1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26/* 27 * This file is part of the core Kernel Cryptographic Framework. 28 * It implements the SPI functions exported to cryptographic 29 * providers. 30 */ 31 32#include <sys/ksynch.h> 33#include <sys/cmn_err.h> 34#include <sys/ddi.h> 35#include <sys/sunddi.h> 36#include <sys/modctl.h> 37#include <sys/crypto/common.h> 38#include <sys/crypto/impl.h> 39#include <sys/crypto/sched_impl.h> 40#include <sys/crypto/spi.h> 41#include <sys/crypto/ioctladmin.h> 42#include <sys/taskq.h> 43#include <sys/disp.h> 44#include <sys/kstat.h> 45#include <sys/policy.h> 46#include <sys/cpuvar.h> 47 48/* 49 * minalloc and maxalloc values to be used for taskq_create(). 50 */ 51int crypto_taskq_threads = CRYPTO_TASKQ_THREADS; 52int crypto_taskq_minalloc = CYRPTO_TASKQ_MIN; 53int crypto_taskq_maxalloc = CRYPTO_TASKQ_MAX; 54 55static void remove_provider(kcf_provider_desc_t *); 56static void process_logical_providers(crypto_provider_info_t *, 57 kcf_provider_desc_t *); 58static int init_prov_mechs(crypto_provider_info_t *, kcf_provider_desc_t *); 59static int kcf_prov_kstat_update(kstat_t *, int); 60static void undo_register_provider_extra(kcf_provider_desc_t *); 61static void delete_kstat(kcf_provider_desc_t *); 62 63static kcf_prov_stats_t kcf_stats_ks_data_template = { 64 { "kcf_ops_total", KSTAT_DATA_UINT64 }, 65 { "kcf_ops_passed", KSTAT_DATA_UINT64 }, 66 { "kcf_ops_failed", KSTAT_DATA_UINT64 }, 67 { "kcf_ops_returned_busy", KSTAT_DATA_UINT64 } 68}; 69 70#define KCF_SPI_COPY_OPS(src, dst, ops) if ((src)->ops != NULL) \ 71 *((dst)->ops) = *((src)->ops); 72 73extern int sys_shutdown; 74 75/* 76 * Copy an ops vector from src to dst. Used during provider registration 77 * to copy the ops vector from the provider info structure to the 78 * provider descriptor maintained by KCF. 79 * Copying the ops vector specified by the provider is needed since the 80 * framework does not require the provider info structure to be 81 * persistent. 82 */ 83static void 84copy_ops_vector_v1(crypto_ops_t *src_ops, crypto_ops_t *dst_ops) 85{ 86 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_control_ops); 87 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_digest_ops); 88 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_cipher_ops); 89 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_mac_ops); 90 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_sign_ops); 91 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_verify_ops); 92 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_dual_ops); 93 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_dual_cipher_mac_ops); 94 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_random_ops); 95 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_session_ops); 96 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_object_ops); 97 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_key_ops); 98 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_provider_ops); 99 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_ctx_ops); 100} 101 102static void 103copy_ops_vector_v2(crypto_ops_t *src_ops, crypto_ops_t *dst_ops) 104{ 105 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_mech_ops); 106} 107 108static void 109copy_ops_vector_v3(crypto_ops_t *src_ops, crypto_ops_t *dst_ops) 110{ 111 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_nostore_key_ops); 112} 113 114static void 115copy_ops_vector_v4(crypto_ops_t *src_ops, crypto_ops_t *dst_ops) 116{ 117 KCF_SPI_COPY_OPS(src_ops, dst_ops, co_fips140_ops); 118} 119 120/* 121 * This routine is used to add cryptographic providers to the KEF framework. 122 * Providers pass a crypto_provider_info structure to crypto_register_provider() 123 * and get back a handle. The crypto_provider_info structure contains a 124 * list of mechanisms supported by the provider and an ops vector containing 125 * provider entry points. Hardware providers call this routine in their attach 126 * routines. Software providers call this routine in their _init() routine. 127 */ 128int 129crypto_register_provider(crypto_provider_info_t *info, 130 crypto_kcf_provider_handle_t *handle) 131{ 132 int need_fips140_verify, need_verify = 1; 133 struct modctl *mcp; 134 char *name; 135 char ks_name[KSTAT_STRLEN]; 136 kcf_provider_desc_t *prov_desc = NULL; 137 int ret = CRYPTO_ARGUMENTS_BAD; 138 139 if (info->pi_interface_version > CRYPTO_SPI_VERSION_4) { 140 ret = CRYPTO_VERSION_MISMATCH; 141 goto errormsg; 142 } 143 144 /* 145 * Check provider type, must be software, hardware, or logical. 146 */ 147 if (info->pi_provider_type != CRYPTO_HW_PROVIDER && 148 info->pi_provider_type != CRYPTO_SW_PROVIDER && 149 info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER) 150 goto errormsg; 151 152 /* 153 * Allocate and initialize a new provider descriptor. We also 154 * hold it and release it when done. 155 */ 156 prov_desc = kcf_alloc_provider_desc(info); 157 KCF_PROV_REFHOLD(prov_desc); 158 159 prov_desc->pd_prov_type = info->pi_provider_type; 160 161 /* provider-private handle, opaque to KCF */ 162 prov_desc->pd_prov_handle = info->pi_provider_handle; 163 164 /* copy provider description string */ 165 if (info->pi_provider_description != NULL) { 166 /* 167 * pi_provider_descriptor is a string that can contain 168 * up to CRYPTO_PROVIDER_DESCR_MAX_LEN + 1 characters 169 * INCLUDING the terminating null character. A bcopy() 170 * is necessary here as pd_description should not have 171 * a null character. See comments in kcf_alloc_provider_desc() 172 * for details on pd_description field. 173 */ 174 bcopy(info->pi_provider_description, prov_desc->pd_description, 175 min(strlen(info->pi_provider_description), 176 CRYPTO_PROVIDER_DESCR_MAX_LEN)); 177 } 178 179 if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER) { 180 if (info->pi_ops_vector == NULL) { 181 goto bail; 182 } 183 copy_ops_vector_v1(info->pi_ops_vector, 184 prov_desc->pd_ops_vector); 185 if (info->pi_interface_version >= CRYPTO_SPI_VERSION_2) { 186 copy_ops_vector_v2(info->pi_ops_vector, 187 prov_desc->pd_ops_vector); 188 prov_desc->pd_flags = info->pi_flags; 189 } 190 if (info->pi_interface_version >= CRYPTO_SPI_VERSION_3) { 191 copy_ops_vector_v3(info->pi_ops_vector, 192 prov_desc->pd_ops_vector); 193 } 194 if (info->pi_interface_version == CRYPTO_SPI_VERSION_4) { 195 copy_ops_vector_v4(info->pi_ops_vector, 196 prov_desc->pd_ops_vector); 197 } 198 } 199 200 /* object_ops and nostore_key_ops are mutually exclusive */ 201 if (prov_desc->pd_ops_vector->co_object_ops && 202 prov_desc->pd_ops_vector->co_nostore_key_ops) { 203 goto bail; 204 } 205 /* 206 * For software providers, copy the module name and module ID. 207 * For hardware providers, copy the driver name and instance. 208 */ 209 switch (info->pi_provider_type) { 210 case CRYPTO_SW_PROVIDER: 211 if (info->pi_provider_dev.pd_sw == NULL) 212 goto bail; 213 214 if ((mcp = mod_getctl(info->pi_provider_dev.pd_sw)) == NULL) 215 goto bail; 216 217 prov_desc->pd_module_id = mcp->mod_id; 218 name = mcp->mod_modname; 219 break; 220 221 case CRYPTO_HW_PROVIDER: 222 case CRYPTO_LOGICAL_PROVIDER: 223 if (info->pi_provider_dev.pd_hw == NULL) 224 goto bail; 225 226 prov_desc->pd_instance = 227 ddi_get_instance(info->pi_provider_dev.pd_hw); 228 name = (char *)ddi_driver_name(info->pi_provider_dev.pd_hw); 229 break; 230 } 231 if (name == NULL) 232 goto bail; 233 234 prov_desc->pd_name = kmem_alloc(strlen(name) + 1, KM_SLEEP); 235 (void) strcpy(prov_desc->pd_name, name); 236 237 if ((prov_desc->pd_mctlp = kcf_get_modctl(info)) == NULL) 238 goto bail; 239 240 /* process the mechanisms supported by the provider */ 241 if ((ret = init_prov_mechs(info, prov_desc)) != CRYPTO_SUCCESS) 242 goto bail; 243 244 /* 245 * Add provider to providers tables, also sets the descriptor 246 * pd_prov_id field. 247 */ 248 if ((ret = kcf_prov_tab_add_provider(prov_desc)) != CRYPTO_SUCCESS) { 249 undo_register_provider(prov_desc, B_FALSE); 250 goto bail; 251 } 252 253 if ((need_verify = kcf_need_signature_verification(prov_desc)) == -1) { 254 undo_register_provider(prov_desc, B_TRUE); 255 ret = CRYPTO_MODVERIFICATION_FAILED; 256 goto bail; 257 } 258 259 if ((need_fips140_verify = 260 kcf_need_fips140_verification(prov_desc)) == -1) { 261 mutex_enter(&prov_desc->pd_lock); 262 prov_desc->pd_state = KCF_PROV_VERIFICATION_FAILED; 263 mutex_exit(&prov_desc->pd_lock); 264 ret = CRYPTO_FIPS140_ERROR; 265 goto bail; 266 } 267 268 /* 269 * We create a taskq only for a hardware provider. The global 270 * software queue is used for software providers. We handle ordering 271 * of multi-part requests in the taskq routine. So, it is safe to 272 * have multiple threads for the taskq. We pass TASKQ_PREPOPULATE flag 273 * to keep some entries cached to improve performance. 