PERFORCE change 1198476 for review

John-Mark Gurney jmg at FreeBSD.ORG
Thu Aug 7 23:37:19 UTC 2014


http://p4web.freebsd.org/@@1198476?ac=10

Change 1198476 by jmg at jmg_carbon2 on 2014/08/07 23:36:28

	add dtrace probes for various errors to aid in debugging...
	
	rename NIST_CTR to ICM (Integer Counter Mode)...  This mode
	is more flexible and not IPSEC specific, supporting a counter
	that is larger, or being able to segment your calls for
	larger blocks than can fit into memory...
	
	Sponsored by:	FreeBSD Foundation

Affected files ...

... //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#3 edit
... //depot/projects/opencrypto/sys/opencrypto/cryptodev.h#3 edit
... //depot/projects/opencrypto/sys/opencrypto/cryptosoft.c#3 edit
... //depot/projects/opencrypto/sys/opencrypto/xform.c#4 edit
... //depot/projects/opencrypto/sys/opencrypto/xform.h#4 edit

Differences ...

==== //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#3 (text+ko) ====

@@ -41,6 +41,7 @@
 __FBSDID("$FreeBSD: head/sys/opencrypto/cryptodev.c 262994 2014-03-11 01:45:46Z jmg $");
 
 #include "opt_compat.h"
+#include "opt_kdtrace.h"
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -59,10 +60,15 @@
 #include <sys/module.h>
 #include <sys/fcntl.h>
 #include <sys/bus.h>
+#include <sys/sdt.h>
 
 #include <opencrypto/cryptodev.h>
 #include <opencrypto/xform.h>
 
+SDT_PROVIDER_DECLARE(opencrypto);
+
+SDT_PROBE_DEFINE1(opencrypto, dev, ioctl, error, "int");
+
 #ifdef COMPAT_FREEBSD32
 #include <sys/mount.h>
 #include <compat/freebsd32/freebsd32.h>
@@ -445,8 +451,8 @@
  		case CRYPTO_CAMELLIA_CBC:
  			txform = &enc_xform_camellia;
  			break;
-		case CRYPTO_AES_NIST_CTR:
-			txform = &enc_xform_aes_nist_ctr;
+		case CRYPTO_AES_ICM:
+			txform = &enc_xform_aes_icm;
  			break;
 		case CRYPTO_AES_NIST_GCM_16:
 			txform = &enc_xform_aes_nist_gcm;
@@ -622,8 +628,10 @@
 #endif
 			cop = (struct crypt_op *)data;
 		cse = csefind(fcr, cop->ses);
-		if (cse == NULL)
+		if (cse == NULL) {
+			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 			return (EINVAL);
+		}
 		error = cryptodev_op(cse, cop, active_cred, td);
 #ifdef COMPAT_FREEBSD32
 		if (error == 0 && cmd == CIOCCRYPT32)
@@ -706,12 +714,16 @@
 	struct cryptodesc *crde = NULL, *crda = NULL;
 	int error;
 
-	if (cop->len > 256*1024-4)
+	if (cop->len > 256*1024-4) {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 		return (E2BIG);
+	}
 
 	if (cse->txform) {
-		if (cop->len == 0 || (cop->len % cse->txform->blocksize) != 0)
+		if (cop->len == 0 || (cop->len % cse->txform->blocksize) != 0) {
+			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 			return (EINVAL);
+		}
 	}
 
 	cse->uio.uio_iov = &cse->iovec;
@@ -731,6 +743,7 @@
 
 	crp = crypto_getreq((cse->txform != NULL) + (cse->thash != NULL));
 	if (crp == NULL) {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 		error = ENOMEM;
 		goto bail;
 	}
@@ -743,13 +756,17 @@
 		if (cse->txform)
 			crde = crp->crp_desc;
 		else {
+			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 			error = EINVAL;
 			goto bail;
 		}
 	}
 
-	if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base, cop->len)))
+	if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base,
+	    cop->len))) {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 		goto bail;
+	}
 
 	if (crda) {
 		crda->crd_skip = 0;
@@ -784,15 +801,20 @@
 
 	if (cop->iv) {
 		if (crde == NULL) {
+			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 			error = EINVAL;
 			goto bail;
 		}
 		if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
+			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 			error = EINVAL;
 			goto bail;
 		}
-		if ((error = copyin(cop->iv, cse->tmp_iv, cse->txform->blocksize)))
+		if ((error = copyin(cop->iv, cse->tmp_iv,
+		    cse->txform->blocksize))) {
+			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 			goto bail;
+		}
 		bcopy(cse->tmp_iv, crde->crd_iv, cse->txform->blocksize);
 		crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT;
 		crde->crd_skip = 0;
@@ -805,6 +827,7 @@
 	}
 
 	if (cop->mac && crda == NULL) {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 		error = EINVAL;
 		goto bail;
 	}
@@ -823,8 +846,10 @@
 		error = msleep(crp, &cse->lock, PWAIT, "crydev", 0);
 	mtx_unlock(&cse->lock);
 
