From owner-svn-src-head@freebsd.org  Thu Aug 22 09:39:50 2019
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id C87FFC3896;
 Thu, 22 Aug 2019 09:39:50 +0000 (UTC) (envelope-from bz@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org
 [IPv6:2610:1c1:1:606c::24b:4])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 46DfdL4h1Jz4GYh;
 Thu, 22 Aug 2019 09:39:50 +0000 (UTC) (envelope-from bz@FreeBSD.org)
Received: from mx1.sbone.de (cross.sbone.de [195.201.62.131])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mx1.sbone.de", Issuer "SBone.DE" (not verified))
 (Authenticated sender: bz/mail)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 6D94ED665;
 Thu, 22 Aug 2019 09:39:50 +0000 (UTC) (envelope-from bz@FreeBSD.org)
Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587])
 (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.sbone.de (Postfix) with ESMTPS id 6DC618D4A210;
 Thu, 22 Aug 2019 09:39:49 +0000 (UTC)
Received: from content-filter.sbone.de (content-filter.sbone.de
 [IPv6:fde9:577b:c1a9:31::2013:2742])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.sbone.de (Postfix) with ESMTPS id E457FE7084B;
 Thu, 22 Aug 2019 09:39:48 +0000 (UTC)
X-Virus-Scanned: amavisd-new at sbone.de
Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587])
 by content-filter.sbone.de (content-filter.sbone.de
 [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024)
 with ESMTP id Q51KwTrJo8zM; Thu, 22 Aug 2019 09:39:46 +0000 (UTC)
Received: from [127.0.0.1] (unknown
 [IPv6:fde9:577b:c1a9:31:b8c3:fcc4:54a6:5880])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.sbone.de (Postfix) with ESMTPSA id 5B081E70847;
 Thu, 22 Aug 2019 09:39:46 +0000 (UTC)
From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
To: "John Baldwin" <jhb@FreeBSD.org>
Cc: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: Re: svn commit: r351364 - in head/sys: crypto/blowfish
 crypto/chacha20 crypto/des opencrypto
Date: Thu, 22 Aug 2019 09:39:45 +0000
X-Mailer: MailMate (2.0BETAr6137)
Message-ID: <DC49D260-C049-47F3-ADFA-76D793212E16@FreeBSD.org>
In-Reply-To: <201908220002.x7M028Jh070116@repo.freebsd.org>
References: <201908220002.x7M028Jh070116@repo.freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Aug 2019 09:39:50 -0000

On 22 Aug 2019, at 0:02, John Baldwin wrote:

Hi,

> Author: jhb
> Date: Thu Aug 22 00:02:08 2019
> New Revision: 351364
> URL: https://svnweb.freebsd.org/changeset/base/351364
>
> Log:
>   Use 'const' for keys and IVs passed to software encryption 
> algorithms.
>
>   Specifically, use 'const' for the key passed to the 'setkey' method
>   and 'const' for the 'iv' passed to the 'reinit' method.
>
>   Reviewed by:	cem
>   Sponsored by:	Chelsio Communications
>   Differential Revision:	https://reviews.freebsd.org/D21347

can you please review and commit this one to make gcc platforms a bit 
more happy again (I tested a sparc64 GENERIC kernel build):

Reported by:	CI system (gcc)

Index: sys/opencrypto/xform_des1.c
===================================================================
--- sys/opencrypto/xform_des1.c	(revision 351384)
+++ sys/opencrypto/xform_des1.c	(working copy)
@@ -99,7 +99,7 @@ des1_setkey(u_int8_t **sched, const u_int8_t *key,
  	p = KMALLOC(sizeof (des_key_schedule),
  		M_CRYPTO_DATA, M_NOWAIT|M_ZERO);
  	if (p != NULL) {
-		des_set_key((const des_cblock *) key, p[0]);
+		des_set_key(__DEQUALIFY(const des_cblock *, key), p[0]);
  		err = 0;
  	} else
  		err = ENOMEM;
Index: sys/opencrypto/xform_des3.c
===================================================================
--- sys/opencrypto/xform_des3.c	(revision 351384)
+++ sys/opencrypto/xform_des3.c	(working copy)
@@ -100,9 +100,9 @@ des3_setkey(u_int8_t **sched, const u_int8_t *key,
  	p = KMALLOC(3*sizeof (des_key_schedule),
  		M_CRYPTO_DATA, M_NOWAIT|M_ZERO);
  	if (p != NULL) {
-		des_set_key((const des_cblock *)(key +  0), p[0]);
-		des_set_key((const des_cblock *)(key +  8), p[1]);
-		des_set_key((const des_cblock *)(key + 16), p[2]);
+		des_set_key(__DEQUALIFY(const des_cblock *,(key +  0)), p[0]);
+		des_set_key(__DEQUALIFY(const des_cblock *,(key +  8)), p[1]);
+		des_set_key(__DEQUALIFY(const des_cblock *,(key +  16)), p[2]);
  		err = 0;
  	} else
  		err = ENOMEM;
Index: sys/netsmb/smb_crypt.c
===================================================================
--- sys/netsmb/smb_crypt.c	(revision 351384)
+++ sys/netsmb/smb_crypt.c	(working copy)
@@ -83,7 +83,7 @@ smb_E(const u_char *key, u_char *data, u_char *des
  	kk[6] = key[5] << 2 | (key[6] >> 6 & 0xfe);
  	kk[7] = key[6] << 1;
  	ksp = malloc(sizeof(des_key_schedule), M_SMBTEMP, M_WAITOK);
-	des_set_key((des_cblock *)kk, *ksp);
+	des_set_key((const des_cblock *)kk, *ksp);
  	des_ecb_encrypt((des_cblock *)data, (des_cblock *)dest, *ksp, 1);
  	free(ksp, M_SMBTEMP);
  }
Index: sys/kgssapi/krb5/kcrypto_des.c
===================================================================
--- sys/kgssapi/krb5/kcrypto_des.c	(revision 351384)
+++ sys/kgssapi/krb5/kcrypto_des.c	(working copy)
@@ -136,7 +136,7 @@ des1_random_to_key(struct krb5_key_state *ks, cons
  	    | ((inkey[5] & 1) << 6)
  	    | ((inkey[6] & 1) << 7));
  	des_set_odd_parity((des_cblock *) outkey);
-	if (des_is_weak_key((des_cblock *) outkey))
+	if (des_is_weak_key((const des_cblock *) outkey))
  		outkey[7] ^= 0xf0;

  	des1_set_key(ks, ks->ks_key);
Index: sys/kgssapi/krb5/kcrypto_des3.c
===================================================================
--- sys/kgssapi/krb5/kcrypto_des3.c	(revision 351384)
+++ sys/kgssapi/krb5/kcrypto_des3.c	(working copy)
@@ -145,7 +145,7 @@ des3_random_to_key(struct krb5_key_state *ks, cons
  		    | ((inkey[5] & 1) << 6)
  		    | ((inkey[6] & 1) << 7));
  		des_set_odd_parity((des_cblock *) outkey);
-		if (des_is_weak_key((des_cblock *) outkey))
+		if (des_is_weak_key((const des_cblock *) outkey))
  			outkey[7] ^= 0xf0;
  	}