From owner-svn-src-all@freebsd.org Fri Nov 16 19:08:54 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6FADB1102010; Fri, 16 Nov 2018 19:08:54 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id EC7008B8AA; Fri, 16 Nov 2018 19:08:53 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C7A03213BC; Fri, 16 Nov 2018 19:08:53 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAGJ8rRD075969; Fri, 16 Nov 2018 19:08:53 GMT (envelope-from jhb@FreeBSD.org) Received: (from jhb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAGJ8r6c075964; Fri, 16 Nov 2018 19:08:53 GMT (envelope-from jhb@FreeBSD.org) Message-Id: <201811161908.wAGJ8r6c075964@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jhb set sender to jhb@FreeBSD.org using -f From: John Baldwin Date: Fri, 16 Nov 2018 19:08:53 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r340486 - in head/sys/dev/cxgbe: crypto tom X-SVN-Group: head X-SVN-Commit-Author: jhb X-SVN-Commit-Paths: in head/sys/dev/cxgbe: crypto tom X-SVN-Commit-Revision: 340486 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: EC7008B8AA X-Spamd-Result: default: False [-103.11 / 40.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; ALLOW_DOMAIN_WHITELIST(-100.00)[FreeBSD.org]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; HAS_XAW(0.00)[]; R_SPF_SOFTFAIL(0.00)[~all]; DMARC_NA(0.00)[FreeBSD.org]; RCVD_COUNT_THREE(0.00)[4]; MX_GOOD(-0.01)[cached: mx1.FreeBSD.org]; NEURAL_HAM_SHORT(-1.00)[-0.999,0]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; RCVD_TLS_LAST(0.00)[] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Nov 2018 19:08:54 -0000 Author: jhb Date: Fri Nov 16 19:08:52 2018 New Revision: 340486 URL: https://svnweb.freebsd.org/changeset/base/340486 Log: Consolidate on a single set of constants for SCMD fields. Both ccr(4) and the TOE TLS code had separate sets of constants for fields in SCMD messages. Sponsored by: Chelsio Communications Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c head/sys/dev/cxgbe/crypto/t4_crypto.h head/sys/dev/cxgbe/tom/t4_tls.c head/sys/dev/cxgbe/tom/t4_tls.h Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c ============================================================================== --- head/sys/dev/cxgbe/crypto/t4_crypto.c Fri Nov 16 19:04:12 2018 (r340485) +++ head/sys/dev/cxgbe/crypto/t4_crypto.c Fri Nov 16 19:08:52 2018 (r340486) @@ -444,10 +444,10 @@ ccr_hash(struct ccr_softc *sc, struct ccr_session *s, if (s->mode == HMAC) { use_opad = 1; - hmac_ctrl = CHCR_SCMD_HMAC_CTRL_NO_TRUNC; + hmac_ctrl = SCMD_HMAC_CTRL_NO_TRUNC; } else { use_opad = 0; - hmac_ctrl = CHCR_SCMD_HMAC_CTRL_NOP; + hmac_ctrl = SCMD_HMAC_CTRL_NOP; } /* PADs must be 128-bit aligned. */ @@ -513,8 +513,8 @@ ccr_hash(struct ccr_softc *sc, struct ccr_session *s, /* These two flits are actually a CPL_TLS_TX_SCMD_FMT. */ crwr->sec_cpl.seqno_numivs = htobe32( V_SCMD_SEQ_NO_CTRL(0) | - V_SCMD_PROTO_VERSION(CHCR_SCMD_PROTO_VERSION_GENERIC) | - V_SCMD_CIPH_MODE(CHCR_SCMD_CIPHER_MODE_NOP) | + V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | + V_SCMD_CIPH_MODE(SCMD_CIPH_MODE_NOP) | V_SCMD_AUTH_MODE(s->hmac.auth_mode) | V_SCMD_HMAC_CTRL(hmac_ctrl)); crwr->sec_cpl.ivgen_hdrlen = htobe32( @@ -682,11 +682,11 @@ ccr_blkcipher(struct ccr_softc *sc, struct ccr_session /* These two flits are actually a CPL_TLS_TX_SCMD_FMT. */ crwr->sec_cpl.seqno_numivs = htobe32( V_SCMD_SEQ_NO_CTRL(0) | - V_SCMD_PROTO_VERSION(CHCR_SCMD_PROTO_VERSION_GENERIC) | + V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | V_SCMD_ENC_DEC_CTRL(op_type) | V_SCMD_CIPH_MODE(s->blkcipher.cipher_mode) | - V_SCMD_AUTH_MODE(CHCR_SCMD_AUTH_MODE_NOP) | - V_SCMD_HMAC_CTRL(CHCR_SCMD_HMAC_CTRL_NOP) | + V_SCMD_AUTH_MODE(SCMD_AUTH_MODE_NOP) | + V_SCMD_HMAC_CTRL(SCMD_HMAC_CTRL_NOP) | V_SCMD_IV_SIZE(s->blkcipher.iv_len / 2) | V_SCMD_NUM_IVS(0)); crwr->sec_cpl.ivgen_hdrlen = htobe32( @@ -760,12 +760,12 @@ ccr_hmac_ctrl(unsigned int hashsize, unsigned int auth { if (authsize == 10) - return (CHCR_SCMD_HMAC_CTRL_TRUNC_RFC4366); + return (SCMD_HMAC_CTRL_TRUNC_RFC4366); if (authsize == 12) - return (CHCR_SCMD_HMAC_CTRL_IPSEC_96BIT); + return (SCMD_HMAC_CTRL_IPSEC_96BIT); if (authsize == hashsize / 2) - return (CHCR_SCMD_HMAC_CTRL_DIV2); - return (CHCR_SCMD_HMAC_CTRL_NO_TRUNC); + return (SCMD_HMAC_CTRL_DIV2); + return (SCMD_HMAC_CTRL_NO_TRUNC); } static int @@ -1018,7 +1018,7 @@ ccr_authenc(struct ccr_softc *sc, struct ccr_session * hmac_ctrl = ccr_hmac_ctrl(axf->hashsize, hash_size_in_response); crwr->sec_cpl.seqno_numivs = htobe32( V_SCMD_SEQ_NO_CTRL(0) | - V_SCMD_PROTO_VERSION(CHCR_SCMD_PROTO_VERSION_GENERIC) | + V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | V_SCMD_ENC_DEC_CTRL(op_type) | V_SCMD_CIPH_AUTH_SEQ_CTRL(op_type == CHCR_ENCRYPT_OP ? 1 : 0) | V_SCMD_CIPH_MODE(s->blkcipher.cipher_mode) | @@ -1361,11 +1361,11 @@ ccr_gcm(struct ccr_softc *sc, struct ccr_session *s, s hmac_ctrl = ccr_hmac_ctrl(AES_GMAC_HASH_LEN, hash_size_in_response); crwr->sec_cpl.seqno_numivs = htobe32( V_SCMD_SEQ_NO_CTRL(0) | - V_SCMD_PROTO_VERSION(CHCR_SCMD_PROTO_VERSION_GENERIC) | + V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | V_SCMD_ENC_DEC_CTRL(op_type) | V_SCMD_CIPH_AUTH_SEQ_CTRL(op_type == CHCR_ENCRYPT_OP ? 1 : 0) | - V_SCMD_CIPH_MODE(CHCR_SCMD_CIPHER_MODE_AES_GCM) | - V_SCMD_AUTH_MODE(CHCR_SCMD_AUTH_MODE_GHASH) | + V_SCMD_CIPH_MODE(SCMD_CIPH_MODE_AES_GCM) | + V_SCMD_AUTH_MODE(SCMD_AUTH_MODE_GHASH) | V_SCMD_HMAC_CTRL(hmac_ctrl) | V_SCMD_IV_SIZE(iv_len / 2) | V_SCMD_NUM_IVS(0)); @@ -1933,8 +1933,8 @@ ccr_newsession(device_t dev, crypto_session_t cses, st cipher = NULL; hash = NULL; auth_hash = NULL; - auth_mode = CHCR_SCMD_AUTH_MODE_NOP; - cipher_mode = CHCR_SCMD_CIPHER_MODE_NOP; + auth_mode = SCMD_AUTH_MODE_NOP; + cipher_mode = SCMD_CIPH_MODE_NOP; iv_len = 0; mk_size = 0; partial_digest_len = 0; @@ -1960,35 +1960,35 @@ ccr_newsession(device_t dev, crypto_session_t cses, st case CRYPTO_SHA1: case CRYPTO_SHA1_HMAC: auth_hash = &auth_hash_hmac_sha1; - auth_mode = CHCR_SCMD_AUTH_MODE_SHA1; + auth_mode = SCMD_AUTH_MODE_SHA1; mk_size = CHCR_KEYCTX_MAC_KEY_SIZE_160; partial_digest_len = SHA1_HASH_LEN; break; case CRYPTO_SHA2_224: case CRYPTO_SHA2_224_HMAC: auth_hash = &auth_hash_hmac_sha2_224; - auth_mode = CHCR_SCMD_AUTH_MODE_SHA224; + auth_mode = SCMD_AUTH_MODE_SHA224; mk_size = CHCR_KEYCTX_MAC_KEY_SIZE_256; partial_digest_len = SHA2_256_HASH_LEN; break; case CRYPTO_SHA2_256: case CRYPTO_SHA2_256_HMAC: auth_hash = &auth_hash_hmac_sha2_256; - auth_mode = CHCR_SCMD_AUTH_MODE_SHA256; + auth_mode = SCMD_AUTH_MODE_SHA256; mk_size = CHCR_KEYCTX_MAC_KEY_SIZE_256; partial_digest_len = SHA2_256_HASH_LEN; break; case CRYPTO_SHA2_384: case CRYPTO_SHA2_384_HMAC: auth_hash = &auth_hash_hmac_sha2_384; - auth_mode = CHCR_SCMD_AUTH_MODE_SHA512_384; + auth_mode = SCMD_AUTH_MODE_SHA512_384; mk_size = CHCR_KEYCTX_MAC_KEY_SIZE_512; partial_digest_len = SHA2_512_HASH_LEN; break; case CRYPTO_SHA2_512: case CRYPTO_SHA2_512_HMAC: auth_hash = &auth_hash_hmac_sha2_512; - auth_mode = CHCR_SCMD_AUTH_MODE_SHA512_512; + auth_mode = SCMD_AUTH_MODE_SHA512_512; mk_size = CHCR_KEYCTX_MAC_KEY_SIZE_512; partial_digest_len = SHA2_512_HASH_LEN; break; @@ -1996,7 +1996,7 @@ ccr_newsession(device_t dev, crypto_session_t cses, st case CRYPTO_AES_192_NIST_GMAC: case CRYPTO_AES_256_NIST_GMAC: gcm_hash = true; - auth_mode = CHCR_SCMD_AUTH_MODE_GHASH; + auth_mode = SCMD_AUTH_MODE_GHASH; mk_size = CHCR_KEYCTX_MAC_KEY_SIZE_128; break; } @@ -2019,19 +2019,19 @@ ccr_newsession(device_t dev, crypto_session_t cses, st cipher = c; switch (c->cri_alg) { case CRYPTO_AES_CBC: - cipher_mode = CHCR_SCMD_CIPHER_MODE_AES_CBC; + cipher_mode = SCMD_CIPH_MODE_AES_CBC; iv_len = AES_BLOCK_LEN; break; case CRYPTO_AES_ICM: - cipher_mode = CHCR_SCMD_CIPHER_MODE_AES_CTR; + cipher_mode = SCMD_CIPH_MODE_AES_CTR; iv_len = AES_BLOCK_LEN; break; case CRYPTO_AES_NIST_GCM_16: - cipher_mode = CHCR_SCMD_CIPHER_MODE_AES_GCM; + cipher_mode = SCMD_CIPH_MODE_AES_GCM; iv_len = AES_GCM_IV_LEN; break; case CRYPTO_AES_XTS: - cipher_mode = CHCR_SCMD_CIPHER_MODE_AES_XTS; + cipher_mode = SCMD_CIPH_MODE_AES_XTS; iv_len = AES_BLOCK_LEN; break; } @@ -2046,7 +2046,7 @@ ccr_newsession(device_t dev, crypto_session_t cses, st return (EINVAL); } } - if (gcm_hash != (cipher_mode == CHCR_SCMD_CIPHER_MODE_AES_GCM)) + if (gcm_hash != (cipher_mode == SCMD_CIPH_MODE_AES_GCM)) return (EINVAL); if (hash == NULL && cipher == NULL) return (EINVAL); Modified: head/sys/dev/cxgbe/crypto/t4_crypto.h ============================================================================== --- head/sys/dev/cxgbe/crypto/t4_crypto.h Fri Nov 16 19:04:12 2018 (r340485) +++ head/sys/dev/cxgbe/crypto/t4_crypto.h Fri Nov 16 19:08:52 2018 (r340486) @@ -132,36 +132,41 @@ struct phys_sge_pairs { #define CHCR_ENCRYPT_OP 0 #define CHCR_DECRYPT_OP 1 -#define CHCR_SCMD_PROTO_VERSION_GENERIC 4 +#define SCMD_ENCDECCTRL_ENCRYPT 0 +#define SCMD_ENCDECCTRL_DECRYPT 1 -#define CHCR_SCMD_CIPHER_MODE_NOP 0 -#define CHCR_SCMD_CIPHER_MODE_AES_CBC 1 -#define CHCR_SCMD_CIPHER_MODE_AES_GCM 2 -#define CHCR_SCMD_CIPHER_MODE_AES_CTR 3 -#define