aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/s390/crypto
diff options
context:
space:
mode:
authorHolger Dengler <hd@linux.vnet.ibm.com>2012-08-28 10:45:36 -0400
committerMartin Schwidefsky <schwidefsky@de.ibm.com>2012-09-26 09:44:55 -0400
commit5e55a488c87aa6cc269b04bfec99e835f03b2c2d (patch)
tree59d848f6cf6a67a520a3bd482a853b2955cf97d2 /drivers/s390/crypto
parentb26bd9413c8359bd9f5c9bd1b789a10ebd2bb484 (diff)
s390/zcrypt: Separate msgtype implementation from card modules.
Msgtype implementations are now separated from card specific modules and can be dynamically registered. Existing msgtype implementations are restructured in modules. Signed-off-by: Holger Dengler <hd@linux.vnet.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Diffstat (limited to 'drivers/s390/crypto')
-rw-r--r--drivers/s390/crypto/Makefile1
-rw-r--r--drivers/s390/crypto/zcrypt_api.c73
-rw-r--r--drivers/s390/crypto/zcrypt_api.h10
-rw-r--r--drivers/s390/crypto/zcrypt_cex2a.c368
-rw-r--r--drivers/s390/crypto/zcrypt_msgtype50.c531
-rw-r--r--drivers/s390/crypto/zcrypt_msgtype50.h39
-rw-r--r--drivers/s390/crypto/zcrypt_msgtype6.c856
-rw-r--r--drivers/s390/crypto/zcrypt_msgtype6.h169
-rw-r--r--drivers/s390/crypto/zcrypt_pcixcc.c781
-rw-r--r--drivers/s390/crypto/zcrypt_pcixcc.h3
10 files changed, 1707 insertions, 1124 deletions
diff --git a/drivers/s390/crypto/Makefile b/drivers/s390/crypto/Makefile
index af3c7f16ea88..eca0bfaae08a 100644
--- a/drivers/s390/crypto/Makefile
+++ b/drivers/s390/crypto/Makefile
@@ -5,3 +5,4 @@
5ap-objs := ap_bus.o 5ap-objs := ap_bus.o
6obj-$(CONFIG_ZCRYPT) += ap.o zcrypt_api.o zcrypt_pcicc.o zcrypt_pcixcc.o 6obj-$(CONFIG_ZCRYPT) += ap.o zcrypt_api.o zcrypt_pcicc.o zcrypt_pcixcc.o
7obj-$(CONFIG_ZCRYPT) += zcrypt_pcica.o zcrypt_cex2a.o 7obj-$(CONFIG_ZCRYPT) += zcrypt_pcica.o zcrypt_cex2a.o
8obj-$(CONFIG_ZCRYPT) += zcrypt_msgtype6.o zcrypt_msgtype50.o
diff --git a/drivers/s390/crypto/zcrypt_api.c b/drivers/s390/crypto/zcrypt_api.c
index 2f94132246a1..f1f026e0b189 100644
--- a/drivers/s390/crypto/zcrypt_api.c
+++ b/drivers/s390/crypto/zcrypt_api.c
@@ -1,7 +1,7 @@
1/* 1/*
2 * zcrypt 2.1.0 2 * zcrypt 2.1.0
3 * 3 *
4 * Copyright IBM Corp. 2001, 2006 4 * Copyright IBM Corp. 2001, 2012
5 * Author(s): Robert Burroughs 5 * Author(s): Robert Burroughs
6 * Eric Rossman (edrossma@us.ibm.com) 6 * Eric Rossman (edrossma@us.ibm.com)
7 * Cornelia Huck <cornelia.huck@de.ibm.com> 7 * Cornelia Huck <cornelia.huck@de.ibm.com>
@@ -9,6 +9,7 @@
9 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) 9 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
10 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com> 10 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
11 * Ralph Wuerthner <rwuerthn@de.ibm.com> 11 * Ralph Wuerthner <rwuerthn@de.ibm.com>
12 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
12 * 13 *
13 * This program is free software; you can redistribute it and/or modify 14 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by 15 * it under the terms of the GNU General Public License as published by
@@ -44,8 +45,8 @@
44 * Module description. 45 * Module description.
45 */ 46 */
46MODULE_AUTHOR("IBM Corporation"); 47MODULE_AUTHOR("IBM Corporation");
47MODULE_DESCRIPTION("Cryptographic Coprocessor interface, " 48MODULE_DESCRIPTION("Cryptographic Coprocessor interface, " \
48 "Copyright IBM Corp. 2001, 2006"); 49 "Copyright IBM Corp. 2001, 2012");
49MODULE_LICENSE("GPL"); 50MODULE_LICENSE("GPL");
50 51
51static DEFINE_SPINLOCK(zcrypt_device_lock); 52static DEFINE_SPINLOCK(zcrypt_device_lock);
@@ -56,6 +57,9 @@ static atomic_t zcrypt_open_count = ATOMIC_INIT(0);
56static int zcrypt_rng_device_add(void); 57static int zcrypt_rng_device_add(void);
57static void zcrypt_rng_device_remove(void); 58static void zcrypt_rng_device_remove(void);
58 59
60static DEFINE_SPINLOCK(zcrypt_ops_list_lock);
61static LIST_HEAD(zcrypt_ops_list);
62
59/* 63/*
60 * Device attributes common for all crypto devices. 64 * Device attributes common for all crypto devices.
61 */ 65 */
@@ -215,6 +219,8 @@ int zcrypt_device_register(struct zcrypt_device *zdev)
215{ 219{
216 int rc; 220 int rc;
217 221
222 if (!zdev->ops)
223 return -ENODEV;
218 rc = sysfs_create_group(&zdev->ap_dev->device.kobj, 224 rc = sysfs_create_group(&zdev->ap_dev->device.kobj,
219 &zcrypt_device_attr_group); 225 &zcrypt_device_attr_group);
220 if (rc) 226 if (rc)
@@ -269,6 +275,67 @@ void zcrypt_device_unregister(struct zcrypt_device *zdev)
269} 275}
270EXPORT_SYMBOL(zcrypt_device_unregister); 276EXPORT_SYMBOL(zcrypt_device_unregister);
271 277
278void zcrypt_msgtype_register(struct zcrypt_ops *zops)
279{
280 if (zops->owner) {
281 spin_lock_bh(&zcrypt_ops_list_lock);
282 list_add_tail(&zops->list, &zcrypt_ops_list);
283 spin_unlock_bh(&zcrypt_ops_list_lock);
284 }
285}
286EXPORT_SYMBOL(zcrypt_msgtype_register);
287
288void zcrypt_msgtype_unregister(struct zcrypt_ops *zops)
289{
290 spin_lock_bh(&zcrypt_ops_list_lock);
291 list_del_init(&zops->list);
292 spin_unlock_bh(&zcrypt_ops_list_lock);
293}
294EXPORT_SYMBOL(zcrypt_msgtype_unregister);
295
296static inline
297struct zcrypt_ops *__ops_lookup(unsigned char *name, int variant)
298{
299 struct zcrypt_ops *zops;
300 int found = 0;
301
302 spin_lock_bh(&zcrypt_ops_list_lock);
303 list_for_each_entry(zops, &zcrypt_ops_list, list) {
304 if ((zops->variant == variant) &&
305 (!strncmp(zops->owner->name, name, MODULE_NAME_LEN))) {
306 found = 1;
307 break;
308 }
309 }
310 spin_unlock_bh(&zcrypt_ops_list_lock);
311
312 if (!found)
313 return NULL;
314 return zops;
315}
316
317struct zcrypt_ops *zcrypt_msgtype_request(unsigned char *name, int variant)
318{
319 struct zcrypt_ops *zops = NULL;
320
321 zops = __ops_lookup(name, variant);
322 if (!zops) {
323 request_module(name);
324 zops = __ops_lookup(name, variant);
325 }
326 if ((!zops) || (!try_module_get(zops->owner)))
327 return NULL;
328 return zops;
329}
330EXPORT_SYMBOL(zcrypt_msgtype_request);
331
332void zcrypt_msgtype_release(struct zcrypt_ops *zops)
333{
334 if (zops)
335 module_put(zops->owner);
336}
337EXPORT_SYMBOL(zcrypt_msgtype_release);
338
272/** 339/**
273 * zcrypt_read (): Not supported beyond zcrypt 1.3.1. 340 * zcrypt_read (): Not supported beyond zcrypt 1.3.1.
274 * 341 *
diff --git a/drivers/s390/crypto/zcrypt_api.h b/drivers/s390/crypto/zcrypt_api.h
index 7a32c4bc8ef9..02b2d35de1a7 100644
--- a/drivers/s390/crypto/zcrypt_api.h
+++ b/drivers/s390/crypto/zcrypt_api.h
@@ -1,7 +1,7 @@
1/* 1/*
2 * zcrypt 2.1.0 2 * zcrypt 2.1.0
3 * 3 *
4 * Copyright IBM Corp. 2001, 2006 4 * Copyright IBM Corp. 2001, 2012
5 * Author(s): Robert Burroughs 5 * Author(s): Robert Burroughs
6 * Eric Rossman (edrossma@us.ibm.com) 6 * Eric Rossman (edrossma@us.ibm.com)
7 * Cornelia Huck <cornelia.huck@de.ibm.com> 7 * Cornelia Huck <cornelia.huck@de.ibm.com>
@@ -9,6 +9,7 @@
9 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) 9 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
10 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com> 10 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
11 * Ralph Wuerthner <rwuerthn@de.ibm.com> 11 * Ralph Wuerthner <rwuerthn@de.ibm.com>
12 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
12 * 13 *
13 * This program is free software; you can redistribute it and/or modify 14 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by 15 * it under the terms of the GNU General Public License as published by
@@ -87,6 +88,9 @@ struct zcrypt_ops {
87 struct ica_rsa_modexpo_crt *); 88 struct ica_rsa_modexpo_crt *);
88 long (*send_cprb)(struct zcrypt_device *, struct ica_xcRB *); 89 long (*send_cprb)(struct zcrypt_device *, struct ica_xcRB *);
89 long (*rng)(struct zcrypt_device *, char *); 90 long (*rng)(struct zcrypt_device *, char *);
91 struct list_head list; /* zcrypt ops list. */
92 struct module *owner;
93 int variant;
90}; 94};
91 95
92struct zcrypt_device { 96struct zcrypt_device {
@@ -116,6 +120,10 @@ void zcrypt_device_get(struct zcrypt_device *);
116int zcrypt_device_put(struct zcrypt_device *); 120int zcrypt_device_put(struct zcrypt_device *);
117int zcrypt_device_register(struct zcrypt_device *); 121int zcrypt_device_register(struct zcrypt_device *);
118void zcrypt_device_unregister(struct zcrypt_device *); 122void zcrypt_device_unregister(struct zcrypt_device *);
123void zcrypt_msgtype_register(struct zcrypt_ops *);
124void zcrypt_msgtype_unregister(struct zcrypt_ops *);
125struct zcrypt_ops *zcrypt_msgtype_request(unsigned char *, int);
126void zcrypt_msgtype_release(struct zcrypt_ops *);
119int zcrypt_api_init(void); 127int zcrypt_api_init(void);
120void zcrypt_api_exit(void); 128void zcrypt_api_exit(void);
121 129
diff --git a/drivers/s390/crypto/zcrypt_cex2a.c b/drivers/s390/crypto/zcrypt_cex2a.c
index 8f5f70b43b29..1e849d6e1dfe 100644
--- a/drivers/s390/crypto/zcrypt_cex2a.c
+++ b/drivers/s390/crypto/zcrypt_cex2a.c
@@ -1,13 +1,14 @@
1/* 1/*
2 * zcrypt 2.1.0 2 * zcrypt 2.1.0
3 * 3 *
4 * Copyright IBM Corp. 2001, 2006 4 * Copyright IBM Corp. 2001, 2012
5 * Author(s): Robert Burroughs 5 * Author(s): Robert Burroughs
6 * Eric Rossman (edrossma@us.ibm.com) 6 * Eric Rossman (edrossma@us.ibm.com)
7 * 7 *
8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) 8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com> 9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
10 * Ralph Wuerthner <rwuerthn@de.ibm.com> 10 * Ralph Wuerthner <rwuerthn@de.ibm.com>
11 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
11 * 12 *
12 * This program is free software; you can redistribute it and/or modify 13 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by 14 * it under the terms of the GNU General Public License as published by
@@ -35,6 +36,7 @@
35#include "zcrypt_api.h" 36#include "zcrypt_api.h"
36#include "zcrypt_error.h" 37#include "zcrypt_error.h"
37#include "zcrypt_cex2a.h" 38#include "zcrypt_cex2a.h"
39#include "zcrypt_msgtype50.h"
38 40
39#define CEX2A_MIN_MOD_SIZE 1 /* 8 bits */ 41#define CEX2A_MIN_MOD_SIZE 1 /* 8 bits */
40#define CEX2A_MAX_MOD_SIZE 256 /* 2048 bits */ 42#define CEX2A_MAX_MOD_SIZE 256 /* 2048 bits */
@@ -63,14 +65,12 @@ static struct ap_device_id zcrypt_cex2a_ids[] = {
63 65
64MODULE_DEVICE_TABLE(ap, zcrypt_cex2a_ids); 66MODULE_DEVICE_TABLE(ap, zcrypt_cex2a_ids);
65MODULE_AUTHOR("IBM Corporation"); 67MODULE_AUTHOR("IBM Corporation");
66MODULE_DESCRIPTION("CEX2A Cryptographic Coprocessor device driver, " 68MODULE_DESCRIPTION("CEX2A Cryptographic Coprocessor device driver, " \
67 "Copyright IBM Corp. 2001, 2006"); 69 "Copyright IBM Corp. 2001, 2012");
68MODULE_LICENSE("GPL"); 70MODULE_LICENSE("GPL");
69 71
70static int zcrypt_cex2a_probe(struct ap_device *ap_dev); 72static int zcrypt_cex2a_probe(struct ap_device *ap_dev);
71static void zcrypt_cex2a_remove(struct ap_device *ap_dev); 73static void zcrypt_cex2a_remove(struct ap_device *ap_dev);
72static void zcrypt_cex2a_receive(struct ap_device *, struct ap_message *,
73 struct ap_message *);
74 74
75static struct ap_driver zcrypt_cex2a_driver = { 75static struct ap_driver zcrypt_cex2a_driver = {
76 .probe = zcrypt_cex2a_probe, 76 .probe = zcrypt_cex2a_probe,
@@ -80,344 +80,6 @@ static struct ap_driver zcrypt_cex2a_driver = {
80}; 80};
81 81
82/** 82/**
83 * Convert a ICAMEX message to a type50 MEX message.
84 *
85 * @zdev: crypto device pointer
86 * @zreq: crypto request pointer
87 * @mex: pointer to user input data
88 *
89 * Returns 0 on success or -EFAULT.
90 */
91static int ICAMEX_msg_to_type50MEX_msg(struct zcrypt_device *zdev,
92 struct ap_message *ap_msg,
93 struct ica_rsa_modexpo *mex)
94{
95 unsigned char *mod, *exp, *inp;
96 int mod_len;
97
98 mod_len = mex->inputdatalength;
99
100 if (mod_len <= 128) {
101 struct type50_meb1_msg *meb1 = ap_msg->message;
102 memset(meb1, 0, sizeof(*meb1));
103 ap_msg->length = sizeof(*meb1);
104 meb1->header.msg_type_code = TYPE50_TYPE_CODE;
105 meb1->header.msg_len = sizeof(*meb1);
106 meb1->keyblock_type = TYPE50_MEB1_FMT;
107 mod = meb1->modulus + sizeof(meb1->modulus) - mod_len;
108 exp = meb1->exponent + sizeof(meb1->exponent) - mod_len;
109 inp = meb1->message + sizeof(meb1->message) - mod_len;
110 } else if (mod_len <= 256) {
111 struct type50_meb2_msg *meb2 = ap_msg->message;
112 memset(meb2, 0, sizeof(*meb2));
113 ap_msg->length = sizeof(*meb2);
114 meb2->header.msg_type_code = TYPE50_TYPE_CODE;
115 meb2->header.msg_len = sizeof(*meb2);
116 meb2->keyblock_type = TYPE50_MEB2_FMT;
117 mod = meb2->modulus + sizeof(meb2->modulus) - mod_len;
118 exp = meb2->exponent + sizeof(meb2->exponent) - mod_len;
119 inp = meb2->message + sizeof(meb2->message) - mod_len;
120 } else {
121 /* mod_len > 256 = 4096 bit RSA Key */
122 struct type50_meb3_msg *meb3 = ap_msg->message;
123 memset(meb3, 0, sizeof(*meb3));
124 ap_msg->length = sizeof(*meb3);
125 meb3->header.msg_type_code = TYPE50_TYPE_CODE;
126 meb3->header.msg_len = sizeof(*meb3);
127 meb3->keyblock_type = TYPE50_MEB3_FMT;
128 mod = meb3->modulus + sizeof(meb3->modulus) - mod_len;
129 exp = meb3->exponent + sizeof(meb3->exponent) - mod_len;
130 inp = meb3->message + sizeof(meb3->message) - mod_len;
131 }
132
133 if (copy_from_user(mod, mex->n_modulus, mod_len) ||
134 copy_from_user(exp, mex->b_key, mod_len) ||
135 copy_from_user(inp, mex->inputdata, mod_len))
136 return -EFAULT;
137 return 0;
138}
139
140/**
141 * Convert a ICACRT message to a type50 CRT message.
