1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 /* 27 * Core KCF (Kernel Cryptographic Framework). This file implements 28 * the cryptoadm entry points. 29 */ 30 31 #include <sys/systm.h> 32 #include <sys/errno.h> 33 #include <sys/cmn_err.h> 34 #include <sys/rwlock.h> 35 #include <sys/kmem.h> 36 #include <sys/modctl.h> 37 #include <sys/sunddi.h> 38 #include <sys/door.h> 39 #include <sys/crypto/common.h> 40 #include <sys/crypto/api.h> 41 #include <sys/crypto/spi.h> 42 #include <sys/crypto/impl.h> 43 #include <sys/crypto/sched_impl.h> 44 45 /* protects the the soft_config_list. */ 46 kmutex_t soft_config_mutex; 47 48 /* 49 * This linked list contains software configuration entries. 50 * The initial list is just software providers loaded by kcf_soft_config_init(). 51 * Additional entries may appear for both hardware and software providers 52 * from kcf.conf. These come from "cryptoadm start", which reads file kcf.conf 53 * and updates this table using the CRYPTO_LOAD_SOFT_CONFIG ioctl. 54 * Further cryptoadm commands modify this file and update this table with ioctl. 55 * This list is protected by the soft_config_mutex. 56 */ 57 kcf_soft_conf_entry_t *soft_config_list; 58 59 static int add_soft_config(char *, uint_t, crypto_mech_name_t *); 60 static int dup_mech_names(kcf_provider_desc_t *, crypto_mech_name_t **, 61 uint_t *, int); 62 static void free_soft_config_entry(kcf_soft_conf_entry_t *); 63 64 #define KCF_MAX_CONFIG_ENTRIES 512 /* maximum entries in soft_config_list */ 65 66 #if DEBUG 67 extern int kcf_frmwrk_debug; 68 static void kcf_soft_config_dump(char *message); 69 #endif /* DEBUG */ 70 71 /* 72 * Count and return the number of mechanisms in an array of crypto_mech_name_t 73 * (excluding final NUL-character string element). 74 */ 75 static int 76 count_mechanisms(crypto_mech_name_t mechs[]) { 77 int count; 78 for (count = 0; mechs[count][0] != '\0'; ++count); 79 return (count); 80 } 81 82 /* 83 * Initialize a mutex and populate soft_config_list with default entries 84 * of kernel software providers. 85 * Called from kcf module _init(). 86 */ 87 void 88 kcf_soft_config_init(void) 89 { 90 typedef struct { 91 char *name; 92 crypto_mech_name_t *mechs; 93 } initial_soft_config_entry_t; 94 95 /* 96 * This provides initial default values to soft_config_list. 97 * It is equivalent to these lines in /etc/crypto/kcf.conf 98 * (without line breaks and indenting): 99 * 100 * # /etc/crypto/kcf.conf 101 * des:supportedlist=CKM_DES_CBC,CKM_DES_ECB,CKM_DES3_CBC,CKM_DES3_ECB 102 * aes:supportedlist=CKM_AES_ECB,CKM_AES_CBC,CKM_AES_CTR,CKM_AES_CCM,\ 103 * CKM_AES_GCM,CKM_AES_GMAC 104 * arcfour:supportedlist=CKM_RC4 105 * blowfish:supportedlist=CKM_BLOWFISH_ECB,CKM_BLOWFISH_CBC 106 * ecc:supportedlist=CKM_EC_KEY_PAIR_GEN,CKM_ECDH1_DERIVE,CKM_ECDSA,\ 107 * CKM_ECDSA_SHA1 108 * sha1:supportedlist=CKM_SHA_1,CKM_SHA_1_HMAC_GENERAL,CKM_SHA_1_HMAC 109 * sha2:supportedlist=CKM_SHA256,CKM_SHA256_HMAC,\ 110 * CKM_SHA256_HMAC_GENERAL,CKM_SHA384,CKM_SHA384_HMAC,\ 111 * CKM_SHA384_HMAC_GENERAL,CKM_SHA512,CKM_SHA512_HMAC,\ 112 * CKM_SHA512_HMAC_GENERAL 113 * md4:supportedlist=CKM_MD4 114 * md5:supportedlist=CKM_MD5,CKM_MD5_HMAC_GENERAL,CKM_MD5_HMAC 115 * rsa:supportedlist=CKM_RSA_PKCS,CKM_RSA_X_509,CKM_MD5_RSA_PKCS,\ 116 * CKM_SHA1_RSA_PKCS,CKM_SHA256_RSA_PKCS,CKM_SHA384_RSA_PKCS,\ 117 * CKM_SHA512_RSA_PKCS 118 * swrand:supportedlist=random 119 * 120 * WARNING: If you add a new kernel crypto provider or mechanism, 121 * you must update these structures. 122 * 123 * 1. To add a new mechanism to a provider add the string to the 124 * appropriate array below and comment above. 125 * 126 * 2. To add a new provider, create a new *_mechs array listing the 127 * provider's mechanism(s) and a new comment line above. 128 * Add the new *_mechs array to initial_soft_config_entry[]. 