summaryrefslogtreecommitdiffstats
path: root/sys/opencrypto
Commit message (Collapse)AuthorAgeFilesLines
* Do the dreaded s/dev_t/struct cdev */phk2004-06-161-5/+5
| | | | Bump __FreeBSD_version accordingly.
* add missing #include <sys/module.h>phk2004-05-302-0/+2
|
* kthread_exit() no longer requires Giant, so don't force callers to acquirejhb2004-03-051-1/+0
| | | | | | Giant just to call kthread_exit(). Requested by: many
* Device megapatch 4/6:phk2004-02-211-0/+2
| | | | | | | | Introduce d_version field in struct cdevsw, this must always be initialized to D_VERSION. Flip sense of D_NOGIANT flag to D_NEEDGIANT, this involves removing four D_NOGIANT flags and adding 145 D_NEEDGIANT flags.
* Do not aggressively unroll the AES implementation, in non-benchmarking usephk2004-02-041-2/+0
| | | | | | it is same speed on small cache cpus and slower on largecache cpus. Approved by: sam@
* Add CRD_F_KEY_EXPLICIT which allows the key to be changed perphk2004-02-022-0/+11
| | | | | | | | operation, just like it was possible to change the IV. Currently supported on Hifn and software engines only. Approved by: sam@
* style(9) pass and type fixups.bms2003-12-161-1/+1
| | | | Submitted by: bde
* Purge crmbuf.c as the routines are now in uipc_mbuf.c.bms2003-12-151-119/+0
| | | | | Reviewed by: sam Sponsored by: spc.org
* Push m_apply() and m_getptr() up into the colleciton of standard mbufbms2003-12-152-11/+1
| | | | | | | | routines, and purge them from opencrypto. Reviewed by: sam Obtained from: NetBSD Sponsored by: spc.org
* eliminate an unnecessary 8Kbyte bzero that was being done for eachsam2003-11-191-8/+5
| | | | | | | | submitted operation Submitted by: Thor Lancelot Simon Reviewed by: jhb Approved by: re (jhb)
* falloc allocates a file structure and adds it to the file descriptordwmalone2003-10-191-1/+1
| | | | | | | | | | | | | | | | | | | | | table, acquiring the necessary locks as it works. It usually returns two references to the new descriptor: one in the descriptor table and one via a pointer argument. As falloc releases the FILEDESC lock before returning, there is a potential for a process to close the reference in the file descriptor table before falloc's caller gets to use the file. I don't think this can happen in practice at the moment, because Giant indirectly protects closes. To stop the file being completly closed in this situation, this change makes falloc set the refcount to two when both references are returned. This makes life easier for several of falloc's callers, because the first thing they previously did was grab an extra reference on the file. Reviewed by: iedowse Idea run past: jhb
* The present defaults for the open and close for device drivers whichphk2003-09-271-1/+0
| | | | | | | | | | | | | | provide no methods does not make any sense, and is not used by any driver. It is a pretty hard to come up with even a theoretical concept of a device driver which would always fail open and close with ENODEV. Change the defaults to be nullopen() and nullclose() which simply does nothing. Remove explicit initializations to these from the drivers which already used them.
* consolidate callback optimization check in one location by adding a flagsam2003-06-302-7/+17
| | | | | | | for crypto operations that indicates the crypto code should do the check in crypto_done MFC after: 1 day
* Add support to eliminate a context switch per crypto op when using thesam2003-06-273-23/+33
| | | | | | | | | | | software crypto device: o record crypto device capabilities in each session id o add a capability that indicates if the crypto driver operates synchronously o tag the software crypto driver as operating synchronously This commit also introduces crypto session id macros that cleanup their construction and querying.
* Initialize struct fileops with C99 sparse initialization.phk2003-06-181-7/+7
|
* Use __FBSDID().obrien2003-06-1111-16/+37
|
* Flush my local cache of cryto subsystem fixes:sam2003-06-023-18/+43
| | | | | | | | | | | | | | | | | | | | o add a ``done'' flag for crypto operations; this is set when the operation completes and is intended for callers to check operations that may complete ``prematurely'' because of direct callbacks o close a race for operations where the crypto driver returns ERESTART: we need to hold the q lock to insure the blocked state for the driver and any driver-private state is consistent; otherwise drivers may take an interrupt and notify the crypto subsystem that it can unblock the driver but operations will be left queued and never be processed o close a race in /dev/crypto where operations can complete before the caller can sleep waiting for the callback: use a per-session mutex and the new done flag to handle this o correct crypto_dispatch's handling of operations where the driver returns ERESTART: the return value must be zero and not ERESTART, otherwise the caller may free the crypto request despite it being queued for later handling (this typically results in a later panic) o change crypto mutex ``names'' so witness printouts and the like are more meaningful
* Gigacommit to improve device-driver source compatibility betweenphk2003-03-031-14/+7
| | | | | | | | | | | | | branches: Initialize struct cdevsw using C99 sparse initializtion and remove all initializations to default values. This patch is automatically generated and has been tested by compiling LINT with all the fields in struct cdevsw in reverse order on alpha, sparc64 and i386. Approved by: re(scottl)
* o add a CRYPTO_F_CBIMM flag to symmetric ops to indicate the callbacksam2003-02-233-29/+78
| | | | | | | | | | | | | | | | | | should be done in crypto_done rather than in the callback thread o use this flag to mark operations from /dev/crypto since the callback routine just does a wakeup; this eliminates the last unneeded ctx switch o change CRYPTO_F_NODELAY to CRYPTO_F_BATCH with an inverted meaning so "0" becomes the default/desired setting (needed for user-mode compatibility with openbsd) o change crypto_dispatch to honor CRYPTO_F_BATCH instead of always dispatching immediately o remove uses of CRYPTO_F_NODELAY o define COP_F_BATCH for ops submitted through /dev/crypto and pass this on to the op that is submitted Similar changes and more eventually coming for asymmetric ops. MFC if re gives approval.
