search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 2.6.26-rc5
[linux-2.6/openmoko-kernel/knife-kernel.git] / drivers / s390 / crypto / zcrypt_api.c
blob4d36e805a2348b40995c76625986559f735c5978
1 /*
2 * linux/drivers/s390/crypto/zcrypt_api.c
3 *
4 * zcrypt 2.1.0
5 *
6 * Copyright (C) 2001, 2006 IBM Corporation
7 * Author(s): Robert Burroughs
8 * Eric Rossman (edrossma@us.ibm.com)
9 * Cornelia Huck <cornelia.huck@de.ibm.com>
10 *
11 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
12 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
13 * Ralph Wuerthner <rwuerthn@de.ibm.com>
14 *
15 * This program is free software; you can redistribute it and/or modify
16 * it under the terms of the GNU General Public License as published by
17 * the Free Software Foundation; either version 2, or (at your option)
18 * any later version.
19 *
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * You should have received a copy of the GNU General Public License
26 * along with this program; if not, write to the Free Software
27 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 */
29
30 #include <linux/module.h>
31 #include <linux/init.h>
32 #include <linux/interrupt.h>
33 #include <linux/miscdevice.h>
34 #include <linux/fs.h>
35 #include <linux/proc_fs.h>
36 #include <linux/compat.h>
37 #include <asm/atomic.h>
38 #include <asm/uaccess.h>
39 #include <linux/hw_random.h>
40
41 #include "zcrypt_api.h"
42
43 /*
44 * Module description.
45 */
46 MODULE_AUTHOR("IBM Corporation");
47 MODULE_DESCRIPTION("Cryptographic Coprocessor interface, "
48 "Copyright 2001, 2006 IBM Corporation");
49 MODULE_LICENSE("GPL");
50
51 static DEFINE_SPINLOCK(zcrypt_device_lock);
52 static LIST_HEAD(zcrypt_device_list);
53 static int zcrypt_device_count = 0;
54 static atomic_t zcrypt_open_count = ATOMIC_INIT(0);
55
56 static int zcrypt_rng_device_add(void);
57 static void zcrypt_rng_device_remove(void);
58
59 /*
60 * Device attributes common for all crypto devices.
61 */
62 static ssize_t zcrypt_type_show(struct device *dev,
63 struct device_attribute *attr, char *buf)
64 {
65 struct zcrypt_device *zdev = to_ap_dev(dev)->private;
66 return snprintf(buf, PAGE_SIZE, "%s\n", zdev->type_string);
67 }
68
69 static DEVICE_ATTR(type, 0444, zcrypt_type_show, NULL);
70
71 static ssize_t zcrypt_online_show(struct device *dev,
72 struct device_attribute *attr, char *buf)
73 {
74 struct zcrypt_device *zdev = to_ap_dev(dev)->private;
75 return snprintf(buf, PAGE_SIZE, "%d\n", zdev->online);
76 }
77
78 static ssize_t zcrypt_online_store(struct device *dev,
79 struct device_attribute *attr,
80 const char *buf, size_t count)
81 {
82 struct zcrypt_device *zdev = to_ap_dev(dev)->private;
83 int online;
84
85 if (sscanf(buf, "%d\n", &online) != 1 || online < 0 || online > 1)
86 return -EINVAL;
87 zdev->online = online;
88 if (!online)
89 ap_flush_queue(zdev->ap_dev);
90 return count;
91 }
92
93 static DEVICE_ATTR(online, 0644, zcrypt_online_show, zcrypt_online_store);
94
95 static struct attribute * zcrypt_device_attrs[] = {
96 &dev_attr_type.attr,
97 &dev_attr_online.attr,
98 NULL,
99 };
100
101 static struct attribute_group zcrypt_device_attr_group = {
102 .attrs = zcrypt_device_attrs,
103 };
104
105 /**
106 * __zcrypt_increase_preference(): Increase preference of a crypto device.
107 * @zdev: Pointer the crypto device
108 *
109 * Move the device towards the head of the device list.
110 * Need to be called while holding the zcrypt device list lock.
111 * Note: cards with speed_rating of 0 are kept at the end of the list.
112 */
113 static void __zcrypt_increase_preference(struct zcrypt_device *zdev)
114 {
115 struct zcrypt_device *tmp;
116 struct list_head *l;
117
118 if (zdev->speed_rating == 0)
119 return;
120 for (l = zdev->list.prev; l != &zcrypt_device_list; l = l->prev) {
121 tmp = list_entry(l, struct zcrypt_device, list);
122 if ((tmp->request_count + 1) * tmp->speed_rating <=
123 (zdev->request_count + 1) * zdev->speed_rating &&
124 tmp->speed_rating != 0)
125 break;
126 }
127 if (l == zdev->list.prev)
128 return;
129 /* Move zdev behind l */
130 list_del(&zdev->list);
131 list_add(&zdev->list, l);
132 }
133
134 /**
135 * __zcrypt_decrease_preference(): Decrease preference of a crypto device.
136 * @zdev: Pointer to a crypto device.
137 *
138 * Move the device towards the tail of the device list.
139 * Need to be called while holding the zcrypt device list lock.
140 * Note: cards with speed_rating of 0 are kept at the end of the list.
