CVS commit: src/etc/mtree
Module Name:src Committed By: riastradh Date: Sun Jul 26 05:06:29 UTC 2020 Modified Files: src/etc/mtree: NetBSD.dist.tests Log Message: Add /usr/tests/sys/crypto/chacha to etc/mtree/NetBSD.dist.tests. To generate a diff of this commit: cvs rdiff -u -r1.173 -r1.174 src/etc/mtree/NetBSD.dist.tests Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/etc/mtree/NetBSD.dist.tests diff -u src/etc/mtree/NetBSD.dist.tests:1.173 src/etc/mtree/NetBSD.dist.tests:1.174 --- src/etc/mtree/NetBSD.dist.tests:1.173 Fri Jul 3 04:25:28 2020 +++ src/etc/mtree/NetBSD.dist.tests Sun Jul 26 05:06:29 2020 @@ -1,4 +1,4 @@ -# $NetBSD: NetBSD.dist.tests,v 1.173 2020/07/03 04:25:28 jruoho Exp $ +# $NetBSD: NetBSD.dist.tests,v 1.174 2020/07/26 05:06:29 riastradh Exp $ ./usr/libdata/debug/usr/tests ./usr/libdata/debug/usr/tests/atf @@ -164,6 +164,7 @@ ./usr/libdata/debug/usr/tests/sys ./usr/libdata/debug/usr/tests/sys/crypto ./usr/libdata/debug/usr/tests/sys/crypto/aes +./usr/libdata/debug/usr/tests/sys/crypto/chacha ./usr/libdata/debug/usr/tests/sys/net ./usr/libdata/debug/usr/tests/sys/netatalk ./usr/libdata/debug/usr/tests/sys/netinet @@ -391,6 +392,7 @@ ./usr/tests/sys ./usr/tests/sys/crypto ./usr/tests/sys/crypto/aes +./usr/tests/sys/crypto/chacha ./usr/tests/sys/net ./usr/tests/sys/netatalk ./usr/tests/sys/netinet
CVS commit: src/sys/crypto/aes
Module Name:src Committed By: riastradh Date: Sun Jul 26 04:44:47 UTC 2020 Modified Files: src/sys/crypto/aes: aes_ccm.c Log Message: Ensure aes_ccm module init runs after aes module init. Otherwise the AES implementation might not be selected early enough. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/aes_ccm.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/aes_ccm.c diff -u src/sys/crypto/aes/aes_ccm.c:1.2 src/sys/crypto/aes/aes_ccm.c:1.3 --- src/sys/crypto/aes/aes_ccm.c:1.2 Sat Jul 25 22:27:53 2020 +++ src/sys/crypto/aes/aes_ccm.c Sun Jul 26 04:44:47 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_ccm.c,v 1.2 2020/07/25 22:27:53 riastradh Exp $ */ +/* $NetBSD: aes_ccm.c,v 1.3 2020/07/26 04:44:47 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -35,7 +35,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_ccm.c,v 1.2 2020/07/25 22:27:53 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_ccm.c,v 1.3 2020/07/26 04:44:47 riastradh Exp $"); #include #include @@ -588,7 +588,7 @@ aes_ccm_selftest(void) /* XXX provisional hack */ #include -MODULE(MODULE_CLASS_MISC, aes_ccm, NULL); +MODULE(MODULE_CLASS_MISC, aes_ccm, "aes"); static int aes_ccm_modcmd(modcmd_t cmd, void *opaque)
CVS commit: src/sys/rump/kern/lib/libcrypto
Module Name:src Committed By: riastradh Date: Sun Jul 26 04:25:14 UTC 2020 Modified Files: src/sys/rump/kern/lib/libcrypto: Makefile Log Message: Add missing aes_ccm.c, aes_ccm_mbuf.c. Fix sort order. To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/sys/rump/kern/lib/libcrypto/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/rump/kern/lib/libcrypto/Makefile diff -u src/sys/rump/kern/lib/libcrypto/Makefile:1.10 src/sys/rump/kern/lib/libcrypto/Makefile:1.11 --- src/sys/rump/kern/lib/libcrypto/Makefile:1.10 Sun Jul 26 04:03:45 2020 +++ src/sys/rump/kern/lib/libcrypto/Makefile Sun Jul 26 04:25:14 2020 @@ -1,12 +1,12 @@ -# $NetBSD: Makefile,v 1.10 2020/07/26 04:03:45 riastradh Exp $ +# $NetBSD: Makefile,v 1.11 2020/07/26 04:25:14 riastradh Exp $ # .PATH: ${.CURDIR}/../../../../crypto/adiantum\ ${.CURDIR}/../../../../crypto/aes\ - ${.CURDIR}/../../../../crypto/chacha\ ${.CURDIR}/../../../../crypto/blowfish\ ${.CURDIR}/../../../../crypto/camellia\ ${.CURDIR}/../../../../crypto/cast128\ + ${.CURDIR}/../../../../crypto/chacha\ ${.CURDIR}/../../../../crypto/des\ ${.CURDIR}/../../../../crypto/skipjack @@ -36,6 +36,8 @@ SRCS+= des_ecb.c des_setkey.c des_enc.c # AES SRCS+= aes_bear.c +SRCS+= aes_ccm.c +SRCS+= aes_ccm_mbuf.c SRCS+= aes_ct.c SRCS+= aes_ct_dec.c SRCS+= aes_ct_enc.c
CVS commit: src/sys/rump/kern/lib/libcrypto
Module Name:src Committed By: riastradh Date: Sun Jul 26 04:25:49 UTC 2020 Modified Files: src/sys/rump/kern/lib/libcrypto: Makefile Log Message: Fix more sort order. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/sys/rump/kern/lib/libcrypto/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/rump/kern/lib/libcrypto/Makefile diff -u src/sys/rump/kern/lib/libcrypto/Makefile:1.11 src/sys/rump/kern/lib/libcrypto/Makefile:1.12 --- src/sys/rump/kern/lib/libcrypto/Makefile:1.11 Sun Jul 26 04:25:14 2020 +++ src/sys/rump/kern/lib/libcrypto/Makefile Sun Jul 26 04:25:49 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.11 2020/07/26 04:25:14 riastradh Exp $ +# $NetBSD: Makefile,v 1.12 2020/07/26 04:25:49 riastradh Exp $ # .PATH: ${.CURDIR}/../../../../crypto/adiantum\ @@ -17,33 +17,33 @@ COMMENT=Cryptographic routines SRCS+= adiantum.c SRCS+= adiantum_selftest.c +# AES +SRCS+= aes_bear.c +SRCS+= aes_ccm.c +SRCS+= aes_ccm_mbuf.c +SRCS+= aes_ct.c +SRCS+= aes_ct_dec.c +SRCS+= aes_ct_enc.c +SRCS+= aes_impl.c +SRCS+= aes_selftest.c + # blowfish SRCS+= bf_ecb.c bf_enc.c bf_cbc.c bf_skey.c bf_module.c # camellia SRCS+= camellia.c camellia-api.c +# cast128 +SRCS+= cast128.c + # ChaCha SRCS+= chacha_impl.c SRCS+= chacha_ref.c SRCS+= chacha_selftest.c -# cast128 -SRCS+= cast128.c - # DES SRCS+= des_ecb.c des_setkey.c des_enc.c des_cbc.c des_module.c -# AES -SRCS+= aes_bear.c -SRCS+= aes_ccm.c -SRCS+= aes_ccm_mbuf.c -SRCS+= aes_ct.c -SRCS+= aes_ct_dec.c -SRCS+= aes_ct_enc.c -SRCS+= aes_impl.c -SRCS+= aes_selftest.c - # skipjack SRCS+= skipjack.c
CVS commit: src/sys/crypto/adiantum
Module Name:src Committed By: riastradh Date: Sun Jul 26 04:05:20 UTC 2020 Modified Files: src/sys/crypto/adiantum: adiantum.c Log Message: Simplify internal Poly1305 API in adiantum.c. Should be slightly faster this way too. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/sys/crypto/adiantum/adiantum.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/adiantum/adiantum.c diff -u src/sys/crypto/adiantum/adiantum.c:1.4 src/sys/crypto/adiantum/adiantum.c:1.5 --- src/sys/crypto/adiantum/adiantum.c:1.4 Sat Jul 25 23:05:40 2020 +++ src/sys/crypto/adiantum/adiantum.c Sun Jul 26 04:05:20 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: adiantum.c,v 1.4 2020/07/25 23:05:40 riastradh Exp $ */ +/* $NetBSD: adiantum.c,v 1.5 2020/07/26 04:05:20 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: adiantum.c,v 1.4 2020/07/25 23:05:40 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: adiantum.c,v 1.5 2020/07/26 04:05:20 riastradh Exp $"); #include #include @@ -207,8 +207,7 @@ poly1305_init(struct poly1305 *P, const } static void -poly1305_update_internal(struct poly1305 *P, const uint8_t m[static 16], -uint32_t pad) +poly1305_update_blocks(struct poly1305 *P, const uint8_t *m, size_t mlen) { uint32_t r0 = P->r[0]; uint32_t r1 = P->r[1]; @@ -220,41 +219,66 @@ poly1305_update_internal(struct poly1305 uint32_t h2 = P->h[2]; uint32_t h3 = P->h[3]; uint32_t h4 = P->h[4]; + uint32_t m0, m1, m2, m3, m4; /* 26-bit message chunks */ uint64_t k0, k1, k2, k3, k4; /* 64-bit extension of h */ uint64_t p0, p1, p2, p3, p4; /* columns of product */ uint32_t c; /* carry */ - /* h' := h + m */ - h0 += (le32dec(m + 0) >> 0) & 0x03ff; - h1 += (le32dec(m + 3) >> 2) & 0x03ff; - h2 += (le32dec(m + 6) >> 4) & 0x03ff; - h3 += (le32dec(m + 9) >> 6); - h4 += (le32dec(m + 12) >> 8) | (pad << 24); - - /* extend to 64 bits */ - k0 = h0; - k1 = h1; - k2 = h2; - k3 = h3; - k4 = h4; - - /* p := h' * r = (h + m)*r mod 2^130 - 5 */ - p0 = r0*k0 + 5*r4*k1 + 5*r3*k2 + 5*r2*k3 + 5*r1*k4; - p1 = r1*k0 + r0*k1 + 5*r4*k2 + 5*r3*k3 + 5*r2*k4; - p2 = r2*k0 + r1*k1 + r0*k2 + 5*r4*k3 + 5*r3*k4; - p3 = r3*k0 + r2*k1 + r1*k2 + r0*k3 + 5*r4*k4; - p4 = r4*k0 + r3*k1 + r2*k2 + r1*k3 + r0*k4; - - /* propagate carries */ - p0 += 0; c = p0 >> 26; h0 = p0 & 0x03ff; - p1 += c; c = p1 >> 26; h1 = p1 & 0x03ff; - p2 += c; c = p2 >> 26; h2 = p2 & 0x03ff; - p3 += c; c = p3 >> 26; h3 = p3 & 0x03ff; - p4 += c; c = p4 >> 26; h4 = p4 & 0x03ff; + while (mlen) { + if (__predict_false(mlen < 16)) { + /* Handle padding for uneven last block. */ + uint8_t buf[16]; + unsigned i; + + for (i = 0; i < mlen; i++) +buf[i] = m[i]; + buf[i++] = 1; + for (; i < 16; i++) +buf[i] = 0; + m0 = le32dec(buf + 0) >> 0; + m1 = le32dec(buf + 3) >> 2; + m2 = le32dec(buf + 6) >> 4; + m3 = le32dec(buf + 9) >> 6; + m4 = le32dec(buf + 12) >> 8; + mlen = 0; + + explicit_memset(buf, 0, sizeof buf); + } else { + m0 = le32dec(m + 0) >> 0; + m1 = le32dec(m + 3) >> 2; + m2 = le32dec(m + 6) >> 4; + m3 = le32dec(m + 9) >> 6; + m4 = le32dec(m + 12) >> 8; + m4 |= 1u << 24; + m += 16; + mlen -= 16; + } - /* reduce 2^130 = 5 */ - h0 += c*5; c = h0 >> 26; h0 &= 0x03ff; - h1 += c; + /* k := h + m, extended to 64 bits */ + k0 = h0 + (m0 & 0x03ff); + k1 = h1 + (m1 & 0x03ff); + k2 = h2 + (m2 & 0x03ff); + k3 = h3 + m3; + k4 = h4 + m4; + + /* p := k * r = (h + m)*r mod 2^130 - 5 */ + p0 = r0*k0 + 5*r4*k1 + 5*r3*k2 + 5*r2*k3 + 5*r1*k4; + p1 = r1*k0 + r0*k1 + 5*r4*k2 + 5*r3*k3 + 5*r2*k4; + p2 = r2*k0 + r1*k1 + r0*k2 + 5*r4*k3 + 5*r3*k4; + p3 = r3*k0 + r2*k1 + r1*k2 + r0*k3 + 5*r4*k4; + p4 = r4*k0 + r3*k1 + r2*k2 + r1*k3 + r0*k4; + + /* propagate carries and update h */ + p0 += 0; c = p0 >> 26; h0 = p0 & 0x03ff; + p1 += c; c = p1 >> 26; h1 = p1 & 0x03ff; + p2 += c; c = p2 >> 26; h2 = p2 & 0x03ff; + p3 += c; c = p3 >> 26; h3 = p3 & 0x03ff; + p4 += c; c = p4 >> 26; h4 = p4 & 0x03ff; + + /* reduce 2^130 = 5 */ + h0 += c*5; c = h0 >> 26; h0 &= 0x03ff; + h1 += c; + } /* update hash values */ P->h[0] = h0; @@ -265,32 +289,6 @@ poly1305_update_internal(struct poly1305 } static void -poly1305_update_block(struct poly1305 *P, const uint8_t m[static 16]) -{ - - poly1305_update_internal(P, m, 1); -} - -static void -poly1305_update_last(struct poly1305 *P, const uint8_t *m, size_t mlen) -{ - uint8_t buf[16]; - unsigned i; - - if (mlen == 16) { - poly1305_update_internal(P, m, 1); - return; - } - - for (i = 0; i < mlen; i++) - buf[i] = m[i]; - buf[i++] = 1; - for (; i < 16; i++) - buf[i] = 0; - poly1305_update_internal(P, buf, 0); -} - -static void poly1305_final(uint8_t
CVS commit: src/sys/rump/kern/lib/libcrypto
Module Name:src Committed By: riastradh Date: Sun Jul 26 04:03:45 UTC 2020 Modified Files: src/sys/rump/kern/lib/libcrypto: Makefile Log Message: Add chacha to rump libcrypto. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/sys/rump/kern/lib/libcrypto/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/rump/kern/lib/libcrypto/Makefile diff -u src/sys/rump/kern/lib/libcrypto/Makefile:1.9 src/sys/rump/kern/lib/libcrypto/Makefile:1.10 --- src/sys/rump/kern/lib/libcrypto/Makefile:1.9 Sat Jul 25 22:40:08 2020 +++ src/sys/rump/kern/lib/libcrypto/Makefile Sun Jul 26 04:03:45 2020 @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.9 2020/07/25 22:40:08 riastradh Exp $ +# $NetBSD: Makefile,v 1.10 2020/07/26 04:03:45 riastradh Exp $ # .PATH: ${.CURDIR}/../../../../crypto/adiantum\ ${.CURDIR}/../../../../crypto/aes\ + ${.CURDIR}/../../../../crypto/chacha\ ${.CURDIR}/../../../../crypto/blowfish\ ${.CURDIR}/../../../../crypto/camellia\ ${.CURDIR}/../../../../crypto/cast128\ @@ -22,6 +23,11 @@ SRCS+= bf_ecb.c bf_enc.c bf_cbc.c bf_ske # camellia SRCS+= camellia.c camellia-api.c +# ChaCha +SRCS+= chacha_impl.c +SRCS+= chacha_ref.c +SRCS+= chacha_selftest.c + # cast128 SRCS+= cast128.c
CVS commit: src/sys/ufs
Module Name:src Committed By: chs Date: Sun Jul 26 00:21:24 UTC 2020 Modified Files: src/sys/ufs/ffs: ffs_inode.c src/sys/ufs/ufs: ufs_inode.c Log Message: pull in a bit more FreeBSD code to allow specifying truncation of the regular bmap (IO_NORMAL) independently of the extattr bmap (IO_EXT). fixes fs corruption when removing extattrs in UFS2. To generate a diff of this commit: cvs rdiff -u -r1.129 -r1.130 src/sys/ufs/ffs/ffs_inode.c cvs rdiff -u -r1.110 -r1.111 src/sys/ufs/ufs/ufs_inode.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/ufs/ffs/ffs_inode.c diff -u src/sys/ufs/ffs/ffs_inode.c:1.129 src/sys/ufs/ffs/ffs_inode.c:1.130 --- src/sys/ufs/ffs/ffs_inode.c:1.129 Sat May 2 22:11:16 2020 +++ src/sys/ufs/ffs/ffs_inode.c Sun Jul 26 00:21:24 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: ffs_inode.c,v 1.129 2020/05/02 22:11:16 christos Exp $ */ +/* $NetBSD: ffs_inode.c,v 1.130 2020/07/26 00:21:24 chs Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -61,7 +61,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ffs_inode.c,v 1.129 2020/05/02 22:11:16 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ffs_inode.c,v 1.130 2020/07/26 00:21:24 chs Exp $"); #if defined(_KERNEL_OPT) #include "opt_ffs.h" @@ -232,6 +232,14 @@ ffs_truncate(struct vnode *ovp, off_t le if (length < 0) return (EINVAL); + /* + * Historically clients did not have to specify which data + * they were truncating. So, if not specified, we assume + * traditional behavior, e.g., just the normal data. + */ + if ((ioflag & (IO_EXT | IO_NORMAL)) == 0) + ioflag |= IO_NORMAL; + fs = oip->i_fs; #define i_din2 i_din.ffs2_din extblocks = 0; @@ -267,6 +275,8 @@ ffs_truncate(struct vnode *ovp, off_t le extblocks = 0; } } + if ((ioflag & IO_NORMAL) == 0) + return (0); if (ovp->v_type == VLNK && (oip->i_size < ump->um_maxsymlinklen || (ump->um_maxsymlinklen == 0 && datablocks == 0))) { @@ -376,8 +386,7 @@ ffs_truncate(struct vnode *ovp, off_t le } } - if (!(ioflag & IO_EXT)) - genfs_node_wrlock(ovp); + genfs_node_wrlock(ovp); oip->i_size = length; DIP_ASSIGN(oip, size, length); uvm_vnp_setsize(ovp, length); @@ -586,8 +595,7 @@ out: oip->i_size = length; DIP_ASSIGN(oip, size, length); DIP_ADD(oip, blocks, -blocksreleased); - if (!(ioflag & IO_EXT)) - genfs_node_unlock(ovp); + genfs_node_unlock(ovp); oip->i_flag |= IN_CHANGE; UFS_WAPBL_UPDATE(ovp, NULL, NULL, 0); #if defined(QUOTA) || defined(QUOTA2) Index: src/sys/ufs/ufs/ufs_inode.c diff -u src/sys/ufs/ufs/ufs_inode.c:1.110 src/sys/ufs/ufs/ufs_inode.c:1.111 --- src/sys/ufs/ufs/ufs_inode.c:1.110 Sat Apr 18 19:18:34 2020 +++ src/sys/ufs/ufs/ufs_inode.c Sun Jul 26 00:21:24 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: ufs_inode.c,v 1.110 2020/04/18 19:18:34 christos Exp $ */ +/* $NetBSD: ufs_inode.c,v 1.111 2020/07/26 00:21:24 chs Exp $ */ /* * Copyright (c) 1991, 1993 @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ufs_inode.c,v 1.110 2020/04/18 19:18:34 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ufs_inode.c,v 1.111 2020/07/26 00:21:24 chs Exp $"); #if defined(_KERNEL_OPT) #include "opt_ffs.h" @@ -327,5 +327,5 @@ ufs_truncate_all(struct vnode *vp) if (isize == 0) return 0; - return ufs_truncate_retry(vp, IO_EXT, 0, NOCRED); + return ufs_truncate_retry(vp, IO_NORMAL | IO_EXT, 0, NOCRED); }
CVS commit: src/sys/ufs/ffs
Module Name:src Committed By: chs Date: Sun Jul 26 00:20:14 UTC 2020 Modified Files: src/sys/ufs/ffs: ffs_alloc.c Log Message: skip the assertions about page-locking when allocating to the extattr bmap, since extattrs do not use the page cache. To generate a diff of this commit: cvs rdiff -u -r1.167 -r1.168 src/sys/ufs/ffs/ffs_alloc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/ufs/ffs/ffs_alloc.c diff -u src/sys/ufs/ffs/ffs_alloc.c:1.167 src/sys/ufs/ffs/ffs_alloc.c:1.168 --- src/sys/ufs/ffs/ffs_alloc.c:1.167 Sat Apr 18 19:18:34 2020 +++ src/sys/ufs/ffs/ffs_alloc.c Sun Jul 26 00:20:13 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: ffs_alloc.c,v 1.167 2020/04/18 19:18:34 christos Exp $ */ +/* $NetBSD: ffs_alloc.c,v 1.168 2020/07/26 00:20:13 chs Exp $ */ /*- * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. @@ -70,7 +70,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ffs_alloc.c,v 1.167 2020/04/18 19:18:34 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ffs_alloc.c,v 1.168 2020/07/26 00:20:13 chs Exp $"); #if defined(_KERNEL_OPT) #include "opt_ffs.h" @@ -204,7 +204,7 @@ ffs_alloc(struct inode *ip, daddr_t lbn, */ struct vnode *vp = ITOV(ip); - if (vp->v_type == VREG && + if (vp->v_type == VREG && (flags & IO_EXT) == 0 && ffs_lblktosize(fs, (voff_t)lbn) < round_page(vp->v_size) && ((vp->v_vflag & VV_MAPPED) != 0 || (size & PAGE_MASK) != 0 || ffs_blkoff(fs, size) != 0)) {
CVS commit: src/sys/arch
Module Name:src Committed By: uwe Date: Sat Jul 25 23:38:48 UTC 2020 Modified Files: src/sys/arch/evbsh3/conf: std.nextvod src/sys/arch/evbsh3/evbsh3: machdep.c src/sys/arch/sh3/sh3: cache_sh4.c Log Message: Start teaching sh3 code about STX7105. Kernel option STX7105 to select CPU product (TODO: all of the options that select CPU product should be defflag'ed to opt_cputype.h). The ST40 cache sizes can be customized for each product. For now just hardcode the STx7105 values in the switch, but may be they should be kernel options. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/sys/arch/evbsh3/conf/std.nextvod cvs rdiff -u -r1.75 -r1.76 src/sys/arch/evbsh3/evbsh3/machdep.c cvs rdiff -u -r1.24 -r1.25 src/sys/arch/sh3/sh3/cache_sh4.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/evbsh3/conf/std.nextvod diff -u src/sys/arch/evbsh3/conf/std.nextvod:1.1 src/sys/arch/evbsh3/conf/std.nextvod:1.2 --- src/sys/arch/evbsh3/conf/std.nextvod:1.1 Sun Jul 19 23:44:36 2020 +++ src/sys/arch/evbsh3/conf/std.nextvod Sat Jul 25 23:38:48 2020 @@ -1,4 +1,4 @@ -# $NetBSD: std.nextvod,v 1.1 2020/07/19 23:44:36 uwe Exp $ +# $NetBSD: std.nextvod,v 1.2 2020/07/25 23:38:48 uwe Exp $ include "arch/evbsh3/conf/std.evbsh3.el" include "arch/evbsh3/conf/files.nextvod" @@ -9,7 +9,7 @@ makeoptions BOARDMKFRAG="${THISSH3}/conf # CPU support options SH4 -options SH7751R # a white lie to get it to compile +options STX7105 options DONT_INIT_BSC options IOM_RAM_BEGIN=0x # NB: physical address Index: src/sys/arch/evbsh3/evbsh3/machdep.c diff -u src/sys/arch/evbsh3/evbsh3/machdep.c:1.75 src/sys/arch/evbsh3/evbsh3/machdep.c:1.76 --- src/sys/arch/evbsh3/evbsh3/machdep.c:1.75 Thu Jun 19 13:20:13 2014 +++ src/sys/arch/evbsh3/evbsh3/machdep.c Sat Jul 25 23:38:48 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: machdep.c,v 1.75 2014/06/19 13:20:13 msaitoh Exp $ */ +/* $NetBSD: machdep.c,v 1.76 2020/07/25 23:38:48 uwe Exp $ */ /*- * Copyright (c) 1996, 1997, 1998 The NetBSD Foundation, Inc. @@ -65,7 +65,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.75 2014/06/19 13:20:13 msaitoh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.76 2020/07/25 23:38:48 uwe Exp $"); #include "opt_ddb.h" #include "opt_kgdb.h" @@ -286,6 +286,8 @@ initSH3(void *pc) /* XXX return address sh_cpu_init(CPU_ARCH_SH4, CPU_PRODUCT_7751); #elif defined(SH7751R) sh_cpu_init(CPU_ARCH_SH4, CPU_PRODUCT_7751R); +#elif defined(STX7105) + sh_cpu_init(CPU_ARCH_SH4, CPU_PRODUCT_STX7105); #else #error "unsupported SH4 variants" #endif Index: src/sys/arch/sh3/sh3/cache_sh4.c diff -u src/sys/arch/sh3/sh3/cache_sh4.c:1.24 src/sys/arch/sh3/sh3/cache_sh4.c:1.25 --- src/sys/arch/sh3/sh3/cache_sh4.c:1.24 Tue May 14 14:11:43 2013 +++ src/sys/arch/sh3/sh3/cache_sh4.c Sat Jul 25 23:38:48 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: cache_sh4.c,v 1.24 2013/05/14 14:11:43 tsutsui Exp $ */ +/* $NetBSD: cache_sh4.c,v 1.25 2020/07/25 23:38:48 uwe Exp $ */ /*- * Copyright (c) 2002 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: cache_sh4.c,v 1.24 2013/05/14 14:11:43 tsutsui Exp $"); +__KERNEL_RCSID(0, "$NetBSD: cache_sh4.c,v 1.25 2020/07/25 23:38:48 uwe Exp $"); #include "opt_cache.h" @@ -104,6 +104,17 @@ sh4_cache_config(void) r = SH4_CCR_EMODE|SH4_CCR_ICE|SH4_CCR_OCE|SH4_CCR_WT; break; #endif + + /* + * The ST40 cache sizes can be customized for each product. + * Refer to product-specific documentation for the cache sizes. + */ + case CPU_PRODUCT_STX7105: + icache_size = 32 * 1024; + dcache_size = 32 * 1024; + ways = 2; + r = SH4_CCR_EMODE|SH4_CCR_ICE|SH4_CCR_OCE|SH4_CCR_WT; + break; } #if defined(SH4_CACHE_DISABLE_ICACHE) r &= ~SH4_CCR_ICE;
