Upcoming changes to crypto(9) and dm_target_crypt(4)

[Michael Neumann]

Hi,

I've been working on this for a while. Now it is fairly stable -
I am running this since a few days on my laptop with sensible data.

The patch is massive mainly because it gets rid of plenty of legacy
code!

The patch is here:

https://leaf.dragonflybsd.org/~mneumann/0001-Retire-crypto-9-and-tcplay-8-and-refactor-dm_target_.patch

Summarising the changes:

* crypto(9) (opencrypto) is gone

* /dev/crypto is gone

* tcplay(8) is gone

* some old crypto hardware drivers are gone:
  hifn(4), safe(4), ubsec(4) and padlock(4)

* some crypto ciphers are gone

* I added a much simpler synchronous crypto API which only
  supports symmetric ciphers: AES-CBC and AES-XTS w/ and w/o AESNI
  at the moment.

* dm_target_crypt(4) is much simpler now:

  Each read / write BIO is scheduled to a worker thread in order to
  utilize all CPUs of the system. As we use the "struct bio" for
  chaining and submitting requests to the worker threads, no memory
  allocation happens here.

  Encryption / decryption is performed sequentially within the worker
  threads. Per such request, a 64k BIO buffer is processed. IIRC, the
  old code was cutting the 64k buffer into pieces of 512 bytes, and
  for each 512 byte block it issued an async crypto request and finally
  reassembled all blocks again using a barrier. The book-keeping in
  the old code was rather tricky, mainly due to the asynchronous nature
  of the crypto(9) API (apart from being very complex on it's own).

* When dm_target_crypt is under heavy load (e.g. running blogbench),
  the system maintains better interactivity. Mouse cursor stays smooth.

Feel free to comment and test. If there are no objections, I'd love
to commit this in the coming weeks, either as one huge commit, or
maybe splitting it up into more digestable changes?

Best regards,

  Michael