Date: Thu, 07 Aug 2014 23:37:18 +0000 From: John-Mark Gurney <jmg@FreeBSD.ORG> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 1198476 for review Message-ID: <53e40dae.2827.46e9e214@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@1198476?ac=10 Change 1198476 by jmg@jmg_carbon2 on 2014/08/07 23:36:28 add dtrace probes for various errors to aid in debugging... rename NIST_CTR to ICM (Integer Counter Mode)... This mode is more flexible and not IPSEC specific, supporting a counter that is larger, or being able to segment your calls for larger blocks than can fit into memory... Sponsored by: FreeBSD Foundation Affected files ... ... //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#3 edit ... //depot/projects/opencrypto/sys/opencrypto/cryptodev.h#3 edit ... //depot/projects/opencrypto/sys/opencrypto/cryptosoft.c#3 edit ... //depot/projects/opencrypto/sys/opencrypto/xform.c#4 edit ... //depot/projects/opencrypto/sys/opencrypto/xform.h#4 edit Differences ... ==== //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#3 (text+ko) ==== @@ -41,6 +41,7 @@ __FBSDID("$FreeBSD: head/sys/opencrypto/cryptodev.c 262994 2014-03-11 01:45:46Z jmg $"); #include "opt_compat.h" +#include "opt_kdtrace.h" #include <sys/param.h> #include <sys/systm.h> @@ -59,10 +60,15 @@ #include <sys/module.h> #include <sys/fcntl.h> #include <sys/bus.h> +#include <sys/sdt.h> #include <opencrypto/cryptodev.h> #include <opencrypto/xform.h> +SDT_PROVIDER_DECLARE(opencrypto); + +SDT_PROBE_DEFINE1(opencrypto, dev, ioctl, error, "int"); + #ifdef COMPAT_FREEBSD32 #include <sys/mount.h> #include <compat/freebsd32/freebsd32.h> @@ -445,8 +451,8 @@ case CRYPTO_CAMELLIA_CBC: txform = &enc_xform_camellia; break; - case CRYPTO_AES_NIST_CTR: - txform = &enc_xform_aes_nist_ctr; + case CRYPTO_AES_ICM: + txform = &enc_xform_aes_icm; break; case CRYPTO_AES_NIST_GCM_16: txform = &enc_xform_aes_nist_gcm; @@ -622,8 +628,10 @@ #endif cop = (struct crypt_op *)data; cse = csefind(fcr, cop->ses); - if (cse == NULL) + if (cse == NULL) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); return (EINVAL); + } error = cryptodev_op(cse, cop, active_cred, td); #ifdef COMPAT_FREEBSD32 if (error == 0 && cmd == CIOCCRYPT32) @@ -706,12 +714,16 @@ struct cryptodesc *crde = NULL, *crda = NULL; int error; - if (cop->len > 256*1024-4) + if (cop->len > 256*1024-4) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); return (E2BIG); + } if (cse->txform) { - if (cop->len == 0 || (cop->len % cse->txform->blocksize) != 0) + if (cop->len == 0 || (cop->len % cse->txform->blocksize) != 0) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); return (EINVAL); + } } cse->uio.uio_iov = &cse->iovec; @@ -731,6 +743,7 @@ crp = crypto_getreq((cse->txform != NULL) + (cse->thash != NULL)); if (crp == NULL) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); error = ENOMEM; goto bail; } @@ -743,13 +756,17 @@ if (cse->txform) crde = crp->crp_desc; else { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); error = EINVAL; goto bail; } } - if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base, cop->len))) + if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base, + cop->len))) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); goto bail; + } if (crda) { crda->crd_skip = 0; @@ -784,15 +801,20 @@ if (cop->iv) { if (crde == NULL) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); error = EINVAL; goto bail; } if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */ + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); error = EINVAL; goto bail; } - if ((error = copyin(cop->iv, cse->tmp_iv, cse->txform->blocksize))) + if ((error = copyin(cop->iv, cse->tmp_iv, + cse->txform->blocksize))) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); goto bail; + } bcopy(cse->tmp_iv, crde->crd_iv, cse->txform->blocksize); crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT; crde->crd_skip = 0; @@ -805,6 +827,7 @@ } if (cop->mac && crda == NULL) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); error = EINVAL; goto bail; } @@ -823,8 +846,10 @@ error = msleep(crp, &cse->lock, PWAIT, "crydev", 0); mtx_unlock(&cse->lock); - if (error != 0) + if (error != 0) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); goto bail; + } if (crp->crp_etype == EAGAIN) { crp->crp_etype = 0; @@ -833,23 +858,30 @@ } if (crp->crp_etype != 0) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); error = crp->crp_etype; goto bail; } if (cse->error) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); error = cse->error; goto bail; } if (cop->dst && - (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, cop->len))) + (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, + cop->len))) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); goto bail; + } if (cop->mac && (error = copyout((caddr_t)cse->uio.uio_iov[0].iov_base + cop->len, - cop->mac, cse->thash->hashsize))) + cop->mac, cse->thash->hashsize))) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); goto bail; + } bail: if (crp) ==== //depot/projects/opencrypto/sys/opencrypto/cryptodev.h#3 (text+ko) ==== @@ -132,7 +132,7 @@ #define CRYPTO_SHA2_512_HMAC 20 #define CRYPTO_CAMELLIA_CBC 21 #define CRYPTO_AES_XTS 22 -#define CRYPTO_AES_NIST_CTR 23 +#define CRYPTO_AES_ICM 23 /* commonly known as CTR mode */ #define CRYPTO_AES_NIST_GMAC 24 /* cipher side */ #define CRYPTO_AES_NIST_GCM_16 25 /* 16 byte ICV */ #define CRYPTO_AES_128_NIST_GMAC 26 /* auth side */ ==== //depot/projects/opencrypto/sys/opencrypto/cryptosoft.c#3 (text+ko) ==== @@ -918,8 +918,8 @@ case CRYPTO_AES_XTS: txf = &enc_xform_aes_xts; goto enccommon; - case CRYPTO_AES_NIST_CTR: - txf = &enc_xform_aes_nist_ctr; + case CRYPTO_AES_ICM: + txf = &enc_xform_aes_icm; goto enccommon; case CRYPTO_AES_NIST_GCM_16: txf = &enc_xform_aes_nist_gcm; @@ -1131,7 +1131,7 @@ case CRYPTO_SKIPJACK_CBC: case CRYPTO_RIJNDAEL128_CBC: case CRYPTO_AES_XTS: - case CRYPTO_AES_NIST_CTR: + case CRYPTO_AES_ICM: case CRYPTO_AES_NIST_GCM_16: case