PERFORCE change 1198476 for review
John-Mark Gurney
jmg at FreeBSD.ORG
Thu Aug 7 23:37:19 UTC 2014
http://p4web.freebsd.org/@@1198476?ac=10
Change 1198476 by jmg at jmg_carbon2 on 2014/08/07 23:36:28
add dtrace probes for various errors to aid in debugging...
rename NIST_CTR to ICM (Integer Counter Mode)... This mode
is more flexible and not IPSEC specific, supporting a counter
that is larger, or being able to segment your calls for
larger blocks than can fit into memory...
Sponsored by: FreeBSD Foundation
Affected files ...
... //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#3 edit
... //depot/projects/opencrypto/sys/opencrypto/cryptodev.h#3 edit
... //depot/projects/opencrypto/sys/opencrypto/cryptosoft.c#3 edit
... //depot/projects/opencrypto/sys/opencrypto/xform.c#4 edit
... //depot/projects/opencrypto/sys/opencrypto/xform.h#4 edit
Differences ...
==== //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#3 (text+ko) ====
@@ -41,6 +41,7 @@
__FBSDID("$FreeBSD: head/sys/opencrypto/cryptodev.c 262994 2014-03-11 01:45:46Z jmg $");
#include "opt_compat.h"
+#include "opt_kdtrace.h"
#include <sys/param.h>
#include <sys/systm.h>
@@ -59,10 +60,15 @@
#include <sys/module.h>
#include <sys/fcntl.h>
#include <sys/bus.h>
+#include <sys/sdt.h>
#include <opencrypto/cryptodev.h>
#include <opencrypto/xform.h>
+SDT_PROVIDER_DECLARE(opencrypto);
+
+SDT_PROBE_DEFINE1(opencrypto, dev, ioctl, error, "int");
+
#ifdef COMPAT_FREEBSD32
#include <sys/mount.h>
#include <compat/freebsd32/freebsd32.h>
@@ -445,8 +451,8 @@
case CRYPTO_CAMELLIA_CBC:
txform = &enc_xform_camellia;
break;
- case CRYPTO_AES_NIST_CTR:
- txform = &enc_xform_aes_nist_ctr;
+ case CRYPTO_AES_ICM:
+ txform = &enc_xform_aes_icm;
break;
case CRYPTO_AES_NIST_GCM_16:
txform = &enc_xform_aes_nist_gcm;
@@ -622,8 +628,10 @@
#endif
cop = (struct crypt_op *)data;
cse = csefind(fcr, cop->ses);
- if (cse == NULL)
+ if (cse == NULL) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
return (EINVAL);
+ }
error = cryptodev_op(cse, cop, active_cred, td);
#ifdef COMPAT_FREEBSD32
if (error == 0 && cmd == CIOCCRYPT32)
@@ -706,12 +714,16 @@
struct cryptodesc *crde = NULL, *crda = NULL;
int error;
- if (cop->len > 256*1024-4)
+ if (cop->len > 256*1024-4) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
return (E2BIG);
+ }
if (cse->txform) {
- if (cop->len == 0 || (cop->len % cse->txform->blocksize) != 0)
+ if (cop->len == 0 || (cop->len % cse->txform->blocksize) != 0) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
return (EINVAL);
+ }
}
cse->uio.uio_iov = &cse->iovec;
@@ -731,6 +743,7 @@
crp = crypto_getreq((cse->txform != NULL) + (cse->thash != NULL));
if (crp == NULL) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
error = ENOMEM;
goto bail;
}
@@ -743,13 +756,17 @@
if (cse->txform)
crde = crp->crp_desc;
else {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
error = EINVAL;
goto bail;
}
}
