crypto.c revision 1.85
1 /* $NetBSD: crypto.c,v 1.85 2017/06/06 18:08:23 christos Exp $ */ 2 /* $FreeBSD: src/sys/opencrypto/crypto.c,v 1.4.2.5 2003/02/26 00:14:05 sam Exp $ */ 3 /* $OpenBSD: crypto.c,v 1.41 2002/07/17 23:52:38 art Exp $ */ 4 5 /*- 6 * Copyright (c) 2008 The NetBSD Foundation, Inc. 7 * All rights reserved. 8 * 9 * This code is derived from software contributed to The NetBSD Foundation 10 * by Coyote Point Systems, Inc. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 23 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 25 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 29 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 31 * POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 /* 35 * The author of this code is Angelos D. Keromytis (angelos (at) cis.upenn.edu) 36 * 37 * This code was written by Angelos D. Keromytis in Athens, Greece, in 38 * February 2000. Network Security Technologies Inc. (NSTI) kindly 39 * supported the development of this code. 40 * 41 * Copyright (c) 2000, 2001 Angelos D. Keromytis 42 * 43 * Permission to use, copy, and modify this software with or without fee 44 * is hereby granted, provided that this entire notice is included in 45 * all source code copies of any software which is or includes a copy or 46 * modification of this software. 47 * 48 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 49 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 50 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 51 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 52 * PURPOSE. 53 */ 54 55 #include <sys/cdefs.h> 56 __KERNEL_RCSID(0, "$NetBSD: crypto.c,v 1.85 2017/06/06 18:08:23 christos Exp $"); 57 58 #include <sys/param.h> 59 #include <sys/reboot.h> 60 #include <sys/systm.h> 61 #include <sys/malloc.h> 62 #include <sys/proc.h> 63 #include <sys/pool.h> 64 #include <sys/kthread.h> 65 #include <sys/once.h> 66 #include <sys/sysctl.h> 67 #include <sys/intr.h> 68 #include <sys/errno.h> 69 #include <sys/module.h> 70 71 #if defined(_KERNEL_OPT) 72 #include "opt_ocf.h" 73 #endif 74 75 #include <opencrypto/cryptodev.h> 76 #include <opencrypto/xform.h> /* XXX for M_XDATA */ 77 78 static kmutex_t crypto_q_mtx; 79 static kmutex_t crypto_ret_q_mtx; 80 static kcondvar_t cryptoret_cv; 81 82 /* below are kludges for residual code wrtitten to FreeBSD interfaces */ 83 #define SWI_CRYPTO 17 84 #define register_swi(lvl, fn) \ 85 softint_establish(SOFTINT_NET|SOFTINT_MPSAFE, (void (*)(void *))fn, NULL) 86 #define unregister_swi(lvl, fn) softint_disestablish(softintr_cookie) 87 #define setsoftcrypto(x) \ 88 do{ \ 89 kpreempt_disable(); \ 90 softint_schedule(x); \ 91 kpreempt_enable(); \ 92 }while(0) 93 94 int crypto_ret_q_check(struct cryptop *); 95 96 /* 97 * Crypto drivers register themselves by allocating a slot in the 98 * crypto_drivers table with crypto_get_driverid() and then registering 99 * each algorithm they support with crypto_register() and crypto_kregister(). 100 */ 101 static kmutex_t crypto_drv_mtx; 102 /* Don't directly access crypto_drivers[i], use crypto_checkdriver(i). */ 103 static struct cryptocap *crypto_drivers; 104 static int crypto_drivers_num; 105 static void *softintr_cookie; 106 static int crypto_exit_flag; 107 108 /* 109 * There are two queues for crypto requests; one for symmetric (e.g. 110 * cipher) operations and one for asymmetric (e.g. MOD) operations. 111 * See below for how synchronization is handled. 112 */ 113 static TAILQ_HEAD(,cryptop) crp_q = /* request queues */ 114 TAILQ_HEAD_INITIALIZER(crp_q); 115 static TAILQ_HEAD(,cryptkop) crp_kq = 116 TAILQ_HEAD_INITIALIZER(crp_kq); 117 118 /* 119 * There are two queues for processing completed crypto requests; one 120 * for the symmetric and one for the asymmetric ops. We only need one 121 * but have two to avoid type futzing (cryptop vs. cryptkop). See below 122 * for how synchronization is handled. 123 */ 124 static TAILQ_HEAD(crprethead, cryptop) crp_ret_q = /* callback queues */ 125 TAILQ_HEAD_INITIALIZER(crp_ret_q); 126 static TAILQ_HEAD(krprethead, cryptkop) crp_ret_kq = 127 TAILQ_HEAD_INITIALIZER(crp_ret_kq); 128 129 #define DEFINIT_CRYPTO_Q_LEN(name) \ 130 static int crypto_##name##_len = 0 131 132 #define DEFINIT_CRYPTO_Q_DROPS(name) \ 133 static int crypto_##name##_drops = 0 134 135 #define DEFINIT_CRYPTO_Q_MAXLEN(name, defval) \ 136 static int crypto_##name##_maxlen = defval 137 138 #define CRYPTO_Q_INC(name) \ 139 do { \ 140 crypto_##name##_len++; \ 141 } while(0); 142 143 #define CRYPTO_Q_DEC(name) \ 144 do { \ 145 crypto_##name##_len--; \ 146 } while(0); 147 148 #define CRYPTO_Q_INC_DROPS(name) \ 149 do { \ 150 crypto_##name##_drops++; \ 151 } while(0); 152 153 #define CRYPTO_Q_IS_FULL(name) \ 154 (crypto_##name##_maxlen > 0 \ 155 && (crypto_##name##_len > crypto_##name##_maxlen)) 156 157 /* 158 * current queue length. 159 */ 160 DEFINIT_CRYPTO_Q_LEN(crp_ret_q); 161 DEFINIT_CRYPTO_Q_LEN(crp_ret_kq); 162 163 /* 164 * queue dropped count. 165 */ 166 DEFINIT_CRYPTO_Q_DROPS(crp_ret_q); 167 DEFINIT_CRYPTO_Q_DROPS(crp_ret_kq); 168 169 #ifndef CRYPTO_RET_Q_MAXLEN 170 #define CRYPTO_RET_Q_MAXLEN 0 171 #endif 172 #ifndef CRYPTO_RET_KQ_MAXLEN 173 #define CRYPTO_RET_KQ_MAXLEN 0 174 #endif 175 /* 176 * queue length limit. 177 * default value is 0. <=0 means unlimited. 178 */ 179 DEFINIT_CRYPTO_Q_MAXLEN(crp_ret_q, CRYPTO_RET_Q_MAXLEN); 180 DEFINIT_CRYPTO_Q_MAXLEN(crp_ret_kq, CRYPTO_RET_KQ_MAXLEN); 181 182 /* 183 * TODO: 184 * make percpu 185 */ 186 static int 187 sysctl_opencrypto_q_len(SYSCTLFN_ARGS) 188 { 189 int error; 190 191 error = sysctl_lookup(SYSCTLFN_CALL(rnode)); 192 if (error || newp == NULL) 193 return error; 194 195 return 0; 196 } 197 198 /* 199 * TODO: 200 * make percpu 201 */ 202 static int 203 sysctl_opencrypto_q_drops(SYSCTLFN_ARGS) 204 { 205 int error; 206 207 error = sysctl_lookup(SYSCTLFN_CALL(rnode)); 208 if (error || newp == NULL) 209 return error; 210 211 return 0; 212 } 213 214 /* 215 * need to make percpu? 