The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/geom/bde/g_bde.h

Version: -  FREEBSD  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-2  -  FREEBSD-11-1  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-4  -  FREEBSD-10-3  -  FREEBSD-10-2  -  FREEBSD-10-1  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-3  -  FREEBSD-9-2  -  FREEBSD-9-1  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-4  -  FREEBSD-8-3  -  FREEBSD-8-2  -  FREEBSD-8-1  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-4  -  FREEBSD-7-3  -  FREEBSD-7-2  -  FREEBSD-7-1  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-4  -  FREEBSD-6-3  -  FREEBSD-6-2  -  FREEBSD-6-1  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-5  -  FREEBSD-5-4  -  FREEBSD-5-3  -  FREEBSD-5-2  -  FREEBSD-5-1  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  linux-2.6  -  linux-2.4.22  -  MK83  -  MK84  -  PLAN9  -  DFBSD  -  NETBSD  -  NETBSD5  -  NETBSD4  -  NETBSD3  -  NETBSD20  -  OPENBSD  -  xnu-517  -  xnu-792  -  xnu-792.6.70  -  xnu-1228  -  xnu-1456.1.26  -  xnu-1699.24.8  -  xnu-2050.18.24  -  OPENSOLARIS  -  minix-3-1-1 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 2002 Poul-Henning Kamp
    3  * Copyright (c) 2002 Networks Associates Technology, Inc.
    4  * All rights reserved.
    5  *
    6  * This software was developed for the FreeBSD Project by Poul-Henning Kamp
    7  * and NAI Labs, the Security Research Division of Network Associates, Inc.
    8  * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
    9  * DARPA CHATS research program.
   10  *
   11  * Redistribution and use in source and binary forms, with or without
   12  * modification, are permitted provided that the following conditions
   13  * are met:
   14  * 1. Redistributions of source code must retain the above copyright
   15  *    notice, this list of conditions and the following disclaimer.
   16  * 2. Redistributions in binary form must reproduce the above copyright
   17  *    notice, this list of conditions and the following disclaimer in the
   18  *    documentation and/or other materials provided with the distribution.
   19  *
   20  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   30  * SUCH DAMAGE.
   31  *
   32  * $FreeBSD: releng/9.2/sys/geom/bde/g_bde.h 120876 2003-10-07 09:28:07Z phk $
   33  */
   34 
   35 #ifndef _SYS_GEOM_BDE_G_BDE_H_
   36 #define _SYS_GEOM_BDE_G_BDE_H_ 1
   37 
   38 /*
   39  * These are quite, but not entirely unlike constants.
   40  *
   41  * They are not commented in details here, to prevent unadvisable
   42  * experimentation. Please consult the code where they are used before you
   43  * even think about modifying these.
   44  */
   45 
   46 #define G_BDE_MKEYLEN   (2048/8)
   47 #define G_BDE_SKEYBITS  128
   48 #define G_BDE_SKEYLEN   (G_BDE_SKEYBITS/8)
   49 #define G_BDE_KKEYBITS  128
   50 #define G_BDE_KKEYLEN   (G_BDE_KKEYBITS/8)
   51 #define G_BDE_MAXKEYS   4
   52 #define G_BDE_LOCKSIZE  384
   53 #define NLOCK_FIELDS    13
   54 
   55 
   56 /* This just needs to be "large enough" */
   57 #define G_BDE_KEYBYTES  304
   58 
   59 struct g_bde_work;
   60 struct g_bde_softc;
   61 
   62 struct g_bde_sector {
   63         struct g_bde_work       *owner;
   64         struct g_bde_softc      *softc;
   65         off_t                   offset;
   66         u_int                   size;
   67         u_int                   ref;
   68         void                    *data;
   69         TAILQ_ENTRY(g_bde_sector) list;
   70         u_char                  valid;
   71         u_char                  malloc;
   72         enum {JUNK, IO, VALID}  state;
   73         int                     error;
   74         time_t                  used;
   75 };
   76 
   77 struct g_bde_work {
   78         struct mtx              mutex;
   79         off_t                   offset;
   80         off_t                   length;
   81         void                    *data;
   82         struct bio              *bp;
   83         struct g_bde_softc      *softc;
   84         off_t                   so;
   85         off_t                   kso;
   86         u_int                   ko;
   87         struct g_bde_sector     *sp;
   88         struct g_bde_sector     *ksp;
   89         TAILQ_ENTRY(g_bde_work) list;
   90         enum {SETUP, WAIT, FINISH} state;
   91         int                     error;
   92 };
   93 
   94 /*
   95  * The decrypted contents of the lock sectors.  Notice that this is not
   96  * the same as the on-disk layout.  The on-disk layout is dynamic and
   97  * dependent on the pass-phrase.
   98  */
   99 struct g_bde_key {
  100         uint64_t                sector0;        
  101                                 /* Physical byte offset of 1st byte used */
