xref: /freebsd/sys/sys/ktls.h (revision 81b22a98) 
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2014-2019 Netflix Inc.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  *
27  * $FreeBSD$
28  */
29 #ifndef _SYS_KTLS_H_
30 #define	_SYS_KTLS_H_
31 
32 #ifdef _KERNEL
33 #include <sys/refcount.h>
34 #include <sys/_task.h>
35 #endif
36 
37 struct tls_record_layer {
38 	uint8_t  tls_type;
39 	uint8_t  tls_vmajor;
40 	uint8_t  tls_vminor;
41 	uint16_t tls_length;
42 	uint8_t  tls_data[0];
43 } __attribute__ ((packed));
44 
45 #define	TLS_MAX_MSG_SIZE_V10_2	16384
46 #define	TLS_MAX_PARAM_SIZE	1024	/* Max key/mac/iv in sockopt */
47 #define	TLS_AEAD_GCM_LEN	4
48 #define	TLS_1_3_GCM_IV_LEN	12
49 #define	TLS_CHACHA20_IV_LEN	12
50 #define	TLS_CBC_IMPLICIT_IV_LEN	16
51 
52 /* Type values for the record layer */
53 #define	TLS_RLTYPE_APP		23
54 
55 /*
56  * Nonce for GCM for TLS 1.2 per RFC 5288.
57  */
58 struct tls_nonce_data {
59 	uint8_t fixed[TLS_AEAD_GCM_LEN];
60 	uint64_t seq;
61 } __packed;
62 
63 /*
64  * AEAD additional data format for TLS 1.2 per RFC 5246.
65  */
66 struct tls_aead_data {
67 	uint64_t seq;	/* In network order */
68 	uint8_t	type;
69 	uint8_t tls_vmajor;
70 	uint8_t tls_vminor;
71 	uint16_t tls_length;
72 } __packed;
73 
74 /*
75  * AEAD additional data format for TLS 1.3 per RFC 8446.
76  */
77 struct tls_aead_data_13 {
78 	uint8_t	type;
79 	uint8_t tls_vmajor;
80 	uint8_t tls_vminor;
81 	uint16_t tls_length;
82 } __packed;
83 
84 /*
85  * Stream Cipher MAC additional data input.  This does not match the
86  * exact data on the wire (the sequence number is not placed on the
87  * wire, and any explicit IV after the record header is not covered by
88  * the MAC).
89  */
90 struct tls_mac_data {
91 	uint64_t seq;
92 	uint8_t type;
93 	uint8_t tls_vmajor;
94 	uint8_t tls_vminor;
95 	uint16_t tls_length;
96 } __packed;
97 
98 #define	TLS_MAJOR_VER_ONE	3
99 #define	TLS_MINOR_VER_ZERO	1	/* 3, 1 */
100 #define	TLS_MINOR_VER_ONE	2	/* 3, 2 */
101 #define	TLS_MINOR_VER_TWO	3	/* 3, 3 */
102 #define	TLS_MINOR_VER_THREE	4	/* 3, 4 */
103 
104 /* For TCP_TXTLS_ENABLE and TCP_RXTLS_ENABLE. */
105 #ifdef _KERNEL
106 struct tls_enable_v0 {
107 	const uint8_t *cipher_key;
108 	const uint8_t *iv;		/* Implicit IV. */
109 	const uint8_t *auth_key;
110 	int	cipher_algorithm;	/* e.g. CRYPTO_AES_CBC */
111 	int	cipher_key_len;
112 	int	iv_len;
113 	int	auth_algorithm;		/* e.g. CRYPTO_SHA2_256_HMAC */
114 	int	auth_key_len;
115 	int	flags;
116 	uint8_t tls_vmajor;
117 	uint8_t tls_vminor;
118 };
119 #endif
120 
121 struct tls_enable {
122 	const uint8_t *cipher_key;
123 	const uint8_t *iv;		/* Implicit IV. */
124 	const uint8_t *auth_key;
125 	int	cipher_algorithm;	/* e.g. CRYPTO_AES_CBC */
126 	int	cipher_key_len;
127 	int	iv_len;
128 	int	auth_algorithm;		/* e.g. CRYPTO_SHA2_256_HMAC */
129 	int	auth_key_len;
130 	int	flags;
131 	uint8_t tls_vmajor;
132 	uint8_t tls_vminor;
133 	uint8_t rec_seq[8];
134 };
135 
136 /* Structure for TLS_GET_RECORD. */
137 struct tls_get_record {
138 	/* TLS record header. */
139 	uint8_t  tls_type;
140 	uint8_t  tls_vmajor;
141 	uint8_t  tls_vminor;
