crypto.c (116191) | crypto.c (116924) |
---|---|
1/* $OpenBSD: crypto.c,v 1.38 2002/06/11 11:14:29 beck Exp $ */ 2/* 3 * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) 4 * 5 * This code was written by Angelos D. Keromytis in Athens, Greece, in 6 * February 2000. Network Security Technologies Inc. (NSTI) kindly 7 * supported the development of this code. 8 * --- 7 unchanged lines hidden (view full) --- 16 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 17 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 18 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 19 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 20 * PURPOSE. 21 */ 22 23#include <sys/cdefs.h> | 1/* $OpenBSD: crypto.c,v 1.38 2002/06/11 11:14:29 beck Exp $ */ 2/* 3 * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) 4 * 5 * This code was written by Angelos D. Keromytis in Athens, Greece, in 6 * February 2000. Network Security Technologies Inc. (NSTI) kindly 7 * supported the development of this code. 8 * --- 7 unchanged lines hidden (view full) --- 16 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 17 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 18 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 19 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 20 * PURPOSE. 21 */ 22 23#include <sys/cdefs.h> |
24__FBSDID("$FreeBSD: head/sys/opencrypto/crypto.c 116191 2003-06-11 05:57:50Z obrien $"); | 24__FBSDID("$FreeBSD: head/sys/opencrypto/crypto.c 116924 2003-06-27 20:07:10Z sam $"); |
25 26#define CRYPTO_TIMING /* enable timing support */ 27 28#include <sys/param.h> 29#include <sys/systm.h> 30#include <sys/eventhandler.h> 31#include <sys/kernel.h> 32#include <sys/kthread.h> 33#include <sys/lock.h> 34#include <sys/mutex.h> 35#include <sys/malloc.h> 36#include <sys/proc.h> 37#include <sys/sysctl.h> 38 39#include <vm/uma.h> 40#include <opencrypto/cryptodev.h> 41#include <opencrypto/xform.h> /* XXX for M_XDATA */ 42 | 25 26#define CRYPTO_TIMING /* enable timing support */ 27 28#include <sys/param.h> 29#include <sys/systm.h> 30#include <sys/eventhandler.h> 31#include <sys/kernel.h> 32#include <sys/kthread.h> 33#include <sys/lock.h> 34#include <sys/mutex.h> 35#include <sys/malloc.h> 36#include <sys/proc.h> 37#include <sys/sysctl.h> 38 39#include <vm/uma.h> 40#include <opencrypto/cryptodev.h> 41#include <opencrypto/xform.h> /* XXX for M_XDATA */ 42 |
43#define SESID2HID(sid) (((sid) >> 32) & 0xffffffff) 44 | |
45/* 46 * Crypto drivers register themselves by allocating a slot in the 47 * crypto_drivers table with crypto_get_driverid() and then registering 48 * each algorithm they support with crypto_register() and crypto_kregister(). 49 */ 50static struct mtx crypto_drivers_mtx; /* lock on driver table */ 51#define CRYPTO_DRIVER_LOCK() mtx_lock(&crypto_drivers_mtx) 52#define CRYPTO_DRIVER_UNLOCK() mtx_unlock(&crypto_drivers_mtx) --- 220 unchanged lines hidden (view full) --- 273 * The algorithm we use here is pretty stupid; just use the 274 * first driver that supports all the algorithms we need. 275 * 276 * XXX We need more smarts here (in real life too, but that's 277 * XXX another story altogether). 