1 /*******************************************************************************
2 Copyright (c) 2018-2020, Intel Corporation
3
4 Redistribution and use in source and binary forms, with or without
5 modification, are permitted provided that the following conditions are met:
6
7 * Redistributions of source code must retain the above copyright notice,
8 this list of conditions and the following disclaimer.
9 * Redistributions in binary form must reproduce the above copyright
10 notice, this list of conditions and the following disclaimer in the
11 documentation and/or other materials provided with the distribution.
12 * Neither the name of Intel Corporation nor the names of its contributors
13 may be used to endorse or promote products derived from this software
14 without specific prior written permission.
15
16 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
20 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
22 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
23 CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 *******************************************************************************/
27
28 #include <stdint.h>
29 #ifdef LINUX
30 #include <stdlib.h> /* posix_memalign() and free() */
31 #else
32 #include <malloc.h> /* _aligned_malloc() and aligned_free() */
33 #endif
34 #include <string.h>
35 #include "intel-ipsec-mb.h"
36 #include "ipsec_ooo_mgr.h"
37 #include "cpu_feature.h"
38 #include "error.h"
39
40 #define IMB_OOO_ROAD_BLOCK 0xDEADCAFEDEADCAFEULL
41
42 /*
43 * Set last 8 bytes of OOO mgrs to predefined pattern
44 *
45 * This is to assist in searching for sensitive data remaining
46 * in the heap after algorithmic code completes
47 */
set_ooo_mgr_road_block(IMB_MGR * mgr)48 static void set_ooo_mgr_road_block(IMB_MGR *mgr)
49 {
50 MB_MGR_AES_OOO *aes128_ooo = mgr->aes128_ooo;
51 MB_MGR_AES_OOO *aes192_ooo = mgr->aes192_ooo;
52 MB_MGR_AES_OOO *aes256_ooo = mgr->aes256_ooo;
53 MB_MGR_DOCSIS_AES_OOO *docsis128_sec_ooo = mgr->docsis128_sec_ooo;
54 MB_MGR_DOCSIS_AES_OOO *docsis128_crc32_sec_ooo =
55 mgr->docsis128_crc32_sec_ooo;
56 MB_MGR_DOCSIS_AES_OOO *docsis256_sec_ooo = mgr->docsis256_sec_ooo;
57 MB_MGR_DOCSIS_AES_OOO *docsis256_crc32_sec_ooo =
58 mgr->docsis256_crc32_sec_ooo;
59 MB_MGR_DES_OOO *des_enc_ooo = mgr->des_enc_ooo;
60 MB_MGR_DES_OOO *des_dec_ooo = mgr->des_dec_ooo;
61 MB_MGR_DES_OOO *des3_enc_ooo = mgr->des3_enc_ooo;
62 MB_MGR_DES_OOO *des3_dec_ooo = mgr->des3_dec_ooo;
63 MB_MGR_DES_OOO *docsis_des_enc_ooo = mgr->docsis_des_enc_ooo;
64 MB_MGR_DES_OOO *docsis_des_dec_ooo = mgr->docsis_des_dec_ooo;
65 MB_MGR_HMAC_SHA_1_OOO *hmac_sha_1_ooo = mgr->hmac_sha_1_ooo;
66 MB_MGR_HMAC_SHA_256_OOO *hmac_sha_224_ooo = mgr->hmac_sha_224_ooo;
67 MB_MGR_HMAC_SHA_256_OOO *hmac_sha_256_ooo = mgr->hmac_sha_256_ooo;
68 MB_MGR_HMAC_SHA_512_OOO *hmac_sha_384_ooo = mgr->hmac_sha_384_ooo;
69 MB_MGR_HMAC_SHA_512_OOO *hmac_sha_512_ooo = mgr->hmac_sha_512_ooo;
70 MB_MGR_HMAC_MD5_OOO *hmac_md5_ooo = mgr->hmac_md5_ooo;
71 MB_MGR_AES_XCBC_OOO *aes_xcbc_ooo = mgr->aes_xcbc_ooo;
72 MB_MGR_CCM_OOO *aes_ccm_ooo = mgr->aes_ccm_ooo;
73 MB_MGR_CMAC_OOO *aes_cmac_ooo = mgr->aes_cmac_ooo;
74 MB_MGR_ZUC_OOO *zuc_eea3_ooo = mgr->zuc_eea3_ooo;
75 MB_MGR_ZUC_OOO *zuc_eia3_ooo = mgr->zuc_eia3_ooo;
76 MB_MGR_AES_OOO *aes128_cbcs_ooo = mgr->aes128_cbcs_ooo;
77
78 aes128_ooo->road_block = IMB_OOO_ROAD_BLOCK;
79 aes192_ooo->road_block = IMB_OOO_ROAD_BLOCK;
80 aes256_ooo->road_block = IMB_OOO_ROAD_BLOCK;
81
82 docsis128_sec_ooo->road_block = IMB_OOO_ROAD_BLOCK;
83 docsis128_crc32_sec_ooo->road_block = IMB_OOO_ROAD_BLOCK;
84 docsis256_sec_ooo->road_block = IMB_OOO_ROAD_BLOCK;
85 docsis256_crc32_sec_ooo->road_block = IMB_OOO_ROAD_BLOCK;
86
87 des_enc_ooo->road_block = IMB_OOO_ROAD_BLOCK;
88 des_dec_ooo->road_block = IMB_OOO_ROAD_BLOCK;
89 des3_enc_ooo->road_block = IMB_OOO_ROAD_BLOCK;
90 des3_dec_ooo->road_block = IMB_OOO_ROAD_BLOCK;
91 docsis_des_enc_ooo->road_block = IMB_OOO_ROAD_BLOCK;
92 docsis_des_dec_ooo->road_block = IMB_OOO_ROAD_BLOCK;
93
94 hmac_sha_1_ooo->road_block = IMB_OOO_ROAD_BLOCK;
95 hmac_sha_224_ooo->road_block = IMB_OOO_ROAD_BLOCK;
96 hmac_sha_256_ooo->road_block = IMB_OOO_ROAD_BLOCK;
97 hmac_sha_384_ooo->road_block = IMB_OOO_ROAD_BLOCK;
98 hmac_sha_512_ooo->road_block = IMB_OOO_ROAD_BLOCK;
99 hmac_md5_ooo->road_block = IMB_OOO_ROAD_BLOCK;
100
101 aes_xcbc_ooo->road_block = IMB_OOO_ROAD_BLOCK;
102 aes_ccm_ooo->road_block = IMB_OOO_ROAD_BLOCK;
103 aes_cmac_ooo->road_block = IMB_OOO_ROAD_BLOCK;
104
105 zuc_eea3_ooo->road_block = IMB_OOO_ROAD_BLOCK;
106 zuc_eia3_ooo->road_block = IMB_OOO_ROAD_BLOCK;
107
108 aes128_cbcs_ooo->road_block = IMB_OOO_ROAD_BLOCK;
109 }
110
111 static void *
alloc_aligned_mem(const size_t size)112 alloc_aligned_mem(const size_t size)
113 {
114 void *ptr;
115
116 const size_t alignment = 64;
117 #ifdef LINUX
118 if (posix_memalign((void **)&ptr, alignment, size))
119 return NULL;
120 #else
121 ptr = _aligned_malloc(size, alignment);
122 #endif
123
124 IMB_ASSERT(ptr != NULL);
125
126 memset(ptr, 0, size);
127
128 return ptr;
129 }
130
131 static void
free_mem(void * ptr)132 free_mem(void *ptr)
133 {
134 #ifdef LINUX
135 free(ptr);
136 #else
137 _aligned_free(ptr);
138 #endif
139 }
140
141 /**
142 * @brief Allocates memory for multi-buffer manager instance
143 *
144 * For binary compatibility between library versions
145 * it is recommended to use this API.
