1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 /* 27 * Core KCF (Kernel Cryptographic Framework). This file implements 28 * the loadable module entry points and module verification routines. 29 */ 30 31 #include <sys/systm.h> 32 #include <sys/cmn_err.h> 33 #include <sys/ddi.h> 34 #include <sys/sunddi.h> 35 #include <sys/modctl.h> 36 #include <sys/errno.h> 37 #include <sys/rwlock.h> 38 #include <sys/kmem.h> 39 #include <sys/door.h> 40 #include <sys/kobj.h> 41 42 #include <sys/crypto/common.h> 43 #include <sys/crypto/api.h> 44 #include <sys/crypto/spi.h> 45 #include <sys/crypto/impl.h> 46 #include <sys/crypto/sched_impl.h> 47 #include <sys/crypto/elfsign.h> 48 49 #ifdef DEBUG 50 int kcf_frmwrk_debug = 0; 51 52 #define KCF_FRMWRK_DEBUG(l, x) if (kcf_frmwrk_debug >= l) printf x 53 #else /* DEBUG */ 54 #define KCF_FRMWRK_DEBUG(l, x) 55 #endif /* DEBUG */ 56 57 /* 58 * Door to make upcalls to kcfd. kcfd will send us this 59 * handle when it is coming up. 60 */ 61 kmutex_t kcf_dh_lock; 62 door_handle_t kcf_dh = NULL; 63 64 uint32_t global_fips140_mode; /* FIPS140 enable/disable flag */ 65 66 static struct modlmisc modlmisc = { 67 &mod_miscops, "Kernel Crypto Framework" 68 }; 69 70 static struct modlinkage modlinkage = { 71 MODREV_1, (void *)&modlmisc, NULL 72 }; 73 74 static int rngtimer_started; 75 76 77 int 78 _init() 79 { 80 /* initialize the mechanisms tables supported out-of-the-box */ 81 kcf_init_mech_tabs(); 82 83 /* initialize the providers tables */ 84 kcf_prov_tab_init(); 85 86 /* initialize the policy table */ 87 kcf_policy_tab_init(); 88 89 /* initialize soft_config_list */ 90 kcf_soft_config_init(); 91 92 /* 93 * Initialize scheduling structures. Note that this does NOT 94 * start any threads since it might not be safe to do so. 95 */ 96 kcf_sched_init(); 97 98 /* initialize the RNG support structures */ 99 rngtimer_started = 0; 100 kcf_rnd_init(); 101 102 return (mod_install(&modlinkage)); 103 } 104 105 int 106 _info(struct modinfo *modinfop) 107 { 108 return (mod_info(&modlinkage, modinfop)); 109 } 110 111 /* 112 * We do not allow kcf to unload. 113 */ 114 int 115 _fini(void) 116 { 117 return (EBUSY); 118 } 119 120 /* 121 * Return the FIPS140 mode status: 122 * FIPS140_MODE_DISABLED (0) 123 * FIPS140_MODE_ENABLED (1) 124 */ 125 int 126 kcf_get_fips140_mode(void) 127 { 128 return (global_fips140_mode); 129 } 130 131 /* 132 * Return a pointer to the modctl structure of the 133 * provider's module. 134 */ 135 struct modctl * 136 kcf_get_modctl(crypto_provider_info_t *pinfo) 137 { 138 struct modctl *mctlp; 139 140 /* Get the modctl struct for this module */ 141 if (pinfo->pi_provider_type == CRYPTO_SW_PROVIDER) 142 mctlp = mod_getctl(pinfo->pi_provider_dev.pd_sw); 143 else { 144 major_t major; 145 char *drvmod; 146 147 if ((major = 148 ddi_driver_major(pinfo->pi_provider_dev.pd_hw)) != -1) { 149 drvmod = ddi_major_to_name(major); 150 mctlp = mod_find_by_filename("drv", drvmod); 151 } else 152 return (NULL); 153 } 154 155 return (mctlp); 156 } 157 158 /* 159 * Check if signature verification is needed for a provider. 160 * 161 * Returns 0, if no verification is needed. Returns 1, if 162 * verification is needed. Returns -1, if there is an 163 * error. 