ status = testRun(1, 1, iter, reqSize, checkMode);
++ printTestResults(1, status, checkMode);
++
++/* DES / CBC mode / Encrypt only */
++ status = testRun(2, 2, i, reqSize, mode);
++ printTestResults(2, status, mode);
++
++/* DES / CBC mode / Decrypt only */
++ status = testRun(3, 2, iter, reqSize, mode);
++ printTestResults(3, status, mode);
++
++ testClose(0);
++ testClose(1);
++ testClose(2);
++ testClose(3);
++}
++
++void tripleDesTest(int iter, int reqSize, int checkMode)
++{
++ int mode, i;
++ MV_STATUS status;
++
++ mode = checkMode;
++ if(checkMode == CESA_FULL_CHECK_MODE)
++ mode = CESA_FAST_CHECK_MODE;
++ i = iter;
++ if(mode != CESA_NULL_CHECK_MODE)
++ i = 1;
++
++ testOpen(100);
++ testOpen(101);
++ testOpen(102);
++ testOpen(103);
++
++/* 3DES / ECB mode / Encrypt only */
++ status = testRun(100, 1, iter, reqSize, checkMode);
++ printTestResults(100, status, checkMode);
++
++/* 3DES / ECB mode / Decrypt only */
++ status = testRun(101, 1, iter, reqSize, checkMode);
++ printTestResults(101, status, checkMode);
++
++/* 3DES / CBC mode / Encrypt only */
++ status = testRun(102, 2, i, reqSize, mode);
++ printTestResults(102, status, mode);
++
++/* 3DES / CBC mode / Decrypt only */
++ status = testRun(103, 2, iter, reqSize, mode);
++ printTestResults(103, status, mode);
++
++ testClose(100);
++ testClose(101);
++ testClose(102);
++ testClose(103);
++}
++
++void aesTest(int iter, int reqSize, int checkMode)
++{
++ MV_STATUS status;
++ int mode, i;
++
++ mode = checkMode;
++ if(checkMode == CESA_FULL_CHECK_MODE)
++ mode = CESA_FAST_CHECK_MODE;
++
++ i = iter;
++ if(mode != CESA_NULL_CHECK_MODE)
++ i = 1;
++
++ testOpen(200);
++ testOpen(201);
++ testOpen(202);
++ testOpen(203);
++ testOpen(204);
++ testOpen(205);
++ testOpen(206);
++ testOpen(207);
++ testOpen(208);
++
++/* AES-128 Encode ECB mode */
++ status = testRun(200, 3, iter, reqSize, checkMode);
++ printTestResults(200, status, checkMode);
++
++/* AES-128 Decode ECB mode */
++ status = testRun(201, 3, iter, reqSize, checkMode);
++ printTestResults(201, status, checkMode);
++
++/* AES-128 Encode CBC mode (IV from SA) */
++ status = testRun(202, 10, i, reqSize, mode);
++ printTestResults(202, status, mode);
++
++/* AES-128 Encode CBC mode (IV from User) */
++ status = testRun(202, 24, i, reqSize, mode);
++ printTestResults(202, status, mode);
++
++/* AES-128 Decode CBC mode */
++ status = testRun(203, 24, iter, reqSize, mode);
++ printTestResults(203, status, checkMode);
++
++/* AES-192 Encode ECB mode */
++ status = testRun(204, 4, iter, reqSize, checkMode);
++ printTestResults(204, status, checkMode);
++
++/* AES-192 Decode ECB mode */
++ status = testRun(205, 4, iter, reqSize, checkMode);
++ printTestResults(205, status, checkMode);
++
++/* AES-256 Encode ECB mode */
++ status = testRun(206, 5, iter, reqSize, checkMode);
++ printTestResults(206, status, checkMode);
++
++/* AES-256 Decode ECB mode */
++ status = testRun(207, 5, iter, reqSize, checkMode);
++ printTestResults(207, status, checkMode);
++
++#if defined(MV_LINUX)
++/* AES-128 Encode CTR mode */
++ status = testRun(208, 23, iter, reqSize, mode);
++ printTestResults(208, status, checkMode);
++#endif
++ testClose(200);
++ testClose(201);
++ testClose(202);
++ testClose(203);
++ testClose(204);
++ testClose(205);
++ testClose(206);
++ testClose(207);
++ testClose(208);
++}
++
++
++void mdTest(int iter, int reqSize, int checkMode)
++{
++ int mode;
++ MV_STATUS status;
++
++ if(iter == 0)
++ iter = CESA_DEF_ITER_NUM;
++
++ mode = checkMode;
++ if(checkMode == CESA_FULL_CHECK_MODE)
++ mode = CESA_FAST_CHECK_MODE;
++
++ testOpen(300);
++ testOpen(301);
++ testOpen(302);
++ testOpen(303);
++ testOpen(305);
++
++/* HMAC-MD5 Generate signature test */
++ status = testRun(300, 6, iter, reqSize, mode);
++ printTestResults(300, status, checkMode);
++
++/* HMAC-MD5 Verify Signature test */
++ status = testRun(301, 7, iter, reqSize, mode);
++ printTestResults(301, status, checkMode);
++
++/* HMAC-MD5 Generate signature test */
++ status = testRun(302, 8, iter, reqSize, mode);
++ printTestResults(302, status, checkMode);
++
++/* HMAC-MD5 Verify Signature test */
++ status = testRun(303, 9, iter, reqSize, mode);
++ printTestResults(303, status, checkMode);
++
++/* HASH-MD5 Generate signature test */
++ status = testRun(305, 15, iter, reqSize, mode);
++ printTestResults(305, status, checkMode);
++
++ testClose(300);
++ testClose(301);
++ testClose(302);
++ testClose(303);
++ testClose(305);
++}
++
++void shaTest(int iter, int reqSize, int checkMode)
++{
++ int mode;
++ MV_STATUS status;
++
++ if(iter == 0)
++ iter = CESA_DEF_ITER_NUM;
++
++ mode = checkMode;
++ if(checkMode == CESA_FULL_CHECK_MODE)
++ mode = CESA_FAST_CHECK_MODE;
++
++ testOpen(400);
++ testOpen(401);
++ testOpen(402);
++ testOpen(403);
++ testOpen(405);
++
++/* HMAC-SHA1 Generate signature test */
++ status = testRun(400, 11, iter, reqSize, mode);
++ printTestResults(400, status, checkMode);
++
++/* HMAC-SHA1 Verify Signature test */
++ status = testRun(401, 12, iter, reqSize, mode);
++ printTestResults(401, status, checkMode);
++
++/* HMAC-SHA1 Generate signature test */
++ status = testRun(402, 13, iter, reqSize, mode);
++ printTestResults(402, status, checkMode);
++
++/* HMAC-SHA1 Verify Signature test */
++ status = testRun(403, 14, iter, reqSize, mode);
++ printTestResults(403, status, checkMode);
++
++/* HMAC-SHA1 Generate signature test */
++ status = testRun(405, 16, iter, reqSize, mode);
++ printTestResults(405, status, checkMode);
++
++ testClose(400);
++ testClose(401);
++ testClose(402);
++ testClose(403);
++ testClose(405);
++}
++
++void combiTest(int iter, int reqSize, int checkMode)
++{
++ MV_STATUS status;
++ int mode, i;
++
++ mode = checkMode;
++ if(checkMode == CESA_FULL_CHECK_MODE)
++ mode = CESA_FAST_CHECK_MODE;
++
++ if(iter == 0)
++ iter = CESA_DEF_ITER_NUM;
++
++ i = iter;
++ if(mode != CESA_NULL_CHECK_MODE)
++ i = 1;
++
++ testOpen(500);
++ testOpen(501);
++ testOpen(502);
++ testOpen(503);
++ testOpen(504);
++ testOpen(505);
++ testOpen(506);
++ testOpen(507);
++
++/* DES ECB + MD5 encode test */
++ status = testRun(500, 17, iter, reqSize, mode);
++ printTestResults(500, status, mode);
++
++/* DES ECB + SHA1 encode test */
++ status = testRun(501, 18, iter, reqSize, mode);
++ printTestResults(501, status, mode);
++
++/* 3DES ECB + MD5 encode test */
++ status = testRun(502, 17, iter, reqSize, mode);
++ printTestResults(502, status, mode);
++
++/* 3DES ECB + SHA1 encode test */
++ status = testRun(503, 18, iter, reqSize, mode);
++ printTestResults(503, status, mode);
++
++/* 3DES CBC + MD5 encode test */
++ status = testRun(504, 19, i, reqSize, mode);
++ printTestResults(504, status, mode);
++
++/* 3DES CBC + SHA1 encode test */
++ status = testRun(505, 20, i, reqSize, mode);
++ printTestResults(505, status, mode);
++
++/* AES-128 CBC + MD5 encode test */
++ status = testRun(506, 21, i, reqSize, mode);
++ printTestResults(506, status, mode);
++
++/* AES-128 CBC + SHA1 encode test */
++ status = testRun(507, 22, i, reqSize, mode);
++ printTestResults(507, status, mode);
++
++ testClose(500);
++ testClose(501);
++ testClose(502);
++ testClose(503);
++ testClose(504);
++ testClose(505);
++ testClose(506);
++ testClose(507);
++}
++
++void cesaOneTest(int testIdx, int caseIdx,
++ int iter, int reqSize, int checkMode)
++{
++ MV_STATUS status;
++
++ if(iter == 0)
++ iter = CESA_DEF_ITER_NUM;
++
++ mvOsPrintf("test=%d, case=%d, size=%d, iter=%d\n",
++ testIdx, caseIdx, reqSize, iter);
++
++ status = testOpen(testIdx);
++
++ status = testRun(testIdx, caseIdx, iter, reqSize, checkMode);
++ printTestResults(testIdx, status, checkMode);
++ status = testClose(testIdx);
++
++}
++
++void cesaTest(int iter, int reqSize, int checkMode)
++{
++ if(iter == 0)
++ iter = CESA_DEF_ITER_NUM;
++
++ mvOsPrintf("%d iteration\n", iter);
++ mvOsPrintf("%d size\n\n", reqSize);
++
++/* DES tests */
++ desTest(iter, reqSize, checkMode);
++
++/* 3DES tests */
++ tripleDesTest(iter, reqSize, checkMode);
++
++/* AES tests */
++ aesTest(iter, reqSize, checkMode);
++
++/* MD5 tests */
++ mdTest(iter, reqSize, checkMode);
++
++/* SHA-1 tests */
++ shaTest(iter, reqSize, checkMode);
++}
++
++void multiSizeTest(int idx, int iter, int checkMode, char* inputData)
++{
++ MV_STATUS status;
++ int i;
++ MV_CESA_SIZE_TEST* pMultiTest;
++
++ if( testOpen(idx) != MV_OK)
++ return;
++
++ if(iter == 0)
++ iter = CESA_DEF_ITER_NUM;
++
++ if(checkMode == CESA_SHOW_CHECK_MODE)
++ {
++ iter = 1;
++ }
++ else
++ checkMode = CESA_FULL_CHECK_MODE;
++
++ cesaTestCases[0].plainHexStr = inputData;
++ cesaTestCases[0].pCryptoIV = NULL;
++
++ switch(idx)
++ {
++ case 302:
++ pMultiTest = mdMultiSizeTest302;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = cesaDataHexStr3;
++ break;
++
++ case 304:
