Commit Graph

112 Commits

Author SHA1 Message Date
pjd
2d6cf6d680 When porting XTS-related code from OpenBSD I forgot to update copyright (only
OpenBSD was credited in one of two commits). Fix it.

Reported by:	Theo de Raadt <deraadt@cvs.openbsd.org>
Reviewed by:	Damien Miller <djm@mindrot.org>
2013-02-20 22:59:53 +00:00
kevlo
ceb08698f2 Revert previous commit...
Pointyhat to:	kevlo (myself)
2012-10-10 08:36:38 +00:00
kevlo
8747a46991 Prefer NULL over 0 for pointers 2012-10-09 08:27:40 +00:00
kib
011f42054d Add the fo_chown and fo_chmod methods to struct fileops and use them
to implement fchown(2) and fchmod(2) support for several file types
that previously lacked it. Add MAC entries for chown/chmod done on
posix shared memory and (old) in-kernel posix semaphores.

Based on the submission by:	glebius
Reviewed by:	rwatson
Approved by:	re (bz)
2011-08-16 20:07:47 +00:00
kib
eb730d92e4 After the r219999 is merged to stable/8, rename fallocf(9) to falloc(9)
and remove the falloc() version that lacks flag argument. This is done
to reduce the KPI bloat.

Requested by:	jhb
X-MFC-note:	do not
2011-04-01 13:28:34 +00:00
vanhu
53fef1cd60 fixed size of AH_ALEN_MAX, which is 64 bytes for SHA-512.
Obtained from:	Matthias Drochner <M.Drochner@fz-juelich.de>
MFC after: 3d
2011-02-25 09:29:32 +00:00
marius
47ccecf68d Let cryptosoft(4) add its pseudo-device with a specific unit number and its
probe method return BUS_PROBE_NOWILDCARD so it doesn't get attached to real
devices hanging off of nexus(4) with no specific devclass set. Actually, the
more desirable fix for this would be to get rid of the newbus interface of
cryptosoft(4) altogether but apparently crypto(9) was written with support
for cryptographic hardware in mind so that approach would require some KPI
breaking changes which don't seem worth it.

MFC after:	1 week
2010-11-14 13:09:32 +00:00
pjd
aebc765efa Add support for AES-XTS.
Obtained from:	OpenBSD
MFC after:	1 week
2010-09-23 11:52:32 +00:00
pjd
65e42dc379 Remove redundant space.
MFC after:	1 week
2010-09-23 11:33:29 +00:00
rpaulo
ea11ba6788 Add an extra comment to the SDT probes definition. This allows us to get
use '-' in probe names, matching the probe names in Solaris.[1]

Add userland SDT probes definitions to sys/sdt.h.

Sponsored by:	The FreeBSD Foundation
Discussed with:	rwaston [1]
2010-08-22 11:18:57 +00:00
jhb
e8a386be41 Fix typo in comment. 2010-08-11 16:53:45 +00:00
kib
4fd4e2aac4 Add compat32 shims for opencrypto(4).
Reviewed by:	bz
MFC after:	3 weeks
2010-07-29 20:42:20 +00:00
kib
6a41cd83d7 Use the fpu_kern_enter() interface to properly separate usermode FPU
context from in-kernel execution of padlock instructions and to handle
spurious FPUDNA exceptions that sometime are raised when doing padlock
calculations.

Globally mark crypto(9) kthread as using FPU.

Reviewed by:	pjd
Hardware provided by:	Sentex Communications
Tested by:	  pho
PR:    amd64/135014
MFC after:    1 month
2010-06-05 16:00:53 +00:00
bz
60abca0fe5 Add comments trying to explain what bad things happen here, i.e.
how hashed MD5/SHA are implemented, abusing Final() for padding and
sw_octx to transport the key from the beginning to the end.

Enlightened about what was going on here by: cperciva
Reviewed by:	cperciva
MFC After:	3 days
X-MFC with:	r187826
PR:		kern/126468
2010-01-09 15:43:47 +00:00
bz
d4d8859e1e In case the compression result is the same size as the orignal version,
the compression was useless as well.  Make sure to not update the data
and return, else we would waste resources when decompressing.

