mirror of
git://projects.qi-hardware.com/openwrt-xburst.git
synced 2024-11-23 22:05:20 +02:00
ocf-linux: version bump to 20110720
Fixes problem with TFM allocation in cryptosoft.c Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Hauke: * remove ubsec_ssb package and take it from ocf-linux * use patches from ocf-linux package * refresh all patches * readd some build fixes for OpenWrt. * readd CRYPTO_MANAGER dependency git-svn-id: svn://svn.openwrt.org/openwrt/trunk@27753 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
parent
c3cc5459ec
commit
32dec7075a
@ -455,3 +455,19 @@ define KernelPackage/crypto-mv-cesa
|
||||
endef
|
||||
|
||||
$(eval $(call KernelPackage,crypto-mv-cesa))
|
||||
|
||||
|
||||
define KernelPackage/ocf-ubsec-ssb
|
||||
TITLE:=BCM5365P IPSec Core driver
|
||||
DEPENDS:=@TARGET_brcm47xx +kmod-crypto-ocf
|
||||
KCONFIG:=CONFIG_OCF_UBSEC_SSB
|
||||
FILES:=$(LINUX_DIR)/crypto/ocf/ubsec_ssb/ubsec_ssb.ko
|
||||
AUTOLOAD:=$(call AutoLoad,10,ubsec_ssb)
|
||||
$(call AddDepends/crypto)
|
||||
endef
|
||||
|
||||
define KernelPackage/ocf-ubsec-ssb/description
|
||||
This package contains the OCF driver for the BCM5365p IPSec Core
|
||||
endef
|
||||
|
||||
$(eval $(call KernelPackage,ocf-ubsec-ssb))
|
||||
|
@ -7,7 +7,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=ocf-crypto-headers
|
||||
PKG_VERSION:=20080917
|
||||
PKG_VERSION:=20110720
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
|
||||
|
@ -2,8 +2,8 @@
|
||||
/* $OpenBSD: cryptodev.h,v 1.31 2002/06/11 11:14:29 beck Exp $ */
|
||||
|
||||
/*-
|
||||
* Linux port done by David McCullough <david_mccullough@securecomputing.com>
|
||||
* Copyright (C) 2006-2007 David McCullough
|
||||
* Linux port done by David McCullough <david_mccullough@mcafee.com>
|
||||
* Copyright (C) 2006-2010 David McCullough
|
||||
* Copyright (C) 2004-2005 Intel Corporation.
|
||||
* The license and original author are listed below.
|
||||
*
|
||||
@ -156,7 +156,8 @@
|
||||
#define CRYPTO_SHA2_384 23
|
||||
#define CRYPTO_SHA2_512 24
|
||||
#define CRYPTO_RIPEMD160 25
|
||||
#define CRYPTO_ALGORITHM_MAX 25 /* Keep updated - see below */
|
||||
#define CRYPTO_LZS_COMP 26
|
||||
#define CRYPTO_ALGORITHM_MAX 26 /* Keep updated - see above */
|
||||
|
||||
/* Algorithm flags */
|
||||
#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */
|
||||
@ -336,6 +337,7 @@ struct cryptodesc {
|
||||
#define crd_key CRD_INI.cri_key
|
||||
#define crd_alg CRD_INI.cri_alg
|
||||
#define crd_klen CRD_INI.cri_klen
|
||||
#define crd_mlen CRD_INI.cri_mlen
|
||||
|
||||
struct cryptodesc *crd_next;
|
||||
};
|
||||
|
@ -1,48 +0,0 @@
|
||||
#
|
||||
# Copyright (C) 2008 OpenWrt.org
|
||||
#
|
||||
# This is free software, licensed under the GNU General Public License v2.
|
||||
# See /LICENSE for more information.
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
include $(INCLUDE_DIR)/kernel.mk
|
||||
|
||||
PKG_NAME:=ubsec-ssb
|
||||
PKG_VERSION:=2009-02-21
|
||||
PKG_RELEASE:=1
|
||||
|
||||
CRYPTO_MENU:=OCF Configuration
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define KernelPackage/ocf-ubsec-ssb
|
||||
SUBMENU:=$(CRYPTO_MENU)
|
||||
DEPENDS:=@TARGET_brcm47xx +kmod-crypto-core +kmod-crypto-ocf
|
||||
TITLE:=BCM5365P IPSec Core driver
|
||||
FILES:=$(PKG_BUILD_DIR)/src/ubsec_ssb.ko
|
||||
AUTOLOAD:=$(call AutoLoad,09,ubsec_ssb)
|
||||
endef
|
||||
|
||||
define KernelPackage/ocf-ubsec-ssb/description
|
||||
This package contains the OCF driver for the BCM5365p IPSec Core
|
||||
endef
|
||||
|
||||
define Build/Prepare
|
||||
mkdir -p $(PKG_BUILD_DIR)
|
||||
$(CP) -r ./src $(PKG_BUILD_DIR)/
|
||||
endef
|
||||
|
||||
LINUX_PATCHLEVEL:=$(shell echo "$(LINUX_VERSION)" | cut -d. -f2)
|
||||
|
||||
define Build/Compile
|
||||
$(MAKE) -C $(LINUX_DIR) \
|
||||
ARCH="$(LINUX_KARCH)" \
|
||||
CROSS_COMPILE="$(TARGET_CROSS)" \
|
||||
PATCHLEVEL="$(LINUX_PATCHLEVEL)" \
|
||||
KERNDIR="$(LINUX_DIR)" \
|
||||
SUBDIRS="$(PKG_BUILD_DIR)/src" \
|
||||
modules
|
||||
endef
|
||||
|
||||
$(eval $(call KernelPackage,ocf-ubsec-ssb))
|
@ -1,19 +0,0 @@
|
||||
#
|
||||
# Makefile for b5365ips driver
|
||||
#
|
||||
# Copyright (C) 2007 Daniel Mueller <daniel@danm.de>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License
|
||||
# as published by the Free Software Foundation; either version
|
||||
# 2 of the License, or (at your option) any later version.
|
||||
#
|
||||
|
||||
obj-m := ubsec_ssb.o
|
||||
|
||||
obj ?= .
|
||||
|
||||
ifeq ($(MAKING_MODULES),1)
|
||||
|
||||
-include $(TOPDIR)/Rules.make
|
||||
endif
|
@ -1,478 +0,0 @@
|
||||
/* $FreeBSD: src/sys/opencrypto/cryptodev.h,v 1.25 2007/05/09 19:37:02 gnn Exp $ */
|
||||
/* $OpenBSD: cryptodev.h,v 1.31 2002/06/11 11:14:29 beck Exp $ */
|
||||
|
||||
/*-
|
||||
* Linux port done by David McCullough <david_mccullough@securecomputing.com>
|
||||
* Copyright (C) 2006-2007 David McCullough
|
||||
* Copyright (C) 2004-2005 Intel Corporation.
|
||||
* The license and original author are listed below.
|
||||
*
|
||||
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
|
||||
* Copyright (c) 2002-2006 Sam Leffler, Errno Consulting
|
||||
*
|
||||
* This code was written by Angelos D. Keromytis in Athens, Greece, in
|
||||
* February 2000. Network Security Technologies Inc. (NSTI) kindly
|
||||
* supported the development of this code.
|
||||
*
|
||||
* Copyright (c) 2000 Angelos D. Keromytis
|
||||
*
|
||||
* Permission to use, copy, and modify this software with or without fee
|
||||
* is hereby granted, provided that this entire notice is included in
|
||||
* all source code copies of any software which is or includes a copy or
|
||||
* modification of this software.
|
||||
*
|
||||
* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
|
||||
* IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
|
||||
* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
|
||||
* MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
|
||||
* PURPOSE.
|
||||
*
|
||||
* Copyright (c) 2001 Theo de Raadt
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote products
|
||||
* derived from this software without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
||||
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
||||
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* Effort sponsored in part by the Defense Advanced Research Projects
|
||||
* Agency (DARPA) and Air Force Research Laboratory, Air Force
|
||||
* Materiel Command, USAF, under agreement number F30602-01-2-0537.
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef _CRYPTO_CRYPTO_H_
|
||||
#define _CRYPTO_CRYPTO_H_
|
||||
|
||||
/* Some initial values */
|
||||
#define CRYPTO_DRIVERS_INITIAL 4
|
||||
#define CRYPTO_SW_SESSIONS 32
|
||||
|
||||
/* Hash values */
|
||||
#define NULL_HASH_LEN 0
|
||||
#define MD5_HASH_LEN 16
|
||||
#define SHA1_HASH_LEN 20
|
||||
#define RIPEMD160_HASH_LEN 20
|
||||
#define SHA2_256_HASH_LEN 32
|
||||
#define SHA2_384_HASH_LEN 48
|
||||
#define SHA2_512_HASH_LEN 64
|
||||
#define MD5_KPDK_HASH_LEN 16
|
||||
#define SHA1_KPDK_HASH_LEN 20
|
||||
/* Maximum hash algorithm result length */
|
||||
#define HASH_MAX_LEN SHA2_512_HASH_LEN /* Keep this updated */
|
||||
|
||||
/* HMAC values */
|
||||
#define NULL_HMAC_BLOCK_LEN 1
|
||||
#define MD5_HMAC_BLOCK_LEN 64
|
||||
#define SHA1_HMAC_BLOCK_LEN 64
|
||||
#define RIPEMD160_HMAC_BLOCK_LEN 64
|
||||
#define SHA2_256_HMAC_BLOCK_LEN 64
|
||||
#define SHA2_384_HMAC_BLOCK_LEN 128
|
||||
#define SHA2_512_HMAC_BLOCK_LEN 128
|
||||
/* Maximum HMAC block length */
|
||||
#define HMAC_MAX_BLOCK_LEN SHA2_512_HMAC_BLOCK_LEN /* Keep this updated */
|
||||
#define HMAC_IPAD_VAL 0x36
|
||||
#define HMAC_OPAD_VAL 0x5C
|
||||
|
||||
/* Encryption algorithm block sizes */
|
||||
#define NULL_BLOCK_LEN 1
|
||||
#define DES_BLOCK_LEN 8
|
||||
#define DES3_BLOCK_LEN 8
|
||||
#define BLOWFISH_BLOCK_LEN 8
|
||||
#define SKIPJACK_BLOCK_LEN 8
|
||||
#define CAST128_BLOCK_LEN 8
|
||||
#define RIJNDAEL128_BLOCK_LEN 16
|
||||
#define AES_BLOCK_LEN RIJNDAEL128_BLOCK_LEN
|
||||
#define CAMELLIA_BLOCK_LEN 16
|
||||
#define ARC4_BLOCK_LEN 1
|
||||
#define EALG_MAX_BLOCK_LEN AES_BLOCK_LEN /* Keep this updated */
|
||||
|
||||
/* Encryption algorithm min and max key sizes */
|
||||
#define NULL_MIN_KEY_LEN 0
|
||||
#define NULL_MAX_KEY_LEN 0
|
||||
#define DES_MIN_KEY_LEN 8
|
||||
#define DES_MAX_KEY_LEN 8
|
||||
#define DES3_MIN_KEY_LEN 24
|
||||
#define DES3_MAX_KEY_LEN 24
|
||||
#define BLOWFISH_MIN_KEY_LEN 4
|
||||
#define BLOWFISH_MAX_KEY_LEN 56
|
||||
#define SKIPJACK_MIN_KEY_LEN 10
|
||||
#define SKIPJACK_MAX_KEY_LEN 10
|
||||
#define CAST128_MIN_KEY_LEN 5
|
||||
#define CAST128_MAX_KEY_LEN 16
|
||||
#define RIJNDAEL128_MIN_KEY_LEN 16
|
||||
#define RIJNDAEL128_MAX_KEY_LEN 32
|
||||
#define AES_MIN_KEY_LEN RIJNDAEL128_MIN_KEY_LEN
|
||||
#define AES_MAX_KEY_LEN RIJNDAEL128_MAX_KEY_LEN
|
||||
#define CAMELLIA_MIN_KEY_LEN 16
|
||||
#define CAMELLIA_MAX_KEY_LEN 32
|
||||
#define ARC4_MIN_KEY_LEN 1
|
||||
#define ARC4_MAX_KEY_LEN 256
|
||||
|
||||
/* Max size of data that can be processed */
|
||||
#define CRYPTO_MAX_DATA_LEN 64*1024 - 1
|
||||
|
||||
#define CRYPTO_ALGORITHM_MIN 1
|
||||
#define CRYPTO_DES_CBC 1
|
||||
#define CRYPTO_3DES_CBC 2
|
||||
#define CRYPTO_BLF_CBC 3
|
||||
#define CRYPTO_CAST_CBC 4
|
||||
#define CRYPTO_SKIPJACK_CBC 5
|
||||
#define CRYPTO_MD5_HMAC 6
|
||||
#define CRYPTO_SHA1_HMAC 7
|
||||
#define CRYPTO_RIPEMD160_HMAC 8
|
||||
#define CRYPTO_MD5_KPDK 9
|
||||
#define CRYPTO_SHA1_KPDK 10
|
||||
#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
|
||||
#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
|
||||
#define CRYPTO_ARC4 12
|
||||
#define CRYPTO_MD5 13
|
||||
#define CRYPTO_SHA1 14
|
||||
#define CRYPTO_NULL_HMAC 15
|
||||
#define CRYPTO_NULL_CBC 16
|
||||
#define CRYPTO_DEFLATE_COMP 17 /* Deflate compression algorithm */
|
||||
#define CRYPTO_SHA2_256_HMAC 18
|
||||
#define CRYPTO_SHA2_384_HMAC 19
|
||||
#define CRYPTO_SHA2_512_HMAC 20
|
||||
#define CRYPTO_CAMELLIA_CBC 21
|
||||
#define CRYPTO_SHA2_256 22
|
||||
#define CRYPTO_SHA2_384 23
|
||||
#define CRYPTO_SHA2_512 24
|
||||
#define CRYPTO_RIPEMD160 25
|
||||
#define CRYPTO_ALGORITHM_MAX 25 /* Keep updated - see below */
|
||||
|
||||
/* Algorithm flags */
|
||||
#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */
|
||||
#define CRYPTO_ALG_FLAG_RNG_ENABLE 0x02 /* Has HW RNG for DH/DSA */
|
||||
#define CRYPTO_ALG_FLAG_DSA_SHA 0x04 /* Can do SHA on msg */
|
||||
|
||||
/*
|
||||
* Crypto driver/device flags. They can set in the crid
|
||||
* parameter when creating a session or submitting a key
|
||||
* op to affect the device/driver assigned. If neither
|
||||
* of these are specified then the crid is assumed to hold
|
||||
* the driver id of an existing (and suitable) device that
|
||||
* must be used to satisfy the request.
|
||||
*/
|
||||
#define CRYPTO_FLAG_HARDWARE 0x01000000 /* hardware accelerated */
|
||||
#define CRYPTO_FLAG_SOFTWARE 0x02000000 /* software implementation */
|
||||
|
||||
/* NB: deprecated */
|
||||
struct session_op {
|
||||
u_int32_t cipher; /* ie. CRYPTO_DES_CBC */
|
||||
u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
|
||||
|
||||
u_int32_t keylen; /* cipher key */
|
||||
caddr_t key;
|
||||
int mackeylen; /* mac key */
|
||||
caddr_t mackey;
|
||||
|
||||
u_int32_t ses; /* returns: session # */
|
||||
};
|
||||
|
||||
struct session2_op {
|
||||
u_int32_t cipher; /* ie. CRYPTO_DES_CBC */
|
||||
u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
|
||||
|
||||
u_int32_t keylen; /* cipher key */
|
||||
caddr_t key;
|
||||
int mackeylen; /* mac key */
|
||||
caddr_t mackey;
|
||||
|
||||
u_int32_t ses; /* returns: session # */
|
||||
int crid; /* driver id + flags (rw) */
|
||||
int pad[4]; /* for future expansion */
|
||||
};
|
||||
|
||||
struct crypt_op {
|
||||
u_int32_t ses;
|
||||
u_int16_t op; /* i.e. COP_ENCRYPT */
|
||||
#define COP_NONE 0
|
||||
#define COP_ENCRYPT 1
|
||||
#define COP_DECRYPT 2
|
||||
u_int16_t flags;
|
||||
#define COP_F_BATCH 0x0008 /* Batch op if possible */
|
||||
u_int len;
|
||||
caddr_t src, dst; /* become iov[] inside kernel */
|
||||
caddr_t mac; /* must be big enough for chosen MAC */
|
||||
caddr_t iv;
|
||||
};
|
||||
|
||||
/*
|
||||
* Parameters for looking up a crypto driver/device by
|
||||
* device name or by id. The latter are returned for
|
||||
* created sessions (crid) and completed key operations.
|
||||
*/
|
||||
struct crypt_find_op {
|
||||
int crid; /* driver id + flags */
|
||||
char name[32]; /* device/driver name */
|
||||
};
|
||||
|
||||
/* bignum parameter, in packed bytes, ... */
|
||||
struct crparam {
|
||||
caddr_t crp_p;
|
||||
u_int crp_nbits;
|
||||
};
|
||||
|
||||
#define CRK_MAXPARAM 8
|
||||
|
||||
struct crypt_kop {
|
||||
u_int crk_op; /* ie. CRK_MOD_EXP or other */
|
||||
u_int crk_status; /* return status */
|
||||
u_short crk_iparams; /* # of input parameters */
|
||||
u_short crk_oparams; /* # of output parameters */
|
||||
u_int crk_crid; /* NB: only used by CIOCKEY2 (rw) */
|
||||
struct crparam crk_param[CRK_MAXPARAM];
|
||||
};
|
||||
#define CRK_ALGORITM_MIN 0
|
||||
#define CRK_MOD_EXP 0
|
||||
#define CRK_MOD_EXP_CRT 1
|
||||
#define CRK_DSA_SIGN 2
|
||||
#define CRK_DSA_VERIFY 3
|
||||
#define CRK_DH_COMPUTE_KEY 4
|
||||
#define CRK_ALGORITHM_MAX 4 /* Keep updated - see below */
|
||||
|
||||
#define CRF_MOD_EXP (1 << CRK_MOD_EXP)
|
||||
#define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT)
|
||||
#define CRF_DSA_SIGN (1 << CRK_DSA_SIGN)
|
||||
#define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY)
|
||||
#define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY)
|
||||
|
||||
/*
|
||||
* done against open of /dev/crypto, to get a cloned descriptor.
|
||||
* Please use F_SETFD against the cloned descriptor.
|
||||
*/
|
||||
#define CRIOGET _IOWR('c', 100, u_int32_t)
|
||||
#define CRIOASYMFEAT CIOCASYMFEAT
|
||||
#define CRIOFINDDEV CIOCFINDDEV
|
||||
|
||||
/* the following are done against the cloned descriptor */
|
||||
#define CIOCGSESSION _IOWR('c', 101, struct session_op)
|
||||
#define CIOCFSESSION _IOW('c', 102, u_int32_t)
|
||||
#define CIOCCRYPT _IOWR('c', 103, struct crypt_op)
|
||||
#define CIOCKEY _IOWR('c', 104, struct crypt_kop)
|
||||
#define CIOCASYMFEAT _IOR('c', 105, u_int32_t)
|
||||
#define CIOCGSESSION2 _IOWR('c', 106, struct session2_op)
|
||||
#define CIOCKEY2 _IOWR('c', 107, struct crypt_kop)
|
||||
#define CIOCFINDDEV _IOWR('c', 108, struct crypt_find_op)
|
||||
|
||||
struct cryptotstat {
|
||||
struct timespec acc; /* total accumulated time */
|
||||
struct timespec min; /* min time */
|
||||
struct timespec max; /* max time */
|
||||
u_int32_t count; /* number of observations */
|
||||
};
|
||||
|
||||
struct cryptostats {
|
||||
u_int32_t cs_ops; /* symmetric crypto ops submitted */
|
||||
u_int32_t cs_errs; /* symmetric crypto ops that failed */
|
||||
u_int32_t cs_kops; /* asymetric/key ops submitted */
|
||||
u_int32_t cs_kerrs; /* asymetric/key ops that failed */
|
||||
u_int32_t cs_intrs; /* crypto swi thread activations */
|
||||
u_int32_t cs_rets; /* crypto return thread activations */
|
||||
u_int32_t cs_blocks; /* symmetric op driver block */
|
||||
u_int32_t cs_kblocks; /* symmetric op driver block */
|
||||
/*
|
||||
* When CRYPTO_TIMING is defined at compile time and the
|
||||
* sysctl debug.crypto is set to 1, the crypto system will
|
||||
* accumulate statistics about how long it takes to process
|
||||
* crypto requests at various points during processing.
|
||||
*/
|
||||
struct cryptotstat cs_invoke; /* crypto_dipsatch -> crypto_invoke */
|
||||
struct cryptotstat cs_done; /* crypto_invoke -> crypto_done */
|
||||
struct cryptotstat cs_cb; /* crypto_done -> callback */
|
||||
struct cryptotstat cs_finis; /* callback -> callback return */
|
||||
|
||||
u_int32_t cs_drops; /* crypto ops dropped due to congestion */
|
||||
};
|
||||
|
||||
#ifdef __KERNEL__
|
||||
|
||||
/* Standard initialization structure beginning */
|
||||
struct cryptoini {
|
||||
int cri_alg; /* Algorithm to use */
|
||||
int cri_klen; /* Key length, in bits */
|
||||
int cri_mlen; /* Number of bytes we want from the
|
||||
entire hash. 0 means all. */
|
||||
caddr_t cri_key; /* key to use */
|
||||
u_int8_t cri_iv[EALG_MAX_BLOCK_LEN]; /* IV to use */
|
||||
struct cryptoini *cri_next;
|
||||
};
|
||||
|
||||
/* Describe boundaries of a single crypto operation */
|
||||
struct cryptodesc {
|
||||
int crd_skip; /* How many bytes to ignore from start */
|
||||
int crd_len; /* How many bytes to process */
|
||||
int crd_inject; /* Where to inject results, if applicable */
|
||||
int crd_flags;
|
||||
|
||||
#define CRD_F_ENCRYPT 0x01 /* Set when doing encryption */
|
||||
#define CRD_F_IV_PRESENT 0x02 /* When encrypting, IV is already in
|
||||
place, so don't copy. */
|
||||
#define CRD_F_IV_EXPLICIT 0x04 /* IV explicitly provided */
|
||||
#define CRD_F_DSA_SHA_NEEDED 0x08 /* Compute SHA-1 of buffer for DSA */
|
||||
#define CRD_F_KEY_EXPLICIT 0x10 /* Key explicitly provided */
|
||||
#define CRD_F_COMP 0x0f /* Set when doing compression */
|
||||
|
||||
struct cryptoini CRD_INI; /* Initialization/context data */
|
||||
#define crd_iv CRD_INI.cri_iv
|
||||
#define crd_key CRD_INI.cri_key
|
||||
#define crd_alg CRD_INI.cri_alg
|
||||
#define crd_klen CRD_INI.cri_klen
|
||||
|
||||
struct cryptodesc *crd_next;
|
||||
};
|
||||
|
||||
/* Structure describing complete operation */
|
||||
struct cryptop {
|
||||
struct list_head crp_next;
|
||||
wait_queue_head_t crp_waitq;
|
||||
|
||||
u_int64_t crp_sid; /* Session ID */
|
||||
int crp_ilen; /* Input data total length */
|
||||
int crp_olen; /* Result total length */
|
||||
|
||||
int crp_etype; /*
|
||||
* Error type (zero means no error).
|
||||
* All error codes except EAGAIN
|
||||
* indicate possible data corruption (as in,
|
||||
* the data have been touched). On all
|
||||
* errors, the crp_sid may have changed
|
||||
* (reset to a new one), so the caller
|
||||
* should always check and use the new
|
||||
* value on future requests.
|
||||
*/
|
||||
int crp_flags;
|
||||
|
||||
#define CRYPTO_F_SKBUF 0x0001 /* Input/output are skbuf chains */
|
||||
#define CRYPTO_F_IOV 0x0002 /* Input/output are uio */
|
||||
#define CRYPTO_F_REL 0x0004 /* Must return data in same place */
|
||||
#define CRYPTO_F_BATCH 0x0008 /* Batch op if possible */
|
||||
#define CRYPTO_F_CBIMM 0x0010 /* Do callback immediately */
|
||||
#define CRYPTO_F_DONE 0x0020 /* Operation completed */
|
||||
#define CRYPTO_F_CBIFSYNC 0x0040 /* Do CBIMM if op is synchronous */
|
||||
|
||||
caddr_t crp_buf; /* Data to be processed */
|
||||
caddr_t crp_opaque; /* Opaque pointer, passed along */
|
||||
struct cryptodesc *crp_desc; /* Linked list of processing descriptors */
|
||||
|
||||
int (*crp_callback)(struct cryptop *); /* Callback function */
|
||||
};
|
||||
|
||||
#define CRYPTO_BUF_CONTIG 0x0
|
||||
#define CRYPTO_BUF_IOV 0x1
|
||||
#define CRYPTO_BUF_SKBUF 0x2
|
||||
|
||||
#define CRYPTO_OP_DECRYPT 0x0
|
||||
#define CRYPTO_OP_ENCRYPT 0x1
|
||||
|
||||
/*
|
||||
* Hints passed to process methods.
|
||||
*/
|
||||
#define CRYPTO_HINT_MORE 0x1 /* more ops coming shortly */
|
||||
|
||||
struct cryptkop {
|
||||
struct list_head krp_next;
|
||||
wait_queue_head_t krp_waitq;
|
||||
|
||||
int krp_flags;
|
||||
#define CRYPTO_KF_DONE 0x0001 /* Operation completed */
|
||||
#define CRYPTO_KF_CBIMM 0x0002 /* Do callback immediately */
|
||||
|
||||
u_int krp_op; /* ie. CRK_MOD_EXP or other */
|
||||
u_int krp_status; /* return status */
|
||||
u_short krp_iparams; /* # of input parameters */
|
||||
u_short krp_oparams; /* # of output parameters */
|
||||
u_int krp_crid; /* desired device, etc. */
|
||||
u_int32_t krp_hid;
|
||||
struct crparam krp_param[CRK_MAXPARAM]; /* kvm */
|
||||
int (*krp_callback)(struct cryptkop *);
|
||||
};
|
||||
|
||||
#include "ocf-compat.h"
|
||||
|
||||
/*
|
||||
* Session ids are 64 bits. The lower 32 bits contain a "local id" which
|
||||
* is a driver-private session identifier. The upper 32 bits contain a
|
||||
* "hardware id" used by the core crypto code to identify the driver and
|
||||
* a copy of the driver's capabilities that can be used by client code to
|
||||
* optimize operation.
|
||||
*/
|
||||
#define CRYPTO_SESID2HID(_sid) (((_sid) >> 32) & 0x00ffffff)
|
||||
#define CRYPTO_SESID2CAPS(_sid) (((_sid) >> 32) & 0xff000000)
|
||||
#define CRYPTO_SESID2LID(_sid) (((u_int32_t) (_sid)) & 0xffffffff)
|
||||
|
||||
extern int crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard);
|
||||
extern int crypto_freesession(u_int64_t sid);
|
||||
#define CRYPTOCAP_F_HARDWARE CRYPTO_FLAG_HARDWARE
|
||||
#define CRYPTOCAP_F_SOFTWARE CRYPTO_FLAG_SOFTWARE
|
||||
#define CRYPTOCAP_F_SYNC 0x04000000 /* operates synchronously */
|
||||
extern int32_t crypto_get_driverid(device_t dev, int flags);
|
||||
extern int crypto_find_driver(const char *);
|
||||
extern device_t crypto_find_device_byhid(int hid);
|
||||
extern int crypto_getcaps(int hid);
|
||||
extern int crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen,
|
||||
u_int32_t flags);
|
||||
extern int crypto_kregister(u_int32_t, int, u_int32_t);
|
||||
extern int crypto_unregister(u_int32_t driverid, int alg);
|
||||
extern int crypto_unregister_all(u_int32_t driverid);
|
||||
extern int crypto_dispatch(struct cryptop *crp);
|
||||
extern int crypto_kdispatch(struct cryptkop *);
|
||||
#define CRYPTO_SYMQ 0x1
|
||||
#define CRYPTO_ASYMQ 0x2
|
||||
extern int crypto_unblock(u_int32_t, int);
|
||||
extern void crypto_done(struct cryptop *crp);
|
||||
extern void crypto_kdone(struct cryptkop *);
|
||||
extern int crypto_getfeat(int *);
|
||||
|
||||
extern void crypto_freereq(struct cryptop *crp);
|
||||
extern struct cryptop *crypto_getreq(int num);
|
||||
|
||||
extern int crypto_usercrypto; /* userland may do crypto requests */
|
||||
extern int crypto_userasymcrypto; /* userland may do asym crypto reqs */
|
||||
extern int crypto_devallowsoft; /* only use hardware crypto */
|
||||
|
||||
/*
|
||||
* random number support, crypto_unregister_all will unregister
|
||||
*/
|
||||
extern int crypto_rregister(u_int32_t driverid,
|
||||
int (*read_random)(void *arg, u_int32_t *buf, int len), void *arg);
|
||||
extern int crypto_runregister_all(u_int32_t driverid);
|
||||
|
||||
/*
|
||||
* Crypto-related utility routines used mainly by drivers.
|
||||
*
|
||||
* XXX these don't really belong here; but for now they're
|
||||
* kept apart from the rest of the system.