++ pMultiTest = mdMultiSizeTest304;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 305:
++ pMultiTest = mdMultiSizeTest305;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 402:
++ pMultiTest = shaMultiSizeTest402;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 404:
++ pMultiTest = shaMultiSizeTest404;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 405:
++ pMultiTest = shaMultiSizeTest405;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 502:
++ pMultiTest = tripleDesMdMultiSizeTest502;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 503:
++ pMultiTest = tripleDesShaMultiSizeTest503;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 504:
++ iter = 1;
++ pMultiTest = cbc3desMdMultiSizeTest504;
++ cesaTestCases[0].pCryptoIV = iv1;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 505:
++ iter = 1;
++ pMultiTest = cbc3desShaMultiSizeTest505;
++ cesaTestCases[0].pCryptoIV = iv1;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 506:
++ iter = 1;
++ pMultiTest = cbcAes128md5multiSizeTest506;
++ cesaTestCases[0].pCryptoIV = iv5;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ case 507:
++ iter = 1;
++ pMultiTest = cbcAes128sha1multiSizeTest507;
++ cesaTestCases[0].pCryptoIV = iv5;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ break;
++
++ default:
++ iter = 1;
++ checkMode = CESA_SHOW_CHECK_MODE;
++ pMultiTest = mdMultiSizeTest302;
++ if(inputData == NULL)
++ cesaTestCases[0].plainHexStr = hashHexStr80;
++ }
++ i = 0;
++ while(pMultiTest[i].outputHexStr != NULL)
++ {
++ cesaTestCases[0].cipherHexStr = (char *)pMultiTest[i].outputHexStr;
++ status = testRun(idx, 0, iter, pMultiTest[i].size,
++ checkMode);
++ if(checkMode != CESA_SHOW_CHECK_MODE)
++ {
++ cesaReqSize = pMultiTest[i].size;
++ printTestResults(idx, status, checkMode);
++ }
++ if(status != MV_OK)
++ break;
++ i++;
++ }
++ testClose(idx);
++/*
++ mvCesaDebugStatus();
++ cesaTestPrintStatus();
++*/
++}
++
++void open_session_test(int idx, int caseIdx, int iter)
++{
++ int reqIdError, cryptoError, openErrors, i;
++ int openErrDisp[100];
++ MV_STATUS status;
++
++ memset(openErrDisp, 0, sizeof(openErrDisp));
++ openErrors = 0;
++ reqIdError = 0;
++ cryptoError = 0;
++ for(i=0; i<iter; i++)
++ {
++ status = testOpen(idx);
++ if(status != MV_OK)
++ {
++ openErrors++;
++ openErrDisp[status]++;
++ }
++ else
++ {
++ testRun(idx, caseIdx, 1, 0, CESA_FAST_CHECK_MODE);
++ if(cesaCryptoError > 0)
++ cryptoError++;
++ if(cesaReqIdError > 0)
++ reqIdError++;
++
++ testClose(idx);
++ }
++ }
++ if(cryptoError > 0)
++ mvOsPrintf("cryptoError : %d\n", cryptoError);
++ if(reqIdError > 0)
++ mvOsPrintf("reqIdError : %d\n", reqIdError);
++
++ if(openErrors > 0)
++ {
++ mvOsPrintf("Open Errors = %d\n", openErrors);
++ for(i=0; i<100; i++)
++ {
++ if(openErrDisp[i] != 0)
++ mvOsPrintf("Error %d - occurs %d times\n", i, openErrDisp[i]);
++ }
++ }
++}
++
++
++void loopback_test(int idx, int iter, int size, char* pPlainData)
++{
++}
++
++
++#if defined(MV_VXWORKS)
++int testMode = 0;
++unsigned __TASKCONV cesaTask(void* args)
++{
++ int reqSize = cesaReqSize;
++
++ if(testMode == 0)
++ {
++ cesaOneTest(cesaTestIdx, cesaCaseIdx, cesaIteration,
++ reqSize, cesaCheckMode);
++ }
++ else
++ {
++ if(testMode == 1)
++ {
++ cesaTest(cesaIteration, reqSize, cesaCheckMode);
++ combiTest(cesaIteration, reqSize, cesaCheckMode);
++ }
++ else
++ {
++ multiSizeTest(cesaIdx, cesaIteration, cesaCheckMode, NULL);
++ }
++ }
++ return 0;
++}
++
++void oneTest(int testIdx, int caseIdx,
++ int iter, int reqSize, int checkMode)
++{
++ long rc;
++
++ cesaIteration = iter;
++ cesaReqSize = cesaRateSize = reqSize;
++ cesaCheckMode = checkMode;
++ testMode = 0;
++ cesaTestIdx = testIdx;
++ cesaCaseIdx = caseIdx;
++ rc = mvOsTaskCreate("CESA_T", 100, 4*1024, cesaTask, NULL, &cesaTaskId);
++ if (rc != MV_OK)
++ {
++ mvOsPrintf("hMW: Can't create CESA multiCmd test task, rc = %ld\n", rc);
++ }
++}
++
++void multiTest(int iter, int reqSize, int checkMode)
++{
++ long rc;
++
++ cesaIteration = iter;
++ cesaCheckMode = checkMode;
++ cesaReqSize = reqSize;
++ testMode = 1;
++ rc = mvOsTaskCreate("CESA_T", 100, 4*1024, cesaTask, NULL, &cesaTaskId);
++ if (rc != MV_OK)
++ {
++ mvOsPrintf("hMW: Can't create CESA multiCmd test task, rc = %ld\n", rc);
++ }
++}
++
++void sizeTest(int testIdx, int iter, int checkMode)
++{
++ long rc;
++
++ cesaIteration = iter;
++ cesaCheckMode = checkMode;
++ testMode = 2;
++ cesaIdx = testIdx;
++ rc = mvOsTaskCreate("CESA_T", 100, 4*1024, cesaTask, NULL, &cesaTaskId);
++ if (rc != MV_OK)
++ {
++ mvOsPrintf("hMW: Can't create CESA test task, rc = %ld\n", rc);
++ }
++}
++
++#endif /* MV_VXWORKS */
++
++extern void mvCesaDebugSA(short sid, int mode);
++void cesaTestPrintSession(int idx)
++{
++ int testIdx;
++ MV_CESA_TEST_SESSION* pTestSession;
++
++ pTestSession = getTestSessionDb(idx, &testIdx);
++ if(pTestSession == NULL)
++ {
++ mvOsPrintf("Test %d is not exist\n", idx);
++ return;
++ }
++ pTestSession = &pTestSession[testIdx];
++
++ if(pTestSession->sid == -1)
++ {
++ mvOsPrintf("Test session %d is not opened\n", idx);
++ return;
++ }
++
++ mvCesaDebugSA(pTestSession->sid, 1);
++}
++
++void cesaTestPrintStatus(void)
++{
++ mvOsPrintf("\n\t Cesa Test Status\n\n");
++
++ mvOsPrintf("isrCount=%d\n",
++ cesaTestIsrCount);
++
++#ifdef CESA_TEST_DEBUG
++ {
++ int i, j;
++ j = cesaTestTraceIdx;
++ mvOsPrintf("No Type Cause rCause iCause Res Time pReady pProc pEmpty\n");
++ for(i=0; i<MV_CESA_TEST_TRACE_SIZE; i++)
++ {
++ mvOsPrintf("%02d. %d 0x%04x 0x%04x 0x%04x 0x%02x 0x%02x %02d 0x%06x %p %p %p\n",
++ j, cesaTestTrace[j].type, cesaTestTrace[j].cause, cesaTestTrace[j].realCause,
++ cesaTestTrace[j].dmaCause, cesaTestTrace[j].resources, cesaTestTrace[j].timeStamp,
++ cesaTestTrace[j].pReqReady, cesaTestTrace[j].pReqProcess, cesaTestTrace[j].pReqEmpty);
++ j++;
++ if(j == MV_CESA_TEST_TRACE_SIZE)
++ j = 0;
++ }
++ }
++#endif /* CESA_TEST_DEBUG */
++}
+diff --git a/crypto/ocf/kirkwood/cesa/mvLru.c b/crypto/ocf/kirkwood/cesa/mvLru.c
+new file mode 100644
+index 0000000..9ab29a8
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvLru.c
+@@ -0,0 +1,158 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++#include "mvOs.h"
++#include "mvLru.h"
++/* LRU Cache support */
++
++
++/* Init LRU cache database */
++MV_LRU_CACHE* mvLruCacheInit(int numOfEntries)
++{
++ int i;
++ MV_LRU_CACHE* pLruCache;
++
++ pLruCache = mvOsMalloc(sizeof(MV_LRU_CACHE));
++ if(pLruCache == NULL)
++ {
++ return NULL;
++ }
++ memset(pLruCache, 0, sizeof(MV_LRU_CACHE));
++
++ pLruCache->table = mvOsMalloc(numOfEntries*sizeof(MV_LRU_ENTRY));
++ if(pLruCache->table == NULL)
++ {
++ mvOsFree(pLruCache);
++ return NULL;
++ }
++ memset(pLruCache->table, 0, numOfEntries*sizeof(MV_LRU_ENTRY));
++ pLruCache->tableSize = numOfEntries;
++
++ for(i=0; i<numOfEntries; i++)
++ {
++ pLruCache->table[i].next = i+1;
++ pLruCache->table[i].prev = i-1;
++ }
++ pLruCache->least = 0;
++ pLruCache->most = numOfEntries-1;
++
++ return pLruCache;
++}
++
++void mvLruCacheFinish(MV_LRU_CACHE* pLruCache)
++{
++ mvOsFree(pLruCache->table);
++ mvOsFree(pLruCache);
++}
++
++/* Update LRU cache database after using cache Index */
++void mvLruCacheIdxUpdate(MV_LRU_CACHE* pLruHndl, int cacheIdx)
++{
++ int prev, next;
++
++ if(cacheIdx == pLruHndl->most)
++ return;
++
++ next = pLruHndl->table[cacheIdx].next;
++ if(cacheIdx == pLruHndl->least)
++ {
++ pLruHndl->least = next;
++ }
++ else
++ {
++ prev = pLruHndl->table[cacheIdx].prev;
++
++ pLruHndl->table[next].prev = prev;
++ pLruHndl->table[prev].next = next;
++ }
++
++ pLruHndl->table[pLruHndl->most].next = cacheIdx;
++ pLruHndl->table[cacheIdx].prev = pLruHndl->most;
++ pLruHndl->most = cacheIdx;
++}
++
++/* Delete LRU cache entry */
++void mvLruCacheIdxDelete(MV_LRU_CACHE* pLruHndl, int cacheIdx)
++{
++ int prev, next;
++
++ if(cacheIdx == pLruHndl->least)
++ return;
++
++ prev = pLruHndl->table[cacheIdx].prev;
++ if(cacheIdx == pLruHndl->most)
++ {
++ pLruHndl->most = prev;
++ }
++ else
++ {
++ next = pLruHndl->table[cacheIdx].next;
++
++ pLruHndl->table[next].prev = prev;
++ pLruHndl->table[prev].next = next;
++ }
++ pLruHndl->table[pLruHndl->least].prev = cacheIdx;
++ pLruHndl->table[cacheIdx].next = pLruHndl->least;
++ pLruHndl->least = cacheIdx;
++}
+diff --git a/crypto/ocf/kirkwood/cesa/mvLru.h b/crypto/ocf/kirkwood/cesa/mvLru.h
+new file mode 100644
+index 0000000..896e7f8
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvLru.h
+@@ -0,0 +1,112 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++/*******************************************************************************
++* mvLru.h - Header File for Least Recently Used Cache algorithm
++*
++* DESCRIPTION:
++* This header file contains macros typedefs and function declaration for
++* the Least Recently Used Cache algorithm.
