D40201.id122210.diff
No OneTemporary
Actions

Size

85 KB

Referenced Files

None

Subscribers

None

D40201.id122210.diff
View Options

	diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h
	--- a/sys/opencrypto/cryptodev.h
	+++ b/sys/opencrypto/cryptodev.h
	@@ -68,138 +68,139 @@
	#include <sys/ioccom.h>

	#ifdef _KERNEL
	-#include <opencrypto/_cryptodev.h>
	#include <sys/_task.h>
	#include <sys/libkern.h>
	#include <sys/time.h>
	+
	+#include <opencrypto/_cryptodev.h>
	#endif

	/* Some initial values */
	-#define CRYPTO_DRIVERS_INITIAL 4
	+#define CRYPTO_DRIVERS_INITIAL 4

	/* Hash values */
	-#define NULL_HASH_LEN 16
	-#define SHA1_HASH_LEN 20
	-#define RIPEMD160_HASH_LEN 20
	-#define SHA2_224_HASH_LEN 28
	-#define SHA2_256_HASH_LEN 32
	-#define SHA2_384_HASH_LEN 48
	-#define SHA2_512_HASH_LEN 64
	-#define AES_GMAC_HASH_LEN 16
	-#define POLY1305_HASH_LEN 16
	-#define AES_CBC_MAC_HASH_LEN 16
	+#define NULL_HASH_LEN 16
	+#define SHA1_HASH_LEN 20
	+#define RIPEMD160_HASH_LEN 20
	+#define SHA2_224_HASH_LEN 28
	+#define SHA2_256_HASH_LEN 32
	+#define SHA2_384_HASH_LEN 48
	+#define SHA2_512_HASH_LEN 64
	+#define AES_GMAC_HASH_LEN 16
	+#define POLY1305_HASH_LEN 16
	+#define AES_CBC_MAC_HASH_LEN 16
	/* Maximum hash algorithm result length */
	-#define HASH_MAX_LEN SHA2_512_HASH_LEN /* Keep this updated */
	+#define HASH_MAX_LEN SHA2_512_HASH_LEN /* Keep this updated */

	-#define SHA1_BLOCK_LEN 64
	-#define RIPEMD160_BLOCK_LEN 64
	-#define SHA2_224_BLOCK_LEN 64
	-#define SHA2_256_BLOCK_LEN 64
	-#define SHA2_384_BLOCK_LEN 128
	-#define SHA2_512_BLOCK_LEN 128
	-#define POLY1305_BLOCK_LEN 16
	+#define SHA1_BLOCK_LEN 64
	+#define RIPEMD160_BLOCK_LEN 64
	+#define SHA2_224_BLOCK_LEN 64
	+#define SHA2_256_BLOCK_LEN 64
	+#define SHA2_384_BLOCK_LEN 128
	+#define SHA2_512_BLOCK_LEN 128
	+#define POLY1305_BLOCK_LEN 16

	/* HMAC values */
	-#define NULL_HMAC_BLOCK_LEN 64
	+#define NULL_HMAC_BLOCK_LEN 64
	/* Maximum HMAC block length */
	-#define HMAC_MAX_BLOCK_LEN SHA2_512_BLOCK_LEN /* Keep this updated */
	-#define HMAC_IPAD_VAL 0x36
	-#define HMAC_OPAD_VAL 0x5C
	+#define HMAC_MAX_BLOCK_LEN SHA2_512_BLOCK_LEN /* Keep this updated */
	+#define HMAC_IPAD_VAL 0x36
	+#define HMAC_OPAD_VAL 0x5C
	/* HMAC Key Length */
	-#define AES_128_GMAC_KEY_LEN 16
	-#define AES_192_GMAC_KEY_LEN 24
	-#define AES_256_GMAC_KEY_LEN 32
	-#define AES_128_CBC_MAC_KEY_LEN 16
	-#define AES_192_CBC_MAC_KEY_LEN 24
	-#define AES_256_CBC_MAC_KEY_LEN 32
	+#define AES_128_GMAC_KEY_LEN 16
	+#define AES_192_GMAC_KEY_LEN 24
	+#define AES_256_GMAC_KEY_LEN 32
	+#define AES_128_CBC_MAC_KEY_LEN 16
	+#define AES_192_CBC_MAC_KEY_LEN 24
	+#define AES_256_CBC_MAC_KEY_LEN 32

	-#define POLY1305_KEY_LEN 32
	+#define POLY1305_KEY_LEN 32

	/* Encryption algorithm block sizes */
	-#define NULL_BLOCK_LEN 4 /* IPsec to maintain alignment */
	-#define RIJNDAEL128_BLOCK_LEN 16
	-#define AES_BLOCK_LEN 16
	-#define AES_ICM_BLOCK_LEN 1
	-#define CAMELLIA_BLOCK_LEN 16
	-#define CHACHA20_NATIVE_BLOCK_LEN 64
	-#define EALG_MAX_BLOCK_LEN CHACHA20_NATIVE_BLOCK_LEN /* Keep this updated */
	+#define NULL_BLOCK_LEN 4 /* IPsec to maintain alignment */
	+#define RIJNDAEL128_BLOCK_LEN 16
	+#define AES_BLOCK_LEN 16
	+#define AES_ICM_BLOCK_LEN 1
	+#define CAMELLIA_BLOCK_LEN 16
	+#define CHACHA20_NATIVE_BLOCK_LEN 64
	+#define EALG_MAX_BLOCK_LEN CHACHA20_NATIVE_BLOCK_LEN /* Keep this updated */

	/* IV Lengths */

	-#define AES_GCM_IV_LEN 12
	-#define AES_CCM_IV_LEN 12
	-#define AES_XTS_IV_LEN 8
	-#define AES_XTS_ALPHA 0x87 /* GF(2^128) generator polynomial */
	-#define CHACHA20_POLY1305_IV_LEN 12
	-#define XCHACHA20_POLY1305_IV_LEN 24
	+#define AES_GCM_IV_LEN 12
	+#define AES_CCM_IV_LEN 12
	+#define AES_XTS_IV_LEN 8
	+#define AES_XTS_ALPHA 0x87 /* GF(2^128) generator polynomial */
	+#define CHACHA20_POLY1305_IV_LEN 12
	+#define XCHACHA20_POLY1305_IV_LEN 24

	/* Min and Max Encryption Key Sizes */
	-#define NULL_MIN_KEY 0
	-#define NULL_MAX_KEY 256 /* 2048 bits, max key */
	-#define RIJNDAEL_MIN_KEY 16
	-#define RIJNDAEL_MAX_KEY 32
	-#define AES_MIN_KEY RIJNDAEL_MIN_KEY
	-#define AES_MAX_KEY RIJNDAEL_MAX_KEY
	-#define AES_XTS_MIN_KEY (2 * AES_MIN_KEY)
	-#define AES_XTS_MAX_KEY (2 * AES_MAX_KEY)
	-#define CAMELLIA_MIN_KEY 16
	-#define CAMELLIA_MAX_KEY 32
	-#define CHACHA20_POLY1305_KEY 32
	-#define XCHACHA20_POLY1305_KEY 32
	+#define NULL_MIN_KEY 0
	+#define NULL_MAX_KEY 256 /* 2048 bits, max key */
	+#define RIJNDAEL_MIN_KEY 16
	+#define RIJNDAEL_MAX_KEY 32
	+#define AES_MIN_KEY RIJNDAEL_MIN_KEY
	+#define AES_MAX_KEY RIJNDAEL_MAX_KEY
	+#define AES_XTS_MIN_KEY (2 * AES_MIN_KEY)
	+#define AES_XTS_MAX_KEY (2 * AES_MAX_KEY)
	+#define CAMELLIA_MIN_KEY 16
	+#define CAMELLIA_MAX_KEY 32
	+#define CHACHA20_POLY1305_KEY 32
	+#define XCHACHA20_POLY1305_KEY 32

	/* Maximum hash algorithm result length */
	-#define AALG_MAX_RESULT_LEN 64 /* Keep this updated */
	-
	-#define CRYPTO_ALGORITHM_MIN 1
	-#define CRYPTO_DES_CBC 1
	-#define CRYPTO_3DES_CBC 2
	-#define CRYPTO_BLF_CBC 3
	-#define CRYPTO_CAST_CBC 4
	-#define CRYPTO_SKIPJACK_CBC 5
	-#define CRYPTO_MD5_HMAC 6
	-#define CRYPTO_SHA1_HMAC 7
	-#define CRYPTO_RIPEMD160_HMAC 8
	-#define CRYPTO_MD5_KPDK 9
	-#define CRYPTO_SHA1_KPDK 10
	-#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
	-#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
	-#define CRYPTO_ARC4 12
	-#define CRYPTO_MD5 13
	-#define CRYPTO_SHA1 14
	-#define CRYPTO_NULL_HMAC 15
	-#define CRYPTO_NULL_CBC 16
	-#define CRYPTO_DEFLATE_COMP 17 /* Deflate compression algorithm */
	-#define CRYPTO_SHA2_256_HMAC 18
	-#define CRYPTO_SHA2_384_HMAC 19
	-#define CRYPTO_SHA2_512_HMAC 20
	-#define CRYPTO_CAMELLIA_CBC 21
	-#define CRYPTO_AES_XTS 22
	-#define CRYPTO_AES_ICM 23 /* commonly known as CTR mode */
	-#define CRYPTO_AES_NIST_GMAC 24 /* GMAC only */
	-#define CRYPTO_AES_NIST_GCM_16 25 /* 16 byte ICV */
	+#define AALG_MAX_RESULT_LEN 64 /* Keep this updated */
	+
	+#define CRYPTO_ALGORITHM_MIN 1
	+#define CRYPTO_DES_CBC 1
	+#define CRYPTO_3DES_CBC 2
	+#define CRYPTO_BLF_CBC 3
	+#define CRYPTO_CAST_CBC 4
	+#define CRYPTO_SKIPJACK_CBC 5
	+#define CRYPTO_MD5_HMAC 6
	+#define CRYPTO_SHA1_HMAC 7
	+#define CRYPTO_RIPEMD160_HMAC 8
	+#define CRYPTO_MD5_KPDK 9
	+#define CRYPTO_SHA1_KPDK 10
	+#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
	+#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
	+#define CRYPTO_ARC4 12
	+#define CRYPTO_MD5 13
	+#define CRYPTO_SHA1 14
	+#define CRYPTO_NULL_HMAC 15
	+#define CRYPTO_NULL_CBC 16
	+#define CRYPTO_DEFLATE_COMP 17 /* Deflate compression algorithm */
	+#define CRYPTO_SHA2_256_HMAC 18
	+#define CRYPTO_SHA2_384_HMAC 19
	+#define CRYPTO_SHA2_512_HMAC 20
	+#define CRYPTO_CAMELLIA_CBC 21
	+#define CRYPTO_AES_XTS 22
	+#define CRYPTO_AES_ICM 23 /* commonly known as CTR mode */
	+#define CRYPTO_AES_NIST_GMAC 24 /* GMAC only */
	+#define CRYPTO_AES_NIST_GCM_16 25 /* 16 byte ICV */
	#ifdef _KERNEL
	-#define CRYPTO_AES_128_NIST_GMAC 26 /* auth side */
	-#define CRYPTO_AES_192_NIST_GMAC 27 /* auth side */
	-#define CRYPTO_AES_256_NIST_GMAC 28 /* auth side */
	+#define CRYPTO_AES_128_NIST_GMAC 26 /* auth side */
	+#define CRYPTO_AES_192_NIST_GMAC 27 /* auth side */
	+#define CRYPTO_AES_256_NIST_GMAC 28 /* auth side */
	#endif
	-#define CRYPTO_BLAKE2B 29 /* Blake2b hash */
	-#define CRYPTO_BLAKE2S 30 /* Blake2s hash */
	-#define CRYPTO_CHACHA20 31 /* Chacha20 stream cipher */
	-#define CRYPTO_SHA2_224_HMAC 32
	-#define CRYPTO_RIPEMD160 33
	-#define CRYPTO_SHA2_224 34
	-#define CRYPTO_SHA2_256 35
	-#define CRYPTO_SHA2_384 36
	-#define CRYPTO_SHA2_512 37
	-#define CRYPTO_POLY1305 38
	-#define CRYPTO_AES_CCM_CBC_MAC 39 /* auth side */
	-#define CRYPTO_AES_CCM_16 40 /* cipher side */
	-#define CRYPTO_CHACHA20_POLY1305 41 /* combined AEAD cipher per RFC 8439 */
	-#define CRYPTO_XCHACHA20_POLY1305 42
	-#define CRYPTO_ALGORITHM_MAX 42 /* Keep updated - see below */
	-
	-#define CRYPTO_ALGO_VALID(x) ((x) >= CRYPTO_ALGORITHM_MIN && \
	- (x) <= CRYPTO_ALGORITHM_MAX)
	+#define CRYPTO_BLAKE2B 29 /* Blake2b hash */
	+#define CRYPTO_BLAKE2S 30 /* Blake2s hash */
	+#define CRYPTO_CHACHA20 31 /* Chacha20 stream cipher */
	+#define CRYPTO_SHA2_224_HMAC 32
	+#define CRYPTO_RIPEMD160 33
	+#define CRYPTO_SHA2_224 34
	+#define CRYPTO_SHA2_256 35
	+#define CRYPTO_SHA2_384 36
	+#define CRYPTO_SHA2_512 37
	+#define CRYPTO_POLY1305 38
	+#define CRYPTO_AES_CCM_CBC_MAC 39 /* auth side */
	+#define CRYPTO_AES_CCM_16 40 /* cipher side */
	+#define CRYPTO_CHACHA20_POLY1305 41 /* combined AEAD cipher per RFC 8439 */
	+#define CRYPTO_XCHACHA20_POLY1305 42
	+#define CRYPTO_ALGORITHM_MAX 42 /* Keep updated - see below */
	+
	+#define CRYPTO_ALGO_VALID(x) \
	+ ((x) >= CRYPTO_ALGORITHM_MIN && (x) <= CRYPTO_ALGORITHM_MAX)

	/*
	* Crypto driver/device flags. They can set in the crid
	@@ -209,29 +210,29 @@
	* the driver id of an existing (and suitable) device that
	* must be used to satisfy the request.
	*/
	-#define CRYPTO_FLAG_HARDWARE 0x01000000 /* hardware accelerated */
	-#define CRYPTO_FLAG_SOFTWARE 0x02000000 /* software implementation */
	+#define CRYPTO_FLAG_HARDWARE 0x01000000 /* hardware accelerated */
	+#define CRYPTO_FLAG_SOFTWARE 0x02000000 /* software implementation */

	/* Does the kernel support vmpage buffers on this platform? */
	#ifdef __powerpc__
	-#define CRYPTO_MAY_HAVE_VMPAGE 1
	+#define CRYPTO_MAY_HAVE_VMPAGE 1
	#else
	-#define CRYPTO_MAY_HAVE_VMPAGE ( PMAP_HAS_DMAP )
	+#define CRYPTO_MAY_HAVE_VMPAGE (PMAP_HAS_DMAP)
	#endif
	/* Does the currently running system support vmpage buffers on this platform? */
	-#define CRYPTO_HAS_VMPAGE ( PMAP_HAS_DMAP )
	+#define CRYPTO_HAS_VMPAGE (PMAP_HAS_DMAP)

