Commit Graph

57 Commits

Author SHA1 Message Date
jb
1785efbd75 On some arches, openssl is built with OPENSSL_NO_CAMELLIA, so the
code here needs to depend on that too.
2007-11-19 08:59:32 +00:00
julian
51d643caa6 Rename the kthread_xxx (e.g. kthread_create()) calls
to kproc_xxx as they actually make whole processes.
Thos makes way for us to add REAL kthread_create() and friends
that actually make theads. it turns out that most of these
calls actually end up being moved back to the thread version
when it's added. but we need to make this cosmetic change first.

I'd LOVE to do this rename in 7.0  so that we can eventually MFC the
new kthread_xxx() calls.
2007-10-20 23:23:23 +00:00
pjd
9afb74d049 Add support for Camellia encryption algorithm.
PR:		kern/113790
Submitted by:	Yoshisato YANAGISAWA <yanagisawa@csg.is.titech.ac.jp>
Approved by:	re (bmah)
2007-09-01 06:33:02 +00:00
jeff
91d1501790 Commit 14/14 of sched_lock decomposition.
- Use thread_lock() rather than sched_lock for per-thread scheduling
   sychronization.
 - Use the per-process spinlock rather than the sched_lock for per-process
   scheduling synchronization.

Tested by:      kris, current@
Tested on:      i386, amd64, ULE, 4BSD, libthr, libkse, PREEMPTION, etc.
Discussed with: kris, attilio, kmacy, jhb, julian, bde (small parts each)
2007-06-05 00:00:57 +00:00
pjd
52b222af91 When deleting key, flush write cache after each overwrite, so we don't
overwrite data N times in cache and only once on disk.
2007-05-06 14:56:03 +00:00
pjd
f0a2e6d38c Use root_mounted(). 2007-04-08 23:54:23 +00:00
sam
f96ba7ffda Overhaul driver/subsystem api's:
o make all crypto drivers have a device_t; pseudo drivers like the s/w
  crypto driver synthesize one
o change the api between the crypto subsystem and drivers to use kobj;
  cryptodev_if.m defines this api
o use the fact that all crypto drivers now have a device_t to add support
  for specifying which of several potential devices to use when doing
  crypto operations
o add new ioctls that allow user apps to select a specific crypto device
  to use (previous ioctls maintained for compatibility)
o overhaul crypto subsystem code to eliminate lots of cruft and hide
  implementation details from drivers
o bring in numerous fixes from Michale Richardson/hifn; mostly for
  795x parts
o add an optional mechanism for mmap'ing the hifn 795x public key h/w
  to user space for use by openssl (not enabled by default)
o update crypto test tools to use new ioctl's and add cmd line options
  to specify a device to use for tests

These changes will also enable much future work on improving the core
crypto subsystem; including proper load balancing and interposing code
between the core and drivers to dispatch small operations to the s/w
driver as appropriate.

These changes were instigated by the work of Michael Richardson.

Reviewed by:	pjd
Approved by:	re
2007-03-21 03:42:51 +00:00
pjd
b23a2a2ffb Warn when user use sectorsize bigger than the page size, which will lead
to problems when the geli device is used with file system or as a swap.

Hopefully will prevent problems like kern/98742 in the future.

MFC after:	1 week
2007-03-05 12:41:44 +00:00
pjd
38868f2cec Fix geli after last commit for UP systems that are running SMP kernel.
Submitted by:	Hyo geol, Lee <hyogeollee@gmail.com>
MFC after:	1 week
2007-03-02 09:38:16 +00:00
pjd
4e4fa80cab It is possible that GEOM taste provider before SMP is started.
We can't bind to a CPU which is not yet on-line, so add code that wait for
CPUs to go on-line before binding to them.

Reported by:	Alin-Adrian Anton <aanton@spintech.ro>
MFC after:	2 weeks
2007-01-28 20:29:12 +00:00
pjd
9fbd00e878 I want CPU number here.
Noticed by:	ru
2006-11-02 09:01:34 +00:00
pjd
d55b9d74e2 Skip disabled CPU, because after we sched_bind() to a disabled CPU,
we won't be able to exit from the thread.

Function g_eli_cpu_is_disabled() stoled from kern_pmc.c.

