[ARM] pxa: update defconfig for Verdex Pro
[linux-2.6/verdex.git] / drivers / s390 / crypto / zcrypt_pcixcc.c
blob5677b40e4ac019ba1e8034db6ba526aaeb92f02e
1 /*
2 * linux/drivers/s390/crypto/zcrypt_pcixcc.c
4 * zcrypt 2.1.0
6 * Copyright (C) 2001, 2006 IBM Corporation
7 * Author(s): Robert Burroughs
8 * Eric Rossman (edrossma@us.ibm.com)
10 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
11 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
12 * Ralph Wuerthner <rwuerthn@de.ibm.com>
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2, or (at your option)
17 * any later version.
19 * This program is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with this program; if not, write to the Free Software
26 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #include <linux/module.h>
30 #include <linux/init.h>
31 #include <linux/err.h>
32 #include <linux/delay.h>
33 #include <asm/atomic.h>
34 #include <asm/uaccess.h>
36 #include "ap_bus.h"
37 #include "zcrypt_api.h"
38 #include "zcrypt_error.h"
39 #include "zcrypt_pcicc.h"
40 #include "zcrypt_pcixcc.h"
41 #include "zcrypt_cca_key.h"
43 #define PCIXCC_MIN_MOD_SIZE 16 /* 128 bits */
44 #define PCIXCC_MIN_MOD_SIZE_OLD 64 /* 512 bits */
45 #define PCIXCC_MAX_MOD_SIZE 256 /* 2048 bits */
47 #define PCIXCC_MCL2_SPEED_RATING 7870 /* FIXME: needs finetuning */
48 #define PCIXCC_MCL3_SPEED_RATING 7870
49 #define CEX2C_SPEED_RATING 8540
51 #define PCIXCC_MAX_ICA_MESSAGE_SIZE 0x77c /* max size type6 v2 crt message */
52 #define PCIXCC_MAX_ICA_RESPONSE_SIZE 0x77c /* max size type86 v2 reply */
54 #define PCIXCC_MAX_XCRB_MESSAGE_SIZE (12*1024)
55 #define PCIXCC_MAX_XCRB_RESPONSE_SIZE PCIXCC_MAX_XCRB_MESSAGE_SIZE
56 #define PCIXCC_MAX_XCRB_DATA_SIZE (11*1024)
57 #define PCIXCC_MAX_XCRB_REPLY_SIZE (5*1024)
59 #define PCIXCC_MAX_RESPONSE_SIZE PCIXCC_MAX_XCRB_RESPONSE_SIZE
61 #define PCIXCC_CLEANUP_TIME (15*HZ)
63 #define CEIL4(x) ((((x)+3)/4)*4)
65 struct response_type {
66 struct completion work;
67 int type;
69 #define PCIXCC_RESPONSE_TYPE_ICA 0
70 #define PCIXCC_RESPONSE_TYPE_XCRB 1
72 static struct ap_device_id zcrypt_pcixcc_ids[] = {
73 { AP_DEVICE(AP_DEVICE_TYPE_PCIXCC) },
74 { AP_DEVICE(AP_DEVICE_TYPE_CEX2C) },
75 { AP_DEVICE(AP_DEVICE_TYPE_CEX2C2) },
76 { /* end of list */ },
79 #ifndef CONFIG_ZCRYPT_MONOLITHIC
80 MODULE_DEVICE_TABLE(ap, zcrypt_pcixcc_ids);
81 MODULE_AUTHOR("IBM Corporation");
82 MODULE_DESCRIPTION("PCIXCC Cryptographic Coprocessor device driver, "
83 "Copyright 2001, 2006 IBM Corporation");
84 MODULE_LICENSE("GPL");
85 #endif
87 static int zcrypt_pcixcc_probe(struct ap_device *ap_dev);
88 static void zcrypt_pcixcc_remove(struct ap_device *ap_dev);
89 static void zcrypt_pcixcc_receive(struct ap_device *, struct ap_message *,
90 struct ap_message *);
92 static struct ap_driver zcrypt_pcixcc_driver = {
93 .probe = zcrypt_pcixcc_probe,
94 .remove = zcrypt_pcixcc_remove,
95 .receive = zcrypt_pcixcc_receive,
96 .ids = zcrypt_pcixcc_ids,
97 .request_timeout = PCIXCC_CLEANUP_TIME,
101 * The following is used to initialize the CPRBX passed to the PCIXCC/CEX2C
102 * card in a type6 message. The 3 fields that must be filled in at execution
103 * time are req_parml, rpl_parml and usage_domain.
