module: icp: remove other provider types

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Closes #12901

module/icp/include/sys/crypto/impl.h

@@ -62,9 +62,7 @@ typedef	struct kcf_stats {
 	kstat_named_t	ks_maxthrs;
 	kstat_named_t	ks_swq_njobs;
 	kstat_named_t	ks_swq_maxjobs;
-	kstat_named_t	ks_taskq_threads;
-	kstat_named_t	ks_taskq_minalloc;
-	kstat_named_t	ks_taskq_maxalloc;
+	kstat_named_t	ks_swq_maxalloc;
 } kcf_stats_t;
 
 /*
@@ -80,9 +78,6 @@ typedef struct kcf_sched_info {
 
 	/* The number of operations that returned CRYPTO_BUSY. */
 	uint64_t	ks_nbusy_rval;
-
-	/* taskq used to dispatch crypto requests */
-	taskq_t	*ks_taskq;
 } kcf_sched_info_t;
 
 /*
@@ -96,8 +91,7 @@ typedef struct kcf_sched_info {
  * acquire any locks here as it is not critical to get the exact number
  * and the lock contention may be too costly for this code path.
  */
-#define	KCF_PROV_LOAD(pd)	((pd)->pd_state != KCF_PROV_BUSY ?	\
-	(pd)->pd_irefcnt : (pd)->pd_sched_info.ks_taskq->tq_nalloc)
+#define	KCF_PROV_LOAD(pd)	((pd)->pd_irefcnt)
 
 #define	KCF_PROV_INCRSTATS(pd, error)	{				\
 	(pd)->pd_sched_info.ks_ndispatches++;				\
@@ -125,21 +119,17 @@ typedef struct kcf_sched_info {
  * the elements is important.
  *
  * Routines which get a provider or the list of providers
- * should pick only those that are either in KCF_PROV_READY state
- * or in KCF_PROV_BUSY state.
+ * should pick only those that are in KCF_PROV_READY state.
  */
 typedef enum {
 	KCF_PROV_ALLOCATED = 1,
-	KCF_PROV_UNVERIFIED,
-	KCF_PROV_VERIFICATION_FAILED,
 	/*
 	 * state < KCF_PROV_READY means the provider can not
 	 * be used at all.
 	 */
 	KCF_PROV_READY,
-	KCF_PROV_BUSY,
 	/*
-	 * state > KCF_PROV_BUSY means the provider can not
+	 * state > KCF_PROV_READY means the provider can not
 	 * be used for new requests.
 	 */
 	KCF_PROV_FAILED,
@@ -152,30 +142,23 @@ typedef enum {
 	KCF_PROV_FREED
 } kcf_prov_state_t;
 
-#define	KCF_IS_PROV_UNVERIFIED(pd) ((pd)->pd_state == KCF_PROV_UNVERIFIED)
-#define	KCF_IS_PROV_USABLE(pd) ((pd)->pd_state == KCF_PROV_READY || \
-	(pd)->pd_state == KCF_PROV_BUSY)
+#define	KCF_IS_PROV_USABLE(pd) ((pd)->pd_state == KCF_PROV_READY)
 #define	KCF_IS_PROV_REMOVED(pd)	((pd)->pd_state >= KCF_PROV_REMOVED)
 
 /* Internal flags valid for pd_flags field */
 #define	KCF_PROV_RESTRICTED	0x40000000
-#define	KCF_LPROV_MEMBER	0x80000000 /* is member of a logical provider */
 