278 */ 279 280 for (hid = 0; hid < crypto_drivers_num; hid++) { | 43/* 44 * Crypto drivers register themselves by allocating a slot in the 45 * crypto_drivers table with crypto_get_driverid() and then registering 46 * each algorithm they support with crypto_register() and crypto_kregister(). 47 */ 48static struct mtx crypto_drivers_mtx; /* lock on driver table */ 49#define CRYPTO_DRIVER_LOCK() mtx_lock(&crypto_drivers_mtx) 50#define CRYPTO_DRIVER_UNLOCK() mtx_unlock(&crypto_drivers_mtx) --- 220 unchanged lines hidden (view full) --- 271 * The algorithm we use here is pretty stupid; just use the 272 * first driver that supports all the algorithms we need. 273 * 274 * XXX We need more smarts here (in real life too, but that's 275 * XXX another story altogether). 276 */ 277 278 for (hid = 0; hid < crypto_drivers_num; hid++) { |
279 struct cryptocap *cap = &crypto_drivers[hid]; |
|
281 /* 282 * If it's not initialized or has remaining sessions 283 * referencing it, skip. 284 */ | 280 /* 281 * If it's not initialized or has remaining sessions 282 * referencing it, skip. 283 */ |
285 if (crypto_drivers[hid].cc_newsession == NULL || 286 (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP)) | 284 if (cap->cc_newsession == NULL || 285 (cap->cc_flags & CRYPTOCAP_F_CLEANUP)) |
287 continue; 288 289 /* Hardware required -- ignore software drivers. */ | 286 continue; 287 288 /* Hardware required -- ignore software drivers. */ |
290 if (hard > 0 && 291 (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_SOFTWARE)) | 289 if (hard > 0 && (cap->cc_flags & CRYPTOCAP_F_SOFTWARE)) |
292 continue; 293 /* Software required -- ignore hardware drivers. */ | 290 continue; 291 /* Software required -- ignore hardware drivers. */ |
294 if (hard < 0 && 295 (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_SOFTWARE) == 0) | 292 if (hard < 0 && (cap->cc_flags & CRYPTOCAP_F_SOFTWARE) == 0) |
296 continue; 297 298 /* See if all the algorithms are supported. */ 299 for (cr = cri; cr; cr = cr->cri_next) | 293 continue; 294 295 /* See if all the algorithms are supported. */ 296 for (cr = cri; cr; cr = cr->cri_next) |
300 if (crypto_drivers[hid].cc_alg[cr->cri_alg] == 0) | 297 if (cap->cc_alg[cr->cri_alg] == 0) |
301 break; 302 303 if (cr == NULL) { 304 /* Ok, all algorithms are supported. */ 305 306 /* 307 * Can't do everything in one session. 308 * 309 * XXX Fix this. We need to inject a "virtual" session layer right 310 * XXX about here. 311 */ 312 313 /* Call the driver initialization routine. */ 314 lid = hid; /* Pass the driver ID. */ | 298 break; 299 300 if (cr == NULL) { 301 /* Ok, all algorithms are supported. */ 302 303 /* 304 * Can't do everything in one session. 305 * 306 * XXX Fix this. We need to inject a "virtual" session layer right 307 * XXX about here. 308 */ 309 310 /* Call the driver initialization routine. */ 311 lid = hid; /* Pass the driver ID. */ |
315 err = crypto_drivers[hid].cc_newsession( 316 crypto_drivers[hid].cc_arg, &lid, cri); | 312 err = (*cap->cc_newsession)(cap->cc_arg, &lid, cri); |
317 if (err == 0) { | 313 if (err == 0) { |
318 (*sid) = hid; | 314 /* XXX assert (hid &~ 0xffffff) == 0 */ 315 /* XXX assert (cap->cc_flags &~ 0xff) == 0 */ 316 (*sid) = ((cap->cc_flags & 0xff) << 24) | hid; |
