module: icp: rip out insane crypto_req_handle_t mechanism, inline KM_SLEEP

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz> Closes #12901
2026-05-22 02:27:36 +03:00 · 2021-12-25 04:34:29 +01:00
parent 15ec086396
commit df7b54f1d9
16 changed files with 187 additions and 339 deletions
@@ -207,10 +207,6 @@ typedef struct ccm_ctx {
 *
 * gcm_len_a_len_c:	64-bit representations of the bit lengths of
 *			AAD and ciphertext.
- *
- * gcm_kmflag:		Current value of kmflag. Used for allocating
- *			the plaintext buffer during decryption and a
- *			gcm_avx_chunk_size'd buffer for avx enabled encryption.
 */
 typedef struct gcm_ctx {
 	struct common_ctx gcm_common;
@@ -231,7 +227,6 @@ typedef struct gcm_ctx {
 	uint64_t gcm_J0[2];
 	uint64_t gcm_len_a_len_c[2];
 	uint8_t *gcm_pt_buf;
-	int gcm_kmflag;
 #ifdef CAN_USE_GCM_ASM
 	boolean_t gcm_use_avx;
 #endif
@@ -402,7 +397,6 @@ extern void *ccm_alloc_ctx(int);
 extern void *gcm_alloc_ctx(int);
 extern void *gmac_alloc_ctx(int);
 extern void crypto_free_mode_ctx(void *);
-extern void gcm_set_kmflag(gcm_ctx_t *, int);

 #ifdef	__cplusplus
 }
@@ -76,7 +76,7 @@ typedef struct kcf_sched_info {
 * other purposes, that base value is mostly same across all providers.
 * So, it is a good measure of the load on a provider when it is not
 * in a busy state. Once a provider notifies it is busy, requests
- * backup in the taskq. So, we use tq_nalloc in that case which gives
+ * back up in the taskq. So, we use tq_nalloc in that case which gives
 * the number of task entries in the task queue. Note that we do not
 * acquire any locks here as it is not critical to get the exact number
 * and the lock contention may be too costly for this code path.
@@ -387,76 +387,73 @@ typedef struct crypto_minor {
 * Wrappers for crypto_digest_ops(9S) entry points.
 */

-#define	KCF_PROV_DIGEST_INIT(pd, ctx, mech, req) ( \
+#define	KCF_PROV_DIGEST_INIT(pd, ctx, mech) ( \
 	(KCF_PROV_DIGEST_OPS(pd) && KCF_PROV_DIGEST_OPS(pd)->digest_init) ? \
-	KCF_PROV_DIGEST_OPS(pd)->digest_init(ctx, mech, req) : \
+	KCF_PROV_DIGEST_OPS(pd)->digest_init(ctx, mech) : \
 	CRYPTO_NOT_SUPPORTED)

 /*
 * Wrappers for crypto_cipher_ops(9S) entry points.
 */

-#define	KCF_PROV_ENCRYPT_INIT(pd, ctx, mech, key, template, req) ( \
+#define	KCF_PROV_ENCRYPT_INIT(pd, ctx, mech, key, template) ( \
 	(KCF_PROV_CIPHER_OPS(pd) && KCF_PROV_CIPHER_OPS(pd)->encrypt_init) ? \
-	KCF_PROV_CIPHER_OPS(pd)->encrypt_init(ctx, mech, key, template, \
-	    req) : \
+	KCF_PROV_CIPHER_OPS(pd)->encrypt_init(ctx, mech, key, template) : \
 	CRYPTO_NOT_SUPPORTED)

 #define	KCF_PROV_ENCRYPT_ATOMIC(pd, session, mech, key, plaintext, ciphertext, \
-	    template, req) ( \
+	    template) ( \
 	(KCF_PROV_CIPHER_OPS(pd) && KCF_PROV_CIPHER_OPS(pd)->encrypt_atomic) ? \
 	KCF_PROV_CIPHER_OPS(pd)->encrypt_atomic( \
 	    (pd)->pd_prov_handle, session, mech, key, plaintext, ciphertext, \
-	    template, req) : \
+	    template) : \
 	CRYPTO_NOT_SUPPORTED)