CHCR_SCMD_CIPHER_MODE_GENERIC_AES 4 -#define CHCR_SCMD_CIPHER_MODE_AES_XTS 6 -#define CHCR_SCMD_CIPHER_MODE_AES_CCM 7 +#define SCMD_PROTO_VERSION_TLS_1_2 0 +#define SCMD_PROTO_VERSION_TLS_1_1 1 +#define SCMD_PROTO_VERSION_GENERIC 4 -#define CHCR_SCMD_AUTH_MODE_NOP 0 -#define CHCR_SCMD_AUTH_MODE_SHA1 1 -#define CHCR_SCMD_AUTH_MODE_SHA224 2 -#define CHCR_SCMD_AUTH_MODE_SHA256 3 -#define CHCR_SCMD_AUTH_MODE_GHASH 4 -#define CHCR_SCMD_AUTH_MODE_SHA512_224 5 -#define CHCR_SCMD_AUTH_MODE_SHA512_256 6 -#define CHCR_SCMD_AUTH_MODE_SHA512_384 7 -#define CHCR_SCMD_AUTH_MODE_SHA512_512 8 -#define CHCR_SCMD_AUTH_MODE_CBCMAC 9 -#define CHCR_SCMD_AUTH_MODE_CMAC 10 +#define SCMD_CIPH_MODE_NOP 0 +#define SCMD_CIPH_MODE_AES_CBC 1 +#define SCMD_CIPH_MODE_AES_GCM 2 +#define SCMD_CIPH_MODE_AES_CTR 3 +#define SCMD_CIPH_MODE_GENERIC_AES 4 +#define SCMD_CIPH_MODE_AES_XTS 6 +#define SCMD_CIPH_MODE_AES_CCM 7 -#define CHCR_SCMD_HMAC_CTRL_NOP 0 -#define CHCR_SCMD_HMAC_CTRL_NO_TRUNC 1 -#define CHCR_SCMD_HMAC_CTRL_TRUNC_RFC4366 2 -#define CHCR_SCMD_HMAC_CTRL_IPSEC_96BIT 3 -#define CHCR_SCMD_HMAC_CTRL_PL1 4 -#define CHCR_SCMD_HMAC_CTRL_PL2 5 -#define CHCR_SCMD_HMAC_CTRL_PL3 6 -#define CHCR_SCMD_HMAC_CTRL_DIV2 7 +#define SCMD_AUTH_MODE_NOP 0 +#define SCMD_AUTH_MODE_SHA1 1 +#define SCMD_AUTH_MODE_SHA224 2 +#define SCMD_AUTH_MODE_SHA256 3 +#define SCMD_AUTH_MODE_GHASH 4 +#define SCMD_AUTH_MODE_SHA512_224 5 +#define SCMD_AUTH_MODE_SHA512_256 6 +#define SCMD_AUTH_MODE_SHA512_384 7 +#define SCMD_AUTH_MODE_SHA512_512 8 +#define SCMD_AUTH_MODE_CBCMAC 9 +#define SCMD_AUTH_MODE_CMAC 10 + +#define SCMD_HMAC_CTRL_NOP 0 +#define SCMD_HMAC_CTRL_NO_TRUNC 1 +#define SCMD_HMAC_CTRL_TRUNC_RFC4366 2 +#define SCMD_HMAC_CTRL_IPSEC_96BIT 3 +#define SCMD_HMAC_CTRL_PL1 4 +#define SCMD_HMAC_CTRL_PL2 5 +#define SCMD_HMAC_CTRL_PL3 6 +#define SCMD_HMAC_CTRL_DIV2 7 /* This are not really mac key size. They are intermediate values * of sha engine and its size Modified: head/sys/dev/cxgbe/tom/t4_tls.c ============================================================================== --- head/sys/dev/cxgbe/tom/t4_tls.c Fri Nov 16 19:04:12 2018 (r340485) +++ head/sys/dev/cxgbe/tom/t4_tls.c Fri Nov 16 19:08:52 2018 (r340486) @@ -45,6 +45,7 @@ __FBSDID("$FreeBSD$"); #ifdef TCP_OFFLOAD #include "common/common.h" #include "common/t4_tcb.h" +#include "crypto/t4_crypto.h" #include "tom/t4_tom_l2t.h" #include "tom/t4_tom.h" Modified: head/sys/dev/cxgbe/tom/t4_tls.h ============================================================================== --- head/sys/dev/cxgbe/tom/t4_tls.h Fri Nov 16 19:04:12 2018 (r340485) +++ head/sys/dev/cxgbe/tom/t4_tls.h Fri Nov 16 19:08:52 2018 (r340486) @@ -249,16 +249,6 @@ enum { CH_MK_SIZE_NOP, }; -#define SCMD_ENCDECCTRL_ENCRYPT 0 -#define SCMD_ENCDECCTRL_DECRYPT 1 - -#define SCMD_CIPH_MODE_NOP 0 -#define SCMD_CIPH_MODE_AES_CBC 1 -#define SCMD_CIPH_MODE_AES_GCM 2 -#define SCMD_CIPH_MODE_AES_CTR 3 -#define SCMD_CIPH_MODE_AES_GEN 4 -#define SCMD_CIPH_MODE_AES_CCM 7 - struct tls_scmd { __be32 seqno_numivs; __be32 ivgen_hdrlen;