FreeBSD: remove support for FreeBSD < 13.0-RELEASE (#16372)

This includes the last 12.x release (now EOL) and 13.0 development versions (<1300139). Sponsored-by: https://despairlabs.com/sponsor/ Signed-off-by: Rob Norris <robn@despairlabs.com> Reviewed-by: Alexander Motin <mav@FreeBSD.org> Reviewed-by: Tino Reichardt <milky-zfs@mcmilk.de> Reviewed-by: Tony Hutter <hutter2@llnl.gov>
2026-05-28 17:39:23 +03:00 · 2024-08-06 09:56:45 +10:00
parent 845b7b7e66
commit 3f9ee8089d
27 changed files with 86 additions and 857 deletions
@@ -200,13 +200,6 @@ zfs_crypto_dispatch(freebsd_crypt_session_t *session, struct cryptop *crp)
 		crp->crp_etype = 0;
 		crp->crp_flags &= ~CRYPTO_F_DONE;
 		session->fs_done = false;
-#if __FreeBSD_version < 1300087
-		/*
-		 * Session ID changed, so we should record that,
-		 * and try again
-		 */
-		session->fs_sid = crp->crp_session;
-#endif
 	}
 	return (error);
 }
@@ -253,7 +246,6 @@ freebsd_crypt_uio_debug_log(boolean_t encrypt,
 * happen every time the key changes (including when
 * it's first loaded).
 */
-#if __FreeBSD_version >= 1300087
 int
 freebsd_crypt_newsession(freebsd_crypt_session_t *sessp,
    const struct zio_crypt_info *c_info, crypto_key_t *key)
@@ -392,244 +384,3 @@ out:
 	}
 	return (error);
 }
-
-#else
-int
-freebsd_crypt_newsession(freebsd_crypt_session_t *sessp,
-    const struct zio_crypt_info *c_info, crypto_key_t *key)
-{
-	struct cryptoini cria = {0}, crie = {0}, *crip;
-	struct enc_xform *xform;
-	struct auth_hash *xauth;
-	int error = 0;
-	crypto_session_t sid;
-
-#ifdef FCRYPTO_DEBUG
-	printf("%s(%p, { %s, %d, %d, %s }, { %p, %u })\n",
-	    __FUNCTION__, sessp,
-	    c_info->ci_algname, c_info->ci_crypt_type,
-	    (unsigned int)c_info->ci_keylen, c_info->ci_name,
-	    key->ck_data, (unsigned int)key->ck_length);
-	printf("\tkey = { ");
-	for (int i = 0; i < key->ck_length / 8; i++) {
-		uint8_t *b = (uint8_t *)key->ck_data;
-		printf("%02x ", b[i]);
-	}
-	printf("}\n");
-#endif
-	switch (c_info->ci_crypt_type) {
-	case ZC_TYPE_GCM:
-		xform = &enc_xform_aes_nist_gcm;
-		switch (key->ck_length/8) {
-		case AES_128_GMAC_KEY_LEN:
-			xauth = &auth_hash_nist_gmac_aes_128;
-			break;
-		case AES_192_GMAC_KEY_LEN:
-			xauth = &auth_hash_nist_gmac_aes_192;
-			break;
-		case AES_256_GMAC_KEY_LEN:
-			xauth = &auth_hash_nist_gmac_aes_256;
-			break;
-		default:
-			error = EINVAL;
-			goto bad;
-		}
-		break;
-	case ZC_TYPE_CCM:
-		xform = &enc_xform_ccm;
-		switch (key->ck_length/8) {
-		case AES_128_CBC_MAC_KEY_LEN:
-			xauth = &auth_hash_ccm_cbc_mac_128;
-			break;
-		case AES_192_CBC_MAC_KEY_LEN:
-			xauth = &auth_hash_ccm_cbc_mac_192;
-			break;
-		case AES_256_CBC_MAC_KEY_LEN:
-			xauth = &auth_hash_ccm_cbc_mac_256;
-			break;
-		default:
-			error = EINVAL;
-			goto bad;
-			break;
-		}
-		break;
-	default:
-		error = ENOTSUP;
-		goto bad;
-	}
-#ifdef FCRYPTO_DEBUG
-	printf("%s(%d): Using crypt %s (key length %u [%u bytes]), "
-	    "auth %s (key length %d)\n",
-	    __FUNCTION__, __LINE__,
-	    xform->name, (unsigned int)key->ck_length,
-	    (unsigned int)key->ck_length/8,
-	    xauth->name, xauth->keysize);
-#endif
-
-	crie.cri_alg = xform->type;
-	crie.cri_key = key->ck_data;
-	crie.cri_klen = key->ck_length;
-
-	cria.cri_alg = xauth->type;
-	cria.cri_key = key->ck_data;
-	cria.cri_klen = key->ck_length;
-
-	cria.cri_next = &crie;
-	crie.cri_next = NULL;
-	crip = &cria;
-	// Everything else is zero-initialised
-
-	error = crypto_newsession(&sid, crip,
-	    CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE);
-	if (error != 0) {
-		printf("%s(%d):  crypto_newsession failed with %d\n",
-		    __FUNCTION__, __LINE__, error);
-		goto bad;
-	}
-	sessp->fs_sid = sid;
-	mtx_init(&sessp->fs_lock, "FreeBSD Cryptographic Session Lock",
-	    NULL, MTX_DEF);
-	crypt_sessions++;
-bad:
-	return (error);
-}
-
-/*
- * The meat of encryption/decryption.
- * If sessp is NULL, then it will create a
- * temporary cryptographic session, and release
- * it when done.
- */
-int
-freebsd_crypt_uio(boolean_t encrypt,
-    freebsd_crypt_session_t *input_sessionp,
-    const struct zio_crypt_info *c_info,
-    zfs_uio_t *data_uio,
-    crypto_key_t *key,
-    uint8_t *ivbuf,
-    size_t datalen,
-    size_t auth_len)
-{
-	struct cryptop *crp;
-	struct cryptodesc *enc_desc, *auth_desc;
-	struct enc_xform *xform;
-	struct auth_hash *xauth;
-	freebsd_crypt_session_t *session = NULL;
-	int error;
-
-	freebsd_crypt_uio_debug_log(encrypt, input_sessionp, c_info, data_uio,
-	    key, ivbuf, datalen, auth_len);
-	switch (c_info->ci_crypt_type) {
-	case ZC_TYPE_GCM:
-		xform = &enc_xform_aes_nist_gcm;
-		switch (key->ck_length/8) {
-		case AES_128_GMAC_KEY_LEN:
-			xauth = &auth_hash_nist_gmac_aes_128;
-			break;
-		case AES_192_GMAC_KEY_LEN:
-			xauth = &auth_hash_nist_gmac_aes_192;
-			break;
-		case AES_256_GMAC_KEY_LEN:
-			xauth = &auth_hash_nist_gmac_aes_256;
-			break;
-		default:
-			error = EINVAL;
-			goto bad;
-		}
-		break;
-	case ZC_TYPE_CCM:
-		xform = &enc_xform_ccm;
-		switch (key->ck_length/8) {
-		case AES_128_CBC_MAC_KEY_LEN:
-			xauth = &auth_hash_ccm_cbc_mac_128;
-			break;
-		case AES_192_CBC_MAC_KEY_LEN:
-			xauth = &auth_hash_ccm_cbc_mac_192;
-			break;
-		case AES_256_CBC_MAC_KEY_LEN:
-			xauth = &auth_hash_ccm_cbc_mac_256;
-			break;
-		default:
-			error = EINVAL;
-			goto bad;
-			break;
-		}
-		break;
-	default:
-		error = ENOTSUP;
-		goto bad;
-	}
-
-#ifdef FCRYPTO_DEBUG
-	printf("%s(%d): Using crypt %s (key length %u [%u bytes]), "
-	    "auth %s (key length %d)\n",
-	    __FUNCTION__, __LINE__,
-	    xform->name, (unsigned int)key->ck_length,
-	    (unsigned int)key->ck_length/8,
-	    xauth->name, xauth->keysize);
-#endif
-
-	if (input_sessionp == NULL) {
-		session = kmem_zalloc(sizeof (*session), KM_SLEEP);
-		error = freebsd_crypt_newsession(session, c_info, key);
-		if (error)
-			goto out;
-	} else
-		session = input_sessionp;
-
-	crp = crypto_getreq(2);
-	if (crp == NULL) {
-		error = ENOMEM;
-		goto bad;
-	}
-
-	auth_desc = crp->crp_desc;
-	enc_desc = auth_desc->crd_next;
-
-	crp->crp_session = session->fs_sid;
-	crp->crp_ilen = auth_len + datalen;
-	crp->crp_buf = (void*)GET_UIO_STRUCT(data_uio);
-	crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIFSYNC;
-
-	auth_desc->crd_skip = 0;
-	auth_desc->crd_len = auth_len;
-	auth_desc->crd_inject = auth_len + datalen;
-	auth_desc->crd_alg = xauth->type;
-#ifdef FCRYPTO_DEBUG
-	printf("%s: auth: skip = %u, len = %u, inject = %u\n",
-	    __FUNCTION__, auth_desc->crd_skip, auth_desc->crd_len,
-	    auth_desc->crd_inject);
-#endif
-
-	enc_desc->crd_skip = auth_len;
-	enc_desc->crd_len = datalen;
-	enc_desc->crd_inject = auth_len;
-	enc_desc->crd_alg = xform->type;
-	enc_desc->crd_flags = CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT;
-	memcpy(enc_desc->crd_iv, ivbuf, ZIO_DATA_IV_LEN);
-	enc_desc->crd_next = NULL;
-
-#ifdef FCRYPTO_DEBUG
-	printf("%s: enc: skip = %u, len = %u, inject = %u\n",
-	    __FUNCTION__, enc_desc->crd_skip, enc_desc->crd_len,
-	    enc_desc->crd_inject);
-#endif
-
-	if (encrypt)
-		enc_desc->crd_flags |= CRD_F_ENCRYPT;
-
-	error = zfs_crypto_dispatch(session, crp);
-	crypto_freereq(crp);
-out:
-	if (input_sessionp == NULL) {
-		freebsd_crypt_freesession(session);
-		kmem_free(session, sizeof (*session));
-	}
-bad:
-#ifdef FCRYPTO_DEBUG
-	if (error)
-		printf("%s: returning error %d\n", __FUNCTION__, error);
-#endif
-	return (error);
-}
-#endif