summaryrefslogtreecommitdiffstats
path: root/target/linux/generic/files/crypto/ocf/safe/safereg.h
blob: dbaf98fe789a9028109d0a5393704dd0ac7bef2f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
/*-
 * Copyright (c) 2003 Sam Leffler, Errno Consulting
 * Copyright (c) 2003 Global Technology Associates, Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * $FreeBSD: src/sys/dev/safe/safereg.h,v 1.1 2003/07/21 21:46:07 sam Exp $
 */
#ifndef _SAFE_SAFEREG_H_
#define	_SAFE_SAFEREG_H_

/*
 * Register definitions for SafeNet SafeXcel-1141 crypto device.
 * Definitions from revision 1.3 (Nov 6 2002) of the User's Manual.
 */

#define BS_BAR			0x10	/* DMA base address register */
#define	BS_TRDY_TIMEOUT		0x40	/* TRDY timeout */
#define	BS_RETRY_TIMEOUT	0x41	/* DMA retry timeout */

#define	PCI_VENDOR_SAFENET	0x16ae		/* SafeNet, Inc. */

/* SafeNet */
#define	PCI_PRODUCT_SAFEXCEL	0x1141		/* 1141 */

#define	SAFE_PE_CSR		0x0000	/* Packet Enginge Ctrl/Status */
#define	SAFE_PE_SRC		0x0004	/* Packet Engine Source */
#define	SAFE_PE_DST		0x0008	/* Packet Engine Destination */
#define	SAFE_PE_SA		0x000c	/* Packet Engine SA */
#define	SAFE_PE_LEN		0x0010	/* Packet Engine Length */
#define	SAFE_PE_DMACFG		0x0040	/* Packet Engine DMA Configuration */
#define	SAFE_PE_DMASTAT		0x0044	/* Packet Engine DMA Status */
#define	SAFE_PE_PDRBASE		0x0048	/* Packet Engine Descriptor Ring Base */
#define	SAFE_PE_RDRBASE		0x004c	/* Packet Engine Result Ring Base */
#define	SAFE_PE_RINGCFG		0x0050	/* Packet Engine Ring Configuration */
#define	SAFE_PE_RINGPOLL	0x0054	/* Packet Engine Ring Poll */
#define	SAFE_PE_IRNGSTAT	0x0058	/* Packet Engine Internal Ring Status */
#define	SAFE_PE_ERNGSTAT	0x005c	/* Packet Engine External Ring Status */
#define	SAFE_PE_IOTHRESH	0x0060	/* Packet Engine I/O Threshold */
#define	SAFE_PE_GRNGBASE	0x0064	/* Packet Engine Gather Ring Base */
#define	SAFE_PE_SRNGBASE	0x0068	/* Packet Engine Scatter Ring Base */
#define	SAFE_PE_PARTSIZE	0x006c	/* Packet Engine Particlar Ring Size */
#define	SAFE_PE_PARTCFG		0x0070	/* Packet Engine Particle Ring Config */
#define	SAFE_CRYPTO_CTRL	0x0080	/* Crypto Control */
#define	SAFE_DEVID		0x0084	/* Device ID */
#define	SAFE_DEVINFO		0x0088	/* Device Info */
#define	SAFE_HU_STAT		0x00a0	/* Host Unmasked Status */
#define	SAFE_HM_STAT		0x00a4	/* Host Masked Status (read-only) */
#define	SAFE_HI_CLR		0x00a4	/* Host Clear Interrupt (write-only) */
#define	SAFE_HI_MASK		0x00a8	/* Host Mask Control */
#define	SAFE_HI_CFG		0x00ac	/* Interrupt Configuration */
#define	SAFE_HI_RD_DESCR	0x00b4	/* Force Descriptor Read */
#define	SAFE_HI_DESC_CNT	0x00b8	/* Host Descriptor Done Count */
#define	SAFE_DMA_ENDIAN		0x00c0	/* Master Endian Status */
#define	SAFE_DMA_SRCADDR	0x00c4	/* DMA Source Address Status */
#define	SAFE_DMA_DSTADDR	0x00c8	/* DMA Destination Address Status */
#define	SAFE_DMA_STAT		0x00cc	/* DMA Current Status */
#define	SAFE_DMA_CFG		0x00d4	/* DMA Configuration/Status */
#define	SAFE_ENDIAN		0x00e0	/* Endian Configuration */
#define	SAFE_PK_A_ADDR		0x0800	/* Public Key A Address */
#define	SAFE_PK_B_ADDR		0x0804	/* Public Key B Address */
#define	SAFE_PK_C_ADDR		0x0808	/* Public Key C Address */
#define	SAFE_PK_D_ADDR		0x080c	/* Public Key D Address */
#define	SAFE_PK_A_LEN		0x0810	/* Public Key A Length */
#define	SAFE_PK_B_LEN		0x0814	/* Public Key B Length */
#define	SAFE_PK_SHIFT		0x0818	/* Public Key Shift */
#define	SAFE_PK_FUNC		0x081c	/* Public Key Function */
#define SAFE_PK_RAM_START	0x1000	/* Public Key RAM start address */
#define SAFE_PK_RAM_END		0x1fff	/* Public Key RAM end address */

