From 38dc0eac57f3c63ddab63a65cd16be49a4ba4f99 Mon Sep 17 00:00:00 2001 From: Kristof Provost Date: Mon, 11 May 2020 21:42:19 +0000 Subject: [PATCH] opencrypto: Add missing ioctl exit SDTs The opencrypto ioctl code has very useful probe points at the various exit points. These allow us to figure out exactly why a request failed. However, a few paths did not have these probe points. Add them here. Reviewed by: jhb --- sys/opencrypto/cryptodev.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c index 65b26ac2694d..653c951e2da1 100644 --- a/sys/opencrypto/cryptodev.c +++ b/sys/opencrypto/cryptodev.c @@ -465,6 +465,8 @@ cryptof_ioctl( /* Should always be paired with GCM. */ if (sop->cipher != CRYPTO_AES_NIST_GCM_16) { CRYPTDEB("GMAC without GCM"); + SDT_PROBE1(opencrypto, dev, ioctl, error, + __LINE__); return (EINVAL); } break; @@ -539,8 +541,10 @@ cryptof_ioctl( return (EINVAL); } - if (txform == NULL && thash == NULL) + if (txform == NULL && thash == NULL) { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); return (EINVAL); + } memset(&csp, 0, sizeof(csp)); @@ -550,13 +554,18 @@ cryptof_ioctl( case CRYPTO_AES_128_NIST_GMAC: case CRYPTO_AES_192_NIST_GMAC: case CRYPTO_AES_256_NIST_GMAC: - if (sop->keylen != sop->mackeylen) + if (sop->keylen != sop->mackeylen) { + SDT_PROBE1(opencrypto, dev, ioctl, + error, __LINE__); return (EINVAL); + } break; #endif case 0: break; default: + SDT_PROBE1(opencrypto, dev, ioctl, error, + __LINE__); return (EINVAL); } csp.csp_mode = CSP_MODE_AEAD; @@ -564,14 +573,19 @@ cryptof_ioctl( switch (sop->mac) { #ifdef COMPAT_FREEBSD12 case CRYPTO_AES_CCM_CBC_MAC: - if (sop->keylen != sop->mackeylen) + if (sop->keylen != sop->mackeylen) { + SDT_PROBE1(opencrypto, dev, ioctl, + error, __LINE__); return (EINVAL); + } thash = NULL; break; #endif case 0: break; default: + SDT_PROBE1(opencrypto, dev, ioctl, error, + __LINE__); return (EINVAL); } csp.csp_mode = CSP_MODE_AEAD;