Re: ipsec issue since at least 6.2 on VIA CPUs with padlock
On 02/14/2018 11:26 PM, Mike Belopuhov wrote:
>
> Hi,
>
> Thank you for your report, I think I forgot to convert bits to bytes.
> Please test the diff below.
>
> Cheers,
> Mike
>
>
> diff --git sys/arch/amd64/amd64/via.c sys/arch/amd64/amd64/via.c
> index c0e1e540b12..818c35f53d0 100644
> --- sys/arch/amd64/amd64/via.c
> +++ sys/arch/amd64/amd64/via.c
> @@ -177,13 +177,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct
> cryptoini *cri)
> ses->ses_klen = c->cri_klen;
> ses->ses_cw0 = cw0;
>
> /* Build expanded keys for both directions */
> AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key,
> - c->cri_klen);
> + c->cri_klen / 8);
> AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key,
> - c->cri_klen);
> + c->cri_klen / 8);
> for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) {
> ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]);
> ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]);
> }
>
> diff --git sys/arch/i386/i386/via.c sys/arch/i386/i386/via.c
> index 860fa45c0ac..83a092c24b7 100644
> --- sys/arch/i386/i386/via.c
> +++ sys/arch/i386/i386/via.c
> @@ -178,13 +178,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct
> cryptoini *cri)
> ses->ses_klen = c->cri_klen;
> ses->ses_cw0 = cw0;
>
> /* Build expanded keys for both directions */
> AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key,
> - c->cri_klen);
> + c->cri_klen / 8);
> AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key,
> - c->cri_klen);
> + c->cri_klen / 8);
> for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) {
> ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]);
> ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]);
> }
>
>
Hi Mike,
That patch solved the issue. I was only able to test on i386, but I
suppose it's the same for amd64.
Thank you
Cheers
smime.p7s
Description: S/MIME Cryptographic Signature
Re: ipsec issue since at least 6.2 on VIA CPUs with padlock
On Mon, Feb 12, 2018 at 15:47 +0100, Renaud Allard wrote:
>
>
> On 02/12/2018 01:32 PM, Renaud Allard wrote:
> > Hello,
> >
> > I am running OpenBSD 6.2 i386 on a VIA CPU with padlock.
> > cpu0: VIA Eden Processor 1000MHz ("CentaurHauls" 686-class) 1 GHz
> > cpu0: RNG AES AES-CTR SHA1 SHA256 RSA
> >
> > ipsec with SHA/AES was running fine until I upgraded to 6.2. I could not
> > reproduce this issue anywhere else than on that hardware.
> >
> > When I run an ipsec tunnel (ikev1) with AES and SHA, I can see flows and
> > SA with ipsecctl -s. But no packet ever goes through enc0.
> >
> > If I configure the tunnel to use hmac-md5 and 3des, for which there is
> > no padlock support (everything else being the same), the tunnel just
> > works fine.
> >
> > I am now running -current and the issue is still present.
> >
> > I suppose there is an issue that appeared some time between 6.1 and 6.2
> > which made the crypto acceleration fail with that CPU (and probably with
> > other padlock enabled CPUs too).
> >
>
> I tried multiple configurations, and actually, only AES doesn't work.
> SHA1 till SHA2-512 work, 3DES and blowfish work.
>
Hi,
Thank you for your report, I think I forgot to convert bits to bytes.
Please test the diff below.
Cheers,
Mike
diff --git sys/arch/amd64/amd64/via.c sys/arch/amd64/amd64/via.c
index c0e1e540b12..818c35f53d0 100644
--- sys/arch/amd64/amd64/via.c
+++ sys/arch/amd64/amd64/via.c
@@ -177,13 +177,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct cryptoini
*cri)
ses->ses_klen = c->cri_klen;
ses->ses_cw0 = cw0;
/* Build expanded keys for both directions */
AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key,
- c->cri_klen);
+ c->cri_klen / 8);
AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key,
- c->cri_klen);
+ c->cri_klen / 8);
for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) {
ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]);
ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]);
}
diff --git sys/arch/i386/i386/via.c sys/arch/i386/i386/via.c
index 860fa45c0ac..83a092c24b7 100644
--- sys/arch/i386/i386/via.c
+++ sys/arch/i386/i386/via.c
@@ -178,13 +178,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct cryptoini
*cri)
ses->ses_klen = c->cri_klen;
ses->ses_cw0 = cw0;
/* Build expanded keys for both directions */
AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key,
- c->cri_klen);
+ c->cri_klen / 8);
AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key,
- c->cri_klen);
+ c->cri_klen / 8);
for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) {
ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]);
ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]);
}
Re: ipsec issue since at least 6.2 on VIA CPUs with padlock
On 02/12/2018 01:32 PM, Renaud Allard wrote:
> Hello,
>
> I am running OpenBSD 6.2 i386 on a VIA CPU with padlock.
> cpu0: VIA Eden Processor 1000MHz ("CentaurHauls" 686-class) 1 GHz
> cpu0: RNG AES AES-CTR SHA1 SHA256 RSA
>
> ipsec with SHA/AES was running fine until I upgraded to 6.2. I could not
> reproduce this issue anywhere else than on that hardware.
>
> When I run an ipsec tunnel (ikev1) with AES and SHA, I can see flows and
> SA with ipsecctl -s. But no packet ever goes through enc0.
>
> If I configure the tunnel to use hmac-md5 and 3des, for which there is
> no padlock support (everything else being the same), the tunnel just
> works fine.
>
> I am now running -current and the issue is still present.
>
> I suppose there is an issue that appeared some time between 6.1 and 6.2
> which made the crypto acceleration fail with that CPU (and probably with
> other padlock enabled CPUs too).
>
I tried multiple configurations, and actually, only AES doesn't work.
SHA1 till SHA2-512 work, 3DES and blowfish work.
smime.p7s
Description: S/MIME Cryptographic Signature
