MIPS: Yosemite, Emma: Fix off-by-two in arcs_cmdline buffer size check
[linux-2.6/linux-mips.git] / drivers / s390 / crypto / zcrypt_api.c
blob88ad33ed5d385cbea284ce66bc7bafda842b846a
1 /*
2 * linux/drivers/s390/crypto/zcrypt_api.c
4 * zcrypt 2.1.0
6 * Copyright (C) 2001, 2006 IBM Corporation
7 * Author(s): Robert Burroughs
8 * Eric Rossman (edrossma@us.ibm.com)
9 * Cornelia Huck <cornelia.huck@de.ibm.com>
11 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
12 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
13 * Ralph Wuerthner <rwuerthn@de.ibm.com>
15 * This program is free software; you can redistribute it and/or modify
16 * it under the terms of the GNU General Public License as published by
17 * the Free Software Foundation; either version 2, or (at your option)
18 * any later version.
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * You should have received a copy of the GNU General Public License
26 * along with this program; if not, write to the Free Software
27 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
30 #include <linux/module.h>
31 #include <linux/init.h>
32 #include <linux/interrupt.h>
33 #include <linux/miscdevice.h>
34 #include <linux/fs.h>
35 #include <linux/proc_fs.h>
36 #include <linux/seq_file.h>
37 #include <linux/compat.h>
38 #include <linux/slab.h>
39 #include <linux/atomic.h>
40 #include <asm/uaccess.h>
41 #include <linux/hw_random.h>
43 #include "zcrypt_api.h"
46 * Module description.
48 MODULE_AUTHOR("IBM Corporation");
49 MODULE_DESCRIPTION("Cryptographic Coprocessor interface, "
50 "Copyright 2001, 2006 IBM Corporation");
51 MODULE_LICENSE("GPL");
53 static DEFINE_SPINLOCK(zcrypt_device_lock);
54 static LIST_HEAD(zcrypt_device_list);
55 static int zcrypt_device_count = 0;
56 static atomic_t zcrypt_open_count = ATOMIC_INIT(0);
58 static int zcrypt_rng_device_add(void);
59 static void zcrypt_rng_device_remove(void);
62 * Device attributes common for all crypto devices.
64 static ssize_t zcrypt_type_show(struct device *dev,
65 struct device_attribute *attr, char *buf)
67 struct zcrypt_device *zdev = to_ap_dev(dev)->private;
68 return snprintf(buf, PAGE_SIZE, "%s\n", zdev->type_string);
71 static DEVICE_ATTR(type, 0444, zcrypt_type_show, NULL);
73 static ssize_t zcrypt_online_show(struct device *dev,
74 struct device_attribute *attr, char *buf)
76 struct zcrypt_device *zdev = to_ap_dev(dev)->private;
77 return snprintf(buf, PAGE_SIZE, "%d\n", zdev->online);
80 static ssize_t zcrypt_online_store(struct device *dev,
81 struct device_attribute *attr,
82 const char *buf, size_t count)
84 struct zcrypt_device *zdev = to_ap_dev(dev)->private;
85 int online;
87 if (sscanf(buf, "%d\n", &online) != 1 || online < 0 || online > 1)
88 return -EINVAL;
89 zdev->online = online;
90 if (!online)
91 ap_flush_queue(zdev->ap_dev);
92 return count;
95 static DEVICE_ATTR(online, 0644, zcrypt_online_show, zcrypt_online_store);
97 static struct attribute * zcrypt_device_attrs[] = {
98 &dev_attr_type.attr,
99 &dev_attr_online.attr,
100 NULL,
103 static struct attribute_group zcrypt_device_attr_group = {
104 .attrs = zcrypt_device_attrs,
108 * __zcrypt_increase_preference(): Increase preference of a crypto device.
109 * @zdev: Pointer the crypto device
111 * Move the device towards the head of the device list.
112 * Need to be called while holding the zcrypt device list lock.
113 * Note: cards with speed_rating of 0 are kept at the end of the list.
115 static void __zcrypt_increase_preference(struct zcrypt_device *zdev)
117 struct zcrypt_device *tmp;
118 struct list_head *l;
120 if (zdev->speed_rating == 0)
121 return;
122 for (l = zdev->list.prev; l != &zcrypt_device_list; l = l->prev) {
123 tmp = list_entry(l, struct zcrypt_device, list);
124 if ((tmp->request_count + 1) * tmp->speed_rating <=
125 (zdev->request_count + 1) * zdev->speed_rating &&
126 tmp->speed_rating != 0)
127 break;
129 if (l == zdev->list.prev)
130 return;
131 /* Move zdev behind l */
132 list_move(&zdev->list, l);
136 * __zcrypt_decrease_preference(): Decrease preference of a crypto device.
137 * @zdev: Pointer to a crypto device.
139 * Move the device towards the tail of the device list.
140 * Need to be called while holding the zcrypt device list lock.
141 * Note: cards with speed_rating of 0 are kept at the end of the list.
