1 /*- 2 * Copyright (c) 2005-2011 Pawel Jakub Dawidek <pawel@dawidek.net> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27 #include <sys/cdefs.h> 28 __FBSDID("$FreeBSD$"); 29 30 #include <sys/param.h> 31 #include <sys/systm.h> 32 #include <sys/kernel.h> 33 #include <sys/module.h> 34 #include <sys/lock.h> 35 #include <sys/mutex.h> 36 #include <sys/bio.h> 37 #include <sys/sysctl.h> 38 #include <sys/malloc.h> 39 #include <sys/kthread.h> 40 #include <sys/proc.h> 41 #include <sys/sched.h> 42 #include <sys/uio.h> 43 44 #include <vm/uma.h> 45 46 #include <geom/geom.h> 47 #include <geom/eli/g_eli.h> 48 49 50 MALLOC_DECLARE(M_ELI); 51 52 53 static void 54 g_eli_ctl_attach(struct gctl_req *req, struct g_class *mp) 55 { 56 struct g_eli_metadata md; 57 struct g_provider *pp; 58 const char *name; 59 u_char *key, mkey[G_ELI_DATAIVKEYLEN]; 60 int *nargs, *detach, *readonly; 61 int keysize, error; 62 u_int nkey; 63 64 g_topology_assert(); 65 66 nargs = gctl_get_paraml(req, "nargs", sizeof(*nargs)); 67 if (nargs == NULL) { 68 gctl_error(req, "No '%s' argument.", "nargs"); 69 return; 70 } 71 if (*nargs != 1) { 72 gctl_error(req, "Invalid number of arguments."); 73 return; 74 } 75 76 detach = gctl_get_paraml(req, "detach", sizeof(*detach)); 77 if (detach == NULL) { 78 gctl_error(req, "No '%s' argument.", "detach"); 79 return; 80 } 81 82 readonly = gctl_get_paraml(req, "readonly", sizeof(*readonly)); 83 if (readonly == NULL) { 84 gctl_error(req, "No '%s' argument.", "readonly"); 85 return; 86 } 87 88 name = gctl_get_asciiparam(req, "arg0"); 89 if (name == NULL) { 90 gctl_error(req, "No 'arg%u' argument.", 0); 91 return; 92 } 93 if (strncmp(name, "/dev/", strlen("/dev/")) == 0) 94 name += strlen("/dev/"); 95 pp = g_provider_by_name(name); 96 if (pp == NULL) { 97 gctl_error(req, "Provider %s is invalid.", name); 98 return; 99 } 100 error = g_eli_read_metadata(mp, pp, &md); 101 if (error != 0) { 102 gctl_error(req, "Cannot read metadata from %s (error=%d).", 103 name, error); 104 return; 105 } 106 if (md.md_keys == 0x00) { 107 bzero(&md, sizeof(md)); 108 gctl_error(req, "No valid keys on %s.", pp->name); 109 return; 110 } 111 112 key = gctl_get_param(req, "key", &keysize); 113 if (key == NULL || keysize != G_ELI_USERKEYLEN) { 114 bzero(&md, sizeof(md)); 115 gctl_error(req, "No '%s' argument.", "key"); 116 return; 117 } 118 119 error = g_eli_mkey_decrypt(&md, key, mkey, &nkey); 120 bzero(key, keysize); 121 if (error == -1) { 122 bzero(&md, sizeof(md)); 123 gctl_error(req, "Wrong key for %s.", pp->name); 124 return; 125 } else if (error > 0) { 126 bzero(&md, sizeof(md)); 127 gctl_error(req, "Cannot decrypt Master Key for %s (error=%d).", 128 pp->name, error); 129 return; 130 } 131 G_ELI_DEBUG(1, "Using Master Key %u for %s.", nkey, pp->name); 132 133 if (*detach && *readonly) { 134 bzero(&md, sizeof(md)); 135 gctl_error(req, "Options -d and -r are mutually exclusive."); 136 return; 137 } 138 if (*detach) 139 md.md_flags |= G_ELI_FLAG_WO_DETACH; 140 if (*readonly) 141 md.md_flags |= G_ELI_FLAG_RO; 142 g_eli_create(req, mp, pp, &md, mkey, nkey); 143 bzero(mkey, sizeof(mkey)); 144 bzero(&md, sizeof(md)); 145 } 146 147 static struct g_eli_softc * 148 g_eli_find_device(struct g_class *mp, const char *prov) 149 { 150 struct g_eli_softc *sc; 151 struct g_geom *gp; 152 struct g_provider *pp; 153 struct g_consumer *cp; 154 155 if (strncmp(prov, "/dev/", strlen("/dev/")) == 