Changeset View
Changeset View
Standalone View
Standalone View
sys/contrib/openzfs/module/os/freebsd/zfs/crypto_os.c
Show First 20 Lines • Show All 191 Lines • ▼ Show 20 Lines | |||||
#endif | #endif | ||||
} | } | ||||
return (error); | return (error); | ||||
} | } | ||||
static void | static void | ||||
freebsd_crypt_uio_debug_log(boolean_t encrypt, | freebsd_crypt_uio_debug_log(boolean_t encrypt, | ||||
freebsd_crypt_session_t *input_sessionp, | freebsd_crypt_session_t *input_sessionp, | ||||
struct zio_crypt_info *c_info, | struct zio_crypt_info *c_info, | ||||
uio_t *data_uio, | zfs_uio_t *data_uio, | ||||
crypto_key_t *key, | crypto_key_t *key, | ||||
uint8_t *ivbuf, | uint8_t *ivbuf, | ||||
size_t datalen, | size_t datalen, | ||||
size_t auth_len) | size_t auth_len) | ||||
{ | { | ||||
#ifdef FCRYPTO_DEBUG | #ifdef FCRYPTO_DEBUG | ||||
struct cryptodesc *crd; | struct cryptodesc *crd; | ||||
uint8_t *p = NULL; | uint8_t *p = NULL; | ||||
size_t total = 0; | size_t total = 0; | ||||
printf("%s(%s, %p, { %s, %d, %d, %s }, %p, { %d, %p, %u }, " | printf("%s(%s, %p, { %s, %d, %d, %s }, %p, { %d, %p, %u }, " | ||||
"%p, %u, %u)\n", | "%p, %u, %u)\n", | ||||
__FUNCTION__, encrypt ? "encrypt" : "decrypt", input_sessionp, | __FUNCTION__, encrypt ? "encrypt" : "decrypt", input_sessionp, | ||||
c_info->ci_algname, c_info->ci_crypt_type, | c_info->ci_algname, c_info->ci_crypt_type, | ||||
(unsigned int)c_info->ci_keylen, c_info->ci_name, | (unsigned int)c_info->ci_keylen, c_info->ci_name, | ||||
data_uio, key->ck_format, key->ck_data, | data_uio, key->ck_format, key->ck_data, | ||||
(unsigned int)key->ck_length, | (unsigned int)key->ck_length, | ||||
ivbuf, (unsigned int)datalen, (unsigned int)auth_len); | ivbuf, (unsigned int)datalen, (unsigned int)auth_len); | ||||
printf("\tkey = { "); | printf("\tkey = { "); | ||||
for (int i = 0; i < key->ck_length / 8; i++) { | for (int i = 0; i < key->ck_length / 8; i++) { | ||||
uint8_t *b = (uint8_t *)key->ck_data; | uint8_t *b = (uint8_t *)key->ck_data; | ||||
printf("%02x ", b[i]); | printf("%02x ", b[i]); | ||||
} | } | ||||
printf("}\n"); | printf("}\n"); | ||||
for (int i = 0; i < data_uio->uio_iovcnt; i++) { | for (int i = 0; i < zfs_uio_iovcnt(data_uio); i++) { | ||||
printf("\tiovec #%d: <%p, %u>\n", i, | printf("\tiovec #%d: <%p, %u>\n", i, | ||||
data_uio->uio_iov[i].iov_base, | zfs_uio_iovbase(data_uio, i), | ||||
(unsigned int)data_uio->uio_iov[i].iov_len); | (unsigned int)zfs_uio_iovlen(data_uio, i)); | ||||
total += data_uio->uio_iov[i].iov_len; | total += zfs_uio_iovlen(data_uio, i); | ||||
} | } | ||||
data_uio->uio_resid = total; | zfs_uio_resid(data_uio) = total; | ||||
#endif | #endif | ||||
} | } | ||||
/* | /* | ||||
* Create a new cryptographic session. This should | * Create a new cryptographic session. This should | ||||
* happen every time the key changes (including when | * happen every time the key changes (including when | ||||
* it's first loaded). | * it's first loaded). | ||||
*/ | */ | ||||
#if __FreeBSD_version >= 1300087 | #if __FreeBSD_version >= 1300087 | ||||
▲ Show 20 Lines • Show All 65 Lines • ▼ Show 20 Lines | |||||
#endif | #endif | ||||
return (error); | return (error); | ||||
} | } | ||||
int | int | ||||
freebsd_crypt_uio(boolean_t encrypt, | freebsd_crypt_uio(boolean_t encrypt, | ||||
freebsd_crypt_session_t *input_sessionp, | freebsd_crypt_session_t *input_sessionp, | ||||
struct zio_crypt_info *c_info, | struct zio_crypt_info *c_info, | ||||
uio_t *data_uio, | zfs_uio_t *data_uio, | ||||
crypto_key_t *key, | crypto_key_t *key, | ||||
uint8_t *ivbuf, | uint8_t *ivbuf, | ||||
size_t datalen, | size_t datalen, | ||||
size_t auth_len) | size_t auth_len) | ||||
{ | { | ||||
struct cryptop *crp; | struct cryptop *crp; | ||||
freebsd_crypt_session_t *session = NULL; | freebsd_crypt_session_t *session = NULL; | ||||
int error = 0; | int error = 0; | ||||
size_t total = 0; | size_t total = 0; | ||||
freebsd_crypt_uio_debug_log(encrypt, input_sessionp, c_info, data_uio, | freebsd_crypt_uio_debug_log(encrypt, input_sessionp, c_info, data_uio, | ||||
