Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/dev Eliminate uio indirection for cgd crypto.



details:   https://anonhg.NetBSD.org/src/rev/cc518c133567
branches:  trunk
changeset: 1010966:cc518c133567
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Sat Jun 13 22:15:06 2020 +0000

description:
Eliminate uio indirection for cgd crypto.

We don't actually use it, and we only ever used it kludgily in the
CBC encryption direction in the past anyway.

diffstat:

 sys/dev/cgd.c        |   32 +----
 sys/dev/cgd_crypto.c |  268 +++++++++-----------------------------------------
 sys/dev/cgd_crypto.h |    6 +-
 3 files changed, 58 insertions(+), 248 deletions(-)

diffs (truncated from 471 to 300 lines):

diff -r 9192f4d1c7cf -r cc518c133567 sys/dev/cgd.c
--- a/sys/dev/cgd.c     Sat Jun 13 22:03:38 2020 +0000
+++ b/sys/dev/cgd.c     Sat Jun 13 22:15:06 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cgd.c,v 1.131 2020/06/13 18:42:22 riastradh Exp $ */
+/* $NetBSD: cgd.c,v 1.132 2020/06/13 22:15:06 riastradh Exp $ */
 
 /*-
  * Copyright (c) 2002 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cgd.c,v 1.131 2020/06/13 18:42:22 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cgd.c,v 1.132 2020/06/13 22:15:06 riastradh Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -1541,46 +1541,26 @@
        char            *dst = dstv;
        char            *src = srcv;
        cfunc_cipher    *cipher = sc->sc_cfuncs->cf_cipher;
-       struct uio      dstuio;
-       struct uio      srcuio;
-       struct iovec    dstiov[2];
-       struct iovec    srciov[2];
        size_t          blocksize = sc->sc_cdata.cf_blocksize;
        size_t          todo;
        char            blkno_buf[CGD_MAXBLOCKSIZE];
 
        DPRINTF_FOLLOW(("cgd_cipher() dir=%d\n", dir));
 
-       KASSERTMSG(len % blocksize == 0,
-           "cgd_cipher: len %% blocksize != 0");
-
+       KASSERT(len % blocksize == 0);
        /* ensure that sizeof(daddr_t) <= blocksize (for encblkno IVing) */
-       KASSERTMSG(sizeof(daddr_t) <= blocksize,
-           "cgd_cipher: sizeof(daddr_t) > blocksize");
-
-       KASSERTMSG(blocksize <= CGD_MAXBLOCKSIZE,
-           "cgd_cipher: blocksize > CGD_MAXBLOCKSIZE");
-
-       dstuio.uio_iov = dstiov;
-       dstuio.uio_iovcnt = 1;
-
-       srcuio.uio_iov = srciov;
-       srcuio.uio_iovcnt = 1;
+       KASSERT(sizeof(daddr_t) <= blocksize);
+       KASSERT(blocksize <= CGD_MAXBLOCKSIZE);
 
        for (; len > 0; len -= todo) {
                todo = MIN(len, secsize);
 
-               dstiov[0].iov_base = dst;
-               srciov[0].iov_base = src;
-               dstiov[0].iov_len  = todo;
-               srciov[0].iov_len  = todo;
-
                memset(blkno_buf, 0x0, blocksize);
                blkno2blkno_buf(blkno_buf, blkno);
                IFDEBUG(CGDB_CRYPTO, hexprint("step 1: blkno_buf",
                    blkno_buf, blocksize));
 
-               cipher(sc->sc_cdata.cf_priv, &dstuio, &srcuio, blkno_buf, dir);
+               cipher(sc->sc_cdata.cf_priv, dst, src, todo, blkno_buf, dir);
 
                dst += todo;
                src += todo;
diff -r 9192f4d1c7cf -r cc518c133567 sys/dev/cgd_crypto.c
--- a/sys/dev/cgd_crypto.c      Sat Jun 13 22:03:38 2020 +0000
+++ b/sys/dev/cgd_crypto.c      Sat Jun 13 22:15:06 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cgd_crypto.c,v 1.22 2020/06/13 18:40:14 riastradh Exp $ */
+/* $NetBSD: cgd_crypto.c,v 1.23 2020/06/13 22:15:06 riastradh Exp $ */
 
 /*-
  * Copyright (c) 2002 The NetBSD Foundation, Inc.
@@ -37,7 +37,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cgd_crypto.c,v 1.22 2020/06/13 18:40:14 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cgd_crypto.c,v 1.23 2020/06/13 22:15:06 riastradh Exp $");
 
