1285242Sachim/******************************************************************************* 2285242Sachim*Copyright (c) 2014 PMC-Sierra, Inc. All rights reserved. 3285242Sachim* 4285242Sachim*Redistribution and use in source and binary forms, with or without modification, are permitted provided 5285242Sachim*that the following conditions are met: 6285242Sachim*1. Redistributions of source code must retain the above copyright notice, this list of conditions and the 7285242Sachim*following disclaimer. 8285242Sachim*2. Redistributions in binary form must reproduce the above copyright notice, 9285242Sachim*this list of conditions and the following disclaimer in the documentation and/or other materials provided 10285242Sachim*with the distribution. 11285242Sachim* 12285242Sachim*THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED 13285242Sachim*WARRANTIES,INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 14285242Sachim*FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 15285242Sachim*FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 16285242Sachim*NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 17285242Sachim*BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 18285242Sachim*LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 19285242Sachim*SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE 20285242Sachim* 21285242Sachim* $FreeBSD: releng/11.0/sys/dev/pms/freebsd/driver/common/lxencrypt.c 285242 2015-07-07 13:17:02Z achim $ 22285242Sachim* 23285242Sachim*******************************************************************************/ 24285242Sachim/******************************************************************************* 25285242Sachim** 26285242Sachim** Version Control Information: 27285242Sachim** 28285242Sachim** $Revision: 113920 $ 29285242Sachim** $Author: mcleanda $ 30285242Sachim** $Date: 2012-05-08 11:30:44 -0700 (Tue, 08 May 2012) $ 31285242Sachim** $Id: lxencrypt.c 113920 2012-05-08 18:30:44Z mcleanda $ 32285242Sachim** 33285242Sachim*******************************************************************************/ 34285242Sachim 35285242Sachim#include <dev/pms/RefTisa/tisa/sassata/common/tdioctl.h> 36285242Sachim#include <dev/pms/RefTisa/tisa/api/titypes.h> 37285242Sachim 38285242Sachim#include <dev/pms/freebsd/driver/common/lxencrypt.h> 39285242Sachim#include <sys/param.h> 40285242Sachim#include <sys/queue.h> 41285242Sachim#include <vm/uma.h> 42285242Sachim 43285242Sachim 44285242Sachimstatic atomic_t ioerr_queue_count; 45285242Sachim#ifdef ENCRYPT_ENHANCE 46285242Sachim/****************************************************************************** 47285242Sachimcareful_write(): 48285242Sachim 49285242SachimPurpose: 50285242SachimParameters: 51285242SachimReturn: 52285242SachimNote: 53285242Sachim******************************************************************************/ 54285242Sachimstatic int 55285242Sachimcareful_write(char *buf, int offset, int max, const char *fmt, ...) 56285242Sachim{ 57285242Sachim static char s[PAGE_SIZE]; /* Assumes serialization */ 58285242Sachim va_list args; 59285242Sachim int i; 60285242Sachim 61285242Sachim if(offset > max) 62285242Sachim return 0; 63285242Sachim s[PAGE_SIZE - 1] = '\0'; 64285242Sachim 65285242Sachim va_start(args, fmt); 66285242Sachim i = vsnprintf(s, PAGE_SIZE - 1, fmt, args); 67285242Sachim if((offset + i) > max) 68285242Sachim return 0; 69285242Sachim memcpy(buf + offset, s, i); 70285242Sachim va_end(args); 71285242Sachim 72285242Sachim return i; 73285242Sachim} 74285242Sachim 75285242Sachim/****************************************************************************** 76285242Sachimset_dek_table_entry(): 77285242Sachim 78285242SachimPurpose: 79285242SachimParameters: 80285242SachimReturn: 81285242SachimNote: 82285242Sachim******************************************************************************/ 83285242Sachimstatic inline int 84285242Sachimset_dek_table_entry(struct device *dev, const char *buf, size_t len, dek_table_e table) 85285242Sachim{ 86285242Sachim int index; 87285242Sachim struct Scsi_Host *shost = class_to_shost(dev); 88285242Sachim struct agtiapi_softc *pCard = (struct agtiapi_softc *) shost->hostdata; 89285242Sachim 90285242Sachim /* Check permissions */ 91285242Sachim if(!capable(CAP_SYS_ADMIN)) 92285242Sachim return -EACCES; 93285242Sachim 94285242Sachim if(!pCard->encrypt) 95285242Sachim return -EINVAL; 96285242Sachim 97285242Sachim if(table != DEK_TABLE_0 && table != DEK_TABLE_1) 98285242Sachim return -EINVAL; 99285242Sachim 100285242Sachim sscanf(buf, "%d", &index); 101285242Sachim if(index >= 0 && index < DEK_MAX_TABLE_ITEMS) { 102285242Sachim pCard->dek_index[table] = index; 103285242Sachim return strlen(buf); 104285242Sachim } 105285242Sachim return -EINVAL; 106285242Sachim} 107285242Sachim 108285242Sachim/****************************************************************************** 109285242Sachimset_dek_table_entry0(): 110285242Sachim 111285242SachimPurpose: 112285242SachimParameters: 113285242SachimReturn: 114285242SachimNote: 115285242Sachim******************************************************************************/ 116285242Sachimssize_t 117285242Sachimset_dek_table_entry0(struct device *dev, struct device_attribute *attr, const char *buf, size_t len) 118285242Sachim{ 119285242Sachim return set_dek_table_entry(dev, buf, len, DEK_TABLE_0); 120285242Sachim} 121285242Sachim 122285242Sachim/****************************************************************************** 123285242Sachimset_dek_table_entry1(): 124285242Sachim 125285242SachimPurpose: 126285242SachimParameters: 127285242SachimReturn: 128285242SachimNote: 129285242Sachim******************************************************************************/ 130285242Sachimssize_t 131285242Sachimset_dek_table_entry1(struct device *dev, struct device_attribute *attr, const char *buf, size_t len) 132285242Sachim{ 133285242Sachim return set_dek_table_entry(dev, buf, len, DEK_TABLE_1); 134285242Sachim} 135285242Sachim 136285242Sachim 137285242Sachim/****************************************************************************** 138285242Sachimshow_dek_table_entry(): 139285242Sachim 140285242SachimPurpose: 141285242SachimParameters: 142285242SachimReturn: 143285242SachimNote: 144285242Sachim******************************************************************************/ 145285242Sachimstatic inline int 146285242Sachimshow_dek_table_entry(struct device *dev, char *buf, unsigned int table) 147285242Sachim{ 148285242Sachim int i = 0, j; 149285242Sachim unsigned char *p; 150285242Sachim struct Scsi_Host *sh = class_to_shost(dev); 151285242Sachim