Date: Fri, 9 May 2025 00:34:08 GMT From: Mark Johnston <markj@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 04421fda140b - main - krb5: Fix handling of transient crypto request failures Message-ID: <202505090034.5490Y8OH029883@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=04421fda140b92eb0d22bc4c0f81b6de05f21225 commit 04421fda140b92eb0d22bc4c0f81b6de05f21225 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2025-05-09 00:16:53 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2025-05-09 00:29:15 +0000 krb5: Fix handling of transient crypto request failures - Instead of using CRYPTO_F_DONE to decide whether a request has completed, use a custom protocol of setting crp_opaque = NULL in the callback and checking that instead. CRYPTO_F_DONE is set independent of whether an error occurred, but for transient errors signaled by EAGAIN, we want to simply retry the request. - Clear CRYPTO_F_DONE before retrying the request. - Panic if the request truly failed, as we currently have no way to pass hard errors back up. Reviewed by: jhb MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D50238 --- sys/kgssapi/krb5/kcrypto_aes.c | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/sys/kgssapi/krb5/kcrypto_aes.c b/sys/kgssapi/krb5/kcrypto_aes.c index ddaf1cec5b45..6761b7c815ad 100644 --- a/sys/kgssapi/krb5/kcrypto_aes.c +++ b/sys/kgssapi/krb5/kcrypto_aes.c @@ -116,19 +116,24 @@ aes_random_to_key(struct krb5_key_state *ks, const void *in) static int aes_crypto_cb(struct cryptop *crp) { - int error; struct aes_state *as = (struct aes_state *) crp->crp_opaque; - if (CRYPTO_SESS_SYNC(crp->crp_session)) + if (CRYPTO_SESS_SYNC(crp->crp_session)) { + KASSERT(crp->crp_etype == 0, + ("%s: callback with error %d", __func__, crp->crp_etype)); return (0); + } - error = crp->crp_etype; - if (error == EAGAIN) - error = crypto_dispatch(crp); - mtx_lock(&as->as_lock); - if (error || (crp->crp_flags & CRYPTO_F_DONE)) + if (crp->crp_etype == EAGAIN) { + crp->crp_etype = 0; + crp->crp_flags &= ~CRYPTO_F_DONE; + (void)crypto_dispatch(crp); + } else { + mtx_lock(&as->as_lock); + crp->crp_opaque = NULL; wakeup(crp); - mtx_unlock(&as->as_lock); + mtx_unlock(&as->as_lock); + } return (0); } @@ -164,11 +169,12 @@ aes_encrypt_1(const struct krb5_key_state *ks, int buftype, void *buf, if (!CRYPTO_SESS_SYNC(as->as_session_aes)) { mtx_lock(&as->as_lock); - if (!error && !(crp->crp_flags & CRYPTO_F_DONE)) + if (error == 0 && crp->crp_opaque != NULL) error = msleep(crp, &as->as_lock, 0, "gssaes", 0); mtx_unlock(&as->as_lock); } - + if (crp->crp_etype != 0) + panic("%s: crypto req failed: %d", __func__, crp->crp_etype); crypto_freereq(crp); } @@ -334,11 +340,13 @@ aes_checksum(const struct krb5_key_state *ks, int usage, if (!CRYPTO_SESS_SYNC(as->as_session_sha1)) { mtx_lock(&as->as_lock); - if (!error && !(crp->crp_flags & CRYPTO_F_DONE)) + if (error == 0 && crp->crp_opaque != NULL) error = msleep(crp, &as->as_lock, 0, "gssaes", 0); mtx_unlock(&as->as_lock); } + if (crp->crp_etype != 0) + panic("%s: crypto req failed: %d", __func__, crp->crp_etype); crypto_freereq(crp); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202505090034.5490Y8OH029883>