#define	SAFE_RNG_OUT		0x0100	/* RNG Output */
#define	SAFE_RNG_STAT		0x0104	/* RNG Status */
#define	SAFE_RNG_CTRL		0x0108	/* RNG Control */
#define	SAFE_RNG_A		0x010c	/* RNG A */
#define	SAFE_RNG_B		0x0110	/* RNG B */
#define	SAFE_RNG_X_LO		0x0114	/* RNG X [31:0] */
#define	SAFE_RNG_X_MID		0x0118	/* RNG X [63:32] */
#define	SAFE_RNG_X_HI		0x011c	/* RNG X [80:64] */
#define	SAFE_RNG_X_CNTR		0x0120	/* RNG Counter */
#define	SAFE_RNG_ALM_CNT	0x0124	/* RNG Alarm Count */
#define	SAFE_RNG_CNFG		0x0128	/* RNG Configuration */
#define	SAFE_RNG_LFSR1_LO	0x012c	/* RNG LFSR1 [31:0] */
#define	SAFE_RNG_LFSR1_HI	0x0130	/* RNG LFSR1 [47:32] */
#define	SAFE_RNG_LFSR2_LO	0x0134	/* RNG LFSR1 [31:0] */
#define	SAFE_RNG_LFSR2_HI	0x0138	/* RNG LFSR1 [47:32] */

