1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24
25
26 /*
27 * The ioctl interface for cryptographic commands.
28 */
29
30 #include <sys/types.h>
31 #include <sys/modctl.h>
32 #include <sys/conf.h>
33 #include <sys/stat.h>
34 #include <sys/ddi.h>
35 #include <sys/sunddi.h>
36 #include <sys/kmem.h>
37 #include <sys/errno.h>
38 #include <sys/ksynch.h>
39 #include <sys/file.h>
40 #include <sys/open.h>
41 #include <sys/cred.h>
42 #include <sys/proc.h>
43 #include <sys/task.h>
44 #include <sys/mkdev.h>
45 #include <sys/model.h>
46 #include <sys/sysmacros.h>
47 #include <sys/crypto/common.h>
48 #include <sys/crypto/api.h>
49 #include <sys/crypto/impl.h>
50 #include <sys/crypto/sched_impl.h>
51 #include <sys/crypto/ioctl.h>
52
53 extern int kcf_des3_threshold;
54 extern int kcf_aes_threshold;
55 extern int kcf_rc4_threshold;
56 extern int kcf_md5_threshold;
57 extern int kcf_sha1_threshold;
58
59 /*
60 * Locking notes:
61 *
62 * crypto_locks protects the global array of minor structures.
63 * crypto_locks is an array of locks indexed by the cpuid. A reader needs
64 * to hold a single lock while a writer needs to hold all locks.
65 * krwlock_t is not an option here because the hold time
66 * is very small for these locks.
67 *
68 * The fields in the minor structure are protected by the cm_lock member
69 * of the minor structure. The cm_cv is used to signal decrements
70 * in the cm_refcnt, and is used with the cm_lock.
71 *
72 * The locking order is crypto_locks followed by cm_lock.
73 */
74
75 /*
76 * DDI entry points.
77 */
78 static int crypto_attach(dev_info_t *, ddi_attach_cmd_t);
79 static int crypto_detach(dev_info_t *, ddi_detach_cmd_t);
80 static int crypto_getinfo(dev_info_t *, ddi_info_cmd_t, void *, void **);
81 static int crypto_open(dev_t *, int, int, cred_t *);
82 static int crypto_close(dev_t, int, int, cred_t *);
83 static int crypto_ioctl(dev_t, int, intptr_t, int, cred_t *, int *);
84
85 static int cipher_init(dev_t, caddr_t, int, int (*)(crypto_provider_t,
86 crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
87 crypto_ctx_template_t, crypto_context_t *, crypto_call_req_t *));
88
89 static int common_digest(dev_t, caddr_t, int, int (*)(crypto_context_t,
90 crypto_data_t *, crypto_data_t *, crypto_call_req_t *));
91
92 static int cipher(dev_t, caddr_t, int, int (*)(crypto_context_t,
93 crypto_data_t *, crypto_data_t *, crypto_call_req_t *));
94
95 static int cipher_update(dev_t, caddr_t, int, int (*)(crypto_context_t,
96 crypto_data_t *, crypto_data_t *, crypto_call_req_t *));
97
98 static int common_final(dev_t, caddr_t, int, int (*)(crypto_context_t,
99 crypto_data_t *, crypto_call_req_t *));
100
101 static int sign_verify_init(dev_t, caddr_t, int, int (*)(crypto_provider_t,
102 crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
103 crypto_ctx_template_t, crypto_context_t *, crypto_call_req_t *));
104
105 static int sign_verify_update(dev_t dev, caddr_t arg, int mode,
106 int (*)(crypto_context_t, crypto_data_t *, crypto_call_req_t *));
107
108 static void crypto_release_provider_session(crypto_minor_t *,
109 crypto_provider_session_t *);
110 static int crypto_buffer_check(size_t);
111 static int crypto_free_find_ctx(crypto_session_data_t *);
112 static int crypto_get_provider_list(crypto_minor_t *, uint_t *,
113 crypto_provider_entry_t **, boolean_t);
114
115 /* number of minor numbers to allocate at a time */
116 #define CRYPTO_MINOR_CHUNK 16
117
118 /*
119 * There are two limits associated with kernel memory. The first,
120 * CRYPTO_MAX_BUFFER_LEN, is the maximum number of bytes that can be
121 * allocated for a single copyin/copyout buffer. The second limit is
122 * the total number of bytes that can be allocated by a process
123 * for copyin/copyout buffers. The latter is enforced by the
124 * project.max-crypto-memory resource control.
125 */
126
127 #define CRYPTO_MAX_BUFFER_LEN (2 * 1024 * 1024)
128 #define CRYPTO_MAX_FIND_COUNT 512
129
130 /*
131 * We preapprove some bytes for each session to avoid making the costly
132 * crypto_buffer_check() calls. The preapproval is done when a new session
133 * is created and that cost is amortized over later crypto calls.
134 * Most applications create a session and then do a bunch of crypto calls
135 * in that session. So, they benefit from this optimization.
136 *
137 * Note that we may hit the project.max-crypto-memory limit a bit sooner
138 * because of this preapproval. But it is acceptable since the preapproved
139 * amount is insignificant compared to the default max-crypto-memory limit
140 * which is quarter of the machine's memory. The preapproved amount is
141 * roughly 2 * 16K(maximum SSL record size).
142 */
143 #define CRYPTO_PRE_APPROVED_LIMIT (32 * 1024)
144
145 /* The session table grows by CRYPTO_SESSION_CHUNK increments */
146 #define CRYPTO_SESSION_CHUNK 100
147
148 size_t crypto_max_buffer_len = CRYPTO_MAX_BUFFER_LEN;
149 size_t crypto_pre_approved_limit = CRYPTO_PRE_APPROVED_LIMIT;
150
151 #define INIT_RAW_CRYPTO_DATA(data, len) \
152 (data).cd_format = CRYPTO_DATA_RAW; \
153 (data).cd_raw.iov_base = kmem_alloc(len, KM_SLEEP); \
154 (data).cd_raw.iov_len = len; \
155 (data).cd_offset = 0; \
156 (data).cd_length = len;
157
158 static struct kmem_cache *crypto_session_cache;
159 static crypto_minor_t **crypto_minors = NULL;
160 static dev_info_t *crypto_dip = NULL;
161 static minor_t crypto_minor_chunk = CRYPTO_MINOR_CHUNK;
162 static minor_t crypto_minors_table_count = 0;
163
164 /*
165 * Minors are started from 1 because vmem_alloc()
166 * returns 0 in case of failure.
167 */
168 static vmem_t *crypto_arena = NULL; /* Arena for device minors */
169 static minor_t crypto_minors_count = 0;
170 static kcf_lock_withpad_t *crypto_locks;
171
172 #define CRYPTO_ENTER_ALL_LOCKS() \
173 for (i = 0; i < max_ncpus; i++) \
174 mutex_enter(&crypto_locks[i].kl_lock);
175
176 #define CRYPTO_EXIT_ALL_LOCKS() \
177 for (i = 0; i < max_ncpus; i++) \
178 mutex_exit(&crypto_locks[i].kl_lock);
179
180 #define RETURN_LIST B_TRUE
181 #define DONT_RETURN_LIST B_FALSE
182
183 #define CRYPTO_OPS_OFFSET(f) offsetof(crypto_ops_t, co_##f)
184 #define CRYPTO_RANDOM_OFFSET(f) offsetof(crypto_random_number_ops_t, f)
185 #define CRYPTO_SESSION_OFFSET(f) offsetof(crypto_session_ops_t, f)
186 #define CRYPTO_OBJECT_OFFSET(f) offsetof(crypto_object_ops_t, f)
187 #define CRYPTO_PROVIDER_OFFSET(f) \
188 offsetof(crypto_provider_management_ops_t, f)
189
190 #define CRYPTO_CANCEL_CTX(spp) { \
191 crypto_cancel_ctx(*(spp)); \
192 *(spp) = NULL; \
193 }
194
195 #define CRYPTO_CANCEL_ALL_CTX(sp) { \
196 if ((sp)->sd_digest_ctx != NULL) { \
197 crypto_cancel_ctx((sp)->sd_digest_ctx); \
198 (sp)->sd_digest_ctx = NULL; \
199 } \
200 if ((sp)->sd_encr_ctx != NULL) { \
201 crypto_cancel_ctx((sp)->sd_encr_ctx); \
202 (sp)->sd_encr_ctx = NULL; \
203 } \
204 if ((sp)->sd_decr_ctx != NULL) { \
205 crypto_cancel_ctx((sp)->sd_decr_ctx); \
206 (sp)->sd_decr_ctx = NULL; \
207 } \
208 if ((sp)->sd_sign_ctx != NULL) { \
209 crypto_cancel_ctx((sp)->sd_sign_ctx); \
210 (sp)->sd_sign_ctx = NULL; \
211 } \
212 if ((sp)->sd_verify_ctx != NULL) { \
213 crypto_cancel_ctx((sp)->sd_verify_ctx); \
214 (sp)->sd_verify_ctx = NULL; \
215 } \
216 if ((sp)->sd_sign_recover_ctx != NULL) { \
217 crypto_cancel_ctx((sp)->sd_sign_recover_ctx); \
218 (sp)->sd_sign_recover_ctx = NULL; \
219 } \
220 if ((sp)->sd_verify_recover_ctx != NULL) { \
221 crypto_cancel_ctx((sp)->sd_verify_recover_ctx); \
222 (sp)->sd_verify_recover_ctx = NULL; \
223 } \
224 }
225
226 #define CRYPTO_DECREMENT_RCTL(val) if ((val) != 0) { \
227 kproject_t *projp; \
228 mutex_enter(&curproc->p_lock); \
229 projp = curproc->p_task->tk_proj; \
230 ASSERT(projp != NULL); \
231 mutex_enter(&(projp->kpj_data.kpd_crypto_lock)); \
232 projp->kpj_data.kpd_crypto_mem -= (val); \
233 mutex_exit(&(projp->kpj_data.kpd_crypto_lock)); \
234 curproc->p_crypto_mem -= (val); \
235 mutex_exit(&curproc->p_lock); \
236 }
237
238 /*
239 * We do not need to hold sd_lock in the macros below
240 * as they are called after doing a get_session_ptr() which
241 * sets the CRYPTO_SESSION_IS_BUSY flag.
242 */
243 #define CRYPTO_DECREMENT_RCTL_SESSION(sp, val, rctl_chk) \
244 if (((val) != 0) && ((sp) != NULL)) { \
245 ASSERT(((sp)->sd_flags & CRYPTO_SESSION_IS_BUSY) != 0); \
246 if (rctl_chk) { \
247 CRYPTO_DECREMENT_RCTL(val); \
248 } else { \
249 (sp)->sd_pre_approved_amount += (val); \
250 } \
251 }
252
253 #define CRYPTO_BUFFER_CHECK(sp, need, rctl_chk) \
254 ((sp->sd_pre_approved_amount >= need) ? \
255 (sp->sd_pre_approved_amount -= need, \
256 rctl_chk = B_FALSE, CRYPTO_SUCCESS) : \
257 (rctl_chk = B_TRUE, crypto_buffer_check(need)))
258
259 /*
260 * Module linkage.
261 */
262 static struct cb_ops cbops = {
263 crypto_open, /* cb_open */
264 crypto_close, /* cb_close */
265 nodev, /* cb_strategy */
266 nodev, /* cb_print */
267 nodev, /* cb_dump */
268 nodev, /* cb_read */
269 nodev, /* cb_write */
270 crypto_ioctl, /* cb_ioctl */
271 nodev, /* cb_devmap */
272 nodev, /* cb_mmap */
273 nodev, /* cb_segmap */
274 nochpoll, /* cb_chpoll */
275 ddi_prop_op, /* cb_prop_op */
276 NULL, /* cb_streamtab */
277 D_MP, /* cb_flag */
278 CB_REV, /* cb_rev */
279 nodev, /* cb_aread */
280 nodev, /* cb_awrite */
281 };
282
283 static struct dev_ops devops = {
284 DEVO_REV, /* devo_rev */
285 0, /* devo_refcnt */
286 crypto_getinfo, /* devo_getinfo */
287 nulldev, /* devo_identify */
288 nulldev, /* devo_probe */
289 crypto_attach, /* devo_attach */
290 crypto_detach, /* devo_detach */
291 nodev, /* devo_reset */
292 &cbops, /* devo_cb_ops */
293 NULL, /* devo_bus_ops */
294 NULL, /* devo_power */
295 ddi_quiesce_not_needed, /* devo_quiesce */
296 };
297
298 static struct modldrv modldrv = {
299 &mod_driverops, /* drv_modops */
300 "Cryptographic Library Interface", /* drv_linkinfo */
301 &devops,
302 };
303
304 static struct modlinkage modlinkage = {
305 MODREV_1, /* ml_rev */
306 &modldrv, /* ml_linkage */
307 NULL
308 };
309
310 /*
311 * DDI entry points.
312 */
313 int
_init(void)314 _init(void)
315 {
316 return (mod_install(&modlinkage));
317 }
318
319 int
_fini(void)320 _fini(void)
321 {
322 return (mod_remove(&modlinkage));
323 }
324
325 int
_info(struct modinfo * modinfop)326 _info(struct modinfo *modinfop)
327 {
328 return (mod_info(&modlinkage, modinfop));
329 }
330
331 /* ARGSUSED */
332 static int
crypto_getinfo(dev_info_t * dip,ddi_info_cmd_t cmd,void * arg,void ** result)333 crypto_getinfo(dev_info_t *dip, ddi_info_cmd_t cmd, void *arg, void **result)
334 {
335 switch (cmd) {
336 case DDI_INFO_DEVT2DEVINFO:
337 *result = crypto_dip;
338 return (DDI_SUCCESS);
339
340 case DDI_INFO_DEVT2INSTANCE:
341 *result = (void *)0;
342 return (DDI_SUCCESS);
343 }
344 return (DDI_FAILURE);
345 }
346
347 static int
crypto_attach(dev_info_t * dip,ddi_attach_cmd_t cmd)348 crypto_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
349 {
350 int i;
351
352 if (cmd != DDI_ATTACH) {
353 return (DDI_FAILURE);
354 }
355
356 if (ddi_get_instance(dip) != 0) {
357 /* we only allow instance 0 to attach */
358 return (DDI_FAILURE);
359 }
360
361 crypto_session_cache = kmem_cache_create("crypto_session_cache",
362 sizeof (crypto_session_data_t), 0, NULL, NULL, NULL, NULL, NULL, 0);
363
364 if (crypto_session_cache == NULL)
365 return (DDI_FAILURE);
366
367 /* create the minor node */
368 if (ddi_create_minor_node(dip, "crypto", S_IFCHR, 0,
369 DDI_PSEUDO, 0) != DDI_SUCCESS) {
370 kmem_cache_destroy(crypto_session_cache);
371 crypto_session_cache = NULL;
372 cmn_err(CE_WARN, "crypto_attach: failed creating minor node");
373 ddi_remove_minor_node(dip, NULL);
374 return (DDI_FAILURE);
375 }
376
377 crypto_locks = kmem_zalloc(max_ncpus * sizeof (kcf_lock_withpad_t),
378 KM_SLEEP);
379 for (i = 0; i < max_ncpus; i++)
380 mutex_init(&crypto_locks[i].kl_lock, NULL, MUTEX_DRIVER, NULL);
381
382 crypto_dip = dip;
383
384 /* allocate integer space for minor numbers */
385 crypto_arena = vmem_create("crypto", (void *)1,
386 CRYPTO_MINOR_CHUNK, 1, NULL, NULL, NULL, 0,
387 VM_SLEEP | VMC_IDENTIFIER);
388
389 return (DDI_SUCCESS);
390 }
391
392 static int
crypto_detach(dev_info_t * dip,ddi_detach_cmd_t cmd)393 crypto_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
394 {
395 minor_t i;
396 kcf_lock_withpad_t *mp;
397
398 if (cmd != DDI_DETACH)
399 return (DDI_FAILURE);
400
401 mp = &crypto_locks[CPU_SEQID];
402 mutex_enter(&mp->kl_lock);
403
404 /* check if device is open */
405 for (i = 0; i < crypto_minors_table_count; i++) {
406 if (crypto_minors[i] != NULL) {
407 mutex_exit(&mp->kl_lock);
408 return (DDI_FAILURE);
409 }
410 }
411 mutex_exit(&mp->kl_lock);
412
413 crypto_dip = NULL;
414 ddi_remove_minor_node(dip, NULL);
415
416 kmem_cache_destroy(crypto_session_cache);
417 crypto_session_cache = NULL;
418
419 kmem_free(crypto_minors,
420 sizeof (crypto_minor_t *) * crypto_minors_table_count);
421 crypto_minors = NULL;
422 crypto_minors_table_count = 0;
423 for (i = 0; i < max_ncpus; i++)
424 mutex_destroy(&crypto_locks[i].kl_lock);
425 kmem_free(crypto_locks, max_ncpus * sizeof (kcf_lock_withpad_t));
426 crypto_locks = NULL;
427
428 vmem_destroy(crypto_arena);
429 crypto_arena = NULL;
430
431 return (DDI_SUCCESS);
432 }
433
434 /* ARGSUSED3 */
435 static int
crypto_open(dev_t * devp,int flag,int otyp,cred_t * credp)436 crypto_open(dev_t *devp, int flag, int otyp, cred_t *credp)
437 {
438 crypto_minor_t *cm = NULL;
439 minor_t mn;
440 kcf_lock_withpad_t *mp;
441 int i;
442
443 if (otyp != OTYP_CHR)
444 return (ENXIO);
445
446 if (crypto_dip == NULL)
447 return (ENXIO);
448
449 /* exclusive opens are not supported */
450 if (flag & FEXCL)
451 return (ENOTSUP);
452
453 again:
454 mp = &crypto_locks[CPU_SEQID];
455 mutex_enter(&mp->kl_lock);
456
457 /* grow the minors table if needed */
458 if (crypto_minors_count >= crypto_minors_table_count) {
459 crypto_minor_t **newtable;
460 minor_t chunk = crypto_minor_chunk;
461 minor_t saved_count;
462 size_t new_size;
463 ulong_t big_count;
464
465 big_count = crypto_minors_count + chunk;
466 if (big_count > MAXMIN) {
467 mutex_exit(&mp->kl_lock);
468 return (ENOMEM);
469 }
470
471 saved_count = crypto_minors_table_count;
472 new_size = sizeof (crypto_minor_t *) *
473 (crypto_minors_table_count + chunk);
474
475 mutex_exit(&mp->kl_lock);
476
477 newtable = kmem_zalloc(new_size, KM_SLEEP);
478 CRYPTO_ENTER_ALL_LOCKS();
479 /*
480 * Check if table grew while we were sleeping.
481 * The minors table never shrinks.
482 */
483 if (crypto_minors_table_count > saved_count) {
484 CRYPTO_EXIT_ALL_LOCKS();
485 kmem_free(newtable, new_size);
486 goto again;
487 }
488
489 /* we assume that bcopy() will return if count is 0 */
490 bcopy(crypto_minors, newtable,
491 sizeof (crypto_minor_t *) * crypto_minors_table_count);
492
493 kmem_free(crypto_minors,
494 sizeof (crypto_minor_t *) * crypto_minors_table_count);
495
496 /* grow the minors number space */
497 if (crypto_minors_table_count != 0) {
498 (void) vmem_add(crypto_arena,
499 (void *)(uintptr_t)(crypto_minors_table_count + 1),
500 crypto_minor_chunk, VM_SLEEP);
501 }
502
503 crypto_minors = newtable;
504 crypto_minors_table_count += chunk;
505 CRYPTO_EXIT_ALL_LOCKS();
506 } else {
507 mutex_exit(&mp->kl_lock);
508 }
509
510 /* allocate a new minor number starting with 1 */
511 mn = (minor_t)(uintptr_t)vmem_alloc(crypto_arena, 1, VM_SLEEP);
512
513 cm = kmem_zalloc(sizeof (crypto_minor_t), KM_SLEEP);
514 mutex_init(&cm->cm_lock, NULL, MUTEX_DRIVER, NULL);
515 cv_init(&cm->cm_cv, NULL, CV_DRIVER, NULL);
516
517 CRYPTO_ENTER_ALL_LOCKS();
518 cm->cm_refcnt = 1;
519 crypto_minors[mn - 1] = cm;
520 crypto_minors_count++;
521 CRYPTO_EXIT_ALL_LOCKS();
522
523 *devp = makedevice(getmajor(*devp), mn);
524
525 return (0);
526 }
527
528 /* ARGSUSED1 */
529 static int
crypto_close(dev_t dev,int flag,int otyp,cred_t * credp)530 crypto_close(dev_t dev, int flag, int otyp, cred_t *credp)
531 {
532 crypto_minor_t *cm = NULL;
533 crypto_session_data_t *sp;
534 minor_t mn = getminor(dev);
535 uint_t i;
536 size_t total = 0;
537 kcf_lock_withpad_t *mp;
538
539 mp = &crypto_locks[CPU_SEQID];
540 mutex_enter(&mp->kl_lock);
541
542 if (mn > crypto_minors_table_count) {
543 mutex_exit(&mp->kl_lock);
544 cmn_err(CE_WARN, "crypto_close: bad minor (too big) %d", mn);
545 return (ENODEV);
546 }
547
548 cm = crypto_minors[mn - 1];
549 if (cm == NULL) {
550 mutex_exit(&mp->kl_lock);
551 cmn_err(CE_WARN, "crypto_close: duplicate close of minor %d",
552 getminor(dev));
553 return (ENODEV);
554 }
555
556 mutex_exit(&mp->kl_lock);
557
558 CRYPTO_ENTER_ALL_LOCKS();
559 /*
560 * We free the minor number, mn, from the crypto_arena
561 * only later. This ensures that we won't race with another
562 * thread in crypto_open with the same minor number.
563 */
564 crypto_minors[mn - 1] = NULL;
565 crypto_minors_count--;
566 CRYPTO_EXIT_ALL_LOCKS();
567
568 mutex_enter(&cm->cm_lock);
569 cm->cm_refcnt --; /* decrement refcnt held in open */
570 while (cm->cm_refcnt > 0) {
571 cv_wait(&cm->cm_cv, &cm->cm_lock);
572 }
573
574 vmem_free(crypto_arena, (void *)(uintptr_t)mn, 1);
575
576 /* free all session table entries starting with 1 */
577 for (i = 1; i < cm->cm_session_table_count; i++) {
578 if (cm->cm_session_table[i] == NULL)
579 continue;
580
581 sp = cm->cm_session_table[i];
582 ASSERT((sp->sd_flags & CRYPTO_SESSION_IS_BUSY) == 0);
583 ASSERT(sp->sd_pre_approved_amount == 0 ||
584 sp->sd_pre_approved_amount == crypto_pre_approved_limit);
585 total += sp->sd_pre_approved_amount;
586 if (sp->sd_find_init_cookie != NULL) {
587 (void) crypto_free_find_ctx(sp);
588 }
589 crypto_release_provider_session(cm, sp->sd_provider_session);
590 KCF_PROV_REFRELE(sp->sd_provider);
591 CRYPTO_CANCEL_ALL_CTX(sp);
592 mutex_destroy(&sp->sd_lock);
593 cv_destroy(&sp->sd_cv);
594 kmem_cache_free(crypto_session_cache, sp);
595 cm->cm_session_table[i] = NULL;
596 }
597
598 /* free the session table */
599 if (cm->cm_session_table != NULL && cm->cm_session_table_count > 0)
600 kmem_free(cm->cm_session_table, cm->cm_session_table_count *
601 sizeof (void *));
602
603 total += (cm->cm_session_table_count * sizeof (void *));
604 CRYPTO_DECREMENT_RCTL(total);
605
606 kcf_free_provider_tab(cm->cm_provider_count,
607 cm->cm_provider_array);
608
609 mutex_exit(&cm->cm_lock);
610 mutex_destroy(&cm->cm_lock);
611 cv_destroy(&cm->cm_cv);
612 kmem_free(cm, sizeof (crypto_minor_t));
613
614 return (0);
615 }
616
617 static crypto_minor_t *
crypto_hold_minor(minor_t minor)618 crypto_hold_minor(minor_t minor)
619 {
620 crypto_minor_t *cm;
621 kcf_lock_withpad_t *mp;
622
623 if (minor > crypto_minors_table_count)
624 return (NULL);
625
626 mp = &crypto_locks[CPU_SEQID];
627 mutex_enter(&mp->kl_lock);
628
629 if ((cm = crypto_minors[minor - 1]) != NULL) {
630 atomic_inc_32(&cm->cm_refcnt);
631 }
632 mutex_exit(&mp->kl_lock);
633 return (cm);
634 }
635
636 static void
crypto_release_minor(crypto_minor_t * cm)637 crypto_release_minor(crypto_minor_t *cm)
638 {
639 if (atomic_dec_32_nv(&cm->cm_refcnt) == 0) {
640 cv_signal(&cm->cm_cv);
641 }
642 }
643
644 /*
645 * Build a list of functions and other information for the provider, pd.
646 */
647 static void
crypto_build_function_list(crypto_function_list_t * fl,kcf_provider_desc_t * pd)648 crypto_build_function_list(crypto_function_list_t *fl, kcf_provider_desc_t *pd)
649 {
650 crypto_ops_t *ops;
651 crypto_digest_ops_t *digest_ops;
652 crypto_cipher_ops_t *cipher_ops;
653 crypto_mac_ops_t *mac_ops;
654 crypto_sign_ops_t *sign_ops;
655 crypto_verify_ops_t *verify_ops;
656 crypto_dual_ops_t *dual_ops;
657 crypto_random_number_ops_t *random_number_ops;
658 crypto_session_ops_t *session_ops;
659 crypto_object_ops_t *object_ops;
660 crypto_key_ops_t *key_ops;
661 crypto_provider_management_ops_t *provider_ops;
662
663 if ((ops = pd->pd_ops_vector) == NULL)
664 return;
665
666 if ((digest_ops = ops->co_digest_ops) != NULL) {
667 if (digest_ops->digest_init != NULL)
668 fl->fl_digest_init = B_TRUE;
669 if (digest_ops->digest != NULL)
670 fl->fl_digest = B_TRUE;
671 if (digest_ops->digest_update != NULL)
672 fl->fl_digest_update = B_TRUE;
673 if (digest_ops->digest_key != NULL)
674 fl->fl_digest_key = B_TRUE;
675 if (digest_ops->digest_final != NULL)
676 fl->fl_digest_final = B_TRUE;
677 }
678 if ((cipher_ops = ops->co_cipher_ops) != NULL) {
679 if (cipher_ops->encrypt_init != NULL)
680 fl->fl_encrypt_init = B_TRUE;
681 if (cipher_ops->encrypt != NULL)
682 fl->fl_encrypt = B_TRUE;
683 if (cipher_ops->encrypt_update != NULL)
684 fl->fl_encrypt_update = B_TRUE;
685 if (cipher_ops->encrypt_final != NULL)
686 fl->fl_encrypt_final = B_TRUE;
687 if (cipher_ops->decrypt_init != NULL)
688 fl->fl_decrypt_init = B_TRUE;
689 if (cipher_ops->decrypt != NULL)
690 fl->fl_decrypt = B_TRUE;
691 if (cipher_ops->decrypt_update != NULL)
692 fl->fl_decrypt_update = B_TRUE;
693 if (cipher_ops->decrypt_final != NULL)
694 fl->fl_decrypt_final = B_TRUE;
695 }
696 if ((mac_ops = ops->co_mac_ops) != NULL) {
697 if (mac_ops->mac_init != NULL)
698 fl->fl_mac_init = B_TRUE;
699 if (mac_ops->mac != NULL)
700 fl->fl_mac = B_TRUE;
701 if (mac_ops->mac_update != NULL)
702 fl->fl_mac_update = B_TRUE;
703 if (mac_ops->mac_final != NULL)
704 fl->fl_mac_final = B_TRUE;
705 }
706 if ((sign_ops = ops->co_sign_ops) != NULL) {
707 if (sign_ops->sign_init != NULL)
708 fl->fl_sign_init = B_TRUE;
709 if (sign_ops->sign != NULL)
710 fl->fl_sign = B_TRUE;
711 if (sign_ops->sign_update != NULL)
712 fl->fl_sign_update = B_TRUE;
713 if (sign_ops->sign_final != NULL)
714 fl->fl_sign_final = B_TRUE;
715 if (sign_ops->sign_recover_init != NULL)
716 fl->fl_sign_recover_init = B_TRUE;
717 if (sign_ops->sign_recover != NULL)
718 fl->fl_sign_recover = B_TRUE;
719 }
720 if ((verify_ops = ops->co_verify_ops) != NULL) {
721 if (verify_ops->verify_init != NULL)
722 fl->fl_verify_init = B_TRUE;
723 if (verify_ops->verify != NULL)
724 fl->fl_verify = B_TRUE;
725 if (verify_ops->verify_update != NULL)
726 fl->fl_verify_update = B_TRUE;
727 if (verify_ops->verify_final != NULL)
728 fl->fl_verify_final = B_TRUE;
729 if (verify_ops->verify_recover_init != NULL)
730 fl->fl_verify_recover_init = B_TRUE;
731 if (verify_ops->verify_recover != NULL)
732 fl->fl_verify_recover = B_TRUE;
733 }
734 if ((dual_ops = ops->co_dual_ops) != NULL) {
735 if (dual_ops->digest_encrypt_update != NULL)
736 fl->fl_digest_encrypt_update = B_TRUE;
737 if (dual_ops->decrypt_digest_update != NULL)
738 fl->fl_decrypt_digest_update = B_TRUE;
739 if (dual_ops->sign_encrypt_update != NULL)
740 fl->fl_sign_encrypt_update = B_TRUE;
741 if (dual_ops->decrypt_verify_update != NULL)
742 fl->fl_decrypt_verify_update = B_TRUE;
743 }
744 if ((random_number_ops = ops->co_random_ops) != NULL) {
745 if (random_number_ops->seed_random != NULL)
746 fl->fl_seed_random = B_TRUE;
747 if (random_number_ops->generate_random != NULL)
748 fl->fl_generate_random = B_TRUE;
749 }
750 if ((session_ops = ops->co_session_ops) != NULL) {
751 if (session_ops->session_open != NULL)
752 fl->fl_session_open = B_TRUE;
753 if (session_ops->session_close != NULL)
754 fl->fl_session_close = B_TRUE;
755 if (session_ops->session_login != NULL)
756 fl->fl_session_login = B_TRUE;
757 if (session_ops->session_logout != NULL)
758 fl->fl_session_logout = B_TRUE;
759 }
760 if ((object_ops = ops->co_object_ops) != NULL) {
761 if (object_ops->object_create != NULL)
762 fl->fl_object_create = B_TRUE;
763 if (object_ops->object_copy != NULL)
764 fl->fl_object_copy = B_TRUE;
765 if (object_ops->object_destroy != NULL)
766 fl->fl_object_destroy = B_TRUE;
767 if (object_ops->object_get_size != NULL)
768 fl->fl_object_get_size = B_TRUE;
769 if (object_ops->object_get_attribute_value != NULL)
770 fl->fl_object_get_attribute_value = B_TRUE;
771 if (object_ops->object_set_attribute_value != NULL)
772 fl->fl_object_set_attribute_value = B_TRUE;
773 if (object_ops->object_find_init != NULL)
774 fl->fl_object_find_init = B_TRUE;
775 if (object_ops->object_find != NULL)
776 fl->fl_object_find = B_TRUE;
777 if (object_ops->object_find_final != NULL)
778 fl->fl_object_find_final = B_TRUE;
779 }
780 if ((key_ops = ops->co_key_ops) != NULL) {
781 if (key_ops->key_generate != NULL)
782 fl->fl_key_generate = B_TRUE;
783 if (key_ops->key_generate_pair != NULL)
784 fl->fl_key_generate_pair = B_TRUE;
785 if (key_ops->key_wrap != NULL)
786 fl->fl_key_wrap = B_TRUE;
787 if (key_ops->key_unwrap != NULL)
788 fl->fl_key_unwrap = B_TRUE;
789 if (key_ops->key_derive != NULL)
790 fl->fl_key_derive = B_TRUE;
791 }
792 if ((provider_ops = ops->co_provider_ops) != NULL) {
793 if (provider_ops->init_token != NULL)
794 fl->fl_init_token = B_TRUE;
795 if (provider_ops->init_pin != NULL)
796 fl->fl_init_pin = B_TRUE;
797 if (provider_ops->set_pin != NULL)
798 fl->fl_set_pin = B_TRUE;
799 }
800
801 fl->prov_is_hash_limited = pd->pd_flags & CRYPTO_HASH_NO_UPDATE;
802 if (fl->prov_is_hash_limited) {
803 fl->prov_hash_limit = min(pd->pd_hash_limit,
804 min(CRYPTO_MAX_BUFFER_LEN,
805 curproc->p_task->tk_proj->kpj_data.kpd_crypto_mem_ctl));
806 }
807
808 fl->prov_is_hmac_limited = pd->pd_flags & CRYPTO_HMAC_NO_UPDATE;
809 if (fl->prov_is_hmac_limited) {
810 fl->prov_hmac_limit = min(pd->pd_hmac_limit,
811 min(CRYPTO_MAX_BUFFER_LEN,
812 curproc->p_task->tk_proj->kpj_data.kpd_crypto_mem_ctl));
813 }
814
815 if (fl->prov_is_hash_limited || fl->prov_is_hmac_limited) {
816 /*
817 * XXX - The threshold should ideally be per hash/HMAC
818 * mechanism. For now, we use the same value for all
819 * hash/HMAC mechanisms. Empirical evidence suggests this
820 * is fine.