|
||||
*/
|
||||
struct uio;
|
||||
extern void cuio_copydata(struct uio* uio, int off, int len, caddr_t cp);
|
||||
extern void cuio_copyback(struct uio* uio, int off, int len, caddr_t cp);
|
||||
extern struct iovec *cuio_getptr(struct uio *uio, int loc, int *off);
|
||||
|
||||
extern void crypto_copyback(int flags, caddr_t buf, int off, int size,
|
||||
caddr_t in);
|
||||
extern void crypto_copydata(int flags, caddr_t buf, int off, int size,
|
||||
caddr_t out);
|
||||
extern int crypto_apply(int flags, caddr_t buf, int off, int len,
|
||||
int (*f)(void *, void *, u_int), void *arg);
|
||||
|
||||
#endif /* __KERNEL__ */
|
||||
#endif /* _CRYPTO_CRYPTO_H_ */
|
@ -1,308 +0,0 @@
|
||||
/* $KAME: md5.c,v 1.5 2000/11/08 06:13:08 itojun Exp $ */
|
||||
/*
|
||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. Neither the name of the project nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#if 0
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD: src/sys/crypto/md5.c,v 1.9 2004/01/27 19:49:19 des Exp $");
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/cdefs.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/systm.h>
|
||||
#include <crypto/md5.h>
|
||||
#endif
|
||||
|
||||
#define SHIFT(X, s) (((X) << (s)) | ((X) >> (32 - (s))))
|
||||
|
||||
#define F(X, Y, Z) (((X) & (Y)) | ((~X) & (Z)))
|
||||
#define G(X, Y, Z) (((X) & (Z)) | ((Y) & (~Z)))
|
||||
#define H(X, Y, Z) ((X) ^ (Y) ^ (Z))
|
||||
#define I(X, Y, Z) ((Y) ^ ((X) | (~Z)))
|
||||
|
||||
#define ROUND1(a, b, c, d, k, s, i) { \
|
||||
(a) = (a) + F((b), (c), (d)) + X[(k)] + T[(i)]; \
|
||||
(a) = SHIFT((a), (s)); \
|
||||
(a) = (b) + (a); \
|
||||
}
|
||||
|
||||
#define ROUND2(a, b, c, d, k, s, i) { \
|
||||
(a) = (a) + G((b), (c), (d)) + X[(k)] + T[(i)]; \
|
||||
(a) = SHIFT((a), (s)); \
|
||||
(a) = (b) + (a); \
|
||||
}
|
||||
|
||||
#define ROUND3(a, b, c, d, k, s, i) { \
|
||||
(a) = (a) + H((b), (c), (d)) + X[(k)] + T[(i)]; \
|
||||
(a) = SHIFT((a), (s)); \
|
||||
(a) = (b) + (a); \
|
||||
}
|
||||
|
||||
#define ROUND4(a, b, c, d, k, s, i) { \
|
||||
(a) = (a) + I((b), (c), (d)) + X[(k)] + T[(i)]; \
|
||||
(a) = SHIFT((a), (s)); \
|
||||
(a) = (b) + (a); \
|
||||
}
|
||||
|
||||
#define Sa 7
|
||||
#define Sb 12
|
||||
#define Sc 17
|
||||
#define Sd 22
|
||||
|
||||
#define Se 5
|
||||
#define Sf 9
|
||||
#define Sg 14
|
||||
#define Sh 20
|
||||
|
||||
#define Si 4
|
||||
#define Sj 11
|
||||
#define Sk 16
|
||||
#define Sl 23
|
||||
|
||||
#define Sm 6
|
||||
#define Sn 10
|
||||
#define So 15
|
||||
#define Sp 21
|
||||
|
||||
#define MD5_A0 0x67452301
|
||||
#define MD5_B0 0xefcdab89
|
||||
#define MD5_C0 0x98badcfe
|
||||
#define MD5_D0 0x10325476
|
||||
|
||||
/* Integer part of 4294967296 times abs(sin(i)), where i is in radians. */
|
||||
static const u_int32_t T[65] = {
|
||||
0,
|
||||
0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
|
||||
0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501,
|
||||
0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be,
|
||||
0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821,
|
||||
|
||||
0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa,
|
||||
0xd62f105d, 0x2441453, 0xd8a1e681, 0xe7d3fbc8,
|
||||
0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed,
|
||||
0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a,
|
||||
|
||||
0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c,
|
||||
0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70,
|
||||
0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x4881d05,
|
||||
0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665,
|
||||
|
||||
0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039,
|
||||
0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1,
|
||||
0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1,
|
||||
0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391,
|
||||
};
|
||||
|
||||
static const u_int8_t md5_paddat[MD5_BUFLEN] = {
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0,
|
||||
};
|
||||
|
||||
static void md5_calc(u_int8_t *, md5_ctxt *);
|
||||
|
||||
void md5_init(ctxt)
|
||||
md5_ctxt *ctxt;
|
||||
{
|
||||
ctxt->md5_n = 0;
|
||||
ctxt->md5_i = 0;
|
||||
ctxt->md5_sta = MD5_A0;
|
||||
ctxt->md5_stb = MD5_B0;
|
||||
ctxt->md5_stc = MD5_C0;
|
||||
ctxt->md5_std = MD5_D0;
|
||||
bzero(ctxt->md5_buf, sizeof(ctxt->md5_buf));
|
||||
}
|
||||
|
||||
void md5_loop(ctxt, input, len)
|
||||
md5_ctxt *ctxt;
|
||||
u_int8_t *input;
|
||||
u_int len; /* number of bytes */
|
||||
{
|
||||
u_int gap, i;
|
||||
|
||||
ctxt->md5_n += len * 8; /* byte to bit */
|
||||
gap = MD5_BUFLEN - ctxt->md5_i;
|
||||
|
||||
if (len >= gap) {
|
||||
bcopy((void *)input, (void *)(ctxt->md5_buf + ctxt->md5_i),
|
||||
gap);
|
||||
md5_calc(ctxt->md5_buf, ctxt);
|
||||
|
||||
for (i = gap; i + MD5_BUFLEN <= len; i += MD5_BUFLEN) {
|
||||
md5_calc((u_int8_t *)(input + i), ctxt);
|
||||
}
|
||||
|
||||
ctxt->md5_i = len - i;
|
||||
bcopy((void *)(input + i), (void *)ctxt->md5_buf, ctxt->md5_i);
|
||||
} else {
|
||||
bcopy((void *)input, (void *)(ctxt->md5_buf + ctxt->md5_i),
|
||||
len);
|
||||
ctxt->md5_i += len;
|
||||
}
|
||||
}
|
||||
|
||||
void md5_pad(ctxt)
|
||||
md5_ctxt *ctxt;
|
||||
{
|
||||
u_int gap;
|
||||
|
||||
/* Don't count up padding. Keep md5_n. */
|
||||
gap = MD5_BUFLEN - ctxt->md5_i;
|
||||
if (gap > 8) {
|
||||
bcopy(md5_paddat,
|
||||
(void *)(ctxt->md5_buf + ctxt->md5_i),
|
||||
gap - sizeof(ctxt->md5_n));
|
||||
} else {
|
||||
/* including gap == 8 */
|
||||
bcopy(md5_paddat, (void *)(ctxt->md5_buf + ctxt->md5_i),
|
||||
gap);
|
||||
md5_calc(ctxt->md5_buf, ctxt);
|
||||
bcopy((md5_paddat + gap),
|
||||
(void *)ctxt->md5_buf,
|
||||
MD5_BUFLEN - sizeof(ctxt->md5_n));
|
||||
}
|
||||
|
||||
/* 8 byte word */
|
||||
#if BYTE_ORDER == LITTLE_ENDIAN
|
||||
bcopy(&ctxt->md5_n8[0], &ctxt->md5_buf[56], 8);
|
||||
#endif
|
||||
#if BYTE_ORDER == BIG_ENDIAN
|
||||
ctxt->md5_buf[56] = ctxt->md5_n8[7];
|
||||
ctxt->md5_buf[57] = ctxt->md5_n8[6];
|
||||
ctxt->md5_buf[58] = ctxt->md5_n8[5];
|
||||
ctxt->md5_buf[59] = ctxt->md5_n8[4];
|
||||
ctxt->md5_buf[60] = ctxt->md5_n8[3];
|
||||
ctxt->md5_buf[61] = ctxt->md5_n8[2];
|
||||
ctxt->md5_buf[62] = ctxt->md5_n8[1];
|
||||
ctxt->md5_buf[63] = ctxt->md5_n8[0];
|
||||
#endif
|
||||
|
||||
md5_calc(ctxt->md5_buf, ctxt);
|
||||
}
|
||||
|
||||
void md5_result(digest, ctxt)
|
||||
u_int8_t *digest;
|
||||
md5_ctxt *ctxt;
|
||||
{
|
||||
/* 4 byte words */
|
||||
#if BYTE_ORDER == LITTLE_ENDIAN
|
||||
bcopy(&ctxt->md5_st8[0], digest, 16);
|
||||
#endif
|
||||
#if BYTE_ORDER == BIG_ENDIAN
|
||||
digest[ 0] = ctxt->md5_st8[ 3]; digest[ 1] = ctxt->md5_st8[ 2];
|
||||
digest[ 2] = ctxt->md5_st8[ 1]; digest[ 3] = ctxt->md5_st8[ 0];
|
||||
digest[ 4] = ctxt->md5_st8[ 7]; digest[ 5] = ctxt->md5_st8[ 6];
|
||||
digest[ 6] = ctxt->md5_st8[ 5]; digest[ 7] = ctxt->md5_st8[ 4];
|
||||
digest[ 8] = ctxt->md5_st8[11]; digest[ 9] = ctxt->md5_st8[10];
|
||||
digest[10] = ctxt->md5_st8[ 9]; digest[11] = ctxt->md5_st8[ 8];
|
||||
digest[12] = ctxt->md5_st8[15]; digest[13] = ctxt->md5_st8[14];
|
||||
digest[14] = ctxt->md5_st8[13]; digest[15] = ctxt->md5_st8[12];
|
||||
#endif
|
||||
}
|
||||
|
||||
static void md5_calc(b64, ctxt)
|
||||
u_int8_t *b64;
|
||||
md5_ctxt *ctxt;
|
||||
{
|
||||
u_int32_t A = ctxt->md5_sta;
|
||||
u_int32_t B = ctxt->md5_stb;
|
||||
u_int32_t C = ctxt->md5_stc;
|
||||
u_int32_t D = ctxt->md5_std;
|
||||
#if BYTE_ORDER == LITTLE_ENDIAN
|
||||
u_int32_t *X = (u_int32_t *)b64;
|
||||
#endif
|
||||
#if BYTE_ORDER == BIG_ENDIAN
|
||||
/* 4 byte words */
|
||||
/* what a brute force but fast! */
|
||||
u_int32_t X[16];
|
||||
u_int8_t *y = (u_int8_t *)X;
|
||||
y[ 0] = b64[ 3]; y[ 1] = b64[ 2]; y[ 2] = b64[ 1]; y[ 3] = b64[ 0];
|
||||
y[ 4] = b64[ 7]; y[ 5] = b64[ 6]; y[ 6] = b64[ 5]; y[ 7] = b64[ 4];
|
||||
y[ 8] = b64[11]; y[ 9] = b64[10]; y[10] = b64[ 9]; y[11] = b64[ 8];
|
||||
y[12] = b64[15]; y[13] = b64[14]; y[14] = b64[13]; y[15] = b64[12];
|
||||
y[16] = b64[19]; y[17] = b64[18]; y[18] = b64[17]; y[19] = b64[16];
|
||||
y[20] = b64[23]; y[21] = b64[22]; y[22] = b64[21]; y[23] = b64[20];
|
||||
y[24] = b64[27]; y[25] = b64[26]; y[26] = b64[25]; y[27] = b64[24];
|
||||
y[28] = b64[31]; y[29] = b64[30]; y[30] = b64[29]; y[31] = b64[28];
|
||||
y[32] = b64[35]; y[33] = b64[34]; y[34] = b64[33]; y[35] = b64[32];
|
||||
y[36] = b64[39]; y[37] = b64[38]; y[38] = b64[37]; y[39] = b64[36];
|
||||
y[40] = b64[43]; y[41] = b64[42]; y[42] = b64[41]; y[43] = b64[40];
|
||||
y[44] = b64[47]; y[45] = b64[46]; y[46] = b64[45]; y[47] = b64[44];
|
||||
y[48] = b64[51]; y[49] = b64[50]; y[50] = b64[49]; y[51] = b64[48];
|
||||
y[52] = b64[55]; y[53] = b64[54]; y[54] = b64[53]; y[55] = b64[52];
|
||||
y[56] = b64[59]; y[57] = b64[58]; y[58] = b64[57]; y[59] = b64[56];
|
||||
y[60] = b64[63]; y[61] = b64[62]; y[62] = b64[61]; y[63] = b64[60];
|
||||
#endif
|
||||
|
||||
ROUND1(A, B, C, D, 0, Sa, 1); ROUND1(D, A, B, C, 1, Sb, 2);
|
||||
ROUND1(C, D, A, B, 2, Sc, 3); ROUND1(B, C, D, A, 3, Sd, 4);
|
||||
ROUND1(A, B, C, D, 4, Sa, 5); ROUND1(D, A, B, C, 5, Sb, 6);
|
||||
ROUND1(C, D, A, B, 6, Sc, 7); ROUND1(B, C, D, A, 7, Sd, 8);
|
||||
ROUND1(A, B, C, D, 8, Sa, 9); ROUND1(D, A, B, C, 9, Sb, 10);
|
||||
ROUND1(C, D, A, B, 10, Sc, 11); ROUND1(B, C, D, A, 11, Sd, 12);
|
||||
ROUND1(A, B, C, D, 12, Sa, 13); ROUND1(D, A, B, C, 13, Sb, 14);
|
||||
ROUND1(C, D, A, B, 14, Sc, 15); ROUND1(B, C, D, A, 15, Sd, 16);
|
||||
|
||||
ROUND2(A, B, C, D, 1, Se, 17); ROUND2(D, A, B, C, 6, Sf, 18);
|
||||
ROUND2(C, D, A, B, 11, Sg, 19); ROUND2(B, C, D, A, 0, Sh, 20);
|
||||
ROUND2(A, B, C, D, 5, Se, 21); ROUND2(D, A, B, C, 10, Sf, 22);
|
||||
ROUND2(C, D, A, B, 15, Sg, 23); ROUND2(B, C, D, A, 4, Sh, 24);
|
||||
ROUND2(A, B, C, D, 9, Se, 25); ROUND2(D, A, B, C, 14, Sf, 26);
|
||||
ROUND2(C, D, A, B, 3, Sg, 27); ROUND2(B, C, D, A, 8, Sh, 28);
|
||||
ROUND2(A, B, C, D, 13, Se, 29); ROUND2(D, A, B, C, 2, Sf, 30);
|
||||
ROUND2(C, D, A, B, 7, Sg, 31); ROUND2(B, C, D, A, 12, Sh, 32);
|
||||
|
||||
ROUND3(A, B, C, D, 5, Si, 33); ROUND3(D, A, B, C, 8, Sj, 34);
|
||||
ROUND3(C, D, A, B, 11, Sk, 35); ROUND3(B, C, D, A, 14, Sl, 36);
|
||||
ROUND3(A, B, C, D, 1, Si, 37); ROUND3(D, A, B, C, 4, Sj, 38);
|
||||
ROUND3(C, D, A, B, 7, Sk, 39); ROUND3(B, C, D, A, 10, Sl, 40);
|
||||
ROUND3(A, B, C, D, 13, Si, 41); ROUND3(D, A, B, C, 0, Sj, 42);
|
||||
ROUND3(C, D, A, B, 3, Sk, 43); ROUND3(B, C, D, A, 6, Sl, 44);
|
||||
ROUND3(A, B, C, D, 9, Si, 45); ROUND3(D, A, B, C, 12, Sj, 46);
|
||||
ROUND3(C, D, A, B, 15, Sk, 47); ROUND3(B, C, D, A, 2, Sl, 48);
|
||||
|
||||
ROUND4(A, B, C, D, 0, Sm, 49); ROUND4(D, A, B, C, 7, Sn, 50);
|
||||
ROUND4(C, D, A, B, 14, So, 51); ROUND4(B, C, D, A, 5, Sp, 52);
|
||||
ROUND4(A, B, C, D, 12, Sm, 53); ROUND4(D, A, B, C, 3, Sn, 54);
|
||||
ROUND4(C, D, A, B, 10, So, 55); ROUND4(B, C, D, A, 1, Sp, 56);
|
||||
ROUND4(A, B, C, D, 8, Sm, 57); ROUND4(D, A, B, C, 15, Sn, 58);
|
||||
ROUND4(C, D, A, B, 6, So, 59); ROUND4(B, C, D, A, 13, Sp, 60);
|
||||
ROUND4(A, B, C, D, 4, Sm, 61); ROUND4(D, A, B, C, 11, Sn, 62);
|
||||
ROUND4(C, D, A, B, 2, So, 63); ROUND4(B, C, D, A, 9, Sp, 64);
|
||||
|
||||
ctxt->md5_sta += A;
|
||||
ctxt->md5_stb += B;
|
||||
ctxt->md5_stc += C;
|
||||
ctxt->md5_std += D;
|
||||
}
|
@ -1,76 +0,0 @@
|
||||
/* $FreeBSD: src/sys/crypto/md5.h,v 1.4 2002/03/20 05:13:50 alfred Exp $ */
|
||||
/* $KAME: md5.h,v 1.4 2000/03/27 04:36:22 sumikawa Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. Neither the name of the project nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifndef _NETINET6_MD5_H_
|
||||
#define _NETINET6_MD5_H_
|
||||
|
||||
#define MD5_BUFLEN 64
|
||||
|
||||
typedef struct {
|
||||
union {
|
||||
u_int32_t md5_state32[4];
|
||||
u_int8_t md5_state8[16];
|
||||
} md5_st;
|
||||
|
||||
#define md5_sta md5_st.md5_state32[0]
|
||||
#define md5_stb md5_st.md5_state32[1]
|
||||
#define md5_stc md5_st.md5_state32[2]
|
||||
#define md5_std md5_st.md5_state32[3]
|
||||
#define md5_st8 md5_st.md5_state8
|
||||
|
||||
union {
|
||||
u_int64_t md5_count64;
|
||||
u_int8_t md5_count8[8];
|
||||
} md5_count;
|
||||
#define md5_n md5_count.md5_count64
|
||||
#define md5_n8 md5_count.md5_count8
|
||||
|
||||
u_int md5_i;
|
||||
u_int8_t md5_buf[MD5_BUFLEN];
|
||||
} md5_ctxt;
|
||||
|
||||
extern void md5_init(md5_ctxt *);
|
||||
extern void md5_loop(md5_ctxt *, u_int8_t *, u_int);
|
||||
extern void md5_pad(md5_ctxt *);
|
||||
extern void md5_result(u_int8_t *, md5_ctxt *);
|
||||
|
||||
/* compatibility */
|
||||
#define MD5_CTX md5_ctxt
|
||||
#define MD5Init(x) md5_init((x))
|
||||
#define MD5Update(x, y, z) md5_loop((x), (y), (z))
|
||||
#define MD5Final(x, y) \
|
||||
do { \
|
||||
md5_pad((y)); \
|
||||
md5_result((x), (y)); \
|
||||
} while (0)
|
||||
|
||||
#endif /* ! _NETINET6_MD5_H_*/
|
@ -1,270 +0,0 @@
|
||||
#ifndef _BSD_COMPAT_H_
|
||||
#define _BSD_COMPAT_H_ 1
|
||||
/****************************************************************************/
|
||||
/*
|
||||
* Provide compat routines for older linux kernels and BSD kernels
|
||||
*
|
||||
* Written by David McCullough <david_mccullough@securecomputing.com>
|
||||
* Copyright (C) 2007 David McCullough <david_mccullough@securecomputing.com>
|
||||
*
|
||||
* LICENSE TERMS
|
||||
*
|
||||
* The free distribution and use of this software in both source and binary
|
||||
* form is allowed (with or without changes) provided that:
|
||||
*
|
||||
* 1. distributions of this source code include the above copyright
|
||||
* notice, this list of conditions and the following disclaimer;
|
||||
*
|
||||
* 2. distributions in binary form include the above copyright
|
||||
* notice, this list of conditions and the following disclaimer
|
||||
* in the documentation and/or other associated materials;
|
||||
*
|
||||
* 3. the copyright holder's name is not used to endorse products
|
||||
* built using this software without specific written permission.
|
||||
*
|
||||
* ALTERNATIVELY, provided that this notice is retained in full, this file
|
||||
* may be distributed under the terms of the GNU General Public License (GPL),
|
||||
* in which case the provisions of the GPL apply INSTEAD OF those given above.
|
||||
*
|
||||
* DISCLAIMER
|
||||
*
|
||||
* This software is provided 'as is' with no explicit or implied warranties
|
||||
* in respect of its properties, including, but not limited to, correctness
|
||||
* and/or fitness for purpose.
|
||||
*/
|
||||
/****************************************************************************/
|
||||
#ifdef __KERNEL__
|
||||
/*
|
||||
* fake some BSD driver interface stuff specifically for OCF use
|
||||
*/
|
||||
|
||||
typedef struct ocf_device *device_t;
|
||||
|
||||
typedef struct {
|
||||
int (*cryptodev_newsession)(device_t dev, u_int32_t *sidp, struct cryptoini *cri);
|
||||
int (*cryptodev_freesession)(device_t dev, u_int64_t tid);
|
||||
int (*cryptodev_process)(device_t dev, struct cryptop *crp, int hint);
|
||||
int (*cryptodev_kprocess)(device_t dev, struct cryptkop *krp, int hint);
|
||||
} device_method_t;
|
||||
#define DEVMETHOD(id, func) id: func
|
||||
|
||||
struct ocf_device {
|
||||
char name[32]; /* the driver name */
|
||||
char nameunit[32]; /* the driver name + HW instance */
|
||||
int unit;
|
||||
device_method_t methods;
|
||||
void *softc;
|
||||
};
|
||||
|
||||
#define CRYPTODEV_NEWSESSION(dev, sid, cri) \
|
||||
((*(dev)->methods.cryptodev_newsession)(dev,sid,cri))
|
||||
#define CRYPTODEV_FREESESSION(dev, sid) \
|
||||
((*(dev)->methods.cryptodev_freesession)(dev, sid))
|
||||
#define CRYPTODEV_PROCESS(dev, crp, hint) \
|
||||
((*(dev)->methods.cryptodev_process)(dev, crp, hint))
|
||||
#define CRYPTODEV_KPROCESS(dev, krp, hint) \
|
||||
((*(dev)->methods.cryptodev_kprocess)(dev, krp, hint))
|
||||
|
||||
#define device_get_name(dev) ((dev)->name)
|
||||
#define device_get_nameunit(dev) ((dev)->nameunit)
|
||||
#define device_get_unit(dev) ((dev)->unit)
|
||||
#define device_get_softc(dev) ((dev)->softc)
|
||||
|
||||
#define softc_device_decl \
|
||||
struct ocf_device _device; \
|
||||
device_t
|
||||
|
||||
#define softc_device_init(_sc, _name, _unit, _methods) \
|
||||
if (1) {\
|
||||
strncpy((_sc)->_device.name, _name, sizeof((_sc)->_device.name) - 1); \
|
||||
snprintf((_sc)->_device.nameunit, sizeof((_sc)->_device.name), "%s%d", _name, _unit); \
|
||||
(_sc)->_device.unit = _unit; \
|
||||
(_sc)->_device.methods = _methods; \
|
||||
(_sc)->_device.softc = (void *) _sc; \
|
||||
*(device_t *)((softc_get_device(_sc))+1) = &(_sc)->_device; \
|
||||
} else
|
||||
|
||||
#define softc_get_device(_sc) (&(_sc)->_device)
|
||||
|
||||
/*
|
||||
* iomem support for 2.4 and 2.6 kernels
|
||||
*/
|
||||
#include <linux/version.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
|
||||
#define ocf_iomem_t unsigned long
|
||||
|
||||
/*
|
||||
* implement simple workqueue like support for older kernels
|
||||
*/
|
||||
|
||||
#include <linux/tqueue.h>
|
||||
|
||||
#define work_struct tq_struct
|
||||
|
||||
#define INIT_WORK(wp, fp, ap) \
|
||||
do { \
|
||||
(wp)->sync = 0; \
|
||||
(wp)->routine = (fp); \
|
||||
(wp)->data = (ap); \
|
||||
} while (0)
|
||||
|
||||
#define schedule_work(wp) \
|
||||
do { \
|
||||
queue_task((wp), &tq_immediate); \
|
||||
mark_bh(IMMEDIATE_BH); \
|
||||
} while (0)
|
||||
|
||||
#define flush_scheduled_work() run_task_queue(&tq_immediate)
|
||||
|
||||
#else
|
||||
#define ocf_iomem_t void __iomem *
|
||||
|
||||
#include <linux/workqueue.h>
|
||||
|
||||
#endif
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,26)
|
||||
#include <linux/fdtable.h>
|
||||
#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,11)
|
||||
#define files_fdtable(files) (files)
|
||||
#endif
|
||||
|
||||
#ifdef MODULE_PARM
|
||||
#undef module_param /* just in case */
|
||||
#define module_param(a,b,c) MODULE_PARM(a,"i")
|
||||
#endif
|
||||
|
||||
#define bzero(s,l) memset(s,0,l)
|
||||
#define bcopy(s,d,l) memcpy(d,s,l)
|
||||
#define bcmp(x, y, l) memcmp(x,y,l)
|
||||
|
||||
#define MIN(x,y) ((x) < (y) ? (x) : (y))
|
||||
|
||||
#define device_printf(dev, a...) ({ \
|
||||
printk("%s: ", device_get_nameunit(dev)); printk(a); \
|
||||
})
|
||||
|
||||
#undef printf
|
||||
#define printf(fmt...) printk(fmt)
|
||||
|
||||
#define KASSERT(c,p) if (!(c)) { printk p ; } else
|
||||
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
|
||||
#define ocf_daemonize(str) \
|
||||
daemonize(); \
|
||||
spin_lock_irq(¤t->sigmask_lock); \
|
||||
sigemptyset(¤t->blocked); \
|
||||
recalc_sigpending(current); \
|
||||
spin_unlock_irq(¤t->sigmask_lock); \
|
||||
sprintf(current->comm, str);
|
||||
#else
|
||||
#define ocf_daemonize(str) daemonize(str);
|
||||
#endif
|
||||
|
||||
#define TAILQ_INSERT_TAIL(q,d,m) list_add_tail(&(d)->m, (q))
|
||||
#define TAILQ_EMPTY(q) list_empty(q)
|
||||
#define TAILQ_FOREACH(v, q, m) list_for_each_entry(v, q, m)
|
||||
|
||||
#define read_random(p,l) get_random_bytes(p,l)
|
||||
|
||||
#define DELAY(x) ((x) > 2000 ? mdelay((x)/1000) : udelay(x))
|
||||
#define strtoul simple_strtoul
|
||||
|
||||
#define pci_get_vendor(dev) ((dev)->vendor)
|
||||
#define pci_get_device(dev) ((dev)->device)
|
||||
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
|
||||
#define pci_set_consistent_dma_mask(dev, mask) (0)
|
||||
#endif
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,10)
|
||||
#define pci_dma_sync_single_for_cpu pci_dma_sync_single
|
||||
#endif
|
||||
|
||||
#ifndef DMA_32BIT_MASK
|
||||
#define DMA_32BIT_MASK 0x00000000ffffffffULL
|
||||
#endif
|
||||
|
||||
#define htole32(x) cpu_to_le32(x)
|
||||
#define htobe32(x) cpu_to_be32(x)
|
||||
#define htole16(x) cpu_to_le16(x)
|
||||
#define htobe16(x) cpu_to_be16(x)
|
||||
|
||||
/* older kernels don't have these */
|
||||
|
||||
#ifndef IRQ_NONE
|
||||
#define IRQ_NONE
|
||||
#define IRQ_HANDLED
|
||||
#define irqreturn_t void
|
||||
#endif
|
||||
#ifndef IRQF_SHARED
|
||||
#define IRQF_SHARED SA_SHIRQ
|
||||
#endif
|
||||
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,5,0)
|
||||
# define strlcpy(dest,src,len) \
|
||||
({strncpy(dest,src,(len)-1); ((char *)dest)[(len)-1] = '\0'; })
|
||||
#endif
|
||||
|
||||
#ifndef MAX_ERRNO
|
||||
#define MAX_ERRNO 4095
|
||||
#endif
|
||||
#ifndef IS_ERR_VALUE
|
||||
#define IS_ERR_VALUE(x) ((unsigned long)(x) >= (unsigned long)-MAX_ERRNO)
|
||||
#endif
|
||||
|
||||
/*
|
||||
* common debug for all
|
||||
*/
|
||||
#if 1
|
||||
#define dprintk(a...) do { if (debug) printk(a); } while(0)
|
||||
#else
|
||||
#define dprintk(a...)
