FreeBSD: disable the use of hardware crypto offload drivers for now

First, the crypto request completion handler contains a bug in that it fails to reset fs_done correctly after the request is completed. This is only a problem for asynchronous drivers. Second, some hardware drivers have input constraints which ZFS does not satisfy. For instance, ccp(4) apparently requires the AAD length for AES-GCM to be a multiple of the cipher block size, and with qat(4) the AES-GCM AAD length may not be longer than 240 bytes. FreeBSD's generic crypto framework doesn't have a mechanism to automatically fall back to a software implementation if a hardware driver cannot process a request, and ZFS does not tolerate such errors. The plan is to implement such a fallback mechanism, but with FreeBSD 13.0 approaching we should simply disable the use hardware drivers for now. Signed-off-by: Mark Johnston <markj@FreeBSD.org>
openzfs · Feb 17, 2021 · ba4b0fa · ba4b0fa
1 parent 35ec517
commit ba4b0fa
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/module/os/freebsd/zfs/crypto_os.c b/module/os/freebsd/zfs/crypto_os.c
@@ -293,8 +293,7 @@ freebsd_crypt_newsession(freebsd_crypt_session_t *sessp,
 		error = ENOTSUP;
 		goto bad;
 	}
-	error = crypto_newsession(&sessp->fs_sid, &csp,
-	    CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE);
+	error = crypto_newsession(&sessp->fs_sid, &csp, CRYPTOCAP_F_SOFTWARE);
 	mtx_init(&sessp->fs_lock, "FreeBSD Cryptographic Session Lock",
 	    NULL, MTX_DEF);
 	crypt_sessions++;
@@ -455,8 +454,7 @@ freebsd_crypt_newsession(freebsd_crypt_session_t *sessp,
 	crip = &cria;
 	// Everything else is bzero'd
 
-	error = crypto_newsession(&sid, crip,
-	    CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE);
+	error = crypto_newsession(&sid, crip, CRYPTOCAP_F_SOFTWARE);
 	if (error != 0) {
 		printf("%s(%d):  crypto_newsession failed with %d\n",
 		    __FUNCTION__, __LINE__, error);