1 /* $NetBSD: cgd.c,v 1.90 2014/07/25 08:10:35 dholland Exp $ */ 2 3 /*- 4 * Copyright (c) 2002 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Roland C. Dowdeswell. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: cgd.c,v 1.90 2014/07/25 08:10:35 dholland Exp $"); 34 35 #include <sys/types.h> 36 #include <sys/param.h> 37 #include <sys/systm.h> 38 #include <sys/proc.h> 39 #include <sys/errno.h> 40 #include <sys/buf.h> 41 #include <sys/bufq.h> 42 #include <sys/malloc.h> 43 #include <sys/module.h> 44 #include <sys/pool.h> 45 #include <sys/ioctl.h> 46 #include <sys/device.h> 47 #include <sys/disk.h> 48 #include <sys/disklabel.h> 49 #include <sys/fcntl.h> 50 #include <sys/namei.h> /* for pathbuf */ 51 #include <sys/vnode.h> 52 #include <sys/conf.h> 53 #include <sys/syslog.h> 54 55 #include <dev/dkvar.h> 56 #include <dev/cgdvar.h> 57 58 #include <miscfs/specfs/specdev.h> /* for v_rdev */ 59 60 /* Entry Point Functions */ 61 62 void cgdattach(int); 63 64 static dev_type_open(cgdopen); 65 static dev_type_close(cgdclose); 66 static dev_type_read(cgdread); 67 static dev_type_write(cgdwrite); 68 static dev_type_ioctl(cgdioctl); 69 static dev_type_strategy(cgdstrategy); 70 static dev_type_dump(cgddump); 71 static dev_type_size(cgdsize); 72 73 const struct bdevsw cgd_bdevsw = { 74 .d_open = cgdopen, 75 .d_close = cgdclose, 76 .d_strategy = cgdstrategy, 77 .d_ioctl = cgdioctl, 78 .d_dump = cgddump, 79 .d_psize = cgdsize, 80 .d_discard = nodiscard, 81 .d_flag = D_DISK 82 }; 83 84 const struct cdevsw cgd_cdevsw = { 85 .d_open = cgdopen, 86 .d_close = cgdclose, 87 .d_read = cgdread, 88 .d_write = cgdwrite, 89 .d_ioctl = cgdioctl, 90 .d_stop = nostop, 91 .d_tty = notty, 92 .d_poll = nopoll, 93 .d_mmap = nommap, 94 .d_kqfilter = nokqfilter, 95 .d_discard = nodiscard, 96 .d_flag = D_DISK 97 }; 98 99 static int cgd_match(device_t, cfdata_t, void *); 100 static void cgd_attach(device_t, device_t, void *); 101 static int cgd_detach(device_t, int); 102 static struct cgd_softc *cgd_spawn(int); 103 static int cgd_destroy(device_t); 104 105 /* Internal Functions */ 106 107 static void cgdstart(struct dk_softc *); 108 static void cgdiodone(struct buf *); 109 110 static int cgd_ioctl_set(struct cgd_softc *, void *, struct lwp *); 111 static int cgd_ioctl_clr(struct cgd_softc *, struct lwp *); 112 static int cgd_ioctl_get(dev_t, void *, struct lwp *); 113 static int cgdinit(struct cgd_softc *, const char *, struct vnode *, 114 struct lwp *); 115 static void cgd_cipher(struct cgd_softc *, void *, void *, 116 size_t, daddr_t, size_t, int); 117 118 /* Pseudo-disk Interface */ 119 120 static struct dk_intf the_dkintf = { 121 DTYPE_CGD, 122 "cgd", 123 cgdopen, 124 cgdclose, 125 cgdstrategy, 126 cgdstart, 127 }; 128 static struct dk_intf *di = &the_dkintf; 129 130 static struct dkdriver cgddkdriver = { 131 .d_strategy = cgdstrategy, 132 .d_minphys = minphys, 133 }; 134 135 CFATTACH_DECL3_NEW(cgd, sizeof(struct cgd_softc), 136 cgd_match, cgd_attach, cgd_detach, NULL, NULL, NULL, DVF_DETACH_SHUTDOWN); 137 extern struct cfdriver cgd_cd; 138 139 /* DIAGNOSTIC and DEBUG definitions */ 140 141 #if defined(CGDDEBUG) && !defined(DEBUG) 142 #define DEBUG 143 #endif 144 145 #ifdef DEBUG 146 int cgddebug = 0; 147 148 #define CGDB_FOLLOW 0x1 149 #define CGDB_IO 0x2 150 #define CGDB_CRYPTO 0x4 151 152 #define IFDEBUG(x,y) if (cgddebug & (x)) y 153 #define DPRINTF(x,y) IFDEBUG(x, printf y) 154 #define DPRINTF_FOLLOW(y) DPRINTF(CGDB_FOLLOW, y) 155 156 static void hexprint(const char *, void *, int); 157 158 #else 159 #define IFDEBUG(x,y) 160 #define DPRINTF(x,y) 161 #define DPRINTF_FOLLOW(y) 162 #endif 163 164 #ifdef DIAGNOSTIC 165 #define DIAGPANIC(x) panic x 166 #define DIAGCONDPANIC(x,y) if (x) panic y 167 #else 168 #define DIAGPANIC(x) 169 #define DIAGCONDPANIC(x,y) 170 #endif 171 172 /* Global variables */ 173 174 /* Utility Functions */ 175 176 #define CGDUNIT(x) DISKUNIT(x) 177 #define GETCGD_SOFTC(_cs, x) if (!((_cs) = getcgd_softc(x))) return ENXIO 178 179 /* The code */ 180 181 static struct cgd_softc * 182 getcgd_softc(dev_t dev) 183 { 184 int unit = CGDUNIT(dev); 185 struct cgd_softc *sc; 186 187 DPRINTF_FOLLOW(("getcgd_softc(0x%"PRIx64"): unit = %d\n", dev, unit)); 188 189 sc = device_lookup_private(&cgd_cd, unit); 190 if (sc == NULL) 191 sc = cgd_spawn(unit); 192 return sc; 193 } 194 195 static int 196 cgd_match(device_t self, cfdata_t cfdata, void *aux) 197 { 198 199 return 1; 200 } 201 202 static void 203 cgd_attach(device_t parent, device_t self, void *aux) 204 { 205 struct cgd_softc *sc = device_private(self); 206 207 mutex_init(&sc->sc_lock, MUTEX_DEFAULT, IPL_BIO); 208 dk_sc_init(&sc->sc_dksc, device_xname(self)); 209 sc->sc_dksc.sc_dev = self; 210 disk_init(&sc->sc_dksc.sc_dkdev, sc->sc_dksc.sc_xname, &cgddkdriver); 211 212 if (!pmf_device_register(self, NULL, NULL)) 213 aprint_error_dev(self, "unable to register power management hooks\n"); 214 } 215 216 217 static int 218 cgd_detach(device_t self, int flags) 219 { 220 int ret; 221 const int pmask = 1 << RAW_PART; 222 struct cgd_softc *sc = device_private(self); 223 struct dk_softc *dksc = &sc->sc_dksc; 224 225 if (DK_BUSY(dksc, pmask)) 226 return EBUSY; 227 228 if ((dksc->sc_flags & DKF_INITED) != 0 && 229 (ret = cgd_ioctl_clr(sc, curlwp)) != 0) 230 return ret; 231 232 disk_destroy(&dksc->sc_dkdev); 233 mutex_destroy(&sc->sc_lock); 234 235 return 0; 236 } 237 238 void 239 cgdattach(int num) 240 { 241 int error; 242 243 error = config_cfattach_attach(cgd_cd.cd_name, &cgd_ca); 244 if (error != 0) 245 aprint_error("%s: unable to register cfattach\n", 246 cgd_cd.cd_name); 247 } 248 249 static struct cgd_softc * 250 cgd_spawn(int unit) 251 { 252 cfdata_t cf; 253 254 cf = malloc(sizeof(*cf), M_DEVBUF, M_WAITOK); 255 cf->cf_name = cgd_cd.cd_name; 256 cf->cf_atname = cgd_cd.cd_name; 257 cf->cf_unit = unit; 258 cf->cf_fstate = FSTATE_STAR; 259 260 return device_private(config_attach_pseudo(cf)); 261 } 262 263 static int 264 cgd_destroy(device_t dev) 265 { 266 int error; 267 cfdata_t cf; 268 269 cf = device_cfdata(dev); 270 error = config_detach(dev, DETACH_QUIET); 271 if (error) 272 return error; 273 free(cf, M_DEVBUF); 274 return 0; 275 } 276 277 static int 278 cgdopen(dev_t dev, int flags, int fmt, struct lwp *l) 279 { 280 struct cgd_softc *cs; 281 282 DPRINTF_FOLLOW(("cgdopen(0x%"PRIx64", %d)\n", dev, flags)); 283 GETCGD_SOFTC(cs, dev); 284 return dk_open(di, &cs->sc_dksc, dev, flags, fmt, l); 285 } 286 287 static int 288 cgdclose(dev_t dev, int flags, int fmt, struct lwp *l) 289 { 290 int error; 291 struct cgd_softc *cs; 292 struct dk_softc *dksc; 293 294 DPRINTF_FOLLOW(("cgdclose(0x%"PRIx64", %d)\n", dev, flags)); 295 GETCGD_SOFTC(cs, dev); 