1eb63303Tom Caputi/*
2eb63303Tom Caputi * CDDL HEADER START
3eb63303Tom Caputi *
4eb63303Tom Caputi * This file and its contents are supplied under the terms of the
5eb63303Tom Caputi * Common Development and Distribution License ("CDDL"), version 1.0.
6eb63303Tom Caputi * You may only use this file in accordance with the terms of version
7eb63303Tom Caputi * 1.0 of the CDDL.
8eb63303Tom Caputi *
9eb63303Tom Caputi * A full copy of the text of the CDDL should have accompanied this
10eb63303Tom Caputi * source.  A copy of the CDDL is also available via the Internet at
11eb63303Tom Caputi * http://www.illumos.org/license/CDDL.
12eb63303Tom Caputi *
13eb63303Tom Caputi * CDDL HEADER END
14eb63303Tom Caputi */
15eb63303Tom Caputi
16eb63303Tom Caputi/*
17eb63303Tom Caputi * Copyright (c) 2017, Datto, Inc. All rights reserved.
18eb63303Tom Caputi */
19eb63303Tom Caputi
20eb63303Tom Caputi#ifndef	_SYS_DSL_CRYPT_H
21eb63303Tom Caputi#define	_SYS_DSL_CRYPT_H
22eb63303Tom Caputi
23eb63303Tom Caputi#include <sys/dmu_tx.h>
24eb63303Tom Caputi#include <sys/dmu.h>
25eb63303Tom Caputi#include <sys/zio_crypt.h>
26eb63303Tom Caputi#include <sys/spa.h>
27eb63303Tom Caputi#include <sys/dsl_dataset.h>
28eb63303Tom Caputi
29eb63303Tom Caputi/*
30eb63303Tom Caputi * ZAP entry keys for DSL Crypto Keys stored on disk. In addition,
31eb63303Tom Caputi * ZFS_PROP_KEYFORMAT, ZFS_PROP_PBKDF2_SALT, and ZFS_PROP_PBKDF2_ITERS are
32eb63303Tom Caputi * also maintained here using their respective property names.
33eb63303Tom Caputi */
34eb63303Tom Caputi#define	DSL_CRYPTO_KEY_CRYPTO_SUITE	"DSL_CRYPTO_SUITE"
35eb63303Tom Caputi#define	DSL_CRYPTO_KEY_GUID		"DSL_CRYPTO_GUID"
36eb63303Tom Caputi#define	DSL_CRYPTO_KEY_IV		"DSL_CRYPTO_IV"
37eb63303Tom Caputi#define	DSL_CRYPTO_KEY_MAC		"DSL_CRYPTO_MAC"
38eb63303Tom Caputi#define	DSL_CRYPTO_KEY_MASTER_KEY	"DSL_CRYPTO_MASTER_KEY_1"
39eb63303Tom Caputi#define	DSL_CRYPTO_KEY_HMAC_KEY		"DSL_CRYPTO_HMAC_KEY_1"
40eb63303Tom Caputi#define	DSL_CRYPTO_KEY_ROOT_DDOBJ	"DSL_CRYPTO_ROOT_DDOBJ"
41eb63303Tom Caputi#define	DSL_CRYPTO_KEY_REFCOUNT		"DSL_CRYPTO_REFCOUNT"
42eb63303Tom Caputi#define	DSL_CRYPTO_KEY_VERSION		"DSL_CRYPTO_VERSION"
43eb63303Tom Caputi
44eb63303Tom Caputi/*
45eb63303Tom Caputi * In-memory representation of a wrapping key. One of these structs will exist
46eb63303Tom Caputi * for each encryption root with its key loaded.
