sbin/bioctl/bioctl.c

*2b5fc845Sjsing/* $OpenBSD: bioctl.c,v 1.104 2011/12/31 17:06:09 jsing Exp $       */
cf6503d7Sderaadt
3af9de98Smarco/*
2f39728eSdlg * Copyright (c) 2004, 2005 Marco Peereboom
3af9de98Smarco * All rights reserved.
3af9de98Smarco *
3af9de98Smarco * Redistribution and use in source and binary forms, with or without
3af9de98Smarco * modification, are permitted provided that the following conditions
3af9de98Smarco * are met:
3af9de98Smarco * 1. Redistributions of source code must retain the above copyright
3af9de98Smarco *    notice, this list of conditions and the following disclaimer.
3af9de98Smarco * 2. Redistributions in binary form must reproduce the above copyright
3af9de98Smarco *    notice, this list of conditions and the following disclaimer in the
3af9de98Smarco *    documentation and/or other materials provided with the distribution.
3af9de98Smarco *
3af9de98Smarco * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
3af9de98Smarco * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
3af9de98Smarco * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
3af9de98Smarco * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR
3af9de98Smarco * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
3af9de98Smarco * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
3af9de98Smarco * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
3af9de98Smarco * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
3af9de98Smarco * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
3af9de98Smarco * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
3af9de98Smarco * SUCH DAMAGE.
3af9de98Smarco *
3af9de98Smarco */
3af9de98Smarco
c2126c9aSmarco#include <sys/ioctl.h>
91f4f7d8Sdlg#include <sys/dkio.h>
c2126c9aSmarco#include <sys/param.h>
46bc198bSmarco#include <sys/types.h>
46bc198bSmarco#include <sys/stat.h>
3af9de98Smarco#include <dev/biovar.h>
aef7fe28Shshoexer#include <dev/softraidvar.h>
3af9de98Smarco
db2730c1Smarco#include <errno.h>
db2730c1Smarco#include <err.h>
db2730c1Smarco#include <fcntl.h>
8ccdd032Sderaadt#include <util.h>
db2730c1Smarco#include <stdio.h>
db2730c1Smarco#include <stdlib.h>
db2730c1Smarco#include <string.h>
db2730c1Smarco#include <unistd.h>
e4e14ad7Sderaadt#include <ctype.h>
03b2dfbfShenning#include <vis.h>
9e8c6f5bShshoexer#include <readpassphrase.h>
db2730c1Smarco
5c1f8f6bSdjm#include "pbkdf2.h"
aef7fe28Shshoexer
6de960dcSmarcostruct locator {
6de960dcSmarco	int		channel;
6de960dcSmarco	int		target;
6de960dcSmarco	int		lun;
6de960dcSmarco};
6de960dcSmarco
8ccdd032Sderaadtvoid			usage(void);
41eccc89Sderaadtconst char 		*str2locator(const char *, struct locator *);
8ccdd032Sderaadtvoid			cleanup(void);
46bc198bSmarcoint			bio_parse_devlist(char *, dev_t *);
aef7fe28Shshoexervoid			bio_kdf_derive(struct sr_crypto_kdfinfo *,
c6446370Sjsing			    struct sr_crypto_kdf_pbkdf2 *, char *, int);
aef7fe28Shshoexervoid			bio_kdf_generate(struct sr_crypto_kdfinfo *);
9e8c6f5bShshoexervoid			derive_key_pkcs(int, u_int8_t *, size_t, u_int8_t *,
c6446370Sjsing			    size_t, char *, int);
8ccdd032Sderaadt
8ccdd032Sderaadtvoid			bio_inq(char *);
8ccdd032Sderaadtvoid			bio_alarm(char *);
a15048bbSmarcoint			bio_getvolbyname(char *);
a15048bbSmarcovoid			bio_setstate(char *, int, char *);
a928c459Sderaadtvoid			bio_setblink(char *, char *, int);
a928c459Sderaadtvoid			bio_blink(char *, int, int);
d4722c44Snicmstruct sr_aoe_config 	*create_aoe(u_int16_t, char *);
0054cd36Sjsingvoid			bio_createraid(u_int16_t, char *, char *);
c7c3e8aaSmarcovoid			bio_deleteraid(char *);
c6446370Sjsingvoid			bio_changepass(char *);
e8a57fdeSmarcou_int32_t		bio_createflags(char *);
03b2dfbfShenningchar			*bio_vis(char *);
03b2dfbfShenningvoid			bio_diskinq(char *);
3af9de98Smarco
3af9de98Smarcoint			devh = -1;
abe9d68eSderaadtint			human;
abe9d68eSderaadtint			verbose;
e8a57fdeSmarcou_int32_t		cflags = 0;
aedd4f07Sdjmint			rflag = 8192;
86735da2Smarcochar			*password;
3af9de98Smarco
3af9de98Smarcostruct bio_locate	bl;
b96c6ce2Sckuetheint rpp_flag = RPP_REQUIRE_TTY;
3af9de98Smarco
3af9de98Smarcoint
3af9de98Smarcomain(int argc, char *argv[])
3af9de98Smarco{
3af9de98Smarco	extern char		*optarg;
db2730c1Smarco	u_int64_t		func = 0;
db2730c1Smarco	/* u_int64_t subfunc = 0; */
e63d8b1dSdtucker	char			*devicename = NULL;
cf6503d7Sderaadt	char			*realname = NULL, *al_arg = NULL;
7195049bSmarco	char			*bl_arg = NULL, *dev_list = NULL;
0054cd36Sjsing	char			*key_disk = NULL;
aedd4f07Sdjm	const char		*errstr;
c6446370Sjsing	int			ch, rv, blink = 0, changepass = 0, diskinq = 0;
c6446370Sjsing	int			ss_func = 0;
9ecba717Sderaadt	u_int16_t		cr_level = 0;
e37c64dbSjsing	int			biodev = 0;
3af9de98Smarco
3af9de98Smarco	if (argc < 2)
3af9de98Smarco		usage();
3af9de98Smarco
b96c6ce2Sckuethe	while ((ch = getopt(argc, argv, "a:b:C:c:dH:hik:l:Pp:qr:R:svu:")) !=
c6446370Sjsing	    -1) {
3af9de98Smarco		switch (ch) {
edfd9792Smarco		case 'a': /* alarm */
edfd9792Smarco			func |= BIOC_ALARM;
edfd9792Smarco			al_arg = optarg;
edfd9792Smarco			break;
c55617f1Sdlg		case 'b': /* blink */
c55617f1Sdlg			func |= BIOC_BLINK;
a928c459Sderaadt			blink = BIOC_SBBLINK;
a928c459Sderaadt			bl_arg = optarg;
a928c459Sderaadt			break;
e8a57fdeSmarco		case 'C': /* creation flags */
e8a57fdeSmarco			cflags = bio_createflags(optarg);
e8a57fdeSmarco			break;
7195049bSmarco		case 'c': /* create */
7195049bSmarco			func |= BIOC_CREATERAID;
92d21b5cStedu			if (isdigit(*optarg)) {
92d21b5cStedu				cr_level = strtonum(optarg, 0, 10, &errstr);
