xref: /illumos-gate/usr/src/uts/common/crypto/spi/kcf_spi.c (revision 07a48826732249fcd3aa8dd53c8389595e9f1fbc)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*
27  * This file is part of the core Kernel Cryptographic Framework.
28  * It implements the SPI functions exported to cryptographic
29  * providers.
30  */
31 
32 #include <sys/ksynch.h>
33 #include <sys/cmn_err.h>
34 #include <sys/ddi.h>
35 #include <sys/sunddi.h>
36 #include <sys/modctl.h>
37 #include <sys/crypto/common.h>
38 #include <sys/crypto/impl.h>
39 #include <sys/crypto/sched_impl.h>
40 #include <sys/crypto/spi.h>
41 #include <sys/taskq.h>
42 #include <sys/disp.h>
43 #include <sys/kstat.h>
44 #include <sys/policy.h>
45 #include <sys/cpuvar.h>
46 
47 /*
48  * minalloc and maxalloc values to be used for taskq_create().
49  */
50 int crypto_taskq_threads = CRYPTO_TASKQ_THREADS;
51 int crypto_taskq_minalloc = CYRPTO_TASKQ_MIN;
52 int crypto_taskq_maxalloc = CRYPTO_TASKQ_MAX;
53 
54 static void remove_provider(kcf_provider_desc_t *);
55 static void process_logical_providers(crypto_provider_info_t *,
56     kcf_provider_desc_t *);
57 static int init_prov_mechs(crypto_provider_info_t *, kcf_provider_desc_t *);
58 static int kcf_prov_kstat_update(kstat_t *, int);
59 static void undo_register_provider_extra(kcf_provider_desc_t *);
60 static void delete_kstat(kcf_provider_desc_t *);
61 
62 static kcf_prov_stats_t kcf_stats_ks_data_template = {
63 	{ "kcf_ops_total",		KSTAT_DATA_UINT64 },
64 	{ "kcf_ops_passed",		KSTAT_DATA_UINT64 },
65 	{ "kcf_ops_failed",		KSTAT_DATA_UINT64 },
66 	{ "kcf_ops_returned_busy",	KSTAT_DATA_UINT64 }
67 };
68 
69 #define	KCF_SPI_COPY_OPS(src, dst, ops) if ((src)->ops != NULL) \
70 	*((dst)->ops) = *((src)->ops);
71 
72 /*
73  * Copy an ops vector from src to dst. Used during provider registration
74  * to copy the ops vector from the provider info structure to the
75  * provider descriptor maintained by KCF.
76  * Copying the ops vector specified by the provider is needed since the
77  * framework does not require the provider info structure to be
78  * persistent.
79  */
80 static void
81 copy_ops_vector_v1(crypto_ops_t *src_ops, crypto_ops_t *dst_ops)
82 {
83 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_control_ops);
84 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_digest_ops);
85 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_cipher_ops);
86 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_mac_ops);
87 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_sign_ops);
88 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_verify_ops);
89 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_dual_ops);
90 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_dual_cipher_mac_ops);
91 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_random_ops);
92 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_session_ops);
93 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_object_ops);
94 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_key_ops);
95 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_provider_ops);
96 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_ctx_ops);
97 }
98 
99 static void
100 copy_ops_vector_v2(crypto_ops_t *src_ops, crypto_ops_t *dst_ops)
101 {
102 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_mech_ops);
103 }
104 
105 static void
106 copy_ops_vector_v3(crypto_ops_t *src_ops, crypto_ops_t *dst_ops)
107 {
108 	KCF_SPI_COPY_OPS(src_ops, dst_ops, co_nostore_key_ops);
109 }
110 
111 /*
112  * This routine is used to add cryptographic providers to the KEF framework.
113  * Providers pass a crypto_provider_info structure to crypto_register_provider()
114  * and get back a handle.  The crypto_provider_info structure contains a
115  * list of mechanisms supported by the provider and an ops vector containing
116  * provider entry points.  Hardware providers call this routine in their attach
117  * routines.  Software providers call this routine in their _init() routine.
118  */
119 int
120 crypto_register_provider(crypto_provider_info_t *info,
121     crypto_kcf_provider_handle_t *handle)
122 {
123 	int need_verify;
124 	struct modctl *mcp;
125 	char *name;
126 	char ks_name[KSTAT_STRLEN];
127 
128 	kcf_provider_desc_t *prov_desc = NULL;
129 	int ret = CRYPTO_ARGUMENTS_BAD;
130 
131 	if (info->pi_interface_version > CRYPTO_SPI_VERSION_3)
132 		return (CRYPTO_VERSION_MISMATCH);
133 
134 	/*
135 	 * Check provider type, must be software, hardware, or logical.
136 	 */
137 	if (info->pi_provider_type != CRYPTO_HW_PROVIDER &&
138 	    info->pi_provider_type != CRYPTO_SW_PROVIDER &&
139 	    info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER)
140 		return (CRYPTO_ARGUMENTS_BAD);
141 
142 	/*
143 	 * Allocate and initialize a new provider descriptor. We also
144 	 * hold it and release it when done.
