1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
4  * Copyright (c) 2005-2011 Pawel Jakub Dawidek <pawel@dawidek.net>
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
80 	nkey = -1;  in g_eli_ctl_attach()
87 	if (nkey < -1 || nkey >= G_ELI_MAXMKEYS) {  in g_eli_ctl_attach()
108 		gctl_error(req, "Options -d and -r are mutually exclusive.");  in g_eli_ctl_attach()
118 		    pp->name, error);  in g_eli_ctl_attach()
123 		gctl_error(req, "No valid keys on %s.", pp->name);  in g_eli_ctl_attach()
139 	if (nkey == -1)  in g_eli_ctl_attach()
144 	if (error == -1) {  in g_eli_ctl_attach()
146 		gctl_error(req, "Wrong key for %s.", pp->name);  in g_eli_ctl_attach()
151 		    pp->name, error);  in g_eli_ctl_attach()
154 	G_ELI_DEBUG(1, "Using Master Key %u for %s.", nkey, pp->name);  in g_eli_ctl_attach()
176 	LIST_FOREACH(gp, &mp->geom, geom) {  in g_eli_find_device()
177 		sc = gp->softc;  in g_eli_find_device()
180 		pp = LIST_FIRST(&gp->provider);  in g_eli_find_device()
181 		if (pp != NULL && strcmp(pp->name, prov) == 0)  in g_eli_find_device()
183 		cp = LIST_FIRST(&gp->consumer);  in g_eli_find_device()
184 		if (cp != NULL && cp->provider != NULL &&  in g_eli_find_device()
185 		    strcmp(cp->provider->name, prov) == 0) {  in g_eli_find_device()
236 			sc->sc_flags |= G_ELI_FLAG_RW_DETACH;  in g_eli_ctl_detach()
237 			sc->sc_geom->access = g_eli_access;  in g_eli_ctl_detach()
243 				    sc->sc_name, error);  in g_eli_ctl_detach()
289 	md.md_ealgo = CRYPTO_ALGORITHM_MIN - 1;  in g_eli_ctl_onetime()
302 			 * For backward compatibility, check if the -a option  in g_eli_ctl_onetime()
312 				gctl_error(req, "warning: The -e option, not "  in g_eli_ctl_onetime()
313 				    "the -a option is now used to specify "  in g_eli_ctl_onetime()
366 		md.md_sectorsize = pp->sectorsize;  in g_eli_ctl_onetime()
368 		if (*sectorsize < 0 || (*sectorsize % pp->sectorsize) != 0) {  in g_eli_ctl_onetime()
379 	g_eli_create(req, mp, pp, &md, mkey, -1);  in g_eli_ctl_onetime()
394 	int *nargs, *boot, *noboot, *trim, *notrim, *geliboot, *nogeliboot;  in g_eli_ctl_configure()  local
421 		gctl_error(req, "Options -b and -B are mutually exclusive.");  in g_eli_ctl_configure()
427 	trim = gctl_get_paraml(req, "trim", sizeof(*trim));  in g_eli_ctl_configure()
428 	if (trim == NULL)  in g_eli_ctl_configure()
429 		trim = &zero;  in g_eli_ctl_configure()
433 	if (*trim && *notrim) {  in g_eli_ctl_configure()
434 		gctl_error(req, "Options -t and -T are mutually exclusive.");  in g_eli_ctl_configure()
437 	if (*trim || *notrim)  in g_eli_ctl_configure()
447 		gctl_error(req, "Options -g and -G are mutually exclusive.");  in g_eli_ctl_configure()
460 		gctl_error(req, "Options -d and -D are mutually exclusive.");  in g_eli_ctl_configure()