0) 156 prov += strlen("/dev/"); 157 LIST_FOREACH(gp, &mp->geom, geom) { 158 sc = gp->softc; 159 if (sc == NULL) 160 continue; 161 pp = LIST_FIRST(&gp->provider); 162 if (pp != NULL && strcmp(pp->name, prov) == 0) 163 return (sc); 164 cp = LIST_FIRST(&gp->consumer); 165 if (cp != NULL && cp->provider != NULL && 166 strcmp(cp->provider->name, prov) == 0) { 167 return (sc); 168 } 169 } 170 return (NULL); 171 } 172 173 static void 174 g_eli_ctl_detach(struct gctl_req *req, struct g_class *mp) 175 { 176 struct g_eli_softc *sc; 177 int *force, *last, *nargs, error; 178 const char *prov; 179 char param[16]; 180 int i; 181 182 g_topology_assert(); 183 184 nargs = gctl_get_paraml(req, "nargs", sizeof(*nargs)); 185 if (nargs == NULL) { 186 gctl_error(req, "No '%s' argument.", "nargs"); 187 return; 188 } 189 if (*nargs <= 0) { 190 gctl_error(req, "Missing device(s)."); 191 return; 192 } 193 force = gctl_get_paraml(req, "force", sizeof(*force)); 194 if (force == NULL) { 195 gctl_error(req, "No '%s' argument.", "force"); 196 return; 197 } 198 last = gctl_get_paraml(req, "last", sizeof(*last)); 199 if (last == NULL) { 200 gctl_error(req, "No '%s' argument.", "last"); 201 return; 202 } 203 204 for (i = 0; i < *nargs; i++) { 205 snprintf(param, sizeof(param), "arg%d", i); 206 prov = gctl_get_asciiparam(req, param); 207 if (prov == NULL) { 208 gctl_error(req, "No 'arg%d' argument.", i); 209 return; 210 } 211 sc = g_eli_find_device(mp, prov); 212 if (sc == NULL) { 213 gctl_error(req, "No such device: %s.", prov); 214 return; 215 } 216 if (*last) { 217 sc->sc_flags |= G_ELI_FLAG_RW_DETACH; 218 sc->sc_geom->access = g_eli_access; 219 } else { 220 error = g_eli_destroy(sc, *force ? TRUE : FALSE); 221 if (error != 0) { 222 gctl_error(req, 223 "Cannot destroy device %s (error=%d).", 224 sc->sc_name, error); 225 return; 226 } 227 } 228 } 229 } 230 231 static void 232 g_eli_ctl_onetime(struct gctl_req *req, struct g_class *mp) 233 { 234 struct g_eli_metadata md; 235 struct g_provider *pp; 236 const char *name; 237 intmax_t *keylen, *sectorsize; 238 u_char mkey[G_ELI_DATAIVKEYLEN]; 239 int *nargs, *detach; 240 241 g_topology_assert(); 242 bzero(&md, sizeof(md)); 243 244 nargs = gctl_get_paraml(req, "nargs", sizeof(*nargs)); 245 if (nargs == NULL) { 246 gctl_error(req, "No '%s' argument.", "nargs"); 247 return; 248 } 249 if (*nargs != 1) { 250 gctl_error(req, "Invalid number of arguments."); 251 return; 252 } 253 254 detach = gctl_get_paraml(req, "detach", sizeof(*detach)); 255 if (detach == NULL) { 256 gctl_error(req, "No '%s' argument.", "detach"); 257 return; 258 } 259 260 strlcpy(md.md_magic, G_ELI_MAGIC, sizeof(md.md_magic)); 261 md.md_version = G_ELI_VERSION; 262 md.md_flags |= G_ELI_FLAG_ONETIME; 263 if (*detach) 264 md.md_flags |= G_ELI_FLAG_WO_DETACH; 265 266 md.md_ealgo = CRYPTO_ALGORITHM_MIN - 1; 267 name = gctl_get_asciiparam(req, "aalgo"); 268 if (name == NULL) { 269 gctl_error(req, "No '%s' argument.", "aalgo"); 270 return; 271 } 272 if (*name != '\0') { 273 md.md_aalgo = g_eli_str2aalgo(name); 274 if (md.md_aalgo >= CRYPTO_ALGORITHM_MIN && 275 md.md_aalgo <= CRYPTO_ALGORITHM_MAX) { 276 md.md_flags |= G_ELI_FLAG_AUTH; 277 } else { 278 /* 279 * For backward compatibility, check if the -a option 280 * was used to provide encryption algorithm. 