|
||||
#endif
|
||||
|
||||
#ifndef SLAB_ATOMIC
|
||||
/* Changed in 2.6.20, must use GFP_ATOMIC now */
|
||||
#define SLAB_ATOMIC GFP_ATOMIC
|
||||
#endif
|
||||
|
||||
/*
|
||||
* need some additional support for older kernels */
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,2)
|
||||
#define pci_register_driver_compat(driver, rc) \
|
||||
do { \
|
||||
if ((rc) > 0) { \
|
||||
(rc) = 0; \
|
||||
} else if (rc == 0) { \
|
||||
(rc) = -ENODEV; \
|
||||
} else { \
|
||||
pci_unregister_driver(driver); \
|
||||
} \
|
||||
} while (0)
|
||||
#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,10)
|
||||
#define pci_register_driver_compat(driver,rc) ((rc) = (rc) < 0 ? (rc) : 0)
|
||||
#else
|
||||
#define pci_register_driver_compat(driver,rc)
|
||||
#endif
|
||||
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,24)
|
||||
|
||||
#include <asm/scatterlist.h>
|
||||
|
||||
static inline void sg_set_page(struct scatterlist *sg, struct page *page,
|
||||
unsigned int len, unsigned int offset)
|
||||
{
|
||||
sg->page = page;
|
||||
sg->offset = offset;
|
||||
sg->length = len;
|
||||
}
|
||||
|
||||
static inline void *sg_virt(struct scatterlist *sg)
|
||||
{
|
||||
return page_address(sg->page) + sg->offset;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#endif /* __KERNEL__ */
|
||||
|
||||
/****************************************************************************/
|
||||
#endif /* _BSD_COMPAT_H_ */
|
@ -1,279 +0,0 @@
|
||||
/* $KAME: sha1.c,v 1.5 2000/11/08 06:13:08 itojun Exp $ */
|
||||
/*
|
||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. Neither the name of the project nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
|
||||
* based on: http://csrc.nist.gov/fips/fip180-1.txt
|
||||
* implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
|
||||
*/
|
||||
|
||||
#if 0
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD: src/sys/crypto/sha1.c,v 1.9 2003/06/10 21:36:57 obrien Exp $");
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/cdefs.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/systm.h>
|
||||
|
||||
#include <crypto/sha1.h>
|
||||
#endif
|
||||
|
||||
/* sanity check */
|
||||
#if BYTE_ORDER != BIG_ENDIAN
|
||||
# if BYTE_ORDER != LITTLE_ENDIAN
|
||||
# define unsupported 1
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifndef unsupported
|
||||
|
||||
/* constant table */
|
||||
static u_int32_t _K[] = { 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6 };
|
||||
#define K(t) _K[(t) / 20]
|
||||
|
||||
#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d)))
|
||||
#define F1(b, c, d) (((b) ^ (c)) ^ (d))
|
||||
#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
|
||||
#define F3(b, c, d) (((b) ^ (c)) ^ (d))
|
||||
|
||||
#define S(n, x) (((x) << (n)) | ((x) >> (32 - n)))
|
||||
|
||||
#undef H
|
||||
#define H(n) (ctxt->h.b32[(n)])
|
||||
#define COUNT (ctxt->count)
|
||||
#define BCOUNT (ctxt->c.b64[0] / 8)
|
||||
#define W(n) (ctxt->m.b32[(n)])
|
||||
|
||||
#define PUTBYTE(x) { \
|
||||
ctxt->m.b8[(COUNT % 64)] = (x); \
|
||||
COUNT++; \
|
||||
COUNT %= 64; \
|
||||
ctxt->c.b64[0] += 8; \
|
||||
if (COUNT % 64 == 0) \
|
||||
sha1_step(ctxt); \
|
||||
}
|
||||
|
||||
#define PUTPAD(x) { \
|
||||
ctxt->m.b8[(COUNT % 64)] = (x); \
|
||||
COUNT++; \
|
||||
COUNT %= 64; \
|
||||
if (COUNT % 64 == 0) \
|
||||
sha1_step(ctxt); \
|
||||
}
|
||||
|
||||
static void sha1_step(struct sha1_ctxt *);
|
||||
|
||||
static void
|
||||
sha1_step(ctxt)
|
||||
struct sha1_ctxt *ctxt;
|
||||
{
|
||||
u_int32_t a, b, c, d, e;
|
||||
size_t t, s;
|
||||
u_int32_t tmp;
|
||||
|
||||
#if BYTE_ORDER == LITTLE_ENDIAN
|
||||
struct sha1_ctxt tctxt;
|
||||
bcopy(&ctxt->m.b8[0], &tctxt.m.b8[0], 64);
|
||||
ctxt->m.b8[0] = tctxt.m.b8[3]; ctxt->m.b8[1] = tctxt.m.b8[2];
|
||||
ctxt->m.b8[2] = tctxt.m.b8[1]; ctxt->m.b8[3] = tctxt.m.b8[0];
|
||||
ctxt->m.b8[4] = tctxt.m.b8[7]; ctxt->m.b8[5] = tctxt.m.b8[6];
|
||||
ctxt->m.b8[6] = tctxt.m.b8[5]; ctxt->m.b8[7] = tctxt.m.b8[4];
|
||||
ctxt->m.b8[8] = tctxt.m.b8[11]; ctxt->m.b8[9] = tctxt.m.b8[10];
|
||||
ctxt->m.b8[10] = tctxt.m.b8[9]; ctxt->m.b8[11] = tctxt.m.b8[8];
|
||||
ctxt->m.b8[12] = tctxt.m.b8[15]; ctxt->m.b8[13] = tctxt.m.b8[14];
|
||||
ctxt->m.b8[14] = tctxt.m.b8[13]; ctxt->m.b8[15] = tctxt.m.b8[12];
|
||||
ctxt->m.b8[16] = tctxt.m.b8[19]; ctxt->m.b8[17] = tctxt.m.b8[18];
|
||||
ctxt->m.b8[18] = tctxt.m.b8[17]; ctxt->m.b8[19] = tctxt.m.b8[16];
|
||||
ctxt->m.b8[20] = tctxt.m.b8[23]; ctxt->m.b8[21] = tctxt.m.b8[22];
|
||||
ctxt->m.b8[22] = tctxt.m.b8[21]; ctxt->m.b8[23] = tctxt.m.b8[20];
|
||||
ctxt->m.b8[24] = tctxt.m.b8[27]; ctxt->m.b8[25] = tctxt.m.b8[26];
|
||||
ctxt->m.b8[26] = tctxt.m.b8[25]; ctxt->m.b8[27] = tctxt.m.b8[24];
|
||||
ctxt->m.b8[28] = tctxt.m.b8[31]; ctxt->m.b8[29] = tctxt.m.b8[30];
|
||||
ctxt->m.b8[30] = tctxt.m.b8[29]; ctxt->m.b8[31] = tctxt.m.b8[28];
|
||||
ctxt->m.b8[32] = tctxt.m.b8[35]; ctxt->m.b8[33] = tctxt.m.b8[34];
|
||||
ctxt->m.b8[34] = tctxt.m.b8[33]; ctxt->m.b8[35] = tctxt.m.b8[32];
|
||||
ctxt->m.b8[36] = tctxt.m.b8[39]; ctxt->m.b8[37] = tctxt.m.b8[38];
|
||||
ctxt->m.b8[38] = tctxt.m.b8[37]; ctxt->m.b8[39] = tctxt.m.b8[36];
|
||||
ctxt->m.b8[40] = tctxt.m.b8[43]; ctxt->m.b8[41] = tctxt.m.b8[42];
|
||||
ctxt->m.b8[42] = tctxt.m.b8[41]; ctxt->m.b8[43] = tctxt.m.b8[40];
|
||||
ctxt->m.b8[44] = tctxt.m.b8[47]; ctxt->m.b8[45] = tctxt.m.b8[46];
|
||||
ctxt->m.b8[46] = tctxt.m.b8[45]; ctxt->m.b8[47] = tctxt.m.b8[44];
|
||||
ctxt->m.b8[48] = tctxt.m.b8[51]; ctxt->m.b8[49] = tctxt.m.b8[50];
|
||||
ctxt->m.b8[50] = tctxt.m.b8[49]; ctxt->m.b8[51] = tctxt.m.b8[48];
|
||||
ctxt->m.b8[52] = tctxt.m.b8[55]; ctxt->m.b8[53] = tctxt.m.b8[54];
|
||||
ctxt->m.b8[54] = tctxt.m.b8[53]; ctxt->m.b8[55] = tctxt.m.b8[52];
|
||||
ctxt->m.b8[56] = tctxt.m.b8[59]; ctxt->m.b8[57] = tctxt.m.b8[58];
|
||||
ctxt->m.b8[58] = tctxt.m.b8[57]; ctxt->m.b8[59] = tctxt.m.b8[56];
|
||||
ctxt->m.b8[60] = tctxt.m.b8[63]; ctxt->m.b8[61] = tctxt.m.b8[62];
|
||||
ctxt->m.b8[62] = tctxt.m.b8[61]; ctxt->m.b8[63] = tctxt.m.b8[60];
|
||||
#endif
|
||||
|
||||
a = H(0); b = H(1); c = H(2); d = H(3); e = H(4);
|
||||
|
||||
for (t = 0; t < 20; t++) {
|
||||
s = t & 0x0f;
|
||||
if (t >= 16) {
|
||||
W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ W((s+2) & 0x0f) ^ W(s));
|
||||
}
|
||||
tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t);
|
||||
e = d; d = c; c = S(30, b); b = a; a = tmp;
|
||||
}
|
||||
for (t = 20; t < 40; t++) {
|
||||
s = t & 0x0f;
|
||||
W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ W((s+2) & 0x0f) ^ W(s));
|
||||
tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t);
|
||||
e = d; d = c; c = S(30, b); b = a; a = tmp;
|
||||
}
|
||||
for (t = 40; t < 60; t++) {
|
||||
s = t & 0x0f;
|
||||
W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ W((s+2) & 0x0f) ^ W(s));
|
||||
tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t);
|
||||
e = d; d = c; c = S(30, b); b = a; a = tmp;
|
||||
}
|
||||
for (t = 60; t < 80; t++) {
|
||||
s = t & 0x0f;
|
||||
W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ W((s+2) & 0x0f) ^ W(s));
|
||||
tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t);
|
||||
e = d; d = c; c = S(30, b); b = a; a = tmp;
|
||||
}
|
||||
|
||||
H(0) = H(0) + a;
|
||||
H(1) = H(1) + b;
|
||||
H(2) = H(2) + c;
|
||||
H(3) = H(3) + d;
|
||||
H(4) = H(4) + e;
|
||||
|
||||
bzero(&ctxt->m.b8[0], 64);
|
||||
}
|
||||
|
||||
/*------------------------------------------------------------*/
|
||||
|
||||
void
|
||||
sha1_init(ctxt)
|
||||
struct sha1_ctxt *ctxt;
|
||||
{
|
||||
bzero(ctxt, sizeof(struct sha1_ctxt));
|
||||
H(0) = 0x67452301;
|
||||
H(1) = 0xefcdab89;
|
||||
H(2) = 0x98badcfe;
|
||||
H(3) = 0x10325476;
|
||||
H(4) = 0xc3d2e1f0;
|
||||
}
|
||||
|
||||
void
|
||||
sha1_pad(ctxt)
|
||||
struct sha1_ctxt *ctxt;
|
||||
{
|
||||
size_t padlen; /*pad length in bytes*/
|
||||
size_t padstart;
|
||||
|
||||
PUTPAD(0x80);
|
||||
|
||||
padstart = COUNT % 64;
|
||||
padlen = 64 - padstart;
|
||||
if (padlen < 8) {
|
||||
bzero(&ctxt->m.b8[padstart], padlen);
|
||||
COUNT += padlen;
|
||||
COUNT %= 64;
|
||||
sha1_step(ctxt);
|
||||
padstart = COUNT % 64; /* should be 0 */
|
||||
padlen = 64 - padstart; /* should be 64 */
|
||||
}
|
||||
bzero(&ctxt->m.b8[padstart], padlen - 8);
|
||||
COUNT += (padlen - 8);
|
||||
COUNT %= 64;
|
||||
#if BYTE_ORDER == BIG_ENDIAN
|
||||
PUTPAD(ctxt->c.b8[0]); PUTPAD(ctxt->c.b8[1]);
|
||||
PUTPAD(ctxt->c.b8[2]); PUTPAD(ctxt->c.b8[3]);
|
||||
PUTPAD(ctxt->c.b8[4]); PUTPAD(ctxt->c.b8[5]);
|
||||
PUTPAD(ctxt->c.b8[6]); PUTPAD(ctxt->c.b8[7]);
|
||||
#else
|
||||
PUTPAD(ctxt->c.b8[7]); PUTPAD(ctxt->c.b8[6]);
|
||||
PUTPAD(ctxt->c.b8[5]); PUTPAD(ctxt->c.b8[4]);
|
||||
PUTPAD(ctxt->c.b8[3]); PUTPAD(ctxt->c.b8[2]);
|
||||
PUTPAD(ctxt->c.b8[1]); PUTPAD(ctxt->c.b8[0]);
|
||||
#endif
|
||||
}
|
||||
|
||||
void
|
||||
sha1_loop(ctxt, input, len)
|
||||
struct sha1_ctxt *ctxt;
|
||||
const u_int8_t *input;
|
||||
size_t len;
|
||||
{
|
||||
size_t gaplen;
|
||||
size_t gapstart;
|
||||
size_t off;
|
||||
size_t copysiz;
|
||||
|
||||
off = 0;
|
||||
|
||||
while (off < len) {
|
||||
gapstart = COUNT % 64;
|
||||
gaplen = 64 - gapstart;
|
||||
|
||||
copysiz = (gaplen < len - off) ? gaplen : len - off;
|
||||
bcopy(&input[off], &ctxt->m.b8[gapstart], copysiz);
|
||||
COUNT += copysiz;
|
||||
COUNT %= 64;
|
||||
ctxt->c.b64[0] += copysiz * 8;
|
||||
if (COUNT % 64 == 0)
|
||||
sha1_step(ctxt);
|
||||
off += copysiz;
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
sha1_result(ctxt, digest0)
|
||||
struct sha1_ctxt *ctxt;
|
||||
caddr_t digest0;
|
||||
{
|
||||
u_int8_t *digest;
|
||||
|
||||
digest = (u_int8_t *)digest0;
|
||||
sha1_pad(ctxt);
|
||||
#if BYTE_ORDER == BIG_ENDIAN
|
||||
bcopy(&ctxt->h.b8[0], digest, 20);
|
||||
#else
|
||||
digest[0] = ctxt->h.b8[3]; digest[1] = ctxt->h.b8[2];
|
||||
digest[2] = ctxt->h.b8[1]; digest[3] = ctxt->h.b8[0];
|
||||
digest[4] = ctxt->h.b8[7]; digest[5] = ctxt->h.b8[6];
|
||||
digest[6] = ctxt->h.b8[5]; digest[7] = ctxt->h.b8[4];
|
||||
digest[8] = ctxt->h.b8[11]; digest[9] = ctxt->h.b8[10];
|
||||
digest[10] = ctxt->h.b8[9]; digest[11] = ctxt->h.b8[8];
|
||||
digest[12] = ctxt->h.b8[15]; digest[13] = ctxt->h.b8[14];
|
||||
digest[14] = ctxt->h.b8[13]; digest[15] = ctxt->h.b8[12];
|
||||
digest[16] = ctxt->h.b8[19]; digest[17] = ctxt->h.b8[18];
|
||||
digest[18] = ctxt->h.b8[17]; digest[19] = ctxt->h.b8[16];
|
||||
#endif
|
||||
}
|
||||
|
||||
#endif /*unsupported*/
|
@ -1,72 +0,0 @@
|
||||
/* $FreeBSD: src/sys/crypto/sha1.h,v 1.8 2002/03/20 05:13:50 alfred Exp $ */
|
||||
/* $KAME: sha1.h,v 1.5 2000/03/27 04:36:23 sumikawa Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. Neither the name of the project nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
/*
|
||||
* FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
|
||||
* based on: http://csrc.nist.gov/fips/fip180-1.txt
|
||||
* implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
|
||||
*/
|
||||
|
||||
#ifndef _NETINET6_SHA1_H_
|
||||
#define _NETINET6_SHA1_H_
|
||||
|
||||
struct sha1_ctxt {
|
||||
union {
|
||||
u_int8_t b8[20];
|
||||
u_int32_t b32[5];
|
||||
} h;
|
||||
union {
|
||||
u_int8_t b8[8];
|
||||
u_int64_t b64[1];
|
||||
} c;
|
||||
union {
|
||||
u_int8_t b8[64];
|
||||
u_int32_t b32[16];
|
||||
} m;
|
||||
u_int8_t count;
|
||||
};
|
||||
|
||||
#ifdef __KERNEL__
|
||||
extern void sha1_init(struct sha1_ctxt *);
|
||||
extern void sha1_pad(struct sha1_ctxt *);
|
||||
extern void sha1_loop(struct sha1_ctxt *, const u_int8_t *, size_t);
|
||||
extern void sha1_result(struct sha1_ctxt *, caddr_t);
|
||||
|
||||
/* compatibilty with other SHA1 source codes */
|
||||
typedef struct sha1_ctxt SHA1_CTX;
|
||||
#define SHA1Init(x) sha1_init((x))
|
||||
#define SHA1Update(x, y, z) sha1_loop((x), (y), (z))
|
||||
#define SHA1Final(x, y) sha1_result((y), (x))
|
||||
#endif /* __KERNEL__ */
|
||||
|
||||
#define SHA1_RESULTLEN (160/8)
|
||||
|
||||
#endif /*_NETINET6_SHA1_H_*/
|
@ -1,54 +0,0 @@
|
||||
#ifndef _OCF_UIO_H_
|
||||
#define _OCF_UIO_H_
|
||||
|
||||
#include <linux/uio.h>
|
||||
|
||||
/*
|
||||
* The linux uio.h doesn't have all we need. To be fully api compatible
|
||||
* with the BSD cryptodev, we need to keep this around. Perhaps this can
|
||||
* be moved back into the linux/uio.h
|
||||
*
|
||||
* Linux port done by David McCullough <david_mccullough@securecomputing.com>
|
||||
* Copyright (C) 2006-2007 David McCullough
|
||||
* Copyright (C) 2004-2005 Intel Corporation.
|
||||
*
|
||||
* LICENSE TERMS
|
||||
*
|
||||
* The free distribution and use of this software in both source and binary
|
||||
* form is allowed (with or without changes) provided that:
|
||||
*
|
||||
* 1. distributions of this source code include the above copyright
|
||||
* notice, this list of conditions and the following disclaimer;
|
||||
*
|
||||
* 2. distributions in binary form include the above copyright
|
||||
* notice, this list of conditions and the following disclaimer
|
||||
* in the documentation and/or other associated materials;
|
||||
*
|
||||
* 3. the copyright holder's name is not used to endorse products
|
||||
* built using this software without specific written permission.
|
||||
*
|
||||
* ALTERNATIVELY, provided that this notice is retained in full, this product
|
||||
* may be distributed under the terms of the GNU General Public License (GPL),
|
||||
* in which case the provisions of the GPL apply INSTEAD OF those given above.
|
||||
*
|
||||
* DISCLAIMER
|
||||
*
|
||||
* This software is provided 'as is' with no explicit or implied warranties
|
||||
* in respect of its properties, including, but not limited to, correctness
|
||||
* and/or fitness for purpose.
|
||||
* ---------------------------------------------------------------------------
|
||||
*/
|
||||
|
||||
struct uio {
|
||||
struct iovec *uio_iov;
|
||||
int uio_iovcnt;
|
||||
off_t uio_offset;
|
||||
int uio_resid;
|
||||
#if 0
|
||||
enum uio_seg uio_segflg;
|
||||
enum uio_rw uio_rw;
|
||||
struct thread *uio_td;
|
||||
#endif
|
||||
};
|
||||
|
||||
#endif
|
@ -1555,6 +1555,7 @@ CONFIG_NLS_DEFAULT="iso8859-1"
|
||||
# CONFIG_OCF_OCFNULL is not set
|
||||
# CONFIG_OCF_SAFE is not set
|
||||
# CONFIG_OCF_TALITOS is not set
|
||||
# CONFIG_OCF_UBSEC_SSB is not set
|
||||
# CONFIG_OMFS_FS is not set
|
||||
# CONFIG_OSF_PARTITION is not set
|
||||
# CONFIG_P54_COMMON is not set
|
||||
|
@ -1553,6 +1553,7 @@ CONFIG_NLS_DEFAULT="iso8859-1"
|
||||
# CONFIG_OCF_OCFNULL is not set
|
||||
# CONFIG_OCF_SAFE is not set
|
||||
# CONFIG_OCF_TALITOS is not set
|
||||
# CONFIG_OCF_UBSEC_SSB is not set
|
||||
# CONFIG_OMFS_FS is not set
|
||||
# CONFIG_OPROFILE is not set
|
||||
# CONFIG_OSF_PARTITION is not set
|
||||
|
@ -1636,6 +1636,7 @@ CONFIG_NLS_DEFAULT="iso8859-1"
|
||||
# CONFIG_OCF_OCFNULL is not set
|
||||
# CONFIG_OCF_SAFE is not set
|
||||
# CONFIG_OCF_TALITOS is not set
|
||||
# CONFIG_OCF_UBSEC_SSB is not set
|
||||
# CONFIG_OMFS_FS is not set
|
||||
# CONFIG_ORION_WATCHDOG is not set
|
||||
# CONFIG_OSF_PARTITION is not set
|
||||
|
@ -1679,6 +1679,7 @@ CONFIG_NLS_DEFAULT="iso8859-1"
|
||||
# CONFIG_OCF_OCFNULL is not set
|
||||
# CONFIG_OCF_SAFE is not set
|
||||
# CONFIG_OCF_TALITOS is not set
|
||||
# CONFIG_OCF_UBSEC_SSB is not set
|
||||
# CONFIG_OC_ETM is not set
|
||||
# CONFIG_OMFS_FS is not set
|
||||
# CONFIG_ORION_WATCHDOG is not set
|
||||
|
@ -1718,6 +1718,7 @@ CONFIG_NLS_DEFAULT="iso8859-1"
|
||||
# CONFIG_OCF_OCFNULL is not set
|
||||
# CONFIG_OCF_SAFE is not set
|
||||
# CONFIG_OCF_TALITOS is not set
|
||||
# CONFIG_OCF_UBSEC_SSB is not set
|
||||
# CONFIG_OC_ETM is not set
|
||||
# CONFIG_OMFS_FS is not set
|
||||
# CONFIG_ORION_WATCHDOG is not set
|
||||
|
@ -1750,6 +1750,7 @@ CONFIG_NLS_DEFAULT="iso8859-1"
|
||||
# CONFIG_OCF_OCFNULL is not set
|
||||
# CONFIG_OCF_SAFE is not set
|
||||
# CONFIG_OCF_TALITOS is not set
|
||||
# CONFIG_OCF_UBSEC_SSB is not set
|
||||
# CONFIG_OC_ETM is not set
|
||||
# CONFIG_OMFS_FS is not set
|
||||
# CONFIG_ORION_WATCHDOG is not set
|
||||
|
@ -1785,6 +1785,7 @@ CONFIG_NLS_DEFAULT="iso8859-1"
|
||||
# CONFIG_OCF_OCFNULL is not set
|
||||
# CONFIG_OCF_SAFE is not set
|
||||
# CONFIG_OCF_TALITOS is not set
|
||||
# CONFIG_OCF_UBSEC_SSB is not set
|
||||
# CONFIG_OC_ETM is not set
|
||||
# CONFIG_OMFS_FS is not set
|
||||
# CONFIG_ORION_WATCHDOG is not set
|
||||
|
@ -1797,6 +1797,7 @@ CONFIG_NLS_DEFAULT="iso8859-1"
|
||||
# CONFIG_OCF_OCFNULL is not set
|
||||
# CONFIG_OCF_SAFE is not set
|
||||
# CONFIG_OCF_TALITOS is not set
|
||||
# CONFIG_OCF_UBSEC_SSB is not set
|
||||
# CONFIG_OC_ETM is not set
|
||||
# CONFIG_OMFS_FS is not set
|
||||
# CONFIG_ORION_WATCHDOG is not set
|
||||
|
@ -27,6 +27,8 @@ dep_tristate ' ep80579 (HW crypto engine)' \
|
||||
CONFIG_OCF_EP80579 $CONFIG_OCF_OCF
|
||||
dep_tristate ' Micronas c7108 (HW crypto engine)' \
|
||||
CONFIG_OCF_C7108 $CONFIG_OCF_OCF
|
||||
dep_tristate ' uBsec BCM5365 (HW crypto engine)'
|
||||
CONFIG_OCF_UBSEC_SSB $CONFIG_OCF_OCF
|
||||
dep_tristate ' ocfnull (does no crypto)' \
|
||||
CONFIG_OCF_OCFNULL $CONFIG_OCF_OCF
|
||||
dep_tristate ' ocf-bench (HW crypto in-kernel benchmark)' \
|
||||
|
@ -103,6 +103,12 @@ config OCF_C7108
|
||||
help
|
||||
OCF driver for the Microna 7108 Cipher processors.
|
||||
|
||||
config OCF_UBSEC_SSB
|
||||
tristate "uBsec BCM5365 (HW crypto engine)"
|
||||
depends on OCF_OCF
|
||||
help
|
||||
OCF driver for uBsec BCM5365 hardware crypto accelerator.
|
||||
|
||||
config OCF_OCFNULL
|
||||
tristate "ocfnull (fake crypto engine)"
|
||||
depends on OCF_OCF
|
||||
|
@ -47,9 +47,19 @@ $(_obj)-$(CONFIG_OCF_CRYPTOCTEON) += cryptocteon$(_slash)
|
||||
$(_obj)-$(CONFIG_OCF_KIRKWOOD) += kirkwood$(_slash)
|
||||
$(_obj)-$(CONFIG_OCF_OCFNULL) += ocfnull$(_slash)
|
||||
$(_obj)-$(CONFIG_OCF_C7108) += c7108$(_slash)
|
||||
$(_obj)-$(CONFIG_OCF_UBSEC_SSB) += ubsec_ssb$(_slash)
|
||||
|
||||
ocf-objs := $(OCF_OBJS)
|
||||
|
||||
dummy:
|
||||
@echo "Please consult the README for how to build OCF."
|
||||
@echo "If you can't wait then the following should do it:"
|
||||
@echo ""
|
||||
@echo " make ocf_modules"
|
||||
@echo " sudo make ocf_install"
|
||||
@echo ""
|
||||
@exit 1
|
||||
|
||||
$(list-multi) dummy1: $(ocf-objs)
|
||||
$(LD) -r -o $@ $(ocf-objs)
|
||||
|
||||
@ -57,21 +67,44 @@ $(list-multi) dummy1: $(ocf-objs)
|
||||
clean:
|
||||
rm -f *.o *.ko .*.o.flags .*.ko.cmd .*.o.cmd .*.mod.o.cmd *.mod.c
|
||||
rm -f */*.o */*.ko */.*.o.cmd */.*.ko.cmd */.*.mod.o.cmd */*.mod.c */.*.o.flags
|
||||
rm -f */modules.order */modules.builtin modules.order modules.builtin
|
||||
|
||||
ifdef TOPDIR
|
||||
-include $(TOPDIR)/Rules.make
|
||||
endif
|
||||
|
||||
#
|
||||
# release gen targets
|
||||
# targets to build easily on the current machine
|
||||
#
|
||||
|
||||
ocf_make:
|
||||
make -C /lib/modules/$(shell uname -r)/build M=`pwd` $(OCF_TARGET) CONFIG_OCF_OCF=m
|
||||
make -C /lib/modules/$(shell uname -r)/build M=`pwd` $(OCF_TARGET) CONFIG_OCF_OCF=m CONFIG_OCF_CRYPTOSOFT=m
|
||||
-make -C /lib/modules/$(shell uname -r)/build M=`pwd` $(OCF_TARGET) CONFIG_OCF_OCF=m CONFIG_OCF_BENCH=m
|
||||
-make -C /lib/modules/$(shell uname -r)/build M=`pwd` $(OCF_TARGET) CONFIG_OCF_OCF=m CONFIG_OCF_OCFNULL=m
|
||||
-make -C /lib/modules/$(shell uname -r)/build M=`pwd` $(OCF_TARGET) CONFIG_OCF_OCF=m CONFIG_OCF_HIFN=m
|
||||
|
||||
ocf_modules:
|
||||
$(MAKE) ocf_make OCF_TARGET=modules
|
||||
|
||||
ocf_install:
|
||||
$(MAKE) ocf_make OCF_TARGET="modules modules_install"
|
||||
depmod
|
||||
mkdir -p /usr/include/crypto
|
||||
cp cryptodev.h /usr/include/crypto/.
|
||||
|
||||
#
|
||||
# generate full kernel patches for 2.4 and 2.6 kernels to make patching
|
||||
# your kernel easier
|
||||
#
|
||||
|
||||
.PHONY: patch
|
||||
patch:
|
||||
REL=`date +%Y%m%d`; \
|
||||
patch=ocf-linux-$$REL.patch; \
|
||||
patch24=ocf-linux-24-$$REL.patch; \
|
||||
patch26=ocf-linux-26-$$REL.patch; \
|
||||
patchbase=.; \
|
||||
[ -d $$patchbase/patches ] || patchbase=..; \
|
||||
patch=ocf-linux-base.patch; \
|
||||
patch24=ocf-linux-24.patch; \
|
||||
patch26=ocf-linux-26.patch; \
|
||||
( \
|
||||
find . -name Makefile; \
|
||||
find . -name Config.in; \
|
||||
@ -81,44 +114,32 @@ patch:
|
||||
) | while read t; do \
|
||||
diff -Nau /dev/null $$t | sed 's?^+++ \./?+++ linux/crypto/ocf/?'; \
|
||||
done > $$patch; \
|
||||
cat patches/linux-2.4.35-ocf.patch $$patch > $$patch24; \
|
||||
cat patches/linux-2.6.33-ocf.patch $$patch > $$patch26
|
||||
cat $$patchbase/patches/linux-2.4.35-ocf.patch $$patch > $$patch24; \
|
||||
cat $$patchbase/patches/linux-2.6.38-ocf.patch $$patch > $$patch26; \
|
||||
|
||||
.PHONY: tarball
|
||||
tarball:
|
||||
#
|
||||
# this target probably does nothing for anyone but me - davidm
|
||||
#
|
||||
|
||||
.PHONY: release
|
||||
release:
|
||||
REL=`date +%Y%m%d`; RELDIR=/tmp/ocf-linux-$$REL; \
|
||||
CURDIR=`pwd`; \
|
||||
rm -rf /tmp/ocf-linux-$$REL*; \
|
||||
mkdir -p $$RELDIR/tools; \
|
||||
cp README* $$RELDIR; \
|
||||
cp patches/openss*.patch $$RELDIR; \
|
||||
cp patches/crypto-tools.patch $$RELDIR; \
|
||||
cp tools/[!C]* $$RELDIR/tools; \
|
||||
cd ..; \
|
||||
tar cvf $$RELDIR/ocf-linux.tar \
|
||||
--exclude=CVS \
|
||||
--exclude=.* \
|
||||
--exclude=*.o \
|
||||
--exclude=*.ko \
|
||||
--exclude=*.mod.* \
|
||||
--exclude=README* \
|
||||
--exclude=ocf-*.patch \
|
||||
--exclude=ocf/patches/openss*.patch \
|
||||
--exclude=ocf/patches/crypto-tools.patch \
|
||||
--exclude=ocf/tools \
|
||||
ocf; \
|
||||
gzip -9 $$RELDIR/ocf-linux.tar; \
|
||||
cd /tmp; \
|
||||
mkdir -p $$RELDIR/ocf; \
|
||||
mkdir -p $$RELDIR/patches; \
|
||||
mkdir -p $$RELDIR/crypto-tools; \
|
||||
cp README* $$RELDIR/.; \
|
||||
cp patches/[!C]* $$RELDIR/patches/.; \
|
||||
cp tools/[!C]* $$RELDIR/crypto-tools/.; \
|
||||
cp -r [!C]* Config.in $$RELDIR/ocf/.; \
|
||||
rm -rf $$RELDIR/ocf/patches $$RELDIR/ocf/tools; \
|
||||
rm -f $$RELDIR/ocf/README*; \
|
||||
cp $$CURDIR/../../user/crypto-tools/[!C]* $$RELDIR/crypto-tools/.; \
|
||||
make -C $$RELDIR/crypto-tools clean; \
|
||||
make -C $$RELDIR/ocf clean; \
|
||||
find $$RELDIR/ocf -name CVS | xargs rm -rf; \
|
||||
cd $$RELDIR/..; \
|
||||
tar cvf ocf-linux-$$REL.tar ocf-linux-$$REL; \
|
||||
gzip -9 ocf-linux-$$REL.tar; \
|
||||
cd $$CURDIR/../../user; \
|
||||
rm -rf /tmp/crypto-tools-$$REL*; \
|
||||
tar cvf /tmp/crypto-tools-$$REL.tar \
|
||||
--exclude=CVS \
|
||||
--exclude=.* \
|
||||
--exclude=*.o \
|
||||
--exclude=cryptotest \
|
||||
--exclude=cryptokeytest \
|
||||
crypto-tools; \
|
||||
gzip -9 /tmp/crypto-tools-$$REL.tar
|
||||
gzip -9 ocf-linux-$$REL.tar
|
||||
|
||||
|
@ -1,167 +1,246 @@
|
||||
README - ocf-linux-20100325
|
||||
---------------------------
|
||||
###########################
|
||||
README - ocf-linux-20100530
|
||||
###########################
|
||||
|
||||
This README provides instructions for getting ocf-linux compiled and
|
||||
operating in a generic linux environment. For other information you
|
||||
might like to visit the home page for this project:
|
||||
operating in a generic linux environment. Other information on the project
|
||||
can be found at the home page:
|
||||
|
||||
http://ocf-linux.sourceforge.net/
|
||||
|
||||
Adding OCF to linux
|
||||
-------------------
|
||||
Embedded systems and applications requiring userspace acceleration will need
|
||||
to patch the kernel source to get full OCF support. See "Adding OCF to
|
||||
linux source" below. Otherwise the "OCF Quickstart" that follows is the
|
||||
easiest way to get started.
|
||||
|
||||
Not much in this file for now, just some notes. I usually build
|
||||
the ocf support as modules but it can be built into the kernel as
|
||||
well. To use it:
|
||||
If your goal is to accelerate Openswan on Ubuntu or CentOS, you may find
|
||||
that the required binaries are already available on openswan.org:
|
||||
|
||||
* mknod /dev/crypto c 10 70
|
||||
ftp://ftp.openswan.org/ocf/
|
||||
ftp://ftp.openswan.org/openswan/binaries/ubuntu/
|
||||
|
||||
* to add OCF to your kernel source, you have two options. Apply
|
||||
the kernel specific patch:
|
||||
#####################################################
|
||||
OCF Quickstart for Ubuntu/Others (including Openswan)
|
||||
#####################################################
|
||||
|
||||
cd linux-2.4*; gunzip < ocf-linux-24-XXXXXXXX.patch.gz | patch -p1
|
||||
cd linux-2.6*; gunzip < ocf-linux-26-XXXXXXXX.patch.gz | patch -p1
|
||||
|
||||
if you do one of the above, then you can proceed to the next step,
|
||||
or you can do the above process by hand with using the patches against
|
||||
linux-2.4.35 and 2.6.33 to include the ocf code under crypto/ocf.
|
||||
Here's how to add it:
|
||||
This section provides instructions on how to quickly add kernel only support
|
||||
for OCF to a GNU/Linux system. It is only suitable for in-kernel use such as
|
||||
Openswan MAST/KLIPS.
|
||||
|
||||
for 2.4.35 (and later)
|
||||
If the target is an embedded system, or, userspace acceleration of
|
||||
applications such as OpenVPN and OpenSSL, the section below titled
|
||||
"Adding OCF to linux source" is more appropriate.
|
||||
|
||||
cd linux-2.4.35/crypto
|
||||
tar xvzf ocf-linux.tar.gz
|
||||
cd ..
|
||||
patch -p1 < crypto/ocf/patches/linux-2.4.35-ocf.patch
|
||||
Before building kernel only support for OCF ensure that the appropriate
|
||||
linux-headers package is installed:
|
||||
|
||||
for 2.6.23 (and later), find the kernel patch specific (or nearest)
|
||||
to your kernel versions and then:
|
||||
cd ocf
|
||||
make ocf_modules
|
||||
sudo make ocf_install
|
||||
OCF_DIR=`pwd` # remember where OCF sources were built
|
||||
|
||||
cd linux-2.6.NN/crypto
|
||||
tar xvzf ocf-linux.tar.gz
|
||||
cd ..
|
||||
patch -p1 < crypto/ocf/patches/linux-2.6.NN-ocf.patch
|
||||
At this point the ocf, cryptosoft, ocfnull, hifn7751 and ocf-bench modules
|
||||
should have been built and installed. The OCF installation can be tested
|
||||
with the following commands:
|
||||
|
||||
It should be easy to take this patch and apply it to other more
|
||||
recent versions of the kernels. The same patches should also work
|
||||
relatively easily on kernels as old as 2.6.11 and 2.4.18.
|
||||
|
||||
* under 2.4 if you are on a non-x86 platform, you may need to:
|
||||
modprobe ocf
|
||||
modprobe cryptosoft
|
||||
modprobe ocf-bench
|
||||
dmesg | tail -5
|
||||
|
||||
cp linux-2.X.x/include/asm-i386/kmap_types.h linux-2.X.x/include/asm-YYY
|
||||
The final modprobe of ocf-bench will fail, this is intentional as ocf-bench
|
||||
is a short lived module that tests in-kernel performance of OCF. If
|
||||
everything worked correctly the "dmesg | tail -5" should include a line
|
||||
like:
|
||||
|
||||
so that you can build the kernel crypto support needed for the cryptosoft
|
||||
driver.
|
||||
[ 583.128741] OCF: 45133 requests of 1488 bytes in 251 jiffies (535.122 Mbps)
|
||||
|
||||
* For simplicity you should enable all the crypto support in your kernel
|
||||
except for the test driver. Likewise for the OCF options. Do not
|
||||
enable OCF crypto drivers for HW that you do not have (for example
|
||||
ixp4xx will not compile on non-Xscale systems).
|
||||
This shows the in-kernel performance of OCF using the cryptosoft driver.
|
||||
For addition driver load options, see "How to load the OCF modules" below.
|
||||
|
||||
* make sure that cryptodev.h (from ocf-linux.tar.gz) is installed as
|
||||
crypto/cryptodev.h in an include directory that is used for building
|
||||
applications for your platform. For example on a host system that
|
||||
might be:
|
||||
If the intention is to run an OCF accelerated Openswan (KLIPS/MAST) then use
|
||||
these steps to compile openswan downloaded from openswan.org (2.6.34 or later).
|
||||
|
||||
/usr/include/crypto/cryptodev.h
|
||||
tar xf openswan-2.6.34.tar.gz
|
||||
cd openswan-2.6.34
|
||||
make programs
|
||||
make KERNELSRC=/lib/modules/`uname -r`/build \
|
||||
KBUILD_EXTRA_SYMBOLS=$OCF_DIR/Module.symvers \
|
||||
MODULE_DEF_INCLUDE=`pwd`/packaging/ocf/config-all.hmodules \
|
||||
MODULE_DEFCONFIG=`pwd`/packaging/ocf/defconfig \
|
||||
module
|
||||
sudo make KERNELSRC=/lib/modules/`uname -r`/build \
|
||||
KBUILD_EXTRA_SYMBOLS=$OCF_DIR/Module.symvers \
|
||||
MODULE_DEF_INCLUDE=`pwd`/packaging/ocf/config-all.hmodules \
|
||||
MODULE_DEFCONFIG=`pwd`/packaging/ocf/defconfig \
|
||||
install minstall
|
||||
|
||||
* patch your openssl-0.9.8n code with the openssl-0.9.8n.patch.
|
||||
(NOTE: there is no longer a need to patch ssh). The patch is against:
|
||||
openssl-0_9_8e
|
||||
The rest of this document is only required for more complex build
|
||||
requirements.
|
||||
|
||||
If you need a patch for an older version of openssl, you should look
|
||||
to older OCF releases. This patch is unlikely to work on older
|
||||
openssl versions.
|
||||
##########################
|
||||
Adding OCF to linux source
|
||||
##########################
|
||||
|
||||
openssl-0.9.8n.patch
|
||||
- enables --with-cryptodev for non BSD systems
|
||||
- adds -cpu option to openssl speed for calculating CPU load
|
||||
under linux
|
||||
- fixes null pointer in openssl speed multi thread output.
|
||||
- fixes test keys to work with linux crypto's more stringent
|
||||
key checking.
|
||||
- adds MD5/SHA acceleration (Ronen Shitrit), only enabled
|
||||
with the --with-cryptodev-digests option
|
||||
- fixes bug in engine code caching.
|
||||
It is recommended that OCF be built as modules as it increases the
|
||||
flexibility and ease of debugging the system.
|
||||
|
||||
* build crypto-tools-XXXXXXXX.tar.gz if you want to try some of the BSD
|
||||
tools for testing OCF (ie., cryptotest).
|
||||
Ensure that the system has /dev/crypto for userspace access to OCF:
|
||||
|
||||
How to load the OCF drivers
|
||||
---------------------------
|
||||
mknod /dev/crypto c 10 70
|
||||
|
||||
First insert the base modules:
|
||||
Generate the kernel patches and apply the appropriate one.
|
||||
|
||||
insmod ocf
|
||||
insmod cryptodev
|
||||
cd ocf
|
||||
make patch
|
||||
|
||||
You can then install the software OCF driver with:
|
||||
This will provide three files:
|
||||
|
||||
insmod cryptosoft
|
||||
linux-2.4.*-ocf.patch
|
||||
linux-2.6.*-ocf.patch
|
||||
ocf-linux-base.patch
|
||||
|
||||
and one or more of the OCF HW drivers with:
|
||||
If either of the first two patches applies to the targets kernel, then one
|
||||
of the following as required:
|
||||
|
||||
insmod safe
|
||||
insmod hifn7751
|
||||
insmod ixp4xx
|
||||
...
|
||||
cd linux-2.X.Y; patch -p1 < linux-2.4.*-ocf.patch
|
||||
cd linux-2.6.Y; patch -p1 < linux-2.6.*-ocf.patch
|
||||
|
||||
all the drivers take a debug option to enable verbose debug so that
|
||||
you can see what is going on. For debug you load them as:
|
||||
Otherwise, locate the appropriate kernel patch in the patches directory and
|
||||
apply that as well as the ocf-linux-base.patch using '-p1'.
|
||||
|
||||
insmod ocf crypto_debug=1
|
||||
insmod cryptodev cryptodev_debug=1
|
||||
insmod cryptosoft swcr_debug=1
|
||||
When using a linux-2.4 system on a non-x86 platform, the following may be
|
||||
required to build cryptosoft:
|
||||
|
||||
You may load more than one OCF crypto driver but then there is no guarantee
|
||||
as to which will be used.
|
||||
cp linux-2.X.x/include/asm-i386/kmap_types.h linux-2.X.x/include/asm-YYY
|
||||
|
||||
You can also enable debug at run time on 2.6 systems with the following:
|
||||
When using cryptosoft, for simplicity, enable all the crypto support in the
|
||||
kernel except for the test driver. Likewise for the OCF options. Do not
|
||||
enable OCF crypto drivers for HW that is not present (for example the ixp4xx
|
||||
driver will not compile on non-Xscale systems).
|
||||
|
||||
echo 1 > /sys/module/ocf/parameters/crypto_debug
|
||||
echo 1 > /sys/module/cryptodev/parameters/cryptodev_debug
|
||||
echo 1 > /sys/module/cryptosoft/parameters/swcr_debug
|
||||
echo 1 > /sys/module/hifn7751/parameters/hifn_debug
|
||||
echo 1 > /sys/module/safe/parameters/safe_debug
|
||||
echo 1 > /sys/module/ixp4xx/parameters/ixp_debug
|
||||
...
|
||||
Make sure that cryptodev.h from the ocf directory is installed as
|
||||
crypto/cryptodev.h in an include directory that is used for building
|
||||
applications for the target platform. For example on a host system that
|
||||
might be:
|
||||
|
||||
/usr/include/crypto/cryptodev.h
|
||||
|
||||
Patch the openssl-0.9.8r code the openssl-0.9.8r.patch from the patches
|
||||
directory. There are many older patch versions in the patches directory
|
||||
if required.
|
||||
|
||||
The openssl patches provide the following functionality:
|
||||
|
||||
* enables --with-cryptodev for non BSD systems
|
||||
* adds -cpu option to openssl speed for calculating CPU load under linux
|
||||
* fixes null pointer in openssl speed multi thread output.
|
||||
* fixes test keys to work with linux crypto's more stringent key checking.
|
||||
* adds MD5/SHA acceleration (Ronen Shitrit), only enabled with the
|
||||
--with-cryptodev-digests option
|
||||
* fixes bug in engine code caching.
|
||||
|
||||
Build the crypto-tools directory for the target to obtain a userspace
|
||||
testing tool call cryptotest.
|
||||
|
||||
###########################
|
||||
How to load the OCF modules
|
||||
###########################
|
||||
|
||||
First insert the base modules (cryptodev is optional, it is only used
|
||||
for userspace acceleration):
|
||||
|
||||
modprobe ocf
|
||||
modprobe cryptodev
|
||||
|
||||
Load the software OCF driver with:
|
||||
|
||||
modprobe cryptosoft
|
||||
|
||||
and zero or more of the OCF HW drivers with:
|
||||
|
||||
modprobe safe
|
||||
modprobe hifn7751
|
||||
modprobe ixp4xx
|
||||
...
|
||||
|
||||
All the drivers take a debug option to enable verbose debug so that
|
||||
OCF operation may be observed via "dmesg" or the console. For debug
|
||||
load the modules as:
|
||||
|
||||
modprobe ocf crypto_debug=1
|
||||
modprobe cryptodev cryptodev_debug=1
|
||||
modprobe cryptosoft swcr_debug=1
|
||||
|
||||
More than one OCF crypto driver may be loaded but then there is no
|
||||
guarantee as to which will be used (other than a preference for HW
|
||||
drivers over SW drivers by most applications).
|
||||
|
||||
It is also possible to enable debug at run time on linux-2.6 systems
|
||||
with the following:
|
||||
|
||||
echo 1 > /sys/module/ocf/parameters/crypto_debug
|
||||
echo 1 > /sys/module/cryptodev/parameters/cryptodev_debug
|
||||
echo 1 > /sys/module/cryptosoft/parameters/swcr_debug
|
||||
echo 1 > /sys/module/hifn7751/parameters/hifn_debug
|
||||
echo 1 > /sys/module/safe/parameters/safe_debug
|
||||
echo 1 > /sys/module/ixp4xx/parameters/ixp_debug
|
||||
...
|
||||
|
||||
The ocf-bench driver accepts the following parameters:
|
||||
|
||||
request_q_len - Maximum number of outstanding requests to OCF
|
||||
request_num - run for at least this many requests
|
||||
request_size - size of each request (multiple of 16 bytes recommended)
|
||||
request_batch - enable OCF request batching
|
||||
request_cbimm - enable OCF immediate callback on completion
|
||||
|
||||
For example:
|
||||
|
||||
modprobe ocf-bench request_size=1024 request_cbimm=0
|
||||
|
||||
#######################
|
||||
Testing the OCF support
|
||||
-----------------------
|
||||
#######################
|
||||
|
||||
run "cryptotest", it should do a short test for a couple of
|
||||
des packets. If it does everything is working.
|
||||
run "cryptotest", it should do a short test for a couple of
|
||||
des packets. If it does everything is working.
|
||||
|
||||
If this works, then ssh will use the driver when invoked as:
|
||||
If this works, then ssh will use the driver when invoked as:
|
||||
|
||||
ssh -c 3des username@host
|
||||
ssh -c 3des username@host
|
||||
|
||||
to see for sure that it is operating, enable debug as defined above.
|
||||
to see for sure that it is operating, enable debug as defined above.
|
||||
|
||||
To get a better idea of performance run:
|
||||
To get a better idea of performance run:
|
||||
|
||||
cryptotest 100 4096
|
||||
cryptotest 100 4096
|
||||
|
||||
There are more options to cryptotest, see the help.
|
||||
There are more options to cryptotest, see the help.
|
||||
|
||||
It is also possible to use openssl to test the speed of the crypto
|
||||
drivers.
|
||||
It is also possible to use openssl to test the speed of the crypto
|
||||
drivers.
|
||||
|
||||
openssl speed -evp des -engine cryptodev -elapsed
|
||||
openssl speed -evp des3 -engine cryptodev -elapsed
|
||||
openssl speed -evp aes128 -engine cryptodev -elapsed
|
||||
openssl speed -evp des -engine cryptodev -elapsed
|
||||
openssl speed -evp des3 -engine cryptodev -elapsed
|
||||
openssl speed -evp aes128 -engine cryptodev -elapsed
|
||||
|
||||
and multiple threads (10) with:
|
||||
and multiple threads (10) with:
|
||||
|
||||
openssl speed -evp des -engine cryptodev -elapsed -multi 10
|
||||
openssl speed -evp des3 -engine cryptodev -elapsed -multi 10
|
||||
openssl speed -evp aes128 -engine cryptodev -elapsed -multi 10
|
||||
openssl speed -evp des -engine cryptodev -elapsed -multi 10
|
||||
openssl speed -evp des3 -engine cryptodev -elapsed -multi 10
|
||||
openssl speed -evp aes128 -engine cryptodev -elapsed -multi 10
|
||||
|
||||
for public key testing you can try:
|
||||
for public key testing you can try:
|
||||
|
||||
cryptokeytest
|
||||
openssl speed -engine cryptodev rsa -elapsed
|
||||
openssl speed -engine cryptodev dsa -elapsed
|
||||
cryptokeytest
|
||||
openssl speed -engine cryptodev rsa -elapsed
|
||||
openssl speed -engine cryptodev dsa -elapsed
|
||||
|
||||
David McCullough
|
||||
david_mccullough@mcafee.com
|
||||
|
||||
#############################
|
||||
#
|
||||
# David McCullough
|
||||
# david_mccullough@mcafee.com
|
||||
#
|
||||
#############################
|
||||
|
@ -35,10 +35,8 @@ __FBSDID("$FreeBSD: src/sys/opencrypto/criov.c,v 1.5 2006/06/04 22:15:13 pjd Exp
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
|
@ -64,10 +64,8 @@ __FBSDID("$FreeBSD: src/sys/opencrypto/crypto.c,v 1.16 2005/01/07 02:29:16 imp E
|
||||
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -76,7 +74,9 @@ __FBSDID("$FreeBSD: src/sys/opencrypto/crypto.c,v 1.16 2005/01/07 02:29:16 imp E
|
||||
#include <linux/wait.h>
|
||||
#include <linux/sched.h>
|
||||
#include <linux/spinlock.h>
|
||||
#include <linux/version.h>
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,4)
|
||||
#include <linux/kthread.h>
|
||||
#endif
|
||||
#include <cryptodev.h>
|
||||
|
||||
/*
|
||||
@ -156,9 +156,8 @@ static int crypto_drivers_num = 0;
|
||||
* have one per-queue but having one simplifies handling of block/unblock
|
||||
* operations.
|
||||
*/
|
||||
static int crp_sleep = 0;
|
||||
static LIST_HEAD(crp_q); /* request queues */
|
||||
static LIST_HEAD(crp_kq);
|
||||
static LIST_HEAD(crp_q); /* crypto request queue */
|
||||
static LIST_HEAD(crp_kq); /* asym request queue */
|
||||
|
||||
static spinlock_t crypto_q_lock;
|
||||
|
||||
@ -213,11 +212,6 @@ static struct kmem_cache *cryptop_zone;
|
||||
static struct kmem_cache *cryptodesc_zone;
|
||||
#endif
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,27)
|
||||
#include <linux/sched.h>
|
||||
#define kill_proc(p,s,v) send_sig(s,find_task_by_vpid(p),0)
|
||||
#endif
|
||||
|
||||
#define debug crypto_debug
|
||||
int crypto_debug = 0;
|
||||
module_param(crypto_debug, int, 0644);
|
||||
@ -278,11 +272,13 @@ module_param(crypto_max_loopcount, int, 0644);
|
||||
MODULE_PARM_DESC(crypto_max_loopcount,
|
||||
"Maximum number of crypto ops to do before yielding to other processes");
|
||||
|
||||
static pid_t cryptoproc = (pid_t) -1;
|
||||
static struct completion cryptoproc_exited;
|
||||
#ifndef CONFIG_NR_CPUS
|
||||
#define CONFIG_NR_CPUS 1
|
||||
#endif
|
||||
|
||||
static struct task_struct *cryptoproc[CONFIG_NR_CPUS];
|
||||
static struct task_struct *cryptoretproc[CONFIG_NR_CPUS];
|
||||
static DECLARE_WAIT_QUEUE_HEAD(cryptoproc_wait);
|
||||
static pid_t cryptoretproc = (pid_t) -1;
|
||||
static struct completion cryptoretproc_exited;
|
||||
static DECLARE_WAIT_QUEUE_HEAD(cryptoretproc_wait);
|
||||
|
||||
static int crypto_proc(void *arg);
|
||||
@ -318,6 +314,7 @@ driver_suitable(const struct cryptocap *cap, const struct cryptoini *cri)
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Select a driver for a new session that supports the specified
|
||||
* algorithms and, optionally, is constrained according to the flags.
|
||||
@ -791,8 +788,7 @@ crypto_unblock(u_int32_t driverid, int what)
|
||||
cap->cc_unkqblocked = 0;
|
||||
crypto_all_kqblocked = 0;
|
||||
}
|
||||
if (crp_sleep)
|
||||
wake_up_interruptible(&cryptoproc_wait);
|
||||
wake_up_interruptible(&cryptoproc_wait);
|
||||
err = 0;
|
||||
} else
|
||||
err = EINVAL;
|
||||
@ -817,8 +813,8 @@ crypto_dispatch(struct cryptop *crp)
|
||||
|
||||
CRYPTO_Q_LOCK();
|
||||
if (crypto_q_cnt >= crypto_q_max) {
|
||||
CRYPTO_Q_UNLOCK();
|
||||
cryptostats.cs_drops++;
|
||||
CRYPTO_Q_UNLOCK();
|
||||
return ENOMEM;
|
||||
}
|
||||
crypto_q_cnt++;
|
||||
@ -865,8 +861,7 @@ crypto_dispatch(struct cryptop *crp)
|
||||
TAILQ_INSERT_TAIL(&crp_q, crp, crp_next);
|
||||
result = 0;
|
||||
}
|
||||
if (crp_sleep)
|
||||
wake_up_interruptible(&cryptoproc_wait);
|
||||
wake_up_interruptible(&cryptoproc_wait);
|
||||
CRYPTO_Q_UNLOCK();
|
||||
return result;
|
||||
}
|
||||
@ -887,8 +882,7 @@ crypto_kdispatch(struct cryptkop *krp)
|
||||
if (error == ERESTART) {
|
||||
CRYPTO_Q_LOCK();
|
||||
TAILQ_INSERT_TAIL(&crp_kq, krp, krp_next);
|
||||
if (crp_sleep)
|
||||
wake_up_interruptible(&cryptoproc_wait);
|
||||
wake_up_interruptible(&cryptoproc_wait);
|
||||
CRYPTO_Q_UNLOCK();
|
||||
error = 0;
|
||||
}
|
||||
@ -1186,8 +1180,7 @@ crypto_done(struct cryptop *crp)
|
||||
* Normal case; queue the callback for the thread.
|
||||
*/
|
||||
CRYPTO_RETQ_LOCK();
|
||||
if (CRYPTO_RETQ_EMPTY())
|
||||
wake_up_interruptible(&cryptoretproc_wait);/* shared wait channel */
|
||||
wake_up_interruptible(&cryptoretproc_wait);/* shared wait channel */
|
||||
TAILQ_INSERT_TAIL(&crp_ret_q, crp, crp_next);
|
||||
CRYPTO_RETQ_UNLOCK();
|
||||
}
|
||||
@ -1237,8 +1230,7 @@ crypto_kdone(struct cryptkop *krp)
|
||||
* Normal case; queue the callback for the thread.
|
||||
*/
|
||||
CRYPTO_RETQ_LOCK();
|
||||
if (CRYPTO_RETQ_EMPTY())
|
||||
wake_up_interruptible(&cryptoretproc_wait);/* shared wait channel */
|
||||
wake_up_interruptible(&cryptoretproc_wait);/* shared wait channel */
|
||||
TAILQ_INSERT_TAIL(&crp_ret_kq, krp, krp_next);
|
||||
CRYPTO_RETQ_UNLOCK();
|
||||
}
|
||||
@ -1281,7 +1273,7 @@ crypto_proc(void *arg)
|
||||
unsigned long q_flags;
|
||||
int loopcount = 0;
|
||||
|
||||
ocf_daemonize("crypto");
|
||||
set_current_state(TASK_INTERRUPTIBLE);
|
||||
|
||||
CRYPTO_Q_LOCK();
|
||||
for (;;) {
|
||||
@ -1435,12 +1427,10 @@ crypto_proc(void *arg)
|
||||
list_empty(&crp_kq), crypto_all_kqblocked);
|
||||
loopcount = 0;
|
||||
CRYPTO_Q_UNLOCK();
|
||||
crp_sleep = 1;
|
||||
wait_event_interruptible(cryptoproc_wait,
|
||||
!(list_empty(&crp_q) || crypto_all_qblocked) ||
|
||||
!(list_empty(&crp_kq) || crypto_all_kqblocked) ||
|
||||
cryptoproc == (pid_t) -1);
|
||||
crp_sleep = 0;
|
||||
kthread_should_stop());
|
||||
if (signal_pending (current)) {
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
|
||||
spin_lock_irq(¤t->sigmask_lock);
|
||||
@ -1452,7 +1442,7 @@ crypto_proc(void *arg)
|
||||
}
|
||||
CRYPTO_Q_LOCK();
|
||||
dprintk("%s - awake\n", __FUNCTION__);
|
||||
if (cryptoproc == (pid_t) -1)
|
||||
if (kthread_should_stop())
|
||||
break;
|
||||
cryptostats.cs_intrs++;
|
||||
} else if (loopcount > crypto_max_loopcount) {
|
||||
@ -1461,12 +1451,14 @@ crypto_proc(void *arg)
|
||||
* been using the CPU exclusively for a while.