- if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base, cop->len)))
+ if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base,
+ cop->len))) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
goto bail;
+ }
if (crda) {
crda->crd_skip = 0;
@@ -784,15 +801,20 @@
if (cop->iv) {
if (crde == NULL) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
error = EINVAL;
goto bail;
}
if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
error = EINVAL;
goto bail;
}
- if ((error = copyin(cop->iv, cse->tmp_iv, cse->txform->blocksize)))
+ if ((error = copyin(cop->iv, cse->tmp_iv,
+ cse->txform->blocksize))) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
goto bail;
+ }
bcopy(cse->tmp_iv, crde->crd_iv, cse->txform->blocksize);
crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT;
crde->crd_skip = 0;
@@ -805,6 +827,7 @@
}
if (cop->mac && crda == NULL) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
error = EINVAL;
goto bail;
}
@@ -823,8 +846,10 @@
error = msleep(crp, &cse->lock, PWAIT, "crydev", 0);
mtx_unlock(&cse->lock);
- if (error != 0)
+ if (error != 0) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
goto bail;
+ }
if (crp->crp_etype == EAGAIN) {
crp->crp_etype = 0;
@@ -833,23 +858,30 @@
}
if (crp->crp_etype != 0) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
error = crp->crp_etype;
goto bail;
}
if (cse->error) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
error = cse->error;
goto bail;
}
if (cop->dst &&
- (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, cop->len)))
+ (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst,
+ cop->len))) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
goto bail;
+ }
if (cop->mac &&
(error = copyout((caddr_t)cse->uio.uio_iov[0].iov_base + cop->len,
- cop->mac, cse->thash->hashsize)))
+ cop->mac, cse->thash->hashsize))) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
goto bail;
+ }
bail:
if (crp)
==== //depot/projects/opencrypto/sys/opencrypto/cryptodev.h#3 (text+ko) ====
@@ -132,7 +132,7 @@
#define CRYPTO_SHA2_512_HMAC 20
#define CRYPTO_CAMELLIA_CBC 21
#define CRYPTO_AES_XTS 22
-#define CRYPTO_AES_NIST_CTR 23
+#define CRYPTO_AES_ICM 23 /* commonly known as CTR mode */
#define CRYPTO_AES_NIST_GMAC 24 /* cipher side */
#define CRYPTO_AES_NIST_GCM_16 25 /* 16 byte ICV */
#define CRYPTO_AES_128_NIST_GMAC 26 /* auth side */
==== //depot/projects/opencrypto/sys/opencrypto/cryptosoft.c#3 (text+ko) ====
@@ -918,8 +918,8 @@
case CRYPTO_AES_XTS:
txf = &enc_xform_aes_xts;
goto enccommon;
- case CRYPTO_AES_NIST_CTR:
- txf = &enc_xform_aes_nist_ctr;
+ case CRYPTO_AES_ICM:
+ txf = &enc_xform_aes_icm;
goto enccommon;
case CRYPTO_AES_NIST_GCM_16:
txf = &enc_xform_aes_nist_gcm;
@@ -1131,7 +1131,7 @@
case CRYPTO_SKIPJACK_CBC:
case CRYPTO_RIJNDAEL128_CBC:
case CRYPTO_AES_XTS:
- case CRYPTO_AES_NIST_CTR:
+ case CRYPTO_AES_ICM:
case CRYPTO_AES_NIST_GCM_16:
case CRYPTO_AES_NIST_GMAC:
case CRYPTO_CAMELLIA_CBC:
@@ -1259,7 +1259,7 @@
case CRYPTO_SKIPJACK_CBC:
