svn commit: r344630 - head/tools/tools/crypto
Sean Eric Fagan
sef at FreeBSD.org
Wed Feb 27 19:27:17 UTC 2019
Author: sef
Date: Wed Feb 27 19:27:16 2019
New Revision: 344630
URL: https://svnweb.freebsd.org/changeset/base/344630
Log:
Have cryptocheck toggle kern.cryptodevallowsoft if necessary (this
requires root access).
Reviewed by: cem, jhb
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D19372
Modified:
head/tools/tools/crypto/cryptocheck.c
Modified: head/tools/tools/crypto/cryptocheck.c
==============================================================================
--- head/tools/tools/crypto/cryptocheck.c Wed Feb 27 18:13:41 2019 (r344629)
+++ head/tools/tools/crypto/cryptocheck.c Wed Feb 27 19:27:16 2019 (r344630)
@@ -111,6 +111,7 @@
*/
#include <sys/param.h>
+#include <sys/sysctl.h>
#include <assert.h>
#include <err.h>
#include <fcntl.h>
@@ -275,13 +276,41 @@ devcrypto(void)
return (fd);
}
+/*
+ * Called on exit to change kern.cryptodevallowsoft back to 0
+ */
+#define CRYPT_SOFT_ALLOW "kern.cryptodevallowsoft"
+
+static void
+reset_user_soft(void)
+{
+ int off = 0;
+ sysctlbyname(CRYPT_SOFT_ALLOW, NULL, NULL, &off, sizeof(off));
+}
+
+static void
+enable_user_soft(void)
+{
+ int curstate;
+ int on = 1;
+ size_t cursize = sizeof(curstate);
+
+ if (sysctlbyname(CRYPT_SOFT_ALLOW, &curstate, &cursize,
+ &on, sizeof(on)) == 0) {
+ if (curstate == 0)
+ atexit(reset_user_soft);
+ }
+}
+
static int
crlookup(const char *devname)
{
struct crypt_find_op find;
- if (strncmp(devname, "soft", 4) == 0)
+ if (strncmp(devname, "soft", 4) == 0) {
+ enable_user_soft();
return CRYPTO_FLAG_SOFTWARE;
+ }
find.crid = -1;
strlcpy(find.name, devname, sizeof(find.name));
More information about the svn-src-all
mailing list