This also avoids the copyback() changing data other consumers like
xform_ipcomp.c would have ignored because of no win and sent out without
noting that compression was used, resulting in invalid packets at the
receiver.

MFC after:	5 days
2009-11-29 17:53:57 +00:00
bz
d174fb2313 Add SDT iter probes forgotten in r199885.
MFC after:	5 days
2009-11-29 17:46:40 +00:00
bz
3fae6ec1cf Change memory managment from a fixed size array to a list.
This is needed to avoid running into out of buffer situations
where we cannot alloc a new buffer because we hit the array size
limit (ZBUF).
Use a combined allocation for the struct and the actual data buffer
to not increase the number of malloc calls. [1]

Defer initialization of zbuf until we actually need it.

Make sure the output buffer will be large enough in all cases.

Details discussed with:	kib [1]
Reviewed by:		kib [1]
MFC after:		6 days
2009-11-28 21:08:19 +00:00
bz
7670914da0 Z_PARTIAL_FLUSH is marked deprecated. Z_SYNC_FLUSH is the suggested
replacement but only use it for inflate. For deflate use Z_FINISH
as Z_SYNC_FLUSH adds a trailing marker in some cases that inflate(),
despite the comment in zlib, does npt seem to cope well with, resulting
in errors when uncompressing exactly fills the outbut buffer without
a Z_STREAM_END and a successive call returns an error.

MFC after:	6 days
2009-11-28 17:44:57 +00:00
bz
fe50e0c755 Add SDT probes for opencrypto:deflate:deflate_gobal:*.
They are not nice but they were helpful.

MFC after:	6 days
2009-11-28 17:20:41 +00:00
bz
6ecc5a340c Define an SDT provider for "opencrypto".
MFC after:	6 days
2009-11-28 16:54:18 +00:00
pjd
6552caebd3 If crypto operation is finished with EAGAIN, don't repeat operation from
the return context, but from the original context.
Before repeating operation clear DONE flag and error.

Reviewed by:	sam
Obtained from:	Wheel Sp. z o.o. (http://www.wheel.pl)
2009-09-04 09:48:18 +00:00
raj
806a0172aa Fix cryptodev UIO creation.
Cryptodev uses UIO structure do get data from userspace and pass it to
cryptographic engines. Initially UIO size is equal to size of data passed to
engine, but if UIO is prepared for hash calculation an additional small space
is created to hold result of operation.

While creating space for the result, UIO I/O vector size is correctly
extended, but uio_resid field in UIO structure is not modified.

As bus_dma code uses uio_resid field to determine size of UIO DMA mapping,
resulting mapping hasn't correct size. This leads to a crash if all the
following conditions are met:

     1. Hardware cryptographic accelerator writes result of hash operation
        using DMA.
     2. Size of input data is less or equal than (n * PAGE_SIZE),
     3. Size of input data plus size of hash result is grather than
        (n * PAGE_SIZE, where n is the same as in point 2.

This patch fixes this problem by adding size of the extenstion to uio_resid
field in UIO structure.

Submitted by:	Piotr Ziecik kosmo ! semihalf dot com
Reviewed by:	philip
Obtained from:	Semihalf
2009-05-23 13:23:46 +00:00
imp
62489ed61c Fix return type for detach routine (should be int)
Fix first parameter for identify routine (should be driver_t *)
2009-02-05 17:43:12 +00:00
bz
f33b8c1e8d While OpenBSD's crypto/ framework has sha1 and md5 implementations that
can cope with a result buffer of NULL in the "Final" function, we cannot.
Thus pass in a temporary buffer long enough for either md5 or sha1 results
so that we do not panic.

