module: icp: rip out insane crypto_req_handle_t mechanism, inline KM_…

…SLEEP

include/sys/crypto/api.h

@@ -36,8 +36,6 @@ extern "C" {
 typedef void *crypto_context_t;
 typedef void *crypto_ctx_template_t;
 
-typedef struct {} crypto_call_req_t;
-
 /*
  * Returns the mechanism type corresponding to a mechanism name.
  */
@@ -48,29 +46,26 @@ extern crypto_mech_type_t crypto_mech2id(const char *name);
  * Create and destroy context templates.
  */
 extern int crypto_create_ctx_template(crypto_mechanism_t *mech,
-    crypto_key_t *key, crypto_ctx_template_t *tmpl, int kmflag);
+    crypto_key_t *key, crypto_ctx_template_t *tmpl);
 extern void crypto_destroy_ctx_template(crypto_ctx_template_t tmpl);
 
 /*
  * Single and multi-part MAC operations.
  */
 extern int crypto_mac(crypto_mechanism_t *mech, crypto_data_t *data,
-    crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac,
-    crypto_call_req_t *cr);
+    crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac);
 extern int crypto_mac_init(crypto_mechanism_t *mech, crypto_key_t *key,
-    crypto_ctx_template_t tmpl, crypto_context_t *ctxp, crypto_call_req_t *cr);
+    crypto_ctx_template_t tmpl, crypto_context_t *ctxp);
 extern int crypto_mac_update(crypto_context_t ctx, crypto_data_t *data);
 extern int crypto_mac_final(crypto_context_t ctx, crypto_data_t *data);
 
 /*
  * Single-part encryption/decryption operations.
  */
 extern int crypto_encrypt(crypto_mechanism_t *mech, crypto_data_t *plaintext,
-    crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *ciphertext,
-    crypto_call_req_t *cr);
+    crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *ciphertext);
 extern int crypto_decrypt(crypto_mechanism_t *mech, crypto_data_t *ciphertext,
-    crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *plaintext,
-    crypto_call_req_t *cr);
+    crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *plaintext);
 
 #ifdef	__cplusplus
 }

module/icp/algs/modes/gcm.c

@@ -342,7 +342,7 @@ gcm_mode_decrypt_contiguous_blocks(gcm_ctx_t *ctx, char *data, size_t length,
 	 */
 	if (length > 0) {
 		new_len = ctx->gcm_pt_buf_len + length;
-		new = vmem_alloc(new_len, ctx->gcm_kmflag);
+		new = vmem_alloc(new_len, KM_SLEEP);
 		if (new == NULL) {
 			vmem_free(ctx->gcm_pt_buf, ctx->gcm_pt_buf_len);
 			ctx->gcm_pt_buf = NULL;
@@ -641,7 +641,7 @@ gcm_init_ctx(gcm_ctx_t *gcm_ctx, char *param, size_t block_size,
 		}
 		gcm_ctx->gcm_htab_len = htab_len;
 		gcm_ctx->gcm_Htable =
-		    (uint64_t *)kmem_alloc(htab_len, gcm_ctx->gcm_kmflag);
+		    (uint64_t *)kmem_alloc(htab_len, KM_SLEEP);
 
 		if (gcm_ctx->gcm_Htable == NULL) {
 			return (CRYPTO_HOST_MEMORY);
@@ -716,7 +716,7 @@ gmac_init_ctx(gcm_ctx_t *gcm_ctx, char *param, size_t block_size,
 		}
 		gcm_ctx->gcm_htab_len = htab_len;
 		gcm_ctx->gcm_Htable =
-		    (uint64_t *)kmem_alloc(htab_len, gcm_ctx->gcm_kmflag);
+		    (uint64_t *)kmem_alloc(htab_len, KM_SLEEP);
 
 		if (gcm_ctx->gcm_Htable == NULL) {
 			return (CRYPTO_HOST_MEMORY);
@@ -767,12 +767,6 @@ gmac_alloc_ctx(int kmflag)
 	return (gcm_ctx);
 }
 