++*
++*******************************************************************************/
++
++#ifndef __mvLru_h__
++#define __mvLru_h__
++
++
++typedef struct
++{
++ int next;
++ int prev;
++} MV_LRU_ENTRY;
++
++typedef struct
++{
++ int least;
++ int most;
++ MV_LRU_ENTRY* table;
++ int tableSize;
++
++}MV_LRU_CACHE;
++
++
++/* Find Cache index for replacement LRU */
++static INLINE int mvLruCacheIdxFind(MV_LRU_CACHE* pLruHndl)
++{
++ return pLruHndl->least;
++}
++
++/* Init LRU cache module */
++MV_LRU_CACHE* mvLruCacheInit(int numOfEntries);
++
++/* Finish LRU cache module */
++void mvLruCacheFinish(MV_LRU_CACHE* pLruHndl);
++
++/* Update LRU cache database after using cache Index */
++void mvLruCacheIdxUpdate(MV_LRU_CACHE* pLruHndl, int cacheIdx);
++
++/* Delete LRU cache entry */
++void mvLruCacheIdxDelete(MV_LRU_CACHE* pLruHndl, int cacheIdx);
++
++
++#endif /* __mvLru_h__ */
+diff --git a/crypto/ocf/kirkwood/cesa/mvMD5.c b/crypto/ocf/kirkwood/cesa/mvMD5.c
+new file mode 100644
+index 0000000..189f629
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvMD5.c
+@@ -0,0 +1,349 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++#include "mvOs.h"
++#include "mvMD5.h"
++
++static void mvMD5Transform(MV_U32 buf[4], MV_U32 const in[MV_MD5_MAC_LEN]);
++
++#ifdef MV_CPU_LE
++#define mvByteReverse(buf, len) /* Nothing */
++#else
++static void mvByteReverse(unsigned char *buf, unsigned longs);
++
++/*
++ * Note: this code is harmless on little-endian machines.
++ */
++static void mvByteReverse(unsigned char *buf, unsigned longs)
++{
++ MV_U32 t;
++
++ do
++ {
++ t = (MV_U32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
++ ((unsigned) buf[1] << 8 | buf[0]);
++ *(MV_U32 *) buf = t;
++ buf += 4;
++ } while (--longs);
++}
++#endif
++
++/*
++ * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
++ * initialization constants.
++ */
++void mvMD5Init(MV_MD5_CONTEXT *ctx)
++{
++ ctx->buf[0] = 0x67452301;
++ ctx->buf[1] = 0xefcdab89;
++ ctx->buf[2] = 0x98badcfe;
++ ctx->buf[3] = 0x10325476;
++
++ ctx->bits[0] = 0;
++ ctx->bits[1] = 0;
++}
++
++/*
++ * Update context to reflect the concatenation of another buffer full
++ * of bytes.
++ */
++void mvMD5Update(MV_MD5_CONTEXT *ctx, unsigned char const *buf, unsigned len)
++{
++ MV_U32 t;
++
++ /* Update bitcount */
++
++ t = ctx->bits[0];
++ if ((ctx->bits[0] = t + ((MV_U32) len << 3)) < t)
++ ctx->bits[1]++; /* Carry from low to high */
++ ctx->bits[1] += len >> 29;
++
++ t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */
++
++ /* Handle any leading odd-sized chunks */
++
++ if (t)
++ {
++ unsigned char *p = (unsigned char *) ctx->in + t;
++
++ t = 64 - t;
++ if (len < t)
++ {
++ memcpy(p, buf, len);
++ return;
++ }
++ memcpy(p, buf, t);
++ mvByteReverse(ctx->in, MV_MD5_MAC_LEN);
++ mvMD5Transform(ctx->buf, (MV_U32 *) ctx->in);
++ buf += t;
++ len -= t;
++ }
++ /* Process data in 64-byte chunks */
++
++ while (len >= 64)
++ {
++ memcpy(ctx->in, buf, 64);
++ mvByteReverse(ctx->in, MV_MD5_MAC_LEN);
++ mvMD5Transform(ctx->buf, (MV_U32 *) ctx->in);
++ buf += 64;
++ len -= 64;
++ }
++
++ /* Handle any remaining bytes of data. */
++
++ memcpy(ctx->in, buf, len);
++}
++
++/*
++ * Final wrapup - pad to 64-byte boundary with the bit pattern
++ * 1 0* (64-bit count of bits processed, MSB-first)
++ */
++void mvMD5Final(unsigned char digest[MV_MD5_MAC_LEN], MV_MD5_CONTEXT *ctx)
++{
++ unsigned count;
++ unsigned char *p;
++
++ /* Compute number of bytes mod 64 */
++ count = (ctx->bits[0] >> 3) & 0x3F;
++
++ /* Set the first char of padding to 0x80. This is safe since there is
++ always at least one byte free */
++ p = ctx->in + count;
++ *p++ = 0x80;
++
++ /* Bytes of padding needed to make 64 bytes */
++ count = 64 - 1 - count;
++
++ /* Pad out to 56 mod 64 */
++ if (count < 8)
++ {
++ /* Two lots of padding: Pad the first block to 64 bytes */
++ memset(p, 0, count);
++ mvByteReverse(ctx->in, MV_MD5_MAC_LEN);
++ mvMD5Transform(ctx->buf, (MV_U32 *) ctx->in);
++
++ /* Now fill the next block with 56 bytes */
++ memset(ctx->in, 0, 56);
++ }
++ else
++ {
++ /* Pad block to 56 bytes */
++ memset(p, 0, count - 8);
++ }
++ mvByteReverse(ctx->in, 14);
++
++ /* Append length in bits and transform */
++ ((MV_U32 *) ctx->in)[14] = ctx->bits[0];
++ ((MV_U32 *) ctx->in)[15] = ctx->bits[1];
++
++ mvMD5Transform(ctx->buf, (MV_U32 *) ctx->in);
++ mvByteReverse((unsigned char *) ctx->buf, 4);
++ memcpy(digest, ctx->buf, MV_MD5_MAC_LEN);
++ memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
++}
++
++/* The four core functions - F1 is optimized somewhat */
++
++/* #define F1(x, y, z) (x & y | ~x & z) */
++#define F1(x, y, z) (z ^ (x & (y ^ z)))
++#define F2(x, y, z) F1(z, x, y)
++#define F3(x, y, z) (x ^ y ^ z)
++#define F4(x, y, z) (y ^ (x | ~z))
++
++/* This is the central step in the MD5 algorithm. */
++#define MD5STEP(f, w, x, y, z, data, s) \
++ ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
++
++/*
++ * The core of the MD5 algorithm, this alters an existing MD5 hash to
++ * reflect the addition of 16 longwords of new data. MD5Update blocks
++ * the data and converts bytes into longwords for this routine.
++ */
++static void mvMD5Transform(MV_U32 buf[4], MV_U32 const in[MV_MD5_MAC_LEN])
++{
++ register MV_U32 a, b, c, d;
++
++ a = buf[0];
++ b = buf[1];
++ c = buf[2];
++ d = buf[3];
++
++ MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
++ MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
++ MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
++ MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
++ MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
++ MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
++ MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
++ MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
++ MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
++ MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
++ MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
++ MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
++ MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
++ MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
++ MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
++ MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
++
++ MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
++ MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
++ MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
++ MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
++ MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
++ MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
++ MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
++ MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
++ MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
++ MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
++ MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
++ MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
++ MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
++ MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
++ MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
++ MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
++
++ MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
++ MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
++ MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
++ MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
++ MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
++ MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
++ MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
++ MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
++ MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
++ MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
++ MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
++ MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
++ MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
++ MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
++ MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
++ MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
++
++ MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
++ MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
++ MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
++ MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
++ MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
++ MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
++ MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
++ MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
++ MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
++ MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
++ MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
++ MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
++ MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
++ MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
++ MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
++ MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
++
++ buf[0] += a;
++ buf[1] += b;
++ buf[2] += c;
++ buf[3] += d;
++}
++
++void mvMD5(unsigned char const *buf, unsigned len, unsigned char* digest)
++{
++ MV_MD5_CONTEXT ctx;
++
++ mvMD5Init(&ctx);
++ mvMD5Update(&ctx, buf, len);
++ mvMD5Final(digest, &ctx);
++}
++
++
++void mvHmacMd5(unsigned char const* text, int text_len,
++ unsigned char const* key, int key_len,
++ unsigned char* digest)
++{
++ int i;
++ MV_MD5_CONTEXT ctx;
++ unsigned char k_ipad[64+1]; /* inner padding - key XORd with ipad */
++ unsigned char k_opad[64+1]; /* outer padding - key XORd with opad */
++
++ /* start out by storing key in pads */
++ memset(k_ipad, 0, 64);
++ memcpy(k_ipad, key, key_len);
++ memset(k_opad, 0, 64);
++ memcpy(k_opad, key, key_len);
++
++ /* XOR key with ipad and opad values */
++ for (i=0; i<64; i++)
++ {
++ k_ipad[i] ^= 0x36;
++ k_opad[i] ^= 0x5c;
++ }
++
++ /* perform inner MD5 */
++ mvMD5Init(&ctx); /* init ctx for 1st pass */
++ mvMD5Update(&ctx, k_ipad, 64); /* start with inner pad */
++ mvMD5Update(&ctx, text, text_len); /* then text of datagram */
++ mvMD5Final(digest, &ctx); /* finish up 1st pass */
++
++ /* perform outer MD5 */
++ mvMD5Init(&ctx); /* init ctx for 2nd pass */
++ mvMD5Update(&ctx, k_opad, 64); /* start with outer pad */
++ mvMD5Update(&ctx, digest, 16); /* then results of 1st hash */
++ mvMD5Final(digest, &ctx); /* finish up 2nd pass */
++}
+diff --git a/crypto/ocf/kirkwood/cesa/mvMD5.h b/crypto/ocf/kirkwood/cesa/mvMD5.h
+new file mode 100644
+index 0000000..d05c6b6
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvMD5.h
+@@ -0,0 +1,93 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++#ifndef __mvMD5_h__
++#define __mvMD5_h__
++
++#include "mvMD5.h"
++
++#define MV_MD5_MAC_LEN 16
++
++
++typedef struct
++{
++ MV_U32 buf[4];
++ MV_U32 bits[2];
++ MV_U8 in[64];
++
++} MV_MD5_CONTEXT;
++
++void mvMD5Init(MV_MD5_CONTEXT *context);
++void mvMD5Update(MV_MD5_CONTEXT *context, unsigned char const *buf,
++ unsigned len);
++void mvMD5Final(unsigned char digest[16], MV_MD5_CONTEXT *context);
++
++void mvMD5(unsigned char const *buf, unsigned len, unsigned char* digest);
++
++void mvHmacMd5(unsigned char const* text, int text_len,
++ unsigned char const* key, int key_len,
++ unsigned char* digest);
++
++
++#endif /* __mvMD5_h__ */
+diff --git a/crypto/ocf/kirkwood/cesa/mvSHA1.c b/crypto/ocf/kirkwood/cesa/mvSHA1.c
+new file mode 100644
+index 0000000..0e0786b
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvSHA1.c
+@@ -0,0 +1,239 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++#include "mvOs.h"
++#include "mvSHA1.h"
++
++#define SHA1HANDSOFF
++
++typedef union
++{
++ MV_U8 c[64];
++ MV_U32 l[16];
++
++} CHAR64LONG16;
++
++static void mvSHA1Transform(MV_U32 state[5], const MV_U8 *buffer);
++
++#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
++
++
++#ifdef MV_CPU_LE
++#define blk0(i) (block->l[i] = (rol(block->l[i], 24) & 0xFF00FF00) | \
++ (rol(block->l[i], 8) & 0x00FF00FF))
++#else
++#define blk0(i) block->l[i]
++#endif
++#define blk(i) (block->l[i & 15] = rol(block->l[(i + 13) & 15] ^ \
++ block->l[(i + 8) & 15] ^ block->l[(i + 2) & 15] ^ block->l[i & 15], 1))
++
++/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
++#define R0(v,w,x,y,z,i) \
++ z += ((w & (x ^ y)) ^ y) + blk0(i) + 0x5A827999 + rol(v, 5); \
++ w = rol(w, 30);
++#define R1(v,w,x,y,z,i) \
++ z += ((w & (x ^ y)) ^ y) + blk(i) + 0x5A827999 + rol(v, 5); \
++ w = rol(w, 30);
++#define R2(v,w,x,y,z,i) \
++ z += (w ^ x ^ y) + blk(i) + 0x6ED9EBA1 + rol(v, 5); w = rol(w, 30);
++#define R3(v,w,x,y,z,i) \
++ z += (((w | x) & y) | (w & x)) + blk(i) + 0x8F1BBCDC + rol(v, 5); \
++ w = rol(w, 30);
++#define R4(v,w,x,y,z,i) \
++ z += (w ^ x ^ y) + blk(i) + 0xCA62C1D6 + rol(v, 5); \
++ w=rol(w, 30);
++
++/* Hash a single 512-bit block. This is the core of the algorithm. */
++static void mvSHA1Transform(MV_U32 state[5], const MV_U8 *buffer)
++{
++ MV_U32 a, b, c, d, e;
++ CHAR64LONG16* block;
++
++#ifdef SHA1HANDSOFF
++ static MV_U32 workspace[16];
++
++ block = (CHAR64LONG16 *) workspace;
++ memcpy(block, buffer, 64);
++#else
++ block = (CHAR64LONG16 *) buffer;
++#endif
++ /* Copy context->state[] to working vars */
++ a = state[0];
++ b = state[1];
++ c = state[2];
++ d = state[3];
++ e = state[4];
++ /* 4 rounds of 20 operations each. Loop unrolled. */
++ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
++ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
++ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
++ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
++ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
++ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
++ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
++ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
++ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
++ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
++ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
++ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
++ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
++ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
++ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
++ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
++ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
++ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
++ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
++ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
++ /* Add the working vars back into context.state[] */
++ state[0] += a;
++ state[1] += b;
++ state[2] += c;
++ state[3] += d;
++ state[4] += e;
++ /* Wipe variables */
++ a = b = c = d = e = 0;
++}
++
++void mvSHA1Init(MV_SHA1_CTX* context)
++{
++ /* SHA1 initialization constants */
++ context->state[0] = 0x67452301;
++ context->state[1] = 0xEFCDAB89;
++ context->state[2] = 0x98BADCFE;
++ context->state[3] = 0x10325476;
++ context->state[4] = 0xC3D2E1F0;
++ context->count[0] = context->count[1] = 0;
++}
++
++
++/* Run your data through this. */
++void mvSHA1Update(MV_SHA1_CTX *context, MV_U8 const *data,
++ unsigned int len)
++{
++ MV_U32 i, j;
++
++ j = (context->count[0] >> 3) & 63;
++ if ((context->count[0] += len << 3) < (len << 3))
++ context->count[1]++;
++ context->count[1] += (len >> 29);
++ if ((j + len) > 63)
++ {
++ memcpy(&context->buffer[j], data, (i = 64-j));
++ mvSHA1Transform(context->state, context->buffer);
++ for ( ; i + 63 < len; i += 64)
++ {
++ mvSHA1Transform(context->state, &data[i]);
++ }
++ j = 0;
++ }
++ else
++ {
++ i = 0;
++ }
++ memcpy(&context->buffer[j], &data[i], len - i);
++}
++
++void mvSHA1Final(MV_U8* digest, MV_SHA1_CTX* context)
++{
++ MV_U32 i;
++ MV_U8 finalcount[8];
++
++ for (i = 0; i < 8; i++)
++ {
++ finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] >>
++ ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
++ }
++ mvSHA1Update(context, (const unsigned char *) "\200", 1);
++ while ((context->count[0] & 504) != 448)
++ {
++ mvSHA1Update(context, (const unsigned char *) "\0", 1);
++ }
++ mvSHA1Update(context, finalcount, 8); /* Should cause a mvSHA1Transform()
++ */
++ for (i = 0; i < 20; i++)
++ {
++ digest[i] = (unsigned char)
++ ((context->state[i >> 2] >> ((3 - (i & 3)) * 8)) & 255);
++ }
++ /* Wipe variables */
++ i = 0;
++ memset(context->buffer, 0, 64);
++ memset(context->state, 0, 20);
++ memset(context->count, 0, 8);
++ memset(finalcount, 0, 8);
++
++#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */
++ mvSHA1Transform(context->state, context->buffer);
++#endif
++}
++
++
++void mvSHA1(MV_U8 const *buf, unsigned int len, MV_U8* digest)
++{
++ MV_SHA1_CTX ctx;
++
++ mvSHA1Init(&ctx);
++ mvSHA1Update(&ctx, buf, len);
++ mvSHA1Final(digest, &ctx);
++}
+diff --git a/crypto/ocf/kirkwood/cesa/mvSHA1.h b/crypto/ocf/kirkwood/cesa/mvSHA1.h
+new file mode 100644
+index 0000000..17df9fc
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa/mvSHA1.h
+@@ -0,0 +1,88 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++********************************************************************************
++Marvell Commercial License Option
++
++If you received this File from Marvell and you have entered into a commercial
++license agreement (a "Commercial License") with Marvell, the File is licensed
++to you under the terms of the applicable Commercial License.
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++********************************************************************************
++Marvell BSD License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File under the following licensing terms.
++Redistribution and use in source and binary forms, with or without modification,
++are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of Marvell nor the names of its contributors may be
++ used to endorse or promote products derived from this software without
++ specific prior written permission.
++
++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
++ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
++ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
++ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++*******************************************************************************/
++
++#ifndef __mvSHA1_h__
++#define __mvSHA1_h__
++
++#include "mvSHA1.h"
++
++#define MV_SHA1_MAC_LEN 20
++
++
++typedef struct
++{
++ MV_U32 state[5];
++ MV_U32 count[2];
++ MV_U8 buffer[64];
++
++} MV_SHA1_CTX;
++
++void mvSHA1Init(MV_SHA1_CTX *context);
++void mvSHA1Update(MV_SHA1_CTX *context, MV_U8 const *buf, unsigned int len);
++void mvSHA1Final(MV_U8* digest, MV_SHA1_CTX *context);
++
++void mvSHA1(MV_U8 const *buf, unsigned int len, MV_U8* digest);
++
++
++#endif /* __mvSHA1_h__ */
+diff --git a/crypto/ocf/kirkwood/cesa_ocf_drv.c b/crypto/ocf/kirkwood/cesa_ocf_drv.c
+new file mode 100644
+index 0000000..ccf9227
+--- /dev/null
++++ b/crypto/ocf/kirkwood/cesa_ocf_drv.c
+@@ -0,0 +1,1296 @@
++/*******************************************************************************
++Copyright (C) Marvell International Ltd. and its affiliates
++
++This software file (the "File") is owned and distributed by Marvell
++International Ltd. and/or its affiliates ("Marvell") under the following
++alternative licensing terms. Once you have made an election to distribute the
++File under one of the following license alternatives, please (i) delete this
++introductory statement regarding license alternatives, (ii) delete the two
++license alternatives that you have not elected to use and (iii) preserve the
++Marvell copyright notice above.
++
++
++********************************************************************************
++Marvell GPL License Option
++
++If you received this File from Marvell, you may opt to use, redistribute and/or
++modify this File in accordance with the terms and conditions of the General
++Public License Version 2, June 1991 (the "GPL License"), a copy of which is
++available along with the File in the license.txt file or by writing to the Free
++Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 or
++on the worldwide web at http://www.gnu.org/licenses/gpl.txt.
++
++THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE IMPLIED
++WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY
++DISCLAIMED. The GPL License provides additional details about this warranty
++disclaimer.
++*******************************************************************************/
++
++#ifndef AUTOCONF_INCLUDED
++#include <linux/config.h>
++#endif
++#include <linux/module.h>
++#include <linux/init.h>
++#include <linux/list.h>
++#include <linux/slab.h>
++#include <linux/sched.h>
++#include <linux/wait.h>
++#include <linux/crypto.h>
++#include <linux/mm.h>
++#include <linux/skbuff.h>
++#include <linux/random.h>
++#include <linux/platform_device.h>
++#include <asm/scatterlist.h>
++#include <linux/spinlock.h>
++#include "ctrlEnv/sys/mvSysCesa.h"
++#include "cesa/mvCesa.h" /* moved here before cryptodev.h due to include dependencies */
++#include <cryptodev.h>
++#include <uio.h>
++#include <plat/mv_cesa.h>
++#include <linux/mbus.h>
++#include "mvDebug.h"
++
++#include "cesa/mvMD5.h"
++#include "cesa/mvSHA1.h"
++
++#include "cesa/mvCesaRegs.h"
++#include "cesa/AES/mvAes.h"
++#include "cesa/mvLru.h"
++
++#undef RT_DEBUG
++#ifdef RT_DEBUG
++static int debug = 1;
++module_param(debug, int, 1);
++MODULE_PARM_DESC(debug, "Enable debug");
++#undef dprintk
++#define dprintk(a...) if (debug) { printk(a); } else
++#else
++static int debug = 0;
++#undef dprintk
++#define dprintk(a...)
