Page MenuHomeFreeBSD

Use const with some read-only buffers in opencrypto APIs.
ClosedPublic

Authored by jhb on Apr 27 2017, 12:05 AM.
Tags
None
Referenced Files
Unknown Object (File)
Jan 30 2024, 1:48 PM
Unknown Object (File)
Dec 24 2023, 1:17 PM
Unknown Object (File)
Dec 20 2023, 2:15 AM
Unknown Object (File)
Nov 13 2023, 5:46 PM
Unknown Object (File)
Oct 20 2023, 10:26 AM
Unknown Object (File)
Aug 25 2023, 1:43 PM
Unknown Object (File)
Aug 25 2023, 10:54 AM
Unknown Object (File)
Aug 4 2023, 12:57 AM
Subscribers

Details

Summary

Use const with some read-only buffers in opencrypto APIs.

  • Mark the source buffer for a copyback operation as const in the kernel API.
  • Use const with input-only buffers in crypto ioctl structures used with /dev/crypto.
Test Plan
  • passes make tinderbox
  • have tested IPSec + /dev/crypto access (via a testing tool that compares the results of crypto operations on /dev/crypto against OpenSSL's software implementation) against cryptosoft, aesni(4), and a driver for the Chelsio T6 crypto engine

Diff Detail

Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 8927
Build 9317: arc lint + arc unit

Event Timeline

looks fine, have you verified that the tests in tests/sys/opencrypto pass? they are not present in your test plan.

Also, is your testing tool in the tree?

The testing tool is in the branch https://github.com/freebsd/freebsd/compare/master...bsdjhb:cryptocheck. (These changes are also in that branch, and my intention is to pull smaller bits out one at a time for review.) I will run the other tests, though they are currently still hardcoded for aesni0.

No objection from secteam@ (if we were blocking).

This revision was automatically updated to reflect the committed changes.