1 // SPDX-License-Identifier: CDDL-1.0 2 /* 3 * CDDL HEADER START 4 * 5 * The contents of this file are subject to the terms of the 6 * Common Development and Distribution License, Version 1.0 only 7 * (the "License"). You may not use this file except in compliance 8 * with the License. 9 * 10 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 11 * or https://opensource.org/licenses/CDDL-1.0. 12 * See the License for the specific language governing permissions 13 * and limitations under the License. 14 * 15 * When distributing Covered Code, include this CDDL HEADER in each 16 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 17 * If applicable, add the following below this CDDL HEADER, with the 18 * fields enclosed by brackets "[]" replaced with your own identifying 19 * information: Portions Copyright [yyyy] [name of copyright owner] 20 * 21 * CDDL HEADER END 22 */ 23 /* 24 * Copyright (c) 2017, Datto, Inc. All rights reserved. 25 */ 26 27 #ifdef _KERNEL 28 #include <linux/module.h> 29 #include <linux/kernel.h> 30 #include <linux/init.h> 31 #else 32 #define __exit 33 #define __init 34 #endif 35 36 #include <sys/crypto/common.h> 37 #include <sys/crypto/api.h> 38 #include <sys/crypto/impl.h> 39 #include <sys/crypto/sched_impl.h> 40 #include <sys/crypto/icp.h> 41 42 /* 43 * Changes made to the original Illumos Crypto Layer for the ICP: 44 * 45 * Several changes were needed to allow the Illumos Crypto Layer 46 * to work in the Linux kernel. Almost all of the changes fall into 47 * one of the following categories: 48 * 49 * 1) Moving the syntax to the C90: This was mostly a matter of 50 * changing func() definitions to func(void). In a few cases, 51 * initializations of structs with unions needed to have brackets 52 * added. 53 * 54 * 2) Changes to allow userspace compilation: The ICP is meant to be 55 * compiled and used in both userspace and kernel space (for ztest and 56 * libzfs), so the _KERNEL macros did not make sense anymore. For the 57 * same reason, many header includes were also changed to use 58 * sys/zfs_context.h 59 * 60 * 3) Moving to a statically compiled architecture: At some point in 61 * the future it may make sense to have encryption algorithms that are 62 * loadable into the ICP at runtime via separate kernel modules. 63 * However, considering that this code will probably not see much use 64 * outside of zfs and zfs encryption only requires a select few 65 * algorithms it seemed like more trouble than it was worth to port over 66 * Illumos's kernel module structure to a Linux kernel module. In 67 * addition, The Illumos code related to keeping track of kernel modules 68 * is very much tied to the Illumos OS and proved difficult to port. 69 * Therefore, the structure of the ICP was simplified to work 70 * statically and all the Illumos kernel module loading subsystem was removed. 71 * All module initialization and destruction is now called in this file 72 * during kernel module loading and unloading. 73 * 74 * 4) Adding destructors: The Illumos Crypto Layer is built into 75 * the Illumos kernel and is not meant to be unloaded. Some destructors 76 * were added to allow the ICP to be unloaded without leaking 77 * structures. 78 * 79 * 5) Removing CRYPTO_DATA_MBLK related structures and code: 80 * crypto_data_t can have 3 formats, CRYPTO_DATA_RAW, CRYPTO_DATA_UIO, 81 * and CRYPTO_DATA_MBLK. ZFS only requires the first 2 formats, as the 82 * last one is related to streamed data. To simplify the port, code 83 * related to this format was removed. 84 * 85 * 6) Changes for architecture specific code: Some changes were needed 86 * to make architecture specific assembly compile. The biggest change 87 * here was to functions related to detecting CPU capabilities for amd64. 88 * The Illumos Crypto Layer used called into the Illumos kernel's API 89 * to discover these. They have been converted to instead use the 90 * 'cpuid' instruction as per the Intel spec. In addition, references to 91 * the sun4u' and sparc architectures have been removed so that these 92 * will use the generic implementation. 93 * 94 * 7) Removing sha384 and sha512 code: The sha code was actually very 95 * easy to port. However, the generic sha384 and sha512 code actually 96 * exceeds the stack size on arm and powerpc architectures. In an effort 97 * to remove warnings, this code was removed. 98 * 99 * 8) Change large allocations from kmem_alloc() to vmem_alloc(): In 100 * testing the ICP with the ZFS encryption code, a few allocations were 101 * found that could potentially be very large. These caused the SPL to 102 * throw warnings and so they were changed to use vmem_alloc(). 103 * 104 * 9) Makefiles: Makefiles were added that would work with the existing 105 * ZFS Makefiles. 106 */ 107 108 void 109 icp_fini(void) 110 { 111 sha2_mod_fini(); 112 aes_mod_fini(); 113 kcf_sched_destroy(); 114 kcf_prov_tab_destroy(); 115 kcf_destroy_mech_tabs(); 116 } 117 118 /* roughly equivalent to kcf.c: _init() */ 119 int __init 120 icp_init(void) 121 { 122 /* initialize the mechanisms tables supported out-of-the-box */ 123 kcf_init_mech_tabs(); 124 125 /* initialize the providers tables */ 126 kcf_prov_tab_init(); 127 128 /* 129 * Initialize scheduling structures. Note that this does NOT 130 * start any threads since it might not be safe to do so. 131 */ 132 kcf_sched_init(); 133 134 /* initialize algorithms */ 135 aes_mod_init(); 136 sha2_mod_init(); 137 138 return (0); 139 } 140