1 /* 2 * QEMU Cryptodev backend for QEMU cipher APIs 3 * 4 * Copyright (c) 2022 Bytedance.Inc 5 * 6 * Authors: 7 * lei he <helei.sig11@bytedance.com> 8 * 9 * This library is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU Lesser General Public 11 * License as published by the Free Software Foundation; either 12 * version 2.1 of the License, or (at your option) any later version. 13 * 14 * This library is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 17 * Lesser General Public License for more details. 18 * 19 * You should have received a copy of the GNU Lesser General Public 20 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 21 * 22 */ 23 24 #include "qemu/osdep.h" 25 #include "crypto/cipher.h" 26 #include "crypto/akcipher.h" 27 #include "qapi/error.h" 28 #include "qemu/main-loop.h" 29 #include "qemu/thread.h" 30 #include "qemu/error-report.h" 31 #include "qemu/queue.h" 32 #include "qom/object.h" 33 #include "sysemu/cryptodev.h" 34 #include "standard-headers/linux/virtio_crypto.h" 35 36 #include <keyutils.h> 37 #include <sys/eventfd.h> 38 39 /** 40 * @TYPE_CRYPTODEV_BACKEND_LKCF: 41 * name of backend that uses linux kernel crypto framework 42 */ 43 #define TYPE_CRYPTODEV_BACKEND_LKCF "cryptodev-backend-lkcf" 44 45 OBJECT_DECLARE_SIMPLE_TYPE(CryptoDevBackendLKCF, CRYPTODEV_BACKEND_LKCF) 46 47 #define INVALID_KEY_ID -1 48 #define MAX_SESSIONS 256 49 #define NR_WORKER_THREAD 64 50 51 #define KCTL_KEY_TYPE_PKEY "asymmetric" 52 /** 53 * Here the key is uploaded to the thread-keyring of worker thread, at least 54 * util linux-6.0: 55 * 1. process keyring seems to behave unexpectedly if main-thread does not 56 * create the keyring before creating any other thread. 57 * 2. at present, the guest kernel never perform multiple operations on a 58 * session. 59 * 3. it can reduce the load of the main-loop because the key passed by the 60 * guest kernel has been already checked. 61 */ 62 #define KCTL_KEY_RING KEY_SPEC_THREAD_KEYRING 63 64 typedef struct CryptoDevBackendLKCFSession { 65 uint8_t *key; 66 size_t keylen; 67 QCryptoAkCipherKeyType keytype; 68 QCryptoAkCipherOptions akcipher_opts; 69 } CryptoDevBackendLKCFSession; 70 71 typedef struct CryptoDevBackendLKCF CryptoDevBackendLKCF; 72 typedef struct CryptoDevLKCFTask CryptoDevLKCFTask; 73 struct CryptoDevLKCFTask { 74 CryptoDevBackendLKCFSession *sess; 75 CryptoDevBackendOpInfo *op_info; 76 CryptoDevCompletionFunc cb; 77 void *opaque; 78 int status; 79 CryptoDevBackendLKCF *lkcf; 80 QSIMPLEQ_ENTRY(CryptoDevLKCFTask) queue; 81 }; 82 83 typedef struct CryptoDevBackendLKCF { 84 CryptoDevBackend parent_obj; 85 CryptoDevBackendLKCFSession *sess[MAX_SESSIONS]; 86 QSIMPLEQ_HEAD(, CryptoDevLKCFTask) requests; 87 QSIMPLEQ_HEAD(, CryptoDevLKCFTask) responses; 88 QemuMutex mutex; 89 QemuCond cond; 90 QemuMutex rsp_mutex; 91 92 /** 93 * There is no async interface for asymmetric keys like AF_ALG sockets, 94 * we don't seem to have better way than create a lots of thread. 