cryptodev.c revision 1.52.4.2
1 /* $NetBSD: cryptodev.c,v 1.52.4.2 2011/05/31 03:05:10 rmind Exp $ */ 2 /* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */ 3 /* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */ 4 5 /*- 6 * Copyright (c) 2008 The NetBSD Foundation, Inc. 7 * All rights reserved. 8 * 9 * This code is derived from software contributed to The NetBSD Foundation 10 * by Coyote Point Systems, Inc. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 23 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 25 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 29 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 31 * POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 /* 35 * Copyright (c) 2001 Theo de Raadt 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 3. The name of the author may not be used to endorse or promote products 47 * derived from this software without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 50 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 51 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 52 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 53 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 54 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 55 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 56 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 57 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 58 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 59 * 60 * Effort sponsored in part by the Defense Advanced Research Projects 61 * Agency (DARPA) and Air Force Research Laboratory, Air Force 62 * Materiel Command, USAF, under agreement number F30602-01-2-0537. 63 * 64 */ 65 66 #include <sys/cdefs.h> 67 __KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.52.4.2 2011/05/31 03:05:10 rmind Exp $"); 68 69 #include <sys/param.h> 70 #include <sys/systm.h> 71 #include <sys/kmem.h> 72 #include <sys/malloc.h> 73 #include <sys/mbuf.h> 74 #include <sys/pool.h> 75 #include <sys/sysctl.h> 76 #include <sys/file.h> 77 #include <sys/filedesc.h> 78 #include <sys/errno.h> 79 #include <sys/md5.h> 80 #include <sys/sha1.h> 81 #include <sys/conf.h> 82 #include <sys/device.h> 83 #include <sys/kauth.h> 84 #include <sys/select.h> 85 #include <sys/poll.h> 86 #include <sys/atomic.h> 87 #include <sys/stat.h> 88 89 #include "opt_ocf.h" 90 #include "opt_compat_netbsd.h" 91 #include <opencrypto/cryptodev.h> 92 #include <opencrypto/cryptodev_internal.h> 93 #include <opencrypto/xform.h> 94 95 struct csession { 96 TAILQ_ENTRY(csession) next; 97 u_int64_t sid; 98 u_int32_t ses; 99 100 u_int32_t cipher; /* note: shares name space in crd_alg */ 101 const struct enc_xform *txform; 102 u_int32_t mac; /* note: shares name space in crd_alg */ 103 const struct auth_hash *thash; 104 u_int32_t comp_alg; /* note: shares name space in crd_alg */ 105 const struct comp_algo *tcomp; 106 107 void * key; 108 int keylen; 109 u_char tmp_iv[EALG_MAX_BLOCK_LEN]; 110 111 void * mackey; 112 int mackeylen; 113 u_char tmp_mac[CRYPTO_MAX_MAC_LEN]; 114 115 struct iovec iovec[1]; /* user requests never have more */ 116 struct uio uio; 117 int error; 118 }; 119 120 struct fcrypt { 121 TAILQ_HEAD(csessionlist, csession) csessions; 122 TAILQ_HEAD(crprethead, cryptop) crp_ret_mq; 123 TAILQ_HEAD(krprethead, cryptkop) crp_ret_mkq; 124 int sesn; 125 struct selinfo sinfo; 126 u_int32_t requestid; 127 struct timespec atime; 128 struct timespec mtime; 129 struct timespec btime; 130 }; 131 132 /* For our fixed-size allocations */ 133 static struct pool fcrpl; 134 static struct pool csepl; 135 136 /* Declaration of master device (fd-cloning/ctxt-allocating) entrypoints */ 137 static int cryptoopen(dev_t dev, int flag, int mode, struct lwp *l); 138 static int cryptoread(dev_t dev, struct uio *uio, int ioflag); 139 static int cryptowrite(dev_t dev, struct uio *uio, int ioflag); 140 static int cryptoselect(dev_t dev, int rw, struct lwp *l); 141 142 /* Declaration of cloned-device (per-ctxt) entrypoints */ 143 static int cryptof_read(struct file *, off_t *, struct uio *, 144 kauth_cred_t, int); 145 static int cryptof_write(struct file *, off_t *, struct uio *, 146 kauth_cred_t, int); 147 static int cryptof_ioctl(struct file *, u_long, void *); 148 static int cryptof_close(struct file *); 149 static int cryptof_poll(struct file *, int); 150 static int cryptof_stat(struct file *, struct stat *); 151 152 static const struct fileops cryptofops = { 153 .fo_read = cryptof_read, 154 .fo_write = cryptof_write, 155 .fo_ioctl = cryptof_ioctl, 156 .fo_fcntl = fnullop_fcntl, 157 .fo_poll = cryptof_poll, 158 .fo_stat = cryptof_stat, 159 .fo_close = cryptof_close, 160 .fo_kqfilter = fnullop_kqfilter, 161 .fo_restart = fnullop_restart, 162 }; 163 164 struct csession *cryptodev_csefind(struct fcrypt *, u_int); 165 static struct csession *csefind(struct fcrypt *, u_int); 166 static int csedelete(struct fcrypt *, struct csession *); 167 static struct csession *cseadd(struct fcrypt *, struct csession *); 168 static struct csession *csecreate(struct fcrypt *, u_int64_t, void *, 169 u_int64_t, void *, u_int64_t, u_int32_t, u_int32_t, u_int32_t, 170 const struct enc_xform *, const struct auth_hash *, 171 const struct comp_algo *); 172 static int csefree(struct csession *); 173 174 static int cryptodev_key(struct crypt_kop *); 175 static int cryptodev_mkey(struct fcrypt *, struct crypt_n_kop *, int); 176 static int cryptodev_msessionfin(struct fcrypt *, int, u_int32_t *); 177 178 static int cryptodev_cb(void *); 179 static int cryptodevkey_cb(void *); 180 181 static int cryptodev_mcb(void *); 182 static int cryptodevkey_mcb(void *); 183 184 static int cryptodev_getmstatus(struct fcrypt *, struct crypt_result *, 185 int); 186 static int cryptodev_getstatus(struct fcrypt *, struct crypt_result *); 187 188 #ifdef COMPAT_50 189 extern int ocryptof_ioctl(struct file *, u_long, void *); 190 #endif 191 192 /* 193 * sysctl-able control variables for /dev/crypto now defined in crypto.c: 194 * crypto_usercrypto, crypto_userasmcrypto, crypto_devallowsoft. 195 */ 196 197 /* ARGSUSED */ 198 int 199 cryptof_read(file_t *fp, off_t *poff, 200 struct uio *uio, kauth_cred_t cred, int flags) 201 { 202 return EIO; 203 } 204 205 /* ARGSUSED */ 206 int 207 cryptof_write(file_t *fp, off_t *poff, 208 struct uio *uio, kauth_cred_t cred, int flags) 209 { 210 return EIO; 211 } 212 213 /* ARGSUSED */ 214 int 215 cryptof_ioctl(struct file *fp, u_long cmd, void *data) 216 { 217 struct fcrypt *fcr = fp->f_data; 218 struct csession *cse; 219 struct session_op *sop; 220 struct session_n_op *snop; 221 struct crypt_op *cop; 222 struct crypt_mop *mop; 223 struct crypt_mkop *mkop; 224 struct crypt_n_op *cnop; 225 struct crypt_n_kop *knop; 226 struct crypt_sgop *sgop; 227 struct crypt_sfop *sfop; 228 struct cryptret *crypt_ret; 229 struct crypt_result *crypt_res; 230 u_int32_t ses; 231 u_int32_t *sesid; 232 int error = 0; 233 size_t count; 234 235 /* backwards compatibility */ 236 file_t *criofp; 237 struct fcrypt *criofcr; 238 int criofd; 239 240 mutex_enter(&crypto_mtx); 241 getnanotime(&fcr->atime); 242 mutex_exit(&crypto_mtx); 243 244 switch (cmd) { 245 case CRIOGET: /* XXX deprecated, remove after 5.0 */ 246 if ((error = fd_allocfile(&criofp, &criofd)) != 0) 247 return error; 248 criofcr = pool_get(&fcrpl, PR_WAITOK); 249 mutex_enter(&crypto_mtx); 250 TAILQ_INIT(&criofcr->csessions); 251 TAILQ_INIT(&criofcr->crp_ret_mq); 252 TAILQ_INIT(&criofcr->crp_ret_mkq); 253 selinit(&criofcr->sinfo); 254 255 /* 256 * Don't ever return session 0, to allow detection of 257 * failed creation attempts with multi-create ioctl. 