]>
Commit | Line | Data |
---|---|---|
b5256303 TC |
1 | /* |
2 | * CDDL HEADER START | |
3 | * | |
4 | * This file and its contents are supplied under the terms of the | |
5 | * Common Development and Distribution License ("CDDL"), version 1.0. | |
6 | * You may only use this file in accordance with the terms of version | |
7 | * 1.0 of the CDDL. | |
8 | * | |
9 | * A full copy of the text of the CDDL should have accompanied this | |
10 | * source. A copy of the CDDL is also available via the Internet at | |
11 | * http://www.illumos.org/license/CDDL. | |
12 | * | |
13 | * CDDL HEADER END | |
14 | */ | |
15 | ||
16 | /* | |
17 | * Copyright (c) 2017, Datto, Inc. All rights reserved. | |
18 | */ | |
19 | ||
20 | #ifndef _SYS_DSL_CRYPT_H | |
21 | #define _SYS_DSL_CRYPT_H | |
22 | ||
23 | #include <sys/dmu_tx.h> | |
24 | #include <sys/dmu.h> | |
25 | #include <sys/zio_crypt.h> | |
26 | #include <sys/spa.h> | |
27 | #include <sys/dsl_dataset.h> | |
28 | ||
29 | /* | |
30 | * ZAP entry keys for DSL Crypto Keys stored on disk. In addition, | |
31 | * ZFS_PROP_KEYFORMAT, ZFS_PROP_PBKDF2_SALT, and ZFS_PROP_PBKDF2_ITERS are | |
32 | * also maintained here using their respective property names. | |
33 | */ | |
34 | #define DSL_CRYPTO_KEY_CRYPTO_SUITE "DSL_CRYPTO_SUITE" | |
35 | #define DSL_CRYPTO_KEY_GUID "DSL_CRYPTO_GUID" | |
36 | #define DSL_CRYPTO_KEY_IV "DSL_CRYPTO_IV" | |
37 | #define DSL_CRYPTO_KEY_MAC "DSL_CRYPTO_MAC" | |
38 | #define DSL_CRYPTO_KEY_MASTER_KEY "DSL_CRYPTO_MASTER_KEY_1" | |
39 | #define DSL_CRYPTO_KEY_HMAC_KEY "DSL_CRYPTO_HMAC_KEY_1" | |
40 | #define DSL_CRYPTO_KEY_ROOT_DDOBJ "DSL_CRYPTO_ROOT_DDOBJ" | |
41 | #define DSL_CRYPTO_KEY_REFCOUNT "DSL_CRYPTO_REFCOUNT" | |
ae76f45c | 42 | #define DSL_CRYPTO_KEY_VERSION "DSL_CRYPTO_VERSION" |
b5256303 TC |
43 | |
44 | /* | |
45 | * In-memory representation of a wrapping key. One of these structs will exist | |
46 | * for each encryption root with its key loaded. | |
47 | */ | |
48 | typedef struct dsl_wrapping_key { | |
49 | /* link on spa_keystore_t:sk_wkeys */ | |
50 | avl_node_t wk_avl_link; | |
51 | ||
52 | /* keyformat property enum */ | |
53 | zfs_keyformat_t wk_keyformat; | |
54 | ||
55 | /* the pbkdf2 salt, if the keyformat is of type passphrase */ | |
56 | uint64_t wk_salt; | |
57 | ||
58 | /* the pbkdf2 iterations, if the keyformat is of type passphrase */ | |
59 | uint64_t wk_iters; | |
60 | ||
61 | /* actual wrapping key */ | |
62 | crypto_key_t wk_key; | |
63 | ||
64 | /* refcount of number of dsl_crypto_key_t's holding this struct */ | |
c13060e4 | 65 | zfs_refcount_t wk_refcnt; |
b5256303 TC |
66 | |
67 | /* dsl directory object that owns this wrapping key */ | |
68 | uint64_t wk_ddobj; | |
69 | } dsl_wrapping_key_t; | |
70 | ||
71 | /* enum of commands indicating special actions that should be run */ | |
72 | typedef enum dcp_cmd { | |
73 | /* key creation commands */ | |
74 | DCP_CMD_NONE = 0, /* no specific command */ | |
75 | DCP_CMD_RAW_RECV, /* raw receive */ | |
76 | ||
77 | /* key changing commands */ | |
78 | DCP_CMD_NEW_KEY, /* rewrap key as an encryption root */ | |
79 | DCP_CMD_INHERIT, /* rewrap key with parent's wrapping key */ | |
80 | DCP_CMD_FORCE_NEW_KEY, /* change to encryption root without rewrap */ | |
81 | DCP_CMD_FORCE_INHERIT, /* inherit parent's key without rewrap */ | |
82 | ||
83 | DCP_CMD_MAX | |
84 | } dcp_cmd_t; | |
85 | ||
