Commit Graph

104 Commits

Author SHA1 Message Date
cegger 9b87d582bd kill MALLOC and FREE macros. 2008-12-17 20:51:31 +00:00
darran d6a1889de6 Fix a race condition in opencrypto where the crypto request could be
completed by the crypto device, queued on the retq, but freed by the
ioctl lwp.  The problem manifests as various panics relating to the
condvar inside the request. The problem can occur whenever the crypto
device completes the request immediately and the ioctl skips the cv_wait().

The problem can be reproduced by enabling cryptosoft and running an openssl
speed test. E.g.
    sysctl -w kern.cryptodevallowsoft=-1
    openssl speed -engine cryptodev -evp des-ede3-cbc -multi 64

Add a macro for TAILQ_FOREACH_REVERSE_SAFE() to queue.h, since this
was missing and the opencrypto code removes requests from a list while
iterating with TAILQ_FOREACH_REVERSE().

Add missing cv_destroy() calls for the key request cleanup.

Reviewed by Thor Lancelot Simon.
2008-11-18 12:59:58 +00:00
degroote 8501900fa0 In crypto_freereq, destroy explicitly the condvar
ok by tls@
2008-08-03 10:18:12 +00:00
christos f4569a9440 Coverity CID 5021: Check pointers before using. 2008-05-24 16:42:00 +00:00
christos 7bf4013b89 Coverity CID 5027: Remove impossible test. 2008-05-24 16:29:34 +00:00
christos 3af4b27011 KNF, whitespace, b* -> mem*. No functional change. 2008-05-24 16:28:58 +00:00
ad 2bbb14eaa4 Back out previous. It broke the build. 2008-05-05 13:41:29 +00:00
ad b407147f14 Move zlib out of net/ and into kern/. It would probably be better to use
the reachover Makefiles and libz, but this is already here and it works.
2008-05-04 23:07:09 +00:00
ad 1498ad220e Make various bits of debug code compile again. 2008-04-30 14:07:13 +00:00
martin ce099b4099 Remove clause 3 and 4 from TNF licenses 2008-04-28 20:22:51 +00:00
tls 8b5e4b7c91 As suggested by rmind, do not check return status of KM_SLEEP/PR_WAITOK
allocations.  A little hair-raising but it does make the code easier to
read.
2008-04-21 19:05:41 +00:00
rmind 888190d519 Protect selrecord/selnotify calls with crypto_mtx; few misc changes. 2008-04-11 10:28:10 +00:00
dogcow 28e06cc882 fix 64-bit b0rkenness. 2008-04-11 06:25:35 +00:00
tls 597ee710c7 Extend crypto.4 interface:
* Asynchronous operation with result retrieval via select/poll
	* Mutliple-request submit/retrieve ioctls
	* Mutliple-session create-destroy ioctls

Revise/rewrite crypto.4 manual page.  It should now be much easier to write
new applications to this API.

Measured performance for trivial requests: 84,000 very short modular math
operations/sec, 120,000 very short md5 hashes per sec (with a hardware
accellerator of moderate performance but very low latency, whose driver
will be contributed at a later date).

Contributed to TNF by Coyote Point Systems, Inc.
2008-04-10 22:48:42 +00:00
ad a9ca7a3734 Catch up with descriptor handling changes. See kern_descrip.c revision
1.173 for details.
2008-03-21 21:54:58 +00:00
tls baa02d2a35 From Darran Hunt: you can't just specify the "wrong" underlying algorithm
with the "right" output size in the xform declaration and have the _96
HMAC variants work -- the actual algorithm machinery (hardware or software)
ignores the output-size parameter, it's just there to inform the interface
consumer.

This should fix FAST_IPSEC.
2008-02-28 09:29:10 +00:00
ad ed830de973 cryptoret: avoid a sleep/wakeup race. 2008-02-05 12:26:13 +00:00
tls 923a0df2bf The kthread is now MPSAFE. 2008-02-05 01:43:22 +00:00
tls efc90f2f7e Some locking fixes (double-release mutex in softintr wakeup case, which I
hadn't tested) and an uninitialized field in cse which Darran Hunt
found.  Some more debugging printfs.

Turn on MPSAFE for the kthread.  We're not sure it's safe for the softint
yet.  Gives a little performance kick for swcrypto with many requests on
MP systems.
2008-02-04 14:46:26 +00:00
tls e5bd2a127e Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto"
(actually splnet) and condvars instead of tsleep/wakeup.  Fix a few
miscellaneous problems and add some debugging printfs while there.

Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some
point after this code came from FreeBSD -- it made it impossible to wait
properly for a condition.

Add flags analogous to the "crp" flags to the key operation's krp struct.
Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before
the kthread had a chance to dequeue it and call its callback -- this was
letting requests stick on the queues before even though done and copied
out.

Callers of crypto_newsession() or crypto_freesession() must now take the
mutex.  Change netipsec to do so.  Dispatch takes the mutex itself as
needed.

This was tested fairly extensively with the cryptosoft backend and lightly
with a new hardware driver.  It has not been tested with FAST_IPSEC; I am
unable to ascertain whether FAST_IPSEC currently works at all in our tree.

pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the
right direction several times in the course of this.  Remaining bugs
are mine alone.
2008-02-04 00:35:34 +00:00
tls e2205fa0bb Add CRYPTO_*_HMAC_96 defines -- missed this file in previous commit. 2008-02-02 04:46:29 +00:00
tls 9b6c682b45 From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless
actually asked to.

Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
2008-02-02 02:39:00 +00:00
tls 8edf0049e7 don't allocate AES keys with M_WAITOK! 2008-02-01 19:10:31 +00:00
tls e17d3eea39 This code never worked on a released version of FreeBSD in the form it's
been in in our tree, and certainly does not work on any version of FreeBSD
now.  Run through unifdef -D__NetBSD__ -U__FreeBSD__ yielding a small
reduction of size and a dramatic improvement in readability.

No, this does not yield any meaningful decrease in patchability (unlike
mechanical changes that touch live source lines) -- try it and see.
2008-02-01 04:52:35 +00:00
tls 651160c66b Fix accidental checkin inverting the sense of cryptodev_allowsoft, which
is crazy but has always documented.
2008-01-29 20:33:44 +00:00
tls 49444bc037 Make /dev/crypto properly cloning. Leave CRIOGET in place but note that
it is deprecated, no longer required, and will be removed in a future
release of NetBSD.

Dramatically reduce the size of the session structure by removing an
IOV_MAX array of iovecs where only the first was use.  Saves an 8k
bzero on each session creation.

Convert fixed-size allocations in cryptodev.c to pools.
2008-01-26 00:04:27 +00:00
tls 9675caff5e Some minor opencrypto fixes, one with a major performance impact for
OpenSSL:

1) Fix extremely misleading text in crypto.4 manual page so it does not
   appear to claim that a new cloned file descriptor is required for every
   session.

2) Fix severe performance problem (and fd leak!) in openssl cryptodev
   engine resulting from misunderstanding probably caused by said manual
   page text.

3) Check for session-ID wraparound in kernel cryptodev provider.  Also,
   start allocating sessions at 1, not 0 -- this will be necessary when
   we add ioctls for the creation of multiple sessions at once, so we
   can tell which if any creations failed.
2008-01-25 07:09:56 +00:00
tls 632396a909 Add constants for modular arithmetic operations other than exponentiation -- there's hardware out there which can do them. 2008-01-19 08:08:20 +00:00
ad 46ed8f7d77 Use the softint API. 2007-10-08 16:18:02 +00:00
degroote a1cb9a9a85 Fix a stupid bogus bcopy -> memcpy conversion.
I will write it 1000 times : when I convert bcopy to memcpy, don't forget to
swap first and secund args.
2007-09-22 23:38:17 +00:00
ad 88ab7da936 Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes
- select()/poll() improvements
- miscellaneous MT safety improvements
2007-07-09 20:51:58 +00:00
degroote 03281f71f1 Use dynamic array instead of an static array to decompress. It lets us to
decompress any data, whatever is the radio decompressed data / compressed
data.

It fixes the last issues with fast_ipsec and ipcomp.

While here, bzero -> memset, bcopy -> memcpy, FREE -> free

Reviewed a long time ago by sam@
2007-05-21 11:35:16 +00:00
ad 59d979c5f1 Pass an ipl argument to pool_init/POOL_INIT to be used when initializing
the pool's lock.
2007-03-12 18:18:22 +00:00
christos 53524e44ef Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
daniel c339e55881 Add an opencrypto provider for the AES xcrypt instructions found on VIA
C5P and later cores (also known as 'ACE', which is part of the VIA PadLock
security engine). Ported from OpenBSD.

Reviewed on tech-crypto and port-i386, no objections to commiting this.
2007-02-17 00:28:23 +00:00
daniel 9a3687b724 crypto_init does not call crypto_init0 only once, because the marker
created with ONCE_DECL() is local. This results in reinitializing
the driver list when crypto_get_driverid() (and leaks memory). Fix
this by making the marker static.

Fixes PR/35412.

Ack freza@.
2007-01-12 12:00:27 +00:00
christos 168cd830d2 __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
christos 31a62606ea Merge kernel and userland rmd160 and sha2 implementation.
XXX: We still install rmd160.h and sha2.h in /usr/include/crypto, unlike
the other hash functions which get installed in /usr/include for compatibility.
2006-10-27 21:20:48 +00:00
mrg e76360da33 avoid yet another GCC uninitialised warning error that only comes
up with -O3.
2006-10-20 21:50:41 +00:00
christos 4d595fd7b1 - sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386
2006-10-12 01:30:41 +00:00
christos cb09e23ee7 fix incomplete initializer 2006-08-29 23:45:23 +00:00
ad f474dceb13 Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
kardel de4337ab21 merge FreeBSD timecounters from branch simonb-timecounters
- struct timeval time is gone
  time.tv_sec -> time_second
- struct timeval mono_time is gone
  mono_time.tv_sec -> time_uptime
- access to time via
	{get,}{micro,nano,bin}time()
	get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
  Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
  NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html
2006-06-07 22:33:33 +00:00
elad fc9422c9d9 integrate kauth. 2006-05-14 21:31:52 +00:00
christos 5e406be836 Coverity CID 1083: Avoid possible NULL pointer deref. 2006-04-04 17:30:20 +00:00
dsl 2d31b1673e malloc data the size the pointer points to, not the size of a pointer.
Maybe we get away with this (at least on 32bit archs) because the structure
is 24 bytes and I bet the minimum allocation size is 32.
Fixed coverty CIDs 2732 and 2733
2006-04-02 18:29:12 +00:00
christos 5a57baa413 don't use MALLOC with a non-constant size; use malloc instead. 2006-03-17 23:29:07 +00:00
christos 5403b0bea4 sprinkle DPRINTF()... 2006-03-06 00:50:44 +00:00
christos 03d1230d6c Add the 3 missing sysctl we are supposed to export. 2006-03-06 00:49:42 +00:00
yamt ec5a93183a merge yamt-uio_vmspace branch.
- use vmspace rather than proc or lwp where appropriate.
  the latter is more natural to specify an address space.
  (and less likely to be abused for random purposes.)
- fix a swdmover race.
2006-03-01 12:38:10 +00:00