488570ebd4
Many open source projects have moved to using SPDX identifiers to specify license information, reducing the amount of boilerplate code in every source file. This patch replaces the bulk of SPDK .c, .cpp and Makefiles with the BSD-3-Clause identifier. Almost all of these files share the exact same license text, and this patch only modifies the files that contain the most common license text. There can be slight variations because the third clause contains company names - most say "Intel Corporation", but there are instances for Nvidia, Samsung, Eideticom and even "the copyright holder". Used a bash script to automate replacement of the license text with SPDX identifier which is checked into scripts/spdx.sh. Signed-off-by: Jim Harris <james.r.harris@intel.com> Change-Id: Iaa88ab5e92ea471691dc298cfe41ebfb5d169780 Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/12904 Community-CI: Broadcom CI <spdk-ci.pdl@broadcom.com> Community-CI: Mellanox Build Bot Tested-by: SPDK CI Jenkins <sys_sgci@intel.com> Reviewed-by: Aleksey Marchuk <alexeymar@nvidia.com> Reviewed-by: Changpeng Liu <changpeng.liu@intel.com> Reviewed-by: Dong Yi <dongx.yi@intel.com> Reviewed-by: Konrad Sztyber <konrad.sztyber@intel.com> Reviewed-by: Paul Luse <paul.e.luse@intel.com> Reviewed-by: <qun.wan@intel.com>
314 lines
9.9 KiB
C
314 lines
9.9 KiB
C
/* SPDX-License-Identifier: BSD-3-Clause
|
|
* Copyright (c) Intel Corporation.
|
|
* All rights reserved.
|
|
* Copyright (c) 2022, NVIDIA CORPORATION & AFFILIATES.
|
|
* All rights reserved.
|
|
*/
|
|
|
|
#include "vbdev_crypto.h"
|
|
|
|
/* Structure to hold the parameters for this RPC method. */
|
|
struct rpc_construct_crypto {
|
|
char *base_bdev_name;
|
|
char *name;
|
|
char *crypto_pmd;
|
|
char *key;
|
|
char *cipher;
|
|
char *key2;
|
|
};
|
|
|
|
/* Free the allocated memory resource after the RPC handling. */
|
|
static void
|
|
free_rpc_construct_crypto(struct rpc_construct_crypto *r)
|
|
{
|
|
free(r->base_bdev_name);
|
|
free(r->name);
|
|
free(r->crypto_pmd);
|
|
free(r->key);
|
|
free(r->cipher);
|
|
free(r->key2);
|
|
}
|
|
|
|
/* Structure to decode the input parameters for this RPC method. */
|
|
static const struct spdk_json_object_decoder rpc_construct_crypto_decoders[] = {
|
|
{"base_bdev_name", offsetof(struct rpc_construct_crypto, base_bdev_name), spdk_json_decode_string},
|
|
{"name", offsetof(struct rpc_construct_crypto, name), spdk_json_decode_string},
|
|
{"crypto_pmd", offsetof(struct rpc_construct_crypto, crypto_pmd), spdk_json_decode_string},
|
|
{"key", offsetof(struct rpc_construct_crypto, key), spdk_json_decode_string},
|
|
{"cipher", offsetof(struct rpc_construct_crypto, cipher), spdk_json_decode_string, true},
|
|
{"key2", offsetof(struct rpc_construct_crypto, key2), spdk_json_decode_string, true},
|
|
};
|
|
|
|
/**
|
|
* Create crypto opts from rpc @req. Validate req fields and populate the
|
|
* correspoending fields in @opts.
|
|
*
|
|
* \param rpc Pointer to the rpc req.
|
|
* \param request Pointer to json request.
|
|
* \return Allocated and populated crypto opts or NULL on failure.
