Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/perseant-stdc-iso10646]: src/sys/opencrypto 3212654



details:   https://anonhg.NetBSD.org/src/rev/3686aab48181
branches:  perseant-stdc-iso10646
changeset: 850672:3686aab48181
user:      knakahara <knakahara%NetBSD.org@localhost>
date:      Tue Jul 18 06:01:37 2017 +0000

description:
3212654

diffstat:

 sys/opencrypto/crypto.c    |  1882 ++++++++++++++++++++++++++++++++++++++++++++
 sys/opencrypto/cryptodev.h |   681 +++++++++++++++
 2 files changed, 2563 insertions(+), 0 deletions(-)

diffs (truncated from 2571 to 300 lines):

diff -r 3092d9008d9e -r 3686aab48181 sys/opencrypto/crypto.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/sys/opencrypto/crypto.c   Tue Jul 18 06:01:37 2017 +0000
@@ -0,0 +1,1882 @@
+/*     $NetBSD: crypto.c,v 1.92.2.2 2017/07/18 06:01:37 knakahara Exp $ */
+/*     $FreeBSD: src/sys/opencrypto/crypto.c,v 1.4.2.5 2003/02/26 00:14:05 sam Exp $   */
+/*     $OpenBSD: crypto.c,v 1.41 2002/07/17 23:52:38 art Exp $ */
+
+/*-
+ * Copyright (c) 2008 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Coyote Point Systems, Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * The author of this code is Angelos D. Keromytis (angelos%cis.upenn.edu@localhost)
+ *
+ * This code was written by Angelos D. Keromytis in Athens, Greece, in
+ * February 2000. Network Security Technologies Inc. (NSTI) kindly
+ * supported the development of this code.
+ *
+ * Copyright (c) 2000, 2001 Angelos D. Keromytis
+ *
+ * Permission to use, copy, and modify this software with or without fee
+ * is hereby granted, provided that this entire notice is included in
+ * all source code copies of any software which is or includes a copy or
+ * modification of this software.
+ *
+ * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
+ * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
+ * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
+ * PURPOSE.
+ */
+
+#include <sys/cdefs.h>
+__KERNEL_RCSID(0, "$NetBSD: crypto.c,v 1.92.2.2 2017/07/18 06:01:37 knakahara Exp $");
+
+#include <sys/param.h>
+#include <sys/reboot.h>
+#include <sys/systm.h>
+#include <sys/malloc.h>
+#include <sys/proc.h>
+#include <sys/pool.h>
+#include <sys/kthread.h>
+#include <sys/once.h>
+#include <sys/sysctl.h>
+#include <sys/intr.h>
+#include <sys/errno.h>
+#include <sys/module.h>
+#include <sys/xcall.h>
+
+#if defined(_KERNEL_OPT)
+#include "opt_ocf.h"
+#endif
+
+#include <opencrypto/cryptodev.h>
+#include <opencrypto/xform.h>                  /* XXX for M_XDATA */
+
+static kmutex_t crypto_q_mtx;
+static kmutex_t crypto_ret_q_mtx;
+
+/* below are kludges for residual code wrtitten to FreeBSD interfaces */
+  #define SWI_CRYPTO 17
+  #define register_swi(lvl, fn)  \
+  softint_establish(SOFTINT_NET|SOFTINT_MPSAFE, (void (*)(void *))fn, NULL)
+  #define unregister_swi(lvl, fn)  softint_disestablish(softintr_cookie)
+  #define setsoftcrypto(x)                     \
+       do{                                     \
+               kpreempt_disable();             \
+               softint_schedule(x);            \
+               kpreempt_enable();              \
+       }while(0)
+
+int crypto_ret_q_check(struct cryptop *);
+
+/*
+ * Crypto drivers register themselves by allocating a slot in the
+ * crypto_drivers table with crypto_get_driverid() and then registering
+ * each algorithm they support with crypto_register() and crypto_kregister().
+ */
+static kmutex_t crypto_drv_mtx;
+/* Don't directly access crypto_drivers[i], use crypto_checkdriver(i). */
+static struct cryptocap *crypto_drivers;
+static int crypto_drivers_num;
+static void *softintr_cookie;
+static int crypto_exit_flag;
+
+static void *crypto_ret_si;
+
+/*
+ * There are two queues for crypto requests; one for symmetric (e.g.
+ * cipher) operations and one for asymmetric (e.g. MOD) operations.
+ * See below for how synchronization is handled.
+ */
+static TAILQ_HEAD(,cryptop) crp_q =            /* request queues */
+               TAILQ_HEAD_INITIALIZER(crp_q);
+static TAILQ_HEAD(,cryptkop) crp_kq =
+               TAILQ_HEAD_INITIALIZER(crp_kq);
+
+/*
+ * There are two queues for processing completed crypto requests; one
+ * for the symmetric and one for the asymmetric ops.  We only need one
+ * but have two to avoid type futzing (cryptop vs. cryptkop).  See below
+ * for how synchronization is handled.
+ */
+static TAILQ_HEAD(crprethead, cryptop) crp_ret_q =     /* callback queues */
+               TAILQ_HEAD_INITIALIZER(crp_ret_q);
+static TAILQ_HEAD(krprethead, cryptkop) crp_ret_kq =
+               TAILQ_HEAD_INITIALIZER(crp_ret_kq);
+
+#define DEFINIT_CRYPTO_Q_LEN(name)             \
+       static int crypto_##name##_len = 0
+
+#define DEFINIT_CRYPTO_Q_DROPS(name)           \
+       static int crypto_##name##_drops = 0
+
+#define DEFINIT_CRYPTO_Q_MAXLEN(name, defval)          \
+       static int crypto_##name##_maxlen = defval
+
+#define CRYPTO_Q_INC(name)                     \
+       do {                                    \
+               crypto_##name##_len++;          \
+       } while(0);
+
+#define CRYPTO_Q_DEC(name)                     \
+       do {                                    \
+               crypto_##name##_len--;          \
+       } while(0);
+
+#define CRYPTO_Q_INC_DROPS(name)               \
+       do {                                    \
+               crypto_##name##_drops++;        \
+       } while(0);
+
+#define CRYPTO_Q_IS_FULL(name)                                 \
+       (crypto_##name##_maxlen > 0                             \
+           && (crypto_##name##_len > crypto_##name##_maxlen))
+
+/*
+ * current queue length.
+ */
+DEFINIT_CRYPTO_Q_LEN(crp_ret_q);
+DEFINIT_CRYPTO_Q_LEN(crp_ret_kq);
+
+/*
+ * queue dropped count.
+ */
+DEFINIT_CRYPTO_Q_DROPS(crp_ret_q);
+DEFINIT_CRYPTO_Q_DROPS(crp_ret_kq);
+
+#ifndef CRYPTO_RET_Q_MAXLEN
+#define CRYPTO_RET_Q_MAXLEN 0
+#endif
+#ifndef CRYPTO_RET_KQ_MAXLEN
+#define CRYPTO_RET_KQ_MAXLEN 0
+#endif
+/*
+ * queue length limit.
+ * default value is 0. <=0 means unlimited.
+ */
+DEFINIT_CRYPTO_Q_MAXLEN(crp_ret_q, CRYPTO_RET_Q_MAXLEN);
+DEFINIT_CRYPTO_Q_MAXLEN(crp_ret_kq, CRYPTO_RET_KQ_MAXLEN);
+
+/*
+ * TODO:
+ * make percpu
+ */
+static int
+sysctl_opencrypto_q_len(SYSCTLFN_ARGS)
+{
+       int error;
+
+       error = sysctl_lookup(SYSCTLFN_CALL(rnode));
+       if (error || newp == NULL)
+               return error;
+
+       return 0;
+}
+
+/*
+ * TODO:
+ * make percpu
+ */
+static int
+sysctl_opencrypto_q_drops(SYSCTLFN_ARGS)
+{
+       int error;
+
+       error = sysctl_lookup(SYSCTLFN_CALL(rnode));
+       if (error || newp == NULL)
+               return error;
+
+       return 0;
+}
+
+/*
+ * need to make percpu?
+ */
+static int