-void
-gcm_set_kmflag(gcm_ctx_t *ctx, int kmflag)
-{
-	ctx->gcm_kmflag = kmflag;
-}
-
 /* GCM implementation that contains the fastest methods */
 static gcm_impl_ops_t gcm_fastest_impl = {
 	.name = "fastest"
@@ -1199,7 +1193,7 @@ gcm_mode_encrypt_contiguous_blocks_avx(gcm_ctx_t *ctx, char *data,
 
 	/* Allocate a buffer to encrypt to if there is enough input. */
 	if (bleft >= GCM_AVX_MIN_ENCRYPT_BYTES) {
-		ct_buf = vmem_alloc(chunk_size, ctx->gcm_kmflag);
+		ct_buf = vmem_alloc(chunk_size, KM_SLEEP);
 		if (ct_buf == NULL) {
 			return (CRYPTO_HOST_MEMORY);
 		}

module/icp/api/kcf_ctxops.c

@@ -48,7 +48,6 @@
  *	ptmpl:	a storage for the opaque crypto_ctx_template_t, allocated and
  *		initialized by the software provider this routine is
  *		dispatched to.
- *	kmflag:	KM_SLEEP/KM_NOSLEEP mem. alloc. flag.
  *
  * Description:
  *	Redirects the call to the software provider of the specified
@@ -69,7 +68,7 @@
  */
 int
 crypto_create_ctx_template(crypto_mechanism_t *mech, crypto_key_t *key,
-    crypto_ctx_template_t *ptmpl, int kmflag)
+    crypto_ctx_template_t *ptmpl)
 {
 	int error;
 	kcf_mech_entry_t *me;
@@ -90,7 +89,7 @@ crypto_create_ctx_template(crypto_mechanism_t *mech, crypto_key_t *key,
 		return (error);
 
 	if ((ctx_tmpl = (kcf_ctx_template_t *)kmem_alloc(
-	    sizeof (kcf_ctx_template_t), kmflag)) == NULL) {
+	    sizeof (kcf_ctx_template_t), KM_SLEEP)) == NULL) {
 		KCF_PROV_REFRELE(pd);
 		return (CRYPTO_HOST_MEMORY);
 	}
@@ -101,7 +100,7 @@ crypto_create_ctx_template(crypto_mechanism_t *mech, crypto_key_t *key,
 	prov_mech.cm_param_len = mech->cm_param_len;
 
 	error = KCF_PROV_CREATE_CTX_TEMPLATE(pd, &prov_mech, key,
-	    &(ctx_tmpl->ct_prov_tmpl), &(ctx_tmpl->ct_size), KCF_RHNDL(kmflag));
+	    &(ctx_tmpl->ct_prov_tmpl), &(ctx_tmpl->ct_size));
 
 	if (error == CRYPTO_SUCCESS) {
 		*ptmpl = ctx_tmpl;

module/icp/api/kcf_mac.c

@@ -86,8 +86,7 @@
  */
 int
 crypto_mac(crypto_mechanism_t *mech, crypto_data_t *data,
-    crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac,
-    crypto_call_req_t *crq)
+    crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac)
 {
 	int error;
 	kcf_mech_entry_t *me;
@@ -111,12 +110,12 @@ crypto_mac(crypto_mechanism_t *mech, crypto_data_t *data,
 	crypto_mechanism_t lmech = *mech;
 	KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech);
 	error = KCF_PROV_MAC_ATOMIC(pd, pd->pd_sid, &lmech, key, data,
-	    mac, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq));
+	    mac, spi_ctx_tmpl);
 	KCF_PROV_INCRSTATS(pd, error);
 
 	if (error != CRYPTO_SUCCESS && IS_RECOVERABLE(error)) {
 		/* Add pd to the linked list of providers tried. */
-		if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL)
+		if (kcf_insert_triedlist(&list, pd, KM_SLEEP) != NULL)
 			goto retry;
 	}
 
