Home | History | Annotate | Download | only in opencrypto
History log of /src/sys/opencrypto/cryptodev.c
RevisionDateAuthorComments
 1.126  17-Apr-2025  riastradh opencrypto: Fix typo that somehow snuck past our resident typo-hunter.

crypto_userasymcrypto (as in asymmetric), not crypto_userasmcrypto
(as in assembly).
 1.125  10-Sep-2022  rillig branches: 1.125.10;
fix misspellings of 'available' and nearby typos
 1.124  22-May-2022  riastradh opencrypto: Prune dead code now that crypto_dispatch never fails.
 1.123  22-May-2022  riastradh opencrypto: crypto_dispatch never fails now. Make it return void.

Same with crypto_kdispatch.
 1.122  22-May-2022  riastradh opencrypto: Rip out EAGAIN logic when unregistering crypto drivers.

I'm pretty sure this never worked reliably based on code inspection,
and it's unlikely to have ever been tested because it only applies
when unregistering a driver -- but we have no crypto drivers for
removable devices, so it would only apply if we went out of our way
to trigger detach with drvctl.

Instead, just make the operation fail with ENODEV, and remove all the
callback logic to resubmit the request on EAGAIN. (Maybe this should
be ENXIO, but crypto_kdispatch already does ENODEV.)
 1.121  22-May-2022  riastradh crypto(4): Nix dead code now that crypto_freesession never fails.
 1.120  22-May-2022  riastradh opencrypto: Make crypto_freesession return void.

No callers use the return value. It is not sensible to allow this to
fail.
 1.119  22-May-2022  riastradh crypto(4): crypto_freesession should never fail here.

It can only fail if we pass it an invalid sid, which the logic to
maintain the user sessions should not do. So kassert error=0 here.
 1.118  22-May-2022  riastradh crypto(4): Refuse crypto operations with nothing in them earlier.

This way we avoid passing 0 to crypto_getreq -- makes it easier to
reason about everything downstream.
 1.117  22-May-2022  riastradh opencrypto: Make crp_callback, krp_callback return void.

Nothing uses the return values inside opencrypto, so let's stop
making users return them.
 1.116  22-May-2022  riastradh crypto(4): Fix possible use-after-free in race around detach.

This is extremely unlikely because I don't think we have any drivers
for removable crypto decelerators^Waccelerators...but if we were to
sprout one, and someone ran crypto_dispatch concurrently with
crypto_unregister, cryptodev_cb/mcb would enter with crp->crp_etype =
EAGAIN and with CRYPTO_F_DONE set in crp->crp_flags. In this case,
cryptodev_cb/mcb would issue crypto_dispatch but -- since nothing
clears CRYPTO_F_DONE -- it would _also_ consider the request done and
notify the ioctl thread of that.

With this change, we return early if crypto_dispatch succeeds. No
need to consult CRYPTO_F_DONE: if the callback is invoked it's done,
and if we try to redispatch it on EAGAIN but crypto_dispatch fails,
it's done. (Soon we'll get rid of the possibility of crypto_dispatch
failing synchronously, but not just yet.)

XXX This path could really use some testing!
 1.115  21-May-2022  riastradh crypto(4): Fix set-but-unused variable warning.

This deliberately ignores the error code returned by crypto_dispatch,
but that error code is fundamentally incoherent and the issue will be
mooted by subsequent changes to make it return void and always pass
the error through the callback, as well as subsequent changes to rip
out the EAGAIN logic anyway.
 1.114  21-May-2022  riastradh crypto(4): Don't signal the condvar for multi-operation completion.

The condvar may be destroyed by the time we got here, and nothing
waits on it anyway -- instead the caller is expected to select/poll
for completion in userland.

The bug was already here, but the recent change to eliminate
CRYPTO_F_CBIMM made it happen more often by causing the callback to
_always_ be run asynchronously instead of sometimes being run
synchronously.
 1.113  19-May-2022  riastradh opencrypto: Nix CRYPTO_F_USER, CRYPTO_F_CBIMM, CRYPTO_F_CBIFSYNC.

CRYPTO_F_USER is no longer needed. It was introduced in 2008 by
darran@ in crypto.c 1.30, cryptodev.c 1.45 in an attempt to avoid
double-free between the issuing thread and asynchronous callback.
But the `fix' didn't work. In 2017, knakahara@ fixed it properly in
cryptodev.c 1.87 by distinguishing `the crypto operation has
completed' (CRYPTO_F_DONE) from `the callback is done touching the
crp object' (CRYPTO_F_DQRETQ, now renamed to CRYPTODEV_F_RET).

CRYPTO_F_CBIMM formerly served to invoke the callback synchronously
from the driver's interrupt completion routine, to reduce contention
on what was once a single cryptoret thread. Now, there is a per-CPU
queue and softint for much cheaper processing, so there is less
motivation for this in the first place. So let's remove the
complicated logic. This means the callbacks never run in hard
interrupt context, which means we don't need to worry about recursion
into crypto_dispatch in hard interrupt context.
 1.112  18-May-2022  riastradh crypto(4): Simplify error test in cryptodev_op.

No functional change intended.
 1.111  18-May-2022  riastradh crypto(4): Narrow scope of cryptodev_mtx to cover wait.

No functional change intended -- this only removes an unnecessary
lock/unlock cycle in the error case.
 1.110  18-May-2022  riastradh crypto(4): Nix long-dead code and comments.
 1.109  18-May-2022  riastradh crypto(4): Use IPL_NONE, not IPL_NET, for /dev/crypto pools.

These are used (pool_get/put) only from thread context, never from
interrupt or even soft interrupt context.
 1.108  17-May-2022  riastradh opencrypto(9): Omit needless casts around callbacks.

Just declare the right types to begin with. No functional change
intended.
 1.107  31-Mar-2022  pgoyette For device modules that provide both auto-config and /dev/xxx
interfaces, make sure that initialization and destruction
follow the proper sequence. This is triggered by the recent
changes to the devsw stuff; per riastradh@ the required call
sequence is:

devsw_attach()
config_init_component() or config_cf*_attach()
...
config_fini_component() or config_cf*_detach()
devsw_detach()

While here, add a few missing calls to some of the detach
routines.

Testing of these changes has been limited to:
1. compile without build break
2. no related test failures from atf
3. modload/modunload work as well as
before.

No functional device testing done, since I don't have any
of these devices. Let me know of any damage I might cause
here!

XXX Some of the modules affected by this commit are already
XXX broken; see kern/56772. This commit does not break
any additional modules (as far as I know).
 1.106  30-Jun-2020  riastradh Rename enc_xform_rijndael128 -> enc_xform_aes.

Update netipsec dependency.
 1.105  13-Apr-2020  chs slightly change and fix the semantics of pool_set*wat(), pool_sethardlimit()
and pool_prime() (and their pool_cache_* counterparts):

- the pool_set*wat() APIs are supposed to specify thresholds for the count of
free items in the pool before pool pages are automatically allocated or freed
during pool_get() / pool_put(), whereas pool_sethardlimit() and pool_prime()
are supposed to specify minimum and maximum numbers of total items
in the pool (both free and allocated). these were somewhat conflated
in the existing code, so separate them as they were intended.

- change pool_prime() to take an absolute number of items to preallocate
rather than an increment over whatever was done before, and wait for
any memory allocations to succeed. since pool_prime() can no longer fail
after this, change its return value to void and adjust all callers.

- pool_setlowat() is documented as not immediately attempting to allocate
any memory, but it was changed some time ago to immediately try to allocate
up to the lowat level, so just fix the manpage to describe the current
behaviour.

- add a pool_cache_prime() to complete the API set.
 1.104  27-Jan-2020  pgoyette branches: 1.104.4;
If we get an error from devsw_attach(), don't destroy the error value,
since we need to return it to our caller. While we're here, improve
the value of the debug message by actually printing the error value.
 1.103  16-Jan-2020  christos Initialize the session variable to an impossible session to prevent compiler
warnings.
 1.102  29-Nov-2019  hikaru branches: 1.102.2;
crypto(4): accept CRYPTO_SHA2_384_HMAC and CRYPTO_SHA2_512_HMAC.
 1.101  13-Jun-2019  christos don't always panic when modunload crypto (int the pool destroy code, because
the pools are busy). XXX: this is still racy; we need to prevent creating
more sessions while destroying.
 1.100  01-Mar-2019  pgoyette Rename the MODULE_*_HOOK() macros to MODULE_HOOK_*() as briefly
discussed on irc.

NFCI intended.

Ride the earlier kernel bump - it;s getting crowded.
 1.99  27-Jan-2019  pgoyette Merge the [pgoyette-compat] branch
 1.98  08-Feb-2018  dholland branches: 1.98.2; 1.98.4;
Typos.
 1.97  30-Nov-2017  christos add fo_name so we can identify the fileops in a simple way.
 1.96  14-Nov-2017  christos check results of pool_prime.
 1.95  15-Jun-2017  knakahara Divide crp_devflags from crp_flags to write exclusively.

CRYPTO_F_DQRETQ(new name is CRYPTODEV_F_RET) is used by cryptodev.c only.
It should be divided to other member.
 1.94  08-Jun-2017  knakahara sanitize in CIOCNCRYPTM and initialize comp_alg in CIOCNGSESSION
 1.93  08-Jun-2017  knakahara sanitize count used for kmem_alloc size.

Hmm, who uses CIOCNGSESSION, CIOCNFSESSION, CIOCNCRYPTM or CIOCNFKEYM?
 1.92  02-Jun-2017  knakahara branches: 1.92.2;
rename crypto_mtx to cryptodev_mtx

It is used by cryptodev.c and ocryptodev.c only.
 1.91  25-May-2017  knakahara add cryptkop alloc/free KPI instead of manipulating cryptkop_pool directly.
 1.90  17-May-2017  knakahara opencrypto: cleanup debug messages.
 1.89  24-Apr-2017  knakahara branches: 1.89.2;
separate crypto_drv_mtx from crypto_mtx.

crypto_mtx is used only for cryptodev.c and ocryptodev.c now.
 1.88  07-Apr-2017  knakahara the processing said "ghastly hacks" is unnecessary now.
 1.87  07-Apr-2017  knakahara fix race among crypto_done(), cryptoret(), and {cryptodev_op(), cryptodev_key()}.

crypto_op() waited to be set CRYPTO_F_DONE with crp->crp_cv.
However, there is context switch chances between being set CRYPTO_F_DONE in
crypto_done() and done cv_signal(crp->crp_cv) in cryptodev_cb(), that is,
cryptodev_op() thread can run to cv_destroy(crp->crp_cv) before cryptoret()
thread is waken up. As a result, cryptodev_cb() can call invalid(destroyed)
cv_signal(crp->crp_cv).

Furthermore, below two implementations cause other races.
- waiting CRYPTO_F_DONE with crp->crp_cv
- context witch chances between set CRYPTO_F_DONE and cv_signal(crp->crp_cv)

So, use other flag(CRYPTO_F_DQRETQ) for cryptodev_op() and cryptodev_key(),
and then call cv_signal(crp->crp_cv) immediately after set CRYPTO_F_DQRETQ.

Tested concurrent over 20 processes with software and hardware drivers.
 1.86  05-Apr-2017  knakahara fix processes accessing /dev/crypto stall when over three processes run with a hardware encryption driver

The process has stalled at cv_wait(&crp->crp_cv) because cryptodev_cb()
is not called as cryptoret() kthread keep waiting at cv_wait(&cryptoret_cv).
Previous opencrypto implementation assumes the thread from cryptodev.c
does all processing in the same context, so skips enqueueing and sending
cryptoret_cv. However, the context can be switched, e.g. when we use
a hardware encryption driver.

And add debug messages.
 1.85  07-Jul-2016  msaitoh branches: 1.85.2; 1.85.4;
KNF. Remove extra spaces. No functional change.
 1.84  20-Aug-2015  christos include "ioconf.h" to get the 'void <driver>attach(int count);' prototype.
 1.83  26-Mar-2015  prlw1 Trivial printf format changes and typo fix
 1.82  27-Nov-2014  christos branches: 1.82.2;
Return ENOSPC instead of ENOMEM when there is no room in the buffer to
store results. ENOMEM in this subsystem means we cannot allocate more
requests or internal buffers for xforms.
 1.81  05-Sep-2014  matt Try not to use f_data, use f_fcrypt to get a correctly typed pointer.
 1.80  04-Aug-2014  skrll At least crypto_mtx needs initialisation here. Spotted during PR/49065
investigation.
 1.79  25-Jul-2014  dholland Add d_discard to all struct cdevsw instances I could find.

