Commit Graph

52 Commits

Author SHA1 Message Date
thorpej cfc81086d9 swcr -> swcrypto 2005-11-25 16:41:31 +00:00
thorpej 7bc6d90c9d - De-couple the software crypto implementation from the rest of the
framework.  There is no need to waste the space if you are only using
  algoritms provided by hardware accelerators.  To get the software
  implementations, add "pseudo-device swcr" to your kernel config.
- Lazily initialize the opencrypto framework when crypto drivers
  (either hardware or swcr) register themselves with the framework.
2005-11-25 16:16:46 +00:00
jonathan 2632a233ba No change. Forced commit to record commit message for previous revision, viz:
Fix vulnerability to a denial-of-service attack which passes a
length-0 crypto op. Check for zero length and return EINVAL, taken from:

    http://cvsweb.FreeBSD.org/src/sys/opencrypto/cryptodev.c.diff?r1=1.25&r2=1.26

Original FreeBSD log mesage:

  Modified files:
    sys/opencrypto       cryptodev.c
  Log:
  Fix bogus check. It was possible to panic the kernel by giving 0 length.
  This is actually a local DoS, as every user can use /dev/crypto if there
  is crypto hardware in the system and cryptodev.ko is loaded (or compiled
  into the kernel).

  Reported by:    Mike Tancsa <mike@sentex.net>


thanks to Sam Leffler for passing on a heads-up about this issue.
2005-08-22 23:11:47 +00:00
jonathan 867a03c37c *** empty log message *** 2005-08-22 23:06:34 +00:00
christos 8789058cbb Sprinkle const. 2005-05-29 21:23:17 +00:00
perry bcfcddbac1 nuke trailing whitespace 2005-02-26 22:31:44 +00:00
christos 31c81b28f5 Cloning cleanup:
1. make fileops const
2. add 2 new negative errno's to `officially' support the cloning hack:
    - EDUPFD (used to overload ENODEV)
    - EMOVEFD (used to overload ENXIO)
3. Created an fdclone() function to encapsulate the operations needed for
   EMOVEFD, and made all cloners use it.
4. Centralize the local noop/badop fileops functions to:
   fnullop_fcntl, fnullop_poll, fnullop_kqfilter, fbadop_stat
2004-11-30 04:25:43 +00:00
skrll f7155e40f6 There's no need to pass a proc value when using UIO_SYSSPACE with
vn_rdwr(9) and uiomove(9).

OK'd by Jason Thorpe
2004-09-17 14:11:20 +00:00
jonathan a9d00c0805 Change control knob for /dev/crypto to only allow requests which
will be hardware-accelerated. Avoids copyin()/copyout() overhead and
spending exceessive tie inside the kernel.

Pullup after: 24 hours, or confirmation by Jason Thorpe that this is the
consensus tech-kern agreed upon last summer.
2004-04-29 02:17:36 +00:00
jonathan 01c51dab61 Split opencrypto configuration into an attribute, usable by inkernel
clients, and a pseudo-device for userspace access.

The attribute is named `opencrypto'. The pseudo-device is renamed to
"crypto", which has a dependency on "opencrypto". The sys/conf/majors
entry and pseudo-device attach entrypoint are updated to match the
new pseudo-device name.

Fast IPsec (sys/netipsec/files.ipsec) now lists a dependency on the
"opencrypto" attribute.  Drivers for crypto accelerators (ubsec,
hifn775x) also pull in opencrypto, as providers of opencrypto transforms.
2003-12-31 16:44:26 +00:00
jonathan 6ec8242194 Wrap noisy pointless message about denied userspace requests with
`#ifdef CRYPTO_DEBUG', per Jason Thorpe's  suggestion.
2003-11-19 04:14:07 +00:00
jonathan 86b22c558b Fix typo. 2003-11-19 03:24:20 +00:00
jonathan 22b38bb12a Clean up userlevel access to software kernel transforms, in preparation
for using /dev/crypto for OpenSSL:

1. Add comments explaining crypto_devallowsoft, explaining the
OpenBSD-style three-way logic actully implemented in crypto_newsession().

