1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 /* 30 * This file is part of the core Kernel Cryptographic Framework. 31 * It implements the management of tables of Providers. Entries to 32 * added and removed when cryptographic providers register with 33 * and unregister from the framework, respectively. The KCF scheduler 34 * and ioctl pseudo driver call this function to obtain the list 35 * of available providers. 36 * 37 * The provider table is indexed by crypto_provider_id_t. Each 38 * element of the table contains a pointer to a provider descriptor, 39 * or NULL if the entry is free. 40 * 41 * This file also implements helper functions to allocate and free 42 * provider descriptors. 43 */ 44 45 #include <sys/types.h> 46 #include <sys/kmem.h> 47 #include <sys/cmn_err.h> 48 #include <sys/ddi.h> 49 #include <sys/sunddi.h> 50 #include <sys/ksynch.h> 51 #include <sys/crypto/common.h> 52 #include <sys/crypto/impl.h> 53 #include <sys/crypto/sched_impl.h> 54 #include <sys/crypto/spi.h> 55 56 #define KCF_MAX_PROVIDERS 512 /* max number of providers */ 57 58 static kmutex_t prov_tab_mutex; /* ensure exclusive access to the table */ 59 static kcf_provider_desc_t **prov_tab = NULL; 60 static uint_t prov_tab_num = 0; /* number of providers in table */ 61 static uint_t prov_tab_max = KCF_MAX_PROVIDERS; 62 63 #if DEBUG 64 extern int kcf_frmwrk_debug; 65 static void kcf_prov_tab_dump(void); 66 #endif /* DEBUG */ 67 68 /* 69 * Initialize the providers table. The providers table is dynamically 70 * allocated with prov_tab_max entries. 71 */ 72 void 73 kcf_prov_tab_init(void) 74 { 75 mutex_init(&prov_tab_mutex, NULL, MUTEX_DRIVER, NULL); 76 77 prov_tab = kmem_zalloc(prov_tab_max * sizeof (kcf_provider_desc_t *), 78 KM_SLEEP); 79 } 80 81 /* 82 * Add a provider to the provider table. If no free entry can be found 83 * for the new provider, returns CRYPTO_HOST_MEMORY. Otherwise, add 84 * the provider to the table, initialize the pd_prov_id field 85 * of the specified provider descriptor to the index in that table, 86 * and return CRYPTO_SUCCESS. Note that a REFHOLD is done on the 87 * provider when pointed to by a table entry. 88 */ 89 int 90 kcf_prov_tab_add_provider(kcf_provider_desc_t *prov_desc) 91 { 92 uint_t i; 93 94 ASSERT(prov_tab != NULL); 95 96 mutex_enter(&prov_tab_mutex); 97 98 /* find free slot in providers table */ 99 for (i = 0; i < KCF_MAX_PROVIDERS && prov_tab[i] != NULL; i++); 100 if (i == KCF_MAX_PROVIDERS) { 101 /* ran out of providers entries */ 102 mutex_exit(&prov_tab_mutex); 103 cmn_err(CE_WARN, "out of providers entries"); 104 return (CRYPTO_HOST_MEMORY); 105 } 106 107 /* initialize entry */ 108 prov_tab[i] = prov_desc; 109 KCF_PROV_REFHOLD(prov_desc); 110 KCF_PROV_IREFHOLD(prov_desc); 111 prov_tab_num++; 112 113 mutex_exit(&prov_tab_mutex); 114 115 /* update provider descriptor */ 116 prov_desc->pd_prov_id = i; 117 118 /* 119 * The KCF-private provider handle is defined as the internal 120 * provider id. 121 */ 122 prov_desc->pd_kcf_prov_handle = 123 (crypto_kcf_provider_handle_t)prov_desc->pd_prov_id; 124 125 #if DEBUG 126 if (kcf_frmwrk_debug >= 1) 127 kcf_prov_tab_dump(); 128 #endif /* DEBUG */ 129 130 return (CRYPTO_SUCCESS); 131 } 132 133 /* 134 * Remove the provider specified by its id. A REFRELE is done on the 135 * corresponding provider descriptor before this function returns. 136 * Returns CRYPTO_UNKNOWN_PROVIDER if the provider id is not valid. 137 */ 138 int 139 kcf_prov_tab_rem_provider(crypto_provider_id_t prov_id) 140 { 141 kcf_provider_desc_t *prov_desc; 142 143 ASSERT(prov_tab != NULL); 144 ASSERT(prov_tab_num >= 0); 145 146 /* 147 * Validate provider id, since it can be specified by a 3rd-party 148 * provider. 149 */ 150 151 mutex_enter(&prov_tab_mutex); 152 if (prov_id >= KCF_MAX_PROVIDERS || 153 ((prov_desc = prov_tab[prov_id]) == NULL)) { 154 mutex_exit(&prov_tab_mutex); 155 return (CRYPTO_INVALID_PROVIDER_ID); 156 } 157 mutex_exit(&prov_tab_mutex); 158 159 /* 160 * The provider id must remain valid until the associated provider 161 * descriptor is freed. For this reason, we simply release our 162 * reference to the descriptor here. When the reference count 163 * reaches zero, kcf_free_provider_desc() will be invoked and 164 * the associated entry in the providers table will be released 165 * at that time. 166 */ 167 168 KCF_PROV_REFRELE(prov_desc); 169 KCF_PROV_IREFRELE(prov_desc); 170 171 #if DEBUG 172 if (kcf_frmwrk_debug >= 1) 173 kcf_prov_tab_dump(); 174 #endif /* DEBUG */ 175 176 return (CRYPTO_SUCCESS); 177 } 178 179 /* 180 * Returns the provider descriptor corresponding to the specified 181 * provider id. A REFHOLD is done on the descriptor before it is 182 * returned to the caller. It is the responsibility of the caller 183 * to do a REFRELE once it is done with the provider descriptor. 184 */ 185 kcf_provider_desc_t * 186 kcf_prov_tab_lookup(crypto_provider_id_t prov_id) 187 { 188 kcf_provider_desc_t *prov_desc; 189 190 mutex_enter(&prov_tab_mutex); 191 192 prov_desc = prov_tab[prov_id]; 193 194 if (prov_desc == NULL) { 195 mutex_exit(&prov_tab_mutex); 196 return (NULL); 197 } 198 199 KCF_PROV_REFHOLD(prov_desc); 200 201 mutex_exit(&prov_tab_mutex); 202 203 return (prov_desc); 204 } 205 206 static void 207 allocate_ops_v1(crypto_ops_t *src, crypto_ops_t *dst, uint_t *mech_list_count) 208 { 209 if (src->co_control_ops != NULL) 210 dst->co_control_ops = kmem_alloc(sizeof (crypto_control_ops_t), 211 KM_SLEEP); 212 213 if (src->co_digest_ops != NULL) 214 dst->co_digest_ops = kmem_alloc(sizeof (crypto_digest_ops_t), 215 KM_SLEEP); 216 217 if (src->co_cipher_ops != NULL) 218 dst->co_cipher_ops = kmem_alloc(sizeof (crypto_cipher_ops_t), 219 KM_SLEEP); 220 221 if (src->co_mac_ops != NULL) 222 dst->co_mac_ops = kmem_alloc(sizeof (crypto_mac_ops_t), 223 KM_SLEEP); 224 225 if (src->co_sign_ops != NULL) 226 dst->co_sign_ops = kmem_alloc(sizeof (crypto_sign_ops_t), 227 KM_SLEEP); 228 229 if (src->co_verify_ops != NULL) 230 dst->co_verify_ops = kmem_alloc(sizeof (crypto_verify_ops_t), 231 KM_SLEEP); 232 233 if (src->co_dual_ops != NULL) 234 dst->co_dual_ops = kmem_alloc(sizeof (crypto_dual_ops_t), 235 KM_SLEEP); 236 237 if (src->co_dual_cipher_mac_ops != NULL) 238 dst->co_dual_cipher_mac_ops = kmem_alloc( 239 sizeof (crypto_dual_cipher_mac_ops_t), KM_SLEEP); 240 241 if (src->co_random_ops != NULL) { 242 dst->co_random_ops = kmem_alloc( 243 sizeof (crypto_random_number_ops_t), KM_SLEEP); 244 245 /* 246 * Allocate storage to store the array of supported mechanisms 247 * specified by provider. We allocate extra mechanism storage 248 * if the provider has random_ops since we keep an internal 249 * mechanism, SUN_RANDOM, in this case. 250 */ 251 (*mech_list_count)++; 252 } 253 254 if (src->co_session_ops != NULL) 255 dst->co_session_ops = kmem_alloc(sizeof (crypto_session_ops_t), 256 KM_SLEEP); 257 258 if (src->co_object_ops != NULL) 259 dst->co_object_ops = kmem_alloc(sizeof (crypto_object_ops_t), 260 KM_SLEEP); 261 262 if (src->co_key_ops != NULL) 263 dst->co_key_ops = kmem_alloc(sizeof (crypto_key_ops_t), 264 KM_SLEEP); 265 266 if (src->co_provider_ops != NULL) 267 dst->co_provider_ops = kmem_alloc( 268 sizeof (crypto_provider_management_ops_t), KM_SLEEP); 269 270 if (src->co_ctx_ops != NULL) 271 dst->co_ctx_ops = kmem_alloc(sizeof (crypto_ctx_ops_t), 272 KM_SLEEP); 273 } 274 275 static void 276 allocate_ops_v2(crypto_ops_t *src, crypto_ops_t *dst) 277 { 278 if (src->co_mech_ops != NULL) 279 dst->co_mech_ops = kmem_alloc(sizeof (crypto_mech_ops_t), 280 KM_SLEEP); 281 } 282 283 /* 284 * Allocate a provider descriptor. mech_list_count specifies the 285 * number of mechanisms supported by the providers, and is used 286 * to allocate storage for the mechanism table. 287 * This function may sleep while allocating memory, which is OK 288 * since it is invoked from user context during provider registration. 289 */ 290 kcf_provider_desc_t * 291 kcf_alloc_provider_desc(crypto_provider_info_t *info) 292 { 293 kcf_provider_desc_t *desc; 294 uint_t mech_list_count = info->pi_mech_list_count; 295 crypto_ops_t *src_ops = info->pi_ops_vector; 296 297 desc = kmem_zalloc(sizeof (kcf_provider_desc_t), KM_SLEEP); 298 299 /* 300 * pd_description serves two purposes 301 * - Appears as a blank padded PKCS#11 style string, that will be 302 * returned to applications in CK_SLOT_INFO.slotDescription. 303 * This means that we should not have a null character in the 304 * first CRYPTO_PROVIDER_DESCR_MAX_LEN bytes. 305 * - Appears as a null-terminated string that can be used by 306 * other kcf routines. 307 * 308 * So, we allocate enough room for one extra null terminator 309 * which keeps every one happy. 310 */ 311 desc->pd_description = kmem_alloc(CRYPTO_PROVIDER_DESCR_MAX_LEN + 1, 312 KM_SLEEP); 313 (void) memset(desc->pd_description, ' ', 314 CRYPTO_PROVIDER_DESCR_MAX_LEN); 315 desc->pd_description[CRYPTO_PROVIDER_DESCR_MAX_LEN] = '\0'; 316 317 /* 318 * Since the framework does not require the ops vector specified 319 * by the providers during registration to be persistent, 320 * KCF needs to allocate storage where copies of the ops 321 * vectors are copied. 