++#endif
++
++
++/* TDMA Regs */
++#define WINDOW_BASE(i) 0xA00 + (i << 3)
++#define WINDOW_CTRL(i) 0xA04 + (i << 3)
++
++/* interrupt handling */
++#undef CESA_OCF_POLLING
++#undef CESA_OCF_TASKLET
++
++#if defined(CESA_OCF_POLLING) && defined(CESA_OCF_TASKLET)
++#error "don't use both tasklet and polling mode"
++#endif
++
++extern int cesaReqResources;
++/* support for spliting action into 2 actions */
++#define CESA_OCF_SPLIT
++
++/* general defines */
++#define CESA_OCF_MAX_SES 128
++#define CESA_Q_SIZE 64
++
++
++/* data structures */
++struct cesa_ocf_data {
++ int cipher_alg;
++ int auth_alg;
++ int encrypt_tn_auth;
++#define auth_tn_decrypt encrypt_tn_auth
++ int ivlen;
++ int digestlen;
++ short sid_encrypt;
++ short sid_decrypt;
++ /* fragment workaround sessions */
++ short frag_wa_encrypt;
++ short frag_wa_decrypt;
++ short frag_wa_auth;
++};
++
++/* CESA device data */
++struct cesa_dev {
++ void __iomem *sram;
++ void __iomem *reg;
++ struct mv_cesa_platform_data *plat_data;
++ int irq;
++};
++
++#define DIGEST_BUF_SIZE 32
++struct cesa_ocf_process {
++ MV_CESA_COMMAND cesa_cmd;
++ MV_CESA_MBUF cesa_mbuf;
++ MV_BUF_INFO cesa_bufs[MV_CESA_MAX_MBUF_FRAGS];
++ char digest[DIGEST_BUF_SIZE];
++ int digest_len;
++ struct cryptop *crp;
++ int need_cb;
++};
++
++/* global variables */
++static int32_t cesa_ocf_id = -1;
++static struct cesa_ocf_data *cesa_ocf_sessions[CESA_OCF_MAX_SES];
++static spinlock_t cesa_lock;
++static struct cesa_dev cesa_device;
++
++/* static APIs */
++static int cesa_ocf_process (device_t, struct cryptop *, int);
++static int cesa_ocf_newsession (device_t, u_int32_t *, struct cryptoini *);
++static int cesa_ocf_freesession (device_t, u_int64_t);
++static void cesa_callback (unsigned long);
++static irqreturn_t cesa_interrupt_handler (int, void *);
++#ifdef CESA_OCF_POLLING
++static void cesa_interrupt_polling(void);
++#endif
++#ifdef CESA_OCF_TASKLET
++static struct tasklet_struct cesa_ocf_tasklet;
++#endif
++
++static struct timeval tt_start;
++static struct timeval tt_end;
++
++/*
++ * dummy device structure
++ */
++
++static struct {
++ softc_device_decl sc_dev;
++} mv_cesa_dev;
++
++static device_method_t mv_cesa_methods = {
++ /* crypto device methods */
++ DEVMETHOD(cryptodev_newsession, cesa_ocf_newsession),
++ DEVMETHOD(cryptodev_freesession,cesa_ocf_freesession),
++ DEVMETHOD(cryptodev_process, cesa_ocf_process),
++ DEVMETHOD(cryptodev_kprocess, NULL),
++};
++
++
++
++/* Add debug Trace */
++#undef CESA_OCF_TRACE_DEBUG
++#ifdef CESA_OCF_TRACE_DEBUG
++
++#define MV_CESA_USE_TIMER_ID 0
++
++typedef struct
++{
++ int type; /* 0 - isrEmpty, 1 - cesaReadyGet, 2 - cesaAction */
++ MV_U32 timeStamp;
++ MV_U32 cause;
++ MV_U32 realCause;
++ MV_U32 dmaCause;
++ int resources;
++ MV_CESA_REQ* pReqReady;
++ MV_CESA_REQ* pReqEmpty;
++ MV_CESA_REQ* pReqProcess;
++} MV_CESA_TEST_TRACE;
++
++#define MV_CESA_TEST_TRACE_SIZE 50
++
++static int cesaTestTraceIdx = 0;
++static MV_CESA_TEST_TRACE cesaTestTrace[MV_CESA_TEST_TRACE_SIZE];
++
++static void cesaTestTraceAdd(int type)
++{
++ cesaTestTrace[cesaTestTraceIdx].type = type;
++ cesaTestTrace[cesaTestTraceIdx].realCause = MV_REG_READ(MV_CESA_ISR_CAUSE_REG);
++ //cesaTestTrace[cesaTestTraceIdx].idmaCause = MV_REG_READ(IDMA_CAUSE_REG);
++ cesaTestTrace[cesaTestTraceIdx].resources = cesaReqResources;
++ cesaTestTrace[cesaTestTraceIdx].pReqReady = pCesaReqReady;
++ cesaTestTrace[cesaTestTraceIdx].pReqEmpty = pCesaReqEmpty;
++ cesaTestTrace[cesaTestTraceIdx].pReqProcess = pCesaReqProcess;
++ cesaTestTrace[cesaTestTraceIdx].timeStamp = mvCntmrRead(MV_CESA_USE_TIMER_ID);
++ cesaTestTraceIdx++;
++ if(cesaTestTraceIdx == MV_CESA_TEST_TRACE_SIZE)
++ cesaTestTraceIdx = 0;
++}
++
++#else /* CESA_OCF_TRACE_DEBUG */
++
++#define cesaTestTraceAdd(x)
++
++#endif /* CESA_OCF_TRACE_DEBUG */
++
++unsigned int
++get_usec(unsigned int start)
++{
++ if(start) {
++ do_gettimeofday (&tt_start);
++ return 0;
++ }
++ else {
++ do_gettimeofday (&tt_end);
++ tt_end.tv_sec -= tt_start.tv_sec;
++ tt_end.tv_usec -= tt_start.tv_usec;
++ if (tt_end.tv_usec < 0) {
++ tt_end.tv_usec += 1000 * 1000;
++ tt_end.tv_sec -= 1;
++ }
++ }
++ printk("time taken is %d\n", (unsigned int)(tt_end.tv_usec + tt_end.tv_sec * 1000000));
++ return (tt_end.tv_usec + tt_end.tv_sec * 1000000);
++}
++
++#ifdef RT_DEBUG
++/*
++ * check that the crp action match the current session
++ */
++static int
++ocf_check_action(struct cryptop *crp, struct cesa_ocf_data *cesa_ocf_cur_ses) {
++ int count = 0;
++ int encrypt = 0, decrypt = 0, auth = 0;
++ struct cryptodesc *crd;
++
++ /* Go through crypto descriptors, processing as we go */
++ for (crd = crp->crp_desc; crd; crd = crd->crd_next, count++) {
++ if(count > 2) {
++ printk("%s,%d: session mode is not supported.\n", __FILE__, __LINE__);
++ return 1;
++ }
++
++ /* Encryption /Decryption */
++ if(crd->crd_alg == cesa_ocf_cur_ses->cipher_alg) {
++ /* check that the action is compatible with session */
++ if(encrypt || decrypt) {
++ printk("%s,%d: session mode is not supported.\n", __FILE__, __LINE__);
++ return 1;
++ }
++
++ if(crd->crd_flags & CRD_F_ENCRYPT) { /* encrypt */
++ if( (count == 2) && (cesa_ocf_cur_ses->encrypt_tn_auth) ) {
++ printk("%s,%d: sequence isn't supported by this session.\n", __FILE__, __LINE__);
++ return 1;
++ }
++ encrypt++;
++ }
++ else { /* decrypt */
++ if( (count == 2) && !(cesa_ocf_cur_ses->auth_tn_decrypt) ) {
++ printk("%s,%d: sequence isn't supported by this session.\n", __FILE__, __LINE__);
++ return 1;
++ }
++ decrypt++;
++ }
++
++ }
++ /* Authentication */
++ else if(crd->crd_alg == cesa_ocf_cur_ses->auth_alg) {
++ /* check that the action is compatible with session */
++ if(auth) {
++ printk("%s,%d: session mode is not supported.\n", __FILE__, __LINE__);
++ return 1;
++ }
++ if( (count == 2) && (decrypt) && (cesa_ocf_cur_ses->auth_tn_decrypt)) {
++ printk("%s,%d: sequence isn't supported by this session.\n", __FILE__, __LINE__);
++ return 1;
++ }
++ if( (count == 2) && (encrypt) && !(cesa_ocf_cur_ses->encrypt_tn_auth)) {
++ printk("%s,%d: sequence isn't supported by this session.\n", __FILE__, __LINE__);
++ return 1;
++ }
++ auth++;
++ }
++ else {
++ printk("%s,%d: Alg isn't supported by this session.\n", __FILE__, __LINE__);
++ return 1;
++ }
++ }
++ return 0;
++
++}
++#endif
++
++/*
++ * Process a request.
++ */
++static int
++cesa_ocf_process(device_t dev, struct cryptop *crp, int hint)
++{
++ struct cesa_ocf_process *cesa_ocf_cmd = NULL;
++ struct cesa_ocf_process *cesa_ocf_cmd_wa = NULL;
++ MV_CESA_COMMAND *cesa_cmd;
++ struct cryptodesc *crd;
++ struct cesa_ocf_data *cesa_ocf_cur_ses;
++ int sid = 0, temp_len = 0, i;
++ int encrypt = 0, decrypt = 0, auth = 0;
++ int status;
++ struct sk_buff *skb = NULL;
++ struct uio *uiop = NULL;
++ unsigned char *ivp;
++ MV_BUF_INFO *p_buf_info;
++ MV_CESA_MBUF *p_mbuf_info;
++ unsigned long flags;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ if( cesaReqResources <= 1 ) {
++ dprintk("%s,%d: ERESTART\n", __FILE__, __LINE__);
++ return ERESTART;
++ }
++
++#ifdef RT_DEBUG
++ /* Sanity check */
++ if (crp == NULL) {
++ printk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ if (crp->crp_desc == NULL || crp->crp_buf == NULL ) {
++ printk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ crp->crp_etype = EINVAL;
++ return EINVAL;
++ }
++
++ sid = crp->crp_sid & 0xffffffff;
++ if ((sid >= CESA_OCF_MAX_SES) || (cesa_ocf_sessions[sid] == NULL)) {
++ crp->crp_etype = ENOENT;
++ printk("%s,%d: ENOENT session %d \n", __FILE__, __LINE__, sid);
++ return EINVAL;
++ }
++#endif
++
++ sid = crp->crp_sid & 0xffffffff;
++ crp->crp_etype = 0;
++ cesa_ocf_cur_ses = cesa_ocf_sessions[sid];
++
++#ifdef RT_DEBUG
++ if(ocf_check_action(crp, cesa_ocf_cur_ses)){
++ goto p_error;
++ }
++#endif
++
++ /* malloc a new cesa process */
++ cesa_ocf_cmd = kmalloc(sizeof(struct cesa_ocf_process), GFP_ATOMIC);
++
++ if (cesa_ocf_cmd == NULL) {
++ printk("%s,%d: ENOBUFS \n", __FILE__, __LINE__);
++ goto p_error;
++ }
++ memset(cesa_ocf_cmd, 0, sizeof(struct cesa_ocf_process));
++
++ /* init cesa_process */
++ cesa_ocf_cmd->crp = crp;
++ /* always call callback */
++ cesa_ocf_cmd->need_cb = 1;
++
++ /* init cesa_cmd for usage of the HALs */
++ cesa_cmd = &cesa_ocf_cmd->cesa_cmd;
++ cesa_cmd->pReqPrv = (void *)cesa_ocf_cmd;
++ cesa_cmd->sessionId = cesa_ocf_cur_ses->sid_encrypt; /* defualt use encrypt */
++
++ /* prepare src buffer */
++ /* we send the entire buffer to the HAL, even if only part of it should be encrypt/auth. */
++ /* if not using seesions for both encrypt and auth, then it will be wiser to to copy only */
++ /* from skip to crd_len. */
++ p_buf_info = cesa_ocf_cmd->cesa_bufs;
++ p_mbuf_info = &cesa_ocf_cmd->cesa_mbuf;
++
++ p_buf_info += 2; /* save 2 first buffers for IV and digest -
++ we won't append them to the end since, they
++ might be places in an unaligned addresses. */
++
++ p_mbuf_info->pFrags = p_buf_info;
++ temp_len = 0;
++
++ /* handle SKB */
++ if (crp->crp_flags & CRYPTO_F_SKBUF) {
++
++ dprintk("%s,%d: handle SKB.\n", __FILE__, __LINE__);
++ skb = (struct sk_buff *) crp->crp_buf;
++
++ if (skb_shinfo(skb)->nr_frags >= (MV_CESA_MAX_MBUF_FRAGS - 1)) {
++ printk("%s,%d: %d nr_frags > MV_CESA_MAX_MBUF_FRAGS", __FILE__, __LINE__, skb_shinfo(skb)->nr_frags);
