Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/contrib/openzfs/module/icp/illumos-crypto.c
48383 views
1
// SPDX-License-Identifier: CDDL-1.0

2
/*

3
 * CDDL HEADER START

4
 *

5
 * The contents of this file are subject to the terms of the

6
 * Common Development and Distribution License, Version 1.0 only

7
 * (the "License").  You may not use this file except in compliance

8
 * with the License.

9
 *

10
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE

11
 * or https://opensource.org/licenses/CDDL-1.0.

12
 * See the License for the specific language governing permissions

13
 * and limitations under the License.

14
 *

15
 * When distributing Covered Code, include this CDDL HEADER in each

16
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.

17
 * If applicable, add the following below this CDDL HEADER, with the

18
 * fields enclosed by brackets "[]" replaced with your own identifying

19
 * information: Portions Copyright [yyyy] [name of copyright owner]

20
 *

21
 * CDDL HEADER END

22
 */

23
/*

24
 * Copyright (c) 2017, Datto, Inc. All rights reserved.

25
 */

26


27
#ifdef _KERNEL

28
#include <linux/module.h>

29
#include <linux/kernel.h>

30
#include <linux/init.h>

31
#else

32
#define	__exit

33
#define	__init

34
#endif

35


36
#include <sys/crypto/common.h>

37
#include <sys/crypto/api.h>

38
#include <sys/crypto/impl.h>

39
#include <sys/crypto/sched_impl.h>

40
#include <sys/crypto/icp.h>

41


42
/*

43
 * Changes made to the original Illumos Crypto Layer for the ICP:

44
 *

45
 * Several changes were needed to allow the Illumos Crypto Layer

46
 * to work in the Linux kernel. Almost all of the changes fall into

47
 * one of the following categories:

48
 *

49
 * 1) Moving the syntax to the C90: This was mostly a matter of

50
 * changing func() definitions to func(void). In a few cases,

51
 * initializations of structs with unions needed to have brackets

52
 * added.

53
 *

54
 * 2) Changes to allow userspace compilation: The ICP is meant to be

55
 * compiled and used in both userspace and kernel space (for ztest and

56
 * libzfs), so the _KERNEL macros did not make sense anymore. For the

57
 * same reason, many header includes were also changed to use

58
 * sys/zfs_context.h

59
 *

60
 * 3) Moving to a statically compiled architecture: At some point in

61
 * the future it may make sense to have encryption algorithms that are

62
 * loadable into the ICP at runtime via separate kernel modules.

63
 * However, considering that this code will probably not see much use

64
 * outside of zfs and zfs encryption only requires a select few

65
 * algorithms it seemed like more trouble than it was worth to port over

66
 * Illumos's kernel module structure to a Linux kernel module. In

67
 * addition, The Illumos code related to keeping track of kernel modules

68
 * is very much tied to the Illumos OS and proved difficult to port.

69
 * Therefore, the structure of the ICP was simplified to work

70
 * statically and all the Illumos kernel module loading subsystem was removed.

71
 * All module initialization and destruction is now called in this file

72
 * during kernel module loading and unloading.

73
 *

74
 * 4) Adding destructors: The Illumos Crypto Layer is built into

75
 * the Illumos kernel and is not meant to be unloaded. Some destructors

76
 * were added to allow the ICP to be unloaded without leaking

77
 * structures.

78
 *

79
 * 5) Removing CRYPTO_DATA_MBLK related structures and code:

80
 * crypto_data_t can have 3 formats, CRYPTO_DATA_RAW, CRYPTO_DATA_UIO,

81
 * and CRYPTO_DATA_MBLK. ZFS only requires the first 2 formats, as the

82
 * last one is related to streamed data. To simplify the port, code

83
 * related to this format was removed.

84
 *

85
 * 6) Changes for architecture specific code: Some changes were needed

86
 * to make architecture specific assembly compile. The biggest change

87
 * here was to functions related to detecting CPU capabilities for amd64.

88
 * The Illumos Crypto Layer used called into the Illumos kernel's API

89
 * to discover these. They have been converted to instead use the

90
 * 'cpuid' instruction as per the Intel spec. In addition, references to

91
 * the sun4u' and sparc architectures have been removed so that these

92
 * will use the generic implementation.

93
 *

94
 * 7) Removing sha384 and sha512 code: The sha code was actually very

95
 * easy to port. However, the generic sha384 and sha512 code actually

96
 * exceeds the stack size on arm and powerpc architectures. In an effort

97
 * to remove warnings, this code was removed.

98
 *

99
 * 8) Change large allocations from kmem_alloc() to vmem_alloc(): In

100
 * testing the ICP with the ZFS encryption code, a few allocations were

101
 * found that could potentially be very large. These caused the SPL to

102
 * throw warnings and so they were changed to use vmem_alloc().

103
 *

104
 * 9) Makefiles: Makefiles were added that would work with the existing

105
 * ZFS Makefiles.

106
 */

107


108
void

109
icp_fini(void)

110
{

111
	sha2_mod_fini();

112
	aes_mod_fini();

113
	kcf_sched_destroy();

114
	kcf_prov_tab_destroy();

115
	kcf_destroy_mech_tabs();

116
}

117


118
/* roughly equivalent to kcf.c: _init() */

119
int __init

120
icp_init(void)

121
{

122
	/* initialize the mechanisms tables supported out-of-the-box */

123
	kcf_init_mech_tabs();

124


125
	/* initialize the providers tables */

126
	kcf_prov_tab_init();

127


128
	/*

129
	 * Initialize scheduling structures. Note that this does NOT

130
	 * start any threads since it might not be safe to do so.

131
	 */

132
	kcf_sched_init();

133


134
	/* initialize algorithms */

135
	aes_mod_init();

136
	sha2_mod_init();

137


138
	return (0);

139
}

140


141