1 /* $NetBSD: cryptodev.c,v 1.10 2003/11/19 04:14:07 jonathan Exp $ */
2 /* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */
3 /* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */
4
5 /*
6 * Copyright (c) 2001 Theo de Raadt
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. The name of the author may not be used to endorse or promote products
18 * derived from this software without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
21 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
22 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
23 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
24 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
25 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
29 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 *
31 * Effort sponsored in part by the Defense Advanced Research Projects
32 * Agency (DARPA) and Air Force Research Laboratory, Air Force
33 * Materiel Command, USAF, under agreement number F30602-01-2-0537.
34 *
35 */
36
37 #include <sys/cdefs.h>
38 __KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.10 2003/11/19 04:14:07 jonathan Exp $");
39
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/malloc.h>
43 #include <sys/mbuf.h>
44 #include <sys/sysctl.h>
45 #include <sys/file.h>
46 #include <sys/filedesc.h>
47 #include <sys/errno.h>
48 #include <sys/md5.h>
49 #include <sys/sha1.h>
50 #include <sys/conf.h>
51 #include <sys/device.h>
52
53 #include <opencrypto/cryptodev.h>
54 #include <opencrypto/xform.h>
55
56 #ifdef __NetBSD__
57 #define splcrypto splnet
58 #endif
59
60 struct csession {
61 TAILQ_ENTRY(csession) next;
62 u_int64_t sid;
63 u_int32_t ses;
64
65 u_int32_t cipher;
66 struct enc_xform *txform;
67 u_int32_t mac;
68 struct auth_hash *thash;
69
70 caddr_t key;
71 int keylen;
72 u_char tmp_iv[EALG_MAX_BLOCK_LEN];
73
74 caddr_t mackey;
75 int mackeylen;
76 u_char tmp_mac[CRYPTO_MAX_MAC_LEN];
77
78 struct iovec iovec[IOV_MAX];
79 struct uio uio;
80 int error;
81 };
82
83 struct fcrypt {
84 TAILQ_HEAD(csessionlist, csession) csessions;
85 int sesn;
86 };
87
88
89 /* Declaration of master device (fd-cloning/ctxt-allocating) entrypoints */
90 static int cryptoopen(dev_t dev, int flag, int mode, struct proc *p);
91 static int cryptoread(dev_t dev, struct uio *uio, int ioflag);
92 static int cryptowrite(dev_t dev, struct uio *uio, int ioflag);
93 static int cryptoioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p);
94 static int cryptoselect(dev_t dev, int rw, struct proc *p);
95
96 /* Declaration of cloned-device (per-ctxt) entrypoints */
97 static int cryptof_read(struct file *, off_t *, struct uio *, struct ucred *, int);
98 static int cryptof_write(struct file *, off_t *, struct uio *, struct ucred *, int);
99 static int cryptof_ioctl(struct file *, u_long, void*, struct proc *p);
100 static int cryptof_fcntl(struct file *, u_int, void*, struct proc *p);
101 static int cryptof_poll(struct file *, int, struct proc *);
102 static int cryptof_kqfilter(struct file *, struct knote *);
103 static int cryptof_stat(struct file *, struct stat *, struct proc *);
104 static int cryptof_close(struct file *, struct proc *);
105
106 static struct fileops cryptofops = {
107 cryptof_read,
108 cryptof_write,
109 cryptof_ioctl,
110 cryptof_fcntl,
111 cryptof_poll,
112 cryptof_stat,
113 cryptof_close,
114 cryptof_kqfilter
115 };
116
117 static struct csession *csefind(struct fcrypt *, u_int);
118 static int csedelete(struct fcrypt *, struct csession *);
119 static struct csession *cseadd(struct fcrypt *, struct csession *);
120 static struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, u_int64_t,
121 caddr_t, u_int64_t, u_int32_t, u_int32_t, struct enc_xform *,
122 struct auth_hash *);
123 static int csefree(struct csession *);
124
125 static int cryptodev_op(struct csession *, struct crypt_op *, struct proc *);
126 static int cryptodev_key(struct crypt_kop *);
127 int cryptodev_dokey(struct crypt_kop *kop, struct crparam kvp[]);
128
129 static int cryptodev_cb(void *);
130 static int cryptodevkey_cb(void *);
131
132 /*
133 * sysctl-able control variables for /dev/crypto now defined in crypto.c:
134 * crypto_usercrypto, crypto_userasmcrypto, crypto_devallowsoft.