|
||||
*/
|
||||
loopcount = 0;
|
||||
CRYPTO_Q_UNLOCK();
|
||||
schedule();
|
||||
CRYPTO_Q_LOCK();
|
||||
}
|
||||
loopcount++;
|
||||
}
|
||||
CRYPTO_Q_UNLOCK();
|
||||
complete_and_exit(&cryptoproc_exited, 0);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -1481,7 +1473,7 @@ crypto_ret_proc(void *arg)
|
||||
struct cryptkop *krpt;
|
||||
unsigned long r_flags;
|
||||
|
||||
ocf_daemonize("crypto_ret");
|
||||
set_current_state(TASK_INTERRUPTIBLE);
|
||||
|
||||
CRYPTO_RETQ_LOCK();
|
||||
for (;;) {
|
||||
@ -1516,9 +1508,9 @@ crypto_ret_proc(void *arg)
|
||||
dprintk("%s - sleeping\n", __FUNCTION__);
|
||||
CRYPTO_RETQ_UNLOCK();
|
||||
wait_event_interruptible(cryptoretproc_wait,
|
||||
cryptoretproc == (pid_t) -1 ||
|
||||
!list_empty(&crp_ret_q) ||
|
||||
!list_empty(&crp_ret_kq));
|
||||
!list_empty(&crp_ret_kq) ||
|
||||
kthread_should_stop());
|
||||
if (signal_pending (current)) {
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
|
||||
spin_lock_irq(¤t->sigmask_lock);
|
||||
@ -1530,7 +1522,7 @@ crypto_ret_proc(void *arg)
|
||||
}
|
||||
CRYPTO_RETQ_LOCK();
|
||||
dprintk("%s - awake\n", __FUNCTION__);
|
||||
if (cryptoretproc == (pid_t) -1) {
|
||||
if (kthread_should_stop()) {
|
||||
dprintk("%s - EXITING!\n", __FUNCTION__);
|
||||
break;
|
||||
}
|
||||
@ -1538,7 +1530,7 @@ crypto_ret_proc(void *arg)
|
||||
}
|
||||
}
|
||||
CRYPTO_RETQ_UNLOCK();
|
||||
complete_and_exit(&cryptoretproc_exited, 0);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -1644,6 +1636,7 @@ static int
|
||||
crypto_init(void)
|
||||
{
|
||||
int error;
|
||||
unsigned long cpu;
|
||||
|
||||
dprintk("%s(%p)\n", __FUNCTION__, (void *) crypto_init);
|
||||
|
||||
@ -1686,25 +1679,28 @@ crypto_init(void)
|
||||
|
||||
memset(crypto_drivers, 0, crypto_drivers_num * sizeof(struct cryptocap));
|
||||
|
||||
init_completion(&cryptoproc_exited);
|
||||
init_completion(&cryptoretproc_exited);
|
||||
|
||||
cryptoproc = 0; /* to avoid race condition where proc runs first */
|
||||
cryptoproc = kernel_thread(crypto_proc, NULL, CLONE_FS|CLONE_FILES);
|
||||
if (cryptoproc < 0) {
|
||||
error = cryptoproc;
|
||||
printk("crypto: crypto_init cannot start crypto thread; error %d",
|
||||
error);
|
||||
goto bad;
|
||||
}
|
||||
|
||||
cryptoretproc = 0; /* to avoid race condition where proc runs first */
|
||||
cryptoretproc = kernel_thread(crypto_ret_proc, NULL, CLONE_FS|CLONE_FILES);
|
||||
if (cryptoretproc < 0) {
|
||||
error = cryptoretproc;
|
||||
printk("crypto: crypto_init cannot start cryptoret thread; error %d",
|
||||
ocf_for_each_cpu(cpu) {
|
||||
cryptoproc[cpu] = kthread_create(crypto_proc, (void *) cpu,
|
||||
"ocf_%d", (int) cpu);
|
||||
if (IS_ERR(cryptoproc[cpu])) {
|
||||
error = PTR_ERR(cryptoproc[cpu]);
|
||||
printk("crypto: crypto_init cannot start crypto thread; error %d",
|
||||
error);
|
||||
goto bad;
|
||||
goto bad;
|
||||
}
|
||||
kthread_bind(cryptoproc[cpu], cpu);
|
||||
wake_up_process(cryptoproc[cpu]);
|
||||
|
||||
cryptoretproc[cpu] = kthread_create(crypto_ret_proc, (void *) cpu,
|
||||
"ocf_ret_%d", (int) cpu);
|
||||
if (IS_ERR(cryptoretproc[cpu])) {
|
||||
error = PTR_ERR(cryptoretproc[cpu]);
|
||||
printk("crypto: crypto_init cannot start cryptoret thread; error %d",
|
||||
error);
|
||||
goto bad;
|
||||
}
|
||||
kthread_bind(cryptoretproc[cpu], cpu);
|
||||
wake_up_process(cryptoretproc[cpu]);
|
||||
}
|
||||
|
||||
return 0;
|
||||
@ -1717,34 +1713,17 @@ bad:
|
||||
static void
|
||||
crypto_exit(void)
|
||||
{
|
||||
pid_t p;
|
||||
unsigned long d_flags;
|
||||
int cpu;
|
||||
|
||||
dprintk("%s()\n", __FUNCTION__);
|
||||
|
||||
/*
|
||||
* Terminate any crypto threads.
|
||||
*/
|
||||
|
||||
CRYPTO_DRIVER_LOCK();
|
||||
p = cryptoproc;
|
||||
cryptoproc = (pid_t) -1;
|
||||
kill_proc(p, SIGTERM, 1);
|
||||
wake_up_interruptible(&cryptoproc_wait);
|
||||
CRYPTO_DRIVER_UNLOCK();
|
||||
|
||||
wait_for_completion(&cryptoproc_exited);
|
||||
|
||||
CRYPTO_DRIVER_LOCK();
|
||||
p = cryptoretproc;
|
||||
cryptoretproc = (pid_t) -1;
|
||||
kill_proc(p, SIGTERM, 1);
|
||||
wake_up_interruptible(&cryptoretproc_wait);
|
||||
CRYPTO_DRIVER_UNLOCK();
|
||||
|
||||
wait_for_completion(&cryptoretproc_exited);
|
||||
|
||||
/* XXX flush queues??? */
|
||||
ocf_for_each_cpu(cpu) {
|
||||
kthread_stop(cryptoproc[cpu]);
|
||||
kthread_stop(cryptoretproc[cpu]);
|
||||
}
|
||||
|
||||
/*
|
||||
* Reclaim dynamically allocated resources.
|
||||
|
@ -28,10 +28,8 @@
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -69,15 +67,6 @@ struct octo_sess {
|
||||
int octo_mlen;
|
||||
int octo_ivsize;
|
||||
|
||||
#if 0
|
||||
int (*octo_decrypt)(struct scatterlist *sg, int sg_len,
|
||||
uint8_t *key, int key_len, uint8_t * iv,
|
||||
uint64_t *hminner, uint64_t *hmouter);
|
||||
|
||||
int (*octo_encrypt)(struct scatterlist *sg, int sg_len,
|
||||
uint8_t *key, int key_len, uint8_t * iv,
|
||||
uint64_t *hminner, uint64_t *hmouter);
|
||||
#else
|
||||
int (*octo_encrypt)(struct octo_sess *od,
|
||||
struct scatterlist *sg, int sg_len,
|
||||
int auth_off, int auth_len,
|
||||
@ -88,7 +77,6 @@ struct octo_sess {
|
||||
int auth_off, int auth_len,
|
||||
int crypt_off, int crypt_len,
|
||||
int icv_off, uint8_t *ivp);
|
||||
#endif
|
||||
|
||||
uint64_t octo_hminner[3];
|
||||
uint64_t octo_hmouter[3];
|
||||
@ -264,7 +252,7 @@ octo_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
|
||||
break;
|
||||
case CRYPTO_SHA1_HMAC:
|
||||
(*ocd)->octo_encrypt = octo_des_cbc_sha1_encrypt;
|
||||
(*ocd)->octo_decrypt = octo_des_cbc_sha1_encrypt;
|
||||
(*ocd)->octo_decrypt = octo_des_cbc_sha1_decrypt;
|
||||
octo_calc_hash(1, macini->cri_key, (*ocd)->octo_hminner,
|
||||
(*ocd)->octo_hmouter);
|
||||
break;
|
||||
@ -305,13 +293,13 @@ octo_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
|
||||
break;
|
||||
case CRYPTO_MD5_HMAC:
|
||||
(*ocd)->octo_encrypt = octo_null_md5_encrypt;
|
||||
(*ocd)->octo_decrypt = octo_null_md5_encrypt;
|
||||
(*ocd)->octo_decrypt = octo_null_md5_encrypt; /* encrypt == decrypt */
|
||||
octo_calc_hash(0, macini->cri_key, (*ocd)->octo_hminner,
|
||||
(*ocd)->octo_hmouter);
|
||||
break;
|
||||
case CRYPTO_SHA1_HMAC:
|
||||
(*ocd)->octo_encrypt = octo_null_sha1_encrypt;
|
||||
(*ocd)->octo_decrypt = octo_null_sha1_encrypt;
|
||||
(*ocd)->octo_decrypt = octo_null_sha1_encrypt; /* encrypt == decrypt */
|
||||
octo_calc_hash(1, macini->cri_key, (*ocd)->octo_hminner,
|
||||
(*ocd)->octo_hmouter);
|
||||
break;
|
||||
@ -433,12 +421,22 @@ octo_process(device_t dev, struct cryptop *crp, int hint)
|
||||
}
|
||||
|
||||
if (enccrd) {
|
||||
if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) {
|
||||
ivp = enccrd->crd_iv;
|
||||
if (enccrd->crd_flags & CRD_F_ENCRYPT) {
|
||||
if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
|
||||
ivp = enccrd->crd_iv;
|
||||
else
|
||||
read_random((ivp = iv_data), od->octo_ivsize);
|
||||
if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0)
|
||||
crypto_copyback(crp->crp_flags, crp->crp_buf,
|
||||
enccrd->crd_inject, od->octo_ivsize, ivp);
|
||||
} else {
|
||||
ivp = iv_data;
|
||||
crypto_copydata(crp->crp_flags, crp->crp_buf,
|
||||
enccrd->crd_inject, od->octo_ivsize, (caddr_t) ivp);
|
||||
if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) {
|
||||
ivp = enccrd->crd_iv;
|
||||
} else {
|
||||
ivp = iv_data;
|
||||
crypto_copydata(crp->crp_flags, crp->crp_buf,
|
||||
enccrd->crd_inject, od->octo_ivsize, (caddr_t) ivp);
|
||||
}
|
||||
}
|
||||
|
||||
if (maccrd) {
|
||||
|
@ -40,10 +40,8 @@ __FBSDID("$FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.34 2007/05/09 19:37:02 gn
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/types.h>
|
||||
#include <linux/time.h>
|
||||
@ -60,7 +58,6 @@ __FBSDID("$FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.34 2007/05/09 19:37:02 gn
|
||||
#include <linux/file.h>
|
||||
#include <linux/mount.h>
|
||||
#include <linux/miscdevice.h>
|
||||
#include <linux/version.h>
|
||||
#include <asm/uaccess.h>
|
||||
|
||||
#include <cryptodev.h>
|
||||
|
@ -156,7 +156,8 @@
|
||||
#define CRYPTO_SHA2_384 23
|
||||
#define CRYPTO_SHA2_512 24
|
||||
#define CRYPTO_RIPEMD160 25
|
||||
#define CRYPTO_ALGORITHM_MAX 25 /* Keep updated - see below */
|
||||
#define CRYPTO_LZS_COMP 26
|
||||
#define CRYPTO_ALGORITHM_MAX 26 /* Keep updated - see above */
|
||||
|
||||
/* Algorithm flags */
|
||||
#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */
|
||||
|
@ -4,7 +4,7 @@
|
||||
* but is mostly unrecognisable,
|
||||
*
|
||||
* Written by David McCullough <david_mccullough@mcafee.com>
|
||||
* Copyright (C) 2004-2010 David McCullough
|
||||
* Copyright (C) 2004-2011 David McCullough
|
||||
* Copyright (C) 2004-2005 Intel Corporation.
|
||||
*
|
||||
* LICENSE TERMS
|
||||
@ -35,10 +35,8 @@
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -50,7 +48,8 @@
|
||||
#include <linux/mm.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/random.h>
|
||||
#include <linux/version.h>
|
||||
#include <linux/interrupt.h>
|
||||
#include <linux/spinlock.h>
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,10)
|
||||
#include <linux/scatterlist.h>
|
||||
#endif
|
||||
@ -76,6 +75,8 @@ struct {
|
||||
|
||||
#define SW_TYPE_ASYNC 0x8000
|
||||
|
||||
#define SW_TYPE_INUSE 0x10000000
|
||||
|
||||
/* We change some of the above if we have an async interface */
|
||||
|
||||
#define SW_TYPE_ALG_AMASK (SW_TYPE_ALG_MASK | SW_TYPE_ASYNC)
|
||||
@ -87,9 +88,11 @@ struct {
|
||||
#define SCATTERLIST_MAX 16
|
||||
|
||||
struct swcr_data {
|
||||
struct work_struct workq;
|
||||
int sw_type;
|
||||
int sw_alg;
|
||||
struct crypto_tfm *sw_tfm;
|
||||
spinlock_t sw_tfm_lock;
|
||||
union {
|
||||
struct {
|
||||
char *sw_key;
|
||||
@ -153,6 +156,9 @@ static struct kmem_cache *swcr_req_cache;
|
||||
#define crypto_blkcipher_decrypt_iv(W, X, Y, Z) \
|
||||
crypto_cipher_decrypt_iv((W)->tfm, X, Y, Z, (u8 *)((W)->info))
|
||||
#define crypto_blkcipher_set_flags(x, y) /* nop */
|
||||
#define crypto_free_blkcipher(x) crypto_free_tfm(x)
|
||||
#define crypto_free_comp crypto_free_tfm
|
||||
#define crypto_free_hash crypto_free_tfm
|
||||
|
||||
/* Hash/HMAC/Digest */
|
||||
struct hash_desc
|
||||
@ -278,6 +284,54 @@ MODULE_PARM_DESC(swcr_debug, "Enable debug");
|
||||
|
||||
static void swcr_process_req(struct swcr_req *req);
|
||||
|
||||
/*
|
||||
* somethings just need to be run with user context no matter whether
|
||||
* the kernel compression libs use vmalloc/vfree for example.
|
||||
*/
|
||||
|
||||
typedef struct {
|
||||
struct work_struct wq;
|
||||
void (*func)(void *arg);
|
||||
void *arg;
|
||||
} execute_later_t;
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
|
||||
static void
|
||||
doing_it_now(struct work_struct *wq)
|
||||
{
|
||||
execute_later_t *w = container_of(wq, execute_later_t, wq);
|
||||
(w->func)(w->arg);
|
||||
kfree(w);
|
||||
}
|
||||
#else
|
||||
static void
|
||||
doing_it_now(void *arg)
|
||||
{
|
||||
execute_later_t *w = (execute_later_t *) arg;
|
||||
(w->func)(w->arg);
|
||||
kfree(w);
|
||||
}
|
||||
#endif
|
||||
|
||||
static void
|
||||
execute_later(void (fn)(void *), void *arg)
|
||||
{
|
||||
execute_later_t *w;
|
||||
|
||||
w = (execute_later_t *) kmalloc(sizeof(execute_later_t), SLAB_ATOMIC);
|
||||
if (w) {
|
||||
memset(w, '\0', sizeof(w));
|
||||
w->func = fn;
|
||||
w->arg = arg;
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
|
||||
INIT_WORK(&w->wq, doing_it_now);
|
||||
#else
|
||||
INIT_WORK(&w->wq, doing_it_now, w);
|
||||
#endif
|
||||
schedule_work(&w->wq);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Generate a new software session.
|
||||
*/
|
||||
@ -363,6 +417,8 @@ swcr_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
|
||||
(*swd)->sw_type = crypto_details[cri->cri_alg].sw_type;
|
||||
(*swd)->sw_alg = cri->cri_alg;
|
||||
|
||||
spin_lock_init(&(*swd)->sw_tfm_lock);
|
||||
|
||||
/* Algorithm specific configuration */
|
||||
switch (cri->cri_alg) {
|
||||
case CRYPTO_NULL_CBC:
|
||||
@ -379,19 +435,23 @@ swcr_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
|
||||
/* try async first */
|
||||
(*swd)->sw_tfm = swcr_no_ablk ? NULL :
|
||||
crypto_ablkcipher_tfm(crypto_alloc_ablkcipher(algo, 0, 0));
|
||||
if ((*swd)->sw_tfm) {
|
||||
if ((*swd)->sw_tfm && !IS_ERR((*swd)->sw_tfm)) {
|
||||
dprintk("%s %s cipher is async\n", __FUNCTION__, algo);
|
||||
(*swd)->sw_type |= SW_TYPE_ASYNC;
|
||||
} else {
|
||||
dprintk("%s %s cipher is sync\n", __FUNCTION__, algo);
|
||||
(*swd)->sw_tfm = crypto_blkcipher_tfm(
|
||||
crypto_alloc_blkcipher(algo, 0, CRYPTO_ALG_ASYNC));
|
||||
if ((*swd)->sw_tfm && !IS_ERR((*swd)->sw_tfm))
|
||||
dprintk("%s %s cipher is sync\n", __FUNCTION__, algo);
|
||||
}
|
||||
if (!(*swd)->sw_tfm) {
|
||||
if (!(*swd)->sw_tfm || IS_ERR((*swd)->sw_tfm)) {
|
||||
int err;
|
||||
dprintk("cryptosoft: crypto_alloc_blkcipher failed(%s, 0x%x)\n",
|
||||
algo,mode);
|
||||
err = IS_ERR((*swd)->sw_tfm) ? -(PTR_ERR((*swd)->sw_tfm)) : EINVAL;
|
||||
(*swd)->sw_tfm = NULL; /* ensure NULL */
|
||||
swcr_freesession(NULL, i);
|
||||
return EINVAL;
|
||||
return err;
|
||||
}
|
||||
|
||||
if (debug) {
|
||||
@ -536,7 +596,11 @@ swcr_freesession(device_t dev, u_int64_t tid)
|
||||
crypto_free_hash(crypto_hash_cast(swd->sw_tfm));
|
||||
break;
|
||||
case SW_TYPE_COMP:
|
||||
crypto_free_comp(crypto_comp_cast(swd->sw_tfm));
|
||||
if (in_interrupt())
|
||||
execute_later((void (*)(void *))crypto_free_comp, (void *)crypto_comp_cast(swd->sw_tfm));
|
||||
else
|
||||
crypto_free_comp(crypto_comp_cast(swd->sw_tfm));
|
||||
break;
|
||||
default:
|
||||
crypto_free_tfm(swd->sw_tfm);
|
||||
break;
|
||||
@ -555,32 +619,40 @@ swcr_freesession(device_t dev, u_int64_t tid)
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ABLKCIPHER) || defined(HAVE_AHASH)
|
||||
/* older kernels had no async interface */
|
||||
|
||||
static void swcr_process_callback(struct crypto_async_request *creq, int err)
|
||||
static void swcr_process_req_complete(struct swcr_req *req)
|
||||
{
|
||||
struct swcr_req *req = creq->data;
|
||||
|
||||
dprintk("%s()\n", __FUNCTION__);
|
||||
if (err) {
|
||||
if (err == -EINPROGRESS)
|
||||
return;
|
||||
dprintk("%s() fail %d\n", __FUNCTION__, -err);
|
||||
req->crp->crp_etype = -err;
|
||||
goto done;
|
||||
|
||||
if (req->sw->sw_type & SW_TYPE_INUSE) {
|
||||
unsigned long flags;
|
||||
spin_lock_irqsave(&req->sw->sw_tfm_lock, flags);
|
||||
req->sw->sw_type &= ~SW_TYPE_INUSE;
|
||||
spin_unlock_irqrestore(&req->sw->sw_tfm_lock, flags);
|
||||
}
|
||||
|
||||
if (req->crp->crp_etype)
|
||||
goto done;
|
||||
|
||||
switch (req->sw->sw_type & SW_TYPE_ALG_AMASK) {
|
||||
#if defined(HAVE_AHASH)
|
||||
case SW_TYPE_AHMAC:
|
||||
case SW_TYPE_AHASH:
|
||||
crypto_copyback(req->crp->crp_flags, req->crp->crp_buf,
|
||||
req->crd->crd_inject, req->sw->u.hmac.sw_mlen, req->result);
|
||||
ahash_request_free(req->crypto_req);
|
||||
break;
|
||||
#endif
|
||||
#if defined(HAVE_ABLKCIPHER)
|
||||
case SW_TYPE_ABLKCIPHER:
|
||||
ablkcipher_request_free(req->crypto_req);
|
||||
break;
|
||||
#endif
|
||||
case SW_TYPE_CIPHER:
|
||||
case SW_TYPE_HMAC:
|
||||
case SW_TYPE_HASH:
|
||||
case SW_TYPE_COMP:
|
||||
case SW_TYPE_BLKCIPHER:
|
||||
break;
|
||||
default:
|
||||
req->crp->crp_etype = EINVAL;
|
||||
goto done;
|
||||
@ -597,6 +669,22 @@ done:
|
||||
crypto_done(req->crp);
|
||||
kmem_cache_free(swcr_req_cache, req);
|
||||
}
|
||||
|
||||
#if defined(HAVE_ABLKCIPHER) || defined(HAVE_AHASH)
|
||||
static void swcr_process_callback(struct crypto_async_request *creq, int err)
|
||||
{
|
||||
struct swcr_req *req = creq->data;
|
||||
|
||||
dprintk("%s()\n", __FUNCTION__);
|
||||
if (err) {
|
||||
if (err == -EINPROGRESS)
|
||||
return;
|
||||
dprintk("%s() fail %d\n", __FUNCTION__, -err);
|
||||
req->crp->crp_etype = -err;
|
||||
}
|
||||
|
||||
swcr_process_req_complete(req);
|
||||
}
|
||||
#endif /* defined(HAVE_ABLKCIPHER) || defined(HAVE_AHASH) */
|
||||
|
||||
|
||||
@ -631,6 +719,29 @@ static void swcr_process_req(struct swcr_req *req)
|
||||
goto done;
|
||||
}
|
||||
|
||||
/*
|
||||
* for some types we need to ensure only one user as info is stored in
|
||||
* the tfm during an operation that can get corrupted
|
||||
*/
|
||||
switch (sw->sw_type & SW_TYPE_ALG_AMASK) {
|
||||
#ifdef HAVE_AHASH
|
||||
case SW_TYPE_AHMAC:
|
||||
case SW_TYPE_AHASH:
|
||||
#endif
|
||||
case SW_TYPE_HMAC:
|
||||
case SW_TYPE_HASH: {
|
||||
unsigned long flags;
|
||||
spin_lock_irqsave(&sw->sw_tfm_lock, flags);
|
||||
if (sw->sw_type & SW_TYPE_INUSE) {
|
||||
spin_unlock_irqrestore(&sw->sw_tfm_lock, flags);
|
||||
execute_later((void (*)(void *))swcr_process_req, (void *)req);
|
||||
return;
|
||||
}
|
||||
sw->sw_type |= SW_TYPE_INUSE;
|
||||
spin_unlock_irqrestore(&sw->sw_tfm_lock, flags);
|
||||
} break;
|
||||
}
|
||||
|
||||
req->sw = sw;
|
||||
skip = crd->crd_skip;
|
||||
|
||||
@ -722,7 +833,7 @@ static void swcr_process_req(struct swcr_req *req)
|
||||
}
|
||||
|
||||
req->crypto_req =
|
||||
ahash_request_alloc(__crypto_ahash_cast(sw->sw_tfm),GFP_KERNEL);
|
||||
ahash_request_alloc(__crypto_ahash_cast(sw->sw_tfm),GFP_ATOMIC);
|
||||
if (!req->crypto_req) {
|
||||
crp->crp_etype = ENOMEM;
|
||||
dprintk("%s,%d: ENOMEM ahash_request_alloc", __FILE__, __LINE__);
|
||||
@ -747,7 +858,6 @@ static void swcr_process_req(struct swcr_req *req)
|
||||
case 0:
|
||||
dprintk("hash OP %s %d\n", ret ? "failed" : "success", ret);
|
||||
crp->crp_etype = ret;
|
||||
ahash_request_free(req->crypto_req);
|
||||
goto done;
|
||||
}
|
||||
} break;
|
||||
@ -776,7 +886,7 @@ static void swcr_process_req(struct swcr_req *req)
|
||||
}
|
||||
|
||||
req->crypto_req = ablkcipher_request_alloc(
|
||||
__crypto_ablkcipher_cast(sw->sw_tfm), GFP_KERNEL);
|
||||
__crypto_ablkcipher_cast(sw->sw_tfm), GFP_ATOMIC);
|
||||
if (!req->crypto_req) {
|
||||
crp->crp_etype = ENOMEM;
|
||||
dprintk("%s,%d: ENOMEM ablkcipher_request_alloc",
|
||||
@ -1028,8 +1138,6 @@ static void swcr_process_req(struct swcr_req *req)
|
||||
crd->crd_inject, olen, obuf);
|
||||
crp->crp_olen = olen;
|
||||
}
|
||||
|
||||
|
||||
} break;
|
||||
|
||||
default:
|
||||
@ -1040,8 +1148,7 @@ static void swcr_process_req(struct swcr_req *req)
|
||||
}
|
||||
|
||||
done:
|
||||
crypto_done(crp);
|
||||
kmem_cache_free(swcr_req_cache, req);
|
||||
swcr_process_req_complete(req);
|
||||
}
|
||||
|
||||
|
||||
@ -1209,5 +1316,5 @@ late_initcall(cryptosoft_init);
|
||||
module_exit(cryptosoft_exit);
|
||||
|
||||
MODULE_LICENSE("Dual BSD/GPL");
|
||||
MODULE_AUTHOR("David McCullough <david_mccullough@securecomputing.com>");
|
||||
MODULE_AUTHOR("David McCullough <david_mccullough@mcafee.com>");
|
||||
MODULE_DESCRIPTION("Cryptosoft (OCF module for kernel crypto)");
|
||||
|
@ -47,10 +47,8 @@ __FBSDID("$FreeBSD: src/sys/dev/hifn/hifn7751.c,v 1.40 2007/03/21 03:42:49 sam E
|
||||
* Driver for various Hifn encryption processors.
|
||||
*/
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -63,7 +61,6 @@ __FBSDID("$FreeBSD: src/sys/dev/hifn/hifn7751.c,v 1.40 2007/03/21 03:42:49 sam E
|
||||
#include <linux/interrupt.h>
|
||||
#include <linux/spinlock.h>
|
||||
#include <linux/random.h>
|
||||
#include <linux/version.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <asm/io.h>
|
||||
|
||||
@ -437,7 +434,7 @@ hifn_probe(struct pci_dev *dev, const struct pci_device_id *ent)
|
||||
if (pci_enable_device(dev) < 0)
|
||||
return(-ENODEV);
|
||||
|
||||
#ifdef CONFIG_HAVE_PCI_SET_MWI
|
||||
#ifdef HAVE_PCI_SET_MWI
|
||||
if (pci_set_mwi(dev))
|
||||
return(-ENODEV);
|
||||
#endif
|
||||
@ -873,7 +870,7 @@ hifn_set_retry(struct hifn_softc *sc)
|
||||
DPRINTF("%s()\n", __FUNCTION__);
|
||||
/* NB: RETRY only responds to 8-bit reads/writes */
|
||||
pci_write_config_byte(sc->sc_pcidev, HIFN_RETRY_TIMEOUT, 0);
|
||||
pci_write_config_dword(sc->sc_pcidev, HIFN_TRDY_TIMEOUT, 0);
|
||||
pci_write_config_byte(sc->sc_pcidev, HIFN_TRDY_TIMEOUT, 0);
|
||||
/* piggy back the cache line setting here */
|
||||
pci_write_config_byte(sc->sc_pcidev, PCI_CACHE_LINE_SIZE, hifn_cache_linesize);
|
||||
}
|
||||
@ -2380,11 +2377,6 @@ hifn_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri)
|
||||
case CRYPTO_DES_CBC:
|
||||
case CRYPTO_3DES_CBC:
|
||||
case CRYPTO_AES_CBC:
|
||||
/* XXX this may read fewer, does it matter? */
|
||||
read_random(ses->hs_iv,
|
||||
c->cri_alg == CRYPTO_AES_CBC ?
|
||||
HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH);
|
||||
/*FALLTHROUGH*/
|
||||
case CRYPTO_ARC4:
|
||||
if (cry) {
|
||||
DPRINTF("%s,%d: %s - EINVAL\n",__FILE__,__LINE__,__FUNCTION__);
|
||||
@ -2580,8 +2572,7 @@ hifn_process(device_t dev, struct cryptop *crp, int hint)
|
||||
if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
|
||||
bcopy(enccrd->crd_iv, cmd->iv, ivlen);
|
||||
else
|
||||
bcopy(sc->sc_sessions[session].hs_iv,
|
||||
cmd->iv, ivlen);
|
||||
read_random(cmd->iv, ivlen);
|
||||
|
||||
if ((enccrd->crd_flags & CRD_F_IV_PRESENT)
|
||||
== 0) {
|
||||
@ -2786,7 +2777,7 @@ hifn_callback(struct hifn_softc *sc, struct hifn_command *cmd, u_int8_t *macbuf)
|
||||
struct hifn_dma *dma = sc->sc_dma;
|
||||
struct cryptop *crp = cmd->crp;
|
||||
struct cryptodesc *crd;
|
||||
int i, u, ivlen;
|
||||
int i, u;
|
||||
|
||||
DPRINTF("%s()\n", __FUNCTION__);
|
||||
|
||||
@ -2851,22 +2842,6 @@ hifn_callback(struct hifn_softc *sc, struct hifn_command *cmd, u_int8_t *macbuf)
|
||||
|
||||
hifnstats.hst_obytes += cmd->dst_mapsize;
|
||||
|
||||
if ((cmd->base_masks & (HIFN_BASE_CMD_CRYPT | HIFN_BASE_CMD_DECODE)) ==
|
||||
HIFN_BASE_CMD_CRYPT) {
|
||||
for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
|
||||
if (crd->crd_alg != CRYPTO_DES_CBC &&
|
||||
crd->crd_alg != CRYPTO_3DES_CBC &&
|
||||
crd->crd_alg != CRYPTO_AES_CBC)
|
||||
continue;
|
||||
ivlen = ((crd->crd_alg == CRYPTO_AES_CBC) ?