322 */ 323 desc->pd_ops_vector = kmem_zalloc(sizeof (crypto_ops_t), KM_SLEEP); 324 325 if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER) { 326 allocate_ops_v1(src_ops, desc->pd_ops_vector, &mech_list_count); 327 if (info->pi_interface_version == CRYPTO_SPI_VERSION_2) 328 allocate_ops_v2(src_ops, desc->pd_ops_vector); 329 } 330 331 desc->pd_mech_list_count = mech_list_count; 332 desc->pd_mechanisms = kmem_alloc(sizeof (crypto_mech_info_t) * 333 mech_list_count, KM_SLEEP); 334 desc->pd_prov_id = KCF_PROVID_INVALID; 335 desc->pd_state = KCF_PROV_ALLOCATED; 336 337 mutex_init(&desc->pd_lock, NULL, MUTEX_DEFAULT, NULL); 338 cv_init(&desc->pd_resume_cv, NULL, CV_DEFAULT, NULL); 339 cv_init(&desc->pd_remove_cv, NULL, CV_DEFAULT, NULL); 340 341 return (desc); 342 } 343 344 /* 345 * Called by KCF_PROV_REFRELE when a provider's reference count drops 346 * to zero. We free the descriptor when the last reference is released. 347 * However, for software providers, we do not free it when there is an 348 * unregister thread waiting. We signal that thread in this case and 349 * that thread is responsible for freeing the descriptor. 350 */ 351 void 352 kcf_provider_zero_refcnt(kcf_provider_desc_t *desc) 353 { 354 mutex_enter(&desc->pd_lock); 355 switch (desc->pd_prov_type) { 356 case CRYPTO_SW_PROVIDER: 357 if (desc->pd_state == KCF_PROV_REMOVED || 358 desc->pd_state == KCF_PROV_DISABLED) { 359 desc->pd_state = KCF_PROV_FREED; 360 cv_broadcast(&desc->pd_remove_cv); 361 mutex_exit(&desc->pd_lock); 362 break; 363 } 364 /* FALLTHRU */ 365 366 case CRYPTO_HW_PROVIDER: 367 case CRYPTO_LOGICAL_PROVIDER: 368 mutex_exit(&desc->pd_lock); 369 kcf_free_provider_desc(desc); 370 } 371 } 372 373 /* 374 * Free a provider descriptor. 375 */ 376 void 377 kcf_free_provider_desc(kcf_provider_desc_t *desc) 378 { 379 if (desc == NULL) 380 return; 381 382 mutex_enter(&prov_tab_mutex); 383 if (desc->pd_prov_id != KCF_PROVID_INVALID) { 384 /* release the associated providers table entry */ 385 ASSERT(prov_tab[desc->pd_prov_id] != NULL); 386 prov_tab[desc->pd_prov_id] = NULL; 387 prov_tab_num--; 388 } 389 mutex_exit(&prov_tab_mutex); 390 391 /* free the kernel memory associated with the provider descriptor */ 392 393 if (desc->pd_description != NULL) 394 kmem_free(desc->pd_description, 395 CRYPTO_PROVIDER_DESCR_MAX_LEN + 1); 396 397 if (desc->pd_ops_vector != NULL) { 398 399 if (desc->pd_ops_vector->co_control_ops != NULL) 400 kmem_free(desc->pd_ops_vector->co_control_ops, 401 sizeof (crypto_control_ops_t)); 402 403 if (desc->pd_ops_vector->co_digest_ops != NULL) 404 kmem_free(desc->pd_ops_vector->co_digest_ops, 405 sizeof (crypto_digest_ops_t)); 406 407 if (desc->pd_ops_vector->co_cipher_ops != NULL) 408 kmem_free(desc->pd_ops_vector->co_cipher_ops, 409 sizeof (crypto_cipher_ops_t)); 410 411 if (desc->pd_ops_vector->co_mac_ops != NULL) 412 kmem_free(desc->pd_ops_vector->co_mac_ops, 413 sizeof (crypto_mac_ops_t)); 414 415 if (desc->pd_ops_vector->co_sign_ops != NULL) 416 kmem_free(desc->pd_ops_vector->co_sign_ops, 417 sizeof (crypto_sign_ops_t)); 418 419 if (desc->pd_ops_vector->co_verify_ops != NULL) 420 kmem_free(desc->pd_ops_vector->co_verify_ops, 421 sizeof (crypto_verify_ops_t)); 422 423 if (desc->pd_ops_vector->co_dual_ops != NULL) 424 kmem_free(desc->pd_ops_vector->co_dual_ops, 425 sizeof (crypto_dual_ops_t)); 426 427 if (desc->pd_ops_vector->co_dual_cipher_mac_ops != NULL) 428 kmem_free(desc->pd_ops_vector->co_dual_cipher_mac_ops, 429 sizeof (crypto_dual_cipher_mac_ops_t)); 430 431 