1 /* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */ 2 /* $DragonFly: src/sys/opencrypto/cryptodev.c,v 1.10 2005/06/10 22:16:05 dillon Exp $ */ 3 /* $OpenBSD: cryptodev.c,v 1.52 2002/06/19 07:22:46 deraadt Exp $ */ 4 5 /* 6 * Copyright (c) 2001 Theo de Raadt 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. The name of the author may not be used to endorse or promote products 18 * derived from this software without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 21 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 22 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 23 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 24 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 25 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 29 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 * 31 * Effort sponsored in part by the Defense Advanced Research Projects 32 * Agency (DARPA) and Air Force Research Laboratory, Air Force 33 * Materiel Command, USAF, under agreement number F30602-01-2-0537. 34 * 35 */ 36 37 #include <sys/param.h> 38 #include <sys/systm.h> 39 #include <sys/malloc.h> 40 #include <sys/mbuf.h> 41 #include <sys/sysctl.h> 42 #include <sys/file.h> 43 #include <sys/filedesc.h> 44 #include <sys/errno.h> 45 #include <sys/uio.h> 46 #include <sys/random.h> 47 #include <sys/conf.h> 48 #include <sys/kernel.h> 49 #include <sys/fcntl.h> 50 #include <sys/proc.h> 51 #include <sys/file2.h> 52 #include <sys/thread2.h> 53 54 #include <opencrypto/cryptodev.h> 55 #include <opencrypto/xform.h> 56 57 struct csession { 58 TAILQ_ENTRY(csession) next; 59 u_int64_t sid; 60 u_int32_t ses; 61 62 u_int32_t cipher; 63 struct enc_xform *txform; 64 u_int32_t mac; 65 struct auth_hash *thash; 66 67 caddr_t key; 68 int keylen; 69 u_char tmp_iv[EALG_MAX_BLOCK_LEN]; 70 71 caddr_t mackey; 72 int mackeylen; 73 u_char tmp_mac[CRYPTO_MAX_MAC_LEN]; 74 75 struct iovec iovec[UIO_MAXIOV]; 76 struct uio uio; 77 int error; 78 }; 79 80 struct fcrypt { 81 TAILQ_HEAD(csessionlist, csession) csessions; 82 int sesn; 83 }; 84 85 static int cryptof_rw(struct file *fp, struct uio *uio, 86 struct ucred *cred, int flags, struct thread *); 87 static int cryptof_ioctl(struct file *, u_long, caddr_t, struct thread *); 88 static int cryptof_poll(struct file *, int, struct ucred *, struct thread *); 89 static int cryptof_kqfilter(struct file *, struct knote *); 90 static int cryptof_stat(struct file *, struct stat *, struct thread *); 91 static int cryptof_close(struct file *, struct thread *); 92 93 static struct fileops cryptofops = { 94 NULL, /* port */ 95 NULL, /* clone */ 96 cryptof_rw, 97 cryptof_rw, 98 cryptof_ioctl, 99 cryptof_poll, 100 cryptof_kqfilter, 101 cryptof_stat, 102 cryptof_close 103 }; 104 105 static struct csession *csefind(struct fcrypt *, u_int); 106 static int csedelete(struct fcrypt *, struct csession *); 107 static struct csession *cseadd(struct fcrypt *, struct csession *); 108 static struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, 109 u_int64_t, caddr_t, u_int64_t, u_int32_t, u_int32_t, struct enc_xform *, 110 struct auth_hash *); 111 static int csefree(struct csession *); 112 113 static int cryptodev_op(struct