129 * 130 * 3. If appropriate (that is the new mechanism is needed before 131 * cryptosvc runs), add to kcf_init_mech_tabs() in kcf_mech_tabs.c. 132 */ 133 static crypto_mech_name_t des_mechs[] = { 134 "CKM_DES_CBC", "CKM_DES_ECB", "CKM_DES3_CBC", "CKM_DES3_ECB", ""}; 135 static crypto_mech_name_t aes_mechs[] = { 136 "CKM_AES_ECB", "CKM_AES_CBC", "CKM_AES_CTR", "CKM_AES_CCM", 137 "CKM_AES_GCM", "CKM_AES_GMAC", ""}; 138 static crypto_mech_name_t arcfour_mechs[] = { 139 "CKM_RC4", ""}; 140 static crypto_mech_name_t blowfish_mechs[] = { 141 "CKM_BLOWFISH_ECB", "CKM_BLOWFISH_CBC", ""}; 142 static crypto_mech_name_t ecc_mechs[] = { 143 "CKM_EC_KEY_PAIR_GEN", "CKM_ECDH1_DERIVE", "CKM_ECDSA", 144 "CKM_ECDSA_SHA1", ""}; 145 static crypto_mech_name_t sha1_mechs[] = { 146 "CKM_SHA_1", "CKM_SHA_1_HMAC_GENERAL", "CKM_SHA_1_HMAC", ""}; 147 static crypto_mech_name_t sha2_mechs[] = { 148 "CKM_SHA256", "CKM_SHA256_HMAC", "CKM_SHA256_HMAC_GENERAL", 149 "CKM_SHA384", "CKM_SHA384_HMAC", "CKM_SHA384_HMAC_GENERAL", 150 "CKM_SHA512", "CKM_SHA512_HMAC", "CKM_SHA512_HMAC_GENERAL", ""}; 151 static crypto_mech_name_t md4_mechs[] = { 152 "CKM_MD4", ""}; 153 static crypto_mech_name_t md5_mechs[] = { 154 "CKM_MD5", "CKM_MD5_HMAC_GENERAL", "CKM_MD5_HMAC", ""}; 155 static crypto_mech_name_t rsa_mechs[] = { 156 "CKM_RSA_PKCS", "CKM_RSA_X_509", "CKM_MD5_RSA_PKCS", 157 "CKM_SHA1_RSA_PKCS", "CKM_SHA256_RSA_PKCS", "CKM_SHA384_RSA_PKCS", 158 "CKM_SHA512_RSA_PKCS", ""}; 159 static crypto_mech_name_t swrand_mechs[] = { 160 "random", NULL}; 161 static initial_soft_config_entry_t 162 initial_soft_config_entry[] = { 163 "des", des_mechs, 164 "aes", aes_mechs, 165 "arcfour", arcfour_mechs, 166 "blowfish", blowfish_mechs, 167 "ecc", ecc_mechs, 168 "sha1", sha1_mechs, 169 "sha2", sha2_mechs, 170 "md4", md4_mechs, 171 "md5", md5_mechs, 172 "rsa", rsa_mechs, 173 "swrand", swrand_mechs 174 }; 175 const int initial_soft_config_entries = 176 sizeof (initial_soft_config_entry) 177 / sizeof (initial_soft_config_entry_t); 178 int i; 179 180 mutex_init(&soft_config_mutex, NULL, MUTEX_DRIVER, NULL); 181 182 /* 183 * Initialize soft_config_list with default providers. 184 * Populate the linked list backwards so the first entry appears first. 185 */ 186 for (i = initial_soft_config_entries - 1; i >= 0; --i) { 187 initial_soft_config_entry_t *p = &initial_soft_config_entry[i]; 188 crypto_mech_name_t *mechsp; 189 uint_t alloc_size; 190 int mech_count, r; 191 192 /* allocate/initialize memory for mechanism list */ 193 mech_count = count_mechanisms(p->mechs); 194 alloc_size = mech_count * CRYPTO_MAX_MECH_NAME; 195 mechsp = kmem_alloc(alloc_size, KM_SLEEP); 196 bcopy(p->mechs, mechsp, alloc_size); 197 198 r = add_soft_config(p->name, mech_count, mechsp); 199 if (r != 0) 200 cmn_err(CE_WARN, 201 "add_soft_config(%s) failed; returned %d\n", 202 p->name, r); 203 } 204 #if DEBUG 205 if (kcf_frmwrk_debug >= 1) 206 kcf_soft_config_dump("kcf_soft_config_init"); 207 #endif /* DEBUG */ 208 } 209 210 211 #if DEBUG 212 /* 213 * Dump soft_config_list, containing a list of kernel software providers 214 * and (optionally) hardware providers, with updates from kcf.conf. 215 * Dump mechanism lists too if kcf_frmwrk_debug is >= 2. 216 */ 217 static void 218 kcf_soft_config_dump(char *message) 219 { 220 kcf_soft_conf_entry_t *p; 221 uint_t i; 222 223 mutex_enter(&soft_config_mutex); 224 printf("Soft provider config list soft_config_list: %s\n", 225 message != NULL ? message : ""); 226 227 for (p = soft_config_list; p != NULL; p = p->ce_next) { 228 printf("ce_name: %s, %d ce_mechs\n", p->ce_name, p->ce_count); 229 if (kcf_frmwrk_debug >= 2) { 230 printf("\tce_mechs: "); 231 for (i = 0; i < p->ce_count; i++) { 232 printf("%s ", p->ce_mechs[i]); 233 } 234 printf("\n"); 235 } 236 } 237 printf("(end of soft_config_list)\n"); 238 239 mutex_exit(&soft_config_mutex); 240 } 241 #endif /* DEBUG */ 242 243 244 /* 245 * Utility routine to identify the providers to filter out and 246 * present only one provider. This happens when a hardware provider 247 * registers multiple units of the same device instance. 248 * 249 * Called from crypto_get_dev_list(). 250 */ 251 static void 252 filter_providers(uint_t count, kcf_provider_desc_t **provider_array, 253 char *skip_providers, int *mech_counts, int *new_count) 254 { 255 int i, j; 256 kcf_provider_desc_t *prov1, *prov2; 257 int n = 0; 258 259 for (i = 0; i < count; i++) { 260 if (skip_providers[i] == 1) 261 continue; 262 263 prov1 = provider_array[i]; 264 mech_counts[i] = prov1->pd_mech_list_count; 265 for (j = i + 1; j < count; j++) { 266 prov2 = provider_array[j]; 267 if (strncmp(prov1->pd_name, prov2->pd_name, 268 MAXNAMELEN) == 0 && 269 prov1->pd_instance == prov2->pd_instance) { 270 skip_providers[j] = 1; 271 mech_counts[i] += prov2->pd_mech_list_count; 272 } 273 } 274 n++; 275 } 276 277 *new_count = n; 278 } 279 280 281 /* 282 * Return a list of kernel hardware providers and a count of each 283 * provider's supported mechanisms. 284 * Called from the CRYPTO_GET_DEV_LIST ioctl. 285 */ 286 int 287 crypto_get_dev_list(uint_t *count, crypto_dev_list_entry_t **array) 288 { 289 kcf_provider_desc_t **provider_array; 290 kcf_provider_desc_t *pd; 291 crypto_dev_list_entry_t *p; 292 size_t skip_providers_size, mech_counts_size; 293 char *skip_providers; 294 uint_t provider_count; 295 int rval, i, j, new_count, *mech_counts; 296 297 /* 298 * Take snapshot of provider table returning only hardware providers 299 * that are in a usable state. Logical providers not included. 300 */ 301 rval = kcf_get_hw_prov_tab(&provider_count, &provider_array, KM_SLEEP, 302 NULL, 0, B_FALSE); 303 if (rval != CRYPTO_SUCCESS) 304 return (rval); 305 306 if (provider_count == 0) { 307 *array = NULL; 308 *count = 0; 309 return (CRYPTO_SUCCESS); 310 } 311 312 skip_providers_size = provider_count * sizeof (char); 313 mech_counts_size = provider_count * sizeof (int); 314 315 skip_providers = kmem_zalloc(skip_providers_size, KM_SLEEP); 316 mech_counts = kmem_zalloc(mech_counts_size, KM_SLEEP); 317 filter_providers(provider_count, provider_array, skip_providers, 318 mech_counts, &new_count); 319 320 p = kmem_alloc(new_count * sizeof (crypto_dev_list_entry_t), KM_SLEEP); 321 for (i = 0, j = 0; i < provider_count; i++) { 322 if (skip_providers[i] == 1) { 323 ASSERT(mech_counts[i] == 0); 324 continue; 325 } 326 pd = provider_array[i]; 327 p[j].le_mechanism_count = mech_counts[i]; 328 p[j].le_dev_instance = pd->pd_instance; 329 (void) strncpy(p[j].le_dev_name, pd->pd_name, MAXNAMELEN); 330 j++; 331 } 332 333 kcf_free_provider_tab(provider_count, provider_array); 334 kmem_free(skip_providers, skip_providers_size); 335 kmem_free(mech_counts, mech_counts_size); 336 337 *array = p; 338 *count = new_count; 339 return (CRYPTO_SUCCESS); 340 } 341 342 /* 343 * Return a buffer containing the null terminated names of software providers 344 * loaded by CRYPTO_LOAD_SOFT_CONFIG. 345 * Called from the CRYPTO_GET_SOFT_LIST ioctl. 346 */ 347 int 348 crypto_get_soft_list(uint_t *count, char **array, size_t *len) 349 { 350 char *names = NULL, *namep, *end; 351 kcf_soft_conf_entry_t *p; 352 uint_t n = 0, cnt = 0, final_count = 0; 353 size_t name_len, final_size = 0; 354 355 /* first estimate */ 356 mutex_enter(&soft_config_mutex); 357 for (p = soft_config_list; p != NULL; p = p->ce_next) { 358 n += strlen(p->ce_name) + 1; 359 cnt++; 360 } 361 mutex_exit(&soft_config_mutex); 362 363 if (cnt == 0) 364 goto out; 365 366 again: 367 namep = names = kmem_alloc(n, KM_SLEEP); 368 end = names + n; 369 final_size = 0; 370 final_count = 0; 371 372 mutex_enter(&soft_config_mutex); 373 for (p = soft_config_list; p != NULL; p = p->ce_next) { 374 name_len = strlen(p->ce_name) + 1; 375 /* check for enough space */ 376 if ((namep + name_len) > end) { 377 mutex_exit(&soft_config_mutex); 378 kmem_free(names, n); 379 n = n << 1; 380 goto again; 381 } 382 (void) strcpy(namep, p->ce_name); 383 namep += name_len; 384 final_size += name_len; 385 final_count++; 386 } 387 mutex_exit(&soft_config_mutex); 388 389 ASSERT(final_size <= n); 390 391 /* check if buffer we allocated is too large */ 392 if (final_size < n) { 393 char *final_buffer; 394 395 final_buffer = kmem_alloc(final_size, KM_SLEEP); 396 bcopy(names, final_buffer, final_size); 397 kmem_free(names, n); 398 names = final_buffer; 399 } 400 out: 401 *array = names; 402 *count = final_count; 403 *len = final_size; 404 return (CRYPTO_SUCCESS); 405 } 406 407 /* 408 * Check if a mechanism name is already in a mechanism name array 409 * Called by crypto_get_dev_info(). 410 */ 411 static boolean_t 412 duplicate(char *name, crypto_mech_name_t *array, int count) 413 { 414 int i; 415 416 for (i = 0; i < count; i++) { 417 if (strncmp(name, &array[i][0], 418 sizeof (crypto_mech_name_t)) == 0) 419 return (B_TRUE); 420 } 421 return (B_FALSE); 422 } 423 424 /* 425 * Return a list of kernel hardware providers for a given name and instance. 426 * For each entry, also return a list of their supported mechanisms. 427 * Called from the CRYPTO_GET_DEV_INFO ioctl. 428 */ 429 int 430 crypto_get_dev_info(char *name, uint_t instance, uint_t *count, 431 crypto_mech_name_t **array) 432 { 433 int rv; 434 crypto_mech_name_t *mech_names, *resized_array; 435 int i, j, k = 0, max_count; 436 uint_t provider_count; 437 kcf_provider_desc_t **provider_array; 438 kcf_provider_desc_t *pd; 439 440 /* 441 * Get provider table entries matching name and instance 442 * for hardware providers that are in a usable state. 443 * Logical providers not included. NULL name matches 444 * all hardware providers. 