Date: Wed, 24 Feb 2010 16:50:35 +0000 From: "Kennedy, Brendan" <brendan.kennedy@intel.com> To: "Philip@freebsd.org" <Philip@freebsd.org>, "freebsd-drivers@freebsd.org" <freebsd-drivers@freebsd.org> Subject: [PATCH] patch to OpenCrypto framework Message-ID: <CFBC532374C38D45810FA00BC2D2C2041FB949@irsmsx502.ger.corp.intel.com>
index | next in thread | raw e-mail
[-- Attachment #1 --]
Hi Philip, All,
Attached is a patch to the OpenCrypto framework. It has been tested with FreeBSD 7.1, but the relevant code sections do not seem to have changed for FreeBSD 8.
I have also attached a patch to OpenSSL as a reference (that patch will be released to OpenSSL HEAD also). One of the changes to cryptodev.c effects how it communicates with eng_cryptodev.c in openssl.
This OpenCrypto patch does a number of updates:
1) It updates Cryptodev to allocate contiguous memory blocks – a requirement for some hardware drivers
2) It allows the Cryptodev driver to differentiate between a process fail and an algorithm fail – mainly effecting DSA verify functionality. Please also see the OpenSSL patch to get the full picture. If a driver does not support certain key sizes, it should still be possible to run the verify in software.
I’ve commented within the patch code below.
diff -rup kernelsrc.orig/sys/opencrypto/cryptodev.c kernelsrc.patched/sys/opencrypto/cryptodev.c
--- kernelsrc.orig/sys/opencrypto/cryptodev.c 2008-11-25 02:59:29.000000000 +0000
+++ kernelsrc.patched/sys/opencrypto/cryptodev.c 2009-04-28 14:47:09.000000000 +0000
@@ -397,8 +392,10 @@
cse->uio.uio_iov[0].iov_len = cop->len;
if (cse->thash)
cse->uio.uio_iov[0].iov_len += cse->thash->hashsize;
- cse->uio.uio_iov[0].iov_base = malloc(cse->uio.uio_iov[0].iov_len,
- M_XDATA, M_WAITOK);
+
+ cse->uio.uio_iov[0].iov_base = contigmalloc(cse->uio.uio_iov[0].iov_len,
+ M_DEVBUF, 0, 0, (1L << 31),
+ 8, 1024 * 1024);
crp = crypto_getreq((cse->txform != NULL) + (cse->thash != NULL));
if (crp == NULL) {
@@ -519,7 +516,8 @@
if (crp)
crypto_freereq(crp);
if (cse->uio.uio_iov[0].iov_base)
- free(cse->uio.uio_iov[0].iov_base, M_XDATA);
+ contigfree(cse->uio.uio_iov[0].iov_base,
+ cse->uio.uio_iov[0].iov_len, M_DEVBUF);
---------------------------
[Brendan] these are the changes for contig allocation/freeing
---------------------------
return (error);
}
@@ -601,10 +599,13 @@
krp->krp_status = 0;
krp->krp_callback = (int (*) (struct cryptkop *)) cryptodevkey_cb;
- for (i = 0; i < CRK_MAXPARAM; i++) {
- if (kop->crk_param[i].crp_nbits > 65536)
+ for (i = 0; i < in + out; i++) {
+ if (kop->crk_param[i].crp_nbits > 65536) {
/* Limit is the same as in OpenBSD */
+ printf("<crypto>: arg size limit breached, size= %d\n",
+ kop->crk_param[i].crp_nbits);
goto fail;
+ }
---------------------------
[Brendan] A slight optimization + some debug. However this could cause a crash if Cryptodev is fed bad parameters from userspace
---------------------------
krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits;
}
for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) {
@@ -630,7 +631,6 @@
kop->crk_crid = krp->krp_crid; /* device that did the work */
if (krp->krp_status != 0) {
- error = krp->krp_status;
goto fail;
}
---------------------------
[Brendan] For DSA verify – if the Hardware process fails (as opposed to the algorithm saying ‘not verified’), it can still be run in software. This is helpful for hardware that only supports certain key sizes.