2. Pass crypto_devallowsoft as the final argument to crypto_newsession(),
instead of a constant 0 value.

3. Set the default value of crypto_devallowsoft to 1, to allow
/dev/crypto access only for hardware-supported transforms.

Items 1-3 may be revised to match the FreeBSD two-way logic, if the
consensus is that there's no point to forcing software transforms.
But as a first step, let the description match what the code actually does.

GC unused variables usercrypto, userasmcrypto, cryptodevallowsoft from
cryptodev.c, in favour of variables crypto_usercrypto, crypto_userasmcrypto,
crypto_devallowsoft, which are used as well as defined in crypto.c.
2003-11-19 03:18:33 +00:00
jonathan a91ce15e10 Remove erroneous '2 *' from 'bzero(*sched, 2 * sizeof(rijndael_ctx));'
After using AES from sys/crypto, we only malloc sizeof(rijndael_ctx),
and we were bzero()ing past the end of the aes ctx, leading to panics.
2003-11-18 23:01:39 +00:00
tls 1f93975cf8 Move the Skipjack algorithm from sys/opencrypto to sys/crypto/skipjack.
There are now no cryptographic algorithms in sys/opencrypto, which,
according to the comment formerly in files.opencrypto, was the original
intent.
2003-11-16 12:07:50 +00:00
jonathan 2862355ab1 Remove '#ifdef notdef' around userspace ioctl() requests for
pure (non-HMAC) MD5 and SHA1.
2003-11-16 00:16:06 +00:00
scw a02e49b067 Fix a genuine uninitialised variable. 2003-11-09 11:09:11 +00:00
lha 5b649f6771 Implement nanouptime as a function to avoid 'dereferencing type-punned pointer'.
No token after #endif
2003-09-21 20:56:01 +00:00
cjep 3f3139be59 comment typo 2003-09-06 18:40:15 +00:00
thorpej c171c20800 Fix-up a few things missed in the rijndael_set_key() change. 2003-08-27 14:55:36 +00:00
itojun 725b73043b simplify rijndael.c API - always schedule encrypt/decrypt key.
reviewed by thorpej
2003-08-27 14:23:25 +00:00
thorpej 7e87fbb23b Some const poisoning. 2003-08-27 00:20:56 +00:00
thorpej 538c811bc6 Tidy up the namespace of this a little. 2003-08-27 00:12:37 +00:00
thorpej 24b18cc20a Use the Blowfish in crypto/blowfish, which has hooks for using tuned
assembly for the transform.
2003-08-27 00:05:26 +00:00
thorpej c8a0fb53df In Blowfish_initstate(), make the initstate static, otherwise the
compiler will emit code to first copy it onto the stack before
copying it into the destination context structure.  With this change,
it will only be copied once.
2003-08-26 20:20:17 +00:00
thorpej 6de9ce0437 Move the opencrypto CAST-128 implementation to crypto/cast128, removing
the old one.  Rename the functions/structures from cast_* to cast128_*.
Adapt the KAME IPsec to use the new CAST-128 code, which has a simpler
API and smaller footprint.
2003-08-26 16:37:36 +00:00
thorpej 4db0bbc2b8 Remove a bunch of unnecessary includes. 2003-08-26 15:01:38 +00:00
thorpej 4612234689 G/C extra /. 2003-08-26 14:24:35 +00:00
thorpej aa6632baa6 G/C opencrypto's local copy of rijndael. Adapt the extant rijndael
code for opencrypto's use by adding the simplified API that opencrypto
expects.
2003-08-26 14:24:05 +00:00
thorpej db3b5e3692 Remove extra /. 2003-08-26 02:54:11 +00:00
thorpej b6ff7ed864 It's bad form to use the <opencrypto/rmd160.h> header file while
using the crypto/ripemd160/rmd160.c implementation.  Remove the
opencrypto-local copies of these files entirely.
2003-08-25 04:09:57 +00:00
thorpej 7c0f1119d1 These are unused; remove them. 2003-08-25 04:09:05 +00:00
thorpej a7b80200d3 crypto_mbuf.c is unused; remove it. 2003-08-24 19:29:09 +00:00
thorpej 6c52220ed3 G/C some unused config definitions. 2003-08-24 19:28:32 +00:00
thorpej 633cb7d73e Make opencrypto depend on the "ripemd160" and "sha2" attributes, rather
than polluting the crypto algorithm config info with opencrypto knowledge.
2003-08-24 19:26:54 +00:00
thorpej 35479644a7 Move the opencrypto defpseudo into files.opencrypto. 2003-08-24 19:21:11 +00:00
itojun 714f2369d3 on netbsd, major # for /dev/crypto depends on arch 2003-08-22 05:07:26 +00:00
jonathan 6f179aea24 Pull in FreeBSD sys/opencrypto/cryptodev.h, revision 1.2.2.5 -> 1.2.2.6.
Sam Leffler's FreeBSD commit message was
  ``to eliminate context switch when returning results from the
     software crypto driver''
but the patch also contains the CRYPTO_SESID*() macros used in newer
ubsec and hifn drivers.
2003-08-21 19:44:14 +00:00
jonathan 412d30185b Pull up `done' flag for crypto operations from FreeBSD. FreeBSD deltas:
cryptodev.c: 1.4.2.3 -> 1.4.2.4
  cryptodev.h: 1.4.2.4 -> 1.4.2.5
2003-08-21 16:08:05 +00:00
itojun 79e84682bf keyed-{sha1,md5} should not be truncated to 96 bits. markus@openbsd 2003-08-01 01:47:45 +00:00
jonathan 89be07b040 Remove bogus include which snuck into previous commit (from comparison
to Quentin Garnier's suggested patch).
2003-07-31 23:47:07 +00:00
jonathan 460c06b905 Move the initialization of the crypto framework from the userland
pseudo-device to init_main(), so the framework is ready for
registration requests at autoconfiguration time.

