2 * linux/drivers/s390/crypto/zcrypt_pcixcc.c
6 * Copyright (C) 2001, 2006 IBM Corporation
7 * Author(s): Robert Burroughs
8 * Eric Rossman (edrossma@us.ibm.com)
10 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
11 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
12 * Ralph Wuerthner <rwuerthn@de.ibm.com>
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2, or (at your option)
19 * This program is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with this program; if not, write to the Free Software
26 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #include <linux/module.h>
30 #include <linux/init.h>
31 #include <linux/err.h>
32 #include <linux/delay.h>
33 #include <linux/slab.h>
34 #include <asm/atomic.h>
35 #include <asm/uaccess.h>
38 #include "zcrypt_api.h"
39 #include "zcrypt_error.h"
40 #include "zcrypt_pcicc.h"
41 #include "zcrypt_pcixcc.h"
42 #include "zcrypt_cca_key.h"
44 #define PCIXCC_MIN_MOD_SIZE 16 /* 128 bits */
45 #define PCIXCC_MIN_MOD_SIZE_OLD 64 /* 512 bits */
46 #define PCIXCC_MAX_MOD_SIZE 256 /* 2048 bits */
47 #define CEX3C_MIN_MOD_SIZE PCIXCC_MIN_MOD_SIZE
48 #define CEX3C_MAX_MOD_SIZE 512 /* 4096 bits */
50 #define PCIXCC_MCL2_SPEED_RATING 7870
51 #define PCIXCC_MCL3_SPEED_RATING 7870
52 #define CEX2C_SPEED_RATING 7000
53 #define CEX3C_SPEED_RATING 6500
55 #define PCIXCC_MAX_ICA_MESSAGE_SIZE 0x77c /* max size type6 v2 crt message */
56 #define PCIXCC_MAX_ICA_RESPONSE_SIZE 0x77c /* max size type86 v2 reply */
58 #define PCIXCC_MAX_XCRB_MESSAGE_SIZE (12*1024)
59 #define PCIXCC_MAX_XCRB_RESPONSE_SIZE PCIXCC_MAX_XCRB_MESSAGE_SIZE
60 #define PCIXCC_MAX_XCRB_DATA_SIZE (11*1024)
61 #define PCIXCC_MAX_XCRB_REPLY_SIZE (5*1024)
63 #define PCIXCC_MAX_RESPONSE_SIZE PCIXCC_MAX_XCRB_RESPONSE_SIZE
65 #define PCIXCC_CLEANUP_TIME (15*HZ)
67 #define CEIL4(x) ((((x)+3)/4)*4)
69 struct response_type
{
70 struct completion work
;
73 #define PCIXCC_RESPONSE_TYPE_ICA 0
74 #define PCIXCC_RESPONSE_TYPE_XCRB 1
76 static struct ap_device_id zcrypt_pcixcc_ids
[] = {
77 { AP_DEVICE(AP_DEVICE_TYPE_PCIXCC
) },
78 { AP_DEVICE(AP_DEVICE_TYPE_CEX2C
) },
79 { AP_DEVICE(AP_DEVICE_TYPE_CEX3C
) },
80 { /* end of list */ },
83 #ifndef CONFIG_ZCRYPT_MONOLITHIC
84 MODULE_DEVICE_TABLE(ap
, zcrypt_pcixcc_ids
);
85 MODULE_AUTHOR("IBM Corporation");
86 MODULE_DESCRIPTION("PCIXCC Cryptographic Coprocessor device driver, "
87 "Copyright 2001, 2006 IBM Corporation");
88 MODULE_LICENSE("GPL");
91 static int zcrypt_pcixcc_probe(struct ap_device
*ap_dev
);
92 static void zcrypt_pcixcc_remove(struct ap_device
*ap_dev
);
93 static void zcrypt_pcixcc_receive(struct ap_device
*, struct ap_message
*,
96 static struct ap_driver zcrypt_pcixcc_driver
= {
97 .probe
= zcrypt_pcixcc_probe
,
98 .remove
= zcrypt_pcixcc_remove
,
99 .receive
= zcrypt_pcixcc_receive
,
100 .ids
= zcrypt_pcixcc_ids
,
101 .request_timeout
= PCIXCC_CLEANUP_TIME
,
105 * The following is used to initialize the CPRBX passed to the PCIXCC/CEX2C
106 * card in a type6 message. The 3 fields that must be filled in at execution
107 * time are req_parml, rpl_parml and usage_domain.
108 * Everything about this interface is ascii/big-endian, since the
109 * device does *not* have 'Intel inside'.
111 * The CPRBX is followed immediately by the parm block.
112 * The parm block contains:
113 * - function code ('PD' 0x5044 or 'PK' 0x504B)
114 * - rule block (one of:)
115 * + 0x000A 'PKCS-1.2' (MCL2 'PD')
116 * + 0x000A 'ZERO-PAD' (MCL2 'PK')
117 * + 0x000A 'ZERO-PAD' (MCL3 'PD' or CEX2C 'PD')
118 * + 0x000A 'MRP ' (MCL3 'PK' or CEX2C 'PK')
121 static struct CPRBX static_cprbx
= {
124 .func_id
= {0x54,0x32},
128 * Convert a ICAMEX message to a type6 MEX message.
130 * @zdev: crypto device pointer
131 * @ap_msg: pointer to AP message
132 * @mex: pointer to user input data
134 * Returns 0 on success or -EFAULT.
