- aes-128-cbc-hmac-sha256
- aes-256-cbc-hmac-sha256
Enabled the support of TLS1.1 algorithms offload
- aes-128-cbc-hmac-sha1
- aes-256-cbc-hmac-sha1
Signed-off-by: Arun Pathak <[email protected]>
Signed-off-by: Pankaj Gupta <[email protected]>
---
drivers/crypto/caam/caamalg_desc.c | 47 ++++++++++++++++++++++++++++--
drivers/crypto/caam/caamalg_desc.h | 5 ++++
drivers/crypto/caam/caamalg_qi.c | 33 +++++++++++++++++++--
drivers/crypto/caam/caamalg_qi2.c | 34 +++++++++++++++++++--
4 files changed, 112 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/caam/caamalg_desc.c b/drivers/crypto/caam/caamalg_desc.c
index 0fea15eabf6e..ee9ed9d90530 100644
--- a/drivers/crypto/caam/caamalg_desc.c
+++ b/drivers/crypto/caam/caamalg_desc.c
@@ -643,6 +643,9 @@ void cnstr_shdsc_tls_encap(u32 * const desc, struct alginfo *cdata,
unsigned int blocksize, int era)
{
u32 *key_jump_cmd, *zero_payload_jump_cmd;
+#if TLS1_1_SUPPORT
+ u32 *tls10_jump_cmd, *xplicit_iv_jump_cmd;
+#endif
u32 genpad, idx_ld_datasz, idx_ld_pad, stidx;
/*
@@ -697,15 +700,42 @@ void cnstr_shdsc_tls_encap(u32 * const desc, struct alginfo *cdata,
append_operation(desc, cdata->algtype | OP_ALG_AS_INITFINAL |
OP_ALG_ENCRYPT);
+#ifdef TLS1_1_SUPPORT
+ /* skip data to the TLS version field in the Assoclen
+ * IV + 9 bytes of assoclen = 25
+ */
+ append_seq_fifo_load(desc, 0, FIFOLD_CLASS_SKIP | 25);
+
+ append_cmd(desc, CMD_SEQ_LOAD | LDST_CLASS_DECO |
+ LDST_SRCDST_WORD_DECO_MATH3 | (6 << LDST_OFFSET_SHIFT) | 2);
+ append_jump(desc, JUMP_TEST_ALL | JUMP_COND_CALM | 1);
+
+ /* rewind input sequence */
+ append_seq_in_ptr(desc, 0, 27, SQIN_RTO);
+#endif
+
+#ifdef TLS1_1_SUPPORT
+ append_math_and_imm_u64(desc, REG1, REG3, IMM, 0xFCFE);
+ xplicit_iv_jump_cmd = append_jump(desc, JUMP_TEST_ALL |
+ JUMP_COND_MATH_Z);
+ append_math_add_imm_u32(desc, REG2, ZERO, IMM, ivsize);
+ set_jump_tgt_here(desc, xplicit_iv_jump_cmd);
+#endif
+
/* payloadlen = input data length - (assoclen + ivlen) */
append_math_sub_imm_u32(desc, REG0, SEQINLEN, IMM, assoclen + ivsize);
-
+#ifdef TLS1_1_SUPPORT
+ append_math_sub(desc, REG0, REG0, REG2, 4);
+#endif
/* math1 = payloadlen + icvlen */
append_math_add_imm_u32(desc, REG1, REG0, IMM, authsize);
+#ifdef TLS1_1_SUPPORT
+ append_math_add(desc, REG1, REG1, REG2, 4);
+#endif
/* padlen = block_size - math1 % block_size */
- append_math_and_imm_u32(desc, REG3, REG1, IMM, blocksize - 1);
- append_math_sub_imm_u32(desc, REG2, IMM, REG3, blocksize);
+ append_math_and_imm_u32(desc, REG2, REG1, IMM, blocksize - 1);
+ append_math_sub_imm_u32(desc, REG2, IMM, REG2, blocksize);
/* cryptlen = payloadlen + icvlen + padlen */
append_math_add(desc, VARSEQOUTLEN, REG1, REG2, 4);
@@ -740,6 +770,17 @@ void cnstr_shdsc_tls_encap(u32 * const desc, struct alginfo *cdata,
/* read assoc for authentication */
append_seq_fifo_load(desc, assoclen, FIFOLD_CLASS_CLASS2 |
FIFOLD_TYPE_MSG);
+#ifdef TLS1_1_SUPPORT
+ append_math_and_imm_u64(desc, REG2, REG3, IMM, 0xFCFE);
+ tls10_jump_cmd = append_jump(desc, JUMP_TEST_ALL |
+ JUMP_COND_MATH_Z);
+
+ /* read xplicit iv in case of >TL10 */
+ append_seq_fifo_load(desc, ivsize, FIFOLD_CLASS_CLASS1 |
+ FIFOLD_TYPE_MSG);
+
+ set_jump_tgt_here(desc, tls10_jump_cmd);
+#endif
/* insnoop payload */
append_seq_fifo_load(desc, 0, FIFOLD_CLASS_BOTH | FIFOLD_TYPE_MSG |
FIFOLD_TYPE_LAST2 | FIFOLDST_VLF);