CVS commit: src/sys/crypto/adiantum
Module Name:src Committed By: riastradh Date: Sat Jul 25 23:05:40 UTC 2020 Modified Files: src/sys/crypto/adiantum: adiantum.c Log Message: Fix typo in comment; match the paper's notation. No functional change. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/adiantum/adiantum.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/adiantum/adiantum.c diff -u src/sys/crypto/adiantum/adiantum.c:1.3 src/sys/crypto/adiantum/adiantum.c:1.4 --- src/sys/crypto/adiantum/adiantum.c:1.3 Sat Jul 25 22:47:16 2020 +++ src/sys/crypto/adiantum/adiantum.c Sat Jul 25 23:05:40 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: adiantum.c,v 1.3 2020/07/25 22:47:16 riastradh Exp $ */ +/* $NetBSD: adiantum.c,v 1.4 2020/07/25 23:05:40 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: adiantum.c,v 1.3 2020/07/25 22:47:16 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: adiantum.c,v 1.4 2020/07/25 23:05:40 riastradh Exp $"); #include #include @@ -1916,7 +1916,7 @@ adiantum_dec(void *p, const void *c, siz KASSERT(len % 16 == 0); adiantum_hash(h, cL, Llen, t, tlen, A->kt, A->kl, A->kn); - add128(buf, cR, h); /* buf := P_M */ + add128(buf, cR, h); /* buf := C_M */ memcpy(nonce, buf, 16); le64enc(nonce + 16, 1);
CVS commit: src/sys/arch/sh3/include
Module Name:src Committed By: uwe Date: Sat Jul 25 22:59:55 UTC 2020 Modified Files: src/sys/arch/sh3/include: cputypes.h Log Message: Define CPU_PRODUCT_STX7105. I'm not sure if this should rather be named CPU_PRODUCT_ST40_300, but that's probably too general. These constants don't have to be backward compatible, so we can re-do this properly later if we need to. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/sys/arch/sh3/include/cputypes.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/sh3/include/cputypes.h diff -u src/sys/arch/sh3/include/cputypes.h:1.12 src/sys/arch/sh3/include/cputypes.h:1.13 --- src/sys/arch/sh3/include/cputypes.h:1.12 Tue Apr 21 12:57:41 2009 +++ src/sys/arch/sh3/include/cputypes.h Sat Jul 25 22:59:55 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: cputypes.h,v 1.12 2009/04/21 12:57:41 nonaka Exp $ */ +/* $NetBSD: cputypes.h,v 1.13 2020/07/25 22:59:55 uwe Exp $ */ /*- * Copyright (c) 2002 The NetBSD Foundation, Inc. @@ -57,6 +57,9 @@ #define CPU_PRODUCT_7751 10 #define CPU_PRODUCT_7751R 11 +/* STMicroelectronics ST40 series (SH4) */ +#define CPU_PRODUCT_STX7105 12 /* ST40-300 */ + #ifndef _LOCORE extern int cpu_arch;
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:51:57 UTC 2020 Modified Files: src/sys/arch/aarch64/aarch64: cpu.c src/sys/arch/aarch64/conf: files.aarch64 Added Files: src/sys/crypto/chacha/arch/arm: arm_neon.h chacha_neon.c chacha_neon.h chacha_neon_64.S chacha_neon_impl.c files.chacha_arm Log Message: Implement ChaCha with NEON on ARM. XXX Needs performance measurement. XXX Needs adaptation to arm32 neon which has half the registers. To generate a diff of this commit: cvs rdiff -u -r1.53 -r1.54 src/sys/arch/aarch64/aarch64/cpu.c cvs rdiff -u -r1.25 -r1.26 src/sys/arch/aarch64/conf/files.aarch64 cvs rdiff -u -r0 -r1.1 src/sys/crypto/chacha/arch/arm/arm_neon.h \ src/sys/crypto/chacha/arch/arm/chacha_neon.c \ src/sys/crypto/chacha/arch/arm/chacha_neon.h \ src/sys/crypto/chacha/arch/arm/chacha_neon_64.S \ src/sys/crypto/chacha/arch/arm/chacha_neon_impl.c \ src/sys/crypto/chacha/arch/arm/files.chacha_arm Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/aarch64/aarch64/cpu.c diff -u src/sys/arch/aarch64/aarch64/cpu.c:1.53 src/sys/arch/aarch64/aarch64/cpu.c:1.54 --- src/sys/arch/aarch64/aarch64/cpu.c:1.53 Sat Jul 25 22:12:56 2020 +++ src/sys/arch/aarch64/aarch64/cpu.c Sat Jul 25 22:51:57 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: cpu.c,v 1.53 2020/07/25 22:12:56 riastradh Exp $ */ +/* $NetBSD: cpu.c,v 1.54 2020/07/25 22:51:57 riastradh Exp $ */ /* * Copyright (c) 2017 Ryo Shimizu @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: cpu.c,v 1.53 2020/07/25 22:12:56 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: cpu.c,v 1.54 2020/07/25 22:51:57 riastradh Exp $"); #include "locators.h" #include "opt_arm_debug.h" @@ -47,6 +47,8 @@ __KERNEL_RCSID(1, "$NetBSD: cpu.c,v 1.53 #include #include #include +#include +#include #include #include @@ -75,6 +77,7 @@ static void cpu_setup_id(struct cpu_info static void cpu_setup_sysctl(device_t, struct cpu_info *); static void cpu_setup_rng(device_t, struct cpu_info *); static void cpu_setup_aes(device_t, struct cpu_info *); +static void cpu_setup_chacha(device_t, struct cpu_info *); #ifdef MULTIPROCESSOR #define NCPUINFO MAXCPUS @@ -164,6 +167,7 @@ cpu_attach(device_t dv, cpuid_t id) cpu_setup_sysctl(dv, ci); cpu_setup_rng(dv, ci); cpu_setup_aes(dv, ci); + cpu_setup_chacha(dv, ci); } struct cpuidtab { @@ -633,6 +637,24 @@ cpu_setup_aes(device_t dv, struct cpu_in } } +/* + * setup the ChaCha implementation + */ +static void +cpu_setup_chacha(device_t dv, struct cpu_info *ci) +{ + struct aarch64_sysctl_cpu_id *id = >ci_id; + + /* Check for SIMD support. */ + switch (__SHIFTOUT(id->ac_aa64pfr0, ID_AA64PFR0_EL1_ADVSIMD)) { + case ID_AA64PFR0_EL1_ADV_SIMD_IMPL: + chacha_md_init(_neon_impl); + return; + default: + break; + } +} + #ifdef MULTIPROCESSOR void cpu_hatch(struct cpu_info *ci) Index: src/sys/arch/aarch64/conf/files.aarch64 diff -u src/sys/arch/aarch64/conf/files.aarch64:1.25 src/sys/arch/aarch64/conf/files.aarch64:1.26 --- src/sys/arch/aarch64/conf/files.aarch64:1.25 Fri Jul 17 07:16:10 2020 +++ src/sys/arch/aarch64/conf/files.aarch64 Sat Jul 25 22:51:57 2020 @@ -1,4 +1,4 @@ -# $NetBSD: files.aarch64,v 1.25 2020/07/17 07:16:10 ryo Exp $ +# $NetBSD: files.aarch64,v 1.26 2020/07/25 22:51:57 riastradh Exp $ defflag opt_cpuoptions.h AARCH64_ALIGNMENT_CHECK defflag opt_cpuoptions.h AARCH64_EL0_STACK_ALIGNMENT_CHECK @@ -145,3 +145,6 @@ include "crypto/aes/arch/arm/files.aesar # vpaes with ARM NEON include "crypto/aes/arch/arm/files.aesneon" + +# ChaCha with ARM NEON +include "crypto/chacha/arch/arm/files.chacha_arm" Added files: Index: src/sys/crypto/chacha/arch/arm/arm_neon.h diff -u /dev/null src/sys/crypto/chacha/arch/arm/arm_neon.h:1.1 --- /dev/null Sat Jul 25 22:51:57 2020 +++ src/sys/crypto/chacha/arch/arm/arm_neon.h Sat Jul 25 22:51:57 2020 @@ -0,0 +1,534 @@ +/* $NetBSD: arm_neon.h,v 1.1 2020/07/25 22:51:57 riastradh Exp $ */ + +/*- + * Copyright (c) 2020 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:49:20 UTC 2020 Modified Files: src/sys/arch/x86/conf: files.x86 src/sys/arch/x86/x86: identcpu.c Added Files: src/sys/crypto/chacha/arch/x86: chacha_sse2.c chacha_sse2.h chacha_sse2_impl.c files.chacha_x86 immintrin.h Log Message: Implement ChaCha with SSE2 on x86 machines. Slightly disappointed that it only doubles, rather than quadruples, throughput on my Ivy Bridge laptop. Worth investigating. To generate a diff of this commit: cvs rdiff -u -r1.117 -r1.118 src/sys/arch/x86/conf/files.x86 cvs rdiff -u -r1.115 -r1.116 src/sys/arch/x86/x86/identcpu.c cvs rdiff -u -r0 -r1.1 src/sys/crypto/chacha/arch/x86/chacha_sse2.c \ src/sys/crypto/chacha/arch/x86/chacha_sse2.h \ src/sys/crypto/chacha/arch/x86/chacha_sse2_impl.c \ src/sys/crypto/chacha/arch/x86/files.chacha_x86 \ src/sys/crypto/chacha/arch/x86/immintrin.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/conf/files.x86 diff -u src/sys/arch/x86/conf/files.x86:1.117 src/sys/arch/x86/conf/files.x86:1.118 --- src/sys/arch/x86/conf/files.x86:1.117 Tue Jul 14 00:45:53 2020 +++ src/sys/arch/x86/conf/files.x86 Sat Jul 25 22:49:20 2020 @@ -1,4 +1,4 @@ -# $NetBSD: files.x86,v 1.117 2020/07/14 00:45:53 yamaguchi Exp $ +# $NetBSD: files.x86,v 1.118 2020/07/25 22:49:20 riastradh Exp $ # options for MP configuration through the MP spec defflag opt_mpbios.h MPBIOS MPDEBUG MPBIOS_SCANPCI @@ -179,3 +179,6 @@ include "crypto/aes/arch/x86/files.aesss # Permutation-based AES with PSHUFB include "crypto/aes/arch/x86/files.aee3" + +# ChaCha with SSE2 +include "crypto/chacha/arch/x86/files.chacha_x86" Index: src/sys/arch/x86/x86/identcpu.c diff -u src/sys/arch/x86/x86/identcpu.c:1.115 src/sys/arch/x86/x86/identcpu.c:1.116 --- src/sys/arch/x86/x86/identcpu.c:1.115 Sat Jul 25 22:44:02 2020 +++ src/sys/arch/x86/x86/identcpu.c Sat Jul 25 22:49:20 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: identcpu.c,v 1.115 2020/07/25 22:44:02 riastradh Exp $ */ +/* $NetBSD: identcpu.c,v 1.116 2020/07/25 22:49:20 riastradh Exp $ */ /*- * Copyright (c) 1999, 2000, 2001, 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: identcpu.c,v 1.115 2020/07/25 22:44:02 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: identcpu.c,v 1.116 2020/07/25 22:49:20 riastradh Exp $"); #include "opt_xen.h" @@ -44,6 +44,8 @@ __KERNEL_RCSID(0, "$NetBSD: identcpu.c,v #include #include #include +#include +#include #include @@ -1001,6 +1003,8 @@ cpu_probe(struct cpu_info *ci) /* Early patch of text segment. */ x86_patch(true); #endif + + /* AES */ #ifdef __x86_64__ /* not yet implemented on i386 */ if (cpu_feature[1] & CPUID2_AES) aes_md_init(_ni_impl); @@ -1014,6 +1018,10 @@ cpu_probe(struct cpu_info *ci) aes_md_init(_ssse3_impl); else if (i386_has_sse && i386_has_sse2) aes_md_init(_sse2_impl); + + /* ChaCha */ + if (i386_has_sse && i386_has_sse2) + chacha_md_init(_sse2_impl); } else { /* * If not first. Warn about cpu_feature mismatch for Added files: Index: src/sys/crypto/chacha/arch/x86/chacha_sse2.c diff -u /dev/null src/sys/crypto/chacha/arch/x86/chacha_sse2.c:1.1 --- /dev/null Sat Jul 25 22:49:20 2020 +++ src/sys/crypto/chacha/arch/x86/chacha_sse2.c Sat Jul 25 22:49:20 2020 @@ -0,0 +1,561 @@ +/* $NetBSD: chacha_sse2.c,v 1.1 2020/07/25 22:49:20 riastradh Exp $ */ + +/*- + * Copyright (c) 2020 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +
CVS commit: src
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:53:38 UTC 2020 Modified Files: src/distrib/sets/lists/debug: mi src/distrib/sets/lists/tests: mi src/tests/sys/crypto: Makefile Added Files: src/tests/sys/crypto/chacha: Makefile t_chacha.c Log Message: Add kernel ChaCha test to exercise all available implementations. To generate a diff of this commit: cvs rdiff -u -r1.325 -r1.326 src/distrib/sets/lists/debug/mi cvs rdiff -u -r1.875 -r1.876 src/distrib/sets/lists/tests/mi cvs rdiff -u -r1.1 -r1.2 src/tests/sys/crypto/Makefile cvs rdiff -u -r0 -r1.1 src/tests/sys/crypto/chacha/Makefile \ src/tests/sys/crypto/chacha/t_chacha.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/debug/mi diff -u src/distrib/sets/lists/debug/mi:1.325 src/distrib/sets/lists/debug/mi:1.326 --- src/distrib/sets/lists/debug/mi:1.325 Fri Jul 17 15:34:17 2020 +++ src/distrib/sets/lists/debug/mi Sat Jul 25 22:53:38 2020 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.325 2020/07/17 15:34:17 kamil Exp $ +# $NetBSD: mi,v 1.326 2020/07/25 22:53:38 riastradh Exp $ ./etc/mtree/set.debug comp-sys-root ./usr/lib comp-sys-usr compatdir ./usr/lib/i18n/libBIG5_g.a comp-c-debuglib debuglib,compatfile @@ -2415,6 +2415,8 @@ ./usr/libdata/debug/usr/tests/sys/cryptotests-sys-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/sys/crypto/aestests-sys-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/sys/crypto/aes/t_aes.debug tests-sys-debug debug,atf,compattestfile +./usr/libdata/debug/usr/tests/sys/crypto/chachatests-sys-debug debug,atf,compattestfile +./usr/libdata/debug/usr/tests/sys/crypto/chacha/t_chacha.debug tests-sys-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/sys/net tests-sys-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/sys/net/t_print.debug tests-sys-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/sys/netatalktests-sys-debug debug,atf,compattestfile Index: src/distrib/sets/lists/tests/mi diff -u src/distrib/sets/lists/tests/mi:1.875 src/distrib/sets/lists/tests/mi:1.876 --- src/distrib/sets/lists/tests/mi:1.875 Sat Jul 25 21:23:09 2020 +++ src/distrib/sets/lists/tests/mi Sat Jul 25 22:53:38 2020 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.875 2020/07/25 21:23:09 rillig Exp $ +# $NetBSD: mi,v 1.876 2020/07/25 22:53:38 riastradh Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -4085,6 +4085,10 @@ ./usr/tests/sys/crypto/aes/Atffile tests-sys-tests compattestfile,atf ./usr/tests/sys/crypto/aes/Kyuafile tests-sys-tests compattestfile,atf,kyua ./usr/tests/sys/crypto/aes/t_aes tests-sys-tests compattestfile,atf +./usr/tests/sys/crypto/chacha tests-sys-tests compattestfile,atf +./usr/tests/sys/crypto/chacha/Atffile tests-sys-tests compattestfile,atf +./usr/tests/sys/crypto/chacha/Kyuafile tests-sys-tests compattestfile,atf,kyua +./usr/tests/sys/crypto/chacha/t_chacha tests-sys-tests compattestfile,atf ./usr/tests/sys/nettests-sys-tests compattestfile,atf ./usr/tests/sys/net/Atffile tests-sys-tests compattestfile,atf ./usr/tests/sys/net/Kyuafile tests-sys-tests compattestfile,atf,kyua Index: src/tests/sys/crypto/Makefile diff -u src/tests/sys/crypto/Makefile:1.1 src/tests/sys/crypto/Makefile:1.2 --- src/tests/sys/crypto/Makefile:1.1 Tue Jun 30 20:32:11 2020 +++ src/tests/sys/crypto/Makefile Sat Jul 25 22:53:38 2020 @@ -1,9 +1,10 @@ -# $NetBSD: Makefile,v 1.1 2020/06/30 20:32:11 riastradh Exp $ +# $NetBSD: Makefile,v 1.2 2020/07/25 22:53:38 riastradh Exp $ .include TESTSDIR= ${TESTSBASE}/sys/crypto TESTS_SUBDIRS+= aes +TESTS_SUBDIRS+= chacha .include Added files: Index: src/tests/sys/crypto/chacha/Makefile diff -u /dev/null src/tests/sys/crypto/chacha/Makefile:1.1 --- /dev/null Sat Jul 25 22:53:38 2020 +++ src/tests/sys/crypto/chacha/Makefile Sat Jul 25 22:53:38 2020 @@ -0,0 +1,43 @@ +# $NetBSD: Makefile,v 1.1 2020/07/25 22:53:38 riastradh Exp $ + +.include + +TESTSDIR= ${TESTSBASE}/sys/crypto/chacha + +TESTS_C= t_chacha + +AFLAGS+= -D_LOCORE + +.PATH: ${NETBSDSRCDIR}/sys/crypto/chacha +CPPFLAGS+= -I${NETBSDSRCDIR}/sys + +SRCS.t_chacha+= t_chacha.c + +SRCS.t_chacha+= chacha_ref.c +SRCS.t_chacha+= chacha_selftest.c + +.if !empty(MACHINE_ARCH:Maarch64*) + +.PATH: ${NETBSDSRCDIR}/sys/crypto/chacha/arch/arm +CPPFLAGS+= -I${NETBSDSRCDIR}/sys/crypto/chacha/arch/arm + +SRCS.t_chacha+= chacha_neon.c +SRCS.t_chacha+= chacha_neon_64.S +SRCS.t_chacha+= chacha_neon_impl.c + +.endif# aarch64 + +.if ${MACHINE_ARCH} == "i386" || ${MACHINE_ARCH} == "x86_64" + +.PATH: ${NETBSDSRCDIR}/sys/crypto/chacha/arch/x86 +CPPFLAGS+= -I${NETBSDSRCDIR}/sys/crypto/chacha/arch/x86 + +SRCS.t_chacha+= chacha_sse2.c +SRCS.t_chacha+= chacha_sse2_impl.c +COPTS.chacha_sse2.c+= -msse -msse2 + +.endif# x86 + +WARNS= 5
CVS commit: src/sys/crypto/adiantum
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:47:16 UTC 2020 Modified Files: src/sys/crypto/adiantum: adiantum.c files.adiantum Log Message: Convert crypto/adiantum to use new ChaCha API. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/adiantum/adiantum.c \ src/sys/crypto/adiantum/files.adiantum Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/adiantum/adiantum.c diff -u src/sys/crypto/adiantum/adiantum.c:1.2 src/sys/crypto/adiantum/adiantum.c:1.3 --- src/sys/crypto/adiantum/adiantum.c:1.2 Sat Jul 25 22:41:03 2020 +++ src/sys/crypto/adiantum/adiantum.c Sat Jul 25 22:47:16 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: adiantum.c,v 1.2 2020/07/25 22:41:03 riastradh Exp $ */ +/* $NetBSD: adiantum.c,v 1.3 2020/07/25 22:47:16 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: adiantum.c,v 1.2 2020/07/25 22:41:03 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: adiantum.c,v 1.3 2020/07/25 22:47:16 riastradh Exp $"); #include #include @@ -51,6 +51,7 @@ __KERNEL_RCSID(1, "$NetBSD: adiantum.c,v #include #include +#include #else /* !defined(_KERNEL) */ @@ -1804,270 +1805,6 @@ nhpoly1305_selftest(void) return result; } -/* ChaCha core */ - -static uint32_t -rol32(uint32_t u, unsigned c) -{ - - return (u << c) | (u >> (32 - c)); -} - -#define CHACHA_QUARTERROUND(a, b, c, d) do { \ - (a) += (b); (d) ^= (a); (d) = rol32((d), 16); \ - (c) += (d); (b) ^= (c); (b) = rol32((b), 12); \ - (a) += (b); (d) ^= (a); (d) = rol32((d), 8); \ - (c) += (d); (b) ^= (c); (b) = rol32((b), 7); \ -} while (/*CONSTCOND*/0) - -const uint8_t chacha_const32[16] = "expand 32-byte k"; - -static void -chacha_core(uint8_t out[restrict static 64], const uint8_t in[static 16], -const uint8_t k[static 32], const uint8_t c[static 16], unsigned nr) -{ - uint32_t x0,x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,x14,x15; - uint32_t y0,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13,y14,y15; - int i; - - x0 = y0 = le32dec(c + 0); - x1 = y1 = le32dec(c + 4); - x2 = y2 = le32dec(c + 8); - x3 = y3 = le32dec(c + 12); - x4 = y4 = le32dec(k + 0); - x5 = y5 = le32dec(k + 4); - x6 = y6 = le32dec(k + 8); - x7 = y7 = le32dec(k + 12); - x8 = y8 = le32dec(k + 16); - x9 = y9 = le32dec(k + 20); - x10 = y10 = le32dec(k + 24); - x11 = y11 = le32dec(k + 28); - x12 = y12 = le32dec(in + 0); - x13 = y13 = le32dec(in + 4); - x14 = y14 = le32dec(in + 8); - x15 = y15 = le32dec(in + 12); - - for (i = nr; i > 0; i -= 2) { - CHACHA_QUARTERROUND( y0, y4, y8,y12); - CHACHA_QUARTERROUND( y1, y5, y9,y13); - CHACHA_QUARTERROUND( y2, y6,y10,y14); - CHACHA_QUARTERROUND( y3, y7,y11,y15); - CHACHA_QUARTERROUND( y0, y5,y10,y15); - CHACHA_QUARTERROUND( y1, y6,y11,y12); - CHACHA_QUARTERROUND( y2, y7, y8,y13); - CHACHA_QUARTERROUND( y3, y4, y9,y14); - } - - le32enc(out + 0, x0 + y0); - le32enc(out + 4, x1 + y1); - le32enc(out + 8, x2 + y2); - le32enc(out + 12, x3 + y3); - le32enc(out + 16, x4 + y4); - le32enc(out + 20, x5 + y5); - le32enc(out + 24, x6 + y6); - le32enc(out + 28, x7 + y7); - le32enc(out + 32, x8 + y8); - le32enc(out + 36, x9 + y9); - le32enc(out + 40, x10 + y10); - le32enc(out + 44, x11 + y11); - le32enc(out + 48, x12 + y12); - le32enc(out + 52, x13 + y13); - le32enc(out + 56, x14 + y14); - le32enc(out + 60, x15 + y15); -} - -/* https://tools.ietf.org/html/draft-strombergson-chacha-test-vectors-00 */ -static int -chacha_core_selftest(void) -{ - /* TC1, 32-byte key, rounds=12, keystream block 1 */ - static const uint8_t zero[32]; - static const uint8_t expected0[64] = { - 0x9b,0xf4,0x9a,0x6a, 0x07,0x55,0xf9,0x53, - 0x81,0x1f,0xce,0x12, 0x5f,0x26,0x83,0xd5, - 0x04,0x29,0xc3,0xbb, 0x49,0xe0,0x74,0x14, - 0x7e,0x00,0x89,0xa5, 0x2e,0xae,0x15,0x5f, - 0x05,0x64,0xf8,0x79, 0xd2,0x7a,0xe3,0xc0, - 0x2c,0xe8,0x28,0x34, 0xac,0xfa,0x8c,0x79, - 0x3a,0x62,0x9f,0x2c, 0xa0,0xde,0x69,0x19, - 0x61,0x0b,0xe8,0x2f, 0x41,0x13,0x26,0xbe, - }; - /* TC7, 32-byte key, rounds=12, keystream block 2 */ - static const uint8_t k1[32] = { - 0x00,0x11,0x22,0x33, 0x44,0x55,0x66,0x77, - 0x88,0x99,0xaa,0xbb, 0xcc,0xdd,0xee,0xff, - 0xff,0xee,0xdd,0xcc, 0xbb,0xaa,0x99,0x88, - 0x77,0x66,0x55,0x44, 0x33,0x22,0x11,0x00, - }; - static const uint8_t in1[16] = { - 0x01,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, - 0x0f,0x1e,0x2d,0x3c, 0x4b,0x59,0x68,0x77, - }; - static const uint8_t expected1[64] = { - 0xcd,0x9a,0x2a,0xa9, 0xea,0x93,0xc2,0x67, - 0x5e,0x82,0x88,0x14, 0x08,0xde,0x85,0x2c, - 0x62,0xfa,0x74,0x6a, 0x30,0xe5,0x2b,0x45, - 0xa2,0x69,0x62,0xcf, 0x43,0x51,0xe3,0x04, - 0xd3,0x13,0x20,0xbb, 0xd6,0xaa,0x6c,0xc8, - 0xf3,0x26,0x37,0xf9, 0x59,0x34,0xe4,0xc1, - 0x45,0xef,0xd5,0x62, 0x31,0xef,0x31,0x61, - 0x03,0x28,0x36,0xf4, 0x96,0x71,0x83,0x3e, - }; - uint8_t out[64]; - int result = 0;