ag_card_t *pCard = (ag_card_t *) sh->hostdata; 152285242Sachim ag_card_info_t *pCardInfo = pCard->pCardInfo; 153285242Sachim ag_resource_info_t *pRscInfo = &pCardInfo->tiRscInfo; 154285242Sachim tiEncryptDekBlob_t *pDekTable = NULL; 155285242Sachim 156285242Sachim if(!pCard->encrypt) 157285242Sachim return -EINVAL; 158285242Sachim 159285242Sachim if(table == DEK_TABLE_0) 160285242Sachim pDekTable = pRscInfo->tiLoLevelResource.loLevelMem.mem[DEK_MEM_INDEX_1].virtPtr; 161285242Sachim else if(table == DEK_TABLE_1) 162285242Sachim pDekTable = pRscInfo->tiLoLevelResource.loLevelMem.mem[DEK_MEM_INDEX_2].virtPtr; 163285242Sachim if(pDekTable == NULL) 164285242Sachim return -EINVAL; 165285242Sachim 166285242Sachim if(pCard->dek_index[table] >= 0 || pCard->dek_index[table] < DEK_MAX_TABLE_ITEMS) { 167285242Sachim i += careful_write(buf, i, PAGE_SIZE, "%4d: ", pCard->dek_index[table]); 168285242Sachim p = (unsigned char *) &pDekTable[pCard->dek_index[table]]; 169285242Sachim for(j = 0; j < sizeof(tiEncryptDekBlob_t); j++) { 170285242Sachim i += careful_write(buf, i, PAGE_SIZE, "%02x", p[j]); 171285242Sachim } 172285242Sachim i += careful_write(buf, i, PAGE_SIZE, "\n"); 173285242Sachim } else { 174285242Sachim i += careful_write(buf, i, PAGE_SIZE, "Bad DEK index %d; range: 0 - %d\n", pCard->dek_index[table], DEK_MAX_TABLE_ITEMS); 175285242Sachim } 176285242Sachim 177285242Sachim /* BUG if we return more than a single page of data */ 178285242Sachim //BUG_ON(i > PAGE_SIZE); 179285242Sachim if (i > PAGE_SIZE) 180285242Sachim i = PAGE_SIZE; 181285242Sachim 182285242Sachim return i; 183285242Sachim} 184285242Sachim 185285242Sachim/****************************************************************************** 186285242Sachimshow_dek_table_entry0(): 187285242Sachim 188285242SachimPurpose: 189285242SachimParameters: 190285242SachimReturn: 191285242SachimNote: 192285242Sachim******************************************************************************/ 193285242Sachimssize_t 194285242Sachimshow_dek_table_entry0(struct device *dev, struct device_attribute *attr, char *buf) 195285242Sachim{ 196285242Sachim return show_dek_table_entry(dev, buf, DEK_TABLE_0); 197285242Sachim} 198285242Sachim 199285242Sachim/****************************************************************************** 200285242Sachimshow_dek_table_entry1(): 201285242Sachim 202285242SachimPurpose: 203285242SachimParameters: 204285242SachimReturn: 205285242SachimNote: 206285242Sachim******************************************************************************/ 207285242Sachimssize_t 208285242Sachimshow_dek_table_entry1(struct device *dev, struct device_attribute *attr, char *buf) 209285242Sachim{ 210285242Sachim return show_dek_table_entry(dev, buf, DEK_TABLE_1); 211285242Sachim} 212285242Sachim 213285242Sachim/****************************************************************************** 214285242Sachimshow_kek_table(): 215285242Sachim 216285242SachimPurpose: 217285242SachimParameters: 218285242SachimReturn: 219285242SachimNote: 220285242Sachim******************************************************************************/ 221285242Sachimssize_t 222285242Sachimshow_kek_table(struct device *dev, struct device_attribute *attr, char *buf) 223285242Sachim{ 224285242Sachim int i = 0, j, kek_index; 225285242Sachim unsigned char *p; 226285242Sachim struct Scsi_Host *sh = class_to_shost(dev); 227285242Sachim ag_card_t *pCard = (ag_card_t *) sh->hostdata; 228285242Sachim 229285242Sachim if(!pCard->encrypt) 230285242Sachim return -EINVAL; 231285242Sachim 232285242Sachim for(kek_index = 0; kek_index < KEK_TABLE_MAX_ENTRY; kek_index++) { 233285242Sachim i += careful_write(buf, i, PAGE_SIZE, " %4d: %08x ", kek_index, pCard->kek_table[kek_index].wrapperIndex); 234285242Sachim p = (unsigned char *) &pCard->kek_table[kek_index].kekBlob; 235285242Sachim for(j = 0; j < sizeof(tiEncryptKekBlob_t); j++) { 236285242Sachim i += careful_write(buf, i, PAGE_SIZE, "%02x", p[j]); 237285242Sachim } 238285242Sachim i += careful_write(buf, i, PAGE_SIZE, "\n"); 239285242Sachim } 240285242Sachim i += careful_write(buf, i, PAGE_SIZE, "\n"); 241285242Sachim 242285242Sachim /* BUG if we return more than a single page of data */ 243285242Sachim //BUG_ON(i > PAGE_SIZE); 244285242Sachim if (i > PAGE_SIZE) 245285242Sachim i = PAGE_SIZE; 246285242Sachim 247285242Sachim return i; 248285242Sachim} 249285242Sachim 250285242Sachim/****************************************************************************** 251285242Sachimshow_dek_kek_map(): 252285242Sachim 253285242SachimPurpose: 254285242SachimParameters: 255285242SachimReturn: 256285242SachimNote: 257285242Sachim******************************************************************************/ 258285242Sachimstatic inline int 259285242Sachimshow_dek_kek_map(struct device *dev, char *buf, unsigned int table) 260285242Sachim{ 261285242Sachim int i = 0, dek_index; 262285242Sachim struct Scsi_Host *sh = class_to_shost(dev); 263285242Sachim ag_card_t *pCard = (ag_card_t *) sh->hostdata; 264285242Sachim 265285242Sachim if(!pCard->encrypt) 266285242Sachim return -EINVAL; 267285242Sachim 268285242Sachim if(table != DEK_TABLE_0 && table != DEK_TABLE_1) 269285242Sachim return -EINVAL; 270285242Sachim 271285242Sachim i += careful_write(buf, i, PAGE_SIZE, "Table %d\n", table); 272285242Sachim i += careful_write(buf, i, PAGE_SIZE, "=======\n"); 273285242Sachim for(dek_index = 0; dek_index < DEK_MAX_TABLE_ITEMS; dek_index++) { 274285242Sachim i += careful_write(buf, i, PAGE_SIZE, " %4d: %08x\n", dek_index, pCard->dek_kek_map[table][dek_index].kekIndex); 275285242Sachim } 276285242Sachim i += sprintf(buf + i, "\n"); 277285242Sachim 278285242Sachim /* BUG if we return more than a single page of data */ 279285242Sachim //BUG_ON(i > PAGE_SIZE); 280285242Sachim if (i > PAGE_SIZE) 281285242Sachim i = PAGE_SIZE; 282285242Sachim 283285242Sachim return i; 284285242Sachim} 285285242Sachim 286285242Sachim/****************************************************************************** 287285242Sachimshow_dek_kek_map0(): 288285242Sachim 289285242SachimPurpose: 290285242SachimParameters: 291285242SachimReturn: 292285242SachimNote: 293285242Sachim******************************************************************************/ 294285242Sachimssize_t 295285242Sachim 296285242Sachimshow_dek_kek_map0(struct device *dev, struct device_attribute *attr, char *buf) 297285242Sachim{ 298285242Sachim return show_dek_kek_map(dev, buf, 0); 299285242Sachim} 300285242Sachim 301285242Sachim/****************************************************************************** 302285242Sachimshow_dek_kek_map1(): 303285242Sachim 304285242SachimPurpose: 305285242SachimParameters: 306285242SachimReturn: 307285242SachimNote: 308285242Sachim******************************************************************************/ 309285242Sachimssize_t 310285242Sachimshow_dek_kek_map1(struct device *dev, struct device_attribute *attr, char *buf) 311285242Sachim{ 312285242Sachim return show_dek_kek_map(dev, buf, 1); 313285242Sachim} 314285242Sachim 315285242Sachim/****************************************************************************** 316285242Sachimshow_target_dek_map(): 317285242Sachim 318285242SachimPurpose: 319285242SachimParameters: 320285242SachimReturn: 321285242SachimNote: 322285242Sachim******************************************************************************/ 323285242Sachimssize_t 324285242Sachimshow_target_dek_map(struct device *dev, struct device_attribute *attr, char *buf) 325285242Sachim{ 326285242Sachim int i = 0; 327285242Sachim unsigned int chan, device, lun = 0; 328285242Sachim ag_encrypt_map_t *p; 329285242Sachim struct list_head *lh; 330285242Sachim struct Scsi_Host *sh = class_to_shost(dev); 331285242Sachim ag_card_t *pCard = (ag_card_t *) sh->hostdata; 332285242Sachim 333285242Sachim if(!pCard->encrypt) 334285242Sachim return -EINVAL; 335285242Sachim 336285242Sachim for(chan = 0; chan <= AGTIAPI_MAX_CHANNEL_NUM; chan++) { 337285242Sachim for(device = 0; device < pCard->devDiscover; device++) { 338285242Sachim#ifdef REPORT_ALL_LUNS 339285242Sachim for(lun = 0; lun < AGTIAPI_MAX_LUN; lun++) { 340285242Sachim#endif 341285242Sachim lh = MAP_TABLE_ENTRY(pCard, chan, device, lun); 342285242Sachim if(lh) { 343285242Sachim list_for_each_entry(p, lh, list) { 344285242Sachim if(p->dekIndex != DEK_INDEX_INVALID) 345285242Sachim i += careful_write(buf, i, PAGE_SIZE, " %u:%u:%u: %x %8x %8x %16lx %16lx %08x:%08x %1x\n", chan, device, lun, p->dekTable, p->dekIndex, p->kekIndex, p->lbaMin, p->lbaMax, p->keyTag[1], p->keyTag[0], p->keyTagCheck); 346285242Sachim } 347285242Sachim } 348285242Sachim#ifdef REPORT_ALL_LUNS 349285242Sachim } 350285242Sachim#endif 351285242Sachim } 352285242Sachim } 353285242Sachim 354285242Sachim if (i > PAGE_SIZE) 355285242Sachim i = PAGE_SIZE; 356285242Sachim 357285242Sachim return i; 358285242Sachim} 359285242Sachim 360285242Sachim 361285242Sachim/****************************************************************************** 362285242Sachimagtiapi_AddDek(): 363285242Sachim 364285242SachimPurpose: 365285242SachimParameters: 366285242SachimReturn: 367285242SachimNote: 368285242Sachim******************************************************************************/ 369285242Sachimstatic int 370285242Sachimagtiapi_AddDek(ag_card_t *pCard, bit32 dek_table, bit32 dek_index, bit32 blob_format, bit32 entry_sz, tiEncryptDekBlob_t *dek_blob, U32_64 *addr) 371285242Sachim{ 372285242Sachim ag_resource_info_t *pRscInfo = &pCard->pCardInfo->tiRscInfo; 373285242Sachim tiEncryptDekBlob_t *pDekTable; 374285242Sachim char *p; 375285242Sachim 376285242Sachim if (dek_index >= DEK_MAX_TABLE_ITEMS) { 377285242Sachim printf("%s: Bad dek index 0x%x (MAX: 0x%x).\n", __FUNCTION__, dek_index, DEK_MAX_TABLE_ITEMS); 378285242Sachim return -E_DEK_INDEX; 379285242Sachim } 380285242Sachim 381285242Sachim switch(dek_table) { 382285242Sachim case DEK_TABLE_0: 383285242Sachim pDekTable = pRscInfo->tiLoLevelResource.loLevelMem.mem[DEK_MEM_INDEX_1].virtPtr; 384285242Sachim break; 385285242Sachim case DEK_TABLE_1: 386285242Sachim pDekTable = pRscInfo->tiLoLevelResource.loLevelMem.mem[DEK_MEM_INDEX_2].virtPtr; 387285242Sachim break; 388285242Sachim default: 389285242Sachim printf("%s: Unknown dek table %d\n", __FUNCTION__, dek_table); 390285242Sachim return -E_DEK_TABLE; 391285242Sachim } 392285242Sachim 393285242Sachim #ifdef __VMKLNX__ 394285242Sachim *addr = (U32_64) __pa(&pDekTable[0]); 395285242Sachim #else 396285242Sachim *addr = (U32_64) virt_to_phys(&pDekTable[0]); 397285242Sachim #endif 398285242Sachim 399285242Sachim p = (char *) &pDekTable[0] + (dek_index * pCard->dek_size); 400285242Sachim 401285242Sachim printf("%s: Base: %p, Index: %08x, Virt: %p Size: %d\n", __FUNCTION__, pDekTable, dek_index, &pDekTable[dek_index], pCard->dek_size); 402285242Sachim memcpy(p, dek_blob, pCard->dek_size); 403285242Sachim wmb(); 404285242Sachim 405285242Sachim /* Flush entry */ 406285242Sachim ostiCacheFlush(&pCard->tiRoot, NULL, p, pCard->dek_size); 407285242Sachim 408285242Sachim return 0; 409285242Sachim} 410285242Sachim 411285242Sachim/****************************************************************************** 412285242Sachimagtiapi_MapDekKek(): 413285242Sachim 414285242SachimPurpose: 415285242SachimParameters: 416285242SachimReturn: 417285242SachimNote: 418285242Sachim******************************************************************************/ 419285242Sachimstatic int 420285242Sachimagtiapi_MapDekKek(ag_card_t *pCard, bit32 dek_table, bit32 dek_index, bit32 kek_index) 421285242Sachim{ 422285242Sachim if (dek_index >= DEK_MAX_TABLE_ITEMS) { 423285242Sachim printf("%s: Bad dek index 0x%x (MAX: 0x%x).\n", __FUNCTION__, dek_index, DEK_MAX_TABLE_ITEMS); 424285242Sachim return -E_DEK_INDEX; 425285242Sachim } 426285242Sachim 427285242Sachim if (dek_table >= DEK_MAX_TABLES) { 428285242Sachim printf("%s: Bad dek table.\n", __FUNCTION__); 429285242Sachim return -E_DEK_TABLE; 430285242Sachim } 431285242Sachim 432285242Sachim if (kek_index >= KEK_TABLE_MAX_ENTRY) { 433285242Sachim printf("%s: Bad kek index.\n", __FUNCTION__); 434285242Sachim return -E_KEK_INDEX; 435285242Sachim } 436285242Sachim 437285242Sachim pCard->dek_kek_map[dek_table][dek_index].kekIndex = kek_index; 438285242Sachim return 0; 439285242Sachim} 440285242Sachim 441285242Sachim/****************************************************************************** 442285242Sachimagtiapi_AddKek(): 443285242Sachim 444285242SachimPurpose: 445285242SachimParameters: 446285242SachimReturn: 447285242SachimNote: 448285242Sachim******************************************************************************/ 449285242Sachimstatic int 450285242Sachimagtiapi_AddKek(ag_card_t *pCard, bit32 kek_index, bit32 wrapper_kek_index, tiEncryptKekBlob_t *kek_blob) 451285242Sachim{ 452285242Sachim if (kek_index >= KEK_TABLE_MAX_ENTRY) { 453285242Sachim printf("%s: Bad kek index.\n", __FUNCTION__); 454285242Sachim return -E_KEK_INDEX; 455285242Sachim } 456285242Sachim if (wrapper_kek_index >= KEK_TABLE_MAX_ENTRY) { 457285242Sachim printf("%s: Bad kek wrapper index.