summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJason Wright <jason@cvs.openbsd.org>2002-11-21 19:34:26 +0000
committerJason Wright <jason@cvs.openbsd.org>2002-11-21 19:34:26 +0000
commitdf234af540aa3148a946aaf2c7cb99d0d430622c (patch)
tree9648d1fafda02024471905aa3f82a4608b4ad4e7
parentcc4cd7513a1c3435029bffc00a6e730e3d3bd8ef (diff)
From Angelos:
- simplistic load balancing across multiple cards - simplified registration process - a few style nits.
-rw-r--r--sys/crypto/crypto.c344
-rw-r--r--sys/crypto/cryptodev.c5
-rw-r--r--sys/crypto/cryptodev.h33
-rw-r--r--sys/crypto/cryptosoft.c56
-rw-r--r--sys/dev/pci/hifn7751.c29
-rw-r--r--sys/dev/pci/lofn.c8
-rw-r--r--sys/dev/pci/nofn.c7
-rw-r--r--sys/dev/pci/ubsec.c23
8 files changed, 325 insertions, 180 deletions
diff --git a/sys/crypto/crypto.c b/sys/crypto/crypto.c
index f520d27fbfe..817220367b1 100644
--- a/sys/crypto/crypto.c
+++ b/sys/crypto/crypto.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto.c,v 1.41 2002/07/17 23:52:38 art Exp $ */
+/* $OpenBSD: crypto.c,v 1.42 2002/11/21 19:34:25 jason Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
*
@@ -37,18 +37,25 @@ int crypto_pool_initialized = 0;
struct cryptop *crp_req_queue = NULL;
struct cryptop **crp_req_queue_tail = NULL;
+struct cryptop *crp_ret_queue = NULL;
+struct cryptop **crp_ret_queue_tail = NULL;
+
struct cryptkop *krp_req_queue = NULL;
struct cryptkop **krp_req_queue_tail = NULL;
+struct cryptkop *krp_ret_queue = NULL;
+struct cryptkop **krp_ret_queue_tail = NULL;
+
/*
* Create a new session.
*/
int
crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard)
{
+ u_int32_t hid, lid, hid2 = -1;
+ struct cryptocap *cpc;
struct cryptoini *cr;
- u_int32_t hid, lid;
- int err, s;
+ int err, s, turn = 0;
if (crypto_drivers == NULL)
return EINVAL;
@@ -57,44 +64,99 @@ crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard)
/*
* The algorithm we use here is pretty stupid; just use the
- * first driver that supports all the algorithms we need.
+ * first driver that supports all the algorithms we need. Do
+ * a double-pass over all the drivers, ignoring software ones
+ * at first, to deal with cases of drivers that register after
+ * the software one(s) --- e.g., PCMCIA crypto cards.
*
* XXX We need more smarts here (in real life too, but that's
* XXX another story altogether).
*/
+ do {
+ for (hid = 0; hid < crypto_drivers_num; hid++) {
+ cpc = &crypto_drivers[hid];
+
+ /*
+ * If it's not initialized or has remaining sessions
+ * referencing it, skip.
+ */
+ if (cpc->cc_newsession == NULL ||
+ (cpc->cc_flags & CRYPTOCAP_F_CLEANUP))
+ continue;
+
+ if (cpc->cc_flags & CRYPTOCAP_F_SOFTWARE) {
+ /*
+ * First round of search, ignore
+ * software drivers.
+ */
+ if (turn == 0)
+ continue;
+ } else { /* !CRYPTOCAP_F_SOFTWARE */
+ /* Second round of search, only software. */
+ if (turn == 1)
+ continue;
+ }
+
+ /* See if all the algorithms are supported. */
+ for (cr = cri; cr; cr = cr->cri_next) {
+ if (cpc->cc_alg[cr->cri_alg] == 0)
+ break;
+ }
+
+ /*
+ * If even one algorithm is not supported,
+ * keep searching.
+ */
+ if (cr != NULL)
+ continue;
+
+ /*
+ * If we had a previous match, see how it compares
+ * to this one. Keep "remembering" whichever is
+ * the best of the two.