141 */
142 static void __zcrypt_decrease_preference(struct zcrypt_device *zdev)
143 {
144 struct zcrypt_device *tmp;
145 struct list_head *l;
146
147 if (zdev->speed_rating == 0)
148 return;
149 for (l = zdev->list.next; l != &zcrypt_device_list; l = l->next) {
150 tmp = list_entry(l, struct zcrypt_device, list);
151 if ((tmp->request_count + 1) * tmp->speed_rating >
152 (zdev->request_count + 1) * zdev->speed_rating ||
153 tmp->speed_rating == 0)
154 break;
155 }
156 if (l == zdev->list.next)
157 return;
158 /* Move zdev before l */
159 list_del(&zdev->list);
160 list_add_tail(&zdev->list, l);
161 }
162
163 static void zcrypt_device_release(struct kref *kref)
164 {
165 struct zcrypt_device *zdev =
166 container_of(kref, struct zcrypt_device, refcount);
167 zcrypt_device_free(zdev);
168 }
169
170 void zcrypt_device_get(struct zcrypt_device *zdev)
171 {
172 kref_get(&zdev->refcount);
173 }
174 EXPORT_SYMBOL(zcrypt_device_get);
175
176 int zcrypt_device_put(struct zcrypt_device *zdev)
177 {
178 return kref_put(&zdev->refcount, zcrypt_device_release);
179 }
180 EXPORT_SYMBOL(zcrypt_device_put);
181
182 struct zcrypt_device *zcrypt_device_alloc(size_t max_response_size)
183 {
184 struct zcrypt_device *zdev;
185
186 zdev = kzalloc(sizeof(struct zcrypt_device), GFP_KERNEL);
187 if (!zdev)
188 return NULL;
189 zdev->reply.message = kmalloc(max_response_size, GFP_KERNEL);
190 if (!zdev->reply.message)
191 goto out_free;
192 zdev->reply.length = max_response_size;
193 spin_lock_init(&zdev->lock);
194 INIT_LIST_HEAD(&zdev->list);
195 return zdev;
196
197 out_free:
198 kfree(zdev);
199 return NULL;
200 }
201 EXPORT_SYMBOL(zcrypt_device_alloc);
202
203 void zcrypt_device_free(struct zcrypt_device *zdev)
204 {
205 kfree(zdev->reply.message);
206 kfree(zdev);
207 }
208 EXPORT_SYMBOL(zcrypt_device_free);
209
210 /**
211 * zcrypt_device_register() - Register a crypto device.
212 * @zdev: Pointer to a crypto device
213 *
214 * Register a crypto device. Returns 0 if successful.
215 */
216 int zcrypt_device_register(struct zcrypt_device *zdev)
217 {
218 int rc;
219
220 rc = sysfs_create_group(&zdev->ap_dev->device.kobj,
221 &zcrypt_device_attr_group);
222 if (rc)
223 goto out;
224 get_device(&zdev->ap_dev->device);
225 kref_init(&zdev->refcount);
226 spin_lock_bh(&zcrypt_device_lock);
227 zdev->online = 1; /* New devices are online by default. */
228 list_add_tail(&zdev->list, &zcrypt_device_list);
229 __zcrypt_increase_preference(zdev);
230 zcrypt_device_count++;
231 spin_unlock_bh(&zcrypt_device_lock);
232 if (zdev->ops->rng) {
233 rc = zcrypt_rng_device_add();
234 if (rc)
235 goto out_unregister;
236 }
237 return 0;
238
239 out_unregister:
240 spin_lock_bh(&zcrypt_device_lock);
241 zcrypt_device_count--;
242 list_del_init(&zdev->list);
243 spin_unlock_bh(&zcrypt_device_lock);
244 sysfs_remove_group(&zdev->ap_dev->device.kobj,
245 &zcrypt_device_attr_group);
246 put_device(&zdev->ap_dev->device);
247 zcrypt_device_put(zdev);
248 out:
249 return rc;
250 }
251 EXPORT_SYMBOL(zcrypt_device_register);
252
253 /**
254 * zcrypt_device_unregister(): Unregister a crypto device.
255 * @zdev: Pointer to crypto device
256 *
257 * Unregister a crypto device.
258 */
259 void zcrypt_device_unregister(struct zcrypt_device *zdev)
260 {
261 if (zdev->ops->rng)
262 zcrypt_rng_device_remove();
263 spin_lock_bh(&zcrypt_device_lock);
264 zcrypt_device_count--;
265 list_del_init(&zdev->list);
266 spin_unlock_bh(&zcrypt_device_lock);
267 sysfs_remove_group(&zdev->ap_dev->device.kobj,
268 &zcrypt_device_attr_group);
269 put_device(&zdev->ap_dev->device);
270 zcrypt_device_put(zdev);
271 }
272 EXPORT_SYMBOL(zcrypt_device_unregister);
273
274 /**
275 * zcrypt_read (): Not supported beyond zcrypt 1.3.1.
276 *
277 * This function is not supported beyond zcrypt 1.3.1.
278 */
279 static ssize_t zcrypt_read(struct file *filp, char __user *buf,
280 size_t count, loff_t *f_pos)
281 {
282 return -EPERM;
283 }
284
285 /**
286 * zcrypt_write(): Not allowed.
287 *
288 * Write is is not allowed
289 */
290 static ssize_t zcrypt_write(struct file *filp, const char __user *buf,
291 size_t count, loff_t *f_pos)
292 {
293 return -EPERM;
294 }
295
296 /**
297 * zcrypt_open(): Count number of users.
298 *
299 * Device open function to count number of users.
300 */
301 static int zcrypt_open(struct inode *inode, struct file *filp)
302 {
303 atomic_inc(&zcrypt_open_count);
304 return 0;
305 }
306
307 /**
308 * zcrypt_release(): Count number of users.
309 *
310 * Device close function to count number of users.
311 */
312 static int zcrypt_release(struct inode *inode, struct file *filp)
313 {
314 atomic_dec(&zcrypt_open_count);
315 return 0;
316 }
317
318 /*
319 * zcrypt ioctls.
