Page MenuHomeFreeBSD

Use const with some read-only buffers in opencrypto APIs.
ClosedPublic

Authored by jhb on Apr 27 2017, 12:05 AM.
Tags
None
Referenced Files
F161887117: D10517.id28182.diff
Tue, Jul 7, 5:48 PM
Unknown Object (File)
Sat, Jun 27, 12:59 PM
Unknown Object (File)
Wed, Jun 24, 4:29 PM
Unknown Object (File)
Tue, Jun 23, 1:45 PM
Unknown Object (File)
Mon, Jun 22, 1:55 PM
Unknown Object (File)
Mon, Jun 22, 10:25 AM
Unknown Object (File)
Sat, Jun 20, 10:28 PM
Unknown Object (File)
May 20 2026, 1:13 AM
Subscribers

Details

Summary

Use const with some read-only buffers in opencrypto APIs.

  • Mark the source buffer for a copyback operation as const in the kernel API.
  • Use const with input-only buffers in crypto ioctl structures used with /dev/crypto.
Test Plan
  • passes make tinderbox
  • have tested IPSec + /dev/crypto access (via a testing tool that compares the results of crypto operations on /dev/crypto against OpenSSL's software implementation) against cryptosoft, aesni(4), and a driver for the Chelsio T6 crypto engine

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

looks fine, have you verified that the tests in tests/sys/opencrypto pass? they are not present in your test plan.

Also, is your testing tool in the tree?

The testing tool is in the branch https://github.com/freebsd/freebsd/compare/master...bsdjhb:cryptocheck. (These changes are also in that branch, and my intention is to pull smaller bits out one at a time for review.) I will run the other tests, though they are currently still hardcoded for aesni0.

No objection from secteam@ (if we were blocking).

This revision was automatically updated to reflect the committed changes.