104 * Everything about this interface is ascii/big-endian, since the
105 * device does *not* have 'Intel inside'.
107 * The CPRBX is followed immediately by the parm block.
108 * The parm block contains:
109 * - function code ('PD' 0x5044 or 'PK' 0x504B)
110 * - rule block (one of:)
111 * + 0x000A 'PKCS-1.2' (MCL2 'PD')
112 * + 0x000A 'ZERO-PAD' (MCL2 'PK')
113 * + 0x000A 'ZERO-PAD' (MCL3 'PD' or CEX2C 'PD')
114 * + 0x000A 'MRP ' (MCL3 'PK' or CEX2C 'PK')
115 * - VUD block
117 static struct CPRBX static_cprbx = {
118 .cprb_len = 0x00DC,
119 .cprb_ver_id = 0x02,
120 .func_id = {0x54,0x32},
124 * Convert a ICAMEX message to a type6 MEX message.
126 * @zdev: crypto device pointer
127 * @ap_msg: pointer to AP message
128 * @mex: pointer to user input data
130 * Returns 0 on success or -EFAULT.
132 static int ICAMEX_msg_to_type6MEX_msgX(struct zcrypt_device *zdev,
133 struct ap_message *ap_msg,
134 struct ica_rsa_modexpo *mex)
136 static struct type6_hdr static_type6_hdrX = {
137 .type = 0x06,
138 .offset1 = 0x00000058,
139 .agent_id = {'C','A',},
140 .function_code = {'P','K'},
142 static struct function_and_rules_block static_pke_fnr = {
143 .function_code = {'P','K'},
144 .ulen = 10,
145 .only_rule = {'M','R','P',' ',' ',' ',' ',' '}
147 static struct function_and_rules_block static_pke_fnr_MCL2 = {
148 .function_code = {'P','K'},
149 .ulen = 10,
150 .only_rule = {'Z','E','R','O','-','P','A','D'}
152 struct {
153 struct type6_hdr hdr;
154 struct CPRBX cprbx;
155 struct function_and_rules_block fr;
156 unsigned short length;
157 char text[0];
158 } __attribute__((packed)) *msg = ap_msg->message;
159 int size;
161 /* VUD.ciphertext */
162 msg->length = mex->inputdatalength + 2;
163 if (copy_from_user(msg->text, mex->inputdata, mex->inputdatalength))
164 return -EFAULT;
166 /* Set up key which is located after the variable length text. */
167 size = zcrypt_type6_mex_key_en(mex, msg->text+mex->inputdatalength, 1);
168 if (size < 0)
169 return size;
170 size += sizeof(*msg) + mex->inputdatalength;
172 /* message header, cprbx and f&r */
173 msg->hdr = static_type6_hdrX;
174 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
175 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
177 msg->cprbx = static_cprbx;
178 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
179 msg->cprbx.rpl_msgbl = msg->hdr.FromCardLen1;
181 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
182 static_pke_fnr_MCL2 : static_pke_fnr;
184 msg->cprbx.req_parml = size - sizeof(msg->hdr) - sizeof(msg->cprbx);
186 ap_msg->length = size;
187 return 0;
191 * Convert a ICACRT message to a type6 CRT message.
193 * @zdev: crypto device pointer
194 * @ap_msg: pointer to AP message
195 * @crt: pointer to user input data
197 * Returns 0 on success or -EFAULT.