95 */ 96 QemuThread worker_threads[NR_WORKER_THREAD]; 97 bool running; 98 int eventfd; 99 } CryptoDevBackendLKCF; 100 101 static void *cryptodev_lkcf_worker(void *arg); 102 static int cryptodev_lkcf_close_session(CryptoDevBackend *backend, 103 uint64_t session_id, 104 uint32_t queue_index, 105 CryptoDevCompletionFunc cb, 106 void *opaque); 107 108 static void cryptodev_lkcf_handle_response(void *opaque) 109 { 110 CryptoDevBackendLKCF *lkcf = (CryptoDevBackendLKCF *)opaque; 111 QSIMPLEQ_HEAD(, CryptoDevLKCFTask) responses; 112 CryptoDevLKCFTask *task, *next; 113 eventfd_t nevent; 114 115 QSIMPLEQ_INIT(&responses); 116 eventfd_read(lkcf->eventfd, &nevent); 117 118 qemu_mutex_lock(&lkcf->rsp_mutex); 119 QSIMPLEQ_PREPEND(&responses, &lkcf->responses); 120 qemu_mutex_unlock(&lkcf->rsp_mutex); 121 122 QSIMPLEQ_FOREACH_SAFE(task, &responses, queue, next) { 123 if (task->cb) { 124 task->cb(task->opaque, task->status); 125 } 126 g_free(task); 127 } 128 } 129 130 static int cryptodev_lkcf_set_op_desc(QCryptoAkCipherOptions *opts, 131 char *key_desc, 132 size_t desc_len, 133 Error **errp) 134 { 135 QCryptoAkCipherOptionsRSA *rsa_opt; 136 if (opts->alg != QCRYPTO_AK_CIPHER_ALGO_RSA) { 137 error_setg(errp, "Unsupported alg: %u", opts->alg); 138 return -1; 139 } 140 141 rsa_opt = &opts->u.rsa; 142 if (rsa_opt->padding_alg == QCRYPTO_RSA_PADDING_ALGO_PKCS1) { 143 snprintf(key_desc, desc_len, "enc=%s hash=%s", 144 QCryptoRSAPaddingAlgo_str(rsa_opt->padding_alg), 145 QCryptoHashAlgo_str(rsa_opt->hash_alg)); 146 147 } else { 148 snprintf(key_desc, desc_len, "enc=%s", 149 QCryptoRSAPaddingAlgo_str(rsa_opt->padding_alg)); 150 } 151 return 0; 152 } 153 154 static int cryptodev_lkcf_set_rsa_opt(int virtio_padding_alg, 155 int virtio_hash_alg, 156 QCryptoAkCipherOptionsRSA *opt, 157 Error **errp) 158 { 159 if (virtio_padding_alg == VIRTIO_CRYPTO_RSA_PKCS1_PADDING) { 160 opt->padding_alg = QCRYPTO_RSA_PADDING_ALGO_PKCS1; 161 162 switch (virtio_hash_alg) { 163 case VIRTIO_CRYPTO_RSA_MD5: 164 opt->hash_alg = QCRYPTO_HASH_ALGO_MD5; 165 break; 166 167 case VIRTIO_CRYPTO_RSA_SHA1: 168 opt->hash_alg = QCRYPTO_HASH_ALGO_SHA1; 169 break; 170 171 case VIRTIO_CRYPTO_RSA_SHA256: 172 opt->hash_alg = QCRYPTO_HASH_ALGO_SHA256; 173 break; 174 175 case VIRTIO_CRYPTO_RSA_SHA512: 176 opt->hash_alg = QCRYPTO_HASH_ALGO_SHA512; 177 break; 178 179 default: 180 error_setg(errp, "Unsupported rsa hash algo: %d", virtio_hash_alg); 181 return -1; 182 } 183 return 0; 184 } 185 186 if (virtio_padding_alg == VIRTIO_CRYPTO_RSA_RAW_PADDING) { 187 opt->padding_alg = QCRYPTO_RSA_PADDING_ALGO_RAW; 188 return 0; 189 } 190 191 error_setg(errp, "Unsupported rsa padding algo: %u", virtio_padding_alg); 192 return -1; 193 } 194 195 static int cryptodev_lkcf_get_unused_session_index(CryptoDevBackendLKCF *lkcf) 196 { 197 size_t i; 198 199 for (i = 0; i < MAX_SESSIONS; i++) { 200 if (lkcf->sess[i] == NULL) { 201 return i; 202 } 203 } 204 return -1; 205 } 206 207 static void cryptodev_lkcf_init(CryptoDevBackend *backend, Error **errp) 208 { 209 /* Only support one queue */ 210 int queues = backend->conf.peers.queues, i; 211 CryptoDevBackendClient *cc; 212 CryptoDevBackendLKCF *lkcf = 213 CRYPTODEV_BACKEND_LKCF(backend); 214 215 if (queues != 1) { 