445 */ 446 rv = kcf_get_hw_prov_tab(&provider_count, &provider_array, KM_SLEEP, 447 name, instance, B_FALSE); 448 if (rv != CRYPTO_SUCCESS) 449 return (rv); 450 451 if (provider_count == 0) 452 return (CRYPTO_ARGUMENTS_BAD); 453 454 /* Count all mechanisms supported by all providers */ 455 max_count = 0; 456 for (i = 0; i < provider_count; i++) 457 max_count += provider_array[i]->pd_mech_list_count; 458 459 if (max_count == 0) { 460 mech_names = NULL; 461 goto out; 462 } 463 464 /* Allocate space and copy mech names */ 465 mech_names = kmem_alloc(max_count * sizeof (crypto_mech_name_t), 466 KM_SLEEP); 467 468 k = 0; 469 for (i = 0; i < provider_count; i++) { 470 pd = provider_array[i]; 471 for (j = 0; j < pd->pd_mech_list_count; j++) { 472 /* check for duplicate */ 473 if (duplicate(&pd->pd_mechanisms[j].cm_mech_name[0], 474 mech_names, k)) 475 continue; 476 bcopy(&pd->pd_mechanisms[j].cm_mech_name[0], 477 &mech_names[k][0], sizeof (crypto_mech_name_t)); 478 k++; 479 } 480 } 481 482 /* resize */ 483 if (k != max_count) { 484 resized_array = 485 kmem_alloc(k * sizeof (crypto_mech_name_t), KM_SLEEP); 486 bcopy(mech_names, resized_array, 487 k * sizeof (crypto_mech_name_t)); 488 kmem_free(mech_names, 489 max_count * sizeof (crypto_mech_name_t)); 490 mech_names = resized_array; 491 } 492 493 out: 494 kcf_free_provider_tab(provider_count, provider_array); 495 *count = k; 496 *array = mech_names; 497 498 return (CRYPTO_SUCCESS); 499 } 500 501 /* 502 * Given a kernel software provider name, return a list of mechanisms 503 * it supports. 504 * Called from the CRYPTO_GET_SOFT_INFO ioctl. 505 */ 506 int 507 crypto_get_soft_info(caddr_t name, uint_t *count, crypto_mech_name_t **array) 508 { 509 ddi_modhandle_t modh = NULL; 510 kcf_provider_desc_t *provider; 511 int rv; 512 513 provider = kcf_prov_tab_lookup_by_name(name); 514 if (provider == NULL) { 515 char *tmp; 516 int name_len; 517 518 /* strlen("crypto/") + NULL terminator == 8 */ 519 name_len = strlen(name); 520 tmp = kmem_alloc(name_len + 8, KM_SLEEP); 521 bcopy("crypto/", tmp, 7); 522 bcopy(name, &tmp[7], name_len); 523 tmp[name_len + 7] = '\0'; 524 525 modh = ddi_modopen(tmp, KRTLD_MODE_FIRST, NULL); 526 kmem_free(tmp, name_len + 8); 527 528 if (modh == NULL) { 529 return (CRYPTO_ARGUMENTS_BAD); 530 } 531 532 provider = kcf_prov_tab_lookup_by_name(name); 533 if (provider == NULL) { 534 return (CRYPTO_ARGUMENTS_BAD); 535 } 536 } 537 538 rv = dup_mech_names(provider, array, count, KM_SLEEP); 539 KCF_PROV_REFRELE(provider); 540 if (modh != NULL) 541 (void) ddi_modclose(modh); 542 return (rv); 543 } 544 545 546 /* 547 * Change the mechanism list for a provider. 548 * If "direction" is CRYPTO_MECH_ADDED, add new mechanisms. 549 * If "direction" is CRYPTO_MECH_REMOVED, remove the mechanism list. 550 * Called from crypto_load_dev_disabled(). 551 */ 552 static void 553 kcf_change_mechs(kcf_provider_desc_t *provider, uint_t count, 554 crypto_mech_name_t *array, crypto_event_change_t direction) 555 { 556 crypto_notify_event_change_t ec; 557 crypto_mech_info_t *mi; 558 kcf_prov_mech_desc_t *pmd; 559 char *mech; 560 int i, j, n; 561 562 ASSERT(direction == CRYPTO_MECH_ADDED || 563 direction == CRYPTO_MECH_REMOVED); 564 565 if (provider == NULL) { 566 /* 567 * Nothing to add or remove from the tables since 568 * the provider isn't registered. 569 */ 570 return; 571 } 572 573 for (i = 0; i < count; i++) { 574 if (array[i][0] == '\0') 575 continue; 576 577 mech = &array[i][0]; 578 579 n = provider->pd_mech_list_count; 580 for (j = 0; j < n; j++) { 581 mi = &provider->pd_mechanisms[j]; 582 if (strncmp(mi->cm_mech_name, mech, 583 CRYPTO_MAX_MECH_NAME) == 0) 584 break; 585 } 586 if (j == n) 587 continue; 588 589 switch (direction) { 590 case CRYPTO_MECH_ADDED: 591 (void) kcf_add_mech_provider(j, provider, &pmd); 592 break; 593 594 case CRYPTO_MECH_REMOVED: 595 kcf_remove_mech_provider(mech, provider); 596 break; 597 } 598 599 /* Inform interested clients of the event */ 600 ec.ec_provider_type = provider->pd_prov_type; 601 ec.ec_change = direction; 602 603 (void) strncpy(ec.ec_mech_name, mech, CRYPTO_MAX_MECH_NAME); 604 kcf_walk_ntfylist(CRYPTO_EVENT_MECHS_CHANGED, &ec); 605 } 606 } 607 608 /* 609 * If a mech name in the second array (prev_array) is also in the 610 * first array, then a NULL character is written into the first byte 611 * of the mech name in the second array. This effectively removes 612 * the mech name from the second array. 