274 */ 275 if (prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER) 276 prov_desc->pd_taskq = taskq_create("kcf_taskq", 277 crypto_taskq_threads, minclsyspri, 278 crypto_taskq_minalloc, crypto_taskq_maxalloc, 279 TASKQ_PREPOPULATE); 280 else 281 prov_desc->pd_taskq = NULL; 282 283 /* no kernel session to logical providers and no pd_flags */ 284 if (prov_desc->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) { 285 /* 286 * Open a session for session-oriented providers. This session 287 * is used for all kernel consumers. This is fine as a provider 288 * is required to support multiple thread access to a session. 289 * We can do this only after the taskq has been created as we 290 * do a kcf_submit_request() to open the session. 291 */ 292 if (KCF_PROV_SESSION_OPS(prov_desc) != NULL) { 293 kcf_req_params_t params; 294 295 KCF_WRAP_SESSION_OPS_PARAMS(¶ms, 296 KCF_OP_SESSION_OPEN, &prov_desc->pd_sid, 0, 297 CRYPTO_USER, NULL, 0, prov_desc); 298 ret = kcf_submit_request(prov_desc, NULL, NULL, ¶ms, 299 B_FALSE); 300 if (ret != CRYPTO_SUCCESS) 301 goto undo_then_bail; 302 } 303 304 /* 305 * Get the value for the maximum input length allowed if 306 * CRYPTO_HASH_NO_UPDATE or CRYPTO_HASH_NO_UPDATE is specified. 307 */ 308 if (prov_desc->pd_flags & 309 (CRYPTO_HASH_NO_UPDATE | CRYPTO_HMAC_NO_UPDATE)) { 310 kcf_req_params_t params; 311 crypto_provider_ext_info_t ext_info; 312 313 if (KCF_PROV_PROVMGMT_OPS(prov_desc) == NULL) 314 goto undo_then_bail; 315 316 bzero(&ext_info, sizeof (ext_info)); 317 KCF_WRAP_PROVMGMT_OPS_PARAMS(¶ms, 318 KCF_OP_MGMT_EXTINFO, 319 0, NULL, 0, NULL, 0, NULL, &ext_info, prov_desc); 320 ret = kcf_submit_request(prov_desc, NULL, NULL, 321 ¶ms, B_FALSE); 322 if (ret != CRYPTO_SUCCESS) 323 goto undo_then_bail; 324 325 if (prov_desc->pd_flags & CRYPTO_HASH_NO_UPDATE) { 326 prov_desc->pd_hash_limit = 327 ext_info.ei_hash_max_input_len; 328 } 329 if (prov_desc->pd_flags & CRYPTO_HMAC_NO_UPDATE) { 330 prov_desc->pd_hmac_limit = 331 ext_info.ei_hmac_max_input_len; 332 } 333 } 334 } 335 336 if (prov_desc->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) { 337 /* 338 * Create the kstat for this provider. There is a kstat 339 * installed for each successfully registered provider. 340 * This kstat is deleted, when the provider unregisters. 341 */ 342 if (prov_desc->pd_prov_type == CRYPTO_SW_PROVIDER) { 343 (void) snprintf(ks_name, KSTAT_STRLEN, "%s_%s", 344 prov_desc->pd_name, "provider_stats"); 345 } else { 346 (void) snprintf(ks_name, KSTAT_STRLEN, "%s_%d_%u_%s", 347 prov_desc->pd_name, prov_desc->pd_instance, 348 prov_desc->pd_prov_id, "provider_stats"); 349 } 350 351 prov_desc->pd_kstat = kstat_create("kcf", 0, ks_name, "crypto", 352 KSTAT_TYPE_NAMED, sizeof (kcf_prov_stats_t) / 353 sizeof (kstat_named_t), KSTAT_FLAG_VIRTUAL); 354 355 if (prov_desc->pd_kstat != NULL) { 356 bcopy(&kcf_stats_ks_data_template, 357 &prov_desc->pd_ks_data, 358 sizeof (kcf_stats_ks_data_template)); 359 prov_desc->pd_kstat->ks_data = &prov_desc->pd_ks_data; 360 KCF_PROV_REFHOLD(prov_desc); 361 prov_desc->pd_kstat->ks_private = prov_desc; 362 prov_desc->pd_kstat->ks_update = kcf_prov_kstat_update; 363 kstat_install(prov_desc->pd_kstat); 364 } 365 } 366 367 if (prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER) 368 process_logical_providers(info, prov_desc); 369 370 /* This provider needs to wait until we know the FIPS 140 status */ 371 if (need_fips140_verify == 1) { 372 mutex_enter(&prov_desc->pd_lock); 373 prov_desc->pd_state = KCF_PROV_UNVERIFIED_FIPS140; 374 mutex_exit(&prov_desc->pd_lock); 375 goto exit; 376 } 377 378 /* This provider needs to have the signature verified */ 379 if (need_verify == 1) { 380 mutex_enter(&prov_desc->pd_lock); 381 prov_desc->pd_state = KCF_PROV_UNVERIFIED; 382 mutex_exit(&prov_desc->pd_lock); 383 384 /* kcf_verify_signature routine will release this hold */ 385 KCF_PROV_REFHOLD(prov_desc); 386 387 if (prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER) { 388 /* 389 * It is not safe to make the door upcall to kcfd from 390 * this context since the kcfd thread could reenter 391 * devfs. So, we dispatch a taskq job to do the 392 * verification and return to the provider. 