1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright (c) 2017, Datto, Inc. All rights reserved. 24 */ 25 26 #ifdef _KERNEL 27 #include <linux/module.h> 28 #include <linux/kernel.h> 29 #include <linux/init.h> 30 #else 31 #define __exit 32 #define __init 33 #endif 34 35 #include <sys/crypto/common.h> 36 #include <sys/crypto/api.h> 37 #include <sys/crypto/impl.h> 38 #include <sys/crypto/sched_impl.h> 39 #include <sys/modhash_impl.h> 40 #include <sys/crypto/icp.h> 41 42 /* 43 * Changes made to the original Illumos Crypto Layer for the ICP: 44 * 45 * Several changes were needed to allow the Illumos Crypto Layer 46 * to work in the Linux kernel. Almost all of the changes fall into 47 * one of the following categories: 48 * 49 * 1) Moving the syntax to the C90: This was mostly a matter of 50 * changing func() definitions to func(void). In a few cases, 51 * initializations of structs with unions needed to have brackets 52 * added. 53 * 54 * 2) Changes to allow userspace compilation: The ICP is meant to be 55 * compiled and used in both userspace and kernel space (for ztest and 56 * libzfs), so the _KERNEL macros did not make sense anymore. For the 57 * same reason, many header includes were also changed to use 58 * sys/zfs_context.h 59 * 60 * 3) Moving to a statically compiled architecture: At some point in 61 * the future it may make sense to have encryption algorithms that are 62 * loadable into the ICP at runtime via separate kernel modules. 63 * However, considering that this code will probably not see much use 64 * outside of zfs and zfs encryption only requires a select few 65 * algorithms it seemed like more trouble than it was worth to port over 66 * Illumos's kernel module structure to a Linux kernel module. In 67 * addition, The Illumos code related to keeping track of kernel modules 68 * is very much tied to the Illumos OS and proved difficult to port. 69 * Therefore, the structure of the ICP was simplified to work 70 * statically and all the Illumos kernel module loading subsystem was removed. 71 * All module initialization and destruction is now called in this file 72 * during kernel module loading and unloading. 73 * 74 * 4) Adding destructors: The Illumos Crypto Layer is built into 75 * the Illumos kernel and is not meant to be unloaded. Some destructors 76 * were added to allow the ICP to be unloaded without leaking 77 * structures. 78 * 79 * 5) Removing CRYPTO_DATA_MBLK related structures and code: 80 * crypto_data_t can have 3 formats, CRYPTO_DATA_RAW, CRYPTO_DATA_UIO, 81 * and CRYPTO_DATA_MBLK. ZFS only requires the first 2 formats, as the 82 * last one is related to streamed data. To simplify the port, code 83 * related to this format was removed. 84 * 85 * 6) Changes for architecture specific code: Some changes were needed 86 * to make architecture specific assembly compile. The biggest change 87 * here was to functions related to detecting CPU capabilities for amd64. 88 * The Illumos Crypto Layer used called into the Illumos kernel's API 89 * to discover these. They have been converted to instead use the 90 * 'cpuid' instruction as per the Intel spec. In addition, references to 91 * the sun4u' and sparc architectures have been removed so that these 92 * will use the generic implementation. 93 * 94 * 7) Removing sha384 and sha512 code: The sha code was actually very 95 * easy to port. However, the generic sha384 and sha512 code actually 96 * exceeds the stack size on arm and powerpc architectures. In an effort 97 * to remove warnings, this code was removed. 98 * 99 * 8) Change large allocations from kmem_alloc() to vmem_alloc(): In 100 * testing the ICP with the ZFS encryption code, a few allocations were 101 * found that could potentially be very large. These caused the SPL to 102 * throw warnings and so they were changed to use vmem_alloc(). 103 * 104 * 9) Makefiles: Makefiles were added that would work with the existing 105 * ZFS Makefiles. 106 */ 107 108 void __exit 109 icp_fini(void) 110 { 111 skein_mod_fini(); 112 sha2_mod_fini(); 113 aes_mod_fini(); 114 kcf_sched_destroy(); 115 kcf_prov_tab_destroy(); 116 kcf_destroy_mech_tabs(); 117 mod_hash_fini(); 118 } 119 120 /* roughly equivalent to kcf.c: _init() */ 121 int __init 122 icp_init(void) 123 { 124 /* initialize the mod hash module */ 125 mod_hash_init(); 126 127 /* initialize the mechanisms tables supported out-of-the-box */ 128 kcf_init_mech_tabs(); 129 130 /* initialize the providers tables */ 131 kcf_prov_tab_init(); 132 133 /* 134 * Initialize scheduling structures. Note that this does NOT 135 * start any threads since it might not be safe to do so. 136 */ 137 kcf_sched_init(); 138 139 /* initialize algorithms */ 140 aes_mod_init(); 141 sha2_mod_init(); 142 skein_mod_init(); 143 144 return (0); 145 } 146 147 #if defined(_KERNEL) 148 module_exit(icp_fini); 149 module_init(icp_init); 150 MODULE_AUTHOR(ZFS_META_AUTHOR); 151 MODULE_LICENSE(ZFS_META_LICENSE); 152 MODULE_VERSION(ZFS_META_VERSION "-" ZFS_META_RELEASE); 153 #endif 154