613 */ 614 static void 615 kcf_compare_mechs(uint_t count, crypto_mech_name_t *array, uint_t prev_count, 616 crypto_mech_name_t *prev_array) 617 { 618 int i, j; 619 620 for (i = 0; i < prev_count; i++) { 621 for (j = 0; j < count; j++) { 622 if (strncmp(&prev_array[i][0], &array[j][0], 623 CRYPTO_MAX_MECH_NAME) == 0) { 624 prev_array[i][0] = '\0'; 625 } 626 } 627 } 628 } 629 630 /* 631 * Called from CRYPTO_LOAD_DEV_DISABLED ioctl. 632 * If new_count is 0, then completely remove the entry. 633 */ 634 int 635 crypto_load_dev_disabled(char *name, uint_t instance, uint_t new_count, 636 crypto_mech_name_t *new_array) 637 { 638 kcf_provider_desc_t *provider = NULL; 639 kcf_provider_desc_t **provider_array; 640 crypto_mech_name_t *prev_array; 641 uint_t provider_count, prev_count; 642 int i, rv = CRYPTO_SUCCESS; 643 644 /* 645 * Remove the policy entry if new_count is 0, otherwise put disabled 646 * mechanisms into policy table. 647 */ 648 if (new_count == 0) { 649 kcf_policy_remove_by_dev(name, instance, &prev_count, 650 &prev_array); 651 } else if ((rv = kcf_policy_load_dev_disabled(name, instance, new_count, 652 new_array, &prev_count, &prev_array)) != CRYPTO_SUCCESS) { 653 return (rv); 654 } 655 656 /* 657 * Get provider table entries matching name and instance 658 * for providers that are are in a usable or unverified state. 659 */ 660 rv = kcf_get_hw_prov_tab(&provider_count, &provider_array, KM_SLEEP, 661 name, instance, B_TRUE); 662 if (rv != CRYPTO_SUCCESS) 663 return (rv); 664 665 for (i = 0; i < provider_count; i++) { 666 provider = provider_array[i]; 667 668 /* previously disabled mechanisms may become enabled */ 669 if (prev_array != NULL) { 670 kcf_compare_mechs(new_count, new_array, 671 prev_count, prev_array); 672 kcf_change_mechs(provider, prev_count, prev_array, 673 CRYPTO_MECH_ADDED); 674 } 675 676 kcf_change_mechs(provider, new_count, new_array, 677 CRYPTO_MECH_REMOVED); 678 } 679 680 kcf_free_provider_tab(provider_count, provider_array); 681 crypto_free_mech_list(prev_array, prev_count); 682 return (rv); 683 } 684 685 /* 686 * Called from CRYPTO_LOAD_SOFT_DISABLED ioctl. 687 * If new_count is 0, then completely remove the entry. 688 */ 689 int 690 crypto_load_soft_disabled(char *name, uint_t new_count, 691 crypto_mech_name_t *new_array) 692 { 693 kcf_provider_desc_t *provider = NULL; 694 crypto_mech_name_t *prev_array; 695 uint_t prev_count = 0; 696 int rv; 697 698 provider = kcf_prov_tab_lookup_by_name(name); 699 if (provider != NULL) { 700 mutex_enter(&provider->pd_lock); 701 /* 702 * Check if any other thread is disabling or removing 703 * this provider. We return if this is the case. 704 */ 705 if (provider->pd_state >= KCF_PROV_DISABLED) { 706 mutex_exit(&provider->pd_lock); 707 KCF_PROV_REFRELE(provider); 708 return (CRYPTO_BUSY); 709 } 710 provider->pd_state = KCF_PROV_DISABLED; 711 mutex_exit(&provider->pd_lock); 712 713 undo_register_provider(provider, B_TRUE); 714 KCF_PROV_REFRELE(provider); 715 if (provider->pd_kstat != NULL) 716 KCF_PROV_REFRELE(provider); 717 718 /* Wait till the existing requests complete. */ 719 while (kcf_get_refcnt(provider, B_TRUE) > 0) { 720 /* wait 1 second and try again. */ 721 delay(1 * drv_usectohz(1000000)); 722 } 723 } 724 725 if (new_count == 0) { 726 kcf_policy_remove_by_name(name, &prev_count, &prev_array); 727 crypto_free_mech_list(prev_array, prev_count); 728 rv = CRYPTO_SUCCESS; 729 goto out; 730 } 731 732 /* put disabled mechanisms into policy table */ 733 if ((rv = kcf_policy_load_soft_disabled(name, new_count, new_array, 734 &prev_count, &prev_array)) == CRYPTO_SUCCESS) { 735 crypto_free_mech_list(prev_array, prev_count); 736 } 737 738 out: 739 if (provider != NULL) { 740 redo_register_provider(provider); 741 if (provider->pd_kstat != NULL) 742 KCF_PROV_REFHOLD(provider); 743 mutex_enter(&provider->pd_lock); 744 provider->pd_state = KCF_PROV_READY; 745 mutex_exit(&provider->pd_lock); 746 } else if (rv == CRYPTO_SUCCESS) { 747 /* 748 * There are some cases where it is useful to kCF clients 749 * to have a provider whose mechanism is enabled now to be 750 * available. So, we attempt to load it here. 751 * 752 * The check, new_count < prev_count, ensures that we do this 753 * only in the case where a mechanism(s) is now enabled. 754 * This check assumes that enable and disable are separate 755 * administrative actions and are not done in a single action. 