add support for TLS1.2 algorithms offload

Message ID	20200123110413.23064-1-pankaj.gupta@nxp.com (mailing list archive)
State	Changes Requested
Delegated to:	Herbert Xu
Headers	show Return-Path: <SRS0=jQAN=3M=vger.kernel.org=linux-crypto-owner@kernel.org> From: Pankaj Gupta <pankaj.gupta@nxp.com> To: Horia Geanta <horia.geanta@nxp.com>, Aymen Sghaier <aymen.sghaier@nxp.com>, Herbert Xu <herbert@gondor.apana.org.au>, "David S. Miller" <davem@davemloft.net>, "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>, "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org> CC: Pankaj Gupta <pankaj.gupta@nxp.com>, Arun Pathak <arun.pathak@nxp.com> Subject: [PATCH] add support for TLS1.2 algorithms offload Thread-Topic: [PATCH] add support for TLS1.2 algorithms offload Thread-Index: AQHV0d9fpUp9vdyUr0ua541zV8eJNw== Date: Thu, 23 Jan 2020 11:22:17 +0000 Message-ID: <20200123110413.23064-1-pankaj.gupta@nxp.com> Accept-Language: en-US Content-Language: en-US received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk
Series	add support for TLS1.2 algorithms offload \| expand add support for TLS1.2 algorithms offload

Message ID

20200123110413.23064-1-pankaj.gupta@nxp.com (mailing list archive)

State

Changes Requested

Delegated to:

Herbert Xu

Headers

From: Pankaj Gupta <pankaj.gupta@nxp.com>
To: Horia Geanta <horia.geanta@nxp.com>,
        Aymen Sghaier <aymen.sghaier@nxp.com>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>,
        "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
CC: Pankaj Gupta <pankaj.gupta@nxp.com>,
        Arun Pathak <arun.pathak@nxp.com>
Subject: [PATCH] add support for TLS1.2 algorithms offload
Thread-Topic: [PATCH] add support for TLS1.2 algorithms offload
Thread-Index: AQHV0d9fpUp9vdyUr0ua541zV8eJNw==
Date: Thu, 23 Jan 2020 11:22:17 +0000
Message-ID: <20200123110413.23064-1-pankaj.gupta@nxp.com>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 920a481b-10c9-4599-1735-08d79ff68152
x-ms-traffictypediagnostic: AM0PR04MB5730:|AM0PR04MB5730:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: 
 <AM0PR04MB573018F86CB4D577703B4471950F0@AM0PR04MB5730.eurprd04.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:4941;
x-forefront-prvs: 029174C036
x-forefront-antispam-report: 
 SFV:NSPM;SFS:(10009020)(4636009)(136003)(39860400002)(346002)(376002)(366004)(396003)(199004)(189003)(5660300002)(316002)(186003)(16526019)(956004)(2616005)(26005)(110136005)(54906003)(71200400001)(6486002)(52116002)(6506007)(478600001)(86362001)(6512007)(1076003)(2906002)(36756003)(8676002)(81166006)(66946007)(66446008)(66476007)(8936002)(4326008)(44832011)(81156014)(64756008)(66556008);DIR:OUT;SFP:1101;SCL:1;SRVR:AM0PR04MB5730;H:AM0PR04MB5089.eurprd04.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;A:1;MX:1;
received-spf: None (protection.outlook.com: nxp.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 
 xvHcozoRd6rQ+SGjSOh0V72NPFP/Wy7k6riFyU1iphuXF2mCyxMjmwPyd8mFaE2FwVLca8f2ec6GF32YFvuj0LEKmcVLuuRMkLzkJa+ZcyMW//bxdZOJfYVI3wUL5hW1rXOdLF6feSx8QPY3srm1yfOKHXs53Bw0kgBkCGWndQm43osu7lDo2TzeYzvOt2V8p0NOfVtlBuKtyh7fUMTrnxwOhxcR342HDiNQfbPB5CdREbTRe5Uq8dNVdFFqEoOQhSjgRgXD6iiuH+5qqxmXGt0AVj9d89tzmimvmlcuUWdB93j7SNDdyCVLleQzOMPiY7otReI22ttJvjw1WQRICHgJzz5O6FqBxIzRoJ3ezEXmk/QhLTt0X5ljfAa6WG/YFW1f9EJfWHLgy/m6PreswPFkwl1NAqIoY273AjpjaemY7cI/ZtmqH0HUQ7+16i+m
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nxp.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 920a481b-10c9-4599-1735-08d79ff68152
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jan 2020 11:22:17.9874
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 
 hIjt/FeZcyZ4on/RLlUtCNDWdVvQYAII/tNW77fABRBZoKjy+RYdMarZtKTxNVvqvUihAU46UOdUULJPzhPotA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR04MB5730
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