320 */
321 static long zcrypt_rsa_modexpo(struct ica_rsa_modexpo *mex)
322 {
323 struct zcrypt_device *zdev;
324 int rc;
325
326 if (mex->outputdatalength < mex->inputdatalength)
327 return -EINVAL;
328 /*
329 * As long as outputdatalength is big enough, we can set the
330 * outputdatalength equal to the inputdatalength, since that is the
331 * number of bytes we will copy in any case
332 */
333 mex->outputdatalength = mex->inputdatalength;
334
335 spin_lock_bh(&zcrypt_device_lock);
336 list_for_each_entry(zdev, &zcrypt_device_list, list) {
337 if (!zdev->online ||
338 !zdev->ops->rsa_modexpo ||
339 zdev->min_mod_size > mex->inputdatalength ||
340 zdev->max_mod_size < mex->inputdatalength)
341 continue;
342 zcrypt_device_get(zdev);
343 get_device(&zdev->ap_dev->device);
344 zdev->request_count++;
345 __zcrypt_decrease_preference(zdev);
346 if (try_module_get(zdev->ap_dev->drv->driver.owner)) {
347 spin_unlock_bh(&zcrypt_device_lock);
348 rc = zdev->ops->rsa_modexpo(zdev, mex);
349 spin_lock_bh(&zcrypt_device_lock);
350 module_put(zdev->ap_dev->drv->driver.owner);
351 }
352 else
353 rc = -EAGAIN;
354 zdev->request_count--;
355 __zcrypt_increase_preference(zdev);
356 put_device(&zdev->ap_dev->device);
357 zcrypt_device_put(zdev);
358 spin_unlock_bh(&zcrypt_device_lock);
359 return rc;
360 }
361 spin_unlock_bh(&zcrypt_device_lock);
362 return -ENODEV;
363 }
364
365 static long zcrypt_rsa_crt(struct ica_rsa_modexpo_crt *crt)
366 {
367 struct zcrypt_device *zdev;
368 unsigned long long z1, z2, z3;
369 int rc, copied;
370
371 if (crt->outputdatalength < crt->inputdatalength ||
372 (crt->inputdatalength & 1))
373 return -EINVAL;
374 /*
375 * As long as outputdatalength is big enough, we can set the
376 * outputdatalength equal to the inputdatalength, since that is the
377 * number of bytes we will copy in any case
378 */
379 crt->outputdatalength = crt->inputdatalength;
380
381 copied = 0;
382 restart:
383 spin_lock_bh(&zcrypt_device_lock);
384 list_for_each_entry(zdev, &zcrypt_device_list, list) {
385 if (!zdev->online ||
386 !zdev->ops->rsa_modexpo_crt ||
387 zdev->min_mod_size > crt->inputdatalength ||
388 zdev->max_mod_size < crt->inputdatalength)
389 continue;
390 if (zdev->short_crt && crt->inputdatalength > 240) {
391 /*
392 * Check inputdata for leading zeros for cards
393 * that can't handle np_prime, bp_key, or
394 * u_mult_inv > 128 bytes.
395 */
396 if (copied == 0) {
397 int len;
398 spin_unlock_bh(&zcrypt_device_lock);
399 /* len is max 256 / 2 - 120 = 8 */
400 len = crt->inputdatalength / 2 - 120;
401 z1 = z2 = z3 = 0;
402 if (copy_from_user(&z1, crt->np_prime, len) ||
403 copy_from_user(&z2, crt->bp_key, len) ||
404 copy_from_user(&z3, crt->u_mult_inv, len))
405 return -EFAULT;
406 copied = 1;
407 /*
408 * We have to restart device lookup -
409 * the device list may have changed by now.
410 */
411 goto restart;
412 }
413 if (z1 != 0ULL || z2 != 0ULL || z3 != 0ULL)
414 /* The device can't handle this request. */
415 continue;
416 }
417 zcrypt_device_get(zdev);
418 get_device(&zdev->ap_dev->device);
419 zdev->request_count++;
420 __zcrypt_decrease_preference(zdev);
421 if (try_module_get(zdev->ap_dev->drv->driver.owner)) {
422 spin_unlock_bh(&zcrypt_device_lock);
423 rc = zdev->ops->rsa_modexpo_crt(zdev, crt);
424 spin_lock_bh(&zcrypt_device_lock);
425 module_put(zdev->ap_dev->drv->driver.owner);
426 }
427 else
428 rc = -EAGAIN;
429 zdev->request_count--;
430 __zcrypt_increase_preference(zdev);
431 put_device(&zdev->ap_dev->device);
432 zcrypt_device_put(zdev);
433 spin_unlock_bh(&zcrypt_device_lock);
434 return rc;
435 }
436 spin_unlock_bh(&zcrypt_device_lock);
437 return -ENODEV;
438 }
439
440 static long zcrypt_send_cprb(struct ica_xcRB *xcRB)
441 {
442 struct zcrypt_device *zdev;
443 int rc;
444
445 spin_lock_bh(&zcrypt_device_lock);
446 list_for_each_entry(zdev, &zcrypt_device_list, list) {
447 if (!zdev->online || !zdev->ops->send_cprb ||
448 (xcRB->user_defined != AUTOSELECT &&
449 AP_QID_DEVICE(zdev->ap_dev->qid) != xcRB->user_defined)
450 )
451 continue;
452 zcrypt_device_get(zdev);
453 get_device(&zdev->ap_dev->device);
454 zdev->request_count++;
455 __zcrypt_decrease_preference(zdev);
456 if (try_module_get(zdev->ap_dev->drv->driver.owner)) {
457 spin_unlock_bh(&zcrypt_device_lock);
458 rc = zdev->ops->send_cprb(zdev, xcRB);
459 spin_lock_bh(&zcrypt_device_lock);
460 module_put(zdev->ap_dev->drv->driver.owner);
461 }
462 else
463 rc = -EAGAIN;
464 zdev->request_count--;
465 __zcrypt_increase_preference(zdev);
466 put_device(&zdev->ap_dev->device);
