diff options
| author | наб <[email protected]> | 2021-12-24 16:26:11 +0100 |
|---|---|---|
| committer | Brian Behlendorf <[email protected]> | 2022-02-15 16:24:19 -0800 |
| commit | eb1e09b7ec5c388172fac7d505cd58af7fd9f4fa (patch) | |
| tree | 40e0cdd20aa0a618a6fd60c6e7cfd63e0c8077e7 /module | |
| parent | 65a613b70d3f151ddd3ef43c93b7f889434b7204 (diff) | |
module: icp: remove unused CRYPTO_ALWAYS_QUEUE
Reviewed-by: Brian Behlendorf <[email protected]>
Signed-off-by: Ahelenia Ziemiańska <[email protected]>
Closes #12901
Diffstat (limited to 'module')
| -rw-r--r-- | module/icp/api/kcf_cipher.c | 41 | ||||
| -rw-r--r-- | module/icp/api/kcf_mac.c | 150 | ||||
| -rw-r--r-- | module/icp/core/kcf_sched.c | 168 | ||||
| -rw-r--r-- | module/icp/include/sys/crypto/sched_impl.h | 5 | ||||
| -rw-r--r-- | module/os/linux/zfs/zio_crypt.c | 14 | ||||
| -rw-r--r-- | module/zfs/hkdf.c | 8 |
6 files changed, 40 insertions, 346 deletions
diff --git a/module/icp/api/kcf_cipher.c b/module/icp/api/kcf_cipher.c index d515fa6da..61fb2208b 100644 --- a/module/icp/api/kcf_cipher.c +++ b/module/icp/api/kcf_cipher.c @@ -75,7 +75,6 @@ crypto_encrypt(crypto_mechanism_t *mech, crypto_data_t *plaintext, { int error; kcf_mech_entry_t *me; - kcf_req_params_t params; kcf_provider_desc_t *pd; kcf_ctx_template_t *ctx_tmpl; crypto_spi_ctx_template_t spi_ctx_tmpl = NULL; @@ -93,21 +92,11 @@ retry: if (((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl; - /* The fast path for SW providers. */ - if (CHECK_FASTPATH(crq, pd)) { - crypto_mechanism_t lmech; - - lmech = *mech; - KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech); - - error = KCF_PROV_ENCRYPT_ATOMIC(pd, pd->pd_sid, &lmech, key, - plaintext, ciphertext, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq)); - KCF_PROV_INCRSTATS(pd, error); - } else { - KCF_WRAP_ENCRYPT_OPS_PARAMS(¶ms, KCF_OP_ATOMIC, pd->pd_sid, - mech, key, plaintext, ciphertext, spi_ctx_tmpl); - error = kcf_submit_request(pd, NULL, crq, ¶ms); - } + crypto_mechanism_t lmech = *mech; + KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech); + error = KCF_PROV_ENCRYPT_ATOMIC(pd, pd->pd_sid, &lmech, key, + plaintext, ciphertext, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq)); + KCF_PROV_INCRSTATS(pd, error); if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED && IS_RECOVERABLE(error)) { @@ -164,7 +153,6 @@ crypto_decrypt(crypto_mechanism_t *mech, crypto_data_t *ciphertext, { int error; kcf_mech_entry_t *me; - kcf_req_params_t params; kcf_provider_desc_t *pd; kcf_ctx_template_t *ctx_tmpl; crypto_spi_ctx_template_t spi_ctx_tmpl = NULL; @@ -182,21 +170,12 @@ retry: if (((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl; - /* The fast path for SW providers. */ - if (CHECK_FASTPATH(crq, pd)) { - crypto_mechanism_t lmech; + crypto_mechanism_t lmech = *mech; + KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech); - lmech = *mech; - KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech); - - error = KCF_PROV_DECRYPT_ATOMIC(pd, pd->pd_sid, &lmech, key, - ciphertext, plaintext, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq)); - KCF_PROV_INCRSTATS(pd, error); - } else { - KCF_WRAP_DECRYPT_OPS_PARAMS(¶ms, KCF_OP_ATOMIC, pd->pd_sid, - mech, key, ciphertext, plaintext, spi_ctx_tmpl); - error = kcf_submit_request(pd, NULL, crq, ¶ms); - } + error = KCF_PROV_DECRYPT_ATOMIC(pd, pd->pd_sid, &lmech, key, + ciphertext, plaintext, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq)); + KCF_PROV_INCRSTATS(pd, error); if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED && IS_RECOVERABLE(error)) { diff --git a/module/icp/api/kcf_mac.c b/module/icp/api/kcf_mac.c index 34f404aea..c2260b2b0 100644 --- a/module/icp/api/kcf_mac.c +++ b/module/icp/api/kcf_mac.c @@ -94,7 +94,6 @@ crypto_mac(crypto_mechanism_t *mech, crypto_data_t *data, { int error; kcf_mech_entry_t *me; - kcf_req_params_t params; kcf_provider_desc_t *pd; kcf_ctx_template_t *ctx_tmpl; crypto_spi_ctx_template_t spi_ctx_tmpl = NULL; @@ -112,85 +111,11 @@ retry: if (((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl; - /* The fast path for SW providers. */ - if (CHECK_FASTPATH(crq, pd)) { - crypto_mechanism_t lmech; - - lmech = *mech; - KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech); - - error = KCF_PROV_MAC_ATOMIC(pd, pd->pd_sid, &lmech, key, data, - mac, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq)); - KCF_PROV_INCRSTATS(pd, error); - } else { - KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_ATOMIC, - pd->pd_sid, mech, key, data, mac, spi_ctx_tmpl); - - error = kcf_submit_request(pd, NULL, crq, ¶ms); - } - - if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED && - IS_RECOVERABLE(error)) { - /* Add pd to the linked list of providers tried. */ - if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL) - goto retry; - } - - if (list != NULL) - kcf_free_triedlist(list); - - KCF_PROV_REFRELE(pd); - return (error); -} - -/* - * Single part operation to compute the MAC corresponding to the specified - * 'data' and to verify that it matches the MAC specified by 'mac'. - * The other arguments are the same as the function crypto_mac_prov(). - * Relies on the KCF scheduler to choose a provider. - */ -int -crypto_mac_verify(crypto_mechanism_t *mech, crypto_data_t *data, - crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac, - crypto_call_req_t *crq) -{ - int error; - kcf_mech_entry_t *me; - kcf_req_params_t params; - kcf_provider_desc_t *pd; - kcf_ctx_template_t *ctx_tmpl; - crypto_spi_ctx_template_t spi_ctx_tmpl = NULL; - kcf_prov_tried_t *list = NULL; - -retry: - /* The pd is returned held */ - if ((pd = kcf_get_mech_provider(mech->cm_type, &me, &error, - list, CRYPTO_FG_MAC_ATOMIC, CHECK_RESTRICT(crq))) == NULL) { - if (list != NULL) - kcf_free_triedlist(list); - return (error); - } - - if (((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) - spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl; - - /* The fast path for SW providers. */ - if (CHECK_FASTPATH(crq, pd)) { - crypto_mechanism_t lmech; - - lmech = *mech; - KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech); - - error = KCF_PROV_MAC_VERIFY_ATOMIC(pd, pd->pd_sid, &lmech, key, - data, mac, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq)); - KCF_PROV_INCRSTATS(pd, error); - } else { - KCF_WRAP_MAC_OPS_PARAMS(¶ms, - KCF_OP_MAC_VERIFY_ATOMIC, pd->pd_sid, mech, - key, data, mac, spi_ctx_tmpl); - - error = kcf_submit_request(pd, NULL, crq, ¶ms); - } + crypto_mechanism_t lmech = *mech; + KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech); + error = KCF_PROV_MAC_ATOMIC(pd, pd->pd_sid, &lmech, key, data, + mac, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq)); + KCF_PROV_INCRSTATS(pd, error); if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED && IS_RECOVERABLE(error)) { @@ -242,14 +167,13 @@ retry: * Returns: * See comment in the beginning of the file. */ -int +static int crypto_mac_init_prov(crypto_provider_t provider, crypto_session_id_t sid, crypto_mechanism_t *mech, crypto_key_t *key, crypto_spi_ctx_template_t