#define	SAFE_PE_CSR_READY	0x00000001	/* ready for processing */
#define	SAFE_PE_CSR_DONE	0x00000002	/* h/w completed processing */
#define	SAFE_PE_CSR_LOADSA	0x00000004	/* load SA digests */
#define	SAFE_PE_CSR_HASHFINAL	0x00000010	/* do hash pad & write result */
#define	SAFE_PE_CSR_SABUSID	0x000000c0	/* bus id for SA */
#define	SAFE_PE_CSR_SAPCI	0x00000040	/* PCI bus id for SA */
#define	SAFE_PE_CSR_NXTHDR	0x0000ff00	/* next hdr value for IPsec */
#define	SAFE_PE_CSR_FPAD	0x0000ff00	/* fixed pad for basic ops */
#define	SAFE_PE_CSR_STATUS	0x00ff0000	/* operation result status */
#define	SAFE_PE_CSR_AUTH_FAIL	0x00010000	/* ICV mismatch (inbound) */
#define	SAFE_PE_CSR_PAD_FAIL	0x00020000	/* pad verify fail (inbound) */
#define	SAFE_PE_CSR_SEQ_FAIL	0x00040000	/* sequence number (inbound) */
#define	SAFE_PE_CSR_XERROR	0x00080000	/* extended error follows */
#define	SAFE_PE_CSR_XECODE	0x00f00000	/* extended error code */
#define	SAFE_PE_CSR_XECODE_S	20
#define	SAFE_PE_CSR_XECODE_BADCMD	0	/* invalid command */
#define	SAFE_PE_CSR_XECODE_BADALG	1	/* invalid algorithm */
#define	SAFE_PE_CSR_XECODE_ALGDIS	2	/* algorithm disabled */
#define	SAFE_PE_CSR_XECODE_ZEROLEN	3	/* zero packet length */
#define	SAFE_PE_CSR_XECODE_DMAERR	4	/* bus DMA error */
#define	SAFE_PE_CSR_XECODE_PIPEABORT	5	/* secondary bus DMA error */
#define	SAFE_PE_CSR_XECODE_BADSPI	6	/* IPsec SPI mismatch */
#define	SAFE_PE_CSR_XECODE_TIMEOUT	10	/* failsafe timeout */
#define	SAFE_PE_CSR_PAD		0xff000000	/* ESP padding control/status */
#define	SAFE_PE_CSR_PAD_MIN	0x00000000	/* minimum IPsec padding */
#define	SAFE_PE_CSR_PAD_16	0x08000000	/* pad to 16-byte boundary */
#define	SAFE_PE_CSR_PAD_32	0x10000000	/* pad to 32-byte boundary */
#define	SAFE_PE_CSR_PAD_64	0x20000000	/* pad to 64-byte boundary */
#define	SAFE_PE_CSR_PAD_128	0x40000000	/* pad to 128-byte boundary */
#define	SAFE_PE_CSR_PAD_256	0x80000000	/* pad to 256-byte boundary */

/*
 * Check the CSR to see if the PE has returned ownership to
 * the host.  Note that before processing a descriptor this
 * must be done followed by a check of the SAFE_PE_LEN register
 * status bits to avoid premature processing of a descriptor
 * on its way back to the host.
 */
#define	SAFE_PE_CSR_IS_DONE(_csr) \
    (((_csr) & (SAFE_PE_CSR_READY | SAFE_PE_CSR_DONE)) == SAFE_PE_CSR_DONE)

#define	SAFE_PE_LEN_LENGTH	0x000fffff	/* total length (bytes) */
#define	SAFE_PE_LEN_READY	0x00400000	/* ready for processing */
#define	SAFE_PE_LEN_DONE	0x00800000	/* h/w completed processing */
#define	SAFE_PE_LEN_BYPASS	0xff000000	/* bypass offset (bytes) */
#define	SAFE_PE_LEN_BYPASS_S	24

#define	SAFE_PE_LEN_IS_DONE(_len) \
    (((_len) & (SAFE_PE_LEN_READY | SAFE_PE_LEN_DONE)) == SAFE_PE_LEN_DONE)

/* NB: these apply to HU_STAT, HM_STAT, HI_CLR, and HI_MASK */
#define	SAFE_INT_PE_CDONE	0x00000002	/* PE context done */
#define	SAFE_INT_PE_DDONE	0x00000008	/* PE descriptor done */
#define	SAFE_INT_PE_ERROR	0x00000010	/* PE error */
#define	SAFE_INT_PE_ODONE	0x00000020	/* PE operation done */

#define	SAFE_HI_CFG_PULSE	0x00000001	/* use pulse interrupt */
#define	SAFE_HI_CFG_LEVEL	0x00000000	/* use level interrupt */
#define	SAFE_HI_CFG_AUTOCLR	0x00000002	/* auto-clear pulse interrupt */

#define	SAFE_ENDIAN_PASS	0x000000e4	/* straight pass-thru */
#define	SAFE_ENDIAN_SWAB	0x0000001b	/* swap bytes in 32-bit word */

#define	SAFE_PE_DMACFG_PERESET	0x00000001	/* reset packet engine */
#define	SAFE_PE_DMACFG_PDRRESET	0x00000002	/* reset PDR counters/ptrs */
#define	SAFE_PE_DMACFG_SGRESET	0x00000004	/* reset scatter/gather cache */
#define	SAFE_PE_DMACFG_FSENA	0x00000008	/* enable failsafe reset */
#define	SAFE_PE_DMACFG_PEMODE	0x00000100	/* packet engine mode */
#define	SAFE_PE_DMACFG_SAPREC	0x00000200	/* SA precedes packet */
#define	SAFE_PE_DMACFG_PKFOLL	0x00000400	/* packet follows descriptor */
#define	SAFE_PE_DMACFG_GPRBID	0x00003000	/* gather particle ring busid */
#define	SAFE_PE_DMACFG_GPRPCI	0x00001000	/* PCI gather particle ring */
#define	SAFE_PE_DMACFG_SPRBID	0x0000c000	/* scatter part. ring busid */
#define	SAFE_PE_DMACFG_SPRPCI	0x00004000	/* PCI scatter part. ring */
#define	SAFE_PE_DMACFG_ESDESC	0x00010000	/* endian swap descriptors */
#define	SAFE_PE_DMACFG_ESSA	0x00020000	/* endian swap SA data */
#define	SAFE_PE_DMACFG_ESPACKET	0x00040000	/* endian swap packet data */
#define	SAFE_PE_DMACFG_ESPDESC	0x00080000	/* endian swap particle desc. */
#define	SAFE_PE_DMACFG_NOPDRUP	0x00100000	/* supp. PDR ownership update */
#define	SAFE_PD_EDMACFG_PCIMODE	0x01000000	/* PCI target mode */

#define	SAFE_PE_DMASTAT_PEIDONE	0x00000001	/* PE core input done */
#define	SAFE_PE_DMASTAT_PEODONE	0x00000002	/* PE core output done */
#define	SAFE_PE_DMASTAT_ENCDONE	0x00000004	/* encryption done */
#define	SAFE_PE_DMASTAT_IHDONE	0x00000008	/* inner hash done */
#define	SAFE_PE_DMASTAT_OHDONE	0x00000010	/* outer hash (HMAC) done */
#define	SAFE_PE_DMASTAT_PADFLT	0x00000020	/* crypto pad fault */
#define	SAFE_PE_DMASTAT_ICVFLT	0x00000040	/* ICV fault */
#define	SAFE_PE_DMASTAT_SPIMIS	0x00000080	/* SPI mismatch */
#define	SAFE_PE_DMASTAT_CRYPTO	0x00000100	/* crypto engine timeout */
#define	SAFE_PE_DMASTAT_CQACT	0x00000200	/* command queue active */
#define	SAFE_PE_DMASTAT_IRACT	0x00000400	/* input request active */
#define	SAFE_PE_DMASTAT_ORACT	0x00000800	/* output request active */
#define	SAFE_PE_DMASTAT_PEISIZE	0x003ff000	/* PE input size:32-bit words */
#define	SAFE_PE_DMASTAT_PEOSIZE	0xffc00000	/* PE out. size:32-bit words */

#define	SAFE_PE_RINGCFG_SIZE	0x000003ff	/* ring size (descriptors) */
#define	SAFE_PE_RINGCFG_OFFSET	0xffff0000	/* offset btw desc's (dwords) */
#define	SAFE_PE_RINGCFG_OFFSET_S	16

#define	SAFE_PE_RINGPOLL_POLL	0x00000fff	/* polling frequency/divisor */
#define	SAFE_PE_RINGPOLL_RETRY	0x03ff0000	/* polling frequency/divisor */
#define	SAFE_PE_RINGPOLL_CONT	0x80000000	/* continuously poll */

#define	SAFE_PE_IRNGSTAT_CQAVAIL 0x00000001	/* command queue available */

#define	SAFE_PE_ERNGSTAT_NEXT	0x03ff0000	/* index of next packet desc. */
#define	SAFE_PE_ERNGSTAT_NEXT_S	16

#define	SAFE_PE_IOTHRESH_INPUT	0x000003ff	/* input threshold (dwords) */
#define	SAFE_PE_IOTHRESH_OUTPUT	0x03ff0000	/* output threshold (dwords) */

#define	SAFE_PE_PARTCFG_SIZE	0x0000ffff	/* scatter particle size */
#define	SAFE_PE_PARTCFG_GBURST	0x00030000	/* gather particle burst */
#define	SAFE_PE_PARTCFG_GBURST_2	0x00000000
#define	SAFE_PE_PARTCFG_GBURST_4	0x00010000
#define	SAFE_PE_PARTCFG_GBURST_8	0x00020000
#define	SAFE_PE_PARTCFG_GBURST_16	0x00030000
#define	SAFE_PE_PARTCFG_SBURST	0x000c0000	/* scatter particle burst */
#define	SAFE_PE_PARTCFG_SBURST_2	0x00000000
#define	SAFE_PE_PARTCFG_SBURST_4	0x00040000
#define	SAFE_PE_PARTCFG_SBURST_8	0x00080000
#define	SAFE_PE_PARTCFG_SBURST_16	0x000c0000

#define	SAFE_PE_PARTSIZE_SCAT	0xffff0000	/* scatter particle ring size */
#define	SAFE_PE_PARTSIZE_GATH	0x0000ffff	/* gather particle ring size */

#define	SAFE_CRYPTO_CTRL_3DES	0x00000001	/* enable 3DES support */
#define	SAFE_CRYPTO_CTRL_PKEY	0x00010000	/* enable public key support */
#define	SAFE_CRYPTO_CTRL_RNG	0x00020000	/* enable RNG support */

#define	SAFE_DEVINFO_REV_MIN	0x0000000f	/* minor rev for chip */
#define	SAFE_DEVINFO_REV_MAJ	0x000000f0	/* major rev for chip */
#define	SAFE_DEVINFO_REV_MAJ_S	4
#define	SAFE_DEVINFO_DES	0x00000100	/* DES/3DES support present */
#define	SAFE_DEVINFO_ARC4	0x00000200	/* ARC4 support present */
#define	SAFE_DEVINFO_AES	0x00000400	/* AES support present */
#define	SAFE_DEVINFO_MD5	0x00001000	/* MD5 support present */
#define	SAFE_DEVINFO_SHA1	0x00002000	/* SHA-1 support present */
#define	SAFE_DEVINFO_RIPEMD	0x00004000	/* RIPEMD support present */
#define	SAFE_DEVINFO_DEFLATE	0x00010000	/* Deflate support present */
#define	SAFE_DEVINFO_SARAM	0x00100000	/* on-chip SA RAM present */
#define	SAFE_DEVINFO_EMIBUS	0x00200000	/* EMI bus present */
#define	SAFE_DEVINFO_PKEY	0x00400000	/* public key support present */
#define	SAFE_DEVINFO_RNG	0x00800000	/* RNG present */

#define	SAFE_REV(_maj, _min)	(((_maj) << SAFE_DEVINFO_REV_MAJ_S) | (_min))
#define	SAFE_REV_MAJ(_chiprev) \
	(((_chiprev) & SAFE_DEVINFO_REV_MAJ) >> SAFE_DEVINFO_REV_MAJ_S)
#define	SAFE_REV_MIN(_chiprev)	((_chiprev) & SAFE_DEVINFO_REV_MIN)

#define	SAFE_PK_FUNC_MULT	0x00000001	/* Multiply function */
#define	SAFE_PK_FUNC_SQUARE	0x00000004	/* Square function */
#define	SAFE_PK_FUNC_ADD	0x00000010	/* Add function */
#define	SAFE_PK_FUNC_SUB	0x00000020	/* Subtract function */
#define	SAFE_PK_FUNC_LSHIFT	0x00000040	/* Left-shift function */
#define	SAFE_PK_FUNC_RSHIFT	0x00000080	/* Right-shift function */
#define	SAFE_PK_FUNC_DIV	0x00000100	/* Divide function */
#define	SAFE_PK_FUNC_CMP	0x00000400	/* Compare function */
#define	SAFE_PK_FUNC_COPY	0x00000800	/* Copy function */
#define	SAFE_PK_FUNC_EXP16	0x00002000	/* Exponentiate (4-bit ACT) */
#define	SAFE_PK_FUNC_EXP4	0x00004000	/* Exponentiate (2-bit ACT) */
#define	SAFE_PK_FUNC_RUN	0x00008000	/* start/status */

#define	SAFE_RNG_STAT_BUSY	0x00000001	/* busy, data not valid */

#define	SAFE_RNG_CTRL_PRE_LFSR	0x00000001	/* enable output pre-LFSR */
#define	SAFE_RNG_CTRL_TST_MODE	0x00000002	/* enable test mode */
#define	SAFE_RNG_CTRL_TST_RUN	0x00000004	/* start test state machine */
#define	SAFE_RNG_CTRL_ENA_RING1	0x00000008	/* test entropy oscillator #1 */
#define	SAFE_RNG_CTRL_ENA_RING2	0x00000010	/* test entropy oscillator #2 */
#define	SAFE_RNG_CTRL_DIS_ALARM	0x00000020	/* disable RNG alarm reports */
#define	SAFE_RNG_CTRL_TST_CLOCK	0x00000040	/* enable test clock */
#define	SAFE_RNG_CTRL_SHORTEN	0x00000080	/* shorten state timers */
#define	SAFE_RNG_CTRL_TST_ALARM	0x00000100	/* simulate alarm state */
#define	SAFE_RNG_CTRL_RST_LFSR	0x00000200	/* reset LFSR */

/*
 * Packet engine descriptor.  Note that d_csr is a copy of the
 * SAFE_PE_CSR register and all definitions apply, and d_len
 * is a copy of the SAFE_PE_LEN register and all definitions apply.
 * d_src and d_len may point directly to contiguous data or to a
 * list of ``particle descriptors'' when using scatter/gather i/o.
 */
struct safe_desc {
	u_int32_t	d_csr;			/* per-packet control/status */
	u_int32_t	d_src;			/* source address */
	u_int32_t	d_dst;			/* destination address */
	u_int32_t	d_sa;			/* SA address */
	u_int32_t	d_len;			/* length, bypass, status */
};

/*
 * Scatter/Gather particle descriptor.
 *
 * NB: scatter descriptors do not specify a size; this is fixed
 *     by the setting of the SAFE_PE_PARTCFG register.
 */
struct safe_pdesc {
	u_int32_t	pd_addr;		/* particle address */
#ifdef __BIG_ENDIAN
	u_int16_t	pd_flags;		/* control word */
	u_int16_t	pd_size;		/* particle size (bytes) */
#else
	u_int16_t	pd_flags;		/* control word */
	u_int16_t	pd_size;		/* particle size (bytes) */
#endif
};

#define	SAFE_PD_READY	0x0001			/* ready for processing */
#define	SAFE_PD_DONE	0x0002			/* h/w completed processing */

/*
 * Security Association (SA) Record (Rev 1).  One of these is
 * required for each operation processed by the packet engine.
 */
struct safe_sarec {
	u_int32_t	sa_cmd0;
	u_int32_t	sa_cmd1;
	u_int32_t	sa_resv0;
	u_int32_t	sa_resv1;
	u_int32_t	sa_key[8];		/* DES/3DES/AES key */
	u_int32_t	sa_indigest[5];		/* inner digest */
	u_int32_t	sa_outdigest[5];	/* outer digest */
	u_int32_t	sa_spi;			/* SPI */
	u_int32_t	sa_seqnum;		/* sequence number */
	u_int32_t	sa_seqmask[2];		/* sequence number mask */
	u_int32_t	sa_resv2;
	u_int32_t	sa_staterec;		/* address of state record */
	u_int32_t	sa_resv3[2];
	u_int32_t	sa_samgmt0;		/* SA management field 0 */
	u_int32_t	sa_samgmt1;		/* SA management field 0 */
};

#define	SAFE_SA_CMD0_OP		0x00000007	/* operation code */
#define	SAFE_SA_CMD0_OP_CRYPT	0x00000000	/* encrypt/decrypt (basic) */
#define	SAFE_SA_CMD0_OP_BOTH	0x00000001	/* encrypt-hash/hash-decrypto */
#define	SAFE_SA_CMD0_OP_HASH	0x00000003	/* hash (outbound-only) */
#define	SAFE_SA_CMD0_OP_ESP	0x00000000	/* ESP in/out (proto) */
#define	SAFE_SA_CMD0_OP_AH	0x00000001	/* AH in/out (proto) */
#define	SAFE_SA_CMD0_INBOUND	0x00000008	/* inbound operation */
#define	SAFE_SA_CMD0_OUTBOUND	0x00000000	/* outbound operation */
#define	SAFE_SA_CMD0_GROUP	0x00000030	/* operation group */
#define	SAFE_SA_CMD0_BASIC	0x00000000	/* basic operation */
#define	SAFE_SA_CMD0_PROTO	0x00000010	/* protocol/packet operation */
#define	SAFE_SA_CMD0_BUNDLE	0x00000020	/* bundled operation (resvd) */
#define	SAFE_SA_CMD0_PAD	0x000000c0	/* crypto pad method */
#define	SAFE_SA_CMD0_PAD_IPSEC	0x00000000	/* IPsec padding */
#define	SAFE_SA_CMD0_PAD_PKCS7	0x00000040	/* PKCS#7 padding */
#define	SAFE_SA_CMD0_PAD_CONS	0x00000080	/* constant padding */
#define	SAFE_SA_CMD0_PAD_ZERO	0x000000c0	/* zero padding */
#define	SAFE_SA_CMD0_CRYPT_ALG	0x00000f00	/* symmetric crypto algorithm */
#define	SAFE_SA_CMD0_DES	0x00000000	/* DES crypto algorithm */
#define	SAFE_SA_CMD0_3DES	0x00000100	/* 3DES crypto algorithm */
#define	SAFE_SA_CMD0_AES	0x00000300	/* AES crypto algorithm */
#define	SAFE_SA_CMD0_CRYPT_NULL	0x00000f00	/* null crypto algorithm */
#define	SAFE_SA_CMD0_HASH_ALG	0x0000f000	/* hash algorithm */
#define	SAFE_SA_CMD0_MD5	0x00000000	/* MD5 hash algorithm */
#define	SAFE_SA_CMD0_SHA1	0x00001000	/* SHA-1 hash algorithm */
#define	SAFE_SA_CMD0_HASH_NULL	0x0000f000	/* null hash algorithm */
#define	SAFE_SA_CMD0_HDR_PROC	0x00080000	/* header processing */
#define	SAFE_SA_CMD0_IBUSID	0x00300000	/* input bus id */
#define	SAFE_SA_CMD0_IPCI	0x00100000	/* PCI input bus id */
#define	SAFE_SA_CMD0_OBUSID	0x00c00000	/* output bus id */
#define	SAFE_SA_CMD0_OPCI	0x00400000	/* PCI output bus id */
#define	SAFE_SA_CMD0_IVLD	0x03000000	/* IV loading */
#define	SAFE_SA_CMD0_IVLD_NONE	0x00000000	/* IV no load (reuse) */
#define	SAFE_SA_CMD0_IVLD_IBUF	0x01000000	/* IV load from input buffer */
#define	SAFE_SA_CMD0_IVLD_STATE	0x02000000	/* IV load from state */
#define	SAFE_SA_CMD0_HSLD	0x0c000000	/* hash state loading */
#define	SAFE_SA_CMD0_HSLD_SA	0x00000000	/* hash state load from SA */
#define	SAFE_SA_CMD0_HSLD_STATE	0x08000000	/* hash state load from state */
#define	SAFE_SA_CMD0_HSLD_NONE	0x0c000000	/* hash state no load */
#define	SAFE_SA_CMD0_SAVEIV	0x10000000	/* save IV */
#define	SAFE_SA_CMD0_SAVEHASH	0x20000000	/* save hash state */
#define	SAFE_SA_CMD0_IGATHER	0x40000000	/* input gather */
#define	SAFE_SA_CMD0_OSCATTER	0x80000000	/* output scatter */

