module: icp: guarantee the ops vector is persistent

Reviewed-by: Brian Behlendorf <[email protected]>
Signed-off-by: Ahelenia Ziemiańska <[email protected]>
Closes #12901

2 files changed, 4 insertions, 80 deletions

diff --git a/module/icp/core/kcf_prov_tabs.c b/module/icp/core/kcf_prov_tabs.c
index 79ddbec66..d58786788 100644
--- a/module/icp/core/kcf_prov_tabs.c
+++ b/module/icp/core/kcf_prov_tabs.c
@@ -193,26 +193,6 @@ kcf_prov_tab_lookup(crypto_provider_id_t prov_id)
 	return (prov_desc);
 }
 
-static void
-allocate_ops(const crypto_ops_t *src, crypto_ops_t *dst)
-{
-	if (src->co_digest_ops != NULL)
-		dst->co_digest_ops = kmem_alloc(sizeof (crypto_digest_ops_t),
-		    KM_SLEEP);
-
-	if (src->co_cipher_ops != NULL)
-		dst->co_cipher_ops = kmem_alloc(sizeof (crypto_cipher_ops_t),
-		    KM_SLEEP);
-
-	if (src->co_mac_ops != NULL)
-		dst->co_mac_ops = kmem_alloc(sizeof (crypto_mac_ops_t),
-		    KM_SLEEP);
-
-	if (src->co_ctx_ops != NULL)
-		dst->co_ctx_ops = kmem_alloc(sizeof (crypto_ctx_ops_t),
-		    KM_SLEEP);
-}
-
 /*
  * Allocate a provider descriptor. mech_list_count specifies the
  * number of mechanisms supported by the providers, and is used
@@ -223,10 +203,8 @@ allocate_ops(const crypto_ops_t *src, crypto_ops_t *dst)
 kcf_provider_desc_t *
 kcf_alloc_provider_desc(const crypto_provider_info_t *info)
 {
-	kcf_provider_desc_t *desc;
-	const crypto_ops_t *src_ops = info->pi_ops_vector;
-
-	desc = kmem_zalloc(sizeof (kcf_provider_desc_t), KM_SLEEP);
+	kcf_provider_desc_t *desc =
+	    kmem_zalloc(sizeof (kcf_provider_desc_t), KM_SLEEP);
 
 	/*
 	 * pd_description serves two purposes
@@ -246,17 +224,6 @@ kcf_alloc_provider_desc(const crypto_provider_info_t *info)
 	    CRYPTO_PROVIDER_DESCR_MAX_LEN);
 	desc->pd_description[CRYPTO_PROVIDER_DESCR_MAX_LEN] = '\0';
 
-	/*
-	 * Since the framework does not require the ops vector specified
-	 * by the providers during registration to be persistent,
-	 * KCF needs to allocate storage where copies of the ops
-	 * vectors are copied.
-	 */
-	crypto_ops_t *opvec = kmem_zalloc(sizeof (crypto_ops_t), KM_SLEEP);
-	if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER)
-		allocate_ops(src_ops, opvec);
-	desc->pd_ops_vector = opvec;
-
 	desc->pd_mech_list_count = info->pi_mech_list_count;
 	desc->pd_mechanisms = kmem_zalloc(sizeof (crypto_mech_info_t) *
 	    info->pi_mech_list_count, KM_SLEEP);
@@ -327,26 +294,6 @@ kcf_free_provider_desc(kcf_provider_desc_t *desc)
 		kmem_free(desc->pd_description,
 		    CRYPTO_PROVIDER_DESCR_MAX_LEN + 1);
 
-	if (desc->pd_ops_vector != NULL) {
-		if (desc->pd_ops_vector->co_digest_ops != NULL)
-			kmem_free(desc->pd_ops_vector->co_digest_ops,
-			    sizeof (crypto_digest_ops_t));
-
-		if (desc->pd_ops_vector->co_cipher_ops != NULL)
-			kmem_free(desc->pd_ops_vector->co_cipher_ops,
-			    sizeof (crypto_cipher_ops_t));
-
-		if (desc->pd_ops_vector->co_mac_ops != NULL)
-			kmem_free(desc->pd_ops_vector->co_mac_ops,
-			    sizeof (crypto_mac_ops_t));
-
-		if (desc->pd_ops_vector->co_ctx_ops != NULL)
-			kmem_free(desc->pd_ops_vector->co_ctx_ops,
-			    sizeof (crypto_ctx_ops_t));
-
-		kmem_free(desc->pd_ops_vector, sizeof (crypto_ops_t));
-	}
-
 	if (desc->pd_mechanisms != NULL)
 		/* free the memory associated with the mechanism info's */
 		kmem_free(desc->pd_mechanisms, sizeof (crypto_mech_info_t) *
diff --git a/module/icp/spi/kcf_spi.c b/module/icp/spi/kcf_spi.c
index bf772ec33..284b56b85 100644
--- a/module/icp/spi/kcf_spi.c
+++ b/module/icp/spi/kcf_spi.c
@@ -58,26 +58,6 @@ static const kcf_prov_stats_t kcf_stats_ks_data_template = {
 	{ "kcf_ops_returned_busy",	KSTAT_DATA_UINT64 }
 };
 
-#define	KCF_SPI_COPY_OPS(src, dst, ops) if ((src)->ops != NULL) \
-	memcpy((void *) (dst)->ops, (src)->ops, sizeof (*(src)->ops));
-
-/*
- * Copy an ops vector from src to dst. Used during provider registration
- * to copy the ops vector from the provider info structure to the
- * provider descriptor maintained by KCF.
- * Copying the ops vector specified by the provider is needed since the
- * framework does not require the provider info structure to be
- * persistent.
- */
-static void
-copy_ops_vector(const crypto_ops_t *src_ops, crypto_ops_t *dst_ops)
-{
-	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_digest_ops);
-	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_cipher_ops);
-	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_mac_ops);
-	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_ctx_ops);
-}
-
 /*
  * This routine is used to add cryptographic providers to the KEF framework.
  * Providers pass a crypto_provider_info structure to crypto_register_provider()
@@ -130,12 +110,9 @@ crypto_register_provider(const crypto_provider_info_t *info,
 		    (size_t)CRYPTO_PROVIDER_DESCR_MAX_LEN));
 	}
 
+	/* Change from Illumos: the ops vector is persistent. */
 	if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER) {
-		if (info->pi_ops_vector == NULL) {
-			goto bail;
-		}
-		crypto_ops_t *pvec = (crypto_ops_t *)prov_desc->pd_ops_vector;
-		copy_ops_vector(info->pi_ops_vector, pvec);
+		prov_desc->pd_ops_vector = info->pi_ops_vector;
 		prov_desc->pd_flags = info->pi_flags;
 	}