821 */
822 fl->prov_hash_threshold = kcf_md5_threshold;
823 }
824
825 fl->total_threshold_count = MAX_NUM_THRESHOLD;
826 fl->fl_threshold[0].mech_type = CKM_DES3_CBC;
827 fl->fl_threshold[0].mech_threshold = kcf_des3_threshold;
828 fl->fl_threshold[1].mech_type = CKM_DES3_ECB;
829 fl->fl_threshold[1].mech_threshold = kcf_des3_threshold;
830 fl->fl_threshold[2].mech_type = CKM_AES_CBC;
831 fl->fl_threshold[2].mech_threshold = kcf_aes_threshold;
832 fl->fl_threshold[3].mech_type = CKM_AES_ECB;
833 fl->fl_threshold[3].mech_threshold = kcf_aes_threshold;
834 fl->fl_threshold[4].mech_type = CKM_RC4;
835 fl->fl_threshold[4].mech_threshold = kcf_rc4_threshold;
836 fl->fl_threshold[5].mech_type = CKM_MD5;
837 fl->fl_threshold[5].mech_threshold = kcf_md5_threshold;
838 fl->fl_threshold[6].mech_type = CKM_SHA_1;
839 fl->fl_threshold[6].mech_threshold = kcf_sha1_threshold;
840 }
841
842 /* ARGSUSED */
843 static int
get_function_list(dev_t dev,caddr_t arg,int mode,int * rval)844 get_function_list(dev_t dev, caddr_t arg, int mode, int *rval)
845 {
846 crypto_get_function_list_t get_function_list;
847 crypto_minor_t *cm;
848 crypto_provider_id_t provider_id;
849 crypto_function_list_t *fl;
850 kcf_provider_desc_t *provider;
851 int rv;
852
853 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
854 cmn_err(CE_WARN, "get_function_list: failed holding minor");
855 return (ENXIO);
856 }
857
858 if (copyin(arg, &get_function_list, sizeof (get_function_list)) != 0) {
859 crypto_release_minor(cm);
860 return (EFAULT);
861 }
862
863 /* initialize provider_array */
864 if (cm->cm_provider_array == NULL) {
865 rv = crypto_get_provider_list(cm, NULL, NULL, DONT_RETURN_LIST);
866 if (rv != CRYPTO_SUCCESS) {
867 goto release_minor;
868 }
869 }
870
871 provider_id = get_function_list.fl_provider_id;
872 mutex_enter(&cm->cm_lock);
873 /* index must be less than count of providers */
874 if (provider_id >= cm->cm_provider_count) {
875 mutex_exit(&cm->cm_lock);
876 rv = CRYPTO_ARGUMENTS_BAD;
877 goto release_minor;
878 }
879
880 ASSERT(cm->cm_provider_array != NULL);
881 provider = cm->cm_provider_array[provider_id];
882 mutex_exit(&cm->cm_lock);
883
884 fl = &get_function_list.fl_list;
885 bzero(fl, sizeof (crypto_function_list_t));
886
887 if (provider->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) {
888 crypto_build_function_list(fl, provider);
889 } else {
890 kcf_provider_desc_t *prev = NULL, *pd;
891
892 mutex_enter(&provider->pd_lock);
893 while (kcf_get_next_logical_provider_member(provider,
894 prev, &pd)) {
895 prev = pd;
896 crypto_build_function_list(fl, pd);
897 KCF_PROV_REFRELE(pd);
898 }
899 mutex_exit(&provider->pd_lock);
900 }
901
902 rv = CRYPTO_SUCCESS;
903
904 release_minor:
905 crypto_release_minor(cm);
906
907 get_function_list.fl_return_value = rv;
908
909 if (copyout(&get_function_list, arg, sizeof (get_function_list)) != 0) {
910 return (EFAULT);
911 }
912 return (0);
913 }
914
915 /*
916 * This ioctl maps a PKCS#11 mechanism string into an internal number
917 * that is used by the kernel. pn_internal_number is set to the
918 * internal number.
919 */
920 /* ARGSUSED */
921 static int
get_mechanism_number(dev_t dev,caddr_t arg,int mode,int * rval)922 get_mechanism_number(dev_t dev, caddr_t arg, int mode, int *rval)
923 {
924 STRUCT_DECL(crypto_get_mechanism_number, get_number);
925 crypto_mech_type_t number;
926 size_t len;
927 char *mechanism_name;
928 int rv;
929
930 STRUCT_INIT(get_number, mode);
931
932 if (copyin(arg, STRUCT_BUF(get_number), STRUCT_SIZE(get_number)) != 0)
933 return (EFAULT);
934
935 len = STRUCT_FGET(get_number, pn_mechanism_len);
936 if (len == 0 || len > CRYPTO_MAX_MECH_NAME) {
937 rv = CRYPTO_ARGUMENTS_BAD;
938 goto out;
939 }
940 mechanism_name = kmem_alloc(len, KM_SLEEP);
941
942 if (copyin(STRUCT_FGETP(get_number, pn_mechanism_string),
943 mechanism_name, len) != 0) {
944 kmem_free(mechanism_name, len);
945 return (EFAULT);
946 }
947
948 /*
949 * Get mechanism number from kcf. We set the load_module
950 * flag to false since we use only hardware providers.
951 */
952 number = crypto_mech2id_common(mechanism_name, B_FALSE);
953 kmem_free(mechanism_name, len);
954 if (number == CRYPTO_MECH_INVALID) {
955 rv = CRYPTO_ARGUMENTS_BAD;
956 goto out;
957 }
958
959 bcopy((char *)&number, (char *)STRUCT_FADDR(get_number,
960 pn_internal_number), sizeof (number));
961
962 rv = CRYPTO_SUCCESS;
963 out:
964 STRUCT_FSET(get_number, pn_return_value, rv);
965
966 if (copyout(STRUCT_BUF(get_number), arg,
967 STRUCT_SIZE(get_number)) != 0) {
968 return (EFAULT);
969 }
970 return (0);
971 }
972
973 /*
974 * This ioctl returns an array of crypto_mech_name_t entries.
975 * It lists all the PKCS#11 mechanisms available in the kernel.
976 */
977 /* ARGSUSED */
978 static int
get_mechanism_list(dev_t dev,caddr_t arg,int mode,int * rval)979 get_mechanism_list(dev_t dev, caddr_t arg, int mode, int *rval)
980 {
981 STRUCT_DECL(crypto_get_mechanism_list, get_list);
982 crypto_mech_name_t *entries;
983 size_t copyout_size;
984 uint_t req_count;
985 uint_t count;
986 ulong_t offset;
987 int error = 0;
988
989 STRUCT_INIT(get_list, mode);
990
991 if (copyin(arg, STRUCT_BUF(get_list), STRUCT_SIZE(get_list)) != 0) {
992 return (EFAULT);
993 }
994
995 entries = crypto_get_mech_list(&count, KM_SLEEP);
996
997 /* Number of entries caller thinks we have */
998 req_count = STRUCT_FGET(get_list, ml_count);
999
1000 STRUCT_FSET(get_list, ml_count, count);
1001 STRUCT_FSET(get_list, ml_return_value, CRYPTO_SUCCESS);
1002
1003 /* check if buffer is too small */
1004 if (count > req_count) {
1005 STRUCT_FSET(get_list, ml_return_value, CRYPTO_BUFFER_TOO_SMALL);
1006 }
1007
1008 /* copyout the first stuff */
1009 if (copyout(STRUCT_BUF(get_list), arg, STRUCT_SIZE(get_list)) != 0) {
1010 error = EFAULT;
1011 }
1012
1013 /*
1014 * If only requesting number of entries or buffer too small or an
1015 * error occurred, stop here
1016 */
1017 if (req_count == 0 || count > req_count || error != 0) {
1018 goto out;
1019 }
1020
1021 copyout_size = count * sizeof (crypto_mech_name_t);
1022
1023 /* copyout entries */
1024 offset = (ulong_t)STRUCT_FADDR(get_list, ml_list);
1025 offset -= (ulong_t)STRUCT_BUF(get_list);
1026 if (copyout(entries, arg + offset, copyout_size) != 0) {
1027 error = EFAULT;
1028 }
1029
1030 out:
1031 crypto_free_mech_list(entries, count);
1032 return (error);
1033 }
1034
1035 /*
1036 * Copyout kernel array of mech_infos to user space.
1037 */
1038 /* ARGSUSED */
1039 static int
copyout_mechinfos(int mode,caddr_t out,uint_t count,crypto_mechanism_info_t * k_minfos,caddr_t u_minfos)1040 copyout_mechinfos(int mode, caddr_t out, uint_t count,
1041 crypto_mechanism_info_t *k_minfos, caddr_t u_minfos)
1042 {
1043 STRUCT_DECL(crypto_mechanism_info, mi);
1044 caddr_t p;
1045 size_t len;
1046 int i;
1047
1048 if (count == 0)
1049 return (0);
1050
1051 STRUCT_INIT(mi, mode);
1052
1053 len = count * STRUCT_SIZE(mi);
1054
1055 ASSERT(u_minfos != NULL);
1056 p = u_minfos;
1057 for (i = 0; i < count; i++) {
1058 STRUCT_FSET(mi, mi_min_key_size, k_minfos[i].mi_min_key_size);
1059 STRUCT_FSET(mi, mi_max_key_size, k_minfos[i].mi_max_key_size);
1060 STRUCT_FSET(mi, mi_keysize_unit, k_minfos[i].mi_keysize_unit);
1061 STRUCT_FSET(mi, mi_usage, k_minfos[i].mi_usage);
1062 bcopy(STRUCT_BUF(mi), p, STRUCT_SIZE(mi));
1063 p += STRUCT_SIZE(mi);
1064 }
1065
1066 if (copyout(u_minfos, out, len) != 0)
1067 return (EFAULT);
1068
1069 return (0);
1070 }
1071
1072 /*
1073 * This ioctl returns information for the specified mechanism.
1074 */
1075 /* ARGSUSED */
1076 static int
get_all_mechanism_info(dev_t dev,caddr_t arg,int mode,int * rval)1077 get_all_mechanism_info(dev_t dev, caddr_t arg, int mode, int *rval)
1078 {
1079 STRUCT_DECL(crypto_get_all_mechanism_info, get_all_mech);
1080 #ifdef _LP64
1081 STRUCT_DECL(crypto_mechanism_info, mi);
1082 #else
1083 /* LINTED E_FUNC_SET_NOT_USED */
1084 STRUCT_DECL(crypto_mechanism_info, mi);
1085 #endif
1086 crypto_mech_name_t mech_name;
1087 crypto_mech_type_t mech_type;
1088 crypto_mechanism_info_t *mech_infos = NULL;
1089 uint_t num_mech_infos = 0;
1090 uint_t req_count;
1091 caddr_t u_minfos;
1092 ulong_t offset;
1093 int error = 0;
1094 int rv;
1095
1096 STRUCT_INIT(get_all_mech, mode);
1097 STRUCT_INIT(mi, mode);
1098
1099 if (copyin(arg, STRUCT_BUF(get_all_mech),
1100 STRUCT_SIZE(get_all_mech)) != 0) {
1101 return (EFAULT);
1102 }
1103
1104 (void) strncpy(mech_name, STRUCT_FGET(get_all_mech, mi_mechanism_name),
1105 CRYPTO_MAX_MECH_NAME);
1106 mech_type = crypto_mech2id(mech_name);
1107
1108 if (mech_type == CRYPTO_MECH_INVALID) {
1109 rv = CRYPTO_ARGUMENTS_BAD;
1110 goto out1;
1111 }
1112
1113 rv = crypto_get_all_mech_info(mech_type, &mech_infos, &num_mech_infos,
1114 KM_SLEEP);
1115 if (rv != CRYPTO_SUCCESS) {
1116 goto out1;
1117 }
1118 /* rv is CRYPTO_SUCCESS at this point */
1119
1120 /* Number of entries caller thinks we have */
1121 req_count = STRUCT_FGET(get_all_mech, mi_count);
1122
1123 STRUCT_FSET(get_all_mech, mi_count, num_mech_infos);
1124
1125 /* check if buffer is too small */
1126 if (num_mech_infos > req_count) {
1127 rv = CRYPTO_BUFFER_TOO_SMALL;
1128 }
1129
1130 out1:
1131 STRUCT_FSET(get_all_mech, mi_return_value, rv);
1132
1133 /* copy the first part */
1134 if (copyout(STRUCT_BUF(get_all_mech), arg,
1135 STRUCT_SIZE(get_all_mech)) != 0) {
1136 error = EFAULT;
1137 }
1138
1139 /*
1140 * If only requesting number of entries, or there are no entries,
1141 * or rv is not CRYPTO_SUCCESS due to buffer too small or some other
1142 * crypto error, or an error occurred with copyout, stop here
1143 */
1144 if (req_count == 0 || num_mech_infos == 0 || rv != CRYPTO_SUCCESS ||
1145 error != 0) {
1146 goto out2;
1147 }
1148
1149 /* copyout mech_infos */
1150 offset = (ulong_t)STRUCT_FADDR(get_all_mech, mi_list);
1151 offset -= (ulong_t)STRUCT_BUF(get_all_mech);
1152
1153 u_minfos = kmem_alloc(num_mech_infos * STRUCT_SIZE(mi), KM_SLEEP);
1154 error = copyout_mechinfos(mode, arg + offset, num_mech_infos,
1155 mech_infos, u_minfos);
1156 kmem_free(u_minfos, num_mech_infos * STRUCT_SIZE(mi));
1157 out2:
1158 if (mech_infos != NULL)
1159 crypto_free_all_mech_info(mech_infos, num_mech_infos);
1160 return (error);
1161 }
1162
1163 /*
1164 * Side-effects:
1165 * 1. This routine stores provider descriptor pointers in an array
1166 * and increments each descriptor's reference count. The array
1167 * is stored in per-minor number storage.
1168 * 2. Destroys the old array and creates a new one every time
1169 * this routine is called.
1170 */
1171 int
crypto_get_provider_list(crypto_minor_t * cm,uint_t * count,crypto_provider_entry_t ** array,boolean_t return_slot_list)1172 crypto_get_provider_list(crypto_minor_t *cm, uint_t *count,
1173 crypto_provider_entry_t **array, boolean_t return_slot_list)
1174 {
1175 kcf_provider_desc_t **provider_array;
1176 crypto_provider_entry_t *p = NULL;
1177 uint_t provider_count;
1178 int rval;
1179 int i;
1180
1181 /*
1182 * Take snapshot of provider table returning only HW entries
1183 * that are in a usable state. Also returns logical provider entries.
1184 */
1185 rval = kcf_get_slot_list(&provider_count, &provider_array, B_FALSE);
1186 if (rval != CRYPTO_SUCCESS)
1187 return (rval);
1188
1189 /* allocate memory before taking cm->cm_lock */
1190 if (return_slot_list) {
1191 if (provider_count != 0) {
1192 p = kmem_alloc(provider_count *
1193 sizeof (crypto_provider_entry_t), KM_SLEEP);
1194 for (i = 0; i < provider_count; i++) {
1195 p[i].pe_provider_id = i;
1196 p[i].pe_mechanism_count =
1197 provider_array[i]->pd_mech_list_count;
1198 }
1199 }
1200 *array = p;
1201 *count = provider_count;
1202 }
1203
1204 /*
1205 * Free existing array of providers and replace with new list.
1206 */
1207 mutex_enter(&cm->cm_lock);
1208 if (cm->cm_provider_array != NULL) {
1209 ASSERT(cm->cm_provider_count > 0);
1210 kcf_free_provider_tab(cm->cm_provider_count,
1211 cm->cm_provider_array);
1212 }
1213
1214 cm->cm_provider_array = provider_array;
1215 cm->cm_provider_count = provider_count;
1216 mutex_exit(&cm->cm_lock);
1217
1218 return (CRYPTO_SUCCESS);
1219 }
1220
1221 /*
1222 * This ioctl returns an array of crypto_provider_entry_t entries.
1223 * This is how consumers learn which hardware providers are available.
1224 */
1225 /* ARGSUSED */
1226 static int
get_provider_list(dev_t dev,caddr_t arg,int mode,int * rval)1227 get_provider_list(dev_t dev, caddr_t arg, int mode, int *rval)
1228 {
1229 STRUCT_DECL(crypto_get_provider_list, get_list);
1230 crypto_provider_entry_t *entries;
1231 crypto_minor_t *cm;
1232 size_t copyout_size;
1233 uint_t req_count;
1234 uint_t count;
1235 ulong_t offset;
1236 int rv;
1237
1238 STRUCT_INIT(get_list, mode);
1239
1240 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1241 cmn_err(CE_WARN, "get_provider_list: failed holding minor");
1242 return (ENXIO);
1243 }
1244
1245 if (copyin(arg, STRUCT_BUF(get_list), STRUCT_SIZE(get_list)) != 0) {
1246 crypto_release_minor(cm);
1247 return (EFAULT);
1248 }
1249
1250 rv = crypto_get_provider_list(cm, &count, &entries, RETURN_LIST);
1251 if (rv != CRYPTO_SUCCESS) {
1252 crypto_release_minor(cm);
1253 STRUCT_FSET(get_list, pl_return_value, rv);
1254 if (copyout(STRUCT_BUF(get_list), arg,
1255 STRUCT_SIZE(get_list)) != 0) {
1256 return (EFAULT);
1257 }
1258 return (0);
1259 }
1260 crypto_release_minor(cm);
1261
1262 /* Number of slots caller thinks we have */
1263 req_count = STRUCT_FGET(get_list, pl_count);
1264
1265 /* Check if only requesting number of slots */
1266 if (req_count == 0) {
1267
1268 STRUCT_FSET(get_list, pl_count, count);
1269 STRUCT_FSET(get_list, pl_return_value, CRYPTO_SUCCESS);
1270
1271 crypto_free_provider_list(entries, count);
1272 if (copyout(STRUCT_BUF(get_list), arg,
1273 STRUCT_SIZE(get_list)) != 0) {
1274 return (EFAULT);
1275 }
1276 return (0);
1277 }
1278
1279 /* check if buffer is too small */
1280 req_count = STRUCT_FGET(get_list, pl_count);
1281 if (count > req_count) {
1282 STRUCT_FSET(get_list, pl_count, count);
1283 STRUCT_FSET(get_list, pl_return_value, CRYPTO_BUFFER_TOO_SMALL);
1284 crypto_free_provider_list(entries, count);
1285 if (copyout(STRUCT_BUF(get_list), arg,
1286 STRUCT_SIZE(get_list)) != 0) {
1287 return (EFAULT);
1288 }
1289 return (0);
1290 }
1291
1292 STRUCT_FSET(get_list, pl_count, count);
1293 STRUCT_FSET(get_list, pl_return_value, CRYPTO_SUCCESS);
1294
1295 copyout_size = count * sizeof (crypto_provider_entry_t);
1296
1297 /* copyout the first stuff */
1298 if (copyout(STRUCT_BUF(get_list), arg, STRUCT_SIZE(get_list)) != 0) {
1299 crypto_free_provider_list(entries, count);
1300 return (EFAULT);
1301 }
1302
1303 if (count == 0) {
1304 crypto_free_provider_list(entries, count);
1305 return (0);
1306 }
1307
1308 /* copyout entries */
1309 offset = (ulong_t)STRUCT_FADDR(get_list, pl_list);
1310 offset -= (ulong_t)STRUCT_BUF(get_list);
1311 if (copyout(entries, arg + offset, copyout_size) != 0) {
1312 crypto_free_provider_list(entries, count);
1313 return (EFAULT);
1314 }
1315
1316 crypto_free_provider_list(entries, count);
1317 return (0);
1318 }
1319
1320 static void
ext_to_provider_data(int mode,kcf_provider_desc_t * provider,crypto_provider_ext_info_t * ei,void * out)1321 ext_to_provider_data(int mode, kcf_provider_desc_t *provider,
1322 crypto_provider_ext_info_t *ei, void *out)
1323 {
1324 STRUCT_DECL(crypto_provider_data, pd);
1325 STRUCT_DECL(crypto_version, version);
1326
1327 STRUCT_INIT(pd, mode);
1328 STRUCT_INIT(version, mode);
1329
1330 bcopy(provider->pd_description, STRUCT_FGET(pd, pd_prov_desc),
1331 CRYPTO_PROVIDER_DESCR_MAX_LEN);
1332
1333 bcopy(ei->ei_label, STRUCT_FGET(pd, pd_label), CRYPTO_EXT_SIZE_LABEL);
1334 bcopy(ei->ei_manufacturerID, STRUCT_FGET(pd, pd_manufacturerID),
1335 CRYPTO_EXT_SIZE_MANUF);
1336 bcopy(ei->ei_model, STRUCT_FGET(pd, pd_model), CRYPTO_EXT_SIZE_MODEL);
1337 bcopy(ei->ei_serial_number, STRUCT_FGET(pd, pd_serial_number),
1338 CRYPTO_EXT_SIZE_SERIAL);
1339 /*
1340 * We do not support ioctls for dual-function crypto operations yet.
1341 * So, we clear this flag as it might have been set by a provider.
1342 */
1343 ei->ei_flags &= ~CRYPTO_EXTF_DUAL_CRYPTO_OPERATIONS;
1344
1345 STRUCT_FSET(pd, pd_flags, ei->ei_flags);
1346 STRUCT_FSET(pd, pd_max_session_count, ei->ei_max_session_count);
1347 STRUCT_FSET(pd, pd_session_count, (int)CRYPTO_UNAVAILABLE_INFO);
1348 STRUCT_FSET(pd, pd_max_rw_session_count, ei->ei_max_session_count);
1349 STRUCT_FSET(pd, pd_rw_session_count, (int)CRYPTO_UNAVAILABLE_INFO);
1350 STRUCT_FSET(pd, pd_max_pin_len, ei->ei_max_pin_len);
1351 STRUCT_FSET(pd, pd_min_pin_len, ei->ei_min_pin_len);
1352 STRUCT_FSET(pd, pd_total_public_memory, ei->ei_total_public_memory);
1353 STRUCT_FSET(pd, pd_free_public_memory, ei->ei_free_public_memory);
1354 STRUCT_FSET(pd, pd_total_private_memory, ei->ei_total_private_memory);
1355 STRUCT_FSET(pd, pd_free_private_memory, ei->ei_free_private_memory);
1356 STRUCT_FSET(version, cv_major, ei->ei_hardware_version.cv_major);
1357 STRUCT_FSET(version, cv_minor, ei->ei_hardware_version.cv_minor);
1358 bcopy(STRUCT_BUF(version), STRUCT_FADDR(pd, pd_hardware_version),
1359 STRUCT_SIZE(version));
1360 STRUCT_FSET(version, cv_major, ei->ei_firmware_version.cv_major);
1361 STRUCT_FSET(version, cv_minor, ei->ei_firmware_version.cv_minor);
1362 bcopy(STRUCT_BUF(version), STRUCT_FADDR(pd, pd_firmware_version),
1363 STRUCT_SIZE(version));
1364 bcopy(ei->ei_time, STRUCT_FGET(pd, pd_time), CRYPTO_EXT_SIZE_TIME);
1365 bcopy(STRUCT_BUF(pd), out, STRUCT_SIZE(pd));
1366 }
1367
1368 /*
1369 * Utility routine to construct a crypto_provider_ext_info structure. Some
1370 * of the fields are constructed from information in the provider structure.
1371 * The rest of the fields have default values. We need to do this for
1372 * providers which do not support crypto_provider_management_ops routines.
1373 */
1374 static void
fabricate_ext_info(kcf_provider_desc_t * provider,crypto_provider_ext_info_t * ei)1375 fabricate_ext_info(kcf_provider_desc_t *provider,
1376 crypto_provider_ext_info_t *ei)
1377 {
1378 /* empty label */
1379 (void) memset(ei->ei_label, ' ', CRYPTO_EXT_SIZE_LABEL);
1380
1381 (void) memset(ei->ei_manufacturerID, ' ', CRYPTO_EXT_SIZE_MANUF);
1382 (void) strncpy((char *)ei->ei_manufacturerID, "Unknown", 7);
1383
1384 (void) memset(ei->ei_model, ' ', CRYPTO_EXT_SIZE_MODEL);
1385 (void) strncpy((char *)ei->ei_model, "Unknown", 7);
1386
1387 (void) memset(ei->ei_serial_number, ' ', CRYPTO_EXT_SIZE_SERIAL);
1388 (void) strncpy((char *)ei->ei_serial_number, "Unknown", 7);
1389
1390 if (KCF_PROV_RANDOM_OPS(provider) != NULL)
1391 ei->ei_flags |= CRYPTO_EXTF_RNG;
1392 if (KCF_PROV_DUAL_OPS(provider) != NULL)
1393 ei->ei_flags |= CRYPTO_EXTF_DUAL_CRYPTO_OPERATIONS;
1394
1395 ei->ei_max_session_count = CRYPTO_UNAVAILABLE_INFO;
1396 ei->ei_max_pin_len = 0;
1397 ei->ei_min_pin_len = 0;
1398 ei->ei_total_public_memory = CRYPTO_UNAVAILABLE_INFO;
1399 ei->ei_free_public_memory = CRYPTO_UNAVAILABLE_INFO;
1400 ei->ei_total_private_memory = CRYPTO_UNAVAILABLE_INFO;
1401 ei->ei_free_private_memory = CRYPTO_UNAVAILABLE_INFO;
1402 ei->ei_hardware_version.cv_major = 1;
1403 ei->ei_hardware_version.cv_minor = 0;
1404 ei->ei_firmware_version.cv_major = 1;
1405 ei->ei_firmware_version.cv_minor = 0;
1406 }
1407
1408 /* ARGSUSED */
1409 static int
get_provider_info(dev_t dev,caddr_t arg,int mode,int * rval)1410 get_provider_info(dev_t dev, caddr_t arg, int mode, int *rval)
1411 {
1412 STRUCT_DECL(crypto_get_provider_info, get_info);
1413 crypto_minor_t *cm;
1414 crypto_provider_id_t provider_id;
1415 kcf_provider_desc_t *provider, *real_provider;
1416 crypto_provider_ext_info_t *ext_info = NULL;
1417 size_t need;
1418 int error = 0;
1419 int rv;
1420 kcf_req_params_t params;
1421
1422 STRUCT_INIT(get_info, mode);
1423
1424 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1425 cmn_err(CE_WARN, "get_provider_info: failed holding minor");
1426 return (ENXIO);
1427 }
1428
1429 if (copyin(arg, STRUCT_BUF(get_info), STRUCT_SIZE(get_info)) != 0) {
1430 crypto_release_minor(cm);
1431 return (EFAULT);
1432 }
1433
1434 need = sizeof (crypto_provider_ext_info_t);
1435 if ((rv = crypto_buffer_check(need)) != CRYPTO_SUCCESS) {
1436 need = 0;
1437 goto release_minor;
1438 }
1439
1440 /* initialize provider_array */
1441 if (cm->cm_provider_array == NULL) {
1442 rv = crypto_get_provider_list(cm, NULL, NULL, DONT_RETURN_LIST);
1443 if (rv != CRYPTO_SUCCESS) {
1444 goto release_minor;
1445 }
1446 }
1447
1448 ext_info = kmem_zalloc(need, KM_SLEEP);
1449
1450 provider_id = STRUCT_FGET(get_info, gi_provider_id);
1451 mutex_enter(&cm->cm_lock);
1452 /* index must be less than count of providers */
1453 if (provider_id >= cm->cm_provider_count) {
1454 mutex_exit(&cm->cm_lock);
1455 rv = CRYPTO_ARGUMENTS_BAD;
1456 goto release_minor;
1457 }
1458
1459 ASSERT(cm->cm_provider_array != NULL);
1460 provider = cm->cm_provider_array[provider_id];
1461 KCF_PROV_REFHOLD(provider);
1462 mutex_exit(&cm->cm_lock);
1463
1464 (void) kcf_get_hardware_provider_nomech(
1465 CRYPTO_OPS_OFFSET(provider_ops), CRYPTO_PROVIDER_OFFSET(ext_info),
1466 provider, &real_provider);
1467
1468 if (real_provider != NULL) {
1469 ASSERT(real_provider == provider ||
1470 provider->pd_prov_type == CRYPTO_LOGICAL_PROVIDER);
1471 KCF_WRAP_PROVMGMT_OPS_PARAMS(¶ms, KCF_OP_MGMT_EXTINFO,
1472 0, NULL, 0, NULL, 0, NULL, ext_info, provider);
1473 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms,
1474 B_FALSE);
1475 ASSERT(rv != CRYPTO_NOT_SUPPORTED);
1476 KCF_PROV_REFRELE(real_provider);
1477 } else {
1478 /* do the best we can */
1479 fabricate_ext_info(provider, ext_info);
1480 rv = CRYPTO_SUCCESS;
1481 }
1482 KCF_PROV_REFRELE(provider);
1483
1484 if (rv == CRYPTO_SUCCESS) {
1485 ext_to_provider_data(mode, provider, ext_info,
1486 STRUCT_FADDR(get_info, gi_provider_data));
1487 }
1488
1489 release_minor:
1490 CRYPTO_DECREMENT_RCTL(need);
1491 crypto_release_minor(cm);
1492
1493 if (ext_info != NULL)
1494 kmem_free(ext_info, sizeof (crypto_provider_ext_info_t));
1495
1496 if (error != 0)
1497 return (error);
1498
1499 STRUCT_FSET(get_info, gi_return_value, rv);
1500 if (copyout(STRUCT_BUF(get_info), arg, STRUCT_SIZE(get_info)) != 0) {
1501 return (EFAULT);
1502 }
1503 return (0);
1504 }
1505
1506 /*
1507 * This ioctl returns an array of crypto_mech_name_t entries.
1508 * This is how consumers learn which mechanisms are permitted
1509 * by a provider.
1510 */
1511 /* ARGSUSED */
1512 static int
get_provider_mechanisms(dev_t dev,caddr_t arg,int mode,int * rval)1513 get_provider_mechanisms(dev_t dev, caddr_t arg, int mode, int *rval)
1514 {
1515 STRUCT_DECL(crypto_get_provider_mechanisms, get_mechanisms);
1516 crypto_mech_name_t *entries;
1517 crypto_minor_t *cm;
1518 size_t copyout_size;
1519 uint_t req_count;
1520 uint_t count;
1521 ulong_t offset;
1522 int err;
1523
1524 STRUCT_INIT(get_mechanisms, mode);
1525
1526 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1527 cmn_err(CE_WARN,
1528 "get_provider_mechanisms: failed holding minor");
1529 return (ENXIO);
1530 }
1531
1532 if (copyin(arg, STRUCT_BUF(get_mechanisms),
1533 STRUCT_SIZE(get_mechanisms)) != 0) {
1534 crypto_release_minor(cm);
1535 return (EFAULT);
1536 }
1537
1538 /* get array of mechanisms from the core module */
1539 if ((err = crypto_get_provider_mechanisms(cm,
1540 STRUCT_FGET(get_mechanisms, pm_provider_id),
1541 &count, &entries)) != 0) {
1542 crypto_release_minor(cm);
1543 STRUCT_FSET(get_mechanisms, pm_return_value, err);
1544 if (copyout(STRUCT_BUF(get_mechanisms), arg,
1545 STRUCT_SIZE(get_mechanisms)) != 0) {
1546 return (EFAULT);
1547 }
1548 return (0);
1549 }
1550 crypto_release_minor(cm);
1551 /* Number of mechs caller thinks we have */
1552 req_count = STRUCT_FGET(get_mechanisms, pm_count);
1553
1554 /* Check if caller is just requesting a count of mechanisms */
1555 if (req_count == 0) {
1556 STRUCT_FSET(get_mechanisms, pm_count, count);
1557 STRUCT_FSET(get_mechanisms, pm_return_value, CRYPTO_SUCCESS);
1558
1559 crypto_free_mech_list(entries, count);
1560 if (copyout(STRUCT_BUF(get_mechanisms), arg,
1561 STRUCT_SIZE(get_mechanisms)) != 0) {
1562 return (EFAULT);
1563 }
1564 return (0);
1565 }
1566
1567 /* check if buffer is too small */
1568 if (count > req_count) {
1569 STRUCT_FSET(get_mechanisms, pm_count, count);
1570 STRUCT_FSET(get_mechanisms, pm_return_value,
1571 CRYPTO_BUFFER_TOO_SMALL);
1572 crypto_free_mech_list(entries, count);
1573 if (copyout(STRUCT_BUF(get_mechanisms), arg,
1574 STRUCT_SIZE(get_mechanisms)) != 0) {
1575 return (EFAULT);
1576 }
1577 return (0);
1578 }
1579
1580 STRUCT_FSET(get_mechanisms, pm_count, count);
1581 STRUCT_FSET(get_mechanisms, pm_return_value, CRYPTO_SUCCESS);
1582
1583 copyout_size = count * sizeof (crypto_mech_name_t);
1584
1585 /* copyout the first stuff */
1586 if (copyout(STRUCT_BUF(get_mechanisms), arg,
1587 STRUCT_SIZE(get_mechanisms)) != 0) {
1588 crypto_free_mech_list(entries, count);
1589 return (EFAULT);
1590 }
1591
1592 if (count == 0) {
1593 return (0);
1594 }
1595
1596 /* copyout entries */
1597 offset = (ulong_t)STRUCT_FADDR(get_mechanisms, pm_list);
1598 offset -= (ulong_t)STRUCT_BUF(get_mechanisms);
1599 if (copyout(entries, arg + offset, copyout_size) != 0) {
1600 crypto_free_mech_list(entries, count);
1601 return (EFAULT);
1602 }
1603
1604 crypto_free_mech_list(entries, count);
1605 return (0);
1606 }
1607
1608 /*
1609 * This ioctl returns information about a provider's mechanism.
1610 */
1611 /* ARGSUSED */
1612 static int
get_provider_mechanism_info(dev_t dev,caddr_t arg,int mode,int * rval)1613 get_provider_mechanism_info(dev_t dev, caddr_t arg, int mode, int *rval)
1614 {
1615 crypto_get_provider_mechanism_info_t mechanism_info;
1616 crypto_minor_t *cm;
1617 kcf_provider_desc_t *pd;
1618 crypto_mech_info_t *mi = NULL;
1619 int rv = CRYPTO_SUCCESS;
1620 int i;
1621
1622 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1623 cmn_err(CE_WARN,
1624 "get_provider_mechanism_info: failed holding minor");
1625 return (ENXIO);
1626 }
1627
1628 if (copyin(arg, &mechanism_info, sizeof (mechanism_info)) != 0) {
1629 crypto_release_minor(cm);
1630 return (EFAULT);
1631 }
1632
1633 /* initialize provider table */
1634 if (cm->cm_provider_array == NULL) {
1635 rv = crypto_get_provider_list(cm, NULL, NULL, DONT_RETURN_LIST);
1636 if (rv != CRYPTO_SUCCESS) {
1637 mutex_enter(&cm->cm_lock);
1638 goto fail;
1639 }
1640 }
1641
1642 /*
1643 * Provider ID must be less than the count of providers
1644 * obtained by calling get_provider_list().