-	if (error != 0)
+	if (error != 0) {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 		goto bail;
+	}
 
 	if (crp->crp_etype == EAGAIN) {
 		crp->crp_etype = 0;
@@ -833,23 +858,30 @@
 	}
 
 	if (crp->crp_etype != 0) {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 		error = crp->crp_etype;
 		goto bail;
 	}
 
 	if (cse->error) {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 		error = cse->error;
 		goto bail;
 	}
 
 	if (cop->dst &&
-	    (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, cop->len)))
+	    (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst,
+	    cop->len))) {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 		goto bail;
+	}
 
 	if (cop->mac &&
 	    (error = copyout((caddr_t)cse->uio.uio_iov[0].iov_base + cop->len,
-	    cop->mac, cse->thash->hashsize)))
+	    cop->mac, cse->thash->hashsize))) {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
 		goto bail;
+	}
 
 bail:
 	if (crp)

==== //depot/projects/opencrypto/sys/opencrypto/cryptodev.h#3 (text+ko) ====

@@ -132,7 +132,7 @@
 #define	CRYPTO_SHA2_512_HMAC	20
 #define	CRYPTO_CAMELLIA_CBC	21
 #define	CRYPTO_AES_XTS		22
-#define	CRYPTO_AES_NIST_CTR	23
+#define	CRYPTO_AES_ICM		23 /* commonly known as CTR mode */
 #define	CRYPTO_AES_NIST_GMAC	24 /* cipher side */
 #define	CRYPTO_AES_NIST_GCM_16	25 /* 16 byte ICV */
 #define	CRYPTO_AES_128_NIST_GMAC 26 /* auth side */

==== //depot/projects/opencrypto/sys/opencrypto/cryptosoft.c#3 (text+ko) ====

@@ -918,8 +918,8 @@
 		case CRYPTO_AES_XTS:
 			txf = &enc_xform_aes_xts;
 			goto enccommon;
-		case CRYPTO_AES_NIST_CTR:
-			txf = &enc_xform_aes_nist_ctr;
+		case CRYPTO_AES_ICM:
+			txf = &enc_xform_aes_icm;
 			goto enccommon;
 		case CRYPTO_AES_NIST_GCM_16:
 			txf = &enc_xform_aes_nist_gcm;
@@ -1131,7 +1131,7 @@
 		case CRYPTO_SKIPJACK_CBC:
 		case CRYPTO_RIJNDAEL128_CBC:
 		case CRYPTO_AES_XTS:
-		case CRYPTO_AES_NIST_CTR:
+		case CRYPTO_AES_ICM:
 		case CRYPTO_AES_NIST_GCM_16:
 		case CRYPTO_AES_NIST_GMAC:
 		case CRYPTO_CAMELLIA_CBC:
@@ -1259,7 +1259,7 @@
 		case CRYPTO_SKIPJACK_CBC:
 		case CRYPTO_RIJNDAEL128_CBC:
 		case CRYPTO_AES_XTS:
-		case CRYPTO_AES_NIST_CTR:
+		case CRYPTO_AES_ICM:
 		case CRYPTO_CAMELLIA_CBC:
 			if ((crp->crp_etype = swcr_encdec(crd, sw,
 			    crp->crp_buf, crp->crp_flags)) != 0)
@@ -1362,7 +1362,7 @@
 	REGISTER(CRYPTO_SHA1);
 	REGISTER(CRYPTO_RIJNDAEL128_CBC);
 	REGISTER(CRYPTO_AES_XTS);
-	REGISTER(CRYPTO_AES_NIST_CTR);
+	REGISTER(CRYPTO_AES_ICM);
 	REGISTER(CRYPTO_AES_NIST_GCM_16);
 	REGISTER(CRYPTO_AES_NIST_GMAC);
 	REGISTER(CRYPTO_AES_128_NIST_GMAC);