296 dksc = &cs->sc_dksc; 297 if ((error = dk_close(di, dksc, dev, flags, fmt, l)) != 0) 298 return error; 299 300 if ((dksc->sc_flags & DKF_INITED) == 0) { 301 if ((error = cgd_destroy(cs->sc_dksc.sc_dev)) != 0) { 302 aprint_error_dev(dksc->sc_dev, 303 "unable to detach instance\n"); 304 return error; 305 } 306 } 307 return 0; 308 } 309 310 static void 311 cgdstrategy(struct buf *bp) 312 { 313 struct cgd_softc *cs = getcgd_softc(bp->b_dev); 314 315 DPRINTF_FOLLOW(("cgdstrategy(%p): b_bcount = %ld\n", bp, 316 (long)bp->b_bcount)); 317 318 /* 319 * Reject unaligned writes. We can encrypt and decrypt only 320 * complete disk sectors, and we let the ciphers require their 321 * buffers to be aligned to 32-bit boundaries. 322 */ 323 if (bp->b_blkno < 0 || 324 (bp->b_bcount % DEV_BSIZE) != 0 || 325 ((uintptr_t)bp->b_data & 3) != 0) { 326 bp->b_error = EINVAL; 327 bp->b_resid = bp->b_bcount; 328 biodone(bp); 329 return; 330 } 331 332 /* XXXrcd: Should we test for (cs != NULL)? */ 333 dk_strategy(di, &cs->sc_dksc, bp); 334 return; 335 } 336 337 static int 338 cgdsize(dev_t dev) 339 { 340 struct cgd_softc *cs = getcgd_softc(dev); 341 342 DPRINTF_FOLLOW(("cgdsize(0x%"PRIx64")\n", dev)); 343 if (!cs) 344 return -1; 345 return dk_size(di, &cs->sc_dksc, dev); 346 } 347 348 /* 349 * cgd_{get,put}data are functions that deal with getting a buffer 350 * for the new encrypted data. We have a buffer per device so that 351 * we can ensure that we can always have a transaction in flight. 352 * We use this buffer first so that we have one less piece of 353 * malloc'ed data at any given point. 354 */ 355 356 static void * 357 cgd_getdata(struct dk_softc *dksc, unsigned long size) 358 { 359 struct cgd_softc *cs = (struct cgd_softc *)dksc; 360 void * data = NULL; 361 362 mutex_enter(&cs->sc_lock); 363 if (cs->sc_data_used == 0) { 364 cs->sc_data_used = 1; 365 data = cs->sc_data; 366 } 367 mutex_exit(&cs->sc_lock); 368 369 if (data) 370 return data; 371 372 return malloc(size, M_DEVBUF, M_NOWAIT); 373 } 374 375 static void 376 cgd_putdata(struct dk_softc *dksc, void *data) 377 { 378 struct cgd_softc *cs = (struct cgd_softc *)dksc; 379 380 if (data == cs->sc_data) { 381 mutex_enter(&cs->sc_lock); 382 cs->sc_data_used = 0; 383 mutex_exit(&cs->sc_lock); 384 } else { 385 free(data, M_DEVBUF); 386 } 387 } 388 389 static void 390 cgdstart(struct dk_softc *dksc) 391 { 392 struct cgd_softc *cs = (struct cgd_softc *)dksc; 393 struct buf *bp, *nbp; 394 #ifdef DIAGNOSTIC 395 struct buf *qbp; 396 #endif 397 void * addr; 398 void * newaddr; 399 daddr_t bn; 400 struct vnode *vp; 401 402 while ((bp = bufq_peek(dksc->sc_bufq)) != NULL) { 403 404 DPRINTF_FOLLOW(("cgdstart(%p, %p)\n", dksc, bp)); 405 disk_busy(&dksc->sc_dkdev); 406 407 bn = bp->b_rawblkno; 408 409 /* 410 * We attempt to allocate all of our resources up front, so that 411 * we can fail quickly if they are unavailable. 412 */ 413 nbp = getiobuf(cs->sc_tvn, false); 414 if (nbp == NULL) { 415 disk_unbusy(&dksc->sc_dkdev, 0, (bp->b_flags & B_READ)); 416 break; 417 } 418 419 /* 420 * If we are writing, then we need to encrypt the outgoing 421 * block into a new block of memory. 