c/mirror_zfs
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_zfs.git synced 2026-05-24 03:08:51 +03:00
Code Issues Packages Projects Releases Wiki Activity

module: icp: remove unused kcf_op_{group,type}, req_params, ...

Browse Source 
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Closes #12901
This commit is contained in:
наб
2021-12-24 17:34:19 +01:00
committed by Brian Behlendorf
parent f3c3a6d47e
commit 3fd5ead75e
7 changed files with 0 additions and 897 deletions
Download Patch File Download Diff File Expand all files Collapse all files
module/icp/core/kcf_callprov.c
-219
View File
@@ -133,222 +133,3 @@ kcf_get_mech_provider(crypto_mech_type_t mech_type, kcf_mech_entry_t **mepp,
mutex_exit(&me->me_mutex);
return (pd);
}
/*
* Do the actual work of calling the provider routines.
*
* pd - Provider structure
* ctx - Context for this operation
* params - Parameters for this operation
* rhndl - Request handle to use for notification
*
* The return values are the same as that of the respective SPI.
*/
int
common_submit_request(kcf_provider_desc_t *pd, crypto_ctx_t *ctx,
kcf_req_params_t *params, crypto_req_handle_t rhndl)
{
int err = CRYPTO_ARGUMENTS_BAD;
kcf_op_type_t optype;
optype = params->rp_optype;
switch (params->rp_opgrp) {
case KCF_OG_DIGEST: {
kcf_digest_ops_params_t *dops = &params->rp_u.digest_params;
switch (optype) {
case KCF_OP_INIT:
/*
* We should do this only here and not in KCF_WRAP_*
* macros. This is because we may want to try other
* providers, in case we recover from a failure.
*/
KCF_SET_PROVIDER_MECHNUM(dops->do_framework_mechtype,
pd, &dops->do_mech);
err = KCF_PROV_DIGEST_INIT(pd, ctx, &dops->do_mech,
rhndl);
break;
case KCF_OP_SINGLE:
err = KCF_PROV_DIGEST(pd, ctx, dops->do_data,
dops->do_digest, rhndl);
break;
case KCF_OP_UPDATE:
err = KCF_PROV_DIGEST_UPDATE(pd, ctx,
dops->do_data, rhndl);
break;
case KCF_OP_FINAL:
err = KCF_PROV_DIGEST_FINAL(pd, ctx,
dops->do_digest, rhndl);
break;
case KCF_OP_ATOMIC:
ASSERT(ctx == NULL);
KCF_SET_PROVIDER_MECHNUM(dops->do_framework_mechtype,
pd, &dops->do_mech);
err = KCF_PROV_DIGEST_ATOMIC(pd, dops->do_sid,
&dops->do_mech, dops->do_data, dops->do_digest,
rhndl);
break;
case KCF_OP_DIGEST_KEY:
err = KCF_PROV_DIGEST_KEY(pd, ctx, dops->do_digest_key,
rhndl);
break;
default:
break;
}
break;
}
case KCF_OG_MAC: {
kcf_mac_ops_params_t *mops = &params->rp_u.mac_params;
switch (optype) {
case KCF_OP_INIT:
KCF_SET_PROVIDER_MECHNUM(mops->mo_framework_mechtype,
pd, &mops->mo_mech);
err = KCF_PROV_MAC_INIT(pd, ctx, &mops->mo_mech,
mops->mo_key, mops->mo_templ, rhndl);
break;
case KCF_OP_SINGLE:
err = KCF_PROV_MAC(pd, ctx, mops->mo_data,
mops->mo_mac, rhndl);
break;
case KCF_OP_UPDATE:
err = KCF_PROV_MAC_UPDATE(pd, ctx, mops->mo_data,
rhndl);
break;
case KCF_OP_FINAL:
err = KCF_PROV_MAC_FINAL(pd, ctx, mops->mo_mac, rhndl);
break;
case KCF_OP_ATOMIC:
ASSERT(ctx == NULL);
KCF_SET_PROVIDER_MECHNUM(mops->mo_framework_mechtype,
pd, &mops->mo_mech);