|
|
*/
|
|
static struct vbdev_crypto_opts *
|
|
create_crypto_opts(struct rpc_construct_crypto *rpc,
|
|
struct spdk_jsonrpc_request *request)
|
|
{
|
|
struct vbdev_crypto_opts *opts;
|
|
int key_size, key2_size;
|
|
|
|
if (strcmp(rpc->crypto_pmd, AESNI_MB) == 0 && strcmp(rpc->cipher, AES_XTS) == 0) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid cipher. AES_XTS is not available on AESNI_MB.");
|
|
return NULL;
|
|
}
|
|
|
|
if (strcmp(rpc->crypto_pmd, MLX5) == 0 && strcmp(rpc->cipher, AES_XTS) != 0) {
|
|
spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid cipher. %s is not available on MLX5.",
|
|
rpc->cipher);
|
|
return NULL;
|
|
}
|
|
|
|
if (strcmp(rpc->cipher, AES_XTS) == 0 && rpc->key2 == NULL) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid key. A 2nd key is needed for AES_XTS.");
|
|
return NULL;
|
|
}
|
|
|
|
if (strcmp(rpc->cipher, AES_CBC) == 0 && rpc->key2 != NULL) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid key. A 2nd key is needed only for AES_XTS.");
|
|
return NULL;
|
|
}
|
|
|
|
opts = calloc(1, sizeof(struct vbdev_crypto_opts));
|
|
if (!opts) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INTERNAL_ERROR,
|
|
"Failed to allocate memory for crypto_opts.");
|
|
return NULL;
|
|
}
|
|
|
|
opts->bdev_name = strdup(rpc->base_bdev_name);
|
|
if (!opts->bdev_name) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INTERNAL_ERROR,
|
|
"Failed to allocate memory for bdev_name.");
|
|
goto error_alloc_bname;
|
|
}
|
|
|
|
opts->vbdev_name = strdup(rpc->name);
|
|
if (!opts->vbdev_name) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INTERNAL_ERROR,
|
|
"Failed to allocate memory for vbdev_name.");
|
|
goto error_alloc_vname;
|
|
}
|
|
|
|
opts->drv_name = strdup(rpc->crypto_pmd);
|
|
if (!opts->drv_name) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INTERNAL_ERROR,
|
|
"Failed to allocate memory for drv_name.");
|
|
goto error_alloc_dname;
|
|
}
|
|
|
|
if (strcmp(opts->drv_name, MLX5) == 0) {
|
|
/* Only AES-XTS supported. */
|
|
|
|
/* We cannot use strlen() after unhexlify() because of possible \0 chars
|
|
* used in the key. Hexlified version of key is twice as longer. */
|
|
key_size = strnlen(rpc->key, (AES_XTS_512_BLOCK_KEY_LENGTH * 2) + 1);
|
|
if (key_size != AES_XTS_256_BLOCK_KEY_LENGTH * 2 &&
|
|
key_size != AES_XTS_512_BLOCK_KEY_LENGTH * 2) {
|
|
spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid AES_XTS key string length for mlx5: %d. "
|
|
"Supported sizes in hex form: %d or %d.",
|
|
key_size, AES_XTS_256_BLOCK_KEY_LENGTH * 2,
|
|
AES_XTS_512_BLOCK_KEY_LENGTH * 2);
|
|
goto error_invalid_key;
|
|
}
|
|
} else {
|
|
if (strncmp(rpc->cipher, AES_XTS, sizeof(AES_XTS)) == 0) {
|
|
/* AES_XTS for qat uses 128bit key. */
|
|
key_size = strnlen(rpc->key, (AES_XTS_128_BLOCK_KEY_LENGTH * 2) + 1);
|
|
if (key_size != AES_XTS_128_BLOCK_KEY_LENGTH * 2) {
|
|
spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid AES_XTS key string length: %d. "
|
|
"Supported size in hex form: %d.",
|
|
key_size, AES_XTS_128_BLOCK_KEY_LENGTH * 2);
|
|
goto error_invalid_key;
|
|
}
|
|
} else {
|
|
key_size = strnlen(rpc->key, (AES_CBC_KEY_LENGTH * 2) + 1);
|
|
if (key_size != AES_CBC_KEY_LENGTH * 2) {
|
|
spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid AES_CBC key string length: %d. "
|
|
"Supported size in hex form: %d.",
|
|
key_size, AES_CBC_KEY_LENGTH * 2);
|
|
goto error_invalid_key;
|
|
}
|
|
}
|
|
}
|
|
opts->key = unhexlify(rpc->key);
|
|
if (!opts->key) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Failed to unhexlify key.");
|
|
goto error_alloc_key;
|
|
}
|
|
opts->key_size = key_size / 2;
|
|
|
|
if (strncmp(rpc->cipher, AES_XTS, sizeof(AES_XTS)) == 0) {
|
|
opts->cipher = AES_XTS;
|
|
assert(rpc->key2);
|
|
key2_size = strnlen(rpc->key2, (AES_XTS_TWEAK_KEY_LENGTH * 2) + 1);
|
|
if (key2_size != AES_XTS_TWEAK_KEY_LENGTH * 2) {
|
|
spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid AES_XTS key2 length %d. "
|
|
"Supported size in hex form: %d.",
|
|
key2_size, AES_XTS_TWEAK_KEY_LENGTH * 2);
|
|
goto error_invalid_key2;
|
|
}
|
|
opts->key2 = unhexlify(rpc->key2);
|
|
if (!opts->key2) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Failed to unhexlify key2.");
|
|
goto error_alloc_key2;
|
|
}
|
|
opts->key2_size = key2_size / 2;
|
|
|
|
/* DPDK expects the keys to be concatenated together. */
|
|
opts->xts_key = calloc(1, opts->key_size + opts->key2_size + 1);
|
|
if (opts->xts_key == NULL) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INTERNAL_ERROR,
|
|
"Failed to allocate memory for XTS key.");
|
|
goto error_alloc_xts;
|
|
}
|
|
memcpy(opts->xts_key, opts->key, opts->key_size);
|
|
memcpy(opts->xts_key + opts->key_size, opts->key2, opts->key2_size);
|
|
} else if (strncmp(rpc->cipher, AES_CBC, sizeof(AES_CBC)) == 0) {
|
|
opts->cipher = AES_CBC;
|
|
} else {
|
|
spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid param. Cipher %s is not supported.",
|
|
rpc->cipher);
|
|
goto error_cipher;
|
|
}
|
|
return opts;
|
|
|
|
/* Error cleanup paths. */
|
|
error_cipher:
|
|
error_alloc_xts:
|
|
error_alloc_key2:
|
|
error_invalid_key2:
|
|
if (opts->key) {
|
|
memset(opts->key, 0, opts->key_size);
|
|
free(opts->key);
|
|
}
|
|
opts->key_size = 0;
|
|
error_alloc_key:
|
|
error_invalid_key:
|
|
free(opts->drv_name);
|
|
error_alloc_dname:
|
|
free(opts->vbdev_name);
|
|
error_alloc_vname:
|
|
free(opts->bdev_name);
|
|
error_alloc_bname:
|
|
free(opts);
|
|
return NULL;
|
|
}
|
|
|
|
/* Decode the parameters for this RPC method and properly construct the crypto
|
|
* device. Error status returned in the failed cases.
