FreeBSD: disable the use of hardware crypto offload drivers for now

[mirror_zfs.git] / module / os / freebsd / zfs / crypto_os.c

diff --git a/module/os/freebsd/zfs/crypto_os.c b/module/os/freebsd/zfs/crypto_os.c
index fbf998416234e90e6c6e8071e9aeb0429b1ff23d..03d14ed7cf5c2ddaa82e5b08ee4221a5fbc748cf 100644 (file)
--- a/module/os/freebsd/zfs/crypto_os.c
+++ b/module/os/freebsd/zfs/crypto_os.c
@@ -293,8 +293,19 @@ freebsd_crypt_newsession(freebsd_crypt_session_t *sessp,
                error = ENOTSUP;
                goto bad;
        }
-       error = crypto_newsession(&sessp->fs_sid, &csp,
-           CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE);
+
+       /*
+        * Disable the use of hardware drivers on FreeBSD 13 and later since
+        * common crypto offload drivers impose constraints on AES-GCM AAD
+        * lengths that make them unusable for ZFS, and we currently do not have
+        * a mechanism to fall back to a software driver for requests not
+        * handled by a hardware driver.
+        *
+        * On 12 we continue to permit the use of hardware drivers since
+        * CPU-accelerated drivers such as aesni(4) register themselves as
+        * hardware drivers.
+        */
+       error = crypto_newsession(&sessp->fs_sid, &csp, CRYPTOCAP_F_SOFTWARE);
        mtx_init(&sessp->fs_lock, "FreeBSD Cryptographic Session Lock",
            NULL, MTX_DEF);
        crypt_sessions++;