+ */
+ if (hid2 != -1) {
+ /*
+ * Compare session numbers, pick the one
+ * with the lowest.
+ * XXX Need better metrics, this will
+ * XXX just do un-weighted round-robin.
+ */
+ if (crypto_drivers[hid].cc_sessions <=
+ crypto_drivers[hid2].cc_sessions)
+ hid2 = hid;
+ } else {
+ /*
+ * Remember this one, for future
+ * comparisons.
+ */
+ hid2 = hid;
+ }
+ }
- for (hid = 0; hid < crypto_drivers_num; hid++) {
/*
- * If it's not initialized or has remaining sessions
- * referencing it, skip.
+ * If we found something worth remembering, leave. The
+ * side-effect is that we will always prefer a hardware
+ * driver over the software one.
*/
- if (crypto_drivers[hid].cc_newsession == NULL ||
- (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP))
- continue;
+ if (hid2 != -1)
+ break;
- /* Hardware requested -- ignore software drivers. */
- if (hard &&
- (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_SOFTWARE))
- continue;
+ turn++;
- /* See if all the algorithms are supported. */
- for (cr = cri; cr; cr = cr->cri_next)
- if (crypto_drivers[hid].cc_alg[cr->cri_alg] == 0)
- break;
+ /* If we only want hardware drivers, don't do second pass. */
+ } while (turn <= 2 && hard == 0);
- /* Ok, all algorithms are supported. */
- if (cr == NULL)
- break;
- }
+ hid = hid2;
/*
* Can't do everything in one session.
*
- * XXX Fix this. We need to inject a "virtual" session layer right
- * XXX about here.
+ * XXX Fix this. We need to inject a "virtual" session
+ * XXX layer right about here.
*/
- if (hid == crypto_drivers_num) {
+ if (hid == -1) {
splx(s);
return EINVAL;
}
@@ -227,70 +289,66 @@ crypto_get_driverid(u_int8_t flags)
* supported by the driver.
*/
int
-crypto_kregister(u_int32_t driverid, int kalg, u_int32_t flags,
+crypto_kregister(u_int32_t driverid, int *kalg,
int (*kprocess)(struct cryptkop *))
{
- int s;
+ int s, i;
- if (driverid >= crypto_drivers_num || kalg < 0 ||
- kalg > CRK_ALGORITHM_MAX || crypto_drivers == NULL)
+ if (driverid >= crypto_drivers_num || kalg == NULL ||
+ crypto_drivers == NULL)
return EINVAL;
s = splimp();
- /*
- * XXX Do some performance testing to determine placing.
- * XXX We probably need an auxiliary data structure that describes
- * XXX relative performances.
- */
+ for (i = 0; i < CRK_ALGORITHM_MAX; i++) {
+ /*
+ * XXX Do some performance testing to determine
+ * placing. We probably need an auxiliary data
+ * structure that describes relative performances.
+ */
- crypto_drivers[driverid].cc_kalg[kalg] =
- flags | CRYPTO_ALG_FLAG_SUPPORTED;
+ crypto_drivers[driverid].cc_kalg[i] = kalg[i];
+ }
- if (crypto_drivers[driverid].cc_kprocess == NULL)
- crypto_drivers[driverid].cc_kprocess = kprocess;
+ crypto_drivers[driverid].cc_kprocess = kprocess;
splx(s);
return 0;
}
-/*
- * Register a crypto driver. It should be called once for each algorithm
- * supported by the driver.
- */
+/* Register a crypto driver. */
int
-crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen,
- u_int32_t flags,
+crypto_register(u_int32_t driverid, int *alg,
int (*newses)(u_int32_t *, struct cryptoini *),
int (*freeses)(u_int64_t), int (*process)(struct cryptop *))
{
- int s;
+ int s, i;
- if (driverid >= crypto_drivers_num || alg <= 0 ||
- alg > CRYPTO_ALGORITHM_MAX || crypto_drivers == NULL)
- return EINVAL;
+ if (driverid >= crypto_drivers_num || alg == NULL ||
+ crypto_drivers == NULL)
+ return EINVAL;
+
s = splimp();
- /*
- * XXX Do some performance testing to determine placing.