All have been set to "nodiscard"; some should get a real implementation.
 1.78  16-Mar-2014  dholland branches: 1.78.2;
Change (mostly mechanically) every cdevsw/bdevsw I can find to use
designated initializers.

I have not built every extant kernel so I have probably broken at
least one build; however I've also found and fixed some wrong
cdevsw/bdevsw entries so even if so I think we come out ahead.
 1.77  03-Feb-2014  pgoyette Undo previous - it still needs a lot more work.

For now, we'll use the hand-crafted cf* structures and directly
call all the config routines.
 1.76  31-Jan-2014  pgoyette Replace home-grown config with standardized calls to
config_{init,fini}_component()
 1.75  24-Jan-2014  pgoyette As requested by mrg@, since there is still a small window during which
the in-module ref-counting can fail, completely disable auto-unload.
 1.74  21-Jan-2014  pgoyette Implement in-module ref-counting, and do not allow auto-unload if there
are existing references.

Note that manual unloading is not prevented.

OK christos@

XXX Also note that there is still a small window where the ref-count can
XXX be decremented, and then the process/thread preempted. If auto-unload
XXX happens before that thread can return from the module's code, bad
XXX things (tm) could happen.
 1.73  21-Jan-2014  pgoyette knf: Blank line even if no variable declarations.
 1.72  19-Jan-2014  christos bail out unloading for now
 1.71  04-Jan-2014  pgoyette When crypto(4) is built-in, crypto_modcmd() doesn't need to handle all
the auto-config stuff.

While here, ensure that we depend on opencrypto.
 1.70  01-Jan-2014  pgoyette Modularize the opencrypto components and link to the build
 1.69  12-Sep-2013  martin Fix return value of cryptodev_msessionfin.
 1.68  04-Jul-2011  joerg branches: 1.68.2; 1.68.12; 1.68.16;
Fix memset usage.
 1.67  09-Jun-2011  drochner -if an opencrypto(9) session is allocated, the driver is refcounted
and can not disappear -- no need to hold crypto_mtx to check the
driver list
(the whole check is questionable)
-crp->crp_cv (the condition variable) is used by userland cryptodev
exclusively -- move its initialization there, no need to waste
cycles of in-kernel callers
-add a comment which members of "struct cryptop" are used
by opencrypto(9) and which by crypto(4)
(this should be split, no need to waste memory for in-kernel callers)
 1.66  27-May-2011  drochner branches: 1.66.2;
allow testing of GCM/GMAC code from userland
 1.65  26-May-2011  drochner fix building of a linked list if multiple algorithms are requested
in a session -- this just didn't work
 1.64  24-May-2011  drochner catch some corner cases of user input
 1.63  24-May-2011  drochner copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC
For this to fit, an API change in cryptosoft was adopted from OpenBSD
(addition of a "Setkey" method to hashes) which was done for GCM/GMAC
support there, so it might be useful in the future anyway.
tested against KAME IPSEC
AFAICT, FAST_IPSEC now supports as much as KAME.
 1.62  23-May-2011  drochner -remove references to crypto/arc4/arc4.* -- the code isn't used
anywhere afaics
(The confusion comes probably from use of arc4random() at various places,
but this lives in libkern and doesn't share code with the former.)
-g/c non-implementation of arc4 encryption in swcrypto(4)
-remove special casing of ARC4 in crypto(4) -- the point is that it
doesn't use an IV, and this fact is made explicit by the new "ivsize"
property of xforms
 1.61  23-May-2011  drochner If symmetric encryption is done from userland crypto(4) and no IV
is specified, the kernel gets one from the random generator. Make sure it
is copied out to the user, otherwise the result is quite useless.
 1.60  23-May-2011  drochner being here, export camellia-cbc through crypto(4) to allow userland tests
 1.59  23-May-2011  drochner add an AES-CTR xform, from OpenBSD
 1.58  23-May-2011  drochner -in the descriptor for encryption xforms, split the "blocksize" field
into "blocksize" and "IV size"
-add an "reinit" function pointer which, if set, means that the xform
does its IV handling itself and doesn't want the default CBC handling
by the framework (poor name, but left that way to avoid unecessary
differences)
This syncs with Open/FreeBSD, purpose is to allow non-CBC transforms.
Refer to ivsize instead of blocksize where appropriate.
(At this point, blocksize and ivsize are identical.)
 1.57  16-May-2011  drochner split the "crypto_mtx" spinlock into 3: one spinlock each for
the incoming and outgoing request queues (which can be dealt with
by hardware accelerators) and an adaptive lock for "all the rest"
(mostly driver configuration, but also some unrelated stuff in
cryptodev.c which should be revisited)
The latter one seems to be uneeded at many places, but for now I've
done simple replacements only, except minor fixes (where
softint_schedule() was called without the lock held)
 1.56  06-May-2011  drochner As a first step towards more fine-grained locking, don't require
crypto_{new.free}session() to be called with the "crypto_mtx"
spinlock held.
This doesn't change much for now because these functions acquire
the said mutex first on entry now, but at least it keeps the nasty
locks local to the opencrypto core.
 1.55  19-Feb-2011  drochner make the compatibility code conditional on COMPAT_50
 1.54  18-Feb-2011  drochner more "const"
 1.53  02-Aug-2010  jakllsch branches: 1.53.2; 1.53.4;
Consistently use a single CRYPTO_SESID2HID-like macro.
Improve CRYPTO_DEBUG printing a bit:
print pointers with %p
print unsigned with %u rather than %d
use CRYPTO_SESID2LID instead of just casting to uint32_t
 1.52  31-Jan-2010  hubertf branches: 1.52.2; 1.52.4;
Add missing "break" for CRYPTO_CAST_CBC, and some assorted comment fixes.
openssl(1) checks for CAST (and others) on ~every startup.
 1.51  20-Dec-2009  dsl If a multithreaded app closes an fd while another thread is blocked in
read/write/accept, then the expectation is that the blocked thread will
exit and the close complete.
Since only one fd is affected, but many fd can refer to the same file,
the close code can only request the fs code unblock with ERESTART.
Fixed for pipes and sockets, ERESTART will only be generated after such
a close - so there should be no change for other programs.
Also rename fo_abort() to fo_restart() (this used to be fo_drain()).
Fixes PR/26567
 1.50  09-Dec-2009  dsl Rename fo_drain() to fo_abort(), 'drain' is used to mean 'wait for output
do drain' in many places, whereas fo_drain() was called in order to force
blocking read()/write() etc calls to return to userspace so that a close()
call from a different thread can complete.
In the sockets code comment out the broken code in the inner function,
it was being called from compat code.
 1.49  11-Apr-2009  christos Fix locking as Andy explained. Also fill in uid and gid like sys_pipe did.
 1.48  11-Apr-2009  christos Fix PR/37878 and PR/37550: Provide stat(2) for all devices and don't use
fbadop_stat.
 1.47  04-Apr-2009  ad Add fileops::fo_drain(), to be called from fd_close() when there is more
than one active reference to a file descriptor. It should dislodge threads
sleeping while holding a reference to the descriptor. Implemented only for
sockets but should be extended to pipes, fifos, etc.

