Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/perseant-stdc-iso10646]: src/sys/opencrypto 3212654
details: https://anonhg.NetBSD.org/src/rev/3686aab48181
branches: perseant-stdc-iso10646
changeset: 850672:3686aab48181
user: knakahara <knakahara%NetBSD.org@localhost>
date: Tue Jul 18 06:01:37 2017 +0000
description:
3212654
diffstat:
sys/opencrypto/crypto.c | 1882 ++++++++++++++++++++++++++++++++++++++++++++
sys/opencrypto/cryptodev.h | 681 +++++++++++++++
2 files changed, 2563 insertions(+), 0 deletions(-)
diffs (truncated from 2571 to 300 lines):
diff -r 3092d9008d9e -r 3686aab48181 sys/opencrypto/crypto.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sys/opencrypto/crypto.c Tue Jul 18 06:01:37 2017 +0000
@@ -0,0 +1,1882 @@
+/* $NetBSD: crypto.c,v 1.92.2.2 2017/07/18 06:01:37 knakahara Exp $ */
+/* $FreeBSD: src/sys/opencrypto/crypto.c,v 1.4.2.5 2003/02/26 00:14:05 sam Exp $ */
+/* $OpenBSD: crypto.c,v 1.41 2002/07/17 23:52:38 art Exp $ */
+
+/*-
+ * Copyright (c) 2008 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Coyote Point Systems, Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * The author of this code is Angelos D. Keromytis (angelos%cis.upenn.edu@localhost)
+ *
+ * This code was written by Angelos D. Keromytis in Athens, Greece, in
+ * February 2000. Network Security Technologies Inc. (NSTI) kindly
+ * supported the development of this code.
+ *
+ * Copyright (c) 2000, 2001 Angelos D. Keromytis
+ *
+ * Permission to use, copy, and modify this software with or without fee
+ * is hereby granted, provided that this entire notice is included in
+ * all source code copies of any software which is or includes a copy or
+ * modification of this software.
+ *
+ * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
+ * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
+ * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
+ * PURPOSE.
+ */
+
+#include <sys/cdefs.h>
+__KERNEL_RCSID(0, "$NetBSD: crypto.c,v 1.92.2.2 2017/07/18 06:01:37 knakahara Exp $");
+
+#include <sys/param.h>
+#include <sys/reboot.h>
+#include <sys/systm.h>
+#include <sys/malloc.h>
+#include <sys/proc.h>
+#include <sys/pool.h>
+#include <sys/kthread.h>
+#include <sys/once.h>
+#include <sys/sysctl.h>
+#include <sys/intr.h>
+#include <sys/errno.h>
+#include <sys/module.h>
+#include <sys/xcall.h>
+
+#if defined(_KERNEL_OPT)
+#include "opt_ocf.h"
+#endif
+
+#include <opencrypto/cryptodev.h>
+#include <opencrypto/xform.h> /* XXX for M_XDATA */
+
+static kmutex_t crypto_q_mtx;
+static kmutex_t crypto_ret_q_mtx;
+
+/* below are kludges for residual code wrtitten to FreeBSD interfaces */
+ #define SWI_CRYPTO 17
+ #define register_swi(lvl, fn) \
+ softint_establish(SOFTINT_NET|SOFTINT_MPSAFE, (void (*)(void *))fn, NULL)
+ #define unregister_swi(lvl, fn) softint_disestablish(softintr_cookie)
+ #define setsoftcrypto(x) \
+ do{ \
+ kpreempt_disable(); \
+ softint_schedule(x); \
+ kpreempt_enable(); \
+ }while(0)
+
+int crypto_ret_q_check(struct cryptop *);
+
+/*
+ * Crypto drivers register themselves by allocating a slot in the
+ * crypto_drivers table with crypto_get_driverid() and then registering
+ * each algorithm they support with crypto_register() and crypto_kregister().
+ */
+static kmutex_t crypto_drv_mtx;
+/* Don't directly access crypto_drivers[i], use crypto_checkdriver(i). */
+static struct cryptocap *crypto_drivers;
+static int crypto_drivers_num;
+static void *softintr_cookie;
+static int crypto_exit_flag;
+
+static void *crypto_ret_si;
+
+/*
+ * There are two queues for crypto requests; one for symmetric (e.g.
+ * cipher) operations and one for asymmetric (e.g. MOD) operations.
+ * See below for how synchronization is handled.
+ */
+static TAILQ_HEAD(,cryptop) crp_q = /* request queues */
+ TAILQ_HEAD_INITIALIZER(crp_q);
+static TAILQ_HEAD(,cryptkop) crp_kq =
+ TAILQ_HEAD_INITIALIZER(crp_kq);
+
+/*
+ * There are two queues for processing completed crypto requests; one
+ * for the symmetric and one for the asymmetric ops. We only need one
+ * but have two to avoid type futzing (cryptop vs. cryptkop). See below
+ * for how synchronization is handled.
+ */
+static TAILQ_HEAD(crprethead, cryptop) crp_ret_q = /* callback queues */
+ TAILQ_HEAD_INITIALIZER(crp_ret_q);
+static TAILQ_HEAD(krprethead, cryptkop) crp_ret_kq =
+ TAILQ_HEAD_INITIALIZER(crp_ret_kq);
+
+#define DEFINIT_CRYPTO_Q_LEN(name) \
+ static int crypto_##name##_len = 0
+
+#define DEFINIT_CRYPTO_Q_DROPS(name) \
+ static int crypto_##name##_drops = 0
+
+#define DEFINIT_CRYPTO_Q_MAXLEN(name, defval) \
+ static int crypto_##name##_maxlen = defval
+
+#define CRYPTO_Q_INC(name) \
+ do { \
+ crypto_##name##_len++; \
+ } while(0);
+
+#define CRYPTO_Q_DEC(name) \
+ do { \
+ crypto_##name##_len--; \
+ } while(0);
+
+#define CRYPTO_Q_INC_DROPS(name) \
+ do { \
+ crypto_##name##_drops++; \
+ } while(0);
+
+#define CRYPTO_Q_IS_FULL(name) \
+ (crypto_##name##_maxlen > 0 \
+ && (crypto_##name##_len > crypto_##name##_maxlen))
+
+/*
+ * current queue length.
