svn commit: r367410 - head/sys/opencrypto
John Baldwin
jhb at FreeBSD.org
Fri Nov 6 00:15:53 UTC 2020
Author: jhb
Date: Fri Nov 6 00:15:52 2020
New Revision: 367410
URL: https://svnweb.freebsd.org/changeset/base/367410
Log:
Move cryptof_ioctl() below the routines it calls.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D27069
Modified:
head/sys/opencrypto/cryptodev.c
Modified: head/sys/opencrypto/cryptodev.c
==============================================================================
--- head/sys/opencrypto/cryptodev.c Fri Nov 6 00:10:58 2020 (r367409)
+++ head/sys/opencrypto/cryptodev.c Fri Nov 6 00:15:52 2020 (r367410)
@@ -381,13 +381,6 @@ static struct csession *csecreate(struct fcrypt *, cry
struct auth_hash *, void *);
static void csefree(struct csession *);
-static int cryptodev_op(struct csession *, const struct crypt_op *,
- struct ucred *, struct thread *);
-static int cryptodev_aead(struct csession *, struct crypt_aead *,
- struct ucred *, struct thread *);
-static int cryptodev_key(struct crypt_kop *);
-static int cryptodev_find(struct crypt_find_op *);
-
/*
* Check a crypto identifier to see if it requested
* a software device/driver. This can be done either
@@ -713,194 +706,6 @@ bail:
return (error);
}
-/* ARGSUSED */
-static int
-cryptof_ioctl(struct file *fp, u_long cmd, void *data,
- struct ucred *active_cred, struct thread *td)
-{
- static struct timeval keywarn, featwarn;
- struct fcrypt *fcr = fp->f_data;
- struct csession *cse;
- struct session2_op *sop;
- struct crypt_op *cop;
- struct crypt_aead *caead;
- struct crypt_kop *kop;
- uint32_t ses;
- int error = 0;
- union {
- struct session2_op sopc;
-#ifdef COMPAT_FREEBSD32
- struct crypt_op copc;
- struct crypt_aead aeadc;
- struct crypt_kop kopc;
-#endif
- } thunk;
-#ifdef COMPAT_FREEBSD32
- u_long cmd32;
- void *data32;
-
- cmd32 = 0;
- data32 = NULL;
- switch (cmd) {
- case CIOCGSESSION32:
- cmd32 = cmd;
- data32 = data;
- cmd = CIOCGSESSION;
- data = &thunk.sopc;
- session_op_from_32((struct session_op32 *)data32, &thunk.sopc);
- break;
- case CIOCGSESSION232:
- cmd32 = cmd;
- data32 = data;
- cmd = CIOCGSESSION2;
- data = &thunk.sopc;
- session2_op_from_32((struct session2_op32 *)data32,
- &thunk.sopc);
- break;
- case CIOCCRYPT32:
- cmd32 = cmd;
- data32 = data;
- cmd = CIOCCRYPT;
- data = &thunk.copc;
- crypt_op_from_32((struct crypt_op32 *)data32, &thunk.copc);
- break;
- case CIOCCRYPTAEAD32:
- cmd32 = cmd;
- data32 = data;
- cmd = CIOCCRYPTAEAD;
- data = &thunk.aeadc;
- crypt_aead_from_32((struct crypt_aead32 *)data32, &thunk.aeadc);
- break;
- case CIOCKEY32:
- case CIOCKEY232:
- cmd32 = cmd;
- data32 = data;
- if (cmd == CIOCKEY32)
- cmd = CIOCKEY;
- else
- cmd = CIOCKEY2;
- data = &thunk.kopc;
- crypt_kop_from_32((struct crypt_kop32 *)data32, &thunk.kopc);
- break;
- }
-#endif
-
- switch (cmd) {
- case CIOCGSESSION:
- case CIOCGSESSION2:
- if (cmd == CIOCGSESSION) {
- session2_op_from_op(data, &thunk.sopc);
- sop = &thunk.sopc;
- } else
- sop = (struct session2_op *)data;
-
- error = cryptodev_create_session(fcr, sop);
- if (cmd == CIOCGSESSION && error == 0)
- session2_op_to_op(sop, data);
- break;
- case CIOCFSESSION:
- ses = *(uint32_t *)data;
- if (!csedelete(fcr, ses)) {
- SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
- return (EINVAL);
- }
- break;
- case CIOCCRYPT:
- cop = (struct crypt_op *)data;
- cse = csefind(fcr, cop->ses);
- if (cse == NULL) {
- SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
- return (EINVAL);
- }
- error = cryptodev_op(cse, cop, active_cred, td);
- csefree(cse);
- break;
- case CIOCKEY:
- case CIOCKEY2:
- if (ratecheck(&keywarn, &warninterval))
- gone_in(14,
- "Asymmetric crypto operations via /dev/crypto");
-
- if (!crypto_userasymcrypto) {
- SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
- return (EPERM); /* XXX compat? */
- }
- kop = (struct crypt_kop *)data;
- if (cmd == CIOCKEY) {
- /* NB: crypto core enforces s/w driver use */
- kop->crk_crid =
- CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE;
- }
- mtx_lock(&Giant);
- error = cryptodev_key(kop);
- mtx_unlock(&Giant);
- break;
- case CIOCASYMFEAT:
- if (ratecheck(&featwarn, &warninterval))
- gone_in(14,
- "Asymmetric crypto features via /dev/crypto");
-
- if (!crypto_userasymcrypto) {
- /*
- * NB: if user asym crypto operations are
- * not permitted return "no algorithms"
- * so well-behaved applications will just
- * fallback to doing them in software.