---------------------------
--------------------------------------------------------------
Intel Shannon Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263
Business address: Dromore House, East Park, Shannon, Co. Clare
This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
[-- Attachment #2 --]
# Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
# * Neither the name of Intel Corporation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
diff -rup kernelsrc.orig/sys/opencrypto/cryptodev.c kernelsrc.patched/sys/opencrypto/cryptodev.c
--- kernelsrc.orig/sys/opencrypto/cryptodev.c 2008-11-25 02:59:29.000000000 +0000
+++ kernelsrc.patched/sys/opencrypto/cryptodev.c 2009-04-28 14:47:09.000000000 +0000
@@ -397,8 +392,10 @@
cse->uio.uio_iov[0].iov_len = cop->len;
if (cse->thash)
cse->uio.uio_iov[0].iov_len += cse->thash->hashsize;
- cse->uio.uio_iov[0].iov_base = malloc(cse->uio.uio_iov[0].iov_len,
- M_XDATA, M_WAITOK);
+
+ cse->uio.uio_iov[0].iov_base = contigmalloc(cse->uio.uio_iov[0].iov_len,
+ M_DEVBUF, 0, 0, (1L << 31),
+ 8, 1024 * 1024);
crp = crypto_getreq((cse->txform != NULL) + (cse->thash != NULL));
if (crp == NULL) {
@@ -519,7 +516,8 @@
if (crp)
crypto_freereq(crp);
if (cse->uio.uio_iov[0].iov_base)
- free(cse->uio.uio_iov[0].iov_base, M_XDATA);
+ contigfree(cse->uio.uio_iov[0].iov_base,
+ cse->uio.uio_iov[0].iov_len, M_DEVBUF);
return (error);
}
@@ -601,10 +599,13 @@
krp->krp_status = 0;
krp->krp_callback = (int (*) (struct cryptkop *)) cryptodevkey_cb;
- for (i = 0; i < CRK_MAXPARAM; i++) {
- if (kop->crk_param[i].crp_nbits > 65536)
+ for (i = 0; i < in + out; i++) {
+ if (kop->crk_param[i].crp_nbits > 65536) {
/* Limit is the same as in OpenBSD */
+ printf("<crypto>: arg size limit breached, size= %d\n",
+ kop->crk_param[i].crp_nbits);
goto fail;
+ }
krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits;
}
for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) {
@@ -630,7 +631,6 @@
kop->crk_crid = krp->krp_crid; /* device that did the work */
if (krp->krp_status != 0) {
- error = krp->krp_status;
goto fail;
}
[-- Attachment #3 --]
# Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
# * Neither the name of Intel Corporation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
# version: Security.L.1.0.2-229
diff -rup openssl-0.9.8g.orig/crypto/engine/eng_cryptodev.c openssl-0.9.8g.patched/crypto/engine/eng_cryptodev.c
--- openssl-0.9.8g.orig/crypto/engine/eng_cryptodev.c 2009-10-14 11:55:14.000000000 +0100
+++ openssl-0.9.8g.patched/crypto/engine/eng_cryptodev.c 2009-10-14 11:56:20.000000000 +0100
@@ -1029,10 +1029,18 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BI
goto err;
kop.crk_iparams = 3;
- if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) {
+ if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) {
+ printf("OCF asym process failed, Running in software\n");
+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+ ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
+
+ } else if (ECANCELED == kop.crk_status) {
+ printf("OCF hardware operation cancelled. Running in Software\n");
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
}
+ /* else cryptodev operation worked ok ==> ret = 1*/
+
err:
zapparams(&kop);
return (ret);
@@ -1076,10 +1084,18 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const
goto err;
kop.crk_iparams = 6;
- if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
+ if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) {
+ printf("OCF asym process failed, running in Software\n");
+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+ ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
+
+ } else if (ECANCELED == kop.crk_status) {
+ printf("OCF hardware operation cancelled. Running in Software\n");
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
}
+ /* else cryptodev operation worked ok ==> ret = 1*/
+
err:
zapparams(&kop);
return (ret);
@@ -1215,7 +1231,8 @@ cryptodev_dsa_verify(const unsigned char
kop.crk_iparams = 7;
if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
- dsaret = kop.crk_status;
+/*OCF success value is 0, if not zero, change dsaret to fail*/
+ if(0 != kop.crk_status) dsaret = 0;
} else {
const DSA_METHOD *meth = DSA_OpenSSL();
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CFBC532374C38D45810FA00BC2D2C2041FB949>