136 static int ICAMEX_msg_to_type6MEX_msgX(struct zcrypt_device
*zdev
,
137 struct ap_message
*ap_msg
,
138 struct ica_rsa_modexpo
*mex
)
140 static struct type6_hdr static_type6_hdrX
= {
142 .offset1
= 0x00000058,
143 .agent_id
= {'C','A',},
144 .function_code
= {'P','K'},
146 static struct function_and_rules_block static_pke_fnr
= {
147 .function_code
= {'P','K'},
149 .only_rule
= {'M','R','P',' ',' ',' ',' ',' '}
151 static struct function_and_rules_block static_pke_fnr_MCL2
= {
152 .function_code
= {'P','K'},
154 .only_rule
= {'Z','E','R','O','-','P','A','D'}
157 struct type6_hdr hdr
;
159 struct function_and_rules_block fr
;
160 unsigned short length
;
162 } __attribute__((packed
)) *msg
= ap_msg
->message
;
166 msg
->length
= mex
->inputdatalength
+ 2;
167 if (copy_from_user(msg
->text
, mex
->inputdata
, mex
->inputdatalength
))
170 /* Set up key which is located after the variable length text. */
171 size
= zcrypt_type6_mex_key_en(mex
, msg
->text
+mex
->inputdatalength
, 1);
174 size
+= sizeof(*msg
) + mex
->inputdatalength
;
176 /* message header, cprbx and f&r */
177 msg
->hdr
= static_type6_hdrX
;
178 msg
->hdr
.ToCardLen1
= size
- sizeof(msg
->hdr
);
179 msg
->hdr
.FromCardLen1
= PCIXCC_MAX_ICA_RESPONSE_SIZE
- sizeof(msg
->hdr
);
181 msg
->cprbx
= static_cprbx
;
182 msg
->cprbx
.domain
= AP_QID_QUEUE(zdev
->ap_dev
->qid
);
183 msg
->cprbx
.rpl_msgbl
= msg
->hdr
.FromCardLen1
;
185 msg
->fr
= (zdev
->user_space_type
== ZCRYPT_PCIXCC_MCL2
) ?
186 static_pke_fnr_MCL2
: static_pke_fnr
;
188 msg
->cprbx
.req_parml
= size
- sizeof(msg
->hdr
) - sizeof(msg
->cprbx
);
190 ap_msg
->length
= size
;
195 * Convert a ICACRT message to a type6 CRT message.
197 * @zdev: crypto device pointer
198 * @ap_msg: pointer to AP message
199 * @crt: pointer to user input data
201 * Returns 0 on success or -EFAULT.
203 static int ICACRT_msg_to_type6CRT_msgX(struct zcrypt_device
*zdev
,
204 struct ap_message
*ap_msg
,
205 struct ica_rsa_modexpo_crt
*crt
)
207 static struct type6_hdr static_type6_hdrX
= {
209 .offset1
= 0x00000058,
210 .agent_id
= {'C','A',},
211 .function_code
= {'P','D'},
213 static struct function_and_rules_block static_pkd_fnr
= {
214 .function_code
= {'P','D'},
216 .only_rule
= {'Z','E','R','O','-','P','A','D'}
219 static struct function_and_rules_block static_pkd_fnr_MCL2
= {
220 .function_code
= {'P','D'},
222 .only_rule
= {'P','K','C','S','-','1','.','2'}
225 struct type6_hdr hdr
;
227 struct function_and_rules_block fr
;
228 unsigned short length
;
230 } __attribute__((packed
)) *msg
= ap_msg
->message
;
234 msg
->length
= crt
->inputdatalength
+ 2;
235 if (copy_from_user(msg
->text
, crt
->inputdata
, crt
->inputdatalength
))
238 /* Set up key which is located after the variable length text. */
239 size
= zcrypt_type6_crt_key(crt
, msg
->text
+ crt
->inputdatalength
, 1);
242 size
+= sizeof(*msg
) + crt
->inputdatalength
; /* total size of msg */
244 /* message header, cprbx and f&r */
245 msg
->hdr
= static_type6_hdrX
;
246 msg
->hdr
.ToCardLen1
= size
- sizeof(msg
->hdr
);
247 msg
->hdr
.FromCardLen1
= PCIXCC_MAX_ICA_RESPONSE_SIZE
- sizeof(msg
->hdr
);
249 msg
->cprbx
= static_cprbx
;
250 msg
->cprbx
.domain
= AP_QID_QUEUE(zdev
->ap_dev
->qid
);
251 msg
->cprbx
.req_parml
= msg
->cprbx
.rpl_msgbl
=
252 size
- sizeof(msg
->hdr
) - sizeof(msg
->cprbx
);
254 msg
->fr
= (zdev
->user_space_type
== ZCRYPT_PCIXCC_MCL2
) ?
255 static_pkd_fnr_MCL2
: static_pkd_fnr
;
257 ap_msg
->length
= size
;
262 * Convert a XCRB message to a type6 CPRB message.
264 * @zdev: crypto device pointer
265 * @ap_msg: pointer to AP message
266 * @xcRB: pointer to user input data
268 * Returns 0 on success or -EFAULT.
