allow the kern.cryptodevallowsoft sysctl to enable symetric/hashes too...

This will allow us to more easily test the software versions of these routines... Considering that we've never had an software asymetric implmentation, it's doubtful anyone has this enabled...
2014-03-11 01:45:46 +00:00 · 2014-03-11 01:45:46 +00:00 · 6c20d7a3ce
commit 6c20d7a3ce
parent 1bf557366c
2 changed files with 10 additions and 7 deletions
--- a/sys/opencrypto/crypto.c
+++ b/sys/opencrypto/crypto.c
@ -161,10 +161,10 @@ int	crypto_userasymcrypto = 1;	/* userland may do asym crypto reqs */
 SYSCTL_INT(_kern, OID_AUTO, userasymcrypto, CTLFLAG_RW,
 	   &crypto_userasymcrypto, 0,
 	   "Enable/disable user-mode access to asymmetric crypto support");
-int	crypto_devallowsoft = 0;	/* only use hardware crypto for asym */
+int	crypto_devallowsoft = 0;	/* only use hardware crypto */
 SYSCTL_INT(_kern, OID_AUTO, cryptodevallowsoft, CTLFLAG_RW,
 	   &crypto_devallowsoft, 0,
-	   "Enable/disable use of software asym crypto support");
+	   "Enable/disable use of software crypto by /dev/crypto");

 MALLOC_DEFINE(M_CRYPTO_DATA, "crypto", "crypto session records");

--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@ -351,11 +351,14 @@ cryptof_truncate(
 static int
 checkforsoftware(int crid)
 {
-	if (crid & CRYPTOCAP_F_SOFTWARE)
-		return EINVAL;		/* XXX */
-	if ((crid & CRYPTOCAP_F_HARDWARE) == 0 &&
-	    (crypto_getcaps(crid) & CRYPTOCAP_F_HARDWARE) == 0)
-		return EINVAL;		/* XXX */
+
+	if (!crypto_devallowsoft) {
+		if (crid & CRYPTOCAP_F_SOFTWARE)
+			return EINVAL;		/* XXX */
+		if ((crid & CRYPTOCAP_F_HARDWARE) == 0 &&
+		    (crypto_getcaps(crid) & CRYPTOCAP_F_HARDWARE) == 0)
+			return EINVAL;		/* XXX */
+	}
 	return 0;
 }