142 *
143 * @zdev: crypto device pointer
144 * @zreq: crypto request pointer
145 * @crt: pointer to user input data
146 *
147 * Returns 0 on success or -EFAULT.
148 */
149static int ICACRT_msg_to_type50CRT_msg(struct zcrypt_device *zdev,
150 struct ap_message *ap_msg,
151 struct ica_rsa_modexpo_crt *crt)
152{
153 int mod_len, short_len, long_len, long_offset, limit;
154 unsigned char *p, *q, *dp, *dq, *u, *inp;
155
156 mod_len = crt->inputdatalength;
157 short_len = mod_len / 2;
158 long_len = mod_len / 2 + 8;
159
160 /*
161 * CEX2A cannot handle p, dp, or U > 128 bytes.
162 * If we have one of these, we need to do extra checking.
163 * For CEX3A the limit is 256 bytes.
164 */
165 if (zdev->max_mod_size == CEX3A_MAX_MOD_SIZE)
166 limit = 256;
167 else
168 limit = 128;
169
170 if (long_len > limit) {
171 /*
172 * zcrypt_rsa_crt already checked for the leading
173 * zeroes of np_prime, bp_key and u_mult_inc.
174 */
175 long_offset = long_len - limit;
176 long_len = limit;
177 } else
178 long_offset = 0;
179
180 /*
181 * Instead of doing extra work for p, dp, U > 64 bytes, we'll just use
182 * the larger message structure.
183 */
184 if (long_len <= 64) {
185 struct type50_crb1_msg *crb1 = ap_msg->message;
186 memset(crb1, 0, sizeof(*crb1));
187 ap_msg->length = sizeof(*crb1);
188 crb1->header.msg_type_code = TYPE50_TYPE_CODE;
189 crb1->header.msg_len = sizeof(*crb1);
190 crb1->keyblock_type = TYPE50_CRB1_FMT;
191 p = crb1->p + sizeof(crb1->p) - long_len;
192 q = crb1->q + sizeof(crb1->q) - short_len;
193 dp = crb1->dp + sizeof(crb1->dp) - long_len;
194 dq = crb1->dq + sizeof(crb1->dq) - short_len;
195 u = crb1->u + sizeof(crb1->u) - long_len;
196 inp = crb1->message + sizeof(crb1->message) - mod_len;
197 } else if (long_len <= 128) {
198 struct type50_crb2_msg *crb2 = ap_msg->message;
199 memset(crb2, 0, sizeof(*crb2));
200 ap_msg->length = sizeof(*crb2);
201 crb2->header.msg_type_code = TYPE50_TYPE_CODE;
202 crb2->header.msg_len = sizeof(*crb2);
203 crb2->keyblock_type = TYPE50_CRB2_FMT;
204 p = crb2->p + sizeof(crb2->p) - long_len;
205 q = crb2->q + sizeof(crb2->q) - short_len;
206 dp = crb2->dp + sizeof(crb2->dp) - long_len;
207 dq = crb2->dq + sizeof(crb2->dq) - short_len;
208 u = crb2->u + sizeof(crb2->u) - long_len;
209 inp = crb2->message + sizeof(crb2->message) - mod_len;
210 } else {
211 /* long_len >= 256 */
212 struct type50_crb3_msg *crb3 = ap_msg->message;
213 memset(crb3, 0, sizeof(*crb3));
214 ap_msg->length = sizeof(*crb3);
215 crb3->header.msg_type_code = TYPE50_TYPE_CODE;
216 crb3->header.msg_len = sizeof(*crb3);
217 crb3->keyblock_type = TYPE50_CRB3_FMT;
218 p = crb3->p + sizeof(crb3->p) - long_len;
219 q = crb3->q + sizeof(crb3->q) - short_len;
220 dp = crb3->dp + sizeof(crb3->dp) - long_len;
221 dq = crb3->dq + sizeof(crb3->dq) - short_len;
222 u = crb3->u + sizeof(crb3->u) - long_len;
223 inp = crb3->message + sizeof(crb3->message) - mod_len;
224 }
225
226 if (copy_from_user(p, crt->np_prime + long_offset, long_len) ||
227 copy_from_user(q, crt->nq_prime, short_len) ||
228 copy_from_user(dp, crt->bp_key + long_offset, long_len) ||
229 copy_from_user(dq, crt->bq_key, short_len) ||
230 copy_from_user(u, crt->u_mult_inv + long_offset, long_len) ||
231 copy_from_user(inp, crt->inputdata, mod_len))
232 return -EFAULT;
233
234 return 0;
235}
236
237/**
238 * Copy results from a type 80 reply message back to user space.
239 *
240 * @zdev: crypto device pointer
241 * @reply: reply AP message.
242 * @data: pointer to user output data
243 * @length: size of user output data
244 *
245 * Returns 0 on success or -EFAULT.
246 */
247static int convert_type80(struct zcrypt_device *zdev,
248 struct ap_message *reply,
249 char __user *outputdata,
250 unsigned int outputdatalength)
251{
252 struct type80_hdr *t80h = reply->message;
253 unsigned char *data;
254
255 if (t80h->len < sizeof(*t80h) + outputdatalength) {
256 /* The result is too short, the CEX2A card may not do that.. */
257 zdev->online = 0;
258 return -EAGAIN; /* repeat the request on a different device. */
259 }
260 if (zdev->user_space_type == ZCRYPT_CEX2A)
261 BUG_ON(t80h->len > CEX2A_MAX_RESPONSE_SIZE);
262 else
263 BUG_ON(t80h->len > CEX3A_MAX_RESPONSE_SIZE);
264 data = reply->message + t80h->len - outputdatalength;
265 if (copy_to_user(outputdata, data, outputdatalength))
266 return -EFAULT;
267 return 0;
268}
269
270static int convert_response(struct zcrypt_device *zdev,
271 struct ap_message *reply,
272 char __user *outputdata,
273 unsigned int outputdatalength)
274{
275 /* Response type byte is the second byte in the response. */
276 switch (((unsigned char *) reply->message)[1]) {
277 case TYPE82_RSP_CODE:
278 case TYPE88_RSP_CODE:
279 return convert_error(zdev, reply);
280 case TYPE80_RSP_CODE:
281 return convert_type80(zdev, reply,
282 outputdata, outputdatalength);
283 default: /* Unknown response type, this should NEVER EVER happen */
284 zdev->online = 0;
285 return -EAGAIN; /* repeat the request on a different device. */
286 }
287}
288
289/**
290 * This function is called from the AP bus code after a crypto request
291 * "msg" has finished with the reply message "reply".
292 * It is called from tasklet context.
293 * @ap_dev: pointer to the AP device
294 * @msg: pointer to the AP message
295 * @reply: pointer to the AP reply message
296 */
297static void zcrypt_cex2a_receive(struct ap_device *ap_dev,
298 struct ap_message *msg,
299 struct ap_message *reply)
300{
301 static struct error_hdr error_reply = {
302 .type = TYPE82_RSP_CODE,
303 .reply_code = REP82_ERROR_MACHINE_FAILURE,
304 };
305 struct type80_hdr *t80h;
306 int length;
307
308 /* Copy the reply message to the request message buffer. */
309 if (IS_ERR(reply)) {
310 memcpy(msg->message, &error_reply, sizeof(error_reply));
311 goto out;
312 }
313 t80h = reply->message;
314 if (t80h->type == TYPE80_RSP_CODE) {
315 if (ap_dev->device_type == AP_DEVICE_TYPE_CEX2A)
316 length = min(CEX2A_MAX_RESPONSE_SIZE, (int) t80h->len);
317 else
318 length = min(CEX3A_MAX_RESPONSE_SIZE, (int) t80h->len);
319 memcpy(msg->message, reply->message, length);
320 } else
321 memcpy(msg->message, reply->message, sizeof error_reply);
322out:
323 complete((struct completion *) msg->private);
324}
325
326static atomic_t zcrypt_step = ATOMIC_INIT(0);
327
328/**
329 * The request distributor calls this function if it picked the CEX2A
330 * device to handle a modexpo request.
331 * @zdev: pointer to zcrypt_device structure that identifies the
332 * CEX2A device to the request distributor
333 * @mex: pointer to the modexpo request buffer
334 */
335static long zcrypt_cex2a_modexpo(struct zcrypt_device *zdev,
336 struct ica_rsa_modexpo *mex)
337{
338 struct ap_message ap_msg;
339 struct completion work;
340 int rc;
341
342 ap_init_message(&ap_msg);
343 if (zdev->user_space_type == ZCRYPT_CEX2A)
344 ap_msg.message = kmalloc(CEX2A_MAX_MESSAGE_SIZE, GFP_KERNEL);
345 else
346 ap_msg.message = kmalloc(CEX3A_MAX_MESSAGE_SIZE, GFP_KERNEL);
347 if (!ap_msg.message)
348 return -ENOMEM;
349 ap_msg.receive = zcrypt_cex2a_receive;
350 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
351 atomic_inc_return(&zcrypt_step);
352 ap_msg.private = &work;
353 rc = ICAMEX_msg_to_type50MEX_msg(zdev, &ap_msg, mex);
354 if (rc)
355 goto out_free;
356 init_completion(&work);
357 ap_queue_message(zdev->ap_dev, &ap_msg);
358 rc = wait_for_completion_interruptible(&work);
359 if (rc == 0)
360 rc = convert_response(zdev, &ap_msg, mex->outputdata,
361 mex->outputdatalength);
362 else
363 /* Signal pending. */
364 ap_cancel_message(zdev->ap_dev, &ap_msg);
365out_free:
366 kfree(ap_msg.message);
367 return rc;
368}
369
370/**
371 * The request distributor calls this function if it picked the CEX2A
372 * device to handle a modexpo_crt request.
373 * @zdev: pointer to zcrypt_device structure that identifies the
374 * CEX2A device to the request distributor
375 * @crt: pointer to the modexpoc_crt request buffer
376 */
377static long zcrypt_cex2a_modexpo_crt(struct zcrypt_device *zdev,
378 struct ica_rsa_modexpo_crt *crt)
379{
380 struct ap_message ap_msg;
381 struct completion work;
382 int rc;
383
384 ap_init_message(&ap_msg);
385 if (zdev->user_space_type == ZCRYPT_CEX2A)
386 ap_msg.message = kmalloc(CEX2A_MAX_MESSAGE_SIZE, GFP_KERNEL);
387 else
388 ap_msg.message = kmalloc(CEX3A_MAX_MESSAGE_SIZE, GFP_KERNEL);
389 if (!ap_msg.message)
390 return -ENOMEM;
391 ap_msg.receive = zcrypt_cex2a_receive;
392 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
393 atomic_inc_return(&zcrypt_step);
394 ap_msg.private = &work;
395 rc = ICACRT_msg_to_type50CRT_msg(zdev, &ap_msg, crt);
396 if (rc)
397 goto out_free;
398 init_completion(&work);
399 ap_queue_message(zdev->ap_dev, &ap_msg);
400 rc = wait_for_completion_interruptible(&work);
401 if (rc == 0)
402 rc = convert_response(zdev, &ap_msg, crt->outputdata,
403 crt->outputdatalength);
404 else
405 /* Signal pending. */
406 ap_cancel_message(zdev->ap_dev, &ap_msg);
407out_free:
408 kfree(ap_msg.message);
409 return rc;
410}
411
412/**
413 * The crypto operations for a CEX2A card.
414 */
415static struct zcrypt_ops zcrypt_cex2a_ops = {
416 .rsa_modexpo = zcrypt_cex2a_modexpo,
417 .rsa_modexpo_crt = zcrypt_cex2a_modexpo_crt,
418};
419
420/**
421 * Probe function for CEX2A cards. It always accepts the AP device 83 * Probe function for CEX2A cards. It always accepts the AP device
422 * since the bus_match already checked the hardware type. 84 * since the bus_match already checked the hardware type.
423 * @ap_dev: pointer to the AP device. 85 * @ap_dev: pointer to the AP device.
@@ -458,16 +120,18 @@ static int zcrypt_cex2a_probe(struct ap_device *ap_dev)
458 zdev->speed_rating = CEX3A_SPEED_RATING; 120 zdev->speed_rating = CEX3A_SPEED_RATING;
459 break; 121 break;
460 } 122 }
461 if (zdev != NULL) { 123 if (!zdev)
462 zdev->ap_dev = ap_dev; 124 return -ENODEV;
463 zdev->ops = &zcrypt_cex2a_ops; 125 zdev->ops = zcrypt_msgtype_request(MSGTYPE50_NAME,
464 zdev->online = 1; 126 MSGTYPE50_VARIANT_DEFAULT);
465 ap_dev->reply = &zdev->reply; 127 zdev->ap_dev = ap_dev;
466 ap_dev->private = zdev; 128 zdev->online = 1;
467 rc = zcrypt_device_register(zdev); 129 ap_dev->reply = &zdev->reply;
468 } 130 ap_dev->private = zdev;
131 rc = zcrypt_device_register(zdev);
469 if (rc) { 132 if (rc) {
470 ap_dev->private = NULL; 133 ap_dev->private = NULL;
134 zcrypt_msgtype_release(zdev->ops);
471 zcrypt_device_free(zdev); 135 zcrypt_device_free(zdev);
472 } 136 }
473 return rc; 137 return rc;
@@ -480,8 +144,10 @@ static int zcrypt_cex2a_probe(struct ap_device *ap_dev)
480static void zcrypt_cex2a_remove(struct ap_device *ap_dev) 144static void zcrypt_cex2a_remove(struct ap_device *ap_dev)
481{ 145{
482 struct zcrypt_device *zdev = ap_dev->private; 146 struct zcrypt_device *zdev = ap_dev->private;
147 struct zcrypt_ops *zops = zdev->ops;
483 148
484 zcrypt_device_unregister(zdev); 149 zcrypt_device_unregister(zdev);
150 zcrypt_msgtype_release(zops);
485} 151}
486 152
487int __init zcrypt_cex2a_init(void) 153int __init zcrypt_cex2a_init(void)
diff --git a/drivers/s390/crypto/zcrypt_msgtype50.c b/drivers/s390/crypto/zcrypt_msgtype50.c
new file mode 100644
index 000000000000..035b6dc31b71
--- /dev/null
+++ b/drivers/s390/crypto/zcrypt_msgtype50.c
@@ -0,0 +1,531 @@
1/*
2 * zcrypt 2.1.0
3 *
4 * Copyright IBM Corp. 2001, 2012
5 * Author(s): Robert Burroughs
6 * Eric Rossman (edrossma@us.ibm.com)
7 *
8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
10 * Ralph Wuerthner <rwuerthn@de.ibm.com>
11 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2, or (at your option)
16 * any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 */
27
28#include <linux/module.h>
29#include <linux/slab.h>
30#include <linux/init.h>
31#include <linux/err.h>
32#include <linux/atomic.h>
33#include <linux/uaccess.h>
34
35#include "ap_bus.h"
36#include "zcrypt_api.h"
37#include "zcrypt_error.h"
38#include "zcrypt_msgtype50.h"
39
40#define CEX3A_MAX_MOD_SIZE 512 /* 4096 bits */
41
42#define CEX2A_MAX_RESPONSE_SIZE 0x110 /* max outputdatalength + type80_hdr */
43
44#define CEX3A_MAX_RESPONSE_SIZE 0x210 /* 512 bit modulus
45 * (max outputdatalength) +
46 * type80_hdr*/
47
48MODULE_AUTHOR("IBM Corporation");
49MODULE_DESCRIPTION("Cryptographic Accelerator (message type 50), " \
50 "Copyright IBM Corp. 2001, 2012");
51MODULE_LICENSE("GPL");
52
53static void zcrypt_cex2a_receive(struct ap_device *, struct ap_message *,
54 struct ap_message *);
55
56/**
57 * The type 50 message family is associated with a CEX2A card.
58 *
59 * The four members of the family are described below.
60 *
61 * Note that all unsigned char arrays are right-justified and left-padded
62 * with zeroes.