\n", __FUNCTION__); 458285242Sachim return -E_KEK_INDEX; 459285242Sachim } 460285242Sachim pCard->kek_table[kek_index].wrapperIndex = wrapper_kek_index; 461285242Sachim memcpy(&pCard->kek_table[kek_index].kekBlob, kek_blob, sizeof(tiEncryptKekBlob_t)); 462285242Sachim return 0; 463285242Sachim} 464285242Sachim 465285242Sachim/****************************************************************************** 466285242Sachimagtiapi_MapDek(): 467285242Sachim 468285242SachimPurpose: 469285242SachimParameters: 470285242SachimReturn: 471285242SachimNote: 472285242Sachim******************************************************************************/ 473285242Sachimstatic int 474285242Sachimagtiapi_MapDek(ag_card_t *pCard, EncryptDeviceDekMap_t *dek_map) 475285242Sachim{ 476285242Sachim int found = 0; 477285242Sachim bit32 chan, device, lun; 478285242Sachim bit32 dek_table, dek_index, kek_index; 479285242Sachim unsigned long long lba_min, lba_max; 480285242Sachim ag_encrypt_map_t *p, *n; 481285242Sachim struct list_head *lh; 482285242Sachim 483285242Sachim chan = dek_map->channel; 484285242Sachim device = dek_map->device; 485285242Sachim lun = dek_map->lun; 486285242Sachim 487285242Sachim lba_min = dek_map->dekMapEntry[0].startLBA; 488285242Sachim lba_max = dek_map->dekMapEntry[0].endLBA; 489285242Sachim 490285242Sachim dek_table = dek_map->dekMapEntry[0].dek.dekTable; 491285242Sachim dek_index = dek_map->dekMapEntry[0].dek.dekIndex; 492285242Sachim 493285242Sachim /* Sanity check channel, device, lun */ 494285242Sachim if (chan > AGTIAPI_MAX_CHANNEL_NUM) { 495285242Sachim printf("%s: Bad channel %d.\n", __FUNCTION__, chan); 496285242Sachim return -E_CHANNEL_INDEX; 497285242Sachim } 498285242Sachim if (device >= pCard->devDiscover) { 499285242Sachim printf("%s: Bad device %d.\n", __FUNCTION__, device); 500285242Sachim return -E_DEVICE_INDEX; 501285242Sachim } 502285242Sachim if (lun >= AGTIAPI_MAX_LUN) { 503285242Sachim printf("%s: Bad lun %d.\n", __FUNCTION__, lun); 504285242Sachim return -E_LUN_INDEX; 505285242Sachim } 506285242Sachim 507285242Sachim /* Sanity check dek index */ 508285242Sachim if (dek_index >= DEK_MAX_TABLE_ITEMS) { 509285242Sachim printf("%s: Bad dek index 0x%x (MAX: 0x%x).\n", __FUNCTION__, dek_index, DEK_MAX_TABLE_ITEMS); 510285242Sachim return -E_DEK_INDEX; 511285242Sachim } 512285242Sachim 513285242Sachim /* Sanity check dek table */ 514285242Sachim if (dek_table >= DEK_MAX_TABLES) { 515285242Sachim printf("%s: Bad dek table %d.\n", __FUNCTION__, dek_table); 516285242Sachim return -E_DEK_TABLE; 517285242Sachim } 518285242Sachim 519285242Sachim /* Check that lba min and lba max are sane */ 520285242Sachim if (lba_min >= lba_max) { 521285242Sachim printf("%s: Bad lba min and lba max: %llx %llx.\n", __FUNCTION__, lba_min, lba_max); 522285242Sachim return -E_LBA_RANGE; 523285242Sachim } 524285242Sachim 525285242Sachim /* dek_table and dek_index are valid, look up kek */ 526285242Sachim kek_index = pCard->dek_kek_map[dek_table][dek_index].kekIndex; 527285242Sachim 528285242Sachim lh = MAP_TABLE_ENTRY(pCard, chan, device, lun); 529285242Sachim 530285242Sachim if (dek_map->dekMapEntry[0].flags & ENCRYPT_DEK_MAP_ENTRY_CLEAR) { 531285242Sachim /* Delete the entry */ 532285242Sachim found = 0; 533285242Sachim list_for_each_entry_safe(p, n, lh, list) { 534285242Sachim if (p->lbaMin == lba_min && 535285242Sachim p->lbaMax == lba_max && 536285242Sachim p->dekTable == dek_table && 537285242Sachim p->dekIndex == dek_index && 538285242Sachim p->kekIndex == kek_index) { 539285242Sachim /* Entry found, unlink and reclaim it */ 540285242Sachim found = 1; 541285242Sachim list_del(&p->list); 542285242Sachim mempool_free(p, pCard->map_mempool); 543285242Sachim } 544285242Sachim } 545285242Sachim if (!found) { 546285242Sachim printf("%s: Entry %x %x %x %llx %llx not found.\n", __FUNCTION__, dek_table, dek_index, kek_index, lba_min, lba_max); 547285242Sachim return -E_NOT_FOUND; 548285242Sachim } 549285242Sachim } else if (dek_map->dekMapEntry[0].flags & ENCRYPT_DEK_MAP_ENTRY_VALID) { 550285242Sachim /* Add the entry */ 551285242Sachim 552285242Sachim p = (ag_encrypt_map_t *)uma_zalloc(pCard->map_cache, M_WAITOK); //Encryption 553285242Sachim if (!p) { 554285242Sachim printf("%s: Unable to allocate from memory pool.\n", __FUNCTION__); 555285242Sachim return -E_MEMPOOL_ALLOC; 556285242Sachim } 557285242Sachim 558285242Sachim /* Populate it */ 559285242Sachim p->lbaMin = lba_min; 560285242Sachim p->lbaMax = lba_max; 561285242Sachim p->dekTable = dek_table; 562285242Sachim p->dekIndex = dek_index; 563285242Sachim p->kekIndex = kek_index; 564285242Sachim p->keyTagCheck = dek_map->keytag_check; 565285242Sachim memcpy(&p->keyTag, &dek_map->keytag, sizeof(p->keyTag)); 566285242Sachim 567285242Sachim /* Test to see if this new mapping overlaps an existing mapping */ 568285242Sachim list_for_each_entry(n, lh, list) { 569285242Sachim /* 570285242Sachim * Check if the start lba falls in existing range || 571285242Sachim * Check if the end lba falls in existing range || 572285242Sachim * Check if the start lba of the existing range falls in the new range 573285242Sachim */ 574285242Sachim if (((p->lbaMin >= n->lbaMin) && (p->lbaMin <= n->lbaMax)) || 575285242Sachim ((p->lbaMax >= n->lbaMin) && (p->lbaMax <= n->lbaMax)) || 576285242Sachim ((n->lbaMin >= p->lbaMin) && (n->lbaMin <= p->lbaMax))) { 577285242Sachim printf("%s: WARNING: New entry lba range overlap: %llx - %llx vs %llx - %llx.\n", __FUNCTION__, p->lbaMin, p->lbaMax, n->lbaMin, n->lbaMax); 578285242Sachim } 579285242Sachim } 580285242Sachim 581285242Sachim /* Link it in to list at the head so it takes precedence */ 582285242Sachim list_add(&p->list, lh); 583285242Sachim 584285242Sachim /* TODO: Decide if/how to refcount each dek/kek index used by the mapping */ 585285242Sachim 586285242Sachim } else { 587285242Sachim printf("%s: Bad flags %08x\n", __FUNCTION__, dek_map->dekMapEntry[0].flags); 588285242Sachim return -E_FLAGS; 589285242Sachim } 590285242Sachim 591285242Sachim return 0; 592285242Sachim} 593285242Sachim#endif 594285242Sachim#ifdef HIALEAH_ENCRYPTION 595285242Sachim/****************************************************************************** 596285242Sachimagtiapi_SetupEncryption(): 597285242Sachim 598285242SachimPurpose: 599285242SachimParameters: 600285242SachimReturn: 601285242SachimNote: 602285242Sachim******************************************************************************/ 603285242Sachimint 604285242Sachimagtiapi_SetupEncryption(struct agtiapi_softc *pCard) 605285242Sachim{ 606285242Sachim tiRoot_t *tiRoot = (tiRoot_t *) &pCard->tiRoot; 607285242Sachim bit32 status = tiSuccess; 608285242Sachim printf("agtiapi_SetupEncryption: HIALEAH_ENCRYPTION\n"); 609285242Sachim if (pCard->encrypt == agTRUE) 610285242Sachim { 