281 */ 282 md.md_ealgo = g_eli_str2ealgo(name); 283 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN || 284 md.md_ealgo > CRYPTO_ALGORITHM_MAX) { 285 gctl_error(req, 286 "Invalid authentication algorithm."); 287 return; 288 } else { 289 gctl_error(req, "warning: The -e option, not " 290 "the -a option is now used to specify " 291 "encryption algorithm to use."); 292 } 293 } 294 } 295 296 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN || 297 md.md_ealgo > CRYPTO_ALGORITHM_MAX) { 298 name = gctl_get_asciiparam(req, "ealgo"); 299 if (name == NULL) { 300 gctl_error(req, "No '%s' argument.", "ealgo"); 301 return; 302 } 303 md.md_ealgo = g_eli_str2ealgo(name); 304 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN || 305 md.md_ealgo > CRYPTO_ALGORITHM_MAX) { 306 gctl_error(req, "Invalid encryption algorithm."); 307 return; 308 } 309 } 310 311 keylen = gctl_get_paraml(req, "keylen", sizeof(*keylen)); 312 if (keylen == NULL) { 313 gctl_error(req, "No '%s' argument.", "keylen"); 314 return; 315 } 316 md.md_keylen = g_eli_keylen(md.md_ealgo, *keylen); 317 if (md.md_keylen == 0) { 318 gctl_error(req, "Invalid '%s' argument.", "keylen"); 319 return; 320 } 321 322 /* Not important here. */ 323 md.md_provsize = 0; 324 /* Not important here. */ 325 bzero(md.md_salt, sizeof(md.md_salt)); 326 327 md.md_keys = 0x01; 328 arc4rand(mkey, sizeof(mkey), 0); 329 330 /* Not important here. */ 331 bzero(md.md_hash, sizeof(md.md_hash)); 332 333 name = gctl_get_asciiparam(req, "arg0"); 334 if (name == NULL) { 335 gctl_error(req, "No 'arg%u' argument.", 0); 336 return; 337 } 338 if (strncmp(name, "/dev/", strlen("/dev/")) == 0) 339 name += strlen("/dev/"); 340 pp = g_provider_by_name(name); 341 if (pp == NULL) { 342 gctl_error(req, "Provider %s is invalid.", name); 343 return; 344 } 345 346 sectorsize = gctl_get_paraml(req, "sectorsize", sizeof(*sectorsize)); 347 if (sectorsize == NULL) { 348 gctl_error(req, "No '%s' argument.", "sectorsize"); 349 return; 350 } 351 if (*sectorsize == 0) 352 md.md_sectorsize = pp->sectorsize; 353 else { 354 if (*sectorsize < 0 || (*sectorsize % pp->sectorsize) != 0) { 355 gctl_error(req, "Invalid sector size."); 356 return; 357 } 358 if (*sectorsize > PAGE_SIZE) { 359 gctl_error(req, "warning: Using sectorsize bigger than " 360 "the page size!"); 361 } 362 md.md_sectorsize = *sectorsize; 363 } 364 365 g_eli_create(req, mp, pp, &md, mkey, -1); 366 bzero(mkey, sizeof(mkey)); 367 bzero(&md, sizeof(md)); 368 } 369 370 static void 371 g_eli_ctl_configure(struct gctl_req *req, struct g_class *mp) 372 { 373 struct g_eli_softc *sc; 374 struct g_eli_metadata md; 375 struct g_provider *pp; 376 struct g_consumer *cp; 377 char param[16]; 378 const char *prov; 379 u_char *sector; 380 int *nargs, *boot, *noboot; 381 int error; 382 u_int i; 383 384 g_topology_assert(); 385 386 nargs = gctl_get_paraml(req, "nargs", sizeof(*nargs)); 387 if (nargs == NULL) { 388 gctl_error(req, "No '%s' argument.", "nargs"); 389 return; 390 } 391 if (*nargs <= 0) { 392 gctl_error(req, "Missing device(s)."); 393 return; 394 } 395 396 boot = gctl_get_paraml(req, "boot", sizeof(*boot)); 397 if (boot == NULL) { 398 gctl_error(req, "No '%s' argument.", "boot"); 399 return; 400 } 401 noboot = gctl_get_paraml(req, "noboot", sizeof(*noboot)); 402 if (noboot == NULL) { 403 gctl_error(req, "No '%s' argument.", "noboot"); 404 return; 405 } 406 if (*boot && *noboot) { 407 gctl_error(req, "Options -b and -B are mutually exclusive."); 408 return; 409 } 410 if (!*boot && !