135 */
136
137 /* ARGSUSED */
138 int
139 cryptof_read(struct file *fp, off_t *poff, struct uio *uio,
140 struct ucred *cred, int flags)
141 {
142 return (EIO);
143 }
144
145 /* ARGSUSED */
146 int
147 cryptof_write(struct file *fp, off_t *poff, struct uio *uio,
148 struct ucred *cred, int flags)
149 {
150 return (EIO);
151 }
152
153 /* ARGSUSED */
154 int
155 cryptof_ioctl(struct file *fp, u_long cmd, void* data, struct proc *p)
156 {
157 struct cryptoini cria, crie;
158 struct fcrypt *fcr = (struct fcrypt *)fp->f_data;
159 struct csession *cse;
160 struct session_op *sop;
161 struct crypt_op *cop;
162 struct enc_xform *txform = NULL;
163 struct auth_hash *thash = NULL;
164 u_int64_t sid;
165 u_int32_t ses;
166 int error = 0;
167
168 switch (cmd) {
169 case CIOCGSESSION:
170 sop = (struct session_op *)data;
171 switch (sop->cipher) {
172 case 0:
173 break;
174 case CRYPTO_DES_CBC:
175 txform = &enc_xform_des;
176 break;
177 case CRYPTO_3DES_CBC:
178 txform = &enc_xform_3des;
179 break;
180 case CRYPTO_BLF_CBC:
181 txform = &enc_xform_blf;
182 break;
183 case CRYPTO_CAST_CBC:
184 txform = &enc_xform_cast5;
185 break;
186 case CRYPTO_SKIPJACK_CBC:
187 txform = &enc_xform_skipjack;
188 break;
189 case CRYPTO_AES_CBC:
190 txform = &enc_xform_rijndael128;
191 break;
192 case CRYPTO_NULL_CBC:
193 txform = &enc_xform_null;
194 break;
195 case CRYPTO_ARC4:
196 txform = &enc_xform_arc4;
197 break;
198 default:
199 return (EINVAL);
200 }
201
202 switch (sop->mac) {
203 case 0:
204 break;
205 case CRYPTO_MD5_HMAC:
206 thash = &auth_hash_hmac_md5_96;
207 break;
208 case CRYPTO_SHA1_HMAC:
209 thash = &auth_hash_hmac_sha1_96;
210 break;
211 case CRYPTO_SHA2_HMAC:
212 if (sop->mackeylen == auth_hash_hmac_sha2_256.keysize)
213 thash = &auth_hash_hmac_sha2_256;
214 else if (sop->mackeylen == auth_hash_hmac_sha2_384.keysize)
215 thash = &auth_hash_hmac_sha2_384;
216 else if (sop->mackeylen == auth_hash_hmac_sha2_512.keysize)
217 thash = &auth_hash_hmac_sha2_512;
218 else
219 return (EINVAL);
220 break;
221 case CRYPTO_RIPEMD160_HMAC:
222 thash = &auth_hash_hmac_ripemd_160_96;
223 break;
224 case CRYPTO_MD5:
225 thash = &auth_hash_md5;
226 break;
227 case CRYPTO_SHA1:
228 thash = &auth_hash_sha1;
229 break;
230 case CRYPTO_NULL_HMAC:
231 thash = &auth_hash_null;
232 break;
233 default:
234 return (EINVAL);
235 }
236
237 bzero(&crie, sizeof(crie));
238 bzero(&cria, sizeof(cria));
239
240 if (txform) {
241 crie.cri_alg = txform->type;
242 crie.cri_klen = sop->keylen * 8;
243 if (sop->keylen > txform->maxkey ||
244 sop->keylen < txform->minkey) {
245 error = EINVAL;
246 goto bail;
247 }
248
249 MALLOC(crie.cri_key, u_int8_t *,
250 crie.cri_klen / 8, M_XDATA, M_WAITOK);
251 if ((error = copyin(sop->key, crie.cri_key,
252 crie.cri_klen / 8)))
253 goto bail;
254 if (thash)
255 crie.cri_next = &cria;
256 }
257
258 if (thash) {
259 cria.cri_alg = thash->type;
260 cria.cri_klen = sop->mackeylen * 8;
261 if (sop->mackeylen != thash->keysize) {
262 error = EINVAL;
263 goto bail;
264 }
265
266 if (cria.cri_klen) {
267 MALLOC(cria.cri_key, u_int8_t *,
