Author: sef Date: Wed Feb 27 19:27:16 2019 New Revision: 344630 URL: https://svnweb.freebsd.org/changeset/base/344630
Log: Have cryptocheck toggle kern.cryptodevallowsoft if necessary (this requires root access). Reviewed by: cem, jhb Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D19372 Modified: head/tools/tools/crypto/cryptocheck.c Modified: head/tools/tools/crypto/cryptocheck.c ============================================================================== --- head/tools/tools/crypto/cryptocheck.c Wed Feb 27 18:13:41 2019 (r344629) +++ head/tools/tools/crypto/cryptocheck.c Wed Feb 27 19:27:16 2019 (r344630) @@ -111,6 +111,7 @@ */ #include <sys/param.h> +#include <sys/sysctl.h> #include <assert.h> #include <err.h> #include <fcntl.h> @@ -275,13 +276,41 @@ devcrypto(void) return (fd); } +/* + * Called on exit to change kern.cryptodevallowsoft back to 0 + */ +#define CRYPT_SOFT_ALLOW "kern.cryptodevallowsoft" + +static void +reset_user_soft(void) +{ + int off = 0; + sysctlbyname(CRYPT_SOFT_ALLOW, NULL, NULL, &off, sizeof(off)); +} + +static void +enable_user_soft(void) +{ + int curstate; + int on = 1; + size_t cursize = sizeof(curstate); + + if (sysctlbyname(CRYPT_SOFT_ALLOW, &curstate, &cursize, + &on, sizeof(on)) == 0) { + if (curstate == 0) + atexit(reset_user_soft); + } +} + static int crlookup(const char *devname) { struct crypt_find_op find; - if (strncmp(devname, "soft", 4) == 0) + if (strncmp(devname, "soft", 4) == 0) { + enable_user_soft(); return CRYPTO_FLAG_SOFTWARE; + } find.crid = -1; strlcpy(find.name, devname, sizeof(find.name)); _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
