Commit Graph

49 Commits

Author SHA1 Message Date
sam
f96ba7ffda Overhaul driver/subsystem api's:
o make all crypto drivers have a device_t; pseudo drivers like the s/w
  crypto driver synthesize one
o change the api between the crypto subsystem and drivers to use kobj;
  cryptodev_if.m defines this api
o use the fact that all crypto drivers now have a device_t to add support
  for specifying which of several potential devices to use when doing
  crypto operations
o add new ioctls that allow user apps to select a specific crypto device
  to use (previous ioctls maintained for compatibility)
o overhaul crypto subsystem code to eliminate lots of cruft and hide
  implementation details from drivers
o bring in numerous fixes from Michale Richardson/hifn; mostly for
  795x parts
o add an optional mechanism for mmap'ing the hifn 795x public key h/w
  to user space for use by openssl (not enabled by default)
o update crypto test tools to use new ioctl's and add cmd line options
  to specify a device to use for tests

These changes will also enable much future work on improving the core
crypto subsystem; including proper load balancing and interposing code
between the core and drivers to dispatch small operations to the s/w
driver as appropriate.

These changes were instigated by the work of Michael Richardson.

Reviewed by:	pjd
Approved by:	re
2007-03-21 03:42:51 +00:00
piso
6a2ffa86e5 o break newbus api: add a new argument of type driver_filter_t to
bus_setup_intr()

o add an int return code to all fast handlers

o retire INTR_FAST/IH_FAST

For more info: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=465712+0+current/freebsd-current

Reviewed by: many
Approved by: re@
2007-02-23 12:19:07 +00:00
ru
993a35babf Switch to using STAILQ_REMOVE_HEAD() instead of STAILQ_REMOVE_HEAD_UNTIL().
Submitted by:	Stepan A. Baranov

This corresponds to OpenBSD rev. 1.134:

: revision 1.134
: date: 2004/05/04 16:59:31;  author: grange;  state: Exp;  lines: +10 -10
: Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro.
: This matches our SLIST behaviour and NetBSD's SIMPLEQ as well.
:
: ok millert krw deraadt
2006-10-24 11:17:46 +00:00
jhb
5d888a0655 Trim trailing whitespace. 2006-10-02 18:16:29 +00:00
jhb
b69bfe457d - Use m_getcl(), m_get(), and m_gethdr() rather than the older macros for
alloc'ing mbufs so that there is less error handling required.
- Go ahead and account for the data space in the first mbuf before entering
  the loop to alloc more mbuf's.  This simplifies the loop logic and avoids
  confusing Coverity.