611285242Sachim status = tiCOMEncryptGetInfo(tiRoot); 612285242Sachim printf("agtiapi_SetupEncryption: HIALEAH_ENCRYPTION tiCOMEncryptGetInfo Status 0x%x\n",status); 613285242Sachim 614285242Sachim if(status == 1 ) 615285242Sachim { 616285242Sachim status = tiCOMEncryptHilSet(tiRoot ); 617285242Sachim if (status) { 618285242Sachim pCard->encrypt = agFALSE; 619285242Sachim printf("agtiapi_SetupEncryption: HIALEAH_ENCRYPTION not set\n"); 620285242Sachim } 621285242Sachim } 622285242Sachim } 623285242Sachim return 0; 624285242Sachim} 625285242Sachim#ifdef ENCRYPT_ENHANCE 626285242Sachim/****************************************************************************** 627285242Sachimagtiapi_SetupEncryptionPools(): 628285242Sachim 629285242SachimPurpose: 630285242SachimParameters: 631285242SachimReturn: 632285242SachimNote: 633285242Sachim******************************************************************************/ 634285242Sachimint 635285242Sachimagtiapi_SetupEncryptionPools(struct agtiapi_softc *pCard) 636285242Sachim{ 637285242Sachim /* Configure encryption memory pool */ 638285242Sachim memset(pCard->map_cache_name, 0, sizeof(pCard->map_cache_name)); 639285242Sachim snprintf(pCard->map_cache_name, sizeof(pCard->map_cache_name) - 1, "map_cache_%d", pCard->cardNo); 640285242Sachim 641285242Sachim//zone allocation 642285242Sachim pCard->map_cache = uma_zcreate(pCard->map_cache_name, sizeof(ag_encrypt_map_t),NULL, NULL, NULL, NULL, 0, 0); 643285242Sachim if(!pCard->map_cache) { 644285242Sachim /* 645285242Sachim * This error may be due to an existing cache in the kernel 646285242Sachim * from an earlier kmem_cache that wasn't properly freed 647285242Sachim */ 648285242Sachim printf("Unable to create uma_zcreate cache for encryption map mempool.\n"); 649285242Sachim return -EFAULT; 650285242Sachim } 651285242Sachim uma_zone_set_max(pCard->map_cache, ENCRYPTION_MAP_MEMPOOL_SIZE); 652285242Sachim 653285242Sachim 654285242Sachim /* Configure encryption IO error pool */ 655285242Sachim INIT_LIST_HEAD(&pCard->ioerr_queue); 656285242Sachim/*#if (LINUX_VERSION_CODE < KERNEL_VERSION(2,6,34)) // #### 657285242Sachim pCard->ioerr_queue_lock = SPIN_LOCK_UNLOCKED; 658285242Sachim#else */ 659285242Sachim pCard->ioerr_queue_lock = AG_SPIN_UNLOCK(pCard->ioerr_queue_lock); 660285242Sachim//#endif 661285242Sachim 662285242Sachim 663285242Sachim memset(pCard->ioerr_cache_name, 0, sizeof(pCard->ioerr_cache_name)); 664285242Sachim snprintf(pCard->ioerr_cache_name, sizeof(pCard->ioerr_cache_name) - 1, "ioerr_cache_%d", pCard->cardNo); 665285242Sachim 666285242Sachim pCard->ioerr_cache = uma_zcreate(pCard->ioerr_cache_name, sizeof(ag_encrypt_ioerr_t), NULL, NULL, NULL, NULL, 0, 0); 667285242Sachim if(!pCard->ioerr_cache) { 668285242Sachim /* 669285242Sachim * This error may be due to an existing cache in the kernel 670285242Sachim * from an earlier kmem_cache that wasn't properly freed 671285242Sachim */ 672285242Sachim printf("Unable to create kmem cache for encryption IO error mempool.\n"); 673285242Sachim return -EFAULT; 674285242Sachim } 675285242Sachim uma_zone_set_max(pCard->ioerr_cache, ENCRYPTION_IO_ERR_MEMPOOL_SIZE); 676285242Sachim 677285242Sachim /* Set cipher mode to something invalid */ 678285242Sachim pCard->cipher_mode = CIPHER_MODE_INVALID; 679285242Sachim 680285242Sachim return 0; 681285242Sachim} 682285242Sachim#endif 683285242Sachim/****************************************************************************** 684285242Sachimagtiapi_CleanupEncryption(): 685285242Sachim 686285242SachimPurpose: 687285242SachimParameters: 688285242SachimReturn: 689285242SachimNote: 690285242Sachim******************************************************************************/ 691285242Sachimvoid 692285242Sachimagtiapi_CleanupEncryption(struct agtiapi_softc *pCard) 693285242Sachim{ 694285242Sachim#ifdef ENCRYPT_ENHANCE 695285242Sachim if(pCard->encrypt_map) { 696285242Sachim int chan, device, lun; 697285242Sachim struct list_head *lh; 698285242Sachim ag_encrypt_map_t *p, *n; 699285242Sachim 700285242Sachim for (chan = 0; chan < (AGTIAPI_MAX_CHANNEL_NUM + 1); chan++) { 701285242Sachim for (device = 0; device < pCard->devDiscover; device++) { 702285242Sachim for (lun = 0; lun < AGTIAPI_MAX_LUN; lun++) { 703285242Sachim lh = MAP_TABLE_ENTRY(pCard, chan, device, lun); 704285242Sachim list_for_each_entry_safe(p, n, lh, list) { 705285242Sachim // mempool_free(p, pCard->map_mempool); 706285242Sachim } 707285242Sachim } 708285242Sachim } 709285242Sachim } 710285242Sachim vfree(pCard->encrypt_map); 711285242Sachim pCard->encrypt_map = NULL; 712285242Sachim } 713285242Sachim#endif 714285242Sachim} 715285242Sachim 716285242Sachim#ifdef ENCRYPT_ENHANCE 717285242Sachim/****************************************************************************** 718285242Sachimagtiapi_CleanupEncryptionPools(): 719285242Sachim 720285242SachimPurpose: 721285242SachimParameters: 722285242SachimReturn: 723285242SachimNote: 724285242Sachim******************************************************************************/ 725285242Sachimvoid 726285242Sachimagtiapi_CleanupEncryptionPools(struct agtiapi_softc *pCard) 727285242Sachim{ 728285242Sachim ag_encrypt_ioerr_t *ioerr, *tmp; 729285242Sachim atomic_set(&ioerr_queue_count); 730285242Sachim 731285242Sachim /* 732285242Sachim * TODO: check "outstanding_encrypted_io_count" for non-zero 733285242Sachim * and free all mempool items prior to destroying pool 734285242Sachim */ 735285242Sachim 736285242Sachim /* Clean up memory pools */ 737285242Sachim if (pCard->map_mempool) { 738285242Sachim mempool_destroy(pCard->map_mempool); 739285242Sachim printf("Encryption Map mempool released.\n"); 740285242Sachim pCard->map_mempool = NULL; 741285242Sachim } 742285242Sachim 743285242Sachim /* Clean up kmem cache */ 744285242Sachim if (pCard->map_cache) { 745285242Sachim kmem_cache_destroy(pCard->map_cache); 746285242Sachim printf("Kernel memory cache %s released.\n", pCard->map_cache_name); 747285242Sachim pCard->map_cache = NULL; 748285242Sachim } 749285242Sachim 750285242Sachim /* Clean up memory pools */ 751285242Sachim list_for_each_entry_safe(ioerr, tmp, &pCard->ioerr_queue, list) { 752285242Sachim list_del_init(&ioerr->list); 753285242Sachim mempool_free(ioerr, pCard->ioerr_mempool); 754285242Sachim atomic_dec(&ioerr_queue_count); 755285242Sachim } 756285242Sachim 757285242Sachim if (pCard->ioerr_mempool) { 758285242Sachim mempool_destroy(pCard->ioerr_mempool); 759285242Sachim printf("Encryption IO Error mempool released.