 /*
  * A provider descriptor structure. There is one such structure per
  * provider. It is allocated and initialized at registration time and
  * freed when the provider unregisters.
  *
- * pd_prov_type:	Provider type, hardware or software
  * pd_sid:		Session ID of the provider used by kernel clients.
  *			This is valid only for session-oriented providers.
  * pd_refcnt:		Reference counter to this provider descriptor
  * pd_irefcnt:		References held by the framework internal structs
- * pd_lock:		lock protects pd_state and pd_provider_list
+ * pd_lock:		lock protects pd_state
  * pd_state:		State value of the provider
- * pd_provider_list:	Used to cross-reference logical providers and their
- *			members. Not used for software providers.
- * pd_resume_cv:	cv to wait for state to change from KCF_PROV_BUSY
  * pd_prov_handle:	Provider handle specified by provider
  * pd_ops_vector:	The ops vector specified by Provider
  * pd_mech_indx:	Lookup table which maps a core framework mechanism
@@ -185,10 +168,6 @@ typedef enum {
  * pd_sched_info:	Scheduling information associated with the provider
  * pd_mech_list_count:	The number of entries in pi_mechanisms, specified
  *			by the provider during registration
- * pd_name:		Device name or module name
- * pd_instance:		Device instance
- * pd_module_id:	Module ID returned by modload
- * pd_mctlp:		Pointer to modctl structure for this provider
  * pd_remove_cv:	cv to wait on while the provider queue drains
  * pd_description:	Provider description string
  * pd_flags		bitwise OR of pi_flags from crypto_provider_info_t
@@ -201,13 +180,11 @@ typedef enum {
  * pd_ks_data:		kstat data
  */
 typedef struct kcf_provider_desc {
-	crypto_provider_type_t		pd_prov_type;
 	crypto_session_id_t		pd_sid;
 	uint_t				pd_refcnt;
 	uint_t				pd_irefcnt;
 	kmutex_t			pd_lock;
 	kcf_prov_state_t		pd_state;
-	struct kcf_provider_list	*pd_provider_list;
 	kcondvar_t			pd_resume_cv;
 	crypto_provider_handle_t	pd_prov_handle;
 	const crypto_ops_t			*pd_ops_vector;
@@ -216,10 +193,6 @@ typedef struct kcf_provider_desc {
 	const crypto_mech_info_t		*pd_mechanisms;
 	kcf_sched_info_t		pd_sched_info;
 	uint_t				pd_mech_list_count;
-	// char				*pd_name;
-	// uint_t				pd_instance;
-	// int				pd_module_id;
-	// struct modctl			*pd_mctlp;
 	kcondvar_t			pd_remove_cv;
 	const char				*pd_description;
 	uint_t				pd_flags;
@@ -230,12 +203,6 @@ typedef struct kcf_provider_desc {
 	kcf_prov_stats_t		pd_ks_data;
 } kcf_provider_desc_t;
 
-/* useful for making a list of providers */
-typedef struct kcf_provider_list {
-	struct kcf_provider_list *pl_next;
-	struct kcf_provider_desc *pl_provider;
-} kcf_provider_list_t;
-
 /* atomic operations in linux implicitly form a memory barrier */
 #define	membar_exit()
 
@@ -273,14 +240,6 @@ typedef struct kcf_provider_list {
 }
 
 
-/* list of crypto_mech_info_t valid as the second mech in a dual operation */
-
-typedef	struct crypto_mech_info_list {
-	struct crypto_mech_info_list	*ml_next;
-	crypto_mech_type_t		ml_kcf_mechid;	/* KCF's id */
-	crypto_mech_info_t		ml_mech_info;
-} crypto_mech_info_list_t;
-
 /*
  * An element in a mechanism provider descriptors chain.
  * The kcf_prov_mech_desc_t is duplicated in every chain the provider belongs
@@ -292,15 +251,9 @@ typedef struct kcf_prov_mech_desc {
 	struct kcf_mech_entry		*pm_me;		/* Back to the head */
 	struct kcf_prov_mech_desc	*pm_next;	/* Next in the chain */
 	crypto_mech_info_t		pm_mech_info;	/* Provider mech info */
-	crypto_mech_info_list_t		*pm_mi_list;	/* list for duals */
 	kcf_provider_desc_t		*pm_prov_desc;	/* Common desc. */
 } kcf_prov_mech_desc_t;
 
-/* and the notation shortcuts ... */
-#define	pm_provider_type	pm_prov_desc.pd_provider_type
-#define	pm_provider_handle	pm_prov_desc.pd_provider_handle
-#define	pm_ops_vector		pm_prov_desc.pd_ops_vector
-
 /*
  * A mechanism entry in an xxx_mech_tab[]. me_pad was deemed
  * to be unnecessary and removed.
@@ -309,16 +262,10 @@ typedef	struct kcf_mech_entry {
 	crypto_mech_name_t	me_name;	/* mechanism name */
 	crypto_mech_type_t	me_mechid;	/* Internal id for mechanism */
 	kmutex_t		me_mutex;	/* access protection	*/
-	kcf_prov_mech_desc_t	*me_hw_prov_chain;  /* list of HW providers */
-	kcf_prov_mech_desc_t	*me_sw_prov;    /* SW provider */
+	kcf_prov_mech_desc_t	*me_sw_prov;    /* provider */
 	/*
-	 * Number of HW providers in the chain. There is only one
-	 * SW provider. So, we need only a count of HW providers.
-	 */
-	int			me_num_hwprov;
-	/*
-	 * When a SW provider is present, this is the generation number that
-	 * ensures no objects from old SW providers are used in the new one
+	 * When a provider is present, this is the generation number that
+	 * ensures no objects from old providers are used in the new one
 	 */
 	uint32_t		me_gen_swprov;
 	/*
@@ -327,28 +274,6 @@ typedef	struct kcf_mech_entry {
 	size_t			me_threshold;
 } kcf_mech_entry_t;
 
-/*
- * A policy descriptor structure. It is allocated and initialized
- * when administrative ioctls load disabled mechanisms.
- *
- * pd_prov_type:	Provider type, hardware or software
- * pd_name:		Device name or module name.
- * pd_instance:		Device instance.
- * pd_refcnt:		Reference counter for this policy descriptor
- * pd_mutex:		Protects array and count of disabled mechanisms.
- * pd_disabled_count:	Count of disabled mechanisms.
- * pd_disabled_mechs:	Array of disabled mechanisms.
- */
-typedef struct kcf_policy_desc {
-	crypto_provider_type_t	pd_prov_type;
-	char			*pd_name;
-	uint_t			pd_instance;
-	uint_t			pd_refcnt;
-	kmutex_t		pd_mutex;
-	uint_t			pd_disabled_count;
-	crypto_mech_name_t	*pd_disabled_mechs;
-} kcf_policy_desc_t;
-
 /*
  * If a component has a reference to a kcf_policy_desc_t,
  * it REFHOLD()s. A new policy descriptor which is referenced only
@@ -370,21 +295,6 @@ typedef struct kcf_policy_desc {
 		kcf_policy_free_desc(desc);			\
 }
 
-/*
- * This entry stores the name of a software module and its
- * mechanisms.  The mechanisms are 'hints' that are used to
- * trigger loading of the module.
- */
-typedef struct kcf_soft_conf_entry {
-	struct kcf_soft_conf_entry	*ce_next;
-	char				*ce_name;
-	crypto_mech_name_t		*ce_mechs;
-	uint_t				ce_count;
-} kcf_soft_conf_entry_t;
-
-extern kmutex_t soft_config_mutex;
-extern kcf_soft_conf_entry_t *soft_config_list;
-
 /*
  * Global tables. The sizes are from the predefined PKCS#11 v2.20 mechanisms,
  * with a margin of few extra empty entry points
@@ -671,8 +581,7 @@ extern int kcf_add_mech_provider(short, kcf_provider_desc_t *,
     kcf_prov_mech_desc_t **);
 extern void kcf_remove_mech_provider(const char *, kcf_provider_desc_t *);
 extern int kcf_get_mech_entry(crypto_mech_type_t, kcf_mech_entry_t **);
-extern kcf_provider_desc_t *kcf_alloc_provider_desc(
-    const crypto_provider_info_t *);
+extern kcf_provider_desc_t *kcf_alloc_provider_desc(void);
 extern void kcf_provider_zero_refcnt(kcf_provider_desc_t *);
 extern void kcf_free_provider_desc(kcf_provider_desc_t *);
 extern crypto_mech_type_t crypto_mech2id_common(const char *, boolean_t);

module/icp/include/sys/crypto/sched_impl.h

@@ -59,23 +59,20 @@ typedef enum kcf_call_type {
 #define	CHECK_RESTRICT(crq) (crq != NULL &&	\
 	((crq)->cr_flag & CRYPTO_RESTRICTED))
 