92d21b5cStedu				if (errstr != NULL)
92d21b5cStedu					errx(1, "Invalid RAID level");
92d21b5cStedu			} else
98b750e4Stedu				cr_level = *optarg;
7195049bSmarco			break;
c7c3e8aaSmarco		case 'd':
c7c3e8aaSmarco			/* delete volume */
c7c3e8aaSmarco			func |= BIOC_DELETERAID;
c7c3e8aaSmarco			break;
a928c459Sderaadt		case 'u': /* unblink */
a928c459Sderaadt			func |= BIOC_BLINK;
a928c459Sderaadt			blink = BIOC_SBUNBLINK;
c55617f1Sdlg			bl_arg = optarg;
c55617f1Sdlg			break;
6de960dcSmarco		case 'H': /* set hotspare */
6de960dcSmarco			func |= BIOC_SETSTATE;
a15048bbSmarco			ss_func = BIOC_SSHOTSPARE;
6de960dcSmarco			al_arg = optarg;
6de960dcSmarco			break;
8ccdd032Sderaadt		case 'h':
8ccdd032Sderaadt			human = 1;
8ccdd032Sderaadt			break;
db2730c1Smarco		case 'i': /* inquiry */
db2730c1Smarco			func |= BIOC_INQ;
3af9de98Smarco			break;
0054cd36Sjsing		case 'k': /* Key disk. */
0054cd36Sjsing			key_disk = optarg;
0054cd36Sjsing			break;
7195049bSmarco		case 'l': /* device list */
7195049bSmarco			func |= BIOC_DEVLIST;
7195049bSmarco			dev_list = optarg;
7195049bSmarco			break;
c6446370Sjsing		case 'P':
c6446370Sjsing			/* Change passphrase. */
c6446370Sjsing			changepass = 1;
c6446370Sjsing			break;
86735da2Smarco		case 'p':
86735da2Smarco			password = optarg;
86735da2Smarco			break;
aedd4f07Sdjm		case 'r':
aedd4f07Sdjm			rflag = strtonum(optarg, 1000, 1<<30, &errstr);
aedd4f07Sdjm			if (errstr != NULL)
aedd4f07Sdjm				errx(1, "Number of rounds is %s: %s",
aedd4f07Sdjm				    errstr, optarg);
aedd4f07Sdjm			break;
a15048bbSmarco		case 'R':
a15048bbSmarco			/* rebuild to provided chunk/CTL */
a15048bbSmarco			func |= BIOC_SETSTATE;
a15048bbSmarco			ss_func = BIOC_SSREBUILD;
a15048bbSmarco			al_arg = optarg;
a15048bbSmarco			break;
b96c6ce2Sckuethe		case 's':
b96c6ce2Sckuethe			rpp_flag = RPP_STDIN;
b96c6ce2Sckuethe			break;
abe9d68eSderaadt		case 'v':
abe9d68eSderaadt			verbose = 1;
abe9d68eSderaadt			break;
03b2dfbfShenning		case 'q':
03b2dfbfShenning			diskinq = 1;
03b2dfbfShenning			break;
3af9de98Smarco		default:
3af9de98Smarco			usage();
3af9de98Smarco			/* NOTREACHED */
3af9de98Smarco		}
3af9de98Smarco	}
cf6503d7Sderaadt	argc -= optind;
cf6503d7Sderaadt	argv += optind;
3af9de98Smarco
c6446370Sjsing	if (argc != 1 || (changepass && func != 0))
cf6503d7Sderaadt		usage();
cf6503d7Sderaadt
dcbaf4c8Sderaadt	if (func == 0)
dcbaf4c8Sderaadt		func |= BIOC_INQ;
dcbaf4c8Sderaadt
e63d8b1dSdtucker	devicename = argv[0];
e63d8b1dSdtucker	if (devicename == NULL)
e37c64dbSjsing		errx(1, "need device");
10b411a7Smarco
e63d8b1dSdtucker	devh = opendev(devicename, O_RDWR, OPENDEV_PART, &realname);
e37c64dbSjsing	if (devh == -1) {
41eccc89Sderaadt		devh = open("/dev/bio", O_RDWR);
3af9de98Smarco		if (devh == -1)
41eccc89Sderaadt			err(1, "Can't open %s", "/dev/bio");
3af9de98Smarco
e63d8b1dSdtucker		bl.bl_name = devicename;
3af9de98Smarco		rv = ioctl(devh, BIOCLOCATE, &bl);
3af9de98Smarco		if (rv == -1)
10b411a7Smarco			errx(1, "Can't locate %s device via %s",
41eccc89Sderaadt			    bl.bl_name, "/dev/bio");
e37c64dbSjsing		biodev = 1;
e63d8b1dSdtucker		devicename = NULL;
e37c64dbSjsing	}
3af9de98Smarco
03b2dfbfShenning	if (diskinq) {
e63d8b1dSdtucker		bio_diskinq(devicename);
e37c64dbSjsing	} else if (changepass && !biodev) {
e63d8b1dSdtucker		bio_changepass(devicename);
03b2dfbfShenning	} else if (func & BIOC_INQ) {
e63d8b1dSdtucker		bio_inq(devicename);
edfd9792Smarco	} else if (func == BIOC_ALARM) {
edfd9792Smarco		bio_alarm(al_arg);
c55617f1Sdlg	} else if (func == BIOC_BLINK) {
e63d8b1dSdtucker		bio_setblink(devicename, bl_arg, blink);
6de960dcSmarco	} else if (func == BIOC_SETSTATE) {
a15048bbSmarco		bio_setstate(al_arg, ss_func, argv[0]);
e37c64dbSjsing	} else if (func == BIOC_DELETERAID && !biodev) {
e63d8b1dSdtucker		bio_deleteraid(devicename);
7195049bSmarco	} else if (func & BIOC_CREATERAID || func & BIOC_DEVLIST) {
7195049bSmarco		if (!(func & BIOC_CREATERAID))
7195049bSmarco			errx(1, "need -c parameter");
7195049bSmarco		if (!(func & BIOC_DEVLIST))
7195049bSmarco			errx(1, "need -l parameter");
e37c64dbSjsing		if (!biodev)
e37c64dbSjsing			errx(1, "must use bio device");
0054cd36Sjsing		bio_createraid(cr_level, dev_list, key_disk);
3af9de98Smarco	}
3af9de98Smarco
3af9de98Smarco	return (0);
3af9de98Smarco}
3af9de98Smarco
3af9de98Smarcovoid
3af9de98Smarcousage(void)
3af9de98Smarco{
3af9de98Smarco	extern char		*__progname;
3af9de98Smarco
d90b5d8bSjmc	fprintf(stderr,
d0b772c8Sjmc		"usage: %s [-hiqv] [-a alarm-function] "
d90b5d8bSjmc		"[-b channel:target[.lun]]\n"
d0b772c8Sjmc		"\t[-H channel:target[.lun]] "
af56bbe7Smatthieu		"[-R device | channel:target[.lun]]\n"
d0b772c8Sjmc		"\t[-u channel:target[.lun]] "
d0b772c8Sjmc		"device\n"
b96c6ce2Sckuethe		"       %s [-dhiPqsv] "
b90fdff5Sjmc		"[-C flag[,flag,...]] [-c raidlevel] [-k keydisk]\n"
78702060Sjmc		"\t[-l special[,special,...]] [-p passfile]\n"
af56bbe7Smatthieu		"\t[-R device | channel:target[.lun]] [-r rounds] "
d0b772c8Sjmc		"device\n", __progname, __progname);
d90b5d8bSjmc
3af9de98Smarco	exit(1);
3af9de98Smarco}
3af9de98Smarco
41eccc89Sderaadtconst char *
6de960dcSmarcostr2locator(const char *string, struct locator *location)
6de960dcSmarco{
50d3c4dcSdlg	const char		*errstr;
41eccc89Sderaadt	char			parse[80], *targ, *lun;
6de960dcSmarco
41eccc89Sderaadt	strlcpy(parse, string, sizeof parse);
41eccc89Sderaadt	targ = strchr(parse, ':');
6de960dcSmarco	if (targ == NULL)
41eccc89Sderaadt		return ("target not specified");