258 */ 259 criofcr->sesn = 1; 260 criofcr->requestid = 1; 261 mutex_exit(&crypto_mtx); 262 (void)fd_clone(criofp, criofd, (FREAD|FWRITE), 263 &cryptofops, criofcr); 264 *(u_int32_t *)data = criofd; 265 return error; 266 break; 267 case CIOCGSESSION: 268 sop = (struct session_op *)data; 269 error = cryptodev_session(fcr, sop); 270 break; 271 case CIOCNGSESSION: 272 sgop = (struct crypt_sgop *)data; 273 snop = kmem_alloc((sgop->count * 274 sizeof(struct session_n_op)), KM_SLEEP); 275 error = copyin(sgop->sessions, snop, sgop->count * 276 sizeof(struct session_n_op)); 277 if (error) { 278 goto mbail; 279 } 280 281 mutex_enter(&crypto_mtx); 282 fcr->mtime = fcr->atime; 283 mutex_exit(&crypto_mtx); 284 error = cryptodev_msession(fcr, snop, sgop->count); 285 if (error) { 286 goto mbail; 287 } 288 289 error = copyout(snop, sgop->sessions, sgop->count * 290 sizeof(struct session_n_op)); 291 mbail: 292 kmem_free(snop, sgop->count * sizeof(struct session_n_op)); 293 break; 294 case CIOCFSESSION: 295 mutex_enter(&crypto_mtx); 296 fcr->mtime = fcr->atime; 297 ses = *(u_int32_t *)data; 298 cse = csefind(fcr, ses); 299 if (cse == NULL) { 300 mutex_exit(&crypto_mtx); 301 return EINVAL; 302 } 303 csedelete(fcr, cse); 304 mutex_exit(&crypto_mtx); 305 error = csefree(cse); 306 break; 307 case CIOCNFSESSION: 308 mutex_enter(&crypto_mtx); 309 fcr->mtime = fcr->atime; 310 mutex_exit(&crypto_mtx); 311 sfop = (struct crypt_sfop *)data; 312 sesid = kmem_alloc((sfop->count * sizeof(u_int32_t)), 313 KM_SLEEP); 314 error = copyin(sfop->sesid, sesid, 315 (sfop->count * sizeof(u_int32_t))); 316 if (!error) { 317 error = cryptodev_msessionfin(fcr, sfop->count, sesid); 318 } 319 kmem_free(sesid, (sfop->count * sizeof(u_int32_t))); 320 break; 321 case CIOCCRYPT: 322 mutex_enter(&crypto_mtx); 323 fcr->mtime = fcr->atime; 324 cop = (struct crypt_op *)data; 325 cse = csefind(fcr, cop->ses); 326 mutex_exit(&crypto_mtx); 327 if (cse == NULL) { 328 DPRINTF(("csefind failed\n")); 329 return EINVAL; 330 } 331 error = cryptodev_op(cse, cop, curlwp); 332 DPRINTF(("cryptodev_op error = %d\n", error)); 333 break; 334 case CIOCNCRYPTM: 335 mutex_enter(&crypto_mtx); 336 fcr->mtime = fcr->atime; 337 mutex_exit(&crypto_mtx); 338 mop = (struct crypt_mop *)data; 339 cnop = kmem_alloc((mop->count * sizeof(struct crypt_n_op)), 340 KM_SLEEP); 341 error = copyin(mop->reqs, cnop, 342 (mop->count * sizeof(struct crypt_n_op))); 343 if(!error) { 344 error = cryptodev_mop(fcr, cnop, mop->count, curlwp); 345 if (!error) { 346 error = copyout(cnop, mop->reqs, 347 (mop->count * sizeof(struct crypt_n_op))); 348 } 349 } 350 kmem_free(cnop, (mop->count * sizeof(struct crypt_n_op))); 351 break; 352 case CIOCKEY: 353 error = cryptodev_key((struct crypt_kop *)data); 354 DPRINTF(("cryptodev_key error = %d\n", error)); 355 break; 356 case CIOCNFKEYM: 357 mutex_enter(&crypto_mtx); 358 fcr->mtime = fcr->atime; 359 mutex_exit(&crypto_mtx); 360 mkop = (struct crypt_mkop *)data; 361 knop = kmem_alloc((mkop->count * sizeof(struct crypt_n_kop)), 362 KM_SLEEP); 363 error = copyin(mkop->reqs, knop, 364 (mkop->count * sizeof(struct crypt_n_kop))); 365 if (!error) { 366 error = cryptodev_mkey(fcr, knop, mkop->count); 367 if (!error) 368 error = copyout(knop, mkop->reqs, 369 (mkop->count * sizeof(struct crypt_n_kop))); 370 } 371 kmem_free(knop, (mkop->count * sizeof(struct crypt_n_kop))); 372 break; 373 case CIOCASYMFEAT: 374 error = crypto_getfeat((int *)data); 375 break; 376 case CIOCNCRYPTRETM: 377 mutex_enter(&crypto_mtx); 378 fcr->mtime = fcr->atime; 379 mutex_exit(&crypto_mtx); 380 crypt_ret = (struct cryptret *)data; 381 count = crypt_ret->count; 382 crypt_res = kmem_alloc((count * sizeof(struct crypt_result)), 383 KM_SLEEP); 384 error = copyin(crypt_ret->results, crypt_res, 385 (count * sizeof(struct crypt_result))); 386 if (error) 387 goto reterr; 388 crypt_ret->count = cryptodev_getmstatus(fcr, crypt_res, 389 crypt_ret->count); 390 /* sanity check count */ 391 if (crypt_ret->count > count) { 392 printf("%s.%d: error returned count %zd > original " 393 " count %zd\n", 394 __FILE__, __LINE__, crypt_ret->count, count); 395 crypt_ret->count = count; 396 397 } 398 error = copyout(crypt_res, crypt_ret->results, 399 (crypt_ret->count * sizeof(struct crypt_result))); 400 reterr: 401 kmem_free(crypt_res, (count * sizeof(struct crypt_result))); 402 break; 403 case CIOCNCRYPTRET: 404 error = cryptodev_getstatus(fcr, (struct crypt_result *)data); 405 break; 406 default: 407 #ifdef COMPAT_50 408 /* Check for backward compatible commands */ 409 error = ocryptof_ioctl(fp, cmd, data); 410 #else 411 return EINVAL; 412 #endif 413 } 414 return error; 415 } 416 417 int 418 cryptodev_op(struct csession *cse, struct crypt_op *cop, struct lwp *l) 419 { 420 struct cryptop *crp = NULL; 421 struct cryptodesc *crde = NULL, *crda = NULL, *crdc = NULL; 422 int error; 423 int iov_len = cop->len; 424 int flags=0; 425 int dst_len; /* copyout size */ 426 427 if (cop->len > 256*1024-4) 428 return E2BIG; 429 430 if (cse->txform) { 431 if (cop->len < cse->txform->blocksize 432 + (cop->iv ? 0 : cse->txform->ivsize) || 433 (cop->len - (cop->iv ? 0 : cse->txform->ivsize)) 434 % cse->txform->blocksize != 0) 435 return EINVAL; 436 } 437 438 DPRINTF(("cryptodev_op[%u]: iov_len %d\n", 439 CRYPTO_SESID2LID(cse->sid), iov_len)); 440 if ((cse->tcomp) && cop->dst_len) { 441 if (iov_len < cop->dst_len) { 442 /* Need larger iov to deal with decompress */ 443 iov_len = cop->dst_len; 444 } 445 DPRINTF(("cryptodev_op: iov_len -> %d for decompress\n", iov_len)); 446 } 447 448 (void)memset(&cse->uio, 0, sizeof(cse->uio)); 449 cse->uio.uio_iovcnt = 1; 450 cse->uio.uio_resid = 0; 451 cse->uio.uio_rw = UIO_WRITE; 452 cse->uio.uio_iov = cse->iovec; 453 UIO_SETUP_SYSSPACE(&cse->uio); 454 memset(&cse->iovec, 0, sizeof(cse->iovec)); 455 456 /* the iov needs to be big enough to handle the uncompressed 457 * data.... */ 458 cse->uio.uio_iov[0].iov_len = iov_len; 459 if (iov_len > 0) 460 cse->uio.uio_iov[0].iov_base = kmem_alloc(iov_len, KM_SLEEP); 461 cse->uio.uio_resid = cse->uio.uio_iov[0].iov_len; 462 DPRINTF(("cryptodev_op[%u]: uio.iov_base %p malloced %d bytes\n", 463 CRYPTO_SESID2LID(cse->sid), 464 cse->uio.uio_iov[0].iov_base, iov_len)); 465 466 crp = crypto_getreq((cse->tcomp != NULL) + (cse->txform != NULL) + (cse->thash != NULL)); 467 if (crp == NULL) { 468 error = ENOMEM; 469 goto bail; 470 } 471 DPRINTF(("cryptodev_op[%u]: crp %p\n", 472 CRYPTO_SESID2LID(cse->sid), crp)); 473 474 /* crds are always ordered tcomp, thash, then txform */ 475 /* with optional missing links */ 476 477 /* XXX: If we're going to compress then hash or encrypt, we need 478 * to be able to