467 zcrypt_device_put(zdev);
468 spin_unlock_bh(&zcrypt_device_lock);
469 return rc;
470 }
471 spin_unlock_bh(&zcrypt_device_lock);
472 return -ENODEV;
473 }
474
475 static long zcrypt_rng(char *buffer)
476 {
477 struct zcrypt_device *zdev;
478 int rc;
479
480 spin_lock_bh(&zcrypt_device_lock);
481 list_for_each_entry(zdev, &zcrypt_device_list, list) {
482 if (!zdev->online || !zdev->ops->rng)
483 continue;
484 zcrypt_device_get(zdev);
485 get_device(&zdev->ap_dev->device);
486 zdev->request_count++;
487 __zcrypt_decrease_preference(zdev);
488 if (try_module_get(zdev->ap_dev->drv->driver.owner)) {
489 spin_unlock_bh(&zcrypt_device_lock);
490 rc = zdev->ops->rng(zdev, buffer);
491 spin_lock_bh(&zcrypt_device_lock);
492 module_put(zdev->ap_dev->drv->driver.owner);
493 } else
494 rc = -EAGAIN;
495 zdev->request_count--;
496 __zcrypt_increase_preference(zdev);
497 put_device(&zdev->ap_dev->device);
498 zcrypt_device_put(zdev);
499 spin_unlock_bh(&zcrypt_device_lock);
500 return rc;
501 }
502 spin_unlock_bh(&zcrypt_device_lock);
503 return -ENODEV;
504 }
505
506 static void zcrypt_status_mask(char status[AP_DEVICES])
507 {
508 struct zcrypt_device *zdev;
509
510 memset(status, 0, sizeof(char) * AP_DEVICES);
511 spin_lock_bh(&zcrypt_device_lock);
512 list_for_each_entry(zdev, &zcrypt_device_list, list)
513 status[AP_QID_DEVICE(zdev->ap_dev->qid)] =
514 zdev->online ? zdev->user_space_type : 0x0d;
515 spin_unlock_bh(&zcrypt_device_lock);
516 }
517
518 static void zcrypt_qdepth_mask(char qdepth[AP_DEVICES])
519 {
520 struct zcrypt_device *zdev;
521
522 memset(qdepth, 0, sizeof(char) * AP_DEVICES);
523 spin_lock_bh(&zcrypt_device_lock);
524 list_for_each_entry(zdev, &zcrypt_device_list, list) {
525 spin_lock(&zdev->ap_dev->lock);
526 qdepth[AP_QID_DEVICE(zdev->ap_dev->qid)] =
527 zdev->ap_dev->pendingq_count +
528 zdev->ap_dev->requestq_count;
529 spin_unlock(&zdev->ap_dev->lock);
530 }
531 spin_unlock_bh(&zcrypt_device_lock);
532 }
533
534 static void zcrypt_perdev_reqcnt(int reqcnt[AP_DEVICES])
535 {
536 struct zcrypt_device *zdev;
537
538 memset(reqcnt, 0, sizeof(int) * AP_DEVICES);
539 spin_lock_bh(&zcrypt_device_lock);
540 list_for_each_entry(zdev, &zcrypt_device_list, list) {
541 spin_lock(&zdev->ap_dev->lock);
542 reqcnt[AP_QID_DEVICE(zdev->ap_dev->qid)] =
543 zdev->ap_dev->total_request_count;
544 spin_unlock(&zdev->ap_dev->lock);
545 }
546 spin_unlock_bh(&zcrypt_device_lock);
547 }
548
549 static int zcrypt_pendingq_count(void)
550 {
551 struct zcrypt_device *zdev;
552 int pendingq_count = 0;
553
554 spin_lock_bh(&zcrypt_device_lock);
555 list_for_each_entry(zdev, &zcrypt_device_list, list) {
556 spin_lock(&zdev->ap_dev->lock);
557 pendingq_count += zdev->ap_dev->pendingq_count;
558 spin_unlock(&zdev->ap_dev->lock);
559 }
560 spin_unlock_bh(&zcrypt_device_lock);
561 return pendingq_count;
562 }
563
564 static int zcrypt_requestq_count(void)
565 {
566 struct zcrypt_device *zdev;
567 int requestq_count = 0;
568
569 spin_lock_bh(&zcrypt_device_lock);
570 list_for_each_entry(zdev, &zcrypt_device_list, list) {
571 spin_lock(&zdev->ap_dev->lock);
572 requestq_count += zdev->ap_dev->requestq_count;
573 spin_unlock(&zdev->ap_dev->lock);
574 }
575 spin_unlock_bh(&zcrypt_device_lock);
576 return requestq_count;
577 }
578
579 static int zcrypt_count_type(int type)
580 {
581 struct zcrypt_device *zdev;
582 int device_count = 0;
583
584 spin_lock_bh(&zcrypt_device_lock);
585 list_for_each_entry(zdev, &zcrypt_device_list, list)
586 if (zdev->user_space_type == type)
587 device_count++;
588 spin_unlock_bh(&zcrypt_device_lock);
589 return device_count;
590 }
591
592 /**
593 * zcrypt_ica_status(): Old, depracted combi status call.
594 *
595 * Old, deprecated combi status call.
596 */
597 static long zcrypt_ica_status(struct file *filp, unsigned long arg)
598 {
599 struct ica_z90_status *pstat;
600 int ret;
601
602 pstat = kzalloc(sizeof(*pstat), GFP_KERNEL);
603 if (!pstat)
604 return -ENOMEM;
605 pstat->totalcount = zcrypt_device_count;
606 pstat->leedslitecount = zcrypt_count_type(ZCRYPT_PCICA);
607 pstat->leeds2count = zcrypt_count_type(ZCRYPT_PCICC);
608 pstat->requestqWaitCount = zcrypt_requestq_count();
609 pstat->pendingqWaitCount = zcrypt_pendingq_count();
610 pstat->totalOpenCount = atomic_read(&zcrypt_open_count);
611 pstat->cryptoDomain = ap_domain_index;
612 zcrypt_status_mask(pstat->status);
613 zcrypt_qdepth_mask(pstat->qdepth);
614 ret = 0;
615 if (copy_to_user((void __user *) arg, pstat, sizeof(*pstat)))
616 ret = -EFAULT;
617 kfree(pstat);
618 return ret;
619 }
620
