2016-05-12 14:51:24 +00:00
|
|
|
/*
|
|
|
|
* CDDL HEADER START
|
|
|
|
*
|
|
|
|
* The contents of this file are subject to the terms of the
|
|
|
|
* Common Development and Distribution License (the "License").
|
|
|
|
* You may not use this file except in compliance with the License.
|
|
|
|
*
|
|
|
|
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
|
|
|
|
* or http://www.opensolaris.org/os/licensing.
|
|
|
|
* See the License for the specific language governing permissions
|
|
|
|
* and limitations under the License.
|
|
|
|
*
|
|
|
|
* When distributing Covered Code, include this CDDL HEADER in each
|
|
|
|
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
|
|
|
* If applicable, add the following below this CDDL HEADER, with the
|
|
|
|
* fields enclosed by brackets "[]" replaced with your own identifying
|
|
|
|
* information: Portions Copyright [yyyy] [name of copyright owner]
|
|
|
|
*
|
|
|
|
* CDDL HEADER END
|
|
|
|
*/
|
|
|
|
/*
|
|
|
|
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
|
|
|
|
* Use is subject to license terms.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef _SYS_CRYPTO_SCHED_IMPL_H
|
|
|
|
#define _SYS_CRYPTO_SCHED_IMPL_H
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Scheduler internal structures.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" {
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include <sys/zfs_context.h>
|
|
|
|
#include <sys/crypto/api.h>
|
|
|
|
#include <sys/crypto/spi.h>
|
|
|
|
#include <sys/crypto/impl.h>
|
|
|
|
#include <sys/crypto/common.h>
|
|
|
|
#include <sys/crypto/ops_impl.h>
|
|
|
|
|
|
|
|
#define KCF_KMFLAG(crq) (((crq) == NULL) ? KM_SLEEP : KM_NOSLEEP)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The framework keeps an internal handle to use in the adaptive
|
|
|
|
* asynchronous case. This is the case when a client has the
|
2021-12-23 18:51:00 +00:00
|
|
|
* CRYPTO_ALWAYS_QUEUE bit clear and a provider is used for
|
2016-05-12 14:51:24 +00:00
|
|
|
* the request. The request is completed in the context of the calling
|
|
|
|
* thread and kernel memory must be allocated with KM_NOSLEEP.
|
|
|
|
*
|
|
|
|
* The framework passes a pointer to the handle in crypto_req_handle_t
|
2021-12-23 18:51:00 +00:00
|
|
|
* argument when it calls the SPI of the provider. The macros
|
2016-05-12 14:51:24 +00:00
|
|
|
* KCF_RHNDL() and KCF_SWFP_RHNDL() are used to do this.
|
|
|
|
*
|
|
|
|
* When a provider asks the framework for kmflag value via
|
|
|
|
* crypto_kmflag(9S) we use REQHNDL2_KMFLAG() macro.
|
|
|
|
*/
|
|
|
|
extern ulong_t kcf_swprov_hndl;
|
|
|
|
#define KCF_RHNDL(kmflag) (((kmflag) == KM_SLEEP) ? NULL : &kcf_swprov_hndl)
|
|
|
|
#define KCF_SWFP_RHNDL(crq) (((crq) == NULL) ? NULL : &kcf_swprov_hndl)
|
|
|
|
#define REQHNDL2_KMFLAG(rhndl) \
|
|
|
|
((rhndl == &kcf_swprov_hndl) ? KM_NOSLEEP : KM_SLEEP)
|
|
|
|
|
|
|
|
typedef struct kcf_prov_tried {
|
|
|
|
kcf_provider_desc_t *pt_pd;
|
|
|
|
struct kcf_prov_tried *pt_next;
|
|
|
|
} kcf_prov_tried_t;
|
|
|
|
|
|
|
|
#define IS_FG_SUPPORTED(mdesc, fg) \
|
|
|
|
(((mdesc)->pm_mech_info.cm_func_group_mask & (fg)) != 0)
|
|
|
|
|
|
|
|
#define IS_PROVIDER_TRIED(pd, tlist) \
|
|
|
|
(tlist != NULL && is_in_triedlist(pd, tlist))
|
|
|
|
|
|
|
|
#define IS_RECOVERABLE(error) \
|
|
|
|
(error == CRYPTO_BUFFER_TOO_BIG || \
|
|
|
|
error == CRYPTO_BUSY || \
|
|
|
|
error == CRYPTO_DEVICE_ERROR || \
|
|
|
|
error == CRYPTO_DEVICE_MEMORY || \
|
|
|
|
error == CRYPTO_KEY_SIZE_RANGE || \
|
|
|
|
error == CRYPTO_NO_PERMISSION)
|
|
|
|
|
|
|
|
#define KCF_ATOMIC_INCR(x) atomic_add_32(&(x), 1)
|
|
|
|
#define KCF_ATOMIC_DECR(x) atomic_add_32(&(x), -1)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Internal representation of a canonical context. We contain crypto_ctx_t
|
|
|
|
* structure in order to have just one memory allocation. The SPI
|
|
|
|
* ((crypto_ctx_t *)ctx)->cc_framework_private maps to this structure.
|
|
|
|
*/
|
|
|
|
typedef struct kcf_context {
|
|
|
|
crypto_ctx_t kc_glbl_ctx;
|
|
|
|
uint_t kc_refcnt;
|
|
|
|
kcf_provider_desc_t *kc_prov_desc; /* Prov. descriptor */
|
|
|
|
kcf_provider_desc_t *kc_sw_prov_desc; /* Prov. descriptor */
|
|
|
|
} kcf_context_t;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Bump up the reference count on the framework private context. A
|
|
|
|
* global context or a request that references this structure should
|
|
|
|
* do a hold.
|
|
|
|
*/
|
|
|
|
#define KCF_CONTEXT_REFHOLD(ictx) { \
|
|
|
|
atomic_add_32(&(ictx)->kc_refcnt, 1); \
|
|
|
|
ASSERT((ictx)->kc_refcnt != 0); \
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Decrement the reference count on the framework private context.
|
|
|
|
* When the last reference is released, the framework private
|
|
|
|
* context structure is freed along with the global context.
|
|
|
|
*/
|
|
|
|
#define KCF_CONTEXT_REFRELE(ictx) { \
|
|
|
|
ASSERT((ictx)->kc_refcnt != 0); \
|
|
|
|
membar_exit(); \
|
|
|
|
if (atomic_add_32_nv(&(ictx)->kc_refcnt, -1) == 0) \
|
|
|
|
kcf_free_context(ictx); \
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Check if we can release the context now. In case of CRYPTO_QUEUED
|
|
|
|
* we do not release it as we can do it only after the provider notified
|
|
|
|
* us. In case of CRYPTO_BUSY, the client can retry the request using
|
|
|
|
* the context, so we do not release the context.
|
|
|
|
*
|
|
|
|
* This macro should be called only from the final routine in
|
|
|
|
* an init/update/final sequence. We do not release the context in case
|
|
|
|
* of update operations. We require the consumer to free it
|
|
|
|
* explicitly, in case it wants to abandon the operation. This is done
|
|
|
|
* as there may be mechanisms in ECB mode that can continue even if
|
|
|
|
* an operation on a block fails.
|
|
|
|
*/
|
|
|
|
#define KCF_CONTEXT_COND_RELEASE(rv, kcf_ctx) { \
|
|
|
|
if (KCF_CONTEXT_DONE(rv)) \
|
|
|
|
KCF_CONTEXT_REFRELE(kcf_ctx); \
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This macro determines whether we're done with a context.
|
|
|
|
*/
|
|
|
|
#define KCF_CONTEXT_DONE(rv) \
|
|
|
|
((rv) != CRYPTO_QUEUED && (rv) != CRYPTO_BUSY && \
|
|
|
|
(rv) != CRYPTO_BUFFER_TOO_SMALL)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* A crypto_ctx_template_t is internally a pointer to this struct
|
|
|
|
*/
|
|
|
|
typedef struct kcf_ctx_template {
|
|
|
|
size_t ct_size; /* for freeing */
|
|
|
|
crypto_spi_ctx_template_t ct_prov_tmpl; /* context template */
|
2021-12-23 18:51:00 +00:00
|
|
|
/* from the provider */
|
2016-05-12 14:51:24 +00:00
|
|
|
} kcf_ctx_template_t;
|
|
|
|
|
|
|
|
|
|
|
|
extern void kcf_free_triedlist(kcf_prov_tried_t *);
|
|
|
|
extern kcf_prov_tried_t *kcf_insert_triedlist(kcf_prov_tried_t **,
|
|
|
|
kcf_provider_desc_t *, int);
|
|
|
|
extern kcf_provider_desc_t *kcf_get_mech_provider(crypto_mech_type_t,
|
2021-12-24 15:43:18 +00:00
|
|
|
kcf_mech_entry_t **, int *, kcf_prov_tried_t *, crypto_func_group_t);
|
2016-05-12 14:51:24 +00:00
|
|
|
extern crypto_ctx_t *kcf_new_ctx(crypto_call_req_t *, kcf_provider_desc_t *,
|
|
|
|
crypto_session_id_t);
|
|
|
|
extern void kcf_sched_destroy(void);
|
|
|
|
extern void kcf_sched_init(void);
|
|
|
|
extern void kcf_free_context(kcf_context_t *);
|
|
|
|
|
|
|
|
#ifdef __cplusplus
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#endif /* _SYS_CRYPTO_SCHED_IMPL_H */
|