The branch stable/13 has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=11db133ecad7930dd4f289815e2a1b531390f124
commit 11db133ecad7930dd4f289815e2a1b531390f124 Author: John Baldwin <[email protected]> AuthorDate: 2021-10-06 21:08:46 +0000 Commit: John Baldwin <[email protected]> CommitDate: 2021-10-21 15:51:25 +0000 cryptodev: Use 'csp' in the handlers for requests. - Retire cse->mode and use csp->csp_mode instead. - Use csp->csp_cipher_algorithm instead of the ivsize when checking for the fixup for the IV length for AES-XTS. Reviewed by: markj Sponsored by: Chelsio Communications, The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D32103 (cherry picked from commit b4e0a27c5be5090a9db16dd0ad417543b1fb0c4a) --- sys/opencrypto/cryptodev.c | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c index 81c6dcd01e2a..9f581e68fe92 100644 --- a/sys/opencrypto/cryptodev.c +++ b/sys/opencrypto/cryptodev.c @@ -3,13 +3,16 @@ /*- * Copyright (c) 2001 Theo de Raadt * Copyright (c) 2002-2006 Sam Leffler, Errno Consulting - * Copyright (c) 2014 The FreeBSD Foundation + * Copyright (c) 2014-2021 The FreeBSD Foundation * All rights reserved. * * Portions of this software were developed by John-Mark Gurney * under sponsorship of the FreeBSD Foundation and * Rubicon Communications, LLC (Netgate). * + * Portions of this software were developed by Ararat River + * Consulting, LLC under sponsorship of the FreeBSD Foundation. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -325,7 +328,6 @@ struct csession { struct enc_xform *txform; int hashsize; int ivsize; - int mode; void *key; void *mackey; @@ -679,7 +681,6 @@ cse_create(struct fcrypt *fcr, struct session2_op *sop) refcount_init(&cse->refs, 1); cse->key = key; cse->mackey = mackey; - cse->mode = csp.csp_mode; cse->cses = cses; cse->txform = txform; if (thash != NULL) @@ -808,6 +809,7 @@ cryptodev_cb(struct cryptop *crp) static int cryptodev_op(struct csession *cse, const struct crypt_op *cop) { + const struct crypto_session_params *csp; struct cryptop_data *cod = NULL; struct cryptop *crp = NULL; char *dst; @@ -857,7 +859,8 @@ cryptodev_op(struct csession *cse, const struct crypt_op *cop) if (cse->hashsize) crp->crp_digest_start = cop->len; - switch (cse->mode) { + csp = crypto_get_params(cse->cses); + switch (csp->csp_mode) { case CSP_MODE_COMPRESS: switch (cop->op) { case COP_ENCRYPT: @@ -1023,6 +1026,7 @@ bail: static int cryptodev_aead(struct csession *cse, struct crypt_aead *caead) { + const struct crypto_session_params *csp; struct cryptop_data *cod = NULL; struct cryptop *crp = NULL; char *dst; @@ -1085,7 +1089,8 @@ cryptodev_aead(struct csession *cse, struct crypt_aead *caead) else crp->crp_digest_start = crp->crp_payload_start + caead->len; - switch (cse->mode) { + csp = crypto_get_params(cse->cses); + switch (csp->csp_mode) { case CSP_MODE_AEAD: case CSP_MODE_ETA: switch (caead->op) { @@ -1123,9 +1128,9 @@ cryptodev_aead(struct csession *cse, struct crypt_aead *caead) * Permit a 16-byte IV for AES-XTS, but only use the * first 8 bytes as a block number. */ - if (cse->mode == CSP_MODE_ETA && - caead->ivlen == AES_BLOCK_LEN && - cse->ivsize == AES_XTS_IV_LEN) + if (csp->csp_mode == CSP_MODE_ETA && + csp->csp_cipher_alg == CRYPTO_AES_XTS && + caead->ivlen == AES_BLOCK_LEN) caead->ivlen = AES_XTS_IV_LEN; if (cse->ivsize == 0) {
