Overhaul driver/subsystem api's:

o make all crypto drivers have a device_t; pseudo drivers like the s/w crypto driver synthesize one o change the api between the crypto subsystem and drivers to use kobj; cryptodev_if.m defines this api o use the fact that all crypto drivers now have a device_t to add support for specifying which of several potential devices to use when doing crypto operations o add new ioctls that allow user apps to select a specific crypto device to use (previous ioctls maintained for compatibility) o overhaul crypto subsystem code to eliminate lots of cruft and hide implementation details from drivers o bring in numerous fixes from Michale Richardson/hifn; mostly for 795x parts o add an optional mechanism for mmap'ing the hifn 795x public key h/w to user space for use by openssl (not enabled by default) o update crypto test tools to use new ioctl's and add cmd line options to specify a device to use for tests These changes will also enable much future work on improving the core crypto subsystem; including proper load balancing and interposing code between the core and drivers to dispatch small operations to the s/w driver as appropriate. These changes were instigated by the work of Michael Richardson. Reviewed by: pjd Approved by: re
author: sam <sam@FreeBSD.org> 2007-03-21 03:42:51 +0000
committer: sam <sam@FreeBSD.org> 2007-03-21 03:42:51 +0000
commit: f96ba7ffdacde02e9c3e989c8f6e3e7539b74b46 (patch)
tree: 05fc03ec94859546cbef49b9fe30d492c4f7bf19 /tools
parent: 3f9dd9edcb00155dff6a9b7686ce432606296d79 (diff)
download: FreeBSD-src-f96ba7ffdacde02e9c3e989c8f6e3e7539b74b46.zip
FreeBSD-src-f96ba7ffdacde02e9c3e989c8f6e3e7539b74b46.tar.gz
2 files changed, 122 insertions, 20 deletions
diff --git a/tools/tools/crypto/cryptokeytest.c b/tools/tools/crypto/cryptokeytest.c
index a031faf..4e49152 100644
--- a/tools/tools/crypto/cryptokeytest.c
+++ b/tools/tools/crypto/cryptokeytest.c
@@ -12,13 +12,55 @@
 #include <sys/time.h>
 #include <crypto/cryptodev.h>
 #include <openssl/bn.h>
+
+#include <paths.h>
 #include <fcntl.h>
 #include <err.h>
 #include <string.h>
 #include <unistd.h>
 #include <stdlib.h>
 
-static int crypto_fd = -1;
+int	crid = CRYPTO_FLAG_HARDWARE;
+int	verbose = 0;
+
+static int
+devcrypto(void)
+{
+	static int fd = -1;
+
+	if (fd < 0) {
+		fd = open(_PATH_DEV "crypto", O_RDWR, 0);
+		if (fd < 0)
+			err(1, _PATH_DEV "crypto");
+		if (fcntl(fd, F_SETFD, 1) == -1)
+			err(1, "fcntl(F_SETFD) (devcrypto)");
+	}
+	return fd;
+}
+
+static int
+crlookup(const char *devname)
+{
+	struct crypt_find_op find;
+
+	find.crid = -1;
+	strlcpy(find.name, devname, sizeof(find.name));
+	if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1)
+		err(1, "ioctl(CIOCFINDDEV)");
+	return find.crid;
+}
+
+static const char *
+crfind(int crid)
+{
+	static struct crypt_find_op find;
+
+	bzero(&find, sizeof(find));
+	find.crid = crid;
+	if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1)
+		err(1, "ioctl(CIOCFINDDEV)");
+	return find.name;
+}
 
 /*
  * Convert a little endian byte string in 'p' that
@@ -85,17 +127,10 @@ UB_mod_exp(BIGNUM *res, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
 {
 	struct crypt_kop kop;
 	u_int8_t *ale, *ble, *cle;
+	static int crypto_fd = -1;
 
