diff --git a/sys/netipsec/ipsec.c b/sys/netipsec/ipsec.c index 5097b94a8d91..70485894c521 100644 --- a/sys/netipsec/ipsec.c +++ b/sys/netipsec/ipsec.c @@ -1322,9 +1322,10 @@ ipsec_updatereplay(uint32_t seq, struct secasvar *sav) } int -ipsec_updateid(struct secasvar *sav, uint64_t *new, uint64_t *old) +ipsec_updateid(struct secasvar *sav, crypto_session_t *new, + crypto_session_t *old) { - uint64_t tmp; + crypto_session_t tmp; /* * tdb_cryptoid is initialized by xform_init(). diff --git a/sys/netipsec/ipsec.h b/sys/netipsec/ipsec.h index 02fd96d32f42..0124b12c20cd 100644 --- a/sys/netipsec/ipsec.h +++ b/sys/netipsec/ipsec.h @@ -332,7 +332,7 @@ int udp_ipsec_pcbctl(struct inpcb *, struct sockopt *); int ipsec_chkreplay(uint32_t, struct secasvar *); int ipsec_updatereplay(uint32_t, struct secasvar *); -int ipsec_updateid(struct secasvar *, uint64_t *, uint64_t *); +int ipsec_updateid(struct secasvar *, crypto_session_t *, crypto_session_t *); int ipsec_initialized(void); void ipsec_setspidx_inpcb(struct inpcb *, struct secpolicyindex *, u_int); diff --git a/sys/netipsec/keydb.h b/sys/netipsec/keydb.h index 19eae7673fe2..6993b4e4ff1d 100644 --- a/sys/netipsec/keydb.h +++ b/sys/netipsec/keydb.h @@ -41,6 +41,7 @@ #include #include +#include #ifndef _SOCKADDR_UNION_DEFINED #define _SOCKADDR_UNION_DEFINED @@ -162,7 +163,7 @@ struct secasvar { const struct enc_xform *tdb_encalgxform;/* encoding algorithm */ const struct auth_hash *tdb_authalgxform;/* authentication algorithm */ const struct comp_algo *tdb_compalgxform;/* compression algorithm */ - uint64_t tdb_cryptoid; /* crypto session id */ + crypto_session_t tdb_cryptoid; /* crypto session */ uint8_t alg_auth; /* Authentication Algorithm Identifier*/ uint8_t alg_enc; /* Cipher Algorithm Identifier */ diff --git a/sys/netipsec/xform.h b/sys/netipsec/xform.h index 2720f72af3f2..389d0b66850b 100644 --- a/sys/netipsec/xform.h +++ b/sys/netipsec/xform.h @@ -71,7 +71,7 @@ struct xform_history { struct xform_data { struct secpolicy *sp; /* security policy */ struct secasvar *sav; /* related SA */ - uint64_t cryptoid; /* used crypto session id */ + crypto_session_t cryptoid; /* used crypto session */ u_int idx; /* IPsec request index */ int protoff; /* current protocol offset */ int skip; /* data offset */ diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c index 1be268fc5c16..2e7ce26c5b05 100644 --- a/sys/netipsec/xform_ah.c +++ b/sys/netipsec/xform_ah.c @@ -544,7 +544,7 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) struct cryptop *crp; struct xform_data *xd; struct newah *ah; - uint64_t cryptoid; + crypto_session_t cryptoid; int hl, rplen, authsize, ahsize, error; IPSEC_ASSERT(sav != NULL, ("null SA")); @@ -699,7 +699,7 @@ ah_input_cb(struct cryptop *crp) struct secasvar *sav; struct secasindex *saidx; caddr_t ptr; - uint64_t cryptoid; + crypto_session_t cryptoid; int authsize, rplen, ahsize, error, skip, protoff; uint8_t nxt; @@ -849,7 +849,7 @@ ah_output(struct mbuf *m, struct secpolicy *sp, struct secasvar *sav, struct mbuf *mi; struct cryptop *crp; struct newah *ah; - uint64_t cryptoid; + crypto_session_t