svn commit: r362519 - head/sys/dev/cxgbe/crypto

Mon, 22 Jun 2020 16:42:03 -0700 

Author: jhb
Date: Mon Jun 22 23:41:33 2020
New Revision: 362519
URL: https://svnweb.freebsd.org/changeset/base/362519

Log:
  Add support for requests with separate AAD to ccr(4).
  
  Sponsored by: Chelsio Communications
  Differential Revision:        https://reviews.freebsd.org/D25290

Modified:
  head/sys/dev/cxgbe/crypto/t4_crypto.c

Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c
==============================================================================
--- head/sys/dev/cxgbe/crypto/t4_crypto.c       Mon Jun 22 23:22:13 2020        
(r362518)
+++ head/sys/dev/cxgbe/crypto/t4_crypto.c       Mon Jun 22 23:41:33 2020        
(r362519)
@@ -387,7 +387,6 @@ ccr_write_ulptx_sgl(struct ccr_softc *sc, void *dst, i
                usgl->sge[i / 2].addr[i & 1] = htobe64(ss->ss_paddr);
                ss++;
        }
-       
 }
 
 static bool
@@ -919,8 +918,13 @@ ccr_eta(struct ccr_softc *sc, struct ccr_session *s, s
                imm_len = 0;
                sglist_reset(sc->sg_ulptx);
                if (crp->crp_aad_length != 0) {
-                       error = sglist_append_sglist(sc->sg_ulptx, sc->sg_input,
-                           crp->crp_aad_start, crp->crp_aad_length);
+                       if (crp->crp_aad != NULL)
+                               error = sglist_append(sc->sg_ulptx,
+                                   crp->crp_aad, crp->crp_aad_length);
+                       else
+                               error = sglist_append_sglist(sc->sg_ulptx,
+                                   sc->sg_input, crp->crp_aad_start,
+                                   crp->crp_aad_length);
                        if (error)
                                return (error);
                }
@@ -938,11 +942,7 @@ ccr_eta(struct ccr_softc *sc, struct ccr_session *s, s
                sgl_len = ccr_ulptx_sgl_len(sgl_nsegs);
        }
 
-       /*
-        * Any auth-only data before the cipher region is marked as AAD.
-        * Auth-data that overlaps with the cipher region is placed in
-        * the auth section.
-        */
+       /* Any AAD comes after the IV. */
        if (crp->crp_aad_length != 0) {
                aad_start = iv_len + 1;
                aad_stop = aad_start + crp->crp_aad_length - 1;
@@ -1054,8 +1054,11 @@ ccr_eta(struct ccr_softc *sc, struct ccr_session *s, s
        dst += iv_len;
        if (imm_len != 0) {
                if (crp->crp_aad_length != 0) {
-                       crypto_copydata(crp, crp->crp_aad_start,
-                           crp->crp_aad_length, dst);
+                       if (crp->crp_aad != NULL)
+                               memcpy(dst, crp->crp_aad, crp->crp_aad_length);
+                       else
+                               crypto_copydata(crp, crp->crp_aad_start,
+                                   crp->crp_aad_length, dst);
                        dst += crp->crp_aad_length;
                }
                crypto_copydata(crp, crp->crp_payload_start,
@@ -1224,8 +1227,13 @@ ccr_gcm(struct ccr_softc *sc, struct ccr_session *s, s
                imm_len = 0;
                sglist_reset(sc->sg_ulptx);
                if (crp->crp_aad_length != 0) {
-                       error = sglist_append_sglist(sc->sg_ulptx, sc->sg_input,
-                           crp->crp_aad_start, crp->crp_aad_length);
+                       if (crp->crp_aad != NULL)
+                               error = sglist_append(sc->sg_ulptx,
+                                   crp->crp_aad, crp->crp_aad_length);
+                       else
+                               error = sglist_append_sglist(sc->sg_ulptx,
+                                   sc->sg_input, crp->crp_aad_start,
+                                   crp->crp_aad_length);
                        if (error)
                                return (error);
                }
@@ -1337,8 +1345,11 @@ ccr_gcm(struct ccr_softc *sc, struct ccr_session *s, s
        dst += iv_len;
        if (imm_len != 0) {
                if (crp->crp_aad_length != 0) {
-                       crypto_copydata(crp, crp->crp_aad_start,
-                           crp->crp_aad_length, dst);
+                       if (crp->crp_aad != NULL)
+                               memcpy(dst, crp->crp_aad, crp->crp_aad_length);
+                       else
+                               crypto_copydata(crp, crp->crp_aad_start,
+                                   crp->crp_aad_length, dst);
                        dst += crp->crp_aad_length;
                }
                crypto_copydata(crp, crp->crp_payload_start,
@@ -1438,11 +1449,24 @@ ccr_gcm_soft(struct ccr_session *s, struct cryptop *cr
        axf->Reinit(auth_ctx, iv, sizeof(iv));
 
