1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  23  * Use is subject to license terms.
  24  */
  25 
  26 /*
  27  * Copyright (c) 2018, Joyent, Inc.
  28  */
  29 
  30 /*
  31  * mdb dcmds for selected structures from
  32  * usr/src/uts/common/sys/crypto/spi.h
  33  *
  34  * Also the mdb module housekeeping
  35  */
  36 
  37 #include <sys/mdb_modapi.h>
  38 #include <sys/modctl.h>
  39 #include <sys/crypto/api.h>
  40 #include <sys/crypto/common.h>
  41 #include <sys/crypto/spi.h>
  42 #include <sys/crypto/impl.h>
  43 #include "crypto_cmds.h"
  44 
  45 
  46 const mdb_bitmask_t extf_flags[] = {
  47         { "NIL", (ulong_t)-1, 0L },
  48         { "CRYPTO_EXTF_RNG", CRYPTO_EXTF_RNG, CRYPTO_EXTF_RNG },
  49         { "CRYPTO_EXTF_WRITE_PROTECTED", CRYPTO_EXTF_WRITE_PROTECTED,
  50                 CRYPTO_EXTF_WRITE_PROTECTED },
  51         { "CRYPTO_EXTF_LOGIN_REQUIRED", CRYPTO_EXTF_LOGIN_REQUIRED,
  52                 CRYPTO_EXTF_LOGIN_REQUIRED },
  53         { "CRYPTO_EXTF_USER_PIN_INITIALIZED", CRYPTO_EXTF_USER_PIN_INITIALIZED,
  54                 CRYPTO_EXTF_USER_PIN_INITIALIZED },
  55         { "CRYPTO_EXTF_CLOCK_ON_TOKEN", CRYPTO_EXTF_CLOCK_ON_TOKEN,
  56                 CRYPTO_EXTF_CLOCK_ON_TOKEN },
  57         { "CRYPTO_EXTF_PROTECTED_AUTHENTICATION_PATH",
  58                 CRYPTO_EXTF_PROTECTED_AUTHENTICATION_PATH,
  59                 CRYPTO_EXTF_PROTECTED_AUTHENTICATION_PATH },
  60         { "CRYPTO_EXTF_DUAL_CRYPTO_OPERATIONS",
  61                 CRYPTO_EXTF_DUAL_CRYPTO_OPERATIONS,
  62                 CRYPTO_EXTF_DUAL_CRYPTO_OPERATIONS },
  63         { "CRYPTO_EXTF_TOKEN_INITIALIZED", CRYPTO_EXTF_TOKEN_INITIALIZED,
  64                 CRYPTO_EXTF_TOKEN_INITIALIZED },
  65         { "CRYPTO_EXTF_USER_PIN_COUNT_LOW", CRYPTO_EXTF_USER_PIN_COUNT_LOW,
  66                 CRYPTO_EXTF_USER_PIN_COUNT_LOW },
  67         { "CRYPTO_EXTF_USER_PIN_FINAL_TRY", CRYPTO_EXTF_USER_PIN_FINAL_TRY,
  68                 CRYPTO_EXTF_USER_PIN_FINAL_TRY },
  69         { "CRYPTO_EXTF_USER_PIN_LOCKED", CRYPTO_EXTF_USER_PIN_LOCKED,
  70                 CRYPTO_EXTF_USER_PIN_LOCKED },
  71         { "CRYPTO_EXTF_USER_PIN_TO_BE_CHANGED",
  72                 CRYPTO_EXTF_USER_PIN_TO_BE_CHANGED,
  73                 CRYPTO_EXTF_USER_PIN_TO_BE_CHANGED },
  74         { "CRYPTO_EXTF_SO_PIN_COUNT_LOW", CRYPTO_EXTF_SO_PIN_COUNT_LOW,
  75                 CRYPTO_EXTF_SO_PIN_COUNT_LOW },
  76         { "CRYPTO_EXTF_SO_PIN_FINAL_TRY", CRYPTO_EXTF_SO_PIN_FINAL_TRY,
  77                 CRYPTO_EXTF_SO_PIN_FINAL_TRY },
  78         { "CRYPTO_EXTF_SO_PIN_LOCKED", CRYPTO_EXTF_SO_PIN_LOCKED,
  79                 CRYPTO_EXTF_SO_PIN_LOCKED },
  80         { "CRYPTO_EXTF_SO_PIN_TO_BE_CHANGED", CRYPTO_EXTF_SO_PIN_TO_BE_CHANGED,
  81                 CRYPTO_EXTF_SO_PIN_TO_BE_CHANGED },
  82         { NULL, 0, 0 }
  83 };
  84 
  85 /*ARGSUSED*/
  86 int
  87 crypto_provider_ext_info(uintptr_t addr, uint_t flags, int argc,
  88     const mdb_arg_t *argv)
  89 {
  90         crypto_provider_ext_info_t ext_prov;
  91         /*
  92          * 33 is 1 + MAX(CRYPTO_EXT_SIZE_LABEL, CRYPTO_EXT_SIZE_MANUF,
  93          *               CRYPTO_EXT_SIZE_MODEL, CRYPTO_EXT_SIZE_SERIAL)