63 *
64 * Note that all reserved fields must be zeroes.
65 */
66struct type50_hdr {
67 unsigned char reserved1;
68 unsigned char msg_type_code; /* 0x50 */
69 unsigned short msg_len;
70 unsigned char reserved2;
71 unsigned char ignored;
72 unsigned short reserved3;
73} __packed;
74
75#define TYPE50_TYPE_CODE 0x50
76
77#define TYPE50_MEB1_FMT 0x0001
78#define TYPE50_MEB2_FMT 0x0002
79#define TYPE50_MEB3_FMT 0x0003
80#define TYPE50_CRB1_FMT 0x0011
81#define TYPE50_CRB2_FMT 0x0012
82#define TYPE50_CRB3_FMT 0x0013
83
84/* Mod-Exp, with a small modulus */
85struct type50_meb1_msg {
86 struct type50_hdr header;
87 unsigned short keyblock_type; /* 0x0001 */
88 unsigned char reserved[6];
89 unsigned char exponent[128];
90 unsigned char modulus[128];
91 unsigned char message[128];
92} __packed;
93
94/* Mod-Exp, with a large modulus */
95struct type50_meb2_msg {
96 struct type50_hdr header;
97 unsigned short keyblock_type; /* 0x0002 */
98 unsigned char reserved[6];
99 unsigned char exponent[256];
100 unsigned char modulus[256];
101 unsigned char message[256];
102} __packed;
103
104/* Mod-Exp, with a larger modulus */
105struct type50_meb3_msg {
106 struct type50_hdr header;
107 unsigned short keyblock_type; /* 0x0003 */
108 unsigned char reserved[6];
109 unsigned char exponent[512];
110 unsigned char modulus[512];
111 unsigned char message[512];
112} __packed;
113
114/* CRT, with a small modulus */
115struct type50_crb1_msg {
116 struct type50_hdr header;
117 unsigned short keyblock_type; /* 0x0011 */
118 unsigned char reserved[6];
119 unsigned char p[64];
120 unsigned char q[64];
121 unsigned char dp[64];
122 unsigned char dq[64];
123 unsigned char u[64];
124 unsigned char message[128];
125} __packed;
126
127/* CRT, with a large modulus */
128struct type50_crb2_msg {
129 struct type50_hdr header;
130 unsigned short keyblock_type; /* 0x0012 */
131 unsigned char reserved[6];
132 unsigned char p[128];
133 unsigned char q[128];
134 unsigned char dp[128];
135 unsigned char dq[128];
136 unsigned char u[128];
137 unsigned char message[256];
138} __packed;
139
140/* CRT, with a larger modulus */
141struct type50_crb3_msg {
142 struct type50_hdr header;
143 unsigned short keyblock_type; /* 0x0013 */
144 unsigned char reserved[6];
145 unsigned char p[256];
146 unsigned char q[256];
147 unsigned char dp[256];
148 unsigned char dq[256];
149 unsigned char u[256];
150 unsigned char message[512];
151} __packed;
152
153/**
154 * The type 80 response family is associated with a CEX2A card.
155 *
156 * Note that all unsigned char arrays are right-justified and left-padded
157 * with zeroes.
158 *
159 * Note that all reserved fields must be zeroes.
160 */
161
162#define TYPE80_RSP_CODE 0x80
163
164struct type80_hdr {
165 unsigned char reserved1;
166 unsigned char type; /* 0x80 */
167 unsigned short len;
168 unsigned char code; /* 0x00 */
169 unsigned char reserved2[3];
170 unsigned char reserved3[8];
171} __packed;
172
173/**
174 * Convert a ICAMEX message to a type50 MEX message.
175 *
176 * @zdev: crypto device pointer
177 * @zreq: crypto request pointer
178 * @mex: pointer to user input data
179 *
180 * Returns 0 on success or -EFAULT.
181 */
182static int ICAMEX_msg_to_type50MEX_msg(struct zcrypt_device *zdev,
183 struct ap_message *ap_msg,
184 struct ica_rsa_modexpo *mex)
185{
186 unsigned char *mod, *exp, *inp;
187 int mod_len;
188
189 mod_len = mex->inputdatalength;
190
191 if (mod_len <= 128) {
192 struct type50_meb1_msg *meb1 = ap_msg->message;
193 memset(meb1, 0, sizeof(*meb1));
194 ap_msg->length = sizeof(*meb1);
195 meb1->header.msg_type_code = TYPE50_TYPE_CODE;
196 meb1->header.msg_len = sizeof(*meb1);
197 meb1->keyblock_type = TYPE50_MEB1_FMT;
198 mod = meb1->modulus + sizeof(meb1->modulus) - mod_len;
199 exp = meb1->exponent + sizeof(meb1->exponent) - mod_len;
200 inp = meb1->message + sizeof(meb1->message) - mod_len;
201 } else if (mod_len <= 256) {
202 struct type50_meb2_msg *meb2 = ap_msg->message;
203 memset(meb2, 0, sizeof(*meb2));
204 ap_msg->length = sizeof(*meb2);
205 meb2->header.msg_type_code = TYPE50_TYPE_CODE;
206 meb2->header.msg_len = sizeof(*meb2);
207 meb2->keyblock_type = TYPE50_MEB2_FMT;
208 mod = meb2->modulus + sizeof(meb2->modulus) - mod_len;
209 exp = meb2->exponent + sizeof(meb2->exponent) - mod_len;
210 inp = meb2->message + sizeof(meb2->message) - mod_len;
211 } else {
212 /* mod_len > 256 = 4096 bit RSA Key */
213 struct type50_meb3_msg *meb3 = ap_msg->message;
214 memset(meb3, 0, sizeof(*meb3));
215 ap_msg->length = sizeof(*meb3);
216 meb3->header.msg_type_code = TYPE50_TYPE_CODE;
217 meb3->header.msg_len = sizeof(*meb3);
218 meb3->keyblock_type = TYPE50_MEB3_FMT;
219 mod = meb3->modulus + sizeof(meb3->modulus) - mod_len;
220 exp = meb3->exponent + sizeof(meb3->exponent) - mod_len;
221 inp = meb3->message + sizeof(meb3->message) - mod_len;
222 }
223
224 if (copy_from_user(mod, mex->n_modulus, mod_len) ||
225 copy_from_user(exp, mex->b_key, mod_len) ||
226 copy_from_user(inp, mex->inputdata, mod_len))
227 return -EFAULT;
228 return 0;
229}
230
231/**
232 * Convert a ICACRT message to a type50 CRT message.
233 *
234 * @zdev: crypto device pointer
235 * @zreq: crypto request pointer
236 * @crt: pointer to user input data
237 *
238 * Returns 0 on success or -EFAULT.
239 */
240static int ICACRT_msg_to_type50CRT_msg(struct zcrypt_device *zdev,
241 struct ap_message *ap_msg,
242 struct ica_rsa_modexpo_crt *crt)
243{
244 int mod_len, short_len, long_len, long_offset, limit;
245 unsigned char *p, *q, *dp, *dq, *u, *inp;
246
247 mod_len = crt->inputdatalength;
248 short_len = mod_len / 2;
249 long_len = mod_len / 2 + 8;
250
251 /*
252 * CEX2A cannot handle p, dp, or U > 128 bytes.
253 * If we have one of these, we need to do extra checking.
254 * For CEX3A the limit is 256 bytes.
255 */
256 if (zdev->max_mod_size == CEX3A_MAX_MOD_SIZE)
257 limit = 256;
258 else
259 limit = 128;
260
261 if (long_len > limit) {
262 /*
263 * zcrypt_rsa_crt already checked for the leading
264 * zeroes of np_prime, bp_key and u_mult_inc.
265 */
266 long_offset = long_len - limit;
267 long_len = limit;
268 } else
269 long_offset = 0;
270
271 /*
272 * Instead of doing extra work for p, dp, U > 64 bytes, we'll just use
273 * the larger message structure.
274 */
275 if (long_len <= 64) {
276 struct type50_crb1_msg *crb1 = ap_msg->message;
277 memset(crb1, 0, sizeof(*crb1));
278 ap_msg->length = sizeof(*crb1);
279 crb1->header.msg_type_code = TYPE50_TYPE_CODE;
280 crb1->header.msg_len = sizeof(*crb1);
281 crb1->keyblock_type = TYPE50_CRB1_FMT;
282 p = crb1->p + sizeof(crb1->p) - long_len;
283 q = crb1->q + sizeof(crb1->q) - short_len;
284 dp = crb1->dp + sizeof(crb1->dp) - long_len;
285 dq = crb1->dq + sizeof(crb1->dq) - short_len;
286 u = crb1->u + sizeof(crb1->u) - long_len;
287 inp = crb1->message + sizeof(crb1->message) - mod_len;
288 } else if (long_len <= 128) {
289 struct type50_crb2_msg *crb2 = ap_msg->message;
290 memset(crb2, 0, sizeof(*crb2));
291 ap_msg->length = sizeof(*crb2);
292 crb2->header.msg_type_code = TYPE50_TYPE_CODE;
293 crb2->header.msg_len = sizeof(*crb2);
294 crb2->keyblock_type = TYPE50_CRB2_FMT;
295 p = crb2->p + sizeof(crb2->p) - long_len;
296 q = crb2->q + sizeof(crb2->q) - short_len;
297 dp = crb2->dp + sizeof(crb2->dp) - long_len;
298 dq = crb2->dq + sizeof(crb2->dq) - short_len;
299 u = crb2->u + sizeof(crb2->u) - long_len;
300 inp = crb2->message + sizeof(crb2->message) - mod_len;
301 } else {
302 /* long_len >= 256 */
303 struct type50_crb3_msg *crb3 = ap_msg->message;
304 memset(crb3, 0, sizeof(*crb3));
305 ap_msg->length = sizeof(*crb3);
306 crb3->header.msg_type_code = TYPE50_TYPE_CODE;
307 crb3->header.msg_len = sizeof(*crb3);
308 crb3->keyblock_type = TYPE50_CRB3_FMT;
309 p = crb3->p + sizeof(crb3->p) - long_len;
310 q = crb3->q + sizeof(crb3->q) - short_len;
311 dp = crb3->dp + sizeof(crb3->dp) - long_len;
312 dq = crb3->dq + sizeof(crb3->dq) - short_len;
313 u = crb3->u + sizeof(crb3->u) - long_len;
314 inp = crb3->message + sizeof(crb3->message) - mod_len;
315 }
316
317 if (copy_from_user(p, crt->np_prime + long_offset, long_len) ||
318 copy_from_user(q, crt->nq_prime, short_len) ||
319 copy_from_user(dp, crt->bp_key + long_offset, long_len) ||
320 copy_from_user(dq, crt->bq_key, short_len) ||
321 copy_from_user(u, crt->u_mult_inv + long_offset, long_len) ||
322 copy_from_user(inp, crt->inputdata, mod_len))
323 return -EFAULT;
324
325 return 0;
326}
327
328/**
329 * Copy results from a type 80 reply message back to user space.
330 *
331 * @zdev: crypto device pointer
332 * @reply: reply AP message.
333 * @data: pointer to user output data
334 * @length: size of user output data
335 *
336 * Returns 0 on success or -EFAULT.
337 */
338static int convert_type80(struct zcrypt_device *zdev,
339 struct ap_message *reply,
340 char __user *outputdata,
341 unsigned int outputdatalength)
342{
343 struct type80_hdr *t80h = reply->message;
344 unsigned char *data;
345
346 if (t80h->len < sizeof(*t80h) + outputdatalength) {
347 /* The result is too short, the CEX2A card may not do that.. */
348 zdev->online = 0;
349 return -EAGAIN; /* repeat the request on a different device. */
350 }
351 if (zdev->user_space_type == ZCRYPT_CEX2A)
352 BUG_ON(t80h->len > CEX2A_MAX_RESPONSE_SIZE);
353 else
354 BUG_ON(t80h->len > CEX3A_MAX_RESPONSE_SIZE);
355 data = reply->message + t80h->len - outputdatalength;
356 if (copy_to_user(outputdata, data, outputdatalength))
357 return -EFAULT;
358 return 0;
359}
360
361static int convert_response(struct zcrypt_device *zdev,
362 struct ap_message *reply,
363 char __user *outputdata,
364 unsigned int outputdatalength)
365{
366 /* Response type byte is the second byte in the response. */
367 switch (((unsigned char *) reply->message)[1]) {
368 case TYPE82_RSP_CODE:
369 case TYPE88_RSP_CODE:
370 return convert_error(zdev, reply);
371 case TYPE80_RSP_CODE:
372 return convert_type80(zdev, reply,
373 outputdata, outputdatalength);
374 default: /* Unknown response type, this should NEVER EVER happen */
375 zdev->online = 0;
376 return -EAGAIN; /* repeat the request on a different device. */
377 }
378}
379
380/**
381 * This function is called from the AP bus code after a crypto request
382 * "msg" has finished with the reply message "reply".
383 * It is called from tasklet context.
384 * @ap_dev: pointer to the AP device
385 * @msg: pointer to the AP message
386 * @reply: pointer to the AP reply message
387 */
388static void zcrypt_cex2a_receive(struct ap_device *ap_dev,
389 struct ap_message *msg,
390 struct ap_message *reply)
391{
392 static struct error_hdr error_reply = {
393 .type = TYPE82_RSP_CODE,
394 .reply_code = REP82_ERROR_MACHINE_FAILURE,
395 };
396 struct type80_hdr *t80h;
397 int length;
398
399 /* Copy the reply message to the request message buffer. */
400 if (IS_ERR(reply)) {
401 memcpy(msg->message, &error_reply, sizeof(error_reply));
402 goto out;
403 }
404 t80h = reply->message;
405 if (t80h->type == TYPE80_RSP_CODE) {
406 if (ap_dev->device_type == AP_DEVICE_TYPE_CEX2A)
407 length = min_t(int,
408 CEX2A_MAX_RESPONSE_SIZE, t80h->len);
409 else
410 length = min_t(int,
411 CEX3A_MAX_RESPONSE_SIZE, t80h->len);
412 memcpy(msg->message, reply->message, length);
413 } else
414 memcpy(msg->message, reply->message, sizeof(error_reply));
415out:
416 complete((struct completion *) msg->private);
417}
418
419static atomic_t zcrypt_step = ATOMIC_INIT(0);
420
421/**
422 * The request distributor calls this function if it picked the CEX2A
423 * device to handle a modexpo request.
424 * @zdev: pointer to zcrypt_device structure that identifies the
425 * CEX2A device to the request distributor
426 * @mex: pointer to the modexpo request buffer
427 */
428static long zcrypt_cex2a_modexpo(struct zcrypt_device *zdev,
429 struct ica_rsa_modexpo *mex)
430{
431 struct ap_message ap_msg;
432 struct completion work;
433 int rc;
434
435 ap_init_message(&ap_msg);
436 if (zdev->user_space_type == ZCRYPT_CEX2A)
437 ap_msg.message = kmalloc(MSGTYPE50_CRB2_MAX_MSG_SIZE,
438 GFP_KERNEL);
439 else
440 ap_msg.message = kmalloc(MSGTYPE50_CRB3_MAX_MSG_SIZE,
441 GFP_KERNEL);
442 if (!ap_msg.message)
443 return -ENOMEM;
444 ap_msg.receive = zcrypt_cex2a_receive;
445 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
446 atomic_inc_return(&zcrypt_step);
447 ap_msg.private = &work;
448 rc = ICAMEX_msg_to_type50MEX_msg(zdev, &ap_msg, mex);
449 if (rc)
450 goto out_free;
451 init_completion(&work);
452 ap_queue_message(zdev->ap_dev, &ap_msg);
453 rc = wait_for_completion_interruptible(&work);
454 if (rc == 0)
455 rc = convert_response(zdev, &ap_msg, mex->outputdata,
456 mex->outputdatalength);
457 else
458 /* Signal pending. */
459 ap_cancel_message(zdev->ap_dev, &ap_msg);
460out_free:
461 kfree(ap_msg.message);
462 return rc;
463}
464
465/**
466 * The request distributor calls this function if it picked the CEX2A
467 * device to handle a modexpo_crt request.
