Module Name: src
Committed By: riastradh
Date: Sun May 22 11:40:04 UTC 2022
Modified Files:
src/share/man/man9: opencrypto.9
src/sys/netipsec: xform_ah.c xform_esp.c xform_ipcomp.c
src/sys/opencrypto: crypto.c cryptodev.c cryptodev.h
Log Message:
opencrypto: Rip out EAGAIN logic when unregistering crypto drivers.
I'm pretty sure this never worked reliably based on code inspection,
and it's unlikely to have ever been tested because it only applies
when unregistering a driver -- but we have no crypto drivers for
removable devices, so it would only apply if we went out of our way
to trigger detach with drvctl.
Instead, just make the operation fail with ENODEV, and remove all the
callback logic to resubmit the request on EAGAIN. (Maybe this should
be ENXIO, but crypto_kdispatch already does ENODEV.)
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 src/share/man/man9/opencrypto.9
cvs rdiff -u -r1.112 -r1.113 src/sys/netipsec/xform_ah.c
cvs rdiff -u -r1.103 -r1.104 src/sys/netipsec/xform_esp.c
cvs rdiff -u -r1.72 -r1.73 src/sys/netipsec/xform_ipcomp.c
cvs rdiff -u -r1.126 -r1.127 src/sys/opencrypto/crypto.c
cvs rdiff -u -r1.121 -r1.122 src/sys/opencrypto/cryptodev.c
cvs rdiff -u -r1.48 -r1.49 src/sys/opencrypto/cryptodev.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/man/man9/opencrypto.9
diff -u src/share/man/man9/opencrypto.9:1.20 src/share/man/man9/opencrypto.9:1.21
--- src/share/man/man9/opencrypto.9:1.20 Sun May 22 11:39:37 2022
+++ src/share/man/man9/opencrypto.9 Sun May 22 11:40:03 2022
@@ -1,5 +1,5 @@
.\" $OpenBSD: crypto.9,v 1.25 2003/07/11 13:47:41 jmc Exp $
-.\" $NetBSD: opencrypto.9,v 1.20 2022/05/22 11:39:37 riastradh Exp $
+.\" $NetBSD: opencrypto.9,v 1.21 2022/05/22 11:40:03 riastradh Exp $
.\"
.\" The author of this man page is Angelos D. Keromytis (ange...@cis.upenn.edu)
.\"
@@ -288,16 +288,6 @@ level.
.It Fa crp_etype
Contains the error type, if any errors were encountered, or zero if
the request was successfully processed.
-If the
-.Er EAGAIN
-error code is returned, the SID has changed (and has been recorded in the
-.Fa crp_sid
-field).
-The consumer should record the new SID and use it in all subsequent requests.
-In this case, the request may be re-submitted immediately.
-This mechanism is used by the framework to perform
-session migration (move a session from one driver to another, because
-of availability, performance, or other considerations).
.Pp
Note that this field only makes sense when examined by
the callback routine specified in
Index: src/sys/netipsec/xform_ah.c
diff -u src/sys/netipsec/xform_ah.c:1.112 src/sys/netipsec/xform_ah.c:1.113
--- src/sys/netipsec/xform_ah.c:1.112 Sun May 22 11:39:37 2022
+++ src/sys/netipsec/xform_ah.c Sun May 22 11:40:03 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_ah.c,v 1.112 2022/05/22 11:39:37 riastradh Exp $ */
+/* $NetBSD: xform_ah.c,v 1.113 2022/05/22 11:40:03 riastradh Exp $ */
/* $FreeBSD: xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
/*
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.112 2022/05/22 11:39:37 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.113 2022/05/22 11:40:03 riastradh Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -772,12 +772,6 @@ ah_input_cb(struct cryptop *crp)
if (sav->tdb_cryptoid != 0)
sav->tdb_cryptoid = crp->crp_sid;
- if (crp->crp_etype == EAGAIN) {
- IPSEC_RELEASE_GLOBAL_LOCKS();
- (void)crypto_dispatch(crp);
- return;
- }
-
AH_STATINC(AH_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype);
goto bad;
@@ -1162,12 +1156,6 @@ ah_output_cb(struct cryptop *crp)
if (sav->tdb_cryptoid != 0)
sav->tdb_cryptoid = crp->crp_sid;
- if (crp->crp_etype == EAGAIN) {
- IPSEC_RELEASE_GLOBAL_LOCKS();
- (void)crypto_dispatch(crp);
- return;
- }
-
AH_STATINC(AH_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype);
goto bad;