6de960dcSmarco	*targ++ = '\0';
6de960dcSmarco
50d3c4dcSdlg	lun = strchr(targ, '.');
6de960dcSmarco	if (lun != NULL) {
6de960dcSmarco		*lun++ = '\0';
50d3c4dcSdlg		location->lun = strtonum(lun, 0, 256, &errstr);
50d3c4dcSdlg		if (errstr)
41eccc89Sderaadt			return (errstr);
6de960dcSmarco	} else
6de960dcSmarco		location->lun = 0;
6de960dcSmarco
50d3c4dcSdlg	location->target = strtonum(targ, 0, 256, &errstr);
50d3c4dcSdlg	if (errstr)
41eccc89Sderaadt		return (errstr);
41eccc89Sderaadt	location->channel = strtonum(parse, 0, 256, &errstr);
50d3c4dcSdlg	if (errstr)
41eccc89Sderaadt		return (errstr);
41eccc89Sderaadt	return (NULL);
6de960dcSmarco}
6de960dcSmarco
3af9de98Smarcovoid
8ccdd032Sderaadtbio_inq(char *name)
d4546a56Sdlg{
9017fb97Sderaadt	char 			*status, size[64], scsiname[16], volname[32];
a4d3c4a2Sderaadt	char			percent[10], seconds[20];
b9950701Smarco	int			rv, i, d, volheader, hotspare, unused;
aa65acf1Sderaadt	char			encname[16], serial[32];
8ccdd032Sderaadt	struct bioc_disk	bd;
8ccdd032Sderaadt	struct bioc_inq		bi;
8ccdd032Sderaadt	struct bioc_vol		bv;
db2730c1Smarco
db2730c1Smarco	memset(&bi, 0, sizeof(bi));
3af9de98Smarco
8ccdd032Sderaadt	bi.bi_cookie = bl.bl_cookie;
3af9de98Smarco
db2730c1Smarco	rv = ioctl(devh, BIOCINQ, &bi);
3af9de98Smarco	if (rv == -1) {
03b2dfbfShenning		if (errno == ENOTTY)
03b2dfbfShenning			bio_diskinq(name);
03b2dfbfShenning		else
da3b0664Shenning			err(1, "BIOCINQ");
3af9de98Smarco		return;
3af9de98Smarco	}
3af9de98Smarco
8ccdd032Sderaadt	volheader = 0;
8ccdd032Sderaadt	for (i = 0; i < bi.bi_novol; i++) {
db2730c1Smarco		memset(&bv, 0, sizeof(bv));
8ccdd032Sderaadt		bv.bv_cookie = bl.bl_cookie;
8ccdd032Sderaadt		bv.bv_volid = i;
0a92ff65Sderaadt		bv.bv_percent = -1;
9017fb97Sderaadt		bv.bv_seconds = 0;
70a2ae7bSmarco
db2730c1Smarco		rv = ioctl(devh, BIOCVOL, &bv);
da3b0664Shenning		if (rv == -1)
da3b0664Shenning			err(1, "BIOCVOL");
3af9de98Smarco
8ccdd032Sderaadt		if (name && strcmp(name, bv.bv_dev) != 0)
8ccdd032Sderaadt			continue;
8ccdd032Sderaadt
8ccdd032Sderaadt		if (!volheader) {
8ccdd032Sderaadt			volheader = 1;
150c22bbSjcs			printf("%-11s %-10s %14s %-8s\n",
8ccdd032Sderaadt			    "Volume", "Status", "Size", "Device");
8ccdd032Sderaadt		}
8ccdd032Sderaadt
0a92ff65Sderaadt		percent[0] = '\0';
9017fb97Sderaadt		seconds[0] = '\0';
0a92ff65Sderaadt		if (bv.bv_percent != -1)
0a92ff65Sderaadt			snprintf(percent, sizeof percent,
0a92ff65Sderaadt			    " %d%% done", bv.bv_percent);
9017fb97Sderaadt		if (bv.bv_seconds)
9017fb97Sderaadt			snprintf(seconds, sizeof seconds,
9017fb97Sderaadt			    " %u seconds", bv.bv_seconds);
8ccdd032Sderaadt		switch (bv.bv_status) {
db2730c1Smarco		case BIOC_SVONLINE:
8ccdd032Sderaadt			status = BIOC_SVONLINE_S;
db2730c1Smarco			break;
db2730c1Smarco		case BIOC_SVOFFLINE:
8ccdd032Sderaadt			status = BIOC_SVOFFLINE_S;
db2730c1Smarco			break;
db2730c1Smarco		case BIOC_SVDEGRADED:
8ccdd032Sderaadt			status = BIOC_SVDEGRADED_S;
db2730c1Smarco			break;
0a92ff65Sderaadt		case BIOC_SVBUILDING:
0a92ff65Sderaadt			status = BIOC_SVBUILDING_S;
0a92ff65Sderaadt			break;
0a92ff65Sderaadt		case BIOC_SVREBUILD:
0a92ff65Sderaadt			status = BIOC_SVREBUILD_S;
0a92ff65Sderaadt			break;
0a92ff65Sderaadt		case BIOC_SVSCRUB:
0a92ff65Sderaadt			status = BIOC_SVSCRUB_S;
0a92ff65Sderaadt			break;
db2730c1Smarco		case BIOC_SVINVALID:
db2730c1Smarco		default:
8ccdd032Sderaadt			status = BIOC_SVINVALID_S;
d4546a56Sdlg		}
3af9de98Smarco
aa65acf1Sderaadt		snprintf(volname, sizeof volname, "%s %u",
8ccdd032Sderaadt		    bi.bi_dev, bv.bv_volid);
b9950701Smarco
9ecba717Sderaadt		unused = 0;
9ecba717Sderaadt		hotspare = 0;
aa65acf1Sderaadt		if (bv.bv_level == -1 && bv.bv_nodisk == 1)
aa65acf1Sderaadt			hotspare = 1;
b9950701Smarco		else if (bv.bv_level == -2 && bv.bv_nodisk == 1)
b9950701Smarco			unused = 1;
aa65acf1Sderaadt		else {
8ccdd032Sderaadt			if (human)
8ccdd032Sderaadt				fmt_scaled(bv.bv_size, size);
8ccdd032Sderaadt			else
8ccdd032Sderaadt				snprintf(size, sizeof size, "%14llu",
8ccdd032Sderaadt				    bv.bv_size);
da935596Stodd			switch (bv.bv_level) {
da935596Stodd			case 'C':
150c22bbSjcs				printf("%11s %-10s %14s %-7s CRYPTO%s%s\n",
da935596Stodd				    volname, status, size, bv.bv_dev,
da935596Stodd				    percent, seconds);
da935596Stodd				break;
*2b5fc845Sjsing			case 'c':
*2b5fc845Sjsing				printf("%11s %-10s %14s %-7s CONCAT%s%s\n",
*2b5fc845Sjsing				    volname, status, size, bv.bv_dev,
*2b5fc845Sjsing				    percent, seconds);
*2b5fc845Sjsing				break;
da935596Stodd			default:
150c22bbSjcs				printf("%11s %-10s %14s %-7s RAID%u%s%s\n",
0a92ff65Sderaadt				    volname, status, size, bv.bv_dev,
9017fb97Sderaadt				    bv.bv_level, percent, seconds);
da935596Stodd				break;
da935596Stodd			}
da935596Stodd
aa65acf1Sderaadt		}
8ccdd032Sderaadt
8ccdd032Sderaadt		for (d = 0; d < bv.bv_nodisk; d++) {
db2730c1Smarco			memset(&bd, 0, sizeof(bd));
8ccdd032Sderaadt			bd.bd_cookie = bl.bl_cookie;
8ccdd032Sderaadt			bd.bd_diskid = d;
8ccdd032Sderaadt			bd.bd_volid = i;
3af9de98Smarco
db2730c1Smarco			rv = ioctl(devh, BIOCDISK, &bd);
da3b0664Shenning			if (rv == -1)
da3b0664Shenning				err(1, "BIOCDISK");
3af9de98Smarco
8ccdd032Sderaadt			switch (bd.bd_status) {
db2730c1Smarco			case BIOC_SDONLINE:
8ccdd032Sderaadt				status = BIOC_SDONLINE_S;
d4546a56Sdlg				break;
db2730c1Smarco			case BIOC_SDOFFLINE:
8ccdd032Sderaadt				status = BIOC_SDOFFLINE_S;
d4546a56Sdlg				break;
db2730c1Smarco			case BIOC_SDFAILED:
8ccdd032Sderaadt				status = BIOC_SDFAILED_S;