\n"); 760285242Sachim pCard->ioerr_mempool = NULL; 761285242Sachim } 762285242Sachim 763285242Sachim /* Clean up kmem cache */ 764285242Sachim if (pCard->ioerr_cache) { 765285242Sachim kmem_cache_destroy(pCard->ioerr_cache); 766285242Sachim printf("Kernel memory cache %s released.\n", pCard->ioerr_cache_name); 767285242Sachim pCard->ioerr_cache = NULL; 768285242Sachim } 769285242Sachim} 770285242Sachim 771285242Sachim/****************************************************************************** 772285242Sachimagtiapi_EncryptionIoctl(): 773285242Sachim 774285242SachimPurpose: 775285242SachimParameters: 776285242SachimReturn: 777285242SachimNote: 778285242Sachim******************************************************************************/ 779285242Sachimint 780285242Sachimagtiapi_EncryptionIoctl(struct agtiapi_softc *pCard, IoctlEncrypt_t *pIoctlPayload) 781285242Sachim{ 782285242Sachim int rv, rc = 0, skip_wait = 0; 783285242Sachim tiRoot_t *tiRoot = (tiRoot_t *) &pCard->tiRoot; 784285242Sachim IoctlTISAEncrypt_t *ioctl_data = &pIoctlPayload->body; 785285242Sachim pIoctlPayload->hdr.Status = IOCTL_ERR_STATUS_INVALID_CODE; 786285242Sachim pCard->ioctl_data = (void *) ioctl_data; 787285242Sachim init_completion(&pCard->ioctl_completion); 788285242Sachim 789285242Sachim /* Check that the system is quiesced */ 790285242Sachim if (atomic_read(&outstanding_encrypted_io_count) != 0) 791285242Sachim printf("%s: WARNING: Attempting encryption management update with outstanding encrypted IOs!\n", __FUNCTION__); 792285242Sachim 793285242Sachimprintf("%s: Minor %d\n", __FUNCTION__, pIoctlPayload->hdr.MinorFunction); 794285242Sachim switch(pIoctlPayload->hdr.MinorFunction) { 795285242Sachim case IOCTL_MN_ENCRYPTION_GET_INFO: 796285242Sachim { 797285242Sachim //IoctlEncryptGetInfo_t *get_info = (IoctlEncryptGetInfo_t *) &ioctl_data->request; 798285242Sachim rc = tiCOMEncryptGetInfo(tiRoot); 799285242Sachim } 800285242Sachim break; 801285242Sachim case IOCTL_MN_ENCRYPTION_SET_MODE: 802285242Sachim { 803285242Sachim u32 reg_val = 0, new_cipher_mode = 0; 804285242Sachim IoctlEncryptSetMode_t *set_mode = (IoctlEncryptSetMode_t *) &ioctl_data->request; 805285242Sachim 806285242Sachim printf("%s: input %08x\n", __FUNCTION__, set_mode->securityCipherMode); 807285242Sachim 808285242Sachim /* Set security mode */ 809285242Sachim if(TI_ENCRYPT_SEC_MODE_FACT_INIT) 810285242Sachim if(set_mode->securityCipherMode & TI_ENCRYPT_SEC_MODE_FACT_INIT) { 811285242Sachim reg_val |= TI_ENCRYPT_SEC_MODE_FACT_INIT; 812285242Sachim pCard->dek_size = DEK_SIZE_PLAIN; 813285242Sachim } 814285242Sachim if(set_mode->securityCipherMode & TI_ENCRYPT_SEC_MODE_A) { 815285242Sachim reg_val |= TI_ENCRYPT_SEC_MODE_A; 816285242Sachim pCard->dek_size = DEK_SIZE_ENCRYPT; 817285242Sachim } else if(set_mode->securityCipherMode & TI_ENCRYPT_SEC_MODE_B) { 818285242Sachim reg_val |= TI_ENCRYPT_SEC_MODE_B; 819285242Sachim pCard->dek_size = DEK_SIZE_ENCRYPT; 820285242Sachim } 821285242Sachim 822285242Sachim /* Set cipher mode */ 823285242Sachim if(set_mode->securityCipherMode & TI_ENCRYPT_ATTRIB_CIPHER_XTS) { 824285242Sachim reg_val |= TI_ENCRYPT_ATTRIB_CIPHER_XTS; 825285242Sachim new_cipher_mode = TI_ENCRYPT_MODE_XTS_AES; 826285242Sachim } 827285242Sachim 828285242Sachim printf("%s: Setting security cipher mode to: 0x%08x\n", __FUNCTION__, reg_val); 829285242Sachim pCard->cipher_mode = new_cipher_mode; 830285242Sachim 831285242Sachim rc = tiCOMEncryptSetMode(tiRoot, reg_val); 832285242Sachim } 833285242Sachim break; 834285242Sachim case IOCTL_MN_ENCRYPTION_KEK_ADD: 835285242Sachim { 836285242Sachim tiEncryptKekBlob_t kek_blob; 837285242Sachim IoctlEncryptKekAdd_t *kek_add = (IoctlEncryptKekAdd_t *) &ioctl_data->request; 838285242Sachim printf("%s: Add kek at index 0x%x wrapper 0x%x format 0x%x\n", __FUNCTION__, kek_add->kekIndex, kek_add->wrapperKekIndex, kek_add->blobFormat); 839285242Sachim 840285242Sachim /* Copy kek_blob from user pointer to local buffer */ 841285242Sachim if(access_ok(VERIFY_READ, kek_add->EncryptKekBlob, sizeof(kek_blob))) { 842285242Sachim printf("%s: Starting copy from user %p to kernel %p\n", __FUNCTION__, kek_add->EncryptKekBlob, &kek_blob); 843285242Sachim if((rv = copy_from_user(&kek_blob, kek_add->EncryptKekBlob, sizeof(kek_blob))) != 0) { 844285242Sachim printf("%s: Copy error, %d left\n", __FUNCTION__, rv); 845285242Sachim return IOCTL_CALL_FAIL; 846285242Sachim } 847285242Sachim rc = tiCOMEncryptKekAdd(tiRoot, kek_add->kekIndex, kek_add->wrapperKekIndex, kek_add->blobFormat, &kek_blob); 848285242Sachim 849285242Sachim /* Add kek to local kek table (in case of chip reset) */ 850285242Sachim if(rc == tiSuccess) { 851285242Sachim if(agtiapi_AddKek(pCard, kek_add->kekIndex, kek_add->wrapperKekIndex, &kek_blob) < 0) { 852285242Sachim return IOCTL_CALL_FAIL; 853285242Sachim } 854285242Sachim } 855285242Sachim } else { 856285242Sachim return IOCTL_CALL_FAIL; 857285242Sachim } 858285242Sachim } 859285242Sachim break; 860285242Sachim case IOCTL_MN_ENCRYPTION_DEK_ADD: 861285242Sachim { 862285242Sachim tiEncryptDekBlob_t dek_blob; /* Copied in */ 863285242Sachim IoctlEncryptDekAdd_t *dek_add = (IoctlEncryptDekAdd_t *) &ioctl_data->request; 864285242Sachim bit32 kek_index = dek_add->kekIndex; 865285242Sachim bit32 dek_index = dek_add->dekIndex; 866285242Sachim bit32 dek_table = dek_add->dekTable; 867285242Sachim bit32 blob_format = dek_add->dekBlobFormat; 868285242Sachim bit32 entry_sz = dek_add->dekTableKeyEntrySize; 869285242Sachim U32_64 addr = 0; 870285242Sachim bit32 addr_table[2]; 871285242Sachim memset(addr_table, 0, sizeof(addr_table)); 872285242Sachim 873285242Sachim printf("%s: Add dek at index 0x%x, table %x, kek index %x, blob format %x, entry size %x\n", __FUNCTION__, dek_index, dek_table, kek_index, blob_format, entry_sz); 874285242Sachim 875285242Sachim /* Copy dek_blob from user pointer to local buffer */ 876285242Sachim if(access_ok(VERIFY_READ, dek_add->dekBlob, sizeof(dek_blob))) { 877285242Sachim printf("%s: Starting copy from user %p to kernel %p\n", __FUNCTION__, dek_add->dekBlob, &dek_blob); 878285242Sachim if((rv = copy_from_user(&dek_blob, dek_add->dekBlob, sizeof(dek_blob))) != 0) { 879285242Sachim printf("%s: Copy error, %d left\n", __FUNCTION__, rv); 880285242Sachim return IOCTL_CALL_FAIL; 881285242Sachim } 882285242Sachim 883285242Sachim /* Add DEK to local table */ 884285242Sachim if (agtiapi_AddDek(pCard, dek_table, dek_index, blob_format, entry_sz, &dek_blob, &addr) < 0) { 885285242Sachim return IOCTL_CALL_FAIL; 886285242Sachim } 887285242Sachim memcpy(addr_table, &addr, sizeof(addr)); 888285242Sachim 889285242Sachim /* Add DEK-KEK association in local table */ 890285242Sachim if (agtiapi_MapDekKek(pCard, dek_table, dek_index, kek_index) < 0) { 891285242Sachim