g_bde.c revision 115624
1/*- 2 * Copyright (c) 2002 Poul-Henning Kamp 3 * Copyright (c) 2002 Networks Associates Technology, Inc. 4 * All rights reserved. 5 * 6 * This software was developed for the FreeBSD Project by Poul-Henning Kamp 7 * and NAI Labs, the Security Research Division of Network Associates, Inc. 8 * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 9 * DARPA CHATS research program. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * $FreeBSD: head/sys/geom/bde/g_bde.c 115624 2003-06-01 13:47:51Z phk $ 33 * 34 */ 35 36#include <sys/param.h> 37#include <sys/bio.h> 38#include <sys/lock.h> 39#include <sys/mutex.h> 40#include <sys/malloc.h> 41#include <sys/systm.h> 42#include <sys/kernel.h> 43#include <sys/kthread.h> 44 45#include <crypto/rijndael/rijndael.h> 46#include <crypto/sha2/sha2.h> 47#include <geom/geom.h> 48#include <geom/bde/g_bde.h> 49#define BDE_CLASS_NAME "BDE" 50 51static void 52g_bde_start(struct bio *bp) 53{ 54 55 switch (bp->bio_cmd) { 56 case BIO_DELETE: 57 case BIO_READ: 58 case BIO_WRITE: 59 g_bde_start1(bp); 60 break; 61 case BIO_GETATTR: 62 g_io_deliver(bp, EOPNOTSUPP); 63 break; 64 default: 65 g_io_deliver(bp, EOPNOTSUPP); 66 return; 67 } 68 return; 69} 70 71static void 72g_bde_orphan(struct g_consumer *cp) 73{ 74 struct g_geom *gp; 75 struct g_provider *pp; 76 struct g_bde_softc *sc; 77 int error; 78 79 g_trace(G_T_TOPOLOGY, "g_bde_orphan(%p/%s)", cp, cp->provider->name); 80 g_topology_assert(); 81 KASSERT(cp->provider->error != 0, 82 ("g_bde_orphan with error == 0")); 83 84 gp = cp->geom; 85 sc = gp->softc; 86 gp->flags |= G_GEOM_WITHER; 87 error = cp->provider->error; 88 LIST_FOREACH(pp, &gp->provider, provider) 89 g_orphan_provider(pp, error); 90 bzero(sc, sizeof(struct g_bde_softc)); /* destroy evidence */ 91 return; 92} 93 94static int 95g_bde_access(struct g_provider *pp, int dr, int dw, int de) 96{ 97 struct g_geom *gp; 98 struct g_consumer *cp; 99 100 gp = pp->geom; 101 cp = LIST_FIRST(&gp->consumer); 102 if (cp->acr == 0 && cp->acw == 0 && cp->ace == 0) { 103 de++; 104 dr++; 105 } 106 /* ... and let go of it on last close */ 107 if ((cp->acr + dr) == 0 && (cp->acw + dw) == 0 && (cp->ace + de) == 1) { 108 de--; 109 dr--; 110 } 111 return (g_access_rel(cp, dr, dw, de)); 112} 113 114static void 115g_bde_create_geom(struct gctl_req *req, struct g_class *mp, struct g_provider *pp) 116{ 117 struct g_geom *gp; 118 struct g_consumer *cp; 119 struct g_bde_key *kp; 120 int error, i; 121 u_int sectorsize; 122 off_t mediasize; 123 struct g_bde_softc *sc; 124 void *pass; 125 void *key; 126 127 g_trace(G_T_TOPOLOGY, "g_bde_create_geom(%s, %s)", mp->name, pp->name); 128 g_topology_assert(); 129 gp = NULL; 130 131 132 gp = g_new_geomf(mp, "%s.bde", pp->name); 133 gp->start = g_bde_start; 134 gp->orphan = g_bde_orphan; 135 gp->access = g_bde_access; 136 gp->spoiled = g_std_spoiled; 137 cp = g_new_consumer(gp); 138 g_attach(cp, pp); 139 error = g_access_rel(cp, 1, 1, 1); 140 if (error) { 141 g_detach(cp); 142 g_destroy_consumer(cp); 143 g_destroy_geom(gp); 144 gctl_error(req, "could not access consumer"); 145 } 146 pass = NULL; 147 key = NULL; 148 do { 149 pass = gctl_get_param(req, "pass", &i); 150 if (pass == NULL || i != SHA512_DIGEST_LENGTH) { 151 gctl_error(req, "No usable key presented"); 152 break; 153 } 154 key = gctl_get_param(req, "key", &i); 155 if (key != NULL && i != 16) { 156 gctl_error(req, "Invalid key presented"); 157 break; 158 } 159 sectorsize = cp->provider->sectorsize; 160 mediasize = cp->provider->mediasize; 161 sc = g_malloc(sizeof(struct g_bde_softc), M_WAITOK | M_ZERO); 162 gp->softc = sc; 163 sc->geom = gp; 164 sc->consumer = cp; 165 166 error = g_bde_decrypt_lock(sc, pass, key, 167 mediasize, sectorsize, NULL); 168 bzero(sc->sha2, sizeof sc->sha2); 169 if (error) 170 break; 171 kp = &sc->key; 172 173 /* Initialize helper-fields */ 174 kp->keys_per_sector = kp->sectorsize / G_BDE_SKEYLEN; 175 kp->zone_cont = kp->keys_per_sector * kp->sectorsize; 176 kp->zone_width = kp->zone_cont + kp->sectorsize; 177 kp->media_width = kp->sectorN - kp->sector0 - 178 G_BDE_MAXKEYS * kp->sectorsize; 179 180 /* Our external parameters */ 181 sc->zone_cont = kp->zone_cont; 182 sc->mediasize = g_bde_max_sector(kp); 183 sc->sectorsize = kp->sectorsize; 184 185 TAILQ_INIT(&sc->freelist); 186 TAILQ_INIT(&sc->worklist); 187 mtx_init(&sc->worklist_mutex, "g_bde_worklist", NULL, MTX_DEF); 188 mtx_lock(&Giant); 189 /* XXX: error check */ 190 kthread_create(g_bde_worker, gp, &sc->thread, 0, 0, 191 "g_bde %s", gp->name); 192 mtx_unlock(&Giant); 193 pp = g_new_providerf(gp, gp->name); 194#if 0 195 /* 196 * XXX: Disable this for now. Appearantly UFS no longer 197 * XXX: issues BIO_DELETE requests correctly, with the obvious 198 * XXX: outcome that userdata is trashed. 199 */ 200 pp->flags |= G_PF_CANDELETE; 201#endif 202 pp->stripesize = kp->zone_cont; 203 pp->stripeoffset = 0; 204 pp->mediasize = sc->mediasize; 205 pp->sectorsize = sc->sectorsize; 206 g_error_provider(pp, 0); 207 break; 208 } while (0); 209 if (pass != NULL) 210 bzero(pass, SHA512_DIGEST_LENGTH); 211 if (key != NULL) 212 bzero(key, 16); 213 if (error == 0) 214 return; 215 g_access_rel(cp, -1, -1, -1); 216 g_detach(cp); 217 g_destroy_consumer(cp); 218 if (gp->softc != NULL) 219 g_free(gp->softc); 220 g_destroy_geom(gp); 221 return; 222} 223 224 225static int 226g_bde_destroy_geom(struct gctl_req *req, struct g_class *mp, struct g_geom *gp) 227{ 228 struct g_consumer *cp; 229 struct g_provider *pp; 230 int error; 231 struct g_bde_softc *sc; 232 233 g_trace(G_T_TOPOLOGY, "g_bde_destroy_geom(%s, %s)", mp->name, gp->name); 234 g_topology_assert(); 235 /* 236 * Orderly detachment. 237 */ 238 KASSERT(gp != NULL, ("NULL geom")); 239 pp = LIST_FIRST(&gp->provider); 240 KASSERT(pp != NULL, ("NULL provider")); 241 if (pp->acr > 0 || pp->acw > 0 || pp->ace > 0) 242 return (EBUSY); 243 sc = gp->softc; 244 cp = LIST_FIRST(&gp->consumer); 245 KASSERT(cp != NULL, ("NULL consumer")); 246 sc->dead = 1; 247 wakeup(sc); 248 error = g_access_rel(cp, -1, -1, -1); 249 KASSERT(error == 0, ("error on close")); 250 g_detach(cp); 251 g_destroy_consumer(cp); 252 while (sc->dead != 2 && !LIST_EMPTY(&pp->consumers)) 253 tsleep(sc, PRIBIO, "g_bdedie", hz); 254 mtx_destroy(&sc->worklist_mutex); 255 bzero(&sc->key, sizeof sc->key); 256 g_free(sc); 257 g_wither_geom(gp, ENXIO); 258 return (0); 259} 260 261static void 262g_bde_ctlreq(struct gctl_req *req, struct g_class *mp, char const *verb) 263{ 264 struct g_geom *gp; 265 struct g_provider *pp; 266 267 if (!strcmp(verb, "create geom")) { 268 pp = gctl_get_provider(req, "provider"); 269 if (pp != NULL) 270 g_bde_create_geom(req, mp, pp); 271 } else if (!strcmp(verb, "destroy geom")) { 272 gp = gctl_get_geom(req, mp, "geom"); 273 if (gp != NULL) 274 g_bde_destroy_geom(req, mp, gp); 275 } else { 276 gctl_error(req, "unknown verb"); 277 } 278} 279 280static struct g_class g_bde_class = { 281 .name = BDE_CLASS_NAME, 282 .destroy_geom = g_bde_destroy_geom, 283 .ctlreq = g_bde_ctlreq, 284}; 285 286DECLARE_GEOM_CLASS(g_bde_class, g_bde); 287