393 */ 394 (void) taskq_dispatch(system_taskq, 395 kcf_verify_signature, (void *)prov_desc, TQ_SLEEP); 396 } else if (prov_desc->pd_prov_type == CRYPTO_SW_PROVIDER) { 397 kcf_verify_signature(prov_desc); 398 if (prov_desc->pd_state == 399 KCF_PROV_VERIFICATION_FAILED) { 400 undo_register_provider_extra(prov_desc); 401 ret = CRYPTO_MODVERIFICATION_FAILED; 402 goto bail; 403 } 404 } 405 } else { 406 mutex_enter(&prov_desc->pd_lock); 407 prov_desc->pd_state = KCF_PROV_READY; 408 mutex_exit(&prov_desc->pd_lock); 409 kcf_do_notify(prov_desc, B_TRUE); 410 } 411 412exit: 413 *handle = prov_desc->pd_kcf_prov_handle; 414 KCF_PROV_REFRELE(prov_desc); 415 return (CRYPTO_SUCCESS); 416 417undo_then_bail: 418 undo_register_provider(prov_desc, B_TRUE); 419 ret = CRYPTO_FAILED; 420bail: 421 KCF_PROV_REFRELE(prov_desc); 422 423errormsg: 424 if (ret != CRYPTO_SUCCESS && sys_shutdown == 0) { 425 switch (ret) { 426 case CRYPTO_FAILED: 427 cmn_err(CE_WARN, "%s failed when registering with the " 428 "Cryptographic Framework.", 429 info->pi_provider_description); 430 break; 431 432 case CRYPTO_MODVERIFICATION_FAILED: 433 cmn_err(CE_WARN, "%s failed module verification when " 434 "registering with the Cryptographic Framework.", 435 info->pi_provider_description); 436 break; 437 438 case CRYPTO_ARGUMENTS_BAD: 439 cmn_err(CE_WARN, "%s provided bad arguments and was " 440 "not registered with the Cryptographic Framework.", 441 info->pi_provider_description); 442 break; 443 444 case CRYPTO_VERSION_MISMATCH: 445 cmn_err(CE_WARN, "%s was not registered with the " 446 "Cryptographic Framework as there is a SPI version " 447 "mismatch (%d) error.", 448 info->pi_provider_description, 449 info->pi_interface_version); 450 break; 451 452 case CRYPTO_FIPS140_ERROR: 453 cmn_err(CE_WARN, "%s was not registered with the " 454 "Cryptographic Framework as there was a FIPS 140 " 455 "validation error.", info->pi_provider_description); 456 break; 457 458 default: 459 cmn_err(CE_WARN, "%s did not register with the " 460 "Cryptographic Framework. (0x%x)", 461 info->pi_provider_description, ret); 462 }; 463 } 464 465 return (ret); 466} 467 468/* Return the number of holds on a provider. */ 469int 470kcf_get_refcnt(kcf_provider_desc_t *pd, boolean_t do_lock) 471{ 472 int i; 473 int refcnt = 0; 474 475 if (do_lock) 476 for (i = 0; i < pd->pd_nbins; i++) 477 mutex_enter(&(pd->pd_percpu_bins[i].kp_lock)); 478 479 for (i = 0; i < pd->pd_nbins; i++) 480 refcnt += pd->pd_percpu_bins[i].kp_holdcnt; 481 482 if (do_lock) 483 for (i = 0; i < pd->pd_nbins; i++) 484 mutex_exit(&(pd->pd_percpu_bins[i].kp_lock)); 485 486 return (refcnt); 487} 488 489/* 490 * This routine is used to notify the framework when a provider is being 491 * removed. Hardware providers call this routine in their detach routines. 492 * Software providers call this routine in their _fini() routine. 493 */ 494int 495crypto_unregister_provider(crypto_kcf_provider_handle_t handle) 496{ 497 uint_t mech_idx; 498 kcf_provider_desc_t *desc; 499 kcf_prov_state_t saved_state; 500 int ret = CRYPTO_SUCCESS; 501 502 /* lookup provider descriptor */ 503 if ((desc = kcf_prov_tab_lookup((crypto_provider_id_t)handle)) == 504 NULL) { 505 ret = CRYPTO_UNKNOWN_PROVIDER; 506 goto errormsg; 507 } 508 509 mutex_enter(&desc->pd_lock); 510 /* 511 * Check if any other thread is disabling or removing 512 * this provider. We return if this is the case. 513 */ 514 if (desc->pd_state >= KCF_PROV_DISABLED) { 515 mutex_exit(&desc->pd_lock); 516 /* Release reference held by kcf_prov_tab_lookup(). */ 517 KCF_PROV_REFRELE(desc); 518 ret = CRYPTO_BUSY; 519 goto errormsg; 520 } 521 522 saved_state = desc->pd_state; 523 desc->pd_state = KCF_PROV_UNREGISTERING; 524 525 if (saved_state == KCF_PROV_BUSY) { 526 /* 527 * The per-provider taskq threads may be waiting. We 528 * signal them so that they can start failing requests. 529 */ 530 cv_broadcast(&desc->pd_resume_cv); 531 } 532 533 mutex_exit(&desc->pd_lock); 534 535 if (desc->pd_prov_type != CRYPTO_SW_PROVIDER) { 536 remove_provider(desc); 537 } 538 539 if (desc->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) { 540 /* remove the provider from the mechanisms tables */ 541 for (mech_idx = 0; mech_idx < desc->pd_mech_list_count; 542 mech_idx++) { 543 kcf_remove_mech_provider( 544 desc->pd_mechanisms[mech_idx].cm_mech_name, desc); 545 } 546 } 547 548 /* remove provider from providers table */ 549 if (kcf_prov_tab_rem_provider((crypto_provider_id_t)handle) != 550 CRYPTO_SUCCESS) { 551 /* Release reference held by kcf_prov_tab_lookup(). */ 552 KCF_PROV_REFRELE(desc); 553 ret = CRYPTO_UNKNOWN_PROVIDER; 554 goto errormsg; 555 } 556 557 delete_kstat(desc); 558 559 if (desc->pd_prov_type == CRYPTO_SW_PROVIDER) { 560 /* 561 * Wait till the existing requests with the provider complete 562 * and all the holds are released. All the holds on a software 563 * provider are from kernel clients and the hold time 564 * is expected to be short. So, we won't be stuck here forever. 565 */ 566 while (kcf_get_refcnt(desc, B_TRUE) > 1) { 567 /* wait 1 second and try again. */ 568 delay(1 * drv_usectohz(1000000)); 569 } 570 } else { 571 int i; 572 kcf_prov_cpu_t *mp; 573 574 /* 575 * Wait until requests that have been sent to the provider 576 * complete. 577 */ 578 for (i = 0; i < desc->pd_nbins; i++) { 579 mp = &(desc->pd_percpu_bins[i]); 580 581 mutex_enter(&mp->kp_lock); 582 while (mp->kp_jobcnt > 0) { 583 cv_wait(&mp->kp_cv, &mp->kp_lock); 584 } 585 mutex_exit(&mp->kp_lock); 586 } 587 } 588 589 mutex_enter(&desc->pd_lock); 590 desc->pd_state = KCF_PROV_UNREGISTERED; 591 mutex_exit(&desc->pd_lock); 592 593 kcf_do_notify(desc, B_FALSE); 594 595 mutex_enter(&prov_tab_mutex); 596 /* Release reference held by kcf_prov_tab_lookup(). */ 597 KCF_PROV_REFRELE(desc); 598 599 if (kcf_get_refcnt(desc, B_TRUE) == 0) { 600 /* kcf_free_provider_desc drops prov_tab_mutex */ 601 kcf_free_provider_desc(desc); 602 } else { 603 ASSERT(desc->pd_prov_type != CRYPTO_SW_PROVIDER); 604 /* 605 * We could avoid this if /dev/crypto can proactively 606 * remove any holds on us from a dormant PKCS #11 app. 607 * For now, we check the provider table for 608 * KCF_PROV_UNREGISTERED entries when a provider is 609 * added to the table or when a provider is removed from it 610 * and free them when refcnt reaches zero. 611 */ 612 kcf_need_provtab_walk = B_TRUE; 613 mutex_exit(&prov_tab_mutex); 614 } 615 616errormsg: 617 if (ret != CRYPTO_SUCCESS && sys_shutdown == 0) { 618 switch (ret) { 619 case CRYPTO_UNKNOWN_PROVIDER: 620 cmn_err(CE_WARN, "Unknown provider \"%s\" was " 621 "requested to unregister from the cryptographic " 622 "framework.", desc->pd_description); 623 break; 624 625 case CRYPTO_BUSY: 626 cmn_err(CE_WARN, "%s could not be unregistered from " 627 "the Cryptographic Framework as it is busy.", 628 desc->pd_description); 629 break; 630 631 default: 632 cmn_err(CE_WARN, "%s did not unregister with the " 633 "Cryptographic Framework. (0x%x)", 634 desc->pd_description, ret); 635 }; 636 } 637 638 return (ret); 639} 640 641/* 642 * This routine is used to notify the framework that the state of 643 * a cryptographic provider has changed. Valid state codes are: 644 * 645 * CRYPTO_PROVIDER_READY 646 * The provider indicates that it can process more requests. A provider 647 * will notify with this event if it previously has notified us with a 648 * CRYPTO_PROVIDER_BUSY. 649 * 650 * CRYPTO_PROVIDER_BUSY 651 * The provider can not take more requests. 652 * 653 * CRYPTO_PROVIDER_FAILED 654 * The provider encountered an internal error. The framework will not 655 * be sending any more requests to the provider. The provider may notify 656 * with a CRYPTO_PROVIDER_READY, if it is able to recover from the error. 657 * 658 * This routine can be called from user or interrupt context. 659 */ 660void 661crypto_provider_notification(crypto_kcf_provider_handle_t handle, uint_t state) 662{ 663 kcf_provider_desc_t *pd; 664 665 /* lookup the provider from the given handle */ 666 if ((pd = kcf_prov_tab_lookup((crypto_provider_id_t)handle)) == NULL) 667 return; 668 669 mutex_enter(&pd->pd_lock); 670 671 if (pd->pd_state <= KCF_PROV_VERIFICATION_FAILED) 672 goto out; 673 674 if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 675 cmn_err(CE_WARN, "crypto_provider_notification: " 676 "logical provider (%x) ignored\n", handle); 677 goto out; 678 } 679 switch (state) { 680 case CRYPTO_PROVIDER_READY: 681 switch (pd->pd_state) { 682 case KCF_PROV_BUSY: 683 pd->pd_state = KCF_PROV_READY; 684 /* 685 * Signal the per-provider taskq threads that they 686 * can start submitting requests. 687 */ 688 cv_broadcast(&pd->pd_resume_cv); 689 break; 690 691 case KCF_PROV_FAILED: 692 /* 693 * The provider recovered from the error. Let us 694 * use it now. 695 */ 696 pd->pd_state = KCF_PROV_READY; 697 break; 698 } 699 break; 700 701 case CRYPTO_PROVIDER_BUSY: 702 switch (pd->pd_state) { 703 case KCF_PROV_READY: 704 pd->pd_state = KCF_PROV_BUSY; 705 break; 706 } 707 break; 708 709 case CRYPTO_PROVIDER_FAILED: 710 /* 711 * We note the failure and return. The per-provider taskq 712 * threads check this flag and start failing the 713 * requests, if it is set. See process_req_hwp() for details. 