db2730c1Smarco				break;
db2730c1Smarco			case BIOC_SDREBUILD:
8ccdd032Sderaadt				status = BIOC_SDREBUILD_S;
db2730c1Smarco				break;
db2730c1Smarco			case BIOC_SDHOTSPARE:
8ccdd032Sderaadt				status = BIOC_SDHOTSPARE_S;
db2730c1Smarco				break;
db2730c1Smarco			case BIOC_SDUNUSED:
8ccdd032Sderaadt				status = BIOC_SDUNUSED_S;
db2730c1Smarco				break;
e1dfb373Sderaadt			case BIOC_SDSCRUB:
e1dfb373Sderaadt				status = BIOC_SDSCRUB_S;
e1dfb373Sderaadt				break;
db2730c1Smarco			case BIOC_SDINVALID:
d4546a56Sdlg			default:
8ccdd032Sderaadt				status = BIOC_SDINVALID_S;
d4546a56Sdlg			}
aa65acf1Sderaadt
b9950701Smarco			if (hotspare || unused)
aa65acf1Sderaadt				;	/* use volname from parent volume */
aa65acf1Sderaadt			else
aa65acf1Sderaadt				snprintf(volname, sizeof volname, "    %3u",
aa65acf1Sderaadt				    bd.bd_diskid);
aa65acf1Sderaadt
0054cd36Sjsing			if (bv.bv_level == 'C' && bd.bd_size == 0)
0054cd36Sjsing				snprintf(size, sizeof size, "%14s", "key disk");
0054cd36Sjsing			else if (human)
8ccdd032Sderaadt				fmt_scaled(bd.bd_size, size);
8ccdd032Sderaadt			else
8ccdd032Sderaadt				snprintf(size, sizeof size, "%14llu",
8ccdd032Sderaadt				    bd.bd_size);
8ccdd032Sderaadt			snprintf(scsiname, sizeof scsiname,
43d61178Sderaadt			    "%u:%u.%u",
43d61178Sderaadt			    bd.bd_channel, bd.bd_target, bd.bd_lun);
5978b28dSderaadt			if (bd.bd_procdev[0])
abe9d68eSderaadt				strlcpy(encname, bd.bd_procdev, sizeof encname);
5978b28dSderaadt			else
abe9d68eSderaadt				strlcpy(encname, "noencl", sizeof encname);
abe9d68eSderaadt			if (bd.bd_serial[0])
abe9d68eSderaadt				strlcpy(serial, bd.bd_serial, sizeof serial);
abe9d68eSderaadt			else
abe9d68eSderaadt				strlcpy(serial, "unknown serial", sizeof serial);
8ccdd032Sderaadt
150c22bbSjcs			printf("%11s %-10s %14s %-7s %-6s <%s>\n",
aa65acf1Sderaadt			    volname, status, size, scsiname, encname,
8ccdd032Sderaadt			    bd.bd_vendor);
abe9d68eSderaadt			if (verbose)
aa65acf1Sderaadt				printf("%7s %-10s %14s %-7s %-6s '%s'\n",
abe9d68eSderaadt				    "", "", "", "", "", serial);
d4546a56Sdlg		}
d4546a56Sdlg	}
d4546a56Sdlg}
edfd9792Smarco
edfd9792Smarcovoid
edfd9792Smarcobio_alarm(char *arg)
edfd9792Smarco{
edfd9792Smarco	int			rv;
8ccdd032Sderaadt	struct bioc_alarm	ba;
edfd9792Smarco
8ccdd032Sderaadt	ba.ba_cookie = bl.bl_cookie;
edfd9792Smarco
edfd9792Smarco	switch (arg[0]) {
edfd9792Smarco	case 'q': /* silence alarm */
edfd9792Smarco		/* FALLTHROUGH */
edfd9792Smarco	case 's':
8ccdd032Sderaadt		ba.ba_opcode = BIOC_SASILENCE;
edfd9792Smarco		break;
edfd9792Smarco
edfd9792Smarco	case 'e': /* enable alarm */
8ccdd032Sderaadt		ba.ba_opcode = BIOC_SAENABLE;
edfd9792Smarco		break;
edfd9792Smarco
edfd9792Smarco	case 'd': /* disable alarm */
8ccdd032Sderaadt		ba.ba_opcode = BIOC_SADISABLE;
edfd9792Smarco		break;
edfd9792Smarco
edfd9792Smarco	case 't': /* test alarm */
8ccdd032Sderaadt		ba.ba_opcode = BIOC_SATEST;
edfd9792Smarco		break;
edfd9792Smarco
edfd9792Smarco	case 'g': /* get alarm state */
8ccdd032Sderaadt		ba.ba_opcode = BIOC_GASTATUS;
edfd9792Smarco		break;
edfd9792Smarco
edfd9792Smarco	default:
da3b0664Shenning		errx(1, "invalid alarm function: %s", arg);
edfd9792Smarco	}
edfd9792Smarco
edfd9792Smarco	rv = ioctl(devh, BIOCALARM, &ba);
da3b0664Shenning	if (rv == -1)
da3b0664Shenning		err(1, "BIOCALARM");
edfd9792Smarco
edfd9792Smarco	if (arg[0] == 'g') {
edfd9792Smarco		printf("alarm is currently %s\n",
8ccdd032Sderaadt		    ba.ba_status ? "enabled" : "disabled");
8ccdd032Sderaadt
edfd9792Smarco	}
edfd9792Smarco}
6de960dcSmarco
a15048bbSmarcoint
a15048bbSmarcobio_getvolbyname(char *name)
a15048bbSmarco{
a15048bbSmarco	int			id = -1, i, rv;
a15048bbSmarco	struct bioc_inq		bi;
a15048bbSmarco	struct bioc_vol		bv;
a15048bbSmarco
a15048bbSmarco	memset(&bi, 0, sizeof(bi));
a15048bbSmarco	bi.bi_cookie = bl.bl_cookie;
a15048bbSmarco	rv = ioctl(devh, BIOCINQ, &bi);
a15048bbSmarco	if (rv == -1)
a15048bbSmarco		err(1, "BIOCINQ");
a15048bbSmarco
a15048bbSmarco	for (i = 0; i < bi.bi_novol; i++) {
a15048bbSmarco		memset(&bv, 0, sizeof(bv));
a15048bbSmarco		bv.bv_cookie = bl.bl_cookie;
a15048bbSmarco		bv.bv_volid = i;
a15048bbSmarco		rv = ioctl(devh, BIOCVOL, &bv);
a15048bbSmarco		if (rv == -1)
a15048bbSmarco			err(1, "BIOCVOL");
a15048bbSmarco
a15048bbSmarco		if (name && strcmp(name, bv.bv_dev) != 0)
a15048bbSmarco			continue;
a15048bbSmarco		id = i;
a15048bbSmarco		break;
a15048bbSmarco	}
a15048bbSmarco
a15048bbSmarco	return (id);
a15048bbSmarco}
a15048bbSmarco
ebaf584eSderaadtvoid
8d8693a2Sdtuckerbio_setstate(char *arg, int status, char *devicename)
6de960dcSmarco{
6de960dcSmarco	struct bioc_setstate	bs;
6de960dcSmarco	struct locator		location;
a15048bbSmarco	struct stat		sb;
41eccc89Sderaadt	const char		*errstr;
ebaf584eSderaadt	int			rv;
6de960dcSmarco
a15048bbSmarco	memset(&bs, 0, sizeof(bs));
a15048bbSmarco	if (stat(arg, &sb) == -1) {
a15048bbSmarco		/* use CTL */
41eccc89Sderaadt		errstr = str2locator(arg, &location);
41eccc89Sderaadt		if (errstr)
41eccc89Sderaadt			errx(1, "Target %s: %s", arg, errstr);
6de960dcSmarco		bs.bs_channel = location.channel;
6de960dcSmarco		bs.bs_target = location.target;
6de960dcSmarco		bs.bs_lun = location.lun;
a15048bbSmarco	} else {
a15048bbSmarco		/* use other id */
a15048bbSmarco		bs.bs_other_id = sb.st_rdev;
a15048bbSmarco		bs.bs_other_id_type = BIOC_SSOTHER_DEVT;
a15048bbSmarco	}
a15048bbSmarco
a15048bbSmarco	bs.bs_cookie = bl.bl_cookie;
a15048bbSmarco	bs.bs_status = status;
a15048bbSmarco