- * XXX We probably need an auxiliary data structure that describes
- * XXX relative performances.
- */
+ for (i = 0; i < CRYPTO_ALGORITHM_MAX; i++) {
+ /*
+ * XXX Do some performance testing to determine
+ * placing. We probably need an auxiliary data
+ * structure that describes relative performances.
+ */
- crypto_drivers[driverid].cc_alg[alg] =
- flags | CRYPTO_ALG_FLAG_SUPPORTED;
+ crypto_drivers[driverid].cc_alg[i] = alg[i];
+ }
- crypto_drivers[driverid].cc_max_op_len[alg] = maxoplen;
- if (crypto_drivers[driverid].cc_process == NULL) {
- crypto_drivers[driverid].cc_newsession = newses;
- crypto_drivers[driverid].cc_process = process;
- crypto_drivers[driverid].cc_freesession = freeses;
- crypto_drivers[driverid].cc_sessions = 0; /* Unmark */
- }
+ crypto_drivers[driverid].cc_newsession = newses;
+ crypto_drivers[driverid].cc_process = process;
+ crypto_drivers[driverid].cc_freesession = freeses;
+ crypto_drivers[driverid].cc_sessions = 0; /* Unmark */
splx(s);
+
return 0;
}
@@ -303,26 +361,32 @@ crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen,
int
crypto_unregister(u_int32_t driverid, int alg)
{
- int i, s = splimp();
+ int i = CRYPTO_ALGORITHM_MAX + 1, s = splimp();
u_int32_t ses;
- /* Sanity checks */
- if (driverid >= crypto_drivers_num || alg <= 0 ||
- alg > CRYPTO_ALGORITHM_MAX || crypto_drivers == NULL ||
+ /* Sanity checks. */
+ if (driverid >= crypto_drivers_num || crypto_drivers == NULL ||
+ ((alg <= 0 || alg > CRYPTO_ALGORITHM_MAX) &&
+ alg != CRYPTO_ALGORITHM_ALL) ||
crypto_drivers[driverid].cc_alg[alg] == 0) {
splx(s);
return EINVAL;
}
- crypto_drivers[driverid].cc_alg[alg] = 0;
- crypto_drivers[driverid].cc_max_op_len[alg] = 0;
+ if (alg != CRYPTO_ALGORITHM_ALL) {
+ crypto_drivers[driverid].cc_alg[alg] = 0;
- /* Was this the last algorithm ? */
- for (i = 1; i <= CRYPTO_ALGORITHM_MAX; i++)
- if (crypto_drivers[driverid].cc_alg[i] != 0)
- break;
+ /* Was this the last algorithm ? */
+ for (i = 1; i <= CRYPTO_ALGORITHM_MAX; i++)
+ if (crypto_drivers[driverid].cc_alg[i] != 0)
+ break;
+ }
- if (i == CRYPTO_ALGORITHM_MAX + 1) {
+ /*
+ * If a driver unregistered its last algorithm or all of them
+ * (alg == CRYPTO_ALGORITHM_ALL), cleanup its entry.
+ */
+ if (i == CRYPTO_ALGORITHM_MAX + 1 || alg == CRYPTO_ALGORITHM_ALL) {
ses = crypto_drivers[driverid].cc_sessions;
bzero(&crypto_drivers[driverid], sizeof(struct cryptocap));
if (ses != 0) {
@@ -344,12 +408,23 @@ int
crypto_dispatch(struct cryptop *crp)
{
int s = splimp();
+ u_int32_t hid;
+
+ /*
+ * Keep track of ops per driver, for coallescing purposes. If
+ * we have been given an invalid hid, we'll deal with in the
+ * crypto_invoke(), through session migration.