PR:		bin/126468
MFC after:	1 week
2009-01-28 15:31:16 +00:00
dfr
11fd66de64 Don't hang if encrypting/decrypting using struct iovecs where one of the
iovecs ends on a crypto block boundary.
2008-10-30 16:11:07 +00:00
des
a1e1ad22e0 Fix a number of style issues in the MALLOC / FREE commit. I've tried to
be careful not to fix anything that was already broken; the NFSv4 code is
particularly bad in this respect.
2008-10-23 20:26:15 +00:00
des
66f807ed8b Retire the MALLOC and FREE macros. They are an abomination unto style(9).
MFC after:	3 months
2008-10-23 15:53:51 +00:00
jhb
f8a246b979 Make ftruncate a 'struct file' operation rather than a vnode operation.
This makes it possible to support ftruncate() on non-vnode file types in
the future.
- 'struct fileops' grows a 'fo_truncate' method to handle an ftruncate() on
  a given file descriptor.
- ftruncate() moves to kern/sys_generic.c and now just fetches a file
  object and invokes fo_truncate().
- The vnode-specific portions of ftruncate() move to vn_truncate() in
  vfs_vnops.c which implements fo_truncate() for vnode file types.
- Non-vnode file types return EINVAL in their fo_truncate() method.

Submitted by:	rwatson
2008-01-07 20:05:19 +00:00
jeff
ce18638805 Remove explicit locking of struct file.
- Introduce a finit() which is used to initailize the fields of struct file
   in such a way that the ops vector is only valid after the data, type,
   and flags are valid.
 - Protect f_flag and f_count with atomic operations.
 - Remove the global list of all files and associated accounting.
 - Rewrite the unp garbage collection such that it no longer requires
   the global list of all files and instead uses a list of all unp sockets.
 - Mark sockets in the accept queue so we don't incorrectly gc them.

Tested by:	kris, pho
2007-12-30 01:42:15 +00:00
julian
51d643caa6 Rename the kthread_xxx (e.g. kthread_create()) calls
to kproc_xxx as they actually make whole processes.
Thos makes way for us to add REAL kthread_create() and friends
that actually make theads. it turns out that most of these
calls actually end up being moved back to the thread version
when it's added. but we need to make this cosmetic change first.

I'd LOVE to do this rename in 7.0  so that we can eventually MFC the
new kthread_xxx() calls.
2007-10-20 23:23:23 +00:00
kib
3c3bd88cdf Deny attempt to malloc unbounded amount of the memory.
Convert malloc()/bzero() to malloc(M_ZERO).

Obtained from:  OpenBSD
MFC after:      3 days
Approved by:    re (kensmith)
2007-10-08 20:08:34 +00:00
peter
6a803636c5 Quiet warnings. These do not appear to be actually used uninitialized,
but gcc's optimizer isn't smart enough to see that.  Pre-initializing
seems harmless enough.

Approved by:  re (rwatson)
2007-07-05 06:59:14 +00:00
gnn
38b76f0623 Integrate the Camellia Block Cipher. For more information see RFC 4132
and its bibliography.

Submitted by:   Tomoyuki Okazaki <okazaki at kick dot gr dot jp>
MFC after:      1 month
2007-05-09 19:37:02 +00:00
rwatson
765a83fd79 Replace custom file descriptor array sleep lock constructed using a mutex
and flags with an sxlock.  This leads to a significant and measurable
performance improvement as a result of access to shared locking for
frequent lookup operations, reduced general overhead, and reduced overhead
in the event of contention.  All of these are imported for threaded
applications where simultaneous access to a shared file descriptor array
occurs frequently.  Kris has reported 2x-4x transaction rate improvements
on 8-core MySQL benchmarks; smaller improvements can be expected for many
workloads as a result of reduced overhead.

- Generally eliminate the distinction between "fast" and regular
  acquisisition of the filedesc lock; the plan is that they will now all
  be fast.  Change all locking instances to either shared or exclusive
  locks.

- Correct a bug (pointed out by kib) in fdfree() where previously msleep()
  was called without the mutex held; sx_sleep() is now always called with
  the sxlock held exclusively.

- Universally hold the struct file lock over changes to struct file,
  rather than the filedesc lock or no lock.  Always update the f_ops
  field last. A further memory barrier is required here in the future
  (discussed with jhb).

- Improve locking and reference management in linux_at(), which fails to
  properly acquire vnode references before using vnode pointers.  Annotate
  improper use of vn_fullpath(), which will be replaced at a future date.

In fcntl(), we conservatively acquire an exclusive lock, even though in
some cases a shared lock may be sufficient, which should be revisited.
The dropping of the filedesc lock in fdgrowtable() is no longer required
as the sxlock can be held over the sleep operation; we should consider
removing that (pointed out by attilio).

