From e7adccf7f537a4d07281a2b74b360154bae367bc Mon Sep 17 00:00:00 2001 From: Mark Johnston Date: Thu, 18 Feb 2021 18:51:20 -0500 Subject: [PATCH] FreeBSD: disable the use of hardware crypto offload drivers for now First, the crypto request completion handler contains a bug in that it fails to reset fs_done correctly after the request is completed. This is only a problem for asynchronous drivers. Second, some hardware drivers have input constraints which ZFS does not satisfy. For instance, ccp(4) apparently requires the AAD length for AES-GCM to be a multiple of the cipher block size, and with qat(4) the AES-GCM AAD length may not be longer than 240 bytes. FreeBSD's generic crypto framework doesn't have a mechanism to automatically fall back to a software implementation if a hardware driver cannot process a request, and ZFS does not tolerate such errors. The plan is to implement such a fallback mechanism, but with FreeBSD 13.0 approaching we should simply disable the use hardware drivers for now. Reviewed-by: Ryan Moeller Reviewed-by: Alexander Motin Signed-off-by: Mark Johnston Closes #11612 --- module/os/freebsd/zfs/crypto_os.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/module/os/freebsd/zfs/crypto_os.c b/module/os/freebsd/zfs/crypto_os.c index fbf9984162..03d14ed7cf 100644 --- a/module/os/freebsd/zfs/crypto_os.c +++ b/module/os/freebsd/zfs/crypto_os.c @@ -293,8 +293,19 @@ freebsd_crypt_newsession(freebsd_crypt_session_t *sessp, error = ENOTSUP; goto bad; } - error = crypto_newsession(&sessp->fs_sid, &csp, - CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE); + + /* + * Disable the use of hardware drivers on FreeBSD 13 and later since + * common crypto offload drivers impose constraints on AES-GCM AAD + * lengths that make them unusable for ZFS, and we currently do not have + * a mechanism to fall back to a software driver for requests not + * handled by a hardware driver. + * + * On 12 we continue to permit the use of hardware drivers since + * CPU-accelerated drivers such as aesni(4) register themselves as + * hardware drivers. + */ + error = crypto_newsession(&sessp->fs_sid, &csp, CRYPTOCAP_F_SOFTWARE); mtx_init(&sessp->fs_lock, "FreeBSD Cryptographic Session Lock", NULL, MTX_DEF); crypt_sessions++;