2
0

e_afalg.c 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864
  1. /*
  2. * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /* Required for vmsplice */
  10. #ifndef _GNU_SOURCE
  11. # define _GNU_SOURCE
  12. #endif
  13. #include <stdio.h>
  14. #include <string.h>
  15. #include <unistd.h>
  16. #include <openssl/engine.h>
  17. #include <openssl/async.h>
  18. #include <openssl/err.h>
  19. #include "internal/nelem.h"
  20. #include <sys/socket.h>
  21. #include <linux/version.h>
  22. #define K_MAJ 4
  23. #define K_MIN1 1
  24. #define K_MIN2 0
  25. #if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) || \
  26. !defined(AF_ALG)
  27. # ifndef PEDANTIC
  28. # warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
  29. # warning "Skipping Compilation of AFALG engine"
  30. # endif
  31. void engine_load_afalg_int(void);
  32. void engine_load_afalg_int(void)
  33. {
  34. }
  35. #else
  36. # include <linux/if_alg.h>
  37. # include <fcntl.h>
  38. # include <sys/utsname.h>
  39. # include <linux/aio_abi.h>
  40. # include <sys/syscall.h>
  41. # include <errno.h>
  42. # include "e_afalg.h"
  43. # include "e_afalg_err.c"
  44. # ifndef SOL_ALG
  45. # define SOL_ALG 279
  46. # endif
  47. # ifdef ALG_ZERO_COPY
  48. # ifndef SPLICE_F_GIFT
  49. # define SPLICE_F_GIFT (0x08)
  50. # endif
  51. # endif
  52. # define ALG_AES_IV_LEN 16
  53. # define ALG_IV_LEN(len) (sizeof(struct af_alg_iv) + (len))
  54. # define ALG_OP_TYPE unsigned int
  55. # define ALG_OP_LEN (sizeof(ALG_OP_TYPE))
  56. #define ALG_MAX_SALG_NAME 64
  57. #define ALG_MAX_SALG_TYPE 14
  58. # ifdef OPENSSL_NO_DYNAMIC_ENGINE
  59. void engine_load_afalg_int(void);
  60. # endif
  61. /* Local Linkage Functions */
  62. static int afalg_init_aio(afalg_aio *aio);
  63. static int afalg_fin_cipher_aio(afalg_aio *ptr, int sfd,
  64. unsigned char *buf, size_t len);
  65. static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype,
  66. const char *ciphername);
  67. static int afalg_destroy(ENGINE *e);
  68. static int afalg_init(ENGINE *e);
  69. static int afalg_finish(ENGINE *e);
  70. static const EVP_CIPHER *afalg_aes_cbc(int nid);
  71. static cbc_handles *get_cipher_handle(int nid);
  72. static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
  73. const int **nids, int nid);
  74. static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
  75. const unsigned char *iv, int enc);
  76. static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
  77. const unsigned char *in, size_t inl);
  78. static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx);
  79. static int afalg_chk_platform(void);
  80. /* Engine Id and Name */
  81. static const char *engine_afalg_id = "afalg";
  82. static const char *engine_afalg_name = "AFALG engine support";
  83. static int afalg_cipher_nids[] = {
  84. NID_aes_128_cbc,
  85. NID_aes_192_cbc,
  86. NID_aes_256_cbc,
  87. };
  88. static cbc_handles cbc_handle[] = {{AES_KEY_SIZE_128, NULL},
  89. {AES_KEY_SIZE_192, NULL},
  90. {AES_KEY_SIZE_256, NULL}};
  91. static ossl_inline int io_setup(unsigned n, aio_context_t *ctx)
  92. {
  93. return syscall(__NR_io_setup, n, ctx);
  94. }
  95. static ossl_inline int eventfd(int n)
  96. {
  97. return syscall(__NR_eventfd2, n, 0);
  98. }
  99. static ossl_inline int io_destroy(aio_context_t ctx)
  100. {
  101. return syscall(__NR_io_destroy, ctx);
  102. }
  103. static ossl_inline int io_read(aio_context_t ctx, long n, struct iocb **iocb)
  104. {
  105. return syscall(__NR_io_submit, ctx, n, iocb);
  106. }
  107. static ossl_inline int io_getevents(aio_context_t ctx, long min, long max,
  108. struct io_event *events,
  109. struct timespec *timeout)
  110. {
  111. return syscall(__NR_io_getevents, ctx, min, max, events, timeout);
  112. }
  113. static void afalg_waitfd_cleanup(ASYNC_WAIT_CTX *ctx, const void *key,
  114. OSSL_ASYNC_FD waitfd, void *custom)
  115. {
  116. close(waitfd);
  117. }
  118. static int afalg_setup_async_event_notification(afalg_aio *aio)
  119. {
  120. ASYNC_JOB *job;
  121. ASYNC_WAIT_CTX *waitctx;
  122. void *custom = NULL;
  123. int ret;
  124. if ((job = ASYNC_get_current_job()) != NULL) {
  125. /* Async mode */
  126. waitctx = ASYNC_get_wait_ctx(job);
  127. if (waitctx == NULL) {
  128. ALG_WARN("%s: ASYNC_get_wait_ctx error", __func__);
  129. return 0;
  130. }
  131. /* Get waitfd from ASYNC_WAIT_CTX if it is already set */
  132. ret = ASYNC_WAIT_CTX_get_fd(waitctx, engine_afalg_id,
  133. &aio->efd, &custom);
  134. if (ret == 0) {
  135. /*
  136. * waitfd is not set in ASYNC_WAIT_CTX, create a new one
  137. * and set it. efd will be signaled when AIO operation completes
  138. */
  139. aio->efd = eventfd(0);
  140. if (aio->efd == -1) {
  141. ALG_PERR("%s: Failed to get eventfd : ", __func__);
  142. AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION,
  143. AFALG_R_EVENTFD_FAILED);
  144. return 0;
  145. }
  146. ret = ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_afalg_id,
  147. aio->efd, custom,
  148. afalg_waitfd_cleanup);
  149. if (ret == 0) {
  150. ALG_WARN("%s: Failed to set wait fd", __func__);
  151. close(aio->efd);
  152. return 0;
  153. }
  154. /* make fd non-blocking in async mode */
  155. if (fcntl(aio->efd, F_SETFL, O_NONBLOCK) != 0) {
  156. ALG_WARN("%s: Failed to set event fd as NONBLOCKING",
  157. __func__);
  158. }
  159. }
  160. aio->mode = MODE_ASYNC;
  161. } else {
  162. /* Sync mode */
  163. aio->efd = eventfd(0);
  164. if (aio->efd == -1) {
  165. ALG_PERR("%s: Failed to get eventfd : ", __func__);
  166. AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION,
  167. AFALG_R_EVENTFD_FAILED);
  168. return 0;
  169. }
  170. aio->mode = MODE_SYNC;
  171. }
  172. return 1;
  173. }
  174. static int afalg_init_aio(afalg_aio *aio)
  175. {
  176. int r = -1;
  177. /* Initialise for AIO */
  178. aio->aio_ctx = 0;
  179. r = io_setup(MAX_INFLIGHTS, &aio->aio_ctx);
  180. if (r < 0) {
  181. ALG_PERR("%s: io_setup error : ", __func__);
  182. AFALGerr(AFALG_F_AFALG_INIT_AIO, AFALG_R_IO_SETUP_FAILED);
  183. return 0;
  184. }
  185. memset(aio->cbt, 0, sizeof(aio->cbt));
  186. aio->efd = -1;
  187. aio->mode = MODE_UNINIT;
  188. return 1;
  189. }
  190. static int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf,
  191. size_t len)
  192. {
  193. int r;
  194. int retry = 0;
  195. unsigned int done = 0;
  196. struct iocb *cb;
  197. struct timespec timeout;
  198. struct io_event events[MAX_INFLIGHTS];
  199. u_int64_t eval = 0;
  200. timeout.tv_sec = 0;
  201. timeout.tv_nsec = 0;
  202. /* if efd has not been initialised yet do it here */
  203. if (aio->mode == MODE_UNINIT) {
  204. r = afalg_setup_async_event_notification(aio);
  205. if (r == 0)
  206. return 0;
  207. }
  208. cb = &(aio->cbt[0 % MAX_INFLIGHTS]);
  209. memset(cb, '\0', sizeof(*cb));
  210. cb->aio_fildes = sfd;
  211. cb->aio_lio_opcode = IOCB_CMD_PREAD;
  212. /*
  213. * The pointer has to be converted to unsigned value first to avoid
  214. * sign extension on cast to 64 bit value in 32-bit builds
  215. */
  216. cb->aio_buf = (size_t)buf;
  217. cb->aio_offset = 0;
  218. cb->aio_data = 0;
  219. cb->aio_nbytes = len;
  220. cb->aio_flags = IOCB_FLAG_RESFD;
  221. cb->aio_resfd = aio->efd;
  222. /*
  223. * Perform AIO read on AFALG socket, this in turn performs an async
  224. * crypto operation in kernel space
  225. */
  226. r = io_read(aio->aio_ctx, 1, &cb);
  227. if (r < 0) {
  228. ALG_PWARN("%s: io_read failed : ", __func__);
  229. return 0;
  230. }
  231. do {
  232. /* While AIO read is being performed pause job */
  233. ASYNC_pause_job();
  234. /* Check for completion of AIO read */
  235. r = read(aio->efd, &eval, sizeof(eval));
  236. if (r < 0) {
  237. if (errno == EAGAIN || errno == EWOULDBLOCK)
  238. continue;
  239. ALG_PERR("%s: read failed for event fd : ", __func__);
  240. return 0;
  241. } else if (r == 0 || eval <= 0) {
  242. ALG_WARN("%s: eventfd read %d bytes, eval = %lu\n", __func__, r,
  243. eval);
  244. }
  245. if (eval > 0) {
  246. /* Get results of AIO read */
  247. r = io_getevents(aio->aio_ctx, 1, MAX_INFLIGHTS,
  248. events, &timeout);
  249. if (r > 0) {
  250. /*
  251. * events.res indicates the actual status of the operation.
  252. * Handle the error condition first.
  253. */
  254. if (events[0].res < 0) {
  255. /*
  256. * Underlying operation cannot be completed at the time
  257. * of previous submission. Resubmit for the operation.
  258. */
  259. if (events[0].res == -EBUSY && retry++ < 3) {
  260. r = io_read(aio->aio_ctx, 1, &cb);
  261. if (r < 0) {
  262. ALG_PERR("%s: retry %d for io_read failed : ",
  263. __func__, retry);
  264. return 0;
  265. }
  266. continue;
  267. } else {
  268. /*
  269. * Retries exceed for -EBUSY or unrecoverable error
  270. * condition for this instance of operation.
  271. */
  272. ALG_WARN
  273. ("%s: Crypto Operation failed with code %lld\n",
  274. __func__, events[0].res);
  275. return 0;
  276. }
  277. }
  278. /* Operation successful. */
  279. done = 1;
  280. } else if (r < 0) {
  281. ALG_PERR("%s: io_getevents failed : ", __func__);
  282. return 0;
  283. } else {
  284. ALG_WARN("%s: io_geteventd read 0 bytes\n", __func__);
  285. }
  286. }
  287. } while (!done);
  288. return 1;
  289. }
  290. static ossl_inline void afalg_set_op_sk(struct cmsghdr *cmsg,
  291. const ALG_OP_TYPE op)
  292. {
  293. cmsg->cmsg_level = SOL_ALG;
  294. cmsg->cmsg_type = ALG_SET_OP;
  295. cmsg->cmsg_len = CMSG_LEN(ALG_OP_LEN);
  296. memcpy(CMSG_DATA(cmsg), &op, ALG_OP_LEN);
  297. }
  298. static void afalg_set_iv_sk(struct cmsghdr *cmsg, const unsigned char *iv,
  299. const unsigned int len)
  300. {
  301. struct af_alg_iv *aiv;
  302. cmsg->cmsg_level = SOL_ALG;
  303. cmsg->cmsg_type = ALG_SET_IV;
  304. cmsg->cmsg_len = CMSG_LEN(ALG_IV_LEN(len));
  305. aiv = (struct af_alg_iv *)CMSG_DATA(cmsg);
  306. aiv->ivlen = len;
  307. memcpy(aiv->iv, iv, len);
  308. }
  309. static ossl_inline int afalg_set_key(afalg_ctx *actx, const unsigned char *key,
  310. const int klen)
  311. {
  312. int ret;
  313. ret = setsockopt(actx->bfd, SOL_ALG, ALG_SET_KEY, key, klen);
  314. if (ret < 0) {
  315. ALG_PERR("%s: Failed to set socket option : ", __func__);
  316. AFALGerr(AFALG_F_AFALG_SET_KEY, AFALG_R_SOCKET_SET_KEY_FAILED);
  317. return 0;
  318. }
  319. return 1;
  320. }
  321. static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype,
  322. const char *ciphername)
  323. {
  324. struct sockaddr_alg sa;
  325. int r = -1;
  326. actx->bfd = actx->sfd = -1;
  327. memset(&sa, 0, sizeof(sa));
  328. sa.salg_family = AF_ALG;
  329. strncpy((char *) sa.salg_type, ciphertype, ALG_MAX_SALG_TYPE);
  330. sa.salg_type[ALG_MAX_SALG_TYPE-1] = '\0';
  331. strncpy((char *) sa.salg_name, ciphername, ALG_MAX_SALG_NAME);
  332. sa.salg_name[ALG_MAX_SALG_NAME-1] = '\0';
  333. actx->bfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
  334. if (actx->bfd == -1) {
  335. ALG_PERR("%s: Failed to open socket : ", __func__);
  336. AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_CREATE_FAILED);
  337. goto err;
  338. }
  339. r = bind(actx->bfd, (struct sockaddr *)&sa, sizeof(sa));
  340. if (r < 0) {
  341. ALG_PERR("%s: Failed to bind socket : ", __func__);
  342. AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_BIND_FAILED);
  343. goto err;
  344. }
  345. actx->sfd = accept(actx->bfd, NULL, 0);
  346. if (actx->sfd < 0) {
  347. ALG_PERR("%s: Socket Accept Failed : ", __func__);
  348. AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_ACCEPT_FAILED);
  349. goto err;
  350. }
  351. return 1;
  352. err:
  353. if (actx->bfd >= 0)
  354. close(actx->bfd);
  355. if (actx->sfd >= 0)
  356. close(actx->sfd);
  357. actx->bfd = actx->sfd = -1;
  358. return 0;
  359. }
  360. static int afalg_start_cipher_sk(afalg_ctx *actx, const unsigned char *in,
  361. size_t inl, const unsigned char *iv,
  362. unsigned int enc)
  363. {
  364. struct msghdr msg = { 0 };
  365. struct cmsghdr *cmsg;
  366. struct iovec iov;
  367. ssize_t sbytes;
  368. # ifdef ALG_ZERO_COPY
  369. int ret;
  370. # endif
  371. char cbuf[CMSG_SPACE(ALG_IV_LEN(ALG_AES_IV_LEN)) + CMSG_SPACE(ALG_OP_LEN)];
  372. memset(cbuf, 0, sizeof(cbuf));
  373. msg.msg_control = cbuf;
  374. msg.msg_controllen = sizeof(cbuf);
  375. /*
  376. * cipher direction (i.e. encrypt or decrypt) and iv are sent to the
  377. * kernel as part of sendmsg()'s ancillary data
  378. */
  379. cmsg = CMSG_FIRSTHDR(&msg);
  380. afalg_set_op_sk(cmsg, enc);
  381. cmsg = CMSG_NXTHDR(&msg, cmsg);
  382. afalg_set_iv_sk(cmsg, iv, ALG_AES_IV_LEN);
  383. /* iov that describes input data */
  384. iov.iov_base = (unsigned char *)in;
  385. iov.iov_len = inl;
  386. msg.msg_flags = MSG_MORE;
  387. # ifdef ALG_ZERO_COPY
  388. /*
  389. * ZERO_COPY mode
  390. * Works best when buffer is 4k aligned
  391. * OPENS: out of place processing (i.e. out != in)
  392. */
  393. /* Input data is not sent as part of call to sendmsg() */
  394. msg.msg_iovlen = 0;
  395. msg.msg_iov = NULL;
  396. /* Sendmsg() sends iv and cipher direction to the kernel */
  397. sbytes = sendmsg(actx->sfd, &msg, 0);
  398. if (sbytes < 0) {
  399. ALG_PERR("%s: sendmsg failed for zero copy cipher operation : ",
  400. __func__);
  401. return 0;
  402. }
  403. /*
  404. * vmsplice and splice are used to pin the user space input buffer for
  405. * kernel space processing avoiding copys from user to kernel space
  406. */