+ */
+DEFINIT_CRYPTO_Q_LEN(crp_ret_q);
+DEFINIT_CRYPTO_Q_LEN(crp_ret_kq);
+
+/*
+ * queue dropped count.
+ */
+DEFINIT_CRYPTO_Q_DROPS(crp_ret_q);
+DEFINIT_CRYPTO_Q_DROPS(crp_ret_kq);
+
+#ifndef CRYPTO_RET_Q_MAXLEN
+#define CRYPTO_RET_Q_MAXLEN 0
+#endif
+#ifndef CRYPTO_RET_KQ_MAXLEN
+#define CRYPTO_RET_KQ_MAXLEN 0
+#endif
+/*
+ * queue length limit.
+ * default value is 0. <=0 means unlimited.
+ */
+DEFINIT_CRYPTO_Q_MAXLEN(crp_ret_q, CRYPTO_RET_Q_MAXLEN);
+DEFINIT_CRYPTO_Q_MAXLEN(crp_ret_kq, CRYPTO_RET_KQ_MAXLEN);
+
+/*
+ * TODO:
+ * make percpu
+ */
+static int
+sysctl_opencrypto_q_len(SYSCTLFN_ARGS)
+{
+ int error;
+
+ error = sysctl_lookup(SYSCTLFN_CALL(rnode));
+ if (error || newp == NULL)
+ return error;
+
+ return 0;
+}
+
+/*
+ * TODO:
+ * make percpu
+ */
+static int
+sysctl_opencrypto_q_drops(SYSCTLFN_ARGS)
+{
+ int error;
+
+ error = sysctl_lookup(SYSCTLFN_CALL(rnode));
+ if (error || newp == NULL)
+ return error;
+
+ return 0;
+}
+
+/*
+ * need to make percpu?
+ */
+static int
+sysctl_opencrypto_q_maxlen(SYSCTLFN_ARGS)
+{
+ int error;
+
+ error = sysctl_lookup(SYSCTLFN_CALL(rnode));
+ if (error || newp == NULL)
+ return error;
+
+ return 0;
+}
+
+/*
+ * Crypto op and desciptor data structures are allocated
+ * from separate private zones(FreeBSD)/pools(netBSD/OpenBSD) .
+ */
+struct pool cryptop_pool;
+struct pool cryptodesc_pool;
+struct pool cryptkop_pool;
+
+int crypto_usercrypto = 1; /* userland may open /dev/crypto */
+int crypto_userasymcrypto = 1; /* userland may do asym crypto reqs */
+/*
+ * cryptodevallowsoft is (intended to be) sysctl'able, controlling
+ * access to hardware versus software transforms as below:
+ *
+ * crypto_devallowsoft < 0: Force userlevel requests to use software
+ * transforms, always
+ * crypto_devallowsoft = 0: Use hardware if present, grant userlevel
+ * requests for non-accelerated transforms
+ * (handling the latter in software)
+ * crypto_devallowsoft > 0: Allow user requests only for transforms which
+ * are hardware-accelerated.
+ */
+int crypto_devallowsoft = 1; /* only use hardware crypto */
+
+static void
+sysctl_opencrypto_setup(struct sysctllog **clog)
+{
+ const struct sysctlnode *ocnode;
+ const struct sysctlnode *retqnode, *retkqnode;
+
+ sysctl_createv(clog, 0, NULL, NULL,
+ CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+ CTLTYPE_INT, "usercrypto",
+ SYSCTL_DESCR("Enable/disable user-mode access to "
+ "crypto support"),
+ NULL, 0, &crypto_usercrypto, 0,
+ CTL_KERN, CTL_CREATE, CTL_EOL);
+ sysctl_createv(clog, 0, NULL, NULL,
+ CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+ CTLTYPE_INT, "userasymcrypto",
+ SYSCTL_DESCR("Enable/disable user-mode access to "
+ "asymmetric crypto support"),
+ NULL, 0, &crypto_userasymcrypto, 0,
+ CTL_KERN, CTL_CREATE, CTL_EOL);
+ sysctl_createv(clog, 0, NULL, NULL,
+ CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+ CTLTYPE_INT, "cryptodevallowsoft",
+ SYSCTL_DESCR("Enable/disable use of software "
+ "asymmetric crypto support"),
+ NULL, 0, &crypto_devallowsoft, 0,
+ CTL_KERN, CTL_CREATE, CTL_EOL);
+
+ sysctl_createv(clog, 0, NULL, &ocnode,
+ CTLFLAG_PERMANENT,
+ CTLTYPE_NODE, "opencrypto",
+ SYSCTL_DESCR("opencrypto related entries"),
+ NULL, 0, NULL, 0,
+ CTL_CREATE, CTL_EOL);
+
+ sysctl_createv(clog, 0, &ocnode, &retqnode,
+ CTLFLAG_PERMANENT,
+ CTLTYPE_NODE, "crypto_ret_q",
+ SYSCTL_DESCR("crypto_ret_q related entries"),
+ NULL, 0, NULL, 0,
+ CTL_CREATE, CTL_EOL);
+ sysctl_createv(clog, 0, &retqnode, NULL,
Home |
Main Index |
Thread Index |
Old Index