Date: Fri, 29 May 2020 10:34:18 +0200 From: Mateusz Guzik <mjguzik@gmail.com> To: John Baldwin <jhb@freebsd.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r361481 - in head: share/man/man9 sys/crypto/ccp sys/dev/cxgbe/crypto sys/dev/hifn sys/dev/safe sys/geom/eli sys/kern sys/kgssapi/krb5 sys/netipsec sys/opencrypto sys/sys Message-ID: <CAGudoHHrrmkSKNxNhs%2B-ggwGzXugFSC_aCwB=T0E8Hs3CmvZTw@mail.gmail.com> In-Reply-To: <202005252212.04PMC4qo002298@repo.freebsd.org> References: <202005252212.04PMC4qo002298@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This gives me tinderbox failures with mips:
_.mips.XLP64
/usr/src/sys/mips/nlm/dev/sec/nlmseclib.c:113:10: error: enumeration
value 'CRYPTO_BUF_NONE' not handled in switch [-Werror,-Wswitch]
switch (crp->crp_buf.cb_type) {
_.mips.OCTEON1
_.mips.ERL
/usr/src/sys/mips/cavium/cryptocteon/cryptocteon.c:298:10: error:
enumeration values 'CRYPTO_BUF_NONE' and 'CRYPTO_BUF_CONTIG' not
handled in switch [-Werror,-Wswitch]
switch (crp->crp_buf.cb_type) {
On 5/26/20, John Baldwin <jhb@freebsd.org> wrote:
> Author: jhb
> Date: Mon May 25 22:12:04 2020
> New Revision: 361481
> URL: https://svnweb.freebsd.org/changeset/base/361481
>
> Log:
> Add support for optional separate output buffers to in-kernel crypto.
>
> Some crypto consumers such as GELI and KTLS for file-backed sendfile
> need to store their output in a separate buffer from the input.
> Currently these consumers copy the contents of the input buffer into
> the output buffer and queue an in-place crypto operation on the output
> buffer. Using a separate output buffer avoids this copy.
>
> - Create a new 'struct crypto_buffer' describing a crypto buffer
> containing a type and type-specific fields. crp_ilen is gone,
> instead buffers that use a flat kernel buffer have a cb_buf_len
> field for their length. The length of other buffer types is
> inferred from the backing store (e.g. uio_resid for a uio).
> Requests now have two such structures: crp_buf for the input buffer,
> and crp_obuf for the output buffer.
>
> - Consumers now use helper functions (crypto_use_*,
> e.g. crypto_use_mbuf()) to configure the input buffer. If an output
> buffer is not configured, the request still modifies the input
> buffer in-place. A consumer uses a second set of helper functions
> (crypto_use_output_*) to configure an output buffer.
>
> - Consumers must request support for separate output buffers when
> creating a crypto session via the CSP_F_SEPARATE_OUTPUT flag and are
> only permitted to queue a request with a separate output buffer on
> sessions with this flag set. Existing drivers already reject
> sessions with unknown flags, so this permits drivers to be modified
> to support this extension without requiring all drivers to change.
>
> - Several data-related functions now have matching versions that
> operate on an explicit buffer (e.g. crypto_apply_buf,
> crypto_contiguous_subsegment_buf, bus_dma_load_crp_buf).
>
> - Most of the existing data-related functions operate on the input
> buffer. However crypto_copyback always writes to the output buffer
> if a request uses a separate output buffer.
>
> - For the regions in input/output buffers, the following conventions
> are followed:
> - AAD and IV are always present in input only and their
> fields are offsets into the input buffer.
> - payload is always present in both buffers. If a request uses a
> separate output buffer, it must set a new crp_payload_start_output
> field to the offset of the payload in the output buffer.
> - digest is in the input buffer for verify operations, and in the
> output buffer for compute operations. crp_digest_start is relative
> to the appropriate buffer.
>
> - Add a crypto buffer cursor abstraction. This is a more general form
> of some bits in the cryptosoft driver that tried to always use uio's.
> However, compared to the original code, this avoids rewalking the uio
> iovec array for requests with multiple vectors. It also avoids
> allocate an iovec array for mbufs and populating it by instead walking
> the mbuf chain directly.
>
> - Update the cryptosoft(4) driver to support separate output buffers
> making use of the cursor abstraction.
>
> Sponsored by: Netflix
> Differential Revision: https://reviews.freebsd.org/D24545
>
> Added:
> head/share/man/man9/crypto_buffer.9 (contents, props changed)
> Modified:
> head/share/man/man9/Makefile
> head/share/man/man9/bus_dma.9
> head/share/man/man9/crypto_driver.9
> head/share/man/man9/crypto_request.9
> head/share/man/man9/crypto_session.9
> head/sys/crypto/ccp/ccp.c
> head/sys/dev/cxgbe/crypto/t4_crypto.c
> head/sys/dev/hifn/hifn7751.c
> head/sys/dev/safe/safe.c
> head/sys/geom/eli/g_eli_crypto.c
> head/sys/geom/eli/g_eli_integrity.c
> head/sys/geom/eli/g_eli_privacy.c
> head/sys/kern/subr_bus_dma.c
> head/sys/kgssapi/krb5/kcrypto_aes.c
> head/sys/netipsec/xform_ah.c
> head/sys/netipsec/xform_esp.c
> head/sys/netipsec/xform_ipcomp.c
> head/sys/opencrypto/criov.c
> head/sys/opencrypto/crypto.c
> head/sys/opencrypto/cryptodev.c
> head/sys/opencrypto/cryptodev.h
> head/sys/opencrypto/cryptosoft.c
> head/sys/opencrypto/ktls_ocf.c
> head/sys/sys/bus_dma.h
>
> Modified: head/share/man/man9/Makefile
> ==============================================================================
> --- head/share/man/man9/Makefile Mon May 25 21:14:23 2020 (r361480)
> +++ head/share/man/man9/Makefile Mon May 25 22:12:04 2020 (r361481)
> @@ -72,6 +72,7 @@ MAN= accept_filter.9 \
> cr_seeotheruids.9 \
> crypto.9 \
> crypto_asym.9 \
> + crypto_buffer.9 \
> crypto_driver.9 \
> crypto_request.9 \
> crypto_session.9 \
> @@ -648,6 +649,8 @@ MLINKS+=bus_dma.9 busdma.9 \
> bus_dma.9 bus_dmamap_load.9 \
> bus_dma.9 bus_dmamap_load_bio.9 \
> bus_dma.9 bus_dmamap_load_ccb.9 \
> + bus_dma.9 bus_dmamap_load_crp.9 \
> + bus_dma.9 bus_dmamap_load_crp_buffer.9 \
> bus_dma.9 bus_dmamap_load_mbuf.9 \
> bus_dma.9 bus_dmamap_load_mbuf_sg.9 \
> bus_dma.9 bus_dmamap_load_uio.9 \
> @@ -897,9 +900,20 @@ MLINKS+=crypto_asym.9 crypto_kdispatch.9 \
> crypto_asym.9 crypto_kdone.9 \
> crypto_asym.9 crypto_kregister.9 \
> crypto_asym.9 CRYPTODEV_KPROCESS.9
> -MLINKS+=crypto_driver.9 crypto_apply.9 \
> - crypto_driver.9 crypto_contiguous_segment.9 \
> - crypto_driver.9 crypto_copyback.9 \
> +MLINKS+=crypto_buffer.9 crypto_apply.9 \
> + crypto_buffer.9 crypto_apply_buf.9 \
> + crypto_buffer.9 crypto_buffer_contiguous_segment.9 \
> + crypto_buffer.9 crypto_buffer_len.9 \
> + crypto_buffer.9 crypto_contiguous_segment.9 \
> + crypto_buffer.9 crypto_cursor_init.9 \
> + crypto_buffer.9 crypto_cursor_advance.9 \
> + crypto_buffer.9 crypto_cursor_copyback.9 \
> + crypto_buffer.9 crypto_cursor_copydata.9 \
> + crypto_buffer.9 crypto_cursor_copydata_noadv.9 \
> + crypto_buffer.9 crypto_cursor_segbase.9 \
> + crypto_buffer.9 crypto_cursor_seglen.9 \
> + crypto_buffer.9 CRYPTO_HAS_OUTPUT_BUFFER.9
> +MLINKS+=crypto_driver.9 crypto_copyback.9 \
> crypto_driver.9 crypto_copydata.9 \
> crypto_driver.9 crypto_done.9 \
> crypto_driver.9 crypto_get_driverid.9 \
> @@ -915,7 +929,13 @@ MLINKS+=crypto_driver.9 crypto_apply.9 \
> crypto_driver.9 hmac_init_opad.9
> MLINKS+=crypto_request.9 crypto_dispatch.9 \
> crypto_request.9 crypto_freereq.9 \
> - crypto_request.9 crypto_getreq.9
> + crypto_request.9 crypto_getreq.9 \
> + crypto_request.9 crypto_use_buf.9 \
> + crypto_request.9 crypto_use_mbuf.9 \
> + crypto_request.9 crypto_use_output_buf.9 \
> + crypto_request.9 crypto_use_output_mbuf.9 \
> + crypto_request.9 crypto_use_output_uio.9 \
> + crypto_request.9 crypto_use_uio.9 \
> MLINKS+=crypto_session.9 crypto_auth_hash.9 \
> crypto_session.9 crypto_cipher.9 \
> crypto_session.9 crypto_get_params.9 \
>
> Modified: head/share/man/man9/bus_dma.9
> ==============================================================================
> --- head/share/man/man9/bus_dma.9 Mon May 25 21:14:23 2020 (r361480)
> +++ head/share/man/man9/bus_dma.9 Mon May 25 22:12:04 2020 (r361481)
> @@ -53,7 +53,7 @@
> .\" $FreeBSD$
> .\" $NetBSD: bus_dma.9,v 1.25 2002/10/14 13:43:16 wiz Exp $
> .\"
> -.Dd April 14, 2020
> +.Dd May 25, 2020
> .Dt BUS_DMA 9
> .Os
> .Sh NAME
> @@ -69,6 +69,7 @@
> .Nm bus_dmamap_load_bio ,
> .Nm bus_dmamap_load_ccb ,
> .Nm bus_dmamap_load_crp ,
> +.Nm bus_dmamap_load_crp_buffer ,
> .Nm bus_dmamap_load_mbuf ,
> .Nm bus_dmamap_load_mbuf_sg ,
> .Nm bus_dmamap_load_uio ,
> @@ -123,6 +124,10 @@
> "struct crypto *crp" "bus_dmamap_callback_t *callback" "void *callback_arg"
> \
> "int flags"
> .Ft int
> +.Fn bus_dmamap_load_crp_buffer "bus_dma_tag_t dmat" "bus_dmamap_t map" \
> +"struct crypto_buffer *cb" "bus_dmamap_callback_t *callback" \
> +"void *callback_arg" "int flags"
> +.Ft int
> .Fn bus_dmamap_load_mbuf "bus_dma_tag_t dmat" "bus_dmamap_t map" \
> "struct mbuf *mbuf" "bus_dmamap_callback2_t *callback" "void *callback_arg"
> \
> "int flags"
> @@ -394,8 +399,9 @@ via
> .Fn bus_dmamap_load ,
> .Fn bus_dmamap_load_bio ,
> .Fn bus_dmamap_load_ccb ,
> +.Fn bus_dmamap_load_crp ,
> or
> -.Fn bus_dmamap_load_crp .
> +.Fn bus_dmamap_load_crp_buffer .
> Callbacks are of the format:
> .Bl -tag -width indent
> .It Ft void
> @@ -885,8 +891,18 @@ XPT_SCSI_IO
> .It Fn bus_dmamap_load_crp "dmat" "map" "crp" "callback" "callback_arg"
> "flags"
> This is a variation of
> .Fn bus_dmamap_load
> -which maps buffers pointed to by
> +which maps the input buffer pointed to by
> .Fa crp
> +for DMA transfers.
> +The
> +.Dv BUS_DMA_NOWAIT
> +flag is implied, thus no callback deferral will happen.
> +.It Fn bus_dmamap_load_crp_buffer "dmat" "map" "cb" "callback"
> "callback_arg" \
> +"flags"
> +This is a variation of
> +.Fn bus_dmamap_load
> +which maps the crypto data buffer pointed to by
> +.Fa cb
> for DMA transfers.
> The
> .Dv BUS_DMA_NOWAIT
>
> Added: head/share/man/man9/crypto_buffer.9
> ==============================================================================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/share/man/man9/crypto_buffer.9 Mon May 25 22:12:04 2020 (r361481)
> @@ -0,0 +1,307 @@
> +.\" Copyright (c) 2020, Chelsio Inc
> +.\"
> +.\" Redistribution and use in source and binary forms, with or without
> +.\" modification, are permitted provided that the following conditions are
> met:
> +.\"
> +.\" 1. Redistributions of source code must retain the above copyright
> notice,
> +.\" this list of conditions and the following disclaimer.
> +.\"
> +.\" 2. Redistributions in binary form must reproduce the above copyright
> +.\" notice, this list of conditions and the following disclaimer in the
> +.\" documentation and/or other materials provided with the
> distribution.
> +.\"
> +.\" 3. Neither the name of the Chelsio Inc nor the names of its
> +.\" contributors may be used to endorse or promote products derived
> from
> +.\" this software without specific prior written permission.
> +.\"
> +.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
> IS"
> +.\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
> THE
> +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
> PURPOSE
> +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
> BE
> +.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
> +.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
> +.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
> BUSINESS
> +.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
> IN
> +.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
> OTHERWISE)
> +.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
> THE
> +.\" POSSIBILITY OF SUCH DAMAGE.
> +.\"
> +.\" * Other names and brands may be claimed as the property of others.
> +.\"
> +.\" $FreeBSD$
> +.\"
> +.Dd May 25, 2020
> +.Dt CRYPTO_BUFFER 9
> +.Os
> +.Sh NAME
> +.Nm crypto_buffer
> +.Nd symmetric cryptographic request buffers
> +.Sh SYNOPSIS
> +.In opencrypto/cryptodev.h
> +.Ft int
> +.Fo crypto_apply
> +.Fa "struct cryptop *crp"
> +.Fa "int off"
> +.Fa "int len"
> +.Fa "int (*f)(void *, void *, u_int)"
> +.Fa "void *arg"
> +.Fc
> +.Ft int
> +.Fo crypto_apply_buf
> +.Fa "struct crypto_buffer *cb"
> +.Fa "int off"
> +.Fa "int len"
> +.Fa "int (*f)(void *, void *, u_int)"
> +.Fa "void *arg"
> +.Fc
> +.Ft void *
> +.Fo crypto_buffer_contiguous_subsegment
> +.Fa "struct crypto_buffer *cb"
> +.Fa "size_t skip"
> +.Fa "size_t len"
> +.Fc
> +.Ft size_t
> +.Fn crypto_buffer_len "struct crypto_buffer *cb"
> +.Ft void *
> +.Fo crypto_contiguous_subsegment
> +.Fa "struct cryptop *crp"
> +.Fa "size_t skip"
> +.Fa "size_t len"
> +.Fc
> +.Ft void
> +.Fo crypto_cursor_init
> +.Fa "struct crypto_buffer_cursor *cc"
> +.Fa "const struct crypto_buffer *cb"
> +.Fc
> +.Ft void
> +.Fn crypto_cursor_advance "struct crypto_buffer_cursor *cc" "size_t
> amount"
> +.Ft void
> +.Fo crypto_cursor_copyback
> +.Fa "struct crypto_buffer_cursor *cc"
> +.Fa "int size"
> +.Fa "const void *src"
> +.Fc
> +.Ft void
> +.Fo crypto_cursor_copydata
> +.Fa "struct crypto_buffer_cursor *cc"
> +.Fa "int size"
> +.Fa "void *dst"
> +.Fc
> +.Ft void
> +.Fo crypto_cursor_copydata_noadv
> +.Fa "struct crypto_buffer_cursor *cc"
> +.Fa "int size"
> +.Fa "void *dst"
> +.Fc
> +.Ft void *
> +.Fn crypto_cursor_segbase "struct crypto_buffer_cursor *cc"
> +.Ft size_t
> +.Fn crypto_cursor_seglen "struct crypto_buffer_cursor *cc"
> +.Ft bool
> +.Fn CRYPTO_HAS_OUTPUT_BUFFER "struct cryptop *crp"
> +.Sh DESCRIPTION
> +Symmetric cryptographic requests use data buffers to describe the data to
> +be modified.
> +Requests can either specify a single data buffer whose contents are
> modified
> +in place,
> +or requests may specify separate data buffers for input and output.
> +.Vt struct crypto_buffer
> +provides an abstraction that permits cryptographic requests to operate on
> +different types of buffers.
> +.Vt struct crypto_cursor
> +allows cryptographic drivers to iterate over a data buffer.
> +.Pp
> +.Fn CRYPTO_HAS_OUTPUT_BUFFER
> +returns true if
> +.Fa crp
> +uses separate buffers for input and output and false if
> +.Fa crp
> +uses a single buffer.
> +.Pp
> +.Fn crypto_buffer_len
> +returns the length of data buffer
> +.Fa cb
> +in bytes.
> +.Pp
> +.Fn crypto_apply_buf
> +invokes a caller-supplied function
> +to a region of the data buffer
> +.Fa cb .
> +The function
> +.Fa f
> +is called one or more times.