142 	uint16_t tls_length;
143 };
144 
145 #ifdef _KERNEL
146 
147 struct tls_session_params {
148 	uint8_t *cipher_key;
149 	uint8_t *auth_key;
150 	uint8_t iv[TLS_CBC_IMPLICIT_IV_LEN];
151 	int	cipher_algorithm;
152 	int	auth_algorithm;
153 	uint16_t cipher_key_len;
154 	uint16_t iv_len;
155 	uint16_t auth_key_len;
156 	uint16_t max_frame_len;
157 	uint8_t tls_vmajor;
158 	uint8_t tls_vminor;
159 	uint8_t tls_hlen;
160 	uint8_t tls_tlen;
161 	uint8_t tls_bs;
162 	uint8_t flags;
163 };
164 
165 /* Used in APIs to request RX vs TX sessions. */
166 #define	KTLS_TX		1
167 #define	KTLS_RX		2
168 
169 struct iovec;
170 struct ktls_ocf_session;
171 struct ktls_ocf_encrypt_state;
172 struct ktls_session;
173 struct m_snd_tag;
174 struct mbuf;
175 struct sockbuf;
176 struct socket;
177 
178 struct ktls_session {
179 	union {
180 		int	(*sw_encrypt)(struct ktls_ocf_encrypt_state *state,
181 		    struct ktls_session *tls, struct mbuf *m,
182 		    struct iovec *outiov, int outiovcnt);
183 		int	(*sw_decrypt)(struct ktls_session *tls,
184 		    const struct tls_record_layer *hdr, struct mbuf *m,
185 		    uint64_t seqno, int *trailer_len);
186 	};
187 	struct ktls_ocf_session *ocf_session;
188 	struct m_snd_tag *snd_tag;
189 	struct tls_session_params params;
190 	u_int	wq_index;
191 	volatile u_int refcount;
192 	int mode;
193 
194 	struct task reset_tag_task;
195 	struct task disable_ifnet_task;
196 	struct inpcb *inp;
197 	bool reset_pending;
198 	bool disable_ifnet_pending;
199 	bool sync_dispatch;
200 	bool sequential_records;
201 
202 	/* Only used for TLS 1.0. */
203 	uint64_t next_seqno;
204 	STAILQ_HEAD(, mbuf) pending_records;
205 } __aligned(CACHE_LINE_SIZE);
206 
207 extern unsigned int ktls_ifnet_max_rexmit_pct;
208 
209 void ktls_check_rx(struct sockbuf *sb);
210 void ktls_disable_ifnet(void *arg);
211 int ktls_enable_rx(struct socket *so, struct tls_enable *en);
212 int ktls_enable_tx(struct socket *so, struct tls_enable *en);
213 void ktls_destroy(struct ktls_session *tls);
214 void ktls_frame(struct mbuf *m, struct ktls_session *tls, int *enqueue_cnt,
215     uint8_t record_type);
216 void ktls_seq(struct sockbuf *sb, struct mbuf *m);
217 void ktls_enqueue(struct mbuf *m, struct socket *so, int page_count);
218 void ktls_enqueue_to_free(struct mbuf *m);
219 int ktls_get_rx_mode(struct socket *so, int *modep);
220 int ktls_set_tx_mode(struct socket *so, int mode);
221 int ktls_get_tx_mode(struct socket *so, int *modep);
222 int ktls_output_eagain(struct inpcb *inp, struct ktls_session *tls);
223 #ifdef RATELIMIT
224 int ktls_modify_txrtlmt(struct ktls_session *tls, uint64_t max_pacing_rate);
225 #endif
226 bool ktls_pending_rx_info(struct sockbuf *sb, uint64_t *seqnop, size_t *residp);
227 
228 static inline struct ktls_session *
229 ktls_hold(struct ktls_session *tls)
230 {
231 
232 	if (tls != NULL)
233 		refcount_acquire(&tls->refcount);
234 	return (tls);
235 }
236 
237 static inline void
238 ktls_free(struct ktls_session *tls)
239 {
240 
241 	if (refcount_release(&tls->refcount))
242 		ktls_destroy(tls);
243 }
244 
245 #endif /* !_KERNEL */
246 #endif /* !_SYS_KTLS_H_ */
247