474 		gctl_error(req, "Options -r and -R are mutually exclusive.");  in g_eli_ctl_configure()
502 		if (sc->sc_flags & G_ELI_FLAG_RO) {  in g_eli_ctl_configure()
504 			    "read-only provider %s.", prov);  in g_eli_ctl_configure()
508 		if (*boot && (sc->sc_flags & G_ELI_FLAG_BOOT)) {  in g_eli_ctl_configure()
512 		} else if (*noboot && !(sc->sc_flags & G_ELI_FLAG_BOOT)) {  in g_eli_ctl_configure()
518 		if (*notrim && (sc->sc_flags & G_ELI_FLAG_NODELETE)) {  in g_eli_ctl_configure()
519 			G_ELI_DEBUG(1, "TRIM disable flag already configured for %s.",  in g_eli_ctl_configure()
522 		} else if (*trim && !(sc->sc_flags & G_ELI_FLAG_NODELETE)) {  in g_eli_ctl_configure()
523 			G_ELI_DEBUG(1, "TRIM disable flag not configured for %s.",  in g_eli_ctl_configure()
528 		if (*geliboot && (sc->sc_flags & G_ELI_FLAG_GELIBOOT)) {  in g_eli_ctl_configure()
532 		} else if (*nogeliboot && !(sc->sc_flags & G_ELI_FLAG_GELIBOOT)) {  in g_eli_ctl_configure()
538 		if (*displaypass && (sc->sc_flags & G_ELI_FLAG_GELIDISPLAYPASS)) {  in g_eli_ctl_configure()
543 		    !(sc->sc_flags & G_ELI_FLAG_GELIDISPLAYPASS)) {  in g_eli_ctl_configure()
549 		if (*autoresize && (sc->sc_flags & G_ELI_FLAG_AUTORESIZE)) {  in g_eli_ctl_configure()
554 		    !(sc->sc_flags & G_ELI_FLAG_AUTORESIZE)) {  in g_eli_ctl_configure()
560 		if (!(sc->sc_flags & G_ELI_FLAG_ONETIME)) {  in g_eli_ctl_configure()
564 			 * we're bit-flipping uninitialized memory in md  in g_eli_ctl_configure()
568 			cp = LIST_FIRST(&sc->sc_geom->consumer);  in g_eli_ctl_configure()
569 			pp = cp->provider;  in g_eli_ctl_configure()
581 			sc->sc_flags |= G_ELI_FLAG_BOOT;  in g_eli_ctl_configure()
584 			sc->sc_flags &= ~G_ELI_FLAG_BOOT;  in g_eli_ctl_configure()
589 			sc->sc_flags |= G_ELI_FLAG_NODELETE;  in g_eli_ctl_configure()
590 		} else if (*trim) {  in g_eli_ctl_configure()
592 			sc->sc_flags &= ~G_ELI_FLAG_NODELETE;  in g_eli_ctl_configure()
597 			sc->sc_flags |= G_ELI_FLAG_GELIBOOT;  in g_eli_ctl_configure()
600 			sc->sc_flags &= ~G_ELI_FLAG_GELIBOOT;  in g_eli_ctl_configure()
605 			sc->sc_flags |= G_ELI_FLAG_GELIDISPLAYPASS;  in g_eli_ctl_configure()
608 			sc->sc_flags &= ~G_ELI_FLAG_GELIDISPLAYPASS;  in g_eli_ctl_configure()
613 			sc->sc_flags |= G_ELI_FLAG_AUTORESIZE;  in g_eli_ctl_configure()
616 			sc->sc_flags &= ~G_ELI_FLAG_AUTORESIZE;  in g_eli_ctl_configure()
619 		if (sc->sc_flags & G_ELI_FLAG_ONETIME) {  in g_eli_ctl_configure()
624 		sector = malloc(pp->sectorsize, M_ELI, M_WAITOK | M_ZERO);  in g_eli_ctl_configure()
626 		error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector,  in g_eli_ctl_configure()
627 		    pp->sectorsize);  in g_eli_ctl_configure()
667 	if (sc->sc_flags & G_ELI_FLAG_RO) {  in g_eli_ctl_setkey()
668 		gctl_error(req, "Cannot change keys for read-only provider.");  in g_eli_ctl_setkey()