146 *
147 * @param flags multi-buffer manager flags
148 * IMB_FLAG_SHANI_OFF - disable use (and detection) of SHA extensions,
149 * currently SHANI is only available for SSE
150 *
151 * @return Pointer to allocated memory for MB_MGR structure
152 * @retval NULL on allocation error
153 */
alloc_mb_mgr(uint64_t flags)154 IMB_MGR *alloc_mb_mgr(uint64_t flags)
155 {
156 IMB_MGR *ptr = NULL;
157
158 ptr = alloc_aligned_mem(sizeof(IMB_MGR));
159 IMB_ASSERT(ptr != NULL);
160 if (ptr != NULL) {
161 imb_set_errno(ptr, 0);
162 ptr->flags = flags; /* save the flags for future use in init */
163 ptr->features = cpu_feature_adjust(flags, cpu_feature_detect());
164 } else {
165 imb_set_errno(ptr, ENOMEM);
166 return NULL;
167 }
168
169 /* Allocate memory for OOO */
170 ptr->aes128_ooo = alloc_aligned_mem(sizeof(MB_MGR_AES_OOO));
171 if (ptr->aes128_ooo == NULL)
172 goto exit_fail;
173 ptr->aes192_ooo = alloc_aligned_mem(sizeof(MB_MGR_AES_OOO));
174 if (ptr->aes192_ooo == NULL)
175 goto exit_fail;
176 ptr->aes256_ooo = alloc_aligned_mem(sizeof(MB_MGR_AES_OOO));
177 if (ptr->aes256_ooo == NULL)
178 goto exit_fail;
179 ptr->docsis128_sec_ooo =
180 alloc_aligned_mem(sizeof(MB_MGR_DOCSIS_AES_OOO));
181 if (ptr->docsis128_sec_ooo == NULL)
182 goto exit_fail;
183 ptr->docsis128_crc32_sec_ooo =
184 alloc_aligned_mem(sizeof(MB_MGR_DOCSIS_AES_OOO));
185 if (ptr->docsis128_crc32_sec_ooo == NULL)
186 goto exit_fail;
187 ptr->docsis256_sec_ooo =
188 alloc_aligned_mem(sizeof(MB_MGR_DOCSIS_AES_OOO));
189 if (ptr->docsis256_sec_ooo == NULL)
190 goto exit_fail;
191 ptr->docsis256_crc32_sec_ooo =
192 alloc_aligned_mem(sizeof(MB_MGR_DOCSIS_AES_OOO));
193 if (ptr->docsis256_crc32_sec_ooo == NULL)
194 goto exit_fail;
195 ptr->des_enc_ooo = alloc_aligned_mem(sizeof(MB_MGR_DES_OOO));
196 if (ptr->des_enc_ooo == NULL)
197 goto exit_fail;
198 ptr->des_dec_ooo = alloc_aligned_mem(sizeof(MB_MGR_DES_OOO));
199 if (ptr->des_dec_ooo == NULL)
200 goto exit_fail;
201 ptr->des3_enc_ooo = alloc_aligned_mem(sizeof(MB_MGR_DES_OOO));
202 if (ptr->des3_enc_ooo == NULL)
203 goto exit_fail;
204 ptr->des3_dec_ooo = alloc_aligned_mem(sizeof(MB_MGR_DES_OOO));
205 if (ptr->des3_dec_ooo == NULL)
206 goto exit_fail;
207 ptr->docsis_des_enc_ooo = alloc_aligned_mem(sizeof(MB_MGR_DES_OOO));
208 if (ptr->docsis_des_enc_ooo == NULL)
209 goto exit_fail;
210 ptr->docsis_des_dec_ooo = alloc_aligned_mem(sizeof(MB_MGR_DES_OOO));
211 if (ptr->docsis_des_dec_ooo == NULL)
212 goto exit_fail;
213 ptr->zuc_eea3_ooo = alloc_aligned_mem(sizeof(MB_MGR_ZUC_OOO));
214 if (ptr->zuc_eea3_ooo == NULL)
215 goto exit_fail;
216
217 ptr->hmac_sha_1_ooo = alloc_aligned_mem(sizeof(MB_MGR_HMAC_SHA_1_OOO));
218 if (ptr->hmac_sha_1_ooo == NULL)
219 goto exit_fail;
220 ptr->hmac_sha_224_ooo =
221 alloc_aligned_mem(sizeof(MB_MGR_HMAC_SHA_256_OOO));
222 if (ptr->hmac_sha_224_ooo == NULL)
223 goto exit_fail;
224 ptr->hmac_sha_256_ooo =
225 alloc_aligned_mem(sizeof(MB_MGR_HMAC_SHA_256_OOO));
226 if (ptr->hmac_sha_256_ooo == NULL)
227 goto exit_fail;
228 ptr->hmac_sha_384_ooo =
229 alloc_aligned_mem(sizeof(MB_MGR_HMAC_SHA_512_OOO));
230 if (ptr->hmac_sha_384_ooo == NULL)
231 goto exit_fail;
232 ptr->hmac_sha_512_ooo =
