xref: /illumos-gate/usr/src/uts/common/crypto/core/kcf.c (revision 5bbb4db2c3f208d12bf0fd11769728f9e5ba66a2)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*
27  * Core KCF (Kernel Cryptographic Framework). This file implements
28  * the loadable module entry points and module verification routines.
29  */
30 
31 #include <sys/systm.h>
32 #include <sys/cmn_err.h>
33 #include <sys/ddi.h>
34 #include <sys/sunddi.h>
35 #include <sys/modctl.h>
36 #include <sys/errno.h>
37 #include <sys/rwlock.h>
38 #include <sys/kmem.h>
39 #include <sys/door.h>
40 #include <sys/kobj.h>
41 
42 #include <sys/crypto/common.h>
43 #include <sys/crypto/api.h>
44 #include <sys/crypto/spi.h>
45 #include <sys/crypto/impl.h>
46 #include <sys/crypto/sched_impl.h>
47 #include <sys/crypto/elfsign.h>
48 #include <sys/crypto/ioctladmin.h>
49 
50 #ifdef DEBUG
51 int kcf_frmwrk_debug = 0;
52 
53 #define	KCF_FRMWRK_DEBUG(l, x)	if (kcf_frmwrk_debug >= l) printf x
54 #else	/* DEBUG */
55 #define	KCF_FRMWRK_DEBUG(l, x)
56 #endif	/* DEBUG */
57 
58 /*
59  * Door to make upcalls to kcfd. kcfd will send us this
60  * handle when it is coming up.
61  */
62 kmutex_t kcf_dh_lock;
63 door_handle_t kcf_dh = NULL;
64 
65 /* Setup FIPS 140 support variables */
66 uint32_t global_fips140_mode = FIPS140_MODE_UNSET;
67 kmutex_t fips140_mode_lock;
68 kcondvar_t cv_fips140;
69 
70 /*
71  * Kernel FIPS140 boundary module list
72  * NOTE: "swrand" must be the last entry.  FIPS 140 shutdown functions stop
73  *       before getting to swrand as it is used for non-FIPS 140
74  *       operations to.  The FIPS 140 random API separately controls access.
75  */
76 #define	FIPS140_MODULES_MAX 7
77 static char *fips140_module_list[FIPS140_MODULES_MAX] = {
78 	"aes", "des", "ecc", "sha1", "sha2", "rsa", "swrand"
79 };
80 
81 static struct modlmisc modlmisc = {
82 	&mod_miscops, "Kernel Crypto Framework"
83 };
84 
85 static struct modlinkage modlinkage = {
86 	MODREV_1, (void *)&modlmisc, NULL
87 };
88 
89 static int rngtimer_started;
90 
91 int
92 _init()
93 {
94 	mutex_init(&fips140_mode_lock, NULL, MUTEX_DEFAULT, NULL);
95 	cv_init(&cv_fips140, NULL, CV_DEFAULT, NULL);
96 
97 	/* initialize the mechanisms tables supported out-of-the-box */
98 	kcf_init_mech_tabs();
99 
100 	/* initialize the providers tables */
101 	kcf_prov_tab_init();
102 
103 	/* initialize the policy table */
104 	kcf_policy_tab_init();
105 
106 	/* initialize soft_config_list */
107 	kcf_soft_config_init();
108 
109 	/*
110 	 * Initialize scheduling structures. Note that this does NOT
111 	 * start any threads since it might not be safe to do so.
112 	 */
113 	kcf_sched_init();
114 
115 	/* initialize the RNG support structures */
116 	rngtimer_started = 0;
117 	kcf_rnd_init();
118 
119 	return (mod_install(&modlinkage));
120 }
121 
122 int
123 _info(struct modinfo *modinfop)
124 {
125 	return (mod_info(&modlinkage, modinfop));
126 }
127 
128 /*
129  * We do not allow kcf to unload.
130  */
131 int
132 _fini(void)
133 {
134 	return (EBUSY);
135 }
136 
137 
138 /* Returns the value of global_fips140_mode */
139 int
140 kcf_get_fips140_mode(void)
141 {
142 	return (global_fips140_mode);
143 }
144 
145 /*
146  * If FIPS 140 has failed its tests.  The providers must be disabled from the
147  * framework.