@@ -165,7 +164,7 @@ crypto_mac(crypto_mechanism_t *mech, crypto_data_t *data,
 static int
 crypto_mac_init_prov(kcf_provider_desc_t *pd,
     crypto_mechanism_t *mech, crypto_key_t *key, crypto_spi_ctx_template_t tmpl,
-    crypto_context_t *ctxp, crypto_call_req_t *crq)
+    crypto_context_t *ctxp)
 {
 	int rv;
 	crypto_ctx_t *ctx;
@@ -174,13 +173,12 @@ crypto_mac_init_prov(kcf_provider_desc_t *pd,
 	ASSERT(KCF_PROV_REFHELD(pd));
 
 	/* Allocate and initialize the canonical context */
-	if ((ctx = kcf_new_ctx(crq, real_provider)) == NULL)
+	if ((ctx = kcf_new_ctx(real_provider)) == NULL)
 		return (CRYPTO_HOST_MEMORY);
 
 	crypto_mechanism_t lmech = *mech;
 	KCF_SET_PROVIDER_MECHNUM(mech->cm_type, real_provider, &lmech);
-	rv = KCF_PROV_MAC_INIT(real_provider, ctx, &lmech, key, tmpl,
-	    KCF_SWFP_RHNDL(crq));
+	rv = KCF_PROV_MAC_INIT(real_provider, ctx, &lmech, key, tmpl);
 	KCF_PROV_INCRSTATS(pd, rv);
 
 	if (rv == CRYPTO_SUCCESS)
@@ -200,8 +198,7 @@ crypto_mac_init_prov(kcf_provider_desc_t *pd,
  */
 int
 crypto_mac_init(crypto_mechanism_t *mech, crypto_key_t *key,
-    crypto_ctx_template_t tmpl, crypto_context_t *ctxp,
-    crypto_call_req_t  *crq)
+    crypto_ctx_template_t tmpl, crypto_context_t *ctxp)
 {
 	int error;
 	kcf_mech_entry_t *me;
@@ -230,10 +227,10 @@ crypto_mac_init(crypto_mechanism_t *mech, crypto_key_t *key,
 		spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl;
 
 	error = crypto_mac_init_prov(pd, mech, key,
-	    spi_ctx_tmpl, ctxp, crq);
+	    spi_ctx_tmpl, ctxp);
 	if (error != CRYPTO_SUCCESS && IS_RECOVERABLE(error)) {
 		/* Add pd to the linked list of providers tried. */
-		if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL)
+		if (kcf_insert_triedlist(&list, pd, KM_SLEEP) != NULL)
 			goto retry;
 	}
 
@@ -273,7 +270,7 @@ crypto_mac_update(crypto_context_t context, crypto_data_t *data)
 		return (CRYPTO_INVALID_CONTEXT);
 	}
 
-	int rv = KCF_PROV_MAC_UPDATE(pd, ctx, data, NULL);
+	int rv = KCF_PROV_MAC_UPDATE(pd, ctx, data);
 	KCF_PROV_INCRSTATS(pd, rv);
 	return (rv);
 }
@@ -307,7 +304,7 @@ crypto_mac_final(crypto_context_t context, crypto_data_t *mac)
 		return (CRYPTO_INVALID_CONTEXT);
 	}
 
-	int rv = KCF_PROV_MAC_FINAL(pd, ctx, mac, NULL);
+	int rv = KCF_PROV_MAC_FINAL(pd, ctx, mac);
 	KCF_PROV_INCRSTATS(pd, rv);
 
 	/* Release the hold done in kcf_new_ctx() during init step. */

module/icp/core/kcf_sched.c

@@ -37,19 +37,17 @@
 
 /* kmem caches used by the scheduler */
 static kmem_cache_t *kcf_context_cache;
-ulong_t kcf_swprov_hndl = 0;
 
 /*
  * Create a new context.
  */
 crypto_ctx_t *
-kcf_new_ctx(crypto_call_req_t *crq, kcf_provider_desc_t *pd)
+kcf_new_ctx(kcf_provider_desc_t *pd)
 {
 	crypto_ctx_t *ctx;
 	kcf_context_t *kcf_ctx;
 