return IOCTL_CALL_FAIL; 892285242Sachim } 893285242Sachim 894285242Sachim /* Push DEK to chip */ 895285242Sachim rc = tiCOMEncryptDekAdd(tiRoot, kek_index, dek_table, addr_table[1], addr_table[0], dek_index, 1, blob_format, entry_sz); 896285242Sachim } else { 897285242Sachim return IOCTL_CALL_FAIL; 898285242Sachim } 899285242Sachim } 900285242Sachim break; 901285242Sachim case IOCTL_MN_ENCRYPTION_DEK_INVALID: 902285242Sachim { 903285242Sachim IoctlEncryptDekInvalidate_t *dek_to_invalidate = (IoctlEncryptDekInvalidate_t *) &ioctl_data->request; 904285242Sachim printf("%s: Invalidating dek at index 0x%x, table %x\n", __FUNCTION__, dek_to_invalidate->dek.dekIndex, dek_to_invalidate->dek.dekTable); 905285242Sachim 906285242Sachim rc = tiCOMEncryptDekInvalidate(tiRoot, dek_to_invalidate->dek.dekTable, dek_to_invalidate->dek.dekIndex); 907285242Sachim /* TODO: What to do in local tables? Mark it? */ 908285242Sachim } 909285242Sachim break; 910285242Sachim case IOCTL_MN_ENCRYPTION_KEK_NVRAM: 911285242Sachim { 912285242Sachim rc = tiError; 913285242Sachim } 914285242Sachim break; 915285242Sachim case IOCTL_MN_ENCRYPTION_DEK_ASSIGN: 916285242Sachim { 917285242Sachim IoctlEncryptDekMapTable_t *p_dek_map = (IoctlEncryptDekMapTable_t *) &ioctl_data->request; 918285242Sachim 919285242Sachim /* Fill in host */ 920285242Sachim p_dek_map->dekMap[0].host = (bit32) pCard->pHost->host_no; 921285242Sachim 922285242Sachim printf("%s: Host %u: Mapping %u:%u:%u (%llx to %llx) to dek at index 0x%x, table %x, keytag %08x:%08x\n", __FUNCTION__, p_dek_map->dekMap[0].host, p_dek_map->dekMap[0].channel, p_dek_map->dekMap[0].device, p_dek_map->dekMap[0].lun, p_dek_map->dekMap[0].dekMapEntry[0].startLBA, p_dek_map->dekMap[0].dekMapEntry[0].endLBA, p_dek_map->dekMap[0].dekMapEntry[0].dek.dekIndex, p_dek_map->dekMap[0].dekMapEntry[0].dek.dekTable, p_dek_map->dekMap[0].keytag[1], p_dek_map->dekMap[0].keytag[0]); 923285242Sachim 924285242Sachim /* Create a mapping in local tables */ 925285242Sachim if (agtiapi_MapDek(pCard, &p_dek_map->dekMap[0]) < 0) { 926285242Sachim pIoctlPayload->hdr.Status = IOCTL_ERR_STATUS_INVALID_CODE; 927285242Sachim return IOCTL_CALL_FAIL; 928285242Sachim } 929285242Sachim 930285242Sachim rc = tiSuccess; 931285242Sachim skip_wait = 1; 932285242Sachim ioctl_data->encryptFunction = encryptSetDekMap; 933285242Sachim ioctl_data->status = tiSuccess; 934285242Sachim ioctl_data->subEvent = 0; 935285242Sachim } 936285242Sachim break; 937285242Sachim case IOCTL_MN_ENCRYPTION_ERROR_QUERY: 938285242Sachim { 939285242Sachim unsigned long flags, i, query_flag; 940285242Sachim ag_encrypt_ioerr_t *ioerr, *tmp; 941285242Sachim IoctlEncryptErrorQuery_t *perr = (IoctlEncryptErrorQuery_t *) &ioctl_data->request; 942285242Sachim 943285242Sachim printf("%s: query flag %x\n", __FUNCTION__, perr->query_flag); 944285242Sachim query_flag = perr->query_flag; 945285242Sachim 946285242Sachim /* initialize */ 947285242Sachim memset(perr, 0, sizeof(IoctlEncryptErrorQuery_t)); 948285242Sachim 949285242Sachimerror_query_restart: 950285242Sachim /* Take spinlock */ 951285242Sachim // spin_lock_irqsave(&pCard->ioerr_queue_lock, flags); 952285242Sachim AG_SPIN_LOCK_IRQ(&pCard->ioerr_queue_lock, flags); 953285242Sachim 954285242Sachim /* Walk list */ 955285242Sachim i = 0; 956285242Sachim list_for_each_entry_safe(ioerr, tmp, &pCard->ioerr_queue, list) { 957285242Sachim if (i >= 32) 958285242Sachim break; 959285242Sachim 960285242Sachim perr->valid_mask |= (1 << i); 961285242Sachim memcpy(&perr->error[i], &ioerr->ioerr, sizeof(IoctlEncryptIOError_t)); 962285242Sachim list_del_init(&ioerr->list); 963285242Sachim mempool_free(ioerr, pCard->ioerr_mempool); 964285242Sachim i++; 965285242Sachim atomic_dec(&ioerr_queue_count); 966285242Sachim } 967285242Sachim 968285242Sachim /* Release spinlock */ 969285242Sachim // spin_unlock_irqrestore(&pCard->ioerr_queue_lock, flags); 970285242Sachim AG_SPIN_UNLOCK_IRQ(&pCard->ioerr_queue_lock, flags); //for test 971285242Sachim 972285242Sachim if (!perr->valid_mask) { 973285242Sachim /* No encryption IO error events, check flags to see if blocking wait OK */ 974285242Sachim if (query_flag == ERROR_QUERY_FLAG_BLOCK) { 975285242Sachim if (wait_event_interruptible(ioerr_waitq, (atomic_read(&ioerr_queue_count)))) { 976285242Sachim /* Awoken by signal */ 977285242Sachim return IOCTL_CALL_FAIL; 978285242Sachim } else { 979285242Sachim /* Awoken by IO error */ 980285242Sachim goto error_query_restart; 981285242Sachim } 982285242Sachim } 983285242Sachim } 984285242Sachim rc = tiSuccess; 985285242Sachim skip_wait = 1; 986285242Sachim ioctl_data->encryptFunction = encryptErrorQuery; 987285242Sachim ioctl_data->status = tiSuccess; 988285242Sachim ioctl_data->subEvent = 0; 989285242Sachim } 990285242Sachim break; 991285242Sachim default: 992285242Sachim printf("%s: Unrecognized Minor Function %d\n", __FUNCTION__, pIoctlPayload->hdr.MinorFunction); 993285242Sachim pIoctlPayload->hdr.Status = IOCTL_ERR_STATUS_INVALID_CODE; 994285242Sachim return IOCTL_CALL_FAIL; 995285242Sachim break; 996285242Sachim } 997285242Sachim 998285242Sachim /* Demux rc */ 999285242Sachim switch(rc) { 1000285242Sachim case tiSuccess: 1001285242Sachim if(!skip_wait) 1002285242Sachim wait_for_completion(&pCard->ioctl_completion); 1003285242Sachim /* Maybe: wait_for_completion_timeout() */ 1004285242Sachim pIoctlPayload->hdr.Status = ioctl_data->status; 1005285242Sachim break; 1006285242Sachim case tiNotSupported: 1007285242Sachim pIoctlPayload->hdr.Status = IOCTL_ERR_STATUS_NOT_SUPPORTED; 1008285242Sachim break; 1009285242Sachim default: 1010285242Sachim printf("%s: Status: %d\n", __FUNCTION__, rc); 1011285242Sachim pIoctlPayload->hdr.Status = IOCTL_ERR_STATUS_INVALID_CODE; 1012285242Sachim break; 1013285242Sachim } 1014285242Sachim 1015285242Sachim printf("%s: Encryption ioctl %d successful.\n", __FUNCTION__, pIoctlPayload->hdr.MinorFunction); 1016285242Sachim return IOCTL_CALL_SUCCESS; 1017285242Sachim} 1018285242Sachim#endif 1019285242Sachim/****************************************************************************** 1020285242Sachimagtiapi_SetupEncryptedIO(): 1021285242Sachim 1022285242SachimPurpose: 1023285242SachimParameters: 1024285242SachimReturn: 1025285242SachimNote: 1026285242Sachim******************************************************************************/ 1027285242Sachimint 1028285242Sachimagtiapi_SetupEncryptedIO(struct agtiapi_softc *pCard, ccb_t *pccb, unsigned long long block) 1029285242Sachim{ 1030285242Sachim 1031285242Sachim pCard->cipher_mode = TI_ENCRYPT_ATTRIB_CIPHER_XTS; 1032285242Sachim /* Check that cipher mode is set properly */ 1033285242Sachim if (pCard->cipher_mode == CIPHER_MODE_INVALID) { 1034285242Sachim printf("%s: Cipher mode not yet set.