148  */
149 void
150 kcf_fips140_shutdown()
151 {
152 	kcf_provider_desc_t *pd;
153 	int i;
154 
155 	cmn_err(CE_WARN,
156 	    "Shutting down FIPS 140 boundary as verification failed.");
157 
158 	/* Disable FIPS 140 modules, but leave swrand alone */
159 	for (i = 0; i < (FIPS140_MODULES_MAX - 1); i++) {
160 		/*
161 		 * Remove the predefined entries from the soft_config_list
162 		 * so the framework does not report the providers.
163 		 */
164 		remove_soft_config(fips140_module_list[i]);
165 
166 		pd = kcf_prov_tab_lookup_by_name(fips140_module_list[i]);
167 		if (pd == NULL)
168 			continue;
169 
170 		/* Allow the unneeded providers to be unloaded */
171 		pd->pd_mctlp->mod_loadflags &= ~(MOD_NOAUTOUNLOAD);
172 
173 		/* Invalidate the FIPS 140 providers */
174 		mutex_enter(&pd->pd_lock);
175 		pd->pd_state = KCF_PROV_VERIFICATION_FAILED;
176 		mutex_exit(&pd->pd_lock);
177 		KCF_PROV_REFRELE(pd);
178 		undo_register_provider(pd, B_FALSE);
179 
180 	}
181 }
182 
183 /*
184  * Activates the kernel providers
185  *
186  * If we are getting ready to enable FIPS 140 mode, then all providers should
187  * be loaded and ready.
188  *
189  * If FIPS 140 is disabled, then we can skip any errors because some crypto
190  * modules may not have been loaded.
191  */
192 void
193 kcf_activate()
194 {
195 	kcf_provider_desc_t *pd;
196 	int i;
197 
198 	for (i = 0; i < (FIPS140_MODULES_MAX - 1); i++) {
199 		pd = kcf_prov_tab_lookup_by_name(fips140_module_list[i]);
200 		if (pd == NULL) {
201 			if (global_fips140_mode == FIPS140_MODE_DISABLED)
202 				continue;
203 
204 			/* There should never be a NULL value in FIPS 140 */
205 			cmn_err(CE_WARN, "FIPS 140 activation: %s not in "
206 			    "kernel provider table", fips140_module_list[i]);
207 			kcf_fips140_shutdown();
208 			break;
209 		}
210 
211 		/*
212 		 * Change the provider state so the verification functions
213 		 * can signature verify, if necessary, and ready it.
214 		 */
215 		if (pd->pd_state == KCF_PROV_UNVERIFIED_FIPS140) {
216 			mutex_enter(&pd->pd_lock);
217 			pd->pd_state = KCF_PROV_UNVERIFIED;
218 			mutex_exit(&pd->pd_lock);
219 		}
220 
221 		KCF_PROV_REFRELE(pd);
222 	}
223 
224 	/* If we are not in FIPS 140 mode exit */
225 	if (global_fips140_mode == FIPS140_MODE_DISABLED)
226 		return;
227 
228 	/* If we in the process of validating FIPS 140, enable it */
229 	mutex_enter(&fips140_mode_lock);
230 	global_fips140_mode = FIPS140_MODE_ENABLED;
231 	cv_signal(&cv_fips140);
232 	mutex_exit(&fips140_mode_lock);
233 
234 	verify_unverified_providers();
235 }
236 
237 
238 /*
239  * Perform a door call to kcfd to have it check the integrity of the
240  * kernel boundary.  Failure of the boundary will cause a FIPS 140
241  * configuration to fail
242  */
243 int
244 kcf_fips140_integrity_check()
245 {
246 	door_arg_t darg;
247 	door_handle_t ldh;
248 	kcf_door_arg_t *kda = { 0 }, *rkda;
249 	int ret = 0;
250 
251 	KCF_FRMWRK_DEBUG(1, ("Starting IC check"));
252 
253 	mutex_enter(&kcf_dh_lock);
254 	if (kcf_dh == NULL) {
255 		mutex_exit(&kcf_dh_lock);