Tested by:	kris
Discussed with:	jhb, kris, attilio, jeff
2007-04-04 09:11:34 +00:00
sam
b3b2407aa0 add missing file from last commit that overhauls crypto/driver api's 2007-03-21 03:43:33 +00:00
sam
f96ba7ffda Overhaul driver/subsystem api's:
o make all crypto drivers have a device_t; pseudo drivers like the s/w
  crypto driver synthesize one
o change the api between the crypto subsystem and drivers to use kobj;
  cryptodev_if.m defines this api
o use the fact that all crypto drivers now have a device_t to add support
  for specifying which of several potential devices to use when doing
  crypto operations
o add new ioctls that allow user apps to select a specific crypto device
  to use (previous ioctls maintained for compatibility)
o overhaul crypto subsystem code to eliminate lots of cruft and hide
  implementation details from drivers
o bring in numerous fixes from Michale Richardson/hifn; mostly for
  795x parts
o add an optional mechanism for mmap'ing the hifn 795x public key h/w
  to user space for use by openssl (not enabled by default)
o update crypto test tools to use new ioctl's and add cmd line options
  to specify a device to use for tests

These changes will also enable much future work on improving the core
crypto subsystem; including proper load balancing and interposing code
between the core and drivers to dispatch small operations to the s/w
driver as appropriate.

These changes were instigated by the work of Michael Richardson.

Reviewed by:	pjd
Approved by:	re
2007-03-21 03:42:51 +00:00
pjd
86b6bb04bb When DIAGNOSTIC is defined, verify if we don't free crypto requests from
the crypto queue or from the return queue.
2006-06-06 15:04:52 +00:00
pjd
36f6d629b7 Use newly added functions to simplify the code. 2006-06-04 22:17:25 +00:00
pjd
f055dbf32b - Replace COPYDATA() and COPYBACK() macros with crypto_copydata() and
crypto_copyback() functions.
- Add crypto_apply() function.

This will allow for more code simplification.
2006-06-04 22:15:13 +00:00
pjd
60fac157ec Prefer hardware crypto over software crypto.
Before the change if a hardware crypto driver was loaded after
the software crypto driver, calling crypto_newsession() with
hard=0, will always choose software crypto.
2006-06-04 22:12:08 +00:00
pjd
8ec79cc70b Use newly added defines instead of magic values. 2006-06-04 15:11:59 +00:00
pjd
b966da31ff Move COPYDATA() and COPYBACK() macros to cryptodev.h, they will be used
in padlock(4) as well.
2006-06-04 15:10:12 +00:00
pjd
1dc756f405 - Remove HMAC_BLOCK_LEN, it serves no purpose.
- Use defines of used algorithm instead of HMAC_BLOCK_LEN.
2006-06-04 14:49:34 +00:00
pjd
7fa49327cd - Use define of an algorithm with the biggest block length to describe
EALG_MAX_BLOCK_LEN instead of hardcoded value.
- Kill an unused define.
2006-06-04 14:36:42 +00:00
pjd
2eba50f53d Rename HMAC_BLOCK_MAXLEN to HMAC_MAX_BLOCK_LEN to be consistent with
EALG_MAX_BLOCK_LEN.
2006-06-04 14:29:42 +00:00
pjd
ec1159e0d5 Rename AALG_MAX_RESULT_LEN to HASH_MAX_LEN to look more constent with
other defines.
2006-06-04 14:25:16 +00:00
pjd
d6c88e2e50 - Add defines with hash length for each hash algorithm.
- Add defines with block length for each HMAC algorithm.
- Add AES_BLOCK_LEN define which is an alias for RIJNDAEL128_BLOCK_LEN.
- Add NULL_BLOCK_LEN define.
2006-06-04 14:20:47 +00:00
pjd
f0bc1f9277 Kill an unused argument. 2006-06-04 12:15:59 +00:00
pjd
83d28e2330 Remove (now unused) crp_mac field. 2006-05-22 16:27:27 +00:00
pjd
3b1119b74a Fix usage of HMAC algorithms via /dev/crypto. 2006-05-22 16:24:11 +00:00