++ goto p_error;
++ }
++
++ p_mbuf_info->mbufSize = skb->len;
++ temp_len = skb->len;
++ /* first skb fragment */
++ p_buf_info->bufSize = skb_headlen(skb);
++ p_buf_info->bufVirtPtr = skb->data;
++ p_buf_info++;
++
++ /* now handle all other skb fragments */
++ for ( i = 0; i < skb_shinfo(skb)->nr_frags; i++ ) {
++ skb_frag_t *frag = &skb_shinfo(skb)->frags[i];
++ p_buf_info->bufSize = frag->size;
++ p_buf_info->bufVirtPtr = page_address(frag->page) + frag->page_offset;
++ p_buf_info++;
++ }
++ p_mbuf_info->numFrags = skb_shinfo(skb)->nr_frags + 1;
++ }
++ /* handle UIO */
++ else if(crp->crp_flags & CRYPTO_F_IOV) {
++
++ dprintk("%s,%d: handle UIO.\n", __FILE__, __LINE__);
++ uiop = (struct uio *) crp->crp_buf;
++
++ if (uiop->uio_iovcnt > (MV_CESA_MAX_MBUF_FRAGS - 1)) {
++ printk("%s,%d: %d uio_iovcnt > MV_CESA_MAX_MBUF_FRAGS \n", __FILE__, __LINE__, uiop->uio_iovcnt);
++ goto p_error;
++ }
++
++ p_mbuf_info->mbufSize = crp->crp_ilen;
++ p_mbuf_info->numFrags = uiop->uio_iovcnt;
++ for(i = 0; i < uiop->uio_iovcnt; i++) {
++ p_buf_info->bufVirtPtr = uiop->uio_iov[i].iov_base;
++ p_buf_info->bufSize = uiop->uio_iov[i].iov_len;
++ temp_len += p_buf_info->bufSize;
++ dprintk("%s,%d: buf %x-> addr %x, size %x \n"
++ , __FILE__, __LINE__, i, (unsigned int)p_buf_info->bufVirtPtr, p_buf_info->bufSize);
++ p_buf_info++;
++ }
++
++ }
++ /* handle CONTIG */
++ else {
++ dprintk("%s,%d: handle CONTIG.\n", __FILE__, __LINE__);
++ p_mbuf_info->numFrags = 1;
++ p_mbuf_info->mbufSize = crp->crp_ilen;
++ p_buf_info->bufVirtPtr = crp->crp_buf;
++ p_buf_info->bufSize = crp->crp_ilen;
++ temp_len = crp->crp_ilen;
++ p_buf_info++;
++ }
++
++ /* Support up to 64K why? cause! */
++ if(crp->crp_ilen > 64*1024) {
++ printk("%s,%d: buf too big %x \n", __FILE__, __LINE__, crp->crp_ilen);
++ goto p_error;
++ }
++
++ if( temp_len != crp->crp_ilen ) {
++ printk("%s,%d: warning size don't match.(%x %x) \n", __FILE__, __LINE__, temp_len, crp->crp_ilen);
++ }
++
++ cesa_cmd->pSrc = p_mbuf_info;
++ cesa_cmd->pDst = p_mbuf_info;
++
++ /* restore p_buf_info to point to first available buf */
++ p_buf_info = cesa_ocf_cmd->cesa_bufs;
++ p_buf_info += 1;
++
++
++ /* Go through crypto descriptors, processing as we go */
++ for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
++
++ /* Encryption /Decryption */
++ if(crd->crd_alg == cesa_ocf_cur_ses->cipher_alg) {
++
++ dprintk("%s,%d: cipher", __FILE__, __LINE__);
++
++ cesa_cmd->cryptoOffset = crd->crd_skip;
++ cesa_cmd->cryptoLength = crd->crd_len;
++
++ if(crd->crd_flags & CRD_F_ENCRYPT) { /* encrypt */
++ dprintk(" encrypt \n");
++ encrypt++;
++
++ /* handle IV */
++ if (crd->crd_flags & CRD_F_IV_EXPLICIT) { /* IV from USER */
++ dprintk("%s,%d: IV from USER (offset %x) \n", __FILE__, __LINE__, crd->crd_inject);
++ cesa_cmd->ivFromUser = 1;
++ ivp = crd->crd_iv;
++
++ /*
++ * do we have to copy the IV back to the buffer ?
++ */
++ if ((crd->crd_flags & CRD_F_IV_PRESENT) == 0) {
++ dprintk("%s,%d: copy the IV back to the buffer\n", __FILE__, __LINE__);
++ cesa_cmd->ivOffset = crd->crd_inject;
++ crypto_copy_bits_back(crp->crp_buf, crd->crd_inject, ivp, cesa_ocf_cur_ses->ivlen);
++ }
++ else {
++ dprintk("%s,%d: don't copy the IV back to the buffer \n", __FILE__, __LINE__);
++ p_mbuf_info->numFrags++;
++ p_mbuf_info->mbufSize += cesa_ocf_cur_ses->ivlen;
++ p_mbuf_info->pFrags = p_buf_info;
++
++ p_buf_info->bufVirtPtr = ivp;
++ p_buf_info->bufSize = cesa_ocf_cur_ses->ivlen;
++ p_buf_info--;
++
++ /* offsets */
++ cesa_cmd->ivOffset = 0;
++ cesa_cmd->cryptoOffset += cesa_ocf_cur_ses->ivlen;
++ if(auth) {
++ cesa_cmd->macOffset += cesa_ocf_cur_ses->ivlen;
++ cesa_cmd->digestOffset += cesa_ocf_cur_ses->ivlen;
++ }
++ }
++ }
++ else { /* random IV */
++ dprintk("%s,%d: random IV \n", __FILE__, __LINE__);
++ cesa_cmd->ivFromUser = 0;
++
++ /*
++ * do we have to copy the IV back to the buffer ?
++ */
++ /* in this mode the HAL will always copy the IV */
++ /* given by the session to the ivOffset */
++ if ((crd->crd_flags & CRD_F_IV_PRESENT) == 0) {
++ cesa_cmd->ivOffset = crd->crd_inject;
++ }
++ else {
++ /* if IV isn't copy, then how will the user know which IV did we use??? */
++ printk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ goto p_error;
++ }
++ }
++ }
++ else { /* decrypt */
++ dprintk(" decrypt \n");
++ decrypt++;
++ cesa_cmd->sessionId = cesa_ocf_cur_ses->sid_decrypt;
++
++ /* handle IV */
++ if (crd->crd_flags & CRD_F_IV_EXPLICIT) {
++ dprintk("%s,%d: IV from USER \n", __FILE__, __LINE__);
++ /* append the IV buf to the mbuf */
++ cesa_cmd->ivFromUser = 1;
++ p_mbuf_info->numFrags++;
++ p_mbuf_info->mbufSize += cesa_ocf_cur_ses->ivlen;
++ p_mbuf_info->pFrags = p_buf_info;
++
++ p_buf_info->bufVirtPtr = crd->crd_iv;
++ p_buf_info->bufSize = cesa_ocf_cur_ses->ivlen;
++ p_buf_info--;
++
++ /* offsets */
++ cesa_cmd->ivOffset = 0;
++ cesa_cmd->cryptoOffset += cesa_ocf_cur_ses->ivlen;
++ if(auth) {
++ cesa_cmd->macOffset += cesa_ocf_cur_ses->ivlen;
++ cesa_cmd->digestOffset += cesa_ocf_cur_ses->ivlen;
++ }
++ }
++ else {
++ dprintk("%s,%d: IV inside the buffer \n", __FILE__, __LINE__);
++ cesa_cmd->ivFromUser = 0;
++ cesa_cmd->ivOffset = crd->crd_inject;
++ }
++ }
++
++ }
++ /* Authentication */
++ else if(crd->crd_alg == cesa_ocf_cur_ses->auth_alg) {
++ dprintk("%s,%d: Authentication \n", __FILE__, __LINE__);
++ auth++;
++ cesa_cmd->macOffset = crd->crd_skip;
++ cesa_cmd->macLength = crd->crd_len;
++
++ /* digest + mac */
++ cesa_cmd->digestOffset = crd->crd_inject;
++ }
++ else {
++ printk("%s,%d: Alg isn't supported by this session.\n", __FILE__, __LINE__);
++ goto p_error;
++ }
++ }
++
++ dprintk("\n");
++ dprintk("%s,%d: Sending Action: \n", __FILE__, __LINE__);
++ dprintk("%s,%d: IV from user: %d. IV offset %x \n", __FILE__, __LINE__, cesa_cmd->ivFromUser, cesa_cmd->ivOffset);
++ dprintk("%s,%d: crypt offset %x len %x \n", __FILE__, __LINE__, cesa_cmd->cryptoOffset, cesa_cmd->cryptoLength);
++ dprintk("%s,%d: Auth offset %x len %x \n", __FILE__, __LINE__, cesa_cmd->macOffset, cesa_cmd->macLength);
++ dprintk("%s,%d: set digest in offset %x . \n", __FILE__, __LINE__, cesa_cmd->digestOffset);
++ if(debug) {
++ mvCesaDebugMbuf("SRC BUFFER", cesa_cmd->pSrc, 0, cesa_cmd->pSrc->mbufSize);
++ }
++
++
++ /* send action to HAL */
++ spin_lock_irqsave(&cesa_lock, flags);
++ status = mvCesaAction(cesa_cmd);
++ spin_unlock_irqrestore(&cesa_lock, flags);
++
++ /* action not allowed */
++ if(status == MV_NOT_ALLOWED) {
++#ifdef CESA_OCF_SPLIT
++ /* if both encrypt and auth try to split */
++ if(auth && (encrypt || decrypt)) {
++ MV_CESA_COMMAND *cesa_cmd_wa;
++
++ /* malloc a new cesa process and init it */
++ cesa_ocf_cmd_wa = kmalloc(sizeof(struct cesa_ocf_process), GFP_ATOMIC);
++
++ if (cesa_ocf_cmd_wa == NULL) {
++ printk("%s,%d: ENOBUFS \n", __FILE__, __LINE__);
++ goto p_error;
++ }
++ memcpy(cesa_ocf_cmd_wa, cesa_ocf_cmd, sizeof(struct cesa_ocf_process));
++ cesa_cmd_wa = &cesa_ocf_cmd_wa->cesa_cmd;
++ cesa_cmd_wa->pReqPrv = (void *)cesa_ocf_cmd_wa;
++ cesa_ocf_cmd_wa->need_cb = 0;
++
++ /* break requests to two operation, first operation completion won't call callback */
++ if((decrypt) && (cesa_ocf_cur_ses->auth_tn_decrypt)) {
++ cesa_cmd_wa->sessionId = cesa_ocf_cur_ses->frag_wa_auth;
++ cesa_cmd->sessionId = cesa_ocf_cur_ses->frag_wa_decrypt;
++ }
++ else if((decrypt) && !(cesa_ocf_cur_ses->auth_tn_decrypt)) {
++ cesa_cmd_wa->sessionId = cesa_ocf_cur_ses->frag_wa_decrypt;
++ cesa_cmd->sessionId = cesa_ocf_cur_ses->frag_wa_auth;
++ }
++ else if((encrypt) && (cesa_ocf_cur_ses->encrypt_tn_auth)) {
++ cesa_cmd_wa->sessionId = cesa_ocf_cur_ses->frag_wa_encrypt;
++ cesa_cmd->sessionId = cesa_ocf_cur_ses->frag_wa_auth;
++ }
++ else if((encrypt) && !(cesa_ocf_cur_ses->encrypt_tn_auth)){
++ cesa_cmd_wa->sessionId = cesa_ocf_cur_ses->frag_wa_auth;
++ cesa_cmd->sessionId = cesa_ocf_cur_ses->frag_wa_encrypt;
++ }
++ else {
++ printk("%s,%d: Unsupporterd fragment wa mode \n", __FILE__, __LINE__);
++ goto p_error;
++ }
++
++ /* send the 2 actions to the HAL */
++ spin_lock_irqsave(&cesa_lock, flags);
++ status = mvCesaAction(cesa_cmd_wa);
++ spin_unlock_irqrestore(&cesa_lock, flags);
++
++ if((status != MV_NO_MORE) && (status != MV_OK)) {
++ printk("%s,%d: cesa action failed, status = 0x%x\n", __FILE__, __LINE__, status);
++ goto p_error;
++ }
++ spin_lock_irqsave(&cesa_lock, flags);
++ status = mvCesaAction(cesa_cmd);
++ spin_unlock_irqrestore(&cesa_lock, flags);
++
++ }
++ /* action not allowed and can't split */
++ else
++#endif
++ {
++ goto p_error;
++ }
++ }
++
++ /* Hal Q is full, send again. This should never happen */
++ if(status == MV_NO_RESOURCE) {
++ printk("%s,%d: cesa no more resources \n", __FILE__, __LINE__);
++ if(cesa_ocf_cmd)
++ kfree(cesa_ocf_cmd);
++ if(cesa_ocf_cmd_wa)
++ kfree(cesa_ocf_cmd_wa);
++ return ERESTART;
++ }
++ else if((status != MV_NO_MORE) && (status != MV_OK)) {
++ printk("%s,%d: cesa action failed, status = 0x%x\n", __FILE__, __LINE__, status);
++ goto p_error;
++ }
++
++
++#ifdef CESA_OCF_POLLING
++ cesa_interrupt_polling();
++#endif
++ cesaTestTraceAdd(5);
++
++ return 0;
++p_error:
++ crp->crp_etype = EINVAL;
++ if(cesa_ocf_cmd)
++ kfree(cesa_ocf_cmd);
++ if(cesa_ocf_cmd_wa)
++ kfree(cesa_ocf_cmd_wa);
++ return EINVAL;
++}
++
++/*
++ * cesa callback.