216 */ 217 static int 218 sysctl_opencrypto_q_maxlen(SYSCTLFN_ARGS) 219 { 220 int error; 221 222 error = sysctl_lookup(SYSCTLFN_CALL(rnode)); 223 if (error || newp == NULL) 224 return error; 225 226 return 0; 227 } 228 229 /* 230 * Crypto op and desciptor data structures are allocated 231 * from separate private zones(FreeBSD)/pools(netBSD/OpenBSD) . 232 */ 233 struct pool cryptop_pool; 234 struct pool cryptodesc_pool; 235 struct pool cryptkop_pool; 236 237 int crypto_usercrypto = 1; /* userland may open /dev/crypto */ 238 int crypto_userasymcrypto = 1; /* userland may do asym crypto reqs */ 239 /* 240 * cryptodevallowsoft is (intended to be) sysctl'able, controlling 241 * access to hardware versus software transforms as below: 242 * 243 * crypto_devallowsoft < 0: Force userlevel requests to use software 244 * transforms, always 245 * crypto_devallowsoft = 0: Use hardware if present, grant userlevel 246 * requests for non-accelerated transforms 247 * (handling the latter in software) 248 * crypto_devallowsoft > 0: Allow user requests only for transforms which 249 * are hardware-accelerated. 250 */ 251 int crypto_devallowsoft = 1; /* only use hardware crypto */ 252 253 static void 254 sysctl_opencrypto_setup(struct sysctllog **clog) 255 { 256 const struct sysctlnode *ocnode; 257 const struct sysctlnode *retqnode, *retkqnode; 258 259 sysctl_createv(clog, 0, NULL, NULL, 260 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 261 CTLTYPE_INT, "usercrypto", 262 SYSCTL_DESCR("Enable/disable user-mode access to " 263 "crypto support"), 264 NULL, 0, &crypto_usercrypto, 0, 265 CTL_KERN, CTL_CREATE, CTL_EOL); 266 sysctl_createv(clog, 0, NULL, NULL, 267 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 268 CTLTYPE_INT, "userasymcrypto", 269 SYSCTL_DESCR("Enable/disable user-mode access to " 270 "asymmetric crypto support"), 271 NULL, 0, &crypto_userasymcrypto, 0, 272 CTL_KERN, CTL_CREATE, CTL_EOL); 273 sysctl_createv(clog, 0, NULL, NULL, 274 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 275 CTLTYPE_INT, "cryptodevallowsoft", 276 SYSCTL_DESCR("Enable/disable use of software " 277 "asymmetric crypto support"), 278 NULL, 0, &crypto_devallowsoft, 0, 279 CTL_KERN, CTL_CREATE, CTL_EOL); 280 281 sysctl_createv(clog, 0, NULL, &ocnode, 282 CTLFLAG_PERMANENT, 283 CTLTYPE_NODE, "opencrypto", 284 SYSCTL_DESCR("opencrypto related entries"), 285 NULL, 0, NULL, 0, 286 CTL_CREATE, CTL_EOL); 287 288 sysctl_createv(clog, 0, &ocnode, &retqnode, 289 CTLFLAG_PERMANENT, 290 CTLTYPE_NODE, "crypto_ret_q", 291 SYSCTL_DESCR("crypto_ret_q related entries"), 292 NULL, 0, NULL, 0, 293 CTL_CREATE, CTL_EOL); 294 sysctl_createv(clog, 0, &retqnode, NULL, 295 CTLFLAG_PERMANENT|CTLFLAG_READONLY, 296 CTLTYPE_INT, "len", 297 SYSCTL_DESCR("Current queue length"), 298 sysctl_opencrypto_q_len, 0, 299 (void *)&crypto_crp_ret_q_len, 0, 300 CTL_CREATE, CTL_EOL); 301 sysctl_createv(clog, 0, &retqnode, NULL, 302 CTLFLAG_PERMANENT|CTLFLAG_READONLY, 303 CTLTYPE_INT, "drops", 304 SYSCTL_DESCR("Crypto requests dropped due to full ret queue"), 305 sysctl_opencrypto_q_drops, 0, 306 (void *)&crypto_crp_ret_q_drops, 0, 307 CTL_CREATE, CTL_EOL); 308 sysctl_createv(clog, 0, &retqnode, NULL, 309 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 310 CTLTYPE_INT, "maxlen", 311 SYSCTL_DESCR("Maximum allowed queue length"), 312 sysctl_opencrypto_q_maxlen, 0, 313 (void *)&crypto_crp_ret_q_maxlen, 0, 314 CTL_CREATE, CTL_EOL); 315 316 sysctl_createv(clog, 0, &ocnode, &retkqnode, 317 CTLFLAG_PERMANENT, 318 CTLTYPE_NODE, "crypto_ret_kq", 319 SYSCTL_DESCR("crypto_ret_kq related entries"), 320 NULL, 0, NULL, 0, 321 CTL_CREATE, CTL_EOL); 322 sysctl_createv(clog, 0, &retkqnode, NULL, 323 CTLFLAG_PERMANENT|CTLFLAG_READONLY, 324 CTLTYPE_INT, "len", 325 SYSCTL_DESCR("Current queue length"), 326 sysctl_opencrypto_q_len, 0, 327 (void *)&crypto_crp_ret_kq_len, 0, 328 CTL_CREATE, CTL_EOL); 329 sysctl_createv(clog, 0, &retkqnode, NULL, 330 CTLFLAG_PERMANENT|CTLFLAG_READONLY, 331 CTLTYPE_INT, "drops", 332 SYSCTL_DESCR("Crypto requests dropped due to full ret queue"), 333 sysctl_opencrypto_q_drops, 0, 334 (void *)&crypto_crp_ret_kq_drops, 0, 335 CTL_CREATE, CTL_EOL); 336 sysctl_createv(clog, 0, &retkqnode, NULL, 337 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 338 CTLTYPE_INT, "maxlen", 339 SYSCTL_DESCR("Maximum allowed queue length"), 340 sysctl_opencrypto_q_maxlen, 0, 341 (void *)&crypto_crp_ret_kq_maxlen, 0, 342 CTL_CREATE, CTL_EOL); 343 } 344 345 MALLOC_DEFINE(M_CRYPTO_DATA, "crypto", "crypto session records"); 346 347 /* 348 * Synchronization: read carefully, this is non-trivial. 349 * 350 * Crypto requests are submitted via crypto_dispatch. Typically 351 * these come in from network protocols at spl0 (output path) or 352 * spl[,soft]net (input path). 353 * 354 * Requests are typically passed on the driver directly, but they 355 * may also be queued for processing by a software interrupt thread, 356 * cryptointr, that runs at splsoftcrypto. This thread dispatches 357 * the requests to crypto drivers (h/w or s/w) who call crypto_done 358 * when a request is complete. Hardware crypto drivers are assumed 359 * to register their IRQ's as network devices so their interrupt handlers 360 * and subsequent "done callbacks" happen at spl[imp,net]. 361 * 362 * Completed crypto ops are queued for a separate kernel thread that 363 * handles the callbacks at spl0. This decoupling insures the crypto 364 * driver interrupt service routine is not delayed while the callback 365 * takes place and that callbacks are delivered after a context switch 366 * (as opposed to a software interrupt that clients must block). 367 * 368 * This scheme is not intended for SMP machines. 