-	if (crypto_fd == -1) {
-		int fd, fdc = open("/dev/crypto", O_RDONLY);
-
-		if (fdc == -1)
-			err(1, "/dev/crypto");
-		if (ioctl(fdc, CRIOGET, &fd) == -1)
-			err(1, "CRIOGET");
-		close(fdc);
-		crypto_fd = fd;
-	}
+	if (crypto_fd == -1 && ioctl(devcrypto(), CRIOGET, &crypto_fd) == -1)
+		err(1, "CRIOGET");
 
 	if ((ale = bignum_to_le(a, NULL)) == NULL)
 		err(1, "bignum_to_le, a");
@@ -108,6 +143,7 @@ UB_mod_exp(BIGNUM *res, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
 	kop.crk_op = CRK_MOD_EXP;
 	kop.crk_iparams = 3;
 	kop.crk_oparams = 1;
+	kop.crk_crid = crid;
 	kop.crk_param[0].crp_p = ale;
 	kop.crk_param[0].crp_nbits = BN_num_bytes(a) * 8;
 	kop.crk_param[1].crp_p = ble;
@@ -117,8 +153,10 @@ UB_mod_exp(BIGNUM *res, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
 	kop.crk_param[3].crp_p = cle;
 	kop.crk_param[3].crp_nbits = BN_num_bytes(c) * 8;
 
-	if (ioctl(crypto_fd, CIOCKEY, &kop) == -1)
-		err(1, "CIOCKEY");
+	if (ioctl(crypto_fd, CIOCKEY2, &kop) == -1)
+		err(1, "CIOCKEY2");
+	if (verbose)
+		printf("device = %s\n", crfind(kop.crk_crid));
 
 	bzero(ale, BN_num_bytes(a));
 	free(ale);
@@ -211,10 +249,35 @@ testit(void)
 	BN_CTX_free(ctx);
 }
 
+static void
+usage(const char* cmd)
+{
+	printf("usage: %s [-d dev] [-v] [count]\n", cmd);
+	printf("count is the number of bignum ops to do\n");
+	printf("\n");
+	printf("-d use specific device\n");
+	printf("-v be verbose\n");
+	exit(-1);
+}
+
 int
-main()
+main(int argc, char *argv[])
 {
-	int i;
+	int c, i;
+
+	while ((c = getopt(argc, argv, "d:v")) != -1) {
+		switch (c) {
+		case 'd':
+			crid = crlookup(optarg);
+			break;
+		case 'v':
+			verbose = 1;
+			break;
+		default:
+			usage(argv[0]);
+		}
+	}
+	argc -= optind, argv += optind;
 
 	for (i = 0; i < 1000; i++) {
 		fprintf(stderr, "test %d\n", i);
diff --git a/tools/tools/crypto/cryptotest.c b/tools/tools/crypto/cryptotest.c
index c7e0157..9bb93ea 100644
--- a/tools/tools/crypto/cryptotest.c
+++ b/tools/tools/crypto/cryptotest.c
@@ -40,6 +40,7 @@
  * Run count iterations of a crypt+decrypt or mac operation on a buffer of
  * size bytes.  A random key and iv are used.  Options:
  *	-c	check the results
+ *	-d dev	pin work on device dev
  *	-z	run all available algorithms on a variety of buffer sizes
  *	-v	be verbose
  *	-b	mark operations for batching
@@ -106,6 +107,7 @@ void	hexdump(char *, int);
 int	verbose = 0;
 int	opflags = 0;
 int	verify = 0;
+int	crid = CRYPTO_FLAG_HARDWARE;
 
 struct alg {
 	const char* name;
@@ -139,7 +141,7 @@ struct alg {
 static void
 usage(const char* cmd)
 {
-	printf("usage: %s [-c] [-z] [-s] [-b] [-v] [-a algorithm] [count] [size ...]\n",
+	printf("usage: %s [-czsbv] [-d dev] [-a algorithm] [count] [size ...]\n",
 		cmd);
 	printf("where algorithm is one of:\n");
 	printf("    des 3des (default) blowfish cast skipjack\n");
@@ -148,6 +150,7 @@ usage(const char* cmd)
 	printf("size is the number of bytes of text to encrypt+decrypt\n");
 	printf("\n");
 	printf("-c check the results (slows timing)\n");
+	printf("-d use specific device\n");
 	printf("-z run all available algorithms on a variety of sizes\n");
 	printf("-v be verbose\n");
 	printf("-b mark operations for batching\n");
@@ -193,6 +196,30 @@ devcrypto(void)
 }
 
