The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/geom/bde/g_bde.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
    3  *
    4  * Copyright (c) 2002 Poul-Henning Kamp
    5  * Copyright (c) 2002 Networks Associates Technology, Inc.
    6  * All rights reserved.
    7  *
    8  * This software was developed for the FreeBSD Project by Poul-Henning Kamp
    9  * and NAI Labs, the Security Research Division of Network Associates, Inc.
   10  * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
   11  * DARPA CHATS research program.
   12  *
   13  * Redistribution and use in source and binary forms, with or without
   14  * modification, are permitted provided that the following conditions
   15  * are met:
   16  * 1. Redistributions of source code must retain the above copyright
   17  *    notice, this list of conditions and the following disclaimer.
   18  * 2. Redistributions in binary form must reproduce the above copyright
   19  *    notice, this list of conditions and the following disclaimer in the
   20  *    documentation and/or other materials provided with the distribution.
   21  *
   22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   32  * SUCH DAMAGE.
   33  *
   34  * $FreeBSD: releng/12.0/sys/geom/bde/g_bde.c 332387 2018-04-10 19:18:16Z kevans $
   35  *
   36  */
   37 
   38 #include <sys/param.h>
   39 #include <sys/bio.h>
   40 #include <sys/lock.h>
   41 #include <sys/mutex.h>
   42 #include <sys/malloc.h>
   43 #include <sys/systm.h>
   44 #include <sys/kernel.h>
   45 #include <sys/kthread.h>
   46 #include <sys/sysctl.h>
   47 
   48 #include <crypto/rijndael/rijndael-api-fst.h>
   49 #include <crypto/sha2/sha512.h>
   50 #include <geom/geom.h>
   51 #include <geom/bde/g_bde.h>
   52 #define BDE_CLASS_NAME "BDE"
   53 
   54 FEATURE(geom_bde, "GEOM-based Disk Encryption");
   55 
   56 static void
   57 g_bde_start(struct bio *bp)
   58 {
   59 
   60         switch (bp->bio_cmd) {
   61         case BIO_DELETE:
   62         case BIO_READ:
   63         case BIO_WRITE:
   64                 g_bde_start1(bp);
   65                 break;
   66         case BIO_GETATTR:
   67                 g_io_deliver(bp, EOPNOTSUPP);
   68                 break;
   69         default:
   70                 g_io_deliver(bp, EOPNOTSUPP);
   71                 return;
   72         }
   73         return;
   74 }
   75 
   76 static void
   77 g_bde_orphan(struct g_consumer *cp)
   78 {
   79         struct g_geom *gp;
   80         struct g_provider *pp;
   81         struct g_bde_softc *sc;
   82 
   83         g_trace(G_T_TOPOLOGY, "g_bde_orphan(%p/%s)", cp, cp->provider->name);
   84         g_topology_assert();
   85 
   86         gp = cp->geom;
   87         sc = gp->softc;
   88         gp->flags |= G_GEOM_WITHER;
   89         LIST_FOREACH(pp, &gp->provider, provider)
   90                 g_wither_provider(pp, ENXIO);
   91         bzero(sc, sizeof(struct g_bde_softc));  /* destroy evidence */
   92         return;
   93 }
   94 
   95 static int
   96 g_bde_access(struct g_provider *pp, int dr, int dw, int de)
   97 {
   98         struct g_geom *gp;
   99         struct g_consumer *cp;
  100 
  101         gp = pp->geom;
  102         cp = LIST_FIRST(&gp->consumer);
  103         if (cp->acr == 0 && cp->acw == 0 && cp->ace == 0) {
  104                 de++;
  105                 dr++;
  106         }
  107         /* ... and let go of it on last close */
  108         if ((cp->acr + dr) == 0 && (cp->acw + dw) == 0 && (cp->ace + de) == 1) {
  109                 de--;
  110                 dr--;
  111         }
  112         return (g_access(cp, dr, dw, de));
  113 }
  114 
  115 static void
  116 g_bde_create_geom(struct gctl_req *req, struct g_class *mp, struct g_provider *pp)
  117 {
  118         struct g_geom *gp;
  119         struct g_consumer *cp;
  120         struct g_bde_key *kp;
  121         int error, i;
  122         u_int sectorsize;
  123         off_t mediasize;
  124         struct g_bde_softc *sc;
  125         void *pass;
  126         void *key;
  127 
  128         g_trace(G_T_TOPOLOGY, "g_bde_create_geom(%s, %s)", mp->name, pp->name);
  129         g_topology_assert();
  130         gp = NULL;
  131 
  132 
  133         gp = g_new_geomf(mp, "%s.bde", pp->name);
  134         cp = g_new_consumer(gp);
  135         g_attach(cp, pp);
  136         error = g_access(cp, 1, 1, 1);
  137         if (error) {
  138                 g_detach(cp);
  139                 g_destroy_consumer(cp);
  140                 g_destroy_geom(gp);
  141                 gctl_error(req, "could not access consumer");
  142                 return;
  143         }
  144         pass = NULL;
  145         key = NULL;
  146         do {
  147                 pass = gctl_get_param(req, "pass", &i);
  148                 if (pass == NULL || i != SHA512_DIGEST_LENGTH) {
  149                         gctl_error(req, "No usable key presented");
  150                         break;
  151                 }
  152                 key = gctl_get_param(req, "key", &i);
  153                 if (key != NULL && i != 16) {
  154                         gctl_error(req, "Invalid key presented");
  155                         break;
  156                 }
  157                 sectorsize = cp->provider->sectorsize;
  158                 mediasize = cp->provider->mediasize;
  159                 sc = g_malloc(sizeof(struct g_bde_softc), M_WAITOK | M_ZERO);