369 */ 370 static void cryptointr(void); /* swi thread to dispatch ops */ 371 static void cryptoret(void); /* kernel thread for callbacks*/ 372 static struct lwp *cryptothread; 373 static int crypto_destroy(bool); 374 static int crypto_invoke(struct cryptop *crp, int hint); 375 static int crypto_kinvoke(struct cryptkop *krp, int hint); 376 377 static struct cryptocap *crypto_checkdriver_lock(u_int32_t); 378 static struct cryptocap *crypto_checkdriver_uninit(u_int32_t); 379 static void crypto_driver_lock(struct cryptocap *); 380 static void crypto_driver_unlock(struct cryptocap *); 381 static void crypto_driver_clear(struct cryptocap *); 382 383 static struct cryptostats cryptostats; 384 #ifdef CRYPTO_TIMING 385 static int crypto_timing = 0; 386 #endif 387 388 static struct sysctllog *sysctl_opencrypto_clog; 389 390 static int 391 crypto_init0(void) 392 { 393 int error; 394 395 mutex_init(&crypto_drv_mtx, MUTEX_DEFAULT, IPL_NONE); 396 mutex_init(&crypto_q_mtx, MUTEX_DEFAULT, IPL_NONE); 397 mutex_init(&crypto_ret_q_mtx, MUTEX_DEFAULT, IPL_NET); 398 cv_init(&cryptoret_cv, "crypto_w"); 399 pool_init(&cryptop_pool, sizeof(struct cryptop), 0, 0, 400 0, "cryptop", NULL, IPL_NET); 401 pool_init(&cryptodesc_pool, sizeof(struct cryptodesc), 0, 0, 402 0, "cryptodesc", NULL, IPL_NET); 403 pool_init(&cryptkop_pool, sizeof(struct cryptkop), 0, 0, 404 0, "cryptkop", NULL, IPL_NET); 405 406 crypto_drivers = malloc(CRYPTO_DRIVERS_INITIAL * 407 sizeof(struct cryptocap), M_CRYPTO_DATA, M_NOWAIT | M_ZERO); 408 if (crypto_drivers == NULL) { 409 printf("crypto_init: cannot malloc driver table\n"); 410 return ENOMEM; 411 } 412 crypto_drivers_num = CRYPTO_DRIVERS_INITIAL; 413 414 softintr_cookie = register_swi(SWI_CRYPTO, cryptointr); 415 error = kthread_create(PRI_NONE, KTHREAD_MPSAFE, NULL, 416 (void (*)(void *))cryptoret, NULL, &cryptothread, "cryptoret"); 417 if (error) { 418 printf("crypto_init: cannot start cryptoret thread; error %d", 419 error); 420 return crypto_destroy(false); 421 } 422 423 sysctl_opencrypto_setup(&sysctl_opencrypto_clog); 424 425 return 0; 426 } 427 428 int 429 crypto_init(void) 430 { 431 static ONCE_DECL(crypto_init_once); 432 433 return RUN_ONCE(&crypto_init_once, crypto_init0); 434 } 435 436 static int 437 crypto_destroy(bool exit_kthread) 438 { 439 int i; 440 441 if (exit_kthread) { 442 struct cryptocap *cap = NULL; 443 444 /* if we have any in-progress requests, don't unload */ 445 mutex_enter(&crypto_q_mtx); 446 if (!TAILQ_EMPTY(&crp_q) || !TAILQ_EMPTY(&crp_kq)) { 447 mutex_exit(&crypto_q_mtx); 448 return EBUSY; 449 } 450 mutex_exit(&crypto_q_mtx); 451 /* FIXME: 452 * prohibit enqueue to crp_q and crp_kq after here. 453 */ 454 455 mutex_enter(&crypto_drv_mtx); 456 for (i = 0; i < crypto_drivers_num; i++) { 457 cap = crypto_checkdriver_uninit(i); 458 if (cap == NULL) 459 continue; 460 if (cap->cc_sessions != 0) { 461 mutex_exit(&crypto_drv_mtx); 462 return EBUSY; 463 } 464 } 465 mutex_exit(&crypto_drv_mtx); 466 /* FIXME: 467 * prohibit touch crypto_drivers[] and each element after here. 468 */ 469 470 mutex_spin_enter(&crypto_ret_q_mtx); 471 /* kick the cryptoret thread and wait for it to exit */ 472 crypto_exit_flag = 1; 473 cv_signal(&cryptoret_cv); 474 475 while (crypto_exit_flag != 0) 476 cv_wait(&cryptoret_cv, &crypto_ret_q_mtx); 477 mutex_spin_exit(&crypto_ret_q_mtx); 478 } 479 480 if (sysctl_opencrypto_clog != NULL) 481 sysctl_teardown(&sysctl_opencrypto_clog); 482 483 unregister_swi(SWI_CRYPTO, cryptointr); 484 485 mutex_enter(&crypto_drv_mtx); 486 if (crypto_drivers != NULL) 487 free(crypto_drivers, M_CRYPTO_DATA); 488 mutex_exit(&crypto_drv_mtx); 489 490 pool_destroy(&cryptop_pool); 491 pool_destroy(&cryptodesc_pool); 492 pool_destroy(&cryptkop_pool); 493 494 cv_destroy(&cryptoret_cv); 495 496 mutex_destroy(&crypto_ret_q_mtx); 497 mutex_destroy(&crypto_q_mtx); 498 mutex_destroy(&crypto_drv_mtx); 499 500 return 0; 501 } 502 503 /* 504 * Create a new session. 505 */ 506 int 507 crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard) 508 { 509 struct cryptoini *cr; 510 struct cryptocap *cap; 511 u_int32_t hid, lid; 512 int err = EINVAL; 513 514 mutex_enter(&crypto_drv_mtx); 515 516 /* 517 * The algorithm we use here is pretty stupid; just use the 518 * first driver that supports all the algorithms we need. 519 * 520 * XXX We need more smarts here (in real life too, but that's 521 * XXX another story altogether). 522 */ 523 524 for (hid = 0; hid < crypto_drivers_num; hid++) { 525 cap = crypto_checkdriver_uninit(hid); 526 if (cap == NULL) 527 continue; 528 529 crypto_driver_lock(cap); 530 531 /* 532 * If it's not initialized or has remaining sessions 533 * referencing it, skip. 534 */ 535 if (cap->cc_newsession == NULL || 536 (cap->cc_flags & CRYPTOCAP_F_CLEANUP)) { 537 crypto_driver_unlock(cap); 538 continue; 539 } 540 541 /* Hardware required -- ignore software drivers. */ 542 if (hard > 0 && (cap->cc_flags & CRYPTOCAP_F_SOFTWARE)) { 543 crypto_driver_unlock(cap); 544 continue; 545 } 546 /* Software required -- ignore hardware drivers. */ 547 if (hard < 0 && (cap->cc_flags & CRYPTOCAP_F_SOFTWARE) == 0) { 548 crypto_driver_unlock(cap); 549 continue; 550 } 551 552 /* See if all the algorithms are supported. */ 553 for (cr = cri; cr; cr = cr->cri_next) 554 if (cap->cc_alg[cr->cri_alg] == 0) { 555 DPRINTF("alg %d not supported\n", cr->cri_alg); 556 break; 557 } 558 559 if (cr == NULL) { 560 /* Ok, all algorithms are supported. */ 561 562 /* 563 * Can't do everything in one session. 564 * 565 * XXX Fix this. We need to inject a "virtual" session layer right 566 * XXX about here. 567 */ 568 569 /* Call the driver initialization routine. */ 570 lid = hid; /* Pass the driver ID. */ 571 err = cap->cc_newsession(cap->cc_arg, &lid, cri); 572 if (err == 0) { 573 (*sid) = hid; 574 (*sid) <<= 32; 575 (*sid) |= (lid & 0xffffffff); 576 (cap->cc_sessions)++; 577 } else { 578 DPRINTF("crypto_drivers[%d].cc_newsession() failed. error=%d\n", 579 hid, err); 580 } 581 crypto_driver_unlock(cap); 582 goto done; 583 /*break;*/ 584 } 585 586 crypto_driver_unlock(cap); 587 } 588 done: 589 mutex_exit(&crypto_drv_mtx); 590 return err; 591 } 592 593 /* 594 * Delete an existing session (or a reserved session on an unregistered 595 * driver). 