270 struct type86_fmt2_msg
{
271 struct type86_hdr hdr
;
272 struct type86_fmt2_ext fmt2
;
273 } __attribute__((packed
));
275 static int XCRB_msg_to_type6CPRB_msgX(struct zcrypt_device
*zdev
,
276 struct ap_message
*ap_msg
,
277 struct ica_xcRB
*xcRB
)
279 static struct type6_hdr static_type6_hdrX
= {
281 .offset1
= 0x00000058,
284 struct type6_hdr hdr
;
286 } __attribute__((packed
)) *msg
= ap_msg
->message
;
288 int rcblen
= CEIL4(xcRB
->request_control_blk_length
);
290 char *req_data
= ap_msg
->message
+ sizeof(struct type6_hdr
) + rcblen
;
294 ap_msg
->length
= sizeof(struct type6_hdr
) +
295 CEIL4(xcRB
->request_control_blk_length
) +
296 xcRB
->request_data_length
;
297 if (ap_msg
->length
> PCIXCC_MAX_XCRB_MESSAGE_SIZE
)
299 if (CEIL4(xcRB
->reply_control_blk_length
) > PCIXCC_MAX_XCRB_REPLY_SIZE
)
301 if (CEIL4(xcRB
->reply_data_length
) > PCIXCC_MAX_XCRB_DATA_SIZE
)
303 replylen
= CEIL4(xcRB
->reply_control_blk_length
) +
304 CEIL4(xcRB
->reply_data_length
) +
305 sizeof(struct type86_fmt2_msg
);
306 if (replylen
> PCIXCC_MAX_XCRB_RESPONSE_SIZE
) {
307 xcRB
->reply_control_blk_length
= PCIXCC_MAX_XCRB_RESPONSE_SIZE
-
308 (sizeof(struct type86_fmt2_msg
) +
309 CEIL4(xcRB
->reply_data_length
));
312 /* prepare type6 header */
313 msg
->hdr
= static_type6_hdrX
;
314 memcpy(msg
->hdr
.agent_id
, &(xcRB
->agent_ID
), sizeof(xcRB
->agent_ID
));
315 msg
->hdr
.ToCardLen1
= xcRB
->request_control_blk_length
;
316 if (xcRB
->request_data_length
) {
317 msg
->hdr
.offset2
= msg
->hdr
.offset1
+ rcblen
;
318 msg
->hdr
.ToCardLen2
= xcRB
->request_data_length
;
320 msg
->hdr
.FromCardLen1
= xcRB
->reply_control_blk_length
;
321 msg
->hdr
.FromCardLen2
= xcRB
->reply_data_length
;
324 if (copy_from_user(&(msg
->cprbx
), xcRB
->request_control_blk_addr
,
325 xcRB
->request_control_blk_length
))
327 if (msg
->cprbx
.cprb_len
+ sizeof(msg
->hdr
.function_code
) >
328 xcRB
->request_control_blk_length
)
330 function_code
= ((unsigned char *)&msg
->cprbx
) + msg
->cprbx
.cprb_len
;
331 memcpy(msg
->hdr
.function_code
, function_code
, sizeof(msg
->hdr
.function_code
));
333 if (memcmp(function_code
, "US", 2) == 0)
338 /* copy data block */
339 if (xcRB
->request_data_length
&&
340 copy_from_user(req_data
, xcRB
->request_data_address
,
341 xcRB
->request_data_length
))
347 * Prepare a type6 CPRB message for random number generation
349 * @ap_dev: AP device pointer
350 * @ap_msg: pointer to AP message
352 static void rng_type6CPRB_msgX(struct ap_device
*ap_dev
,
353 struct ap_message
*ap_msg
,
354 unsigned random_number_length
)
357 struct type6_hdr hdr
;
359 char function_code
[2];
360 short int rule_length
;
362 short int verb_length
;
363 short int key_length
;
364 } __attribute__((packed
)) *msg
= ap_msg
->message
;
365 static struct type6_hdr static_type6_hdrX
= {
367 .offset1
= 0x00000058,
368 .agent_id
= {'C', 'A'},
369 .function_code
= {'R', 'L'},
370 .ToCardLen1
= sizeof *msg
- sizeof(msg
->hdr
),
371 .FromCardLen1
= sizeof *msg
- sizeof(msg
->hdr
),
373 static struct CPRBX local_cprbx
= {
376 .func_id
= {0x54, 0x32},
377 .req_parml
= sizeof *msg
- sizeof(msg
->hdr
) -
379 .rpl_msgbl
= sizeof *msg
- sizeof(msg
->hdr
),
382 msg
->hdr
= static_type6_hdrX
;
383 msg
->hdr
.FromCardLen2
= random_number_length
,
384 msg
->cprbx
= local_cprbx
;
385 msg
->cprbx
.rpl_datal
= random_number_length
,
386 msg
->cprbx
.domain
= AP_QID_QUEUE(ap_dev
->qid
);
387 memcpy(msg
->function_code
, msg
->hdr
.function_code
, 0x02);
388 msg
->rule_length
= 0x0a;
389 memcpy(msg
->rule
, "RANDOM ", 8);
390 msg
->verb_length
= 0x02;
391 msg
->key_length
= 0x02;
392 ap_msg
->length
= sizeof *msg
;
396 * Copy results from a type 86 ICA reply message back to user space.
398 * @zdev: crypto device pointer
399 * @reply: reply AP message.
400 * @data: pointer to user output data
401 * @length: size of user output data
403 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
405 struct type86x_reply
{
406 struct type86_hdr hdr
;
407 struct type86_fmt2_ext fmt2
;
409 unsigned char pad
[4]; /* 4 byte function code/rules block ? */
410 unsigned short length
;
412 } __attribute__((packed
));
414 static int convert_type86_ica(struct zcrypt_device
*zdev
,
415 struct ap_message
*reply
,
416 char __user
*outputdata
,
417 unsigned int outputdatalength
)
419 static unsigned char static_pad
[] = {
421 0x1B,0x7B,0x5D,0xB5,0x75,0x01,0x3D,0xFD,
422 0x8D,0xD1,0xC7,0x03,0x2D,0x09,0x23,0x57,
423 0x89,0x49,0xB9,0x3F,0xBB,0x99,0x41,0x5B,
424 0x75,0x21,0x7B,0x9D,0x3B,0x6B,0x51,0x39,
425 0xBB,0x0D,0x35,0xB9,0x89,0x0F,0x93,0xA5,
426 0x0B,0x47,0xF1,0xD3,0xBB,0xCB,0xF1,0x9D,
427 0x23,0x73,0x71,0xFF,0xF3,0xF5,0x45,0xFB,
428 0x61,0x29,0x23,0xFD,0xF1,0x29,0x3F,0x7F,
429 0x17,0xB7,0x1B,0xA9,0x19,0xBD,0x57,0xA9,
430 0xD7,0x95,0xA3,0xCB,0xED,0x1D,0xDB,0x45,
431 0x7D,0x11,0xD1,0x51,0x1B,0xED,0x71,0xE9,
432 0xB1,0xD1,0xAB,0xAB,0x21,0x2B,0x1B,0x9F,
433 0x3B,0x9F,0xF7,0xF7,0xBD,0x63,0xEB,0xAD,
434 0xDF,0xB3,0x6F,0x5B,0xDB,0x8D,0xA9,0x5D,
435 0xE3,0x7D,0x77,0x49,0x47,0xF5,0xA7,0xFD,
436 0xAB,0x2F,0x27,0x35,0x77,0xD3,0x49,0xC9,
437 0x09,0xEB,0xB1,0xF9,0xBF,0x4B,0xCB,0x2B,
438 0xEB,0xEB,0x05,0xFF,0x7D,0xC7,0x91,0x8B,
439 0x09,0x83,0xB9,0xB9,0x69,0x33,0x39,0x6B,
440 0x79,0x75,0x19,0xBF,0xBB,0x07,0x1D,0xBD,
441 0x29,0xBF,0x39,0x95,0x93,0x1D,0x35,0xC7,
442 0xC9,0x4D,0xE5,0x97,0x0B,0x43,0x9B,0xF1,
443 0x16,0x93,0x03,0x1F,0xA5,0xFB,0xDB,0xF3,
444 0x27,0x4F,0x27,0x61,0x05,0x1F,0xB9,0x23,
445 0x2F,0xC3,0x81,0xA9,0x23,0x71,0x55,0x55,
446 0xEB,0xED,0x41,0xE5,0xF3,0x11,0xF1,0x43,
447 0x69,0x03,0xBD,0x0B,0x37,0x0F,0x51,0x8F,
448 0x0B,0xB5,0x89,0x5B,0x67,0xA9,0xD9,0x4F,
449 0x01,0xF9,0x21,0x77,0x37,0x73,0x79,0xC5,
450 0x7F,0x51,0xC1,0xCF,0x97,0xA1,0x75,0xAD,
451 0x35,0x9D,0xD3,0xD3,0xA7,0x9D,0x5D,0x41,
452 0x6F,0x65,0x1B,0xCF,0xA9,0x87,0x91,0x09
454 struct type86x_reply
*msg
= reply
->message
;
455 unsigned short service_rc
, service_rs
;
456 unsigned int reply_len
, pad_len
;
459 service_rc
= msg
->cprbx
.ccp_rtcode
;
460 if (unlikely(service_rc
!= 0)) {
461 service_rs
= msg
->cprbx
.ccp_rscode
;
462 if (service_rc
== 8 && service_rs
== 66)
464 if (service_rc
== 8 && service_rs
== 65)
466 if (service_rc
== 8 && service_rs
== 770)
468 if (service_rc
== 8 && service_rs
== 783) {
469 zdev
->min_mod_size
= PCIXCC_MIN_MOD_SIZE_OLD
;
472 if (service_rc
== 12 && service_rs
== 769)
474 if (service_rc
== 8 && service_rs
== 72)
477 return -EAGAIN
; /* repeat the request on a different device. */
480 reply_len
= msg
->length
- 2;
481 if (reply_len
> outputdatalength
)
484 * For all encipher requests, the length of the ciphertext (reply_len)
485 * will always equal the modulus length. For MEX decipher requests
486 * the output needs to get padded. Minimum pad size is 10.
488 * Currently, the cases where padding will be added is for:
489 * - PCIXCC_MCL2 using a CRT form token (since PKD didn't support
490 * ZERO-PAD and CRT is only supported for PKD requests)
493 pad_len
= outputdatalength
- reply_len
;
497 /* 'restore' padding left in the PCICC/PCIXCC card. */
498 if (copy_to_user(outputdata
, static_pad
, pad_len
- 1))
500 if (put_user(0, outputdata
+ pad_len
- 1))
503 /* Copy the crypto response to user space. */
504 if (copy_to_user(outputdata
+ pad_len
, data
, reply_len
))
510 * Copy results from a type 86 XCRB reply message back to user space.
512 * @zdev: crypto device pointer
513 * @reply: reply AP message.
