Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 24 Nov 2020 16:15:28 -0800
From:      John Baldwin <jhb@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r368005 - in head: lib/libprocstat share/man/man4 sys/opencrypto sys/sys tools/tools/crypto usr.bin/procstat
Message-ID:  <d3614756-22f7-a13a-ce7c-489b31b84e46@FreeBSD.org>
In-Reply-To: <202011250010.0AP0AtH3061986@repo.freebsd.org>
References:  <202011250010.0AP0AtH3061986@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 11/24/20 4:10 PM, John Baldwin wrote:
> Author: jhb
> Date: Wed Nov 25 00:10:54 2020
> New Revision: 368005
> URL: https://svnweb.freebsd.org/changeset/base/368005
> 
> Log:
>   Remove the cloned file descriptors for /dev/crypto.
>   
>   Crypto file descriptors were added in the original OCF import as a way
>   to provide per-open data (specifically the list of symmetric
>   sessions).  However, this gives a bit of a confusing API where one has
>   to open /dev/crypto and then invoke an ioctl to obtain a second file
>   descriptor.  This also does not match the API used with /dev/crypto on
>   other BSDs or with Linux's /dev/crypto driver.
>   
>   Character devices have gained support for per-open data via cdevpriv
>   since OCF was imported, so use cdevpriv to simplify the userland API
>   by permitting ioctls directly on /dev/crypto descriptors.
>   
>   To provide backwards compatibility, CRIOGET now opens another
>   /dev/crypto descriptor via kern_openat() rather than dup'ing the
>   existing file descriptor.  This preserves prior semantics in case
>   CRIOGET is invoked multiple times on a single file descriptor.
>   
>   Reviewed by:	markj
>   Relnotes:	yes
>   Sponsored by:	Chelsio Communications
>   Differential Revision:	https://reviews.freebsd.org/D27302

This also allows the devcrypto engine in OpenSSL 1.1.1 to work since it
doesn't know about CRIOGET at all (though I have an open PR to teach
OpenSSL about CRIOGET so that it will work again on older branches here:

https://github.com/openssl/openssl/pull/13468

-- 
John Baldwin

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d3614756-22f7-a13a-ce7c-489b31b84e46>