1645 */
1646 mutex_enter(&cm->cm_lock);
1647 if (mechanism_info.mi_provider_id >= cm->cm_provider_count) {
1648 rv = CRYPTO_ARGUMENTS_BAD;
1649 goto fail;
1650 }
1651
1652 pd = cm->cm_provider_array[mechanism_info.mi_provider_id];
1653
1654 /* First check if the provider supports the mechanism. */
1655 for (i = 0; i < pd->pd_mech_list_count; i++) {
1656 if (strncmp(pd->pd_mechanisms[i].cm_mech_name,
1657 mechanism_info.mi_mechanism_name,
1658 CRYPTO_MAX_MECH_NAME) == 0) {
1659 mi = &pd->pd_mechanisms[i];
1660 break;
1661 }
1662 }
1663
1664 if (mi == NULL) {
1665 rv = CRYPTO_ARGUMENTS_BAD;
1666 goto fail;
1667 }
1668
1669 /* Now check if the mechanism is enabled for the provider. */
1670 if (is_mech_disabled(pd, mechanism_info.mi_mechanism_name)) {
1671 rv = CRYPTO_MECHANISM_INVALID;
1672 goto fail;
1673 }
1674
1675 mechanism_info.mi_min_key_size = mi->cm_min_key_length;
1676 mechanism_info.mi_max_key_size = mi->cm_max_key_length;
1677 mechanism_info.mi_flags = mi->cm_func_group_mask;
1678
1679 fail:
1680 mutex_exit(&cm->cm_lock);
1681 crypto_release_minor(cm);
1682 mechanism_info.mi_return_value = rv;
1683 if (copyout(&mechanism_info, arg, sizeof (mechanism_info)) != 0) {
1684 return (EFAULT);
1685 }
1686
1687 return (0);
1688 }
1689
1690 /*
1691 * Every open of /dev/crypto multiplexes all PKCS#11 sessions across
1692 * a single session to each provider. Calls to open and close session
1693 * are not made to providers that do not support sessions. For these
1694 * providers, a session number of 0 is passed during subsequent operations,
1695 * and it is ignored by the provider.
1696 */
1697 static int
crypto_get_provider_session(crypto_minor_t * cm,crypto_provider_id_t provider_index,crypto_provider_session_t ** output_ps)1698 crypto_get_provider_session(crypto_minor_t *cm,
1699 crypto_provider_id_t provider_index, crypto_provider_session_t **output_ps)
1700 {
1701 kcf_provider_desc_t *pd, *real_provider;
1702 kcf_req_params_t params;
1703 crypto_provider_session_t *ps, *new_ps;
1704 crypto_session_id_t provider_session_id = 0;
1705 int rv;
1706
1707 ASSERT(MUTEX_HELD(&cm->cm_lock));
1708
1709 /* pd may be a logical provider */
1710 pd = cm->cm_provider_array[provider_index];
1711
1712 again:
1713 /*
1714 * Check if there is already a session to the provider.
1715 * Sessions may be to a logical provider or a real provider.
1716 */
1717 for (ps = cm->cm_provider_session; ps != NULL; ps = ps->ps_next) {
1718 if (ps->ps_provider == pd)
1719 break;
1720 }
1721
1722 /* found existing session */
1723 if (ps != NULL) {
1724 ps->ps_refcnt++;
1725 *output_ps = ps;
1726 return (CRYPTO_SUCCESS);
1727 }
1728 mutex_exit(&cm->cm_lock);
1729
1730 /* find a hardware provider that supports session ops */
1731 (void) kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET(session_ops),
1732 CRYPTO_SESSION_OFFSET(session_open), pd, &real_provider);
1733
1734 if (real_provider != NULL) {
1735 ASSERT(real_provider == pd ||
1736 pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER);
1737 /* open session to provider */
1738 KCF_WRAP_SESSION_OPS_PARAMS(¶ms, KCF_OP_SESSION_OPEN,
1739 &provider_session_id, 0, CRYPTO_USER, NULL, 0, pd);
1740 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms,
1741 B_FALSE);
1742 if (rv != CRYPTO_SUCCESS) {
1743 mutex_enter(&cm->cm_lock);
1744 KCF_PROV_REFRELE(real_provider);
1745 return (rv);
1746 }
1747 }
1748
1749 /* allocate crypto_provider_session structure */
1750 new_ps = kmem_zalloc(sizeof (crypto_provider_session_t), KM_SLEEP);
1751
1752 /*
1753 * Check if someone opened a session to the provider
1754 * while we dropped the lock.
1755 */
1756 mutex_enter(&cm->cm_lock);
1757 for (ps = cm->cm_provider_session; ps != NULL; ps = ps->ps_next) {
1758 if (ps->ps_provider == pd) {
1759 mutex_exit(&cm->cm_lock);
1760 kmem_free(new_ps, sizeof (crypto_provider_session_t));
1761 if (real_provider != NULL) {
1762 KCF_WRAP_SESSION_OPS_PARAMS(¶ms,
1763 KCF_OP_SESSION_CLOSE, NULL,
1764 provider_session_id, CRYPTO_USER, NULL, 0,
1765 pd);
1766 (void) kcf_submit_request(real_provider, NULL,
1767 NULL, ¶ms, B_FALSE);
1768 KCF_PROV_REFRELE(real_provider);
1769 }
1770 mutex_enter(&cm->cm_lock);
1771 goto again;
1772
1773 }
1774 }
1775
1776 /* increment refcnt and attach to crypto_minor structure */
1777 new_ps->ps_session = provider_session_id;
1778 new_ps->ps_refcnt = 1;
1779 KCF_PROV_REFHOLD(pd);
1780 new_ps->ps_provider = pd;
1781 if (real_provider != NULL) {
1782 new_ps->ps_real_provider = real_provider;
1783 }
1784 new_ps->ps_next = cm->cm_provider_session;
1785 cm->cm_provider_session = new_ps;
1786
1787 *output_ps = new_ps;
1788 return (CRYPTO_SUCCESS);
1789 }
1790
1791 /*
1792 * Release a provider session.
1793 * If the reference count goes to zero, then close the session
1794 * to the provider.
1795 */
1796 static void
crypto_release_provider_session(crypto_minor_t * cm,crypto_provider_session_t * provider_session)1797 crypto_release_provider_session(crypto_minor_t *cm,
1798 crypto_provider_session_t *provider_session)
1799 {
1800 kcf_req_params_t params;
1801 crypto_provider_session_t *ps = NULL, **prev;
1802
1803 ASSERT(MUTEX_HELD(&cm->cm_lock));
1804
1805 /* verify that provider_session is valid */
1806 for (ps = cm->cm_provider_session, prev = &cm->cm_provider_session;
1807 ps != NULL; prev = &ps->ps_next, ps = ps->ps_next) {
1808 if (ps == provider_session) {
1809 break;
1810 }
1811 }
1812
1813 if (ps == NULL)
1814 return;
1815
1816 ps->ps_refcnt--;
1817
1818 if (ps->ps_refcnt > 0)
1819 return;
1820
1821 if (ps->ps_real_provider != NULL) {
1822 /* close session with provider */
1823 KCF_WRAP_SESSION_OPS_PARAMS(¶ms, KCF_OP_SESSION_CLOSE, NULL,
1824 ps->ps_session, CRYPTO_USER, NULL, 0, ps->ps_provider);
1825 (void) kcf_submit_request(ps->ps_real_provider,
1826 NULL, NULL, ¶ms, B_FALSE);
1827 KCF_PROV_REFRELE(ps->ps_real_provider);
1828 }
1829 KCF_PROV_REFRELE(ps->ps_provider);
1830 *prev = ps->ps_next;
1831 kmem_free(ps, sizeof (*ps));
1832 }
1833
1834 static int
grow_session_table(crypto_minor_t * cm)1835 grow_session_table(crypto_minor_t *cm)
1836 {
1837 crypto_session_data_t **session_table;
1838 crypto_session_data_t **new;
1839 uint_t session_table_count;
1840 uint_t need;
1841 size_t current_allocation;
1842 size_t new_allocation;
1843 int rv;
1844
1845 ASSERT(MUTEX_HELD(&cm->cm_lock));
1846
1847 session_table_count = cm->cm_session_table_count;
1848 session_table = cm->cm_session_table;
1849 need = session_table_count + CRYPTO_SESSION_CHUNK;
1850
1851 current_allocation = session_table_count * sizeof (void *);
1852 new_allocation = need * sizeof (void *);
1853
1854 /*
1855 * Memory needed to grow the session table is checked
1856 * against the project.max-crypto-memory resource control.
1857 */
1858 if ((rv = crypto_buffer_check(new_allocation - current_allocation)) !=
1859 CRYPTO_SUCCESS) {
1860 return (rv);
1861 }
1862
1863 /* drop lock while we allocate memory */
1864 mutex_exit(&cm->cm_lock);
1865 new = kmem_zalloc(new_allocation, KM_SLEEP);
1866 mutex_enter(&cm->cm_lock);
1867
1868 /* check if another thread increased the table size */
1869 if (session_table_count != cm->cm_session_table_count) {
1870 kmem_free(new, new_allocation);
1871 return (CRYPTO_SUCCESS);
1872 }
1873
1874 bcopy(session_table, new, current_allocation);
1875 kmem_free(session_table, current_allocation);
1876 cm->cm_session_table = new;
1877 cm->cm_session_table_count += CRYPTO_SESSION_CHUNK;
1878
1879 return (CRYPTO_SUCCESS);
1880 }
1881
1882 /*
1883 * Find unused entry in session table and return it's index.
1884 * Initialize session table entry.
1885 */
1886 /* ARGSUSED */
1887 static int
crypto_open_session(dev_t dev,uint_t flags,crypto_session_id_t * session_index,crypto_provider_id_t provider_id)1888 crypto_open_session(dev_t dev, uint_t flags, crypto_session_id_t *session_index,
1889 crypto_provider_id_t provider_id)
1890 {
1891 crypto_session_data_t **session_table;
1892 crypto_session_data_t *sp;
1893 crypto_minor_t *cm;
1894 uint_t session_table_count;
1895 uint_t i;
1896 int rv;
1897 crypto_provider_session_t *ps;
1898 kcf_provider_desc_t *provider;
1899
1900 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1901 cmn_err(CE_WARN, "crypto_open_session: failed holding minor");
1902 return (CRYPTO_FAILED);
1903 }
1904
1905 /* initialize provider_array */
1906 if (cm->cm_provider_array == NULL) {
1907 rv = crypto_get_provider_list(cm, NULL, NULL, DONT_RETURN_LIST);
1908 if (rv != 0) {
1909 crypto_release_minor(cm);
1910 return (rv);
1911 }
1912 }
1913
1914 mutex_enter(&cm->cm_lock);
1915 /* index must be less than count of providers */
1916 if (provider_id >= cm->cm_provider_count) {
1917 mutex_exit(&cm->cm_lock);
1918 crypto_release_minor(cm);
1919 return (CRYPTO_INVALID_PROVIDER_ID);
1920 }
1921 ASSERT(cm->cm_provider_array != NULL);
1922
1923 rv = crypto_get_provider_session(cm, provider_id, &ps);
1924 if (rv != CRYPTO_SUCCESS) {
1925 mutex_exit(&cm->cm_lock);
1926 crypto_release_minor(cm);
1927 return (rv);
1928 }
1929 provider = cm->cm_provider_array[provider_id];
1930
1931 again:
1932 session_table_count = cm->cm_session_table_count;
1933 session_table = cm->cm_session_table;
1934
1935 /* session handles start with 1 */
1936 for (i = 1; i < session_table_count; i++) {
1937 if (session_table[i] == NULL)
1938 break;
1939 }
1940
1941 if (i == session_table_count || session_table_count == 0) {
1942 if ((rv = grow_session_table(cm)) != CRYPTO_SUCCESS) {
1943 crypto_release_provider_session(cm, ps);
1944 mutex_exit(&cm->cm_lock);
1945 crypto_release_minor(cm);
1946 return (rv);
1947 }
1948 goto again;
1949 }
1950
1951 sp = kmem_cache_alloc(crypto_session_cache, KM_SLEEP);
1952 sp->sd_flags = 0;
1953 sp->sd_find_init_cookie = NULL;
1954 sp->sd_digest_ctx = NULL;
1955 sp->sd_encr_ctx = NULL;
1956 sp->sd_decr_ctx = NULL;
1957 sp->sd_sign_ctx = NULL;
1958 sp->sd_verify_ctx = NULL;
1959 sp->sd_sign_recover_ctx = NULL;
1960 sp->sd_verify_recover_ctx = NULL;
1961 mutex_init(&sp->sd_lock, NULL, MUTEX_DRIVER, NULL);
1962 cv_init(&sp->sd_cv, NULL, CV_DRIVER, NULL);
1963 KCF_PROV_REFHOLD(provider);
1964 sp->sd_provider = provider;
1965 sp->sd_provider_session = ps;
1966
1967 /* See the comment for CRYPTO_PRE_APPROVED_LIMIT. */
1968 if ((rv = crypto_buffer_check(crypto_pre_approved_limit)) !=
1969 CRYPTO_SUCCESS) {
1970 sp->sd_pre_approved_amount = 0;
1971 } else {
1972 sp->sd_pre_approved_amount = (int)crypto_pre_approved_limit;
1973 }
1974
1975 cm->cm_session_table[i] = sp;
1976 mutex_exit(&cm->cm_lock);
1977 crypto_release_minor(cm);
1978 *session_index = i;
1979
1980 return (CRYPTO_SUCCESS);
1981 }
1982
1983 /*
1984 * Close a session.
1985 */
1986 static int
crypto_close_session(dev_t dev,crypto_session_id_t session_index)1987 crypto_close_session(dev_t dev, crypto_session_id_t session_index)
1988 {
1989 crypto_session_data_t **session_table;
1990 crypto_session_data_t *sp;
1991 crypto_minor_t *cm;
1992
1993 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1994 cmn_err(CE_WARN, "crypto_close_session: failed holding minor");
1995 return (CRYPTO_FAILED);
1996 }
1997
1998 mutex_enter(&cm->cm_lock);
1999 session_table = cm->cm_session_table;
2000
2001 if ((session_index) == 0 ||
2002 (session_index >= cm->cm_session_table_count)) {
2003 mutex_exit(&cm->cm_lock);
2004 crypto_release_minor(cm);
2005 return (CRYPTO_SESSION_HANDLE_INVALID);
2006 }
2007
2008 sp = session_table[session_index];
2009 if (sp == NULL) {
2010 mutex_exit(&cm->cm_lock);
2011 crypto_release_minor(cm);
2012 return (CRYPTO_SESSION_HANDLE_INVALID);
2013 }
2014 /*
2015 * If session is in use, free it when the thread
2016 * finishes with the session.
2017 */
2018 mutex_enter(&sp->sd_lock);
2019 if (sp->sd_flags & CRYPTO_SESSION_IS_BUSY) {
2020 sp->sd_flags |= CRYPTO_SESSION_IS_CLOSED;
2021 mutex_exit(&sp->sd_lock);
2022 } else {
2023 ASSERT(sp->sd_pre_approved_amount == 0 ||
2024 sp->sd_pre_approved_amount == crypto_pre_approved_limit);
2025 CRYPTO_DECREMENT_RCTL(sp->sd_pre_approved_amount);
2026
2027 if (sp->sd_find_init_cookie != NULL) {
2028 (void) crypto_free_find_ctx(sp);
2029 }
2030
2031 crypto_release_provider_session(cm, sp->sd_provider_session);
2032 KCF_PROV_REFRELE(sp->sd_provider);
2033 CRYPTO_CANCEL_ALL_CTX(sp);
2034 mutex_destroy(&sp->sd_lock);
2035 cv_destroy(&sp->sd_cv);
2036 kmem_cache_free(crypto_session_cache, sp);
2037 session_table[session_index] = NULL;
2038 }
2039
2040 mutex_exit(&cm->cm_lock);
2041 crypto_release_minor(cm);
2042
2043 return (CRYPTO_SUCCESS);
2044 }
2045
2046 /*
2047 * This ioctl opens a session and returns the session ID in os_session.
2048 */
2049 /* ARGSUSED */
2050 static int
open_session(dev_t dev,caddr_t arg,int mode,int * rval)2051 open_session(dev_t dev, caddr_t arg, int mode, int *rval)
2052 {
2053 crypto_open_session_t open_session;
2054 crypto_session_id_t session;
2055 int rv;
2056
2057 if (copyin(arg, &open_session, sizeof (open_session)) != 0)
2058 return (EFAULT);
2059
2060 rv = crypto_open_session(dev, open_session.os_flags,
2061 &session, open_session.os_provider_id);
2062 if (rv != CRYPTO_SUCCESS) {
2063 open_session.os_return_value = rv;
2064 if (copyout(&open_session, arg, sizeof (open_session)) != 0) {
2065 return (EFAULT);
2066 }
2067 return (0);
2068 }
2069
2070 open_session.os_session = session;
2071 open_session.os_return_value = CRYPTO_SUCCESS;
2072
2073 if (copyout(&open_session, arg, sizeof (open_session)) != 0) {
2074 return (EFAULT);
2075 }
2076 return (0);
2077 }
2078
2079 /*
2080 * This ioctl closes a session.
2081 */
2082 /* ARGSUSED */
2083 static int
close_session(dev_t dev,caddr_t arg,int mode,int * rval)2084 close_session(dev_t dev, caddr_t arg, int mode, int *rval)
2085 {
2086 crypto_close_session_t close_session;
2087 int rv;
2088
2089 if (copyin(arg, &close_session, sizeof (close_session)) != 0)
2090 return (EFAULT);
2091
2092 rv = crypto_close_session(dev, close_session.cs_session);
2093 close_session.cs_return_value = rv;
2094 if (copyout(&close_session, arg, sizeof (close_session)) != 0) {
2095 return (EFAULT);
2096 }
2097 return (0);
2098 }
2099
2100 /*
2101 * Copy data model dependent mechanism structure into a kernel mechanism
2102 * structure. Allocate param storage if necessary.
2103 */
2104 static boolean_t
copyin_mech(int mode,crypto_session_data_t * sp,crypto_mechanism_t * in_mech,crypto_mechanism_t * out_mech,size_t * out_rctl_bytes,boolean_t * out_rctl_chk,int * out_rv,int * out_error)2105 copyin_mech(int mode, crypto_session_data_t *sp, crypto_mechanism_t *in_mech,
2106 crypto_mechanism_t *out_mech, size_t *out_rctl_bytes,
2107 boolean_t *out_rctl_chk, int *out_rv, int *out_error)
2108 {
2109 STRUCT_DECL(crypto_mechanism, mech);
2110 caddr_t param;
2111 size_t param_len;
2112 size_t rctl_bytes = 0;
2113 int error = 0;
2114 int rv = 0;
2115
2116 STRUCT_INIT(mech, mode);
2117 bcopy(in_mech, STRUCT_BUF(mech), STRUCT_SIZE(mech));
2118 param = STRUCT_FGETP(mech, cm_param);
2119 param_len = STRUCT_FGET(mech, cm_param_len);
2120 out_mech->cm_type = STRUCT_FGET(mech, cm_type);
2121 out_mech->cm_param = NULL;
2122 out_mech->cm_param_len = 0;
2123 if (param != NULL && param_len != 0) {
2124 if (param_len > crypto_max_buffer_len) {
2125 cmn_err(CE_NOTE, "copyin_mech: buffer greater than "
2126 "%ld bytes, pid = %d", crypto_max_buffer_len,
2127 curproc->p_pid);
2128 rv = CRYPTO_ARGUMENTS_BAD;
2129 goto out;
2130 }
2131
2132 rv = CRYPTO_BUFFER_CHECK(sp, param_len, *out_rctl_chk);
2133 if (rv != CRYPTO_SUCCESS) {
2134 goto out;
2135 }
2136 rctl_bytes = param_len;
2137
2138 out_mech->cm_param = kmem_alloc(param_len, KM_SLEEP);
2139 if (copyin((char *)param, out_mech->cm_param, param_len) != 0) {
2140 kmem_free(out_mech->cm_param, param_len);
2141 out_mech->cm_param = NULL;
2142 error = EFAULT;
2143 goto out;
2144 }
2145 out_mech->cm_param_len = param_len;
2146 }
2147 out:
2148 *out_rctl_bytes = rctl_bytes;
2149 *out_rv = rv;
2150 *out_error = error;
2151 return ((rv | error) ? B_FALSE : B_TRUE);
2152 }
2153
2154 /*
2155 * Free key attributes when key type is CRYPTO_KEY_ATTR_LIST.
2156 * The crypto_key structure is not freed.
2157 */
2158 static void
crypto_free_key_attributes(crypto_key_t * key)2159 crypto_free_key_attributes(crypto_key_t *key)
2160 {
2161 crypto_object_attribute_t *attrs;
2162 size_t len = 0;
2163 int i;
2164
2165 ASSERT(key->ck_format == CRYPTO_KEY_ATTR_LIST);
2166 if (key->ck_count == 0 || key->ck_attrs == NULL)
2167 return;
2168
2169 /* compute the size of the container */
2170 len = key->ck_count * sizeof (crypto_object_attribute_t);
2171
2172 /* total up the size of all attributes in the container */
2173 for (i = 0; i < key->ck_count; i++) {
2174 attrs = &key->ck_attrs[i];
2175 if (attrs->oa_value_len != 0 &&
2176 attrs->oa_value != NULL) {
2177 len += roundup(attrs->oa_value_len, sizeof (caddr_t));
2178 }
2179 }
2180
2181 bzero(key->ck_attrs, len);
2182 kmem_free(key->ck_attrs, len);
2183 }
2184
2185 /*
2186 * Frees allocated storage in the key structure, but doesn't free
2187 * the key structure.
2188 */
2189 static void
free_crypto_key(crypto_key_t * key)2190 free_crypto_key(crypto_key_t *key)
2191 {
2192 switch (key->ck_format) {
2193 case CRYPTO_KEY_RAW: {
2194 size_t len;
2195
2196 if (key->ck_length == 0 || key->ck_data == NULL)
2197 break;
2198
2199 len = CRYPTO_BITS2BYTES(key->ck_length);
2200 bzero(key->ck_data, len);
2201 kmem_free(key->ck_data, len);
2202 break;
2203 }
2204
2205 case CRYPTO_KEY_ATTR_LIST:
2206 crypto_free_key_attributes(key);
2207 break;
2208
2209 default:
2210 break;
2211 }
2212 }
2213
2214 /*
2215 * Copy in an array of crypto_object_attribute structures from user-space.
2216 * Kernel memory is allocated for the array and the value of each attribute
2217 * in the array. Since unprivileged users can specify the size of attributes,
2218 * the amount of memory needed is charged against the
2219 * project.max-crypto-memory resource control.
2220 *
2221 * Attribute values are copied in from user-space if copyin_value is set to
2222 * B_TRUE. This routine returns B_TRUE if the copyin was successful.
2223 */
2224 static boolean_t
copyin_attributes(int mode,crypto_session_data_t * sp,uint_t count,caddr_t oc_attributes,crypto_object_attribute_t ** k_attrs_out,size_t * k_attrs_size_out,caddr_t * u_attrs_out,int * out_rv,int * out_error,size_t * out_rctl_bytes,boolean_t * out_rctl_chk,boolean_t copyin_value)2225 copyin_attributes(int mode, crypto_session_data_t *sp,
2226 uint_t count, caddr_t oc_attributes,
2227 crypto_object_attribute_t **k_attrs_out, size_t *k_attrs_size_out,
2228 caddr_t *u_attrs_out, int *out_rv, int *out_error, size_t *out_rctl_bytes,
2229 boolean_t *out_rctl_chk, boolean_t copyin_value)
2230 {
2231 STRUCT_DECL(crypto_object_attribute, oa);
2232 crypto_object_attribute_t *k_attrs = NULL;
2233 caddr_t attrs = NULL, ap, p, value;
2234 caddr_t k_attrs_buf;
2235 size_t k_attrs_len;
2236 size_t k_attrs_buf_len = 0;
2237 size_t k_attrs_total_len = 0;
2238 size_t tmp_len;
2239 size_t rctl_bytes = 0;
2240 size_t len = 0;
2241 size_t value_len;
2242 int error = 0;
2243 int rv = 0;
2244 int i;
2245
2246 STRUCT_INIT(oa, mode);
2247
2248 if (count == 0) {
2249 rv = CRYPTO_SUCCESS;
2250 goto out;
2251 }
2252
2253 if (count > CRYPTO_MAX_ATTRIBUTE_COUNT) {
2254 rv = CRYPTO_ARGUMENTS_BAD;
2255 goto out;
2256 }
2257
2258 /* compute size of crypto_object_attribute array */
2259 len = count * STRUCT_SIZE(oa);
2260
2261 /* this allocation is not charged against the user's resource limit */
2262 attrs = kmem_alloc(len, KM_SLEEP);
2263 if (copyin(oc_attributes, attrs, len) != 0) {
2264 error = EFAULT;
2265 goto out;
2266 }
2267
2268 /* figure out how much memory to allocate for all of the attributes */
2269 ap = attrs;
2270 for (i = 0; i < count; i++) {
2271 bcopy(ap, STRUCT_BUF(oa), STRUCT_SIZE(oa));
2272 tmp_len = roundup(STRUCT_FGET(oa, oa_value_len),
2273 sizeof (caddr_t));
2274 if (tmp_len > crypto_max_buffer_len) {
2275 cmn_err(CE_NOTE, "copyin_attributes: buffer greater "
2276 "than %ld bytes, pid = %d", crypto_max_buffer_len,
2277 curproc->p_pid);
2278 rv = CRYPTO_ARGUMENTS_BAD;
2279 goto out;
2280 }
2281 if (STRUCT_FGETP(oa, oa_value) != NULL)
2282 k_attrs_buf_len += tmp_len;
2283 ap += STRUCT_SIZE(oa);
2284 }
2285
2286 k_attrs_len = count * sizeof (crypto_object_attribute_t);
2287 k_attrs_total_len = k_attrs_buf_len + k_attrs_len;
2288
2289 rv = CRYPTO_BUFFER_CHECK(sp, k_attrs_total_len, *out_rctl_chk);
2290 if (rv != CRYPTO_SUCCESS) {
2291 goto out;
2292 }
2293 rctl_bytes = k_attrs_total_len;
2294
2295 /* one big allocation for everything */
2296 k_attrs = kmem_alloc(k_attrs_total_len, KM_SLEEP);
2297 k_attrs_buf = (char *)k_attrs + k_attrs_len;
2298
2299 ap = attrs;
2300 p = k_attrs_buf;
2301 for (i = 0; i < count; i++) {
2302 bcopy(ap, STRUCT_BUF(oa), STRUCT_SIZE(oa));
2303 k_attrs[i].oa_type = STRUCT_FGET(oa, oa_type);
2304 value = STRUCT_FGETP(oa, oa_value);
2305 value_len = STRUCT_FGET(oa, oa_value_len);
2306 if (value != NULL && value_len != 0 && copyin_value) {
2307 if (copyin(value, p, value_len) != 0) {
2308 kmem_free(k_attrs, k_attrs_total_len);
2309 k_attrs = NULL;
2310 error = EFAULT;
2311 goto out;
2312 }
2313 }
2314
2315 if (value != NULL) {
2316 k_attrs[i].oa_value = p;
2317 p += roundup(value_len, sizeof (caddr_t));
2318 } else {
2319 k_attrs[i].oa_value = NULL;
2320 }
2321 k_attrs[i].oa_value_len = value_len;
2322 ap += STRUCT_SIZE(oa);
2323 }
2324 out:
2325 if (attrs != NULL) {
2326 /*
2327 * Free the array if there is a failure or the caller
2328 * doesn't want the array to be returned.
2329 */
2330 if (error != 0 || rv != CRYPTO_SUCCESS || u_attrs_out == NULL) {
2331 kmem_free(attrs, len);
2332 attrs = NULL;
2333 }
2334 }
2335
2336 if (u_attrs_out != NULL)
2337 *u_attrs_out = attrs;
2338 if (k_attrs_size_out != NULL)
2339 *k_attrs_size_out = k_attrs_total_len;
2340 *k_attrs_out = k_attrs;
2341 *out_rctl_bytes = rctl_bytes;
2342 *out_rv = rv;
2343 *out_error = error;
2344 return ((rv | error) ? B_FALSE : B_TRUE);
2345 }
2346
2347 /*
2348 * Copy data model dependent raw key into a kernel key
2349 * structure. Checks key length or attribute lengths against
2350 * resource controls before allocating memory. Returns B_TRUE
2351 * if both error and rv are set to 0.
2352 */
2353 static boolean_t
copyin_key(int mode,crypto_session_data_t * sp,crypto_key_t * in_key,crypto_key_t * out_key,size_t * out_rctl_bytes,boolean_t * out_rctl_chk,int * out_rv,int * out_error)2354 copyin_key(int mode, crypto_session_data_t *sp, crypto_key_t *in_key,
2355 crypto_key_t *out_key, size_t *out_rctl_bytes,
2356 boolean_t *out_rctl_chk, int *out_rv, int *out_error)
2357 {
2358 STRUCT_DECL(crypto_key, key);
2359 crypto_object_attribute_t *k_attrs = NULL;
2360 size_t key_bits;
2361 size_t key_bytes = 0;
2362 size_t rctl_bytes = 0;
2363 int count;
2364 int error = 0;
2365 int rv = CRYPTO_SUCCESS;
2366
2367 STRUCT_INIT(key, mode);
2368 bcopy(in_key, STRUCT_BUF(key), STRUCT_SIZE(key));
2369 out_key->ck_format = STRUCT_FGET(key, ck_format);
2370 switch (out_key->ck_format) {
2371 case CRYPTO_KEY_RAW:
2372 key_bits = STRUCT_FGET(key, ck_length);
2373 if (key_bits != 0) {
2374 if (key_bits >
2375 (CRYPTO_BYTES2BITS(crypto_max_buffer_len))) {
2376 cmn_err(CE_NOTE, "copyin_key: buffer greater "
2377 "than %ld bytes, pid = %d",
2378 crypto_max_buffer_len, curproc->p_pid);
2379 rv = CRYPTO_ARGUMENTS_BAD;
2380 goto out;
2381 }
2382 key_bytes = CRYPTO_BITS2BYTES(key_bits);
2383
2384 rv = CRYPTO_BUFFER_CHECK(sp, key_bytes,
2385 *out_rctl_chk);
2386 if (rv != CRYPTO_SUCCESS) {
2387 goto out;
2388 }
2389 rctl_bytes = key_bytes;
2390
2391 out_key->ck_data = kmem_alloc(key_bytes, KM_SLEEP);
2392
2393 if (copyin((char *)STRUCT_FGETP(key, ck_data),
2394 out_key->ck_data, key_bytes) != 0) {
2395 kmem_free(out_key->ck_data, key_bytes);
2396 out_key->ck_data = NULL;
2397 out_key->ck_length = 0;
2398 error = EFAULT;
2399 goto out;
2400 }
2401 }
2402 out_key->ck_length = (ulong_t)key_bits;
2403 break;
2404
2405 case CRYPTO_KEY_ATTR_LIST:
2406 count = STRUCT_FGET(key, ck_count);
2407
2408 if (copyin_attributes(mode, sp, count,
2409 (caddr_t)STRUCT_FGETP(key, ck_attrs), &k_attrs, NULL, NULL,
2410 &rv, &error, &rctl_bytes, out_rctl_chk, B_TRUE)) {
2411 out_key->ck_count = count;
2412 out_key->ck_attrs = k_attrs;
2413 k_attrs = NULL;
2414 } else {
2415 out_key->ck_count = 0;
2416 out_key->ck_attrs = NULL;
2417 }
2418 break;
2419
2420 case CRYPTO_KEY_REFERENCE:
2421 out_key->ck_obj_id = STRUCT_FGET(key, ck_obj_id);
2422 break;
2423
2424 default:
2425 rv = CRYPTO_ARGUMENTS_BAD;
2426 }
2427
2428 out:
2429 *out_rctl_bytes = rctl_bytes;
2430 *out_rv = rv;
2431 *out_error = error;
2432 return ((rv | error) ? B_FALSE : B_TRUE);
2433 }
2434
2435 /*
2436 * This routine does two things:
2437 * 1. Given a crypto_minor structure and a session ID, it returns
2438 * a valid session pointer.
2439 * 2. It checks that the provider, to which the session has been opened,
2440 * has not been removed.
2441 */
2442 static boolean_t
get_session_ptr(crypto_session_id_t i,crypto_minor_t * cm,crypto_session_data_t ** session_ptr,int * out_error,int * out_rv)2443 get_session_ptr(crypto_session_id_t i, crypto_minor_t *cm,
2444 crypto_session_data_t **session_ptr, int *out_error, int *out_rv)
2445 {
2446 crypto_session_data_t *sp = NULL;
2447 int rv = CRYPTO_SESSION_HANDLE_INVALID;
2448 int error = 0;
2449
2450 mutex_enter(&cm->cm_lock);
2451 if ((i < cm->cm_session_table_count) &&
2452 (cm->cm_session_table[i] != NULL)) {
2453 sp = cm->cm_session_table[i];
2454 mutex_enter(&sp->sd_lock);
2455 mutex_exit(&cm->cm_lock);
2456 while (sp->sd_flags & CRYPTO_SESSION_IS_BUSY) {
2457 if (cv_wait_sig(&sp->sd_cv, &sp->sd_lock) == 0) {
2458 mutex_exit(&sp->sd_lock);
2459 sp = NULL;
2460 error = EINTR;
2461 goto out;
2462 }
2463 }
2464
2465 if (sp->sd_flags & CRYPTO_SESSION_IS_CLOSED) {
2466 mutex_exit(&sp->sd_lock);
2467 sp = NULL;
2468 goto out;
2469 }
2470
2471 if (KCF_IS_PROV_REMOVED(sp->sd_provider)) {
2472 mutex_exit(&sp->sd_lock);
2473 sp = NULL;
2474 rv = CRYPTO_DEVICE_ERROR;
2475 goto out;
2476 }
2477
2478 rv = CRYPTO_SUCCESS;
2479 sp->sd_flags |= CRYPTO_SESSION_IS_BUSY;
2480 mutex_exit(&sp->sd_lock);
2481 } else {
2482 mutex_exit(&cm->cm_lock);
2483 }
2484 out:
2485 *session_ptr = sp;
2486 *out_error = error;
2487 *out_rv = rv;
2488 return ((rv == CRYPTO_SUCCESS && error == 0) ? B_TRUE : B_FALSE);
2489 }
2490
2491 #define CRYPTO_SESSION_RELE(s) if ((s) != NULL) { \
2492 mutex_enter(&((s)->sd_lock)); \
2493 (s)->sd_flags &= ~CRYPTO_SESSION_IS_BUSY; \
2494 cv_broadcast(&(s)->sd_cv); \
2495 mutex_exit(&((s)->sd_lock)); \
2496 }
2497
2498 /* ARGSUSED */
2499 static int
encrypt_init(dev_t dev,caddr_t arg,int mode,int * rval)2500 encrypt_init(dev_t dev, caddr_t arg, int mode, int *rval)
2501 {
2502 return (cipher_init(dev, arg, mode, crypto_encrypt_init_prov));
2503 }
2504
2505 /* ARGSUSED */
2506 static int
decrypt_init(dev_t dev,caddr_t arg,int mode,int * rval)2507 decrypt_init(dev_t dev, caddr_t arg, int mode, int *rval)
2508 {
2509 return (cipher_init(dev, arg, mode, crypto_decrypt_init_prov));
2510 }
2511
2512 /*
2513 * umech is a mechanism structure that has been copied from user address
2514 * space into kernel address space. Only one copyin has been done.