256 		cmn_err(CE_WARN, "FIPS 140 Integrity Check failed, Door not "
257 		    "available\n");
258 		return (1);
259 	}
260 
261 	ldh = kcf_dh;
262 	door_ki_hold(ldh);
263 	mutex_exit(&kcf_dh_lock);
264 
265 	kda = kmem_alloc(sizeof (kcf_door_arg_t), KM_SLEEP);
266 	kda->da_version = KCFD_FIPS140_INTCHECK;
267 	kda->da_iskernel = B_TRUE;
268 
269 	darg.data_ptr = (char *)kda;
270 	darg.data_size = sizeof (kcf_door_arg_t);
271 	darg.desc_ptr = NULL;
272 	darg.desc_num = 0;
273 	darg.rbuf = (char *)kda;
274 	darg.rsize = sizeof (kcf_door_arg_t);
275 
276 	ret = door_ki_upcall_limited(ldh, &darg, NULL, SIZE_MAX, 0);
277 	if (ret != 0) {
278 		ret = 1;
279 		goto exit;
280 	}
281 
282 	KCF_FRMWRK_DEBUG(1, ("Integrity Check door returned = %d\n", ret));
283 
284 	rkda = (kcf_door_arg_t *)darg.rbuf;
285 	if (rkda->da_u.result.status != ELFSIGN_SUCCESS) {
286 		ret = 1;
287 		KCF_FRMWRK_DEBUG(1, ("Integrity Check failed = %d\n",
288 		    rkda->da_u.result.status));
289 		goto exit;
290 	}
291 
292 	KCF_FRMWRK_DEBUG(1, ("Integrity Check succeeds.\n"));
293 
294 exit:
295 	if (rkda != kda)
296 		kmem_free(rkda, darg.rsize);
297 
298 	kmem_free(kda, sizeof (kcf_door_arg_t));
299 	door_ki_rele(ldh);
300 	if (ret)
301 		cmn_err(CE_WARN, "FIPS 140 Integrity Check failed.\n");
302 	return (ret);
303 }
304 
305 /*
306  * If FIPS 140 is configured to be enabled, before it can be turned on, the
307  * providers must run their Power On Self Test (POST) and we must wait to sure
308  * userland has performed its validation tests.
309  */
310 void
311 kcf_fips140_validate()
312 {
313 	kcf_provider_desc_t *pd;
314 	kthread_t *post_thr;
315 	int post_rv[FIPS140_MODULES_MAX];
316 	kt_did_t post_t_did[FIPS140_MODULES_MAX];
317 	int ret = 0;
318 	int i;
319 
320 	/*
321 	 * Run POST tests for FIPS 140 modules, if they aren't loaded, load them
322 	 */
323 	for (i = 0; i < FIPS140_MODULES_MAX; i++) {
324 		pd = kcf_prov_tab_lookup_by_name(fips140_module_list[i]);
325 		if (pd == NULL) {
326 			/* If the module isn't loaded, load it */
327 			ret = modload("crypto", fips140_module_list[i]);
328 			if (ret == -1) {
329 				cmn_err(CE_WARN, "FIPS 140 validation failed: "
330 				    "error modloading module %s.",
331 				    fips140_module_list[i]);
332 				goto error;
333 			}
334 
335 			/* Try again to get provider desc */
336 			pd = kcf_prov_tab_lookup_by_name(
337 			    fips140_module_list[i]);
338 			if (pd == NULL) {
339 				cmn_err(CE_WARN, "FIPS 140 validation failed: "
340 				    "Could not find module %s.",
341 				    fips140_module_list[i]);
342 				goto error;
343 			}
344 		}
345 
346 		/* Make sure there are FIPS 140 entry points */
347 		if (KCF_PROV_FIPS140_OPS(pd) == NULL) {
348 			cmn_err(CE_WARN, "FIPS 140 validation failed: "
349 			    "No POST function entry point in %s.",
350 			    fips140_module_list[i]);
351 			goto error;
352 		}
353 
354 		/* Make sure the module is not unloaded */
355 		pd->pd_mctlp->mod_loadflags |= MOD_NOAUTOUNLOAD;
356 
357 		/*
358 		 * With the FIPS 140 POST function provided by the module in
359 		 * SPI v4, start a thread to run the function.