if (desc->pd_ops_vector->co_random_ops != NULL) 432 kmem_free(desc->pd_ops_vector->co_random_ops, 433 sizeof (crypto_random_number_ops_t)); 434 435 if (desc->pd_ops_vector->co_session_ops != NULL) 436 kmem_free(desc->pd_ops_vector->co_session_ops, 437 sizeof (crypto_session_ops_t)); 438 439 if (desc->pd_ops_vector->co_object_ops != NULL) 440 kmem_free(desc->pd_ops_vector->co_object_ops, 441 sizeof (crypto_object_ops_t)); 442 443 if (desc->pd_ops_vector->co_key_ops != NULL) 444 kmem_free(desc->pd_ops_vector->co_key_ops, 445 sizeof (crypto_key_ops_t)); 446 447 if (desc->pd_ops_vector->co_provider_ops != NULL) 448 kmem_free(desc->pd_ops_vector->co_provider_ops, 449 sizeof (crypto_provider_management_ops_t)); 450 451 if (desc->pd_ops_vector->co_ctx_ops != NULL) 452 kmem_free(desc->pd_ops_vector->co_ctx_ops, 453 sizeof (crypto_ctx_ops_t)); 454 455 if (desc->pd_ops_vector->co_mech_ops != NULL) 456 kmem_free(desc->pd_ops_vector->co_mech_ops, 457 sizeof (crypto_mech_ops_t)); 458 459 kmem_free(desc->pd_ops_vector, sizeof (crypto_ops_t)); 460 } 461 462 if (desc->pd_mechanisms != NULL) 463 /* free the memory associated with the mechanism info's */ 464 kmem_free(desc->pd_mechanisms, sizeof (crypto_mech_info_t) * 465 desc->pd_mech_list_count); 466 467 if (desc->pd_name != NULL) { 468 kmem_free(desc->pd_name, strlen(desc->pd_name) + 1); 469 } 470 471 if (desc->pd_sched_info.ks_taskq != NULL) 472 taskq_destroy(desc->pd_sched_info.ks_taskq); 473 474 kmem_free(desc, sizeof (kcf_provider_desc_t)); 475 } 476 477 /* 478 * Returns the provider descriptor corresponding to the specified 479 * module name. A REFHOLD is done on the descriptor before it is 480 * returned to the caller. It is the responsibility of the caller 481 * to do a REFRELE once it is done with the provider descriptor. 482 * Only software providers are returned by this function. 483 */ 484 kcf_provider_desc_t * 485 kcf_prov_tab_lookup_by_name(char *module_name) 486 { 487 kcf_provider_desc_t *prov_desc; 488 uint_t i; 489 490 mutex_enter(&prov_tab_mutex); 491 492 for (i = 0; i < KCF_MAX_PROVIDERS; i++) { 493 if ((prov_desc = prov_tab[i]) != NULL && 494 (!KCF_IS_PROV_REMOVED(prov_desc)) && 495 prov_desc->pd_prov_type == CRYPTO_SW_PROVIDER) { 496 ASSERT(prov_desc->pd_name != NULL); 497 if (strncmp(module_name, prov_desc->pd_name, 498 MAXNAMELEN) == 0) { 499 KCF_PROV_REFHOLD(prov_desc); 500 mutex_exit(&prov_tab_mutex); 501 return (prov_desc); 502 } 503 } 504 } 505 506 mutex_exit(&prov_tab_mutex); 507 return (NULL); 508 } 509 510 /* 511 * Returns the provider descriptor corresponding to the specified 512 * device name and instance. A REFHOLD is done on the descriptor 513 * before it is returned to the caller. It is the responsibility 514 * of the caller to do a REFRELE once it is done with the provider 515 * descriptor. Only hardware providers are returned by this function. 516 */ 517 kcf_provider_desc_t * 518 kcf_prov_tab_lookup_by_dev(char *name, uint_t instance) 519 { 520 kcf_provider_desc_t *prov_desc; 521 uint_t i; 522 523 mutex_enter(&prov_tab_mutex); 524 525 for (i = 0; i < KCF_MAX_PROVIDERS; i++) { 526 if ((prov_desc = prov_tab[i]) != NULL && 527 (!KCF_IS_PROV_REMOVED(prov_desc)) && 528 prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER) { 529 ASSERT(prov_desc->pd_name != NULL); 530 if (strncmp(prov_desc->pd_name, name, 531 MAXNAMELEN) == 0 && 532 prov_desc->pd_instance == instance) { 533 KCF_PROV_REFHOLD(prov_desc); 534 mutex_exit(&prov_tab_mutex); 535 return (prov_desc); 536 } 537 } 538 } 539 540 mutex_exit(&prov_tab_mutex); 541 return (NULL); 542 } 543 544 /* 545 * Returns an array of hardware and logical provider descriptors, 546 * a.k.a the PKCS#11 slot list. A REFHOLD is done on each descriptor 547 * before the array is returned. The entire table can be freed by 548 * calling kcf_free_provider_tab(). 549 */ 550 int 551 kcf_get_slot_list(uint_t *count, kcf_provider_desc_t ***array, 552 boolean_t unverified) 553 { 554 kcf_provider_desc_t *prov_desc; 555 kcf_provider_desc_t **p = NULL; 556 char *last; 557 uint_t cnt = 0; 558 uint_t i, j; 559 int rval = CRYPTO_SUCCESS; 560 size_t n, final_size; 561 562 /* count the providers */ 563 mutex_enter(&prov_tab_mutex); 564 for (i = 0; i < KCF_MAX_PROVIDERS; i++) { 565 if ((prov_desc = prov_tab[i]) != NULL && 566 ((prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER && 567 (prov_desc->pd_flags & CRYPTO_HIDE_PROVIDER) == 0) || 568 prov_desc->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)) { 569 if (KCF_IS_PROV_USABLE(prov_desc) || 570 (unverified && KCF_IS_PROV_UNVERIFIED(prov_desc))) { 571 cnt++; 572 } 573 } 574 } 575 mutex_exit(&prov_tab_mutex); 576 577 if (cnt == 0) 578 goto out; 579 580 n = cnt * sizeof (kcf_provider_desc_t *); 581 again: 582 p = kmem_zalloc(n, KM_SLEEP); 583 584 /* pointer to last entry in the array */ 585 last = (char *)&p[cnt-1]; 586 587 mutex_enter(&prov_tab_mutex); 588 /* fill the slot list */ 589 for (i = 0, j = 0; i < KCF_MAX_PROVIDERS; i++) { 590 if ((prov_desc = prov_tab[i]) != NULL && 591 ((prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER && 592 (prov_desc->pd_flags & CRYPTO_HIDE_PROVIDER) == 0) || 593 prov_desc->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)) { 594 if (KCF_IS_PROV_USABLE(prov_desc) || 595 (unverified && KCF_IS_PROV_UNVERIFIED(prov_desc))) { 596 if ((char *)&p[j] > last) { 597 mutex_exit(&prov_tab_mutex); 598 kcf_free_provider_tab(cnt, p); 599 n = n << 1; 600 cnt = cnt << 1; 601 goto again; 602 } 603 p[j++] = prov_desc; 604 KCF_PROV_REFHOLD(prov_desc); 605 } 606 } 607 } 608 mutex_exit(&prov_tab_mutex); 609 610 final_size = j * sizeof (kcf_provider_desc_t *); 611 cnt = j; 612 ASSERT(final_size <= n); 613 614 /* check if buffer we allocated is too large */ 615 if (final_size < n) { 616 char *final_buffer = NULL; 617 618 if (final_size > 0) { 619 final_buffer = kmem_alloc(final_size, KM_SLEEP); 620 bcopy(p, final_buffer, final_size); 621 } 622 kmem_free(p, n); 623 p = (kcf_provider_desc_t **)final_buffer; 624 } 625 out: 626 *count = cnt; 627 *array = p; 628 return (rval); 629 } 630 631 /* 632 * Returns an array of hardware provider descriptors. This routine 633 * used by cryptoadm(1M). A REFHOLD is done on each descriptor before 634 * the array is returned. The entire table can be freed by calling 635 * kcf_free_provider_tab(). 