PR:		104669
Reported by:	Nikolay Mirin <nik@optim.com.ru>
MFC after:	1 week
2006-11-01 16:05:06 +00:00
pjd
c33849dc41 Implement BIO_FLUSH handling by simply passing it down to the components.
Sponsored by:	home.pl
2006-10-31 21:23:51 +00:00
pjd
cb0554d5cc Remove trailing spaces. 2006-09-30 08:16:49 +00:00
pjd
2e387b9b85 Add 'configure' subcommand which for now only allows setting and removing
of the BOOT flag. It can be performed on both attached and detached
providers.

Requested by:	Matthias Lederhofer <matled@gmx.net>
MFC after:	1 week
2006-09-16 10:43:17 +00:00
pjd
5d795537ae Remove extra arguments.
MFC after:	3 days
2006-09-16 07:47:57 +00:00
pjd
3a923dc027 Before using byte offset for IV creation, covert it to little endian.
This way one will be able to use provider encrypted on eg. i386 on
eg. sparc64. This doesn't really buy us much today, because UFS isn't
endian agnostic.

We retain backward compatibility by setting G_ELI_FLAG_NATIVE_BYTE_ORDER
flag on devices with version number less than 2 and not converting the
offset.
2006-08-11 19:09:12 +00:00
pjd
d9810ee8e2 Forgot to bump version number after G_ELI_FLAG_READONLY flag addition. 2006-08-11 18:39:58 +00:00
pjd
b2ae936be5 Allow geli to operate on read-only providers.
Initial patch from:	vd
MFC after:		2 weeks
2006-08-09 18:11:14 +00:00
yar
99e7c62f6f Fix what looks like a typo: MODULE_DEPEND() takes module names,
not KLD file names; and GELI module's name is g_eli, not geom_eli.

Approved by:	pjd (silence)
MFC after:	5 days
2006-07-27 11:52:12 +00:00
pjd
603264d10f Don't forget to initialize crp_olen field, which is used to calculate
bio_completed value.
2006-07-22 10:05:55 +00:00
pjd
ec70ef58cb Allow to use the old -a option to specify an encryption algorithm to use
(for backward compatibility), but print a warning to inform about the
change.
2006-06-06 22:06:24 +00:00
pjd
dfb8f689dd - Unbreak the build when geli is compiled into the kernel (on as module),
by silencing unfounded compiler warning.

Reported by:
2006-06-06 14:48:19 +00:00
pjd
3af66839d0 Implement data integrity verification (data authentication) for geli(8).
Supported by:	Wheel Sp. z o.o. (http://www.wheel.pl)
2006-06-05 21:38:54 +00:00
pjd
c7f4418287 Make kern.geom.eli.overwrites sysctl a tunable as well. 2006-06-05 21:25:19 +00:00
pjd
7df97ee4bb geli(8) provides keys on newsession time, so remove CRD_F_KEY_EXPLICIT flag
as HW crypto drivers don't support it.
2006-04-20 06:33:46 +00:00
pjd
9727721d25 Correct debug: we are sending child bio here, not parent bio.
MFC after:	1 week
2006-04-15 18:30:42 +00:00
pjd
dd51e2368b Pass BIO_GETATTR requests down.
MFC after:	1 week
2006-04-12 12:18:44 +00:00
pjd
c94d951bcd Typos. 2006-04-05 22:07:31 +00:00
pjd
f0667561aa Revert previous change, as I fixed MD5(9). 2006-03-30 18:50:00 +00:00
pjd
2a7268cfd4 md_hash field in g_eli_metadata structure is not 4 byte aligned, which
case panic on sparc64.

The problem is in MD5(9) implementation. The Encode() function takes
'unsigned char *output' as its first argument, which is then assigned to
'u_int32_t *op'. If the 'output' argument is not 4 byte aligned (and in
geli(8) case it is not), sparc64 machine will panic.

I don't know how to fix MD5(9) in a clean way, so I'm implementing a
work-around in geli(8).