err = KCF_PROV_MAC_ATOMIC(pd, mops->mo_sid,
&mops->mo_mech, mops->mo_key, mops->mo_data,
mops->mo_mac, mops->mo_templ, rhndl);
break;
case KCF_OP_MAC_VERIFY_ATOMIC:
ASSERT(ctx == NULL);
KCF_SET_PROVIDER_MECHNUM(mops->mo_framework_mechtype,
pd, &mops->mo_mech);
err = KCF_PROV_MAC_VERIFY_ATOMIC(pd, mops->mo_sid,
&mops->mo_mech, mops->mo_key, mops->mo_data,
mops->mo_mac, mops->mo_templ, rhndl);
break;
default:
break;
}
break;
}
case KCF_OG_ENCRYPT: {
kcf_encrypt_ops_params_t *eops = &params->rp_u.encrypt_params;
switch (optype) {
case KCF_OP_INIT:
KCF_SET_PROVIDER_MECHNUM(eops->eo_framework_mechtype,
pd, &eops->eo_mech);
err = KCF_PROV_ENCRYPT_INIT(pd, ctx, &eops->eo_mech,
eops->eo_key, eops->eo_templ, rhndl);
break;
case KCF_OP_SINGLE:
err = KCF_PROV_ENCRYPT(pd, ctx, eops->eo_plaintext,
eops->eo_ciphertext, rhndl);
break;
case KCF_OP_UPDATE:
err = KCF_PROV_ENCRYPT_UPDATE(pd, ctx,
eops->eo_plaintext, eops->eo_ciphertext, rhndl);
break;
case KCF_OP_FINAL:
err = KCF_PROV_ENCRYPT_FINAL(pd, ctx,
eops->eo_ciphertext, rhndl);
break;
case KCF_OP_ATOMIC:
ASSERT(ctx == NULL);
KCF_SET_PROVIDER_MECHNUM(eops->eo_framework_mechtype,
pd, &eops->eo_mech);
err = KCF_PROV_ENCRYPT_ATOMIC(pd, eops->eo_sid,
&eops->eo_mech, eops->eo_key, eops->eo_plaintext,
eops->eo_ciphertext, eops->eo_templ, rhndl);
break;
default:
break;
}
break;
}
case KCF_OG_DECRYPT: {
kcf_decrypt_ops_params_t *dcrops = &params->rp_u.decrypt_params;
switch (optype) {
case KCF_OP_INIT:
KCF_SET_PROVIDER_MECHNUM(dcrops->dop_framework_mechtype,
pd, &dcrops->dop_mech);
err = KCF_PROV_DECRYPT_INIT(pd, ctx, &dcrops->dop_mech,
dcrops->dop_key, dcrops->dop_templ, rhndl);
break;
case KCF_OP_SINGLE:
err = KCF_PROV_DECRYPT(pd, ctx, dcrops->dop_ciphertext,
dcrops->dop_plaintext, rhndl);
break;
case KCF_OP_UPDATE:
err = KCF_PROV_DECRYPT_UPDATE(pd, ctx,
dcrops->dop_ciphertext, dcrops->dop_plaintext,
rhndl);
break;
case KCF_OP_FINAL:
err = KCF_PROV_DECRYPT_FINAL(pd, ctx,
dcrops->dop_plaintext, rhndl);
break;
case KCF_OP_ATOMIC:
ASSERT(ctx == NULL);
KCF_SET_PROVIDER_MECHNUM(dcrops->dop_framework_mechtype,
pd, &dcrops->dop_mech);
err = KCF_PROV_DECRYPT_ATOMIC(pd, dcrops->dop_sid,
&dcrops->dop_mech, dcrops->dop_key,
dcrops->dop_ciphertext, dcrops->dop_plaintext,
dcrops->dop_templ, rhndl);
break;
default:
break;
}
break;
}
default:
break;
} /* end of switch(params->rp_opgrp) */
KCF_PROV_INCRSTATS(pd, err);
return (err);
}
module/icp/core/kcf_sched.c
-369
View File
@@ -64,10 +64,7 @@ static kcf_stats_t kcf_ksdata = {
static kstat_t *kcf_misc_kstat = NULL;
ulong_t kcf_swprov_hndl = 0;
static int kcf_disp_sw_request(kcf_areq_node_t *);
static int kcf_enqueue(kcf_areq_node_t *);
static void kcfpool_alloc(void);
static void kcf_reqid_delete(kcf_areq_node_t *areq);
static int kcf_misc_kstat_update(kstat_t *ksp, int rw);
/*
@@ -106,201 +103,6 @@ kcf_new_ctx(crypto_call_req_t *crq, kcf_provider_desc_t *pd,
return (ctx);
}
/*
* Queue the request node and do one of the following:
* - If there is an idle thread signal it to run.
* - If there is no idle thread and max running threads is not
* reached, signal the creator thread for more threads.
*
* If the two conditions above are not met, we don't need to do
* anything. The request will be picked up by one of the
* worker threads when it becomes available.
*/
static int
kcf_disp_sw_request(kcf_areq_node_t *areq)
{
int err;
int cnt = 0;
if ((err = kcf_enqueue(areq)) != 0)
return (err);
if (kcfpool->kp_idlethreads > 0) {
/* Signal an idle thread to run */
mutex_enter(&gswq->gs_lock);
cv_signal(&gswq->gs_cv);
mutex_exit(&gswq->gs_lock);
return (CRYPTO_QUEUED);
}
/*
* We keep the number of running threads to be at
* kcf_minthreads to reduce gs_lock contention.
*/
cnt = kcf_minthreads -
(kcfpool->kp_threads - kcfpool->kp_blockedthreads);
if (cnt > 0) {
/*
* The following ensures the number of threads in pool
* does not exceed kcf_maxthreads.
*/
cnt = MIN(cnt, kcf_maxthreads - (int)kcfpool->kp_threads);
if (cnt > 0) {
/* Signal the creator thread for more threads */
mutex_enter(&kcfpool->kp_user_lock);
if (!kcfpool->kp_signal_create_thread) {
kcfpool->kp_signal_create_thread = B_TRUE;
kcfpool->kp_nthrs = cnt;
cv_signal(&kcfpool->kp_user_cv);
}
mutex_exit(&kcfpool->kp_user_lock);
}
}
return (CRYPTO_QUEUED);
}
/*
* This routine checks if a request can be retried on another
* provider. If true, mech1 is initialized to point to the mechanism
* structure. fg is initialized to the correct crypto_func_group_t bit flag.
* They are initialized by this routine, so that the caller can pass them to
* kcf_get_mech_provider() with no further change.
*
* We check that the request is for a init or atomic routine and that
* it is for one of the operation groups used from k-api .
*/
static boolean_t
can_resubmit(kcf_areq_node_t *areq, crypto_mechanism_t **mech1,
crypto_func_group_t *fg)
{
kcf_req_params_t *params;
kcf_op_type_t optype;
params = &areq->an_params;
optype = params->rp_optype;
if (!(IS_INIT_OP(optype) || IS_ATOMIC_OP(optype)))
return (B_FALSE);
switch (params->rp_opgrp) {
case KCF_OG_DIGEST: {
kcf_digest_ops_params_t *dops = &params->rp_u.digest_params;
dops->do_mech.cm_type = dops->do_framework_mechtype;
*mech1 = &dops->do_mech;
*fg = (optype == KCF_OP_INIT) ? CRYPTO_FG_DIGEST :
CRYPTO_FG_DIGEST_ATOMIC;
break;
}
case KCF_OG_MAC: {
kcf_mac_ops_params_t *mops = &params->rp_u.mac_params;
mops->mo_mech.cm_type = mops->mo_framework_mechtype;
*mech1 = &mops->mo_mech;
*fg = (optype == KCF_OP_INIT) ? CRYPTO_FG_MAC :
CRYPTO_FG_MAC_ATOMIC;
break;
}
case KCF_OG_ENCRYPT: {
kcf_encrypt_ops_params_t *eops = &params->rp_u.encrypt_params;
eops->eo_mech.cm_type = eops->eo_framework_mechtype;
*mech1 = &eops->eo_mech;
*fg = (optype == KCF_OP_INIT) ? CRYPTO_FG_ENCRYPT :
CRYPTO_FG_ENCRYPT_ATOMIC;
break;
}
case KCF_OG_DECRYPT: {
kcf_decrypt_ops_params_t *dcrops = &params->rp_u.decrypt_params;
dcrops->dop_mech.cm_type = dcrops->dop_framework_mechtype;
*mech1 = &dcrops->dop_mech;
*fg = (optype == KCF_OP_INIT) ? CRYPTO_FG_DECRYPT :
CRYPTO_FG_DECRYPT_ATOMIC;
break;
}
default:
return (B_FALSE);
}
return (B_TRUE);
}
/*
* This routine is called when a request to a provider has failed
* with a recoverable error. This routine tries to find another provider
* and dispatches the request to the new provider, if one is available.
* We reuse the request structure.
*
* A return value of NULL from kcf_get_mech_provider() indicates
* we have tried the last provider.
*/
static int
kcf_resubmit_request(kcf_areq_node_t *areq)
{
int error = CRYPTO_FAILED;
kcf_context_t *ictx;
kcf_provider_desc_t *old_pd;
kcf_provider_desc_t *new_pd;
crypto_mechanism_t *mech1 = NULL;
crypto_func_group_t fg = 0;
if (!can_resubmit(areq, &mech1, &fg))
return (error);
old_pd = areq->an_provider;
/*
* Add old_pd to the list of providers already tried. We release
* the hold on old_pd (from the earlier kcf_get_mech_provider()) in
* kcf_free_triedlist().
*/
if (kcf_insert_triedlist(&areq->an_tried_plist, old_pd,
KM_NOSLEEP) == NULL)
return (error);
new_pd = kcf_get_mech_provider(mech1->cm_type, NULL, &error,
areq->an_tried_plist, fg);
if (new_pd == NULL)
return (error);
/*
* We reuse the old context by resetting provider specific
* fields in it.
*/
if ((ictx = areq->an_context) != NULL) {
crypto_ctx_t *ctx;
ASSERT(old_pd == ictx->kc_prov_desc);
KCF_PROV_REFRELE(ictx->kc_prov_desc);
KCF_PROV_REFHOLD(new_pd);
ictx->kc_prov_desc = new_pd;
ctx = &ictx->kc_glbl_ctx;
ctx->cc_provider = new_pd->pd_prov_handle;
ctx->cc_session = new_pd->pd_sid;
ctx->cc_provider_private = NULL;
}
/* We reuse areq. by resetting the provider and context fields. */
KCF_PROV_REFRELE(old_pd);
KCF_PROV_REFHOLD(new_pd);
areq->an_provider = new_pd;
mutex_enter(&areq->an_lock);
areq->an_state = REQ_WAITING;
mutex_exit(&areq->an_lock);
error = kcf_disp_sw_request(areq);
return (error);
}
/*
* We're done with this framework context, so free it. Note that freeing
* framework context (kcf_context) frees the global context (crypto_ctx).
@@ -367,45 +169,6 @@ kcf_free_req(kcf_areq_node_t *areq)
kmem_cache_free(kcf_areq_cache, areq);
}
/*
* Add the request node to the end of the global queue.
*
* The caller should not hold the queue lock. Returns 0 if the
* request is successfully queued. Returns CRYPTO_BUSY if the limit
* on the number of jobs is exceeded.
*/
static int
kcf_enqueue(kcf_areq_node_t *node)
{
kcf_areq_node_t *tnode;
mutex_enter(&gswq->gs_lock);
if (gswq->gs_njobs >= gswq->gs_maxjobs) {
mutex_exit(&gswq->gs_lock);
return (CRYPTO_BUSY);
}
if (gswq->gs_last == NULL) {
gswq->gs_first = gswq->gs_last = node;
} else {
ASSERT(gswq->gs_last->an_next == NULL);
tnode = gswq->gs_last;
tnode->an_next = node;
gswq->gs_last = node;
node->an_prev = tnode;
}
gswq->gs_njobs++;
/* an_lock not needed here as we hold gs_lock */
node->an_state = REQ_WAITING;
mutex_exit(&gswq->gs_lock);
return (0);
}
/*
* kmem_cache_alloc constructor for sync request structure.
*/
@@ -592,107 +355,6 @@ kcf_sched_init(void)
}
}
/*
* Signal the waiting sync client.