- */
- *(int *)data = 0;
- } else {
- error = crypto_getfeat((int *)data);
- if (error)
- SDT_PROBE1(opencrypto, dev, ioctl, error,
- __LINE__);
- }
- break;
- case CIOCFINDDEV:
- error = cryptodev_find((struct crypt_find_op *)data);
- break;
- case CIOCCRYPTAEAD:
- caead = (struct crypt_aead *)data;
- cse = csefind(fcr, caead->ses);
- if (cse == NULL) {
- SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
- return (EINVAL);
- }
- error = cryptodev_aead(cse, caead, active_cred, td);
- csefree(cse);
- break;
- default:
- error = EINVAL;
- SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
- break;
- }
-
-#ifdef COMPAT_FREEBSD32
- switch (cmd32) {
- case CIOCGSESSION32:
- if (error == 0)
- session_op_to_32(data, data32);
- break;
- case CIOCGSESSION232:
- if (error == 0)
- session2_op_to_32(data, data32);
- break;
- case CIOCCRYPT32:
- if (error == 0)
- crypt_op_to_32(data, data32);
- break;
- case CIOCCRYPTAEAD32:
- if (error == 0)
- crypt_aead_to_32(data, data32);
- break;
- case CIOCKEY32:
- case CIOCKEY232:
- crypt_kop_to_32(data, data32);
- break;
- }
-#endif
- return (error);
-}
-
static struct cryptop_data *
cod_alloc(struct csession *cse, size_t aad_len, size_t len, struct thread *td)
{
@@ -1496,6 +1301,193 @@ cryptodev_find(struct crypt_find_op *find)
return (ENOENT);
}
return (0);
+}
+
+static int
+cryptof_ioctl(struct file *fp, u_long cmd, void *data,
+ struct ucred *active_cred, struct thread *td)
+{
+ static struct timeval keywarn, featwarn;
+ struct fcrypt *fcr = fp->f_data;
+ struct csession *cse;
+ struct session2_op *sop;
+ struct crypt_op *cop;
+ struct crypt_aead *caead;
+ struct crypt_kop *kop;
+ uint32_t ses;
+ int error = 0;
+ union {
+ struct session2_op sopc;
+#ifdef COMPAT_FREEBSD32
+ struct crypt_op copc;
+ struct crypt_aead aeadc;
+ struct crypt_kop kopc;
+#endif
+ } thunk;
+#ifdef COMPAT_FREEBSD32
+ u_long cmd32;
+ void *data32;
+
+ cmd32 = 0;
+ data32 = NULL;
+ switch (cmd) {
+ case CIOCGSESSION32:
+ cmd32 = cmd;
+ data32 = data;
+ cmd = CIOCGSESSION;
+ data = &thunk.sopc;
+ session_op_from_32((struct session_op32 *)data32, &thunk.sopc);
+ break;
+ case CIOCGSESSION232:
+ cmd32 = cmd;
+ data32 = data;
+ cmd = CIOCGSESSION2;
+ data = &thunk.sopc;
+ session2_op_from_32((struct session2_op32 *)data32,
+ &thunk.sopc);
+ break;
+ case CIOCCRYPT32:
+ cmd32 = cmd;
+ data32 = data;
+ cmd = CIOCCRYPT;
+ data = &thunk.copc;
+ crypt_op_from_32((struct crypt_op32 *)data32, &thunk.copc);
+ break;
+ case CIOCCRYPTAEAD32:
+ cmd32 = cmd;
+ data32 = data;
+ cmd = CIOCCRYPTAEAD;
+ data = &thunk.aeadc;
+ crypt_aead_from_32((struct crypt_aead32 *)data32, &thunk.aeadc);
+ break;
+ case CIOCKEY32:
+ case CIOCKEY232:
+ cmd32 = cmd;
+ data32 = data;
+ if (cmd == CIOCKEY32)
+ cmd = CIOCKEY;
+ else
+ cmd = CIOCKEY2;
+ data = &thunk.kopc;
