Index: ObsoleteFiles.inc =================================================================== --- ObsoleteFiles.inc +++ ObsoleteFiles.inc @@ -36,6 +36,13 @@ # xargs -n1 | sort | uniq -d; # done +# 2021xxxx: Remove kernel asymmetric crypto +OLD_FILES+=usr/share/man/man9/crypto_asym.9 +OLD_FILES+=usr/share/man/man9/crypto_kdispatch.9 +OLD_FILES+=usr/share/man/man9/crypto_kdone.9 +OLD_FILES+=usr/share/man/man9/crypto_kregister.9 +OLD_FILES+=usr/share/man/man9/CRYPTODEV_KPROCESS.9 + # 20210408: remove tcp_hostcache.h OLD_FILES+=usr/include/netinet/tcp_hostcache.h Index: share/man/man4/crypto.4 =================================================================== --- share/man/man4/crypto.4 +++ share/man/man4/crypto.4 @@ -93,53 +93,32 @@ calls on the descriptor. User-mode access to .Pa /dev/crypto -is controlled by two +is controlled by the +.Ic kern.cryptodevallowsoft .Xr sysctl 8 -variables: -.Ic kern.userasymcrypto -and -.Ic kern.cryptodevallowsoft . -.Pp -The -.Nm -device provides two distinct modes of operation: one mode for -symmetric-keyed cryptographic requests and digests, and a second mode for -both asymmetric-key (public-key/private-key) requests and -modular arithmetic (for Diffie-Hellman key exchange and other -cryptographic protocols). -The two modes are described separately below. -.Sh DEPRECATION NOTICE -The asymmetric-key operations supported by this interface will not be -present in -.Fx 14.0 -and later. +variable. +If this variable is zero, +then user-mode sessions are only permitted to use cryptography coprocessors. .Sh THEORY OF OPERATION -Regardless of whether symmetric-key or asymmetric-key operations are -to be performed, use of the device requires a basic series of steps: +Use of the device requires a basic series of steps: .Bl -enum .It Open the .Pa /dev/crypto device. .It -If any symmetric-keyed cryptographic or digest operations will be performed, -create a session with +Create a session with .Dv CIOCGSESSION or .Dv CIOCGSESSION2 . -Most applications will require at least one symmetric session. +Applications will require at least one symmetric session. Since cipher and MAC keys are tied to sessions, many applications will require more. -Asymmetric operations do not use sessions. .It Submit requests, synchronously with .Dv CIOCCRYPT -(symmetric), -.Dv CIOCCRYPTAEAD -(symmetric), or -.Dv CIOCKEY -(asymmetric). +.Dv CIOCCRYPTAEAD . .It Optionally destroy a session with .Dv CIOCFSESSION . @@ -151,22 +130,27 @@ file desriptor. .El .Sh SYMMETRIC-KEY OPERATION -The symmetric-key operation mode provides a context-based API +.Nm cryptodev +provides a context-based API to traditional symmetric-key encryption (or privacy) algorithms, -or to keyed and unkeyed one-way hash (HMAC and MAC) algorithms. -The symmetric-key mode also permits encrypt-then-authenticate fused operation, -where the hardware performs both a privacy algorithm and an integrity-check +keyed and unkeyed one-way hash (HMAC and MAC) algorithms, +encrypt-then-authenticate (ETA) fused operations, +and authenticated encryption with additional data (AEAD) operations. +For ETA operations, +drivers perform both a privacy algorithm and an integrity-check algorithm in a single pass over the data: either a fused encrypt/HMAC-generate operation, or a fused HMAC-verify/decrypt operation. +Similarly, for AEAD operations, +drivers perform either an encrypt/MAC-generate operation +or a MAC-verify/decrypt operation. .Pp -To use symmetric mode, you must first create a session specifying -the algorithm(s) and key(s) to use; then issue encrypt or decrypt -requests against the session. +The algorithm(s) and key(s) to use are specified when a session is +created. +Individual requests are able to specify per-request initialization vectors +or nonces. .Ss Algorithms For a list of supported algorithms, see -.Xr crypto 7 -and -.Xr crypto 9 . +.Xr crypto 7 . .Ss IOCTL Request Descriptions .\" .Bl -tag -width CIOCGSESSION @@ -216,11 +200,13 @@ The special value 0 for either privacy or integrity is reserved to indicate that the indicated operation (privacy or integrity) is not desired for this session. +ETA sessions specify both privacy and integrity algorithms. +AEAD sessions specify only a privacy algorithm. .Pp Multiple sessions may be bound to a single file descriptor. The session ID returned in .Fa sessp-\*[Gt]ses -is supplied as a required field in the symmetric-operation structure +is supplied as a required field in the operation structure .Fa crypt_op for future encryption or hashing requests. .\" .Pp @@ -229,7 +215,7 @@ .\" .Nx .\" extension. .Pp -For non-zero symmetric-key privacy algorithms, the privacy algorithm +For non-zero privacy algorithms, the privacy algorithm must be specified in .Fa sessp-\*[Gt]cipher , the key length in @@ -290,7 +276,7 @@ }; .Ed -Request a symmetric-key (or hash) operation. +Request an encryption/decryption (or hash) operation. To encrypt, set .Fa cr_op-\*[Gt]op to @@ -344,75 +330,6 @@ Destroys the session identified by .Fa ses_id . .El -.\" -.Sh ASYMMETRIC-KEY OPERATION -.Ss Asymmetric-key algorithms -Contingent upon hardware support, the following asymmetric -(public-key/private-key; or key-exchange subroutine) operations may -also be available: -.Pp -.Bl -column "CRK_DH_COMPUTE_KEY" "Input parameter" "Output parameter" -offset indent -compact -.It Em "Algorithm" Ta "Input parameter" Ta "Output parameter" -.It Em " " Ta "Count" Ta "Count" -.It Dv CRK_MOD_EXP Ta 3 Ta 1 -.It Dv CRK_MOD_EXP_CRT Ta 6 Ta 1 -.It Dv CRK_DSA_SIGN Ta 5 Ta 2 -.It Dv CRK_DSA_VERIFY Ta 7 Ta 0 -.It Dv CRK_DH_COMPUTE_KEY Ta 3 Ta 1 -.El -.Pp -See below for discussion of the input and output parameter counts. -.Ss Asymmetric-key commands -.Bl -tag -width CIOCKEY -.It Dv CIOCASYMFEAT Fa int *feature_mask -Returns a bitmask of supported asymmetric-key operations. -Each of the above-listed asymmetric operations is present -if and only if the bit position numbered by the code for that operation -is set. -For example, -.Dv CRK_MOD_EXP -is available if and only if the bit -.Pq 1 \*[Lt]\*[Lt] Dv CRK_MOD_EXP -is set. -.It Dv CIOCKEY Fa struct crypt_kop *kop -.Bd -literal -struct crypt_kop { - u_int crk_op; /* e.g. CRK_MOD_EXP */ - u_int crk_status; /* return status */ - u_short crk_iparams; /* # of input params */ - u_short crk_oparams; /* # of output params */ - u_int crk_pad1; - struct crparam crk_param[CRK_MAXPARAM]; -}; - -/* Bignum parameter, in packed bytes. */ -struct crparam { - void * crp_p; - u_int crp_nbits; -}; - -.Ed -Performs an asymmetric-key operation from the list above. -The specific operation is supplied in -.Fa kop-\*[Gt]crk_op ; -final status for the operation is returned in -.Fa kop-\*[Gt]crk_status . -The number of input arguments and the number of output arguments -is specified in -.Fa kop-\*[Gt]crk_iparams -and -.Fa kop-\*[Gt]crk_iparams , -respectively. -The field -.Fa crk_param[] -must be filled in with exactly -.Fa kop-\*[Gt]crk_iparams + kop-\*[Gt]crk_oparams -arguments, each encoded as a -.Fa struct crparam -(address, bitlength) pair. -.Pp -The semantics of these arguments are currently undocumented. -.El .Sh SEE ALSO .Xr aesni 4 , .Xr hifn 4 , @@ -444,5 +361,3 @@ session: if you request a .No non- Ns Dv NULL algorithm, you must supply a suitably-sized buffer. -.Pp -The scheme for passing arguments for asymmetric requests is baroque. Index: share/man/man9/Makefile =================================================================== --- share/man/man9/Makefile +++ share/man/man9/Makefile @@ -72,7 +72,6 @@ cr_seeothergids.9 \ cr_seeotheruids.9 \ crypto.9 \ - crypto_asym.9 \ crypto_buffer.9 \ crypto_driver.9 \ crypto_request.9 \ @@ -913,10 +912,6 @@ cpuset.9 CPU_COPY_STORE_REL.9 MLINKS+=critical_enter.9 critical.9 \ critical_enter.9 critical_exit.9 -MLINKS+=crypto_asym.9 crypto_kdispatch.9 \ - crypto_asym.9 crypto_kdone.9 \ - crypto_asym.9 crypto_kregister.9 \ - crypto_asym.9 CRYPTODEV_KPROCESS.9 MLINKS+=crypto_buffer.9 crypto_apply.9 \ crypto_buffer.9 crypto_apply_buf.9 \ crypto_buffer.9 crypto_buffer_contiguous_segment.9 \ Index: share/man/man9/crypto.9 =================================================================== --- share/man/man9/crypto.9 +++ share/man/man9/crypto.9 @@ -35,15 +35,10 @@ device. .Pp .Nm -supports two modes of operation: -one mode for symmetric-keyed cryptographic requests and digest, -and a second mode for asymmetric-key requests and modular arithmetic. -.Ss Symmetric-Key Mode -Symmetric-key operations include encryption and decryption operations +supports encryption and decryption operations using block and stream ciphers as well as computation and verification of message authentication codes (MACs). -In this mode, -consumers allocate sessions to describe a transform as discussed in +Consumers allocate sessions to describe a transform as discussed in .Xr crypto_session 9 . Consumers then allocate request objects to describe each transformation such as encrypting a network packet or decrypting a disk sector. @@ -56,18 +51,6 @@ describes the interfaces drivers use to register with the framework, helper routines the framework provides to faciliate request processing, and the interfaces drivers are required to provide. -.Ss Asymmetric-Key Mode -Assymteric-key operations do not use sessions. -Instead, -these operations perform individual mathematical operations using a set -of input and output parameters. -These operations are described in -.Xr crypto_asym 9 . -Drivers that support asymmetric operations use additional interfaces -described in -.Xr crypto_asym 9 -in addition to the base interfaces described in -.Xr crypto_driver 9 . .Ss Callbacks Since the consumers may not be associated with a process, drivers may not @@ -83,10 +66,9 @@ Session initialization does not use callbacks and returns errors synchronously. .Ss Session Migration -For symmetric-key operations, -a specific error code, +Operations may fail with a specific error code, .Er EAGAIN , -is used to indicate that a session handle has changed and that the +to indicate that a session handle has changed and that the request may be re-submitted immediately with the new session. The consumer should update its saved copy of the session handle to the value of @@ -95,9 +77,6 @@ .Ss Supported Algorithms More details on some algorithms may be found in .Xr crypto 7 . -These algorithms are used for symmetric-mode operations. -Asymmetric-mode operations support operations described in -.Xr crypto_asym 9 . .Pp The following authentication algorithms are supported: .Pp @@ -156,7 +135,6 @@ .Xr crypto 4 , .Xr ipsec 4 , .Xr crypto 7 , -.Xr crypto_asym 9 , .Xr crypto_driver 9 , .Xr crypto_request 9 , .Xr crypto_session 9 , Index: share/man/man9/crypto_asym.9 =================================================================== --- share/man/man9/crypto_asym.9 +++ /dev/null @@ -1,178 +0,0 @@ -.\" Copyright (c) 2020, Chelsio Inc -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright notice, -.\" this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Chelsio Inc nor the names of its -.\" contributors may be used to endorse or promote products derived from -.\" this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -.\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE -.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. -.\" -.\" * Other names and brands may be claimed as the property of others. -.\" -.\" $FreeBSD$ -.\" -.Dd March 27, 2020 -.Dt CRYPTO_ASYM 9 -.Os -.Sh NAME -.Nm crypto_asym -.Nd asymmetric cryptographic operations -.Sh SYNOPSIS -.In opencrypto/cryptodev.h -.Ft int -.Fn crypto_kdispatch "struct cryptkop *krp" -.Ft void -.Fn crypto_kdone "struct cryptkop *krp" -.Ft int -.Fn crypto_kregister "uint32_t driverid" "int kalg" "uint32_t flags" -.Ft int -.Fn CRYPTODEV_KPROCESS "device_t dev" "struct cryptop *krp" "int flags" -.Sh DESCRIPTION -The in-kernel cryptographic kernel framework supports asymmetric -requests (keying requests) in addition to symmetric operations. -There are currently no in-kernel users of these requests, -but applications can make requests of hardware drivers via the -.Pa /dev/crypto -device . -.Pp -Some APIs are shared with the framework's symmetric request support. -This manual describes the APIs and data structures unique to -asymmetric requests. -.Pp -.Ss Request Objects -A request is described by a -.Vt struct cryptkop -containing the following fields: -.Bl -tag -width "krp_callback" -.It Fa krp_op -Operation to perform. -Available operations include -.Dv CRK_MOD_EXP , -.Dv CRK_MOD_EXP_CRT , -.Dv CRK_DSA_SIGN , -.Dv CRK_DSA_VERIFY , -and -.Dv CRK_DH_COMPUTE_KEY . -.It Fa krp_status -Error status. -Either zero on success, -or an error if an operation fails. -Set by drivers prior to completing a request via -.Fn crypto_kdone . -.It Fa krp_iparams -Count of input parameters. -.It Fa krp_oparams -Count of output parameters. -.It Fa krp_crid -Requested device. -.It Fa krp_hid -Device used to complete the request. -.It Fa krp_param -Array of parameters. -The array contains the input parameters first followed by the output -parameters. -Each parameter is stored as a bignum. -Each bignum is described by a -.Vt struct crparam -containing the following fields: -.Bl -tag -width "crp_nbits" -.It Fa crp_p -Pointer to array of packed bytes. -.It Fa crp_nbits -Size of bignum in bits. -.El -.It Fa krp_callback -Callback function. -This must point to a callback function of type -.Vt void (*)(struct cryptkop *) . -The callback function should inspect -.Fa krp_status -to determine the status of the completed operation. -.El -.Pp -New requests should be initialized to zero before setting fields to -appropriate values. -Once the request has been populated, -it should be passed to -.Fn crypto_kdispatch . -.Pp -.Fn crypto_kdispatch -will choose a device driver to perform the operation described by -.Fa krp -and invoke that driver's -.Fn CRYPTO_KPROCESS -method. -.Ss Driver API -Drivers register support for asymmetric operations by calling -.Fn crypto_kregister -for each supported algorithm. -.Fa driverid -should be the value returned by an earlier call to -.Fn crypto_get_driverid . -.Fa kalg -should list one of the operations that can be set in -.Fa krp_op . -.Fa flags -is a bitmask of zero or more of the following values: -.Bl -tag -width "CRYPTO_ALG_FLAG_RNG_ENABLE" -.It Dv CRYPTO_ALG_FLAG_RNG_ENABLE -Device has a hardware RNG for DH/DSA. -.It Dv CRYPTO_ALG_FLAG_DSA_SHA -Device can compute a SHA digest of a message. -.El -.Pp -Drivers unregister with the framework via -.Fn crypto_unregister_all . -.Pp -Similar to -.Fn CRYPTO_PROCESS , -.Fn CRYPTO_KPROCESS -should complete the request or schedule it for asynchronous -completion. -If this method is not able to complete a request due to insufficient -resources, -it can defer the request (and future asymmetric requests) by returning -.Dv ERESTART . -Once resources are available, -the driver should invoke -.Fn crypto_unblock -with -.Dv CRYPTO_ASYMQ -to resume processing of asymmetric requests. -.Pp -Once a request is completed, -the driver should set -.Fa krp_status -and then call -.Fn crypto_kdone . -.Sh RETURN VALUES -.Fn crypto_kdispatch , -.Fn crypto_kregister , -and -.Fn CRYPTODEV_KPROCESS -return zero on success or an error on failure. -.Sh SEE ALSO -.Xr crypto 7 , -.Xr crypto 9 , -.Xr crypto_driver 9 , -.Xr crypto_request 9 , -.Xr crypto_session 9 Index: share/man/man9/crypto_driver.9 =================================================================== --- share/man/man9/crypto_driver.9 +++ share/man/man9/crypto_driver.9 @@ -285,13 +285,10 @@ .Fn crypto_get_driverid . .Fa what indicates which types of requests the driver is able to handle again: -.Bl -tag -width "CRYPTO_ASYMQ" +.Bl -tag -width "CRYPTO_SYMQ" .It Dv CRYPTO_SYMQ indicates that the driver is able to handle symmetric requests passed to .Fn CRYPTODEV_PROCESS . -.It Dv CRYPTO_ASYMQ -indicates that the driver is able to handle asymmetric requests passed to -.Fn CRYPTODEV_KPROCESS . .El .Pp .Pp Index: sys/dev/hifn/hifn7751.c =================================================================== --- sys/dev/hifn/hifn7751.c +++ sys/dev/hifn/hifn7751.c @@ -2252,7 +2252,7 @@ HIFN_UNLOCK(sc); if (sc->sc_needwakeup) { /* XXX check high watermark */ - int wakeup = sc->sc_needwakeup & (CRYPTO_SYMQ|CRYPTO_ASYMQ); + int wakeup = sc->sc_needwakeup & CRYPTO_SYMQ; #ifdef HIFN_DEBUG if (hifn_debug) device_printf(sc->sc_dev, Index: sys/dev/safe/safe.c =================================================================== --- sys/dev/safe/safe.c +++ sys/dev/safe/safe.c @@ -385,8 +385,6 @@ #if 0 printf(" key"); sc->sc_flags |= SAFE_FLAGS_KEY; - crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0); - crypto_kregister(sc->sc_cid, CRK_MOD_EXP_CRT, 0); #endif } if (sc->sc_devinfo & SAFE_DEVINFO_DES) { @@ -584,7 +582,7 @@ } if (sc->sc_needwakeup) { /* XXX check high watermark */ - int wakeup = sc->sc_needwakeup & (CRYPTO_SYMQ|CRYPTO_ASYMQ); + int wakeup = sc->sc_needwakeup & CRYPTO_SYMQ; DPRINTF(("%s: wakeup crypto %x\n", __func__, sc->sc_needwakeup)); sc->sc_needwakeup &= ~wakeup; Index: sys/mips/nlm/dev/sec/nlmsec.c =================================================================== --- sys/mips/nlm/dev/sec/nlmsec.c +++ sys/mips/nlm/dev/sec/nlmsec.c @@ -281,7 +281,7 @@ atomic_add_int(&creditleft, sc->sec_msgsz); if (creditleft >= (NLM_CRYPTO_LEFT_REQS)) { crypto_unblock(sc->sc_cid, sc->sc_needwakeup); - sc->sc_needwakeup &= (~(CRYPTO_SYMQ | CRYPTO_ASYMQ)); + sc->sc_needwakeup &= ~CRYPTO_SYMQ; } } if (cmd->hash_dst_len != 0) { Index: sys/opencrypto/crypto.c =================================================================== --- sys/opencrypto/crypto.c +++ sys/opencrypto/crypto.c @@ -98,8 +98,7 @@ /* * Crypto drivers register themselves by allocating a slot in the - * crypto_drivers table with crypto_get_driverid() and then registering - * each asym algorithm they support with crypto_kregister(). + * crypto_drivers table with crypto_get_driverid(). */ static struct mtx crypto_drivers_mtx; /* lock on driver table */ #define CRYPTO_DRIVER_LOCK() mtx_lock(&crypto_drivers_mtx) @@ -118,13 +117,10 @@ device_t cc_dev; uint32_t cc_hid; uint32_t cc_sessions; /* (d) # of sessions */ - uint32_t cc_koperations; /* (d) # os asym operations */ - uint8_t cc_kalg[CRK_ALGORITHM_MAX + 1]; int cc_flags; /* (d) flags */ #define CRYPTOCAP_F_CLEANUP 0x80000000 /* needs resource cleanup */ int cc_qblocked; /* (q) symmetric q blocked */ - int cc_kqblocked; /* (q) asymmetric q blocked */ size_t cc_session_size; volatile int cc_refs; }; @@ -139,16 +135,8 @@ /* Driver softc follows. */ }; -/* - * There are two queues for crypto requests; one for symmetric (e.g. - * cipher) operations and one for asymmetric (e.g. MOD)operations. - * A single mutex is used to lock access to both queues. We could - * have one per-queue but having one simplifies handling of block/unblock - * operations. - */ static int crp_sleep = 0; static TAILQ_HEAD(cryptop_q ,cryptop) crp_q; /* request queues */ -static TAILQ_HEAD(,cryptkop) crp_kq; static struct mtx crypto_q_mtx; #define CRYPTO_Q_LOCK() mtx_lock(&crypto_q_mtx) #define CRYPTO_Q_UNLOCK() mtx_unlock(&crypto_q_mtx) @@ -172,7 +160,6 @@ TAILQ_HEAD(,cryptop) crp_ordered_ret_q; /* ordered callback queue for symetric jobs */ TAILQ_HEAD(,cryptop) crp_ret_q; /* callback queue for symetric