/*      $NetBSD: ocryptodev.c,v 1.17 2022/03/12 17:15:04 riastradh Exp $ */
/*      $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $        */
/*      $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $   */

/*-
* Copyright (c) 2008 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Coyote Point Systems, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
*    notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
*    notice, this list of conditions and the following disclaimer in the
*    documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/

/*
* Copyright (c) 2001 Theo de Raadt
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
*   notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
*   notice, this list of conditions and the following disclaimer in the
*   documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote products
*   derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* Effort sponsored in part by the Defense Advanced Research Projects
* Agency (DARPA) and Air Force Research Laboratory, Air Force
* Materiel Command, USAF, under agreement number F30602-01-2-0537.
*
*/

/*
* Implement backward compatibility IOCTLs in this module.
*
*/

#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: ocryptodev.c,v 1.17 2022/03/12 17:15:04 riastradh Exp $");

#include <sys/param.h>
#include <sys/systm.h>
#include <sys/kmem.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/pool.h>
#include <sys/sysctl.h>
#include <sys/file.h>
#include <sys/filedesc.h>
#include <sys/errno.h>
#include <sys/md5.h>
#include <sys/sha1.h>
#include <sys/conf.h>
#include <sys/device.h>
#include <sys/kauth.h>
#include <sys/select.h>
#include <sys/poll.h>
#include <sys/atomic.h>
#include <sys/compat_stub.h>
#include <sys/module.h>

#ifdef _KERNEL_OPT
#include "opt_ocf.h"
#endif

#include <opencrypto/cryptodev.h>
#include <opencrypto/cryptodev_internal.h>
#include <opencrypto/ocryptodev.h>
#include <opencrypto/xform.h>

static int      ocryptodev_op(struct csession *, struct ocrypt_op *,
                   struct lwp *);
static int      ocryptodev_mop(struct fcrypt *, struct ocrypt_n_op *, int,
                   struct lwp *);
static int      ocryptodev_session(struct fcrypt *, struct osession_op *);
static int      ocryptodev_msession(struct fcrypt *, struct osession_n_op *,
                   int);

int
ocryptof_ioctl(struct file *fp, u_long cmd, void *data)
{
       struct fcrypt *fcr = fp->f_fcrypt;
       struct csession *cse;
       struct osession_op *osop;
       struct osession_n_op *osnop;
       struct ocrypt_op *ocop;
       struct ocrypt_mop *omop;
       struct ocrypt_n_op *ocnop;
       struct ocrypt_sgop *osgop;

       int error = 0;

       switch (cmd) {
       case OCIOCGSESSION:
               osop = (struct osession_op *)data;
               error = ocryptodev_session(fcr, osop);
               break;
       case CIOCNGSESSION:
               osgop = (struct ocrypt_sgop *)data;
               if ((osgop->count <= 0) ||
                   (SIZE_MAX/sizeof(struct osession_n_op) < osgop->count)) {
                       error = EINVAL;
                       break;
               }
               osnop = kmem_alloc((osgop->count *
                                 sizeof(struct osession_n_op)), KM_SLEEP);
               error = copyin(osgop->sessions, osnop, osgop->count *
                              sizeof(struct osession_n_op));
               if (error) {
                       goto mbail;
               }

               error = ocryptodev_msession(fcr, osnop, osgop->count);
               if (error) {
                       goto mbail;
               }