> +For each invocation,
> +the first argument to
> +.Fa f
> +is the value of
> +.Fa arg
> +passed to
> +.Fn crypto_apply_buf .
> +The second and third arguments to
> +.Fa f
> +are a pointer and length to a segment of the buffer mapped into the
> kernel.
> +The function is called enough times to cover the
> +.Fa len
> +bytes of the data buffer which starts at an offset
> +.Fa off .
> +If any invocation of
> +.Fa f
> +returns a non-zero value,
> +.Fn crypto_apply_buf
> +immediately returns that value without invoking
> +.Fa f
> +on any remaining segments of the region,
> +otherwise
> +.Fn crypto_apply_buf
> +returns the value from the final call to
> +.Fa f .
> +.Fn crypto_apply
> +invokes the callback
> +.Fa f
> +on a region of the input data buffer for
> +.Fa crp .
> +.Pp
> +.Fn crypto_buffer_contiguous_subsegment
> +attempts to locate a single, virtually-contiguous segment of the data
> buffer
> +.Fa cb .
> +The segment must be
> +.Fa len
> +bytes long and start at an offset of
> +.Fa skip
> +bytes.
> +If a segment is found,
> +a pointer to the start of the segment is returned.
> +Otherwise,
> +.Dv NULL
> +is returned.
> +.Fn crypto_contiguous_subsegment
> +attempts to locate a single, virtually-contiguous segment in the input
> data
> +buffer for
> +.Fa crp .
> +.Ss Data Buffers
> +Data buffers are described by an instance of
> +.Vt struct crypto buffer .
> +The
> +.Fa cb_type
> +member contains the type of the data buffer.
> +The following types are supported:
> +.Bl -tag -width " CRYPTO_BUF_CONTIG"
> +.It Dv CRYPTO_BUF_NONE
> +An invalid buffer.
> +Used to mark the output buffer when a crypto request uses a single data
> buffer.
> +.It Dv CRYPTO_BUF_CONTIG
> +An array of bytes mapped into the kernel's address space.
> +.It Dv CRYPTO_BUF_UIO
> +A scatter/gather list of kernel buffers as described in
> +.Xr uio 9 .
> +.It Dv CRYPTO_BUF_MBUF
> +A network memory buffer as described in
> +.Xr mbuf 9 .
> +.El
> +.Pp
> +The structure also contains the following type-specific fields:
> +.Bl -tag -width " cb_buf_len"
> +.It Fa cb_buf
> +A pointer to the start of a
> +.Dv CRYPTO_BUF_CONTIG
> +data buffer.
> +.It Fa cb_buf_len
> +The length of a
> +.Dv CRYPTO_BUF_CONTIG
> +data buffer
> +.It Fa cb_mbuf
> +A pointer to a
> +.Vt struct mbuf
> +for
> +.Dv CRYPTO_BUF_MBUF .
> +.It Fa cb_uio
> +A pointer to a
> +.Vt struct uio
> +for
> +.Dv CRYPTO_BUF_UIO .
> +.El
> +.Ss Cursors
> +Cursors provide a mechanism for iterating over a data buffer.
> +They are primarily intended for use in software drivers which access data
> +buffers via virtual addresses.
> +.Pp
> +.Fn crypto_cursor_init
> +initializes the cursor
> +.Fa cc
> +to reference the start of the data buffer
> +.Fa cb .
> +.Pp
> +.Fn crypto_cursor_advance
> +advances the cursor
> +.Fa amount
> +bytes forward in the data buffer.
> +.Pp
> +.Fn crypto_cursor_copyback
> +copies
> +.Fa size
> +bytes from the local buffer pointed to by
> +.Fa src
> +into the data buffer associated with
> +.Fa cc .
> +The bytes are written to the current position of
> +.Fa cc ,
> +and the cursor is then advanced by
> +.Fa size
> +bytes.
> +.Pp
> +.Fn crypto_cursor_copydata
> +copies
> +.Fa size
> +bytes out of the data buffer associated with
> +.Fa cc
> +into a local buffer pointed to by
> +.Fa dst .
> +The bytes are read from the current position of
> +.Fa cc ,
> +and the cursor is then advanced by
> +.Fa size
> +bytes.
> +.Pp
> +.Fn crypto_cursor_copydata_noadv
> +is similar to
> +.Fn crypto_cursor_copydata
> +except that it does not change the current position of
> +.Fa cc .
> +.Pp
> +.Fn crypto_cursor_segbase
> +and
> +.Fn crypto_cursor_seglen
> +return the start and length, respectively,
> +of the virtually-contiguous segment at the current position of
> +.Fa cc .
> +.Sh RETURN VALUES
> +.Fn crypto_apply
> +and
> +.Fn crypto_apply_buf
> +return the return value from the caller-supplied callback function.
> +.Pp
> +.Fn crypto_buffer_contiguous_subsegment ,
> +.Fn crypto_contiguous_subsegment ,
> +and
> +.Fn crypto_cursor_segbase ,
> +return a pointer to a contiguous segment or
> +.Dv NULL .
> +.Pp
> +.Fn crypto_buffer_len
> +returns the length of a buffer in bytes.
> +.Pp
> +.Fn crypto_cursor_seglen
> +returns the length in bytes of a contiguous segment.
> +.Pp
> +.Fn CRYPTO_HAS_OUTPUT_BUFFER
> +returns true if the request uses a separate output buffer.