86 | /* | |
87 | * This struct is a simple wrapper around all the parameters that are usually | |
88 | * required to setup encryption. It exists so that all of the params can be | |
89 | * passed around the kernel together for convenience. | |
90 | */ | |
91 | typedef struct dsl_crypto_params { | |
92 | /* command indicating intended action */ | |
93 | dcp_cmd_t cp_cmd; | |
94 | ||
95 | /* the encryption algorithm */ | |
96 | enum zio_encrypt cp_crypt; | |
97 | ||
98 | /* keylocation property string */ | |
99 | char *cp_keylocation; | |
100 | ||
101 | /* the wrapping key */ | |
102 | dsl_wrapping_key_t *cp_wkey; | |
103 | } dsl_crypto_params_t; | |
104 | ||
105 | /* | |
106 | * In-memory representation of a DSL Crypto Key object. One of these structs | |
107 | * (and corresponding on-disk ZAP object) will exist for each encrypted | |
108 | * clone family that is mounted or otherwise reading protected data. | |
109 | */ | |
110 | typedef struct dsl_crypto_key { | |
111 | /* link on spa_keystore_t:sk_dsl_keys */ | |
112 | avl_node_t dck_avl_link; | |
113 | ||
52ce99dd | 114 | /* refcount of holders of this key */ |
c13060e4 | 115 | zfs_refcount_t dck_holds; |
b5256303 TC |
116 | |
117 | /* master key used to derive encryption keys */ | |
118 | zio_crypt_key_t dck_key; | |
119 | ||
120 | /* wrapping key for syncing this structure to disk */ | |
121 | dsl_wrapping_key_t *dck_wkey; | |
122 | ||
123 | /* on-disk object id */ | |
124 | uint64_t dck_obj; | |
125 | } dsl_crypto_key_t; | |
126 | ||
127 | /* | |
128 | * In-memory mapping of a dataset object id to a DSL Crypto Key. This is used | |
129 | * to look up the corresponding dsl_crypto_key_t from the zio layer for | |
130 | * performing data encryption and decryption. | |
131 | */ | |
132 | typedef struct dsl_key_mapping { | |
133 | /* link on spa_keystore_t:sk_key_mappings */ | |
134 | avl_node_t km_avl_link; | |
135 | ||
136 | /* refcount of how many users are depending on this mapping */ | |
c13060e4 | 137 | zfs_refcount_t km_refcnt; |
b5256303 TC |
138 | |
139 | /* dataset this crypto key belongs to (index) */ | |
140 | uint64_t km_dsobj; | |
141 | ||
142 | /* crypto key (value) of this record */ | |
143 | dsl_crypto_key_t *km_key; | |
144 | } dsl_key_mapping_t; | |
145 | ||
146 | /* in memory structure for holding all wrapping and dsl keys */ | |
147 | typedef struct spa_keystore { | |
148 | /* lock for protecting sk_dsl_keys */ | |
149 | krwlock_t sk_dk_lock; | |
150 | ||
151 | /* tree of all dsl_crypto_key_t's */ | |
152 | avl_tree_t sk_dsl_keys; | |
153 | ||
154 | /* lock for protecting sk_key_mappings */ | |
155 | krwlock_t sk_km_lock; | |
156 | ||
157 | /* tree of all dsl_key_mapping_t's, indexed by dsobj */ | |
158 | avl_tree_t sk_key_mappings; | |
159 | ||
160 | /* lock for protecting the wrapping keys tree */ | |
161 | krwlock_t sk_wkeys_lock; | |
162 | ||
163 | /* tree of all dsl_wrapping_key_t's, indexed by ddobj */ | |
164 | avl_tree_t sk_wkeys; | |
165 | } spa_keystore_t; | |
166 | ||
167 | int dsl_crypto_params_create_nvlist(dcp_cmd_t cmd, nvlist_t *props, | |
168 | nvlist_t *crypto_args, dsl_crypto_params_t **dcp_out); | |
169 | void dsl_crypto_params_free(dsl_crypto_params_t *dcp, boolean_t unload); | |
170 | void dsl_dataset_crypt_stats(struct dsl_dataset *ds, nvlist_t *nv); | |
171 | int dsl_crypto_can_set_keylocation(const char *dsname, const char *keylocation); | |
