1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef _SYS_CRYPTO_SCHED_IMPL_H
27 #define	_SYS_CRYPTO_SCHED_IMPL_H
28 
29 /*
30  * Scheduler internal structures.
31  */
32 
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36 
37 #include <sys/zfs_context.h>
38 #include <sys/crypto/api.h>
39 #include <sys/crypto/spi.h>
40 #include <sys/crypto/impl.h>
41 #include <sys/crypto/common.h>
42 
43 typedef struct kcf_prov_tried {
44 	kcf_provider_desc_t	*pt_pd;
45 	struct kcf_prov_tried	*pt_next;
46 } kcf_prov_tried_t;
47 
48 #define	IS_FG_SUPPORTED(mdesc, fg)		\
49 	(((mdesc)->pm_mech_info.cm_func_group_mask & (fg)) != 0)
50 
51 #define	IS_PROVIDER_TRIED(pd, tlist)		\
52 	(tlist != NULL && is_in_triedlist(pd, tlist))
53 
54 #define	IS_RECOVERABLE(error)			\
55 	(error == CRYPTO_BUSY ||			\
56 	error == CRYPTO_KEY_SIZE_RANGE)
57 
58 /*
59  * Internal representation of a canonical context. We contain crypto_ctx_t
60  * structure in order to have just one memory allocation. The SPI
61  * ((crypto_ctx_t *)ctx)->cc_framework_private maps to this structure.
62  */
63 typedef struct kcf_context {
64 	crypto_ctx_t		kc_glbl_ctx;
65 	uint_t			kc_refcnt;
66 	kcf_provider_desc_t	*kc_prov_desc;	/* Prov. descriptor */
67 	kcf_provider_desc_t	*kc_sw_prov_desc;	/* Prov. descriptor */
68 } kcf_context_t;
69 
70 /*
71  * Decrement the reference count on the framework private context.
72  * When the last reference is released, the framework private
73  * context structure is freed along with the global context.
74  */
75 #define	KCF_CONTEXT_REFRELE(ictx) {				\
76 	ASSERT((ictx)->kc_refcnt != 0);				\
77 	membar_exit();						\
78 	if (atomic_add_32_nv(&(ictx)->kc_refcnt, -1) == 0)	\
79 		kcf_free_context(ictx);				\
80 }
81 
82 /*
83  * Check if we can release the context now. In case of CRYPTO_BUSY,
84  * the client can retry the request using the context,
85  * so we do not release the context.
86  *
87  * This macro should be called only from the final routine in
88  * an init/update/final sequence. We do not release the context in case
89  * of update operations. We require the consumer to free it
90  * explicitly, in case it wants to abandon the operation. This is done
91  * as there may be mechanisms in ECB mode that can continue even if
92  * an operation on a block fails.
93  */
94 #define	KCF_CONTEXT_COND_RELEASE(rv, kcf_ctx) {			\
95 	if (KCF_CONTEXT_DONE(rv))				\
96 		KCF_CONTEXT_REFRELE(kcf_ctx);			\
97 }
98 
99 /*
100  * This macro determines whether we're done with a context.
101  */
102 #define	KCF_CONTEXT_DONE(rv)					\
103 	((rv) != CRYPTO_BUSY &&	(rv) != CRYPTO_BUFFER_TOO_SMALL)
104 
105 
106 #define	KCF_SET_PROVIDER_MECHNUM(fmtype, pd, mechp)			\
107 	(mechp)->cm_type =						\
108 	    KCF_TO_PROV_MECHNUM(pd, fmtype);
109 
110 /*
111  * A crypto_ctx_template_t is internally a pointer to this struct
112  */
113 typedef	struct kcf_ctx_template {
114 	size_t				ct_size;	/* for freeing */
115 	crypto_spi_ctx_template_t	ct_prov_tmpl;	/* context template */
116 							/* from the provider */
117 } kcf_ctx_template_t;
118 
119 
120 extern void kcf_free_triedlist(kcf_prov_tried_t *);
121 extern kcf_prov_tried_t *kcf_insert_triedlist(kcf_prov_tried_t **,
122     kcf_provider_desc_t *, int);
123 extern kcf_provider_desc_t *kcf_get_mech_provider(crypto_mech_type_t,
124     kcf_mech_entry_t **, int *, kcf_prov_tried_t *, crypto_func_group_t);
125 extern crypto_ctx_t *kcf_new_ctx(kcf_provider_desc_t *);
126 extern void kcf_sched_destroy(void);
127 extern void kcf_sched_init(void);
128 extern void kcf_free_context(kcf_context_t *);
129 
130 #ifdef __cplusplus
131 }
132 #endif
133 
134 #endif /* _SYS_CRYPTO_SCHED_IMPL_H */
135