164 */ 165 int 166 kcf_need_signature_verification(kcf_provider_desc_t *pd) 167 { 168 struct module *mp; 169 struct modctl *mctlp = pd->pd_mctlp; 170 crypto_ops_t *prov_ops = pd->pd_ops_vector; 171 172 if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 173 return (0); 174 175 if (mctlp == NULL || mctlp->mod_mp == NULL) 176 return (-1); 177 178 mp = (struct module *)mctlp->mod_mp; 179 180 /* 181 * Check if this provider needs to be verified. We always verify 182 * the module if it carries a signature. Any operation set which has 183 * a encryption/decryption component is a candidate for verification. 184 */ 185 if (prov_ops->co_cipher_ops == NULL && prov_ops->co_dual_ops == NULL && 186 prov_ops->co_dual_cipher_mac_ops == NULL && 187 prov_ops->co_key_ops == NULL && prov_ops->co_sign_ops == NULL && 188 prov_ops->co_verify_ops == NULL && mp->sigdata == NULL) { 189 return (0); 190 } 191 192 /* 193 * See if this module has a proper signature section. 194 */ 195 if (mp->sigdata == NULL) { 196 return (-1); 197 } 198 199 mutex_enter(&pd->pd_lock); 200 pd->pd_state = KCF_PROV_UNVERIFIED; 201 mutex_exit(&pd->pd_lock); 202 203 return (1); 204 } 205 206 /* 207 * Do the signature verification on the given module. This function can 208 * be called from user context or kernel context. 209 * 210 * We call kcfd with the full pathname of the module to be 211 * verified. kcfd will return success/restricted/fail, signature length 212 * and the actual signature in the ELF section of the module. If kcfd 213 * returns success or restricted, we compare the signature and the length 214 * with the values that krtld stored in the module structure. We log an 215 * error message in case of a failure. 216 * 217 * The provider state is changed to KCF_PROV_READY on success. 218 */ 219 void 220 kcf_verify_signature(void *arg) 221 { 222 int rv; 223 int error = CRYPTO_MODVERIFICATION_FAILED; 224 door_arg_t darg; 225 door_handle_t ldh; 226 kcf_door_arg_t *kda; 227 char *filename; 228 kcf_provider_desc_t *pd = arg; 229 struct module *mp; 230 boolean_t do_notify = B_FALSE; 231 boolean_t modhold_done = B_FALSE; 232 struct modctl *mctlp = pd->pd_mctlp; 233 234 ASSERT(pd->pd_prov_type != CRYPTO_LOGICAL_PROVIDER); 235 ASSERT(mctlp != NULL); 236 237 for (;;) { 238 mutex_enter(&pd->pd_lock); 239 /* No need to do verification */ 240 if (pd->pd_state != KCF_PROV_UNVERIFIED) { 241 mutex_exit(&pd->pd_lock); 242 goto out; 243 } 244 mutex_exit(&pd->pd_lock); 245 246 mutex_enter(&mod_lock); 247 if (mctlp->mod_mp == NULL) { 248 mutex_exit(&mod_lock); 249 goto out; 250 } 251 252 /* 253 * This check is needed since a software provider can call 254 * us directly from the _init->crypto_register_provider path. 255 */ 256 if (pd->pd_prov_type == CRYPTO_SW_PROVIDER && 257 mctlp->mod_inprogress_thread == curthread) { 258 mutex_exit(&mod_lock); 259 modhold_done = B_FALSE; 260 break; 261 } 262 263 /* 264 * We could be in a race with the register thread or 265 * the unregister thread. So, retry if register or 266 * unregister is in progress. Note that we can't do 267 * mod_hold_by_modctl without this check since that 268 * could result in a deadlock with the other threads. 