468 * @zdev: pointer to zcrypt_device structure that identifies the
469 * CEX2A device to the request distributor
470 * @crt: pointer to the modexpoc_crt request buffer
471 */
472static long zcrypt_cex2a_modexpo_crt(struct zcrypt_device *zdev,
473 struct ica_rsa_modexpo_crt *crt)
474{
475 struct ap_message ap_msg;
476 struct completion work;
477 int rc;
478
479 ap_init_message(&ap_msg);
480 if (zdev->user_space_type == ZCRYPT_CEX2A)
481 ap_msg.message = kmalloc(MSGTYPE50_CRB2_MAX_MSG_SIZE,
482 GFP_KERNEL);
483 else
484 ap_msg.message = kmalloc(MSGTYPE50_CRB3_MAX_MSG_SIZE,
485 GFP_KERNEL);
486 if (!ap_msg.message)
487 return -ENOMEM;
488 ap_msg.receive = zcrypt_cex2a_receive;
489 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
490 atomic_inc_return(&zcrypt_step);
491 ap_msg.private = &work;
492 rc = ICACRT_msg_to_type50CRT_msg(zdev, &ap_msg, crt);
493 if (rc)
494 goto out_free;
495 init_completion(&work);
496 ap_queue_message(zdev->ap_dev, &ap_msg);
497 rc = wait_for_completion_interruptible(&work);
498 if (rc == 0)
499 rc = convert_response(zdev, &ap_msg, crt->outputdata,
500 crt->outputdatalength);
501 else
502 /* Signal pending. */
503 ap_cancel_message(zdev->ap_dev, &ap_msg);
504out_free:
505 kfree(ap_msg.message);
506 return rc;
507}
508
509/**
510 * The crypto operations for message type 50.
511 */
512static struct zcrypt_ops zcrypt_msgtype50_ops = {
513 .rsa_modexpo = zcrypt_cex2a_modexpo,
514 .rsa_modexpo_crt = zcrypt_cex2a_modexpo_crt,
515 .owner = THIS_MODULE,
516 .variant = MSGTYPE50_VARIANT_DEFAULT,
517};
518
519int __init zcrypt_msgtype50_init(void)
520{
521 zcrypt_msgtype_register(&zcrypt_msgtype50_ops);
522 return 0;
523}
524
525void __exit zcrypt_msgtype50_exit(void)
526{
527 zcrypt_msgtype_unregister(&zcrypt_msgtype50_ops);
528}
529
530module_init(zcrypt_msgtype50_init);
531module_exit(zcrypt_msgtype50_exit);
diff --git a/drivers/s390/crypto/zcrypt_msgtype50.h b/drivers/s390/crypto/zcrypt_msgtype50.h
new file mode 100644
index 000000000000..e56dc72c7733
--- /dev/null
+++ b/drivers/s390/crypto/zcrypt_msgtype50.h
@@ -0,0 +1,39 @@
1/*
2 * zcrypt 2.1.0
3 *
4 * Copyright IBM Corp. 2001, 2012
5 * Author(s): Robert Burroughs
6 * Eric Rossman (edrossma@us.ibm.com)
7 *
8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
10 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2, or (at your option)
15 * any later version.
16 *
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 */
26
27#ifndef _ZCRYPT_MSGTYPE50_H_
28#define _ZCRYPT_MSGTYPE50_H_
29
30#define MSGTYPE50_NAME "zcrypt_msgtype50"
31#define MSGTYPE50_VARIANT_DEFAULT 0
32
33#define MSGTYPE50_CRB2_MAX_MSG_SIZE 0x390 /*sizeof(struct type50_crb2_msg)*/
34#define MSGTYPE50_CRB3_MAX_MSG_SIZE 0x710 /*sizeof(struct type50_crb3_msg)*/
35
36int zcrypt_msgtype50_init(void);
37void zcrypt_msgtype50_exit(void);
38
39#endif /* _ZCRYPT_MSGTYPE50_H_ */
diff --git a/drivers/s390/crypto/zcrypt_msgtype6.c b/drivers/s390/crypto/zcrypt_msgtype6.c
new file mode 100644
index 000000000000..7d97fa5a26d0
--- /dev/null
+++ b/drivers/s390/crypto/zcrypt_msgtype6.c
@@ -0,0 +1,856 @@
1/*
2 * zcrypt 2.1.0
3 *
4 * Copyright IBM Corp. 2001, 2012
5 * Author(s): Robert Burroughs
6 * Eric Rossman (edrossma@us.ibm.com)
7 *
8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
10 * Ralph Wuerthner <rwuerthn@de.ibm.com>
11 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2, or (at your option)
16 * any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 */
27
28#include <linux/module.h>
29#include <linux/init.h>
30#include <linux/err.h>
31#include <linux/delay.h>
32#include <linux/slab.h>
33#include <linux/atomic.h>
34#include <linux/uaccess.h>
35
36#include "ap_bus.h"
37#include "zcrypt_api.h"
38#include "zcrypt_error.h"
39#include "zcrypt_msgtype6.h"
40#include "zcrypt_cca_key.h"
41
42#define PCIXCC_MIN_MOD_SIZE_OLD 64 /* 512 bits */
43#define PCIXCC_MAX_ICA_RESPONSE_SIZE 0x77c /* max size type86 v2 reply */
44
45#define CEIL4(x) ((((x)+3)/4)*4)
46
47struct response_type {
48 struct completion work;
49 int type;
50};
51#define PCIXCC_RESPONSE_TYPE_ICA 0
52#define PCIXCC_RESPONSE_TYPE_XCRB 1
53
54MODULE_AUTHOR("IBM Corporation");
55MODULE_DESCRIPTION("Cryptographic Coprocessor (message type 6), " \
56 "Copyright IBM Corp. 2001, 2012");
57MODULE_LICENSE("GPL");
58
59static void zcrypt_msgtype6_receive(struct ap_device *, struct ap_message *,
60 struct ap_message *);
61
62/**
63 * CPRB
64 * Note that all shorts, ints and longs are little-endian.
65 * All pointer fields are 32-bits long, and mean nothing
66 *
67 * A request CPRB is followed by a request_parameter_block.
68 *
69 * The request (or reply) parameter block is organized thus:
70 * function code
71 * VUD block
72 * key block
73 */
74struct CPRB {
75 unsigned short cprb_len; /* CPRB length */
76 unsigned char cprb_ver_id; /* CPRB version id. */
77 unsigned char pad_000; /* Alignment pad byte. */
78 unsigned char srpi_rtcode[4]; /* SRPI return code LELONG */
79 unsigned char srpi_verb; /* SRPI verb type */
80 unsigned char flags; /* flags */
81 unsigned char func_id[2]; /* function id */
82 unsigned char checkpoint_flag; /* */
83 unsigned char resv2; /* reserved */
84 unsigned short req_parml; /* request parameter buffer */
85 /* length 16-bit little endian */
86 unsigned char req_parmp[4]; /* request parameter buffer *
87 * pointer (means nothing: the *
88 * parameter buffer follows *
89 * the CPRB). */
90 unsigned char req_datal[4]; /* request data buffer */
91 /* length ULELONG */
92 unsigned char req_datap[4]; /* request data buffer */
93 /* pointer */
94 unsigned short rpl_parml; /* reply parameter buffer */
95 /* length 16-bit little endian */
96 unsigned char pad_001[2]; /* Alignment pad bytes. ULESHORT */
97 unsigned char rpl_parmp[4]; /* reply parameter buffer *
98 * pointer (means nothing: the *
99 * parameter buffer follows *
100 * the CPRB). */
101 unsigned char rpl_datal[4]; /* reply data buffer len ULELONG */
102 unsigned char rpl_datap[4]; /* reply data buffer */
103 /* pointer */
104 unsigned short ccp_rscode; /* server reason code ULESHORT */
105 unsigned short ccp_rtcode; /* server return code ULESHORT */
106 unsigned char repd_parml[2]; /* replied parameter len ULESHORT*/
107 unsigned char mac_data_len[2]; /* Mac Data Length ULESHORT */
108 unsigned char repd_datal[4]; /* replied data length ULELONG */
109 unsigned char req_pc[2]; /* PC identifier */
110 unsigned char res_origin[8]; /* resource origin */
111 unsigned char mac_value[8]; /* Mac Value */
112 unsigned char logon_id[8]; /* Logon Identifier */
113 unsigned char usage_domain[2]; /* cdx */
114 unsigned char resv3[18]; /* reserved for requestor */
115 unsigned short svr_namel; /* server name length ULESHORT */
116 unsigned char svr_name[8]; /* server name */
117} __packed;
118
119struct function_and_rules_block {
120 unsigned char function_code[2];
121 unsigned short ulen;
122 unsigned char only_rule[8];
123} __packed;
124
125/**
126 * The following is used to initialize the CPRBX passed to the PCIXCC/CEX2C
127 * card in a type6 message. The 3 fields that must be filled in at execution
128 * time are req_parml, rpl_parml and usage_domain.
129 * Everything about this interface is ascii/big-endian, since the
130 * device does *not* have 'Intel inside'.
131 *
132 * The CPRBX is followed immediately by the parm block.
133 * The parm block contains:
134 * - function code ('PD' 0x5044 or 'PK' 0x504B)
135 * - rule block (one of:)
136 * + 0x000A 'PKCS-1.2' (MCL2 'PD')
137 * + 0x000A 'ZERO-PAD' (MCL2 'PK')
138 * + 0x000A 'ZERO-PAD' (MCL3 'PD' or CEX2C 'PD')
139 * + 0x000A 'MRP ' (MCL3 'PK' or CEX2C 'PK')
140 * - VUD block
141 */
142static struct CPRBX static_cprbx = {
143 .cprb_len = 0x00DC,
144 .cprb_ver_id = 0x02,
145 .func_id = {0x54, 0x32},
146};
147
148/**
149 * Convert a ICAMEX message to a type6 MEX message.
150 *
151 * @zdev: crypto device pointer
152 * @ap_msg: pointer to AP message
153 * @mex: pointer to user input data
154 *
155 * Returns 0 on success or -EFAULT.
156 */
157static int ICAMEX_msg_to_type6MEX_msgX(struct zcrypt_device *zdev,
158 struct ap_message *ap_msg,
159 struct ica_rsa_modexpo *mex)
160{
161 static struct type6_hdr static_type6_hdrX = {
162 .type = 0x06,
163 .offset1 = 0x00000058,
164 .agent_id = {'C', 'A',},
165 .function_code = {'P', 'K'},
166 };
167 static struct function_and_rules_block static_pke_fnr = {
168 .function_code = {'P', 'K'},
169 .ulen = 10,
170 .only_rule = {'M', 'R', 'P', ' ', ' ', ' ', ' ', ' '}
171 };
172 static struct function_and_rules_block static_pke_fnr_MCL2 = {
173 .function_code = {'P', 'K'},
174 .ulen = 10,
175 .only_rule = {'Z', 'E', 'R', 'O', '-', 'P', 'A', 'D'}
176 };
177 struct {
178 struct type6_hdr hdr;
179 struct CPRBX cprbx;
180 struct function_and_rules_block fr;
181 unsigned short length;
182 char text[0];
183 } __packed * msg = ap_msg->message;
184 int size;
185
186 /* VUD.ciphertext */
187 msg->length = mex->inputdatalength + 2;
188 if (copy_from_user(msg->text, mex->inputdata, mex->inputdatalength))
189 return -EFAULT;
190
191 /* Set up key which is located after the variable length text. */
192 size = zcrypt_type6_mex_key_en(mex, msg->text+mex->inputdatalength, 1);
193 if (size < 0)
194 return size;
195 size += sizeof(*msg) + mex->inputdatalength;
196
197 /* message header, cprbx and f&r */
198 msg->hdr = static_type6_hdrX;
199 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
200 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
201
202 msg->cprbx = static_cprbx;
203 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
204 msg->cprbx.rpl_msgbl = msg->hdr.FromCardLen1;
205
206 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
207 static_pke_fnr_MCL2 : static_pke_fnr;
208
209 msg->cprbx.req_parml = size - sizeof(msg->hdr) - sizeof(msg->cprbx);
210
211 ap_msg->length = size;
212 return 0;
213}
214
215/**
216 * Convert a ICACRT message to a type6 CRT message.
217 *
218 * @zdev: crypto device pointer
219 * @ap_msg: pointer to AP message
220 * @crt: pointer to user input data
221 *
222 * Returns 0 on success or -EFAULT.
223 */
224static int ICACRT_msg_to_type6CRT_msgX(struct zcrypt_device *zdev,
225 struct ap_message *ap_msg,
226 struct ica_rsa_modexpo_crt *crt)
227{
228 static struct type6_hdr static_type6_hdrX = {
229 .type = 0x06,
230 .offset1 = 0x00000058,
231 .agent_id = {'C', 'A',},
232 .function_code = {'P', 'D'},
233 };
234 static struct function_and_rules_block static_pkd_fnr = {
235 .function_code = {'P', 'D'},
236 .ulen = 10,
237 .only_rule = {'Z', 'E', 'R', 'O', '-', 'P', 'A', 'D'}
238 };
239
240 static struct function_and_rules_block static_pkd_fnr_MCL2 = {
241 .function_code = {'P', 'D'},
242 .ulen = 10,
243 .only_rule = {'P', 'K', 'C', 'S', '-', '1', '.', '2'}
244 };
245 struct {
246 struct type6_hdr hdr;
247 struct CPRBX cprbx;
248 struct function_and_rules_block fr;
249 unsigned short length;
250 char text[0];
251 } __packed * msg = ap_msg->message;
252 int size;
253
254 /* VUD.ciphertext */
255 msg->length = crt->inputdatalength + 2;
256 if (copy_from_user(msg->text, crt->inputdata, crt->inputdatalength))
257 return -EFAULT;
258
259 /* Set up key which is located after the variable length text. */
260 size = zcrypt_type6_crt_key(crt, msg->text + crt->inputdatalength, 1);
261 if (size < 0)
262 return size;
263 size += sizeof(*msg) + crt->inputdatalength; /* total size of msg */
264
265 /* message header, cprbx and f&r */
266 msg->hdr = static_type6_hdrX;
267 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
268 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
269
270 msg->cprbx = static_cprbx;
271 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
272 msg->cprbx.req_parml = msg->cprbx.rpl_msgbl =
273 size - sizeof(msg->hdr) - sizeof(msg->cprbx);
274
275 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
276 static_pkd_fnr_MCL2 : static_pkd_fnr;
277
278 ap_msg->length = size;
279 return 0;
280}
281
282/**
283 * Convert a XCRB message to a type6 CPRB message.
284 *
285 * @zdev: crypto device pointer
286 * @ap_msg: pointer to AP message
287 * @xcRB: pointer to user input data
288 *
289 * Returns 0 on success or -EFAULT, -EINVAL.
290 */
291struct type86_fmt2_msg {
292 struct type86_hdr hdr;
293 struct type86_fmt2_ext fmt2;
294} __packed;
295
296static int XCRB_msg_to_type6CPRB_msgX(struct zcrypt_device *zdev,
297 struct ap_message *ap_msg,
298 struct ica_xcRB *xcRB)
299{
300 static struct type6_hdr static_type6_hdrX = {
301 .type = 0x06,
302 .offset1 = 0x00000058,
303 };
304 struct {
305 struct type6_hdr hdr;
306 struct CPRBX cprbx;
307 } __packed * msg = ap_msg->message;
308
309 int rcblen = CEIL4(xcRB->request_control_blk_length);
310 int replylen;
311 char *req_data = ap_msg->message + sizeof(struct type6_hdr) + rcblen;
312 char *function_code;
313
314 /* length checks */
315 ap_msg->length = sizeof(struct type6_hdr) +
316 CEIL4(xcRB->request_control_blk_length) +
317 xcRB->request_data_length;
318 if (ap_msg->length > MSGTYPE06_MAX_MSG_SIZE)
319 return -EINVAL;
320 replylen = sizeof(struct type86_fmt2_msg) +
321 CEIL4(xcRB->reply_control_blk_length) +
322 xcRB->reply_data_length;
323 if (replylen > MSGTYPE06_MAX_MSG_SIZE)
324 return -EINVAL;
325
326 /* prepare type6 header */
327 msg->hdr = static_type6_hdrX;
328 memcpy(msg->hdr.agent_id , &(xcRB->agent_ID), sizeof(xcRB->agent_ID));
329 msg->hdr.ToCardLen1 = xcRB->request_control_blk_length;
330 if (xcRB->request_data_length) {
331 msg->hdr.offset2 = msg->hdr.offset1 + rcblen;
332 msg->hdr.ToCardLen2 = xcRB->request_data_length;
333 }
334 msg->hdr.FromCardLen1 = xcRB->reply_control_blk_length;
335 msg->hdr.FromCardLen2 = xcRB->reply_data_length;
336
337 /* prepare CPRB */
338 if (copy_from_user(&(msg->cprbx), xcRB->request_control_blk_addr,
339 xcRB->request_control_blk_length))
340 return -EFAULT;
341 if (msg->cprbx.cprb_len + sizeof(msg->hdr.function_code) >
342 xcRB->request_control_blk_length)
343 return -EINVAL;
344 function_code = ((unsigned char *)&msg->cprbx) + msg->cprbx.cprb_len;
345 memcpy(msg->hdr.function_code, function_code,
346 sizeof(msg->hdr.function_code));
347
348 if (memcmp(function_code, "US", 2) == 0)
349 ap_msg->special = 1;
350 else
351 ap_msg->special = 0;
352
353 /* copy data block */
354 if (xcRB->request_data_length &&
355 copy_from_user(req_data, xcRB->request_data_address,
356 xcRB->request_data_length))
357 return -EFAULT;
358 return 0;
359}
360
361/**
362 * Copy results from a type 86 ICA reply message back to user space.