360 		 */
361 		post_rv[i] = CRYPTO_OPERATION_NOT_INITIALIZED;
362 		post_thr = thread_create(NULL, 0,
363 		    (*(KCF_PROV_FIPS140_OPS(pd)->fips140_post)), &post_rv[i],
364 		    0, &p0, TS_RUN, MAXCLSYSPRI);
365 		post_thr->t_did = post_t_did[i];
366 		KCF_FRMWRK_DEBUG(1, ("kcf_fips140_validate: started POST "
367 		    "for %s\n", fips140_module_list[i]));
368 		KCF_PROV_REFRELE(pd);
369 	}
370 
371 	/* Do integrity check of kernel boundary */
372 	ret = kcf_fips140_integrity_check();
373 	if (ret == 1)
374 		goto error;
375 
376 	/* Wait for POST threads to come back and verify results */
377 	for (i = 0; i < FIPS140_MODULES_MAX; i++) {
378 		if (post_t_did[i] != NULL)
379 			thread_join(post_t_did[i]);
380 
381 		if (post_rv[i] != 0) {
382 			cmn_err(CE_WARN, "FIPS 140 POST failed for %s. "
383 			    "Error = %d", fips140_module_list[i], post_rv[i]);
384 			goto error;
385 		}
386 	}
387 
388 	kcf_activate();
389 	return;
390 
391 error:
392 	mutex_enter(&fips140_mode_lock);
393 	global_fips140_mode = FIPS140_MODE_SHUTDOWN;
394 	kcf_fips140_shutdown();
395 	cv_signal(&cv_fips140);
396 	mutex_exit(&fips140_mode_lock);
397 
398 }
399 
400 
401 /*
402  * Return a pointer to the modctl structure of the
403  * provider's module.
404  */
405 struct modctl *
406 kcf_get_modctl(crypto_provider_info_t *pinfo)
407 {
408 	struct modctl *mctlp;
409 
410 	/* Get the modctl struct for this module */
411 	if (pinfo->pi_provider_type == CRYPTO_SW_PROVIDER)
412 		mctlp = mod_getctl(pinfo->pi_provider_dev.pd_sw);
413 	else {
414 		major_t major;
415 		char *drvmod;
416 
417 		if ((major =
418 		    ddi_driver_major(pinfo->pi_provider_dev.pd_hw)) != -1) {
419 			drvmod = ddi_major_to_name(major);
420 			mctlp = mod_find_by_filename("drv", drvmod);
421 		} else
422 			return (NULL);
423 	}
424 
425 	return (mctlp);
426 }
427 
428 /* Check if this provider requires to be verified. */
429 int
430 verifiable_provider(crypto_ops_t *prov_ops)
431 {
432 
433 	if (prov_ops->co_cipher_ops == NULL && prov_ops->co_dual_ops == NULL &&
434 	    prov_ops->co_dual_cipher_mac_ops == NULL &&
435 	    prov_ops->co_key_ops == NULL && prov_ops->co_sign_ops == NULL &&
436 	    prov_ops->co_verify_ops == NULL)
437 		return (0);
438 
439 	return (1);
440 }
441 
442 /*
443  * With a given provider being registered, this looks through the FIPS 140
444  * modules list and returns a 1 if it's part of the FIPS 140 boundary and
445  * the framework registration must be delayed until we know the FIPS 140 mode
446  * status.  A zero mean the provider does not need to wait for the FIPS 140
447  * boundary.
448  *
449  * If the provider in the boundary only provides random (like swrand), we
450  * can let it register as the random API will block operations.
451  */
452 int
453 kcf_need_fips140_verification(kcf_provider_desc_t *pd)
454 {
455 	int i, ret = 0;
456 
457 	if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)
458 		return (0);
459 
460 	mutex_enter(&fips140_mode_lock);
461 
462 	if (global_fips140_mode >= FIPS140_MODE_ENABLED)
463 		goto exit;
464 
465 	for (i = 0; i < FIPS140_MODULES_MAX; i++) {
466 		if (strcmp(fips140_module_list[i], pd->pd_name) != 0)
467 			continue;
468 
469 		/* If this module is only random, we can let it register */
470 		if (KCF_PROV_RANDOM_OPS(pd) &&
471 		    !verifiable_provider(pd->pd_ops_vector))
472 			break;
473 
474 		if (global_fips140_mode == FIPS140_MODE_SHUTDOWN) {
475 			ret = -1;
476 			break;
477 		}
478 
479 		ret = 1;
480 		break;
481 	}
482 
483 exit:
484 	mutex_exit(&fips140_mode_lock);
485 	return (ret);
486 }
487 
488 
489 /*
490  * Check if signature verification is needed for a provider.
491  *
492  * Returns 0, if no verification is needed. Returns 1, if
493  * verification is needed. Returns -1, if there is an
494  * error.
495  */
496 int
497 kcf_need_signature_verification(kcf_provider_desc_t *pd)
498 {
499 	struct module *mp;
500 	struct modctl *mctlp = pd->pd_mctlp;
501 
502 	if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)
503 		return (0);
504 
505 	if (mctlp == NULL || mctlp->mod_mp == NULL)
506 		return (-1);
507 
508 	mp = (struct module *)mctlp->mod_mp;
509 
510 	/*
511 	 * Check if we need to verify this provider signature and if so,
512 	 * make sure it has a signature section.
