The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/geom/bde/g_bde.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 2002 Poul-Henning Kamp
    3  * Copyright (c) 2002 Networks Associates Technology, Inc.
    4  * All rights reserved.
    5  *
    6  * This software was developed for the FreeBSD Project by Poul-Henning Kamp
    7  * and NAI Labs, the Security Research Division of Network Associates, Inc.
    8  * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
    9  * DARPA CHATS research program.
   10  *
   11  * Redistribution and use in source and binary forms, with or without
   12  * modification, are permitted provided that the following conditions
   13  * are met:
   14  * 1. Redistributions of source code must retain the above copyright
   15  *    notice, this list of conditions and the following disclaimer.
   16  * 2. Redistributions in binary form must reproduce the above copyright
   17  *    notice, this list of conditions and the following disclaimer in the
   18  *    documentation and/or other materials provided with the distribution.
   19  *
   20  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   30  * SUCH DAMAGE.
   31  *
   32  * $FreeBSD: releng/9.1/sys/geom/bde/g_bde.c 219029 2011-02-25 10:24:35Z netchild $
   33  *
   34  */
   35 
   36 #include <sys/param.h>
   37 #include <sys/bio.h>
   38 #include <sys/lock.h>
   39 #include <sys/mutex.h>
   40 #include <sys/malloc.h>
   41 #include <sys/systm.h>
   42 #include <sys/kernel.h>
   43 #include <sys/kthread.h>
   44 #include <sys/sysctl.h>
   45 
   46 #include <crypto/rijndael/rijndael-api-fst.h>
   47 #include <crypto/sha2/sha2.h>
   48 #include <geom/geom.h>
   49 #include <geom/bde/g_bde.h>
   50 #define BDE_CLASS_NAME "BDE"
   51 
   52 FEATURE(geom_bde, "GEOM-based Disk Encryption");
   53 
   54 static void
   55 g_bde_start(struct bio *bp)
   56 {
   57 
   58         switch (bp->bio_cmd) {
   59         case BIO_DELETE:
   60         case BIO_READ:
   61         case BIO_WRITE:
   62                 g_bde_start1(bp);
   63                 break;
   64         case BIO_GETATTR:
   65                 g_io_deliver(bp, EOPNOTSUPP);
   66                 break;
   67         default:
   68                 g_io_deliver(bp, EOPNOTSUPP);
   69                 return;
   70         }
   71         return;
   72 }
   73 
   74 static void
   75 g_bde_orphan(struct g_consumer *cp)
   76 {
   77         struct g_geom *gp;
   78         struct g_provider *pp;
   79         struct g_bde_softc *sc;
   80         int error;
   81 
   82         g_trace(G_T_TOPOLOGY, "g_bde_orphan(%p/%s)", cp, cp->provider->name);
   83         g_topology_assert();
   84         KASSERT(cp->provider->error != 0,
   85                 ("g_bde_orphan with error == 0"));
   86 
   87         gp = cp->geom;
   88         sc = gp->softc;
   89         gp->flags |= G_GEOM_WITHER;
   90         error = cp->provider->error;
   91         LIST_FOREACH(pp, &gp->provider, provider)
   92                 g_orphan_provider(pp, error);
   93         bzero(sc, sizeof(struct g_bde_softc));  /* destroy evidence */
   94         return;
   95 }
   96 
   97 static int
   98 g_bde_access(struct g_provider *pp, int dr, int dw, int de)
   99 {
  100         struct g_geom *gp;
  101         struct g_consumer *cp;
  102 
  103         gp = pp->geom;
  104         cp = LIST_FIRST(&gp->consumer);
  105         if (cp->acr == 0 && cp->acw == 0 && cp->ace == 0) {
  106                 de++;
  107                 dr++;
  108         }
  109         /* ... and let go of it on last close */
  110         if ((cp->acr + dr) == 0 && (cp->acw + dw) == 0 && (cp->ace + de) == 1) {
  111                 de--;
  112                 dr--;
  113         }
  114         return (g_access(cp, dr, dw, de));
  115 }
  116 
  117 static void
  118 g_bde_create_geom(struct gctl_req *req, struct g_class *mp, struct g_provider *pp)
  119 {
  120         struct g_geom *gp;
  121         struct g_consumer *cp;
  122         struct g_bde_key *kp;
  123         int error, i;
  124         u_int sectorsize;
  125         off_t mediasize;
  126         struct g_bde_softc *sc;
  127         void *pass;
  128         void *key;
  129 
  130         g_trace(G_T_TOPOLOGY, "g_bde_create_geom(%s, %s)", mp->name, pp->name);
  131         g_topology_assert();
  132         gp = NULL;
  133 
  134 
  135         gp = g_new_geomf(mp, "%s.bde", pp->name);
  136         cp = g_new_consumer(gp);
  137         g_attach(cp, pp);
  138         error = g_access(cp, 1, 1, 1);
  139         if (error) {
  140                 g_detach(cp);
  141                 g_destroy_consumer(cp);
  142                 g_destroy_geom(gp);
  143                 gctl_error(req, "could not access consumer");
  144                 return;
  145         }
  146         pass = NULL;
  147         key = NULL;
  148         do {
  149                 pass = gctl_get_param(req, "pass", &i);
  150                 if (pass == NULL || i != SHA512_DIGEST_LENGTH) {
  151                         gctl_error(req, "No usable key presented");
  152                         break;
  153                 }
  154                 key = gctl_get_param(req, "key", &i);
  155                 if (key != NULL && i != 16) {
  156                         gctl_error(req, "Invalid key presented");
  157                         break;