596 */ 597 int 598 crypto_freesession(u_int64_t sid) 599 { 600 struct cryptocap *cap; 601 int err = 0; 602 603 /* Determine two IDs. */ 604 cap = crypto_checkdriver_lock(CRYPTO_SESID2HID(sid)); 605 if (cap == NULL) 606 return ENOENT; 607 608 if (cap->cc_sessions) 609 (cap->cc_sessions)--; 610 611 /* Call the driver cleanup routine, if available. */ 612 if (cap->cc_freesession) 613 err = cap->cc_freesession(cap->cc_arg, sid); 614 else 615 err = 0; 616 617 /* 618 * If this was the last session of a driver marked as invalid, 619 * make the entry available for reuse. 620 */ 621 if ((cap->cc_flags & CRYPTOCAP_F_CLEANUP) && cap->cc_sessions == 0) 622 crypto_driver_clear(cap); 623 624 crypto_driver_unlock(cap); 625 return err; 626 } 627 628 /* 629 * Return an unused driver id. Used by drivers prior to registering 630 * support for the algorithms they handle. 631 */ 632 int32_t 633 crypto_get_driverid(u_int32_t flags) 634 { 635 struct cryptocap *newdrv; 636 struct cryptocap *cap = NULL; 637 int i; 638 639 (void)crypto_init(); /* XXX oh, this is foul! */ 640 641 mutex_enter(&crypto_drv_mtx); 642 for (i = 0; i < crypto_drivers_num; i++) { 643 cap = crypto_checkdriver_uninit(i); 644 if (cap == NULL) 645 continue; 646 if (cap->cc_process == NULL && 647 (cap->cc_flags & CRYPTOCAP_F_CLEANUP) == 0 && 648 cap->cc_sessions == 0) 649 break; 650 } 651 652 /* Out of entries, allocate some more. */ 653 if (cap == NULL) { 654 /* Be careful about wrap-around. */ 655 if (2 * crypto_drivers_num <= crypto_drivers_num) { 656 mutex_exit(&crypto_drv_mtx); 657 printf("crypto: driver count wraparound!\n"); 658 return -1; 659 } 660 661 newdrv = malloc(2 * crypto_drivers_num * 662 sizeof(struct cryptocap), M_CRYPTO_DATA, M_NOWAIT|M_ZERO); 663 if (newdrv == NULL) { 664 mutex_exit(&crypto_drv_mtx); 665 printf("crypto: no space to expand driver table!\n"); 666 return -1; 667 } 668 669 memcpy(newdrv, crypto_drivers, 670 crypto_drivers_num * sizeof(struct cryptocap)); 671 672 crypto_drivers_num *= 2; 673 674 free(crypto_drivers, M_CRYPTO_DATA); 675 crypto_drivers = newdrv; 676 677 cap = crypto_checkdriver_uninit(i); 678 KASSERT(cap != NULL); 679 } 680 681 /* NB: state is zero'd on free */ 682 cap->cc_sessions = 1; /* Mark */ 683 cap->cc_flags = flags; 684 mutex_init(&cap->cc_lock, MUTEX_DEFAULT, IPL_NET); 685 686 if (bootverbose) 687 printf("crypto: assign driver %u, flags %u\n", i, flags); 688 689 mutex_exit(&crypto_drv_mtx); 690 691 return i; 692 } 693 694 static struct cryptocap * 695 crypto_checkdriver_lock(u_int32_t hid) 696 { 697 struct cryptocap *cap; 698 699 KASSERT(crypto_drivers != NULL); 700 701 if (hid >= crypto_drivers_num) 702 return NULL; 703 704 cap = &crypto_drivers[hid]; 705 mutex_enter(&cap->cc_lock); 706 return cap; 707 } 708 709 /* 710 * Use crypto_checkdriver_uninit() instead of crypto_checkdriver() below two 711 * situations 712 * - crypto_drivers[] may not be allocated 713 * - crypto_drivers[hid] may not be initialized 714 */ 715 static struct cryptocap * 716 crypto_checkdriver_uninit(u_int32_t hid) 717 { 718 719 KASSERT(mutex_owned(&crypto_drv_mtx)); 720 721 if (crypto_drivers == NULL) 722 return NULL; 723 724 return (hid >= crypto_drivers_num ? NULL : &crypto_drivers[hid]); 725 } 726 727 static inline void 728 crypto_driver_lock(struct cryptocap *cap) 729 { 730 731 KASSERT(cap != NULL); 732 733 mutex_enter(&cap->cc_lock); 734 } 735 736 static inline void 737 crypto_driver_unlock(struct cryptocap *cap) 738 { 739 740 KASSERT(cap != NULL); 741 742 mutex_exit(&cap->cc_lock); 743 } 744 745 static void 746 crypto_driver_clear(struct cryptocap *cap) 747 { 748 749 if (cap == NULL) 750 return; 751 752 KASSERT(mutex_owned(&cap->cc_lock)); 753 754 cap->cc_sessions = 0; 755 memset(&cap->cc_max_op_len, 0, sizeof(cap->cc_max_op_len)); 756 memset(&cap->cc_alg, 0, sizeof(cap->cc_alg)); 757 memset(&cap->cc_kalg, 0, sizeof(cap->cc_kalg)); 758 cap->cc_flags = 0; 759 cap->cc_qblocked = 0; 760 cap->cc_kqblocked = 0; 761 762 cap->cc_arg = NULL; 763 cap->cc_newsession = NULL; 764 cap->cc_process = NULL; 765 cap->cc_freesession = NULL; 766 cap->cc_kprocess = NULL; 767 } 768 769 /* 770 * Register support for a key-related algorithm. This routine 771 * is called once for each algorithm supported a driver. 772 */ 773 int 774 crypto_kregister(u_int32_t driverid, int kalg, u_int32_t flags, 775 int (*kprocess)(void *, struct cryptkop *, int), 776 void *karg) 777 { 778 struct cryptocap *cap; 779 int err; 780 781 mutex_enter(&crypto_drv_mtx); 782 783 cap = crypto_checkdriver_lock(driverid); 784 if (cap != NULL && 785 (CRK_ALGORITM_MIN <= kalg && kalg <= CRK_ALGORITHM_MAX)) { 786 /* 787 * XXX Do some performance testing to determine placing. 788 * XXX We probably need an auxiliary data structure that 789 * XXX describes relative performances. 790 */ 791 792 cap->cc_kalg[kalg] = flags | CRYPTO_ALG_FLAG_SUPPORTED; 793 if (bootverbose) { 794 printf("crypto: driver %u registers key alg %u " 795 " flags %u\n", 796 driverid, 797 kalg, 798 flags 799 ); 800 } 801 802 if (cap->cc_kprocess == NULL) { 803 cap->cc_karg = karg; 804 cap->cc_kprocess = kprocess; 805 } 806 err = 0; 807 } else 808 err = EINVAL; 809 810 mutex_exit(&crypto_drv_mtx); 811 return err; 812 } 813 814 /* 815 * Register support for a non-key-related algorithm. This routine 816 * is called once for each such algorithm supported by a driver. 817 */ 818 int 819 crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen, 820 u_int32_t flags, 821 int (*newses)(void *, u_int32_t*, struct cryptoini*), 822 int (*freeses)(void *, u_int64_t), 823 int (*process)(void *, struct cryptop *, int), 824 void *arg) 825 { 826 struct cryptocap *cap; 827 int err; 828 829 cap = crypto_checkdriver_lock(driverid); 830 if (cap == NULL) 831 return EINVAL; 832 833 /* NB: algorithms are in the range [1..max] */ 834 if (CRYPTO_ALGORITHM_MIN <= alg && alg <= CRYPTO_ALGORITHM_MAX) { 835 /* 836 * XXX Do some performance testing to determine placing. 837 * XXX We probably need an auxiliary data structure that 838 * XXX describes relative performances. 