diff options
author | Jason Wright <jason@cvs.openbsd.org> | 2002-11-21 19:34:26 +0000 |
---|---|---|
committer | Jason Wright <jason@cvs.openbsd.org> | 2002-11-21 19:34:26 +0000 |
commit | df234af540aa3148a946aaf2c7cb99d0d430622c (patch) | |
tree | 9648d1fafda02024471905aa3f82a4608b4ad4e7 | |
parent | cc4cd7513a1c3435029bffc00a6e730e3d3bd8ef (diff) |
From Angelos:
- simplistic load balancing across multiple cards
- simplified registration process
- a few style nits.
-rw-r--r-- | sys/crypto/crypto.c | 344 | ||||
-rw-r--r-- | sys/crypto/cryptodev.c | 5 | ||||
-rw-r--r-- | sys/crypto/cryptodev.h | 33 | ||||
-rw-r--r-- | sys/crypto/cryptosoft.c | 56 | ||||
-rw-r--r-- | sys/dev/pci/hifn7751.c | 29 | ||||
-rw-r--r-- | sys/dev/pci/lofn.c | 8 | ||||
-rw-r--r-- | sys/dev/pci/nofn.c | 7 | ||||
-rw-r--r-- | sys/dev/pci/ubsec.c | 23 |
8 files changed, 325 insertions, 180 deletions
diff --git a/sys/crypto/crypto.c b/sys/crypto/crypto.c index f520d27fbfe..817220367b1 100644 --- a/sys/crypto/crypto.c +++ b/sys/crypto/crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.c,v 1.41 2002/07/17 23:52:38 art Exp $ */ +/* $OpenBSD: crypto.c,v 1.42 2002/11/21 19:34:25 jason Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) * @@ -37,18 +37,25 @@ int crypto_pool_initialized = 0; struct cryptop *crp_req_queue = NULL; struct cryptop **crp_req_queue_tail = NULL; +struct cryptop *crp_ret_queue = NULL; +struct cryptop **crp_ret_queue_tail = NULL; + struct cryptkop *krp_req_queue = NULL; struct cryptkop **krp_req_queue_tail = NULL; +struct cryptkop *krp_ret_queue = NULL; +struct cryptkop **krp_ret_queue_tail = NULL; + /* * Create a new session. */ int crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard) { + u_int32_t hid, lid, hid2 = -1; + struct cryptocap *cpc; struct cryptoini *cr; - u_int32_t hid, lid; - int err, s; + int err, s, turn = 0; if (crypto_drivers == NULL) return EINVAL; @@ -57,44 +64,99 @@ crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard) /* * The algorithm we use here is pretty stupid; just use the - * first driver that supports all the algorithms we need. + * first driver that supports all the algorithms we need. Do + * a double-pass over all the drivers, ignoring software ones + * at first, to deal with cases of drivers that register after + * the software one(s) --- e.g., PCMCIA crypto cards. * * XXX We need more smarts here (in real life too, but that's * XXX another story altogether). */ + do { + for (hid = 0; hid < crypto_drivers_num; hid++) { + cpc = &crypto_drivers[hid]; + + /* + * If it's not initialized or has remaining sessions + * referencing it, skip. + */ + if (cpc->cc_newsession == NULL || + (cpc->cc_flags & CRYPTOCAP_F_CLEANUP)) + continue; + + if (cpc->cc_flags & CRYPTOCAP_F_SOFTWARE) { + /* + * First round of search, ignore + * software drivers. + */ + if (turn == 0) + continue; + } else { /* !CRYPTOCAP_F_SOFTWARE */ + /* Second round of search, only software. */ + if (turn == 1) + continue; + } + + /* See if all the algorithms are supported. */ + for (cr = cri; cr; cr = cr->cri_next) { + if (cpc->cc_alg[cr->cri_alg] == 0) + break; + } + + /* + * If even one algorithm is not supported, + * keep searching. + */ + if (cr != NULL) + continue; + + /* + * If we had a previous match, see how it compares + * to this one. Keep "remembering" whichever is + * the best of the two. + */ + if (hid2 != -1) { + /* + * Compare session numbers, pick the one + * with the lowest. + * XXX Need better metrics, this will + * XXX just do un-weighted round-robin. + */ + if (crypto_drivers[hid].cc_sessions <= + crypto_drivers[hid2].cc_sessions) + hid2 = hid; + } else { + /* + * Remember this one, for future + * comparisons. + */ + hid2 = hid; + } + } - for (hid = 0; hid < crypto_drivers_num; hid++) { /* - * If it's not initialized or has remaining sessions - * referencing it, skip. + * If we found something worth remembering, leave. The + * side-effect is that we will always prefer a hardware + * driver over the software one. */ - if (crypto_drivers[hid].cc_newsession == NULL || - (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP)) - continue; + if (hid2 != -1) + break; - /* Hardware requested -- ignore software drivers. */ - if (hard && - (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_SOFTWARE)) - continue; + turn++; - /* See if all the algorithms are supported. */ - for (cr = cri; cr; cr = cr->cri_next) - if (crypto_drivers[hid].cc_alg[cr->cri_alg] == 0) - break; + /* If we only want hardware drivers, don't do second pass. */ + } while (turn <= 2 && hard == 0); - /* Ok, all algorithms are supported. */ - if (cr == NULL) - break; - } + hid = hid2; /* * Can't do everything in one session. * - * XXX Fix this. We need to inject a "virtual" session layer right - * XXX about here. + * XXX Fix this. We need to inject a "virtual" session + * XXX layer right about here. */ - if (hid == crypto_drivers_num) { + if (hid == -1) { splx(s); return EINVAL; } @@ -227,70 +289,66 @@ crypto_get_driverid(u_int8_t flags) * supported by the driver. */ int -crypto_kregister(u_int32_t driverid, int kalg, u_int32_t flags, +crypto_kregister(u_int32_t driverid, int *kalg, int (*kprocess)(struct cryptkop *)) { - int s; + int s, i; - if (driverid >= crypto_drivers_num || kalg < 0 || - kalg > CRK_ALGORITHM_MAX || crypto_drivers == NULL) + if (driverid >= crypto_drivers_num || kalg == NULL || + crypto_drivers == NULL) return EINVAL; s = splimp(); - /* - * XXX Do some performance testing to determine placing. - * XXX We probably need an auxiliary data structure that describes - * XXX relative performances. - */ + for (i = 0; i < CRK_ALGORITHM_MAX; i++) { + /* + * XXX Do some performance testing to determine + * placing. We probably need an auxiliary data + * structure that describes relative performances. + */ - crypto_drivers[driverid].cc_kalg[kalg] = - flags | CRYPTO_ALG_FLAG_SUPPORTED; + crypto_drivers[driverid].cc_kalg[i] = kalg[i]; + } - if (crypto_drivers[driverid].cc_kprocess == NULL) - crypto_drivers[driverid].cc_kprocess = kprocess; + crypto_drivers[driverid].cc_kprocess = kprocess; splx(s); return 0; } -/* - * Register a crypto driver. It should be called once for each algorithm - * supported by the driver. - */ +/* Register a crypto driver. */ int -crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen, - u_int32_t flags, +crypto_register(u_int32_t driverid, int *alg, int (*newses)(u_int32_t *, struct cryptoini *), int (*freeses)(u_int64_t), int (*process)(struct cryptop *)) { - int s; + int s, i; - if (driverid >= crypto_drivers_num || alg <= 0 || - alg > CRYPTO_ALGORITHM_MAX || crypto_drivers == NULL) - return EINVAL; + if (driverid >= crypto_drivers_num || alg == NULL || + crypto_drivers == NULL) + return EINVAL; + s = splimp(); - /* - * XXX Do some performance testing to determine placing. - * XXX We probably need an auxiliary data structure that describes - * XXX relative performances. - */ + for (i = 0; i < CRYPTO_ALGORITHM_MAX; i++) { + /* + * XXX Do some performance testing to determine + * placing. We probably need an auxiliary data + * structure that describes relative performances. + */ - crypto_drivers[driverid].cc_alg[alg] = - flags | CRYPTO_ALG_FLAG_SUPPORTED; + crypto_drivers[driverid].cc_alg[i] = alg[i]; + } - crypto_drivers[driverid].cc_max_op_len[alg] = maxoplen; - if (crypto_drivers[driverid].cc_process == NULL) { - crypto_drivers[driverid].cc_newsession = newses; - crypto_drivers[driverid].cc_process = process; - crypto_drivers[driverid].cc_freesession = freeses; - crypto_drivers[driverid].cc_sessions = 0; /* Unmark */ - } + crypto_drivers[driverid].cc_newsession = newses; + crypto_drivers[driverid].cc_process = process; + crypto_drivers[driverid].cc_freesession = freeses; + crypto_drivers[driverid].cc_sessions = 0; /* Unmark */ splx(s); + return 0; } @@ -303,26 +361,32 @@ crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen, int crypto_unregister(u_int32_t driverid, int alg) { - int i, s = splimp(); + int i = CRYPTO_ALGORITHM_MAX + 1, s = splimp(); u_int32_t ses; - /* Sanity checks */ - if (driverid >= crypto_drivers_num || alg <= 0 || - alg > CRYPTO_ALGORITHM_MAX || crypto_drivers == NULL || + /* Sanity checks. */ + if (driverid >= crypto_drivers_num || crypto_drivers == NULL || + ((alg <= 0 || alg > CRYPTO_ALGORITHM_MAX) && + alg != CRYPTO_ALGORITHM_ALL) || crypto_drivers[driverid].cc_alg[alg] == 0) { splx(s); return EINVAL; } - crypto_drivers[driverid].cc_alg[alg] = 0; - crypto_drivers[driverid].cc_max_op_len[alg] = 0; + if (alg != CRYPTO_ALGORITHM_ALL) { + crypto_drivers[driverid].cc_alg[alg] = 0; - /* Was this the last algorithm ? */ - for (i = 1; i <= CRYPTO_ALGORITHM_MAX; i++) - if (crypto_drivers[driverid].cc_alg[i] != 0) - break; + /* Was this the last algorithm ? */ + for (i = 1; i <= CRYPTO_ALGORITHM_MAX; i++) + if (crypto_drivers[driverid].cc_alg[i] != 0) + break; + } - if (i == CRYPTO_ALGORITHM_MAX + 1) { + /* + * If a driver unregistered its last algorithm or all of them + * (alg == CRYPTO_ALGORITHM_ALL), cleanup its entry. + */ + if (i == CRYPTO_ALGORITHM_MAX + 1 || alg == CRYPTO_ALGORITHM_ALL) { ses = crypto_drivers[driverid].cc_sessions; bzero(&crypto_drivers[driverid], sizeof(struct cryptocap)); if (ses != 0) { @@ -344,12 +408,23 @@ int crypto_dispatch(struct cryptop *crp) { int s = splimp(); + u_int32_t hid; + + /* + * Keep track of ops per driver, for coallescing purposes. If + * we have been given an invalid hid, we'll deal with in the + * crypto_invoke(), through session migration. + */ + hid = (crp->crp_sid >> 32) & 0xffffffff; + if (hid < crypto_drivers_num) + crypto_drivers[hid].cc_queued++; + crp->crp_next = NULL; if (crp_req_queue == NULL) { crp_req_queue = crp; crp_req_queue_tail = &(crp->crp_next); splx(s); - wakeup((caddr_t) &crp_req_queue); + wakeup((caddr_t) &crp_req_queue); /* Shared wait channel. */ } else { *crp_req_queue_tail = crp; crp_req_queue_tail = &(crp->crp_next); @@ -363,11 +438,12 @@ crypto_kdispatch(struct cryptkop *krp) { int s = splimp(); + krp->krp_next = NULL; if (krp_req_queue == NULL) { krp_req_queue = krp; krp_req_queue_tail = &(krp->krp_next); splx(s); - wakeup((caddr_t) &crp_req_queue); /* shared wait channel */ + wakeup((caddr_t) &crp_req_queue); /* Shared wait channel. */ } else { *krp_req_queue_tail = krp; krp_req_queue_tail = &(krp->krp_next); @@ -377,7 +453,7 @@ crypto_kdispatch(struct cryptkop *krp) } /* - * Dispatch an assymetric crypto request to the appropriate crypto devices. + * Dispatch an asymmetric crypto request to the appropriate crypto devices. */ int crypto_kinvoke(struct cryptkop *krp) @@ -401,12 +477,17 @@ crypto_kinvoke(struct cryptkop *krp) continue; break; } + if (hid == crypto_drivers_num) { krp->krp_status = ENODEV; crypto_kdone(krp); return (0); } + krp->krp_hid = hid; + + crypto_drivers[hid].cc_koperations++; + error = crypto_drivers[hid].cc_kprocess(krp); if (error) { krp->krp_status = error; @@ -437,40 +518,46 @@ crypto_invoke(struct cryptop *crp) } hid = (crp->crp_sid >> 32) & 0xffffffff; - if (hid >= crypto_drivers_num) { - /* Migrate session. */ - for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next) - crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI); + if (hid >= crypto_drivers_num) + goto migrate; - if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI), 0) == 0) - crp->crp_sid = nid; + crypto_drivers[hid].cc_queued--; - crp->crp_etype = EAGAIN; - crypto_done(crp); - return 0; - } - - if (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP) + if (crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP) { crypto_freesession(crp->crp_sid); + goto migrate; + } - if (crypto_drivers[hid].cc_process == NULL) { - /* Migrate session. */ - for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next) - crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI); + if (crypto_drivers[hid].cc_process == NULL) + goto migrate; - if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI), 0) == 0) - crp->crp_sid = nid; - - crp->crp_etype = EAGAIN; - crypto_done(crp); - return 0; - } + crypto_drivers[hid].cc_operations++; + crypto_drivers[hid].cc_bytes += crp->crp_ilen; error = crypto_drivers[hid].cc_process(crp); if (error) { - crp->crp_etype = error; - crypto_done(crp); + if (error == ERESTART) { + /* Unregister driver and migrate session. */ + crypto_unregister(hid, CRYPTO_ALGORITHM_ALL); + goto migrate; + } else { + crp->crp_etype = error; + crypto_done(crp); + } } + + return 0; + + migrate: + /* Migrate session. */ + for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next) + crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI); + + if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI), 0) == 0) + crp->crp_sid = nid; + + crp->crp_etype = EAGAIN; + crypto_done(crp); return 0; } @@ -545,8 +632,8 @@ crypto_getreq(int num) void crypto_thread(void) { - struct cryptop *crp; - struct cryptkop *krp; + struct cryptop *crp, *crpt; + struct