269 */ 270 if (mctlp->mod_busy) { 271 mutex_exit(&mod_lock); 272 /* delay for 10ms and try again */ 273 delay(drv_usectohz(10000)); 274 continue; 275 } 276 277 (void) mod_hold_by_modctl(mctlp, 278 MOD_WAIT_FOREVER | MOD_LOCK_HELD); 279 mutex_exit(&mod_lock); 280 modhold_done = B_TRUE; 281 break; 282 } 283 284 /* 285 * Check if the door is set up yet. This will be set when kcfd 286 * comes up. If not, we return and leave the provider state unchanged 287 * at KCF_PROV_UNVERIFIED. This will trigger the verification of 288 * the module later when kcfd is up. This is safe as we NEVER use 289 * a provider that has not been verified yet. 290 */ 291 mutex_enter(&kcf_dh_lock); 292 if (kcf_dh == NULL) { 293 mutex_exit(&kcf_dh_lock); 294 goto out; 295 } 296 297 ldh = kcf_dh; 298 door_ki_hold(ldh); 299 mutex_exit(&kcf_dh_lock); 300 301 mp = (struct module *)mctlp->mod_mp; 302 filename = mp->filename; 303 KCF_FRMWRK_DEBUG(2, ("Verifying module: %s\n", filename)); 304 305 kda = kmem_alloc(sizeof (kcf_door_arg_t) + mp->sigsize, KM_SLEEP); 306 kda->da_version = KCF_KCFD_VERSION1; 307 kda->da_iskernel = B_TRUE; 308 bcopy(filename, kda->da_u.filename, strlen(filename) + 1); 309 310 darg.data_ptr = (char *)kda; 311 darg.data_size = sizeof (kcf_door_arg_t) + mp->sigsize; 312 darg.desc_ptr = NULL; 313 darg.desc_num = 0; 314 darg.rbuf = (char *)kda; 315 darg.rsize = sizeof (kcf_door_arg_t); 316 317 /* 318 * Make door upcall. door_ki_upcall() checks for validity of the handle. 319 */ 320 rv = door_ki_upcall_limited(ldh, &darg, NULL, SIZE_MAX, 0); 321 322 if (rv == 0) { 323 kcf_door_arg_t *rkda = (kcf_door_arg_t *)darg.rbuf; 324 325 KCF_FRMWRK_DEBUG(2, 326 ("passed: %d\n", rkda->da_u.result.status)); 327 KCF_FRMWRK_DEBUG(2, 328 ("signature length: %d\n", rkda->da_u.result.siglen)); 329 KCF_FRMWRK_DEBUG(2, 330 ("signature: %p\n", (void*)rkda->da_u.result.signature)); 331 332 333 /* Check kcfd result and compare against module struct fields */ 334 if (((rkda->da_u.result.status != ELFSIGN_SUCCESS) && 335 (rkda->da_u.result.status != ELFSIGN_RESTRICTED)) || 336 !(rkda->da_u.result.siglen == mp->sigsize) || 337 (bcmp(rkda->da_u.result.signature, mp->sigdata, 338 mp->sigsize))) { 339 cmn_err(CE_WARN, "Module verification failed for %s.", 340 filename); 341 } else { 342 error = 0; 343 } 344 345 if (rkda->da_u.result.status == ELFSIGN_RESTRICTED) { 346 pd->pd_flags |= KCF_PROV_RESTRICTED; 347 KCF_FRMWRK_DEBUG(2, ("provider is restricted\n")); 348 } 349 350 if (rkda != kda) 351 kmem_free(rkda, darg.rsize); 352 353 } else { 354 cmn_err(CE_WARN, "Module verification door upcall failed " 355 "for %s. errno = %d", filename, rv); 356 } 357 358 kmem_free(kda, sizeof (kcf_door_arg_t) + mp->sigsize); 359 door_ki_rele(ldh); 360 361 mutex_enter(&pd->pd_lock); 362 /* change state only if the original state is unchanged */ 363 if (pd->pd_state == KCF_PROV_UNVERIFIED) { 364 if (error == 0) { 365 pd->pd_state = KCF_PROV_READY; 366 do_notify = B_TRUE; 367 } else { 368 pd->pd_state = KCF_PROV_VERIFICATION_FAILED; 369 } 370 } 371 mutex_exit(&pd->pd_lock); 372 373 if (do_notify) { 374 /* Dispatch events for this new provider */ 375 kcf_do_notify(pd, B_TRUE); 376 } 377 378 out: 379 if (modhold_done) 380 mod_release_mod(mctlp); 381 KCF_PROV_REFRELE(pd); 382 } 383 384 /* called from the CRYPTO_LOAD_DOOR ioctl */ 385 int 386 crypto_load_door(uint_t did) 387 { 388 mutex_enter(&kcf_dh_lock); 389 kcf_dh = door_ki_lookup(did); 390 mutex_exit(&kcf_dh_lock); 391 392 verify_unverified_providers(); 393 394 /* Start the timeout handler to get random numbers */ 395 if (rngtimer_started == 0) { 396 kcf_rnd_schedule_timeout(B_TRUE); 397 rngtimer_started = 1; 398 } 399 400 return (0); 401 } 402