621 static long zcrypt_unlocked_ioctl(struct file *filp, unsigned int cmd,
622 unsigned long arg)
623 {
624 int rc;
625
626 switch (cmd) {
627 case ICARSAMODEXPO: {
628 struct ica_rsa_modexpo __user *umex = (void __user *) arg;
629 struct ica_rsa_modexpo mex;
630 if (copy_from_user(&mex, umex, sizeof(mex)))
631 return -EFAULT;
632 do {
633 rc = zcrypt_rsa_modexpo(&mex);
634 } while (rc == -EAGAIN);
635 if (rc)
636 return rc;
637 return put_user(mex.outputdatalength, &umex->outputdatalength);
638 }
639 case ICARSACRT: {
640 struct ica_rsa_modexpo_crt __user *ucrt = (void __user *) arg;
641 struct ica_rsa_modexpo_crt crt;
642 if (copy_from_user(&crt, ucrt, sizeof(crt)))
643 return -EFAULT;
644 do {
645 rc = zcrypt_rsa_crt(&crt);
646 } while (rc == -EAGAIN);
647 if (rc)
648 return rc;
649 return put_user(crt.outputdatalength, &ucrt->outputdatalength);
650 }
651 case ZSECSENDCPRB: {
652 struct ica_xcRB __user *uxcRB = (void __user *) arg;
653 struct ica_xcRB xcRB;
654 if (copy_from_user(&xcRB, uxcRB, sizeof(xcRB)))
655 return -EFAULT;
656 do {
657 rc = zcrypt_send_cprb(&xcRB);
658 } while (rc == -EAGAIN);
659 if (copy_to_user(uxcRB, &xcRB, sizeof(xcRB)))
660 return -EFAULT;
661 return rc;
662 }
663 case Z90STAT_STATUS_MASK: {
664 char status[AP_DEVICES];
665 zcrypt_status_mask(status);
666 if (copy_to_user((char __user *) arg, status,
667 sizeof(char) * AP_DEVICES))
668 return -EFAULT;
669 return 0;
670 }
671 case Z90STAT_QDEPTH_MASK: {
672 char qdepth[AP_DEVICES];
673 zcrypt_qdepth_mask(qdepth);
674 if (copy_to_user((char __user *) arg, qdepth,
675 sizeof(char) * AP_DEVICES))
676 return -EFAULT;
677 return 0;
678 }
679 case Z90STAT_PERDEV_REQCNT: {
680 int reqcnt[AP_DEVICES];
681 zcrypt_perdev_reqcnt(reqcnt);
682 if (copy_to_user((int __user *) arg, reqcnt,
683 sizeof(int) * AP_DEVICES))
684 return -EFAULT;
685 return 0;
686 }
687 case Z90STAT_REQUESTQ_COUNT:
688 return put_user(zcrypt_requestq_count(), (int __user *) arg);
689 case Z90STAT_PENDINGQ_COUNT:
690 return put_user(zcrypt_pendingq_count(), (int __user *) arg);
691 case Z90STAT_TOTALOPEN_COUNT:
692 return put_user(atomic_read(&zcrypt_open_count),
693 (int __user *) arg);
694 case Z90STAT_DOMAIN_INDEX:
695 return put_user(ap_domain_index, (int __user *) arg);
696 /*
697 * Deprecated ioctls. Don't add another device count ioctl,
698 * you can count them yourself in the user space with the
699 * output of the Z90STAT_STATUS_MASK ioctl.
700 */
701 case ICAZ90STATUS:
702 return zcrypt_ica_status(filp, arg);
703 case Z90STAT_TOTALCOUNT:
704 return put_user(zcrypt_device_count, (int __user *) arg);
705 case Z90STAT_PCICACOUNT:
706 return put_user(zcrypt_count_type(ZCRYPT_PCICA),
707 (int __user *) arg);
708 case Z90STAT_PCICCCOUNT:
709 return put_user(zcrypt_count_type(ZCRYPT_PCICC),
710 (int __user *) arg);
711 case Z90STAT_PCIXCCMCL2COUNT:
712 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL2),
713 (int __user *) arg);
714 case Z90STAT_PCIXCCMCL3COUNT:
715 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL3),
716 (int __user *) arg);
717 case Z90STAT_PCIXCCCOUNT:
718 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL2) +
719 zcrypt_count_type(ZCRYPT_PCIXCC_MCL3),
720 (int __user *) arg);
721 case Z90STAT_CEX2CCOUNT:
722 return put_user(zcrypt_count_type(ZCRYPT_CEX2C),
723 (int __user *) arg);
724 case Z90STAT_CEX2ACOUNT:
725 return put_user(zcrypt_count_type(ZCRYPT_CEX2A),
726 (int __user *) arg);
727 default:
728 /* unknown ioctl number */
729 return -ENOIOCTLCMD;
730 }
731 }
732
733 #ifdef CONFIG_COMPAT
734 /*
735 * ioctl32 conversion routines
736 */
737 struct compat_ica_rsa_modexpo {
738 compat_uptr_t inputdata;
739 unsigned int inputdatalength;
740 compat_uptr_t outputdata;
741 unsigned int outputdatalength;
742 compat_uptr_t b_key;
743 compat_uptr_t n_modulus;
744 };
745
746 static long trans_modexpo32(struct file *filp, unsigned int cmd,
747 unsigned long arg)
748 {
749 struct compat_ica_rsa_modexpo __user *umex32 = compat_ptr(arg);
750 struct compat_ica_rsa_modexpo mex32;
751 struct ica_rsa_modexpo mex64;
752 long rc;
753
754 if (copy_from_user(&mex32, umex32, sizeof(mex32)))
755 return -EFAULT;
756 mex64.inputdata = compat_ptr(mex32.inputdata);
757 mex64.inputdatalength = mex32.inputdatalength;
758 mex64.outputdata = compat_ptr(mex32.outputdata);
759 mex64.outputdatalength = mex32.outputdatalength;
760 mex64.b_key = compat_ptr(mex32.b_key);
761 mex64.n_modulus = compat_ptr(mex32.n_modulus);
762 do {
763 rc = zcrypt_rsa_modexpo(&mex64);
764 } while (rc == -EAGAIN);
765 if (!rc)
766 rc = put_user(mex64.outputdatalength,