514 * @xcRB: pointer to XCRB
516 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
518 static int convert_type86_xcrb(struct zcrypt_device
*zdev
,
519 struct ap_message
*reply
,
520 struct ica_xcRB
*xcRB
)
522 struct type86_fmt2_msg
*msg
= reply
->message
;
523 char *data
= reply
->message
;
525 /* Copy CPRB to user */
526 if (copy_to_user(xcRB
->reply_control_blk_addr
,
527 data
+ msg
->fmt2
.offset1
, msg
->fmt2
.count1
))
529 xcRB
->reply_control_blk_length
= msg
->fmt2
.count1
;
531 /* Copy data buffer to user */
532 if (msg
->fmt2
.count2
)
533 if (copy_to_user(xcRB
->reply_data_addr
,
534 data
+ msg
->fmt2
.offset2
, msg
->fmt2
.count2
))
536 xcRB
->reply_data_length
= msg
->fmt2
.count2
;
540 static int convert_type86_rng(struct zcrypt_device
*zdev
,
541 struct ap_message
*reply
,
545 struct type86_hdr hdr
;
546 struct type86_fmt2_ext fmt2
;
548 } __attribute__((packed
)) *msg
= reply
->message
;
549 char *data
= reply
->message
;
551 if (msg
->cprbx
.ccp_rtcode
!= 0 || msg
->cprbx
.ccp_rscode
!= 0)
553 memcpy(buffer
, data
+ msg
->fmt2
.offset2
, msg
->fmt2
.count2
);
554 return msg
->fmt2
.count2
;
557 static int convert_response_ica(struct zcrypt_device
*zdev
,
558 struct ap_message
*reply
,
559 char __user
*outputdata
,
560 unsigned int outputdatalength
)
562 struct type86x_reply
*msg
= reply
->message
;
564 /* Response type byte is the second byte in the response. */
565 switch (((unsigned char *) reply
->message
)[1]) {
566 case TYPE82_RSP_CODE
:
567 case TYPE88_RSP_CODE
:
568 return convert_error(zdev
, reply
);
569 case TYPE86_RSP_CODE
:
570 if (msg
->cprbx
.ccp_rtcode
&&
571 (msg
->cprbx
.ccp_rscode
== 0x14f) &&
572 (outputdatalength
> 256)) {
573 if (zdev
->max_exp_bit_length
<= 17) {
574 zdev
->max_exp_bit_length
= 17;
579 if (msg
->hdr
.reply_code
)
580 return convert_error(zdev
, reply
);
581 if (msg
->cprbx
.cprb_ver_id
== 0x02)
582 return convert_type86_ica(zdev
, reply
,
583 outputdata
, outputdatalength
);
584 /* Fall through, no break, incorrect cprb version is an unknown
586 default: /* Unknown response type, this should NEVER EVER happen */
588 return -EAGAIN
; /* repeat the request on a different device. */
592 static int convert_response_xcrb(struct zcrypt_device
*zdev
,
593 struct ap_message
*reply
,
594 struct ica_xcRB
*xcRB
)
596 struct type86x_reply
*msg
= reply
->message
;
598 /* Response type byte is the second byte in the response. */
599 switch (((unsigned char *) reply
->message
)[1]) {
600 case TYPE82_RSP_CODE
:
601 case TYPE88_RSP_CODE
:
602 xcRB
->status
= 0x0008044DL
; /* HDD_InvalidParm */
603 return convert_error(zdev
, reply
);
604 case TYPE86_RSP_CODE
:
605 if (msg
->hdr
.reply_code
) {
606 memcpy(&(xcRB
->status
), msg
->fmt2
.apfs
, sizeof(u32
));
607 return convert_error(zdev
, reply
);
609 if (msg
->cprbx
.cprb_ver_id
== 0x02)
610 return convert_type86_xcrb(zdev
, reply
, xcRB
);
611 /* Fall through, no break, incorrect cprb version is an unknown
613 default: /* Unknown response type, this should NEVER EVER happen */
614 xcRB
->status
= 0x0008044DL
; /* HDD_InvalidParm */
616 return -EAGAIN
; /* repeat the request on a different device. */
620 static int convert_response_rng(struct zcrypt_device
*zdev
,
621 struct ap_message
*reply
,
624 struct type86x_reply
*msg
= reply
->message
;
626 switch (msg
->hdr
.type
) {
627 case TYPE82_RSP_CODE
:
628 case TYPE88_RSP_CODE
:
630 case TYPE86_RSP_CODE
:
631 if (msg
->hdr
.reply_code
)
633 if (msg
->cprbx
.cprb_ver_id
== 0x02)
634 return convert_type86_rng(zdev
, reply
, data
);
635 /* Fall through, no break, incorrect cprb version is an unknown
637 default: /* Unknown response type, this should NEVER EVER happen */
639 return -EAGAIN
; /* repeat the request on a different device. */
644 * This function is called from the AP bus code after a crypto request
645 * "msg" has finished with the reply message "reply".
646 * It is called from tasklet context.
647 * @ap_dev: pointer to the AP device
648 * @msg: pointer to the AP message
649 * @reply: pointer to the AP reply message
651 static void zcrypt_pcixcc_receive(struct ap_device
*ap_dev
,
652 struct ap_message
*msg
,
653 struct ap_message
*reply
)
655 static struct error_hdr error_reply
= {
656 .type
= TYPE82_RSP_CODE
,
657 .reply_code
= REP82_ERROR_MACHINE_FAILURE
,
659 struct response_type
*resp_type
=
660 (struct response_type
*) msg
->private;
661 struct type86x_reply
*t86r
;
664 /* Copy the reply message to the request message buffer. */
666 memcpy(msg
->message
, &error_reply
, sizeof(error_reply
));
669 t86r
= reply
->message
;
670 if (t86r
->hdr
.type
== TYPE86_RSP_CODE
&&
671 t86r
->cprbx
.cprb_ver_id
== 0x02) {
672 switch (resp_type
->type
) {
673 case PCIXCC_RESPONSE_TYPE_ICA
:
674 length
= sizeof(struct type86x_reply
)
676 length
= min(PCIXCC_MAX_ICA_RESPONSE_SIZE
, length
);
677 memcpy(msg
->message
, reply
->message
, length
);
679 case PCIXCC_RESPONSE_TYPE_XCRB
:
680 length
= t86r
->fmt2
.offset2
+ t86r
->fmt2
.count2
;
681 length
= min(PCIXCC_MAX_XCRB_RESPONSE_SIZE
, length
);
682 memcpy(msg
->message
, reply
->message
, length
);
685 memcpy(msg
->message
, &error_reply
, sizeof error_reply
);
688 memcpy(msg
->message
, reply
->message
, sizeof error_reply
);
690 complete(&(resp_type
->work
));
693 static atomic_t zcrypt_step
= ATOMIC_INIT(0);
696 * The request distributor calls this function if it picked the PCIXCC/CEX2C
697 * device to handle a modexpo request.