CRYPTO_AES_NIST_GMAC: case CRYPTO_CAMELLIA_CBC: @@ -1259,7 +1259,7 @@ case CRYPTO_SKIPJACK_CBC: case CRYPTO_RIJNDAEL128_CBC: case CRYPTO_AES_XTS: - case CRYPTO_AES_NIST_CTR: + case CRYPTO_AES_ICM: case CRYPTO_CAMELLIA_CBC: if ((crp->crp_etype = swcr_encdec(crd, sw, crp->crp_buf, crp->crp_flags)) != 0) @@ -1362,7 +1362,7 @@ REGISTER(CRYPTO_SHA1); REGISTER(CRYPTO_RIJNDAEL128_CBC); REGISTER(CRYPTO_AES_XTS); - REGISTER(CRYPTO_AES_NIST_CTR); + REGISTER(CRYPTO_AES_ICM); REGISTER(CRYPTO_AES_NIST_GCM_16); REGISTER(CRYPTO_AES_NIST_GMAC); REGISTER(CRYPTO_AES_128_NIST_GMAC); ==== //depot/projects/opencrypto/sys/opencrypto/xform.c#4 (text+ko) ==== @@ -81,7 +81,7 @@ static int cast5_setkey(u_int8_t **, u_int8_t *, int); static int skipjack_setkey(u_int8_t **, u_int8_t *, int); static int rijndael128_setkey(u_int8_t **, u_int8_t *, int); -static int aes_ctr_setkey(u_int8_t **, u_int8_t *, int); +static int aes_icm_setkey(u_int8_t **, u_int8_t *, int); static int aes_xts_setkey(u_int8_t **, u_int8_t *, int); static int cml_setkey(u_int8_t **, u_int8_t *, int); @@ -105,7 +105,7 @@ static void aes_xts_decrypt(caddr_t, u_int8_t *); static void cml_decrypt(caddr_t, u_int8_t *); -static void aes_ctr_crypt(caddr_t, u_int8_t *); +static void aes_icm_crypt(caddr_t, u_int8_t *); static void null_zerokey(u_int8_t **); static void des1_zerokey(u_int8_t **); @@ -114,11 +114,11 @@ static void cast5_zerokey(u_int8_t **); static void skipjack_zerokey(u_int8_t **); static void rijndael128_zerokey(u_int8_t **); -static void aes_ctr_zerokey(u_int8_t **); +static void aes_icm_zerokey(u_int8_t **); static void aes_xts_zerokey(u_int8_t **); static void cml_zerokey(u_int8_t **); -static void aes_ctr_reinit(caddr_t, u_int8_t *); +static void aes_icm_reinit(caddr_t, u_int8_t *); static void aes_xts_reinit(caddr_t, u_int8_t *); static void aes_gcm_reinit(caddr_t, u_int8_t *); @@ -138,17 +138,12 @@ static u_int32_t deflate_compress(u_int8_t *, u_int32_t, u_int8_t **); static u_int32_t deflate_decompress(u_int8_t *, u_int32_t, u_int8_t **); -#define AESCTR_IVSIZE 12 -#define AESCTR_BLOCKSIZE 16 +#define AESICM_BLOCKSIZE 16 -struct aes_ctr_ctx { +struct aes_icm_ctx { u_int32_t ac_ek[4*(RIJNDAEL_MAXNR + 1)]; - /* - * ac_block is initalized to: [ IV : CNTR ] - * IV is provided by user. - * CNTR is initalized to 0 for CTR and 1 for GCM. - */ - u_int8_t ac_block[AESCTR_BLOCKSIZE]; + /* ac_block is initalized to IV */ + u_int8_t ac_block[AESICM_BLOCKSIZE]; int ac_nr; }; @@ -225,23 +220,23 @@ NULL, }; -struct enc_xform enc_xform_aes_nist_ctr = { - CRYPTO_AES_NIST_CTR, "AES-CTR", +struct enc_xform enc_xform_aes_icm = { + CRYPTO_AES_ICM, "AES-ICM", RIJNDAEL128_BLOCK_LEN, 16, 32, - aes_ctr_crypt, - aes_ctr_crypt, - aes_ctr_setkey, + aes_icm_crypt, + aes_icm_crypt, + aes_icm_setkey, rijndael128_zerokey, - aes_ctr_reinit, + aes_icm_reinit, }; struct enc_xform enc_xform_aes_nist_gcm = { CRYPTO_AES_NIST_GCM_16, "AES-GCM", 1, 16, 