FreeBSD/Linux Kernel Cross Reference
sys/geom/bde/g_bde.h
1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2002 Poul-Henning Kamp
5 * Copyright (c) 2002 Networks Associates Technology, Inc.
6 * All rights reserved.
7 *
8 * This software was developed for the FreeBSD Project by Poul-Henning Kamp
9 * and NAI Labs, the Security Research Division of Network Associates, Inc.
10 * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
11 * DARPA CHATS research program.
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * $FreeBSD$
35 */
36
37 #ifndef _SYS_GEOM_BDE_G_BDE_H_
38 #define _SYS_GEOM_BDE_G_BDE_H_ 1
39
40 /*
41 * These are quite, but not entirely unlike constants.
42 *
43 * They are not commented in details here, to prevent unadvisable
44 * experimentation. Please consult the code where they are used before you
45 * even think about modifying these.
46 */
47
48 #define G_BDE_MKEYLEN (2048/8)
49 #define G_BDE_SKEYBITS 128
50 #define G_BDE_SKEYLEN (G_BDE_SKEYBITS/8)
51 #define G_BDE_KKEYBITS 128
52 #define G_BDE_KKEYLEN (G_BDE_KKEYBITS/8)
53 #define G_BDE_MAXKEYS 4
54 #define G_BDE_LOCKSIZE 384
55 #define NLOCK_FIELDS 13
56
57 /* This just needs to be "large enough" */
58 #define G_BDE_KEYBYTES 304
59
60 /* This file is being included by userspace. */
61 #ifndef __diagused
62 #define __diagused
63 #endif
64
65 struct g_bde_work;
66 struct g_bde_softc;
67
68 struct g_bde_sector {
69 struct g_bde_work *owner;
70 struct g_bde_softc *softc;
71 off_t offset;
72 u_int size;
73 u_int ref;
74 void *data;
75 TAILQ_ENTRY(g_bde_sector) list;
76 u_char valid;
77 u_char malloc;
78 enum {JUNK, IO, VALID} state;
79 int error;
80 time_t used;
81 };
82
83 struct g_bde_work {
84 struct mtx mutex;
85 off_t offset;
86 off_t length;
87 void *data;
88 struct bio *bp;
89 struct g_bde_softc *softc;
90 off_t so;
91 off_t kso;
92 u_int ko;
93 struct g_bde_sector *sp;
94 struct g_bde_sector *ksp;
95 TAILQ_ENTRY(g_bde_work) list;
96 enum {SETUP, WAIT, FINISH} state;
97 int error;
98 };
99
100 /*
101 * The decrypted contents of the lock sectors. Notice that this is not
102 * the same as the on-disk layout. The on-disk layout is dynamic and
103 * dependent on the pass-phrase.
104 */
105 struct g_bde_key {
106 uint64_t sector0;
107 /* Physical byte offset of 1st byte used */
108 uint64_t sectorN;
109 /* Physical byte offset of 1st byte not used */
110 uint64_t keyoffset;
111 /* Number of bytes the disk image is skewed. */
112 uint64_t lsector[G_BDE_MAXKEYS];
113 /* Physical byte offsets of lock sectors */
114 uint32_t sectorsize;
115 /* Our "logical" sector size */
116 uint32_t flags;
117 #define GBDE_F_SECT0 1
118 uint8_t salt[16];
119 /* Used to frustate the kkey generation */
120 uint8_t spare[32];
121 /* For future use, random contents */
122 uint8_t mkey[G_BDE_MKEYLEN];
123 /* Our masterkey. */
124
125 /* Non-stored help-fields */
126 uint64_t zone_width; /* On-disk width of zone */
127 uint64_t zone_cont; /* Payload width of zone */
128 uint64_t media_width; /* Non-magic width of zone */
129 u_int keys_per_sector;
130 };
131
132 struct g_bde_softc {
133 off_t mediasize;
134 u_int sectorsize;
135 uint64_t zone_cont;
136 struct g_geom *geom;
137 struct g_consumer *consumer;
138 TAILQ_HEAD(, g_bde_sector) freelist;
139 TAILQ_HEAD(, g_bde_work) worklist;
140 struct mtx worklist_mutex;
141 struct proc *thread;
142 struct g_bde_key key;
143 int dead;
144 u_int nwork;
145 u_int nsect;
146 u_int ncache;
147 u_char sha2[SHA512_DIGEST_LENGTH];
148 };
149
150 /* g_bde_crypt.c */
151 void g_bde_crypt_delete(struct g_bde_work *wp);
152 void g_bde_crypt_read(struct g_bde_work *wp);
153 void g_bde_crypt_write(struct g_bde_work *wp);
154
155 /* g_bde_key.c */
156 void g_bde_zap_key(struct g_bde_softc *sc);
157 int g_bde_get_key(struct g_bde_softc *sc, void *ptr, int len);
158 int g_bde_init_keybytes(struct g_bde_softc *sc, char *passp, int len);
159
160 /* g_bde_lock .c */
161 int g_bde_encode_lock(u_char *sha2, struct g_bde_key *gl, u_char *ptr);
162 int g_bde_decode_lock(struct g_bde_softc *sc, struct g_bde_key *gl, u_char *ptr);
163 int g_bde_keyloc_encrypt(u_char *sha2, uint64_t v0, uint64_t v1, void *output);
164 int g_bde_keyloc_decrypt(u_char *sha2, void *input, uint64_t *output);
165 int g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *keymat, u_char *meta, off_t mediasize, u_int sectorsize, u_int *nkey);
166 void g_bde_hash_pass(struct g_bde_softc *sc, const void *input, u_int len);
167
168 /* g_bde_math .c */
169 uint64_t g_bde_max_sector(struct g_bde_key *lp);
170 void g_bde_map_sector(struct g_bde_work *wp);
171
172 /* g_bde_work.c */
173 void g_bde_start1(struct bio *bp);
174 void g_bde_worker(void *arg);
175
176 /*
177 * These four functions wrap the raw Rijndael functions and make sure we
178 * explode if something fails which shouldn't.
179 */
180
181 static __inline void
182 AES_init(cipherInstance *ci)
183 {
184 int error __diagused;
185
186 error = rijndael_cipherInit(ci, MODE_CBC, NULL);
187 KASSERT(error > 0, ("rijndael_cipherInit %d", error));
188 }
189
190 static __inline void
191 AES_makekey(keyInstance *ki, int dir, u_int len, const void *key)
192 {
193 int error __diagused;
194
195 error = rijndael_makeKey(ki, dir, len, key);
196 KASSERT(error > 0, ("rijndael_makeKey %d", error));
197 }
198
199 static __inline void
200 AES_encrypt(cipherInstance *ci, keyInstance *ki, const void *in, void *out, u_int len)
201 {
202 int error __diagused;
203
204 error = rijndael_blockEncrypt(ci, ki, in, len * 8, out);
205 KASSERT(error > 0, ("rijndael_blockEncrypt %d", error));
206 }
207
208 static __inline void
209 AES_decrypt(cipherInstance *ci, keyInstance *ki, const void *in, void *out, u_int len)
210 {
211 int error __diagused;
212
213 error = rijndael_blockDecrypt(ci, ki, in, len * 8, out);
214 KASSERT(error > 0, ("rijndael_blockDecrypt %d", error));
215 }
216
217 #endif /* _SYS_GEOM_BDE_G_BDE_H_ */
Cache object: e9d27db35954083d5df2b8382c551c7d
|