216 error_setg(errp, 217 "Only support one queue in cryptodev-builtin backend"); 218 return; 219 } 220 lkcf->eventfd = eventfd(0, 0); 221 if (lkcf->eventfd < 0) { 222 error_setg(errp, "Failed to create eventfd: %d", errno); 223 return; 224 } 225 226 cc = cryptodev_backend_new_client(); 227 cc->info_str = g_strdup_printf("cryptodev-lkcf0"); 228 cc->queue_index = 0; 229 cc->type = QCRYPTODEV_BACKEND_TYPE_LKCF; 230 backend->conf.peers.ccs[0] = cc; 231 232 backend->conf.crypto_services = 233 1u << QCRYPTODEV_BACKEND_SERVICE_TYPE_AKCIPHER; 234 backend->conf.akcipher_algo = 1u << VIRTIO_CRYPTO_AKCIPHER_RSA; 235 lkcf->running = true; 236 237 QSIMPLEQ_INIT(&lkcf->requests); 238 QSIMPLEQ_INIT(&lkcf->responses); 239 qemu_mutex_init(&lkcf->mutex); 240 qemu_mutex_init(&lkcf->rsp_mutex); 241 qemu_cond_init(&lkcf->cond); 242 for (i = 0; i < NR_WORKER_THREAD; i++) { 243 qemu_thread_create(&lkcf->worker_threads[i], "lkcf-worker", 244 cryptodev_lkcf_worker, lkcf, 0); 245 } 246 qemu_set_fd_handler( 247 lkcf->eventfd, cryptodev_lkcf_handle_response, NULL, lkcf); 248 cryptodev_backend_set_ready(backend, true); 249 } 250 251 static void cryptodev_lkcf_cleanup(CryptoDevBackend *backend, Error **errp) 252 { 253 CryptoDevBackendLKCF *lkcf = CRYPTODEV_BACKEND_LKCF(backend); 254 size_t i; 255 int queues = backend->conf.peers.queues; 256 CryptoDevBackendClient *cc; 257 CryptoDevLKCFTask *task, *next; 258 259 qemu_mutex_lock(&lkcf->mutex); 260 lkcf->running = false; 261 qemu_mutex_unlock(&lkcf->mutex); 262 qemu_cond_broadcast(&lkcf->cond); 263 264 close(lkcf->eventfd); 265 for (i = 0; i < NR_WORKER_THREAD; i++) { 266 qemu_thread_join(&lkcf->worker_threads[i]); 267 } 268 269 QSIMPLEQ_FOREACH_SAFE(task, &lkcf->requests, queue, next) { 270 if (task->cb) { 271 task->cb(task->opaque, task->status); 272 } 273 g_free(task); 274 } 275 276 QSIMPLEQ_FOREACH_SAFE(task, &lkcf->responses, queue, next) { 277 if (task->cb) { 278 task->cb(task->opaque, task->status); 279 } 280 g_free(task); 281 } 282 283 qemu_mutex_destroy(&lkcf->mutex); 284 qemu_cond_destroy(&lkcf->cond); 285 qemu_mutex_destroy(&lkcf->rsp_mutex); 286 287 for (i = 0; i < MAX_SESSIONS; i++) { 288 if (lkcf->sess[i] != NULL) { 289 cryptodev_lkcf_close_session(backend, i, 0, NULL, NULL); 290 } 291 } 292 293 for (i = 0; i < queues; i++) { 294 cc = backend->conf.peers.ccs[i]; 295 if (cc) { 296 cryptodev_backend_free_client(cc); 297 backend->conf.peers.ccs[i] = NULL; 298 } 299 } 300 301 cryptodev_backend_set_ready(backend, false); 302 } 303 304 static void cryptodev_lkcf_execute_task(CryptoDevLKCFTask *task) 305 { 306 CryptoDevBackendLKCFSession *session = task->sess; 307 CryptoDevBackendAsymOpInfo *asym_op_info; 308 bool kick = false; 309 int ret, status, op_code = task->op_info->op_code; 310 size_t p8info_len; 311 g_autofree uint8_t *p8info = NULL; 312 Error *local_error = NULL; 313 key_serial_t key_id = INVALID_KEY_ID; 314 char op_desc[64]; 315 g_autoptr(QCryptoAkCipher) akcipher = NULL; 316 317 /** 318 * We only offload private key session: 319 * 1. currently, the Linux kernel can only accept public key wrapped 320 * with X.509 certificates, but unfortunately the cost of making a 321 * ceritificate with public key is too expensive. 