diff options
author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2017-04-04 09:36:57 +0200 |
---|---|---|
committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2017-04-04 14:46:23 +0200 |
commit | de8a76da2f374792594ce03a203b3f30e4889f6f (patch) | |
tree | 12b5e1e59358005c3c522955c08aee4795e4829c /freebsd/sys/opencrypto/crypto.c | |
parent | Enable bridging by default (diff) | |
download | rtems-libbsd-de8a76da2f374792594ce03a203b3f30e4889f6f.tar.bz2 |
Update to FreeBSD head 2017-04-04
Git mirror commit 642b174daddbd0efd9bb5f242c43f4ab4db6869f.
Diffstat (limited to 'freebsd/sys/opencrypto/crypto.c')
-rw-r--r-- | freebsd/sys/opencrypto/crypto.c | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/freebsd/sys/opencrypto/crypto.c b/freebsd/sys/opencrypto/crypto.c index 2d9787bd..f5119aa6 100644 --- a/freebsd/sys/opencrypto/crypto.c +++ b/freebsd/sys/opencrypto/crypto.c @@ -65,6 +65,7 @@ __FBSDID("$FreeBSD$"); #include <sys/eventhandler.h> #include <sys/kernel.h> #include <sys/kthread.h> +#include <sys/linker.h> #include <rtems/bsd/sys/lock.h> #include <sys/module.h> #include <sys/mutex.h> @@ -76,6 +77,7 @@ __FBSDID("$FreeBSD$"); #include <ddb/ddb.h> #include <vm/uma.h> +#include <crypto/intake.h> #include <opencrypto/cryptodev.h> #include <opencrypto/xform.h> /* XXX for M_XDATA */ @@ -188,6 +190,37 @@ SYSCTL_INT(_debug, OID_AUTO, crypto_timing, CTLFLAG_RW, &crypto_timing, 0, "Enable/disable crypto timing support"); #endif +/* Try to avoid directly exposing the key buffer as a symbol */ +static struct keybuf *keybuf; + +static struct keybuf empty_keybuf = { + .kb_nents = 0 +}; + +/* Obtain the key buffer from boot metadata */ +static void +keybuf_init(void) +{ + caddr_t kmdp; + + kmdp = preload_search_by_type("elf kernel"); + + if (kmdp == NULL) + kmdp = preload_search_by_type("elf64 kernel"); + + keybuf = (struct keybuf *)preload_search_info(kmdp, + MODINFO_METADATA | MODINFOMD_KEYBUF); + + if (keybuf == NULL) + keybuf = &empty_keybuf; +} + +/* It'd be nice if we could store these in some kind of secure memory... */ +struct keybuf * get_keybuf(void) { + + return (keybuf); +} + static int crypto_init(void) { @@ -240,6 +273,9 @@ crypto_init(void) error); goto bad; } + + keybuf_init(); + return 0; bad: crypto_destroy(); @@ -289,7 +325,7 @@ crypto_destroy(void) /* XXX flush queues??? */ - /* + /* * Reclaim dynamically allocated resources. */ if (crypto_drivers != NULL) |