  407. ret = vmsplice(actx->zc_pipe[1], &iov, 1, SPLICE_F_GIFT);
  408. if (ret < 0) {
  409. ALG_PERR("%s: vmsplice failed : ", __func__);
  410. return 0;
  411. }
  412. ret = splice(actx->zc_pipe[0], NULL, actx->sfd, NULL, inl, 0);
  413. if (ret < 0) {
  414. ALG_PERR("%s: splice failed : ", __func__);
  415. return 0;
  416. }
  417. # else
  418. msg.msg_iovlen = 1;
  419. msg.msg_iov = &iov;
  420. /* Sendmsg() sends iv, cipher direction and input data to the kernel */
  421. sbytes = sendmsg(actx->sfd, &msg, 0);
  422. if (sbytes < 0) {
  423. ALG_PERR("%s: sendmsg failed for cipher operation : ", __func__);
  424. return 0;
  425. }
  426. if (sbytes != (ssize_t) inl) {
  427. ALG_WARN("Cipher operation send bytes %zd != inlen %zd\n", sbytes,
  428. inl);
  429. return 0;
  430. }
  431. # endif
  432. return 1;
  433. }
  434. static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
  435. const unsigned char *iv, int enc)
  436. {
  437. int ciphertype;
  438. int ret;
  439. afalg_ctx *actx;
  440. char ciphername[ALG_MAX_SALG_NAME];
  441. if (ctx == NULL || key == NULL) {
  442. ALG_WARN("%s: Null Parameter\n", __func__);
  443. return 0;
  444. }
  445. if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
  446. ALG_WARN("%s: Cipher object NULL\n", __func__);
  447. return 0;
  448. }
  449. actx = EVP_CIPHER_CTX_get_cipher_data(ctx);
  450. if (actx == NULL) {
  451. ALG_WARN("%s: Cipher data NULL\n", __func__);
  452. return 0;
  453. }
  454. ciphertype = EVP_CIPHER_CTX_nid(ctx);
  455. switch (ciphertype) {
  456. case NID_aes_128_cbc:
  457. case NID_aes_192_cbc:
  458. case NID_aes_256_cbc:
  459. strncpy(ciphername, "cbc(aes)", ALG_MAX_SALG_NAME);
  460. break;
  461. default:
  462. ALG_WARN("%s: Unsupported Cipher type %d\n", __func__, ciphertype);
  463. return 0;
  464. }
  465. ciphername[ALG_MAX_SALG_NAME-1]='\0';
  466. if (ALG_AES_IV_LEN != EVP_CIPHER_CTX_iv_length(ctx)) {
  467. ALG_WARN("%s: Unsupported IV length :%d\n", __func__,
  468. EVP_CIPHER_CTX_iv_length(ctx));
  469. return 0;
  470. }
  471. /* Setup AFALG socket for crypto processing */
  472. ret = afalg_create_sk(actx, "skcipher", ciphername);
  473. if (ret < 1)
  474. return 0;
  475. ret = afalg_set_key(actx, key, EVP_CIPHER_CTX_key_length(ctx));
  476. if (ret < 1)
  477. goto err;
  478. /* Setup AIO ctx to allow async AFALG crypto processing */
  479. if (afalg_init_aio(&actx->aio) == 0)
  480. goto err;
  481. # ifdef ALG_ZERO_COPY
  482. pipe(actx->zc_pipe);
  483. # endif
  484. actx->init_done = MAGIC_INIT_NUM;
  485. return 1;
  486. err:
  487. close(actx->sfd);
  488. close(actx->bfd);
  489. return 0;
  490. }
  491. static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
  492. const unsigned char *in, size_t inl)
  493. {
  494. afalg_ctx *actx;
  495. int ret;
  496. char nxtiv[ALG_AES_IV_LEN] = { 0 };
  497. if (ctx == NULL || out == NULL || in == NULL) {
  498. ALG_WARN("NULL parameter passed to function %s\n", __func__);
  499. return 0;
  500. }
  501. actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx);
  502. if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) {
  503. ALG_WARN("%s afalg ctx passed\n",
  504. ctx == NULL ? "NULL" : "Uninitialised");
  505. return 0;
  506. }
  507. /*
  508. * set iv now for decrypt operation as the input buffer can be
  509. * overwritten for inplace operation where in = out.