==== //depot/projects/opencrypto/sys/opencrypto/xform.c#4 (text+ko) ====

@@ -81,7 +81,7 @@
 static	int cast5_setkey(u_int8_t **, u_int8_t *, int);
 static	int skipjack_setkey(u_int8_t **, u_int8_t *, int);
 static	int rijndael128_setkey(u_int8_t **, u_int8_t *, int);
-static	int aes_ctr_setkey(u_int8_t **, u_int8_t *, int);
+static	int aes_icm_setkey(u_int8_t **, u_int8_t *, int);
 static	int aes_xts_setkey(u_int8_t **, u_int8_t *, int);
 static	int cml_setkey(u_int8_t **, u_int8_t *, int);
 
@@ -105,7 +105,7 @@
 static	void aes_xts_decrypt(caddr_t, u_int8_t *);
 static	void cml_decrypt(caddr_t, u_int8_t *);
 
-static void aes_ctr_crypt(caddr_t, u_int8_t *);
+static void aes_icm_crypt(caddr_t, u_int8_t *);
 
 static	void null_zerokey(u_int8_t **);
 static	void des1_zerokey(u_int8_t **);
@@ -114,11 +114,11 @@
 static	void cast5_zerokey(u_int8_t **);
 static	void skipjack_zerokey(u_int8_t **);
 static	void rijndael128_zerokey(u_int8_t **);
-static	void aes_ctr_zerokey(u_int8_t **);
+static	void aes_icm_zerokey(u_int8_t **);
 static	void aes_xts_zerokey(u_int8_t **);
 static	void cml_zerokey(u_int8_t **);
 
-static	void aes_ctr_reinit(caddr_t, u_int8_t *);
+static	void aes_icm_reinit(caddr_t, u_int8_t *);
 static	void aes_xts_reinit(caddr_t, u_int8_t *);
 static	void aes_gcm_reinit(caddr_t, u_int8_t *);
 
@@ -138,17 +138,12 @@
 static	u_int32_t deflate_compress(u_int8_t *, u_int32_t, u_int8_t **);
 static	u_int32_t deflate_decompress(u_int8_t *, u_int32_t, u_int8_t **);
 
-#define AESCTR_IVSIZE		12
-#define AESCTR_BLOCKSIZE	16
+#define AESICM_BLOCKSIZE	16
 
-struct aes_ctr_ctx {
+struct aes_icm_ctx {
 	u_int32_t	ac_ek[4*(RIJNDAEL_MAXNR + 1)];
-	/*
-	 * ac_block is initalized to: [ IV : CNTR ]
-	 * IV is provided by user.
-	 * CNTR is initalized to 0 for CTR and 1 for GCM.
-	 */
-	u_int8_t	ac_block[AESCTR_BLOCKSIZE];
+	/* ac_block is initalized to IV */
+	u_int8_t	ac_block[AESICM_BLOCKSIZE];
 	int		ac_nr;
 };
 
@@ -225,23 +220,23 @@
 	NULL,
 };
 
-struct enc_xform enc_xform_aes_nist_ctr = {
-	CRYPTO_AES_NIST_CTR, "AES-CTR",
+struct enc_xform enc_xform_aes_icm = {
+	CRYPTO_AES_ICM, "AES-ICM",
 	RIJNDAEL128_BLOCK_LEN, 16, 32,
-	aes_ctr_crypt,
-	aes_ctr_crypt,
-	aes_ctr_setkey,
+	aes_icm_crypt,
+	aes_icm_crypt,
+	aes_icm_setkey,
 	rijndael128_zerokey,
-	aes_ctr_reinit,
+	aes_icm_reinit,
 };
 
 struct enc_xform enc_xform_aes_nist_gcm = {
 	CRYPTO_AES_NIST_GCM_16, "AES-GCM",
 	1, 16, 32,
-	aes_ctr_crypt,
-	aes_ctr_crypt,
-	aes_ctr_setkey,
-	aes_ctr_zerokey,
+	aes_icm_crypt,
+	aes_icm_crypt,
+	aes_icm_setkey,
+	aes_icm_zerokey,
 	aes_gcm_reinit,
 };
 
@@ -665,60 +660,58 @@
 }
 
 void
-aes_ctr_reinit(caddr_t key, u_int8_t *iv)
+aes_icm_reinit(caddr_t key, u_int8_t *iv)
 {
-	struct aes_ctr_ctx *ctx;
+	struct aes_icm_ctx *ctx;
 