47eb63303Tom Caputi */
48eb63303Tom Caputitypedef struct dsl_wrapping_key {
49eb63303Tom Caputi	/* link on spa_keystore_t:sk_wkeys */
50eb63303Tom Caputi	avl_node_t wk_avl_link;
51eb63303Tom Caputi
52eb63303Tom Caputi	/* keyformat property enum */
53eb63303Tom Caputi	zfs_keyformat_t wk_keyformat;
54eb63303Tom Caputi
55eb63303Tom Caputi	/* the pbkdf2 salt, if the keyformat is of type passphrase */
56eb63303Tom Caputi	uint64_t wk_salt;
57eb63303Tom Caputi
58eb63303Tom Caputi	/* the pbkdf2 iterations, if the keyformat is of type passphrase */
59eb63303Tom Caputi	uint64_t wk_iters;
60eb63303Tom Caputi
61eb63303Tom Caputi	/* actual wrapping key */
62eb63303Tom Caputi	crypto_key_t wk_key;
63eb63303Tom Caputi
64eb63303Tom Caputi	/* refcount of holders of this key */
65eb63303Tom Caputi	zfs_refcount_t wk_refcnt;
66eb63303Tom Caputi
67eb63303Tom Caputi	/* dsl directory object that owns this wrapping key */
68eb63303Tom Caputi	uint64_t wk_ddobj;
69eb63303Tom Caputi} dsl_wrapping_key_t;
70eb63303Tom Caputi
71eb63303Tom Caputi/* enum of commands indicating special actions that should be run */
72eb63303Tom Caputitypedef enum dcp_cmd {
73eb63303Tom Caputi	/* key creation commands */
74eb63303Tom Caputi	DCP_CMD_NONE = 0,	/* no specific command */
75eb63303Tom Caputi	DCP_CMD_RAW_RECV,	/* raw receive */
76eb63303Tom Caputi
77eb63303Tom Caputi	/* key changing commands */
78eb63303Tom Caputi	DCP_CMD_NEW_KEY,	/* rewrap key as an encryption root */
79eb63303Tom Caputi	DCP_CMD_INHERIT,	/* rewrap key with parent's wrapping key */
80eb63303Tom Caputi	DCP_CMD_FORCE_NEW_KEY,	/* change to encryption root without rewrap */
81eb63303Tom Caputi	DCP_CMD_FORCE_INHERIT,	/* inherit parent's key without rewrap */
82eb63303Tom Caputi
83eb63303Tom Caputi	DCP_CMD_MAX
84eb63303Tom Caputi} dcp_cmd_t;
85eb63303Tom Caputi
86eb63303Tom Caputi/*
87eb63303Tom Caputi * This struct is a simple wrapper around all the parameters that are usually
88eb63303Tom Caputi * required to setup encryption. It exists so that all of the params can be
89eb63303Tom Caputi * passed around the kernel together for convenience.
90eb63303Tom Caputi */
91eb63303Tom Caputitypedef struct dsl_crypto_params {
92eb63303Tom Caputi	/* command indicating intended action */
93eb63303Tom Caputi	dcp_cmd_t cp_cmd;
94eb63303Tom Caputi
95eb63303Tom Caputi	/* the encryption algorithm */
96eb63303Tom Caputi	enum zio_encrypt cp_crypt;
97eb63303Tom Caputi
98eb63303Tom Caputi	/* keylocation property string */
99eb63303Tom Caputi	char *cp_keylocation;
100eb63303Tom Caputi
101eb63303Tom Caputi	/* the wrapping key */
102eb63303Tom Caputi	dsl_wrapping_key_t *cp_wkey;
103eb63303Tom Caputi} dsl_crypto_params_t;
104eb63303Tom Caputi
105eb63303Tom Caputi/*
106eb63303Tom Caputi * In-memory representation of a DSL Crypto Key object. One of these structs
107eb63303Tom Caputi * (and corresponding on-disk ZAP object) will exist for each encrypted
108eb63303Tom Caputi * clone family that is mounted or otherwise reading protected data.
109eb63303Tom Caputi */
110eb63303Tom Caputitypedef struct dsl_crypto_key {
111eb63303Tom Caputi	/* link on spa_keystore_t:sk_dsl_keys */
112eb63303Tom Caputi	avl_node_t dck_avl_link;
113eb63303Tom Caputi
114eb63303Tom Caputi	/* refcount of dsl_key_mapping_t's holding this key */
115eb63303Tom Caputi	zfs_refcount_t dck_holds;
116eb63303Tom Caputi
117eb63303Tom Caputi	/* master key used to derive encryption keys */
118eb63303Tom Caputi	zio_crypt_key_t dck_key;
119eb63303Tom Caputi
120eb63303Tom Caputi	/* wrapping key for syncing this structure to disk */
121eb63303Tom Caputi	dsl_wrapping_key_t *dck_wkey;
122eb63303Tom Caputi
123eb63303Tom Caputi	/* on-disk object id */
124eb63303Tom Caputi	uint64_t dck_obj;
125eb63303Tom Caputi} dsl_crypto_key_t;
126eb63303Tom Caputi
127eb63303Tom Caputi/*
128eb63303Tom Caputi * In-memory mapping of a dataset object id to a DSL Crypto Key. This is used
129eb63303Tom Caputi * to look up the corresponding dsl_crypto_key_t from the zio layer for
130eb63303Tom Caputi * performing data encryption and decryption.
131eb63303Tom Caputi */
132eb63303Tom Caputitypedef struct dsl_key_mapping {
133eb63303Tom Caputi	/* link on spa_keystore_t:sk_key_mappings */
134eb63303Tom Caputi	avl_node_t km_avl_link;
135eb63303Tom Caputi
136eb63303Tom Caputi	/* refcount of how many users are depending on this mapping */
137eb63303Tom Caputi	zfs_refcount_t km_refcnt;
138eb63303Tom Caputi
139eb63303Tom Caputi	/* dataset this crypto key belongs to (index) */
140eb63303Tom Caputi	uint64_t km_dsobj;
141eb63303Tom Caputi
142eb63303Tom Caputi	/* crypto key (value) of this record */
143eb63303Tom Caputi	dsl_crypto_key_t *km_key;
144eb63303Tom Caputi} dsl_key_mapping_t;
145eb63303Tom Caputi
146eb63303Tom Caputi/* in memory structure for holding all wrapping and dsl keys */
147eb63303Tom Caputitypedef struct spa_keystore {
148eb63303Tom Caputi	/* lock for protecting sk_dsl_keys */
149eb63303Tom Caputi	krwlock_t sk_dk_lock;
150eb63303Tom Caputi
151eb63303Tom Caputi	/* tree of all dsl_crypto_key_t's */
152eb63303Tom Caputi	avl_tree_t sk_dsl_keys;
153eb63303Tom Caputi
154eb63303Tom Caputi	/* lock for protecting sk_key_mappings */
155eb63303Tom Caputi	krwlock_t sk_km_lock;
156eb63303Tom Caputi
157eb63303Tom Caputi	/* tree of all dsl_key_mapping_t's, indexed by dsobj */
158eb63303Tom Caputi	avl_tree_t sk_key_mappings;
159eb63303Tom Caputi
160eb63303Tom Caputi	/* lock for protecting the wrapping keys tree */
161eb63303Tom Caputi	krwlock_t sk_wkeys_lock;
162eb63303Tom Caputi
163eb63303Tom Caputi	/* tree of all dsl_wrapping_key_t's, indexed by ddobj */
164eb63303Tom Caputi	avl_tree_t sk_wkeys;
165eb63303Tom Caputi} spa_keystore_t;
166eb63303Tom Caputi
167eb63303Tom Caputiint dsl_crypto_params_create_nvlist(dcp_cmd_t cmd, nvlist_t *props,
168eb63303Tom Caputi    nvlist_t *crypto_args, dsl_crypto_params_t **dcp_out);
169eb63303Tom Caputivoid dsl_crypto_params_free(dsl_crypto_params_t *dcp, boolean_t unload);
170eb63303Tom Caputivoid dsl_dataset_crypt_stats(struct dsl_dataset *ds, nvlist_t *nv);
171eb63303Tom Caputiint dsl_crypto_can_set_keylocation(const char *dsname, const char *keylocation);
172eb63303Tom Caputiboolean_t dsl_dir_incompatible_encryption_version(dsl_dir_t *dd);
173eb63303Tom Caputi
174eb63303Tom Caputivoid spa_keystore_init(spa_keystore_t *sk);
175eb63303Tom Caputivoid spa_keystore_fini(spa_keystore_t *sk);
176eb63303Tom Caputi
177eb63303Tom Caputivoid spa_keystore_dsl_key_rele(spa_t *spa, dsl_crypto_key_t *dck, void *tag);
178eb63303Tom Caputiint spa_keystore_load_wkey_impl(spa_t *spa, dsl_wrapping_key_t *wkey);
179eb63303Tom Caputiint spa_keystore_load_wkey(const char *dsname, dsl_crypto_params_t *dcp,
180eb63303Tom Caputi    boolean_t noop);
181eb63303Tom Caputiint spa_keystore_unload_wkey_impl(spa_t *spa, uint64_t ddobj);
182eb63303Tom Caputiint spa_keystore_unload_wkey(const char *dsname);
183eb63303Tom Caputi
184eb63303Tom Caputiint spa_keystore_create_mapping(spa_t *spa, struct dsl_dataset *ds, void *tag,
185eb63303Tom Caputi    dsl_key_mapping_t **km_out);
