module: icp: guarantee the ops vector is persistent
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz> Closes #12901
This commit is contained in:
parent
d59a7fae40
commit
b0502ab097
|
@ -193,26 +193,6 @@ kcf_prov_tab_lookup(crypto_provider_id_t prov_id)
|
|||
return (prov_desc);
|
||||
}
|
||||
|
||||
static void
|
||||
allocate_ops(const crypto_ops_t *src, crypto_ops_t *dst)
|
||||
{
|
||||
if (src->co_digest_ops != NULL)
|
||||
dst->co_digest_ops = kmem_alloc(sizeof (crypto_digest_ops_t),
|
||||
KM_SLEEP);
|
||||
|
||||
if (src->co_cipher_ops != NULL)
|
||||
dst->co_cipher_ops = kmem_alloc(sizeof (crypto_cipher_ops_t),
|
||||
KM_SLEEP);
|
||||
|
||||
if (src->co_mac_ops != NULL)
|
||||
dst->co_mac_ops = kmem_alloc(sizeof (crypto_mac_ops_t),
|
||||
KM_SLEEP);
|
||||
|
||||
if (src->co_ctx_ops != NULL)
|
||||
dst->co_ctx_ops = kmem_alloc(sizeof (crypto_ctx_ops_t),
|
||||
KM_SLEEP);
|
||||
}
|
||||
|
||||
/*
|
||||
* Allocate a provider descriptor. mech_list_count specifies the
|
||||
* number of mechanisms supported by the providers, and is used
|
||||
|
@ -223,10 +203,8 @@ allocate_ops(const crypto_ops_t *src, crypto_ops_t *dst)
|
|||
kcf_provider_desc_t *
|
||||
kcf_alloc_provider_desc(const crypto_provider_info_t *info)
|
||||
{
|
||||
kcf_provider_desc_t *desc;
|
||||
const crypto_ops_t *src_ops = info->pi_ops_vector;
|
||||
|
||||
desc = kmem_zalloc(sizeof (kcf_provider_desc_t), KM_SLEEP);
|
||||
kcf_provider_desc_t *desc =
|
||||
kmem_zalloc(sizeof (kcf_provider_desc_t), KM_SLEEP);
|
||||
|
||||
/*
|
||||
* pd_description serves two purposes
|
||||
|
@ -246,17 +224,6 @@ kcf_alloc_provider_desc(const crypto_provider_info_t *info)
|
|||
CRYPTO_PROVIDER_DESCR_MAX_LEN);
|
||||
desc->pd_description[CRYPTO_PROVIDER_DESCR_MAX_LEN] = '\0';
|
||||
|
||||
/*
|
||||
* Since the framework does not require the ops vector specified
|
||||
* by the providers during registration to be persistent,
|
||||
* KCF needs to allocate storage where copies of the ops
|
||||
* vectors are copied.
|
||||
*/
|
||||
crypto_ops_t *opvec = kmem_zalloc(sizeof (crypto_ops_t), KM_SLEEP);
|
||||
if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER)
|
||||
allocate_ops(src_ops, opvec);
|
||||
desc->pd_ops_vector = opvec;
|
||||
|
||||
desc->pd_mech_list_count = info->pi_mech_list_count;
|
||||
desc->pd_mechanisms = kmem_zalloc(sizeof (crypto_mech_info_t) *
|
||||
info->pi_mech_list_count, KM_SLEEP);
|
||||
|
@ -327,26 +294,6 @@ kcf_free_provider_desc(kcf_provider_desc_t *desc)
|
|||
kmem_free(desc->pd_description,
|
||||
CRYPTO_PROVIDER_DESCR_MAX_LEN + 1);
|
||||
|
||||
if (desc->pd_ops_vector != NULL) {
|
||||
if (desc->pd_ops_vector->co_digest_ops != NULL)
|
||||
kmem_free(desc->pd_ops_vector->co_digest_ops,
|
||||
sizeof (crypto_digest_ops_t));
|
||||
|
||||
if (desc->pd_ops_vector->co_cipher_ops != NULL)
|
||||
kmem_free(desc->pd_ops_vector->co_cipher_ops,
|
||||
sizeof (crypto_cipher_ops_t));
|
||||
|
||||
if (desc->pd_ops_vector->co_mac_ops != NULL)
|
||||
kmem_free(desc->pd_ops_vector->co_mac_ops,
|
||||
sizeof (crypto_mac_ops_t));
|
||||
|
||||
if (desc->pd_ops_vector->co_ctx_ops != NULL)
|
||||
kmem_free(desc->pd_ops_vector->co_ctx_ops,
|
||||
sizeof (crypto_ctx_ops_t));
|
||||
|
||||
kmem_free(desc->pd_ops_vector, sizeof (crypto_ops_t));
|
||||
}
|
||||
|
||||
if (desc->pd_mechanisms != NULL)
|
||||
/* free the memory associated with the mechanism info's */
|
||||
kmem_free(desc->pd_mechanisms, sizeof (crypto_mech_info_t) *
|
||||
|
|
|
@ -58,26 +58,6 @@ static const kcf_prov_stats_t kcf_stats_ks_data_template = {
|
|||
{ "kcf_ops_returned_busy", KSTAT_DATA_UINT64 }
|
||||
};
|
||||
|
||||
#define KCF_SPI_COPY_OPS(src, dst, ops) if ((src)->ops != NULL) \
|
||||
memcpy((void *) (dst)->ops, (src)->ops, sizeof (*(src)->ops));
|
||||
|
||||
/*
|
||||
* Copy an ops vector from src to dst. Used during provider registration
|
||||
* to copy the ops vector from the provider info structure to the
|
||||
* provider descriptor maintained by KCF.
|
||||
* Copying the ops vector specified by the provider is needed since the
|
||||
* framework does not require the provider info structure to be
|
||||
* persistent.
|
||||
*/
|
||||
static void
|
||||
copy_ops_vector(const crypto_ops_t *src_ops, crypto_ops_t *dst_ops)
|
||||
{
|
||||
KCF_SPI_COPY_OPS(src_ops, dst_ops, co_digest_ops);
|
||||
KCF_SPI_COPY_OPS(src_ops, dst_ops, co_cipher_ops);
|
||||
KCF_SPI_COPY_OPS(src_ops, dst_ops, co_mac_ops);
|
||||
KCF_SPI_COPY_OPS(src_ops, dst_ops, co_ctx_ops);
|
||||
}
|
||||
|
||||
/*
|
||||
* This routine is used to add cryptographic providers to the KEF framework.
|
||||
* Providers pass a crypto_provider_info structure to crypto_register_provider()
|
||||
|
@ -130,12 +110,9 @@ crypto_register_provider(const crypto_provider_info_t *info,
|
|||
(size_t)CRYPTO_PROVIDER_DESCR_MAX_LEN));
|
||||
}
|
||||
|
||||
/* Change from Illumos: the ops vector is persistent. */
|
||||
if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER) {
|
||||
if (info->pi_ops_vector == NULL) {
|
||||
goto bail;
|
||||
}
|
||||
crypto_ops_t *pvec = (crypto_ops_t *)prov_desc->pd_ops_vector;
|
||||
copy_ops_vector(info->pi_ops_vector, pvec);
|
||||
prov_desc->pd_ops_vector = info->pi_ops_vector;
|
||||
prov_desc->pd_flags = info->pi_flags;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue