1 /* $NetBSD: cryptodev.c,v 1.12 2004/11/30 04:25:44 christos Exp $ */ 2 /* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */ 3 /* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */ 4 5 /* 6 * Copyright (c) 2001 Theo de Raadt 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. The name of the author may not be used to endorse or promote products 18 * derived from this software without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 21 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 22 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 23 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 24 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 25 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 29 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 * 31 * Effort sponsored in part by the Defense Advanced Research Projects 32 * Agency (DARPA) and Air Force Research Laboratory, Air Force 33 * Materiel Command, USAF, under agreement number F30602-01-2-0537. 34 * 35 */ 36 37 #include <sys/cdefs.h> 38 __KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.12 2004/11/30 04:25:44 christos Exp $"); 39 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/malloc.h> 43 #include <sys/mbuf.h> 44 #include <sys/sysctl.h> 45 #include <sys/file.h> 46 #include <sys/filedesc.h> 47 #include <sys/errno.h> 48 #include <sys/md5.h> 49 #include <sys/sha1.h> 50 #include <sys/conf.h> 51 #include <sys/device.h> 52 53 #include <opencrypto/cryptodev.h> 54 #include <opencrypto/xform.h> 55 56 #ifdef __NetBSD__ 57 #define splcrypto splnet 58 #endif 59 60 struct csession { 61 TAILQ_ENTRY(csession) next; 62 u_int64_t sid; 63 u_int32_t ses; 64 65 u_int32_t cipher; 66 struct enc_xform *txform; 67 u_int32_t mac; 68 struct auth_hash *thash; 69 70 caddr_t key; 71 int keylen; 72 u_char tmp_iv[EALG_MAX_BLOCK_LEN]; 73 74 caddr_t mackey; 75 int mackeylen; 76 u_char tmp_mac[CRYPTO_MAX_MAC_LEN]; 77 78 struct iovec iovec[IOV_MAX]; 79 struct uio uio; 80 int error; 81 }; 82 83 struct fcrypt { 84 TAILQ_HEAD(csessionlist, csession) csessions; 85 int sesn; 86 }; 87 88 89 /* Declaration of master device (fd-cloning/ctxt-allocating) entrypoints */ 90 static int cryptoopen(dev_t dev, int flag, int mode, struct proc *p); 91 static int cryptoread(dev_t dev, struct uio *uio, int ioflag); 92 static int cryptowrite(dev_t dev, struct uio *uio, int ioflag); 93 static int cryptoioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p); 94 static int cryptoselect(dev_t dev, int rw, struct proc *p); 95 96 /* Declaration of cloned-device (per-ctxt) entrypoints */ 97 static int cryptof_read(struct file *, off_t *, struct uio *, struct ucred *, int); 98 static int cryptof_write(struct file *, off_t *, struct uio *, struct ucred *, int); 99 static int cryptof_ioctl(struct file *, u_long, void*, struct proc *p); 100 static int cryptof_close(struct file *, struct proc *); 101 102 static const struct fileops cryptofops = { 103 cryptof_read, 104 cryptof_write, 105 cryptof_ioctl, 106 fnullop_fcntl, 107 fnullop_poll, 108 fbadop_stat, 109 cryptof_close, 110 fnullop_kqfilter 111 }; 112 113 static struct