key, ivbuf, datalen, auth_len); | key, ivbuf, datalen, auth_len); | ||||
for (int i = 0; i < data_uio->uio_iovcnt; i++) | for (int i = 0; i < zfs_uio_iovcnt(data_uio); i++) | ||||
total += data_uio->uio_iov[i].iov_len; | total += zfs_uio_iovlen(data_uio, i); | ||||
data_uio->uio_resid = total; | zfs_uio_resid(data_uio) = total; | ||||
if (input_sessionp == NULL) { | if (input_sessionp == NULL) { | ||||
session = kmem_zalloc(sizeof (*session), KM_SLEEP); | session = kmem_zalloc(sizeof (*session), KM_SLEEP); | ||||
error = freebsd_crypt_newsession(session, c_info, key); | error = freebsd_crypt_newsession(session, c_info, key); | ||||
if (error) | if (error) | ||||
goto out; | goto out; | ||||
} else | } else | ||||
session = input_sessionp; | session = input_sessionp; | ||||
crp = crypto_getreq(session->fs_sid, M_WAITOK); | crp = crypto_getreq(session->fs_sid, M_WAITOK); | ||||
if (encrypt) { | if (encrypt) { | ||||
crp->crp_op = CRYPTO_OP_ENCRYPT | | crp->crp_op = CRYPTO_OP_ENCRYPT | | ||||
CRYPTO_OP_COMPUTE_DIGEST; | CRYPTO_OP_COMPUTE_DIGEST; | ||||
} else { | } else { | ||||
crp->crp_op = CRYPTO_OP_DECRYPT | | crp->crp_op = CRYPTO_OP_DECRYPT | | ||||
CRYPTO_OP_VERIFY_DIGEST; | CRYPTO_OP_VERIFY_DIGEST; | ||||
} | } | ||||
crp->crp_flags = CRYPTO_F_CBIFSYNC | CRYPTO_F_IV_SEPARATE; | crp->crp_flags = CRYPTO_F_CBIFSYNC | CRYPTO_F_IV_SEPARATE; | ||||
crypto_use_uio(crp, data_uio); | crypto_use_uio(crp, GET_UIO_STRUCT(data_uio)); | ||||
crp->crp_aad_start = 0; | crp->crp_aad_start = 0; | ||||
crp->crp_aad_length = auth_len; | crp->crp_aad_length = auth_len; | ||||
crp->crp_payload_start = auth_len; | crp->crp_payload_start = auth_len; | ||||
crp->crp_payload_length = datalen; | crp->crp_payload_length = datalen; | ||||
crp->crp_digest_start = auth_len + datalen; | crp->crp_digest_start = auth_len + datalen; | ||||
bcopy(ivbuf, crp->crp_iv, ZIO_DATA_IV_LEN); | bcopy(ivbuf, crp->crp_iv, ZIO_DATA_IV_LEN); | ||||
▲ Show 20 Lines • Show All 120 Lines • ▼ Show 20 Lines | |||||
* If sessp is NULL, then it will create a | * If sessp is NULL, then it will create a | ||||
* temporary cryptographic session, and release | * temporary cryptographic session, and release | ||||
* it when done. | * it when done. | ||||
*/ | */ | ||||
int | int | ||||
freebsd_crypt_uio(boolean_t encrypt, | freebsd_crypt_uio(boolean_t encrypt, | ||||
freebsd_crypt_session_t *input_sessionp, | freebsd_crypt_session_t *input_sessionp, | ||||
struct zio_crypt_info *c_info, | struct zio_crypt_info *c_info, | ||||
uio_t *data_uio, | zfs_uio_t *data_uio, | ||||
crypto_key_t *key, | crypto_key_t *key, | ||||
uint8_t *ivbuf, | uint8_t *ivbuf, | ||||
size_t datalen, | size_t datalen, | ||||
size_t auth_len) | size_t auth_len) | ||||
{ | { | ||||
struct cryptop *crp; | struct cryptop *crp; | ||||
struct cryptodesc *enc_desc, *auth_desc; | struct cryptodesc *enc_desc, *auth_desc; | ||||
struct enc_xform *xform; | struct enc_xform *xform; | ||||
▲ Show 20 Lines • Show All 67 Lines • ▼ Show 20 Lines | if (crp == NULL) { | ||||
goto bad; | goto bad; | ||||
} | } | ||||
auth_desc = crp->crp_desc; | auth_desc = crp->crp_desc; | ||||
enc_desc = auth_desc->crd_next; | enc_desc = auth_desc->crd_next; | ||||
crp->crp_session = session->fs_sid; | crp->crp_session = session->fs_sid; | ||||
crp->crp_ilen = auth_len + datalen; | crp->crp_ilen = auth_len + datalen; | ||||
crp->crp_buf = (void*)data_uio; | crp->crp_buf = (void*)GET_UIO_STRUCT(data_uio); | ||||
crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIFSYNC; | crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIFSYNC; | ||||
auth_desc->crd_skip = 0; | auth_desc->crd_skip = 0; | ||||
auth_desc->crd_len = auth_len; | auth_desc->crd_len = auth_len; | ||||
auth_desc->crd_inject = auth_len + datalen; | auth_desc->crd_inject = auth_len + datalen; | ||||
auth_desc->crd_alg = xauth->type; | auth_desc->crd_alg = xauth->type; | ||||
#ifdef FCRYPTO_DEBUG | #ifdef FCRYPTO_DEBUG | ||||
printf("%s: auth: skip = %u, len = %u, inject = %u\n", | printf("%s: auth: skip = %u, len = %u, inject = %u\n", | ||||
Show All 36 Lines |