756 */ 757 if ((new_count < prev_count) && 758 (modload("crypto", name) != -1)) { 759 struct modctl *mcp; 760 boolean_t load_again = B_FALSE; 761 762 if ((mcp = mod_hold_by_name(name)) != NULL) { 763 mcp->mod_loadflags |= MOD_NOAUTOUNLOAD; 764 765 /* memory pressure may have unloaded module */ 766 if (!mcp->mod_installed) 767 load_again = B_TRUE; 768 mod_release_mod(mcp); 769 770 if (load_again) 771 (void) modload("crypto", name); 772 } 773 } 774 } 775 776 return (rv); 777 } 778 779 /* called from the CRYPTO_LOAD_SOFT_CONFIG ioctl */ 780 int 781 crypto_load_soft_config(caddr_t name, uint_t count, crypto_mech_name_t *array) 782 { 783 return (add_soft_config(name, count, array)); 784 } 785 786 /* 787 * Unload a kernel software crypto module. 788 * Called from the CRYPTO_UNLOAD_SOFT_MODULE ioctl. 789 */ 790 int 791 crypto_unload_soft_module(caddr_t name) 792 { 793 int error; 794 modid_t id; 795 kcf_provider_desc_t *provider; 796 struct modctl *mcp; 797 798 /* verify that 'name' refers to a registered crypto provider */ 799 if ((provider = kcf_prov_tab_lookup_by_name(name)) == NULL) 800 return (CRYPTO_UNKNOWN_PROVIDER); 801 802 /* 803 * We save the module id and release the reference. We need to 804 * do this as modunload() calls unregister which waits for the 805 * refcnt to drop to zero. 806 */ 807 id = provider->pd_module_id; 808 KCF_PROV_REFRELE(provider); 809 810 if ((mcp = mod_hold_by_name(name)) != NULL) { 811 mcp->mod_loadflags &= ~(MOD_NOAUTOUNLOAD); 812 mod_release_mod(mcp); 813 } 814 815 if ((error = modunload(id)) != 0) { 816 return (error == EBUSY ? CRYPTO_BUSY : CRYPTO_FAILED); 817 } 818 819 return (CRYPTO_SUCCESS); 820 } 821 822 /* 823 * Free the list of kernel hardware crypto providers. 824 * Called by get_dev_list() for the CRYPTO_GET_DEV_LIST ioctl. 825 */ 826 void 827 crypto_free_dev_list(crypto_dev_list_entry_t *array, uint_t count) 828 { 829 if (count == 0 || array == NULL) 830 return; 831 832 kmem_free(array, count * sizeof (crypto_dev_list_entry_t)); 833 } 834 835 /* 836 * Returns duplicate array of mechanisms. The array is allocated and 837 * must be freed by the caller. 838 */ 839 static int 840 dup_mech_names(kcf_provider_desc_t *provider, crypto_mech_name_t **array, 841 uint_t *count, int kmflag) 842 { 843 crypto_mech_name_t *mech_names; 844 uint_t n; 845 uint_t i; 846 847 if ((n = provider->pd_mech_list_count) == 0) { 848 *count = 0; 849 *array = NULL; 850 return (CRYPTO_SUCCESS); 851 } 852 853 mech_names = kmem_alloc(n * sizeof (crypto_mech_name_t), kmflag); 854 if (mech_names == NULL) 855 return (CRYPTO_HOST_MEMORY); 856 857 for (i = 0; i < n; i++) { 858 bcopy(&provider->pd_mechanisms[i].cm_mech_name[0], 859 &mech_names[i][0], sizeof (crypto_mech_name_t)); 860 } 861 862 *count = n; 863 *array = mech_names; 864 return (CRYPTO_SUCCESS); 865 } 866 867 /* 868 * Returns B_TRUE if the specified mechanism is disabled, B_FALSE otherwise. 869 */ 870 boolean_t 871 is_mech_disabled_byname(crypto_provider_type_t prov_type, char *pd_name, 872 uint_t pd_instance, crypto_mech_name_t mech_name) 873 { 874 kcf_policy_desc_t *policy; 875 uint_t i; 876 877 ASSERT(prov_type == CRYPTO_SW_PROVIDER || 878 prov_type == CRYPTO_HW_PROVIDER); 879 880 switch (prov_type) { 881 case CRYPTO_SW_PROVIDER: 882 policy = kcf_policy_lookup_by_name(pd_name); 883 /* no policy for provider - so mechanism can't be disabled */ 884 if (policy == NULL) 885 return (B_FALSE); 886 break; 887 888 case CRYPTO_HW_PROVIDER: 889 policy = kcf_policy_lookup_by_dev(pd_name, pd_instance); 890 /* no policy for provider - so mechanism can't be disabled */ 891 if (policy == NULL) 892 return (B_FALSE); 893 break; 894 } 895 896 mutex_enter(&policy->pd_mutex); 897 for (i = 0; i < policy->pd_disabled_count; i ++) { 898 if (strncmp(mech_name, &policy->pd_disabled_mechs[i][0], 899 CRYPTO_MAX_MECH_NAME) == 0) { 900 mutex_exit(&policy->pd_mutex); 901 KCF_POLICY_REFRELE(policy); 902 return (B_TRUE); 903 } 904 } 905 mutex_exit(&policy->pd_mutex); 906 KCF_POLICY_REFRELE(policy); 907 return (B_FALSE); 908 } 909 910 /* 911 * Returns B_TRUE if the specified mechanism is disabled, B_FALSE otherwise. 912 * 913 * This is a wrapper routine around is_mech_disabled_byname() above and 914 * takes a pointer kcf_provider_desc structure as argument. 915 */ 916 boolean_t 917 is_mech_disabled(kcf_provider_desc_t *provider, crypto_mech_name_t name) 918 { 919 kcf_provider_list_t *e; 920 kcf_provider_desc_t *pd; 921 boolean_t found = B_FALSE; 922 uint_t count, i; 923 924 if (provider->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) { 925 return (is_mech_disabled_byname(provider->pd_prov_type, 926 provider->pd_name, provider->pd_instance, name)); 927 } 928 929 /* 930 * Lock the logical provider just in case one of its hardware 931 * provider members unregisters. 