> +.Sh SEE ALSO
> +.Xr ipsec 4 ,
> +.Xr bus_dma 9 ,
> +.Xr crypto 7 ,
> +.Xr crypto 9 ,
> +.Xr crypto_request 9 ,
> +.Xr crypto_driver 9 ,
> +.Xr crypto_session 9 ,
> +.Xr mbuf 9
> +.Xr uio 9
>
> Modified: head/share/man/man9/crypto_driver.9
> ==============================================================================
> --- head/share/man/man9/crypto_driver.9 Mon May 25 21:14:23 2020 (r361480)
> +++ head/share/man/man9/crypto_driver.9 Mon May 25 22:12:04 2020 (r361481)
> @@ -30,7 +30,7 @@
> .\"
> .\" $FreeBSD$
> .\"
> -.Dd April 20, 2020
> +.Dd May 25, 2020
> .Dt CRYPTO_DRIVER 9
> .Os
> .Sh NAME
> @@ -38,20 +38,6 @@
> .Nd interface for symmetric cryptographic drivers
> .Sh SYNOPSIS
> .In opencrypto/cryptodev.h
> -.Ft int
> -.Fo crypto_apply
> -.Fa "struct cryptop *crp"
> -.Fa "int off"
> -.Fa "int len"
> -.Fa "int (*f)(void *, void *, u_int)"
> -.Fa "void *arg"
> -.Fc
> -.Ft void *
> -.Fo crypto_contiguous_subsegment
> -.Fa "struct cryptop *crp"
> -.Fa "size_t skip"
> -.Fa "size_t len"
> -.Fc
> .Ft void
> .Fn crypto_copyback "struct cryptop *crp" "int off" "int size" "const void
> *src"
> .Ft void
> @@ -244,29 +230,29 @@ callbacks.
> .Fn crypto_copydata
> copies
> .Fa size
> -bytes out of the data buffer for
> +bytes out of the input buffer for
> .Fa crp
> into a local buffer pointed to by
> .Fa dst .
> The bytes are read starting at an offset of
> .Fa off
> -bytes in the request's data buffer.
> +bytes in the request's input buffer.
> .Pp
> .Fn crypto_copyback
> copies
> .Fa size
> bytes from the local buffer pointed to by
> .Fa src
> -into the data buffer for
> +into the output buffer for
> .Fa crp .
> The bytes are written starting at an offset of
> .Fa off
> -bytes in the request's data buffer.
> +bytes in the request's output buffer.
> .Pp
> .Fn crypto_read_iv
> copies the IV or nonce for
> .Fa crp
> -into the the local buffer pointed to by
> +into the local buffer pointed to by
> .Fa iv .
> .Pp
> A driver calls
> @@ -306,53 +292,7 @@ indicates that the driver is able to handle asymmetric
> .Fn CRYPTODEV_KPROCESS .
> .El
> .Pp
> -.Fn crypto_apply
> -is a helper routine that can be used to invoke a caller-supplied function
> -to a region of the data buffer for
> -.Fa crp .
> -The function
> -.Fa f
> -is called one or more times.
> -For each invocation,
> -the first argument to
> -.Fa f
> -is the value of
> -.Fa arg passed to
> -.Fn crypto_apply .
> -The second and third arguments to
> -.Fa f
> -are a pointer and length to a segment of the buffer mapped into the
> kernel.
> -The function is called enough times to cover the
> -.Fa len
> -bytes of the data buffer which starts at an offset
> -.Fa off .
> -If any invocation of
> -.Fa f
> -returns a non-zero value,
> -.Fn crypto_apply
> -immediately returns that value without invoking
> -.Fa f
> -on any remaining segments of the region,
> -otherwise
> -.Fn crypto_apply
> -returns the value from the final call to
> -.Fa f .
> .Pp
> -.Fn crypto_contiguous_subsegment
> -attempts to locate a single, virtually-contiguous segment of the data
> buffer
> -for
> -.Fa crp .
> -The segment must be
> -.Fa len
> -bytes long and start at an offset of
> -.Fa skip
> -bytes.
> -If a segment is found,
> -a pointer to the start of the segment is returned.
> -Otherwise,
> -.Dv NULL
> -is returned.
> -.Pp
> .Fn hmac_init_ipad
> prepares an authentication context to generate the inner hash of an HMAC.
> .Fa axf
> @@ -396,5 +336,6 @@ returns a negative value on success or an error on fai
> .Sh SEE ALSO
> .Xr crypto 7 ,
> .Xr crypto 9 ,
> +.Xr crypto_buffer 9 ,
> .Xr crypto_request 9 ,
> .Xr crypto_session 9
>
> Modified: head/share/man/man9/crypto_request.9
> ==============================================================================
> --- head/share/man/man9/crypto_request.9 Mon May 25 21:14:23 2020 (r361480)
> +++ head/share/man/man9/crypto_request.9 Mon May 25 22:12:04 2020 (r361481)
> @@ -30,7 +30,7 @@
> .\"
> .\" $FreeBSD$
> .\"
> -.Dd April 20, 2020
> +.Dd May 25, 2020
> .Dt CRYPTO_REQUEST 9
> .Os
> .Sh NAME
> @@ -44,6 +44,18 @@
> .Fn crypto_freereq "struct cryptop *crp"
> .Ft "struct cryptop *"
> .Fn crypto_getreq "crypto_session_t cses" "int how"
> +.Ft void
> +.Fn crypto_use_buf "struct cryptop *crp" "void *buf" "int len"
> +.Ft void
> +.Fn crypto_use_mbuf "struct cryptop *crp" "struct mbuf *m"
> +.Ft void
> +.Fn crypto_use_uio "struct cryptop *crp" "struct uio *uio"
> +.Ft void
> +.Fn crypto_use_output_buf "struct cryptop *crp" "void *buf" "int len"
> +.Ft void
> +.Fn crypto_use_output_mbuf "struct cryptop *crp" "struct mbuf *m"
> +.Ft void
> +.Fn crypto_use_output_uio "struct cryptop *crp" "struct uio *uio"
> .Sh DESCRIPTION
> Each symmetric cryptographic operation in the kernel is described by
> an instance of
> @@ -84,57 +96,65 @@ it should be feed via
> .Fn crypto_freereq .
> .Pp
> Cryptographic operations include several fields to describe the request.
> -.Ss Buffer Types
> -Requests are associated with a single data buffer that is modified in
> place.
> -The type of the data buffer and the buffer itself are described by the
> -following fields:
> -.Bl -tag -width crp_buf_type
> -.It Fa crp_buf_type
> -The type of the data buffer.
> -The following types are supported:
> -.Bl -tag -width CRYPTO_BUF_CONTIG
> -.It Dv CRYPTO_BUF_CONTIG
> -An array of bytes mapped into the kernel's address space.
> -.It Dv CRYPTO_BUF_UIO
> -A scatter/gather list of kernel buffers as described in
> -.Xr uio 9 .
> -.It Dv CRYPTO_BUF_MBUF
> -A network memory buffer as described in
> -.Xr mbuf 9 .
> +.Ss Request Buffers
> +Requests can either specify a single data buffer that is modified in place
> +.Po
> +.Fa crp_buf
> +.Pc
> +or separate input
> +.Po
> +.Fa crp_buf
> +.Pc
> +and output
> +.Po
> +.Fa crp_obuf
> +.Pc
> +buffers.
> +Note that separate input and output buffers are not supported for
> compression
> +mode requests.
> +.Pp
> +All requests must have a valid
> +.Fa crp_buf
> +initialized by one of the following functions:
> +.Bl -tag -width "Fn crypto_use_mbuf"
> +.It Fn crypto_use_buf
> +Uses an array of
> +.Fa len
> +bytes pointed to by
> +.Fa buf
> +as the data buffer.
> +.It Fn crypto_use_mbuf
> +Uses the network memory buffer
> +.Fa m
> +as the data buffer.
> +.It Fn crypto_use_uio
> +Uses the scatter/gather list
> +.Fa uio
> +as the data buffer.
> .El
> -.It Fa crp_buf
> -A pointer to the start of a
> -.Dv CRYPTO_BUF_CONTIG
> -data buffer.
> -.It Fa crp_ilen
> -The length of a
> -.Dv CRYPTO_BUF_CONTIG
> -data buffer
> -.It Fa crp_mbuf
> -A pointer to a
> -.Vt struct mbuf
> -for
> -.Dv CRYPTO_BUF_MBUF .
> -.It Fa crp_uio
> -A pointer to a
> -.Vt struct uio
> -for
> -.Dv CRYPTO_BUF_UIO .
> -.It Fa crp_olen
> -Used with compression and decompression requests to describe the updated
> -length of the payload region in the data buffer.
> .Pp
> -If a compression request increases the size of the payload,
> -then the data buffer is unmodified, the request completes successfully,
> -and
> -.Fa crp_olen
> -is set to the size the compressed data would have used.
> -Callers can compare this to the payload region length to determine if
> -the compressed data was discarded.
> +One of the following functions should be used to initialize
> +.Fa crp_obuf
> +for requests that use separate input and output buffers:
> +.Bl -tag -width "Fn crypto_use_output_mbuf"
> +.It Fn crypto_use_output_buf
> +Uses an array of
> +.Fa len
> +bytes pointed to by
> +.Fa buf
> +as the output buffer.
> +.It Fn crypto_use_output_mbuf
> +Uses the network memory buffer
> +.Fa m
> +as the output buffer.
> +.It Fn crypto_use_output_uio
> +Uses the scatter/gather list
> +.Fa uio
> +as the output buffer.
> .El
> .Ss Request Regions
> -Each request describes one or more regions in the data buffer using.
> -Each region is described by an offset relative to the start of the
> +Each request describes one or more regions in the data buffers.
> +Each region is described by an offset relative to the start of a
> data buffer and a length.
> The length of some regions is the same for all requests belonging to
> a session.
> @@ -142,18 +162,43 @@ Those lengths are set in the session parameters of
> the
> session.
> All requests must define a payload region.
> Other regions are only required for specific session modes.
> +.Pp
> +For requests with separate input and output data buffers,
> +the AAD, IV, and payload regions are always defined as regions in the
> +input buffer,
> +and a separate payload output region is defined to hold the output of
> +encryption or decryption in the output buffer.
> +The digest region describes a region in the input data buffer for
> +requests that verify an existing digest.
> +For requests that compute a digest,
> +the digest region describes a region in the output data buffer.
> +Note that the only data written to the output buffer is the encryption
> +or decryption result and any computed digest.
> +AAD and IV regions are not copied from the input buffer into the output
> +buffer but are only used as inputs.
> +.Pp
> The following regions are defined:
> -.Bl -column "Payload" "crp_payload_start" "crp_payload_length"
> -.It Sy Region Ta Sy Start Ta Sy Length Ta Sy Description
> -.It AAD Ta Fa crp_aad_start Ta Fa crp_aad_length Ta
> +.Bl -column "Payload Output" "Input/Output"
> +.It Sy Region Ta Sy Buffer Ta Sy Description
> +.It AAD Ta Input Ta
> Additional Authenticated Data
> -.It IV Ta Fa crp_iv_start Ta Fa csp_ivlen Ta
> +.It IV Ta Input Ta
> Embedded IV or nonce
> -.It Payload Ta Fa crp_payload_start Ta Fa crp_payload_length Ta
> +.It Payload Ta Input Ta
> Data to encrypt, decrypt, compress, or decompress
> -.It Digest Ta Fa crp_digest_start Ta Fa csp_auth_mlen Ta
> +.It Payload Output Ta Output Ta
> +Encrypted or decrypted data
> +.It Digest Ta Input/Output Ta
> Authentication digest, hash, or tag
> .El
> +.Bl -column "Payload Output" ".Fa crp_payload_output_start"
> +.It Sy Region Ta Sy Start Ta Sy Length
> +.It AAD Ta Fa crp_aad_start Ta Fa crp_aad_length
> +.It IV Ta Fa crp_iv_start Ta Fa csp_ivlen
> +.It Payload Ta Fa crp_payload_start Ta Fa crp_payload_length
> +.It Payload Output Ta Fa crp_payload_output_start Ta Fa crp_payload_length
> +.It Digest Ta Fa crp_digest_start Ta Fa csp_auth_mlen
> +.El
> .Pp
> Requests are permitted to operate on only a subset of the data buffer.
> For example,
> @@ -223,7 +268,7 @@ If the IV is stored in
> should be set in
> .Fa crp_flags
> and
> -.Fa crp_digest_start
> +.Fa crp_iv_start
> should be left as zero.
> .Pp
> Requests that store part, but not all, of the IV in the data buffer should
> @@ -380,6 +425,17 @@ The callback function should inspect
> to determine the status of the completed operation.
> It should also arrange for the request to be freed via
> .Fn crypto_freereq .
> +.It Fa crp_olen
> +Used with compression and decompression requests to describe the updated
> +length of the payload region in the data buffer.
> +.Pp
> +If a compression request increases the size of the payload,
> +then the data buffer is unmodified, the request completes successfully,
> +and
> +.Fa crp_olen
> +is set to the size the compressed data would have used.
> +Callers can compare this to the payload region length to determine if
> +the compressed data was discarded.
> .El
> .Sh RETURN VALUES
> .Fn crypto_dispatch
>
> Modified: head/share/man/man9/crypto_session.9
> ==============================================================================
> --- head/share/man/man9/crypto_session.9 Mon May 25 21:14:23 2020 (r361480)
> +++ head/share/man/man9/crypto_session.9 Mon May 25 22:12:04 2020 (r361481)
> @@ -30,7 +30,7 @@
> .\"
> .\" $FreeBSD$
> .\"
> -.Dd March 27, 2020
> +.Dd May 25, 2020
> .Dt CRYPTO_SESSION 9
> .Os
> .Sh NAME
> @@ -183,8 +183,18 @@ and the authentication algorithm is specified in
> .Fa csp_auth_alg .
> .El
> .It Fa csp_flags
> -Currently, no additional flags are defined and this field should be set to
> -zero.
> +A mask of optional driver features.
> +Drivers will only attach to a session if they support all of the
> +requested features.
> +.Bl -tag -width CSP_F_SEPARATE_OUTPUT
> +.It Dv CSP_F_SEPARATE_OUTPUT
> +Support requests that use separate input and output buffers.
> +Sessions with this flag set permit requests with either a single buffer
> +that is modified in-place, or requests with separate input and output
> +buffers.
> +Sessions without this flag only permit requests with a single buffer that
> +is modified in-place.
> +.El
> .It Fa csp_ivlen
> If either the cipher or authentication algorithms require an explicit
> initialization vector (IV) or nonce,
>
> Modified: head/sys/crypto/ccp/ccp.c
> ==============================================================================
> --- head/sys/crypto/ccp/ccp.c Mon May 25 21:14:23 2020 (r361480)
> +++ head/sys/crypto/ccp/ccp.c Mon May 25 22:12:04 2020 (r361481)
> @@ -92,20 +92,20 @@ static struct random_source random_ccp = {
> * crypto operation buffer.
> */
> static int
> -ccp_populate_sglist(struct sglist *sg, struct cryptop *crp)
> +ccp_populate_sglist(struct sglist *sg, struct crypto_buffer *cb)
> {
> int error;
>
> sglist_reset(sg);
> - switch (crp->crp_buf_type) {
> + switch (cb->cb_type) {
> case CRYPTO_BUF_MBUF:
> - error = sglist_append_mbuf(sg, crp->crp_mbuf);
> + error = sglist_append_mbuf(sg, cb->cb_mbuf);
> break;
> case CRYPTO_BUF_UIO:
> - error = sglist_append_uio(sg, crp->crp_uio);
> + error = sglist_append_uio(sg, cb->cb_uio);
> break;
> case CRYPTO_BUF_CONTIG:
> - error = sglist_append(sg, crp->crp_buf, crp->crp_ilen);
> + error = sglist_append(sg, cb->cb_buf, cb->cb_buf_len);
> break;
> default:
> error = EINVAL;
> @@ -547,7 +547,7 @@ ccp_process(device_t dev, struct cryptop *crp, int hin
> goto out;
> qpheld = true;
>
> - error = ccp_populate_sglist(qp->cq_sg_crp, crp);
> + error = ccp_populate_sglist(qp->cq_sg_crp, &crp->crp_buf);
> if (error != 0)
> goto out;
>
>
> Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c
> ==============================================================================
> --- head/sys/dev/cxgbe/crypto/t4_crypto.c Mon May 25 21:14:23
> 2020 (r361480)
> +++ head/sys/dev/cxgbe/crypto/t4_crypto.c Mon May 25 22:12:04
> 2020 (r361481)
> @@ -247,26 +247,26 @@ struct ccr_softc {
> * requests.
> *
> * These scatter/gather lists can describe different subsets of the
> - * buffer described by the crypto operation. ccr_populate_sglist()
> - * generates a scatter/gather list that covers the entire crypto
> + * buffers described by the crypto operation. ccr_populate_sglist()
> + * generates a scatter/gather list that covers an entire crypto
> * operation buffer that is then used to construct the other
> * scatter/gather lists.