2515 * The mechanism parameter, if non-null, still points to user address space.
2516 * If the mechanism parameter contains pointers, they are pointers into
2517 * user address space.
2518 *
2519 * kmech is a umech with all pointers and structures in kernel address space.
2520 *
2521 * This routine calls the provider's entry point to copy a umech parameter
2522 * into kernel address space. Kernel memory is allocated by the provider.
2523 */
2524 static int
crypto_provider_copyin_mech_param(kcf_provider_desc_t * pd,crypto_mechanism_t * umech,crypto_mechanism_t * kmech,int mode,int * error)2525 crypto_provider_copyin_mech_param(kcf_provider_desc_t *pd,
2526 crypto_mechanism_t *umech, crypto_mechanism_t *kmech, int mode, int *error)
2527 {
2528 crypto_mech_type_t provider_mech_type;
2529 int rv;
2530
2531 /* get the provider's mech number */
2532 provider_mech_type = KCF_TO_PROV_MECHNUM(pd, umech->cm_type);
2533
2534 kmech->cm_param = NULL;
2535 kmech->cm_param_len = 0;
2536 kmech->cm_type = provider_mech_type;
2537 rv = KCF_PROV_COPYIN_MECH(pd, umech, kmech, error, mode);
2538 kmech->cm_type = umech->cm_type;
2539
2540 return (rv);
2541 }
2542
2543 /*
2544 * umech is a mechanism structure that has been copied from user address
2545 * space into kernel address space. Only one copyin has been done.
2546 * The mechanism parameter, if non-null, still points to user address space.
2547 * If the mechanism parameter contains pointers, they are pointers into
2548 * user address space.
2549 *
2550 * kmech is a umech with all pointers and structures in kernel address space.
2551 *
2552 * This routine calls the provider's entry point to copy a kmech parameter
2553 * into user address space using umech as a template containing
2554 * user address pointers.
2555 */
2556 static int
crypto_provider_copyout_mech_param(kcf_provider_desc_t * pd,crypto_mechanism_t * kmech,crypto_mechanism_t * umech,int mode,int * error)2557 crypto_provider_copyout_mech_param(kcf_provider_desc_t *pd,
2558 crypto_mechanism_t *kmech, crypto_mechanism_t *umech, int mode, int *error)
2559 {
2560 crypto_mech_type_t provider_mech_type;
2561 int rv;
2562
2563 /* get the provider's mech number */
2564 provider_mech_type = KCF_TO_PROV_MECHNUM(pd, umech->cm_type);
2565
2566 kmech->cm_type = provider_mech_type;
2567 rv = KCF_PROV_COPYOUT_MECH(pd, kmech, umech, error, mode);
2568 kmech->cm_type = umech->cm_type;
2569
2570 return (rv);
2571 }
2572
2573 /*
2574 * Call the provider's entry point to free kernel memory that has been
2575 * allocated for the mechanism's parameter.
2576 */
2577 static void
crypto_free_mech(kcf_provider_desc_t * pd,boolean_t allocated_by_crypto_module,crypto_mechanism_t * mech)2578 crypto_free_mech(kcf_provider_desc_t *pd, boolean_t allocated_by_crypto_module,
2579 crypto_mechanism_t *mech)
2580 {
2581 crypto_mech_type_t provider_mech_type;
2582
2583 if (allocated_by_crypto_module) {
2584 if (mech->cm_param != NULL)
2585 kmem_free(mech->cm_param, mech->cm_param_len);
2586 } else {
2587 /* get the provider's mech number */
2588 provider_mech_type = KCF_TO_PROV_MECHNUM(pd, mech->cm_type);
2589
2590 if (mech->cm_param != NULL && mech->cm_param_len != 0) {
2591 mech->cm_type = provider_mech_type;
2592 (void) KCF_PROV_FREE_MECH(pd, mech);
2593 }
2594 }
2595 }
2596
2597 /*
2598 * ASSUMPTION: crypto_encrypt_init and crypto_decrypt_init
2599 * structures are identical except for field names.
2600 */
2601 static int
cipher_init(dev_t dev,caddr_t arg,int mode,int (* init)(crypto_provider_t,crypto_session_id_t,crypto_mechanism_t *,crypto_key_t *,crypto_ctx_template_t,crypto_context_t *,crypto_call_req_t *))2602 cipher_init(dev_t dev, caddr_t arg, int mode, int (*init)(crypto_provider_t,
2603 crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
2604 crypto_ctx_template_t, crypto_context_t *, crypto_call_req_t *))
2605 {
2606 STRUCT_DECL(crypto_encrypt_init, encrypt_init);
2607 kcf_provider_desc_t *real_provider = NULL;
2608 crypto_session_id_t session_id;
2609 crypto_mechanism_t mech;
2610 crypto_key_t key;
2611 crypto_minor_t *cm;
2612 crypto_session_data_t *sp = NULL;
2613 crypto_context_t cc;
2614 crypto_ctx_t **ctxpp;
2615 size_t mech_rctl_bytes = 0;
2616 boolean_t mech_rctl_chk = B_FALSE;
2617 size_t key_rctl_bytes = 0;
2618 boolean_t key_rctl_chk = B_FALSE;
2619 int error = 0;
2620 int rv;
2621 boolean_t allocated_by_crypto_module = B_FALSE;
2622 crypto_func_group_t fg;
2623
2624 STRUCT_INIT(encrypt_init, mode);
2625
2626 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
2627 cmn_err(CE_WARN, "cipher_init: failed holding minor");
2628 return (ENXIO);
2629 }
2630
2631 if (copyin(arg, STRUCT_BUF(encrypt_init),
2632 STRUCT_SIZE(encrypt_init)) != 0) {
2633 crypto_release_minor(cm);
2634 return (EFAULT);
2635 }
2636
2637 mech.cm_param = NULL;
2638 bzero(&key, sizeof (crypto_key_t));
2639
2640 session_id = STRUCT_FGET(encrypt_init, ei_session);
2641
2642 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
2643 goto out;
2644 }
2645
2646 bcopy(STRUCT_FADDR(encrypt_init, ei_mech), &mech.cm_type,
2647 sizeof (crypto_mech_type_t));
2648
2649 if (init == crypto_encrypt_init_prov) {
2650 fg = CRYPTO_FG_ENCRYPT;
2651 } else {
2652 fg = CRYPTO_FG_DECRYPT;
2653 }
2654
2655 /* We need the key length for provider selection so copy it in now. */
2656 if (!copyin_key(mode, sp, STRUCT_FADDR(encrypt_init, ei_key), &key,
2657 &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
2658 goto out;
2659 }
2660
2661 if ((rv = kcf_get_hardware_provider(mech.cm_type, &key,
2662 CRYPTO_MECH_INVALID, NULL, sp->sd_provider, &real_provider, fg))
2663 != CRYPTO_SUCCESS) {
2664 goto out;
2665 }
2666
2667 rv = crypto_provider_copyin_mech_param(real_provider,
2668 STRUCT_FADDR(encrypt_init, ei_mech), &mech, mode, &error);
2669
2670 if (rv == CRYPTO_NOT_SUPPORTED) {
2671 allocated_by_crypto_module = B_TRUE;
2672 if (!copyin_mech(mode, sp, STRUCT_FADDR(encrypt_init, ei_mech),
2673 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
2674 goto out;
2675 }
2676 } else {
2677 if (rv != CRYPTO_SUCCESS)
2678 goto out;
2679 }
2680
2681 rv = (init)(real_provider, sp->sd_provider_session->ps_session,
2682 &mech, &key, NULL, &cc, NULL);
2683
2684 /*
2685 * Check if a context already exists. If so, it means it is being
2686 * abandoned. So, cancel it to avoid leaking it.
2687 */
2688 ctxpp = (init == crypto_encrypt_init_prov) ?
2689 &sp->sd_encr_ctx : &sp->sd_decr_ctx;
2690
2691 if (*ctxpp != NULL)
2692 CRYPTO_CANCEL_CTX(ctxpp);
2693 *ctxpp = (rv == CRYPTO_SUCCESS) ? cc : NULL;
2694
2695 out:
2696 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
2697 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
2698 CRYPTO_SESSION_RELE(sp);
2699 crypto_release_minor(cm);
2700
2701 if (real_provider != NULL) {
2702 crypto_free_mech(real_provider,
2703 allocated_by_crypto_module, &mech);
2704 KCF_PROV_REFRELE(real_provider);
2705 }
2706
2707 free_crypto_key(&key);
2708
2709 if (error != 0)
2710 /* XXX free context */
2711 return (error);
2712
2713 STRUCT_FSET(encrypt_init, ei_return_value, rv);
2714 if (copyout(STRUCT_BUF(encrypt_init), arg,
2715 STRUCT_SIZE(encrypt_init)) != 0) {
2716 /* XXX free context */
2717 return (EFAULT);
2718 }
2719 return (0);
2720 }
2721
2722 /* ARGSUSED */
2723 static int
encrypt(dev_t dev,caddr_t arg,int mode,int * rval)2724 encrypt(dev_t dev, caddr_t arg, int mode, int *rval)
2725 {
2726 return (cipher(dev, arg, mode, crypto_encrypt_single));
2727 }
2728
2729 /* ARGSUSED */
2730 static int
decrypt(dev_t dev,caddr_t arg,int mode,int * rval)2731 decrypt(dev_t dev, caddr_t arg, int mode, int *rval)
2732 {
2733 return (cipher(dev, arg, mode, crypto_decrypt_single));
2734 }
2735
2736 /*
2737 * ASSUMPTION: crypto_encrypt and crypto_decrypt structures
2738 * are identical except for field names.
2739 */
2740 static int
cipher(dev_t dev,caddr_t arg,int mode,int (* single)(crypto_context_t,crypto_data_t *,crypto_data_t *,crypto_call_req_t *))2741 cipher(dev_t dev, caddr_t arg, int mode,
2742 int (*single)(crypto_context_t, crypto_data_t *, crypto_data_t *,
2743 crypto_call_req_t *))
2744 {
2745 STRUCT_DECL(crypto_encrypt, encrypt);
2746 crypto_session_id_t session_id;
2747 crypto_minor_t *cm;
2748 crypto_session_data_t *sp = NULL;
2749 crypto_ctx_t **ctxpp;
2750 crypto_data_t data, encr;
2751 size_t datalen, encrlen, need = 0;
2752 boolean_t do_inplace;
2753 char *encrbuf;
2754 int error = 0;
2755 int rv;
2756 boolean_t rctl_chk = B_FALSE;
2757
2758 STRUCT_INIT(encrypt, mode);
2759
2760 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
2761 cmn_err(CE_WARN, "cipher: failed holding minor");
2762 return (ENXIO);
2763 }
2764
2765 if (copyin(arg, STRUCT_BUF(encrypt), STRUCT_SIZE(encrypt)) != 0) {
2766 crypto_release_minor(cm);
2767 return (EFAULT);
2768 }
2769
2770 data.cd_raw.iov_base = NULL;
2771 encr.cd_raw.iov_base = NULL;
2772
2773 datalen = STRUCT_FGET(encrypt, ce_datalen);
2774 encrlen = STRUCT_FGET(encrypt, ce_encrlen);
2775
2776 /*
2777 * Don't allocate output buffer unless both buffer pointer and
2778 * buffer length are not NULL or 0 (length).
2779 */
2780 encrbuf = STRUCT_FGETP(encrypt, ce_encrbuf);
2781 if (encrbuf == NULL || encrlen == 0) {
2782 encrlen = 0;
2783 }
2784
2785 if (datalen > crypto_max_buffer_len ||
2786 encrlen > crypto_max_buffer_len) {
2787 cmn_err(CE_NOTE, "cipher: buffer greater than %ld bytes, "
2788 "pid = %d", crypto_max_buffer_len, curproc->p_pid);
2789 rv = CRYPTO_ARGUMENTS_BAD;
2790 goto release_minor;
2791 }
2792
2793 session_id = STRUCT_FGET(encrypt, ce_session);
2794
2795 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
2796 goto release_minor;
2797 }
2798
2799 do_inplace = (STRUCT_FGET(encrypt, ce_flags) &
2800 CRYPTO_INPLACE_OPERATION) != 0;
2801 need = do_inplace ? datalen : datalen + encrlen;
2802
2803 if ((rv = CRYPTO_BUFFER_CHECK(sp, need, rctl_chk)) !=
2804 CRYPTO_SUCCESS) {
2805 need = 0;
2806 goto release_minor;
2807 }
2808
2809 INIT_RAW_CRYPTO_DATA(data, datalen);
2810 data.cd_miscdata = NULL;
2811
2812 if (datalen != 0 && copyin(STRUCT_FGETP(encrypt, ce_databuf),
2813 data.cd_raw.iov_base, datalen) != 0) {
2814 error = EFAULT;
2815 goto release_minor;
2816 }
2817
2818 if (do_inplace) {
2819 /* set out = in for in-place */
2820 encr = data;
2821 } else {
2822 INIT_RAW_CRYPTO_DATA(encr, encrlen);
2823 }
2824
2825 ctxpp = (single == crypto_encrypt_single) ?
2826 &sp->sd_encr_ctx : &sp->sd_decr_ctx;
2827
2828 if (do_inplace)
2829 /* specify in-place buffers with output = NULL */
2830 rv = (single)(*ctxpp, &encr, NULL, NULL);
2831 else
2832 rv = (single)(*ctxpp, &data, &encr, NULL);
2833
2834 if (KCF_CONTEXT_DONE(rv))
2835 *ctxpp = NULL;
2836
2837 if (rv == CRYPTO_SUCCESS) {
2838 ASSERT(encr.cd_length <= encrlen);
2839 if (encr.cd_length != 0 && copyout(encr.cd_raw.iov_base,
2840 encrbuf, encr.cd_length) != 0) {
2841 error = EFAULT;
2842 goto release_minor;
2843 }
2844 STRUCT_FSET(encrypt, ce_encrlen,
2845 (ulong_t)encr.cd_length);
2846 }
2847
2848 if (rv == CRYPTO_BUFFER_TOO_SMALL) {
2849 /*
2850 * The providers return CRYPTO_BUFFER_TOO_SMALL even for case 1
2851 * of section 11.2 of the pkcs11 spec. We catch it here and
2852 * provide the correct pkcs11 return value.
2853 */
2854 if (STRUCT_FGETP(encrypt, ce_encrbuf) == NULL)
2855 rv = CRYPTO_SUCCESS;
2856 STRUCT_FSET(encrypt, ce_encrlen,
2857 (ulong_t)encr.cd_length);
2858 }
2859
2860 release_minor:
2861 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
2862 CRYPTO_SESSION_RELE(sp);
2863 crypto_release_minor(cm);
2864
2865 if (data.cd_raw.iov_base != NULL)
2866 kmem_free(data.cd_raw.iov_base, datalen);
2867
2868 if (!do_inplace && encr.cd_raw.iov_base != NULL)
2869 kmem_free(encr.cd_raw.iov_base, encrlen);
2870
2871 if (error != 0)
2872 return (error);
2873
2874 STRUCT_FSET(encrypt, ce_return_value, rv);
2875 if (copyout(STRUCT_BUF(encrypt), arg, STRUCT_SIZE(encrypt)) != 0) {
2876 return (EFAULT);
2877 }
2878 return (0);
2879 }
2880
2881 /* ARGSUSED */
2882 static int
encrypt_update(dev_t dev,caddr_t arg,int mode,int * rval)2883 encrypt_update(dev_t dev, caddr_t arg, int mode, int *rval)
2884 {
2885 return (cipher_update(dev, arg, mode, crypto_encrypt_update));
2886 }
2887
2888 /* ARGSUSED */
2889 static int
decrypt_update(dev_t dev,caddr_t arg,int mode,int * rval)2890 decrypt_update(dev_t dev, caddr_t arg, int mode, int *rval)
2891 {
2892 return (cipher_update(dev, arg, mode, crypto_decrypt_update));
2893 }
2894
2895 /*
2896 * ASSUMPTION: crypto_encrypt_update and crypto_decrypt_update
2897 * structures are identical except for field names.
2898 */
2899 static int
cipher_update(dev_t dev,caddr_t arg,int mode,int (* update)(crypto_context_t,crypto_data_t *,crypto_data_t *,crypto_call_req_t *))2900 cipher_update(dev_t dev, caddr_t arg, int mode,
2901 int (*update)(crypto_context_t, crypto_data_t *, crypto_data_t *,
2902 crypto_call_req_t *))
2903 {
2904 STRUCT_DECL(crypto_encrypt_update, encrypt_update);
2905 crypto_session_id_t session_id;
2906 crypto_minor_t *cm;
2907 crypto_session_data_t *sp = NULL;
2908 crypto_ctx_t **ctxpp;
2909 crypto_data_t data, encr;
2910 size_t datalen, encrlen, need = 0;
2911 boolean_t do_inplace;
2912 char *encrbuf;
2913 int error = 0;
2914 int rv;
2915 boolean_t rctl_chk = B_FALSE;
2916
2917 STRUCT_INIT(encrypt_update, mode);
2918
2919 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
2920 cmn_err(CE_WARN, "cipher_update: failed holding minor");
2921 return (ENXIO);
2922 }
2923
2924 if (copyin(arg, STRUCT_BUF(encrypt_update),
2925 STRUCT_SIZE(encrypt_update)) != 0) {
2926 crypto_release_minor(cm);
2927 return (EFAULT);
2928 }
2929
2930 data.cd_raw.iov_base = NULL;
2931 encr.cd_raw.iov_base = NULL;
2932
2933 datalen = STRUCT_FGET(encrypt_update, eu_datalen);
2934 encrlen = STRUCT_FGET(encrypt_update, eu_encrlen);
2935
2936 /*
2937 * Don't allocate output buffer unless both buffer pointer and
2938 * buffer length are not NULL or 0 (length).
2939 */
2940 encrbuf = STRUCT_FGETP(encrypt_update, eu_encrbuf);
2941 if (encrbuf == NULL || encrlen == 0) {
2942 encrlen = 0;
2943 }
2944
2945 if (datalen > crypto_max_buffer_len ||
2946 encrlen > crypto_max_buffer_len) {
2947 cmn_err(CE_NOTE, "cipher_update: buffer greater than %ld "
2948 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
2949 rv = CRYPTO_ARGUMENTS_BAD;
2950 goto out;
2951 }
2952
2953 session_id = STRUCT_FGET(encrypt_update, eu_session);
2954
2955 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
2956 goto out;
2957 }
2958
2959 do_inplace = (STRUCT_FGET(encrypt_update, eu_flags) &
2960 CRYPTO_INPLACE_OPERATION) != 0;
2961 need = do_inplace ? datalen : datalen + encrlen;
2962
2963 if ((rv = CRYPTO_BUFFER_CHECK(sp, need, rctl_chk)) !=
2964 CRYPTO_SUCCESS) {
2965 need = 0;
2966 goto out;
2967 }
2968
2969 INIT_RAW_CRYPTO_DATA(data, datalen);
2970 data.cd_miscdata = NULL;
2971
2972 if (datalen != 0 && copyin(STRUCT_FGETP(encrypt_update, eu_databuf),
2973 data.cd_raw.iov_base, datalen) != 0) {
2974 error = EFAULT;
2975 goto out;
2976 }
2977
2978 if (do_inplace) {
2979 /* specify in-place buffers with output = input */
2980 encr = data;
2981 } else {
2982 INIT_RAW_CRYPTO_DATA(encr, encrlen);
2983 }
2984
2985 ctxpp = (update == crypto_encrypt_update) ?
2986 &sp->sd_encr_ctx : &sp->sd_decr_ctx;
2987
2988 if (do_inplace)
2989 /* specify in-place buffers with output = NULL */
2990 rv = (update)(*ctxpp, &encr, NULL, NULL);
2991 else
2992 rv = (update)(*ctxpp, &data, &encr, NULL);
2993
2994 if (rv == CRYPTO_SUCCESS || rv == CRYPTO_BUFFER_TOO_SMALL) {
2995 if (rv == CRYPTO_SUCCESS) {
2996 ASSERT(encr.cd_length <= encrlen);
2997 if (encr.cd_length != 0 && copyout(encr.cd_raw.iov_base,
2998 encrbuf, encr.cd_length) != 0) {
2999 error = EFAULT;
3000 goto out;
3001 }
3002 } else {
3003 /*
3004 * The providers return CRYPTO_BUFFER_TOO_SMALL even
3005 * for case 1 of section 11.2 of the pkcs11 spec.
3006 * We catch it here and provide the correct pkcs11
3007 * return value.
3008 */
3009 if (STRUCT_FGETP(encrypt_update, eu_encrbuf) == NULL)
3010 rv = CRYPTO_SUCCESS;
3011 }
3012 STRUCT_FSET(encrypt_update, eu_encrlen,
3013 (ulong_t)encr.cd_length);
3014 } else {
3015 CRYPTO_CANCEL_CTX(ctxpp);
3016 }
3017 out:
3018 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
3019 CRYPTO_SESSION_RELE(sp);
3020 crypto_release_minor(cm);
3021
3022 if (data.cd_raw.iov_base != NULL)
3023 kmem_free(data.cd_raw.iov_base, datalen);
3024
3025 if (!do_inplace && (encr.cd_raw.iov_base != NULL))
3026 kmem_free(encr.cd_raw.iov_base, encrlen);
3027
3028 if (error != 0)
3029 return (error);
3030
3031 STRUCT_FSET(encrypt_update, eu_return_value, rv);
3032 if (copyout(STRUCT_BUF(encrypt_update), arg,
3033 STRUCT_SIZE(encrypt_update)) != 0) {
3034 return (EFAULT);
3035 }
3036 return (0);
3037 }
3038
3039 /* ARGSUSED */
3040 static int
encrypt_final(dev_t dev,caddr_t arg,int mode,int * rval)3041 encrypt_final(dev_t dev, caddr_t arg, int mode, int *rval)
3042 {
3043 return (common_final(dev, arg, mode, crypto_encrypt_final));
3044 }
3045
3046 /* ARGSUSED */
3047 static int
decrypt_final(dev_t dev,caddr_t arg,int mode,int * rval)3048 decrypt_final(dev_t dev, caddr_t arg, int mode, int *rval)
3049 {
3050 return (common_final(dev, arg, mode, crypto_decrypt_final));
3051 }
3052
3053 /*
3054 * ASSUMPTION: crypto_encrypt_final, crypto_decrypt_final, crypto_sign_final,
3055 * and crypto_digest_final structures are identical except for field names.
3056 */
3057 static int
common_final(dev_t dev,caddr_t arg,int mode,int (* final)(crypto_context_t,crypto_data_t *,crypto_call_req_t *))3058 common_final(dev_t dev, caddr_t arg, int mode,
3059 int (*final)(crypto_context_t, crypto_data_t *, crypto_call_req_t *))
3060 {
3061 STRUCT_DECL(crypto_encrypt_final, encrypt_final);
3062 crypto_session_id_t session_id;
3063 crypto_minor_t *cm;
3064 crypto_session_data_t *sp = NULL;
3065 crypto_ctx_t **ctxpp;
3066 crypto_data_t encr;
3067 size_t encrlen, need = 0;
3068 char *encrbuf;
3069 int error = 0;
3070 int rv;
3071 boolean_t rctl_chk = B_FALSE;
3072
3073 STRUCT_INIT(encrypt_final, mode);
3074
3075 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3076 cmn_err(CE_WARN, "common_final: failed holding minor");
3077 return (ENXIO);
3078 }
3079
3080 if (copyin(arg, STRUCT_BUF(encrypt_final),
3081 STRUCT_SIZE(encrypt_final)) != 0) {
3082 crypto_release_minor(cm);
3083 return (EFAULT);
3084 }
3085
3086 encr.cd_format = CRYPTO_DATA_RAW;
3087 encr.cd_raw.iov_base = NULL;
3088
3089 encrlen = STRUCT_FGET(encrypt_final, ef_encrlen);
3090
3091 /*
3092 * Don't allocate output buffer unless both buffer pointer and
3093 * buffer length are not NULL or 0 (length).
3094 */
3095 encrbuf = STRUCT_FGETP(encrypt_final, ef_encrbuf);
3096 if (encrbuf == NULL || encrlen == 0) {
3097 encrlen = 0;
3098 }
3099
3100 if (encrlen > crypto_max_buffer_len) {
3101 cmn_err(CE_NOTE, "common_final: buffer greater than %ld "
3102 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
3103 rv = CRYPTO_ARGUMENTS_BAD;
3104 goto release_minor;
3105 }
3106
3107 session_id = STRUCT_FGET(encrypt_final, ef_session);
3108
3109 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3110 goto release_minor;
3111 }
3112
3113 if ((rv = CRYPTO_BUFFER_CHECK(sp, encrlen, rctl_chk)) !=
3114 CRYPTO_SUCCESS) {
3115 goto release_minor;
3116 }
3117 need = encrlen;
3118 encr.cd_raw.iov_base = kmem_alloc(encrlen, KM_SLEEP);
3119 encr.cd_raw.iov_len = encrlen;
3120
3121 encr.cd_offset = 0;
3122 encr.cd_length = encrlen;
3123
3124 ASSERT(final == crypto_encrypt_final ||
3125 final == crypto_decrypt_final || final == crypto_sign_final ||
3126 final == crypto_digest_final);
3127
3128 if (final == crypto_encrypt_final) {
3129 ctxpp = &sp->sd_encr_ctx;
3130 } else if (final == crypto_decrypt_final) {
3131 ctxpp = &sp->sd_decr_ctx;
3132 } else if (final == crypto_sign_final) {
3133 ctxpp = &sp->sd_sign_ctx;
3134 } else {
3135 ctxpp = &sp->sd_digest_ctx;
3136 }
3137
3138 rv = (final)(*ctxpp, &encr, NULL);
3139 if (KCF_CONTEXT_DONE(rv))
3140 *ctxpp = NULL;
3141
3142 if (rv == CRYPTO_SUCCESS) {
3143 ASSERT(encr.cd_length <= encrlen);
3144 if (encr.cd_length != 0 && copyout(encr.cd_raw.iov_base,
3145 encrbuf, encr.cd_length) != 0) {
3146 error = EFAULT;
3147 goto release_minor;
3148 }
3149 STRUCT_FSET(encrypt_final, ef_encrlen,
3150 (ulong_t)encr.cd_length);
3151 }
3152
3153 if (rv == CRYPTO_BUFFER_TOO_SMALL) {
3154 /*
3155 * The providers return CRYPTO_BUFFER_TOO_SMALL even for case 1
3156 * of section 11.2 of the pkcs11 spec. We catch it here and
3157 * provide the correct pkcs11 return value.
3158 */
3159 if (STRUCT_FGETP(encrypt_final, ef_encrbuf) == NULL)
3160 rv = CRYPTO_SUCCESS;
3161 STRUCT_FSET(encrypt_final, ef_encrlen,
3162 (ulong_t)encr.cd_length);
3163 }
3164
3165 release_minor:
3166 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
3167 CRYPTO_SESSION_RELE(sp);
3168 crypto_release_minor(cm);
3169
3170 if (encr.cd_raw.iov_base != NULL)
3171 kmem_free(encr.cd_raw.iov_base, encrlen);
3172
3173 if (error != 0)
3174 return (error);
3175
3176 STRUCT_FSET(encrypt_final, ef_return_value, rv);
3177 if (copyout(STRUCT_BUF(encrypt_final), arg,
3178 STRUCT_SIZE(encrypt_final)) != 0) {
3179 return (EFAULT);
3180 }
3181 return (0);
3182 }
3183
3184 /* ARGSUSED */
3185 static int
digest_init(dev_t dev,caddr_t arg,int mode,int * rval)3186 digest_init(dev_t dev, caddr_t arg, int mode, int *rval)
3187 {
3188 STRUCT_DECL(crypto_digest_init, digest_init);
3189 kcf_provider_desc_t *real_provider = NULL;
3190 crypto_session_id_t session_id;
3191 crypto_mechanism_t mech;
3192 crypto_minor_t *cm;
3193 crypto_session_data_t *sp = NULL;
3194 crypto_context_t cc;
3195 size_t rctl_bytes = 0;
3196 boolean_t rctl_chk = B_FALSE;
3197 int error = 0;
3198 int rv;
3199
3200 STRUCT_INIT(digest_init, mode);
3201
3202 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3203 cmn_err(CE_WARN, "digest_init: failed holding minor");
3204 return (ENXIO);
3205 }
3206
3207 if (copyin(arg, STRUCT_BUF(digest_init),
3208 STRUCT_SIZE(digest_init)) != 0) {
3209 crypto_release_minor(cm);
3210 return (EFAULT);
3211 }
3212
3213 mech.cm_param = NULL;
3214
3215 session_id = STRUCT_FGET(digest_init, di_session);
3216
3217 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3218 goto out;
3219 }
3220
3221 if (!copyin_mech(mode, sp, STRUCT_FADDR(digest_init, di_mech), &mech,
3222 &rctl_bytes, &rctl_chk, &rv, &error)) {
3223 goto out;
3224 }
3225
3226 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
3227 CRYPTO_MECH_INVALID, NULL, sp->sd_provider, &real_provider,
3228 CRYPTO_FG_DIGEST)) != CRYPTO_SUCCESS) {
3229 goto out;
3230 }
3231
3232 rv = crypto_digest_init_prov(real_provider,
3233 sp->sd_provider_session->ps_session, &mech, &cc, NULL);
3234
3235 /*
3236 * Check if a context already exists. If so, it means it is being
3237 * abandoned. So, cancel it to avoid leaking it.
3238 */
3239 if (sp->sd_digest_ctx != NULL)
3240 CRYPTO_CANCEL_CTX(&sp->sd_digest_ctx);
3241 sp->sd_digest_ctx = (rv == CRYPTO_SUCCESS) ? cc : NULL;
3242 out:
3243 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
3244 CRYPTO_SESSION_RELE(sp);
3245 crypto_release_minor(cm);
3246
3247 if (real_provider != NULL)
3248 KCF_PROV_REFRELE(real_provider);
3249
3250 if (mech.cm_param != NULL)
3251 kmem_free(mech.cm_param, mech.cm_param_len);
3252
3253 if (error != 0)
3254 return (error);
3255
3256 STRUCT_FSET(digest_init, di_return_value, rv);
3257 if (copyout(STRUCT_BUF(digest_init), arg,
3258 STRUCT_SIZE(digest_init)) != 0) {
3259 return (EFAULT);
3260 }
3261 return (0);
3262 }
3263
3264 /* ARGSUSED */
3265 static int
digest_update(dev_t dev,caddr_t arg,int mode,int * rval)3266 digest_update(dev_t dev, caddr_t arg, int mode, int *rval)
3267 {
3268 STRUCT_DECL(crypto_digest_update, digest_update);
3269 crypto_session_id_t session_id;
3270 crypto_minor_t *cm;
3271 crypto_session_data_t *sp = NULL;
3272 crypto_data_t data;
3273 size_t datalen, need = 0;
3274 int error = 0;
3275 int rv;
3276 boolean_t rctl_chk = B_FALSE;
3277
3278 STRUCT_INIT(digest_update, mode);
3279
3280 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3281 cmn_err(CE_WARN, "digest_update: failed holding minor");
3282 return (ENXIO);
3283 }
3284
3285 if (copyin(arg, STRUCT_BUF(digest_update),
3286 STRUCT_SIZE(digest_update)) != 0) {
3287 crypto_release_minor(cm);
3288 return (EFAULT);
3289 }
3290
3291 data.cd_format = CRYPTO_DATA_RAW;
3292 data.cd_raw.iov_base = NULL;
3293
3294 datalen = STRUCT_FGET(digest_update, du_datalen);
3295 if (datalen > crypto_max_buffer_len) {
3296 cmn_err(CE_NOTE, "digest_update: buffer greater than %ld "
3297 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
3298 rv = CRYPTO_ARGUMENTS_BAD;
3299 goto release_minor;
3300 }
3301
3302 session_id = STRUCT_FGET(digest_update, du_session);
3303
3304 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3305 goto release_minor;
3306 }
3307
3308 if ((rv = CRYPTO_BUFFER_CHECK(sp, datalen, rctl_chk)) !=
3309 CRYPTO_SUCCESS) {
3310 goto release_minor;
3311 }
3312
3313 need = datalen;
3314 data.cd_raw.iov_base = kmem_alloc(datalen, KM_SLEEP);
3315 data.cd_raw.iov_len = datalen;
3316
3317 if (datalen != 0 && copyin(STRUCT_FGETP(digest_update, du_databuf),
3318 data.cd_raw.iov_base, datalen) != 0) {
3319 error = EFAULT;
3320 goto release_minor;
3321 }
3322
3323 data.cd_offset = 0;
3324 data.cd_length = datalen;
3325
3326 rv = crypto_digest_update(sp->sd_digest_ctx, &data, NULL);
3327 if (rv != CRYPTO_SUCCESS)
3328 CRYPTO_CANCEL_CTX(&sp->sd_digest_ctx);
3329
3330 release_minor:
3331 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
3332 CRYPTO_SESSION_RELE(sp);
3333 crypto_release_minor(cm);
3334
3335 if (data.cd_raw.iov_base != NULL)
3336 kmem_free(data.cd_raw.iov_base, datalen);
3337
3338 if (error != 0)
3339 return (error);
3340
3341 STRUCT_FSET(digest_update, du_return_value, rv);
3342 if (copyout(STRUCT_BUF(digest_update), arg,
3343 STRUCT_SIZE(digest_update)) != 0) {
3344 return (EFAULT);
3345 }
3346 return (0);
3347 }
3348
3349 /* ARGSUSED */
3350 static int
digest_key(dev_t dev,caddr_t arg,int mode,int * rval)3351 digest_key(dev_t dev, caddr_t arg, int mode, int *rval)
3352 {
3353 STRUCT_DECL(crypto_digest_key, digest_key);
3354 crypto_session_id_t session_id;
3355 crypto_key_t key;
3356 crypto_minor_t *cm;
3357 crypto_session_data_t *sp = NULL;
3358 size_t rctl_bytes = 0;
3359 boolean_t key_rctl_chk = B_FALSE;
3360 int error = 0;
3361 int rv;
3362
3363 STRUCT_INIT(digest_key, mode);
3364
3365 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3366 cmn_err(CE_WARN, "digest_key: failed holding minor");
3367 return (ENXIO);
3368 }
3369
3370 if (copyin(arg, STRUCT_BUF(digest_key), STRUCT_SIZE(digest_key)) != 0) {
3371 crypto_release_minor(cm);
3372 return (EFAULT);
3373 }
3374
3375 bzero(&key, sizeof (crypto_key_t));
3376
3377 session_id = STRUCT_FGET(digest_key, dk_session);
3378
3379 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3380 goto out;
3381 }
3382
3383 if (!copyin_key(mode, sp, STRUCT_FADDR(digest_key, dk_key), &key,
3384 &rctl_bytes, &key_rctl_chk, &rv, &error)) {
3385 goto out;
3386 }
3387
3388 rv = crypto_digest_key_prov(sp->sd_digest_ctx, &key, NULL);
3389 if (rv != CRYPTO_SUCCESS)
3390 CRYPTO_CANCEL_CTX(&sp->sd_digest_ctx);
3391 out:
3392 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, key_rctl_chk);
3393 CRYPTO_SESSION_RELE(sp);
3394 crypto_release_minor(cm);
3395
3396 free_crypto_key(&key);
3397
3398 if (error != 0)
3399 return (error);
3400
3401 STRUCT_FSET(digest_key, dk_return_value, rv);
3402 if (copyout(STRUCT_BUF(digest_key), arg,
3403 STRUCT_SIZE(digest_key)) != 0) {
3404 return (EFAULT);
3405 }
3406 return (0);
3407 }
3408
3409 /* ARGSUSED */
3410 static int
digest_final(dev_t dev,caddr_t arg,int mode,int * rval)3411 digest_final(dev_t dev, caddr_t arg, int mode, int *rval)
3412 {
3413 return (common_final(dev, arg, mode, crypto_digest_final));
3414 }
3415
3416 /* ARGSUSED */
3417 static int
digest(dev_t dev,caddr_t arg,int mode,int * rval)3418 digest(dev_t dev, caddr_t arg, int mode, int *rval)
3419 {
3420 return (common_digest(dev, arg, mode, crypto_digest_single));
3421 }
3422
3423 /*
3424 * ASSUMPTION: crypto_digest, crypto_sign, crypto_sign_recover,
3425 * and crypto_verify_recover are identical except for field names.
