From 2e08e39ff53a55f7ba5db298069b00a9e73f2dc3 Mon Sep 17 00:00:00 2001 From: Conrad Meyer Date: Fri, 13 Jul 2018 23:46:07 +0000 Subject: [PATCH] OCF: Add a typedef for session identifiers No functional change. This should ease the transition from an integer session identifier model to an opaque pointer model. --- sys/netipsec/ipsec.c | 5 +++-- sys/netipsec/ipsec.h | 2 +- sys/netipsec/keydb.h | 3 ++- sys/netipsec/xform.h | 2 +- sys/netipsec/xform_ah.c | 8 ++++---- sys/netipsec/xform_esp.c | 9 +++++---- sys/netipsec/xform_ipcomp.c | 4 ++-- sys/opencrypto/_cryptodev.h | 8 ++++++++ sys/opencrypto/crypto.c | 6 +++--- sys/opencrypto/cryptodev.c | 8 ++++---- sys/opencrypto/cryptodev.h | 10 +++++++--- sys/opencrypto/cryptodev_if.m | 2 +- 12 files changed, 41 insertions(+), 26 deletions(-) create mode 100644 sys/opencrypto/_cryptodev.h diff --git a/sys/netipsec/ipsec.c b/sys/netipsec/ipsec.c index 5097b94a8d9..70485894c52 100644 --- a/sys/netipsec/ipsec.c +++ b/sys/netipsec/ipsec.c @@ -1322,9 +1322,10 @@ ok: } int -ipsec_updateid(struct secasvar *sav, uint64_t *new, uint64_t *old) +ipsec_updateid(struct secasvar *sav, crypto_session_t *new, + crypto_session_t *old) { - uint64_t tmp; + crypto_session_t tmp; /* * tdb_cryptoid is initialized by xform_init(). diff --git a/sys/netipsec/ipsec.h b/sys/netipsec/ipsec.h index 02fd96d32f4..0124b12c20c 100644 --- a/sys/netipsec/ipsec.h +++ b/sys/netipsec/ipsec.h @@ -332,7 +332,7 @@ int udp_ipsec_pcbctl(struct inpcb *, struct sockopt *); int ipsec_chkreplay(uint32_t, struct secasvar *); int ipsec_updatereplay(uint32_t, struct secasvar *); -int ipsec_updateid(struct secasvar *, uint64_t *, uint64_t *); +int ipsec_updateid(struct secasvar *, crypto_session_t *, crypto_session_t *); int ipsec_initialized(void); void ipsec_setspidx_inpcb(struct inpcb *, struct secpolicyindex *, u_int); diff --git a/sys/netipsec/keydb.h b/sys/netipsec/keydb.h index 19eae7673fe..6993b4e4ff1 100644 --- a/sys/netipsec/keydb.h +++ b/sys/netipsec/keydb.h @@ -41,6 +41,7 @@ #include #include +#include #ifndef _SOCKADDR_UNION_DEFINED #define _SOCKADDR_UNION_DEFINED @@ -162,7 +163,7 @@ struct secasvar { const struct enc_xform *tdb_encalgxform;/* encoding algorithm */ const struct auth_hash *tdb_authalgxform;/* authentication algorithm */ const struct comp_algo *tdb_compalgxform;/* compression algorithm */ - uint64_t tdb_cryptoid; /* crypto session id */ + crypto_session_t tdb_cryptoid; /* crypto session */ uint8_t alg_auth; /* Authentication Algorithm Identifier*/ uint8_t alg_enc; /* Cipher Algorithm Identifier */ diff --git a/sys/netipsec/xform.h b/sys/netipsec/xform.h index 2720f72af3f..389d0b66850 100644 --- a/sys/netipsec/xform.h +++ b/sys/netipsec/xform.h @@ -71,7 +71,7 @@ struct xform_history { struct xform_data { struct secpolicy *sp; /* security policy */ struct secasvar *sav; /* related SA */ - uint64_t cryptoid; /* used crypto session id */ + crypto_session_t cryptoid; /* used crypto session */ u_int idx; /* IPsec request index */ int protoff; /* current protocol offset */ int skip; /* data offset */ diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c index 1be268fc5c1..2e7ce26c5b0 100644 --- a/sys/netipsec/xform_ah.c +++ b/sys/netipsec/xform_ah.c @@ -544,7 +544,7 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) struct cryptop *crp; struct xform_data *xd; struct newah *ah; - uint64_t