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:46:35 UTC 2020 Modified Files: src/sys/conf: files Added Files: src/sys/crypto/chacha: chacha.h chacha_impl.c chacha_impl.h chacha_ref.c chacha_ref.h chacha_selftest.c files.chacha Log Message: New ChaCha API in kernel. This will enable us to adopt MD vectorized implementations of ChaCha. To generate a diff of this commit: cvs rdiff -u -r1.1272 -r1.1273 src/sys/conf/files cvs rdiff -u -r0 -r1.1 src/sys/crypto/chacha/chacha.h \ src/sys/crypto/chacha/chacha_impl.c src/sys/crypto/chacha/chacha_impl.h \ src/sys/crypto/chacha/chacha_ref.c src/sys/crypto/chacha/chacha_ref.h \ src/sys/crypto/chacha/chacha_selftest.c \ src/sys/crypto/chacha/files.chacha Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/conf/files diff -u src/sys/conf/files:1.1272 src/sys/conf/files:1.1273 --- src/sys/conf/files:1.1272 Sat Jul 25 22:26:23 2020 +++ src/sys/conf/files Sat Jul 25 22:46:34 2020 @@ -1,4 +1,4 @@ -# $NetBSD: files,v 1.1272 2020/07/25 22:26:23 riastradh Exp $ +# $NetBSD: files,v 1.1273 2020/07/25 22:46:34 riastradh Exp $ # @(#)files.newconf 7.5 (Berkeley) 5/10/93 version 20171118 @@ -202,6 +202,7 @@ defflag opt_machdep.h MACHDEP # Individual crypto transforms include "crypto/adiantum/files.adiantum" include "crypto/aes/files.aes" +include "crypto/chacha/files.chacha" include "crypto/des/files.des" include "crypto/blowfish/files.blowfish" include "crypto/cast128/files.cast128" Added files: Index: src/sys/crypto/chacha/chacha.h diff -u /dev/null src/sys/crypto/chacha/chacha.h:1.1 --- /dev/null Sat Jul 25 22:46:35 2020 +++ src/sys/crypto/chacha/chacha.h Sat Jul 25 22:46:34 2020 @@ -0,0 +1,85 @@ +/* $NetBSD: chacha.h,v 1.1 2020/07/25 22:46:34 riastradh Exp $ */ + +/*- + * Copyright (c) 2020 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _SYS_CRYPTO_CHACHA_CHACHA_H +#define _SYS_CRYPTO_CHACHA_CHACHA_H + +#include + +#define CHACHA_KEYBYTES 32 + +#define CHACHA_CORE_KEYBYTES CHACHA_KEYBYTES +#define CHACHA_CORE_INBYTES 16 +#define CHACHA_CORE_CONSTBYTES 16 +#define CHACHA_CORE_OUTBYTES 64 + +#define HCHACHA_KEYBYTES CHACHA_KEYBYTES +#define HCHACHA_INBYTES 16 +#define HCHACHA_CONSTBYTES 16 +#define HCHACHA_OUTBYTES 32 + +#define CHACHA_STREAM_KEYBYTES CHACHA_KEYBYTES +#define CHACHA_STREAM_NONCEBYTES 12 + +#define XCHACHA_STREAM_KEYBYTES CHACHA_KEYBYTES +#define XCHACHA_STREAM_NONCEBYTES 24 + +extern const uint8_t chacha_const32[16]; + +void chacha_core(uint8_t[restrict static CHACHA_CORE_OUTBYTES], + const uint8_t[static CHACHA_CORE_INBYTES], + const uint8_t[static CHACHA_CORE_KEYBYTES], + const uint8_t[static CHACHA_CORE_CONSTBYTES], + unsigned); +void hchacha(uint8_t[restrict static HCHACHA_OUTBYTES], + const uint8_t[static HCHACHA_INBYTES], + const uint8_t[static HCHACHA_KEYBYTES], + const uint8_t[static HCHACHA_CONSTBYTES], + unsigned); +void chacha_stream(uint8_t *restrict, size_t, + uint32_t, + const uint8_t[static CHACHA_STREAM_NONCEBYTES], + const uint8_t[static CHACHA_STREAM_KEYBYTES], + unsigned); +void chacha_stream_xor(uint8_t *, const uint8_t *, size_t, + uint32_t, + const uint8_t[static CHACHA_STREAM_NONCEBYTES], + const uint8_t[static CHACHA_STREAM_KEYBYTES], + unsigned); +void xchacha_stream(uint8_t *restrict, size_t, + uint32_t, + const uint8_t[static XCHACHA_STREAM_NONCEBYTES], + const uint8_t[static XCHACHA_STREAM_KEYBYTES], + unsigned); +void
CVS commit: src/sys/crypto/aes/arch/x86
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:45:10 UTC 2020 Modified Files: src/sys/crypto/aes/arch/x86: immintrin.h Log Message: Add some Intel intrinsics for ChaCha. _mm_load1_ps _mm_loadu_si128 _mm_movelh_ps _mm_slli_epi32 _mm_storeu_si128 _mm_unpackhi_epi32 _mm_unpacklo_epi32 To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/sys/crypto/aes/arch/x86/immintrin.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/x86/immintrin.h diff -u src/sys/crypto/aes/arch/x86/immintrin.h:1.4 src/sys/crypto/aes/arch/x86/immintrin.h:1.5 --- src/sys/crypto/aes/arch/x86/immintrin.h:1.4 Sat Jul 25 22:44:32 2020 +++ src/sys/crypto/aes/arch/x86/immintrin.h Sat Jul 25 22:45:10 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: immintrin.h,v 1.4 2020/07/25 22:44:32 riastradh Exp $ */ +/* $NetBSD: immintrin.h,v 1.5 2020/07/25 22:45:10 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -103,6 +103,20 @@ _mm_add_epi32(__m128i __a, __m128i __b) #endif _INTRINSATTR +static __inline __m128 +_mm_load1_ps(const float *__p) +{ + return __extension__ (__m128)(__v4sf) { *__p, *__p, *__p, *__p }; +} + +_INTRINSATTR +static __inline __m128i +_mm_loadu_si128(const __m128i_u *__p) +{ + return ((const struct { __m128i_u __v; } _PACKALIAS *)__p)->__v; +} + +_INTRINSATTR static __inline __m128i _mm_loadu_si32(const void *__p) { @@ -132,8 +146,18 @@ _mm_movehl_ps(__m128 __v0, __m128 __v1) #if defined(__GNUC__) && !defined(__clang__) return (__m128)__builtin_ia32_movhlps((__v4sf)__v0, (__v4sf)__v1); #elif defined(__clang__) - return __builtin_shufflevector((__v4sf)__v0, (__v4sf)__v1, - 6, 7, 2, 3); + return __builtin_shufflevector((__v4sf)__v0, (__v4sf)__v1, 6,7,2,3); +#endif +} + +_INTRINSATTR +static __inline __m128 +_mm_movelh_ps(__m128 __v0, __m128 __v1) +{ +#if defined(__GNUC__) && !defined(__clang__) + return (__m128)__builtin_ia32_movlhps((__v4sf)__v0, (__v4sf)__v1); +#elif defined(__clang__) + return __builtin_shufflevector((__v4sf)__v0, (__v4sf)__v1, 0,1,4,5); #endif } @@ -205,6 +229,13 @@ _mm_shuffle_epi8(__m128i __vtbl, __m128i _INTRINSATTR static __inline __m128i +_mm_slli_epi32(__m128i __v, uint8_t __bits) +{ + return (__m128i)__builtin_ia32_pslldi128((__v4si)__v, (int)__bits); +} + +_INTRINSATTR +static __inline __m128i _mm_slli_epi64(__m128i __v, uint8_t __bits) { return (__m128i)__builtin_ia32_psllqi128((__v2di)__v, (int)__bits); @@ -245,6 +276,13 @@ _mm_srli_epi64(__m128i __v, uint8_t __bi _INTRINSATTR static __inline void +_mm_storeu_si128(__m128i_u *__p, __m128i __v) +{ + ((struct { __m128i_u __v; } _PACKALIAS *)__p)->__v = __v; +} + +_INTRINSATTR +static __inline void _mm_storeu_si32(void *__p, __m128i __v) { ((struct { int32_t __v; } _PACKALIAS *)__p)->__v = ((__v4si)__v)[0]; @@ -273,6 +311,32 @@ _mm_sub_epi64(__m128i __x, __m128i __y) _INTRINSATTR static __inline __m128i +_mm_unpackhi_epi32(__m128i __lo, __m128i __hi) +{ +#if defined(__GNUC__) && !defined(__clang__) + return (__m128i)__builtin_ia32_punpckhdq128((__v4si)__lo, + (__v4si)__hi); +#elif defined(__clang__) + return (__m128i)__builtin_shufflevector((__v4si)__lo, (__v4si)__hi, + 2,6,3,7); +#endif +} + +_INTRINSATTR +static __inline __m128i +_mm_unpacklo_epi32(__m128i __lo, __m128i __hi) +{ +#if defined(__GNUC__) && !defined(__clang__) + return (__m128i)__builtin_ia32_punpckldq128((__v4si)__lo, + (__v4si)__hi); +#elif defined(__clang__) + return (__m128i)__builtin_shufflevector((__v4si)__lo, (__v4si)__hi, + 0,4,1,5); +#endif +} + +_INTRINSATTR +static __inline __m128i _mm_unpacklo_epi64(__m128i __lo, __m128i __hi) { #if defined(__GNUC__) && !defined(__clang__)
CVS commit: src/sys/crypto/aes/arch/x86
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:44:32 UTC 2020 Modified Files: src/sys/crypto/aes/arch/x86: immintrin.h Log Message: Fix target attribute on _mm_movehl_ps, fix clang _mm_unpacklo_epi64. - _mm_movehl_ps is available in SSE2, no need for SSSE3. - _mm_unpacklo_epi64 operates on v2di, not v4si; fix. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/arch/x86/immintrin.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/x86/immintrin.h diff -u src/sys/crypto/aes/arch/x86/immintrin.h:1.3 src/sys/crypto/aes/arch/x86/immintrin.h:1.4 --- src/sys/crypto/aes/arch/x86/immintrin.h:1.3 Sat Jul 25 22:31:04 2020 +++ src/sys/crypto/aes/arch/x86/immintrin.h Sat Jul 25 22:44:32 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: immintrin.h,v 1.3 2020/07/25 22:31:04 riastradh Exp $ */ +/* $NetBSD: immintrin.h,v 1.4 2020/07/25 22:44:32 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -125,7 +125,7 @@ _mm_load_si128(const __m128i *__p) return *__p; } -_INTRINSATTR _SSSE3_ATTR +_INTRINSATTR static __inline __m128 _mm_movehl_ps(__m128 __v0, __m128 __v1) { @@ -279,8 +279,8 @@ _mm_unpacklo_epi64(__m128i __lo, __m128i return (__m128i)__builtin_ia32_punpcklqdq128((__v2di)__lo, (__v2di)__hi); #elif defined(__clang__) - return (__m128i)__builtin_shufflevector((__v4si)__lo, (__v4si)__hi, - 0, 4, 1, 5); + return (__m128i)__builtin_shufflevector((__v2di)__lo, (__v2di)__hi, + 0,2); #endif }
CVS commit: src/sys/arch/x86/x86
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:44:02 UTC 2020 Modified Files: src/sys/arch/x86/x86: identcpu.c Log Message: Nix outdated comment. The substance of the change that introduced it was reverted, but I neglected to revert the comment when reverting the substance. To generate a diff of this commit: cvs rdiff -u -r1.114 -r1.115 src/sys/arch/x86/x86/identcpu.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/x86/identcpu.c diff -u src/sys/arch/x86/x86/identcpu.c:1.114 src/sys/arch/x86/x86/identcpu.c:1.115 --- src/sys/arch/x86/x86/identcpu.c:1.114 Sat Jul 25 22:12:56 2020 +++ src/sys/arch/x86/x86/identcpu.c Sat Jul 25 22:44:02 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: identcpu.c,v 1.114 2020/07/25 22:12:56 riastradh Exp $ */ +/* $NetBSD: identcpu.c,v 1.115 2020/07/25 22:44:02 riastradh Exp $ */ /*- * Copyright (c) 1999, 2000, 2001, 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: identcpu.c,v 1.114 2020/07/25 22:12:56 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: identcpu.c,v 1.115 2020/07/25 22:44:02 riastradh Exp $"); #include "opt_xen.h" @@ -1001,12 +1001,6 @@ cpu_probe(struct cpu_info *ci) /* Early patch of text segment. */ x86_patch(true); #endif - /* - * XXX There is a bug with FPU in kernel that we - * haven't been able to track down yet, and all of the - * accelerated AES code relies on that, so it is - * disabled temporarily while we diagnose the bug. - */ #ifdef __x86_64__ /* not yet implemented on i386 */ if (cpu_feature[1] & CPUID2_AES) aes_md_init(_ni_impl);
CVS commit: src/sys/crypto/aes/arch/arm
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:42:31 UTC 2020 Modified Files: src/sys/crypto/aes/arch/arm: arm_neon.h Log Message: Fix missing clang big-endian case. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/sys/crypto/aes/arch/arm/arm_neon.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/arm/arm_neon.h diff -u src/sys/crypto/aes/arch/arm/arm_neon.h:1.4 src/sys/crypto/aes/arch/arm/arm_neon.h:1.5 --- src/sys/crypto/aes/arch/arm/arm_neon.h:1.4 Sat Jul 25 22:36:06 2020 +++ src/sys/crypto/aes/arch/arm/arm_neon.h Sat Jul 25 22:42:31 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: arm_neon.h,v 1.4 2020/07/25 22:36:06 riastradh Exp $ */ +/* $NetBSD: arm_neon.h,v 1.5 2020/07/25 22:42:31 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -237,7 +237,12 @@ vld1q_u8(const uint8_t *__p8) return (uint8x16_t)__builtin_neon_vld1v16qi(__p); #endif #elif defined(__clang__) - return (uint8x16_t)__builtin_neon_vld1q_v(__p8, 48); + uint8x16_t __v = (uint8x16_t)__builtin_neon_vld1q_v(__p8, 48); +#ifndef __LITTLE_ENDIAN__ + __v = __builtin_shufflevector(__v, __v, + 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0); +#endif + return __v; #endif } @@ -442,7 +447,7 @@ vst1q_u8(uint8_t *__p8, uint8x16_t __v) #elif defined(__clang__) #ifndef __LITTLE_ENDIAN__ __v = __builtin_shufflevector(__v, __v, - 15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0); + 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0); #endif __builtin_neon_vst1q_v(__p8, __v, 48); #endif
CVS commit: src/sys/crypto/aes/arch/arm
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:43:01 UTC 2020 Modified Files: src/sys/crypto/aes/arch/arm: arm_neon.h Log Message: Add 32-bit load, store, and shift intrinsics. vld1q_u32 vst1q_u32 vshlq_n_u32 vshrq_n_u32 To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/sys/crypto/aes/arch/arm/arm_neon.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/arm/arm_neon.h diff -u src/sys/crypto/aes/arch/arm/arm_neon.h:1.5 src/sys/crypto/aes/arch/arm/arm_neon.h:1.6 --- src/sys/crypto/aes/arch/arm/arm_neon.h:1.5 Sat Jul 25 22:42:31 2020 +++ src/sys/crypto/aes/arch/arm/arm_neon.h Sat Jul 25 22:43:01 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: arm_neon.h,v 1.5 2020/07/25 22:42:31 riastradh Exp $ */ +/* $NetBSD: arm_neon.h,v 1.6 2020/07/25 22:43:01 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -222,6 +222,30 @@ vgetq_lane_u32(uint32x4_t __v, uint8_t _ #endif _INTRINSATTR +static __inline uint32x4_t +vld1q_u32(const uint32_t *__p32) +{ +#if defined(__GNUC__) && !defined(__clang__) +#ifdef __aarch64__ + const __builtin_aarch64_simd_si *__p = + (const __builtin_aarch64_simd_si *)__p32; + + return (uint32x4_t)__builtin_aarch64_ld1v4si(__p); +#else + const __builtin_neon_si *__p = (const __builtin_neon_si *)__p32; + + return (uint32x4_t)__builtin_neon_vld1v4si(__p); +#endif +#elif defined(__clang__) + uint32x4_t __v = (uint32x4_t)__builtin_neon_vld1q_v(__p32, 50); +#ifndef __LITTLE_ENDIAN__ + __v = __builtin_shufflevector(__v, __v, 3,2,1,0); +#endif + return __v; +#endif +} + +_INTRINSATTR static __inline uint8x16_t vld1q_u8(const uint8_t *__p8) { @@ -383,6 +407,38 @@ vsetq_lane_u64(uint64_t __x, uint64x2_t #if defined(__GNUC__) && !defined(__clang__) _INTRINSATTR +static __inline uint32x4_t +vshlq_n_u32(uint32x4_t __v, uint8_t __bits) +{ +#ifdef __aarch64__ + return (uint32x4_t)__builtin_aarch64_ashlv4si((int32x4_t)__v, __bits); +#else + return (uint32x4_t)__builtin_neon_vshl_nv4si((int32x4_t)__v, __bits); +#endif +} +#elif defined(__clang__) +#define vshlq_n_u32(__v, __bits) \ + (uint32x4_t)__builtin_neon_vshlq_n_v((int32x4_t)(__v), (__bits), 50) +#endif + +#if defined(__GNUC__) && !defined(__clang__) +_INTRINSATTR +static __inline uint32x4_t +vshrq_n_u32(uint32x4_t __v, uint8_t __bits) +{ +#ifdef __aarch64__ + return (uint32x4_t)__builtin_aarch64_lshrv4si((int32x4_t)__v, __bits); +#else + return (uint32x4_t)__builtin_neon_vshru_nv4si((int32x4_t)__v, __bits); +#endif +} +#elif defined(__clang__) +#define vshrq_n_u8(__v, __bits) \ + (uint32x4_t)__builtin_neon_vshrq_n_v((int32x4_t)(__v), (__bits), 50) +#endif + +#if defined(__GNUC__) && !defined(__clang__) +_INTRINSATTR static __inline uint8x16_t vshrq_n_u8(uint8x16_t __v, uint8_t __bits) { @@ -432,6 +488,28 @@ vsliq_n_s32(int32x4_t __vins, int32x4_t _INTRINSATTR static __inline void +vst1q_u32(uint32_t *__p32, uint32x4_t __v) +{ +#if defined(__GNUC__) && !defined(__clang__) +#ifdef __aarch64__ + __builtin_aarch64_simd_si *__p = (__builtin_aarch64_simd_si *)__p32; + + __builtin_aarch64_st1v4si(__p, (int32x4_t)__v); +#else + __builtin_neon_si *__p = (__builtin_neon_si *)__p32; + + __builtin_neon_vst1v4si(__p, (int32x4_t)__v); +#endif +#elif defined(__clang__) +#ifndef __LITTLE_ENDIAN__ + __v = __builtin_shufflevector(__v, __v, 3,2,1,0); +#endif + __builtin_neon_vst1q_v(__p32, __v, 50); +#endif +} + +_INTRINSATTR +static __inline void vst1q_u8(uint8_t *__p8, uint8x16_t __v) { #if defined(__GNUC__) && !defined(__clang__)
CVS commit: src/sys/crypto/aes
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:42:03 UTC 2020 Modified Files: src/sys/crypto/aes: aes_impl.c Log Message: Make aes boot message verbose-only. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/sys/crypto/aes/aes_impl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/aes_impl.c diff -u src/sys/crypto/aes/aes_impl.c:1.7 src/sys/crypto/aes/aes_impl.c:1.8 --- src/sys/crypto/aes/aes_impl.c:1.7 Sat Jul 25 22:36:42 2020 +++ src/sys/crypto/aes/aes_impl.c Sat Jul 25 22:42:03 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_impl.c,v 1.7 2020/07/25 22:36:42 riastradh Exp $ */ +/* $NetBSD: aes_impl.c,v 1.8 2020/07/25 22:42:03 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_impl.c,v 1.7 2020/07/25 22:36:42 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_impl.c,v 1.8 2020/07/25 22:42:03 riastradh Exp $"); #include #include @@ -111,7 +111,7 @@ aes_select(void) if (aes_impl == NULL) panic("AES self-tests failed"); - aprint_normal("aes: %s\n", aes_impl->ai_name); + aprint_verbose("aes: %s\n", aes_impl->ai_name); return 0; }
CVS commit: src/sys/crypto/adiantum
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:41:31 UTC 2020 Modified Files: src/sys/crypto/adiantum: files.adiantum Log Message: Note dependency of adiantum on aes. Forgot this a while back. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/sys/crypto/adiantum/files.adiantum Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/adiantum/files.adiantum diff -u src/sys/crypto/adiantum/files.adiantum:1.1 src/sys/crypto/adiantum/files.adiantum:1.2 --- src/sys/crypto/adiantum/files.adiantum:1.1 Mon Jun 29 23:44:01 2020 +++ src/sys/crypto/adiantum/files.adiantum Sat Jul 25 22:41:31 2020 @@ -1,6 +1,6 @@ -# $NetBSD: files.adiantum,v 1.1 2020/06/29 23:44:01 riastradh Exp $ +# $NetBSD: files.adiantum,v 1.2 2020/07/25 22:41:31 riastradh Exp $ -define adiantum +define adiantum: aes file crypto/adiantum/adiantum.c adiantum file crypto/adiantum/adiantum_selftest.c adiantum
CVS commit: src/sys/crypto/adiantum
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:41:03 UTC 2020 Modified Files: src/sys/crypto/adiantum: adiantum.c Log Message: Omit useless AES call. This must have been a vestige from editing that I never got around to removing, oops. Should speed up adiantum encryption a wee bit! To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/sys/crypto/adiantum/adiantum.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/adiantum/adiantum.c diff -u src/sys/crypto/adiantum/adiantum.c:1.1 src/sys/crypto/adiantum/adiantum.c:1.2 --- src/sys/crypto/adiantum/adiantum.c:1.1 Mon Jun 29 23:44:01 2020 +++ src/sys/crypto/adiantum/adiantum.c Sat Jul 25 22:41:03 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: adiantum.c,v 1.1 2020/06/29 23:44:01 riastradh Exp $ */ +/* $NetBSD: adiantum.c,v 1.2 2020/07/25 22:41:03 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: adiantum.c,v 1.1 2020/06/29 23:44:01 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: adiantum.c,v 1.2 2020/07/25 22:41:03 riastradh Exp $"); #include #include @@ -2144,8 +2144,6 @@ adiantum_enc(void *c, const void *p, siz KASSERT(len % 16 == 0); - aes_enc(>kk_enc, p, buf, AES_256_NROUNDS); - adiantum_hash(h, pL, Llen, t, tlen, A->kt, A->kl, A->kn); add128(buf, pR, h); /* buf := P_M */ aes_enc(>kk_enc, buf, buf, AES_256_NROUNDS); /* buf := C_M */