932 */ 933 mutex_enter(&provider->pd_lock); 934 for (e = provider->pd_provider_list; e != NULL; e = e->pl_next) { 935 936 pd = e->pl_provider; 937 ASSERT(pd->pd_prov_type == CRYPTO_HW_PROVIDER); 938 939 /* find out if mechanism is offered by hw provider */ 940 count = pd->pd_mech_list_count; 941 for (i = 0; i < count; i++) { 942 if (strncmp(&pd->pd_mechanisms[i].cm_mech_name[0], 943 name, MAXNAMELEN) == 0) { 944 break; 945 } 946 } 947 if (i == count) 948 continue; 949 950 found = !is_mech_disabled_byname(pd->pd_prov_type, 951 pd->pd_name, pd->pd_instance, name); 952 953 if (found) 954 break; 955 } 956 mutex_exit(&provider->pd_lock); 957 /* 958 * If we found the mechanism, then it means it is still enabled for 959 * at least one hardware provider, so the mech can't be disabled 960 * for the logical provider. 961 */ 962 return (!found); 963 } 964 965 /* 966 * Builds array of permitted mechanisms. The array is allocated and 967 * must be freed by the caller. 968 */ 969 int 970 crypto_build_permitted_mech_names(kcf_provider_desc_t *provider, 971 crypto_mech_name_t **array, uint_t *count, int kmflag) 972 { 973 crypto_mech_name_t *mech_names, *p; 974 uint_t i; 975 uint_t scnt = provider->pd_mech_list_count; 976 uint_t dcnt = 0; 977 978 /* 979 * Compute number of 'permitted mechanisms', which is 980 * 'supported mechanisms' - 'disabled mechanisms'. 981 */ 982 for (i = 0; i < scnt; i++) { 983 if (is_mech_disabled(provider, 984 &provider->pd_mechanisms[i].cm_mech_name[0])) { 985 dcnt++; 986 } 987 } 988 989 /* all supported mechanisms have been disabled */ 990 if (scnt == dcnt) { 991 *count = 0; 992 *array = NULL; 993 return (CRYPTO_SUCCESS); 994 } 995 996 mech_names = kmem_alloc((scnt - dcnt) * sizeof (crypto_mech_name_t), 997 kmflag); 998 if (mech_names == NULL) 999 return (CRYPTO_HOST_MEMORY); 1000 1001 /* build array of permitted mechanisms */ 1002 for (i = 0, p = mech_names; i < scnt; i++) { 1003 if (!is_mech_disabled(provider, 1004 &provider->pd_mechanisms[i].cm_mech_name[0])) { 1005 bcopy(&provider->pd_mechanisms[i].cm_mech_name[0], 1006 p++, sizeof (crypto_mech_name_t)); 1007 } 1008 } 1009 1010 *count = scnt - dcnt; 1011 *array = mech_names; 1012 return (CRYPTO_SUCCESS); 1013 } 1014 1015 /* 1016 * Free memory for elements in a kcf_soft_config_entry_t. This entry must 1017 * have been previously removed from the soft_config_list linked list. 1018 */ 1019 static void 1020 free_soft_config_entry(kcf_soft_conf_entry_t *p) 1021 { 1022 kmem_free(p->ce_name, strlen(p->ce_name) + 1); 1023 crypto_free_mech_list(p->ce_mechs, p->ce_count); 1024 kmem_free(p, sizeof (kcf_soft_conf_entry_t)); 1025 } 1026 1027 /* 1028 * Store configuration information for software providers in a linked list. 1029 * If the list already contains an entry for the specified provider 1030 * and the specified mechanism list has at least one mechanism, then 1031 * the mechanism list for the provider is updated. If the mechanism list 1032 * is empty, the entry for the provider is removed. 1033 * 1034 * Called from kcf_soft_config_init() (to initially populate the list 1035 * with default kernel providers) and from crypto_load_soft_config() for 1036 * the CRYPTO_LOAD_SOFT_CONFIG ioctl (for third-party kernel modules). 1037 * 1038 * Important note: the array argument must be allocated memory 1039 * since it is consumed in soft_config_list. 1040 * 1041 * Parameters: 1042 * name Provider name to add or remove. 1043 * count Number of mechanisms to add. 1044 * If 0, then remove provider from the list (instead of add). 1045 * array An array of "count" mechanism names (use only if count > 0). 1046 */ 1047 static int 1048 add_soft_config(char *name, uint_t count, crypto_mech_name_t *array) 1049 { 1050 static uint_t soft_config_count = 0; 1051 kcf_soft_conf_entry_t *prev = NULL, *entry = NULL, *new_entry, *p; 1052 size_t name_len; 1053 1054 /* 1055 * Allocate storage for a new entry. 1056 * Free later if an entry already exists. 