ae76f45c | 172 | boolean_t dsl_dir_incompatible_encryption_version(dsl_dir_t *dd); |
b5256303 TC |
173 | |
174 | void spa_keystore_init(spa_keystore_t *sk); | |
175 | void spa_keystore_fini(spa_keystore_t *sk); | |
176 | ||
177 | void spa_keystore_dsl_key_rele(spa_t *spa, dsl_crypto_key_t *dck, void *tag); | |
178 | int spa_keystore_load_wkey_impl(spa_t *spa, dsl_wrapping_key_t *wkey); | |
179 | int spa_keystore_load_wkey(const char *dsname, dsl_crypto_params_t *dcp, | |
180 | boolean_t noop); | |
181 | int spa_keystore_unload_wkey_impl(spa_t *spa, uint64_t ddobj); | |
182 | int spa_keystore_unload_wkey(const char *dsname); | |
183 | ||
52ce99dd TC |
184 | int spa_keystore_create_mapping(spa_t *spa, struct dsl_dataset *ds, void *tag, |
185 | dsl_key_mapping_t **km_out); | |
b5256303 | 186 | int spa_keystore_remove_mapping(spa_t *spa, uint64_t dsobj, void *tag); |
52ce99dd TC |
187 | void key_mapping_add_ref(dsl_key_mapping_t *km, void *tag); |
188 | void key_mapping_rele(spa_t *spa, dsl_key_mapping_t *km, void *tag); | |
b5256303 TC |
189 | int spa_keystore_lookup_key(spa_t *spa, uint64_t dsobj, void *tag, |
190 | dsl_crypto_key_t **dck_out); | |
191 | ||
192 | int dsl_crypto_populate_key_nvlist(struct dsl_dataset *ds, nvlist_t **nvl_out); | |
b0918402 TC |
193 | int dsl_crypto_recv_raw_key_check(struct dsl_dataset *ds, |
194 | nvlist_t *nvl, dmu_tx_t *tx); | |
195 | void dsl_crypto_recv_raw_key_sync(struct dsl_dataset *ds, | |
196 | nvlist_t *nvl, dmu_tx_t *tx); | |
197 | int dsl_crypto_recv_raw(const char *poolname, uint64_t dsobj, | |
198 | dmu_objset_type_t ostype, nvlist_t *nvl, boolean_t do_key); | |
b5256303 TC |
199 | |
200 | int spa_keystore_change_key(const char *dsname, dsl_crypto_params_t *dcp); | |
201 | int dsl_dir_rename_crypt_check(dsl_dir_t *dd, dsl_dir_t *newparent); | |
202 | int dsl_dataset_promote_crypt_check(dsl_dir_t *target, dsl_dir_t *origin); | |
203 | void dsl_dataset_promote_crypt_sync(dsl_dir_t *target, dsl_dir_t *origin, | |
204 | dmu_tx_t *tx); | |
205 | int dmu_objset_create_crypt_check(dsl_dir_t *parentdd, | |
1fff937a | 206 | dsl_crypto_params_t *dcp, boolean_t *will_encrypt); |
b5256303 TC |
207 | void dsl_dataset_create_crypt_sync(uint64_t dsobj, dsl_dir_t *dd, |
208 | struct dsl_dataset *origin, dsl_crypto_params_t *dcp, dmu_tx_t *tx); | |
209 | uint64_t dsl_crypto_key_create_sync(uint64_t crypt, dsl_wrapping_key_t *wkey, | |
210 | dmu_tx_t *tx); | |
211 | int dmu_objset_clone_crypt_check(dsl_dir_t *parentdd, dsl_dir_t *origindd); | |
212 | uint64_t dsl_crypto_key_clone_sync(dsl_dir_t *origindd, dmu_tx_t *tx); | |
213 | void dsl_crypto_key_destroy_sync(uint64_t dckobj, dmu_tx_t *tx); | |
214 | ||
215 | int spa_crypt_get_salt(spa_t *spa, uint64_t dsobj, uint8_t *salt); | |
216 | int spa_do_crypt_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj, | |
217 | abd_t *abd, uint_t datalen, uint8_t *mac); | |
218 | int spa_do_crypt_objset_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj, | |
219 | abd_t *abd, uint_t datalen, boolean_t byteswap); | |
be9a5c35 TC |
220 | int spa_do_crypt_abd(boolean_t encrypt, spa_t *spa, const zbookmark_phys_t *zb, |
221 | dmu_object_type_t ot, boolean_t dedup, boolean_t bswap, uint8_t *salt, | |
222 | uint8_t *iv, uint8_t *mac, uint_t datalen, abd_t *pabd, abd_t *cabd, | |
223 | boolean_t *no_crypt); | |
b5256303 TC |
224 | |
225 | #endif |