|
|
*/
|
|
static void
|
|
rpc_bdev_crypto_create(struct spdk_jsonrpc_request *request,
|
|
const struct spdk_json_val *params)
|
|
{
|
|
struct rpc_construct_crypto req = {NULL};
|
|
struct vbdev_crypto_opts *crypto_opts;
|
|
struct spdk_json_write_ctx *w;
|
|
int rc;
|
|
|
|
if (spdk_json_decode_object(params, rpc_construct_crypto_decoders,
|
|
SPDK_COUNTOF(rpc_construct_crypto_decoders),
|
|
&req)) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Failed to decode crypto disk create parameters.");
|
|
goto cleanup;
|
|
}
|
|
|
|
if (req.cipher == NULL) {
|
|
req.cipher = strdup(AES_CBC);
|
|
if (req.cipher == NULL) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INTERNAL_ERROR,
|
|
"Unable to allocate memory for req.cipher");
|
|
goto cleanup;
|
|
}
|
|
}
|
|
|
|
crypto_opts = create_crypto_opts(&req, request);
|
|
if (crypto_opts == NULL) {
|
|
goto cleanup;
|
|
}
|
|
|
|
rc = create_crypto_disk(crypto_opts);
|
|
if (rc) {
|
|
spdk_jsonrpc_send_error_response(request, rc, spdk_strerror(-rc));
|
|
free_crypto_opts(crypto_opts);
|
|
goto cleanup;
|
|
}
|
|
|
|
w = spdk_jsonrpc_begin_result(request);
|
|
spdk_json_write_string(w, req.name);
|
|
spdk_jsonrpc_end_result(request, w);
|
|
cleanup:
|
|
free_rpc_construct_crypto(&req);
|
|
}
|
|
SPDK_RPC_REGISTER("bdev_crypto_create", rpc_bdev_crypto_create, SPDK_RPC_RUNTIME)
|
|
|
|
struct rpc_delete_crypto {
|
|
char *name;
|
|
};
|
|
|
|
static void
|
|
free_rpc_delete_crypto(struct rpc_delete_crypto *req)
|
|
{
|
|
free(req->name);
|
|
}
|
|
|
|
static const struct spdk_json_object_decoder rpc_delete_crypto_decoders[] = {
|
|
{"name", offsetof(struct rpc_delete_crypto, name), spdk_json_decode_string},
|
|
};
|
|
|
|
static void
|
|
rpc_bdev_crypto_delete_cb(void *cb_arg, int bdeverrno)
|
|
{
|
|
struct spdk_jsonrpc_request *request = cb_arg;
|
|
|
|
if (bdeverrno == 0) {
|
|
spdk_jsonrpc_send_bool_response(request, true);
|
|
} else {
|
|
spdk_jsonrpc_send_error_response(request, bdeverrno, spdk_strerror(-bdeverrno));
|
|
}
|
|
}
|
|
|
|
static void
|
|
rpc_bdev_crypto_delete(struct spdk_jsonrpc_request *request,
|
|
const struct spdk_json_val *params)
|
|
{
|
|
struct rpc_delete_crypto req = {NULL};
|
|
|
|
if (spdk_json_decode_object(params, rpc_delete_crypto_decoders,
|
|
SPDK_COUNTOF(rpc_delete_crypto_decoders),
|
|
&req)) {
|
|
spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
|
|
"Invalid parameters");
|
|
goto cleanup;
|
|
}
|
|
|
|
delete_crypto_disk(req.name, rpc_bdev_crypto_delete_cb, request);
|
|
|
|
free_rpc_delete_crypto(&req);
|
|
|
|
return;
|
|
|
|
cleanup:
|
|
free_rpc_delete_crypto(&req);
|
|
}
|
|
SPDK_RPC_REGISTER("bdev_crypto_delete", rpc_bdev_crypto_delete, SPDK_RPC_RUNTIME)
|