268 cria.cri_klen / 8, M_XDATA, M_WAITOK);
269 if ((error = copyin(sop->mackey, cria.cri_key,
270 cria.cri_klen / 8)))
271 goto bail;
272 }
273 }
274
275 error = crypto_newsession(&sid, (txform ? &crie : &cria),
276 crypto_devallowsoft);
277 if (error) {
278 #ifdef CRYPTO_DEBUG
279 printf("SIOCSESSION violates kernel parameters\n");
280 #endif
281 goto bail;
282 }
283
284 cse = csecreate(fcr, sid, crie.cri_key, crie.cri_klen,
285 cria.cri_key, cria.cri_klen, sop->cipher, sop->mac, txform,
286 thash);
287
288 if (cse == NULL) {
289 crypto_freesession(sid);
290 error = EINVAL;
291 goto bail;
292 }
293 sop->ses = cse->ses;
294
295 bail:
296 if (error) {
297 if (crie.cri_key)
298 FREE(crie.cri_key, M_XDATA);
299 if (cria.cri_key)
300 FREE(cria.cri_key, M_XDATA);
301 }
302 break;
303 case CIOCFSESSION:
304 ses = *(u_int32_t *)data;
305 cse = csefind(fcr, ses);
306 if (cse == NULL)
307 return (EINVAL);
308 csedelete(fcr, cse);
309 error = csefree(cse);
310 break;
311 case CIOCCRYPT:
312 cop = (struct crypt_op *)data;
313 cse = csefind(fcr, cop->ses);
314 if (cse == NULL)
315 return (EINVAL);
316 error = cryptodev_op(cse, cop, p);
317 break;
318 case CIOCKEY:
319 error = cryptodev_key((struct crypt_kop *)data);
320 break;
321 case CIOCASYMFEAT:
322 error = crypto_getfeat((int *)data);
323 break;
324 default:
325 error = EINVAL;
326 }
327 return (error);
328 }
329
330 /* ARGSUSED */
331 int
332 cryptof_fcntl(struct file *fp, u_int cmd, void *data, struct proc *p)
333 {
334 return (0);
335 }
336
337 static int
338 cryptodev_op(struct csession *cse, struct crypt_op *cop, struct proc *p)
339 {
340 struct cryptop *crp = NULL;
341 struct cryptodesc *crde = NULL, *crda = NULL;
342 int i, error, s;
343
344 if (cop->len > 256*1024-4)
345 return (E2BIG);
346
347 if (cse->txform && (cop->len % cse->txform->blocksize) != 0)
348 return (EINVAL);
349
350 bzero(&cse->uio, sizeof(cse->uio));
351 cse->uio.uio_iovcnt = 1;
352 cse->uio.uio_resid = 0;
353 cse->uio.uio_segflg = UIO_SYSSPACE;
354 cse->uio.uio_rw = UIO_WRITE;
355 cse->uio.uio_procp = p;
356 cse->uio.uio_iov = cse->iovec;
357 bzero(&cse->iovec, sizeof(cse->iovec));
358 cse->uio.uio_iov[0].iov_len = cop->len;
359 cse->uio.uio_iov[0].iov_base = malloc(cop->len, M_XDATA, M_WAITOK);
360 for (i = 0; i < cse->uio.uio_iovcnt; i++)
361 cse->uio.uio_resid += cse->uio.uio_iov[0].iov_len;
362
363 crp = crypto_getreq((cse->txform != NULL) + (cse->thash != NULL));
364 if (crp == NULL) {
365 error = ENOMEM;
366 goto bail;
367 }
368
369 if (cse->thash) {
370 crda = crp->crp_desc;
371 if (cse->txform)
372 crde = crda->crd_next;
373 } else {
374 if (cse->txform)
375 crde = crp->crp_desc;
376 else {
377 error = EINVAL;
378 goto bail;
379 }
380 }
381
382 if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base, cop->len)))
383 goto bail;
384
385 if (crda) {
386 crda->crd_skip = 0;
387 crda->crd_len = cop->len;
388 crda->crd_inject = 0; /* ??? */
389
390 crda->crd_alg = cse->mac;
391 crda->crd_key = cse->mackey;
392 crda->crd_klen = cse->mackeylen * 8;
393 }
394
395 if (crde) {
