MPC184VMB Datasheet MPC184VFB, MPC184VMB | P4-P6

4 MPC184 Security Processor Technical Summary MOTOROLA

5 Architectural Overview

A block diagram of the MPC184 internal architecture is shown in Figure 5-3. The mode selectable 8xx/PCI

bus interface module is designed to transfer 32-bit words between the external bus and any register inside

the MPC184. An operation begins with a write of a pointer to a crypto-channel fetch register which points

to a data packet descriptor. The channel then requests the descriptor and decodes the operation to be

performed. The channel then makes requests of the controller to assign crypto execution units and fetch the

keys, IV’s and data needed to perform the given operation. The controller satisﬁes the requests by assigning

execution units to the channel and by making requests to the master interface per the programmable priority

scheme. As data is processed, it is written to the individual execution units output buffer and then back to

system memory via the bus interface module.

Figure 5-3. MPC184 Functional Blocks

6 Data Packet Descriptors

As an IPSec accelerator, the MPC184’s controller has been designed for easy use and integration with

existing systems and software. All cryptographic functions are accessible through data packet descriptors,

some of which have been deﬁned as multifunction to facilitate IPSec applications. A data packet descriptor

is diagrammed in Table 6-1.

Table 6-1. Example Data Packet Descriptor

Field Name Value/Type Description

DPD_DES_CTX_CRYPT tbd Representative header for DES using Context to Encrypt

LEN_CTXIN

PTR_CTXIN

length

pointer

Number of bytes to be written

Pointer to Context (IV) to be written into DES engine

LEN_KEY

PTR_KEY

length

pointer

Number of bytes in key

Pointer to block cipher key

LEN_DATAIN

PTR_DATAIN

length

pointer

Number of bytes of data to be ciphered

Pointer to data to perform cipher upon

LEN_DATAOUT

PTR_DATAOUT

length

pointer

Number of bytes of data after ciphering

Pointer to location where cipher output is to be written

crypto-

channel

crypto-

channel

crypto-

channel

crypto-

channel

Master/slave

interface

Control

PKEU

DEU

FIFO

RNG

FIFO

AESU

8KB

gpRAM

FIFO

MDEU

FIFO

AFEU-4

Frees

cale Semiconductor,

Freescale Semiconductor, Inc.

For More Information On This Product,

Go to: www.freescale.com

nc...

MOTOROLA MPC184 Security Processor Technical Summary 5

Each data packet descriptor contains the following:

• Header—The header describes the required services and encodes information that indicates which

EUs to use and which modes to set.

• Seven data length/data pointer pairs—The data length indicates the number of contiguous bytes of

data to be transferred. The data pointer indicates the starting address of the data, key, or context in

system memory.

• Next descriptor pointer

A data packet descriptor ends with a pointer to the next data packet descriptor. Therefore, once a descriptor

is processed and if the value of this pointer is non-zero, it is used to request a burst read of the next

descriptor.

Processing of the next descriptor (and whether or not a done signal is generated) is determined by the

programming of crypto-channel’s conﬁguration register. Two modes of operation are supported:

• Signal done at end of descriptor

• Signal done at end of descriptor chain

The crypto-channel can signal done via an interrupt or by a write-back of the descriptor header after

processing a data packet descriptor. The value written back is identical to that of the header, with the

exception that a DONE ﬁeld is set.

Occasionally, a descriptor ﬁeld may not be applicable to the requested service. For example, if using DES

in ECB mode, the contents of the IV ﬁeld do not affect the result of the DES computation. Therefore, when

processing data packet descriptors, the crypto-channel skips any pointer that has an associated length of

zero.

6.1 External Bus Interface

The External Bus Interface (EBI) manages communication between the MPC184’s internal execution units

and the external bus. The interface is mode selectable between the 8xx bus protocols, used by the

PowerQuicc family of integrated communications processors, and the PCI 2.2 bus protocol. The MPC184

is unique in its ability to act as a bus master on the 8xx bus. All on-chip resources are memory mapped, and

the target accesses and initiator writes from the MPC184 must be addressed on word boundaries. The

MPC184 will perform initiator reads on byte boundaries and will adjust the data to place on word

boundaries as appropriate. The 8xx bus mastering interface allows the MPC184 to off-load both crypto

processing and data movement from the PowerQuicc processor, freeing the CPU for other networking

system functions, allowing the chipset to achieve best in class performance levels .