Series

add support for TLS1.2 algorithms offload | expand

Commit Message

Pankaj Gupta Jan. 23, 2020, 11:22 a.m. UTC

- aes-128-cbc-hmac-sha256
        - aes-256-cbc-hmac-sha256

Enabled the support of TLS1.1 algorithms offload

        - aes-128-cbc-hmac-sha1
        - aes-256-cbc-hmac-sha1

Signed-off-by: Arun Pathak <arun.pathak@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
---
 drivers/crypto/caam/caamalg_desc.c | 47 ++++++++++++++++++++++++++++--
 drivers/crypto/caam/caamalg_desc.h |  5 ++++
 drivers/crypto/caam/caamalg_qi.c   | 33 +++++++++++++++++++--
 drivers/crypto/caam/caamalg_qi2.c  | 34 +++++++++++++++++++--
 4 files changed, 112 insertions(+), 7 deletions(-)

Comments

Horia Geanta Jan. 23, 2020, 2:47 p.m. UTC | #1

On 1/23/2020 1:22 PM, Pankaj Gupta wrote:
>         - aes-128-cbc-hmac-sha256
>         - aes-256-cbc-hmac-sha256
> 
> Enabled the support of TLS1.1 algorithms offload
> 
>         - aes-128-cbc-hmac-sha1
>         - aes-256-cbc-hmac-sha1
> 
Patch does not apply, since there's no specific tls support
in upstream caam drivers.

caam drivers register crypto algorithms to the crypto API,
and ktls uses whatever it pleases:
https://www.kernel.org/doc/html/latest/networking/tls-offload.html
https://www.kernel.org/doc/html/latest/networking/tls.html

Horia

Pankaj Gupta Jan. 24, 2020, 8 a.m. UTC | #2

Hi Horia,

Thanks for review comment.
Yes, rightly said.

I will re-work and update.

Regards
Pankaj

-----Original Message-----
From: Horia Geanta <horia.geanta@nxp.com> 
Sent: Thursday, January 23, 2020 8:18 PM
To: Pankaj Gupta <pankaj.gupta@nxp.com>; Aymen Sghaier <aymen.sghaier@nxp.com>; Herbert Xu <herbert@gondor.apana.org.au>; David S. Miller <davem@davemloft.net>; linux-crypto@vger.kernel.org; linux-kernel@vger.kernel.org
Cc: Arun Pathak <arun.pathak@nxp.com>
Subject: Re: [PATCH] add support for TLS1.2 algorithms offload

On 1/23/2020 1:22 PM, Pankaj Gupta wrote:
>         - aes-128-cbc-hmac-sha256
>         - aes-256-cbc-hmac-sha256
> 
> Enabled the support of TLS1.1 algorithms offload
> 
>         - aes-128-cbc-hmac-sha1
>         - aes-256-cbc-hmac-sha1
> 
Patch does not apply, since there's no specific tls support in upstream caam drivers.

caam drivers register crypto algorithms to the crypto API, and ktls uses whatever it pleases:
https://www.kernel.org/doc/html/latest/networking/tls-offload.html
https://www.kernel.org/doc/html/latest/networking/tls.html

Horia

diff --git a/drivers/crypto/caam/caamalg_desc.c b/drivers/crypto/caam/caamalg_desc.c
index 0fea15eabf6e..ee9ed9d90530 100644
--- a/drivers/crypto/caam/caamalg_desc.c
+++ b/drivers/crypto/caam/caamalg_desc.c
@@ -643,6 +643,9 @@  void cnstr_shdsc_tls_encap(u32 * const desc, struct alginfo *cdata,
 			   unsigned int blocksize, int era)
 {
 	u32 *key_jump_cmd, *zero_payload_jump_cmd;
+#if TLS1_1_SUPPORT
+	u32 *tls10_jump_cmd, *xplicit_iv_jump_cmd;
+#endif
 	u32 genpad, idx_ld_datasz, idx_ld_pad, stidx;
 
