Update to FreeBSD head 2017-10-01

Git mirror commit b2f0376b45428f13151d229c5ae9d4d8f74acbd1. Update #3472.
2025-10-14 07:15:58 +08:00 · 2018-08-09 13:04:41 +02:00
parent c37f9fba70
commit e4a8065910
164 changed files with 2619 additions and 1406 deletions
--- a/freebsd/sys/opencrypto/crypto.c
+++ b/freebsd/sys/opencrypto/crypto.c
@@ -467,7 +467,7 @@ crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int crid)
 			CRYPTDEB("dev newsession failed");
 	} else {
 		CRYPTDEB("no driver");
-		err = EINVAL;
+		err = EOPNOTSUPP;
 	}
 	CRYPTO_DRIVER_UNLOCK();
 	return err;
--- a/freebsd/sys/opencrypto/cryptodev.c
+++ b/freebsd/sys/opencrypto/cryptodev.c
@@ -526,7 +526,8 @@ cryptof_ioctl(
 		if (thash) {
 			cria.cri_alg = thash->type;
 			cria.cri_klen = sop->mackeylen * 8;
-			if (sop->mackeylen != thash->keysize) {
+			if (thash->keysize != 0 &&
+			    sop->mackeylen > thash->keysize) {
 				CRYPTDEB("invalid mac key length");
 				error = EINVAL;
 				goto bail;
@@ -758,18 +759,22 @@ cryptodev_op(
 		goto bail;
 	}

-	if (cse->thash) {
-		crda = crp->crp_desc;
-		if (cse->txform)
-			crde = crda->crd_next;
-	} else {
-		if (cse->txform)
+	if (cse->thash && cse->txform) {
+		if (cop->flags & COP_F_CIPHER_FIRST) {
 			crde = crp->crp_desc;
-		else {
-			SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
-			error = EINVAL;
-			goto bail;
+			crda = crde->crd_next;
+		} else {
+			crda = crp->crp_desc;
+			crde = crda->crd_next;
 		}
+	} else if (cse->thash) {
+		crda = crp->crp_desc;
+	} else if (cse->txform) {
+		crde = crp->crp_desc;
+	} else {
+		SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+		error = EINVAL;
+		goto bail;
 	}

 	if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base,
@@ -925,7 +930,7 @@ cryptodev_aead(
 	uio->uio_iov = &cse->iovec;
 	uio->uio_iovcnt = 1;
 	uio->uio_offset = 0;
-	uio->uio_resid = caead->len + caead->aadlen + cse->thash->hashsize;
+	uio->uio_resid = caead->aadlen + caead->len + cse->thash->hashsize;
 	uio->uio_segflg = UIO_SYSSPACE;
 	uio->uio_rw = UIO_WRITE;
 	uio->uio_td = td;
@@ -940,20 +945,33 @@ cryptodev_aead(
 		goto bail;
 	}

-	crda = crp->crp_desc;
-	crde = crda->crd_next;
+	if (caead->flags & COP_F_CIPHER_FIRST) {
+		crde = crp->crp_desc;
+		crda = crde->crd_next;
+	} else {
+		crda = crp->crp_desc;
+		crde = crda->crd_next;
+	}

-	if ((error = copyin(caead->src, cse->uio.uio_iov[0].iov_base,
-	    caead->len)))
+	if ((error = copyin(caead->aad, cse->uio.uio_iov[0].iov_base,
+	    caead->aadlen)))
 		goto bail;

-	if ((error = copyin(caead->aad, (char *)cse->uio.uio_iov[0].iov_base +
-	    caead->len, caead->aadlen)))
+	if ((error = copyin(caead->src, (char *)cse->uio.uio_iov[0].iov_base +
+	    caead->aadlen, caead->len)))
 		goto bail;

-	crda->crd_skip = caead->len;
-	crda->crd_len = caead->aadlen;
-	crda->crd_inject = caead->len + caead->aadlen;
+	/*
+	 * For GCM, crd_len covers only the AAD.  For other ciphers
+	 * chained with an HMAC, crd_len covers both the AAD and the
+	 * cipher text.
+	 */
+	crda->crd_skip = 0;
+	if (cse->cipher == CRYPTO_AES_NIST_GCM_16)
+		crda->crd_len = caead->aadlen;
+	else
+		crda->crd_len = caead->aadlen + caead->len;
+	crda->crd_inject = caead->aadlen + caead->len;

 	crda->crd_alg = cse->mac;
 	crda->crd_key = cse->mackey;
@@ -963,15 +981,15 @@ cryptodev_aead(
 		crde->crd_flags |= CRD_F_ENCRYPT;
 	else
 		crde->crd_flags &= ~CRD_F_ENCRYPT;
-	/* crde->crd_skip set below */
+	crde->crd_skip = caead->aadlen;
 	crde->crd_len = caead->len;
-	crde->crd_inject = 0;
+	crde->crd_inject = caead->aadlen;

 	crde->crd_alg = cse->cipher;
 	crde->crd_key = cse->key;
 	crde->crd_klen = cse->keylen * 8;