145 	 */
146 	prov_desc = kcf_alloc_provider_desc(info);
147 	KCF_PROV_REFHOLD(prov_desc);
148 
149 	prov_desc->pd_prov_type = info->pi_provider_type;
150 
151 	/* provider-private handle, opaque to KCF */
152 	prov_desc->pd_prov_handle = info->pi_provider_handle;
153 
154 	/* copy provider description string */
155 	if (info->pi_provider_description != NULL) {
156 		/*
157 		 * pi_provider_descriptor is a string that can contain
158 		 * up to CRYPTO_PROVIDER_DESCR_MAX_LEN + 1 characters
159 		 * INCLUDING the terminating null character. A bcopy()
160 		 * is necessary here as pd_description should not have
161 		 * a null character. See comments in kcf_alloc_provider_desc()
162 		 * for details on pd_description field.
163 		 */
164 		bcopy(info->pi_provider_description, prov_desc->pd_description,
165 		    min(strlen(info->pi_provider_description),
166 		    CRYPTO_PROVIDER_DESCR_MAX_LEN));
167 	}
168 
169 	if (info->pi_provider_type != CRYPTO_LOGICAL_PROVIDER) {
170 		if (info->pi_ops_vector == NULL) {
171 			goto bail;
172 		}
173 		copy_ops_vector_v1(info->pi_ops_vector,
174 		    prov_desc->pd_ops_vector);
175 		if (info->pi_interface_version >= CRYPTO_SPI_VERSION_2) {
176 			copy_ops_vector_v2(info->pi_ops_vector,
177 			    prov_desc->pd_ops_vector);
178 			prov_desc->pd_flags = info->pi_flags;
179 		}
180 		if (info->pi_interface_version == CRYPTO_SPI_VERSION_3) {
181 			copy_ops_vector_v3(info->pi_ops_vector,
182 			    prov_desc->pd_ops_vector);
183 		}
184 	}
185 
186 	/* object_ops and nostore_key_ops are mutually exclusive */
187 	if (prov_desc->pd_ops_vector->co_object_ops &&
188 	    prov_desc->pd_ops_vector->co_nostore_key_ops) {
189 		goto bail;
190 	}
191 	/*
192 	 * For software providers, copy the module name and module ID.
193 	 * For hardware providers, copy the driver name and instance.
194 	 */
195 	switch (info->pi_provider_type) {
196 	case  CRYPTO_SW_PROVIDER:
197 		if (info->pi_provider_dev.pd_sw == NULL)
198 			goto bail;
199 
200 		if ((mcp = mod_getctl(info->pi_provider_dev.pd_sw)) == NULL)
201 			goto bail;
202 
203 		prov_desc->pd_module_id = mcp->mod_id;
204 		name = mcp->mod_modname;
205 		break;
206 
207 	case CRYPTO_HW_PROVIDER:
208 	case CRYPTO_LOGICAL_PROVIDER:
209 		if (info->pi_provider_dev.pd_hw == NULL)
210 			goto bail;
211 
212 		prov_desc->pd_instance =
213 		    ddi_get_instance(info->pi_provider_dev.pd_hw);
214 		name = (char *)ddi_driver_name(info->pi_provider_dev.pd_hw);
215 		break;
216 	}
217 	if (name == NULL)
218 		goto bail;
219 
220 	prov_desc->pd_name = kmem_alloc(strlen(name) + 1, KM_SLEEP);
221 	(void) strcpy(prov_desc->pd_name, name);
222 
223 	if ((prov_desc->pd_mctlp = kcf_get_modctl(info)) == NULL)
224 		goto bail;
225 
226 	/* process the mechanisms supported by the provider */
227 	if ((ret = init_prov_mechs(info, prov_desc)) != CRYPTO_SUCCESS)
228 		goto bail;
229 
230 	/*
231 	 * Add provider to providers tables, also sets the descriptor
232 	 * pd_prov_id field.
233 	 */
234 	if ((ret = kcf_prov_tab_add_provider(prov_desc)) != CRYPTO_SUCCESS) {
235 		undo_register_provider(prov_desc, B_FALSE);
236 		goto bail;
237 	}
238 
239 	if ((need_verify = kcf_need_signature_verification(prov_desc)) == -1) {
240 		undo_register_provider(prov_desc, B_TRUE);
241 		ret = CRYPTO_MODVERIFICATION_FAILED;
242 		goto bail;
243 	}
244 
245 	/*
246 	 * We create a taskq only for a hardware provider. The global
247 	 * software queue is used for software providers. We handle ordering
248 	 * of multi-part requests in the taskq routine. So, it is safe to
249 	 * have multiple threads for the taskq. We pass TASKQ_PREPOPULATE flag
250 	 * to keep some entries cached to improve performance.
251 	 */
252 	if (prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER)
253 		prov_desc->pd_taskq = taskq_create("kcf_taskq",
254 		    crypto_taskq_threads, minclsyspri,
255 		    crypto_taskq_minalloc, crypto_taskq_maxalloc,
256 		    TASKQ_PREPOPULATE);
257 	else
258 		prov_desc->pd_taskq = NULL;
259 
260 	/* no kernel session to logical providers */
261 	if (prov_desc->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) {
262 		/*
263 		 * Open a session for session-oriented providers. This session
264 		 * is used for all kernel consumers. This is fine as a provider
265 		 * is required to support multiple thread access to a session.