3426 */
3427 static int
common_digest(dev_t dev,caddr_t arg,int mode,int (* single)(crypto_context_t,crypto_data_t *,crypto_data_t *,crypto_call_req_t *))3428 common_digest(dev_t dev, caddr_t arg, int mode,
3429 int (*single)(crypto_context_t, crypto_data_t *, crypto_data_t *,
3430 crypto_call_req_t *))
3431 {
3432 STRUCT_DECL(crypto_digest, crypto_digest);
3433 crypto_session_id_t session_id;
3434 crypto_minor_t *cm;
3435 crypto_session_data_t *sp = NULL;
3436 crypto_data_t data, digest;
3437 crypto_ctx_t **ctxpp;
3438 size_t datalen, digestlen, need = 0;
3439 char *digestbuf;
3440 int error = 0;
3441 int rv;
3442 boolean_t rctl_chk = B_FALSE;
3443
3444 STRUCT_INIT(crypto_digest, mode);
3445
3446 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3447 cmn_err(CE_WARN, "common_digest: failed holding minor");
3448 return (ENXIO);
3449 }
3450
3451 if (copyin(arg, STRUCT_BUF(crypto_digest),
3452 STRUCT_SIZE(crypto_digest)) != 0) {
3453 crypto_release_minor(cm);
3454 return (EFAULT);
3455 }
3456
3457 data.cd_raw.iov_base = NULL;
3458 digest.cd_raw.iov_base = NULL;
3459
3460 datalen = STRUCT_FGET(crypto_digest, cd_datalen);
3461 digestlen = STRUCT_FGET(crypto_digest, cd_digestlen);
3462
3463 /*
3464 * Don't allocate output buffer unless both buffer pointer and
3465 * buffer length are not NULL or 0 (length).
3466 */
3467 digestbuf = STRUCT_FGETP(crypto_digest, cd_digestbuf);
3468 if (digestbuf == NULL || digestlen == 0) {
3469 digestlen = 0;
3470 }
3471
3472 if (datalen > crypto_max_buffer_len ||
3473 digestlen > crypto_max_buffer_len) {
3474 cmn_err(CE_NOTE, "common_digest: buffer greater than %ld "
3475 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
3476 rv = CRYPTO_ARGUMENTS_BAD;
3477 goto release_minor;
3478 }
3479
3480 session_id = STRUCT_FGET(crypto_digest, cd_session);
3481
3482 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3483 goto release_minor;
3484 }
3485
3486 need = datalen + digestlen;
3487 if ((rv = CRYPTO_BUFFER_CHECK(sp, need, rctl_chk)) !=
3488 CRYPTO_SUCCESS) {
3489 need = 0;
3490 goto release_minor;
3491 }
3492
3493 INIT_RAW_CRYPTO_DATA(data, datalen);
3494
3495 if (datalen != 0 && copyin(STRUCT_FGETP(crypto_digest, cd_databuf),
3496 data.cd_raw.iov_base, datalen) != 0) {
3497 error = EFAULT;
3498 goto release_minor;
3499 }
3500
3501 INIT_RAW_CRYPTO_DATA(digest, digestlen);
3502
3503 ASSERT(single == crypto_digest_single ||
3504 single == crypto_sign_single ||
3505 single == crypto_verify_recover_single ||
3506 single == crypto_sign_recover_single);
3507
3508 if (single == crypto_digest_single) {
3509 ctxpp = &sp->sd_digest_ctx;
3510 } else if (single == crypto_sign_single) {
3511 ctxpp = &sp->sd_sign_ctx;
3512 } else if (single == crypto_verify_recover_single) {
3513 ctxpp = &sp->sd_verify_recover_ctx;
3514 } else {
3515 ctxpp = &sp->sd_sign_recover_ctx;
3516 }
3517 rv = (single)(*ctxpp, &data, &digest, NULL);
3518 if (KCF_CONTEXT_DONE(rv))
3519 *ctxpp = NULL;
3520
3521 if (rv == CRYPTO_SUCCESS) {
3522 ASSERT(digest.cd_length <= digestlen);
3523 if (digest.cd_length != 0 && copyout(digest.cd_raw.iov_base,
3524 digestbuf, digest.cd_length) != 0) {
3525 error = EFAULT;
3526 goto release_minor;
3527 }
3528 STRUCT_FSET(crypto_digest, cd_digestlen,
3529 (ulong_t)digest.cd_length);
3530 }
3531
3532 if (rv == CRYPTO_BUFFER_TOO_SMALL) {
3533 /*
3534 * The providers return CRYPTO_BUFFER_TOO_SMALL even for case 1
3535 * of section 11.2 of the pkcs11 spec. We catch it here and
3536 * provide the correct pkcs11 return value.
3537 */
3538 if (STRUCT_FGETP(crypto_digest, cd_digestbuf) == NULL)
3539 rv = CRYPTO_SUCCESS;
3540 STRUCT_FSET(crypto_digest, cd_digestlen,
3541 (ulong_t)digest.cd_length);
3542 }
3543
3544 release_minor:
3545 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
3546 CRYPTO_SESSION_RELE(sp);
3547 crypto_release_minor(cm);
3548
3549 if (data.cd_raw.iov_base != NULL)
3550 kmem_free(data.cd_raw.iov_base, datalen);
3551
3552 if (digest.cd_raw.iov_base != NULL)
3553 kmem_free(digest.cd_raw.iov_base, digestlen);
3554
3555 if (error != 0)
3556 return (error);
3557
3558 STRUCT_FSET(crypto_digest, cd_return_value, rv);
3559 if (copyout(STRUCT_BUF(crypto_digest), arg,
3560 STRUCT_SIZE(crypto_digest)) != 0) {
3561 return (EFAULT);
3562 }
3563 return (0);
3564 }
3565
3566 /*
3567 * A helper function that does what the name suggests.
3568 * Returns 0 on success and non-zero otherwise.
3569 * On failure, out_pin is set to 0.
3570 */
3571 int
get_pin_and_session_ptr(char * in_pin,char ** out_pin,size_t pin_len,crypto_minor_t * cm,crypto_session_id_t sid,crypto_session_data_t ** sp,int * rv,int * error)3572 get_pin_and_session_ptr(char *in_pin, char **out_pin, size_t pin_len,
3573 crypto_minor_t *cm, crypto_session_id_t sid, crypto_session_data_t **sp,
3574 int *rv, int *error)
3575 {
3576 char *tmp_pin = NULL;
3577 int tmp_error = 0, tmp_rv = 0;
3578
3579 if (pin_len > KCF_MAX_PIN_LEN) {
3580 tmp_rv = CRYPTO_PIN_LEN_RANGE;
3581 goto out;
3582 }
3583 tmp_pin = kmem_alloc(pin_len, KM_SLEEP);
3584
3585 if (pin_len != 0 && copyin(in_pin, tmp_pin, pin_len) != 0) {
3586 tmp_error = EFAULT;
3587 goto out;
3588 }
3589
3590 (void) get_session_ptr(sid, cm, sp, &tmp_error, &tmp_rv);
3591 out:
3592 *out_pin = tmp_pin;
3593 *rv = tmp_rv;
3594 *error = tmp_error;
3595 return (tmp_rv | tmp_error);
3596 }
3597
3598 /* ARGSUSED */
3599 static int
set_pin(dev_t dev,caddr_t arg,int mode,int * rval)3600 set_pin(dev_t dev, caddr_t arg, int mode, int *rval)
3601 {
3602 STRUCT_DECL(crypto_set_pin, set_pin);
3603 kcf_provider_desc_t *real_provider;
3604 kcf_req_params_t params;
3605 crypto_minor_t *cm;
3606 crypto_session_data_t *sp;
3607 char *old_pin = NULL;
3608 char *new_pin = NULL;
3609 size_t old_pin_len;
3610 size_t new_pin_len;
3611 int error = 0;
3612 int rv;
3613
3614 STRUCT_INIT(set_pin, mode);
3615
3616 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3617 cmn_err(CE_WARN, "set_pin: failed holding minor");
3618 return (ENXIO);
3619 }
3620
3621 if (copyin(arg, STRUCT_BUF(set_pin),
3622 STRUCT_SIZE(set_pin)) != 0) {
3623 crypto_release_minor(cm);
3624 return (EFAULT);
3625 }
3626
3627 old_pin_len = STRUCT_FGET(set_pin, sp_old_len);
3628
3629 if (get_pin_and_session_ptr(STRUCT_FGETP(set_pin, sp_old_pin),
3630 &old_pin, old_pin_len, cm, STRUCT_FGET(set_pin, sp_session),
3631 &sp, &rv, &error) != 0)
3632 goto release_minor;
3633
3634 new_pin_len = STRUCT_FGET(set_pin, sp_new_len);
3635 if (new_pin_len > KCF_MAX_PIN_LEN) {
3636 rv = CRYPTO_PIN_LEN_RANGE;
3637 goto out;
3638 }
3639 new_pin = kmem_alloc(new_pin_len, KM_SLEEP);
3640
3641 if (new_pin_len != 0 && copyin(STRUCT_FGETP(set_pin, sp_new_pin),
3642 new_pin, new_pin_len) != 0) {
3643 error = EFAULT;
3644 goto out;
3645 }
3646
3647 if ((rv = kcf_get_hardware_provider_nomech(
3648 CRYPTO_OPS_OFFSET(provider_ops), CRYPTO_PROVIDER_OFFSET(set_pin),
3649 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
3650 goto out;
3651 }
3652
3653 KCF_WRAP_PROVMGMT_OPS_PARAMS(¶ms, KCF_OP_MGMT_SETPIN,
3654 sp->sd_provider_session->ps_session, old_pin, old_pin_len,
3655 new_pin, new_pin_len, NULL, NULL, real_provider);
3656
3657 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
3658 KCF_PROV_REFRELE(real_provider);
3659
3660 out:
3661 CRYPTO_SESSION_RELE(sp);
3662
3663 release_minor:
3664 crypto_release_minor(cm);
3665
3666 if (old_pin != NULL) {
3667 bzero(old_pin, old_pin_len);
3668 kmem_free(old_pin, old_pin_len);
3669 }
3670
3671 if (new_pin != NULL) {
3672 bzero(new_pin, new_pin_len);
3673 kmem_free(new_pin, new_pin_len);
3674 }
3675
3676 if (error != 0)
3677 return (error);
3678
3679 STRUCT_FSET(set_pin, sp_return_value, rv);
3680 if (copyout(STRUCT_BUF(set_pin), arg, STRUCT_SIZE(set_pin)) != 0) {
3681 return (EFAULT);
3682 }
3683 return (0);
3684 }
3685
3686 /* ARGSUSED */
3687 static int
login(dev_t dev,caddr_t arg,int mode,int * rval)3688 login(dev_t dev, caddr_t arg, int mode, int *rval)
3689 {
3690 STRUCT_DECL(crypto_login, login);
3691 kcf_provider_desc_t *real_provider;
3692 kcf_req_params_t params;
3693 crypto_minor_t *cm;
3694 crypto_session_data_t *sp;
3695 size_t pin_len;
3696 char *pin;
3697 uint_t user_type;
3698 int error = 0;
3699 int rv;
3700
3701 STRUCT_INIT(login, mode);
3702
3703 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3704 cmn_err(CE_WARN, "login: failed holding minor");
3705 return (ENXIO);
3706 }
3707
3708 if (copyin(arg, STRUCT_BUF(login), STRUCT_SIZE(login)) != 0) {
3709 crypto_release_minor(cm);
3710 return (EFAULT);
3711 }
3712
3713 user_type = STRUCT_FGET(login, co_user_type);
3714
3715 pin_len = STRUCT_FGET(login, co_pin_len);
3716
3717 if (get_pin_and_session_ptr(STRUCT_FGETP(login, co_pin),
3718 &pin, pin_len, cm, STRUCT_FGET(login, co_session),
3719 &sp, &rv, &error) != 0) {
3720 if (rv == CRYPTO_PIN_LEN_RANGE)
3721 rv = CRYPTO_PIN_INCORRECT;
3722 goto release_minor;
3723 }
3724
3725 if ((rv = kcf_get_hardware_provider_nomech(
3726 CRYPTO_OPS_OFFSET(session_ops),
3727 CRYPTO_SESSION_OFFSET(session_login), sp->sd_provider,
3728 &real_provider)) != CRYPTO_SUCCESS) {
3729 goto out;
3730 }
3731
3732 KCF_WRAP_SESSION_OPS_PARAMS(¶ms, KCF_OP_SESSION_LOGIN, NULL,
3733 sp->sd_provider_session->ps_session, user_type, pin, pin_len,
3734 real_provider);
3735
3736 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
3737 KCF_PROV_REFRELE(real_provider);
3738
3739 out:
3740 CRYPTO_SESSION_RELE(sp);
3741
3742 release_minor:
3743 crypto_release_minor(cm);
3744
3745 if (pin != NULL) {
3746 bzero(pin, pin_len);
3747 kmem_free(pin, pin_len);
3748 }
3749
3750 if (error != 0)
3751 return (error);
3752
3753 STRUCT_FSET(login, co_return_value, rv);
3754 if (copyout(STRUCT_BUF(login), arg, STRUCT_SIZE(login)) != 0) {
3755 return (EFAULT);
3756 }
3757 return (0);
3758 }
3759
3760 /* ARGSUSED */
3761 static int
logout(dev_t dev,caddr_t arg,int mode,int * rval)3762 logout(dev_t dev, caddr_t arg, int mode, int *rval)
3763 {
3764 crypto_logout_t logout;
3765 kcf_provider_desc_t *real_provider;
3766 kcf_req_params_t params;
3767 crypto_minor_t *cm;
3768 crypto_session_data_t *sp;
3769 int error = 0;
3770 int rv;
3771
3772 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3773 cmn_err(CE_WARN, "logout: failed holding minor");
3774 return (ENXIO);
3775 }
3776
3777 if (copyin(arg, &logout, sizeof (logout)) != 0) {
3778 crypto_release_minor(cm);
3779 return (EFAULT);
3780 }
3781
3782 if (!get_session_ptr(logout.cl_session, cm, &sp, &error, &rv)) {
3783 goto release_minor;
3784 }
3785
3786 if ((rv = kcf_get_hardware_provider_nomech(
3787 CRYPTO_OPS_OFFSET(session_ops),
3788 CRYPTO_SESSION_OFFSET(session_logout), sp->sd_provider,
3789 &real_provider)) != CRYPTO_SUCCESS) {
3790 goto out;
3791 }
3792
3793 KCF_WRAP_SESSION_OPS_PARAMS(¶ms, KCF_OP_SESSION_LOGOUT, NULL,
3794 sp->sd_provider_session->ps_session, 0, NULL, 0, real_provider);
3795 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
3796 KCF_PROV_REFRELE(real_provider);
3797
3798 out:
3799 CRYPTO_SESSION_RELE(sp);
3800
3801 release_minor:
3802 crypto_release_minor(cm);
3803
3804 if (error != 0)
3805 return (error);
3806
3807 logout.cl_return_value = rv;
3808 if (copyout(&logout, arg, sizeof (logout)) != 0) {
3809 return (EFAULT);
3810 }
3811 return (0);
3812 }
3813
3814 /* ARGSUSED */
3815 static int
sign_init(dev_t dev,caddr_t arg,int mode,int * rval)3816 sign_init(dev_t dev, caddr_t arg, int mode, int *rval)
3817 {
3818 return (sign_verify_init(dev, arg, mode, crypto_sign_init_prov));
3819 }
3820
3821 /* ARGSUSED */
3822 static int
sign_recover_init(dev_t dev,caddr_t arg,int mode,int * rval)3823 sign_recover_init(dev_t dev, caddr_t arg, int mode, int *rval)
3824 {
3825 return (sign_verify_init(dev, arg, mode,
3826 crypto_sign_recover_init_prov));
3827 }
3828
3829 /* ARGSUSED */
3830 static int
verify_init(dev_t dev,caddr_t arg,int mode,int * rval)3831 verify_init(dev_t dev, caddr_t arg, int mode, int *rval)
3832 {
3833 return (sign_verify_init(dev, arg, mode, crypto_verify_init_prov));
3834 }
3835
3836 /* ARGSUSED */
3837 static int
verify_recover_init(dev_t dev,caddr_t arg,int mode,int * rval)3838 verify_recover_init(dev_t dev, caddr_t arg, int mode, int *rval)
3839 {
3840 return (sign_verify_init(dev, arg, mode,
3841 crypto_verify_recover_init_prov));
3842 }
3843
3844 /*
3845 * ASSUMPTION: crypto_sign_init, crypto_verify_init, crypto_sign_recover_init,
3846 * and crypto_verify_recover_init structures are identical
3847 * except for field names.
3848 */
3849 static int
sign_verify_init(dev_t dev,caddr_t arg,int mode,int (* init)(crypto_provider_t,crypto_session_id_t,crypto_mechanism_t *,crypto_key_t *,crypto_ctx_template_t,crypto_context_t *,crypto_call_req_t *))3850 sign_verify_init(dev_t dev, caddr_t arg, int mode,
3851 int (*init)(crypto_provider_t, crypto_session_id_t,
3852 crypto_mechanism_t *, crypto_key_t *, crypto_ctx_template_t,
3853 crypto_context_t *, crypto_call_req_t *))
3854 {
3855 STRUCT_DECL(crypto_sign_init, sign_init);
3856 kcf_provider_desc_t *real_provider = NULL;
3857 crypto_session_id_t session_id;
3858 crypto_mechanism_t mech;
3859 crypto_key_t key;
3860 crypto_minor_t *cm;
3861 crypto_session_data_t *sp = NULL;
3862 crypto_context_t cc;
3863 crypto_ctx_t **ctxpp;
3864 size_t mech_rctl_bytes = 0;
3865 boolean_t mech_rctl_chk = B_FALSE;
3866 size_t key_rctl_bytes = 0;
3867 boolean_t key_rctl_chk = B_FALSE;
3868 int error = 0;
3869 int rv;
3870 boolean_t allocated_by_crypto_module = B_FALSE;
3871 crypto_func_group_t fg;
3872
3873 STRUCT_INIT(sign_init, mode);
3874
3875 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3876 cmn_err(CE_WARN, "sign_verify_init: failed holding minor");
3877 return (ENXIO);
3878 }
3879
3880 if (copyin(arg, STRUCT_BUF(sign_init), STRUCT_SIZE(sign_init)) != 0) {
3881 crypto_release_minor(cm);
3882 return (EFAULT);
3883 }
3884
3885 mech.cm_param = NULL;
3886 bzero(&key, sizeof (key));
3887
3888 session_id = STRUCT_FGET(sign_init, si_session);
3889
3890 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3891 goto out;
3892 }
3893
3894 bcopy(STRUCT_FADDR(sign_init, si_mech), &mech.cm_type,
3895 sizeof (crypto_mech_type_t));
3896
3897 ASSERT(init == crypto_sign_init_prov ||
3898 init == crypto_verify_init_prov ||
3899 init == crypto_sign_recover_init_prov ||
3900 init == crypto_verify_recover_init_prov);
3901
3902 if (init == crypto_sign_init_prov) {
3903 fg = CRYPTO_FG_SIGN;
3904 ctxpp = &sp->sd_sign_ctx;
3905 } else if (init == crypto_verify_init_prov) {
3906 fg = CRYPTO_FG_VERIFY;
3907 ctxpp = &sp->sd_verify_ctx;
3908 } else if (init == crypto_sign_recover_init_prov) {
3909 fg = CRYPTO_FG_SIGN_RECOVER;
3910 ctxpp = &sp->sd_sign_recover_ctx;
3911 } else {
3912 fg = CRYPTO_FG_VERIFY_RECOVER;
3913 ctxpp = &sp->sd_verify_recover_ctx;
3914 }
3915
3916 /* We need the key length for provider selection so copy it in now. */
3917 if (!copyin_key(mode, sp, STRUCT_FADDR(sign_init, si_key), &key,
3918 &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
3919 goto out;
3920 }
3921
3922 if ((rv = kcf_get_hardware_provider(mech.cm_type, &key,
3923 CRYPTO_MECH_INVALID, NULL, sp->sd_provider, &real_provider,
3924 fg)) != CRYPTO_SUCCESS) {
3925 goto out;
3926 }
3927
3928 rv = crypto_provider_copyin_mech_param(real_provider,
3929 STRUCT_FADDR(sign_init, si_mech), &mech, mode, &error);
3930
3931 if (rv == CRYPTO_NOT_SUPPORTED) {
3932 allocated_by_crypto_module = B_TRUE;
3933 if (!copyin_mech(mode, sp, STRUCT_FADDR(sign_init, si_mech),
3934 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
3935 goto out;
3936 }
3937 } else {
3938 if (rv != CRYPTO_SUCCESS)
3939 goto out;
3940 }
3941
3942 rv = (init)(real_provider, sp->sd_provider_session->ps_session,
3943 &mech, &key, NULL, &cc, NULL);
3944
3945 /*
3946 * Check if a context already exists. If so, it means it is being
3947 * abandoned. So, cancel it to avoid leaking it.
3948 */
3949 if (*ctxpp != NULL)
3950 CRYPTO_CANCEL_CTX(ctxpp);
3951 *ctxpp = (rv == CRYPTO_SUCCESS) ? cc : NULL;
3952
3953 out:
3954 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
3955 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
3956 CRYPTO_SESSION_RELE(sp);
3957 crypto_release_minor(cm);
3958
3959 if (real_provider != NULL) {
3960 crypto_free_mech(real_provider,
3961 allocated_by_crypto_module, &mech);
3962 KCF_PROV_REFRELE(real_provider);
3963 }
3964
3965 free_crypto_key(&key);
3966
3967 if (error != 0)
3968 return (error);
3969
3970 STRUCT_FSET(sign_init, si_return_value, rv);
3971 if (copyout(STRUCT_BUF(sign_init), arg, STRUCT_SIZE(sign_init)) != 0) {
3972 return (EFAULT);
3973 }
3974 return (0);
3975 }
3976
3977 /* ARGSUSED */
3978 static int
sign(dev_t dev,caddr_t arg,int mode,int * rval)3979 sign(dev_t dev, caddr_t arg, int mode, int *rval)
3980 {
3981 return (common_digest(dev, arg, mode, crypto_sign_single));
3982 }
3983
3984 /* ARGSUSED */
3985 static int
sign_recover(dev_t dev,caddr_t arg,int mode,int * rval)3986 sign_recover(dev_t dev, caddr_t arg, int mode, int *rval)
3987 {
3988 return (common_digest(dev, arg, mode, crypto_sign_recover_single));
3989 }
3990
3991 /* ARGSUSED */
3992 static int
verify(dev_t dev,caddr_t arg,int mode,int * rval)3993 verify(dev_t dev, caddr_t arg, int mode, int *rval)
3994 {
3995 STRUCT_DECL(crypto_verify, verify);
3996 crypto_session_id_t session_id;
3997 crypto_minor_t *cm;
3998 crypto_session_data_t *sp = NULL;
3999 crypto_data_t data, sign;
4000 size_t datalen, signlen, need = 0;
4001 int error = 0;
4002 int rv;
4003 boolean_t rctl_chk = B_FALSE;
4004
4005 STRUCT_INIT(verify, mode);
4006
4007 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4008 cmn_err(CE_WARN, "verify: failed holding minor");
4009 return (ENXIO);
4010 }
4011
4012 if (copyin(arg, STRUCT_BUF(verify), STRUCT_SIZE(verify)) != 0) {
4013 crypto_release_minor(cm);
4014 return (EFAULT);
4015 }
4016
4017 data.cd_raw.iov_base = NULL;
4018 sign.cd_raw.iov_base = NULL;
4019
4020 datalen = STRUCT_FGET(verify, cv_datalen);
4021 signlen = STRUCT_FGET(verify, cv_signlen);
4022 if (datalen > crypto_max_buffer_len ||
4023 signlen > crypto_max_buffer_len) {
4024 cmn_err(CE_NOTE, "verify: buffer greater than %ld bytes, "
4025 "pid = %d", crypto_max_buffer_len, curproc->p_pid);
4026 rv = CRYPTO_ARGUMENTS_BAD;
4027 goto release_minor;
4028 }
4029
4030 session_id = STRUCT_FGET(verify, cv_session);
4031
4032 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4033 goto release_minor;
4034 }
4035
4036 need = datalen + signlen;
4037 if ((rv = CRYPTO_BUFFER_CHECK(sp, need, rctl_chk)) !=
4038 CRYPTO_SUCCESS) {
4039 need = 0;
4040 goto release_minor;
4041 }
4042
4043 INIT_RAW_CRYPTO_DATA(data, datalen);
4044 INIT_RAW_CRYPTO_DATA(sign, signlen);
4045
4046 if (datalen != 0 && copyin(STRUCT_FGETP(verify, cv_databuf),
4047 data.cd_raw.iov_base, datalen) != 0) {
4048 error = EFAULT;
4049 goto release_minor;
4050 }
4051
4052 if (signlen != 0 && copyin(STRUCT_FGETP(verify, cv_signbuf),
4053 sign.cd_raw.iov_base, signlen) != 0) {
4054 error = EFAULT;
4055 goto release_minor;
4056 }
4057
4058 rv = crypto_verify_single(sp->sd_verify_ctx, &data, &sign, NULL);
4059 if (KCF_CONTEXT_DONE(rv))
4060 sp->sd_verify_ctx = NULL;
4061
4062 release_minor:
4063 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4064 CRYPTO_SESSION_RELE(sp);
4065 crypto_release_minor(cm);
4066
4067 if (data.cd_raw.iov_base != NULL)
4068 kmem_free(data.cd_raw.iov_base, datalen);
4069
4070 if (sign.cd_raw.iov_base != NULL)
4071 kmem_free(sign.cd_raw.iov_base, signlen);
4072
4073 if (error != 0)
4074 return (error);
4075
4076 STRUCT_FSET(verify, cv_return_value, rv);
4077 if (copyout(STRUCT_BUF(verify), arg, STRUCT_SIZE(verify)) != 0) {
4078 return (EFAULT);
4079 }
4080 return (0);
4081 }
4082
4083 /* ARGSUSED */
4084 static int
verify_recover(dev_t dev,caddr_t arg,int mode,int * rval)4085 verify_recover(dev_t dev, caddr_t arg, int mode, int *rval)
4086 {
4087 return (common_digest(dev, arg, mode, crypto_verify_recover_single));
4088 }
4089
4090 /* ARGSUSED */
4091 static int
sign_update(dev_t dev,caddr_t arg,int mode,int * rval)4092 sign_update(dev_t dev, caddr_t arg, int mode, int *rval)
4093 {
4094 return (sign_verify_update(dev, arg, mode, crypto_sign_update));
4095 }
4096
4097 /* ARGSUSED */
4098 static int
verify_update(dev_t dev,caddr_t arg,int mode,int * rval)4099 verify_update(dev_t dev, caddr_t arg, int mode, int *rval)
4100 {
4101 return (sign_verify_update(dev, arg, mode, crypto_verify_update));
4102 }
4103
4104 /*
4105 * ASSUMPTION: crypto_sign_update and crypto_verify_update structures
4106 * are identical except for field names.
4107 */
4108 static int
sign_verify_update(dev_t dev,caddr_t arg,int mode,int (* update)(crypto_context_t,crypto_data_t *,crypto_call_req_t *))4109 sign_verify_update(dev_t dev, caddr_t arg, int mode,
4110 int (*update)(crypto_context_t, crypto_data_t *, crypto_call_req_t *))
4111 {
4112 STRUCT_DECL(crypto_sign_update, sign_update);
4113 crypto_session_id_t session_id;
4114 crypto_minor_t *cm;
4115 crypto_session_data_t *sp = NULL;
4116 crypto_ctx_t **ctxpp;
4117 crypto_data_t data;
4118 size_t datalen, need = 0;
4119 int error = 0;
4120 int rv;
4121 boolean_t rctl_chk = B_FALSE;
4122
4123 STRUCT_INIT(sign_update, mode);
4124
4125 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4126 cmn_err(CE_WARN, "sign_verify_update: failed holding minor");
4127 return (ENXIO);
4128 }
4129
4130 if (copyin(arg, STRUCT_BUF(sign_update),
4131 STRUCT_SIZE(sign_update)) != 0) {
4132 crypto_release_minor(cm);
4133 return (EFAULT);
4134 }
4135
4136 data.cd_raw.iov_base = NULL;
4137
4138 datalen = STRUCT_FGET(sign_update, su_datalen);
4139 if (datalen > crypto_max_buffer_len) {
4140 cmn_err(CE_NOTE, "sign_verify_update: buffer greater than %ld "
4141 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
4142 rv = CRYPTO_ARGUMENTS_BAD;
4143 goto release_minor;
4144 }
4145
4146 session_id = STRUCT_FGET(sign_update, su_session);
4147
4148 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4149 goto release_minor;
4150 }
4151
4152 if ((rv = CRYPTO_BUFFER_CHECK(sp, datalen, rctl_chk)) !=
4153 CRYPTO_SUCCESS) {
4154 goto release_minor;
4155 }
4156 need = datalen;
4157
4158 INIT_RAW_CRYPTO_DATA(data, datalen);
4159
4160 if (datalen != 0 && copyin(STRUCT_FGETP(sign_update, su_databuf),
4161 data.cd_raw.iov_base, datalen) != 0) {
4162 error = EFAULT;
4163 goto release_minor;
4164 }
4165
4166 ctxpp = (update == crypto_sign_update) ?
4167 &sp->sd_sign_ctx : &sp->sd_verify_ctx;
4168
4169 rv = (update)(*ctxpp, &data, NULL);
4170 if (rv != CRYPTO_SUCCESS)
4171 CRYPTO_CANCEL_CTX(ctxpp);
4172
4173 release_minor:
4174 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4175 CRYPTO_SESSION_RELE(sp);
4176 crypto_release_minor(cm);
4177
4178 if (data.cd_raw.iov_base != NULL)
4179 kmem_free(data.cd_raw.iov_base, datalen);
4180
4181 if (error != 0)
4182 return (error);
4183
4184 STRUCT_FSET(sign_update, su_return_value, rv);
4185 if (copyout(STRUCT_BUF(sign_update), arg,
4186 STRUCT_SIZE(sign_update)) != 0) {
4187 return (EFAULT);
4188 }
4189 return (0);
4190 }
4191
4192 /* ARGSUSED */
4193 static int
sign_final(dev_t dev,caddr_t arg,int mode,int * rval)4194 sign_final(dev_t dev, caddr_t arg, int mode, int *rval)
4195 {
4196 return (common_final(dev, arg, mode, crypto_sign_final));
4197 }
4198
4199 /*
4200 * Can't use the common final because it does a copyout of
4201 * the final part.
