| g_eli_key_cache.c (267992) | g_eli_key_cache.c (293306) |
|---|---|
| 1/*- 2 * Copyright (c) 2011 Pawel Jakub Dawidek <pawel@dawidek.net> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 11 unchanged lines hidden (view full) --- 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 2011 Pawel Jakub Dawidek <pawel@dawidek.net> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 11 unchanged lines hidden (view full) --- 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27#include <sys/cdefs.h> |
| 28__FBSDID("$FreeBSD: head/sys/geom/eli/g_eli_key_cache.c 267992 2014-06-28 03:56:17Z hselasky $"); | 28__FBSDID("$FreeBSD: head/sys/geom/eli/g_eli_key_cache.c 293306 2016-01-07 05:47:34Z allanjude $"); |
| 29 30#include <sys/param.h> | 29 30#include <sys/param.h> |
| 31#ifdef _KERNEL |
|
| 31#include <sys/kernel.h> 32#include <sys/malloc.h> | 32#include <sys/kernel.h> 33#include <sys/malloc.h> |
| 33#include <sys/queue.h> | |
| 34#include <sys/sysctl.h> 35#include <sys/systm.h> | 34#include <sys/sysctl.h> 35#include <sys/systm.h> |
| 36#endif /* _KERNEL */ 37#include <sys/queue.h> |
|
| 36#include <sys/tree.h> 37 38#include <geom/geom.h> 39 40#include <geom/eli/g_eli.h> 41 | 38#include <sys/tree.h> 39 40#include <geom/geom.h> 41 42#include <geom/eli/g_eli.h> 43 |
| 44#ifdef _KERNEL |
|
| 42MALLOC_DECLARE(M_ELI); 43 44SYSCTL_DECL(_kern_geom_eli); 45/* 46 * The default limit (8192 keys) will allow to cache all keys for 4TB 47 * provider with 512 bytes sectors and will take around 1MB of memory. 48 */ 49static u_int g_eli_key_cache_limit = 8192; 50SYSCTL_UINT(_kern_geom_eli, OID_AUTO, key_cache_limit, CTLFLAG_RDTUN, 51 &g_eli_key_cache_limit, 0, "Maximum number of encryption keys to cache"); 52static uint64_t g_eli_key_cache_hits; 53SYSCTL_UQUAD(_kern_geom_eli, OID_AUTO, key_cache_hits, CTLFLAG_RW, 54 &g_eli_key_cache_hits, 0, "Key cache hits"); 55static uint64_t g_eli_key_cache_misses; 56SYSCTL_UQUAD(_kern_geom_eli, OID_AUTO, key_cache_misses, CTLFLAG_RW, 57 &g_eli_key_cache_misses, 0, "Key cache misses"); 58 | 45MALLOC_DECLARE(M_ELI); 46 47SYSCTL_DECL(_kern_geom_eli); 48/* 49 * The default limit (8192 keys) will allow to cache all keys for 4TB 50 * provider with 512 bytes sectors and will take around 1MB of memory. 51 */ 52static u_int g_eli_key_cache_limit = 8192; 53SYSCTL_UINT(_kern_geom_eli, OID_AUTO, key_cache_limit, CTLFLAG_RDTUN, 54 &g_eli_key_cache_limit, 0, "Maximum number of encryption keys to cache"); 55static uint64_t g_eli_key_cache_hits; 56SYSCTL_UQUAD(_kern_geom_eli, OID_AUTO, key_cache_hits, CTLFLAG_RW, 57 &g_eli_key_cache_hits, 0, "Key cache hits"); 58static uint64_t g_eli_key_cache_misses; 59SYSCTL_UQUAD(_kern_geom_eli, OID_AUTO, key_cache_misses, CTLFLAG_RW, 60 &g_eli_key_cache_misses, 0, "Key cache misses"); 61 |
| 59#define G_ELI_KEY_MAGIC 0xe11341c | 62#endif /* _KERNEL */ |
| 60 | 63 |