767 &umex32->outputdatalength);
768 return rc;
769 }
770
771 struct compat_ica_rsa_modexpo_crt {
772 compat_uptr_t inputdata;
773 unsigned int inputdatalength;
774 compat_uptr_t outputdata;
775 unsigned int outputdatalength;
776 compat_uptr_t bp_key;
777 compat_uptr_t bq_key;
778 compat_uptr_t np_prime;
779 compat_uptr_t nq_prime;
780 compat_uptr_t u_mult_inv;
781 };
782
783 static long trans_modexpo_crt32(struct file *filp, unsigned int cmd,
784 unsigned long arg)
785 {
786 struct compat_ica_rsa_modexpo_crt __user *ucrt32 = compat_ptr(arg);
787 struct compat_ica_rsa_modexpo_crt crt32;
788 struct ica_rsa_modexpo_crt crt64;
789 long rc;
790
791 if (copy_from_user(&crt32, ucrt32, sizeof(crt32)))
792 return -EFAULT;
793 crt64.inputdata = compat_ptr(crt32.inputdata);
794 crt64.inputdatalength = crt32.inputdatalength;
795 crt64.outputdata= compat_ptr(crt32.outputdata);
796 crt64.outputdatalength = crt32.outputdatalength;
797 crt64.bp_key = compat_ptr(crt32.bp_key);
798 crt64.bq_key = compat_ptr(crt32.bq_key);
799 crt64.np_prime = compat_ptr(crt32.np_prime);
800 crt64.nq_prime = compat_ptr(crt32.nq_prime);
801 crt64.u_mult_inv = compat_ptr(crt32.u_mult_inv);
802 do {
803 rc = zcrypt_rsa_crt(&crt64);
804 } while (rc == -EAGAIN);
805 if (!rc)
806 rc = put_user(crt64.outputdatalength,
807 &ucrt32->outputdatalength);
808 return rc;
809 }
810
811 struct compat_ica_xcRB {
812 unsigned short agent_ID;
813 unsigned int user_defined;
814 unsigned short request_ID;
815 unsigned int request_control_blk_length;
816 unsigned char padding1[16 - sizeof (compat_uptr_t)];
817 compat_uptr_t request_control_blk_addr;
818 unsigned int request_data_length;
819 char padding2[16 - sizeof (compat_uptr_t)];
820 compat_uptr_t request_data_address;
821 unsigned int reply_control_blk_length;
822 char padding3[16 - sizeof (compat_uptr_t)];
823 compat_uptr_t reply_control_blk_addr;
824 unsigned int reply_data_length;
825 char padding4[16 - sizeof (compat_uptr_t)];
826 compat_uptr_t reply_data_addr;
827 unsigned short priority_window;
828 unsigned int status;
829 } __attribute__((packed));
830
831 static long trans_xcRB32(struct file *filp, unsigned int cmd,
832 unsigned long arg)
833 {
834 struct compat_ica_xcRB __user *uxcRB32 = compat_ptr(arg);
835 struct compat_ica_xcRB xcRB32;
836 struct ica_xcRB xcRB64;
837 long rc;
838
839 if (copy_from_user(&xcRB32, uxcRB32, sizeof(xcRB32)))
840 return -EFAULT;
841 xcRB64.agent_ID = xcRB32.agent_ID;
842 xcRB64.user_defined = xcRB32.user_defined;
843 xcRB64.request_ID = xcRB32.request_ID;
844 xcRB64.request_control_blk_length =
845 xcRB32.request_control_blk_length;
846 xcRB64.request_control_blk_addr =
847 compat_ptr(xcRB32.request_control_blk_addr);
848 xcRB64.request_data_length =
849 xcRB32.request_data_length;
850 xcRB64.request_data_address =
851 compat_ptr(xcRB32.request_data_address);
852 xcRB64.reply_control_blk_length =
853 xcRB32.reply_control_blk_length;
854 xcRB64.reply_control_blk_addr =
855 compat_ptr(xcRB32.reply_control_blk_addr);
856 xcRB64.reply_data_length = xcRB32.reply_data_length;
857 xcRB64.reply_data_addr =
858 compat_ptr(xcRB32.reply_data_addr);
859 xcRB64.priority_window = xcRB32.priority_window;
860 xcRB64.status = xcRB32.status;
861 do {
862 rc = zcrypt_send_cprb(&xcRB64);
863 } while (rc == -EAGAIN);
864 xcRB32.reply_control_blk_length = xcRB64.reply_control_blk_length;
865 xcRB32.reply_data_length = xcRB64.reply_data_length;
866 xcRB32.status = xcRB64.status;
867 if (copy_to_user(uxcRB32, &xcRB32, sizeof(xcRB32)))
868 return -EFAULT;
869 return rc;
870 }
871
872 static long zcrypt_compat_ioctl(struct file *filp, unsigned int cmd,
873 unsigned long arg)
874 {
875 if (cmd == ICARSAMODEXPO)
876 return trans_modexpo32(filp, cmd, arg);
877 if (cmd == ICARSACRT)
878 return trans_modexpo_crt32(filp, cmd, arg);
879 if (cmd == ZSECSENDCPRB)
880 return trans_xcRB32(filp, cmd, arg);
881 return zcrypt_unlocked_ioctl(filp, cmd, arg);
882 }
883 #endif
884
885 /*
886 * Misc device file operations.
887 */
888 static const struct file_operations zcrypt_fops = {
889 .owner = THIS_MODULE,
890 .read = zcrypt_read,
891 .write = zcrypt_write,
892 .unlocked_ioctl = zcrypt_unlocked_ioctl,
893 #ifdef CONFIG_COMPAT
894 .compat_ioctl = zcrypt_compat_ioctl,
895 #endif
896 .open = zcrypt_open,
897 .release = zcrypt_release
898 };
899
900 /*
901 * Misc device.
902 */
903 static struct miscdevice zcrypt_misc_device = {
904 .minor = MISC_DYNAMIC_MINOR,
905 .name = "z90crypt",
906 .fops = &zcrypt_fops,
907 };
908
909 /*
910 * Deprecated /proc entry support.