143 static void __zcrypt_decrease_preference(struct zcrypt_device *zdev)
145 struct zcrypt_device *tmp;
146 struct list_head *l;
148 if (zdev->speed_rating == 0)
149 return;
150 for (l = zdev->list.next; l != &zcrypt_device_list; l = l->next) {
151 tmp = list_entry(l, struct zcrypt_device, list);
152 if ((tmp->request_count + 1) * tmp->speed_rating >
153 (zdev->request_count + 1) * zdev->speed_rating ||
154 tmp->speed_rating == 0)
155 break;
157 if (l == zdev->list.next)
158 return;
159 /* Move zdev before l */
160 list_move_tail(&zdev->list, l);
163 static void zcrypt_device_release(struct kref *kref)
165 struct zcrypt_device *zdev =
166 container_of(kref, struct zcrypt_device, refcount);
167 zcrypt_device_free(zdev);
170 void zcrypt_device_get(struct zcrypt_device *zdev)
172 kref_get(&zdev->refcount);
174 EXPORT_SYMBOL(zcrypt_device_get);
176 int zcrypt_device_put(struct zcrypt_device *zdev)
178 return kref_put(&zdev->refcount, zcrypt_device_release);
180 EXPORT_SYMBOL(zcrypt_device_put);
182 struct zcrypt_device *zcrypt_device_alloc(size_t max_response_size)
184 struct zcrypt_device *zdev;
186 zdev = kzalloc(sizeof(struct zcrypt_device), GFP_KERNEL);
187 if (!zdev)
188 return NULL;
189 zdev->reply.message = kmalloc(max_response_size, GFP_KERNEL);
190 if (!zdev->reply.message)
191 goto out_free;
192 zdev->reply.length = max_response_size;
193 spin_lock_init(&zdev->lock);
194 INIT_LIST_HEAD(&zdev->list);
195 return zdev;
197 out_free:
198 kfree(zdev);
199 return NULL;
201 EXPORT_SYMBOL(zcrypt_device_alloc);
203 void zcrypt_device_free(struct zcrypt_device *zdev)
205 kfree(zdev->reply.message);
206 kfree(zdev);
208 EXPORT_SYMBOL(zcrypt_device_free);
211 * zcrypt_device_register() - Register a crypto device.
212 * @zdev: Pointer to a crypto device
214 * Register a crypto device. Returns 0 if successful.
216 int zcrypt_device_register(struct zcrypt_device *zdev)
218 int rc;
220 rc = sysfs_create_group(&zdev->ap_dev->device.kobj,
221 &zcrypt_device_attr_group);
222 if (rc)
223 goto out;
224 get_device(&zdev->ap_dev->device);
225 kref_init(&zdev->refcount);
226 spin_lock_bh(&zcrypt_device_lock);
227 zdev->online = 1; /* New devices are online by default. */
228 list_add_tail(&zdev->list, &zcrypt_device_list);
229 __zcrypt_increase_preference(zdev);
230 zcrypt_device_count++;
231 spin_unlock_bh(&zcrypt_device_lock);
232 if (zdev->ops->rng) {
233 rc = zcrypt_rng_device_add();
234 if (rc)
235 goto out_unregister;
237 return 0;
239 out_unregister:
240 spin_lock_bh(&zcrypt_device_lock);
241 zcrypt_device_count--;
242 list_del_init(&zdev->list);
243 spin_unlock_bh(&zcrypt_device_lock);
244 sysfs_remove_group(&zdev->ap_dev->device.kobj,
245 &zcrypt_device_attr_group);
246 put_device(&zdev->ap_dev->device);
247 zcrypt_device_put(zdev);
248 out:
249 return rc;
251 EXPORT_SYMBOL(zcrypt_device_register);
254 * zcrypt_device_unregister(): Unregister a crypto device.
255 * @zdev: Pointer to crypto device
257 * Unregister a crypto device.
259 void zcrypt_device_unregister(struct zcrypt_device *zdev)
261 if (zdev->ops->rng)
262 zcrypt_rng_device_remove();
263 spin_lock_bh(&zcrypt_device_lock);
264 zcrypt_device_count--;
265 list_del_init(&zdev->list);
266 spin_unlock_bh(&zcrypt_device_lock);
267 sysfs_remove_group(&zdev->ap_dev->device.kobj,
268 &zcrypt_device_attr_group);
269 put_device(&zdev->ap_dev->device);
270 zcrypt_device_put(zdev);
272 EXPORT_SYMBOL(zcrypt_device_unregister);
275 * zcrypt_read (): Not supported beyond zcrypt 1.3.1.
277 * This function is not supported beyond zcrypt 1.3.1.
279 static ssize_t zcrypt_read(struct file *filp, char __user *buf,
280 size_t count, loff_t *f_pos)
282 return -EPERM;
286 * zcrypt_write(): Not allowed.
288 * Write is is not allowed
290 static ssize_t zcrypt_write(struct file *filp, const char __user *buf,
291 size_t count, loff_t *f_pos)
293 return -EPERM;
297 * zcrypt_open(): Count number of users.
299 * Device open function to count number of users.
301 static int zcrypt_open(struct inode *inode, struct file *filp)
303 atomic_inc(&zcrypt_open_count);
304 return nonseekable_open(inode, filp);
308 * zcrypt_release(): Count number of users.
310 * Device close function to count number of users.
312 static int zcrypt_release(struct inode *inode, struct file *filp)
314 atomic_dec(&zcrypt_open_count);
315 return 0;
319 * zcrypt ioctls.