363 *
364 * @zdev: crypto device pointer
365 * @reply: reply AP message.
366 * @data: pointer to user output data
367 * @length: size of user output data
368 *
369 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
370 */
371struct type86x_reply {
372 struct type86_hdr hdr;
373 struct type86_fmt2_ext fmt2;
374 struct CPRBX cprbx;
375 unsigned char pad[4]; /* 4 byte function code/rules block ? */
376 unsigned short length;
377 char text[0];
378} __packed;
379
380static int convert_type86_ica(struct zcrypt_device *zdev,
381 struct ap_message *reply,
382 char __user *outputdata,
383 unsigned int outputdatalength)
384{
385 static unsigned char static_pad[] = {
386 0x00, 0x02,
387 0x1B, 0x7B, 0x5D, 0xB5, 0x75, 0x01, 0x3D, 0xFD,
388 0x8D, 0xD1, 0xC7, 0x03, 0x2D, 0x09, 0x23, 0x57,
389 0x89, 0x49, 0xB9, 0x3F, 0xBB, 0x99, 0x41, 0x5B,
390 0x75, 0x21, 0x7B, 0x9D, 0x3B, 0x6B, 0x51, 0x39,
391 0xBB, 0x0D, 0x35, 0xB9, 0x89, 0x0F, 0x93, 0xA5,
392 0x0B, 0x47, 0xF1, 0xD3, 0xBB, 0xCB, 0xF1, 0x9D,
393 0x23, 0x73, 0x71, 0xFF, 0xF3, 0xF5, 0x45, 0xFB,
394 0x61, 0x29, 0x23, 0xFD, 0xF1, 0x29, 0x3F, 0x7F,
395 0x17, 0xB7, 0x1B, 0xA9, 0x19, 0xBD, 0x57, 0xA9,
396 0xD7, 0x95, 0xA3, 0xCB, 0xED, 0x1D, 0xDB, 0x45,
397 0x7D, 0x11, 0xD1, 0x51, 0x1B, 0xED, 0x71, 0xE9,
398 0xB1, 0xD1, 0xAB, 0xAB, 0x21, 0x2B, 0x1B, 0x9F,
399 0x3B, 0x9F, 0xF7, 0xF7, 0xBD, 0x63, 0xEB, 0xAD,
400 0xDF, 0xB3, 0x6F, 0x5B, 0xDB, 0x8D, 0xA9, 0x5D,
401 0xE3, 0x7D, 0x77, 0x49, 0x47, 0xF5, 0xA7, 0xFD,
402 0xAB, 0x2F, 0x27, 0x35, 0x77, 0xD3, 0x49, 0xC9,
403 0x09, 0xEB, 0xB1, 0xF9, 0xBF, 0x4B, 0xCB, 0x2B,
404 0xEB, 0xEB, 0x05, 0xFF, 0x7D, 0xC7, 0x91, 0x8B,
405 0x09, 0x83, 0xB9, 0xB9, 0x69, 0x33, 0x39, 0x6B,
406 0x79, 0x75, 0x19, 0xBF, 0xBB, 0x07, 0x1D, 0xBD,
407 0x29, 0xBF, 0x39, 0x95, 0x93, 0x1D, 0x35, 0xC7,
408 0xC9, 0x4D, 0xE5, 0x97, 0x0B, 0x43, 0x9B, 0xF1,
409 0x16, 0x93, 0x03, 0x1F, 0xA5, 0xFB, 0xDB, 0xF3,
410 0x27, 0x4F, 0x27, 0x61, 0x05, 0x1F, 0xB9, 0x23,
411 0x2F, 0xC3, 0x81, 0xA9, 0x23, 0x71, 0x55, 0x55,
412 0xEB, 0xED, 0x41, 0xE5, 0xF3, 0x11, 0xF1, 0x43,
413 0x69, 0x03, 0xBD, 0x0B, 0x37, 0x0F, 0x51, 0x8F,
414 0x0B, 0xB5, 0x89, 0x5B, 0x67, 0xA9, 0xD9, 0x4F,
415 0x01, 0xF9, 0x21, 0x77, 0x37, 0x73, 0x79, 0xC5,
416 0x7F, 0x51, 0xC1, 0xCF, 0x97, 0xA1, 0x75, 0xAD,
417 0x35, 0x9D, 0xD3, 0xD3, 0xA7, 0x9D, 0x5D, 0x41,
418 0x6F, 0x65, 0x1B, 0xCF, 0xA9, 0x87, 0x91, 0x09
419 };
420 struct type86x_reply *msg = reply->message;
421 unsigned short service_rc, service_rs;
422 unsigned int reply_len, pad_len;
423 char *data;
424
425 service_rc = msg->cprbx.ccp_rtcode;
426 if (unlikely(service_rc != 0)) {
427 service_rs = msg->cprbx.ccp_rscode;
428 if (service_rc == 8 && service_rs == 66)
429 return -EINVAL;
430 if (service_rc == 8 && service_rs == 65)
431 return -EINVAL;
432 if (service_rc == 8 && service_rs == 770)
433 return -EINVAL;
434 if (service_rc == 8 && service_rs == 783) {
435 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
436 return -EAGAIN;
437 }
438 if (service_rc == 12 && service_rs == 769)
439 return -EINVAL;
440 if (service_rc == 8 && service_rs == 72)
441 return -EINVAL;
442 zdev->online = 0;
443 return -EAGAIN; /* repeat the request on a different device. */
444 }
445 data = msg->text;
446 reply_len = msg->length - 2;
447 if (reply_len > outputdatalength)
448 return -EINVAL;
449 /*
450 * For all encipher requests, the length of the ciphertext (reply_len)
451 * will always equal the modulus length. For MEX decipher requests
452 * the output needs to get padded. Minimum pad size is 10.
453 *
454 * Currently, the cases where padding will be added is for:
455 * - PCIXCC_MCL2 using a CRT form token (since PKD didn't support
456 * ZERO-PAD and CRT is only supported for PKD requests)
457 * - PCICC, always
458 */
459 pad_len = outputdatalength - reply_len;
460 if (pad_len > 0) {
461 if (pad_len < 10)
462 return -EINVAL;
463 /* 'restore' padding left in the PCICC/PCIXCC card. */
464 if (copy_to_user(outputdata, static_pad, pad_len - 1))
465 return -EFAULT;
466 if (put_user(0, outputdata + pad_len - 1))
467 return -EFAULT;
468 }
469 /* Copy the crypto response to user space. */
470 if (copy_to_user(outputdata + pad_len, data, reply_len))
471 return -EFAULT;
472 return 0;
473}
474
475/**
476 * Copy results from a type 86 XCRB reply message back to user space.
477 *
478 * @zdev: crypto device pointer
479 * @reply: reply AP message.
480 * @xcRB: pointer to XCRB
481 *
482 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
483 */
484static int convert_type86_xcrb(struct zcrypt_device *zdev,
485 struct ap_message *reply,
486 struct ica_xcRB *xcRB)
487{
488 struct type86_fmt2_msg *msg = reply->message;
489 char *data = reply->message;
490
491 /* Copy CPRB to user */
492 if (copy_to_user(xcRB->reply_control_blk_addr,
493 data + msg->fmt2.offset1, msg->fmt2.count1))
494 return -EFAULT;
495 xcRB->reply_control_blk_length = msg->fmt2.count1;
496
497 /* Copy data buffer to user */
498 if (msg->fmt2.count2)
499 if (copy_to_user(xcRB->reply_data_addr,
500 data + msg->fmt2.offset2, msg->fmt2.count2))
501 return -EFAULT;
502 xcRB->reply_data_length = msg->fmt2.count2;
503 return 0;
504}
505
506static int convert_type86_rng(struct zcrypt_device *zdev,
507 struct ap_message *reply,
508 char *buffer)
509{
510 struct {
511 struct type86_hdr hdr;
512 struct type86_fmt2_ext fmt2;
513 struct CPRBX cprbx;
514 } __packed * msg = reply->message;
515 char *data = reply->message;
516
517 if (msg->cprbx.ccp_rtcode != 0 || msg->cprbx.ccp_rscode != 0)
518 return -EINVAL;
519 memcpy(buffer, data + msg->fmt2.offset2, msg->fmt2.count2);
520 return msg->fmt2.count2;
521}
522
523static int convert_response_ica(struct zcrypt_device *zdev,
524 struct ap_message *reply,
525 char __user *outputdata,
526 unsigned int outputdatalength)
527{
528 struct type86x_reply *msg = reply->message;
529
530 /* Response type byte is the second byte in the response. */
531 switch (((unsigned char *) reply->message)[1]) {
532 case TYPE82_RSP_CODE:
533 case TYPE88_RSP_CODE:
534 return convert_error(zdev, reply);
535 case TYPE86_RSP_CODE:
536 if (msg->cprbx.ccp_rtcode &&
537 (msg->cprbx.ccp_rscode == 0x14f) &&
538 (outputdatalength > 256)) {
539 if (zdev->max_exp_bit_length <= 17) {
540 zdev->max_exp_bit_length = 17;
541 return -EAGAIN;
542 } else
543 return -EINVAL;
544 }
545 if (msg->hdr.reply_code)
546 return convert_error(zdev, reply);
547 if (msg->cprbx.cprb_ver_id == 0x02)
548 return convert_type86_ica(zdev, reply,
549 outputdata, outputdatalength);
550 /* Fall through, no break, incorrect cprb version is an unknown
551 * response */
552 default: /* Unknown response type, this should NEVER EVER happen */
553 zdev->online = 0;
554 return -EAGAIN; /* repeat the request on a different device. */
555 }
556}
557
558static int convert_response_xcrb(struct zcrypt_device *zdev,
559 struct ap_message *reply,
560 struct ica_xcRB *xcRB)
561{
562 struct type86x_reply *msg = reply->message;
563
564 /* Response type byte is the second byte in the response. */
565 switch (((unsigned char *) reply->message)[1]) {
566 case TYPE82_RSP_CODE:
567 case TYPE88_RSP_CODE:
568 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
569 return convert_error(zdev, reply);
570 case TYPE86_RSP_CODE:
571 if (msg->hdr.reply_code) {
572 memcpy(&(xcRB->status), msg->fmt2.apfs, sizeof(u32));
573 return convert_error(zdev, reply);
574 }
575 if (msg->cprbx.cprb_ver_id == 0x02)
576 return convert_type86_xcrb(zdev, reply, xcRB);
577 /* Fall through, no break, incorrect cprb version is an unknown
578 * response */
579 default: /* Unknown response type, this should NEVER EVER happen */
580 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
581 zdev->online = 0;
582 return -EAGAIN; /* repeat the request on a different device. */
583 }
584}
585
586static int convert_response_rng(struct zcrypt_device *zdev,
587 struct ap_message *reply,
588 char *data)
589{
590 struct type86x_reply *msg = reply->message;
591
592 switch (msg->hdr.type) {
593 case TYPE82_RSP_CODE:
594 case TYPE88_RSP_CODE:
595 return -EINVAL;
596 case TYPE86_RSP_CODE:
597 if (msg->hdr.reply_code)
598 return -EINVAL;
599 if (msg->cprbx.cprb_ver_id == 0x02)
600 return convert_type86_rng(zdev, reply, data);
601 /* Fall through, no break, incorrect cprb version is an unknown
602 * response */
603 default: /* Unknown response type, this should NEVER EVER happen */
604 zdev->online = 0;
605 return -EAGAIN; /* repeat the request on a different device. */
606 }
607}
608
609/**
610 * This function is called from the AP bus code after a crypto request
611 * "msg" has finished with the reply message "reply".
612 * It is called from tasklet context.
613 * @ap_dev: pointer to the AP device
614 * @msg: pointer to the AP message
615 * @reply: pointer to the AP reply message
616 */
617static void zcrypt_msgtype6_receive(struct ap_device *ap_dev,
618 struct ap_message *msg,
619 struct ap_message *reply)
620{
621 static struct error_hdr error_reply = {
622 .type = TYPE82_RSP_CODE,
623 .reply_code = REP82_ERROR_MACHINE_FAILURE,
624 };
625 struct response_type *resp_type =
626 (struct response_type *) msg->private;
627 struct type86x_reply *t86r;
628 int length;
629
630 /* Copy the reply message to the request message buffer. */
631 if (IS_ERR(reply)) {
632 memcpy(msg->message, &error_reply, sizeof(error_reply));
633 goto out;
634 }
635 t86r = reply->message;
636 if (t86r->hdr.type == TYPE86_RSP_CODE &&
637 t86r->cprbx.cprb_ver_id == 0x02) {
638 switch (resp_type->type) {
639 case PCIXCC_RESPONSE_TYPE_ICA:
640 length = sizeof(struct type86x_reply)
641 + t86r->length - 2;
642 length = min(PCIXCC_MAX_ICA_RESPONSE_SIZE, length);
643 memcpy(msg->message, reply->message, length);
644 break;
645 case PCIXCC_RESPONSE_TYPE_XCRB:
646 length = t86r->fmt2.offset2 + t86r->fmt2.count2;
647 length = min(MSGTYPE06_MAX_MSG_SIZE, length);
648 memcpy(msg->message, reply->message, length);
649 break;
650 default:
651 memcpy(msg->message, &error_reply,
652 sizeof(error_reply));
653 }
654 } else
655 memcpy(msg->message, reply->message, sizeof(error_reply));
656out:
657 complete(&(resp_type->work));
658}
659
660static atomic_t zcrypt_step = ATOMIC_INIT(0);
661
662/**
663 * The request distributor calls this function if it picked the PCIXCC/CEX2C
664 * device to handle a modexpo request.
665 * @zdev: pointer to zcrypt_device structure that identifies the
666 * PCIXCC/CEX2C device to the request distributor
667 * @mex: pointer to the modexpo request buffer
668 */
669static long zcrypt_msgtype6_modexpo(struct zcrypt_device *zdev,
670 struct ica_rsa_modexpo *mex)
671{
672 struct ap_message ap_msg;
673 struct response_type resp_type = {
674 .type = PCIXCC_RESPONSE_TYPE_ICA,
675 };
676 int rc;
677
678 ap_init_message(&ap_msg);
679 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
680 if (!ap_msg.message)
681 return -ENOMEM;
682 ap_msg.receive = zcrypt_msgtype6_receive;
683 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
684 atomic_inc_return(&zcrypt_step);
685 ap_msg.private = &resp_type;
686 rc = ICAMEX_msg_to_type6MEX_msgX(zdev, &ap_msg, mex);
687 if (rc)
688 goto out_free;
689 init_completion(&resp_type.work);
690 ap_queue_message(zdev->ap_dev, &ap_msg);
691 rc = wait_for_completion_interruptible(&resp_type.work);
692 if (rc == 0)
693 rc = convert_response_ica(zdev, &ap_msg, mex->outputdata,
694 mex->outputdatalength);
695 else
696 /* Signal pending. */
697 ap_cancel_message(zdev->ap_dev, &ap_msg);
698out_free:
699 free_page((unsigned long) ap_msg.message);
700 return rc;
701}
702
703/**
704 * The request distributor calls this function if it picked the PCIXCC/CEX2C
705 * device to handle a modexpo_crt request.
706 * @zdev: pointer to zcrypt_device structure that identifies the
707 * PCIXCC/CEX2C device to the request distributor
708 * @crt: pointer to the modexpoc_crt request buffer
709 */
710static long zcrypt_msgtype6_modexpo_crt(struct zcrypt_device *zdev,
711 struct ica_rsa_modexpo_crt *crt)
712{
713 struct ap_message ap_msg;
714 struct response_type resp_type = {
715 .type = PCIXCC_RESPONSE_TYPE_ICA,
716 };
717 int rc;
718
719 ap_init_message(&ap_msg);
720 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
721 if (!ap_msg.message)
722 return -ENOMEM;
723 ap_msg.receive = zcrypt_msgtype6_receive;
724 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
725 atomic_inc_return(&zcrypt_step);
726 ap_msg.private = &resp_type;
727 rc = ICACRT_msg_to_type6CRT_msgX(zdev, &ap_msg, crt);
728 if (rc)
729 goto out_free;
730 init_completion(&resp_type.work);
731 ap_queue_message(zdev->ap_dev, &ap_msg);
732 rc = wait_for_completion_interruptible(&resp_type.work);
733 if (rc == 0)
734 rc = convert_response_ica(zdev, &ap_msg, crt->outputdata,
735 crt->outputdatalength);
736 else
737 /* Signal pending. */
738 ap_cancel_message(zdev->ap_dev, &ap_msg);
739out_free:
740 free_page((unsigned long) ap_msg.message);
741 return rc;
742}
743
744/**
745 * The request distributor calls this function if it picked the PCIXCC/CEX2C
746 * device to handle a send_cprb request.