pass on the new size of the data. 479 */ 480 481 if (cse->tcomp) { 482 crdc = crp->crp_desc; 483 } 484 485 if (cse->thash) { 486 crda = crdc ? crdc->crd_next : crp->crp_desc; 487 if (cse->txform && crda) 488 crde = crda->crd_next; 489 } else { 490 if (cse->txform) { 491 crde = crdc ? crdc->crd_next : crp->crp_desc; 492 } else if (!cse->tcomp) { 493 error = EINVAL; 494 goto bail; 495 } 496 } 497 498 DPRINTF(("ocf[%u]: iov_len %zu, cop->len %u\n", 499 CRYPTO_SESID2LID(cse->sid), 500 cse->uio.uio_iov[0].iov_len, 501 cop->len)); 502 503 if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base, cop->len))) 504 { 505 printf("copyin failed %s %d \n", (char *)cop->src, error); 506 goto bail; 507 } 508 509 if (crdc) { 510 switch (cop->op) { 511 case COP_COMP: 512 crdc->crd_flags |= CRD_F_COMP; 513 break; 514 case COP_DECOMP: 515 crdc->crd_flags &= ~CRD_F_COMP; 516 break; 517 default: 518 break; 519 } 520 /* more data to follow? */ 521 if (cop->flags & COP_F_MORE) { 522 flags |= CRYPTO_F_MORE; 523 } 524 crdc->crd_len = cop->len; 525 crdc->crd_inject = 0; 526 527 crdc->crd_alg = cse->comp_alg; 528 crdc->crd_key = NULL; 529 crdc->crd_klen = 0; 530 DPRINTF(("cryptodev_op[%u]: crdc setup for comp_alg %d.\n", 531 CRYPTO_SESID2LID(cse->sid), crdc->crd_alg)); 532 } 533 534 if (crda) { 535 crda->crd_skip = 0; 536 crda->crd_len = cop->len; 537 crda->crd_inject = 0; /* ??? */ 538 539 crda->crd_alg = cse->mac; 540 crda->crd_key = cse->mackey; 541 crda->crd_klen = cse->mackeylen * 8; 542 DPRINTF(("cryptodev_op: crda setup for mac %d.\n", crda->crd_alg)); 543 } 544 545 if (crde) { 546 switch (cop->op) { 547 case COP_ENCRYPT: 548 crde->crd_flags |= CRD_F_ENCRYPT; 549 break; 550 case COP_DECRYPT: 551 crde->crd_flags &= ~CRD_F_ENCRYPT; 552 break; 553 default: 554 break; 555 } 556 crde->crd_len = cop->len; 557 crde->crd_inject = 0; 558 559 if (cse->cipher == CRYPTO_AES_GCM_16 && crda) 560 crda->crd_len = 0; 561 else if (cse->cipher == CRYPTO_AES_GMAC) 562 crde->crd_len = 0; 563 564 crde->crd_alg = cse->cipher; 565 crde->crd_key = cse->key; 566 crde->crd_klen = cse->keylen * 8; 567 DPRINTF(("cryptodev_op: crde setup for cipher %d.\n", crde->crd_alg)); 568 } 569 570 571 crp->crp_ilen = cop->len; 572 /* The reqest is flagged as CRYPTO_F_USER as long as it is running 573 * in the user IOCTL thread. This flag lets us skip using the retq for 574 * the request if it completes immediately. If the request ends up being 575 * delayed or is not completed immediately the flag is removed. 576 */ 577 crp->crp_flags = CRYPTO_F_IOV | (cop->flags & COP_F_BATCH) | CRYPTO_F_USER | 578 flags; 579 crp->crp_buf = (void *)&cse->uio; 580 crp->crp_callback = (int (*) (struct cryptop *)) cryptodev_cb; 581 crp->crp_sid = cse->sid; 582 crp->crp_opaque = (void *)cse; 583 584 if (cop->iv) { 585 if (crde == NULL) { 586 error = EINVAL; 587 goto bail; 588 } 589 if (cse->txform->ivsize == 0) { 590 error = EINVAL; 591 goto bail; 592 } 593 if ((error = copyin(cop->iv, cse->tmp_iv, 594 cse->txform->ivsize))) 595 goto bail; 596 (void)memcpy(crde->crd_iv, cse->tmp_iv, cse->txform->ivsize); 597 crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT; 598 crde->crd_skip = 0; 599 } else if (crde) { 600 if (cse->txform->ivsize == 0) { 601 crde->crd_skip = 0; 602 } else { 603 if (!(crde->crd_flags & CRD_F_ENCRYPT)) 604 crde->crd_flags |= CRD_F_IV_PRESENT; 605 crde->crd_skip = cse->txform->ivsize; 606 crde->crd_len -= cse->txform->ivsize; 607 } 608 } 609 610 if (cop->mac) { 611 if (crda == NULL) { 612 error = EINVAL; 613 goto bail; 614 } 615 crp->crp_mac=cse->tmp_mac; 616 } 617 618 /* 619 * XXX there was a comment here which said that we went to 620 * XXX splcrypto() but needed to only if CRYPTO_F_CBIMM, 621 * XXX disabled on NetBSD since 1.6O due to a race condition. 622 * XXX But crypto_dispatch went to splcrypto() itself! (And 623 * XXX now takes the crypto_mtx mutex itself). We do, however, 624 * XXX need to hold the mutex across the call to cv_wait(). 625 * XXX (should we arrange for crypto_dispatch to return to 626 * XXX us with it held? it seems quite ugly to do so.) 627 */ 628 #ifdef notyet 629 eagain: 630 #endif 631 error = crypto_dispatch(crp); 632 mutex_enter(&crypto_mtx); 633 634 /* 635 * If the request was going to be completed by the 636 * ioctl thread then it would have been done by now. 637 * Remove the F_USER flag so crypto_done() is not confused 638 * if the crypto device calls it after this point. 639 */ 640 crp->crp_flags &= ~(CRYPTO_F_USER); 641 642 switch (error) { 643 #ifdef notyet /* don't loop forever -- but EAGAIN not possible here yet */ 644 case EAGAIN: 645 mutex_exit(&crypto_mtx); 646 goto eagain; 647 break; 648 #endif 649 case 0: 650 break; 651 default: 652 DPRINTF(("cryptodev_op: not waiting, error.\n")); 653 mutex_exit(&crypto_mtx); 654 goto bail; 655 } 656 657 while (!(crp->crp_flags & CRYPTO_F_DONE)) { 658 DPRINTF(("cryptodev_op[%d]: sleeping on cv %p for crp %p\n", 659 (uint32_t)cse->sid, &crp->crp_cv, crp)); 660 cv_wait(&crp->crp_cv, &crypto_mtx); /* XXX cv_wait_sig? */ 661 } 662 if (crp->crp_flags & CRYPTO_F_ONRETQ) { 663 /* XXX this should never happen now with the CRYPTO_F_USER flag 664 * changes. 665 */ 666 DPRINTF(("cryptodev_op: DONE, not woken by cryptoret.\n")); 667 (void)crypto_ret_q_remove(crp); 668 } 669 mutex_exit(&crypto_mtx); 670 671 if (crp->crp_etype != 0) { 672 DPRINTF(("cryptodev_op: crp_etype %d\n", crp->crp_etype)); 673 error = crp->crp_etype; 674 goto bail; 675 } 676 677 if (cse->error) { 678 DPRINTF(("cryptodev_op: cse->error %d\n", cse->error)); 679 error = cse->error; 680 goto bail; 681 } 682 683 dst_len = crp->crp_ilen; 684 /* let the user know how much data was returned */ 685 if (crp->crp_olen) { 686 if (crp->crp_olen > (cop->dst_len ? cop->dst_len : cop->len)) { 687 error = ENOMEM; 688 goto bail; 689 } 690 dst_len = cop->dst_len = crp->crp_olen; 691 } 692 693 if (cop->dst) { 694 DPRINTF(("cryptodev_op: copyout %d bytes to %p\n", dst_len, cop->dst)); 695 } 696 if (cop->dst && 697 (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, dst_len))) 698 { 699 DPRINTF(("cryptodev_op: copyout error %d\n", error)); 700 goto bail; 701 } 702 703 if (cop->mac && 704 (error = copyout(crp->crp_mac, cop->mac, cse->thash->authsize))) { 705 DPRINTF(("cryptodev_op: mac copyout error %d\n", error)); 706 goto bail; 707 } 708 709 710 bail: 711 if (crp) { 712 crypto_freereq(crp); 713 } 714 if (cse->uio.uio_iov[0].iov_base) { 715 kmem_free(cse->uio.uio_iov[0].iov_base,iov_len); 716 } 717 718 return error; 719 } 720 721 static int 722 cryptodev_cb(void *op) 723 { 724 struct cryptop *crp = (struct cryptop *) op; 725 struct csession *cse = (struct csession *)crp->crp_opaque; 726 int error = 0; 727 728 mutex_enter(&crypto_mtx); 729 cse->error = crp->crp_etype; 730 if (crp->crp_etype == EAGAIN) { 731 /* always drop mutex to call dispatch routine */ 732 mutex_exit(&crypto_mtx); 733 error = crypto_dispatch(crp); 734 mutex_enter(&crypto_mtx); 735 } 736 if (error != 0 || (crp->crp_flags & CRYPTO_F_DONE)) { 737 cv_signal(&crp->crp_cv); 738 } 739 mutex_exit(&crypto_mtx); 740 return 0; 741 } 742 743 static int 744 cryptodev_mcb(void *op) 745 { 746 struct