1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 27 #ifndef _SYS_LOFI_H 28 #define _SYS_LOFI_H 29 30 #include <sys/types.h> 31 #include <sys/time.h> 32 #include <sys/taskq.h> 33 #include <sys/vtoc.h> 34 #include <sys/dkio.h> 35 #include <sys/vnode.h> 36 #include <sys/crypto/api.h> 37 38 #ifdef __cplusplus 39 extern "C" { 40 #endif 41 42 /* 43 * /dev names: 44 * /dev/lofictl - master control device 45 * /dev/lofi - block devices, named by minor number 46 * /dev/rlofi - character devices, named by minor number 47 */ 48 #define LOFI_DRIVER_NAME "lofi" 49 #define LOFI_CTL_NODE "ctl" 50 #define LOFI_CTL_NAME LOFI_DRIVER_NAME LOFI_CTL_NODE 51 #define LOFI_BLOCK_NAME LOFI_DRIVER_NAME 52 #define LOFI_CHAR_NAME "r" LOFI_DRIVER_NAME 53 54 #define SEGHDR 1 55 #define COMPRESSED 1 56 #define UNCOMPRESSED 0 57 #define MAXALGLEN 36 58 59 /* 60 * 61 * Use is: 62 * ld = open("/dev/lofictl", O_RDWR | O_EXCL); 63 * 64 * lofi must be opened exclusively. Access is controlled by permissions on 65 * the device, which is 644 by default. Write-access is required for ioctls 66 * that change state, but only read-access is required for the ioctls that 67 * return information. Basically, only root can add and remove files, but 68 * non-root can look at the current lists. 69 * 70 * ioctl usage: 71 * 72 * kernel ioctls 73 * 74 * strcpy(li.li_filename, "somefilename"); 75 * ioctl(ld, LOFI_MAP_FILE, &li); 76 * newminor = li.li_minor; 77 * 78 * strcpy(li.li_filename, "somefilename"); 79 * ioctl(ld, LOFI_UNMAP_FILE, &li); 80 * 81 * strcpy(li.li_filename, "somefilename"); 82 * li.li_minor = minor_number; 83 * ioctl(ld, LOFI_MAP_FILE_MINOR, &li); 84 * 85 * li.li_minor = minor_number; 86 * ioctl(ld, LOFI_UNMAP_FILE_MINOR, &li); 87 * 88 * li.li_minor = minor_number; 89 * ioctl(ld, LOFI_GET_FILENAME, &li); 90 * filename = li.li_filename; 91 * encrypted = li.li_crypto_enabled; 92 * 93 * strcpy(li.li_filename, "somefilename"); 94 * ioctl(ld, LOFI_GET_MINOR, &li); 95 * minor = li.li_minor; 96 * 97 * li.li_minor = 0; 98 * ioctl(ld, LOFI_GET_MAXMINOR, &li); 99 * maxminor = li.li_minor; 100 * 101 * strcpy(li.li_filename, "somefilename"); 102 * li.li_minor = 0; 103 * ioctl(ld, LOFI_CHECK_COMPRESSED, &li); 104 * 105 * If the 'li_force' flag is set for any of the LOFI_UNMAP_* commands, then if 106 * the device is busy, the underlying vnode will be closed, and any subsequent 107 * operations will fail. It will behave as if the device had been forcibly 108 * removed, so the DKIOCSTATE ioctl will return DKIO_DEV_GONE. When the device 109 * is last closed, it will be torn down. 110 * 111 * If the 'li_cleanup' flag is set for any of the LOFI_UNMAP_* commands, then 112 * if the device is busy, it is marked for removal at the next time it is 113 * no longer held open by anybody. When the device is last closed, it will be 114 * torn down. 115 * 116 * Oh, and last but not least: these ioctls are totally private and only 117 * for use by lofiadm(1M). 118 * 119 */ 120 121 typedef enum iv_method { 122 IVM_NONE, /* no iv needed, iv is null */ 123 IVM_ENC_BLKNO /* iv is logical block no. encrypted */ 124 } iv_method_t; 125 126 struct lofi_ioctl { 127 uint32_t li_minor; 128 boolean_t li_force; 129 boolean_t li_cleanup; 130 char li_filename[MAXPATHLEN]; 131 132 /* the following fields are required for compression support */ 133 char li_algorithm[MAXALGLEN]; 134 135 /* the following fields are required for encryption support */ 136 boolean_t li_crypto_enabled; 137 crypto_mech_name_t li_cipher; /* for data */ 138 uint32_t li_key_len; /* for data */ 139 char li_key[56]; /* for data: max 448-bit Blowfish key */ 140 crypto_mech_name_t li_iv_cipher; /* for iv derivation */ 141 uint32_t li_iv_len; /* for iv derivation */ 142 iv_method_t li_iv_type; /* for iv derivation */ 143 }; 144 145 #define LOFI_IOC_BASE (('L' << 16) | ('F' << 8)) 146 147 #define LOFI_MAP_FILE (LOFI_IOC_BASE | 0x01) 148 #define LOFI_MAP_FILE_MINOR (LOFI_IOC_BASE | 0x02) 149 #define LOFI_UNMAP_FILE (LOFI_IOC_BASE | 0x03) 150 #define LOFI_UNMAP_FILE_MINOR (LOFI_IOC_BASE | 0x04) 151 #define LOFI_GET_FILENAME (LOFI_IOC_BASE | 0x05) 152 #define LOFI_GET_MINOR (LOFI_IOC_BASE | 0x06) 153 #define LOFI_GET_MAXMINOR (LOFI_IOC_BASE | 0x07) 154 #define LOFI_CHECK_COMPRESSED (LOFI_IOC_BASE | 0x08) 155 156 /* 157 * file types that might be usable with lofi, maybe. Only regular 158 * files are documented though. 