671 	cp = LIST_FIRST(&sc->sc_geom->consumer);  in g_eli_ctl_setkey()
672 	pp = cp->provider;  in g_eli_ctl_setkey()
686 	if (*valp != -1)  in g_eli_ctl_setkey()
689 		nkey = sc->sc_nkey;  in g_eli_ctl_setkey()
701 	if (*valp != -1 && md.md_iterations == -1) {  in g_eli_ctl_setkey()
703 	} else if (*valp != -1 && *valp != md.md_iterations) {  in g_eli_ctl_setkey()
705 			gctl_error(req, "To be able to use '-i' option, only "  in g_eli_ctl_setkey()
711 			    "changed when '-i' option is used.");  in g_eli_ctl_setkey()
720 	bcopy(sc->sc_mkey, mkeydst, sizeof(sc->sc_mkey));  in g_eli_ctl_setkey()
731 	sector = malloc(pp->sectorsize, M_ELI, M_WAITOK | M_ZERO);  in g_eli_ctl_setkey()
735 	error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector,  in g_eli_ctl_setkey()
736 	    pp->sectorsize);  in g_eli_ctl_setkey()
740 		    pp->name, error);  in g_eli_ctl_setkey()
743 	G_ELI_DEBUG(1, "Key %u changed on %s.", nkey, pp->name);  in g_eli_ctl_setkey()
774 	if (sc->sc_flags & G_ELI_FLAG_RO) {  in g_eli_ctl_delkey()
775 		gctl_error(req, "Cannot delete keys for read-only provider.");  in g_eli_ctl_delkey()
778 	cp = LIST_FIRST(&sc->sc_geom->consumer);  in g_eli_ctl_delkey()
779 	pp = cp->provider;  in g_eli_ctl_delkey()
809 		if (*valp != -1)  in g_eli_ctl_delkey()
812 			nkey = sc->sc_nkey;  in g_eli_ctl_delkey()
823 			gctl_error(req, "This is the last Master Key. Use '-f' "  in g_eli_ctl_delkey()
831 	sector = malloc(pp->sectorsize, M_ELI, M_WAITOK | M_ZERO);  in g_eli_ctl_delkey()
839 		error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector,  in g_eli_ctl_delkey()
840 		    pp->sectorsize);  in g_eli_ctl_delkey()
843 			    "(error=%d).", pp->name, error);  in g_eli_ctl_delkey()
846 		 * Flush write cache so we don't overwrite data N times in cache  in g_eli_ctl_delkey()
854 		G_ELI_DEBUG(1, "All keys removed from %s.", pp->name);  in g_eli_ctl_delkey()
856 		G_ELI_DEBUG(1, "Key %d removed from %s.", nkey, pp->name);  in g_eli_ctl_delkey()
868 	if (sc->sc_flags & G_ELI_FLAG_ONETIME) {  in g_eli_suspend_one()
870 		    "Device %s is using one-time key, suspend not supported.",  in g_eli_suspend_one()
871 		    sc->sc_name);  in g_eli_suspend_one()
875 	mtx_lock(&sc->sc_queue_mtx);  in g_eli_suspend_one()
876 	if (sc->sc_flags & G_ELI_FLAG_SUSPEND) {  in g_eli_suspend_one()
877 		mtx_unlock(&sc->sc_queue_mtx);  in g_eli_suspend_one()
879 		    sc->sc_name);  in g_eli_suspend_one()
882 	sc->sc_flags |= G_ELI_FLAG_SUSPEND;  in g_eli_suspend_one()
885 		LIST_FOREACH(wr, &sc->sc_workers, w_next) {  in g_eli_suspend_one()
886 			if (wr->w_active)  in g_eli_suspend_one()
892 		msleep(&sc->sc_workers, &sc->sc_queue_mtx, PRIBIO,  in g_eli_suspend_one()
896 	 * Clear sensitive data on suspend, they will be recovered on resume.  in g_eli_suspend_one()