               error = copyout(osnop, osgop->sessions, osgop->count *
                   sizeof(struct osession_n_op));
mbail:
               kmem_free(osnop, osgop->count * sizeof(struct osession_n_op));
               break;
       case OCIOCCRYPT:
               mutex_enter(&cryptodev_mtx);
               ocop = (struct ocrypt_op *)data;
               cse = cryptodev_csefind(fcr, ocop->ses);
               mutex_exit(&cryptodev_mtx);
               if (cse == NULL) {
                       DPRINTF("csefind failed\n");
                       return EINVAL;
               }
               error = ocryptodev_op(cse, ocop, curlwp);
               DPRINTF("ocryptodev_op error = %d\n", error);
               break;
       case OCIOCNCRYPTM:
               omop = (struct ocrypt_mop *)data;
               if (omop->count <= 0 || omop->count > 1) {
                       error = EINVAL;
                       break;
               }
               ocnop = kmem_alloc((omop->count * sizeof(struct ocrypt_n_op)),
                   KM_SLEEP);
               error = copyin(omop->reqs, ocnop,
                   (omop->count * sizeof(struct ocrypt_n_op)));
               if(!error) {
                       error = ocryptodev_mop(fcr, ocnop, omop->count,
                           curlwp);
                       if (!error) {
                               error = copyout(ocnop, omop->reqs,
                                   (omop->count * sizeof(struct ocrypt_n_op)));
                       }
               }
               kmem_free(ocnop, (omop->count * sizeof(struct ocrypt_n_op)));
               break;
       default:
               DPRINTF("invalid ioctl cmd 0x%lx\n", cmd);
               return EINVAL;
       }
       return error;
}


static int
ocryptodev_op(struct csession *cse, struct ocrypt_op *ocop, struct lwp *l)
{
       struct crypt_op cop;

       cop.ses = ocop->ses;
       cop.op = ocop->op;
       cop.flags = ocop->flags;
       cop.len = ocop->len;
       cop.src = ocop->src;
       cop.dst = ocop->dst;
       cop.mac = ocop->mac;
       cop.iv = ocop->iv;
       cop.dst_len = 0;

       return cryptodev_op(cse, &cop, l);
};

static int
ocryptodev_mop(struct fcrypt *fcr, struct ocrypt_n_op *ocnop, int count,
   struct lwp *l)
{
       int res;

       struct crypt_n_op cnop;

       cnop.ses = ocnop->ses;
       cnop.op = ocnop->op;
       cnop.flags = ocnop->flags;
       cnop.len = ocnop->len;
       cnop.reqid = ocnop->reqid;
       cnop.status = ocnop->status;
       cnop.opaque = ocnop->opaque;
       cnop.keylen = ocnop->keylen;
       cnop.key = ocnop->key;
       cnop.mackeylen = ocnop->mackeylen;
       cnop.mackey = ocnop->mackey;
       cnop.src = ocnop->src;
       cnop.dst = ocnop->dst;
       cnop.mac = ocnop->mac;
       cnop.iv = ocnop->iv;
       cnop.dst_len = 0;
       res = cryptodev_mop(fcr, &cnop, count, l);
       ocnop->reqid = cnop.reqid;
       ocnop->status = cnop.status;

       return res;
};


static int
ocryptodev_session(struct fcrypt *fcr, struct osession_op *osop)
{
       struct session_op sop;
       int res;

       sop.cipher = osop->cipher;
       sop.mac = osop->mac;
       sop.comp_alg = 0;
       sop.keylen = osop->keylen;
       sop.key = osop->key;
       sop.mackeylen = osop->mackeylen;
       sop.mackey = osop->mackey;
       res = cryptodev_session(fcr, &sop);
       if (res)
               return res;
       osop->ses = sop.ses;
       return 0;

}

static int
ocryptodev_msession(struct fcrypt *fcr, struct osession_n_op *osn_ops,
                  int count)
{
       int i;

       for (i = 0; i < count; i++, osn_ops++) {
               struct osession_op os_op;
               os_op.cipher =          osn_ops->cipher;
               os_op.mac =             osn_ops->mac;
               os_op.keylen =          osn_ops->keylen;
               os_op.key =             osn_ops->key;
               os_op.mackeylen =       osn_ops->mackeylen;
               os_op.mackey =          osn_ops->mackey;
               os_op.ses =             ~0;

               osn_ops->status = ocryptodev_session(fcr, &os_op);
               osn_ops->ses =          os_op.ses;
       }

       return 0;
}