422 */ 423 newaddr = addr = bp->b_data; 424 if ((bp->b_flags & B_READ) == 0) { 425 newaddr = cgd_getdata(dksc, bp->b_bcount); 426 if (!newaddr) { 427 putiobuf(nbp); 428 disk_unbusy(&dksc->sc_dkdev, 0, (bp->b_flags & B_READ)); 429 break; 430 } 431 cgd_cipher(cs, newaddr, addr, bp->b_bcount, bn, 432 DEV_BSIZE, CGD_CIPHER_ENCRYPT); 433 } 434 /* we now have all needed resources to process this buf */ 435 #ifdef DIAGNOSTIC 436 qbp = bufq_get(dksc->sc_bufq); 437 KASSERT(bp == qbp); 438 #else 439 (void)bufq_get(dksc->sc_bufq); 440 #endif 441 nbp->b_data = newaddr; 442 nbp->b_flags = bp->b_flags; 443 nbp->b_oflags = bp->b_oflags; 444 nbp->b_cflags = bp->b_cflags; 445 nbp->b_iodone = cgdiodone; 446 nbp->b_proc = bp->b_proc; 447 nbp->b_blkno = bn; 448 nbp->b_bcount = bp->b_bcount; 449 nbp->b_private = bp; 450 451 BIO_COPYPRIO(nbp, bp); 452 453 if ((nbp->b_flags & B_READ) == 0) { 454 vp = nbp->b_vp; 455 mutex_enter(vp->v_interlock); 456 vp->v_numoutput++; 457 mutex_exit(vp->v_interlock); 458 } 459 VOP_STRATEGY(cs->sc_tvn, nbp); 460 } 461 } 462 463 static void 464 cgdiodone(struct buf *nbp) 465 { 466 struct buf *obp = nbp->b_private; 467 struct cgd_softc *cs = getcgd_softc(obp->b_dev); 468 struct dk_softc *dksc = &cs->sc_dksc; 469 int s; 470 471 KDASSERT(cs); 472 473 DPRINTF_FOLLOW(("cgdiodone(%p)\n", nbp)); 474 DPRINTF(CGDB_IO, ("cgdiodone: bp %p bcount %d resid %d\n", 475 obp, obp->b_bcount, obp->b_resid)); 476 DPRINTF(CGDB_IO, (" dev 0x%"PRIx64", nbp %p bn %" PRId64 " addr %p bcnt %d\n", 477 nbp->b_dev, nbp, nbp->b_blkno, nbp->b_data, 478 nbp->b_bcount)); 479 if (nbp->b_error != 0) { 480 obp->b_error = nbp->b_error; 481 DPRINTF(CGDB_IO, ("%s: error %d\n", dksc->sc_xname, 482 obp->b_error)); 483 } 484 485 /* Perform the decryption if we are reading. 486 * 487 * Note: use the blocknumber from nbp, since it is what 488 * we used to encrypt the blocks. 489 */ 490 491 if (nbp->b_flags & B_READ) 492 cgd_cipher(cs, obp->b_data, obp->b_data, obp->b_bcount, 493 nbp->b_blkno, DEV_BSIZE, CGD_CIPHER_DECRYPT); 494 495 /* If we allocated memory, free it now... */ 496 if (nbp->b_data != obp->b_data) 497 cgd_putdata(dksc, nbp->b_data); 498 499 putiobuf(nbp); 500 501 /* Request is complete for whatever reason */ 502 obp->b_resid = 0; 503 if (obp->b_error != 0) 504 obp->b_resid = obp->b_bcount; 505 s = splbio(); 506 disk_unbusy(&dksc->sc_dkdev, obp->b_bcount - obp->b_resid, 507 (obp->b_flags & B_READ)); 508 biodone(obp); 509 cgdstart(dksc); 510 splx(s); 511 } 512 513 /* XXX: we should probably put these into dksubr.c, mostly */ 514 static int 515 cgdread(dev_t dev, struct uio *uio, int flags) 516 { 517 struct cgd_softc *cs; 518 struct dk_softc *dksc; 519 520 DPRINTF_FOLLOW(("cgdread(0x%llx, %p, %d)\n", 521 (unsigned long long)dev, uio, flags)); 522 GETCGD_SOFTC(cs, dev); 523 dksc = &cs->sc_dksc; 524 if ((dksc->sc_flags & DKF_INITED) == 0) 525 return ENXIO; 526 return physio(cgdstrategy, NULL, dev, B_READ, minphys, uio); 527 } 528 529 /* XXX: we should probably put these into dksubr.c, mostly */ 530 static int 531 cgdwrite(dev_t dev, struct uio *uio, int flags) 532 { 533 struct cgd_softc *cs; 534 struct dk_softc *dksc; 535 536 DPRINTF_FOLLOW(("cgdwrite(0x%"PRIx64", %p, %d)\n", dev, uio, flags)); 537 GETCGD_SOFTC(cs, dev); 538 dksc = &cs->sc_dksc; 539 if ((dksc->sc_flags & DKF_INITED) == 0) 540 return ENXIO; 541 return physio(cgdstrategy, NULL, dev, B_WRITE, minphys, uio); 542 } 543 544 static int 545 cgdioctl(dev_t dev, u_long cmd, void *data, int flag, struct lwp *l) 546 { 547 struct cgd_softc *cs; 548 