233 alloc_aligned_mem(sizeof(MB_MGR_HMAC_SHA_512_OOO));
234 if (ptr->hmac_sha_512_ooo == NULL)
235 goto exit_fail;
236 ptr->hmac_md5_ooo =
237 alloc_aligned_mem(sizeof(MB_MGR_HMAC_MD5_OOO));
238 if (ptr->hmac_md5_ooo == NULL)
239 goto exit_fail;
240 ptr->aes_xcbc_ooo = alloc_aligned_mem(sizeof(MB_MGR_AES_XCBC_OOO));
241 if (ptr->aes_xcbc_ooo == NULL)
242 goto exit_fail;
243 ptr->aes_ccm_ooo = alloc_aligned_mem(sizeof(MB_MGR_CCM_OOO));
244 if (ptr->aes_ccm_ooo == NULL)
245 goto exit_fail;
246 ptr->aes_cmac_ooo = alloc_aligned_mem(sizeof(MB_MGR_CMAC_OOO));
247 if (ptr->aes_cmac_ooo == NULL)
248 goto exit_fail;
249 ptr->zuc_eia3_ooo = alloc_aligned_mem(sizeof(MB_MGR_ZUC_OOO));
250 if (ptr->zuc_eia3_ooo == NULL)
251 goto exit_fail;
252 ptr->aes128_cbcs_ooo = alloc_aligned_mem(sizeof(MB_MGR_AES_OOO));
253 if (ptr->aes128_cbcs_ooo == NULL)
254 goto exit_fail;
255
256 set_ooo_mgr_road_block(ptr);
257
258 return ptr;
259
260 exit_fail:
261 imb_set_errno(ptr, ENOMEM);
262
263 free_mem(ptr->aes128_ooo);
264 free_mem(ptr->aes192_ooo);
265 free_mem(ptr->aes256_ooo);
266 free_mem(ptr->docsis128_sec_ooo);
267 free_mem(ptr->docsis128_crc32_sec_ooo);
268 free_mem(ptr->docsis256_sec_ooo);
269 free_mem(ptr->docsis256_crc32_sec_ooo);
270 free_mem(ptr->des_enc_ooo);
271 free_mem(ptr->des_dec_ooo);
272 free_mem(ptr->des3_enc_ooo);
273 free_mem(ptr->des3_dec_ooo);
274 free_mem(ptr->docsis_des_enc_ooo);
275 free_mem(ptr->docsis_des_dec_ooo);
276 free_mem(ptr->zuc_eea3_ooo);
277
278 free_mem(ptr->hmac_sha_1_ooo);
279 free_mem(ptr->hmac_sha_224_ooo);
280 free_mem(ptr->hmac_sha_256_ooo);
281 free_mem(ptr->hmac_sha_384_ooo);
282 free_mem(ptr->hmac_sha_512_ooo);
283 free_mem(ptr->hmac_md5_ooo);
284 free_mem(ptr->aes_xcbc_ooo);
285 free_mem(ptr->aes_ccm_ooo);
286 free_mem(ptr->aes_cmac_ooo);
287 free_mem(ptr->zuc_eia3_ooo);
288 free_mem(ptr->aes128_cbcs_ooo);
289 free(ptr);
290
291 return NULL;
292 }
293
294 /**
295 * @brief Frees memory allocated previously by alloc_mb_mgr()
296 *
297 * @param ptr a pointer to allocated MB_MGR structure
298 *
299 */
free_mb_mgr(IMB_MGR * ptr)300 void free_mb_mgr(IMB_MGR *ptr)
301 {
302 IMB_ASSERT(ptr != NULL);
303
304 /* Free memory for OOO */
305 if (ptr != NULL) {
306 free_mem(ptr->aes128_ooo);
307 free_mem(ptr->aes192_ooo);
308 free_mem(ptr->aes256_ooo);
309 free_mem(ptr->docsis128_sec_ooo);
310 free_mem(ptr->docsis128_crc32_sec_ooo);
311 free_mem(ptr->docsis256_sec_ooo);
312 free_mem(ptr->docsis256_crc32_sec_ooo);
313 free_mem(ptr->des_enc_ooo);
314 free_mem(ptr->des_dec_ooo);
315 free_mem(ptr->des3_enc_ooo);
316 free_mem(ptr->des3_dec_ooo);
317 free_mem(ptr->docsis_des_enc_ooo);
318 free_mem(ptr->docsis_des_dec_ooo);
319 free_mem(ptr->zuc_eea3_ooo);
320
321 free_mem(ptr->hmac_sha_1_ooo);
322 free_mem(ptr->hmac_sha_224_ooo);
323 free_mem(ptr->hmac_sha_256_ooo);
324 free_mem(ptr->hmac_sha_384_ooo);
325 free_mem(ptr->hmac_sha_512_ooo);
326 free_mem(ptr->hmac_md5_ooo);
327 free_mem(ptr->aes_xcbc_ooo);
328 free_mem(ptr->aes_ccm_ooo);
329 free_mem(ptr->aes_cmac_ooo);
330 free_mem(ptr->zuc_eia3_ooo);
331 free_mem(ptr->aes128_cbcs_ooo);
332 }
333
334 /* Free IMB_MGR */
335 free_mem(ptr);
336 }
337