 #define	KCF_PROV_DECRYPT_ATOMIC(pd, session, mech, key, ciphertext, plaintext, \
-	    template, req) ( \
+	    template) ( \
 	(KCF_PROV_CIPHER_OPS(pd) && KCF_PROV_CIPHER_OPS(pd)->decrypt_atomic) ? \
 	KCF_PROV_CIPHER_OPS(pd)->decrypt_atomic( \
 	    (pd)->pd_prov_handle, session, mech, key, ciphertext, plaintext, \
-	    template, req) : \
+	    template) : \
 	CRYPTO_NOT_SUPPORTED)

 /*
 * Wrappers for crypto_mac_ops(9S) entry points.
 */

-#define	KCF_PROV_MAC_INIT(pd, ctx, mech, key, template, req) ( \
+#define	KCF_PROV_MAC_INIT(pd, ctx, mech, key, template) ( \
 	(KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_init) ? \
-	KCF_PROV_MAC_OPS(pd)->mac_init(ctx, mech, key, template, req) \
+	KCF_PROV_MAC_OPS(pd)->mac_init(ctx, mech, key, template) \
 	: CRYPTO_NOT_SUPPORTED)

 /*
 * The _ (underscore) in _mac is needed to avoid replacing the
 * function mac().
 */
-#define	KCF_PROV_MAC_UPDATE(pd, ctx, data, req) ( \
+#define	KCF_PROV_MAC_UPDATE(pd, ctx, data) ( \
 	(KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_update) ? \
-	KCF_PROV_MAC_OPS(pd)->mac_update(ctx, data, req) : \
+	KCF_PROV_MAC_OPS(pd)->mac_update(ctx, data) : \
 	CRYPTO_NOT_SUPPORTED)

-#define	KCF_PROV_MAC_FINAL(pd, ctx, mac, req) ( \
+#define	KCF_PROV_MAC_FINAL(pd, ctx, mac) ( \
 	(KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_final) ? \
-	KCF_PROV_MAC_OPS(pd)->mac_final(ctx, mac, req) : \
+	KCF_PROV_MAC_OPS(pd)->mac_final(ctx, mac) : \
 	CRYPTO_NOT_SUPPORTED)

-#define	KCF_PROV_MAC_ATOMIC(pd, session, mech, key, data, mac, template, \
-	    req) ( \
+#define	KCF_PROV_MAC_ATOMIC(pd, session, mech, key, data, mac, template) ( \
 	(KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_atomic) ? \
 	KCF_PROV_MAC_OPS(pd)->mac_atomic( \
-	    (pd)->pd_prov_handle, session, mech, key, data, mac, template, \
-	    req) : \
+	    (pd)->pd_prov_handle, session, mech, key, data, mac, template) : \
 	CRYPTO_NOT_SUPPORTED)

 /*
 * Wrappers for crypto_ctx_ops(9S) entry points.
 */

-#define	KCF_PROV_CREATE_CTX_TEMPLATE(pd, mech, key, template, size, req) ( \
+#define	KCF_PROV_CREATE_CTX_TEMPLATE(pd, mech, key, template, size) ( \
 	(KCF_PROV_CTX_OPS(pd) && KCF_PROV_CTX_OPS(pd)->create_ctx_template) ? \
 	KCF_PROV_CTX_OPS(pd)->create_ctx_template( \
-	    (pd)->pd_prov_handle, mech, key, template, size, req) : \
+	    (pd)->pd_prov_handle, mech, key, template, size) : \
 	CRYPTO_NOT_SUPPORTED)

 #define	KCF_PROV_FREE_CONTEXT(pd, ctx) ( \
@@ -40,28 +40,6 @@ extern "C" {
 #include <sys/crypto/impl.h>
 #include <sys/crypto/common.h>