jobs */ - TAILQ_HEAD(,cryptkop) crp_ret_kq; /* callback queue for asym jobs */ uint32_t reorder_ops; /* total ordered sym jobs received */ uint32_t reorder_cur_seq; /* current sym job dispatched */ @@ -201,16 +188,6 @@ static uma_zone_t cryptop_zone; -int crypto_userasymcrypto = 1; -SYSCTL_INT(_kern_crypto, OID_AUTO, asym_enable, CTLFLAG_RW, - &crypto_userasymcrypto, 0, - "Enable user-mode access to asymmetric crypto support"); -#ifdef COMPAT_FREEBSD12 -SYSCTL_INT(_kern, OID_AUTO, userasymcrypto, CTLFLAG_RW, - &crypto_userasymcrypto, 0, - "Enable/disable user-mode access to asymmetric crypto support"); -#endif - int crypto_devallowsoft = 0; SYSCTL_INT(_kern_crypto, OID_AUTO, allow_soft, CTLFLAG_RW, &crypto_devallowsoft, 0, @@ -228,7 +205,6 @@ static void crypto_ret_proc(struct crypto_ret_worker *ret_worker); static void crypto_destroy(void); static int crypto_invoke(struct cryptocap *cap, struct cryptop *crp, int hint); -static int crypto_kinvoke(struct cryptkop *krp); static void crypto_task_invoke(void *ctx, int pending); static void crypto_batch_enqueue(struct cryptop *crp); @@ -308,8 +284,6 @@ KASSERT(cap->cc_sessions == 0, ("freeing crypto driver with active sessions")); - KASSERT(cap->cc_koperations == 0, - ("freeing crypto driver with active key operations")); free(cap, M_CRYPTO_DATA); } @@ -324,7 +298,6 @@ MTX_DEF|MTX_QUIET); TAILQ_INIT(&crp_q); - TAILQ_INIT(&crp_kq); mtx_init(&crypto_q_mtx, "crypto", "crypto op queues", MTX_DEF); cryptop_zone = uma_zcreate("cryptop", @@ -358,7 +331,6 @@ FOREACH_CRYPTO_RETW(ret_worker) { TAILQ_INIT(&ret_worker->crp_ordered_ret_q); TAILQ_INIT(&ret_worker->crp_ret_q); - TAILQ_INIT(&ret_worker->crp_ret_kq); ret_worker->reorder_ops = 0; ret_worker->reorder_cur_seq = 0; @@ -1114,43 +1086,6 @@ return (flags); } -/* - * Register support for a key-related algorithm. This routine - * is called once for each algorithm supported a driver. - */ -int -crypto_kregister(uint32_t driverid, int kalg, uint32_t flags) -{ - struct cryptocap *cap; - int err; - - CRYPTO_DRIVER_LOCK(); - - cap = crypto_checkdriver(driverid); - if (cap != NULL && - (CRK_ALGORITM_MIN <= kalg && kalg <= CRK_ALGORITHM_MAX)) { - /* - * XXX Do some performance testing to determine placing. - * XXX We probably need an auxiliary data structure that - * XXX describes relative performances. - */ - - cap->cc_kalg[kalg] = flags | CRYPTO_ALG_FLAG_SUPPORTED; - if (bootverbose) - printf("crypto: %s registers key alg %u flags %u\n" - , device_get_nameunit(cap->cc_dev) - , kalg - , flags - ); - gone_in_dev(cap->cc_dev, 14, "asymmetric crypto"); - err = 0; - } else - err = EINVAL; - - CRYPTO_DRIVER_UNLOCK(); - return err; -} - /* * Unregister all algorithms associated with a crypto driver. * If there are pending sessions using it, leave enough information @@ -1177,7 +1112,7 @@ * XXX: This doesn't do anything to kick sessions that * have no pending operations. */ - while (cap->cc_sessions != 0 || cap->cc_koperations != 0) + while (cap->cc_sessions != 0) mtx_sleep(cap, &crypto_drivers_mtx, 0, "cryunreg", 0); CRYPTO_DRIVER_UNLOCK(); cap_rele(cap); @@ -1200,8 +1135,6 @@ if (cap != NULL) { if (what & CRYPTO_SYMQ) cap->cc_qblocked = 0; - if (what & CRYPTO_ASYMQ) - cap->cc_kqblocked = 0; if (crp_sleep) wakeup_one(&crp_q); err = 0; @@ -1499,189 +1432,6 @@ CRYPTO_Q_UNLOCK(); } -/* - * Add an asymetric crypto request to a queue, - * to be processed by the kernel thread. - */ -int -crypto_kdispatch(struct cryptkop *krp) -{ - int error; - - CRYPTOSTAT_INC(cs_kops); - - krp->krp_cap = NULL; - error = crypto_kinvoke(krp); - if (error == ERESTART) { - CRYPTO_Q_LOCK(); - TAILQ_INSERT_TAIL(&crp_kq, krp, krp_next); - if (crp_sleep) - wakeup_one(&crp_q); - CRYPTO_Q_UNLOCK(); - error = 0; - } - return error; -} - -/* - * Verify a driver is suitable for the specified operation. - */ -static __inline int -kdriver_suitable(const struct cryptocap *cap, const struct cryptkop *krp) -{ - return (cap->cc_kalg[krp->krp_op] & CRYPTO_ALG_FLAG_SUPPORTED) != 0; -} - -/* - * Select a driver for an asym operation. The driver must - * support the necessary algorithm. The caller can constrain - * which device is selected with the flags parameter. The - * algorithm we use here is pretty stupid; just use the first - * driver that supports the algorithms we need. If there are - * multiple suitable drivers we choose the driver with the - * fewest active operations. We prefer hardware-backed - * drivers to software ones when either may be used. - */ -static struct cryptocap * -crypto_select_kdriver(const struct cryptkop *krp, int flags) -{ - struct cryptocap *cap, *best; - int match, hid; - - CRYPTO_DRIVER_ASSERT(); - - /* - * Look first for hardware crypto devices if permitted. - */ - if (flags & CRYPTOCAP_F_HARDWARE) - match = CRYPTOCAP_F_HARDWARE; - else - match = CRYPTOCAP_F_SOFTWARE; - best = NULL; -again: - for (hid = 0; hid < crypto_drivers_size; hid++) { - /* - * If there is no driver for this slot, or the driver - * is not appropriate (hardware or software based on - * match), then skip. - */ - cap = crypto_drivers[hid]; - if (cap == NULL || - (cap->cc_flags & match) == 0) - continue; - - /* verify all the algorithms are supported. */ - if (kdriver_suitable(cap, krp)) { - if (best == NULL || - cap->cc_koperations < best->cc_koperations) - best = cap; - } - } - if (best != NULL) - return best; - if (match == CRYPTOCAP_F_HARDWARE && (flags & CRYPTOCAP_F_SOFTWARE)) { - /* sort of an Algol 68-style for loop */ - match = CRYPTOCAP_F_SOFTWARE; - goto again; - } - return best; -} - -/* - * Choose a driver for an asymmetric crypto request. - */ -static struct cryptocap * -crypto_lookup_kdriver(struct cryptkop *krp) -{ - struct cryptocap *cap; - uint32_t crid; - - /* If this request is requeued, it might already have a driver. */ - cap = krp->krp_cap; - if (cap != NULL) - return (cap); - - /* Use krp_crid to choose a driver. */ - crid = krp->krp_crid; - if ((crid & (CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE)) == 0) { - cap = crypto_checkdriver(crid); - if (cap != NULL) { - /* - * Driver present, it must support the - * necessary algorithm and, if s/w drivers are - * excluded, it must be registered as - * hardware-backed. - */ - if (!kdriver_suitable(cap, krp) || - (!crypto_devallowsoft && - (cap->cc_flags & CRYPTOCAP_F_HARDWARE) == 0)) - cap = NULL; - } - } else { - /* - * No requested driver; select based on crid flags. - */ - if (!crypto_devallowsoft) /* NB: disallow s/w drivers */ - crid &= ~CRYPTOCAP_F_SOFTWARE; - cap = crypto_select_kdriver(krp, crid); - } - - if (cap != NULL) { - krp->krp_cap = cap_ref(cap); - krp->krp_hid = cap->cc_hid; - } - return (cap); -} - -/* - * Dispatch an asymmetric crypto request. - */ -static int -crypto_kinvoke(struct cryptkop *krp) -{ - struct cryptocap *cap = NULL; - int error; - - KASSERT(krp != NULL, ("%s: krp == NULL", __func__)); - KASSERT(krp->krp_callback != NULL, - ("%s: krp->crp_callback == NULL", __func__)); - - CRYPTO_DRIVER_LOCK(); - cap = crypto_lookup_kdriver(krp); - if (cap == NULL) { - CRYPTO_DRIVER_UNLOCK(); - krp->krp_status = ENODEV; - crypto_kdone(krp); - return (0); - } - - /* - * If the device is blocked, return ERESTART to requeue it. - */ - if (cap->cc_kqblocked) { - /* - * XXX: Previously this set krp_status to ERESTART and - * invoked crypto_kdone but the caller would still - * requeue it. - */ - CRYPTO_DRIVER_UNLOCK(); - return (ERESTART); - } - - cap->cc_koperations++; - CRYPTO_DRIVER_UNLOCK(); - error = CRYPTODEV_KPROCESS(cap->cc_dev, krp, 0); - if (error == ERESTART) { - CRYPTO_DRIVER_LOCK(); - cap->cc_koperations--; - CRYPTO_DRIVER_UNLOCK(); - return (error); - } - - KASSERT(error == 0, ("error %d returned from crypto_kprocess", error)); - return (0); -} - static void crypto_task_invoke(void *ctx, int pending) { @@ -1894,62 +1644,6 @@ } } -/* - * Invoke the callback on behalf of the driver. - */ -void -crypto_kdone(struct cryptkop *krp) -{ - struct crypto_ret_worker *ret_worker; - struct cryptocap *cap; - - if (krp->krp_status != 0) - CRYPTOSTAT_INC(cs_kerrs); - cap = krp->krp_cap; - if (cap != NULL) { - CRYPTO_DRIVER_LOCK(); - KASSERT(cap->cc_koperations > 0, ("cc_koperations == 0")); - cap->cc_koperations--; - if (cap->cc_koperations == 0 && - cap->cc_flags & CRYPTOCAP_F_CLEANUP) - wakeup(cap); - CRYPTO_DRIVER_UNLOCK(); - krp->krp_cap = NULL; - cap_rele(cap); - } - - ret_worker = CRYPTO_RETW(0); - - CRYPTO_RETW_LOCK(ret_worker); - if (TAILQ_EMPTY(&ret_worker->crp_ret_kq)) - wakeup_one(&ret_worker->crp_ret_q); /* shared wait channel */ - TAILQ_INSERT_TAIL(&ret_worker->crp_ret_kq, krp, krp_next); - CRYPTO_RETW_UNLOCK(ret_worker); -} - -int -crypto_getfeat(int *featp) -{ - int hid, kalg, feat = 0; - - CRYPTO_DRIVER_LOCK(); - for (hid = 0; hid < crypto_drivers_size; hid++) { - const struct cryptocap *cap = crypto_drivers[hid]; - - if (cap == NULL || - ((cap->cc_flags & CRYPTOCAP_F_SOFTWARE) && - !crypto_devallowsoft)) { - continue; - } - for (kalg = 0; kalg < CRK_ALGORITHM_MAX; kalg++) - if (cap->cc_kalg[kalg] & CRYPTO_ALG_FLAG_SUPPORTED) - feat |= 1 << kalg; - } - CRYPTO_DRIVER_UNLOCK(); - *featp = feat; - return (0); -} - /* * Terminate a thread at module unload. The process that * initiated this is waiting for us to signal that we're gone; @@ -1975,7 +1669,6 @@ crypto_proc(void) { struct cryptop *crp, *submit; - struct cryptkop *krp; struct cryptocap *cap; int result, hint; @@ -2046,46 +1739,7 @@ TAILQ_INSERT_HEAD(&crp_q, submit, crp_next); CRYPTOSTAT_INC(cs_blocks); } - } - - /* As above, but for key ops */ - TAILQ_FOREACH(krp, &crp_kq, krp_next) { - cap = krp->krp_cap; - if (cap->cc_flags & CRYPTOCAP_F_CLEANUP) { - /* - * Operation needs to be migrated, - * clear krp_cap so a new driver is - * selected. - */ - krp->krp_cap = NULL; - cap_rele(cap); - break; - } - if (!cap->cc_kqblocked) - break; - } - if (krp != NULL) { - TAILQ_REMOVE(&crp_kq, krp, krp_next); - CRYPTO_Q_UNLOCK(); - result = crypto_kinvoke(krp); - CRYPTO_Q_LOCK(); - if (result == ERESTART) { - /* - * The driver ran out of resources, mark the - * driver ``blocked'' for cryptkop's and put - * the request back in the queue. It would - * best to put the request back where we got - * it but that's hard so for now we put it - * at the front. This should be ok; putting - * it at the end does not work. - */ - krp->krp_cap->cc_kqblocked = 1; - TAILQ_INSERT_HEAD(&crp_kq, krp, krp_next); - CRYPTOSTAT_INC(cs_kblocks); - } - } - - if (submit == NULL && krp == NULL) { + } else { /* * Nothing more to be processed. Sleep until we're * woken because there are more ops to process. @@ -2120,7 +1774,6 @@ crypto_ret_proc(struct crypto_ret_worker *ret_worker) { struct cryptop *crpt; - struct cryptkop *krpt; CRYPTO_RETW_LOCK(ret_worker); for (;;) { @@ -2141,19 +1794,13 @@ TAILQ_REMOVE(&ret_worker->crp_ret_q, crpt, crp_next); } - krpt = TAILQ_FIRST(&ret_worker->crp_ret_kq); - if (krpt != NULL) - TAILQ_REMOVE(&ret_worker->crp_ret_kq, krpt, krp_next); - - if (crpt != NULL || krpt != NULL) { + if (crpt != NULL) { CRYPTO_RETW_UNLOCK(ret_worker); /* * Run callbacks unlocked. */ if (crpt != NULL) crpt->crp_callback(crpt); - if (krpt != NULL) - krpt->krp_callback(krpt); CRYPTO_RETW_LOCK(ret_worker); } else { /* @@ -2178,25 +1825,21 @@ { int hid; - db_printf("%12s %4s %4s %8s %2s %2s\n" + db_printf("%12s %4s %8s %2s\n" , "Device" , "Ses" - , "Kops" , "Flags" , "QB" - , "KB" ); for (hid = 0; hid < crypto_drivers_size; hid++) { const struct cryptocap *cap = crypto_drivers[hid]; if (cap == NULL) continue; - db_printf("%-12s %4u %4u %08x %2u %2u\n" + db_printf("%-12s %4u %08x %2u\n" , device_get_nameunit(cap->cc_dev) , cap->cc_sessions - , cap->cc_koperations , cap->cc_flags , cap->cc_qblocked - , cap->cc_kqblocked ); } } @@ -2239,41 +1882,6 @@ } } } - -DB_SHOW_COMMAND(kcrypto, db_show_kcrypto) -{ - struct cryptkop *krp; - struct crypto_ret_worker *ret_worker; - - db_show_drivers(); - db_printf("\n"); - - db_printf("%4s %5s %4s %4s %8s %4s %8s\n", - "Op", "Status", "#IP", "#OP", "CRID", "HID", "Callback"); - TAILQ_FOREACH(krp, &crp_kq, krp_next) { - db_printf("%4u %5u %4u %4u %08x %4u %8p\n" - , krp->krp_op - , krp->krp_status - , krp->krp_iparams, krp->krp_oparams - , krp->krp_crid, krp->krp_hid - , krp->krp_callback - ); - } - - ret_worker = CRYPTO_RETW(0); - if (!TAILQ_EMPTY(&ret_worker->crp_ret_q)) { - db_printf("%4s %5s %8s %4s %8s\n", - "Op", "Status", "CRID", "HID", "Callback"); - TAILQ_FOREACH(krp, &ret_worker->crp_ret_kq, krp_next) { - db_printf("%4u %5u %08x %4u %8p\n" - , krp->krp_op - , krp->krp_status - , krp->krp_crid, krp->krp_hid - , krp->krp_callback - ); - } - } -} #endif int crypto_modevent(module_t mod, int type, void *unused); Index: sys/opencrypto/cryptodev.h =================================================================== --- sys/opencrypto/cryptodev.h +++ sys/opencrypto/cryptodev.h @@ -192,11 +192,6 @@ #define CRYPTO_ALGO_VALID(x) ((x) >= CRYPTO_ALGORITHM_MIN && \ (x) <= CRYPTO_ALGORITHM_MAX) -/* Algorithm flags */ -#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */ -#define CRYPTO_ALG_FLAG_RNG_ENABLE 0x02 /* Has HW RNG for DH/DSA */ -#define CRYPTO_ALG_FLAG_DSA_SHA 0x04 /* Can do SHA on msg */ - /* * Crypto driver/device flags. They can set in the crid * parameter when creating a session or submitting a key @@ -289,43 +284,10 @@ char name[32]; /* device/driver name */ }; -/* bignum parameter, in packed bytes, ... */ -struct crparam { - void *crp_p; - u_int crp_nbits; -}; - -#define CRK_MAXPARAM 8 - -struct crypt_kop { - u_int crk_op; /* ie. CRK_MOD_EXP or other */ - u_int crk_status; /* return status */ - u_short crk_iparams; /* # of input parameters */ - u_short crk_oparams; /* # of output parameters */ - u_int crk_crid; /* NB: only used by CIOCKEY2 (rw) */ - struct crparam crk_param[CRK_MAXPARAM]; -}; -#define CRK_ALGORITM_MIN 0 -#define CRK_MOD_EXP 0 -#define CRK_MOD_EXP_CRT 1 -#define CRK_DSA_SIGN 2 -#define CRK_DSA_VERIFY 3 -#define CRK_DH_COMPUTE_KEY 4 -#define CRK_ALGORITHM_MAX 4 /* Keep updated - see below */ - -#define CRF_MOD_EXP (1 << CRK_MOD_EXP) -#define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT) -#define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) -#define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) -#define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) - #define CIOCGSESSION _IOWR('c', 101, struct session_op) #define CIOCFSESSION _IOW('c', 102, uint32_t) #define CIOCCRYPT _IOWR('c', 103, struct crypt_op) -#define CIOCKEY _IOWR('c', 104, struct crypt_kop) -#define CIOCASYMFEAT _IOR('c', 105, uint32_t) #define CIOCGSESSION2 _IOWR('c', 106, struct session2_op) -#define CIOCKEY2 _IOWR('c', 107, struct crypt_kop) #define CIOCFINDDEV _IOWR('c', 108, struct crypt_find_op) #define CIOCCRYPTAEAD _IOWR('c', 109, struct crypt_aead) @@ -602,20 +564,6 @@ */ #define CRYPTO_HINT_MORE 0x1 /* more ops coming shortly */ -struct cryptkop { - TAILQ_ENTRY(cryptkop) krp_next; - - u_int krp_op; /* ie. CRK_MOD_EXP or other */ - u_int krp_status; /* return status */ - u_short krp_iparams; /* # of input parameters */ - u_short krp_oparams; /* # of output parameters */ - u_int krp_crid; /* desired device, etc. */ - uint32_t krp_hid; /* device used */ - struct crparam krp_param[CRK_MAXPARAM]; /* kvm */ - void (*krp_callback)(struct cryptkop *); - struct cryptocap *krp_cap; -}; - uint32_t crypto_ses2hid(crypto_session_t crypto_session); uint32_t crypto_ses2caps(crypto_session_t crypto_session); void *crypto_get_driver_session(crypto_session_t crypto_session); @@ -640,19 +588,14 @@ extern int crypto_find_driver(const char *); extern device_t crypto_find_device_byhid(int hid); extern int crypto_getcaps(int hid); -extern int crypto_kregister(uint32_t, int, uint32_t); extern int crypto_unregister_all(uint32_t driverid); extern int crypto_dispatch(struct cryptop *crp); #define CRYPTO_ASYNC_ORDERED 0x1 /* complete in order dispatched */ extern int crypto_dispatch_async(struct cryptop *crp, int flags); extern void crypto_dispatch_batch(struct cryptopq *crpq, int flags); -extern int crypto_kdispatch(struct cryptkop *); #define CRYPTO_SYMQ 0x1 -#define CRYPTO_ASYMQ 0x2 extern int crypto_unblock(uint32_t, int); extern void crypto_done(struct cryptop *crp); -extern void crypto_kdone(struct cryptkop *); -extern int crypto_getfeat(int *); extern void crypto_destroyreq(struct cryptop *crp); extern void crypto_initreq(struct cryptop *crp, crypto_session_t cses); @@ -660,7 +603,6 @@ extern struct cryptop *crypto_getreq(crypto_session_t cses, int how); extern int crypto_usercrypto; /* userland may do crypto requests */ -extern int crypto_userasymcrypto; /* userland may do asym crypto reqs */ extern int crypto_devallowsoft; /* only use hardware crypto */ #ifdef SYSCTL_DECL Index: sys/opencrypto/cryptodev.c =================================================================== --- sys/opencrypto/cryptodev.c +++ sys/opencrypto/cryptodev.c @@ -127,25 +127,9 @@ uint32_t iv; }; -struct crparam32 { - uint32_t crp_p; - u_int crp_nbits; -}; - -struct crypt_kop32 { - u_int crk_op; - u_int crk_status; - u_short crk_iparams; - u_short crk_oparams; - u_int crk_crid; - struct crparam32 crk_param[CRK_MAXPARAM]; -}; - #define CIOCGSESSION32 _IOWR('c', 101, struct session_op32) #define CIOCCRYPT32 _IOWR('c', 103, struct crypt_op32) -#define CIOCKEY32 _IOWR('c', 104, struct crypt_kop32) #define CIOCGSESSION232 _IOWR('c', 106, struct session2_op32) -#define CIOCKEY232 _IOWR('c', 107, struct crypt_kop32) #define CIOCCRYPTAEAD32 _IOWR('c', 109, struct crypt_aead32) static void @@ -253,50 +237,6 @@ PTROUT_CP(*from, *to, tag); PTROUT_CP(*from, *to, iv); } - -static void -crparam_from_32(const struct crparam32 *from, struct crparam *to) -{ - - PTRIN_CP(*from, *to, crp_p); - CP(*from, *to, crp_nbits); -} - -static void -crparam_to_32(const struct crparam *from, struct crparam32 *to) -{ - - PTROUT_CP(*from, *to, crp_p); - CP(*from, *to, crp_nbits); -} - -static void -crypt_kop_from_32(const struct crypt_kop32 *from, struct crypt_kop *to) -{ - int i; - - CP(*from, *to, crk_op); - CP(*from, *to, crk_status); - CP(*from, *to, crk_iparams); - CP(*from, *to, crk_oparams); - CP(*from, *to, crk_crid); - for (i = 0; i < CRK_MAXPARAM; i++) - crparam_from_32(&from->crk_param[i], &to->crk_param[i]); -} - -static void -crypt_kop_to_32(const struct crypt_kop *from, struct crypt_kop32 *to) -{ - int i; - - CP(*from, *to, crk_op); - CP(*from, *to, crk_status); - CP(*from, *to, crk_iparams); - CP(*from, *to, crk_oparams); - CP(*from, *to, crk_crid); - for (i = 0; i < CRK_MAXPARAM; i++) - crparam_to_32(&from->crk_param[i], &to->crk_param[i]); -} #endif static void @@ -356,11 +296,6 @@ &use_separate_aad, 0, "Use separate AAD buffer for /dev/crypto requests."); -static struct timeval warninterval = { .tv_sec = 60, .tv_usec = 0 }; -SYSCTL_TIMEVAL_SEC(_kern, OID_AUTO, cryptodev_warn_interval, CTLFLAG_RW, - &warninterval, - "Delay in seconds between warnings of deprecated /dev/crypto algorithms"); - /* * Check a crypto identifier to see if it requested * a software device/driver. This can be done either @@ -1208,131 +1143,6 @@ return (error); } -static void -cryptodevkey_cb(struct cryptkop *krp) -{ - - wakeup_one(krp); -} - -static int -cryptodev_key(struct crypt_kop *kop) -{ - struct cryptkop *krp = NULL; - int error = EINVAL; - int in, out, size, i; - - if (kop->crk_iparams + kop->crk_oparams > CRK_MAXPARAM) { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EFBIG); - } - - in = kop->crk_iparams; - out = kop->crk_oparams; - switch (kop->crk_op) { - case CRK_MOD_EXP: - if (in == 3 && out == 1) - break; - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EINVAL); - case CRK_MOD_EXP_CRT: - if (in == 6 && out == 1) - break; - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EINVAL); - case CRK_DSA_SIGN: - if (in == 5 && out == 2) - break; - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EINVAL); - case CRK_DSA_VERIFY: - if (in == 7 && out == 0) - break; - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EINVAL); - case CRK_DH_COMPUTE_KEY: - if (in == 3 && out == 1) - break; - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EINVAL); - default: - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EINVAL); - } - - krp = malloc(sizeof(*krp), M_XDATA, M_WAITOK | M_ZERO); - krp->krp_op = kop->crk_op; - krp->krp_status = kop->crk_status; - krp->krp_iparams = kop->crk_iparams; - krp->krp_oparams = kop->crk_oparams; - krp->krp_crid = kop->crk_crid; - krp->krp_status = 0; - krp->krp_callback = cryptodevkey_cb; - - for (i = 0; i < CRK_MAXPARAM; i++) { - if (kop->crk_param[i].crp_nbits > 65536) { - /* Limit is the same as in OpenBSD */ - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - goto fail; - } - krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits; - } - for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) { - size = (krp->krp_param[i].crp_nbits + 7) / 8; - if (size == 0) - continue; - krp->krp_param[i].crp_p = malloc(size, M_XDATA, M_WAITOK); - if (i >= krp->krp_iparams) - continue; - error = copyin(kop->crk_param[i].crp_p, krp->krp_param[i].crp_p, size); - if (error) { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - goto fail; - } - } - - error = crypto_kdispatch(krp); - if (error) { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - goto fail; - } - error = tsleep(krp, PSOCK, "crydev", 0); - if (error) { - /* XXX can this happen? if so, how do we recover? */ - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - goto fail; - } - - kop->crk_crid = krp->krp_hid; /* device that did the work */ - if (krp->krp_status != 0) { - error = krp->krp_status; - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - goto fail; - } - - for (i = krp->krp_iparams; i < krp->krp_iparams + krp->krp_oparams; i++) { - size = (krp->krp_param[i].crp_nbits + 7) / 8; - if (size == 0) - continue; - error = copyout(krp->krp_param[i].crp_p, kop->crk_param[i].crp_p, size); - if (error) { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - goto fail; - } - } - -fail: - if (krp) { - kop->crk_status = krp->krp_status; - for (i = 0; i < CRK_MAXPARAM; i++) { - if (krp->krp_param[i].crp_p) - free(krp->krp_param[i].crp_p, M_XDATA); - } - free(krp, M_XDATA); - } - return (error); -} - static int cryptodev_find(struct crypt_find_op *find) { @@ -1390,13 +1200,11 @@ crypto_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread *td) { - static struct timeval keywarn, featwarn; struct fcrypt *fcr; struct csession *cse; struct session2_op *sop; struct crypt_op *cop; struct crypt_aead *caead; - struct crypt_kop *kop; uint32_t ses; int error = 0; union { @@ -1404,7 +1212,6 @@ #ifdef COMPAT_FREEBSD32 struct crypt_op copc; struct crypt_aead aeadc; - struct crypt_kop kopc; #endif } thunk; #ifdef COMPAT_FREEBSD32 @@ -1443,17 +1250,6 @@ data = (void *)&thunk.aeadc; crypt_aead_from_32((struct crypt_aead32 *)data32, &thunk.aeadc); break; - case CIOCKEY32: - case CIOCKEY232: - cmd32 = cmd; - data32 = data; - if (cmd == CIOCKEY32) - cmd = CIOCKEY; - else - cmd = CIOCKEY2; - data = (void *)&thunk.kopc; - crypt_kop_from_32((struct crypt_kop32 *)data32, &thunk.kopc); - break; } #endif @@ -1504,46 +1300,6 @@ error = cryptodev_op(cse, cop); cse_free(cse); break; - case CIOCKEY: - case CIOCKEY2: - if (ratecheck(&keywarn, &warninterval)) - gone_in(14, - "Asymmetric crypto operations via /dev/crypto"); - - if (!crypto_userasymcrypto) { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EPERM); /* XXX compat? */ - } - kop = (struct crypt_kop *)data; - if (cmd == CIOCKEY) { - /* NB: crypto core enforces s/w driver use */ - kop->crk_crid = - CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE; - } - mtx_lock(&Giant); - error = cryptodev_key(kop); - mtx_unlock(&Giant); - break; - case CIOCASYMFEAT: - if (ratecheck(&featwarn, &warninterval)) - gone_in(14, - "Asymmetric crypto features via /dev/crypto"); - - if (!crypto_userasymcrypto) { - /* - * NB: if user asym crypto operations are - * not permitted return "no algorithms" - * so well-behaved applications will just - * fallback to doing them in software. - */ - *(int *)data = 0; - } else { - error = crypto_getfeat((int *)data); - if (error) - SDT_PROBE1(opencrypto, dev, ioctl, error, - __LINE__); - } - break; case CIOCFINDDEV: error = cryptodev_find((struct crypt_find_op *)data); break; @@ -1581,10 +1337,6 @@ if (error == 0) crypt_aead_to_32((void *)data, data32); break; - case CIOCKEY32: - case CIOCKEY232: - crypt_kop_to_32((void *)data, data32); - break; } #endif return (error); Index: sys/opencrypto/cryptodev_if.m =================================================================== --- sys/opencrypto/cryptodev_if.m +++ sys/opencrypto/cryptodev_if.m @@ -116,9 +116,9 @@ } DEFAULT null_freesession; /** - * @brief Perform a symmetric crypto operation + * @brief Perform a crypto operation * - * The crypto framework invokes this method for each symmetric crypto + * The crypto framework invokes this method for each crypto * operation performed on a session. A reference to the containing * session is stored as a member of 'struct cryptop'. This routine * should not block, but queue the operation if necessary. @@ -145,35 +145,3 @@ struct cryptop *op; int flags; }; - -/** - * @brief Perform an asymmetric crypto operation - * - * The crypto framework invokes this method for each asymmetric crypto - * operation. Each asymmetric crypto operation should be - * self-contained and is not assicated with any persistent session. - * This routine should not block, but queue the operation if - * necessary. - * - * This method may return ERESTART to indicate that any internal - * queues are full so the operation should be queued in the crypto - * framework and retried in the future. - * - * To report errors with a crypto operation, 'krp_status' should be set - * and the operation completed by calling 'crypto_kdone'. This method - * should then return zero. - * - * @param dev the crypto driver device - * @param op crypto operation to perform - * @param flags set to CRYPTO_HINT_MORE if additional asymmetric - * crypto operations are queued for this driver; - * otherwise set to zero. - * - * @retval 0 success - * @retval ERESTART internal queue is full - */ -METHOD int kprocess { - device_t dev; - struct cryptkop *op; - int flags; -}; Index: tools/tools/crypto/Makefile =================================================================== --- tools/tools/crypto/Makefile +++ tools/tools/crypto/Makefile @@ -26,7 +26,7 @@ # SUCH DAMAGE. # -PROGS= cryptocheck cryptotest cryptokeytest cryptostats \ +PROGS= cryptocheck cryptotest cryptostats \ hifnstats ipsecstats safestats MAN= BINDIR?