32, - aes_ctr_crypt, - aes_ctr_crypt, - aes_ctr_setkey, - aes_ctr_zerokey, + aes_icm_crypt, + aes_icm_crypt, + aes_icm_setkey, + aes_icm_zerokey, aes_gcm_reinit, }; @@ -665,60 +660,58 @@ } void -aes_ctr_reinit(caddr_t key, u_int8_t *iv) +aes_icm_reinit(caddr_t key, u_int8_t *iv) { - struct aes_ctr_ctx *ctx; + struct aes_icm_ctx *ctx; - ctx = (struct aes_ctr_ctx *)key; - bcopy(iv, ctx->ac_block, AESCTR_IVSIZE); - - /* reset counter */ - bzero(ctx->ac_block + AESCTR_IVSIZE, 4); + ctx = (struct aes_icm_ctx *)key; + bcopy(iv, ctx->ac_block, AESICM_BLOCKSIZE); } void aes_gcm_reinit(caddr_t key, u_int8_t *iv) { - struct aes_ctr_ctx *ctx; + struct aes_icm_ctx *ctx; - aes_ctr_reinit(key, iv); + aes_icm_reinit(key, iv); - ctx = (struct aes_ctr_ctx *)key; + ctx = (struct aes_icm_ctx *)key; /* GCM starts with 2 as counter 1 is used for final xor of tag. */ - ctx->ac_block[AESCTR_BLOCKSIZE - 1] = 2; + bzero(&ctx->ac_block[AESICM_BLOCKSIZE - 4], 4); + ctx->ac_block[AESICM_BLOCKSIZE - 1] = 2; } void -aes_ctr_crypt(caddr_t key, u_int8_t *data) +aes_icm_crypt(caddr_t key, u_int8_t *data) { - struct aes_ctr_ctx *ctx; - u_int8_t keystream[AESCTR_BLOCKSIZE]; + struct aes_icm_ctx *ctx; + u_int8_t keystream[AESICM_BLOCKSIZE]; int i; - ctx = (struct aes_ctr_ctx *)key; + ctx = (struct aes_icm_ctx *)key; rijndaelEncrypt(ctx->ac_ek, ctx->ac_nr, ctx->ac_block, keystream); - for (i = 0; i < AESCTR_BLOCKSIZE; i++) + for (i = 0; i < AESICM_BLOCKSIZE; i++) data[i] ^= keystream[i]; - bzero(keystream, sizeof(keystream)); + explicite_bzero(keystream, sizeof(keystream)); /* increment counter */ - for (i = AESCTR_BLOCKSIZE - 1; - i >= AESCTR_IVSIZE; i--) + for (i = AESICM_BLOCKSIZE - 1; + i >= 0; i--) if (++ctx->ac_block[i]) /* continue on overflow */ break; } int -aes_ctr_setkey(u_int8_t **sched, u_int8_t *key, int len) +aes_icm_setkey(u_int8_t **sched, u_int8_t *key, int len) { - struct aes_ctr_ctx *ctx; + struct aes_icm_ctx *ctx; - *sched = malloc(sizeof(struct aes_ctr_ctx), M_CRYPTO_DATA, + *sched = malloc(sizeof(struct aes_icm_ctx), M_CRYPTO_DATA, M_NOWAIT | M_ZERO); if (*sched == NULL) return ENOMEM; - ctx = (struct aes_ctr_ctx *)*sched; + ctx = (struct aes_icm_ctx *)*sched; ctx->ac_nr = rijndaelKeySetupEnc(ctx->ac_ek, (u_char *)key, len * 8); if (ctx->ac_nr == 0) return EINVAL; @@ -726,10 +719,10 @@ } void -aes_ctr_zerokey(u_int8_t **sched) +aes_icm_zerokey(u_int8_t **sched) { - bzero(*sched, sizeof(struct aes_ctr_ctx)); + bzero(*sched, sizeof(struct aes_icm_ctx)); free(*sched, M_CRYPTO_DATA); *sched = NULL; } ==== //depot/projects/opencrypto/sys/opencrypto/xform.h#4 (text+ko) ==== @@ -91,7 +91,7 @@ extern struct enc_xform enc_xform_cast5; extern struct enc_xform enc_xform_skipjack; extern struct enc_xform enc_xform_rijndael128; -extern struct enc_xform enc_xform_aes_nist_ctr; +extern struct enc_xform enc_xform_aes_icm; extern struct enc_xform enc_xform_aes_nist_gcm; extern struct enc_xform enc_xform_aes_nist_gmac; extern struct enc_xform enc_xform_aes_xts;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53e40dae.2827.46e9e214>