1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or https://opensource.org/licenses/CDDL-1.0. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright (c) 2017, Datto, Inc. All rights reserved. 24 */ 25 26 #ifdef _KERNEL 27 #include <linux/module.h> 28 #include <linux/kernel.h> 29 #include <linux/init.h> 30 #else 31 #define __exit 32 #define __init 33 #endif 34 35 #include <sys/crypto/common.h> 36 #include <sys/crypto/api.h> 37 #include <sys/crypto/impl.h> 38 #include <sys/crypto/sched_impl.h> 39 #include <sys/crypto/icp.h> 40 41 /* 42 * Changes made to the original Illumos Crypto Layer for the ICP: 43 * 44 * Several changes were needed to allow the Illumos Crypto Layer 45 * to work in the Linux kernel. Almost all of the changes fall into 46 * one of the following categories: 47 * 48 * 1) Moving the syntax to the C90: This was mostly a matter of 49 * changing func() definitions to func(void). In a few cases, 50 * initializations of structs with unions needed to have brackets 51 * added. 52 * 53 * 2) Changes to allow userspace compilation: The ICP is meant to be 54 * compiled and used in both userspace and kernel space (for ztest and 55 * libzfs), so the _KERNEL macros did not make sense anymore. For the 56 * same reason, many header includes were also changed to use 57 * sys/zfs_context.h 58 * 59 * 3) Moving to a statically compiled architecture: At some point in 60 * the future it may make sense to have encryption algorithms that are 61 * loadable into the ICP at runtime via separate kernel modules. 62 * However, considering that this code will probably not see much use 63 * outside of zfs and zfs encryption only requires a select few 64 * algorithms it seemed like more trouble than it was worth to port over 65 * Illumos's kernel module structure to a Linux kernel module. In 66 * addition, The Illumos code related to keeping track of kernel modules 67 * is very much tied to the Illumos OS and proved difficult to port. 68 * Therefore, the structure of the ICP was simplified to work 69 * statically and all the Illumos kernel module loading subsystem was removed. 70 * All module initialization and destruction is now called in this file 71 * during kernel module loading and unloading. 72 * 73 * 4) Adding destructors: The Illumos Crypto Layer is built into 74 * the Illumos kernel and is not meant to be unloaded. Some destructors 75 * were added to allow the ICP to be unloaded without leaking 76 * structures. 77 * 78 * 5) Removing CRYPTO_DATA_MBLK related structures and code: 79 * crypto_data_t can have 3 formats, CRYPTO_DATA_RAW, CRYPTO_DATA_UIO, 80 * and CRYPTO_DATA_MBLK. ZFS only requires the first 2 formats, as the 81 * last one is related to streamed data. To simplify the port, code 82 * related to this format was removed. 83 * 84 * 6) Changes for architecture specific code: Some changes were needed 85 * to make architecture specific assembly compile. The biggest change 86 * here was to functions related to detecting CPU capabilities for amd64. 87 * The Illumos Crypto Layer used called into the Illumos kernel's API 88 * to discover these. They have been converted to instead use the 89 * 'cpuid' instruction as per the Intel spec. In addition, references to 90 * the sun4u' and sparc architectures have been removed so that these 91 * will use the generic implementation. 92 * 93 * 7) Removing sha384 and sha512 code: The sha code was actually very 94 * easy to port. However, the generic sha384 and sha512 code actually 95 * exceeds the stack size on arm and powerpc architectures. In an effort 96 * to remove warnings, this code was removed. 97 * 98 * 8) Change large allocations from kmem_alloc() to vmem_alloc(): In 99 * testing the ICP with the ZFS encryption code, a few allocations were 100 * found that could potentially be very large. These caused the SPL to 101 * throw warnings and so they were changed to use vmem_alloc(). 102 * 103 * 9) Makefiles: Makefiles were added that would work with the existing 104 * ZFS Makefiles. 105 */ 106 107 void 108 icp_fini(void) 109 { 110 sha2_mod_fini(); 111 aes_mod_fini(); 112 kcf_sched_destroy(); 113 kcf_prov_tab_destroy(); 114 kcf_destroy_mech_tabs(); 115 } 116 117 /* roughly equivalent to kcf.c: _init() */ 118 int __init 119 icp_init(void) 120 { 121 /* initialize the mechanisms tables supported out-of-the-box */ 122 kcf_init_mech_tabs(); 123 124 /* initialize the providers tables */ 125 kcf_prov_tab_init(); 126 127 /* 128 * Initialize scheduling structures. Note that this does NOT 129 * start any threads since it might not be safe to do so. 130 */ 131 kcf_sched_init(); 132 133 /* initialize algorithms */ 134 aes_mod_init(); 135 sha2_mod_init(); 136 137 return (0); 138 } 139