src - OpenBSD base system

diff options


context:
space:
mode:

author	Theo de Raadt <deraadt@cvs.openbsd.org>	2001-11-09 03:11:39 +0000
committer	Theo de Raadt <deraadt@cvs.openbsd.org>	2001-11-09 03:11:39 +0000
commit	6a9115d581e87c74d4086f45d9734a7c4f52fe7b (patch)
tree	93706ee143077c3eb77dfd0ed11d50e48f393d39 /sys
parent	33db60b6ebbdbb0db8c411f47d309a2606bf97d6 (diff)

be way more sure that software cannot be used

Diffstat (limited to 'sys')

-rw-r--r--

sys/crypto/crypto.c

-rw-r--r--

sys/crypto/cryptodev.c

-rw-r--r--

sys/crypto/cryptodev.h

-rw-r--r--

sys/crypto/cryptosoft.c

-rw-r--r--

sys/dev/pci/hifn7751.c

-rw-r--r--

sys/dev/pci/ises.c

-rw-r--r--

sys/dev/pci/ubsec.c

7 files changed, 23 insertions, 15 deletions

diff --git a/sys/crypto/crypto.c b/sys/crypto/crypto.c
index ffb8fddf3e2..4b4f5c5462f 100644
--- a/sys/crypto/crypto.c
+++ b/sys/crypto/crypto.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: crypto.c,v 1.27 2001/11/08 23:12:38 deraadt Exp $ */

+/* $OpenBSD: crypto.c,v 1.28 2001/11/09 03:11:38 deraadt Exp $ */

* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)

@@ -69,6 +69,9 @@ crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard)

(crypto_drivers[hid].cc_flags & CRYPTOCAP_F_CLEANUP))

continue;

+ if (crypto_drivers[hid].cc_sessions == 0)

+ continue;

/* Hardware requested -- ignore software drivers. */

if (hard &&

(crypto_drivers[hid].cc_flags & CRYPTOCAP_F_SOFTWARE))

@@ -154,7 +157,7 @@ crypto_freesession(u_int64_t sid)

* Find an empty slot.

int32_t

-crypto_get_driverid(void)

+crypto_get_driverid(u_int8_t flags)

{

struct cryptocap *newdrv;

int i, s = splimp();

@@ -204,6 +207,7 @@ crypto_get_driverid(void)

crypto_drivers_num * sizeof(struct cryptocap));

newdrv[i].cc_sessions = 1; /* Mark */

+ newdrv[i].cc_flags = flags;

crypto_drivers_num *= 2;

free(crypto_drivers, M_CRYPTO_DATA);

diff --git a/sys/crypto/cryptodev.c b/sys/crypto/cryptodev.c
index f7f87b42ed9..8b0c606214c 100644
--- a/sys/crypto/cryptodev.c
+++ b/sys/crypto/cryptodev.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: cryptodev.c,v 1.26 2001/11/08 23:12:38 deraadt Exp $ */

+/* $OpenBSD: cryptodev.c,v 1.27 2001/11/09 03:11:38 deraadt Exp $ */

@@ -221,8 +221,10 @@ cryptof_ioctl(fp, cmd, data, p)

MALLOC(crie.cri_key, u_int8_t *,

crie.cri_klen / 8, M_XDATA, M_WAITOK);

if ((error = copyin(sop->key, crie.cri_key,

- crie.cri_klen / 8)))

+ crie.cri_klen / 8))) {

+ error = EINVAL;

goto bail;

+ }

if (thash)

crie.cri_next = &cria;

}

@@ -238,8 +240,10 @@ cryptof_ioctl(fp, cmd, data, p)

MALLOC(cria.cri_key, u_int8_t *,

cria.cri_klen / 8, M_XDATA, M_WAITOK);

if ((error = copyin(sop->mackey, cria.cri_key,

- cria.cri_klen / 8)))

+ cria.cri_klen / 8))) {

+ error = EINVAL;

goto bail;

+ }

}

error = crypto_newsession(&sid, (txform ? &crie : &cria), 1);

diff --git a/sys/crypto/cryptodev.h b/sys/crypto/cryptodev.h
index 72f472ef1d4..62c0534783e 100644
--- a/sys/crypto/cryptodev.h
+++ b/sys/crypto/cryptodev.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: cryptodev.h,v 1.14 2001/08/28 12:20:43 ben Exp $ */

