Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 25 May 2020 12:34:15 +0000 (UTC)
From:      Hans Petter Selasky <hselasky@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r361446 - head/sys/dev/mlx5/mlx5_en
Message-ID:  <202005251234.04PCYFg0034303@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: hselasky
Date: Mon May 25 12:34:15 2020
New Revision: 361446
URL: https://svnweb.freebsd.org/changeset/base/361446

Log:
  Correctly set the initial vector for TLS v1.3 for mlx5en(4).
  
  For TLS v1.3 the 12 bytes of the initial vector, IV, should just be copied
  as-is from the kernel to the gcm_iv field, which hold the first 4 bytes,
  and the remaining 8 bytes go to the subsequent implicit_iv field.
  There is no need to consider the byte order on the 12 bytes of IV like
  initially done.
  
  Sponsored by:	Mellanox Technologies

Modified:
  head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c

Modified: head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c
==============================================================================
--- head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c	Mon May 25 12:31:48 2020	(r361445)
+++ head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c	Mon May 25 12:34:15 2020	(r361446)
@@ -251,18 +251,14 @@ mlx5e_tls_set_params(void *ctx, const struct tls_sessi
 	MLX5_SET(sw_tls_cntx, ctx, param.encryption_standard, 1); /* TLS */
 
 	/* copy the initial vector in place */
-	if (en->iv_len == MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv)) {
+	switch (en->iv_len) {
+	case MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv):
+	case MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv) +
+	     MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.implicit_iv):
 		memcpy(MLX5_ADDR_OF(sw_tls_cntx, ctx, param.gcm_iv),
-		    en->iv, MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv));
-	} else if (en->iv_len == (MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv) +
-				  MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.implicit_iv))) {
-		memcpy(MLX5_ADDR_OF(sw_tls_cntx, ctx, param.gcm_iv),
-		    (char *)en->iv + MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.implicit_iv),
-		    MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv));
-		memcpy(MLX5_ADDR_OF(sw_tls_cntx, ctx, param.implicit_iv),
-		    en->iv,
-		    MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.implicit_iv));
-	} else {
+		    en->iv, en->iv_len);
+		break;
+	default:
 		return (EINVAL);
 	}

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202005251234.04PCYFg0034303>