Index: sys/arm/conf/ARMADA38X =================================================================== --- sys/arm/conf/ARMADA38X +++ sys/arm/conf/ARMADA38X @@ -35,6 +35,7 @@ device pty device loop device md +device ossl # Serial ports device uart @@ -56,7 +57,6 @@ # Interrupt controllers device gic -device ossl # Timers device mpcore_timer Index: sys/conf/files.arm =================================================================== --- sys/conf/files.arm +++ sys/conf/files.arm @@ -129,6 +129,15 @@ libkern/udivdi3.c standard libkern/umoddi3.c standard +crypto/openssl/ossl_arm.c optional ossl +crypto/openssl/arm/chacha-armv4.S optional ossl +crypto/openssl/arm/poly1305-armv4.S optional ossl +crypto/openssl/arm/sha1-armv4-large.S optional ossl +crypto/openssl/arm/sha256-armv4.S optional ossl +crypto/openssl/arm/sha512-armv4.S optional ossl +crypto/openssl/arm/aes-armv4.S optional ossl +crypto/openssl/arm/bsaes-armv7.S optional ossl + # Annapurna support arm/annapurna/alpine/alpine_ccu.c optional al_ccu fdt arm/annapurna/alpine/alpine_nb_service.c optional al_nb_service fdt Index: sys/crypto/openssl/arm/arm_arch.h =================================================================== --- /dev/null +++ sys/crypto/openssl/arm/arm_arch.h @@ -0,0 +1,84 @@ +/* + * Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_CRYPTO_ARM_ARCH_H +# define OSSL_CRYPTO_ARM_ARCH_H + +# if !defined(__ARM_ARCH__) +# if defined(__CC_ARM) +# define __ARM_ARCH__ __TARGET_ARCH_ARM +# if defined(__BIG_ENDIAN) +# define __ARMEB__ +# else +# define __ARMEL__ +# endif +# elif defined(__GNUC__) +# if defined(__aarch64__) +# define __ARM_ARCH__ 8 +# if __BYTE_ORDER__==__ORDER_BIG_ENDIAN__ +# define __ARMEB__ +# else +# define __ARMEL__ +# endif + /* + * Why doesn't gcc define __ARM_ARCH__? Instead it defines + * bunch of below macros. See all_architectures[] table in + * gcc/config/arm/arm.c. On a side note it defines + * __ARMEL__/__ARMEB__ for little-/big-endian. + */ +# elif defined(__ARM_ARCH) +# define __ARM_ARCH__ __ARM_ARCH +# elif defined(__ARM_ARCH_8A__) +# define __ARM_ARCH__ 8 +# elif defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \ + defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__) || \ + defined(__ARM_ARCH_7EM__) +# define __ARM_ARCH__ 7 +# elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \ + defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__) || \ + defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__) || \ + defined(__ARM_ARCH_6T2__) +# define __ARM_ARCH__ 6 +# elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__) || \ + defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__) || \ + defined(__ARM_ARCH_5TEJ__) +# define __ARM_ARCH__ 5 +# elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__) +# define __ARM_ARCH__ 4 +# else +# error "unsupported ARM architecture" +# endif +# endif +# endif + +# if !defined(__ARM_MAX_ARCH__) +# define __ARM_MAX_ARCH__ __ARM_ARCH__ +# endif + +# if __ARM_MAX_ARCH__<__ARM_ARCH__ +# error "__ARM_MAX_ARCH__ can't be less than __ARM_ARCH__" +# elif __ARM_MAX_ARCH__!=__ARM_ARCH__ +# if __ARM_ARCH__<7 && __ARM_MAX_ARCH__>=7 && defined(__ARMEB__) +# error "can't build universal big-endian binary" +# endif +# endif + +# ifndef __ASSEMBLER__ +extern unsigned int OPENSSL_armcap_P; +# endif + +# define ARMV7_NEON (1<<0) +# define ARMV7_TICK (1<<1) +# define ARMV8_AES (1<<2) +# define ARMV8_SHA1 (1<<3) +# define ARMV8_SHA256 (1<<4) +# define ARMV8_PMULL (1<<5) +# define ARMV8_SHA512 (1<<6) + +#endif Index: sys/crypto/openssl/ossl.h =================================================================== --- sys/crypto/openssl/ossl.h +++ sys/crypto/openssl/ossl.h @@ -51,12 +51,18 @@ }; /* Needs to be big enough to hold any hash context. */ +#if defined (__arm__) +#define CONTEXT_DUMMY_SIZE 512 +#else +#define CONTEXT_DUMMY_SIZE 61 +#endif + struct ossl_hash_context { - uint32_t dummy[61]; + uint32_t dummy[CONTEXT_DUMMY_SIZE]; } __aligned(32); struct ossl_cipher_context { - uint32_t dummy[61]; + uint32_t dummy[CONTEXT_DUMMY_SIZE]; } __aligned(32); struct ossl_session_hash { Index: sys/crypto/openssl/ossl_aes.c =================================================================== --- sys/crypto/openssl/ossl_aes.c +++ sys/crypto/openssl/ossl_aes.c @@ -40,6 +40,8 @@ #include #elif defined (__aarch64__) #include +#elif defined (__arm__) +#include #endif static ossl_cipher_process_t ossl_aes_cbc; @@ -95,7 +97,6 @@ } crypto_read_iv(crp, iv); - /* Derived from ossl_chacha20.c */ crypto_cursor_init(&cc_in, &crp->crp_buf); crypto_cursor_advance(&cc_in, crp->crp_payload_start); Index: sys/crypto/openssl/ossl_arm.h =================================================================== --- /dev/null +++ sys/crypto/openssl/ossl_arm.h @@ -0,0 +1,48 @@ +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef __OSSL_ARM__ +#define __OSSL_ARM__ + +#include +#include + +ossl_cipher_encrypt_t bsaes_cbc_encrypt; + +void AES_encrypt(void *, void *, const void *); + +static void +AES_CBC_ENCRYPT(const unsigned char *in, unsigned char *out, + size_t length, const void *key, unsigned char *iv, int encrypt) +{ + KASSERT(!(length % AES_BLOCK_LEN), "AES_CBC_ENCRYPT: size error"); + if (encrypt) { + size_t i; + + for(i = 0; i < length / AES_BLOCK_LEN; i++){ + uint32_t buf[4]; + int a; + + /* XOR IV with plaintext */ + for (a = 0; a < 4; a++) + buf[a] = ((const uint32_t *)in)[a] ^ + ((const uint32_t *)iv)[a]; + + AES_encrypt(buf, out, (const void*)key); + + /* Ciphertext is our new IV */ + memcpy(iv, out, 16); + in += AES_BLOCK_LEN; + out += AES_BLOCK_LEN; + } + } else + bsaes_cbc_encrypt(in, out, length, key, iv, encrypt); + +} +#endif Index: sys/crypto/openssl/ossl_arm.c =================================================================== --- /dev/null +++ sys/crypto/openssl/ossl_arm.c @@ -0,0 +1,64 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2020 The FreeBSD Foundation + * + * This software was developed by Mitchell Horne + * under sponsorship from the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include +__FBSDID("$FreeBSD$"); + +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include + +ossl_cipher_setkey_t AES_set_encrypt_key; +ossl_cipher_setkey_t AES_set_decrypt_key; + +void +ossl_cpuid(struct ossl_softc *sc) +{ + + if (elf_hwcap & HWCAP_NEON) { + OPENSSL_armcap_P |= ARMV7_NEON; + + sc->has_aes = true; + ossl_cipher_aes_cbc.set_encrypt_key = AES_set_encrypt_key; + ossl_cipher_aes_cbc.set_decrypt_key = AES_set_decrypt_key; + } +} Index: sys/modules/ossl/Makefile =================================================================== --- sys/modules/ossl/Makefile +++ sys/modules/ossl/Makefile @@ -17,6 +17,16 @@ ossl_sha512.c \ ${SRCS.${MACHINE_CPUARCH}} +SRCS.arm= \ + ossl_arm.c \ + chacha-armv4.S \ + poly1305-armv4.S \ + sha1-armv4-large.S \ + sha256-armv4.S \ + sha512-armv4.S \ + aes-armv4.S \ + bsaes-armv7.S + SRCS.aarch64= \ chacha-armv8.S \ poly1305-armv8.S \ Index: sys/opencrypto/cbc_mac.c =================================================================== --- sys/opencrypto/cbc_mac.c +++ sys/opencrypto/cbc_mac.c @@ -32,6 +32,9 @@ #include #include +#include + + /* * Given two CCM_CBC_BLOCK_LEN blocks, xor * them into dst, and then encrypt dst. @@ -116,13 +119,14 @@ * least a full block, encrypt the full block without * copying to the staging block. */ - if (ctx->blockIndex == 0 && length >= CCM_CBC_BLOCK_LEN) { - xor_and_encrypt(ctx, data, ctx->block); - length -= CCM_CBC_BLOCK_LEN; - data += CCM_CBC_BLOCK_LEN; - continue; + if (!(OPENSSL_armcap_P & ARMV7_NEON)) { + if (ctx->blockIndex == 0 && length >= CCM_CBC_BLOCK_LEN) { + xor_and_encrypt(ctx, data, ctx->block); + length -= CCM_CBC_BLOCK_LEN; + data += CCM_CBC_BLOCK_LEN; + continue; + } } - copy_amt = MIN(sizeof(ctx->staging_block) - ctx->blockIndex, length); ptr = ctx->staging_block + ctx->blockIndex;