-	crp->crp_ilen = caead->len + caead->aadlen;
+	crp->crp_ilen = caead->aadlen + caead->len;
 	crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIMM
 		       | (caead->flags & COP_F_BATCH);
 	crp->crp_buf = (caddr_t)&cse->uio.uio_iov;
@@ -989,10 +1007,9 @@ cryptodev_aead(
 			goto bail;
 		bcopy(cse->tmp_iv, crde->crd_iv, caead->ivlen);
 		crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT;
-		crde->crd_skip = 0;
 	} else {
 		crde->crd_flags |= CRD_F_IV_PRESENT;
-		crde->crd_skip = cse->txform->blocksize;
+		crde->crd_skip += cse->txform->blocksize;
 		crde->crd_len -= cse->txform->blocksize;
 	}

@@ -1032,12 +1049,13 @@ again:
 		goto bail;
 	}

-	if (caead->dst && (error = copyout(cse->uio.uio_iov[0].iov_base,
-	    caead->dst, caead->len)))
+	if (caead->dst && (error = copyout(
+	    (caddr_t)cse->uio.uio_iov[0].iov_base + caead->aadlen, caead->dst,
+	    caead->len)))
 		goto bail;

 	if ((error = copyout((caddr_t)cse->uio.uio_iov[0].iov_base +
-	    caead->len + caead->aadlen, caead->tag, cse->thash->hashsize)))
+	    caead->aadlen + caead->len, caead->tag, cse->thash->hashsize)))
 		goto bail;

 bail:
--- a/freebsd/sys/opencrypto/cryptodev.h
+++ b/freebsd/sys/opencrypto/cryptodev.h
@@ -95,13 +95,6 @@
 #define	HMAC_IPAD_VAL			0x36
 #define	HMAC_OPAD_VAL			0x5C
 /* HMAC Key Length */
-#define	NULL_HMAC_KEY_LEN		0
-#define	MD5_HMAC_KEY_LEN		16
-#define	SHA1_HMAC_KEY_LEN		20
-#define	RIPEMD160_HMAC_KEY_LEN		20
-#define	SHA2_256_HMAC_KEY_LEN		32
-#define	SHA2_384_HMAC_KEY_LEN		48
-#define	SHA2_512_HMAC_KEY_LEN		64
 #define	AES_128_GMAC_KEY_LEN		16
 #define	AES_192_GMAC_KEY_LEN		24
 #define	AES_256_GMAC_KEY_LEN		32
@@ -238,7 +231,8 @@ struct crypt_op {
 #define COP_ENCRYPT	1
 #define COP_DECRYPT	2
 	u_int16_t	flags;
-#define	COP_F_BATCH	0x0008		/* Batch op if possible */
+#define	COP_F_CIPHER_FIRST	0x0001	/* Cipher before MAC. */
+#define	COP_F_BATCH		0x0008	/* Batch op if possible */
 	u_int		len;
 	c_caddr_t	src;		/* become iov[] inside kernel */
 	caddr_t		dst;
--- a/freebsd/sys/opencrypto/xform_aes_icm.c
+++ b/freebsd/sys/opencrypto/xform_aes_icm.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_aes_xts.c
+++ b/freebsd/sys/opencrypto/xform_aes_xts.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_blf.c
+++ b/freebsd/sys/opencrypto/xform_blf.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_cast5.c
+++ b/freebsd/sys/opencrypto/xform_cast5.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_cml.c
+++ b/freebsd/sys/opencrypto/xform_cml.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_deflate.c
+++ b/freebsd/sys/opencrypto/xform_deflate.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_des1.c
+++ b/freebsd/sys/opencrypto/xform_des1.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_des3.c
+++ b/freebsd/sys/opencrypto/xform_des3.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_gmac.c
+++ b/freebsd/sys/opencrypto/xform_gmac.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_md5.c
+++ b/freebsd/sys/opencrypto/xform_md5.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
@@ -59,17 +57,27 @@ static	int MD5Update_int(void *, const u_int8_t *, u_int16_t);