319 (*sid) <<= 32; 320 (*sid) |= (lid & 0xffffffff); | 317 (*sid) <<= 32; 318 (*sid) |= (lid & 0xffffffff); |
321 crypto_drivers[hid].cc_sessions++; | 319 cap->cc_sessions++; |
322 } 323 break; 324 } 325 } 326done: 327 CRYPTO_DRIVER_UNLOCK(); 328 return err; 329} --- 11 unchanged lines hidden (view full) --- 341 CRYPTO_DRIVER_LOCK(); 342 343 if (crypto_drivers == NULL) { 344 err = EINVAL; 345 goto done; 346 } 347 348 /* Determine two IDs. */ | 320 } 321 break; 322 } 323 } 324done: 325 CRYPTO_DRIVER_UNLOCK(); 326 return err; 327} --- 11 unchanged lines hidden (view full) --- 339 CRYPTO_DRIVER_LOCK(); 340 341 if (crypto_drivers == NULL) { 342 err = EINVAL; 343 goto done; 344 } 345 346 /* Determine two IDs. */ |
349 hid = SESID2HID(sid); | 347 hid = CRYPTO_SESID2HID(sid); |
350 351 if (hid >= crypto_drivers_num) { 352 err = ENOENT; 353 goto done; 354 } 355 356 if (crypto_drivers[hid].cc_sessions) 357 crypto_drivers[hid].cc_sessions--; --- 294 unchanged lines hidden (view full) --- 652} 653 654/* 655 * Add a crypto request to a queue, to be processed by the kernel thread. 656 */ 657int 658crypto_dispatch(struct cryptop *crp) 659{ | 348 349 if (hid >= crypto_drivers_num) { 350 err = ENOENT; 351 goto done; 352 } 353 354 if (crypto_drivers[hid].cc_sessions) 355 crypto_drivers[hid].cc_sessions--; --- 294 unchanged lines hidden (view full) --- 650} 651 652/* 653 * Add a crypto request to a queue, to be processed by the kernel thread. 654 */ 655int 656crypto_dispatch(struct cryptop *crp) 657{ |
660 u_int32_t hid = SESID2HID(crp->crp_sid); | 658 u_int32_t hid = CRYPTO_SESID2HID(crp->crp_sid); |
661 int result; 662 663 cryptostats.cs_ops++; 664 665#ifdef CRYPTO_TIMING 666 if (crypto_timing) 667 binuptime(&crp->crp_tstamp); 668#endif --- 185 unchanged lines hidden (view full) --- 854 return EINVAL; 855 } 856 if (crp->crp_desc == NULL) { 857 crp->crp_etype = EINVAL; 858 crypto_done(crp); 859 return 0; 860 } 861 | 659 int result; 660 661 cryptostats.cs_ops++; 662 663#ifdef CRYPTO_TIMING 664 if (crypto_timing) 665 binuptime(&crp->crp_tstamp); 666#endif --- 185 unchanged lines hidden (view full) --- 852 return EINVAL; 853 } 854 if (crp->crp_desc == NULL) { 855 crp->crp_etype = EINVAL; 856 crypto_done(crp); 857 return 0; 858 } 859 |
862 hid = SESID2HID(crp->crp_sid); | 860 hid = CRYPTO_SESID2HID(crp->crp_sid); |
863 if (hid < crypto_drivers_num) { 864 if (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP) 865 crypto_freesession(crp->crp_sid); 866 process = crypto_drivers[hid].cc_process; 867 } else { 868 process = NULL; 869 } 870 --- 197 unchanged lines hidden (view full) --- 1068 /* 1069 * Find the first element in the queue that can be 1070 * processed and look-ahead to see if multiple ops 1071 * are ready for the same driver. 1072 */ 1073 submit = NULL; 1074 hint = 0; 1075 TAILQ_FOREACH(crp, &crp_q, crp_next) { | 861 if (hid < crypto_drivers_num) { 862 if (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP) 863 crypto_freesession(crp->crp_sid); 864 process = crypto_drivers[hid].cc_process; 865 } else { 866 process = NULL; 867 } 868 --- 197 unchanged lines hidden (view full) --- 1066 /* 1067 * Find the first element in the queue that can be 1068 * processed and look-ahead to see if multiple ops 1069 * are ready for the same driver. 1070 */ 1071 submit = NULL; 1072 hint = 0; 1073 TAILQ_FOREACH(crp, &crp_q, crp_next) { |