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:40:08 UTC 2020 Modified Files: src/sys/crypto/aes: files.aes src/sys/rump/kern/lib/libcrypto: Makefile Removed Files: src/sys/crypto/aes: aes_rijndael.c src/sys/crypto/rijndael: rijndael-alg-fst.h rijndael-api-fst.h rijndael.h Log Message: Remove now-unused legacy rijndael API. To generate a diff of this commit: cvs rdiff -u -r1.2 -r0 src/sys/crypto/aes/aes_rijndael.c cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/files.aes cvs rdiff -u -r1.4 -r0 src/sys/crypto/rijndael/rijndael-alg-fst.h cvs rdiff -u -r1.9 -r0 src/sys/crypto/rijndael/rijndael-api-fst.h cvs rdiff -u -r1.10 -r0 src/sys/crypto/rijndael/rijndael.h cvs rdiff -u -r1.8 -r1.9 src/sys/rump/kern/lib/libcrypto/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/files.aes diff -u src/sys/crypto/aes/files.aes:1.2 src/sys/crypto/aes/files.aes:1.3 --- src/sys/crypto/aes/files.aes:1.2 Sat Jul 25 22:15:55 2020 +++ src/sys/crypto/aes/files.aes Sat Jul 25 22:40:08 2020 @@ -1,7 +1,6 @@ -# $NetBSD: files.aes,v 1.2 2020/07/25 22:15:55 riastradh Exp $ +# $NetBSD: files.aes,v 1.3 2020/07/25 22:40:08 riastradh Exp $ define aes -define rijndael: aes # legacy Rijndael API file crypto/aes/aes_bear.c aes file crypto/aes/aes_ccm.c aes @@ -10,5 +9,4 @@ file crypto/aes/aes_ct.c aes file crypto/aes/aes_ct_dec.c aes file crypto/aes/aes_ct_enc.c aes file crypto/aes/aes_impl.c aes -file crypto/aes/aes_rijndael.c rijndael file crypto/aes/aes_selftest.c aes Index: src/sys/rump/kern/lib/libcrypto/Makefile diff -u src/sys/rump/kern/lib/libcrypto/Makefile:1.8 src/sys/rump/kern/lib/libcrypto/Makefile:1.9 --- src/sys/rump/kern/lib/libcrypto/Makefile:1.8 Mon Jun 29 23:44:01 2020 +++ src/sys/rump/kern/lib/libcrypto/Makefile Sat Jul 25 22:40:08 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.8 2020/06/29 23:44:01 riastradh Exp $ +# $NetBSD: Makefile,v 1.9 2020/07/25 22:40:08 riastradh Exp $ # .PATH: ${.CURDIR}/../../../../crypto/adiantum\ @@ -34,7 +34,6 @@ SRCS+= aes_ct.c SRCS+= aes_ct_dec.c SRCS+= aes_ct_enc.c SRCS+= aes_impl.c -SRCS+= aes_rijndael.c SRCS+= aes_selftest.c # skipjack
CVS commit: src/sys/dev/marvell
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:37:48 UTC 2020 Modified Files: src/sys/dev/marvell: mvxpsec.c Log Message: Make this build with or without options IPSEC. Not really that useful without options IPSEC, but simply uncommenting mvxpsec in conf/ARMADAXP didn't build, and this change is trivial, so why not. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/sys/dev/marvell/mvxpsec.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/marvell/mvxpsec.c diff -u src/sys/dev/marvell/mvxpsec.c:1.6 src/sys/dev/marvell/mvxpsec.c:1.7 --- src/sys/dev/marvell/mvxpsec.c:1.6 Sat Jul 25 22:37:16 2020 +++ src/sys/dev/marvell/mvxpsec.c Sat Jul 25 22:37:48 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: mvxpsec.c,v 1.6 2020/07/25 22:37:16 riastradh Exp $ */ +/* $NetBSD: mvxpsec.c,v 1.7 2020/07/25 22:37:48 riastradh Exp $ */ /* * Copyright (c) 2015 Internet Initiative Japan Inc. * All rights reserved. @@ -24,6 +24,11 @@ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ + +#ifdef _KERNEL_OPT +#include "opt_ipsec.h" +#endif + /* * Cryptographic Engine and Security Accelerator(MVXPSEC) */ @@ -63,7 +68,9 @@ #include #include +#if NIPSEC > 0 #include +#endif #include #include @@ -2513,6 +2520,7 @@ mvxpsec_packet_setmbuf(struct mvxpsec_pa } } if (pktlen > SRAM_PAYLOAD_SIZE) { +#if NIPSEC > 0 extern percpu_t *espstat_percpu; /* XXX: * layer violation. opencrypto knows our max packet size @@ -2520,6 +2528,7 @@ mvxpsec_packet_setmbuf(struct mvxpsec_pa */ _NET_STATINC(espstat_percpu, ESP_STAT_TOOBIG); +#endif log(LOG_ERR, "%s: ESP Packet too large: %zu [oct.] > %zu [oct.]\n", device_xname(sc->sc_dev), @@ -2562,6 +2571,7 @@ mvxpsec_packet_setuio(struct mvxpsec_pac struct mvxpsec_softc *sc = mv_s->sc; if (uio->uio_resid > SRAM_PAYLOAD_SIZE) { +#if NIPSEC > 0 extern percpu_t *espstat_percpu; /* XXX: * layer violation. opencrypto knows our max packet size @@ -2569,6 +2579,7 @@ mvxpsec_packet_setuio(struct mvxpsec_pac */ _NET_STATINC(espstat_percpu, ESP_STAT_TOOBIG); +#endif log(LOG_ERR, "%s: uio request too large: %zu [oct.] > %zu [oct.]\n", device_xname(sc->sc_dev),
CVS commit: src/sys/dev/marvell
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:37:16 UTC 2020 Modified Files: src/sys/dev/marvell: files.armada mvxpsec.c Log Message: Omit needless rijndael dependencies. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/sys/dev/marvell/files.armada \ src/sys/dev/marvell/mvxpsec.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/marvell/files.armada diff -u src/sys/dev/marvell/files.armada:1.5 src/sys/dev/marvell/files.armada:1.6 --- src/sys/dev/marvell/files.armada:1.5 Wed Apr 22 09:15:40 2020 +++ src/sys/dev/marvell/files.armada Sat Jul 25 22:37:16 2020 @@ -1,4 +1,4 @@ -# $NetBSD: files.armada,v 1.5 2020/04/22 09:15:40 rin Exp $ +# $NetBSD: files.armada,v 1.6 2020/07/25 22:37:16 riastradh Exp $ # Configuration info for Marvell ARMADA integrated peripherals # ARMADA XP Buffer Manger @@ -10,5 +10,5 @@ device mvxpe: mvxpbm, ether, ifnet, arp, file dev/marvell/if_mvxpe.c mvxpe needs-flag # ARMADA XP Cryptographic Engines and Security Accelerator -device mvxpsec: opencrypto, rijndael +device mvxpsec: opencrypto file dev/marvell/mvxpsec.c mvxpsec needs-flag Index: src/sys/dev/marvell/mvxpsec.c diff -u src/sys/dev/marvell/mvxpsec.c:1.5 src/sys/dev/marvell/mvxpsec.c:1.6 --- src/sys/dev/marvell/mvxpsec.c:1.5 Fri Dec 27 09:41:51 2019 +++ src/sys/dev/marvell/mvxpsec.c Sat Jul 25 22:37:16 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: mvxpsec.c,v 1.5 2019/12/27 09:41:51 msaitoh Exp $ */ +/* $NetBSD: mvxpsec.c,v 1.6 2020/07/25 22:37:16 riastradh Exp $ */ /* * Copyright (c) 2015 Internet Initiative Japan Inc. * All rights reserved. @@ -53,8 +53,6 @@ #include -#include - #include #include
CVS commit: src/sys/crypto/aes
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:36:42 UTC 2020 Modified Files: src/sys/crypto/aes: aes_impl.c aes_selftest.c Log Message: Remove now-needless AES-CCM fallback logic. These paths are no longer exercised because all of the aes_impls now do the AES-CCM operations. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/sys/crypto/aes/aes_impl.c cvs rdiff -u -r1.4 -r1.5 src/sys/crypto/aes/aes_selftest.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/aes_impl.c diff -u src/sys/crypto/aes/aes_impl.c:1.6 src/sys/crypto/aes/aes_impl.c:1.7 --- src/sys/crypto/aes/aes_impl.c:1.6 Sat Jul 25 22:27:53 2020 +++ src/sys/crypto/aes/aes_impl.c Sat Jul 25 22:36:42 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_impl.c,v 1.6 2020/07/25 22:27:53 riastradh Exp $ */ +/* $NetBSD: aes_impl.c,v 1.7 2020/07/25 22:36:42 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_impl.c,v 1.6 2020/07/25 22:27:53 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_impl.c,v 1.7 2020/07/25 22:36:42 riastradh Exp $"); #include #include @@ -288,16 +288,6 @@ aes_xts_dec(struct aesdec *dec, const ui aes_impl->ai_xts_dec(dec, in, out, nbytes, tweak, nrounds); } -static void -xor16(uint8_t *x, const uint8_t *a, const uint8_t *b) -{ - - le32enc(x + 4*0, le32dec(a + 4*0) ^ le32dec(b + 4*0)); - le32enc(x + 4*1, le32dec(a + 4*1) ^ le32dec(b + 4*1)); - le32enc(x + 4*2, le32dec(a + 4*2) ^ le32dec(b + 4*2)); - le32enc(x + 4*3, le32dec(a + 4*3) ^ le32dec(b + 4*3)); -} - void aes_cbcmac_update1(const struct aesenc *enc, const uint8_t in[static 16], size_t nbytes, uint8_t auth[static 16], uint32_t nrounds) @@ -307,15 +297,7 @@ aes_cbcmac_update1(const struct aesenc * KASSERT(nbytes % 16 == 0); aes_guarantee_selected(); - if (aes_impl->ai_cbcmac_update1) { - aes_impl->ai_cbcmac_update1(enc, in, nbytes, auth, nrounds); - return; - } - - for (; nbytes; in += 16, nbytes -= 16) { - xor16(auth, auth, in); - aes_enc(enc, auth, auth, nrounds); - } + aes_impl->ai_cbcmac_update1(enc, in, nbytes, auth, nrounds); } void @@ -323,26 +305,12 @@ aes_ccm_enc1(const struct aesenc *enc, c uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], uint32_t nrounds) { - uint8_t *auth = authctr; - uint8_t *ctr = authctr + 16; KASSERT(nbytes); KASSERT(nbytes % 16 == 0); aes_guarantee_selected(); - if (aes_impl->ai_ccm_enc1) { - aes_impl->ai_ccm_enc1(enc, in, out, nbytes, auth, nrounds); - return; - } - - for (; nbytes; in += 16, out += 16, nbytes -= 16) { - xor16(auth, auth, in); - aes_enc(enc, auth, auth, nrounds); - - be32enc(ctr + 12, 1 + be32dec(ctr + 12)); - aes_enc(enc, ctr, out, nrounds); - xor16(out, out, in); - } + aes_impl->ai_ccm_enc1(enc, in, out, nbytes, authctr, nrounds); } void @@ -350,26 +318,12 @@ aes_ccm_dec1(const struct aesenc *enc, c uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], uint32_t nrounds) { - uint8_t *auth = authctr; - uint8_t *ctr = authctr + 16; KASSERT(nbytes); KASSERT(nbytes % 16 == 0); aes_guarantee_selected(); - if (aes_impl->ai_ccm_dec1) { - aes_impl->ai_ccm_dec1(enc, in, out, nbytes, auth, nrounds); - return; - } - - for (; nbytes >= 16; in += 16, out += 16, nbytes -= 16) { - be32enc(ctr + 12, 1 + be32dec(ctr + 12)); - aes_enc(enc, ctr, out, nrounds); - xor16(out, out, in); - - xor16(auth, auth, out); - aes_enc(enc, auth, auth, nrounds); - } + aes_impl->ai_ccm_dec1(enc, in, out, nbytes, authctr, nrounds); } /* Index: src/sys/crypto/aes/aes_selftest.c diff -u src/sys/crypto/aes/aes_selftest.c:1.4 src/sys/crypto/aes/aes_selftest.c:1.5 --- src/sys/crypto/aes/aes_selftest.c:1.4 Sat Jul 25 22:27:53 2020 +++ src/sys/crypto/aes/aes_selftest.c Sat Jul 25 22:36:42 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_selftest.c,v 1.4 2020/07/25 22:27:53 riastradh Exp $ */ +/* $NetBSD: aes_selftest.c,v 1.5 2020/07/25 22:36:42 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_selftest.c,v 1.4 2020/07/25 22:27:53 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_selftest.c,v 1.5 2020/07/25 22:36:42 riastradh Exp $"); #ifdef _KERNEL @@ -424,9 +424,6 @@ aes_selftest_cbcmac(const struct aes_imp uint8_t auth[16]; const unsigned nr = AES_128_NROUNDS; - if (impl->ai_cbcmac_update1 == NULL) - return 0; - memset(auth, 0, sizeof auth); impl->ai_setenckey(, key, nr); @@ -500,9 +497,6 @@ aes_selftest_ccm(const struct aes_impl * const unsigned nr = AES_128_NROUNDS; int result = 0; - if (impl->ai_ccm_enc1 == NULL) - return 0; - impl->ai_setenckey(, key, nr); memset(authctr, 0, 16); @@ -521,9 +515,6 @@ aes_selftest_ccm(const struct aes_impl * result |= aes_selftest_fail(impl, buf,
CVS commit: src/sys/crypto/aes/arch/arm
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:36:06 UTC 2020 Modified Files: src/sys/crypto/aes/arch/arm: aes_neon.h aes_neon_impl.c aes_neon_subr.c arm_neon.h Log Message: Implement AES-CCM with NEON. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/arch/arm/aes_neon.h \ src/sys/crypto/aes/arch/arm/aes_neon_subr.c cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/arch/arm/aes_neon_impl.c \ src/sys/crypto/aes/arch/arm/arm_neon.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/arm/aes_neon.h diff -u src/sys/crypto/aes/arch/arm/aes_neon.h:1.2 src/sys/crypto/aes/arch/arm/aes_neon.h:1.3 --- src/sys/crypto/aes/arch/arm/aes_neon.h:1.2 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/arch/arm/aes_neon.h Sat Jul 25 22:36:06 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_neon.h,v 1.2 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_neon.h,v 1.3 2020/07/25 22:36:06 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -59,6 +59,12 @@ void aes_neon_xts_enc(const struct aesen uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); void aes_neon_xts_dec(const struct aesdec *, const uint8_t[static 16], uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); +void aes_neon_cbcmac_update1(const struct aesenc *, const uint8_t[static 16], +size_t, uint8_t[static 16], uint32_t); +void aes_neon_ccm_enc1(const struct aesenc *, const uint8_t[static 16], +uint8_t[static 16], size_t, uint8_t[static 32], uint32_t); +void aes_neon_ccm_dec1(const struct aesenc *, const uint8_t[static 16], +uint8_t[static 16], size_t, uint8_t[static 32], uint32_t); int aes_neon_selftest(void); Index: src/sys/crypto/aes/arch/arm/aes_neon_subr.c diff -u src/sys/crypto/aes/arch/arm/aes_neon_subr.c:1.2 src/sys/crypto/aes/arch/arm/aes_neon_subr.c:1.3 --- src/sys/crypto/aes/arch/arm/aes_neon_subr.c:1.2 Tue Jun 30 20:32:11 2020 +++ src/sys/crypto/aes/arch/arm/aes_neon_subr.c Sat Jul 25 22:36:06 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_neon_subr.c,v 1.2 2020/06/30 20:32:11 riastradh Exp $ */ +/* $NetBSD: aes_neon_subr.c,v 1.3 2020/07/25 22:36:06 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,9 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_neon_subr.c,v 1.2 2020/06/30 20:32:11 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_neon_subr.c,v 1.3 2020/07/25 22:36:06 riastradh Exp $"); + +#include #ifdef _KERNEL #include @@ -213,6 +215,89 @@ aes_neon_xts_dec(const struct aesdec *de storeblock(tweak, t); } +void +aes_neon_cbcmac_update1(const struct aesenc *enc, const uint8_t in[static 16], +size_t nbytes, uint8_t auth0[static 16], uint32_t nrounds) +{ + uint8x16_t auth; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + auth = loadblock(auth0); + for (; nbytes; nbytes -= 16, in += 16) + auth = aes_neon_enc1(enc, auth ^ loadblock(in), nrounds); + storeblock(auth0, auth); +} + +/* + * XXX On aarch64, we have enough registers that we should be able to + * pipeline two simultaneous vpaes computations in an `aes_neon_enc2' + * function, which should substantially improve CCM throughput. + */ + +#if _BYTE_ORDER == _LITTLE_ENDIAN +#define vbetoh32q_u8 vrev32q_u8 +#define vhtobe32q_u8 vrev32q_u8 +#elif _BYTE_ORDER == _BIG_ENDIAN +#define vbetoh32q_u8(x) (x) +#define vhtobe32q_u8(x) (x) +#else +#error what kind of endian are you anyway +#endif + +void +aes_neon_ccm_enc1(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + const uint32x4_t ctr32_inc = {0, 0, 0, 1}; + uint8x16_t auth, ptxt, ctr_be; + uint32x4_t ctr; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + auth = loadblock(authctr); + ctr_be = loadblock(authctr + 16); + ctr = vreinterpretq_u32_u8(vbetoh32q_u8(ctr_be)); + for (; nbytes; nbytes -= 16, in += 16, out += 16) { + ptxt = loadblock(in); + auth = aes_neon_enc1(enc, auth ^ ptxt, nrounds); + ctr = vaddq_u32(ctr, ctr32_inc); + ctr_be = vhtobe32q_u8(vreinterpretq_u8_u32(ctr)); + storeblock(out, ptxt ^ aes_neon_enc1(enc, ctr_be, nrounds)); + } + storeblock(authctr, auth); + storeblock(authctr + 16, ctr_be); +} + +void +aes_neon_ccm_dec1(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + const uint32x4_t ctr32_inc = {0, 0, 0, 1}; + uint8x16_t auth, ctr_be, ptxt; + uint32x4_t ctr; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + auth = loadblock(authctr); + ctr_be = loadblock(authctr + 16); + ctr = vreinterpretq_u32_u8(vbetoh32q_u8(ctr_be)); + for (; nbytes; nbytes -= 16, in += 16, out += 16) { + ctr = vaddq_u32(ctr, ctr32_inc); + ctr_be = vhtobe32q_u8(vreinterpretq_u8_u32(ctr)); + ptxt = loadblock(in) ^ aes_neon_enc1(enc,
CVS commit: src
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:33:04 UTC 2020 Modified Files: src/sys/crypto/aes/arch/arm: aes_armv8.c aes_armv8.h aes_armv8_64.S src/tests/sys/crypto/aes: Makefile Log Message: Implement AES-CCM with ARMv8.5-AES. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/sys/crypto/aes/arch/arm/aes_armv8.c cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/arch/arm/aes_armv8.h cvs rdiff -u -r1.7 -r1.8 src/sys/crypto/aes/arch/arm/aes_armv8_64.S cvs rdiff -u -r1.2 -r1.3 src/tests/sys/crypto/aes/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/arm/aes_armv8.c diff -u src/sys/crypto/aes/arch/arm/aes_armv8.c:1.4 src/sys/crypto/aes/arch/arm/aes_armv8.c:1.5 --- src/sys/crypto/aes/arch/arm/aes_armv8.c:1.4 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/arch/arm/aes_armv8.c Sat Jul 25 22:33:04 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_armv8.c,v 1.4 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_armv8.c,v 1.5 2020/07/25 22:33:04 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_armv8.c,v 1.4 2020/07/25 22:12:57 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_armv8.c,v 1.5 2020/07/25 22:33:04 riastradh Exp $"); #ifdef _KERNEL #include @@ -206,6 +206,48 @@ aesarmv8_xts_dec_impl(const struct aesde fpu_kern_leave(); } +static void +aesarmv8_cbcmac_update1_impl(const struct aesenc *enc, +const uint8_t in[static 16], size_t nbytes, uint8_t auth[static 16], +uint32_t nrounds) +{ + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + fpu_kern_enter(); + aesarmv8_cbcmac_update1(enc, in, nbytes, auth, nrounds); + fpu_kern_leave(); +} + +static void +aesarmv8_ccm_enc1_impl(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + fpu_kern_enter(); + aesarmv8_ccm_enc1(enc, in, out, nbytes, authctr, nrounds); + fpu_kern_leave(); +} + +static void +aesarmv8_ccm_dec1_impl(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + fpu_kern_enter(); + aesarmv8_ccm_dec1(enc, in, out, nbytes, authctr, nrounds); + fpu_kern_leave(); +} + static int aesarmv8_xts_update_selftest(void) { @@ -285,4 +327,7 @@ struct aes_impl aes_armv8_impl = { .ai_cbc_dec = aesarmv8_cbc_dec_impl, .ai_xts_enc = aesarmv8_xts_enc_impl, .ai_xts_dec = aesarmv8_xts_dec_impl, + .ai_cbcmac_update1 = aesarmv8_cbcmac_update1_impl, + .ai_ccm_enc1 = aesarmv8_ccm_enc1_impl, + .ai_ccm_dec1 = aesarmv8_ccm_dec1_impl, }; Index: src/sys/crypto/aes/arch/arm/aes_armv8.h diff -u src/sys/crypto/aes/arch/arm/aes_armv8.h:1.2 src/sys/crypto/aes/arch/arm/aes_armv8.h:1.3 --- src/sys/crypto/aes/arch/arm/aes_armv8.h:1.2 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/arch/arm/aes_armv8.h Sat Jul 25 22:33:04 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_armv8.h,v 1.2 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_armv8.h,v 1.3 2020/07/25 22:33:04 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -66,6 +66,13 @@ void aesarmv8_xts_dec8(const struct aesd uint8_t[static 128], size_t, const uint8_t[static 16], uint32_t); void aesarmv8_xts_update(const uint8_t[static 16], uint8_t[static 16]); +void aesarmv8_cbcmac_update1(const struct aesenc *, + const uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); +void aesarmv8_ccm_enc1(const struct aesenc *, const uint8_t[static 16], + uint8_t[static 16], size_t, uint8_t[static 32], uint32_t); +void aesarmv8_ccm_dec1(const struct aesenc *, const uint8_t[static 16], + uint8_t[static 16], size_t, uint8_t[static 32], uint32_t); + extern struct aes_impl aes_armv8_impl; #endif /* _CRYPTO_AES_AES_ARCH_ARM_AES_ARMV8_H */ Index: src/sys/crypto/aes/arch/arm/aes_armv8_64.S diff -u src/sys/crypto/aes/arch/arm/aes_armv8_64.S:1.7 src/sys/crypto/aes/arch/arm/aes_armv8_64.S:1.8 --- src/sys/crypto/aes/arch/arm/aes_armv8_64.S:1.7 Sat Jul 25 22:32:09 2020 +++ src/sys/crypto/aes/arch/arm/aes_armv8_64.S Sat Jul 25 22:33:04 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_armv8_64.S,v 1.7 2020/07/25 22:32:09 riastradh Exp $ */ +/* $NetBSD: aes_armv8_64.S,v 1.8 2020/07/25 22:33:04 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -26,6 +26,8 @@ * POSSIBILITY OF SUCH DAMAGE. */ +#include + #include .arch_extension aes @@ -861,6 +863,161 @@ ENTRY(aesarmv8_xts_update) END(aesarmv8_xts_update) /* + * aesarmv8_cbcmac_update1(const struct aesenc *enckey@x0, + * const uint8_t *in@x1, size_t nbytes@x2, uint8_t auth[16] @x3, + * uint32_t nrounds@x4) + * + * Update CBC-MAC.