-#define	CHECK_RESTRICT_FALSE	B_FALSE
-
 #define	CHECK_FASTPATH(crq, pd) ((crq) == NULL ||	\
-	!((crq)->cr_flag & CRYPTO_ALWAYS_QUEUE)) &&	\
-	(pd)->pd_prov_type == CRYPTO_SW_PROVIDER
+	!((crq)->cr_flag & CRYPTO_ALWAYS_QUEUE))
 
 #define	KCF_KMFLAG(crq)	(((crq) == NULL) ? KM_SLEEP : KM_NOSLEEP)
 
 /*
  * The framework keeps an internal handle to use in the adaptive
  * asynchronous case. This is the case when a client has the
- * CRYPTO_ALWAYS_QUEUE bit clear and a software provider is used for
+ * CRYPTO_ALWAYS_QUEUE bit clear and a provider is used for
  * the request. The request is completed in the context of the calling
  * thread and kernel memory must be allocated with KM_NOSLEEP.
  *
  * The framework passes a pointer to the handle in crypto_req_handle_t
- * argument when it calls the SPI of the software provider. The macros
+ * argument when it calls the SPI of the provider. The macros
  * KCF_RHNDL() and KCF_SWFP_RHNDL() are used to do this.
  *
  * When a provider asks the framework for kmflag value via
@@ -146,7 +143,7 @@ typedef struct kcf_sreq_node {
 /*
  * Node structure for asynchronous requests. A node can be on
  * on a chain of requests hanging of the internal context
- * structure and can be in the global software provider queue.
+ * structure and can be in the global provider queue.
  */
 typedef struct kcf_areq_node {
 	/* Should always be the first field in this structure */
@@ -176,11 +173,7 @@ typedef struct kcf_areq_node {
 	kcondvar_t		an_turn_cv;
 	boolean_t		an_is_my_turn;
 
-	/*
-	 * Next and previous nodes in the global software
-	 * queue. These fields are NULL for a hardware
-	 * provider since we use a taskq there.
-	 */
+	/* Next and previous nodes in the global queue. */
 	struct kcf_areq_node	*an_next;
 	struct kcf_areq_node	*an_prev;
 
@@ -244,8 +237,8 @@ typedef struct kcf_reqid_table {
 } kcf_reqid_table_t;
 
 /*
- * Global software provider queue structure. Requests to be
- * handled by a SW provider and have the ALWAYS_QUEUE flag set
+ * Global provider queue structure. Requests to be
+ * handled by a provider and have the ALWAYS_QUEUE flag set
  * get queued here.
  */
 typedef struct kcf_global_swq {
@@ -339,11 +332,11 @@ typedef	struct kcf_ctx_template {
 	uint_t				ct_generation;	/* generation # */
 	size_t				ct_size;	/* for freeing */
 	crypto_spi_ctx_template_t	ct_prov_tmpl;	/* context template */
-							/* from the SW prov */
+							/* from the provider */
 } kcf_ctx_template_t;
 
 /*
- * Structure for pool of threads working on global software queue.
+ * Structure for pool of threads working on the global queue.
  */
 typedef struct kcf_pool {
 	uint32_t	kp_threads;		/* Number of threads in pool */
@@ -431,19 +424,12 @@ typedef struct kcf_ntfy_elem {
  * The following values are based on the assumption that it would
  * take around eight cpus to load a hardware provider (This is true for
  * at least one product) and a kernel client may come from different
- * low-priority interrupt levels. We will have CRYPTO_TASKQ_MIN number
- * of cached taskq entries. The CRYPTO_TASKQ_MAX number is based on
+ * low-priority interrupt levels. The CRYPTO_TASKQ_MAX number is based on
  * a throughput of 1GB/s using 512-byte buffers. These are just
  * reasonable estimates and might need to change in future.
  */
-#define	CRYPTO_TASKQ_THREADS	8
-#define	CRYPTO_TASKQ_MIN	64
 #define	CRYPTO_TASKQ_MAX	2 * 1024 * 1024
 