396 if (cop->op == COP_ENCRYPT)
397 crde->crd_flags |= CRD_F_ENCRYPT;
398 else
399 crde->crd_flags &= ~CRD_F_ENCRYPT;
400 crde->crd_len = cop->len;
401 crde->crd_inject = 0;
402
403 crde->crd_alg = cse->cipher;
404 crde->crd_key = cse->key;
405 crde->crd_klen = cse->keylen * 8;
406 }
407
408 crp->crp_ilen = cop->len;
409 crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIMM
410 | (cop->flags & COP_F_BATCH);
411 crp->crp_buf = (caddr_t)&cse->uio;
412 crp->crp_callback = (int (*) (struct cryptop *)) cryptodev_cb;
413 crp->crp_sid = cse->sid;
414 crp->crp_opaque = (void *)cse;
415
416 if (cop->iv) {
417 if (crde == NULL) {
418 error = EINVAL;
419 goto bail;
420 }
421 if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
422 error = EINVAL;
423 goto bail;
424 }
425 if ((error = copyin(cop->iv, cse->tmp_iv, cse->txform->blocksize)))
426 goto bail;
427 bcopy(cse->tmp_iv, crde->crd_iv, cse->txform->blocksize);
428 crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT;
429 crde->crd_skip = 0;
430 } else if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
431 crde->crd_skip = 0;
432 } else if (crde) {
433 crde->crd_flags |= CRD_F_IV_PRESENT;
434 crde->crd_skip = cse->txform->blocksize;
435 crde->crd_len -= cse->txform->blocksize;
436 }
437
438 if (cop->mac) {
439 if (crda == NULL) {
440 error = EINVAL;
441 goto bail;
442 }
443 crp->crp_mac=cse->tmp_mac;
444 }
445
446 s = splcrypto(); /* NB: only needed with CRYPTO_F_CBIMM */
447 error = crypto_dispatch(crp);
448 if (error == 0 && (crp->crp_flags & CRYPTO_F_DONE) == 0)
449 error = tsleep(crp, PSOCK, "crydev", 0);
450 splx(s);
451 if (error) {
452 goto bail;
453 }
454
455 if (crp->crp_etype != 0) {
456 error = crp->crp_etype;
457 goto bail;
458 }
459
460 if (cse->error) {
461 error = cse->error;
462 goto bail;
463 }
464
465 if (cop->dst &&
466 (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, cop->len)))
467 goto bail;
468
469 if (cop->mac &&
470 (error = copyout(crp->crp_mac, cop->mac, cse->thash->authsize)))
471 goto bail;
472
473 bail:
474 if (crp)
475 crypto_freereq(crp);
476 if (cse->uio.uio_iov[0].iov_base)
477 free(cse->uio.uio_iov[0].iov_base, M_XDATA);
478
479 return (error);
480 }
481
482 static int
483 cryptodev_cb(void *op)
484 {
485 struct cryptop *crp = (struct cryptop *) op;
486 struct csession *cse = (struct csession *)crp->crp_opaque;
487
488 cse->error = crp->crp_etype;
489 if (crp->crp_etype == EAGAIN)
490 return crypto_dispatch(crp);
491 wakeup_one(crp);
492 return (0);
493 }
494
495 static int
496 cryptodevkey_cb(void *op)
497 {
498 struct cryptkop *krp = (struct cryptkop *) op;
499
500 wakeup_one(krp);
501 return (0);
502 }
503
504 static int
505 cryptodev_key(struct crypt_kop *kop)
506 {
507 struct cryptkop *krp = NULL;
508 int error = EINVAL;
509 int in, out, size, i;
510
511 if (kop->crk_iparams + kop->crk_oparams > CRK_MAXPARAM) {
512 return (EFBIG);
513 }
514
515 in = kop->crk_iparams;
516 out = kop->crk_oparams;
517 switch (kop->crk_op) {
518 case CRK_MOD_EXP:
519 if (in == 3 && out == 1)
520 break;
521 return (EINVAL);