d2647ac1Sjsing	if (status != BIOC_SSHOTSPARE) {
a15048bbSmarco		/* make sure user supplied a sd device */
8d8693a2Sdtucker		bs.bs_volid = bio_getvolbyname(devicename);
a15048bbSmarco		if (bs.bs_volid == -1)
8d8693a2Sdtucker			errx(1, "invalid device %s", devicename);
d2647ac1Sjsing	}
6de960dcSmarco
6de960dcSmarco	rv = ioctl(devh, BIOCSETSTATE, &bs);
da3b0664Shenning	if (rv == -1)
da3b0664Shenning		err(1, "BIOCSETSTATE");
6de960dcSmarco}
c55617f1Sdlg
c55617f1Sdlgvoid
a928c459Sderaadtbio_setblink(char *name, char *arg, int blink)
c55617f1Sdlg{
50d3c4dcSdlg	struct locator		location;
50d3c4dcSdlg	struct bioc_inq		bi;
50d3c4dcSdlg	struct bioc_vol		bv;
50d3c4dcSdlg	struct bioc_disk	bd;
0505205bSdlg	struct bioc_blink	bb;
41eccc89Sderaadt	const char		*errstr;
50d3c4dcSdlg	int			v, d, rv;
c55617f1Sdlg
41eccc89Sderaadt	errstr = str2locator(arg, &location);
41eccc89Sderaadt	if (errstr)
41eccc89Sderaadt		errx(1, "Target %s: %s", arg, errstr);
50d3c4dcSdlg
0505205bSdlg	/* try setting blink on the device directly */
0505205bSdlg	memset(&bb, 0, sizeof(bb));
0505205bSdlg	bb.bb_cookie = bl.bl_cookie;
0505205bSdlg	bb.bb_status = blink;
0505205bSdlg	bb.bb_target = location.target;
649724a4Smarco	bb.bb_channel = location.channel;
0505205bSdlg	rv = ioctl(devh, BIOCBLINK, &bb);
0505205bSdlg	if (rv == 0)
0505205bSdlg		return;
0505205bSdlg
855d4e83Ssobrado	/* if the blink didn't work, try to find something that will */
0505205bSdlg
50d3c4dcSdlg	memset(&bi, 0, sizeof(bi));
50d3c4dcSdlg	bi.bi_cookie = bl.bl_cookie;
50d3c4dcSdlg	rv = ioctl(devh, BIOCINQ, &bi);
da3b0664Shenning	if (rv == -1)
da3b0664Shenning		err(1, "BIOCINQ");
50d3c4dcSdlg
50d3c4dcSdlg	for (v = 0; v < bi.bi_novol; v++) {
50d3c4dcSdlg		memset(&bv, 0, sizeof(bv));
50d3c4dcSdlg		bv.bv_cookie = bl.bl_cookie;
50d3c4dcSdlg		bv.bv_volid = v;
50d3c4dcSdlg		rv = ioctl(devh, BIOCVOL, &bv);
da3b0664Shenning		if (rv == -1)
da3b0664Shenning			err(1, "BIOCVOL");
50d3c4dcSdlg
50d3c4dcSdlg		if (name && strcmp(name, bv.bv_dev) != 0)
50d3c4dcSdlg			continue;
50d3c4dcSdlg
50d3c4dcSdlg		for (d = 0; d < bv.bv_nodisk; d++) {
50d3c4dcSdlg			memset(&bd, 0, sizeof(bd));
50d3c4dcSdlg			bd.bd_cookie = bl.bl_cookie;
50d3c4dcSdlg			bd.bd_volid = v;
50d3c4dcSdlg			bd.bd_diskid = d;
50d3c4dcSdlg
50d3c4dcSdlg			rv = ioctl(devh, BIOCDISK, &bd);
da3b0664Shenning			if (rv == -1)
da3b0664Shenning				err(1, "BIOCDISK");
50d3c4dcSdlg
50d3c4dcSdlg			if (bd.bd_channel == location.channel &&
50d3c4dcSdlg			    bd.bd_target == location.target &&
50d3c4dcSdlg			    bd.bd_lun == location.lun) {
50d3c4dcSdlg				if (bd.bd_procdev[0] != '\0') {
50d3c4dcSdlg					bio_blink(bd.bd_procdev,
a928c459Sderaadt					    location.target, blink);
50d3c4dcSdlg				} else
41eccc89Sderaadt					warnx("Disk %s is not in an enclosure", arg);
50d3c4dcSdlg				return;
50d3c4dcSdlg			}
50d3c4dcSdlg		}
50d3c4dcSdlg	}
50d3c4dcSdlg
41eccc89Sderaadt	warnx("Disk %s does not exist", arg);
50d3c4dcSdlg	return;
50d3c4dcSdlg}
50d3c4dcSdlg
50d3c4dcSdlgvoid
a928c459Sderaadtbio_blink(char *enclosure, int target, int blinktype)
50d3c4dcSdlg{
50d3c4dcSdlg	int			bioh;
50d3c4dcSdlg	struct bio_locate	bio;
50d3c4dcSdlg	struct bioc_blink	blink;
50d3c4dcSdlg	int			rv;
50d3c4dcSdlg
41eccc89Sderaadt	bioh = open("/dev/bio", O_RDWR);
50d3c4dcSdlg	if (bioh == -1)
41eccc89Sderaadt		err(1, "Can't open %s", "/dev/bio");
50d3c4dcSdlg
50d3c4dcSdlg	bio.bl_name = enclosure;
50d3c4dcSdlg	rv = ioctl(bioh, BIOCLOCATE, &bio);
50d3c4dcSdlg	if (rv == -1)
41eccc89Sderaadt		errx(1, "Can't locate %s device via %s", enclosure, "/dev/bio");
c55617f1Sdlg
c55617f1Sdlg	memset(&blink, 0, sizeof(blink));
50d3c4dcSdlg	blink.bb_cookie = bio.bl_cookie;
a928c459Sderaadt	blink.bb_status = blinktype;
c55617f1Sdlg	blink.bb_target = target;
c55617f1Sdlg
50d3c4dcSdlg	rv = ioctl(bioh, BIOCBLINK, &blink);
c55617f1Sdlg	if (rv == -1)
da3b0664Shenning		err(1, "BIOCBLINK");
50d3c4dcSdlg
50d3c4dcSdlg	close(bioh);
c55617f1Sdlg}
7195049bSmarco
a2fc2d65Stedustruct sr_aoe_config *
a2fc2d65Steducreate_aoe(u_int16_t level, char *dev_list)
a2fc2d65Stedu{
a2fc2d65Stedu	static struct sr_aoe_config sac;
a2fc2d65Stedu	char *nic;
a2fc2d65Stedu	char *dsteaddr;
a2fc2d65Stedu	char *shelf;
a2fc2d65Stedu	char *slot;
a2fc2d65Stedu	struct ether_addr *eaddr;
a2fc2d65Stedu	const char *errstr;
a2fc2d65Stedu
a2fc2d65Stedu	nic = dsteaddr = slot = shelf = 0;
a2fc2d65Stedu
a2fc2d65Stedu	memset(&sac, 0, sizeof(sac));
a2fc2d65Stedu	nic = dev_list;
a2fc2d65Stedu	dsteaddr = strchr(nic, ',');
a2fc2d65Stedu	if (!dsteaddr)
a2fc2d65Stedu		goto invalid;
a2fc2d65Stedu	*dsteaddr++ = '\0';
a2fc2d65Stedu	shelf = strchr(dsteaddr, ',');
a2fc2d65Stedu	if (!shelf)
a2fc2d65Stedu		goto invalid;
a2fc2d65Stedu	*shelf++ = '\0';
a2fc2d65Stedu	slot = strchr(shelf, ',');
a2fc2d65Stedu	if (!slot)
a2fc2d65Stedu		goto invalid;
a2fc2d65Stedu	*slot++ = '\0';
a2fc2d65Stedu	strlcpy(sac.nic, nic, sizeof(sac.nic));
a2fc2d65Stedu	eaddr = ether_aton(dsteaddr);
a2fc2d65Stedu	if (!eaddr)
a2fc2d65Stedu		goto invalid;
a2fc2d65Stedu	sac.dsteaddr = *eaddr;
a2fc2d65Stedu	sac.shelf = htons(strtonum(shelf, 0, 0xfffe, &errstr));
a2fc2d65Stedu	if (errstr)
a2fc2d65Stedu		goto invalid;
a2fc2d65Stedu	sac.slot = strtonum(slot, 0, 0xfe, &errstr);
a2fc2d65Stedu	if (errstr)
a2fc2d65Stedu		goto invalid;
a2fc2d65Stedu
a2fc2d65Stedu	return &sac;
a2fc2d65Steduinvalid:
a2fc2d65Stedu	errx(1, "invalid AOE dev list: use nic,dsteaddr,shelf,slot");
a2fc2d65Stedu}
a2fc2d65Stedu
7195049bSmarcovoid
0054cd36Sjsingbio_createraid(u_int16_t level, char *dev_list, char *key_disk)