911 */
912 static struct proc_dir_entry *zcrypt_entry;
913
914 static int sprintcl(unsigned char *outaddr, unsigned char *addr,
915 unsigned int len)
916 {
917 int hl, i;
918
919 hl = 0;
920 for (i = 0; i < len; i++)
921 hl += sprintf(outaddr+hl, "%01x", (unsigned int) addr[i]);
922 hl += sprintf(outaddr+hl, " ");
923 return hl;
924 }
925
926 static int sprintrw(unsigned char *outaddr, unsigned char *addr,
927 unsigned int len)
928 {
929 int hl, inl, c, cx;
930
931 hl = sprintf(outaddr, " ");
932 inl = 0;
933 for (c = 0; c < (len / 16); c++) {
934 hl += sprintcl(outaddr+hl, addr+inl, 16);
935 inl += 16;
936 }
937 cx = len%16;
938 if (cx) {
939 hl += sprintcl(outaddr+hl, addr+inl, cx);
940 inl += cx;
941 }
942 hl += sprintf(outaddr+hl, "\n");
943 return hl;
944 }
945
946 static int sprinthx(unsigned char *title, unsigned char *outaddr,
947 unsigned char *addr, unsigned int len)
948 {
949 int hl, inl, r, rx;
950
951 hl = sprintf(outaddr, "\n%s\n", title);
952 inl = 0;
953 for (r = 0; r < (len / 64); r++) {
954 hl += sprintrw(outaddr+hl, addr+inl, 64);
955 inl += 64;
956 }
957 rx = len % 64;
958 if (rx) {
959 hl += sprintrw(outaddr+hl, addr+inl, rx);
960 inl += rx;
961 }
962 hl += sprintf(outaddr+hl, "\n");
963 return hl;
964 }
965
966 static int sprinthx4(unsigned char *title, unsigned char *outaddr,
967 unsigned int *array, unsigned int len)
968 {
969 int hl, r;
970
971 hl = sprintf(outaddr, "\n%s\n", title);
972 for (r = 0; r < len; r++) {
973 if ((r % 8) == 0)
974 hl += sprintf(outaddr+hl, " ");
975 hl += sprintf(outaddr+hl, "%08X ", array[r]);
976 if ((r % 8) == 7)
977 hl += sprintf(outaddr+hl, "\n");
978 }
979 hl += sprintf(outaddr+hl, "\n");
980 return hl;
981 }
982
983 static int zcrypt_status_read(char *resp_buff, char **start, off_t offset,
984 int count, int *eof, void *data)
985 {
986 unsigned char *workarea;
987 int len;
988
989 len = 0;
990
991 /* resp_buff is a page. Use the right half for a work area */
992 workarea = resp_buff + 2000;
993 len += sprintf(resp_buff + len, "\nzcrypt version: %d.%d.%d\n",
994 ZCRYPT_VERSION, ZCRYPT_RELEASE, ZCRYPT_VARIANT);
995 len += sprintf(resp_buff + len, "Cryptographic domain: %d\n",
996 ap_domain_index);
997 len += sprintf(resp_buff + len, "Total device count: %d\n",
998 zcrypt_device_count);
999 len += sprintf(resp_buff + len, "PCICA count: %d\n",
1000 zcrypt_count_type(ZCRYPT_PCICA));
1001 len += sprintf(resp_buff + len, "PCICC count: %d\n",
1002 zcrypt_count_type(ZCRYPT_PCICC));
1003 len += sprintf(resp_buff + len, "PCIXCC MCL2 count: %d\n",
1004 zcrypt_count_type(ZCRYPT_PCIXCC_MCL2));
1005 len += sprintf(resp_buff + len, "PCIXCC MCL3 count: %d\n",
1006 zcrypt_count_type(ZCRYPT_PCIXCC_MCL3));
1007 len += sprintf(resp_buff + len, "CEX2C count: %d\n",
1008 zcrypt_count_type(ZCRYPT_CEX2C));
1009 len += sprintf(resp_buff + len, "CEX2A count: %d\n",
1010 zcrypt_count_type(ZCRYPT_CEX2A));
1011 len += sprintf(resp_buff + len, "requestq count: %d\n",
1012 zcrypt_requestq_count());
1013 len += sprintf(resp_buff + len, "pendingq count: %d\n",
1014 zcrypt_pendingq_count());
1015 len += sprintf(resp_buff + len, "Total open handles: %d\n\n",
1016 atomic_read(&zcrypt_open_count));
1017 zcrypt_status_mask(workarea);
1018 len += sprinthx("Online devices: 1=PCICA 2=PCICC 3=PCIXCC(MCL2) "
1019 "4=PCIXCC(MCL3) 5=CEX2C 6=CEX2A",
1020 resp_buff+len, workarea, AP_DEVICES);
1021 zcrypt_qdepth_mask(workarea);
1022 len += sprinthx("Waiting work element counts",
1023 resp_buff+len, workarea, AP_DEVICES);
1024 zcrypt_perdev_reqcnt((int *) workarea);
1025 len += sprinthx4("Per-device successfully completed request counts",
1026 resp_buff+len,(unsigned int *) workarea, AP_DEVICES);
1027 *eof = 1;
1028 memset((void *) workarea, 0x00, AP_DEVICES * sizeof(unsigned int));
1029 return len;
1030 }
1031
1032 static void zcrypt_disable_card(int index)
1033 {
1034 struct zcrypt_device *zdev;
1035
1036 spin_lock_bh(&zcrypt_device_lock);
1037 list_for_each_entry(zdev, &zcrypt_device_list, list)
1038 if (AP_QID_DEVICE(zdev->ap_dev->qid) == index) {
1039 zdev->online = 0;
1040 ap_flush_queue(zdev->ap_dev);
1041 break;
1042 }
1043 spin_unlock_bh(&zcrypt_device_lock);
1044 }
1045
1046 static void zcrypt_enable_card(int index)
1047 {
1048 struct zcrypt_device *zdev;
1049
1050 spin_lock_bh(&zcrypt_device_lock);
1051 list_for_each_entry(zdev, &zcrypt_device_list, list)
1052 if (AP_QID_DEVICE(zdev->ap_dev->qid) == index) {
1053 zdev->online = 1;
1054 break;
1055 }
1056 spin_unlock_bh(&zcrypt_device_lock);
1057 }
1058
1059 static int zcrypt_status_write(struct file *file, const char __user *buffer,