  94          */
  95         char scratch[33];
  96 
  97         if (!(flags & DCMD_ADDRSPEC))
  98                 return (DCMD_USAGE);
  99 
 100         if (mdb_vread(&ext_prov, sizeof (crypto_provider_ext_info_t), addr)
 101             == -1) {
 102                 mdb_warn("cannot read addr");
 103                 return (DCMD_ERR);
 104         }
 105         bcopy(ext_prov.ei_label, scratch, CRYPTO_EXT_SIZE_LABEL);
 106         scratch[CRYPTO_EXT_SIZE_LABEL] = '\0';
 107         mdb_printf("ei_label\t\t%s\n", scratch);
 108 
 109         bcopy(ext_prov.ei_manufacturerID, scratch, CRYPTO_EXT_SIZE_MANUF);
 110         scratch[CRYPTO_EXT_SIZE_MANUF] = '\0';
 111         mdb_printf("ei_manufacturerID\t%s\n", scratch);
 112 
 113         bcopy(ext_prov.ei_model, scratch, CRYPTO_EXT_SIZE_MODEL);
 114         scratch[CRYPTO_EXT_SIZE_MODEL] = '\0';
 115         mdb_printf("ei_model\t\t%s\n", scratch);
 116 
 117         bcopy(ext_prov.ei_serial_number, scratch, CRYPTO_EXT_SIZE_SERIAL);
 118         scratch[CRYPTO_EXT_SIZE_SERIAL] = '\0';
 119         mdb_printf("ei_serial_number\t%s\n", scratch);
 120 
 121         mdb_printf("ei_flags\t0x%x:\t<%lb>\n", ext_prov.ei_flags,
 122             ext_prov.ei_flags, extf_flags);
 123         mdb_printf("ei_max_session_count\t%lu\n",
 124             ext_prov.ei_max_session_count);
 125         mdb_printf("ei_max_pin_len\t\t%lu\n", ext_prov.ei_max_pin_len);
 126         mdb_printf("ei_min_pin_len\t\t%lu\n", ext_prov.ei_min_pin_len);
 127         mdb_printf("ei_total_public_memory\t%lu\n",
 128             ext_prov.ei_total_public_memory);
 129         mdb_printf("ei_free_public_memory\t%lu\n",
 130             ext_prov.ei_free_public_memory);
 131         mdb_printf("ei_total_private_memory\t%lu\n",
 132             ext_prov.ei_total_private_memory);
 133         mdb_printf("ei_free_private_memory\t%lu\n",
 134             ext_prov.ei_free_private_memory);
 135         mdb_printf("ei_hardware_version\tmajor %c minor %c\n",
 136             ext_prov.ei_hardware_version.cv_major,
 137             ext_prov.ei_hardware_version.cv_minor);
 138         mdb_printf("ei_firmware_version\tmajor %c minor %c\n",
 139             ext_prov.ei_firmware_version.cv_major,
 140             ext_prov.ei_firmware_version.cv_minor);
 141         mdb_printf("ei_time\t%s\n", ext_prov.ei_time);
 142         return (DCMD_OK);
 143 }
 144 
 145 const mdb_bitmask_t mech_bits[] = {
 146         { "NIL", (uint32_t)-1, 0 },
 147         { "CRYPTO_FG_ENCRYPT", CRYPTO_FG_ENCRYPT, CRYPTO_FG_ENCRYPT },
 148         { "CRYPTO_FG_DECRYPT", CRYPTO_FG_DECRYPT, CRYPTO_FG_DECRYPT },
 149         { "CRYPTO_FG_DIGEST", CRYPTO_FG_DIGEST, CRYPTO_FG_DIGEST },
 150         { "CRYPTO_FG_SIGN", CRYPTO_FG_SIGN, CRYPTO_FG_SIGN },
 151         { "CRYPTO_FG_SIGN_RECOVER", CRYPTO_FG_SIGN_RECOVER,
 152                 CRYPTO_FG_SIGN_RECOVER },
 153         { "CRYPTO_FG_VERIFY", CRYPTO_FG_VERIFY, CRYPTO_FG_VERIFY },
 154         { "CRYPTO_FG_VERIFY_RECOVER", CRYPTO_FG_VERIFY_RECOVER,
 155                 CRYPTO_FG_VERIFY_RECOVER },
 156         { "CRYPTO_FG_GENERATE", CRYPTO_FG_GENERATE, CRYPTO_FG_GENERATE },
 157         { "CRYPTO_FG_GENERATE_KEY_PAIR", CRYPTO_FG_GENERATE_KEY_PAIR,
