From nobody Thu Oct 21 22:04:24 2021 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 78BD218016BB; Thu, 21 Oct 2021 22:04:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Hb1jR2FPxz3tfw; Thu, 21 Oct 2021 22:04:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EC5912303F; Thu, 21 Oct 2021 22:04:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 19LM4OEQ079704; Thu, 21 Oct 2021 22:04:24 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 19LM4Ohx079703; Thu, 21 Oct 2021 22:04:24 GMT (envelope-from git) Date: Thu, 21 Oct 2021 22:04:24 GMT Message-Id: <202110212204.19LM4Ohx079703@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: John Baldwin Subject: git: cfa1d2c9b987 - stable/13 - safexcel: Support multiple nonce lengths for AES-CCM. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: cfa1d2c9b9876bc97322cd4e68bf10fbd0b0b6d4 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=cfa1d2c9b9876bc97322cd4e68bf10fbd0b0b6d4 commit cfa1d2c9b9876bc97322cd4e68bf10fbd0b0b6d4 Author: John Baldwin AuthorDate: 2021-10-06 21:08:48 +0000 Commit: John Baldwin CommitDate: 2021-10-21 21:17:14 +0000 safexcel: Support multiple nonce lengths for AES-CCM. Reviewed by: markj Sponsored by: Chelsio Communications, The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D32118 (cherry picked from commit 2ec2e4df094ba632e5e74268a8818f71903a4537) --- sys/dev/safexcel/safexcel.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/sys/dev/safexcel/safexcel.c b/sys/dev/safexcel/safexcel.c index 71300dcb0393..9a9b0ab0cb74 100644 --- a/sys/dev/safexcel/safexcel.c +++ b/sys/dev/safexcel/safexcel.c @@ -2,6 +2,10 @@ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2020, 2021 Rubicon Communications, LLC (Netgate) + * Copyright (c) 2021 The FreeBSD Foundation + * + * Portions of this software were developed by Ararat River + * Consulting, LLC under sponsorship of the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -1689,12 +1693,14 @@ static void safexcel_instr_ccm(struct safexcel_request *req, struct safexcel_instr *instr, struct safexcel_cmd_descr *cdesc) { + const struct crypto_session_params *csp; struct cryptop *crp; struct safexcel_instr *start; uint8_t *a0, *b0, *alenp, L; int aalign, blen; crp = req->crp; + csp = crypto_get_params(crp->crp_session); start = instr; /* @@ -1703,17 +1709,17 @@ safexcel_instr_ccm(struct safexcel_request *req, struct safexcel_instr *instr, * descriptor, and B0 is inserted directly into the data stream using * instructions below. * - * OCF seems to assume a 12-byte IV, fixing L (the payload length size) - * at 3 bytes due to the layout of B0. This is fine since the driver - * has a maximum of 65535 bytes anyway. + * An explicit check for overflow of the length field is not + * needed since the maximum driver size of 65535 bytes fits in + * the smallest length field used for a 13-byte nonce. */ blen = AES_BLOCK_LEN; - L = 3; + L = 15 - csp->csp_ivlen; a0 = (uint8_t *)&cdesc->control_data.token[0]; memset(a0, 0, blen); a0[0] = L - 1; - memcpy(&a0[1], req->iv, AES_CCM_IV_LEN); + memcpy(&a0[1], req->iv, csp->csp_ivlen); /* * Insert B0 and the AAD length into the input stream. @@ -1731,7 +1737,7 @@ safexcel_instr_ccm(struct safexcel_request *req, struct safexcel_instr *instr, (L - 1) | /* payload length size */ ((CCM_CBC_MAX_DIGEST_LEN - 2) / 2) << 3 /* digest length */ | (crp->crp_aad_length > 0 ? 1 : 0) << 6 /* AAD present bit */; - memcpy(&b0[1], req->iv, AES_CCM_IV_LEN); + memcpy(&b0[1], req->iv, csp->csp_ivlen); b0[14] = crp->crp_payload_length >> 8; b0[15] = crp->crp_payload_length & 0xff; instr += blen / sizeof(*instr); @@ -2308,7 +2314,8 @@ safexcel_probesession(device_t dev, const struct crypto_session_params *csp) return (EINVAL); break; case CRYPTO_AES_CCM_16: - if (csp->csp_ivlen != AES_CCM_IV_LEN) + if (csp->csp_auth_mlen != 0 && + csp->csp_auth_mlen != AES_CBC_MAC_HASH_LEN) return (EINVAL); break; default: