search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge remote-tracking branch 'origin/master'
[unleashed/lotheac.git] / usr / src / uts / common / crypto / io / crypto.c
blob19c590ae296eb19dcfd65a2ddd06ad9e898966d9
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
24 * Copyright 2018, Joyent, Inc.
25 */
26
27
28 /*
29 * The ioctl interface for cryptographic commands.
30 */
31
32 #include <sys/types.h>
33 #include <sys/modctl.h>
34 #include <sys/conf.h>
35 #include <sys/stat.h>
36 #include <sys/ddi.h>
37 #include <sys/sunddi.h>
38 #include <sys/kmem.h>
39 #include <sys/errno.h>
40 #include <sys/ksynch.h>
41 #include <sys/file.h>
42 #include <sys/open.h>
43 #include <sys/cred.h>
44 #include <sys/proc.h>
45 #include <sys/task.h>
46 #include <sys/mkdev.h>
47 #include <sys/model.h>
48 #include <sys/sysmacros.h>
49 #include <sys/crypto/common.h>
50 #include <sys/crypto/api.h>
51 #include <sys/crypto/impl.h>
52 #include <sys/crypto/sched_impl.h>
53 #include <sys/crypto/ioctl.h>
54
55 extern int kcf_des3_threshold;
56 extern int kcf_aes_threshold;
57 extern int kcf_rc4_threshold;
58 extern int kcf_md5_threshold;
59 extern int kcf_sha1_threshold;
60
61 /*
62 * Locking notes:
63 *
64 * crypto_locks protects the global array of minor structures.
65 * crypto_locks is an array of locks indexed by the cpuid. A reader needs
66 * to hold a single lock while a writer needs to hold all locks.
67 * krwlock_t is not an option here because the hold time
68 * is very small for these locks.
69 *
70 * The fields in the minor structure are protected by the cm_lock member
71 * of the minor structure. The cm_cv is used to signal decrements
72 * in the cm_refcnt, and is used with the cm_lock.
73 *
74 * The locking order is crypto_locks followed by cm_lock.
75 */
76
77 /*
78 * DDI entry points.
79 */
80 static int crypto_attach(dev_info_t *, ddi_attach_cmd_t);
81 static int crypto_detach(dev_info_t *, ddi_detach_cmd_t);
82 static int crypto_getinfo(dev_info_t *, ddi_info_cmd_t, void *, void **);
83 static int crypto_open(dev_t *, int, int, cred_t *);
84 static int crypto_close(dev_t, int, int, cred_t *);
85 static int crypto_ioctl(dev_t, int, intptr_t, int, cred_t *, int *);
86
87 static int cipher_init(dev_t, caddr_t, int, int (*)(crypto_provider_t,
88 crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
89 crypto_ctx_template_t, crypto_context_t *, crypto_call_req_t *));
90
91 static int common_digest(dev_t, caddr_t, int, int (*)(crypto_context_t,
92 crypto_data_t *, crypto_data_t *, crypto_call_req_t *));
93
94 static int cipher(dev_t, caddr_t, int, int (*)(crypto_context_t,
95 crypto_data_t *, crypto_data_t *, crypto_call_req_t *));
96
97 static int cipher_update(dev_t, caddr_t, int, int (*)(crypto_context_t,
98 crypto_data_t *, crypto_data_t *, crypto_call_req_t *));
99
100 static int common_final(dev_t, caddr_t, int, int (*)(crypto_context_t,
101 crypto_data_t *, crypto_call_req_t *));
102
103 static int sign_verify_init(dev_t, caddr_t, int, int (*)(crypto_provider_t,
104 crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
105 crypto_ctx_template_t, crypto_context_t *, crypto_call_req_t *));
106
107 static int sign_verify_update(dev_t dev, caddr_t arg, int mode,
108 int (*)(crypto_context_t, crypto_data_t *, crypto_call_req_t *));
109
110 static void crypto_release_provider_session(crypto_minor_t *,
111 crypto_provider_session_t *);
112 static int crypto_buffer_check(size_t);
113 static int crypto_free_find_ctx(crypto_session_data_t *);
114 static int crypto_get_provider_list(crypto_minor_t *, uint_t *,
115 crypto_provider_entry_t **, boolean_t);
116
117 static int crypto_create_provider_session(crypto_minor_t *,
118 kcf_provider_desc_t *, crypto_session_id_t, crypto_provider_session_t **,
119 kcf_provider_desc_t *);
120 static int crypto_create_session_ptr(crypto_minor_t *, kcf_provider_desc_t *,
121 crypto_provider_session_t *, crypto_session_id_t *);
122
123 /* number of minor numbers to allocate at a time */
124 #define CRYPTO_MINOR_CHUNK 16
125
126 /*
127 * There are two limits associated with kernel memory. The first,
128 * CRYPTO_MAX_BUFFER_LEN, is the maximum number of bytes that can be
129 * allocated for a single copyin/copyout buffer. The second limit is
130 * the total number of bytes that can be allocated by a process
131 * for copyin/copyout buffers. The latter is enforced by the
132 * project.max-crypto-memory resource control.
133 */
134
135 #define CRYPTO_MAX_BUFFER_LEN (2 * 1024 * 1024)
136 #define CRYPTO_MAX_FIND_COUNT 512
137
138 /*
139 * We preapprove some bytes for each session to avoid making the costly
140 * crypto_buffer_check() calls. The preapproval is done when a new session
141 * is created and that cost is amortized over later crypto calls.
142 * Most applications create a session and then do a bunch of crypto calls
143 * in that session. So, they benefit from this optimization.
144 *
145 * Note that we may hit the project.max-crypto-memory limit a bit sooner
146 * because of this preapproval. But it is acceptable since the preapproved
147 * amount is insignificant compared to the default max-crypto-memory limit
148 * which is quarter of the machine's memory. The preapproved amount is
149 * roughly 2 * 16K(maximum SSL record size).
150 */
151 #define CRYPTO_PRE_APPROVED_LIMIT (32 * 1024)
152
153 /* The session table grows by CRYPTO_SESSION_CHUNK increments */
154 #define CRYPTO_SESSION_CHUNK 100
155
156 size_t crypto_max_buffer_len = CRYPTO_MAX_BUFFER_LEN;
157 size_t crypto_pre_approved_limit = CRYPTO_PRE_APPROVED_LIMIT;
158
159 #define INIT_RAW_CRYPTO_DATA(data, len) \
160 (data).cd_format = CRYPTO_DATA_RAW; \
161 (data).cd_raw.iov_base = (len > 0) ? kmem_alloc(len, KM_SLEEP) : NULL; \
162 (data).cd_raw.iov_len = len; \
163 (data).cd_offset = 0; \
164 (data).cd_length = len;
165
166 static struct kmem_cache *crypto_session_cache;
167 static crypto_minor_t **crypto_minors = NULL;
168 static dev_info_t *crypto_dip = NULL;
169 static minor_t crypto_minor_chunk = CRYPTO_MINOR_CHUNK;
170 static minor_t crypto_minors_table_count = 0;
171
172 /*
173 * Minors are started from 1 because vmem_alloc()
174 * returns 0 in case of failure.
175 */
176 static vmem_t *crypto_arena = NULL; /* Arena for device minors */
177 static minor_t crypto_minors_count = 0;
178 static kcf_lock_withpad_t *crypto_locks;
179
180 #define CRYPTO_ENTER_ALL_LOCKS() \
181 for (i = 0; i < max_ncpus; i++) \
182 mutex_enter(&crypto_locks[i].kl_lock);
183
184 #define CRYPTO_EXIT_ALL_LOCKS() \
185 for (i = 0; i < max_ncpus; i++) \
186 mutex_exit(&crypto_locks[i].kl_lock);
187
188 #define RETURN_LIST B_TRUE
189 #define DONT_RETURN_LIST B_FALSE
190
191 #define CRYPTO_OPS_OFFSET(f) offsetof(crypto_ops_t, co_##f)
192 #define CRYPTO_RANDOM_OFFSET(f) offsetof(crypto_random_number_ops_t, f)
193 #define CRYPTO_SESSION_OFFSET(f) offsetof(crypto_session_ops_t, f)
194 #define CRYPTO_OBJECT_OFFSET(f) offsetof(crypto_object_ops_t, f)
195 #define CRYPTO_PROVIDER_OFFSET(f) \
196 offsetof(crypto_provider_management_ops_t, f)
197
198 #define CRYPTO_CANCEL_CTX(spp) { \
199 crypto_cancel_ctx(*(spp)); \
200 *(spp) = NULL; \
201 }
202
203 #define CRYPTO_CANCEL_ALL_CTX(sp) { \
204 if ((sp)->sd_digest_ctx != NULL) { \
205 crypto_cancel_ctx((sp)->sd_digest_ctx); \
206 (sp)->sd_digest_ctx = NULL; \
207 } \
208 if ((sp)->sd_encr_ctx != NULL) { \
209 crypto_cancel_ctx((sp)->sd_encr_ctx); \
210 (sp)->sd_encr_ctx = NULL; \
211 } \
212 if ((sp)->sd_decr_ctx != NULL) { \
213 crypto_cancel_ctx((sp)->sd_decr_ctx); \
214 (sp)->sd_decr_ctx = NULL; \
215 } \
216 if ((sp)->sd_sign_ctx != NULL) { \
217 crypto_cancel_ctx((sp)->sd_sign_ctx); \
218 (sp)->sd_sign_ctx = NULL; \
219 } \
220 if ((sp)->sd_verify_ctx != NULL) { \
221 crypto_cancel_ctx((sp)->sd_verify_ctx); \
222 (sp)->sd_verify_ctx = NULL; \
223 } \
224 if ((sp)->sd_sign_recover_ctx != NULL) { \
225 crypto_cancel_ctx((sp)->sd_sign_recover_ctx); \
226 (sp)->sd_sign_recover_ctx = NULL; \
227 } \
228 if ((sp)->sd_verify_recover_ctx != NULL) { \
229 crypto_cancel_ctx((sp)->sd_verify_recover_ctx); \
230 (sp)->sd_verify_recover_ctx = NULL; \
231 } \
232 if ((sp)->sd_mac_ctx != NULL) { \
233 crypto_cancel_ctx((sp)->sd_mac_ctx); \
234 (sp)->sd_mac_ctx = NULL; \
235 } \
236 }
237
238 #define CRYPTO_DECREMENT_RCTL(val) if ((val) != 0) { \
239 kproject_t *projp; \
240 mutex_enter(&curproc->p_lock); \
241 projp = curproc->p_task->tk_proj; \
242 ASSERT(projp != NULL); \
243 mutex_enter(&(projp->kpj_data.kpd_crypto_lock)); \
244 projp->kpj_data.kpd_crypto_mem -= (val); \
245 mutex_exit(&(projp->kpj_data.kpd_crypto_lock)); \
246 curproc->p_crypto_mem -= (val); \
247 mutex_exit(&curproc->p_lock); \
248 }
249
250 /*
251 * We do not need to hold sd_lock in the macros below
252 * as they are called after doing a get_session_ptr() which
253 * sets the CRYPTO_SESSION_IS_BUSY flag.
254 */
255 #define CRYPTO_DECREMENT_RCTL_SESSION(sp, val, rctl_chk) \
256 if (((val) != 0) && ((sp) != NULL)) { \
257 ASSERT(((sp)->sd_flags & CRYPTO_SESSION_IS_BUSY) != 0); \
258 if (rctl_chk) { \
259 CRYPTO_DECREMENT_RCTL(val); \
260 } else { \
261 (sp)->sd_pre_approved_amount += (val); \
262 } \
263 }
264
265 #define CRYPTO_BUFFER_CHECK(sp, need, rctl_chk) \
266 ((sp->sd_pre_approved_amount >= need) ? \
267 (sp->sd_pre_approved_amount -= need, \
268 rctl_chk = B_FALSE, CRYPTO_SUCCESS) : \
269 (rctl_chk = B_TRUE, crypto_buffer_check(need)))
270
271 /*
272 * Module linkage.
273 */
274 static struct cb_ops cbops = {
275 crypto_open, /* cb_open */
276 crypto_close, /* cb_close */
277 nodev, /* cb_strategy */
278 nodev, /* cb_print */
279 nodev, /* cb_dump */
280 nodev, /* cb_read */
281 nodev, /* cb_write */
282 crypto_ioctl, /* cb_ioctl */
283 nodev, /* cb_devmap */
284 nodev, /* cb_mmap */
285 nodev, /* cb_segmap */
286 nochpoll, /* cb_chpoll */
287 ddi_prop_op, /* cb_prop_op */
288 NULL, /* cb_streamtab */
289 D_MP, /* cb_flag */
290 CB_REV, /* cb_rev */
291 nodev, /* cb_aread */
292 nodev, /* cb_awrite */
293 };
294
295 static struct dev_ops devops = {
296 DEVO_REV, /* devo_rev */
297 0, /* devo_refcnt */
298 crypto_getinfo, /* devo_getinfo */
299 nulldev, /* devo_identify */
300 nulldev, /* devo_probe */
301 crypto_attach, /* devo_attach */
302 crypto_detach, /* devo_detach */
303 nodev, /* devo_reset */
304 &cbops, /* devo_cb_ops */
305 NULL, /* devo_bus_ops */
306 NULL, /* devo_power */
307 ddi_quiesce_not_needed, /* devo_quiesce */
308 };
309
310 static struct modldrv modldrv = {
311 &mod_driverops, /* drv_modops */
312 "Cryptographic Library Interface", /* drv_linkinfo */
313 &devops,
314 };
315
316 static struct modlinkage modlinkage = {
317 MODREV_1, /* ml_rev */
318 &modldrv, /* ml_linkage */
319 NULL
320 };
321
322 /*
323 * DDI entry points.
324 */
325 int
326 _init(void)
327 {
328 return (mod_install(&modlinkage));
329 }
330
331 int
332 _fini(void)
333 {
334 return (mod_remove(&modlinkage));
335 }
336
337 int
338 _info(struct modinfo *modinfop)
339 {
340 return (mod_info(&modlinkage, modinfop));
341 }
342
343 /* ARGSUSED */
344 static int
345 crypto_getinfo(dev_info_t *dip, ddi_info_cmd_t cmd, void *arg, void **result)
346 {
347 switch (cmd) {
348 case DDI_INFO_DEVT2DEVINFO:
349 *result = crypto_dip;
350 return (DDI_SUCCESS);
351
352 case DDI_INFO_DEVT2INSTANCE:
353 *result = NULL;
354 return (DDI_SUCCESS);
355 }
356 return (DDI_FAILURE);
357 }
358
359 static int
360 crypto_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
361 {
362 int i;
363
364 if (cmd != DDI_ATTACH) {
365 return (DDI_FAILURE);
366 }
367
368 if (ddi_get_instance(dip) != 0) {
369 /* we only allow instance 0 to attach */
370 return (DDI_FAILURE);
371 }
372
373 crypto_session_cache = kmem_cache_create("crypto_session_cache",
374 sizeof (crypto_session_data_t), 0, NULL, NULL, NULL, NULL, NULL, 0);
375
376 if (crypto_session_cache == NULL)
377 return (DDI_FAILURE);
378
379 /* create the minor node */
380 if (ddi_create_minor_node(dip, "crypto", S_IFCHR, 0,
381 DDI_PSEUDO, 0) != DDI_SUCCESS) {
382 kmem_cache_destroy(crypto_session_cache);
383 crypto_session_cache = NULL;
384 cmn_err(CE_WARN, "crypto_attach: failed creating minor node");
385 ddi_remove_minor_node(dip, NULL);
386 return (DDI_FAILURE);
387 }
388
389 crypto_locks = kmem_zalloc(max_ncpus * sizeof (kcf_lock_withpad_t),
390 KM_SLEEP);
391 for (i = 0; i < max_ncpus; i++)
392 mutex_init(&crypto_locks[i].kl_lock, NULL, MUTEX_DRIVER, NULL);
393
394 crypto_dip = dip;
395
396 /* allocate integer space for minor numbers */
397 crypto_arena = vmem_create("crypto", (void *)1,
398 CRYPTO_MINOR_CHUNK, 1, NULL, NULL, NULL, 0,
399 VM_SLEEP | VMC_IDENTIFIER);
400
401 return (DDI_SUCCESS);
402 }
403
404 static int
405 crypto_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
406 {
407 minor_t i;
408 kcf_lock_withpad_t *mp;
409
410 if (cmd != DDI_DETACH)
411 return (DDI_FAILURE);
412
413 mp = &crypto_locks[CPU_SEQID];
414 mutex_enter(&mp->kl_lock);
415
416 /* check if device is open */
417 for (i = 0; i < crypto_minors_table_count; i++) {
418 if (crypto_minors[i] != NULL) {
419 mutex_exit(&mp->kl_lock);
420 return (DDI_FAILURE);
421 }
422 }
423 mutex_exit(&mp->kl_lock);
424
425 crypto_dip = NULL;
426 ddi_remove_minor_node(dip, NULL);
427
428 kmem_cache_destroy(crypto_session_cache);
429 crypto_session_cache = NULL;
430
431 kmem_free(crypto_minors,
432 sizeof (crypto_minor_t *) * crypto_minors_table_count);
433 crypto_minors = NULL;
434 crypto_minors_table_count = 0;
435 for (i = 0; i < max_ncpus; i++)
436 mutex_destroy(&crypto_locks[i].kl_lock);
437 kmem_free(crypto_locks, max_ncpus * sizeof (kcf_lock_withpad_t));
438 crypto_locks = NULL;
439
440 vmem_destroy(crypto_arena);
441 crypto_arena = NULL;
442
443 return (DDI_SUCCESS);
444 }
445
446 /* ARGSUSED3 */
447 static int
448 crypto_open(dev_t *devp, int flag, int otyp, cred_t *credp)
449 {
450 crypto_minor_t *cm = NULL;
451 minor_t mn;
452 kcf_lock_withpad_t *mp;
453 int i;
454
455 if (otyp != OTYP_CHR)
456 return (ENXIO);
457
458 if (crypto_dip == NULL)
459 return (ENXIO);
460
461 /* exclusive opens are not supported */
462 if (flag & FEXCL)
463 return (ENOTSUP);
464
465 again:
466 mp = &crypto_locks[CPU_SEQID];
467 mutex_enter(&mp->kl_lock);
468
469 /* grow the minors table if needed */
470 if (crypto_minors_count >= crypto_minors_table_count) {
471 crypto_minor_t **newtable;
472 minor_t chunk = crypto_minor_chunk;
473 minor_t saved_count;
474 size_t new_size;
475 ulong_t big_count;
476
477 big_count = crypto_minors_count + chunk;
478 if (big_count > MAXMIN) {
479 mutex_exit(&mp->kl_lock);
480 return (ENOMEM);
481 }
482
483 saved_count = crypto_minors_table_count;
484 new_size = sizeof (crypto_minor_t *) *
485 (crypto_minors_table_count + chunk);
486
487 mutex_exit(&mp->kl_lock);
488
489 newtable = kmem_zalloc(new_size, KM_SLEEP);
490 CRYPTO_ENTER_ALL_LOCKS();
491 /*
492 * Check if table grew while we were sleeping.
493 * The minors table never shrinks.
494 */
495 if (crypto_minors_table_count > saved_count) {
496 CRYPTO_EXIT_ALL_LOCKS();
497 kmem_free(newtable, new_size);
498 goto again;
499 }
500
501 /* we assume that bcopy() will return if count is 0 */
502 bcopy(crypto_minors, newtable,
503 sizeof (crypto_minor_t *) * crypto_minors_table_count);
504
505 kmem_free(crypto_minors,
506 sizeof (crypto_minor_t *) * crypto_minors_table_count);
507
508 /* grow the minors number space */
509 if (crypto_minors_table_count != 0) {
510 (void) vmem_add(crypto_arena,
511 (void *)(uintptr_t)(crypto_minors_table_count + 1),
512 crypto_minor_chunk, VM_SLEEP);
513 }
514
515 crypto_minors = newtable;
516 crypto_minors_table_count += chunk;
517 CRYPTO_EXIT_ALL_LOCKS();
518 } else {
519 mutex_exit(&mp->kl_lock);
520 }
521
522 /* allocate a new minor number starting with 1 */
523 mn = (minor_t)(uintptr_t)vmem_alloc(crypto_arena, 1, VM_SLEEP);
524
525 cm = kmem_zalloc(sizeof (crypto_minor_t), KM_SLEEP);
526 mutex_init(&cm->cm_lock, NULL, MUTEX_DRIVER, NULL);
527 cv_init(&cm->cm_cv, NULL, CV_DRIVER, NULL);
528
529 CRYPTO_ENTER_ALL_LOCKS();
530 cm->cm_refcnt = 1;
531 crypto_minors[mn - 1] = cm;
532 crypto_minors_count++;
533 CRYPTO_EXIT_ALL_LOCKS();
534
535 *devp = makedevice(getmajor(*devp), mn);
536
537 return (0);
538 }
539
540 /* ARGSUSED1 */
541 static int
542 crypto_close(dev_t dev, int flag, int otyp, cred_t *credp)
543 {
544 crypto_minor_t *cm = NULL;
545 crypto_session_data_t *sp;
546 minor_t mn = getminor(dev);
547 uint_t i;
548 size_t total = 0;
549 kcf_lock_withpad_t *mp;
550
551 mp = &crypto_locks[CPU_SEQID];
552 mutex_enter(&mp->kl_lock);
553
554 if (mn > crypto_minors_table_count) {
555 mutex_exit(&mp->kl_lock);
556 cmn_err(CE_WARN, "crypto_close: bad minor (too big) %d", mn);
557 return (ENODEV);
558 }
559
560 cm = crypto_minors[mn - 1];
561 if (cm == NULL) {
562 mutex_exit(&mp->kl_lock);
563 cmn_err(CE_WARN, "crypto_close: duplicate close of minor %d",
564 getminor(dev));
565 return (ENODEV);
566 }
567
568 mutex_exit(&mp->kl_lock);
569
570 CRYPTO_ENTER_ALL_LOCKS();
571 /*
572 * We free the minor number, mn, from the crypto_arena
573 * only later. This ensures that we won't race with another
574 * thread in crypto_open with the same minor number.
575 */
576 crypto_minors[mn - 1] = NULL;
577 crypto_minors_count--;
578 CRYPTO_EXIT_ALL_LOCKS();
579
580 mutex_enter(&cm->cm_lock);
581 cm->cm_refcnt --; /* decrement refcnt held in open */
582 while (cm->cm_refcnt > 0) {
583 cv_wait(&cm->cm_cv, &cm->cm_lock);
584 }
585
586 vmem_free(crypto_arena, (void *)(uintptr_t)mn, 1);
587
588 /* free all session table entries starting with 1 */
589 for (i = 1; i < cm->cm_session_table_count; i++) {
590 if (cm->cm_session_table[i] == NULL)
591 continue;
592
593 sp = cm->cm_session_table[i];
594 ASSERT((sp->sd_flags & CRYPTO_SESSION_IS_BUSY) == 0);
595 ASSERT(sp->sd_pre_approved_amount == 0 ||
596 sp->sd_pre_approved_amount == crypto_pre_approved_limit);
597 total += sp->sd_pre_approved_amount;
598 if (sp->sd_find_init_cookie != NULL) {
599 (void) crypto_free_find_ctx(sp);
600 }
601 crypto_release_provider_session(cm, sp->sd_provider_session);
602 KCF_PROV_REFRELE(sp->sd_provider);
603 CRYPTO_CANCEL_ALL_CTX(sp);
604 mutex_destroy(&sp->sd_lock);
605 cv_destroy(&sp->sd_cv);
606 kmem_cache_free(crypto_session_cache, sp);
607 cm->cm_session_table[i] = NULL;
608 }
609
610 /* free the session table */
611 if (cm->cm_session_table != NULL && cm->cm_session_table_count > 0)
612 kmem_free(cm->cm_session_table, cm->cm_session_table_count *
613 sizeof (void *));
614
615 total += (cm->cm_session_table_count * sizeof (void *));
616 CRYPTO_DECREMENT_RCTL(total);
617
618 kcf_free_provider_tab(cm->cm_provider_count,
619 cm->cm_provider_array);
620
621 mutex_exit(&cm->cm_lock);
622 mutex_destroy(&cm->cm_lock);
623 cv_destroy(&cm->cm_cv);
624 kmem_free(cm, sizeof (crypto_minor_t));
625
626 return (0);
627 }
628
629 static crypto_minor_t *
630 crypto_hold_minor(minor_t minor)
631 {
632 crypto_minor_t *cm;
633 kcf_lock_withpad_t *mp;
634
635 if (minor > crypto_minors_table_count)
636 return (NULL);
637
638 mp = &crypto_locks[CPU_SEQID];
639 mutex_enter(&mp->kl_lock);
640
641 if ((cm = crypto_minors[minor - 1]) != NULL) {
642 atomic_inc_32(&cm->cm_refcnt);
643 }
644 mutex_exit(&mp->kl_lock);
645 return (cm);
646 }
647
648 static void
649 crypto_release_minor(crypto_minor_t *cm)
650 {
651 if (atomic_dec_32_nv(&cm->cm_refcnt) == 0) {
652 cv_signal(&cm->cm_cv);
653 }
654 }
655
656 /*
657 * Build a list of functions and other information for the provider, pd.
658 */
659 static void
660 crypto_build_function_list(crypto_function_list_t *fl, kcf_provider_desc_t *pd)
661 {
662 crypto_ops_t *ops;
663 crypto_digest_ops_t *digest_ops;
664 crypto_cipher_ops_t *cipher_ops;
665 crypto_mac_ops_t *mac_ops;
666 crypto_sign_ops_t *sign_ops;
667 crypto_verify_ops_t *verify_ops;
668 crypto_dual_ops_t *dual_ops;
669 crypto_random_number_ops_t *random_number_ops;
670 crypto_session_ops_t *session_ops;
671 crypto_object_ops_t *object_ops;
672 crypto_key_ops_t *key_ops;
673 crypto_provider_management_ops_t *provider_ops;
674
675 if ((ops = pd->pd_ops_vector) == NULL)
676 return;
677
678 if ((digest_ops = ops->co_digest_ops) != NULL) {
679 if (digest_ops->digest_init != NULL)
680 fl->fl_digest_init = B_TRUE;
681 if (digest_ops->digest != NULL)
682 fl->fl_digest = B_TRUE;
683 if (digest_ops->digest_update != NULL)
684 fl->fl_digest_update = B_TRUE;
685 if (digest_ops->digest_key != NULL)
686 fl->fl_digest_key = B_TRUE;
687 if (digest_ops->digest_final != NULL)
688 fl->fl_digest_final = B_TRUE;
689 }
690 if ((cipher_ops = ops->co_cipher_ops) != NULL) {
691 if (cipher_ops->encrypt_init != NULL)
692 fl->fl_encrypt_init = B_TRUE;
693 if (cipher_ops->encrypt != NULL)
694 fl->fl_encrypt = B_TRUE;
695 if (cipher_ops->encrypt_update != NULL)
696 fl->fl_encrypt_update = B_TRUE;
697 if (cipher_ops->encrypt_final != NULL)
698 fl->fl_encrypt_final = B_TRUE;
699 if (cipher_ops->decrypt_init != NULL)
700 fl->fl_decrypt_init = B_TRUE;
701 if (cipher_ops->decrypt != NULL)
702 fl->fl_decrypt = B_TRUE;
703 if (cipher_ops->decrypt_update != NULL)
704 fl->fl_decrypt_update = B_TRUE;
705 if (cipher_ops->decrypt_final != NULL)
706 fl->fl_decrypt_final = B_TRUE;
707 }
708 if ((mac_ops = ops->co_mac_ops) != NULL) {
709 if (mac_ops->mac_init != NULL)
710 fl->fl_mac_init = B_TRUE;
711 if (mac_ops->mac != NULL)
712 fl->fl_mac = B_TRUE;
713 if (mac_ops->mac_update != NULL)
714 fl->fl_mac_update = B_TRUE;
715 if (mac_ops->mac_final != NULL)
716 fl->fl_mac_final = B_TRUE;
717 }
718 if ((sign_ops = ops->co_sign_ops) != NULL) {
719 if (sign_ops->sign_init != NULL)
720 fl->fl_sign_init = B_TRUE;
721 if (sign_ops->sign != NULL)
722 fl->fl_sign = B_TRUE;
723 if (sign_ops->sign_update != NULL)
724 fl->fl_sign_update = B_TRUE;
725 if (sign_ops->sign_final != NULL)
726 fl->fl_sign_final = B_TRUE;
727 if (sign_ops->sign_recover_init != NULL)
728 fl->fl_sign_recover_init = B_TRUE;
729 if (sign_ops->sign_recover != NULL)
730 fl->fl_sign_recover = B_TRUE;
731 }
732 if ((verify_ops = ops->co_verify_ops) != NULL) {
733 if (verify_ops->verify_init != NULL)
734 fl->fl_verify_init = B_TRUE;
735 if (verify_ops->verify != NULL)
736 fl->fl_verify = B_TRUE;
737 if (verify_ops->verify_update != NULL)
738 fl->fl_verify_update = B_TRUE;
739 if (verify_ops->verify_final != NULL)
740 fl->fl_verify_final = B_TRUE;
741 if (verify_ops->verify_recover_init != NULL)
742 fl->fl_verify_recover_init = B_TRUE;
743 if (verify_ops->verify_recover != NULL)
744 fl->fl_verify_recover = B_TRUE;
745 }
746 if ((dual_ops = ops->co_dual_ops) != NULL) {
747 if (dual_ops->digest_encrypt_update != NULL)
748 fl->fl_digest_encrypt_update = B_TRUE;
749 if (dual_ops->decrypt_digest_update != NULL)
750 fl->fl_decrypt_digest_update = B_TRUE;
751 if (dual_ops->sign_encrypt_update != NULL)
752 fl->fl_sign_encrypt_update = B_TRUE;
753 if (dual_ops->decrypt_verify_update != NULL)
754 fl->fl_decrypt_verify_update = B_TRUE;
755 }
756 if ((random_number_ops = ops->co_random_ops) != NULL) {
757 if (random_number_ops->seed_random != NULL)
758 fl->fl_seed_random = B_TRUE;
759 if (random_number_ops->generate_random != NULL)
760 fl->fl_generate_random = B_TRUE;
761 }
762 if ((session_ops = ops->co_session_ops) != NULL) {
763 if (session_ops->session_open != NULL)
764 fl->fl_session_open = B_TRUE;
765 if (session_ops->session_close != NULL)
766 fl->fl_session_close = B_TRUE;
767 if (session_ops->session_login != NULL)
768 fl->fl_session_login = B_TRUE;
769 if (session_ops->session_logout != NULL)
770 fl->fl_session_logout = B_TRUE;
771 }
772 if ((object_ops = ops->co_object_ops) != NULL) {
773 if (object_ops->object_create != NULL)
774 fl->fl_object_create = B_TRUE;
775 if (object_ops->object_copy != NULL)
776 fl->fl_object_copy = B_TRUE;
777 if (object_ops->object_destroy != NULL)
778 fl->fl_object_destroy = B_TRUE;
779 if (object_ops->object_get_size != NULL)
780 fl->fl_object_get_size = B_TRUE;
781 if (object_ops->object_get_attribute_value != NULL)
782 fl->fl_object_get_attribute_value = B_TRUE;
783 if (object_ops->object_set_attribute_value != NULL)
784 fl->fl_object_set_attribute_value = B_TRUE;
785 if (object_ops->object_find_init != NULL)
786 fl->fl_object_find_init = B_TRUE;
787 if (object_ops->object_find != NULL)
788 fl->fl_object_find = B_TRUE;
789 if (object_ops->object_find_final != NULL)
790 fl->fl_object_find_final = B_TRUE;
791 }
792 if ((key_ops = ops->co_key_ops) != NULL) {
793 if (key_ops->key_generate != NULL)
794 fl->fl_key_generate = B_TRUE;
795 if (key_ops->key_generate_pair != NULL)
796 fl->fl_key_generate_pair = B_TRUE;
797 if (key_ops->key_wrap != NULL)
798 fl->fl_key_wrap = B_TRUE;
799 if (key_ops->key_unwrap != NULL)
800 fl->fl_key_unwrap = B_TRUE;
801 if (key_ops->key_derive != NULL)
802 fl->fl_key_derive = B_TRUE;
803 }
804 if ((provider_ops = ops->co_provider_ops) != NULL) {
805 if (provider_ops->init_token != NULL)
806 fl->fl_init_token = B_TRUE;
807 if (provider_ops->init_pin != NULL)
808 fl->fl_init_pin = B_TRUE;
809 if (provider_ops->set_pin != NULL)
810 fl->fl_set_pin = B_TRUE;
811 }
812
813 fl->prov_is_hash_limited = pd->pd_flags & CRYPTO_HASH_NO_UPDATE;
814 if (fl->prov_is_hash_limited) {
815 fl->prov_hash_limit = min(pd->pd_hash_limit,
816 min(CRYPTO_MAX_BUFFER_LEN,
817 curproc->p_task->tk_proj->kpj_data.kpd_crypto_mem_ctl));
818 }
819
820 fl->prov_is_hmac_limited = pd->pd_flags & CRYPTO_HMAC_NO_UPDATE;
821 if (fl->prov_is_hmac_limited) {
822 fl->prov_hmac_limit = min(pd->pd_hmac_limit,
823 min(CRYPTO_MAX_BUFFER_LEN,
824 curproc->p_task->tk_proj->kpj_data.kpd_crypto_mem_ctl));
825 }
826
827 if (fl->prov_is_hash_limited || fl->prov_is_hmac_limited) {
828 /*
829 * XXX - The threshold should ideally be per hash/HMAC
830 * mechanism. For now, we use the same value for all
831 * hash/HMAC mechanisms. Empirical evidence suggests this
832 * is fine.
833 */
834 fl->prov_hash_threshold = kcf_md5_threshold;
835 }
836
837 fl->total_threshold_count = MAX_NUM_THRESHOLD;
838 fl->fl_threshold[0].mech_type = CKM_DES3_CBC;
839 fl->fl_threshold[0].mech_threshold = kcf_des3_threshold;
840 fl->fl_threshold[1].mech_type = CKM_DES3_ECB;
841 fl->fl_threshold[1].mech_threshold = kcf_des3_threshold;
842 fl->fl_threshold[2].mech_type = CKM_AES_CBC;
843 fl->fl_threshold[2].mech_threshold = kcf_aes_threshold;
844 fl->fl_threshold[3].mech_type = CKM_AES_ECB;
845 fl->fl_threshold[3].mech_threshold = kcf_aes_threshold;
846 fl->fl_threshold[4].mech_type = CKM_RC4;
847 fl->fl_threshold[4].mech_threshold = kcf_rc4_threshold;
848 fl->fl_threshold[5].mech_type = CKM_MD5;
849 fl->fl_threshold[5].mech_threshold = kcf_md5_threshold;
850 fl->fl_threshold[6].mech_type = CKM_SHA_1;
851 fl->fl_threshold[6].mech_threshold = kcf_sha1_threshold;
852 }
853
854 /* ARGSUSED */
855 static int
856 get_function_list(dev_t dev, caddr_t arg, int mode, int *rval)
857 {
858 crypto_get_function_list_t get_function_list;
859 crypto_minor_t *cm;
860 crypto_provider_id_t provider_id;
861 crypto_function_list_t *fl;
862 kcf_provider_desc_t *provider;
863 int rv;
864
865 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
866 cmn_err(CE_WARN, "get_function_list: failed holding minor");
867 return (ENXIO);
868 }
869
870 if (copyin(arg, &get_function_list, sizeof (get_function_list)) != 0) {
871 crypto_release_minor(cm);
872 return (EFAULT);
873 }
874
875 /* initialize provider_array */
876 if (cm->cm_provider_array == NULL) {
877 rv = crypto_get_provider_list(cm, NULL, NULL, DONT_RETURN_LIST);
878 if (rv != CRYPTO_SUCCESS) {
879 goto release_minor;
880 }
881 }
882
883 provider_id = get_function_list.fl_provider_id;
884 mutex_enter(&cm->cm_lock);
885 /* index must be less than count of providers */
886 if (provider_id >= cm->cm_provider_count) {
887 mutex_exit(&cm->cm_lock);
888 rv = CRYPTO_ARGUMENTS_BAD;
889 goto release_minor;
890 }
891
892 ASSERT(cm->cm_provider_array != NULL);
893 provider = cm->cm_provider_array[provider_id];
894 mutex_exit(&cm->cm_lock);
895
896 fl = &get_function_list.fl_list;
897 bzero(fl, sizeof (crypto_function_list_t));
898
899 if (provider->pd_prov_type != CRYPTO_LOGICAL_PROVIDER) {
900 crypto_build_function_list(fl, provider);
901 } else {
902 kcf_provider_desc_t *prev = NULL, *pd;
903
904 mutex_enter(&provider->pd_lock);
905 while (kcf_get_next_logical_provider_member(provider,
906 prev, &pd)) {
907 prev = pd;
908 crypto_build_function_list(fl, pd);
909 KCF_PROV_REFRELE(pd);
910 }
911 mutex_exit(&provider->pd_lock);
912 }
913
914 rv = CRYPTO_SUCCESS;
915
916 release_minor:
917 crypto_release_minor(cm);
918
919 get_function_list.fl_return_value = rv;
920
921 if (copyout(&get_function_list, arg, sizeof (get_function_list)) != 0) {
922 return (EFAULT);
923 }
924 return (0);
925 }
926
927 /*
928 * This ioctl maps a PKCS#11 mechanism string into an internal number
929 * that is used by the kernel. pn_internal_number is set to the
930 * internal number.
931 */
932 /* ARGSUSED */
933 static int
934 get_mechanism_number(dev_t dev, caddr_t arg, int mode, int *rval)
935 {
936 STRUCT_DECL(crypto_get_mechanism_number, get_number);
937 crypto_mech_type_t number;
938 size_t len;
939 char *mechanism_name;
940 int rv;
941
942 STRUCT_INIT(get_number, mode);
943
944 if (copyin(arg, STRUCT_BUF(get_number), STRUCT_SIZE(get_number)) != 0)
945 return (EFAULT);
946
947 len = STRUCT_FGET(get_number, pn_mechanism_len);
948 if (len == 0 || len > CRYPTO_MAX_MECH_NAME) {
949 rv = CRYPTO_ARGUMENTS_BAD;
950 goto out;
951 }
952 mechanism_name = kmem_alloc(len, KM_SLEEP);
953
954 if (copyin(STRUCT_FGETP(get_number, pn_mechanism_string),
955 mechanism_name, len) != 0) {
956 kmem_free(mechanism_name, len);
957 return (EFAULT);
958 }
959
960 /*
961 * Get mechanism number from kcf. We set the load_module
962 * flag to false since we use only hardware providers.
963 */
964 number = crypto_mech2id_common(mechanism_name, B_FALSE);
965 kmem_free(mechanism_name, len);
966 if (number == CRYPTO_MECH_INVALID) {
967 rv = CRYPTO_ARGUMENTS_BAD;
968 goto out;
969 }
970
971 bcopy((char *)&number, (char *)STRUCT_FADDR(get_number,
972 pn_internal_number), sizeof (number));
973
974 rv = CRYPTO_SUCCESS;
975 out:
976 STRUCT_FSET(get_number, pn_return_value, rv);
977
978 if (copyout(STRUCT_BUF(get_number), arg,
979 STRUCT_SIZE(get_number)) != 0) {
980 return (EFAULT);
981 }
982 return (0);
983 }
984
985 /*
986 * This ioctl returns an array of crypto_mech_name_t entries.
987 * It lists all the PKCS#11 mechanisms available in the kernel.
988 */
989 /* ARGSUSED */
990 static int
991 get_mechanism_list(dev_t dev, caddr_t arg, int mode, int *rval)
992 {
993 STRUCT_DECL(crypto_get_mechanism_list, get_list);
994 crypto_mech_name_t *entries;
995 size_t copyout_size;
996 uint_t req_count;
997 uint_t count;
998 ulong_t offset;
999 int error = 0;
1000
1001 STRUCT_INIT(get_list, mode);
1002
1003 if (copyin(arg, STRUCT_BUF(get_list), STRUCT_SIZE(get_list)) != 0) {
1004 return (EFAULT);
1005 }
1006
1007 entries = crypto_get_mech_list(&count, KM_SLEEP);
1008
1009 /* Number of entries caller thinks we have */
1010 req_count = STRUCT_FGET(get_list, ml_count);
1011
1012 STRUCT_FSET(get_list, ml_count, count);
1013 STRUCT_FSET(get_list, ml_return_value, CRYPTO_SUCCESS);
1014
1015 /* check if buffer is too small */
1016 if (count > req_count) {
1017 STRUCT_FSET(get_list, ml_return_value, CRYPTO_BUFFER_TOO_SMALL);
1018 }
1019
1020 /* copyout the first stuff */
1021 if (copyout(STRUCT_BUF(get_list), arg, STRUCT_SIZE(get_list)) != 0) {
1022 error = EFAULT;
1023 }
1024
1025 /*
1026 * If only requesting number of entries or buffer too small or an
1027 * error occurred, stop here
1028 */
1029 if (req_count == 0 || count > req_count || error != 0) {
1030 goto out;
1031 }
1032
1033 copyout_size = count * sizeof (crypto_mech_name_t);
1034
1035 /* copyout entries */
1036 offset = (ulong_t)STRUCT_FADDR(get_list, ml_list);
1037 offset -= (ulong_t)STRUCT_BUF(get_list);
1038 if (copyout(entries, arg + offset, copyout_size) != 0) {
1039 error = EFAULT;
1040 }
1041
1042 out:
1043 crypto_free_mech_list(entries, count);
1044 return (error);
1045 }
1046
1047 /*
1048 * Copyout kernel array of mech_infos to user space.
1049 */
1050 /* ARGSUSED */
1051 static int
1052 copyout_mechinfos(int mode, caddr_t out, uint_t count,
1053 crypto_mechanism_info_t *k_minfos, caddr_t u_minfos)
1054 {
1055 STRUCT_DECL(crypto_mechanism_info, mi);
1056 caddr_t p;
1057 size_t len;
1058 int i;
1059
1060 if (count == 0)
1061 return (0);
1062
1063 STRUCT_INIT(mi, mode);
1064
1065 len = count * STRUCT_SIZE(mi);
1066
1067 ASSERT(u_minfos != NULL);
1068 p = u_minfos;
1069 for (i = 0; i < count; i++) {
1070 STRUCT_FSET(mi, mi_min_key_size, k_minfos[i].mi_min_key_size);
1071 STRUCT_FSET(mi, mi_max_key_size, k_minfos[i].mi_max_key_size);
1072 STRUCT_FSET(mi, mi_keysize_unit, k_minfos[i].mi_keysize_unit);
1073 STRUCT_FSET(mi, mi_usage, k_minfos[i].mi_usage);
1074 bcopy(STRUCT_BUF(mi), p, STRUCT_SIZE(mi));
1075 p += STRUCT_SIZE(mi);
1076 }
1077
1078 if (copyout(u_minfos, out, len) != 0)
1079 return (EFAULT);
1080
1081 return (0);
1082 }
1083
1084 /*
1085 * This ioctl returns information for the specified mechanism.
1086 */
1087 /* ARGSUSED */
1088 static int
1089 get_all_mechanism_info(dev_t dev, caddr_t arg, int mode, int *rval)
1090 {
1091 STRUCT_DECL(crypto_get_all_mechanism_info, get_all_mech);
1092 #ifdef _LP64
1093 STRUCT_DECL(crypto_mechanism_info, mi);
1094 #else
1095 /* LINTED E_FUNC_SET_NOT_USED */
1096 STRUCT_DECL(crypto_mechanism_info, mi);
1097 #endif
1098 crypto_mech_name_t mech_name;
1099 crypto_mech_type_t mech_type;
1100 crypto_mechanism_info_t *mech_infos = NULL;
1101 uint_t num_mech_infos = 0;
1102 uint_t req_count;
1103 caddr_t u_minfos;
1104 ulong_t offset;
1105 int error = 0;
1106 int rv;
1107
1108 STRUCT_INIT(get_all_mech, mode);
1109 STRUCT_INIT(mi, mode);
1110
1111 if (copyin(arg, STRUCT_BUF(get_all_mech),
1112 STRUCT_SIZE(get_all_mech)) != 0) {
1113 return (EFAULT);
1114 }
1115
1116 (void) strncpy(mech_name, STRUCT_FGET(get_all_mech, mi_mechanism_name),
1117 CRYPTO_MAX_MECH_NAME);
1118 mech_type = crypto_mech2id(mech_name);
1119
1120 if (mech_type == CRYPTO_MECH_INVALID) {
1121 rv = CRYPTO_ARGUMENTS_BAD;
1122 goto out1;
1123 }
1124
1125 rv = crypto_get_all_mech_info(mech_type, &mech_infos, &num_mech_infos,
1126 KM_SLEEP);
1127 if (rv != CRYPTO_SUCCESS) {
1128 goto out1;
1129 }
1130 /* rv is CRYPTO_SUCCESS at this point */
1131
1132 /* Number of entries caller thinks we have */
1133 req_count = STRUCT_FGET(get_all_mech, mi_count);
1134
1135 STRUCT_FSET(get_all_mech, mi_count, num_mech_infos);
1136
1137 /* check if buffer is too small */
1138 if (num_mech_infos > req_count) {
1139 rv = CRYPTO_BUFFER_TOO_SMALL;
1140 }
1141
1142 out1:
1143 STRUCT_FSET(get_all_mech, mi_return_value, rv);
1144
1145 /* copy the first part */
1146 if (copyout(STRUCT_BUF(get_all_mech), arg,
1147 STRUCT_SIZE(get_all_mech)) != 0) {
1148 error = EFAULT;
1149 }
1150
1151 /*
1152 * If only requesting number of entries, or there are no entries,
1153 * or rv is not CRYPTO_SUCCESS due to buffer too small or some other
1154 * crypto error, or an error occurred with copyout, stop here
1155 */
1156 if (req_count == 0 || num_mech_infos == 0 || rv != CRYPTO_SUCCESS ||
1157 error != 0) {
1158 goto out2;
1159 }
1160
1161 /* copyout mech_infos */
1162 offset = (ulong_t)STRUCT_FADDR(get_all_mech, mi_list);
1163 offset -= (ulong_t)STRUCT_BUF(get_all_mech);
1164
1165 u_minfos = kmem_alloc(num_mech_infos * STRUCT_SIZE(mi), KM_SLEEP);
1166 error = copyout_mechinfos(mode, arg + offset, num_mech_infos,
1167 mech_infos, u_minfos);
1168 kmem_free(u_minfos, num_mech_infos * STRUCT_SIZE(mi));
1169 out2:
1170 if (mech_infos != NULL)
1171 crypto_free_all_mech_info(mech_infos, num_mech_infos);
1172 return (error);
1173 }
1174
1175 /*
1176 * Side-effects:
1177 * 1. This routine stores provider descriptor pointers in an array
1178 * and increments each descriptor's reference count. The array
1179 * is stored in per-minor number storage.
1180 * 2. Destroys the old array and creates a new one every time
1181 * this routine is called.
1182 */
1183 int
1184 crypto_get_provider_list(crypto_minor_t *cm, uint_t *count,
1185 crypto_provider_entry_t **array, boolean_t return_slot_list)
1186 {
1187 kcf_provider_desc_t **provider_array;
1188 crypto_provider_entry_t *p = NULL;
1189 uint_t provider_count;
1190 int rval;
1191 int i;
1192
1193 /*
1194 * Take snapshot of provider table returning only HW entries
1195 * that are in a usable state. Also returns logical provider entries.
1196 */
1197 rval = kcf_get_slot_list(&provider_count, &provider_array, B_FALSE);
1198 if (rval != CRYPTO_SUCCESS)
1199 return (rval);
1200
1201 /* allocate memory before taking cm->cm_lock */
1202 if (return_slot_list) {
1203 if (provider_count != 0) {
1204 p = kmem_alloc(provider_count *
1205 sizeof (crypto_provider_entry_t), KM_SLEEP);
1206 for (i = 0; i < provider_count; i++) {
1207 p[i].pe_provider_id = i;
1208 p[i].pe_mechanism_count =
1209 provider_array[i]->pd_mech_list_count;
1210 }
1211 }
1212 *array = p;
1213 *count = provider_count;
1214 }
1215
1216 /*
1217 * Free existing array of providers and replace with new list.
1218 */
1219 mutex_enter(&cm->cm_lock);
1220 if (cm->cm_provider_array != NULL) {
1221 ASSERT(cm->cm_provider_count > 0);
1222 kcf_free_provider_tab(cm->cm_provider_count,
1223 cm->cm_provider_array);
1224 }
1225
1226 cm->cm_provider_array = provider_array;
1227 cm->cm_provider_count = provider_count;
1228 mutex_exit(&cm->cm_lock);
1229
1230 return (CRYPTO_SUCCESS);
1231 }
1232
1233 /*
1234 * This ioctl returns an array of crypto_provider_entry_t entries.
1235 * This is how consumers learn which hardware providers are available.
1236 */
1237 /* ARGSUSED */
1238 static int
1239 get_provider_list(dev_t dev, caddr_t arg, int mode, int *rval)
1240 {
1241 STRUCT_DECL(crypto_get_provider_list, get_list);
1242 crypto_provider_entry_t *entries;
1243 crypto_minor_t *cm;
1244 size_t copyout_size;
1245 uint_t req_count;
1246 uint_t count;
1247 ulong_t offset;
1248 int rv;
1249
1250 STRUCT_INIT(get_list, mode);
1251
1252 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1253 cmn_err(CE_WARN, "get_provider_list: failed holding minor");
1254 return (ENXIO);
1255 }
1256
1257 if (copyin(arg, STRUCT_BUF(get_list), STRUCT_SIZE(get_list)) != 0) {
1258 crypto_release_minor(cm);
1259 return (EFAULT);
1260 }
1261
1262 rv = crypto_get_provider_list(cm, &count, &entries, RETURN_LIST);
1263 if (rv != CRYPTO_SUCCESS) {
1264 crypto_release_minor(cm);
1265 STRUCT_FSET(get_list, pl_return_value, rv);
1266 if (copyout(STRUCT_BUF(get_list), arg,
1267 STRUCT_SIZE(get_list)) != 0) {
1268 return (EFAULT);
1269 }
1270 return (0);
1271 }
1272 crypto_release_minor(cm);
1273
1274 /* Number of slots caller thinks we have */
1275 req_count = STRUCT_FGET(get_list, pl_count);
1276
1277 /* Check if only requesting number of slots */
1278 if (req_count == 0) {
1279
1280 STRUCT_FSET(get_list, pl_count, count);
1281 STRUCT_FSET(get_list, pl_return_value, CRYPTO_SUCCESS);
1282
1283 crypto_free_provider_list(entries, count);
1284 if (copyout(STRUCT_BUF(get_list), arg,
1285 STRUCT_SIZE(get_list)) != 0) {
1286 return (EFAULT);
1287 }
1288 return (0);
1289 }
1290
1291 /* check if buffer is too small */
1292 req_count = STRUCT_FGET(get_list, pl_count);
1293 if (count > req_count) {
1294 STRUCT_FSET(get_list, pl_count, count);
1295 STRUCT_FSET(get_list, pl_return_value, CRYPTO_BUFFER_TOO_SMALL);
1296 crypto_free_provider_list(entries, count);
1297 if (copyout(STRUCT_BUF(get_list), arg,
1298 STRUCT_SIZE(get_list)) != 0) {
1299 return (EFAULT);
1300 }
1301 return (0);
1302 }
1303
1304 STRUCT_FSET(get_list, pl_count, count);
1305 STRUCT_FSET(get_list, pl_return_value, CRYPTO_SUCCESS);
1306
1307 copyout_size = count * sizeof (crypto_provider_entry_t);
1308
1309 /* copyout the first stuff */
1310 if (copyout(STRUCT_BUF(get_list), arg, STRUCT_SIZE(get_list)) != 0) {
1311 crypto_free_provider_list(entries, count);
1312 return (EFAULT);
1313 }
1314
1315 if (count == 0) {
1316 crypto_free_provider_list(entries, count);
1317 return (0);
1318 }
1319
1320 /* copyout entries */
1321 offset = (ulong_t)STRUCT_FADDR(get_list, pl_list);
1322 offset -= (ulong_t)STRUCT_BUF(get_list);
1323 if (copyout(entries, arg + offset, copyout_size) != 0) {
1324 crypto_free_provider_list(entries, count);
1325 return (EFAULT);
1326 }
1327
1328 crypto_free_provider_list(entries, count);
1329 return (0);
1330 }
1331
1332 static void
1333 ext_to_provider_data(int mode, kcf_provider_desc_t *provider,
1334 crypto_provider_ext_info_t *ei, void *out)
1335 {
1336 STRUCT_DECL(crypto_provider_data, pd);
1337 STRUCT_DECL(crypto_version, version);
1338
1339 STRUCT_INIT(pd, mode);
1340 STRUCT_INIT(version, mode);
1341
1342 bcopy(provider->pd_description, STRUCT_FGET(pd, pd_prov_desc),
1343 CRYPTO_PROVIDER_DESCR_MAX_LEN);
1344
1345 bcopy(ei->ei_label, STRUCT_FGET(pd, pd_label), CRYPTO_EXT_SIZE_LABEL);
1346 bcopy(ei->ei_manufacturerID, STRUCT_FGET(pd, pd_manufacturerID),
1347 CRYPTO_EXT_SIZE_MANUF);
1348 bcopy(ei->ei_model, STRUCT_FGET(pd, pd_model), CRYPTO_EXT_SIZE_MODEL);
1349 bcopy(ei->ei_serial_number, STRUCT_FGET(pd, pd_serial_number),
1350 CRYPTO_EXT_SIZE_SERIAL);
1351 /*
1352 * We do not support ioctls for dual-function crypto operations yet.
1353 * So, we clear this flag as it might have been set by a provider.
1354 */
1355 ei->ei_flags &= ~CRYPTO_EXTF_DUAL_CRYPTO_OPERATIONS;
1356
1357 STRUCT_FSET(pd, pd_flags, ei->ei_flags);
1358 STRUCT_FSET(pd, pd_max_session_count, ei->ei_max_session_count);
1359 STRUCT_FSET(pd, pd_session_count, (int)CRYPTO_UNAVAILABLE_INFO);
1360 STRUCT_FSET(pd, pd_max_rw_session_count, ei->ei_max_session_count);
1361 STRUCT_FSET(pd, pd_rw_session_count, (int)CRYPTO_UNAVAILABLE_INFO);
1362 STRUCT_FSET(pd, pd_max_pin_len, ei->ei_max_pin_len);
1363 STRUCT_FSET(pd, pd_min_pin_len, ei->ei_min_pin_len);
1364 STRUCT_FSET(pd, pd_total_public_memory, ei->ei_total_public_memory);
1365 STRUCT_FSET(pd, pd_free_public_memory, ei->ei_free_public_memory);
1366 STRUCT_FSET(pd, pd_total_private_memory, ei->ei_total_private_memory);
1367 STRUCT_FSET(pd, pd_free_private_memory, ei->ei_free_private_memory);
1368 STRUCT_FSET(version, cv_major, ei->ei_hardware_version.cv_major);
1369 STRUCT_FSET(version, cv_minor, ei->ei_hardware_version.cv_minor);
1370 bcopy(STRUCT_BUF(version), STRUCT_FADDR(pd, pd_hardware_version),
1371 STRUCT_SIZE(version));
1372 STRUCT_FSET(version, cv_major, ei->ei_firmware_version.cv_major);
1373 STRUCT_FSET(version, cv_minor, ei->ei_firmware_version.cv_minor);
1374 bcopy(STRUCT_BUF(version), STRUCT_FADDR(pd, pd_firmware_version),
1375 STRUCT_SIZE(version));
1376 bcopy(ei->ei_time, STRUCT_FGET(pd, pd_time), CRYPTO_EXT_SIZE_TIME);
1377 bcopy(STRUCT_BUF(pd), out, STRUCT_SIZE(pd));
1378 }
1379
1380 /*
1381 * Utility routine to construct a crypto_provider_ext_info structure. Some
1382 * of the fields are constructed from information in the provider structure.
1383 * The rest of the fields have default values. We need to do this for
1384 * providers which do not support crypto_provider_management_ops routines.
1385 */
1386 static void
1387 fabricate_ext_info(kcf_provider_desc_t *provider,
1388 crypto_provider_ext_info_t *ei)
1389 {
1390 /* empty label */
1391 (void) memset(ei->ei_label, ' ', CRYPTO_EXT_SIZE_LABEL);
1392
1393 (void) memset(ei->ei_manufacturerID, ' ', CRYPTO_EXT_SIZE_MANUF);
1394 (void) strncpy((char *)ei->ei_manufacturerID, "Unknown", 7);
1395
1396 (void) memset(ei->ei_model, ' ', CRYPTO_EXT_SIZE_MODEL);
1397 (void) strncpy((char *)ei->ei_model, "Unknown", 7);
1398
1399 (void) memset(ei->ei_serial_number, ' ', CRYPTO_EXT_SIZE_SERIAL);
1400 (void) strncpy((char *)ei->ei_serial_number, "Unknown", 7);
1401
1402 if (KCF_PROV_RANDOM_OPS(provider) != NULL)
1403 ei->ei_flags |= CRYPTO_EXTF_RNG;
1404 if (KCF_PROV_DUAL_OPS(provider) != NULL)
1405 ei->ei_flags |= CRYPTO_EXTF_DUAL_CRYPTO_OPERATIONS;
1406
1407 ei->ei_max_session_count = CRYPTO_UNAVAILABLE_INFO;
1408 ei->ei_max_pin_len = 0;
1409 ei->ei_min_pin_len = 0;
1410 ei->ei_total_public_memory = CRYPTO_UNAVAILABLE_INFO;
1411 ei->ei_free_public_memory = CRYPTO_UNAVAILABLE_INFO;
1412 ei->ei_total_private_memory = CRYPTO_UNAVAILABLE_INFO;
1413 ei->ei_free_private_memory = CRYPTO_UNAVAILABLE_INFO;
1414 ei->ei_hardware_version.cv_major = 1;
1415 ei->ei_hardware_version.cv_minor = 0;
1416 ei->ei_firmware_version.cv_major = 1;
1417 ei->ei_firmware_version.cv_minor = 0;
1418 }
1419
1420 /* ARGSUSED */
1421 static int
1422 get_provider_info(dev_t dev, caddr_t arg, int mode, int *rval)
1423 {
1424 STRUCT_DECL(crypto_get_provider_info, get_info);
1425 crypto_minor_t *cm;
1426 crypto_provider_id_t provider_id;
1427 kcf_provider_desc_t *provider, *real_provider;
1428 crypto_provider_ext_info_t *ext_info = NULL;
1429 size_t need;
1430 int error = 0;
1431 int rv;
1432 kcf_req_params_t params;
1433
1434 STRUCT_INIT(get_info, mode);
1435
1436 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1437 cmn_err(CE_WARN, "get_provider_info: failed holding minor");
1438 return (ENXIO);
1439 }
1440
1441 if (copyin(arg, STRUCT_BUF(get_info), STRUCT_SIZE(get_info)) != 0) {
1442 crypto_release_minor(cm);
1443 return (EFAULT);
1444 }
1445
1446 need = sizeof (crypto_provider_ext_info_t);
1447 if ((rv = crypto_buffer_check(need)) != CRYPTO_SUCCESS) {
1448 need = 0;
1449 goto release_minor;
1450 }
1451
1452 /* initialize provider_array */
1453 if (cm->cm_provider_array == NULL) {
1454 rv = crypto_get_provider_list(cm, NULL, NULL, DONT_RETURN_LIST);
1455 if (rv != CRYPTO_SUCCESS) {
1456 goto release_minor;
1457 }
1458 }
1459
1460 ext_info = kmem_zalloc(need, KM_SLEEP);
1461
1462 provider_id = STRUCT_FGET(get_info, gi_provider_id);
1463 mutex_enter(&cm->cm_lock);
1464 /* index must be less than count of providers */
1465 if (provider_id >= cm->cm_provider_count) {
1466 mutex_exit(&cm->cm_lock);
1467 rv = CRYPTO_ARGUMENTS_BAD;
1468 goto release_minor;
1469 }
1470
1471 ASSERT(cm->cm_provider_array != NULL);
1472 provider = cm->cm_provider_array[provider_id];
1473 KCF_PROV_REFHOLD(provider);
1474 mutex_exit(&cm->cm_lock);
1475
1476 (void) kcf_get_hardware_provider_nomech(
1477 CRYPTO_OPS_OFFSET(provider_ops), CRYPTO_PROVIDER_OFFSET(ext_info),
1478 provider, &real_provider);
1479
1480 if (real_provider != NULL) {
1481 ASSERT(real_provider == provider ||
1482 provider->pd_prov_type == CRYPTO_LOGICAL_PROVIDER);
1483 KCF_WRAP_PROVMGMT_OPS_PARAMS(&params, KCF_OP_MGMT_EXTINFO,
1484 0, NULL, 0, NULL, 0, NULL, ext_info, provider);
1485 rv = kcf_submit_request(real_provider, NULL, NULL, &params,
1486 B_FALSE);
1487 ASSERT(rv != CRYPTO_NOT_SUPPORTED);
1488 KCF_PROV_REFRELE(real_provider);
1489 } else {
1490 /* do the best we can */
1491 fabricate_ext_info(provider, ext_info);
1492 rv = CRYPTO_SUCCESS;
1493 }
1494 KCF_PROV_REFRELE(provider);
1495
1496 if (rv == CRYPTO_SUCCESS) {
1497 ext_to_provider_data(mode, provider, ext_info,
1498 STRUCT_FADDR(get_info, gi_provider_data));
1499 }
1500
1501 release_minor:
1502 CRYPTO_DECREMENT_RCTL(need);
1503 crypto_release_minor(cm);
1504
1505 if (ext_info != NULL)
1506 kmem_free(ext_info, sizeof (crypto_provider_ext_info_t));
1507
1508 if (error != 0)
1509 return (error);
1510
1511 STRUCT_FSET(get_info, gi_return_value, rv);
1512 if (copyout(STRUCT_BUF(get_info), arg, STRUCT_SIZE(get_info)) != 0) {
1513 return (EFAULT);
1514 }
1515 return (0);
1516 }
1517
1518 /*
1519 * This ioctl returns an array of crypto_mech_name_t entries.
1520 * This is how consumers learn which mechanisms are permitted
1521 * by a provider.
1522 */
1523 /* ARGSUSED */
1524 static int
1525 get_provider_mechanisms(dev_t dev, caddr_t arg, int mode, int *rval)
1526 {
1527 STRUCT_DECL(crypto_get_provider_mechanisms, get_mechanisms);
1528 crypto_mech_name_t *entries;
1529 crypto_minor_t *cm;
1530 size_t copyout_size;
1531 uint_t req_count;
1532 uint_t count;
1533 ulong_t offset;
1534 int err;
1535
1536 STRUCT_INIT(get_mechanisms, mode);
1537
1538 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1539 cmn_err(CE_WARN,
1540 "get_provider_mechanisms: failed holding minor");
1541 return (ENXIO);
1542 }
1543
1544 if (copyin(arg, STRUCT_BUF(get_mechanisms),
1545 STRUCT_SIZE(get_mechanisms)) != 0) {
1546 crypto_release_minor(cm);
1547 return (EFAULT);
1548 }
1549
1550 /* get array of mechanisms from the core module */
1551 if ((err = crypto_get_provider_mechanisms(cm,
1552 STRUCT_FGET(get_mechanisms, pm_provider_id),
1553 &count, &entries)) != 0) {
1554 crypto_release_minor(cm);
1555 STRUCT_FSET(get_mechanisms, pm_return_value, err);
1556 if (copyout(STRUCT_BUF(get_mechanisms), arg,
1557 STRUCT_SIZE(get_mechanisms)) != 0) {
1558 return (EFAULT);
1559 }
1560 return (0);
1561 }
1562 crypto_release_minor(cm);
1563 /* Number of mechs caller thinks we have */
1564 req_count = STRUCT_FGET(get_mechanisms, pm_count);
1565
1566 /* Check if caller is just requesting a count of mechanisms */
1567 if (req_count == 0) {
1568 STRUCT_FSET(get_mechanisms, pm_count, count);
1569 STRUCT_FSET(get_mechanisms, pm_return_value, CRYPTO_SUCCESS);
1570
1571 crypto_free_mech_list(entries, count);
1572 if (copyout(STRUCT_BUF(get_mechanisms), arg,
1573 STRUCT_SIZE(get_mechanisms)) != 0) {
1574 return (EFAULT);
1575 }
1576 return (0);
1577 }
1578
1579 /* check if buffer is too small */
1580 if (count > req_count) {
1581 STRUCT_FSET(get_mechanisms, pm_count, count);
1582 STRUCT_FSET(get_mechanisms, pm_return_value,
1583 CRYPTO_BUFFER_TOO_SMALL);
1584 crypto_free_mech_list(entries, count);
1585 if (copyout(STRUCT_BUF(get_mechanisms), arg,
1586 STRUCT_SIZE(get_mechanisms)) != 0) {
1587 return (EFAULT);
1588 }
1589 return (0);
1590 }
1591
1592 STRUCT_FSET(get_mechanisms, pm_count, count);
1593 STRUCT_FSET(get_mechanisms, pm_return_value, CRYPTO_SUCCESS);
1594
1595 copyout_size = count * sizeof (crypto_mech_name_t);
1596
1597 /* copyout the first stuff */
1598 if (copyout(STRUCT_BUF(get_mechanisms), arg,
1599 STRUCT_SIZE(get_mechanisms)) != 0) {
1600 crypto_free_mech_list(entries, count);
1601 return (EFAULT);
1602 }
1603
1604 if (count == 0) {
1605 return (0);
1606 }
1607
1608 /* copyout entries */
1609 offset = (ulong_t)STRUCT_FADDR(get_mechanisms, pm_list);
1610 offset -= (ulong_t)STRUCT_BUF(get_mechanisms);
1611 if (copyout(entries, arg + offset, copyout_size) != 0) {
1612 crypto_free_mech_list(entries, count);
1613 return (EFAULT);
1614 }
1615
1616 crypto_free_mech_list(entries, count);
1617 return (0);
1618 }
1619
1620 /*
1621 * This ioctl returns information about a provider's mechanism.
1622 */
1623 /* ARGSUSED */
1624 static int
1625 get_provider_mechanism_info(dev_t dev, caddr_t arg, int mode, int *rval)
1626 {
1627 crypto_get_provider_mechanism_info_t mechanism_info;
1628 crypto_minor_t *cm;
1629 kcf_provider_desc_t *pd;
1630 crypto_mech_info_t *mi = NULL;
1631 int rv = CRYPTO_SUCCESS;
1632 int i;
1633
1634 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1635 cmn_err(CE_WARN,
1636 "get_provider_mechanism_info: failed holding minor");
1637 return (ENXIO);
1638 }
1639
1640 if (copyin(arg, &mechanism_info, sizeof (mechanism_info)) != 0) {
1641 crypto_release_minor(cm);
1642 return (EFAULT);
1643 }
1644
1645 /* initialize provider table */
1646 if (cm->cm_provider_array == NULL) {
1647 rv = crypto_get_provider_list(cm, NULL, NULL, DONT_RETURN_LIST);
1648 if (rv != CRYPTO_SUCCESS) {
1649 mutex_enter(&cm->cm_lock);
1650 goto fail;
1651 }
1652 }
1653
1654 /*
1655 * Provider ID must be less than the count of providers
1656 * obtained by calling get_provider_list().
1657 */
1658 mutex_enter(&cm->cm_lock);
1659 if (mechanism_info.mi_provider_id >= cm->cm_provider_count) {
1660 rv = CRYPTO_ARGUMENTS_BAD;
1661 goto fail;
1662 }
1663
1664 pd = cm->cm_provider_array[mechanism_info.mi_provider_id];
1665
1666 /* First check if the provider supports the mechanism. */
1667 for (i = 0; i < pd->pd_mech_list_count; i++) {
1668 if (strncmp(pd->pd_mechanisms[i].cm_mech_name,
1669 mechanism_info.mi_mechanism_name,
1670 CRYPTO_MAX_MECH_NAME) == 0) {
1671 mi = &pd->pd_mechanisms[i];
1672 break;
1673 }
1674 }
1675
1676 if (mi == NULL) {
1677 rv = CRYPTO_ARGUMENTS_BAD;
1678 goto fail;
1679 }
1680
1681 /* Now check if the mechanism is enabled for the provider. */
1682 if (is_mech_disabled(pd, mechanism_info.mi_mechanism_name)) {
1683 rv = CRYPTO_MECHANISM_INVALID;
1684 goto fail;
1685 }
1686
1687 mechanism_info.mi_min_key_size = mi->cm_min_key_length;
1688 mechanism_info.mi_max_key_size = mi->cm_max_key_length;
1689 mechanism_info.mi_flags = mi->cm_func_group_mask;
1690
1691 fail:
1692 mutex_exit(&cm->cm_lock);
1693 crypto_release_minor(cm);
1694 mechanism_info.mi_return_value = rv;
1695 if (copyout(&mechanism_info, arg, sizeof (mechanism_info)) != 0) {
1696 return (EFAULT);
1697 }
1698
1699 return (0);
1700 }
1701
1702 /*
1703 * Every open of /dev/crypto multiplexes all PKCS#11 sessions across
1704 * a single session to each provider. Calls to open and close session
1705 * are not made to providers that do not support sessions. For these
1706 * providers, a session number of 0 is passed during subsequent operations,
1707 * and it is ignored by the provider.
1708 */
1709 static int
1710 crypto_get_provider_session(crypto_minor_t *cm,
1711 crypto_provider_id_t provider_index, crypto_provider_session_t **output_ps)
1712 {
1713 kcf_provider_desc_t *pd, *real_provider;
1714 kcf_req_params_t params;
1715 crypto_provider_session_t *ps;
1716 crypto_session_id_t provider_session_id = 0;
1717 int rv;
1718
1719 ASSERT(MUTEX_HELD(&cm->cm_lock));
1720
1721 /* pd may be a logical provider */
1722 pd = cm->cm_provider_array[provider_index];
1723
1724 again:
1725 /*
1726 * Check if there is already a session to the provider.
1727 * Sessions may be to a logical provider or a real provider.
1728 */
1729 for (ps = cm->cm_provider_session; ps != NULL; ps = ps->ps_next) {
1730 if (ps->ps_provider == pd)
1731 break;
1732 }
1733
1734 /* found existing session */
1735 if (ps != NULL) {
1736 ps->ps_refcnt++;
1737 *output_ps = ps;
1738 return (CRYPTO_SUCCESS);
1739 }
1740 mutex_exit(&cm->cm_lock);
1741
1742 /* find a hardware provider that supports session ops */
1743 (void) kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET(session_ops),
1744 CRYPTO_SESSION_OFFSET(session_open), pd, &real_provider);
1745
1746 if (real_provider != NULL) {
1747 ASSERT(real_provider == pd ||
1748 pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER);
1749 /* open session to provider */
1750 KCF_WRAP_SESSION_OPS_PARAMS(&params, KCF_OP_SESSION_OPEN,
1751 &provider_session_id, 0, CRYPTO_USER, NULL, 0, pd);
1752 rv = kcf_submit_request(real_provider, NULL, NULL, &params,
1753 B_FALSE);
1754 if (rv != CRYPTO_SUCCESS) {
1755 mutex_enter(&cm->cm_lock);
1756 KCF_PROV_REFRELE(real_provider);
1757 return (rv);
1758 }
1759 }
1760
1761 /*
1762 * Check if someone opened a session to the provider
1763 * while we dropped the lock.
1764 */
1765 mutex_enter(&cm->cm_lock);
1766 for (ps = cm->cm_provider_session; ps != NULL; ps = ps->ps_next) {
1767 if (ps->ps_provider == pd) {
1768 mutex_exit(&cm->cm_lock);
1769 if (real_provider != NULL) {
1770 KCF_WRAP_SESSION_OPS_PARAMS(&params,
1771 KCF_OP_SESSION_CLOSE, NULL,
1772 provider_session_id, CRYPTO_USER, NULL, 0,
1773 pd);
1774 (void) kcf_submit_request(real_provider, NULL,
1775 NULL, &params, B_FALSE);
1776 KCF_PROV_REFRELE(real_provider);
1777 }
1778 mutex_enter(&cm->cm_lock);
1779 goto again;
1780
1781 }
1782 }
1783
1784 return (crypto_create_provider_session(cm, pd, provider_session_id,
1785 output_ps, real_provider));
1786 }
1787
1788 static int
1789 crypto_create_provider_session(crypto_minor_t *cm, kcf_provider_desc_t *pd,
1790 crypto_session_id_t sid, crypto_provider_session_t **out_ps,
1791 kcf_provider_desc_t *real)
1792 {
1793 crypto_provider_session_t *ps;
1794
1795 /* allocate crypto_provider_session structure */
1796 ps = kmem_zalloc(sizeof (crypto_provider_session_t), KM_SLEEP);
1797
1798 /* increment refcnt and attach to crypto_minor structure */
1799 ps->ps_session = sid;
1800 ps->ps_refcnt = 1;
1801 KCF_PROV_REFHOLD(pd);
1802 ps->ps_provider = pd;
1803 if (real != NULL) {
1804 ps->ps_real_provider = real;
1805 }
1806 ps->ps_next = cm->cm_provider_session;
1807 cm->cm_provider_session = ps;
1808
1809 *out_ps = ps;
1810 return (CRYPTO_SUCCESS);
1811 }
1812
1813 /*
1814 * Release a provider session.
1815 * If the reference count goes to zero, then close the session
1816 * to the provider.
1817 */
1818 static void
1819 crypto_release_provider_session(crypto_minor_t *cm,
1820 crypto_provider_session_t *provider_session)
1821 {
1822 kcf_req_params_t params;
1823 crypto_provider_session_t *ps = NULL, **prev;
1824
1825 ASSERT(MUTEX_HELD(&cm->cm_lock));
1826
1827 /* verify that provider_session is valid */
1828 for (ps = cm->cm_provider_session, prev = &cm->cm_provider_session;
1829 ps != NULL; prev = &ps->ps_next, ps = ps->ps_next) {
1830 if (ps == provider_session) {
1831 break;
1832 }
1833 }
1834
1835 if (ps == NULL)
1836 return;
1837
1838 ps->ps_refcnt--;
1839
1840 if (ps->ps_refcnt > 0)
1841 return;
1842
1843 if (ps->ps_real_provider != NULL) {
1844 /* close session with provider */
1845 KCF_WRAP_SESSION_OPS_PARAMS(&params, KCF_OP_SESSION_CLOSE, NULL,
1846 ps->ps_session, CRYPTO_USER, NULL, 0, ps->ps_provider);
1847 (void) kcf_submit_request(ps->ps_real_provider,
1848 NULL, NULL, &params, B_FALSE);
1849 KCF_PROV_REFRELE(ps->ps_real_provider);
1850 }
1851 KCF_PROV_REFRELE(ps->ps_provider);
1852 *prev = ps->ps_next;
1853 kmem_free(ps, sizeof (*ps));
1854 }
1855
1856 static int
1857 grow_session_table(crypto_minor_t *cm)
1858 {
1859 crypto_session_data_t **session_table;
1860 crypto_session_data_t **new;
1861 uint_t session_table_count;
1862 uint_t need;
1863 size_t current_allocation;
1864 size_t new_allocation;
1865 int rv;
1866
1867 ASSERT(MUTEX_HELD(&cm->cm_lock));
1868
1869 session_table_count = cm->cm_session_table_count;
1870 session_table = cm->cm_session_table;
1871 need = session_table_count + CRYPTO_SESSION_CHUNK;
1872
1873 current_allocation = session_table_count * sizeof (void *);
1874 new_allocation = need * sizeof (void *);
1875
1876 /*
1877 * Memory needed to grow the session table is checked
1878 * against the project.max-crypto-memory resource control.
1879 */
1880 if ((rv = crypto_buffer_check(new_allocation - current_allocation)) !=
1881 CRYPTO_SUCCESS) {
1882 return (rv);
1883 }
1884
1885 /* drop lock while we allocate memory */
1886 mutex_exit(&cm->cm_lock);
1887 new = kmem_zalloc(new_allocation, KM_SLEEP);
1888 mutex_enter(&cm->cm_lock);
1889
1890 /* check if another thread increased the table size */
1891 if (session_table_count != cm->cm_session_table_count) {
1892 kmem_free(new, new_allocation);
1893 return (CRYPTO_SUCCESS);
1894 }
1895
1896 bcopy(session_table, new, current_allocation);
1897 kmem_free(session_table, current_allocation);
1898 cm->cm_session_table = new;
1899 cm->cm_session_table_count += CRYPTO_SESSION_CHUNK;
1900
1901 return (CRYPTO_SUCCESS);
1902 }
1903
1904 /*
1905 * Find unused entry in session table and return its index.
1906 * Initialize session table entry.
1907 */
1908 /* ARGSUSED */
1909 static int
1910 crypto_open_session(dev_t dev, uint_t flags, crypto_session_id_t *session_index,
1911 crypto_provider_id_t provider_id)
1912 {
1913 crypto_minor_t *cm;
1914 int rv;
1915 crypto_provider_session_t *ps;
1916 kcf_provider_desc_t *provider;
1917
1918 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
1919 cmn_err(CE_WARN, "crypto_open_session: failed holding minor");
1920 return (CRYPTO_FAILED);
1921 }
1922
1923 /* initialize provider_array */
1924 if (cm->cm_provider_array == NULL) {
1925 rv = crypto_get_provider_list(cm, NULL, NULL, DONT_RETURN_LIST);
1926 if (rv != 0) {
1927 crypto_release_minor(cm);
1928 return (rv);
1929 }
1930 }
1931
1932 mutex_enter(&cm->cm_lock);
1933 /* index must be less than count of providers */
1934 if (provider_id >= cm->cm_provider_count) {
1935 mutex_exit(&cm->cm_lock);
1936 crypto_release_minor(cm);
1937 return (CRYPTO_INVALID_PROVIDER_ID);
1938 }
1939 ASSERT(cm->cm_provider_array != NULL);
1940
1941 rv = crypto_get_provider_session(cm, provider_id, &ps);
1942 if (rv != CRYPTO_SUCCESS) {
1943 mutex_exit(&cm->cm_lock);
1944 crypto_release_minor(cm);
1945 return (rv);
1946 }
1947 provider = cm->cm_provider_array[provider_id];
1948
1949 rv = crypto_create_session_ptr(cm, provider, ps, session_index);
1950 mutex_exit(&cm->cm_lock);
1951 crypto_release_minor(cm);
1952 return (rv);
1953
1954 }
1955
1956 static int
1957 crypto_create_session_ptr(crypto_minor_t *cm, kcf_provider_desc_t *provider,
1958 crypto_provider_session_t *ps, crypto_session_id_t *session_index)
1959 {
1960 crypto_session_data_t **session_table;
1961 crypto_session_data_t *sp;
1962 uint_t session_table_count;
1963 uint_t i;
1964 int rv;
1965
1966 ASSERT(MUTEX_HELD(&cm->cm_lock));
1967
1968 again:
1969 session_table_count = cm->cm_session_table_count;
1970 session_table = cm->cm_session_table;
1971
1972 /* session handles start with 1 */
1973 for (i = 1; i < session_table_count; i++) {
1974 if (session_table[i] == NULL)
1975 break;
1976 }
1977
1978 if (i == session_table_count || session_table_count == 0) {
1979 if ((rv = grow_session_table(cm)) != CRYPTO_SUCCESS) {
1980 crypto_release_provider_session(cm, ps);
1981 return (rv);
1982 }
1983 goto again;
1984 }
1985
1986 sp = kmem_cache_alloc(crypto_session_cache, KM_SLEEP);
1987 sp->sd_flags = 0;
1988 sp->sd_find_init_cookie = NULL;
1989 sp->sd_digest_ctx = NULL;
1990 sp->sd_encr_ctx = NULL;
1991 sp->sd_decr_ctx = NULL;
1992 sp->sd_sign_ctx = NULL;
1993 sp->sd_verify_ctx = NULL;
1994 sp->sd_mac_ctx = NULL;
1995 sp->sd_sign_recover_ctx = NULL;
1996 sp->sd_verify_recover_ctx = NULL;
1997 mutex_init(&sp->sd_lock, NULL, MUTEX_DRIVER, NULL);
1998 cv_init(&sp->sd_cv, NULL, CV_DRIVER, NULL);
1999 KCF_PROV_REFHOLD(provider);
2000 sp->sd_provider = provider;
2001 sp->sd_provider_session = ps;
2002
2003 /* See the comment for CRYPTO_PRE_APPROVED_LIMIT. */
2004 if ((rv = crypto_buffer_check(crypto_pre_approved_limit)) !=
2005 CRYPTO_SUCCESS) {
2006 sp->sd_pre_approved_amount = 0;
2007 } else {
2008 sp->sd_pre_approved_amount = (int)crypto_pre_approved_limit;
2009 }
2010
2011 cm->cm_session_table[i] = sp;
2012 if (session_index != NULL)
2013 *session_index = i;
2014
2015 return (CRYPTO_SUCCESS);
2016 }
2017
2018 /*
2019 * Close a session.
2020 */
2021 static int
2022 crypto_close_session(dev_t dev, crypto_session_id_t session_index)
2023 {
2024 crypto_session_data_t **session_table;
2025 crypto_session_data_t *sp;
2026 crypto_minor_t *cm;
2027
2028 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
2029 cmn_err(CE_WARN, "crypto_close_session: failed holding minor");
2030 return (CRYPTO_FAILED);
2031 }
2032
2033 mutex_enter(&cm->cm_lock);
2034 session_table = cm->cm_session_table;
2035
2036 if ((session_index) == 0 ||
2037 (session_index >= cm->cm_session_table_count)) {
2038 mutex_exit(&cm->cm_lock);
2039 crypto_release_minor(cm);
2040 return (CRYPTO_SESSION_HANDLE_INVALID);
2041 }
2042
2043 sp = session_table[session_index];
2044 if (sp == NULL) {
2045 mutex_exit(&cm->cm_lock);
2046 crypto_release_minor(cm);
2047 return (CRYPTO_SESSION_HANDLE_INVALID);
2048 }
2049 /*
2050 * If session is in use, free it when the thread
2051 * finishes with the session.
2052 */
2053 mutex_enter(&sp->sd_lock);
2054 if (sp->sd_flags & CRYPTO_SESSION_IS_BUSY) {
2055 sp->sd_flags |= CRYPTO_SESSION_IS_CLOSED;
2056 mutex_exit(&sp->sd_lock);
2057 } else {
2058 ASSERT(sp->sd_pre_approved_amount == 0 ||
2059 sp->sd_pre_approved_amount == crypto_pre_approved_limit);
2060 CRYPTO_DECREMENT_RCTL(sp->sd_pre_approved_amount);
2061
2062 if (sp->sd_find_init_cookie != NULL) {
2063 (void) crypto_free_find_ctx(sp);
2064 }
2065
2066 crypto_release_provider_session(cm, sp->sd_provider_session);
2067 KCF_PROV_REFRELE(sp->sd_provider);
2068 CRYPTO_CANCEL_ALL_CTX(sp);
2069 mutex_destroy(&sp->sd_lock);
2070 cv_destroy(&sp->sd_cv);
2071 kmem_cache_free(crypto_session_cache, sp);
2072 session_table[session_index] = NULL;
2073 }
2074
2075 mutex_exit(&cm->cm_lock);
2076 crypto_release_minor(cm);
2077
2078 return (CRYPTO_SUCCESS);
2079 }
2080
2081 /*
2082 * This ioctl opens a session and returns the session ID in os_session.
2083 */
2084 /* ARGSUSED */
2085 static int
2086 open_session(dev_t dev, caddr_t arg, int mode, int *rval)
2087 {
2088 crypto_open_session_t open_session;
2089 crypto_session_id_t session;
2090 int rv;
2091
2092 if (copyin(arg, &open_session, sizeof (open_session)) != 0)
2093 return (EFAULT);
2094
2095 rv = crypto_open_session(dev, open_session.os_flags,
2096 &session, open_session.os_provider_id);
2097 if (rv != CRYPTO_SUCCESS) {
2098 open_session.os_return_value = rv;
2099 if (copyout(&open_session, arg, sizeof (open_session)) != 0) {
2100 return (EFAULT);
2101 }
2102 return (0);
2103 }
2104
2105 open_session.os_session = session;
2106 open_session.os_return_value = CRYPTO_SUCCESS;
2107
2108 if (copyout(&open_session, arg, sizeof (open_session)) != 0) {
2109 return (EFAULT);
2110 }
2111 return (0);
2112 }
2113
2114 /*
2115 * This ioctl closes a session.
2116 */
2117 /* ARGSUSED */
2118 static int
2119 close_session(dev_t dev, caddr_t arg, int mode, int *rval)
2120 {
2121 crypto_close_session_t close_session;
2122 int rv;
2123
2124 if (copyin(arg, &close_session, sizeof (close_session)) != 0)
2125 return (EFAULT);
2126
2127 rv = crypto_close_session(dev, close_session.cs_session);
2128 close_session.cs_return_value = rv;
2129 if (copyout(&close_session, arg, sizeof (close_session)) != 0) {
2130 return (EFAULT);
2131 }
2132 return (0);
2133 }
2134
2135 /*
2136 * Copy data model dependent mechanism structure into a kernel mechanism
2137 * structure. Allocate param storage if necessary.
2138 */
2139 static boolean_t
2140 copyin_mech(int mode, crypto_session_data_t *sp, crypto_mechanism_t *in_mech,
2141 crypto_mechanism_t *out_mech, size_t *out_rctl_bytes,
2142 boolean_t *out_rctl_chk, int *out_rv, int *out_error)
2143 {
2144 STRUCT_DECL(crypto_mechanism, mech);
2145 caddr_t param;
2146 size_t param_len;
2147 size_t rctl_bytes = 0;
2148 int error = 0;
2149 int rv = 0;
2150
2151 STRUCT_INIT(mech, mode);
2152 bcopy(in_mech, STRUCT_BUF(mech), STRUCT_SIZE(mech));
2153 param = STRUCT_FGETP(mech, cm_param);
2154 param_len = STRUCT_FGET(mech, cm_param_len);
2155 out_mech->cm_type = STRUCT_FGET(mech, cm_type);
2156 out_mech->cm_param = NULL;
2157 out_mech->cm_param_len = 0;
2158 if (param != NULL && param_len != 0) {
2159 if (param_len > crypto_max_buffer_len) {
2160 cmn_err(CE_NOTE, "copyin_mech: buffer greater than "
2161 "%ld bytes, pid = %d", crypto_max_buffer_len,
2162 curproc->p_pid);
2163 rv = CRYPTO_ARGUMENTS_BAD;
2164 goto out;
2165 }
2166
2167 rv = CRYPTO_BUFFER_CHECK(sp, param_len, *out_rctl_chk);
2168 if (rv != CRYPTO_SUCCESS) {
2169 goto out;
2170 }
2171 rctl_bytes = param_len;
2172
2173 out_mech->cm_param = kmem_alloc(param_len, KM_SLEEP);
2174 if (copyin((char *)param, out_mech->cm_param, param_len) != 0) {
2175 kmem_free(out_mech->cm_param, param_len);
2176 out_mech->cm_param = NULL;
2177 error = EFAULT;
2178 goto out;
2179 }
2180 out_mech->cm_param_len = param_len;
2181 }
2182 out:
2183 *out_rctl_bytes = rctl_bytes;
2184 *out_rv = rv;
2185 *out_error = error;
2186 return ((rv | error) ? B_FALSE : B_TRUE);
2187 }
2188
2189 /*
2190 * Free key attributes when key type is CRYPTO_KEY_ATTR_LIST.
2191 * The crypto_key structure is not freed.
2192 */
2193 static void
2194 crypto_free_key_attributes(crypto_key_t *key)
2195 {
2196 crypto_object_attribute_t *attrs;
2197 size_t len = 0;
2198 int i;
2199
2200 ASSERT(key->ck_format == CRYPTO_KEY_ATTR_LIST);
2201 if (key->ck_count == 0 || key->ck_attrs == NULL)
2202 return;
2203
2204 /* compute the size of the container */
2205 len = key->ck_count * sizeof (crypto_object_attribute_t);
2206
2207 /* total up the size of all attributes in the container */
2208 for (i = 0; i < key->ck_count; i++) {
2209 attrs = &key->ck_attrs[i];
2210 if (attrs->oa_value_len != 0 &&
2211 attrs->oa_value != NULL) {
2212 len += roundup(attrs->oa_value_len, sizeof (caddr_t));
2213 }
2214 }
2215
2216 bzero(key->ck_attrs, len);
2217 kmem_free(key->ck_attrs, len);
2218 }
2219
2220 /*
2221 * Frees allocated storage in the key structure, but doesn't free
2222 * the key structure.
2223 */
2224 static void
2225 free_crypto_key(crypto_key_t *key)
2226 {
2227 switch (key->ck_format) {
2228 case CRYPTO_KEY_RAW: {
2229 size_t len;
2230
2231 if (key->ck_length == 0 || key->ck_data == NULL)
2232 break;
2233
2234 len = CRYPTO_BITS2BYTES(key->ck_length);
2235 bzero(key->ck_data, len);
2236 kmem_free(key->ck_data, len);
2237 break;
2238 }
2239
2240 case CRYPTO_KEY_ATTR_LIST:
2241 crypto_free_key_attributes(key);
2242 break;
2243
2244 default:
2245 break;
2246 }
2247 }
2248
2249 /*
2250 * Copy in an array of crypto_object_attribute structures from user-space.
2251 * Kernel memory is allocated for the array and the value of each attribute
2252 * in the array. Since unprivileged users can specify the size of attributes,
2253 * the amount of memory needed is charged against the
2254 * project.max-crypto-memory resource control.
2255 *
2256 * Attribute values are copied in from user-space if copyin_value is set to
2257 * B_TRUE. This routine returns B_TRUE if the copyin was successful.
2258 */
2259 static boolean_t
2260 copyin_attributes(int mode, crypto_session_data_t *sp,
2261 uint_t count, caddr_t oc_attributes,
2262 crypto_object_attribute_t **k_attrs_out, size_t *k_attrs_size_out,
2263 caddr_t *u_attrs_out, int *out_rv, int *out_error, size_t *out_rctl_bytes,
2264 boolean_t *out_rctl_chk, boolean_t copyin_value)
2265 {
2266 STRUCT_DECL(crypto_object_attribute, oa);
2267 crypto_object_attribute_t *k_attrs = NULL;
2268 caddr_t attrs = NULL, ap, p, value;
2269 caddr_t k_attrs_buf;
2270 size_t k_attrs_len;
2271 size_t k_attrs_buf_len = 0;
2272 size_t k_attrs_total_len = 0;
2273 size_t tmp_len;
2274 size_t rctl_bytes = 0;
2275 size_t len = 0;
2276 size_t value_len;
2277 int error = 0;
2278 int rv = 0;
2279 int i;
2280
2281 STRUCT_INIT(oa, mode);
2282
2283 if (count == 0) {
2284 rv = CRYPTO_SUCCESS;
2285 goto out;
2286 }
2287
2288 if (count > CRYPTO_MAX_ATTRIBUTE_COUNT) {
2289 rv = CRYPTO_ARGUMENTS_BAD;
2290 goto out;
2291 }
2292
2293 /* compute size of crypto_object_attribute array */
2294 len = count * STRUCT_SIZE(oa);
2295
2296 /* this allocation is not charged against the user's resource limit */
2297 attrs = kmem_alloc(len, KM_SLEEP);
2298 if (copyin(oc_attributes, attrs, len) != 0) {
2299 error = EFAULT;
2300 goto out;
2301 }
2302
2303 /* figure out how much memory to allocate for all of the attributes */
2304 ap = attrs;
2305 for (i = 0; i < count; i++) {
2306 bcopy(ap, STRUCT_BUF(oa), STRUCT_SIZE(oa));
2307 tmp_len = roundup(STRUCT_FGET(oa, oa_value_len),
2308 sizeof (caddr_t));
2309 if (tmp_len > crypto_max_buffer_len) {
2310 cmn_err(CE_NOTE, "copyin_attributes: buffer greater "
2311 "than %ld bytes, pid = %d", crypto_max_buffer_len,
2312 curproc->p_pid);
2313 rv = CRYPTO_ARGUMENTS_BAD;
2314 goto out;
2315 }
2316 if (STRUCT_FGETP(oa, oa_value) != NULL)
2317 k_attrs_buf_len += tmp_len;
2318 ap += STRUCT_SIZE(oa);
2319 }
2320
2321 k_attrs_len = count * sizeof (crypto_object_attribute_t);
2322 k_attrs_total_len = k_attrs_buf_len + k_attrs_len;
2323
2324 rv = CRYPTO_BUFFER_CHECK(sp, k_attrs_total_len, *out_rctl_chk);
2325 if (rv != CRYPTO_SUCCESS) {
2326 goto out;
2327 }
2328 rctl_bytes = k_attrs_total_len;
2329
2330 /* one big allocation for everything */
2331 k_attrs = kmem_alloc(k_attrs_total_len, KM_SLEEP);
2332 k_attrs_buf = (char *)k_attrs + k_attrs_len;
2333
2334 ap = attrs;
2335 p = k_attrs_buf;
2336 for (i = 0; i < count; i++) {
2337 bcopy(ap, STRUCT_BUF(oa), STRUCT_SIZE(oa));
2338 k_attrs[i].oa_type = STRUCT_FGET(oa, oa_type);
2339 value = STRUCT_FGETP(oa, oa_value);
2340 value_len = STRUCT_FGET(oa, oa_value_len);
2341 if (value != NULL && value_len != 0 && copyin_value) {
2342 if (copyin(value, p, value_len) != 0) {
2343 kmem_free(k_attrs, k_attrs_total_len);
2344 k_attrs = NULL;
2345 error = EFAULT;
2346 goto out;
2347 }
2348 }
2349
2350 if (value != NULL) {
2351 k_attrs[i].oa_value = p;
2352 p += roundup(value_len, sizeof (caddr_t));
2353 } else {
2354 k_attrs[i].oa_value = NULL;
2355 }
2356 k_attrs[i].oa_value_len = value_len;
2357 ap += STRUCT_SIZE(oa);
2358 }
2359 out:
2360 if (attrs != NULL) {
2361 /*
2362 * Free the array if there is a failure or the caller
2363 * doesn't want the array to be returned.
2364 */
2365 if (error != 0 || rv != CRYPTO_SUCCESS || u_attrs_out == NULL) {
2366 kmem_free(attrs, len);
2367 attrs = NULL;
2368 }
2369 }
2370
2371 if (u_attrs_out != NULL)
2372 *u_attrs_out = attrs;
2373 if (k_attrs_size_out != NULL)
2374 *k_attrs_size_out = k_attrs_total_len;
2375 *k_attrs_out = k_attrs;
2376 *out_rctl_bytes = rctl_bytes;
2377 *out_rv = rv;
2378 *out_error = error;
2379 return ((rv | error) ? B_FALSE : B_TRUE);
2380 }
2381
2382 /*
2383 * Copy data model dependent raw key into a kernel key
2384 * structure. Checks key length or attribute lengths against
2385 * resource controls before allocating memory. Returns B_TRUE
2386 * if both error and rv are set to 0.
2387 */
2388 static boolean_t
2389 copyin_key(int mode, crypto_session_data_t *sp, crypto_key_t *in_key,
2390 crypto_key_t *out_key, size_t *out_rctl_bytes,
2391 boolean_t *out_rctl_chk, int *out_rv, int *out_error)
2392 {
2393 STRUCT_DECL(crypto_key, key);
2394 crypto_object_attribute_t *k_attrs = NULL;
2395 size_t key_bits;
2396 size_t key_bytes = 0;
2397 size_t rctl_bytes = 0;
2398 int count;
2399 int error = 0;
2400 int rv = CRYPTO_SUCCESS;
2401
2402 STRUCT_INIT(key, mode);
2403 bcopy(in_key, STRUCT_BUF(key), STRUCT_SIZE(key));
2404 out_key->ck_format = STRUCT_FGET(key, ck_format);
2405 switch (out_key->ck_format) {
2406 case CRYPTO_KEY_RAW:
2407 key_bits = STRUCT_FGET(key, ck_length);
2408 if (key_bits != 0) {
2409 if (key_bits >
2410 (CRYPTO_BYTES2BITS(crypto_max_buffer_len))) {
2411 cmn_err(CE_NOTE, "copyin_key: buffer greater "
2412 "than %ld bytes, pid = %d",
2413 crypto_max_buffer_len, curproc->p_pid);
2414 rv = CRYPTO_ARGUMENTS_BAD;
2415 goto out;
2416 }
2417 key_bytes = CRYPTO_BITS2BYTES(key_bits);
2418
2419 rv = CRYPTO_BUFFER_CHECK(sp, key_bytes,
2420 *out_rctl_chk);
2421 if (rv != CRYPTO_SUCCESS) {
2422 goto out;
2423 }
2424 rctl_bytes = key_bytes;
2425
2426 out_key->ck_data = kmem_alloc(key_bytes, KM_SLEEP);
2427
2428 if (copyin((char *)STRUCT_FGETP(key, ck_data),
2429 out_key->ck_data, key_bytes) != 0) {
2430 kmem_free(out_key->ck_data, key_bytes);
2431 out_key->ck_data = NULL;
2432 out_key->ck_length = 0;
2433 error = EFAULT;
2434 goto out;
2435 }
2436 }
2437 out_key->ck_length = (ulong_t)key_bits;
2438 break;
2439
2440 case CRYPTO_KEY_ATTR_LIST:
2441 count = STRUCT_FGET(key, ck_count);
2442
2443 if (copyin_attributes(mode, sp, count,
2444 (caddr_t)STRUCT_FGETP(key, ck_attrs), &k_attrs, NULL, NULL,
2445 &rv, &error, &rctl_bytes, out_rctl_chk, B_TRUE)) {
2446 out_key->ck_count = count;
2447 out_key->ck_attrs = k_attrs;
2448 k_attrs = NULL;
2449 } else {
2450 out_key->ck_count = 0;
2451 out_key->ck_attrs = NULL;
2452 }
2453 break;
2454
2455 case CRYPTO_KEY_REFERENCE:
2456 out_key->ck_obj_id = STRUCT_FGET(key, ck_obj_id);
2457 break;
2458
2459 default:
2460 rv = CRYPTO_ARGUMENTS_BAD;
2461 }
2462
2463 out:
2464 *out_rctl_bytes = rctl_bytes;
2465 *out_rv = rv;
2466 *out_error = error;
2467 return ((rv | error) ? B_FALSE : B_TRUE);
2468 }
2469
2470 /*
2471 * This routine does two things:
2472 * 1. Given a crypto_minor structure and a session ID, it returns
2473 * a valid session pointer.
2474 * 2. It checks that the provider, to which the session has been opened,
2475 * has not been removed.
2476 */
2477 static boolean_t
2478 get_session_ptr(crypto_session_id_t i, crypto_minor_t *cm,
2479 crypto_session_data_t **session_ptr, int *out_error, int *out_rv)
2480 {
2481 crypto_session_data_t *sp = NULL;
2482 int rv = CRYPTO_SESSION_HANDLE_INVALID;
2483 int error = 0;
2484
2485 mutex_enter(&cm->cm_lock);
2486 if ((i < cm->cm_session_table_count) &&
2487 (cm->cm_session_table[i] != NULL)) {
2488 sp = cm->cm_session_table[i];
2489 mutex_enter(&sp->sd_lock);
2490 mutex_exit(&cm->cm_lock);
2491 while (sp->sd_flags & CRYPTO_SESSION_IS_BUSY) {
2492 if (cv_wait_sig(&sp->sd_cv, &sp->sd_lock) == 0) {
2493 mutex_exit(&sp->sd_lock);
2494 sp = NULL;
2495 error = EINTR;
2496 goto out;
2497 }
2498 }
2499
2500 if (sp->sd_flags & CRYPTO_SESSION_IS_CLOSED) {
2501 mutex_exit(&sp->sd_lock);
2502 sp = NULL;
2503 goto out;
2504 }
2505
2506 if (KCF_IS_PROV_REMOVED(sp->sd_provider)) {
2507 mutex_exit(&sp->sd_lock);
2508 sp = NULL;
2509 rv = CRYPTO_DEVICE_ERROR;
2510 goto out;
2511 }
2512
2513 rv = CRYPTO_SUCCESS;
2514 sp->sd_flags |= CRYPTO_SESSION_IS_BUSY;
2515 mutex_exit(&sp->sd_lock);
2516 } else {
2517 mutex_exit(&cm->cm_lock);
2518 }
2519 out:
2520 *session_ptr = sp;
2521 *out_error = error;
2522 *out_rv = rv;
2523 return ((rv == CRYPTO_SUCCESS && error == 0) ? B_TRUE : B_FALSE);
2524 }
2525
2526 #define CRYPTO_SESSION_RELE(s) if ((s) != NULL) { \
2527 mutex_enter(&((s)->sd_lock)); \
2528 (s)->sd_flags &= ~CRYPTO_SESSION_IS_BUSY; \
2529 cv_broadcast(&(s)->sd_cv); \
2530 mutex_exit(&((s)->sd_lock)); \
2531 }
2532
2533 /* ARGSUSED */
2534 static int
2535 encrypt_init(dev_t dev, caddr_t arg, int mode, int *rval)
2536 {
2537 return (cipher_init(dev, arg, mode, crypto_encrypt_init_prov));
2538 }
2539
2540 /* ARGSUSED */
2541 static int
2542 decrypt_init(dev_t dev, caddr_t arg, int mode, int *rval)
2543 {
2544 return (cipher_init(dev, arg, mode, crypto_decrypt_init_prov));
2545 }
2546
2547 /*
2548 * umech is a mechanism structure that has been copied from user address
2549 * space into kernel address space. Only one copyin has been done.
2550 * The mechanism parameter, if non-null, still points to user address space.
2551 * If the mechanism parameter contains pointers, they are pointers into
2552 * user address space.
2553 *
2554 * kmech is a umech with all pointers and structures in kernel address space.
2555 *
2556 * This routine calls the provider's entry point to copy a umech parameter
2557 * into kernel address space. Kernel memory is allocated by the provider.
2558 */
2559 static int
2560 crypto_provider_copyin_mech_param(kcf_provider_desc_t *pd,
2561 crypto_mechanism_t *umech, crypto_mechanism_t *kmech, int mode, int *error)
2562 {
2563 crypto_mech_type_t provider_mech_type;
2564 int rv;
2565
2566 /* get the provider's mech number */
2567 provider_mech_type = KCF_TO_PROV_MECHNUM(pd, umech->cm_type);
2568
2569 kmech->cm_param = NULL;
2570 kmech->cm_param_len = 0;
2571 kmech->cm_type = provider_mech_type;
2572 rv = KCF_PROV_COPYIN_MECH(pd, umech, kmech, error, mode);
2573 kmech->cm_type = umech->cm_type;
2574
2575 return (rv);
2576 }
2577
2578 /*
2579 * umech is a mechanism structure that has been copied from user address
2580 * space into kernel address space. Only one copyin has been done.
2581 * The mechanism parameter, if non-null, still points to user address space.
2582 * If the mechanism parameter contains pointers, they are pointers into
2583 * user address space.
2584 *
2585 * kmech is a umech with all pointers and structures in kernel address space.
2586 *
2587 * This routine calls the provider's entry point to copy a kmech parameter
2588 * into user address space using umech as a template containing
2589 * user address pointers.
2590 */
2591 static int
2592 crypto_provider_copyout_mech_param(kcf_provider_desc_t *pd,
2593 crypto_mechanism_t *kmech, crypto_mechanism_t *umech, int mode, int *error)
2594 {
2595 crypto_mech_type_t provider_mech_type;
2596 int rv;
2597
2598 /* get the provider's mech number */
2599 provider_mech_type = KCF_TO_PROV_MECHNUM(pd, umech->cm_type);
2600
2601 kmech->cm_type = provider_mech_type;
2602 rv = KCF_PROV_COPYOUT_MECH(pd, kmech, umech, error, mode);
2603 kmech->cm_type = umech->cm_type;
2604
2605 return (rv);
2606 }
2607
2608 /*
2609 * Call the provider's entry point to free kernel memory that has been
2610 * allocated for the mechanism's parameter.
2611 */
2612 static void
2613 crypto_free_mech(kcf_provider_desc_t *pd, boolean_t allocated_by_crypto_module,
2614 crypto_mechanism_t *mech)
2615 {
2616 crypto_mech_type_t provider_mech_type;
2617
2618 if (allocated_by_crypto_module) {
2619 if (mech->cm_param != NULL)
2620 kmem_free(mech->cm_param, mech->cm_param_len);
2621 } else {
2622 /* get the provider's mech number */
2623 provider_mech_type = KCF_TO_PROV_MECHNUM(pd, mech->cm_type);
2624
2625 if (mech->cm_param != NULL && mech->cm_param_len != 0) {
2626 mech->cm_type = provider_mech_type;
2627 (void) KCF_PROV_FREE_MECH(pd, mech);
2628 }
2629 }
2630 }
2631
2632 /*
2633 * ASSUMPTION: crypto_encrypt_init and crypto_decrypt_init
2634 * structures are identical except for field names.
2635 */
2636 static int
2637 cipher_init(dev_t dev, caddr_t arg, int mode, int (*init)(crypto_provider_t,
2638 crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
2639 crypto_ctx_template_t, crypto_context_t *, crypto_call_req_t *))
2640 {
2641 STRUCT_DECL(crypto_encrypt_init, encrypt_init);
2642 kcf_provider_desc_t *real_provider = NULL;
2643 crypto_session_id_t session_id;
2644 crypto_mechanism_t mech;
2645 crypto_key_t key;
2646 crypto_minor_t *cm;
2647 crypto_session_data_t *sp = NULL;
2648 crypto_context_t cc;
2649 crypto_ctx_t **ctxpp;
2650 size_t mech_rctl_bytes = 0;
2651 boolean_t mech_rctl_chk = B_FALSE;
2652 size_t key_rctl_bytes = 0;
2653 boolean_t key_rctl_chk = B_FALSE;
2654 int error = 0;
2655 int rv;
2656 boolean_t allocated_by_crypto_module = B_FALSE;
2657 crypto_func_group_t fg;
2658
2659 STRUCT_INIT(encrypt_init, mode);
2660
2661 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
2662 cmn_err(CE_WARN, "cipher_init: failed holding minor");
2663 return (ENXIO);
2664 }
2665
2666 if (copyin(arg, STRUCT_BUF(encrypt_init),
2667 STRUCT_SIZE(encrypt_init)) != 0) {
2668 crypto_release_minor(cm);
2669 return (EFAULT);
2670 }
2671
2672 mech.cm_param = NULL;
2673 bzero(&key, sizeof (crypto_key_t));
2674
2675 session_id = STRUCT_FGET(encrypt_init, ei_session);
2676
2677 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
2678 goto out;
2679 }
2680
2681 bcopy(STRUCT_FADDR(encrypt_init, ei_mech), &mech.cm_type,
2682 sizeof (crypto_mech_type_t));
2683
2684 if (init == crypto_encrypt_init_prov) {
2685 fg = CRYPTO_FG_ENCRYPT;
2686 } else {
2687 fg = CRYPTO_FG_DECRYPT;
2688 }
2689
2690 /* We need the key length for provider selection so copy it in now. */
2691 if (!copyin_key(mode, sp, STRUCT_FADDR(encrypt_init, ei_key), &key,
2692 &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
2693 goto out;
2694 }
2695
2696 if ((rv = kcf_get_hardware_provider(mech.cm_type, &key,
2697 CRYPTO_MECH_INVALID, NULL, sp->sd_provider, &real_provider, fg))
2698 != CRYPTO_SUCCESS) {
2699 goto out;
2700 }
2701
2702 rv = crypto_provider_copyin_mech_param(real_provider,
2703 STRUCT_FADDR(encrypt_init, ei_mech), &mech, mode, &error);
2704
2705 if (rv == CRYPTO_NOT_SUPPORTED) {
2706 allocated_by_crypto_module = B_TRUE;
2707 if (!copyin_mech(mode, sp, STRUCT_FADDR(encrypt_init, ei_mech),
2708 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
2709 goto out;
2710 }
2711 } else {
2712 if (rv != CRYPTO_SUCCESS)
2713 goto out;
2714 }
2715
2716 rv = (init)(real_provider, sp->sd_provider_session->ps_session,
2717 &mech, &key, NULL, &cc, NULL);
2718
2719 /*
2720 * Check if a context already exists. If so, it means it is being
2721 * abandoned. So, cancel it to avoid leaking it.
2722 */
2723 ctxpp = (init == crypto_encrypt_init_prov) ?
2724 &sp->sd_encr_ctx : &sp->sd_decr_ctx;
2725
2726 if (*ctxpp != NULL)
2727 CRYPTO_CANCEL_CTX(ctxpp);
2728 *ctxpp = (rv == CRYPTO_SUCCESS) ? cc : NULL;
2729
2730 out:
2731 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
2732 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
2733 CRYPTO_SESSION_RELE(sp);
2734 crypto_release_minor(cm);
2735
2736 if (real_provider != NULL) {
2737 crypto_free_mech(real_provider,
2738 allocated_by_crypto_module, &mech);
2739 KCF_PROV_REFRELE(real_provider);
2740 }
2741
2742 free_crypto_key(&key);
2743
2744 if (error != 0)
2745 /* XXX free context */
2746 return (error);
2747
2748 STRUCT_FSET(encrypt_init, ei_return_value, rv);
2749 if (copyout(STRUCT_BUF(encrypt_init), arg,
2750 STRUCT_SIZE(encrypt_init)) != 0) {
2751 /* XXX free context */
2752 return (EFAULT);
2753 }
2754 return (0);
2755 }
2756
2757 /* ARGSUSED */
2758 static int
2759 encrypt(dev_t dev, caddr_t arg, int mode, int *rval)
2760 {
2761 return (cipher(dev, arg, mode, crypto_encrypt_single));
2762 }
2763
2764 /* ARGSUSED */
2765 static int
2766 decrypt(dev_t dev, caddr_t arg, int mode, int *rval)
2767 {
2768 return (cipher(dev, arg, mode, crypto_decrypt_single));
2769 }
2770
2771 /*
2772 * ASSUMPTION: crypto_encrypt and crypto_decrypt structures
2773 * are identical except for field names.
2774 */
2775 static int
2776 cipher(dev_t dev, caddr_t arg, int mode,
2777 int (*single)(crypto_context_t, crypto_data_t *, crypto_data_t *,
2778 crypto_call_req_t *))
2779 {
2780 STRUCT_DECL(crypto_encrypt, encrypt);
2781 crypto_session_id_t session_id;
2782 crypto_minor_t *cm;
2783 crypto_session_data_t *sp = NULL;
2784 crypto_ctx_t **ctxpp;
2785 crypto_data_t data, encr;
2786 size_t datalen, encrlen, need = 0;
2787 boolean_t do_inplace;
2788 char *encrbuf;
2789 int error = 0;
2790 int rv;
2791 boolean_t rctl_chk = B_FALSE;
2792
2793 STRUCT_INIT(encrypt, mode);
2794
2795 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
2796 cmn_err(CE_WARN, "cipher: failed holding minor");
2797 return (ENXIO);
2798 }
2799
2800 if (copyin(arg, STRUCT_BUF(encrypt), STRUCT_SIZE(encrypt)) != 0) {
2801 crypto_release_minor(cm);
2802 return (EFAULT);
2803 }
2804
2805 data.cd_raw.iov_base = NULL;
2806 encr.cd_raw.iov_base = NULL;
2807
2808 datalen = STRUCT_FGET(encrypt, ce_datalen);
2809 encrlen = STRUCT_FGET(encrypt, ce_encrlen);
2810
2811 /*
2812 * Don't allocate output buffer unless both buffer pointer and
2813 * buffer length are not NULL or 0 (length).
2814 */
2815 encrbuf = STRUCT_FGETP(encrypt, ce_encrbuf);
2816 if (encrbuf == NULL || encrlen == 0) {
2817 encrlen = 0;
2818 }
2819
2820 if (datalen > crypto_max_buffer_len ||
2821 encrlen > crypto_max_buffer_len) {
2822 cmn_err(CE_NOTE, "cipher: buffer greater than %ld bytes, "
2823 "pid = %d", crypto_max_buffer_len, curproc->p_pid);
2824 rv = CRYPTO_ARGUMENTS_BAD;
2825 goto release_minor;
2826 }
2827
2828 session_id = STRUCT_FGET(encrypt, ce_session);
2829
2830 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
2831 goto release_minor;
2832 }
2833
2834 do_inplace = (STRUCT_FGET(encrypt, ce_flags) &
2835 CRYPTO_INPLACE_OPERATION) != 0;
2836 need = do_inplace ? datalen : datalen + encrlen;
2837
2838 if ((rv = CRYPTO_BUFFER_CHECK(sp, need, rctl_chk)) !=
2839 CRYPTO_SUCCESS) {
2840 need = 0;
2841 goto release_minor;
2842 }
2843
2844 INIT_RAW_CRYPTO_DATA(data, datalen);
2845 data.cd_miscdata = NULL;
2846
2847 if (datalen != 0 && copyin(STRUCT_FGETP(encrypt, ce_databuf),
2848 data.cd_raw.iov_base, datalen) != 0) {
2849 error = EFAULT;
2850 goto release_minor;
2851 }
2852
2853 if (do_inplace) {
2854 /* set out = in for in-place */
2855 encr = data;
2856 } else {
2857 INIT_RAW_CRYPTO_DATA(encr, encrlen);
2858 }
2859
2860 ctxpp = (single == crypto_encrypt_single) ?
2861 &sp->sd_encr_ctx : &sp->sd_decr_ctx;
2862
2863 if (do_inplace)
2864 /* specify in-place buffers with output = NULL */
2865 rv = (single)(*ctxpp, &encr, NULL, NULL);
2866 else
2867 rv = (single)(*ctxpp, &data, &encr, NULL);
2868
2869 if (KCF_CONTEXT_DONE(rv))
2870 *ctxpp = NULL;
2871
2872 if (rv == CRYPTO_SUCCESS) {
2873 ASSERT(encr.cd_length <= encrlen);
2874 if (encr.cd_length != 0 && copyout(encr.cd_raw.iov_base,
2875 encrbuf, encr.cd_length) != 0) {
2876 error = EFAULT;
2877 goto release_minor;
2878 }
2879 STRUCT_FSET(encrypt, ce_encrlen,
2880 (ulong_t)encr.cd_length);
2881 }
2882
2883 if (rv == CRYPTO_BUFFER_TOO_SMALL) {
2884 /*
2885 * The providers return CRYPTO_BUFFER_TOO_SMALL even for case 1
2886 * of section 11.2 of the pkcs11 spec. We catch it here and
2887 * provide the correct pkcs11 return value.
2888 */
2889 if (STRUCT_FGETP(encrypt, ce_encrbuf) == NULL)
2890 rv = CRYPTO_SUCCESS;
2891 STRUCT_FSET(encrypt, ce_encrlen,
2892 (ulong_t)encr.cd_length);
2893 }
2894
2895 release_minor:
2896 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
2897 CRYPTO_SESSION_RELE(sp);
2898 crypto_release_minor(cm);
2899
2900 if (data.cd_raw.iov_base != NULL)
2901 kmem_free(data.cd_raw.iov_base, datalen);
2902
2903 if (!do_inplace && encr.cd_raw.iov_base != NULL)
2904 kmem_free(encr.cd_raw.iov_base, encrlen);
2905
2906 if (error != 0)
2907 return (error);
2908
2909 STRUCT_FSET(encrypt, ce_return_value, rv);
2910 if (copyout(STRUCT_BUF(encrypt), arg, STRUCT_SIZE(encrypt)) != 0) {
2911 return (EFAULT);
2912 }
2913 return (0);
2914 }
2915
2916 /* ARGSUSED */
2917 static int
2918 encrypt_update(dev_t dev, caddr_t arg, int mode, int *rval)
2919 {
2920 return (cipher_update(dev, arg, mode, crypto_encrypt_update));
2921 }
2922
2923 /* ARGSUSED */
2924 static int
2925 decrypt_update(dev_t dev, caddr_t arg, int mode, int *rval)
2926 {
2927 return (cipher_update(dev, arg, mode, crypto_decrypt_update));
2928 }
2929
2930 /*
2931 * ASSUMPTION: crypto_encrypt_update and crypto_decrypt_update
2932 * structures are identical except for field names.
2933 */
2934 static int
2935 cipher_update(dev_t dev, caddr_t arg, int mode,
2936 int (*update)(crypto_context_t, crypto_data_t *, crypto_data_t *,
2937 crypto_call_req_t *))
2938 {
2939 STRUCT_DECL(crypto_encrypt_update, encrypt_update);
2940 crypto_session_id_t session_id;
2941 crypto_minor_t *cm;
2942 crypto_session_data_t *sp = NULL;
2943 crypto_ctx_t **ctxpp;
2944 crypto_data_t data, encr;
2945 size_t datalen, encrlen, need = 0;
2946 boolean_t do_inplace;
2947 char *encrbuf;
2948 int error = 0;
2949 int rv;
2950 boolean_t rctl_chk = B_FALSE;
2951
2952 STRUCT_INIT(encrypt_update, mode);
2953
2954 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
2955 cmn_err(CE_WARN, "cipher_update: failed holding minor");
2956 return (ENXIO);
2957 }
2958
2959 if (copyin(arg, STRUCT_BUF(encrypt_update),
2960 STRUCT_SIZE(encrypt_update)) != 0) {
2961 crypto_release_minor(cm);
2962 return (EFAULT);
2963 }
2964
2965 data.cd_raw.iov_base = NULL;
2966 encr.cd_raw.iov_base = NULL;
2967
2968 datalen = STRUCT_FGET(encrypt_update, eu_datalen);
2969 encrlen = STRUCT_FGET(encrypt_update, eu_encrlen);
2970
2971 /*
2972 * Don't allocate output buffer unless both buffer pointer and
2973 * buffer length are not NULL or 0 (length).
2974 */
2975 encrbuf = STRUCT_FGETP(encrypt_update, eu_encrbuf);
2976 if (encrbuf == NULL || encrlen == 0) {
2977 encrlen = 0;
2978 }
2979
2980 if (datalen > crypto_max_buffer_len ||
2981 encrlen > crypto_max_buffer_len) {
2982 cmn_err(CE_NOTE, "cipher_update: buffer greater than %ld "
2983 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
2984 rv = CRYPTO_ARGUMENTS_BAD;
2985 goto out;
2986 }
2987
2988 session_id = STRUCT_FGET(encrypt_update, eu_session);
2989
2990 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
2991 goto out;
2992 }
2993
2994 do_inplace = (STRUCT_FGET(encrypt_update, eu_flags) &
2995 CRYPTO_INPLACE_OPERATION) != 0;
2996 need = do_inplace ? datalen : datalen + encrlen;
2997
2998 if ((rv = CRYPTO_BUFFER_CHECK(sp, need, rctl_chk)) !=
2999 CRYPTO_SUCCESS) {
3000 need = 0;
3001 goto out;
3002 }
3003
3004 INIT_RAW_CRYPTO_DATA(data, datalen);
3005 data.cd_miscdata = NULL;
3006
3007 if (datalen != 0 && copyin(STRUCT_FGETP(encrypt_update, eu_databuf),
3008 data.cd_raw.iov_base, datalen) != 0) {
3009 error = EFAULT;
3010 goto out;
3011 }
3012
3013 if (do_inplace) {
3014 /* specify in-place buffers with output = input */
3015 encr = data;
3016 } else {
3017 INIT_RAW_CRYPTO_DATA(encr, encrlen);
3018 }
3019
3020 ctxpp = (update == crypto_encrypt_update) ?
3021 &sp->sd_encr_ctx : &sp->sd_decr_ctx;
3022
3023 if (do_inplace)
3024 /* specify in-place buffers with output = NULL */
3025 rv = (update)(*ctxpp, &encr, NULL, NULL);
3026 else
3027 rv = (update)(*ctxpp, &data, &encr, NULL);
3028
3029 if (rv == CRYPTO_SUCCESS || rv == CRYPTO_BUFFER_TOO_SMALL) {
3030 if (rv == CRYPTO_SUCCESS) {
3031 ASSERT(encr.cd_length <= encrlen);
3032 if (encr.cd_length != 0 && copyout(encr.cd_raw.iov_base,
3033 encrbuf, encr.cd_length) != 0) {
3034 error = EFAULT;
3035 goto out;
3036 }
3037 } else {
3038 /*
3039 * The providers return CRYPTO_BUFFER_TOO_SMALL even
3040 * for case 1 of section 11.2 of the pkcs11 spec.
3041 * We catch it here and provide the correct pkcs11
3042 * return value.
3043 */
3044 if (STRUCT_FGETP(encrypt_update, eu_encrbuf) == NULL)
3045 rv = CRYPTO_SUCCESS;
3046 }
3047 STRUCT_FSET(encrypt_update, eu_encrlen,
3048 (ulong_t)encr.cd_length);
3049 } else {
3050 CRYPTO_CANCEL_CTX(ctxpp);
3051 }
3052 out:
3053 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
3054 CRYPTO_SESSION_RELE(sp);
3055 crypto_release_minor(cm);
3056
3057 if (data.cd_raw.iov_base != NULL)
3058 kmem_free(data.cd_raw.iov_base, datalen);
3059
3060 if (!do_inplace && (encr.cd_raw.iov_base != NULL))
3061 kmem_free(encr.cd_raw.iov_base, encrlen);
3062
3063 if (error != 0)
3064 return (error);
3065
3066 STRUCT_FSET(encrypt_update, eu_return_value, rv);
3067 if (copyout(STRUCT_BUF(encrypt_update), arg,
3068 STRUCT_SIZE(encrypt_update)) != 0) {
3069 return (EFAULT);
3070 }
3071 return (0);
3072 }
3073
3074 /* ARGSUSED */
3075 static int
3076 encrypt_final(dev_t dev, caddr_t arg, int mode, int *rval)
3077 {
3078 return (common_final(dev, arg, mode, crypto_encrypt_final));
3079 }
3080
3081 /* ARGSUSED */
3082 static int
3083 decrypt_final(dev_t dev, caddr_t arg, int mode, int *rval)
3084 {
3085 return (common_final(dev, arg, mode, crypto_decrypt_final));
3086 }
3087
3088 /*
3089 * ASSUMPTION: crypto_encrypt_final, crypto_decrypt_final, crypto_sign_final,
3090 * and crypto_digest_final structures are identical except for field names.
3091 */
3092 static int
3093 common_final(dev_t dev, caddr_t arg, int mode,
3094 int (*final)(crypto_context_t, crypto_data_t *, crypto_call_req_t *))
3095 {
3096 STRUCT_DECL(crypto_encrypt_final, encrypt_final);
3097 crypto_session_id_t session_id;
3098 crypto_minor_t *cm;
3099 crypto_session_data_t *sp = NULL;
3100 crypto_ctx_t **ctxpp;
3101 crypto_data_t encr;
3102 size_t encrlen, need = 0;
3103 char *encrbuf;
3104 int error = 0;
3105 int rv;
3106 boolean_t rctl_chk = B_FALSE;
3107
3108 STRUCT_INIT(encrypt_final, mode);
3109
3110 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3111 cmn_err(CE_WARN, "common_final: failed holding minor");
3112 return (ENXIO);
3113 }
3114
3115 if (copyin(arg, STRUCT_BUF(encrypt_final),
3116 STRUCT_SIZE(encrypt_final)) != 0) {
3117 crypto_release_minor(cm);
3118 return (EFAULT);
3119 }
3120
3121 encr.cd_format = CRYPTO_DATA_RAW;
3122 encr.cd_raw.iov_base = NULL;
3123
3124 encrlen = STRUCT_FGET(encrypt_final, ef_encrlen);
3125
3126 /*
3127 * Don't allocate output buffer unless both buffer pointer and
3128 * buffer length are not NULL or 0 (length).
3129 */
3130 encrbuf = STRUCT_FGETP(encrypt_final, ef_encrbuf);
3131 if (encrbuf == NULL || encrlen == 0) {
3132 encrlen = 0;
3133 }
3134
3135 if (encrlen > crypto_max_buffer_len) {
3136 cmn_err(CE_NOTE, "common_final: buffer greater than %ld "
3137 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
3138 rv = CRYPTO_ARGUMENTS_BAD;
3139 goto release_minor;
3140 }
3141
3142 session_id = STRUCT_FGET(encrypt_final, ef_session);
3143
3144 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3145 goto release_minor;
3146 }
3147
3148 if ((rv = CRYPTO_BUFFER_CHECK(sp, encrlen, rctl_chk)) !=
3149 CRYPTO_SUCCESS) {
3150 goto release_minor;
3151 }
3152 need = encrlen;
3153 encr.cd_raw.iov_base = kmem_alloc(encrlen, KM_SLEEP);
3154 encr.cd_raw.iov_len = encrlen;
3155
3156 encr.cd_offset = 0;
3157 encr.cd_length = encrlen;
3158
3159 ASSERT(final == crypto_encrypt_final ||
3160 final == crypto_decrypt_final || final == crypto_sign_final ||
3161 final == crypto_digest_final || final == crypto_mac_final);
3162
3163 if (final == crypto_encrypt_final) {
3164 ctxpp = &sp->sd_encr_ctx;
3165 } else if (final == crypto_decrypt_final) {
3166 ctxpp = &sp->sd_decr_ctx;
3167 } else if (final == crypto_sign_final) {
3168 ctxpp = &sp->sd_sign_ctx;
3169 } else if (final == crypto_mac_final) {
3170 ctxpp = &sp->sd_mac_ctx;
3171 } else {
3172 ctxpp = &sp->sd_digest_ctx;
3173 }
3174
3175 rv = (final)(*ctxpp, &encr, NULL);
3176 if (KCF_CONTEXT_DONE(rv))
3177 *ctxpp = NULL;
3178
3179 if (rv == CRYPTO_SUCCESS) {
3180 ASSERT(encr.cd_length <= encrlen);
3181 if (encr.cd_length != 0 && copyout(encr.cd_raw.iov_base,
3182 encrbuf, encr.cd_length) != 0) {
3183 error = EFAULT;
3184 goto release_minor;
3185 }
3186 STRUCT_FSET(encrypt_final, ef_encrlen,
3187 (ulong_t)encr.cd_length);
3188 }
3189
3190 if (rv == CRYPTO_BUFFER_TOO_SMALL) {
3191 /*
3192 * The providers return CRYPTO_BUFFER_TOO_SMALL even for case 1
3193 * of section 11.2 of the pkcs11 spec. We catch it here and
3194 * provide the correct pkcs11 return value.
3195 */
3196 if (STRUCT_FGETP(encrypt_final, ef_encrbuf) == NULL)
3197 rv = CRYPTO_SUCCESS;
3198 STRUCT_FSET(encrypt_final, ef_encrlen,
3199 (ulong_t)encr.cd_length);
3200 }
3201
3202 release_minor:
3203 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
3204 CRYPTO_SESSION_RELE(sp);
3205 crypto_release_minor(cm);
3206
3207 if (encr.cd_raw.iov_base != NULL)
3208 kmem_free(encr.cd_raw.iov_base, encrlen);
3209
3210 if (error != 0)
3211 return (error);
3212
3213 STRUCT_FSET(encrypt_final, ef_return_value, rv);
3214 if (copyout(STRUCT_BUF(encrypt_final), arg,
3215 STRUCT_SIZE(encrypt_final)) != 0) {
3216 return (EFAULT);
3217 }
3218 return (0);
3219 }
3220
3221 /* ARGSUSED */
3222 static int
3223 digest_init(dev_t dev, caddr_t arg, int mode, int *rval)
3224 {
3225 STRUCT_DECL(crypto_digest_init, digest_init);
3226 kcf_provider_desc_t *real_provider = NULL;
3227 crypto_session_id_t session_id;
3228 crypto_mechanism_t mech;
3229 crypto_minor_t *cm;
3230 crypto_session_data_t *sp = NULL;
3231 crypto_context_t cc;
3232 size_t rctl_bytes = 0;
3233 boolean_t rctl_chk = B_FALSE;
3234 int error = 0;
3235 int rv;
3236
3237 STRUCT_INIT(digest_init, mode);
3238
3239 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3240 cmn_err(CE_WARN, "digest_init: failed holding minor");
3241 return (ENXIO);
3242 }
3243
3244 if (copyin(arg, STRUCT_BUF(digest_init),
3245 STRUCT_SIZE(digest_init)) != 0) {
3246 crypto_release_minor(cm);
3247 return (EFAULT);
3248 }
3249
3250 mech.cm_param = NULL;
3251
3252 session_id = STRUCT_FGET(digest_init, di_session);
3253
3254 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3255 goto out;
3256 }
3257
3258 if (!copyin_mech(mode, sp, STRUCT_FADDR(digest_init, di_mech), &mech,
3259 &rctl_bytes, &rctl_chk, &rv, &error)) {
3260 goto out;
3261 }
3262
3263 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
3264 CRYPTO_MECH_INVALID, NULL, sp->sd_provider, &real_provider,
3265 CRYPTO_FG_DIGEST)) != CRYPTO_SUCCESS) {
3266 goto out;
3267 }
3268
3269 rv = crypto_digest_init_prov(real_provider,
3270 sp->sd_provider_session->ps_session, &mech, &cc, NULL);
3271
3272 /*
3273 * Check if a context already exists. If so, it means it is being
3274 * abandoned. So, cancel it to avoid leaking it.
3275 */
3276 if (sp->sd_digest_ctx != NULL)
3277 CRYPTO_CANCEL_CTX(&sp->sd_digest_ctx);
3278 sp->sd_digest_ctx = (rv == CRYPTO_SUCCESS) ? cc : NULL;
3279 out:
3280 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
3281 CRYPTO_SESSION_RELE(sp);
3282 crypto_release_minor(cm);
3283
3284 if (real_provider != NULL)
3285 KCF_PROV_REFRELE(real_provider);
3286
3287 if (mech.cm_param != NULL)
3288 kmem_free(mech.cm_param, mech.cm_param_len);
3289
3290 if (error != 0)
3291 return (error);
3292
3293 STRUCT_FSET(digest_init, di_return_value, rv);
3294 if (copyout(STRUCT_BUF(digest_init), arg,
3295 STRUCT_SIZE(digest_init)) != 0) {
3296 return (EFAULT);
3297 }
3298 return (0);
3299 }
3300
3301 /* ARGSUSED */
3302 static int
3303 digest_update(dev_t dev, caddr_t arg, int mode, int *rval)
3304 {
3305 STRUCT_DECL(crypto_digest_update, digest_update);
3306 crypto_session_id_t session_id;
3307 crypto_minor_t *cm;
3308 crypto_session_data_t *sp = NULL;
3309 crypto_data_t data;
3310 size_t datalen, need = 0;
3311 int error = 0;
3312 int rv;
3313 boolean_t rctl_chk = B_FALSE;
3314
3315 STRUCT_INIT(digest_update, mode);
3316
3317 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3318 cmn_err(CE_WARN, "digest_update: failed holding minor");
3319 return (ENXIO);
3320 }
3321
3322 if (copyin(arg, STRUCT_BUF(digest_update),
3323 STRUCT_SIZE(digest_update)) != 0) {
3324 crypto_release_minor(cm);
3325 return (EFAULT);
3326 }
3327
3328 data.cd_format = CRYPTO_DATA_RAW;
3329 data.cd_raw.iov_base = NULL;
3330
3331 datalen = STRUCT_FGET(digest_update, du_datalen);
3332 if (datalen > crypto_max_buffer_len) {
3333 cmn_err(CE_NOTE, "digest_update: buffer greater than %ld "
3334 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
3335 rv = CRYPTO_ARGUMENTS_BAD;
3336 goto release_minor;
3337 }
3338
3339 session_id = STRUCT_FGET(digest_update, du_session);
3340
3341 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3342 goto release_minor;
3343 }
3344
3345 if ((rv = CRYPTO_BUFFER_CHECK(sp, datalen, rctl_chk)) !=
3346 CRYPTO_SUCCESS) {
3347 goto release_minor;
3348 }
3349
3350 need = datalen;
3351 data.cd_raw.iov_base = kmem_alloc(datalen, KM_SLEEP);
3352 data.cd_raw.iov_len = datalen;
3353
3354 if (datalen != 0 && copyin(STRUCT_FGETP(digest_update, du_databuf),
3355 data.cd_raw.iov_base, datalen) != 0) {
3356 error = EFAULT;
3357 goto release_minor;
3358 }
3359
3360 data.cd_offset = 0;
3361 data.cd_length = datalen;
3362
3363 rv = crypto_digest_update(sp->sd_digest_ctx, &data, NULL);
3364 if (rv != CRYPTO_SUCCESS)
3365 CRYPTO_CANCEL_CTX(&sp->sd_digest_ctx);
3366
3367 release_minor:
3368 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
3369 CRYPTO_SESSION_RELE(sp);
3370 crypto_release_minor(cm);
3371
3372 if (data.cd_raw.iov_base != NULL)
3373 kmem_free(data.cd_raw.iov_base, datalen);
3374
3375 if (error != 0)
3376 return (error);
3377
3378 STRUCT_FSET(digest_update, du_return_value, rv);
3379 if (copyout(STRUCT_BUF(digest_update), arg,
3380 STRUCT_SIZE(digest_update)) != 0) {
3381 return (EFAULT);
3382 }
3383 return (0);
3384 }
3385
3386 /* ARGSUSED */
3387 static int
3388 digest_key(dev_t dev, caddr_t arg, int mode, int *rval)
3389 {
3390 STRUCT_DECL(crypto_digest_key, digest_key);
3391 crypto_session_id_t session_id;
3392 crypto_key_t key;
3393 crypto_minor_t *cm;
3394 crypto_session_data_t *sp = NULL;
3395 size_t rctl_bytes = 0;
3396 boolean_t key_rctl_chk = B_FALSE;
3397 int error = 0;
3398 int rv;
3399
3400 STRUCT_INIT(digest_key, mode);
3401
3402 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3403 cmn_err(CE_WARN, "digest_key: failed holding minor");
3404 return (ENXIO);
3405 }
3406
3407 if (copyin(arg, STRUCT_BUF(digest_key), STRUCT_SIZE(digest_key)) != 0) {
3408 crypto_release_minor(cm);
3409 return (EFAULT);
3410 }
3411
3412 bzero(&key, sizeof (crypto_key_t));
3413
3414 session_id = STRUCT_FGET(digest_key, dk_session);
3415
3416 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3417 goto out;
3418 }
3419
3420 if (!copyin_key(mode, sp, STRUCT_FADDR(digest_key, dk_key), &key,
3421 &rctl_bytes, &key_rctl_chk, &rv, &error)) {
3422 goto out;
3423 }
3424
3425 rv = crypto_digest_key_prov(sp->sd_digest_ctx, &key, NULL);
3426 if (rv != CRYPTO_SUCCESS)
3427 CRYPTO_CANCEL_CTX(&sp->sd_digest_ctx);
3428 out:
3429 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, key_rctl_chk);
3430 CRYPTO_SESSION_RELE(sp);
3431 crypto_release_minor(cm);
3432
3433 free_crypto_key(&key);
3434
3435 if (error != 0)
3436 return (error);
3437
3438 STRUCT_FSET(digest_key, dk_return_value, rv);
3439 if (copyout(STRUCT_BUF(digest_key), arg,
3440 STRUCT_SIZE(digest_key)) != 0) {
3441 return (EFAULT);
3442 }
3443 return (0);
3444 }
3445
3446 /* ARGSUSED */
3447 static int
3448 digest_final(dev_t dev, caddr_t arg, int mode, int *rval)
3449 {
3450 return (common_final(dev, arg, mode, crypto_digest_final));
3451 }
3452
3453 /* ARGSUSED */
3454 static int
3455 digest(dev_t dev, caddr_t arg, int mode, int *rval)
3456 {
3457 return (common_digest(dev, arg, mode, crypto_digest_single));
3458 }
3459
3460 static int
3461 mac_init(dev_t dev, caddr_t arg, int mode, int *rval)
3462 {
3463 _NOTE(ARGUNUSED(rval))
3464 return (sign_verify_init(dev, arg, mode, crypto_mac_init_prov));
3465 }
3466
3467 static int
3468 mac_update(dev_t dev, caddr_t arg, int mode, int *rval)
3469 {
3470 _NOTE(ARGUNUSED(rval))
3471 return (sign_verify_update(dev, arg, mode, crypto_mac_update));
3472 }
3473
3474 static int
3475 mac_final(dev_t dev, caddr_t arg, int mode, int *rval)
3476 {
3477 _NOTE(ARGUNUSED(rval))
3478 return (common_final(dev, arg, mode, crypto_mac_final));
3479 }
3480
3481 /* ARGSUSED */
3482 static int
3483 mac(dev_t dev, caddr_t arg, int mode, int *rval)
3484 {
3485 _NOTE(ARGUNUSED(rval))
3486 return (common_digest(dev, arg, mode, crypto_mac_single));
3487 }
3488
3489 /*
3490 * ASSUMPTION: crypto_digest, crypto_sign, crypto_sign_recover,
3491 * and crypto_verify_recover are identical except for field names.
3492 */
3493 static int
3494 common_digest(dev_t dev, caddr_t arg, int mode,
3495 int (*single)(crypto_context_t, crypto_data_t *, crypto_data_t *,
3496 crypto_call_req_t *))
3497 {
3498 STRUCT_DECL(crypto_digest, crypto_digest);
3499 crypto_session_id_t session_id;
3500 crypto_minor_t *cm;
3501 crypto_session_data_t *sp = NULL;
3502 crypto_data_t data, digest;
3503 crypto_ctx_t **ctxpp;
3504 size_t datalen, digestlen, need = 0;
3505 char *digestbuf;
3506 int error = 0;
3507 int rv;
3508 boolean_t rctl_chk = B_FALSE;
3509
3510 STRUCT_INIT(crypto_digest, mode);
3511
3512 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3513 cmn_err(CE_WARN, "common_digest: failed holding minor");
3514 return (ENXIO);
3515 }
3516
3517 if (copyin(arg, STRUCT_BUF(crypto_digest),
3518 STRUCT_SIZE(crypto_digest)) != 0) {
3519 crypto_release_minor(cm);
3520 return (EFAULT);
3521 }
3522
3523 data.cd_raw.iov_base = NULL;
3524 digest.cd_raw.iov_base = NULL;
3525 data.cd_miscdata = NULL;
3526 digest.cd_miscdata = NULL;
3527
3528 datalen = STRUCT_FGET(crypto_digest, cd_datalen);
3529 digestlen = STRUCT_FGET(crypto_digest, cd_digestlen);
3530
3531 /*
3532 * Don't allocate output buffer unless both buffer pointer and
3533 * buffer length are not NULL or 0 (length).
3534 */
3535 digestbuf = STRUCT_FGETP(crypto_digest, cd_digestbuf);
3536 if (digestbuf == NULL || digestlen == 0) {
3537 digestlen = 0;
3538 }
3539
3540 if (datalen > crypto_max_buffer_len ||
3541 digestlen > crypto_max_buffer_len) {
3542 cmn_err(CE_NOTE, "common_digest: buffer greater than %ld "
3543 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
3544 rv = CRYPTO_ARGUMENTS_BAD;
3545 goto release_minor;
3546 }
3547
3548 session_id = STRUCT_FGET(crypto_digest, cd_session);
3549
3550 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3551 goto release_minor;
3552 }
3553
3554 need = datalen + digestlen;
3555 if ((rv = CRYPTO_BUFFER_CHECK(sp, need, rctl_chk)) !=
3556 CRYPTO_SUCCESS) {
3557 need = 0;
3558 goto release_minor;
3559 }
3560
3561 INIT_RAW_CRYPTO_DATA(data, datalen);
3562
3563 if (datalen != 0 && copyin(STRUCT_FGETP(crypto_digest, cd_databuf),
3564 data.cd_raw.iov_base, datalen) != 0) {
3565 error = EFAULT;
3566 goto release_minor;
3567 }
3568
3569 INIT_RAW_CRYPTO_DATA(digest, digestlen);
3570
3571 ASSERT(single == crypto_digest_single ||
3572 single == crypto_sign_single ||
3573 single == crypto_verify_recover_single ||
3574 single == crypto_sign_recover_single ||
3575 single == crypto_mac_single);
3576
3577 if (single == crypto_digest_single) {
3578 ctxpp = &sp->sd_digest_ctx;
3579 } else if (single == crypto_sign_single) {
3580 ctxpp = &sp->sd_sign_ctx;
3581 } else if (single == crypto_verify_recover_single) {
3582 ctxpp = &sp->sd_verify_recover_ctx;
3583 } else if (single == crypto_mac_single) {
3584 ctxpp = &sp->sd_mac_ctx;
3585 } else {
3586 ctxpp = &sp->sd_sign_recover_ctx;
3587 }
3588 rv = (single)(*ctxpp, &data, &digest, NULL);
3589 if (KCF_CONTEXT_DONE(rv))
3590 *ctxpp = NULL;
3591
3592 if (rv == CRYPTO_SUCCESS) {
3593 ASSERT(digest.cd_length <= digestlen);
3594 if (digest.cd_length != 0 && copyout(digest.cd_raw.iov_base,
3595 digestbuf, digest.cd_length) != 0) {
3596 error = EFAULT;
3597 goto release_minor;
3598 }
3599 STRUCT_FSET(crypto_digest, cd_digestlen,
3600 (ulong_t)digest.cd_length);
3601 }
3602
3603 if (rv == CRYPTO_BUFFER_TOO_SMALL) {
3604 /*
3605 * The providers return CRYPTO_BUFFER_TOO_SMALL even for case 1
3606 * of section 11.2 of the pkcs11 spec. We catch it here and
3607 * provide the correct pkcs11 return value.
3608 */
3609 if (STRUCT_FGETP(crypto_digest, cd_digestbuf) == NULL)
3610 rv = CRYPTO_SUCCESS;
3611 STRUCT_FSET(crypto_digest, cd_digestlen,
3612 (ulong_t)digest.cd_length);
3613 }
3614
3615 release_minor:
3616 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
3617 CRYPTO_SESSION_RELE(sp);
3618 crypto_release_minor(cm);
3619
3620 if (data.cd_raw.iov_base != NULL)
3621 kmem_free(data.cd_raw.iov_base, datalen);
3622
3623 if (digest.cd_raw.iov_base != NULL)
3624 kmem_free(digest.cd_raw.iov_base, digestlen);
3625
3626 if (error != 0)
3627 return (error);
3628
3629 STRUCT_FSET(crypto_digest, cd_return_value, rv);
3630 if (copyout(STRUCT_BUF(crypto_digest), arg,
3631 STRUCT_SIZE(crypto_digest)) != 0) {
3632 return (EFAULT);
3633 }
3634 return (0);
3635 }
3636
3637 /*
3638 * A helper function that does what the name suggests.
3639 * Returns 0 on success and non-zero otherwise.
3640 * On failure, out_pin is set to 0.
3641 */
3642 int
3643 get_pin_and_session_ptr(char *in_pin, char **out_pin, size_t pin_len,
3644 crypto_minor_t *cm, crypto_session_id_t sid, crypto_session_data_t **sp,
3645 int *rv, int *error)
3646 {
3647 char *tmp_pin = NULL;
3648 int tmp_error = 0, tmp_rv = 0;
3649
3650 if (pin_len > KCF_MAX_PIN_LEN) {
3651 tmp_rv = CRYPTO_PIN_LEN_RANGE;
3652 goto out;
3653 }
3654 tmp_pin = kmem_alloc(pin_len, KM_SLEEP);
3655
3656 if (pin_len != 0 && copyin(in_pin, tmp_pin, pin_len) != 0) {
3657 tmp_error = EFAULT;
3658 goto out;
3659 }
3660
3661 (void) get_session_ptr(sid, cm, sp, &tmp_error, &tmp_rv);
3662 out:
3663 *out_pin = tmp_pin;
3664 *rv = tmp_rv;
3665 *error = tmp_error;
3666 return (tmp_rv | tmp_error);
3667 }
3668
3669 /* ARGSUSED */
3670 static int
3671 set_pin(dev_t dev, caddr_t arg, int mode, int *rval)
3672 {
3673 STRUCT_DECL(crypto_set_pin, set_pin);
3674 kcf_provider_desc_t *real_provider;
3675 kcf_req_params_t params;
3676 crypto_minor_t *cm;
3677 crypto_session_data_t *sp;
3678 char *old_pin = NULL;
3679 char *new_pin = NULL;
3680 size_t old_pin_len;
3681 size_t new_pin_len;
3682 int error = 0;
3683 int rv;
3684
3685 STRUCT_INIT(set_pin, mode);
3686
3687 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3688 cmn_err(CE_WARN, "set_pin: failed holding minor");
3689 return (ENXIO);
3690 }
3691
3692 if (copyin(arg, STRUCT_BUF(set_pin),
3693 STRUCT_SIZE(set_pin)) != 0) {
3694 crypto_release_minor(cm);
3695 return (EFAULT);
3696 }
3697
3698 old_pin_len = STRUCT_FGET(set_pin, sp_old_len);
3699
3700 if (get_pin_and_session_ptr(STRUCT_FGETP(set_pin, sp_old_pin),
3701 &old_pin, old_pin_len, cm, STRUCT_FGET(set_pin, sp_session),
3702 &sp, &rv, &error) != 0)
3703 goto release_minor;
3704
3705 new_pin_len = STRUCT_FGET(set_pin, sp_new_len);
3706 if (new_pin_len > KCF_MAX_PIN_LEN) {
3707 rv = CRYPTO_PIN_LEN_RANGE;
3708 goto out;
3709 }
3710 new_pin = kmem_alloc(new_pin_len, KM_SLEEP);
3711
3712 if (new_pin_len != 0 && copyin(STRUCT_FGETP(set_pin, sp_new_pin),
3713 new_pin, new_pin_len) != 0) {
3714 error = EFAULT;
3715 goto out;
3716 }
3717
3718 if ((rv = kcf_get_hardware_provider_nomech(
3719 CRYPTO_OPS_OFFSET(provider_ops), CRYPTO_PROVIDER_OFFSET(set_pin),
3720 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
3721 goto out;
3722 }
3723
3724 KCF_WRAP_PROVMGMT_OPS_PARAMS(&params, KCF_OP_MGMT_SETPIN,
3725 sp->sd_provider_session->ps_session, old_pin, old_pin_len,
3726 new_pin, new_pin_len, NULL, NULL, real_provider);
3727
3728 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
3729 KCF_PROV_REFRELE(real_provider);
3730
3731 out:
3732 CRYPTO_SESSION_RELE(sp);
3733
3734 release_minor:
3735 crypto_release_minor(cm);
3736
3737 if (old_pin != NULL) {
3738 bzero(old_pin, old_pin_len);
3739 kmem_free(old_pin, old_pin_len);
3740 }
3741
3742 if (new_pin != NULL) {
3743 bzero(new_pin, new_pin_len);
3744 kmem_free(new_pin, new_pin_len);
3745 }
3746
3747 if (error != 0)
3748 return (error);
3749
3750 STRUCT_FSET(set_pin, sp_return_value, rv);
3751 if (copyout(STRUCT_BUF(set_pin), arg, STRUCT_SIZE(set_pin)) != 0) {
3752 return (EFAULT);
3753 }
3754 return (0);
3755 }
3756
3757 /* ARGSUSED */
3758 static int
3759 login(dev_t dev, caddr_t arg, int mode, int *rval)
3760 {
3761 STRUCT_DECL(crypto_login, login);
3762 kcf_provider_desc_t *real_provider;
3763 kcf_req_params_t params;
3764 crypto_minor_t *cm;
3765 crypto_session_data_t *sp;
3766 size_t pin_len;
3767 char *pin;
3768 uint_t user_type;
3769 int error = 0;
3770 int rv;
3771
3772 STRUCT_INIT(login, mode);
3773
3774 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3775 cmn_err(CE_WARN, "login: failed holding minor");
3776 return (ENXIO);
3777 }
3778
3779 if (copyin(arg, STRUCT_BUF(login), STRUCT_SIZE(login)) != 0) {
3780 crypto_release_minor(cm);
3781 return (EFAULT);
3782 }
3783
3784 user_type = STRUCT_FGET(login, co_user_type);
3785
3786 pin_len = STRUCT_FGET(login, co_pin_len);
3787
3788 if (get_pin_and_session_ptr(STRUCT_FGETP(login, co_pin),
3789 &pin, pin_len, cm, STRUCT_FGET(login, co_session),
3790 &sp, &rv, &error) != 0) {
3791 if (rv == CRYPTO_PIN_LEN_RANGE)
3792 rv = CRYPTO_PIN_INCORRECT;
3793 goto release_minor;
3794 }
3795
3796 if ((rv = kcf_get_hardware_provider_nomech(
3797 CRYPTO_OPS_OFFSET(session_ops),
3798 CRYPTO_SESSION_OFFSET(session_login), sp->sd_provider,
3799 &real_provider)) != CRYPTO_SUCCESS) {
3800 goto out;
3801 }
3802
3803 KCF_WRAP_SESSION_OPS_PARAMS(&params, KCF_OP_SESSION_LOGIN, NULL,
3804 sp->sd_provider_session->ps_session, user_type, pin, pin_len,
3805 real_provider);
3806
3807 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
3808 KCF_PROV_REFRELE(real_provider);
3809
3810 out:
3811 CRYPTO_SESSION_RELE(sp);
3812
3813 release_minor:
3814 crypto_release_minor(cm);
3815
3816 if (pin != NULL) {
3817 bzero(pin, pin_len);
3818 kmem_free(pin, pin_len);
3819 }
3820
3821 if (error != 0)
3822 return (error);
3823
3824 STRUCT_FSET(login, co_return_value, rv);
3825 if (copyout(STRUCT_BUF(login), arg, STRUCT_SIZE(login)) != 0) {
3826 return (EFAULT);
3827 }
3828 return (0);
3829 }
3830
3831 /* ARGSUSED */
3832 static int
3833 logout(dev_t dev, caddr_t arg, int mode, int *rval)
3834 {
3835 crypto_logout_t logout;
3836 kcf_provider_desc_t *real_provider;
3837 kcf_req_params_t params;
3838 crypto_minor_t *cm;
3839 crypto_session_data_t *sp;
3840 int error = 0;
3841 int rv;
3842
3843 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3844 cmn_err(CE_WARN, "logout: failed holding minor");
3845 return (ENXIO);
3846 }
3847
3848 if (copyin(arg, &logout, sizeof (logout)) != 0) {
3849 crypto_release_minor(cm);
3850 return (EFAULT);
3851 }
3852
3853 if (!get_session_ptr(logout.cl_session, cm, &sp, &error, &rv)) {
3854 goto release_minor;
3855 }
3856
3857 if ((rv = kcf_get_hardware_provider_nomech(
3858 CRYPTO_OPS_OFFSET(session_ops),
3859 CRYPTO_SESSION_OFFSET(session_logout), sp->sd_provider,
3860 &real_provider)) != CRYPTO_SUCCESS) {
3861 goto out;
3862 }
3863
3864 KCF_WRAP_SESSION_OPS_PARAMS(&params, KCF_OP_SESSION_LOGOUT, NULL,
3865 sp->sd_provider_session->ps_session, 0, NULL, 0, real_provider);
3866 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
3867 KCF_PROV_REFRELE(real_provider);
3868
3869 out:
3870 CRYPTO_SESSION_RELE(sp);
3871
3872 release_minor:
3873 crypto_release_minor(cm);
3874
3875 if (error != 0)
3876 return (error);
3877
3878 logout.cl_return_value = rv;
3879 if (copyout(&logout, arg, sizeof (logout)) != 0) {
3880 return (EFAULT);
3881 }
3882 return (0);
3883 }
3884
3885 /* ARGSUSED */
3886 static int
3887 sign_init(dev_t dev, caddr_t arg, int mode, int *rval)
3888 {
3889 return (sign_verify_init(dev, arg, mode, crypto_sign_init_prov));
3890 }
3891
3892 /* ARGSUSED */
3893 static int
3894 sign_recover_init(dev_t dev, caddr_t arg, int mode, int *rval)
3895 {
3896 return (sign_verify_init(dev, arg, mode,
3897 crypto_sign_recover_init_prov));
3898 }
3899
3900 /* ARGSUSED */
3901 static int
3902 verify_init(dev_t dev, caddr_t arg, int mode, int *rval)
3903 {
3904 return (sign_verify_init(dev, arg, mode, crypto_verify_init_prov));
3905 }
3906
3907 /* ARGSUSED */
3908 static int
3909 verify_recover_init(dev_t dev, caddr_t arg, int mode, int *rval)
3910 {
3911 return (sign_verify_init(dev, arg, mode,
3912 crypto_verify_recover_init_prov));
3913 }
3914
3915 /*
3916 * ASSUMPTION: crypto_sign_init, crypto_verify_init, crypto_sign_recover_init,
3917 * and crypto_verify_recover_init structures are identical
3918 * except for field names.
3919 */
3920 static int
3921 sign_verify_init(dev_t dev, caddr_t arg, int mode,
3922 int (*init)(crypto_provider_t, crypto_session_id_t,
3923 crypto_mechanism_t *, crypto_key_t *, crypto_ctx_template_t,
3924 crypto_context_t *, crypto_call_req_t *))
3925 {
3926 STRUCT_DECL(crypto_sign_init, sign_init);
3927 kcf_provider_desc_t *real_provider = NULL;
3928 crypto_session_id_t session_id;
3929 crypto_mechanism_t mech;
3930 crypto_key_t key;
3931 crypto_minor_t *cm;
3932 crypto_session_data_t *sp = NULL;
3933 crypto_context_t cc;
3934 crypto_ctx_t **ctxpp;
3935 size_t mech_rctl_bytes = 0;
3936 boolean_t mech_rctl_chk = B_FALSE;
3937 size_t key_rctl_bytes = 0;
3938 boolean_t key_rctl_chk = B_FALSE;
3939 int error = 0;
3940 int rv;
3941 boolean_t allocated_by_crypto_module = B_FALSE;
3942 crypto_func_group_t fg;
3943
3944 STRUCT_INIT(sign_init, mode);
3945
3946 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
3947 cmn_err(CE_WARN, "sign_verify_init: failed holding minor");
3948 return (ENXIO);
3949 }
3950
3951 if (copyin(arg, STRUCT_BUF(sign_init), STRUCT_SIZE(sign_init)) != 0) {
3952 crypto_release_minor(cm);
3953 return (EFAULT);
3954 }
3955
3956 mech.cm_param = NULL;
3957 bzero(&key, sizeof (key));
3958
3959 session_id = STRUCT_FGET(sign_init, si_session);
3960
3961 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
3962 goto out;
3963 }
3964
3965 bcopy(STRUCT_FADDR(sign_init, si_mech), &mech.cm_type,
3966 sizeof (crypto_mech_type_t));
3967
3968 ASSERT(init == crypto_sign_init_prov ||
3969 init == crypto_verify_init_prov ||
3970 init == crypto_sign_recover_init_prov ||
3971 init == crypto_verify_recover_init_prov ||
3972 init == crypto_mac_init_prov);
3973
3974 if (init == crypto_sign_init_prov) {
3975 fg = CRYPTO_FG_SIGN;
3976 ctxpp = &sp->sd_sign_ctx;
3977 } else if (init == crypto_verify_init_prov) {
3978 fg = CRYPTO_FG_VERIFY;
3979 ctxpp = &sp->sd_verify_ctx;
3980 } else if (init == crypto_sign_recover_init_prov) {
3981 fg = CRYPTO_FG_SIGN_RECOVER;
3982 ctxpp = &sp->sd_sign_recover_ctx;
3983 } else if (init == crypto_mac_init_prov) {
3984 fg = CRYPTO_FG_MAC;
3985 ctxpp = &sp->sd_mac_ctx;
3986 } else {
3987 fg = CRYPTO_FG_VERIFY_RECOVER;
3988 ctxpp = &sp->sd_verify_recover_ctx;
3989 }
3990
3991 /* We need the key length for provider selection so copy it in now. */
3992 if (!copyin_key(mode, sp, STRUCT_FADDR(sign_init, si_key), &key,
3993 &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
3994 goto out;
3995 }
3996
3997 if ((rv = kcf_get_hardware_provider(mech.cm_type, &key,
3998 CRYPTO_MECH_INVALID, NULL, sp->sd_provider, &real_provider,
3999 fg)) != CRYPTO_SUCCESS) {
4000 goto out;
4001 }
4002
4003 rv = crypto_provider_copyin_mech_param(real_provider,
4004 STRUCT_FADDR(sign_init, si_mech), &mech, mode, &error);
4005
4006 if (rv == CRYPTO_NOT_SUPPORTED) {
4007 allocated_by_crypto_module = B_TRUE;
4008 if (!copyin_mech(mode, sp, STRUCT_FADDR(sign_init, si_mech),
4009 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
4010 goto out;
4011 }
4012 } else {
4013 if (rv != CRYPTO_SUCCESS)
4014 goto out;
4015 }
4016
4017 rv = (init)(real_provider, sp->sd_provider_session->ps_session,
4018 &mech, &key, NULL, &cc, NULL);
4019
4020 /*
4021 * Check if a context already exists. If so, it means it is being
4022 * abandoned. So, cancel it to avoid leaking it.
4023 */
4024 if (*ctxpp != NULL)
4025 CRYPTO_CANCEL_CTX(ctxpp);
4026 *ctxpp = (rv == CRYPTO_SUCCESS) ? cc : NULL;
4027
4028 out:
4029 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
4030 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
4031 CRYPTO_SESSION_RELE(sp);
4032 crypto_release_minor(cm);
4033
4034 if (real_provider != NULL) {
4035 crypto_free_mech(real_provider,
4036 allocated_by_crypto_module, &mech);
4037 KCF_PROV_REFRELE(real_provider);
4038 }
4039
4040 free_crypto_key(&key);
4041
4042 if (error != 0)
4043 return (error);
4044
4045 STRUCT_FSET(sign_init, si_return_value, rv);
4046 if (copyout(STRUCT_BUF(sign_init), arg, STRUCT_SIZE(sign_init)) != 0) {
4047 return (EFAULT);
4048 }
4049 return (0);
4050 }
4051
4052 /* ARGSUSED */
4053 static int
4054 sign(dev_t dev, caddr_t arg, int mode, int *rval)
4055 {
4056 return (common_digest(dev, arg, mode, crypto_sign_single));
4057 }
4058
4059 /* ARGSUSED */
4060 static int
4061 sign_recover(dev_t dev, caddr_t arg, int mode, int *rval)
4062 {
4063 return (common_digest(dev, arg, mode, crypto_sign_recover_single));
4064 }
4065
4066 /* ARGSUSED */
4067 static int
4068 verify(dev_t dev, caddr_t arg, int mode, int *rval)
4069 {
4070 STRUCT_DECL(crypto_verify, verify);
4071 crypto_session_id_t session_id;
4072 crypto_minor_t *cm;
4073 crypto_session_data_t *sp = NULL;
4074 crypto_data_t data, sign;
4075 size_t datalen, signlen, need = 0;
4076 int error = 0;
4077 int rv;
4078 boolean_t rctl_chk = B_FALSE;
4079
4080 STRUCT_INIT(verify, mode);
4081
4082 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4083 cmn_err(CE_WARN, "verify: failed holding minor");
4084 return (ENXIO);
4085 }
4086
4087 if (copyin(arg, STRUCT_BUF(verify), STRUCT_SIZE(verify)) != 0) {
4088 crypto_release_minor(cm);
4089 return (EFAULT);
4090 }
4091
4092 data.cd_raw.iov_base = NULL;
4093 sign.cd_raw.iov_base = NULL;
4094
4095 datalen = STRUCT_FGET(verify, cv_datalen);
4096 signlen = STRUCT_FGET(verify, cv_signlen);
4097 if (datalen > crypto_max_buffer_len ||
4098 signlen > crypto_max_buffer_len) {
4099 cmn_err(CE_NOTE, "verify: buffer greater than %ld bytes, "
4100 "pid = %d", crypto_max_buffer_len, curproc->p_pid);
4101 rv = CRYPTO_ARGUMENTS_BAD;
4102 goto release_minor;
4103 }
4104
4105 session_id = STRUCT_FGET(verify, cv_session);
4106
4107 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4108 goto release_minor;
4109 }
4110
4111 need = datalen + signlen;
4112 if ((rv = CRYPTO_BUFFER_CHECK(sp, need, rctl_chk)) !=
4113 CRYPTO_SUCCESS) {
4114 need = 0;
4115 goto release_minor;
4116 }
4117
4118 INIT_RAW_CRYPTO_DATA(data, datalen);
4119 INIT_RAW_CRYPTO_DATA(sign, signlen);
4120
4121 if (datalen != 0 && copyin(STRUCT_FGETP(verify, cv_databuf),
4122 data.cd_raw.iov_base, datalen) != 0) {
4123 error = EFAULT;
4124 goto release_minor;
4125 }
4126
4127 if (signlen != 0 && copyin(STRUCT_FGETP(verify, cv_signbuf),
4128 sign.cd_raw.iov_base, signlen) != 0) {
4129 error = EFAULT;
4130 goto release_minor;
4131 }
4132
4133 rv = crypto_verify_single(sp->sd_verify_ctx, &data, &sign, NULL);
4134 if (KCF_CONTEXT_DONE(rv))
4135 sp->sd_verify_ctx = NULL;
4136
4137 release_minor:
4138 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4139 CRYPTO_SESSION_RELE(sp);
4140 crypto_release_minor(cm);
4141
4142 if (data.cd_raw.iov_base != NULL)
4143 kmem_free(data.cd_raw.iov_base, datalen);
4144
4145 if (sign.cd_raw.iov_base != NULL)
4146 kmem_free(sign.cd_raw.iov_base, signlen);
4147
4148 if (error != 0)
4149 return (error);
4150
4151 STRUCT_FSET(verify, cv_return_value, rv);
4152 if (copyout(STRUCT_BUF(verify), arg, STRUCT_SIZE(verify)) != 0) {
4153 return (EFAULT);
4154 }
4155 return (0);
4156 }
4157
4158 /* ARGSUSED */
4159 static int
4160 verify_recover(dev_t dev, caddr_t arg, int mode, int *rval)
4161 {
4162 return (common_digest(dev, arg, mode, crypto_verify_recover_single));
4163 }
4164
4165 /* ARGSUSED */
4166 static int
4167 sign_update(dev_t dev, caddr_t arg, int mode, int *rval)
4168 {
4169 return (sign_verify_update(dev, arg, mode, crypto_sign_update));
4170 }
4171
4172 /* ARGSUSED */
4173 static int
4174 verify_update(dev_t dev, caddr_t arg, int mode, int *rval)
4175 {
4176 return (sign_verify_update(dev, arg, mode, crypto_verify_update));
4177 }
4178
4179 /*
4180 * ASSUMPTION: crypto_sign_update and crypto_verify_update structures
4181 * are identical except for field names.
4182 */
4183 static int
4184 sign_verify_update(dev_t dev, caddr_t arg, int mode,
4185 int (*update)(crypto_context_t, crypto_data_t *, crypto_call_req_t *))
4186 {
4187 STRUCT_DECL(crypto_sign_update, sign_update);
4188 crypto_session_id_t session_id;
4189 crypto_minor_t *cm;
4190 crypto_session_data_t *sp = NULL;
4191 crypto_ctx_t **ctxpp;
4192 crypto_data_t data;
4193 size_t datalen, need = 0;
4194 int error = 0;
4195 int rv;
4196 boolean_t rctl_chk = B_FALSE;
4197
4198 STRUCT_INIT(sign_update, mode);
4199
4200 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4201 cmn_err(CE_WARN, "sign_verify_update: failed holding minor");
4202 return (ENXIO);
4203 }
4204
4205 if (copyin(arg, STRUCT_BUF(sign_update),
4206 STRUCT_SIZE(sign_update)) != 0) {
4207 crypto_release_minor(cm);
4208 return (EFAULT);
4209 }
4210
4211 data.cd_raw.iov_base = NULL;
4212 data.cd_miscdata = NULL;
4213
4214 datalen = STRUCT_FGET(sign_update, su_datalen);
4215 if (datalen > crypto_max_buffer_len) {
4216 cmn_err(CE_NOTE, "sign_verify_update: buffer greater than %ld "
4217 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
4218 rv = CRYPTO_ARGUMENTS_BAD;
4219 goto release_minor;
4220 }
4221
4222 session_id = STRUCT_FGET(sign_update, su_session);
4223
4224 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4225 goto release_minor;
4226 }
4227
4228 if ((rv = CRYPTO_BUFFER_CHECK(sp, datalen, rctl_chk)) !=
4229 CRYPTO_SUCCESS) {
4230 goto release_minor;
4231 }
4232 need = datalen;
4233
4234 INIT_RAW_CRYPTO_DATA(data, datalen);
4235
4236 if (datalen != 0 && copyin(STRUCT_FGETP(sign_update, su_databuf),
4237 data.cd_raw.iov_base, datalen) != 0) {
4238 error = EFAULT;
4239 goto release_minor;
4240 }
4241
4242 ASSERT(update == crypto_sign_update ||
4243 update == crypto_verify_update ||
4244 update == crypto_mac_update);
4245
4246 if (update == crypto_sign_update)
4247 ctxpp = &sp->sd_sign_ctx;
4248 else if (update == crypto_verify_update)
4249 ctxpp = &sp->sd_verify_ctx;
4250 else
4251 ctxpp = &sp->sd_mac_ctx;
4252
4253 rv = (update)(*ctxpp, &data, NULL);
4254 if (rv != CRYPTO_SUCCESS)
4255 CRYPTO_CANCEL_CTX(ctxpp);
4256
4257 release_minor:
4258 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4259 CRYPTO_SESSION_RELE(sp);
4260 crypto_release_minor(cm);
4261
4262 if (data.cd_raw.iov_base != NULL)
4263 kmem_free(data.cd_raw.iov_base, datalen);
4264
4265 if (error != 0)
4266 return (error);
4267
4268 STRUCT_FSET(sign_update, su_return_value, rv);
4269 if (copyout(STRUCT_BUF(sign_update), arg,
4270 STRUCT_SIZE(sign_update)) != 0) {
4271 return (EFAULT);
4272 }
4273 return (0);
4274 }
4275
4276 /* ARGSUSED */
4277 static int
4278 sign_final(dev_t dev, caddr_t arg, int mode, int *rval)
4279 {
4280 return (common_final(dev, arg, mode, crypto_sign_final));
4281 }
4282
4283 /*
4284 * Can't use the common final because it does a copyout of
4285 * the final part.
4286 */
4287 /* ARGSUSED */
4288 static int
4289 verify_final(dev_t dev, caddr_t arg, int mode, int *rval)
4290 {
4291 STRUCT_DECL(crypto_verify_final, verify_final);
4292 crypto_session_id_t session_id;
4293 crypto_minor_t *cm;
4294 crypto_session_data_t *sp = NULL;
4295 crypto_data_t sign;
4296 size_t signlen, need = 0;
4297 int error = 0;
4298 int rv;
4299 boolean_t rctl_chk = B_FALSE;
4300
4301 STRUCT_INIT(verify_final, mode);
4302
4303 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4304 cmn_err(CE_WARN, "verify_final: failed holding minor");
4305 return (ENXIO);
4306 }
4307
4308 if (copyin(arg, STRUCT_BUF(verify_final),
4309 STRUCT_SIZE(verify_final)) != 0) {
4310 crypto_release_minor(cm);
4311 return (EFAULT);
4312 }
4313
4314 sign.cd_raw.iov_base = NULL;
4315
4316 signlen = STRUCT_FGET(verify_final, vf_signlen);
4317 if (signlen > crypto_max_buffer_len) {
4318 cmn_err(CE_NOTE, "verify_final: buffer greater than %ld "
4319 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
4320 rv = CRYPTO_ARGUMENTS_BAD;
4321 goto release_minor;
4322 }
4323
4324 session_id = STRUCT_FGET(verify_final, vf_session);
4325
4326 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4327 goto release_minor;
4328 }
4329
4330 if ((rv = CRYPTO_BUFFER_CHECK(sp, signlen, rctl_chk)) !=
4331 CRYPTO_SUCCESS) {
4332 goto release_minor;
4333 }
4334 need = signlen;
4335
4336 INIT_RAW_CRYPTO_DATA(sign, signlen);
4337
4338 if (signlen != 0 && copyin(STRUCT_FGETP(verify_final, vf_signbuf),
4339 sign.cd_raw.iov_base, signlen) != 0) {
4340 error = EFAULT;
4341 goto release_minor;
4342 }
4343
4344 rv = crypto_verify_final(sp->sd_verify_ctx, &sign, NULL);
4345 if (KCF_CONTEXT_DONE(rv))
4346 sp->sd_verify_ctx = NULL;
4347
4348 release_minor:
4349 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4350 CRYPTO_SESSION_RELE(sp);
4351 crypto_release_minor(cm);
4352
4353 if (sign.cd_raw.iov_base != NULL)
4354 kmem_free(sign.cd_raw.iov_base, signlen);
4355
4356 if (error != 0)
4357 return (error);
4358
4359 STRUCT_FSET(verify_final, vf_return_value, rv);
4360 if (copyout(STRUCT_BUF(verify_final), arg,
4361 STRUCT_SIZE(verify_final)) != 0) {
4362 return (EFAULT);
4363 }
4364 return (0);
4365 }
4366
4367 /* ARGSUSED */
4368 static int
4369 seed_random(dev_t dev, caddr_t arg, int mode, int *rval)
4370 {
4371 STRUCT_DECL(crypto_seed_random, seed_random);
4372 kcf_provider_desc_t *real_provider = NULL;
4373 kcf_req_params_t params;
4374 crypto_session_id_t session_id;
4375 crypto_minor_t *cm;
4376 crypto_session_data_t *sp = NULL;
4377 uchar_t *seed_buffer = NULL;
4378 size_t seed_len;
4379 size_t need = 0;
4380 int error = 0;
4381 int rv;
4382 boolean_t rctl_chk = B_FALSE;
4383
4384 STRUCT_INIT(seed_random, mode);
4385
4386 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4387 cmn_err(CE_WARN, "seed_random: failed holding minor");
4388 return (ENXIO);
4389 }
4390
4391 if (copyin(arg, STRUCT_BUF(seed_random),
4392 STRUCT_SIZE(seed_random)) != 0) {
4393 crypto_release_minor(cm);
4394 return (EFAULT);
4395 }
4396
4397 seed_len = STRUCT_FGET(seed_random, sr_seedlen);
4398 if (seed_len > crypto_max_buffer_len) {
4399 cmn_err(CE_NOTE, "seed_random: buffer greater than %ld "
4400 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
4401 rv = CRYPTO_ARGUMENTS_BAD;
4402 goto release_minor;
4403 }
4404
4405 session_id = STRUCT_FGET(seed_random, sr_session);
4406
4407 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4408 goto release_minor;
4409 }
4410
4411 if ((rv = CRYPTO_BUFFER_CHECK(sp, seed_len, rctl_chk)) !=
4412 CRYPTO_SUCCESS) {
4413 goto release_minor;
4414 }
4415 need = seed_len;
4416 seed_buffer = kmem_alloc(seed_len, KM_SLEEP);
4417
4418 if (seed_len != 0 && copyin(STRUCT_FGETP(seed_random, sr_seedbuf),
4419 seed_buffer, seed_len) != 0) {
4420 error = EFAULT;
4421 goto release_minor;
4422 }
4423
4424 if ((rv = kcf_get_hardware_provider_nomech(
4425 CRYPTO_OPS_OFFSET(random_ops), CRYPTO_RANDOM_OFFSET(seed_random),
4426 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
4427 goto release_minor;
4428 }
4429
4430 KCF_WRAP_RANDOM_OPS_PARAMS(&params, KCF_OP_RANDOM_SEED,
4431 sp->sd_provider_session->ps_session, seed_buffer, seed_len, 0,
4432 CRYPTO_SEED_NOW);
4433
4434 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
4435
4436 release_minor:
4437 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4438 CRYPTO_SESSION_RELE(sp);
4439 crypto_release_minor(cm);
4440
4441 if (real_provider != NULL)
4442 KCF_PROV_REFRELE(real_provider);
4443
4444 if (seed_buffer != NULL)
4445 kmem_free(seed_buffer, seed_len);
4446
4447 if (error != 0)
4448 return (error);
4449
4450 STRUCT_FSET(seed_random, sr_return_value, rv);
4451 if (copyout(STRUCT_BUF(seed_random), arg,
4452 STRUCT_SIZE(seed_random)) != 0) {
4453 return (EFAULT);
4454 }
4455 return (0);
4456 }
4457
4458 /* ARGSUSED */
4459 static int
4460 generate_random(dev_t dev, caddr_t arg, int mode, int *rval)
4461 {
4462 STRUCT_DECL(crypto_generate_random, generate_random);
4463 kcf_provider_desc_t *real_provider = NULL;
4464 kcf_req_params_t params;
4465 crypto_session_id_t session_id;
4466 crypto_minor_t *cm;
4467 crypto_session_data_t *sp = NULL;
4468 uchar_t *buffer = NULL;
4469 size_t len;
4470 size_t need = 0;
4471 int error = 0;
4472 int rv;
4473 boolean_t rctl_chk = B_FALSE;
4474
4475 STRUCT_INIT(generate_random, mode);
4476
4477 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4478 cmn_err(CE_WARN, "generate_random: failed holding minor");
4479 return (ENXIO);
4480 }
4481
4482 if (copyin(arg, STRUCT_BUF(generate_random),
4483 STRUCT_SIZE(generate_random)) != 0) {
4484 crypto_release_minor(cm);
4485 return (EFAULT);
4486 }
4487
4488 len = STRUCT_FGET(generate_random, gr_buflen);
4489 if (len > crypto_max_buffer_len) {
4490 cmn_err(CE_NOTE, "generate_random: buffer greater than %ld "
4491 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
4492 rv = CRYPTO_ARGUMENTS_BAD;
4493 goto release_minor;
4494 }
4495
4496 session_id = STRUCT_FGET(generate_random, gr_session);
4497
4498 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4499 goto release_minor;
4500 }
4501
4502 if ((rv = CRYPTO_BUFFER_CHECK(sp, len, rctl_chk)) !=
4503 CRYPTO_SUCCESS) {
4504 goto release_minor;
4505 }
4506 need = len;
4507 buffer = kmem_alloc(len, KM_SLEEP);
4508
4509 if ((rv = kcf_get_hardware_provider_nomech(
4510 CRYPTO_OPS_OFFSET(random_ops),
4511 CRYPTO_RANDOM_OFFSET(generate_random), sp->sd_provider,
4512 &real_provider)) != CRYPTO_SUCCESS) {
4513 goto release_minor;
4514 }
4515
4516 KCF_WRAP_RANDOM_OPS_PARAMS(&params, KCF_OP_RANDOM_GENERATE,
4517 sp->sd_provider_session->ps_session, buffer, len, 0, 0);
4518
4519 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
4520
4521 if (rv == CRYPTO_SUCCESS) {
4522 if (len != 0 && copyout(buffer,
4523 STRUCT_FGETP(generate_random, gr_buf), len) != 0) {
4524 error = EFAULT;
4525 }
4526 }
4527
4528 release_minor:
4529 CRYPTO_DECREMENT_RCTL_SESSION(sp, need, rctl_chk);
4530 CRYPTO_SESSION_RELE(sp);
4531 crypto_release_minor(cm);
4532
4533 if (real_provider != NULL)
4534 KCF_PROV_REFRELE(real_provider);
4535
4536 if (buffer != NULL) {
4537 /* random numbers are often used to create keys */
4538 bzero(buffer, len);
4539 kmem_free(buffer, len);
4540 }
4541
4542 if (error != 0)
4543 return (error);
4544
4545 STRUCT_FSET(generate_random, gr_return_value, rv);
4546 if (copyout(STRUCT_BUF(generate_random), arg,
4547 STRUCT_SIZE(generate_random)) != 0) {
4548 return (EFAULT);
4549 }
4550 return (0);
4551 }
4552
4553 /*
4554 * Copyout a kernel array of attributes to user space.
4555 * u_attrs is the corresponding user space array containing
4556 * user space pointers necessary for the copyout.
4557 */
4558 /* ARGSUSED */
4559 static int
4560 copyout_attributes(int mode, caddr_t out, uint_t count,
4561 crypto_object_attribute_t *k_attrs, caddr_t u_attrs)
4562 {
4563 STRUCT_DECL(crypto_object_attribute, oa);
4564 caddr_t p, valuep;
4565 size_t value_len;
4566 size_t len;
4567 int i;
4568 int error = 0;
4569
4570 if (count == 0)
4571 return (0);
4572
4573 STRUCT_INIT(oa, mode);
4574
4575 len = count * STRUCT_SIZE(oa);
4576
4577 ASSERT(u_attrs != NULL);
4578 p = u_attrs;
4579 for (i = 0; i < count; i++) {
4580 /* can this bcopy be eliminated? */
4581 bcopy(p, STRUCT_BUF(oa), STRUCT_SIZE(oa));
4582 value_len = k_attrs[i].oa_value_len;
4583 STRUCT_FSET(oa, oa_type, k_attrs[i].oa_type);
4584 STRUCT_FSET(oa, oa_value_len, (ssize_t)value_len);
4585 valuep = STRUCT_FGETP(oa, oa_value);
4586 if ((valuep != NULL) && (value_len != (size_t)-1)) {
4587 if (copyout(k_attrs[i].oa_value,
4588 valuep, value_len) != 0) {
4589 error = EFAULT;
4590 goto out;
4591 }
4592 }
4593 bcopy(STRUCT_BUF(oa), p, STRUCT_SIZE(oa));
4594 p += STRUCT_SIZE(oa);
4595 }
4596 if (copyout(u_attrs, out, len)) {
4597 error = EFAULT;
4598 }
4599 out:
4600 return (error);
4601 }
4602
4603
4604 /* ARGSUSED */
4605 static int
4606 object_create(dev_t dev, caddr_t arg, int mode, int *rval)
4607 {
4608 STRUCT_DECL(crypto_object_create, object_create);
4609 kcf_provider_desc_t *real_provider = NULL;
4610 kcf_req_params_t params;
4611 crypto_object_attribute_t *k_attrs = NULL;
4612 crypto_session_id_t session_id;
4613 crypto_minor_t *cm;
4614 crypto_session_data_t *sp = NULL;
4615 crypto_object_id_t object_handle;
4616 caddr_t oc_attributes;
4617 size_t k_attrs_size;
4618 size_t rctl_bytes = 0;
4619 boolean_t rctl_chk = B_FALSE;
4620 int error = 0;
4621 int rv;
4622 uint_t count;
4623
4624 STRUCT_INIT(object_create, mode);
4625
4626 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4627 cmn_err(CE_WARN, "object_create: failed holding minor");
4628 return (ENXIO);
4629 }
4630
4631 if (copyin(arg, STRUCT_BUF(object_create),
4632 STRUCT_SIZE(object_create)) != 0) {
4633 crypto_release_minor(cm);
4634 return (EFAULT);
4635 }
4636
4637 count = STRUCT_FGET(object_create, oc_count);
4638 oc_attributes = STRUCT_FGETP(object_create, oc_attributes);
4639
4640 session_id = STRUCT_FGET(object_create, oc_session);
4641 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4642 goto release_minor;
4643 }
4644 if (!copyin_attributes(mode, sp, count, oc_attributes, &k_attrs,
4645 &k_attrs_size, NULL, &rv, &error, &rctl_bytes,
4646 &rctl_chk, B_TRUE)) {
4647 goto release_minor;
4648 }
4649
4650 if ((rv = kcf_get_hardware_provider_nomech(
4651 CRYPTO_OPS_OFFSET(object_ops),
4652 CRYPTO_OBJECT_OFFSET(object_create), sp->sd_provider,
4653 &real_provider)) != CRYPTO_SUCCESS) {
4654 goto release_minor;
4655 }
4656
4657 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_CREATE,
4658 sp->sd_provider_session->ps_session, 0, k_attrs, count,
4659 &object_handle, 0, NULL, NULL, 0, NULL);
4660
4661 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
4662
4663 if (rv == CRYPTO_SUCCESS)
4664 STRUCT_FSET(object_create, oc_handle, object_handle);
4665
4666 release_minor:
4667 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
4668
4669 if (k_attrs != NULL)
4670 kmem_free(k_attrs, k_attrs_size);
4671
4672 if (error != 0)
4673 goto out;
4674
4675 STRUCT_FSET(object_create, oc_return_value, rv);
4676 if (copyout(STRUCT_BUF(object_create), arg,
4677 STRUCT_SIZE(object_create)) != 0) {
4678 if (rv == CRYPTO_SUCCESS) {
4679 KCF_WRAP_OBJECT_OPS_PARAMS(&params,
4680 KCF_OP_OBJECT_DESTROY,
4681 sp->sd_provider_session->ps_session, object_handle,
4682 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
4683
4684 (void) kcf_submit_request(real_provider, NULL,
4685 NULL, &params, B_FALSE);
4686
4687 error = EFAULT;
4688 }
4689 }
4690 out:
4691 CRYPTO_SESSION_RELE(sp);
4692 crypto_release_minor(cm);
4693 if (real_provider != NULL)
4694 KCF_PROV_REFRELE(real_provider);
4695 return (error);
4696 }
4697
4698 /* ARGSUSED */
4699 static int
4700 object_copy(dev_t dev, caddr_t arg, int mode, int *rval)
4701 {
4702 STRUCT_DECL(crypto_object_copy, object_copy);
4703 kcf_provider_desc_t *real_provider = NULL;
4704 kcf_req_params_t params;
4705 crypto_object_attribute_t *k_attrs = NULL;
4706 crypto_session_id_t session_id;
4707 crypto_minor_t *cm;
4708 crypto_session_data_t *sp = NULL;
4709 crypto_object_id_t handle, new_handle;
4710 caddr_t oc_new_attributes;
4711 size_t k_attrs_size;
4712 size_t rctl_bytes = 0;
4713 boolean_t rctl_chk = B_FALSE;
4714 int error = 0;
4715 int rv;
4716 uint_t count;
4717
4718 STRUCT_INIT(object_copy, mode);
4719
4720 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4721 cmn_err(CE_WARN, "object_copy: failed holding minor");
4722 return (ENXIO);
4723 }
4724
4725 if (copyin(arg, STRUCT_BUF(object_copy),
4726 STRUCT_SIZE(object_copy)) != 0) {
4727 crypto_release_minor(cm);
4728 return (EFAULT);
4729 }
4730
4731 count = STRUCT_FGET(object_copy, oc_count);
4732 oc_new_attributes = STRUCT_FGETP(object_copy, oc_new_attributes);
4733
4734 session_id = STRUCT_FGET(object_copy, oc_session);
4735
4736 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4737 goto release_minor;
4738 }
4739 if (!copyin_attributes(mode, sp, count, oc_new_attributes, &k_attrs,
4740 &k_attrs_size, NULL, &rv, &error, &rctl_bytes,
4741 &rctl_chk, B_TRUE)) {
4742 goto release_minor;
4743 }
4744
4745 if ((rv = kcf_get_hardware_provider_nomech(
4746 CRYPTO_OPS_OFFSET(object_ops),
4747 CRYPTO_OBJECT_OFFSET(object_copy), sp->sd_provider,
4748 &real_provider)) != CRYPTO_SUCCESS) {
4749 goto release_minor;
4750 }
4751
4752 handle = STRUCT_FGET(object_copy, oc_handle);
4753 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_COPY,
4754 sp->sd_provider_session->ps_session, handle, k_attrs, count,
4755 &new_handle, 0, NULL, NULL, 0, NULL);
4756
4757 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
4758
4759 if (rv == CRYPTO_SUCCESS)
4760 STRUCT_FSET(object_copy, oc_new_handle, new_handle);
4761
4762 release_minor:
4763 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
4764
4765 if (k_attrs != NULL)
4766 kmem_free(k_attrs, k_attrs_size);
4767
4768 if (error != 0)
4769 goto out;
4770
4771 STRUCT_FSET(object_copy, oc_return_value, rv);
4772 if (copyout(STRUCT_BUF(object_copy), arg,
4773 STRUCT_SIZE(object_copy)) != 0) {
4774 if (rv == CRYPTO_SUCCESS) {
4775 KCF_WRAP_OBJECT_OPS_PARAMS(&params,
4776 KCF_OP_OBJECT_DESTROY,
4777 sp->sd_provider_session->ps_session, new_handle,
4778 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
4779
4780 (void) kcf_submit_request(real_provider, NULL,
4781 NULL, &params, B_FALSE);
4782
4783 error = EFAULT;
4784 }
4785 }
4786 out:
4787 CRYPTO_SESSION_RELE(sp);
4788 crypto_release_minor(cm);
4789 if (real_provider != NULL)
4790 KCF_PROV_REFRELE(real_provider);
4791 return (error);
4792 }
4793
4794 /* ARGSUSED */
4795 static int
4796 object_destroy(dev_t dev, caddr_t arg, int mode, int *rval)
4797 {
4798 STRUCT_DECL(crypto_object_destroy, object_destroy);
4799 kcf_provider_desc_t *real_provider;
4800 kcf_req_params_t params;
4801 crypto_session_id_t session_id;
4802 crypto_minor_t *cm;
4803 crypto_session_data_t *sp;
4804 crypto_object_id_t handle;
4805 int error = 0;
4806 int rv;
4807
4808 STRUCT_INIT(object_destroy, mode);
4809
4810 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4811 cmn_err(CE_WARN, "object_destroy: failed holding minor");
4812 return (ENXIO);
4813 }
4814
4815 if (copyin(arg, STRUCT_BUF(object_destroy),
4816 STRUCT_SIZE(object_destroy)) != 0) {
4817 crypto_release_minor(cm);
4818 return (EFAULT);
4819 }
4820
4821 session_id = STRUCT_FGET(object_destroy, od_session);
4822
4823 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4824 goto release_minor;
4825 }
4826
4827 if ((rv = kcf_get_hardware_provider_nomech(
4828 CRYPTO_OPS_OFFSET(object_ops),
4829 CRYPTO_OBJECT_OFFSET(object_destroy), sp->sd_provider,
4830 &real_provider)) != CRYPTO_SUCCESS) {
4831 goto out;
4832 }
4833
4834 handle = STRUCT_FGET(object_destroy, od_handle);
4835 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_DESTROY,
4836 sp->sd_provider_session->ps_session, handle, NULL, 0, NULL, 0,
4837 NULL, NULL, 0, NULL);
4838
4839 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
4840 KCF_PROV_REFRELE(real_provider);
4841
4842 out:
4843 CRYPTO_SESSION_RELE(sp);
4844
4845 release_minor:
4846 crypto_release_minor(cm);
4847
4848 if (error != 0)
4849 return (error);
4850
4851 STRUCT_FSET(object_destroy, od_return_value, rv);
4852
4853 if (copyout(STRUCT_BUF(object_destroy), arg,
4854 STRUCT_SIZE(object_destroy)) != 0) {
4855 return (EFAULT);
4856 }
4857 return (0);
4858 }
4859
4860 /* ARGSUSED */
4861 static int
4862 object_get_attribute_value(dev_t dev, caddr_t arg, int mode, int *rval)
4863 {
4864 STRUCT_DECL(crypto_object_get_attribute_value, get_attribute_value);
4865 #ifdef _LP64
4866 STRUCT_DECL(crypto_object_attribute, oa);
4867 #else
4868 /* LINTED E_FUNC_SET_NOT_USED */
4869 STRUCT_DECL(crypto_object_attribute, oa);
4870 #endif
4871 kcf_provider_desc_t *real_provider;
4872 kcf_req_params_t params;
4873 crypto_object_attribute_t *k_attrs = NULL;
4874 crypto_session_id_t session_id;
4875 crypto_minor_t *cm;
4876 crypto_session_data_t *sp = NULL;
4877 crypto_object_id_t handle;
4878 caddr_t og_attributes;
4879 caddr_t u_attrs = NULL;
4880 size_t k_attrs_size;
4881 size_t rctl_bytes = 0;
4882 boolean_t rctl_chk = B_FALSE;
4883 int error = 0;
4884 int rv;
4885 uint_t count;
4886
4887 STRUCT_INIT(get_attribute_value, mode);
4888 STRUCT_INIT(oa, mode);
4889
4890 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4891 cmn_err(CE_WARN,
4892 "object_get_attribute_value: failed holding minor");
4893 return (ENXIO);
4894 }
4895
4896 if (copyin(arg, STRUCT_BUF(get_attribute_value),
4897 STRUCT_SIZE(get_attribute_value)) != 0) {
4898 crypto_release_minor(cm);
4899 return (EFAULT);
4900 }
4901
4902 count = STRUCT_FGET(get_attribute_value, og_count);
4903 og_attributes = STRUCT_FGETP(get_attribute_value, og_attributes);
4904
4905 session_id = STRUCT_FGET(get_attribute_value, og_session);
4906
4907 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4908 goto release_minor;
4909 }
4910 if (!copyin_attributes(mode, sp, count, og_attributes, &k_attrs,
4911 &k_attrs_size, &u_attrs, &rv, &error, &rctl_bytes,
4912 &rctl_chk, B_FALSE)) {
4913 goto release_minor;
4914 }
4915
4916 if ((rv = kcf_get_hardware_provider_nomech(
4917 CRYPTO_OPS_OFFSET(object_ops),
4918 CRYPTO_OBJECT_OFFSET(object_get_attribute_value),
4919 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
4920 goto out;
4921 }
4922
4923 handle = STRUCT_FGET(get_attribute_value, og_handle);
4924 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_GET_ATTRIBUTE_VALUE,
4925 sp->sd_provider_session->ps_session, handle, k_attrs, count, NULL,
4926 0, NULL, NULL, 0, NULL);
4927
4928 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
4929 KCF_PROV_REFRELE(real_provider);
4930
4931 out:
4932 if (rv == CRYPTO_SUCCESS || rv == CRYPTO_ATTRIBUTE_SENSITIVE ||
4933 rv == CRYPTO_ATTRIBUTE_TYPE_INVALID ||
4934 rv == CRYPTO_BUFFER_TOO_SMALL) {
4935 error = copyout_attributes(mode,
4936 STRUCT_FGETP(get_attribute_value, og_attributes),
4937 count, k_attrs, u_attrs);
4938 }
4939
4940 release_minor:
4941 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
4942 CRYPTO_SESSION_RELE(sp);
4943 crypto_release_minor(cm);
4944
4945 if (k_attrs != NULL)
4946 kmem_free(k_attrs, k_attrs_size);
4947
4948 if (u_attrs != NULL)
4949 kmem_free(u_attrs, count * STRUCT_SIZE(oa));
4950
4951 if (error != 0)
4952 return (error);
4953
4954 STRUCT_FSET(get_attribute_value, og_return_value, rv);
4955 if (copyout(STRUCT_BUF(get_attribute_value), arg,
4956 STRUCT_SIZE(get_attribute_value)) != 0) {
4957 return (EFAULT);
4958 }
4959 return (0);
4960 }
4961
4962 /* ARGSUSED */
4963 static int
4964 object_get_size(dev_t dev, caddr_t arg, int mode, int *rval)
4965 {
4966 STRUCT_DECL(crypto_object_get_size, object_get_size);
4967 kcf_provider_desc_t *real_provider;
4968 kcf_req_params_t params;
4969 crypto_session_id_t session_id;
4970 crypto_minor_t *cm;
4971 crypto_session_data_t *sp = NULL;
4972 crypto_object_id_t handle;
4973 size_t size;
4974 int error = 0;
4975 int rv;
4976
4977 STRUCT_INIT(object_get_size, mode);
4978
4979 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
4980 cmn_err(CE_WARN, "object_get_size: failed holding minor");
4981 return (ENXIO);
4982 }
4983
4984 if (copyin(arg, STRUCT_BUF(object_get_size),
4985 STRUCT_SIZE(object_get_size)) != 0) {
4986 crypto_release_minor(cm);
4987 return (EFAULT);
4988 }
4989
4990 session_id = STRUCT_FGET(object_get_size, gs_session);
4991
4992 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
4993 goto release_minor;
4994 }
4995
4996 if ((rv = kcf_get_hardware_provider_nomech(
4997 CRYPTO_OPS_OFFSET(object_ops),
4998 CRYPTO_OBJECT_OFFSET(object_get_size),
4999 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
5000 goto release_minor;
5001 }
5002
5003 handle = STRUCT_FGET(object_get_size, gs_handle);
5004 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_GET_SIZE,
5005 sp->sd_provider_session->ps_session, handle, NULL, 0, NULL, &size,
5006 NULL, NULL, 0, NULL);
5007
5008 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
5009 KCF_PROV_REFRELE(real_provider);
5010
5011 if (rv == CRYPTO_SUCCESS) {
5012 STRUCT_FSET(object_get_size, gs_size, (ulong_t)size);
5013 }
5014
5015 release_minor:
5016 crypto_release_minor(cm);
5017 CRYPTO_SESSION_RELE(sp);
5018
5019 if (error != 0)
5020 return (error);
5021
5022 STRUCT_FSET(object_get_size, gs_return_value, rv);
5023 if (copyout(STRUCT_BUF(object_get_size), arg,
5024 STRUCT_SIZE(object_get_size)) != 0) {
5025 return (EFAULT);
5026 }
5027 return (0);
5028 }
5029
5030 /* ARGSUSED */
5031 static int
5032 object_set_attribute_value(dev_t dev, caddr_t arg, int mode, int *rval)
5033 {
5034 STRUCT_DECL(crypto_object_set_attribute_value, set_attribute_value);
5035 kcf_provider_desc_t *real_provider;
5036 kcf_req_params_t params;
5037 crypto_object_attribute_t *k_attrs = NULL;
5038 crypto_session_id_t session_id;
5039 crypto_minor_t *cm;
5040 crypto_session_data_t *sp = NULL;
5041 crypto_object_id_t object_handle;
5042 caddr_t sa_attributes;
5043 size_t k_attrs_size;
5044 size_t rctl_bytes = 0;
5045 boolean_t rctl_chk = B_FALSE;
5046 int error = 0;
5047 int rv;
5048 uint_t count;
5049
5050 STRUCT_INIT(set_attribute_value, mode);
5051
5052 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5053 cmn_err(CE_WARN,
5054 "object_set_attribute_value: failed holding minor");
5055 return (ENXIO);
5056 }
5057
5058 if (copyin(arg, STRUCT_BUF(set_attribute_value),
5059 STRUCT_SIZE(set_attribute_value)) != 0) {
5060 crypto_release_minor(cm);
5061 return (EFAULT);
5062 }
5063
5064 count = STRUCT_FGET(set_attribute_value, sa_count);
5065 sa_attributes = STRUCT_FGETP(set_attribute_value, sa_attributes);
5066
5067 session_id = STRUCT_FGET(set_attribute_value, sa_session);
5068
5069 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5070 goto release_minor;
5071 }
5072 if (!copyin_attributes(mode, sp, count, sa_attributes, &k_attrs,
5073 &k_attrs_size, NULL, &rv, &error, &rctl_bytes,
5074 &rctl_chk, B_TRUE)) {
5075 goto release_minor;
5076 }
5077
5078 if ((rv = kcf_get_hardware_provider_nomech(
5079 CRYPTO_OPS_OFFSET(object_ops),
5080 CRYPTO_OBJECT_OFFSET(object_set_attribute_value),
5081 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
5082 goto release_minor;
5083 }
5084
5085 object_handle = STRUCT_FGET(set_attribute_value, sa_handle);
5086 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_SET_ATTRIBUTE_VALUE,
5087 sp->sd_provider_session->ps_session, object_handle, k_attrs, count,
5088 NULL, 0, NULL, NULL, 0, NULL);
5089
5090 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
5091 KCF_PROV_REFRELE(real_provider);
5092
5093 release_minor:
5094 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
5095 CRYPTO_SESSION_RELE(sp);
5096 crypto_release_minor(cm);
5097
5098 if (k_attrs != NULL)
5099 kmem_free(k_attrs, k_attrs_size);
5100
5101 if (error != 0)
5102 return (error);
5103
5104 STRUCT_FSET(set_attribute_value, sa_return_value, rv);
5105 if (copyout(STRUCT_BUF(set_attribute_value), arg,
5106 STRUCT_SIZE(set_attribute_value)) != 0) {
5107 return (EFAULT);
5108 }
5109 return (0);
5110 }
5111
5112 /* ARGSUSED */
5113 static int
5114 object_find_init(dev_t dev, caddr_t arg, int mode, int *rval)
5115 {
5116 STRUCT_DECL(crypto_object_find_init, find_init);
5117 kcf_provider_desc_t *real_provider = NULL;
5118 kcf_req_params_t params;
5119 crypto_object_attribute_t *k_attrs = NULL;
5120 crypto_session_id_t session_id;
5121 crypto_minor_t *cm;
5122 crypto_session_data_t *sp = NULL;
5123 caddr_t attributes;
5124 size_t k_attrs_size;
5125 size_t rctl_bytes = 0;
5126 boolean_t rctl_chk = B_FALSE;
5127 int error = 0;
5128 int rv;
5129 uint_t count;
5130 void *cookie;
5131
5132 STRUCT_INIT(find_init, mode);
5133
5134 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5135 cmn_err(CE_WARN, "object_find_init: failed holding minor");
5136 return (ENXIO);
5137 }
5138
5139 if (copyin(arg, STRUCT_BUF(find_init), STRUCT_SIZE(find_init)) != 0) {
5140 crypto_release_minor(cm);
5141 return (EFAULT);
5142 }
5143
5144 count = STRUCT_FGET(find_init, fi_count);
5145 attributes = STRUCT_FGETP(find_init, fi_attributes);
5146
5147 session_id = STRUCT_FGET(find_init, fi_session);
5148
5149 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5150 goto release_minor;
5151 }
5152 if (!copyin_attributes(mode, sp, count, attributes, &k_attrs,
5153 &k_attrs_size, NULL, &rv, &error, &rctl_bytes,
5154 &rctl_chk, B_TRUE)) {
5155 goto release_minor;
5156 }
5157
5158 if ((rv = kcf_get_hardware_provider_nomech(
5159 CRYPTO_OPS_OFFSET(object_ops),
5160 CRYPTO_OBJECT_OFFSET(object_find_init),
5161 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
5162 goto release_minor;
5163 }
5164
5165 /* check for an active find */
5166 if (sp->sd_find_init_cookie != NULL) {
5167 rv = CRYPTO_OPERATION_IS_ACTIVE;
5168 goto release_minor;
5169 }
5170
5171 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_FIND_INIT,
5172 sp->sd_provider_session->ps_session, 0, k_attrs, count, NULL, 0,
5173 &cookie, NULL, 0, NULL);
5174
5175 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
5176
5177 if (rv == CRYPTO_SUCCESS) {
5178 /*
5179 * The cookie is allocated by a provider at the start of an
5180 * object search. It is freed when the search is terminated
5181 * by a final operation, or when the session is closed.
5182 * It contains state information about which object handles
5183 * have been returned to the caller.
5184 */
5185 sp->sd_find_init_cookie = cookie;
5186 }
5187
5188 release_minor:
5189 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
5190 CRYPTO_SESSION_RELE(sp);
5191 crypto_release_minor(cm);
5192
5193 if (real_provider != NULL)
5194 KCF_PROV_REFRELE(real_provider);
5195
5196 if (k_attrs != NULL)
5197 kmem_free(k_attrs, k_attrs_size);
5198
5199 if (error != 0)
5200 return (error);
5201
5202 STRUCT_FSET(find_init, fi_return_value, rv);
5203 if (copyout(STRUCT_BUF(find_init), arg, STRUCT_SIZE(find_init)) != 0) {
5204 return (EFAULT);
5205 }
5206 return (0);
5207 }
5208
5209 /* ARGSUSED */
5210 static int
5211 object_find_update(dev_t dev, caddr_t arg, int mode, int *rval)
5212 {
5213 STRUCT_DECL(crypto_object_find_update, find_update);
5214 kcf_provider_desc_t *real_provider;
5215 kcf_req_params_t params;
5216 crypto_minor_t *cm;
5217 crypto_session_data_t *sp = NULL;
5218 crypto_object_id_t *buffer = NULL;
5219 crypto_session_id_t session_id;
5220 size_t len, rctl_bytes = 0;
5221 uint_t count, max_count;
5222 int rv, error = 0;
5223 boolean_t rctl_chk = B_FALSE;
5224
5225 STRUCT_INIT(find_update, mode);
5226
5227 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5228 cmn_err(CE_WARN, "object_find_update: failed holding minor");
5229 return (ENXIO);
5230 }
5231
5232 if (copyin(arg, STRUCT_BUF(find_update),
5233 STRUCT_SIZE(find_update)) != 0) {
5234 crypto_release_minor(cm);
5235 return (EFAULT);
5236 }
5237
5238 max_count = STRUCT_FGET(find_update, fu_max_count);
5239 if (max_count > CRYPTO_MAX_FIND_COUNT) {
5240 cmn_err(CE_NOTE, "object_find_update: count greater than %d, "
5241 "pid = %d", CRYPTO_MAX_FIND_COUNT, curproc->p_pid);
5242 rv = CRYPTO_ARGUMENTS_BAD;
5243 goto release_minor;
5244 }
5245 len = max_count * sizeof (crypto_object_id_t);
5246 session_id = STRUCT_FGET(find_update, fu_session);
5247
5248 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5249 goto release_minor;
5250 }
5251 if ((rv = CRYPTO_BUFFER_CHECK(sp, len, rctl_chk)) !=
5252 CRYPTO_SUCCESS) {
5253 goto release_minor;
5254 }
5255 rctl_bytes = len;
5256 buffer = kmem_alloc(len, KM_SLEEP);
5257
5258 if ((rv = kcf_get_hardware_provider_nomech(
5259 CRYPTO_OPS_OFFSET(object_ops),
5260 CRYPTO_OBJECT_OFFSET(object_find), sp->sd_provider,
5261 &real_provider)) != CRYPTO_SUCCESS) {
5262 goto release_minor;
5263 }
5264
5265 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_FIND,
5266 sp->sd_provider_session->ps_session, 0, NULL, 0, buffer, 0,
5267 NULL, sp->sd_find_init_cookie, max_count, &count);
5268
5269 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
5270 KCF_PROV_REFRELE(real_provider);
5271
5272 if (rv == CRYPTO_SUCCESS) {
5273 if (count > max_count) {
5274 /* bad bad provider */
5275 rv = CRYPTO_FAILED;
5276 goto release_minor;
5277 }
5278 if (count != 0) {
5279 /* copyout handles */
5280 if (copyout(buffer,
5281 STRUCT_FGETP(find_update, fu_handles),
5282 count * sizeof (crypto_object_id_t)) != 0) {
5283 error = EFAULT;
5284 }
5285 }
5286 STRUCT_FSET(find_update, fu_count, count);
5287 }
5288
5289 release_minor:
5290 CRYPTO_DECREMENT_RCTL_SESSION(sp, rctl_bytes, rctl_chk);
5291 CRYPTO_SESSION_RELE(sp);
5292 crypto_release_minor(cm);
5293
5294 if (buffer != NULL)
5295 kmem_free(buffer, len);
5296
5297 if (error != 0)
5298 return (error);
5299
5300 STRUCT_FSET(find_update, fu_return_value, rv);
5301 if (copyout(STRUCT_BUF(find_update), arg,
5302 STRUCT_SIZE(find_update)) != 0) {
5303 return (EFAULT);
5304 }
5305
5306 return (0);
5307 }
5308
5309 /*
5310 * Free provider-allocated storage used for find object searches.
5311 */
5312 static int
5313 crypto_free_find_ctx(crypto_session_data_t *sp)
5314 {
5315 kcf_provider_desc_t *real_provider;
5316 kcf_req_params_t params;
5317 int rv;
5318
5319 if ((rv = kcf_get_hardware_provider_nomech(
5320 CRYPTO_OPS_OFFSET(object_ops),
5321 CRYPTO_OBJECT_OFFSET(object_find_final),
5322 sp->sd_provider, &real_provider)) != CRYPTO_SUCCESS) {
5323 return (rv);
5324 }
5325
5326 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_FIND_FINAL,
5327 sp->sd_provider_session->ps_session, 0, NULL, 0, NULL, 0,
5328 NULL, sp->sd_find_init_cookie, 0, NULL);
5329
5330 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
5331 KCF_PROV_REFRELE(real_provider);
5332 return (rv);
5333 }
5334
5335 /* ARGSUSED */
5336 static int
5337 object_find_final(dev_t dev, caddr_t arg, int mode, int *rval)
5338 {
5339 STRUCT_DECL(crypto_object_find_final, object_find_final);
5340 crypto_session_id_t session_id;
5341 crypto_minor_t *cm;
5342 crypto_session_data_t *sp;
5343 int error = 0;
5344 int rv;
5345
5346 STRUCT_INIT(object_find_final, mode);
5347
5348 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5349 cmn_err(CE_WARN, "object_find_final: failed holding minor");
5350 return (ENXIO);
5351 }
5352
5353 if (copyin(arg, STRUCT_BUF(object_find_final),
5354 STRUCT_SIZE(object_find_final)) != 0) {
5355 crypto_release_minor(cm);
5356 return (EFAULT);
5357 }
5358
5359 session_id = STRUCT_FGET(object_find_final, ff_session);
5360
5361 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5362 goto release_minor;
5363 }
5364
5365 if ((rv = crypto_free_find_ctx(sp)) == CRYPTO_SUCCESS) {
5366 sp->sd_find_init_cookie = NULL;
5367 }
5368
5369 CRYPTO_SESSION_RELE(sp);
5370
5371 release_minor:
5372 crypto_release_minor(cm);
5373
5374 if (error != 0)
5375 return (error);
5376
5377 STRUCT_FSET(object_find_final, ff_return_value, rv);
5378
5379 if (copyout(STRUCT_BUF(object_find_final), arg,
5380 STRUCT_SIZE(object_find_final)) != 0) {
5381 return (EFAULT);
5382 }
5383 return (0);
5384 }
5385
5386 /* ARGSUSED */
5387 static int
5388 object_generate_key(dev_t dev, caddr_t arg, int mode, int *rval)
5389 {
5390 STRUCT_DECL(crypto_object_generate_key, generate_key);
5391 kcf_provider_desc_t *real_provider = NULL;
5392 kcf_req_params_t params;
5393 crypto_mechanism_t mech;
5394 crypto_object_attribute_t *k_attrs = NULL;
5395 crypto_session_id_t session_id;
5396 crypto_minor_t *cm;
5397 crypto_session_data_t *sp = NULL;
5398 crypto_object_id_t key_handle;
5399 caddr_t attributes;
5400 size_t k_attrs_size;
5401 size_t mech_rctl_bytes = 0, key_rctl_bytes = 0;
5402 boolean_t mech_rctl_chk = B_FALSE;
5403 boolean_t key_rctl_chk = B_FALSE;
5404 uint_t count;
5405 int error = 0;
5406 int rv;
5407 boolean_t allocated_by_crypto_module = B_FALSE;
5408
5409 STRUCT_INIT(generate_key, mode);
5410
5411 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5412 cmn_err(CE_WARN, "object_generate_key: failed holding minor");
5413 return (ENXIO);
5414 }
5415
5416 if (copyin(arg, STRUCT_BUF(generate_key),
5417 STRUCT_SIZE(generate_key)) != 0) {
5418 crypto_release_minor(cm);
5419 return (EFAULT);
5420 }
5421
5422 session_id = STRUCT_FGET(generate_key, gk_session);
5423
5424 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5425 goto release_minor;
5426 }
5427
5428 bcopy(STRUCT_FADDR(generate_key, gk_mechanism), &mech.cm_type,
5429 sizeof (crypto_mech_type_t));
5430
5431 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
5432 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
5433 &real_provider, CRYPTO_FG_GENERATE)) != CRYPTO_SUCCESS) {
5434 goto release_minor;
5435 }
5436
5437 rv = crypto_provider_copyin_mech_param(real_provider,
5438 STRUCT_FADDR(generate_key, gk_mechanism), &mech, mode, &error);
5439
5440 if (rv == CRYPTO_NOT_SUPPORTED) {
5441 allocated_by_crypto_module = B_TRUE;
5442 if (!copyin_mech(mode, sp,
5443 STRUCT_FADDR(generate_key, gk_mechanism),
5444 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
5445 goto release_minor;
5446 }
5447 } else {
5448 if (rv != CRYPTO_SUCCESS)
5449 goto release_minor;
5450 }
5451
5452 count = STRUCT_FGET(generate_key, gk_count);
5453 attributes = STRUCT_FGETP(generate_key, gk_attributes);
5454 if (!copyin_attributes(mode, sp, count, attributes, &k_attrs,
5455 &k_attrs_size, NULL, &rv, &error, &key_rctl_bytes,
5456 &key_rctl_chk, B_TRUE)) {
5457 goto release_minor;
5458 }
5459
5460 KCF_WRAP_KEY_OPS_PARAMS(&params, KCF_OP_KEY_GENERATE,
5461 sp->sd_provider_session->ps_session, &mech, k_attrs, count,
5462 &key_handle, NULL, 0, NULL, NULL, NULL, 0);
5463
5464 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
5465
5466 if (rv == CRYPTO_SUCCESS)
5467 STRUCT_FSET(generate_key, gk_handle, key_handle);
5468
5469 release_minor:
5470 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
5471 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
5472
5473 if (k_attrs != NULL)
5474 kmem_free(k_attrs, k_attrs_size);
5475
5476 if (error != 0)
5477 goto out;
5478
5479 STRUCT_FSET(generate_key, gk_return_value, rv);
5480 if (copyout(STRUCT_BUF(generate_key), arg,
5481 STRUCT_SIZE(generate_key)) != 0) {
5482 if (rv == CRYPTO_SUCCESS) {
5483 KCF_WRAP_OBJECT_OPS_PARAMS(&params,
5484 KCF_OP_OBJECT_DESTROY,
5485 sp->sd_provider_session->ps_session, key_handle,
5486 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
5487
5488 (void) kcf_submit_request(real_provider, NULL,
5489 NULL, &params, B_FALSE);
5490
5491 error = EFAULT;
5492 }
5493 }
5494 out:
5495 CRYPTO_SESSION_RELE(sp);
5496 crypto_release_minor(cm);
5497
5498 if (real_provider != NULL) {
5499 crypto_free_mech(real_provider,
5500 allocated_by_crypto_module, &mech);
5501 KCF_PROV_REFRELE(real_provider);
5502 }
5503 return (error);
5504 }
5505
5506 /* ARGSUSED */
5507 static int
5508 nostore_generate_key(dev_t dev, caddr_t arg, int mode, int *rval)
5509 {
5510 STRUCT_DECL(crypto_nostore_generate_key, generate_key);
5511 #ifdef _LP64
5512 STRUCT_DECL(crypto_object_attribute, oa);
5513 #else
5514 /* LINTED E_FUNC_SET_NOT_USED */
5515 STRUCT_DECL(crypto_object_attribute, oa);
5516 #endif
5517 kcf_provider_desc_t *real_provider = NULL;
5518 kcf_req_params_t params;
5519 crypto_mechanism_t mech;
5520 crypto_object_attribute_t *k_in_attrs = NULL;
5521 crypto_object_attribute_t *k_out_attrs = NULL;
5522 crypto_session_id_t session_id;
5523 crypto_minor_t *cm;
5524 crypto_session_data_t *sp = NULL;
5525 caddr_t in_attributes;
5526 caddr_t out_attributes;
5527 size_t k_in_attrs_size;
5528 size_t k_out_attrs_size;
5529 size_t mech_rctl_bytes = 0;
5530 boolean_t mech_rctl_chk = B_FALSE;
5531 size_t in_key_rctl_bytes = 0, out_key_rctl_bytes = 0;
5532 boolean_t in_key_rctl_chk = B_FALSE;
5533 boolean_t out_key_rctl_chk = B_FALSE;
5534 uint_t in_count;
5535 uint_t out_count;
5536 int error = 0;
5537 int rv;
5538 boolean_t allocated_by_crypto_module = B_FALSE;
5539 caddr_t u_attrs = NULL;
5540
5541 STRUCT_INIT(generate_key, mode);
5542 STRUCT_INIT(oa, mode);
5543
5544 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5545 cmn_err(CE_WARN, "nostore_generate_key: failed holding minor");
5546 return (ENXIO);
5547 }
5548
5549 if (copyin(arg, STRUCT_BUF(generate_key),
5550 STRUCT_SIZE(generate_key)) != 0) {
5551 crypto_release_minor(cm);
5552 return (EFAULT);
5553 }
5554
5555 session_id = STRUCT_FGET(generate_key, ngk_session);
5556
5557 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5558 goto release_minor;
5559 }
5560
5561 bcopy(STRUCT_FADDR(generate_key, ngk_mechanism), &mech.cm_type,
5562 sizeof (crypto_mech_type_t));
5563
5564 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
5565 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
5566 &real_provider, CRYPTO_FG_GENERATE)) != CRYPTO_SUCCESS) {
5567 goto release_minor;
5568 }
5569
5570 rv = crypto_provider_copyin_mech_param(real_provider,
5571 STRUCT_FADDR(generate_key, ngk_mechanism), &mech, mode, &error);
5572
5573 if (rv == CRYPTO_NOT_SUPPORTED) {
5574 allocated_by_crypto_module = B_TRUE;
5575 if (!copyin_mech(mode, sp, STRUCT_FADDR(generate_key,
5576 ngk_mechanism), &mech, &mech_rctl_bytes,
5577 &mech_rctl_chk, &rv, &error)) {
5578 goto release_minor;
5579 }
5580 } else {
5581 if (rv != CRYPTO_SUCCESS)
5582 goto release_minor;
5583 }
5584
5585 in_count = STRUCT_FGET(generate_key, ngk_in_count);
5586 in_attributes = STRUCT_FGETP(generate_key, ngk_in_attributes);
5587 if (!copyin_attributes(mode, sp, in_count, in_attributes, &k_in_attrs,
5588 &k_in_attrs_size, NULL, &rv, &error, &in_key_rctl_bytes,
5589 &in_key_rctl_chk, B_TRUE)) {
5590 goto release_minor;
5591 }
5592
5593 out_count = STRUCT_FGET(generate_key, ngk_out_count);
5594 out_attributes = STRUCT_FGETP(generate_key, ngk_out_attributes);
5595 if (!copyin_attributes(mode, sp, out_count, out_attributes,
5596 &k_out_attrs,
5597 &k_out_attrs_size, &u_attrs, &rv, &error, &out_key_rctl_bytes,
5598 &out_key_rctl_chk, B_FALSE)) {
5599 goto release_minor;
5600 }
5601
5602 KCF_WRAP_NOSTORE_KEY_OPS_PARAMS(&params, KCF_OP_KEY_GENERATE,
5603 sp->sd_provider_session->ps_session, &mech, k_in_attrs, in_count,
5604 NULL, 0, NULL, k_out_attrs, out_count, NULL, 0);
5605
5606 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
5607
5608 if (rv == CRYPTO_SUCCESS) {
5609 error = copyout_attributes(mode, out_attributes,
5610 out_count, k_out_attrs, u_attrs);
5611 }
5612 release_minor:
5613 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
5614 CRYPTO_DECREMENT_RCTL_SESSION(sp, in_key_rctl_bytes, in_key_rctl_chk);
5615 CRYPTO_DECREMENT_RCTL_SESSION(sp, out_key_rctl_bytes,
5616 out_key_rctl_chk);
5617
5618 if (k_in_attrs != NULL)
5619 kmem_free(k_in_attrs, k_in_attrs_size);
5620 if (k_out_attrs != NULL) {
5621 bzero(k_out_attrs, k_out_attrs_size);
5622 kmem_free(k_out_attrs, k_out_attrs_size);
5623 }
5624
5625 if (u_attrs != NULL)
5626 kmem_free(u_attrs, out_count * STRUCT_SIZE(oa));
5627
5628 if (error != 0)
5629 goto out;
5630
5631 STRUCT_FSET(generate_key, ngk_return_value, rv);
5632 if (copyout(STRUCT_BUF(generate_key), arg,
5633 STRUCT_SIZE(generate_key)) != 0) {
5634 error = EFAULT;
5635 }
5636 out:
5637 CRYPTO_SESSION_RELE(sp);
5638 crypto_release_minor(cm);
5639
5640 if (real_provider != NULL) {
5641 crypto_free_mech(real_provider,
5642 allocated_by_crypto_module, &mech);
5643 KCF_PROV_REFRELE(real_provider);
5644 }
5645 return (error);
5646 }
5647
5648 /* ARGSUSED */
5649 static int
5650 object_generate_key_pair(dev_t dev, caddr_t arg, int mode, int *rval)
5651 {
5652 STRUCT_DECL(crypto_object_generate_key_pair, generate_key_pair);
5653 kcf_provider_desc_t *real_provider = NULL;
5654 kcf_req_params_t params;
5655 crypto_mechanism_t mech;
5656 crypto_object_attribute_t *k_pub_attrs = NULL;
5657 crypto_object_attribute_t *k_pri_attrs = NULL;
5658 crypto_session_id_t session_id;
5659 crypto_minor_t *cm;
5660 crypto_session_data_t *sp = NULL;
5661 crypto_object_id_t pub_handle;
5662 crypto_object_id_t pri_handle;
5663 caddr_t pri_attributes;
5664 caddr_t pub_attributes;
5665 size_t k_pub_attrs_size, k_pri_attrs_size;
5666 size_t mech_rctl_bytes = 0;
5667 boolean_t mech_rctl_chk = B_FALSE;
5668 size_t pub_rctl_bytes = 0;
5669 boolean_t pub_rctl_chk = B_FALSE;
5670 size_t pri_rctl_bytes = 0;
5671 boolean_t pri_rctl_chk = B_FALSE;
5672 uint_t pub_count;
5673 uint_t pri_count;
5674 int error = 0;
5675 int rv;
5676 boolean_t allocated_by_crypto_module = B_FALSE;
5677
5678 STRUCT_INIT(generate_key_pair, mode);
5679
5680 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5681 cmn_err(CE_WARN,
5682 "object_generate_key_pair: failed holding minor");
5683 return (ENXIO);
5684 }
5685
5686 if (copyin(arg, STRUCT_BUF(generate_key_pair),
5687 STRUCT_SIZE(generate_key_pair)) != 0) {
5688 crypto_release_minor(cm);
5689 return (EFAULT);
5690 }
5691
5692 session_id = STRUCT_FGET(generate_key_pair, kp_session);
5693
5694 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5695 goto release_minor;
5696 }
5697
5698 bcopy(STRUCT_FADDR(generate_key_pair, kp_mechanism), &mech.cm_type,
5699 sizeof (crypto_mech_type_t));
5700
5701 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
5702 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
5703 &real_provider, CRYPTO_FG_GENERATE_KEY_PAIR)) != CRYPTO_SUCCESS) {
5704 goto release_minor;
5705 }
5706
5707 rv = crypto_provider_copyin_mech_param(real_provider,
5708 STRUCT_FADDR(generate_key_pair, kp_mechanism), &mech, mode, &error);
5709
5710 if (rv == CRYPTO_NOT_SUPPORTED) {
5711 allocated_by_crypto_module = B_TRUE;
5712 if (!copyin_mech(mode, sp, STRUCT_FADDR(generate_key_pair,
5713 kp_mechanism), &mech, &mech_rctl_bytes,
5714 &mech_rctl_chk, &rv, &error)) {
5715 goto release_minor;
5716 }
5717 } else {
5718 if (rv != CRYPTO_SUCCESS)
5719 goto release_minor;
5720 }
5721
5722 pub_count = STRUCT_FGET(generate_key_pair, kp_public_count);
5723 pri_count = STRUCT_FGET(generate_key_pair, kp_private_count);
5724
5725 pub_attributes = STRUCT_FGETP(generate_key_pair, kp_public_attributes);
5726 if (!copyin_attributes(mode, sp, pub_count, pub_attributes,
5727 &k_pub_attrs, &k_pub_attrs_size, NULL, &rv, &error, &pub_rctl_bytes,
5728 &pub_rctl_chk, B_TRUE)) {
5729 goto release_minor;
5730 }
5731
5732 pri_attributes = STRUCT_FGETP(generate_key_pair, kp_private_attributes);
5733 if (!copyin_attributes(mode, sp, pri_count, pri_attributes,
5734 &k_pri_attrs, &k_pri_attrs_size, NULL, &rv, &error,
5735 &pri_rctl_bytes, &pri_rctl_chk, B_TRUE)) {
5736 goto release_minor;
5737 }
5738
5739 KCF_WRAP_KEY_OPS_PARAMS(&params, KCF_OP_KEY_GENERATE_PAIR,
5740 sp->sd_provider_session->ps_session, &mech, k_pub_attrs,
5741 pub_count, &pub_handle, k_pri_attrs, pri_count, &pri_handle,
5742 NULL, NULL, 0);
5743
5744 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
5745
5746 if (rv == CRYPTO_SUCCESS) {
5747 STRUCT_FSET(generate_key_pair, kp_public_handle, pub_handle);
5748 STRUCT_FSET(generate_key_pair, kp_private_handle, pri_handle);
5749 }
5750
5751 release_minor:
5752 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
5753 CRYPTO_DECREMENT_RCTL_SESSION(sp, pub_rctl_bytes, pub_rctl_chk);
5754 CRYPTO_DECREMENT_RCTL_SESSION(sp, pri_rctl_bytes, pri_rctl_chk);
5755
5756 if (k_pub_attrs != NULL)
5757 kmem_free(k_pub_attrs, k_pub_attrs_size);
5758
5759 if (k_pri_attrs != NULL)
5760 kmem_free(k_pri_attrs, k_pri_attrs_size);
5761
5762 if (error != 0)
5763 goto out;
5764
5765 STRUCT_FSET(generate_key_pair, kp_return_value, rv);
5766 if (copyout(STRUCT_BUF(generate_key_pair), arg,
5767 STRUCT_SIZE(generate_key_pair)) != 0) {
5768 if (rv == CRYPTO_SUCCESS) {
5769 KCF_WRAP_OBJECT_OPS_PARAMS(&params,
5770 KCF_OP_OBJECT_DESTROY,
5771 sp->sd_provider_session->ps_session, pub_handle,
5772 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
5773
5774 (void) kcf_submit_request(real_provider, NULL,
5775 NULL, &params, B_FALSE);
5776
5777 KCF_WRAP_OBJECT_OPS_PARAMS(&params,
5778 KCF_OP_OBJECT_DESTROY,
5779 sp->sd_provider_session->ps_session, pri_handle,
5780 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
5781
5782 (void) kcf_submit_request(real_provider, NULL,
5783 NULL, &params, B_FALSE);
5784
5785 error = EFAULT;
5786 }
5787 }
5788 out:
5789 CRYPTO_SESSION_RELE(sp);
5790 crypto_release_minor(cm);
5791
5792 if (real_provider != NULL) {
5793 crypto_free_mech(real_provider,
5794 allocated_by_crypto_module, &mech);
5795 KCF_PROV_REFRELE(real_provider);
5796 }
5797 return (error);
5798 }
5799
5800 /* ARGSUSED */
5801 static int
5802 nostore_generate_key_pair(dev_t dev, caddr_t arg, int mode, int *rval)
5803 {
5804 STRUCT_DECL(crypto_nostore_generate_key_pair, generate_key_pair);
5805 #ifdef _LP64
5806 STRUCT_DECL(crypto_object_attribute, oa);
5807 #else
5808 /* LINTED E_FUNC_SET_NOT_USED */
5809 STRUCT_DECL(crypto_object_attribute, oa);
5810 #endif
5811 kcf_provider_desc_t *real_provider = NULL;
5812 kcf_req_params_t params;
5813 crypto_mechanism_t mech;
5814 crypto_object_attribute_t *k_in_pub_attrs = NULL;
5815 crypto_object_attribute_t *k_in_pri_attrs = NULL;
5816 crypto_object_attribute_t *k_out_pub_attrs = NULL;
5817 crypto_object_attribute_t *k_out_pri_attrs = NULL;
5818 crypto_session_id_t session_id;
5819 crypto_minor_t *cm;
5820 crypto_session_data_t *sp = NULL;
5821 caddr_t in_pri_attributes;
5822 caddr_t in_pub_attributes;
5823 caddr_t out_pri_attributes;
5824 caddr_t out_pub_attributes;
5825 size_t k_in_pub_attrs_size, k_in_pri_attrs_size;
5826 size_t k_out_pub_attrs_size, k_out_pri_attrs_size;
5827 size_t mech_rctl_bytes = 0;
5828 boolean_t mech_rctl_chk = B_FALSE;
5829 size_t in_pub_rctl_bytes = 0;
5830 boolean_t in_pub_rctl_chk = B_FALSE;
5831 size_t in_pri_rctl_bytes = 0;
5832 boolean_t in_pri_rctl_chk = B_FALSE;
5833 size_t out_pub_rctl_bytes = 0;
5834 boolean_t out_pub_rctl_chk = B_FALSE;
5835 size_t out_pri_rctl_bytes = 0;
5836 boolean_t out_pri_rctl_chk = B_FALSE;
5837 uint_t in_pub_count;
5838 uint_t in_pri_count;
5839 uint_t out_pub_count;
5840 uint_t out_pri_count;
5841 int error = 0;
5842 int rv;
5843 boolean_t allocated_by_crypto_module = B_FALSE;
5844 caddr_t u_pub_attrs = NULL;
5845 caddr_t u_pri_attrs = NULL;
5846
5847 STRUCT_INIT(generate_key_pair, mode);
5848 STRUCT_INIT(oa, mode);
5849
5850 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
5851 cmn_err(CE_WARN,
5852 "nostore_generate_key_pair: failed holding minor");
5853 return (ENXIO);
5854 }
5855
5856 if (copyin(arg, STRUCT_BUF(generate_key_pair),
5857 STRUCT_SIZE(generate_key_pair)) != 0) {
5858 crypto_release_minor(cm);
5859 return (EFAULT);
5860 }
5861
5862 session_id = STRUCT_FGET(generate_key_pair, nkp_session);
5863
5864 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
5865 goto release_minor;
5866 }
5867
5868 bcopy(STRUCT_FADDR(generate_key_pair, nkp_mechanism), &mech.cm_type,
5869 sizeof (crypto_mech_type_t));
5870
5871 if ((rv = kcf_get_hardware_provider(mech.cm_type, NULL,
5872 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
5873 &real_provider, CRYPTO_FG_GENERATE_KEY_PAIR)) != CRYPTO_SUCCESS) {
5874 goto release_minor;
5875 }
5876
5877 rv = crypto_provider_copyin_mech_param(real_provider,
5878 STRUCT_FADDR(generate_key_pair, nkp_mechanism), &mech, mode,
5879 &error);
5880
5881 if (rv == CRYPTO_NOT_SUPPORTED) {
5882 allocated_by_crypto_module = B_TRUE;
5883 if (!copyin_mech(mode, sp, STRUCT_FADDR(generate_key_pair,
5884 nkp_mechanism), &mech, &mech_rctl_bytes,
5885 &mech_rctl_chk, &rv, &error)) {
5886 goto release_minor;
5887 }
5888 } else {
5889 if (rv != CRYPTO_SUCCESS)
5890 goto release_minor;
5891 }
5892
5893 in_pub_count = STRUCT_FGET(generate_key_pair, nkp_in_public_count);
5894 in_pri_count = STRUCT_FGET(generate_key_pair, nkp_in_private_count);
5895
5896 in_pub_attributes = STRUCT_FGETP(generate_key_pair,
5897 nkp_in_public_attributes);
5898 if (!copyin_attributes(mode, sp, in_pub_count, in_pub_attributes,
5899 &k_in_pub_attrs, &k_in_pub_attrs_size, NULL, &rv, &error,
5900 &in_pub_rctl_bytes, &in_pub_rctl_chk, B_TRUE)) {
5901 goto release_minor;
5902 }
5903
5904 in_pri_attributes = STRUCT_FGETP(generate_key_pair,
5905 nkp_in_private_attributes);
5906 if (!copyin_attributes(mode, sp, in_pri_count, in_pri_attributes,
5907 &k_in_pri_attrs, &k_in_pri_attrs_size, NULL, &rv, &error,
5908 &in_pri_rctl_bytes, &in_pri_rctl_chk, B_TRUE)) {
5909 goto release_minor;
5910 }
5911
5912 out_pub_count = STRUCT_FGET(generate_key_pair, nkp_out_public_count);
5913 out_pri_count = STRUCT_FGET(generate_key_pair, nkp_out_private_count);
5914
5915 out_pub_attributes = STRUCT_FGETP(generate_key_pair,
5916 nkp_out_public_attributes);
5917 if (!copyin_attributes(mode, sp, out_pub_count, out_pub_attributes,
5918 &k_out_pub_attrs, &k_out_pub_attrs_size, &u_pub_attrs, &rv, &error,
5919 &out_pub_rctl_bytes, &out_pub_rctl_chk, B_FALSE)) {
5920 goto release_minor;
5921 }
5922
5923 out_pri_attributes = STRUCT_FGETP(generate_key_pair,
5924 nkp_out_private_attributes);
5925 if (!copyin_attributes(mode, sp, out_pri_count, out_pri_attributes,
5926 &k_out_pri_attrs, &k_out_pri_attrs_size, &u_pri_attrs, &rv, &error,
5927 &out_pri_rctl_bytes, &out_pri_rctl_chk, B_FALSE)) {
5928 goto release_minor;
5929 }
5930
5931 KCF_WRAP_NOSTORE_KEY_OPS_PARAMS(&params, KCF_OP_KEY_GENERATE_PAIR,
5932 sp->sd_provider_session->ps_session, &mech, k_in_pub_attrs,
5933 in_pub_count, k_in_pri_attrs, in_pri_count, NULL, k_out_pub_attrs,
5934 out_pub_count, k_out_pri_attrs, out_pri_count);
5935
5936 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
5937
5938 if (rv == CRYPTO_SUCCESS) {
5939 error = copyout_attributes(mode, out_pub_attributes,
5940 out_pub_count, k_out_pub_attrs, u_pub_attrs);
5941 if (error != CRYPTO_SUCCESS)
5942 goto release_minor;
5943 error = copyout_attributes(mode, out_pri_attributes,
5944 out_pri_count, k_out_pri_attrs, u_pri_attrs);
5945 }
5946
5947 release_minor:
5948 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
5949 CRYPTO_DECREMENT_RCTL_SESSION(sp, in_pub_rctl_bytes, in_pub_rctl_chk);
5950 CRYPTO_DECREMENT_RCTL_SESSION(sp, in_pri_rctl_bytes, in_pri_rctl_chk);
5951 CRYPTO_DECREMENT_RCTL_SESSION(sp, out_pub_rctl_bytes,
5952 out_pub_rctl_chk);
5953 CRYPTO_DECREMENT_RCTL_SESSION(sp, out_pri_rctl_bytes,
5954 out_pri_rctl_chk);
5955
5956 if (k_in_pub_attrs != NULL)
5957 kmem_free(k_in_pub_attrs, k_in_pub_attrs_size);
5958
5959 if (k_in_pri_attrs != NULL)
5960 kmem_free(k_in_pri_attrs, k_in_pri_attrs_size);
5961
5962 if (k_out_pub_attrs != NULL)
5963 kmem_free(k_out_pub_attrs, k_out_pub_attrs_size);
5964
5965 if (k_out_pri_attrs != NULL) {
5966 bzero(k_out_pri_attrs, k_out_pri_attrs_size);
5967 kmem_free(k_out_pri_attrs, k_out_pri_attrs_size);
5968 }
5969
5970 if (u_pub_attrs != NULL)
5971 kmem_free(u_pub_attrs, out_pub_count * STRUCT_SIZE(oa));
5972
5973 if (u_pri_attrs != NULL)
5974 kmem_free(u_pri_attrs, out_pri_count * STRUCT_SIZE(oa));
5975
5976 if (error != 0)
5977 goto out;
5978
5979 STRUCT_FSET(generate_key_pair, nkp_return_value, rv);
5980 if (copyout(STRUCT_BUF(generate_key_pair), arg,
5981 STRUCT_SIZE(generate_key_pair)) != 0) {
5982 error = EFAULT;
5983 }
5984 out:
5985 CRYPTO_SESSION_RELE(sp);
5986 crypto_release_minor(cm);
5987
5988 if (real_provider != NULL) {
5989 crypto_free_mech(real_provider,
5990 allocated_by_crypto_module, &mech);
5991 KCF_PROV_REFRELE(real_provider);
5992 }
5993 return (error);
5994 }
5995
5996 /* ARGSUSED */
5997 static int
5998 object_wrap_key(dev_t dev, caddr_t arg, int mode, int *rval)
5999 {
6000 STRUCT_DECL(crypto_object_wrap_key, wrap_key);
6001 kcf_provider_desc_t *real_provider = NULL;
6002 kcf_req_params_t params;
6003 crypto_mechanism_t mech;
6004 crypto_key_t key;
6005 crypto_session_id_t session_id;
6006 crypto_minor_t *cm;
6007 crypto_session_data_t *sp = NULL;
6008 crypto_object_id_t handle;
6009 size_t mech_rctl_bytes = 0, key_rctl_bytes = 0;
6010 boolean_t mech_rctl_chk = B_FALSE;
6011 boolean_t key_rctl_chk = B_FALSE;
6012 size_t wrapped_key_rctl_bytes = 0;
6013 boolean_t wrapped_key_rctl_chk = B_FALSE;
6014 size_t wrapped_key_len, new_wrapped_key_len;
6015 uchar_t *wrapped_key = NULL;
6016 char *wrapped_key_buffer;
6017 int error = 0;
6018 int rv;
6019 boolean_t allocated_by_crypto_module = B_FALSE;
6020
6021 STRUCT_INIT(wrap_key, mode);
6022
6023 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
6024 cmn_err(CE_WARN, "object_wrap_key: failed holding minor");
6025 return (ENXIO);
6026 }
6027
6028 if (copyin(arg, STRUCT_BUF(wrap_key), STRUCT_SIZE(wrap_key)) != 0) {
6029 crypto_release_minor(cm);
6030 return (EFAULT);
6031 }
6032
6033 bzero(&key, sizeof (crypto_key_t));
6034
6035 session_id = STRUCT_FGET(wrap_key, wk_session);
6036
6037 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
6038 goto out;
6039 }
6040
6041 bcopy(STRUCT_FADDR(wrap_key, wk_mechanism), &mech.cm_type,
6042 sizeof (crypto_mech_type_t));
6043
6044 /* We need the key length for provider selection so copy it in now. */
6045 if (!copyin_key(mode, sp, STRUCT_FADDR(wrap_key, wk_wrapping_key), &key,
6046 &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
6047 goto out;
6048 }
6049
6050 wrapped_key_len = STRUCT_FGET(wrap_key, wk_wrapped_key_len);
6051
6052 if ((rv = kcf_get_hardware_provider(mech.cm_type, &key,
6053 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
6054 &real_provider, CRYPTO_FG_WRAP)) != CRYPTO_SUCCESS) {
6055 goto out;
6056 }
6057
6058 rv = crypto_provider_copyin_mech_param(real_provider,
6059 STRUCT_FADDR(wrap_key, wk_mechanism), &mech, mode, &error);
6060
6061 if (rv == CRYPTO_NOT_SUPPORTED) {
6062 allocated_by_crypto_module = B_TRUE;
6063 if (!copyin_mech(mode, sp, STRUCT_FADDR(wrap_key, wk_mechanism),
6064 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
6065 goto out;
6066 }
6067 } else {
6068 if (rv != CRYPTO_SUCCESS)
6069 goto out;
6070 }
6071
6072 /*
6073 * Don't allocate output buffer unless both buffer pointer and
6074 * buffer length are not NULL or 0 (length).
6075 */
6076 wrapped_key_buffer = STRUCT_FGETP(wrap_key, wk_wrapped_key);
6077 if (wrapped_key_buffer == NULL || wrapped_key_len == 0) {
6078 wrapped_key_len = 0;
6079 }
6080
6081 if (wrapped_key_len > crypto_max_buffer_len) {
6082 cmn_err(CE_NOTE, "object_wrap_key: buffer greater than %ld "
6083 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
6084 rv = CRYPTO_ARGUMENTS_BAD;
6085 goto out;
6086 }
6087
6088 if ((rv = CRYPTO_BUFFER_CHECK(sp, wrapped_key_len,
6089 wrapped_key_rctl_chk)) != CRYPTO_SUCCESS) {
6090 goto out;
6091 }
6092
6093 /* new_wrapped_key_len can be modified by the provider */
6094 wrapped_key_rctl_bytes = new_wrapped_key_len = wrapped_key_len;
6095 wrapped_key = kmem_alloc(wrapped_key_len, KM_SLEEP);
6096
6097 handle = STRUCT_FGET(wrap_key, wk_object_handle);
6098 KCF_WRAP_KEY_OPS_PARAMS(&params, KCF_OP_KEY_WRAP,
6099 sp->sd_provider_session->ps_session, &mech, NULL, 0, &handle,
6100 NULL, 0, NULL, &key, wrapped_key, &new_wrapped_key_len);
6101
6102 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
6103
6104 if (rv == CRYPTO_SUCCESS) {
6105 if (wrapped_key_len != 0 && copyout(wrapped_key,
6106 wrapped_key_buffer, new_wrapped_key_len) != 0) {
6107 error = EFAULT;
6108 }
6109 STRUCT_FSET(wrap_key, wk_wrapped_key_len,
6110 (ulong_t)new_wrapped_key_len);
6111 }
6112
6113 if (rv == CRYPTO_BUFFER_TOO_SMALL) {
6114 /*
6115 * The providers return CRYPTO_BUFFER_TOO_SMALL even for case 1
6116 * of section 11.2 of the pkcs11 spec. We catch it here and
6117 * provide the correct pkcs11 return value.