 /* Authentication instances */
 struct auth_hash auth_hash_hmac_md5 = {
-	CRYPTO_MD5_HMAC, "HMAC-MD5",
-	MD5_HMAC_KEY_LEN, MD5_HASH_LEN, sizeof(MD5_CTX), MD5_HMAC_BLOCK_LEN,
-	(void (*) (void *)) MD5Init, NULL, NULL, MD5Update_int,
-	(void (*) (u_int8_t *, void *)) MD5Final
+	.type = CRYPTO_MD5_HMAC,
+	.name = "HMAC-MD5",
+	.keysize = MD5_HMAC_BLOCK_LEN,
+	.hashsize = MD5_HASH_LEN,
+	.ctxsize = sizeof(MD5_CTX),
+	.blocksize = MD5_HMAC_BLOCK_LEN,
+	.Init = (void (*) (void *)) MD5Init,
+	.Update = MD5Update_int,
+	.Final = (void (*) (u_int8_t *, void *)) MD5Final,
 };

 struct auth_hash auth_hash_key_md5 = {
-	CRYPTO_MD5_KPDK, "Keyed MD5",
-	NULL_HMAC_KEY_LEN, MD5_KPDK_HASH_LEN, sizeof(MD5_CTX), 0,
-	(void (*)(void *)) MD5Init, NULL, NULL, MD5Update_int,
-	(void (*)(u_int8_t *, void *)) MD5Final
+	.type = CRYPTO_MD5_KPDK,
+	.name = "Keyed MD5",
+	.keysize = 0,
+	.hashsize = MD5_KPDK_HASH_LEN,
+	.ctxsize = sizeof(MD5_CTX),
+	.blocksize = 0,
+	.Init = (void (*)(void *)) MD5Init,
+	.Update = MD5Update_int,
+	.Final = (void (*)(u_int8_t *, void *)) MD5Final,
 };

 /*
--- a/freebsd/sys/opencrypto/xform_null.c
+++ b/freebsd/sys/opencrypto/xform_null.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
@@ -78,10 +76,18 @@ struct enc_xform enc_xform_null = {
 };

 /* Authentication instances */
-struct auth_hash auth_hash_null = {	/* NB: context isn't used */
-	CRYPTO_NULL_HMAC, "NULL-HMAC",
-	NULL_HMAC_KEY_LEN, NULL_HASH_LEN, sizeof(int), NULL_HMAC_BLOCK_LEN,
-	null_init, null_reinit, null_reinit, null_update, null_final
+struct auth_hash auth_hash_null = {
+	.type = CRYPTO_NULL_HMAC,
+	.name = "NULL-HMAC",
+	.keysize = 0,
+	.hashsize = NULL_HASH_LEN,
+	.ctxsize = sizeof(int),	/* NB: context isn't used */
+	.blocksize = NULL_HMAC_BLOCK_LEN,
+	.Init = null_init,
+	.Setkey = null_reinit,
+	.Reinit = null_reinit,
+	.Update = null_update,
+	.Final = null_final,
 };

 /*
--- a/freebsd/sys/opencrypto/xform_rijndael.c
+++ b/freebsd/sys/opencrypto/xform_rijndael.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
--- a/freebsd/sys/opencrypto/xform_rmd160.c
+++ b/freebsd/sys/opencrypto/xform_rmd160.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
@@ -59,11 +57,15 @@ static	int RMD160Update_int(void *, const u_int8_t *, u_int16_t);

 /* Authentication instances */
 struct auth_hash auth_hash_hmac_ripemd_160 = {
-	CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160",
-	RIPEMD160_HMAC_KEY_LEN, RIPEMD160_HASH_LEN, sizeof(RMD160_CTX),
-	RIPEMD160_HMAC_BLOCK_LEN,
-	(void (*)(void *)) RMD160Init, NULL, NULL, RMD160Update_int,
-	(void (*)(u_int8_t *, void *)) RMD160Final
+	.type = CRYPTO_RIPEMD160_HMAC,
+	.name = "HMAC-RIPEMD-160",
+	.keysize = RIPEMD160_HMAC_BLOCK_LEN,
+	.hashsize = RIPEMD160_HASH_LEN,
+	.ctxsize = sizeof(RMD160_CTX),
+	.blocksize = RIPEMD160_HMAC_BLOCK_LEN,
+	.Init = (void (*)(void *)) RMD160Init,
+	.Update = RMD160Update_int,
+	.Final = (void (*)(u_int8_t *, void *)) RMD160Final,
 };

 /*
--- a/freebsd/sys/opencrypto/xform_sha1.c
+++ b/freebsd/sys/opencrypto/xform_sha1.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
@@ -61,15 +59,27 @@ static	void SHA1Final_int(u_int8_t *, void *);

 /* Authentication instances */
 struct auth_hash auth_hash_hmac_sha1 = {
-	CRYPTO_SHA1_HMAC, "HMAC-SHA1",
-	SHA1_HMAC_KEY_LEN, SHA1_HASH_LEN, sizeof(SHA1_CTX), SHA1_HMAC_BLOCK_LEN,
-	SHA1Init_int, NULL, NULL, SHA1Update_int, SHA1Final_int
+	.type = CRYPTO_SHA1_HMAC,
+	.name = "HMAC-SHA1",
+	.keysize = SHA1_HMAC_BLOCK_LEN,
+	.hashsize = SHA1_HASH_LEN,
+	.ctxsize = sizeof(SHA1_CTX),
+	.blocksize = SHA1_HMAC_BLOCK_LEN,
+	.Init = SHA1Init_int,
+	.Update = SHA1Update_int,
+	.Final = SHA1Final_int,
 };

 struct auth_hash auth_hash_key_sha1 = {
-	CRYPTO_SHA1_KPDK, "Keyed SHA1",
-	NULL_HMAC_KEY_LEN, SHA1_KPDK_HASH_LEN, sizeof(SHA1_CTX), 0,
-	SHA1Init_int, NULL, NULL, SHA1Update_int, SHA1Final_int
+	.type = CRYPTO_SHA1_KPDK,
+	.name = "Keyed SHA1",
+	.keysize = 0,
+	.hashsize = SHA1_KPDK_HASH_LEN,
+	.ctxsize = sizeof(SHA1_CTX),
+	.blocksize = 0,
+	.Init = SHA1Init_int,
+	.Update = SHA1Update_int,
+	.Final = SHA1Final_int,
 };

 /*
--- a/freebsd/sys/opencrypto/xform_sha2.c
+++ b/freebsd/sys/opencrypto/xform_sha2.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),
@@ -63,27 +61,39 @@ static	int SHA512Update_int(void *, const u_int8_t *, u_int16_t);

 /* Authentication instances */
 struct auth_hash auth_hash_hmac_sha2_256 = {
-	CRYPTO_SHA2_256_HMAC, "HMAC-SHA2-256",
-	SHA2_256_HMAC_KEY_LEN, SHA2_256_HASH_LEN, sizeof(SHA256_CTX),
-	SHA2_256_HMAC_BLOCK_LEN,
-	(void (*)(void *)) SHA256_Init, NULL, NULL, SHA256Update_int,
-	(void (*)(u_int8_t *, void *)) SHA256_Final
+	.type = CRYPTO_SHA2_256_HMAC,
+	.name = "HMAC-SHA2-256",
+	.keysize = SHA2_256_HMAC_BLOCK_LEN,
+	.hashsize = SHA2_256_HASH_LEN,
+	.ctxsize = sizeof(SHA256_CTX),
+	.blocksize = SHA2_256_HMAC_BLOCK_LEN,
+	.Init = (void (*)(void *)) SHA256_Init,
+	.Update = SHA256Update_int,
+	.Final = (void (*)(u_int8_t *, void *)) SHA256_Final,
 };

 struct auth_hash auth_hash_hmac_sha2_384 = {
-	CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384",
-	SHA2_384_HMAC_KEY_LEN, SHA2_384_HASH_LEN, sizeof(SHA384_CTX),
-	SHA2_384_HMAC_BLOCK_LEN,
-	(void (*)(void *)) SHA384_Init, NULL, NULL, SHA384Update_int,
-	(void (*)(u_int8_t *, void *)) SHA384_Final
+	.type = CRYPTO_SHA2_384_HMAC,
+	.name = "HMAC-SHA2-384",
+	.keysize = SHA2_384_HMAC_BLOCK_LEN,
+	.hashsize = SHA2_384_HASH_LEN,
+	.ctxsize = sizeof(SHA384_CTX),
+	.blocksize = SHA2_384_HMAC_BLOCK_LEN,
+	.Init = (void (*)(void *)) SHA384_Init,
+	.Update = SHA384Update_int,
+	.Final = (void (*)(u_int8_t *, void *)) SHA384_Final,
 };

 struct auth_hash auth_hash_hmac_sha2_512 = {
-	CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512",
-	SHA2_512_HMAC_KEY_LEN, SHA2_512_HASH_LEN, sizeof(SHA512_CTX),
-	SHA2_512_HMAC_BLOCK_LEN,
-	(void (*)(void *)) SHA512_Init, NULL, NULL, SHA512Update_int,
-	(void (*)(u_int8_t *, void *)) SHA512_Final
+	.type = CRYPTO_SHA2_512_HMAC,
+	.name = "HMAC-SHA2-512",
+	.keysize = SHA2_512_HMAC_BLOCK_LEN,
+	.hashsize = SHA2_512_HASH_LEN,
+	.ctxsize = sizeof(SHA512_CTX),
+	.blocksize = SHA2_512_HMAC_BLOCK_LEN,
+	.Init = (void (*)(void *)) SHA512_Init,
+	.Update = SHA512Update_int,
+	.Final = (void (*)(u_int8_t *, void *)) SHA512_Final,
 };

 /*
--- a/freebsd/sys/opencrypto/xform_skipjack.c
+++ b/freebsd/sys/opencrypto/xform_skipjack.c
@@ -1,5 +1,3 @@
-#include <machine/rtems-bsd-kernel-space.h>
-
 /*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
 /*-
 * The authors of this code are John Ioannidis (ji@tla.org),