|
||||
HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH);
|
||||
crypto_copydata(crp->crp_flags, crp->crp_buf,
|
||||
crd->crd_skip + crd->crd_len - ivlen, ivlen,
|
||||
cmd->softc->sc_sessions[cmd->session_num].hs_iv);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (macbuf != NULL) {
|
||||
for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
|
||||
int len;
|
||||
|
@ -113,7 +113,6 @@ struct hifn_dma {
|
||||
struct hifn_session {
|
||||
int hs_used;
|
||||
int hs_mlen;
|
||||
u_int8_t hs_iv[HIFN_MAX_IV_LENGTH];
|
||||
};
|
||||
|
||||
#define HIFN_RING_SYNC(sc, r, i, f) \
|
||||
|
@ -33,10 +33,8 @@
|
||||
* Driver for various Hifn encryption processors.
|
||||
*/
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -49,7 +47,6 @@
|
||||
#include <linux/interrupt.h>
|
||||
#include <linux/spinlock.h>
|
||||
#include <linux/random.h>
|
||||
#include <linux/version.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/uio.h>
|
||||
#include <linux/sysfs.h>
|
||||
@ -211,7 +208,7 @@ hipp_probe(struct pci_dev *dev, const struct pci_device_id *ent)
|
||||
if (pci_enable_device(dev) < 0)
|
||||
return(-ENODEV);
|
||||
|
||||
#ifdef CONFIG_HAVE_PCI_SET_MWI
|
||||
#ifdef HAVE_PCI_SET_MWI
|
||||
if (pci_set_mwi(dev))
|
||||
return(-ENODEV);
|
||||
#endif
|
||||
|
@ -4,7 +4,7 @@
|
||||
* from Intel in order to operate (or compile).
|
||||
*
|
||||
* Written by David McCullough <david_mccullough@mcafee.com>
|
||||
* Copyright (C) 2006-2010 David McCullough
|
||||
* Copyright (C) 2006-2011 David McCullough
|
||||
* Copyright (C) 2004-2005 Intel Corporation.
|
||||
*
|
||||
* LICENSE TERMS
|
||||
@ -34,10 +34,8 @@
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -448,14 +446,28 @@ ixp_q_process(struct ixp_q *q)
|
||||
dprintk("%s(%p)\n", __FUNCTION__, q);
|
||||
|
||||
if (q->ixp_q_ccrd) {
|
||||
if (q->ixp_q_ccrd->crd_flags & CRD_F_IV_EXPLICIT) {
|
||||
q->ixp_q_iv = q->ixp_q_ccrd->crd_iv;
|
||||
if (q->ixp_q_ccrd->crd_flags & CRD_F_ENCRYPT) {
|
||||
if (q->ixp_q_ccrd->crd_flags & CRD_F_IV_EXPLICIT) {
|
||||
q->ixp_q_iv = q->ixp_q_ccrd->crd_iv;
|
||||
} else {
|
||||
q->ixp_q_iv = q->ixp_q_iv_data;
|
||||
read_random(q->ixp_q_iv, ixp->ixp_ctx.cipherCtx.cipherInitialVectorLen);
|
||||
}
|
||||
if ((q->ixp_q_ccrd->crd_flags & CRD_F_IV_PRESENT) == 0)
|
||||
crypto_copyback(q->ixp_q_crp->crp_flags, q->ixp_q_crp->crp_buf,
|
||||
q->ixp_q_ccrd->crd_inject,
|
||||
ixp->ixp_ctx.cipherCtx.cipherInitialVectorLen,
|
||||
(caddr_t) q->ixp_q_iv);
|
||||
} else {
|
||||
q->ixp_q_iv = q->ixp_q_iv_data;
|
||||
crypto_copydata(q->ixp_q_crp->crp_flags, q->ixp_q_crp->crp_buf,
|
||||
q->ixp_q_ccrd->crd_inject,
|
||||
ixp->ixp_ctx.cipherCtx.cipherInitialVectorLen,
|
||||
(caddr_t) q->ixp_q_iv);
|
||||
if (q->ixp_q_ccrd->crd_flags & CRD_F_IV_EXPLICIT)
|
||||
q->ixp_q_iv = q->ixp_q_ccrd->crd_iv;
|
||||
else {
|
||||
q->ixp_q_iv = q->ixp_q_iv_data;
|
||||
crypto_copydata(q->ixp_q_crp->crp_flags, q->ixp_q_crp->crp_buf,
|
||||
q->ixp_q_ccrd->crd_inject,
|
||||
ixp->ixp_ctx.cipherCtx.cipherInitialVectorLen,
|
||||
(caddr_t) q->ixp_q_iv);
|
||||
}
|
||||
}
|
||||
|
||||
if (q->ixp_q_acrd) {
|
||||
|
@ -0,0 +1,123 @@
|
||||
static MV_U8 mask[256] = {
|
||||
0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
};
|
||||
|
||||
static MV_U8 Logtable[256] = {
|
||||
0, 0, 25, 1, 50, 2, 26, 198, 75, 199, 27, 104, 51, 238, 223, 3,
|
||||
100, 4, 224, 14, 52, 141, 129, 239, 76, 113, 8, 200, 248, 105, 28, 193,
|
||||
125, 194, 29, 181, 249, 185, 39, 106, 77, 228, 166, 114, 154, 201, 9, 120,
|
||||
101, 47, 138, 5, 33, 15, 225, 36, 18, 240, 130, 69, 53, 147, 218, 142,
|
||||
150, 143, 219, 189, 54, 208, 206, 148, 19, 92, 210, 241, 64, 70, 131, 56,
|
||||
102, 221, 253, 48, 191, 6, 139, 98, 179, 37, 226, 152, 34, 136, 145, 16,
|
||||
126, 110, 72, 195, 163, 182, 30, 66, 58, 107, 40, 84, 250, 133, 61, 186,
|
||||
43, 121, 10, 21, 155, 159, 94, 202, 78, 212, 172, 229, 243, 115, 167, 87,
|
||||
175, 88, 168, 80, 244, 234, 214, 116, 79, 174, 233, 213, 231, 230, 173, 232,
|
||||
44, 215, 117, 122, 235, 22, 11, 245, 89, 203, 95, 176, 156, 169, 81, 160,
|
||||
127, 12, 246, 111, 23, 196, 73, 236, 216, 67, 31, 45, 164, 118, 123, 183,
|
||||
204, 187, 62, 90, 251, 96, 177, 134, 59, 82, 161, 108, 170, 85, 41, 157,
|
||||
151, 178, 135, 144, 97, 190, 220, 252, 188, 149, 207, 205, 55, 63, 91, 209,
|
||||
83, 57, 132, 60, 65, 162, 109, 71, 20, 42, 158, 93, 86, 242, 211, 171,
|
||||
68, 17, 146, 217, 35, 32, 46, 137, 180, 124, 184, 38, 119, 153, 227, 165,
|
||||
103, 74, 237, 222, 197, 49, 254, 24, 13, 99, 140, 128, 192, 247, 112, 7,
|
||||
};
|
||||
|
||||
static MV_U8 Alogtable[512] = {
|
||||
1, 3, 5, 15, 17, 51, 85, 255, 26, 46, 114, 150, 161, 248, 19, 53,
|
||||
95, 225, 56, 72, 216, 115, 149, 164, 247, 2, 6, 10, 30, 34, 102, 170,
|
||||
229, 52, 92, 228, 55, 89, 235, 38, 106, 190, 217, 112, 144, 171, 230, 49,
|
||||
83, 245, 4, 12, 20, 60, 68, 204, 79, 209, 104, 184, 211, 110, 178, 205,
|
||||
76, 212, 103, 169, 224, 59, 77, 215, 98, 166, 241, 8, 24, 40, 120, 136,
|
||||
131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206, 73, 219, 118, 154,
|
||||
181, 196, 87, 249, 16, 48, 80, 240, 11, 29, 39, 105, 187, 214, 97, 163,
|
||||
254, 25, 43, 125, 135, 146, 173, 236, 47, 113, 147, 174, 233, 32, 96, 160,
|
||||
251, 22, 58, 78, 210, 109, 183, 194, 93, 231, 50, 86, 250, 21, 63, 65,
|
||||
195, 94, 226, 61, 71, 201, 64, 192, 91, 237, 44, 116, 156, 191, 218, 117,
|
||||
159, 186, 213, 100, 172, 239, 42, 126, 130, 157, 188, 223, 122, 142, 137, 128,
|
||||
155, 182, 193, 88, 232, 35, 101, 175, 234, 37, 111, 177, 200, 67, 197, 84,
|
||||
252, 31, 33, 99, 165, 244, 7, 9, 27, 45, 119, 153, 176, 203, 70, 202,
|
||||
69, 207, 74, 222, 121, 139, 134, 145, 168, 227, 62, 66, 198, 81, 243, 14,
|
||||
18, 54, 90, 238, 41, 123, 141, 140, 143, 138, 133, 148, 167, 242, 13, 23,
|
||||
57, 75, 221, 124, 132, 151, 162, 253, 28, 36, 108, 180, 199, 82, 246, 1,
|
||||
|
||||
3, 5, 15, 17, 51, 85, 255, 26, 46, 114, 150, 161, 248, 19, 53,
|
||||
95, 225, 56, 72, 216, 115, 149, 164, 247, 2, 6, 10, 30, 34, 102, 170,
|
||||
229, 52, 92, 228, 55, 89, 235, 38, 106, 190, 217, 112, 144, 171, 230, 49,
|
||||
83, 245, 4, 12, 20, 60, 68, 204, 79, 209, 104, 184, 211, 110, 178, 205,
|
||||
76, 212, 103, 169, 224, 59, 77, 215, 98, 166, 241, 8, 24, 40, 120, 136,
|
||||
131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206, 73, 219, 118, 154,
|
||||
181, 196, 87, 249, 16, 48, 80, 240, 11, 29, 39, 105, 187, 214, 97, 163,
|
||||
254, 25, 43, 125, 135, 146, 173, 236, 47, 113, 147, 174, 233, 32, 96, 160,
|
||||
251, 22, 58, 78, 210, 109, 183, 194, 93, 231, 50, 86, 250, 21, 63, 65,
|
||||
195, 94, 226, 61, 71, 201, 64, 192, 91, 237, 44, 116, 156, 191, 218, 117,
|
||||
159, 186, 213, 100, 172, 239, 42, 126, 130, 157, 188, 223, 122, 142, 137, 128,
|
||||
155, 182, 193, 88, 232, 35, 101, 175, 234, 37, 111, 177, 200, 67, 197, 84,
|
||||
252, 31, 33, 99, 165, 244, 7, 9, 27, 45, 119, 153, 176, 203, 70, 202,
|
||||
69, 207, 74, 222, 121, 139, 134, 145, 168, 227, 62, 66, 198, 81, 243, 14,
|
||||
18, 54, 90, 238, 41, 123, 141, 140, 143, 138, 133, 148, 167, 242, 13, 23,
|
||||
57, 75, 221, 124, 132, 151, 162, 253, 28, 36, 108, 180, 199, 82, 246, 1,
|
||||
|
||||
};
|
||||
|
||||
static MV_U8 S[256] = {
|
||||
99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118,
|
||||
202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
|
||||
183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21,
|
||||
4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117,
|
||||
9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132,
|
||||
83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207,
|
||||
208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
|
||||
81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210,
|
||||
205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115,
|
||||
96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219,
|
||||
224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121,
|
||||
231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8,
|
||||
186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138,
|
||||
112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
|
||||
225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
|
||||
140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22,
|
||||
};
|
||||
|
||||
static MV_U8 Si[256] = {
|
||||
82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251,
|
||||
124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203,
|
||||
84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78,
|
||||
8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37,
|
||||
114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146,
|
||||
108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132,
|
||||
144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
|
||||
208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107,
|
||||
58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
|
||||
150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110,
|
||||
71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27,
|
||||
252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244,
|
||||
31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95,
|
||||
96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
|
||||
160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97,
|
||||
23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125,
|
||||
};
|
||||
|
||||
/*
|
||||
static MV_U8 iG[4][4] = {
|
||||
{0x0e, 0x09, 0x0d, 0x0b},
|
||||
{0x0b, 0x0e, 0x09, 0x0d},
|
||||
{0x0d, 0x0b, 0x0e, 0x09},
|
||||
{0x09, 0x0d, 0x0b, 0x0e},
|
||||
};
|
||||
*/
|
||||
static MV_U32 rcon[30] = {
|
||||
0x01,0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, };
|
@ -27,10 +27,8 @@ disclaimer.
|
||||
*******************************************************************************/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -501,7 +499,7 @@ cesa_ocf_process(device_t dev, struct cryptop *crp, int hint)
|
||||
if ((crd->crd_flags & CRD_F_IV_PRESENT) == 0) {
|
||||
dprintk("%s,%d: copy the IV back to the buffer\n", __FILE__, __LINE__);
|
||||
cesa_cmd->ivOffset = crd->crd_inject;
|
||||
crypto_copy_bits_back(crp->crp_buf, crd->crd_inject, ivp, cesa_ocf_cur_ses->ivlen);
|
||||
crypto_copyback(crp->crp_flags, crp->crp_buf, crd->crd_inject, cesa_ocf_cur_ses->ivlen, ivp);
|
||||
}
|
||||
else {
|
||||
dprintk("%s,%d: don't copy the IV back to the buffer \n", __FILE__, __LINE__);
|
||||
|
@ -31,10 +31,8 @@
|
||||
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -43,7 +41,6 @@
|
||||
#include <linux/wait.h>
|
||||
#include <linux/sched.h>
|
||||
#include <linux/spinlock.h>
|
||||
#include <linux/version.h>
|
||||
#include <linux/interrupt.h>
|
||||
#include <cryptodev.h>
|
||||
|
||||
@ -70,22 +67,38 @@
|
||||
/*
|
||||
* the number of simultaneously active requests
|
||||
*/
|
||||
static int request_q_len = 20;
|
||||
static int request_q_len = 40;
|
||||
module_param(request_q_len, int, 0);
|
||||
MODULE_PARM_DESC(request_q_len, "Number of outstanding requests");
|
||||
|
||||
/*
|
||||
* how many requests we want to have processed
|
||||
*/
|
||||
static int request_num = 1024;
|
||||
module_param(request_num, int, 0);
|
||||
MODULE_PARM_DESC(request_num, "run for at least this many requests");
|
||||
|
||||
/*
|
||||
* the size of each request
|
||||
*/
|
||||
static int request_size = 1500;
|
||||
static int request_size = 1488;
|
||||
module_param(request_size, int, 0);
|
||||
MODULE_PARM_DESC(request_size, "size of each request");
|
||||
|
||||
/*
|
||||
* OCF batching of requests
|
||||
*/
|
||||
static int request_batch = 1;
|
||||
module_param(request_batch, int, 0);
|
||||
MODULE_PARM_DESC(request_batch, "enable OCF request batching");
|
||||
|
||||
/*
|
||||
* OCF immediate callback on completion
|
||||
*/
|
||||
static int request_cbimm = 1;
|
||||
module_param(request_cbimm, int, 0);
|
||||
MODULE_PARM_DESC(request_cbimm, "enable OCF immediate callback on completion");
|
||||
|
||||
/*
|
||||
* a structure for each request
|
||||
*/
|
||||
@ -99,6 +112,7 @@ typedef struct {
|
||||
|
||||
static request_t *requests;
|
||||
|
||||
static spinlock_t ocfbench_counter_lock;
|
||||
static int outstanding;
|
||||
static int total;
|
||||
|
||||
@ -108,6 +122,8 @@ static int total;
|
||||
*/
|
||||
|
||||
static uint64_t ocf_cryptoid;
|
||||
static unsigned long jstart, jstop;
|
||||
|
||||
static int ocf_init(void);
|
||||
static int ocf_cb(struct cryptop *crp);
|
||||
static void ocf_request(void *arg);
|
||||
@ -131,13 +147,15 @@ ocf_init(void)
|
||||
cria.cri_klen = 20 * 8;
|
||||
cria.cri_key = "0123456789abcdefghij";
|
||||
|
||||
crie.cri_alg = CRYPTO_3DES_CBC;
|
||||
//crie.cri_alg = CRYPTO_3DES_CBC;
|
||||
crie.cri_alg = CRYPTO_AES_CBC;
|
||||
crie.cri_klen = 24 * 8;
|
||||
crie.cri_key = "0123456789abcdefghijklmn";
|
||||
|
||||
crie.cri_next = &cria;
|
||||
|
||||
error = crypto_newsession(&ocf_cryptoid, &crie, 0);
|
||||
error = crypto_newsession(&ocf_cryptoid, &crie,
|
||||
CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE);
|
||||
if (error) {
|
||||
printk("crypto_newsession failed %d\n", error);
|
||||
return -1;
|
||||
@ -149,23 +167,23 @@ static int
|
||||
ocf_cb(struct cryptop *crp)
|
||||
{
|
||||
request_t *r = (request_t *) crp->crp_opaque;
|
||||
unsigned long flags;
|
||||
|
||||
if (crp->crp_etype)
|
||||
printk("Error in OCF processing: %d\n", crp->crp_etype);
|
||||
total++;
|
||||
crypto_freereq(crp);
|
||||
crp = NULL;
|
||||
|
||||
if (total > request_num) {
|
||||
/* do all requests but take at least 1 second */
|
||||
spin_lock_irqsave(&ocfbench_counter_lock, flags);
|
||||
total++;
|
||||
if (total > request_num && jstart + HZ < jiffies) {
|
||||
outstanding--;
|
||||
spin_unlock_irqrestore(&ocfbench_counter_lock, flags);
|
||||
return 0;
|
||||
}
|
||||
spin_unlock_irqrestore(&ocfbench_counter_lock, flags);
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
|
||||
INIT_WORK(&r->work, ocf_request_wq);
|
||||
#else
|
||||
INIT_WORK(&r->work, ocf_request, r);
|
||||
#endif
|
||||
schedule_work(&r->work);
|
||||
return 0;
|
||||
}
|
||||
@ -177,9 +195,12 @@ ocf_request(void *arg)
|
||||
request_t *r = arg;
|
||||
struct cryptop *crp = crypto_getreq(2);
|
||||
struct cryptodesc *crde, *crda;
|
||||
unsigned long flags;
|
||||
|
||||
if (!crp) {
|
||||
spin_lock_irqsave(&ocfbench_counter_lock, flags);
|
||||
outstanding--;
|
||||
spin_unlock_irqrestore(&ocfbench_counter_lock, flags);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -198,12 +219,17 @@ ocf_request(void *arg)
|
||||
crde->crd_flags = CRD_F_IV_EXPLICIT | CRD_F_ENCRYPT;
|
||||
crde->crd_len = request_size;
|
||||
crde->crd_inject = request_size;
|
||||
crde->crd_alg = CRYPTO_3DES_CBC;
|
||||
//crde->crd_alg = CRYPTO_3DES_CBC;
|
||||
crde->crd_alg = CRYPTO_AES_CBC;
|
||||
crde->crd_key = "0123456789abcdefghijklmn";
|
||||
crde->crd_klen = 24 * 8;
|
||||
|
||||
crp->crp_ilen = request_size + 64;
|
||||
crp->crp_flags = CRYPTO_F_CBIMM;
|
||||
crp->crp_flags = 0;
|
||||
if (request_batch)
|
||||
crp->crp_flags |= CRYPTO_F_BATCH;
|
||||
if (request_cbimm)
|
||||
crp->crp_flags |= CRYPTO_F_CBIMM;
|
||||
crp->crp_buf = (caddr_t) r->buffer;
|
||||
crp->crp_callback = ocf_cb;
|
||||
crp->crp_sid = ocf_cryptoid;
|
||||
@ -220,6 +246,12 @@ ocf_request_wq(struct work_struct *work)
|
||||
}
|
||||
#endif
|
||||
|
||||
static void
|
||||
ocf_done(void)
|
||||
{
|
||||
crypto_freesession(ocf_cryptoid);
|
||||
}
|
||||
|
||||
/*************************************************************************/
|
||||
#ifdef BENCH_IXP_ACCESS_LIB
|
||||
/*************************************************************************/
|
||||
@ -306,24 +338,25 @@ ixp_perform_cb(
|
||||
IxCryptoAccStatus status)
|
||||
{
|
||||
request_t *r = NULL;
|
||||
unsigned long flags;
|
||||
|
||||
/* do all requests but take at least 1 second */
|
||||
spin_lock_irqsave(&ocfbench_counter_lock, flags);
|
||||
total++;
|
||||
if (total > request_num) {
|
||||
if (total > request_num && jstart + HZ < jiffies) {
|
||||
outstanding--;
|
||||
spin_unlock_irqrestore(&ocfbench_counter_lock, flags);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!sbufp || !(r = IX_MBUF_PRIV(sbufp))) {
|
||||
printk("crappo %p %p\n", sbufp, r);
|
||||
outstanding--;
|
||||
spin_unlock_irqrestore(&ocfbench_counter_lock, flags);
|
||||
return;
|
||||
}
|
||||
spin_unlock_irqrestore(&ocfbench_counter_lock, flags);
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
|
||||
INIT_WORK(&r->work, ixp_request_wq);
|
||||
#else
|
||||
INIT_WORK(&r->work, ixp_request, r);
|
||||
#endif
|
||||
schedule_work(&r->work);
|
||||
}
|
||||
|
||||
@ -332,6 +365,7 @@ ixp_request(void *arg)
|
||||
{
|
||||
request_t *r = arg;
|
||||
IxCryptoAccStatus status;
|
||||
unsigned long flags;
|
||||
|
||||
memset(&r->mbuf, 0, sizeof(r->mbuf));
|
||||
IX_MBUF_MLEN(&r->mbuf) = IX_MBUF_PKT_LEN(&r->mbuf) = request_size + 64;
|
||||
@ -341,7 +375,9 @@ ixp_request(void *arg)
|
||||
0, request_size, 0, request_size, request_size, r->buffer);
|
||||
if (IX_CRYPTO_ACC_STATUS_SUCCESS != status) {
|
||||
printk("status1 = %d\n", status);
|
||||
spin_lock_irqsave(&ocfbench_counter_lock, flags);
|
||||
outstanding--;
|
||||
spin_unlock_irqrestore(&ocfbench_counter_lock, flags);
|
||||
return;
|
||||
}
|
||||
return;
|
||||
@ -356,6 +392,12 @@ ixp_request_wq(struct work_struct *work)
|
||||
}
|
||||
#endif
|
||||
|
||||
static void
|
||||
ixp_done(void)
|
||||
{
|
||||
/* we should free the session here but I am lazy :-) */
|
||||
}
|
||||
|
||||
/*************************************************************************/
|
||||
#endif /* BENCH_IXP_ACCESS_LIB */
|
||||
/*************************************************************************/
|
||||
@ -363,7 +405,9 @@ ixp_request_wq(struct work_struct *work)
|
||||
int
|
||||
ocfbench_init(void)
|
||||
{
|
||||
int i, jstart, jstop;
|
||||
int i;
|
||||
unsigned long mbps;
|
||||
unsigned long flags;
|
||||
|
||||
printk("Crypto Speed tests\n");
|
||||
|
||||
@ -375,6 +419,11 @@ ocfbench_init(void)
|
||||
|
||||
for (i = 0; i < request_q_len; i++) {
|
||||
/* +64 for return data */
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
|
||||
INIT_WORK(&requests[i].work, ocf_request_wq);
|
||||
#else
|
||||
INIT_WORK(&requests[i].work, ocf_request, &requests[i]);
|
||||
#endif
|
||||
requests[i].buffer = kmalloc(request_size + 128, GFP_DMA);
|
||||
if (!requests[i].buffer) {
|
||||
printk("malloc failed\n");
|
||||
@ -387,19 +436,31 @@ ocfbench_init(void)
|
||||
* OCF benchmark
|
||||
*/
|
||||
printk("OCF: testing ...\n");
|
||||
ocf_init();
|
||||
if (ocf_init() == -1)
|
||||
return -EINVAL;
|
||||
|
||||
spin_lock_init(&ocfbench_counter_lock);
|
||||
total = outstanding = 0;
|
||||
jstart = jiffies;
|
||||
for (i = 0; i < request_q_len; i++) {
|
||||
spin_lock_irqsave(&ocfbench_counter_lock, flags);
|
||||
outstanding++;
|
||||
spin_unlock_irqrestore(&ocfbench_counter_lock, flags);
|
||||
ocf_request(&requests[i]);
|
||||
}
|
||||
while (outstanding > 0)
|
||||
schedule();
|
||||
jstop = jiffies;
|
||||
|
||||
printk("OCF: %d requests of %d bytes in %d jiffies\n", total, request_size,
|
||||
jstop - jstart);
|
||||
mbps = 0;
|
||||
if (jstop > jstart) {
|
||||
mbps = (unsigned long) total * (unsigned long) request_size * 8;
|
||||
mbps /= ((jstop - jstart) * 1000) / HZ;
|
||||
}
|
||||
printk("OCF: %d requests of %d bytes in %d jiffies (%d.%03d Mbps)\n",
|
||||
total, request_size, (int)(jstop - jstart),
|
||||
((int)mbps) / 1000, ((int)mbps) % 1000);
|
||||
ocf_done();
|
||||
|
||||
#ifdef BENCH_IXP_ACCESS_LIB
|
||||
/*
|
||||
@ -410,15 +471,29 @@ ocfbench_init(void)
|
||||
total = outstanding = 0;
|
||||
jstart = jiffies;
|
||||
for (i = 0; i < request_q_len; i++) {
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
|
||||
INIT_WORK(&requests[i].work, ixp_request_wq);
|
||||
#else
|
||||
INIT_WORK(&requests[i].work, ixp_request, &requests[i]);
|
||||
#endif
|
||||
spin_lock_irqsave(&ocfbench_counter_lock, flags);
|
||||
outstanding++;
|
||||
spin_unlock_irqrestore(&ocfbench_counter_lock, flags);
|
||||
ixp_request(&requests[i]);
|
||||
}
|
||||
while (outstanding > 0)
|
||||
schedule();
|
||||
jstop = jiffies;
|
||||
|
||||
printk("IXP: %d requests of %d bytes in %d jiffies\n", total, request_size,
|
||||
jstop - jstart);
|
||||
mbps = 0;
|
||||
if (jstop > jstart) {
|
||||
mbps = (unsigned long) total * (unsigned long) request_size * 8;
|
||||
mbps /= ((jstop - jstart) * 1000) / HZ;
|
||||
}
|
||||
printk("IXP: %d requests of %d bytes in %d jiffies (%d.%03d Mbps)\n",
|
||||
total, request_size, jstop - jstart,
|
||||
((int)mbps) / 1000, ((int)mbps) % 1000);
|
||||
ixp_done();
|
||||
#endif /* BENCH_IXP_ACCESS_LIB */
|
||||
|
||||
for (i = 0; i < request_q_len; i++)
|
||||
|
@ -34,6 +34,11 @@
|
||||
*/
|
||||
/****************************************************************************/
|
||||
#ifdef __KERNEL__
|
||||
#include <linux/version.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
|
||||
/*
|
||||
* fake some BSD driver interface stuff specifically for OCF use
|
||||
*/
|
||||
@ -288,6 +293,72 @@ static inline void *sg_virt(struct scatterlist *sg)
|
||||
#define late_initcall(init) module_init(init)
|
||||
#endif
|
||||
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,4) || !defined(CONFIG_SMP)
|
||||
#define ocf_for_each_cpu(cpu) for ((cpu) = 0; (cpu) == 0; (cpu)++)
|
||||
#else
|
||||
#define ocf_for_each_cpu(cpu) for_each_present_cpu(cpu)
|
||||
#endif
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,27)
|
||||
#include <linux/sched.h>
|
||||
#define kill_proc(p,s,v) send_sig(s,find_task_by_vpid(p),0)
|
||||
#endif
|
||||
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,4)
|
||||
|
||||
struct ocf_thread {
|
||||
struct task_struct *task;
|
||||
int (*func)(void *arg);
|
||||
void *arg;
|
||||
};
|
||||
|
||||
/* thread startup helper func */
|
||||
static inline int ocf_run_thread(void *arg)
|
||||
{
|
||||
struct ocf_thread *t = (struct ocf_thread *) arg;
|
||||
if (!t)
|
||||
return -1; /* very bad */
|
||||
t->task = current;
|
||||
daemonize();
|
||||
spin_lock_irq(¤t->sigmask_lock);
|
||||
sigemptyset(¤t->blocked);
|
||||
recalc_sigpending(current);
|
||||
spin_unlock_irq(¤t->sigmask_lock);
|
||||
return (*t->func)(t->arg);
|
||||
}
|
||||
|
||||
#define kthread_create(f,a,fmt...) \
|
||||
({ \
|
||||
struct ocf_thread t; \
|
||||
pid_t p; \
|
||||
t.task = NULL; \
|
||||
t.func = (f); \
|
||||
t.arg = (a); \
|
||||
p = kernel_thread(ocf_run_thread, &t, CLONE_FS|CLONE_FILES); \
|
||||
while (p != (pid_t) -1 && t.task == NULL) \
|
||||
schedule(); \
|
||||
if (t.task) \
|
||||
snprintf(t.task->comm, sizeof(t.task->comm), fmt); \
|
||||
(t.task); \
|
||||
})
|
||||
|
||||
#define kthread_bind(t,cpu) /**/
|
||||
|
||||
#define kthread_should_stop() (strcmp(current->comm, "stopping") == 0)
|
||||
|
||||
#define kthread_stop(t) \
|
||||
({ \
|
||||
strcpy((t)->comm, "stopping"); \
|
||||
kill_proc((t)->pid, SIGTERM, 1); \
|
||||
do { \
|
||||
schedule(); \
|
||||
} while (kill_proc((t)->pid, SIGTERM, 1) == 0); \
|
||||
})
|
||||
|
||||
#else
|
||||
#include <linux/kthread.h>
|
||||
#endif
|
||||
|
||||
#endif /* __KERNEL__ */
|
||||
|
||||
/****************************************************************************/
|
||||
|
@ -34,10 +34,8 @@
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
|
@ -18,10 +18,8 @@
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -240,11 +238,6 @@ pasemi_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri)