*/
void
kcf_sop_done(kcf_sreq_node_t *sreq, int error)
{
mutex_enter(&sreq->sn_lock);
sreq->sn_state = REQ_DONE;
sreq->sn_rv = error;
cv_signal(&sreq->sn_cv);
mutex_exit(&sreq->sn_lock);
}
/*
* Callback the async client with the operation status.
* We free the async request node and possibly the context.
* We also handle any chain of requests hanging off of
* the context.
*/
void
kcf_aop_done(kcf_areq_node_t *areq, int error)
{
kcf_op_type_t optype;
boolean_t skip_notify = B_FALSE;
kcf_context_t *ictx;
kcf_areq_node_t *nextreq;
/*
* Handle recoverable errors. This has to be done first
* before doing anything else in this routine so that
* we do not change the state of the request.
*/
if (error != CRYPTO_SUCCESS && IS_RECOVERABLE(error)) {
/*
* We try another provider, if one is available. Else
* we continue with the failure notification to the
* client.
*/
if (kcf_resubmit_request(areq) == CRYPTO_QUEUED)
return;
}
mutex_enter(&areq->an_lock);
areq->an_state = REQ_DONE;
mutex_exit(&areq->an_lock);
optype = (&areq->an_params)->rp_optype;
if ((ictx = areq->an_context) != NULL) {
/*
* A request after it is removed from the request
* queue, still stays on a chain of requests hanging
* of its context structure. It needs to be removed
* from this chain at this point.
*/
mutex_enter(&ictx->kc_in_use_lock);
nextreq = areq->an_ctxchain_next;
if (nextreq != NULL) {
mutex_enter(&nextreq->an_lock);
nextreq->an_is_my_turn = B_TRUE;
cv_signal(&nextreq->an_turn_cv);
mutex_exit(&nextreq->an_lock);
}
ictx->kc_req_chain_first = nextreq;
if (nextreq == NULL)
ictx->kc_req_chain_last = NULL;
mutex_exit(&ictx->kc_in_use_lock);
if (IS_SINGLE_OP(optype) || IS_FINAL_OP(optype)) {
ASSERT(nextreq == NULL);
KCF_CONTEXT_REFRELE(ictx);
} else if (error != CRYPTO_SUCCESS && IS_INIT_OP(optype)) {
/*
* NOTE - We do not release the context in case of update
* operations. We require the consumer to free it explicitly,
* in case it wants to abandon an update operation. This is done
* as there may be mechanisms in ECB mode that can continue
* even if an operation on a block fails.
*/
KCF_CONTEXT_REFRELE(ictx);
}
}
/*
* If CRYPTO_NOTIFY_OPDONE flag is set, we should notify
* always. If this flag is clear, we skip the notification
* provided there are no errors. We check this flag for only
* init or update operations. It is ignored for single, final or
* atomic operations.
*/
skip_notify = (IS_UPDATE_OP(optype) || IS_INIT_OP(optype)) &&
(error == CRYPTO_SUCCESS);
if (!skip_notify) {
NOTIFY_CLIENT(areq, error);
}
kcf_reqid_delete(areq);
KCF_AREQ_REFRELE(areq);
}
/*
* Allocate the thread pool and initialize all the fields.
*/
@@ -714,37 +376,6 @@ kcfpool_alloc()
cv_init(&kcfpool->kp_user_cv, NULL, CV_DEFAULT, NULL);
}
/*
* Delete the async request from the hash table.
*/
static void
kcf_reqid_delete(kcf_areq_node_t *areq)
{
int indx;
kcf_areq_node_t *nextp, *prevp;
crypto_req_id_t id = GET_REQID(areq);
kcf_reqid_table_t *rt;
rt = kcf_reqid_table[id & REQID_TABLE_MASK];
indx = REQID_HASH(id);
mutex_enter(&rt->rt_lock);
nextp = areq->an_idnext;
prevp = areq->an_idprev;
if (nextp != NULL)
nextp->an_idprev = prevp;
if (prevp != NULL)
prevp->an_idnext = nextp;
else
rt->rt_idhash[indx] = nextp;
SET_REQID(areq, 0);
cv_broadcast(&areq->an_done);
mutex_exit(&rt->rt_lock);
}
/*
* Update kstats.
*/