summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjhb <jhb@FreeBSD.org>2018-02-15 21:27:24 +0000
committerLuiz Souza <luiz@netgate.com>2018-05-09 10:28:58 -0300
commit293707af843ce1b4208eed3b8427b72356ea06f0 (patch)
tree12e6ddcad414f565e12dc1ce2208b9aee97a9be2
parent61033f55dc6b6b9c295e0ade753c1d0b142ddd1b (diff)
downloadFreeBSD-src-293707af843ce1b4208eed3b8427b72356ea06f0.zip
FreeBSD-src-293707af843ce1b4208eed3b8427b72356ea06f0.tar.gz
MFC 318090,319475: Use const with some read-only buffers in opencrypto APIs.
318090: Use const with some read-only buffers in opencrypto APIs. - Mark the source buffer for a copyback operation as const in the kernel API. - Use const with input-only buffers in crypto ioctl structures used with /dev/crypto. 319475: Fix some new errors and a warning in cryptotest. - Use a new 'char *key' to allocate storage for keys and assign the pointer to the session2_op 'const char *' members after the key is initialized. - Mark the 'find' variable used in crfind() static so that crfind() doesn't return a pointer to stack garbage. Sponsored by: Chelsio Communications (cherry picked from commit 230aaab2e615703ad509454fe1b16ab8f69b411c)
-rw-r--r--sys/opencrypto/criov.c4
-rw-r--r--sys/opencrypto/cryptodev.h24
-rw-r--r--tools/tools/crypto/cryptotest.c18
3 files changed, 25 insertions, 21 deletions
diff --git a/sys/opencrypto/criov.c b/sys/opencrypto/criov.c
index 499bfe3..71e395a 100644
--- a/sys/opencrypto/criov.c
+++ b/sys/opencrypto/criov.c
@@ -79,7 +79,7 @@ cuio_copydata(struct uio* uio, int off, int len, caddr_t cp)
}
void
-cuio_copyback(struct uio* uio, int off, int len, caddr_t cp)
+cuio_copyback(struct uio* uio, int off, int len, c_caddr_t cp)
{
struct iovec *iov = uio->uio_iov;
int iol = uio->uio_iovcnt;
@@ -155,7 +155,7 @@ cuio_apply(struct uio *uio, int off, int len, int (*f)(void *, void *, u_int),
}
void
-crypto_copyback(int flags, caddr_t buf, int off, int size, caddr_t in)
+crypto_copyback(int flags, caddr_t buf, int off, int size, c_caddr_t in)
{
if ((flags & CRYPTO_F_IMBUF) != 0)
diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h
index 91bec56..3ca77c7 100644
--- a/sys/opencrypto/cryptodev.h
+++ b/sys/opencrypto/cryptodev.h
@@ -212,9 +212,9 @@ struct session_op {
u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
u_int32_t keylen; /* cipher key */
- caddr_t key;
+ c_caddr_t key;
int mackeylen; /* mac key */
- caddr_t mackey;
+ c_caddr_t mackey;
u_int32_t ses; /* returns: session # */
};
@@ -224,9 +224,9 @@ struct session2_op {
u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
u_int32_t keylen; /* cipher key */
- caddr_t key;
+ c_caddr_t key;
int mackeylen; /* mac key */
- caddr_t mackey;
+ c_caddr_t mackey;
u_int32_t ses; /* returns: session # */
int crid; /* driver id + flags (rw) */
@@ -241,9 +241,10 @@ struct crypt_op {
u_int16_t flags;
#define COP_F_BATCH 0x0008 /* Batch op if possible */
u_int len;
- caddr_t src, dst; /* become iov[] inside kernel */
+ c_caddr_t src; /* become iov[] inside kernel */
+ caddr_t dst;
caddr_t mac; /* must be big enough for chosen MAC */
- caddr_t iv;
+ c_caddr_t iv;
};
/* op and flags the same as crypt_op */
@@ -254,10 +255,11 @@ struct crypt_aead {
u_int len;
u_int aadlen;
u_int ivlen;
- caddr_t src, dst; /* become iov[] inside kernel */
- caddr_t aad; /* additional authenticated data */
+ c_caddr_t src; /* become iov[] inside kernel */
+ caddr_t dst;
+ c_caddr_t aad; /* additional authenticated data */
caddr_t tag; /* must fit for chosen TAG length */
- caddr_t iv;
+ c_caddr_t iv;
};
/*
@@ -526,7 +528,7 @@ extern int crypto_devallowsoft; /* only use hardware crypto */
*/
struct uio;
extern void cuio_copydata(struct uio* uio, int off, int len, caddr_t cp);
-extern void cuio_copyback(struct uio* uio, int off, int len, caddr_t cp);
+extern void cuio_copyback(struct uio* uio, int off, int len, c_caddr_t cp);
extern int cuio_getptr(struct uio *uio, int loc, int *off);
extern int cuio_apply(struct uio *uio, int off, int len,
int (*f)(void *, void *, u_int), void *arg);
@@ -537,7 +539,7 @@ extern int crypto_mbuftoiov(struct mbuf *mbuf, struct iovec **iovptr,
int *cnt, int *allocated);
extern void crypto_copyback(int flags, caddr_t buf, int off, int size,
- caddr_t in);
+ c_caddr_t in);
extern void crypto_copydata(int flags, caddr_t buf, int off, int size,
caddr_t out);
extern int crypto_apply(int flags, caddr_t buf, int off, int len,
diff --git a/tools/tools/crypto/cryptotest.c b/tools/tools/crypto/cryptotest.c
index bf0f8ee..2b5aa0a 100644
--- a/tools/tools/crypto/cryptotest.c
+++ b/tools/tools/crypto/cryptotest.c
@@ -216,7 +216,7 @@ crlookup(const char *devname)
const char *
crfind(int crid)
{
- struct crypt_find_op find;
+ static struct crypt_find_op find;
bzero(&find, sizeof(find));
find.crid = crid;
@@ -252,7 +252,7 @@ runtest(struct alg *alg, int count, int size, u_long cmd, struct timeval *tv)
{
int i, fd = crget();
struct timeval start, stop, dt;
- char *cleartext, *ciphertext, *originaltext;
+ char *cleartext, *ciphertext, *originaltext, *key;
struct session2_op sop;
struct crypt_op cop;
char iv[EALG_MAX_BLOCK_LEN];
@@ -260,19 +260,21 @@ runtest(struct alg *alg, int count, int size, u_long cmd, struct timeval *tv)
bzero(&sop, sizeof(sop));
if (!alg->ishash) {
sop.keylen = (alg->minkeylen + alg->maxkeylen)/2;
- sop.key = (char *) malloc(sop.keylen);
- if (sop.key == NULL)
+ key = (char *) malloc(sop.keylen);
+ if (key == NULL)
err(1, "malloc (key)");
for (i = 0; i < sop.keylen; i++)
- sop.key[i] = rdigit();
+ key[i] = rdigit();
+ sop.key = key;
sop.cipher = alg->code;
} else {
sop.mackeylen = (alg->minkeylen + alg->maxkeylen)/2;
- sop.mackey = (char *) malloc(sop.mackeylen);
- if (sop.mackey == NULL)
+ key = (char *) malloc(sop.mackeylen);
+ if (key == NULL)
err(1, "malloc (mac)");
for (i = 0; i < sop.mackeylen; i++)
- sop.mackey[i] = rdigit();
+ key[i] = rdigit();
+ sop.mackey = key;
sop.mac = alg->code;
}
sop.crid = crid;
OpenPOWER on IntegriCloud