csession *csefind(struct fcrypt *, u_int); 114 static int csedelete(struct fcrypt *, struct csession *); 115 static struct csession *cseadd(struct fcrypt *, struct csession *); 116 static struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, u_int64_t, 117 caddr_t, u_int64_t, u_int32_t, u_int32_t, struct enc_xform *, 118 struct auth_hash *); 119 static int csefree(struct csession *); 120 121 static int cryptodev_op(struct csession *, struct crypt_op *, struct proc *); 122 static int cryptodev_key(struct crypt_kop *); 123 int cryptodev_dokey(struct crypt_kop *kop, struct crparam kvp[]); 124 125 static int cryptodev_cb(void *); 126 static int cryptodevkey_cb(void *); 127 128 /* 129 * sysctl-able control variables for /dev/crypto now defined in crypto.c: 130 * crypto_usercrypto, crypto_userasmcrypto, crypto_devallowsoft. 131 */ 132 133 /* ARGSUSED */ 134 int 135 cryptof_read(struct file *fp, off_t *poff, struct uio *uio, 136 struct ucred *cred, int flags) 137 { 138 return (EIO); 139 } 140 141 /* ARGSUSED */ 142 int 143 cryptof_write(struct file *fp, off_t *poff, struct uio *uio, 144 struct ucred *cred, int flags) 145 { 146 return (EIO); 147 } 148 149 /* ARGSUSED */ 150 int 151 cryptof_ioctl(struct file *fp, u_long cmd, void* data, struct proc *p) 152 { 153 struct cryptoini cria, crie; 154 struct fcrypt *fcr = (struct fcrypt *)fp->f_data; 155 struct csession *cse; 156 struct session_op *sop; 157 struct crypt_op *cop; 158 struct enc_xform *txform = NULL; 159 struct auth_hash *thash = NULL; 160 u_int64_t sid; 161 u_int32_t ses; 162 int error = 0; 163 164 switch (cmd) { 165 case CIOCGSESSION: 166 sop = (struct session_op *)data; 167 switch (sop->cipher) { 168 case 0: 169 break; 170 case CRYPTO_DES_CBC: 171 txform = &enc_xform_des; 172 break; 173 case CRYPTO_3DES_CBC: 174 txform = &enc_xform_3des; 175 break; 176 case CRYPTO_BLF_CBC: 177 txform = &enc_xform_blf; 178 break; 179 case CRYPTO_CAST_CBC: 180 txform = &enc_xform_cast5; 181 break; 182 case CRYPTO_SKIPJACK_CBC: 183 txform = &enc_xform_skipjack; 184 break; 185 case CRYPTO_AES_CBC: 186 txform = &enc_xform_rijndael128; 187 break; 188 case CRYPTO_NULL_CBC: 189 txform = &enc_xform_null; 190 break; 191 case CRYPTO_ARC4: 192 txform = &enc_xform_arc4; 193 break; 194 default: 195 return (EINVAL); 196 } 197 198 switch (sop->mac) { 199 case 0: 200 break; 201 case CRYPTO_MD5_HMAC: 202 thash = &auth_hash_hmac_md5_96; 203 break; 204 case CRYPTO_SHA1_HMAC: 205 thash = &auth_hash_hmac_sha1_96; 206 break; 207 case CRYPTO_SHA2_HMAC: 208 if (sop->mackeylen == auth_hash_hmac_sha2_256.keysize) 209 thash = &auth_hash_hmac_sha2_256; 210 else if (sop->mackeylen == auth_hash_hmac_sha2_384.keysize) 211 thash = &auth_hash_hmac_sha2_384; 212 else if (sop->mackeylen == auth_hash_hmac_sha2_512.keysize) 213 thash = &auth_hash_hmac_sha2_512; 214 else 215 return (EINVAL); 216 break; 217 case CRYPTO_RIPEMD160_HMAC: 218 thash = &auth_hash_hmac_ripemd_160_96; 219 break; 220 case CRYPTO_MD5: 221 thash = &auth_hash_md5; 222 break; 223 case CRYPTO_SHA1: 224 thash = &auth_hash_sha1; 225 break; 226 case CRYPTO_NULL_HMAC: 227 thash = &auth_hash_null; 