+ */
+ hid = (crp->crp_sid >> 32) & 0xffffffff;
+ if (hid < crypto_drivers_num)
+ crypto_drivers[hid].cc_queued++;
+ crp->crp_next = NULL;
if (crp_req_queue == NULL) {
crp_req_queue = crp;
crp_req_queue_tail = &(crp->crp_next);
splx(s);
- wakeup((caddr_t) &crp_req_queue);
+ wakeup((caddr_t) &crp_req_queue); /* Shared wait channel. */
} else {
*crp_req_queue_tail = crp;
crp_req_queue_tail = &(crp->crp_next);
@@ -363,11 +438,12 @@ crypto_kdispatch(struct cryptkop *krp)
{
int s = splimp();
+ krp->krp_next = NULL;
if (krp_req_queue == NULL) {
krp_req_queue = krp;
krp_req_queue_tail = &(krp->krp_next);
splx(s);
- wakeup((caddr_t) &crp_req_queue); /* shared wait channel */
+ wakeup((caddr_t) &crp_req_queue); /* Shared wait channel. */
} else {
*krp_req_queue_tail = krp;
krp_req_queue_tail = &(krp->krp_next);
@@ -377,7 +453,7 @@ crypto_kdispatch(struct cryptkop *krp)
}
/*
- * Dispatch an assymetric crypto request to the appropriate crypto devices.
+ * Dispatch an asymmetric crypto request to the appropriate crypto devices.
*/
int
crypto_kinvoke(struct cryptkop *krp)
@@ -401,12 +477,17 @@ crypto_kinvoke(struct cryptkop *krp)
continue;
break;
}
+
if (hid == crypto_drivers_num) {
krp->krp_status = ENODEV;
crypto_kdone(krp);
return (0);
}
+
krp->krp_hid = hid;
+
+ crypto_drivers[hid].cc_koperations++;
+
error = crypto_drivers[hid].cc_kprocess(krp);
if (error) {
krp->krp_status = error;
@@ -437,40 +518,46 @@ crypto_invoke(struct cryptop *crp)
}
hid = (crp->crp_sid >> 32) & 0xffffffff;
- if (hid >= crypto_drivers_num) {
- /* Migrate session. */
- for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next)
- crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI);
+ if (hid >= crypto_drivers_num)
+ goto migrate;
- if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI), 0) == 0)
- crp->crp_sid = nid;
+ crypto_drivers[hid].cc_queued--;
- crp->crp_etype = EAGAIN;
- crypto_done(crp);
- return 0;
- }
-
- if (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP)
+ if (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP) {
crypto_freesession(crp->crp_sid);
+ goto migrate;
+ }
- if (crypto_drivers[hid].cc_process == NULL) {
- /* Migrate session. */
- for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next)
- crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI);
+ if (crypto_drivers[hid].cc_process == NULL)
+ goto migrate;
- if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI), 0) == 0)
- crp->crp_sid = nid;
-
- crp->crp_etype = EAGAIN;
- crypto_done(crp);
- return 0;
- }
+ crypto_drivers[hid].cc_operations++;
+ crypto_drivers[hid].cc_bytes += crp->crp_ilen;
error = crypto_drivers[hid].cc_process(crp);
if (error) {
- crp->crp_etype = error;
- crypto_done(crp);
+ if (error == ERESTART) {
+ /* Unregister driver and migrate session. */
+ crypto_unregister(hid, CRYPTO_ALGORITHM_ALL);
+ goto migrate;
+ } else {
+ crp->crp_etype = error;
+ crypto_done(crp);
+ }
}
+
+ return 0;
+
+ migrate:
+ /* Migrate session. */
+ for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next)
+ crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI);
+
+ if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI), 0) == 0)
+ crp->crp_sid = nid;
+
+ crp->crp_etype = EAGAIN;
+ crypto_done(crp);
return 0;
}
@@ -545,8 +632,8 @@ crypto_getreq(int num)
void
crypto_thread(void)
{
- struct cryptop *crp;
- struct cryptkop *krp;
+ struct cryptop *crp, *crpt;
+ struct cryptkop *krp, *krpt;
int s;
s = splimp();
@@ -554,7 +641,10 @@ crypto_thread(void)
for (;;) {
crp = crp_req_queue;
krp = krp_req_queue;
- if (crp == NULL && krp == NULL) {
+ crpt = crp_ret_queue;
+ krpt = krp_ret_queue;
+ if (crp == NULL && krp == NULL &&
+ crpt == NULL && krpt == NULL) {
(void) tsleep(&crp_req_queue, PLOCK, "crypto_wait", 0);
continue;
}
@@ -569,6 +659,24 @@ crypto_thread(void)
krp_req_queue = krp->krp_next;
crypto_kinvoke(krp);
}
+ if (crpt) {
+ /* Remove from the queue. */
+ crp_ret_queue = crpt->crp_next;
+ splx(s);
+ crpt->crp_callback(crpt);
+ splimp();
+ }
+ if (krpt) {
+ /* Remove from the queue. */
+ krp_ret_queue = krpt->krp_next;
+ /*
+ * Cheat. For public key ops, we know that
+ * all that's done is a wakeup() for the
+ * userland process, so don't bother to
+ * change the processor priority.