4202 */
4203 /* ARGSUSED */
4204 static int
verify_final(dev_t dev,caddr_t arg,int mode,int * rval)4205 verify_final(dev_t dev, caddr_t arg, int mode, int *rval)
4206 {
4207 STRUCT_DECL(crypto_verify_final, verify_final);
4208 crypto_session_id_t session_id;
4209 crypto_minor_t *cm;
4210 crypto_session_data_t *sp = NULL;
4211 crypto_data_t sign;
4212 size_t signlen, need = 0;
4213 int error = 0;
4214 int rv;
4215 boolean_t rctl_chk = B_FALSE;
4216
4217 STRUCT_INIT(verify_final, mode);
4218
4219 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4220 cmn_err(CE_WARN, "verify_final: failed holding minor");
4221 return (ENXIO);
4222 }
4223
4224 if (copyin(arg, STRUCT_BUF(verify_final),
4225 STRUCT_SIZE(verify_final)) != 0) {
4226 crypto_release_minor(cm);
4227 return (EFAULT);
4228 }
4229
4230 sign.cd_raw.iov_base = NULL;
4231
4232 signlen = STRUCT_FGET(verify_final, vf_signlen);
4233 if (signlen > crypto_max_buffer_len) {
4234 cmn_err(CE_NOTE, "verify_final: buffer greater than %ld "
4235 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
4236 rv = CRYPTO_ARGUMENTS_BAD;
4237 goto release_minor;
4238 }
4239
4240 session_id = STRUCT_FGET(verify_final, vf_session);
4241
4242 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4243 goto release_minor;
4244 }
4245
4246 if ((rv = CRYPTO_BUFFER_CHECK(sp, signlen, rctl_chk)) !=
4247 CRYPTO_SUCCESS) {
4248 goto release_minor;
4249 }
4250 need = signlen;
4251
4252 INIT_RAW_CRYPTO_DATA(sign, signlen);
4253
4254 if (signlen != 0 && copyin(STRUCT_FGETP(verify_final, vf_signbuf),
4255 sign.cd_raw.iov_base, signlen) != 0) {
4256 error = EFAULT;
4257 goto release_minor;
4258 }
4259
4260 rv = crypto_verify_final(sp->sd_verify_ctx, &sign, NULL);
4261 if (KCF_CONTEXT_DONE(rv))
4262 sp->sd_verify_ctx = NULL;
4263
4264 release_minor:
4265 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4266 CRYPTO_SESSION_RELE(sp);
4267 crypto_release_minor(cm);
4268
4269 if (sign.cd_raw.iov_base != NULL)
4270 kmem_free(sign.cd_raw.iov_base, signlen);
4271
4272 if (error != 0)
4273 return (error);
4274
4275 STRUCT_FSET(verify_final, vf_return_value, rv);
4276 if (copyout(STRUCT_BUF(verify_final), arg,
4277 STRUCT_SIZE(verify_final)) != 0) {
4278 return (EFAULT);
4279 }
4280 return (0);
4281 }
4282
4283 /* ARGSUSED */
4284 static int
seed_random(dev_t dev,caddr_t arg,int mode,int * rval)4285 seed_random(dev_t dev, caddr_t arg, int mode, int *rval)
4286 {
4287 STRUCT_DECL(crypto_seed_random, seed_random);
4288 kcf_provider_desc_t *real_provider = NULL;
4289 kcf_req_params_t params;
4290 crypto_session_id_t session_id;
4291 crypto_minor_t *cm;
4292 crypto_session_data_t *sp = NULL;
4293 uchar_t *seed_buffer = NULL;
4294 size_t seed_len;
4295 size_t need = 0;
4296 int error = 0;
4297 int rv;
4298 boolean_t rctl_chk = B_FALSE;
4299
4300 STRUCT_INIT(seed_random, mode);
4301
4302 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4303 cmn_err(CE_WARN, "seed_random: failed holding minor");
4304 return (ENXIO);
4305 }
4306
4307 if (copyin(arg, STRUCT_BUF(seed_random),
4308 STRUCT_SIZE(seed_random)) != 0) {
4309 crypto_release_minor(cm);
4310 return (EFAULT);
4311 }
4312
4313 seed_len = STRUCT_FGET(seed_random, sr_seedlen);
4314 if (seed_len > crypto_max_buffer_len) {
4315 cmn_err(CE_NOTE, "seed_random: buffer greater than %ld "
4316 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
4317 rv = CRYPTO_ARGUMENTS_BAD;
4318 goto release_minor;
4319 }
4320
4321 session_id = STRUCT_FGET(seed_random, sr_session);
4322
4323 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4324 goto release_minor;
4325 }
4326
4327 if ((rv = CRYPTO_BUFFER_CHECK(sp, seed_len, rctl_chk)) !=
4328 CRYPTO_SUCCESS) {
4329 goto release_minor;
4330 }
4331 need = seed_len;
4332 seed_buffer = kmem_alloc(seed_len, KM_SLEEP);
4333
4334 if (seed_len != 0 && copyin(STRUCT_FGETP(seed_random, sr_seedbuf),
4335 seed_buffer, seed_len) != 0) {
4336 error = EFAULT;
4337 goto release_minor;
4338 }
4339
4340 if ((rv = kcf_get_hardware_provider_nomech(
4341 CRYPTO_OPS_OFFSET(random_ops), CRYPTO_RANDOM_OFFSET(seed_random),
4342 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
4343 goto release_minor;
4344 }
4345
4346 KCF_WRAP_RANDOM_OPS_PARAMS(¶ms, KCF_OP_RANDOM_SEED,
4347 sp->sd_provider_session->ps_session, seed_buffer, seed_len, 0,
4348 CRYPTO_SEED_NOW);
4349
4350 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
4351
4352 release_minor:
4353 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4354 CRYPTO_SESSION_RELE(sp);
4355 crypto_release_minor(cm);
4356
4357 if (real_provider != NULL)
4358 KCF_PROV_REFRELE(real_provider);
4359
4360 if (seed_buffer != NULL)
4361 kmem_free(seed_buffer, seed_len);
4362
4363 if (error != 0)
4364 return (error);
4365
4366 STRUCT_FSET(seed_random, sr_return_value, rv);
4367 if (copyout(STRUCT_BUF(seed_random), arg,
4368 STRUCT_SIZE(seed_random)) != 0) {
4369 return (EFAULT);
4370 }
4371 return (0);
4372 }
4373
4374 /* ARGSUSED */
4375 static int
generate_random(dev_t dev,caddr_t arg,int mode,int * rval)4376 generate_random(dev_t dev, caddr_t arg, int mode, int *rval)
4377 {
4378 STRUCT_DECL(crypto_generate_random, generate_random);
4379 kcf_provider_desc_t *real_provider = NULL;
4380 kcf_req_params_t params;
4381 crypto_session_id_t session_id;
4382 crypto_minor_t *cm;
4383 crypto_session_data_t *sp = NULL;
4384 uchar_t *buffer = NULL;
4385 size_t len;
4386 size_t need = 0;
4387 int error = 0;
4388 int rv;
4389 boolean_t rctl_chk = B_FALSE;
4390
4391 STRUCT_INIT(generate_random, mode);
4392
4393 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4394 cmn_err(CE_WARN, "generate_random: failed holding minor");
4395 return (ENXIO);
4396 }
4397
4398 if (copyin(arg, STRUCT_BUF(generate_random),
4399 STRUCT_SIZE(generate_random)) != 0) {
4400 crypto_release_minor(cm);
4401 return (EFAULT);
4402 }
4403
4404 len = STRUCT_FGET(generate_random, gr_buflen);
4405 if (len > crypto_max_buffer_len) {
4406 cmn_err(CE_NOTE, "generate_random: buffer greater than %ld "
4407 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
4408 rv = CRYPTO_ARGUMENTS_BAD;
4409 goto release_minor;
4410 }
4411
4412 session_id = STRUCT_FGET(generate_random, gr_session);
4413
4414 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4415 goto release_minor;
4416 }
4417
4418 if ((rv = CRYPTO_BUFFER_CHECK(sp, len, rctl_chk)) !=
4419 CRYPTO_SUCCESS) {
4420 goto release_minor;
4421 }
4422 need = len;
4423 buffer = kmem_alloc(len, KM_SLEEP);
4424
4425 if ((rv = kcf_get_hardware_provider_nomech(
4426 CRYPTO_OPS_OFFSET(random_ops),
4427 CRYPTO_RANDOM_OFFSET(generate_random), sp->sd_provider,
4428 &real_provider)) != CRYPTO_SUCCESS) {
4429 goto release_minor;
4430 }
4431
4432 KCF_WRAP_RANDOM_OPS_PARAMS(¶ms, KCF_OP_RANDOM_GENERATE,
4433 sp->sd_provider_session->ps_session, buffer, len, 0, 0);
4434
4435 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
4436
4437 if (rv == CRYPTO_SUCCESS) {
4438 if (len != 0 && copyout(buffer,
4439 STRUCT_FGETP(generate_random, gr_buf), len) != 0) {
4440 error = EFAULT;
4441 }
4442 }
4443
4444 release_minor:
4445 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4446 CRYPTO_SESSION_RELE(sp);
4447 crypto_release_minor(cm);
4448
4449 if (real_provider != NULL)
4450 KCF_PROV_REFRELE(real_provider);
4451
4452 if (buffer != NULL) {
4453 /* random numbers are often used to create keys */
4454 bzero(buffer, len);
4455 kmem_free(buffer, len);
4456 }
4457
4458 if (error != 0)
4459 return (error);
4460
4461 STRUCT_FSET(generate_random, gr_return_value, rv);
4462 if (copyout(STRUCT_BUF(generate_random), arg,
4463 STRUCT_SIZE(generate_random)) != 0) {
4464 return (EFAULT);
4465 }
4466 return (0);
4467 }
4468
4469 /*
4470 * Copyout a kernel array of attributes to user space.
4471 * u_attrs is the corresponding user space array containing
4472 * user space pointers necessary for the copyout.
4473 */
4474 /* ARGSUSED */
4475 static int
copyout_attributes(int mode,caddr_t out,uint_t count,crypto_object_attribute_t * k_attrs,caddr_t u_attrs)4476 copyout_attributes(int mode, caddr_t out, uint_t count,
4477 crypto_object_attribute_t *k_attrs, caddr_t u_attrs)
4478 {
4479 STRUCT_DECL(crypto_object_attribute, oa);
4480 caddr_t p, valuep;
4481 size_t value_len;
4482 size_t len;
4483 int i;
4484 int error = 0;
4485
4486 if (count == 0)
4487 return (0);
4488
4489 STRUCT_INIT(oa, mode);
4490
4491 len = count * STRUCT_SIZE(oa);
4492
4493 ASSERT(u_attrs != NULL);
4494 p = u_attrs;
4495 for (i = 0; i < count; i++) {
4496 /* can this bcopy be eliminated? */
4497 bcopy(p, STRUCT_BUF(oa), STRUCT_SIZE(oa));
4498 value_len = k_attrs[i].oa_value_len;
4499 STRUCT_FSET(oa, oa_type, k_attrs[i].oa_type);
4500 STRUCT_FSET(oa, oa_value_len, (ssize_t)value_len);
4501 valuep = STRUCT_FGETP(oa, oa_value);
4502 if ((valuep != NULL) && (value_len != (size_t)-1)) {
4503 if (copyout(k_attrs[i].oa_value,
4504 valuep, value_len) != 0) {
4505 error = EFAULT;
4506 goto out;
4507 }
4508 }
4509 bcopy(STRUCT_BUF(oa), p, STRUCT_SIZE(oa));
4510 p += STRUCT_SIZE(oa);
4511 }
4512 if (copyout(u_attrs, out, len)) {
4513 error = EFAULT;
4514 }
4515 out:
4516 return (error);
4517 }
4518
4519
4520 /* ARGSUSED */
4521 static int
object_create(dev_t dev,caddr_t arg,int mode,int * rval)4522 object_create(dev_t dev, caddr_t arg, int mode, int *rval)
4523 {
4524 STRUCT_DECL(crypto_object_create, object_create);
4525 kcf_provider_desc_t *real_provider = NULL;
4526 kcf_req_params_t params;
4527 crypto_object_attribute_t *k_attrs = NULL;
4528 crypto_session_id_t session_id;
4529 crypto_minor_t *cm;
4530 crypto_session_data_t *sp = NULL;
4531 crypto_object_id_t object_handle;
4532 caddr_t oc_attributes;
4533 size_t k_attrs_size;
4534 size_t rctl_bytes = 0;
4535 boolean_t rctl_chk = B_FALSE;
4536 int error = 0;
4537 int rv;
4538 uint_t count;
4539
4540 STRUCT_INIT(object_create, mode);
4541
4542 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4543 cmn_err(CE_WARN, "object_create: failed holding minor");
4544 return (ENXIO);
4545 }
4546
4547 if (copyin(arg, STRUCT_BUF(object_create),
4548 STRUCT_SIZE(object_create)) != 0) {
4549 crypto_release_minor(cm);
4550 return (EFAULT);
4551 }
4552
4553 count = STRUCT_FGET(object_create, oc_count);
4554 oc_attributes = STRUCT_FGETP(object_create, oc_attributes);
4555
4556 session_id = STRUCT_FGET(object_create, oc_session);
4557 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4558 goto release_minor;
4559 }
4560 if (!copyin_attributes(mode, sp, count, oc_attributes, &k_attrs,
4561 &k_attrs_size, NULL, &rv, &error, &rctl_bytes,
4562 &rctl_chk, B_TRUE)) {
4563 goto release_minor;
4564 }
4565
4566 if ((rv = kcf_get_hardware_provider_nomech(
4567 CRYPTO_OPS_OFFSET(object_ops),
4568 CRYPTO_OBJECT_OFFSET(object_create), sp->sd_provider,
4569 &real_provider)) != CRYPTO_SUCCESS) {
4570 goto release_minor;
4571 }
4572
4573 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_CREATE,
4574 sp->sd_provider_session->ps_session, 0, k_attrs, count,
4575 &object_handle, 0, NULL, NULL, 0, NULL);
4576
4577 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
4578
4579 if (rv == CRYPTO_SUCCESS)
4580 STRUCT_FSET(object_create, oc_handle, object_handle);
4581
4582 release_minor:
4583 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
4584
4585 if (k_attrs != NULL)
4586 kmem_free(k_attrs, k_attrs_size);
4587
4588 if (error != 0)
4589 goto out;
4590
4591 STRUCT_FSET(object_create, oc_return_value, rv);
4592 if (copyout(STRUCT_BUF(object_create), arg,
4593 STRUCT_SIZE(object_create)) != 0) {
4594 if (rv == CRYPTO_SUCCESS) {
4595 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms,
4596 KCF_OP_OBJECT_DESTROY,
4597 sp->sd_provider_session->ps_session, object_handle,
4598 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
4599
4600 (void) kcf_submit_request(real_provider, NULL,
4601 NULL, ¶ms, B_FALSE);
4602
4603 error = EFAULT;
4604 }
4605 }
4606 out:
4607 CRYPTO_SESSION_RELE(sp);
4608 crypto_release_minor(cm);
4609 if (real_provider != NULL)
4610 KCF_PROV_REFRELE(real_provider);
4611 return (error);
4612 }
4613
4614 /* ARGSUSED */
4615 static int
object_copy(dev_t dev,caddr_t arg,int mode,int * rval)4616 object_copy(dev_t dev, caddr_t arg, int mode, int *rval)
4617 {
4618 STRUCT_DECL(crypto_object_copy, object_copy);
4619 kcf_provider_desc_t *real_provider = NULL;
4620 kcf_req_params_t params;
4621 crypto_object_attribute_t *k_attrs = NULL;
4622 crypto_session_id_t session_id;
4623 crypto_minor_t *cm;
4624 crypto_session_data_t *sp = NULL;
4625 crypto_object_id_t handle, new_handle;
4626 caddr_t oc_new_attributes;
4627 size_t k_attrs_size;
4628 size_t rctl_bytes = 0;
4629 boolean_t rctl_chk = B_FALSE;
4630 int error = 0;
4631 int rv;
4632 uint_t count;
4633
4634 STRUCT_INIT(object_copy, mode);
4635
4636 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4637 cmn_err(CE_WARN, "object_copy: failed holding minor");
4638 return (ENXIO);
4639 }
4640
4641 if (copyin(arg, STRUCT_BUF(object_copy),
4642 STRUCT_SIZE(object_copy)) != 0) {
4643 crypto_release_minor(cm);
4644 return (EFAULT);
4645 }
4646
4647 count = STRUCT_FGET(object_copy, oc_count);
4648 oc_new_attributes = STRUCT_FGETP(object_copy, oc_new_attributes);
4649
4650 session_id = STRUCT_FGET(object_copy, oc_session);
4651
4652 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4653 goto release_minor;
4654 }
4655 if (!copyin_attributes(mode, sp, count, oc_new_attributes, &k_attrs,
4656 &k_attrs_size, NULL, &rv, &error, &rctl_bytes,
4657 &rctl_chk, B_TRUE)) {
4658 goto release_minor;
4659 }
4660
4661 if ((rv = kcf_get_hardware_provider_nomech(
4662 CRYPTO_OPS_OFFSET(object_ops),
4663 CRYPTO_OBJECT_OFFSET(object_copy), sp->sd_provider,
4664 &real_provider)) != CRYPTO_SUCCESS) {
4665 goto release_minor;
4666 }
4667
4668 handle = STRUCT_FGET(object_copy, oc_handle);
4669 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_COPY,
4670 sp->sd_provider_session->ps_session, handle, k_attrs, count,
4671 &new_handle, 0, NULL, NULL, 0, NULL);
4672
4673 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
4674
4675 if (rv == CRYPTO_SUCCESS)
4676 STRUCT_FSET(object_copy, oc_new_handle, new_handle);
4677
4678 release_minor:
4679 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
4680
4681 if (k_attrs != NULL)
4682 kmem_free(k_attrs, k_attrs_size);
4683
4684 if (error != 0)
4685 goto out;
4686
4687 STRUCT_FSET(object_copy, oc_return_value, rv);
4688 if (copyout(STRUCT_BUF(object_copy), arg,
4689 STRUCT_SIZE(object_copy)) != 0) {
4690 if (rv == CRYPTO_SUCCESS) {
4691 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms,
4692 KCF_OP_OBJECT_DESTROY,
4693 sp->sd_provider_session->ps_session, new_handle,
4694 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
4695
4696 (void) kcf_submit_request(real_provider, NULL,
4697 NULL, ¶ms, B_FALSE);
4698
4699 error = EFAULT;
4700 }
4701 }
4702 out:
4703 CRYPTO_SESSION_RELE(sp);
4704 crypto_release_minor(cm);
4705 if (real_provider != NULL)
4706 KCF_PROV_REFRELE(real_provider);
4707 return (error);
4708 }
4709
4710 /* ARGSUSED */
4711 static int
object_destroy(dev_t dev,caddr_t arg,int mode,int * rval)4712 object_destroy(dev_t dev, caddr_t arg, int mode, int *rval)
4713 {
4714 STRUCT_DECL(crypto_object_destroy, object_destroy);
4715 kcf_provider_desc_t *real_provider;
4716 kcf_req_params_t params;
4717 crypto_session_id_t session_id;
4718 crypto_minor_t *cm;
4719 crypto_session_data_t *sp;
4720 crypto_object_id_t handle;
4721 int error = 0;
4722 int rv;
4723
4724 STRUCT_INIT(object_destroy, mode);
4725
4726 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4727 cmn_err(CE_WARN, "object_destroy: failed holding minor");
4728 return (ENXIO);
4729 }
4730
4731 if (copyin(arg, STRUCT_BUF(object_destroy),
4732 STRUCT_SIZE(object_destroy)) != 0) {
4733 crypto_release_minor(cm);
4734 return (EFAULT);
4735 }
4736
4737 session_id = STRUCT_FGET(object_destroy, od_session);
4738
4739 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4740 goto release_minor;
4741 }
4742
4743 if ((rv = kcf_get_hardware_provider_nomech(
4744 CRYPTO_OPS_OFFSET(object_ops),
4745 CRYPTO_OBJECT_OFFSET(object_destroy), sp->sd_provider,
4746 &real_provider)) != CRYPTO_SUCCESS) {
4747 goto out;
4748 }
4749
4750 handle = STRUCT_FGET(object_destroy, od_handle);
4751 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_DESTROY,
4752 sp->sd_provider_session->ps_session, handle, NULL, 0, NULL, 0,
4753 NULL, NULL, 0, NULL);
4754
4755 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
4756 KCF_PROV_REFRELE(real_provider);
4757
4758 out:
4759 CRYPTO_SESSION_RELE(sp);
4760
4761 release_minor:
4762 crypto_release_minor(cm);
4763
4764 if (error != 0)
4765 return (error);
4766
4767 STRUCT_FSET(object_destroy, od_return_value, rv);
4768
4769 if (copyout(STRUCT_BUF(object_destroy), arg,
4770 STRUCT_SIZE(object_destroy)) != 0) {
4771 return (EFAULT);
4772 }
4773 return (0);
4774 }
4775
4776 /* ARGSUSED */
4777 static int
object_get_attribute_value(dev_t dev,caddr_t arg,int mode,int * rval)4778 object_get_attribute_value(dev_t dev, caddr_t arg, int mode, int *rval)
4779 {
4780 STRUCT_DECL(crypto_object_get_attribute_value, get_attribute_value);
4781 #ifdef _LP64
4782 STRUCT_DECL(crypto_object_attribute, oa);
4783 #else
4784 /* LINTED E_FUNC_SET_NOT_USED */
4785 STRUCT_DECL(crypto_object_attribute, oa);
4786 #endif
4787 kcf_provider_desc_t *real_provider;
4788 kcf_req_params_t params;
4789 crypto_object_attribute_t *k_attrs = NULL;
4790 crypto_session_id_t session_id;
4791 crypto_minor_t *cm;
4792 crypto_session_data_t *sp = NULL;
4793 crypto_object_id_t handle;
4794 caddr_t og_attributes;
4795 caddr_t u_attrs = NULL;
4796 size_t k_attrs_size;
4797 size_t rctl_bytes = 0;
4798 boolean_t rctl_chk = B_FALSE;
4799 int error = 0;
4800 int rv;
4801 uint_t count;
4802
4803 STRUCT_INIT(get_attribute_value, mode);
4804 STRUCT_INIT(oa, mode);
4805
4806 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4807 cmn_err(CE_WARN,
4808 "object_get_attribute_value: failed holding minor");
4809 return (ENXIO);
4810 }
4811
4812 if (copyin(arg, STRUCT_BUF(get_attribute_value),
4813 STRUCT_SIZE(get_attribute_value)) != 0) {
4814 crypto_release_minor(cm);
4815 return (EFAULT);
4816 }
4817
4818 count = STRUCT_FGET(get_attribute_value, og_count);
4819 og_attributes = STRUCT_FGETP(get_attribute_value, og_attributes);
4820
4821 session_id = STRUCT_FGET(get_attribute_value, og_session);
4822
4823 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4824 goto release_minor;
4825 }
4826 if (!copyin_attributes(mode, sp, count, og_attributes, &k_attrs,
4827 &k_attrs_size, &u_attrs, &rv, &error, &rctl_bytes,
4828 &rctl_chk, B_FALSE)) {
4829 goto release_minor;
4830 }
4831
4832 if ((rv = kcf_get_hardware_provider_nomech(
4833 CRYPTO_OPS_OFFSET(object_ops),
4834 CRYPTO_OBJECT_OFFSET(object_get_attribute_value),
4835 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
4836 goto out;
4837 }
4838
4839 handle = STRUCT_FGET(get_attribute_value, og_handle);
4840 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_GET_ATTRIBUTE_VALUE,
4841 sp->sd_provider_session->ps_session, handle, k_attrs, count, NULL,
4842 0, NULL, NULL, 0, NULL);
4843
4844 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
4845 KCF_PROV_REFRELE(real_provider);
4846
4847 out:
4848 if (rv == CRYPTO_SUCCESS || rv == CRYPTO_ATTRIBUTE_SENSITIVE ||
4849 rv == CRYPTO_ATTRIBUTE_TYPE_INVALID ||
4850 rv == CRYPTO_BUFFER_TOO_SMALL) {
4851 error = copyout_attributes(mode,
4852 STRUCT_FGETP(get_attribute_value, og_attributes),
4853 count, k_attrs, u_attrs);
4854 }
4855
4856 release_minor:
4857 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
4858 CRYPTO_SESSION_RELE(sp);
4859 crypto_release_minor(cm);
4860
4861 if (k_attrs != NULL)
4862 kmem_free(k_attrs, k_attrs_size);
4863
4864 if (u_attrs != NULL)
4865 kmem_free(u_attrs, count * STRUCT_SIZE(oa));
4866
4867 if (error != 0)
4868 return (error);
4869
4870 STRUCT_FSET(get_attribute_value, og_return_value, rv);
4871 if (copyout(STRUCT_BUF(get_attribute_value), arg,
4872 STRUCT_SIZE(get_attribute_value)) != 0) {
4873 return (EFAULT);
4874 }
4875 return (0);
4876 }
4877
4878 /* ARGSUSED */
4879 static int
object_get_size(dev_t dev,caddr_t arg,int mode,int * rval)4880 object_get_size(dev_t dev, caddr_t arg, int mode, int *rval)
4881 {
4882 STRUCT_DECL(crypto_object_get_size, object_get_size);
4883 kcf_provider_desc_t *real_provider;
4884 kcf_req_params_t params;
4885 crypto_session_id_t session_id;
4886 crypto_minor_t *cm;
4887 crypto_session_data_t *sp = NULL;
4888 crypto_object_id_t handle;
4889 size_t size;
4890 int error = 0;
4891 int rv;
4892
4893 STRUCT_INIT(object_get_size, mode);
4894
4895 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4896 cmn_err(CE_WARN, "object_get_size: failed holding minor");
4897 return (ENXIO);
4898 }
4899
4900 if (copyin(arg, STRUCT_BUF(object_get_size),
4901 STRUCT_SIZE(object_get_size)) != 0) {
4902 crypto_release_minor(cm);
4903 return (EFAULT);
4904 }
4905
4906 session_id = STRUCT_FGET(object_get_size, gs_session);
4907
4908 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4909 goto release_minor;
4910 }
4911
4912 if ((rv = kcf_get_hardware_provider_nomech(
4913 CRYPTO_OPS_OFFSET(object_ops),
4914 CRYPTO_OBJECT_OFFSET(object_get_size),
4915 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
4916 goto release_minor;
4917 }
4918
4919 handle = STRUCT_FGET(object_get_size, gs_handle);
4920 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_GET_SIZE,
4921 sp->sd_provider_session->ps_session, handle, NULL, 0, NULL, &size,
4922 NULL, NULL, 0, NULL);
4923
4924 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
4925 KCF_PROV_REFRELE(real_provider);
4926
4927 if (rv == CRYPTO_SUCCESS) {
4928 STRUCT_FSET(object_get_size, gs_size, (ulong_t)size);
4929 }
4930
4931 release_minor:
4932 crypto_release_minor(cm);
4933 CRYPTO_SESSION_RELE(sp);
4934
4935 if (error != 0)
4936 return (error);
4937
4938 STRUCT_FSET(object_get_size, gs_return_value, rv);
4939 if (copyout(STRUCT_BUF(object_get_size), arg,
4940 STRUCT_SIZE(object_get_size)) != 0) {
4941 return (EFAULT);
4942 }
4943 return (0);
4944 }
4945
4946 /* ARGSUSED */
4947 static int
object_set_attribute_value(dev_t dev,caddr_t arg,int mode,int * rval)4948 object_set_attribute_value(dev_t dev, caddr_t arg, int mode, int *rval)
4949 {
4950 STRUCT_DECL(crypto_object_set_attribute_value, set_attribute_value);
4951 kcf_provider_desc_t *real_provider;
4952 kcf_req_params_t params;
4953 crypto_object_attribute_t *k_attrs = NULL;
4954 crypto_session_id_t session_id;
4955 crypto_minor_t *cm;
4956 crypto_session_data_t *sp = NULL;
4957 crypto_object_id_t object_handle;
4958 caddr_t sa_attributes;
4959 size_t k_attrs_size;
4960 size_t rctl_bytes = 0;
4961 boolean_t rctl_chk = B_FALSE;
4962 int error = 0;
4963 int rv;
4964 uint_t count;
4965
4966 STRUCT_INIT(set_attribute_value, mode);
4967
4968 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4969 cmn_err(CE_WARN,
4970 "object_set_attribute_value: failed holding minor");
4971 return (ENXIO);
4972 }
4973
4974 if (copyin(arg, STRUCT_BUF(set_attribute_value),
4975 STRUCT_SIZE(set_attribute_value)) != 0) {
4976 crypto_release_minor(cm);
4977 return (EFAULT);
4978 }
4979
4980 count = STRUCT_FGET(set_attribute_value, sa_count);
4981 sa_attributes = STRUCT_FGETP(set_attribute_value, sa_attributes);
4982
4983 session_id = STRUCT_FGET(set_attribute_value, sa_session);
4984
4985 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4986 goto release_minor;
4987 }
4988 if (!copyin_attributes(mode, sp, count, sa_attributes, &k_attrs,
4989 &k_attrs_size, NULL, &rv, &error, &rctl_bytes,
4990 &rctl_chk, B_TRUE)) {
4991 goto release_minor;
4992 }
4993
4994 if ((rv = kcf_get_hardware_provider_nomech(
4995 CRYPTO_OPS_OFFSET(object_ops),
4996 CRYPTO_OBJECT_OFFSET(object_set_attribute_value),
4997 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
4998 goto release_minor;
4999 }
5000
5001 object_handle = STRUCT_FGET(set_attribute_value, sa_handle);
5002 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_SET_ATTRIBUTE_VALUE,
5003 sp->sd_provider_session->ps_session, object_handle, k_attrs, count,
5004 NULL, 0, NULL, NULL, 0, NULL);
5005
5006 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
5007 KCF_PROV_REFRELE(real_provider);
5008
5009 release_minor:
5010 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
5011 CRYPTO_SESSION_RELE(sp);
5012 crypto_release_minor(cm);
5013
5014 if (k_attrs != NULL)
5015 kmem_free(k_attrs, k_attrs_size);
5016
5017 if (error != 0)
5018 return (error);
5019
5020 STRUCT_FSET(set_attribute_value, sa_return_value, rv);
5021 if (copyout(STRUCT_BUF(set_attribute_value), arg,
5022 STRUCT_SIZE(set_attribute_value)) != 0) {
5023 return (EFAULT);
5024 }
5025 return (0);
5026 }
5027
5028 /* ARGSUSED */
5029 static int
object_find_init(dev_t dev,caddr_t arg,int mode,int * rval)5030 object_find_init(dev_t dev, caddr_t arg, int mode, int *rval)
5031 {
5032 STRUCT_DECL(crypto_object_find_init, find_init);
5033 kcf_provider_desc_t *real_provider = NULL;
5034 kcf_req_params_t params;
5035 crypto_object_attribute_t *k_attrs = NULL;
5036 crypto_session_id_t session_id;
5037 crypto_minor_t *cm;
5038 crypto_session_data_t *sp = NULL;
5039 caddr_t attributes;
5040 size_t k_attrs_size;
5041 size_t rctl_bytes = 0;
5042 boolean_t rctl_chk = B_FALSE;
5043 int error = 0;
5044 int rv;
5045 uint_t count;
5046 void *cookie;
5047
5048 STRUCT_INIT(find_init, mode);
5049
5050 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5051 cmn_err(CE_WARN, "object_find_init: failed holding minor");
5052 return (ENXIO);
5053 }
5054
5055 if (copyin(arg, STRUCT_BUF(find_init), STRUCT_SIZE(find_init)) != 0) {
5056 crypto_release_minor(cm);
5057 return (EFAULT);
5058 }
5059
5060 count = STRUCT_FGET(find_init, fi_count);
5061 attributes = STRUCT_FGETP(find_init, fi_attributes);
5062
5063 session_id = STRUCT_FGET(find_init, fi_session);
5064
5065 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5066 goto release_minor;
5067 }
5068 if (!copyin_attributes(mode, sp, count, attributes, &k_attrs,
5069 &k_attrs_size, NULL, &rv, &error, &rctl_bytes,
5070 &rctl_chk, B_TRUE)) {
5071 goto release_minor;
5072 }
5073
5074 if ((rv = kcf_get_hardware_provider_nomech(
5075 CRYPTO_OPS_OFFSET(object_ops),
5076 CRYPTO_OBJECT_OFFSET(object_find_init),
5077 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
5078 goto release_minor;
5079 }
5080
5081 /* check for an active find */
5082 if (sp->sd_find_init_cookie != NULL) {
5083 rv = CRYPTO_OPERATION_IS_ACTIVE;
5084 goto release_minor;
5085 }
5086
5087 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_FIND_INIT,
5088 sp->sd_provider_session->ps_session, 0, k_attrs, count, NULL, 0,
5089 &cookie, NULL, 0, NULL);
5090
5091 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
5092
5093 if (rv == CRYPTO_SUCCESS) {
5094 /*
5095 * The cookie is allocated by a provider at the start of an
5096 * object search. It is freed when the search is terminated
5097 * by a final operation, or when the session is closed.
5098 * It contains state information about which object handles
5099 * have been returned to the caller.