++ */
++static void
++cesa_callback(unsigned long dummy)
++{
++ struct cesa_ocf_process *cesa_ocf_cmd = NULL;
++ struct cryptop *crp = NULL;
++ MV_CESA_RESULT result[MV_CESA_MAX_CHAN];
++ int res_idx = 0,i;
++ MV_STATUS status;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++#ifdef CESA_OCF_TASKLET
++ disable_irq(cesa_device.irq);
++#endif
++ while(MV_TRUE) {
++
++ /* Get Ready requests */
++ spin_lock(&cesa_lock);
++ status = mvCesaReadyGet(&result[res_idx]);
++ spin_unlock(&cesa_lock);
++
++ cesaTestTraceAdd(2);
++
++ if(status != MV_OK) {
++#ifdef CESA_OCF_POLLING
++ if(status == MV_BUSY) { /* Fragment */
++ cesa_interrupt_polling();
++ return;
++ }
++#endif
++ break;
++ }
++ res_idx++;
++ break;
++ }
++
++ for(i = 0; i < res_idx; i++) {
++
++ if(!result[i].pReqPrv) {
++ printk("%s,%d: warning private is NULL\n", __FILE__, __LINE__);
++ break;
++ }
++
++ cesa_ocf_cmd = result[i].pReqPrv;
++ crp = cesa_ocf_cmd->crp;
++
++ // ignore HMAC error.
++ //if(result->retCode)
++ // crp->crp_etype = EIO;
++
++#if defined(CESA_OCF_POLLING)
++ if(!cesa_ocf_cmd->need_cb){
++ cesa_interrupt_polling();
++ }
++#endif
++ if(cesa_ocf_cmd->need_cb) {
++ if(debug) {
++ mvCesaDebugMbuf("DST BUFFER", cesa_ocf_cmd->cesa_cmd.pDst, 0, cesa_ocf_cmd->cesa_cmd.pDst->mbufSize);
++ }
++ crypto_done(crp);
++ }
++ kfree(cesa_ocf_cmd);
++ }
++#ifdef CESA_OCF_TASKLET
++ enable_irq(cesa_device.irq);
++#endif
++
++ cesaTestTraceAdd(3);
++
++ return;
++}
++
++#ifdef CESA_OCF_POLLING
++static void
++cesa_interrupt_polling(void)
++{
++ u32 cause;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ /* Read cause register */
++ do {
++ cause = MV_REG_READ(MV_CESA_ISR_CAUSE_REG);
++ cause &= MV_CESA_CAUSE_ACC_DMA_ALL_MASK;
++
++ } while (cause == 0);
++
++ /* clear interrupts */
++ MV_REG_WRITE(MV_CESA_ISR_CAUSE_REG, 0);
++
++ cesa_callback(0);
++
++ return;
++}
++
++#endif
++
++/*
++ * cesa Interrupt polling routine.
++ */
++static irqreturn_t
++cesa_interrupt_handler(int irq, void *arg)
++{
++ u32 cause;
++
++ dprintk("%s()\n", __FUNCTION__);
++
++ cesaTestTraceAdd(0);
++
++ /* Read cause register */
++ cause = MV_REG_READ(MV_CESA_ISR_CAUSE_REG);
++
++ if( (cause & MV_CESA_CAUSE_ACC_DMA_ALL_MASK) == 0)
++ {
++ /* Empty interrupt */
++ dprintk("%s,%d: cesaTestReadyIsr: cause=0x%x\n", __FILE__, __LINE__, cause);
++ return IRQ_HANDLED;
++ }
++
++ /* clear interrupts */
++ MV_REG_WRITE(MV_CESA_ISR_CAUSE_REG, 0);
++
++ cesaTestTraceAdd(1);
++#ifdef CESA_OCF_TASKLET
++ tasklet_hi_schedule(&cesa_ocf_tasklet);
++#else
++ cesa_callback(0);
++#endif
++ return IRQ_HANDLED;
++}
++
++/*
++ * Open a session.
++ */
++static int
++/*cesa_ocf_newsession(void *arg, u_int32_t *sid, struct cryptoini *cri)*/
++cesa_ocf_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
++{
++ u32 status = 0, i;
++ u32 count = 0, auth = 0, encrypt =0;
++ struct cesa_ocf_data *cesa_ocf_cur_ses;
++ MV_CESA_OPEN_SESSION cesa_session;
++ MV_CESA_OPEN_SESSION *cesa_ses = &cesa_session;
++
++
++ dprintk("%s()\n", __FUNCTION__);
++ if (sid == NULL || cri == NULL) {
++ printk("%s,%d: EINVAL\n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ /* leave first empty like in other implementations */
++ for (i = 1; i < CESA_OCF_MAX_SES; i++) {
++ if (cesa_ocf_sessions[i] == NULL)
++ break;
++ }
++
++ if(i >= CESA_OCF_MAX_SES) {
++ printk("%s,%d: no more sessions \n", __FILE__, __LINE__);
++ return EINVAL;
++ }
++
++ cesa_ocf_sessions[i] = (struct cesa_ocf_data *) kmalloc(sizeof(struct cesa_ocf_data), GFP_ATOMIC);
++ if (cesa_ocf_sessions[i] == NULL) {
++ cesa_ocf_freesession(NULL, i);
++ printk("%s,%d: ENOBUFS \n", __FILE__, __LINE__);
++ return ENOBUFS;
++ }
++ dprintk("%s,%d: new session %d \n", __FILE__, __LINE__, i);
++
++ *sid = i;
++ cesa_ocf_cur_ses = cesa_ocf_sessions[i];
++ memset(cesa_ocf_cur_ses, 0, sizeof(struct cesa_ocf_data));
++ cesa_ocf_cur_ses->sid_encrypt = -1;
++ cesa_ocf_cur_ses->sid_decrypt = -1;
++ cesa_ocf_cur_ses->frag_wa_encrypt = -1;
++ cesa_ocf_cur_ses->frag_wa_decrypt = -1;
++ cesa_ocf_cur_ses->frag_wa_auth = -1;
++
++ /* init the session */
++ memset(cesa_ses, 0, sizeof(MV_CESA_OPEN_SESSION));
++ count = 1;
++ while (cri) {
++ if(count > 2) {
++ printk("%s,%d: don't support more then 2 operations\n", __FILE__, __LINE__);
++ goto error;
++ }
++ switch (cri->cri_alg) {
++ case CRYPTO_AES_CBC:
++ dprintk("%s,%d: (%d) AES CBC \n", __FILE__, __LINE__, count);
++ cesa_ocf_cur_ses->cipher_alg = cri->cri_alg;
++ cesa_ocf_cur_ses->ivlen = MV_CESA_AES_BLOCK_SIZE;
++ cesa_ses->cryptoAlgorithm = MV_CESA_CRYPTO_AES;
++ cesa_ses->cryptoMode = MV_CESA_CRYPTO_CBC;
++ if(cri->cri_klen/8 > MV_CESA_MAX_CRYPTO_KEY_LENGTH) {
++ printk("%s,%d: CRYPTO key too long.\n", __FILE__, __LINE__);
++ goto error;
++ }
++ memcpy(cesa_ses->cryptoKey, cri->cri_key, cri->cri_klen/8);
++ dprintk("%s,%d: key length %d \n", __FILE__, __LINE__, cri->cri_klen/8);
++ cesa_ses->cryptoKeyLength = cri->cri_klen/8;
++ encrypt += count;
++ break;
++ case CRYPTO_3DES_CBC:
++ dprintk("%s,%d: (%d) 3DES CBC \n", __FILE__, __LINE__, count);
++ cesa_ocf_cur_ses->cipher_alg = cri->cri_alg;
++ cesa_ocf_cur_ses->ivlen = MV_CESA_3DES_BLOCK_SIZE;
++ cesa_ses->cryptoAlgorithm = MV_CESA_CRYPTO_3DES;
++ cesa_ses->cryptoMode = MV_CESA_CRYPTO_CBC;
++ if(cri->cri_klen/8 > MV_CESA_MAX_CRYPTO_KEY_LENGTH) {
++ printk("%s,%d: CRYPTO key too long.\n", __FILE__, __LINE__);
++ goto error;
++ }
++ memcpy(cesa_ses->cryptoKey, cri->cri_key, cri->cri_klen/8);
++ cesa_ses->cryptoKeyLength = cri->cri_klen/8;
++ encrypt += count;
++ break;
++ case CRYPTO_DES_CBC:
++ dprintk("%s,%d: (%d) DES CBC \n", __FILE__, __LINE__, count);
++ cesa_ocf_cur_ses->cipher_alg = cri->cri_alg;
++ cesa_ocf_cur_ses->ivlen = MV_CESA_DES_BLOCK_SIZE;
++ cesa_ses->cryptoAlgorithm = MV_CESA_CRYPTO_DES;
++ cesa_ses->cryptoMode = MV_CESA_CRYPTO_CBC;
++ if(cri->cri_klen/8 > MV_CESA_MAX_CRYPTO_KEY_LENGTH) {
++ printk("%s,%d: CRYPTO key too long.\n", __FILE__, __LINE__);
++ goto error;
++ }
++ memcpy(cesa_ses->cryptoKey, cri->cri_key, cri->cri_klen/8);
++ cesa_ses->cryptoKeyLength = cri->cri_klen/8;
++ encrypt += count;
++ break;
++ case CRYPTO_MD5:
++ case CRYPTO_MD5_HMAC:
++ dprintk("%s,%d: (%d) %sMD5 CBC \n", __FILE__, __LINE__, count, (cri->cri_alg != CRYPTO_MD5)? "H-":" ");
++ cesa_ocf_cur_ses->auth_alg = cri->cri_alg;
++ cesa_ocf_cur_ses->digestlen = (cri->cri_alg == CRYPTO_MD5)? MV_CESA_MD5_DIGEST_SIZE : 12;
++ cesa_ses->macMode = (cri->cri_alg == CRYPTO_MD5)? MV_CESA_MAC_MD5 : MV_CESA_MAC_HMAC_MD5;
++ if(cri->cri_klen/8 > MV_CESA_MAX_CRYPTO_KEY_LENGTH) {
++ printk("%s,%d: MAC key too long. \n", __FILE__, __LINE__);
++ goto error;
++ }
++ cesa_ses->macKeyLength = cri->cri_klen/8;
++ memcpy(cesa_ses->macKey, cri->cri_key, cri->cri_klen/8);
