module: icp: guarantee the ops vector is persistent
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz> Closes #12901
This commit is contained in:
parent
d59a7fae40
commit
b0502ab097
|
@ -193,26 +193,6 @@ kcf_prov_tab_lookup(crypto_provider_id_t prov_id)
|
||||||
return (prov_desc);
|
return (prov_desc);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
|
||||||
allocate_ops(const crypto_ops_t *src, crypto_ops_t *dst)
|
|
||||||
{
|
|
||||||
if (src->co_digest_ops != NULL)
|
|
||||||
dst->co_digest_ops = kmem_alloc(sizeof (crypto_digest_ops_t),
|
|
||||||
KM_SLEEP);
|
|
||||||
|
|
||||||
if (src->co_cipher_ops != NULL)
|
|
||||||
dst->co_cipher_ops = kmem_alloc(sizeof (crypto_cipher_ops_t),
|
|
||||||
KM_SLEEP);
|
|
||||||
|
|
||||||
if (src->co_mac_ops != NULL)
|
|
||||||
dst->co_mac_ops = kmem_alloc(sizeof (crypto_mac_ops_t),
|
|
||||||
KM_SLEEP);
|
|
||||||
|
|
||||||
if (src->co_ctx_ops != NULL)
|
|
||||||
dst->co_ctx_ops = kmem_alloc(sizeof (crypto_ctx_ops_t),
|
|
||||||
KM_SLEEP);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Allocate a provider descriptor. mech_list_count specifies the
|
* Allocate a provider descriptor. mech_list_count specifies the
|
||||||
* number of mechanisms supported by the providers, and is used
|
* number of mechanisms supported by the providers, and is used
|
||||||
|
@ -223,10 +203,8 @@ allocate_ops(const crypto_ops_t *src, crypto_ops_t *dst)
|
||||||
kcf_provider_desc_t *
|
kcf_provider_desc_t *
|
||||||
kcf_alloc_provider_desc(const crypto_provider_info_t *info)
|
kcf_alloc_provider_desc(const crypto_provider_info_t *info)
|
||||||
{
|
{
|
||||||
kcf_provider_desc_t *desc;
|
kcf_provider_desc_t *desc =
|
||||||
const crypto_ops_t *src_ops = info->pi_ops_vector;
|
kmem_zalloc(sizeof (kcf_provider_desc_t), KM_SLEEP);
|
||||||
|
|
||||||
desc = kmem_zalloc(sizeof (kcf_provider_desc_t), KM_SLEEP);
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* pd_description serves two purposes
|
* pd_description serves two purposes
|
||||||
|
@ -246,17 +224,6 @@ kcf_alloc_provider_desc(const crypto_provider_info_t *info)
|
||||||
CRYPTO_PROVIDER_DESCR_MAX_LEN);
|
CRYPTO_PROVIDER_DESCR_MAX_LEN);
|
||||||
desc->pd_description[CRYPTO_PROVIDER_DESCR_MAX_LEN] = '\0';
|
desc->pd_description[CRYPTO_PROVIDER_DESCR_MAX_LEN] = '\0';
|
||||||
|
|
||||||
/*
|
|
||||||
* Since the framework does not require the ops vector specified
|
|
||||||
* by the providers during registration to be persistent,
|
|
||||||
* KCF needs to allocate storage where copies of the ops
|
|
||||||
* vectors are copied.