cryptoid; uint16_t iplen; int error, rplen, authsize, ahsize, maxpacketsize, roff; uint8_t prot; @@ -1082,7 +1082,7 @@ ah_output_cb(struct cryptop *crp) struct secpolicy *sp; struct secasvar *sav; struct mbuf *m; - uint64_t cryptoid; + crypto_session_t cryptoid; caddr_t ptr; u_int idx; int skip, error; diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c index c6212e41a82e..9e48311ddc0d 100644 --- a/sys/netipsec/xform_esp.c +++ b/sys/netipsec/xform_esp.c @@ -271,7 +271,7 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) struct cryptop *crp; struct newesp *esp; uint8_t *ivp; - uint64_t cryptoid; + crypto_session_t cryptoid; int alen, error, hlen, plen; IPSEC_ASSERT(sav != NULL, ("null SA")); @@ -448,7 +448,7 @@ esp_input_cb(struct cryptop *crp) struct secasvar *sav; struct secasindex *saidx; caddr_t ptr; - uint64_t cryptoid; + crypto_session_t cryptoid; int hlen, skip, protoff, error, alen; crd = crp->crp_desc; @@ -637,7 +637,8 @@ esp_output(struct mbuf *m, struct secpolicy *sp, struct secasvar *sav, struct secasindex *saidx; unsigned char *pad; uint8_t *ivp; - uint64_t cntr, cryptoid; + uint64_t cntr; + crypto_session_t cryptoid; int hlen, rlen, padding, blks, alen, i, roff; int error, maxpacketsize; uint8_t prot; @@ -883,7 +884,7 @@ esp_output_cb(struct cryptop *crp) struct secpolicy *sp; struct secasvar *sav; struct mbuf *m; - uint64_t cryptoid; + crypto_session_t cryptoid; u_int idx; int error; diff --git a/sys/netipsec/xform_ipcomp.c b/sys/netipsec/xform_ipcomp.c index 7a4a630bb693..2b02091e9d81 100644 --- a/sys/netipsec/xform_ipcomp.c +++ b/sys/netipsec/xform_ipcomp.c @@ -280,7 +280,7 @@ ipcomp_input_cb(struct cryptop *crp) struct secasvar *sav; struct secasindex *saidx; caddr_t addr; - uint64_t cryptoid; + crypto_session_t cryptoid; int hlen = IPCOMP_HLENGTH, error, clen; int skip, protoff; uint8_t nproto; @@ -531,7 +531,7 @@ ipcomp_output_cb(struct cryptop *crp) struct secpolicy *sp; struct secasvar *sav; struct mbuf *m; - uint64_t cryptoid; + crypto_session_t cryptoid; u_int idx; int error, skip, protoff; diff --git a/sys/opencrypto/_cryptodev.h b/sys/opencrypto/_cryptodev.h new file mode 100644 index 000000000000..4db897eab3e7 --- /dev/null +++ b/sys/opencrypto/_cryptodev.h @@ -0,0 +1,8 @@ +/* + * This trivial work is released to the public domain, or licensed under the + * terms of the CC0, at your option. + * $FreeBSD$ + */ +#pragma once + +typedef __uint64_t crypto_session_t; diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c index 79abc050764f..fd4060194786 100644 --- a/sys/opencrypto/crypto.c +++ b/sys/opencrypto/crypto.c @@ -488,7 +488,7 @@ crypto_select_driver(const struct cryptoini *cri, int flags) * must be capable of the requested crypto algorithms. */ int -crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int crid) +crypto_newsession(crypto_session_t *sid, struct cryptoini *cri, int crid) { struct cryptocap *cap; u_int32_t hid, lid; @@ -548,7 +548,7 @@ crypto_remove(struct cryptocap *cap) * driver). */ int -crypto_freesession(u_int64_t sid) +crypto_freesession(crypto_session_t sid) { struct cryptocap *cap; u_int32_t hid; @@ -1162,7 +1162,7 @@ crypto_invoke(struct cryptocap *cap, struct cryptop *crp, int hint) #endif if (cap->cc_flags & CRYPTOCAP_F_CLEANUP) { struct cryptodesc *crd; - u_int64_t nid; + crypto_session_t nid; /* * Driver has unregistered; migrate the session and return diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c index 605cc0818636..c1c882a5e41e 100644 --- a/sys/opencrypto/cryptodev.c +++ b/sys/opencrypto/cryptodev.c @@ -265,7 +265,7 @@ crypt_kop_to_32(const struct crypt_kop *from, struct crypt_kop32 *to) struct csession { TAILQ_ENTRY(csession) next; - u_int64_t sid; + crypto_session_t sid; u_int32_t ses; struct mtx lock; /* for op submission */ @@ -320,7 +320,7 @@ static struct fileops cryptofops = { static struct csession *csefind(struct fcrypt *, u_int); static int csedelete(struct fcrypt *, struct csession *); static struct csession *cseadd(struct fcrypt *, struct csession *); -static struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, +static struct csession *csecreate(struct fcrypt *, crypto_session_t, caddr_t, u_int64_t, caddr_t, u_int64_t, u_int32_t, u_int32_t, struct enc_xform *, struct auth_hash *); static int csefree(struct csession *); @@ -378,7 +378,7 @@ cryptof_ioctl( struct enc_xform *txform = NULL; struct auth_hash *thash = NULL; struct crypt_kop *kop; - u_int64_t sid; + crypto_session_t sid; u_int32_t ses; int error = 0, crid; #ifdef COMPAT_FREEBSD32 @@ -1350,7 +1350,7 @@ cseadd(struct fcrypt *fcr, struct csession *cse) } struct csession * -csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen, +csecreate(struct fcrypt *fcr, crypto_session_t sid, caddr_t key, u_int64_t keylen, caddr_t mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac, struct enc_xform *txform, struct auth_hash *thash) { diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h index 33ab58818f4c..e488f82de01f 100644 --- a/sys/opencrypto/cryptodev.h +++ b/sys/opencrypto/cryptodev.h @@ -65,6 +65,10 @@ #include #include +#ifdef _KERNEL +#include +#endif + /* Some initial values */ #define CRYPTO_DRIVERS_INITIAL 4 #define CRYPTO_SW_SESSIONS 32 @@ -408,7 +412,7 @@ struct cryptop { struct task crp_task; - u_int64_t crp_sid; /* Session ID */ + crypto_session_t crp_sid; /* Session ID */ int crp_ilen; /* Input data total length */ int crp_olen; /* Result total length */ @@ -502,8 +506,8 @@ struct cryptkop { MALLOC_DECLARE(M_CRYPTO_DATA); -extern int crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard); -extern int crypto_freesession(u_int64_t sid); +extern int crypto_newsession(crypto_session_t *sid, struct cryptoini *cri, int hard); +extern int crypto_freesession(crypto_session_t sid); #define CRYPTOCAP_F_HARDWARE CRYPTO_FLAG_HARDWARE #define CRYPTOCAP_F_SOFTWARE CRYPTO_FLAG_SOFTWARE #define CRYPTOCAP_F_SYNC 0x04000000 /* operates synchronously */ diff --git a/sys/opencrypto/cryptodev_if.m b/sys/opencrypto/cryptodev_if.m index c7d48cc602b2..b22dcfb40915 100644 --- a/sys/opencrypto/cryptodev_if.m +++ b/sys/opencrypto/cryptodev_if.m @@ -39,7 +39,7 @@ METHOD int newsession { METHOD int freesession { device_t dev; - uint64_t sid; + crypto_session_t sid; }; METHOD int process {