	/* NB: deprecated */
	struct session_op {
	- uint32_t cipher; /* ie. CRYPTO_AES_CBC */
	- uint32_t mac; /* ie. CRYPTO_SHA2_256_HMAC */
	+ uint32_t cipher; /* ie. CRYPTO_AES_CBC */
	+ uint32_t mac; /* ie. CRYPTO_SHA2_256_HMAC */

	- uint32_t keylen; /* cipher key */
	- const void *key;
	- int mackeylen; /* mac key */
	- const void *mackey;
	+ uint32_t keylen; /* cipher key */
	+ const void *key;
	+ int mackeylen; /* mac key */
	+ const void *mackey;

	- uint32_t ses; /* returns: session # */
	+ uint32_t ses; /* returns: session # */
	};

	/*
	@@ -240,49 +241,49 @@
	* "cryptop" (no underscore).
	*/
	struct session2_op {
	- uint32_t cipher; /* ie. CRYPTO_AES_CBC */
	- uint32_t mac; /* ie. CRYPTO_SHA2_256_HMAC */
	-
	- uint32_t keylen; /* cipher key */
	- const void *key;
	- int mackeylen; /* mac key */
	- const void *mackey;
	-
	- uint32_t ses; /* returns: session # */
	- int crid; /* driver id + flags (rw) */
	- int ivlen; /* length of nonce/IV */
	- int maclen; /* length of MAC/tag */
	- int pad[2]; /* for future expansion */
	+ uint32_t cipher; /* ie. CRYPTO_AES_CBC */
	+ uint32_t mac; /* ie. CRYPTO_SHA2_256_HMAC */
	+
	+ uint32_t keylen; /* cipher key */
	+ const void *key;
	+ int mackeylen; /* mac key */
	+ const void *mackey;
	+
	+ uint32_t ses; /* returns: session # */
	+ int crid; /* driver id + flags (rw) */
	+ int ivlen; /* length of nonce/IV */
	+ int maclen; /* length of MAC/tag */
	+ int pad[2]; /* for future expansion */
	};

	struct crypt_op {
	- uint32_t ses;
	- uint16_t op; /* i.e. COP_ENCRYPT */
	-#define COP_ENCRYPT 1
	-#define COP_DECRYPT 2
	- uint16_t flags;
	-#define COP_F_CIPHER_FIRST 0x0001 /* Cipher before MAC. */
	-#define COP_F_BATCH 0x0008 /* Batch op if possible */
	- u_int len;
	- const void src; / become iov[] inside kernel */
	- void *dst;
	- void mac; / must be big enough for chosen MAC */
	- const void *iv;
	+ uint32_t ses;
	+ uint16_t op; /* i.e. COP_ENCRYPT */
	+#define COP_ENCRYPT 1
	+#define COP_DECRYPT 2
	+ uint16_t flags;
	+#define COP_F_CIPHER_FIRST 0x0001 /* Cipher before MAC. */
	+#define COP_F_BATCH 0x0008 /* Batch op if possible */
	+ u_int len;
	+ const void src; / become iov[] inside kernel */
	+ void *dst;
	+ void mac; / must be big enough for chosen MAC */
	+ const void *iv;
	};

	/* op and flags the same as crypt_op */
	struct crypt_aead {
	- uint32_t ses;
	- uint16_t op; /* i.e. COP_ENCRYPT */
	- uint16_t flags;
	- u_int len;
	- u_int aadlen;
	- u_int ivlen;
	- const void src; / become iov[] inside kernel */
	- void *dst;
	- const void aad; / additional authenticated data */
	- void tag; / must fit for chosen TAG length */
	- const void *iv;
	+ uint32_t ses;
	+ uint16_t op; /* i.e. COP_ENCRYPT */
	+ uint16_t flags;
	+ u_int len;
	+ u_int aadlen;
	+ u_int ivlen;
	+ const void src; / become iov[] inside kernel */
	+ void *dst;
	+ const void aad; / additional authenticated data */
	+ void tag; / must fit for chosen TAG length */
	+ const void *iv;
	};

	/*
	@@ -291,26 +292,39 @@
	* created sessions (crid) and completed key operations.
	*/
	struct crypt_find_op {
	- int crid; /* driver id + flags */
	- char name[32]; /* device/driver name */
	+ int crid; /* driver id + flags */
	+ char name[32]; /* device/driver name */
	};

	-#define CIOCGSESSION _IOWR('c', 101, struct session_op)
	-#define CIOCFSESSION _IOW('c', 102, uint32_t)
	-#define CIOCCRYPT _IOWR('c', 103, struct crypt_op)
	-#define CIOCGSESSION2 _IOWR('c', 106, struct session2_op)
	-#define CIOCFINDDEV _IOWR('c', 108, struct crypt_find_op)
	-#define CIOCCRYPTAEAD _IOWR('c', 109, struct crypt_aead)
	+#define CIOCGSESSION _IOWR('c', 101, struct session_op)
	+#define CIOCFSESSION _IOW('c', 102, uint32_t)
	+#define CIOCCRYPT _IOWR('c', 103, struct crypt_op)
	+#define CIOCGSESSION2 _IOWR('c', 106, struct session2_op)
	+#define CIOCFINDDEV _IOWR('c', 108, struct crypt_find_op)
	+#define CIOCCRYPTAEAD _IOWR('c', 109, struct crypt_aead)
	+
	+struct cryptotstat {
	+ struct timespec acc; /* total accumulated time */
	+ struct timespec min; /* min time */
	+ struct timespec max; /* max time */
	+ uint32_t count; /* number of observations */
	+};

	struct cryptostats {
	- uint64_t cs_ops; /* symmetric crypto ops submitted */
	- uint64_t cs_errs; /* symmetric crypto ops that failed */
	- uint64_t cs_kops; /* asymetric/key ops submitted */
	- uint64_t cs_kerrs; /* asymetric/key ops that failed */
	- uint64_t cs_intrs; /* crypto swi thread activations */
	- uint64_t cs_rets; /* crypto return thread activations */
	- uint64_t cs_blocks; /* symmetric op driver block */
	- uint64_t cs_kblocks; /* symmetric op driver block */
	+ uint64_t cs_ops; /* symmetric crypto ops submitted */
	+ uint64_t cs_errs; /* symmetric crypto ops that failed */
	+ uint64_t cs_kops; /* asymetric/key ops submitted */
	+ uint64_t cs_kerrs; /* asymetric/key ops that failed */
	+ uint64_t cs_intrs; /* crypto swi thread activations */
	+ uint64_t cs_rets; /* crypto return thread activations */
	+ uint64_t cs_blocks; /* symmetric op driver block */
	+ uint64_t cs_kblocks; /* symmetric op driver block */
	+ uint32_t cs_drops; /* crypto ops dropped due to congestion */
	+
	+ struct cryptotstat cs_invoke; /* crypto_dipsatch -> crypto_invoke */
	+ struct cryptotstat cs_done; /* crypto_invoke -> crypto_done */
	+ struct cryptotstat cs_cb; /* crypto_done -> callback */
	+ struct cryptotstat cs_finis; /* callback -> callback return */
	};

	#ifdef _KERNEL
	@@ -318,45 +332,48 @@
	/*
	* Return values for cryptodev_probesession methods.
	*/
	-#define CRYPTODEV_PROBE_HARDWARE (-100)
	-#define CRYPTODEV_PROBE_ACCEL_SOFTWARE (-200)
	-#define CRYPTODEV_PROBE_SOFTWARE (-500)
	+#define CRYPTODEV_PROBE_HARDWARE (-100)
	+#define CRYPTODEV_PROBE_ACCEL_SOFTWARE (-200)
	+#define CRYPTODEV_PROBE_SOFTWARE (-500)

	#if 0
	-#define CRYPTDEB(s, ...) do { \
	- printf("%s:%d: " s "\n", __FILE__, __LINE__, ## __VA_ARGS__); \
	-} while (0)
	+#define CRYPTDEB(s, ...) \
	+ do { \
	+ printf("%s:%d: " s "\n", __FILE__, __LINE__, ##__VA_ARGS__); \
	+ } while (0)
	#else
	-#define CRYPTDEB(...) do { } while (0)
	+#define CRYPTDEB(...) \
	+ do { \
	+ } while (0)
	#endif

	struct crypto_session_params {
	- int csp_mode; /* Type of operations to perform. */
	+ int csp_mode; /* Type of operations to perform. */

	-#define CSP_MODE_NONE 0
	-#define CSP_MODE_COMPRESS 1 /* Compression/decompression. */
	-#define CSP_MODE_CIPHER 2 /* Encrypt/decrypt. */
	-#define CSP_MODE_DIGEST 3 /* Compute/verify digest. */
	-#define CSP_MODE_AEAD 4 /* Combined auth/encryption. */
	-#define CSP_MODE_ETA 5 /* IPsec style encrypt-then-auth */
	+#define CSP_MODE_NONE 0
	+#define CSP_MODE_COMPRESS 1 /* Compression/decompression. */
	+#define CSP_MODE_CIPHER 2 /* Encrypt/decrypt. */
	+#define CSP_MODE_DIGEST 3 /* Compute/verify digest. */
	+#define CSP_MODE_AEAD 4 /* Combined auth/encryption. */
	+#define CSP_MODE_ETA 5 /* IPsec style encrypt-then-auth */

	- int csp_flags;
	+ int csp_flags;

	-#define CSP_F_SEPARATE_OUTPUT 0x0001 /* Requests can use separate output */
	-#define CSP_F_SEPARATE_AAD 0x0002 /* Requests can use separate AAD */
	-#define CSP_F_ESN 0x0004 /* Requests can use seperate ESN field */
	+#define CSP_F_SEPARATE_OUTPUT 0x0001 /* Requests can use separate output */
	+#define CSP_F_SEPARATE_AAD 0x0002 /* Requests can use separate AAD */
	+#define CSP_F_ESN 0x0004 /* Requests can use seperate ESN field */

	- int csp_ivlen; /* IV length in bytes. */
	+ int csp_ivlen; /* IV length in bytes. */

	- int csp_cipher_alg;
	- int csp_cipher_klen; /* Key length in bytes. */
	- const void *csp_cipher_key;
	+ int csp_cipher_alg;
	+ int csp_cipher_klen; /* Key length in bytes. */
	+ const void *csp_cipher_key;

	- int csp_auth_alg;
	- int csp_auth_klen; /* Key length in bytes. */
	- const void *csp_auth_key;
	- int csp_auth_mlen; /* Number of digest bytes to use.
	- 0 means all. */
	+ int csp_auth_alg;
	+ int csp_auth_klen; /* Key length in bytes. */
	+ const void *csp_auth_key;
	+ int csp_auth_mlen; /* Number of digest bytes to use.
	+ 0 means all. */
	};

	enum crypto_buffer_type {
	@@ -377,8 +394,8 @@
	struct crypto_buffer {
	union {
	struct {
	- char *cb_buf;
	- int cb_buf_len;
	+ char *cb_buf;
	+ int cb_buf_len;
	};
	struct mbuf *cb_mbuf;
	struct {
	@@ -403,7 +420,7 @@
	};
	/* Optional bytes of valid data remaining */
	int cc_buf_len;
	- /*
	+ /*
	* Optional offset within the current buffer segment where
	* valid data begins
	*/
	@@ -415,66 +432,66 @@
	struct cryptop {
	TAILQ_ENTRY(cryptop) crp_next;

	- struct task crp_task;
	+ struct task crp_task;

	- crypto_session_t crp_session; /* Session */
	- int crp_olen; /* Result total length */
	+ crypto_session_t crp_session; /* Session */
	+ int crp_olen; /* Result total length */

	- int crp_etype; /*
	- * Error type (zero means no error).
	- * All error codes except EAGAIN
	- * indicate possible data corruption (as in,
	- * the data have been touched). On all
	- * errors, the crp_session may have changed
	- * (reset to a new one), so the caller
	- * should always check and use the new
	- * value on future requests.
	- */
	-#define crp_startcopy crp_flags
	- int crp_flags;
	+ int crp_etype; /*
	+ * Error type (zero means no error).
	+ * All error codes except EAGAIN
	+ * indicate possible data corruption (as in,
	+ * the data have been touched). On all
	+ * errors, the crp_session may have changed
	+ * (reset to a new one), so the caller
	+ * should always check and use the new
	+ * value on future requests.
	+ */
	+#define crp_startcopy crp_flags
	+ int crp_flags;

	-#define CRYPTO_F_CBIMM 0x0010 /* Do callback immediately */
	-#define CRYPTO_F_DONE 0x0020 /* Operation completed */
	-#define CRYPTO_F_CBIFSYNC 0x0040 /* Do CBIMM if op is synchronous */
	-#define CRYPTO_F_ASYNC_ORDERED 0x0100 /* Completions must happen in order */
	-#define CRYPTO_F_IV_SEPARATE 0x0200 /* Use crp_iv[] as IV. */
	+#define CRYPTO_F_CBIMM 0x0010 /* Do callback immediately */
	+#define CRYPTO_F_DONE 0x0020 /* Operation completed */
	+#define CRYPTO_F_CBIFSYNC 0x0040 /* Do CBIMM if op is synchronous */
	+#define CRYPTO_F_ASYNC_ORDERED 0x0100 /* Completions must happen in order */
	+#define CRYPTO_F_IV_SEPARATE 0x0200 /* Use crp_iv[] as IV. */

	- int crp_op;
	+ int crp_op;

	struct crypto_buffer crp_buf;
	struct crypto_buffer crp_obuf;

	- void crp_aad; / AAD buffer. */
	- int crp_aad_start; /* Location of AAD. */
	- int crp_aad_length; /* 0 => no AAD. */
	- uint8_t crp_esn[4]; /* high-order ESN */
	+ void crp_aad; / AAD buffer. */
	+ int crp_aad_start; /* Location of AAD. */
	+ int crp_aad_length; /* 0 => no AAD. */
	+ uint8_t crp_esn[4]; /* high-order ESN */

	- int crp_iv_start; /* Location of IV. IV length is from
	- * the session.
	- */
	- int crp_payload_start; /* Location of ciphertext. */
	- int crp_payload_output_start;
	- int crp_payload_length;
	- int crp_digest_start; /* Location of MAC/tag. Length is
	- * from the session.
	- */
	+ int crp_iv_start; /* Location of IV. IV length is from
	+ * the session.
	+ */
	+ int crp_payload_start; /* Location of ciphertext. */
	+ int crp_payload_output_start;
	+ int crp_payload_length;
	+ int crp_digest_start; /* Location of MAC/tag. Length is
	+ * from the session.
	+ */

	- uint8_t crp_iv[EALG_MAX_BLOCK_LEN]; /* IV if IV_SEPARATE. */
	+ uint8_t crp_iv[EALG_MAX_BLOCK_LEN]; /* IV if IV_SEPARATE. */