cryptop *crp = (struct cryptop *) op; 747 struct csession *cse = (struct csession *)crp->crp_opaque; 748 int error=0; 749 750 mutex_enter(&crypto_mtx); 751 cse->error = crp->crp_etype; 752 if (crp->crp_etype == EAGAIN) { 753 mutex_exit(&crypto_mtx); 754 error = crypto_dispatch(crp); 755 mutex_enter(&crypto_mtx); 756 } 757 if (error != 0 || (crp->crp_flags & CRYPTO_F_DONE)) { 758 cv_signal(&crp->crp_cv); 759 } 760 761 TAILQ_INSERT_TAIL(&crp->fcrp->crp_ret_mq, crp, crp_next); 762 selnotify(&crp->fcrp->sinfo, 0, 0); 763 mutex_exit(&crypto_mtx); 764 return 0; 765 } 766 767 static int 768 cryptodevkey_cb(void *op) 769 { 770 struct cryptkop *krp = op; 771 772 mutex_enter(&crypto_mtx); 773 cv_signal(&krp->krp_cv); 774 mutex_exit(&crypto_mtx); 775 return 0; 776 } 777 778 static int 779 cryptodevkey_mcb(void *op) 780 { 781 struct cryptkop *krp = op; 782 783 mutex_enter(&crypto_mtx); 784 cv_signal(&krp->krp_cv); 785 TAILQ_INSERT_TAIL(&krp->fcrp->crp_ret_mkq, krp, krp_next); 786 selnotify(&krp->fcrp->sinfo, 0, 0); 787 mutex_exit(&crypto_mtx); 788 return 0; 789 } 790 791 static int 792 cryptodev_key(struct crypt_kop *kop) 793 { 794 struct cryptkop *krp = NULL; 795 int error = EINVAL; 796 int in, out, size, i; 797 798 if (kop->crk_iparams + kop->crk_oparams > CRK_MAXPARAM) 799 return EFBIG; 800 801 in = kop->crk_iparams; 802 out = kop->crk_oparams; 803 switch (kop->crk_op) { 804 case CRK_MOD_EXP: 805 if (in == 3 && out == 1) 806 break; 807 return EINVAL; 808 case CRK_MOD_EXP_CRT: 809 if (in == 6 && out == 1) 810 break; 811 return EINVAL; 812 case CRK_DSA_SIGN: 813 if (in == 5 && out == 2) 814 break; 815 return EINVAL; 816 case CRK_DSA_VERIFY: 817 if (in == 7 && out == 0) 818 break; 819 return EINVAL; 820 case CRK_DH_COMPUTE_KEY: 821 if (in == 3 && out == 1) 822 break; 823 return EINVAL; 824 case CRK_MOD_ADD: 825 if (in == 3 && out == 1) 826 break; 827 return EINVAL; 828 case CRK_MOD_ADDINV: 829 if (in == 2 && out == 1) 830 break; 831 return EINVAL; 832 case CRK_MOD_SUB: 833 if (in == 3 && out == 1) 834 break; 835 return EINVAL; 836 case CRK_MOD_MULT: 837 if (in == 3 && out == 1) 838 break; 839 return EINVAL; 840 case CRK_MOD_MULTINV: 841 if (in == 2 && out == 1) 842 break; 843 return EINVAL; 844 case CRK_MOD: 845 if (in == 2 && out == 1) 846 break; 847 return EINVAL; 848 default: 849 return EINVAL; 850 } 851 852 krp = pool_get(&cryptkop_pool, PR_WAITOK); 853 (void)memset(krp, 0, sizeof *krp); 854 cv_init(&krp->krp_cv, "crykdev"); 855 krp->krp_op = kop->crk_op; 856 krp->krp_status = kop->crk_status; 857 krp->krp_iparams = kop->crk_iparams; 858 krp->krp_oparams = kop->crk_oparams; 859 krp->krp_status = 0; 860 krp->krp_callback = (int (*) (struct cryptkop *)) cryptodevkey_cb; 861 862 for (i = 0; i < CRK_MAXPARAM; i++) 863 krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits; 864 for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) { 865 size = (krp->krp_param[i].crp_nbits + 7) / 8; 866 if (size == 0) 867 continue; 868 krp->krp_param[i].crp_p = kmem_alloc(size, KM_SLEEP); 869 if (i >= krp->krp_iparams) 870 continue; 871 error = copyin(kop->crk_param[i].crp_p, 872 krp->krp_param[i].crp_p, size); 873 if (error) 874 goto fail; 875 } 876 877 error = crypto_kdispatch(krp); 878 if (error != 0) { 879 goto fail; 880 } 881 882 mutex_enter(&crypto_mtx); 883 while (!(krp->krp_flags & CRYPTO_F_DONE)) { 884 cv_wait(&krp->krp_cv, &crypto_mtx); /* XXX cv_wait_sig? */ 885 } 886 if (krp->krp_flags & CRYPTO_F_ONRETQ) { 887 DPRINTF(("cryptodev_key: DONE early, not via cryptoret.\n")); 888 (void)crypto_ret_kq_remove(krp); 889 } 890 mutex_exit(&crypto_mtx); 891 892 if (krp->krp_status != 0) { 893 DPRINTF(("cryptodev_key: krp->krp_status 0x%08x\n", 894 krp->krp_status)); 895 error = krp->krp_status; 896 goto fail; 897 } 898 899 for (i = krp->krp_iparams; i < krp->krp_iparams + krp->krp_oparams; 900 i++) { 901 size = (krp->krp_param[i].crp_nbits + 7) / 8; 902 if (size == 0) 903 continue; 904 error = copyout(krp->krp_param[i].crp_p, 905 kop->crk_param[i].crp_p, size); 906 if (error) { 907 DPRINTF(("cryptodev_key: copyout oparam %d failed, " 908 "error=%d\n", i-krp->krp_iparams, error)); 909 goto fail; 910 } 911 } 912 913 fail: 914 kop->crk_status = krp->krp_status; 915 for (i = 0; i < CRK_MAXPARAM; i++) { 916 struct crparam *kp = &(krp->krp_param[i]); 917 if (krp->krp_param[i].crp_p) { 918 size = (kp->crp_nbits + 7) / 8; 919 KASSERT(size > 0); 920 (void)memset(kp->crp_p, 0, size); 921 kmem_free(kp->crp_p, size); 922 } 923 } 924 cv_destroy(&krp->krp_cv); 925 pool_put(&cryptkop_pool, krp); 926 DPRINTF(("cryptodev_key: error=0x%08x\n", error)); 927 return error; 928 } 929 930 /* ARGSUSED */ 931 static int 932 cryptof_close(struct file *fp) 933 { 934 struct fcrypt *fcr = fp->f_data; 935 struct csession *cse; 936 937 mutex_enter(&crypto_mtx); 938 while ((cse = TAILQ_FIRST(&fcr->csessions))) { 939 TAILQ_REMOVE(&fcr->csessions, cse, next); 940 mutex_exit(&crypto_mtx); 941 (void)csefree(cse); 942 mutex_enter(&crypto_mtx); 943 } 944 seldestroy(&fcr->sinfo); 945 fp->f_data = NULL; 946 mutex_exit(&crypto_mtx); 947 948 pool_put(&fcrpl, fcr); 949 return 0; 950 } 951 952 /* needed for compatibility module */ 953 struct csession *cryptodev_csefind(struct fcrypt *fcr, u_int ses) 954 { 955 return csefind(fcr, ses); 956 } 957 958 /* csefind: call with crypto_mtx held. */ 959 static struct csession * 960 csefind(struct fcrypt *fcr, u_int ses) 961 { 962 struct csession *cse, *cnext, *ret = NULL; 963 964 KASSERT(mutex_owned(&crypto_mtx)); 965 TAILQ_FOREACH_SAFE(cse, &fcr->csessions, next, cnext) 966 if (cse->ses == ses) 967 ret = cse; 968 969 return ret; 970 } 971 972 /* csedelete: call with crypto_mtx held. */ 973 static int 974 csedelete(struct fcrypt *fcr, struct csession *cse_del) 975 { 976 struct csession *cse, *cnext; 977 int ret = 0; 978 979 KASSERT(mutex_owned(&crypto_mtx)); 980 TAILQ_FOREACH_SAFE(cse, &fcr->csessions, next, cnext) { 981 if (cse == cse_del) { 982 TAILQ_REMOVE(&fcr->csessions, cse, next); 983 ret = 1; 984 } 985 } 986 return ret; 987 } 988 989 static struct csession * 990 cseadd(struct fcrypt *fcr, struct csession *cse) 991 { 992 mutex_enter(&crypto_mtx); 993 /* don't let session ID wrap! */ 994 if (fcr->sesn + 1 == 0) return NULL; 995 TAILQ_INSERT_TAIL(&fcr->csessions, cse, next); 996 cse->ses = fcr->sesn++; 997 mutex_exit(&crypto_mtx); 998 return cse; 999 } 1000 1001 static struct csession * 1002 csecreate(struct fcrypt *fcr, u_int64_t sid, void *key, u_int64_t keylen, 1003 void *mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac, 1004 u_int32_t comp_alg, const struct enc_xform *txform, 1005 const struct auth_hash *thash, const struct comp_algo *tcomp) 1006 { 1007 struct csession *cse; 1008 1009 cse = pool_get(&csepl, PR_NOWAIT); 1010 if (cse == NULL) 1011 return NULL; 1012 cse->key = key; 1013 cse->keylen = keylen/8; 1014 cse->mackey = mackey; 1015 cse->mackeylen = mackeylen/8; 1016 cse->sid = sid; 1017 cse->cipher = cipher; 1018 cse->mac = mac; 1019 cse->comp_alg = comp_alg; 1020 cse->txform = txform; 1021 cse->thash = thash; 1022 cse->tcomp = tcomp; 1023 cse->error = 0; 1024 if (cseadd(fcr, cse)) 1025 return cse; 1026 else { 1027 