186eb63303Tom Caputiint spa_keystore_remove_mapping(spa_t *spa, uint64_t dsobj, void *tag);
187eb63303Tom Caputivoid key_mapping_add_ref(dsl_key_mapping_t *km, void *tag);
188eb63303Tom Caputivoid key_mapping_rele(spa_t *spa, dsl_key_mapping_t *km, void *tag);
189eb63303Tom Caputiint spa_keystore_lookup_key(spa_t *spa, uint64_t dsobj, void *tag,
190eb63303Tom Caputi    dsl_crypto_key_t **dck_out);
191eb63303Tom Caputi
192eb63303Tom Caputiint dsl_crypto_populate_key_nvlist(struct dsl_dataset *ds,
193eb63303Tom Caputi    uint64_t from_ivset_guid, nvlist_t **nvl_out);
194eb63303Tom Caputiint dsl_crypto_recv_raw_key_check(struct dsl_dataset *ds,
195eb63303Tom Caputi    nvlist_t *nvl, dmu_tx_t *tx);
196eb63303Tom Caputivoid dsl_crypto_recv_raw_key_sync(struct dsl_dataset *ds,
197eb63303Tom Caputi    nvlist_t *nvl, dmu_tx_t *tx);
198eb63303Tom Caputiint dsl_crypto_recv_raw(const char *poolname, uint64_t dsobj, uint64_t fromobj,
199eb63303Tom Caputi    dmu_objset_type_t ostype, nvlist_t *nvl, boolean_t do_key);
200eb63303Tom Caputi
201eb63303Tom Caputiint spa_keystore_change_key(const char *dsname, dsl_crypto_params_t *dcp);
202eb63303Tom Caputiint dsl_dir_rename_crypt_check(dsl_dir_t *dd, dsl_dir_t *newparent);
203eb63303Tom Caputiint dsl_dataset_promote_crypt_check(dsl_dir_t *target, dsl_dir_t *origin);
204eb63303Tom Caputivoid dsl_dataset_promote_crypt_sync(dsl_dir_t *target, dsl_dir_t *origin,
205eb63303Tom Caputi    dmu_tx_t *tx);
206eb63303Tom Caputiint dmu_objset_create_crypt_check(dsl_dir_t *parentdd,
207eb63303Tom Caputi    dsl_crypto_params_t *dcp, boolean_t *will_encrypt);
208eb63303Tom Caputivoid dsl_dataset_create_crypt_sync(uint64_t dsobj, dsl_dir_t *dd,
209eb63303Tom Caputi    struct dsl_dataset *origin, dsl_crypto_params_t *dcp, dmu_tx_t *tx);
210eb63303Tom Caputiuint64_t dsl_crypto_key_create_sync(uint64_t crypt, dsl_wrapping_key_t *wkey,
211eb63303Tom Caputi    dmu_tx_t *tx);
212eb63303Tom Caputiuint64_t dsl_crypto_key_clone_sync(dsl_dir_t *origindd, dmu_tx_t *tx);
213eb63303Tom Caputivoid dsl_crypto_key_destroy_sync(uint64_t dckobj, dmu_tx_t *tx);
214eb63303Tom Caputi
215eb63303Tom Caputiint spa_crypt_get_salt(spa_t *spa, uint64_t dsobj, uint8_t *salt);
216eb63303Tom Caputiint spa_do_crypt_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj,
217eb63303Tom Caputi    abd_t *abd, uint_t datalen, uint8_t *mac);
218eb63303Tom Caputiint spa_do_crypt_objset_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj,
219eb63303Tom Caputi    abd_t *abd, uint_t datalen, boolean_t byteswap);
220eb63303Tom Caputiint spa_do_crypt_abd(boolean_t encrypt, spa_t *spa, const zbookmark_phys_t *zb,
221eb63303Tom Caputi    dmu_object_type_t ot, boolean_t dedup, boolean_t bswap, uint8_t *salt,
222eb63303Tom Caputi    uint8_t *iv, uint8_t *mac, uint_t datalen, abd_t *pabd, abd_t *cabd,
223eb63303Tom Caputi    boolean_t *no_crypt);
224eb63303Tom Caputi
225eb63303Tom Caputi#endif	/* _SYS_DSL_CRYPT_H */
226