csession *, struct crypt_op *, 114 struct thread *td); 115 static int cryptodev_key(struct crypt_kop *); 116 117 static int 118 cryptof_rw( 119 struct file *fp, 120 struct uio *uio, 121 struct ucred *active_cred, 122 int flags, 123 struct thread *td) 124 { 125 126 return (EIO); 127 } 128 129 /* ARGSUSED */ 130 static int 131 cryptof_ioctl( 132 struct file *fp, 133 u_long cmd, 134 caddr_t data, 135 struct thread *td) 136 { 137 struct cryptoini cria, crie; 138 struct fcrypt *fcr = (struct fcrypt *)fp->f_data; 139 struct csession *cse; 140 struct session_op *sop; 141 struct crypt_op *cop; 142 struct enc_xform *txform = NULL; 143 struct auth_hash *thash = NULL; 144 u_int64_t sid; 145 u_int32_t ses; 146 int error = 0; 147 148 switch (cmd) { 149 case CIOCGSESSION: 150 sop = (struct session_op *)data; 151 switch (sop->cipher) { 152 case 0: 153 break; 154 case CRYPTO_DES_CBC: 155 txform = &enc_xform_des; 156 break; 157 case CRYPTO_3DES_CBC: 158 txform = &enc_xform_3des; 159 break; 160 case CRYPTO_BLF_CBC: 161 txform = &enc_xform_blf; 162 break; 163 case CRYPTO_CAST_CBC: 164 txform = &enc_xform_cast5; 165 break; 166 case CRYPTO_SKIPJACK_CBC: 167 txform = &enc_xform_skipjack; 168 break; 169 case CRYPTO_AES_CBC: 170 txform = &enc_xform_rijndael128; 171 break; 172 case CRYPTO_NULL_CBC: 173 txform = &enc_xform_null; 174 break; 175 case CRYPTO_ARC4: 176 txform = &enc_xform_arc4; 177 break; 178 default: 179 return (EINVAL); 180 } 181 182 switch (sop->mac) { 183 case 0: 184 break; 185 case CRYPTO_MD5_HMAC: 186 thash = &auth_hash_hmac_md5_96; 187 break; 188 case CRYPTO_SHA1_HMAC: 189 thash = &auth_hash_hmac_sha1_96; 190 break; 191 case CRYPTO_SHA2_HMAC: 192 if (sop->mackeylen == auth_hash_hmac_sha2_256.keysize) 193 thash = &auth_hash_hmac_sha2_256; 194 else if (sop->mackeylen == auth_hash_hmac_sha2_384.keysize) 195 thash = &auth_hash_hmac_sha2_384; 196 else if (sop->mackeylen == auth_hash_hmac_sha2_512.keysize) 197 thash = &auth_hash_hmac_sha2_512; 198 else 199 return (EINVAL); 200 break; 201 case CRYPTO_RIPEMD160_HMAC: 202 thash = &auth_hash_hmac_ripemd_160_96; 203 break; 204 #ifdef notdef 205 case CRYPTO_MD5: 206 thash = &auth_hash_md5; 207 break; 208 case CRYPTO_SHA1: 209 thash = &auth_hash_sha1; 210 break; 211 #endif 212 case CRYPTO_NULL_HMAC: 213 thash = &auth_hash_null; 214 break; 215 default: 216 return (EINVAL); 217 } 218 219 bzero(&crie, sizeof(crie)); 220 bzero(&cria, sizeof(cria)); 221 222 if (txform) { 223 crie.cri_alg = txform->type; 224 crie.cri_klen = sop->keylen * 8; 225 if (sop->keylen > txform->maxkey || 226 sop->keylen < txform->minkey) { 227 error = EINVAL; 228 goto bail; 229 } 230 231 MALLOC(crie.cri_key, u_int8_t *, 232 crie.cri_klen / 8, M_XDATA, M_WAITOK); 233 if ((error = copyin(sop->key, crie.cri_key, 234 crie.cri_klen / 8))) 235 goto bail; 236 if (thash) 237 crie.cri_next = &cria; 238 } 239 240 if (thash) { 241 cria.cri_alg = thash->type; 242 cria.cri_klen = sop->mackeylen * 8; 243 if (sop->mackeylen != thash->keysize) { 244 error = EINVAL; 245 goto bail; 246 } 247 248 if (cria.cri_klen) { 249 MALLOC(cria.cri_key, u_int8_t *, 250 cria.cri_klen / 8, M_XDATA, M_WAITOK); 251 if ((error = copyin(sop->mackey, cria.cri_key, 