+ */
+ krpt->krp_callback(krpt);
+ }
}
}
@@ -578,7 +686,19 @@ crypto_thread(void)
void
crypto_done(struct cryptop *crp)
{
- crp->crp_callback(crp);
+ int s = splimp();
+
+ crp->crp_next = NULL;
+ if (crp_ret_queue == NULL) {
+ crp_ret_queue = crp;
+ crp_ret_queue_tail = &(crp->crp_next);
+ splx(s);
+ wakeup((caddr_t) &crp_req_queue); /* Shared wait channel. */
+ } else {
+ *crp_ret_queue_tail = crp;
+ crp_ret_queue_tail = &(crp->crp_next);
+ splx(s);
+ }
}
/*
@@ -587,7 +707,19 @@ crypto_done(struct cryptop *crp)
void
crypto_kdone(struct cryptkop *krp)
{
- krp->krp_callback(krp);
+ int s = splimp();
+
+ krp->krp_next = NULL;
+ if (krp_ret_queue == NULL) {
+ krp_ret_queue = krp;
+ krp_ret_queue_tail = &(krp->krp_next);
+ splx(s);
+ wakeup((caddr_t) &crp_req_queue); /* Shared wait channel. */
+ } else {
+ *krp_ret_queue_tail = krp;
+ krp_ret_queue_tail = &(krp->krp_next);
+ splx(s);
+ }
}
int
diff --git a/sys/crypto/cryptodev.c b/sys/crypto/cryptodev.c
index 91e4e46c77c..25386790a0a 100644
--- a/sys/crypto/cryptodev.c
+++ b/sys/crypto/cryptodev.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cryptodev.c,v 1.54 2002/11/12 18:23:13 jason Exp $ */
+/* $OpenBSD: cryptodev.c,v 1.55 2002/11/21 19:34:25 jason Exp $ */
/*
* Copyright (c) 2001 Theo de Raadt
@@ -304,8 +304,9 @@ cryptodev_op(struct csession *cse, struct crypt_op *cop, struct proc *p)
if (cop->len > 256*1024-4)
return (E2BIG);
- if (cse->txform && (cop->len % cse->txform->blocksize) != 0)
+ if (cse->txform && (cop->len % cse->txform->blocksize) != 0) {
return (EINVAL);
+ }
bzero(&cse->uio, sizeof(cse->uio));
cse->uio.uio_iovcnt = 1;
diff --git a/sys/crypto/cryptodev.h b/sys/crypto/cryptodev.h
index 8160ec2620a..0fa8a653b2f 100644
--- a/sys/crypto/cryptodev.h
+++ b/sys/crypto/cryptodev.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: cryptodev.h,v 1.34 2002/11/12 18:23:13 jason Exp $ */
+/* $OpenBSD: cryptodev.h,v 1.35 2002/11/21 19:34:25 jason Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
@@ -96,6 +96,8 @@
#define CRYPTO_NULL 16
#define CRYPTO_ALGORITHM_MAX 16 /* Keep updated - see below */
+#define CRYPTO_ALGORITHM_ALL (CRYPTO_ALGORITHM_MAX + 1)
+
/* Algorithm flags */
#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */
#define CRYPTO_ALG_FLAG_RNG_ENABLE 0x02 /* Has HW RNG for DH/DSA */
@@ -216,21 +218,25 @@ struct cryptkop {
/* Crypto capabilities structure */
struct cryptocap {
- u_int32_t cc_sessions;
+ u_int64_t cc_operations; /* Counter of how many ops done */
+ u_int64_t cc_bytes; /* Counter of how many bytes done */
+ u_int64_t cc_koperations; /* How many PK ops done */
+
+ u_int32_t cc_sessions; /* How many sessions allocated */
- /*
- * Largest possible operator length (in bits) for each type of
- * encryption algorithm.