> */
> static int
> -ccr_populate_sglist(struct sglist *sg, struct cryptop *crp)
> +ccr_populate_sglist(struct sglist *sg, struct crypto_buffer *cb)
> {
> int error;
>
> sglist_reset(sg);
> - switch (crp->crp_buf_type) {
> + switch (cb->cb_type) {
> case CRYPTO_BUF_MBUF:
> - error = sglist_append_mbuf(sg, crp->crp_mbuf);
> + error = sglist_append_mbuf(sg, cb->cb_mbuf);
> break;
> case CRYPTO_BUF_UIO:
> - error = sglist_append_uio(sg, crp->crp_uio);
> + error = sglist_append_uio(sg, cb->cb_uio);
> break;
> case CRYPTO_BUF_CONTIG:
> - error = sglist_append(sg, crp->crp_buf, crp->crp_ilen);
> + error = sglist_append(sg, cb->cb_buf, cb->cb_buf_len);
> break;
> default:
> error = EINVAL;
> @@ -2576,7 +2576,7 @@ ccr_process(device_t dev, struct cryptop *crp, int
> hin
> sc = device_get_softc(dev);
>
> mtx_lock(&sc->lock);
> - error = ccr_populate_sglist(sc->sg_crp, crp);
> + error = ccr_populate_sglist(sc->sg_crp, &crp->crp_buf);
> if (error) {
> sc->stats_sglist_error++;
> goto out;
>
> Modified: head/sys/dev/hifn/hifn7751.c
> ==============================================================================
> --- head/sys/dev/hifn/hifn7751.c Mon May 25 21:14:23 2020 (r361480)
> +++ head/sys/dev/hifn/hifn7751.c Mon May 25 22:12:04 2020 (r361481)
> @@ -1760,22 +1760,6 @@ hifn_dmamap_load_src(struct hifn_softc *sc, struct
> hif
> return (idx);
> }
>
> -static bus_size_t
> -hifn_crp_length(struct cryptop *crp)
> -{
> -
> - switch (crp->crp_buf_type) {
> - case CRYPTO_BUF_MBUF:
> - return (crp->crp_mbuf->m_pkthdr.len);
> - case CRYPTO_BUF_UIO:
> - return (crp->crp_uio->uio_resid);
> - case CRYPTO_BUF_CONTIG:
> - return (crp->crp_ilen);
> - default:
> - panic("bad crp buffer type");
> - }
> -}
> -
> static void
> hifn_op_cb(void* arg, bus_dma_segment_t *seg, int nsegs, int error)
> {
> @@ -1831,12 +1815,12 @@ hifn_crypto(
> err = ENOMEM;
> goto err_srcmap1;
> }
> - cmd->src_mapsize = hifn_crp_length(crp);
> + cmd->src_mapsize = crypto_buffer_len(&crp->crp_buf);
>
> if (hifn_dmamap_aligned(&cmd->src)) {
> cmd->sloplen = cmd->src_mapsize & 3;
> cmd->dst = cmd->src;
> - } else if (crp->crp_buf_type == CRYPTO_BUF_MBUF) {
> + } else if (crp->crp_buf.cb_type == CRYPTO_BUF_MBUF) {
> int totlen, len;
> struct mbuf *m, *m0, *mlast;
>
> @@ -1854,10 +1838,11 @@ hifn_crypto(
> * have no guarantee that we'll be re-entered.
> */
> totlen = cmd->src_mapsize;
> - if (crp->crp_mbuf->m_flags & M_PKTHDR) {
> + if (crp->crp_buf.cb_mbuf->m_flags & M_PKTHDR) {
> len = MHLEN;
> MGETHDR(m0, M_NOWAIT, MT_DATA);
> - if (m0 && !m_dup_pkthdr(m0, crp->crp_mbuf, M_NOWAIT)) {
> + if (m0 && !m_dup_pkthdr(m0, crp->crp_buf.cb_mbuf,
> + M_NOWAIT)) {
> m_free(m0);
> m0 = NULL;
> }
> @@ -2084,7 +2069,7 @@ err_dstmap1:
> if (cmd->src_map != cmd->dst_map)
> bus_dmamap_destroy(sc->sc_dmat, cmd->dst_map);
> err_srcmap:
> - if (crp->crp_buf_type == CRYPTO_BUF_MBUF) {
> + if (crp->crp_buf.cb_type == CRYPTO_BUF_MBUF) {
> if (cmd->dst_m != NULL)
> m_freem(cmd->dst_m);
> }
> @@ -2626,7 +2611,7 @@ hifn_callback(struct hifn_softc *sc, struct
> hifn_comma
> BUS_DMASYNC_POSTREAD);
> }
>
> - if (crp->crp_buf_type == CRYPTO_BUF_MBUF) {
> + if (crp->crp_buf.cb_type == CRYPTO_BUF_MBUF) {
> if (cmd->dst_m != NULL) {
> totlen = cmd->src_mapsize;
> for (m = cmd->dst_m; m != NULL; m = m->m_next) {
> @@ -2636,9 +2621,10 @@ hifn_callback(struct hifn_softc *sc, struct
> hifn_comma
> } else
> totlen -= m->m_len;
> }
> - cmd->dst_m->m_pkthdr.len = crp->crp_mbuf->m_pkthdr.len;
> - m_freem(crp->crp_mbuf);
> - crp->crp_mbuf = cmd->dst_m;
> + cmd->dst_m->m_pkthdr.len =
> + crp->crp_buf.cb_mbuf->m_pkthdr.len;
> + m_freem(crp->crp_buf.cb_mbuf);
> + crp->crp_buf.cb_mbuf = cmd->dst_m;
> }
> }
>
>
> Modified: head/sys/dev/safe/safe.c
> ==============================================================================
> --- head/sys/dev/safe/safe.c Mon May 25 21:14:23 2020 (r361480)
> +++ head/sys/dev/safe/safe.c Mon May 25 22:12:04 2020 (r361481)
> @@ -752,22 +752,6 @@ safe_newsession(device_t dev, crypto_session_t cses,
> return (0);
> }
>
> -static bus_size_t
> -safe_crp_length(struct cryptop *crp)
> -{
> -
> - switch (crp->crp_buf_type) {
> - case CRYPTO_BUF_MBUF:
> - return (crp->crp_mbuf->m_pkthdr.len);
> - case CRYPTO_BUF_UIO:
> - return (crp->crp_uio->uio_resid);
> - case CRYPTO_BUF_CONTIG:
> - return (crp->crp_ilen);
> - default:
> - panic("bad crp buffer type");
> - }
> -}
> -
> static void
>
> *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
>
--
Mateusz Guzik <mjguzik gmail.com>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGudoHHrrmkSKNxNhs%2B-ggwGzXugFSC_aCwB=T0E8Hs3CmvZTw>