 #include <sys/param.h>
 #include <sys/kmem.h>
@@ -109,66 +109,6 @@
        return NULL;
 }
 
-typedef void   (*cipher_func)(void *, void *, const void *, size_t);
-
-static void
-cgd_cipher_uio(void *privdata, cipher_func cipher,
-       struct uio *dstuio, struct uio *srcuio);
-
-/*
- * cgd_cipher_uio takes a simple cbc or xts cipher and iterates
- * it over two struct uio's.  It presumes that the cipher function
- * that is passed to it keeps the IV state between calls.
- *
- * We assume that the caller has ensured that each segment is evenly
- * divisible by the block size, which for the cgd is a valid assumption.
- * If we were to make this code more generic, we might need to take care
- * of this case, either by issuing an error or copying the data.
- */
-
-static void
-cgd_cipher_uio(void *privdata, cipher_func cipher,
-    struct uio *dstuio, struct uio *srcuio)
-{
-       const struct iovec      *dst;
-       const struct iovec      *src;
-       int              dstnum;
-       int              dstoff = 0;
-       int              srcnum;
-       int              srcoff = 0;
-
-       dst = dstuio->uio_iov;
-       dstnum = dstuio->uio_iovcnt;
-       src = srcuio->uio_iov;
-       srcnum = srcuio->uio_iovcnt;
-       for (;;) {
-               int l = MIN(dst->iov_len - dstoff, src->iov_len - srcoff);
-               uint8_t *d = (uint8_t *)dst->iov_base + dstoff;
-               const uint8_t *s = (const uint8_t *)src->iov_base + srcoff;
-
-               cipher(privdata, d, s, l);
-
-               dstoff += l;
-               srcoff += l;
-               /*
-                * We assume that {dst,src} == {dst,src}->iov_len,
-                * because it should not be possible for it not to be.
-                */
-               if (dstoff == dst->iov_len) {
-                       dstoff = 0;
-                       dstnum--;
-                       dst++;
-               }
-               if (srcoff == src->iov_len) {
-                       srcoff = 0;
-                       srcnum--;
-                       src++;
-               }
-               if (!srcnum || !dstnum)
-                       break;
-       }
-}
-
 /*
  *  AES Framework
  */
@@ -178,11 +118,6 @@
        keyInstance     ap_deckey;
 };
 
-struct aes_encdata {
-       keyInstance     *ae_key;        /* key for this direction */
-       uint8_t          ae_iv[CGD_AES_BLOCK_SIZE]; /* Initialization Vector */
-};
-
 static void *
 cgd_cipher_aes_cbc_init(size_t keylen, const void *key, size_t *blocksize)
 {
@@ -212,58 +147,30 @@
 }
 
 static void
-aes_cbc_enc_int(void *privdata, void *dst, const void *src, size_t len)
+cgd_cipher_aes_cbc(void *privdata, void *dst, const void *src, size_t nbytes,
+    const void *blkno, int dir)
 {
-       struct aes_encdata      *ae = privdata;
-       cipherInstance           cipher;
-       int                      cipher_ok __diagused;
-
-       cipher_ok = rijndael_cipherInit(&cipher, MODE_CBC, ae->ae_iv);
-       KASSERT(cipher_ok > 0);
-       rijndael_blockEncrypt(&cipher, ae->ae_key, src, /*inputbits*/len * 8,
-           dst);
-       (void)memcpy(ae->ae_iv, (uint8_t *)dst +
-           (len - CGD_AES_BLOCK_SIZE), CGD_AES_BLOCK_SIZE);
-}
-
-static void
-aes_cbc_dec_int(void *privdata, void *dst, const void *src, size_t len)
-{
-       struct aes_encdata      *ae = privdata;
+       struct aes_privdata     *apd = privdata;
+       uint8_t                  iv[CGD_AES_BLOCK_SIZE] = {0};
        cipherInstance           cipher;
        int                      cipher_ok __diagused;
 