- */
- u_int16_t cc_max_op_len[CRYPTO_ALGORITHM_MAX + 1];
+ /* Symmetric/hash algorithms supported */
+ int cc_alg[CRYPTO_ALGORITHM_MAX + 1];
- u_int8_t cc_alg[CRYPTO_ALGORITHM_MAX + 1];
+ /* Asymmetric algorithms supported */
+ int cc_kalg[CRK_ALGORITHM_MAX + 1];
- u_int8_t cc_kalg[CRK_ALGORITHM_MAX + 1];
+ int cc_queued; /* Operations queued */
u_int8_t cc_flags;
-#define CRYPTOCAP_F_CLEANUP 0x1
-#define CRYPTOCAP_F_SOFTWARE 0x02
+#define CRYPTOCAP_F_CLEANUP 0x01
+#define CRYPTOCAP_F_SOFTWARE 0x02
+#define CRYPTOCAP_F_ENCRYPT_MAC 0x04 /* Can do encrypt-then-MAC (IPsec) */
+#define CRYPTOCAP_F_MAC_ENCRYPT 0x08 /* Can do MAC-then-encrypt (TLS) */
int (*cc_newsession) (u_int32_t *, struct cryptoini *);
int (*cc_process) (struct cryptop *);
@@ -290,11 +296,10 @@ int crypto_newsession(u_int64_t *, struct cryptoini *, int);
int crypto_freesession(u_int64_t);
int crypto_dispatch(struct cryptop *);
int crypto_kdispatch(struct cryptkop *);
-int crypto_register(u_int32_t, int, u_int16_t, u_int32_t,
+int crypto_register(u_int32_t, int *,
int (*)(u_int32_t *, struct cryptoini *), int (*)(u_int64_t),
int (*)(struct cryptop *));
-int crypto_kregister(u_int32_t, int, u_int32_t,
- int (*)(struct cryptkop *));
+int crypto_kregister(u_int32_t, int *, int (*)(struct cryptkop *));
int crypto_unregister(u_int32_t, int);
int32_t crypto_get_driverid(u_int8_t);
void crypto_thread(void);
diff --git a/sys/crypto/cryptosoft.c b/sys/crypto/cryptosoft.c
index 6b50bf664c5..e42149f4df4 100644
--- a/sys/crypto/cryptosoft.c
+++ b/sys/crypto/cryptosoft.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cryptosoft.c,v 1.36 2002/11/12 18:23:13 jason Exp $ */
+/* $OpenBSD: cryptosoft.c,v 1.37 2002/11/21 19:34:25 jason Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
@@ -920,40 +920,34 @@ done:
void
swcr_init(void)
{
- swcr_id = crypto_get_driverid(CRYPTOCAP_F_SOFTWARE);
+ int algs[CRYPTO_ALGORITHM_MAX + 1];
+ int flags = CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_ENCRYPT_MAC |
+ CRYPTOCAP_F_MAC_ENCRYPT;
+
+ swcr_id = crypto_get_driverid(flags);
if (swcr_id < 0) {
/* This should never happen */
panic("Software crypto device cannot initialize!");
}
- crypto_register(swcr_id, CRYPTO_DES_CBC, 0, 0, swcr_newsession,
+ bzero(algs, sizeof(algs));
+
+ algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_BLF_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_CAST_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_SKIPJACK_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_RIPEMD160_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_MD5_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_SHA1_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_RIJNDAEL128_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_DEFLATE_COMP] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_NULL] = CRYPTO_ALG_FLAG_SUPPORTED;
+
+ crypto_register(swcr_id, algs, swcr_newsession,
swcr_freesession, swcr_process);
