PERFORCE change 111107 for review
Sam Leffler
sam at FreeBSD.org
Mon Dec 4 20:43:02 PST 2006
http://perforce.freebsd.org/chv.cgi?CH=111107
Change 111107 by sam at sam_ebb on 2006/12/05 04:42:46
move check of crypto_userasymcrypto from the core crypto
code to the /dev/crypto ioctl handler where it belongs
Affected files ...
.. //depot/projects/crypto/sys/opencrypto/crypto.c#5 edit
.. //depot/projects/crypto/sys/opencrypto/cryptodev.c#3 edit
Differences ...
==== //depot/projects/crypto/sys/opencrypto/crypto.c#5 (text+ko) ====
@@ -1220,9 +1220,6 @@
{
int hid, kalg, feat = 0;
- if (!crypto_userasymcrypto)
- goto out;
-
CRYPTO_DRIVER_LOCK();
for (hid = 0; hid < crypto_drivers_num; hid++) {
if ((crypto_drivers[hid].cc_flags & CRYPTOCAP_F_SOFTWARE) &&
@@ -1235,7 +1232,6 @@
feat |= 1 << kalg;
}
CRYPTO_DRIVER_UNLOCK();
-out:
*featp = feat;
return (0);
}
==== //depot/projects/crypto/sys/opencrypto/cryptodev.c#3 (text+ko) ====
@@ -325,7 +325,16 @@
error = cryptodev_key(kop);
break;
case CIOCASYMFEAT:
- error = crypto_getfeat((int *)data);
+ if (!crypto_userasymcrypto) {
+ /*
+ * NB: if user asym crypto operations are
+ * not permitted return "no algorithms"
+ * so well-behaved applications will just
+ * fallback to doing them in software.
+ */
+ *(int *)data = 0;
+ } else
+ error = crypto_getfeat((int *)data);
break;
case CIOCFINDDEV:
error = cryptodev_find((struct crypt_find_op *)data);
More information about the p4-projects
mailing list