266 		 * We can do this only after the taskq has been created as we
267 		 * do a kcf_submit_request() to open the session.
268 		 */
269 		if (KCF_PROV_SESSION_OPS(prov_desc) != NULL) {
270 			kcf_req_params_t params;
271 
272 			KCF_WRAP_SESSION_OPS_PARAMS(&params,
273 			    KCF_OP_SESSION_OPEN, &prov_desc->pd_sid, 0,
274 			    CRYPTO_USER, NULL, 0, prov_desc);
275 			ret = kcf_submit_request(prov_desc, NULL, NULL, &params,
276 			    B_FALSE);
277 
278 			if (ret != CRYPTO_SUCCESS) {
279 				undo_register_provider(prov_desc, B_TRUE);
280 				ret = CRYPTO_FAILED;
281 				goto bail;
282 			}
283 		}
284 	}
285 
286 	if (prov_desc->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) {
287 		/*
288 		 * Create the kstat for this provider. There is a kstat
289 		 * installed for each successfully registered provider.
290 		 * This kstat is deleted, when the provider unregisters.
291 		 */
292 		if (prov_desc->pd_prov_type == CRYPTO_SW_PROVIDER) {
293 			(void) snprintf(ks_name, KSTAT_STRLEN, "%s_%s",
294 			    prov_desc->pd_name, "provider_stats");
295 		} else {
296 			(void) snprintf(ks_name, KSTAT_STRLEN, "%s_%d_%u_%s",
297 			    prov_desc->pd_name, prov_desc->pd_instance,
298 			    prov_desc->pd_prov_id, "provider_stats");
299 		}
300 
301 		prov_desc->pd_kstat = kstat_create("kcf", 0, ks_name, "crypto",
302 		    KSTAT_TYPE_NAMED, sizeof (kcf_prov_stats_t) /
303 		    sizeof (kstat_named_t), KSTAT_FLAG_VIRTUAL);
304 
305 		if (prov_desc->pd_kstat != NULL) {
306 			bcopy(&kcf_stats_ks_data_template,
307 			    &prov_desc->pd_ks_data,
308 			    sizeof (kcf_stats_ks_data_template));
309 			prov_desc->pd_kstat->ks_data = &prov_desc->pd_ks_data;
310 			KCF_PROV_REFHOLD(prov_desc);
311 			prov_desc->pd_kstat->ks_private = prov_desc;
312 			prov_desc->pd_kstat->ks_update = kcf_prov_kstat_update;
313 			kstat_install(prov_desc->pd_kstat);
314 		}
315 	}
316 
317 	if (prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER)
318 		process_logical_providers(info, prov_desc);
319 
320 	if (need_verify == 1) {
321 		/* kcf_verify_signature routine will release this hold */
322 		KCF_PROV_REFHOLD(prov_desc);
323 
324 		if (prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER) {
325 			/*
326 			 * It is not safe to make the door upcall to kcfd from
327 			 * this context since the kcfd thread could reenter
328 			 * devfs. So, we dispatch a taskq job to do the
329 			 * verification and return to the provider.
330 			 */
331 			(void) taskq_dispatch(system_taskq,
332 			    kcf_verify_signature, (void *)prov_desc, TQ_SLEEP);
333 		} else if (prov_desc->pd_prov_type == CRYPTO_SW_PROVIDER) {
334 			kcf_verify_signature(prov_desc);
335 			if (prov_desc->pd_state ==
336 			    KCF_PROV_VERIFICATION_FAILED) {
337 				undo_register_provider_extra(prov_desc);
338 				ret = CRYPTO_MODVERIFICATION_FAILED;
339 				goto bail;
340 			}
341 		}
342 	} else {
343 		mutex_enter(&prov_desc->pd_lock);
344 		prov_desc->pd_state = KCF_PROV_READY;
345 		mutex_exit(&prov_desc->pd_lock);
346 		kcf_do_notify(prov_desc, B_TRUE);
347 	}
348 
349 	*handle = prov_desc->pd_kcf_prov_handle;
350 	ret = CRYPTO_SUCCESS;
351 
352 bail:
353 	KCF_PROV_REFRELE(prov_desc);
354 	return (ret);
355 }
356 
357 /* Return the number of holds on a provider. */
358 int
359 kcf_get_refcnt(kcf_provider_desc_t *pd, boolean_t do_lock)
360 {
361 	int i;
362 	int refcnt = 0;
363 
364 	if (do_lock)
365 		for (i = 0; i < pd->pd_nbins; i++)
366 			mutex_enter(&(pd->pd_percpu_bins[i].kp_lock));
367 
368 	for (i = 0; i < pd->pd_nbins; i++)
369 		refcnt += pd->pd_percpu_bins[i].kp_holdcnt;
370 
371 	if (do_lock)
372 		for (i = 0; i < pd->pd_nbins; i++)
373 			mutex_exit(&(pd->pd_percpu_bins[i].kp_lock));
374 
375 	return (refcnt);
376 }
377 
378 /*
379  * This routine is used to notify the framework when a provider is being
380  * removed.  Hardware providers call this routine in their detach routines.
381  * Software providers call this routine in their _fini() routine.