cryptkop *krp, *krpt; int s; s = splimp(); @@ -554,7 +641,10 @@ crypto_thread(void) for (;;) { crp = crp_req_queue; krp = krp_req_queue; - if (crp == NULL && krp == NULL) { + crpt = crp_ret_queue; + krpt = krp_ret_queue; + if (crp == NULL && krp == NULL && + crpt == NULL && krpt == NULL) { (void) tsleep(&crp_req_queue, PLOCK, "crypto_wait", 0); continue; } @@ -569,6 +659,24 @@ crypto_thread(void) krp_req_queue = krp->krp_next; crypto_kinvoke(krp); } + if (crpt) { + /* Remove from the queue. */ + crp_ret_queue = crpt->crp_next; + splx(s); + crpt->crp_callback(crpt); + splimp(); + } + if (krpt) { + /* Remove from the queue. */ + krp_ret_queue = krpt->krp_next; + /* + * Cheat. For public key ops, we know that + * all that's done is a wakeup() for the + * userland process, so don't bother to + * change the processor priority. + */ + krpt->krp_callback(krpt); + } } } @@ -578,7 +686,19 @@ crypto_thread(void) void crypto_done(struct cryptop *crp) { - crp->crp_callback(crp); + int s = splimp(); + + crp->crp_next = NULL; + if (crp_ret_queue == NULL) { + crp_ret_queue = crp; + crp_ret_queue_tail = &(crp->crp_next); + splx(s); + wakeup((caddr_t) &crp_req_queue); /* Shared wait channel. */ + } else { + *crp_ret_queue_tail = crp; + crp_ret_queue_tail = &(crp->crp_next); + splx(s); + } } /* @@ -587,7 +707,19 @@ crypto_done(struct cryptop *crp) void crypto_kdone(struct cryptkop *krp) { - krp->krp_callback(krp); + int s = splimp(); + + krp->krp_next = NULL; + if (krp_ret_queue == NULL) { + krp_ret_queue = krp; + krp_ret_queue_tail = &(krp->krp_next); + splx(s); + wakeup((caddr_t) &crp_req_queue); /* Shared wait channel. */ + } else { + *krp_ret_queue_tail = krp; + krp_ret_queue_tail = &(krp->krp_next); + splx(s); + } } int diff --git a/sys/crypto/cryptodev.c b/sys/crypto/cryptodev.c index 91e4e46c77c..25386790a0a 100644 --- a/sys/crypto/cryptodev.c +++ b/sys/crypto/cryptodev.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptodev.c,v 1.54 2002/11/12 18:23:13 jason Exp $ */ +/* $OpenBSD: cryptodev.c,v 1.55 2002/11/21 19:34:25 jason Exp $ */ /* * Copyright (c) 2001 Theo de Raadt @@ -304,8 +304,9 @@ cryptodev_op(struct csession *cse, struct crypt_op *cop, struct proc *p) if (cop->len > 256*1024-4) return (E2BIG); - if (cse->txform && (cop->len % cse->txform->blocksize) != 0) + if (cse->txform && (cop->len % cse->txform->blocksize) != 0) { return (EINVAL); + } bzero(&cse->uio, sizeof(cse->uio)); cse->uio.uio_iovcnt = 1; diff --git a/sys/crypto/cryptodev.h b/sys/crypto/cryptodev.h index 8160ec2620a..0fa8a653b2f 100644 --- a/sys/crypto/cryptodev.h +++ b/sys/crypto/cryptodev.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptodev.h,v 1.34 2002/11/12 18:23:13 jason Exp $ */ +/* $OpenBSD: cryptodev.h,v 1.35 2002/11/21 19:34:25 jason Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) @@ -96,6 +96,8 @@ #define CRYPTO_NULL 16 #define CRYPTO_ALGORITHM_MAX 16 /* Keep updated - see below */ +#define CRYPTO_ALGORITHM_ALL (CRYPTO_ALGORITHM_MAX + 1) + /* Algorithm flags */ #define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */ #define CRYPTO_ALG_FLAG_RNG_ENABLE 0x02 /* Has HW RNG for DH/DSA */ @@ -216,21 +218,25 @@ struct cryptkop { /* Crypto capabilities structure */ struct cryptocap { - u_int32_t cc_sessions; + u_int64_t cc_operations; /* Counter of how many ops done */ + u_int64_t cc_bytes; /* Counter of how many bytes done */ + u_int64_t cc_koperations; /* How many PK ops done */ + + u_int32_t cc_sessions; /* How many sessions allocated */ - /* - * Largest possible operator length (in bits) for each type of - * encryption algorithm. - */ - u_int16_t cc_max_op_len[CRYPTO_ALGORITHM_MAX + 1]; + /* Symmetric/hash algorithms supported */ + int cc_alg[CRYPTO_ALGORITHM_MAX + 1]; - u_int8_t cc_alg[CRYPTO_ALGORITHM_MAX + 1]; + /* Asymmetric algorithms supported */ + int cc_kalg[CRK_ALGORITHM_MAX + 1]; - u_int8_t cc_kalg[CRK_ALGORITHM_MAX + 1]; + int cc_queued; /* Operations queued */ u_int8_t cc_flags; -#define CRYPTOCAP_F_CLEANUP 0x1 -#define CRYPTOCAP_F_SOFTWARE 0x02 +#define CRYPTOCAP_F_CLEANUP 0x01 +#define CRYPTOCAP_F_SOFTWARE 0x02 +#define CRYPTOCAP_F_ENCRYPT_MAC 0x04 /* Can do encrypt-then-MAC (IPsec) */ +#define CRYPTOCAP_F_MAC_ENCRYPT 0x08 /* Can do MAC-then-encrypt (TLS) */ int (*cc_newsession) (u_int32_t *, struct cryptoini *); int (*cc_process) (struct cryptop *); @@ -290,11 +296,10 @@ int crypto_newsession(u_int64_t *, struct cryptoini *, int); int crypto_freesession(u_int64_t); int crypto_dispatch(struct cryptop *); int crypto_kdispatch(struct cryptkop *); -int crypto_register(u_int32_t, int, u_int16_t, u_int32_t, +int crypto_register(u_int32_t, int *, int (*)(u_int32_t *, struct cryptoini *), int (*)(u_int64_t), int (*)(struct cryptop *)); -int crypto_kregister(u_int32_t, int, u_int32_t, - int (*)(struct cryptkop *)); +int crypto_kregister(u_int32_t, int *, int (*)(struct cryptkop *)); int crypto_unregister(u_int32_t, int); int32_t crypto_get_driverid(u_int8_t); void crypto_thread(void); diff --git a/sys/crypto/cryptosoft.c b/sys/crypto/cryptosoft.c index 6b50bf664c5..e42149f4df4 100644 --- a/sys/crypto/cryptosoft.c +++ b/sys/crypto/cryptosoft.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptosoft.c,v 1.36 2002/11/12 18:23:13 jason Exp $ */ +/* $OpenBSD: cryptosoft.c,v 1.37 2002/11/21 19:34:25 jason Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) @@ -920,40 +920,34 @@ done: void swcr_init(void) { - swcr_id = crypto_get_driverid(CRYPTOCAP_F_SOFTWARE); + int algs[CRYPTO_ALGORITHM_MAX + 1]; + int flags = CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_ENCRYPT_MAC | + CRYPTOCAP_F_MAC_ENCRYPT; + + swcr_id = crypto_get_driverid(flags); if (swcr_id < 0) { /* This should never happen */ panic("Software crypto device cannot initialize!"); } - crypto_register(swcr_id, CRYPTO_DES_CBC, 0, 0, swcr_newsession, + bzero(algs, sizeof(algs)); + + algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_BLF_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_CAST_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_SKIPJACK_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_RIPEMD160_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_MD5_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_SHA1_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_RIJNDAEL128_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_DEFLATE_COMP] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_NULL] = CRYPTO_ALG_FLAG_SUPPORTED; + + crypto_register(swcr_