FreeBSD/Linux Kernel Cross Reference
sys/geom/bde/g_bde.c
1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2002 Poul-Henning Kamp
5 * Copyright (c) 2002 Networks Associates Technology, Inc.
6 * All rights reserved.
7 *
8 * This software was developed for the FreeBSD Project by Poul-Henning Kamp
9 * and NAI Labs, the Security Research Division of Network Associates, Inc.
10 * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
11 * DARPA CHATS research program.
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * $FreeBSD$
35 *
36 */
37
38 #include <sys/param.h>
39 #include <sys/bio.h>
40 #include <sys/lock.h>
41 #include <sys/mutex.h>
42 #include <sys/malloc.h>
43 #include <sys/systm.h>
44 #include <sys/kernel.h>
45 #include <sys/kthread.h>
46 #include <sys/sysctl.h>
47
48 #include <crypto/rijndael/rijndael-api-fst.h>
49 #include <crypto/sha2/sha512.h>
50 #include <geom/geom.h>
51 #include <geom/bde/g_bde.h>
52 #define BDE_CLASS_NAME "BDE"
53
54 FEATURE(geom_bde, "GEOM-based Disk Encryption");
55
56 static void
57 g_bde_start(struct bio *bp)
58 {
59
60 switch (bp->bio_cmd) {
61 case BIO_DELETE:
62 case BIO_READ:
63 case BIO_WRITE:
64 g_bde_start1(bp);
65 break;
66 case BIO_GETATTR:
67 g_io_deliver(bp, EOPNOTSUPP);
68 break;
69 default:
70 g_io_deliver(bp, EOPNOTSUPP);
71 return;
72 }
73 return;
74 }
75
76 static void
77 g_bde_orphan(struct g_consumer *cp)
78 {
79 struct g_geom *gp;
80 struct g_provider *pp;
81 struct g_bde_softc *sc;
82
83 g_trace(G_T_TOPOLOGY, "g_bde_orphan(%p/%s)", cp, cp->provider->name);
84 g_topology_assert();
85
86 gp = cp->geom;
87 sc = gp->softc;
88 gp->flags |= G_GEOM_WITHER;
89 LIST_FOREACH(pp, &gp->provider, provider)
90 g_wither_provider(pp, ENXIO);
91 explicit_bzero(sc, sizeof(struct g_bde_softc)); /* destroy evidence */
92 return;
93 }
94
95 static int
96 g_bde_access(struct g_provider *pp, int dr, int dw, int de)
97 {
98 struct g_geom *gp;
99 struct g_consumer *cp;
100
101 gp = pp->geom;
102 cp = LIST_FIRST(&gp->consumer);
103 if (cp->acr == 0 && cp->acw == 0 && cp->ace == 0) {
104 de++;
105 dr++;
106 }
107 /* ... and let go of it on last close */
108 if ((cp->acr + dr) == 0 && (cp->acw + dw) == 0 && (cp->ace + de) == 1) {
109 de--;
110 dr--;
111 }
112 return (g_access(cp, dr, dw, de));
113 }
114
115 static void
116 g_bde_create_geom(struct gctl_req *req, struct g_class *mp, struct g_provider *pp)
117 {
118 struct g_geom *gp;
119 struct g_consumer *cp;
120 struct g_bde_key *kp;
121 int error, i;
122 u_int sectorsize;
123 off_t mediasize;
124 struct g_bde_softc *sc;
125 void *pass;
126 void *key;
127
128 g_trace(G_T_TOPOLOGY, "g_bde_create_geom(%s, %s)", mp->name, pp->name);
129 g_topology_assert();
130 gp = NULL;
131
132 gp = g_new_geomf(mp, "%s.bde", pp->name);
133 cp = g_new_consumer(gp);
134 error = g_attach(cp, pp);
135 if (error != 0) {
136 g_destroy_consumer(cp);
137 g_destroy_geom(gp);
138 gctl_error(req, "could not attach consumer");
139 return;
140 }
141 error = g_access(cp, 1, 1, 1);
142 if (error) {
143 g_detach(cp);
144 g_destroy_consumer(cp);
145 g_destroy_geom(gp);
146 gctl_error(req, "could not access consumer");
147 return;
148 }
149 pass = NULL;
150 key = NULL;
151 do {
152 pass = gctl_get_param(req, "pass", &i);
153 if (pass == NULL || i != SHA512_DIGEST_LENGTH) {
154 gctl_error(req, "No usable key presented");
155 break;
156 }
157 key = gctl_get_param(req, "key", &i);
158 if (key != NULL && i != 16) {
159 gctl_error(req, "Invalid key presented");
160 break;
161 }
162 sectorsize = cp->provider->sectorsize;
163 mediasize = cp->provider->mediasize;
164 sc = g_malloc(sizeof(struct g_bde_softc), M_WAITOK | M_ZERO);
165 gp->softc = sc;
166 sc->geom = gp;
167 sc->consumer = cp;
