cryptosoft: Stop single-threading requests within a session.

All of the request handlers no longer modify session state, so remove
the mutex limiting operations to one per session.  In addition, change
the pointer to the session state passed to process callbacks to const.

Suggested by:	mjg
Reviewed by:	mjg, markj
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D33317
This commit is contained in:
John Baldwin 2021-12-09 11:52:43 -08:00
parent 6113a08b98
commit dc475c9bee

View File

@ -44,11 +44,8 @@ __FBSDID("$FreeBSD$");
#include <sys/random.h> #include <sys/random.h>
#include <sys/kernel.h> #include <sys/kernel.h>
#include <sys/uio.h> #include <sys/uio.h>
#include <sys/lock.h>
#include <sys/rwlock.h>
#include <sys/endian.h> #include <sys/endian.h>
#include <sys/limits.h> #include <sys/limits.h>
#include <sys/mutex.h>
#include <crypto/sha1.h> #include <crypto/sha1.h>
#include <opencrypto/rmd160.h> #include <opencrypto/rmd160.h>
@ -78,8 +75,7 @@ struct swcr_compdec {
}; };
struct swcr_session { struct swcr_session {
struct mtx swcr_lock; int (*swcr_process)(const struct swcr_session *, struct cryptop *);
int (*swcr_process)(struct swcr_session *, struct cryptop *);
struct swcr_auth swcr_auth; struct swcr_auth swcr_auth;
struct swcr_encdec swcr_encdec; struct swcr_encdec swcr_encdec;
@ -92,7 +88,7 @@ static void swcr_freesession(device_t dev, crypto_session_t cses);
/* Used for CRYPTO_NULL_CBC. */ /* Used for CRYPTO_NULL_CBC. */
static int static int
swcr_null(struct swcr_session *ses, struct cryptop *crp) swcr_null(const struct swcr_session *ses, struct cryptop *crp)
{ {
return (0); return (0);
@ -102,7 +98,7 @@ swcr_null(struct swcr_session *ses, struct cryptop *crp)
* Apply a symmetric encryption/decryption algorithm. * Apply a symmetric encryption/decryption algorithm.
*/ */
static int static int
swcr_encdec(struct swcr_session *ses, struct cryptop *crp) swcr_encdec(const struct swcr_session *ses, struct cryptop *crp)
{ {
unsigned char iv[EALG_MAX_BLOCK_LEN], blk[EALG_MAX_BLOCK_LEN]; unsigned char iv[EALG_MAX_BLOCK_LEN], blk[EALG_MAX_BLOCK_LEN];
unsigned char *ivp, *nivp, iv2[EALG_MAX_BLOCK_LEN]; unsigned char *ivp, *nivp, iv2[EALG_MAX_BLOCK_LEN];
@ -288,7 +284,7 @@ swcr_encdec(struct swcr_session *ses, struct cryptop *crp)
* Compute or verify hash. * Compute or verify hash.
*/ */
static int static int
swcr_authcompute(struct swcr_session *ses, struct cryptop *crp) swcr_authcompute(const struct swcr_session *ses, struct cryptop *crp)
{ {
u_char aalg[HASH_MAX_LEN]; u_char aalg[HASH_MAX_LEN];
const struct crypto_session_params *csp; const struct crypto_session_params *csp;
@ -368,7 +364,7 @@ CTASSERT(INT_MAX <= (1ll<<39) - 256); /* GCM: plain text < 2^39-256 */
CTASSERT(INT_MAX <= (uint64_t)-1); /* GCM: associated data <= 2^64-1 */ CTASSERT(INT_MAX <= (uint64_t)-1); /* GCM: associated data <= 2^64-1 */
static int static int
swcr_gmac(struct swcr_session *ses, struct cryptop *crp) swcr_gmac(const struct swcr_session *ses, struct cryptop *crp)
{ {
uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))]; uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))];
u_char *blk = (u_char *)blkbuf; u_char *blk = (u_char *)blkbuf;
@ -450,7 +446,7 @@ swcr_gmac(struct swcr_session *ses, struct cryptop *crp)
} }
static int static int
swcr_gcm(struct swcr_session *ses, struct cryptop *crp) swcr_gcm(const struct swcr_session *ses, struct cryptop *crp)