321 static long zcrypt_rsa_modexpo(struct ica_rsa_modexpo *mex)
323 struct zcrypt_device *zdev;
324 int rc;
326 if (mex->outputdatalength < mex->inputdatalength)
327 return -EINVAL;
329 * As long as outputdatalength is big enough, we can set the
330 * outputdatalength equal to the inputdatalength, since that is the
331 * number of bytes we will copy in any case
333 mex->outputdatalength = mex->inputdatalength;
335 spin_lock_bh(&zcrypt_device_lock);
336 list_for_each_entry(zdev, &zcrypt_device_list, list) {
337 if (!zdev->online ||
338 !zdev->ops->rsa_modexpo ||
339 zdev->min_mod_size > mex->inputdatalength ||
340 zdev->max_mod_size < mex->inputdatalength)
341 continue;
342 zcrypt_device_get(zdev);
343 get_device(&zdev->ap_dev->device);
344 zdev->request_count++;
345 __zcrypt_decrease_preference(zdev);
346 if (try_module_get(zdev->ap_dev->drv->driver.owner)) {
347 spin_unlock_bh(&zcrypt_device_lock);
348 rc = zdev->ops->rsa_modexpo(zdev, mex);
349 spin_lock_bh(&zcrypt_device_lock);
350 module_put(zdev->ap_dev->drv->driver.owner);
352 else
353 rc = -EAGAIN;
354 zdev->request_count--;
355 __zcrypt_increase_preference(zdev);
356 put_device(&zdev->ap_dev->device);
357 zcrypt_device_put(zdev);
358 spin_unlock_bh(&zcrypt_device_lock);
359 return rc;
361 spin_unlock_bh(&zcrypt_device_lock);
362 return -ENODEV;
365 static long zcrypt_rsa_crt(struct ica_rsa_modexpo_crt *crt)
367 struct zcrypt_device *zdev;
368 unsigned long long z1, z2, z3;
369 int rc, copied;
371 if (crt->outputdatalength < crt->inputdatalength ||
372 (crt->inputdatalength & 1))
373 return -EINVAL;
375 * As long as outputdatalength is big enough, we can set the
376 * outputdatalength equal to the inputdatalength, since that is the
377 * number of bytes we will copy in any case
379 crt->outputdatalength = crt->inputdatalength;
381 copied = 0;
382 restart:
383 spin_lock_bh(&zcrypt_device_lock);
384 list_for_each_entry(zdev, &zcrypt_device_list, list) {
385 if (!zdev->online ||
386 !zdev->ops->rsa_modexpo_crt ||
387 zdev->min_mod_size > crt->inputdatalength ||
388 zdev->max_mod_size < crt->inputdatalength)
389 continue;
390 if (zdev->short_crt && crt->inputdatalength > 240) {
392 * Check inputdata for leading zeros for cards
393 * that can't handle np_prime, bp_key, or
394 * u_mult_inv > 128 bytes.
396 if (copied == 0) {
397 unsigned int len;
398 spin_unlock_bh(&zcrypt_device_lock);
399 /* len is max 256 / 2 - 120 = 8
400 * For bigger device just assume len of leading
401 * 0s is 8 as stated in the requirements for
402 * ica_rsa_modexpo_crt struct in zcrypt.h.
404 if (crt->inputdatalength <= 256)
405 len = crt->inputdatalength / 2 - 120;
406 else
407 len = 8;
408 if (len > sizeof(z1))
409 return -EFAULT;
410 z1 = z2 = z3 = 0;
411 if (copy_from_user(&z1, crt->np_prime, len) ||
412 copy_from_user(&z2, crt->bp_key, len) ||
413 copy_from_user(&z3, crt->u_mult_inv, len))
414 return -EFAULT;
415 z1 = z2 = z3 = 0;
416 copied = 1;
418 * We have to restart device lookup -
419 * the device list may have changed by now.
421 goto restart;
423 if (z1 != 0ULL || z2 != 0ULL || z3 != 0ULL)
424 /* The device can't handle this request. */
425 continue;
427 zcrypt_device_get(zdev);
428 get_device(&zdev->ap_dev->device);
429 zdev->request_count++;
430 __zcrypt_decrease_preference(zdev);
431 if (try_module_get(zdev->ap_dev->drv->driver.owner)) {
432 spin_unlock_bh(&zcrypt_device_lock);
433 rc = zdev->ops->rsa_modexpo_crt(zdev, crt);
434 spin_lock_bh(&zcrypt_device_lock);
435 module_put(zdev->ap_dev->drv->driver.owner);
437 else
438 rc = -EAGAIN;
439 zdev->request_count--;
440 __zcrypt_increase_preference(zdev);
441 put_device(&zdev->ap_dev->device);
442 zcrypt_device_put(zdev);
443 spin_unlock_bh(&zcrypt_device_lock);
444 return rc;
446 spin_unlock_bh(&zcrypt_device_lock);
447 return -ENODEV;
450 static long zcrypt_send_cprb(struct ica_xcRB *xcRB)
452 struct zcrypt_device *zdev;
453 int rc;
455 spin_lock_bh(&zcrypt_device_lock);
456 list_for_each_entry(zdev, &zcrypt_device_list, list) {
457 if (!zdev->online || !zdev->ops->send_cprb ||
458 (xcRB->user_defined != AUTOSELECT &&