714 */ 715 switch (pd->pd_state) { 716 case KCF_PROV_READY: 717 pd->pd_state = KCF_PROV_FAILED; 718 break; 719 720 case KCF_PROV_BUSY: 721 pd->pd_state = KCF_PROV_FAILED; 722 /* 723 * The per-provider taskq threads may be waiting. We 724 * signal them so that they can start failing requests. 725 */ 726 cv_broadcast(&pd->pd_resume_cv); 727 break; 728 } 729 break; 730 } 731out: 732 mutex_exit(&pd->pd_lock); 733 KCF_PROV_REFRELE(pd); 734} 735 736/* 737 * This routine is used to notify the framework the result of 738 * an asynchronous request handled by a provider. Valid error 739 * codes are the same as the CRYPTO_* errors defined in common.h. 740 * 741 * This routine can be called from user or interrupt context. 742 */ 743void 744crypto_op_notification(crypto_req_handle_t handle, int error) 745{ 746 kcf_call_type_t ctype; 747 748 if (handle == NULL) 749 return; 750 751 if ((ctype = GET_REQ_TYPE(handle)) == CRYPTO_SYNCH) { 752 kcf_sreq_node_t *sreq = (kcf_sreq_node_t *)handle; 753 754 KCF_PROV_JOB_RELE_STAT(sreq->sn_mp, (error != CRYPTO_SUCCESS)); 755 kcf_sop_done(sreq, error); 756 } else { 757 kcf_areq_node_t *areq = (kcf_areq_node_t *)handle; 758 759 ASSERT(ctype == CRYPTO_ASYNCH); 760 KCF_PROV_JOB_RELE_STAT(areq->an_mp, (error != CRYPTO_SUCCESS)); 761 kcf_aop_done(areq, error); 762 } 763} 764 765/* 766 * This routine is used by software providers to determine 767 * whether to use KM_SLEEP or KM_NOSLEEP during memory allocation. 768 * Note that hardware providers can always use KM_SLEEP. So, 769 * they do not need to call this routine. 770 * 771 * This routine can be called from user or interrupt context. 772 */ 773int 774crypto_kmflag(crypto_req_handle_t handle) 775{ 776 return (REQHNDL2_KMFLAG(handle)); 777} 778 779/* 780 * Process the mechanism info structures specified by the provider 781 * during registration. A NULL crypto_provider_info_t indicates 782 * an already initialized provider descriptor. 783 * 784 * Mechanisms are not added to the kernel's mechanism table if the 785 * provider is a logical provider. 786 * 787 * Returns CRYPTO_SUCCESS on success, CRYPTO_ARGUMENTS if one 788 * of the specified mechanisms was malformed, or CRYPTO_HOST_MEMORY 789 * if the table of mechanisms is full. 790 */ 791static int 792init_prov_mechs(crypto_provider_info_t *info, kcf_provider_desc_t *desc) 793{ 794 uint_t mech_idx; 795 uint_t cleanup_idx; 796 int err = CRYPTO_SUCCESS; 797 kcf_prov_mech_desc_t *pmd; 798 int desc_use_count = 0; 799 int mcount = desc->pd_mech_list_count; 800 801 if (desc->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 802 if (info != NULL) { 803 ASSERT(info->pi_mechanisms != NULL); 804 bcopy(info->pi_mechanisms, desc->pd_mechanisms, 805 sizeof (crypto_mech_info_t) * mcount); 806 } 807 return (CRYPTO_SUCCESS); 808 } 809 810 /* 811 * Copy the mechanism list from the provider info to the provider 812 * descriptor. desc->pd_mechanisms has an extra crypto_mech_info_t 813 * element if the provider has random_ops since we keep an internal 814 * mechanism, SUN_RANDOM, in this case. 815 */ 816 if (info != NULL) { 817 if (info->pi_ops_vector->co_random_ops != NULL) { 818 crypto_mech_info_t *rand_mi; 819 820 /* 821 * Need the following check as it is possible to have 822 * a provider that implements just random_ops and has 823 * pi_mechanisms == NULL. 824 */ 825 if (info->pi_mechanisms != NULL) { 826 bcopy(info->pi_mechanisms, desc->pd_mechanisms, 827 sizeof (crypto_mech_info_t) * (mcount - 1)); 828 } 829 rand_mi = &desc->pd_mechanisms[mcount - 1]; 830 831 bzero(rand_mi, sizeof (crypto_mech_info_t)); 832 (void) strncpy(rand_mi->cm_mech_name, SUN_RANDOM, 833 CRYPTO_MAX_MECH_NAME); 834 rand_mi->cm_func_group_mask = CRYPTO_FG_RANDOM; 835 } else { 836 ASSERT(info->pi_mechanisms != NULL); 837 bcopy(info->pi_mechanisms, desc->pd_mechanisms, 838 sizeof (crypto_mech_info_t) * mcount); 839 } 840 } 841 842 /* 843 * For each mechanism support by the provider, add the provider 844 * to the corresponding KCF mechanism mech_entry chain. 845 */ 846 for (mech_idx = 0; mech_idx < desc->pd_mech_list_count; mech_idx++) { 847 crypto_mech_info_t *mi = &desc->pd_mechanisms[mech_idx]; 848 849 if ((mi->cm_mech_flags & CRYPTO_KEYSIZE_UNIT_IN_BITS) && 850 (mi->cm_mech_flags & CRYPTO_KEYSIZE_UNIT_IN_BYTES)) { 851 err = CRYPTO_ARGUMENTS_BAD; 852 break; 853 } 854 855 if ((err = kcf_add_mech_provider(mech_idx, desc, &pmd)) != 856 KCF_SUCCESS) 857 break; 858 859 if (pmd == NULL) 860 continue; 861 862 /* The provider will be used for this mechanism */ 863 desc_use_count++; 864 } 865 866 /* 867 * Don't allow multiple software providers with disabled mechanisms 868 * to register. Subsequent enabling of mechanisms will result in 869 * an unsupported configuration, i.e. multiple software providers 870 * per mechanism. 