- crypto_register(swcr_id, CRYPTO_3DES_CBC, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_BLF_CBC, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_CAST_CBC, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_SKIPJACK_CBC, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_MD5_HMAC, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_SHA1_HMAC, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_RIPEMD160_HMAC, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_MD5_KPDK, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_SHA1_KPDK, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_MD5, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_SHA1, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_RIJNDAEL128_CBC, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_DEFLATE_COMP, 0, 0,
- NULL, NULL, NULL);
- crypto_register(swcr_id, CRYPTO_NULL, 0, 0,
- NULL, NULL, NULL);
}
diff --git a/sys/dev/pci/hifn7751.c b/sys/dev/pci/hifn7751.c
index 5be93e94619..70834edf503 100644
--- a/sys/dev/pci/hifn7751.c
+++ b/sys/dev/pci/hifn7751.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hifn7751.c,v 1.133 2002/11/19 18:40:17 jason Exp $ */
+/* $OpenBSD: hifn7751.c,v 1.134 2002/11/21 19:34:25 jason Exp $ */
/*
* Invertex AEON / Hifn 7751 driver
@@ -150,6 +150,7 @@ hifn_attach(parent, self, aux)
u_int16_t ena;
int rseg;
caddr_t kva;
+ int algs[CRYPTO_ALGORITHM_MAX + 1];
sc->sc_pci_pc = pa->pa_pc;
sc->sc_pci_tag = pa->pa_tag;
@@ -290,26 +291,24 @@ hifn_attach(parent, self, aux)
READ_REG_0(sc, HIFN_0_PUCNFG) | HIFN_PUCNFG_CHIPID);
ena = READ_REG_0(sc, HIFN_0_PUSTAT) & HIFN_PUSTAT_CHIPENA;
+ bzero(algs, sizeof(algs));
+
switch (ena) {
case HIFN_PUSTAT_ENA_2:
- crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0,
- hifn_newsession, hifn_freesession, hifn_process);
- crypto_register(sc->sc_cid, CRYPTO_ARC4, 0, 0,
- hifn_newsession, hifn_freesession, hifn_process);
+ algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_ARC4] = CRYPTO_ALG_FLAG_SUPPORTED;
/*FALLTHROUGH*/
case HIFN_PUSTAT_ENA_1:
- crypto_register(sc->sc_cid, CRYPTO_MD5, 0, 0,
- hifn_newsession, hifn_freesession, hifn_process);
- crypto_register(sc->sc_cid, CRYPTO_SHA1, 0, 0,
- hifn_newsession, hifn_freesession, hifn_process);
- crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0,
- hifn_newsession, hifn_freesession, hifn_process);
- crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0,
- hifn_newsession, hifn_freesession, hifn_process);
- crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0,
- hifn_newsession, hifn_freesession, hifn_process);
+ algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
}
+ crypto_register(sc->sc_cid, algs, hifn_newsession,
+ hifn_freesession, hifn_process);
+
bus_dmamap_sync(sc->sc_dmat, sc->sc_dmamap, 0,
sc->sc_dmamap->dm_mapsize,
BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
diff --git a/sys/dev/pci/lofn.c b/sys/dev/pci/lofn.c
index f9df2a53e55..0e350a1e7d3 100644
--- a/sys/dev/pci/lofn.c
+++ b/sys/dev/pci/lofn.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: lofn.c,v 1.21 2002/09/24 18:33:26 jason Exp $ */
+/* $OpenBSD: lofn.c,v 1.22 2002/11/21 19:34:25 jason Exp $ */
/*
* Copyright (c) 2001-2002 Jason L. Wright (jason@thought.net)
@@ -114,6 +114,7 @@ lofn_attach(parent, self, aux)
const char *intrstr = NULL;