tmpl, crypto_context_t *ctxp, crypto_call_req_t *crq) { int rv; crypto_ctx_t *ctx; - kcf_req_params_t params; kcf_provider_desc_t *pd = provider; kcf_provider_desc_t *real_provider = pd; @@ -259,20 +183,11 @@ crypto_mac_init_prov(crypto_provider_t provider, crypto_session_id_t sid, if ((ctx = kcf_new_ctx(crq, real_provider, sid)) == NULL) return (CRYPTO_HOST_MEMORY); - /* The fast path for SW providers. */ - if (CHECK_FASTPATH(crq, pd)) { - crypto_mechanism_t lmech; - - lmech = *mech; - KCF_SET_PROVIDER_MECHNUM(mech->cm_type, real_provider, &lmech); - rv = KCF_PROV_MAC_INIT(real_provider, ctx, &lmech, key, tmpl, - KCF_SWFP_RHNDL(crq)); - KCF_PROV_INCRSTATS(pd, rv); - } else { - KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_INIT, sid, mech, key, - NULL, NULL, tmpl); - rv = kcf_submit_request(real_provider, ctx, crq, ¶ms); - } + crypto_mechanism_t lmech = *mech; + KCF_SET_PROVIDER_MECHNUM(mech->cm_type, real_provider, &lmech); + rv = KCF_PROV_MAC_INIT(real_provider, ctx, &lmech, key, tmpl, + KCF_SWFP_RHNDL(crq)); + KCF_PROV_INCRSTATS(pd, rv); if ((rv == CRYPTO_SUCCESS) || (rv == CRYPTO_QUEUED)) *ctxp = (crypto_context_t)ctx; @@ -342,11 +257,9 @@ retry: * Arguments: * context: A crypto_context_t initialized by mac_init(). * data: The message part to be MAC'ed - * cr: crypto_call_req_t calling conditions and call back info. * * Description: - * Asynchronously submits a request for, or synchronously performs a - * part of a MAC operation. + * Synchronously performs a part of a MAC operation. * * Context: * Process or interrupt, according to the semantics dictated by the 'cr'. @@ -355,14 +268,11 @@ retry: * See comment in the beginning of the file. */ int -crypto_mac_update(crypto_context_t context, crypto_data_t *data, - crypto_call_req_t *cr) +crypto_mac_update(crypto_context_t context, crypto_data_t *data) { crypto_ctx_t *ctx = (crypto_ctx_t *)context; kcf_context_t *kcf_ctx; kcf_provider_desc_t *pd; - kcf_req_params_t params; - int rv; if ((ctx == NULL) || ((kcf_ctx = (kcf_context_t *)ctx->cc_framework_private) == NULL) || @@ -370,16 +280,8 @@ crypto_mac_update(crypto_context_t context, crypto_data_t *data, return (CRYPTO_INVALID_CONTEXT); } - /* The fast path for SW providers. */ - if (CHECK_FASTPATH(cr, pd)) { - rv = KCF_PROV_MAC_UPDATE(pd, ctx, data, NULL); - KCF_PROV_INCRSTATS(pd, rv); - } else { - KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_UPDATE, - ctx->cc_session, NULL, NULL, data, NULL, NULL); - rv = kcf_submit_request(pd, ctx, cr, ¶ms); - } - + int rv = KCF_PROV_MAC_UPDATE(pd, ctx, data, NULL); + KCF_PROV_INCRSTATS(pd, rv); return (rv); } @@ -389,11 +291,9 @@ crypto_mac_update(crypto_context_t context, crypto_data_t *data, * Arguments: * context: A crypto_context_t initialized by mac_init(). * mac: Storage for the message authentication code. - * cr: crypto_call_req_t calling conditions and call back info. * * Description: - * Asynchronously submits a request for, or synchronously performs a - * part of a message authentication operation. + * Synchronously performs a part of a message authentication operation. * * Context: * Process or interrupt, according to the semantics dictated by the 'cr'. @@ -402,14 +302,11 @@ crypto_mac_update(crypto_context_t context, crypto_data_t *data, * See comment in the beginning of the file. */ int -crypto_mac_final(crypto_context_t context, crypto_data_t *mac, - crypto_call_req_t *cr) +crypto_mac_final(crypto_context_t context, crypto_data_t *mac) { crypto_ctx_t *ctx = (crypto_ctx_t *)context; kcf_context_t *kcf_ctx; kcf_provider_desc_t *pd; - kcf_req_params_t params; - int rv; if ((ctx == NULL) || ((kcf_ctx = (kcf_context_t *)ctx->cc_framework_private) == NULL) || @@ -417,15 +314,8 @@ crypto_mac_final(crypto_context_t context, crypto_data_t *mac, return (CRYPTO_INVALID_CONTEXT); } - /* The fast path for SW providers. */ - if (CHECK_FASTPATH(cr, pd)) { - rv = KCF_PROV_MAC_FINAL(pd, ctx, mac, NULL); - KCF_PROV_INCRSTATS(pd, rv); - } else { - KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_FINAL, - ctx->cc_session, NULL, NULL, NULL, mac, NULL); - rv = kcf_submit_request(pd, ctx, cr, ¶ms); - } + int rv = KCF_PROV_MAC_FINAL(pd, ctx, mac, NULL); + KCF_PROV_INCRSTATS(pd, rv); /* Release the hold done in kcf_new_ctx() during init step. */ KCF_CONTEXT_COND_RELEASE(rv, kcf_ctx); @@ -434,8 +324,6 @@ crypto_mac_final(crypto_context_t context, crypto_data_t *mac, #if defined(_KERNEL) EXPORT_SYMBOL(crypto_mac); -EXPORT_SYMBOL(crypto_mac_verify); -EXPORT_SYMBOL(crypto_mac_init_prov); EXPORT_SYMBOL(crypto_mac_init); EXPORT_SYMBOL(crypto_mac_update); EXPORT_SYMBOL(crypto_mac_final); diff --git a/module/icp/core/kcf_sched.c b/module/icp/core/kcf_sched.c index b1149072f..9e66586a9 100644 --- a/module/icp/core/kcf_sched.c +++ b/module/icp/core/kcf_sched.c @@ -68,7 +68,6 @@ static int kcf_disp_sw_request(kcf_areq_node_t *); static int kcf_enqueue(kcf_areq_node_t *); static void kcfpool_alloc(void); static void kcf_reqid_delete(kcf_areq_node_t *areq); -static crypto_req_id_t kcf_reqid_insert(kcf_areq_node_t *areq); static int kcf_misc_kstat_update(kstat_t *ksp, int rw); /* @@ -108,65 +107,6 @@ kcf_new_ctx(crypto_call_req_t *crq, kcf_provider_desc_t *pd, } /* - * Allocate a new async request node. - * - * ictx - Framework private context pointer - * crq - Has callback function and argument. Should be non NULL. - * req - The parameters to pass to the SPI - */ -static kcf_areq_node_t * -kcf_areqnode_alloc(kcf_provider_desc_t *pd, kcf_context_t *ictx, - crypto_call_req_t *crq, kcf_req_params_t *req) -{ - kcf_areq_node_t *arptr, *areq; - - ASSERT(crq != NULL); - arptr = kmem_cache_alloc(kcf_areq_cache, KM_NOSLEEP); - if (arptr == NULL) - return (NULL); - - arptr->an_state = REQ_ALLOCATED; - arptr->an_reqarg = *crq; - arptr->an_params = *req; - arptr->an_context = ictx; - - arptr->an_next = arptr->an_prev = NULL; - KCF_PROV_REFHOLD(pd); - arptr->an_provider = pd; - arptr->an_tried_plist = NULL; - arptr->an_refcnt = 1; - arptr->an_idnext = arptr->an_idprev = NULL; - - /* - * Requests for context-less operations do not use the - * fields - an_is_my_turn, and an_ctxchain_next. - */ - if (ictx == NULL) - return (arptr); - - KCF_CONTEXT_REFHOLD(ictx); - /* - * Chain this request to the context. - */ - mutex_enter(&ictx->kc_in_use_lock); - arptr->an_ctxchain_next = NULL; - if ((areq = ictx->kc_req_chain_last) == NULL) { - arptr->an_is_my_turn = B_TRUE; - ictx->kc_req_chain_last = - ictx->kc_req_chain_first = arptr; - } else { - ASSERT(ictx->kc_req_chain_first != NULL); - arptr->an_is_my_turn = B_FALSE; - /* Insert the new request to the end of the chain. */ - areq->an_ctxchain_next = arptr; - ictx->kc_req_chain_last = arptr; - } - mutex_exit(&ictx->kc_in_use_lock); - - return (arptr); -} - -/* * Queue the request node and do one of the following: * - If there is an idle thread signal it to run. * - If there is no idle thread and max running threads is not @@ -363,80 +303,6 @@ kcf_resubmit_request(kcf_areq_node_t *areq) } /* - * Routine called by both ioctl and k-api. The consumer should - * bundle the parameters into a kcf_req_params_t structure. A bunch - * of macros are available in ops_impl.h for this bundling. They are: - * - * KCF_WRAP_DIGEST_OPS_PARAMS() - * KCF_WRAP_MAC_OPS_PARAMS() - * KCF_WRAP_ENCRYPT_OPS_PARAMS() - * KCF_WRAP_DECRYPT_OPS_PARAMS() ... etc. - * - * It is the caller's responsibility to free the ctx argument when - * appropriate. See the KCF_CONTEXT_COND_RELEASE macro for details. - */ -int -kcf_submit_request(kcf_provider_desc_t *pd, crypto_ctx_t *ctx, - crypto_call_req_t *crq, kcf_req_params_t *params) -{ - int error = CRYPTO_SUCCESS; - kcf_areq_node_t *areq; - kcf_context_t *kcf_ctx; - - kcf_ctx = ctx ? (kcf_context_t *)ctx->cc_framework_private : NULL; - - /* Synchronous */ - if (crq == NULL) { - error = common_submit_request(pd, ctx, params, - KCF_RHNDL(KM_SLEEP)); - } else { /* Asynchronous */ - if (!(crq->cr_flag & CRYPTO_ALWAYS_QUEUE)) { - /* - * This case has less overhead since there is - * no switching of context. - */ - error = common_submit_request(pd, ctx, params, - KCF_RHNDL(KM_NOSLEEP)); - } else { - /* - * CRYPTO_ALWAYS_QUEUE is set. We need to - * queue the request and return. - */ - areq = kcf_areqnode_alloc(pd, kcf_ctx, crq, - params); - if (areq == NULL) - error = CRYPTO_HOST_MEMORY; - else { - if (!(crq->cr_flag - & CRYPTO_SKIP_REQID)) { - /* - * Set the request handle. We have to - * do this before dispatching the - * request. - */ - crq->cr_reqid = kcf_reqid_insert(areq); - } - - error = kcf_disp_sw_request(areq); - /* - * There is an error processing this - * request. Remove the handle and - * release the request structure. - */ - if (error != CRYPTO_QUEUED) { - if (!(crq->cr_flag - & CRYPTO_SKIP_REQID)) - kcf_reqid_delete(areq); - KCF_AREQ_REFRELE(areq); - } - } - } - } - - return (error); -} - -/* * We're done with this framework context, so free it. Note that freeing * framework context (kcf_context) frees the global context (crypto_ctx). * @@ -853,40 +719,6 @@ kcfpool_alloc() } /* - * Insert the async request in the hash table after assigning it - * an ID. Returns the ID. - * - * The ID is used by the caller to pass as an argument to a - * cancel_req() routine later. - */ -static crypto_req_id_t -kcf_reqid_insert(kcf_areq_node_t *areq) -{ - int indx; - crypto_req_id_t id; - kcf_areq_node_t *headp; - kcf_reqid_table_t *rt; - - rt = kcf_reqid_table[CPU_SEQID_UNSTABLE & REQID_TABLE_MASK]; - - mutex_enter(&rt->rt_lock); - - rt->rt_curid = id = - (rt->rt_curid - REQID_COUNTER_LOW) | REQID_COUNTER_HIGH; - SET_REQID(areq, id); - indx = REQID_HASH(id); - headp = areq->an_idnext = rt->rt_idhash[indx]; - areq->an_idprev = NULL; - if (headp != NULL) - headp->an_idprev = areq; - - rt->rt_idhash[indx] = areq; - mutex_exit(&rt->rt_lock); - - return (id); -} - -/* * Delete the async request from the hash table. */ static void diff --git a/module/icp/include/sys/crypto/sched_impl.h b/module/icp/include/sys/crypto/sched_impl.h index a524a5c6f..6d70c65bf 100644 --- a/module/icp/include/sys/crypto/sched_impl.h +++ b/module/icp/include/sys/crypto/sched_impl.h @@ -59,9 +59,6 @@ typedef enum kcf_call_type { #define CHECK_RESTRICT(crq) (crq != NULL && \ ((crq)->cr_flag & CRYPTO_RESTRICTED)) -#define CHECK_FASTPATH(crq, pd) ((crq) == NULL || \ - !