522 case CRK_MOD_EXP_CRT:
523 if (in == 6 && out == 1)
524 break;
525 return (EINVAL);
526 case CRK_DSA_SIGN:
527 if (in == 5 && out == 2)
528 break;
529 return (EINVAL);
530 case CRK_DSA_VERIFY:
531 if (in == 7 && out == 0)
532 break;
533 return (EINVAL);
534 case CRK_DH_COMPUTE_KEY:
535 if (in == 3 && out == 1)
536 break;
537 return (EINVAL);
538 default:
539 return (EINVAL);
540 }
541
542 krp = (struct cryptkop *)malloc(sizeof *krp, M_XDATA, M_WAITOK);
543 if (!krp)
544 return (ENOMEM);
545 bzero(krp, sizeof *krp);
546 krp->krp_op = kop->crk_op;
547 krp->krp_status = kop->crk_status;
548 krp->krp_iparams = kop->crk_iparams;
549 krp->krp_oparams = kop->crk_oparams;
550 krp->krp_status = 0;
551 krp->krp_callback = (int (*) (struct cryptkop *)) cryptodevkey_cb;
552
553 for (i = 0; i < CRK_MAXPARAM; i++)
554 krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits;
555 for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) {
556 size = (krp->krp_param[i].crp_nbits + 7) / 8;
557 if (size == 0)
558 continue;
559 MALLOC(krp->krp_param[i].crp_p, caddr_t, size, M_XDATA, M_WAITOK);
560 if (i >= krp->krp_iparams)
561 continue;
562 error = copyin(kop->crk_param[i].crp_p, krp->krp_param[i].crp_p, size);
563 if (error)
564 goto fail;
565 }
566
567 error = crypto_kdispatch(krp);
568 if (error == 0)
569 error = tsleep(krp, PSOCK, "crydev", 0);
570 if (error)
571 goto fail;
572
573 if (krp->krp_status != 0) {
574 error = krp->krp_status;
575 goto fail;
576 }
577
578 for (i = krp->krp_iparams; i < krp->krp_iparams + krp->krp_oparams; i++) {
579 size = (krp->krp_param[i].crp_nbits + 7) / 8;
580 if (size == 0)
581 continue;
582 error = copyout(krp->krp_param[i].crp_p, kop->crk_param[i].crp_p, size);
583 if (error)
584 goto fail;
585 }
586
587 fail:
588 if (krp) {
589 kop->crk_status = krp->krp_status;
590 for (i = 0; i < CRK_MAXPARAM; i++) {
591 if (krp->krp_param[i].crp_p)
592 FREE(krp->krp_param[i].crp_p, M_XDATA);
593 }
594 free(krp, M_XDATA);
595 }
596 return (error);
597 }
598
599 /* ARGSUSED */
600 static int
601 cryptof_poll(struct file *fp, int which, struct proc *p)
602 {
603 return (0);
604 }
605
606
607 /* ARGSUSED */
608 static int
609 cryptof_kqfilter(struct file *fp, struct knote *kn)
610 {
611
612 return (0);
613 }
614
615 /* ARGSUSED */
616 static int
617 cryptof_stat(struct file *fp, struct stat *sb, struct proc *p)
618 {
619 return (EOPNOTSUPP);
620 }
621
622 /* ARGSUSED */
623 static int
624 cryptof_close(struct file *fp, struct proc *p)
625 {
626 struct fcrypt *fcr = (struct fcrypt *)fp->f_data;
627 struct csession *cse;
628
629 while ((cse = TAILQ_FIRST(&fcr->csessions))) {
630 TAILQ_REMOVE(&fcr->csessions, cse, next);
631 (void)csefree(cse);
632 }
633 FREE(fcr, M_XDATA);
634
635 /* close() stolen from sys/kern/kern_ktrace.c */
636
637 fp->f_data = NULL;
638 #if 0
639 FILE_UNUSE(fp, p); /* release file */
640 fdrelease(p, fd); /* release fd table slot */
641 #endif
642
643 return 0;
644 }
645
646 static struct csession *
647 csefind(struct fcrypt *fcr, u_int ses)
648 {
649 struct csession *cse;
650