Fixes the case of a multithreaded process doing something like the
following, which would have hung until the process got a signal.

thr0 accept(fd, ...)
thr1 close(fd)
 1.46  25-Mar-2009  darran Fixes PR kern/41069 and PR kern/41070.

Extends the Opencrypto API to allow the destination buffer size to be
specified when its not the same size as the input buffer (i.e. for
operations like compress and decompress).
The crypto_op and crypt_n_op structures gain a u_int dst_len field.
The session_op structure gains a comp_alg field to specify a compression
algorithm.
Moved four ioctls to new ids; CIOCGSESSION, CIOCNGSESSION, CIOCCRYPT,
and CIOCNCRYPTM.
Added four backward compatible ioctls; OCIOCGSESSION, OCIOCNGSESSION,
OCIOCCRYPT, and OCIOCNCRYPTM.

Backward compatibility is maintained in ocryptodev.h and ocryptodev.c which
implement the original ioctls and set dst_len and comp_alg to 0.

Adds user-space access to compression features.

Adds software gzip support (CRYPTO_GZIP_COMP).

Adds the fast version of crc32 from zlib to libkern. This should be generally
useful and provide a place to start normalizing the various crc32 routines
in the kernel. The crc32 routine is used in this patch to support GZIP.

With input and support from tls@NetBSD.org.
 1.45  18-Nov-2008  darran branches: 1.45.4;
Fix a race condition in opencrypto where the crypto request could be
completed by the crypto device, queued on the retq, but freed by the
ioctl lwp. The problem manifests as various panics relating to the
condvar inside the request. The problem can occur whenever the crypto
device completes the request immediately and the ioctl skips the cv_wait().

The problem can be reproduced by enabling cryptosoft and running an openssl
speed test. E.g.
sysctl -w kern.cryptodevallowsoft=-1
openssl speed -engine cryptodev -evp des-ede3-cbc -multi 64

Add a macro for TAILQ_FOREACH_REVERSE_SAFE() to queue.h, since this
was missing and the opencrypto code removes requests from a list while
iterating with TAILQ_FOREACH_REVERSE().

Add missing cv_destroy() calls for the key request cleanup.

Reviewed by Thor Lancelot Simon.
 1.44  24-May-2008  christos branches: 1.44.4; 1.44.6; 1.44.8;
Coverity CID 5021: Check pointers before using.
 1.43  24-May-2008  christos Coverity CID 5027: Remove impossible test.
 1.42  24-May-2008  christos KNF, whitespace, b* -> mem*. No functional change.
 1.41  30-Apr-2008  ad branches: 1.41.2;
Make various bits of debug code compile again.
 1.40  28-Apr-2008  martin Remove clause 3 and 4 from TNF licenses
 1.39  21-Apr-2008  tls branches: 1.39.2;
As suggested by rmind, do not check return status of KM_SLEEP/PR_WAITOK
allocations. A little hair-raising but it does make the code easier to
read.
 1.38  11-Apr-2008  rmind branches: 1.38.2;
Protect selrecord/selnotify calls with crypto_mtx; few misc changes.
 1.37  11-Apr-2008  dogcow fix 64-bit b0rkenness.
 1.36  10-Apr-2008  tls Extend crypto.4 interface:

* Asynchronous operation with result retrieval via select/poll
* Mutliple-request submit/retrieve ioctls
* Mutliple-session create-destroy ioctls

Revise/rewrite crypto.4 manual page. It should now be much easier to write
new applications to this API.

Measured performance for trivial requests: 84,000 very short modular math
operations/sec, 120,000 very short md5 hashes per sec (with a hardware
accellerator of moderate performance but very low latency, whose driver
will be contributed at a later date).

Contributed to TNF by Coyote Point Systems, Inc.
 1.35  21-Mar-2008  ad Catch up with descriptor handling changes. See kern_descrip.c revision
1.173 for details.
 1.34  04-Feb-2008  tls branches: 1.34.6;
Some locking fixes (double-release mutex in softintr wakeup case, which I
hadn't tested) and an uninitialized field in cse which Darran Hunt
found. Some more debugging printfs.

Turn on MPSAFE for the kthread. We're not sure it's safe for the softint
yet. Gives a little performance kick for swcrypto with many requests on
MP systems.
 1.33  04-Feb-2008  tls Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto"
(actually splnet) and condvars instead of tsleep/wakeup. Fix a few
miscellaneous problems and add some debugging printfs while there.

Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some
point after this code came from FreeBSD -- it made it impossible to wait
properly for a condition.

Add flags analogous to the "crp" flags to the key operation's krp struct.
Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before
the kthread had a chance to dequeue it and call its callback -- this was
letting requests stick on the queues before even though done and copied
out.

Callers of crypto_newsession() or crypto_freesession() must now take the
mutex. Change netipsec to do so. Dispatch takes the mutex itself as
needed.

This was tested fairly extensively with the cryptosoft backend and lightly
with a new hardware driver. It has not been tested with FAST_IPSEC; I am
unable to ascertain whether FAST_IPSEC currently works at all in our tree.

pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the
right direction several times in the course of this. Remaining bugs
are mine alone.
 1.32  02-Feb-2008  tls From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless
actually asked to.

Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
 1.31  01-Feb-2008  tls This code never worked on a released version of FreeBSD in the form it's
been in in our tree, and certainly does not work on any version of FreeBSD
now. Run through unifdef -D__NetBSD__ -U__FreeBSD__ yielding a small
reduction of size and a dramatic improvement in readability.