|
||||
|
||||
if (encini) {
|
||||
ses->ccmd = ccmd;
|
||||
|
||||
/* get an IV */
|
||||
/* XXX may read fewer than requested */
|
||||
get_random_bytes(ses->civ, sizeof(ses->civ));
|
||||
|
||||
ses->keysz = (encini->cri_klen - 63) / 64;
|
||||
memcpy(ses->key, encini->cri_key, (ses->keysz + 1) * 8);
|
||||
|
||||
@ -451,6 +444,8 @@ pasemi_process(device_t dev, struct cryptop *crp, int hint)
|
||||
if (enccrd->crd_flags & CRD_F_ENCRYPT) {
|
||||
if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
|
||||
memcpy(ivp, enccrd->crd_iv, ivsize);
|
||||
else
|
||||
read_random(ivp, ivsize);
|
||||
/* If IV is not present in the buffer already, it has to be copied there */
|
||||
if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0)
|
||||
crypto_copyback(crp->crp_flags, crp->crp_buf,
|
||||
|
@ -36,10 +36,8 @@
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -48,7 +46,6 @@
|
||||
#include <linux/wait.h>
|
||||
#include <linux/sched.h>
|
||||
#include <linux/spinlock.h>
|
||||
#include <linux/version.h>
|
||||
#include <linux/unistd.h>
|
||||
#include <linux/poll.h>
|
||||
#include <linux/random.h>
|
||||
@ -62,11 +59,6 @@
|
||||
#error "Please do not enable OCF_RANDOMHARVEST unless you have applied patches"
|
||||
#endif
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,27)
|
||||
#include <linux/sched.h>
|
||||
#define kill_proc(p,s,v) send_sig(s,find_task_by_vpid(p),0)
|
||||
#endif
|
||||
|
||||
/*
|
||||
* a hack to access the debug levels from the crypto driver
|
||||
*/
|
||||
|
@ -37,16 +37,13 @@
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/list.h>
|
||||
#include <linux/wait.h>
|
||||
#include <linux/time.h>
|
||||
#include <linux/version.h>
|
||||
#include <linux/unistd.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/string.h>
|
||||
|
@ -2,7 +2,6 @@
|
||||
* until we find a cleaner way, include the BSD md5/sha1 code
|
||||
* here
|
||||
*/
|
||||
#define HMAC_HACK 1
|
||||
#ifdef HMAC_HACK
|
||||
#define LITTLE_ENDIAN 1234
|
||||
#define BIG_ENDIAN 4321
|
@ -32,10 +32,8 @@ __FBSDID("$FreeBSD: src/sys/dev/safe/safe.c,v 1.18 2007/03/21 03:42:50 sam Exp $
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/kernel.h>
|
||||
@ -49,7 +47,6 @@ __FBSDID("$FreeBSD: src/sys/dev/safe/safe.c,v 1.18 2007/03/21 03:42:50 sam Exp $
|
||||
#include <linux/interrupt.h>
|
||||
#include <linux/spinlock.h>
|
||||
#include <linux/random.h>
|
||||
#include <linux/version.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <asm/io.h>
|
||||
|
||||
@ -80,40 +77,11 @@ __FBSDID("$FreeBSD: src/sys/dev/safe/safe.c,v 1.18 2007/03/21 03:42:50 sam Exp $
|
||||
*/
|
||||
#define HMAC_HACK 1
|
||||
#ifdef HMAC_HACK
|
||||
#define LITTLE_ENDIAN 1234
|
||||
#define BIG_ENDIAN 4321
|
||||
#ifdef __LITTLE_ENDIAN
|
||||
#define BYTE_ORDER LITTLE_ENDIAN
|
||||
#endif
|
||||
#ifdef __BIG_ENDIAN
|
||||
#define BYTE_ORDER BIG_ENDIAN
|
||||
#endif
|
||||
#include <safe/hmachack.h>
|
||||
#include <safe/md5.h>
|
||||
#include <safe/md5.c>
|
||||
#include <safe/sha1.h>
|
||||
#include <safe/sha1.c>
|
||||
|
||||
u_int8_t hmac_ipad_buffer[64] = {
|
||||
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
|
||||
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
|
||||
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
|
||||
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
|
||||
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
|
||||
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
|
||||
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
|
||||
0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
|
||||
};
|
||||
|
||||
u_int8_t hmac_opad_buffer[64] = {
|
||||
0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
|
||||
0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
|
||||
0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
|
||||
0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
|
||||
0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
|
||||
0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
|
||||
0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
|
||||
0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C
|
||||
};
|
||||
#endif /* HMAC_HACK */
|
||||
|
||||
/* add proc entry for this */
|
||||
@ -564,10 +532,6 @@ safe_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri)
|
||||
ses->ses_used = 1;
|
||||
|
||||
if (encini) {
|
||||
/* get an IV */
|
||||
/* XXX may read fewer than requested */
|
||||
read_random(ses->ses_iv, sizeof(ses->ses_iv));
|
||||
|
||||
ses->ses_klen = encini->cri_klen;
|
||||
if (encini->cri_key != NULL)
|
||||
safe_setup_enckey(ses, encini->cri_key);
|
||||
@ -630,7 +594,7 @@ safe_process(device_t dev, struct cryptop *crp, int hint)
|
||||
struct safe_ringentry *re;
|
||||
struct safe_sarec *sa;
|
||||
struct safe_pdesc *pd;
|
||||
u_int32_t cmd0, cmd1, staterec;
|
||||
u_int32_t cmd0, cmd1, staterec, rand_iv[4];
|
||||
unsigned long flags;
|
||||
|
||||
DPRINTF(("%s()\n", __FUNCTION__));
|
||||
@ -779,7 +743,7 @@ safe_process(device_t dev, struct cryptop *crp, int hint)
|
||||
if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
|
||||
iv = enccrd->crd_iv;
|
||||
else
|
||||
iv = (caddr_t) ses->ses_iv;
|
||||
read_random((iv = (caddr_t) &rand_iv[0]), sizeof(rand_iv));
|
||||
if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) {
|
||||
crypto_copyback(crp->crp_flags, crp->crp_buf,
|
||||
enccrd->crd_inject, ivsize, iv);
|
||||
@ -1129,31 +1093,6 @@ safe_callback(struct safe_softc *sc, struct safe_ringentry *re)
|
||||
return;
|
||||
}
|
||||
|
||||
if (re->re_flags & SAFE_QFLAGS_COPYOUTIV) {
|
||||
/* copy out IV for future use */
|
||||
for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
|
||||
int i;
|
||||
int ivsize;
|
||||
|
||||
if (crd->crd_alg == CRYPTO_DES_CBC ||
|
||||
crd->crd_alg == CRYPTO_3DES_CBC) {
|
||||
ivsize = 2*sizeof(u_int32_t);
|
||||
} else if (crd->crd_alg == CRYPTO_AES_CBC) {
|
||||
ivsize = 4*sizeof(u_int32_t);
|
||||
} else
|
||||
continue;
|
||||
crypto_copydata(crp->crp_flags, crp->crp_buf,
|
||||
crd->crd_skip + crd->crd_len - ivsize, ivsize,
|
||||
(caddr_t)sc->sc_sessions[re->re_sesn].ses_iv);
|
||||
for (i = 0;
|
||||
i < ivsize/sizeof(sc->sc_sessions[re->re_sesn].ses_iv[0]);
|
||||
i++)
|
||||
sc->sc_sessions[re->re_sesn].ses_iv[i] =
|
||||
cpu_to_le32(sc->sc_sessions[re->re_sesn].ses_iv[i]);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (re->re_flags & SAFE_QFLAGS_COPYOUTICV) {
|
||||
/* copy out ICV result */
|
||||
for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
|
||||
@ -2005,10 +1944,12 @@ static int safe_probe(struct pci_dev *dev, const struct pci_device_id *ent)
|
||||
return(-ENODEV);
|
||||
}
|
||||
|
||||
#ifdef HAVE_PCI_SET_MWI
|
||||
if (pci_set_mwi(dev)) {
|
||||
printk("safe: pci_set_mwi failed!");
|
||||
return(-ENODEV);
|
||||
}
|
||||
#endif
|
||||
|
||||
sc = (struct safe_softc *) kmalloc(sizeof(*sc), GFP_KERNEL);
|
||||
if (!sc)
|
||||
|
@ -145,7 +145,6 @@ struct safe_session {
|
||||
u_int32_t ses_mlen; /* hmac length in bytes */
|
||||
u_int32_t ses_hminner[5]; /* hmac inner state */
|
||||
u_int32_t ses_hmouter[5]; /* hmac outer state */
|
||||
u_int32_t ses_iv[4]; /* DES/3DES/AES iv */
|
||||
};
|
||||
|
||||
struct safe_pkq {
|
||||
|
@ -108,10 +108,8 @@
|
||||
*/
|
||||
|
||||
#include <linux/version.h>
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
|
||||
#include <generated/autoconf.h>
|
||||
#else
|
||||
#include <linux/autoconf.h>
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
|
||||
#include <linux/config.h>
|
||||
#endif
|
||||
#include <linux/module.h>
|
||||
#include <linux/init.h>
|
||||
@ -123,7 +121,6 @@
|
||||
#include <linux/dma-mapping.h> /* dma_map_single() */
|
||||
#include <linux/moduleparam.h>
|
||||
|
||||
#include <linux/version.h>
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,15)
|
||||
#include <linux/platform_device.h>
|
||||
#endif
|
||||
@ -421,10 +418,6 @@ talitos_newsession(device_t dev, u_int32_t *sidp, struct cryptoini *cri)
|
||||
ses->ses_used = 1;
|
||||
|
||||
if (encini) {
|
||||
/* get an IV */
|
||||
/* XXX may read fewer than requested */
|
||||
read_random(ses->ses_iv, sizeof(ses->ses_iv));
|
||||
|
||||
ses->ses_klen = (encini->cri_klen + 7) / 8;
|
||||
memcpy(ses->ses_key, encini->cri_key, ses->ses_klen);
|
||||
if (macini) {
|
||||
@ -514,6 +507,7 @@ talitos_process(device_t dev, struct cryptop *crp, int hint)
|
||||
int hmac_key, hmac_data, cipher_iv, cipher_key,
|
||||
in_fifo, out_fifo, cipher_iv_out;
|
||||
static int chsel = -1;
|
||||
u_int32_t rand_iv[4];
|
||||
|
||||
DPRINTF("%s()\n", __FUNCTION__);
|
||||
|
||||
@ -755,7 +749,7 @@ talitos_process(device_t dev, struct cryptop *crp, int hint)
|
||||
if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
|
||||
iv = enccrd->crd_iv;
|
||||
else
|
||||
iv = (caddr_t) ses->ses_iv;
|
||||
read_random((iv = (caddr_t) rand_iv), sizeof(rand_iv));
|
||||
if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) {
|
||||
crypto_copyback(crp->crp_flags, crp->crp_buf,
|
||||
enccrd->crd_inject, ivsize, iv);
|
||||
@ -764,9 +758,8 @@ talitos_process(device_t dev, struct cryptop *crp, int hint)
|
||||
td->hdr |= TALITOS_DIR_INBOUND;
|
||||
if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) {
|
||||
iv = enccrd->crd_iv;
|
||||
bcopy(enccrd->crd_iv, iv, ivsize);
|
||||
} else {
|
||||
iv = (caddr_t) ses->ses_iv;
|
||||
iv = (caddr_t) rand_iv;
|
||||
crypto_copydata(crp->crp_flags, crp->crp_buf,
|
||||
enccrd->crd_inject, ivsize, iv);
|
||||
}
|
||||
|
@ -69,7 +69,6 @@ struct talitos_session {
|
||||
u_int32_t ses_key[8]; /* DES/3DES/AES key */
|
||||
u_int32_t ses_hmac[5]; /* hmac inner state */
|
||||
u_int32_t ses_hmac_len; /* hmac length */
|
||||
u_int32_t ses_iv[4]; /* DES/3DES/AES iv */
|
||||
u_int32_t ses_mlen; /* desired hash result len (12=ipsec or 16) */
|
||||
};
|
||||
|
||||
|
12
target/linux/generic/files/crypto/ocf/ubsec_ssb/Makefile
Normal file
12
target/linux/generic/files/crypto/ocf/ubsec_ssb/Makefile
Normal file
@ -0,0 +1,12 @@
|
||||
# for SGlinux builds
|
||||
-include $(ROOTDIR)/modules/.config
|
||||
|
||||
obj-$(CONFIG_OCF_UBSEC_SSB) += ubsec_ssb.o
|
||||
|
||||
obj ?= .
|
||||
EXTRA_CFLAGS += -I$(obj)/.. -I$(obj)/
|
||||
|
||||
ifdef TOPDIR
|
||||
-include $(TOPDIR)/Rules.make
|
||||
endif
|
||||
|
@ -62,24 +62,26 @@
|
||||
/*
|
||||
* BSD queue
|
||||
*/
|
||||
#include "bsdqueue.h"
|
||||
//#include "bsdqueue.h"
|
||||
|
||||
/*
|
||||
* OCF
|
||||
*/
|
||||
#include "cryptodev.h"
|
||||
#include "uio.h"
|
||||
#include <cryptodev.h>
|
||||
#include <uio.h>
|
||||
|
||||
#define HMAC_HACK 1
|
||||
|
||||
#define HMAC_HACK 1
|
||||
#ifdef HMAC_HACK
|
||||
#include "hmachack.h"
|
||||
#include "md5.h"
|
||||
#include "md5.c"
|
||||
#include "sha1.h"
|
||||
#include "sha1.c"
|
||||
#include <safe/hmachack.h>
|
||||
#include <safe/md5.h>
|
||||
#include <safe/md5.c>
|
||||
#include <safe/sha1.h>
|
||||
#include <safe/sha1.c>
|
||||
#endif
|
||||
|
||||
#include "bsdqueue.h"
|
||||
#include "ubsecreg.h"
|
||||
#include "ubsecvar.h"
|
||||
|
||||
@ -503,7 +505,7 @@ __devinit ubsec_ssb_probe(struct ssb_device *sdev,
|
||||
goto err_out_powerdown;
|
||||
}
|
||||
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,34))
|
||||
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,36))
|
||||
err = dma_set_mask(sdev->dma_dev, DMA_BIT_MASK(32)) ||
|
||||
dma_set_coherent_mask(sdev->dma_dev, DMA_BIT_MASK(32));
|
||||
#else
|
132
target/linux/generic/patches-2.6.30/971-ocf_20110720.patch
Normal file
132
target/linux/generic/patches-2.6.30/971-ocf_20110720.patch
Normal file
@ -0,0 +1,132 @@
|
||||
|
||||
--- a/drivers/char/random.c
|
||||
+++ b/drivers/char/random.c
|
||||
@@ -129,6 +129,9 @@
|
||||
* unsigned int value);
|
||||
* void add_interrupt_randomness(int irq);
|
||||
*
|
||||
+ * void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+ * int random_input_wait(void);
|
||||
+ *
|
||||
* add_input_randomness() uses the input layer interrupt timing, as well as
|
||||
* the event type information from the hardware.
|
||||
*
|
||||
@@ -140,6 +143,13 @@
|
||||
* a better measure, since the timing of the disk interrupts are more
|
||||
* unpredictable.
|
||||
*
|
||||
+ * random_input_words() just provides a raw block of entropy to the input
|
||||
+ * pool, such as from a hardware entropy generator.
|
||||
+ *
|
||||
+ * random_input_wait() suspends the caller until such time as the
|
||||
+ * entropy pool falls below the write threshold, and returns a count of how
|
||||
+ * much entropy (in bits) is needed to sustain the pool.
|
||||
+ *
|
||||
* All of these routines try to estimate how many bits of randomness a
|
||||
* particular randomness source. They do this by keeping track of the
|
||||
* first and second order deltas of the event timings.
|
||||
@@ -712,6 +722,61 @@ void add_disk_randomness(struct gendisk
|
||||
}
|
||||
#endif
|
||||
|
||||
+/*
|
||||
+ * random_input_words - add bulk entropy to pool
|
||||
+ *
|
||||
+ * @buf: buffer to add
|
||||
+ * @wordcount: number of __u32 words to add
|
||||
+ * @ent_count: total amount of entropy (in bits) to credit
|
||||
+ *
|
||||
+ * this provides bulk input of entropy to the input pool
|
||||
+ *
|
||||
+ */
|
||||
+void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+{
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ /*
|
||||
+ * Wake up waiting processes if we have enough
|
||||
+ * entropy.
|
||||
+ */
|
||||
+ if (input_pool.entropy_count >= random_read_wakeup_thresh)
|
||||
+ wake_up_interruptible(&random_read_wait);
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_words);
|
||||
+
|
||||
+/*
|
||||
+ * random_input_wait - wait until random needs entropy
|
||||
+ *
|
||||
+ * this function sleeps until the /dev/random subsystem actually
|
||||
+ * needs more entropy, and then return the amount of entropy
|
||||
+ * that it would be nice to have added to the system.
|
||||
+ */
|
||||
+int random_input_wait(void)
|
||||
+{
|
||||
+ int count;
|
||||
+
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+
|
||||
+ count = random_write_wakeup_thresh - input_pool.entropy_count;
|
||||
+
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+
|
||||
+ DEBUG_ENT("requesting %d bits from input_wait()er %d<%d\n",
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+
|
||||
+ return count;
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_wait);
|
||||
+
|
||||
+
|
||||
#define EXTRACT_SIZE 10
|
||||
|
||||
/*********************************************************************
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -196,6 +196,7 @@ static int setfl(int fd, struct file * f
|
||||
out:
|
||||
return error;
|
||||
}
|
||||
+EXPORT_SYMBOL(sys_dup);
|
||||
|
||||
static void f_modown(struct file *filp, struct pid *pid, enum pid_type type,
|
||||
uid_t uid, uid_t euid, int force)
|
||||
--- a/include/linux/miscdevice.h
|
||||
+++ b/include/linux/miscdevice.h
|
||||
@@ -12,6 +12,7 @@
|
||||
#define APOLLO_MOUSE_MINOR 7
|
||||
#define PC110PAD_MINOR 9
|
||||
/*#define ADB_MOUSE_MINOR 10 FIXME OBSOLETE */
|
||||
+#define CRYPTODEV_MINOR 70 /* /dev/crypto */
|
||||
#define WATCHDOG_MINOR 130 /* Watchdog timer */
|
||||
#define TEMP_MINOR 131 /* Temperature Sensor */
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -50,6 +50,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
||||
+extern void random_input_words(__u32 *buf, size_t wordcount, int ent_count);
|
||||
+extern int random_input_wait(void);
|
||||
+#define HAS_RANDOM_INPUT_WAIT 1
|
||||
+
|
||||
extern void get_random_bytes(void *buf, int nbytes);
|
||||
void generate_random_uuid(unsigned char uuid_out[16]);
|
||||
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -383,6 +383,7 @@ struct task_struct *find_task_by_pid_typ
|
||||
{
|
||||
return pid_task(find_pid_ns(nr, ns), type);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
EXPORT_SYMBOL(find_task_by_pid_type_ns);
|
||||
|
@ -24,7 +24,7 @@
|
||||
* All of these routines try to estimate how many bits of randomness a
|
||||
* particular randomness source. They do this by keeping track of the
|
||||
* first and second order deltas of the event timings.
|
||||
@@ -712,6 +722,61 @@ void add_disk_randomness(struct gendisk
|
||||
@@ -712,6 +722,61 @@ void add_disk_randomness(struct gendisk
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -88,14 +88,14 @@
|
||||
/*********************************************************************
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -141,6 +141,7 @@ SYSCALL_DEFINE1(dup, unsigned int, filde
|
||||
}
|
||||
return ret;
|
||||
@@ -195,6 +195,7 @@ static int setfl(int fd, struct file * f
|
||||
out:
|
||||
return error;
|
||||
}
|
||||
+EXPORT_SYMBOL(sys_dup);
|
||||
|
||||
#define SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT | O_NOATIME)
|
||||
|
||||
static void f_modown(struct file *filp, struct pid *pid, enum pid_type type,
|
||||
int force)
|
||||
--- a/include/linux/miscdevice.h
|
||||
+++ b/include/linux/miscdevice.h
|
||||
@@ -12,6 +12,7 @@
|
||||
@ -108,46 +108,7 @@
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -9,6 +9,7 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/ioctl.h>
|
||||
+#include <linux/types.h> /* for __u32 in user space */
|
||||
#include <linux/irqnr.h>
|
||||
|
||||
/* ioctl()'s for the random number generator */
|
||||
@@ -34,6 +35,30 @@
|
||||
/* Clear the entropy pool and associated counters. (Superuser only.) */
|
||||
#define RNDCLEARPOOL _IO( 'R', 0x06 )
|
||||
|
||||
+#ifdef CONFIG_FIPS_RNG
|
||||
+
|
||||
+/* Size of seed value - equal to AES blocksize */
|
||||
+#define AES_BLOCK_SIZE_BYTES 16
|
||||
+#define SEED_SIZE_BYTES AES_BLOCK_SIZE_BYTES
|
||||
+/* Size of AES key */
|
||||
+#define KEY_SIZE_BYTES 16
|
||||
+
|
||||
+/* ioctl() structure used by FIPS 140-2 Tests */
|
||||
+struct rand_fips_test {
|
||||
+ unsigned char key[KEY_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char datetime[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char seed[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char result[SEED_SIZE_BYTES]; /* Output */
|
||||
+};
|
||||
+
|
||||
+/* FIPS 140-2 RNG Variable Seed Test. (Superuser only.) */
|
||||
+#define RNDFIPSVST _IOWR('R', 0x10, struct rand_fips_test)
|
||||
+
|
||||
+/* FIPS 140-2 RNG Monte Carlo Test. (Superuser only.) */
|
||||
+#define RNDFIPSMCT _IOWR('R', 0x11, struct rand_fips_test)
|
||||
+
|
||||
+#endif /* #ifdef CONFIG_FIPS_RNG */
|
||||
+
|
||||
struct rand_pool_info {
|
||||
int entropy_count;
|
||||
int buf_size;
|
||||
@@ -50,6 +75,10 @@ extern void add_input_randomness(unsigne
|
||||
@@ -50,6 +50,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
@ -88,14 +88,14 @@
|
||||
/*********************************************************************
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -141,6 +141,7 @@ SYSCALL_DEFINE1(dup, unsigned int, filde
|
||||
}
|
||||
return ret;
|
||||
@@ -195,6 +195,7 @@ static int setfl(int fd, struct file * f
|
||||
out:
|
||||
return error;
|
||||
}
|
||||
+EXPORT_SYMBOL(sys_dup);
|
||||
|
||||
#define SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT | O_NOATIME)
|
||||
|
||||
static void f_modown(struct file *filp, struct pid *pid, enum pid_type type,
|
||||
int force)
|
||||
--- a/include/linux/miscdevice.h
|
||||
+++ b/include/linux/miscdevice.h
|
||||
@@ -12,6 +12,7 @@
|
||||
@ -108,46 +108,7 @@
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -9,6 +9,7 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/ioctl.h>
|
||||
+#include <linux/types.h> /* for __u32 in user space */
|
||||
#include <linux/irqnr.h>
|
||||
|
||||
/* ioctl()'s for the random number generator */
|
||||
@@ -34,6 +35,30 @@
|
||||
/* Clear the entropy pool and associated counters. (Superuser only.) */
|
||||
#define RNDCLEARPOOL _IO( 'R', 0x06 )
|
||||
|
||||
+#ifdef CONFIG_FIPS_RNG
|
||||
+
|
||||
+/* Size of seed value - equal to AES blocksize */
|
||||
+#define AES_BLOCK_SIZE_BYTES 16
|
||||
+#define SEED_SIZE_BYTES AES_BLOCK_SIZE_BYTES
|
||||
+/* Size of AES key */
|
||||
+#define KEY_SIZE_BYTES 16
|
||||
+
|
||||
+/* ioctl() structure used by FIPS 140-2 Tests */
|
||||
+struct rand_fips_test {
|
||||
+ unsigned char key[KEY_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char datetime[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char seed[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char result[SEED_SIZE_BYTES]; /* Output */
|
||||
+};
|
||||
+
|
||||
+/* FIPS 140-2 RNG Variable Seed Test. (Superuser only.) */
|
||||
+#define RNDFIPSVST _IOWR('R', 0x10, struct rand_fips_test)
|
||||
+
|
||||
+/* FIPS 140-2 RNG Monte Carlo Test. (Superuser only.) */
|
||||
+#define RNDFIPSMCT _IOWR('R', 0x11, struct rand_fips_test)
|
||||
+
|
||||
+#endif /* #ifdef CONFIG_FIPS_RNG */
|
||||
+
|
||||
struct rand_pool_info {
|
||||
int entropy_count;
|
||||
int buf_size;
|
||||
@@ -50,6 +75,10 @@ extern void add_input_randomness(unsigne
|
||||
@@ -50,6 +50,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- a/crypto/Kconfig
|
||||
+++ b/crypto/Kconfig
|
||||
@@ -849,3 +849,6 @@ config CRYPTO_ANSI_CPRNG
|
||||
@@ -845,3 +845,6 @@ config CRYPTO_ANSI_CPRNG
|
||||
source "drivers/crypto/Kconfig"
|
||||
|
||||
endif # if CRYPTO
|
||||
|
@ -1,170 +0,0 @@
|
||||
--- a/drivers/char/random.c
|
||||
+++ b/drivers/char/random.c
|
||||
@@ -129,6 +129,9 @@
|
||||
* unsigned int value);
|
||||
* void add_interrupt_randomness(int irq);
|
||||
*
|
||||
+ * void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+ * int random_input_wait(void);
|
||||
+ *
|
||||
* add_input_randomness() uses the input layer interrupt timing, as well as
|
||||
* the event type information from the hardware.
|
||||
*
|
||||
@@ -140,6 +143,13 @@
|
||||
* a better measure, since the timing of the disk interrupts are more
|
||||
* unpredictable.
|
||||
*
|
||||
+ * random_input_words() just provides a raw block of entropy to the input
|
||||
+ * pool, such as from a hardware entropy generator.
|
||||
+ *
|
||||
+ * random_input_wait() suspends the caller until such time as the
|
||||
+ * entropy pool falls below the write threshold, and returns a count of how
|
||||
+ * much entropy (in bits) is needed to sustain the pool.
|
||||
+ *
|
||||
* All of these routines try to estimate how many bits of randomness a
|
||||
* particular randomness source. They do this by keeping track of the
|
||||
* first and second order deltas of the event timings.
|
||||
@@ -715,6 +725,61 @@ void add_disk_randomness(struct gendisk
|
||||
}
|
||||
#endif
|
||||
|
||||
+/*
|
||||
+ * random_input_words - add bulk entropy to pool
|
||||
+ *
|
||||
+ * @buf: buffer to add
|
||||
+ * @wordcount: number of __u32 words to add
|
||||
+ * @ent_count: total amount of entropy (in bits) to credit
|
||||
+ *
|
||||
+ * this provides bulk input of entropy to the input pool
|
||||
+ *
|
||||
+ */
|
||||
+void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+{
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ /*
|
||||
+ * Wake up waiting processes if we have enough
|
||||
+ * entropy.
|
||||
+ */
|
||||
+ if (input_pool.entropy_count >= random_read_wakeup_thresh)
|
||||
+ wake_up_interruptible(&random_read_wait);
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_words);
|
||||
+
|
||||
+/*
|
||||
+ * random_input_wait - wait until random needs entropy
|
||||
+ *
|
||||
+ * this function sleeps until the /dev/random subsystem actually
|
||||
+ * needs more entropy, and then return the amount of entropy
|
||||
+ * that it would be nice to have added to the system.