1057 */ 1058 name_len = strlen(name) + 1; 1059 new_entry = kmem_zalloc(sizeof (kcf_soft_conf_entry_t), KM_SLEEP); 1060 new_entry->ce_name = kmem_alloc(name_len, KM_SLEEP); 1061 (void) strcpy(new_entry->ce_name, name); 1062 1063 mutex_enter(&soft_config_mutex); 1064 1065 /* Search to see if provider already in soft_config_list */ 1066 for (p = soft_config_list; p != NULL; p = p->ce_next) { 1067 if (strncmp(name, p->ce_name, MAXNAMELEN) == 0) { /* found */ 1068 entry = p; 1069 break; 1070 } 1071 prev = p; 1072 } 1073 1074 if (entry == NULL) { /* new provider (not in soft_config_list) */ 1075 if (count == 0) { /* free memory--no entry exists to remove */ 1076 mutex_exit(&soft_config_mutex); 1077 kmem_free(new_entry->ce_name, name_len); 1078 kmem_free(new_entry, sizeof (kcf_soft_conf_entry_t)); 1079 return (CRYPTO_SUCCESS); 1080 } 1081 1082 if (soft_config_count > KCF_MAX_CONFIG_ENTRIES) { /* full */ 1083 mutex_exit(&soft_config_mutex); 1084 kmem_free(new_entry->ce_name, name_len); 1085 kmem_free(new_entry, sizeof (kcf_soft_conf_entry_t)); 1086 cmn_err(CE_WARN, "out of soft_config_list entries"); 1087 return (CRYPTO_FAILED); 1088 } 1089 1090 /* add new provider to head of list */ 1091 new_entry->ce_next = soft_config_list; 1092 soft_config_list = new_entry; 1093 soft_config_count++; 1094 entry = new_entry; 1095 1096 } else { /* mechanism already in soft_config_list */ 1097 kmem_free(new_entry->ce_name, name_len); 1098 kmem_free(new_entry, sizeof (kcf_soft_conf_entry_t)); 1099 } 1100 1101 if (count == 0) { /* remove provider entry from soft_config_list */ 1102 if (prev == NULL) { 1103 /* entry to remove is at the head of the list */ 1104 soft_config_list = entry->ce_next; 1105 } else { 1106 prev->ce_next = entry->ce_next; 1107 } 1108 soft_config_count--; 1109 mutex_exit(&soft_config_mutex); 1110 1111 /* free entry */ 1112 free_soft_config_entry(entry); 1113 1114 } else { /* add provider entry to soft_config_list */ 1115 /* 1116 * Don't replace a mechanism list if it's already present. 1117 * This is because the default entries for Software providers 1118 * are more up-to-date than possibly stale entries in kcf.conf. 1119 * If an entry is to be deleted, the proper way to do it is 1120 * to add it to the disablelist (with cryptoadm(1M)), 1121 * instead of removing it from the supportedlist. 1122 */ 1123 if (entry->ce_mechs == NULL) { /* add new mechanisms */ 1124 entry->ce_mechs = array; 1125 entry->ce_count = count; 1126 mutex_exit(&soft_config_mutex); 1127 } else { /* ignore replacement mechanism list */ 1128 mutex_exit(&soft_config_mutex); 1129 crypto_free_mech_list(array, count); 1130 } 1131 } 1132 1133 return (CRYPTO_SUCCESS); 1134 } 1135 1136 /* 1137 * This function removes a module entry from the soft_config_list. 1138 * 1139 * This comes in handy if FIPS 140 is enabled, but fails to validate. At 1140 * which point when the kernel reports its' supported modules, it shows only 1141 * those that are not within the boundary 1142 */ 1143 void 1144 remove_soft_config(char *name) 1145 { 1146 kcf_soft_conf_entry_t *p, *entry = NULL, *prev = NULL; 1147 1148 mutex_enter(&soft_config_mutex); 1149 /* Search for provider in soft_config_list */ 1150 for (p = soft_config_list; p != NULL; p = p->ce_next) { 1151 if (strncmp(name, p->ce_name, MAXNAMELEN) == 0) { 1152 entry = p; 1153 break; 1154 } 1155 prev = p; 1156 } 1157 1158 if (prev == NULL) { 1159 /* entry to remove is at the head of the list */ 1160 soft_config_list = entry->ce_next; 1161 } else { 1162 prev->ce_next = entry->ce_next; 1163 } 1164 1165 mutex_exit(&soft_config_mutex); 1166 1167 /* free entry */ 1168 free_soft_config_entry(entry); 1169 } 1170 1171 /* 1172 * This routine searches the soft_config_list for the first entry that 1173 * has the specified mechanism in its mechanism list. If found, 1174 * a buffer containing the name of the software module that implements 1175 * the mechanism is allocated and stored in 'name'. 1176 */ 1177 int 1178 get_sw_provider_for_mech(crypto_mech_name_t mech, char **name) 1179 { 1180 kcf_soft_conf_entry_t *p, *next; 1181 char tmp_name[MAXNAMELEN]; 1182 size_t name_len = 0; 1183 int i; 1184 1185 mutex_enter(&soft_config_mutex); 1186 p = soft_config_list; 1187 while (p != NULL) { 1188 next = p->ce_next; 1189 for (i = 0; i < p->ce_count; i++) { 1190 if (strncmp(mech, &p->ce_mechs[i][0], 1191 CRYPTO_MAX_MECH_NAME) == 0) { 1192 name_len = strlen(p->ce_name) + 1; 1193 bcopy(p->ce_name, tmp_name, name_len); 1194 break; 1195 } 1196 } 1197 p = next; 1198 } 1199 mutex_exit(&soft_config_mutex); 1200 1201 if (name_len == 0) 1202 return (CRYPTO_FAILED); 1203 1204 *name = kmem_alloc(name_len, KM_SLEEP); 1205 bcopy(tmp_name, *name, name_len); 1206 return (CRYPTO_SUCCESS); 1207 } 1208