fxr.watson.org: sys/contrib/openzfs/module/icp/include/sys/crypto/impl.h

FreeBSD/Linux Kernel Cross Reference
sys/contrib/openzfs/module/icp/include/sys/crypto/impl.h

Version: - FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10

1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or https://opensource.org/licenses/CDDL-1.0. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _SYS_CRYPTO_IMPL_H 27 #define _SYS_CRYPTO_IMPL_H 28 29 /* 30 * Kernel Cryptographic Framework private implementation definitions. 31 */ 32 33 #include <sys/zfs_context.h> 34 #include <sys/crypto/common.h> 35 #include <sys/crypto/api.h> 36 #include <sys/crypto/spi.h> 37 #include <sys/avl.h> 38 39 #ifdef __cplusplus 40 extern "C" { 41 #endif 42 43 /* 44 * Prefixes convention: structures internal to the kernel cryptographic 45 * framework start with 'kcf_'. Exposed structure start with 'crypto_'. 46 */ 47 48 49 /* 50 * The following two macros should be 51 * #define KCF_OPS_CLASSSIZE (KCF_LAST_OPSCLASS - KCF_FIRST_OPSCLASS + 2) 52 * #define KCF_MAXMECHTAB KCF_MAXCIPHER 53 * 54 * However, doing that would involve reorganizing the header file a bit. 55 * When impl.h is broken up (bug# 4703218), this will be done. For now, 56 * we hardcode these values. 57 */ 58 #define KCF_OPS_CLASSSIZE 4 59 #define KCF_MAXMECHTAB 32 60 61 /* 62 * Valid values for the state of a provider. The order of 63 * the elements is important. 64 * 65 * Routines which get a provider or the list of providers 66 * should pick only those that are in KCF_PROV_READY state. 67 */ 68 typedef enum { 69 KCF_PROV_ALLOCATED = 1, 70 /* 71 * state < KCF_PROV_READY means the provider can not 72 * be used at all. 73 */ 74 KCF_PROV_READY, 75 /* 76 * state > KCF_PROV_READY means the provider can not 77 * be used for new requests. 78 */ 79 KCF_PROV_FAILED, 80 /* 81 * Threads setting the following two states should do so only 82 * if the current state < KCF_PROV_DISABLED. 83 */ 84 KCF_PROV_DISABLED, 85 KCF_PROV_REMOVED, 86 KCF_PROV_FREED 87 } kcf_prov_state_t; 88 89 #define KCF_IS_PROV_USABLE(pd) ((pd)->pd_state == KCF_PROV_READY) 90 #define KCF_IS_PROV_REMOVED(pd) ((pd)->pd_state >= KCF_PROV_REMOVED) 91 92 /* 93 * A provider descriptor structure. There is one such structure per 94 * provider. It is allocated and initialized at registration time and 95 * freed when the provider unregisters. 96 * 97 * pd_refcnt: Reference counter to this provider descriptor 98 * pd_irefcnt: References held by the framework internal structs 99 * pd_lock: lock protects pd_state 100 * pd_state: State value of the provider 101 * pd_ops_vector: The ops vector specified by Provider 102 * pd_mech_indx: Lookup table which maps a core framework mechanism 103 * number to an index in pd_mechanisms array 104 * pd_mechanisms: Array of mechanisms supported by the provider, specified 105 * by the provider during registration 106 * pd_mech_list_count: The number of entries in pi_mechanisms, specified 107 * by the provider during registration 108 * pd_remove_cv: cv to wait on while the provider queue drains 109 * pd_description: Provider description string 110 * pd_kcf_prov_handle: KCF-private handle assigned by KCF 111 * pd_prov_id: Identification # assigned by KCF to provider 112 */ 113 typedef struct kcf_provider_desc { 114 uint_t pd_refcnt; 115 uint_t pd_irefcnt; 116 kmutex_t pd_lock; 117 kcf_prov_state_t pd_state; 118 const crypto_ops_t *pd_ops_vector; 119 ushort_t pd_mech_indx[KCF_OPS_CLASSSIZE]\ 120 [KCF_MAXMECHTAB]; 121 const crypto_mech_info_t *pd_mechanisms; 122 uint_t pd_mech_list_count; 123 kcondvar_t pd_remove_cv; 124 const char *pd_description; 125 crypto_kcf_provider_handle_t pd_kcf_prov_handle; 126 crypto_provider_id_t pd_prov_id; 127 } kcf_provider_desc_t; 128 129 /* 130 * If a component has a reference to a kcf_provider_desc_t, 131 * it REFHOLD()s. A new provider descriptor which is referenced only 132 * by the providers table has a reference counter of one. 133 */ 134 #define KCF_PROV_REFHOLD(desc) { \ 135 int newval = atomic_add_32_nv(&(desc)->pd_refcnt, 1); \ 136 ASSERT(newval != 0); \ 137 } 138 139 #define KCF_PROV_IREFHOLD(desc) { \ 140 int newval = atomic_add_32_nv(&(desc)->pd_irefcnt, 1); \ 141 ASSERT(newval != 0); \ 142 } 143 144 #define KCF_PROV_IREFRELE(desc) { \ 145 membar_producer(); \ 146 int newval = atomic_add_32_nv(&(desc)->pd_irefcnt, -1); \ 147 ASSERT(newval != -1); \ 148 if (newval == 0) { \ 149 cv_broadcast(&(desc)->pd_remove_cv); \ 150 } \ 151 } 152 153 #define KCF_PROV_REFHELD(desc) ((desc)->pd_refcnt >= 1) 154 155 #define KCF_PROV_REFRELE(desc) { \ 156 membar_producer(); \ 157 int newval = atomic_add_32_nv(&(desc)->pd_refcnt, -1); \ 158 ASSERT(newval != -1); \ 159 if (newval == 0) { \ 160 kcf_provider_zero_refcnt((desc)); \ 161 } \ 162 } 163 164 165 /* 166 * An element in a mechanism provider descriptors chain. 167 * The kcf_prov_mech_desc_t is duplicated in every chain the provider belongs 168 * to. This is a small tradeoff memory vs mutex spinning time to access the 169 * common provider field. 170 */ 171 172 typedef struct kcf_prov_mech_desc { 173 struct kcf_mech_entry *pm_me; /* Back to the head */ 174 struct kcf_prov_mech_desc *pm_next; /* Next in the chain */ 175 crypto_mech_info_t pm_mech_info; /* Provider mech info */ 176 kcf_provider_desc_t *pm_prov_desc; /* Common desc. */ 177 } kcf_prov_mech_desc_t; 178 179 /* 180 * A mechanism entry in an xxx_mech_tab[]. me_pad was deemed 181 * to be unnecessary and removed. 182 */ 183 typedef struct kcf_mech_entry { 184 crypto_mech_name_t me_name; /* mechanism name */ 185 crypto_mech_type_t me_mechid; /* Internal id for mechanism */ 186 kcf_prov_mech_desc_t *me_sw_prov; /* provider */ 187 avl_node_t me_node; 188 } kcf_mech_entry_t; 189 190 /* 191 * If a component has a reference to a kcf_policy_desc_t, 192 * it REFHOLD()s. A new policy descriptor which is referenced only 193 * by the policy table has a reference count of one. 194 */ 195 #define KCF_POLICY_REFHOLD(desc) { \ 196 int newval = atomic_add_32_nv(&(desc)->pd_refcnt, 1); \ 197 ASSERT(newval != 0); \ 198 } 199 200 /* 201 * Releases a reference to a policy descriptor. When the last 202 * reference is released, the descriptor is freed. 203 */ 204 #define KCF_POLICY_REFRELE(desc) { \ 205 membar_producer(); \ 206 int newval = atomic_add_32_nv(&(desc)->pd_refcnt, -1); \ 207 ASSERT(newval != -1); \ 208 if (newval == 0) \ 209 kcf_policy_free_desc(desc); \ 210 } 211 212 /* 213 * Global tables. The sizes are from the predefined PKCS#11 v2.20 mechanisms, 214 * with a margin of few extra empty entry points 215 */ 216 217 #define KCF_MAXDIGEST 16 /* Digests */ 218 #define KCF_MAXCIPHER 32 /* Ciphers */ 219 #define KCF_MAXMAC 40 /* Message authentication codes */ 220 221 _Static_assert(KCF_MAXCIPHER == KCF_MAXMECHTAB, 222 "KCF_MAXCIPHER != KCF_MAXMECHTAB"); /* See KCF_MAXMECHTAB comment */ 223 224 typedef enum { 225 KCF_DIGEST_CLASS = 1, 226 KCF_CIPHER_CLASS, 227 KCF_MAC_CLASS, 228 } kcf_ops_class_t; 229 230 #define KCF_FIRST_OPSCLASS KCF_DIGEST_CLASS 231 #define KCF_LAST_OPSCLASS KCF_MAC_CLASS 232 _Static_assert( 233 KCF_OPS_CLASSSIZE == (KCF_LAST_OPSCLASS - KCF_FIRST_OPSCLASS + 2), 234 "KCF_OPS_CLASSSIZE doesn't match kcf_ops_class_t!"); 235 236 /* The table of all the kcf_xxx_mech_tab[]s, indexed by kcf_ops_class */ 237 238 typedef struct kcf_mech_entry_tab { 239 int met_size; /* Size of the met_tab[] */ 240 kcf_mech_entry_t *met_tab; /* the table */ 241 } kcf_mech_entry_tab_t; 242 243 extern const kcf_mech_entry_tab_t kcf_mech_tabs_tab[]; 244 245 #define KCF_MECHID(class, index) \ 246 (((crypto_mech_type_t)(class) << 32) | (crypto_mech_type_t)(index)) 247 248 #define KCF_MECH2CLASS(mech_type) ((kcf_ops_class_t)((mech_type) >> 32)) 249 250 #define KCF_MECH2INDEX(mech_type) ((int)((mech_type) & 0xFFFFFFFF)) 251 252 #define KCF_TO_PROV_MECH_INDX(pd, mech_type) \ 253 ((pd)->pd_mech_indx[KCF_MECH2CLASS(mech_type)] \ 254 [KCF_MECH2INDEX(mech_type)]) 255 256 #define KCF_TO_PROV_MECHINFO(pd, mech_type) \ 257 ((pd)->pd_mechanisms[KCF_TO_PROV_MECH_INDX(pd, mech_type)]) 258 259 #define KCF_TO_PROV_MECHNUM(pd, mech_type) \ 260 (KCF_TO_PROV_MECHINFO(pd, mech_type).cm_mech_number) 261 262 /* 263 * Return codes for internal functions 264 */ 265 #define KCF_SUCCESS 0x0 /* Successful call */ 266 #define KCF_INVALID_MECH_NUMBER 0x1 /* invalid mechanism number */ 267 #define KCF_INVALID_MECH_NAME 0x2 /* invalid mechanism name */ 268 #define KCF_INVALID_MECH_CLASS 0x3 /* invalid mechanism class */ 269 #define KCF_MECH_TAB_FULL 0x4 /* Need more room in the mech tabs. */ 270 #define KCF_INVALID_INDX ((ushort_t)-1) 271 272 /* 273 * Wrappers for ops vectors. In the wrapper definitions below, the pd 274 * argument always corresponds to a pointer to a provider descriptor 275 * of type kcf_prov_desc_t. 276 */ 277 278 #define KCF_PROV_DIGEST_OPS(pd) ((pd)->pd_ops_vector->co_digest_ops) 279 #define KCF_PROV_CIPHER_OPS(pd) ((pd)->pd_ops_vector->co_cipher_ops) 280 #define KCF_PROV_MAC_OPS(pd) ((pd)->pd_ops_vector->co_mac_ops) 281 #define KCF_PROV_CTX_OPS(pd) ((pd)->pd_ops_vector->co_ctx_ops) 282 283 /* 284 * Wrappers for crypto_digest_ops(9S) entry points. 285 */ 286 287 #define KCF_PROV_DIGEST_INIT(pd, ctx, mech) ( \ 288 (KCF_PROV_DIGEST_OPS(pd) && KCF_PROV_DIGEST_OPS(pd)->digest_init) ? \ 289 KCF_PROV_DIGEST_OPS(pd)->digest_init(ctx, mech) : \ 290 CRYPTO_NOT_SUPPORTED) 291 292 /* 293 * Wrappers for crypto_cipher_ops(9S) entry points. 294 */ 295 296 #define KCF_PROV_ENCRYPT_INIT(pd, ctx, mech, key, template) ( \ 297 (KCF_PROV_CIPHER_OPS(pd) && KCF_PROV_CIPHER_OPS(pd)->encrypt_init) ? \ 298 KCF_PROV_CIPHER_OPS(pd)->encrypt_init(ctx, mech, key, template) : \ 299 CRYPTO_NOT_SUPPORTED) 300 301 #define KCF_PROV_ENCRYPT_ATOMIC(pd, mech, key, plaintext, ciphertext, \ 302 template) ( \ 303 (KCF_PROV_CIPHER_OPS(pd) && KCF_PROV_CIPHER_OPS(pd)->encrypt_atomic) ? \ 304 KCF_PROV_CIPHER_OPS(pd)->encrypt_atomic( \ 305 mech, key, plaintext, ciphertext, template) : \ 306 CRYPTO_NOT_SUPPORTED) 307 308 #define KCF_PROV_DECRYPT_ATOMIC(pd, mech, key, ciphertext, plaintext, \ 309 template) ( \ 310 (KCF_PROV_CIPHER_OPS(pd) && KCF_PROV_CIPHER_OPS(pd)->decrypt_atomic) ? \ 311 KCF_PROV_CIPHER_OPS(pd)->decrypt_atomic( \ 312 mech, key, ciphertext, plaintext, template) : \ 313 CRYPTO_NOT_SUPPORTED) 314 315 /* 316 * Wrappers for crypto_mac_ops(9S) entry points. 