diff --git a/drivers/crypto/caam/caamalg_desc.h b/drivers/crypto/caam/caamalg_desc.h
index 99f0d1471d9c..7b4bfd2d7b96 100644
--- a/drivers/crypto/caam/caamalg_desc.h
+++ b/drivers/crypto/caam/caamalg_desc.h
@@ -16,9 +16,14 @@
#define DESC_QI_AEAD_ENC_LEN (DESC_AEAD_ENC_LEN + 3 * CAAM_CMD_SZ)
#define DESC_QI_AEAD_DEC_LEN (DESC_AEAD_DEC_LEN + 3 * CAAM_CMD_SZ)
#define DESC_QI_AEAD_GIVENC_LEN (DESC_AEAD_GIVENC_LEN + 3 * CAAM_CMD_SZ)
+#define TLS1_1_SUPPORT 1
#define DESC_TLS_BASE (4 * CAAM_CMD_SZ)
+#ifdef TLS1_1_SUPPORT
+#define DESC_TLS10_ENC_LEN (DESC_TLS_BASE + 45 * CAAM_CMD_SZ)
+#else
#define DESC_TLS10_ENC_LEN (DESC_TLS_BASE + 29 * CAAM_CMD_SZ)
+#endif
/* Note: Nonce is counted in cdata.keylen */
#define DESC_AEAD_CTR_RFC3686_LEN (4 * CAAM_CMD_SZ)
diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c
index fceeef155863..29a354ee960e 100644
--- a/drivers/crypto/caam/caamalg_qi.c
+++ b/drivers/crypto/caam/caamalg_qi.c
@@ -296,8 +296,10 @@ static int tls_set_sh_desc(struct crypto_aead *tls)
unsigned int ivsize = crypto_aead_ivsize(tls);
unsigned int blocksize = crypto_aead_blocksize(tls);
unsigned int assoclen = 13; /* always 13 bytes for TLS */
+#ifndef TLS1_1_SUPPORT
unsigned int data_len[2];
u32 inl_mask;
+#endif
struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctx->jrdev->parent);
if (!ctx->cdata.keylen || !ctx->authsize)
@@ -308,6 +310,7 @@ static int tls_set_sh_desc(struct crypto_aead *tls)
* Job Descriptor and Shared Descriptor
* must fit into the 64-word Descriptor h/w Buffer
*/
+#ifndef TLS1_1_SUPPORT
data_len[0] = ctx->adata.keylen_pad;
data_len[1] = ctx->cdata.keylen;
@@ -327,6 +330,12 @@ static int tls_set_sh_desc(struct crypto_aead *tls)
ctx->adata.key_inline = !!(inl_mask & 1);
ctx->cdata.key_inline = !!(inl_mask & 2);
+#else
+ ctx->adata.key_dma = ctx->key_dma;
+ ctx->cdata.key_dma = ctx->key_dma + ctx->adata.keylen_pad;
+ ctx->adata.key_inline = false;
+ ctx->cdata.key_inline = false;
+#endif
cnstr_shdsc_tls_encap(ctx->sh_desc_enc, &ctx->cdata, &ctx->adata,
assoclen, ivsize, ctx->authsize, blocksize,
@@ -2847,8 +2856,8 @@ static struct caam_aead_alg driver_aeads[] = {
{
.aead = {
.base = {
- .cra_name = "tls10(hmac(sha1),cbc(aes))",
- .cra_driver_name = "tls10-hmac-sha1-cbc-aes-caam-qi",
+ .cra_name = "tls11(hmac(sha1),cbc(aes))",
+ .cra_driver_name = "tls11-hmac-sha1-cbc-aes-caam-qi",
.cra_blocksize = AES_BLOCK_SIZE,
},
.setkey = tls_setkey,
@@ -2862,6 +2871,26 @@ static struct caam_aead_alg driver_aeads[] = {
.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
.class2_alg_type = OP_ALG_ALGSEL_SHA1 |
OP_ALG_AAI_HMAC_PRECOMP,
+ },
+ },
+ {
+ .aead = {
+ .base = {
+ .cra_name = "tls12(hmac(sha256),cbc(aes))",
+ .cra_driver_name = "tls12-hmac-sha256-cbc-aes-caam-qi",
+ .cra_blocksize = AES_BLOCK_SIZE,
+ },
+ .setkey = tls_setkey,
+ .setauthsize = tls_setauthsize,
+ .encrypt = tls_encrypt,
+ .decrypt = tls_decrypt,
+ .ivsize = AES_BLOCK_SIZE,
+ .maxauthsize = SHA256_DIGEST_SIZE,
+ },
+ .caam = {
+ .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
+ .class2_alg_type = OP_ALG_ALGSEL_SHA256 |
+ OP_ALG_AAI_HMAC_PRECOMP,
}
}
};
diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c
index 5fd86bac5cf6..46e1bbe14ecf 100644
--- a/drivers/crypto/caam/caamalg_qi2.c
+++ b/drivers/crypto/caam/caamalg_qi2.c
@@ -773,8 +773,10 @@ static int tls_set_sh_desc(struct crypto_aead *tls)
struct caam_flc *flc;
u32 *desc;