Thanks to Quentin Garnier for confirming the change was required, and
for testing a similar fix.
2003-07-30 18:45:31 +00:00
jonathan 4ccffbe938 Add ``needs-flag'' to opencrypto/crypto.c, so that init_main() can do
a feature-test and if present, initialize the crypto framework before
configuring hardware devices, so the crypto framework is ready to accept
attachment requests when crypto hardware are auto-configured and
try to register themselves with the framework.

Thanks to Quentin Garnier who, given a heads-up about the problem,
tested the same basic fix with a hardware device.
2003-07-30 18:28:58 +00:00
jonathan b2fb48e943 Garbage-collect references to OpenBSD-only <dev/rndvar.h>. 2003-07-30 18:20:15 +00:00
lha cd8ee127f7 make the panic messages match reality 2003-07-30 17:27:23 +00:00
jonathan 33aa54035d Clean up dependencies between opencrypto framework and sys/crypto,
by making the sys/crypto transforms depend on
	(per-transform-config-keyword|opencrypto)

Thanks to  Martin Husemann for double-checking the changes.
2003-07-28 21:28:23 +00:00
jonathan a2f8a77f02 Remove vestiges of OpenBSD <sys/md5k.h> header. 2003-07-28 19:37:03 +00:00
jonathan cfb7c62413 Cleanup traces of previous standalone m_apply()/m_getptr(). 2003-07-27 03:34:39 +00:00
jonathan de6bc09ee1 Fix authentication hashes requested via /dev/crypto. The handler for
userland hashes case was partly omitted in the OpenBSD -> FreeBSD port.
2003-07-26 22:53:44 +00:00
he aa96f9d39c Don't declare the sha2.c file twice, instead add opencrypto flag to
existing declaration, and leave behind a comment in files.opencrypto.
2003-07-26 13:49:52 +00:00