struct dk_softc *dksc; 549 int part = DISKPART(dev); 550 int pmask = 1 << part; 551 552 DPRINTF_FOLLOW(("cgdioctl(0x%"PRIx64", %ld, %p, %d, %p)\n", 553 dev, cmd, data, flag, l)); 554 555 switch (cmd) { 556 case CGDIOCGET: /* don't call cgd_spawn() if the device isn't there */ 557 cs = NULL; 558 dksc = NULL; 559 break; 560 case CGDIOCSET: 561 case CGDIOCCLR: 562 if ((flag & FWRITE) == 0) 563 return EBADF; 564 /* FALLTHROUGH */ 565 default: 566 GETCGD_SOFTC(cs, dev); 567 dksc = &cs->sc_dksc; 568 break; 569 } 570 571 switch (cmd) { 572 case CGDIOCSET: 573 if (dksc->sc_flags & DKF_INITED) 574 return EBUSY; 575 return cgd_ioctl_set(cs, data, l); 576 case CGDIOCCLR: 577 if (DK_BUSY(&cs->sc_dksc, pmask)) 578 return EBUSY; 579 return cgd_ioctl_clr(cs, l); 580 case CGDIOCGET: 581 return cgd_ioctl_get(dev, data, l); 582 case DIOCCACHESYNC: 583 /* 584 * XXX Do we really need to care about having a writable 585 * file descriptor here? 586 */ 587 if ((flag & FWRITE) == 0) 588 return (EBADF); 589 590 /* 591 * We pass this call down to the underlying disk. 592 */ 593 return VOP_IOCTL(cs->sc_tvn, cmd, data, flag, l->l_cred); 594 default: 595 return dk_ioctl(di, dksc, dev, cmd, data, flag, l); 596 } 597 } 598 599 static int 600 cgddump(dev_t dev, daddr_t blkno, void *va, size_t size) 601 { 602 struct cgd_softc *cs; 603 604 DPRINTF_FOLLOW(("cgddump(0x%"PRIx64", %" PRId64 ", %p, %lu)\n", 605 dev, blkno, va, (unsigned long)size)); 606 GETCGD_SOFTC(cs, dev); 607 return dk_dump(di, &cs->sc_dksc, dev, blkno, va, size); 608 } 609 610 /* 611 * XXXrcd: 612 * for now we hardcode the maximum key length. 613 */ 614 #define MAX_KEYSIZE 1024 615 616 static const struct { 617 const char *n; 618 int v; 619 int d; 620 } encblkno[] = { 621 { "encblkno", CGD_CIPHER_CBC_ENCBLKNO8, 1 }, 622 { "encblkno8", CGD_CIPHER_CBC_ENCBLKNO8, 1 }, 623 { "encblkno1", CGD_CIPHER_CBC_ENCBLKNO1, 8 }, 624 }; 625 626 /* ARGSUSED */ 627 static int 628 cgd_ioctl_set(struct cgd_softc *cs, void *data, struct lwp *l) 629 { 630 struct cgd_ioctl *ci = data; 631 struct vnode *vp; 632 int ret; 633 size_t i; 634 size_t keybytes; /* key length in bytes */ 635 const char *cp; 636 struct pathbuf *pb; 637 char *inbuf; 638 struct dk_softc *dksc = &cs->sc_dksc; 639 640 cp = ci->ci_disk; 641 642 ret = pathbuf_copyin(ci->ci_disk, &pb); 643 if (ret != 0) { 644 return ret; 645 } 646 ret = dk_lookup(pb, l, &vp); 647 pathbuf_destroy(pb); 648 if (ret != 0) { 649 return ret; 650 } 651 652 inbuf = malloc(MAX_KEYSIZE, M_TEMP, M_WAITOK); 653 654 if ((ret = cgdinit(cs, cp, vp, l)) != 0) 655 goto bail; 656 657 (void)memset(inbuf, 0, MAX_KEYSIZE); 658 ret = copyinstr(ci->ci_alg, inbuf, 256, NULL); 659 if (ret) 660 goto bail; 661 cs->sc_cfuncs = cryptfuncs_find(inbuf); 662 if (!cs->sc_cfuncs) { 663 ret = EINVAL; 664 goto bail; 665 } 666 667 (void)memset(inbuf, 0, MAX_KEYSIZE); 668 ret = copyinstr(ci->ci_ivmethod, inbuf, MAX_KEYSIZE, NULL); 669 if (ret) 670 goto bail; 671 672 for (i = 0; i < __arraycount(encblkno); i++) 673 if (strcmp(encblkno[i].n, inbuf) == 0) 674 break; 675 676 if (i == __arraycount(encblkno)) { 677 ret = EINVAL; 678 goto bail; 679 } 680 681 keybytes = ci->ci_keylen / 8 + 1; 682 if (keybytes > MAX_KEYSIZE) { 683 ret = EINVAL; 684 goto bail; 685 } 686 687 (void)memset(inbuf, 0, MAX_KEYSIZE); 688 ret = copyin(ci->ci_key, inbuf, keybytes); 689 if (ret) 690 goto bail; 691 692 cs->sc_cdata.cf_blocksize = ci->ci_blocksize; 693 cs->sc_cdata.cf_mode = encblkno[i].v; 694 cs->sc_cdata.cf_keylen = ci->ci_keylen; 695 cs->sc_cdata.cf_priv = cs->sc_cfuncs->cf_init(ci->ci_keylen, inbuf, 696 &cs->sc_cdata.cf_blocksize); 697 if (cs->sc_cdata.cf_blocksize > CGD_MAXBLOCKSIZE) { 698 log(LOG_WARNING, "cgd: Disallowed cipher with blocksize %zu > %u\n", 699 cs->sc_cdata.cf_blocksize, CGD_MAXBLOCKSIZE); 700 cs->sc_cdata.cf_priv = NULL; 701 } 702 703 /* 704 * The blocksize is supposed to be in bytes. Unfortunately originally 705 * it was expressed in bits. For compatibility we maintain encblkno 706 * and encblkno8. 707 */ 708 cs->sc_cdata.cf_blocksize /= encblkno[i].d; 709 (void)memset(inbuf, 0, MAX_KEYSIZE); 710 if (!cs->sc_cdata.cf_priv) { 711 ret = EINVAL; /* XXX is this the right error? */ 712 goto bail; 713 } 714 free(inbuf, M_TEMP); 715 716 bufq_alloc(&dksc->sc_bufq, "fcfs", 0); 717 718 cs->sc_data = malloc(MAXPHYS, M_DEVBUF, M_WAITOK); 719 cs->sc_data_used = 0; 720 721 dksc->sc_flags |= DKF_INITED; 722 723 disk_set_info(dksc->sc_dev, &dksc->sc_dkdev, NULL); 724 725 /* Attach the disk. */ 726 disk_attach(&dksc->sc_dkdev); 727 728 /* Try and read the disklabel. */ 729 dk_getdisklabel(di, dksc, 0 /* XXX ? (cause of PR 41704) */); 730 731 /* Discover wedges on this disk. */ 732 dkwedge_discover(&dksc->sc_dkdev); 733 734 return 0; 735 736 bail: 737 free(inbuf, M_TEMP); 738 (void)vn_close(vp, FREAD|FWRITE, l->l_cred); 739 return ret; 740 } 741 742 /* ARGSUSED */ 743 static int 744 cgd_ioctl_clr(struct cgd_softc *cs, struct lwp *l) 745 { 746 int s; 747 struct dk_softc *dksc = &cs->sc_dksc; 748 749 if ((dksc->sc_flags & DKF_INITED) == 0) 750 return ENXIO; 751 752 /* Delete all of our wedges. */ 753 dkwedge_delall(&dksc->sc_dkdev); 754 755 /* Kill off any queued buffers. */ 756 s = splbio(); 757 bufq_drain(dksc->sc_bufq); 758 splx(s); 759 bufq_free(dksc->sc_bufq); 760 761 (void)vn_close(cs->sc_tvn, FREAD|FWRITE, l->l_cred); 762 cs->sc_cfuncs->cf_destroy(cs->sc_cdata.cf_priv); 763 free(cs->sc_tpath, M_DEVBUF); 764 free(cs->sc_data, M_DEVBUF); 765 cs->sc_data_used = 0; 766 dksc->sc_flags &= ~DKF_INITED; 767 disk_detach(&dksc->sc_dkdev); 768 769 return 0; 770 } 771 772 static int 773 cgd_ioctl_get(dev_t dev, void *data, struct lwp *l) 774 { 775 struct cgd_softc *cs = getcgd_softc(dev); 776 struct cgd_user *cgu; 777 int unit; 778 struct dk_softc *dksc = &cs->sc_dksc; 779 780 unit = CGDUNIT(dev); 781 cgu = (struct cgd_user *)data; 782 783 DPRINTF_FOLLOW(("cgd_ioctl_get(0x%"PRIx64", %d, %p, %p)\n", 784 dev, unit, data, l)); 785 786 if (cgu->cgu_unit == -1) 787 cgu->cgu_unit = unit; 788 789 if (cgu->cgu_unit < 0) 790 return EINVAL; /* XXX: should this be ENXIO? */ 791 792 cs = device_lookup_private(&cgd_cd, unit); 793 if (cs == NULL || (dksc->sc_flags & DKF_INITED) == 0) { 794 cgu->cgu_dev = 0; 795 cgu->cgu_alg[0] = '\0'; 796 cgu->cgu_blocksize = 0; 797 cgu->cgu_mode = 0; 798 cgu->cgu_keylen = 0; 799 } 800 else { 801 cgu->cgu_dev = cs->sc_tdev; 802 strlcpy(cgu->cgu_alg, cs->sc_cfuncs->cf_name, 803 sizeof(cgu->cgu_alg)); 804 cgu->cgu_blocksize = cs->sc_cdata.cf_blocksize; 805 cgu->cgu_mode = cs->sc_cdata.cf_mode; 806 cgu->cgu_keylen = cs->sc_cdata.cf_keylen; 807 } 808 return 0; 809 } 810 811 static int 812 cgdinit(struct cgd_softc *cs, const char *cpath, struct vnode *vp, 