-	kcf_ctx = kmem_cache_alloc(kcf_context_cache,
-	    (crq == NULL) ? KM_SLEEP : KM_NOSLEEP);
+	kcf_ctx = kmem_cache_alloc(kcf_context_cache, KM_SLEEP);
 	if (kcf_ctx == NULL)
 		return (NULL);
 

module/icp/include/modes/modes.h

@@ -207,10 +207,6 @@ typedef struct ccm_ctx {
  *
  * gcm_len_a_len_c:	64-bit representations of the bit lengths of
  *			AAD and ciphertext.
- *
- * gcm_kmflag:		Current value of kmflag. Used for allocating
- *			the plaintext buffer during decryption and a
- *			gcm_avx_chunk_size'd buffer for avx enabled encryption.
  */
 typedef struct gcm_ctx {
 	struct common_ctx gcm_common;
@@ -231,7 +227,6 @@ typedef struct gcm_ctx {
 	uint64_t gcm_J0[2];
 	uint64_t gcm_len_a_len_c[2];
 	uint8_t *gcm_pt_buf;
-	int gcm_kmflag;
 #ifdef CAN_USE_GCM_ASM
 	boolean_t gcm_use_avx;
 #endif
@@ -402,7 +397,6 @@ extern void *ccm_alloc_ctx(int);
 extern void *gcm_alloc_ctx(int);
 extern void *gmac_alloc_ctx(int);
 extern void crypto_free_mode_ctx(void *);
-extern void gcm_set_kmflag(gcm_ctx_t *, int);
 
 #ifdef	__cplusplus
 }

module/icp/include/sys/crypto/impl.h

@@ -75,7 +75,7 @@ typedef struct kcf_sched_info {
  * provider. Though we increment this counter during registration for
  * other purposes, that base value is mostly same across all providers.
  * So, it is a good measure of the load on a provider when it is not
- * in a busy state. Once a provider notifies it is busy, requests
+ * in a busy state. Once a provider notifies it is busyuests
  * backup in the taskq. So, we use tq_nalloc in that case which gives
  * the number of task entries in the task queue. Note that we do not
  * acquire any locks here as it is not critical to get the exact number
@@ -444,76 +444,73 @@ typedef struct crypto_minor {
  * Wrappers for crypto_digest_ops(9S) entry points.
  */
 
-#define	KCF_PROV_DIGEST_INIT(pd, ctx, mech, req) ( \
+#define	KCF_PROV_DIGEST_INIT(pd, ctx, mech) ( \
 	(KCF_PROV_DIGEST_OPS(pd) && KCF_PROV_DIGEST_OPS(pd)->digest_init) ? \
-	KCF_PROV_DIGEST_OPS(pd)->digest_init(ctx, mech, req) : \
+	KCF_PROV_DIGEST_OPS(pd)->digest_init(ctx, mech) : \
 	CRYPTO_NOT_SUPPORTED)
 
 /*
  * Wrappers for crypto_cipher_ops(9S) entry points.
  */
 
-#define	KCF_PROV_ENCRYPT_INIT(pd, ctx, mech, key, template, req) ( \
+#define	KCF_PROV_ENCRYPT_INIT(pd, ctx, mech, key, template) ( \
 	(KCF_PROV_CIPHER_OPS(pd) && KCF_PROV_CIPHER_OPS(pd)->encrypt_init) ? \
-	KCF_PROV_CIPHER_OPS(pd)->encrypt_init(ctx, mech, key, template, \
-	    req) : \
+	KCF_PROV_CIPHER_OPS(pd)->encrypt_init(ctx, mech, key, template) : \
 	CRYPTO_NOT_SUPPORTED)
 