382  */
383 int
384 crypto_unregister_provider(crypto_kcf_provider_handle_t handle)
385 {
386 	uint_t mech_idx;
387 	kcf_provider_desc_t *desc;
388 	kcf_prov_state_t saved_state;
389 
390 	/* lookup provider descriptor */
391 	if ((desc = kcf_prov_tab_lookup((crypto_provider_id_t)handle)) == NULL)
392 		return (CRYPTO_UNKNOWN_PROVIDER);
393 
394 	mutex_enter(&desc->pd_lock);
395 	/*
396 	 * Check if any other thread is disabling or removing
397 	 * this provider. We return if this is the case.
398 	 */
399 	if (desc->pd_state >= KCF_PROV_DISABLED) {
400 		mutex_exit(&desc->pd_lock);
401 		/* Release reference held by kcf_prov_tab_lookup(). */
402 		KCF_PROV_REFRELE(desc);
403 		return (CRYPTO_BUSY);
404 	}
405 
406 	saved_state = desc->pd_state;
407 	desc->pd_state = KCF_PROV_UNREGISTERING;
408 
409 	if (saved_state == KCF_PROV_BUSY) {
410 		/*
411 		 * The per-provider taskq threads may be waiting. We
412 		 * signal them so that they can start failing requests.
413 		 */
414 		cv_broadcast(&desc->pd_resume_cv);
415 	}
416 
417 	mutex_exit(&desc->pd_lock);
418 
419 	if (desc->pd_prov_type != CRYPTO_SW_PROVIDER) {
420 		remove_provider(desc);
421 	}
422 
423 	if (desc->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) {
424 		/* remove the provider from the mechanisms tables */
425 		for (mech_idx = 0; mech_idx < desc->pd_mech_list_count;
426 		    mech_idx++) {
427 			kcf_remove_mech_provider(
428 			    desc->pd_mechanisms[mech_idx].cm_mech_name, desc);
429 		}
430 	}
431 
432 	/* remove provider from providers table */
433 	if (kcf_prov_tab_rem_provider((crypto_provider_id_t)handle) !=
434 	    CRYPTO_SUCCESS) {
435 		/* Release reference held by kcf_prov_tab_lookup(). */
436 		KCF_PROV_REFRELE(desc);
437 		return (CRYPTO_UNKNOWN_PROVIDER);
438 	}
439 
440 	delete_kstat(desc);
441 
442 	if (desc->pd_prov_type == CRYPTO_SW_PROVIDER) {
443 		/*
444 		 * Wait till the existing requests with the provider complete
445 		 * and all the holds are released. All the holds on a software
446 		 * provider are from kernel clients and the hold time
447 		 * is expected to be short. So, we won't be stuck here forever.
448 		 */
449 		while (kcf_get_refcnt(desc, B_TRUE) > 1) {
450 			/* wait 1 second and try again. */
451 			delay(1 * drv_usectohz(1000000));
452 		}
453 	} else {
454 		int i;
455 		kcf_prov_cpu_t *mp;
456 
457 		/*
458 		 * Wait until requests that have been sent to the provider
459 		 * complete.
460 		 */
461 		for (i = 0; i < desc->pd_nbins; i++) {
462 			mp = &(desc->pd_percpu_bins[i]);
463 
464 			mutex_enter(&mp->kp_lock);
465 			while (mp->kp_jobcnt > 0) {
466 				cv_wait(&mp->kp_cv, &mp->kp_lock);
467 			}
468 			mutex_exit(&mp->kp_lock);
469 		}
470 	}
471 
472 	mutex_enter(&desc->pd_lock);
473 	desc->pd_state = KCF_PROV_UNREGISTERED;
474 	mutex_exit(&desc->pd_lock);
475 
476 	kcf_do_notify(desc, B_FALSE);
477 
478 	mutex_enter(&prov_tab_mutex);
479 	/* Release reference held by kcf_prov_tab_lookup(). */
480 	KCF_PROV_REFRELE(desc);
481 
482 	if (kcf_get_refcnt(desc, B_TRUE) == 0) {
483 		/* kcf_free_provider_desc drops prov_tab_mutex */
484 		kcf_free_provider_desc(desc);
485 	} else {
486 		ASSERT(desc->pd_prov_type != CRYPTO_SW_PROVIDER);
487 		/*
488 		 * We could avoid this if /dev/crypto can proactively
489 		 * remove any holds on us from a dormant PKCS #11 app.
490 		 * For now, we check the provider table for
491 		 * KCF_PROV_UNREGISTERED entries when a provider is
492 		 * added to the table or when a provider is removed from it
493 		 * and free them when refcnt reaches zero.
494 		 */
495 		kcf_need_provtab_walk = B_TRUE;
496 		mutex_exit(&prov_tab_mutex);
497 	}
498 
499 	return (CRYPTO_SUCCESS);
500 }
501 
502 /*
503  * This routine is used to notify the framework that the state of
504  * a cryptographic provider has changed. Valid state codes are:
505  *
506  * CRYPTO_PROVIDER_READY
507  * 	The provider indicates that it can process more requests. A provider
508  *	will notify with this event if it previously has notified us with a
509  *	CRYPTO_PROVIDER_BUSY.