+ crypt_kop_from_32((struct crypt_kop32 *)data32, &thunk.kopc);
+ break;
+ }
+#endif
+
+ switch (cmd) {
+ case CIOCGSESSION:
+ case CIOCGSESSION2:
+ if (cmd == CIOCGSESSION) {
+ session2_op_from_op(data, &thunk.sopc);
+ sop = &thunk.sopc;
+ } else
+ sop = (struct session2_op *)data;
+
+ error = cryptodev_create_session(fcr, sop);
+ if (cmd == CIOCGSESSION && error == 0)
+ session2_op_to_op(sop, data);
+ break;
+ case CIOCFSESSION:
+ ses = *(uint32_t *)data;
+ if (!csedelete(fcr, ses)) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+ return (EINVAL);
+ }
+ break;
+ case CIOCCRYPT:
+ cop = (struct crypt_op *)data;
+ cse = csefind(fcr, cop->ses);
+ if (cse == NULL) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+ return (EINVAL);
+ }
+ error = cryptodev_op(cse, cop, active_cred, td);
+ csefree(cse);
+ break;
+ case CIOCKEY:
+ case CIOCKEY2:
+ if (ratecheck(&keywarn, &warninterval))
+ gone_in(14,
+ "Asymmetric crypto operations via /dev/crypto");
+
+ if (!crypto_userasymcrypto) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+ return (EPERM); /* XXX compat? */
+ }
+ kop = (struct crypt_kop *)data;
+ if (cmd == CIOCKEY) {
+ /* NB: crypto core enforces s/w driver use */
+ kop->crk_crid =
+ CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE;
+ }
+ mtx_lock(&Giant);
+ error = cryptodev_key(kop);
+ mtx_unlock(&Giant);
+ break;
+ case CIOCASYMFEAT:
+ if (ratecheck(&featwarn, &warninterval))
+ gone_in(14,
+ "Asymmetric crypto features via /dev/crypto");
+
+ if (!crypto_userasymcrypto) {
+ /*
+ * NB: if user asym crypto operations are
+ * not permitted return "no algorithms"
+ * so well-behaved applications will just
+ * fallback to doing them in software.
+ */
+ *(int *)data = 0;
+ } else {
+ error = crypto_getfeat((int *)data);
+ if (error)
+ SDT_PROBE1(opencrypto, dev, ioctl, error,
+ __LINE__);
+ }
+ break;
+ case CIOCFINDDEV:
+ error = cryptodev_find((struct crypt_find_op *)data);
+ break;
+ case CIOCCRYPTAEAD:
+ caead = (struct crypt_aead *)data;
+ cse = csefind(fcr, caead->ses);
+ if (cse == NULL) {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+ return (EINVAL);
+ }
+ error = cryptodev_aead(cse, caead, active_cred, td);
+ csefree(cse);
+ break;
+ default:
+ error = EINVAL;
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+ break;
+ }
+
+#ifdef COMPAT_FREEBSD32
+ switch (cmd32) {
+ case CIOCGSESSION32:
+ if (error == 0)
+ session_op_to_32(data, data32);
+ break;
+ case CIOCGSESSION232:
+ if (error == 0)
+ session2_op_to_32(data, data32);
+ break;
+ case CIOCCRYPT32:
+ if (error == 0)
+ crypt_op_to_32(data, data32);
+ break;
+ case CIOCCRYPTAEAD32:
+ if (error == 0)
+ crypt_aead_to_32(data, data32);
+ break;
+ case CIOCKEY32:
+ case CIOCKEY232:
+ crypt_kop_to_32(data, data32);
+ break;
+ }
+#endif
+ return (error);
}
/* ARGSUSED */
More information about the svn-src-all
mailing list