summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Belopuhov <mikeb@cvs.openbsd.org>2011-02-16 10:37:46 +0000
committerMike Belopuhov <mikeb@cvs.openbsd.org>2011-02-16 10:37:46 +0000
commit675f22c6dd9f7ad586067203765348bae00d6756 (patch)
tree55fa3596f3b6a48262d8c653891db3630e13d28d
parent2f24d6f038745b7708b836a85559fc7f1887b457 (diff)
allow users to enable access to the /dev/crypto, but keep it turned off
by default, adjust comments in sysctl.conf; ok markus, tedu, djm, miod
Diffstat
-rw-r--r--etc/sysctl.conf5
-rw-r--r--sys/kern/kern_sysctl.c8
2 files changed, 4 insertions, 9 deletions
diff --git a/etc/sysctl.conf b/etc/sysctl.conf
index c3dfd4ab2d2..7086747fe2e 100644
--- a/etc/sysctl.conf
+++ b/etc/sysctl.conf
@@ -1,4 +1,4 @@
-# $OpenBSD: sysctl.conf,v 1.48 2010/11/26 12:24:14 otto Exp $
+# $OpenBSD: sysctl.conf,v 1.49 2011/02/16 10:37:45 mikeb Exp $
#
# This file contains a list of sysctl options the user wants set at
# boot time. See sysctl(3) and sysctl(8) for more information on
@@ -29,7 +29,8 @@
#vm.swapencrypt.enable=0 # 0=Do not encrypt pages that go to swap
#vfs.nfs.iothreads=4 # Number of nfsio kernel threads
#net.inet.ip.mtudisc=0 # 0=Disable tcp mtu discovery
-#kern.usercrypto=0 # 0=Disable userland use of /dev/crypto
+#kern.usercrypto=1 # 1=Enable userland use of /dev/crypto
+#kern.userasymcrypto=1 # 1=Permit userland to do asymmetric crypto
#kern.splassert=2 # 2=Enable with verbose error messages
#kern.nosuidcoredump=2 # 2=Put suid coredumps in /var/crash
#kern.watchdog.period=32 # >0=Enable hardware watchdog(4) timer if available
diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c
index 3d9e103cc8f..b28c36e7db5 100644
--- a/sys/kern/kern_sysctl.c
+++ b/sys/kern/kern_sysctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kern_sysctl.c,v 1.196 2010/12/14 20:26:44 mikeb Exp $ */
+/* $OpenBSD: kern_sysctl.c,v 1.197 2011/02/16 10:37:45 mikeb Exp $ */
/* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */
/*-
@@ -511,17 +511,11 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
#endif
#ifdef CRYPTO
case KERN_USERCRYPTO:
- if (newp && newlen)
- return (EINVAL);
return (sysctl_int(oldp, oldlenp, newp, newlen, &usercrypto));
case KERN_USERASYMCRYPTO:
- if (newp && newlen)
- return (EINVAL);
return (sysctl_int(oldp, oldlenp, newp, newlen,
&userasymcrypto));
case KERN_CRYPTODEVALLOWSOFT:
- if (newp && newlen)
- return (EINVAL);
return (sysctl_int(oldp, oldlenp, newp, newlen,
&cryptodevallowsoft));
#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 06:23:27 +0000