CID:		817
Reviewed by:	sam
Tested by:	pjd
Found by:	Coverity Prevent (tm)
2006-08-02 17:41:58 +00:00
pjd
1be5d52a81 Handle errors in the same way it is done in safe(4). 2006-06-06 13:58:12 +00:00
pjd
95669b8564 Don't increase hst_obytes field twice - it is already done at the begining
of the function.
It was wrong anyway, because we also support uio's structures, not only
mbufs.
2006-06-06 13:32:26 +00:00
pjd
36f6d629b7 Use newly added functions to simplify the code. 2006-06-04 22:17:25 +00:00
pjd
ab72bdd9e6 Use defines from cryptodev.h. 2006-06-04 15:00:52 +00:00
pjd
1dc756f405 - Remove HMAC_BLOCK_LEN, it serves no purpose.
- Use defines of used algorithm instead of HMAC_BLOCK_LEN.
2006-06-04 14:49:34 +00:00
pjd
51d59a64a2 Add support for the CRD_F_KEY_EXPLICIT flag for both encryption and
authentication operations.
2006-06-04 14:13:17 +00:00
pjd
5d2b8cab82 Don't forget to destroy the sc_freeqlock mutex on detach. 2006-06-04 13:45:04 +00:00
pjd
1e94f38ebf Forgot to remove the line. 2006-05-23 09:02:14 +00:00
pjd
155cfd3b00 Fix HMACs handling with uio's by not using crp_mac for storing calculated
HMAC. crp_mac is going to be removed.
2006-05-22 16:18:21 +00:00
pjd
b32bb839fe Protect the sc_needwakeup field with the sc_freeqlock mutex. 2006-05-22 10:11:18 +00:00
pjd
13602a353c Honor cri_mlen value.
Reviewed by:	sam
Tested on:	hifn(4), ubsec(4)
Compile-tested:	safe(4)
2006-05-17 18:34:26 +00:00
phk
ef310efff8 Since DELAY() was moved, most <machine/clock.h> #includes have been
unnecessary.
2006-05-16 14:37:58 +00:00
pjd
23fa018811 ubsec(4) doesn't support explicitly provided keys. Return an error instead
of encrypting/decrypting data with a wrong key.
2006-04-10 18:37:46 +00:00
imp
ca5e477ca2 Use BUS_PROBE_DEFAULT in preference to 0. Also for vx, return
BUS_PROBE_LOW_PRIORITY in stead of ifdef for devices that xl and vx
both support so that xl will snarf them on up.
2005-03-01 07:50:12 +00:00
imp
4b319958e7 Start each of the license/copyright comments with /*-, minor shuffle of lines 2005-01-06 01:43:34 +00:00
phk
9d102d7d5a Add missing <sys/module.h> includes 2004-05-30 20:08:47 +00:00
njl
05a1f56fc9 Convert callers to the new bus_alloc_resource_any(9) API.
Submitted by:	Mark Santcroos <marks@ripe.net>
Reviewed by:	imp, dfr, bde
2004-03-17 17:50:55 +00:00
obrien
c63dab466c Use __FBSDID().
Also some minor style cleanups.
2003-08-24 17:55:58 +00:00
imp
bf11908ab7 Prefer new location of pci include files (which have only been in the
tree for two or more years now), except in a few places where there's
code to be compatible with older versions of FreeBSD.
2003-08-22 07:08:17 +00:00
sam
59ff2ad5c7 Change instances of callout_init that specify MPSAFE behaviour to
use CALLOUT_MPSAFE instead of "1" for the second parameter.  This
does not change the behaviour; it just makes the intent more clear.
2003-08-19 17:51:11 +00:00
scottl
4d495abb9d Mega busdma API commit.
Add two new arguments to bus_dma_tag_create(): lockfunc and lockfuncarg.
Lockfunc allows a driver to provide a function for managing its locking
semantics while using busdma.  At the moment, this is used for the
asynchronous busdma_swi and callback mechanism.  Two lockfunc implementations
are provided: busdma_lock_mutex() performs standard mutex operations on the
mutex that is specified from lockfuncarg.  dftl_lock() is a panic
implementation and is defaulted to when NULL, NULL are passed to
bus_dma_tag_create().  The only time that NULL, NULL should ever be used is
when the driver ensures that bus_dmamap_load() will not be deferred.
Drivers that do not provide their own locking can pass
busdma_lock_mutex,&Giant args in order to preserve the former behaviour.

sparc64 and powerpc do not provide real busdma_swi functions, so this is
largely a noop on those platforms.  The busdma_swi on is64 is not properly
locked yet, so warnings will be emitted on this platform when busdma
callback deferrals happen.

If anyone gets panics or warnings from dflt_lock() being called, please
let me know right away.

Reviewed by:	tmm, gibbs
2003-07-01 15:52:06 +00:00
sam
e6589a620a Add support to eliminate a context switch per crypto op when using the
software crypto device:

o record crypto device capabilities in each session id
o add a capability that indicates if the crypto driver operates synchronously
o tag the software crypto driver as operating synchronously

This commit also introduces crypto session id macros that cleanup their
construction and querying.
2003-06-27 20:07:10 +00:00
sam
dc9835e169 Redo locking for proper SMP operation:
o replace driver-global lock with three locks: one for the handling of mcr1
  operations, one for handling of mcr2 operations, and one for the mcr1
  free list
o mark the interrupt handler MPSAFE
o don't use locking on detach; disabling interrupts is sufficient (I think)
2003-06-02 23:32:03 +00:00
sam
0c267521bc recognize the Sun Crypto 5821 and Crypto 1K cards;
they both use the Broadcom 5821

Submitted by:	Panagiotis Astithas
MFC after:	1 day
2003-04-27 04:26:22 +00:00
phk
e059b79437 Including <sys/stdint.h> is (almost?) universally only to be able to use
%j in printfs, so put a newsted include in <sys/systm.h> where the printf
prototype lives and save everybody else the trouble.
2003-03-18 08:45:25 +00:00
sam
08b96bb139 o add crypto driver glue for using the new rndtest driver/module; this is
conditional in each driver on foo_RNDTEST being defined_
o bring HIFN_DEBUG and UBSEC_DEBUG out to be visible options; they control
  the debugging printfs that are set with hw.foo.debug (e.g. hw.hifn.debug)
2003-03-11 22:47:06 +00:00
sam
e1a878e4c9 correct output byte count statistic collection 2003-03-11 18:43:24 +00:00
sam
0694bf3fc5 add 5801 and 5802 recognition (somehow lost in transition from openbsd)
Noticed by:	Larry Baird <lab@gta.com>
2003-02-27 21:10:20 +00:00
sam
9f8c317a7d o instead of applying arbitrary tunables, just honor the COP_F_BATCH
flag that can be marked on each symmetric op
o eliminate hw.ubsec.maxbatch and hw.ubsec.maxaggr since they are not
  needed anymore
o change ubsec_feed to return void instead of int since zero is always
  returned and noone ever looked at the return value
2003-02-24 06:03:13 +00:00
imp
cf874b345d Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
sam
3c791c8729 add 5823 device id's; this allows 5823 parts to function but you cannot
use the AES functionality