459 AP_QID_DEVICE(zdev->ap_dev->qid) != xcRB->user_defined)
461 continue;
462 zcrypt_device_get(zdev);
463 get_device(&zdev->ap_dev->device);
464 zdev->request_count++;
465 __zcrypt_decrease_preference(zdev);
466 if (try_module_get(zdev->ap_dev->drv->driver.owner)) {
467 spin_unlock_bh(&zcrypt_device_lock);
468 rc = zdev->ops->send_cprb(zdev, xcRB);
469 spin_lock_bh(&zcrypt_device_lock);
470 module_put(zdev->ap_dev->drv->driver.owner);
472 else
473 rc = -EAGAIN;
474 zdev->request_count--;
475 __zcrypt_increase_preference(zdev);
476 put_device(&zdev->ap_dev->device);
477 zcrypt_device_put(zdev);
478 spin_unlock_bh(&zcrypt_device_lock);
479 return rc;
481 spin_unlock_bh(&zcrypt_device_lock);
482 return -ENODEV;
485 static long zcrypt_rng(char *buffer)
487 struct zcrypt_device *zdev;
488 int rc;
490 spin_lock_bh(&zcrypt_device_lock);
491 list_for_each_entry(zdev, &zcrypt_device_list, list) {
492 if (!zdev->online || !zdev->ops->rng)
493 continue;
494 zcrypt_device_get(zdev);
495 get_device(&zdev->ap_dev->device);
496 zdev->request_count++;
497 __zcrypt_decrease_preference(zdev);
498 if (try_module_get(zdev->ap_dev->drv->driver.owner)) {
499 spin_unlock_bh(&zcrypt_device_lock);
500 rc = zdev->ops->rng(zdev, buffer);
501 spin_lock_bh(&zcrypt_device_lock);
502 module_put(zdev->ap_dev->drv->driver.owner);
503 } else
504 rc = -EAGAIN;
505 zdev->request_count--;
506 __zcrypt_increase_preference(zdev);
507 put_device(&zdev->ap_dev->device);
508 zcrypt_device_put(zdev);
509 spin_unlock_bh(&zcrypt_device_lock);
510 return rc;
512 spin_unlock_bh(&zcrypt_device_lock);
513 return -ENODEV;
516 static void zcrypt_status_mask(char status[AP_DEVICES])
518 struct zcrypt_device *zdev;
520 memset(status, 0, sizeof(char) * AP_DEVICES);
521 spin_lock_bh(&zcrypt_device_lock);
522 list_for_each_entry(zdev, &zcrypt_device_list, list)
523 status[AP_QID_DEVICE(zdev->ap_dev->qid)] =
524 zdev->online ? zdev->user_space_type : 0x0d;
525 spin_unlock_bh(&zcrypt_device_lock);
528 static void zcrypt_qdepth_mask(char qdepth[AP_DEVICES])
530 struct zcrypt_device *zdev;
532 memset(qdepth, 0, sizeof(char) * AP_DEVICES);
533 spin_lock_bh(&zcrypt_device_lock);
534 list_for_each_entry(zdev, &zcrypt_device_list, list) {
535 spin_lock(&zdev->ap_dev->lock);
536 qdepth[AP_QID_DEVICE(zdev->ap_dev->qid)] =
537 zdev->ap_dev->pendingq_count +
538 zdev->ap_dev->requestq_count;
539 spin_unlock(&zdev->ap_dev->lock);
541 spin_unlock_bh(&zcrypt_device_lock);
544 static void zcrypt_perdev_reqcnt(int reqcnt[AP_DEVICES])
546 struct zcrypt_device *zdev;
548 memset(reqcnt, 0, sizeof(int) * AP_DEVICES);
549 spin_lock_bh(&zcrypt_device_lock);
550 list_for_each_entry(zdev, &zcrypt_device_list, list) {
551 spin_lock(&zdev->ap_dev->lock);
552 reqcnt[AP_QID_DEVICE(zdev->ap_dev->qid)] =
553 zdev->ap_dev->total_request_count;
554 spin_unlock(&zdev->ap_dev->lock);
556 spin_unlock_bh(&zcrypt_device_lock);
559 static int zcrypt_pendingq_count(void)
561 struct zcrypt_device *zdev;
562 int pendingq_count = 0;
564 spin_lock_bh(&zcrypt_device_lock);
565 list_for_each_entry(zdev, &zcrypt_device_list, list) {
566 spin_lock(&zdev->ap_dev->lock);
567 pendingq_count += zdev->ap_dev->pendingq_count;
568 spin_unlock(&zdev->ap_dev->lock);
570 spin_unlock_bh(&zcrypt_device_lock);
571 return pendingq_count;
574 static int zcrypt_requestq_count(void)
576 struct zcrypt_device *zdev;
577 int requestq_count = 0;
579 spin_lock_bh(&zcrypt_device_lock);
580 list_for_each_entry(zdev, &zcrypt_device_list, list) {
581 spin_lock(&zdev->ap_dev->lock);
582 requestq_count += zdev->ap_dev->requestq_count;
583 spin_unlock(&zdev->ap_dev->lock);
585 spin_unlock_bh(&zcrypt_device_lock);
586 return requestq_count;
589 static int zcrypt_count_type(int type)
591 struct zcrypt_device *zdev;
592 int device_count = 0;
594 spin_lock_bh(&zcrypt_device_lock);
595 list_for_each_entry(zdev, &zcrypt_device_list, list)
596 if (zdev->user_space_type == type)
597 device_count++;
598 spin_unlock_bh(&zcrypt_device_lock);
599 return device_count;
603 * zcrypt_ica_status(): Old, depracted combi status call.
605 * Old, deprecated combi status call.