| 61struct g_eli_key { 62 /* Key value, must be first in the structure. */ 63 uint8_t gek_key[G_ELI_DATAKEYLEN]; 64 /* Magic. */ 65 int gek_magic; 66 /* Key number. */ 67 uint64_t gek_keyno; 68 /* Reference counter. */ 69 int gek_count; 70 /* Keeps keys sorted by most recent use. */ 71 TAILQ_ENTRY(g_eli_key) gek_next; 72 /* Keeps keys sorted by number. */ 73 RB_ENTRY(g_eli_key) gek_link; 74}; 75 | |
| 76static int 77g_eli_key_cmp(const struct g_eli_key *a, const struct g_eli_key *b) 78{ 79 80 if (a->gek_keyno > b->gek_keyno) 81 return (1); 82 else if (a->gek_keyno < b->gek_keyno) 83 return (-1); 84 return (0); 85} 86 | 64static int 65g_eli_key_cmp(const struct g_eli_key *a, const struct g_eli_key *b) 66{ 67 68 if (a->gek_keyno > b->gek_keyno) 69 return (1); 70 else if (a->gek_keyno < b->gek_keyno) 71 return (-1); 72 return (0); 73} 74 |
| 87RB_PROTOTYPE(g_eli_key_tree, g_eli_key, gek_link, g_eli_key_cmp); 88RB_GENERATE(g_eli_key_tree, g_eli_key, gek_link, g_eli_key_cmp); 89 90static void | 75void |
| 91g_eli_key_fill(struct g_eli_softc *sc, struct g_eli_key *key, uint64_t keyno) 92{ 93 const uint8_t *ekey; 94 struct { 95 char magic[4]; 96 uint8_t keyno[8]; 97 } __packed hmacdata; 98 --- 6 unchanged lines hidden (view full) --- 105 le64enc(hmacdata.keyno, keyno); 106 g_eli_crypto_hmac(ekey, G_ELI_MAXKEYLEN, (uint8_t *)&hmacdata, 107 sizeof(hmacdata), key->gek_key, 0); 108 key->gek_keyno = keyno; 109 key->gek_count = 0; 110 key->gek_magic = G_ELI_KEY_MAGIC; 111} 112 | 76g_eli_key_fill(struct g_eli_softc *sc, struct g_eli_key *key, uint64_t keyno) 77{ 78 const uint8_t *ekey; 79 struct { 80 char magic[4]; 81 uint8_t keyno[8]; 82 } __packed hmacdata; 83 --- 6 unchanged lines hidden (view full) --- 90 le64enc(hmacdata.keyno, keyno); 91 g_eli_crypto_hmac(ekey, G_ELI_MAXKEYLEN, (uint8_t *)&hmacdata, 92 sizeof(hmacdata), key->gek_key, 0); 93 key->gek_keyno = keyno; 94 key->gek_count = 0; 95 key->gek_magic = G_ELI_KEY_MAGIC; 96} 97 |
| 98#ifdef _KERNEL 99RB_PROTOTYPE(g_eli_key_tree, g_eli_key, gek_link, g_eli_key_cmp); 100RB_GENERATE(g_eli_key_tree, g_eli_key, gek_link, g_eli_key_cmp); 101 |
|
| 113static struct g_eli_key * 114g_eli_key_allocate(struct g_eli_softc *sc, uint64_t keyno) 115{ 116 struct g_eli_key *key, *ekey, keysearch; 117 118 mtx_assert(&sc->sc_ekeys_lock, MA_OWNED); 119 mtx_unlock(&sc->sc_ekeys_lock); 120 --- 224 unchanged lines hidden (view full) --- 345 while (sc->sc_ekeys_allocated > g_eli_key_cache_limit) { 346 key = g_eli_key_find_last(sc); 347 if (key == NULL) 348 break; 349 g_eli_key_remove(sc, key); 350 } 351 mtx_unlock(&sc->sc_ekeys_lock); 352} | 102static struct g_eli_key * 103g_eli_key_allocate(struct g_eli_softc *sc, uint64_t keyno) 104{ 105 struct g_eli_key *key, *ekey, keysearch; 106 107 mtx_assert(&sc->sc_ekeys_lock, MA_OWNED); 108 mtx_unlock(&sc->sc_ekeys_lock); 109 --- 224 unchanged lines hidden (view full) --- 334 while (sc->sc_ekeys_allocated > g_eli_key_cache_limit) { 335 key = g_eli_key_find_last(sc); 336 if (key == NULL) 337 break; 338 g_eli_key_remove(sc, key); 339 } 340 mtx_unlock(&sc->sc_ekeys_lock); 341} |
| 342#endif /* _KERNEL */ |
|