-	ctx = (struct aes_ctr_ctx *)key;
-	bcopy(iv, ctx->ac_block, AESCTR_IVSIZE);
-
-	/* reset counter */
-	bzero(ctx->ac_block + AESCTR_IVSIZE, 4);
+	ctx = (struct aes_icm_ctx *)key;
+	bcopy(iv, ctx->ac_block, AESICM_BLOCKSIZE);
 }
 
 void
 aes_gcm_reinit(caddr_t key, u_int8_t *iv)
 {
-	struct aes_ctr_ctx *ctx;
+	struct aes_icm_ctx *ctx;
 
-	aes_ctr_reinit(key, iv);
+	aes_icm_reinit(key, iv);
 
-	ctx = (struct aes_ctr_ctx *)key;
+	ctx = (struct aes_icm_ctx *)key;
 	/* GCM starts with 2 as counter 1 is used for final xor of tag. */
-	ctx->ac_block[AESCTR_BLOCKSIZE - 1] = 2;
+	bzero(&ctx->ac_block[AESICM_BLOCKSIZE - 4], 4);
+	ctx->ac_block[AESICM_BLOCKSIZE - 1] = 2;
 }
 
 void
-aes_ctr_crypt(caddr_t key, u_int8_t *data)
+aes_icm_crypt(caddr_t key, u_int8_t *data)
 {
-	struct aes_ctr_ctx *ctx;
-	u_int8_t keystream[AESCTR_BLOCKSIZE];
+	struct aes_icm_ctx *ctx;
+	u_int8_t keystream[AESICM_BLOCKSIZE];
 	int i;
 
-	ctx = (struct aes_ctr_ctx *)key;
+	ctx = (struct aes_icm_ctx *)key;
 	rijndaelEncrypt(ctx->ac_ek, ctx->ac_nr, ctx->ac_block, keystream);
-	for (i = 0; i < AESCTR_BLOCKSIZE; i++)
+	for (i = 0; i < AESICM_BLOCKSIZE; i++)
 		data[i] ^= keystream[i];
-	bzero(keystream, sizeof(keystream));
+	explicite_bzero(keystream, sizeof(keystream));
 
 	/* increment counter */
-	for (i = AESCTR_BLOCKSIZE - 1;
-	     i >= AESCTR_IVSIZE; i--)
+	for (i = AESICM_BLOCKSIZE - 1;
+	     i >= 0; i--)
 		if (++ctx->ac_block[i])   /* continue on overflow */
 			break;
 }
 
 int
-aes_ctr_setkey(u_int8_t **sched, u_int8_t *key, int len)
+aes_icm_setkey(u_int8_t **sched, u_int8_t *key, int len)
 {
-	struct aes_ctr_ctx *ctx;
+	struct aes_icm_ctx *ctx;
 
-	*sched = malloc(sizeof(struct aes_ctr_ctx), M_CRYPTO_DATA,
+	*sched = malloc(sizeof(struct aes_icm_ctx), M_CRYPTO_DATA,
 	    M_NOWAIT | M_ZERO);
 	if (*sched == NULL)
 		return ENOMEM;
 
-	ctx = (struct aes_ctr_ctx *)*sched;
+	ctx = (struct aes_icm_ctx *)*sched;
 	ctx->ac_nr = rijndaelKeySetupEnc(ctx->ac_ek, (u_char *)key, len * 8);
 	if (ctx->ac_nr == 0)
 		return EINVAL;
@@ -726,10 +719,10 @@
 }
 
 void
-aes_ctr_zerokey(u_int8_t **sched)
+aes_icm_zerokey(u_int8_t **sched)
 {
 
-	bzero(*sched, sizeof(struct aes_ctr_ctx));
+	bzero(*sched, sizeof(struct aes_icm_ctx));
 	free(*sched, M_CRYPTO_DATA);
 	*sched = NULL;
 }

==== //depot/projects/opencrypto/sys/opencrypto/xform.h#4 (text+ko) ====

@@ -91,7 +91,7 @@
 extern struct enc_xform enc_xform_cast5;
 extern struct enc_xform enc_xform_skipjack;
 extern struct enc_xform enc_xform_rijndael128;
-extern struct enc_xform enc_xform_aes_nist_ctr;
+extern struct enc_xform enc_xform_aes_icm;
 extern struct enc_xform enc_xform_aes_nist_gcm;
 extern struct enc_xform enc_xform_aes_nist_gmac;
 extern struct enc_xform enc_xform_aes_xts;


More information about the p4-projects mailing list