5100 */
5101 sp->sd_find_init_cookie = cookie;
5102 }
5103
5104 release_minor:
5105 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
5106 CRYPTO_SESSION_RELE(sp);
5107 crypto_release_minor(cm);
5108
5109 if (real_provider != NULL)
5110 KCF_PROV_REFRELE(real_provider);
5111
5112 if (k_attrs != NULL)
5113 kmem_free(k_attrs, k_attrs_size);
5114
5115 if (error != 0)
5116 return (error);
5117
5118 STRUCT_FSET(find_init, fi_return_value, rv);
5119 if (copyout(STRUCT_BUF(find_init), arg, STRUCT_SIZE(find_init)) != 0) {
5120 return (EFAULT);
5121 }
5122 return (0);
5123 }
5124
5125 /* ARGSUSED */
5126 static int
object_find_update(dev_t dev,caddr_t arg,int mode,int * rval)5127 object_find_update(dev_t dev, caddr_t arg, int mode, int *rval)
5128 {
5129 STRUCT_DECL(crypto_object_find_update, find_update);
5130 kcf_provider_desc_t *real_provider;
5131 kcf_req_params_t params;
5132 crypto_minor_t *cm;
5133 crypto_session_data_t *sp = NULL;
5134 crypto_object_id_t *buffer = NULL;
5135 crypto_session_id_t session_id;
5136 size_t len, rctl_bytes = 0;
5137 uint_t count, max_count;
5138 int rv, error = 0;
5139 boolean_t rctl_chk = B_FALSE;
5140
5141 STRUCT_INIT(find_update, mode);
5142
5143 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5144 cmn_err(CE_WARN, "object_find_update: failed holding minor");
5145 return (ENXIO);
5146 }
5147
5148 if (copyin(arg, STRUCT_BUF(find_update),
5149 STRUCT_SIZE(find_update)) != 0) {
5150 crypto_release_minor(cm);
5151 return (EFAULT);
5152 }
5153
5154 max_count = STRUCT_FGET(find_update, fu_max_count);
5155 if (max_count > CRYPTO_MAX_FIND_COUNT) {
5156 cmn_err(CE_NOTE, "object_find_update: count greater than %d, "
5157 "pid = %d", CRYPTO_MAX_FIND_COUNT, curproc->p_pid);
5158 rv = CRYPTO_ARGUMENTS_BAD;
5159 goto release_minor;
5160 }
5161 len = max_count * sizeof (crypto_object_id_t);
5162 session_id = STRUCT_FGET(find_update, fu_session);
5163
5164 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5165 goto release_minor;
5166 }
5167 if ((rv = CRYPTO_BUFFER_CHECK(sp, len, rctl_chk)) !=
5168 CRYPTO_SUCCESS) {
5169 goto release_minor;
5170 }
5171 rctl_bytes = len;
5172 buffer = kmem_alloc(len, KM_SLEEP);
5173
5174 if ((rv = kcf_get_hardware_provider_nomech(
5175 CRYPTO_OPS_OFFSET(object_ops),
5176 CRYPTO_OBJECT_OFFSET(object_find), sp->sd_provider,
5177 &real_provider)) != CRYPTO_SUCCESS) {
5178 goto release_minor;
5179 }
5180
5181 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_FIND,
5182 sp->sd_provider_session->ps_session, 0, NULL, 0, buffer, 0,
5183 NULL, sp->sd_find_init_cookie, max_count, &count);
5184
5185 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
5186 KCF_PROV_REFRELE(real_provider);
5187
5188 if (rv == CRYPTO_SUCCESS) {
5189 if (count > max_count) {
5190 /* bad bad provider */
5191 rv = CRYPTO_FAILED;
5192 goto release_minor;
5193 }
5194 if (count != 0) {
5195 /* copyout handles */
5196 if (copyout(buffer,
5197 STRUCT_FGETP(find_update, fu_handles),
5198 count * sizeof (crypto_object_id_t)) != 0) {
5199 error = EFAULT;
5200 }
5201 }
5202 STRUCT_FSET(find_update, fu_count, count);
5203 }
5204
5205 release_minor:
5206 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
5207 CRYPTO_SESSION_RELE(sp);
5208 crypto_release_minor(cm);
5209
5210 if (buffer != NULL)
5211 kmem_free(buffer, len);
5212
5213 if (error != 0)
5214 return (error);
5215
5216 STRUCT_FSET(find_update, fu_return_value, rv);
5217 if (copyout(STRUCT_BUF(find_update), arg,
5218 STRUCT_SIZE(find_update)) != 0) {
5219 return (EFAULT);
5220 }
5221
5222 return (0);
5223 }
5224
5225 /*
5226 * Free provider-allocated storage used for find object searches.
5227 */
5228 static int
crypto_free_find_ctx(crypto_session_data_t * sp)5229 crypto_free_find_ctx(crypto_session_data_t *sp)
5230 {
5231 kcf_provider_desc_t *real_provider;
5232 kcf_req_params_t params;
5233 int rv;
5234
5235 if ((rv = kcf_get_hardware_provider_nomech(
5236 CRYPTO_OPS_OFFSET(object_ops),
5237 CRYPTO_OBJECT_OFFSET(object_find_final),
5238 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
5239 return (rv);
5240 }
5241
5242 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_FIND_FINAL,
5243 sp->sd_provider_session->ps_session, 0, NULL, 0, NULL, 0,
5244 NULL, sp->sd_find_init_cookie, 0, NULL);
5245
5246 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
5247 KCF_PROV_REFRELE(real_provider);
5248 return (rv);
5249 }
5250
5251 /* ARGSUSED */
5252 static int
object_find_final(dev_t dev,caddr_t arg,int mode,int * rval)5253 object_find_final(dev_t dev, caddr_t arg, int mode, int *rval)
5254 {
5255 STRUCT_DECL(crypto_object_find_final, object_find_final);
5256 crypto_session_id_t session_id;
5257 crypto_minor_t *cm;
5258 crypto_session_data_t *sp;
5259 int error = 0;
5260 int rv;
5261
5262 STRUCT_INIT(object_find_final, mode);
5263
5264 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5265 cmn_err(CE_WARN, "object_find_final: failed holding minor");
5266 return (ENXIO);
5267 }
5268
5269 if (copyin(arg, STRUCT_BUF(object_find_final),
5270 STRUCT_SIZE(object_find_final)) != 0) {
5271 crypto_release_minor(cm);
5272 return (EFAULT);
5273 }
5274
5275 session_id = STRUCT_FGET(object_find_final, ff_session);
5276
5277 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5278 goto release_minor;
5279 }
5280
5281 if ((rv = crypto_free_find_ctx(sp)) == CRYPTO_SUCCESS) {
5282 sp->sd_find_init_cookie = NULL;
5283 }
5284
5285 CRYPTO_SESSION_RELE(sp);
5286
5287 release_minor:
5288 crypto_release_minor(cm);
5289
5290 if (error != 0)
5291 return (error);
5292
5293 STRUCT_FSET(object_find_final, ff_return_value, rv);
5294
5295 if (copyout(STRUCT_BUF(object_find_final), arg,
5296 STRUCT_SIZE(object_find_final)) != 0) {
5297 return (EFAULT);
5298 }
5299 return (0);
5300 }
5301
5302 /* ARGSUSED */
5303 static int
object_generate_key(dev_t dev,caddr_t arg,int mode,int * rval)5304 object_generate_key(dev_t dev, caddr_t arg, int mode, int *rval)
5305 {
5306 STRUCT_DECL(crypto_object_generate_key, generate_key);
5307 kcf_provider_desc_t *real_provider = NULL;
5308 kcf_req_params_t params;
5309 crypto_mechanism_t mech;
5310 crypto_object_attribute_t *k_attrs = NULL;
5311 crypto_session_id_t session_id;
5312 crypto_minor_t *cm;
5313 crypto_session_data_t *sp = NULL;
5314 crypto_object_id_t key_handle;
5315 caddr_t attributes;
5316 size_t k_attrs_size;
5317 size_t mech_rctl_bytes = 0, key_rctl_bytes = 0;
5318 boolean_t mech_rctl_chk = B_FALSE;
5319 boolean_t key_rctl_chk = B_FALSE;
5320 uint_t count;
5321 int error = 0;
5322 int rv;
5323 boolean_t allocated_by_crypto_module = B_FALSE;
5324
5325 STRUCT_INIT(generate_key, mode);
5326
5327 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5328 cmn_err(CE_WARN, "object_generate_key: failed holding minor");
5329 return (ENXIO);
5330 }
5331
5332 if (copyin(arg, STRUCT_BUF(generate_key),
5333 STRUCT_SIZE(generate_key)) != 0) {
5334 crypto_release_minor(cm);
5335 return (EFAULT);
5336 }
5337
5338 session_id = STRUCT_FGET(generate_key, gk_session);
5339
5340 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5341 goto release_minor;
5342 }
5343
5344 bcopy(STRUCT_FADDR(generate_key, gk_mechanism), &mech.cm_type,
5345 sizeof (crypto_mech_type_t));
5346
5347 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
5348 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
5349 &real_provider, CRYPTO_FG_GENERATE)) != CRYPTO_SUCCESS) {
5350 goto release_minor;
5351 }
5352
5353 rv = crypto_provider_copyin_mech_param(real_provider,
5354 STRUCT_FADDR(generate_key, gk_mechanism), &mech, mode, &error);
5355
5356 if (rv == CRYPTO_NOT_SUPPORTED) {
5357 allocated_by_crypto_module = B_TRUE;
5358 if (!copyin_mech(mode, sp,
5359 STRUCT_FADDR(generate_key, gk_mechanism),
5360 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
5361 goto release_minor;
5362 }
5363 } else {
5364 if (rv != CRYPTO_SUCCESS)
5365 goto release_minor;
5366 }
5367
5368 count = STRUCT_FGET(generate_key, gk_count);
5369 attributes = STRUCT_FGETP(generate_key, gk_attributes);
5370 if (!copyin_attributes(mode, sp, count, attributes, &k_attrs,
5371 &k_attrs_size, NULL, &rv, &error, &key_rctl_bytes,
5372 &key_rctl_chk, B_TRUE)) {
5373 goto release_minor;
5374 }
5375
5376 KCF_WRAP_KEY_OPS_PARAMS(¶ms, KCF_OP_KEY_GENERATE,
5377 sp->sd_provider_session->ps_session, &mech, k_attrs, count,
5378 &key_handle, NULL, 0, NULL, NULL, NULL, 0);
5379
5380 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
5381
5382 if (rv == CRYPTO_SUCCESS)
5383 STRUCT_FSET(generate_key, gk_handle, key_handle);
5384
5385 release_minor:
5386 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
5387 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
5388
5389 if (k_attrs != NULL)
5390 kmem_free(k_attrs, k_attrs_size);
5391
5392 if (error != 0)
5393 goto out;
5394
5395 STRUCT_FSET(generate_key, gk_return_value, rv);
5396 if (copyout(STRUCT_BUF(generate_key), arg,
5397 STRUCT_SIZE(generate_key)) != 0) {
5398 if (rv == CRYPTO_SUCCESS) {
5399 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms,
5400 KCF_OP_OBJECT_DESTROY,
5401 sp->sd_provider_session->ps_session, key_handle,
5402 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
5403
5404 (void) kcf_submit_request(real_provider, NULL,
5405 NULL, ¶ms, B_FALSE);
5406
5407 error = EFAULT;
5408 }
5409 }
5410 out:
5411 CRYPTO_SESSION_RELE(sp);
5412 crypto_release_minor(cm);
5413
5414 if (real_provider != NULL) {
5415 crypto_free_mech(real_provider,
5416 allocated_by_crypto_module, &mech);
5417 KCF_PROV_REFRELE(real_provider);
5418 }
5419 return (error);
5420 }
5421
5422 /* ARGSUSED */
5423 static int
nostore_generate_key(dev_t dev,caddr_t arg,int mode,int * rval)5424 nostore_generate_key(dev_t dev, caddr_t arg, int mode, int *rval)
5425 {
5426 STRUCT_DECL(crypto_nostore_generate_key, generate_key);
5427 #ifdef _LP64
5428 STRUCT_DECL(crypto_object_attribute, oa);
5429 #else
5430 /* LINTED E_FUNC_SET_NOT_USED */
5431 STRUCT_DECL(crypto_object_attribute, oa);
5432 #endif
5433 kcf_provider_desc_t *real_provider = NULL;
5434 kcf_req_params_t params;
5435 crypto_mechanism_t mech;
5436 crypto_object_attribute_t *k_in_attrs = NULL;
5437 crypto_object_attribute_t *k_out_attrs = NULL;
5438 crypto_session_id_t session_id;
5439 crypto_minor_t *cm;
5440 crypto_session_data_t *sp = NULL;
5441 caddr_t in_attributes;
5442 caddr_t out_attributes;
5443 size_t k_in_attrs_size;
5444 size_t k_out_attrs_size;
5445 size_t mech_rctl_bytes = 0;
5446 boolean_t mech_rctl_chk = B_FALSE;
5447 size_t in_key_rctl_bytes = 0, out_key_rctl_bytes = 0;
5448 boolean_t in_key_rctl_chk = B_FALSE;
5449 boolean_t out_key_rctl_chk = B_FALSE;
5450 uint_t in_count;
5451 uint_t out_count;
5452 int error = 0;
5453 int rv;
5454 boolean_t allocated_by_crypto_module = B_FALSE;
5455 caddr_t u_attrs = NULL;
5456
5457 STRUCT_INIT(generate_key, mode);
5458 STRUCT_INIT(oa, mode);
5459
5460 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5461 cmn_err(CE_WARN, "nostore_generate_key: failed holding minor");
5462 return (ENXIO);
5463 }
5464
5465 if (copyin(arg, STRUCT_BUF(generate_key),
5466 STRUCT_SIZE(generate_key)) != 0) {
5467 crypto_release_minor(cm);
5468 return (EFAULT);
5469 }
5470
5471 session_id = STRUCT_FGET(generate_key, ngk_session);
5472
5473 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5474 goto release_minor;
5475 }
5476
5477 bcopy(STRUCT_FADDR(generate_key, ngk_mechanism), &mech.cm_type,
5478 sizeof (crypto_mech_type_t));
5479
5480 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
5481 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
5482 &real_provider, CRYPTO_FG_GENERATE)) != CRYPTO_SUCCESS) {
5483 goto release_minor;
5484 }
5485
5486 rv = crypto_provider_copyin_mech_param(real_provider,
5487 STRUCT_FADDR(generate_key, ngk_mechanism), &mech, mode, &error);
5488
5489 if (rv == CRYPTO_NOT_SUPPORTED) {
5490 allocated_by_crypto_module = B_TRUE;
5491 if (!copyin_mech(mode, sp, STRUCT_FADDR(generate_key,
5492 ngk_mechanism), &mech, &mech_rctl_bytes,
5493 &mech_rctl_chk, &rv, &error)) {
5494 goto release_minor;
5495 }
5496 } else {
5497 if (rv != CRYPTO_SUCCESS)
5498 goto release_minor;
5499 }
5500
5501 in_count = STRUCT_FGET(generate_key, ngk_in_count);
5502 in_attributes = STRUCT_FGETP(generate_key, ngk_in_attributes);
5503 if (!copyin_attributes(mode, sp, in_count, in_attributes, &k_in_attrs,
5504 &k_in_attrs_size, NULL, &rv, &error, &in_key_rctl_bytes,
5505 &in_key_rctl_chk, B_TRUE)) {
5506 goto release_minor;
5507 }
5508
5509 out_count = STRUCT_FGET(generate_key, ngk_out_count);
5510 out_attributes = STRUCT_FGETP(generate_key, ngk_out_attributes);
5511 if (!copyin_attributes(mode, sp, out_count, out_attributes,
5512 &k_out_attrs,
5513 &k_out_attrs_size, &u_attrs, &rv, &error, &out_key_rctl_bytes,
5514 &out_key_rctl_chk, B_FALSE)) {
5515 goto release_minor;
5516 }
5517
5518 KCF_WRAP_NOSTORE_KEY_OPS_PARAMS(¶ms, KCF_OP_KEY_GENERATE,
5519 sp->sd_provider_session->ps_session, &mech, k_in_attrs, in_count,
5520 NULL, 0, NULL, k_out_attrs, out_count, NULL, 0);
5521
5522 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
5523
5524 if (rv == CRYPTO_SUCCESS) {
5525 error = copyout_attributes(mode, out_attributes,
5526 out_count, k_out_attrs, u_attrs);
5527 }
5528 release_minor:
5529 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
5530 CRYPTO_DECREMENT_RCTL_SESSION(sp, in_key_rctl_bytes, in_key_rctl_chk);
5531 CRYPTO_DECREMENT_RCTL_SESSION(sp, out_key_rctl_bytes,
5532 out_key_rctl_chk);
5533
5534 if (k_in_attrs != NULL)
5535 kmem_free(k_in_attrs, k_in_attrs_size);
5536 if (k_out_attrs != NULL) {
5537 bzero(k_out_attrs, k_out_attrs_size);
5538 kmem_free(k_out_attrs, k_out_attrs_size);
5539 }
5540
5541 if (u_attrs != NULL)
5542 kmem_free(u_attrs, out_count * STRUCT_SIZE(oa));
5543
5544 if (error != 0)
5545 goto out;
5546
5547 STRUCT_FSET(generate_key, ngk_return_value, rv);
5548 if (copyout(STRUCT_BUF(generate_key), arg,
5549 STRUCT_SIZE(generate_key)) != 0) {
5550 error = EFAULT;
5551 }
5552 out:
5553 CRYPTO_SESSION_RELE(sp);
5554 crypto_release_minor(cm);
5555
5556 if (real_provider != NULL) {
5557 crypto_free_mech(real_provider,
5558 allocated_by_crypto_module, &mech);
5559 KCF_PROV_REFRELE(real_provider);
5560 }
5561 return (error);
5562 }
5563
5564 /* ARGSUSED */
5565 static int
object_generate_key_pair(dev_t dev,caddr_t arg,int mode,int * rval)5566 object_generate_key_pair(dev_t dev, caddr_t arg, int mode, int *rval)
5567 {
5568 STRUCT_DECL(crypto_object_generate_key_pair, generate_key_pair);
5569 kcf_provider_desc_t *real_provider = NULL;
5570 kcf_req_params_t params;
5571 crypto_mechanism_t mech;
5572 crypto_object_attribute_t *k_pub_attrs = NULL;
5573 crypto_object_attribute_t *k_pri_attrs = NULL;
5574 crypto_session_id_t session_id;
5575 crypto_minor_t *cm;
5576 crypto_session_data_t *sp = NULL;
5577 crypto_object_id_t pub_handle;
5578 crypto_object_id_t pri_handle;
5579 caddr_t pri_attributes;
5580 caddr_t pub_attributes;
5581 size_t k_pub_attrs_size, k_pri_attrs_size;
5582 size_t mech_rctl_bytes = 0;
5583 boolean_t mech_rctl_chk = B_FALSE;
5584 size_t pub_rctl_bytes = 0;
5585 boolean_t pub_rctl_chk = B_FALSE;
5586 size_t pri_rctl_bytes = 0;
5587 boolean_t pri_rctl_chk = B_FALSE;
5588 uint_t pub_count;
5589 uint_t pri_count;
5590 int error = 0;
5591 int rv;
5592 boolean_t allocated_by_crypto_module = B_FALSE;
5593
5594 STRUCT_INIT(generate_key_pair, mode);
5595
5596 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5597 cmn_err(CE_WARN,
5598 "object_generate_key_pair: failed holding minor");
5599 return (ENXIO);
5600 }
5601
5602 if (copyin(arg, STRUCT_BUF(generate_key_pair),
5603 STRUCT_SIZE(generate_key_pair)) != 0) {
5604 crypto_release_minor(cm);
5605 return (EFAULT);
5606 }
5607
5608 session_id = STRUCT_FGET(generate_key_pair, kp_session);
5609
5610 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5611 goto release_minor;
5612 }
5613
5614 bcopy(STRUCT_FADDR(generate_key_pair, kp_mechanism), &mech.cm_type,
5615 sizeof (crypto_mech_type_t));
5616
5617 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
5618 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
5619 &real_provider, CRYPTO_FG_GENERATE_KEY_PAIR)) != CRYPTO_SUCCESS) {
5620 goto release_minor;
5621 }
5622
5623 rv = crypto_provider_copyin_mech_param(real_provider,
5624 STRUCT_FADDR(generate_key_pair, kp_mechanism), &mech, mode, &error);
5625
5626 if (rv == CRYPTO_NOT_SUPPORTED) {
5627 allocated_by_crypto_module = B_TRUE;
5628 if (!copyin_mech(mode, sp, STRUCT_FADDR(generate_key_pair,
5629 kp_mechanism), &mech, &mech_rctl_bytes,
5630 &mech_rctl_chk, &rv, &error)) {
5631 goto release_minor;
5632 }
5633 } else {
5634 if (rv != CRYPTO_SUCCESS)
5635 goto release_minor;
5636 }
5637
5638 pub_count = STRUCT_FGET(generate_key_pair, kp_public_count);
5639 pri_count = STRUCT_FGET(generate_key_pair, kp_private_count);
5640
5641 pub_attributes = STRUCT_FGETP(generate_key_pair, kp_public_attributes);
5642 if (!copyin_attributes(mode, sp, pub_count, pub_attributes,
5643 &k_pub_attrs, &k_pub_attrs_size, NULL, &rv, &error, &pub_rctl_bytes,
5644 &pub_rctl_chk, B_TRUE)) {
5645 goto release_minor;
5646 }
5647
5648 pri_attributes = STRUCT_FGETP(generate_key_pair, kp_private_attributes);
5649 if (!copyin_attributes(mode, sp, pri_count, pri_attributes,
5650 &k_pri_attrs, &k_pri_attrs_size, NULL, &rv, &error,
5651 &pri_rctl_bytes, &pri_rctl_chk, B_TRUE)) {
5652 goto release_minor;
5653 }
5654
5655 KCF_WRAP_KEY_OPS_PARAMS(¶ms, KCF_OP_KEY_GENERATE_PAIR,
5656 sp->sd_provider_session->ps_session, &mech, k_pub_attrs,
5657 pub_count, &pub_handle, k_pri_attrs, pri_count, &pri_handle,
5658 NULL, NULL, 0);
5659
5660 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
5661
5662 if (rv == CRYPTO_SUCCESS) {
5663 STRUCT_FSET(generate_key_pair, kp_public_handle, pub_handle);
5664 STRUCT_FSET(generate_key_pair, kp_private_handle, pri_handle);
5665 }
5666
5667 release_minor:
5668 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
5669 CRYPTO_DECREMENT_RCTL_SESSION(sp, pub_rctl_bytes, pub_rctl_chk);
5670 CRYPTO_DECREMENT_RCTL_SESSION(sp, pri_rctl_bytes, pri_rctl_chk);
5671
5672 if (k_pub_attrs != NULL)
5673 kmem_free(k_pub_attrs, k_pub_attrs_size);
5674
5675 if (k_pri_attrs != NULL)
5676 kmem_free(k_pri_attrs, k_pri_attrs_size);
5677
5678 if (error != 0)
5679 goto out;
5680
5681 STRUCT_FSET(generate_key_pair, kp_return_value, rv);
5682 if (copyout(STRUCT_BUF(generate_key_pair), arg,
5683 STRUCT_SIZE(generate_key_pair)) != 0) {
5684 if (rv == CRYPTO_SUCCESS) {
5685 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms,
5686 KCF_OP_OBJECT_DESTROY,
5687 sp->sd_provider_session->ps_session, pub_handle,
5688 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
5689
5690 (void) kcf_submit_request(real_provider, NULL,
5691 NULL, ¶ms, B_FALSE);
5692
5693 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms,
5694 KCF_OP_OBJECT_DESTROY,
5695 sp->sd_provider_session->ps_session, pri_handle,
5696 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
5697
5698 (void) kcf_submit_request(real_provider, NULL,
5699 NULL, ¶ms, B_FALSE);
5700
5701 error = EFAULT;
5702 }
5703 }
5704 out:
5705 CRYPTO_SESSION_RELE(sp);
5706 crypto_release_minor(cm);
5707
5708 if (real_provider != NULL) {
5709 crypto_free_mech(real_provider,
5710 allocated_by_crypto_module, &mech);
5711 KCF_PROV_REFRELE(real_provider);
5712 }
5713 return (error);
5714 }
5715
5716 /* ARGSUSED */
5717 static int
nostore_generate_key_pair(dev_t dev,caddr_t arg,int mode,int * rval)5718 nostore_generate_key_pair(dev_t dev, caddr_t arg, int mode, int *rval)
5719 {
5720 STRUCT_DECL(crypto_nostore_generate_key_pair, generate_key_pair);
5721 #ifdef _LP64
5722 STRUCT_DECL(crypto_object_attribute, oa);
5723 #else
5724 /* LINTED E_FUNC_SET_NOT_USED */
5725 STRUCT_DECL(crypto_object_attribute, oa);
5726 #endif
5727 kcf_provider_desc_t *real_provider = NULL;
5728 kcf_req_params_t params;
5729 crypto_mechanism_t mech;
5730 crypto_object_attribute_t *k_in_pub_attrs = NULL;
5731 crypto_object_attribute_t *k_in_pri_attrs = NULL;
5732 crypto_object_attribute_t *k_out_pub_attrs = NULL;
5733 crypto_object_attribute_t *k_out_pri_attrs = NULL;
5734 crypto_session_id_t session_id;
5735 crypto_minor_t *cm;
5736 crypto_session_data_t *sp = NULL;
5737 caddr_t in_pri_attributes;
5738 caddr_t in_pub_attributes;
5739 caddr_t out_pri_attributes;
5740 caddr_t out_pub_attributes;
5741 size_t k_in_pub_attrs_size, k_in_pri_attrs_size;
5742 size_t k_out_pub_attrs_size, k_out_pri_attrs_size;
5743 size_t mech_rctl_bytes = 0;
5744 boolean_t mech_rctl_chk = B_FALSE;
5745 size_t in_pub_rctl_bytes = 0;
5746 boolean_t in_pub_rctl_chk = B_FALSE;
5747 size_t in_pri_rctl_bytes = 0;
5748 boolean_t in_pri_rctl_chk = B_FALSE;
5749 size_t out_pub_rctl_bytes = 0;
5750 boolean_t out_pub_rctl_chk = B_FALSE;
5751 size_t out_pri_rctl_bytes = 0;
5752 boolean_t out_pri_rctl_chk = B_FALSE;
5753 uint_t in_pub_count;
5754 uint_t in_pri_count;
5755 uint_t out_pub_count;
5756 uint_t out_pri_count;
5757 int error = 0;
5758 int rv;
5759 boolean_t allocated_by_crypto_module = B_FALSE;
5760 caddr_t u_pub_attrs = NULL;
5761 caddr_t u_pri_attrs = NULL;
5762
5763 STRUCT_INIT(generate_key_pair, mode);
5764 STRUCT_INIT(oa, mode);
5765
5766 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5767 cmn_err(CE_WARN,
5768 "nostore_generate_key_pair: failed holding minor");
5769 return (ENXIO);
5770 }
5771
5772 if (copyin(arg, STRUCT_BUF(generate_key_pair),
5773 STRUCT_SIZE(generate_key_pair)) != 0) {
5774 crypto_release_minor(cm);
5775 return (EFAULT);
5776 }
5777
5778 session_id = STRUCT_FGET(generate_key_pair, nkp_session);
5779
5780 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5781 goto release_minor;
5782 }
5783
5784 bcopy(STRUCT_FADDR(generate_key_pair, nkp_mechanism), &mech.cm_type,
5785 sizeof (crypto_mech_type_t));
5786
5787 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
5788 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
5789 &real_provider, CRYPTO_FG_GENERATE_KEY_PAIR)) != CRYPTO_SUCCESS) {
5790 goto release_minor;
5791 }
5792
5793 rv = crypto_provider_copyin_mech_param(real_provider,
5794 STRUCT_FADDR(generate_key_pair, nkp_mechanism), &mech, mode,
5795 &error);
5796
5797 if (rv == CRYPTO_NOT_SUPPORTED) {
5798 allocated_by_crypto_module = B_TRUE;
5799 if (!copyin_mech(mode, sp, STRUCT_FADDR(generate_key_pair,
5800 nkp_mechanism), &mech, &mech_rctl_bytes,
5801 &mech_rctl_chk, &rv, &error)) {
5802 goto release_minor;
5803 }
5804 } else {
5805 if (rv != CRYPTO_SUCCESS)
5806 goto release_minor;
5807 }
5808
5809 in_pub_count = STRUCT_FGET(generate_key_pair, nkp_in_public_count);
5810 in_pri_count = STRUCT_FGET(generate_key_pair, nkp_in_private_count);
5811
5812 in_pub_attributes = STRUCT_FGETP(generate_key_pair,
5813 nkp_in_public_attributes);
5814 if (!copyin_attributes(mode, sp, in_pub_count, in_pub_attributes,
5815 &k_in_pub_attrs, &k_in_pub_attrs_size, NULL, &rv, &error,
5816 &in_pub_rctl_bytes, &in_pub_rctl_chk, B_TRUE)) {
5817 goto release_minor;
5818 }
5819
5820 in_pri_attributes = STRUCT_FGETP(generate_key_pair,
5821 nkp_in_private_attributes);
5822 if (!copyin_attributes(mode, sp, in_pri_count, in_pri_attributes,
5823 &k_in_pri_attrs, &k_in_pri_attrs_size, NULL, &rv, &error,
5824 &in_pri_rctl_bytes, &in_pri_rctl_chk, B_TRUE)) {
5825 goto release_minor;
5826 }
5827
5828 out_pub_count = STRUCT_FGET(generate_key_pair, nkp_out_public_count);
5829 out_pri_count = STRUCT_FGET(generate_key_pair, nkp_out_private_count);
5830
5831 out_pub_attributes = STRUCT_FGETP(generate_key_pair,
5832 nkp_out_public_attributes);
5833 if (!copyin_attributes(mode, sp, out_pub_count, out_pub_attributes,
5834 &k_out_pub_attrs, &k_out_pub_attrs_size, &u_pub_attrs, &rv, &error,
5835 &out_pub_rctl_bytes, &out_pub_rctl_chk, B_FALSE)) {
5836 goto release_minor;
5837 }
5838
5839 out_pri_attributes = STRUCT_FGETP(generate_key_pair,
5840 nkp_out_private_attributes);
5841 if (!copyin_attributes(mode, sp, out_pri_count, out_pri_attributes,
5842 &k_out_pri_attrs, &k_out_pri_attrs_size, &u_pri_attrs, &rv, &error,
5843 &out_pri_rctl_bytes, &out_pri_rctl_chk, B_FALSE)) {
5844 goto release_minor;
5845 }
5846
5847 KCF_WRAP_NOSTORE_KEY_OPS_PARAMS(¶ms, KCF_OP_KEY_GENERATE_PAIR,
5848 sp->sd_provider_session->ps_session, &mech, k_in_pub_attrs,
5849 in_pub_count, k_in_pri_attrs, in_pri_count, NULL, k_out_pub_attrs,
5850 out_pub_count, k_out_pri_attrs, out_pri_count);
5851
5852 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
5853
5854 if (rv == CRYPTO_SUCCESS) {
5855 error = copyout_attributes(mode, out_pub_attributes,
5856 out_pub_count, k_out_pub_attrs, u_pub_attrs);
5857 if (error != CRYPTO_SUCCESS)
5858 goto release_minor;
5859 error = copyout_attributes(mode, out_pri_attributes,
5860 out_pri_count, k_out_pri_attrs, u_pri_attrs);
5861 }
5862
5863 release_minor:
5864 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
5865 CRYPTO_DECREMENT_RCTL_SESSION(sp, in_pub_rctl_bytes, in_pub_rctl_chk);
5866 CRYPTO_DECREMENT_RCTL_SESSION(sp, in_pri_rctl_bytes, in_pri_rctl_chk);
5867 CRYPTO_DECREMENT_RCTL_SESSION(sp, out_pub_rctl_bytes,
5868 out_pub_rctl_chk);
5869 CRYPTO_DECREMENT_RCTL_SESSION(sp, out_pri_rctl_bytes,
5870 out_pri_rctl_chk);
5871
5872 if (k_in_pub_attrs != NULL)
5873 kmem_free(k_in_pub_attrs, k_in_pub_attrs_size);
5874
5875 if (k_in_pri_attrs != NULL)
5876 kmem_free(k_in_pri_attrs, k_in_pri_attrs_size);
5877
5878 if (k_out_pub_attrs != NULL)
5879 kmem_free(k_out_pub_attrs, k_out_pub_attrs_size);
5880
5881 if (k_out_pri_attrs != NULL) {
5882 bzero(k_out_pri_attrs, k_out_pri_attrs_size);
5883 kmem_free(k_out_pri_attrs, k_out_pri_attrs_size);
5884 }
5885
5886 if (u_pub_attrs != NULL)
5887 kmem_free(u_pub_attrs, out_pub_count * STRUCT_SIZE(oa));
5888
5889 if (u_pri_attrs != NULL)
5890 kmem_free(u_pri_attrs, out_pri_count * STRUCT_SIZE(oa));
5891
5892 if (error != 0)
5893 goto out;
5894
5895 STRUCT_FSET(generate_key_pair, nkp_return_value, rv);
5896 if (copyout(STRUCT_BUF(generate_key_pair), arg,
5897 STRUCT_SIZE(generate_key_pair)) != 0) {
5898 error = EFAULT;
5899 }
5900 out:
5901 CRYPTO_SESSION_RELE(sp);
5902 crypto_release_minor(cm);
5903
5904 if (real_provider != NULL) {
5905 crypto_free_mech(real_provider,
5906 allocated_by_crypto_module, &mech);
5907 KCF_PROV_REFRELE(real_provider);
5908 }
5909 return (error);
5910 }
5911
5912 /* ARGSUSED */
5913 static int
object_wrap_key(dev_t dev,caddr_t arg,int mode,int * rval)5914 object_wrap_key(dev_t dev, caddr_t arg, int mode, int *rval)
5915 {
5916 STRUCT_DECL(crypto_object_wrap_key, wrap_key);
5917 kcf_provider_desc_t *real_provider = NULL;
5918 kcf_req_params_t params;
5919 crypto_mechanism_t mech;
5920 crypto_key_t key;
5921 crypto_session_id_t session_id;
5922 crypto_minor_t *cm;
5923 crypto_session_data_t *sp = NULL;
5924 crypto_object_id_t handle;
5925 size_t mech_rctl_bytes = 0, key_rctl_bytes = 0;
5926 boolean_t mech_rctl_chk = B_FALSE;
5927 boolean_t key_rctl_chk = B_FALSE;
5928 size_t wrapped_key_rctl_bytes = 0;
5929 boolean_t wrapped_key_rctl_chk = B_FALSE;
5930 size_t wrapped_key_len, new_wrapped_key_len;
5931 uchar_t *wrapped_key = NULL;
5932 char *wrapped_key_buffer;
5933 int error = 0;
5934 int rv;
5935 boolean_t allocated_by_crypto_module = B_FALSE;
5936
5937 STRUCT_INIT(wrap_key, mode);
5938
5939 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5940 cmn_err(CE_WARN, "object_wrap_key: failed holding minor");
5941 return (ENXIO);
5942 }
5943
5944 if (copyin(arg, STRUCT_BUF(wrap_key), STRUCT_SIZE(wrap_key)) != 0) {
5945 crypto_release_minor(cm);
5946 return (EFAULT);
5947 }
5948
5949 bzero(&key, sizeof (crypto_key_t));
5950
5951 session_id = STRUCT_FGET(wrap_key, wk_session);
5952
5953 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5954 goto out;
5955 }
5956
5957 bcopy(STRUCT_FADDR(wrap_key, wk_mechanism), &mech.cm_type,
5958 sizeof (crypto_mech_type_t));
5959
5960 /* We need the key length for provider selection so copy it in now. */
5961 if (!copyin_key(mode, sp, STRUCT_FADDR(wrap_key, wk_wrapping_key), &key,
5962 &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
5963 goto out;
5964 }
5965
5966 wrapped_key_len = STRUCT_FGET(wrap_key, wk_wrapped_key_len);
5967
5968 if ((rv = kcf_get_hardware_provider(mech.cm_type, &key,
5969 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
5970 &real_provider, CRYPTO_FG_WRAP)) != CRYPTO_SUCCESS) {
5971 goto out;
5972 }
5973
5974 rv = crypto_provider_copyin_mech_param(real_provider,
5975 STRUCT_FADDR(wrap_key, wk_mechanism), &mech, mode, &error);
5976
5977 if (rv == CRYPTO_NOT_SUPPORTED) {
5978 allocated_by_crypto_module = B_TRUE;
5979 if (!copyin_mech(mode, sp, STRUCT_FADDR(wrap_key, wk_mechanism),
5980 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
5981 goto out;
5982 }
5983 } else {
5984 if (rv != CRYPTO_SUCCESS)
5985 goto out;
5986 }
5987
5988 /*
5989 * Don't allocate output buffer unless both buffer pointer and
5990 * buffer length are not NULL or 0 (length).