813 struct lwp *l) 814 { 815 struct disk_geom *dg; 816 int ret; 817 char *tmppath; 818 uint64_t psize; 819 unsigned secsize; 820 struct dk_softc *dksc = &cs->sc_dksc; 821 822 cs->sc_tvn = vp; 823 cs->sc_tpath = NULL; 824 825 tmppath = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); 826 ret = copyinstr(cpath, tmppath, MAXPATHLEN, &cs->sc_tpathlen); 827 if (ret) 828 goto bail; 829 cs->sc_tpath = malloc(cs->sc_tpathlen, M_DEVBUF, M_WAITOK); 830 memcpy(cs->sc_tpath, tmppath, cs->sc_tpathlen); 831 832 cs->sc_tdev = vp->v_rdev; 833 834 if ((ret = getdisksize(vp, &psize, &secsize)) != 0) 835 goto bail; 836 837 if (psize == 0) { 838 ret = ENODEV; 839 goto bail; 840 } 841 842 /* 843 * XXX here we should probe the underlying device. If we 844 * are accessing a partition of type RAW_PART, then 845 * we should populate our initial geometry with the 846 * geometry that we discover from the device. 847 */ 848 dg = &dksc->sc_dkdev.dk_geom; 849 memset(dg, 0, sizeof(*dg)); 850 dg->dg_secperunit = psize; 851 // XXX: Inherit? 852 dg->dg_secsize = DEV_BSIZE; 853 dg->dg_ntracks = 1; 854 dg->dg_nsectors = 1024 * (1024 / dg->dg_secsize); 855 dg->dg_ncylinders = dg->dg_secperunit / dg->dg_nsectors; 856 857 bail: 858 free(tmppath, M_TEMP); 859 if (ret && cs->sc_tpath) 860 free(cs->sc_tpath, M_DEVBUF); 861 return ret; 862 } 863 864 /* 865 * Our generic cipher entry point. This takes care of the 866 * IV mode and passes off the work to the specific cipher. 867 * We implement here the IV method ``encrypted block 868 * number''. 869 * 870 * For the encryption case, we accomplish this by setting 871 * up a struct uio where the first iovec of the source is 872 * the blocknumber and the first iovec of the dest is a 873 * sink. We then call the cipher with an IV of zero, and 874 * the right thing happens. 875 * 876 * For the decryption case, we use the same basic mechanism 877 * for symmetry, but we encrypt the block number in the 878 * first iovec. 879 * 880 * We mainly do this to avoid requiring the definition of 881 * an ECB mode. 882 * 883 * XXXrcd: for now we rely on our own crypto framework defined 884 * in dev/cgd_crypto.c. This will change when we 885 * get a generic kernel crypto framework. 886 */ 887 888 static void 889 blkno2blkno_buf(char *sbuf, daddr_t blkno) 890 { 891 int i; 892 893 /* Set up the blkno in blkno_buf, here we do not care much 894 * about the final layout of the information as long as we 895 * can guarantee that each sector will have a different IV 896 * and that the endianness of the machine will not affect 897 * the representation that we have chosen. 898 * 899 * We choose this representation, because it does not rely 900 * on the size of buf (which is the blocksize of the cipher), 901 * but allows daddr_t to grow without breaking existing 902 * disks. 903 * 904 * Note that blkno2blkno_buf does not take a size as input, 905 * and hence must be called on a pre-zeroed buffer of length 906 * greater than or equal to sizeof(daddr_t). 