unsigned int assoclen = 13; /* always 13 bytes for TLS */
+#ifndef TLS1_1_SUPPORT
unsigned int data_len[2];
u32 inl_mask;
+#endif
if (!ctx->cdata.keylen || !ctx->authsize)
return 0;
@@ -784,6 +786,7 @@ static int tls_set_sh_desc(struct crypto_aead *tls)
* Job Descriptor and Shared Descriptor
* must fit into the 64-word Descriptor h/w Buffer
*/
+#ifndef TLS1_1_SUPPORT
data_len[0] = ctx->adata.keylen_pad;
data_len[1] = ctx->cdata.keylen;
@@ -803,6 +806,13 @@ static int tls_set_sh_desc(struct crypto_aead *tls)
ctx->adata.key_inline = !!(inl_mask & 1);
ctx->cdata.key_inline = !!(inl_mask & 2);
+#else
+ ctx->adata.key_dma = ctx->key_dma;
+ ctx->cdata.key_dma = ctx->key_dma + ctx->adata.keylen_pad;
+ ctx->adata.key_inline = false;
+ ctx->cdata.key_inline = false;
+#endif
+
flc = &ctx->flc[ENCRYPT];
desc = flc->sh_desc;
@@ -3362,8 +3372,8 @@ static struct caam_aead_alg driver_aeads[] = {
{
.aead = {
.base = {
- .cra_name = "tls10(hmac(sha1),cbc(aes))",
- .cra_driver_name = "tls10-hmac-sha1-cbc-aes-caam-qi2",
+ .cra_name = "tls11(hmac(sha1),cbc(aes))",
+ .cra_driver_name = "tls11-hmac-sha1-cbc-aes-caam-qi2",
.cra_blocksize = AES_BLOCK_SIZE,
},
.setkey = tls_setkey,
@@ -3379,6 +3389,26 @@ static struct caam_aead_alg driver_aeads[] = {
OP_ALG_AAI_HMAC_PRECOMP,
},
},
+ {
+ .aead = {
+ .base = {
+ .cra_name = "tls12(hmac(sha256),cbc(aes))",
+ .cra_driver_name = "tls12-hmac-sha256-cbc-aes-caam-qi2",
+ .cra_blocksize = AES_BLOCK_SIZE,
+ },
+ .setkey = tls_setkey,
+ .setauthsize = tls_setauthsize,
+ .encrypt = tls_encrypt,
+ .decrypt = tls_decrypt,
+ .ivsize = AES_BLOCK_SIZE,
+ .maxauthsize = SHA256_DIGEST_SIZE,
+ },
+ .caam = {
+ .class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
+ .class2_alg_type = OP_ALG_ALGSEL_SHA1 |
+ OP_ALG_AAI_HMAC_PRECOMP,
+ },
+ },
};
static void caam_skcipher_alg_init(struct caam_skcipher_alg *t_alg)
--
2.17.1
On 1/23/2020 1:22 PM, Pankaj Gupta wrote:
> - aes-128-cbc-hmac-sha256
> - aes-256-cbc-hmac-sha256
>
> Enabled the support of TLS1.1 algorithms offload
>
> - aes-128-cbc-hmac-sha1
> - aes-256-cbc-hmac-sha1
>
Patch does not apply, since there's no specific tls support
in upstream caam drivers.
caam drivers register crypto algorithms to the crypto API,
and ktls uses whatever it pleases:
https://www.kernel.org/doc/html/latest/networking/tls-offload.html
https://www.kernel.org/doc/html/latest/networking/tls.html
Horia
Hi Horia,
Thanks for review comment.
Yes, rightly said.
I will re-work and update.
Regards
Pankaj
-----Original Message-----
From: Horia Geanta <[email protected]>
Sent: Thursday, January 23, 2020 8:18 PM
To: Pankaj Gupta <[email protected]>; Aymen Sghaier <[email protected]>; Herbert Xu <[email protected]>; David S. Miller <[email protected]>; [email protected]; [email protected]
Cc: Arun Pathak <[email protected]>
Subject: Re: [PATCH] add support for TLS1.2 algorithms offload
On 1/23/2020 1:22 PM, Pankaj Gupta wrote:
> - aes-128-cbc-hmac-sha256
> - aes-256-cbc-hmac-sha256
>
> Enabled the support of TLS1.1 algorithms offload
>
> - aes-128-cbc-hmac-sha1
> - aes-256-cbc-hmac-sha1
>
Patch does not apply, since there's no specific tls support in upstream caam drivers.
caam drivers register crypto algorithms to the crypto API, and ktls uses whatever it pleases:
https://www.kernel.org/doc/html/latest/networking/tls-offload.html
https://www.kernel.org/doc/html/latest/networking/tls.html
Horia