No, this does not yield any meaningful decrease in patchability (unlike
mechanical changes that touch live source lines) -- try it and see.
 1.30  29-Jan-2008  tls Fix accidental checkin inverting the sense of cryptodev_allowsoft, which
is crazy but has always documented.
 1.29  26-Jan-2008  tls Make /dev/crypto properly cloning. Leave CRIOGET in place but note that
it is deprecated, no longer required, and will be removed in a future
release of NetBSD.

Dramatically reduce the size of the session structure by removing an
IOV_MAX array of iovecs where only the first was use. Saves an 8k
bzero on each session creation.

Convert fixed-size allocations in cryptodev.c to pools.
 1.28  25-Jan-2008  tls Some minor opencrypto fixes, one with a major performance impact for
OpenSSL:

1) Fix extremely misleading text in crypto.4 manual page so it does not
appear to claim that a new cloned file descriptor is required for every
session.

2) Fix severe performance problem (and fd leak!) in openssl cryptodev
engine resulting from misunderstanding probably caused by said manual
page text.

3) Check for session-ID wraparound in kernel cryptodev provider. Also,
start allocating sessions at 1, not 0 -- this will be necessary when
we add ioctls for the creation of multiple sessions at once, so we
can tell which if any creations failed.
 1.27  19-Jan-2008  tls Add constants for modular arithmetic operations other than exponentiation -- there's hardware out there which can do them.
 1.26  04-Mar-2007  christos branches: 1.26.16; 1.26.22; 1.26.28;
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
 1.25  16-Nov-2006  christos branches: 1.25.4;
__unused removal on arguments; approved by core.
 1.24  12-Oct-2006  christos - sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386
 1.23  29-Aug-2006  christos branches: 1.23.2; 1.23.4;
fix incomplete initializer
 1.22  23-Jul-2006  ad Use the LWP cached credentials where sane.
 1.21  14-May-2006  elad integrate kauth.
 1.20  04-Apr-2006  christos Coverity CID 1083: Avoid possible NULL pointer deref.
 1.19  17-Mar-2006  christos don't use MALLOC with a non-constant size; use malloc instead.
 1.18  06-Mar-2006  christos branches: 1.18.2; 1.18.4;
sprinkle DPRINTF()...
 1.17  01-Mar-2006  yamt branches: 1.17.2;
merge yamt-uio_vmspace branch.

- use vmspace rather than proc or lwp where appropriate.
the latter is more natural to specify an address space.
(and less likely to be abused for random purposes.)
- fix a swdmover race.
 1.16  11-Dec-2005  christos branches: 1.16.2; 1.16.4; 1.16.6;
merge ktrace-lwp.
 1.15  25-Nov-2005  thorpej - De-couple the software crypto implementation from the rest of the
framework. There is no need to waste the space if you are only using
algoritms provided by hardware accelerators. To get the software
implementations, add "pseudo-device swcr" to your kernel config.
- Lazily initialize the opencrypto framework when crypto drivers
(either hardware or swcr) register themselves with the framework.
 1.14  22-Aug-2005  jonathan branches: 1.14.6;
No change. Forced commit to record commit message for previous revision, viz:

Fix vulnerability to a denial-of-service attack which passes a
length-0 crypto op. Check for zero length and return EINVAL, taken from:

http://cvsweb.FreeBSD.org/src/sys/opencrypto/cryptodev.c.diff?r1=1.25&r2=1.26

Original FreeBSD log mesage:

Modified files:
sys/opencrypto cryptodev.c
Log:
Fix bogus check. It was possible to panic the kernel by giving 0 length.
This is actually a local DoS, as every user can use /dev/crypto if there
is crypto hardware in the system and cryptodev.ko is loaded (or compiled
into the kernel).

Reported by: Mike Tancsa <mike@sentex.net>


thanks to Sam Leffler for passing on a heads-up about this issue.
 1.13  22-Aug-2005  jonathan *** empty log message ***
 1.12  30-Nov-2004  christos branches: 1.12.12;
Cloning cleanup:
1. make fileops const
2. add 2 new negative errno's to `officially' support the cloning hack:
- EDUPFD (used to overload ENODEV)
- EMOVEFD (used to overload ENXIO)
3. Created an fdclone() function to encapsulate the operations needed for
EMOVEFD, and made all cloners use it.
4. Centralize the local noop/badop fileops functions to:
fnullop_fcntl, fnullop_poll, fnullop_kqfilter, fbadop_stat
 1.11  17-Sep-2004  skrll There's no need to pass a proc value when using UIO_SYSSPACE with
vn_rdwr(9) and uiomove(9).

OK'd by Jason Thorpe
 1.10  19-Nov-2003  jonathan branches: 1.10.4;
Wrap noisy pointless message about denied userspace requests with
`#ifdef CRYPTO_DEBUG', per Jason Thorpe's suggestion.
 1.9  19-Nov-2003  jonathan Clean up userlevel access to software kernel transforms, in preparation
for using /dev/crypto for OpenSSL:

1. Add comments explaining crypto_devallowsoft, explaining the
OpenBSD-style three-way logic actully implemented in crypto_newsession().

2. Pass crypto_devallowsoft as the final argument to crypto_newsession(),
instead of a constant 0 value.

3. Set the default value of crypto_devallowsoft to 1, to allow
/dev/crypto access only for hardware-supported transforms.

Items 1-3 may be revised to match the FreeBSD two-way logic, if the
consensus is that there's no point to forcing software transforms.
But as a first step, let the description match what the code actually does.

GC unused variables usercrypto, userasmcrypto, cryptodevallowsoft from
cryptodev.c, in favour of variables crypto_usercrypto, crypto_userasmcrypto,
crypto_devallowsoft, which are used as well as defined in crypto.c.
 1.8  16-Nov-2003  jonathan Remove '#ifdef notdef' around userspace ioctl() requests for
pure (non-HMAC) MD5 and SHA1.
 1.7  26-Aug-2003  thorpej Remove a bunch of unnecessary includes.
 1.6  25-Aug-2003  thorpej It's bad form to use the <opencrypto/rmd160.h> header file while
using the crypto/ripemd160/rmd160.c implementation. Remove the
opencrypto-local copies of these files entirely.
 1.5  22-Aug-2003  itojun on netbsd, major # for /dev/crypto depends on arch
 1.4  21-Aug-2003  jonathan Pull up `done' flag for crypto operations from FreeBSD. FreeBSD deltas:
cryptodev.c: 1.4.2.3 -> 1.4.2.4
cryptodev.h: 1.4.2.4 -> 1.4.2.5
 1.3  30-Jul-2003  jonathan Garbage-collect references to OpenBSD-only <dev/rndvar.h>.
 1.2  28-Jul-2003  jonathan Remove vestiges of OpenBSD <sys/md5k.h> header.
 1.1  25-Jul-2003  jonathan Commit initial NetBSD port of the OpenCrypto Framework (OCF). This
code is derived from Sam Leffler's FreeBSD port of OCF, which is in
turn a port of Angelos Keromytis's OpenBSD work.
Credit to Sam and Angelos, any blame for the NetBSD port to me.
 1.10.4.8  11-Dec-2005  christos Sync with head.
 1.10.4.7  10-Nov-2005  skrll Sync with HEAD. Here we go again...
 1.10.4.6  08-Mar-2005  skrll Sync with HEAD.
 1.10.4.5  18-Dec-2004  skrll Sync with HEAD.
 1.10.4.4  21-Sep-2004  skrll Fix the sync with head I botched.
 1.10.4.3  18-Sep-2004  skrll Sync with HEAD.
 1.10.4.2  03-Aug-2004  skrll Sync with HEAD
 1.10.4.1  19-Nov-2003  skrll file cryptodev.c was added on branch ktrace-lwp on 2004-08-03 10:56:25 +0000
 1.12.12.7  24-Mar-2008  yamt sync with head.
 1.12.12.6  11-Feb-2008  yamt sync with head.
 1.12.12.5  04-Feb-2008  yamt sync with head.
 1.12.12.4  21-Jan-2008  yamt sync with head
 1.12.12.3  03-Sep-2007  yamt sync with head.
 1.12.12.2  30-Dec-2006  yamt sync with head.
 1.12.12.1  21-Jun-2006  yamt sync with head.
 1.14.6.1  29-Nov-2005  yamt sync with head.
 1.16.6.2  01-Jun-2006  kardel Sync with head.
 1.16.6.1  22-Apr-2006  simonb Sync with head.
 1.16.4.1  09-Sep-2006  rpaulo sync with head
 1.16.2.1  02-Feb-2006  yamt adapt opencrypto.
 1.17.2.6  03-Sep-2006  yamt sync with head.
 1.17.2.5  11-Aug-2006  yamt sync with head
 1.17.2.4  24-May-2006  yamt sync with head.
 1.17.2.3  11-Apr-2006  yamt sync with head
 1.17.2.2  01-Apr-2006  yamt sync with head.
 1.17.2.1  13-Mar-2006  yamt sync with head.
 1.18.4.2  24-May-2006  tron Merge 2006-05-24 NetBSD-current into the "peter-altq" branch.
 1.18.4.1  28-Mar-2006  tron Merge 2006-03-28 NetBSD-current into the "peter-altq" branch.
 1.18.2.3  06-May-2006  christos - Move kauth_cred_t declaration to <sys/types.h>
- Cleanup struct ucred; forward declarations that are unused.
- Don't include <sys/kauth.h> in any header, but include it in the c files
that need it.

Approved by core.
 1.18.2.2  19-Apr-2006  elad sync with head.
 1.18.2.1  08-Mar-2006  elad Adapt to kernel authorization changes.
 1.23.4.2  10-Dec-2006  yamt sync with head.
 1.23.4.1  22-Oct-2006  yamt sync with head
 1.23.2.1  18-Nov-2006  ad Sync with head.
 1.25.4.1  12-Mar-2007  rmind Sync with HEAD.
 1.26.28.1  19-Jan-2008  bouyer Sync with HEAD
 1.26.22.1  18-Feb-2008  mjf Sync with HEAD.
 1.26.16.1  23-Mar-2008  matt sync with HEAD
 1.34.6.4  17-Jan-2009  mjf Sync with HEAD.
 1.34.6.3  02-Jun-2008  mjf Sync with HEAD.
 1.34.6.2  05-Apr-2008  mjf - add "file-system DEVFS" and "pseudo-device devfsctl" to conf/std seeing
as these are always needed.

- convert many, many drivers over to the New Devfs World Order. For a
list of device drivers yet to be converted see,
http://www.netbsd.org/~mjf/devfs-todo.html.

- add a new device_unregister_all(device_t) function to remove all device
names associated with a device_t, which saves us having to construct
device names when the driver is detached.

- add a DEV_AUDIO type for devices.
 1.34.6.1  03-Apr-2008  mjf Sync with HEAD.
 1.38.2.2  04-Jun-2008  yamt sync with head
 1.38.2.1  18-May-2008  yamt sync with head.
 1.39.2.4  11-Aug-2010  yamt sync with head.
 1.39.2.3  11-Mar-2010  yamt sync with head
 1.39.2.2  04-May-2009  yamt sync with head.
 1.39.2.1  16-May-2008  yamt sync with head.
 1.41.2.1  23-Jun-2008  wrstuden Sync w/ -current. 34 merge conflicts to follow.
 1.44.8.4  14-Feb-2010  bouyer Pull up following revision(s) (requested by hubertf in ticket #1291):
sys/opencrypto/cryptodev.c: revision 1.52
Add missing "break" for CRYPTO_CAST_CBC, and some assorted comment fixes.
openssl(1) checks for CAST (and others) on ~every startup.
 1.44.8.3  03-May-2009  snj Pull up following revision(s) (requested by tls in ticket #611):
sys/lib/libkern/Makefile: patch
sys/lib/libkern/crc32.c: revision 1.1
sys/lib/libkern/crc32.h: revision 1.1
sys/lib/libkern/libkern.h: revision 1.89
sys/lib/libkern/arch/i386/Makefile.inc: revision 1.28
sys/net/zlib.h: revision 1.14 via patch
sys/opencrypto/crypto.c: revision 1.33
sys/opencrypto/cryptodev.c: revision 1.46
sys/opencrypto/cryptodev.h: revision 1.16
sys/opencrypto/cryptosoft.c: revision 1.24
sys/opencrypto/cryptosoft.h: revision 1.6
sys/opencrypto/deflate.h: revision 1.6
sys/opencrypto/cryptosoft_xform.c: revision 1.12
sys/opencrypto/deflate.c: revision 1.13
sys/opencrypto/files.opencrypto: revision 1.20
sys/opencrypto/ocryptodev.c: revision 1.1
sys/opencrypto/ocryptodev.h: revision 1.1
sys/opencrypto/xform.c: revision 1.18
sys/opencrypto/xform.h: revision 1.10
Fixes PR kern/41069 and PR kern/41070.