252 cria.cri_klen / 8))) 253 goto bail; 254 } 255 } 256 257 error = crypto_newsession(&sid, (txform ? &crie : &cria), 1); 258 if (error) 259 goto bail; 260 261 cse = csecreate(fcr, sid, crie.cri_key, crie.cri_klen, 262 cria.cri_key, cria.cri_klen, sop->cipher, sop->mac, txform, 263 thash); 264 265 if (cse == NULL) { 266 crypto_freesession(sid); 267 error = EINVAL; 268 goto bail; 269 } 270 sop->ses = cse->ses; 271 272 bail: 273 if (error) { 274 if (crie.cri_key) 275 FREE(crie.cri_key, M_XDATA); 276 if (cria.cri_key) 277 FREE(cria.cri_key, M_XDATA); 278 } 279 break; 280 case CIOCFSESSION: 281 ses = *(u_int32_t *)data; 282 cse = csefind(fcr, ses); 283 if (cse == NULL) 284 return (EINVAL); 285 csedelete(fcr, cse); 286 error = csefree(cse); 287 break; 288 case CIOCCRYPT: 289 cop = (struct crypt_op *)data; 290 cse = csefind(fcr, cop->ses); 291 if (cse == NULL) 292 return (EINVAL); 293 error = cryptodev_op(cse, cop, td); 294 break; 295 case CIOCKEY: 296 error = cryptodev_key((struct crypt_kop *)data); 297 break; 298 case CIOCASYMFEAT: 299 error = crypto_getfeat((int *)data); 300 break; 301 default: 302 error = EINVAL; 303 } 304 return (error); 305 } 306 307 static int cryptodev_cb(void *); 308 309 310 static int 311 cryptodev_op( 312 struct csession *cse, 313 struct crypt_op *cop, 314 struct thread *td) 315 { 316 struct cryptop *crp = NULL; 317 struct cryptodesc *crde = NULL, *crda = NULL; 318 int i, error; 319 320 if (cop->len > 256*1024-4) 321 return (E2BIG); 322 323 if (cse->txform && (cop->len % cse->txform->blocksize) != 0) 324 return (EINVAL); 325 326 bzero(&cse->uio, sizeof(cse->uio)); 327 cse->uio.uio_iovcnt = 1; 328 cse->uio.uio_resid = 0; 329 cse->uio.uio_segflg = UIO_SYSSPACE; 330 cse->uio.uio_rw = UIO_WRITE; 331 cse->uio.uio_td = td; 332 cse->uio.uio_iov = cse->iovec; 333 bzero(&cse->iovec, sizeof(cse->iovec)); 334 cse->uio.uio_iov[0].iov_len = cop->len; 335 cse->uio.uio_iov[0].iov_base = malloc(cop->len, M_XDATA, M_WAITOK); 336 for (i = 0; i < cse->uio.uio_iovcnt; i++) 337 cse->uio.uio_resid += cse->uio.uio_iov[0].iov_len; 338 339 crp = crypto_getreq((cse->txform != NULL) + (cse->thash != NULL)); 340 if (crp == NULL) { 341 error = ENOMEM; 342 goto bail; 343 } 344 345 if (cse->thash) { 346 crda = crp->crp_desc; 347 if (cse->txform) 348 crde = crda->crd_next; 349 } else { 350 if (cse->txform) 351 crde = crp->crp_desc; 352 else { 353 error = EINVAL; 354 goto bail; 355 } 356 } 357 358 if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base, cop->len))) 359 goto bail; 360 361 if (crda) { 362 crda->crd_skip = 0; 363 crda->crd_len = cop->len; 364 crda->crd_inject = 0; /* ??? */ 365 366 crda->crd_alg = cse->mac; 367 crda->crd_key = cse->mackey; 368 crda->crd_klen = cse->mackeylen * 8; 369 } 370 371 if (crde) { 372 if (cop->op == COP_ENCRYPT) 373 crde->crd_flags |= CRD_F_ENCRYPT; 374 else 375 crde->crd_flags &= ~CRD_F_ENCRYPT; 376 crde->crd_len = cop->len; 377 crde->crd_inject = 0; 378 379 crde->crd_alg = cse->cipher; 380 crde->crd_key = cse->key; 381 crde->crd_klen = cse->keylen * 8; 382 } 383 384 crp->crp_ilen = cop->len; 385 crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIMM 386 | (cop->flags & COP_F_BATCH); 387 crp->crp_buf = (caddr_t)&cse->uio; 388 crp->crp_callback = (int (*) (struct cryptop *)) cryptodev_cb; 389 crp->crp_sid = cse->sid; 390 crp->crp_opaque = (void *)cse; 391 392 if (cop->iv) { 393 if (crde == NULL) { 394 error = EINVAL; 395 goto bail; 396 } 397 if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */ 398 error = EINVAL; 399 goto bail; 400 } 401 if ((error = copyin(cop->iv, cse->tmp_iv, cse->txform->blocksize))) 402 goto bail; 403 bcopy(cse->tmp_iv, crde->crd_iv, cse->txform->blocksize); 404 crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT; 405 crde->crd_skip = 0; 406 } else if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */ 407 crde->crd_skip = 0; 408 } else if (crde) { 409 crde->crd_flags |= CRD_F_IV_PRESENT; 410 crde->crd_skip = cse->txform->blocksize; 411 crde->crd_len -= cse->txform->blocksize; 412 } 413 414 if (cop->mac) { 415 if (crda == NULL) { 416 error = EINVAL; 417 goto bail; 418 } 419 crp->crp_mac=cse->tmp_mac; 420 } 421 422 crit_enter(); 423 error = crypto_dispatch(crp); 424 if (error == 0 && (crp->crp_flags & CRYPTO_F_DONE) == 0) 425 error = tsleep(crp, 0, "crydev", 0); 426 crit_exit(); 427 if (error) 428 goto bail; 429 430 if (crp->crp_etype != 0) { 431 error = crp->crp_etype; 432 goto bail; 433 } 434 435 if (cse->error) { 436 error = cse->error; 437 goto bail; 438 } 439 440 if (cop->dst && 441 (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, cop->len))) 442 goto bail; 443 444 if (cop->mac && 445 (error = copyout(crp->crp_mac, cop->mac, cse->thash->authsize))) 446 goto bail; 447 448 bail: 449 if (crp) 450 crypto_freereq(crp); 451 if (cse->uio.uio_iov[0].iov_base) 452 free(cse->uio.uio_iov[0].iov_base, M_XDATA); 453 454 return (error); 455 } 456 457 static int 458 cryptodev_cb(void *op) 459 { 460 struct cryptop *crp = (struct cryptop *) op; 461 struct csession *cse = (struct csession *)crp->crp_opaque; 462 463 cse->error = crp->crp_etype; 464 if (crp->crp_etype == EAGAIN) 465 return crypto_dispatch(crp); 466 wakeup_one(crp); 467 return (0); 468 } 469 470 static int 471 cryptodevkey_cb(void *op) 472 { 473 struct cryptkop *krp = (struct cryptkop *) op; 474 475 wakeup_one(krp); 476 return (0); 477 } 478 479 static int 480 cryptodev_key(struct crypt_kop *kop) 481 { 482 struct cryptkop *krp = NULL; 483 int error = EINVAL; 484 int in, out, size, i; 485 486 if (kop->crk_iparams + kop->crk_oparams > CRK_MAXPARAM) { 487 return (EFBIG); 488 } 489 490 in = kop->crk_iparams; 491 out = kop->crk_oparams; 492 switch (kop->crk_op) { 493 case CRK_MOD_EXP: 494 if (in == 3 && out == 1) 495 break; 496 return (EINVAL); 497 case CRK_MOD_EXP_CRT: 498 if (in == 6 && out == 1) 499 break; 500 return (EINVAL); 501 case CRK_DSA_SIGN: 502 if (in == 5 && out == 2) 503 break; 504 return (EINVAL); 505 case CRK_DSA_VERIFY: 506 if (in == 7 && out == 0) 507 break; 508 return (EINVAL); 509 case CRK_DH_COMPUTE_KEY: 510 if (in == 3 && out == 1) 511 break; 512 return (EINVAL); 513 default: 514 return (EINVAL); 515 } 516 517 krp = (struct cryptkop *)malloc(sizeof *krp, M_XDATA, M_WAITOK); 518 if (!krp) 519 return (ENOMEM); 520 bzero(krp, sizeof *krp); 521 krp->krp_op = kop->crk_op; 522 krp->krp_status = kop->crk_status; 523 krp->krp_iparams = kop->crk_iparams; 524 krp->krp_oparams = kop->crk_oparams; 525 krp->krp_status = 0; 526 krp->krp_callback = (int (*) (struct cryptkop *)) cryptodevkey_cb; 527 528 for (i = 0; i < CRK_MAXPARAM; i++) 529 krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits; 530 for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) { 531 size = (krp->krp_param[i].crp_nbits + 7) / 8; 532 if (size == 0) 533 continue; 534 MALLOC(krp->krp_param[i].crp_p, caddr_t, size, M_XDATA, M_WAITOK); 535 if (i >= krp->krp_iparams) 536 continue; 537 error = copyin(kop->crk_param[i].crp_p, krp->krp_param[i].crp_p, size); 538 if (error) 539 goto fail; 540 } 541 542 error = crypto_kdispatch(krp); 543 if (error == 0) 544 error = tsleep(krp, 0, "crydev", 0); 545 if (error) 546 goto fail; 547 548 if (krp->krp_status != 0) { 549 error = krp->krp_status; 550 goto fail; 551 } 552 553 for (i = krp->krp_iparams; i < krp->krp_iparams + krp->krp_oparams; i++) { 554 size = (krp->krp_param[i].crp_nbits + 7) / 8; 555 if (size == 0) 556 continue; 557 error = copyout(krp->krp_param[i].crp_p, kop->crk_param[i].crp_p, size); 558 if (error) 559 goto fail; 560 } 561 562 fail: 563 if (krp) { 564 kop->crk_status = krp->krp_status; 565 for (i = 0; i < CRK_MAXPARAM; i++) { 566 if (krp->krp_param[i].crp_p) 567 FREE(krp->krp_param[i].crp_p, M_XDATA); 568 } 569 free(krp, M_XDATA); 570 } 571 return (error); 572 } 573 574 /* ARGSUSED */ 575 static int 576 cryptof_poll( 577 struct file *fp, 578 int events, 579 struct ucred *active_cred, 580 struct thread *td) 581 { 582 583 return (0); 584 } 585 586 /* ARGSUSED */ 587 static int 588 cryptof_kqfilter(struct file *fp, struct knote *kn) 589 { 590 591 return (0); 592 } 593 594 /* ARGSUSED */ 595 static int 596 cryptof_stat( 597 struct file *fp, 598 struct stat *sb, 599 struct thread *td) 600 { 601 602 return (EOPNOTSUPP); 603 } 604 605 /* ARGSUSED */ 606 static int 607 cryptof_close(struct file *fp, struct thread *td) 608 { 609 struct fcrypt *fcr = (struct fcrypt *)fp->f_data; 610 struct csession *cse; 611 612 while ((cse = TAILQ_FIRST(&fcr->csessions))) { 613 TAILQ_REMOVE(&fcr->csessions, cse, next); 614 (void)csefree(cse); 615 } 616 FREE(fcr, M_XDATA); 617 fp->f_data = NULL; 618 return 0; 619 } 620 621 static struct csession * 622 csefind(struct fcrypt *fcr, u_int ses) 623 { 624 struct csession *cse; 625 626 TAILQ_FOREACH(cse, &fcr->csessions, next) 627 if (cse->ses == ses) 628 return (cse); 629 return (NULL); 630 } 631 632 static int 633 csedelete(struct fcrypt *fcr, struct csession *cse_del) 634 { 635 struct csession *cse; 636 637 TAILQ_FOREACH(cse, &fcr->csessions, next) { 638 if (cse == cse_del) { 639 TAILQ_REMOVE(&fcr->csessions, cse, next); 640 return (1); 641 } 642 } 643 return (0); 644 } 645 646 static struct csession * 647 cseadd(struct fcrypt *fcr, struct csession *cse) 648 { 649 TAILQ_INSERT_TAIL(&fcr->csessions, cse, next); 650 cse->ses = fcr->sesn++; 651 return (cse); 652 } 653 654 struct csession * 655 csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen, 656 caddr_t mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac, 657 struct enc_xform *txform, struct auth_hash *thash) 658 { 659 struct csession *cse; 660 661 MALLOC(cse, struct csession *, sizeof(struct csession), 662 M_XDATA, M_NOWAIT); 663 if (cse == NULL) 664 return NULL; 665 cse->key = key; 666 cse->keylen = keylen/8; 667 cse->mackey = mackey; 668 cse->mackeylen = mackeylen/8; 669 cse->sid = sid; 670 cse->cipher = cipher; 671 cse->mac = mac; 672 cse->txform = txform; 673 cse->thash = thash; 674 cseadd(fcr, cse); 675 return (cse); 676 } 677 678 static int 679 csefree(struct csession *cse) 680 { 681 int error; 682 683 error = crypto_freesession(cse->sid); 684 if (cse->key) 685 FREE(cse->key, M_XDATA); 686 if (cse->mackey) 687 FREE(cse->mackey, M_XDATA); 688 FREE(cse, M_XDATA); 689 return (error); 690 } 691 692 static int 693 cryptoopen(dev_t dev, int oflags, int devtype, struct thread *td) 694 { 695 if (crypto_usercrypto == 0) 696 return (ENXIO); 697 return (0); 698 } 699 700 static int 701 cryptoread(dev_t dev, struct uio *uio, int ioflag) 702 { 703 return (EIO); 704 } 705 706 static int 707 cryptowrite(dev_t dev, struct uio *uio, int ioflag) 708 { 709 return (EIO); 710 } 711 712 static int 713 cryptoioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct thread *td) 714 { 715 struct file *f; 716 struct fcrypt *fcr; 717 int fd, error; 718 switch (cmd) { 719 case CRIOGET: 720 MALLOC(fcr, struct fcrypt *, 721 sizeof(struct fcrypt), M_XDATA, M_WAITOK); 722 TAILQ_INIT(&fcr->csessions); 723 fcr->sesn = 0; 724 725 KKASSERT(td->td_proc); 726 error = falloc(td->td_proc, &f, &fd); 727 728 if (error) { 729 FREE(fcr, M_XDATA); 730 return (error); 731 } 732 f->f_flag = FREAD | FWRITE; 733 f->f_type = DTYPE_CRYPTO; 734 f->f_ops = &cryptofops; 735 f->f_data = (caddr_t) fcr; 736 *(u_int32_t *)data = fd; 737 fdrop(f, td); 738 break; 739 default: 740 error = EINVAL; 741 break; 742 } 743 return (error); 744 } 745 746 #define CRYPTO_MAJOR 70 /* from openbsd */ 747 static struct cdevsw crypto_cdevsw = { 748 /* dev name */ "crypto", 749 /* dev major */ CRYPTO_MAJOR, 750 /* flags */ 0, 751 /* port */ NULL, 752 /* clone */ NULL, 753 754 /* open */ cryptoopen, 755 /* close */ nullclose, 756 /* read */ cryptoread, 757 /* write */ cryptowrite, 758 /* ioctl */ cryptoioctl, 759 /* poll */ nopoll, 760 /* mmap */ nommap, 761 /* strategy */ nostrategy, 762 /* dump */ nodump, 763 /* psize */ nopsize, 764 /* kqfilter */ NULL 765 }; 766 767 /* 768 * Initialization code, both for static and dynamic loading. 769 */ 770 static int 771 cryptodev_modevent(module_t mod, int type, void *unused) 772 { 773 switch (type) { 774 case MOD_LOAD: 775 if (bootverbose) 776 printf("crypto: <crypto device>\n"); 777 cdevsw_add(&crypto_cdevsw, 0, 0); 778 make_dev(&crypto_cdevsw, 0, UID_ROOT, GID_WHEEL, 779 0666, "crypto"); 780 return 0; 781 case MOD_UNLOAD: 782 /*XXX disallow if active sessions */ 783 cdevsw_remove(&crypto_cdevsw, 0, 0); 784 return 0; 785 } 786 return EINVAL; 787 } 788 789 static moduledata_t cryptodev_mod = { 790 "cryptodev", 791 cryptodev_modevent, 792 0 793 }; 794 MODULE_VERSION(cryptodev, 1); 795 DECLARE_MODULE(cryptodev, cryptodev_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 796 #if 0 797 MODULE_DEPEND(cryptodev, crypto, 1, 1, 1); 798 #endif 799