636 * 637 * A NULL name argument puts all hardware providers in the array. 638 * A non-NULL name argument puts only those providers in the array 639 * which match the name and instance arguments. 640 */ 641 int 642 kcf_get_hw_prov_tab(uint_t *count, kcf_provider_desc_t ***array, int kmflag, 643 char *name, uint_t instance, boolean_t unverified) 644 { 645 kcf_provider_desc_t *prov_desc; 646 kcf_provider_desc_t **p = NULL; 647 char *last; 648 uint_t cnt = 0; 649 uint_t i, j; 650 int rval = CRYPTO_SUCCESS; 651 size_t n, final_size; 652 653 /* count the providers */ 654 mutex_enter(&prov_tab_mutex); 655 for (i = 0; i < KCF_MAX_PROVIDERS; i++) { 656 if ((prov_desc = prov_tab[i]) != NULL && 657 prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER) { 658 if (KCF_IS_PROV_USABLE(prov_desc) || 659 (unverified && KCF_IS_PROV_UNVERIFIED(prov_desc))) { 660 if (name == NULL || 661 (strncmp(prov_desc->pd_name, name, 662 MAXNAMELEN) == 0 && 663 prov_desc->pd_instance == instance)) { 664 cnt++; 665 } 666 } 667 } 668 } 669 mutex_exit(&prov_tab_mutex); 670 671 if (cnt == 0) 672 goto out; 673 674 n = cnt * sizeof (kcf_provider_desc_t *); 675 again: 676 p = kmem_zalloc(n, kmflag); 677 if (p == NULL) { 678 rval = CRYPTO_HOST_MEMORY; 679 goto out; 680 } 681 /* pointer to last entry in the array */ 682 last = (char *)&p[cnt-1]; 683 684 mutex_enter(&prov_tab_mutex); 685 for (i = 0, j = 0; i < KCF_MAX_PROVIDERS; i++) { 686 if ((prov_desc = prov_tab[i]) != NULL && 687 prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER) { 688 if (KCF_IS_PROV_USABLE(prov_desc) || 689 (unverified && KCF_IS_PROV_UNVERIFIED(prov_desc))) { 690 if (name == NULL || 691 (strncmp(prov_desc->pd_name, name, 692 MAXNAMELEN) == 0 && 693 prov_desc->pd_instance == instance)) { 694 if ((char *)&p[j] > last) { 695 mutex_exit(&prov_tab_mutex); 696 kcf_free_provider_tab(cnt, p); 697 n = n << 1; 698 cnt = cnt << 1; 699 goto again; 700 } 701 p[j++] = prov_desc; 702 KCF_PROV_REFHOLD(prov_desc); 703 } 704 } 705 } 706 } 707 mutex_exit(&prov_tab_mutex); 708 709 final_size = j * sizeof (kcf_provider_desc_t *); 710 ASSERT(final_size <= n); 711 712 /* check if buffer we allocated is too large */ 713 if (final_size < n) { 714 char *final_buffer = NULL; 715 716 if (final_size > 0) { 717 final_buffer = kmem_alloc(final_size, kmflag); 718 if (final_buffer == NULL) { 719 kcf_free_provider_tab(cnt, p); 720 cnt = 0; 721 p = NULL; 722 rval = CRYPTO_HOST_MEMORY; 723 goto out; 724 } 725 bcopy(p, final_buffer, final_size); 726 } 727 kmem_free(p, n); 728 p = (kcf_provider_desc_t **)final_buffer; 729 } 730 cnt = j; 731 out: 732 *count = cnt; 733 *array = p; 734 return (rval); 735 } 736 737 /* 738 * Free an array of hardware provider descriptors. A REFRELE 739 * is done on each descriptor before the table is freed. 740 */ 741 void 742 kcf_free_provider_tab(uint_t count, kcf_provider_desc_t **array) 743 { 744 kcf_provider_desc_t *prov_desc; 745 int i; 746 747 for (i = 0; i < count; i++) { 748 if ((prov_desc = array[i]) != NULL) { 749 KCF_PROV_REFRELE(prov_desc); 750 } 751 } 752 kmem_free(array, count * sizeof (kcf_provider_desc_t *)); 753 } 754 755 /* 756 * Returns in the location pointed to by pd a pointer to the descriptor 757 * for the software provider for the specified mechanism. 