  510. */
  511. if (EVP_CIPHER_CTX_encrypting(ctx) == 0) {
  512. memcpy(nxtiv, in + (inl - ALG_AES_IV_LEN), ALG_AES_IV_LEN);
  513. }
  514. /* Send input data to kernel space */
  515. ret = afalg_start_cipher_sk(actx, (unsigned char *)in, inl,
  516. EVP_CIPHER_CTX_iv(ctx),
  517. EVP_CIPHER_CTX_encrypting(ctx));
  518. if (ret < 1) {
  519. return 0;
  520. }
  521. /* Perform async crypto operation in kernel space */
  522. ret = afalg_fin_cipher_aio(&actx->aio, actx->sfd, out, inl);
  523. if (ret < 1)
  524. return 0;
  525. if (EVP_CIPHER_CTX_encrypting(ctx)) {
  526. memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out + (inl - ALG_AES_IV_LEN),
  527. ALG_AES_IV_LEN);
  528. } else {
  529. memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), nxtiv, ALG_AES_IV_LEN);
  530. }
  531. return 1;
  532. }
  533. static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx)
  534. {
  535. afalg_ctx *actx;
  536. if (ctx == NULL) {
  537. ALG_WARN("NULL parameter passed to function %s\n", __func__);
  538. return 0;
  539. }
  540. actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx);
  541. if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) {
  542. ALG_WARN("%s afalg ctx passed\n",
  543. ctx == NULL ? "NULL" : "Uninitialised");
  544. return 0;
  545. }
  546. close(actx->sfd);
  547. close(actx->bfd);
  548. # ifdef ALG_ZERO_COPY
  549. close(actx->zc_pipe[0]);
  550. close(actx->zc_pipe[1]);
  551. # endif
  552. /* close efd in sync mode, async mode is closed in afalg_waitfd_cleanup() */
  553. if (actx->aio.mode == MODE_SYNC)
  554. close(actx->aio.efd);
  555. io_destroy(actx->aio.aio_ctx);
  556. return 1;
  557. }
  558. static cbc_handles *get_cipher_handle(int nid)
  559. {
  560. switch (nid) {
  561. case NID_aes_128_cbc:
  562. return &cbc_handle[AES_CBC_128];
  563. case NID_aes_192_cbc:
  564. return &cbc_handle[AES_CBC_192];
  565. case NID_aes_256_cbc:
  566. return &cbc_handle[AES_CBC_256];
  567. default:
  568. return NULL;
  569. }
  570. }
  571. static const EVP_CIPHER *afalg_aes_cbc(int nid)
  572. {
  573. cbc_handles *cipher_handle = get_cipher_handle(nid);
  574. if (cipher_handle->_hidden == NULL
  575. && ((cipher_handle->_hidden =
  576. EVP_CIPHER_meth_new(nid,
  577. AES_BLOCK_SIZE,
  578. cipher_handle->key_size)) == NULL
  579. || !EVP_CIPHER_meth_set_iv_length(cipher_handle->_hidden,
  580. AES_IV_LEN)
  581. || !EVP_CIPHER_meth_set_flags(cipher_handle->_hidden,
  582. EVP_CIPH_CBC_MODE |
  583. EVP_CIPH_FLAG_DEFAULT_ASN1)
  584. || !EVP_CIPHER_meth_set_init(cipher_handle->_hidden,
  585. afalg_cipher_init)
  586. || !EVP_CIPHER_meth_set_do_cipher(cipher_handle->_hidden,
  587. afalg_do_cipher)
  588. || !EVP_CIPHER_meth_set_cleanup(cipher_handle->_hidden,
  589. afalg_cipher_cleanup)
  590. || !EVP_CIPHER_meth_set_impl_ctx_size(cipher_handle->_hidden,
  591. sizeof(afalg_ctx)))) {
  592. EVP_CIPHER_meth_free(cipher_handle->_hidden);
  593. cipher_handle->_hidden= NULL;
  594. }
  595. return cipher_handle->_hidden;
  596. }
  597. static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
  598. const int **nids, int nid)
  599. {
  600. int r = 1;
  601. if (cipher == NULL) {
  602. *nids = afalg_cipher_nids;
  603. return (sizeof(afalg_cipher_nids) / sizeof(afalg_cipher_nids[0]));
  604. }
  605. switch (nid) {
  606. case NID_aes_128_cbc:
  607. case NID_aes_192_cbc:
  608. case NID_aes_256_cbc:
  609. *cipher = afalg_aes_cbc(nid);
  610. break;
  611. default:
  612. *cipher = NULL;
  613. r = 0;
  614. }
  615. return r;
  616. }
  617. static int bind_afalg(ENGINE *e)
  618. {
  619. /* Ensure the afalg error handling is set up */
  620. unsigned short i;
  621. ERR_load_AFALG_strings();
  622. if (!ENGINE_set_id(e, engine_afalg_id)
  623. || !ENGINE_set_name(e, engine_afalg_name)
  624. || !ENGINE_set_destroy_function(e, afalg_destroy)
  625. || !ENGINE_set_init_function(e, afalg_init)
  626. || !ENGINE_set_finish_function(e, afalg_finish)) {
  627. AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED);
  628. return 0;
  629. }
  630. /*
  631. * Create _hidden_aes_xxx_cbc by calling afalg_aes_xxx_cbc
  632. * now, as bind_aflag can only be called by one thread at a
  633. * time.