 #define	KCF_PROV_ENCRYPT_ATOMIC(pd, session, mech, key, plaintext, ciphertext, \
-	    template, req) ( \
+	    template) ( \
 	(KCF_PROV_CIPHER_OPS(pd) && KCF_PROV_CIPHER_OPS(pd)->encrypt_atomic) ? \
 	KCF_PROV_CIPHER_OPS(pd)->encrypt_atomic( \
 	    (pd)->pd_prov_handle, session, mech, key, plaintext, ciphertext, \
-	    template, req) : \
+	    template) : \
 	CRYPTO_NOT_SUPPORTED)
 
 #define	KCF_PROV_DECRYPT_ATOMIC(pd, session, mech, key, ciphertext, plaintext, \
-	    template, req) ( \
+	    template) ( \
 	(KCF_PROV_CIPHER_OPS(pd) && KCF_PROV_CIPHER_OPS(pd)->decrypt_atomic) ? \
 	KCF_PROV_CIPHER_OPS(pd)->decrypt_atomic( \
 	    (pd)->pd_prov_handle, session, mech, key, ciphertext, plaintext, \
-	    template, req) : \
+	    template) : \
 	CRYPTO_NOT_SUPPORTED)
 
 /*
  * Wrappers for crypto_mac_ops(9S) entry points.
  */
 
-#define	KCF_PROV_MAC_INIT(pd, ctx, mech, key, template, req) ( \
+#define	KCF_PROV_MAC_INIT(pd, ctx, mech, key, template) ( \
 	(KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_init) ? \
-	KCF_PROV_MAC_OPS(pd)->mac_init(ctx, mech, key, template, req) \
+	KCF_PROV_MAC_OPS(pd)->mac_init(ctx, mech, key, template) \
 	: CRYPTO_NOT_SUPPORTED)
 
 /*
  * The _ (underscore) in _mac is needed to avoid replacing the
  * function mac().
  */
-#define	KCF_PROV_MAC_UPDATE(pd, ctx, data, req) ( \
+#define	KCF_PROV_MAC_UPDATE(pd, ctx, data) ( \
 	(KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_update) ? \
-	KCF_PROV_MAC_OPS(pd)->mac_update(ctx, data, req) : \
+	KCF_PROV_MAC_OPS(pd)->mac_update(ctx, data) : \
 	CRYPTO_NOT_SUPPORTED)
 
-#define	KCF_PROV_MAC_FINAL(pd, ctx, mac, req) ( \
+#define	KCF_PROV_MAC_FINAL(pd, ctx, mac) ( \
 	(KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_final) ? \
-	KCF_PROV_MAC_OPS(pd)->mac_final(ctx, mac, req) : \
+	KCF_PROV_MAC_OPS(pd)->mac_final(ctx, mac) : \
 	CRYPTO_NOT_SUPPORTED)
 
-#define	KCF_PROV_MAC_ATOMIC(pd, session, mech, key, data, mac, template, \
-	    req) ( \
+#define	KCF_PROV_MAC_ATOMIC(pd, session, mech, key, data, mac, template) ( \
 	(KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_atomic) ? \
 	KCF_PROV_MAC_OPS(pd)->mac_atomic( \
-	    (pd)->pd_prov_handle, session, mech, key, data, mac, template, \
-	    req) : \
+	    (pd)->pd_prov_handle, session, mech, key, data, mac, template) : \
 	CRYPTO_NOT_SUPPORTED)
 
 /*
  * Wrappers for crypto_ctx_ops(9S) entry points.
  */
 
-#define	KCF_PROV_CREATE_CTX_TEMPLATE(pd, mech, key, template, size, req) ( \
+#define	KCF_PROV_CREATE_CTX_TEMPLATE(pd, mech, key, template, size) ( \
 	(KCF_PROV_CTX_OPS(pd) && KCF_PROV_CTX_OPS(pd)->create_ctx_template) ? \
 	KCF_PROV_CTX_OPS(pd)->create_ctx_template( \
-	    (pd)->pd_prov_handle, mech, key, template, size, req) : \
+	    (pd)->pd_prov_handle, mech, key, template, size) : \
 	CRYPTO_NOT_SUPPORTED)
 
 #define	KCF_PROV_FREE_CONTEXT(pd, ctx) ( \