|
||||
+ */
|
||||
+int random_input_wait(void)
|
||||
+{
|
||||
+ int count;
|
||||
+
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+
|
||||
+ count = random_write_wakeup_thresh - input_pool.entropy_count;
|
||||
+
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+
|
||||
+ DEBUG_ENT("requesting %d bits from input_wait()er %d<%d\n",
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+
|
||||
+ return count;
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_wait);
|
||||
+
|
||||
+
|
||||
/*********************************************************************
|
||||
*
|
||||
* Entropy extraction routines
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -142,6 +142,7 @@ SYSCALL_DEFINE1(dup, unsigned int, filde
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
+EXPORT_SYMBOL(sys_dup);
|
||||
|
||||
#define SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT | O_NOATIME)
|
||||
|
||||
--- a/include/linux/miscdevice.h
|
||||
+++ b/include/linux/miscdevice.h
|
||||
@@ -18,6 +18,7 @@
|
||||
#define APOLLO_MOUSE_MINOR 7
|
||||
#define PC110PAD_MINOR 9
|
||||
/*#define ADB_MOUSE_MINOR 10 FIXME OBSOLETE */
|
||||
+#define CRYPTODEV_MINOR 70 /* /dev/crypto */
|
||||
#define WATCHDOG_MINOR 130 /* Watchdog timer */
|
||||
#define TEMP_MINOR 131 /* Temperature Sensor */
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -9,6 +9,7 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/ioctl.h>
|
||||
+#include <linux/types.h> /* for __u32 in user space */
|
||||
#include <linux/irqnr.h>
|
||||
|
||||
/* ioctl()'s for the random number generator */
|
||||
@@ -34,6 +35,30 @@
|
||||
/* Clear the entropy pool and associated counters. (Superuser only.) */
|
||||
#define RNDCLEARPOOL _IO( 'R', 0x06 )
|
||||
|
||||
+#ifdef CONFIG_FIPS_RNG
|
||||
+
|
||||
+/* Size of seed value - equal to AES blocksize */
|
||||
+#define AES_BLOCK_SIZE_BYTES 16
|
||||
+#define SEED_SIZE_BYTES AES_BLOCK_SIZE_BYTES
|
||||
+/* Size of AES key */
|
||||
+#define KEY_SIZE_BYTES 16
|
||||
+
|
||||
+/* ioctl() structure used by FIPS 140-2 Tests */
|
||||
+struct rand_fips_test {
|
||||
+ unsigned char key[KEY_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char datetime[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char seed[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char result[SEED_SIZE_BYTES]; /* Output */
|
||||
+};
|
||||
+
|
||||
+/* FIPS 140-2 RNG Variable Seed Test. (Superuser only.) */
|
||||
+#define RNDFIPSVST _IOWR('R', 0x10, struct rand_fips_test)
|
||||
+
|
||||
+/* FIPS 140-2 RNG Monte Carlo Test. (Superuser only.) */
|
||||
+#define RNDFIPSMCT _IOWR('R', 0x11, struct rand_fips_test)
|
||||
+
|
||||
+#endif /* #ifdef CONFIG_FIPS_RNG */
|
||||
+
|
||||
struct rand_pool_info {
|
||||
int entropy_count;
|
||||
int buf_size;
|
||||
@@ -54,6 +79,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
||||
+extern void random_input_words(__u32 *buf, size_t wordcount, int ent_count);
|
||||
+extern int random_input_wait(void);
|
||||
+#define HAS_RANDOM_INPUT_WAIT 1
|
||||
+
|
||||
extern void get_random_bytes(void *buf, int nbytes);
|
||||
void generate_random_uuid(unsigned char uuid_out[16]);
|
||||
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -423,6 +423,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
@ -1,3 +1,13 @@
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -423,6 +423,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
||||
--- a/drivers/char/random.c
|
||||
+++ b/drivers/char/random.c
|
||||
@@ -129,6 +129,9 @@
|
||||
@ -24,7 +34,7 @@
|
||||
* All of these routines try to estimate how many bits of randomness a
|
||||
* particular randomness source. They do this by keeping track of the
|
||||
* first and second order deltas of the event timings.
|
||||
@@ -712,6 +722,61 @@ void add_disk_randomness(struct gendisk
|
||||
@@ -715,6 +725,63 @@ void add_disk_randomness(struct gendisk
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -83,9 +93,11 @@
|
||||
+EXPORT_SYMBOL(random_input_wait);
|
||||
+
|
||||
+
|
||||
#define EXTRACT_SIZE 10
|
||||
|
||||
+#define EXTRACT_SIZE 10
|
||||
+
|
||||
/*********************************************************************
|
||||
*
|
||||
* Entropy extraction routines
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -142,6 +142,7 @@ SYSCALL_DEFINE1(dup, unsigned int, filde
|
||||
@ -98,7 +110,7 @@
|
||||
|
||||
--- a/include/linux/miscdevice.h
|
||||
+++ b/include/linux/miscdevice.h
|
||||
@@ -12,6 +12,7 @@
|
||||
@@ -18,6 +18,7 @@
|
||||
#define APOLLO_MOUSE_MINOR 7
|
||||
#define PC110PAD_MINOR 9
|
||||
/*#define ADB_MOUSE_MINOR 10 FIXME OBSOLETE */
|
||||
@ -108,46 +120,7 @@
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -9,6 +9,7 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/ioctl.h>
|
||||
+#include <linux/types.h> /* for __u32 in user space */
|
||||
#include <linux/irqnr.h>
|
||||
|
||||
/* ioctl()'s for the random number generator */
|
||||
@@ -34,6 +35,30 @@
|
||||
/* Clear the entropy pool and associated counters. (Superuser only.) */
|
||||
#define RNDCLEARPOOL _IO( 'R', 0x06 )
|
||||
|
||||
+#ifdef CONFIG_FIPS_RNG
|
||||
+
|
||||
+/* Size of seed value - equal to AES blocksize */
|
||||
+#define AES_BLOCK_SIZE_BYTES 16
|
||||
+#define SEED_SIZE_BYTES AES_BLOCK_SIZE_BYTES
|
||||
+/* Size of AES key */
|
||||
+#define KEY_SIZE_BYTES 16
|
||||
+
|
||||
+/* ioctl() structure used by FIPS 140-2 Tests */
|
||||
+struct rand_fips_test {
|
||||
+ unsigned char key[KEY_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char datetime[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char seed[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char result[SEED_SIZE_BYTES]; /* Output */
|
||||
+};
|
||||
+
|
||||
+/* FIPS 140-2 RNG Variable Seed Test. (Superuser only.) */
|
||||
+#define RNDFIPSVST _IOWR('R', 0x10, struct rand_fips_test)
|
||||
+
|
||||
+/* FIPS 140-2 RNG Monte Carlo Test. (Superuser only.) */
|
||||
+#define RNDFIPSMCT _IOWR('R', 0x11, struct rand_fips_test)
|
||||
+
|
||||
+#endif /* #ifdef CONFIG_FIPS_RNG */
|
||||
+
|
||||
struct rand_pool_info {
|
||||
int entropy_count;
|
||||
int buf_size;
|
||||
@@ -50,6 +75,10 @@ extern void add_input_randomness(unsigne
|
||||
@@ -54,6 +54,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
@ -1,3 +1,13 @@
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -424,6 +424,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
||||
--- a/drivers/char/random.c
|
||||
+++ b/drivers/char/random.c
|
||||
@@ -129,6 +129,9 @@
|
||||
@ -24,7 +34,7 @@
|
||||
* All of these routines try to estimate how many bits of randomness a
|
||||
* particular randomness source. They do this by keeping track of the
|
||||
* first and second order deltas of the event timings.
|
||||
@@ -715,6 +725,61 @@ void add_disk_randomness(struct gendisk
|
||||
@@ -715,6 +725,63 @@ void add_disk_randomness(struct gendisk
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -40,12 +50,12 @@
|
||||
+ */
|
||||
+void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+{
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ /*
|
||||
+ * Wake up waiting processes if we have enough
|
||||
+ * entropy.
|
||||
@ -66,22 +76,24 @@
|
||||
+{
|
||||
+ int count;
|
||||
+
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+
|
||||
+ count = random_write_wakeup_thresh - input_pool.entropy_count;
|
||||
+
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+
|
||||
+ DEBUG_ENT("requesting %d bits from input_wait()er %d<%d\n",
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+
|
||||
+ return count;
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_wait);
|
||||
+
|
||||
+
|
||||
+#define EXTRACT_SIZE 10
|
||||
+
|
||||
/*********************************************************************
|
||||
*
|
||||
@ -108,46 +120,7 @@
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -9,6 +9,7 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/ioctl.h>
|
||||
+#include <linux/types.h> /* for __u32 in user space */
|
||||
#include <linux/irqnr.h>
|
||||
|
||||
/* ioctl()'s for the random number generator */
|
||||
@@ -34,6 +35,30 @@
|
||||
/* Clear the entropy pool and associated counters. (Superuser only.) */
|
||||
#define RNDCLEARPOOL _IO( 'R', 0x06 )
|
||||
|
||||
+#ifdef CONFIG_FIPS_RNG
|
||||
+
|
||||
+/* Size of seed value - equal to AES blocksize */
|
||||
+#define AES_BLOCK_SIZE_BYTES 16
|
||||
+#define SEED_SIZE_BYTES AES_BLOCK_SIZE_BYTES
|
||||
+/* Size of AES key */
|
||||
+#define KEY_SIZE_BYTES 16
|
||||
+
|
||||
+/* ioctl() structure used by FIPS 140-2 Tests */
|
||||
+struct rand_fips_test {
|
||||
+ unsigned char key[KEY_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char datetime[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char seed[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char result[SEED_SIZE_BYTES]; /* Output */
|
||||
+};
|
||||
+
|
||||
+/* FIPS 140-2 RNG Variable Seed Test. (Superuser only.) */
|
||||
+#define RNDFIPSVST _IOWR('R', 0x10, struct rand_fips_test)
|
||||
+
|
||||
+/* FIPS 140-2 RNG Monte Carlo Test. (Superuser only.) */
|
||||
+#define RNDFIPSMCT _IOWR('R', 0x11, struct rand_fips_test)
|
||||
+
|
||||
+#endif /* #ifdef CONFIG_FIPS_RNG */
|
||||
+
|
||||
struct rand_pool_info {
|
||||
int entropy_count;
|
||||
int buf_size;
|
||||
@@ -54,6 +79,10 @@ extern void add_input_randomness(unsigne
|
||||
@@ -54,6 +54,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
||||
@ -158,13 +131,3 @@
|
||||
extern void get_random_bytes(void *buf, int nbytes);
|
||||
void generate_random_uuid(unsigned char uuid_out[16]);
|
||||
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -424,6 +424,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
@ -1,3 +1,13 @@
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -427,6 +427,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
||||
--- a/drivers/char/random.c
|
||||
+++ b/drivers/char/random.c
|
||||
@@ -129,6 +129,9 @@
|
||||
@ -24,7 +34,7 @@
|
||||
* All of these routines try to estimate how many bits of randomness a
|
||||
* particular randomness source. They do this by keeping track of the
|
||||
* first and second order deltas of the event timings.
|
||||
@@ -715,6 +725,61 @@ void add_disk_randomness(struct gendisk
|
||||
@@ -715,6 +725,63 @@ void add_disk_randomness(struct gendisk
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -40,12 +50,12 @@
|
||||
+ */
|
||||
+void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+{
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ /*
|
||||
+ * Wake up waiting processes if we have enough
|
||||
+ * entropy.
|
||||
@ -66,22 +76,24 @@
|
||||
+{
|
||||
+ int count;
|
||||
+
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+
|
||||
+ count = random_write_wakeup_thresh - input_pool.entropy_count;
|
||||
+
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+
|
||||
+ DEBUG_ENT("requesting %d bits from input_wait()er %d<%d\n",
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+
|
||||
+ return count;
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_wait);
|
||||
+
|
||||
+
|
||||
+#define EXTRACT_SIZE 10
|
||||
+
|
||||
/*********************************************************************
|
||||
*
|
||||
@ -108,46 +120,7 @@
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -9,6 +9,7 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/ioctl.h>
|
||||
+#include <linux/types.h> /* for __u32 in user space */
|
||||
#include <linux/irqnr.h>
|
||||
|
||||
/* ioctl()'s for the random number generator */
|
||||
@@ -34,6 +35,30 @@
|
||||
/* Clear the entropy pool and associated counters. (Superuser only.) */
|
||||
#define RNDCLEARPOOL _IO( 'R', 0x06 )
|
||||
|
||||
+#ifdef CONFIG_FIPS_RNG
|
||||
+
|
||||
+/* Size of seed value - equal to AES blocksize */
|
||||
+#define AES_BLOCK_SIZE_BYTES 16
|
||||
+#define SEED_SIZE_BYTES AES_BLOCK_SIZE_BYTES
|
||||
+/* Size of AES key */
|
||||
+#define KEY_SIZE_BYTES 16
|
||||
+
|
||||
+/* ioctl() structure used by FIPS 140-2 Tests */
|
||||
+struct rand_fips_test {
|
||||
+ unsigned char key[KEY_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char datetime[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char seed[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char result[SEED_SIZE_BYTES]; /* Output */
|
||||
+};
|
||||
+
|
||||
+/* FIPS 140-2 RNG Variable Seed Test. (Superuser only.) */
|
||||
+#define RNDFIPSVST _IOWR('R', 0x10, struct rand_fips_test)
|
||||
+
|
||||
+/* FIPS 140-2 RNG Monte Carlo Test. (Superuser only.) */
|
||||
+#define RNDFIPSMCT _IOWR('R', 0x11, struct rand_fips_test)
|
||||
+
|
||||
+#endif /* #ifdef CONFIG_FIPS_RNG */
|
||||
+
|
||||
struct rand_pool_info {
|
||||
int entropy_count;
|
||||
int buf_size;
|
||||
@@ -54,6 +79,10 @@ extern void add_input_randomness(unsigne
|
||||
@@ -54,6 +54,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
||||
@ -158,13 +131,3 @@
|
||||
extern void get_random_bytes(void *buf, int nbytes);
|
||||
void generate_random_uuid(unsigned char uuid_out[16]);
|
||||
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -427,6 +427,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
@ -1,3 +1,13 @@
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -427,6 +427,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
||||
--- a/drivers/char/random.c
|
||||
+++ b/drivers/char/random.c
|
||||
@@ -130,6 +130,9 @@
|
||||
@ -24,7 +34,7 @@
|
||||
* All of these routines try to estimate how many bits of randomness a
|
||||
* particular randomness source. They do this by keeping track of the
|
||||
* first and second order deltas of the event timings.
|
||||
@@ -722,6 +732,61 @@ void add_disk_randomness(struct gendisk
|
||||
@@ -722,6 +732,63 @@ void add_disk_randomness(struct gendisk
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -40,12 +50,12 @@
|
||||
+ */
|
||||
+void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+{
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ /*
|
||||
+ * Wake up waiting processes if we have enough
|
||||
+ * entropy.
|
||||
@ -66,22 +76,24 @@
|
||||
+{
|
||||
+ int count;
|
||||
+
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+
|
||||
+ count = random_write_wakeup_thresh - input_pool.entropy_count;
|
||||
+
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+
|
||||
+ DEBUG_ENT("requesting %d bits from input_wait()er %d<%d\n",
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+
|
||||
+ return count;
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_wait);
|
||||
+
|
||||
+
|
||||
+#define EXTRACT_SIZE 10
|
||||
+
|
||||
/*********************************************************************
|
||||
*
|
||||
@ -108,46 +120,7 @@
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -9,6 +9,7 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/ioctl.h>
|
||||
+#include <linux/types.h> /* for __u32 in user space */
|
||||
#include <linux/irqnr.h>
|
||||
|
||||
/* ioctl()'s for the random number generator */
|
||||
@@ -34,6 +35,30 @@
|
||||
/* Clear the entropy pool and associated counters. (Superuser only.) */
|
||||
#define RNDCLEARPOOL _IO( 'R', 0x06 )
|
||||
|
||||
+#ifdef CONFIG_FIPS_RNG
|
||||
+
|
||||
+/* Size of seed value - equal to AES blocksize */
|
||||
+#define AES_BLOCK_SIZE_BYTES 16
|
||||
+#define SEED_SIZE_BYTES AES_BLOCK_SIZE_BYTES
|
||||
+/* Size of AES key */
|
||||
+#define KEY_SIZE_BYTES 16
|
||||
+
|
||||
+/* ioctl() structure used by FIPS 140-2 Tests */
|
||||
+struct rand_fips_test {
|
||||
+ unsigned char key[KEY_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char datetime[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char seed[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char result[SEED_SIZE_BYTES]; /* Output */
|
||||
+};
|
||||
+
|
||||
+/* FIPS 140-2 RNG Variable Seed Test. (Superuser only.) */
|
||||
+#define RNDFIPSVST _IOWR('R', 0x10, struct rand_fips_test)
|
||||
+
|
||||
+/* FIPS 140-2 RNG Monte Carlo Test. (Superuser only.) */
|
||||
+#define RNDFIPSMCT _IOWR('R', 0x11, struct rand_fips_test)
|
||||
+
|
||||
+#endif /* #ifdef CONFIG_FIPS_RNG */
|
||||
+
|
||||
struct rand_pool_info {
|
||||
int entropy_count;
|
||||
int buf_size;
|
||||
@@ -54,6 +79,10 @@ extern void add_input_randomness(unsigne
|
||||
@@ -54,6 +54,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
||||
@ -158,13 +131,3 @@
|
||||
extern void get_random_bytes(void *buf, int nbytes);
|
||||
void generate_random_uuid(unsigned char uuid_out[16]);
|
||||
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -427,6 +427,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
@ -1,170 +0,0 @@
|
||||
--- a/drivers/char/random.c
|
||||
+++ b/drivers/char/random.c
|
||||
@@ -130,6 +130,9 @@
|
||||
* void add_interrupt_randomness(int irq);
|
||||
* void add_disk_randomness(struct gendisk *disk);
|
||||
*
|
||||
+ * void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+ * int random_input_wait(void);
|
||||
+ *
|
||||
* add_input_randomness() uses the input layer interrupt timing, as well as
|
||||
* the event type information from the hardware.
|
||||
*
|
||||
@@ -147,6 +150,13 @@
|
||||
* seek times do not make for good sources of entropy, as their seek
|
||||
* times are usually fairly consistent.
|
||||
*
|
||||
+ * random_input_words() just provides a raw block of entropy to the input
|
||||
+ * pool, such as from a hardware entropy generator.
|
||||
+ *
|
||||
+ * random_input_wait() suspends the caller until such time as the
|
||||
+ * entropy pool falls below the write threshold, and returns a count of how
|
||||
+ * much entropy (in bits) is needed to sustain the pool.
|
||||
+ *
|
||||
* All of these routines try to estimate how many bits of randomness a
|
||||
* particular randomness source. They do this by keeping track of the
|
||||
* first and second order deltas of the event timings.
|
||||
@@ -722,6 +732,61 @@ void add_disk_randomness(struct gendisk
|
||||
}
|
||||
#endif
|
||||
|
||||
+/*
|
||||
+ * random_input_words - add bulk entropy to pool
|
||||
+ *
|
||||
+ * @buf: buffer to add
|
||||
+ * @wordcount: number of __u32 words to add
|
||||
+ * @ent_count: total amount of entropy (in bits) to credit
|
||||
+ *
|
||||
+ * this provides bulk input of entropy to the input pool
|
||||
+ *
|
||||
+ */
|
||||
+void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+{
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ /*
|
||||
+ * Wake up waiting processes if we have enough
|
||||
+ * entropy.
|
||||
+ */
|
||||
+ if (input_pool.entropy_count >= random_read_wakeup_thresh)
|
||||
+ wake_up_interruptible(&random_read_wait);
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_words);
|
||||
+
|
||||
+/*
|
||||
+ * random_input_wait - wait until random needs entropy
|
||||
+ *
|
||||
+ * this function sleeps until the /dev/random subsystem actually
|
||||
+ * needs more entropy, and then return the amount of entropy
|
||||
+ * that it would be nice to have added to the system.
|
||||
+ */
|
||||
+int random_input_wait(void)
|
||||
+{
|
||||
+ int count;
|
||||
+
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+
|
||||
+ count = random_write_wakeup_thresh - input_pool.entropy_count;
|
||||
+
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+
|
||||
+ DEBUG_ENT("requesting %d bits from input_wait()er %d<%d\n",
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+
|
||||
+ return count;
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_wait);
|
||||
+
|
||||
+
|
||||
/*********************************************************************
|
||||
*
|
||||
* Entropy extraction routines
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -142,6 +142,7 @@ SYSCALL_DEFINE1(dup, unsigned int, filde
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
+EXPORT_SYMBOL(sys_dup);
|
||||
|
||||
#define SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT | O_NOATIME)
|
||||
|
||||
--- a/include/linux/miscdevice.h
|
||||
+++ b/include/linux/miscdevice.h
|
||||
@@ -18,6 +18,7 @@
|
||||
#define APOLLO_MOUSE_MINOR 7
|
||||
#define PC110PAD_MINOR 9
|
||||
/*#define ADB_MOUSE_MINOR 10 FIXME OBSOLETE */
|
||||
+#define CRYPTODEV_MINOR 70 /* /dev/crypto */
|
||||
#define WATCHDOG_MINOR 130 /* Watchdog timer */
|
||||
#define TEMP_MINOR 131 /* Temperature Sensor */
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -9,6 +9,7 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/ioctl.h>
|
||||
+#include <linux/types.h> /* for __u32 in user space */
|
||||
#include <linux/irqnr.h>
|
||||
|
||||
/* ioctl()'s for the random number generator */
|
||||
@@ -34,6 +35,30 @@
|
||||
/* Clear the entropy pool and associated counters. (Superuser only.) */
|
||||
#define RNDCLEARPOOL _IO( 'R', 0x06 )
|
||||
|
||||
+#ifdef CONFIG_FIPS_RNG
|
||||
+
|
||||
+/* Size of seed value - equal to AES blocksize */
|
||||
+#define AES_BLOCK_SIZE_BYTES 16
|
||||
+#define SEED_SIZE_BYTES AES_BLOCK_SIZE_BYTES
|
||||
+/* Size of AES key */
|
||||
+#define KEY_SIZE_BYTES 16
|
||||
+
|
||||
+/* ioctl() structure used by FIPS 140-2 Tests */
|
||||
+struct rand_fips_test {
|
||||
+ unsigned char key[KEY_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char datetime[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char seed[SEED_SIZE_BYTES]; /* Input */
|
||||
+ unsigned char result[SEED_SIZE_BYTES]; /* Output */
|
||||
+};
|
||||
+
|
||||
+/* FIPS 140-2 RNG Variable Seed Test. (Superuser only.) */
|
||||
+#define RNDFIPSVST _IOWR('R', 0x10, struct rand_fips_test)
|
||||
+
|
||||
+/* FIPS 140-2 RNG Monte Carlo Test. (Superuser only.) */
|
||||
+#define RNDFIPSMCT _IOWR('R', 0x11, struct rand_fips_test)
|
||||
+
|
||||
+#endif /* #ifdef CONFIG_FIPS_RNG */
|
||||
+
|
||||
struct rand_pool_info {
|
||||
int entropy_count;
|
||||
int buf_size;
|
||||
@@ -54,6 +79,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
||||
+extern void random_input_words(__u32 *buf, size_t wordcount, int ent_count);
|
||||
+extern int random_input_wait(void);
|
||||
+#define HAS_RANDOM_INPUT_WAIT 1
|
||||
+
|
||||
extern void get_random_bytes(void *buf, int nbytes);
|
||||
void generate_random_uuid(unsigned char uuid_out[16]);
|
||||
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -427,6 +427,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
133
target/linux/generic/patches-3.0/941-ocf_20110720.patch
Normal file
133
target/linux/generic/patches-3.0/941-ocf_20110720.patch
Normal file
@ -0,0 +1,133 @@
|
||||
--- a/kernel/pid.c
|
||||
+++ b/kernel/pid.c
|
||||
@@ -427,6 +427,7 @@ struct task_struct *find_task_by_vpid(pi
|
||||
{
|
||||
return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
|
||||
}
|
||||
+EXPORT_SYMBOL(find_task_by_vpid);
|
||||
|
||||
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
|
||||
{
|
||||
--- a/drivers/char/random.c
|
||||
+++ b/drivers/char/random.c
|
||||
@@ -130,6 +130,9 @@
|
||||
* void add_interrupt_randomness(int irq);
|
||||
* void add_disk_randomness(struct gendisk *disk);
|
||||
*
|
||||
+ * void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+ * int random_input_wait(void);
|
||||
+ *
|
||||
* add_input_randomness() uses the input layer interrupt timing, as well as
|
||||
* the event type information from the hardware.
|
||||
*
|
||||
@@ -147,6 +150,13 @@
|
||||
* seek times do not make for good sources of entropy, as their seek
|
||||
* times are usually fairly consistent.
|
||||
*
|
||||
+ * random_input_words() just provides a raw block of entropy to the input
|
||||
+ * pool, such as from a hardware entropy generator.
|
||||
+ *
|
||||
+ * random_input_wait() suspends the caller until such time as the
|
||||
+ * entropy pool falls below the write threshold, and returns a count of how
|
||||
+ * much entropy (in bits) is needed to sustain the pool.
|
||||
+ *
|
||||
* All of these routines try to estimate how many bits of randomness a
|
||||
* particular randomness source. They do this by keeping track of the
|
||||
* first and second order deltas of the event timings.
|
||||
@@ -722,6 +732,63 @@ void add_disk_randomness(struct gendisk
|
||||
}
|
||||
#endif
|
||||
|
||||
+/*
|
||||
+ * random_input_words - add bulk entropy to pool
|
||||
+ *
|
||||
+ * @buf: buffer to add
|
||||
+ * @wordcount: number of __u32 words to add
|
||||
+ * @ent_count: total amount of entropy (in bits) to credit
|
||||
+ *
|
||||
+ * this provides bulk input of entropy to the input pool
|
||||
+ *
|
||||
+ */
|
||||
+void random_input_words(__u32 *buf, size_t wordcount, int ent_count)
|
||||
+{
|
||||
+ mix_pool_bytes(&input_pool, buf, wordcount*4);
|
||||
+
|
||||
+ credit_entropy_bits(&input_pool, ent_count);
|
||||
+
|
||||
+ DEBUG_ENT("crediting %d bits => %d\n",
|
||||
+ ent_count, input_pool.entropy_count);
|
||||
+ /*
|
||||
+ * Wake up waiting processes if we have enough
|
||||
+ * entropy.
|
||||
+ */
|
||||
+ if (input_pool.entropy_count >= random_read_wakeup_thresh)
|
||||
+ wake_up_interruptible(&random_read_wait);
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_words);
|
||||
+
|
||||
+/*
|
||||
+ * random_input_wait - wait until random needs entropy
|
||||
+ *
|
||||
+ * this function sleeps until the /dev/random subsystem actually
|
||||
+ * needs more entropy, and then return the amount of entropy
|
||||
+ * that it would be nice to have added to the system.
|
||||
+ */
|
||||
+int random_input_wait(void)
|
||||
+{
|
||||
+ int count;
|
||||
+
|
||||
+ wait_event_interruptible(random_write_wait,
|
||||
+ input_pool.entropy_count < random_write_wakeup_thresh);
|
||||
+
|
||||
+ count = random_write_wakeup_thresh - input_pool.entropy_count;
|
||||
+
|
||||
+ /* likely we got woken up due to a signal */
|
||||
+ if (count <= 0) count = random_read_wakeup_thresh;
|
||||
+
|
||||
+ DEBUG_ENT("requesting %d bits from input_wait()er %d<%d\n",
|
||||
+ count,
|
||||
+ input_pool.entropy_count, random_write_wakeup_thresh);
|
||||
+
|
||||
+ return count;
|
||||
+}
|
||||
+EXPORT_SYMBOL(random_input_wait);
|
||||
+
|
||||
+
|
||||
+#define EXTRACT_SIZE 10
|
||||
+
|
||||
/*********************************************************************
|
||||
*
|
||||
* Entropy extraction routines
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -142,6 +142,7 @@ SYSCALL_DEFINE1(dup, unsigned int, filde
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
+EXPORT_SYMBOL(sys_dup);
|
||||
|
||||
#define SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT | O_NOATIME)
|
||||
|
||||
--- a/include/linux/miscdevice.h
|
||||
+++ b/include/linux/miscdevice.h
|
||||
@@ -18,6 +18,7 @@
|
||||
#define APOLLO_MOUSE_MINOR 7
|
||||
#define PC110PAD_MINOR 9
|
||||
/*#define ADB_MOUSE_MINOR 10 FIXME OBSOLETE */
|
||||
+#define CRYPTODEV_MINOR 70 /* /dev/crypto */
|
||||
#define WATCHDOG_MINOR 130 /* Watchdog timer */
|
||||
#define TEMP_MINOR 131 /* Temperature Sensor */
|
||||
#define RTC_MINOR 135
|
||||
--- a/include/linux/random.h
|
||||
+++ b/include/linux/random.h
|
||||
@@ -54,6 +54,10 @@ extern void add_input_randomness(unsigne
|
||||
unsigned int value);
|
||||
extern void add_interrupt_randomness(int irq);
|
||||
|
||||
+extern void random_input_words(__u32 *buf, size_t wordcount, int ent_count);
|
||||
+extern int random_input_wait(void);
|
||||
+#define HAS_RANDOM_INPUT_WAIT 1
|
||||
+
|
||||
extern void get_random_bytes(void *buf, int nbytes);
|
||||
void generate_random_uuid(unsigned char uuid_out[16]);
|
||||
|
Loading…
Reference in New Issue
Block a user