Index: src/sys/netipsec/xform_esp.c
diff -u src/sys/netipsec/xform_esp.c:1.103 src/sys/netipsec/xform_esp.c:1.104
--- src/sys/netipsec/xform_esp.c:1.103 Sun May 22 11:39:08 2022
+++ src/sys/netipsec/xform_esp.c Sun May 22 11:40:03 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_esp.c,v 1.103 2022/05/22 11:39:08 riastradh Exp $ */
+/* $NetBSD: xform_esp.c,v 1.104 2022/05/22 11:40:03 riastradh Exp $ */
/* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.103 2022/05/22 11:39:08 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.104 2022/05/22 11:40:03 riastradh Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -538,13 +538,6 @@ esp_input_cb(struct cryptop *crp)
if (sav->tdb_cryptoid != 0)
sav->tdb_cryptoid = crp->crp_sid;
- if (crp->crp_etype == EAGAIN) {
- KEY_SA_UNREF(&sav);
- IPSEC_RELEASE_GLOBAL_LOCKS();
- (void)crypto_dispatch(crp);
- return;
- }
-
ESP_STATINC(ESP_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype);
goto bad;
@@ -967,12 +960,6 @@ esp_output_cb(struct cryptop *crp)
if (sav->tdb_cryptoid != 0)
sav->tdb_cryptoid = crp->crp_sid;
- if (crp->crp_etype == EAGAIN) {
- IPSEC_RELEASE_GLOBAL_LOCKS();
- (void)crypto_dispatch(crp);
- return;
- }
-
ESP_STATINC(ESP_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype);
goto bad;
Index: src/sys/netipsec/xform_ipcomp.c
diff -u src/sys/netipsec/xform_ipcomp.c:1.72 src/sys/netipsec/xform_ipcomp.c:1.73
--- src/sys/netipsec/xform_ipcomp.c:1.72 Sun May 22 11:39:37 2022
+++ src/sys/netipsec/xform_ipcomp.c Sun May 22 11:40:03 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_ipcomp.c,v 1.72 2022/05/22 11:39:37 riastradh Exp $ */
+/* $NetBSD: xform_ipcomp.c,v 1.73 2022/05/22 11:40:03 riastradh Exp $ */
/* $FreeBSD: xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.72 2022/05/22 11:39:37 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.73 2022/05/22 11:40:03 riastradh Exp $");
/* IP payload compression protocol (IPComp), see RFC 2393 */
#if defined(_KERNEL_OPT)
@@ -270,13 +270,6 @@ ipcomp_input_cb(struct cryptop *crp)
if (sav->tdb_cryptoid != 0)
sav->tdb_cryptoid = crp->crp_sid;
- if (crp->crp_etype == EAGAIN) {
- KEY_SA_UNREF(&sav);
- IPSEC_RELEASE_GLOBAL_LOCKS();
- (void)crypto_dispatch(crp);
- return;
- }
-
IPCOMP_STATINC(IPCOMP_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype);
goto bad;
@@ -542,11 +535,6 @@ ipcomp_output_cb(struct cryptop *crp)
if (sav->tdb_cryptoid != 0)
sav->tdb_cryptoid = crp->crp_sid;
- if (crp->crp_etype == EAGAIN) {
- IPSEC_RELEASE_GLOBAL_LOCKS();
- (void)crypto_dispatch(crp);
- return;
- }
IPCOMP_STATINC(IPCOMP_STAT_NOXFORM);
DPRINTF("crypto error %d\n", crp->crp_etype);
goto bad;
Index: src/sys/opencrypto/crypto.c
diff -u src/sys/opencrypto/crypto.c:1.126 src/sys/opencrypto/crypto.c:1.127
--- src/sys/opencrypto/crypto.c:1.126 Sun May 22 11:39:54 2022
+++ src/sys/opencrypto/crypto.c Sun May 22 11:40:03 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: crypto.c,v 1.126 2022/05/22 11:39:54 riastradh Exp $ */
+/* $NetBSD: crypto.c,v 1.127 2022/05/22 11:40:03 riastradh Exp $ */
/* $FreeBSD: src/sys/opencrypto/crypto.c,v 1.4.2.5 2003/02/26 00:14:05 sam Exp $ */
/* $OpenBSD: crypto.c,v 1.41 2002/07/17 23:52:38 art Exp $ */
@@ -53,7 +53,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: crypto.c,v 1.126 2022/05/22 11:39:54 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: crypto.c,v 1.127 2022/05/22 11:40:03 riastradh Exp $");
#include <sys/param.h>
#include <sys/reboot.h>
@@ -1569,26 +1569,11 @@ crypto_invoke(struct cryptop *crp, int h
crypto_driver_unlock(cap);
return (*process)(arg, crp, hint);
} else {
- struct cryptodesc *crd;
- u_int64_t nid = 0;
-
- if (cap != NULL)
+ if (cap != NULL) {
crypto_driver_unlock(cap);
-
- /*
- * Driver has unregistered; migrate the session and return
- * an error to the caller so they'll resubmit the op.