	- const void crp_cipher_key; / New cipher key if non-NULL. */
	- const void crp_auth_key; / New auth key if non-NULL. */
	-#define crp_endcopy crp_opaque
	+ const void crp_cipher_key; / New cipher key if non-NULL. */
	+ const void crp_auth_key; / New auth key if non-NULL. */
	+#define crp_endcopy crp_opaque

	- void crp_opaque; / Opaque pointer, passed along */
	+ void crp_opaque; / Opaque pointer, passed along */

	int (crp_callback)(struct cryptop ); /* Callback function */

	- struct bintime crp_tstamp; /* performance time stamp */
	- uint32_t crp_seq; /* used for ordered dispatch */
	- uint32_t crp_retw_id; /*
	- * the return worker to be used,
	- * used for ordered dispatch
	- */
	+ struct bintime crp_tstamp; /* performance time stamp */
	+ uint32_t crp_seq; /* used for ordered dispatch */
	+ uint32_t crp_retw_id; /*
	+ * the return worker to be used,
	+ * used for ordered dispatch
	+ */
	};

	TAILQ_HEAD(cryptopq, cryptop);
	@@ -579,67 +596,67 @@
	_crypto_use_uio(&crp->crp_obuf, uio);
	}

	-#define CRYPTO_HAS_OUTPUT_BUFFER(crp) \
	+#define CRYPTO_HAS_OUTPUT_BUFFER(crp) \
	((crp)->crp_obuf.cb_type != CRYPTO_BUF_NONE)

	/* Flags in crp_op. */
	-#define CRYPTO_OP_DECRYPT 0x0
	-#define CRYPTO_OP_ENCRYPT 0x1
	-#define CRYPTO_OP_IS_ENCRYPT(op) ((op) & CRYPTO_OP_ENCRYPT)
	-#define CRYPTO_OP_COMPUTE_DIGEST 0x0
	-#define CRYPTO_OP_VERIFY_DIGEST 0x2
	-#define CRYPTO_OP_DECOMPRESS CRYPTO_OP_DECRYPT
	-#define CRYPTO_OP_COMPRESS CRYPTO_OP_ENCRYPT
	-#define CRYPTO_OP_IS_COMPRESS(op) ((op) & CRYPTO_OP_COMPRESS)
	+#define CRYPTO_OP_DECRYPT 0x0
	+#define CRYPTO_OP_ENCRYPT 0x1
	+#define CRYPTO_OP_IS_ENCRYPT(op) ((op)&CRYPTO_OP_ENCRYPT)
	+#define CRYPTO_OP_COMPUTE_DIGEST 0x0
	+#define CRYPTO_OP_VERIFY_DIGEST 0x2
	+#define CRYPTO_OP_DECOMPRESS CRYPTO_OP_DECRYPT
	+#define CRYPTO_OP_COMPRESS CRYPTO_OP_ENCRYPT
	+#define CRYPTO_OP_IS_COMPRESS(op) ((op)&CRYPTO_OP_COMPRESS)

	/*
	* Hints passed to process methods.
	*/
	-#define CRYPTO_HINT_MORE 0x1 /* more ops coming shortly */
	+#define CRYPTO_HINT_MORE 0x1 /* more ops coming shortly */

	uint32_t crypto_ses2hid(crypto_session_t crypto_session);
	uint32_t crypto_ses2caps(crypto_session_t crypto_session);
	-void *crypto_get_driver_session(crypto_session_t crypto_session);
	+void *crypto_get_driver_session(crypto_session_t crypto_session);
	const struct crypto_session_params *crypto_get_params(
	crypto_session_t crypto_session);
	-const struct auth_hash crypto_auth_hash(const struct crypto_session_params csp);
	+const struct auth_hash *crypto_auth_hash(
	+ const struct crypto_session_params *csp);
	const struct enc_xform crypto_cipher(const struct crypto_session_params csp);

	#ifdef MALLOC_DECLARE
	MALLOC_DECLARE(M_CRYPTO_DATA);
	#endif

	-int crypto_newsession(crypto_session_t *cses,
	+int crypto_newsession(crypto_session_t *cses,
	const struct crypto_session_params *params, int crid);
	-void crypto_freesession(crypto_session_t cses);
	-#define CRYPTOCAP_F_HARDWARE CRYPTO_FLAG_HARDWARE
	-#define CRYPTOCAP_F_SOFTWARE CRYPTO_FLAG_SOFTWARE
	-#define CRYPTOCAP_F_SYNC 0x04000000 /* operates synchronously */
	-#define CRYPTOCAP_F_ACCEL_SOFTWARE 0x08000000
	-#define CRYPTO_SESS_SYNC(sess) \
	- ((crypto_ses2caps(sess) & CRYPTOCAP_F_SYNC) != 0)
	-int32_t crypto_get_driverid(device_t dev, size_t session_size, int flags);
	-int crypto_find_driver(const char *);
	+void crypto_freesession(crypto_session_t cses);
	+#define CRYPTOCAP_F_HARDWARE CRYPTO_FLAG_HARDWARE
	+#define CRYPTOCAP_F_SOFTWARE CRYPTO_FLAG_SOFTWARE
	+#define CRYPTOCAP_F_SYNC 0x04000000 /* operates synchronously */
	+#define CRYPTOCAP_F_ACCEL_SOFTWARE 0x08000000
	+#define CRYPTO_SESS_SYNC(sess) ((crypto_ses2caps(sess) & CRYPTOCAP_F_SYNC) != 0)
	+int32_t crypto_get_driverid(device_t dev, size_t session_size, int flags);
	+int crypto_find_driver(const char *);
	device_t crypto_find_device_byhid(int hid);
	-int crypto_getcaps(int hid);
	-int crypto_unregister_all(uint32_t driverid);
	-int crypto_dispatch(struct cryptop *crp);
	-#define CRYPTO_ASYNC_ORDERED 0x1 /* complete in order dispatched */
	-int crypto_dispatch_async(struct cryptop *crp, int flags);
	-void crypto_dispatch_batch(struct cryptopq *crpq, int flags);
	-#define CRYPTO_SYMQ 0x1
	-int crypto_unblock(uint32_t, int);
	-void crypto_done(struct cryptop *crp);
	+int crypto_getcaps(int hid);
	+int crypto_unregister_all(uint32_t driverid);
	+int crypto_dispatch(struct cryptop *crp);
	+#define CRYPTO_ASYNC_ORDERED 0x1 /* complete in order dispatched */
	+int crypto_dispatch_async(struct cryptop *crp, int flags);
	+void crypto_dispatch_batch(struct cryptopq *crpq, int flags);
	+#define CRYPTO_SYMQ 0x1
	+int crypto_unblock(uint32_t, int);
	+void crypto_done(struct cryptop *crp);

	struct cryptop crypto_clonereq(struct cryptop crp, crypto_session_t cses,
	int how);
	-void crypto_destroyreq(struct cryptop *crp);
	-void crypto_initreq(struct cryptop *crp, crypto_session_t cses);
	-void crypto_freereq(struct cryptop *crp);
	+void crypto_destroyreq(struct cryptop *crp);
	+void crypto_initreq(struct cryptop *crp, crypto_session_t cses);
	+void crypto_freereq(struct cryptop *crp);
	struct cryptop *crypto_getreq(crypto_session_t cses, int how);

	-extern int crypto_usercrypto; /* userland may do crypto requests */
	-extern int crypto_devallowsoft; /* only use hardware crypto */
	+extern int crypto_usercrypto; /* userland may do crypto requests */
	+extern int crypto_devallowsoft; /* only use hardware crypto */

	#ifdef SYSCTL_DECL
	SYSCTL_DECL(_kern_crypto);
	@@ -648,9 +665,9 @@
	/* Helper routines for drivers to initialize auth contexts for HMAC. */
	struct auth_hash;

	-void hmac_init_ipad(const struct auth_hash axf, const char key, int klen,
	+void hmac_init_ipad(const struct auth_hash axf, const char key, int klen,
	void *auth_ctx);
	-void hmac_init_opad(const struct auth_hash axf, const char key, int klen,
	+void hmac_init_opad(const struct auth_hash axf, const char key, int klen,
	void *auth_ctx);

	/*
	@@ -661,29 +678,28 @@
	* data from the crypto request's data buffer into the the 'dst'
	* buffer.
	*/
	-void crypto_copyback(struct cryptop *crp, int off, int size,
	- const void *src);
	-void crypto_copydata(struct cryptop crp, int off, int size, void dst);
	-int crypto_apply(struct cryptop *crp, int off, int len,
	- int (f)(void , const void , u_int), void arg);
	-void crypto_contiguous_subsegment(struct cryptop crp, size_t skip,
	- size_t len);
	-
	-int crypto_apply_buf(struct crypto_buffer *cb, int off, int len,
	- int (f)(void , const void , u_int), void arg);
	-void crypto_buffer_contiguous_subsegment(struct crypto_buffer cb,
	- size_t skip, size_t len);
	-size_t crypto_buffer_len(struct crypto_buffer *cb);
	-void crypto_cursor_init(struct crypto_buffer_cursor *cc,
	- const struct crypto_buffer *cb);
	-void crypto_cursor_advance(struct crypto_buffer_cursor *cc, size_t amount);
	-void crypto_cursor_segment(struct crypto_buffer_cursor cc, size_t *len);
	-void crypto_cursor_copyback(struct crypto_buffer_cursor *cc, int size,
	- const void *vsrc);
	-void crypto_cursor_copydata(struct crypto_buffer_cursor *cc, int size,
	- void *vdst);
	-void crypto_cursor_copydata_noadv(struct crypto_buffer_cursor *cc, int size,
	- void *vdst);
	+void crypto_copyback(struct cryptop crp, int off, int size, const void src);
	+void crypto_copydata(struct cryptop crp, int off, int size, void dst);
	+int crypto_apply(struct cryptop *crp, int off, int len,
	+ int (f)(void , const void , u_int), void arg);
	+void crypto_contiguous_subsegment(struct cryptop crp, size_t skip,
	+ size_t len);
	+
	+int crypto_apply_buf(struct crypto_buffer *cb, int off, int len,
	+ int (f)(void , const void , u_int), void arg);
	+void crypto_buffer_contiguous_subsegment(struct crypto_buffer cb, size_t skip,
	+ size_t len);
	+size_t crypto_buffer_len(struct crypto_buffer *cb);
	+void crypto_cursor_init(struct crypto_buffer_cursor *cc,
	+ const struct crypto_buffer *cb);
	+void crypto_cursor_advance(struct crypto_buffer_cursor *cc, size_t amount);
	+void crypto_cursor_segment(struct crypto_buffer_cursor cc, size_t *len);
	+void crypto_cursor_copyback(struct crypto_buffer_cursor *cc, int size,
	+ const void *vsrc);
	+void crypto_cursor_copydata(struct crypto_buffer_cursor *cc, int size,
	+ void *vdst);
	+void crypto_cursor_copydata_noadv(struct crypto_buffer_cursor *cc, int size,
	+ void *vdst);

	static __inline void
	crypto_cursor_copy(const struct crypto_buffer_cursor *fromc,
	diff --git a/tools/tools/crypto/cryptocheck.c b/tools/tools/crypto/cryptocheck.c
	--- a/tools/tools/crypto/cryptocheck.c
	+++ b/tools/tools/crypto/cryptocheck.c
	@@ -143,20 +143,19 @@

	#include <sys/param.h>
	#include <sys/sysctl.h>
	+
	#include <assert.h>
	+#include <crypto/cryptodev.h>
	#include <err.h>
	#include <fcntl.h>
	#include <libutil.h>
	+#include <openssl/err.h>
	+#include <openssl/hmac.h>
	#include <stdbool.h>
	#include <stdio.h>
	#include <string.h>
	#include <unistd.h>