510  *
511  * CRYPTO_PROVIDER_BUSY
512  * 	The provider can not take more requests.
513  *
514  * CRYPTO_PROVIDER_FAILED
515  *	The provider encountered an internal error. The framework will not
516  * 	be sending any more requests to the provider. The provider may notify
517  *	with a CRYPTO_PROVIDER_READY, if it is able to recover from the error.
518  *
519  * This routine can be called from user or interrupt context.
520  */
521 void
522 crypto_provider_notification(crypto_kcf_provider_handle_t handle, uint_t state)
523 {
524 	kcf_provider_desc_t *pd;
525 
526 	/* lookup the provider from the given handle */
527 	if ((pd = kcf_prov_tab_lookup((crypto_provider_id_t)handle)) == NULL)
528 		return;
529 
530 	mutex_enter(&pd->pd_lock);
531 
532 	if (pd->pd_state <= KCF_PROV_VERIFICATION_FAILED)
533 		goto out;
534 
535 	if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) {
536 		cmn_err(CE_WARN, "crypto_provider_notification: "
537 		    "logical provider (%x) ignored\n", handle);
538 		goto out;
539 	}
540 	switch (state) {
541 	case CRYPTO_PROVIDER_READY:
542 		switch (pd->pd_state) {
543 		case KCF_PROV_BUSY:
544 			pd->pd_state = KCF_PROV_READY;
545 			/*
546 			 * Signal the per-provider taskq threads that they
547 			 * can start submitting requests.
548 			 */
549 			cv_broadcast(&pd->pd_resume_cv);
550 			break;
551 
552 		case KCF_PROV_FAILED:
553 			/*
554 			 * The provider recovered from the error. Let us
555 			 * use it now.
556 			 */
557 			pd->pd_state = KCF_PROV_READY;
558 			break;
559 		}
560 		break;
561 
562 	case CRYPTO_PROVIDER_BUSY:
563 		switch (pd->pd_state) {
564 		case KCF_PROV_READY:
565 			pd->pd_state = KCF_PROV_BUSY;
566 			break;
567 		}
568 		break;
569 
570 	case CRYPTO_PROVIDER_FAILED:
571 		/*
572 		 * We note the failure and return. The per-provider taskq
573 		 * threads check this flag and start failing the
574 		 * requests, if it is set. See process_req_hwp() for details.
575 		 */
576 		switch (pd->pd_state) {
577 		case KCF_PROV_READY:
578 			pd->pd_state = KCF_PROV_FAILED;
579 			break;
580 
581 		case KCF_PROV_BUSY:
582 			pd->pd_state = KCF_PROV_FAILED;
583 			/*
584 			 * The per-provider taskq threads may be waiting. We
585 			 * signal them so that they can start failing requests.
586 			 */
587 			cv_broadcast(&pd->pd_resume_cv);
588 			break;
589 		}
590 		break;
591 	}
592 out:
593 	mutex_exit(&pd->pd_lock);
594 	KCF_PROV_REFRELE(pd);
595 }
596 
597 /*
598  * This routine is used to notify the framework the result of
599  * an asynchronous request handled by a provider. Valid error
600  * codes are the same as the CRYPTO_* errors defined in common.h.
601  *
602  * This routine can be called from user or interrupt context.
603  */
604 void
605 crypto_op_notification(crypto_req_handle_t handle, int error)
606 {
607 	kcf_call_type_t ctype;
608 
609 	if (handle == NULL)
610 		return;
611 
612 	if ((ctype = GET_REQ_TYPE(handle)) == CRYPTO_SYNCH) {
613 		kcf_sreq_node_t *sreq = (kcf_sreq_node_t *)handle;
614 
615 		KCF_PROV_JOB_RELE_STAT(sreq->sn_mp, (error != CRYPTO_SUCCESS));
616 		kcf_sop_done(sreq, error);
617 	} else {
618 		kcf_areq_node_t *areq = (kcf_areq_node_t *)handle;
619 
620 		ASSERT(ctype == CRYPTO_ASYNCH);
621 		KCF_PROV_JOB_RELE_STAT(areq->an_mp, (error != CRYPTO_SUCCESS));
622 		kcf_aop_done(areq, error);
623 	}
624 }
625 
626 /*
627  * This routine is used by software providers to determine
628  * whether to use KM_SLEEP or KM_NOSLEEP during memory allocation.
629  * Note that hardware providers can always use KM_SLEEP. So,
630  * they do not need to call this routine.
631  *
632  * This routine can be called from user or interrupt context.
633  */
634 int
635 crypto_kmflag(crypto_req_handle_t handle)
636 {
637 	return (REQHNDL2_KMFLAG(handle));
638 }
639 
640 /*
641  * Process the mechanism info structures specified by the provider
642  * during registration. A NULL crypto_provider_info_t indicates
643  * an already initialized provider descriptor.
644  *
645  * Mechanisms are not added to the kernel's mechanism table if the
646  * provider is a logical provider.
647  *
648  * Returns CRYPTO_SUCCESS on success, CRYPTO_ARGUMENTS if one
649  * of the specified mechanisms was malformed, or CRYPTO_HOST_MEMORY
650  * if the table of mechanisms is full.