CVS commit: src/sys/crypto/aes/arch/arm
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:32:09 UTC 2020 Modified Files: src/sys/crypto/aes/arch/arm: aes_armv8_64.S Log Message: Invert some loops to save a branch instruction on every iteration. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/sys/crypto/aes/arch/arm/aes_armv8_64.S Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/arm/aes_armv8_64.S diff -u src/sys/crypto/aes/arch/arm/aes_armv8_64.S:1.6 src/sys/crypto/aes/arch/arm/aes_armv8_64.S:1.7 --- src/sys/crypto/aes/arch/arm/aes_armv8_64.S:1.6 Wed Jul 22 06:15:21 2020 +++ src/sys/crypto/aes/arch/arm/aes_armv8_64.S Sat Jul 25 22:32:09 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_armv8_64.S,v 1.6 2020/07/22 06:15:21 riastradh Exp $ */ +/* $NetBSD: aes_armv8_64.S,v 1.7 2020/07/25 22:32:09 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -437,13 +437,13 @@ END(aesarmv8_setenckey256) */ ENTRY(aesarmv8_enctodec) ldr q0, [x0, x2, lsl #4] /* load last round key */ -1: str q0, [x1], #0x10 /* store round key */ + b 2f +1: aesimc v0.16b, v0.16b /* convert encryption to decryption */ +2: str q0, [x1], #0x10 /* store round key */ subs x2, x2, #1 /* count down round */ ldr q0, [x0, x2, lsl #4] /* load previous round key */ - b.eq 2f /* stop if this is the last one */ - aesimc v0.16b, v0.16b /* convert encryption to decryption */ - b 1b -2: str q0, [x1] /* store first round key verbatim */ + b.ne 1b /* repeat if there's more */ + str q0, [x1] /* store first round key verbatim */ ret END(aesarmv8_enctodec) @@ -536,17 +536,17 @@ ENTRY(aesarmv8_cbc_dec1) add x2, x2, x3 /* x2 := pointer past end of out */ ldr q0, [x1, #-0x10]! /* q0 := last ciphertext block */ str q0, [x4] /* update iv */ -1: mov x0, x9 /* x0 := enckey */ - mov x3, x5 /* x3 := nrounds */ - bl aesarmv8_dec1 /* q0 := cv ^ ptxt; trash x0/x3/q16 */ - subs x10, x10, #0x10 /* count down nbytes */ - b.eq 2f /* stop if this is the first block */ - ldr q31, [x1, #-0x10]! /* q31 := chaining value */ + b 2f +1: ldr q31, [x1, #-0x10]! /* q31 := chaining value */ eor v0.16b, v0.16b, v31.16b /* q0 := plaintext block */ str q0, [x2, #-0x10]! /* store plaintext block */ mov v0.16b, v31.16b /* move cv = ciphertext block */ - b 1b -2: eor v0.16b, v0.16b, v24.16b /* q0 := first plaintext block */ +2: mov x0, x9 /* x0 := enckey */ + mov x3, x5 /* x3 := nrounds */ + bl aesarmv8_dec1 /* q0 := cv ^ ptxt; trash x0/x3/q16 */ + subs x10, x10, #0x10 /* count down nbytes */ + b.ne 1b /* repeat if more blocks */ + eor v0.16b, v0.16b, v24.16b /* q0 := first plaintext block */ str q0, [x2, #-0x10]! /* store first plaintext block */ ldp fp, lr, [sp], #16 /* pop stack frame */ ret @@ -573,7 +573,11 @@ ENTRY(aesarmv8_cbc_dec8) add x2, x2, x3 /* x2 := pointer past end of out */ ldp q6, q7, [x1, #-0x20]! /* q6, q7 := last ciphertext blocks */ str q7, [x4] /* update iv */ -1: ldp q4, q5, [x1, #-0x20]! + b 2f +1: ldp q6, q7, [x1, #-0x20]! + eor v0.16b, v0.16b, v7.16b /* q0 := pt0 */ + stp q0, q1, [x2, #-0x20]! +2: ldp q4, q5, [x1, #-0x20]! ldp q2, q3, [x1, #-0x20]! ldp q0, q1, [x1, #-0x20]! mov v31.16b, v6.16b /* q[24+i] := cv[i], 0
CVS commit: src/sys/crypto/aes/arch/x86
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:31:32 UTC 2020 Modified Files: src/sys/crypto/aes/arch/x86: aes_via.c Log Message: Implement AES-CCM with VIA ACE. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/sys/crypto/aes/arch/x86/aes_via.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/x86/aes_via.c diff -u src/sys/crypto/aes/arch/x86/aes_via.c:1.4 src/sys/crypto/aes/arch/x86/aes_via.c:1.5 --- src/sys/crypto/aes/arch/x86/aes_via.c:1.4 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/arch/x86/aes_via.c Sat Jul 25 22:31:32 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_via.c,v 1.4 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_via.c,v 1.5 2020/07/25 22:31:32 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_via.c,v 1.4 2020/07/25 22:12:57 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_via.c,v 1.5 2020/07/25 22:31:32 riastradh Exp $"); #ifdef _KERNEL #include @@ -674,6 +674,176 @@ aesvia_xts_dec(const struct aesdec *dec, explicit_memset(t, 0, sizeof t); } +static struct evcnt cbcmac_aligned_evcnt = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, +NULL, "aesvia", "cbcmac aligned"); +EVCNT_ATTACH_STATIC(cbcmac_aligned_evcnt); +static struct evcnt cbcmac_unaligned_evcnt = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, +NULL, "aesvia", "cbcmac unaligned"); +EVCNT_ATTACH_STATIC(cbcmac_unaligned_evcnt); + +static void +aesvia_cbcmac_update1(const struct aesenc *enc, const uint8_t in[static 16], +size_t nbytes, uint8_t auth0[static 16], uint32_t nrounds) +{ + const uint32_t cw0 = aesvia_keylen_cw0(nrounds); + uint8_t authbuf[16] __aligned(16); + uint8_t *auth = auth0; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + if ((uintptr_t)auth0 & 0xf) { + memcpy(authbuf, auth0, 16); + auth = authbuf; + cbcmac_unaligned_evcnt.ev_count++; + } else { + cbcmac_aligned_evcnt.ev_count++; + } + + fpu_kern_enter(); + aesvia_reload_keys(); + for (; nbytes; nbytes -= 16, in += 16) { + xor128(auth, auth, in); + aesvia_encN(enc, auth, auth, 1, cw0); + } + fpu_kern_leave(); + + if ((uintptr_t)auth0 & 0xf) { + memcpy(auth0, authbuf, 16); + explicit_memset(authbuf, 0, sizeof authbuf); + } +} + +static struct evcnt ccmenc_aligned_evcnt = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, +NULL, "aesvia", "ccmenc aligned"); +EVCNT_ATTACH_STATIC(ccmenc_aligned_evcnt); +static struct evcnt ccmenc_unaligned_evcnt = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, +NULL, "aesvia", "ccmenc unaligned"); +EVCNT_ATTACH_STATIC(ccmenc_unaligned_evcnt); + +static void +aesvia_ccm_enc1(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr0[static 32], +uint32_t nrounds) +{ + const uint32_t cw0 = aesvia_keylen_cw0(nrounds); + uint8_t authctrbuf[32] __aligned(16); + uint8_t *authctr; + uint32_t c0, c1, c2, c3; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + if ((uintptr_t)authctr0 & 0xf) { + memcpy(authctrbuf, authctr0, 16); + authctr = authctrbuf; + ccmenc_unaligned_evcnt.ev_count++; + } else { + ccmenc_aligned_evcnt.ev_count++; + } + c0 = le32dec(authctr0 + 16 + 4*0); + c1 = le32dec(authctr0 + 16 + 4*1); + c2 = le32dec(authctr0 + 16 + 4*2); + c3 = be32dec(authctr0 + 16 + 4*3); + + /* + * In principle we could use REP XCRYPTCTR here, but that + * doesn't help to compute the CBC-MAC step, and certain VIA + * CPUs have some weird errata with REP XCRYPTCTR that make it + * kind of a pain to use. So let's just use REP XCRYPTECB to + * simultaneously compute the CBC-MAC step and the CTR step. + * (Maybe some VIA CPUs will compute REP XCRYPTECB in parallel, + * who knows...) + */ + fpu_kern_enter(); + aesvia_reload_keys(); + for (; nbytes; nbytes -= 16, in += 16, out += 16) { + xor128(authctr, authctr, in); + le32enc(authctr + 16 + 4*0, c0); + le32enc(authctr + 16 + 4*1, c1); + le32enc(authctr + 16 + 4*2, c2); + be32enc(authctr + 16 + 4*3, ++c3); + aesvia_encN(enc, authctr, authctr, 2, cw0); + xor128(out, in, authctr + 16); + } + fpu_kern_leave(); + + if ((uintptr_t)authctr0 & 0xf) { + memcpy(authctr0, authctrbuf, 16); + explicit_memset(authctrbuf, 0, sizeof authctrbuf); + } + + le32enc(authctr0 + 16 + 4*0, c0); + le32enc(authctr0 + 16 + 4*1, c1); + le32enc(authctr0 + 16 + 4*2, c2); + be32enc(authctr0 + 16 + 4*3, c3); +} + +static struct evcnt ccmdec_aligned_evcnt = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, +NULL, "aesvia", "ccmdec aligned"); +EVCNT_ATTACH_STATIC(ccmdec_aligned_evcnt); +static struct evcnt ccmdec_unaligned_evcnt = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, +NULL, "aesvia", "ccmdec unaligned"); +EVCNT_ATTACH_STATIC(ccmdec_unaligned_evcnt); + +static void +aesvia_ccm_dec1(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr0[static 32], +
CVS commit: src/sys/crypto/aes/arch/x86
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:31:04 UTC 2020 Modified Files: src/sys/crypto/aes/arch/x86: aes_ssse3.h aes_ssse3_impl.c aes_ssse3_subr.c immintrin.h Log Message: Implement AES-CCM with SSSE3. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/arch/x86/aes_ssse3.h \ src/sys/crypto/aes/arch/x86/aes_ssse3_subr.c \ src/sys/crypto/aes/arch/x86/immintrin.h cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/arch/x86/aes_ssse3_impl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/x86/aes_ssse3.h diff -u src/sys/crypto/aes/arch/x86/aes_ssse3.h:1.2 src/sys/crypto/aes/arch/x86/aes_ssse3.h:1.3 --- src/sys/crypto/aes/arch/x86/aes_ssse3.h:1.2 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/arch/x86/aes_ssse3.h Sat Jul 25 22:31:04 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_ssse3.h,v 1.2 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_ssse3.h,v 1.3 2020/07/25 22:31:04 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -59,6 +59,12 @@ void aes_ssse3_xts_enc(const struct aese uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); void aes_ssse3_xts_dec(const struct aesdec *, const uint8_t[static 16], uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); +void aes_ssse3_cbcmac_update1(const struct aesenc *, const uint8_t[static 16], +size_t, uint8_t[static 16], uint32_t); +void aes_ssse3_ccm_enc1(const struct aesenc *, const uint8_t[static 16], +uint8_t[static 16], size_t, uint8_t[static 32], uint32_t); +void aes_ssse3_ccm_dec1(const struct aesenc *, const uint8_t[static 16], +uint8_t[static 16], size_t, uint8_t[static 32], uint32_t); int aes_ssse3_selftest(void); Index: src/sys/crypto/aes/arch/x86/aes_ssse3_subr.c diff -u src/sys/crypto/aes/arch/x86/aes_ssse3_subr.c:1.2 src/sys/crypto/aes/arch/x86/aes_ssse3_subr.c:1.3 --- src/sys/crypto/aes/arch/x86/aes_ssse3_subr.c:1.2 Tue Jun 30 20:32:11 2020 +++ src/sys/crypto/aes/arch/x86/aes_ssse3_subr.c Sat Jul 25 22:31:04 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_ssse3_subr.c,v 1.2 2020/06/30 20:32:11 riastradh Exp $ */ +/* $NetBSD: aes_ssse3_subr.c,v 1.3 2020/07/25 22:31:04 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_ssse3_subr.c,v 1.2 2020/06/30 20:32:11 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_ssse3_subr.c,v 1.3 2020/07/25 22:31:04 riastradh Exp $"); #ifdef _KERNEL #include @@ -208,6 +208,75 @@ aes_ssse3_xts_dec(const struct aesdec *d storeblock(tweak, t); } +void +aes_ssse3_cbcmac_update1(const struct aesenc *enc, const uint8_t in[static 16], +size_t nbytes, uint8_t auth0[static 16], uint32_t nrounds) +{ + __m128i auth; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + auth = loadblock(auth0); + for (; nbytes; nbytes -= 16, in += 16) + auth = aes_ssse3_enc1(enc, auth ^ loadblock(in), nrounds); + storeblock(auth0, auth); +} + +void +aes_ssse3_ccm_enc1(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + const __m128i ctr32_inc = _mm_set_epi32(1, 0, 0, 0); + const __m128i bs32 = + _mm_set_epi32(0x0c0d0e0f, 0x08090a0b, 0x04050607, 0x00010203); + __m128i auth, ctr_be, ctr, ptxt; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + auth = loadblock(authctr); + ctr_be = loadblock(authctr + 16); + ctr = _mm_shuffle_epi8(ctr_be, bs32); + for (; nbytes; nbytes -= 16, in += 16, out += 16) { + ptxt = loadblock(in); + auth = aes_ssse3_enc1(enc, auth ^ ptxt, nrounds); + ctr = _mm_add_epi32(ctr, ctr32_inc); + ctr_be = _mm_shuffle_epi8(ctr, bs32); + storeblock(out, ptxt ^ aes_ssse3_enc1(enc, ctr_be, nrounds)); + } + storeblock(authctr, auth); + storeblock(authctr + 16, ctr_be); +} + +void +aes_ssse3_ccm_dec1(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + const __m128i ctr32_inc = _mm_set_epi32(1, 0, 0, 0); + const __m128i bs32 = + _mm_set_epi32(0x0c0d0e0f, 0x08090a0b, 0x04050607, 0x00010203); + __m128i auth, ctr_be, ctr, ptxt; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + auth = loadblock(authctr); + ctr_be = loadblock(authctr + 16); + ctr = _mm_shuffle_epi8(ctr_be, bs32); + for (; nbytes; nbytes -= 16, in += 16, out += 16) { + ctr = _mm_add_epi32(ctr, ctr32_inc); + ctr_be = _mm_shuffle_epi8(ctr, bs32); + ptxt = loadblock(in) ^ aes_ssse3_enc1(enc, ctr_be, nrounds); + storeblock(out, ptxt); + auth = aes_ssse3_enc1(enc, auth ^ ptxt, nrounds); + } + storeblock(authctr, auth); + storeblock(authctr + 16, ctr_be); +} + int aes_ssse3_selftest(void) { Index: src/sys/crypto/aes/arch/x86/immintrin.h diff -u src/sys/crypto/aes/arch/x86/immintrin.h:1.2
CVS commit: src/sys/crypto/aes/arch/x86
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:29:56 UTC 2020 Modified Files: src/sys/crypto/aes/arch/x86: aes_sse2.h aes_sse2_impl.c aes_sse2_subr.c Log Message: Implement AES-CCM with SSE2. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/arch/x86/aes_sse2.h cvs rdiff -u -r1.4 -r1.5 src/sys/crypto/aes/arch/x86/aes_sse2_impl.c cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/arch/x86/aes_sse2_subr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/x86/aes_sse2.h diff -u src/sys/crypto/aes/arch/x86/aes_sse2.h:1.3 src/sys/crypto/aes/arch/x86/aes_sse2.h:1.4 --- src/sys/crypto/aes/arch/x86/aes_sse2.h:1.3 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/arch/x86/aes_sse2.h Sat Jul 25 22:29:56 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_sse2.h,v 1.3 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_sse2.h,v 1.4 2020/07/25 22:29:56 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -58,6 +58,12 @@ void aes_sse2_xts_enc(const struct aesen uint8_t[static 16], size_t nbytes, uint8_t[static 16], uint32_t); void aes_sse2_xts_dec(const struct aesdec *, const uint8_t[static 16], uint8_t[static 16], size_t nbytes, uint8_t[static 16], uint32_t); +void aes_sse2_cbcmac_update1(const struct aesenc *, const uint8_t[static 16], +size_t, uint8_t[static 16], uint32_t); +void aes_sse2_ccm_enc1(const struct aesenc *, const uint8_t[static 16], +uint8_t[static 16], size_t, uint8_t[static 32], uint32_t); +void aes_sse2_ccm_dec1(const struct aesenc *, const uint8_t[static 16], +uint8_t[static 16], size_t, uint8_t[static 32], uint32_t); int aes_sse2_selftest(void); Index: src/sys/crypto/aes/arch/x86/aes_sse2_impl.c diff -u src/sys/crypto/aes/arch/x86/aes_sse2_impl.c:1.4 src/sys/crypto/aes/arch/x86/aes_sse2_impl.c:1.5 --- src/sys/crypto/aes/arch/x86/aes_sse2_impl.c:1.4 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/arch/x86/aes_sse2_impl.c Sat Jul 25 22:29:56 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_sse2_impl.c,v 1.4 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_sse2_impl.c,v 1.5 2020/07/25 22:29:56 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_sse2_impl.c,v 1.4 2020/07/25 22:12:57 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_sse2_impl.c,v 1.5 2020/07/25 22:29:56 riastradh Exp $"); #include #include @@ -143,6 +143,39 @@ aes_sse2_xts_dec_impl(const struct aesde fpu_kern_leave(); } +static void +aes_sse2_cbcmac_update1_impl(const struct aesenc *enc, +const uint8_t in[static 16], size_t nbytes, uint8_t auth[static 16], +uint32_t nrounds) +{ + + fpu_kern_enter(); + aes_sse2_cbcmac_update1(enc, in, nbytes, auth, nrounds); + fpu_kern_leave(); +} + +static void +aes_sse2_ccm_enc1_impl(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + + fpu_kern_enter(); + aes_sse2_ccm_enc1(enc, in, out, nbytes, authctr, nrounds); + fpu_kern_leave(); +} + +static void +aes_sse2_ccm_dec1_impl(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + + fpu_kern_enter(); + aes_sse2_ccm_dec1(enc, in, out, nbytes, authctr, nrounds); + fpu_kern_leave(); +} + static int aes_sse2_probe(void) { @@ -182,4 +215,7 @@ struct aes_impl aes_sse2_impl = { .ai_cbc_dec = aes_sse2_cbc_dec_impl, .ai_xts_enc = aes_sse2_xts_enc_impl, .ai_xts_dec = aes_sse2_xts_dec_impl, + .ai_cbcmac_update1 = aes_sse2_cbcmac_update1_impl, + .ai_ccm_enc1 = aes_sse2_ccm_enc1_impl, + .ai_ccm_dec1 = aes_sse2_ccm_dec1_impl, }; Index: src/sys/crypto/aes/arch/x86/aes_sse2_subr.c diff -u src/sys/crypto/aes/arch/x86/aes_sse2_subr.c:1.2 src/sys/crypto/aes/arch/x86/aes_sse2_subr.c:1.3 --- src/sys/crypto/aes/arch/x86/aes_sse2_subr.c:1.2 Tue Jun 30 20:32:11 2020 +++ src/sys/crypto/aes/arch/x86/aes_sse2_subr.c Sat Jul 25 22:29:56 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_sse2_subr.c,v 1.2 2020/06/30 20:32:11 riastradh Exp $ */ +/* $NetBSD: aes_sse2_subr.c,v 1.3 2020/07/25 22:29:56 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_sse2_subr.c,v 1.2 2020/06/30 20:32:11 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_sse2_subr.c,v 1.3 2020/07/25 22:29:56 riastradh Exp $"); #ifdef _KERNEL #include @@ -518,6 +518,180 @@ out: /* Store the updated tweak. */ explicit_memset(t, 0, sizeof t); } +void +aes_sse2_cbcmac_update1(const struct aesenc *enc, const uint8_t in[static 16], +size_t nbytes, uint8_t auth[static 16], uint32_t nrounds) +{ + uint64_t sk_exp[120]; + __m128i q[4]; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + /* Expand
CVS commit: src/sys/crypto/aes/arch/x86
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:29:06 UTC 2020 Modified Files: src/sys/crypto/aes/arch/x86: aes_ni.c aes_ni.h aes_ni_64.S Log Message: Implement AES-CCM with x86 AES-NI. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/arch/x86/aes_ni.c \ src/sys/crypto/aes/arch/x86/aes_ni_64.S cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/arch/x86/aes_ni.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/x86/aes_ni.c diff -u src/sys/crypto/aes/arch/x86/aes_ni.c:1.3 src/sys/crypto/aes/arch/x86/aes_ni.c:1.4 --- src/sys/crypto/aes/arch/x86/aes_ni.c:1.3 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/arch/x86/aes_ni.c Sat Jul 25 22:29:06 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_ni.c,v 1.3 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_ni.c,v 1.4 2020/07/25 22:29:06 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_ni.c,v 1.3 2020/07/25 22:12:57 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_ni.c,v 1.4 2020/07/25 22:29:06 riastradh Exp $"); #ifdef _KERNEL #include @@ -204,6 +204,48 @@ aesni_xts_dec_impl(const struct aesdec * fpu_kern_leave(); } +static void +aesni_cbcmac_update1_impl(const struct aesenc *enc, +const uint8_t in[static 16], size_t nbytes, uint8_t auth[static 16], +uint32_t nrounds) +{ + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + fpu_kern_enter(); + aesni_cbcmac_update1(enc, in, nbytes, auth, nrounds); + fpu_kern_leave(); +} + +static void +aesni_ccm_enc1_impl(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + fpu_kern_enter(); + aesni_ccm_enc1(enc, in, out, nbytes, authctr, nrounds); + fpu_kern_leave(); +} + +static void +aesni_ccm_dec1_impl(const struct aesenc *enc, const uint8_t in[static 16], +uint8_t out[static 16], size_t nbytes, uint8_t authctr[static 32], +uint32_t nrounds) +{ + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + fpu_kern_enter(); + aesni_ccm_dec1(enc, in, out, nbytes, authctr, nrounds); + fpu_kern_leave(); +} + static int aesni_xts_update_selftest(void) { @@ -273,4 +315,7 @@ struct aes_impl aes_ni_impl = { .ai_cbc_dec = aesni_cbc_dec_impl, .ai_xts_enc = aesni_xts_enc_impl, .ai_xts_dec = aesni_xts_dec_impl, + .ai_cbcmac_update1 = aesni_cbcmac_update1_impl, + .ai_ccm_enc1 = aesni_ccm_enc1_impl, + .ai_ccm_dec1 = aesni_ccm_dec1_impl, }; Index: src/sys/crypto/aes/arch/x86/aes_ni_64.S diff -u src/sys/crypto/aes/arch/x86/aes_ni_64.S:1.3 src/sys/crypto/aes/arch/x86/aes_ni_64.S:1.4 --- src/sys/crypto/aes/arch/x86/aes_ni_64.S:1.3 Sat Jul 25 22:11:05 2020 +++ src/sys/crypto/aes/arch/x86/aes_ni_64.S Sat Jul 25 22:29:06 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_ni_64.S,v 1.3 2020/07/25 22:11:05 riastradh Exp $ */ +/* $NetBSD: aes_ni_64.S,v 1.4 2020/07/25 22:29:06 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -951,6 +951,142 @@ ENTRY(aesni_xts_update) END(aesni_xts_update) /* + * aesni_cbcmac_update1(const struct aesenc *enckey@rdi, const uint8_t *in@rsi, + * size_t nbytes@rdx, uint8_t auth[16] @rcx, uint32_t nrounds@r8d) + * + * Update CBC-MAC. + * + * nbytes must be a positive integral multiple of 16. + * + * Standard ABI calling convention. + */ +ENTRY(aesni_cbcmac_update1) + movdqu (%rcx),%xmm0 /* xmm0 := auth */ + mov %rdx,%r10 /* r10 := nbytes */ + mov %rcx,%rdx /* rdx := */ +1: pxor (%rsi),%xmm0 /* xmm0 ^= plaintext block */ + lea 0x10(%rsi),%rsi + mov %r8d,%ecx /* ecx := nrounds */ + call aesni_enc1 /* xmm0 := auth'; trash rax,rcx,xmm8 */ + sub $0x10,%r10 + jnz 1b + movdqu %xmm0,(%rdx) /* store auth' */ + ret +END(aesni_cbcmac_update1) + +/* + * aesni_ccm_enc1(const struct aesenc *enckey@rdi, const uint8_t *in@rsi, + * uint8_t *out@rdx, size_t nbytes@rcx, + * uint8_t authctr[32] @r8, uint32_t nrounds@r9d) + * + * Update CCM encryption. + * + * nbytes must be a positive integral multiple of 16. + * + * Standard ABI calling convention. + */ +ENTRY(aesni_ccm_enc1) + mov %rcx,%r10 /* r10 := nbytes */ + movdqu 0x10(%r8),%xmm2 /* xmm2 := ctr (be) */ + movdqa bswap32(%rip),%xmm4 /* xmm4 := bswap32 table */ + movdqa ctr32_inc(%rip),%xmm5 /* xmm5 := (0,0,0,1) (le) */ + movdqu (%r8),%xmm0 /* xmm0 := auth */ + pshufb %xmm4,%xmm2 /* xmm2 := ctr (le) */ +1: movdqu (%rsi),%xmm3 /* xmm3 := plaintext block */ + paddd %xmm5,%xmm2 /* increment ctr (32-bit) */ + lea 0x10(%rsi),%rsi + movdqa %xmm2,%xmm1 /* xmm1 := ctr (le) */ + mov %r9d,%ecx /* ecx := nrounds */ + pshufb %xmm4,%xmm1 /* xmm1 := ctr (be) */ + pxor %xmm3,%xmm0 /* xmm0 := auth ^ ptxt */ + call aesni_enc2 /* trash rax/rcx/xmm8 */ + pxor %xmm1,%xmm3 /* xmm3 := ciphertext block */ + sub
