2 sec controller unit, 1 static eu access, 2 dynamic eu access – Freescale Semiconductor MCF5480 User Manual

Overview

MCF548x Reference Manual, Rev. 3

Freescale Semiconductor

22-3

22.4.2

SEC Controller Unit

The SEC controller unit manages on-chip resources, including the individual execution units (EUs),

FIFOs, the bus interface, and the internal buses that connect all the various modules. The controller

receives service requests from the bus interface and various crypto-channels, and schedules the required

activities. The controller can configure each of the on-chip resources in two modes:

•

Static mode—The user can reserve a specific execution unit to a specific crypto-channel.

•

Dynamic mode—A crypto channel can request a particular service from any available execution

unit.

22.4.2.1

Static EU Access

The controller can be configured to assign one or more EUs for a particular crypto-channel. Doing so

permits locking the EU to a particular context. When in this mode, the crypto-channel can be used by

multiple descriptors representing the same context without unloading and reloading the context at the end

of each descriptor. This mode presents considerable performance improvement over dynamic access, but

only when the SEC is supporting few (or one) contexts.

22.4.2.2

Dynamic EU Access

Processing begins when a data packet descriptor pointer is written to the fetch register (FR) of one of the

crypto-channels. First, the controller dynamically reserves usage of an EU to the crypto-channel. If all

appropriate EUs are already dynamically reserved by other crypto-channels, the crypto-channel stalls and

waits to fetch data until an appropriate EU is available. If multiple crypto-channels simultaneously request

the same EU, the EU is assigned on a weighted priority or round-robin basis.
Once the required EU has been reserved, the crypto-channel fetches and loads the appropriate data packets,

operates the EU, unloads data to system memory, and releases the EU for use by another crypto-channel.

If a crypto-channel attempts to reserve a statically-assigned EU (and no appropriate EUs are available for

dynamic assignment), an interrupt is generated and status indicates an illegal access. When dynamic

assignment is used, each encryption/decryption packet descriptor must contain the context and/or keys that

are required for the requested operation.

22.4.3

Crypto-Channels

The SEC includes two crypto-channels that manage data and EU function. Each crypto-channel consists

of the following:

•

Control registers containing information about the transaction in process

•

A status register containing an indication of the last unfulfilled bus request

•

A pointer register indicating the location of a new descriptor to fetch

•

Buffer memory used to store the active data packet descriptor

Crypto-channels analyze the data packet descriptor header and requests the first required cryptographic

service from the controller.
After the controller grants access to the required EU, the crypto-channel and the controller perform the

following steps:

1. Set the appropriate mode bits available in the EU for the required service.
2. Fetch context and other parameters as indicated in the data packet descriptor buffer and use these

to program the EU.

3. Fetch data as indicated and place in either the EU input FIFO or the EU itself (as appropriate).