{ {
uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))]; uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))];
u_char *blk = (u_char *)blkbuf; u_char *blk = (u_char *)blkbuf;
@ -675,7 +671,7 @@ build_ccm_aad_length(u_int aad_length, uint8_t *blk)
} }
static int static int
swcr_ccm_cbc_mac(struct swcr_session *ses, struct cryptop *crp) swcr_ccm_cbc_mac(const struct swcr_session *ses, struct cryptop *crp)
{ {
u_char iv[AES_BLOCK_LEN]; u_char iv[AES_BLOCK_LEN];
u_char blk[CCM_CBC_BLOCK_LEN]; u_char blk[CCM_CBC_BLOCK_LEN];
@ -737,7 +733,7 @@ swcr_ccm_cbc_mac(struct swcr_session *ses, struct cryptop *crp)
} }
static int static int
swcr_ccm(struct swcr_session *ses, struct cryptop *crp) swcr_ccm(const struct swcr_session *ses, struct cryptop *crp)
{ {
const struct crypto_session_params *csp; const struct crypto_session_params *csp;
uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))]; uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))];
@ -910,7 +906,7 @@ out:
} }
static int static int
swcr_chacha20_poly1305(struct swcr_session *ses, struct cryptop *crp) swcr_chacha20_poly1305(const struct swcr_session *ses, struct cryptop *crp)
{ {
const struct crypto_session_params *csp; const struct crypto_session_params *csp;
uint64_t blkbuf[howmany(CHACHA20_NATIVE_BLOCK_LEN, sizeof(uint64_t))]; uint64_t blkbuf[howmany(CHACHA20_NATIVE_BLOCK_LEN, sizeof(uint64_t))];
@ -1065,7 +1061,7 @@ out:
* Apply a cipher and a digest to perform EtA. * Apply a cipher and a digest to perform EtA.
*/ */
static int static int
swcr_eta(struct swcr_session *ses, struct cryptop *crp) swcr_eta(const struct swcr_session *ses, struct cryptop *crp)
{ {
int error; int error;
@ -1085,7 +1081,7 @@ swcr_eta(struct swcr_session *ses, struct cryptop *crp)
* Apply a compression/decompression algorithm * Apply a compression/decompression algorithm
*/ */
static int static int
swcr_compdec(struct swcr_session *ses, struct cryptop *crp) swcr_compdec(const struct swcr_session *ses, struct cryptop *crp)
{ {
const struct comp_algo *cxf; const struct comp_algo *cxf;
uint8_t *data, *out; uint8_t *data, *out;
@ -1455,7 +1451,6 @@ swcr_newsession(device_t dev, crypto_session_t cses,
int error; int error;
ses = crypto_get_driver_session(cses); ses = crypto_get_driver_session(cses);
mtx_init(&ses->swcr_lock, "swcr session lock", NULL, MTX_DEF);
error = 0; error = 0;
switch (csp->csp_mode) { switch (csp->csp_mode) {
@ -1559,8 +1554,6 @@ swcr_freesession(device_t dev, crypto_session_t cses)
ses = crypto_get_driver_session(cses); ses = crypto_get_driver_session(cses);
mtx_destroy(&ses->swcr_lock);
zfree(ses->swcr_encdec.sw_ctx, M_CRYPTO_DATA); zfree(ses->swcr_encdec.sw_ctx, M_CRYPTO_DATA);
zfree(ses->swcr_auth.sw_ictx, M_CRYPTO_DATA); zfree(ses->swcr_auth.sw_ictx, M_CRYPTO_DATA);
zfree(ses->swcr_auth.sw_octx, M_CRYPTO_DATA); zfree(ses->swcr_auth.sw_octx, M_CRYPTO_DATA);
@ -1575,11 +1568,9 @@ swcr_process(device_t dev, struct cryptop *crp, int hint)
struct swcr_session *ses; struct swcr_session *ses;
ses = crypto_get_driver_session(crp->crp_session); ses = crypto_get_driver_session(crp->crp_session);
mtx_lock(&ses->swcr_lock);
crp->crp_etype = ses->swcr_process(ses, crp); crp->crp_etype = ses->swcr_process(ses, crp);
mtx_unlock(&ses->swcr_lock);
crypto_done(crp); crypto_done(crp);
return (0); return (0);
} }