907 */ 908 for (i=0; i < sizeof(daddr_t); i++) { 909 *sbuf++ = blkno & 0xff; 910 blkno >>= 8; 911 } 912 } 913 914 static void 915 cgd_cipher(struct cgd_softc *cs, void *dstv, void *srcv, 916 size_t len, daddr_t blkno, size_t secsize, int dir) 917 { 918 char *dst = dstv; 919 char *src = srcv; 920 cfunc_cipher *cipher = cs->sc_cfuncs->cf_cipher; 921 struct uio dstuio; 922 struct uio srcuio; 923 struct iovec dstiov[2]; 924 struct iovec srciov[2]; 925 size_t blocksize = cs->sc_cdata.cf_blocksize; 926 char sink[CGD_MAXBLOCKSIZE]; 927 char zero_iv[CGD_MAXBLOCKSIZE]; 928 char blkno_buf[CGD_MAXBLOCKSIZE]; 929 930 DPRINTF_FOLLOW(("cgd_cipher() dir=%d\n", dir)); 931 932 DIAGCONDPANIC(len % blocksize != 0, 933 ("cgd_cipher: len %% blocksize != 0")); 934 935 /* ensure that sizeof(daddr_t) <= blocksize (for encblkno IVing) */ 936 DIAGCONDPANIC(sizeof(daddr_t) > blocksize, 937 ("cgd_cipher: sizeof(daddr_t) > blocksize")); 938 939 memset(zero_iv, 0x0, blocksize); 940 941 dstuio.uio_iov = dstiov; 942 dstuio.uio_iovcnt = 2; 943 944 srcuio.uio_iov = srciov; 945 srcuio.uio_iovcnt = 2; 946 947 dstiov[0].iov_base = sink; 948 dstiov[0].iov_len = blocksize; 949 srciov[0].iov_base = blkno_buf; 950 srciov[0].iov_len = blocksize; 951 dstiov[1].iov_len = secsize; 952 srciov[1].iov_len = secsize; 953 954 for (; len > 0; len -= secsize) { 955 dstiov[1].iov_base = dst; 956 srciov[1].iov_base = src; 957 958 memset(blkno_buf, 0x0, blocksize); 959 blkno2blkno_buf(blkno_buf, blkno); 960 if (dir == CGD_CIPHER_DECRYPT) { 961 dstuio.uio_iovcnt = 1; 962 srcuio.uio_iovcnt = 1; 963 IFDEBUG(CGDB_CRYPTO, hexprint("step 0: blkno_buf", 964 blkno_buf, blocksize)); 965 cipher(cs->sc_cdata.cf_priv, &dstuio, &srcuio, 966 zero_iv, CGD_CIPHER_ENCRYPT); 967 memcpy(blkno_buf, sink, blocksize); 968 dstuio.uio_iovcnt = 2; 969 srcuio.uio_iovcnt = 2; 970 } 971 972 IFDEBUG(CGDB_CRYPTO, hexprint("step 1: blkno_buf", 973 blkno_buf, blocksize)); 974 cipher(cs->sc_cdata.cf_priv, &dstuio, &srcuio, zero_iv, dir); 975 IFDEBUG(CGDB_CRYPTO, hexprint("step 2: sink", 976 sink, blocksize)); 977 978 dst += secsize; 979 src += secsize; 980 blkno++; 981 } 982 } 983 984 #ifdef DEBUG 985 static void 986 hexprint(const char *start, void *buf, int len) 987 { 988 char *c = buf; 989 990 DIAGCONDPANIC(len < 0, ("hexprint: called with len < 0")); 991 printf("%s: len=%06d 0x", start, len); 992 while (len--) 993 printf("%02x", (unsigned char) *c++); 994 } 995 #endif 996 997 MODULE(MODULE_CLASS_DRIVER, cgd, "dk_subr"); 998 999 #ifdef _MODULE 1000 CFDRIVER_DECL(cgd, DV_DISK, NULL); 1001 #endif 1002 1003 static int 1004 cgd_modcmd(modcmd_t cmd, void *arg) 1005 { 1006 int error = 0; 1007 1008 #ifdef _MODULE 1009 int bmajor = -1, cmajor = -1; 1010 #endif 1011 1012 switch (cmd) { 1013 case MODULE_CMD_INIT: 1014 #ifdef _MODULE 1015 error = config_cfdriver_attach(&cgd_cd); 1016 if (error) 1017 break; 1018 1019 error = config_cfattach_attach(cgd_cd.cd_name, &cgd_ca); 1020 if (error) { 1021 config_cfdriver_detach(&cgd_cd); 1022 aprint_error("%s: unable to register cfattach\n", 1023 cgd_cd.cd_name); 1024 break; 1025 } 1026 1027 error = devsw_attach("cgd", &cgd_bdevsw, &bmajor, 1028 &cgd_cdevsw, &cmajor); 1029 if (error) { 1030 config_cfattach_detach(cgd_cd.cd_name, &cgd_ca); 1031 config_cfdriver_detach(&cgd_cd); 1032 break; 1033 } 1034 #endif 1035 break; 1036 1037 case MODULE_CMD_FINI: 1038 #ifdef _MODULE 1039 error = config_cfattach_detach(cgd_cd.cd_name, &cgd_ca); 1040 if (error) 1041 break; 1042 config_cfdriver_detach(&cgd_cd); 1043 devsw_detach(&cgd_bdevsw, &cgd_cdevsw); 1044 #endif 1045 break; 1046 1047 case MODULE_CMD_STAT: 1048 return ENOTTY; 1049 1050 default: 1051 return ENOTTY; 1052 } 1053 1054 return error; 1055 } 1056