LEN_CTXOUT

PTR_CTXOUT

length

pointer

Length of output Context (IV)

Pointer to location where altered Context is to be written

nul length

nul pointer

length

pointer

Zeroes for ﬁxed length descriptor ﬁlter

nul length

nul pointer

length

pointer

Zeroes for ﬁxed length descriptor ﬁlter

PTR_NEXT pointer Pointer to next data packet descriptor

Table 6-1. Example Data Packet Descriptor

Field Name Value/Type Description

Frees

cale Semiconductor,

Freescale Semiconductor, Inc.

For More Information On This Product,

Go to: www.freescale.com

nc...

6 MPC184 Security Processor Technical Summary MOTOROLA

6.2 The MPC184 Controller

The MPC184 controller manages on-chip resources, including individual execution units (EUs), FIFOs, the

EBI, and the internal buses that connect all the various modules. The controller receives service requests

from the EBI and various crypto-channels, and schedules the required activities. The controller can

conﬁgure each of the on-chip resources in three modes:

• Host-controlled mode—The host is directly responsible for all data movement into and out of the

resource.

• Static mode—The user can reserve a speciﬁc execution unit to a speciﬁc crypto-channel.

• Dynamic mode—A crypto channel can request a particular service from any available execution

unit.

6.3 Host-Managed Register Access

All EUs can be used entirely through register read/write access. It is strongly recommended that read/write

access only be performed on a EU that is statically assigned to an idle crypto-channel. Such an assignment

is the only method for the host to inform the controller that a particular EU is in use.

6.4 Static EU Access

The Controller can be conﬁgured to reserve one or more EUs to a particular crypto-channel. Doing so

permits locking the EU to a particular context. When in this mode, the crypto-channel can be used by

multiple descriptors representing the same context without unloading and reloading the context at the end

of each descriptor. This mode presents considerable performance improvement over dynamic access, but

only when the MPC184 is supporting a single context (or a single session is being streamed.)

6.5 Dynamic EU Access

Processing begins when a data packet descriptor pointer is written to the next descriptor pointer register of

one of the crypto-channels. Prior to fetching the data referred to by the descriptor and based on the services

requested by the descriptor header in the descriptor buffer, the controller dynamically reserves usage of an

EU to the crypto-channel. If all appropriate EUs are already dynamically reserved by other crypto-channels,

the crypto-channel stalls and waits to fetch data until the appropriate EU is available.

If multiple crypto-channels simultaneously request the same EU, the EU is assigned on a round-robin basis.

Once the required EU has been reserved, the crypto-channel fetches and loads the appropriate data packets,

operates the EU, unloads data to system memory, and releases the EU for use by another crypto-channel. If

a crypto-channel attempts to reserve a statically-assigned EU (and no appropriate EUs are available for

dynamic assignment), an interrupt is generated and status indicates illegal access. When dynamic

assignment is used, each encryption/decryption packet must contain context that is particular to the context

being supported.

6.6 Crypto-Channels

The MPC184 includes four crypto-channels that manage data and EU function. Each crypto-channel

consists of the following:

• Control registers containing information about the transaction in process

• A status register containing an indication of the last unfulﬁlled bus request

• A pointer register indicating the location of a new descriptor to fetch

• Buffer memory used to store the active data packet descriptor

Frees

cale Semiconductor,

Freescale Semiconductor, Inc.

For More Information On This Product,

Go to: www.freescale.com

nc...

P1-P3 P4-P6 P7-P9 P10-P12

MPC184VMB

Mfr. #:

Buy MPC184VMB

Manufacturer:

NXP Semiconductors

Description:

IC SECURITY PROCESSOR 252MAPBGA

Lifecycle:

New from this manufacturer.

Delivery:

DHL FedEx Ups TNT EMS

Payment:

T/T Paypal Visa MoneyGram Western Union

MPC184VMB

MPC184VMB

Products related to this Datasheet