Author: jhb
Date: Thu Feb 15 21:27:24 2018
New Revision: 329343
URL: https://svnweb.freebsd.org/changeset/base/329343
Log:
MFC 318090,319475: Use const with some read-only buffers in opencrypto APIs.
318090:
Use const with some read-only buffers in opencrypto APIs.
- Mark the source buffer for a copyback operation as const in the kernel
API.
- Use const with input-only buffers in crypto ioctl structures used with
/dev/crypto.
319475:
Fix some new errors and a warning in cryptotest.
- Use a new 'char *key' to allocate storage for keys and assign the
pointer to the session2_op 'const char *' members after the key is
initialized.
- Mark the 'find' variable used in crfind() static so that crfind()
doesn't return a pointer to stack garbage.
Sponsored by: Chelsio Communications
Modified:
stable/11/sys/opencrypto/criov.c
stable/11/sys/opencrypto/cryptodev.h
stable/11/tools/tools/crypto/cryptotest.c
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/sys/opencrypto/criov.c
==============================================================================
--- stable/11/sys/opencrypto/criov.c Thu Feb 15 21:24:43 2018
(r329342)
+++ stable/11/sys/opencrypto/criov.c Thu Feb 15 21:27:24 2018
(r329343)
@@ -79,7 +79,7 @@ cuio_copydata(struct uio* uio, int off, int len, caddr
}
void
-cuio_copyback(struct uio* uio, int off, int len, caddr_t cp)
+cuio_copyback(struct uio* uio, int off, int len, c_caddr_t cp)
{
struct iovec *iov = uio->uio_iov;
int iol = uio->uio_iovcnt;
@@ -155,7 +155,7 @@ cuio_apply(struct uio *uio, int off, int len, int (*f)
}
void
-crypto_copyback(int flags, caddr_t buf, int off, int size, caddr_t in)
+crypto_copyback(int flags, caddr_t buf, int off, int size, c_caddr_t in)
{
if ((flags & CRYPTO_F_IMBUF) != 0)
Modified: stable/11/sys/opencrypto/cryptodev.h
==============================================================================
--- stable/11/sys/opencrypto/cryptodev.h Thu Feb 15 21:24:43 2018
(r329342)
+++ stable/11/sys/opencrypto/cryptodev.h Thu Feb 15 21:27:24 2018
(r329343)
@@ -211,9 +211,9 @@ struct session_op {
u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
u_int32_t keylen; /* cipher key */
- caddr_t key;
+ c_caddr_t key;
int mackeylen; /* mac key */
- caddr_t mackey;
+ c_caddr_t mackey;
u_int32_t ses; /* returns: session # */
};
@@ -223,9 +223,9 @@ struct session2_op {
u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
u_int32_t keylen; /* cipher key */
- caddr_t key;
+ c_caddr_t key;
int mackeylen; /* mac key */
- caddr_t mackey;
+ c_caddr_t mackey;
u_int32_t ses; /* returns: session # */
int crid; /* driver id + flags (rw) */
@@ -240,9 +240,10 @@ struct crypt_op {
u_int16_t flags;
#define COP_F_BATCH 0x0008 /* Batch op if possible */
u_int len;
- caddr_t src, dst; /* become iov[] inside kernel */
+ c_caddr_t src; /* become iov[] inside kernel */
+ caddr_t dst;
caddr_t mac; /* must be big enough for chosen MAC */
- caddr_t iv;
+ c_caddr_t iv;
};
/* op and flags the same as crypt_op */
@@ -253,10 +254,11 @@ struct crypt_aead {
u_int len;
u_int aadlen;
u_int ivlen;
- caddr_t src, dst; /* become iov[] inside kernel */
- caddr_t aad; /* additional authenticated data */
+ c_caddr_t src; /* become iov[] inside kernel */
+ caddr_t dst;
+ c_caddr_t aad; /* additional authenticated data */
caddr_t tag; /* must fit for chosen TAG length */
- caddr_t iv;
+ c_caddr_t iv;
};
/*
@@ -503,7 +505,7 @@ extern int crypto_devallowsoft; /* only use
hardware c
*/
struct uio;
extern void cuio_copydata(struct uio* uio, int off, int len, caddr_t cp);
-extern void cuio_copyback(struct uio* uio, int off, int len, caddr_t cp);
+extern void cuio_copyback(struct uio* uio, int off, int len, c_caddr_t cp);
extern int cuio_getptr(struct uio *uio, int loc, int *off);
extern int cuio_apply(struct uio *uio, int off, int len,
int (*f)(void *, void *, u_int), void *arg);
@@ -514,7 +516,7 @@ extern int crypto_mbuftoiov(struct mbuf *mbuf, struct
int *cnt, int *allocated);
extern void crypto_copyback(int flags, caddr_t buf, int off, int size,
- caddr_t in);
+ c_caddr_t in);
extern void crypto_copydata(int flags, caddr_t buf, int off, int size,
caddr_t out);
extern int crypto_apply(int flags, caddr_t buf, int off, int len,
Modified: stable/11/tools/tools/crypto/cryptotest.c
==============================================================================
--- stable/11/tools/tools/crypto/cryptotest.c Thu Feb 15 21:24:43 2018
(r329342)
+++ stable/11/tools/tools/crypto/cryptotest.c Thu Feb 15 21:27:24 2018
(r329343)
@@ -216,7 +216,7 @@ crlookup(const char *devname)
const char *
crfind(int crid)
{
- struct crypt_find_op find;
+ static struct crypt_find_op find;
bzero(&find, sizeof(find));
find.crid = crid;
@@ -252,7 +252,7 @@ runtest(struct alg *alg, int count, int size, u_long c
{
int i, fd = crget();
struct timeval start, stop, dt;
- char *cleartext, *ciphertext, *originaltext;
+ char *cleartext, *ciphertext, *originaltext, *key;
struct session2_op sop;
struct crypt_op cop;
char iv[EALG_MAX_BLOCK_LEN];
@@ -260,19 +260,21 @@ runtest(struct alg *alg, int count, int size, u_long c
bzero(&sop, sizeof(sop));
if (!alg->ishash) {
sop.keylen = (alg->minkeylen + alg->maxkeylen)/2;
- sop.key = (char *) malloc(sop.keylen);
- if (sop.key == NULL)
+ key = (char *) malloc(sop.keylen);
+ if (key == NULL)
err(1, "malloc (key)");
for (i = 0; i < sop.keylen; i++)
- sop.key[i] = rdigit();
+ key[i] = rdigit();
+ sop.key = key;
sop.cipher = alg->code;
} else {
sop.mackeylen = (alg->minkeylen + alg->maxkeylen)/2;
- sop.mackey = (char *) malloc(sop.mackeylen);
- if (sop.mackey == NULL)
+ key = (char *) malloc(sop.mackeylen);
+ if (key == NULL)
err(1, "malloc (mac)");
for (i = 0; i < sop.mackeylen; i++)
- sop.mackey[i] = rdigit();
+ key[i] = rdigit();
+ sop.mackey = key;
sop.mac = alg->code;
}
sop.crid = crid;
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