	-#include <openssl/err.h>
	-#include <openssl/hmac.h>
	-
	-#include <crypto/cryptodev.h>
	-
	struct ocf_session {
	int fd;
	int ses;
	@@ -175,88 +174,172 @@
	const EVP_MD (evp_md)(void);
	int pkey;
	} algs[] = {
	- { .name = "ripemd160", .mac = CRYPTO_RIPEMD160, .type = T_HASH,
	- .evp_md = EVP_ripemd160 },
	- { .name = "sha1", .mac = CRYPTO_SHA1, .type = T_HASH,
	- .evp_md = EVP_sha1 },
	- { .name = "sha224", .mac = CRYPTO_SHA2_224, .type = T_HASH,
	- .evp_md = EVP_sha224 },
	- { .name = "sha256", .mac = CRYPTO_SHA2_256, .type = T_HASH,
	- .evp_md = EVP_sha256 },
	- { .name = "sha384", .mac = CRYPTO_SHA2_384, .type = T_HASH,
	- .evp_md = EVP_sha384 },
	- { .name = "sha512", .mac = CRYPTO_SHA2_512, .type = T_HASH,
	- .evp_md = EVP_sha512 },
	- { .name = "ripemd160hmac", .mac = CRYPTO_RIPEMD160_HMAC, .type = T_HMAC,
	- .evp_md = EVP_ripemd160 },
	- { .name = "sha1hmac", .mac = CRYPTO_SHA1_HMAC, .type = T_HMAC,
	- .evp_md = EVP_sha1 },
	- { .name = "sha224hmac", .mac = CRYPTO_SHA2_224_HMAC, .type = T_HMAC,
	- .evp_md = EVP_sha224 },
	- { .name = "sha256hmac", .mac = CRYPTO_SHA2_256_HMAC, .type = T_HMAC,
	- .evp_md = EVP_sha256 },
	- { .name = "sha384hmac", .mac = CRYPTO_SHA2_384_HMAC, .type = T_HMAC,
	- .evp_md = EVP_sha384 },
	- { .name = "sha512hmac", .mac = CRYPTO_SHA2_512_HMAC, .type = T_HMAC,
	- .evp_md = EVP_sha512 },
	- { .name = "blake2b", .mac = CRYPTO_BLAKE2B, .type = T_HASH,
	- .evp_md = EVP_blake2b512 },
	- { .name = "blake2s", .mac = CRYPTO_BLAKE2S, .type = T_HASH,
	- .evp_md = EVP_blake2s256 },
	- { .name = "gmac128", .mac = CRYPTO_AES_NIST_GMAC, .type = T_GMAC,
	- .tag_len = AES_GMAC_HASH_LEN, .evp_cipher = EVP_aes_128_gcm },
	- { .name = "gmac192", .mac = CRYPTO_AES_NIST_GMAC, .type = T_GMAC,
	- .tag_len = AES_GMAC_HASH_LEN, .evp_cipher = EVP_aes_192_gcm },
	- { .name = "gmac256", .mac = CRYPTO_AES_NIST_GMAC, .type = T_GMAC,
	- .tag_len = AES_GMAC_HASH_LEN, .evp_cipher = EVP_aes_256_gcm },
	- { .name = "poly1305", .mac = CRYPTO_POLY1305, .type = T_DIGEST,
	- .key_len = POLY1305_KEY_LEN, .pkey = EVP_PKEY_POLY1305 },
	- { .name = "aes-cbc128", .cipher = CRYPTO_AES_CBC, .type = T_CIPHER,
	- .evp_cipher = EVP_aes_128_cbc },
	- { .name = "aes-cbc192", .cipher = CRYPTO_AES_CBC, .type = T_CIPHER,
	- .evp_cipher = EVP_aes_192_cbc },
	- { .name = "aes-cbc256", .cipher = CRYPTO_AES_CBC, .type = T_CIPHER,
	- .evp_cipher = EVP_aes_256_cbc },
	- { .name = "aes-ctr128", .cipher = CRYPTO_AES_ICM, .type = T_CIPHER,
	- .evp_cipher = EVP_aes_128_ctr },
	- { .name = "aes-ctr192", .cipher = CRYPTO_AES_ICM, .type = T_CIPHER,
	- .evp_cipher = EVP_aes_192_ctr },
	- { .name = "aes-ctr256", .cipher = CRYPTO_AES_ICM, .type = T_CIPHER,
	- .evp_cipher = EVP_aes_256_ctr },
	- { .name = "aes-xts128", .cipher = CRYPTO_AES_XTS, .type = T_CIPHER,
	- .evp_cipher = EVP_aes_128_xts },
	- { .name = "aes-xts256", .cipher = CRYPTO_AES_XTS, .type = T_CIPHER,
	- .evp_cipher = EVP_aes_256_xts },
	- { .name = "camellia-cbc128", .cipher = CRYPTO_CAMELLIA_CBC,
	- .type = T_CIPHER, .evp_cipher = EVP_camellia_128_cbc },
	- { .name = "camellia-cbc192", .cipher = CRYPTO_CAMELLIA_CBC,
	- .type = T_CIPHER, .evp_cipher = EVP_camellia_192_cbc },
	- { .name = "camellia-cbc256", .cipher = CRYPTO_CAMELLIA_CBC,
	- .type = T_CIPHER, .evp_cipher = EVP_camellia_256_cbc },
	- { .name = "chacha20", .cipher = CRYPTO_CHACHA20, .type = T_CIPHER,
	- .evp_cipher = EVP_chacha20 },
	- { .name = "aes-gcm128", .cipher = CRYPTO_AES_NIST_GCM_16,
	- .type = T_AEAD, .tag_len = AES_GMAC_HASH_LEN,
	- .iv_sizes = { AES_GCM_IV_LEN }, .evp_cipher = EVP_aes_128_gcm },
	- { .name = "aes-gcm192", .cipher = CRYPTO_AES_NIST_GCM_16,
	- .type = T_AEAD, .tag_len = AES_GMAC_HASH_LEN,
	- .iv_sizes = { AES_GCM_IV_LEN }, .evp_cipher = EVP_aes_192_gcm },
	- { .name = "aes-gcm256", .cipher = CRYPTO_AES_NIST_GCM_16,
	- .type = T_AEAD, .tag_len = AES_GMAC_HASH_LEN,
	- .iv_sizes = { AES_GCM_IV_LEN }, .evp_cipher = EVP_aes_256_gcm },
	- { .name = "aes-ccm128", .cipher = CRYPTO_AES_CCM_16, .type = T_AEAD,
	- .tag_len = AES_CBC_MAC_HASH_LEN, .iv_sizes = { 12, 7, 8, 9, 10, 11, 13 },
	- .evp_cipher = EVP_aes_128_ccm },
	- { .name = "aes-ccm192", .cipher = CRYPTO_AES_CCM_16, .type = T_AEAD,
	- .tag_len = AES_CBC_MAC_HASH_LEN, .iv_sizes = { 12, 7, 8, 9, 10, 11, 13 },
	- .evp_cipher = EVP_aes_192_ccm },
	- { .name = "aes-ccm256", .cipher = CRYPTO_AES_CCM_16, .type = T_AEAD,
	- .tag_len = AES_CBC_MAC_HASH_LEN, .iv_sizes = { 12, 7, 8, 9, 10, 11, 13 },
	- .evp_cipher = EVP_aes_256_ccm },
	- { .name = "chacha20-poly1305", .cipher = CRYPTO_CHACHA20_POLY1305,
	- .type = T_AEAD, .tag_len = POLY1305_HASH_LEN,
	- .iv_sizes = { CHACHA20_POLY1305_IV_LEN, 8 },
	- .evp_cipher = EVP_chacha20_poly1305 },
	+ { .name = "ripemd160",
	+ .mac = CRYPTO_RIPEMD160,
	+ .type = T_HASH,
	+ .evp_md = EVP_ripemd160 },
	+ { .name = "sha1",
	+ .mac = CRYPTO_SHA1,
	+ .type = T_HASH,
	+ .evp_md = EVP_sha1 },
	+ { .name = "sha224",
	+ .mac = CRYPTO_SHA2_224,
	+ .type = T_HASH,
	+ .evp_md = EVP_sha224 },
	+ { .name = "sha256",
	+ .mac = CRYPTO_SHA2_256,
	+ .type = T_HASH,
	+ .evp_md = EVP_sha256 },
	+ { .name = "sha384",
	+ .mac = CRYPTO_SHA2_384,
	+ .type = T_HASH,
	+ .evp_md = EVP_sha384 },
	+ { .name = "sha512",
	+ .mac = CRYPTO_SHA2_512,
	+ .type = T_HASH,
	+ .evp_md = EVP_sha512 },
	+ { .name = "ripemd160hmac",
	+ .mac = CRYPTO_RIPEMD160_HMAC,
	+ .type = T_HMAC,
	+ .evp_md = EVP_ripemd160 },
	+ { .name = "sha1hmac",
	+ .mac = CRYPTO_SHA1_HMAC,
	+ .type = T_HMAC,
	+ .evp_md = EVP_sha1 },
	+ { .name = "sha224hmac",
	+ .mac = CRYPTO_SHA2_224_HMAC,
	+ .type = T_HMAC,
	+ .evp_md = EVP_sha224 },
	+ { .name = "sha256hmac",
	+ .mac = CRYPTO_SHA2_256_HMAC,
	+ .type = T_HMAC,
	+ .evp_md = EVP_sha256 },
	+ { .name = "sha384hmac",
	+ .mac = CRYPTO_SHA2_384_HMAC,
	+ .type = T_HMAC,
	+ .evp_md = EVP_sha384 },
	+ { .name = "sha512hmac",
	+ .mac = CRYPTO_SHA2_512_HMAC,
	+ .type = T_HMAC,
	+ .evp_md = EVP_sha512 },
	+ { .name = "blake2b",
	+ .mac = CRYPTO_BLAKE2B,
	+ .type = T_HASH,
	+ .evp_md = EVP_blake2b512 },
	+ { .name = "blake2s",
	+ .mac = CRYPTO_BLAKE2S,
	+ .type = T_HASH,
	+ .evp_md = EVP_blake2s256 },
	+ { .name = "gmac128",
	+ .mac = CRYPTO_AES_NIST_GMAC,
	+ .type = T_GMAC,
	+ .tag_len = AES_GMAC_HASH_LEN,
	+ .evp_cipher = EVP_aes_128_gcm },
	+ { .name = "gmac192",
	+ .mac = CRYPTO_AES_NIST_GMAC,
	+ .type = T_GMAC,
	+ .tag_len = AES_GMAC_HASH_LEN,
	+ .evp_cipher = EVP_aes_192_gcm },
	+ { .name = "gmac256",
	+ .mac = CRYPTO_AES_NIST_GMAC,
	+ .type = T_GMAC,
	+ .tag_len = AES_GMAC_HASH_LEN,
	+ .evp_cipher = EVP_aes_256_gcm },
	+ { .name = "poly1305",
	+ .mac = CRYPTO_POLY1305,
	+ .type = T_DIGEST,
	+ .key_len = POLY1305_KEY_LEN,
	+ .pkey = EVP_PKEY_POLY1305 },
	+ { .name = "aes-cbc128",
	+ .cipher = CRYPTO_AES_CBC,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_aes_128_cbc },
	+ { .name = "aes-cbc192",
	+ .cipher = CRYPTO_AES_CBC,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_aes_192_cbc },
	+ { .name = "aes-cbc256",
	+ .cipher = CRYPTO_AES_CBC,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_aes_256_cbc },
	+ { .name = "aes-ctr128",
	+ .cipher = CRYPTO_AES_ICM,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_aes_128_ctr },
	+ { .name = "aes-ctr192",
	+ .cipher = CRYPTO_AES_ICM,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_aes_192_ctr },
	+ { .name = "aes-ctr256",
	+ .cipher = CRYPTO_AES_ICM,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_aes_256_ctr },
	+ { .name = "aes-xts128",
	+ .cipher = CRYPTO_AES_XTS,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_aes_128_xts },
	+ { .name = "aes-xts256",
	+ .cipher = CRYPTO_AES_XTS,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_aes_256_xts },
	+ { .name = "camellia-cbc128",
	+ .cipher = CRYPTO_CAMELLIA_CBC,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_camellia_128_cbc },
	+ { .name = "camellia-cbc192",
	+ .cipher = CRYPTO_CAMELLIA_CBC,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_camellia_192_cbc },
	+ { .name = "camellia-cbc256",
	+ .cipher = CRYPTO_CAMELLIA_CBC,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_camellia_256_cbc },
	+ { .name = "chacha20",
	+ .cipher = CRYPTO_CHACHA20,
	+ .type = T_CIPHER,
	+ .evp_cipher = EVP_chacha20 },
	+ { .name = "aes-gcm128",
	+ .cipher = CRYPTO_AES_NIST_GCM_16,
	+ .type = T_AEAD,
	+ .tag_len = AES_GMAC_HASH_LEN,
	+ .iv_sizes = { AES_GCM_IV_LEN },
	+ .evp_cipher = EVP_aes_128_gcm },
	+ { .name = "aes-gcm192",
	+ .cipher = CRYPTO_AES_NIST_GCM_16,
	+ .type = T_AEAD,
	+ .tag_len = AES_GMAC_HASH_LEN,
	+ .iv_sizes = { AES_GCM_IV_LEN },
	+ .evp_cipher = EVP_aes_192_gcm },
	+ { .name = "aes-gcm256",
	+ .cipher = CRYPTO_AES_NIST_GCM_16,
	+ .type = T_AEAD,
	+ .tag_len = AES_GMAC_HASH_LEN,
	+ .iv_sizes = { AES_GCM_IV_LEN },
	+ .evp_cipher = EVP_aes_256_gcm },
	+ { .name = "aes-ccm128",
	+ .cipher = CRYPTO_AES_CCM_16,
	+ .type = T_AEAD,
	+ .tag_len = AES_CBC_MAC_HASH_LEN,
	+ .iv_sizes = { 12, 7, 8, 9, 10, 11, 13 },
	+ .evp_cipher = EVP_aes_128_ccm },
	+ { .name = "aes-ccm192",
	+ .cipher = CRYPTO_AES_CCM_16,
	+ .type = T_AEAD,
	+ .tag_len = AES_CBC_MAC_HASH_LEN,
	+ .iv_sizes = { 12, 7, 8, 9, 10, 11, 13 },
	+ .evp_cipher = EVP_aes_192_ccm },
	+ { .name = "aes-ccm256",
	+ .cipher = CRYPTO_AES_CCM_16,
	+ .type = T_AEAD,
	+ .tag_len = AES_CBC_MAC_HASH_LEN,
	+ .iv_sizes = { 12, 7, 8, 9, 10, 11, 13 },
	+ .evp_cipher = EVP_aes_256_ccm },
	+ { .name = "chacha20-poly1305",
	+ .cipher = CRYPTO_CHACHA20_POLY1305,
	+ .type = T_AEAD,
	+ .tag_len = POLY1305_HASH_LEN,
	+ .iv_sizes = { CHACHA20_POLY1305_IV_LEN, 8 },
	+ .evp_cipher = EVP_chacha20_poly1305 },
	};

	static bool testall, verbose;
	@@ -347,7 +430,7 @@
	/*
	* Called on exit to change kern.cryptodevallowsoft back to 0
	*/
	-#define CRYPT_SOFT_ALLOW "kern.cryptodevallowsoft"
	+#define CRYPT_SOFT_ALLOW "kern.cryptodevallowsoft"

	static void
	reset_user_soft(void)
	@@ -363,8 +446,8 @@
	int on = 1;
	size_t cursize = sizeof(curstate);

	- if (sysctlbyname(CRYPT_SOFT_ALLOW, &curstate, &cursize,
	- &on, sizeof(on)) == 0) {
	+ if (sysctlbyname(CRYPT_SOFT_ALLOW, &curstate, &cursize, &on,
	+ sizeof(on)) == 0) {
	if (curstate == 0)
	atexit(reset_user_soft);
	}
	@@ -407,11 +490,10 @@
	static char
	rdigit(void)
	{
	- const char a[] = {
	- 0x10,0x54,0x11,0x48,0x45,0x12,0x4f,0x13,0x49,0x53,0x14,0x41,
	- 0x15,0x16,0x4e,0x55,0x54,0x17,0x18,0x4a,0x4f,0x42,0x19,0x01
	- };
	- return 0x20+a[random()%nitems(a)];
	+ const char a[] = { 0x10, 0x54, 0x11, 0x48, 0x45, 0x12, 0x4f, 0x13, 0x49,
	+ 0x53, 0x14, 0x41, 0x15, 0x16, 0x4e, 0x55, 0x54, 0x17, 0x18,
	+ 0x4a, 0x4f, 0x42, 0x19, 0x01 };
	+ return 0x20 + a[random() % nitems(a)];
	}

	static char *
	@@ -473,8 +555,8 @@

	fd = devcrypto();
	if (ioctl(fd, CIOCGSESSION2, sop) < 0) {
	- warn("cryptodev %s %s not supported for device %s",
	- type, name, crfind(sop->crid));
	+ warn("cryptodev %s %s not supported for device %s", type, name,
	+ crfind(sop->crid));
	ses->fd = -1;
	return (false);
	}
	@@ -599,8 +681,8 @@
	goto out;
	if (memcmp(control_digest, test_digest, sizeof(control_digest)) != 0) {
	if (memcmp(control_digest, test_digest, EVP_MD_size(md)) == 0)
	- printf("%s (%zu) mismatch in trailer:\n",
	- alg->name, size);
	+ printf("%s (%zu) mismatch in trailer:\n", alg->name,
	+ size);
	else
	printf("%s (%zu) mismatch:\n", alg->name, size);
	printf("control:\n");
	@@ -611,8 +693,8 @@
	}

	if (verbose)
	- printf("%s (%zu) matched (cryptodev device %s)\n",
	- alg->name, size, crfind(crid));
	+ printf("%s (%zu) matched (cryptodev device %s)\n", alg->name,
	+ size, crfind(crid));

	out:
	free(buffer);
	@@ -673,17 +755,17 @@
	/* OpenSSL HMAC. */
	digest_len = sizeof(control_digest);
	if (HMAC(md, key, key_len, (u_char *)buffer, size,
	- (u_char *)control_digest, &digest_len) == NULL)
	- errx(1, "OpenSSL %s (%zu) HMAC failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ (u_char *)control_digest, &digest_len) == NULL)
	+ errx(1, "OpenSSL %s (%zu) HMAC failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));