cryptoid; + crypto_session_t cryptoid; int hl, rplen, authsize, ahsize, error; IPSEC_ASSERT(sav != NULL, ("null SA")); @@ -699,7 +699,7 @@ ah_input_cb(struct cryptop *crp) struct secasvar *sav; struct secasindex *saidx; caddr_t ptr; - uint64_t cryptoid; + crypto_session_t cryptoid; int authsize, rplen, ahsize, error, skip, protoff; uint8_t nxt; @@ -849,7 +849,7 @@ ah_output(struct mbuf *m, struct secpolicy *sp, struct secasvar *sav, struct mbuf *mi; struct cryptop *crp; struct newah *ah; - uint64_t cryptoid; + crypto_session_t cryptoid; uint16_t iplen; int error, rplen, authsize, ahsize, maxpacketsize, roff; uint8_t prot; @@ -1082,7 +1082,7 @@ ah_output_cb(struct cryptop *crp) struct secpolicy *sp; struct secasvar *sav; struct mbuf *m; - uint64_t cryptoid; + crypto_session_t cryptoid; caddr_t ptr; u_int idx; int skip, error; diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c index c6212e41a82..9e48311ddc0 100644 --- a/sys/netipsec/xform_esp.c +++ b/sys/netipsec/xform_esp.c @@ -271,7 +271,7 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) struct cryptop *crp; struct newesp *esp; uint8_t *ivp; - uint64_t cryptoid; + crypto_session_t cryptoid; int alen, error, hlen, plen; IPSEC_ASSERT(sav != NULL, ("null SA")); @@ -448,7 +448,7 @@ esp_input_cb(struct cryptop *crp) struct secasvar *sav; struct secasindex *saidx; caddr_t ptr; - uint64_t cryptoid; + crypto_session_t cryptoid; int hlen, skip, protoff, error, alen; crd = crp->crp_desc; @@ -637,7 +637,8 @@ esp_output(struct mbuf *m, struct secpolicy *sp, struct secasvar *sav, struct secasindex *saidx; unsigned char *pad; uint8_t *ivp; - uint64_t cntr, cryptoid; + uint64_t cntr; + crypto_session_t cryptoid; int hlen, rlen, padding, blks, alen, i, roff; int error, maxpacketsize; uint8_t prot; @@ -883,7 +884,7 @@ esp_output_cb(struct cryptop *crp) struct secpolicy *sp; struct secasvar *sav; struct mbuf *m; - uint64_t cryptoid; + crypto_session_t cryptoid; u_int idx; int error; diff --git a/sys/netipsec/xform_ipcomp.c b/sys/netipsec/xform_ipcomp.c index 7a4a630bb69..2b02091e9d8 100644 --- a/sys/netipsec/xform_ipcomp.c +++ b/sys/netipsec/xform_ipcomp.c @@ -280,7 +280,7 @@ ipcomp_input_cb(struct cryptop *crp) struct secasvar *sav; struct secasindex *saidx; caddr_t addr; - uint64_t cryptoid; + crypto_session_t cryptoid; int hlen = IPCOMP_HLENGTH, error, clen; int skip, protoff; uint8_t nproto; @@ -531,7 +531,7 @@ ipcomp_output_cb(struct cryptop *crp) struct secpolicy *sp; struct secasvar *sav; struct mbuf *m; - uint64_t cryptoid; + crypto_session_t cryptoid; u_int idx; int error, skip, protoff; diff --git a/sys/opencrypto/_cryptodev.h b/sys/opencrypto/_cryptodev.h new file mode 100644 index 00000000000..4db897eab3e --- /dev/null +++ b/sys/opencrypto/_cryptodev.h @@ -0,0 +1,8 @@ +/* + * This trivial work is released to the public domain, or licensed under the + * terms of the CC0, at your option. + * $FreeBSD$ + */ +#pragma once + +typedef __uint64_t crypto_session_t; diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c index 79abc050764..fd406019478 100644 --- a/sys/opencrypto/crypto.c +++ b/sys/opencrypto/crypto.c @@ -488,7 +488,7 @@ again: * must be capable of the requested crypto algorithms. */ int -crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int crid) +crypto_newsession(crypto_session_t *sid, struct cryptoini *cri, int crid) { struct cryptocap *cap; u_int32_t hid, lid; @@ -548,7 +548,7 @@ crypto_remove(struct cryptocap *cap) * driver). */ int -crypto_freesession(u_int64_t sid) +crypto_freesession(crypto_session_t sid) { struct cryptocap *cap; u_int32_t hid; @@ -1162,7 +1162,7 @@ crypto_invoke(struct cryptocap *cap, struct cryptop *crp, int hint) #endif if (cap->cc_flags & CRYPTOCAP_F_CLEANUP) { struct cryptodesc *crd; - u_int64_t nid; + crypto_session_t nid; /* * Driver has unregistered; migrate the session and return diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c index 605cc081863..c1c882a5e41 100644 --- a/sys/opencrypto/cryptodev.c +++ b/sys/opencrypto/cryptodev.c @@ -265,7 +265,7 @@ crypt_kop_to_32(const struct crypt_kop *from, struct crypt_kop32 *to) struct csession { TAILQ_ENTRY(csession) next; - u_int64_t sid; + crypto_session_t sid; u_int32_t ses; struct mtx lock; /* for op submission */ @@ -320,7 +320,7 @@ static struct fileops cryptofops = { static struct csession *csefind(struct fcrypt *, u_int); static int csedelete(struct fcrypt *, struct csession *); static struct csession *cseadd(struct fcrypt *, struct csession *); -static struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, +static struct csession *csecreate(struct fcrypt *, crypto_session_t, caddr_t, u_int64_t, caddr_t, u_int64_t, u_int32_t, u_int32_t, struct enc_xform *, struct auth_hash *); static int csefree(struct csession *); @@ -378,7 +378,7 @@ cryptof_ioctl( struct enc_xform *txform = NULL; struct auth_hash *thash = NULL; struct crypt_kop *kop; - u_int64_t sid; + crypto_session_t sid; u_int32_t ses; int error = 0, crid; #ifdef COMPAT_FREEBSD32 @@ -1350,7 +1350,7 @@ cseadd(struct fcrypt *fcr, struct csession *cse) } struct csession * -csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen, +csecreate(struct fcrypt *fcr, crypto_session_t sid, caddr_t key, u_int64_t keylen, caddr_t mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac, struct enc_xform *txform, struct auth_hash *thash) { diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h index 33ab58818f4..e488f82de01 100644 --- a/sys/opencrypto/cryptodev.h +++ b/sys/opencrypto/cryptodev.h @@ -65,6 +65,10 @@ #include #include +#ifdef _KERNEL +#include +#endif + /* Some initial values */ #define CRYPTO_DRIVERS_INITIAL 4 #define CRYPTO_SW_SESSIONS 32 @@ -408,7 +412,7 @@ struct cryptop { struct task crp_task; - u_int64_t crp_sid; /* Session ID */ + crypto_session_t crp_sid; /* Session ID */ int crp_ilen; /* Input data total length */ int crp_olen; /* Result total length */ @@ -502,8 +506,8 @@ struct cryptkop { MALLOC_DECLARE(M_CRYPTO_DATA); -extern int crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard); -extern int crypto_freesession(u_int64_t sid); +extern int crypto_newsession(crypto_session_t *sid, struct cryptoini *cri, int hard); +extern int crypto_freesession(crypto_session_t sid); #define CRYPTOCAP_F_HARDWARE CRYPTO_FLAG_HARDWARE #define CRYPTOCAP_F_SOFTWARE CRYPTO_FLAG_SOFTWARE #define CRYPTOCAP_F_SYNC 0x04000000 /* operates synchronously */ diff --git a/sys/opencrypto/cryptodev_if.m b/sys/opencrypto/cryptodev_if.m index c7d48cc602b..b22dcfb4091 100644 --- a/sys/opencrypto/cryptodev_if.m +++ b/sys/opencrypto/cryptodev_if.m @@ -39,7 +39,7 @@ METHOD int newsession { METHOD int freesession { device_t dev; - uint64_t sid; + crypto_session_t sid; }; METHOD int process {