id, algs, swcr_newsession, swcr_freesession, swcr_process); - crypto_register(swcr_id, CRYPTO_3DES_CBC, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_BLF_CBC, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_CAST_CBC, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_SKIPJACK_CBC, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_MD5_HMAC, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_SHA1_HMAC, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_RIPEMD160_HMAC, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_MD5_KPDK, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_SHA1_KPDK, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_MD5, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_SHA1, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_RIJNDAEL128_CBC, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_DEFLATE_COMP, 0, 0, - NULL, NULL, NULL); - crypto_register(swcr_id, CRYPTO_NULL, 0, 0, - NULL, NULL, NULL); } diff --git a/sys/dev/pci/hifn7751.c b/sys/dev/pci/hifn7751.c index 5be93e94619..70834edf503 100644 --- a/sys/dev/pci/hifn7751.c +++ b/sys/dev/pci/hifn7751.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hifn7751.c,v 1.133 2002/11/19 18:40:17 jason Exp $ */ +/* $OpenBSD: hifn7751.c,v 1.134 2002/11/21 19:34:25 jason Exp $ */ /* * Invertex AEON / Hifn 7751 driver @@ -150,6 +150,7 @@ hifn_attach(parent, self, aux) u_int16_t ena; int rseg; caddr_t kva; + int algs[CRYPTO_ALGORITHM_MAX + 1]; sc->sc_pci_pc = pa->pa_pc; sc->sc_pci_tag = pa->pa_tag; @@ -290,26 +291,24 @@ hifn_attach(parent, self, aux) READ_REG_0(sc, HIFN_0_PUCNFG) | HIFN_PUCNFG_CHIPID); ena = READ_REG_0(sc, HIFN_0_PUSTAT) & HIFN_PUSTAT_CHIPENA; + bzero(algs, sizeof(algs)); + switch (ena) { case HIFN_PUSTAT_ENA_2: - crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0, - hifn_newsession, hifn_freesession, hifn_process); - crypto_register(sc->sc_cid, CRYPTO_ARC4, 0, 0, - hifn_newsession, hifn_freesession, hifn_process); + algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_ARC4] = CRYPTO_ALG_FLAG_SUPPORTED; /*FALLTHROUGH*/ case HIFN_PUSTAT_ENA_1: - crypto_register(sc->sc_cid, CRYPTO_MD5, 0, 0, - hifn_newsession, hifn_freesession, hifn_process); - crypto_register(sc->sc_cid, CRYPTO_SHA1, 0, 0, - hifn_newsession, hifn_freesession, hifn_process); - crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0, - hifn_newsession, hifn_freesession, hifn_process); - crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0, - hifn_newsession, hifn_freesession, hifn_process); - crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0, - hifn_newsession, hifn_freesession, hifn_process); + algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; } + crypto_register(sc->sc_cid, algs, hifn_newsession, + hifn_freesession, hifn_process); + bus_dmamap_sync(sc->sc_dmat, sc->sc_dmamap, 0, sc->sc_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); diff --git a/sys/dev/pci/lofn.c b/sys/dev/pci/lofn.c index f9df2a53e55..0e350a1e7d3 100644 --- a/sys/dev/pci/lofn.c +++ b/sys/dev/pci/lofn.