CVS commit: src/sys/crypto/aes
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:28:27 UTC 2020 Modified Files: src/sys/crypto/aes: aes_bear.c Log Message: Implement AES-CCM with BearSSL's bitsliced 32-bit aes_ct. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/aes_bear.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/aes_bear.c diff -u src/sys/crypto/aes/aes_bear.c:1.3 src/sys/crypto/aes/aes_bear.c:1.4 --- src/sys/crypto/aes/aes_bear.c:1.3 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/aes_bear.c Sat Jul 25 22:28:27 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_bear.c,v 1.3 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_bear.c,v 1.4 2020/07/25 22:28:27 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_bear.c,v 1.3 2020/07/25 22:12:57 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_bear.c,v 1.4 2020/07/25 22:28:27 riastradh Exp $"); #include #include @@ -597,6 +597,220 @@ out: /* Store the updated tweak. */ explicit_memset(q, 0, sizeof q); } +static void +aesbear_cbcmac_update1(const struct aesenc *enc, const uint8_t in[static 16], +size_t nbytes, uint8_t auth[static 16], uint32_t nrounds) +{ + uint32_t sk_exp[120]; + uint32_t q[8]; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + /* Expand round keys for bitslicing. */ + br_aes_ct_skey_expand(sk_exp, nrounds, enc->aese_aes.aes_rk); + + /* Initialize garbage block. */ + q[1] = q[3] = q[5] = q[7] = 0; + + /* Load initial authenticator. */ + q[2*0] = le32dec(auth + 4*0); + q[2*1] = le32dec(auth + 4*1); + q[2*2] = le32dec(auth + 4*2); + q[2*3] = le32dec(auth + 4*3); + + for (; nbytes; nbytes -= 16, in += 16) { + /* Combine input block. */ + q[2*0] ^= le32dec(in + 4*0); + q[2*1] ^= le32dec(in + 4*1); + q[2*2] ^= le32dec(in + 4*2); + q[2*3] ^= le32dec(in + 4*3); + + /* Transform to bitslice, encrypt, transform from bitslice. */ + br_aes_ct_ortho(q); + br_aes_ct_bitslice_encrypt(nrounds, sk_exp, q); + br_aes_ct_ortho(q); + } + + /* Store updated authenticator. */ + le32enc(auth + 4*0, q[2*0]); + le32enc(auth + 4*1, q[2*1]); + le32enc(auth + 4*2, q[2*2]); + le32enc(auth + 4*3, q[2*3]); + + /* Paranoia: Zero temporary buffers. */ + explicit_memset(sk_exp, 0, sizeof sk_exp); + explicit_memset(q, 0, sizeof q); +} + +static void +aesbear_ccm_enc1(const struct aesenc *enc, const uint8_t *in, uint8_t *out, +size_t nbytes, uint8_t authctr[32], uint32_t nrounds) +{ + uint32_t sk_exp[120]; + uint32_t q[8]; + uint32_t c0, c1, c2, c3; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + /* Expand round keys for bitslicing. */ + br_aes_ct_skey_expand(sk_exp, nrounds, enc->aese_aes.aes_rk); + + /* Set first block to authenticator. */ + q[2*0] = le32dec(authctr + 4*0); + q[2*1] = le32dec(authctr + 4*1); + q[2*2] = le32dec(authctr + 4*2); + q[2*3] = le32dec(authctr + 4*3); + + /* Load initial counter block, big-endian so we can increment it. */ + c0 = le32dec(authctr + 16 + 4*0); + c1 = le32dec(authctr + 16 + 4*1); + c2 = le32dec(authctr + 16 + 4*2); + c3 = be32dec(authctr + 16 + 4*3); + + for (; nbytes; nbytes -= 16, in += 16, out += 16) { + /* Update authenticator. */ + q[2*0] ^= le32dec(in + 4*0); + q[2*1] ^= le32dec(in + 4*1); + q[2*2] ^= le32dec(in + 4*2); + q[2*3] ^= le32dec(in + 4*3); + + /* Increment 32-bit counter. */ + q[2*0 + 1] = c0; + q[2*1 + 1] = c1; + q[2*2 + 1] = c2; + q[2*3 + 1] = bswap32(++c3); + + /* Encrypt authenticator and counter. */ + br_aes_ct_ortho(q); + br_aes_ct_bitslice_encrypt(nrounds, sk_exp, q); + br_aes_ct_ortho(q); + + /* Encrypt with CTR output. */ + le32enc(out + 4*0, le32dec(in + 4*0) ^ q[2*0 + 1]); + le32enc(out + 4*1, le32dec(in + 4*1) ^ q[2*1 + 1]); + le32enc(out + 4*2, le32dec(in + 4*2) ^ q[2*2 + 1]); + le32enc(out + 4*3, le32dec(in + 4*3) ^ q[2*3 + 1]); + } + + /* Update authenticator. */ + le32enc(authctr + 4*0, q[2*0]); + le32enc(authctr + 4*1, q[2*1]); + le32enc(authctr + 4*2, q[2*2]); + le32enc(authctr + 4*3, q[2*3]); + + /* Update counter. */ + be32enc(authctr + 16 + 4*3, c3); + + /* Paranoia: Zero temporary buffers. */ + explicit_memset(sk_exp, 0, sizeof sk_exp); + explicit_memset(q, 0, sizeof q); +} + +static void +aesbear_ccm_dec1(const struct aesenc *enc, const uint8_t *in, uint8_t *out, +size_t nbytes, uint8_t authctr[32], uint32_t nrounds) +{ + uint32_t sk_exp[120]; + uint32_t q[8]; + uint32_t c0, c1, c2, c3; + uint32_t b0, b1, b2, b3; + + KASSERT(nbytes); + KASSERT(nbytes % 16 == 0); + + /* Expand round keys for bitslicing. */ + br_aes_ct_skey_expand(sk_exp, nrounds, enc->aese_aes.aes_rk); + + /* Load initial counter block, big-endian so we can increment it. */ + c0 = le32dec(authctr + 16 + 4*0); + c1 = le32dec(authctr + 16 + 4*1); + c2 = le32dec(authctr + 16 + 4*2); + c3 = be32dec(authctr + 16 + 4*3); +
CVS commit: src/sys/crypto/aes
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:27:53 UTC 2020 Modified Files: src/sys/crypto/aes: aes_ccm.c aes_impl.c aes_impl.h aes_selftest.c Log Message: Push CBC-MAC and CCM block updates into the aes_impl API. This should help reduce the setup and teardown overhead (enabling and disabling fpu, or expanding bitsliced keys) for CCM, as used in 802.11 WPA2 CCMP. But all the fiddly formatting details remain in aes_ccm.c to reduce the effort of implementing it -- at the cost of a handful additional setups and teardowns per message. Not yet implemented by any of the aes_impls, so leave a fallback that just calls aes_enc for now. This should be removed when all of the aes_impls provide CBC-MAC and CCM block updates. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/sys/crypto/aes/aes_ccm.c \ src/sys/crypto/aes/aes_impl.h cvs rdiff -u -r1.5 -r1.6 src/sys/crypto/aes/aes_impl.c cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/aes_selftest.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/aes_ccm.c diff -u src/sys/crypto/aes/aes_ccm.c:1.1 src/sys/crypto/aes/aes_ccm.c:1.2 --- src/sys/crypto/aes/aes_ccm.c:1.1 Sat Jul 25 22:15:55 2020 +++ src/sys/crypto/aes/aes_ccm.c Sat Jul 25 22:27:53 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_ccm.c,v 1.1 2020/07/25 22:15:55 riastradh Exp $ */ +/* $NetBSD: aes_ccm.c,v 1.2 2020/07/25 22:27:53 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -35,7 +35,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_ccm.c,v 1.1 2020/07/25 22:15:55 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_ccm.c,v 1.2 2020/07/25 22:27:53 riastradh Exp $"); #include #include @@ -45,6 +45,7 @@ __KERNEL_RCSID(1, "$NetBSD: aes_ccm.c,v #include #include +#include static inline void xor(uint8_t *x, const uint8_t *a, const uint8_t *b, size_t n) @@ -54,13 +55,6 @@ xor(uint8_t *x, const uint8_t *a, const *x++ = *a++ ^ *b++; } -static inline void -xor16(uint8_t *x, const uint8_t *a, const uint8_t *b) -{ - - xor(x, a, b, 16); -} - /* RFC 3610, §2.2 Authentication */ #define CCM_AFLAGS_ADATA __BIT(6) #define CCM_AFLAGS_M __BITS(5,3) @@ -157,9 +151,10 @@ aes_ccm_init(struct aes_ccm *C, unsigned aes_enc(enc, C->auth, C->auth, C->nr); /* If there was anything more, process 16 bytes at a time. */ - for (; adlen >= 16; adp += 16, adlen -= 16) { - xor16(C->auth, C->auth, adp); - aes_enc(enc, C->auth, C->auth, C->nr); + if (adlen - (adlen % 16)) { + aes_cbcmac_update1(enc, adp, adlen - (adlen % 16), + C->auth, C->nr); + adlen %= 16; } /* @@ -217,15 +212,12 @@ aes_ccm_enc(struct aes_ccm *C, const voi } /* Process 16 bytes at a time. */ - for (; nbytes >= 16; p += 16, q += 16, nbytes -= 16) { - /* authenticate */ - xor16(C->auth, C->auth, p); - aes_enc(C->enc, C->auth, C->auth, C->nr); - - /* encrypt */ - aes_ccm_inc(C); - aes_enc(C->enc, C->in, C->out, C->nr); - xor16(q, C->out, p); + if (nbytes - (nbytes % 16)) { + aes_ccm_enc1(C->enc, p, q, nbytes - (nbytes % 16), C->auth, + C->nr); + p += nbytes - (nbytes % 16); + q += nbytes - (nbytes % 16); + nbytes %= 16; } /* Incorporate any <16-byte unit as a partial block. */ @@ -278,15 +270,12 @@ aes_ccm_dec(struct aes_ccm *C, const voi } /* Process 16 bytes at a time. */ - for (; nbytes >= 16; p += 16, q += 16, nbytes -= 16) { - /* decrypt */ - aes_ccm_inc(C); - aes_enc(C->enc, C->in, C->out, C->nr); - xor16(q, C->out, p); - - /* authenticate */ - xor16(C->auth, C->auth, q); - aes_enc(C->enc, C->auth, C->auth, C->nr); + if (nbytes - (nbytes % 16)) { + aes_ccm_dec1(C->enc, p, q, nbytes - (nbytes % 16), C->auth, + C->nr); + p += nbytes - (nbytes % 16); + q += nbytes - (nbytes % 16); + nbytes %= 16; } /* Incorporate any <16-byte unit as a partial block. */ Index: src/sys/crypto/aes/aes_impl.h diff -u src/sys/crypto/aes/aes_impl.h:1.1 src/sys/crypto/aes/aes_impl.h:1.2 --- src/sys/crypto/aes/aes_impl.h:1.1 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/aes_impl.h Sat Jul 25 22:27:53 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_impl.h,v 1.1 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_impl.h,v 1.2 2020/07/25 22:27:53 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -51,10 +51,27 @@ struct aes_impl { uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); void (*ai_xts_dec)(const struct aesdec *, const uint8_t[static 16], uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); + void (*ai_cbcmac_update1)(const struct aesenc *, + const uint8_t[static 16], size_t, uint8_t[static 16], + uint32_t); + void (*ai_ccm_enc1)(const struct aesenc *, + const uint8_t[static 16], uint8_t[static 16], + size_t, uint8_t[static 32], uint32_t); + void (*ai_ccm_dec1)(const struct aesenc *, + const
CVS commit: src/sys/net80211
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:27:05 UTC 2020 Modified Files: src/sys/net80211: ieee80211_crypto_ccmp.c Log Message: Convert malloc -> kmem. Switch order of members for better alignment. Sort includes. To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/sys/net80211/ieee80211_crypto_ccmp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net80211/ieee80211_crypto_ccmp.c diff -u src/sys/net80211/ieee80211_crypto_ccmp.c:1.16 src/sys/net80211/ieee80211_crypto_ccmp.c:1.17 --- src/sys/net80211/ieee80211_crypto_ccmp.c:1.16 Sat Jul 25 22:26:23 2020 +++ src/sys/net80211/ieee80211_crypto_ccmp.c Sat Jul 25 22:27:05 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: ieee80211_crypto_ccmp.c,v 1.16 2020/07/25 22:26:23 riastradh Exp $ */ +/* $NetBSD: ieee80211_crypto_ccmp.c,v 1.17 2020/07/25 22:27:05 riastradh Exp $ */ /* * Copyright (c) 2002-2005 Sam Leffler, Errno Consulting @@ -36,7 +36,7 @@ __FBSDID("$FreeBSD: src/sys/net80211/ieee80211_crypto_ccmp.c,v 1.7 2005/07/11 03:06:23 sam Exp $"); #endif #ifdef __NetBSD__ -__KERNEL_RCSID(0, "$NetBSD: ieee80211_crypto_ccmp.c,v 1.16 2020/07/25 22:26:23 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ieee80211_crypto_ccmp.c,v 1.17 2020/07/25 22:27:05 riastradh Exp $"); #endif /* @@ -47,10 +47,10 @@ __KERNEL_RCSID(0, "$NetBSD: ieee80211_cr * its license is included below. */ #include -#include -#include -#include #include +#include +#include +#include #include @@ -67,8 +67,8 @@ __KERNEL_RCSID(0, "$NetBSD: ieee80211_cr #define AES_BLOCK_LEN 16 struct ccmp_ctx { - struct ieee80211com *cc_ic; /* for diagnostics */ struct aesenc cc_aes; + struct ieee80211com *cc_ic; /* for diagnostics */ }; static void *ccmp_attach(struct ieee80211com *, struct ieee80211_key *); @@ -106,7 +106,7 @@ ccmp_attach(struct ieee80211com *ic, str { struct ccmp_ctx *ctx; - ctx = malloc(sizeof(struct ccmp_ctx), M_DEVBUF, M_NOWAIT | M_ZERO); + ctx = kmem_zalloc(sizeof(*ctx), KM_NOSLEEP); if (ctx == NULL) { ic->ic_stats.is_crypto_nomem++; return NULL; @@ -120,7 +120,7 @@ ccmp_detach(struct ieee80211_key *k) { struct ccmp_ctx *ctx = k->wk_private; - free(ctx, M_DEVBUF); + kmem_free(ctx, sizeof(*ctx)); } static int
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:26:23 UTC 2020 Modified Files: src/sys/conf: files src/sys/net80211: ieee80211_crypto_ccmp.c Log Message: Convert ieee80211_crypto_ccmp.c to new aes_ccm API. This will make it easier to provide better hardware acceleration without fpu enabling/disabling overhead for each block of data. To generate a diff of this commit: cvs rdiff -u -r1.1271 -r1.1272 src/sys/conf/files cvs rdiff -u -r1.15 -r1.16 src/sys/net80211/ieee80211_crypto_ccmp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/conf/files diff -u src/sys/conf/files:1.1271 src/sys/conf/files:1.1272 --- src/sys/conf/files:1.1271 Mon Jun 29 23:44:01 2020 +++ src/sys/conf/files Sat Jul 25 22:26:23 2020 @@ -1,4 +1,4 @@ -# $NetBSD: files,v 1.1271 2020/06/29 23:44:01 riastradh Exp $ +# $NetBSD: files,v 1.1272 2020/07/25 22:26:23 riastradh Exp $ # @(#)files.newconf 7.5 (Berkeley) 5/10/93 version 20171118 @@ -454,7 +454,7 @@ define arcnet define ether define ieee1394 define sppp -define wlan: rijndael +define wlan: aes define crypto # TPM Index: src/sys/net80211/ieee80211_crypto_ccmp.c diff -u src/sys/net80211/ieee80211_crypto_ccmp.c:1.15 src/sys/net80211/ieee80211_crypto_ccmp.c:1.16 --- src/sys/net80211/ieee80211_crypto_ccmp.c:1.15 Mon Sep 3 16:29:36 2018 +++ src/sys/net80211/ieee80211_crypto_ccmp.c Sat Jul 25 22:26:23 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: ieee80211_crypto_ccmp.c,v 1.15 2018/09/03 16:29:36 riastradh Exp $ */ +/* $NetBSD: ieee80211_crypto_ccmp.c,v 1.16 2020/07/25 22:26:23 riastradh Exp $ */ /* * Copyright (c) 2002-2005 Sam Leffler, Errno Consulting @@ -36,7 +36,7 @@ __FBSDID("$FreeBSD: src/sys/net80211/ieee80211_crypto_ccmp.c,v 1.7 2005/07/11 03:06:23 sam Exp $"); #endif #ifdef __NetBSD__ -__KERNEL_RCSID(0, "$NetBSD: ieee80211_crypto_ccmp.c,v 1.15 2018/09/03 16:29:36 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ieee80211_crypto_ccmp.c,v 1.16 2020/07/25 22:26:23 riastradh Exp $"); #endif /* @@ -60,13 +60,15 @@ __KERNEL_RCSID(0, "$NetBSD: ieee80211_cr #include -#include +#include +#include +#include #define AES_BLOCK_LEN 16 struct ccmp_ctx { struct ieee80211com *cc_ic; /* for diagnostics */ - rijndael_ctx cc_aes; + struct aesenc cc_aes; }; static void *ccmp_attach(struct ieee80211com *, struct ieee80211_key *); @@ -133,7 +135,7 @@ ccmp_setkey(struct ieee80211_key *k) return 0; } if (k->wk_flags & IEEE80211_KEY_SWCRYPT) - rijndael_set_key(>cc_aes, k->wk_key, k->wk_keylen*NBBY); + aes_setenckey128(>cc_aes, k->wk_key); return 1; } @@ -287,261 +289,100 @@ xor_block(uint8_t *b, const uint8_t *a, */ static void -ccmp_init_blocks(rijndael_ctx *ctx, struct ieee80211_frame *wh, - u_int64_t pn, size_t dlen, - uint8_t b0[AES_BLOCK_LEN], uint8_t aad[2 * AES_BLOCK_LEN], - uint8_t auth[AES_BLOCK_LEN], uint8_t s0[AES_BLOCK_LEN]) +ccmp_init_blocks(struct aesenc *ctx, struct ieee80211_frame *wh, +u_int64_t pn, size_t data_len, struct aes_ccm *aes_ccm) { + uint8_t nonce[13]; + uint8_t ad[32]; + uint8_t qos; + size_t adlen; + #define IS_4ADDRESS(wh) \ ((wh->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) #define IS_QOS_DATA(wh) ieee80211_has_qos(wh) - /* CCM Initial Block: - * Flag (Include authentication header, M=3 (8-octet MIC), - * L=1 (2-octet Dlen)) - * Nonce: 0x00 | A2 | PN - * Dlen */ - b0[0] = 0x59; - /* NB: b0[1] set below */ - IEEE80211_ADDR_COPY(b0 + 2, wh->i_addr2); - b0[8] = pn >> 40; - b0[9] = pn >> 32; - b0[10] = pn >> 24; - b0[11] = pn >> 16; - b0[12] = pn >> 8; - b0[13] = pn >> 0; - b0[14] = (dlen >> 8) & 0xff; - b0[15] = dlen & 0xff; - - /* AAD: - * FC with bits 4..6 and 11..13 masked to zero; 14 is always one - * A1 | A2 | A3 - * SC with bits 4..15 (seq#) masked to zero - * A4 (if present) - * QC (if present) - */ - aad[0] = 0; /* AAD length >> 8 */ - /* NB: aad[1] set below */ - aad[2] = wh->i_fc[0] & 0x8f; /* XXX magic #s */ - aad[3] = wh->i_fc[1] & 0xc7; /* XXX magic #s */ + /* nonce[0] is qos, determined later */ + IEEE80211_ADDR_COPY(nonce + 1, wh->i_addr2); + nonce[7] = pn >> 40; + nonce[8] = pn >> 32; + nonce[9] = pn >> 24; + nonce[10] = pn >> 16; + nonce[11] = pn >> 8; + nonce[12] = pn >> 0; + + ad[0] = wh->i_fc[0] & 0x8f; /* XXX magic #s */ + ad[1] = wh->i_fc[1] & 0xc7; /* XXX magic #s */ /* NB: we know 3 addresses are contiguous */ - memcpy(aad + 4, wh->i_addr1, 3 * IEEE80211_ADDR_LEN); - aad[22] = wh->i_seq[0] & IEEE80211_SEQ_FRAG_MASK; - aad[23] = 0; /* all bits masked */ + memcpy(ad + 2, wh->i_addr1, 3 * IEEE80211_ADDR_LEN); + ad[20] = wh->i_seq[0] & IEEE80211_SEQ_FRAG_MASK; + ad[21] = 0; /* all bits masked */ + /* * Construct variable-length portion of AAD based * on whether this is a 4-address frame/QOS frame. - * We always zero-pad to 32 bytes before running it - * through the cipher. * * We also fill in the
CVS commit: src/sys/arch/sh3/include
Module Name:src Committed By: uwe Date: Sat Jul 25 22:26:59 UTC 2020 Added Files: src/sys/arch/sh3/include: pmb.h Log Message: Definitions for ST40 Privileged Mapping Buffer. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/sys/arch/sh3/include/pmb.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/sys/arch/sh3/include/pmb.h diff -u /dev/null src/sys/arch/sh3/include/pmb.h:1.1 --- /dev/null Sat Jul 25 22:26:59 2020 +++ src/sys/arch/sh3/include/pmb.h Sat Jul 25 22:26:59 2020 @@ -0,0 +1,80 @@ +/* $NetBSD: pmb.h,v 1.1 2020/07/25 22:26:59 uwe Exp $ */ +/* + * Copyright (c) 2020 Valery Ushakov + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _SH3_PMB_H_ +#define _SH3_PMB_H_ +/* + * ST40 Privileged Mapping Buffer (PMB) + * + * Original SuperH can handle only 29-bit external memory space. + * "The physical address space is permanently mapped onto 29-bit + * external memory space." See . + * + * ST40-200, ST40-300 and ST40-500 have "space enhanced" SE mode where + * the mapping from the physical address space P1 and P2 segments to + * the 32-bit external memory space is defined via 16-entry PMB. + */ + + +/* on ST40-200 and ST40-500 SE bit is in MMUCR */ +#define ST40_MMUCR_SE 0x0010 + + +/* Physical address space control register (ST4-300) */ +#define ST40_PMB_PASCR 0xff70 +#define ST40_PASCR_UB_MASK 0x000f +#define ST40_PASCR_SE 0x8000 + + +/* Memory-mapped PMB */ +#define ST40_PMB_ENTRY 16 + +#define ST40_PMB_E_MASK 0x0f00 +#define ST40_PMB_E_SHIFT 8 + + +/* PMB Address Array */ +#define ST40_PMB_AA 0xf610 +#define ST40_PMB_AA_V 0x0100 +#define ST40_PMB_AA_VPN_MASK 0xff00 +#define ST40_PMB_AA_VPN_SHIFT 24 + + +/* PMB Data Array */ +#define ST40_PMB_DA 0xf710 +#define ST40_PMB_DA_WT 0x0001 +#define ST40_PMB_DA_C 0x0008 +#define ST40_PMB_DA_UB 0x0200 +#define ST40_PMB_DA_SZ_MASK 0x0090 +#define ST40_PMB_DA_SZ_16M 0x +#define ST40_PMB_DA_SZ_64M 0x0010 +#define ST40_PMB_DA_SZ_128M 0x0080 +#define ST40_PMB_DA_SZ_512M 0x0090 +#define ST40_PMB_DA_V 0x0100 +#define ST40_PMB_DA_PPN_MASK 0xff00 +#define ST40_PMB_DA_PPN_SHIFT 24 + +#endif /* !_SH3_PMB_H_ */
CVS commit: src/sys/crypto/aes