698 * @zdev: pointer to zcrypt_device structure that identifies the
699 * PCIXCC/CEX2C device to the request distributor
700 * @mex: pointer to the modexpo request buffer
702 static long zcrypt_pcixcc_modexpo(struct zcrypt_device
*zdev
,
703 struct ica_rsa_modexpo
*mex
)
705 struct ap_message ap_msg
;
706 struct response_type resp_type
= {
707 .type
= PCIXCC_RESPONSE_TYPE_ICA
,
711 ap_init_message(&ap_msg
);
712 ap_msg
.message
= (void *) get_zeroed_page(GFP_KERNEL
);
715 ap_msg
.psmid
= (((unsigned long long) current
->pid
) << 32) +
716 atomic_inc_return(&zcrypt_step
);
717 ap_msg
.private = &resp_type
;
718 rc
= ICAMEX_msg_to_type6MEX_msgX(zdev
, &ap_msg
, mex
);
721 init_completion(&resp_type
.work
);
722 ap_queue_message(zdev
->ap_dev
, &ap_msg
);
723 rc
= wait_for_completion_interruptible(&resp_type
.work
);
725 rc
= convert_response_ica(zdev
, &ap_msg
, mex
->outputdata
,
726 mex
->outputdatalength
);
728 /* Signal pending. */
729 ap_cancel_message(zdev
->ap_dev
, &ap_msg
);
731 free_page((unsigned long) ap_msg
.message
);
736 * The request distributor calls this function if it picked the PCIXCC/CEX2C
737 * device to handle a modexpo_crt request.
738 * @zdev: pointer to zcrypt_device structure that identifies the
739 * PCIXCC/CEX2C device to the request distributor
740 * @crt: pointer to the modexpoc_crt request buffer
742 static long zcrypt_pcixcc_modexpo_crt(struct zcrypt_device
*zdev
,
743 struct ica_rsa_modexpo_crt
*crt
)
745 struct ap_message ap_msg
;
746 struct response_type resp_type
= {
747 .type
= PCIXCC_RESPONSE_TYPE_ICA
,
751 ap_init_message(&ap_msg
);
752 ap_msg
.message
= (void *) get_zeroed_page(GFP_KERNEL
);
755 ap_msg
.psmid
= (((unsigned long long) current
->pid
) << 32) +
756 atomic_inc_return(&zcrypt_step
);
757 ap_msg
.private = &resp_type
;
758 rc
= ICACRT_msg_to_type6CRT_msgX(zdev
, &ap_msg
, crt
);
761 init_completion(&resp_type
.work
);
762 ap_queue_message(zdev
->ap_dev
, &ap_msg
);
763 rc
= wait_for_completion_interruptible(&resp_type
.work
);
765 rc
= convert_response_ica(zdev
, &ap_msg
, crt
->outputdata
,
766 crt
->outputdatalength
);
768 /* Signal pending. */
769 ap_cancel_message(zdev
->ap_dev
, &ap_msg
);
771 free_page((unsigned long) ap_msg
.message
);
776 * The request distributor calls this function if it picked the PCIXCC/CEX2C
777 * device to handle a send_cprb request.
778 * @zdev: pointer to zcrypt_device structure that identifies the
779 * PCIXCC/CEX2C device to the request distributor
780 * @xcRB: pointer to the send_cprb request buffer
782 static long zcrypt_pcixcc_send_cprb(struct zcrypt_device
*zdev
,
783 struct ica_xcRB
*xcRB
)
785 struct ap_message ap_msg
;
786 struct response_type resp_type
= {
787 .type
= PCIXCC_RESPONSE_TYPE_XCRB
,
791 ap_init_message(&ap_msg
);
792 ap_msg
.message
= kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE
, GFP_KERNEL
);
795 ap_msg
.psmid
= (((unsigned long long) current
->pid
) << 32) +
796 atomic_inc_return(&zcrypt_step
);
797 ap_msg
.private = &resp_type
;
798 rc
= XCRB_msg_to_type6CPRB_msgX(zdev
, &ap_msg
, xcRB
);
801 init_completion(&resp_type
.work
);
802 ap_queue_message(zdev
->ap_dev
, &ap_msg
);
803 rc
= wait_for_completion_interruptible(&resp_type
.work
);
805 rc
= convert_response_xcrb(zdev
, &ap_msg
, xcRB
);
807 /* Signal pending. */
808 ap_cancel_message(zdev
->ap_dev
, &ap_msg
);
810 kzfree(ap_msg
.message
);
815 * The request distributor calls this function if it picked the PCIXCC/CEX2C
816 * device to generate random data.
817 * @zdev: pointer to zcrypt_device structure that identifies the
818 * PCIXCC/CEX2C device to the request distributor
819 * @buffer: pointer to a memory page to return random data
822 static long zcrypt_pcixcc_rng(struct zcrypt_device
*zdev
,
825 struct ap_message ap_msg
;
826 struct response_type resp_type
= {
827 .type
= PCIXCC_RESPONSE_TYPE_XCRB
,
831 ap_init_message(&ap_msg
);
832 ap_msg
.message
= kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE
, GFP_KERNEL
);
835 ap_msg
.psmid
= (((unsigned long long) current
->pid
) << 32) +
836 atomic_inc_return(&zcrypt_step
);
837 ap_msg
.private = &resp_type
;
838 rng_type6CPRB_msgX(zdev
->ap_dev
, &ap_msg
, ZCRYPT_RNG_BUFFER_SIZE
);
839 init_completion(&resp_type
.work
);
840 ap_queue_message(zdev
->ap_dev
, &ap_msg
);
841 rc
= wait_for_completion_interruptible(&resp_type
.work
);
843 rc
= convert_response_rng(zdev
, &ap_msg
, buffer
);
845 /* Signal pending. */
846 ap_cancel_message(zdev
->ap_dev
, &ap_msg
);
847 kfree(ap_msg
.message
);
852 * The crypto operations for a PCIXCC/CEX2C card.