7195049bSmarco{
7195049bSmarco	struct bioc_createraid	create;
aef7fe28Shshoexer	struct sr_crypto_kdfinfo kdfinfo;
aef7fe28Shshoexer	struct sr_crypto_kdf_pbkdf2 kdfhint;
a2fc2d65Stedu	struct sr_aoe_config	*sac;
0054cd36Sjsing	struct stat		sb;
8b0d0f28Sjsing	int			rv, no_dev, fd;
7f8eae2bSnicm	dev_t			*dt;
7195049bSmarco	u_int16_t		min_disks = 0;
7195049bSmarco
7195049bSmarco	if (!dev_list)
7195049bSmarco		errx(1, "no devices specified");
7195049bSmarco
a2fc2d65Stedu	if (level == 'a') {
a2fc2d65Stedu		sac = create_aoe(level, dev_list);
a2fc2d65Stedu		no_dev = 0;
a2fc2d65Stedu		dt = NULL;
a2fc2d65Stedu	} else  {
46bc198bSmarco		dt = (dev_t *)malloc(BIOC_CRMAXLEN);
46bc198bSmarco		if (!dt)
46bc198bSmarco			err(1, "not enough memory for dev_t list");
46bc198bSmarco		memset(dt, 0, BIOC_CRMAXLEN);
46bc198bSmarco
46bc198bSmarco		no_dev = bio_parse_devlist(dev_list, dt);
a2fc2d65Stedu	}
46bc198bSmarco
7195049bSmarco	switch (level) {
7195049bSmarco	case 0:
84e48fabSmarco		min_disks = 2;
7195049bSmarco		break;
7195049bSmarco	case 1:
7195049bSmarco		min_disks = 2;
7195049bSmarco		break;
e717853eSmarco	case 4:
e717853eSmarco	case 5:
e717853eSmarco		min_disks = 3;
e717853eSmarco		break;
84e48fabSmarco	case 'C':
aef7fe28Shshoexer		min_disks = 1;
84e48fabSmarco		break;
98b750e4Stedu	case 'c':
98b750e4Stedu		min_disks = 1;
98b750e4Stedu		break;
a2fc2d65Stedu	case 'a':
a2fc2d65Stedu		break;
7195049bSmarco	default:
23afedbfSgrunk		errx(1, "unsupported raid level");
7195049bSmarco	}
7195049bSmarco
84e48fabSmarco	if (no_dev < min_disks)
84e48fabSmarco		errx(1, "not enough disks");
84e48fabSmarco
aef7fe28Shshoexer	/* for crypto raid we only allow one single chunk */
aef7fe28Shshoexer	if (level == 'C' && no_dev != min_disks)
818b0595Shalex		errx(1, "not exactly one partition");
aef7fe28Shshoexer
7195049bSmarco	memset(&create, 0, sizeof(create));
7195049bSmarco	create.bc_cookie = bl.bl_cookie;
7195049bSmarco	create.bc_level = level;
46bc198bSmarco	create.bc_dev_list_len = no_dev * sizeof(dev_t);
46bc198bSmarco	create.bc_dev_list = dt;
e8a57fdeSmarco	create.bc_flags = BIOC_SCDEVT | cflags;
0054cd36Sjsing	create.bc_key_disk = NODEV;
7195049bSmarco
a2fc2d65Stedu	if (level == 'a') {
a2fc2d65Stedu		create.bc_opaque = sac;
a2fc2d65Stedu		create.bc_opaque_size = sizeof(*sac);
a2fc2d65Stedu		create.bc_opaque_flags = BIOC_SOIN;
a2fc2d65Stedu	} else if (level == 'C' && key_disk == NULL) {
0054cd36Sjsing
aef7fe28Shshoexer		memset(&kdfinfo, 0, sizeof(kdfinfo));
aef7fe28Shshoexer		memset(&kdfhint, 0, sizeof(kdfhint));
aef7fe28Shshoexer
0054cd36Sjsing		create.bc_flags |= BIOC_SCNOAUTOASSEMBLE;
0054cd36Sjsing
aef7fe28Shshoexer		create.bc_opaque = &kdfhint;
aef7fe28Shshoexer		create.bc_opaque_size = sizeof(kdfhint);
aef7fe28Shshoexer		create.bc_opaque_flags = BIOC_SOOUT;
aef7fe28Shshoexer
aef7fe28Shshoexer		/* try to get KDF hint */
83e979edShshoexer		if (ioctl(devh, BIOCCREATERAID, &create) == -1)
83e979edShshoexer			err(1, "ioctl");
83e979edShshoexer
83e979edShshoexer		if (create.bc_opaque_status == BIOC_SOINOUT_OK) {
c6446370Sjsing			bio_kdf_derive(&kdfinfo, &kdfhint, "Passphrase: ", 0);
aef7fe28Shshoexer			memset(&kdfhint, 0, sizeof(kdfhint));
aef7fe28Shshoexer		} else  {
aef7fe28Shshoexer			bio_kdf_generate(&kdfinfo);
aef7fe28Shshoexer		}
aef7fe28Shshoexer
aef7fe28Shshoexer		create.bc_opaque = &kdfinfo;
aef7fe28Shshoexer		create.bc_opaque_size = sizeof(kdfinfo);
aef7fe28Shshoexer		create.bc_opaque_flags = BIOC_SOIN;
0054cd36Sjsing
0054cd36Sjsing	} else if (level == 'C' && key_disk != NULL) {
0054cd36Sjsing
8b0d0f28Sjsing		/* Get device number for key disk. */
8b0d0f28Sjsing		fd = opendev(key_disk, O_RDONLY, OPENDEV_BLCK, NULL);
8b0d0f28Sjsing		if (fd == -1)
8b0d0f28Sjsing			err(1, "could not open %s", key_disk);
8b0d0f28Sjsing		if (fstat(fd, &sb) == -1) {
8b0d0f28Sjsing			close(fd);
0054cd36Sjsing			err(1, "could not stat %s", key_disk);
8b0d0f28Sjsing		}
8b0d0f28Sjsing		close(fd);
0054cd36Sjsing		create.bc_key_disk = sb.st_rdev;
0054cd36Sjsing
0054cd36Sjsing		memset(&kdfinfo, 0, sizeof(kdfinfo));
0054cd36Sjsing
0054cd36Sjsing		kdfinfo.genkdf.len = sizeof(kdfinfo.genkdf);
0054cd36Sjsing		kdfinfo.genkdf.type = SR_CRYPTOKDFT_KEYDISK;
0054cd36Sjsing		kdfinfo.len = sizeof(kdfinfo);
0054cd36Sjsing		kdfinfo.flags = SR_CRYPTOKDF_HINT;
0054cd36Sjsing
0054cd36Sjsing		create.bc_opaque = &kdfinfo;
0054cd36Sjsing		create.bc_opaque_size = sizeof(kdfinfo);
0054cd36Sjsing		create.bc_opaque_flags = BIOC_SOIN;
0054cd36Sjsing
aef7fe28Shshoexer	}
aef7fe28Shshoexer
7195049bSmarco	rv = ioctl(devh, BIOCCREATERAID, &create);
aef7fe28Shshoexer	memset(&kdfinfo, 0, sizeof(kdfinfo));
83e979edShshoexer	memset(&create, 0, sizeof(create));
a83e4577Sdjm	if (rv == -1) {
a83e4577Sdjm		if (errno == EPERM)
a83e4577Sdjm			errx(1, "Incorrect passphrase");
da3b0664Shenning		err(1, "BIOCCREATERAID");
a83e4577Sdjm	}
46bc198bSmarco
46bc198bSmarco	free(dt);
46bc198bSmarco}
46bc198bSmarco
aef7fe28Shshoexervoid
aef7fe28Shshoexerbio_kdf_derive(struct sr_crypto_kdfinfo *kdfinfo, struct sr_crypto_kdf_pbkdf2
c6446370Sjsing    *kdfhint, char* prompt, int verify)
aef7fe28Shshoexer{
aef7fe28Shshoexer	if (!kdfinfo)
aef7fe28Shshoexer		errx(1, "invalid KDF info");
aef7fe28Shshoexer	if (!kdfhint)
aef7fe28Shshoexer		errx(1, "invalid KDF hint");
aef7fe28Shshoexer
aef7fe28Shshoexer	if (kdfhint->len != sizeof(*kdfhint))
aef7fe28Shshoexer		errx(1, "KDF hint has invalid size");
aef7fe28Shshoexer	if (kdfhint->type != SR_CRYPTOKDFT_PBKDF2)
