opencrypto: Rip out EAGAIN logic when unregistering crypto drivers.

I'm pretty sure this never worked reliably based on code inspection, and it's unlikely to have ever been tested because it only applies when unregistering a driver -- but we have no crypto drivers for removable devices, so it would only apply if we went out of our way to trigger detach with drvctl. Instead, just make the operation fail with ENODEV, and remove all the callback logic to resubmit the request on EAGAIN. (Maybe this should be ENXIO, but crypto_kdispatch already does ENODEV.)
2022-05-22 11:40:03 +00:00 · 2022-05-22 11:40:03 +00:00 · 3bbdee2433
parent faea2b2f4e
commit 3bbdee2433
7 changed files with 19 additions and 95 deletions
--- a/share/man/man9/opencrypto.9
+++ b/share/man/man9/opencrypto.9
@ -1,5 +1,5 @@
 .\"	$OpenBSD: crypto.9,v 1.25 2003/07/11 13:47:41 jmc Exp $
-.\"	$NetBSD: opencrypto.9,v 1.20 2022/05/22 11:39:37 riastradh Exp $
+.\"	$NetBSD: opencrypto.9,v 1.21 2022/05/22 11:40:03 riastradh Exp $
 .\"
 .\" The author of this man page is Angelos D. Keromytis (angelos@cis.upenn.edu)
 .\"
@ -288,16 +288,6 @@ level.
 .It Fa crp_etype
 Contains the error type, if any errors were encountered, or zero if
 the request was successfully processed.
-If the
-.Er EAGAIN
-error code is returned, the SID has changed (and has been recorded in the
-.Fa crp_sid
-field).
-The consumer should record the new SID and use it in all subsequent requests.
-In this case, the request may be re-submitted immediately.
-This mechanism is used by the framework to perform
-session migration (move a session from one driver to another, because
-of availability, performance, or other considerations).
 .Pp
 Note that this field only makes sense when examined by
 the callback routine specified in
--- a/sys/netipsec/xform_ah.c
+++ b/sys/netipsec/xform_ah.c
@ -1,4 +1,4 @@
-/*	$NetBSD: xform_ah.c,v 1.112 2022/05/22 11:39:37 riastradh Exp $	*/
+/*	$NetBSD: xform_ah.c,v 1.113 2022/05/22 11:40:03 riastradh Exp $	*/
 /*	$FreeBSD: xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
 /*
@ -39,7 +39,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.112 2022/05/22 11:39:37 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.113 2022/05/22 11:40:03 riastradh Exp $");

 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@ -772,12 +772,6 @@ ah_input_cb(struct cryptop *crp)
 		if (sav->tdb_cryptoid != 0)
 			sav->tdb_cryptoid = crp->crp_sid;

-		if (crp->crp_etype == EAGAIN) {
-			IPSEC_RELEASE_GLOBAL_LOCKS();
-			(void)crypto_dispatch(crp);
-			return;
-		}
-
 		AH_STATINC(AH_STAT_NOXFORM);
 		DPRINTF("crypto error %d\n", crp->crp_etype);
 		goto bad;
@ -1162,12 +1156,6 @@ ah_output_cb(struct cryptop *crp)
 		if (sav->tdb_cryptoid != 0)
 			sav->tdb_cryptoid = crp->crp_sid;

-		if (crp->crp_etype == EAGAIN) {
-			IPSEC_RELEASE_GLOBAL_LOCKS();
-			(void)crypto_dispatch(crp);
-			return;
-		}
-
 		AH_STATINC(AH_STAT_NOXFORM);
 		DPRINTF("crypto error %d\n", crp->crp_etype);
 		goto bad;
--- a/sys/netipsec/xform_esp.c
+++ b/sys/netipsec/xform_esp.c
@ -1,4 +1,4 @@
-/*	$NetBSD: xform_esp.c,v 1.103 2022/05/22 11:39:08 riastradh Exp $	*/
+/*	$NetBSD: xform_esp.c,v 1.104 2022/05/22 11:40:03 riastradh Exp $	*/
 /*	$FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */

@ -39,7 +39,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.103 2022/05/22 11:39:08 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.104 2022/05/22 11:40:03 riastradh Exp $");

 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@ -538,13 +538,6 @@ esp_input_cb(struct cryptop *crp)
 		if (sav->tdb_cryptoid != 0)
 			sav->tdb_cryptoid = crp->crp_sid;

-		if (crp->crp_etype == EAGAIN) {
-			KEY_SA_UNREF(&sav);
-			IPSEC_RELEASE_GLOBAL_LOCKS();
-			(void)crypto_dispatch(crp);
-			return;
-		}
-
 		ESP_STATINC(ESP_STAT_NOXFORM);
 		DPRINTF("crypto error %d\n", crp->crp_etype);
 		goto bad;
@ -967,12 +960,6 @@ esp_output_cb(struct cryptop *crp)
 		if (sav->tdb_cryptoid != 0)
 			sav->tdb_cryptoid = crp->crp_sid;

-		if (crp->crp_etype == EAGAIN) {
-			IPSEC_RELEASE_GLOBAL_LOCKS();
-			(void)crypto_dispatch(crp);
-			return;
-		}
-
 		ESP_STATINC(ESP_STAT_NOXFORM);
 		DPRINTF("crypto error %d\n", crp->crp_etype);
 		goto bad;
--- a/sys/netipsec/xform_ipcomp.c
+++ b/sys/netipsec/xform_ipcomp.c
@ -1,4 +1,4 @@
-/*	$NetBSD: xform_ipcomp.c,v 1.72 2022/05/22 11:39:37 riastradh Exp $	*/
+/*	$NetBSD: xform_ipcomp.c,v 1.73 2022/05/22 11:40:03 riastradh Exp $	*/
 /*	$FreeBSD: xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */

@ -30,7 +30,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.72 2022/05/22 11:39:37 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.73 2022/05/22 11:40:03 riastradh Exp $");

 /* IP payload compression protocol (IPComp), see RFC 2393 */
 #if defined(_KERNEL_OPT)
@ -270,13 +270,6 @@ ipcomp_input_cb(struct cryptop *crp)
 		if (sav->tdb_cryptoid != 0)
 			sav->tdb_cryptoid = crp->crp_sid;

-		if (crp->crp_etype == EAGAIN) {
-			KEY_SA_UNREF(&sav);
-			IPSEC_RELEASE_GLOBAL_LOCKS();
-			(void)crypto_dispatch(crp);
-			return;
-		}
-
 		IPCOMP_STATINC(IPCOMP_STAT_NOXFORM);
 		DPRINTF("crypto error %d\n", crp->crp_etype);
 		goto bad;
@ -542,11 +535,6 @@ ipcomp_output_cb(struct cryptop *crp)
 		if (sav->tdb_cryptoid != 0)
 			sav->tdb_cryptoid = crp->crp_sid;

-		if (crp->crp_etype == EAGAIN) {
-			IPSEC_RELEASE_GLOBAL_LOCKS();
-			(void)crypto_dispatch(crp);
-			return;
-		}
 		IPCOMP_STATINC(IPCOMP_STAT_NOXFORM);
 		DPRINTF("crypto error %d\n", crp->crp_etype);
 		goto bad;
--- a/sys/opencrypto/crypto.c
+++ b/sys/opencrypto/crypto.c
@ -1,4 +1,4 @@
-/*	$NetBSD: crypto.c,v 1.126 2022/05/22 11:39:54 riastradh Exp $ */
+/*	$NetBSD: crypto.c,v 1.127 2022/05/22 11:40:03 riastradh Exp $ */
 /*	$FreeBSD: src/sys/opencrypto/crypto.c,v 1.4.2.5 2003/02/26 00:14:05 sam Exp $	*/
 /*	$OpenBSD: crypto.c,v 1.41 2002/07/17 23:52:38 art Exp $	*/

@ -53,7 +53,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: crypto.c,v 1.126 2022/05/22 11:39:54 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: crypto.c,v 1.127 2022/05/22 11:40:03 riastradh Exp $");