+/* $OpenBSD: cryptodev.h,v 1.15 2001/11/09 03:11:38 deraadt Exp $ */

* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)

@@ -364,7 +364,7 @@ int crypto_register(u_int32_t, int, u_int16_t, u_int32_t,

int (*)(u_int32_t *, struct cryptoini *), int (*)(u_int64_t),

int (*)(struct cryptop *));

int crypto_unregister(u_int32_t, int);

-int32_t crypto_get_driverid(void);

+int32_t crypto_get_driverid(u_int8_t);

void crypto_thread(void);

int crypto_invoke(struct cryptop *);

void crypto_done(struct cryptop *);

diff --git a/sys/crypto/cryptosoft.c b/sys/crypto/cryptosoft.c
index d6950b34321..25739aaeef4 100644
--- a/sys/crypto/cryptosoft.c
+++ b/sys/crypto/cryptosoft.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: cryptosoft.c,v 1.28 2001/08/08 15:12:09 jjbg Exp $ */

+/* $OpenBSD: cryptosoft.c,v 1.29 2001/11/09 03:11:38 deraadt Exp $ */

* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)

@@ -812,7 +812,7 @@ done:

void

swcr_init(void)

{

- swcr_id = crypto_get_driverid();

+ swcr_id = crypto_get_driverid(CRYPTOCAP_F_SOFTWARE);

if (swcr_id >= 0) {

crypto_register(swcr_id, CRYPTO_DES_CBC, 0, 0, swcr_newsession,

swcr_freesession, swcr_process);

diff --git a/sys/dev/pci/hifn7751.c b/sys/dev/pci/hifn7751.c
index ba3b46a8339..529fce095f3 100644
--- a/sys/dev/pci/hifn7751.c
+++ b/sys/dev/pci/hifn7751.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: hifn7751.c,v 1.106 2001/11/06 19:53:19 miod Exp $ */

+/* $OpenBSD: hifn7751.c,v 1.107 2001/11/09 03:11:38 deraadt Exp $ */

* Invertex AEON / Hifn 7751 driver

@@ -282,7 +282,7 @@ hifn_attach(parent, self, aux)

printf(", %d%cB %cram, %s\n", rseg, rbase,

sc->sc_drammodel ? 'd' : 's', intrstr);

- sc->sc_cid = crypto_get_driverid();

+ sc->sc_cid = crypto_get_driverid(0);

if (sc->sc_cid < 0)

goto fail_intr;

diff --git a/sys/dev/pci/ises.c b/sys/dev/pci/ises.c
index 6d3a2dc5b52..32a4f5450f1 100644
--- a/sys/dev/pci/ises.c
+++ b/sys/dev/pci/ises.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ises.c,v 1.17 2001/11/05 17:25:58 art Exp $ */

+/* $OpenBSD: ises.c,v 1.18 2001/11/09 03:11:38 deraadt Exp $ */

@@ -245,7 +245,7 @@ ises_attach(struct device *parent, struct device *self, void *aux)

bzero(&isesstats, sizeof(isesstats));

- sc->sc_cid = crypto_get_driverid();

+ sc->sc_cid = crypto_get_driverid(0);

if (sc->sc_cid < 0)

goto fail;

diff --git a/sys/dev/pci/ubsec.c b/sys/dev/pci/ubsec.c
index 7d2aa87be86..d7cdb8f2afb 100644
--- a/sys/dev/pci/ubsec.c
+++ b/sys/dev/pci/ubsec.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ubsec.c,v 1.72 2001/11/06 19:53:19 miod Exp $ */

+/* $OpenBSD: ubsec.c,v 1.73 2001/11/09 03:11:38 deraadt Exp $ */

@@ -183,7 +183,7 @@ ubsec_attach(parent, self, aux)

return;

}

- sc->sc_cid = crypto_get_driverid();

+ sc->sc_cid = crypto_get_driverid(0);

if (sc->sc_cid < 0) {

pci_intr_disestablish(pc, sc->sc_ih);

bus_space_unmap(sc->sc_st, sc->sc_sh, iosize);