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:15:55 UTC 2020 Modified Files: src/sys/crypto/aes: files.aes Added Files: src/sys/crypto/aes: aes_ccm.c aes_ccm.h aes_ccm_mbuf.c aes_ccm_mbuf.h Log Message: New aes_ccm API. Intended for use in net80211 for WPA2 CCMP. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/sys/crypto/aes/aes_ccm.c \ src/sys/crypto/aes/aes_ccm.h src/sys/crypto/aes/aes_ccm_mbuf.c \ src/sys/crypto/aes/aes_ccm_mbuf.h cvs rdiff -u -r1.1 -r1.2 src/sys/crypto/aes/files.aes Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/files.aes diff -u src/sys/crypto/aes/files.aes:1.1 src/sys/crypto/aes/files.aes:1.2 --- src/sys/crypto/aes/files.aes:1.1 Mon Jun 29 23:27:52 2020 +++ src/sys/crypto/aes/files.aes Sat Jul 25 22:15:55 2020 @@ -1,9 +1,11 @@ -# $NetBSD: files.aes,v 1.1 2020/06/29 23:27:52 riastradh Exp $ +# $NetBSD: files.aes,v 1.2 2020/07/25 22:15:55 riastradh Exp $ define aes define rijndael: aes # legacy Rijndael API file crypto/aes/aes_bear.c aes +file crypto/aes/aes_ccm.c aes +file crypto/aes/aes_ccm_mbuf.c aes file crypto/aes/aes_ct.c aes file crypto/aes/aes_ct_dec.c aes file crypto/aes/aes_ct_enc.c aes Added files: Index: src/sys/crypto/aes/aes_ccm.c diff -u /dev/null src/sys/crypto/aes/aes_ccm.c:1.1 --- /dev/null Sat Jul 25 22:15:55 2020 +++ src/sys/crypto/aes/aes_ccm.c Sat Jul 25 22:15:55 2020 @@ -0,0 +1,619 @@ +/* $NetBSD: aes_ccm.c,v 1.1 2020/07/25 22:15:55 riastradh Exp $ */ + +/*- + * Copyright (c) 2020 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * AES-CCM, as defined in: + * + * D. Whiting, R. Housley, and N. Ferguson, `Counter with CBC-MAC + * (CCM)', IETF RFC 3610, September 2003. + * https://tools.ietf.org/html/rfc3610 + */ + +#include +__KERNEL_RCSID(1, "$NetBSD: aes_ccm.c,v 1.1 2020/07/25 22:15:55 riastradh Exp $"); + +#include +#include +#include + +#include + +#include +#include + +static inline void +xor(uint8_t *x, const uint8_t *a, const uint8_t *b, size_t n) +{ + + while (n --> 0) + *x++ = *a++ ^ *b++; +} + +static inline void +xor16(uint8_t *x, const uint8_t *a, const uint8_t *b) +{ + + xor(x, a, b, 16); +} + +/* RFC 3610, §2.2 Authentication */ +#define CCM_AFLAGS_ADATA __BIT(6) +#define CCM_AFLAGS_M __BITS(5,3) +#define CCM_AFLAGS_L __BITS(2,0) + +/* RFC 3610, §2.3 Encryption */ +#define CCM_EFLAGS_L __BITS(2,0) + +static void +aes_ccm_inc(struct aes_ccm *C) +{ + + KASSERT(C->L == 2); + if (++C->in[15] == 0 && ++C->in[14] == 0) + panic("AES-CCM overflow"); +} + +static void +aes_ccm_zero_ctr(struct aes_ccm *C) +{ + + KASSERT(C->L == 2); + C->in[14] = C->in[15] = 0; +} + +void +aes_ccm_init(struct aes_ccm *C, unsigned nr, const struct aesenc *enc, +unsigned L, unsigned M, +const uint8_t *nonce, unsigned noncelen, const void *ad, size_t adlen, +size_t mlen) +{ + const uint8_t *adp = ad; + unsigned i; + + KASSERT(L == 2); + KASSERT(M % 2 == 0); + KASSERT(M >= 4); + KASSERT(M <= 16); + KASSERT(noncelen == 15 - L); + + C->enc = enc; + C->nr = nr; + C->L = L; + C->M = M; + C->mlen = C->mleft = mlen; + + /* Encode B0, the initial authenticated data block. */ + C->auth[0] = __SHIFTIN(adlen == 0 ? 0 : 1, CCM_AFLAGS_ADATA); + C->auth[0] |= __SHIFTIN((M - 2)/2, CCM_AFLAGS_M); + C->auth[0] |= __SHIFTIN(L - 1, CCM_AFLAGS_L); + memcpy(C->auth + 1, nonce, noncelen); + for (i = 0; i < L; i++, mlen >>= 8) { + KASSERT(i < 16 - 1 - noncelen); + C->auth[16 - i - 1] = mlen & 0xff; + } + aes_enc(enc, C->auth, C->auth, C->nr); + + /*
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:14:35 UTC 2020 Modified Files: src/sys/crypto/aes: aes.h aes_impl.c aes_rijndael.c src/sys/dev: cgd_crypto.c src/sys/uvm: uvm_swap.c Added Files: src/sys/crypto/aes: aes_cbc.h aes_xts.h Log Message: Split aes_cbc_* and aes_xts_* into their own header files. aes.h will remain just for key setup; any particular construction using AES can have its own header file so we can have many of them without rebuilding everything AES-related whenever one of them changes. (Planning to add AES-CCM and AES-GCM too.) To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/aes.h cvs rdiff -u -r0 -r1.1 src/sys/crypto/aes/aes_cbc.h \ src/sys/crypto/aes/aes_xts.h cvs rdiff -u -r1.4 -r1.5 src/sys/crypto/aes/aes_impl.c cvs rdiff -u -r1.1 -r1.2 src/sys/crypto/aes/aes_rijndael.c cvs rdiff -u -r1.26 -r1.27 src/sys/dev/cgd_crypto.c cvs rdiff -u -r1.197 -r1.198 src/sys/uvm/uvm_swap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/aes.h diff -u src/sys/crypto/aes/aes.h:1.3 src/sys/crypto/aes/aes.h:1.4 --- src/sys/crypto/aes/aes.h:1.3 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/aes.h Sat Jul 25 22:14:35 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes.h,v 1.3 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes.h,v 1.4 2020/07/25 22:14:35 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -66,14 +66,4 @@ void aes_enc(const struct aesenc *, cons void aes_dec(const struct aesdec *, const uint8_t[static 16], uint8_t[static 16], uint32_t); -void aes_cbc_enc(struct aesenc *, const uint8_t[static 16], - uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); -void aes_cbc_dec(struct aesdec *, const uint8_t[static 16], - uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); - -void aes_xts_enc(struct aesenc *, const uint8_t[static 16], - uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); -void aes_xts_dec(struct aesdec *, const uint8_t[static 16], - uint8_t[static 16], size_t, uint8_t[static 16], uint32_t); - #endif /* _CRYPTO_AES_AES_H */ Index: src/sys/crypto/aes/aes_impl.c diff -u src/sys/crypto/aes/aes_impl.c:1.4 src/sys/crypto/aes/aes_impl.c:1.5 --- src/sys/crypto/aes/aes_impl.c:1.4 Sat Jul 25 22:12:57 2020 +++ src/sys/crypto/aes/aes_impl.c Sat Jul 25 22:14:35 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_impl.c,v 1.4 2020/07/25 22:12:57 riastradh Exp $ */ +/* $NetBSD: aes_impl.c,v 1.5 2020/07/25 22:14:35 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_impl.c,v 1.4 2020/07/25 22:12:57 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_impl.c,v 1.5 2020/07/25 22:14:35 riastradh Exp $"); #include #include @@ -37,8 +37,10 @@ __KERNEL_RCSID(1, "$NetBSD: aes_impl.c,v #include #include +#include #include /* default implementation */ #include +#include static int aes_selftest_stdkeysched(void); Index: src/sys/crypto/aes/aes_rijndael.c diff -u src/sys/crypto/aes/aes_rijndael.c:1.1 src/sys/crypto/aes/aes_rijndael.c:1.2 --- src/sys/crypto/aes/aes_rijndael.c:1.1 Mon Jun 29 23:27:52 2020 +++ src/sys/crypto/aes/aes_rijndael.c Sat Jul 25 22:14:35 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_rijndael.c,v 1.1 2020/06/29 23:27:52 riastradh Exp $ */ +/* $NetBSD: aes_rijndael.c,v 1.2 2020/07/25 22:14:35 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -44,12 +44,14 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aes_rijndael.c,v 1.1 2020/06/29 23:27:52 riastradh Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aes_rijndael.c,v 1.2 2020/07/25 22:14:35 riastradh Exp $"); #include #include #include +#include +#include #include #include #include Index: src/sys/dev/cgd_crypto.c diff -u src/sys/dev/cgd_crypto.c:1.26 src/sys/dev/cgd_crypto.c:1.27 --- src/sys/dev/cgd_crypto.c:1.26 Mon Jun 29 23:44:01 2020 +++ src/sys/dev/cgd_crypto.c Sat Jul 25 22:14:35 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: cgd_crypto.c,v 1.26 2020/06/29 23:44:01 riastradh Exp $ */ +/* $NetBSD: cgd_crypto.c,v 1.27 2020/07/25 22:14:35 riastradh Exp $ */ /*- * Copyright (c) 2002 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: cgd_crypto.c,v 1.26 2020/06/29 23:44:01 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: cgd_crypto.c,v 1.27 2020/07/25 22:14:35 riastradh Exp $"); #include #include @@ -47,6 +47,8 @@ __KERNEL_RCSID(0, "$NetBSD: cgd_crypto.c #include #include +#include +#include #include #include Index: src/sys/uvm/uvm_swap.c diff -u src/sys/uvm/uvm_swap.c:1.197 src/sys/uvm/uvm_swap.c:1.198 --- src/sys/uvm/uvm_swap.c:1.197 Thu Jul 9 05:57:15 2020 +++ src/sys/uvm/uvm_swap.c Sat Jul 25 22:14:35 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: uvm_swap.c,v 1.197 2020/07/09 05:57:15 skrll
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:12:57 UTC 2020 Modified Files: src/sys/arch/aarch64/aarch64: cpu.c src/sys/arch/arm/vfp: vfp_init.c src/sys/arch/x86/x86: identcpu.c src/sys/crypto/aes: aes.h aes_bear.c aes_impl.c aes_selftest.c src/sys/crypto/aes/arch/arm: aes_armv8.c aes_armv8.h aes_neon.h aes_neon_impl.c src/sys/crypto/aes/arch/x86: aes_ni.c aes_ni.h aes_sse2.h aes_sse2_impl.c aes_ssse3.h aes_ssse3_impl.c aes_via.c aes_via.h Added Files: src/sys/crypto/aes: aes_impl.h Log Message: Split aes_impl declarations out into aes_impl.h. This will make it less painful to add more operations to struct aes_impl without having to recompile everything that just uses the block cipher directly or similar. To generate a diff of this commit: cvs rdiff -u -r1.52 -r1.53 src/sys/arch/aarch64/aarch64/cpu.c cvs rdiff -u -r1.68 -r1.69 src/sys/arch/arm/vfp/vfp_init.c cvs rdiff -u -r1.113 -r1.114 src/sys/arch/x86/x86/identcpu.c cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/aes.h \ src/sys/crypto/aes/aes_bear.c src/sys/crypto/aes/aes_selftest.c cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/aes_impl.c cvs rdiff -u -r0 -r1.1 src/sys/crypto/aes/aes_impl.h cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/arch/arm/aes_armv8.c cvs rdiff -u -r1.1 -r1.2 src/sys/crypto/aes/arch/arm/aes_armv8.h \ src/sys/crypto/aes/arch/arm/aes_neon.h cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/arch/arm/aes_neon_impl.c cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/arch/x86/aes_ni.c \ src/sys/crypto/aes/arch/x86/aes_sse2.h \ src/sys/crypto/aes/arch/x86/aes_ssse3_impl.c cvs rdiff -u -r1.1 -r1.2 src/sys/crypto/aes/arch/x86/aes_ni.h \ src/sys/crypto/aes/arch/x86/aes_ssse3.h \ src/sys/crypto/aes/arch/x86/aes_via.h cvs rdiff -u -r1.3 -r1.4 src/sys/crypto/aes/arch/x86/aes_sse2_impl.c \ src/sys/crypto/aes/arch/x86/aes_via.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/aarch64/aarch64/cpu.c diff -u src/sys/arch/aarch64/aarch64/cpu.c:1.52 src/sys/arch/aarch64/aarch64/cpu.c:1.53 --- src/sys/arch/aarch64/aarch64/cpu.c:1.52 Wed Jul 1 08:01:07 2020 +++ src/sys/arch/aarch64/aarch64/cpu.c Sat Jul 25 22:12:56 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: cpu.c,v 1.52 2020/07/01 08:01:07 ryo Exp $ */ +/* $NetBSD: cpu.c,v 1.53 2020/07/25 22:12:56 riastradh Exp $ */ /* * Copyright (c) 2017 Ryo Shimizu @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: cpu.c,v 1.52 2020/07/01 08:01:07 ryo Exp $"); +__KERNEL_RCSID(1, "$NetBSD: cpu.c,v 1.53 2020/07/25 22:12:56 riastradh Exp $"); #include "locators.h" #include "opt_arm_debug.h" @@ -44,6 +44,7 @@ __KERNEL_RCSID(1, "$NetBSD: cpu.c,v 1.52 #include #include +#include #include #include Index: src/sys/arch/arm/vfp/vfp_init.c diff -u src/sys/arch/arm/vfp/vfp_init.c:1.68 src/sys/arch/arm/vfp/vfp_init.c:1.69 --- src/sys/arch/arm/vfp/vfp_init.c:1.68 Mon Jul 13 16:54:03 2020 +++ src/sys/arch/arm/vfp/vfp_init.c Sat Jul 25 22:12:56 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: vfp_init.c,v 1.68 2020/07/13 16:54:03 riastradh Exp $ */ +/* $NetBSD: vfp_init.c,v 1.69 2020/07/25 22:12:56 riastradh Exp $ */ /* * Copyright (c) 2008 ARM Ltd @@ -32,7 +32,7 @@ #include "opt_cputypes.h" #include -__KERNEL_RCSID(0, "$NetBSD: vfp_init.c,v 1.68 2020/07/13 16:54:03 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vfp_init.c,v 1.69 2020/07/25 22:12:56 riastradh Exp $"); #include #include @@ -50,7 +50,7 @@ __KERNEL_RCSID(0, "$NetBSD: vfp_init.c,v #include /* for pmap.h */ -#include +#include #include #ifdef FPU_VFP Index: src/sys/arch/x86/x86/identcpu.c diff -u src/sys/arch/x86/x86/identcpu.c:1.113 src/sys/arch/x86/x86/identcpu.c:1.114 --- src/sys/arch/x86/x86/identcpu.c:1.113 Mon Jul 20 16:45:41 2020 +++ src/sys/arch/x86/x86/identcpu.c Sat Jul 25 22:12:56 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: identcpu.c,v 1.113 2020/07/20 16:45:41 riastradh Exp $ */ +/* $NetBSD: identcpu.c,v 1.114 2020/07/25 22:12:56 riastradh Exp $ */ /*- * Copyright (c) 1999, 2000, 2001, 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: identcpu.c,v 1.113 2020/07/20 16:45:41 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: identcpu.c,v 1.114 2020/07/25 22:12:56 riastradh Exp $"); #include "opt_xen.h" @@ -39,6 +39,7 @@ __KERNEL_RCSID(0, "$NetBSD: identcpu.c,v #include #include +#include #include #include #include Index: src/sys/crypto/aes/aes.h diff -u src/sys/crypto/aes/aes.h:1.2 src/sys/crypto/aes/aes.h:1.3 --- src/sys/crypto/aes/aes.h:1.2 Mon Jun 29 23:47:54 2020 +++ src/sys/crypto/aes/aes.h Sat Jul 25 22:12:57 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes.h,v 1.2 2020/06/29 23:47:54 riastradh Exp $ */ +/* $NetBSD: aes.h,v 1.3 2020/07/25 22:12:57 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation,
CVS commit: src/sys/crypto/aes/arch/x86
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:11:05 UTC 2020 Modified Files: src/sys/crypto/aes/arch/x86: aes_ni_64.S Log Message: Invert some loops to save a jmp instruction on each iteration. No semantic change intended. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/sys/crypto/aes/arch/x86/aes_ni_64.S Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/crypto/aes/arch/x86/aes_ni_64.S diff -u src/sys/crypto/aes/arch/x86/aes_ni_64.S:1.2 src/sys/crypto/aes/arch/x86/aes_ni_64.S:1.3 --- src/sys/crypto/aes/arch/x86/aes_ni_64.S:1.2 Tue Jun 30 21:41:04 2020 +++ src/sys/crypto/aes/arch/x86/aes_ni_64.S Sat Jul 25 22:11:05 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: aes_ni_64.S,v 1.2 2020/06/30 21:41:04 riastradh Exp $ */ +/* $NetBSD: aes_ni_64.S,v 1.3 2020/07/25 22:11:05 riastradh Exp $ */ /*- * Copyright (c) 2020 The NetBSD Foundation, Inc. @@ -522,14 +522,14 @@ ENTRY(aesni_enctodec) shl $4,%edx /* rdx := byte offset of last round key */ movdqa (%rdi,%rdx),%xmm0 /* load last round key */ movdqa %xmm0,(%rsi) /* store last round key verbatim */ -1: sub $0x10,%rdx /* advance to next round key */ - lea 0x10(%rsi),%rsi - jz 2f /* stop if this is the last one */ - movdqa (%rdi,%rdx),%xmm0 /* load round key */ + jmp 2f +1: movdqa (%rdi,%rdx),%xmm0 /* load round key */ aesimc %xmm0,%xmm0 /* convert encryption to decryption */ movdqa %xmm0,(%rsi) /* store round key */ - jmp 1b -2: movdqa (%rdi),%xmm0 /* load first round key */ +2: sub $0x10,%rdx /* advance to next round key */ + lea 0x10(%rsi),%rsi + jnz 1b /* repeat if more rounds */ + movdqa (%rdi),%xmm0 /* load first round key */ movdqa %xmm0,(%rsi) /* store first round key verbatim */ ret END(aesni_enctodec) @@ -614,16 +614,16 @@ ENTRY(aesni_cbc_dec1) mov %rcx,%r10 /* r10 := nbytes */ movdqu -0x10(%rsi,%r10),%xmm0 /* xmm0 := last ciphertext block */ movdqu %xmm0,(%r8) /* update iv */ -1: mov %r9d,%ecx /* ecx := nrounds */ - call aesni_dec1 /* xmm0 := cv ^ ptxt */ - sub $0x10,%r10 - jz 2f /* first block if r10 is now zero */ - movdqu -0x10(%rsi,%r10),%xmm8 /* xmm8 := chaining value */ + jmp 2f +1: movdqu -0x10(%rsi,%r10),%xmm8 /* xmm8 := chaining value */ pxor %xmm8,%xmm0 /* xmm0 := ptxt */ movdqu %xmm0,(%rdx,%r10) /* store plaintext block */ movdqa %xmm8,%xmm0 /* move cv = ciphertext block */ - jmp 1b -2: pxor (%rsp),%xmm0 /* xmm0 := ptxt */ +2: mov %r9d,%ecx /* ecx := nrounds */ + call aesni_dec1 /* xmm0 := cv ^ ptxt */ + sub $0x10,%r10 + jnz 1b /* repeat if more blocks */ + pxor (%rsp),%xmm0 /* xmm0 := ptxt */ movdqu %xmm0,(%rdx) /* store first plaintext block */ leave ret @@ -649,7 +649,11 @@ ENTRY(aesni_cbc_dec8) mov %rcx,%r10 /* r10 := nbytes */ movdqu -0x10(%rsi,%r10),%xmm7 /* xmm7 := ciphertext block[n-1] */ movdqu %xmm7,(%r8) /* update iv */ -1: movdqu -0x20(%rsi,%r10),%xmm6 /* xmm6 := ciphertext block[n-2] */ + jmp 2f +1: movdqu -0x10(%rsi,%r10),%xmm7 /* xmm7 := cv[0] */ + pxor %xmm7,%xmm0 /* xmm0 := ptxt[0] */ + movdqu %xmm0,(%rdx,%r10) /* store plaintext block */ +2: movdqu -0x20(%rsi,%r10),%xmm6 /* xmm6 := ciphertext block[n-2] */ movdqu -0x30(%rsi,%r10),%xmm5 /* xmm5 := ciphertext block[n-3] */ movdqu -0x40(%rsi,%r10),%xmm4 /* xmm4 := ciphertext block[n-4] */ movdqu -0x50(%rsi,%r10),%xmm3 /* xmm3 := ciphertext block[n-5] */ @@ -680,12 +684,8 @@ ENTRY(aesni_cbc_dec8) movdqu %xmm2,-0x60(%rdx,%r10) movdqu %xmm1,-0x70(%rdx,%r10) sub $0x80,%r10 - jz 2f /* first block if r10 is now zero */ - movdqu -0x10(%rsi,%r10),%xmm7 /* xmm7 := cv[0] */ - pxor %xmm7,%xmm0 /* xmm0 := ptxt[0] */ - movdqu %xmm0,(%rdx,%r10) /* store plaintext block */ - jmp 1b -2: pxor (%rsp),%xmm0 /* xmm0 := ptxt[0] */ + jnz 1b /* repeat if more blocks */ + pxor (%rsp),%xmm0 /* xmm0 := ptxt[0] */ movdqu %xmm0,(%rdx) /* store first plaintext block */ leave ret @@ -966,12 +966,12 @@ aesni_enc1: shl $4,%ecx /* ecx := total byte size of round keys */ lea 0x10(%rdi,%rcx),%rax /* rax := end of round key array */ neg %rcx /* rcx := byte offset of round key from end */ -1: movdqa (%rax,%rcx),%xmm8 /* load round key */ + jmp 2f +1: aesenc %xmm8,%xmm0 +2: movdqa (%rax,%rcx),%xmm8 /* load round key */ add $0x10,%rcx - jz 2f /* stop if this is the last one */ - aesenc %xmm8,%xmm0 - jmp 1b -2: aesenclast %xmm8,%xmm0 + jnz 1b /* repeat if more rounds */ + aesenclast %xmm8,%xmm0 ret END(aesni_enc1) @@ -999,10 +999,8 @@ aesni_enc8: shl $4,%ecx /* ecx := total byte size of round keys */ lea 0x10(%rdi,%rcx),%rax /* rax := end of round key array */ neg %rcx /* rcx := byte offset of round key from end */ -1: movdqa (%rax,%rcx),%xmm8 /* load round key */ - add $0x10,%rcx - jz 2f /* stop if this is the last one */ - aesenc %xmm8,%xmm0 + jmp 2f +1: aesenc %xmm8,%xmm0 aesenc %xmm8,%xmm1 aesenc %xmm8,%xmm2 aesenc %xmm8,%xmm3 @@ -1010,8 +1008,10 @@
CVS commit: src/sys/arch/x86/x86
Module Name:src Committed By: riastradh Date: Sat Jul 25 22:10:34 UTC 2020 Modified Files: src/sys/arch/x86/x86: cpu_rng.c Log Message: Tweak VIA CPU RNG. - Cite source for documentation. - Omit needless kpreempt_disable/enable. - Explain what's going on. - Use "D"(out) rather than "+D"(out) -- no REP so no register update. - Fix interpretation of number of bytes returned. The last one is likely to address [ 4.0518619] aes: VIA ACE [ 11.7018582] cpu_rng via: failed repetition test [ 12.4718583] entropy: ready reported by Andrius V. To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/sys/arch/x86/x86/cpu_rng.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/x86/cpu_rng.c diff -u src/sys/arch/x86/x86/cpu_rng.c:1.17 src/sys/arch/x86/x86/cpu_rng.c:1.18 --- src/sys/arch/x86/x86/cpu_rng.c:1.17 Mon Jun 15 01:24:20 2020 +++ src/sys/arch/x86/x86/cpu_rng.c Sat Jul 25 22:10:34 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: cpu_rng.c,v 1.17 2020/06/15 01:24:20 riastradh Exp $ */ +/* $NetBSD: cpu_rng.c,v 1.18 2020/07/25 22:10:34 riastradh Exp $ */ /*- * Copyright (c) 2015 The NetBSD Foundation, Inc. @@ -30,9 +30,9 @@ */ /* - * The VIA RNG code in this file is inspired by Jason Wright and - * Theo de Raadt's OpenBSD version but has been rewritten in light of - * comments from Henric Jungheim on the t...@openbsd.org mailing list. + * For reference on VIA XSTORERNG, see the VIA PadLock Programming + * Guide (`VIA PPG'), August 4, 2005. + * http://linux.via.com.tw/support/beginDownload.action?eleid=181=261 * * For reference on Intel RDRAND/RDSEED, see the Intel Digital Random * Number Generator Software Implementation Guide (`Intel DRNG SIG'), @@ -183,48 +183,53 @@ cpu_rng_rdseed_rdrand(uint64_t *out) return n; } +/* + * VIA PPG says EAX[4:0] is nbytes, but the only documented numbers of + * bytes are 0,1,2,4,8 -- and there's only 8 bytes of output buffer + * anyway, so let's ignore bit 4 and treat it like EAX[3:0] instead. + */ +#define VIA_RNG_STATUS_NBYTES __BITS(3,0) +#define VIA_RNG_STATUS_MSR110B __BITS(31,5) + static size_t cpu_rng_via(uint64_t *out) { u_long psl; - uint32_t creg0, rndsts; + uint32_t cr0, status, nbytes; /* - * Sadly, we have to monkey with the coprocessor enable and fault - * registers, which are really for the FPU, in order to read - * from the RNG. - * - * Don't remove CR0_TS from the call below -- comments in the Linux - * driver indicate that the xstorerng instruction can generate - * spurious DNA faults though no FPU or SIMD state is changed - * even if such a fault is generated. - * - * XXX can this really happen if we don't use "rep xstorrng"? + * The XSTORE instruction is handled by the SSE unit, which + * requires the CR0 TS and CR0 EM bits to be clear. We disable + * all processor interrupts so there is no danger of any + * interrupt handler changing CR0 while we work -- although + * really, software splvm or fpu_kern_enter/leave should be + * enough (but we'll do that in a separate change for the + * benefit of bisection in case I'm wrong). */ - kpreempt_disable(); psl = x86_read_psl(); x86_disable_intr(); - creg0 = rcr0(); - lcr0(creg0 & ~(CR0_EM|CR0_TS)); /* Permit access to SIMD/FPU path */ - /* - * The VIA RNG has an output queue of 8-byte values. Read one. - * This is atomic, so if the FPU were already enabled, we could skip - * all the preemption and interrupt frobbing. If we had bread, - * we could have a ham sandwich, if we had any ham. - */ - __asm __volatile("xstorerng" - : "=a" (rndsts), "+D" (out) : "d" (0) : "memory"); - /* Put CR0 back how it was */ - lcr0(creg0); + cr0 = rcr0(); + lcr0(cr0 & ~(CR0_EM|CR0_TS)); + + /* Read up to eight bytes out of the buffer. */ + asm volatile("xstorerng" + : "=a"(status) + : "D"(out), "d"(0) /* EDX[1:0]=00 -> wait for 8 bytes or fail */ + : "memory"); + + /* Restore CR0 and interrupts. */ + lcr0(cr0); x86_write_psl(psl); - kpreempt_enable(); + + /* Get the number of bytes stored. (Should always be 8 or 0.) */ + nbytes = __SHIFTOUT(status, VIA_RNG_STATUS_NBYTES); /* * The Cryptography Research paper on the VIA RNG estimates * 0.75 bits of entropy per output bit and advises users to * be "even more conservative". */ - return (rndsts & 0xf) ? 0 : sizeof(uint64_t) * NBBY/2; + return nbytes * NBBY/2; } static size_t