607 static long zcrypt_ica_status(struct file *filp, unsigned long arg)
609 struct ica_z90_status *pstat;
610 int ret;
612 pstat = kzalloc(sizeof(*pstat), GFP_KERNEL);
613 if (!pstat)
614 return -ENOMEM;
615 pstat->totalcount = zcrypt_device_count;
616 pstat->leedslitecount = zcrypt_count_type(ZCRYPT_PCICA);
617 pstat->leeds2count = zcrypt_count_type(ZCRYPT_PCICC);
618 pstat->requestqWaitCount = zcrypt_requestq_count();
619 pstat->pendingqWaitCount = zcrypt_pendingq_count();
620 pstat->totalOpenCount = atomic_read(&zcrypt_open_count);
621 pstat->cryptoDomain = ap_domain_index;
622 zcrypt_status_mask(pstat->status);
623 zcrypt_qdepth_mask(pstat->qdepth);
624 ret = 0;
625 if (copy_to_user((void __user *) arg, pstat, sizeof(*pstat)))
626 ret = -EFAULT;
627 kfree(pstat);
628 return ret;
631 static long zcrypt_unlocked_ioctl(struct file *filp, unsigned int cmd,
632 unsigned long arg)
634 int rc;
636 switch (cmd) {
637 case ICARSAMODEXPO: {
638 struct ica_rsa_modexpo __user *umex = (void __user *) arg;
639 struct ica_rsa_modexpo mex;
640 if (copy_from_user(&mex, umex, sizeof(mex)))
641 return -EFAULT;
642 do {
643 rc = zcrypt_rsa_modexpo(&mex);
644 } while (rc == -EAGAIN);
645 if (rc)
646 return rc;
647 return put_user(mex.outputdatalength, &umex->outputdatalength);
649 case ICARSACRT: {
650 struct ica_rsa_modexpo_crt __user *ucrt = (void __user *) arg;
651 struct ica_rsa_modexpo_crt crt;
652 if (copy_from_user(&crt, ucrt, sizeof(crt)))
653 return -EFAULT;
654 do {
655 rc = zcrypt_rsa_crt(&crt);
656 } while (rc == -EAGAIN);
657 if (rc)
658 return rc;
659 return put_user(crt.outputdatalength, &ucrt->outputdatalength);
661 case ZSECSENDCPRB: {
662 struct ica_xcRB __user *uxcRB = (void __user *) arg;
663 struct ica_xcRB xcRB;
664 if (copy_from_user(&xcRB, uxcRB, sizeof(xcRB)))
665 return -EFAULT;
666 do {
667 rc = zcrypt_send_cprb(&xcRB);
668 } while (rc == -EAGAIN);
669 if (copy_to_user(uxcRB, &xcRB, sizeof(xcRB)))
670 return -EFAULT;
671 return rc;
673 case Z90STAT_STATUS_MASK: {
674 char status[AP_DEVICES];
675 zcrypt_status_mask(status);
676 if (copy_to_user((char __user *) arg, status,
677 sizeof(char) * AP_DEVICES))
678 return -EFAULT;
679 return 0;
681 case Z90STAT_QDEPTH_MASK: {
682 char qdepth[AP_DEVICES];
683 zcrypt_qdepth_mask(qdepth);
684 if (copy_to_user((char __user *) arg, qdepth,
685 sizeof(char) * AP_DEVICES))
686 return -EFAULT;
687 return 0;
689 case Z90STAT_PERDEV_REQCNT: {
690 int reqcnt[AP_DEVICES];
691 zcrypt_perdev_reqcnt(reqcnt);
692 if (copy_to_user((int __user *) arg, reqcnt,
693 sizeof(int) * AP_DEVICES))
694 return -EFAULT;
695 return 0;
697 case Z90STAT_REQUESTQ_COUNT:
698 return put_user(zcrypt_requestq_count(), (int __user *) arg);
699 case Z90STAT_PENDINGQ_COUNT:
700 return put_user(zcrypt_pendingq_count(), (int __user *) arg);
701 case Z90STAT_TOTALOPEN_COUNT:
702 return put_user(atomic_read(&zcrypt_open_count),
703 (int __user *) arg);
704 case Z90STAT_DOMAIN_INDEX:
705 return put_user(ap_domain_index, (int __user *) arg);
707 * Deprecated ioctls. Don't add another device count ioctl,
708 * you can count them yourself in the user space with the
709 * output of the Z90STAT_STATUS_MASK ioctl.
711 case ICAZ90STATUS:
712 return zcrypt_ica_status(filp, arg);
713 case Z90STAT_TOTALCOUNT:
714 return put_user(zcrypt_device_count, (int __user *) arg);
715 case Z90STAT_PCICACOUNT:
716 return put_user(zcrypt_count_type(ZCRYPT_PCICA),
717 (int __user *) arg);
718 case Z90STAT_PCICCCOUNT:
719 return put_user(zcrypt_count_type(ZCRYPT_PCICC),
720 (int __user *) arg);
721 case Z90STAT_PCIXCCMCL2COUNT:
722 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL2),
723 (int __user *) arg);
724 case Z90STAT_PCIXCCMCL3COUNT:
725 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL3),
726 (int __user *) arg);
727 case Z90STAT_PCIXCCCOUNT:
728 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL2) +
729 zcrypt_count_type(ZCRYPT_PCIXCC_MCL3),
730 (int __user *) arg);
731 case Z90STAT_CEX2CCOUNT:
732 return put_user(zcrypt_count_type(ZCRYPT_CEX2C),
733 (int __user *) arg);
734 case Z90STAT_CEX2ACOUNT:
735 return put_user(zcrypt_count_type(ZCRYPT_CEX2A),
736 (int __user *) arg);
737 default:
738 /* unknown ioctl number */
739 return -ENOIOCTLCMD;
743 #ifdef CONFIG_COMPAT
745 * ioctl32 conversion routines
747 struct compat_ica_rsa_modexpo {
748 compat_uptr_t inputdata;
749 unsigned int inputdatalength;
750 compat_uptr_t outputdata;
751 unsigned int outputdatalength;
752 compat_uptr_t b_key;
753 compat_uptr_t n_modulus;
756 static long trans_modexpo32(struct file *filp, unsigned int cmd,
757 unsigned long arg)
759 struct compat_ica_rsa_modexpo __user *umex32 = compat_ptr(arg);
760 struct compat_ica_rsa_modexpo mex32;
761 struct ica_rsa_modexpo mex64;
762 long rc;