  160                 gp->softc = sc;
  161                 sc->geom = gp;
  162                 sc->consumer = cp;
  163 
  164                 error = g_bde_decrypt_lock(sc, pass, key,
  165                     mediasize, sectorsize, NULL);
  166                 bzero(sc->sha2, sizeof sc->sha2);
  167                 if (error)
  168                         break;
  169                 kp = &sc->key;
  170 
  171                 /* Initialize helper-fields */
  172                 kp->keys_per_sector = kp->sectorsize / G_BDE_SKEYLEN;
  173                 kp->zone_cont = kp->keys_per_sector * kp->sectorsize;
  174                 kp->zone_width = kp->zone_cont + kp->sectorsize;
  175                 kp->media_width = kp->sectorN - kp->sector0 -
  176                     G_BDE_MAXKEYS * kp->sectorsize;
  177 
  178                 /* Our external parameters */
  179                 sc->zone_cont = kp->zone_cont;
  180                 sc->mediasize = g_bde_max_sector(kp);
  181                 sc->sectorsize = kp->sectorsize;
  182 
  183                 TAILQ_INIT(&sc->freelist);
  184                 TAILQ_INIT(&sc->worklist);
  185                 mtx_init(&sc->worklist_mutex, "g_bde_worklist", NULL, MTX_DEF);
  186                 /* XXX: error check */
  187                 kproc_create(g_bde_worker, gp, &sc->thread, 0, 0,
  188                         "g_bde %s", gp->name);
  189                 pp = g_new_providerf(gp, "%s", gp->name);
  190                 pp->stripesize = kp->zone_cont;
  191                 pp->stripeoffset = 0;
  192                 pp->mediasize = sc->mediasize;
  193                 pp->sectorsize = sc->sectorsize;
  194                 g_error_provider(pp, 0);
  195                 break;
  196         } while (0);
  197         if (pass != NULL)
  198                 bzero(pass, SHA512_DIGEST_LENGTH);
  199         if (key != NULL)
  200                 bzero(key, 16);
  201         if (error == 0)
  202                 return;
  203         g_access(cp, -1, -1, -1);
  204         g_detach(cp);
  205         g_destroy_consumer(cp);
  206         if (gp->softc != NULL)
  207                 g_free(gp->softc);
  208         g_destroy_geom(gp);
  209         switch (error) {
  210         case ENOENT:
  211                 gctl_error(req, "Lock was destroyed");
  212                 break;
  213         case ESRCH:
  214                 gctl_error(req, "Lock was nuked");
  215                 break;
  216         case EINVAL:
  217                 gctl_error(req, "Could not open lock");
  218                 break;
  219         case ENOTDIR:
  220                 gctl_error(req, "Lock not found");
  221                 break;
  222         default:
  223                 gctl_error(req, "Could not open lock (%d)", error);
  224                 break;
  225         }
  226         return;
  227 }
  228 
  229 
  230 static int
  231 g_bde_destroy_geom(struct gctl_req *req, struct g_class *mp, struct g_geom *gp)
  232 {
  233         struct g_consumer *cp;
  234         struct g_provider *pp;
  235         struct g_bde_softc *sc;
  236 
  237         g_trace(G_T_TOPOLOGY, "g_bde_destroy_geom(%s, %s)", mp->name, gp->name);
  238         g_topology_assert();
  239         /*
  240          * Orderly detachment.
  241          */
  242         KASSERT(gp != NULL, ("NULL geom"));
  243         pp = LIST_FIRST(&gp->provider);
  244         KASSERT(pp != NULL, ("NULL provider"));
  245         if (pp->acr > 0 || pp->acw > 0 || pp->ace > 0)
  246                 return (EBUSY);
  247         sc = gp->softc;
  248         cp = LIST_FIRST(&gp->consumer);
  249         KASSERT(cp != NULL, ("NULL consumer"));
  250         sc->dead = 1;
  251         wakeup(sc);
  252         g_access(cp, -1, -1, -1);
  253         g_detach(cp);
  254         g_destroy_consumer(cp);
  255         while (sc->dead != 2 && !LIST_EMPTY(&pp->consumers))
  256                 tsleep(sc, PRIBIO, "g_bdedie", hz);
  257         mtx_destroy(&sc->worklist_mutex);
  258         bzero(&sc->key, sizeof sc->key);
  259         g_free(sc);
  260         g_wither_geom(gp, ENXIO);
  261         return (0);
  262 }
  263 
  264 static void
  265 g_bde_ctlreq(struct gctl_req *req, struct g_class *mp, char const *verb)
  266 {
  267         struct g_geom *gp;
  268         struct g_provider *pp;
  269 
  270         if (!strcmp(verb, "create geom")) {
  271                 pp = gctl_get_provider(req, "provider");
  272                 if (pp != NULL)
  273                         g_bde_create_geom(req, mp, pp);
  274         } else if (!strcmp(verb, "destroy geom")) {
  275                 gp = gctl_get_geom(req, mp, "geom");
  276                 if (gp != NULL)
  277                         g_bde_destroy_geom(req, mp, gp);
  278         } else {
  279                 gctl_error(req, "unknown verb");
  280         }
  281 }
  282 
  283 static struct g_class g_bde_class       = {
  284         .name = BDE_CLASS_NAME,
  285         .version = G_VERSION,
  286         .destroy_geom = g_bde_destroy_geom,
  287         .ctlreq = g_bde_ctlreq,
  288         .start = g_bde_start,
  289         .orphan = g_bde_orphan,
  290         .access = g_bde_access,
  291         .spoiled = g_std_spoiled,
  292 };
  293 
  294 DECLARE_GEOM_CLASS(g_bde_class, g_bde);
  295 MODULE_VERSION(geom_bde, 0);

Cache object: 5b87ef45c3ef081fc720222ef63f4c64


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.