-extern const int crypto_taskq_threads;
-extern const int crypto_taskq_minalloc;
-extern const int crypto_taskq_maxalloc;
-
 /*
  * All pending crypto bufcalls are put on a list. cbuf_list_lock
  * protects changes to this list.
@@ -458,19 +444,12 @@ extern kcondvar_t cbuf_list_cv;
 extern kmutex_t ntfy_list_lock;
 extern kcondvar_t ntfy_list_cv;
 
-boolean_t kcf_get_next_logical_provider_member(kcf_provider_desc_t *,
-    kcf_provider_desc_t *, kcf_provider_desc_t **);
-extern int kcf_get_hardware_provider(crypto_mech_type_t, crypto_mech_type_t,
-    boolean_t, kcf_provider_desc_t *, kcf_provider_desc_t **,
-    crypto_func_group_t);
-extern int kcf_get_hardware_provider_nomech(offset_t, offset_t,
-    boolean_t, kcf_provider_desc_t *, kcf_provider_desc_t **);
 extern void kcf_free_triedlist(kcf_prov_tried_t *);
 extern kcf_prov_tried_t *kcf_insert_triedlist(kcf_prov_tried_t **,
     kcf_provider_desc_t *, int);
 extern kcf_provider_desc_t *kcf_get_mech_provider(crypto_mech_type_t,
     kcf_mech_entry_t **, int *, kcf_prov_tried_t *, crypto_func_group_t,
-    boolean_t, size_t);
+    boolean_t);
 extern crypto_ctx_t *kcf_new_ctx(crypto_call_req_t  *, kcf_provider_desc_t *,
     crypto_session_id_t);
 extern int kcf_submit_request(kcf_provider_desc_t *, crypto_ctx_t *,

module/icp/include/sys/crypto/spi.h

@@ -43,10 +43,6 @@ extern "C" {
 #define	__no_const
 #endif /* CONSTIFY_PLUGIN */
 
-#define	CRYPTO_SPI_VERSION_1	1
-#define	CRYPTO_SPI_VERSION_2	2
-#define	CRYPTO_SPI_VERSION_3	3
-
 /*
  * Provider-private handle. This handle is specified by a provider
  * when it registers by means of the pi_provider_handle field of
@@ -56,18 +52,16 @@ extern "C" {
 typedef void *crypto_provider_handle_t;
 
 /*
- * Context templates can be used to by software providers to pre-process
+ * Context templates can be used to by providers to pre-process
  * keying material, such as key schedules. They are allocated by
- * a software provider create_ctx_template(9E) entry point, and passed
+ * a provider create_ctx_template(9E) entry point, and passed
  * as argument to initialization and atomic provider entry points.
  */
 typedef void *crypto_spi_ctx_template_t;
 
 /*
  * Request handles are used by the kernel to identify an asynchronous
- * request being processed by a provider. It is passed by the kernel
- * to a hardware provider when submitting a request, and must be
- * specified by a provider when calling crypto_op_notification(9F)
+ * request being processed by a provider.
  */
 typedef void *crypto_req_handle_t;
 
@@ -268,18 +262,13 @@ typedef uint_t crypto_kcf_provider_handle_t;
  */
 typedef struct crypto_provider_info {
 	const char				*pi_provider_description;
-	crypto_provider_type_t		pi_provider_type;
 	crypto_provider_handle_t	pi_provider_handle;
 	const crypto_ops_t			*pi_ops_vector;
 	uint_t				pi_mech_list_count;
 	const crypto_mech_info_t		*pi_mechanisms;
-	uint_t				pi_logical_provider_count;
-	crypto_kcf_provider_handle_t	*pi_logical_providers;
 	uint_t				pi_flags;
 } crypto_provider_info_t;
 
-/* hidden providers can only be accessed via a logical provider */
-#define	CRYPTO_HIDE_PROVIDER		0x00000001
 /*
  * provider can not do multi-part digest (updates) and has a limit
  * on maximum input data that it can digest.