747 * @zdev: pointer to zcrypt_device structure that identifies the
748 * PCIXCC/CEX2C device to the request distributor
749 * @xcRB: pointer to the send_cprb request buffer
750 */
751static long zcrypt_msgtype6_send_cprb(struct zcrypt_device *zdev,
752 struct ica_xcRB *xcRB)
753{
754 struct ap_message ap_msg;
755 struct response_type resp_type = {
756 .type = PCIXCC_RESPONSE_TYPE_XCRB,
757 };
758 int rc;
759
760 ap_init_message(&ap_msg);
761 ap_msg.message = kmalloc(MSGTYPE06_MAX_MSG_SIZE, GFP_KERNEL);
762 if (!ap_msg.message)
763 return -ENOMEM;
764 ap_msg.receive = zcrypt_msgtype6_receive;
765 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
766 atomic_inc_return(&zcrypt_step);
767 ap_msg.private = &resp_type;
768 rc = XCRB_msg_to_type6CPRB_msgX(zdev, &ap_msg, xcRB);
769 if (rc)
770 goto out_free;
771 init_completion(&resp_type.work);
772 ap_queue_message(zdev->ap_dev, &ap_msg);
773 rc = wait_for_completion_interruptible(&resp_type.work);
774 if (rc == 0)
775 rc = convert_response_xcrb(zdev, &ap_msg, xcRB);
776 else
777 /* Signal pending. */
778 ap_cancel_message(zdev->ap_dev, &ap_msg);
779out_free:
780 kzfree(ap_msg.message);
781 return rc;
782}
783
784/**
785 * The request distributor calls this function if it picked the PCIXCC/CEX2C
786 * device to generate random data.
787 * @zdev: pointer to zcrypt_device structure that identifies the
788 * PCIXCC/CEX2C device to the request distributor
789 * @buffer: pointer to a memory page to return random data
790 */
791
792static long zcrypt_msgtype6_rng(struct zcrypt_device *zdev,
793 char *buffer)
794{
795 struct ap_message ap_msg;
796 struct response_type resp_type = {
797 .type = PCIXCC_RESPONSE_TYPE_XCRB,
798 };
799 int rc;
800
801 ap_init_message(&ap_msg);
802 ap_msg.message = kmalloc(MSGTYPE06_MAX_MSG_SIZE, GFP_KERNEL);
803 if (!ap_msg.message)
804 return -ENOMEM;
805 ap_msg.receive = zcrypt_msgtype6_receive;
806 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
807 atomic_inc_return(&zcrypt_step);
808 ap_msg.private = &resp_type;
809 rng_type6CPRB_msgX(zdev->ap_dev, &ap_msg, ZCRYPT_RNG_BUFFER_SIZE);
810 init_completion(&resp_type.work);
811 ap_queue_message(zdev->ap_dev, &ap_msg);
812 rc = wait_for_completion_interruptible(&resp_type.work);
813 if (rc == 0)
814 rc = convert_response_rng(zdev, &ap_msg, buffer);
815 else
816 /* Signal pending. */
817 ap_cancel_message(zdev->ap_dev, &ap_msg);
818 kfree(ap_msg.message);
819 return rc;
820}
821
822/**
823 * The crypto operations for a PCIXCC/CEX2C card.
824 */
825static struct zcrypt_ops zcrypt_msgtype6_norng_ops = {
826 .owner = THIS_MODULE,
827 .variant = MSGTYPE06_VARIANT_NORNG,
828 .rsa_modexpo = zcrypt_msgtype6_modexpo,
829 .rsa_modexpo_crt = zcrypt_msgtype6_modexpo_crt,
830 .send_cprb = zcrypt_msgtype6_send_cprb,
831};
832
833static struct zcrypt_ops zcrypt_msgtype6_ops = {
834 .owner = THIS_MODULE,
835 .variant = MSGTYPE06_VARIANT_DEFAULT,
836 .rsa_modexpo = zcrypt_msgtype6_modexpo,
837 .rsa_modexpo_crt = zcrypt_msgtype6_modexpo_crt,
838 .send_cprb = zcrypt_msgtype6_send_cprb,
839 .rng = zcrypt_msgtype6_rng,
840};
841
842int __init zcrypt_msgtype6_init(void)
843{
844 zcrypt_msgtype_register(&zcrypt_msgtype6_norng_ops);
845 zcrypt_msgtype_register(&zcrypt_msgtype6_ops);
846 return 0;
847}
848
849void __exit zcrypt_msgtype6_exit(void)
850{
851 zcrypt_msgtype_unregister(&zcrypt_msgtype6_norng_ops);
852 zcrypt_msgtype_unregister(&zcrypt_msgtype6_ops);
853}
854
855module_init(zcrypt_msgtype6_init);
856module_exit(zcrypt_msgtype6_exit);
diff --git a/drivers/s390/crypto/zcrypt_msgtype6.h b/drivers/s390/crypto/zcrypt_msgtype6.h
new file mode 100644
index 000000000000..1e500d3c0735
--- /dev/null
+++ b/drivers/s390/crypto/zcrypt_msgtype6.h
@@ -0,0 +1,169 @@
1/*
2 * zcrypt 2.1.0
3 *
4 * Copyright IBM Corp. 2001, 2012
5 * Author(s): Robert Burroughs
6 * Eric Rossman (edrossma@us.ibm.com)
7 *
8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
10 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2, or (at your option)
15 * any later version.
16 *
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 */
26
27#ifndef _ZCRYPT_MSGTYPE6_H_
28#define _ZCRYPT_MSGTYPE6_H_
29
30#include <asm/zcrypt.h>
31
32#define MSGTYPE06_NAME "zcrypt_msgtype6"
33#define MSGTYPE06_VARIANT_DEFAULT 0
34#define MSGTYPE06_VARIANT_NORNG 1
35
36#define MSGTYPE06_MAX_MSG_SIZE (12*1024)
37
38/**
39 * The type 6 message family is associated with PCICC or PCIXCC cards.
40 *
41 * It contains a message header followed by a CPRB, both of which
42 * are described below.
43 *
44 * Note that all reserved fields must be zeroes.
45 */
46struct type6_hdr {
47 unsigned char reserved1; /* 0x00 */
48 unsigned char type; /* 0x06 */
49 unsigned char reserved2[2]; /* 0x0000 */
50 unsigned char right[4]; /* 0x00000000 */
51 unsigned char reserved3[2]; /* 0x0000 */
52 unsigned char reserved4[2]; /* 0x0000 */
53 unsigned char apfs[4]; /* 0x00000000 */
54 unsigned int offset1; /* 0x00000058 (offset to CPRB) */
55 unsigned int offset2; /* 0x00000000 */
56 unsigned int offset3; /* 0x00000000 */
57 unsigned int offset4; /* 0x00000000 */
58 unsigned char agent_id[16]; /* PCICC: */
59 /* 0x0100 */
60 /* 0x4343412d4150504c202020 */
61 /* 0x010101 */
62 /* PCIXCC: */
63 /* 0x4341000000000000 */
64 /* 0x0000000000000000 */
65 unsigned char rqid[2]; /* rqid. internal to 603 */
66 unsigned char reserved5[2]; /* 0x0000 */
67 unsigned char function_code[2]; /* for PKD, 0x5044 (ascii 'PD') */
68 unsigned char reserved6[2]; /* 0x0000 */
69 unsigned int ToCardLen1; /* (request CPRB len + 3) & -4 */
70 unsigned int ToCardLen2; /* db len 0x00000000 for PKD */
71 unsigned int ToCardLen3; /* 0x00000000 */
72 unsigned int ToCardLen4; /* 0x00000000 */
73 unsigned int FromCardLen1; /* response buffer length */
74 unsigned int FromCardLen2; /* db len 0x00000000 for PKD */
75 unsigned int FromCardLen3; /* 0x00000000 */
76 unsigned int FromCardLen4; /* 0x00000000 */
77} __packed;
78
79/**
80 * The type 86 message family is associated with PCICC and PCIXCC cards.
81 *
82 * It contains a message header followed by a CPRB. The CPRB is
83 * the same as the request CPRB, which is described above.
84 *
85 * If format is 1, an error condition exists and no data beyond
86 * the 8-byte message header is of interest.
87 *
88 * The non-error message is shown below.
89 *
90 * Note that all reserved fields must be zeroes.
91 */
92struct type86_hdr {
93 unsigned char reserved1; /* 0x00 */
94 unsigned char type; /* 0x86 */
95 unsigned char format; /* 0x01 (error) or 0x02 (ok) */
96 unsigned char reserved2; /* 0x00 */
97 unsigned char reply_code; /* reply code (see above) */
98 unsigned char reserved3[3]; /* 0x000000 */
99} __packed;
100
101#define TYPE86_RSP_CODE 0x86
102#define TYPE86_FMT2 0x02
103
104struct type86_fmt2_ext {
105 unsigned char reserved[4]; /* 0x00000000 */
106 unsigned char apfs[4]; /* final status */
107 unsigned int count1; /* length of CPRB + parameters */
108 unsigned int offset1; /* offset to CPRB */
109 unsigned int count2; /* 0x00000000 */
110 unsigned int offset2; /* db offset 0x00000000 for PKD */
111 unsigned int count3; /* 0x00000000 */
112 unsigned int offset3; /* 0x00000000 */
113 unsigned int count4; /* 0x00000000 */
114 unsigned int offset4; /* 0x00000000 */
115} __packed;
116
117/**
118 * Prepare a type6 CPRB message for random number generation
119 *
120 * @ap_dev: AP device pointer
121 * @ap_msg: pointer to AP message
122 */
123static inline void rng_type6CPRB_msgX(struct ap_device *ap_dev,
124 struct ap_message *ap_msg,
125 unsigned random_number_length)
126{
127 struct {
128 struct type6_hdr hdr;
129 struct CPRBX cprbx;
130 char function_code[2];
131 short int rule_length;
132 char rule[8];
133 short int verb_length;
134 short int key_length;
135 } __packed * msg = ap_msg->message;
136 static struct type6_hdr static_type6_hdrX = {
137 .type = 0x06,
138 .offset1 = 0x00000058,
139 .agent_id = {'C', 'A'},
140 .function_code = {'R', 'L'},
141 .ToCardLen1 = sizeof(*msg) - sizeof(msg->hdr),
142 .FromCardLen1 = sizeof(*msg) - sizeof(msg->hdr),
143 };
144 static struct CPRBX local_cprbx = {
145 .cprb_len = 0x00dc,
146 .cprb_ver_id = 0x02,
147 .func_id = {0x54, 0x32},
148 .req_parml = sizeof(*msg) - sizeof(msg->hdr) -
149 sizeof(msg->cprbx),
150 .rpl_msgbl = sizeof(*msg) - sizeof(msg->hdr),
151 };
152
153 msg->hdr = static_type6_hdrX;
154 msg->hdr.FromCardLen2 = random_number_length,
155 msg->cprbx = local_cprbx;
156 msg->cprbx.rpl_datal = random_number_length,
157 msg->cprbx.domain = AP_QID_QUEUE(ap_dev->qid);
158 memcpy(msg->function_code, msg->hdr.function_code, 0x02);
159 msg->rule_length = 0x0a;
160 memcpy(msg->rule, "RANDOM ", 8);
161 msg->verb_length = 0x02;
162 msg->key_length = 0x02;
163 ap_msg->length = sizeof(*msg);
164}
165
166int zcrypt_msgtype6_init(void);
167void zcrypt_msgtype6_exit(void);
168
169#endif /* _ZCRYPT_MSGTYPE6_H_ */
diff --git a/drivers/s390/crypto/zcrypt_pcixcc.c b/drivers/s390/crypto/zcrypt_pcixcc.c
index ccb4f8b60c75..c7275e303a0d 100644
--- a/drivers/s390/crypto/zcrypt_pcixcc.c
+++ b/drivers/s390/crypto/zcrypt_pcixcc.c
@@ -1,13 +1,14 @@
1/* 1/*
2 * zcrypt 2.1.0 2 * zcrypt 2.1.0
3 * 3 *
4 * Copyright IBM Corp. 2001, 2006 4 * Copyright IBM Corp. 2001, 2012
5 * Author(s): Robert Burroughs 5 * Author(s): Robert Burroughs
6 * Eric Rossman (edrossma@us.ibm.com) 6 * Eric Rossman (edrossma@us.ibm.com)
7 * 7 *
8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) 8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com> 9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
10 * Ralph Wuerthner <rwuerthn@de.ibm.com> 10 * Ralph Wuerthner <rwuerthn@de.ibm.com>
11 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
11 * 12 *
12 * This program is free software; you can redistribute it and/or modify 13 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by 14 * it under the terms of the GNU General Public License as published by
@@ -35,9 +36,10 @@
35#include "ap_bus.h" 36#include "ap_bus.h"
36#include "zcrypt_api.h" 37#include "zcrypt_api.h"
37#include "zcrypt_error.h" 38#include "zcrypt_error.h"
38#include "zcrypt_pcicc.h" 39#include "zcrypt_msgtype6.h"
39#include "zcrypt_pcixcc.h" 40#include "zcrypt_pcixcc.h"
40#include "zcrypt_cca_key.h" 41#include "zcrypt_cca_key.h"
42#include "zcrypt_msgtype6.h"
41 43
42#define PCIXCC_MIN_MOD_SIZE 16 /* 128 bits */ 44#define PCIXCC_MIN_MOD_SIZE 16 /* 128 bits */
43#define PCIXCC_MIN_MOD_SIZE_OLD 64 /* 512 bits */ 45#define PCIXCC_MIN_MOD_SIZE_OLD 64 /* 512 bits */
@@ -75,14 +77,12 @@ static struct ap_device_id zcrypt_pcixcc_ids[] = {
75 77
76MODULE_DEVICE_TABLE(ap, zcrypt_pcixcc_ids); 78MODULE_DEVICE_TABLE(ap, zcrypt_pcixcc_ids);
77MODULE_AUTHOR("IBM Corporation"); 79MODULE_AUTHOR("IBM Corporation");
78MODULE_DESCRIPTION("PCIXCC Cryptographic Coprocessor device driver, " 80MODULE_DESCRIPTION("PCIXCC Cryptographic Coprocessor device driver, " \
79 "Copyright IBM Corp. 2001, 2006"); 81 "Copyright IBM Corp. 2001, 2012");
80MODULE_LICENSE("GPL"); 82MODULE_LICENSE("GPL");
81 83
82static int zcrypt_pcixcc_probe(struct ap_device *ap_dev); 84static int zcrypt_pcixcc_probe(struct ap_device *ap_dev);
83static void zcrypt_pcixcc_remove(struct ap_device *ap_dev); 85static void zcrypt_pcixcc_remove(struct ap_device *ap_dev);
84static void zcrypt_pcixcc_receive(struct ap_device *, struct ap_message *,
85 struct ap_message *);
86 86
87static struct ap_driver zcrypt_pcixcc_driver = { 87static struct ap_driver zcrypt_pcixcc_driver = {
88 .probe = zcrypt_pcixcc_probe, 88 .probe = zcrypt_pcixcc_probe,
@@ -92,766 +92,6 @@ static struct ap_driver zcrypt_pcixcc_driver = {
92}; 92};
93 93
94/** 94/**
95 * The following is used to initialize the CPRBX passed to the PCIXCC/CEX2C
96 * card in a type6 message. The 3 fields that must be filled in at execution
97 * time are req_parml, rpl_parml and usage_domain.
98 * Everything about this interface is ascii/big-endian, since the
99 * device does *not* have 'Intel inside'.
100 *
101 * The CPRBX is followed immediately by the parm block.
102 * The parm block contains:
103 * - function code ('PD' 0x5044 or 'PK' 0x504B)
104 * - rule block (one of:)
105 * + 0x000A 'PKCS-1.2' (MCL2 'PD')
106 * + 0x000A 'ZERO-PAD' (MCL2 'PK')
107 * + 0x000A 'ZERO-PAD' (MCL3 'PD' or CEX2C 'PD')
108 * + 0x000A 'MRP ' (MCL3 'PK' or CEX2C 'PK')
109 * - VUD block
110 */
111static struct CPRBX static_cprbx = {
112 .cprb_len = 0x00DC,
113 .cprb_ver_id = 0x02,
114 .func_id = {0x54,0x32},
115};
116
117/**
118 * Convert a ICAMEX message to a type6 MEX message.
