diff options
-rw-r--r-- | sbin/bioctl/bioctl.c | 29 | ||||
-rw-r--r-- | sys/dev/softraid.c | 3 | ||||
-rw-r--r-- | sys/dev/softraid_crypto.c | 3 | ||||
-rw-r--r-- | sys/dev/softraid_raidp.c | 3 | ||||
-rw-r--r-- | sys/dev/softraidvar.h | 150 |
5 files changed, 98 insertions, 90 deletions
diff --git a/sbin/bioctl/bioctl.c b/sbin/bioctl/bioctl.c index a8b1238ac17..887005f20fc 100644 --- a/sbin/bioctl/bioctl.c +++ b/sbin/bioctl/bioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bioctl.c,v 1.114 2013/10/31 00:47:20 kettenis Exp $ */ +/* $OpenBSD: bioctl.c,v 1.115 2013/11/04 21:02:58 deraadt Exp $ */ /* * Copyright (c) 2004, 2005 Marco Peereboom @@ -27,13 +27,12 @@ * */ +#include <sys/param.h> #include <sys/ioctl.h> #include <sys/dkio.h> -#include <sys/param.h> -#include <sys/types.h> #include <sys/stat.h> -#include <dev/biovar.h> #include <dev/softraidvar.h> +#include <dev/biovar.h> #include <errno.h> #include <err.h> @@ -43,10 +42,17 @@ #include <stdlib.h> #include <string.h> #include <unistd.h> -#include <ctype.h> #include <vis.h> #include <readpassphrase.h> +#ifdef AOE +#include <net/if.h> +#include <netinet/in.h> +#include <netinet/if_ether.h> + +struct sr_aoe_config *create_aoe(u_int16_t, char *); +#endif /* AOE */ + struct locator { int channel; int target; @@ -69,7 +75,6 @@ int bio_getvolbyname(char *); void bio_setstate(char *, int, char *); void bio_setblink(char *, char *, int); void bio_blink(char *, int, int); -struct sr_aoe_config *create_aoe(u_int16_t, char *); void bio_createraid(u_int16_t, char *, char *); void bio_deleteraid(char *); void bio_changepass(char *); @@ -759,6 +764,7 @@ bio_blink(char *enclosure, int target, int blinktype) close(bioh); } +#ifdef AOE struct sr_aoe_config * create_aoe(u_int16_t level, char *dev_list) { @@ -802,6 +808,7 @@ create_aoe(u_int16_t level, char *dev_list) invalid: errx(1, "invalid AOE dev list: use nic,dsteaddr,shelf,slot"); } +#endif /* AOE */ void bio_createraid(u_int16_t level, char *dev_list, char *key_disk) @@ -818,11 +825,14 @@ bio_createraid(u_int16_t level, char *dev_list, char *key_disk) if (!dev_list) errx(1, "no devices specified"); +#ifdef AOE if (level == 'a') { sac = create_aoe(level, dev_list); no_dev = 0; dt = NULL; - } else { + } else +#endif /* AOE */ + { dt = (dev_t *)malloc(BIOC_CRMAXLEN); if (!dt) err(1, "not enough memory for dev_t list"); @@ -869,11 +879,14 @@ bio_createraid(u_int16_t level, char *dev_list, char *key_disk) create.bc_flags = BIOC_SCDEVT | cflags; create.bc_key_disk = NODEV; +#ifdef AOE if (level == 'a') { create.bc_opaque = sac; create.bc_opaque_size = sizeof(*sac); create.bc_opaque_flags = BIOC_SOIN; - } else if (level == 'C' && key_disk == NULL) { + } else +#endif /* AOE */ + if (level == 