651 TAILQ_FOREACH(cse, &fcr->csessions, next)
652 if (cse->ses == ses)
653 return (cse);
654 return (NULL);
655 }
656
657 static int
658 csedelete(struct fcrypt *fcr, struct csession *cse_del)
659 {
660 struct csession *cse;
661
662 TAILQ_FOREACH(cse, &fcr->csessions, next) {
663 if (cse == cse_del) {
664 TAILQ_REMOVE(&fcr->csessions, cse, next);
665 return (1);
666 }
667 }
668 return (0);
669 }
670
671 static struct csession *
672 cseadd(struct fcrypt *fcr, struct csession *cse)
673 {
674 TAILQ_INSERT_TAIL(&fcr->csessions, cse, next);
675 cse->ses = fcr->sesn++;
676 return (cse);
677 }
678
679 static struct csession *
680 csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen,
681 caddr_t mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac,
682 struct enc_xform *txform, struct auth_hash *thash)
683 {
684 struct csession *cse;
685
686 MALLOC(cse, struct csession *, sizeof(struct csession),
687 M_XDATA, M_NOWAIT);
688 if (cse == NULL)
689 return NULL;
690 cse->key = key;
691 cse->keylen = keylen/8;
692 cse->mackey = mackey;
693 cse->mackeylen = mackeylen/8;
694 cse->sid = sid;
695 cse->cipher = cipher;
696 cse->mac = mac;
697 cse->txform = txform;
698 cse->thash = thash;
699 cseadd(fcr, cse);
700 return (cse);
701 }
702
703 static int
704 csefree(struct csession *cse)
705 {
706 int error;
707
708 error = crypto_freesession(cse->sid);
709 if (cse->key)
710 FREE(cse->key, M_XDATA);
711 if (cse->mackey)
712 FREE(cse->mackey, M_XDATA);
713 FREE(cse, M_XDATA);
714 return (error);
715 }
716
717 static int
718 cryptoopen(dev_t dev, int flag, int mode, struct proc *p)
719 {
720 if (crypto_usercrypto == 0)
721 return (ENXIO);
722 return (0);
723 }
724
725 static int
726 cryptoread(dev_t dev, struct uio *uio, int ioflag)
727 {
728 return (EIO);
729 }
730
731 static int
732 cryptowrite(dev_t dev, struct uio *uio, int ioflag)
733 {
734 return (EIO);
735 }
736
737 static int
738 cryptoioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p)
739 {
740 struct file *f;
741 struct fcrypt *fcr;
742 int fd, error;
743
744 switch (cmd) {
745 case CRIOGET:
746 MALLOC(fcr, struct fcrypt *,
747 sizeof(struct fcrypt), M_XDATA, M_WAITOK);
748 TAILQ_INIT(&fcr->csessions);
749 fcr->sesn = 0;
750
751 error = falloc(p, &f, &fd);
752 if (error) {
753 FREE(fcr, M_XDATA);
754 return (error);
755 }
756 f->f_flag = FREAD | FWRITE;
757 f->f_type = DTYPE_CRYPTO;
758 f->f_ops = &cryptofops;
759 f->f_data = (caddr_t) fcr;
760 *(u_int32_t *)data = fd;
761 FILE_SET_MATURE(f);
762 FILE_UNUSE(f, p);
763 break;
764 default:
765 error = EINVAL;
766 break;
767 }
768 return (error);
769 }
770
771 int
772 cryptoselect(dev_t dev, int rw, struct proc *p)
773 {
774 return (0);
775 }
776
777 /*static*/
778 struct cdevsw crypto_cdevsw = {
779 /* open */ cryptoopen,
780 /* close */ nullclose,
781 /* read */ cryptoread,
782 /* write */ cryptowrite,
783 /* ioctl */ cryptoioctl,
784 /* ttstop?*/ nostop,
785 /* ??*/ notty,
786 /* poll */ cryptoselect /*nopoll*/,
787 /* mmap */ nommap,
788 /* kqfilter */ nokqfilter,
789 };
790
Cache object: 6912297fc12f4fbf19c8fc1e7bb271d9
|