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lofn.c,v 1.21 2002/09/24 18:33:26 jason Exp $ */ +/* $OpenBSD: lofn.c,v 1.22 2002/11/21 19:34:25 jason Exp $ */ /* * Copyright (c) 2001-2002 Jason L. Wright (jason@thought.net) @@ -114,6 +114,7 @@ lofn_attach(parent, self, aux) const char *intrstr = NULL; bus_size_t iosize; u_int32_t cmd; + int algs[CRK_ALGORITHM_MAX + 1]; cmd = pci_conf_read(pc, pa->pa_tag, PCI_COMMAND_STATUS_REG); cmd |= PCI_COMMAND_MEM_ENABLE; @@ -168,7 +169,10 @@ lofn_attach(parent, self, aux) return; } - crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0, lofn_kprocess); + bzero(algs, sizeof(algs)); + algs[CRK_MOD_EXP] = CRYPTO_ALG_FLAG_SUPPORTED; + + crypto_kregister(sc->sc_cid, algs, lofn_kprocess); printf(": %s\n", intrstr); diff --git a/sys/dev/pci/nofn.c b/sys/dev/pci/nofn.c index 997d6c144c1..c7717f2c1fb 100644 --- a/sys/dev/pci/nofn.c +++ b/sys/dev/pci/nofn.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nofn.c,v 1.6 2002/09/24 18:33:26 jason Exp $ */ +/* $OpenBSD: nofn.c,v 1.7 2002/11/21 19:34:25 jason Exp $ */ /* * Copyright (c) 2002 Jason L. Wright (jason@thought.net) @@ -373,6 +373,7 @@ nofn_pk_enable(sc) struct nofn_softc *sc; { u_int32_t r; + int algs[CRK_ALGORITHM_MAX + 1]; if ((sc->sc_cid = crypto_get_driverid(0)) < 0) { printf(": failed to register cid\n"); @@ -382,7 +383,9 @@ nofn_pk_enable(sc) SIMPLEQ_INIT(&sc->sc_pk_queue); sc->sc_pk_current = NULL; - crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0, nofn_pk_process); + bzero(algs, sizeof(algs)); + algs[CRK_MOD_EXP] = CRYPTO_ALG_FLAG_SUPPORTED; + crypto_kregister(sc->sc_cid, algs, nofn_pk_process); /* enable ALU */ r = PK_READ_4(sc, NOFN_PK_CFG2); diff --git a/sys/dev/pci/ubsec.c b/sys/dev/pci/ubsec.c index 187ed180ea9..aab0a78f5e7 100644 --- a/sys/dev/pci/ubsec.c +++ b/sys/dev/pci/ubsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ubsec.c,v 1.119 2002/11/19 18:40:17 jason Exp $ */ +/* $OpenBSD: ubsec.c,v 1.120 2002/11/21 19:34:25 jason Exp $ */ /* * Copyright (c) 2000 Jason L. Wright (jason@thought.net) @@ -167,6 +167,8 @@ ubsec_attach(parent, self, aux) struct ubsec_dma *dmap; bus_size_t iosize; u_int32_t cmd, i; + int algs[CRYPTO_ALGORITHM_MAX + 1]; + int kalgs[CRK_ALGORITHM_MAX + 1]; SIMPLEQ_INIT(&sc->sc_queue); SIMPLEQ_INIT(&sc->sc_qchip); @@ -273,11 +275,13 @@ ubsec_attach(parent, self, aux) SIMPLEQ_INSERT_TAIL(&sc->sc_freequeue, q, q_next); } - crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0, - ubsec_newsession, ubsec_freesession, ubsec_process); - crypto_register(sc->sc_cid, CRYPTO_DES_CBC, 0, 0, NULL, NULL, NULL); - crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0, NULL, NULL, NULL); - crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0, NULL, NULL, NULL); + bzero(algs, sizeof(algs)); + algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED; + crypto_register(sc->sc_cid, algs, ubsec_newsession, + ubsec_freesession, ubsec_process); /* * Reset Broadcom chip @@ -332,10 +336,13 @@ skip_rng: if (sc->sc_flags & UBS_FLAGS_KEY) { sc->sc_statmask |= BS_STAT_MCR2_DONE; - crypto_kregister(sc->sc_cid, CRK_MOD_EXP, 0, ubsec_kprocess); + bzero(kalgs, sizeof(kalgs)); + kalgs[CRK_MOD_EXP] = CRYPTO_ALG_FLAG_SUPPORTED; #if 0 - crypto_kregister(sc->sc_cid, CRK_MOD_EXP_CRT, 0, ubsec_kprocess); + kalgs[CRK_MOD_EXP_CRT] = CRYPTO_ALG_FLAG_SUPPORTED; #endif + + crypto_kregister(sc->sc_cid, kalgs, ubsec_kprocess); } printf("\n"); |