764 if (copy_from_user(&mex32, umex32, sizeof(mex32)))
765 return -EFAULT;
766 mex64.inputdata = compat_ptr(mex32.inputdata);
767 mex64.inputdatalength = mex32.inputdatalength;
768 mex64.outputdata = compat_ptr(mex32.outputdata);
769 mex64.outputdatalength = mex32.outputdatalength;
770 mex64.b_key = compat_ptr(mex32.b_key);
771 mex64.n_modulus = compat_ptr(mex32.n_modulus);
772 do {
773 rc = zcrypt_rsa_modexpo(&mex64);
774 } while (rc == -EAGAIN);
775 if (!rc)
776 rc = put_user(mex64.outputdatalength,
777 &umex32->outputdatalength);
778 return rc;
781 struct compat_ica_rsa_modexpo_crt {
782 compat_uptr_t inputdata;
783 unsigned int inputdatalength;
784 compat_uptr_t outputdata;
785 unsigned int outputdatalength;
786 compat_uptr_t bp_key;
787 compat_uptr_t bq_key;
788 compat_uptr_t np_prime;
789 compat_uptr_t nq_prime;
790 compat_uptr_t u_mult_inv;
793 static long trans_modexpo_crt32(struct file *filp, unsigned int cmd,
794 unsigned long arg)
796 struct compat_ica_rsa_modexpo_crt __user *ucrt32 = compat_ptr(arg);
797 struct compat_ica_rsa_modexpo_crt crt32;
798 struct ica_rsa_modexpo_crt crt64;
799 long rc;
801 if (copy_from_user(&crt32, ucrt32, sizeof(crt32)))
802 return -EFAULT;
803 crt64.inputdata = compat_ptr(crt32.inputdata);
804 crt64.inputdatalength = crt32.inputdatalength;
805 crt64.outputdata= compat_ptr(crt32.outputdata);
806 crt64.outputdatalength = crt32.outputdatalength;
807 crt64.bp_key = compat_ptr(crt32.bp_key);
808 crt64.bq_key = compat_ptr(crt32.bq_key);
809 crt64.np_prime = compat_ptr(crt32.np_prime);
810 crt64.nq_prime = compat_ptr(crt32.nq_prime);
811 crt64.u_mult_inv = compat_ptr(crt32.u_mult_inv);
812 do {
813 rc = zcrypt_rsa_crt(&crt64);
814 } while (rc == -EAGAIN);
815 if (!rc)
816 rc = put_user(crt64.outputdatalength,
817 &ucrt32->outputdatalength);
818 return rc;
821 struct compat_ica_xcRB {
822 unsigned short agent_ID;
823 unsigned int user_defined;
824 unsigned short request_ID;
825 unsigned int request_control_blk_length;
826 unsigned char padding1[16 - sizeof (compat_uptr_t)];
827 compat_uptr_t request_control_blk_addr;
828 unsigned int request_data_length;
829 char padding2[16 - sizeof (compat_uptr_t)];
830 compat_uptr_t request_data_address;
831 unsigned int reply_control_blk_length;
832 char padding3[16 - sizeof (compat_uptr_t)];
833 compat_uptr_t reply_control_blk_addr;
834 unsigned int reply_data_length;
835 char padding4[16 - sizeof (compat_uptr_t)];
836 compat_uptr_t reply_data_addr;
837 unsigned short priority_window;
838 unsigned int status;
839 } __attribute__((packed));
841 static long trans_xcRB32(struct file *filp, unsigned int cmd,
842 unsigned long arg)
844 struct compat_ica_xcRB __user *uxcRB32 = compat_ptr(arg);
845 struct compat_ica_xcRB xcRB32;
846 struct ica_xcRB xcRB64;
847 long rc;
849 if (copy_from_user(&xcRB32, uxcRB32, sizeof(xcRB32)))
850 return -EFAULT;
851 xcRB64.agent_ID = xcRB32.agent_ID;
852 xcRB64.user_defined = xcRB32.user_defined;
853 xcRB64.request_ID = xcRB32.request_ID;
854 xcRB64.request_control_blk_length =
855 xcRB32.request_control_blk_length;
856 xcRB64.request_control_blk_addr =
857 compat_ptr(xcRB32.request_control_blk_addr);
858 xcRB64.request_data_length =
859 xcRB32.request_data_length;
860 xcRB64.request_data_address =
861 compat_ptr(xcRB32.request_data_address);
862 xcRB64.reply_control_blk_length =
863 xcRB32.reply_control_blk_length;
864 xcRB64.reply_control_blk_addr =
865 compat_ptr(xcRB32.reply_control_blk_addr);
866 xcRB64.reply_data_length = xcRB32.reply_data_length;
867 xcRB64.reply_data_addr =
868 compat_ptr(xcRB32.reply_data_addr);
869 xcRB64.priority_window = xcRB32.priority_window;
870 xcRB64.status = xcRB32.status;
871 do {
872 rc = zcrypt_send_cprb(&xcRB64);
873 } while (rc == -EAGAIN);
874 xcRB32.reply_control_blk_length = xcRB64.reply_control_blk_length;
875 xcRB32.reply_data_length = xcRB64.reply_data_length;
876 xcRB32.status = xcRB64.status;
877 if (copy_to_user(uxcRB32, &xcRB32, sizeof(xcRB32)))
878 return -EFAULT;
879 return rc;
882 static long zcrypt_compat_ioctl(struct file *filp, unsigned int cmd,
883 unsigned long arg)
885 if (cmd == ICARSAMODEXPO)
886 return trans_modexpo32(filp, cmd, arg);
887 if (cmd == ICARSACRT)
888 return trans_modexpo_crt32(filp, cmd, arg);
889 if (cmd == ZSECSENDCPRB)
890 return trans_xcRB32(filp, cmd, arg);
891 return zcrypt_unlocked_ioctl(filp, cmd, arg);
893 #endif
896 * Misc device file operations.
898 static const struct file_operations zcrypt_fops = {
899 .owner = THIS_MODULE,
900 .read = zcrypt_read,
901 .write = zcrypt_write,
902 .unlocked_ioctl = zcrypt_unlocked_ioctl,
903 #ifdef CONFIG_COMPAT
904 .compat_ioctl = zcrypt_compat_ioctl,
905 #endif
906 .open = zcrypt_open,
907 .release = zcrypt_release,
908 .llseek = no_llseek,
912 * Misc device.