854 static struct zcrypt_ops zcrypt_pcixcc_ops
= {
855 .rsa_modexpo
= zcrypt_pcixcc_modexpo
,
856 .rsa_modexpo_crt
= zcrypt_pcixcc_modexpo_crt
,
857 .send_cprb
= zcrypt_pcixcc_send_cprb
,
860 static struct zcrypt_ops zcrypt_pcixcc_with_rng_ops
= {
861 .rsa_modexpo
= zcrypt_pcixcc_modexpo
,
862 .rsa_modexpo_crt
= zcrypt_pcixcc_modexpo_crt
,
863 .send_cprb
= zcrypt_pcixcc_send_cprb
,
864 .rng
= zcrypt_pcixcc_rng
,
868 * Micro-code detection function. Its sends a message to a pcixcc card
869 * to find out the microcode level.
870 * @ap_dev: pointer to the AP device.
872 static int zcrypt_pcixcc_mcl(struct ap_device
*ap_dev
)
874 static unsigned char msg
[] = {
875 0x00,0x06,0x00,0x00,0x00,0x00,0x00,0x00,
876 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
877 0x00,0x00,0x00,0x58,0x00,0x00,0x00,0x00,
878 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
879 0x43,0x41,0x00,0x00,0x00,0x00,0x00,0x00,
880 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
881 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x00,
882 0x00,0x00,0x01,0xC4,0x00,0x00,0x00,0x00,
883 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
884 0x00,0x00,0x07,0x24,0x00,0x00,0x00,0x00,
885 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
886 0x00,0xDC,0x02,0x00,0x00,0x00,0x54,0x32,
887 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE8,
888 0x00,0x00,0x00,0x00,0x00,0x00,0x07,0x24,
889 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
890 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
891 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
892 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
893 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
894 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
895 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
896 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
897 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
898 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
899 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
900 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
901 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
902 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
903 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
904 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
905 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
906 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
907 0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,
908 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
909 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
910 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
911 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
912 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
913 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x0A,
914 0x4D,0x52,0x50,0x20,0x20,0x20,0x20,0x20,
915 0x00,0x42,0x00,0x01,0x02,0x03,0x04,0x05,
916 0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,
917 0x0E,0x0F,0x00,0x11,0x22,0x33,0x44,0x55,
918 0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,
919 0xEE,0xFF,0xFF,0xEE,0xDD,0xCC,0xBB,0xAA,
920 0x99,0x88,0x77,0x66,0x55,0x44,0x33,0x22,
921 0x11,0x00,0x01,0x23,0x45,0x67,0x89,0xAB,
922 0xCD,0xEF,0xFE,0xDC,0xBA,0x98,0x76,0x54,
923 0x32,0x10,0x00,0x9A,0x00,0x98,0x00,0x00,
924 0x1E,0x00,0x00,0x94,0x00,0x00,0x00,0x00,
925 0x04,0x00,0x00,0x8C,0x00,0x00,0x00,0x40,
926 0x02,0x00,0x00,0x40,0xBA,0xE8,0x23,0x3C,
927 0x75,0xF3,0x91,0x61,0xD6,0x73,0x39,0xCF,
928 0x7B,0x6D,0x8E,0x61,0x97,0x63,0x9E,0xD9,
929 0x60,0x55,0xD6,0xC7,0xEF,0xF8,0x1E,0x63,
930 0x95,0x17,0xCC,0x28,0x45,0x60,0x11,0xC5,
931 0xC4,0x4E,0x66,0xC6,0xE6,0xC3,0xDE,0x8A,
932 0x19,0x30,0xCF,0x0E,0xD7,0xAA,0xDB,0x01,
933 0xD8,0x00,0xBB,0x8F,0x39,0x9F,0x64,0x28,
934 0xF5,0x7A,0x77,0x49,0xCC,0x6B,0xA3,0x91,
935 0x97,0x70,0xE7,0x60,0x1E,0x39,0xE1,0xE5,
936 0x33,0xE1,0x15,0x63,0x69,0x08,0x80,0x4C,
937 0x67,0xC4,0x41,0x8F,0x48,0xDF,0x26,0x98,
938 0xF1,0xD5,0x8D,0x88,0xD9,0x6A,0xA4,0x96,
939 0xC5,0x84,0xD9,0x30,0x49,0x67,0x7D,0x19,
940 0xB1,0xB3,0x45,0x4D,0xB2,0x53,0x9A,0x47,
941 0x3C,0x7C,0x55,0xBF,0xCC,0x85,0x00,0x36,
944 unsigned long long psmid
;
949 reply
= (void *) get_zeroed_page(GFP_KERNEL
);
953 rc
= ap_send(ap_dev
->qid
, 0x0102030405060708ULL
, msg
, sizeof(msg
));
957 /* Wait for the test message to complete. */
958 for (i
= 0; i
< 6; i
++) {
960 rc
= ap_recv(ap_dev
->qid
, &psmid
, reply
, 4096);
961 if (rc
== 0 && psmid
== 0x0102030405060708ULL
)
971 cprbx
= (struct CPRBX
*) (reply
+ 48);
972 if (cprbx
->ccp_rtcode
== 8 && cprbx
->ccp_rscode
== 33)
973 rc
= ZCRYPT_PCIXCC_MCL2
;
975 rc
= ZCRYPT_PCIXCC_MCL3
;
977 free_page((unsigned long) reply
);
982 * Large random number detection function. Its sends a message to a pcixcc
983 * card to find out if large random numbers are supported.
984 * @ap_dev: pointer to the AP device.
986 * Returns 1 if large random numbers are supported, 0 if not and < 0 on error.