228 break; 229 default: 230 return (EINVAL); 231 } 232 233 bzero(&crie, sizeof(crie)); 234 bzero(&cria, sizeof(cria)); 235 236 if (txform) { 237 crie.cri_alg = txform->type; 238 crie.cri_klen = sop->keylen * 8; 239 if (sop->keylen > txform->maxkey || 240 sop->keylen < txform->minkey) { 241 error = EINVAL; 242 goto bail; 243 } 244 245 MALLOC(crie.cri_key, u_int8_t *, 246 crie.cri_klen / 8, M_XDATA, M_WAITOK); 247 if ((error = copyin(sop->key, crie.cri_key, 248 crie.cri_klen / 8))) 249 goto bail; 250 if (thash) 251 crie.cri_next = &cria; 252 } 253 254 if (thash) { 255 cria.cri_alg = thash->type; 256 cria.cri_klen = sop->mackeylen * 8; 257 if (sop->mackeylen != thash->keysize) { 258 error = EINVAL; 259 goto bail; 260 } 261 262 if (cria.cri_klen) { 263 MALLOC(cria.cri_key, u_int8_t *, 264 cria.cri_klen / 8, M_XDATA, M_WAITOK); 265 if ((error = copyin(sop->mackey, cria.cri_key, 266 cria.cri_klen / 8))) 267 goto bail; 268 } 269 } 270 271 error = crypto_newsession(&sid, (txform ? &crie : &cria), 272 crypto_devallowsoft); 273 if (error) { 274 #ifdef CRYPTO_DEBUG 275 printf("SIOCSESSION violates kernel parameters\n"); 276 #endif 277 goto bail; 278 } 279 280 cse = csecreate(fcr, sid, crie.cri_key, crie.cri_klen, 281 cria.cri_key, cria.cri_klen, sop->cipher, sop->mac, txform, 282 thash); 283 284 if (cse == NULL) { 285 crypto_freesession(sid); 286 error = EINVAL; 287 goto bail; 288 } 289 sop->ses = cse->ses; 290 291 bail: 292 if (error) { 293 if (crie.cri_key) 294 FREE(crie.cri_key, M_XDATA); 295 if (cria.cri_key) 296 FREE(cria.cri_key, M_XDATA); 297 } 298 break; 299 case CIOCFSESSION: 300 ses = *(u_int32_t *)data; 301 cse = csefind(fcr, ses); 302 if (cse == NULL) 303 return (EINVAL); 304 csedelete(fcr, cse); 305 error = csefree(cse); 306 break; 307 case CIOCCRYPT: 308 cop = (struct crypt_op *)data; 309 cse = csefind(fcr, cop->ses); 310 if (cse == NULL) 311 return (EINVAL); 312 error = cryptodev_op(cse, cop, p); 313 break; 314 case CIOCKEY: 315 error = cryptodev_key((struct crypt_kop *)data); 316 break; 317 case CIOCASYMFEAT: 318 error = crypto_getfeat((int *)data); 319 break; 320 default: 321 error = EINVAL; 322 } 323 return (error); 324 } 325 326 static int 327 cryptodev_op(struct csession *cse, struct crypt_op *cop, struct proc *p) 328 { 329 struct cryptop *crp = NULL; 330 struct cryptodesc *crde = NULL, *crda = NULL; 331 int i, error, s; 332 333 if (cop->len > 256*1024-4) 334 return (E2BIG); 335 336 if (cse->txform && (cop->len % cse->txform->blocksize) != 0) 337 return (EINVAL); 338 339 bzero(&cse->uio, sizeof(cse->uio)); 340 cse->uio.uio_iovcnt = 1; 341 cse->uio.uio_resid = 0; 342 cse->uio.uio_segflg = UIO_SYSSPACE; 343 cse->uio.uio_rw = UIO_WRITE; 344 cse->uio.uio_procp = NULL; 345 cse->uio.uio_iov = cse->iovec; 346 bzero(&cse->iovec, sizeof(cse->iovec)); 347 cse->uio.uio_iov[0].iov_len = cop->len; 348 cse->uio.uio_iov[0].iov_base = malloc(cop->len, M_XDATA, M_WAITOK); 349 for (i = 0; i < cse->uio.uio_iovcnt; i++) 350 cse->uio.uio_resid += cse->uio.uio_iov[0].iov_len; 351 352 crp = crypto_getreq((cse->txform != NULL) + (cse->thash != NULL)); 353 if (crp == NULL) { 354 error = ENOMEM; 355 goto bail; 356 } 357 358 if (cse->thash) { 359 crda = crp->crp_desc; 360 if (cse->txform) 361 crde = crda->crd_next; 362 } else { 363 if (cse->txform) 364 crde = crp->crp_desc; 365 else { 366 error = EINVAL; 367 goto bail; 368 } 369 } 370 371 if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base, cop->len))) 372 goto bail; 373 374 if (crda) { 375 crda->crd_skip = 0; 376 crda->crd_len = cop->len; 377 crda->crd_inject = 0; /* ??? */ 378 379 crda->crd_alg = cse->mac; 380 crda->crd_key = cse->mackey; 381 crda->crd_klen = cse->mackeylen * 8; 382 } 383 384 if (crde) { 385 if (cop->op == COP_ENCRYPT) 386 crde->crd_flags |= CRD_F_ENCRYPT; 387 else 388 crde->crd_flags &= ~CRD_F_ENCRYPT; 389 crde->crd_len = cop->len; 390 crde->crd_inject = 0; 391 392 crde->crd_alg = cse->cipher; 393 crde->crd_key = cse->key; 394 crde->crd_klen = cse->keylen * 8; 395 } 396 397 crp->crp_ilen = cop->len; 398 crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIMM 399 | (cop->flags & COP_F_BATCH); 400 crp->crp_buf = (caddr_t)&cse->uio; 401 crp->crp_callback = (int (*) (struct cryptop *)) cryptodev_cb; 402 crp->crp_sid = cse->sid; 403 crp->crp_opaque = (void *)cse; 404 405 if (cop->iv) { 406 if (crde == NULL) { 407 error = EINVAL; 408 goto bail; 409 } 410 if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */ 411 error = EINVAL; 412 goto bail; 413 } 414 if ((error = copyin(cop->iv, cse->tmp_iv, cse->txform->blocksize))) 415 goto bail; 416 bcopy(cse->tmp_iv, crde->crd_iv, cse->txform->blocksize); 417 crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT; 418 crde->crd_skip = 0; 419 } else if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */ 420 crde->crd_skip = 0; 421 } else if (crde) { 422 crde->crd_flags |= CRD_F_IV_PRESENT; 423 crde->crd_skip = cse->txform->blocksize; 424 crde->crd_len -= cse->txform->blocksize; 425 } 426 427 if (cop->mac) { 428 if (crda == NULL) { 429 error = EINVAL; 430 goto bail; 431 } 432 crp->crp_mac=cse->tmp_mac; 433 } 434 435 s = splcrypto(); /* NB: only needed with CRYPTO_F_CBIMM */ 436 error = crypto_dispatch(crp); 437 if (error == 0 && (crp->crp_flags & CRYPTO_F_DONE) == 0) 438 error = tsleep(crp, PSOCK, "crydev", 0); 439 splx(s); 440 if (error) { 441 goto bail; 442 } 443 444 if (crp->crp_etype != 0) { 445 error = crp->crp_etype; 446 goto bail; 447 } 448 449 if (cse->error) { 450 error = cse->error; 451 goto bail; 452 } 453 454 if (cop->dst && 455 (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, cop->len))) 456 goto bail; 457 458 if (cop->mac && 459 (error = copyout(crp->crp_mac, cop->mac, cse->thash->authsize))) 460 goto bail; 461 462 bail: 463 if (crp) 464 crypto_freereq(crp); 465 if (cse->uio.uio_iov[0].iov_base) 466 free(cse->uio.uio_iov[0].iov_base, M_XDATA); 467 468 return (error); 469 } 470 471 static int 472 cryptodev_cb(void *op) 473 { 474 struct cryptop *crp = (struct cryptop *) op; 475 struct csession *cse = (struct csession *)crp->crp_opaque; 476 477 cse->error = crp->crp_etype; 478 if (crp->crp_etype == EAGAIN) 479 return crypto_dispatch(crp); 480 wakeup_one(crp); 481 return (0); 482 } 483 484 static int 485 cryptodevkey_cb(void *op) 486 { 487 struct cryptkop *krp = (struct cryptkop *) op; 488 489 wakeup_one(krp); 490 return (0); 491 } 492 493 static int 494 cryptodev_key(struct crypt_kop *kop) 495 { 496 struct cryptkop *krp = NULL; 497 int error = EINVAL; 498 int in, out, size, i; 499 500 if (kop->crk_iparams + kop->crk_oparams > CRK_MAXPARAM) { 501 return (EFBIG); 502 } 503 504 in = kop->crk_iparams; 505 out = kop->crk_oparams; 506 switch (kop->crk_op) { 507 case CRK_MOD_EXP: 508 if (in == 3 && out == 1) 509 break; 510 return (EINVAL); 511 case CRK_MOD_EXP_CRT: 512 if (in == 6 && out == 1) 513 break; 514 return (EINVAL); 515 case CRK_DSA_SIGN: 516 if (in == 5 && out == 2) 517 break; 518 return (EINVAL); 519 case CRK_DSA_VERIFY: 520 if (in == 7 && out == 0) 521 break; 522 return (EINVAL); 523 case CRK_DH_COMPUTE_KEY: 524 if (in == 3 && out == 1) 525 break; 526 return (EINVAL); 527 default: 528 return (EINVAL); 529 } 530 531 krp = (struct cryptkop *)malloc(sizeof *krp, M_XDATA, M_WAITOK); 532 if (!krp) 533 return (ENOMEM); 534 bzero(krp, sizeof *krp); 535 krp->krp_op = kop->crk_op; 536 krp->krp_status = kop->crk_status; 537 krp->krp_iparams = kop->crk_iparams; 538 krp->krp_oparams = kop->crk_oparams; 539 krp->krp_status = 0; 540 krp->krp_callback = (int (*) (struct cryptkop *)) cryptodevkey_cb; 541 542 for (i = 0; i < CRK_MAXPARAM; i++) 543 krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits; 544 for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) { 545 size = (krp->krp_param[i].crp_nbits + 7) / 8; 546 if (size == 0) 547 continue; 548 MALLOC(krp->krp_param[i].crp_p, caddr_t, size, M_XDATA, M_WAITOK); 549 if (i >= krp->krp_iparams) 550 continue; 551 error = copyin(kop->crk_param[i].crp_p, krp->krp_param[i].crp_p, size); 552 if (error) 553 goto fail; 554 } 555 556 error = crypto_kdispatch(krp); 557 if (error == 0) 558 error = tsleep(krp, PSOCK, "crydev", 0); 559 if (error) 560 goto fail; 561 562 if (krp->krp_status != 0) { 563 error = krp->krp_status; 564 goto fail; 565 } 566 567 for (i = krp->krp_iparams; i < krp->krp_iparams + krp->krp_oparams; i++) { 568 size = (krp->krp_param[i].crp_nbits + 7) / 8; 569 if (size == 0) 570 continue; 571 error = copyout(krp->krp_param[i].crp_p, kop->crk_param[i].crp_p, size); 572 if (error) 573 goto fail; 574 } 575 576 fail: 577 if (krp) { 578 kop->crk_status = krp->krp_status; 579 for (i = 0; i < CRK_MAXPARAM; i++) { 580 if (krp->krp_param[i].crp_p) 581 FREE(krp->krp_param[i].crp_p, M_XDATA); 582 } 583 free(krp, M_XDATA); 584 } 585 return (error); 586 } 587 588 /* ARGSUSED */ 589 static int 590 cryptof_close(struct file *fp, struct proc *p) 591 { 592 struct fcrypt *fcr = (struct fcrypt *)fp->f_data; 593 struct csession *cse; 594 595 while ((cse = TAILQ_FIRST(&fcr->csessions))) { 596 TAILQ_REMOVE(&fcr->csessions, cse, next); 597 (void)csefree(cse); 598 } 599 FREE(fcr, M_XDATA); 600 601 /* close() stolen from sys/kern/kern_ktrace.c */ 602 603 fp->f_data = NULL; 604 #if 0 605 FILE_UNUSE(fp, p); /* release file */ 606 fdrelease(p, fd); /* release fd table slot */ 607 #endif 608 609 return 0; 610 } 611 612 static struct csession * 613 csefind(struct fcrypt *fcr, u_int ses) 614 { 615 struct csession *cse; 616 617 TAILQ_FOREACH(cse, &fcr->csessions, next) 618 if (cse->ses == ses) 619 return (cse); 620 return (NULL); 621 } 622 623 static int 624 csedelete(struct fcrypt *fcr, struct csession *cse_del) 625 { 626 struct csession *cse; 627 628 TAILQ_FOREACH(cse, &fcr->csessions, next) { 629 if (cse == cse_del) { 630 TAILQ_REMOVE(&fcr->csessions, cse, next); 631 return (1); 632 } 633 } 634 return (0); 635 } 636 637 static struct csession * 638 cseadd(struct fcrypt *fcr, struct csession *cse) 639 { 640 TAILQ_INSERT_TAIL(&fcr->csessions, cse, next); 641 cse->ses = fcr->sesn++; 642 return (cse); 643 } 644 645 static struct csession * 646 csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen, 647 caddr_t mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac, 648 struct enc_xform *txform, struct auth_hash *thash) 649 { 650 struct csession *cse; 651 652 MALLOC(cse, struct csession *, sizeof(struct csession), 653 M_XDATA, M_NOWAIT); 654 if (cse == NULL) 655 return NULL; 656 cse->key = key; 657 cse->keylen = keylen/8; 658 cse->mackey = mackey; 659 cse->mackeylen = mackeylen/8; 660 cse->sid = sid; 661 cse->cipher = cipher; 662 cse->mac = mac; 663 cse->txform = txform; 664 cse->thash = thash; 665 cseadd(fcr, cse); 666 return (cse); 667 } 668 669 static int 670 csefree(struct csession *cse) 671 { 672 int error; 673 674 error = crypto_freesession(cse->sid); 675 if (cse->key) 676 FREE(cse->key, M_XDATA); 677 if (cse->mackey) 678 FREE(cse->mackey, M_XDATA); 679 FREE(cse, M_XDATA); 680 return (error); 681 } 682 683 static int 684 cryptoopen(dev_t dev, int flag, int mode, struct proc *p) 685 { 686 if (crypto_usercrypto == 0) 687 return (ENXIO); 688 return (0); 689 } 690 691 static int 692 cryptoread(dev_t dev, struct uio *uio, int ioflag) 693 { 694 return (EIO); 695 } 696 697 static int 698 cryptowrite(dev_t dev, struct uio *uio, int ioflag) 699 { 700 return (EIO); 701 } 702 703 static int 704 cryptoioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p) 705 { 706 struct file *f; 707 struct fcrypt *fcr; 708 int fd, error; 709 710 switch (cmd) { 711 case CRIOGET: 712 MALLOC(fcr, struct fcrypt *, 713 sizeof(struct fcrypt), M_XDATA, M_WAITOK); 714 TAILQ_INIT(&fcr->csessions); 715 fcr->sesn = 0; 716 717 error = falloc(p, &f, &fd); 718 if (error) { 719 FREE(fcr, M_XDATA); 720 return (error); 721 } 722 f->f_flag = FREAD | FWRITE; 723 f->f_type = DTYPE_CRYPTO; 724 f->f_ops = &cryptofops; 725 f->f_data = (caddr_t) fcr; 726 *(u_int32_t *)data = fd; 727 FILE_SET_MATURE(f); 728 FILE_UNUSE(f, p); 729 break; 730 default: 731 error = EINVAL; 732 break; 733 } 734 return (error); 735 } 736 737 int 738 cryptoselect(dev_t dev, int rw, struct proc *p) 739 { 740 return (0); 741 } 742 743 /*static*/ 744 struct cdevsw crypto_cdevsw = { 745 /* open */ cryptoopen, 746 /* close */ nullclose, 747 /* read */ cryptoread, 748 /* write */ cryptowrite, 749 /* ioctl */ cryptoioctl, 750 /* ttstop?*/ nostop, 751 /* ??*/ notty, 752 /* poll */ cryptoselect /*nopoll*/, 753 /* mmap */ nommap, 754 /* kqfilter */ nokqfilter, 755 }; 756 757