Extends the Opencrypto API to allow the destination buffer size to be
specified when its not the same size as the input buffer (i.e. for
operations like compress and decompress).
The crypto_op and crypt_n_op structures gain a u_int dst_len field.
The session_op structure gains a comp_alg field to specify a compression
algorithm.
Moved four ioctls to new ids; CIOCGSESSION, CIOCNGSESSION, CIOCCRYPT,
and CIOCNCRYPTM.
Added four backward compatible ioctls; OCIOCGSESSION, OCIOCNGSESSION,
OCIOCCRYPT, and OCIOCNCRYPTM.

Backward compatibility is maintained in ocryptodev.h and ocryptodev.c which
implement the original ioctls and set dst_len and comp_alg to 0.

Adds user-space access to compression features.

Adds software gzip support (CRYPTO_GZIP_COMP).

Adds the fast version of crc32 from zlib to libkern. This should be generally
useful and provide a place to start normalizing the various crc32 routines
in the kernel. The crc32 routine is used in this patch to support GZIP.

With input and support from tls@NetBSD.org.
 1.44.8.2  04-Apr-2009  snj branches: 1.44.8.2.4;
Pull up following revision(s) (requested by ad in ticket #661):
sys/arch/xen/xen/xenevt.c: revision 1.32
sys/compat/svr4/svr4_net.c: revision 1.56
sys/compat/svr4_32/svr4_32_net.c: revision 1.19
sys/dev/dmover/dmover_io.c: revision 1.32
sys/dev/putter/putter.c: revision 1.21
sys/kern/kern_descrip.c: revision 1.190
sys/kern/kern_drvctl.c: revision 1.23
sys/kern/kern_event.c: revision 1.64
sys/kern/sys_mqueue.c: revision 1.14
sys/kern/sys_pipe.c: revision 1.109
sys/kern/sys_socket.c: revision 1.59
sys/kern/uipc_syscalls.c: revision 1.136
sys/kern/vfs_vnops.c: revision 1.164
sys/kern/uipc_socket.c: revision 1.188
sys/net/bpf.c: revision 1.144
sys/net/if_tap.c: revision 1.55
sys/opencrypto/cryptodev.c: revision 1.47
sys/sys/file.h: revision 1.67
sys/sys/param.h: patch
sys/sys/socketvar.h: revision 1.119
Add fileops::fo_drain(), to be called from fd_close() when there is more
than one active reference to a file descriptor. It should dislodge threads
sleeping while holding a reference to the descriptor. Implemented only for
sockets but should be extended to pipes, fifos, etc.
Fixes the case of a multithreaded process doing something like the
following, which would have hung until the process got a signal.
thr0 accept(fd, ...)
thr1 close(fd)
 1.44.8.1  20-Nov-2008  snj Pull up following revision(s) (requested by darran in ticket #92):
sys/opencrypto/cryptodev.c: revision 1.45
sys/sys/queue.h: revision 1.50
sys/opencrypto/cryptodev.h: revision 1.15
sys/opencrypto/crypto.c: revision 1.30
Fix a race condition in opencrypto where the crypto request could be
completed by the crypto device, queued on the retq, but freed by the
ioctl lwp. The problem manifests as various panics relating to the
condvar inside the request. The problem can occur whenever the crypto
device completes the request immediately and the ioctl skips the
cv_wait().
The problem can be reproduced by enabling cryptosoft and running an
openssl
speed test. E.g.
sysctl -w kern.cryptodevallowsoft=-1
openssl speed -engine cryptodev -evp des-ede3-cbc -multi 64
Add a macro for TAILQ_FOREACH_REVERSE_SAFE() to queue.h, since this
was missing and the opencrypto code removes requests from a list while
iterating with TAILQ_FOREACH_REVERSE().
Add missing cv_destroy() calls for the key request cleanup.
Reviewed by Thor Lancelot Simon.
 1.44.8.2.4.1  20-May-2011  matt bring matt-nb5-mips64 up to date with netbsd-5-1-RELEASE (except compat).
 1.44.6.2  28-Apr-2009  skrll Sync with HEAD.
 1.44.6.1  19-Jan-2009  skrll Sync with HEAD.
 1.44.4.1  13-Dec-2008  haad Update haad-dm branch to haad-dm-base2.
 1.45.4.1  13-May-2009  jym Sync with HEAD.

Commit is split, to avoid a "too many arguments" protocol error.
 1.52.4.3  12-Jun-2011  rmind sync with head
 1.52.4.2  31-May-2011  rmind sync with head
 1.52.4.1  05-Mar-2011  rmind sync with head
 1.52.2.1  17-Aug-2010  uebayasi Sync with HEAD.
 1.53.4.1  05-Mar-2011  bouyer Sync with HEAD
 1.53.2.1  06-Jun-2011  jruoho Sync with HEAD.
 1.66.2.1  23-Jun-2011  cherry Catchup with rmind-uvmplock merge.
 1.68.16.1  18-May-2014  rmind sync with head
 1.68.12.2  03-Dec-2017  jdolecek update from HEAD
 1.68.12.1  20-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.68.2.1  22-May-2014  yamt sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
 1.78.2.1  10-Aug-2014  tls Rebase.
 1.82.2.4  28-Aug-2017  skrll Sync with HEAD
 1.82.2.3  09-Jul-2016  skrll Sync with HEAD
 1.82.2.2  22-Sep-2015  skrll Sync with HEAD
 1.82.2.1  06-Apr-2015  skrll Sync with HEAD
 1.85.4.1  21-Apr-2017  bouyer Sync with HEAD
 1.85.2.4  26-Apr-2017  pgoyette Sync with HEAD
 1.85.2.3  26-Jul-2016  pgoyette Rename LOCALCOUNT_INITIALIZER to DEVSW_MODULE_INIT. This better describes
what we're doing, and why.
 1.85.2.2  19-Jul-2016  pgoyette Instead of repeatedly typing the conditional initialization of the
.d_localcount members in the various {b,c}devsw, define an initializer
macro and use it. This also removes the need for defining new symbols
for each 'struct localcount'.