758 * The provider descriptor is returned held and it is the caller's 759 * responsibility to release it when done. 760 * 761 * Returns one of the CRYPTO_ * error codes on failure, and 762 * CRYPTO_SUCCESS on success. 763 */ 764 int 765 kcf_get_sw_prov(crypto_mech_type_t mech_type, kcf_provider_desc_t **pd, 766 boolean_t log_warn) 767 { 768 kcf_mech_entry_t *me; 769 770 /* get the mechanism entry for this mechanism */ 771 if (kcf_get_mech_entry(mech_type, &me) != KCF_SUCCESS) 772 return (CRYPTO_MECHANISM_INVALID); 773 774 /* get a software provider for this mechanism */ 775 mutex_enter(&me->me_mutex); 776 777 if (me->me_sw_prov == NULL) { 778 /* no SW provider for this mechanism */ 779 if (log_warn) 780 cmn_err(CE_WARN, "no SW provider for \"%s\"\n", 781 me->me_name); 782 mutex_exit(&me->me_mutex); 783 return (CRYPTO_MECH_NOT_SUPPORTED); 784 } 785 786 *pd = me->me_sw_prov->pm_prov_desc; 787 KCF_PROV_REFHOLD(*pd); 788 mutex_exit(&me->me_mutex); 789 790 return (CRYPTO_SUCCESS); 791 } 792 793 #if DEBUG 794 795 static void 796 kcf_prov_tab_dump(void) 797 { 798 uint_t i; 799 800 mutex_enter(&prov_tab_mutex); 801 802 printf("Providers table:\n"); 803 for (i = 0; i < KCF_MAX_PROVIDERS; i++) { 804 if (prov_tab[i] != NULL) { 805 printf("[%d]: (%s) %s\n", 806 i, (prov_tab[i]->pd_prov_type == 807 CRYPTO_HW_PROVIDER) ? "HW" : "SW", 808 prov_tab[i]->pd_description); 809 } 810 } 811 printf("(end of providers table)\n"); 812 813 mutex_exit(&prov_tab_mutex); 814 } 815 816 #endif /* DEBUG */ 817 818 /* 819 * This function goes through the provider table and verifies 820 * any unverified providers. 821 * 822 * This is called when kcfd is up and the door handle is ready. 823 */ 824 void 825 verify_unverified_providers() 826 { 827 int i, rv; 828 kcf_provider_desc_t *pd; 829 boolean_t need_verify; 830 831 ASSERT(kcf_dh != NULL); 832 mutex_enter(&prov_tab_mutex); 833 834 for (i = 0; i < KCF_MAX_PROVIDERS; i++) { 835 if ((pd = prov_tab[i]) == NULL) 836 continue; 837 838 if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 839 continue; 840 841 mutex_enter(&pd->pd_lock); 842 need_verify = pd->pd_state == KCF_PROV_UNVERIFIED; 843 mutex_exit(&pd->pd_lock); 844 845 if (!need_verify) 846 continue; 847 848 if ((rv = kcf_verify_signature(pd)) == 849 CRYPTO_MODVERIFICATION_FAILED) { 850 /* 851 * We need to drop this lock, since it is 852 * acquired by crypto_unregister_provider(). 853 * This is safe, as any providers that are 854 * added to the table after we dropped the 855 * lock *will see* a non NULL 856 * kcf_dh and hence would have been 857 * verified already. 858 */ 859 mutex_exit(&prov_tab_mutex); 860 (void) crypto_unregister_provider(pd->pd_prov_id); 861 mutex_enter(&prov_tab_mutex); 862 } else { 863 /* 864 * We are in the context of the kcfd thread doing 865 * the CRYPTO_LOAD_DOOR ioctl. So, we have a valid 866 * door handle and should not get -1 (unverified). 867 */ 868 ASSERT(rv == 0); 869 mutex_enter(&pd->pd_lock); 870 pd->pd_state = KCF_PROV_READY; 871 mutex_exit(&pd->pd_lock); 872 } 873 } 874 875 mutex_exit(&prov_tab_mutex); 876 } 877