++ cesa_ses->digestSize = cesa_ocf_cur_ses->digestlen;
++ auth += count;
++ break;
++ case CRYPTO_SHA1:
++ case CRYPTO_SHA1_HMAC:
++ dprintk("%s,%d: (%d) %sSHA1 CBC \n", __FILE__, __LINE__, count, (cri->cri_alg != CRYPTO_SHA1)? "H-":" ");
++ cesa_ocf_cur_ses->auth_alg = cri->cri_alg;
++ cesa_ocf_cur_ses->digestlen = (cri->cri_alg == CRYPTO_SHA1)? MV_CESA_SHA1_DIGEST_SIZE : 12;
++ cesa_ses->macMode = (cri->cri_alg == CRYPTO_SHA1)? MV_CESA_MAC_SHA1 : MV_CESA_MAC_HMAC_SHA1;
++ if(cri->cri_klen/8 > MV_CESA_MAX_CRYPTO_KEY_LENGTH) {
++ printk("%s,%d: MAC key too long. \n", __FILE__, __LINE__);
++ goto error;
++ }
++ cesa_ses->macKeyLength = cri->cri_klen/8;
++ memcpy(cesa_ses->macKey, cri->cri_key, cri->cri_klen/8);
++ cesa_ses->digestSize = cesa_ocf_cur_ses->digestlen;
++ auth += count;
++ break;
++ default:
++ printk("%s,%d: unknown algo 0x%x\n", __FILE__, __LINE__, cri->cri_alg);
++ goto error;
++ }
++ cri = cri->cri_next;
++ count++;
++ }
++
++ if((encrypt > 2) || (auth > 2)) {
++ printk("%s,%d: session mode is not supported.\n", __FILE__, __LINE__);
++ goto error;
++ }
++ /* create new sessions in HAL */
++ if(encrypt) {
++ cesa_ses->operation = MV_CESA_CRYPTO_ONLY;
++ /* encrypt session */
++ if(auth == 1) {
++ cesa_ses->operation = MV_CESA_MAC_THEN_CRYPTO;
++ }
++ else if(auth == 2) {
++ cesa_ses->operation = MV_CESA_CRYPTO_THEN_MAC;
++ cesa_ocf_cur_ses->encrypt_tn_auth = 1;
++ }
++ else {
++ cesa_ses->operation = MV_CESA_CRYPTO_ONLY;
++ }
++ cesa_ses->direction = MV_CESA_DIR_ENCODE;
++ status = mvCesaSessionOpen(cesa_ses, &cesa_ocf_cur_ses->sid_encrypt);
++ if(status != MV_OK) {
++ printk("%s,%d: Can't open new session - status = 0x%x\n", __FILE__, __LINE__, status);
++ goto error;
++ }
++ /* decrypt session */
++ if( cesa_ses->operation == MV_CESA_MAC_THEN_CRYPTO ) {
++ cesa_ses->operation = MV_CESA_CRYPTO_THEN_MAC;
++ }
++ else if( cesa_ses->operation == MV_CESA_CRYPTO_THEN_MAC ) {
++ cesa_ses->operation = MV_CESA_MAC_THEN_CRYPTO;
++ }
++ cesa_ses->direction = MV_CESA_DIR_DECODE;
++ status = mvCesaSessionOpen(cesa_ses, &cesa_ocf_cur_ses->sid_decrypt);
++ if(status != MV_OK) {
++ printk("%s,%d: Can't open new session - status = 0x%x\n", __FILE__, __LINE__, status);
++ goto error;
++ }
++
++ /* preapre one action sessions for case we will need to split an action */
++#ifdef CESA_OCF_SPLIT
++ if(( cesa_ses->operation == MV_CESA_MAC_THEN_CRYPTO ) ||
++ ( cesa_ses->operation == MV_CESA_CRYPTO_THEN_MAC )) {
++ /* open one session for encode and one for decode */
++ cesa_ses->operation = MV_CESA_CRYPTO_ONLY;
++ cesa_ses->direction = MV_CESA_DIR_ENCODE;
++ status = mvCesaSessionOpen(cesa_ses, &cesa_ocf_cur_ses->frag_wa_encrypt);
++ if(status != MV_OK) {
++ printk("%s,%d: Can't open new session - status = 0x%x\n", __FILE__, __LINE__, status);
++ goto error;
++ }
++
++ cesa_ses->direction = MV_CESA_DIR_DECODE;
++ status = mvCesaSessionOpen(cesa_ses, &cesa_ocf_cur_ses->frag_wa_decrypt);
++ if(status != MV_OK) {
++ printk("%s,%d: Can't open new session - status = 0x%x\n", __FILE__, __LINE__, status);
++ goto error;
++ }
++ /* open one session for auth */
++ cesa_ses->operation = MV_CESA_MAC_ONLY;
++ cesa_ses->direction = MV_CESA_DIR_ENCODE;
++ status = mvCesaSessionOpen(cesa_ses, &cesa_ocf_cur_ses->frag_wa_auth);
++ if(status != MV_OK) {
++ printk("%s,%d: Can't open new session - status = 0x%x\n", __FILE__, __LINE__, status);
++ goto error;
++ }
++ }
++#endif
++ }
++ else { /* only auth */
++ cesa_ses->operation = MV_CESA_MAC_ONLY;
++ cesa_ses->direction = MV_CESA_DIR_ENCODE;
++ status = mvCesaSessionOpen(cesa_ses, &cesa_ocf_cur_ses->sid_encrypt);
++ if(status != MV_OK) {
++ printk("%s,%d: Can't open new session - status = 0x%x\n", __FILE__, __LINE__, status);
++ goto error;
++ }
++ }
++
++ return 0;
++error:
++ cesa_ocf_freesession(NULL, *sid);
++ return EINVAL;
++
++}
++
++
++/*
++ * Free a session.
++ */
++static int
++cesa_ocf_freesession(device_t dev, u_int64_t tid)
++{
++ struct cesa_ocf_data *cesa_ocf_cur_ses;
++ u_int32_t sid = CRYPTO_SESID2LID(tid);
++ //unsigned long flags;
++
++ dprintk("%s() %d \n", __FUNCTION__, sid);
++ if ( (sid >= CESA_OCF_MAX_SES) || (cesa_ocf_sessions[sid] == NULL) ) {
++ printk("%s,%d: EINVAL can't free session %d \n", __FILE__, __LINE__, sid);
++ return(EINVAL);
++ }
++
++ /* Silently accept and return */
++ if (sid == 0)
++ return(0);
++
++ /* release session from HAL */
++ cesa_ocf_cur_ses = cesa_ocf_sessions[sid];
++ if (cesa_ocf_cur_ses->sid_encrypt != -1) {
++ mvCesaSessionClose(cesa_ocf_cur_ses->sid_encrypt);
++ }
++ if (cesa_ocf_cur_ses->sid_decrypt != -1) {
++ mvCesaSessionClose(cesa_ocf_cur_ses->sid_decrypt);
++ }
++ if (cesa_ocf_cur_ses->frag_wa_encrypt != -1) {
++ mvCesaSessionClose(cesa_ocf_cur_ses->frag_wa_encrypt);
++ }
++ if (cesa_ocf_cur_ses->frag_wa_decrypt != -1) {
++ mvCesaSessionClose(cesa_ocf_cur_ses->frag_wa_decrypt);
++ }
++ if (cesa_ocf_cur_ses->frag_wa_auth != -1) {
++ mvCesaSessionClose(cesa_ocf_cur_ses->frag_wa_auth);
++ }
++
++ kfree(cesa_ocf_cur_ses);
++ cesa_ocf_sessions[sid] = NULL;
++
++ return 0;
++}
++
++
++/* TDMA Window setup */
++
++static void __init
++setup_tdma_mbus_windows(struct cesa_dev *dev)
++{
++ int i;
++
++ for (i = 0; i < 4; i++) {
++ writel(0, dev->reg + WINDOW_BASE(i));
++ writel(0, dev->reg + WINDOW_CTRL(i));
++ }
++
++ for (i = 0; i < dev->plat_data->dram->num_cs; i++) {
++ struct mbus_dram_window *cs = dev->plat_data->dram->cs + i;
++ writel(
++ ((cs->size - 1) & 0xffff0000) |
++ (cs->mbus_attr << 8) |
++ (dev->plat_data->dram->mbus_dram_target_id << 4) | 1,
++ dev->reg + WINDOW_CTRL(i)
++ );
++ writel(cs->base, dev->reg + WINDOW_BASE(i));
++ }
++}
++
++/*
++ * our driver startup and shutdown routines
++ */
++static int
++mv_cesa_ocf_init(struct platform_device *pdev)
++{
++#if defined(CONFIG_MV78200) || defined(CONFIG_MV632X)
++ if (MV_FALSE == mvSocUnitIsMappedToThisCpu(CESA))
++ {
++ dprintk("CESA is not mapped to this CPU\n");
++ return -ENODEV;
++ }
++#endif
++
++ dprintk("%s\n", __FUNCTION__);
++ memset(&mv_cesa_dev, 0, sizeof(mv_cesa_dev));
++ softc_device_init(&mv_cesa_dev, "MV CESA", 0, mv_cesa_methods);
++ cesa_ocf_id = crypto_get_driverid(softc_get_device(&mv_cesa_dev),CRYPTOCAP_F_HARDWARE);
++
++ if (cesa_ocf_id < 0)
++ panic("MV CESA crypto device cannot initialize!");
++
++ dprintk("%s,%d: cesa ocf device id is %d \n", __FILE__, __LINE__, cesa_ocf_id);
++
++ /* CESA unit is auto power on off */
++#if 0
++ if (MV_FALSE == mvCtrlPwrClckGet(CESA_UNIT_ID,0))
++ {
++ printk("\nWarning CESA %d is Powered Off\n",0);
++ return EINVAL;
++ }
++#endif
++
++ memset(&cesa_device, 0, sizeof(struct cesa_dev));
++ /* Get the IRQ, and crypto memory regions */
++ {
++ struct resource *res;
++ res = platform_get_resource_bynam