199 static int ICACRT_msg_to_type6CRT_msgX(struct zcrypt_device *zdev,
200 struct ap_message *ap_msg,
201 struct ica_rsa_modexpo_crt *crt)
203 static struct type6_hdr static_type6_hdrX = {
204 .type = 0x06,
205 .offset1 = 0x00000058,
206 .agent_id = {'C','A',},
207 .function_code = {'P','D'},
209 static struct function_and_rules_block static_pkd_fnr = {
210 .function_code = {'P','D'},
211 .ulen = 10,
212 .only_rule = {'Z','E','R','O','-','P','A','D'}
215 static struct function_and_rules_block static_pkd_fnr_MCL2 = {
216 .function_code = {'P','D'},
217 .ulen = 10,
218 .only_rule = {'P','K','C','S','-','1','.','2'}
220 struct {
221 struct type6_hdr hdr;
222 struct CPRBX cprbx;
223 struct function_and_rules_block fr;
224 unsigned short length;
225 char text[0];
226 } __attribute__((packed)) *msg = ap_msg->message;
227 int size;
229 /* VUD.ciphertext */
230 msg->length = crt->inputdatalength + 2;
231 if (copy_from_user(msg->text, crt->inputdata, crt->inputdatalength))
232 return -EFAULT;
234 /* Set up key which is located after the variable length text. */
235 size = zcrypt_type6_crt_key(crt, msg->text + crt->inputdatalength, 1);
236 if (size < 0)
237 return size;
238 size += sizeof(*msg) + crt->inputdatalength; /* total size of msg */
240 /* message header, cprbx and f&r */
241 msg->hdr = static_type6_hdrX;
242 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
243 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
245 msg->cprbx = static_cprbx;
246 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
247 msg->cprbx.req_parml = msg->cprbx.rpl_msgbl =
248 size - sizeof(msg->hdr) - sizeof(msg->cprbx);
250 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
251 static_pkd_fnr_MCL2 : static_pkd_fnr;
253 ap_msg->length = size;
254 return 0;
258 * Convert a XCRB message to a type6 CPRB message.
260 * @zdev: crypto device pointer
261 * @ap_msg: pointer to AP message
262 * @xcRB: pointer to user input data
264 * Returns 0 on success or -EFAULT.
266 struct type86_fmt2_msg {
267 struct type86_hdr hdr;
268 struct type86_fmt2_ext fmt2;
269 } __attribute__((packed));
271 static int XCRB_msg_to_type6CPRB_msgX(struct zcrypt_device *zdev,
272 struct ap_message *ap_msg,
273 struct ica_xcRB *xcRB)
275 static struct type6_hdr static_type6_hdrX = {
276 .type = 0x06,
277 .offset1 = 0x00000058,
279 struct {
280 struct type6_hdr hdr;
281 struct CPRBX cprbx;
282 } __attribute__((packed)) *msg = ap_msg->message;
284 int rcblen = CEIL4(xcRB->request_control_blk_length);
285 int replylen;
286 char *req_data = ap_msg->message + sizeof(struct type6_hdr) + rcblen;
287 char *function_code;
289 /* length checks */
290 ap_msg->length = sizeof(struct type6_hdr) +
291 CEIL4(xcRB->request_control_blk_length) +
292 xcRB->request_data_length;
293 if (ap_msg->length > PCIXCC_MAX_XCRB_MESSAGE_SIZE)
294 return -EFAULT;
295 if (CEIL4(xcRB->reply_control_blk_length) > PCIXCC_MAX_XCRB_REPLY_SIZE)
296 return -EFAULT;
297 if (CEIL4(xcRB->reply_data_length) > PCIXCC_MAX_XCRB_DATA_SIZE)
298 return -EFAULT;
299 replylen = CEIL4(xcRB->reply_control_blk_length) +
300 CEIL4(xcRB->reply_data_length) +
301 sizeof(struct type86_fmt2_msg);
302 if (replylen > PCIXCC_MAX_XCRB_RESPONSE_SIZE) {
303 xcRB->reply_control_blk_length = PCIXCC_MAX_XCRB_RESPONSE_SIZE -
304 (sizeof(struct type86_fmt2_msg) +
305 CEIL4(xcRB->reply_data_length));