1060 unsigned long count, void *data)
1061 {
1062 unsigned char *lbuf, *ptr;
1063 unsigned long local_count;
1064 int j;
1065
1066 if (count <= 0)
1067 return 0;
1068
1069 #define LBUFSIZE 1200UL
1070 lbuf = kmalloc(LBUFSIZE, GFP_KERNEL);
1071 if (!lbuf) {
1072 PRINTK("kmalloc failed!\n");
1073 return 0;
1074 }
1075
1076 local_count = min(LBUFSIZE - 1, count);
1077 if (copy_from_user(lbuf, buffer, local_count) != 0) {
1078 kfree(lbuf);
1079 return -EFAULT;
1080 }
1081 lbuf[local_count] = '\0';
1082
1083 ptr = strstr(lbuf, "Online devices");
1084 if (!ptr) {
1085 PRINTK("Unable to parse data (missing \"Online devices\")\n");
1086 goto out;
1087 }
1088 ptr = strstr(ptr, "\n");
1089 if (!ptr) {
1090 PRINTK("Unable to parse data (missing newline "
1091 "after \"Online devices\")\n");
1092 goto out;
1093 }
1094 ptr++;
1095
1096 if (strstr(ptr, "Waiting work element counts") == NULL) {
1097 PRINTK("Unable to parse data (missing "
1098 "\"Waiting work element counts\")\n");
1099 goto out;
1100 }
1101
1102 for (j = 0; j < 64 && *ptr; ptr++) {
1103 /*
1104 * '0' for no device, '1' for PCICA, '2' for PCICC,
1105 * '3' for PCIXCC_MCL2, '4' for PCIXCC_MCL3,
1106 * '5' for CEX2C and '6' for CEX2A'
1107 */
1108 if (*ptr >= '0' && *ptr <= '6')
1109 j++;
1110 else if (*ptr == 'd' || *ptr == 'D')
1111 zcrypt_disable_card(j++);
1112 else if (*ptr == 'e' || *ptr == 'E')
1113 zcrypt_enable_card(j++);
1114 else if (*ptr != ' ' && *ptr != '\t')
1115 break;
1116 }
1117 out:
1118 kfree(lbuf);
1119 return count;
1120 }
1121
1122 static int zcrypt_rng_device_count;
1123 static u32 *zcrypt_rng_buffer;
1124 static int zcrypt_rng_buffer_index;
1125 static DEFINE_MUTEX(zcrypt_rng_mutex);
1126
1127 static int zcrypt_rng_data_read(struct hwrng *rng, u32 *data)
1128 {
1129 int rc;
1130
1131 /*
1132 * We don't need locking here because the RNG API guarantees serialized
1133 * read method calls.
1134 */
1135 if (zcrypt_rng_buffer_index == 0) {
1136 rc = zcrypt_rng((char *) zcrypt_rng_buffer);
1137 if (rc < 0)
1138 return -EIO;
1139 zcrypt_rng_buffer_index = rc / sizeof *data;
1140 }
1141 *data = zcrypt_rng_buffer[--zcrypt_rng_buffer_index];
1142 return sizeof *data;
1143 }
1144
1145 static struct hwrng zcrypt_rng_dev = {
1146 .name = "zcrypt",
1147 .data_read = zcrypt_rng_data_read,
1148 };
1149
1150 static int zcrypt_rng_device_add(void)
1151 {
1152 int rc = 0;
1153
1154 mutex_lock(&zcrypt_rng_mutex);
1155 if (zcrypt_rng_device_count == 0) {
1156 zcrypt_rng_buffer = (u32 *) get_zeroed_page(GFP_KERNEL);
1157 if (!zcrypt_rng_buffer) {
1158 rc = -ENOMEM;
1159 goto out;
1160 }
1161 zcrypt_rng_buffer_index = 0;
1162 rc = hwrng_register(&zcrypt_rng_dev);
1163 if (rc)
1164 goto out_free;
1165 zcrypt_rng_device_count = 1;
1166 } else
1167 zcrypt_rng_device_count++;
1168 mutex_unlock(&zcrypt_rng_mutex);
1169 return 0;
1170
1171 out_free:
1172 free_page((unsigned long) zcrypt_rng_buffer);
1173 out:
1174 mutex_unlock(&zcrypt_rng_mutex);
1175 return rc;
1176 }
1177
1178 static void zcrypt_rng_device_remove(void)
1179 {
1180 mutex_lock(&zcrypt_rng_mutex);
1181 zcrypt_rng_device_count--;
1182 if (zcrypt_rng_device_count == 0) {
1183 hwrng_unregister(&zcrypt_rng_dev);
1184 free_page((unsigned long) zcrypt_rng_buffer);
1185 }
1186 mutex_unlock(&zcrypt_rng_mutex);
1187 }
1188
1189 /**
1190 * zcrypt_api_init(): Module initialization.
1191 *
1192 * The module initialization code.
1193 */
1194 int __init zcrypt_api_init(void)
1195 {
1196 int rc;
1197
1198 /* Register the request sprayer. */
1199 rc = misc_register(&zcrypt_misc_device);
1200 if (rc < 0) {
1201 PRINTKW(KERN_ERR "misc_register (minor %d) failed with %d\n",
1202 zcrypt_misc_device.minor, rc);
1203 goto out;
1204 }
1205
1206 /* Set up the proc file system */
1207 zcrypt_entry = create_proc_entry("driver/z90crypt", 0644, NULL);
1208 if (!zcrypt_entry) {
1209 PRINTK("Couldn't create z90crypt proc entry\n");
1210 rc = -ENOMEM;
1211 goto out_misc;
1212 }
1213 zcrypt_entry->data = NULL;
1214 zcrypt_entry->read_proc = zcrypt_status_read;
1215 zcrypt_entry->write_proc = zcrypt_status_write;
1216
1217 return 0;
1218
1219 out_misc:
1220 misc_deregister(&zcrypt_misc_device);
1221 out:
1222 return rc;
1223 }
1224
1225 /**
1226 * zcrypt_api_exit(): Module termination.
1227 *
1228 * The module termination code.
1229 */
1230 void zcrypt_api_exit(void)
1231 {
1232 remove_proc_entry("driver/z90crypt", NULL);
1233 misc_deregister(&zcrypt_misc_device);
1234 }
1235
1236 #ifndef CONFIG_ZCRYPT_MONOLITHIC
1237 module_init(zcrypt_api_init);
1238 module_exit(zcrypt_api_exit);
1239 #endif
Community contributions to the Openmoko Kernel