513 	 */
514 	if (verifiable_provider(pd->pd_ops_vector) == 0)
515 		return (0);
516 
517 	/* See if this module has its required signature section. */
518 	if (mp->sigdata == NULL)
519 		return (-1);
520 
521 	return (1);
522 }
523 
524 /*
525  * Do the signature verification on the given module. This function can
526  * be called from user context or kernel context.
527  *
528  * We call kcfd with the full pathname of the module to be
529  * verified. kcfd will return success/restricted/fail, signature length
530  * and the actual signature in the ELF section of the module. If kcfd
531  * returns success or restricted, we compare the signature and the length
532  * with the values that krtld stored in the module structure. We log an
533  * error message in case of a failure.
534  *
535  * The provider state is changed to KCF_PROV_READY on success.
536  */
537 void
538 kcf_verify_signature(void *arg)
539 {
540 	int rv;
541 	int error = CRYPTO_MODVERIFICATION_FAILED;
542 	door_arg_t darg;
543 	door_handle_t ldh;
544 	kcf_door_arg_t *kda;
545 	char *filename;
546 	kcf_provider_desc_t *pd = arg;
547 	struct module *mp;
548 	boolean_t do_notify = B_FALSE;
549 	boolean_t modhold_done = B_FALSE;
550 	struct modctl *mctlp = pd->pd_mctlp;
551 
552 	ASSERT(pd->pd_prov_type != CRYPTO_LOGICAL_PROVIDER);
553 	ASSERT(mctlp != NULL);
554 
555 	/*
556 	 * Because of FIPS 140 delays module loading, we may be running through
557 	 * this code with a non-crypto signed module; therefore, another
558 	 * check is necessary
559 	 */
560 	if (verifiable_provider(pd->pd_ops_vector) == 0) {
561 		error = 0;
562 		goto setverify;
563 	}
564 
565 	for (;;) {
566 		mutex_enter(&pd->pd_lock);
567 		/* No need to do verification */
568 		if (pd->pd_state != KCF_PROV_UNVERIFIED) {
569 			mutex_exit(&pd->pd_lock);
570 			goto out;
571 		}
572 		mutex_exit(&pd->pd_lock);
573 
574 		mutex_enter(&mod_lock);
575 		if (mctlp->mod_mp == NULL) {
576 			mutex_exit(&mod_lock);
577 			goto out;
578 		}
579 
580 		/*
581 		 * This check is needed since a software provider can call
582 		 * us directly from the _init->crypto_register_provider path.
583 		 */
584 		if (pd->pd_prov_type == CRYPTO_SW_PROVIDER &&
585 		    mctlp->mod_inprogress_thread == curthread) {
586 			mutex_exit(&mod_lock);
587 			modhold_done = B_FALSE;
588 			break;
589 		}
590 
591 		/*
592 		 * We could be in a race with the register thread or
593 		 * the unregister thread. So, retry if register or
594 		 * unregister is in progress. Note that we can't do
595 		 * mod_hold_by_modctl without this check since that
596 		 * could result in a deadlock with the other threads.
597 		 */
598 		if (mctlp->mod_busy) {
599 			mutex_exit(&mod_lock);
600 			/* delay for 10ms and try again */
601 			delay(drv_usectohz(10000));
602 			continue;
603 		}
604 
605 		(void) mod_hold_by_modctl(mctlp,
606 		    MOD_WAIT_FOREVER | MOD_LOCK_HELD);
607 		mutex_exit(&mod_lock);
608 		modhold_done = B_TRUE;
609 		break;
610 	}
611 
612 	/*
613 	 * Check if the door is set up yet. This will be set when kcfd
614 	 * comes up. If not, we return and leave the provider state unchanged
615 	 * at KCF_PROV_UNVERIFIED. This will trigger the verification of
616 	 * the module later when kcfd is up. This is safe as we NEVER use
617 	 * a provider that has not been verified yet.