\n", __FUNCTION__); 1035285242Sachim return -E_BAD_CIPHER_MODE; 1036285242Sachim } 1037285242Sachim 1038285242Sachim memset(&(pccb->tiSuperScsiRequest.Encrypt), 0, sizeof(pccb->tiSuperScsiRequest.Encrypt)); 1039285242Sachim pccb->tiSuperScsiRequest.Encrypt.keyTagCheck = FALSE; 1040285242Sachim pccb->tiSuperScsiRequest.Encrypt.encryptMode = pCard->cipher_mode; 1041285242Sachim pccb->tiSuperScsiRequest.Encrypt.tweakVal_W0 = block; 1042285242Sachim if(pccb->tiSuperScsiRequest.scsiCmnd.cdb[0] == READ_16 || 1043285242Sachim pccb->tiSuperScsiRequest.scsiCmnd.cdb[0] == WRITE_16) 1044285242Sachim { 1045285242Sachim pccb->tiSuperScsiRequest.Encrypt.tweakVal_W0 = ((pccb->tiSuperScsiRequest.scsiCmnd.cdb[6] << 24 ) | 1046285242Sachim (pccb->tiSuperScsiRequest.scsiCmnd.cdb[7] << 16 ) | 1047285242Sachim (pccb->tiSuperScsiRequest.scsiCmnd.cdb[8] << 8 ) | 1048285242Sachim (pccb->tiSuperScsiRequest.scsiCmnd.cdb[9])); 1049285242Sachim pccb->tiSuperScsiRequest.Encrypt.tweakVal_W1 = ((pccb->tiSuperScsiRequest.scsiCmnd.cdb[2] << 24 ) | 1050285242Sachim (pccb->tiSuperScsiRequest.scsiCmnd.cdb[3] << 16 ) | 1051285242Sachim (pccb->tiSuperScsiRequest.scsiCmnd.cdb[4] << 8 ) | 1052285242Sachim (pccb->tiSuperScsiRequest.scsiCmnd.cdb[5])); 1053285242Sachim } 1054285242Sachim /* Mark IO as valid encrypted IO */ 1055285242Sachim pccb->flags |= ENCRYPTED_IO; 1056285242Sachim pccb->tiSuperScsiRequest.flags = TI_SCSI_INITIATOR_ENCRYPT; 1057285242Sachim 1058285242Sachim /* Bump refcount (atomic) */ 1059285242Sachim atomic_inc(&outstanding_encrypted_io_count); 1060285242Sachim return 0; 1061285242Sachim} 1062285242Sachim 1063285242Sachim/****************************************************************************** 1064285242Sachimagtiapi_CleanupEncryptedIO(): 1065285242Sachim 1066285242SachimPurpose: 1067285242SachimParameters: 1068285242SachimReturn: 1069285242SachimNote: 1070285242Sachim******************************************************************************/ 1071285242Sachimvoid 1072285242Sachimagtiapi_CleanupEncryptedIO(struct agtiapi_softc *pCard, ccb_t *pccb) 1073285242Sachim{ 1074285242Sachim if ((pccb->flags & ENCRYPTED_IO)) { 1075285242Sachim /* Decrement refcount */ 1076285242Sachim atomic_dec(&outstanding_encrypted_io_count); 1077285242Sachim } 1078285242Sachim pccb->tiSuperScsiRequest.flags &= ~TI_SCSI_INITIATOR_ENCRYPT; 1079285242Sachim pccb->flags &= ~ENCRYPTED_IO; 1080285242Sachim} 1081285242Sachim#ifdef ENCRYPT_ENHANCE 1082285242Sachim/****************************************************************************** 1083285242Sachimagtiapi_HandleEncryptedIOFailure(): 1084285242Sachim 1085285242SachimPurpose: 1086285242SachimParameters: 1087285242SachimReturn: 1088285242SachimNote: 1089285242Sachim******************************************************************************/ 1090285242Sachimvoid 1091285242Sachimagtiapi_HandleEncryptedIOFailure(ag_device_t *pDev, ccb_t *pccb) 1092285242Sachim{ 1093285242Sachim unsigned long flags, qdepth; 1094285242Sachim struct scsi_cmnd *cmd; 1095285242Sachim ag_encrypt_ioerr_t *perr; 1096285242Sachim ag_card_t *pCard; 1097285242Sachim 1098285242Sachim cmd = pccb->cmd; 1099285242Sachim if (!cmd) { 1100285242Sachim printf("%s: Malformed pccb %p.\n", __FUNCTION__, pccb); 1101285242Sachim return; 1102285242Sachim } 1103285242Sachim 1104285242Sachim pCard = pDev->pCard; 1105285242Sachim 1106285242Sachim /* Sanity check */ 1107285242Sachim if (!(pccb->flags & ENCRYPTED_IO)) { 1108285242Sachim printf("%s: Skipping IO %lx: Not Encrypted.\n", __FUNCTION__, cmd->serial_number); 1109285242Sachim return; 1110285242Sachim } 1111285242Sachim 1112285242Sachim /* Check queue depth against max */ 1113285242Sachim qdepth = atomic_read(&ioerr_queue_count); 1114285242Sachim if (qdepth >= IOERR_QUEUE_DEPTH_MAX) { 1115285242Sachim printf("%s: Not queueing IO error due to queue full: %lu entries.\n", __FUNCTION__, qdepth); 1116285242Sachim return; 1117285242Sachim } 1118285242Sachim 1119285242Sachim /* Get a container for the ag_encrypt_ioerr_t item from the mempool */ 1120285242Sachim// perr = mempool_alloc(pCard->ioerr_mempool, GFP_ATOMIC); 1121285242Sachim p = (ag_encrypt_map_t *)uma_zalloc(pCard->map_cache, M_WAITOK); //Encryption 1122285242Sachim if (!perr) { 1123285242Sachim printf("%s: Mempool allocation failure.\n", __FUNCTION__); 1124285242Sachim return; 1125285242Sachim } 1126285242Sachim 1127285242Sachim /* Populate ag_encrypt_ioerr_t container */ 1128285242Sachim perr->ioerr.error_id = cmd->serial_number; 1129285242Sachim perr->ioerr.timestamp = cmd->jiffies_at_alloc; 1130285242Sachim perr->ioerr.host = (unsigned int) cmd->device->host->host_no; 1131285242Sachim perr->ioerr.channel = cmd->device->channel; 1132285242Sachim perr->ioerr.device = cmd->device->id; 1133285242Sachim perr->ioerr.lun = cmd->device->lun; 1134285242Sachim perr->ioerr.scsi_cmd = (unsigned int) cmd->cmnd[0]; 1135285242Sachim perr->ioerr.dek_index = pccb->tiSuperScsiRequest.Encrypt.dekInfo.dekIndex; 1136285242Sachim perr->ioerr.dek_table = pccb->tiSuperScsiRequest.Encrypt.dekInfo.dekTable; 1137285242Sachim perr->ioerr.kek_index = pccb->tiSuperScsiRequest.Encrypt.kekIndex; 1138285242Sachim perr->ioerr.keytag_check = pccb->tiSuperScsiRequest.Encrypt.keyTagCheck; 1139285242Sachim perr->ioerr.encrypt_mode = pccb->tiSuperScsiRequest.Encrypt.encryptMode; 1140285242Sachim perr->ioerr.keytag[0] = pccb->tiSuperScsiRequest.Encrypt.keyTag_W0; 1141285242Sachim perr->ioerr.keytag[1] = pccb->tiSuperScsiRequest.Encrypt.keyTag_W1; 1142285242Sachim 1143285242Sachim switch(pccb->scsiStatus) { 1144285242Sachim case tiDetailDekKeyCacheMiss: 1145285242Sachim case tiDetailDekIVMismatch: 1146285242Sachim perr->ioerr.error_type = pccb->scsiStatus; 1147285242Sachim break; 1148285242Sachim default: 1149285242Sachim printf("%s: Unrecognized encrypted IO completion error status: %d\n", __FUNCTION__, pccb->scsiStatus); 1150285242Sachim perr->ioerr.error_type = 0xffffffff; 1151285242Sachim break; 1152285242Sachim } 1153285242Sachim 1154285242Sachim /* Link IO err into queue */ 1155285242Sachim AG_SPIN_LOCK_IRQ(&pCard->ioerr_queue_lock, flags); 1156285242Sachim list_add_tail(&perr->list, &pCard->ioerr_queue); 1157285242Sachim AG_SPIN_UNLOCK_IRQ(&pCard->ioerr_queue_lock, flags); 1158285242Sachim 1159285242Sachim /* Notify any wait queue waiters that an IO error has occurred */ 1160285242Sachim atomic_inc(&ioerr_queue_count); 1161285242Sachim wake_up_interruptible(&ioerr_waitq); 1162285242Sachim 1163285242Sachim} 1164285242Sachim#endif 1165285242Sachim#endif 1166