	/* cryptodev HMAC. */
	if (!ocf_hmac(alg, buffer, size, key, key_len, test_digest, &crid))
	goto out;
	if (memcmp(control_digest, test_digest, sizeof(control_digest)) != 0) {
	if (memcmp(control_digest, test_digest, EVP_MD_size(md)) == 0)
	- printf("%s (%zu) mismatch in trailer:\n",
	- alg->name, size);
	+ printf("%s (%zu) mismatch in trailer:\n", alg->name,
	+ size);
	else
	printf("%s (%zu) mismatch:\n", alg->name, size);
	printf("control:\n");
	@@ -694,8 +776,8 @@
	}

	if (verbose)
	- printf("%s (%zu) matched (cryptodev device %s)\n",
	- alg->name, size, crfind(crid));
	+ printf("%s (%zu) matched (cryptodev device %s)\n", alg->name,
	+ size, crfind(crid));

	out:
	free(buffer);
	@@ -711,15 +793,15 @@

	ctx = EVP_CIPHER_CTX_new();
	if (ctx == NULL)
	- errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	if (EVP_CipherInit_ex(ctx, cipher, NULL, (const u_char *)key,
	- (const u_char *)iv, enc) != 1)
	- errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ (const u_char *)iv, enc) != 1)
	+ errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	EVP_CIPHER_CTX_set_padding(ctx, 0);
	if (EVP_CipherUpdate(ctx, (u_char *)output, &outl,
	- (const u_char *)input, size) != 1)
	+ (const u_char *)input, size) != 1)
	errx(1, "OpenSSL %s (%zu) cipher update failed: %s", alg->name,
	size, ERR_error_string(ERR_get_error(), NULL));
	total = outl;
	@@ -852,8 +934,8 @@
	}

	if (verbose)
	- printf("%s (%zu) matched (cryptodev device %s)\n",
	- alg->name, size, crfind(ses.crid));
	+ printf("%s (%zu) matched (cryptodev device %s)\n", alg->name,
	+ size, crfind(ses.crid));

	out:
	ocf_destroy_session(&ses);
	@@ -938,7 +1020,7 @@
	if (size % EVP_CIPHER_block_size(cipher) != 0) {
	if (verbose)
	printf(
	- "%s (%zu, %zu): invalid buffer size (block size %d)\n",
	+ "%s (%zu, %zu): invalid buffer size (block size %d)\n",
	alg->name, aad_len, size,
	EVP_CIPHER_block_size(cipher));
	return;
	@@ -974,18 +1056,18 @@
	memcpy(ciphertext, cleartext, aad_len);
	openssl_cipher(alg, cipher, cipher_key, iv, cleartext + aad_len,
	ciphertext + aad_len, size, 1);
	- if (size > 0 && memcmp(cleartext + aad_len, ciphertext + aad_len,
	- size) == 0)
	- warnx("OpenSSL %s (%zu, %zu): cipher text unchanged",
	- alg->name, aad_len, size);
	+ if (size > 0 &&
	+ memcmp(cleartext + aad_len, ciphertext + aad_len, size) == 0)
	+ warnx("OpenSSL %s (%zu, %zu): cipher text unchanged", alg->name,
	+ aad_len, size);
	digest_len = sizeof(control_digest);
	if (HMAC(md, auth_key, auth_key_len, (u_char *)ciphertext,
	- aad_len + size, (u_char *)control_digest, &digest_len) == NULL)
	+ aad_len + size, (u_char *)control_digest, &digest_len) == NULL)
	errx(1, "OpenSSL %s (%zu, %zu) HMAC failed: %s", alg->name,
	aad_len, size, ERR_error_string(ERR_get_error(), NULL));

	if (!ocf_init_eta_session(alg, cipher_key, cipher_key_len, auth_key,
	- auth_key_len, &ses))
	+ auth_key_len, &ses))
	goto out;

	/* OCF encrypt + HMAC. */
	@@ -1047,11 +1129,11 @@
	if (error != EBADMSG) {
	if (error != 0)
	warnc(error,
	- "cryptodev %s (%zu, %zu) corrupt tag failed for device %s",
	+ "cryptodev %s (%zu, %zu) corrupt tag failed for device %s",
	alg->name, aad_len, size, crfind(ses.crid));
	else
	warnx(
	- "cryptodev %s (%zu, %zu) corrupt tag didn't fail for device %s",
	+ "cryptodev %s (%zu, %zu) corrupt tag didn't fail for device %s",
	alg->name, aad_len, size, crfind(ses.crid));
	goto out;
	}
	@@ -1079,24 +1161,24 @@

	ctx = EVP_CIPHER_CTX_new();
	if (ctx == NULL)
	- errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	if (EVP_EncryptInit_ex(ctx, cipher, NULL, (const u_char *)key,
	- (const u_char *)iv) != 1)
	- errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ (const u_char *)iv) != 1)
	+ errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	EVP_CIPHER_CTX_set_padding(ctx, 0);
	- if (EVP_EncryptUpdate(ctx, NULL, &outl, (const u_char *)input,
	- size) != 1)
	- errx(1, "OpenSSL %s (%zu) update failed: %s",
	- alg->name, size, ERR_error_string(ERR_get_error(), NULL));
	+ if (EVP_EncryptUpdate(ctx, NULL, &outl, (const u_char *)input, size) !=
	+ 1)
	+ errx(1, "OpenSSL %s (%zu) update failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	if (EVP_EncryptFinal_ex(ctx, NULL, &outl) != 1)
	- errx(1, "OpenSSL %s (%zu) final failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ errx(1, "OpenSSL %s (%zu) final failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, alg->tag_len,
	- tag) != 1)
	- errx(1, "OpenSSL %s (%zu) get tag failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ tag) != 1)
	+ errx(1, "OpenSSL %s (%zu) get tag failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	EVP_CIPHER_CTX_free(ctx);
	}

	@@ -1123,8 +1205,8 @@
	cop.iv = iv;

	if (ioctl(ses.fd, CIOCCRYPT, &cop) < 0) {
	- warn("cryptodev %s (%zu) failed for device %s", alg->name,
	- size, crfind(ses.crid));
	+ warn("cryptodev %s (%zu) failed for device %s", alg->name, size,
	+ crfind(ses.crid));
	ocf_destroy_session(&ses);
	return (false);
	}
	@@ -1171,8 +1253,8 @@
	}

	if (verbose)
	- printf("%s (%zu) matched (cryptodev device %s)\n",
	- alg->name, size, crfind(crid));
	+ printf("%s (%zu) matched (cryptodev device %s)\n", alg->name,
	+ size, crfind(crid));

	out:
	free(buffer);
	@@ -1190,12 +1272,12 @@

	pkey = EVP_PKEY_new_raw_private_key(alg->pkey, NULL, key, key_len);
	if (pkey == NULL)
	- errx(1, "OpenSSL %s (%zu) pkey new failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ errx(1, "OpenSSL %s (%zu) pkey new failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	mdctx = EVP_MD_CTX_new();
	if (mdctx == NULL)
	- errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	if (EVP_DigestSignInit(mdctx, NULL, NULL, NULL, pkey) != 1)
	errx(1, "OpenSSL %s (%zu) digest sign init failed: %s",
	alg->name, size, ERR_error_string(ERR_get_error(), NULL));
	@@ -1243,8 +1325,8 @@
	}

	if (verbose)
	- printf("%s (%zu) matched (cryptodev device %s)\n",
	- alg->name, size, crfind(crid));
	+ printf("%s (%zu) matched (cryptodev device %s)\n", alg->name,
	+ size, crfind(crid));

	out:
	free(buffer);
	@@ -1261,28 +1343,29 @@

	ctx = EVP_CIPHER_CTX_new();
	if (ctx == NULL)
	- errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	if (EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1)
	- errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	- if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len, NULL) != 1)
	- errx(1, "OpenSSL %s (%zu) setting iv length failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	+ if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len, NULL) !=
	+ 1)
	+ errx(1, "OpenSSL %s (%zu) setting iv length failed: %s",
	+ alg->name, size, ERR_error_string(ERR_get_error(), NULL));
	if (EVP_EncryptInit_ex(ctx, NULL, NULL, (const u_char *)key,
	- (const u_char *)iv) != 1)
	- errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ (const u_char *)iv) != 1)
	+ errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	EVP_CIPHER_CTX_set_padding(ctx, 0);
	if (aad != NULL) {
	if (EVP_EncryptUpdate(ctx, NULL, &outl, (const u_char *)aad,
	- aad_len) != 1)
	+ aad_len) != 1)
	errx(1, "OpenSSL %s (%zu) aad update failed: %s",
	alg->name, size,
	ERR_error_string(ERR_get_error(), NULL));
	}
	if (EVP_EncryptUpdate(ctx, (u_char *)output, &outl,
	- (const u_char *)input, size) != 1)
	+ (const u_char *)input, size) != 1)
	errx(1, "OpenSSL %s (%zu) encrypt update failed: %s", alg->name,
	size, ERR_error_string(ERR_get_error(), NULL));
	total = outl;
	@@ -1294,9 +1377,9 @@
	errx(1, "OpenSSL %s (%zu) encrypt size mismatch: %d", alg->name,
	size, total);
	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, alg->tag_len,
	- tag) != 1)
	- errx(1, "OpenSSL %s (%zu) get tag failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ tag) != 1)
	+ errx(1, "OpenSSL %s (%zu) get tag failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	EVP_CIPHER_CTX_free(ctx);
	}

	@@ -1312,29 +1395,29 @@

	ctx = EVP_CIPHER_CTX_new();
	if (ctx == NULL)
	- errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ errx(1, "OpenSSL %s (%zu) ctx new failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	if (EVP_DecryptInit_ex(ctx, cipher, NULL, (const u_char *)key,
	- (const u_char *)iv) != 1)
	- errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ (const u_char *)iv) != 1)
	+ errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	EVP_CIPHER_CTX_set_padding(ctx, 0);
	if (aad != NULL) {
	if (EVP_DecryptUpdate(ctx, NULL, &outl, (const u_char *)aad,
	- aad_len) != 1)
	+ aad_len) != 1)
	errx(1, "OpenSSL %s (%zu) aad update failed: %s",
	alg->name, size,
	ERR_error_string(ERR_get_error(), NULL));
	}
	if (EVP_DecryptUpdate(ctx, (u_char *)output, &outl,
	- (const u_char *)input, size) != 1)
	+ (const u_char *)input, size) != 1)
	errx(1, "OpenSSL %s (%zu) decrypt update failed: %s", alg->name,
	size, ERR_error_string(ERR_get_error(), NULL));
	total = outl;
	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, alg->tag_len,
	- tag) != 1)
	- errx(1, "OpenSSL %s (%zu) get tag failed: %s", alg->name,
	- size, ERR_error_string(ERR_get_error(), NULL));
	+ tag) != 1)
	+ errx(1, "OpenSSL %s (%zu) get tag failed: %s", alg->name, size,
	+ ERR_error_string(ERR_get_error(), NULL));
	valid = (EVP_DecryptFinal_ex(ctx, (u_char *)output + outl, &outl) != 1);
	total += outl;
	if (total != size)
	@@ -1362,18 +1445,20 @@
	errx(1, "OpenSSL %s/%zu (%zu, %zu) ctx init failed: %s",
	alg->name, iv_len, aad_len, size,
	ERR_error_string(ERR_get_error(), NULL));
	- if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len, NULL) != 1)
	+ if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len, NULL) !=
	+ 1)
	errx(1,
	"OpenSSL %s/%zu (%zu, %zu) setting iv length failed: %s",
	alg->name, iv_len, aad_len, size,
	ERR_error_string(ERR_get_error(), NULL));
	- if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, AES_CBC_MAC_HASH_LEN, NULL) != 1)
	+ if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
	+ AES_CBC_MAC_HASH_LEN, NULL) != 1)
	errx(1,
	"OpenSSL %s/%zu (%zu, %zu) setting tag length failed: %s",
	alg->name, iv_len, aad_len, size,
	ERR_error_string(ERR_get_error(), NULL));
	if (EVP_EncryptInit_ex(ctx, NULL, NULL, (const u_char *)key,
	- (const u_char *)iv) != 1)
	+ (const u_char *)iv) != 1)
	errx(1, "OpenSSL %s/%zu (%zu, %zu) ctx init failed: %s",
	alg->name, iv_len, aad_len, size,
	ERR_error_string(ERR_get_error(), NULL));
	@@ -1385,14 +1470,14 @@

	if (aad != NULL) {
	if (EVP_EncryptUpdate(ctx, NULL, &outl, (const u_char *)aad,
	- aad_len) != 1)
	+ aad_len) != 1)
	errx(1,
	"OpenSSL %s/%zu (%zu, %zu) aad update failed: %s",
	alg->name, iv_len, aad_len, size,
	ERR_error_string(ERR_get_error(), NULL));
	}
	if (EVP_EncryptUpdate(ctx, (u_char *)output, &outl,
	- (const u_char *)input, size) != 1)
	+ (const u_char *)input, size) != 1)
	errx(1, "OpenSSL %s/%zu (%zu, %zu) encrypt update failed: %s",
	alg->name, iv_len, aad_len, size,
	ERR_error_string(ERR_get_error(), NULL));
	@@ -1405,8 +1490,8 @@
	if ((size_t)total != size)
	errx(1, "OpenSSL %s/%zu (%zu, %zu) encrypt size mismatch: %d",
	alg->name, iv_len, aad_len, size, total);
	- if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, AES_CBC_MAC_HASH_LEN,
	- tag) != 1)
	+ if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
	+ AES_CBC_MAC_HASH_LEN, tag) != 1)
	errx(1, "OpenSSL %s/%zu (%zu, %zu) get tag failed: %s",
	alg->name, iv_len, aad_len, size,
	ERR_error_string(ERR_get_error(), NULL));
	@@ -1450,7 +1535,7 @@
	return (0);
	}

	-#define AEAD_MAX_TAG_LEN \
	+#define AEAD_MAX_TAG_LEN \
	MAX(MAX(AES_GMAC_HASH_LEN, AES_CBC_MAC_HASH_LEN), POLY1305_HASH_LEN)

	static size_t
	@@ -1482,8 +1567,7 @@
	}

	static void
	-run_aead_test(const struct alg *alg, size_t aad_len, size_t size,
	- size_t iv_len)
	+run_aead_test(const struct alg *alg, size_t aad_len, size_t size, size_t iv_len)
	{
	struct ocf_session ses;
	const EVP_CIPHER *cipher;
	@@ -1497,7 +1581,7 @@
	if (size % EVP_CIPHER_block_size(cipher) != 0) {
	if (verbose)
	printf(
	- "%s/%zu (%zu, %zu): invalid buffer size (block size %d)\n",
	+ "%s/%zu (%zu, %zu): invalid buffer size (block size %d)\n",
	alg->name, iv_len, aad_len, size,
	EVP_CIPHER_block_size(cipher));
	return;
	@@ -1528,11 +1612,11 @@