322 * 2. generally, public key related compution is fast, just compute it with 323 * thread-pool. 324 */ 325 if (session->keytype == QCRYPTO_AK_CIPHER_KEY_TYPE_PRIVATE) { 326 if (qcrypto_akcipher_export_p8info(&session->akcipher_opts, 327 session->key, session->keylen, 328 &p8info, &p8info_len, 329 &local_error) != 0 || 330 cryptodev_lkcf_set_op_desc(&session->akcipher_opts, op_desc, 331 sizeof(op_desc), &local_error) != 0) { 332 error_report_err(local_error); 333 } else { 334 key_id = add_key(KCTL_KEY_TYPE_PKEY, "lkcf-backend-priv-key", 335 p8info, p8info_len, KCTL_KEY_RING); 336 } 337 } 338 339 if (key_id < 0) { 340 if (!qcrypto_akcipher_supports(&session->akcipher_opts)) { 341 status = -VIRTIO_CRYPTO_NOTSUPP; 342 goto out; 343 } 344 akcipher = qcrypto_akcipher_new(&session->akcipher_opts, 345 session->keytype, 346 session->key, session->keylen, 347 &local_error); 348 if (!akcipher) { 349 status = -VIRTIO_CRYPTO_ERR; 350 goto out; 351 } 352 } 353 354 asym_op_info = task->op_info->u.asym_op_info; 355 switch (op_code) { 356 case VIRTIO_CRYPTO_AKCIPHER_ENCRYPT: 357 if (key_id >= 0) { 358 ret = keyctl_pkey_encrypt(key_id, op_desc, 359 asym_op_info->src, asym_op_info->src_len, 360 asym_op_info->dst, asym_op_info->dst_len); 361 } else { 362 ret = qcrypto_akcipher_encrypt(akcipher, 363 asym_op_info->src, asym_op_info->src_len, 364 asym_op_info->dst, asym_op_info->dst_len, &local_error); 365 } 366 break; 367 368 case VIRTIO_CRYPTO_AKCIPHER_DECRYPT: 369 if (key_id >= 0) { 370 ret = keyctl_pkey_decrypt(key_id, op_desc, 371 asym_op_info->src, asym_op_info->src_len, 372 asym_op_info->dst, asym_op_info->dst_len); 373 } else { 374 ret = qcrypto_akcipher_decrypt(akcipher, 375 asym_op_info->src, asym_op_info->src_len, 376 asym_op_info->dst, asym_op_info->dst_len, &local_error); 377 } 378 break; 379 380 case VIRTIO_CRYPTO_AKCIPHER_SIGN: 381 if (key_id >= 0) { 382 ret = keyctl_pkey_sign(key_id, op_desc, 383 asym_op_info->src, asym_op_info->src_len, 384 asym_op_info->dst, asym_op_info->dst_len); 385 } else { 386 ret = qcrypto_akcipher_sign(akcipher, 387 asym_op_info->src, asym_op_info->src_len, 388 asym_op_info->dst, asym_op_info->dst_len, &local_error); 389 } 390 break; 391 392 case VIRTIO_CRYPTO_AKCIPHER_VERIFY: 393 if (key_id >= 0) { 394 ret = keyctl_pkey_verify(key_id, op_desc, 395 asym_op_info->src, asym_op_info->src_len, 396 asym_op_info->dst, asym_op_info->dst_len); 397 } else { 398 ret = qcrypto_akcipher_verify(akcipher, 399 asym_op_info->src, asym_op_info->src_len, 400 asym_op_info->dst, asym_op_info->dst_len, &local_error); 401 } 402 break; 403 404 default: 405 error_setg(&local_error, "Unknown opcode: %u", op_code); 406 status = -VIRTIO_CRYPTO_ERR; 407 goto out; 408 } 409 410 if (ret < 0) { 411 if (!local_error) { 412 if (errno != EKEYREJECTED) { 413 error_report("Failed do operation with keyctl: %d", errno); 414 } 415 } else { 416 error_report_err(local_error); 417 } 418 status = op_code == VIRTIO_CRYPTO_AKCIPHER_VERIFY ? 