svn commit: r361446 - head/sys/dev/mlx5/mlx5_en

Hans Petter Selasky hselasky at FreeBSD.org
Mon May 25 12:34:16 UTC 2020 

Author: hselasky
Date: Mon May 25 12:34:15 2020
New Revision: 361446
URL: https://svnweb.freebsd.org/changeset/base/361446

Log:
  Correctly set the initial vector for TLS v1.3 for mlx5en(4).
  
  For TLS v1.3 the 12 bytes of the initial vector, IV, should just be copied
  as-is from the kernel to the gcm_iv field, which hold the first 4 bytes,
  and the remaining 8 bytes go to the subsequent implicit_iv field.
  There is no need to consider the byte order on the 12 bytes of IV like
  initially done.
  
  Sponsored by:	Mellanox Technologies

Modified:
  head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c

Modified: head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c
==============================================================================
--- head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c	Mon May 25 12:31:48 2020	(r361445)
+++ head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c	Mon May 25 12:34:15 2020	(r361446)
@@ -251,18 +251,14 @@ mlx5e_tls_set_params(void *ctx, const struct tls_sessi
 	MLX5_SET(sw_tls_cntx, ctx, param.encryption_standard, 1); /* TLS */
 
 	/* copy the initial vector in place */
-	if (en->iv_len == MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv)) {
+	switch (en->iv_len) {
+	case MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv):
+	case MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv) +
+	     MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.implicit_iv):
 		memcpy(MLX5_ADDR_OF(sw_tls_cntx, ctx, param.gcm_iv),
-		    en->iv, MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv));
-	} else if (en->iv_len == (MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv) +
-				  MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.implicit_iv))) {
-		memcpy(MLX5_ADDR_OF(sw_tls_cntx, ctx, param.gcm_iv),
-		    (char *)en->iv + MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.implicit_iv),
-		    MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.gcm_iv));
-		memcpy(MLX5_ADDR_OF(sw_tls_cntx, ctx, param.implicit_iv),
-		    en->iv,
-		    MLX5_FLD_SZ_BYTES(sw_tls_cntx, param.implicit_iv));
-	} else {
+		    en->iv, en->iv_len);
+		break;
+	default:
 		return (EINVAL);
 	}

More information about the svn-src-all mailing list