914 static struct miscdevice zcrypt_misc_device = {
915 .minor = MISC_DYNAMIC_MINOR,
916 .name = "z90crypt",
917 .fops = &zcrypt_fops,
921 * Deprecated /proc entry support.
923 static struct proc_dir_entry *zcrypt_entry;
925 static void sprintcl(struct seq_file *m, unsigned char *addr, unsigned int len)
927 int i;
929 for (i = 0; i < len; i++)
930 seq_printf(m, "%01x", (unsigned int) addr[i]);
931 seq_putc(m, ' ');
934 static void sprintrw(struct seq_file *m, unsigned char *addr, unsigned int len)
936 int inl, c, cx;
938 seq_printf(m, " ");
939 inl = 0;
940 for (c = 0; c < (len / 16); c++) {
941 sprintcl(m, addr+inl, 16);
942 inl += 16;
944 cx = len%16;
945 if (cx) {
946 sprintcl(m, addr+inl, cx);
947 inl += cx;
949 seq_putc(m, '\n');
952 static void sprinthx(unsigned char *title, struct seq_file *m,
953 unsigned char *addr, unsigned int len)
955 int inl, r, rx;
957 seq_printf(m, "\n%s\n", title);
958 inl = 0;
959 for (r = 0; r < (len / 64); r++) {
960 sprintrw(m, addr+inl, 64);
961 inl += 64;
963 rx = len % 64;
964 if (rx) {
965 sprintrw(m, addr+inl, rx);
966 inl += rx;
968 seq_putc(m, '\n');
971 static void sprinthx4(unsigned char *title, struct seq_file *m,
972 unsigned int *array, unsigned int len)
974 int r;
976 seq_printf(m, "\n%s\n", title);
977 for (r = 0; r < len; r++) {
978 if ((r % 8) == 0)
979 seq_printf(m, " ");
980 seq_printf(m, "%08X ", array[r]);
981 if ((r % 8) == 7)
982 seq_putc(m, '\n');
984 seq_putc(m, '\n');
987 static int zcrypt_proc_show(struct seq_file *m, void *v)
989 char workarea[sizeof(int) * AP_DEVICES];
991 seq_printf(m, "\nzcrypt version: %d.%d.%d\n",
992 ZCRYPT_VERSION, ZCRYPT_RELEASE, ZCRYPT_VARIANT);
993 seq_printf(m, "Cryptographic domain: %d\n", ap_domain_index);
994 seq_printf(m, "Total device count: %d\n", zcrypt_device_count);
995 seq_printf(m, "PCICA count: %d\n", zcrypt_count_type(ZCRYPT_PCICA));
996 seq_printf(m, "PCICC count: %d\n", zcrypt_count_type(ZCRYPT_PCICC));
997 seq_printf(m, "PCIXCC MCL2 count: %d\n",
998 zcrypt_count_type(ZCRYPT_PCIXCC_MCL2));
999 seq_printf(m, "PCIXCC MCL3 count: %d\n",
1000 zcrypt_count_type(ZCRYPT_PCIXCC_MCL3));
1001 seq_printf(m, "CEX2C count: %d\n", zcrypt_count_type(ZCRYPT_CEX2C));
1002 seq_printf(m, "CEX2A count: %d\n", zcrypt_count_type(ZCRYPT_CEX2A));
1003 seq_printf(m, "CEX3C count: %d\n", zcrypt_count_type(ZCRYPT_CEX3C));
1004 seq_printf(m, "CEX3A count: %d\n", zcrypt_count_type(ZCRYPT_CEX3A));
1005 seq_printf(m, "requestq count: %d\n", zcrypt_requestq_count());
1006 seq_printf(m, "pendingq count: %d\n", zcrypt_pendingq_count());
1007 seq_printf(m, "Total open handles: %d\n\n",
1008 atomic_read(&zcrypt_open_count));
1009 zcrypt_status_mask(workarea);
1010 sprinthx("Online devices: 1=PCICA 2=PCICC 3=PCIXCC(MCL2) "
1011 "4=PCIXCC(MCL3) 5=CEX2C 6=CEX2A 7=CEX3C 8=CEX3A",
1012 m, workarea, AP_DEVICES);
1013 zcrypt_qdepth_mask(workarea);
1014 sprinthx("Waiting work element counts", m, workarea, AP_DEVICES);
1015 zcrypt_perdev_reqcnt((int *) workarea);
1016 sprinthx4("Per-device successfully completed request counts",
1017 m, (unsigned int *) workarea, AP_DEVICES);
1018 return 0;
1021 static int zcrypt_proc_open(struct inode *inode, struct file *file)
1023 return single_open(file, zcrypt_proc_show, NULL);
1026 static void zcrypt_disable_card(int index)
1028 struct zcrypt_device *zdev;
1030 spin_lock_bh(&zcrypt_device_lock);
1031 list_for_each_entry(zdev, &zcrypt_device_list, list)
1032 if (AP_QID_DEVICE(zdev->ap_dev->qid) == index) {
1033 zdev->online = 0;
1034 ap_flush_queue(zdev->ap_dev);
1035 break;
1037 spin_unlock_bh(&zcrypt_device_lock);
1040 static void zcrypt_enable_card(int index)
1042 struct zcrypt_device *zdev;
1044 spin_lock_bh(&zcrypt_device_lock);
1045 list_for_each_entry(zdev, &zcrypt_device_list, list)
1046 if (AP_QID_DEVICE(zdev->ap_dev->qid) == index) {
1047 zdev->online = 1;
1048 break;
1050 spin_unlock_bh(&zcrypt_device_lock);
1053 static ssize_t zcrypt_proc_write(struct file *file, const char __user *buffer,