Submitted by:	Jonathan Stone <jonathan@DSG.Stanford.EDU>
MFC after:	1 day
2003-02-07 23:02:02 +00:00
alfred
bf8e8a6e8f Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
sam
decc2644f1 move sysctl's under hw.ubsec 2003-01-20 21:07:30 +00:00
sam
6aae58cc9a correct printf format
Noticed by:	alpha tinderbox
2003-01-11 04:55:52 +00:00
sam
d73f1fda2f fix memory allocation problems and collateral damage:
o create a separate tag for each object allocated with bus_dmamem_alloc so
  the tag's maxsize is setup appropriately; this reduces memory allocation
  for the queue descriptors from 16M to what it should be and also fixes
  memory allocation for public key operands
o release bus dma resources on detach so module usage doesn't leak
o remove public key op disable now that bus dma memory allocation is fixed
o collect attach error handling in one place

Sponsored by:	Vernier Networks
2003-01-06 21:23:06 +00:00
schweikh
d3367c5f5d Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00
sam
7304a352e6 MFS 1.6.2.3: fixup statistics; turn off batching by default; add max
aggregation tunable and set it to 1 to minimize latency

Sponsored by:	Vernier Networks
2002-12-30 22:16:45 +00:00
sam
b16cb0a948 Correct mbuf packet header propagation. Previously, packet headers
were sometimes propagated using M_COPY_PKTHDR which actually did
something between a "move" and a  "copy" operation.  This is replaced
by M_MOVE_PKTHDR (which copies the pkthdr contents and "removes" it
from the source mbuf) and m_dup_pkthdr which copies the packet
header contents including any m_tag chain.  This corrects numerous
problems whereby mbuf tags could be lost during packet manipulations.

These changes also introduce arguments to m_tag_copy and m_tag_copy_chain
to specify if the tag copy work should potentially block.  This
introduces an incompatibility with openbsd which we may want to revisit.

Note that move/dup of packet headers does not handle target mbufs
that have a cluster bound to them.  We may want to support this;
for now we watch for it with an assert.

Finally, M_COPYFLAGS was updated to include M_FIRSTFRAG|M_LASTFRAG.

Supported by:	Vernier Networks
Reviewed by:	Robert Watson <rwatson@FreeBSD.org>
2002-12-30 20:22:40 +00:00
jhb
6675ed5b5a Quiet some DIAGNOSTIC printf warnings with band-aid casts. 2002-11-07 21:25:49 +00:00
markm
658a7ab8f2 Module-ize the 'core' crypto stuff. This may still need to be compiled
into the kernel by default (if required), but other modules can now
depend() on this.

Fix inter-module dependancy.

Earlier version OK'ed by:	sam
2002-10-16 14:31:34 +00:00
phk
32a73ad530 Be consistent about functions being static.
Spotted by:	FlexeLint.
2002-10-16 08:48:39 +00:00
sam
adba3a4380 No need to hold Giant will harvesting RNG data; change callout_init so
this no longer happens for callbacks.
2002-10-11 17:34:00 +00:00
sam
ee6c62e3fe Track openbsd changes that don't affect us yet (PK supoprt is
currently disabled):

o Don't use constants for the output parameter, use the iparam count as a
  pointer to the first result location.
o Fix bits vs bytes counting problems.
o Split out the hardware and software normalization versions of modexp.
o Enable hardware normalization for chips that support it.
o On reset, disable hardware normalization for 582x and make sure the
  chip is in little endian mode.
o Since sw normalization is now the only option, simplify normalization
  handling.

Also fix RNG harvesting: disabling PK support (for the moment) had disabled
the MCR2 interrupt; consider both KEY support and RNG support when deciding
whether or not to enable it.

Obtained from:	openbsd
2002-10-07 20:02:34 +00:00
sam
3a935a95e3 Crypto device driver for Broadcom-based cards. Known to work with 582x-based
cards.  Supposed to work with several others.

Obtained from:	openbsd
2002-10-04 20:33:20 +00:00