119 *
120 * @zdev: crypto device pointer
121 * @ap_msg: pointer to AP message
122 * @mex: pointer to user input data
123 *
124 * Returns 0 on success or -EFAULT.
125 */
126static int ICAMEX_msg_to_type6MEX_msgX(struct zcrypt_device *zdev,
127 struct ap_message *ap_msg,
128 struct ica_rsa_modexpo *mex)
129{
130 static struct type6_hdr static_type6_hdrX = {
131 .type = 0x06,
132 .offset1 = 0x00000058,
133 .agent_id = {'C','A',},
134 .function_code = {'P','K'},
135 };
136 static struct function_and_rules_block static_pke_fnr = {
137 .function_code = {'P','K'},
138 .ulen = 10,
139 .only_rule = {'M','R','P',' ',' ',' ',' ',' '}
140 };
141 static struct function_and_rules_block static_pke_fnr_MCL2 = {
142 .function_code = {'P','K'},
143 .ulen = 10,
144 .only_rule = {'Z','E','R','O','-','P','A','D'}
145 };
146 struct {
147 struct type6_hdr hdr;
148 struct CPRBX cprbx;
149 struct function_and_rules_block fr;
150 unsigned short length;
151 char text[0];
152 } __attribute__((packed)) *msg = ap_msg->message;
153 int size;
154
155 /* VUD.ciphertext */
156 msg->length = mex->inputdatalength + 2;
157 if (copy_from_user(msg->text, mex->inputdata, mex->inputdatalength))
158 return -EFAULT;
159
160 /* Set up key which is located after the variable length text. */
161 size = zcrypt_type6_mex_key_en(mex, msg->text+mex->inputdatalength, 1);
162 if (size < 0)
163 return size;
164 size += sizeof(*msg) + mex->inputdatalength;
165
166 /* message header, cprbx and f&r */
167 msg->hdr = static_type6_hdrX;
168 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
169 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
170
171 msg->cprbx = static_cprbx;
172 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
173 msg->cprbx.rpl_msgbl = msg->hdr.FromCardLen1;
174
175 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
176 static_pke_fnr_MCL2 : static_pke_fnr;
177
178 msg->cprbx.req_parml = size - sizeof(msg->hdr) - sizeof(msg->cprbx);
179
180 ap_msg->length = size;
181 return 0;
182}
183
184/**
185 * Convert a ICACRT message to a type6 CRT message.
186 *
187 * @zdev: crypto device pointer
188 * @ap_msg: pointer to AP message
189 * @crt: pointer to user input data
190 *
191 * Returns 0 on success or -EFAULT.
192 */
193static int ICACRT_msg_to_type6CRT_msgX(struct zcrypt_device *zdev,
194 struct ap_message *ap_msg,
195 struct ica_rsa_modexpo_crt *crt)
196{
197 static struct type6_hdr static_type6_hdrX = {
198 .type = 0x06,
199 .offset1 = 0x00000058,
200 .agent_id = {'C','A',},
201 .function_code = {'P','D'},
202 };
203 static struct function_and_rules_block static_pkd_fnr = {
204 .function_code = {'P','D'},
205 .ulen = 10,
206 .only_rule = {'Z','E','R','O','-','P','A','D'}
207 };
208
209 static struct function_and_rules_block static_pkd_fnr_MCL2 = {
210 .function_code = {'P','D'},
211 .ulen = 10,
212 .only_rule = {'P','K','C','S','-','1','.','2'}
213 };
214 struct {
215 struct type6_hdr hdr;
216 struct CPRBX cprbx;
217 struct function_and_rules_block fr;
218 unsigned short length;
219 char text[0];
220 } __attribute__((packed)) *msg = ap_msg->message;
221 int size;
222
223 /* VUD.ciphertext */
224 msg->length = crt->inputdatalength + 2;
225 if (copy_from_user(msg->text, crt->inputdata, crt->inputdatalength))
226 return -EFAULT;
227
228 /* Set up key which is located after the variable length text. */
229 size = zcrypt_type6_crt_key(crt, msg->text + crt->inputdatalength, 1);
230 if (size < 0)
231 return size;
232 size += sizeof(*msg) + crt->inputdatalength; /* total size of msg */
233
234 /* message header, cprbx and f&r */
235 msg->hdr = static_type6_hdrX;
236 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
237 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
238
239 msg->cprbx = static_cprbx;
240 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
241 msg->cprbx.req_parml = msg->cprbx.rpl_msgbl =
242 size - sizeof(msg->hdr) - sizeof(msg->cprbx);
243
244 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
245 static_pkd_fnr_MCL2 : static_pkd_fnr;
246
247 ap_msg->length = size;
248 return 0;
249}
250
251/**
252 * Convert a XCRB message to a type6 CPRB message.
253 *
254 * @zdev: crypto device pointer
255 * @ap_msg: pointer to AP message
256 * @xcRB: pointer to user input data
257 *
258 * Returns 0 on success or -EFAULT, -EINVAL.
259 */
260struct type86_fmt2_msg {
261 struct type86_hdr hdr;
262 struct type86_fmt2_ext fmt2;
263} __attribute__((packed));
264
265static int XCRB_msg_to_type6CPRB_msgX(struct zcrypt_device *zdev,
266 struct ap_message *ap_msg,
267 struct ica_xcRB *xcRB)
268{
269 static struct type6_hdr static_type6_hdrX = {
270 .type = 0x06,
271 .offset1 = 0x00000058,
272 };
273 struct {
274 struct type6_hdr hdr;
275 struct CPRBX cprbx;
276 } __attribute__((packed)) *msg = ap_msg->message;
277
278 int rcblen = CEIL4(xcRB->request_control_blk_length);
279 int replylen;
280 char *req_data = ap_msg->message + sizeof(struct type6_hdr) + rcblen;
281 char *function_code;
282
283 /* length checks */
284 ap_msg->length = sizeof(struct type6_hdr) +
285 CEIL4(xcRB->request_control_blk_length) +
286 xcRB->request_data_length;
287 if (ap_msg->length > PCIXCC_MAX_XCRB_MESSAGE_SIZE)
288 return -EINVAL;
289 replylen = sizeof(struct type86_fmt2_msg) +
290 CEIL4(xcRB->reply_control_blk_length) +
291 xcRB->reply_data_length;
292 if (replylen > PCIXCC_MAX_XCRB_MESSAGE_SIZE)
293 return -EINVAL;
294
295 /* prepare type6 header */
296 msg->hdr = static_type6_hdrX;
297 memcpy(msg->hdr.agent_id , &(xcRB->agent_ID), sizeof(xcRB->agent_ID));
298 msg->hdr.ToCardLen1 = xcRB->request_control_blk_length;
299 if (xcRB->request_data_length) {
300 msg->hdr.offset2 = msg->hdr.offset1 + rcblen;
301 msg->hdr.ToCardLen2 = xcRB->request_data_length;
302 }
303 msg->hdr.FromCardLen1 = xcRB->reply_control_blk_length;
304 msg->hdr.FromCardLen2 = xcRB->reply_data_length;
305
306 /* prepare CPRB */
307 if (copy_from_user(&(msg->cprbx), xcRB->request_control_blk_addr,
308 xcRB->request_control_blk_length))
309 return -EFAULT;
310 if (msg->cprbx.cprb_len + sizeof(msg->hdr.function_code) >
311 xcRB->request_control_blk_length)
312 return -EINVAL;
313 function_code = ((unsigned char *)&msg->cprbx) + msg->cprbx.cprb_len;
314 memcpy(msg->hdr.function_code, function_code, sizeof(msg->hdr.function_code));
315
316 if (memcmp(function_code, "US", 2) == 0)
317 ap_msg->special = 1;
318 else
319 ap_msg->special = 0;
320
321 /* copy data block */
322 if (xcRB->request_data_length &&
323 copy_from_user(req_data, xcRB->request_data_address,
324 xcRB->request_data_length))
325 return -EFAULT;
326 return 0;
327}
328
329/**
330 * Prepare a type6 CPRB message for random number generation
331 *
332 * @ap_dev: AP device pointer
333 * @ap_msg: pointer to AP message
334 */
335static void rng_type6CPRB_msgX(struct ap_device *ap_dev,
336 struct ap_message *ap_msg,
337 unsigned random_number_length)
338{
339 struct {
340 struct type6_hdr hdr;
341 struct CPRBX cprbx;
342 char function_code[2];
343 short int rule_length;
344 char rule[8];
345 short int verb_length;
346 short int key_length;
347 } __attribute__((packed)) *msg = ap_msg->message;
348 static struct type6_hdr static_type6_hdrX = {
349 .type = 0x06,
350 .offset1 = 0x00000058,
351 .agent_id = {'C', 'A'},
352 .function_code = {'R', 'L'},
353 .ToCardLen1 = sizeof *msg - sizeof(msg->hdr),
354 .FromCardLen1 = sizeof *msg - sizeof(msg->hdr),
355 };
356 static struct CPRBX local_cprbx = {
357 .cprb_len = 0x00dc,
358 .cprb_ver_id = 0x02,
359 .func_id = {0x54, 0x32},
360 .req_parml = sizeof *msg - sizeof(msg->hdr) -
361 sizeof(msg->cprbx),
362 .rpl_msgbl = sizeof *msg - sizeof(msg->hdr),
363 };
364
365 msg->hdr = static_type6_hdrX;
366 msg->hdr.FromCardLen2 = random_number_length,
367 msg->cprbx = local_cprbx;
368 msg->cprbx.rpl_datal = random_number_length,
369 msg->cprbx.domain = AP_QID_QUEUE(ap_dev->qid);
370 memcpy(msg->function_code, msg->hdr.function_code, 0x02);
371 msg->rule_length = 0x0a;
372 memcpy(msg->rule, "RANDOM ", 8);
373 msg->verb_length = 0x02;
374 msg->key_length = 0x02;
375 ap_msg->length = sizeof *msg;
376}
377
378/**
379 * Copy results from a type 86 ICA reply message back to user space.
380 *
381 * @zdev: crypto device pointer
382 * @reply: reply AP message.
383 * @data: pointer to user output data
384 * @length: size of user output data
385 *
386 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
387 */
388struct type86x_reply {
389 struct type86_hdr hdr;
390 struct type86_fmt2_ext fmt2;
391 struct CPRBX cprbx;
392 unsigned char pad[4]; /* 4 byte function code/rules block ? */
393 unsigned short length;
394 char text[0];
395} __attribute__((packed));
396
397static int convert_type86_ica(struct zcrypt_device *zdev,
398 struct ap_message *reply,
399 char __user *outputdata,
400 unsigned int outputdatalength)
401{
402 static unsigned char static_pad[] = {
403 0x00,0x02,
404 0x1B,0x7B,0x5D,0xB5,0x75,0x01,0x3D,0xFD,
405 0x8D,0xD1,0xC7,0x03,0x2D,0x09,0x23,0x57,
406 0x89,0x49,0xB9,0x3F,0xBB,0x99,0x41,0x5B,
407 0x75,0x21,0x7B,0x9D,0x3B,0x6B,0x51,0x39,
408 0xBB,0x0D,0x35,0xB9,0x89,0x0F,0x93,0xA5,
409 0x0B,0x47,0xF1,0xD3,0xBB,0xCB,0xF1,0x9D,
410 0x23,0x73,0x71,0xFF,0xF3,0xF5,0x45,0xFB,
411 0x61,0x29,0x23,0xFD,0xF1,0x29,0x3F,0x7F,
412 0x17,0xB7,0x1B,0xA9,0x19,0xBD,0x57,0xA9,
413 0xD7,0x95,0xA3,0xCB,0xED,0x1D,0xDB,0x45,
414 0x7D,0x11,0xD1,0x51,0x1B,0xED,0x71,0xE9,
415 0xB1,0xD1,0xAB,0xAB,0x21,0x2B,0x1B,0x9F,
416 0x3B,0x9F,0xF7,0xF7,0xBD,0x63,0xEB,0xAD,
417 0xDF,0xB3,0x6F,0x5B,0xDB,0x8D,0xA9,0x5D,
418 0xE3,0x7D,0x77,0x49,0x47,0xF5,0xA7,0xFD,
419 0xAB,0x2F,0x27,0x35,0x77,0xD3,0x49,0xC9,
420 0x09,0xEB,0xB1,0xF9,0xBF,0x4B,0xCB,0x2B,
421 0xEB,0xEB,0x05,0xFF,0x7D,0xC7,0x91,0x8B,
422 0x09,0x83,0xB9,0xB9,0x69,0x33,0x39,0x6B,
423 0x79,0x75,0x19,0xBF,0xBB,0x07,0x1D,0xBD,
424 0x29,0xBF,0x39,0x95,0x93,0x1D,0x35,0xC7,
425 0xC9,0x4D,0xE5,0x97,0x0B,0x43,0x9B,0xF1,
426 0x16,0x93,0x03,0x1F,0xA5,0xFB,0xDB,0xF3,
427 0x27,0x4F,0x27,0x61,0x05,0x1F,0xB9,0x23,
428 0x2F,0xC3,0x81,0xA9,0x23,0x71,0x55,0x55,
429 0xEB,0xED,0x41,0xE5,0xF3,0x11,0xF1,0x43,
430 0x69,0x03,0xBD,0x0B,0x37,0x0F,0x51,0x8F,
431 0x0B,0xB5,0x89,0x5B,0x67,0xA9,0xD9,0x4F,
432 0x01,0xF9,0x21,0x77,0x37,0x73,0x79,0xC5,
433 0x7F,0x51,0xC1,0xCF,0x97,0xA1,0x75,0xAD,
434 0x35,0x9D,0xD3,0xD3,0xA7,0x9D,0x5D,0x41,
435 0x6F,0x65,0x1B,0xCF,0xA9,0x87,0x91,0x09
436 };
437 struct type86x_reply *msg = reply->message;
438 unsigned short service_rc, service_rs;
439 unsigned int reply_len, pad_len;
440 char *data;
441
442 service_rc = msg->cprbx.ccp_rtcode;
443 if (unlikely(service_rc != 0)) {
444 service_rs = msg->cprbx.ccp_rscode;
445 if (service_rc == 8 && service_rs == 66)
446 return -EINVAL;
447 if (service_rc == 8 && service_rs == 65)
448 return -EINVAL;
449 if (service_rc == 8 && service_rs == 770)
450 return -EINVAL;
451 if (service_rc == 8 && service_rs == 783) {
452 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
453 return -EAGAIN;
454 }
455 if (service_rc == 12 && service_rs == 769)
456 return -EINVAL;
457 if (service_rc == 8 && service_rs == 72)
458 return -EINVAL;
459 zdev->online = 0;
460 return -EAGAIN; /* repeat the request on a different device. */
461 }
462 data = msg->text;
463 reply_len = msg->length - 2;
464 if (reply_len > outputdatalength)
465 return -EINVAL;
466 /*
467 * For all encipher requests, the length of the ciphertext (reply_len)
468 * will always equal the modulus length. For MEX decipher requests
469 * the output needs to get padded. Minimum pad size is 10.
470 *
471 * Currently, the cases where padding will be added is for:
472 * - PCIXCC_MCL2 using a CRT form token (since PKD didn't support
473 * ZERO-PAD and CRT is only supported for PKD requests)
474 * - PCICC, always
475 */
476 pad_len = outputdatalength - reply_len;
477 if (pad_len > 0) {
478 if (pad_len < 10)
479 return -EINVAL;
480 /* 'restore' padding left in the PCICC/PCIXCC card. */
481 if (copy_to_user(outputdata, static_pad, pad_len - 1))
482 return -EFAULT;
483 if (put_user(0, outputdata + pad_len - 1))
484 return -EFAULT;
485 }
486 /* Copy the crypto response to user space. */
487 if (copy_to_user(outputdata + pad_len, data, reply_len))
488 return -EFAULT;
489 return 0;
490}
491
492/**
493 * Copy results from a type 86 XCRB reply message back to user space.
494 *
495 * @zdev: crypto device pointer
496 * @reply: reply AP message.
