1eda14cbcSMatt Macy /* 2eda14cbcSMatt Macy * CDDL HEADER START 3eda14cbcSMatt Macy * 4eda14cbcSMatt Macy * The contents of this file are subject to the terms of the 5eda14cbcSMatt Macy * Common Development and Distribution License, Version 1.0 only 6eda14cbcSMatt Macy * (the "License"). You may not use this file except in compliance 7eda14cbcSMatt Macy * with the License. 8eda14cbcSMatt Macy * 9eda14cbcSMatt Macy * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*271171e0SMartin Matuska * or https://opensource.org/licenses/CDDL-1.0. 11eda14cbcSMatt Macy * See the License for the specific language governing permissions 12eda14cbcSMatt Macy * and limitations under the License. 13eda14cbcSMatt Macy * 14eda14cbcSMatt Macy * When distributing Covered Code, include this CDDL HEADER in each 15eda14cbcSMatt Macy * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16eda14cbcSMatt Macy * If applicable, add the following below this CDDL HEADER, with the 17eda14cbcSMatt Macy * fields enclosed by brackets "[]" replaced with your own identifying 18eda14cbcSMatt Macy * information: Portions Copyright [yyyy] [name of copyright owner] 19eda14cbcSMatt Macy * 20eda14cbcSMatt Macy * CDDL HEADER END 21eda14cbcSMatt Macy */ 22eda14cbcSMatt Macy /* 23eda14cbcSMatt Macy * Copyright (c) 2017, Datto, Inc. All rights reserved. 24eda14cbcSMatt Macy */ 25eda14cbcSMatt Macy 26eda14cbcSMatt Macy #ifdef _KERNEL 27eda14cbcSMatt Macy #include <linux/module.h> 28eda14cbcSMatt Macy #include <linux/kernel.h> 29eda14cbcSMatt Macy #include <linux/init.h> 30eda14cbcSMatt Macy #else 31eda14cbcSMatt Macy #define __exit 32eda14cbcSMatt Macy #define __init 33eda14cbcSMatt Macy #endif 34eda14cbcSMatt Macy 35eda14cbcSMatt Macy #include <sys/crypto/common.h> 36eda14cbcSMatt Macy #include <sys/crypto/api.h> 37eda14cbcSMatt Macy #include <sys/crypto/impl.h> 38eda14cbcSMatt Macy #include <sys/crypto/sched_impl.h> 39eda14cbcSMatt Macy #include <sys/crypto/icp.h> 40eda14cbcSMatt Macy 41eda14cbcSMatt Macy /* 42eda14cbcSMatt Macy * Changes made to the original Illumos Crypto Layer for the ICP: 43eda14cbcSMatt Macy * 44eda14cbcSMatt Macy * Several changes were needed to allow the Illumos Crypto Layer 45eda14cbcSMatt Macy * to work in the Linux kernel. Almost all of the changes fall into 46eda14cbcSMatt Macy * one of the following categories: 47eda14cbcSMatt Macy * 48eda14cbcSMatt Macy * 1) Moving the syntax to the C90: This was mostly a matter of 49eda14cbcSMatt Macy * changing func() definitions to func(void). In a few cases, 50eda14cbcSMatt Macy * initializations of structs with unions needed to have brackets 51eda14cbcSMatt Macy * added. 52eda14cbcSMatt Macy * 53eda14cbcSMatt Macy * 2) Changes to allow userspace compilation: The ICP is meant to be 54eda14cbcSMatt Macy * compiled and used in both userspace and kernel space (for ztest and 55eda14cbcSMatt Macy * libzfs), so the _KERNEL macros did not make sense anymore. For the 56eda14cbcSMatt Macy * same reason, many header includes were also changed to use 57eda14cbcSMatt Macy * sys/zfs_context.h 58eda14cbcSMatt Macy * 59eda14cbcSMatt Macy * 3) Moving to a statically compiled architecture: At some point in 60eda14cbcSMatt Macy * the future it may make sense to have encryption algorithms that are 61eda14cbcSMatt Macy * loadable into the ICP at runtime via separate kernel modules. 62eda14cbcSMatt Macy * However, considering that this code will probably not see much use 63e92ffd9bSMartin Matuska * outside of zfs and zfs encryption only requires a select few 64eda14cbcSMatt Macy * algorithms it seemed like more trouble than it was worth to port over 65eda14cbcSMatt Macy * Illumos's kernel module structure to a Linux kernel module. In 66eda14cbcSMatt Macy * addition, The Illumos code related to keeping track of kernel modules 67e92ffd9bSMartin Matuska * is very much tied to the Illumos OS and proved difficult to port. 68e92ffd9bSMartin Matuska * Therefore, the structure of the ICP was simplified to work 69e92ffd9bSMartin Matuska * statically and all the Illumos kernel module loading subsystem was removed. 70e92ffd9bSMartin Matuska * All module initialization and destruction is now called in this file 71e92ffd9bSMartin Matuska * during kernel module loading and unloading. 72eda14cbcSMatt Macy * 73eda14cbcSMatt Macy * 4) Adding destructors: The Illumos Crypto Layer is built into 74eda14cbcSMatt Macy * the Illumos kernel and is not meant to be unloaded. Some destructors 75eda14cbcSMatt Macy * were added to allow the ICP to be unloaded without leaking 76eda14cbcSMatt Macy * structures. 77eda14cbcSMatt Macy * 78eda14cbcSMatt Macy * 5) Removing CRYPTO_DATA_MBLK related structures and code: 79eda14cbcSMatt Macy * crypto_data_t can have 3 formats, CRYPTO_DATA_RAW, CRYPTO_DATA_UIO, 80eda14cbcSMatt Macy * and CRYPTO_DATA_MBLK. ZFS only requires the first 2 formats, as the 81eda14cbcSMatt Macy * last one is related to streamed data. To simplify the port, code 82eda14cbcSMatt Macy * related to this format was removed. 83eda14cbcSMatt Macy * 84eda14cbcSMatt Macy * 6) Changes for architecture specific code: Some changes were needed 85eda14cbcSMatt Macy * to make architecture specific assembly compile. The biggest change 86eda14cbcSMatt Macy * here was to functions related to detecting CPU capabilities for amd64. 87eda14cbcSMatt Macy * The Illumos Crypto Layer used called into the Illumos kernel's API 88eda14cbcSMatt Macy * to discover these. They have been converted to instead use the 89eda14cbcSMatt Macy * 'cpuid' instruction as per the Intel spec. In addition, references to 90eda14cbcSMatt Macy * the sun4u' and sparc architectures have been removed so that these 91eda14cbcSMatt Macy * will use the generic implementation. 92eda14cbcSMatt Macy * 93eda14cbcSMatt Macy * 7) Removing sha384 and sha512 code: The sha code was actually very 94eda14cbcSMatt Macy * easy to port. However, the generic sha384 and sha512 code actually 95eda14cbcSMatt Macy * exceeds the stack size on arm and powerpc architectures. In an effort 96eda14cbcSMatt Macy * to remove warnings, this code was removed. 97eda14cbcSMatt Macy * 98eda14cbcSMatt Macy * 8) Change large allocations from kmem_alloc() to vmem_alloc(): In 99eda14cbcSMatt Macy * testing the ICP with the ZFS encryption code, a few allocations were 100eda14cbcSMatt Macy * found that could potentially be very large. These caused the SPL to 101eda14cbcSMatt Macy * throw warnings and so they were changed to use vmem_alloc(). 102eda14cbcSMatt Macy * 103eda14cbcSMatt Macy * 9) Makefiles: Makefiles were added that would work with the existing 104eda14cbcSMatt Macy * ZFS Makefiles. 105eda14cbcSMatt Macy */ 106eda14cbcSMatt Macy 107716fd348SMartin Matuska void 108eda14cbcSMatt Macy icp_fini(void) 109eda14cbcSMatt Macy { 110eda14cbcSMatt Macy sha2_mod_fini(); 111eda14cbcSMatt Macy aes_mod_fini(); 112eda14cbcSMatt Macy kcf_sched_destroy(); 113eda14cbcSMatt Macy kcf_prov_tab_destroy(); 114eda14cbcSMatt Macy kcf_destroy_mech_tabs(); 115eda14cbcSMatt Macy } 116eda14cbcSMatt Macy 117eda14cbcSMatt Macy /* roughly equivalent to kcf.c: _init() */ 118eda14cbcSMatt Macy int __init 119eda14cbcSMatt Macy icp_init(void) 120eda14cbcSMatt Macy { 121eda14cbcSMatt Macy /* initialize the mechanisms tables supported out-of-the-box */ 122eda14cbcSMatt Macy kcf_init_mech_tabs(); 123eda14cbcSMatt Macy 124eda14cbcSMatt Macy /* initialize the providers tables */ 125eda14cbcSMatt Macy kcf_prov_tab_init(); 126eda14cbcSMatt Macy 127eda14cbcSMatt Macy /* 128eda14cbcSMatt Macy * Initialize scheduling structures. Note that this does NOT 129eda14cbcSMatt Macy * start any threads since it might not be safe to do so. 130eda14cbcSMatt Macy */ 131eda14cbcSMatt Macy kcf_sched_init(); 132eda14cbcSMatt Macy 133eda14cbcSMatt Macy /* initialize algorithms */ 134eda14cbcSMatt Macy aes_mod_init(); 135eda14cbcSMatt Macy sha2_mod_init(); 136eda14cbcSMatt Macy 137eda14cbcSMatt Macy return (0); 138eda14cbcSMatt Macy } 139