6118 */
6119 if (STRUCT_FGETP(wrap_key, wk_wrapped_key) == NULL)
6120 rv = CRYPTO_SUCCESS;
6121 STRUCT_FSET(wrap_key, wk_wrapped_key_len,
6122 (ulong_t)new_wrapped_key_len);
6123 }
6124
6125 out:
6126 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
6127 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
6128 CRYPTO_DECREMENT_RCTL_SESSION(sp, wrapped_key_rctl_bytes,
6129 wrapped_key_rctl_chk);
6130 CRYPTO_SESSION_RELE(sp);
6131
6132 crypto_release_minor(cm);
6133
6134 if (real_provider != NULL) {
6135 crypto_free_mech(real_provider,
6136 allocated_by_crypto_module, &mech);
6137 KCF_PROV_REFRELE(real_provider);
6138 }
6139
6140 if (wrapped_key != NULL)
6141 kmem_free(wrapped_key, wrapped_key_len);
6142
6143 free_crypto_key(&key);
6144
6145 if (error != 0)
6146 return (error);
6147
6148 STRUCT_FSET(wrap_key, wk_return_value, rv);
6149 if (copyout(STRUCT_BUF(wrap_key), arg, STRUCT_SIZE(wrap_key)) != 0) {
6150 return (EFAULT);
6151 }
6152 return (0);
6153 }
6154
6155 /* ARGSUSED */
6156 static int
6157 object_unwrap_key(dev_t dev, caddr_t arg, int mode, int *rval)
6158 {
6159 STRUCT_DECL(crypto_object_unwrap_key, unwrap_key);
6160 kcf_provider_desc_t *real_provider = NULL;
6161 kcf_req_params_t params;
6162 crypto_mechanism_t mech;
6163 crypto_key_t unwrapping_key;
6164 crypto_session_id_t session_id;
6165 crypto_minor_t *cm;
6166 crypto_session_data_t *sp = NULL;
6167 crypto_object_id_t handle;
6168 crypto_object_attribute_t *k_attrs = NULL;
6169 size_t k_attrs_size;
6170 size_t mech_rctl_bytes = 0, unwrapping_key_rctl_bytes = 0;
6171 boolean_t mech_rctl_chk = B_FALSE;
6172 boolean_t unwrapping_key_rctl_chk = B_FALSE;
6173 size_t wrapped_key_rctl_bytes = 0, k_attrs_rctl_bytes = 0;
6174 boolean_t wrapped_key_rctl_chk = B_FALSE;
6175 boolean_t k_attrs_rctl_chk = B_FALSE;
6176 size_t wrapped_key_len;
6177 uchar_t *wrapped_key = NULL;
6178 int error = 0;
6179 int rv;
6180 uint_t count;
6181 caddr_t uk_attributes;
6182 boolean_t allocated_by_crypto_module = B_FALSE;
6183
6184 STRUCT_INIT(unwrap_key, mode);
6185
6186 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
6187 cmn_err(CE_WARN, "object_unwrap_key: failed holding minor");
6188 return (ENXIO);
6189 }
6190
6191 if (copyin(arg, STRUCT_BUF(unwrap_key), STRUCT_SIZE(unwrap_key)) != 0) {
6192 crypto_release_minor(cm);
6193 return (EFAULT);
6194 }
6195
6196 bzero(&unwrapping_key, sizeof (unwrapping_key));
6197
6198 session_id = STRUCT_FGET(unwrap_key, uk_session);
6199
6200 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
6201 goto release_minor;
6202 }
6203
6204 bcopy(STRUCT_FADDR(unwrap_key, uk_mechanism), &mech.cm_type,
6205 sizeof (crypto_mech_type_t));
6206
6207 /* We need the key length for provider selection so copy it in now. */
6208 if (!copyin_key(mode, sp, STRUCT_FADDR(unwrap_key, uk_unwrapping_key),
6209 &unwrapping_key, &unwrapping_key_rctl_bytes,
6210 &unwrapping_key_rctl_chk, &rv, &error)) {
6211 goto release_minor;
6212 }
6213
6214 if ((rv = kcf_get_hardware_provider(mech.cm_type, &unwrapping_key,
6215 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
6216 &real_provider, CRYPTO_FG_UNWRAP)) != CRYPTO_SUCCESS) {
6217 goto release_minor;
6218 }
6219
6220 rv = crypto_provider_copyin_mech_param(real_provider,
6221 STRUCT_FADDR(unwrap_key, uk_mechanism), &mech, mode, &error);
6222
6223 if (rv == CRYPTO_NOT_SUPPORTED) {
6224 allocated_by_crypto_module = B_TRUE;
6225 if (!copyin_mech(mode, sp,
6226 STRUCT_FADDR(unwrap_key, uk_mechanism),
6227 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
6228 goto release_minor;
6229 }
6230 } else {
6231 if (rv != CRYPTO_SUCCESS)
6232 goto release_minor;
6233 }
6234
6235 count = STRUCT_FGET(unwrap_key, uk_count);
6236 uk_attributes = STRUCT_FGETP(unwrap_key, uk_attributes);
6237 if (!copyin_attributes(mode, sp, count, uk_attributes, &k_attrs,
6238 &k_attrs_size, NULL, &rv, &error, &k_attrs_rctl_bytes,
6239 &k_attrs_rctl_chk, B_TRUE)) {
6240 goto release_minor;
6241 }
6242
6243 wrapped_key_len = STRUCT_FGET(unwrap_key, uk_wrapped_key_len);
6244 if (wrapped_key_len > crypto_max_buffer_len) {
6245 cmn_err(CE_NOTE, "object_unwrap_key: buffer greater than %ld "
6246 "bytes, pid = %d", crypto_max_buffer_len, curproc->p_pid);
6247 rv = CRYPTO_ARGUMENTS_BAD;
6248 goto release_minor;
6249 }
6250
6251 if ((rv = CRYPTO_BUFFER_CHECK(sp, wrapped_key_len,
6252 wrapped_key_rctl_chk)) != CRYPTO_SUCCESS) {
6253 goto release_minor;
6254 }
6255 wrapped_key_rctl_bytes = wrapped_key_len;
6256 wrapped_key = kmem_alloc(wrapped_key_len, KM_SLEEP);
6257
6258 if (wrapped_key_len != 0 && copyin(STRUCT_FGETP(unwrap_key,
6259 uk_wrapped_key), wrapped_key, wrapped_key_len) != 0) {
6260 error = EFAULT;
6261 goto release_minor;
6262 }
6263
6264 /* wrapped_key_len is not modified by the unwrap operation */
6265 KCF_WRAP_KEY_OPS_PARAMS(&params, KCF_OP_KEY_UNWRAP,
6266 sp->sd_provider_session->ps_session, &mech, k_attrs, count, &handle,
6267 NULL, 0, NULL, &unwrapping_key, wrapped_key, &wrapped_key_len);
6268
6269 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
6270
6271 if (rv == CRYPTO_SUCCESS)
6272 STRUCT_FSET(unwrap_key, uk_object_handle, handle);
6273
6274 release_minor:
6275 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
6276 CRYPTO_DECREMENT_RCTL_SESSION(sp, unwrapping_key_rctl_bytes,
6277 unwrapping_key_rctl_chk);
6278 CRYPTO_DECREMENT_RCTL_SESSION(sp, wrapped_key_rctl_bytes,
6279 wrapped_key_rctl_chk);
6280 CRYPTO_DECREMENT_RCTL_SESSION(sp, k_attrs_rctl_bytes,
6281 k_attrs_rctl_chk);
6282
6283 if (k_attrs != NULL)
6284 kmem_free(k_attrs, k_attrs_size);
6285
6286 if (wrapped_key != NULL)
6287 kmem_free(wrapped_key, wrapped_key_len);
6288
6289 free_crypto_key(&unwrapping_key);
6290
6291 if (error != 0)
6292 goto out;
6293
6294 STRUCT_FSET(unwrap_key, uk_return_value, rv);
6295 if (copyout(STRUCT_BUF(unwrap_key), arg,
6296 STRUCT_SIZE(unwrap_key)) != 0) {
6297 if (rv == CRYPTO_SUCCESS) {
6298 KCF_WRAP_OBJECT_OPS_PARAMS(&params,
6299 KCF_OP_OBJECT_DESTROY,
6300 sp->sd_provider_session->ps_session, handle,
6301 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
6302
6303 (void) kcf_submit_request(real_provider, NULL,
6304 NULL, &params, B_FALSE);
6305
6306 error = EFAULT;
6307 }
6308 }
6309 out:
6310 CRYPTO_SESSION_RELE(sp);
6311 crypto_release_minor(cm);
6312
6313 if (real_provider != NULL) {
6314 crypto_free_mech(real_provider,
6315 allocated_by_crypto_module, &mech);
6316 KCF_PROV_REFRELE(real_provider);
6317 }
6318
6319 return (error);
6320 }
6321
6322 /* ARGSUSED */
6323 static int
6324 object_derive_key(dev_t dev, caddr_t arg, int mode, int *rval)
6325 {
6326 STRUCT_DECL(crypto_derive_key, derive_key);
6327 kcf_provider_desc_t *real_provider = NULL;
6328 kcf_req_params_t params;
6329 crypto_object_attribute_t *k_attrs = NULL;
6330 crypto_mechanism_t mech;
6331 crypto_key_t base_key;
6332 crypto_session_id_t session_id;
6333 crypto_minor_t *cm;
6334 crypto_session_data_t *sp = NULL;
6335 crypto_object_id_t handle;
6336 size_t k_attrs_size;
6337 size_t key_rctl_bytes = 0, mech_rctl_bytes = 0;
6338 boolean_t mech_rctl_chk = B_FALSE;
6339 boolean_t key_rctl_chk = B_FALSE;
6340 size_t attributes_rctl_bytes = 0;
6341 boolean_t attributes_rctl_chk = B_FALSE;
6342 caddr_t attributes;
6343 uint_t count;
6344 int error = 0;
6345 int rv;
6346 boolean_t allocated_by_crypto_module = B_FALSE;
6347 boolean_t please_destroy_object = B_FALSE;
6348
6349 STRUCT_INIT(derive_key, mode);
6350
6351 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
6352 cmn_err(CE_WARN, "object_derive_key: failed holding minor");
6353 return (ENXIO);
6354 }
6355
6356 if (copyin(arg, STRUCT_BUF(derive_key), STRUCT_SIZE(derive_key)) != 0) {
6357 crypto_release_minor(cm);
6358 return (EFAULT);
6359 }
6360
6361 bzero(&base_key, sizeof (base_key));
6362
6363 session_id = STRUCT_FGET(derive_key, dk_session);
6364
6365 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
6366 goto release_minor;
6367 }
6368
6369 bcopy(STRUCT_FADDR(derive_key, dk_mechanism), &mech.cm_type,
6370 sizeof (crypto_mech_type_t));
6371
6372 /* We need the key length for provider selection so copy it in now. */
6373 if (!copyin_key(mode, sp, STRUCT_FADDR(derive_key, dk_base_key),
6374 &base_key, &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
6375 goto release_minor;
6376 }
6377
6378 if ((rv = kcf_get_hardware_provider(mech.cm_type, &base_key,
6379 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
6380 &real_provider, CRYPTO_FG_DERIVE)) != CRYPTO_SUCCESS) {
6381 goto release_minor;
6382 }
6383
6384 rv = crypto_provider_copyin_mech_param(real_provider,
6385 STRUCT_FADDR(derive_key, dk_mechanism), &mech, mode, &error);
6386
6387 if (rv == CRYPTO_NOT_SUPPORTED) {
6388 allocated_by_crypto_module = B_TRUE;
6389 if (!copyin_mech(mode, sp,
6390 STRUCT_FADDR(derive_key, dk_mechanism),
6391 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
6392 goto release_minor;
6393 }
6394 } else {
6395 if (rv != CRYPTO_SUCCESS)
6396 goto release_minor;
6397 }
6398
6399 count = STRUCT_FGET(derive_key, dk_count);
6400
6401 attributes = STRUCT_FGETP(derive_key, dk_attributes);
6402 if (!copyin_attributes(mode, sp, count, attributes, &k_attrs,
6403 &k_attrs_size, NULL, &rv, &error,
6404 &attributes_rctl_bytes, &attributes_rctl_chk, B_TRUE)) {
6405 goto release_minor;
6406 }
6407
6408 KCF_WRAP_KEY_OPS_PARAMS(&params, KCF_OP_KEY_DERIVE,
6409 sp->sd_provider_session->ps_session, &mech, k_attrs, count,
6410 &handle, NULL, 0, NULL, &base_key, NULL, NULL);
6411
6412 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
6413
6414 if (rv == CRYPTO_SUCCESS) {
6415 STRUCT_FSET(derive_key, dk_object_handle, handle);
6416
6417 rv = crypto_provider_copyout_mech_param(real_provider,
6418 &mech, STRUCT_FADDR(derive_key, dk_mechanism),
6419 mode, &error);
6420
6421 if (rv == CRYPTO_NOT_SUPPORTED) {
6422 rv = CRYPTO_SUCCESS;
6423 goto release_minor;
6424 }
6425
6426 if (rv != CRYPTO_SUCCESS)
6427 please_destroy_object = B_TRUE;
6428 }
6429
6430 release_minor:
6431 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
6432 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
6433 CRYPTO_DECREMENT_RCTL_SESSION(sp, attributes_rctl_bytes,
6434 attributes_rctl_chk);
6435
6436 if (k_attrs != NULL)
6437 kmem_free(k_attrs, k_attrs_size);
6438
6439 free_crypto_key(&base_key);
6440
6441 if (error != 0)
6442 goto out;
6443
6444 STRUCT_FSET(derive_key, dk_return_value, rv);
6445 if (copyout(STRUCT_BUF(derive_key), arg,
6446 STRUCT_SIZE(derive_key)) != 0) {
6447 if (rv == CRYPTO_SUCCESS) {
6448 please_destroy_object = B_TRUE;
6449 error = EFAULT;
6450 }
6451 }
6452 out:
6453 if (please_destroy_object) {
6454 KCF_WRAP_OBJECT_OPS_PARAMS(&params, KCF_OP_OBJECT_DESTROY,
6455 sp->sd_provider_session->ps_session, handle,
6456 NULL, 0, NULL, 0, NULL, NULL, 0, NULL);
6457
6458 (void) kcf_submit_request(real_provider, NULL,
6459 NULL, &params, B_FALSE);
6460 }
6461
6462 CRYPTO_SESSION_RELE(sp);
6463 crypto_release_minor(cm);
6464
6465 if (real_provider != NULL) {
6466 crypto_free_mech(real_provider,
6467 allocated_by_crypto_module, &mech);
6468 KCF_PROV_REFRELE(real_provider);
6469 }
6470 return (error);
6471 }
6472
6473 /* ARGSUSED */
6474 static int
6475 nostore_derive_key(dev_t dev, caddr_t arg, int mode, int *rval)
6476 {
6477 STRUCT_DECL(crypto_nostore_derive_key, derive_key);
6478 #ifdef _LP64
6479 STRUCT_DECL(crypto_object_attribute, oa);
6480 #else
6481 /* LINTED E_FUNC_SET_NOT_USED */
6482 STRUCT_DECL(crypto_object_attribute, oa);
6483 #endif
6484 kcf_provider_desc_t *real_provider = NULL;
6485 kcf_req_params_t params;
6486 crypto_object_attribute_t *k_in_attrs = NULL;
6487 crypto_object_attribute_t *k_out_attrs = NULL;
6488 crypto_mechanism_t mech;
6489 crypto_key_t base_key;
6490 crypto_session_id_t session_id;
6491 crypto_minor_t *cm;
6492 crypto_session_data_t *sp = NULL;
6493 size_t k_in_attrs_size, k_out_attrs_size;
6494 size_t key_rctl_bytes = 0, mech_rctl_bytes = 0;
6495 boolean_t mech_rctl_chk = B_FALSE;
6496 boolean_t key_rctl_chk = B_FALSE;
6497 size_t in_attributes_rctl_bytes = 0;
6498 size_t out_attributes_rctl_bytes = 0;
6499 boolean_t in_attributes_rctl_chk = B_FALSE;
6500 boolean_t out_attributes_rctl_chk = B_FALSE;
6501 caddr_t in_attributes, out_attributes;
6502 uint_t in_count, out_count;
6503 int error = 0;
6504 int rv;
6505 boolean_t allocated_by_crypto_module = B_FALSE;
6506 caddr_t u_attrs = NULL;
6507
6508 STRUCT_INIT(derive_key, mode);
6509 STRUCT_INIT(oa, mode);
6510
6511 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
6512 cmn_err(CE_WARN, "nostore_derive_key: failed holding minor");
6513 return (ENXIO);
6514 }
6515
6516 if (copyin(arg, STRUCT_BUF(derive_key), STRUCT_SIZE(derive_key)) != 0) {
6517 crypto_release_minor(cm);
6518 return (EFAULT);
6519 }
6520
6521 bzero(&base_key, sizeof (base_key));
6522
6523 session_id = STRUCT_FGET(derive_key, ndk_session);
6524
6525 if (!get_session_ptr(session_id, cm, &sp, &error, &rv)) {
6526 goto release_minor;
6527 }
6528
6529 bcopy(STRUCT_FADDR(derive_key, ndk_mechanism), &mech.cm_type,
6530 sizeof (crypto_mech_type_t));
6531
6532 /* We need the key length for provider selection so copy it in now. */
6533 if (!copyin_key(mode, sp, STRUCT_FADDR(derive_key, ndk_base_key),
6534 &base_key, &key_rctl_bytes, &key_rctl_chk, &rv, &error)) {
6535 goto release_minor;
6536 }
6537
6538 if ((rv = kcf_get_hardware_provider(mech.cm_type, &base_key,
6539 CRYPTO_MECH_INVALID, NULL, sp->sd_provider,
6540 &real_provider, CRYPTO_FG_DERIVE)) != CRYPTO_SUCCESS) {
6541 goto release_minor;
6542 }
6543
6544 rv = crypto_provider_copyin_mech_param(real_provider,
6545 STRUCT_FADDR(derive_key, ndk_mechanism), &mech, mode, &error);
6546
6547 if (rv == CRYPTO_NOT_SUPPORTED) {
6548 allocated_by_crypto_module = B_TRUE;
6549 if (!copyin_mech(mode, sp,
6550 STRUCT_FADDR(derive_key, ndk_mechanism),
6551 &mech, &mech_rctl_bytes, &mech_rctl_chk, &rv, &error)) {
6552 goto release_minor;
6553 }
6554 } else {
6555 if (rv != CRYPTO_SUCCESS)
6556 goto release_minor;
6557 }
6558
6559 in_count = STRUCT_FGET(derive_key, ndk_in_count);
6560 out_count = STRUCT_FGET(derive_key, ndk_out_count);
6561
6562 in_attributes = STRUCT_FGETP(derive_key, ndk_in_attributes);
6563 if (!copyin_attributes(mode, sp, in_count, in_attributes, &k_in_attrs,
6564 &k_in_attrs_size, NULL, &rv, &error, &in_attributes_rctl_bytes,
6565 &in_attributes_rctl_chk, B_TRUE)) {
6566 goto release_minor;
6567 }
6568
6569 out_attributes = STRUCT_FGETP(derive_key, ndk_out_attributes);
6570 if (!copyin_attributes(mode, sp, out_count, out_attributes,
6571 &k_out_attrs, &k_out_attrs_size, &u_attrs, &rv, &error,
6572 &out_attributes_rctl_bytes,
6573 &out_attributes_rctl_chk, B_FALSE)) {
6574 goto release_minor;
6575 }
6576
6577 KCF_WRAP_NOSTORE_KEY_OPS_PARAMS(&params, KCF_OP_KEY_DERIVE,
6578 sp->sd_provider_session->ps_session, &mech, k_in_attrs, in_count,
6579 NULL, 0, &base_key, k_out_attrs, out_count, NULL, 0);
6580
6581 rv = kcf_submit_request(real_provider, NULL, NULL, &params, B_FALSE);
6582
6583 if (rv == CRYPTO_SUCCESS) {
6584 rv = crypto_provider_copyout_mech_param(real_provider,
6585 &mech, STRUCT_FADDR(derive_key, ndk_mechanism),
6586 mode, &error);
6587
6588 if (rv == CRYPTO_NOT_SUPPORTED) {
6589 rv = CRYPTO_SUCCESS;
6590 }
6591 /* copyout the derived secret */
6592 if (copyout_attributes(mode, out_attributes, out_count,
6593 k_out_attrs, u_attrs) != 0)
6594 error = EFAULT;
6595 }
6596
6597 release_minor:
6598 CRYPTO_DECREMENT_RCTL_SESSION(sp, mech_rctl_bytes, mech_rctl_chk);
6599 CRYPTO_DECREMENT_RCTL_SESSION(sp, key_rctl_bytes, key_rctl_chk);
6600 CRYPTO_DECREMENT_RCTL_SESSION(sp, in_attributes_rctl_bytes,
6601 in_attributes_rctl_chk);
6602 CRYPTO_DECREMENT_RCTL_SESSION(sp, out_attributes_rctl_bytes,
6603 out_attributes_rctl_chk);
6604
6605 if (k_in_attrs != NULL)
6606 kmem_free(k_in_attrs, k_in_attrs_size);
6607 if (k_out_attrs != NULL) {
6608 bzero(k_out_attrs, k_out_attrs_size);
6609 kmem_free(k_out_attrs, k_out_attrs_size);
6610 }
6611
6612 if (u_attrs != NULL)
6613 kmem_free(u_attrs, out_count * STRUCT_SIZE(oa));
6614
6615 free_crypto_key(&base_key);
6616
6617 if (error != 0)
6618 goto out;
6619
6620 STRUCT_FSET(derive_key, ndk_return_value, rv);
6621 if (copyout(STRUCT_BUF(derive_key), arg,
6622 STRUCT_SIZE(derive_key)) != 0) {
6623 error = EFAULT;
6624 }
6625 out:
6626 CRYPTO_SESSION_RELE(sp);
6627 crypto_release_minor(cm);
6628
6629 if (real_provider != NULL) {
6630 crypto_free_mech(real_provider,
6631 allocated_by_crypto_module, &mech);
6632 KCF_PROV_REFRELE(real_provider);
6633 }
6634 return (error);
6635 }
6636
6637 static int
6638 get_provider_by_mech(dev_t dev, caddr_t arg, int mode, int *rval)
6639 {
6640 _NOTE(ARGUNUSED(mode, rval))
6641 kcf_mech_entry_t *me;
6642 kcf_provider_desc_t *pd;
6643 crypto_key_t key;
6644 crypto_by_mech_t mech;
6645 crypto_provider_session_t *ps;
6646 crypto_minor_t *cm;
6647 int rv, error;
6648
6649 if ((cm = crypto_hold_minor(getminor(dev))) == NULL) {
6650 cmn_err(CE_WARN, "get_provider_by_mech: failed holding minor");
6651 return (ENXIO);
6652 }
6653
6654 bzero(&key, sizeof (key));
6655 key.ck_format = CRYPTO_KEY_RAW;
6656
6657 if (copyin(arg, &mech, sizeof (mech)) != 0) {
6658 crypto_release_minor(cm);
6659 return (EFAULT);
6660 }
6661
6662 key.ck_length = mech.mech_keylen;
6663 /* pd is returned held */
6664 if ((pd = kcf_get_mech_provider(mech.mech_type, &key, &me, &error,
6665 NULL, mech.mech_fg, 0)) == NULL) {
6666 rv = error;
6667 goto release_minor;
6668 }
6669
6670 /* don't want to allow direct access to software providers */
6671 if (pd->pd_prov_type == CRYPTO_SW_PROVIDER) {
6672 rv = CRYPTO_MECHANISM_INVALID;
6673 KCF_PROV_REFRELE(pd);
6674 cmn_err(CE_WARN, "software mech_type given");
6675 goto release_minor;
6676 }
6677
6678 mutex_enter(&cm->cm_lock);
6679 if ((rv = crypto_create_provider_session(cm, pd, pd->pd_sid, &ps, NULL))
6680 == CRYPTO_SUCCESS)
6681 rv = crypto_create_session_ptr(cm, pd, ps, &mech.session_id);
6682
6683 mutex_exit(&cm->cm_lock);
6684 release_minor:
6685 crypto_release_minor(cm);
6686 mech.rv = rv;
6687 if (copyout(&mech, arg, sizeof (mech)) != 0)
6688 return (EFAULT);
6689
6690 return (rv);
6691 }
6692
6693 /* ARGSUSED */
6694 static int
6695 crypto_ioctl(dev_t dev, int cmd, intptr_t arg, int mode, cred_t *c,
6696 int *rval)
6697 {
6698 #define ARG ((caddr_t)arg)
6699
6700 switch (cmd) {
6701 case CRYPTO_GET_FUNCTION_LIST:
6702 return (get_function_list(dev, ARG, mode, rval));
6703
6704 case CRYPTO_GET_MECHANISM_NUMBER:
6705 return (get_mechanism_number(dev, ARG, mode, rval));
6706
6707 case CRYPTO_GET_MECHANISM_LIST:
6708 return (get_mechanism_list(dev, ARG, mode, rval));
6709
6710 case CRYPTO_GET_ALL_MECHANISM_INFO:
6711 return (get_all_mechanism_info(dev, ARG, mode, rval));
6712
6713 case CRYPTO_GET_PROVIDER_LIST:
6714 return (get_provider_list(dev, ARG, mode, rval));
6715
6716 case CRYPTO_GET_PROVIDER_BY_MECH:
6717 return (get_provider_by_mech(dev, ARG, mode, rval));
6718
6719 case CRYPTO_GET_PROVIDER_INFO:
6720 return (get_provider_info(dev, ARG, mode, rval));
6721
6722 case CRYPTO_GET_PROVIDER_MECHANISMS:
6723 return (get_provider_mechanisms(dev, ARG, mode, rval));
6724
6725 case CRYPTO_GET_PROVIDER_MECHANISM_INFO:
6726 return (get_provider_mechanism_info(dev, ARG, mode, rval));
6727
6728 case CRYPTO_OPEN_SESSION:
6729 return (open_session(dev, ARG, mode, rval));
6730
6731 case CRYPTO_CLOSE_SESSION:
6732 return (close_session(dev, ARG, mode, rval));
6733
6734 case CRYPTO_ENCRYPT_INIT:
6735 return (encrypt_init(dev, ARG, mode, rval));
6736
6737 case CRYPTO_DECRYPT_INIT:
6738 return (decrypt_init(dev, ARG, mode, rval));
6739
6740 case CRYPTO_ENCRYPT:
6741 return (encrypt(dev, ARG, mode, rval));
6742
6743 case CRYPTO_DECRYPT:
6744 return (decrypt(dev, ARG, mode, rval));
6745
6746 case CRYPTO_ENCRYPT_UPDATE:
6747 return (encrypt_update(dev, ARG, mode, rval));
6748
6749 case CRYPTO_DECRYPT_UPDATE:
6750 return (decrypt_update(dev, ARG, mode, rval));
6751
6752 case CRYPTO_ENCRYPT_FINAL:
6753 return (encrypt_final(dev, ARG, mode, rval));
6754
6755 case CRYPTO_DECRYPT_FINAL:
6756 return (decrypt_final(dev, ARG, mode, rval));
6757
6758 case CRYPTO_DIGEST_INIT:
6759 return (digest_init(dev, ARG, mode, rval));
6760
6761 case CRYPTO_DIGEST:
6762 return (digest(dev, ARG, mode, rval));
6763
6764 case CRYPTO_DIGEST_UPDATE:
6765 return (digest_update(dev, ARG, mode, rval));
6766
6767 case CRYPTO_DIGEST_KEY:
6768 return (digest_key(dev, ARG, mode, rval));
6769
6770 case CRYPTO_DIGEST_FINAL:
6771 return (digest_final(dev, ARG, mode, rval));
6772
6773 case CRYPTO_SIGN_INIT:
6774 return (sign_init(dev, ARG, mode, rval));
6775
6776 case CRYPTO_SIGN:
6777 return (sign(dev, ARG, mode, rval));
6778
6779 case CRYPTO_SIGN_UPDATE:
6780 return (sign_update(dev, ARG, mode, rval));
6781
6782 case CRYPTO_SIGN_FINAL:
6783 return (sign_final(dev, ARG, mode, rval));
6784
6785 case CRYPTO_SIGN_RECOVER_INIT:
6786 return (sign_recover_init(dev, ARG, mode, rval));
6787
6788 case CRYPTO_SIGN_RECOVER:
6789 return (sign_recover(dev, ARG, mode, rval));
6790
6791 case CRYPTO_VERIFY_INIT:
6792 return (verify_init(dev, ARG, mode, rval));
6793
6794 case CRYPTO_VERIFY:
6795 return (verify(dev, ARG, mode, rval));
6796
6797 case CRYPTO_VERIFY_UPDATE:
6798 return (verify_update(dev, ARG, mode, rval));
6799
6800 case CRYPTO_VERIFY_FINAL:
6801 return (verify_final(dev, ARG, mode, rval));
6802
6803 case CRYPTO_VERIFY_RECOVER_INIT:
6804 return (verify_recover_init(dev, ARG, mode, rval));
6805
6806 case CRYPTO_VERIFY_RECOVER:
6807 return (verify_recover(dev, ARG, mode, rval));
6808
6809 case CRYPTO_MAC_INIT:
6810 return (mac_init(dev, ARG, mode, rval));
6811
6812 case CRYPTO_MAC:
6813 return (mac(dev, ARG, mode, rval));
6814
6815 case CRYPTO_MAC_UPDATE:
6816 return (mac_update(dev, ARG, mode, rval));
6817
6818 case CRYPTO_MAC_FINAL:
6819 return (mac_final(dev, ARG, mode, rval));
6820
6821 case CRYPTO_SET_PIN:
6822 return (set_pin(dev, ARG, mode, rval));
6823
6824 case CRYPTO_LOGIN:
6825 return (login(dev, ARG, mode, rval));
6826
6827 case CRYPTO_LOGOUT:
6828 return (logout(dev, ARG, mode, rval));
6829
6830 case CRYPTO_SEED_RANDOM:
6831 return (seed_random(dev, ARG, mode, rval));
6832
6833 case CRYPTO_GENERATE_RANDOM:
6834 return (generate_random(dev, ARG, mode, rval));
6835
6836 case CRYPTO_OBJECT_CREATE:
6837 return (object_create(dev, ARG, mode, rval));
6838
6839 case CRYPTO_OBJECT_COPY:
6840 return (object_copy(dev, ARG, mode, rval));
6841
6842 case CRYPTO_OBJECT_DESTROY:
6843 return (object_destroy(dev, ARG, mode, rval));
6844
6845 case CRYPTO_OBJECT_GET_ATTRIBUTE_VALUE:
6846 return (object_get_attribute_value(dev, ARG, mode, rval));
6847
6848 case CRYPTO_OBJECT_GET_SIZE:
6849 return (object_get_size(dev, ARG, mode, rval));
6850
6851 case CRYPTO_OBJECT_SET_ATTRIBUTE_VALUE:
6852 return (object_set_attribute_value(dev, ARG, mode, rval));
6853
6854 case CRYPTO_OBJECT_FIND_INIT:
6855 return (object_find_init(dev, ARG, mode, rval));
6856
6857 case CRYPTO_OBJECT_FIND_UPDATE:
6858 return (object_find_update(dev, ARG, mode, rval));
6859
6860 case CRYPTO_OBJECT_FIND_FINAL:
6861 return (object_find_final(dev, ARG, mode, rval));
6862
6863 case CRYPTO_GENERATE_KEY:
6864 return (object_generate_key(dev, ARG, mode, rval));
6865
6866 case CRYPTO_GENERATE_KEY_PAIR:
6867 return (object_generate_key_pair(dev, ARG, mode, rval));
6868
6869 case CRYPTO_WRAP_KEY:
6870 return (object_wrap_key(dev, ARG, mode, rval));
6871
6872 case CRYPTO_UNWRAP_KEY:
6873 return (object_unwrap_key(dev, ARG, mode, rval));
6874
6875 case CRYPTO_DERIVE_KEY:
6876 return (object_derive_key(dev, ARG, mode, rval));
6877
6878 case CRYPTO_NOSTORE_GENERATE_KEY:
6879 return (nostore_generate_key(dev, ARG, mode, rval));
6880
6881 case CRYPTO_NOSTORE_GENERATE_KEY_PAIR:
6882 return (nostore_generate_key_pair(dev, ARG, mode, rval));
6883
6884 case CRYPTO_NOSTORE_DERIVE_KEY:
6885 return (nostore_derive_key(dev, ARG, mode, rval));
6886 }
6887 return (EINVAL);
6888 }
6889
6890 /*
6891 * Check for the project.max-crypto-memory resource control.
6892 */
6893 static int
6894 crypto_buffer_check(size_t need)
6895 {
6896 kproject_t *kpj;
6897
6898 if (need == 0)
6899 return (CRYPTO_SUCCESS);
6900
6901 mutex_enter(&curproc->p_lock);
6902 kpj = curproc->p_task->tk_proj;
6903 mutex_enter(&(kpj->kpj_data.kpd_crypto_lock));
6904
6905 if (kpj->kpj_data.kpd_crypto_mem + need >
6906 kpj->kpj_data.kpd_crypto_mem_ctl) {
6907 if (rctl_test(rc_project_crypto_mem,
6908 kpj->kpj_rctls, curproc, need, 0) & RCT_DENY) {
6909 mutex_exit(&(kpj->kpj_data.kpd_crypto_lock));
6910 mutex_exit(&curproc->p_lock);
6911 return (CRYPTO_HOST_MEMORY);
6912 }
6913 }
6914
6915 kpj->kpj_data.kpd_crypto_mem += need;
6916 mutex_exit(&(kpj->kpj_data.kpd_crypto_lock));
6917
6918 curproc->p_crypto_mem += need;
6919 mutex_exit(&curproc->p_lock);
6920
6921 return (CRYPTO_SUCCESS);
6922 }