#define	SAFE_SA_CMD1_HDRCOPY	0x00000002	/* copy header to output */
#define	SAFE_SA_CMD1_PAYCOPY	0x00000004	/* copy payload to output */
#define	SAFE_SA_CMD1_PADCOPY	0x00000008	/* copy pad to output */
#define	SAFE_SA_CMD1_IPV4	0x00000000	/* IPv4 protocol */
#define	SAFE_SA_CMD1_IPV6	0x00000010	/* IPv6 protocol */
#define	SAFE_SA_CMD1_MUTABLE	0x00000020	/* mutable bit processing */
#define	SAFE_SA_CMD1_SRBUSID	0x000000c0	/* state record bus id */
#define	SAFE_SA_CMD1_SRPCI	0x00000040	/* state record from PCI */
#define	SAFE_SA_CMD1_CRMODE	0x00000300	/* crypto mode */
#define	SAFE_SA_CMD1_ECB	0x00000000	/* ECB crypto mode */
#define	SAFE_SA_CMD1_CBC	0x00000100	/* CBC crypto mode */
#define	SAFE_SA_CMD1_OFB	0x00000200	/* OFB crypto mode */
#define	SAFE_SA_CMD1_CFB	0x00000300	/* CFB crypto mode */
#define	SAFE_SA_CMD1_CRFEEDBACK	0x00000c00	/* crypto feedback mode */
#define	SAFE_SA_CMD1_64BIT	0x00000000	/* 64-bit crypto feedback */
#define	SAFE_SA_CMD1_8BIT	0x00000400	/* 8-bit crypto feedback */
#define	SAFE_SA_CMD1_1BIT	0x00000800	/* 1-bit crypto feedback */
#define	SAFE_SA_CMD1_128BIT	0x00000c00	/* 128-bit crypto feedback */
#define	SAFE_SA_CMD1_OPTIONS	0x00001000	/* HMAC/options mutable bit */
#define	SAFE_SA_CMD1_HMAC	SAFE_SA_CMD1_OPTIONS
#define	SAFE_SA_CMD1_SAREV1	0x00008000	/* SA Revision 1 */
#define	SAFE_SA_CMD1_OFFSET	0x00ff0000	/* hash/crypto offset(dwords) */
#define	SAFE_SA_CMD1_OFFSET_S	16
#define	SAFE_SA_CMD1_AESKEYLEN	0x0f000000	/* AES key length */
#define	SAFE_SA_CMD1_AES128	0x02000000	/* 128-bit AES key */
#define	SAFE_SA_CMD1_AES192	0x03000000	/* 192-bit AES key */
#define	SAFE_SA_CMD1_AES256	0x04000000	/* 256-bit AES key */

/* 
 * Security Associate State Record (Rev 1).
 */
struct safe_sastate {
	u_int32_t	sa_saved_iv[4];		/* saved IV (DES/3DES/AES) */
	u_int32_t	sa_saved_hashbc;	/* saved hash byte count */
	u_int32_t	sa_saved_indigest[5];	/* saved inner digest */
};
#endif /* _SAFE_SAFEREG_H_ */