898 	explicit_bzero(sc->sc_mkey, sizeof(sc->sc_mkey));  in g_eli_suspend_one()
900 	explicit_bzero(sc->sc_akey, sizeof(sc->sc_akey));  in g_eli_suspend_one()
901 	explicit_bzero(&sc->sc_akeyctx, sizeof(sc->sc_akeyctx));  in g_eli_suspend_one()
902 	explicit_bzero(sc->sc_ivkey, sizeof(sc->sc_ivkey));  in g_eli_suspend_one()
903 	explicit_bzero(&sc->sc_ivctx, sizeof(sc->sc_ivctx));  in g_eli_suspend_one()
904 	mtx_unlock(&sc->sc_queue_mtx);  in g_eli_suspend_one()
905 	G_ELI_DEBUG(0, "Device %s has been suspended.", sc->sc_name);  in g_eli_suspend_one()
934 		LIST_FOREACH_SAFE(gp, &mp->geom, geom, gp2) {  in g_eli_ctl_suspend()
935 			sc = gp->softc;  in g_eli_ctl_suspend()
936 			if (sc->sc_flags & G_ELI_FLAG_ONETIME) {  in g_eli_ctl_suspend()
938 				    "Device %s is using one-time key, suspend not supported, skipping.",  in g_eli_ctl_suspend()
939 				    sc->sc_name);  in g_eli_ctl_suspend()
1006 	cp = LIST_FIRST(&sc->sc_geom->consumer);  in g_eli_ctl_resume()
1007 	pp = cp->provider;  in g_eli_ctl_resume()
1016 		gctl_error(req, "No valid keys on %s.", pp->name);  in g_eli_ctl_resume()
1022 	if (error == -1) {  in g_eli_ctl_resume()
1024 		gctl_error(req, "Wrong key for %s.", pp->name);  in g_eli_ctl_resume()
1029 		    pp->name, error);  in g_eli_ctl_resume()
1032 	G_ELI_DEBUG(1, "Using Master Key %u for %s.", nkey, pp->name);  in g_eli_ctl_resume()
1034 	mtx_lock(&sc->sc_queue_mtx);  in g_eli_ctl_resume()
1035 	if (!(sc->sc_flags & G_ELI_FLAG_SUSPEND))  in g_eli_ctl_resume()
1040 		sc->sc_flags &= ~G_ELI_FLAG_SUSPEND;  in g_eli_ctl_resume()
1041 		G_ELI_DEBUG(1, "Resumed %s.", pp->name);  in g_eli_ctl_resume()
1044 	mtx_unlock(&sc->sc_queue_mtx);  in g_eli_ctl_resume()
1061 	pp = LIST_FIRST(&sc->sc_geom->provider);  in g_eli_kill_one()
1064 	cp = LIST_FIRST(&sc->sc_geom->consumer);  in g_eli_kill_one()
1065 	pp = cp->provider;  in g_eli_kill_one()
1067 	if (sc->sc_flags & G_ELI_FLAG_RO) {  in g_eli_kill_one()
1068 		G_ELI_DEBUG(0, "WARNING: Metadata won't be erased on read-only "  in g_eli_kill_one()
1069 		    "provider: %s.", pp->name);  in g_eli_kill_one()
1075 		sector = malloc(pp->sectorsize, M_ELI, M_WAITOK);  in g_eli_kill_one()
1078 				bzero(sector, pp->sectorsize);  in g_eli_kill_one()
1080 				arc4rand(sector, pp->sectorsize, 0);  in g_eli_kill_one()
1081 			err = g_write_data(cp, pp->mediasize - pp->sectorsize,  in g_eli_kill_one()
1082 			    sector, pp->sectorsize);  in g_eli_kill_one()
1085 				    "(error=%d).", pp->name, err);  in g_eli_kill_one()
1090 			 * Flush write cache so we don't overwrite data N times  in g_eli_kill_one()
1098 		G_ELI_DEBUG(0, "%s has been killed.", pp->name);  in g_eli_kill_one()
1129 		LIST_FOREACH_SAFE(gp, &mp->geom, geom, gp2) {  in g_eli_ctl_kill()
1130 			error = g_eli_kill_one(gp->softc);  in g_eli_ctl_kill()