pool_put(&csepl, cse); 1028 return NULL; 1029 } 1030 } 1031 1032 /* csefree: call with crypto_mtx held. */ 1033 static int 1034 csefree(struct csession *cse) 1035 { 1036 int error; 1037 1038 error = crypto_freesession(cse->sid); 1039 if (cse->key) 1040 free(cse->key, M_XDATA); 1041 if (cse->mackey) 1042 free(cse->mackey, M_XDATA); 1043 pool_put(&csepl, cse); 1044 return error; 1045 } 1046 1047 static int 1048 cryptoopen(dev_t dev, int flag, int mode, 1049 struct lwp *l) 1050 { 1051 file_t *fp; 1052 struct fcrypt *fcr; 1053 int fd, error; 1054 1055 if (crypto_usercrypto == 0) 1056 return ENXIO; 1057 1058 if ((error = fd_allocfile(&fp, &fd)) != 0) 1059 return error; 1060 1061 fcr = pool_get(&fcrpl, PR_WAITOK); 1062 getnanotime(&fcr->btime); 1063 fcr->atime = fcr->mtime = fcr->btime; 1064 mutex_enter(&crypto_mtx); 1065 TAILQ_INIT(&fcr->csessions); 1066 TAILQ_INIT(&fcr->crp_ret_mq); 1067 TAILQ_INIT(&fcr->crp_ret_mkq); 1068 selinit(&fcr->sinfo); 1069 /* 1070 * Don't ever return session 0, to allow detection of 1071 * failed creation attempts with multi-create ioctl. 1072 */ 1073 fcr->sesn = 1; 1074 fcr->requestid = 1; 1075 mutex_exit(&crypto_mtx); 1076 return fd_clone(fp, fd, flag, &cryptofops, fcr); 1077 } 1078 1079 static int 1080 cryptoread(dev_t dev, struct uio *uio, int ioflag) 1081 { 1082 return EIO; 1083 } 1084 1085 static int 1086 cryptowrite(dev_t dev, struct uio *uio, int ioflag) 1087 { 1088 return EIO; 1089 } 1090 1091 int 1092 cryptoselect(dev_t dev, int rw, struct lwp *l) 1093 { 1094 return 0; 1095 } 1096 1097 /*static*/ 1098 struct cdevsw crypto_cdevsw = { 1099 /* open */ cryptoopen, 1100 /* close */ noclose, 1101 /* read */ cryptoread, 1102 /* write */ cryptowrite, 1103 /* ioctl */ noioctl, 1104 /* ttstop?*/ nostop, 1105 /* ??*/ notty, 1106 /* poll */ cryptoselect /*nopoll*/, 1107 /* mmap */ nommap, 1108 /* kqfilter */ nokqfilter, 1109 /* type */ D_OTHER, 1110 }; 1111 1112 int 1113 cryptodev_mop(struct fcrypt *fcr, 1114 struct crypt_n_op * cnop, 1115 int count, struct lwp *l) 1116 { 1117 struct cryptop *crp = NULL; 1118 struct cryptodesc *crde = NULL, *crda = NULL, *crdc = NULL; 1119 int req, error=0; 1120 struct csession *cse; 1121 int flags=0; 1122 int iov_len; 1123 1124 for (req = 0; req < count; req++) { 1125 mutex_enter(&crypto_mtx); 1126 cse = csefind(fcr, cnop[req].ses); 1127 if (cse == NULL) { 1128 DPRINTF(("csefind failed\n")); 1129 cnop[req].status = EINVAL; 1130 mutex_exit(&crypto_mtx); 1131 continue; 1132 } 1133 mutex_exit(&crypto_mtx); 1134 1135 if (cnop[req].len > 256*1024-4) { 1136 DPRINTF(("length failed\n")); 1137 cnop[req].status = EINVAL; 1138 continue; 1139 } 1140 if (cse->txform) { 1141 if (cnop[req].len < cse->txform->blocksize - 1142 (cnop[req].iv ? 0 : cse->txform->ivsize) || 1143 (cnop[req].len - 1144 (cnop[req].iv ? 0 : cse->txform->ivsize)) 1145 % cse->txform->blocksize) { 1146 cnop[req].status = EINVAL; 1147 continue; 1148 } 1149 } 1150 1151 crp = crypto_getreq((cse->txform != NULL) + 1152 (cse->thash != NULL) + 1153 (cse->tcomp != NULL)); 1154 if (crp == NULL) { 1155 cnop[req].status = ENOMEM; 1156 goto bail; 1157 } 1158 1159 iov_len = cnop[req].len; 1160 /* got a compression/decompression max size? */ 1161 if ((cse->tcomp) && cnop[req].dst_len) { 1162 if (iov_len < cnop[req].dst_len) { 1163 /* Need larger iov to deal with decompress */ 1164 iov_len = cnop[req].dst_len; 1165 } 1166 DPRINTF(("cryptodev_mop: iov_len -> %d for decompress\n", iov_len)); 1167 } 1168 1169 (void)memset(&crp->uio, 0, sizeof(crp->uio)); 1170 crp->uio.uio_iovcnt = 1; 1171 crp->uio.uio_resid = 0; 1172 crp->uio.uio_rw = UIO_WRITE; 1173 crp->uio.uio_iov = crp->iovec; 1174 UIO_SETUP_SYSSPACE(&crp->uio); 1175 memset(&crp->iovec, 0, sizeof(crp->iovec)); 1176 crp->uio.uio_iov[0].iov_len = iov_len; 1177 DPRINTF(("cryptodev_mop: kmem_alloc(%d) for iov \n", iov_len)); 1178 crp->uio.uio_iov[0].iov_base = kmem_alloc(iov_len, KM_SLEEP); 1179 crp->uio.uio_resid = crp->uio.uio_iov[0].iov_len; 1180 1181 if (cse->tcomp) { 1182 crdc = crp->crp_desc; 1183 } 1184 1185 if (cse->thash) { 1186 crda = crdc ? crdc->crd_next : crp->crp_desc; 1187 if (cse->txform && crda) 1188 crde = crda->crd_next; 1189 } else { 1190 if (cse->txform) { 1191 crde = crdc ? crdc->crd_next : crp->crp_desc; 1192 } else if (!cse->tcomp) { 1193 error = EINVAL; 1194 goto bail; 1195 } 1196 } 1197 1198 if ((copyin(cnop[req].src, 1199 crp->uio.uio_iov[0].iov_base, cnop[req].len))) { 1200 cnop[req].status = EINVAL; 1201 goto bail; 1202 } 1203 1204 if (crdc) { 1205 switch (cnop[req].op) { 1206 case COP_COMP: 1207 crdc->crd_flags |= CRD_F_COMP; 1208 break; 1209 case COP_DECOMP: 1210 crdc->crd_flags &= ~CRD_F_COMP; 1211 break; 1212 default: 1213 break; 1214 } 1215 /* more data to follow? */ 1216 if (cnop[req].flags & COP_F_MORE) { 1217 flags |= CRYPTO_F_MORE; 1218 } 1219 crdc->crd_len = cnop[req].len; 1220 crdc->crd_inject = 0; 1221 1222 crdc->crd_alg = cse->comp_alg; 1223 crdc->crd_key = NULL; 1224 crdc->crd_klen = 0; 1225 DPRINTF(("cryptodev_mop[%d]: crdc setup for comp_alg %d" 1226 " len %d.\n", 1227 (uint32_t)cse->sid, crdc->crd_alg, 1228 crdc->crd_len)); 1229 } 1230 1231 if (crda) { 1232 crda->crd_skip = 0; 1233 crda->crd_len = cnop[req].len; 1234 crda->crd_inject = 0; /* ??? */ 1235 1236 crda->crd_alg = cse->mac; 1237 crda->crd_key = cse->mackey; 1238 crda->crd_klen = cse->mackeylen * 8; 1239 } 1240 1241 if (crde) { 1242 if (cnop[req].op == COP_ENCRYPT) 1243 crde->crd_flags |= CRD_F_ENCRYPT; 1244 else 1245 crde->crd_flags &= ~CRD_F_ENCRYPT; 1246 crde->crd_len = cnop[req].len; 1247 crde->crd_inject = 0; 1248 1249 crde->crd_alg = cse->cipher; 1250 #ifdef notyet /* XXX must notify h/w driver new key, drain */ 1251 if(cnop[req].key && cnop[req].keylen) { 1252 crde->crd_key = malloc(cnop[req].keylen, 1253 M_XDATA, M_WAITOK); 1254 if((error = copyin(cnop[req].key, 1255 crde->crd_key, cnop[req].keylen))) { 1256 cnop[req].status = EINVAL; 1257 goto bail; 1258 } 1259 crde->crd_klen = cnop[req].keylen * 8; 1260 } else { ... } 1261 #endif 1262 crde->crd_key = cse->key; 1263 crde->crd_klen = cse->keylen * 8; 1264 } 1265 1266 crp->crp_ilen = cnop[req].len; 1267 crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIMM | 1268 (cnop[req].flags & COP_F_BATCH) | flags; 1269 crp->crp_buf = (void *)&crp->uio; 1270 crp->crp_callback = (int (*) (struct cryptop *)) cryptodev_mcb; 1271 crp->crp_sid = cse->sid; 1272 crp->crp_opaque = (void *)cse; 1273 crp->fcrp = fcr; 1274 crp->dst = cnop[req].dst; 1275 crp->len = cnop[req].len; /* input len, iov may be larger */ 1276 crp->mac = cnop[req].mac; 1277 DPRINTF(("cryptodev_mop: iov_base %p dst %p len %d mac %p\n", 1278 crp->uio.uio_iov[0].iov_base, crp->dst, crp->len, 1279 crp->mac)); 1280 1281 if (cnop[req].iv) { 1282 if (crde == NULL) { 1283 cnop[req].status = EINVAL; 1284 goto bail; 1285 } 1286 if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */ 1287 cnop[req].status = EINVAL; 1288 goto bail; 1289 } 1290 if ((error = copyin(cnop[req].iv, crp->tmp_iv, 1291 cse->txform->ivsize))) { 1292 cnop[req].status = EINVAL; 1293 goto bail; 1294 } 1295 (void)memcpy(crde->crd_iv, crp->tmp_iv, 1296 cse->txform->ivsize); 1297 crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT; 1298 crde->crd_skip = 0; 1299 } else if (crde) { 1300 if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */ 1301 crde->crd_skip = 0; 1302 } else { 1303 if (!