Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 24 Jan 2018 20:04:08 +0000 (UTC)
From:      John Baldwin <jhb@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r328353 - head/sys/dev/cxgbe/crypto
Message-ID:  <201801242004.w0OK48JY032165@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: jhb
Date: Wed Jan 24 20:04:08 2018
New Revision: 328353
URL: https://svnweb.freebsd.org/changeset/base/328353

Log:
  Always store the IV in the immediate portion of a work request.
  
  Combined authentication-encryption and GCM requests already stored the
  IV in the immediate explicitly.  This extends this behavior to block
  cipher requests to work around a firmware bug.  While here, simplify
  the AEAD and GCM handlers to not include always-true conditions.
  
  Submitted by:	Harsh Jain @ Chelsio
  Sponsored by:	Chelsio Communications

Modified:
  head/sys/dev/cxgbe/crypto/t4_crypto.c

Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c
==============================================================================
--- head/sys/dev/cxgbe/crypto/t4_crypto.c	Wed Jan 24 19:48:25 2018	(r328352)
+++ head/sys/dev/cxgbe/crypto/t4_crypto.c	Wed Jan 24 20:04:08 2018	(r328353)
@@ -546,7 +546,7 @@ ccr_blkcipher(struct ccr_softc *sc, uint32_t sid, stru
 	struct wrqe *wr;
 	struct cryptodesc *crd;
 	char *dst;
-	u_int iv_loc, kctx_len, key_half, op_type, transhdr_len, wr_len;
+	u_int kctx_len, key_half, op_type, transhdr_len, wr_len;
 	u_int imm_len;
 	int dsgl_nsegs, dsgl_len;
 	int sgl_nsegs, sgl_len;
@@ -564,24 +564,22 @@ ccr_blkcipher(struct ccr_softc *sc, uint32_t sid, stru
 	if (crd->crd_len > MAX_REQUEST_SIZE)
 		return (EFBIG);
 
-	iv_loc = IV_NOP;
 	if (crd->crd_flags & CRD_F_ENCRYPT) {
 		op_type = CHCR_ENCRYPT_OP;
 		if (crd->crd_flags & CRD_F_IV_EXPLICIT)
 			memcpy(iv, crd->crd_iv, s->blkcipher.iv_len);
 		else
 			arc4rand(iv, s->blkcipher.iv_len, 0);
-		iv_loc = IV_IMMEDIATE;
 		if ((crd->crd_flags & CRD_F_IV_PRESENT) == 0)
 			crypto_copyback(crp->crp_flags, crp->crp_buf,
 			    crd->crd_inject, s->blkcipher.iv_len, iv);
 	} else {
 		op_type = CHCR_DECRYPT_OP;
-		if (crd->crd_flags & CRD_F_IV_EXPLICIT) {
+		if (crd->crd_flags & CRD_F_IV_EXPLICIT)
 			memcpy(iv, crd->crd_iv, s->blkcipher.iv_len);
-			iv_loc = IV_IMMEDIATE;
-		} else
-			iv_loc = IV_DSGL;
+		else
+			crypto_copydata(crp->crp_flags, crp->crp_buf,
+			    crd->crd_inject, s->blkcipher.iv_len, iv);
 	}
 
 	sglist_reset(sc->sg_dsgl);
@@ -601,22 +599,11 @@ ccr_blkcipher(struct ccr_softc *sc, uint32_t sid, stru
 	if (ccr_use_imm_data(transhdr_len, crd->crd_len +
 	    s->blkcipher.iv_len)) {
 		imm_len = crd->crd_len;
-		if (iv_loc == IV_DSGL) {
-			crypto_copydata(crp->crp_flags, crp->crp_buf,
-			    crd->crd_inject, s->blkcipher.iv_len, iv);
-			iv_loc = IV_IMMEDIATE;
-		}
 		sgl_nsegs = 0;
 		sgl_len = 0;
 	} else {
 		imm_len = 0;
 		sglist_reset(sc->sg_ulptx);
-		if (iv_loc == IV_DSGL) {
-			error = sglist_append_sglist(sc->sg_ulptx, sc->sg_crp,
-			    crd->crd_inject, s->blkcipher.iv_len);
-			if (error)
-				return (error);
-		}
 		error = sglist_append_sglist(sc->sg_ulptx, sc->sg_crp,
 		    crd->crd_skip, crd->crd_len);
 		if (error)
@@ -625,9 +612,8 @@ ccr_blkcipher(struct ccr_softc *sc, uint32_t sid, stru
 		sgl_len = ccr_ulptx_sgl_len(sgl_nsegs);
 	}
 