= /usr/local/bin @@ -34,9 +34,6 @@ # cryptocheck: test symmetric crypto functions LIBADD.cryptocheck+= crypto util -# cryptokeytest: test asymmetric crypto functions -LIBADD.cryptokeytest+= crypto - # cryptostats: dump statistics kept by the core crypto code # hifnstats: print statistics kept by the HIFN driver # safestats: statistics kept by the SafeNet driver Index: tools/tools/crypto/cryptokeytest.c =================================================================== --- tools/tools/crypto/cryptokeytest.c +++ /dev/null @@ -1,270 +0,0 @@ -/* $FreeBSD$ */ -/* - * The big num stuff is a bit broken at the moment and I've not yet fixed it. - * The symtom is that odd size big nums will fail. Test code below (it only - * uses modexp currently). - * - * --Jason L. Wright - */ -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include - -int crid = CRYPTO_FLAG_HARDWARE; -int verbose = 0; - -static int -devcrypto(void) -{ - static int fd = -1; - - if (fd < 0) { - fd = open(_PATH_DEV "crypto", O_RDWR, 0); - if (fd < 0) - err(1, _PATH_DEV "crypto"); - if (fcntl(fd, F_SETFD, 1) == -1) - err(1, "fcntl(F_SETFD) (devcrypto)"); - } - return fd; -} - -static int -crlookup(const char *devname) -{ - struct crypt_find_op find; - - find.crid = -1; - strlcpy(find.name, devname, sizeof(find.name)); - if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1) - err(1, "ioctl(CIOCFINDDEV)"); - return find.crid; -} - -static const char * -crfind(int crid) -{ - static struct crypt_find_op find; - - bzero(&find, sizeof(find)); - find.crid = crid; - if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1) - err(1, "ioctl(CIOCFINDDEV)"); - return find.name; -} - -/* - * Convert a little endian byte string in 'p' that is 'plen' bytes long to a - * BIGNUM. A new BIGNUM is allocated. Returns NULL on failure. - */ -static BIGNUM * -le_to_bignum(BIGNUM *res, const void *p, int plen) -{ - - res = BN_lebin2bn(p, plen, res); - if (res == NULL) - ERR_print_errors_fp(stderr); - - return (res); -} - -/* - * Convert a BIGNUM to a little endian byte string. Space for BN_num_bytes(n) - * is allocated. - * Returns NULL on failure. - */ -static void * -bignum_to_le(const BIGNUM *n) -{ - int blen, error; - void *rd; - - blen = BN_num_bytes(n); - if (blen == 0) - return (NULL); - - rd = malloc(blen); - if (rd == NULL) - return (NULL); - - error = BN_bn2lebinpad(n, rd, blen); - if (error < 0) { - ERR_print_errors_fp(stderr); - free(rd); - return (NULL); - } - - return (rd); -} - -static int -UB_mod_exp(BIGNUM *res, const BIGNUM *a, const BIGNUM *b, const BIGNUM *c) -{ - struct crypt_kop kop; - void *ale, *ble, *cle; - int crypto_fd = devcrypto(); - - if ((ale = bignum_to_le(a)) == NULL) - err(1, "bignum_to_le, a"); - if ((ble = bignum_to_le(b)) == NULL) - err(1, "bignum_to_le, b"); - if ((cle = bignum_to_le(c)) == NULL) - err(1, "bignum_to_le, c"); - - bzero(&kop, sizeof(kop)); - kop.crk_op = CRK_MOD_EXP; - kop.crk_iparams = 3; - kop.crk_oparams = 1; - kop.crk_crid = crid; - kop.crk_param[0].crp_p = ale; - kop.crk_param[0].crp_nbits = BN_num_bytes(a) * 8; - kop.crk_param[1].crp_p = ble; - kop.crk_param[1].crp_nbits = BN_num_bytes(b) * 8; - kop.crk_param[2].crp_p = cle; - kop.crk_param[2].crp_nbits = BN_num_bytes(c) * 8; - kop.crk_param[3].crp_p = cle; - kop.crk_param[3].crp_nbits = BN_num_bytes(c) * 8; - - if (ioctl(crypto_fd, CIOCKEY2, &kop) == -1) - err(1, "CIOCKEY2"); - if (verbose) - printf("device = %s\n", crfind(kop.crk_crid)); - - explicit_bzero(ale, BN_num_bytes(a)); - free(ale); - explicit_bzero(ble, BN_num_bytes(b)); - free(ble); - - if (kop.crk_status != 0) { - printf("error %d\n", kop.crk_status); - explicit_bzero(cle, BN_num_bytes(c)); - free(cle); - return (-1); - } else { - res = le_to_bignum(res, cle, BN_num_bytes(c)); - explicit_bzero(cle, BN_num_bytes(c)); - free(cle); - if (res == NULL) - err(1, "le_to_bignum"); - return (0); - } - return (0); -} - -static void -show_result(const BIGNUM *a, const BIGNUM *b, const BIGNUM *c, - const BIGNUM *sw, const BIGNUM *hw) -{ - printf("\n"); - - printf("A = "); - BN_print_fp(stdout, a); - printf("\n"); - - printf("B = "); - BN_print_fp(stdout, b); - printf("\n"); - - printf("C = "); - BN_print_fp(stdout, c); - printf("\n"); - - printf("sw= "); - BN_print_fp(stdout, sw); - printf("\n"); - - printf("hw= "); - BN_print_fp(stdout, hw); - printf("\n"); - - printf("\n"); -} - -static void -testit(void) -{ - BIGNUM *a, *b, *c, *r1, *r2; - BN_CTX *ctx; - - ctx = BN_CTX_new(); - - a = BN_new(); - b = BN_new(); - c = BN_new(); - r1 = BN_new(); - r2 = BN_new(); - - BN_pseudo_rand(a, 1023, 0, 0); - BN_pseudo_rand(b, 1023, 0, 0); - BN_pseudo_rand(c, 1024, 0, 0); - - if (BN_cmp(a, c) > 0) { - BIGNUM *rem = BN_new(); - - BN_mod(rem, a, c, ctx); - UB_mod_exp(r2, rem, b, c); - BN_free(rem); - } else { - UB_mod_exp(r2, a, b, c); - } - BN_mod_exp(r1, a, b, c, ctx); - - if (BN_cmp(r1, r2) != 0) { - show_result(a, b, c, r1, r2); - } - - BN_free(r2); - BN_free(r1); - BN_free(c); - BN_free(b); - BN_free(a); - BN_CTX_free(ctx); -} - -static void -usage(const char* cmd) -{ - printf("usage: %s [-d dev] [-v] [count]\n", cmd); - printf("count is the number of bignum ops to do\n"); - printf("\n"); - printf("-d use specific device\n"); - printf("-v be verbose\n"); - exit(-1); -} - -int -main(int argc, char *argv[]) -{ - int c, i; - - while ((c = getopt(argc, argv, "d:v")) != -1) { - switch (c) { - case 'd': - crid = crlookup(optarg); - break; - case 'v': - verbose = 1; - break; - default: - usage(argv[0]); - } - } - argc -= optind, argv += optind; - - for (i = 0; i < 1000; i++) { - fprintf(stderr, "test %d\n", i); - testit(); - } - return (0); -}