        /* MAC the AAD. */
-       for (i = 0; i < crp->crp_aad_length; i += sizeof(block)) {
-               len = imin(crp->crp_aad_length - i, sizeof(block));
-               crypto_copydata(crp, crp->crp_aad_start + i, len, block);
-               bzero(block + len, sizeof(block) - len);
-               axf->Update(auth_ctx, block, sizeof(block));
+       if (crp->crp_aad != NULL) {
+               len = rounddown(crp->crp_aad_length, sizeof(block));
+               if (len != 0)
+                       axf->Update(auth_ctx, crp->crp_aad, len);
+               if (crp->crp_aad_length != len) {
+                       memset(block, 0, sizeof(block));
+                       memcpy(block, (char *)crp->crp_aad + len,
+                           crp->crp_aad_length - len);
+                       axf->Update(auth_ctx, block, sizeof(block));
+               }
+       } else {
+               for (i = 0; i < crp->crp_aad_length; i += sizeof(block)) {
+                       len = imin(crp->crp_aad_length - i, sizeof(block));
+                       crypto_copydata(crp, crp->crp_aad_start + i, len,
+                           block);
+                       bzero(block + len, sizeof(block) - len);
+                       axf->Update(auth_ctx, block, sizeof(block));
+               }
        }
 
        exf->reinit(kschedule, iv);
@@ -1679,8 +1703,13 @@ ccr_ccm(struct ccr_softc *sc, struct ccr_session *s, s
 
                sglist_reset(sc->sg_ulptx);
                if (crp->crp_aad_length != 0) {
-                       error = sglist_append_sglist(sc->sg_ulptx, sc->sg_input,
-                           crp->crp_aad_start, crp->crp_aad_length);
+                       if (crp->crp_aad != NULL)
+                               error = sglist_append(sc->sg_ulptx,
+                                   crp->crp_aad, crp->crp_aad_length);
+                       else
+                               error = sglist_append_sglist(sc->sg_ulptx,
+                                   sc->sg_input, crp->crp_aad_start,
+                                   crp->crp_aad_length);
                        if (error)
                                return (error);
                }
@@ -1788,8 +1817,11 @@ ccr_ccm(struct ccr_softc *sc, struct ccr_session *s, s
        if (sgl_nsegs == 0) {
                dst += b0_len;
                if (crp->crp_aad_length != 0) {
-                       crypto_copydata(crp, crp->crp_aad_start,
-                           crp->crp_aad_length, dst);
+                       if (crp->crp_aad != NULL)
+                               memcpy(dst, crp->crp_aad, crp->crp_aad_length);
+                       else
+                               crypto_copydata(crp, crp->crp_aad_start,
+                                   crp->crp_aad_length, dst);
                        dst += crp->crp_aad_length;
                }
                crypto_copydata(crp, crp->crp_payload_start,
@@ -1905,12 +1937,14 @@ ccr_ccm_soft(struct ccr_session *s, struct cryptop *cr
        axf->Reinit(auth_ctx, iv, sizeof(iv));
 
        /* MAC the AAD. */
-       for (i = 0; i < crp->crp_aad_length; i += sizeof(block)) {
-               len = imin(crp->crp_aad_length - i, sizeof(block));
-               crypto_copydata(crp, crp->crp_aad_start + i, len, block);
-               bzero(block + len, sizeof(block) - len);
-               axf->Update(auth_ctx, block, sizeof(block));
-       }
+       if (crp->crp_aad != NULL)
+               error = axf->Update(auth_ctx, crp->crp_aad,
+                   crp->crp_aad_length);
+       else
+               error = crypto_apply(crp, crp->crp_aad_start,
+                   crp->crp_aad_length, axf->Update, auth_ctx);
+       if (error)
+               goto out;
 
        exf->reinit(kschedule, iv);
 
@@ -2339,7 +2373,8 @@ ccr_probesession(device_t dev, const struct crypto_ses
 {
        unsigned int cipher_mode;
 
-       if ((csp->csp_flags & ~(CSP_F_SEPARATE_OUTPUT)) != 0)
+       if ((csp->csp_flags & ~(CSP_F_SEPARATE_OUTPUT | CSP_F_SEPARATE_AAD)) !=
+           0)
                return (EINVAL);
        switch (csp->csp_mode) {
        case CSP_MODE_DIGEST:
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "[email protected]"

Reply via email to