Tony MacDoodle wrote:
I would like to know if a web application is using the onboard crypto
units or not in some sort of script......
Is the app single process or group of processes ? Also, which language ?
What sort of mechanisms (symmetric/asymmetric/digest/RNG) are you
interested in ?
Here's simple example for observing digest operations made by single
process:
fbt:crypto:digest_init:entry
/curpsinfo->pr_pid == $target/
{
self->t = 1;
}
fbt:kcf:kcf_get_hardware_provider:entry
/self->t/
{
self->new = arg2;
}
fbt:kcf:kcf_get_hardware_provider:return
/self->new/
{
self->p = *(kcf_provider_desc_t **)(self->new);
printf("%s", stringof(((kcf_provider_desc_t
*)(self->p))->pd_name));
self->p = 0;
self->new = 0;
}
This can be easily extended to check 'pd_prov_type ==
CRYPTO_HW_PROVIDER' in the last probe and/or following the request up to
kcf_submit_request() to be absolutely sure this is a hardware provider
but for quick verification this is not necessary given we're following
the ioctl() path (pkcs11_kernel.so only goes to kernel if there is at
least one HW provider capable of processing the request and not
blacklisted by cryptoadm(1M) policy configuration).
For example on a T5120 machine (assuming /etc/password is not too big):
# dtrace -q -s digest-kcf.d -c "/usr/bin/digest -a md5 /etc/passwd"
092828140ffbd5f5140eea8d3098dda2
n2cp
Which means that in this case n2cp driver was used for submitting the
request to the hardware.
v.
_______________________________________________
dtrace-discuss mailing list
dtrace-discuss@opensolaris.org