  158                 }
  159                 sectorsize = cp->provider->sectorsize;
  160                 mediasize = cp->provider->mediasize;
  161                 sc = g_malloc(sizeof(struct g_bde_softc), M_WAITOK | M_ZERO);
  162                 gp->softc = sc;
  163                 sc->geom = gp;
  164                 sc->consumer = cp;
  165 
  166                 error = g_bde_decrypt_lock(sc, pass, key,
  167                     mediasize, sectorsize, NULL);
  168                 bzero(sc->sha2, sizeof sc->sha2);
  169                 if (error)
  170                         break;
  171                 kp = &sc->key;
  172 
  173                 /* Initialize helper-fields */
  174                 kp->keys_per_sector = kp->sectorsize / G_BDE_SKEYLEN;
  175                 kp->zone_cont = kp->keys_per_sector * kp->sectorsize;
  176                 kp->zone_width = kp->zone_cont + kp->sectorsize;
  177                 kp->media_width = kp->sectorN - kp->sector0 -
  178                     G_BDE_MAXKEYS * kp->sectorsize;
  179 
  180                 /* Our external parameters */
  181                 sc->zone_cont = kp->zone_cont;
  182                 sc->mediasize = g_bde_max_sector(kp);
  183                 sc->sectorsize = kp->sectorsize;
  184 
  185                 TAILQ_INIT(&sc->freelist);
  186                 TAILQ_INIT(&sc->worklist);
  187                 mtx_init(&sc->worklist_mutex, "g_bde_worklist", NULL, MTX_DEF);
  188                 /* XXX: error check */
  189                 kproc_create(g_bde_worker, gp, &sc->thread, 0, 0,
  190                         "g_bde %s", gp->name);
  191                 pp = g_new_providerf(gp, gp->name);
  192 #if 0
  193                 /*
  194                  * XXX: Disable this for now.  Appearantly UFS no longer
  195                  * XXX: issues BIO_DELETE requests correctly, with the obvious
  196                  * XXX: outcome that userdata is trashed.
  197                  */
  198                 pp->flags |= G_PF_CANDELETE;
  199 #endif
  200                 pp->stripesize = kp->zone_cont;
  201                 pp->stripeoffset = 0;
  202                 pp->mediasize = sc->mediasize;
  203                 pp->sectorsize = sc->sectorsize;
  204                 g_error_provider(pp, 0);
  205                 break;
  206         } while (0);
  207         if (pass != NULL)
  208                 bzero(pass, SHA512_DIGEST_LENGTH);
  209         if (key != NULL)
  210                 bzero(key, 16);
  211         if (error == 0)
  212                 return;
  213         g_access(cp, -1, -1, -1);
  214         g_detach(cp);
  215         g_destroy_consumer(cp);
  216         if (gp->softc != NULL)
  217                 g_free(gp->softc);
  218         g_destroy_geom(gp);
  219         return;
  220 }
  221 
  222 
  223 static int
  224 g_bde_destroy_geom(struct gctl_req *req, struct g_class *mp, struct g_geom *gp)
  225 {
  226         struct g_consumer *cp;
  227         struct g_provider *pp;
  228         struct g_bde_softc *sc;
  229 
  230         g_trace(G_T_TOPOLOGY, "g_bde_destroy_geom(%s, %s)", mp->name, gp->name);
  231         g_topology_assert();
  232         /*
  233          * Orderly detachment.
  234          */
  235         KASSERT(gp != NULL, ("NULL geom"));
  236         pp = LIST_FIRST(&gp->provider);
  237         KASSERT(pp != NULL, ("NULL provider"));
  238         if (pp->acr > 0 || pp->acw > 0 || pp->ace > 0)
  239                 return (EBUSY);
  240         sc = gp->softc;
  241         cp = LIST_FIRST(&gp->consumer);
  242         KASSERT(cp != NULL, ("NULL consumer"));
  243         sc->dead = 1;
  244         wakeup(sc);
  245         g_access(cp, -1, -1, -1);
  246         g_detach(cp);
  247         g_destroy_consumer(cp);
  248         while (sc->dead != 2 && !LIST_EMPTY(&pp->consumers))
  249                 tsleep(sc, PRIBIO, "g_bdedie", hz);
  250         mtx_destroy(&sc->worklist_mutex);
  251         bzero(&sc->key, sizeof sc->key);
  252         g_free(sc);
  253         g_wither_geom(gp, ENXIO);
  254         return (0);
  255 }
  256 
  257 static void
  258 g_bde_ctlreq(struct gctl_req *req, struct g_class *mp, char const *verb)
  259 {
  260         struct g_geom *gp;
  261         struct g_provider *pp;
  262 
  263         if (!strcmp(verb, "create geom")) {
  264                 pp = gctl_get_provider(req, "provider");
  265                 if (pp != NULL)
  266                         g_bde_create_geom(req, mp, pp);
  267         } else if (!strcmp(verb, "destroy geom")) {
  268                 gp = gctl_get_geom(req, mp, "geom");
  269                 if (gp != NULL)
  270                         g_bde_destroy_geom(req, mp, gp);
  271         } else {
  272                 gctl_error(req, "unknown verb");
  273         }
  274 }
  275 
  276 static struct g_class g_bde_class       = {
  277         .name = BDE_CLASS_NAME,
  278         .version = G_VERSION,
  279         .destroy_geom = g_bde_destroy_geom,
  280         .ctlreq = g_bde_ctlreq,
  281         .start = g_bde_start,
  282         .orphan = g_bde_orphan,
  283         .access = g_bde_access,
  284         .spoiled = g_std_spoiled,
  285 };
  286 
  287 DECLARE_GEOM_CLASS(g_bde_class, g_bde);

Cache object: 5852cf7ba8f1fee4f826f3255e8b1c66


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.