As suggested by riastradh@
 1.85.2.1  18-Jul-2016  pgoyette Rump drivers are always installed via devsw_attach() so we need to
always allocate a 'struct localcount' for these drivers whenever they
are built as modules.
 1.89.2.4  19-May-2017  pgoyette Resolve conflicts from previous merge (all resulting from $NetBSD
keywork expansion)
 1.89.2.3  17-May-2017  pgoyette At suggestion of chuq@, modify config_attach_pseudo() to return with a
reference held on the device.

Adapt callers to expect the reference to exist, and to ensure that the
reference is released.
 1.89.2.2  29-Apr-2017  pgoyette Remove more unnecessary #include for sys/localcount.h
 1.89.2.1  27-Apr-2017  pgoyette Restore all work from the former pgoyette-localcount branch (which is
now abandoned doe to cvs merge botch).

The branch now builds, and installs via anita. There are still some
problems (cgd is non-functional and all atf tests time-out) but they
will get resolved soon.
 1.92.2.1  05-Jul-2017  snj Pull up following revision(s) (requested by knakahara in ticket #97):
sys/opencrypto/crypto.c: 1.87-1.91
sys/opencrypto/cryptodev.c: 1.93-1.95
sys/opencrypto/cryptodev.h: 1.37
sys/opencrypto/cryptosoft.c: 1.52
sys/rump/dev/lib/libopencrypto/opencrypto_component.c: 1.5
sanitize count used for kmem_alloc size.
Hmm, who uses CIOCNGSESSION, CIOCNFSESSION, CIOCNCRYPTM or CIOCNFKEYM?
--
sanitize in CIOCNCRYPTM and initialize comp_alg in CIOCNGSESSION
--
must release cap->cc_lock before calling cap->cc_newsession() because of spinlock.
--
refactor crypto_newsession() like FreeBSD.
--
support multiple encryption drivers (port from FreeBSD).
--
Divide crp_devflags from crp_flags to write exclusively.
CRYPTO_F_DQRETQ(new name is CRYPTODEV_F_RET) is used by cryptodev.c only.
It should be divided to other member.
--
Reduce crypto_ret_q_mtx lock regions.
crypto.c does not access the members of crp when the crp is in crp_q or
crp_ret_q. Furthermore, crp_q and crp_ret_q are protected by each mutex,
so the members of crp is not shared. That means crp_flags is not required
mutex in crypto.c.
--
fix cryptosoft.c:r1.51 mistake. swcrypto_attach() must not be called from module_init_class().
swcrypto_attach() will call softint_establish(), it must be called after cpus
attached. module_init_class() is too early to call softint_establish().
--
simplify mutex_enter/exit(crypto_q_mtx), and fix missing exit.
--
reduce rump waring message. pointed out by ozaki-r@n.o, thanks.
 1.98.4.4  21-Apr-2020  martin Sync with HEAD
 1.98.4.3  13-Apr-2020  martin Mostly merge changes from HEAD upto 20200411
 1.98.4.2  08-Apr-2020  martin Merge changes from current as of 20200406
 1.98.4.1  10-Jun-2019  christos Sync with HEAD
 1.98.2.11  22-Jan-2019  pgoyette Convert the MODULE_{,VOID_}HOOK_CALL macros to do everything in-line
rather than defining an intermediate hook##call function. Almost
all of the hooks are called only once, and although we lose the
ability of doing things like

if (MODULE_HOOK_CALL(...) == 0) ...

we simplify things quite a bit. With this change, we no longer need
to have both declaration and definition macros, and the definition
no longer needs to have both prototype argument list and a "real"
argument list.

FWIW, the above if now needs to written as

int ret;

MODULE_HOOK_CALL(..., ret);
if (ret == 0) ...

with appropriate use of braces {}.
 1.98.2.10  18-Jan-2019  pgoyette Don't restrict hooks to having only int or void types. Pass the hook's
type to the various macros, as needed.

Allows us to reduce diffs to original in at least one or two places (we
no longer have to provide an additional parameter to the hook routine
for returning a non-int return value).
 1.98.2.9  14-Jan-2019  pgoyette Create a variant of the HOOK macros that handles hook routines of
type void, and use them where appropriate.
 1.98.2.8  13-Jan-2019  pgoyette Remove the HOOK2 versions of the MODULE_HOOK macros. There were
only a few uses, and using them led to some lack of clarity in the
code. Instead, we now use two separate hooks, with names that
make it clear(er) what we're doing.

This also positions us to start unraveling some of the rtsock_50
mess, which will need (at least) five hooks.
 1.98.2.7  29-Sep-2018  pgoyette In MODULE_HOOK_CALL_DECL we don't need to provide the actual argument
list for calling the hook function, nor do we need to provide the
default value (for when the hook has not been set).
 1.98.2.6  23-Sep-2018  pgoyette Split the compat_crypto_50 from the rest of the crypto module

Cleanup some stuff left over from similar changes to raid modules.
 1.98.2.5  22-Sep-2018  pgoyette When the compat code needs to callback to the original code, we cannot
call directly via the routines' global symbols, since the original code
might not be built-in. So, the original code that calls compat code
needs to pass in the addresses of the callbacks. This allows for the
compat code to be built whether or not the original (calling) code is
included.

XXX Done for cryptodev, will need to do the same thing for ccd(4) and
XXX vnd(4)
 1.98.2.4  18-Sep-2018  pgoyette The COMPAT_HOOK macros were renamed to MODULE_HOOK, adjust all callers
 1.98.2.3  18-Sep-2018  pgoyette Split the COMPAT_CALL_HOOK to separate the declaration from the
implementation. Some hooks are called from multiple source files,
and the old method resulted in duplicate implementations.

Implement MP-safe hooks for the usb_subr_30 code. Pass the helper
functions as arguments to the compat code so it does not have to
determine if the kernel contains usb code.
 1.98.2.2  17-Sep-2018  pgoyette Adapt (most of) the indirect function pointers to the new MP-safe
mechanism. Still remaining are the compat_netbsd32 stuff, and
some usb subroutines.
 1.98.2.1  23-Mar-2018  pgoyette Handle the compat_50 stuff for opencrypto/cryptodev
 1.102.2.2  29-Feb-2020  ad Sync with head.
 1.102.2.1  17-Jan-2020  ad Sync with head.
 1.104.4.1  20-Apr-2020  bouyer Sync with HEAD
 1.125.10.1  02-Aug-2025  perseant Sync with HEAD

RSS XML Feed