159 */ 160 #define S_ISLOFIABLE(mode) \ 161 (S_ISREG(mode) || S_ISBLK(mode) || S_ISCHR(mode)) 162 163 #if defined(_KERNEL) 164 165 /* 166 * We limit the maximum number of active lofi devices to 128, which seems very 167 * large. You can tune this by changing lofi_max_files in /etc/system. 168 * If you change it dynamically, which you probably shouldn't do, make sure 169 * to only _increase_ it. 170 */ 171 #define LOFI_MAX_FILES 128 172 extern uint32_t lofi_max_files; 173 174 #define V_ISLOFIABLE(vtype) \ 175 ((vtype == VREG) || (vtype == VBLK) || (vtype == VCHR)) 176 177 /* 178 * Need exactly 6 bytes to identify encrypted lofi image 179 */ 180 extern const char lofi_crypto_magic[6]; 181 #define LOFI_CRYPTO_MAGIC { 'C', 'F', 'L', 'O', 'F', 'I' } 182 #define LOFI_CRYPTO_VERSION ((uint16_t)0) 183 #define LOFI_CRYPTO_DATA_SECTOR ((uint32_t)16) /* for version 0 */ 184 185 /* 186 * Crypto metadata for encrypted lofi images 187 * The fields here only satisfy initial implementation requirements. 188 */ 189 struct crypto_meta { 190 char magic[6]; /* LOFI_CRYPTO_MAGIC */ 191 uint16_t version; /* version of encrypted lofi */ 192 char reserved1[96]; /* future use */ 193 uint32_t data_sector; /* start of data area */ 194 char pad[404]; /* end on DEV_BSIZE bdry */ 195 /* second header block is not defined at this time */ 196 }; 197 198 struct lofi_state { 199 char *ls_filename; /* filename to open */ 200 size_t ls_filename_sz; 201 struct vnode *ls_vp; /* open vnode */ 202 kmutex_t ls_vp_lock; /* protects ls_vp */ 203 kcondvar_t ls_vp_cv; /* signal changes to ls_vp */ 204 uint32_t ls_vp_iocount; /* # pending I/O requests */ 205 boolean_t ls_vp_closereq; /* force close requested */ 206 u_offset_t ls_vp_size; 207 uint32_t ls_blk_open; 208 uint32_t ls_chr_open; 209 uint32_t ls_lyr_open_count; 210 int ls_openflag; 211 boolean_t ls_cleanup; /* cleanup on close */ 212 taskq_t *ls_taskq; 213 kstat_t *ls_kstat; 214 kmutex_t ls_kstat_lock; 215 struct dk_geom ls_dkg; 216 struct vtoc ls_vtoc; 217 struct dk_cinfo ls_ci; 218 219 /* the following fields are required for compression support */ 220 int ls_comp_algorithm_index; /* idx into compress_table */ 221 char ls_comp_algorithm[MAXALGLEN]; 222 uint32_t ls_uncomp_seg_sz; /* sz of uncompressed segment */ 223 uint32_t ls_comp_index_sz; /* number of index entries */ 224 uint32_t ls_comp_seg_shift; /* exponent for byte shift */ 225 uint32_t ls_uncomp_last_seg_sz; /* sz of last uncomp segment */ 226 uint64_t ls_comp_offbase; /* offset of actual compressed data */ 227 uint64_t *ls_comp_seg_index; /* array of index entries */ 228 caddr_t ls_comp_index_data; /* index pages loaded from file */ 229 uint32_t ls_comp_index_data_sz; 230 u_offset_t ls_vp_comp_size; /* actual compressed file size */ 231 232 /* the following fields are required for encryption support */ 233 boolean_t ls_crypto_enabled; 234 u_offset_t ls_crypto_offset; /* crypto meta size */ 235 struct crypto_meta ls_crypto; 236 crypto_mechanism_t ls_mech; /* for data encr/decr */ 237 crypto_key_t ls_key; /* for data encr/decr */ 238 crypto_mechanism_t ls_iv_mech; /* for iv derivation */ 239 size_t ls_iv_len; /* for iv derivation */ 240 iv_method_t ls_iv_type; /* for iv derivation */ 241 kmutex_t ls_crypto_lock; 242 crypto_ctx_template_t ls_ctx_tmpl; 243 244 }; 245 246 #endif /* _KERNEL */ 247 248 /* 249 * Common signature for all lofi compress functions 250 */ 251 typedef int lofi_compress_func_t(void *src, size_t srclen, void *dst, 252 size_t *destlen, int level); 253 254 /* 255 * Information about each compression function 256 */ 257 typedef struct lofi_compress_info { 258 lofi_compress_func_t *l_decompress; 259 lofi_compress_func_t *l_compress; 260 int l_level; 261 char *l_name; /* algorithm name */ 262 } lofi_compress_info_t; 263 264 enum lofi_compress { 265 LOFI_COMPRESS_GZIP = 0, 266 LOFI_COMPRESS_GZIP_6 = 1, 267 LOFI_COMPRESS_GZIP_9 = 2, 268 LOFI_COMPRESS_FUNCTIONS 269 }; 270 271 #ifdef __cplusplus 272 } 273 #endif 274 275 #endif /* _SYS_LOFI_H */ 276