419 -VIRTIO_CRYPTO_KEY_REJECTED : -VIRTIO_CRYPTO_ERR; 420 } else { 421 status = VIRTIO_CRYPTO_OK; 422 asym_op_info->dst_len = ret; 423 } 424 425 out: 426 if (key_id >= 0) { 427 keyctl_unlink(key_id, KCTL_KEY_RING); 428 } 429 task->status = status; 430 431 qemu_mutex_lock(&task->lkcf->rsp_mutex); 432 if (QSIMPLEQ_EMPTY(&task->lkcf->responses)) { 433 kick = true; 434 } 435 QSIMPLEQ_INSERT_TAIL(&task->lkcf->responses, task, queue); 436 qemu_mutex_unlock(&task->lkcf->rsp_mutex); 437 438 if (kick) { 439 eventfd_write(task->lkcf->eventfd, 1); 440 } 441 } 442 443 static void *cryptodev_lkcf_worker(void *arg) 444 { 445 CryptoDevBackendLKCF *backend = (CryptoDevBackendLKCF *)arg; 446 CryptoDevLKCFTask *task; 447 448 for (;;) { 449 task = NULL; 450 qemu_mutex_lock(&backend->mutex); 451 while (backend->running && QSIMPLEQ_EMPTY(&backend->requests)) { 452 qemu_cond_wait(&backend->cond, &backend->mutex); 453 } 454 if (backend->running) { 455 task = QSIMPLEQ_FIRST(&backend->requests); 456 QSIMPLEQ_REMOVE_HEAD(&backend->requests, queue); 457 } 458 qemu_mutex_unlock(&backend->mutex); 459 460 /* stopped */ 461 if (!task) { 462 break; 463 } 464 cryptodev_lkcf_execute_task(task); 465 } 466 467 return NULL; 468 } 469 470 static int cryptodev_lkcf_operation( 471 CryptoDevBackend *backend, 472 CryptoDevBackendOpInfo *op_info) 473 { 474 CryptoDevBackendLKCF *lkcf = 475 CRYPTODEV_BACKEND_LKCF(backend); 476 CryptoDevBackendLKCFSession *sess; 477 QCryptodevBackendAlgoType algtype = op_info->algtype; 478 CryptoDevLKCFTask *task; 479 480 if (op_info->session_id >= MAX_SESSIONS || 481 lkcf->sess[op_info->session_id] == NULL) { 482 error_report("Cannot find a valid session id: %" PRIu64 "", 483 op_info->session_id); 484 return -VIRTIO_CRYPTO_INVSESS; 485 } 486 487 sess = lkcf->sess[op_info->session_id]; 488 if (algtype != QCRYPTODEV_BACKEND_ALGO_TYPE_ASYM) { 489 error_report("algtype not supported: %u", algtype); 490 return -VIRTIO_CRYPTO_NOTSUPP; 491 } 492 493 task = g_new0(CryptoDevLKCFTask, 1); 494 task->op_info = op_info; 495 task->cb = op_info->cb; 496 task->opaque = op_info->opaque; 497 task->sess = sess; 498 task->lkcf = lkcf; 499 task->status = -VIRTIO_CRYPTO_ERR; 500 501 qemu_mutex_lock(&lkcf->mutex); 502 QSIMPLEQ_INSERT_TAIL(&lkcf->requests, task, queue); 503 qemu_mutex_unlock(&lkcf->mutex); 504 qemu_cond_signal(&lkcf->cond); 505 506 return VIRTIO_CRYPTO_OK; 507 } 508 509 static int cryptodev_lkcf_create_asym_session( 510 CryptoDevBackendLKCF *lkcf, 511 CryptoDevBackendAsymSessionInfo *sess_info, 512 uint64_t *session_id) 513 { 514 Error *local_error = NULL; 515 int index; 516 g_autofree CryptoDevBackendLKCFSession *sess = 517 g_new0(CryptoDevBackendLKCFSession, 1); 518 519 switch (sess_info->algo) { 520 case VIRTIO_CRYPTO_AKCIPHER_RSA: 521 sess->akcipher_opts.alg = QCRYPTO_AK_CIPHER_ALGO_RSA; 522 if (cryptodev_lkcf_set_rsa_opt( 523 sess_info->u.rsa.padding_algo, sess_info->u.rsa.hash_algo, 524 &sess->akcipher_opts.u.rsa, &local_error) != 0) { 525 error_report_err(local_error); 526 return -VIRTIO_CRYPTO_ERR; 527 } 528 break; 529 530 default: 531 error_report("Unsupported asym alg %u", sess_info->algo); 