871 */ 872 if (desc_use_count == 0 && desc->pd_prov_type == CRYPTO_SW_PROVIDER) 873 return (CRYPTO_ARGUMENTS_BAD); 874 875 if (err == KCF_SUCCESS) 876 return (CRYPTO_SUCCESS); 877 878 /* 879 * An error occurred while adding the mechanism, cleanup 880 * and bail. 881 */ 882 for (cleanup_idx = 0; cleanup_idx < mech_idx; cleanup_idx++) { 883 kcf_remove_mech_provider( 884 desc->pd_mechanisms[cleanup_idx].cm_mech_name, desc); 885 } 886 887 if (err == KCF_MECH_TAB_FULL) 888 return (CRYPTO_HOST_MEMORY); 889 890 return (CRYPTO_ARGUMENTS_BAD); 891} 892 893/* 894 * Update routine for kstat. Only privileged users are allowed to 895 * access this information, since this information is sensitive. 896 * There are some cryptographic attacks (e.g. traffic analysis) 897 * which can use this information. 898 */ 899static int 900kcf_prov_kstat_update(kstat_t *ksp, int rw) 901{ 902 kcf_prov_stats_t *ks_data; 903 kcf_provider_desc_t *pd = (kcf_provider_desc_t *)ksp->ks_private; 904 int i; 905 906 if (rw == KSTAT_WRITE) 907 return (EACCES); 908 909 ks_data = ksp->ks_data; 910 911 if (secpolicy_sys_config(CRED(), B_TRUE) != 0) { 912 ks_data->ps_ops_total.value.ui64 = 0; 913 ks_data->ps_ops_passed.value.ui64 = 0; 914 ks_data->ps_ops_failed.value.ui64 = 0; 915 ks_data->ps_ops_busy_rval.value.ui64 = 0; 916 } else { 917 uint64_t dtotal, ftotal, btotal; 918 919 dtotal = ftotal = btotal = 0; 920 /* No locking done since an exact count is not required. */ 921 for (i = 0; i < pd->pd_nbins; i++) { 922 dtotal += pd->pd_percpu_bins[i].kp_ndispatches; 923 ftotal += pd->pd_percpu_bins[i].kp_nfails; 924 btotal += pd->pd_percpu_bins[i].kp_nbusy_rval; 925 } 926 927 ks_data->ps_ops_total.value.ui64 = dtotal; 928 ks_data->ps_ops_failed.value.ui64 = ftotal; 929 ks_data->ps_ops_busy_rval.value.ui64 = btotal; 930 ks_data->ps_ops_passed.value.ui64 = dtotal - ftotal - btotal; 931 } 932 933 return (0); 934} 935 936 937/* 938 * Utility routine called from failure paths in crypto_register_provider() 939 * and from crypto_load_soft_disabled(). 940 */ 941void 942undo_register_provider(kcf_provider_desc_t *desc, boolean_t remove_prov) 943{ 944 uint_t mech_idx; 945 946 /* remove the provider from the mechanisms tables */ 947 for (mech_idx = 0; mech_idx < desc->pd_mech_list_count; 948 mech_idx++) { 949 kcf_remove_mech_provider( 950 desc->pd_mechanisms[mech_idx].cm_mech_name, desc); 951 } 952 953 /* remove provider from providers table */ 954 if (remove_prov) 955 (void) kcf_prov_tab_rem_provider(desc->pd_prov_id); 956} 957 958static void 959undo_register_provider_extra(kcf_provider_desc_t *desc) 960{ 961 delete_kstat(desc); 962 undo_register_provider(desc, B_TRUE); 963} 964 965/* 966 * Utility routine called from crypto_load_soft_disabled(). Callers 967 * should have done a prior undo_register_provider(). 968 */ 969void 970redo_register_provider(kcf_provider_desc_t *pd) 971{ 972 /* process the mechanisms supported by the provider */ 973 (void) init_prov_mechs(NULL, pd); 974 975 /* 976 * Hold provider in providers table. We should not call 977 * kcf_prov_tab_add_provider() here as the provider descriptor 978 * is still valid which means it has an entry in the provider 979 * table. 980 */ 981 KCF_PROV_REFHOLD(pd); 982} 983 984/* 985 * Add provider (p1) to another provider's array of providers (p2). 986 * Hardware and logical providers use this array to cross-reference 987 * each other. 988 */ 989static void 990add_provider_to_array(kcf_provider_desc_t *p1, kcf_provider_desc_t *p2) 991{ 992 kcf_provider_list_t *new; 993 994 new = kmem_alloc(sizeof (kcf_provider_list_t), KM_SLEEP); 995 mutex_enter(&p2->pd_lock); 996 new->pl_next = p2->pd_provider_list; 997 p2->pd_provider_list = new; 998 new->pl_provider = p1; 999 mutex_exit(&p2->pd_lock); 1000} 1001 1002/* 1003 * Remove provider (p1) from another provider's array of providers (p2). 1004 * Hardware and logical providers use this array to cross-reference 1005 * each other. 