git: 61ff0a1f8145 - main - /dev/crypto: Store blocksize in cse rather than txform pointer.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 30 Dec 2021 01:50:47 UTC
The branch main has been updated by jhb:
URL: https://cgit.FreeBSD.org/src/commit/?id=61ff0a1f8145622a4db669715fc04e9358e643a6
commit 61ff0a1f8145622a4db669715fc04e9358e643a6
Author: John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-12-30 01:50:23 +0000
Commit: John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-12-30 01:50:23 +0000
/dev/crypto: Store blocksize in cse rather than txform pointer.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D33614
---
sys/opencrypto/cryptodev.c | 29 ++++++++++++++++++++---------
1 file changed, 20 insertions(+), 9 deletions(-)
diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c
index b8b727653847..a8c9f04e1fb7 100644
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@@ -269,7 +269,7 @@ struct csession {
uint32_t ses;
struct mtx lock; /* for op submission */
- const struct enc_xform *txform;
+ u_int blocksize;
int hashsize;
int ivsize;
@@ -499,7 +499,6 @@ cse_create(struct fcrypt *fcr, struct session2_op *sop)
cse->key = key;
cse->mackey = mackey;
cse->cses = cses;
- cse->txform = txform;
if (sop->maclen != 0)
cse->hashsize = sop->maclen;
else if (thash != NULL)
@@ -508,6 +507,16 @@ cse_create(struct fcrypt *fcr, struct session2_op *sop)
cse->hashsize = txform->macsize;
cse->ivsize = csp.csp_ivlen;
+ /*
+ * NB: This isn't necessarily the block size of the underlying
+ * MAC or cipher but is instead a restriction on valid input
+ * sizes.
+ */
+ if (txform != NULL)
+ cse->blocksize = txform->blocksize;
+ else
+ cse->blocksize = 1;
+
mtx_lock(&fcr->lock);
TAILQ_INSERT_TAIL(&fcr->csessions, cse, next);
cse->ses = fcr->sesn++;
@@ -635,11 +644,9 @@ cryptodev_op(struct csession *cse, const struct crypt_op *cop)
return (E2BIG);
}
- if (cse->txform) {
- if ((cop->len % cse->txform->blocksize) != 0) {
- SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
- return (EINVAL);
- }
+ if ((cop->len % cse->blocksize) != 0) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+ return (EINVAL);
}
if (cop->mac && cse->hashsize == 0) {
@@ -866,8 +873,12 @@ cryptodev_aead(struct csession *cse, struct crypt_aead *caead)
return (E2BIG);
}
- if (cse->txform == NULL || cse->hashsize == 0 || caead->tag == NULL ||
- (caead->len % cse->txform->blocksize) != 0) {
+ if ((caead->len % cse->blocksize) != 0) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+ return (EINVAL);
+ }
+
+ if (cse->hashsize == 0 || caead->tag == NULL) {
SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
return (EINVAL);
}