*noboot) { 411 gctl_error(req, "No option given."); 412 return; 413 } 414 415 for (i = 0; i < *nargs; i++) { 416 snprintf(param, sizeof(param), "arg%d", i); 417 prov = gctl_get_asciiparam(req, param); 418 if (prov == NULL) { 419 gctl_error(req, "No 'arg%d' argument.", i); 420 return; 421 } 422 sc = g_eli_find_device(mp, prov); 423 if (sc == NULL) { 424 /* 425 * We ignore not attached providers, userland part will 426 * take care of them. 427 */ 428 G_ELI_DEBUG(1, "Skipping configuration of not attached " 429 "provider %s.", prov); 430 continue; 431 } 432 if (*boot && (sc->sc_flags & G_ELI_FLAG_BOOT)) { 433 G_ELI_DEBUG(1, "BOOT flag already configured for %s.", 434 prov); 435 continue; 436 } else if (!*boot && !(sc->sc_flags & G_ELI_FLAG_BOOT)) { 437 G_ELI_DEBUG(1, "BOOT flag not configured for %s.", 438 prov); 439 continue; 440 } 441 if (sc->sc_flags & G_ELI_FLAG_RO) { 442 gctl_error(req, "Cannot change configuration of " 443 "read-only provider %s.", prov); 444 continue; 445 } 446 cp = LIST_FIRST(&sc->sc_geom->consumer); 447 pp = cp->provider; 448 error = g_eli_read_metadata(mp, pp, &md); 449 if (error != 0) { 450 gctl_error(req, 451 "Cannot read metadata from %s (error=%d).", 452 prov, error); 453 continue; 454 } 455 456 if (*boot) { 457 md.md_flags |= G_ELI_FLAG_BOOT; 458 sc->sc_flags |= G_ELI_FLAG_BOOT; 459 } else { 460 md.md_flags &= ~G_ELI_FLAG_BOOT; 461 sc->sc_flags &= ~G_ELI_FLAG_BOOT; 462 } 463 464 sector = malloc(pp->sectorsize, M_ELI, M_WAITOK | M_ZERO); 465 eli_metadata_encode(&md, sector); 466 error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector, 467 pp->sectorsize); 468 if (error != 0) { 469 gctl_error(req, 470 "Cannot store metadata on %s (error=%d).", 471 prov, error); 472 } 473 bzero(&md, sizeof(md)); 474 bzero(sector, sizeof(sector)); 475 free(sector, M_ELI); 476 } 477 } 478 479 static void 480 g_eli_ctl_setkey(struct gctl_req *req, struct g_class *mp) 481 { 482 struct g_eli_softc *sc; 483 struct g_eli_metadata md; 484 struct g_provider *pp; 485 struct g_consumer *cp; 486 const char *name; 487 u_char *key, *mkeydst, *sector; 488 intmax_t *valp; 489 int keysize, nkey, error; 490 491 g_topology_assert(); 492 493 name = gctl_get_asciiparam(req, "arg0"); 494 if (name == NULL) { 495 gctl_error(req, "No 'arg%u' argument.", 0); 496 return; 497 } 498 sc = g_eli_find_device(mp, name); 499 if (sc == NULL) { 500 gctl_error(req, "Provider %s is invalid.", name); 501 return; 502 } 503 if (sc->sc_flags & G_ELI_FLAG_RO) { 504 gctl_error(req, "Cannot change keys for read-only provider."); 505 return; 506 } 507 cp = LIST_FIRST(&sc->sc_geom->consumer); 508 pp = cp->provider; 509 510 error = g_eli_read_metadata(mp, pp, &md); 511 if (error != 0) { 512 gctl_error(req, "Cannot read metadata from %s (error=%d).", 513 name, error); 514 return; 515 } 516 517 valp = gctl_get_paraml(req, "keyno", sizeof(*valp)); 518 if (valp == NULL) { 519 gctl_error(req, "No '%s' argument.", "keyno"); 520 return; 521 } 522 if (*valp != -1) 523 nkey = *valp; 524 else 525 nkey = sc->sc_nkey; 526 if (nkey < 0 || nkey >= G_ELI_MAXMKEYS) { 527 gctl_error(req, "Invalid '%s' argument.", "keyno"); 528 return; 529 } 530 531 valp = gctl_get_paraml(req, "iterations", sizeof(*valp)); 532 if (valp == NULL) { 533 gctl_error(req, "No '%s' argument.", "iterations"); 534 return; 535 } 536 /* Check if iterations number should and can be changed. */ 537 if (*valp != -1) { 