317 */ 318 319 #define KCF_PROV_MAC_INIT(pd, ctx, mech, key, template) ( \ 320 (KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_init) ? \ 321 KCF_PROV_MAC_OPS(pd)->mac_init(ctx, mech, key, template) \ 322 : CRYPTO_NOT_SUPPORTED) 323 324 /* 325 * The _ (underscore) in _mac is needed to avoid replacing the 326 * function mac(). 327 */ 328 #define KCF_PROV_MAC_UPDATE(pd, ctx, data) ( \ 329 (KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_update) ? \ 330 KCF_PROV_MAC_OPS(pd)->mac_update(ctx, data) : \ 331 CRYPTO_NOT_SUPPORTED) 332 333 #define KCF_PROV_MAC_FINAL(pd, ctx, mac) ( \ 334 (KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_final) ? \ 335 KCF_PROV_MAC_OPS(pd)->mac_final(ctx, mac) : \ 336 CRYPTO_NOT_SUPPORTED) 337 338 #define KCF_PROV_MAC_ATOMIC(pd, mech, key, data, mac, template) ( \ 339 (KCF_PROV_MAC_OPS(pd) && KCF_PROV_MAC_OPS(pd)->mac_atomic) ? \ 340 KCF_PROV_MAC_OPS(pd)->mac_atomic( \ 341 mech, key, data, mac, template) : \ 342 CRYPTO_NOT_SUPPORTED) 343 344 /* 345 * Wrappers for crypto_ctx_ops(9S) entry points. 346 */ 347 348 #define KCF_PROV_CREATE_CTX_TEMPLATE(pd, mech, key, template, size) ( \ 349 (KCF_PROV_CTX_OPS(pd) && KCF_PROV_CTX_OPS(pd)->create_ctx_template) ? \ 350 KCF_PROV_CTX_OPS(pd)->create_ctx_template( \ 351 mech, key, template, size) : \ 352 CRYPTO_NOT_SUPPORTED) 353 354 #define KCF_PROV_FREE_CONTEXT(pd, ctx) ( \ 355 (KCF_PROV_CTX_OPS(pd) && KCF_PROV_CTX_OPS(pd)->free_context) ? \ 356 KCF_PROV_CTX_OPS(pd)->free_context(ctx) : CRYPTO_NOT_SUPPORTED) 357 358 359 /* Miscellaneous */ 360 extern void kcf_destroy_mech_tabs(void); 361 extern void kcf_init_mech_tabs(void); 362 extern int kcf_add_mech_provider(short, kcf_provider_desc_t *, 363 kcf_prov_mech_desc_t **); 364 extern void kcf_remove_mech_provider(const char *, kcf_provider_desc_t *); 365 extern int kcf_get_mech_entry(crypto_mech_type_t, kcf_mech_entry_t **); 366 extern kcf_provider_desc_t *kcf_alloc_provider_desc(void); 367 extern void kcf_provider_zero_refcnt(kcf_provider_desc_t *); 368 extern void kcf_free_provider_desc(kcf_provider_desc_t *); 369 extern void undo_register_provider(kcf_provider_desc_t *, boolean_t); 370 extern int crypto_put_output_data(uchar_t *, crypto_data_t *, int); 371 extern int crypto_update_iov(void *, crypto_data_t *, crypto_data_t *, 372 int (*cipher)(void *, caddr_t, size_t, crypto_data_t *)); 373 extern int crypto_update_uio(void *, crypto_data_t *, crypto_data_t *, 374 int (*cipher)(void *, caddr_t, size_t, crypto_data_t *)); 375 376 /* Access to the provider's table */ 377 extern void kcf_prov_tab_destroy(void); 378 extern void kcf_prov_tab_init(void); 379 extern int kcf_prov_tab_add_provider(kcf_provider_desc_t *); 380 extern int kcf_prov_tab_rem_provider(crypto_provider_id_t); 381 extern kcf_provider_desc_t *kcf_prov_tab_lookup(crypto_provider_id_t); 382 extern int kcf_get_sw_prov(crypto_mech_type_t, kcf_provider_desc_t **, 383 kcf_mech_entry_t **, boolean_t); 384 385 386 #ifdef __cplusplus 387 } 388 #endif 389 390 #endif /* _SYS_CRYPTO_IMPL_H */

Cache object: 684adde1d7e9cb539468dddbc5096935

FreeBSD/Linux Kernel Cross Reference sys/contrib/openzfs/module/icp/include/sys/crypto/impl.h

FreeBSD/Linux Kernel Cross Reference
sys/contrib/openzfs/module/icp/include/sys/crypto/impl.h