case CRYPTO_RIJNDAEL128_CBC:
case CRYPTO_AES_XTS:
- case CRYPTO_AES_NIST_CTR:
+ case CRYPTO_AES_ICM:
case CRYPTO_CAMELLIA_CBC:
if ((crp->crp_etype = swcr_encdec(crd, sw,
crp->crp_buf, crp->crp_flags)) != 0)
@@ -1362,7 +1362,7 @@
REGISTER(CRYPTO_SHA1);
REGISTER(CRYPTO_RIJNDAEL128_CBC);
REGISTER(CRYPTO_AES_XTS);
- REGISTER(CRYPTO_AES_NIST_CTR);
+ REGISTER(CRYPTO_AES_ICM);
REGISTER(CRYPTO_AES_NIST_GCM_16);
REGISTER(CRYPTO_AES_NIST_GMAC);
REGISTER(CRYPTO_AES_128_NIST_GMAC);
==== //depot/projects/opencrypto/sys/opencrypto/xform.c#4 (text+ko) ====
@@ -81,7 +81,7 @@
static int cast5_setkey(u_int8_t **, u_int8_t *, int);
static int skipjack_setkey(u_int8_t **, u_int8_t *, int);
static int rijndael128_setkey(u_int8_t **, u_int8_t *, int);
-static int aes_ctr_setkey(u_int8_t **, u_int8_t *, int);
+static int aes_icm_setkey(u_int8_t **, u_int8_t *, int);
static int aes_xts_setkey(u_int8_t **, u_int8_t *, int);
static int cml_setkey(u_int8_t **, u_int8_t *, int);
@@ -105,7 +105,7 @@
static void aes_xts_decrypt(caddr_t, u_int8_t *);
static void cml_decrypt(caddr_t, u_int8_t *);
-static void aes_ctr_crypt(caddr_t, u_int8_t *);
+static void aes_icm_crypt(caddr_t, u_int8_t *);
static void null_zerokey(u_int8_t **);
static void des1_zerokey(u_int8_t **);
@@ -114,11 +114,11 @@
static void cast5_zerokey(u_int8_t **);
static void skipjack_zerokey(u_int8_t **);
static void rijndael128_zerokey(u_int8_t **);
-static void aes_ctr_zerokey(u_int8_t **);
+static void aes_icm_zerokey(u_int8_t **);
static void aes_xts_zerokey(u_int8_t **);
static void cml_zerokey(u_int8_t **);
-static void aes_ctr_reinit(caddr_t, u_int8_t *);
+static void aes_icm_reinit(caddr_t, u_int8_t *);
static void aes_xts_reinit(caddr_t, u_int8_t *);
static void aes_gcm_reinit(caddr_t, u_int8_t *);
@@ -138,17 +138,12 @@
static u_int32_t deflate_compress(u_int8_t *, u_int32_t, u_int8_t **);
static u_int32_t deflate_decompress(u_int8_t *, u_int32_t, u_int8_t **);
-#define AESCTR_IVSIZE 12
-#define AESCTR_BLOCKSIZE 16
+#define AESICM_BLOCKSIZE 16
-struct aes_ctr_ctx {
+struct aes_icm_ctx {
u_int32_t ac_ek[4*(RIJNDAEL_MAXNR + 1)];
- /*
- * ac_block is initalized to: [ IV : CNTR ]
- * IV is provided by user.
- * CNTR is initalized to 0 for CTR and 1 for GCM.
- */
- u_int8_t ac_block[AESCTR_BLOCKSIZE];
+ /* ac_block is initalized to IV */
+ u_int8_t ac_block[AESICM_BLOCKSIZE];
int ac_nr;
};
@@ -225,23 +220,23 @@
NULL,
};
-struct enc_xform enc_xform_aes_nist_ctr = {
- CRYPTO_AES_NIST_CTR, "AES-CTR",
+struct enc_xform enc_xform_aes_icm = {
+ CRYPTO_AES_ICM, "AES-ICM",
RIJNDAEL128_BLOCK_LEN, 16, 32,
- aes_ctr_crypt,
- aes_ctr_crypt,
- aes_ctr_setkey,
+ aes_icm_crypt,
+ aes_icm_crypt,
+ aes_icm_setkey,
rijndael128_zerokey,
- aes_ctr_reinit,
+ aes_icm_reinit,
};
struct enc_xform enc_xform_aes_nist_gcm = {
CRYPTO_AES_NIST_GCM_16, "AES-GCM",
1, 16, 32,
- aes_ctr_crypt,
- aes_ctr_crypt,
- aes_ctr_setkey,
- aes_ctr_zerokey,
+ aes_icm_crypt,