1006 */ 1007static void 1008remove_provider_from_array(kcf_provider_desc_t *p1, kcf_provider_desc_t *p2) 1009{ 1010 1011 kcf_provider_list_t *pl = NULL, **prev; 1012 1013 mutex_enter(&p2->pd_lock); 1014 for (pl = p2->pd_provider_list, prev = &p2->pd_provider_list; 1015 pl != NULL; prev = &pl->pl_next, pl = pl->pl_next) { 1016 if (pl->pl_provider == p1) { 1017 break; 1018 } 1019 } 1020 1021 if (p1 == NULL) { 1022 mutex_exit(&p2->pd_lock); 1023 return; 1024 } 1025 1026 /* detach and free kcf_provider_list structure */ 1027 *prev = pl->pl_next; 1028 kmem_free(pl, sizeof (*pl)); 1029 mutex_exit(&p2->pd_lock); 1030} 1031 1032/* 1033 * Convert an array of logical provider handles (crypto_provider_id) 1034 * stored in a crypto_provider_info structure into an array of provider 1035 * descriptors (kcf_provider_desc_t) attached to a logical provider. 1036 */ 1037static void 1038process_logical_providers(crypto_provider_info_t *info, kcf_provider_desc_t *hp) 1039{ 1040 kcf_provider_desc_t *lp; 1041 crypto_provider_id_t handle; 1042 int count = info->pi_logical_provider_count; 1043 int i; 1044 1045 /* add hardware provider to each logical provider */ 1046 for (i = 0; i < count; i++) { 1047 handle = info->pi_logical_providers[i]; 1048 lp = kcf_prov_tab_lookup((crypto_provider_id_t)handle); 1049 if (lp == NULL) { 1050 continue; 1051 } 1052 add_provider_to_array(hp, lp); 1053 hp->pd_flags |= KCF_LPROV_MEMBER; 1054 1055 /* 1056 * A hardware provider has to have the provider descriptor of 1057 * every logical provider it belongs to, so it can be removed 1058 * from the logical provider if the hardware provider 1059 * unregisters from the framework. 1060 */ 1061 add_provider_to_array(lp, hp); 1062 KCF_PROV_REFRELE(lp); 1063 } 1064} 1065 1066/* 1067 * This routine removes a provider from all of the logical or 1068 * hardware providers it belongs to, and frees the provider's 1069 * array of pointers to providers. 1070 */ 1071static void 1072remove_provider(kcf_provider_desc_t *pp) 1073{ 1074 kcf_provider_desc_t *p; 1075 kcf_provider_list_t *e, *next; 1076 1077 mutex_enter(&pp->pd_lock); 1078 for (e = pp->pd_provider_list; e != NULL; e = next) { 1079 p = e->pl_provider; 1080 remove_provider_from_array(pp, p); 1081 if (p->pd_prov_type == CRYPTO_HW_PROVIDER && 1082 p->pd_provider_list == NULL) 1083 p->pd_flags &= ~KCF_LPROV_MEMBER; 1084 next = e->pl_next; 1085 kmem_free(e, sizeof (*e)); 1086 } 1087 pp->pd_provider_list = NULL; 1088 mutex_exit(&pp->pd_lock); 1089} 1090 1091/* 1092 * Dispatch events as needed for a provider. is_added flag tells 1093 * whether the provider is registering or unregistering. 1094 */ 1095void 1096kcf_do_notify(kcf_provider_desc_t *prov_desc, boolean_t is_added) 1097{ 1098 int i; 1099 crypto_notify_event_change_t ec; 1100 1101 ASSERT(prov_desc->pd_state > KCF_PROV_VERIFICATION_FAILED); 1102 1103 /* 1104 * Inform interested clients of the mechanisms becoming 1105 * available/unavailable. We skip this for logical providers 1106 * as they do not affect mechanisms. 1107 */ 1108 if (prov_desc->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) { 1109 ec.ec_provider_type = prov_desc->pd_prov_type; 1110 ec.ec_change = is_added ? CRYPTO_MECH_ADDED : 1111 CRYPTO_MECH_REMOVED; 1112 for (i = 0; i < prov_desc->pd_mech_list_count; i++) { 1113 /* Skip any mechanisms not allowed by the policy */ 1114 if (is_mech_disabled(prov_desc, 1115 prov_desc->pd_mechanisms[i].cm_mech_name)) 1116 continue; 1117 1118 (void) strncpy(ec.ec_mech_name, 1119 prov_desc->pd_mechanisms[i].cm_mech_name, 1120 CRYPTO_MAX_MECH_NAME); 1121 kcf_walk_ntfylist(CRYPTO_EVENT_MECHS_CHANGED, &ec); 1122 } 1123 1124 } 1125 1126 /* 1127 * Inform interested clients about the new or departing provider. 1128 * In case of a logical provider, we need to notify the event only 1129 * for the logical provider and not for the underlying 1130 * providers which are known by the KCF_LPROV_MEMBER bit. 1131 */ 1132 if (prov_desc->pd_prov_type == CRYPTO_LOGICAL_PROVIDER || 1133 (prov_desc->pd_flags & KCF_LPROV_MEMBER) == 0) { 1134 kcf_walk_ntfylist(is_added ? CRYPTO_EVENT_PROVIDER_REGISTERED : 1135 CRYPTO_EVENT_PROVIDER_UNREGISTERED, prov_desc); 1136 } 1137} 1138 1139static void 1140delete_kstat(kcf_provider_desc_t *desc) 1141{ 1142 /* destroy the kstat created for this provider */ 1143 if (desc->pd_kstat != NULL) { 1144 kcf_provider_desc_t *kspd = desc->pd_kstat->ks_private; 1145 1146 /* release reference held by desc->pd_kstat->ks_private */ 1147 ASSERT(desc == kspd); 1148 kstat_delete(kspd->pd_kstat); 1149 desc->pd_kstat = NULL; 1150 KCF_PROV_REFRELE(kspd); 1151 } 1152} 1153