497 * @xcRB: pointer to XCRB
498 *
499 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
500 */
501static int convert_type86_xcrb(struct zcrypt_device *zdev,
502 struct ap_message *reply,
503 struct ica_xcRB *xcRB)
504{
505 struct type86_fmt2_msg *msg = reply->message;
506 char *data = reply->message;
507
508 /* Copy CPRB to user */
509 if (copy_to_user(xcRB->reply_control_blk_addr,
510 data + msg->fmt2.offset1, msg->fmt2.count1))
511 return -EFAULT;
512 xcRB->reply_control_blk_length = msg->fmt2.count1;
513
514 /* Copy data buffer to user */
515 if (msg->fmt2.count2)
516 if (copy_to_user(xcRB->reply_data_addr,
517 data + msg->fmt2.offset2, msg->fmt2.count2))
518 return -EFAULT;
519 xcRB->reply_data_length = msg->fmt2.count2;
520 return 0;
521}
522
523static int convert_type86_rng(struct zcrypt_device *zdev,
524 struct ap_message *reply,
525 char *buffer)
526{
527 struct {
528 struct type86_hdr hdr;
529 struct type86_fmt2_ext fmt2;
530 struct CPRBX cprbx;
531 } __attribute__((packed)) *msg = reply->message;
532 char *data = reply->message;
533
534 if (msg->cprbx.ccp_rtcode != 0 || msg->cprbx.ccp_rscode != 0)
535 return -EINVAL;
536 memcpy(buffer, data + msg->fmt2.offset2, msg->fmt2.count2);
537 return msg->fmt2.count2;
538}
539
540static int convert_response_ica(struct zcrypt_device *zdev,
541 struct ap_message *reply,
542 char __user *outputdata,
543 unsigned int outputdatalength)
544{
545 struct type86x_reply *msg = reply->message;
546
547 /* Response type byte is the second byte in the response. */
548 switch (((unsigned char *) reply->message)[1]) {
549 case TYPE82_RSP_CODE:
550 case TYPE88_RSP_CODE:
551 return convert_error(zdev, reply);
552 case TYPE86_RSP_CODE:
553 if (msg->cprbx.ccp_rtcode &&
554 (msg->cprbx.ccp_rscode == 0x14f) &&
555 (outputdatalength > 256)) {
556 if (zdev->max_exp_bit_length <= 17) {
557 zdev->max_exp_bit_length = 17;
558 return -EAGAIN;
559 } else
560 return -EINVAL;
561 }
562 if (msg->hdr.reply_code)
563 return convert_error(zdev, reply);
564 if (msg->cprbx.cprb_ver_id == 0x02)
565 return convert_type86_ica(zdev, reply,
566 outputdata, outputdatalength);
567 /* Fall through, no break, incorrect cprb version is an unknown
568 * response */
569 default: /* Unknown response type, this should NEVER EVER happen */
570 zdev->online = 0;
571 return -EAGAIN; /* repeat the request on a different device. */
572 }
573}
574
575static int convert_response_xcrb(struct zcrypt_device *zdev,
576 struct ap_message *reply,
577 struct ica_xcRB *xcRB)
578{
579 struct type86x_reply *msg = reply->message;
580
581 /* Response type byte is the second byte in the response. */
582 switch (((unsigned char *) reply->message)[1]) {
583 case TYPE82_RSP_CODE:
584 case TYPE88_RSP_CODE:
585 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
586 return convert_error(zdev, reply);
587 case TYPE86_RSP_CODE:
588 if (msg->hdr.reply_code) {
589 memcpy(&(xcRB->status), msg->fmt2.apfs, sizeof(u32));
590 return convert_error(zdev, reply);
591 }
592 if (msg->cprbx.cprb_ver_id == 0x02)
593 return convert_type86_xcrb(zdev, reply, xcRB);
594 /* Fall through, no break, incorrect cprb version is an unknown
595 * response */
596 default: /* Unknown response type, this should NEVER EVER happen */
597 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
598 zdev->online = 0;
599 return -EAGAIN; /* repeat the request on a different device. */
600 }
601}
602
603static int convert_response_rng(struct zcrypt_device *zdev,
604 struct ap_message *reply,
605 char *data)
606{
607 struct type86x_reply *msg = reply->message;
608
609 switch (msg->hdr.type) {
610 case TYPE82_RSP_CODE:
611 case TYPE88_RSP_CODE:
612 return -EINVAL;
613 case TYPE86_RSP_CODE:
614 if (msg->hdr.reply_code)
615 return -EINVAL;
616 if (msg->cprbx.cprb_ver_id == 0x02)
617 return convert_type86_rng(zdev, reply, data);
618 /* Fall through, no break, incorrect cprb version is an unknown
619 * response */
620 default: /* Unknown response type, this should NEVER EVER happen */
621 zdev->online = 0;
622 return -EAGAIN; /* repeat the request on a different device. */
623 }
624}
625
626/**
627 * This function is called from the AP bus code after a crypto request
628 * "msg" has finished with the reply message "reply".
629 * It is called from tasklet context.
630 * @ap_dev: pointer to the AP device
631 * @msg: pointer to the AP message
632 * @reply: pointer to the AP reply message
633 */
634static void zcrypt_pcixcc_receive(struct ap_device *ap_dev,
635 struct ap_message *msg,
636 struct ap_message *reply)
637{
638 static struct error_hdr error_reply = {
639 .type = TYPE82_RSP_CODE,
640 .reply_code = REP82_ERROR_MACHINE_FAILURE,
641 };
642 struct response_type *resp_type =
643 (struct response_type *) msg->private;
644 struct type86x_reply *t86r;
645 int length;
646
647 /* Copy the reply message to the request message buffer. */
648 if (IS_ERR(reply)) {
649 memcpy(msg->message, &error_reply, sizeof(error_reply));
650 goto out;
651 }
652 t86r = reply->message;
653 if (t86r->hdr.type == TYPE86_RSP_CODE &&
654 t86r->cprbx.cprb_ver_id == 0x02) {
655 switch (resp_type->type) {
656 case PCIXCC_RESPONSE_TYPE_ICA:
657 length = sizeof(struct type86x_reply)
658 + t86r->length - 2;
659 length = min(PCIXCC_MAX_ICA_RESPONSE_SIZE, length);
660 memcpy(msg->message, reply->message, length);
661 break;
662 case PCIXCC_RESPONSE_TYPE_XCRB:
663 length = t86r->fmt2.offset2 + t86r->fmt2.count2;
664 length = min(PCIXCC_MAX_XCRB_MESSAGE_SIZE, length);
665 memcpy(msg->message, reply->message, length);
666 break;
667 default:
668 memcpy(msg->message, &error_reply, sizeof error_reply);
669 }
670 } else
671 memcpy(msg->message, reply->message, sizeof error_reply);
672out:
673 complete(&(resp_type->work));
674}
675
676static atomic_t zcrypt_step = ATOMIC_INIT(0);
677
678/**
679 * The request distributor calls this function if it picked the PCIXCC/CEX2C
680 * device to handle a modexpo request.
681 * @zdev: pointer to zcrypt_device structure that identifies the
682 * PCIXCC/CEX2C device to the request distributor
683 * @mex: pointer to the modexpo request buffer
684 */
685static long zcrypt_pcixcc_modexpo(struct zcrypt_device *zdev,
686 struct ica_rsa_modexpo *mex)
687{
688 struct ap_message ap_msg;
689 struct response_type resp_type = {
690 .type = PCIXCC_RESPONSE_TYPE_ICA,
691 };
692 int rc;
693
694 ap_init_message(&ap_msg);
695 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
696 if (!ap_msg.message)
697 return -ENOMEM;
698 ap_msg.receive = zcrypt_pcixcc_receive;
699 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
700 atomic_inc_return(&zcrypt_step);
701 ap_msg.private = &resp_type;
702 rc = ICAMEX_msg_to_type6MEX_msgX(zdev, &ap_msg, mex);
703 if (rc)
704 goto out_free;
705 init_completion(&resp_type.work);
706 ap_queue_message(zdev->ap_dev, &ap_msg);
707 rc = wait_for_completion_interruptible(&resp_type.work);
708 if (rc == 0)
709 rc = convert_response_ica(zdev, &ap_msg, mex->outputdata,
710 mex->outputdatalength);
711 else
712 /* Signal pending. */
713 ap_cancel_message(zdev->ap_dev, &ap_msg);
714out_free:
715 free_page((unsigned long) ap_msg.message);
716 return rc;
717}
718
719/**
720 * The request distributor calls this function if it picked the PCIXCC/CEX2C
721 * device to handle a modexpo_crt request.
722 * @zdev: pointer to zcrypt_device structure that identifies the
723 * PCIXCC/CEX2C device to the request distributor
724 * @crt: pointer to the modexpoc_crt request buffer
725 */
726static long zcrypt_pcixcc_modexpo_crt(struct zcrypt_device *zdev,
727 struct ica_rsa_modexpo_crt *crt)
728{
729 struct ap_message ap_msg;
730 struct response_type resp_type = {
731 .type = PCIXCC_RESPONSE_TYPE_ICA,
732 };
733 int rc;
734
735 ap_init_message(&ap_msg);
736 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
737 if (!ap_msg.message)
738 return -ENOMEM;
739 ap_msg.receive = zcrypt_pcixcc_receive;
740 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
741 atomic_inc_return(&zcrypt_step);
742 ap_msg.private = &resp_type;
743 rc = ICACRT_msg_to_type6CRT_msgX(zdev, &ap_msg, crt);
744 if (rc)
745 goto out_free;
746 init_completion(&resp_type.work);
747 ap_queue_message(zdev->ap_dev, &ap_msg);
748 rc = wait_for_completion_interruptible(&resp_type.work);
749 if (rc == 0)
750 rc = convert_response_ica(zdev, &ap_msg, crt->outputdata,
751 crt->outputdatalength);
752 else
753 /* Signal pending. */
754 ap_cancel_message(zdev->ap_dev, &ap_msg);
755out_free:
756 free_page((unsigned long) ap_msg.message);
757 return rc;
758}
759
760/**
761 * The request distributor calls this function if it picked the PCIXCC/CEX2C
762 * device to handle a send_cprb request.
763 * @zdev: pointer to zcrypt_device structure that identifies the
764 * PCIXCC/CEX2C device to the request distributor
765 * @xcRB: pointer to the send_cprb request buffer
766 */
767static long zcrypt_pcixcc_send_cprb(struct zcrypt_device *zdev,
768 struct ica_xcRB *xcRB)
769{
770 struct ap_message ap_msg;
771 struct response_type resp_type = {
772 .type = PCIXCC_RESPONSE_TYPE_XCRB,
773 };
774 int rc;
775
776 ap_init_message(&ap_msg);
777 ap_msg.message = kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE, GFP_KERNEL);
778 if (!ap_msg.message)
779 return -ENOMEM;
780 ap_msg.receive = zcrypt_pcixcc_receive;
781 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
782 atomic_inc_return(&zcrypt_step);
783 ap_msg.private = &resp_type;
784 rc = XCRB_msg_to_type6CPRB_msgX(zdev, &ap_msg, xcRB);
785 if (rc)
786 goto out_free;
787 init_completion(&resp_type.work);
788 ap_queue_message(zdev->ap_dev, &ap_msg);
789 rc = wait_for_completion_interruptible(&resp_type.work);
790 if (rc == 0)
791 rc = convert_response_xcrb(zdev, &ap_msg, xcRB);
792 else
793 /* Signal pending. */
794 ap_cancel_message(zdev->ap_dev, &ap_msg);
795out_free:
796 kzfree(ap_msg.message);
797 return rc;
798}
799
800/**
801 * The request distributor calls this function if it picked the PCIXCC/CEX2C
802 * device to generate random data.
803 * @zdev: pointer to zcrypt_device structure that identifies the
804 * PCIXCC/CEX2C device to the request distributor
805 * @buffer: pointer to a memory page to return random data
806 */
807
808static long zcrypt_pcixcc_rng(struct zcrypt_device *zdev,
809 char *buffer)
810{
811 struct ap_message ap_msg;
812 struct response_type resp_type = {
813 .type = PCIXCC_RESPONSE_TYPE_XCRB,
814 };
815 int rc;
816
817 ap_init_message(&ap_msg);
818 ap_msg.message = kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE, GFP_KERNEL);
819 if (!ap_msg.message)
820 return -ENOMEM;
821 ap_msg.receive = zcrypt_pcixcc_receive;
822 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
823 atomic_inc_return(&zcrypt_step);
824 ap_msg.private = &resp_type;
825 rng_type6CPRB_msgX(zdev->ap_dev, &ap_msg, ZCRYPT_RNG_BUFFER_SIZE);
826 init_completion(&resp_type.work);
827 ap_queue_message(zdev->ap_dev, &ap_msg);
828 rc = wait_for_completion_interruptible(&resp_type.work);
829 if (rc == 0)
830 rc = convert_response_rng(zdev, &ap_msg, buffer);
831 else
832 /* Signal pending. */
833 ap_cancel_message(zdev->ap_dev, &ap_msg);
834 kfree(ap_msg.message);
835 return rc;
836}
837
838/**
839 * The crypto operations for a PCIXCC/CEX2C card.
840 */
841static struct zcrypt_ops zcrypt_pcixcc_ops = {
842 .rsa_modexpo = zcrypt_pcixcc_modexpo,
843 .rsa_modexpo_crt = zcrypt_pcixcc_modexpo_crt,
844 .send_cprb = zcrypt_pcixcc_send_cprb,
845};
846
847static struct zcrypt_ops zcrypt_pcixcc_with_rng_ops = {
848 .rsa_modexpo = zcrypt_pcixcc_modexpo,
849 .rsa_modexpo_crt = zcrypt_pcixcc_modexpo_crt,
850 .send_cprb = zcrypt_pcixcc_send_cprb,
851 .rng = zcrypt_pcixcc_rng,
852};
853
854/**
855 * Micro-code detection function. Its sends a message to a pcixcc card 95 * Micro-code detection function. Its sends a message to a pcixcc card
856 * to find out the microcode level. 96 * to find out the microcode level.
857 * @ap_dev: pointer to the AP device. 97 * @ap_dev: pointer to the AP device.
@@ -1083,9 +323,11 @@ static int zcrypt_pcixcc_probe(struct ap_device *ap_dev)
1083 return rc; 323 return rc;
1084 } 324 }
1085 if (rc) 325 if (rc)
1086 zdev->ops = &zcrypt_pcixcc_with_rng_ops; 326 zdev->ops = zcrypt_msgtype_request(MSGTYPE06_NAME,
327 MSGTYPE06_VARIANT_DEFAULT);
1087 else 328 else
1088 zdev->ops = &zcrypt_pcixcc_ops; 329 zdev->ops = zcrypt_msgtype_request(MSGTYPE06_NAME,
330 MSGTYPE06_VARIANT_NORNG);
1089 ap_dev->reply = &zdev->reply; 331 ap_dev->reply = &zdev->reply;
1090 ap_dev->private = zdev; 332 ap_dev->private = zdev;
1091 rc = zcrypt_device_register(zdev); 333 rc = zcrypt_device_register(zdev);
@@ -1095,6 +337,7 @@ static int zcrypt_pcixcc_probe(struct ap_device *ap_dev)
1095 337
1096 out_free: 338 out_free:
1097 ap_dev->private = NULL; 339 ap_dev->private = NULL;
340 zcrypt_msgtype_release(zdev->ops);
1098 zcrypt_device_free(zdev); 341 zcrypt_device_free(zdev);
1099 return rc; 342 return rc;
1100} 343}
@@ -1106,8 +349,10 @@ static int zcrypt_pcixcc_probe(struct ap_device *ap_dev)
1106static void zcrypt_pcixcc_remove(struct ap_device *ap_dev) 349static void zcrypt_pcixcc_remove(struct ap_device *ap_dev)
1107{ 350{
1108 struct zcrypt_device *zdev = ap_dev->private; 351 struct zcrypt_device *zdev = ap_dev->private;
352 struct zcrypt_ops *zops = zdev->ops;
1109 353
1110 zcrypt_device_unregister(zdev); 354 zcrypt_device_unregister(zdev);
355 zcrypt_msgtype_release(zops);
1111} 356}
1112 357
1113int __init zcrypt_pcixcc_init(void) 358int __init zcrypt_pcixcc_init(void)
diff --git a/drivers/s390/crypto/zcrypt_pcixcc.h b/drivers/s390/crypto/zcrypt_pcixcc.h
index c7cdf599e46b..eacafc8962f2 100644
--- a/drivers/s390/crypto/zcrypt_pcixcc.h
+++ b/drivers/s390/crypto/zcrypt_pcixcc.h
@@ -1,12 +1,13 @@
1/* 1/*
2 * zcrypt 2.1.0 2 * zcrypt 2.1.0
3 * 3 *
4 * Copyright IBM Corp. 2001, 2006 4 * Copyright IBM Corp. 2001, 2012
5 * Author(s): Robert Burroughs 5 * Author(s): Robert Burroughs
6 * Eric Rossman (edrossma@us.ibm.com) 6 * Eric Rossman (edrossma@us.ibm.com)
7 * 7 *
8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) 8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com> 9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
10 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
10 * 11 *
11 * This program is free software; you can redistribute it and/or modify 12 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by 13 * it under the terms of the GNU General Public License as published by