1054 size_t count, loff_t *pos)
1056 unsigned char *lbuf, *ptr;
1057 size_t local_count;
1058 int j;
1060 if (count <= 0)
1061 return 0;
1063 #define LBUFSIZE 1200UL
1064 lbuf = kmalloc(LBUFSIZE, GFP_KERNEL);
1065 if (!lbuf)
1066 return 0;
1068 local_count = min(LBUFSIZE - 1, count);
1069 if (copy_from_user(lbuf, buffer, local_count) != 0) {
1070 kfree(lbuf);
1071 return -EFAULT;
1073 lbuf[local_count] = '\0';
1075 ptr = strstr(lbuf, "Online devices");
1076 if (!ptr)
1077 goto out;
1078 ptr = strstr(ptr, "\n");
1079 if (!ptr)
1080 goto out;
1081 ptr++;
1083 if (strstr(ptr, "Waiting work element counts") == NULL)
1084 goto out;
1086 for (j = 0; j < 64 && *ptr; ptr++) {
1088 * '0' for no device, '1' for PCICA, '2' for PCICC,
1089 * '3' for PCIXCC_MCL2, '4' for PCIXCC_MCL3,
1090 * '5' for CEX2C and '6' for CEX2A'
1091 * '7' for CEX3C and '8' for CEX3A
1093 if (*ptr >= '0' && *ptr <= '8')
1094 j++;
1095 else if (*ptr == 'd' || *ptr == 'D')
1096 zcrypt_disable_card(j++);
1097 else if (*ptr == 'e' || *ptr == 'E')
1098 zcrypt_enable_card(j++);
1099 else if (*ptr != ' ' && *ptr != '\t')
1100 break;
1102 out:
1103 kfree(lbuf);
1104 return count;
1107 static const struct file_operations zcrypt_proc_fops = {
1108 .owner = THIS_MODULE,
1109 .open = zcrypt_proc_open,
1110 .read = seq_read,
1111 .llseek = seq_lseek,
1112 .release = single_release,
1113 .write = zcrypt_proc_write,
1116 static int zcrypt_rng_device_count;
1117 static u32 *zcrypt_rng_buffer;
1118 static int zcrypt_rng_buffer_index;
1119 static DEFINE_MUTEX(zcrypt_rng_mutex);
1121 static int zcrypt_rng_data_read(struct hwrng *rng, u32 *data)
1123 int rc;
1126 * We don't need locking here because the RNG API guarantees serialized
1127 * read method calls.
1129 if (zcrypt_rng_buffer_index == 0) {
1130 rc = zcrypt_rng((char *) zcrypt_rng_buffer);
1131 if (rc < 0)
1132 return -EIO;
1133 zcrypt_rng_buffer_index = rc / sizeof *data;
1135 *data = zcrypt_rng_buffer[--zcrypt_rng_buffer_index];
1136 return sizeof *data;
1139 static struct hwrng zcrypt_rng_dev = {
1140 .name = "zcrypt",
1141 .data_read = zcrypt_rng_data_read,
1144 static int zcrypt_rng_device_add(void)
1146 int rc = 0;
1148 mutex_lock(&zcrypt_rng_mutex);
1149 if (zcrypt_rng_device_count == 0) {
1150 zcrypt_rng_buffer = (u32 *) get_zeroed_page(GFP_KERNEL);
1151 if (!zcrypt_rng_buffer) {
1152 rc = -ENOMEM;
1153 goto out;
1155 zcrypt_rng_buffer_index = 0;
1156 rc = hwrng_register(&zcrypt_rng_dev);
1157 if (rc)
1158 goto out_free;
1159 zcrypt_rng_device_count = 1;
1160 } else
1161 zcrypt_rng_device_count++;
1162 mutex_unlock(&zcrypt_rng_mutex);
1163 return 0;
1165 out_free:
1166 free_page((unsigned long) zcrypt_rng_buffer);
1167 out:
1168 mutex_unlock(&zcrypt_rng_mutex);
1169 return rc;
1172 static void zcrypt_rng_device_remove(void)
1174 mutex_lock(&zcrypt_rng_mutex);
1175 zcrypt_rng_device_count--;
1176 if (zcrypt_rng_device_count == 0) {
1177 hwrng_unregister(&zcrypt_rng_dev);
1178 free_page((unsigned long) zcrypt_rng_buffer);
1180 mutex_unlock(&zcrypt_rng_mutex);
1184 * zcrypt_api_init(): Module initialization.
1186 * The module initialization code.
1188 int __init zcrypt_api_init(void)
1190 int rc;
1192 /* Register the request sprayer. */
1193 rc = misc_register(&zcrypt_misc_device);
1194 if (rc < 0)
1195 goto out;
1197 /* Set up the proc file system */
1198 zcrypt_entry = proc_create("driver/z90crypt", 0644, NULL, &zcrypt_proc_fops);
1199 if (!zcrypt_entry) {
1200 rc = -ENOMEM;
1201 goto out_misc;
1204 return 0;
1206 out_misc:
1207 misc_deregister(&zcrypt_misc_device);
1208 out:
1209 return rc;
1213 * zcrypt_api_exit(): Module termination.
1215 * The module termination code.
1217 void zcrypt_api_exit(void)
1219 remove_proc_entry("driver/z90crypt", NULL);
1220 misc_deregister(&zcrypt_misc_device);
1223 #ifndef CONFIG_ZCRYPT_MONOLITHIC
1224 module_init(zcrypt_api_init);
1225 module_exit(zcrypt_api_exit);
1226 #endif