	/* OpenSSL encrypt */
	if (EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE)
	- openssl_ccm_encrypt(alg, cipher, key, iv, iv_len, aad,
	- aad_len, cleartext, ciphertext, size, control_tag);
	+ openssl_ccm_encrypt(alg, cipher, key, iv, iv_len, aad, aad_len,
	+ cleartext, ciphertext, size, control_tag);
	else
	- openssl_aead_encrypt(alg, cipher, key, iv, iv_len, aad,
	- aad_len, cleartext, ciphertext, size, control_tag);
	+ openssl_aead_encrypt(alg, cipher, key, iv, iv_len, aad, aad_len,
	+ cleartext, ciphertext, size, control_tag);

	if (!ocf_init_aead_session(alg, key, key_len, iv_len, &ses))
	goto out;
	@@ -1565,8 +1649,8 @@
	}

	/* OCF decrypt */
	- error = ocf_aead(&ses, iv, iv_len, aad, aad_len, ciphertext,
	- buffer, size, control_tag, COP_DECRYPT);
	+ error = ocf_aead(&ses, iv, iv_len, aad, aad_len, ciphertext, buffer,
	+ size, control_tag, COP_DECRYPT);
	if (error != 0) {
	warnc(error, "cryptodev %s/%zu (%zu, %zu) failed for device %s",
	alg->name, iv_len, aad_len, size, crfind(ses.crid));
	@@ -1584,16 +1668,16 @@

	/* Verify OCF decrypt fails with busted tag. */
	test_tag[0] ^= 0x1;
	- error = ocf_aead(&ses, iv, iv_len, aad, aad_len, ciphertext,
	- buffer, size, test_tag, COP_DECRYPT);
	+ error = ocf_aead(&ses, iv, iv_len, aad, aad_len, ciphertext, buffer,
	+ size, test_tag, COP_DECRYPT);
	if (error != EBADMSG) {
	if (error != 0)
	warnc(error,
	- "cryptodev %s/%zu (%zu, %zu) corrupt tag failed for device %s",
	+ "cryptodev %s/%zu (%zu, %zu) corrupt tag failed for device %s",
	alg->name, iv_len, aad_len, size, crfind(ses.crid));
	else
	warnx(
	- "cryptodev %s/%zu (%zu, %zu) corrupt tag didn't fail for device %s",
	+ "cryptodev %s/%zu (%zu, %zu) corrupt tag didn't fail for device %s",
	alg->name, iv_len, aad_len, size, crfind(ses.crid));
	goto out;
	}
	diff --git a/tools/tools/crypto/cryptostats.c b/tools/tools/crypto/cryptostats.c
	--- a/tools/tools/crypto/cryptostats.c
	+++ b/tools/tools/crypto/cryptostats.c
	@@ -36,7 +36,6 @@
	#include <sys/time.h>

	#include <crypto/cryptodev.h>
	-
	#include <err.h>
	#include <stdio.h>
	#include <stdlib.h>
	@@ -44,17 +43,18 @@
	#include <strings.h>

	static void
	-printt(const char* tag, struct cryptotstat *ts)
	+printt(const char tag, struct cryptotstat ts)
	{
	- uint64_t avg, min, max;
	+ unsigned long long avg, min, max;

	if (ts->count == 0)
	return;
	- avg = (1000000000LL*ts->acc.tv_sec + ts->acc.tv_nsec) / ts->count;
	- min = 1000000000LL*ts->min.tv_sec + ts->min.tv_nsec;
	- max = 1000000000LL*ts->max.tv_sec + ts->max.tv_nsec;
	- printf("%16.16s: avg %6llu ns : min %6llu ns : max %7llu ns [%u samps]\n",
	- tag, avg, min, max, ts->count);
	+ avg = (1000000000LL * ts->acc.tv_sec + ts->acc.tv_nsec) / ts->count;
	+ min = 1000000000LL * ts->min.tv_sec + ts->min.tv_nsec;
	+ max = 1000000000LL * ts->max.tv_sec + ts->max.tv_nsec;
	+ printf(
	+ "%16.16s: avg %6llu ns : min %6llu ns : max %7llu ns [%u samps]\n",
	+ tag, avg, min, max, ts->count);
	}

	int
	@@ -63,41 +63,43 @@
	struct cryptostats stats;
	size_t slen;

	- slen = sizeof (stats);
	+ slen = sizeof(stats);
	if (sysctlbyname("kern.crypto_stats", &stats, &slen, NULL, 0) < 0)
	err(1, "kern.cryptostats");

	if (argc > 1 && strcmp(argv[1], "-z") == 0) {
	- bzero(&stats.cs_invoke, sizeof (stats.cs_invoke));
	- bzero(&stats.cs_done, sizeof (stats.cs_done));
	- bzero(&stats.cs_cb, sizeof (stats.cs_cb));
	- bzero(&stats.cs_finis, sizeof (stats.cs_finis));
	+ bzero(&stats.cs_invoke, sizeof(stats.cs_invoke));
	+ bzero(&stats.cs_done, sizeof(stats.cs_done));
	+ bzero(&stats.cs_cb, sizeof(stats.cs_cb));
	+ bzero(&stats.cs_finis, sizeof(stats.cs_finis));
	stats.cs_invoke.min.tv_sec = 10000;
	stats.cs_done.min.tv_sec = 10000;
	stats.cs_cb.min.tv_sec = 10000;
	stats.cs_finis.min.tv_sec = 10000;
	- if (sysctlbyname("kern.crypto_stats", NULL, NULL, &stats, sizeof (stats)) < 0)
	+ if (sysctlbyname("kern.crypto_stats", NULL, NULL, &stats,
	+ sizeof(stats)) < 0)
	err(1, "kern.cryptostats");
	exit(0);
	}
	if (argc > 1 && strcmp(argv[1], "-Z") == 0) {
	- bzero(&stats, sizeof (stats));
	+ bzero(&stats, sizeof(stats));
	stats.cs_invoke.min.tv_sec = 10000;
	stats.cs_done.min.tv_sec = 10000;
	stats.cs_cb.min.tv_sec = 10000;
	stats.cs_finis.min.tv_sec = 10000;
	- if (sysctlbyname("kern.crypto_stats", NULL, NULL, &stats, sizeof (stats)) < 0)
	+ if (sysctlbyname("kern.crypto_stats", NULL, NULL, &stats,
	+ sizeof(stats)) < 0)
	err(1, "kern.cryptostats");
	exit(0);
	}

	-
	- printf("%u symmetric crypto ops (%u errors, %u times driver blocked)\n"
	- , stats.cs_ops, stats.cs_errs, stats.cs_blocks);
	- printf("%u key ops (%u errors, %u times driver blocked)\n"
	- , stats.cs_kops, stats.cs_kerrs, stats.cs_kblocks);
	- printf("%u crypto dispatch thread activations\n", stats.cs_intrs);
	- printf("%u crypto return thread activations\n", stats.cs_rets);
	+ printf(
	+ "%lu symmetric crypto ops (%lu errors, %lu times driver blocked)\n",
	+ stats.cs_ops, stats.cs_errs, stats.cs_blocks);
	+ printf("%lu key ops (%lu errors, %lu times driver blocked)\n",
	+ stats.cs_kops, stats.cs_kerrs, stats.cs_kblocks);
	+ printf("%lu crypto dispatch thread activations\n", stats.cs_intrs);
	+ printf("%lu crypto return thread activations\n", stats.cs_rets);
	if (stats.cs_invoke.count) {
	printf("\n");
	printt("dispatch->invoke", &stats.cs_invoke);
	diff --git a/tools/tools/crypto/cryptotest.c b/tools/tools/crypto/cryptotest.c
	--- a/tools/tools/crypto/cryptotest.c
	+++ b/tools/tools/crypto/cryptotest.c
	@@ -94,6 +94,7 @@
	#include <sys/time.h>
	#include <sys/wait.h>

	+#include <crypto/cryptodev.h>
	#include <err.h>
	#include <fcntl.h>
	#include <paths.h>
	@@ -103,56 +104,68 @@
	#include <sysexits.h>
	#include <unistd.h>

	-#include <crypto/cryptodev.h>
	-
	-#define CHUNK 64 /* how much to display */
	-#define streq(a,b) (strcasecmp(a,b) == 0)
	-
	-void hexdump(char *, int);
	-
	-int verbose = 0;
	-int opflags = 0;
	-int verify = 0;
	-int crid = CRYPTO_FLAG_HARDWARE;
	-
	-struct alg {
	- const char* name;
	- int ishash;
	- int blocksize;
	- int minkeylen;
	- int maxkeylen;
	- int code;
	+#define CHUNK 64 /* how much to display */
	+#define streq(a, b) (strcasecmp(a, b) == 0)
	+
	+static int verbose = 0;
	+static int opflags = 0;
	+static int verify = 0;
	+static int crid = CRYPTO_FLAG_HARDWARE;
	+
	+static struct alg {
	+ const char *name;
	+ int ishash;
	+ int blocksize;
	+ int minkeylen;
	+ int maxkeylen;
	+ int code;
	} algorithms[] = {
	#ifdef CRYPTO_NULL_CBC
	- { "null", 0, 8, 1, 256, CRYPTO_NULL_CBC },
	+ { "null", 0, 8, 1, 256, CRYPTO_NULL_CBC },
	#endif
	- { "des", 0, 8, 8, 8, CRYPTO_DES_CBC },
	- { "3des", 0, 8, 24, 24, CRYPTO_3DES_CBC },
	- { "blf", 0, 8, 5, 56, CRYPTO_BLF_CBC },
	- { "cast", 0, 8, 5, 16, CRYPTO_CAST_CBC },
	- { "skj", 0, 8, 10, 10, CRYPTO_SKIPJACK_CBC },
	- { "rij", 0, 16, 16, 16, CRYPTO_RIJNDAEL128_CBC},
	- { "aes", 0, 16, 16, 16, CRYPTO_AES_CBC},
	- { "aes192", 0, 16, 24, 24, CRYPTO_AES_CBC},
	- { "aes256", 0, 16, 32, 32, CRYPTO_AES_CBC},
	- { "chacha20", 0, 1, 32, 32, CRYPTO_CHACHA20},
	- { "blake2b", 1, 128, 64, 64, CRYPTO_BLAKE2B },
	- { "blake2s", 1, 64, 32, 32, CRYPTO_BLAKE2S },
	- { "md5", 1, 8, 16, 16, CRYPTO_MD5_HMAC },
	- { "sha1", 1, 8, 20, 20, CRYPTO_SHA1_HMAC },
	- { "sha256", 1, 8, 32, 32, CRYPTO_SHA2_256_HMAC },
	- { "sha384", 1, 8, 48, 48, CRYPTO_SHA2_384_HMAC },
	- { "sha512", 1, 8, 64, 64, CRYPTO_SHA2_512_HMAC },
	+ { "des", 0, 8, 8, 8, CRYPTO_DES_CBC },
	+ { "3des", 0, 8, 24, 24, CRYPTO_3DES_CBC },
	+ { "blf", 0, 8, 5, 56, CRYPTO_BLF_CBC },
	+ { "cast", 0, 8, 5, 16, CRYPTO_CAST_CBC },
	+ { "skj", 0, 8, 10, 10, CRYPTO_SKIPJACK_CBC },
	+ { "rij", 0, 16, 16, 16, CRYPTO_RIJNDAEL128_CBC },
	+ { "aes", 0, 16, 16, 16, CRYPTO_AES_CBC },
	+ { "aes192", 0, 16, 24, 24, CRYPTO_AES_CBC },
	+ { "aes256", 0, 16, 32, 32, CRYPTO_AES_CBC },
	+ { "chacha20", 0, 1, 32, 32, CRYPTO_CHACHA20 },
	+ { "blake2b", 1, 128, 64, 64, CRYPTO_BLAKE2B },
	+ { "blake2s", 1, 64, 32, 32, CRYPTO_BLAKE2S },
	+ { "md5", 1, 8, 16, 16, CRYPTO_MD5_HMAC },
	+ { "sha1", 1, 8, 20, 20, CRYPTO_SHA1_HMAC },
	+ { "sha256", 1, 8, 32, 32, CRYPTO_SHA2_256_HMAC },
	+ { "sha384", 1, 8, 48, 48, CRYPTO_SHA2_384_HMAC },
	+ { "sha512", 1, 8, 64, 64, CRYPTO_SHA2_512_HMAC },
	};

	+struct alg *getalgbycode(int);
	+static void usage(const char *);
	+static struct alg getalgbyname(const char );
	+static int devcrypto(void);
	+static int crlookup(const char *);
	+static const char *crfind(int);
	+static char rdigit(void);
	+static void runtest(struct alg , struct alg , int, int, u_long,
	+ struct timeval *);
	+static void printt(const char , struct cryptotstat );
	+static void runtests(struct alg , struct alg , int, int, u_long, int, int);
	+static void resetstats(void);
	+static void hexdump(char *, int);
	+
	void
	-usage(const char* cmd)
	+usage(const char *cmd)
	{
	- printf("usage: %s [-czsbv] [-d dev] [-a algorithm] [count] [size ...]\n",
	- cmd);
	+ printf(
	+ "usage: %s [-czsbv] [-d dev] [-a algorithm] [count] [size ...]\n",
	+ cmd);
	printf("where algorithm is one of:\n");
	printf(" null des 3des (default) blowfish cast skipjack rij\n");
	- printf(" aes aes192 aes256 chacha20 md5 sha1 sha256 sha384 sha512\n");
	+ printf(
	+ " aes aes192 aes256 chacha20 md5 sha1 sha256 sha384 sha512\n");
	printf(" blake2b blake2s\n");
	printf(" or an encryption algorithm concatented with authentication\n");
	printf(" algorithm with '+' in the middle, e.g., aes+sha1.\n");
	@@ -160,8 +173,10 @@
	printf("size is the number of bytes of text to encrypt+decrypt\n");
	printf("\n");
	printf("-c check the results (slows timing)\n");
	- printf("-d use specific device, specify 'soft' for testing software implementations\n");
	- printf("\tNOTE: to use software you must set:\n\t sysctl kern.cryptodevallowsoft=1\n");
	+ printf(
	+ "-d use specific device, specify 'soft' for testing software implementations\n");
	+ printf(
	+ "\tNOTE: to use software you must set:\n\t sysctl kern.cryptodevallowsoft=1\n");
	printf("-z run all available algorithms on a variety of sizes\n");
	printf("-v be verbose\n");
	printf("-b mark operations for batching\n");
	@@ -170,10 +185,10 @@
	exit(-1);
	}

	-struct alg*
	+struct alg *
	getalgbycode(int cipher)
	{
	- int i;
	+ uint64_t i;

	for (i = 0; i < nitems(algorithms); i++)
	if (cipher == algorithms[i].code)
	@@ -181,10 +196,10 @@
	return NULL;
	}