532 return -VIRTIO_CRYPTO_NOTSUPP; 533 } 534 535 switch (sess_info->keytype) { 536 case VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PUBLIC: 537 sess->keytype = QCRYPTO_AK_CIPHER_KEY_TYPE_PUBLIC; 538 break; 539 540 case VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PRIVATE: 541 sess->keytype = QCRYPTO_AK_CIPHER_KEY_TYPE_PRIVATE; 542 break; 543 544 default: 545 error_report("Unknown akcipher keytype: %u", sess_info->keytype); 546 return -VIRTIO_CRYPTO_ERR; 547 } 548 549 index = cryptodev_lkcf_get_unused_session_index(lkcf); 550 if (index < 0) { 551 error_report("Total number of sessions created exceeds %u", 552 MAX_SESSIONS); 553 return -VIRTIO_CRYPTO_ERR; 554 } 555 556 sess->keylen = sess_info->keylen; 557 sess->key = g_malloc(sess_info->keylen); 558 memcpy(sess->key, sess_info->key, sess_info->keylen); 559 560 lkcf->sess[index] = g_steal_pointer(&sess); 561 *session_id = index; 562 563 return VIRTIO_CRYPTO_OK; 564 } 565 566 static int cryptodev_lkcf_create_session( 567 CryptoDevBackend *backend, 568 CryptoDevBackendSessionInfo *sess_info, 569 uint32_t queue_index, 570 CryptoDevCompletionFunc cb, 571 void *opaque) 572 { 573 CryptoDevBackendAsymSessionInfo *asym_sess_info; 574 CryptoDevBackendLKCF *lkcf = 575 CRYPTODEV_BACKEND_LKCF(backend); 576 int ret; 577 578 switch (sess_info->op_code) { 579 case VIRTIO_CRYPTO_AKCIPHER_CREATE_SESSION: 580 asym_sess_info = &sess_info->u.asym_sess_info; 581 ret = cryptodev_lkcf_create_asym_session( 582 lkcf, asym_sess_info, &sess_info->session_id); 583 break; 584 585 default: 586 ret = -VIRTIO_CRYPTO_NOTSUPP; 587 error_report("Unsupported opcode: %" PRIu32 "", 588 sess_info->op_code); 589 break; 590 } 591 if (cb) { 592 cb(opaque, ret); 593 } 594 return 0; 595 } 596 597 static int cryptodev_lkcf_close_session(CryptoDevBackend *backend, 598 uint64_t session_id, 599 uint32_t queue_index, 600 CryptoDevCompletionFunc cb, 601 void *opaque) 602 { 603 CryptoDevBackendLKCF *lkcf = CRYPTODEV_BACKEND_LKCF(backend); 604 CryptoDevBackendLKCFSession *session; 605 606 assert(session_id < MAX_SESSIONS && lkcf->sess[session_id]); 607 session = lkcf->sess[session_id]; 608 lkcf->sess[session_id] = NULL; 609 610 g_free(session->key); 611 g_free(session); 612 613 if (cb) { 614 cb(opaque, VIRTIO_CRYPTO_OK); 615 } 616 return 0; 617 } 618 619 static void cryptodev_lkcf_class_init(ObjectClass *oc, void *data) 620 { 621 CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc); 622 623 bc->init = cryptodev_lkcf_init; 624 bc->cleanup = cryptodev_lkcf_cleanup; 625 bc->create_session = cryptodev_lkcf_create_session; 626 bc->close_session = cryptodev_lkcf_close_session; 627 bc->do_op = cryptodev_lkcf_operation; 628 } 629 630 static const TypeInfo cryptodev_builtin_info = { 631 .name = TYPE_CRYPTODEV_BACKEND_LKCF, 632 .parent = TYPE_CRYPTODEV_BACKEND, 633 .class_init = cryptodev_lkcf_class_init, 634 .instance_size = sizeof(CryptoDevBackendLKCF), 635 }; 636 637 static void cryptodev_lkcf_register_types(void) 638 { 639 type_register_static(&cryptodev_builtin_info); 640 } 641 642 type_init(cryptodev_lkcf_register_types); 643