+sysctl_opencrypto_q_maxlen(SYSCTLFN_ARGS)
+{
+       int error;
+
+       error = sysctl_lookup(SYSCTLFN_CALL(rnode));
+       if (error || newp == NULL)
+               return error;
+
+       return 0;
+}
+
+/*
+ * Crypto op and desciptor data structures are allocated
+ * from separate private zones(FreeBSD)/pools(netBSD/OpenBSD) .
+ */
+struct pool cryptop_pool;
+struct pool cryptodesc_pool;
+struct pool cryptkop_pool;
+
+int    crypto_usercrypto = 1;          /* userland may open /dev/crypto */
+int    crypto_userasymcrypto = 1;      /* userland may do asym crypto reqs */
+/*
+ * cryptodevallowsoft is (intended to be) sysctl'able, controlling
+ * access to hardware versus software transforms as below:
+ *
+ * crypto_devallowsoft < 0:  Force userlevel requests to use software
+ *                              transforms, always
+ * crypto_devallowsoft = 0:  Use hardware if present, grant userlevel
+ *                              requests for non-accelerated transforms
+ *                              (handling the latter in software)
+ * crypto_devallowsoft > 0:  Allow user requests only for transforms which
+ *                               are hardware-accelerated.
+ */
+int    crypto_devallowsoft = 1;        /* only use hardware crypto */
+
+static void
+sysctl_opencrypto_setup(struct sysctllog **clog)
+{
+       const struct sysctlnode *ocnode;
+       const struct sysctlnode *retqnode, *retkqnode;
+
+       sysctl_createv(clog, 0, NULL, NULL,
+                      CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+                      CTLTYPE_INT, "usercrypto",
+                      SYSCTL_DESCR("Enable/disable user-mode access to "
+                          "crypto support"),
+                      NULL, 0, &crypto_usercrypto, 0,
+                      CTL_KERN, CTL_CREATE, CTL_EOL);
+       sysctl_createv(clog, 0, NULL, NULL,
+                      CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+                      CTLTYPE_INT, "userasymcrypto",
+                      SYSCTL_DESCR("Enable/disable user-mode access to "
+                          "asymmetric crypto support"),
+                      NULL, 0, &crypto_userasymcrypto, 0,
+                      CTL_KERN, CTL_CREATE, CTL_EOL);
+       sysctl_createv(clog, 0, NULL, NULL,
+                      CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+                      CTLTYPE_INT, "cryptodevallowsoft",
+                      SYSCTL_DESCR("Enable/disable use of software "
+                          "asymmetric crypto support"),
+                      NULL, 0, &crypto_devallowsoft, 0,
+                      CTL_KERN, CTL_CREATE, CTL_EOL);
+
+       sysctl_createv(clog, 0, NULL, &ocnode,
+                      CTLFLAG_PERMANENT,
+                      CTLTYPE_NODE, "opencrypto",
+                      SYSCTL_DESCR("opencrypto related entries"),
+                      NULL, 0, NULL, 0,
+                      CTL_CREATE, CTL_EOL);
+
+       sysctl_createv(clog, 0, &ocnode, &retqnode,
+                      CTLFLAG_PERMANENT,
+                      CTLTYPE_NODE, "crypto_ret_q",
+                      SYSCTL_DESCR("crypto_ret_q related entries"),
+                      NULL, 0, NULL, 0,
+                      CTL_CREATE, CTL_EOL);
+       sysctl_createv(clog, 0, &retqnode, NULL,



Home | Main Index | Thread Index | Old Index