 158                 CRYPTO_FG_GENERATE_KEY_PAIR },
 159         { "CRYPTO_FG_WRAP", CRYPTO_FG_WRAP, CRYPTO_FG_WRAP },
 160         { "CRYPTO_FG_UNWRAP", CRYPTO_FG_UNWRAP, CRYPTO_FG_UNWRAP },
 161         { "CRYPTO_FG_DERIVE", CRYPTO_FG_DERIVE, CRYPTO_FG_DERIVE },
 162         { "CRYPTO_FG_MAC", CRYPTO_FG_MAC, CRYPTO_FG_MAC },
 163         { "CRYPTO_FG_ENCRYPT_MAC", CRYPTO_FG_ENCRYPT_MAC,
 164                 CRYPTO_FG_ENCRYPT_MAC },
 165         { "CRYPTO_FG_MAC_DECRYPT", CRYPTO_FG_MAC_DECRYPT,
 166                 CRYPTO_FG_MAC_DECRYPT },
 167         { "CRYPTO_FG_ENCRYPT_ATOMIC", CRYPTO_FG_ENCRYPT_ATOMIC,
 168                 CRYPTO_FG_ENCRYPT_ATOMIC },
 169         { "CRYPTO_FG_DECRYPT_ATOMIC", CRYPTO_FG_DECRYPT_ATOMIC,
 170                 CRYPTO_FG_DECRYPT_ATOMIC },
 171         { "CRYPTO_FG_MAC_ATOMIC", CRYPTO_FG_MAC_ATOMIC, CRYPTO_FG_MAC_ATOMIC },
 172         { "CRYPTO_FG_DIGEST_ATOMIC", CRYPTO_FG_DIGEST_ATOMIC,
 173                 CRYPTO_FG_DIGEST_ATOMIC },
 174         { "CRYPTO_FG_SIGN_ATOMIC", CRYPTO_FG_SIGN_ATOMIC,
 175                 CRYPTO_FG_SIGN_ATOMIC },
 176         { "CRYPTO_FG_SIGN_RECOVER_ATOMIC", CRYPTO_FG_SIGN_RECOVER_ATOMIC,
 177                 CRYPTO_FG_SIGN_RECOVER_ATOMIC },
 178         { "CRYPTO_FG_VERIFY_ATOMIC", CRYPTO_FG_VERIFY_ATOMIC,
 179                 CRYPTO_FG_VERIFY_ATOMIC },
 180         { "CRYPTO_FG_VERIFY_RECOVER_ATOMIC", CRYPTO_FG_VERIFY_RECOVER_ATOMIC,
 181                 CRYPTO_FG_VERIFY_RECOVER_ATOMIC },
 182         { "CRYPTO_FG_ENCRYPT_MAC_ATOMIC", CRYPTO_FG_ENCRYPT_MAC_ATOMIC,
 183                 CRYPTO_FG_ENCRYPT_MAC_ATOMIC },
 184         { "CRYPTO_FG_MAC_DECRYPT_ATOMIC", CRYPTO_FG_MAC_DECRYPT_ATOMIC,
 185                 CRYPTO_FG_MAC_DECRYPT_ATOMIC },
 186         { "CRYPTO_FG_RANDOM", CRYPTO_FG_RANDOM, CRYPTO_FG_RANDOM},
 187         { NULL, 0, 0 }
 188 };
 189 
 190 /*ARGSUSED*/
 191 int
 192 crypto_mech_info(uintptr_t addr, uint_t flags, int argc,
 193     const mdb_arg_t *argv)
 194 {
 195         crypto_mech_info_t minfo;
 196         const char *unit = "bits";
 197 
 198         if (!(flags & DCMD_ADDRSPEC))
 199                 return (DCMD_USAGE);
 200 
 201         if (mdb_vread(&minfo, sizeof (crypto_mech_info_t), addr)
 202             == -1) {
 203                 mdb_warn("cannot read addr %p", addr);
 204                 return (DCMD_ERR);
 205         }
 206         mdb_printf("cm_mech_name_t\t%s\n", minfo.cm_mech_name);
 207         mdb_printf("cm_mech_number\t%lld\n", minfo.cm_mech_number);
 208         mdb_printf("cm_func_group_mask\t0x%x:\t<%b>\n",
 209             minfo.cm_func_group_mask, minfo.cm_func_group_mask, mech_bits);
 210         if (minfo.cm_keysize_unit & CRYPTO_KEYSIZE_UNIT_IN_BYTES)
 211                 unit = "bytes";
 212         mdb_printf("cm_min_key_length\t%lu %s\n", minfo.cm_min_key_length,
 213             unit);
 214         mdb_printf("cm_max_key_length\t%lu %s\n", minfo.cm_max_key_length,
 215             unit);
 216 
 217         return (DCMD_OK);
 218 }
 219 
 220 /*
 221  * MDB module linkage information:
 222  *
 223  * We declare a list of structures describing our dcmds, and a function
 224  * named _mdb_init to return a pointer to our module information.
