From owner-svn-src-head@FreeBSD.ORG Fri Jul 23 11:00:46 2010 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 652541065675; Fri, 23 Jul 2010 11:00:46 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 525798FC1B; Fri, 23 Jul 2010 11:00:46 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o6NB0kDo069162; Fri, 23 Jul 2010 11:00:46 GMT (envelope-from kib@svn.freebsd.org) Received: (from kib@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o6NB0kcK069153; Fri, 23 Jul 2010 11:00:46 GMT (envelope-from kib@svn.freebsd.org) Message-Id: <201007231100.o6NB0kcK069153@svn.freebsd.org> From: Konstantin Belousov Date: Fri, 23 Jul 2010 11:00:46 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r210409 - in head/sys: conf crypto/aesni modules modules/aesni X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jul 2010 11:00:46 -0000 Author: kib Date: Fri Jul 23 11:00:46 2010 New Revision: 210409 URL: http://svn.freebsd.org/changeset/base/210409 Log: Crypto(4) driver for AESNI. The aeskeys_{amd64,i386}.S content was mostly obtained from OpenBSD, no objections to the license from core. Hardware provided by: Sentex Communications Tested by: fabient, pho (previous versions) MFC after: 1 month Added: head/sys/crypto/aesni/ head/sys/crypto/aesni/aesencdec_amd64.S (contents, props changed) head/sys/crypto/aesni/aesencdec_i386.S (contents, props changed) head/sys/crypto/aesni/aeskeys_amd64.S (contents, props changed) head/sys/crypto/aesni/aeskeys_i386.S (contents, props changed) head/sys/crypto/aesni/aesni.c (contents, props changed) head/sys/crypto/aesni/aesni.h (contents, props changed) head/sys/crypto/aesni/aesni_wrap.c (contents, props changed) head/sys/modules/aesni/ head/sys/modules/aesni/Makefile (contents, props changed) Modified: head/sys/conf/files.amd64 head/sys/conf/files.i386 head/sys/modules/Makefile Modified: head/sys/conf/files.amd64 ============================================================================== --- head/sys/conf/files.amd64 Fri Jul 23 11:00:43 2010 (r210408) +++ head/sys/conf/files.amd64 Fri Jul 23 11:00:46 2010 (r210409) @@ -138,6 +138,10 @@ amd64/amd64/uma_machdep.c standard amd64/amd64/vm_machdep.c standard amd64/pci/pci_bus.c optional pci amd64/pci/pci_cfgreg.c optional pci +crypto/aesni/aesencdec_amd64.S optional aesni +crypto/aesni/aeskeys_amd64.S optional aesni +crypto/aesni/aesni.c optional aesni +crypto/aesni/aesni_wrap.c optional aesni crypto/blowfish/bf_enc.c optional crypto | ipsec crypto/des/des_enc.c optional crypto | ipsec | netsmb crypto/via/padlock.c optional padlock Modified: head/sys/conf/files.i386 ============================================================================== --- head/sys/conf/files.i386 Fri Jul 23 11:00:43 2010 (r210408) +++ head/sys/conf/files.i386 Fri Jul 23 11:00:46 2010 (r210409) @@ -112,6 +112,10 @@ bf_enc.o optional crypto | ipsec \ dependency "$S/crypto/blowfish/arch/i386/bf_enc.S $S/crypto/blowfish/arch/i386/bf_enc_586.S $S/crypto/blowfish/arch/i386/bf_enc_686.S" \ compile-with "${CC} -c -I$S/crypto/blowfish/arch/i386 ${ASM_CFLAGS} ${WERROR} ${.IMPSRC}" \ no-implicit-rule +crypto/aesni/aesencdec_i386.S optional aesni +crypto/aesni/aeskeys_i386.S optional aesni +crypto/aesni/aesni.c optional aesni +crypto/aesni/aesni_wrap.c optional aesni crypto/des/arch/i386/des_enc.S optional crypto | ipsec | netsmb crypto/via/padlock.c optional padlock crypto/via/padlock_cipher.c optional padlock Added: head/sys/crypto/aesni/aesencdec_amd64.S ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/aesni/aesencdec_amd64.S Fri Jul 23 11:00:46 2010 (r210409) @@ -0,0 +1,135 @@ +/*- + * Copyright (c) 2010 Konstantin Belousov + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + + .text + +ENTRY(aesni_enc) + .cfi_startproc + movdqu (%rdx),%xmm0 + cmpq $0,%r8 + je 1f + movdqu (%r8),%xmm1 /* unaligned load into reg */ + pxor %xmm1,%xmm0 /* pxor otherwise can fault on iv */ +1: + pxor (%rsi),%xmm0 +2: + addq $0x10,%rsi +// aesenc (%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xdc,0x06 + decl %edi + jne 2b + addq $0x10,%rsi +// aesenclast (%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xdd,0x06 + movdqu %xmm0,(%rcx) + retq + .cfi_endproc +END(aesni_enc) + +ENTRY(aesni_dec) + .cfi_startproc + movdqu (%rdx),%xmm0 + pxor (%rsi),%xmm0 +1: + addq $0x10,%rsi +// aesdec (%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x06 + decl %edi + jne 1b + addq $0x10,%rsi +// aesdeclast (%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xdf,0x06 + cmpq $0,%r8 + je 2f + movdqu (%r8),%xmm1 + pxor %xmm1,%xmm0 +2: + movdqu %xmm0,(%rcx) + retq + .cfi_endproc +END(aesni_dec) + +ENTRY(aesni_decrypt_cbc) + .cfi_startproc + shrq $4,%rdx + movdqu (%r8),%xmm1 +1: + movdqu (%rcx),%xmm0 + movdqa %xmm0,%xmm2 + pxor (%rsi),%xmm0 + cmpl $12,%edi +// aesdec 0x10(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x46,0x10 +// aesdec 0x20(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x46,0x20 +// aesdec 0x30(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x46,0x30 +// aesdec 0x40(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x46,0x40 +// aesdec 0x50(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x46,0x50 +// aesdec 0x60(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x46,0x60 +// aesdec 0x70(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x46,0x70 +// aesdec 0x80(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x86,0x80,0x00,0x00,0x00 +// aesdec 0x90(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x86,0x90,0x00,0x00,0x00 + jge 2f +// aesdeclast 0xa0(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xdf,0x86,0xa0,0x00,0x00,0x00 + jmp 4f +2: +// aesdec 0xa0(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x86,0xa0,0x00,0x00,0x00 +// aesdec 0xb0(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x86,0xb0,0x00,0x00,0x00 + jg 3f +// aesdeclast 0xc0(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xdf,0x86,0xc0,0x00,0x00,0x00 + jmp 4f +3: +// aesdec 0xc0(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x86,0xc0,0x00,0x00,0x00 +// aesdec 0xd0(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x86,0xd0,0x00,0x00,0x00 +// aesdeclast 0xe0(%rsi),%xmm0 + .byte 0x66,0x0f,0x38,0xdf,0x86,0xe0,0x00,0x00,0x00 +4: + pxor %xmm1,%xmm0 + movdqu %xmm0,(%rcx) + movdqa %xmm2,%xmm1 // iv + addq $0x10,%rcx + decq %rdx + jne 1b + retq + .cfi_endproc +END(aesni_decrypt_cbc) + + .ident "$FreeBSD$" Added: head/sys/crypto/aesni/aesencdec_i386.S ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/aesni/aesencdec_i386.S Fri Jul 23 11:00:46 2010 (r210409) @@ -0,0 +1,166 @@ +/*- + * Copyright (c) 2010 Konstantin Belousov + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +ENTRY(aesni_enc) + .cfi_startproc + pushl %ebp + .cfi_adjust_cfa_offset 4 + movl %esp,%ebp + movl 8(%ebp),%ecx /* rounds */ + movl 16(%ebp),%edx + movdqu (%edx),%xmm0 /* from */ + movl 24(%ebp),%eax /* iv */ + cmpl $0,%eax + je 1f + movdqu (%eax),%xmm1 + pxor %xmm1,%xmm0 +1: + movl 12(%ebp),%eax /* key */ + pxor (%eax),%xmm0 +2: + addl $0x10,%eax +// aesenc (%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xdc,0x00 + loopne 2b + addl $0x10,%eax +// aesenclast (%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xdd,0x00 + movl 20(%ebp),%eax + movdqu %xmm0,(%eax) /* to */ + leave + .cfi_adjust_cfa_offset -4 + retl + .cfi_endproc +END(aesni_enc) + +ENTRY(aesni_dec) + .cfi_startproc + pushl %ebp + .cfi_adjust_cfa_offset 4 + movl %esp,%ebp + movl 8(%ebp),%ecx /* rounds */ + movl 16(%ebp),%edx + movdqu (%edx),%xmm0 /* from */ + movl 12(%ebp),%eax /* key */ + pxor (%eax),%xmm0 +1: + addl $0x10,%eax +// aesdec (%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x00 + loopne 1b + addl $0x10,%eax +// aesdeclast (%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xdf,0x00 + movl 