538 if (bitcount32(md.md_keys) != 1) { 539 gctl_error(req, "To be able to use '-i' option, only " 540 "one key can be defined."); 541 return; 542 } 543 if (md.md_keys != (1 << nkey)) { 544 gctl_error(req, "Only already defined key can be " 545 "changed when '-i' option is used."); 546 return; 547 } 548 md.md_iterations = *valp; 549 } 550 551 key = gctl_get_param(req, "key", &keysize); 552 if (key == NULL || keysize != G_ELI_USERKEYLEN) { 553 bzero(&md, sizeof(md)); 554 gctl_error(req, "No '%s' argument.", "key"); 555 return; 556 } 557 558 mkeydst = md.md_mkeys + nkey * G_ELI_MKEYLEN; 559 md.md_keys |= (1 << nkey); 560 561 bcopy(sc->sc_mkey, mkeydst, sizeof(sc->sc_mkey)); 562 563 /* Encrypt Master Key with the new key. */ 564 error = g_eli_mkey_encrypt(md.md_ealgo, key, md.md_keylen, mkeydst); 565 bzero(key, sizeof(key)); 566 if (error != 0) { 567 bzero(&md, sizeof(md)); 568 gctl_error(req, "Cannot encrypt Master Key (error=%d).", error); 569 return; 570 } 571 572 sector = malloc(pp->sectorsize, M_ELI, M_WAITOK | M_ZERO); 573 /* Store metadata with fresh key. */ 574 eli_metadata_encode(&md, sector); 575 bzero(&md, sizeof(md)); 576 error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector, 577 pp->sectorsize); 578 bzero(sector, sizeof(sector)); 579 free(sector, M_ELI); 580 if (error != 0) { 581 gctl_error(req, "Cannot store metadata on %s (error=%d).", 582 pp->name, error); 583 return; 584 } 585 G_ELI_DEBUG(1, "Key %u changed on %s.", nkey, pp->name); 586 } 587 588 static void 589 g_eli_ctl_delkey(struct gctl_req *req, struct g_class *mp) 590 { 591 struct g_eli_softc *sc; 592 struct g_eli_metadata md; 593 struct g_provider *pp; 594 struct g_consumer *cp; 595 const char *name; 596 u_char *mkeydst, *sector; 597 intmax_t *valp; 598 size_t keysize; 599 int error, nkey, *all, *force; 600 u_int i; 601 602 g_topology_assert(); 603 604 nkey = 0; /* fixes causeless gcc warning */ 605 606 name = gctl_get_asciiparam(req, "arg0"); 607 if (name == NULL) { 608 gctl_error(req, "No 'arg%u' argument.", 0); 609 return; 610 } 611 sc = g_eli_find_device(mp, name); 612 if (sc == NULL) { 613 gctl_error(req, "Provider %s is invalid.", name); 614 return; 615 } 616 if (sc->sc_flags & G_ELI_FLAG_RO) { 617 gctl_error(req, "Cannot delete keys for read-only provider."); 618 return; 619 } 620 cp = LIST_FIRST(&sc->sc_geom->consumer); 621 pp = cp->provider; 622 623 error = g_eli_read_metadata(mp, pp, &md); 624 if (error != 0) { 625 gctl_error(req, "Cannot read metadata from %s (error=%d).", 626 name, error); 627 return; 628 } 629 630 all = gctl_get_paraml(req, "all", sizeof(*all)); 631 if (all == NULL) { 632 gctl_error(req, "No '%s' argument.", "all"); 633 return; 634 } 635 636 if (*all) { 637 mkeydst = md.md_mkeys; 638 keysize = sizeof(md.md_mkeys); 639 } else { 640 force = gctl_get_paraml(req, "force", sizeof(*force)); 641 if (force == NULL) { 642 gctl_error(req, "No '%s' argument.", "force"); 643 return; 644 } 645 646 valp = gctl_get_paraml(req, "keyno", sizeof(*valp)); 647 if (valp == NULL) { 648 gctl_error(req, "No '%s' argument.", "keyno"); 649 return; 650 } 651 if (*valp != -1) 652 nkey = *valp; 653 else 654 nkey = sc->sc_nkey; 655 if (nkey < 0 || nkey >= G_ELI_MAXMKEYS) { 656 gctl_error(req, "Invalid '%s' argument.", "keyno"); 657 return; 658 } 659 if (!(md.md_keys & (1 << nkey)) && !*force) { 660 gctl_error(req, "Master Key %u is not set.", nkey); 661 return; 662 } 663 md.md_keys &= ~(1 << nkey); 664 if (md.md_keys == 0 && !*force) { 665 gctl_error(req, "This is the last Master Key. Use '-f' " 666 "flag if you really want to remove it."); 667 return; 668 } 669 mkeydst = md.md_mkeys + nkey * G_ELI_MKEYLEN; 670 keysize = G_ELI_MKEYLEN; 671 } 672 673 sector = malloc(pp->sectorsize, M_ELI, M_WAITOK | M_ZERO); 674 for (i = 0; i <= g_eli_overwrites; i++) { 675 if (i == g_eli_overwrites) 676 bzero(mkeydst, keysize); 677 else 678 arc4rand(mkeydst, keysize, 0); 679 /* Store metadata with destroyed key. */ 680 eli_metadata_encode(&md, sector); 681 error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector, 682 pp->sectorsize); 683 if (error != 0) { 684 G_ELI_DEBUG(0, "Cannot store metadata on %s " 685 "(error=%d).", pp->name, error); 686 } 687 /* 688 * Flush write cache so we don't overwrite data N times in cache 689 * and only once on disk. 690 */ 691 (void)g_io_flush(cp); 692 } 693 bzero(&md, sizeof(md)); 694 bzero(sector, sizeof(sector)); 695 free(sector, M_ELI); 696 if (*all) 697 G_ELI_DEBUG(1, "All keys removed from %s.", pp->name); 698 else 699 G_ELI_DEBUG(1, "Key %d removed from %s.", nkey, pp->name); 700 } 701 702 static void 703 g_eli_suspend_one(struct g_eli_softc *sc, struct gctl_req *req) 704 { 705 struct g_eli_worker *wr; 706 707 g_topology_assert(); 708 709 KASSERT(sc != NULL, ("NULL sc")); 710 711 if (sc->sc_flags & G_ELI_FLAG_ONETIME) { 712 gctl_error(req, 713 "Device %s is using one-time key, suspend not supported.", 714 sc->sc_name); 715 return; 716 } 717 718 mtx_lock(&sc->sc_queue_mtx); 719 if (sc->sc_flags & G_ELI_FLAG_SUSPEND) { 720 mtx_unlock(&sc->sc_queue_mtx); 721 gctl_error(req, "Device %s already suspended.", 722 sc->sc_name); 723 return; 724 } 725 sc->sc_flags |= G_ELI_FLAG_SUSPEND; 726 wakeup(sc); 727 for (;;) { 728 LIST_FOREACH(wr, &sc->sc_workers, w_next) { 729 if (wr->w_active) 730 break; 731 } 732 if (wr == NULL) 733 break; 734 /* Not all threads suspended. */ 735 msleep(&sc->sc_workers, &sc->sc_queue_mtx, PRIBIO, 736 "geli:suspend", 0); 737 } 738 /* 739 * Clear sensitive data on suspend, they will be recovered on resume. 740 */ 741 bzero(sc->sc_mkey, sizeof(sc->sc_mkey)); 742 g_eli_key_destroy(sc); 743 bzero(sc->sc_akey, sizeof(sc->sc_akey)); 744 bzero(&sc->sc_akeyctx, sizeof(sc->sc_akeyctx)); 745 bzero(sc->sc_ivkey, sizeof(sc->sc_ivkey)); 746 bzero(&sc->sc_ivctx, sizeof(sc->sc_ivctx)); 747 mtx_unlock(&sc->sc_queue_mtx); 748 G_ELI_DEBUG(0, "Device %s has been suspended.", sc->sc_name); 749 } 750 751 static void 752 g_eli_ctl_suspend(struct gctl_req *req, struct g_class *mp) 753 { 754 struct g_eli_softc *sc; 755 int *all, *nargs; 756 757 g_topology_assert(); 758 759 nargs = gctl_get_paraml(req, "nargs", sizeof(*nargs)); 760 if (nargs == NULL) { 761 gctl_error(req, "No '%s' argument.", "nargs"); 762 return; 763 } 764 all = gctl_get_paraml(req, "all", sizeof(*all)); 765 if (all == NULL) { 766 gctl_error(req, "No '%s' argument.", "all"); 767 return; 768 } 769 if (!