xref: /illumos-gate/usr/src/uts/common/sys/lofi.h (revision 4c28a617e3922d92a58e813a5b955eb526b9c386)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
23  *
24  * Copyright 2013 Nexenta Systems, Inc. All rights reserved.
25  * Copyright (c) 2016 Andrey Sokolov
26  * Copyright 2016 Toomas Soome <tsoome@me.com>
27  */
28 
29 #ifndef	_SYS_LOFI_H
30 #define	_SYS_LOFI_H
31 
32 #include <sys/types.h>
33 #include <sys/time.h>
34 #include <sys/taskq.h>
35 #include <sys/dkio.h>
36 #include <sys/vnode.h>
37 #include <sys/list.h>
38 #include <sys/crypto/api.h>
39 #include <sys/zone.h>
40 #ifdef _KERNEL
41 #include <sys/cmlb.h>
42 #include <sys/open.h>
43 #endif	/* _KERNEL */
44 
45 #ifdef	__cplusplus
46 extern "C" {
47 #endif
48 
49 /*
50  * /dev names:
51  *	/dev/lofictl	- master control device
52  *	/dev/lofi	- block devices, named by minor number
53  *	/dev/rlofi	- character devices, named by minor number
54  */
55 #define	LOFI_DRIVER_NAME	"lofi"
56 #define	LOFI_CTL_NODE		"ctl"
57 #define	LOFI_CTL_NAME		LOFI_DRIVER_NAME LOFI_CTL_NODE
58 #define	LOFI_BLOCK_NODE		"disk"
59 #define	LOFI_CHAR_NODE		LOFI_BLOCK_NODE ",raw"
60 #define	LOFI_BLOCK_NAME		LOFI_DRIVER_NAME
61 #define	LOFI_CHAR_NAME		"r" LOFI_DRIVER_NAME
62 
63 #define	SEGHDR		1
64 #define	COMPRESSED	1
65 #define	UNCOMPRESSED	0
66 #define	MAXALGLEN	36
67 
68 #define	LOFI_CMLB_SHIFT		CMLBUNIT_FORCE_P0_SHIFT
69 #define	LOFI_PART_MASK		((1 << LOFI_CMLB_SHIFT) - 1)
70 #define	LOFI_PART_MAX		(1 << LOFI_CMLB_SHIFT)
71 #define	LOFI_PART(x)		((x) & LOFI_PART_MASK)
72 
73 /*
74  * The cmlb is using its own range of minor numbers for partitions, for
75  * unlabeled lofi devices, we need to use another range.
76  */
77 /* unlabeled lofi device id to minor number. */
78 #define	LOFI_ID2MINOR(x)	((x) << LOFI_CMLB_SHIFT)
79 /* lofi id from minor number. */
80 #define	LOFI_MINOR2ID(x)	((x) >> LOFI_CMLB_SHIFT)
81 
82 /*
83  *
84  * Use is:
85  *	ld = open("/dev/lofictl", O_RDWR | O_EXCL);
86  *
87  * lofi must be opened exclusively. Access is controlled by permissions on
88  * the device, which is 644 by default. Write-access is required for ioctls
89  * that change state, but only read-access is required for the ioctls that
90  * return information. Basically, only root can add and remove files, but
91  * non-root can look at the current lists.
92  *
93  * ioctl usage:
94  *
95  * kernel ioctls
96  *
97  *	strcpy(li.li_filename, "somefilename");
98  *	ioctl(ld, LOFI_MAP_FILE, &li);
99  *	newminor = li.li_minor;
100  *
101  *	strcpy(li.li_filename, "somefilename");
102  *	ioctl(ld, LOFI_UNMAP_FILE, &li);
103  *
104  *	strcpy(li.li_filename, "somefilename");
105  *	li.li_minor = minor_number;
106  *	ioctl(ld, LOFI_MAP_FILE_MINOR, &li);
107  *
108  *	li.li_minor = minor_number;
109  *	ioctl(ld, LOFI_UNMAP_FILE_MINOR, &li);
110  *
111  *	li.li_minor = minor_number;
112  *	ioctl(ld, LOFI_GET_FILENAME, &li);
113  *	filename = li.li_filename;
114  *	encrypted = li.li_crypto_enabled;
115  *
116  *	strcpy(li.li_filename, "somefilename");
117  *	ioctl(ld, LOFI_GET_MINOR, &li);
118  *	minor = li.li_minor;
119  *
120  *	li.li_minor = 0;
121  *	ioctl(ld, LOFI_GET_MAXMINOR, &li);
122  *	maxminor = li.li_minor;
123  *
124  *	strcpy(li.li_filename, "somefilename");
125  *	li.li_minor = 0;
126  *	ioctl(ld, LOFI_CHECK_COMPRESSED, &li);
127  *
128  * If the 'li_force' flag is set for any of the LOFI_UNMAP_* commands, then if
129  * the device is busy, the underlying vnode will be closed, and any subsequent
130  * operations will fail.  It will behave as if the device had been forcibly
131  * removed, so the DKIOCSTATE ioctl will return DKIO_DEV_GONE.  When the device
132  * is last closed, it will be torn down.
133  *
134  * If the 'li_cleanup' flag is set for any of the LOFI_UNMAP_* commands, then
135  * if the device is busy, it is marked for removal at the next time it is
136  * no longer held open by anybody.  When the device is last closed, it will be
137  * torn down.
138  *
139  * Oh, and last but not least: these ioctls are totally private and only
140  * for use by lofiadm(1M).
141  *
142  */
143 
144 typedef enum	iv_method {
145 	IVM_NONE,	/* no iv needed, iv is null */
146 	IVM_ENC_BLKNO	/* iv is logical block no. encrypted */
147 } iv_method_t;
148 
149 struct lofi_ioctl {
150 	uint32_t	li_id;			/* lofi ID */
151 	boolean_t	li_force;
152 	boolean_t	li_cleanup;
153 	boolean_t	li_readonly;
154 	boolean_t	li_labeled;
155 	char	li_filename[MAXPATHLEN];
156 	char	li_devpath[MAXPATHLEN];
157 
158 	/* the following fields are required for compression support */
159 	char	li_algorithm[MAXALGLEN];
160 
161 	/* the following fields are required for encryption support */
162 	boolean_t	li_crypto_enabled;
163 	crypto_mech_name_t	li_cipher;	/* for data */
164 	uint32_t	li_key_len;		/* for data */
165 	char		li_key[56];	/* for data: max 448-bit Blowfish key */
166 	crypto_mech_name_t	li_iv_cipher;	/* for iv derivation */
167 	uint32_t	li_iv_len;		/* for iv derivation */
168 	iv_method_t	li_iv_type;		/* for iv derivation */
169 };
170 
171 #define	LOFI_IOC_BASE		(('L' << 16) | ('F' << 8))
172 
173 #define	LOFI_MAP_FILE		(LOFI_IOC_BASE | 0x01)
174 #define	LOFI_MAP_FILE_MINOR	(LOFI_IOC_BASE | 0x02)
175 #define	LOFI_UNMAP_FILE		(LOFI_IOC_BASE | 0x03)
176 #define	LOFI_UNMAP_FILE_MINOR	(LOFI_IOC_BASE | 0x04)
177 #define	LOFI_GET_FILENAME	(LOFI_IOC_BASE | 0x05)
178 #define	LOFI_GET_MINOR		(LOFI_IOC_BASE | 0x06)
179 #define	LOFI_GET_MAXMINOR	(LOFI_IOC_BASE | 0x07)
180 #define	LOFI_CHECK_COMPRESSED	(LOFI_IOC_BASE | 0x08)
181 
182 /*
183  * file types that might be usable with lofi, maybe. Only regular
184  * files are documented though.
185  */
186 #define	S_ISLOFIABLE(mode) \
187 	(S_ISREG(mode) || S_ISBLK(mode) || S_ISCHR(mode))
188 
189 /*
190  * The basis for CRYOFF is derived from usr/src/uts/common/sys/fs/ufs_fs.h.
191  * Crypto metadata, if it exists, is located at the end of the boot block
192  * (BBOFF + BBSIZE, which is SBOFF).  The super block and everything after
193  * is offset by the size of the crypto metadata which is handled by
194  * lsp->ls_crypto_offset.
195  */
196 #define	CRYOFF	((off_t)8192)
197 
198 #define	LOFI_CRYPTO_MAGIC	{ 'C', 'F', 'L', 'O', 'F', 'I' }
199 
200 #if defined(_KERNEL)
201 
202 
203 /*
204  * Cache decompressed data segments for the compressed lofi images.
205  *
206  * To avoid that we have to decompress data of a compressed
207  * segment multiple times when accessing parts of the segment's
208  * data we cache the uncompressed data, using a simple linked list.
209  */
210 struct lofi_comp_cache {
211 	list_node_t	lc_list;		/* linked list */
212 	uchar_t		*lc_data;		/* decompressed segment data */
213 	uint64_t	lc_index;		/* segment index */
214 };
215 
216 #define	V_ISLOFIABLE(vtype) \
217 	((vtype == VREG) || (vtype == VBLK) || (vtype == VCHR))
218 
219 /*
220  * Pre-allocated memory buffers for the purpose of compression
221  */
222 struct compbuf {
223 	void		*buf;
224 	uint32_t	bufsize;
225 	int		inuse;
226 };
227 
228 /*
229  * Need exactly 6 bytes to identify encrypted lofi image
230  */
231 extern const char lofi_crypto_magic[6];
232 #define	LOFI_CRYPTO_VERSION	((uint16_t)0)
233 #define	LOFI_CRYPTO_DATA_SECTOR	((uint32_t)16)		/* for version 0 */
234 
235 /*
236  * Crypto metadata for encrypted lofi images
237  * The fields here only satisfy initial implementation requirements.
238  */
239 struct crypto_meta {
240 	char		magic[6];		/* LOFI_CRYPTO_MAGIC */
241 	uint16_t	version;		/* version of encrypted lofi */
242 	char		reserved1[96];		/* future use */
243 	uint32_t	data_sector;		/* start of data area */
244 	char		pad[404];		/* end on DEV_BSIZE bdry */
245 	/* second header block is not defined at this time */
246 };
247 
248 struct lofi_state {
249 	vnode_t		*ls_vp;		/* open real vnode */
250 	vnode_t		*ls_stacked_vp;	/* open vnode */
251 	kmutex_t	ls_vp_lock;	/* protects ls_vp */
252 	kcondvar_t	ls_vp_cv;	/* signal changes to ls_vp */
253 	uint32_t	ls_vp_iocount;	/* # pending I/O requests */
254 	boolean_t	ls_vp_closereq;	/* force close requested */
255 	boolean_t	ls_vp_ready;	/* is vp ready for use? */
256 	u_offset_t	ls_vp_size;
257 	uint32_t	ls_open_lyr[LOFI_PART_MAX];	/* open count */
258 	uint64_t	ls_open_reg[OTYPCNT];		/* bitmask */
259 	uint64_t	ls_open_excl;			/* bitmask */
260 	int		ls_openflag;
261 	boolean_t	ls_cleanup;	/* cleanup on close */
262 	boolean_t	ls_readonly;
263 	taskq_t		*ls_taskq;
264 	kstat_t		*ls_kstat;
265 	kmutex_t	ls_kstat_lock;
266 	struct dk_geom	ls_dkg;
267 	zone_ref_t	ls_zone;
268 	list_node_t	ls_list;	/* all lofis */
269 	dev_info_t	*ls_dip;
270 	dev_t		ls_dev;		/* this node's dev_t */
271 
272 	cmlb_handle_t	ls_cmlbhandle;
273 	uint32_t	ls_lbshift;	/* logical block shift */
274 	uint32_t	ls_pbshift;	/* physical block shift */
275 
276 	/* the following fields are required for compression support */
277 	int		ls_comp_algorithm_index; /* idx into compress_table */
278 	char		ls_comp_algorithm[MAXALGLEN];
279 	uint32_t	ls_uncomp_seg_sz; /* sz of uncompressed segment */
280 	uint32_t	ls_comp_index_sz; /* number of index entries */
281 	uint32_t	ls_comp_seg_shift; /* exponent for byte shift */
282 	uint32_t	ls_uncomp_last_seg_sz; /* sz of last uncomp segment */
283 	uint64_t	ls_comp_offbase; /* offset of actual compressed data */
284 	uint64_t	*ls_comp_seg_index; /* array of index entries */
285 	caddr_t		ls_comp_index_data; /* index pages loaded from file */
286 	uint32_t	ls_comp_index_data_sz;
287 	u_offset_t	ls_vp_comp_size; /* actual compressed file size */
288 
289 	/* pre-allocated list of buffers for compressed segment data */
290 	kmutex_t	ls_comp_bufs_lock;
291 	struct compbuf	*ls_comp_bufs;
292 
293 	/* lock and anchor for compressed segment caching */
294 	kmutex_t	ls_comp_cache_lock;	/* protects ls_comp_cache */
295 	list_t		ls_comp_cache;		/* cached decompressed segs */
296 	uint32_t	ls_comp_cache_count;
297 
298 	/* the following fields are required for encryption support */
299 	boolean_t		ls_crypto_enabled;
300 	u_offset_t		ls_crypto_offset;	/* crypto meta size */
301 	struct crypto_meta	ls_crypto;
302 	crypto_mechanism_t	ls_mech;	/* for data encr/decr */
303 	crypto_key_t		ls_key;		/* for data encr/decr */
304 	crypto_mechanism_t	ls_iv_mech;	/* for iv derivation */
305 	size_t			ls_iv_len;	/* for iv derivation */
306 	iv_method_t		ls_iv_type;	/* for iv derivation */
307 	kmutex_t		ls_crypto_lock;
308 	crypto_ctx_template_t	ls_ctx_tmpl;
309 };
310 
311 #endif	/* _KERNEL */
312 
313 /*
314  * Common signature for all lofi compress functions
315  */
316 typedef int lofi_compress_func_t(void *src, size_t srclen, void *dst,
317 	size_t *destlen, int level);
318 
319 /*
320  * Information about each compression function
321  */
322 typedef struct lofi_compress_info {
323 	lofi_compress_func_t	*l_decompress;
324 	lofi_compress_func_t	*l_compress;
325 	int			l_level;
326 	char			*l_name;	/* algorithm name */
327 } lofi_compress_info_t;
328 
329 enum lofi_compress {
330 	LOFI_COMPRESS_GZIP = 0,
331 	LOFI_COMPRESS_GZIP_6 = 1,
332 	LOFI_COMPRESS_GZIP_9 = 2,
333 	LOFI_COMPRESS_LZMA = 3,
334 	LOFI_COMPRESS_FUNCTIONS
335 };
336 
337 #ifdef	__cplusplus
338 }
339 #endif
340 
341 #endif	/* _SYS_LOFI_H */
342