618 	 */
619 	mutex_enter(&kcf_dh_lock);
620 	if (kcf_dh == NULL) {
621 		mutex_exit(&kcf_dh_lock);
622 		goto out;
623 	}
624 
625 	ldh = kcf_dh;
626 	door_ki_hold(ldh);
627 	mutex_exit(&kcf_dh_lock);
628 
629 	mp = (struct module *)mctlp->mod_mp;
630 	filename = mp->filename;
631 	KCF_FRMWRK_DEBUG(2, ("Verifying module: %s\n", filename));
632 
633 	kda = kmem_alloc(sizeof (kcf_door_arg_t) + mp->sigsize, KM_SLEEP);
634 	kda->da_version = KCF_KCFD_VERSION1;
635 	kda->da_iskernel = B_TRUE;
636 	bcopy(filename, kda->da_u.filename, strlen(filename) + 1);
637 
638 	darg.data_ptr = (char *)kda;
639 	darg.data_size = sizeof (kcf_door_arg_t) + mp->sigsize;
640 	darg.desc_ptr = NULL;
641 	darg.desc_num = 0;
642 	darg.rbuf = (char *)kda;
643 	darg.rsize = sizeof (kcf_door_arg_t);
644 
645 	/*
646 	 * Make door upcall. door_ki_upcall() checks for validity of the handle.
647 	 */
648 	rv = door_ki_upcall_limited(ldh, &darg, NULL, SIZE_MAX, 0);
649 
650 	if (rv == 0) {
651 		kcf_door_arg_t *rkda =  (kcf_door_arg_t *)darg.rbuf;
652 
653 		KCF_FRMWRK_DEBUG(2,
654 		    ("passed: %d\n", rkda->da_u.result.status));
655 		KCF_FRMWRK_DEBUG(2,
656 		    ("signature length: %d\n", rkda->da_u.result.siglen));
657 		KCF_FRMWRK_DEBUG(2,
658 		    ("signature: %p\n", (void*)rkda->da_u.result.signature));
659 
660 
661 		/* Check kcfd result and compare against module struct fields */
662 		if (((rkda->da_u.result.status != ELFSIGN_SUCCESS) &&
663 		    (rkda->da_u.result.status != ELFSIGN_RESTRICTED)) ||
664 		    !(rkda->da_u.result.siglen == mp->sigsize) ||
665 		    (bcmp(rkda->da_u.result.signature, mp->sigdata,
666 		    mp->sigsize))) {
667 			cmn_err(CE_WARN, "Module verification failed for %s.",
668 			    filename);
669 		} else {
670 			error = 0;
671 		}
672 
673 		if (rkda->da_u.result.status == ELFSIGN_RESTRICTED) {
674 			pd->pd_flags |= KCF_PROV_RESTRICTED;
675 			KCF_FRMWRK_DEBUG(2, ("provider is restricted\n"));
676 		}
677 
678 		if (rkda != kda)
679 			kmem_free(rkda, darg.rsize);
680 
681 	} else {
682 		cmn_err(CE_WARN, "Module verification door upcall failed "
683 		    "for %s. errno = %d", filename, rv);
684 	}
685 
686 	kmem_free(kda, sizeof (kcf_door_arg_t) + mp->sigsize);
687 	door_ki_rele(ldh);
688 
689 setverify:
690 	mutex_enter(&pd->pd_lock);
691 	/* change state only if the original state is unchanged */
692 	if (pd->pd_state == KCF_PROV_UNVERIFIED) {
693 		if (error == 0) {
694 			pd->pd_state = KCF_PROV_READY;
695 			do_notify = B_TRUE;
696 		} else {
697 			pd->pd_state = KCF_PROV_VERIFICATION_FAILED;
698 		}
699 	}
700 	mutex_exit(&pd->pd_lock);
701 
702 	if (do_notify) {
703 		/* Dispatch events for this new provider */
704 		kcf_do_notify(pd, B_TRUE);
705 	}
706 
707 out:
708 	if (modhold_done)
709 		mod_release_mod(mctlp);
710 	KCF_PROV_REFRELE(pd);
711 }
712 
713 /* called from the CRYPTO_LOAD_DOOR ioctl */
714 int
715 crypto_load_door(uint_t did)
716 {
717 	mutex_enter(&kcf_dh_lock);
718 	kcf_dh = door_ki_lookup(did);
719 	mutex_exit(&kcf_dh_lock);
720 
721 	verify_unverified_providers();
722 
723 	/* Start the timeout handler to get random numbers */
724 	if (rngtimer_started == 0) {
725 		kcf_rnd_schedule_timeout(B_TRUE);
726 		rngtimer_started = 1;
727 	}
728 	return (0);
729 }
730