+ aes_icm_crypt,
+ aes_icm_setkey,
+ aes_icm_zerokey,
aes_gcm_reinit,
};
@@ -665,60 +660,58 @@
}
void
-aes_ctr_reinit(caddr_t key, u_int8_t *iv)
+aes_icm_reinit(caddr_t key, u_int8_t *iv)
{
- struct aes_ctr_ctx *ctx;
+ struct aes_icm_ctx *ctx;
- ctx = (struct aes_ctr_ctx *)key;
- bcopy(iv, ctx->ac_block, AESCTR_IVSIZE);
-
- /* reset counter */
- bzero(ctx->ac_block + AESCTR_IVSIZE, 4);
+ ctx = (struct aes_icm_ctx *)key;
+ bcopy(iv, ctx->ac_block, AESICM_BLOCKSIZE);
}
void
aes_gcm_reinit(caddr_t key, u_int8_t *iv)
{
- struct aes_ctr_ctx *ctx;
+ struct aes_icm_ctx *ctx;
- aes_ctr_reinit(key, iv);
+ aes_icm_reinit(key, iv);
- ctx = (struct aes_ctr_ctx *)key;
+ ctx = (struct aes_icm_ctx *)key;
/* GCM starts with 2 as counter 1 is used for final xor of tag. */
- ctx->ac_block[AESCTR_BLOCKSIZE - 1] = 2;
+ bzero(&ctx->ac_block[AESICM_BLOCKSIZE - 4], 4);
+ ctx->ac_block[AESICM_BLOCKSIZE - 1] = 2;
}
void
-aes_ctr_crypt(caddr_t key, u_int8_t *data)
+aes_icm_crypt(caddr_t key, u_int8_t *data)
{
- struct aes_ctr_ctx *ctx;
- u_int8_t keystream[AESCTR_BLOCKSIZE];
+ struct aes_icm_ctx *ctx;
+ u_int8_t keystream[AESICM_BLOCKSIZE];
int i;
- ctx = (struct aes_ctr_ctx *)key;
+ ctx = (struct aes_icm_ctx *)key;
rijndaelEncrypt(ctx->ac_ek, ctx->ac_nr, ctx->ac_block, keystream);
- for (i = 0; i < AESCTR_BLOCKSIZE; i++)
+ for (i = 0; i < AESICM_BLOCKSIZE; i++)
data[i] ^= keystream[i];
- bzero(keystream, sizeof(keystream));
+ explicite_bzero(keystream, sizeof(keystream));
/* increment counter */
- for (i = AESCTR_BLOCKSIZE - 1;
- i >= AESCTR_IVSIZE; i--)
+ for (i = AESICM_BLOCKSIZE - 1;
+ i >= 0; i--)
if (++ctx->ac_block[i]) /* continue on overflow */
break;
}
int
-aes_ctr_setkey(u_int8_t **sched, u_int8_t *key, int len)
+aes_icm_setkey(u_int8_t **sched, u_int8_t *key, int len)
{
- struct aes_ctr_ctx *ctx;
+ struct aes_icm_ctx *ctx;
- *sched = malloc(sizeof(struct aes_ctr_ctx), M_CRYPTO_DATA,
+ *sched = malloc(sizeof(struct aes_icm_ctx), M_CRYPTO_DATA,
M_NOWAIT | M_ZERO);
if (*sched == NULL)
return ENOMEM;
- ctx = (struct aes_ctr_ctx *)*sched;
+ ctx = (struct aes_icm_ctx *)*sched;
ctx->ac_nr = rijndaelKeySetupEnc(ctx->ac_ek, (u_char *)key, len * 8);
if (ctx->ac_nr == 0)
return EINVAL;
@@ -726,10 +719,10 @@
}
void
-aes_ctr_zerokey(u_int8_t **sched)
+aes_icm_zerokey(u_int8_t **sched)
{
- bzero(*sched, sizeof(struct aes_ctr_ctx));
+ bzero(*sched, sizeof(struct aes_icm_ctx));
free(*sched, M_CRYPTO_DATA);
*sched = NULL;
}
==== //depot/projects/opencrypto/sys/opencrypto/xform.h#4 (text+ko) ====
@@ -91,7 +91,7 @@
extern struct enc_xform enc_xform_cast5;
extern struct enc_xform enc_xform_skipjack;
extern struct enc_xform enc_xform_rijndael128;
-extern struct enc_xform enc_xform_aes_nist_ctr;
+extern struct enc_xform enc_xform_aes_icm;
extern struct enc_xform enc_xform_aes_nist_gcm;
extern struct enc_xform enc_xform_aes_nist_gmac;
extern struct enc_xform enc_xform_aes_xts;
More information about the p4-projects
mailing list