168
169 error = g_bde_decrypt_lock(sc, pass, key,
170 mediasize, sectorsize, NULL);
171 explicit_bzero(sc->sha2, sizeof sc->sha2);
172 if (error)
173 break;
174 kp = &sc->key;
175
176 /* Initialize helper-fields */
177 kp->keys_per_sector = kp->sectorsize / G_BDE_SKEYLEN;
178 kp->zone_cont = kp->keys_per_sector * kp->sectorsize;
179 kp->zone_width = kp->zone_cont + kp->sectorsize;
180 kp->media_width = kp->sectorN - kp->sector0 -
181 G_BDE_MAXKEYS * kp->sectorsize;
182
183 /* Our external parameters */
184 sc->zone_cont = kp->zone_cont;
185 sc->mediasize = g_bde_max_sector(kp);
186 sc->sectorsize = kp->sectorsize;
187
188 TAILQ_INIT(&sc->freelist);
189 TAILQ_INIT(&sc->worklist);
190 mtx_init(&sc->worklist_mutex, "g_bde_worklist", NULL, MTX_DEF);
191 /* XXX: error check */
192 kproc_create(g_bde_worker, gp, &sc->thread, 0, 0,
193 "g_bde %s", gp->name);
194 pp = g_new_providerf(gp, "%s", gp->name);
195 pp->stripesize = kp->zone_cont;
196 pp->stripeoffset = 0;
197 pp->mediasize = sc->mediasize;
198 pp->sectorsize = sc->sectorsize;
199 g_error_provider(pp, 0);
200 break;
201 } while (0);
202 if (pass != NULL)
203 explicit_bzero(pass, SHA512_DIGEST_LENGTH);
204 if (key != NULL)
205 explicit_bzero(key, 16);
206 if (error == 0)
207 return;
208 g_access(cp, -1, -1, -1);
209 g_detach(cp);
210 g_destroy_consumer(cp);
211 g_free(gp->softc);
212 g_destroy_geom(gp);
213 switch (error) {
214 case ENOENT:
215 gctl_error(req, "Lock was destroyed");
216 break;
217 case ESRCH:
218 gctl_error(req, "Lock was nuked");
219 break;
220 case EINVAL:
221 gctl_error(req, "Could not open lock");
222 break;
223 case ENOTDIR:
224 gctl_error(req, "Lock not found");
225 break;
226 default:
227 gctl_error(req, "Could not open lock (%d)", error);
228 break;
229 }
230 return;
231 }
232
233 static int
234 g_bde_destroy_geom(struct gctl_req *req, struct g_class *mp, struct g_geom *gp)
235 {
236 struct g_consumer *cp;
237 struct g_provider *pp;
238 struct g_bde_softc *sc;
239
240 g_trace(G_T_TOPOLOGY, "g_bde_destroy_geom(%s, %s)", mp->name, gp->name);
241 g_topology_assert();
242 /*
243 * Orderly detachment.
244 */
245 KASSERT(gp != NULL, ("NULL geom"));
246 pp = LIST_FIRST(&gp->provider);
247 KASSERT(pp != NULL, ("NULL provider"));
248 if (pp->acr > 0 || pp->acw > 0 || pp->ace > 0)
249 return (EBUSY);
250 sc = gp->softc;
251 cp = LIST_FIRST(&gp->consumer);
252 KASSERT(cp != NULL, ("NULL consumer"));
253 sc->dead = 1;
254 wakeup(sc);
255 g_access(cp, -1, -1, -1);
256 g_detach(cp);
257 g_destroy_consumer(cp);
258 while (sc->dead != 2 && !LIST_EMPTY(&pp->consumers))
259 tsleep(sc, PRIBIO, "g_bdedie", hz);
260 mtx_destroy(&sc->worklist_mutex);
261 explicit_bzero(&sc->key, sizeof sc->key);
262 g_free(sc);
263 g_wither_geom(gp, ENXIO);
264 return (0);
265 }
266
267 static void
268 g_bde_ctlreq(struct gctl_req *req, struct g_class *mp, char const *verb)
269 {
270 struct g_geom *gp;
271 struct g_provider *pp;
272
273 if (!strcmp(verb, "create geom")) {
274 pp = gctl_get_provider(req, "provider");
275 if (pp != NULL)
276 g_bde_create_geom(req, mp, pp);
277 } else if (!strcmp(verb, "destroy geom")) {
278 gp = gctl_get_geom(req, mp, "geom");
279 if (gp != NULL)
280 g_bde_destroy_geom(req, mp, gp);
281 } else {
282 gctl_error(req, "unknown verb");
283 }
284 }
285
286 static struct g_class g_bde_class = {
287 .name = BDE_CLASS_NAME,
288 .version = G_VERSION,
289 .destroy_geom = g_bde_destroy_geom,
290 .ctlreq = g_bde_ctlreq,
291 .start = g_bde_start,
292 .orphan = g_bde_orphan,
293 .access = g_bde_access,
294 .spoiled = g_std_spoiled,
295 };
296
297 DECLARE_GEOM_CLASS(g_bde_class, g_bde);
298 MODULE_VERSION(geom_bde, 0);
Cache object: d6c22a973b72be6b3793b6ad8485df77
|