- */
- crypto_freesession(crp->crp_sid);
-
- for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next)
- crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI);
-
- if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI), 0) == 0)
- crp->crp_sid = nid;
-
- crp->crp_etype = EAGAIN;
-
+ crypto_freesession(crp->crp_sid);
+ }
+ crp->crp_etype = ENODEV;
crypto_done(crp);
return 0;
}
Index: src/sys/opencrypto/cryptodev.c
diff -u src/sys/opencrypto/cryptodev.c:1.121 src/sys/opencrypto/cryptodev.c:1.122
--- src/sys/opencrypto/cryptodev.c:1.121 Sun May 22 11:39:45 2022
+++ src/sys/opencrypto/cryptodev.c Sun May 22 11:40:03 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: cryptodev.c,v 1.121 2022/05/22 11:39:45 riastradh Exp $ */
+/* $NetBSD: cryptodev.c,v 1.122 2022/05/22 11:40:03 riastradh Exp $ */
/* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */
/* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */
@@ -64,7 +64,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.121 2022/05/22 11:39:45 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.122 2022/05/22 11:40:03 riastradh Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -718,16 +718,9 @@ static void
cryptodev_cb(struct cryptop *crp)
{
struct csession *cse = crp->crp_opaque;
- int error;
-
- if ((error = crp->crp_etype) == EAGAIN) {
- error = crypto_dispatch(crp);
- if (error == 0)
- return;
- }
mutex_enter(&cryptodev_mtx);
- cse->error = error;
+ cse->error = crp->crp_etype;
crp->crp_devflags |= CRYPTODEV_F_RET;
cv_signal(&crp->crp_cv);
mutex_exit(&cryptodev_mtx);
@@ -737,16 +730,9 @@ static void
cryptodev_mcb(struct cryptop *crp)
{
struct csession *cse = crp->crp_opaque;
- int error;
-
- if ((error = crp->crp_etype) == EAGAIN) {
- error = crypto_dispatch(crp);
- if (error == 0)
- return;
- }
mutex_enter(&cryptodev_mtx);
- cse->error = error;
+ cse->error = crp->crp_etype;
TAILQ_INSERT_TAIL(&crp->fcrp->crp_ret_mq, crp, crp_next);
selnotify(&crp->fcrp->sinfo, 0, 0);
mutex_exit(&cryptodev_mtx);
Index: src/sys/opencrypto/cryptodev.h
diff -u src/sys/opencrypto/cryptodev.h:1.48 src/sys/opencrypto/cryptodev.h:1.49
--- src/sys/opencrypto/cryptodev.h:1.48 Sun May 22 11:39:37 2022
+++ src/sys/opencrypto/cryptodev.h Sun May 22 11:40:03 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: cryptodev.h,v 1.48 2022/05/22 11:39:37 riastradh Exp $ */
+/* $NetBSD: cryptodev.h,v 1.49 2022/05/22 11:40:03 riastradh Exp $ */
/* $FreeBSD: src/sys/opencrypto/cryptodev.h,v 1.2.2.6 2003/07/02 17:04:50 sam Exp $ */
/* $OpenBSD: cryptodev.h,v 1.33 2002/07/17 23:52:39 art Exp $ */
@@ -453,7 +453,7 @@ struct cryptop {
int crp_etype; /*
* Error type (zero means no error).
- * All error codes except EAGAIN
+ * All error codes
* indicate possible data corruption (as in,
* the data have been touched). On all
* errors, the crp_sid may have changed