651  */
652 static int
653 init_prov_mechs(crypto_provider_info_t *info, kcf_provider_desc_t *desc)
654 {
655 	uint_t mech_idx;
656 	uint_t cleanup_idx;
657 	int err = CRYPTO_SUCCESS;
658 	kcf_prov_mech_desc_t *pmd;
659 	int desc_use_count = 0;
660 	int mcount = desc->pd_mech_list_count;
661 
662 	if (desc->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) {
663 		if (info != NULL) {
664 			ASSERT(info->pi_mechanisms != NULL);
665 			bcopy(info->pi_mechanisms, desc->pd_mechanisms,
666 			    sizeof (crypto_mech_info_t) * mcount);
667 		}
668 		return (CRYPTO_SUCCESS);
669 	}
670 
671 	/*
672 	 * Copy the mechanism list from the provider info to the provider
673 	 * descriptor. desc->pd_mechanisms has an extra crypto_mech_info_t
674 	 * element if the provider has random_ops since we keep an internal
675 	 * mechanism, SUN_RANDOM, in this case.
676 	 */
677 	if (info != NULL) {
678 		if (info->pi_ops_vector->co_random_ops != NULL) {
679 			crypto_mech_info_t *rand_mi;
680 
681 			/*
682 			 * Need the following check as it is possible to have
683 			 * a provider that implements just random_ops and has
684 			 * pi_mechanisms == NULL.
685 			 */
686 			if (info->pi_mechanisms != NULL) {
687 				bcopy(info->pi_mechanisms, desc->pd_mechanisms,
688 				    sizeof (crypto_mech_info_t) * (mcount - 1));
689 			}
690 			rand_mi = &desc->pd_mechanisms[mcount - 1];
691 
692 			bzero(rand_mi, sizeof (crypto_mech_info_t));
693 			(void) strncpy(rand_mi->cm_mech_name, SUN_RANDOM,
694 			    CRYPTO_MAX_MECH_NAME);
695 			rand_mi->cm_func_group_mask = CRYPTO_FG_RANDOM;
696 		} else {
697 			ASSERT(info->pi_mechanisms != NULL);
698 			bcopy(info->pi_mechanisms, desc->pd_mechanisms,
699 			    sizeof (crypto_mech_info_t) * mcount);
700 		}
701 	}
702 
703 	/*
704 	 * For each mechanism support by the provider, add the provider
705 	 * to the corresponding KCF mechanism mech_entry chain.
706 	 */
707 	for (mech_idx = 0; mech_idx < desc->pd_mech_list_count; mech_idx++) {
708 		crypto_mech_info_t *mi = &desc->pd_mechanisms[mech_idx];
709 
710 		if ((mi->cm_mech_flags & CRYPTO_KEYSIZE_UNIT_IN_BITS) &&
711 		    (mi->cm_mech_flags & CRYPTO_KEYSIZE_UNIT_IN_BYTES)) {
712 			err = CRYPTO_ARGUMENTS_BAD;
713 			break;
714 		}
715 
716 		if (desc->pd_flags & CRYPTO_HASH_NO_UPDATE &&
717 		    mi->cm_func_group_mask & CRYPTO_FG_DIGEST) {
718 			/*
719 			 * We ask the provider to specify the limit
720 			 * per hash mechanism. But, in practice, a
721 			 * hardware limitation means all hash mechanisms
722 			 * will have the same maximum size allowed for
723 			 * input data. So, we make it a per provider
724 			 * limit to keep it simple.
725 			 */
726 			if (mi->cm_max_input_length == 0) {
727 				err = CRYPTO_ARGUMENTS_BAD;
728 				break;
729 			} else {
730 				desc->pd_hash_limit = mi->cm_max_input_length;
731 			}
732 		}
733 
734 		if ((err = kcf_add_mech_provider(mech_idx, desc, &pmd)) !=
735 		    KCF_SUCCESS)
736 			break;
737 
738 		if (pmd == NULL)
739 			continue;
740 
741 		/* The provider will be used for this mechanism */
742 		desc_use_count++;
743 	}
744 
745 	/*
746 	 * Don't allow multiple software providers with disabled mechanisms
747 	 * to register. Subsequent enabling of mechanisms will result in
748 	 * an unsupported configuration, i.e. multiple software providers
749 	 * per mechanism.
750 	 */
751 	if (desc_use_count == 0 && desc->pd_prov_type == CRYPTO_SW_PROVIDER)
752 		return (CRYPTO_ARGUMENTS_BAD);
753 
754 	if (err == KCF_SUCCESS)
755 		return (CRYPTO_SUCCESS);
756 
757 	/*
758 	 * An error occurred while adding the mechanism, cleanup
759 	 * and bail.
760 	 */
761 	for (cleanup_idx = 0; cleanup_idx < mech_idx; cleanup_idx++) {
762 		kcf_remove_mech_provider(
763 		    desc->pd_mechanisms[cleanup_idx].cm_mech_name, desc);
764 	}
765 
766 	if (err == KCF_MECH_TAB_FULL)
767 		return (CRYPTO_HOST_MEMORY);
768 
769 	return (CRYPTO_ARGUMENTS_BAD);
770 }
771 
772 /*
773  * Update routine for kstat. Only privileged users are allowed to
774  * access this information, since this information is sensitive.