* Back out M_* changes, per decision of the TRB.imp2003-02-191-6/+6
| | | | Approved by: trb
* Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.alfred2003-01-211-6/+6
| | | | Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
* Bow to the whining masses and change a union back into void *. Retaindillon2003-01-131-4/+4
| | | | | removal of unnecessary casts and throw in some minor cleanups to see if anyone complains, just for the hell of it.
* Change struct file f_data to un_data, a union of the correct structdillon2003-01-121-4/+4
| | | | | | | | | | pointer types, and remove a huge number of casts from code using it. Change struct xfile xf_data to xun_data (ABI is still compatible). If we need to add a #define for f_data and xf_data we can, but I don't think it will be necessary. There are no operational changes in this commit.
* Invoke the driver directly when a request is submitted via crypto_dispatchsam2003-01-091-21/+52
| | | | | | | | | | | | | | | or crypto_kdispatch unless the driver is currently blocked. This eliminates the context switch to the dispatch thread for virtually all requests. Note that this change means that for software crypto drivers the caller will now block until the request is completed and the callback is dispatched to the callback thread (h/w drivers will typically just dispatch the op to the device and return quickly). If this is an issue we can either implement a non-blocking interface in the s/w crypto driver or use either the "no delay" flag in the crypto request or the "software driver" capability flag to control what to do. Sponsored by: Vernier Networks
* correct flags passed when allocation crypto request structures so wesam2003-01-061-2/+2
| | | | don't block and the returned data is zero'd
* manage kernel threads properly; especially shutting them down on module unloadsam2003-01-031-52/+133
| | | | Reviewed by: jhb
* MFS: crypto timing support; purge usercrypto sysctl (just don't configsam2003-01-033-9/+107
| | | | | | | | cryptodev or kldunload cryptodev module); crypto statistcs; remove unused alloctype field from crypto op to offset addition of the performance time stamp Supported by: Vernier Networks
* correct minor # in make_dev callsam2002-11-081-1/+1
| | | | Submitted by: Doug Ambrisko" <ambrisko@verniernetworks.com>
* change load order so module is present before crypto driverssam2002-11-081-1/+1
| | | | Submitted by: Doug Ambrisko" <ambrisko@verniernetworks.com>
* Module-ize the 'core' crypto stuff. This may still need to be compiledmarkm2002-10-162-3/+31
| | | | | | | | | into the kernel by default (if required), but other modules can now depend() on this. Fix inter-module dependancy. Earlier version OK'ed by: sam
* Change iov_base's type from `char *' to the standard `void *'. Allmike2002-10-111-1/+1
| | | | | uses of iov_base which assume its type is `char *' (in order to do pointer arithmetic) have been updated to cast iov_base to `char *'.
* o split crypto_proc into two threads: one for processing requests and onesam2002-10-071-52/+92
| | | | | | for processing callbacks. This closes race conditions caused by locking too many things with a single mutex. o reclaim crypto requests under certain (impossible) failure conditions
* remove CIOGSSESSION (get software session); it was added only for testingsam2002-10-072-4/+1
|
* In-kernel crypto framework derived from openbsd. This facility providessam2002-10-0421-0/+7317
a consistent interface to h/w and s/w crypto algorithms for use by the kernel and (for h/w at least) by user-mode apps. Access for user-level code is through a /dev/crypto device that'll eventually be used by openssl to (potentially) accelerate many applications. Coming soon is an IPsec that makes use of this service to accelerate ESP, AH, and IPCOMP protocols. Included here is the "core" crypto support, /dev/crypto driver, various crypto algorithms that are not already present in the KAME crypto area, and support routines used by crypto device drivers. Obtained from: openbsd
OpenPOWER on IntegriCloud