bus_size_t iosize;
u_int32_t cmd;
+ int algs[CRK_ALGORITHM_MAX + 1];
cmd = pci_conf_read(pc, pa->pa_tag, PCI_COMMAND_STATUS_REG);
cmd |= PCI_COMMAND_MEM_ENABLE;
@@ -168,7 +169,10 @@ lofn_attach(parent, self, aux)
return;
}
- crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0, lofn_kprocess);
+ bzero(algs, sizeof(algs));
+ algs[CRK_MOD_EXP] = CRYPTO_ALG_FLAG_SUPPORTED;
+
+ crypto_kregister(sc->sc_cid, algs, lofn_kprocess);
printf(": %s\n", intrstr);
diff --git a/sys/dev/pci/nofn.c b/sys/dev/pci/nofn.c
index 997d6c144c1..c7717f2c1fb 100644
--- a/sys/dev/pci/nofn.c
+++ b/sys/dev/pci/nofn.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: nofn.c,v 1.6 2002/09/24 18:33:26 jason Exp $ */
+/* $OpenBSD: nofn.c,v 1.7 2002/11/21 19:34:25 jason Exp $ */
/*
* Copyright (c) 2002 Jason L. Wright (jason@thought.net)
@@ -373,6 +373,7 @@ nofn_pk_enable(sc)
struct nofn_softc *sc;
{
u_int32_t r;
+ int algs[CRK_ALGORITHM_MAX + 1];
if ((sc->sc_cid = crypto_get_driverid(0)) < 0) {
printf(": failed to register cid\n");
@@ -382,7 +383,9 @@ nofn_pk_enable(sc)
SIMPLEQ_INIT(&sc->sc_pk_queue);
sc->sc_pk_current = NULL;
- crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0, nofn_pk_process);
+ bzero(algs, sizeof(algs));
+ algs[CRK_MOD_EXP] = CRYPTO_ALG_FLAG_SUPPORTED;
+ crypto_kregister(sc->sc_cid, algs, nofn_pk_process);
/* enable ALU */
r = PK_READ_4(sc, NOFN_PK_CFG2);
diff --git a/sys/dev/pci/ubsec.c b/sys/dev/pci/ubsec.c
index 187ed180ea9..aab0a78f5e7 100644
--- a/sys/dev/pci/ubsec.c
+++ b/sys/dev/pci/ubsec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ubsec.c,v 1.119 2002/11/19 18:40:17 jason Exp $ */
+/* $OpenBSD: ubsec.c,v 1.120 2002/11/21 19:34:25 jason Exp $ */
/*
* Copyright (c) 2000 Jason L. Wright (jason@thought.net)
@@ -167,6 +167,8 @@ ubsec_attach(parent, self, aux)
struct ubsec_dma *dmap;
bus_size_t iosize;
u_int32_t cmd, i;
+ int algs[CRYPTO_ALGORITHM_MAX + 1];
+ int kalgs[CRK_ALGORITHM_MAX + 1];
SIMPLEQ_INIT(&sc->sc_queue);
SIMPLEQ_INIT(&sc->sc_qchip);
@@ -273,11 +275,13 @@ ubsec_attach(parent, self, aux)
SIMPLEQ_INSERT_TAIL(&sc->sc_freequeue, q, q_next);
}
- crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0,
- ubsec_newsession, ubsec_freesession, ubsec_process);
- crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0, NULL, NULL, NULL);
- crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0, NULL, NULL, NULL);
- crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0, NULL, NULL, NULL);
+ bzero(algs, sizeof(algs));
+ algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ crypto_register(sc->sc_cid, algs, ubsec_newsession,
+ ubsec_freesession, ubsec_process);
/*
* Reset Broadcom chip
@@ -332,10 +336,13 @@ skip_rng:
if (sc->sc_flags & UBS_FLAGS_KEY) {
sc->sc_statmask |= BS_STAT_MCR2_DONE;
- crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0, ubsec_kprocess);
+ bzero(kalgs, sizeof(kalgs));
+ kalgs[CRK_MOD_EXP] = CRYPTO_ALG_FLAG_SUPPORTED;
#if 0
- crypto_kregister(sc->sc_cid, CRK_MOD_EXP_CRT, 0, ubsec_kprocess);
+ kalgs[CRK_MOD_EXP_CRT] = CRYPTO_ALG_FLAG_SUPPORTED;
#endif
+
+ crypto_kregister(sc->sc_cid, kalgs, ubsec_kprocess);
}
printf("\n");