-       cipher_ok = rijndael_cipherInit(&cipher, MODE_CBC, ae->ae_iv);
-       KASSERT(cipher_ok > 0);
-       rijndael_blockDecrypt(&cipher, ae->ae_key, src, /*inputbits*/len * 8,
-           dst);
-       (void)memcpy(ae->ae_iv, (const uint8_t *)src +
-           (len - CGD_AES_BLOCK_SIZE), CGD_AES_BLOCK_SIZE);
-}
-
-static void
-cgd_cipher_aes_cbc(void *privdata, struct uio *dstuio,
-    struct uio *srcuio, const void *iv, int dir)
-{
-       struct aes_privdata     *apd = privdata;
-       struct aes_encdata       encd;
-       cipherInstance           cipher;
-       int                      cipher_ok __diagused;
-
-       /* Compute the CBC IV as AES_k(iv).  */
+       /* Compute the CBC IV as AES_k(blkno).  */
        cipher_ok = rijndael_cipherInit(&cipher, MODE_ECB, NULL);
        KASSERT(cipher_ok > 0);
-       rijndael_blockEncrypt(&cipher, &apd->ap_enckey, iv, /*inputbits*/128,
-           encd.ae_iv);
+       rijndael_blockEncrypt(&cipher, &apd->ap_enckey, blkno, /*nbits*/128,
+           iv);
 
+       cipher_ok = rijndael_cipherInit(&cipher, MODE_CBC, iv);
+       KASSERT(cipher_ok > 0);
        switch (dir) {
        case CGD_CIPHER_ENCRYPT:
-               encd.ae_key = &apd->ap_enckey;
-               cgd_cipher_uio(&encd, aes_cbc_enc_int, dstuio, srcuio);
+               rijndael_blockEncrypt(&cipher, &apd->ap_enckey, src,
+                   /*nbits*/nbytes * 8, dst);
                break;
        case CGD_CIPHER_DECRYPT:
-               encd.ae_key = &apd->ap_deckey;
-               cgd_cipher_uio(&encd, aes_cbc_dec_int, dstuio, srcuio);
+               rijndael_blockDecrypt(&cipher, &apd->ap_deckey, src,
+                   /*nbits*/nbytes * 8, dst);
                break;
        default:
                panic("%s: unrecognised direction %d", __func__, dir);
@@ -280,11 +187,6 @@
        keyInstance     ax_tweakkey;
 };
 
-struct aesxts_state {
-       struct aesxts   *axs_keys;
-       uint8_t         axs_tweak[CGD_AES_BLOCK_SIZE];
-};
-
 static void *
 cgd_cipher_aes_xts_init(size_t keylen, const void *xtskey, size_t *blocksize)
 {
@@ -322,53 +224,30 @@
 }
 
 static void
-aes_xts_enc_int(void *state, void *dst, const void *src, size_t len)
+cgd_cipher_aes_xts(void *cookie, void *dst, const void *src, size_t nbytes,
+    const void *blkno, int dir)
 {
-       struct aesxts_state *axs = state;
-       cipherInstance cipher;
-       int cipher_ok __diagused;
-
-       cipher_ok = rijndael_cipherInit(&cipher, MODE_XTS, axs->axs_tweak);
-       KASSERT(cipher_ok > 0);
-       rijndael_blockEncrypt(&cipher, &axs->axs_keys->ax_enckey, src,
-           /*inputbits*/len * 8, dst);
-       memcpy(axs->axs_tweak, cipher.IV, CGD_AES_BLOCK_SIZE);
-}
-
-static void
-aes_xts_dec_int(void *state, void *dst, const void *src, size_t len)
-{
-       struct aesxts_state *axs = state;
+       struct aesxts *ax = cookie;
+       uint8_t tweak[CGD_AES_BLOCK_SIZE];
        cipherInstance cipher;
        int cipher_ok __diagused;
 
-       cipher_ok = rijndael_cipherInit(&cipher, MODE_XTS, axs->axs_tweak);
-       KASSERT(cipher_ok > 0);
-       rijndael_blockDecrypt(&cipher, &axs->axs_keys->ax_deckey, src,
-           /*inputbits*/len * 8, dst);
-       memcpy(axs->axs_tweak, cipher.IV, CGD_AES_BLOCK_SIZE);
-}
-
-static void
-cgd_cipher_aes_xts(void *cookie, struct uio *dstuio, struct uio *srcuio,
-    const void *iv, int dir)
-{
-       struct aesxts *ax = cookie;
-       struct aesxts_state axs = { .axs_keys = ax };
-       cipherInstance cipher;
-       int cipher_ok __diagused;
-
+       /* Compute the initial tweak as AES_k(blkno).  */
        cipher_ok = rijndael_cipherInit(&cipher, MODE_ECB, NULL);
        KASSERT(cipher_ok > 0);
-       rijndael_blockEncrypt(&cipher, &ax->ax_tweakkey, iv, /*inputbits*/128,
-           axs.axs_tweak);
+       rijndael_blockEncrypt(&cipher, &ax->ax_tweakkey, blkno, /*nbits*/128,



Home | Main Index | Thread Index | Old Index