Reported by:	brueffer
MFC after:	3 days
2006-03-30 14:41:13 +00:00
pjd
204d3235ab Teach geli how to load keyfiles before root file system is mounted.
An example entries for loader.conf to make it possible:

geli_da0_keyfile0_load="YES"
geli_da0_keyfile0_type="da0:geli_keyfile0"
geli_da0_keyfile0_name="/boot/keys/da0.key0"
geli_da0_keyfile1_load="YES"
geli_da0_keyfile1_type="da0:geli_keyfile1"
geli_da0_keyfile1_name="/boot/keys/da0.key1"
geli_da0_keyfile2_load="YES"
geli_da0_keyfile2_type="da0:geli_keyfile2"
geli_da0_keyfile2_name="/boot/keys/da0.key2"

geli_da1s3a_keyfile0_load="YES"
geli_da1s3a_keyfile0_type="da1s3a:geli_keyfile0"
geli_da1s3a_keyfile0_name="/boot/keys/da1s3a.key"

Thanks for jhb and kan who showed me the right direction.

MFC after:	3 days
2006-02-11 13:08:24 +00:00
pjd
f9926daa99 Check rootvnode variable to see if we still want to ask for passphrase on
boot. Other methods just don't work properly.

MFC after:	3 days
2006-02-11 12:45:01 +00:00
brueffer
1620f68fa6 Clean up some sysctl descriptions, debug messages etc.
Approved by:	pjd
MFC after:	3 days
2006-02-07 17:23:22 +00:00
pjd
6f074b6d64 Remove trailing spaces. 2006-02-01 12:06:01 +00:00
pjd
bc614c3af5 - Use better types.
- Log problems at level 0 when killing providers.

MFC after:	3 days
2006-01-17 07:32:43 +00:00
pjd
df676bfd16 Check return value.
Found by:	Coverity Prevent(tm)
MFC after:	3 days
2006-01-17 07:30:34 +00:00
pjd
ad2b246949 Remove dead code.
Found by:	Coverity Prevent(tm)
MFC after:	3 days
2006-01-17 07:27:46 +00:00
pjd
1911dbbb9c Remove unused value.
Found by:	Coverity Prevent(tm)
MFC after:	3 days
2006-01-17 07:26:48 +00:00
sobomax
29543921ea Check for g_read_data(9) errors properly:
o The only indication of error condition is NULL value returned by
  the function;

o value pointed to by error argument is undefined in the case when
  operation completes successfully.

Discussed with: phk
2005-11-30 19:24:51 +00:00
pjd
4ca45af625 Fix copy&paste typo.
MFC after:	3 days
2005-09-10 07:46:47 +00:00
pjd
e1cf625a5f Don't forget to initialize crp_etype field.
Reported by:	Nick Evans <nevans@syphen.net>
MFC after:	3 days
2005-09-10 07:45:10 +00:00
pjd
aee0040df6 By default, when doing crypto work in software, start as many threads
as we have active CPUs and bind each thread to its own CPU.

MFC after:	3 days
2005-08-21 18:12:51 +00:00
pjd
af30c99a23 Remove stale comment (we now always start worker thread).
MFC after:	3 days
2005-08-21 18:06:35 +00:00
pjd
a2f0d0b06b Add a __packed keyword to g_eli_metadata struct definition, so
sizeof(struct g_eli_metadata) will return the exact number of bytes needed
for storing it on the disk.
Without this change GELI was unusable on amd64 (and probably other 64-bit
archs), because sizeof(struct g_eli_metadata) was greater than 512 bytes
and geli(8) was failing on assertion.

Reported by:	Michael Reifenberger <mike@Reifenberger.com>
MFC after:	3 days
2005-08-20 10:43:03 +00:00
pjd
0c33c951a5 Allow to change number of iterations for PKCS#5v2. It can only be used
when there is only one key set.

MFC after:	3 days
2005-08-19 22:19:25 +00:00
pjd
e6d1db2424 - Add a missing period.
- Fix number of spaces.

MFC after:	3 days
2005-08-19 22:16:26 +00:00
pjd
653998193b Always run dedicated kernel thread (even when we have hardware support).
There is no performance impact, but allows to allocate memory with
M_WAITOK flag.
As a side effect this simplify code a bit.

MFC after:	3 days
2005-08-17 15:25:57 +00:00
pjd
768e62bfca We should now return 0. 2005-08-17 15:12:34 +00:00
pjd
b5aaabac19 Even if crypto_dispatch() return an error, request is not canceled and
our callback will still be called, just to tell us that requested
failed...

Reported by:	Mike Tancsa <mike@sentex.net>
MFC after:	3 days
2005-08-17 14:34:52 +00:00