 225  */
 226 
 227 static const mdb_dcmd_t dcmds[] = {
 228 
 229         /* spi.c */
 230         { "crypto_provider_ext_info", ":",
 231             "module-private crypto provider info",
 232             crypto_provider_ext_info, NULL },
 233         { "crypto_mech_info", ":",
 234             "print as crypto_mech_info",
 235             crypto_mech_info, NULL },
 236 
 237         /* common.c */
 238         { "crypto_mechanism", ":",
 239             "details about a crypto mechanism", crypto_mechanism, NULL },
 240         { "crypto_data", ":",
 241             "print as crypto_data",
 242             crypto_data, NULL },
 243         { "crypto_dual_data", ":",
 244             "print as crypto_dual_data",
 245             crypto_dual_data, NULL },
 246         { "crypto_key", ":",
 247             "print as crypto_key", crypto_key, NULL },
 248 
 249 
 250         /* impl.c */
 251         { "kcf_provider_desc", ":",
 252             "crypto provider description struct", kcf_provider_desc, NULL },
 253 
 254         { "prov_tab", "",
 255             "global table of crypto providers ", prov_tab, NULL },
 256 
 257         { "policy_tab", "",
 258             "print global policy_tab", policy_tab, NULL },
 259 
 260         /* sched_impl.c */
 261         { "kcf_areq_node", ":[-v]",
 262             "print asynchronous crypto request struct, [ verbose ]",
 263                 kcf_areq_node, NULL },
 264 
 265         { "kcf_global_swq", "?[-v]",
 266             "global or addr global crypto queue.  [ -v = verbose ]",
 267                 kcf_global_swq, NULL },
 268         { "crypto_find_reqid", "?[-v] reqid",
 269             "look for reqid, print if found [ -v = verbose ]",
 270                 crypto_find_reqid, NULL },
 271 
 272         { "kcf_reqid_table", ":[-v]",
 273             "print contents of a request ID hash table [ -v = verbose ]",
 274                 kcf_reqid_table_dcmd, NULL },
 275 
 276         { "kcf_soft_conf_entry", "?",
 277             "head or addr of configured software crypto providers",
 278                 kcf_soft_conf_entry, NULL },
 279 
 280         { "kcf_policy_desc", ":", "policy descriptors for crypto",
 281                 kcf_policy_desc, NULL },
 282         { NULL }
 283 };
 284 
 285 static const mdb_walker_t walkers[] = {
 286         { "an_next", "walk kcf_areq_node's by an_next",
 287                 areq_first_walk_init, an_next_walk_step, areq_walk_fini },
 288         { "an_prev", "walk kcf_areq_node's by an_prev",
 289                 areq_last_walk_init, an_prev_walk_step, areq_walk_fini },
 290         { "an_idnext", "walk kcf_areq_node's by an_idnext",
 291                 an_idnext_walk_init, an_idnext_walk_step, areq_walk_fini },
 292         { "an_idprev", "walk kcf_areq_node's by an_idprev",
 293                 an_idprev_walk_init, an_idprev_walk_step, areq_walk_fini },
 294         { "an_ctxchain_next",
 295                 "walk kcf_areq_node's by an_ctxchain_next",
 296                 an_ctxchain_walk_init, an_ctxchain_walk_step, areq_walk_fini },
 297         { "kcf_reqid_table", "table of asynchronous crypto requests",
 298                 reqid_table_walk_init, reqid_table_walk_step,
 299                     reqid_table_walk_fini },
 300         { "soft_conf_entry", "table of software providers or addr",
 301                 soft_conf_walk_init, soft_conf_walk_step,
 302                     soft_conf_walk_fini },
 303         { NULL }
 304 };
 305 
 306 
 307 static const mdb_modinfo_t modinfo = {
 308         MDB_API_VERSION, dcmds, walkers
 309 };
 310 
 311 const mdb_modinfo_t *
 312 _mdb_init(void)
 313 {
 314         return (&modinfo);
 315 }