24(%ebp),%eax + cmpl $0,%eax /* iv */ + je 2f + movdqu (%eax),%xmm1 + pxor %xmm1,%xmm0 +2: + movl 20(%ebp),%eax + movdqu %xmm0,(%eax) /* to */ + leave + .cfi_adjust_cfa_offset -4 + retl + .cfi_endproc +END(aesni_dec) + +ENTRY(aesni_decrypt_cbc) + .cfi_startproc + pushl %ebp + .cfi_adjust_cfa_offset 4 + movl %esp,%ebp + pushl %ebx + pushl %esi + movl 12(%ebp),%eax /* key */ + movl 16(%ebp),%ecx /* length */ + shrl $4,%ecx + movl 20(%ebp),%ebx /* buf */ + movl 24(%ebp),%esi + movdqu (%esi),%xmm1 /* iv */ + movl 8(%ebp),%esi /* rounds */ +1: + movdqu (%ebx),%xmm0 + movdqa %xmm0,%xmm2 + pxor (%eax),%xmm0 + cmpl $12,%esi +// aesdec 0x10(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x40,0x10 +// aesdec 0x20(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x40,0x20 +// aesdec 0x30(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x40,0x30 +// aesdec 0x40(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x40,0x40 +// aesdec 0x50(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x40,0x50 +// aesdec 0x60(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x40,0x60 +// aesdec 0x70(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x40,0x70 +// aesdec 0x80(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x80,0x80,0x00,0x00,0x00 +// aesdec 0x90(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x80,0x90,0x00,0x00,0x00 + jge 2f +// aesdeclast 0xa0(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xdf,0x80,0xa0,0x00,0x00,0x00 + jmp 4f +2: +// aesdec 0xa0(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x80,0xa0,0x00,0x00,0x00 +// aesdec 0xb0(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x80,0xb0,0x00,0x00,0x00 + jg 3f +// aesdeclast 0xc0(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xdf,0x80,0xc0,0x00,0x00,0x00 + jmp 4f +3: +// aesdec 0xc0(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x80,0xc0,0x00,0x00,0x00 +// aesdec 0xd0(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xde,0x80,0xd0,0x00,0x00,0x00 +// aesdeclast 0xe0(%eax),%xmm0 + .byte 0x66,0x0f,0x38,0xdf,0x80,0xe0,0x00,0x00,0x00 +4: + pxor %xmm1,%xmm0 + movdqu %xmm0,(%ebx) + movdqa %xmm2,%xmm1 + addl $0x10,%ebx + decl %ecx + jne 1b + + popl %esi + popl %ebx + leave + .cfi_adjust_cfa_offset -4 + retl + .cfi_endproc +END(aesni_decrypt_cbc) + + .ident "$FreeBSD$" Added: head/sys/crypto/aesni/aeskeys_amd64.S ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/aesni/aeskeys_amd64.S Fri Jul 23 11:00:46 2010 (r210409) @@ -0,0 +1,255 @@ +/*- +* The white paper of AES-NI instructions can be downloaded from: + * http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf + * + * Copyright (C) 2008-2010, Intel Corporation + * Author: Huang Ying + * Vinodh Gopal + * Kahraman Akdemir + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the + * distribution. + * + * - Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products + * derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include + + .text + +ENTRY(_key_expansion_128) +_key_expansion_256a: + .cfi_startproc + pshufd $0b11111111,%xmm1,%xmm1 + shufps $0b00010000,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + shufps $0b10001100,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + pxor %xmm1,%xmm0 + movaps %xmm0,(%rsi) + addq $0x10,%rsi + retq + .cfi_endproc +END(_key_expansion_128) + +ENTRY(_key_expansion_192a) + .cfi_startproc + pshufd $0b01010101,%xmm1,%xmm1 + shufps $0b00010000,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + shufps $0b10001100,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + pxor %xmm1,%xmm0 + movaps %xmm2,%xmm5 + movaps %xmm2,%xmm6 + pslldq $4,%xmm5 + pshufd $0b11111111,%xmm0,%xmm3 + pxor %xmm3,%xmm2 + pxor %xmm5,%xmm2 + movaps %xmm0,%xmm1 + shufps $0b01000100,%xmm0,%xmm6 + movaps %xmm6,(%rsi) + shufps $0b01001110,%xmm2,%xmm1 + movaps %xmm1,0x10(%rsi) + addq $0x20,%rsi + retq + .cfi_endproc +END(_key_expansion_192a) + +ENTRY(_key_expansion_192b) + .cfi_startproc + pshufd $0b01010101,%xmm1,%xmm1 + shufps $0b00010000,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + shufps $0b10001100,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + pxor %xmm1,%xmm0 + movaps %xmm2,%xmm5 + pslldq $4,%xmm5 + pshufd $0b11111111,%xmm0,%xmm3 + pxor %xmm3,%xmm2 + pxor %xmm5,%xmm2 + movaps %xmm0,(%rsi) + addq $0x10,%rsi + retq + .cfi_endproc +END(_key_expansion_192b) + +ENTRY(_key_expansion_256b) + .cfi_startproc + pshufd $0b10101010,%xmm1,%xmm1 + shufps $0b00010000,%xmm2,%xmm4 + pxor %xmm4,%xmm2 + shufps $0b10001100,%xmm2,%xmm4 + pxor %xmm4,%xmm2 + pxor %xmm1,%xmm2 + movaps %xmm2,(%rsi) + addq $0x10,%rsi + retq + .cfi_endproc +END(_key_expansion_256b) + +ENTRY(aesni_set_enckey) + .cfi_startproc + movups (%rdi),%xmm0 # user key (first 16 bytes) + movaps %xmm0,(%rsi) + addq $0x10,%rsi # key addr + pxor %xmm4,%xmm4 # xmm4 is assumed 0 in _key_expansion_x + cmpl $12,%edx + jb .Lenc_key128 + je .Lenc_key192 + movups 0x10(%rdi),%xmm2 # other user key + movaps %xmm2,(%rsi) + addq $0x10,%rsi +// aeskeygenassist $0x1,%xmm2,%xmm1 # round 1 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x01 + call _key_expansion_256a +// aeskeygenassist $0x1,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x01 + call _key_expansion_256b +// aeskeygenassist $0x2,%xmm2,%xmm1 # round 2 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x02 + call _key_expansion_256a +// aeskeygenassist $0x2,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x02 + call _key_expansion_256b +// aeskeygenassist $0x4,%xmm2,%xmm1 # round 3 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x04 + call _key_expansion_256a +// aeskeygenassist $0x4,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x04 + call _key_expansion_256b +// aeskeygenassist $0x8,%xmm2,%xmm1 # round 4 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x08 + call _key_expansion_256a +// aeskeygenassist $0x8,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x08 + call _key_expansion_256b +// aeskeygenassist $0x10,%xmm2,%xmm1 # round 5 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x10 + call _key_expansion_256a +// aeskeygenassist $0x10,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x10 + call _key_expansion_256b +// aeskeygenassist $0x20,%xmm2,%xmm1 # round 6 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 + call _key_expansion_256a +// aeskeygenassist $0x20,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20 + call _key_expansion_256b +// aeskeygenassist $0x40,%xmm2,%xmm1 # round 7 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 + call _key_expansion_256a + retq +.Lenc_key192: + movq 0x10(%rdi),%xmm2 # other user key +// aeskeygenassist $0x1,%xmm2,%xmm1 # round 1 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x01 + call _key_expansion_192a +// aeskeygenassist $0x2,%xmm2,%xmm1 # round 2 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x02 + call _key_expansion_192b +// aeskeygenassist $0x4,%xmm2,%xmm1 # round 3 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x04 + call _key_expansion_192a +// aeskeygenassist $0x8,%xmm2,%xmm1 # round 4 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x08 + call _key_expansion_192b +// aeskeygenassist $0x10,%xmm2,%xmm1 # round 5 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x10 + call _key_expansion_192a +// aeskeygenassist $0x20,%xmm2,%xmm1 # round 6 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 + call _key_expansion_192b +// aeskeygenassist $0x40,%xmm2,%xmm1 # round 7 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x40 + call _key_expansion_192a +// aeskeygenassist $0x80,%xmm2,%xmm1 # round 8 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x80 + call _key_expansion_192b + retq +.Lenc_key128: +// aeskeygenassist $0x1,%xmm0,%xmm1 # round 1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x01 + call _key_expansion_128 +// aeskeygenassist $0x2,%xmm0,%xmm1 # round 2 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x02 + call _key_expansion_128 +// aeskeygenassist $0x4,%xmm0,%xmm1 # round 3 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x04 + call _key_expansion_128 +// aeskeygenassist $0x8,%xmm0,%xmm1 # round 4 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x08 + call _key_expansion_128 +// aeskeygenassist $0x10,%xmm0,%xmm1 # round 5 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x10 + call _key_expansion_128 +// aeskeygenassist $0x20,%xmm0,%xmm1 # round 6 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20 + call _key_expansion_128 +// aeskeygenassist $0x40,%xmm0,%xmm1 # round 7 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x40 + call _key_expansion_128 +// aeskeygenassist $0x80,%xmm0,%xmm1 # round 8 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x80 + call _key_expansion_128 +// aeskeygenassist $0x1b,%xmm0,%xmm1 # round 9 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x1b + call _key_expansion_128 +// aeskeygenassist $0x36,%xmm0,%xmm1 # round 10 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x36 + call _key_expansion_128 + retq + .cfi_endproc +END(aesni_set_enckey) + +ENTRY(aesni_set_deckey) + .cfi_startproc + movslq %edx,%rax + shlq $4,%rax + addq %rax,%rdi + movdqa (%rdi),%xmm0 + movdqa %xmm0,(%rsi) + decl %edx +1: + addq $0x10,%rsi + subq $0x10,%rdi +// aesimc (%rdi),%xmm1 + .byte 0x66,0x0f,0x38,0xdb,0x0f + movdqa %xmm1,(%rsi) + decl %edx + jne 1b + + addq $0x10,%rsi + subq $0x10,%rdi + movdqa (%rdi),%xmm0 + movdqa %xmm0,(%rsi) + retq + .cfi_endproc +END(aesni_set_deckey) + + .ident "$FreeBSD$" Added: head/sys/crypto/aesni/aeskeys_i386.S ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/aesni/aeskeys_i386.S Fri Jul 23 11:00:46 2010 (r210409) @@ -0,0 +1,273 @@ +/*- +* The white paper of AES-NI instructions can be downloaded from: + * http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf + * + * Copyright (C) 2008-2010, Intel Corporation + * Author: Huang Ying + * Vinodh Gopal + * Kahraman Akdemir + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the + * distribution. + * + * - Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products + * derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include + + .text + +ENTRY(_key_expansion_128) +_key_expansion_256a: + .cfi_startproc + pshufd $0b11111111,%xmm1,%xmm1 + shufps $0b00010000,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + shufps $0b10001100,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + pxor %xmm1,%xmm0 + movaps %xmm0,(%edx) + addl $0x10,%edx + retq + .cfi_endproc +END(_key_expansion_128) + +ENTRY(_key_expansion_192a) + .cfi_startproc + pshufd $0b01010101,%xmm1,%xmm1 + shufps $0b00010000,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + shufps $0b10001100,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + pxor %xmm1,%xmm0 + movaps %xmm2,%xmm5 + movaps %xmm2,%xmm6 + pslldq $4,%xmm5 + pshufd $0b11111111,%xmm0,%xmm3 + pxor %xmm3,%xmm2 + pxor %xmm5,%xmm2 + movaps %xmm0,%xmm1 + shufps $0b01000100,%xmm0,%xmm6 + movaps %xmm6,(%edx) + shufps $0b01001110,%xmm2,%xmm1 + movaps %xmm1,0x10(%edx) + addl $0x20,%edx + retq + .cfi_endproc +END(_key_expansion_192a) + +ENTRY(_key_expansion_192b) + .cfi_startproc + pshufd $0b01010101,%xmm1,%xmm1 + shufps $0b00010000,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + shufps $0b10001100,%xmm0,%xmm4 + pxor %xmm4,%xmm0 + pxor %xmm1,%xmm0 + movaps %xmm2,%xmm5 + pslldq $4,%xmm5 + pshufd $0b11111111,%xmm0,%xmm3 + pxor %xmm3,%xmm2 + pxor %xmm5,%xmm2 + movaps %xmm0,(%edx) + addl $0x10,%edx + retl + .cfi_endproc +END(_key_expansion_192b) + +ENTRY(_key_expansion_256b) + .cfi_startproc + pshufd $0b10101010,%xmm1,%xmm1 + shufps $0b00010000,%xmm2,%xmm4 + pxor %xmm4,%xmm2 + shufps $0b10001100,%xmm2,%xmm4 + pxor %xmm4,%xmm2 + pxor %xmm1,%xmm2 + movaps %xmm2,(%edx) + addl $0x10,%edx + retl + .cfi_endproc +END(_key_expansion_256b) + +ENTRY(aesni_set_enckey) + .cfi_startproc + pushl %ebp + .cfi_adjust_cfa_offset 4 + movl %esp,%ebp + movl 8(%ebp),%ecx + movl 12(%ebp),%edx + movups (%ecx),%xmm0 # user key (first 16 bytes) + movaps %xmm0,(%edx) + addl $0x10,%edx # key addr + pxor %xmm4,%xmm4 # xmm4 is assumed 0 in _key_expansion_x + cmpl $12,16(%ebp) # rounds + jb .Lenc_key128 + je .Lenc_key192 + movups 0x10(%ecx),%xmm2 # other user key + movaps %xmm2,(%edx) + addl $0x10,%edx +// aeskeygenassist $0x1,%xmm2,%xmm1 # round 1 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x01 + call _key_expansion_256a +// aeskeygenassist $0x1,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x01 + call _key_expansion_256b +// aeskeygenassist $0x2,%xmm2,%xmm1 # round 2 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x02 + call _key_expansion_256a +// aeskeygenassist $0x2,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x02 + call _key_expansion_256b +// aeskeygenassist $0x4,%xmm2,%xmm1 # round 3 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x04 + call _key_expansion_256a +// aeskeygenassist $0x4,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x04 + call _key_expansion_256b +// aeskeygenassist $0x8,%xmm2,%xmm1 # round 4 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x08 + call _key_expansion_256a +// aeskeygenassist $0x8,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x08 + call _key_expansion_256b +// aeskeygenassist $0x10,%xmm2,%xmm1 # round 5 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x10 + call _key_expansion_256a +// aeskeygenassist $0x10,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x10 + call _key_expansion_256b +// aeskeygenassist $0x20,%xmm2,%xmm1 # round 6 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 + call _key_expansion_256a +// aeskeygenassist $0x20,%xmm0,%xmm1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20 + call _key_expansion_256b +// aeskeygenassist $0x40,%xmm2,%xmm1 # round 7 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 + call _key_expansion_256a + .cfi_adjust_cfa_offset -4 + leave + retl +.Lenc_key192: + movq 0x10(%ecx),%xmm2 # other user key +// aeskeygenassist $0x1,%xmm2,%xmm1 # round 1 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x01 + call _key_expansion_192a +// aeskeygenassist $0x2,%xmm2,%xmm1 # round 2 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x02 + call _key_expansion_192b +// aeskeygenassist $0x4,%xmm2,%xmm1 # round 3 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x04 + call _key_expansion_192a +// aeskeygenassist $0x8,%xmm2,%xmm1 # round 4 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x08 + call _key_expansion_192b +// aeskeygenassist $0x10,%xmm2,%xmm1 # round 5 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x10 + call _key_expansion_192a +// aeskeygenassist $0x20,%xmm2,%xmm1 # round 6 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 + call _key_expansion_192b +// aeskeygenassist $0x40,%xmm2,%xmm1 # round 7 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x40 + call _key_expansion_192a +// aeskeygenassist $0x80,%xmm2,%xmm1 # round 8 + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x80 + call _key_expansion_192b + leave + .cfi_adjust_cfa_offset -4 + retl +.Lenc_key128: +// aeskeygenassist $0x1,%xmm0,%xmm1 # round 1 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x01 + call _key_expansion_128 +// aeskeygenassist $0x2,%xmm0,%xmm1 # round 2 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x02 + call _key_expansion_128 +// aeskeygenassist $0x4,%xmm0,%xmm1 # round 3 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x04 + call _key_expansion_128 +// aeskeygenassist $0x8,%xmm0,%xmm1 # round 4 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x08 + call _key_expansion_128 +// aeskeygenassist $0x10,%xmm0,%xmm1 # round 5 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x10 + call _key_expansion_128 +// aeskeygenassist $0x20,%xmm0,%xmm1 # round 6 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20 + call _key_expansion_128 +// aeskeygenassist $0x40,%xmm0,%xmm1 # round 7 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x40 + call _key_expansion_128 +// aeskeygenassist $0x80,%xmm0,%xmm1 # round 8 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x80 + call _key_expansion_128 +// aeskeygenassist $0x1b,%xmm0,%xmm1 # round 9 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x1b + call _key_expansion_128 +// aeskeygenassist $0x36,%xmm0,%xmm1 # round 10 + .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x36 + call _key_expansion_128 + leave + .cfi_adjust_cfa_offset -4 + retl + .cfi_endproc +END(aesni_set_enckey) + +ENTRY(aesni_set_deckey) + .cfi_startproc + pushl %ebp + .cfi_adjust_cfa_offset 4 + movl %esp,%ebp + movl 16(%ebp),%eax /* rounds */ + movl %eax,%ecx + shll $4,%ecx + addl 8(%ebp),%ecx /* encrypt_schedule last quad */ + movl 12(%ebp),%edx /* decrypt_schedule */ + movdqa (%ecx),%xmm0 + movdqa %xmm0,(%edx) + decl %eax +1: + addl $0x10,%edx + subl $0x10,%ecx +// aesimc (%ecx),%xmm1 + .byte 0x66,0x0f,0x38,0xdb,0x09 + movdqa %xmm1,(%edx) + decl %eax + jne 1b + + addl $0x10,%edx + subl $0x10,%ecx + movdqa (%ecx),%xmm0 + movdqa %xmm0,(%edx) + leave + .cfi_adjust_cfa_offset -4 + retl + .cfi_endproc +END(aesni_set_deckey) + + .ident "$FreeBSD$" Added: head/sys/crypto/aesni/aesni.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/aesni/aesni.c Fri Jul 23 11:00:46 2010 (r210409) @@ -0,0 +1,338 @@ +/*- + * Copyright (c) 2005-2008 Pawel Jakub Dawidek + * Copyright (c) 2010 Konstantin Belousov + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "cryptodev_if.h" + +struct aesni_softc { + int32_t cid; + uint32_t sid; + TAILQ_HEAD(aesni_sessions_head, aesni_session) sessions; + struct rwlock lock; +}; + +static int aesni_newsession(device_t, uint32_t *sidp, struct cryptoini *cri); +static int aesni_freesession(device_t, uint64_t tid); +static void aesni_freesession_locked(struct aesni_softc *sc, + struct aesni_session *ses); + +MALLOC_DEFINE(M_AESNI, "aesni_data", "AESNI Data"); + +static void +aesni_identify(driver_t *drv, device_t parent) +{ + + /* NB: order 10 is so we get attached after h/w devices */ + if (device_find_child(parent, "aesni", -1) == NULL && + BUS_ADD_CHILD(parent, 10, "aesni", -1) == 0) + panic("aesni: could not attach"); +} + +static int +aesni_probe(device_t dev) +{ + char capp[32]; + + if ((cpu_feature2 & CPUID2_AESNI) == 0) { + device_printf(dev, "No AESNI support.\n"); + return (EINVAL); + } + strlcpy(capp, "AES-CBC", sizeof(capp)); + device_set_desc_copy(dev, capp); + return (0); +} + +static int +aesni_attach(device_t dev) +{ + struct aesni_softc *sc; + + sc = device_get_softc(dev); + TAILQ_INIT(&sc->sessions); + sc->sid = 1; + sc->cid = crypto_get_driverid(dev, CRYPTOCAP_F_HARDWARE); + if (sc->cid < 0) { + device_printf(dev, "Could not get crypto driver id.\n"); + return (ENOMEM); + } + + rw_init(&sc->lock, "aesni_lock"); + crypto_register(sc->cid, CRYPTO_AES_CBC, 0, 0); + return (0); +} + +static int +aesni_detach(device_t dev) +{ + struct aesni_softc *sc; + struct aesni_session *ses; + + sc = device_get_softc(dev); + rw_wlock(&sc->lock); + TAILQ_FOREACH(ses, &sc->sessions, next) { + if (ses->used) { + rw_wunlock(&sc->lock); + device_printf(dev, + "Cannot detach, sessions still active.\n"); + return (EBUSY); + } + } + while ((ses = TAILQ_FIRST(&sc->sessions)) != NULL) { + TAILQ_REMOVE(&sc->sessions, ses, next); + free(ses, M_AESNI); + } + rw_wunlock(&sc->lock); + rw_destroy(&sc->lock); + crypto_unregister_all(sc->cid); + return (0); +} + +static int +aesni_newsession(device_t dev, uint32_t *sidp, struct cryptoini *cri) +{ *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***