aef7fe28Shshoexer		errx(1, "unknown KDF type %d", kdfhint->type);
aef7fe28Shshoexer	if (kdfhint->rounds < 1000)
aef7fe28Shshoexer		errx(1, "number of KDF rounds too low: %d", kdfhint->rounds);
aef7fe28Shshoexer
aef7fe28Shshoexer	kdfinfo->flags = SR_CRYPTOKDF_KEY;
aef7fe28Shshoexer	kdfinfo->len = sizeof(*kdfinfo);
aef7fe28Shshoexer
9e8c6f5bShshoexer	derive_key_pkcs(kdfhint->rounds,
aef7fe28Shshoexer	    kdfinfo->maskkey, sizeof(kdfinfo->maskkey),
c6446370Sjsing	    kdfhint->salt, sizeof(kdfhint->salt), prompt, verify);
aef7fe28Shshoexer}
aef7fe28Shshoexer
aef7fe28Shshoexervoid
aef7fe28Shshoexerbio_kdf_generate(struct sr_crypto_kdfinfo *kdfinfo)
aef7fe28Shshoexer{
aef7fe28Shshoexer	if (!kdfinfo)
aef7fe28Shshoexer		errx(1, "invalid KDF info");
aef7fe28Shshoexer
aef7fe28Shshoexer	kdfinfo->pbkdf2.len = sizeof(kdfinfo->pbkdf2);
aef7fe28Shshoexer	kdfinfo->pbkdf2.type = SR_CRYPTOKDFT_PBKDF2;
aedd4f07Sdjm	kdfinfo->pbkdf2.rounds = rflag;
aef7fe28Shshoexer	kdfinfo->len = sizeof(*kdfinfo);
0054cd36Sjsing	kdfinfo->flags = SR_CRYPTOKDF_KEY | SR_CRYPTOKDF_HINT;
aef7fe28Shshoexer
aef7fe28Shshoexer	/* generate salt */
aef7fe28Shshoexer	arc4random_buf(kdfinfo->pbkdf2.salt, sizeof(kdfinfo->pbkdf2.salt));
aef7fe28Shshoexer
9e8c6f5bShshoexer	derive_key_pkcs(kdfinfo->pbkdf2.rounds,
aef7fe28Shshoexer	    kdfinfo->maskkey, sizeof(kdfinfo->maskkey),
c6446370Sjsing	    kdfinfo->pbkdf2.salt, sizeof(kdfinfo->pbkdf2.salt),
c6446370Sjsing	    "New passphrase: ", 1);
aef7fe28Shshoexer}
aef7fe28Shshoexer
46bc198bSmarcoint
46bc198bSmarcobio_parse_devlist(char *lst, dev_t *dt)
46bc198bSmarco{
46bc198bSmarco	char			*s, *e;
46bc198bSmarco	u_int32_t		sz = 0;
46bc198bSmarco	int			no_dev = 0, i, x;
46bc198bSmarco	struct stat		sb;
5c1f8f6bSdjm	char			dev[MAXPATHLEN];
e37c64dbSjsing	int			fd;
46bc198bSmarco
46bc198bSmarco	if (!lst)
46bc198bSmarco		errx(1, "invalid device list");
46bc198bSmarco
46bc198bSmarco	s = e = lst;
46bc198bSmarco	/* make sure we have a valid device list like /dev/sdNa,/dev/sdNNa */
46bc198bSmarco	while (*e != '\0') {
46bc198bSmarco		if (*e == ',')
46bc198bSmarco			s = e + 1;
46bc198bSmarco		else if (*(e + 1) == '\0' || *(e + 1) == ',') {
46bc198bSmarco			/* got one */
46bc198bSmarco			sz = e - s + 1;
5c1f8f6bSdjm			strlcpy(dev, s, sz + 1);
e37c64dbSjsing			fd = opendev(dev, O_RDONLY, OPENDEV_BLCK, NULL);
e37c64dbSjsing			if (fd == -1)
e37c64dbSjsing				err(1, "could not open %s", dev);
e37c64dbSjsing			if (fstat(fd, &sb) == -1) {
e37c64dbSjsing				close(fd);
5c1f8f6bSdjm				err(1, "could not stat %s", dev);
e37c64dbSjsing			}
e37c64dbSjsing			close(fd);
46bc198bSmarco			dt[no_dev] = sb.st_rdev;
46bc198bSmarco			no_dev++;
5c1f8f6bSdjm			if (no_dev > (int)(BIOC_CRMAXLEN / sizeof(dev_t)))
46bc198bSmarco				errx(1, "too many devices on device list");
46bc198bSmarco		}
46bc198bSmarco		e++;
46bc198bSmarco	}
46bc198bSmarco
46bc198bSmarco	for (i = 0; i < no_dev; i++)
46bc198bSmarco		for (x = 0; x < no_dev; x++)
46bc198bSmarco			if (dt[i] == dt[x] && x != i)
46bc198bSmarco				errx(1, "duplicate device in list");
46bc198bSmarco
46bc198bSmarco	return (no_dev);
7195049bSmarco}
e8a57fdeSmarco
e8a57fdeSmarcou_int32_t
e8a57fdeSmarcobio_createflags(char *lst)
e8a57fdeSmarco{
e8a57fdeSmarco	char			*s, *e, fs[32];
e8a57fdeSmarco	u_int32_t		sz = 0;
e8a57fdeSmarco	u_int32_t		flags = 0;
e8a57fdeSmarco
e8a57fdeSmarco	if (!lst)
e8a57fdeSmarco		errx(1, "invalid flags list");
e8a57fdeSmarco
e8a57fdeSmarco	s = e = lst;
e8a57fdeSmarco	/* make sure we have a valid flags list like force,noassemeble */
e8a57fdeSmarco	while (*e != '\0') {
e8a57fdeSmarco		if (*e == ',')
e8a57fdeSmarco			s = e + 1;
e8a57fdeSmarco		else if (*(e + 1) == '\0' || *(e + 1) == ',') {
e8a57fdeSmarco			/* got one */
e8a57fdeSmarco			sz = e - s + 1;
e8a57fdeSmarco			switch (s[0]) {
e8a57fdeSmarco			case 'f':
e8a57fdeSmarco				flags |= BIOC_SCFORCE;
e8a57fdeSmarco				break;
e8a57fdeSmarco			case 'n':
e8a57fdeSmarco				flags |= BIOC_SCNOAUTOASSEMBLE;
e8a57fdeSmarco				break;
e8a57fdeSmarco			default:
e8a57fdeSmarco				strlcpy(fs, s, sz + 1);
e8a57fdeSmarco				errx(1, "invalid flag %s", fs);
e8a57fdeSmarco			}
e8a57fdeSmarco		}
e8a57fdeSmarco		e++;
e8a57fdeSmarco	}
e8a57fdeSmarco
e8a57fdeSmarco	return (flags);
e8a57fdeSmarco}
03b2dfbfShenning
c7c3e8aaSmarcovoid
c7c3e8aaSmarcobio_deleteraid(char *dev)
c7c3e8aaSmarco{
c7c3e8aaSmarco	struct bioc_deleteraid	bd;
c7c3e8aaSmarco	memset(&bd, 0, sizeof(bd));
c7c3e8aaSmarco
c7c3e8aaSmarco	bd.bd_cookie = bd.bd_cookie;
a15048bbSmarco	/* XXX make this a dev_t instead of a string */
c7c3e8aaSmarco	strlcpy(bd.bd_dev, dev, sizeof bd.bd_dev);
c7c3e8aaSmarco	if (ioctl(devh, BIOCDELETERAID, &bd))
c7c3e8aaSmarco		errx(1, "delete volume %s failed", dev);
c7c3e8aaSmarco}
c7c3e8aaSmarco
c6446370Sjsingvoid
c6446370Sjsingbio_changepass(char *dev)
c6446370Sjsing{
c6446370Sjsing	struct bioc_discipline bd;
c6446370Sjsing	struct sr_crypto_kdfpair kdfpair;
c6446370Sjsing	struct sr_crypto_kdfinfo kdfinfo1, kdfinfo2;
c6446370Sjsing	struct sr_crypto_kdf_pbkdf2 kdfhint;
c6446370Sjsing	int rv;
c6446370Sjsing
c6446370Sjsing	memset(&bd, 0, sizeof(bd));
c6446370Sjsing	memset(&kdfhint, 0, sizeof(kdfhint));
c6446370Sjsing	memset(&kdfinfo1, 0, sizeof(kdfinfo1));
c6446370Sjsing	memset(&kdfinfo2, 0, sizeof(kdfinfo2));
c6446370Sjsing
c6446370Sjsing	/* XXX use dev_t instead of string. */
c6446370Sjsing	strlcpy(bd.bd_dev, dev, sizeof(bd.bd_dev));
c6446370Sjsing	bd.bd_cmd = SR_IOCTL_GET_KDFHINT;
c6446370Sjsing	bd.bd_size = sizeof(kdfhint);
c6446370Sjsing	bd.bd_data = &kdfhint;