|
|
||||||
*/
|
|
||||||
crypto_ops_t *opvec = kmem_zalloc(sizeof (crypto_ops_t), KM_SLEEP);
|
|
||||||
if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER)
|
|
||||||
allocate_ops(src_ops, opvec);
|
|
||||||
desc->pd_ops_vector = opvec;
|
|
||||||
|
|
||||||
desc->pd_mech_list_count = info->pi_mech_list_count;
|
desc->pd_mech_list_count = info->pi_mech_list_count;
|
||||||
desc->pd_mechanisms = kmem_zalloc(sizeof (crypto_mech_info_t) *
|
desc->pd_mechanisms = kmem_zalloc(sizeof (crypto_mech_info_t) *
|
||||||
info->pi_mech_list_count, KM_SLEEP);
|
info->pi_mech_list_count, KM_SLEEP);
|
||||||
|
@ -327,26 +294,6 @@ kcf_free_provider_desc(kcf_provider_desc_t *desc)
|
||||||
kmem_free(desc->pd_description,
|
kmem_free(desc->pd_description,
|
||||||
CRYPTO_PROVIDER_DESCR_MAX_LEN + 1);
|
CRYPTO_PROVIDER_DESCR_MAX_LEN + 1);
|
||||||
|
|
||||||
if (desc->pd_ops_vector != NULL) {
|
|
||||||
if (desc->pd_ops_vector->co_digest_ops != NULL)
|
|
||||||
kmem_free(desc->pd_ops_vector->co_digest_ops,
|
|
||||||
sizeof (crypto_digest_ops_t));
|
|
||||||
|
|
||||||
if (desc->pd_ops_vector->co_cipher_ops != NULL)
|
|
||||||
kmem_free(desc->pd_ops_vector->co_cipher_ops,
|
|
||||||
sizeof (crypto_cipher_ops_t));
|
|
||||||
|
|
||||||
if (desc->pd_ops_vector->co_mac_ops != NULL)
|
|
||||||
kmem_free(desc->pd_ops_vector->co_mac_ops,
|
|
||||||
sizeof (crypto_mac_ops_t));
|
|
||||||
|
|
||||||
if (desc->pd_ops_vector->co_ctx_ops != NULL)
|
|
||||||
kmem_free(desc->pd_ops_vector->co_ctx_ops,
|
|
||||||
sizeof (crypto_ctx_ops_t));
|
|
||||||
|
|
||||||
kmem_free(desc->pd_ops_vector, sizeof (crypto_ops_t));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (desc->pd_mechanisms != NULL)
|
if (desc->pd_mechanisms != NULL)
|
||||||
/* free the memory associated with the mechanism info's */
|
/* free the memory associated with the mechanism info's */
|
||||||
kmem_free(desc->pd_mechanisms, sizeof (crypto_mech_info_t) *
|
kmem_free(desc->pd_mechanisms, sizeof (crypto_mech_info_t) *
|
||||||
|
|
|
@ -58,26 +58,6 @@ static const kcf_prov_stats_t kcf_stats_ks_data_template = {
|
||||||
{ "kcf_ops_returned_busy", KSTAT_DATA_UINT64 }
|
{ "kcf_ops_returned_busy", KSTAT_DATA_UINT64 }
|
||||||
};
|
};
|
||||||
|
|
||||||
#define KCF_SPI_COPY_OPS(src, dst, ops) if ((src)->ops != NULL) \
|
|
||||||
memcpy((void *) (dst)->ops, (src)->ops, sizeof (*(src)->ops));
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Copy an ops vector from src to dst. Used during provider registration
|
|
||||||
* to copy the ops vector from the provider info structure to the
|
|
||||||
* provider descriptor maintained by KCF.
|
|
||||||
* Copying the ops vector specified by the provider is needed since the
|
|
||||||
* framework does not require the provider info structure to be
|
|
||||||
* persistent.
|
|
||||||
*/
|
|
||||||
static void
|
|
||||||
copy_ops_vector(const crypto_ops_t *src_ops, crypto_ops_t *dst_ops)
|
|
||||||
{
|
|
||||||
KCF_SPI_COPY_OPS(src_ops, dst_ops, co_digest_ops);
|
|
||||||
KCF_SPI_COPY_OPS(src_ops, dst_ops, co_cipher_ops);
|
|
||||||
KCF_SPI_COPY_OPS(src_ops, dst_ops, co_mac_ops);
|
|
||||||
KCF_SPI_COPY_OPS(src_ops, dst_ops, co_ctx_ops);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This routine is used to add cryptographic providers to the KEF framework.
|
* This routine is used to add cryptographic providers to the KEF framework.
|
||||||
* Providers pass a crypto_provider_info structure to crypto_register_provider()
|
* Providers pass a crypto_provider_info structure to crypto_register_provider()
|
||||||
|
@ -130,12 +110,9 @@ crypto_register_provider(const crypto_provider_info_t *info,
|
||||||
(size_t)CRYPTO_PROVIDER_DESCR_MAX_LEN));
|
(size_t)CRYPTO_PROVIDER_DESCR_MAX_LEN));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Change from Illumos: the ops vector is persistent. */
|
||||||
if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER) {
|
if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER) {
|
||||||
if (info->pi_ops_vector == NULL) {
|
prov_desc->pd_ops_vector = info->pi_ops_vector;
|
||||||
goto bail;
|
|
||||||
}
|
|
||||||
crypto_ops_t *pvec = (crypto_ops_t *)prov_desc->pd_ops_vector;
|
|
||||||
copy_ops_vector(info->pi_ops_vector, pvec);
|
|
||||||
prov_desc->pd_flags = info->pi_flags;
|
prov_desc->pd_flags = info->pi_flags;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue