From 7a02b0b9481b05a26006273e67c97435f4f76d28 Mon Sep 17 00:00:00 2001 From: bluhm Date: Wed, 30 Jun 2021 12:21:02 +0000 Subject: [PATCH] Remove unused variable cryptodesc_pool. Document global variables in crypto.c and annotate locking protection. Assert kernel lock where needed. Remove dead code from crypto_get_driverid(). Move crypto_init() prototype into header file. OK mpi@ --- sys/crypto/crypto.c | 85 ++++++++++++++++++++++++------------------ sys/crypto/cryptodev.h | 3 +- sys/kern/init_main.c | 3 +- 3 files changed, 52 insertions(+), 39 deletions(-) diff --git a/sys/crypto/crypto.c b/sys/crypto/crypto.c index f258db074c6..e6bac747ee5 100644 --- a/sys/crypto/crypto.c +++ b/sys/crypto/crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.c,v 1.82 2020/03/30 17:48:39 krw Exp $ */ +/* $OpenBSD: crypto.c,v 1.83 2021/06/30 12:21:02 bluhm Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) * @@ -27,16 +27,23 @@ #include -void crypto_init(void); +/* + * Locks used to protect struct members in this file: + * A allocated during driver attach, no hotplug, no detach + * I immutable after creation + * K kernel lock + */ -struct cryptocap *crypto_drivers = NULL; -int crypto_drivers_num = 0; +struct cryptocap *crypto_drivers; /* [A] array allocated by driver + [K] driver data and session count */ +int crypto_drivers_num = 0; /* [A] attached drivers array size */ -struct pool cryptop_pool; -struct pool cryptodesc_pool; +struct pool cryptop_pool; /* [I] set of crypto descriptors */ -struct taskq *crypto_taskq; -struct taskq *crypto_taskq_mpsafe; +struct taskq *crypto_taskq; /* [I] run crypto_invoke() and callback + with kernel lock */ +struct taskq *crypto_taskq_mpsafe; /* [I] run crypto_invoke() + without kernel lock */ /* * Create a new session. @@ -52,6 +59,8 @@ crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard) if (crypto_drivers == NULL) return EINVAL; + KERNEL_ASSERT_LOCKED(); + s = splvm(); /* @@ -186,6 +195,8 @@ crypto_freesession(u_int64_t sid) if (hid >= crypto_drivers_num) return ENOENT; + KERNEL_ASSERT_LOCKED(); + s = splvm(); if (crypto_drivers[hid].cc_sessions) @@ -215,6 +226,9 @@ crypto_get_driverid(u_int8_t flags) { struct cryptocap *newdrv; int i, s; + + /* called from attach routines */ + KERNEL_ASSERT_LOCKED(); s = splvm(); @@ -241,39 +255,33 @@ crypto_get_driverid(u_int8_t flags) } /* Out of entries, allocate some more. */ - if (i == crypto_drivers_num) { - if (crypto_drivers_num >= CRYPTO_DRIVERS_MAX) { - splx(s); - return -1; - } - - newdrv = mallocarray(crypto_drivers_num, - 2 * sizeof(struct cryptocap), M_CRYPTO_DATA, M_NOWAIT); - if (newdrv == NULL) { - splx(s); - return -1; - } + if (crypto_drivers_num >= CRYPTO_DRIVERS_MAX) { + splx(s); + return -1; + } - memcpy(newdrv, crypto_drivers, - crypto_drivers_num * sizeof(struct cryptocap)); - bzero(&newdrv[crypto_drivers_num], - crypto_drivers_num * sizeof(struct cryptocap)); + newdrv = mallocarray(crypto_drivers_num, + 2 * sizeof(struct cryptocap), M_CRYPTO_DATA, M_NOWAIT); + if (newdrv == NULL) { + splx(s); + return -1; + } - newdrv[i].cc_sessions = 1; /* Mark */ - newdrv[i].cc_flags = flags; + memcpy(newdrv, crypto_drivers, + crypto_drivers_num * sizeof(struct cryptocap)); + bzero(&newdrv[crypto_drivers_num], + crypto_drivers_num * sizeof(struct cryptocap)); - free(crypto_drivers, M_CRYPTO_DATA, - crypto_drivers_num * sizeof(struct cryptocap)); + newdrv[i].cc_sessions = 1; /* Mark */ + newdrv[i].cc_flags = flags; - crypto_drivers_num *= 2; - crypto_drivers = newdrv; - splx(s); - return i; - } + free(crypto_drivers, M_CRYPTO_DATA, + crypto_drivers_num * sizeof(struct cryptocap)); - /* Shouldn't really get here... */ + crypto_drivers_num *= 2; + crypto_drivers = newdrv; splx(s); - return -1; + return i; } /* @@ -287,11 +295,13 @@ crypto_register(u_int32_t driverid, int *alg, { int s, i; - if (driverid >= crypto_drivers_num || alg == NULL || crypto_drivers == NULL) return EINVAL; + /* called from attach routines */ + KERNEL_ASSERT_LOCKED(); + s = splvm(); for (i = 0; i <= CRYPTO_ALGORITHM_MAX; i++) { @@ -327,6 +337,9 @@ crypto_unregister(u_int32_t driverid, int alg) int i = CRYPTO_ALGORITHM_MAX + 1, s; u_int32_t ses; + /* may be called from detach routines, but not used */ + KERNEL_ASSERT_LOCKED(); + s = splvm(); /* Sanity checks. */ diff --git a/sys/crypto/cryptodev.h b/sys/crypto/cryptodev.h index 26ab363f245..23e365becd5 100644 --- a/sys/crypto/cryptodev.h +++ b/sys/crypto/cryptodev.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptodev.h,v 1.71 2017/08/10 18:57:20 tedu Exp $ */ +/* $OpenBSD: cryptodev.h,v 1.72 2021/06/30 12:21:02 bluhm Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) @@ -216,6 +216,7 @@ struct cryptocap { int (*cc_freesession) (u_int64_t); }; +void crypto_init(void); int crypto_newsession(u_int64_t *, struct cryptoini *, int); int crypto_freesession(u_int64_t); diff --git a/sys/kern/init_main.c b/sys/kern/init_main.c index 89d6b9dc577..9d975b0de25 100644 --- a/sys/kern/init_main.c +++ b/sys/kern/init_main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: init_main.c,v 1.307 2021/06/02 13:56:28 visa Exp $ */ +/* $OpenBSD: init_main.c,v 1.308 2021/06/30 12:21:02 bluhm Exp $ */ /* $NetBSD: init_main.c,v 1.84.4.1 1996/06/02 09:08:06 mrg Exp $ */ /* @@ -145,7 +145,6 @@ long __guard_local __attribute__((section(".openbsd.randomdata"))); int main(void *); void check_console(struct proc *); void start_init(void *); -void crypto_init(void); void db_ctf_init(void); void prof_init(void); void init_exec(void); -- 2.20.1