c6446370Sjsing
c6446370Sjsing	if (ioctl(devh, BIOCDISCIPLINE, &bd))
c6446370Sjsing		errx(1, "%s: failed to get KDF hint", dev);
c6446370Sjsing
c6446370Sjsing	/* Current passphrase. */
c6446370Sjsing	bio_kdf_derive(&kdfinfo1, &kdfhint, "Old passphrase: ", 0);
c6446370Sjsing
c6446370Sjsing	/* New passphrase. */
c6446370Sjsing	bio_kdf_derive(&kdfinfo2, &kdfhint, "New passphrase: ", 1);
c6446370Sjsing
c6446370Sjsing	kdfpair.kdfinfo1 = &kdfinfo1;
c6446370Sjsing	kdfpair.kdfsize1 = sizeof(kdfinfo1);
c6446370Sjsing	kdfpair.kdfinfo2 = &kdfinfo2;
c6446370Sjsing	kdfpair.kdfsize2 = sizeof(kdfinfo2);
c6446370Sjsing
c6446370Sjsing	bd.bd_cmd = SR_IOCTL_CHANGE_PASSPHRASE;
c6446370Sjsing	bd.bd_size = sizeof(kdfpair);
c6446370Sjsing	bd.bd_data = &kdfpair;
c6446370Sjsing
c6446370Sjsing	rv = ioctl(devh, BIOCDISCIPLINE, &bd);
c6446370Sjsing
c6446370Sjsing	memset(&kdfhint, 0, sizeof(kdfhint));
c6446370Sjsing	memset(&kdfinfo1, 0, sizeof(kdfinfo1));
c6446370Sjsing	memset(&kdfinfo2, 0, sizeof(kdfinfo2));
c6446370Sjsing
c6446370Sjsing	if (rv) {
c6446370Sjsing		if (errno == EPERM)
c6446370Sjsing			errx(1, "%s: incorrect passphrase", dev);
c6446370Sjsing		else
c6446370Sjsing			errx(1, "%s: failed to change passphrase", dev);
c6446370Sjsing	}
c6446370Sjsing}
c6446370Sjsing
03b2dfbfShenning#define BIOCTL_VIS_NBUF		4
03b2dfbfShenning#define BIOCTL_VIS_BUFLEN	80
03b2dfbfShenning
03b2dfbfShenningchar *
03b2dfbfShenningbio_vis(char *s)
03b2dfbfShenning{
03b2dfbfShenning	static char	 rbuf[BIOCTL_VIS_NBUF][BIOCTL_VIS_BUFLEN];
03b2dfbfShenning	static uint	 idx = 0;
03b2dfbfShenning	char		*buf;
03b2dfbfShenning
03b2dfbfShenning	buf = rbuf[idx++];
03b2dfbfShenning	if (idx == BIOCTL_VIS_NBUF)
03b2dfbfShenning		idx = 0;
03b2dfbfShenning
03b2dfbfShenning	strnvis(buf, s, BIOCTL_VIS_BUFLEN, VIS_NL|VIS_CSTYLE);
03b2dfbfShenning	return (buf);
03b2dfbfShenning}
03b2dfbfShenning
03b2dfbfShenningvoid
03b2dfbfShenningbio_diskinq(char *sd_dev)
03b2dfbfShenning{
03b2dfbfShenning	struct dk_inquiry	di;
03b2dfbfShenning
da3b0664Shenning	if (ioctl(devh, DIOCINQ, &di) == -1)
da3b0664Shenning		err(1, "DIOCINQ");
03b2dfbfShenning
03b2dfbfShenning	printf("%s: <%s, %s, %s>, serial %s\n", sd_dev, bio_vis(di.vendor),
03b2dfbfShenning	    bio_vis(di.product), bio_vis(di.revision), bio_vis(di.serial));
03b2dfbfShenning}
aef7fe28Shshoexer
aef7fe28Shshoexervoid
9e8c6f5bShshoexerderive_key_pkcs(int rounds, u_int8_t *key, size_t keysz, u_int8_t *salt,
c6446370Sjsing    size_t saltsz, char *prompt, int verify)
aef7fe28Shshoexer{
86735da2Smarco	FILE		*f;
86735da2Smarco	size_t		pl;
86735da2Smarco	struct stat	sb;
9e8c6f5bShshoexer	char		passphrase[1024], verifybuf[1024];
aef7fe28Shshoexer
aef7fe28Shshoexer	if (!key)
aef7fe28Shshoexer		errx(1, "Invalid key");
aef7fe28Shshoexer	if (!salt)
aef7fe28Shshoexer		errx(1, "Invalid salt");
aef7fe28Shshoexer	if (rounds < 1000)
b4604b5cShalex		errx(1, "Too few rounds: %d", rounds);
aef7fe28Shshoexer
aef7fe28Shshoexer	/* get passphrase */
ba3d8661Smarco	if (password && verify)
ba3d8661Smarco		errx(1, "can't specify passphrase file during initial "
ba3d8661Smarco		    "creation of crypto volume");
ba3d8661Smarco	if (password) {
86735da2Smarco		if ((f = fopen(password, "r")) == NULL)
86735da2Smarco			err(1, "invalid passphrase file");
86735da2Smarco
86735da2Smarco		if (fstat(fileno(f), &sb) == -1)
86735da2Smarco			err(1, "can't stat passphrase file");
86735da2Smarco		if (sb.st_uid != 0)
86735da2Smarco			errx(1, "passphrase file must be owned by root");
86735da2Smarco		if ((sb.st_mode & ~S_IFMT) != (S_IRUSR | S_IWUSR))
86735da2Smarco			errx(1, "passphrase file has the wrong permissions");
86735da2Smarco
86735da2Smarco		if (fgets(passphrase, sizeof(passphrase), f) == NULL)
86735da2Smarco			err(1, "can't read passphrase file");
86735da2Smarco		pl = strlen(passphrase);
86735da2Smarco		if (pl > 0 && passphrase[pl - 1] == '\n')
86735da2Smarco			passphrase[pl - 1] = '\0';
86735da2Smarco		else
86735da2Smarco			errx(1, "invalid passphrase length");
86735da2Smarco
86735da2Smarco		fclose(f);
ba3d8661Smarco	} else {
c6446370Sjsing		if (readpassphrase(prompt, passphrase, sizeof(passphrase),
b96c6ce2Sckuethe		    rpp_flag) == NULL)
9e8c6f5bShshoexer			errx(1, "unable to read passphrase");
ba3d8661Smarco	}
9e8c6f5bShshoexer
9e8c6f5bShshoexer	if (verify) {
9e8c6f5bShshoexer		/* request user to re-type it */
9e8c6f5bShshoexer		if (readpassphrase("Re-type passphrase: ", verifybuf,
b96c6ce2Sckuethe		    sizeof(verifybuf), rpp_flag) == NULL) {
9e8c6f5bShshoexer			memset(passphrase, 0, sizeof(passphrase));
9e8c6f5bShshoexer			errx(1, "unable to read passphrase");
9e8c6f5bShshoexer		}
9e8c6f5bShshoexer		if ((strlen(passphrase) != strlen(verifybuf)) ||
9e8c6f5bShshoexer		    (strcmp(passphrase, verifybuf) != 0)) {
9e8c6f5bShshoexer			memset(passphrase, 0, sizeof(passphrase));
9e8c6f5bShshoexer			memset(verifybuf, 0, sizeof(verifybuf));
9e8c6f5bShshoexer			errx(1, "Passphrases did not match");
9e8c6f5bShshoexer		}
9e8c6f5bShshoexer		/* forget the re-typed one */
9e8c6f5bShshoexer		memset(verifybuf, 0, strlen(verifybuf));
9e8c6f5bShshoexer	}
aef7fe28Shshoexer
aef7fe28Shshoexer	/* derive key from passphrase */
5c1f8f6bSdjm	if (pkcs5_pbkdf2(passphrase, strlen(passphrase), salt, saltsz,
5c1f8f6bSdjm	    key, keysz, rounds) != 0)
5c1f8f6bSdjm		errx(1, "pbkdf2 failed");
aef7fe28Shshoexer
aef7fe28Shshoexer	/* forget passphrase */
9e8c6f5bShshoexer	memset(passphrase, 0, sizeof(passphrase));
aef7fe28Shshoexer
aef7fe28Shshoexer	return;
aef7fe28Shshoexer}