-#define	KCF_KMFLAG(crq)	(((crq) == NULL) ? KM_SLEEP : KM_NOSLEEP)
-
-/*
- * The framework keeps an internal handle to use in the adaptive
- * asynchronous case. This is the case when a client has the
- * CRYPTO_ALWAYS_QUEUE bit clear and a provider is used for
- * the request. The request is completed in the context of the calling
- * thread and kernel memory must be allocated with KM_NOSLEEP.
- *
- * The framework passes a pointer to the handle in crypto_req_handle_t
- * argument when it calls the SPI of the provider. The macros
- * KCF_RHNDL() and KCF_SWFP_RHNDL() are used to do this.
- *
- * When a provider asks the framework for kmflag value via
- * crypto_kmflag(9S) we use REQHNDL2_KMFLAG() macro.
- */
-extern ulong_t kcf_swprov_hndl;
-#define	KCF_RHNDL(kmflag) (((kmflag) == KM_SLEEP) ? NULL : &kcf_swprov_hndl)
-#define	KCF_SWFP_RHNDL(crq) (((crq) == NULL) ? NULL : &kcf_swprov_hndl)
-#define	REQHNDL2_KMFLAG(rhndl) \
-	((rhndl == &kcf_swprov_hndl) ? KM_NOSLEEP : KM_SLEEP)
-
 typedef struct kcf_prov_tried {
 	kcf_provider_desc_t	*pt_pd;
 	struct kcf_prov_tried	*pt_next;
@@ -144,7 +122,7 @@ extern kcf_prov_tried_t *kcf_insert_triedlist(kcf_prov_tried_t **,
    kcf_provider_desc_t *, int);
 extern kcf_provider_desc_t *kcf_get_mech_provider(crypto_mech_type_t,
    kcf_mech_entry_t **, int *, kcf_prov_tried_t *, crypto_func_group_t);
-extern crypto_ctx_t *kcf_new_ctx(crypto_call_req_t  *, kcf_provider_desc_t *);
+extern crypto_ctx_t *kcf_new_ctx(kcf_provider_desc_t *);
 extern void kcf_sched_destroy(void);
 extern void kcf_sched_init(void);
 extern void kcf_free_context(kcf_context_t *);
@@ -59,12 +59,6 @@ typedef void *crypto_provider_handle_t;
 */
 typedef void *crypto_spi_ctx_template_t;

-/*
- * Request handles are used by the kernel to identify an asynchronous
- * request being processed by a provider.
- */
-typedef void *crypto_req_handle_t;
-
 /*
 * The context structure is passed from the kernel to a provider.
 * It contains the information needed to process a multi-part or
@@ -88,18 +82,14 @@ typedef struct crypto_ctx {
 * kernel using crypto_register_provider(9F).
 */
 typedef struct crypto_digest_ops {
-	int (*digest_init)(crypto_ctx_t *, crypto_mechanism_t *,
-	    crypto_req_handle_t);
-	int (*digest)(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
-	    crypto_req_handle_t);
-	int (*digest_update)(crypto_ctx_t *, crypto_data_t *,
-	    crypto_req_handle_t);
-	int (*digest_key)(crypto_ctx_t *, crypto_key_t *, crypto_req_handle_t);
-	int (*digest_final)(crypto_ctx_t *, crypto_data_t *,
-	    crypto_req_handle_t);
+	int (*digest_init)(crypto_ctx_t *, crypto_mechanism_t *);
+	int (*digest)(crypto_ctx_t *, crypto_data_t *, crypto_data_t *);
+	int (*digest_update)(crypto_ctx_t *, crypto_data_t *);
+	int (*digest_key)(crypto_ctx_t *, crypto_key_t *);
+	int (*digest_final)(crypto_ctx_t *, crypto_data_t *);
 	int (*digest_atomic)(crypto_provider_handle_t, crypto_session_id_t,
 	    crypto_mechanism_t *, crypto_data_t *,
-	    crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *);
 } __no_const crypto_digest_ops_t;