(crde->crd_flags & CRD_F_ENCRYPT)) 1304 crde->crd_flags |= CRD_F_IV_PRESENT; 1305 crde->crd_skip = cse->txform->ivsize; 1306 crde->crd_len -= cse->txform->ivsize; 1307 } 1308 } 1309 1310 if (cnop[req].mac) { 1311 if (crda == NULL) { 1312 cnop[req].status = EINVAL; 1313 goto bail; 1314 } 1315 crp->crp_mac=cse->tmp_mac; 1316 } 1317 cnop[req].reqid = atomic_inc_32_nv(&(fcr->requestid)); 1318 crp->crp_reqid = cnop[req].reqid; 1319 crp->crp_usropaque = cnop[req].opaque; 1320 #ifdef notyet 1321 eagain: 1322 #endif 1323 cnop[req].status = crypto_dispatch(crp); 1324 mutex_enter(&crypto_mtx); /* XXX why mutex? */ 1325 1326 switch (cnop[req].status) { 1327 #ifdef notyet /* don't loop forever -- but EAGAIN not possible here yet */ 1328 case EAGAIN: 1329 mutex_exit(&crypto_mtx); 1330 goto eagain; 1331 break; 1332 #endif 1333 case 0: 1334 break; 1335 default: 1336 DPRINTF(("cryptodev_op: not waiting, error.\n")); 1337 mutex_exit(&crypto_mtx); 1338 goto bail; 1339 } 1340 1341 mutex_exit(&crypto_mtx); 1342 bail: 1343 if (cnop[req].status) { 1344 if (crp) { 1345 if (crp->uio.uio_iov[0].iov_base) { 1346 kmem_free(crp->uio.uio_iov[0].iov_base, 1347 crp->uio.uio_iov[0].iov_len); 1348 } 1349 crypto_freereq(crp); 1350 } 1351 error = 0; 1352 } 1353 } 1354 return error; 1355 } 1356 1357 static int 1358 cryptodev_mkey(struct fcrypt *fcr, struct crypt_n_kop *kop, int count) 1359 { 1360 struct cryptkop *krp = NULL; 1361 int error = EINVAL; 1362 int in, out, size, i, req; 1363 1364 for (req = 0; req < count; req++) { 1365 if (kop[req].crk_iparams + kop[req].crk_oparams > CRK_MAXPARAM) 1366 return EFBIG; 1367 1368 in = kop[req].crk_iparams; 1369 out = kop[req].crk_oparams; 1370 switch (kop[req].crk_op) { 1371 case CRK_MOD_EXP: 1372 if (in == 3 && out == 1) 1373 break; 1374 kop[req].crk_status = EINVAL; 1375 continue; 1376 case CRK_MOD_EXP_CRT: 1377 if (in == 6 && out == 1) 1378 break; 1379 kop[req].crk_status = EINVAL; 1380 continue; 1381 case CRK_DSA_SIGN: 1382 if (in == 5 && out == 2) 1383 break; 1384 kop[req].crk_status = EINVAL; 1385 continue; 1386 case CRK_DSA_VERIFY: 1387 if (in == 7 && out == 0) 1388 break; 1389 kop[req].crk_status = EINVAL; 1390 continue; 1391 case CRK_DH_COMPUTE_KEY: 1392 if (in == 3 && out == 1) 1393 break; 1394 kop[req].crk_status = EINVAL; 1395 continue; 1396 case CRK_MOD_ADD: 1397 if (in == 3 && out == 1) 1398 break; 1399 kop[req].crk_status = EINVAL; 1400 continue; 1401 case CRK_MOD_ADDINV: 1402 if (in == 2 && out == 1) 1403 break; 1404 kop[req].crk_status = EINVAL; 1405 continue; 1406 case CRK_MOD_SUB: 1407 if (in == 3 && out == 1) 1408 break; 1409 kop[req].crk_status = EINVAL; 1410 continue; 1411 case CRK_MOD_MULT: 1412 if (in == 3 && out == 1) 1413 break; 1414 kop[req].crk_status = EINVAL; 1415 continue; 1416 case CRK_MOD_MULTINV: 1417 if (in == 2 && out == 1) 1418 break; 1419 kop[req].crk_status = EINVAL; 1420 continue; 1421 case CRK_MOD: 1422 if (in == 2 && out == 1) 1423 break; 1424 kop[req].crk_status = EINVAL; 1425 continue; 1426 default: 1427 kop[req].crk_status = EINVAL; 1428 continue; 1429 } 1430 1431 krp = pool_get(&cryptkop_pool, PR_WAITOK); 1432 (void)memset(krp, 0, sizeof *krp); 1433 cv_init(&krp->krp_cv, "crykdev"); 1434 krp->krp_op = kop[req].crk_op; 1435 krp->krp_status = kop[req].crk_status; 1436 krp->krp_iparams = kop[req].crk_iparams; 1437 krp->krp_oparams = kop[req].crk_oparams; 1438 krp->krp_status = 0; 1439 krp->krp_callback = 1440 (int (*) (struct cryptkop *)) cryptodevkey_mcb; 1441 (void)memcpy(krp->crk_param, kop[req].crk_param, 1442 sizeof(kop[req].crk_param)); 1443 1444 krp->krp_flags = CRYPTO_F_CBIMM; 1445 1446 for (i = 0; i < CRK_MAXPARAM; i++) 1447 krp->krp_param[i].crp_nbits = 1448 kop[req].crk_param[i].crp_nbits; 1449 for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) { 1450 size = (krp->krp_param[i].crp_nbits + 7) / 8; 1451 if (size == 0) 1452 continue; 1453 krp->krp_param[i].crp_p = 1454 kmem_alloc(size, KM_SLEEP); 1455 if (i >= krp->krp_iparams) 1456 continue; 1457 kop[req].crk_status = 1458 copyin(kop[req].crk_param[i].crp_p, 1459 krp->krp_param[i].crp_p, size); 1460 if (kop[req].crk_status) 1461 goto fail; 1462 } 1463 krp->fcrp = fcr; 1464 1465 kop[req].crk_reqid = atomic_inc_32_nv(&(fcr->requestid)); 1466 krp->krp_reqid = kop[req].crk_reqid; 1467 krp->krp_usropaque = kop[req].crk_opaque; 1468 1469 kop[req].crk_status = crypto_kdispatch(krp); 1470 if (kop[req].crk_status != 0) { 1471 goto fail; 1472 } 1473 1474 fail: 1475 if(kop[req].crk_status) { 1476 if (krp) { 1477 kop[req].crk_status = krp->krp_status; 1478 for (i = 0; i < CRK_MAXPARAM; i++) { 1479 struct crparam *kp = 1480 &(krp->krp_param[i]); 1481 if (kp->crp_p) { 1482 size = (kp->crp_nbits + 7) / 8; 1483 KASSERT(size > 0); 1484 memset(kp->crp_p, 0, size); 1485 kmem_free(kp->crp_p, size); 1486 } 1487 } 1488 cv_destroy(&krp->krp_cv); 1489 pool_put(&cryptkop_pool, krp); 1490 } 1491 } 1492 error = 0; 1493 } 1494 DPRINTF(("cryptodev_key: error=0x%08x\n", error)); 1495 return error; 1496 } 1497 1498 int 1499 cryptodev_session(struct fcrypt *fcr, struct session_op *sop) 1500 { 1501 struct cryptoini cria, crie; 1502 struct cryptoini cric; /* compressor */ 1503 struct cryptoini *crihead = NULL; 1504 const struct enc_xform *txform = NULL; 1505 const struct auth_hash *thash = NULL; 1506 const struct comp_algo *tcomp = NULL; 1507 struct csession *cse; 1508 u_int64_t sid; 1509 int error = 0; 1510 1511 DPRINTF(("cryptodev_session() cipher=%d, mac=%d\n", sop->cipher, sop->mac)); 1512 1513 /* XXX there must be a way to not embed the list of xforms here */ 1514 switch (sop->cipher) { 1515 case 0: 1516 break; 1517 case CRYPTO_DES_CBC: 1518 txform = &enc_xform_des; 1519 break; 1520 case CRYPTO_3DES_CBC: 1521 txform = &enc_xform_3des; 1522 break; 1523 case CRYPTO_BLF_CBC: 1524 txform = &enc_xform_blf; 1525 break; 1526 case CRYPTO_CAST_CBC: 1527 txform = &enc_xform_cast5; 1528 break; 1529 case CRYPTO_SKIPJACK_CBC: 1530 txform = &enc_xform_skipjack; 1531 break; 1532 case CRYPTO_AES_CBC: 1533 txform = &enc_xform_rijndael128; 1534 break; 1535 case CRYPTO_CAMELLIA_CBC: 1536 txform = &enc_xform_camellia; 1537 break; 1538 case CRYPTO_AES_CTR: 1539 txform = &enc_xform_aes_ctr; 1540 break; 1541 case CRYPTO_AES_GCM_16: 1542 txform = &enc_xform_aes_gcm; 1543 break; 1544 case CRYPTO_AES_GMAC: 1545 txform = &enc_xform_aes_gmac; 1546 break; 1547 case CRYPTO_NULL_CBC: 1548 txform = &enc_xform_null; 1549 break; 1550 case CRYPTO_ARC4: 1551 txform = &enc_xform_arc4; 1552 break; 1553 default: 1554 DPRINTF(("Invalid cipher %d\n", sop->cipher)); 1555 return EINVAL; 1556 } 1557 1558 switch (sop->comp_alg) { 1559 case 0: 1560 break; 1561 case CRYPTO_DEFLATE_COMP: 1562 tcomp = &comp_algo_deflate; 1563 break; 1564 case CRYPTO_GZIP_COMP: 1565 tcomp = &comp_algo_gzip; 1566 DPRINTF(("cryptodev_session() tcomp for GZIP\n")); 1567 break; 1568 default: 1569 DPRINTF(("Invalid compression alg %d\n", sop->comp_alg)); 1570 return EINVAL; 1571 } 1572 1573 switch (sop->mac) { 1574 case 0: 1575 break; 1576 case CRYPTO_MD5_HMAC: 1577 thash = &auth_hash_hmac_md5; 1578 break; 1579 case CRYPTO_SHA1_HMAC: 1580 thash = &auth_hash_hmac_sha1; 1581 break; 1582 case CRYPTO_MD5_HMAC_96: 1583 thash = &auth_hash_hmac_md5_96; 1584 break; 1585 case CRYPTO_SHA1_HMAC_96: 1586 thash = &auth_hash_hmac_sha1_96; 1587 break; 1588 case CRYPTO_SHA2_HMAC: 1589 /* XXX switching on key length seems questionable */ 1590 if (sop->mackeylen == auth_hash_hmac_sha2_256.keysize) { 1591 thash = &auth_hash_hmac_sha2_256; 1592 } else if (sop->mackeylen == auth_hash_hmac_sha2_384.keysize) { 1593 thash = &auth_hash_hmac_sha2_384; 1594 } else if (sop->mackeylen == auth_hash_hmac_sha2_512.keysize) { 1595 thash = &auth_hash_hmac_sha2_512; 1596 } else { 1597 DPRINTF(("Invalid mackeylen %d\n", sop->mackeylen)); 1598 return EINVAL; 1599 } 1600 break; 1601 case CRYPTO_RIPEMD160_HMAC: 1602 thash = &auth_hash_hmac_ripemd_160; 1603 break; 1604 case CRYPTO_RIPEMD160_HMAC_96: 1605 thash = &auth_hash_hmac_ripemd_160_96; 1606 break; 1607 case CRYPTO_MD5: 1608 thash = &auth_hash_md5; 1609 break; 1610 case CRYPTO_SHA1: 1611 thash = &auth_hash_sha1; 1612 break; 1613 case CRYPTO_AES_XCBC_MAC_96: 1614 thash = &auth_hash_aes_xcbc_mac_96; 1615 break; 1616 case CRYPTO_AES_128_GMAC: 1617 thash = &auth_hash_gmac_aes_128; 1618 break; 1619 case CRYPTO_AES_192_GMAC: 1620 thash = &auth_hash_gmac_aes_192; 1621 break; 1622 case CRYPTO_AES_256_GMAC: 1623 thash = &auth_hash_gmac_aes_256; 1624 break; 1625 case CRYPTO_NULL_HMAC: 1626 thash = &auth_hash_null; 1627 break; 1628 default: 1629 DPRINTF(("Invalid mac %d\n", sop->mac)); 1630 return EINVAL; 1631 } 1632 1633 memset(&crie, 0, sizeof(crie)); 1634 memset(&cria, 0, sizeof(cria)); 1635 memset(&cric, 0, sizeof(cric)); 1636 1637 if (tcomp) { 1638 cric.cri_alg = tcomp->type; 1639 cric.cri_klen = 0; 1640 DPRINTF(("tcomp->type = %d\n", tcomp->type)); 1641 1642 crihead = &cric; 1643 if (txform) { 1644 cric.cri_next = &crie; 1645 } else if (thash) { 1646 cric.cri_next = &cria; 1647 } 1648 } 1649 1650 if (txform) { 1651 crie.cri_alg = txform->type; 1652 crie.cri_klen = sop->keylen * 8; 1653 if (sop->keylen > txform->maxkey || 1654 sop->keylen < txform->minkey) { 1655 DPRINTF(("keylen %d not in [%d,%d]\n", 1656 sop->keylen, txform->minkey, txform->maxkey)); 1657 error = EINVAL; 1658 goto bail; 1659 } 1660 1661 crie.cri_key = malloc(crie.cri_klen / 8, M_XDATA, M_WAITOK); 1662 if ((error = copyin(sop->key, crie.cri_key, crie.cri_klen / 8))) 1663 goto bail; 1664 if (!crihead) { 1665 crihead = &crie; 1666 } 1667 if (thash) 1668 crie.cri_next = &cria; 1669 } 1670 1671 if (thash) { 1672 cria.cri_alg = thash->type; 1673 cria.cri_klen = sop->mackeylen * 8; 1674 if (sop->mackeylen != thash->keysize) { 1675 DPRINTF(("mackeylen %d != keysize %d\n", 1676 sop->mackeylen, thash->keysize)); 1677 error = EINVAL; 1678 goto bail; 1679 } 1680 if (cria.cri_klen) { 1681 cria.cri_key = malloc(cria.cri_klen / 8, M_XDATA, 1682 M_WAITOK); 1683 if ((error = copyin(sop->mackey, cria.cri_key, 1684 cria.cri_klen / 8))) { 1685 goto bail; 1686 } 1687 } 1688 if (!crihead) { 1689 crihead = &cria; 1690 } 1691 } 1692 1693 error = crypto_newsession(&sid, crihead, crypto_devallowsoft); 1694 if (!error) { 1695 DPRINTF(("cyrptodev_session: got session %d\n", (uint32_t)sid)); 1696 cse = csecreate(fcr, sid, crie.cri_key, crie.cri_klen, 1697 cria.cri_key, cria.cri_klen, (txform ? sop->cipher : 0), sop->mac, 1698 (tcomp ? sop->comp_alg : 0), txform, thash, tcomp); 1699 if (cse != NULL) { 1700 sop->ses = cse->ses; 1701 } else { 1702 DPRINTF(("csecreate failed\n")); 1703 crypto_freesession(sid); 1704 error = EINVAL; 1705 } 1706 } else { 1707 DPRINTF(("SIOCSESSION violates kernel parameters %d\n", 1708 error)); 1709 } 1710 bail: 1711 if (error) { 1712 if (crie.cri_key) { 1713 memset(crie.cri_key, 0, crie.cri_klen / 8); 1714 free(crie.cri_key, M_XDATA); 1715 } 1716 if (cria.cri_key) { 1717 memset(cria.cri_key, 0, cria.cri_klen / 8); 1718 free(cria.cri_key, M_XDATA); 1719 } 1720 } 1721 return error; 1722 } 1723 1724 int 1725 cryptodev_msession(struct fcrypt *fcr, struct session_n_op *sn_ops, 1726 int count) 1727 { 1728 int i; 1729 1730 for (i = 0; i < count; i++, sn_ops++) { 1731 struct session_op s_op; 1732 s_op.cipher = sn_ops->cipher; 1733 s_op.mac = sn_ops->mac; 1734 s_op.keylen = sn_ops->keylen; 1735 s_op.key = sn_ops->key; 1736 s_op.mackeylen = sn_ops->mackeylen; 1737 s_op.mackey = sn_ops->mackey; 1738 1739 sn_ops->status = cryptodev_session(fcr, &s_op); 1740 sn_ops->ses = s_op.ses; 1741 } 1742 1743 return 0; 1744 } 1745 1746 static int 1747 cryptodev_msessionfin(struct fcrypt *fcr, int count, u_int32_t *sesid) 1748 { 1749 struct csession *cse; 1750 int req, error = 0; 1751 1752 mutex_enter(&crypto_mtx); 1753 for(req = 0; req < count; req++) { 1754 cse = csefind(fcr, sesid[req]); 1755 if (cse == NULL) 1756 continue; 1757 csedelete(fcr, cse); 1758 mutex_exit(&crypto_mtx); 1759 error = csefree(cse); 1760 mutex_enter(&crypto_mtx); 1761 } 1762 mutex_exit(&crypto_mtx); 1763 return 0; 1764 } 1765 1766 /* 1767 * collect as many completed requests as are availble, or count completed 1768 * requests whichever is less. 1769 * return the number of requests. 1770 */ 1771 static int 1772 cryptodev_getmstatus(struct fcrypt *fcr, struct crypt_result *crypt_res, 1773 int count) 1774 { 1775 struct cryptop *crp = NULL; 1776 struct cryptkop *krp = NULL; 1777 struct csession *cse; 1778 int i, size, req = 0; 1779 int completed=0; 1780 1781 /* On queue so nobody else can grab them 1782 * and copyout can be delayed-- no locking */ 1783 TAILQ_HEAD(, cryptop) crp_delfree_q = 1784 TAILQ_HEAD_INITIALIZER(crp_delfree_q); 1785 TAILQ_HEAD(, cryptkop) krp_delfree_q = 1786 TAILQ_HEAD_INITIALIZER(krp_delfree_q); 1787 1788 /* at this point we do not know which response user is requesting for 1789 * (symmetric or asymmetric) so we copyout one from each i.e if the 1790 * count is 2 then 1 from symmetric and 1 from asymmetric queue and 1791 * if 3 then 2 symmetric and 1 asymmetric and so on */ 1792 1793 /* pull off a list of requests while protected from changes */ 1794 mutex_enter(&crypto_mtx); 1795 while (req < count) { 1796 crp = TAILQ_FIRST(&fcr->crp_ret_mq); 1797 if (crp) { 1798 TAILQ_REMOVE(&fcr->crp_ret_mq, crp, crp_next); 1799 TAILQ_INSERT_TAIL(&crp_delfree_q, crp, crp_next); 1800 cse = (struct csession *)crp->crp_opaque; 1801 1802 /* see if the session is still valid */ 1803 cse = csefind(fcr, cse->ses); 1804 if (cse != NULL) { 1805 crypt_res[req].status = 0; 1806 } else { 1807 DPRINTF(("csefind failed\n")); 1808 crypt_res[req].status = EINVAL; 1809 } 1810 req++; 1811 } 1812 if(req < count) { 1813 crypt_res[req].status = 0; 1814 krp = TAILQ_FIRST(&fcr->crp_ret_mkq); 1815 if (krp) { 1816 TAILQ_REMOVE(&fcr->crp_ret_mkq, krp, krp_next); 1817 TAILQ_INSERT_TAIL(&krp_delfree_q, krp, krp_next); 1818 req++; 1819 } 1820 } 1821 } 1822 mutex_exit(&crypto_mtx); 1823 1824 /* now do all the work outside the mutex */ 1825 for(req=0; req < count ;) { 1826 crp = TAILQ_FIRST(&crp_delfree_q); 1827 if (crp) { 1828 if (crypt_res[req].status != 0) { 1829 /* csefind failed during collection */ 