839 */ 840 841 cap->cc_alg[alg] = flags | CRYPTO_ALG_FLAG_SUPPORTED; 842 cap->cc_max_op_len[alg] = maxoplen; 843 if (bootverbose) { 844 printf("crypto: driver %u registers alg %u " 845 "flags %u maxoplen %u\n", 846 driverid, 847 alg, 848 flags, 849 maxoplen 850 ); 851 } 852 853 if (cap->cc_process == NULL) { 854 cap->cc_arg = arg; 855 cap->cc_newsession = newses; 856 cap->cc_process = process; 857 cap->cc_freesession = freeses; 858 cap->cc_sessions = 0; /* Unmark */ 859 } 860 err = 0; 861 } else 862 err = EINVAL; 863 864 crypto_driver_unlock(cap); 865 866 return err; 867 } 868 869 static int 870 crypto_unregister_locked(struct cryptocap *cap, int alg, bool all) 871 { 872 int i; 873 u_int32_t ses; 874 bool lastalg = true; 875 876 KASSERT(cap != NULL); 877 KASSERT(mutex_owned(&cap->cc_lock)); 878 879 if (alg < CRYPTO_ALGORITHM_MIN || CRYPTO_ALGORITHM_MAX < alg) 880 return EINVAL; 881 882 if (!all && cap->cc_alg[alg] == 0) 883 return EINVAL; 884 885 cap->cc_alg[alg] = 0; 886 cap->cc_max_op_len[alg] = 0; 887 888 if (all) { 889 if (alg != CRYPTO_ALGORITHM_MAX) 890 lastalg = false; 891 } else { 892 /* Was this the last algorithm ? */ 893 for (i = CRYPTO_ALGORITHM_MIN; i <= CRYPTO_ALGORITHM_MAX; i++) 894 if (cap->cc_alg[i] != 0) { 895 lastalg = false; 896 break; 897 } 898 } 899 if (lastalg) { 900 ses = cap->cc_sessions; 901 crypto_driver_clear(cap); 902 if (ses != 0) { 903 /* 904 * If there are pending sessions, just mark as invalid. 905 */ 906 cap->cc_flags |= CRYPTOCAP_F_CLEANUP; 907 cap->cc_sessions = ses; 908 } 909 } 910 911 return 0; 912 } 913 914 /* 915 * Unregister a crypto driver. If there are pending sessions using it, 916 * leave enough information around so that subsequent calls using those 917 * sessions will correctly detect the driver has been unregistered and 918 * reroute requests. 919 */ 920 int 921 crypto_unregister(u_int32_t driverid, int alg) 922 { 923 int err; 924 struct cryptocap *cap; 925 926 cap = crypto_checkdriver_lock(driverid); 927 err = crypto_unregister_locked(cap, alg, false); 928 crypto_driver_unlock(cap); 929 930 return err; 931 } 932 933 /* 934 * Unregister all algorithms associated with a crypto driver. 935 * If there are pending sessions using it, leave enough information 936 * around so that subsequent calls using those sessions will 937 * correctly detect the driver has been unregistered and reroute 938 * requests. 939 */ 940 int 941 crypto_unregister_all(u_int32_t driverid) 942 { 943 int err, i; 944 struct cryptocap *cap; 945 946 cap = crypto_checkdriver_lock(driverid); 947 for (i = CRYPTO_ALGORITHM_MIN; i <= CRYPTO_ALGORITHM_MAX; i++) { 948 err = crypto_unregister_locked(cap, i, true); 949 if (err) 950 break; 951 } 952 crypto_driver_unlock(cap); 953 954 return err; 955 } 956 957 /* 958 * Clear blockage on a driver. The what parameter indicates whether 959 * the driver is now ready for cryptop's and/or cryptokop's. 960 */ 961 int 962 crypto_unblock(u_int32_t driverid, int what) 963 { 964 struct cryptocap *cap; 965 int needwakeup = 0; 966 967 cap = crypto_checkdriver_lock(driverid); 968 if (cap == NULL) 969 return EINVAL; 970 971 if (what & CRYPTO_SYMQ) { 972 needwakeup |= cap->cc_qblocked; 973 cap->cc_qblocked = 0; 974 } 975 if (what & CRYPTO_ASYMQ) { 976 needwakeup |= cap->cc_kqblocked; 977 cap->cc_kqblocked = 0; 978 } 979 crypto_driver_unlock(cap); 980 if (needwakeup) 981 setsoftcrypto(softintr_cookie); 982 983 return 0; 984 } 985 986 /* 987 * Dispatch a crypto request to a driver or queue 988 * it, to be processed by the kernel thread. 989 */ 990 int 991 crypto_dispatch(struct cryptop *crp) 992 { 993 int result; 994 struct cryptocap *cap; 995 996 KASSERT(crp != NULL); 997 998 DPRINTF("crp %p, alg %d\n", crp, crp->crp_desc->crd_alg); 999 1000 cryptostats.cs_ops++; 1001 1002 #ifdef CRYPTO_TIMING 1003 if (crypto_timing) 1004 nanouptime(&crp->crp_tstamp); 1005 #endif 1006 1007 if ((crp->crp_flags & CRYPTO_F_BATCH) != 0) { 1008 int wasempty; 1009 /* 1010 * Caller marked the request as ``ok to delay''; 1011 * queue it for the swi thread. This is desirable 1012 * when the operation is low priority and/or suitable 1013 * for batching. 1014 * 1015 * don't care list order in batch job. 1016 */ 1017 mutex_enter(&crypto_q_mtx); 1018 wasempty = TAILQ_EMPTY(&crp_q); 1019 TAILQ_INSERT_TAIL(&crp_q, crp, crp_next); 1020 mutex_exit(&crypto_q_mtx); 1021 if (wasempty) 1022 setsoftcrypto(softintr_cookie); 1023 1024 return 0; 1025 } 1026 1027 mutex_enter(&crypto_q_mtx); 1028 cap = crypto_checkdriver_lock(CRYPTO_SESID2HID(crp->crp_sid)); 1029 /* 1030 * TODO: 1031 * If we can ensure the driver has been valid until the driver is 1032 * done crypto_unregister(), this migrate operation is not required. 1033 */ 1034 if (cap == NULL) { 1035 /* 1036 * The driver must be detached, so this request will migrate 1037 * to other drivers in cryptointr() later. 1038 */ 1039 TAILQ_INSERT_TAIL(&crp_q, crp, crp_next); 1040 mutex_exit(&crypto_q_mtx); 1041 return 0; 1042 } 1043 1044 if (cap->cc_qblocked != 0) { 1045 crypto_driver_unlock(cap); 1046 /* 1047 * The driver is blocked, just queue the op until 1048 * it unblocks and the swi thread gets kicked. 1049 */ 1050 TAILQ_INSERT_TAIL(&crp_q, crp, crp_next); 1051 mutex_exit(&crypto_q_mtx); 1052 return 0; 1053 } 1054 1055 /* 1056 * Caller marked the request to be processed 1057 * immediately; dispatch it directly to the 1058 * driver unless the driver is currently blocked. 1059 */ 1060 crypto_driver_unlock(cap); 1061 result = crypto_invoke(crp, 0); 1062 if (result == ERESTART) { 1063 /* 1064 * The driver ran out of resources, mark the 1065 * driver ``blocked'' for cryptop's and put 1066 * the op on the queue. 1067 */ 1068 crypto_driver_lock(cap); 1069 cap->cc_qblocked = 1; 1070 crypto_driver_unlock(cap); 1071 TAILQ_INSERT_HEAD(&crp_q, crp, crp_next); 1072 cryptostats.cs_blocks++; 1073 1074 /* 1075 * The crp is enqueued to crp_q, that is, 1076 * no error occurs. So, this function should 1077 * not return error. 1078 */ 1079 result = 0; 1080 } 1081 1082 mutex_exit(&crypto_q_mtx); 1083 return result; 1084 } 1085 1086 /* 1087 * Add an asymetric crypto request to a queue, 1088 * to be processed by the kernel thread. 1089 */ 1090 int 1091 crypto_kdispatch(struct cryptkop *krp) 1092 { 1093 struct cryptocap *cap; 1094 int result; 1095 1096 KASSERT(krp != NULL); 1097 1098 cryptostats.cs_kops++; 1099 1100 mutex_enter(&crypto_q_mtx); 1101 cap = crypto_checkdriver_lock(krp->krp_hid); 1102 /* 1103 * TODO: 1104 * If we can ensure the driver has been valid until the driver is 1105 * done crypto_unregister(), this migrate operation is not required. 1106 */ 1107 if (cap == NULL) { 1108 TAILQ_INSERT_TAIL(&crp_kq, krp, krp_next); 1109 mutex_exit(&crypto_q_mtx); 1110 return 0; 1111 } 1112 1113 if (cap->cc_kqblocked != 0) { 1114 crypto_driver_unlock(cap); 1115 /* 1116 * The driver is blocked, just queue the op until 1117 * it unblocks and the swi thread gets kicked. 1118 */ 1119 TAILQ_INSERT_TAIL(&crp_kq, krp, krp_next); 1120 mutex_exit(&crypto_q_mtx); 1121 return 0; 1122 } 1123 1124 crypto_driver_unlock(cap); 1125 result = crypto_kinvoke(krp, 0); 1126 if (result == ERESTART) { 1127 /* 1128 * The driver ran out of resources, mark the 1129 * driver ``blocked'' for cryptop's and put 1130 * the op on the queue. 1131 */ 1132 crypto_driver_lock(cap); 1133 cap->cc_kqblocked = 1; 1134 crypto_driver_unlock(cap); 1135 TAILQ_INSERT_HEAD(&crp_kq, krp, krp_next); 1136 cryptostats.cs_kblocks++; 1137 mutex_exit(&crypto_q_mtx); 1138 1139 /* 1140 * The krp is enqueued to crp_kq, that is, 1141 * no error occurs. So, this function should 1142 * not return error. 1143 */ 1144 result = 0; 1145 } 1146 1147 return result; 1148 } 1149 1150 /* 1151 * Dispatch an assymetric crypto request to the appropriate crypto devices. 1152 */ 1153 static int 1154 crypto_kinvoke(struct cryptkop *krp, int hint) 1155 { 1156 struct cryptocap *cap = NULL; 1157 u_int32_t hid; 1158 int error; 1159 1160 KASSERT(krp != NULL); 1161 1162 /* Sanity checks. */ 1163 if (krp->krp_callback == NULL) { 1164 cv_destroy(&krp->krp_cv); 1165 crypto_kfreereq(krp); 1166 return EINVAL; 1167 } 1168 1169 mutex_enter(&crypto_drv_mtx); 1170 for (hid = 0; hid < crypto_drivers_num; hid++) { 1171 cap = crypto_checkdriver_uninit(hid); 1172 if (cap == NULL) 1173 continue; 1174 crypto_driver_lock(cap); 1175 if ((cap->cc_flags & CRYPTOCAP_F_SOFTWARE) && 1176 crypto_devallowsoft == 0) { 1177 crypto_driver_unlock(cap); 1178 continue; 1179 } 1180 if (cap->cc_kprocess == NULL) { 1181 crypto_driver_unlock(cap); 1182 continue; 1183 } 1184 if ((cap->cc_kalg[krp->krp_op] & 1185 CRYPTO_ALG_FLAG_SUPPORTED) == 0) { 1186 crypto_driver_unlock(cap); 1187 continue; 1188 } 1189 break; 1190 } 1191 mutex_exit(&crypto_drv_mtx); 1192 if (cap != NULL) { 1193 int (*process)(void *, struct cryptkop *, int); 1194 void *arg; 1195 1196 process = cap->cc_kprocess; 1197 arg = cap->cc_karg; 1198 krp->krp_hid = hid; 1199 crypto_driver_unlock(cap); 1200 error = (*process)(arg, krp, hint); 1201 } else { 1202 error = ENODEV; 1203 } 1204 1205 if (error) { 1206 krp->krp_status = error; 1207 crypto_kdone(krp); 1208 } 1209 return 0; 1210 } 1211 1212 #ifdef CRYPTO_TIMING 1213 static void 1214 crypto_tstat(struct cryptotstat *ts, struct timespec *tv) 1215 { 1216 struct timespec now, t; 1217 1218 nanouptime(&now); 1219 t.tv_sec = now.tv_sec - tv->tv_sec; 1220 t.tv_nsec = now.tv_nsec - tv->tv_nsec; 1221 if (t.tv_nsec < 0) { 1222 t.tv_sec--; 1223 t.tv_nsec += 1000000000; 1224 } 1225 timespecadd(&ts->acc, &t, &t); 1226 if (timespeccmp(&t, &ts->min, <)) 1227 ts->min = t; 1228 if (timespeccmp(&t, &ts->max, >)) 1229 ts->max = t; 1230 ts->count++; 1231 1232 *tv = now; 1233 } 1234 #endif 1235 1236 /* 1237 * Dispatch a crypto request to the appropriate crypto devices. 1238 */ 1239 static int 1240 crypto_invoke(struct cryptop *crp, int hint) 1241 { 1242 struct cryptocap *cap; 1243 1244 KASSERT(crp != NULL); 1245 1246 #ifdef CRYPTO_TIMING 1247 if (crypto_timing) 1248 crypto_tstat(&cryptostats.cs_invoke, &crp->crp_tstamp); 1249 #endif 1250 /* Sanity checks. */ 1251 if (crp->crp_callback == NULL) { 1252 return EINVAL; 1253 } 1254 if (crp->crp_desc == NULL) { 1255 crp->crp_etype = EINVAL; 1256 crypto_done(crp); 1257 return 0; 1258 } 1259 1260 cap = crypto_checkdriver_lock(CRYPTO_SESID2HID(crp->crp_sid)); 1261 if (cap != NULL && (cap->cc_flags & CRYPTOCAP_F_CLEANUP) == 0) { 1262 int (*process)(void *, struct cryptop *, int); 1263 void *arg; 1264 1265 process = cap->cc_process; 1266 arg = cap->cc_arg; 1267 1268 /* 1269 * Invoke the driver to process the request. 1270 */ 1271 DPRINTF("calling process for %p\n", crp); 1272 crypto_driver_unlock(cap); 1273 return (*process)(arg, crp, hint); 1274 } else { 1275 struct cryptodesc *crd; 1276 u_int64_t nid = 0; 1277 1278 if (cap != NULL) 1279 crypto_driver_unlock(cap); 1280 1281 /* 1282 * Driver has unregistered; migrate the session and return 1283 * an error to the caller so they'll resubmit the op. 1284 */ 1285 crypto_freesession(crp->crp_sid); 1286 1287 for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next) 1288 crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI); 1289 1290 if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI), 0) == 0) 1291 crp->crp_sid = nid; 1292 1293 crp->crp_etype = EAGAIN; 1294 1295 crypto_done(crp); 1296 return 0; 1297 } 1298 } 1299 1300 /* 1301 * Release a set of crypto descriptors. 1302 */ 1303 void 1304 crypto_freereq(struct cryptop *crp) 1305 { 1306 struct cryptodesc *crd; 1307 1308 if (crp == NULL) 1309 return; 1310 DPRINTF("lid[%u]: crp %p\n", CRYPTO_SESID2LID(crp->crp_sid), crp); 1311 1312 /* sanity check */ 1313 if (crp->crp_flags & CRYPTO_F_ONRETQ) { 1314 panic("crypto_freereq() freeing crp on RETQ\n"); 1315 } 1316 1317 while ((crd = crp->crp_desc) != NULL) { 1318 crp->crp_desc = crd->crd_next; 1319 pool_put(&cryptodesc_pool, crd); 1320 } 1321 pool_put(&cryptop_pool, crp); 1322 } 1323 1324 /* 1325 * Acquire a set of crypto descriptors. 1326 */ 1327 struct cryptop * 1328 crypto_getreq(int num) 1329 { 1330 struct cryptodesc *crd; 1331 struct cryptop *crp; 1332 1333 /* 1334 * When crp_ret_q is full, we restrict here to avoid crp_ret_q overflow 1335 * by error callback. 1336 */ 1337 if (CRYPTO_Q_IS_FULL(crp_ret_q)) { 1338 CRYPTO_Q_INC_DROPS(crp_ret_q); 1339 return NULL; 1340 } 1341 1342 crp = pool_get(&cryptop_pool, 0); 1343 if (crp == NULL) { 1344 return NULL; 1345 } 1346 memset(crp, 0, sizeof(struct cryptop)); 1347 1348 while (num--) { 1349 crd = pool_get(&cryptodesc_pool, 0); 1350 if (crd == NULL) { 1351 crypto_freereq(crp); 1352 return NULL; 1353 } 1354 1355 memset(crd, 0, sizeof(struct cryptodesc)); 1356 crd->crd_next = crp->crp_desc; 1357 crp->crp_desc = crd; 1358 } 1359 1360 return crp; 1361 } 1362 1363 /* 1364 * Release a set of asymmetric crypto descriptors. 1365 * Currently, support one descriptor only. 1366 */ 1367 void 1368 crypto_kfreereq(struct cryptkop *krp) 1369 { 1370 1371 if (krp == NULL) 1372 return; 1373 1374 DPRINTF("krp %p\n", krp); 1375 1376 /* sanity check */ 1377 if (krp->krp_flags & CRYPTO_F_ONRETQ) { 1378 panic("crypto_kfreereq() freeing krp on RETQ\n"); 1379 } 1380 1381 pool_put(&cryptkop_pool, krp); 1382 } 1383 1384 /* 1385 * Acquire a set of asymmetric crypto descriptors. 1386 * Currently, support one descriptor only. 1387 */ 1388 struct cryptkop * 1389 crypto_kgetreq(int num __unused, int prflags) 1390 { 1391 struct cryptkop *krp; 1392 1393 /* 1394 * When crp_ret_kq is full, we restrict here to avoid crp_ret_kq 1395 * overflow by error callback. 1396 */ 1397 if (CRYPTO_Q_IS_FULL(crp_ret_kq)) { 1398 CRYPTO_Q_INC_DROPS(crp_ret_kq); 1399 return NULL; 1400 } 1401 1402 krp = pool_get(&cryptkop_pool, prflags); 1403 if (krp == NULL) { 1404 return NULL; 1405 } 1406 memset(krp, 0, sizeof(struct cryptkop)); 1407 1408 return krp; 1409 } 1410 1411 /* 1412 * Invoke the callback on behalf of the driver. 1413 */ 1414 void 1415 crypto_done(struct cryptop *crp) 1416 { 1417 int wasempty; 1418 1419 KASSERT(crp != NULL); 1420 1421 if (crp->crp_etype != 0) 1422 cryptostats.cs_errs++; 1423 #ifdef CRYPTO_TIMING 1424 if (crypto_timing) 1425 crypto_tstat(&cryptostats.cs_done, &crp->crp_tstamp); 1426 #endif 1427 DPRINTF("lid[%u]: crp %p\n", CRYPTO_SESID2LID(crp->crp_sid), crp); 1428 1429 /* 1430 * Normal case; queue the callback for the thread. 1431 * 1432 * The return queue is manipulated by the swi thread 1433 * and, potentially, by crypto device drivers calling 1434 * back to mark operations completed. Thus we need 1435 * to mask both while manipulating the return queue. 1436 */ 1437 if (crp->crp_flags & CRYPTO_F_CBIMM) { 1438 /* 1439 * Do the callback directly. This is ok when the 1440 * callback routine does very little (e.g. the 1441 * /dev/crypto callback method just does a wakeup). 1442 */ 1443 mutex_spin_enter(&crypto_ret_q_mtx); 1444 crp->crp_flags |= CRYPTO_F_DONE; 1445 mutex_spin_exit(&crypto_ret_q_mtx); 1446 1447 #ifdef CRYPTO_TIMING 1448 if (crypto_timing) { 1449 /* 1450 * NB: We must copy the timestamp before 1451 * doing the callback as the cryptop is 1452 * likely to be reclaimed. 1453 */ 1454 struct timespec t = crp->crp_tstamp; 1455 crypto_tstat(&cryptostats.cs_cb, &t); 1456 crp->crp_callback(crp); 1457 crypto_tstat(&cryptostats.cs_finis, &t); 1458 } else 1459 #endif 1460 crp->crp_callback(crp); 1461 } else { 1462 mutex_spin_enter(&crypto_ret_q_mtx); 1463 crp->crp_flags |= CRYPTO_F_DONE; 1464 #if 0 1465 if (crp->crp_flags & CRYPTO_F_USER) { 1466 /* 1467 * TODO: 1468 * If crp->crp_flags & CRYPTO_F_USER and the used 1469 * encryption driver does all the processing in 1470 * the same context, we can skip enqueueing crp_ret_q 1471 * and cv_signal(&cryptoret_cv). 1472 */ 1473 DPRINTF("lid[%u]: crp %p CRYPTO_F_USER\n", 1474 CRYPTO_SESID2LID(crp->crp_sid), crp); 1475 } else 1476 #endif 1477 { 1478 wasempty = TAILQ_EMPTY(&crp_ret_q); 1479 DPRINTF("lid[%u]: queueing %p\n", 1480 CRYPTO_SESID2LID(crp->crp_sid), crp); 1481 crp->crp_flags |= CRYPTO_F_ONRETQ; 1482 TAILQ_INSERT_TAIL(&crp_ret_q, crp, crp_next); 1483 CRYPTO_Q_INC(crp_ret_q); 1484 if (wasempty) { 1485 DPRINTF("lid[%u]: waking cryptoret, " 1486 "crp %p hit empty queue\n.", 1487 CRYPTO_SESID2LID(crp->crp_sid), crp); 1488 cv_signal(&cryptoret_cv); 1489 } 1490 } 1491 mutex_spin_exit(&crypto_ret_q_mtx); 1492 } 1493 } 1494 1495 /* 1496 * Invoke the callback on behalf of the driver. 1497 */ 1498 void 1499 crypto_kdone(struct cryptkop *krp) 1500 { 1501 int wasempty; 1502 1503 KASSERT(krp != NULL); 1504 1505 if (krp->krp_status != 0) 1506 cryptostats.cs_kerrs++; 1507 1508 krp->krp_flags |= CRYPTO_F_DONE; 1509 1510 /* 1511 * The return queue is manipulated by the swi thread 1512 * and, potentially, by crypto device drivers calling 1513 * back to mark operations completed. Thus we need 1514 * to mask both while manipulating the return queue. 1515 */ 1516 if (krp->krp_flags & CRYPTO_F_CBIMM) { 1517 krp->krp_callback(krp); 1518 } else { 1519 mutex_spin_enter(&crypto_ret_q_mtx); 1520 wasempty = TAILQ_EMPTY(&crp_ret_kq); 1521 krp->krp_flags |= CRYPTO_F_ONRETQ; 1522 TAILQ_INSERT_TAIL(&crp_ret_kq, krp, krp_next); 1523 CRYPTO_Q_INC(crp_ret_kq); 1524 if (wasempty) 1525 cv_signal(&cryptoret_cv); 1526 mutex_spin_exit(&crypto_ret_q_mtx); 1527 } 1528 } 1529 1530 int 1531 crypto_getfeat(int *featp) 1532 { 1533 1534 if (crypto_userasymcrypto == 0) { 1535 *featp = 0; 1536 return 0; 1537 } 1538 1539 mutex_enter(&crypto_drv_mtx); 1540 1541 int feat = 0; 1542 for (int hid = 0; hid < crypto_drivers_num; hid++) { 1543 struct cryptocap *cap; 1544 cap = crypto_checkdriver_uninit(hid); 1545 if (cap == NULL) 1546 continue; 1547 1548 crypto_driver_lock(cap); 1549 1550 if ((cap->cc_flags & CRYPTOCAP_F_SOFTWARE) && 1551 crypto_devallowsoft == 0) 1552 goto unlock; 1553 1554 if (cap->cc_kprocess == NULL) 1555 goto unlock; 1556 1557 for (int kalg = 0; kalg < CRK_ALGORITHM_MAX; kalg++) 1558 if ((cap->cc_kalg[kalg] & 1559 CRYPTO_ALG_FLAG_SUPPORTED) != 0) 1560 feat |= 1 << kalg; 1561 1562 unlock: crypto_driver_unlock(cap); 1563 } 1564 1565 mutex_exit(&crypto_drv_mtx); 1566 *featp = feat; 1567 return (0); 1568 } 1569 1570 /* 1571 * Software interrupt thread to dispatch crypto requests. 1572 */ 1573 static void 1574 cryptointr(void) 1575 { 1576 struct cryptop *crp, *submit, *cnext; 1577 struct cryptkop *krp, *knext; 1578 struct cryptocap *cap; 1579 int result, hint; 1580 1581 cryptostats.cs_intrs++; 1582 mutex_enter(&crypto_q_mtx); 1583 do { 1584 /* 1585 * Find the first element in the queue that can be 1586 * processed and look-ahead to see if multiple ops 1587 * are ready for the same driver. 1588 */ 1589 submit = NULL; 1590 hint = 0; 1591 TAILQ_FOREACH_SAFE(crp, &crp_q, crp_next, cnext) { 1592 u_int32_t hid = CRYPTO_SESID2HID(crp->crp_sid); 1593 cap = crypto_checkdriver_lock(hid); 1594 if (cap == NULL || cap->cc_process == NULL) { 1595 if (cap != NULL) 1596 crypto_driver_unlock(cap); 1597 /* Op needs to be migrated, process it. */ 1598 submit = crp; 1599 break; 1600 } 1601 1602 /* 1603 * skip blocked crp regardless of CRYPTO_F_BATCH 1604 */ 1605 if (cap->cc_qblocked != 0) { 1606 crypto_driver_unlock(cap); 1607 continue; 1608 } 1609 crypto_driver_unlock(cap); 1610 1611 /* 1612 * skip batch crp until the end of crp_q 1613 */ 1614 if ((crp->crp_flags & CRYPTO_F_BATCH) != 0) { 1615 if (submit == NULL) { 1616 submit = crp; 1617 } else { 1618 if (CRYPTO_SESID2HID(submit->crp_sid) 1619 == hid) 1620 hint = CRYPTO_HINT_MORE; 1621 } 1622 1623 continue; 1624 } 1625 1626 /* 1627 * found first crp which is neither blocked nor batch. 1628 */ 1629 submit = crp; 1630 /* 1631 * batch crp can be processed much later, so clear hint. 1632 */ 1633 hint = 0; 1634 break; 1635 } 1636 if (submit != NULL) { 1637 TAILQ_REMOVE(&crp_q, submit, crp_next); 1638 result = crypto_invoke(submit, hint); 1639 /* we must take here as the TAILQ op or kinvoke 1640 may need this mutex below. sigh. */ 1641 if (result == ERESTART) { 1642 /* 1643 * The driver ran out of resources, mark the 1644 * driver ``blocked'' for cryptop's and put 1645 * the request back in the queue. It would 1646 * best to put the request back where we got 1647 * it but that's hard so for now we put it 1648 * at the front. This should be ok; putting 1649 * it at the end does not work. 1650 */ 1651 /* validate sid again */ 1652 cap = crypto_checkdriver_lock(CRYPTO_SESID2HID(submit->crp_sid)); 1653 if (cap == NULL) { 1654 /* migrate again, sigh... */ 1655 TAILQ_INSERT_TAIL(&crp_q, submit, crp_next); 1656 } else { 1657 cap->cc_qblocked = 1; 1658 crypto_driver_unlock(cap); 1659 TAILQ_INSERT_HEAD(&crp_q, submit, crp_next); 1660 cryptostats.cs_blocks++; 1661 } 1662 } 1663 } 1664 1665 /* As above, but for key ops */ 1666 TAILQ_FOREACH_SAFE(krp, &crp_kq, krp_next, knext) { 1667 cap = crypto_checkdriver_lock(krp->krp_hid); 1668 if (cap == NULL || cap->cc_kprocess == NULL) { 1669 if (cap != NULL) 1670 crypto_driver_unlock(cap); 1671 /* Op needs to be migrated, process it. */ 1672 break; 1673 } 1674 if (!cap->cc_kqblocked) { 1675 crypto_driver_unlock(cap); 1676 break; 1677 } 1678 crypto_driver_unlock(cap); 1679 } 1680 if (krp != NULL) { 1681 TAILQ_REMOVE(&crp_kq, krp, krp_next); 1682 result = crypto_kinvoke(krp, 0); 1683 /* the next iteration will want the mutex. :-/ */ 1684 if (result == ERESTART) { 1685 /* 1686 * The driver ran out of resources, mark the 1687 * driver ``blocked'' for cryptkop's and put 1688 * the request back in the queue. It would 1689 * best to put the request back where we got 1690 * it but that's hard so for now we put it 1691 * at the front. This should be ok; putting 1692 * it at the end does not work. 1693 */ 1694 /* validate sid again */ 1695 cap = crypto_checkdriver_lock(krp->krp_hid); 1696 if (cap == NULL) { 1697 /* migrate again, sigh... */ 1698 TAILQ_INSERT_TAIL(&crp_kq, krp, krp_next); 1699 } else { 1700 cap->cc_kqblocked = 1; 1701 crypto_driver_unlock(cap); 1702 TAILQ_INSERT_HEAD(&crp_kq, krp, krp_next); 1703 cryptostats.cs_kblocks++; 1704 } 1705 } 1706 } 1707 } while (submit != NULL || krp != NULL); 1708 mutex_exit(&crypto_q_mtx); 1709 } 1710 1711 /* 1712 * Kernel thread to do callbacks. 1713 */ 1714 static void 1715 cryptoret(void) 1716 { 1717 struct cryptop *crp; 1718 struct cryptkop *krp; 1719 1720 mutex_spin_enter(&crypto_ret_q_mtx); 1721 for (;;) { 1722 crp = TAILQ_FIRST(&crp_ret_q); 1723 if (crp != NULL) { 1724 TAILQ_REMOVE(&crp_ret_q, crp, crp_next); 1725 CRYPTO_Q_DEC(crp_ret_q); 1726 crp->crp_flags &= ~CRYPTO_F_ONRETQ; 1727 } 1728 krp = TAILQ_FIRST(&crp_ret_kq); 1729 if (krp != NULL) { 1730 TAILQ_REMOVE(&crp_ret_kq, krp, krp_next); 1731 CRYPTO_Q_DEC(crp_ret_kq); 1732 krp->krp_flags &= ~CRYPTO_F_ONRETQ; 1733 } 1734 1735 /* drop before calling any callbacks. */ 1736 if (crp == NULL && krp == NULL) { 1737 1738 /* Check for the exit condition. */ 1739 if (crypto_exit_flag != 0) { 1740 1741 /* Time to die. */ 1742 crypto_exit_flag = 0; 1743 cv_broadcast(&cryptoret_cv); 1744 mutex_spin_exit(&crypto_ret_q_mtx); 1745 kthread_exit(0); 1746 } 1747 1748 cryptostats.cs_rets++; 1749 cv_wait(&cryptoret_cv, &crypto_ret_q_mtx); 1750 continue; 1751 } 1752 1753 mutex_spin_exit(&crypto_ret_q_mtx); 1754 1755 if (crp != NULL) { 1756 #ifdef CRYPTO_TIMING 1757 if (crypto_timing) { 1758 /* 1759 * NB: We must copy the timestamp before 1760 * doing the callback as the cryptop is 1761 * likely to be reclaimed. 1762 */ 1763 struct timespec t = crp->crp_tstamp; 1764 crypto_tstat(&cryptostats.cs_cb, &t); 1765 crp->crp_callback(crp); 1766 crypto_tstat(&cryptostats.cs_finis, &t); 1767 } else 1768 #endif 1769 { 1770 crp->crp_callback(crp); 1771 } 1772 } 1773 if (krp != NULL) 1774 krp->krp_callback(krp); 1775 1776 mutex_spin_enter(&crypto_ret_q_mtx); 1777 } 1778 } 1779 1780 /* NetBSD module interface */ 1781 1782 MODULE(MODULE_CLASS_MISC, opencrypto, NULL); 1783 1784 static int 1785 opencrypto_modcmd(modcmd_t cmd, void *opaque) 1786 { 1787 int error = 0; 1788 1789 switch (cmd) { 1790 case MODULE_CMD_INIT: 1791 #ifdef _MODULE 1792 error = crypto_init(); 1793 #endif 1794 break; 1795 case MODULE_CMD_FINI: 1796 #ifdef _MODULE 1797 error = crypto_destroy(true); 1798 #endif 1799 break; 1800 default: 1801 error = ENOTTY; 1802 } 1803 return error; 1804 } 1805
Indexes created Wed Sep 24 02:09:48 GMT 2025