 /*
@@ -111,29 +101,29 @@ typedef struct crypto_digest_ops {
 typedef struct crypto_cipher_ops {
 	int (*encrypt_init)(crypto_ctx_t *,
 	    crypto_mechanism_t *, crypto_key_t *,
-	    crypto_spi_ctx_template_t, crypto_req_handle_t);
+	    crypto_spi_ctx_template_t);
 	int (*encrypt)(crypto_ctx_t *,
-	    crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *, crypto_data_t *);
 	int (*encrypt_update)(crypto_ctx_t *,
-	    crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *, crypto_data_t *);
 	int (*encrypt_final)(crypto_ctx_t *,
-	    crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *);
 	int (*encrypt_atomic)(crypto_provider_handle_t, crypto_session_id_t,
 	    crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-	    crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
+	    crypto_data_t *, crypto_spi_ctx_template_t);

 	int (*decrypt_init)(crypto_ctx_t *,
 	    crypto_mechanism_t *, crypto_key_t *,
-	    crypto_spi_ctx_template_t, crypto_req_handle_t);
+	    crypto_spi_ctx_template_t);
 	int (*decrypt)(crypto_ctx_t *,
-	    crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *, crypto_data_t *);
 	int (*decrypt_update)(crypto_ctx_t *,
-	    crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *, crypto_data_t *);
 	int (*decrypt_final)(crypto_ctx_t *,
-	    crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *);
 	int (*decrypt_atomic)(crypto_provider_handle_t, crypto_session_id_t,
 	    crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-	    crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
+	    crypto_data_t *, crypto_spi_ctx_template_t);
 } __no_const crypto_cipher_ops_t;

 /*
@@ -145,21 +135,19 @@ typedef struct crypto_cipher_ops {
 typedef struct crypto_mac_ops {
 	int (*mac_init)(crypto_ctx_t *,
 	    crypto_mechanism_t *, crypto_key_t *,
-	    crypto_spi_ctx_template_t, crypto_req_handle_t);
+	    crypto_spi_ctx_template_t);
 	int (*mac)(crypto_ctx_t *,
-	    crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *, crypto_data_t *);
 	int (*mac_update)(crypto_ctx_t *,
-	    crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *);
 	int (*mac_final)(crypto_ctx_t *,
-	    crypto_data_t *, crypto_req_handle_t);
+	    crypto_data_t *);
 	int (*mac_atomic)(crypto_provider_handle_t, crypto_session_id_t,
 	    crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-	    crypto_data_t *, crypto_spi_ctx_template_t,
-	    crypto_req_handle_t);
+	    crypto_data_t *, crypto_spi_ctx_template_t);
 	int (*mac_verify_atomic)(crypto_provider_handle_t, crypto_session_id_t,
 	    crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-	    crypto_data_t *, crypto_spi_ctx_template_t,
-	    crypto_req_handle_t);
+	    crypto_data_t *, crypto_spi_ctx_template_t);
 } __no_const crypto_mac_ops_t;

 /*
@@ -171,7 +159,7 @@ typedef struct crypto_mac_ops {
 typedef struct crypto_ctx_ops {
 	int (*create_ctx_template)(crypto_provider_handle_t,
 	    crypto_mechanism_t *, crypto_key_t *,
-	    crypto_spi_ctx_template_t *, size_t *, crypto_req_handle_t);
+	    crypto_spi_ctx_template_t *, size_t *);
 	int (*free_context)(crypto_ctx_t *);
 } __no_const crypto_ctx_ops_t;

@@ -263,7 +251,6 @@ typedef struct crypto_provider_info {
 extern int crypto_register_provider(const crypto_provider_info_t *,
 		crypto_kcf_provider_handle_t *);
 extern int crypto_unregister_provider(crypto_kcf_provider_handle_t);
-extern int crypto_kmflag(crypto_req_handle_t);


 #ifdef	__cplusplus