  102         uint64_t                sectorN;
  103                                 /* Physical byte offset of 1st byte not used */
  104         uint64_t                keyoffset;
  105                                 /* Number of bytes the disk image is skewed. */
  106         uint64_t                lsector[G_BDE_MAXKEYS];
  107                                 /* Physical byte offsets of lock sectors */
  108         uint32_t                sectorsize;
  109                                 /* Our "logical" sector size */
  110         uint32_t                flags;
  111 #define GBDE_F_SECT0            1
  112         uint8_t                 salt[16];
  113                                 /* Used to frustate the kkey generation */
  114         uint8_t                 spare[32];
  115                                 /* For future use, random contents */
  116         uint8_t                 mkey[G_BDE_MKEYLEN];
  117                                 /* Our masterkey. */
  118 
  119         /* Non-stored help-fields */
  120         uint64_t                zone_width;     /* On-disk width of zone */
  121         uint64_t                zone_cont;      /* Payload width of zone */
  122         uint64_t                media_width;    /* Non-magic width of zone */
  123         u_int                   keys_per_sector;
  124 };
  125 
  126 struct g_bde_softc {
  127         off_t                   mediasize;
  128         u_int                   sectorsize;
  129         uint64_t                zone_cont;
  130         struct g_geom           *geom;
  131         struct g_consumer       *consumer;
  132         TAILQ_HEAD(, g_bde_sector)      freelist;
  133         TAILQ_HEAD(, g_bde_work)        worklist;
  134         struct mtx              worklist_mutex;
  135         struct proc             *thread;
  136         struct g_bde_key        key;
  137         int                     dead;
  138         u_int                   nwork;
  139         u_int                   nsect;
  140         u_int                   ncache;
  141         u_char                  sha2[SHA512_DIGEST_LENGTH];
  142 };
  143 
  144 /* g_bde_crypt.c */
  145 void g_bde_crypt_delete(struct g_bde_work *wp);
  146 void g_bde_crypt_read(struct g_bde_work *wp);
  147 void g_bde_crypt_write(struct g_bde_work *wp);
  148 
  149 /* g_bde_key.c */
  150 void g_bde_zap_key(struct g_bde_softc *sc);
  151 int g_bde_get_key(struct g_bde_softc *sc, void *ptr, int len);
  152 int g_bde_init_keybytes(struct g_bde_softc *sc, char *passp, int len);
  153 
  154 /* g_bde_lock .c */
  155 int g_bde_encode_lock(u_char *sha2, struct g_bde_key *gl, u_char *ptr);
  156 int g_bde_decode_lock(struct g_bde_softc *sc, struct g_bde_key *gl, u_char *ptr);
  157 int g_bde_keyloc_encrypt(u_char *sha2, uint64_t v0, uint64_t v1, void *output);
  158 int g_bde_keyloc_decrypt(u_char *sha2, void *input, uint64_t *output);
  159 int g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *keymat, u_char *meta, off_t mediasize, u_int sectorsize, u_int *nkey);
  160 void g_bde_hash_pass(struct g_bde_softc *sc, const void *input, u_int len);
  161 
  162 /* g_bde_math .c */
  163 uint64_t g_bde_max_sector(struct g_bde_key *lp);
  164 void g_bde_map_sector(struct g_bde_work *wp);
  165 
  166 /* g_bde_work.c */
  167 void g_bde_start1(struct bio *bp);
  168 void g_bde_worker(void *arg);
  169 
  170 /*
  171  * These four functions wrap the raw Rijndael functions and make sure we
  172  * explode if something fails which shouldn't.
  173  */
  174 
  175 static __inline void
  176 AES_init(cipherInstance *ci)
  177 {
  178         int error;
  179 
  180         error = rijndael_cipherInit(ci, MODE_CBC, NULL);
  181         KASSERT(error > 0, ("rijndael_cipherInit %d", error));
  182 }
  183 
  184 static __inline void
  185 AES_makekey(keyInstance *ki, int dir, u_int len, void *key)
  186 {
  187         int error;
  188 
  189         error = rijndael_makeKey(ki, dir, len, key);
  190         KASSERT(error > 0, ("rijndael_makeKey %d", error));
  191 }
  192 
  193 static __inline void
  194 AES_encrypt(cipherInstance *ci, keyInstance *ki, void *in, void *out, u_int len)
  195 {
  196         int error;
  197 
  198         error = rijndael_blockEncrypt(ci, ki, in, len * 8, out);
  199         KASSERT(error > 0, ("rijndael_blockEncrypt %d", error));
  200 }
  201 
  202 static __inline void
  203 AES_decrypt(cipherInstance *ci, keyInstance *ki, void *in, void *out, u_int len)
  204 {
  205         int error;
  206 
  207         error = rijndael_blockDecrypt(ci, ki, in, len * 8, out);
  208         KASSERT(error > 0, ("rijndael_blockDecrypt %d", error));
  209 }
  210 
  211 #endif /* _SYS_GEOM_BDE_G_BDE_H_ */

Cache object: c80209d7f352b7d4318a691f45395288


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.