	-struct alg*
	-getalgbyname(const char* name)
	+struct alg *
	+getalgbyname(const char *name)
	{
	- int i;
	+ uint64_t i;

	for (i = 0; i < nitems(algorithms); i++)
	if (streq(name, algorithms[i].name))
	@@ -223,12 +238,12 @@
	}

	const char *
	-crfind(int crid)
	+crfind(int id)
	{
	static struct crypt_find_op find;

	bzero(&find, sizeof(find));
	- find.crid = crid;
	+ find.crid = id;
	if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1)
	err(1, "ioctl(CIOCFINDDEV): crid %d", crid);
	return find.name;
	@@ -237,23 +252,25 @@
	char
	rdigit(void)
	{
	- const char a[] = {
	- 0x10,0x54,0x11,0x48,0x45,0x12,0x4f,0x13,0x49,0x53,0x14,0x41,
	- 0x15,0x16,0x4e,0x55,0x54,0x17,0x18,0x4a,0x4f,0x42,0x19,0x01
	- };
	- return 0x20+a[random()%nitems(a)];
	+ const char a[] = { 0x10, 0x54, 0x11, 0x48, 0x45, 0x12, 0x4f, 0x13, 0x49,
	+ 0x53, 0x14, 0x41, 0x15, 0x16, 0x4e, 0x55, 0x54, 0x17, 0x18,
	+ 0x4a, 0x4f, 0x42, 0x19, 0x01 };
	+ return 0x20 + a[random() % nitems(a)];
	}

	void
	-runtest(struct alg ealg, struct alg alg, int count, int size, u_long cmd, struct timeval *tv)
	+runtest(struct alg ealg, struct alg alg, int count, int size, u_long cmd,
	+ struct timeval *tv)
	{
	+ uint32_t j;
	+ uint64_t k;
	int i, fd = devcrypto();
	- struct timeval start, stop, dt;
	+ struct timeval start, stop;
	char cleartext, ciphertext, originaltext, key;
	struct session2_op sop;
	struct crypt_op cop;
	char iv[EALG_MAX_BLOCK_LEN];
	- char digest[512/8];
	+ char digest[512 / 8];

	/* Canonicalize 'ealg' to crypt alg and 'alg' to authentication alg. */
	if (ealg == NULL && !alg->ishash) {
	@@ -263,18 +280,18 @@

	bzero(&sop, sizeof(sop));
	if (ealg != NULL) {
	- sop.keylen = (ealg->minkeylen + ealg->maxkeylen)/2;
	- key = (char *) malloc(sop.keylen);
	+ sop.keylen = (ealg->minkeylen + ealg->maxkeylen) / 2;
	+ key = (char *)malloc(sop.keylen);
	if (key == NULL)
	err(1, "malloc (key)");
	- for (i = 0; i < sop.keylen; i++)
	- key[i] = rdigit();
	+ for (j = 0; j < sop.keylen; j++)
	+ key[j] = rdigit();
	sop.key = key;
	sop.cipher = ealg->code;
	}
	if (alg != NULL) {
	- sop.mackeylen = (alg->minkeylen + alg->maxkeylen)/2;
	- key = (char *) malloc(sop.mackeylen);
	+ sop.mackeylen = (alg->minkeylen + alg->maxkeylen) / 2;
	+ key = (char *)malloc(sop.mackeylen);
	if (key == NULL)
	err(1, "malloc (mac)");
	for (i = 0; i < sop.mackeylen; i++)
	@@ -288,12 +305,13 @@
	if (cmd == CIOCGSESSION \|\| cmd == CIOCGSESSION2) {
	close(fd);
	if (verbose) {
	- printf("cipher %s%s%s", ealg? ealg->name : "",
	+ printf("cipher %s%s%s", ealg ? ealg->name : "",
	(ealg && alg) ? "+" : "",
	- alg? alg->name : "");
	+ alg ? alg->name : "");

	if (alg->ishash)
	- printf(" mackeylen %u\n", sop.mackeylen);
	+ printf(" mackeylen %u\n",
	+ sop.mackeylen);
	else
	printf(" keylen %u\n", sop.keylen);
	perror("CIOCGSESSION");
	@@ -302,21 +320,21 @@
	return;
	}
	printf("cipher %s%s%s keylen %u mackeylen %u\n",
	- ealg? ealg->name : "", (ealg && alg) ? "+" : "",
	- alg? alg->name : "", sop.keylen, sop.mackeylen);
	+ ealg ? ealg->name : "", (ealg && alg) ? "+" : "",
	+ alg ? alg->name : "", sop.keylen, sop.mackeylen);
	err(1, "CIOCGSESSION");
	}

	- originaltext = malloc(3*size);
	+ originaltext = malloc(3 * size);
	if (originaltext == NULL)
	err(1, "malloc (text)");
	- cleartext = originaltext+size;
	- ciphertext = cleartext+size;
	+ cleartext = originaltext + size;
	+ ciphertext = cleartext + size;
	for (i = 0; i < size; i++)
	cleartext[i] = rdigit();
	memcpy(originaltext, cleartext, size);
	- for (i = 0; i < nitems(iv); i++)
	- iv[i] = rdigit();
	+ for (k = 0; k < nitems(iv); k++)
	+ iv[k] = rdigit();

	if (verbose) {
	printf("session = 0x%x\n", sop.ses);
	@@ -369,7 +387,8 @@
	if (ioctl(fd, CIOCCRYPT, &cop) < 0)
	err(1, "ioctl(CIOCCRYPT)");

	- if (verify && bcmp(cleartext, originaltext, size) != 0) {
	+ if (verify &&
	+ bcmp(cleartext, originaltext, size) != 0) {
	printf("decrypt mismatch:\n");
	printf("original:");
	hexdump(originaltext, size);
	@@ -393,7 +412,7 @@
	}
	}
	gettimeofday(&stop, NULL);
	-
	+
	if (ioctl(fd, CIOCFSESSION, &sop.ses) < 0)
	perror("ioctl(CIOCFSESSION)");

	@@ -410,78 +429,80 @@

	#ifdef __FreeBSD__
	void
	-resetstats()
	+resetstats(void)
	{
	struct cryptostats stats;
	size_t slen;

	- slen = sizeof (stats);
	+ slen = sizeof(stats);
	if (sysctlbyname("kern.crypto_stats", &stats, &slen, NULL, 0) < 0) {
	perror("kern.crypto_stats");
	return;
	}
	- bzero(&stats.cs_invoke, sizeof (stats.cs_invoke));
	- bzero(&stats.cs_done, sizeof (stats.cs_done));
	- bzero(&stats.cs_cb, sizeof (stats.cs_cb));
	- bzero(&stats.cs_finis, sizeof (stats.cs_finis));
	+ bzero(&stats.cs_invoke, sizeof(stats.cs_invoke));
	+ bzero(&stats.cs_done, sizeof(stats.cs_done));
	+ bzero(&stats.cs_cb, sizeof(stats.cs_cb));
	+ bzero(&stats.cs_finis, sizeof(stats.cs_finis));
	stats.cs_invoke.min.tv_sec = 10000;
	stats.cs_done.min.tv_sec = 10000;
	stats.cs_cb.min.tv_sec = 10000;
	stats.cs_finis.min.tv_sec = 10000;
	- if (sysctlbyname("kern.crypto_stats", NULL, NULL, &stats, sizeof (stats)) < 0)
	+ if (sysctlbyname("kern.crypto_stats", NULL, NULL, &stats,
	+ sizeof(stats)) < 0)
	perror("kern.cryptostats");
	}

	void
	-printt(const char* tag, struct cryptotstat *ts)
	+printt(const char tag, struct cryptotstat ts)
	{
	- uint64_t avg, min, max;
	+ unsigned long long avg, min, max;

	if (ts->count == 0)
	return;
	- avg = (1000000000LL*ts->acc.tv_sec + ts->acc.tv_nsec) / ts->count;
	- min = 1000000000LL*ts->min.tv_sec + ts->min.tv_nsec;
	- max = 1000000000LL*ts->max.tv_sec + ts->max.tv_nsec;
	- printf("%16.16s: avg %6llu ns : min %6llu ns : max %7llu ns [%u samps]\n",
	- tag, avg, min, max, ts->count);
	+ avg = (1000000000LL * ts->acc.tv_sec + ts->acc.tv_nsec) / ts->count;
	+ min = 1000000000LL * ts->min.tv_sec + ts->min.tv_nsec;
	+ max = 1000000000LL * ts->max.tv_sec + ts->max.tv_nsec;
	+ printf(
	+ "%16.16s: avg %6llu ns : min %6llu ns : max %7llu ns [%u samps]\n",
	+ tag, avg, min, max, ts->count);
	}
	#endif

	void
	-runtests(struct alg ealg, struct alg alg, int count, int size, u_long cmd, int threads, int profile)
	+runtests(struct alg ealg, struct alg alg, int count, int size, u_long cmd,
	+ int threads, int profile)
	{
	int i, status;
	double t;
	void *region;
	struct timeval *tvp;
	- struct timeval total;
	int otiming;

	if (size % alg->blocksize \|\| (ealg && size % ealg->blocksize)) {
	if (verbose)
	printf("skipping blocksize %u 'cuz not a multiple of "
	- "%s blocksize %u (or %s blocksize %u)\n",
	- size, alg->name, alg->blocksize,
	- ealg ? ealg->name : "n/a",
	- ealg ? ealg->blocksize : 0);
	+ "%s blocksize %u (or %s blocksize %u)\n",
	+ size, alg->name, alg->blocksize,
	+ ealg ? ealg->name : "n/a",
	+ ealg ? ealg->blocksize : 0);
	return;
	}

	- region = mmap(NULL, threads * sizeof (struct timeval),
	- PROT_READ\|PROT_WRITE, MAP_ANON\|MAP_SHARED, -1, 0);
	+ region = mmap(NULL, threads * sizeof(struct timeval),
	+ PROT_READ \| PROT_WRITE, MAP_ANON \| MAP_SHARED, -1, 0);
	if (region == MAP_FAILED) {
	perror("mmap");
	return;
	}
	- tvp = (struct timeval *) region;
	+ tvp = (struct timeval *)region;
	#ifdef __FreeBSD__
	if (profile) {
	- size_t tlen = sizeof (otiming);
	+ size_t tlen = sizeof(otiming);
	int timing = 1;

	resetstats();
	if (sysctlbyname("debug.crypto_timing", &otiming, &tlen,
	- &timing, sizeof (timing)) < 0)
	+ &timing, sizeof(timing)) < 0)
	perror("debug.crypto_timing");
	}
	#endif
	@@ -492,8 +513,8 @@
	cpuset_t mask;
	CPU_ZERO(&mask);
	CPU_SET(i, &mask);
	- cpuset_setaffinity(CPU_LEVEL_WHICH, CPU_WHICH_PID,
	- -1, sizeof(mask), &mask);
	+ cpuset_setaffinity(CPU_LEVEL_WHICH,
	+ CPU_WHICH_PID, -1, sizeof(mask), &mask);
	runtest(ealg, alg, count, size, cmd, &tvp[i]);
	exit(0);
	}
	@@ -504,25 +525,28 @@

	t = 0;
	for (i = 0; i < threads; i++)
	- t += (((double)tvp[i].tv_sec * 1000000 + tvp[i].tv_usec) / 1000000);
	+ t += (((double)tvp[i].tv_sec * 1000000 + tvp[i].tv_usec) /
	+ 1000000);
	if (t) {
	- int nops = alg->ishash ? count : 2*count;
	+ int nops = alg->ishash ? count : 2 * count;

	nops *= threads;
	- printf("%8.3lf sec, %7d %6s%s%6s crypts, %7d bytes, %8.0lf byte/sec, %7.1lf Mb/sec\n",
	- t, nops, alg->name, ealg? "+" : "", ealg? ealg->name : "",
	- size, (double)nops*size / t,
	- (double)nopssize / t 8 / 1024 / 1024);
	+ printf(
	+ "%8.3lf sec, %7d %6s%s%6s crypts, %7d bytes, %8.0lf byte/sec, %7.1lf Mb/sec\n",
	+ t, nops, alg->name, ealg ? "+" : "", ealg ? ealg->name : "",
	+ size, (double)nops * size / t,
	+ (double)nops * size / t * 8 / 1024 / 1024);
	}
	#ifdef __FreeBSD__
	if (profile) {
	struct cryptostats stats;
	- size_t slen = sizeof (stats);
	+ size_t slen = sizeof(stats);

	- if (sysctlbyname("debug.crypto_timing", NULL, NULL,
	- &otiming, sizeof (otiming)) < 0)
	+ if (sysctlbyname("debug.crypto_timing", NULL, NULL, &otiming,
	+ sizeof(otiming)) < 0)
	perror("debug.crypto_timing");
	- if (sysctlbyname("kern.crypto_stats", &stats, &slen, NULL, 0) < 0)
	+ if (sysctlbyname("kern.crypto_stats", &stats, &slen, NULL, 0) <
	+ 0)
	perror("kern.cryptostats");
	if (stats.cs_invoke.count) {
	printt("dispatch->invoke", &stats.cs_invoke);
	@@ -541,12 +565,14 @@
	struct alg alg = NULL, ealg = NULL;
	char *tmp;
	int count = 1;
	- int sizes[128], nsizes = 0;
	+ int sizes[128];
	+ uint64_t nsizes = 0;
	u_long cmd = CIOCGSESSION2;
	int testall = 0;
	int maxthreads = 1;
	int profile = 0;
	- int i, ch;
	+ int ch;
	+ uint64_t i;

	while ((ch = getopt(argc, argv, "cpzsva:bd:t:")) != -1) {
	switch (ch) {
	@@ -612,16 +638,17 @@
	argc--, argv++;
	}
	if (maxthreads > CPU_SETSIZE)
	- errx(EX_USAGE, "Too many threads, %d, choose fewer.", maxthreads);
	-
	+ errx(EX_USAGE, "Too many threads, %d, choose fewer.",
	+ maxthreads);
	+
	if (nsizes == 0) {
	if (alg)
	sizes[nsizes++] = alg->blocksize;
	else
	sizes[nsizes++] = 8;
	if (testall) {
	- while (sizes[nsizes-1] < 8*1024) {
	- sizes[nsizes] = sizes[nsizes-1]<<1;
	+ while (sizes[nsizes - 1] < 8 * 1024) {
	+ sizes[nsizes] = sizes[nsizes - 1] << 1;
	nsizes++;
	}
	}
	@@ -629,16 +656,18 @@

	if (testall) {
	for (i = 0; i < nitems(algorithms); i++) {
	- int j;
	+ uint64_t j;
	alg = &algorithms[i];
	for (j = 0; j < nsizes; j++)
	- runtests(ealg, alg, count, sizes[j], cmd, maxthreads, profile);
	+ runtests(ealg, alg, count, sizes[j], cmd,
	+ maxthreads, profile);
	}
	} else {
	if (alg == NULL)
	alg = getalgbycode(CRYPTO_3DES_CBC);
	for (i = 0; i < nsizes; i++)
	- runtests(ealg, alg, count, sizes[i], cmd, maxthreads, profile);
	+ runtests(ealg, alg, count, sizes[i], cmd, maxthreads,
	+ profile);
	}

	return (0);
	diff --git a/tools/tools/crypto/hifnstats.c b/tools/tools/crypto/hifnstats.c
	--- a/tools/tools/crypto/hifnstats.c
	+++ b/tools/tools/crypto/hifnstats.c
	@@ -38,28 +38,26 @@
	* Little program to dump the statistics block for the hifn driver.
	*/
	int
	-main(int argc, char *argv[])
	+main(void)
	{
	struct hifn_stats stats;
	size_t slen;