 	/*
@@ -697,15 +700,42 @@  void cnstr_shdsc_tls_encap(u32 * const desc, struct alginfo *cdata,
 	append_operation(desc, cdata->algtype | OP_ALG_AS_INITFINAL |
 			 OP_ALG_ENCRYPT);
 
+#ifdef TLS1_1_SUPPORT
+	/* skip data to the TLS version field in the Assoclen
+	 * IV + 9 bytes of assoclen = 25
+	 */
+	append_seq_fifo_load(desc, 0, FIFOLD_CLASS_SKIP | 25);
+
+	append_cmd(desc, CMD_SEQ_LOAD | LDST_CLASS_DECO |
+		   LDST_SRCDST_WORD_DECO_MATH3 | (6 << LDST_OFFSET_SHIFT) | 2);
+	append_jump(desc, JUMP_TEST_ALL | JUMP_COND_CALM | 1);
+
+	/* rewind input sequence */
+	append_seq_in_ptr(desc, 0, 27, SQIN_RTO);
+#endif
+
+#ifdef TLS1_1_SUPPORT
+	append_math_and_imm_u64(desc, REG1, REG3, IMM, 0xFCFE);
+	xplicit_iv_jump_cmd = append_jump(desc, JUMP_TEST_ALL |
+					    JUMP_COND_MATH_Z);
+	append_math_add_imm_u32(desc, REG2, ZERO, IMM, ivsize);
+	set_jump_tgt_here(desc, xplicit_iv_jump_cmd);
+#endif
+
 	/* payloadlen = input data length - (assoclen + ivlen) */
 	append_math_sub_imm_u32(desc, REG0, SEQINLEN, IMM, assoclen + ivsize);
-
+#ifdef TLS1_1_SUPPORT
+	append_math_sub(desc, REG0, REG0, REG2, 4);
+#endif
 	/* math1 = payloadlen + icvlen */
 	append_math_add_imm_u32(desc, REG1, REG0, IMM, authsize);
+#ifdef TLS1_1_SUPPORT
+	append_math_add(desc, REG1, REG1, REG2, 4);
+#endif
 
 	/* padlen = block_size - math1 % block_size */
-	append_math_and_imm_u32(desc, REG3, REG1, IMM, blocksize - 1);
-	append_math_sub_imm_u32(desc, REG2, IMM, REG3, blocksize);
+	append_math_and_imm_u32(desc, REG2, REG1, IMM, blocksize - 1);
+	append_math_sub_imm_u32(desc, REG2, IMM, REG2, blocksize);
 
 	/* cryptlen = payloadlen + icvlen + padlen */
 	append_math_add(desc, VARSEQOUTLEN, REG1, REG2, 4);
@@ -740,6 +770,17 @@  void cnstr_shdsc_tls_encap(u32 * const desc, struct alginfo *cdata,
 	/* read assoc for authentication */
 	append_seq_fifo_load(desc, assoclen, FIFOLD_CLASS_CLASS2 |
 			     FIFOLD_TYPE_MSG);
+#ifdef TLS1_1_SUPPORT
+	append_math_and_imm_u64(desc, REG2, REG3, IMM, 0xFCFE);
+	tls10_jump_cmd = append_jump(desc, JUMP_TEST_ALL |
+					    JUMP_COND_MATH_Z);
+
+	/* read xplicit iv in case of >TL10 */
+	append_seq_fifo_load(desc, ivsize, FIFOLD_CLASS_CLASS1 |
+				     FIFOLD_TYPE_MSG);
+
+	set_jump_tgt_here(desc, tls10_jump_cmd);
+#endif
 	/* insnoop payload */
 	append_seq_fifo_load(desc, 0, FIFOLD_CLASS_BOTH | FIFOLD_TYPE_MSG |
 			     FIFOLD_TYPE_LAST2 | FIFOLDST_VLF);
diff --git a/drivers/crypto/caam/caamalg_desc.h b/drivers/crypto/caam/caamalg_desc.h
index 99f0d1471d9c..7b4bfd2d7b96 100644
--- a/drivers/crypto/caam/caamalg_desc.h
+++ b/drivers/crypto/caam/caamalg_desc.h
@@ -16,9 +16,14 @@ 
 #define DESC_QI_AEAD_ENC_LEN		(DESC_AEAD_ENC_LEN + 3 * CAAM_CMD_SZ)
 #define DESC_QI_AEAD_DEC_LEN		(DESC_AEAD_DEC_LEN + 3 * CAAM_CMD_SZ)
 #define DESC_QI_AEAD_GIVENC_LEN		(DESC_AEAD_GIVENC_LEN + 3 * CAAM_CMD_SZ)
+#define TLS1_1_SUPPORT			1
 
 #define DESC_TLS_BASE			(4 * CAAM_CMD_SZ)
+#ifdef TLS1_1_SUPPORT
+#define DESC_TLS10_ENC_LEN		(DESC_TLS_BASE + 45  * CAAM_CMD_SZ)
+#else
 #define DESC_TLS10_ENC_LEN		(DESC_TLS_BASE + 29 * CAAM_CMD_SZ)
+#endif
 
 /* Note: Nonce is counted in cdata.keylen */
 #define DESC_AEAD_CTR_RFC3686_LEN	(4 * CAAM_CMD_SZ)
diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c
index fceeef155863..29a354ee960e 100644
--- a/drivers/crypto/caam/caamalg_qi.c
+++ b/drivers/crypto/caam/caamalg_qi.c
@@ -296,8 +296,10 @@  static int tls_set_sh_desc(struct crypto_aead *tls)
 	unsigned int ivsize = crypto_aead_ivsize(tls);
 	unsigned int blocksize = crypto_aead_blocksize(tls);
 	unsigned int assoclen = 13; /* always 13 bytes for TLS */
+#ifndef TLS1_1_SUPPORT
 	unsigned int data_len[2];
 	u32 inl_mask;
+#endif
 	struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctx->jrdev->parent);
 
 	if (!ctx->cdata.keylen || !ctx->authsize)
@@ -308,6 +310,7 @@  static int tls_set_sh_desc(struct crypto_aead *tls)
 	 * Job Descriptor and Shared Descriptor
 	 * must fit into the 64-word Descriptor h/w Buffer
 	 */
+#ifndef TLS1_1_SUPPORT
 	data_len[0] = ctx->adata.keylen_pad;
 	data_len[1] = ctx->cdata.keylen;
 
@@ -327,6 +330,12 @@  static int tls_set_sh_desc(struct crypto_aead *tls)
 
 	ctx->adata.key_inline = !!(inl_mask & 1);
 	ctx->cdata.key_inline = !!(inl_mask & 2);
+#else
+	ctx->adata.key_dma = ctx->key_dma;
+	ctx->cdata.key_dma = ctx->key_dma + ctx->adata.keylen_pad;
+	ctx->adata.key_inline = false;
+	ctx->cdata.key_inline = false;
+#endif
 
 	cnstr_shdsc_tls_encap(ctx->sh_desc_enc, &ctx->cdata, &ctx->adata,
 			      assoclen, ivsize, ctx->authsize, blocksize,
@@ -2847,8 +2856,8 @@  static struct caam_aead_alg driver_aeads[] = {
 	{
 		.aead = {
 			.base = {
-				.cra_name = "tls10(hmac(sha1),cbc(aes))",
-				.cra_driver_name = "tls10-hmac-sha1-cbc-aes-caam-qi",
+				.cra_name = "tls11(hmac(sha1),cbc(aes))",
+				.cra_driver_name = "tls11-hmac-sha1-cbc-aes-caam-qi",
 				.cra_blocksize = AES_BLOCK_SIZE,
 			},
 			.setkey = tls_setkey,
@@ -2862,6 +2871,26 @@  static struct caam_aead_alg driver_aeads[] = {
 			.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
 			.class2_alg_type = OP_ALG_ALGSEL_SHA1 |
 					   OP_ALG_AAI_HMAC_PRECOMP,
+		},
+	},
+	{
+		.aead = {
+			.base = {
+				.cra_name = "tls12(hmac(sha256),cbc(aes))",
+				.cra_driver_name = "tls12-hmac-sha256-cbc-aes-caam-qi",
+				.cra_blocksize = AES_BLOCK_SIZE,
+			},
+			.setkey = tls_setkey,
+			.setauthsize = tls_setauthsize,
+			.encrypt = tls_encrypt,
+			.decrypt = tls_decrypt,
+			.ivsize = AES_BLOCK_SIZE,
+			.maxauthsize = SHA256_DIGEST_SIZE,
+		},
+		.caam = {
+			.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
+			.class2_alg_type = OP_ALG_ALGSEL_SHA256 |
+					   OP_ALG_AAI_HMAC_PRECOMP,
 		}
 	}
 };
diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c
index 5fd86bac5cf6..46e1bbe14ecf 100644
--- a/drivers/crypto/caam/caamalg_qi2.c
+++ b/drivers/crypto/caam/caamalg_qi2.c
@@ -773,8 +773,10 @@  static int tls_set_sh_desc(struct crypto_aead *tls)
 	struct caam_flc *flc;
 	u32 *desc;
 	unsigned int assoclen = 13; /* always 13 bytes for TLS */
+#ifndef TLS1_1_SUPPORT
 	unsigned int data_len[2];
 	u32 inl_mask;
+#endif
 
 	if (!ctx->cdata.keylen || !ctx->authsize)
 		return 0;
@@ -784,6 +786,7 @@  static int tls_set_sh_desc(struct crypto_aead *tls)
 	 * Job Descriptor and Shared Descriptor
 	 * must fit into the 64-word Descriptor h/w Buffer
 	 */
+#ifndef TLS1_1_SUPPORT
 	data_len[0] = ctx->adata.keylen_pad;
 	data_len[1] = ctx->cdata.keylen;
 
@@ -803,6 +806,13 @@  static int tls_set_sh_desc(struct crypto_aead *tls)
 
 	ctx->adata.key_inline = !!(inl_mask & 1);
 	ctx->cdata.key_inline = !!(inl_mask & 2);
+#else
+	ctx->adata.key_dma = ctx->key_dma;
+	ctx->cdata.key_dma = ctx->key_dma + ctx->adata.keylen_pad;
+	ctx->adata.key_inline = false;
+	ctx->cdata.key_inline = false;
+#endif
+
 
 	flc = &ctx->flc[ENCRYPT];
 	desc = flc->sh_desc;
@@ -3362,8 +3372,8 @@  static struct caam_aead_alg driver_aeads[] = {
 	{
 		.aead = {
 			.base = {
-				.cra_name = "tls10(hmac(sha1),cbc(aes))",
-				.cra_driver_name = "tls10-hmac-sha1-cbc-aes-caam-qi2",
+				.cra_name = "tls11(hmac(sha1),cbc(aes))",
+				.cra_driver_name = "tls11-hmac-sha1-cbc-aes-caam-qi2",
 				.cra_blocksize = AES_BLOCK_SIZE,
 			},
 			.setkey = tls_setkey,
@@ -3379,6 +3389,26 @@  static struct caam_aead_alg driver_aeads[] = {
 					   OP_ALG_AAI_HMAC_PRECOMP,
 		},
 	},
+	{
+		.aead = {
+			.base = {
+				.cra_name = "tls12(hmac(sha256),cbc(aes))",
+				.cra_driver_name = "tls12-hmac-sha256-cbc-aes-caam-qi2",
+				.cra_blocksize = AES_BLOCK_SIZE,
+			},
+			.setkey = tls_setkey,
+			.setauthsize = tls_setauthsize,
+			.encrypt = tls_encrypt,
+			.decrypt = tls_decrypt,
+			.ivsize = AES_BLOCK_SIZE,
+			.maxauthsize = SHA256_DIGEST_SIZE,
+		},
+		.caam = {
+			.class1_alg_type = OP_ALG_ALGSEL_AES | OP_ALG_AAI_CBC,
+			.class2_alg_type = OP_ALG_ALGSEL_SHA1 |
+					   OP_ALG_AAI_HMAC_PRECOMP,
+		},
+	},
 };
 
 static void caam_skcipher_alg_init(struct caam_skcipher_alg *t_alg)