*all && *nargs == 0) { 770 gctl_error(req, "Too few arguments."); 771 return; 772 } 773 774 if (*all) { 775 struct g_geom *gp, *gp2; 776 777 LIST_FOREACH_SAFE(gp, &mp->geom, geom, gp2) { 778 sc = gp->softc; 779 if (sc->sc_flags & G_ELI_FLAG_ONETIME) { 780 G_ELI_DEBUG(0, 781 "Device %s is using one-time key, suspend not supported, skipping.", 782 sc->sc_name); 783 continue; 784 } 785 g_eli_suspend_one(sc, req); 786 } 787 } else { 788 const char *prov; 789 char param[16]; 790 int i; 791 792 for (i = 0; i < *nargs; i++) { 793 snprintf(param, sizeof(param), "arg%d", i); 794 prov = gctl_get_asciiparam(req, param); 795 if (prov == NULL) { 796 G_ELI_DEBUG(0, "No 'arg%d' argument.", i); 797 continue; 798 } 799 800 sc = g_eli_find_device(mp, prov); 801 if (sc == NULL) { 802 G_ELI_DEBUG(0, "No such provider: %s.", prov); 803 continue; 804 } 805 g_eli_suspend_one(sc, req); 806 } 807 } 808 } 809 810 static void 811 g_eli_ctl_resume(struct gctl_req *req, struct g_class *mp) 812 { 813 struct g_eli_metadata md; 814 struct g_eli_softc *sc; 815 struct g_provider *pp; 816 struct g_consumer *cp; 817 const char *name; 818 u_char *key, mkey[G_ELI_DATAIVKEYLEN]; 819 int *nargs, keysize, error; 820 u_int nkey; 821 822 g_topology_assert(); 823 824 nargs = gctl_get_paraml(req, "nargs", sizeof(*nargs)); 825 if (nargs == NULL) { 826 gctl_error(req, "No '%s' argument.", "nargs"); 827 return; 828 } 829 if (*nargs != 1) { 830 gctl_error(req, "Invalid number of arguments."); 831 return; 832 } 833 834 name = gctl_get_asciiparam(req, "arg0"); 835 if (name == NULL) { 836 gctl_error(req, "No 'arg%u' argument.", 0); 837 return; 838 } 839 sc = g_eli_find_device(mp, name); 840 if (sc == NULL) { 841 gctl_error(req, "Provider %s is invalid.", name); 842 return; 843 } 844 cp = LIST_FIRST(&sc->sc_geom->consumer); 845 pp = cp->provider; 846 error = g_eli_read_metadata(mp, pp, &md); 847 if (error != 0) { 848 gctl_error(req, "Cannot read metadata from %s (error=%d).", 849 name, error); 850 return; 851 } 852 if (md.md_keys == 0x00) { 853 bzero(&md, sizeof(md)); 854 gctl_error(req, "No valid keys on %s.", pp->name); 855 return; 856 } 857 858 key = gctl_get_param(req, "key", &keysize); 859 if (key == NULL || keysize != G_ELI_USERKEYLEN) { 860 bzero(&md, sizeof(md)); 861 gctl_error(req, "No '%s' argument.", "key"); 862 return; 863 } 864 865 error = g_eli_mkey_decrypt(&md, key, mkey, &nkey); 866 bzero(key, keysize); 867 if (error == -1) { 868 bzero(&md, sizeof(md)); 869 gctl_error(req, "Wrong key for %s.", pp->name); 870 return; 871 } else if (error > 0) { 872 bzero(&md, sizeof(md)); 873 gctl_error(req, "Cannot decrypt Master Key for %s (error=%d).", 874 pp->name, error); 875 return; 876 } 877 G_ELI_DEBUG(1, "Using Master Key %u for %s.", nkey, pp->name); 878 879 mtx_lock(&sc->sc_queue_mtx); 880 if (!(sc->sc_flags & G_ELI_FLAG_SUSPEND)) 881 gctl_error(req, "Device %s is not suspended.", name); 882 else { 883 /* Restore sc_mkey, sc_ekeys, sc_akey and sc_ivkey. */ 884 g_eli_mkey_propagate(sc, mkey); 885 sc->sc_flags &= ~G_ELI_FLAG_SUSPEND; 886 G_ELI_DEBUG(1, "Resumed %s.", pp->name); 887 wakeup(sc); 888 } 889 mtx_unlock(&sc->sc_queue_mtx); 890 bzero(mkey, sizeof(mkey)); 891 bzero(&md, sizeof(md)); 892 } 893 894 static int 895 g_eli_kill_one(struct g_eli_softc *sc) 896 { 897 struct g_provider *pp; 898 struct g_consumer *cp; 899 int error = 0; 900 901 g_topology_assert(); 902 903 if (sc == NULL) 904 return (ENOENT); 905 906 pp = LIST_FIRST(&sc->sc_geom->provider); 907 g_error_provider(pp, ENXIO); 908 909 cp = LIST_FIRST(&sc->sc_geom->consumer); 910 pp = cp->provider; 911 912 if (sc->sc_flags & G_ELI_FLAG_RO) { 913 G_ELI_DEBUG(0, "WARNING: Metadata won't be erased on read-only " 914 "provider: %s.", pp->name); 915 } else { 916 u_char *sector; 917 u_int i; 918 int err; 919 920 sector = malloc(pp->sectorsize, M_ELI, M_WAITOK); 921 for (i = 0; i <= g_eli_overwrites; i++) { 922 if (i == g_eli_overwrites) 923 bzero(sector, pp->sectorsize); 924 else 925 arc4rand(sector, pp->sectorsize, 0); 926 err = g_write_data(cp, pp->mediasize - pp->sectorsize, 927 sector, pp->sectorsize); 928 if (err != 0) { 929 G_ELI_DEBUG(0, "Cannot erase metadata on %s " 930 "(error=%d).", pp->name, err); 931 if (error == 0) 932 error = err; 933 } 934 /* 935 * Flush write cache so we don't overwrite data N times 936 * in cache and only once on disk. 937 */ 938 (void)g_io_flush(cp); 939 } 940 free(sector, M_ELI); 941 } 942 if (error == 0) 943 G_ELI_DEBUG(0, "%s has been killed.", pp->name); 944 g_eli_destroy(sc, TRUE); 945 return (error); 946 } 947 948 static void 949 g_eli_ctl_kill(struct gctl_req *req, struct g_class *mp) 950 { 951 int *all, *nargs; 952 int error; 953 954 g_topology_assert(); 955 956 nargs = gctl_get_paraml(req, "nargs", sizeof(*nargs)); 957 if (nargs == NULL) { 958 gctl_error(req, "No '%s' argument.", "nargs"); 959 return; 960 } 961 all = gctl_get_paraml(req, "all", sizeof(*all)); 962 if (all == NULL) { 963 gctl_error(req, "No '%s' argument.", "all"); 964 return; 965 } 966 if (!*all && *nargs == 0) { 967 gctl_error(req, "Too few arguments."); 968 return; 969 } 970 971 if (*all) { 972 struct g_geom *gp, *gp2; 973 974 LIST_FOREACH_SAFE(gp, &mp->geom, geom, gp2) { 975 error = g_eli_kill_one(gp->softc); 976 if (error != 0) 977 gctl_error(req, "Not fully done."); 978 } 979 } else { 980 struct g_eli_softc *sc; 981 const char *prov; 982 char param[16]; 983 int i; 984 985 for (i = 0; i < *nargs; i++) { 986 snprintf(param, sizeof(param), "arg%d", i); 987 prov = gctl_get_asciiparam(req, param); 988 if (prov == NULL) { 989 G_ELI_DEBUG(0, "No 'arg%d' argument.", i); 990 continue; 991 } 992 993 sc = g_eli_find_device(mp, prov); 994 if (sc == NULL) { 995 G_ELI_DEBUG(0, "No such provider: %s.", prov); 996 continue; 997 } 998 error = g_eli_kill_one(sc); 999 if (error != 0) 1000 gctl_error(req, "Not fully done."); 1001 } 1002 } 1003 } 1004 1005 void 1006 g_eli_config(struct gctl_req *req, struct g_class *mp, const char *verb) 1007 { 1008 uint32_t *version; 1009 1010 g_topology_assert(); 1011 1012 version = gctl_get_paraml(req, "version", sizeof(*version)); 1013 if (version == NULL) { 1014 gctl_error(req, "No '%s' argument.", "version"); 1015 return; 1016 } 1017 while (*version != G_ELI_VERSION) { 1018 if (G_ELI_VERSION == G_ELI_VERSION_06 && 1019 *version == G_ELI_VERSION_05) { 1020 /* Compatible. */ 1021 break; 1022 } 1023 gctl_error(req, "Userland and kernel parts are out of sync."); 1024 return; 1025 } 1026 1027 if (strcmp(verb, "attach") == 0) 1028 g_eli_ctl_attach(req, mp); 1029 else if (strcmp(verb, "detach") == 0 || strcmp(verb, "stop") == 0) 1030 g_eli_ctl_detach(req, mp); 1031 else if (strcmp(verb, "onetime") == 0) 1032 g_eli_ctl_onetime(req, mp); 1033 else if (strcmp(verb, "configure") == 0) 1034 g_eli_ctl_configure(req, mp); 1035 else if (strcmp(verb, "setkey") == 0) 1036 g_eli_ctl_setkey(req, mp); 1037 else if (strcmp(verb, "delkey") == 0) 1038 g_eli_ctl_delkey(req, mp); 1039 else if (strcmp(verb, "suspend") == 0) 1040 g_eli_ctl_suspend(req, mp); 1041 else if (strcmp(verb, "resume") == 0) 1042 g_eli_ctl_resume(req, mp); 1043 else if (strcmp(verb, "kill") == 0) 1044 g_eli_ctl_kill(req, mp); 1045 else 1046 gctl_error(req, "Unknown verb."); 1047 } 1048