FreeBSD manual

download PDF document: crypto_copyback.9.pdf

CRYPTO_DRIVER(9) FreeBSD Kernel Developer's Manual CRYPTO_DRIVER(9)
NAME crypto_driver - interface for symmetric cryptographic drivers
SYNOPSIS #include <opencrypto/cryptodev.h>
void crypto_copyback(struct cryptop *crp, int off, int size, const void *src);
void crypto_copydata(struct cryptop *crp, int off, int size, void *dst);
void crypto_done(struct cryptop *crp);
int32_t crypto_get_driverid(device_t dev, size_t session_size, int flags);
void * crypto_get_driver_session(crypto_session_t crypto_session);
void crypto_read_iv(struct cryptop *crp, void *iv);
int crypto_unblock(uint32_t driverid, int what);
int crypto_unregister_all(uint32_t driverid);
int CRYPTODEV_FREESESSION(device_t dev, crypto_session_t crypto_session);
int CRYPTODEV_NEWSESSION(device_t dev, crypto_session_t crypto_session, const struct crypto_session_params *csp);
int CRYPTODEV_PROBESESSION(device_t dev, const struct crypto_session_params *csp);
int CRYPTODEV_PROCESS(device_t dev, struct cryptop *crp, int flags);
void hmac_init_ipad(struct auth_hash *axf, const char *key, int klen, void *auth_ctx);
void hmac_init_opad(struct auth_hash *axf, const char *key, int klen, void *auth_ctx);
DESCRIPTION Symmetric cryptographic drivers process cryptographic requests submitted to sessions associated with the driver.
Cryptographic drivers call crypto_get_driverid() to register with the using host CPUs. CRYPTOCAP_F_HARDWARE should be used for drivers which process requests on separate co-processors. CRYPTOCAP_F_SYNC should be set for drivers which process requests synchronously in CRYPTODEV_PROCESS(). CRYPTOCAP_F_ACCEL_SOFTWARE should be set for software drivers which use accelerated CPU instructions. crypto_get_driverid() returns an opaque driver id.
crypto_unregister_all() unregisters a driver from the cryptographic framework. If there are any pending operations or open sessions, this function will sleep. driverid is the value returned by an earlier call to crypto_get_driverid().
When a new session is created by crypto_newsession(), CRYPTODEV_PROBESESSION() is invoked by the cryptographic framework on each active driver to determine the best driver to use for the session. This method should inspect the session parameters in csp. If a driver does not support requests described by csp, this method should return an error value. If the driver does support requests described by csp, it should return a negative value. The framework prefers drivers with the largest negative value, similar to DEVICE_PROBE(9). The following values are defined for non-error return values from this method:
CRYPTODEV_PROBE_HARDWARE The driver processes requests via a co- processor.
CRYPTODEV_PROBE_ACCEL_SOFTWARE The driver processes requests on the host CPU using optimized instructions such as AES-NI.
CRYPTODEV_PROBE_SOFTWARE The driver processes requests on the host CPU.
This method should not sleep.
Once the framework has chosen a driver for a session, the framework invokes the CRYPTODEV_NEWSESSION() method to initialize driver-specific session state. Prior to calling this method, the framework allocates a per-session driver-specific data structure. This structure is initialized with zeroes, and its size is set by the session_size passed to crypto_get_driverid(). This method can retrieve a pointer to this data structure by passing crypto_session to crypto_get_driver_session(). Session parameters are described in csp.
This method should not sleep.
CRYPTODEV_FREESESSION() is invoked to release any driver-specific state when a session is destroyed. The per-session driver-specific data structure is explicitly zeroed and freed by the framework after this method returns. If a driver requires no additional tear-down steps, it can leave this method undefined.
This method should not sleep.
CRYPTODEV_PROCESS() is invoked for each request submitted to an active session. This method can either complete a request synchronously or schedule it to be completed asynchronously, but it must not sleep.
If this method is not able to complete a request due to insufficient resources such as a full command queue, it can defer the request by directly.
flags may be set to CRYPTO_HINT_MORE if there are additional requests queued for this driver. The driver can use this as a hint to batch completion interrupts. Note that these additional requests may be from different sessions.
crypto_get_driver_session() returns a pointer to the driver-specific per- session data structure for the session crypto_session. This function can be used in the CRYPTODEV_NEWSESSION(), CRYPTODEV_PROCESS(), and CRYPTODEV_FREESESSION() callbacks.
crypto_copydata() copies size bytes out of the input buffer for crp into a local buffer pointed to by dst. The bytes are read starting at an offset of off bytes in the request's input buffer.
crypto_copyback() copies size bytes from the local buffer pointed to by src into the output buffer for crp. The bytes are written starting at an offset of off bytes in the request's output buffer.
crypto_read_iv() copies the IV or nonce for crp into the local buffer pointed to by iv.
A driver calls crypto_done() to mark the request crp as completed. Any errors should be set in crp_etype prior to calling this function.
If a driver defers a request by returning ERESTART from CRYPTO_PROCESS, the framework will queue all requests for the driver until the driver calls crypto_unblock() to indicate that the temporary resource shortage has been relieved. For example, if a driver returns ERESTART due to a full command ring, it would invoke crypto_unblock() from a command completion interrupt that makes a command ring entry available. driverid is the value returned by crypto_get_driverid(). what indicates which types of requests the driver is able to handle again:
CRYPTO_SYMQ indicates that the driver is able to handle symmetric requests passed to CRYPTODEV_PROCESS().
hmac_init_ipad() prepares an authentication context to generate the inner hash of an HMAC. axf is a software implementation of an authentication algorithm such as the value returned by crypto_auth_hash(). key is a pointer to a HMAC key of klen bytes. auth_ctx points to a valid authentication context for the desired algorithm. The function initializes the context with the supplied key.
hmac_init_opad() is similar to hmac_init_ipad() except that it prepares an authentication context to generate the outer hash of an HMAC.
RETURN VALUES crypto_apply() returns the return value from the caller-supplied callback function.
crypto_contiguous_subsegment() returns a pointer to a contiguous segment or NULL.
crypto_get_driverid() returns a driver identifier on success or -1 on error.
crypto_unblock(), crypto_unregister_all(), CRYPTODEV_FREESESSION(), crypto(7), crypto(9), crypto_buffer(9), crypto_request(9), crypto_session(9)
FreeBSD 14.0-RELEASE-p11 April 12, 2021 FreeBSD 14.0-RELEASE-p11