1076 u_int32_t hid = SESID2HID(crp->crp_sid); | 1074 u_int32_t hid = CRYPTO_SESID2HID(crp->crp_sid); |
1077 cap = crypto_checkdriver(hid); 1078 if (cap == NULL || cap->cc_process == NULL) { 1079 /* Op needs to be migrated, process it. */ 1080 if (submit == NULL) 1081 submit = crp; 1082 break; 1083 } 1084 if (!cap->cc_qblocked) { 1085 if (submit != NULL) { 1086 /* 1087 * We stop on finding another op, 1088 * regardless whether its for the same 1089 * driver or not. We could keep 1090 * searching the queue but it might be 1091 * better to just use a per-driver 1092 * queue instead. 1093 */ | 1075 cap = crypto_checkdriver(hid); 1076 if (cap == NULL || cap->cc_process == NULL) { 1077 /* Op needs to be migrated, process it. */ 1078 if (submit == NULL) 1079 submit = crp; 1080 break; 1081 } 1082 if (!cap->cc_qblocked) { 1083 if (submit != NULL) { 1084 /* 1085 * We stop on finding another op, 1086 * regardless whether its for the same 1087 * driver or not. We could keep 1088 * searching the queue but it might be 1089 * better to just use a per-driver 1090 * queue instead. 1091 */ |
1094 if (SESID2HID(submit->crp_sid) == hid) | 1092 if (CRYPTO_SESID2HID(submit->crp_sid) == hid) |
1095 hint = CRYPTO_HINT_MORE; 1096 break; 1097 } else { 1098 submit = crp; 1099 if ((submit->crp_flags & CRYPTO_F_BATCH) == 0) 1100 break; 1101 /* keep scanning for more are q'd */ 1102 } --- 8 unchanged lines hidden (view full) --- 1111 * driver ``blocked'' for cryptop's and put 1112 * the request back in the queue. It would 1113 * best to put the request back where we got 1114 * it but that's hard so for now we put it 1115 * at the front. This should be ok; putting 1116 * it at the end does not work. 1117 */ 1118 /* XXX validate sid again? */ | 1093 hint = CRYPTO_HINT_MORE; 1094 break; 1095 } else { 1096 submit = crp; 1097 if ((submit->crp_flags & CRYPTO_F_BATCH) == 0) 1098 break; 1099 /* keep scanning for more are q'd */ 1100 } --- 8 unchanged lines hidden (view full) --- 1109 * driver ``blocked'' for cryptop's and put 1110 * the request back in the queue. It would 1111 * best to put the request back where we got 1112 * it but that's hard so for now we put it 1113 * at the front. This should be ok; putting 1114 * it at the end does not work. 1115 */ 1116 /* XXX validate sid again? */ |
1119 crypto_drivers[SESID2HID(submit->crp_sid)].cc_qblocked = 1; | 1117 crypto_drivers[CRYPTO_SESID2HID(submit->crp_sid)].cc_qblocked = 1; |
1120 TAILQ_INSERT_HEAD(&crp_q, submit, crp_next); 1121 cryptostats.cs_blocks++; 1122 } 1123 } 1124 1125 /* As above, but for key ops */ 1126 TAILQ_FOREACH(krp, &crp_kq, krp_next) { 1127 cap = crypto_checkdriver(krp->krp_hid); --- 113 unchanged lines hidden --- | 1118 TAILQ_INSERT_HEAD(&crp_q, submit, crp_next); 1119 cryptostats.cs_blocks++; 1120 } 1121 } 1122 1123 /* As above, but for key ops */ 1124 TAILQ_FOREACH(krp, &crp_kq, krp_next) { 1125 cap = crypto_checkdriver(krp->krp_hid); --- 113 unchanged lines hidden --- |