CVS commit: src/lib/libc/posix1e
Module Name:src Committed By: christos Date: Sat Jul 25 21:53:34 UTC 2020 Modified Files: src/lib/libc/posix1e: Makefile.inc Removed Files: src/lib/libc/posix1e: extattr.c Log Message: remove duplicate, noted by chuq (this was never used). perhaps either move extattr.c from generic here, or move the man page extattr.3 in gen? To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/lib/libc/posix1e/Makefile.inc cvs rdiff -u -r1.1 -r0 src/lib/libc/posix1e/extattr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/posix1e/Makefile.inc diff -u src/lib/libc/posix1e/Makefile.inc:1.1 src/lib/libc/posix1e/Makefile.inc:1.2 --- src/lib/libc/posix1e/Makefile.inc:1.1 Sat May 16 14:31:47 2020 +++ src/lib/libc/posix1e/Makefile.inc Sat Jul 25 17:53:34 2020 @@ -25,7 +25,6 @@ SRCS+= acl_branding.c \ acl_to_text.c \ acl_to_text_nfs4.c \ acl_valid.c \ - extattr.c \ subr_acl_nfs4.c MAN+= acl.3\
CVS commit: src/distrib/sets/lists/tests
Module Name:src Committed By: rillig Date: Sat Jul 25 21:23:09 UTC 2020 Modified Files: src/distrib/sets/lists/tests: mi Log Message: make(1): add newly added unit tests To generate a diff of this commit: cvs rdiff -u -r1.874 -r1.875 src/distrib/sets/lists/tests/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/tests/mi diff -u src/distrib/sets/lists/tests/mi:1.874 src/distrib/sets/lists/tests/mi:1.875 --- src/distrib/sets/lists/tests/mi:1.874 Fri Jul 17 15:34:17 2020 +++ src/distrib/sets/lists/tests/mi Sat Jul 25 21:23:09 2020 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.874 2020/07/17 15:34:17 kamil Exp $ +# $NetBSD: mi,v 1.875 2020/07/25 21:23:09 rillig Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -4533,6 +4533,8 @@ ./usr/tests/usr.bin/make/unit-tests/doterror.mk tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/dotwait.exp tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/dotwait.mk tests-usr.bin-tests compattestfile,atf +./usr/tests/usr.bin/make/unit-tests/envfirst.exp tests-usr.bin-tests compattestfile,atf +./usr/tests/usr.bin/make/unit-tests/envfirst.mk tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/error.exp tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/error.mk tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/escape.exp tests-usr.bin-tests compattestfile,atf @@ -4593,6 +4595,10 @@ ./usr/tests/usr.bin/make/unit-tests/unexport.mk tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/varcmd.exp tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/varcmd.mk tests-usr.bin-tests compattestfile,atf +./usr/tests/usr.bin/make/unit-tests/vardebug.exp tests-usr.bin-tests compattestfile,atf +./usr/tests/usr.bin/make/unit-tests/vardebug.mk tests-usr.bin-tests compattestfile,atf +./usr/tests/usr.bin/make/unit-tests/varfind.exp tests-usr.bin-tests compattestfile,atf +./usr/tests/usr.bin/make/unit-tests/varfind.mk tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/varmisc.exp tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/varmisc.mk tests-usr.bin-tests compattestfile,atf ./usr/tests/usr.bin/make/unit-tests/varmod-edge.exp tests-usr.bin-tests compattestfile,atf
CVS commit: src/usr.bin/make/unit-tests
Module Name:src Committed By: rillig Date: Sat Jul 25 21:19:29 UTC 2020 Modified Files: src/usr.bin/make/unit-tests: Makefile Added Files: src/usr.bin/make/unit-tests: envfirst.exp envfirst.mk vardebug.exp vardebug.mk varfind.exp varfind.mk Log Message: make(1): add tests for previously uncovered code To generate a diff of this commit: cvs rdiff -u -r1.63 -r1.64 src/usr.bin/make/unit-tests/Makefile cvs rdiff -u -r0 -r1.1 src/usr.bin/make/unit-tests/envfirst.exp \ src/usr.bin/make/unit-tests/envfirst.mk \ src/usr.bin/make/unit-tests/vardebug.exp \ src/usr.bin/make/unit-tests/vardebug.mk \ src/usr.bin/make/unit-tests/varfind.exp \ src/usr.bin/make/unit-tests/varfind.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/make/unit-tests/Makefile diff -u src/usr.bin/make/unit-tests/Makefile:1.63 src/usr.bin/make/unit-tests/Makefile:1.64 --- src/usr.bin/make/unit-tests/Makefile:1.63 Thu Jul 9 22:40:14 2020 +++ src/usr.bin/make/unit-tests/Makefile Sat Jul 25 21:19:29 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.63 2020/07/09 22:40:14 sjg Exp $ +# $NetBSD: Makefile,v 1.64 2020/07/25 21:19:29 rillig Exp $ # # Unit tests for make(1) # @@ -38,6 +38,7 @@ TESTS+= cond2 TESTS+= dollar TESTS+= doterror TESTS+= dotwait +TESTS+= envfirst TESTS+= error TESTS+= # escape # broken by reverting POSIX changes TESTS+= export @@ -67,20 +68,30 @@ TESTS+= ternary TESTS+= unexport TESTS+= unexport-env TESTS+= varcmd +TESTS+= vardebug +TESTS+= varfind TESTS+= varmisc TESTS+= varmod-edge TESTS+= varquote TESTS+= varshell -# Override make flags for certain tests; default is -k. +# Override environment variables for some of the tests. +ENV.envfirst= FROM_ENV=value-from-env + +# Override make flags for some of the tests; default is -k. FLAGS.doterror= # none FLAGS.order= -j1 +FLAGS.envfirst= -e +FLAGS.vardebug= -k -dv FROM_CMDLINE= # Some tests need extra post-processing. SED_CMDS.modmisc+= -e 's,\(substitution error:\).*,\1 (details omitted),' SED_CMDS.varshell+= -e 's,^[a-z]*sh: ,,' SED_CMDS.varshell+= -e '/command/s,No such.*,not found,' +# Some tests need an additional round of postprocessing. +POSTPROC.vardebug= ${TOOL_SED} -n -e '/:RELEVANT = yes/,/:RELEVANT = no/p' + # End of the configuration section. .MAIN: all @@ -114,10 +125,14 @@ LANG= C # the tests are actually done with sub-makes. .SUFFIXES: .mk .rawout .out .mk.rawout: - @echo ${TEST_MAKE} ${FLAGS.${.TARGET:R}:U-k} -f ${.IMPSRC} - -@cd ${.OBJDIR} && \ - { ${TEST_MAKE} ${FLAGS.${.TARGET:R}:U-k} -f ${.IMPSRC} \ - 2>&1 ; echo $$? >${.TARGET:R}.status ; } > ${.TARGET}.tmp + @echo testing ${.IMPSRC} + @set -eu; \ + cd ${.OBJDIR}; \ + ${ENV.${.TARGET:R}} ${TEST_MAKE} \ + ${FLAGS.${.TARGET:R}:U-k} -f ${.IMPSRC} \ + > ${.TARGET}.tmp 2>&1 \ + && status=$$? || status=$$?; \ + echo $$status > ${.TARGET:R}.status @mv ${.TARGET}.tmp ${.TARGET} # Post-process the test output so that the results can be compared. @@ -134,9 +149,11 @@ _SED_CMDS+= -e 's,${UNIT_TESTS:S,.,\\.,g .rawout.out: @echo postprocess ${.TARGET} @${TOOL_SED} ${_SED_CMDS} ${SED_CMDS.${.TARGET:R}} \ - < ${.IMPSRC} > ${.TARGET}.tmp - @echo "exit status `cat ${.TARGET:R}.status`" >> ${.TARGET}.tmp - @mv ${.TARGET}.tmp ${.TARGET} + < ${.IMPSRC} > ${.TARGET}.tmp1 + @${POSTPROC.${.TARGET:R}:U${TOOL_SED}} < ${.TARGET}.tmp1 > ${.TARGET}.tmp2 + @rm ${.TARGET}.tmp1 + @echo "exit status `cat ${.TARGET:R}.status`" >> ${.TARGET}.tmp2 + @mv ${.TARGET}.tmp2 ${.TARGET} # Compare all output files test: ${OUTFILES} .PHONY Added files: Index: src/usr.bin/make/unit-tests/envfirst.exp diff -u /dev/null src/usr.bin/make/unit-tests/envfirst.exp:1.1 --- /dev/null Sat Jul 25 21:19:29 2020 +++ src/usr.bin/make/unit-tests/envfirst.exp Sat Jul 25 21:19:29 2020 @@ -0,0 +1 @@ +exit status 0 Index: src/usr.bin/make/unit-tests/envfirst.mk diff -u /dev/null src/usr.bin/make/unit-tests/envfirst.mk:1.1 --- /dev/null Sat Jul 25 21:19:29 2020 +++ src/usr.bin/make/unit-tests/envfirst.mk Sat Jul 25 21:19:29 2020 @@ -0,0 +1,35 @@ +# $NetBSD: envfirst.mk,v 1.1 2020/07/25 21:19:29 rillig Exp $ +# +# The -e option makes environment variables stronger than global variables. + +.if ${FROM_ENV} != value-from-env +.error ${FROM_ENV} +.endif + +# Try to override the variable; this does not have any effect. +FROM_ENV= value-from-mk +.if ${FROM_ENV} != value-from-env +.error ${FROM_ENV} +.endif + +# Try to append to the variable; this also doesn't have any effect. +FROM_ENV+= appended +.if ${FROM_ENV} != value-from-env +.error ${FROM_ENV} +.endif + +# The default assignment also cannot change the variable. +FROM_ENV?= default +.if ${FROM_ENV} != value-from-env +.error ${FROM_ENV} +.endif + +# Neither can the assignment modifiers. +.if ${FROM_ENV::=from-condition} +.endif +.if ${FROM_ENV} != value-from-env +.error
CVS commit: src/usr.bin/make
Module Name:src Committed By: rillig Date: Sat Jul 25 21:00:48 UTC 2020 Modified Files: src/usr.bin/make: Makefile Log Message: make(1): make it easy to run gcov on the code There seems to be no gcov support in share/mk yes, but it's still good to have, especially for a complex program like make(1). To generate a diff of this commit: cvs rdiff -u -r1.72 -r1.73 src/usr.bin/make/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/make/Makefile diff -u src/usr.bin/make/Makefile:1.72 src/usr.bin/make/Makefile:1.73 --- src/usr.bin/make/Makefile:1.72 Sat Jul 25 20:50:00 2020 +++ src/usr.bin/make/Makefile Sat Jul 25 21:00:48 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.72 2020/07/25 20:50:00 rillig Exp $ +# $NetBSD: Makefile,v 1.73 2020/07/25 21:00:48 rillig Exp $ # @(#)Makefile 5.2 (Berkeley) 12/28/90 PROG= make @@ -11,6 +11,13 @@ SRCS+= lstFind.c lstFindFrom.c lstFirst. SRCS+= lstInit.c lstInsert.c lstIsAtEnd.c lstIsEmpty.c lstLast.c lstMember.c SRCS+= lstNext.c lstOpen.c lstPrev.c lstRemove.c lstReplace.c lstSucc.c +USE_COVERAGE?= no # works only with gcc; clang9 fails to link +.if ${USE_COVERAGE} == "yes" +COPTS= --coverage -O0 -ggdb +LDADD= --coverage +CLEANFILES+= ${SRCS:.c=.gcda} ${SRCS:.c=.gcno} ${SRCS:=.gcov} +.endif + USE_META?= yes .if ${USE_META:tl} != "no" @@ -64,5 +71,12 @@ COPTS.meta.c+= ${GCC_NO_FORMAT_TRUNCATIO COPTS.parse.c+= ${GCC_NO_FORMAT_TRUNCATION} # A simple unit-test driver to help catch regressions -accept test: .MAKE - cd ${.CURDIR}/unit-tests && MAKEFLAGS= ${.MAKE} -r -m / TEST_MAKE=${TEST_MAKE:U${.OBJDIR}/${PROG:T}} ${.TARGET} +test: .MAKE + cd ${.CURDIR}/unit-tests \ + && MAKEFLAGS= ${.MAKE} -r -m / TEST_MAKE=${TEST_MAKE:U${.OBJDIR}/${PROG:T}} ${.TARGET} +.if ${USE_COVERAGE} == yes + gcov ${SRCS} +.endif + +accept: .MAKE + cd ${.CURDIR}/unit-tests && ${.MAKE} ${.TARGET}
CVS commit: src/usr.bin/make
Module Name:src Committed By: rillig Date: Sat Jul 25 20:50:00 UTC 2020 Modified Files: src/usr.bin/make: Makefile Log Message: make(1): indent Makefile directives like in pkgsrc This makes it easier to see the corresponding .if/.endif, even without comments. To generate a diff of this commit: cvs rdiff -u -r1.71 -r1.72 src/usr.bin/make/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/make/Makefile diff -u src/usr.bin/make/Makefile:1.71 src/usr.bin/make/Makefile:1.72 --- src/usr.bin/make/Makefile:1.71 Sat Jul 25 20:44:50 2020 +++ src/usr.bin/make/Makefile Sat Jul 25 20:50:00 2020 @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.71 2020/07/25 20:44:50 rillig Exp $ +# $NetBSD: Makefile,v 1.72 2020/07/25 20:50:00 rillig Exp $ # @(#)Makefile 5.2 (Berkeley) 12/28/90 PROG= make SRCS= arch.c buf.c compat.c cond.c dir.c for.c hash.c job.c main.c SRCS+= make.c make_malloc.c metachar.c parse.c -SRCS+= str.c strlist.c suff.c targ.c trace.c var.c util.c +SRCS+= str.c strlist.c suff.c targ.c trace.c var.c util.c SRCS+= lstAppend.c lstAtEnd.c lstAtFront.c lstClose.c lstConcat.c SRCS+= lstDatum.c lstDeQueue.c lstDestroy.c lstDupl.c lstEnQueue.c SRCS+= lstFind.c lstFindFrom.c lstFirst.c lstForEach.c lstForEachFrom.c @@ -18,22 +18,22 @@ SRCS+= meta.c CPPFLAGS+= -DUSE_META USE_FILEMON?= ktrace -.if ${USE_FILEMON:tl} != "no" +. if ${USE_FILEMON:tl} != "no" .PATH: ${.CURDIR}/filemon SRCS+= filemon_${USE_FILEMON}.c CPPFLAGS+= -DUSE_FILEMON CPPFLAGS+= -DUSE_FILEMON_${USE_FILEMON:tu} -.if ${USE_FILEMON} == "dev" +.if ${USE_FILEMON} == "dev" FILEMON_H?= /usr/include/dev/filemon/filemon.h -.if exists(${FILEMON_H}) && ${FILEMON_H:T} == "filemon.h" +. if exists(${FILEMON_H}) && ${FILEMON_H:T} == "filemon.h" COPTS.filemon_dev.c+= \ -DHAVE_FILEMON_H -I${FILEMON_H:H} +. endif +.endif +. endif .endif -.endif# USE_FILEMON == dev -.endif# USE_FILEMON -.endif# USE_META .PATH: ${.CURDIR}/lst.lib SUBDIR.roff+= PSD.doc @@ -50,7 +50,7 @@ COPTS.job.c+= -Wno-format-nonliteral COPTS.parse.c+= -Wno-format-nonliteral COPTS.var.c+= -Wno-format-nonliteral -.ifdef TOOLDIR +.if defined(TOOLDIR) # This is a native NetBSD build, use libutil rather than the local emalloc etc. CPPFLAGS+= -DUSE_EMALLOC LDADD+= -lutil
CVS commit: src/usr.bin/make
Module Name:src Committed By: rillig Date: Sat Jul 25 20:44:50 UTC 2020 Modified Files: src/usr.bin/make: Makefile Log Message: make(1): format Makefile consistently To generate a diff of this commit: cvs rdiff -u -r1.70 -r1.71 src/usr.bin/make/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/make/Makefile diff -u src/usr.bin/make/Makefile:1.70 src/usr.bin/make/Makefile:1.71 --- src/usr.bin/make/Makefile:1.70 Sat Jul 25 20:41:58 2020 +++ src/usr.bin/make/Makefile Sat Jul 25 20:44:50 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.70 2020/07/25 20:41:58 rillig Exp $ +# $NetBSD: Makefile,v 1.71 2020/07/25 20:44:50 rillig Exp $ # @(#)Makefile 5.2 (Berkeley) 12/28/90 PROG= make @@ -11,51 +11,50 @@ SRCS+= lstFind.c lstFindFrom.c lstFirst. SRCS+= lstInit.c lstInsert.c lstIsAtEnd.c lstIsEmpty.c lstLast.c lstMember.c SRCS+= lstNext.c lstOpen.c lstPrev.c lstRemove.c lstReplace.c lstSucc.c -USE_META ?= yes +USE_META?= yes .if ${USE_META:tl} != "no" -SRCS+= meta.c -CPPFLAGS+= -DUSE_META +SRCS+= meta.c +CPPFLAGS+= -DUSE_META -USE_FILEMON ?= ktrace +USE_FILEMON?= ktrace .if ${USE_FILEMON:tl} != "no" .PATH: ${.CURDIR}/filemon -SRCS+= filemon_${USE_FILEMON}.c -CPPFLAGS+= -DUSE_FILEMON -DUSE_FILEMON_${USE_FILEMON:tu} +SRCS+= filemon_${USE_FILEMON}.c +CPPFLAGS+= -DUSE_FILEMON +CPPFLAGS+= -DUSE_FILEMON_${USE_FILEMON:tu} .if ${USE_FILEMON} == "dev" -FILEMON_H ?= /usr/include/dev/filemon/filemon.h +FILEMON_H?= /usr/include/dev/filemon/filemon.h .if exists(${FILEMON_H}) && ${FILEMON_H:T} == "filemon.h" -COPTS.filemon_dev.c += -DHAVE_FILEMON_H -I${FILEMON_H:H} +COPTS.filemon_dev.c+= \ + -DHAVE_FILEMON_H -I${FILEMON_H:H} .endif .endif# USE_FILEMON == dev - .endif# USE_FILEMON - .endif# USE_META .PATH: ${.CURDIR}/lst.lib SUBDIR.roff+= PSD.doc .if make(obj) || make(clean) -SUBDIR+= unit-tests +SUBDIR+= unit-tests .endif .include .include -CPPFLAGS+= -DMAKE_NATIVE -COPTS.var.c += -Wno-cast-qual -COPTS.job.c += -Wno-format-nonliteral -COPTS.parse.c += -Wno-format-nonliteral -COPTS.var.c += -Wno-format-nonliteral +CPPFLAGS+= -DMAKE_NATIVE +COPTS.var.c+= -Wno-cast-qual +COPTS.job.c+= -Wno-format-nonliteral +COPTS.parse.c+= -Wno-format-nonliteral +COPTS.var.c+= -Wno-format-nonliteral .ifdef TOOLDIR -# this is a native netbsd build, -# use libutil rather than the local emalloc etc. -CPPFLAGS+= -DUSE_EMALLOC -LDADD+=-lutil -DPADD+=${LIBUTIL} +# This is a native NetBSD build, use libutil rather than the local emalloc etc. +CPPFLAGS+= -DUSE_EMALLOC +LDADD+= -lutil +DPADD+= ${LIBUTIL} .endif COPTS.arch.c+= ${GCC_NO_FORMAT_TRUNCATION}
CVS commit: src/usr.bin/make
Module Name:src Committed By: rillig Date: Sat Jul 25 20:41:58 UTC 2020 Modified Files: src/usr.bin/make: Makefile Log Message: make(1): regroup source files To generate a diff of this commit: cvs rdiff -u -r1.69 -r1.70 src/usr.bin/make/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/make/Makefile diff -u src/usr.bin/make/Makefile:1.69 src/usr.bin/make/Makefile:1.70 --- src/usr.bin/make/Makefile:1.69 Thu Feb 6 01:13:19 2020 +++ src/usr.bin/make/Makefile Sat Jul 25 20:41:58 2020 @@ -1,17 +1,15 @@ -# $NetBSD: Makefile,v 1.69 2020/02/06 01:13:19 sjg Exp $ +# $NetBSD: Makefile,v 1.70 2020/07/25 20:41:58 rillig Exp $ # @(#)Makefile 5.2 (Berkeley) 12/28/90 PROG= make -SRCS= arch.c buf.c compat.c cond.c dir.c for.c hash.c job.c main.c \ - make.c metachar.c parse.c str.c suff.c targ.c trace.c var.c util.c -SRCS+= strlist.c -SRCS+= make_malloc.c -SRCS+= lstAppend.c lstAtEnd.c lstAtFront.c lstClose.c lstConcat.c \ - lstDatum.c lstDeQueue.c lstDestroy.c lstDupl.c lstEnQueue.c \ - lstFind.c lstFindFrom.c lstFirst.c lstForEach.c lstForEachFrom.c \ - lstInit.c lstInsert.c lstIsAtEnd.c lstIsEmpty.c lstLast.c \ - lstMember.c lstNext.c lstOpen.c lstRemove.c lstReplace.c lstSucc.c -SRCS += lstPrev.c +SRCS= arch.c buf.c compat.c cond.c dir.c for.c hash.c job.c main.c +SRCS+= make.c make_malloc.c metachar.c parse.c +SRCS+= str.c strlist.c suff.c targ.c trace.c var.c util.c +SRCS+= lstAppend.c lstAtEnd.c lstAtFront.c lstClose.c lstConcat.c +SRCS+= lstDatum.c lstDeQueue.c lstDestroy.c lstDupl.c lstEnQueue.c +SRCS+= lstFind.c lstFindFrom.c lstFirst.c lstForEach.c lstForEachFrom.c +SRCS+= lstInit.c lstInsert.c lstIsAtEnd.c lstIsEmpty.c lstLast.c lstMember.c +SRCS+= lstNext.c lstOpen.c lstPrev.c lstRemove.c lstReplace.c lstSucc.c USE_META ?= yes .if ${USE_META:tl} != "no"
CVS commit: src/usr.bin/make/unit-tests
Module Name:src Committed By: rillig Date: Sat Jul 25 20:37:46 UTC 2020 Modified Files: src/usr.bin/make/unit-tests: cond-late.exp cond-late.mk Log Message: make(1): add test for undefined (or empty) variable in :? modifier To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/usr.bin/make/unit-tests/cond-late.exp cvs rdiff -u -r1.1 -r1.2 src/usr.bin/make/unit-tests/cond-late.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/make/unit-tests/cond-late.exp diff -u src/usr.bin/make/unit-tests/cond-late.exp:1.2 src/usr.bin/make/unit-tests/cond-late.exp:1.3 --- src/usr.bin/make/unit-tests/cond-late.exp:1.2 Fri May 1 16:26:41 2020 +++ src/usr.bin/make/unit-tests/cond-late.exp Sat Jul 25 20:37:46 2020 @@ -1,3 +1,4 @@ +make: Bad conditional expression ` != "no"' in != "no"?: yes no exit status 0 Index: src/usr.bin/make/unit-tests/cond-late.mk diff -u src/usr.bin/make/unit-tests/cond-late.mk:1.1 src/usr.bin/make/unit-tests/cond-late.mk:1.2 --- src/usr.bin/make/unit-tests/cond-late.mk:1.1 Wed Apr 29 23:15:21 2020 +++ src/usr.bin/make/unit-tests/cond-late.mk Sat Jul 25 20:37:46 2020 @@ -1,4 +1,4 @@ -# $NetBSD: cond-late.mk,v 1.1 2020/04/29 23:15:21 rillig Exp $ +# $NetBSD: cond-late.mk,v 1.2 2020/07/25 20:37:46 rillig Exp $ # # Using the :? modifier, variable expressions can contain conditional # expressions that are evaluated late. Any variables appearing in these @@ -15,9 +15,15 @@ # and then expand the variables, the output would change from the # current "yes no" to "yes yes", since both variables are non-empty. +all: cond-literal + COND.true= "yes" == "yes" COND.false= "yes" != "yes" -all: +cond-literal: @echo ${ ${COND.true} :?yes:no} @echo ${ ${COND.false} :?yes:no} + +VAR+= ${${UNDEF} != "no":?:} +.if empty(VAR:Mpattern) +.endif
CVS commit: src/usr.bin/make/unit-tests
Module Name:src Committed By: rillig Date: Sat Jul 25 20:35:35 UTC 2020 Modified Files: src/usr.bin/make/unit-tests: modmisc.exp modmisc.mk Log Message: make(1): add test for brk_string with more than 50 words To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/usr.bin/make/unit-tests/modmisc.exp cvs rdiff -u -r1.21 -r1.22 src/usr.bin/make/unit-tests/modmisc.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/make/unit-tests/modmisc.exp diff -u src/usr.bin/make/unit-tests/modmisc.exp:1.27 src/usr.bin/make/unit-tests/modmisc.exp:1.28 --- src/usr.bin/make/unit-tests/modmisc.exp:1.27 Thu Jul 23 19:49:39 2020 +++ src/usr.bin/make/unit-tests/modmisc.exp Sat Jul 25 20:35:35 2020 @@ -90,4 +90,5 @@ mod-tu-space: A B mod-Q: new line +mod-break-many-words: 500 exit status 0 Index: src/usr.bin/make/unit-tests/modmisc.mk diff -u src/usr.bin/make/unit-tests/modmisc.mk:1.21 src/usr.bin/make/unit-tests/modmisc.mk:1.22 --- src/usr.bin/make/unit-tests/modmisc.mk:1.21 Thu Jul 23 19:46:55 2020 +++ src/usr.bin/make/unit-tests/modmisc.mk Sat Jul 25 20:35:35 2020 @@ -1,4 +1,4 @@ -# $Id: modmisc.mk,v 1.21 2020/07/23 19:46:55 rillig Exp $ +# $Id: modmisc.mk,v 1.22 2020/07/25 20:35:35 rillig Exp $ # # miscellaneous modifier tests @@ -24,6 +24,7 @@ all: mod-assign all: mod-assign-nested all: mod-tu-space all: mod-Q +all: mod-break-many-words modsysv: @echo "The answer is ${libfoo.a:L:libfoo.a=42}" @@ -183,3 +184,7 @@ mod-tu-space: mod-Q: @echo $@: new${.newline:Q}${.newline:Q}line + +# Cover the bmake_realloc in brk_string. +mod-break-many-words: + @echo $@: ${UNDEF:U:range=500:[#]}