 #include <sys/param.h>
 #include <sys/reboot.h>
@ -1569,26 +1569,11 @@ crypto_invoke(struct cryptop *crp, int hint)
 		crypto_driver_unlock(cap);
 		return (*process)(arg, crp, hint);
 	} else {
-		struct cryptodesc *crd;
-		u_int64_t nid = 0;
-
-		if (cap != NULL)
+		if (cap != NULL) {
 			crypto_driver_unlock(cap);
-
-		/*
-		 * Driver has unregistered; migrate the session and return
-		 * an error to the caller so they'll resubmit the op.
-		 */
-		crypto_freesession(crp->crp_sid);
-
-		for (crd = crp->crp_desc; crd->crd_next; crd = crd->crd_next)
-			crd->CRD_INI.cri_next = &(crd->crd_next->CRD_INI);
-
-		if (crypto_newsession(&nid, &(crp->crp_desc->CRD_INI), 0) == 0)
-			crp->crp_sid = nid;
-
-		crp->crp_etype = EAGAIN;
-
+			crypto_freesession(crp->crp_sid);
+		}
+		crp->crp_etype = ENODEV;
 		crypto_done(crp);
 		return 0;
 	}
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@ -1,4 +1,4 @@
-/*	$NetBSD: cryptodev.c,v 1.121 2022/05/22 11:39:45 riastradh Exp $ */
+/*	$NetBSD: cryptodev.c,v 1.122 2022/05/22 11:40:03 riastradh Exp $ */
 /*	$FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $	*/
 /*	$OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $	*/

@ -64,7 +64,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.121 2022/05/22 11:39:45 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.122 2022/05/22 11:40:03 riastradh Exp $");

 #include <sys/param.h>
 #include <sys/systm.h>
@ -718,16 +718,9 @@ static void
 cryptodev_cb(struct cryptop *crp)
 {
 	struct csession *cse = crp->crp_opaque;
-	int error;
-
-	if ((error = crp->crp_etype) == EAGAIN) {
-		error = crypto_dispatch(crp);
-		if (error == 0)
-			return;
-	}

 	mutex_enter(&cryptodev_mtx);
-	cse->error = error;
+	cse->error = crp->crp_etype;
 	crp->crp_devflags |= CRYPTODEV_F_RET;
 	cv_signal(&crp->crp_cv);
 	mutex_exit(&cryptodev_mtx);
@ -737,16 +730,9 @@ static void
 cryptodev_mcb(struct cryptop *crp)
 {
 	struct csession *cse = crp->crp_opaque;
-	int error;
-
-	if ((error = crp->crp_etype) == EAGAIN) {
-		error = crypto_dispatch(crp);
-		if (error == 0)
-			return;
-	}

 	mutex_enter(&cryptodev_mtx);
-	cse->error = error;
+	cse->error = crp->crp_etype;
 	TAILQ_INSERT_TAIL(&crp->fcrp->crp_ret_mq, crp, crp_next);
 	selnotify(&crp->fcrp->sinfo, 0, 0);
 	mutex_exit(&cryptodev_mtx);
--- a/sys/opencrypto/cryptodev.h
+++ b/sys/opencrypto/cryptodev.h
@ -1,4 +1,4 @@
-/*	$NetBSD: cryptodev.h,v 1.48 2022/05/22 11:39:37 riastradh Exp $ */
+/*	$NetBSD: cryptodev.h,v 1.49 2022/05/22 11:40:03 riastradh Exp $ */
 /*	$FreeBSD: src/sys/opencrypto/cryptodev.h,v 1.2.2.6 2003/07/02 17:04:50 sam Exp $	*/
 /*	$OpenBSD: cryptodev.h,v 1.33 2002/07/17 23:52:39 art Exp $	*/

@ -453,7 +453,7 @@ struct cryptop {

 	int		crp_etype;	/*
 					 * Error type (zero means no error).
-					 * All error codes except EAGAIN
+					 * All error codes
 					 * indicate possible data corruption (as in,
 					 * the data have been touched). On all
 					 * errors, the crp_sid may have changed