 static int
+crlookup(const char *devname)
+{
+	struct crypt_find_op find;
+
+	find.crid = -1;
+	strlcpy(find.name, devname, sizeof(find.name));
+	if (ioctl(devcrypto(), CIOCFINDDEV, &find) == -1)
+		err(1, "ioctl(CIOCFINDDEV)");
+	return find.crid;
+}
+
+static const char *
+crfind(int crid)
+{
+	static struct crypt_find_op find;
+
+	bzero(&find, sizeof(find));
+	find.crid = crid;
+	if (ioctl(devcrypto(), CRIOFINDDEV, &find) == -1)
+		err(1, "ioctl(CIOCFINDDEV): crid %d", crid);
+	return find.name;
+}
+
+static int
 crget(void)
 {
 	int fd;
@@ -220,7 +247,7 @@ runtest(struct alg *alg, int count, int size, u_long cmd, struct timeval *tv)
 	int i, fd = crget();
 	struct timeval start, stop, dt;
 	char *cleartext, *ciphertext, *originaltext;
-	struct session_op sop;
+	struct session2_op sop;
 	struct crypt_op cop;
 	char iv[8];
 
@@ -242,8 +269,9 @@ runtest(struct alg *alg, int count, int size, u_long cmd, struct timeval *tv)
 			sop.mackey[i] = rdigit();
 		sop.mac = alg->code;
 	}
+	sop.crid = crid;
 	if (ioctl(fd, cmd, &sop) < 0) {
-		if (cmd == CIOCGSESSION) {
+		if (cmd == CIOCGSESSION || cmd == CIOCGSESSION2) {
 			close(fd);
 			if (verbose) {
 				printf("cipher %s", alg->name);
@@ -274,6 +302,7 @@ runtest(struct alg *alg, int count, int size, u_long cmd, struct timeval *tv)
 
 	if (verbose) {
 		printf("session = 0x%x\n", sop.ses);
+		printf("device = %s\n", crfind(sop.crid));
 		printf("count = %d, size = %d\n", count, size);
 		if (!alg->ishash) {
 			printf("iv:");
@@ -448,10 +477,17 @@ runtests(struct alg *alg, int count, int size, u_long cmd, int threads, int prof
 	if (t) {
 		int nops = alg->ishash ? count : 2*count;
 
+#if 0
 		t /= threads;
 		printf("%6.3lf sec, %7d %6s crypts, %7d bytes, %8.0lf byte/sec, %7.1lf Mb/sec\n",
 		    t, nops, alg->name, size, (double)nops*size / t,
 		    (double)nops*size / t * 8 / 1024 / 1024);
+#else
+		nops *= threads;
+		printf("%8.3lf sec, %7d %6s crypts, %7d bytes, %8.0lf byte/sec, %7.1lf Mb/sec\n",
+		    t, nops, alg->name, size, (double)nops*size / t,
+		    (double)nops*size / t * 8 / 1024 / 1024);
+#endif
 	}
 #ifdef __FreeBSD__
 	if (profile) {
@@ -480,13 +516,13 @@ main(int argc, char **argv)
 	struct alg *alg = NULL;
 	int count = 1;
 	int sizes[128], nsizes = 0;
-	u_long cmd = CIOCGSESSION;
+	u_long cmd = CIOCGSESSION2;
 	int testall = 0;
 	int maxthreads = 1;
 	int profile = 0;
 	int i, ch;
 
-	while ((ch = getopt(argc, argv, "cpzsva:bt:")) != -1) {
+	while ((ch = getopt(argc, argv, "cpzsva:bd:t:")) != -1) {
 		switch (ch) {
 #ifdef CIOCGSSESSION
 		case 's':
@@ -505,6 +541,9 @@ main(int argc, char **argv)
 					usage(argv[0]);
 			}
 			break;
+		case 'd':
+			crid = crlookup(optarg);
+			break;
 		case 't':
 			maxthreads = atoi(optarg);
 			break;
author	sam <sam@FreeBSD.org>	2007-03-21 03:42:51 +0000
committer	sam <sam@FreeBSD.org>	2007-03-21 03:42:51 +0000
commit	f96ba7ffdacde02e9c3e989c8f6e3e7539b74b46 (patch)
tree	05fc03ec94859546cbef49b9fe30d492c4f7bf19 /tools
parent	3f9dd9edcb00155dff6a9b7686ce432606296d79 (diff)
download	FreeBSD-src-f96ba7ffdacde02e9c3e989c8f6e3e7539b74b46.zip FreeBSD-src-f96ba7ffdacde02e9c3e989c8f6e3e7539b74b46.tar.gz