'C' && key_disk == NULL) { memset(&kdfinfo, 0, sizeof(kdfinfo)); memset(&kdfhint, 0, sizeof(kdfhint)); diff --git a/sys/dev/softraid.c b/sys/dev/softraid.c index 9641a64272f..f340467c52d 100644 --- a/sys/dev/softraid.c +++ b/sys/dev/softraid.c @@ -1,4 +1,4 @@ -/* $OpenBSD: softraid.c,v 1.312 2013/11/01 17:36:19 krw Exp $ */ +/* $OpenBSD: softraid.c,v 1.313 2013/11/04 21:02:57 deraadt Exp $ */ /* * Copyright (c) 2007, 2008, 2009 Marco Peereboom <marco@peereboom.us> * Copyright (c) 2008 Chris Kuethe <ckuethe@openbsd.org> @@ -33,6 +33,7 @@ #include <sys/queue.h> #include <sys/fcntl.h> #include <sys/disklabel.h> +#include <sys/vnode.h> #include <sys/mount.h> #include <sys/sensors.h> #include <sys/stat.h> diff --git a/sys/dev/softraid_crypto.c b/sys/dev/softraid_crypto.c index ba4133c4d4f..89f2b5afb47 100644 --- a/sys/dev/softraid_crypto.c +++ b/sys/dev/softraid_crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: softraid_crypto.c,v 1.95 2013/06/11 16:42:13 deraadt Exp $ */ +/* $OpenBSD: softraid_crypto.c,v 1.96 2013/11/04 21:02:57 deraadt Exp $ */ /* * Copyright (c) 2007 Marco Peereboom <marco@peereboom.us> * Copyright (c) 2008 Hans-Joerg Hoexer <hshoexer@openbsd.org> @@ -34,6 +34,7 @@ #include <sys/queue.h> #include <sys/fcntl.h> #include <sys/disklabel.h> +#include <sys/vnode.h> #include <sys/mount.h> #include <sys/sensors.h> #include <sys/stat.h> diff --git a/sys/dev/softraid_raidp.c b/sys/dev/softraid_raidp.c index e5091428e4b..4e52b25eb6a 100644 --- a/sys/dev/softraid_raidp.c +++ b/sys/dev/softraid_raidp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: softraid_raidp.c,v 1.51 2013/11/01 17:36:19 krw Exp $ */ +/* $OpenBSD: softraid_raidp.c,v 1.52 2013/11/04 21:02:57 deraadt Exp $ */ /* * Copyright (c) 2009 Marco Peereboom <marco@peereboom.us> * Copyright (c) 2009 Jordan Hargrave <jordan@openbsd.org> @@ -34,6 +34,7 @@ #include <sys/mount.h> #include <sys/sensors.h> #include <sys/stat.h> +#include <sys/pool.h> #include <sys/conf.h> #include <sys/uio.h> diff --git a/sys/dev/softraidvar.h b/sys/dev/softraidvar.h index 298412cea0b..82b0f5df7c7 100644 --- a/sys/dev/softraidvar.h +++ b/sys/dev/softraidvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: softraidvar.h,v 1.139 2013/06/11 16:42:13 deraadt Exp $ */ +/* $OpenBSD: softraidvar.h,v 1.140 2013/11/04 21:02:57 deraadt Exp $ */ /* * Copyright (c) 2006 Marco Peereboom <marco@peereboom.us> * Copyright (c) 2008 Chris Kuethe <ckuethe@openbsd.org> @@ -19,26 +19,10 @@ #ifndef SOFTRAIDVAR_H #define SOFTRAIDVAR_H -#include <sys/socket.h> -#include <sys/vnode.h> - -#include <net/if.h> -#include <netinet/in.h> -#include <netinet/if_ether.h> - -#include <crypto/md5.h> - #define SR_META_VERSION 5 /* bump when sr_metadata changes */ #define SR_META_SIZE 64 /* save space at chunk beginning */ #define SR_META_OFFSET 16 /* skip 8192 bytes at chunk beginning */ -#define SR_META_V3_SIZE 64 -#define SR_META_V3_OFFSET 16 -#define SR_META_V3_DATA_OFFSET (SR_META_V3_OFFSET + SR_META_V3_SIZE) - -#define SR_META_F_NATIVE 0 /* Native metadata format. */ -#define SR_META_F_INVALID -1 - #define SR_BOOT_OFFSET (SR_META_OFFSET + SR_META_SIZE) #define SR_BOOT_LOADER_SIZE 320 /* Size of boot loader storage. */ #define SR_BOOT_LOADER_OFFSET SR_BOOT_OFFSET @@ -46,6 +30,71 @@ #define SR_BOOT_BLOCKS_OFFSET (SR_BOOT_LOADER_OFFSET + SR_BOOT_LOADER_SIZE) #define SR_BOOT_SIZE (SR_BOOT_LOADER_SIZE + SR_BOOT_BLOCKS_SIZE) +#define SR_CRYPTO_MAXKEYBYTES 32 /* max bytes in a key (AES-XTS-256) */ +#define SR_CRYPTO_MAXKEYS 32 /* max keys per volume */ +#define SR_CRYPTO_KEYBITS 512 /* AES-XTS with 2 * 256 bit keys */ +#define SR_CRYPTO_KEYBYTES (SR_CRYPTO_KEYBITS >> 3) +#define SR_CRYPTO_KDFHINTBYTES 256 /* size of opaque KDF hint */ +#define SR_CRYPTO_CHECKBYTES 64 /* size of generic key chksum struct */ +#define SR_CRYPTO_KEY_BLKSHIFT 30 /* 0.5TB per key */ + +/* this is a generic hint for KDF done in userland, not interpreted by the kernel. */ +struct sr_crypto_genkdf { + u_int32_t len; + u_int32_t type; +#define SR_CRYPTOKDFT_INVALID 0 +#define SR_CRYPTOKDFT_PBKDF2 1 +#define SR_CRYPTOKDFT_KEYDISK 2 +}; + +/* this is a hint for KDF using PKCS#5. Not interpreted by the kernel */ +struct sr_crypto_kdf_pbkdf2 { + u_int32_t len; + u_int32_t type; + u_int32_t rounds; + u_int8_t salt[128]; +}; + +/* + * this structure is used to copy masking keys and KDF hints from/to userland. + * the embedded hint structures are not interpreted by the kernel. + */ +struct sr_crypto_kdfinfo { + u_int32_t len; + u_int32_t flags; +#define SR_CRYPTOKDF_INVALID (0) +#define SR_CRYPTOKDF_KEY (1<<0) +#define SR_CRYPTOKDF_HINT (1<<1) + u_int8_t maskkey[SR_CRYPTO_MAXKEYBYTES]; + union { + struct sr_crypto_genkdf generic; + struct sr_crypto_kdf_pbkdf2 pbkdf2; + } _kdfhint; +#define genkdf _kdfhint.generic +#define pbkdf2 _kdfhint.pbkdf2 +}; + +#define SR_IOCTL_GET_KDFHINT 0x01 /* Get KDF hint. */ +#define SR_IOCTL_CHANGE_PASSPHRASE 0x02 /* Change passphase. */ + +struct sr_crypto_kdfpair { + void *kdfinfo1; + u_int32_t kdfsize1; + void *kdfinfo2; + u_int32_t kdfsize2; +}; + +#if defined(_KERNEL) || defined(_STANDALONE) + +#include <crypto/md5.h> + +#define SR_META_V3_SIZE 64 +#define SR_META_V3_OFFSET 16 +#define SR_META_V3_DATA_OFFSET (SR_META_V3_OFFSET + SR_META_V3_SIZE) + +#define SR_META_F_NATIVE 0 /* Native metadata format. */ +#define SR_META_F_INVALID -1 + #define SR_HEADER_SIZE (SR_META_SIZE + SR_BOOT_SIZE) #define SR_DATA_OFFSET (SR_META_OFFSET + SR_HEADER_SIZE) @@ -118,14 +167,6 @@ struct sr_meta_chunk { u_int32_t scm_status; /* use bio bioc_disk status */ } __packed; -#define SR_CRYPTO_MAXKEYBYTES 32 /* max bytes in a key (AES-XTS-256) */ -#define SR_CRYPTO_MAXKEYS 32 /* max keys per volume */ -#define SR_CRYPTO_KEYBITS 512 /* AES-XTS with 2 * 256 bit keys */ -#define SR_CRYPTO_KEYBYTES (SR_CRYPTO_KEYBITS >> 3) -#define SR_CRYPTO_KDFHINTBYTES 256 /* size of opaque KDF hint */ -#define SR_CRYPTO_CHECKBYTES 64 /* size of generic key chksum struct */ -#define SR_CRYPTO_KEY_BLKSHIFT 30 /* 0.5TB per key */ - /* * Check that HMAC-SHA1_k(decrypted scm_key) == sch_mac, where * k = SHA1(masking key) @@ -199,59 +240,6 @@ struct sr_meta_opt_item { SLIST_HEAD(sr_meta_opt_head, sr_meta_opt_item); -/* this is a generic hint for KDF done in userland, not interpreted by the kernel. */ -struct sr_crypto_genkdf { - u_int32_t len; - u_int32_t type; -#define SR_CRYPTOKDFT_INVALID 0 -#define SR_CRYPTOKDFT_PBKDF2 1 -#define SR_CRYPTOKDFT_KEYDISK 2 -}; - -/* this is a hint for KDF using PKCS#5. Not interpreted by the kernel */ -struct sr_crypto_kdf_pbkdf2 { - u_int32_t len; - u_int32_t type; - u_int32_t rounds; - u_int8_t salt[128]; -}; - -/* - * this structure is used to copy masking keys and KDF hints from/to userland. - * the embedded hint structures are not interpreted by the kernel. - */ -struct sr_crypto_kdfinfo { - u_int32_t len; - u_int32_t flags; -#define SR_CRYPTOKDF_INVALID (0) -#define SR_CRYPTOKDF_KEY (1<<0) -#define SR_CRYPTOKDF_HINT (1<<1) - u_int8_t maskkey[SR_CRYPTO_MAXKEYBYTES]; - union { - struct sr_crypto_genkdf generic; - struct sr_crypto_kdf_pbkdf2 pbkdf2; - } _kdfhint; -#define genkdf _kdfhint.generic -#define pbkdf2 _kdfhint.pbkdf2 -}; - -#define SR_IOCTL_GET_KDFHINT 0x01 /* Get KDF hint. */ -#define SR_IOCTL_CHANGE_PASSPHRASE 0x02 /* Change passphase. */ - -struct sr_crypto_kdfpair { - void *kdfinfo1; - u_int32_t kdfsize1; - void *kdfinfo2; - u_int32_t kdfsize2; -}; - -struct sr_aoe_config { - char nic[IFNAMSIZ]; - struct ether_addr dsteaddr; - unsigned short shelf; - unsigned char slot; -}; - struct sr_boot_chunk { struct sr_metadata *sbc_metadata; dev_t sbc_mm; /* Device major/minor. */ @@ -296,11 +284,13 @@ struct sr_boot_volume { SLIST_HEAD(sr_boot_volume_head, sr_boot_volume); +#endif /* _KERNEL | _STANDALONE */ + #ifdef _KERNEL + #include <dev/biovar.h> #include <sys/buf.h> -#include <sys/pool.h> #include <sys/queue.h> #include <sys/rwlock.h> @@ -458,6 +448,7 @@ struct sr_crypto { u_int64_t scr_sid[SR_CRYPTO_MAXKEYS]; }; +#ifdef AOE /* ata over ethernet */ #define SR_RAIDAOE_NOWU 2 struct sr_aoe { @@ -466,6 +457,7 @@ struct sr_aoe { struct ifnet *sra_ifp; struct ether_addr sra_eaddr; }; +#endif /* AOE */ #define SR_CONCAT_NOWU 16 struct sr_concat { |