	- slen = sizeof (stats);
	+ slen = sizeof(stats);
	if (sysctlbyname("hw.hifn.stats", &stats, &slen, NULL, 0) < 0)
	err(1, "kern.hifn.stats");

	- printf("input %llu bytes %u packets\n",
	- stats.hst_ibytes, stats.hst_ipackets);
	- printf("output %llu bytes %u packets\n",
	- stats.hst_obytes, stats.hst_opackets);
	- printf("invalid %u nomem %u abort %u\n",
	- stats.hst_invalid, stats.hst_nomem, stats.hst_abort);
	- printf("noirq %u unaligned %u\n",
	- stats.hst_noirq, stats.hst_unaligned);
	- printf("totbatch %u maxbatch %u\n",
	- stats.hst_totbatch, stats.hst_maxbatch);
	+ printf("input %lu bytes %u packets\n", stats.hst_ibytes,
	+ stats.hst_ipackets);
	+ printf("output %lu bytes %u packets\n", stats.hst_obytes,
	+ stats.hst_opackets);
	+ printf("invalid %u nomem %u abort %u\n", stats.hst_invalid,
	+ stats.hst_nomem, stats.hst_abort);
	+ printf("noirq %u unaligned %u\n", stats.hst_noirq, stats.hst_unaligned);
	+ printf("totbatch %u maxbatch %u\n", stats.hst_totbatch,
	+ stats.hst_maxbatch);
	printf("nomem: map %u load %u mbuf %u mcl %u cr %u sd %u\n",
	- stats.hst_nomem_map, stats.hst_nomem_load,
	- stats.hst_nomem_mbuf, stats.hst_nomem_mcl,
	- stats.hst_nomem_cr, stats.hst_nomem_sd);
	+ stats.hst_nomem_map, stats.hst_nomem_load, stats.hst_nomem_mbuf,
	+ stats.hst_nomem_mcl, stats.hst_nomem_cr, stats.hst_nomem_sd);
	return 0;
	}
	diff --git a/tools/tools/crypto/ipsecstats.c b/tools/tools/crypto/ipsecstats.c
	--- a/tools/tools/crypto/ipsecstats.c
	+++ b/tools/tools/crypto/ipsecstats.c
	@@ -29,46 +29,106 @@
	#include <sys/param.h>
	#include <sys/sysctl.h>

	-#include <netipsec/ipsec.h>
	#include <netipsec/ah_var.h>
	#include <netipsec/esp_var.h>
	+#include <netipsec/ipsec.h>

	#include <err.h>
	#include <stdint.h>
	#include <stdio.h>

	struct alg {
	- int a;
	- const char *name;
	+ int a;
	+ const char *name;
	};
	static const struct alg aalgs[] = {
	- { SADB_AALG_NONE, "none", },
	- { SADB_AALG_MD5HMAC, "hmac-md5", },
	- { SADB_AALG_SHA1HMAC, "hmac-sha1", },
	- { SADB_X_AALG_MD5, "md5", },
	- { SADB_X_AALG_SHA, "sha", },
	- { SADB_X_AALG_NULL, "null", },
	- { SADB_X_AALG_SHA2_256, "hmac-sha2-256", },
	- { SADB_X_AALG_SHA2_384, "hmac-sha2-384", },
	- { SADB_X_AALG_SHA2_512, "hmac-sha2-512", },
	+ {
	+ SADB_AALG_NONE,
	+ "none",
	+ },
	+ {
	+ SADB_AALG_MD5HMAC,
	+ "hmac-md5",
	+ },
	+ {
	+ SADB_AALG_SHA1HMAC,
	+ "hmac-sha1",
	+ },
	+ {
	+ SADB_X_AALG_MD5,
	+ "md5",
	+ },
	+ {
	+ SADB_X_AALG_SHA,
	+ "sha",
	+ },
	+ {
	+ SADB_X_AALG_NULL,
	+ "null",
	+ },
	+ {
	+ SADB_X_AALG_SHA2_256,
	+ "hmac-sha2-256",
	+ },
	+ {
	+ SADB_X_AALG_SHA2_384,
	+ "hmac-sha2-384",
	+ },
	+ {
	+ SADB_X_AALG_SHA2_512,
	+ "hmac-sha2-512",
	+ },
	};
	static const struct alg espalgs[] = {
	- { SADB_EALG_NONE, "none", },
	- { SADB_EALG_DESCBC, "des-cbc", },
	- { SADB_EALG_3DESCBC, "3des-cbc", },
	- { SADB_EALG_NULL, "null", },
	- { SADB_X_EALG_CAST128CBC, "cast128-cbc", },
	- { SADB_X_EALG_BLOWFISHCBC, "blowfish-cbc", },
	- { SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", },
	+ {
	+ SADB_EALG_NONE,
	+ "none",
	+ },
	+ {
	+ SADB_EALG_DESCBC,
	+ "des-cbc",
	+ },
	+ {
	+ SADB_EALG_3DESCBC,
	+ "3des-cbc",
	+ },
	+ {
	+ SADB_EALG_NULL,
	+ "null",
	+ },
	+ {
	+ SADB_X_EALG_CAST128CBC,
	+ "cast128-cbc",
	+ },
	+ {
	+ SADB_X_EALG_BLOWFISHCBC,
	+ "blowfish-cbc",
	+ },
	+ {
	+ SADB_X_EALG_RIJNDAELCBC,
	+ "rijndael-cbc",
	+ },
	};
	static const struct alg ipcompalgs[] = {
	- { SADB_X_CALG_NONE, "none", },
	- { SADB_X_CALG_OUI, "oui", },
	- { SADB_X_CALG_DEFLATE, "deflate", },
	- { SADB_X_CALG_LZS, "lzs", },
	+ {
	+ SADB_X_CALG_NONE,
	+ "none",
	+ },
	+ {
	+ SADB_X_CALG_OUI,
	+ "oui",
	+ },
	+ {
	+ SADB_X_CALG_DEFLATE,
	+ "deflate",
	+ },
	+ {
	+ SADB_X_CALG_LZS,
	+ "lzs",
	+ },
	};

	-static const char*
	+static const char *
	algname(int a, const struct alg algs[], int nalgs)
	{
	static char buf[80];
	@@ -85,26 +145,30 @@
	* Little program to dump the statistics block for fast ipsec.
	*/
	int
	-main(int argc, char *argv[])
	+main(void)
	{
	-#define STAT(x,fmt) if (x) printf(fmt "\n", (uintmax_t)x)
	+#define STAT(x, fmt) \
	+ if (x) \
	+ printf(fmt "\n", (uintmax_t)x)
	struct ipsecstat ips;
	struct ahstat ahs;
	struct espstat esps;
	size_t slen;
	int i;

	- slen = sizeof (ips);
	+ slen = sizeof(ips);
	if (sysctlbyname("net.inet.ipsec.ipsecstats", &ips, &slen, NULL, 0) < 0)
	err(1, "net.inet.ipsec.ipsecstats");
	- slen = sizeof (ahs);
	+ slen = sizeof(ahs);
	if (sysctlbyname("net.inet.ah.stats", &ahs, &slen, NULL, 0) < 0)
	err(1, "net.inet.ah.stats");
	- slen = sizeof (esps);
	+ slen = sizeof(esps);
	if (sysctlbyname("net.inet.esp.stats", &esps, &slen, NULL, 0) < 0)
	err(1, "net.inet.esp.stats");

	-#define AHSTAT(x,fmt) if (x) printf("ah " fmt ": %ju\n", (uintmax_t)x)
	+#define AHSTAT(x, fmt) \
	+ if (x) \
	+ printf("ah " fmt ": %ju\n", (uintmax_t)x)
	AHSTAT(ahs.ahs_input, "input packets processed");
	AHSTAT(ahs.ahs_output, "output packets processed");
	AHSTAT(ahs.ahs_hdrops, "headers too short");
	@@ -116,7 +180,8 @@
	AHSTAT(ahs.ahs_qfull, "packets dropped packet 'cuz queue full");
	AHSTAT(ahs.ahs_wrap, "packets dropped for replace counter wrap");
	AHSTAT(ahs.ahs_replay, "packets dropped for possible replay");
	- AHSTAT(ahs.ahs_badauthl, "packets dropped for bad authenticator length");
	+ AHSTAT(ahs.ahs_badauthl,
	+ "packets dropped for bad authenticator length");
	AHSTAT(ahs.ahs_invalid, "packets with an invalid SA");
	AHSTAT(ahs.ahs_toobig, "packets too big");
	AHSTAT(ahs.ahs_pdrops, "packets dropped due to policy");
	@@ -124,15 +189,16 @@
	AHSTAT(ahs.ahs_tunnel, "tunnel sanity check failures");
	for (i = 0; i < AH_ALG_MAX; i++)
	if (ahs.ahs_hist[i])
	- printf("ah packets with %s: %ju\n"
	- , algname(i, aalgs, nitems(aalgs))
	- , (uintmax_t)ahs.ahs_hist[i]
	- );
	+ printf("ah packets with %s: %ju\n",
	+ algname(i, aalgs, nitems(aalgs)),
	+ (uintmax_t)ahs.ahs_hist[i]);
	AHSTAT(ahs.ahs_ibytes, "bytes received");
	AHSTAT(ahs.ahs_obytes, "bytes transmitted");
	#undef AHSTAT

	-#define ESPSTAT(x,fmt) if (x) printf("esp " fmt ": %ju\n", (uintmax_t)x)
	+#define ESPSTAT(x, fmt) \
	+ if (x) \
	+ printf("esp " fmt ": %ju\n", (uintmax_t)x)
	ESPSTAT(esps.esps_input, "input packets processed");
	ESPSTAT(esps.esps_output, "output packets processed");
	ESPSTAT(esps.esps_hdrops, "headers too short");
	@@ -153,16 +219,15 @@
	ESPSTAT(esps.esps_tunnel, "tunnel sanity check failures");
	for (i = 0; i < ESP_ALG_MAX; i++)
	if (esps.esps_hist[i])
	- printf("esp packets with %s: %ju\n"
	- , algname(i, espalgs, nitems(espalgs))
	- , (uintmax_t)esps.esps_hist[i]
	- );
	+ printf("esp packets with %s: %ju\n",
	+ algname(i, espalgs, nitems(espalgs)),
	+ (uintmax_t)esps.esps_hist[i]);
	ESPSTAT(esps.esps_ibytes, "bytes received");
	ESPSTAT(esps.esps_obytes, "bytes transmitted");
	#undef ESPSTAT

	printf("\n");
	- if (ips.ips_in_polvio+ips.ips_out_polvio)
	+ if (ips.ips_in_polvio + ips.ips_out_polvio)
	printf("policy violations: input %ju output %ju\n",
	(uintmax_t)ips.ips_in_polvio,
	(uintmax_t)ips.ips_out_polvio);
	diff --git a/tools/tools/crypto/safestats.c b/tools/tools/crypto/safestats.c
	--- a/tools/tools/crypto/safestats.c
	+++ b/tools/tools/crypto/safestats.c
	@@ -38,37 +38,36 @@
	* Little program to dump the statistics block for the safe driver.
	*/
	int
	-main(int argc, char *argv[])
	+main(void)
	{
	struct safe_stats stats;
	size_t slen;

	- slen = sizeof (stats);
	+ slen = sizeof(stats);
	if (sysctlbyname("hw.safe.stats", &stats, &slen, NULL, 0) < 0)
	err(1, "hw.safe.stats");

	- printf("input %llu bytes %u packets\n",
	- stats.st_ibytes, stats.st_ipackets);
	- printf("output %llu bytes %u packets\n",
	- stats.st_obytes, stats.st_opackets);
	- printf("invalid %u badsession %u badflags %u\n",
	- stats.st_invalid, stats.st_badsession, stats.st_badflags);
	- printf("nodesc %u badalg %u ringfull %u\n",
	- stats.st_nodesc, stats.st_badalg, stats.st_ringfull);
	- printf("peoperr %u dmaerr %u bypasstoobig %u\n",
	- stats.st_peoperr, stats.st_dmaerr, stats.st_bypasstoobig);
	- printf("skipmismatch %u lenmismatch %u coffmisaligned %u cofftoobig %u\n",
	- stats.st_skipmismatch, stats.st_lenmismatch,
	- stats.st_coffmisaligned, stats.st_cofftoobig);
	+ printf("input %lu bytes %u packets\n", stats.st_ibytes,
	+ stats.st_ipackets);
	+ printf("output %lu bytes %u packets\n", stats.st_obytes,
	+ stats.st_opackets);
	+ printf("invalid %u badsession %u badflags %u\n", stats.st_invalid,
	+ stats.st_badsession, stats.st_badflags);
	+ printf("nodesc %u badalg %u ringfull %u\n", stats.st_nodesc,
	+ stats.st_badalg, stats.st_ringfull);
	+ printf("peoperr %u dmaerr %u bypasstoobig %u\n", stats.st_peoperr,
	+ stats.st_dmaerr, stats.st_bypasstoobig);
	+ printf(
	+ "skipmismatch %u lenmismatch %u coffmisaligned %u cofftoobig %u\n",
	+ stats.st_skipmismatch, stats.st_lenmismatch,
	+ stats.st_coffmisaligned, stats.st_cofftoobig);
	printf("iovmisaligned %u iovnotuniform %u noicvcopy %u\n",
	- stats.st_iovmisaligned, stats.st_iovnotuniform,
	- stats.st_noicvcopy);
	+ stats.st_iovmisaligned, stats.st_iovnotuniform, stats.st_noicvcopy);
	printf("unaligned %u notuniform %u nomap %u noload %u\n",
	- stats.st_unaligned, stats.st_notuniform, stats.st_nomap,
	- stats.st_noload);
	- printf("nomcl %u mbuf %u maxqchip %u\n",
	- stats.st_nomcl, stats.st_nombuf, stats.st_maxqchip);
	- printf("rng %u rngalarm %u\n",
	- stats.st_rng, stats.st_rngalarm);
	+ stats.st_unaligned, stats.st_notuniform, stats.st_nomap,
	+ stats.st_noload);
	+ printf("nomcl %u mbuf %u maxqchip %u\n", stats.st_nomcl,
	+ stats.st_nombuf, stats.st_maxqchip);
	+ printf("rng %u rngalarm %u\n", stats.st_rng, stats.st_rngalarm);
	return 0;
	}

File Metadata

Mime Type: text/plain
Expires: Wed, Mar 4, 11:08 PM (4 h, 39 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 29259998
Default Alt Text: D40201.id122210.diff (85 KB)

D40201.id122210.diffNo OneTemporaryActions

D40201.id122210.diffView Options

File Metadata

Event Timeline

D40201.id122210.diff
No OneTemporary
Actions

D40201.id122210.diff
View Options