775  * There are some cryptographic attacks (e.g. traffic analysis)
776  * which can use this information.
777  */
778 static int
779 kcf_prov_kstat_update(kstat_t *ksp, int rw)
780 {
781 	kcf_prov_stats_t *ks_data;
782 	kcf_provider_desc_t *pd = (kcf_provider_desc_t *)ksp->ks_private;
783 	int i;
784 
785 	if (rw == KSTAT_WRITE)
786 		return (EACCES);
787 
788 	ks_data = ksp->ks_data;
789 
790 	if (secpolicy_sys_config(CRED(), B_TRUE) != 0) {
791 		ks_data->ps_ops_total.value.ui64 = 0;
792 		ks_data->ps_ops_passed.value.ui64 = 0;
793 		ks_data->ps_ops_failed.value.ui64 = 0;
794 		ks_data->ps_ops_busy_rval.value.ui64 = 0;
795 	} else {
796 		uint64_t dtotal, ftotal, btotal;
797 
798 		dtotal = ftotal = btotal = 0;
799 		/* No locking done since an exact count is not required. */
800 		for (i = 0; i < pd->pd_nbins; i++) {
801 			dtotal += pd->pd_percpu_bins[i].kp_ndispatches;
802 			ftotal += pd->pd_percpu_bins[i].kp_nfails;
803 			btotal += pd->pd_percpu_bins[i].kp_nbusy_rval;
804 		}
805 
806 		ks_data->ps_ops_total.value.ui64 = dtotal;
807 		ks_data->ps_ops_failed.value.ui64 = ftotal;
808 		ks_data->ps_ops_busy_rval.value.ui64 = btotal;
809 		ks_data->ps_ops_passed.value.ui64 = dtotal - ftotal - btotal;
810 	}
811 
812 	return (0);
813 }
814 
815 
816 /*
817  * Utility routine called from failure paths in crypto_register_provider()
818  * and from crypto_load_soft_disabled().
819  */
820 void
821 undo_register_provider(kcf_provider_desc_t *desc, boolean_t remove_prov)
822 {
823 	uint_t mech_idx;
824 
825 	/* remove the provider from the mechanisms tables */
826 	for (mech_idx = 0; mech_idx < desc->pd_mech_list_count;
827 	    mech_idx++) {
828 		kcf_remove_mech_provider(
829 		    desc->pd_mechanisms[mech_idx].cm_mech_name, desc);
830 	}
831 
832 	/* remove provider from providers table */
833 	if (remove_prov)
834 		(void) kcf_prov_tab_rem_provider(desc->pd_prov_id);
835 }
836 
837 static void
838 undo_register_provider_extra(kcf_provider_desc_t *desc)
839 {
840 	delete_kstat(desc);
841 	undo_register_provider(desc, B_TRUE);
842 }
843 
844 /*
845  * Utility routine called from crypto_load_soft_disabled(). Callers
846  * should have done a prior undo_register_provider().
847  */
848 void
849 redo_register_provider(kcf_provider_desc_t *pd)
850 {
851 	/* process the mechanisms supported by the provider */
852 	(void) init_prov_mechs(NULL, pd);
853 
854 	/*
855 	 * Hold provider in providers table. We should not call
856 	 * kcf_prov_tab_add_provider() here as the provider descriptor
857 	 * is still valid which means it has an entry in the provider
858 	 * table.
859 	 */
860 	KCF_PROV_REFHOLD(pd);
861 }
862 
863 /*
864  * Add provider (p1) to another provider's array of providers (p2).
865  * Hardware and logical providers use this array to cross-reference
866  * each other.
867  */
868 static void
869 add_provider_to_array(kcf_provider_desc_t *p1, kcf_provider_desc_t *p2)
870 {
871 	kcf_provider_list_t *new;
872 
873 	new = kmem_alloc(sizeof (kcf_provider_list_t), KM_SLEEP);
874 	mutex_enter(&p2->pd_lock);
875 	new->pl_next = p2->pd_provider_list;
876 	p2->pd_provider_list = new;
877 	new->pl_provider = p1;
878 	mutex_exit(&p2->pd_lock);
879 }
880 
881 /*
882  * Remove provider (p1) from another provider's array of providers (p2).
883  * Hardware and logical providers use this array to cross-reference
884  * each other.
885  */
886 static void
887 remove_provider_from_array(kcf_provider_desc_t *p1, kcf_provider_desc_t *p2)
888 {
889 
890 	kcf_provider_list_t *pl = NULL, **prev;
891 
892 	mutex_enter(&p2->pd_lock);
893 	for (pl = p2->pd_provider_list, prev = &p2->pd_provider_list;
894 	    pl != NULL; prev = &pl->pl_next, pl = pl->pl_next) {
895 		if (pl->pl_provider == p1) {
896 			break;
897 		}
898 	}
899 
900 	if (p1 == NULL) {
901 		mutex_exit(&p2->pd_lock);
902 		return;
903 	}
904 
905 	/* detach and free kcf_provider_list structure */
906 	*prev = pl->pl_next;
907 	kmem_free(pl, sizeof (*pl));
908 	mutex_exit(&p2->pd_lock);
909 }
910 
911 /*
912  * Convert an array of logical provider handles (crypto_provider_id)
913  * stored in a crypto_provider_info structure into an array of provider
914  * descriptors (kcf_provider_desc_t) attached to a logical provider.
915  */
916 static void
917 process_logical_providers(crypto_provider_info_t *info, kcf_provider_desc_t *hp)
918 {
919 	kcf_provider_desc_t *lp;
920 	crypto_provider_id_t handle;
921 	int count = info->pi_logical_provider_count;
922 	int i;
923 
924 	/* add hardware provider to each logical provider */
925 	for (i = 0; i < count; i++) {
926 		handle = info->pi_logical_providers[i];
927 		lp = kcf_prov_tab_lookup((crypto_provider_id_t)handle);
928 		if (lp == NULL) {
929 			continue;
930 		}
931 		add_provider_to_array(hp, lp);
932 		hp->pd_flags |= KCF_LPROV_MEMBER;
933 
934 		/*
935 		 * A hardware provider has to have the provider descriptor of
936 		 * every logical provider it belongs to, so it can be removed
937 		 * from the logical provider if the hardware provider
938 		 * unregisters from the framework.
939 		 */
940 		add_provider_to_array(lp, hp);
941 		KCF_PROV_REFRELE(lp);
942 	}
943 }
944 
945 /*
946  * This routine removes a provider from all of the logical or
947  * hardware providers it belongs to, and frees the provider's
948  * array of pointers to providers.
949  */
950 static void
951 remove_provider(kcf_provider_desc_t *pp)
952 {
953 	kcf_provider_desc_t *p;
954 	kcf_provider_list_t *e, *next;
955 
956 	mutex_enter(&pp->pd_lock);
957 	for (e = pp->pd_provider_list; e != NULL; e = next) {
958 		p = e->pl_provider;
959 		remove_provider_from_array(pp, p);
960 		if (p->pd_prov_type == CRYPTO_HW_PROVIDER &&
961 		    p->pd_provider_list == NULL)
962 			p->pd_flags &= ~KCF_LPROV_MEMBER;
963 		next = e->pl_next;
964 		kmem_free(e, sizeof (*e));
965 	}
966 	pp->pd_provider_list = NULL;
967 	mutex_exit(&pp->pd_lock);
968 }
969 
970 /*
971  * Dispatch events as needed for a provider. is_added flag tells
972  * whether the provider is registering or unregistering.
973  */
974 void
975 kcf_do_notify(kcf_provider_desc_t *prov_desc, boolean_t is_added)
976 {
977 	int i;
978 	crypto_notify_event_change_t ec;
979 
980 	ASSERT(prov_desc->pd_state > KCF_PROV_VERIFICATION_FAILED);
981 
982 	/*
983 	 * Inform interested clients of the mechanisms becoming
984 	 * available/unavailable. We skip this for logical providers
985 	 * as they do not affect mechanisms.
986 	 */
987 	if (prov_desc->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) {
988 		ec.ec_provider_type = prov_desc->pd_prov_type;
989 		ec.ec_change = is_added ? CRYPTO_MECH_ADDED :
990 		    CRYPTO_MECH_REMOVED;
991 		for (i = 0; i < prov_desc->pd_mech_list_count; i++) {
992 			/* Skip any mechanisms not allowed by the policy */
993 			if (is_mech_disabled(prov_desc,
994 			    prov_desc->pd_mechanisms[i].cm_mech_name))
995 				continue;
996 
997 			(void) strncpy(ec.ec_mech_name,
998 			    prov_desc->pd_mechanisms[i].cm_mech_name,
999 			    CRYPTO_MAX_MECH_NAME);
1000 			kcf_walk_ntfylist(CRYPTO_EVENT_MECHS_CHANGED, &ec);
1001 		}
1002 
1003 	}
1004 
1005 	/*
1006 	 * Inform interested clients about the new or departing provider.
1007 	 * In case of a logical provider, we need to notify the event only
1008 	 * for the logical provider and not for the underlying
1009 	 * providers which are known by the KCF_LPROV_MEMBER bit.
1010 	 */
1011 	if (prov_desc->pd_prov_type == CRYPTO_LOGICAL_PROVIDER ||
1012 	    (prov_desc->pd_flags & KCF_LPROV_MEMBER) == 0) {
1013 		kcf_walk_ntfylist(is_added ? CRYPTO_EVENT_PROVIDER_REGISTERED :
1014 		    CRYPTO_EVENT_PROVIDER_UNREGISTERED, prov_desc);
1015 	}
1016 }
1017 
1018 static void
1019 delete_kstat(kcf_provider_desc_t *desc)
1020 {
1021 	/* destroy the kstat created for this provider */
1022 	if (desc->pd_kstat != NULL) {
1023 		kcf_provider_desc_t *kspd = desc->pd_kstat->ks_private;
1024 
1025 		/* release reference held by desc->pd_kstat->ks_private */
1026 		ASSERT(desc == kspd);
1027 		kstat_delete(kspd->pd_kstat);
1028 		desc->pd_kstat = NULL;
1029 		KCF_PROV_REFRELE(kspd);
1030 	}
1031 }
1032