-	wr_len = roundup2(transhdr_len, 16) + roundup2(imm_len, 16) + sgl_len;
-	if (iv_loc == IV_IMMEDIATE)
-		wr_len += s->blkcipher.iv_len;
+	wr_len = roundup2(transhdr_len, 16) + s->blkcipher.iv_len +
+	    roundup2(imm_len, 16) + sgl_len;
 	wr = alloc_wrqe(wr_len, sc->txq);
 	if (wr == NULL) {
 		sc->stats_wr_nomem++;
@@ -637,7 +623,7 @@ ccr_blkcipher(struct ccr_softc *sc, uint32_t sid, stru
 	memset(crwr, 0, wr_len);
 
 	ccr_populate_wreq(sc, crwr, kctx_len, wr_len, sid, imm_len, sgl_len, 0,
-	    iv_loc, crp);
+	    IV_IMMEDIATE, crp);
 
 	/* XXX: Hardcodes SGE loopback channel of 0. */
 	crwr->sec_cpl.op_ivinsrtofst = htobe32(
@@ -700,10 +686,8 @@ ccr_blkcipher(struct ccr_softc *sc, uint32_t sid, stru
 	dst = (char *)(crwr + 1) + kctx_len;
 	ccr_write_phys_dsgl(sc, dst, dsgl_nsegs);
 	dst += sizeof(struct cpl_rx_phys_dsgl) + dsgl_len;
-	if (iv_loc == IV_IMMEDIATE) {
-		memcpy(dst, iv, s->blkcipher.iv_len);
-		dst += s->blkcipher.iv_len;
-	}
+	memcpy(dst, iv, s->blkcipher.iv_len);
+	dst += s->blkcipher.iv_len;
 	if (imm_len != 0)
 		crypto_copydata(crp->crp_flags, crp->crp_buf, crd->crd_skip,
 		    crd->crd_len, dst);
@@ -755,7 +739,7 @@ ccr_authenc(struct ccr_softc *sc, uint32_t sid, struct
 	struct wrqe *wr;
 	struct auth_hash *axf;
 	char *dst;
-	u_int iv_loc, kctx_len, key_half, op_type, transhdr_len, wr_len;
+	u_int kctx_len, key_half, op_type, transhdr_len, wr_len;
 	u_int hash_size_in_response, imm_len, iopad_size;
 	u_int aad_start, aad_len, aad_stop;
 	u_int auth_start, auth_stop, auth_insert;
@@ -791,7 +775,6 @@ ccr_authenc(struct ccr_softc *sc, uint32_t sid, struct
 	 * engine doesn't work properly if the IV offset points inside
 	 * of the AAD region, so a second copy is always required.
 	 */
-	iv_loc = IV_IMMEDIATE;
 	if (crde->crd_flags & CRD_F_ENCRYPT) {
 		op_type = CHCR_ENCRYPT_OP;
 		if (crde->crd_flags & CRD_F_IV_EXPLICIT)
@@ -935,9 +918,8 @@ ccr_authenc(struct ccr_softc *sc, uint32_t sid, struct
 	else
 		auth_insert = 0;
 
-	wr_len = roundup2(transhdr_len, 16) + roundup2(imm_len, 16) + sgl_len;
-	if (iv_loc == IV_IMMEDIATE)
-		wr_len += s->blkcipher.iv_len;
+	wr_len = roundup2(transhdr_len, 16) + s->blkcipher.iv_len +
+	    roundup2(imm_len, 16) + sgl_len;
 	wr = alloc_wrqe(wr_len, sc->txq);
 	if (wr == NULL) {
 		sc->stats_wr_nomem++;
@@ -947,8 +929,8 @@ ccr_authenc(struct ccr_softc *sc, uint32_t sid, struct
 	memset(crwr, 0, wr_len);
 
 	ccr_populate_wreq(sc, crwr, kctx_len, wr_len, sid, imm_len, sgl_len,
-	    op_type == CHCR_DECRYPT_OP ? hash_size_in_response : 0, iv_loc,
-	    crp);
+	    op_type == CHCR_DECRYPT_OP ? hash_size_in_response : 0,
+	    IV_IMMEDIATE, crp);
 