988 static int zcrypt_pcixcc_rng_supported(struct ap_device
*ap_dev
)
990 struct ap_message ap_msg
;
991 unsigned long long psmid
;
993 struct type86_hdr hdr
;
994 struct type86_fmt2_ext fmt2
;
996 } __attribute__((packed
)) *reply
;
999 ap_init_message(&ap_msg
);
1000 ap_msg
.message
= (void *) get_zeroed_page(GFP_KERNEL
);
1001 if (!ap_msg
.message
)
1004 rng_type6CPRB_msgX(ap_dev
, &ap_msg
, 4);
1005 rc
= ap_send(ap_dev
->qid
, 0x0102030405060708ULL
, ap_msg
.message
,
1010 /* Wait for the test message to complete. */
1011 for (i
= 0; i
< 2 * HZ
; i
++) {
1013 rc
= ap_recv(ap_dev
->qid
, &psmid
, ap_msg
.message
, 4096);
1014 if (rc
== 0 && psmid
== 0x0102030405060708ULL
)
1019 /* Got no answer. */
1024 reply
= ap_msg
.message
;
1025 if (reply
->cprbx
.ccp_rtcode
== 0 && reply
->cprbx
.ccp_rscode
== 0)
1030 free_page((unsigned long) ap_msg
.message
);
1035 * Probe function for PCIXCC/CEX2C cards. It always accepts the AP device
1036 * since the bus_match already checked the hardware type. The PCIXCC
1037 * cards come in two flavours: micro code level 2 and micro code level 3.
1038 * This is checked by sending a test message to the device.
1039 * @ap_dev: pointer to the AP device.
1041 static int zcrypt_pcixcc_probe(struct ap_device
*ap_dev
)
1043 struct zcrypt_device
*zdev
;
1046 zdev
= zcrypt_device_alloc(PCIXCC_MAX_RESPONSE_SIZE
);
1049 zdev
->ap_dev
= ap_dev
;
1051 switch (ap_dev
->device_type
) {
1052 case AP_DEVICE_TYPE_PCIXCC
:
1053 rc
= zcrypt_pcixcc_mcl(ap_dev
);
1055 zcrypt_device_free(zdev
);
1058 zdev
->user_space_type
= rc
;
1059 if (rc
== ZCRYPT_PCIXCC_MCL2
) {
1060 zdev
->type_string
= "PCIXCC_MCL2";
1061 zdev
->speed_rating
= PCIXCC_MCL2_SPEED_RATING
;
1062 zdev
->min_mod_size
= PCIXCC_MIN_MOD_SIZE_OLD
;
1063 zdev
->max_mod_size
= PCIXCC_MAX_MOD_SIZE
;
1064 zdev
->max_exp_bit_length
= PCIXCC_MAX_MOD_SIZE
;
1066 zdev
->type_string
= "PCIXCC_MCL3";
1067 zdev
->speed_rating
= PCIXCC_MCL3_SPEED_RATING
;
1068 zdev
->min_mod_size
= PCIXCC_MIN_MOD_SIZE
;
1069 zdev
->max_mod_size
= PCIXCC_MAX_MOD_SIZE
;
1070 zdev
->max_exp_bit_length
= PCIXCC_MAX_MOD_SIZE
;
1073 case AP_DEVICE_TYPE_CEX2C
:
1074 zdev
->user_space_type
= ZCRYPT_CEX2C
;
1075 zdev
->type_string
= "CEX2C";
1076 zdev
->speed_rating
= CEX2C_SPEED_RATING
;
1077 zdev
->min_mod_size
= PCIXCC_MIN_MOD_SIZE
;
1078 zdev
->max_mod_size
= PCIXCC_MAX_MOD_SIZE
;
1079 zdev
->max_exp_bit_length
= PCIXCC_MAX_MOD_SIZE
;
1081 case AP_DEVICE_TYPE_CEX3C
:
1082 zdev
->user_space_type
= ZCRYPT_CEX3C
;
1083 zdev
->type_string
= "CEX3C";
1084 zdev
->speed_rating
= CEX3C_SPEED_RATING
;
1085 zdev
->min_mod_size
= CEX3C_MIN_MOD_SIZE
;
1086 zdev
->max_mod_size
= CEX3C_MAX_MOD_SIZE
;
1087 zdev
->max_exp_bit_length
= CEX3C_MAX_MOD_SIZE
;
1093 rc
= zcrypt_pcixcc_rng_supported(ap_dev
);
1095 zcrypt_device_free(zdev
);
1099 zdev
->ops
= &zcrypt_pcixcc_with_rng_ops
;
1101 zdev
->ops
= &zcrypt_pcixcc_ops
;
1102 ap_dev
->reply
= &zdev
->reply
;
1103 ap_dev
->private = zdev
;
1104 rc
= zcrypt_device_register(zdev
);
1110 ap_dev
->private = NULL
;
1111 zcrypt_device_free(zdev
);
1116 * This is called to remove the extended PCIXCC/CEX2C driver information
1117 * if an AP device is removed.
1119 static void zcrypt_pcixcc_remove(struct ap_device
*ap_dev
)
1121 struct zcrypt_device
*zdev
= ap_dev
->private;
1123 zcrypt_device_unregister(zdev
);
1126 int __init
zcrypt_pcixcc_init(void)
1128 return ap_driver_register(&zcrypt_pcixcc_driver
, THIS_MODULE
, "pcixcc");
1131 void zcrypt_pcixcc_exit(void)
1133 ap_driver_unregister(&zcrypt_pcixcc_driver
);
1136 #ifndef CONFIG_ZCRYPT_MONOLITHIC
1137 module_init(zcrypt_pcixcc_init
);
1138 module_exit(zcrypt_pcixcc_exit
);