((crq)->cr_flag & CRYPTO_ALWAYS_QUEUE)) - #define KCF_KMFLAG(crq) (((crq) == NULL) ? KM_SLEEP : KM_NOSLEEP) /* @@ -452,8 +449,6 @@ extern kcf_provider_desc_t *kcf_get_mech_provider(crypto_mech_type_t, boolean_t); extern crypto_ctx_t *kcf_new_ctx(crypto_call_req_t *, kcf_provider_desc_t *, crypto_session_id_t); -extern int kcf_submit_request(kcf_provider_desc_t *, crypto_ctx_t *, - crypto_call_req_t *, kcf_req_params_t *); extern void kcf_sched_destroy(void); extern void kcf_sched_init(void); extern void kcf_sched_start(void); diff --git a/module/os/linux/zfs/zio_crypt.c b/module/os/linux/zfs/zio_crypt.c index f60767855..224fb84ba 100644 --- a/module/os/linux/zfs/zio_crypt.c +++ b/module/os/linux/zfs/zio_crypt.c @@ -1004,7 +1004,7 @@ zio_crypt_bp_do_hmac_updates(crypto_context_t ctx, uint64_t version, cd.cd_raw.iov_base = (char *)&bab; cd.cd_raw.iov_len = cd.cd_length; - ret = crypto_mac_update(ctx, &cd, NULL); + ret = crypto_mac_update(ctx, &cd); if (ret != CRYPTO_SUCCESS) { ret = SET_ERROR(EIO); goto error; @@ -1075,7 +1075,7 @@ zio_crypt_do_dnode_hmac_updates(crypto_context_t ctx, uint64_t version, cd.cd_raw.iov_base = (char *)adnp; cd.cd_raw.iov_len = cd.cd_length; - ret = crypto_mac_update(ctx, &cd, NULL); + ret = crypto_mac_update(ctx, &cd); if (ret != CRYPTO_SUCCESS) { ret = SET_ERROR(EIO); goto error; @@ -1160,7 +1160,7 @@ zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen, cd.cd_raw.iov_base = (char *)&intval; cd.cd_raw.iov_len = cd.cd_length; - ret = crypto_mac_update(ctx, &cd, NULL); + ret = crypto_mac_update(ctx, &cd); if (ret != CRYPTO_SUCCESS) { ret = SET_ERROR(EIO); goto error; @@ -1178,7 +1178,7 @@ zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen, cd.cd_raw.iov_base = (char *)&intval; cd.cd_raw.iov_len = cd.cd_length; - ret = crypto_mac_update(ctx, &cd, NULL); + ret = crypto_mac_update(ctx, &cd); if (ret != CRYPTO_SUCCESS) { ret = SET_ERROR(EIO); goto error; @@ -1195,7 +1195,7 @@ zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen, cd.cd_raw.iov_base = (char *)raw_portable_mac; cd.cd_raw.iov_len = cd.cd_length; - ret = crypto_mac_final(ctx, &cd, NULL); + ret = crypto_mac_final(ctx, &cd); if (ret != CRYPTO_SUCCESS) { ret = SET_ERROR(EIO); goto error; @@ -1253,7 +1253,7 @@ zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen, cd.cd_raw.iov_base = (char *)&intval; cd.cd_raw.iov_len = cd.cd_length; - ret = crypto_mac_update(ctx, &cd, NULL); + ret = crypto_mac_update(ctx, &cd); if (ret != CRYPTO_SUCCESS) { ret = SET_ERROR(EIO); goto error; @@ -1287,7 +1287,7 @@ zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen, cd.cd_raw.iov_base = (char *)raw_local_mac; cd.cd_raw.iov_len = cd.cd_length; - ret = crypto_mac_final(ctx, &cd, NULL); + ret = crypto_mac_final(ctx, &cd); if (ret != CRYPTO_SUCCESS) { ret = SET_ERROR(EIO); goto error; diff --git a/module/zfs/hkdf.c b/module/zfs/hkdf.c index 14265472d..49ad0a9fb 100644 --- a/module/zfs/hkdf.c +++ b/module/zfs/hkdf.c @@ -114,15 +114,15 @@ hkdf_sha512_expand(uint8_t *extract_key, uint8_t *info, uint_t info_len, if (ret != CRYPTO_SUCCESS) return (SET_ERROR(EIO)); - ret = crypto_mac_update(ctx, &T_cd, NULL); + ret = crypto_mac_update(ctx, &T_cd); if (ret != CRYPTO_SUCCESS) return (SET_ERROR(EIO)); - ret = crypto_mac_update(ctx, &info_cd, NULL); + ret = crypto_mac_update(ctx, &info_cd); if (ret != CRYPTO_SUCCESS) return (SET_ERROR(EIO)); - ret = crypto_mac_update(ctx, &c_cd, NULL); + ret = crypto_mac_update(ctx, &c_cd); if (ret != CRYPTO_SUCCESS) return (SET_ERROR(EIO)); @@ -130,7 +130,7 @@ hkdf_sha512_expand(uint8_t *extract_key, uint8_t *info, uint_t info_len, T_cd.cd_length = T_len; T_cd.cd_raw.iov_len = T_cd.cd_length; - ret = crypto_mac_final(ctx, &T_cd, NULL); + ret = crypto_mac_final(ctx, &T_cd); if (ret != CRYPTO_SUCCESS) return (SET_ERROR(EIO)); |