  634. */
  635. for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) {
  636. if (afalg_aes_cbc(afalg_cipher_nids[i]) == NULL) {
  637. AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED);
  638. return 0;
  639. }
  640. }
  641. if (!ENGINE_set_ciphers(e, afalg_ciphers)) {
  642. AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED);
  643. return 0;
  644. }
  645. return 1;
  646. }
  647. # ifndef OPENSSL_NO_DYNAMIC_ENGINE
  648. static int bind_helper(ENGINE *e, const char *id)
  649. {
  650. if (id && (strcmp(id, engine_afalg_id) != 0))
  651. return 0;
  652. if (!afalg_chk_platform())
  653. return 0;
  654. if (!bind_afalg(e))
  655. return 0;
  656. return 1;
  657. }
  658. IMPLEMENT_DYNAMIC_CHECK_FN()
  659. IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
  660. # endif
  661. static int afalg_chk_platform(void)
  662. {
  663. int ret;
  664. int i;
  665. int kver[3] = { -1, -1, -1 };
  666. int sock;
  667. char *str;
  668. struct utsname ut;
  669. ret = uname(&ut);
  670. if (ret != 0) {
  671. AFALGerr(AFALG_F_AFALG_CHK_PLATFORM,
  672. AFALG_R_FAILED_TO_GET_PLATFORM_INFO);
  673. return 0;
  674. }
  675. str = strtok(ut.release, ".");
  676. for (i = 0; i < 3 && str != NULL; i++) {
  677. kver[i] = atoi(str);
  678. str = strtok(NULL, ".");
  679. }
  680. if (KERNEL_VERSION(kver[0], kver[1], kver[2])
  681. < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)) {
  682. ALG_ERR("ASYNC AFALG not supported this kernel(%d.%d.%d)\n",
  683. kver[0], kver[1], kver[2]);
  684. ALG_ERR("ASYNC AFALG requires kernel version %d.%d.%d or later\n",
  685. K_MAJ, K_MIN1, K_MIN2);
  686. AFALGerr(AFALG_F_AFALG_CHK_PLATFORM,
  687. AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG);
  688. return 0;
  689. }
  690. /* Test if we can actually create an AF_ALG socket */
  691. sock = socket(AF_ALG, SOCK_SEQPACKET, 0);
  692. if (sock == -1) {
  693. AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, AFALG_R_SOCKET_CREATE_FAILED);
  694. return 0;
  695. }
  696. close(sock);
  697. return 1;
  698. }
  699. # ifdef OPENSSL_NO_DYNAMIC_ENGINE
  700. static ENGINE *engine_afalg(void)
  701. {
  702. ENGINE *ret = ENGINE_new();
  703. if (ret == NULL)
  704. return NULL;
  705. if (!bind_afalg(ret)) {
  706. ENGINE_free(ret);
  707. return NULL;
  708. }
  709. return ret;
  710. }
  711. void engine_load_afalg_int(void)
  712. {
  713. ENGINE *toadd;
  714. if (!afalg_chk_platform())
  715. return;
  716. toadd = engine_afalg();
  717. if (toadd == NULL)
  718. return;
  719. ENGINE_add(toadd);
  720. ENGINE_free(toadd);
  721. ERR_clear_error();
  722. }
  723. # endif
  724. static int afalg_init(ENGINE *e)
  725. {
  726. return 1;
  727. }
  728. static int afalg_finish(ENGINE *e)
  729. {
  730. return 1;
  731. }
  732. static int free_cbc(void)
  733. {
  734. short unsigned int i;
  735. for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) {
  736. EVP_CIPHER_meth_free(cbc_handle[i]._hidden);
  737. cbc_handle[i]._hidden = NULL;
  738. }
  739. return 1;
  740. }
  741. static int afalg_destroy(ENGINE *e)
  742. {
  743. ERR_unload_AFALG_strings();
  744. free_cbc();
  745. return 1;
  746. }
  747. #endif /* KERNEL VERSION */