5991 */
5992 wrapped_key_buffer = STRUCT_FGETP(wrap_key, wk_wrapped_key);
5993 if (wrapped_key_buffer == NULL || wrapped_key_len == 0) {
5994 wrapped_key_len = 0;
5995 }
5996
5997 if (wrapped_key_len > crypto_max_buffer_len) {
5998 cmn_err(CE_NOTE, "object_wrap_key: buffer greater than %ld "
5999 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
6000 rv = CRYPTO_ARGUMENTS_BAD;
6001 goto out;
6002 }
6003
6004 if ((rv = CRYPTO_BUFFER_CHECK(sp, wrapped_key_len,
6005 wrapped_key_rctl_chk)) != CRYPTO_SUCCESS) {
6006 goto out;
6007 }
6008
6009 /* new_wrapped_key_len can be modified by the provider */
6010 wrapped_key_rctl_bytes = new_wrapped_key_len = wrapped_key_len;
6011 wrapped_key = kmem_alloc(wrapped_key_len, KM_SLEEP);
6012
6013 handle = STRUCT_FGET(wrap_key, wk_object_handle);
6014 KCF_WRAP_KEY_OPS_PARAMS(¶ms, KCF_OP_KEY_WRAP,
6015 sp->sd_provider_session->ps_session, &mech, NULL, 0, &handle,
6016 NULL, 0, NULL, &key, wrapped_key, &new_wrapped_key_len);
6017
6018 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
6019
6020 if (rv == CRYPTO_SUCCESS) {
6021 if (wrapped_key_len != 0 && copyout(wrapped_key,
6022 wrapped_key_buffer, new_wrapped_key_len) != 0) {
6023 error = EFAULT;
6024 }
6025 STRUCT_FSET(wrap_key, wk_wrapped_key_len,
6026 (ulong_t)new_wrapped_key_len);
6027 }
6028
6029 if (rv == CRYPTO_BUFFER_TOO_SMALL) {
6030 /*
6031 * The providers return CRYPTO_BUFFER_TOO_SMALL even for case 1
6032 * of section 11.2 of the pkcs11 spec. We catch it here and
6033 * provide the correct pkcs11 return value.
6034 */
6035 if (STRUCT_FGETP(wrap_key, wk_wrapped_key) == NULL)
6036 rv = CRYPTO_SUCCESS;
6037 STRUCT_FSET(wrap_key, wk_wrapped_key_len,
6038 (ulong_t)new_wrapped_key_len);
6039 }
6040
6041 out:
6042 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
6043 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
6044 CRYPTO_DECREMENT_RCTL_SESSION(sp, wrapped_key_rctl_bytes,
6045 wrapped_key_rctl_chk);
6046 CRYPTO_SESSION_RELE(sp);
6047
6048 crypto_release_minor(cm);
6049
6050 if (real_provider != NULL) {
6051 crypto_free_mech(real_provider,
6052 allocated_by_crypto_module, &mech);
6053 KCF_PROV_REFRELE(real_provider);
6054 }
6055
6056 if (wrapped_key != NULL)
6057 kmem_free(wrapped_key, wrapped_key_len);
6058
6059 free_crypto_key(&key);
6060
6061 if (error != 0)
6062 return (error);
6063
6064 STRUCT_FSET(wrap_key, wk_return_value, rv);
6065 if (copyout(STRUCT_BUF(wrap_key), arg, STRUCT_SIZE(wrap_key)) != 0) {
6066 return (EFAULT);
6067 }
6068 return (0);
6069 }
6070
6071 /* ARGSUSED */
6072 static int
object_unwrap_key(dev_t dev,caddr_t arg,int mode,int * rval)6073 object_unwrap_key(dev_t dev, caddr_t arg, int mode, int *rval)
6074 {
6075 STRUCT_DECL(crypto_object_unwrap_key, unwrap_key);
6076 kcf_provider_desc_t *real_provider = NULL;
6077 kcf_req_params_t params;
6078 crypto_mechanism_t mech;
6079 crypto_key_t unwrapping_key;
6080 crypto_session_id_t session_id;
6081 crypto_minor_t *cm;
6082 crypto_session_data_t *sp = NULL;
6083 crypto_object_id_t handle;
6084 crypto_object_attribute_t *k_attrs = NULL;
6085 size_t k_attrs_size;
6086 size_t mech_rctl_bytes = 0, unwrapping_key_rctl_bytes = 0;
6087 boolean_t mech_rctl_chk = B_FALSE;
6088 boolean_t unwrapping_key_rctl_chk = B_FALSE;
6089 size_t wrapped_key_rctl_bytes = 0, k_attrs_rctl_bytes = 0;
6090 boolean_t wrapped_key_rctl_chk = B_FALSE;
6091 boolean_t k_attrs_rctl_chk = B_FALSE;
6092 size_t wrapped_key_len;
6093 uchar_t *wrapped_key = NULL;
6094 int error = 0;
6095 int rv;
6096 uint_t count;
6097 caddr_t uk_attributes;
6098 boolean_t allocated_by_crypto_module = B_FALSE;
6099
6100 STRUCT_INIT(unwrap_key, mode);
6101
6102 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
6103 cmn_err(CE_WARN, "object_unwrap_key: failed holding minor");
6104 return (ENXIO);
6105 }
6106
6107 if (copyin(arg, STRUCT_BUF(unwrap_key), STRUCT_SIZE(unwrap_key)) != 0) {
6108 crypto_release_minor(cm);
6109 return (EFAULT);
6110 }
6111
6112 bzero(&unwrapping_key, sizeof (unwrapping_key));
6113
6114 session_id = STRUCT_FGET(unwrap_key, uk_session);
6115
6116 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
6117 goto release_minor;
6118 }
6119
6120 bcopy(STRUCT_FADDR(unwrap_key, uk_mechanism), &mech.cm_type,
6121 sizeof (crypto_mech_type_t));
6122
6123 /* We need the key length for provider selection so copy it in now. */
6124 if (!copyin_key(mode, sp, STRUCT_FADDR(unwrap_key, uk_unwrapping_key),
6125 &unwrapping_key, &unwrapping_key_rctl_bytes,
6126 &unwrapping_key_rctl_chk, &rv, &error)) {
6127 goto release_minor;
6128 }
6129
6130 if ((rv = kcf_get_hardware_provider(mech.cm_type, &unwrapping_key,
6131 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
6132 &real_provider, CRYPTO_FG_UNWRAP)) != CRYPTO_SUCCESS) {
6133 goto release_minor;
6134 }
6135
6136 rv = crypto_provider_copyin_mech_param(real_provider,
6137 STRUCT_FADDR(unwrap_key, uk_mechanism), &mech, mode, &error);
6138
6139 if (rv == CRYPTO_NOT_SUPPORTED) {
6140 allocated_by_crypto_module = B_TRUE;
6141 if (!copyin_mech(mode, sp,
6142 STRUCT_FADDR(unwrap_key, uk_mechanism),
6143 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
6144 goto release_minor;
6145 }
6146 } else {
6147 if (rv != CRYPTO_SUCCESS)
6148 goto release_minor;
6149 }
6150
6151 count = STRUCT_FGET(unwrap_key, uk_count);
6152 uk_attributes = STRUCT_FGETP(unwrap_key, uk_attributes);
6153 if (!copyin_attributes(mode, sp, count, uk_attributes, &k_attrs,
6154 &k_attrs_size, NULL, &rv, &error, &k_attrs_rctl_bytes,
6155 &k_attrs_rctl_chk, B_TRUE)) {
6156 goto release_minor;
6157 }
6158
6159 wrapped_key_len = STRUCT_FGET(unwrap_key, uk_wrapped_key_len);
6160 if (wrapped_key_len > crypto_max_buffer_len) {
6161 cmn_err(CE_NOTE, "object_unwrap_key: buffer greater than %ld "
6162 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
6163 rv = CRYPTO_ARGUMENTS_BAD;
6164 goto release_minor;
6165 }
6166
6167 if ((rv = CRYPTO_BUFFER_CHECK(sp, wrapped_key_len,
6168 wrapped_key_rctl_chk)) != CRYPTO_SUCCESS) {
6169 goto release_minor;
6170 }
6171 wrapped_key_rctl_bytes = wrapped_key_len;
6172 wrapped_key = kmem_alloc(wrapped_key_len, KM_SLEEP);
6173
6174 if (wrapped_key_len != 0 && copyin(STRUCT_FGETP(unwrap_key,
6175 uk_wrapped_key), wrapped_key, wrapped_key_len) != 0) {
6176 error = EFAULT;
6177 goto release_minor;
6178 }
6179
6180 /* wrapped_key_len is not modified by the unwrap operation */
6181 KCF_WRAP_KEY_OPS_PARAMS(¶ms, KCF_OP_KEY_UNWRAP,
6182 sp->sd_provider_session->ps_session, &mech, k_attrs, count, &handle,
6183 NULL, 0, NULL, &unwrapping_key, wrapped_key, &wrapped_key_len);
6184
6185 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
6186
6187 if (rv == CRYPTO_SUCCESS)
6188 STRUCT_FSET(unwrap_key, uk_object_handle, handle);
6189
6190 release_minor:
6191 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
6192 CRYPTO_DECREMENT_RCTL_SESSION(sp, unwrapping_key_rctl_bytes,
6193 unwrapping_key_rctl_chk);
6194 CRYPTO_DECREMENT_RCTL_SESSION(sp, wrapped_key_rctl_bytes,
6195 wrapped_key_rctl_chk);
6196 CRYPTO_DECREMENT_RCTL_SESSION(sp, k_attrs_rctl_bytes,
6197 k_attrs_rctl_chk);
6198
6199 if (k_attrs != NULL)
6200 kmem_free(k_attrs, k_attrs_size);
6201
6202 if (wrapped_key != NULL)
6203 kmem_free(wrapped_key, wrapped_key_len);
6204
6205 free_crypto_key(&unwrapping_key);
6206
6207 if (error != 0)
6208 goto out;
6209
6210 STRUCT_FSET(unwrap_key, uk_return_value, rv);
6211 if (copyout(STRUCT_BUF(unwrap_key), arg,
6212 STRUCT_SIZE(unwrap_key)) != 0) {
6213 if (rv == CRYPTO_SUCCESS) {
6214 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms,
6215 KCF_OP_OBJECT_DESTROY,
6216 sp->sd_provider_session->ps_session, handle,
6217 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
6218
6219 (void) kcf_submit_request(real_provider, NULL,
6220 NULL, ¶ms, B_FALSE);
6221
6222 error = EFAULT;
6223 }
6224 }
6225 out:
6226 CRYPTO_SESSION_RELE(sp);
6227 crypto_release_minor(cm);
6228
6229 if (real_provider != NULL) {
6230 crypto_free_mech(real_provider,
6231 allocated_by_crypto_module, &mech);
6232 KCF_PROV_REFRELE(real_provider);
6233 }
6234
6235 return (error);
6236 }
6237
6238 /* ARGSUSED */
6239 static int
object_derive_key(dev_t dev,caddr_t arg,int mode,int * rval)6240 object_derive_key(dev_t dev, caddr_t arg, int mode, int *rval)
6241 {
6242 STRUCT_DECL(crypto_derive_key, derive_key);
6243 kcf_provider_desc_t *real_provider = NULL;
6244 kcf_req_params_t params;
6245 crypto_object_attribute_t *k_attrs = NULL;
6246 crypto_mechanism_t mech;
6247 crypto_key_t base_key;
6248 crypto_session_id_t session_id;
6249 crypto_minor_t *cm;
6250 crypto_session_data_t *sp = NULL;
6251 crypto_object_id_t handle;
6252 size_t k_attrs_size;
6253 size_t key_rctl_bytes = 0, mech_rctl_bytes = 0;
6254 boolean_t mech_rctl_chk = B_FALSE;
6255 boolean_t key_rctl_chk = B_FALSE;
6256 size_t attributes_rctl_bytes = 0;
6257 boolean_t attributes_rctl_chk = B_FALSE;
6258 caddr_t attributes;
6259 uint_t count;
6260 int error = 0;
6261 int rv;
6262 boolean_t allocated_by_crypto_module = B_FALSE;
6263 boolean_t please_destroy_object = B_FALSE;
6264
6265 STRUCT_INIT(derive_key, mode);
6266
6267 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
6268 cmn_err(CE_WARN, "object_derive_key: failed holding minor");
6269 return (ENXIO);
6270 }
6271
6272 if (copyin(arg, STRUCT_BUF(derive_key), STRUCT_SIZE(derive_key)) != 0) {
6273 crypto_release_minor(cm);
6274 return (EFAULT);
6275 }
6276
6277 bzero(&base_key, sizeof (base_key));
6278
6279 session_id = STRUCT_FGET(derive_key, dk_session);
6280
6281 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
6282 goto release_minor;
6283 }
6284
6285 bcopy(STRUCT_FADDR(derive_key, dk_mechanism), &mech.cm_type,
6286 sizeof (crypto_mech_type_t));
6287
6288 /* We need the key length for provider selection so copy it in now. */
6289 if (!copyin_key(mode, sp, STRUCT_FADDR(derive_key, dk_base_key),
6290 &base_key, &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
6291 goto release_minor;
6292 }
6293
6294 if ((rv = kcf_get_hardware_provider(mech.cm_type, &base_key,
6295 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
6296 &real_provider, CRYPTO_FG_DERIVE)) != CRYPTO_SUCCESS) {
6297 goto release_minor;
6298 }
6299
6300 rv = crypto_provider_copyin_mech_param(real_provider,
6301 STRUCT_FADDR(derive_key, dk_mechanism), &mech, mode, &error);
6302
6303 if (rv == CRYPTO_NOT_SUPPORTED) {
6304 allocated_by_crypto_module = B_TRUE;
6305 if (!copyin_mech(mode, sp,
6306 STRUCT_FADDR(derive_key, dk_mechanism),
6307 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
6308 goto release_minor;
6309 }
6310 } else {
6311 if (rv != CRYPTO_SUCCESS)
6312 goto release_minor;
6313 }
6314
6315 count = STRUCT_FGET(derive_key, dk_count);
6316
6317 attributes = STRUCT_FGETP(derive_key, dk_attributes);
6318 if (!copyin_attributes(mode, sp, count, attributes, &k_attrs,
6319 &k_attrs_size, NULL, &rv, &error,
6320 &attributes_rctl_bytes, &attributes_rctl_chk, B_TRUE)) {
6321 goto release_minor;
6322 }
6323
6324 KCF_WRAP_KEY_OPS_PARAMS(¶ms, KCF_OP_KEY_DERIVE,
6325 sp->sd_provider_session->ps_session, &mech, k_attrs, count,
6326 &handle, NULL, 0, NULL, &base_key, NULL, NULL);
6327
6328 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
6329
6330 if (rv == CRYPTO_SUCCESS) {
6331 STRUCT_FSET(derive_key, dk_object_handle, handle);
6332
6333 rv = crypto_provider_copyout_mech_param(real_provider,
6334 &mech, STRUCT_FADDR(derive_key, dk_mechanism),
6335 mode, &error);
6336
6337 if (rv == CRYPTO_NOT_SUPPORTED) {
6338 rv = CRYPTO_SUCCESS;
6339 goto release_minor;
6340 }
6341
6342 if (rv != CRYPTO_SUCCESS)
6343 please_destroy_object = B_TRUE;
6344 }
6345
6346 release_minor:
6347 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
6348 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
6349 CRYPTO_DECREMENT_RCTL_SESSION(sp, attributes_rctl_bytes,
6350 attributes_rctl_chk);
6351
6352 if (k_attrs != NULL)
6353 kmem_free(k_attrs, k_attrs_size);
6354
6355 free_crypto_key(&base_key);
6356
6357 if (error != 0)
6358 goto out;
6359
6360 STRUCT_FSET(derive_key, dk_return_value, rv);
6361 if (copyout(STRUCT_BUF(derive_key), arg,
6362 STRUCT_SIZE(derive_key)) != 0) {
6363 if (rv == CRYPTO_SUCCESS) {
6364 please_destroy_object = B_TRUE;
6365 error = EFAULT;
6366 }
6367 }
6368 out:
6369 if (please_destroy_object) {
6370 KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_DESTROY,
6371 sp->sd_provider_session->ps_session, handle,
6372 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
6373
6374 (void) kcf_submit_request(real_provider, NULL,
6375 NULL, ¶ms, B_FALSE);
6376 }
6377
6378 CRYPTO_SESSION_RELE(sp);
6379 crypto_release_minor(cm);
6380
6381 if (real_provider != NULL) {
6382 crypto_free_mech(real_provider,
6383 allocated_by_crypto_module, &mech);
6384 KCF_PROV_REFRELE(real_provider);
6385 }
6386 return (error);
6387 }
6388
6389 /* ARGSUSED */
6390 static int
nostore_derive_key(dev_t dev,caddr_t arg,int mode,int * rval)6391 nostore_derive_key(dev_t dev, caddr_t arg, int mode, int *rval)
6392 {
6393 STRUCT_DECL(crypto_nostore_derive_key, derive_key);
6394 #ifdef _LP64
6395 STRUCT_DECL(crypto_object_attribute, oa);
6396 #else
6397 /* LINTED E_FUNC_SET_NOT_USED */
6398 STRUCT_DECL(crypto_object_attribute, oa);
6399 #endif
6400 kcf_provider_desc_t *real_provider = NULL;
6401 kcf_req_params_t params;
6402 crypto_object_attribute_t *k_in_attrs = NULL;
6403 crypto_object_attribute_t *k_out_attrs = NULL;
6404 crypto_mechanism_t mech;
6405 crypto_key_t base_key;
6406 crypto_session_id_t session_id;
6407 crypto_minor_t *cm;
6408 crypto_session_data_t *sp = NULL;
6409 size_t k_in_attrs_size, k_out_attrs_size;
6410 size_t key_rctl_bytes = 0, mech_rctl_bytes = 0;
6411 boolean_t mech_rctl_chk = B_FALSE;
6412 boolean_t key_rctl_chk = B_FALSE;
6413 size_t in_attributes_rctl_bytes = 0;
6414 size_t out_attributes_rctl_bytes = 0;
6415 boolean_t in_attributes_rctl_chk = B_FALSE;
6416 boolean_t out_attributes_rctl_chk = B_FALSE;
6417 caddr_t in_attributes, out_attributes;
6418 uint_t in_count, out_count;
6419 int error = 0;
6420 int rv;
6421 boolean_t allocated_by_crypto_module = B_FALSE;
6422 caddr_t u_attrs = NULL;
6423
6424 STRUCT_INIT(derive_key, mode);
6425 STRUCT_INIT(oa, mode);
6426
6427 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
6428 cmn_err(CE_WARN, "nostore_derive_key: failed holding minor");
6429 return (ENXIO);
6430 }
6431
6432 if (copyin(arg, STRUCT_BUF(derive_key), STRUCT_SIZE(derive_key)) != 0) {
6433 crypto_release_minor(cm);
6434 return (EFAULT);
6435 }
6436
6437 bzero(&base_key, sizeof (base_key));
6438
6439 session_id = STRUCT_FGET(derive_key, ndk_session);
6440
6441 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
6442 goto release_minor;
6443 }
6444
6445 bcopy(STRUCT_FADDR(derive_key, ndk_mechanism), &mech.cm_type,
6446 sizeof (crypto_mech_type_t));
6447
6448 /* We need the key length for provider selection so copy it in now. */
6449 if (!copyin_key(mode, sp, STRUCT_FADDR(derive_key, ndk_base_key),
6450 &base_key, &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
6451 goto release_minor;
6452 }
6453
6454 if ((rv = kcf_get_hardware_provider(mech.cm_type, &base_key,
6455 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
6456 &real_provider, CRYPTO_FG_DERIVE)) != CRYPTO_SUCCESS) {
6457 goto release_minor;
6458 }
6459
6460 rv = crypto_provider_copyin_mech_param(real_provider,
6461 STRUCT_FADDR(derive_key, ndk_mechanism), &mech, mode, &error);
6462
6463 if (rv == CRYPTO_NOT_SUPPORTED) {
6464 allocated_by_crypto_module = B_TRUE;
6465 if (!copyin_mech(mode, sp,
6466 STRUCT_FADDR(derive_key, ndk_mechanism),
6467 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
6468 goto release_minor;
6469 }
6470 } else {
6471 if (rv != CRYPTO_SUCCESS)
6472 goto release_minor;
6473 }
6474
6475 in_count = STRUCT_FGET(derive_key, ndk_in_count);
6476 out_count = STRUCT_FGET(derive_key, ndk_out_count);
6477
6478 in_attributes = STRUCT_FGETP(derive_key, ndk_in_attributes);
6479 if (!copyin_attributes(mode, sp, in_count, in_attributes, &k_in_attrs,
6480 &k_in_attrs_size, NULL, &rv, &error, &in_attributes_rctl_bytes,
6481 &in_attributes_rctl_chk, B_TRUE)) {
6482 goto release_minor;
6483 }
6484
6485 out_attributes = STRUCT_FGETP(derive_key, ndk_out_attributes);
6486 if (!copyin_attributes(mode, sp, out_count, out_attributes,
6487 &k_out_attrs, &k_out_attrs_size, &u_attrs, &rv, &error,
6488 &out_attributes_rctl_bytes,
6489 &out_attributes_rctl_chk, B_FALSE)) {
6490 goto release_minor;
6491 }
6492
6493 KCF_WRAP_NOSTORE_KEY_OPS_PARAMS(¶ms, KCF_OP_KEY_DERIVE,
6494 sp->sd_provider_session->ps_session, &mech, k_in_attrs, in_count,
6495 NULL, 0, &base_key, k_out_attrs, out_count, NULL, 0);
6496
6497 rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, B_FALSE);
6498
6499 if (rv == CRYPTO_SUCCESS) {
6500 rv = crypto_provider_copyout_mech_param(real_provider,
6501 &mech, STRUCT_FADDR(derive_key, ndk_mechanism),
6502 mode, &error);
6503
6504 if (rv == CRYPTO_NOT_SUPPORTED) {
6505 rv = CRYPTO_SUCCESS;
6506 }
6507 /* copyout the derived secret */
6508 if (copyout_attributes(mode, out_attributes, out_count,
6509 k_out_attrs, u_attrs) != 0)
6510 error = EFAULT;
6511 }
6512
6513 release_minor:
6514 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
6515 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
6516 CRYPTO_DECREMENT_RCTL_SESSION(sp, in_attributes_rctl_bytes,
6517 in_attributes_rctl_chk);
6518 CRYPTO_DECREMENT_RCTL_SESSION(sp, out_attributes_rctl_bytes,
6519 out_attributes_rctl_chk);
6520
6521 if (k_in_attrs != NULL)
6522 kmem_free(k_in_attrs, k_in_attrs_size);
6523 if (k_out_attrs != NULL) {
6524 bzero(k_out_attrs, k_out_attrs_size);
6525 kmem_free(k_out_attrs, k_out_attrs_size);
6526 }
6527
6528 if (u_attrs != NULL)
6529 kmem_free(u_attrs, out_count * STRUCT_SIZE(oa));
6530
6531 free_crypto_key(&base_key);
6532
6533 if (error != 0)
6534 goto out;
6535
6536 STRUCT_FSET(derive_key, ndk_return_value, rv);
6537 if (copyout(STRUCT_BUF(derive_key), arg,
6538 STRUCT_SIZE(derive_key)) != 0) {
6539 error = EFAULT;
6540 }
6541 out:
6542 CRYPTO_SESSION_RELE(sp);
6543 crypto_release_minor(cm);
6544
6545 if (real_provider != NULL) {
6546 crypto_free_mech(real_provider,
6547 allocated_by_crypto_module, &mech);
6548 KCF_PROV_REFRELE(real_provider);
6549 }
6550 return (error);
6551 }
6552
6553 /* ARGSUSED */
6554 static int
crypto_ioctl(dev_t dev,int cmd,intptr_t arg,int mode,cred_t * c,int * rval)6555 crypto_ioctl(dev_t dev, int cmd, intptr_t arg, int mode, cred_t *c,
6556 int *rval)
6557 {
6558 #define ARG ((caddr_t)arg)
6559
6560 switch (cmd) {
6561 case CRYPTO_GET_FUNCTION_LIST:
6562 return (get_function_list(dev, ARG, mode, rval));
6563
6564 case CRYPTO_GET_MECHANISM_NUMBER:
6565 return (get_mechanism_number(dev, ARG, mode, rval));
6566
6567 case CRYPTO_GET_MECHANISM_LIST:
6568 return (get_mechanism_list(dev, ARG, mode, rval));
6569
6570 case CRYPTO_GET_ALL_MECHANISM_INFO:
6571 return (get_all_mechanism_info(dev, ARG, mode, rval));
6572
6573 case CRYPTO_GET_PROVIDER_LIST:
6574 return (get_provider_list(dev, ARG, mode, rval));
6575
6576 case CRYPTO_GET_PROVIDER_INFO:
6577 return (get_provider_info(dev, ARG, mode, rval));
6578
6579 case CRYPTO_GET_PROVIDER_MECHANISMS:
6580 return (get_provider_mechanisms(dev, ARG, mode, rval));
6581
6582 case CRYPTO_GET_PROVIDER_MECHANISM_INFO:
6583 return (get_provider_mechanism_info(dev, ARG, mode, rval));
6584
6585 case CRYPTO_OPEN_SESSION:
6586 return (open_session(dev, ARG, mode, rval));
6587
6588 case CRYPTO_CLOSE_SESSION:
6589 return (close_session(dev, ARG, mode, rval));
6590
6591 case CRYPTO_ENCRYPT_INIT:
6592 return (encrypt_init(dev, ARG, mode, rval));
6593
6594 case CRYPTO_DECRYPT_INIT:
6595 return (decrypt_init(dev, ARG, mode, rval));
6596
6597 case CRYPTO_ENCRYPT:
6598 return (encrypt(dev, ARG, mode, rval));
6599
6600 case CRYPTO_DECRYPT:
6601 return (decrypt(dev, ARG, mode, rval));
6602
6603 case CRYPTO_ENCRYPT_UPDATE:
6604 return (encrypt_update(dev, ARG, mode, rval));
6605
6606 case CRYPTO_DECRYPT_UPDATE:
6607 return (decrypt_update(dev, ARG, mode, rval));
6608
6609 case CRYPTO_ENCRYPT_FINAL:
6610 return (encrypt_final(dev, ARG, mode, rval));
6611
6612 case CRYPTO_DECRYPT_FINAL:
6613 return (decrypt_final(dev, ARG, mode, rval));
6614
6615 case CRYPTO_DIGEST_INIT:
6616 return (digest_init(dev, ARG, mode, rval));
6617
6618 case CRYPTO_DIGEST:
6619 return (digest(dev, ARG, mode, rval));
6620
6621 case CRYPTO_DIGEST_UPDATE:
6622 return (digest_update(dev, ARG, mode, rval));
6623
6624 case CRYPTO_DIGEST_KEY:
6625 return (digest_key(dev, ARG, mode, rval));
6626
6627 case CRYPTO_DIGEST_FINAL:
6628 return (digest_final(dev, ARG, mode, rval));
6629
6630 case CRYPTO_SIGN_INIT:
6631 return (sign_init(dev, ARG, mode, rval));
6632
6633 case CRYPTO_SIGN:
6634 return (sign(dev, ARG, mode, rval));
6635
6636 case CRYPTO_SIGN_UPDATE:
6637 return (sign_update(dev, ARG, mode, rval));
6638
6639 case CRYPTO_SIGN_FINAL:
6640 return (sign_final(dev, ARG, mode, rval));
6641
6642 case CRYPTO_SIGN_RECOVER_INIT:
6643 return (sign_recover_init(dev, ARG, mode, rval));
6644
6645 case CRYPTO_SIGN_RECOVER:
6646 return (sign_recover(dev, ARG, mode, rval));
6647
6648 case CRYPTO_VERIFY_INIT:
6649 return (verify_init(dev, ARG, mode, rval));
6650
6651 case CRYPTO_VERIFY:
6652 return (verify(dev, ARG, mode, rval));
6653
6654 case CRYPTO_VERIFY_UPDATE:
6655 return (verify_update(dev, ARG, mode, rval));
6656
6657 case CRYPTO_VERIFY_FINAL:
6658 return (verify_final(dev, ARG, mode, rval));
6659
6660 case CRYPTO_VERIFY_RECOVER_INIT:
6661 return (verify_recover_init(dev, ARG, mode, rval));
6662
6663 case CRYPTO_VERIFY_RECOVER:
6664 return (verify_recover(dev, ARG, mode, rval));
6665
6666 case CRYPTO_SET_PIN:
6667 return (set_pin(dev, ARG, mode, rval));
6668
6669 case CRYPTO_LOGIN:
6670 return (login(dev, ARG, mode, rval));
6671
6672 case CRYPTO_LOGOUT:
6673 return (logout(dev, ARG, mode, rval));
6674
6675 case CRYPTO_SEED_RANDOM:
6676 return (seed_random(dev, ARG, mode, rval));
6677
6678 case CRYPTO_GENERATE_RANDOM:
6679 return (generate_random(dev, ARG, mode, rval));
6680
6681 case CRYPTO_OBJECT_CREATE:
6682 return (object_create(dev, ARG, mode, rval));
6683
6684 case CRYPTO_OBJECT_COPY:
6685 return (object_copy(dev, ARG, mode, rval));
6686
6687 case CRYPTO_OBJECT_DESTROY:
6688 return (object_destroy(dev, ARG, mode, rval));
6689
6690 case CRYPTO_OBJECT_GET_ATTRIBUTE_VALUE:
6691 return (object_get_attribute_value(dev, ARG, mode, rval));
6692
6693 case CRYPTO_OBJECT_GET_SIZE:
6694 return (object_get_size(dev, ARG, mode, rval));
6695
6696 case CRYPTO_OBJECT_SET_ATTRIBUTE_VALUE:
6697 return (object_set_attribute_value(dev, ARG, mode, rval));
6698
6699 case CRYPTO_OBJECT_FIND_INIT:
6700 return (object_find_init(dev, ARG, mode, rval));
6701
6702 case CRYPTO_OBJECT_FIND_UPDATE:
6703 return (object_find_update(dev, ARG, mode, rval));
6704
6705 case CRYPTO_OBJECT_FIND_FINAL:
6706 return (object_find_final(dev, ARG, mode, rval));
6707
6708 case CRYPTO_GENERATE_KEY:
6709 return (object_generate_key(dev, ARG, mode, rval));
6710
6711 case CRYPTO_GENERATE_KEY_PAIR:
6712 return (object_generate_key_pair(dev, ARG, mode, rval));
6713
6714 case CRYPTO_WRAP_KEY:
6715 return (object_wrap_key(dev, ARG, mode, rval));
6716
6717 case CRYPTO_UNWRAP_KEY:
6718 return (object_unwrap_key(dev, ARG, mode, rval));
6719
6720 case CRYPTO_DERIVE_KEY:
6721 return (object_derive_key(dev, ARG, mode, rval));
6722
6723 case CRYPTO_NOSTORE_GENERATE_KEY:
6724 return (nostore_generate_key(dev, ARG, mode, rval));
6725
6726 case CRYPTO_NOSTORE_GENERATE_KEY_PAIR:
6727 return (nostore_generate_key_pair(dev, ARG, mode, rval));
6728
6729 case CRYPTO_NOSTORE_DERIVE_KEY:
6730 return (nostore_derive_key(dev, ARG, mode, rval));
6731 }
6732 return (EINVAL);
6733 }
6734
6735 /*
6736 * Check for the project.max-crypto-memory resource control.
6737 */
6738 static int
crypto_buffer_check(size_t need)6739 crypto_buffer_check(size_t need)
6740 {
6741 kproject_t *kpj;
6742
6743 if (need == 0)
6744 return (CRYPTO_SUCCESS);
6745
6746 mutex_enter(&curproc->p_lock);
6747 kpj = curproc->p_task->tk_proj;
6748 mutex_enter(&(kpj->kpj_data.kpd_crypto_lock));
6749
6750 if (kpj->kpj_data.kpd_crypto_mem + need >
6751 kpj->kpj_data.kpd_crypto_mem_ctl) {
6752 if (rctl_test(rc_project_crypto_mem,
6753 kpj->kpj_rctls, curproc, need, 0) & RCT_DENY) {
6754 mutex_exit(&(kpj->kpj_data.kpd_crypto_lock));
6755 mutex_exit(&curproc->p_lock);
6756 return (CRYPTO_HOST_MEMORY);
6757 }
6758 }
6759
6760 kpj->kpj_data.kpd_crypto_mem += need;
6761 mutex_exit(&(kpj->kpj_data.kpd_crypto_lock));
6762
6763 curproc->p_crypto_mem += need;
6764 mutex_exit(&curproc->p_lock);
6765
6766 return (CRYPTO_SUCCESS);
6767 }
6768