 	/* XXX: Hardcodes SGE loopback channel of 0. */
 	crwr->sec_cpl.op_ivinsrtofst = htobe32(
@@ -1022,10 +1004,8 @@ ccr_authenc(struct ccr_softc *sc, uint32_t sid, struct
 	dst = (char *)(crwr + 1) + kctx_len;
 	ccr_write_phys_dsgl(sc, dst, dsgl_nsegs);
 	dst += sizeof(struct cpl_rx_phys_dsgl) + dsgl_len;
-	if (iv_loc == IV_IMMEDIATE) {
-		memcpy(dst, iv, s->blkcipher.iv_len);
-		dst += s->blkcipher.iv_len;
-	}
+	memcpy(dst, iv, s->blkcipher.iv_len);
+	dst += s->blkcipher.iv_len;
 	if (imm_len != 0) {
 		if (aad_len != 0) {
 			crypto_copydata(crp->crp_flags, crp->crp_buf,
@@ -1085,7 +1065,7 @@ ccr_gcm(struct ccr_softc *sc, uint32_t sid, struct ccr
 	struct chcr_wr *crwr;
 	struct wrqe *wr;
 	char *dst;
-	u_int iv_len, iv_loc, kctx_len, op_type, transhdr_len, wr_len;
+	u_int iv_len, kctx_len, op_type, transhdr_len, wr_len;
 	u_int hash_size_in_response, imm_len;
 	u_int aad_start, aad_stop, cipher_start, cipher_stop, auth_insert;
 	u_int hmac_ctrl, input_len;
@@ -1119,7 +1099,6 @@ ccr_gcm(struct ccr_softc *sc, uint32_t sid, struct ccr
 	 * always assumes a 12-byte IV and initializes the low 4 byte
 	 * counter to 1.
 	 */
-	iv_loc = IV_IMMEDIATE;
 	if (crde->crd_flags & CRD_F_ENCRYPT) {
 		op_type = CHCR_ENCRYPT_OP;
 		if (crde->crd_flags & CRD_F_IV_EXPLICIT)
@@ -1237,9 +1216,8 @@ ccr_gcm(struct ccr_softc *sc, uint32_t sid, struct ccr
 	else
 		auth_insert = 0;
 
-	wr_len = roundup2(transhdr_len, 16) + roundup2(imm_len, 16) + sgl_len;
-	if (iv_loc == IV_IMMEDIATE)
-		wr_len += iv_len;
+	wr_len = roundup2(transhdr_len, 16) + iv_len + roundup2(imm_len, 16) +
+	    sgl_len;
 	wr = alloc_wrqe(wr_len, sc->txq);
 	if (wr == NULL) {
 		sc->stats_wr_nomem++;
@@ -1249,7 +1227,7 @@ ccr_gcm(struct ccr_softc *sc, uint32_t sid, struct ccr
 	memset(crwr, 0, wr_len);
 
 	ccr_populate_wreq(sc, crwr, kctx_len, wr_len, sid, imm_len, sgl_len,
-	    0, iv_loc, crp);
+	    0, IV_IMMEDIATE, crp);
 
 	/* XXX: Hardcodes SGE loopback channel of 0. */
 	crwr->sec_cpl.op_ivinsrtofst = htobe32(
@@ -1307,10 +1285,8 @@ ccr_gcm(struct ccr_softc *sc, uint32_t sid, struct ccr
 	dst = (char *)(crwr + 1) + kctx_len;
 	ccr_write_phys_dsgl(sc, dst, dsgl_nsegs);
 	dst += sizeof(struct cpl_rx_phys_dsgl) + dsgl_len;
-	if (iv_loc == IV_IMMEDIATE) {
-		memcpy(dst, iv, iv_len);
-		dst += iv_len;
-	}
+	memcpy(dst, iv, iv_len);
+	dst += iv_len;
 	if (imm_len != 0) {
 		if (crda->crd_len != 0) {
 			crypto_copydata(crp->crp_flags, crp->crp_buf,



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201801242004.w0OK48JY032165>