Stop setting etype in the MD crypto code. So far we have set the etype
and returned the error, which made the MI crypto code set the etype for
a second time. We still have to set etype after callin

Stop setting etype in the MD crypto code. So far we have set the etype
and returned the error, which made the MI crypto code set the etype for
a second time. We still have to set etype after calling the MD process
function, as the callers of crypto_invoke() still expect error handling
to be shown through the etype. But at least now all MD crypto code does
not have to worry about that anymore. Once the callers are changed to
not look at etype anymore, we can get rid of it completely.

ok tobhe@

show more ...

Retire asynchronous crypto API as it is no longer required by any driver and
adds unnecessary complexity. Dedicated crypto offloading devices are not common
anymore. Modern CPU crypto acceleration

Retire asynchronous crypto API as it is no longer required by any driver and
adds unnecessary complexity. Dedicated crypto offloading devices are not common
anymore. Modern CPU crypto acceleration works synchronously, eliminating the need
for callbacks.

Replace all occurrences of crypto_dispatch() with crypto_invoke(), which is
blocking and only returns after the operation has completed or an error occured.
Invoke callback functions directly from the consumer (e.g. IPsec, softraid)
instead of relying on the crypto driver to call crypto_done().

ok bluhm@ mvs@ patrick@

show more ...

The kernel crypto framework sometimes returned an error, sometimes
the callback was called, and sometimes both. So the caller of that
API could not release resources correctly.
A bunch of errors can

The kernel crypto framework sometimes returned an error, sometimes
the callback was called, and sometimes both. So the caller of that
API could not release resources correctly.
A bunch of errors can or should not happen, replace them with an
assert. Remove redundant checks. crypto_invoke() should not return
the error, but pass it via callback.
Some old hardware drivers keep part of their inconsistency as I
cannot test them.
OK mpi@

show more ...

The properties of the crypto algorithms never change. Declare them
constant. Then they are mapped as read only.
OK deraadt@ dlg@

we don't have to cast to caddr_t when calling m_copydata anymore.

the first cut of this diff was made with coccinelle using this spatch:

@rule@
type caddr_t;
expression m, off, len, cp;
@@
-m_copyd

we don't have to cast to caddr_t when calling m_copydata anymore.

the first cut of this diff was made with coccinelle using this spatch:

@rule@
type caddr_t;
expression m, off, len, cp;
@@
-m_copydata(m, off, len, (caddr_t)cp)
+m_copydata(m, off, len, cp)

i had fix it's opinionated idea of formatting by hand though, so
i'm not sure it was worth it.

ok deraadt@ bluhm@

show more ...

Use SMR instead of reference counting for session reclamation.
This reduces the need of atomic operations. The lookup tree still
requires serialization, though.

Fix pool ipl to prevent a deadlock scenario.

While here, make the pool use the default memory alignment. The default
setting is good enough for the driver and the hardware.

Add a driver for the OCTEON cryptographic unit. It provides
a hardware-accelerated implementation of several encryption
and authentication algorithms for ipsec(4):

AES-CBC
AES-CTR
AES-GC

Add a driver for the OCTEON cryptographic unit. It provides
a hardware-accelerated implementation of several encryption
and authentication algorithms for ipsec(4):

AES-CBC
AES-CTR
AES-GCM
AES-GMAC
HMAC-MD5
HMAC-SHA1
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-512

Please note that the driver is currently disabled.

OK deraadt@

show more ...