1830 goto bail; 1831 } 1832 cse = (struct csession *)crp->crp_opaque; 1833 crypt_res[req].reqid = crp->crp_reqid; 1834 crypt_res[req].opaque = crp->crp_usropaque; 1835 completed++; 1836 1837 if (crp->crp_etype != 0) { 1838 crypt_res[req].status = crp->crp_etype; 1839 goto bail; 1840 } 1841 1842 if (cse->error) { 1843 crypt_res[req].status = cse->error; 1844 goto bail; 1845 } 1846 1847 if (crp->dst && (crypt_res[req].status = 1848 copyout(crp->uio.uio_iov[0].iov_base, crp->dst, 1849 crp->len))) 1850 goto bail; 1851 1852 if (crp->mac && (crypt_res[req].status = 1853 copyout(crp->crp_mac, crp->mac, 1854 cse->thash->authsize))) 1855 goto bail; 1856 1857 bail: 1858 TAILQ_REMOVE(&crp_delfree_q, crp, crp_next); 1859 kmem_free(crp->uio.uio_iov[0].iov_base, 1860 crp->uio.uio_iov[0].iov_len); 1861 crypto_freereq(crp); 1862 req++; 1863 } 1864 1865 if (req < count) { 1866 krp = TAILQ_FIRST(&krp_delfree_q); 1867 if (krp) { 1868 crypt_res[req].reqid = krp->krp_reqid; 1869 crypt_res[req].opaque = krp->krp_usropaque; 1870 completed++; 1871 if (krp->krp_status != 0) { 1872 DPRINTF(("cryptodev_key: " 1873 "krp->krp_status 0x%08x\n", 1874 krp->krp_status)); 1875 crypt_res[req].status = krp->krp_status; 1876 goto fail; 1877 } 1878 1879 for (i = krp->krp_iparams; i < krp->krp_iparams 1880 + krp->krp_oparams; i++) { 1881 size = (krp->krp_param[i].crp_nbits 1882 + 7) / 8; 1883 if (size == 0) 1884 continue; 1885 crypt_res[req].status = copyout 1886 (krp->krp_param[i].crp_p, 1887 krp->crk_param[i].crp_p, size); 1888 if (crypt_res[req].status) { 1889 DPRINTF(("cryptodev_key: " 1890 "copyout oparam %d failed, " 1891 "error=%d\n", 1892 i - krp->krp_iparams, 1893 crypt_res[req].status)); 1894 goto fail; 1895 } 1896 } 1897 fail: 1898 TAILQ_REMOVE(&krp_delfree_q, krp, krp_next); 1899 /* not sure what to do for this */ 1900 /* kop[req].crk_status = krp->krp_status; */ 1901 for (i = 0; i < CRK_MAXPARAM; i++) { 1902 struct crparam *kp = &(krp->krp_param[i]); 1903 if (kp->crp_p) { 1904 size = (kp->crp_nbits + 7) / 8; 1905 KASSERT(size > 0); 1906 (void)memset(kp->crp_p, 0, size); 1907 kmem_free(kp->crp_p, size); 1908 } 1909 } 1910 cv_destroy(&krp->krp_cv); 1911 pool_put(&cryptkop_pool, krp); 1912 req++; 1913 } 1914 } 1915 } 1916 1917 return completed; 1918 } 1919 1920 static int 1921 cryptodev_getstatus (struct fcrypt *fcr, struct crypt_result *crypt_res) 1922 { 1923 struct cryptop *crp = NULL, *cnext; 1924 struct cryptkop *krp = NULL, *knext; 1925 struct csession *cse; 1926 int i, size, req = 0; 1927 1928 mutex_enter(&crypto_mtx); 1929 /* Here we dont know for which request the user is requesting the 1930 * response so checking in both the queues */ 1931 TAILQ_FOREACH_SAFE(crp, &fcr->crp_ret_mq, crp_next, cnext) { 1932 if(crp && (crp->crp_reqid == crypt_res->reqid)) { 1933 cse = (struct csession *)crp->crp_opaque; 1934 crypt_res->opaque = crp->crp_usropaque; 1935 cse = csefind(fcr, cse->ses); 1936 if (cse == NULL) { 1937 DPRINTF(("csefind failed\n")); 1938 crypt_res->status = EINVAL; 1939 goto bail; 1940 } 1941 1942 if (crp->crp_etype != 0) { 1943 crypt_res->status = crp->crp_etype; 1944 goto bail; 1945 } 1946 1947 if (cse->error) { 1948 crypt_res->status = cse->error; 1949 goto bail; 1950 } 1951 1952 if (crp->dst && (crypt_res->status = 1953 copyout(crp->uio.uio_iov[0].iov_base, 1954 crp->dst, crp->len))) 1955 goto bail; 1956 1957 if (crp->mac && (crypt_res->status = 1958 copyout(crp->crp_mac, crp->mac, 1959 cse->thash->authsize))) 1960 goto bail; 1961 bail: 1962 TAILQ_REMOVE(&fcr->crp_ret_mq, crp, crp_next); 1963 1964 mutex_exit(&crypto_mtx); 1965 crypto_freereq(crp); 1966 return 0; 1967 } 1968 } 1969 1970 TAILQ_FOREACH_SAFE(krp, &fcr->crp_ret_mkq, krp_next, knext) { 1971 if(krp && (krp->krp_reqid == crypt_res->reqid)) { 1972 crypt_res[req].opaque = krp->krp_usropaque; 1973 if (krp->krp_status != 0) { 1974 DPRINTF(("cryptodev_key: " 1975 "krp->krp_status 0x%08x\n", 1976 krp->krp_status)); 1977 crypt_res[req].status = krp->krp_status; 1978 goto fail; 1979 } 1980 1981 for (i = krp->krp_iparams; i < krp->krp_iparams + 1982 krp->krp_oparams; i++) { 1983 size = (krp->krp_param[i].crp_nbits + 7) / 8; 1984 if (size == 0) 1985 continue; 1986 crypt_res[req].status = copyout( 1987 krp->krp_param[i].crp_p, 1988 krp->crk_param[i].crp_p, size); 1989 if (crypt_res[req].status) { 1990 DPRINTF(("cryptodev_key: copyout oparam" 1991 "%d failed, error=%d\n", 1992 i - krp->krp_iparams, 1993 crypt_res[req].status)); 1994 goto fail; 1995 } 1996 } 1997 fail: 1998 TAILQ_REMOVE(&fcr->crp_ret_mkq, krp, krp_next); 1999 mutex_exit(&crypto_mtx); 2000 /* not sure what to do for this */ 2001 /* kop[req].crk_status = krp->krp_status; */ 2002 for (i = 0; i < CRK_MAXPARAM; i++) { 2003 struct crparam *kp = &(krp->krp_param[i]); 2004 if (kp->crp_p) { 2005 size = (kp->crp_nbits + 7) / 8; 2006 KASSERT(size > 0); 2007 memset(kp->crp_p, 0, size); 2008 kmem_free(kp->crp_p, size); 2009 } 2010 } 2011 cv_destroy(&krp->krp_cv); 2012 pool_put(&cryptkop_pool, krp); 2013 return 0; 2014 } 2015 } 2016 mutex_exit(&crypto_mtx); 2017 return EINPROGRESS; 2018 } 2019 2020 static int 2021 cryptof_stat(struct file *fp, struct stat *st) 2022 { 2023 struct fcrypt *fcr = fp->f_data; 2024 2025 (void)memset(st, 0, sizeof(st)); 2026 2027 mutex_enter(&crypto_mtx); 2028 st->st_dev = makedev(cdevsw_lookup_major(&crypto_cdevsw), fcr->sesn); 2029 st->st_atimespec = fcr->atime; 2030 st->st_mtimespec = fcr->mtime; 2031 st->st_ctimespec = st->st_birthtimespec = fcr->btime; 2032 st->st_uid = kauth_cred_geteuid(fp->f_cred); 2033 st->st_gid = kauth_cred_getegid(fp->f_cred); 2034 mutex_exit(&crypto_mtx); 2035 2036 return 0; 2037 } 2038 2039 static int 2040 cryptof_poll(struct file *fp, int events) 2041 { 2042 struct fcrypt *fcr = (struct fcrypt *)fp->f_data; 2043 int revents = 0; 2044 2045 if (!(events & (POLLIN | POLLRDNORM))) { 2046 /* only support read and POLLIN */ 2047 return 0; 2048 } 2049 2050 mutex_enter(&crypto_mtx); 2051 if (TAILQ_EMPTY(&fcr->crp_ret_mq) && TAILQ_EMPTY(&fcr->crp_ret_mkq)) { 2052 /* no completed requests pending, save the poll for later */ 2053 selrecord(curlwp, &fcr->sinfo); 2054 } else { 2055 /* let the app(s) know that there are completed requests */ 2056 revents = events & (POLLIN | POLLRDNORM); 2057 } 2058 mutex_exit(&crypto_mtx); 2059 2060 return revents; 2061 } 2062 2063 /* 2064 * Pseudo-device initialization routine for /dev/crypto 2065 */ 2066 void cryptoattach(int); 2067 2068 void 2069 cryptoattach(int num) 2070 { 2071 pool_init(&fcrpl, sizeof(struct fcrypt), 0, 0, 0, "fcrpl", 2072 NULL, IPL_NET); /* XXX IPL_NET ("splcrypto") */ 2073 pool_init(&csepl, sizeof(struct csession), 0, 0, 0, "csepl", 2074 NULL, IPL_NET); /* XXX IPL_NET ("splcrypto") */ 2075 2076 /* 2077 * Preallocate space for 64 users, with 5 sessions each. 2078 * (consider that a TLS protocol session requires at least 2079 * 3DES, MD5, and SHA1 (both hashes are used in the PRF) for 2080 * the negotiation, plus HMAC_SHA1 for the actual SSL records, 2081 * consuming one session here for each algorithm. 2082 */ 2083 pool_prime(&fcrpl, 64); 2084 pool_prime(&csepl, 64 * 5); 2085 } 2086
Indexes created Thu Oct 02 14:10:14 GMT 2025