308 /* prepare type6 header */
309 msg->hdr = static_type6_hdrX;
310 memcpy(msg->hdr.agent_id , &(xcRB->agent_ID), sizeof(xcRB->agent_ID));
311 msg->hdr.ToCardLen1 = xcRB->request_control_blk_length;
312 if (xcRB->request_data_length) {
313 msg->hdr.offset2 = msg->hdr.offset1 + rcblen;
314 msg->hdr.ToCardLen2 = xcRB->request_data_length;
316 msg->hdr.FromCardLen1 = xcRB->reply_control_blk_length;
317 msg->hdr.FromCardLen2 = xcRB->reply_data_length;
319 /* prepare CPRB */
320 if (copy_from_user(&(msg->cprbx), xcRB->request_control_blk_addr,
321 xcRB->request_control_blk_length))
322 return -EFAULT;
323 if (msg->cprbx.cprb_len + sizeof(msg->hdr.function_code) >
324 xcRB->request_control_blk_length)
325 return -EFAULT;
326 function_code = ((unsigned char *)&msg->cprbx) + msg->cprbx.cprb_len;
327 memcpy(msg->hdr.function_code, function_code, sizeof(msg->hdr.function_code));
329 /* copy data block */
330 if (xcRB->request_data_length &&
331 copy_from_user(req_data, xcRB->request_data_address,
332 xcRB->request_data_length))
333 return -EFAULT;
334 return 0;
338 * Prepare a type6 CPRB message for random number generation
340 * @ap_dev: AP device pointer
341 * @ap_msg: pointer to AP message
343 static void rng_type6CPRB_msgX(struct ap_device *ap_dev,
344 struct ap_message *ap_msg,
345 unsigned random_number_length)
347 struct {
348 struct type6_hdr hdr;
349 struct CPRBX cprbx;
350 char function_code[2];
351 short int rule_length;
352 char rule[8];
353 short int verb_length;
354 short int key_length;
355 } __attribute__((packed)) *msg = ap_msg->message;
356 static struct type6_hdr static_type6_hdrX = {
357 .type = 0x06,
358 .offset1 = 0x00000058,
359 .agent_id = {'C', 'A'},
360 .function_code = {'R', 'L'},
361 .ToCardLen1 = sizeof *msg - sizeof(msg->hdr),
362 .FromCardLen1 = sizeof *msg - sizeof(msg->hdr),
364 static struct CPRBX local_cprbx = {
365 .cprb_len = 0x00dc,
366 .cprb_ver_id = 0x02,
367 .func_id = {0x54, 0x32},
368 .req_parml = sizeof *msg - sizeof(msg->hdr) -
369 sizeof(msg->cprbx),
370 .rpl_msgbl = sizeof *msg - sizeof(msg->hdr),
373 msg->hdr = static_type6_hdrX;
374 msg->hdr.FromCardLen2 = random_number_length,
375 msg->cprbx = local_cprbx;
376 msg->cprbx.rpl_datal = random_number_length,
377 msg->cprbx.domain = AP_QID_QUEUE(ap_dev->qid);
378 memcpy(msg->function_code, msg->hdr.function_code, 0x02);
379 msg->rule_length = 0x0a;
380 memcpy(msg->rule, "RANDOM ", 8);
381 msg->verb_length = 0x02;
382 msg->key_length = 0x02;
383 ap_msg->length = sizeof *msg;
387 * Copy results from a type 86 ICA reply message back to user space.
389 * @zdev: crypto device pointer
390 * @reply: reply AP message.
391 * @data: pointer to user output data
392 * @length: size of user output data
394 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
396 struct type86x_reply {
397 struct type86_hdr hdr;
398 struct type86_fmt2_ext fmt2;
399 struct CPRBX cprbx;
400 unsigned char pad[4]; /* 4 byte function code/rules block ? */
401 unsigned short length;
402 char text[0];
403 } __attribute__((packed));
405 static int convert_type86_ica(struct zcrypt_device *zdev,
406 struct ap_message *reply,
407 char __user *outputdata,
408 unsigned int outputdatalength)
410 static unsigned char static_pad[] = {
411 0x00,0x02,
412 0x1B,0x7B,0x5D,0xB5,0x75,0x01,0x3D,0xFD,
413 0x8D,0xD1,0xC7,0x03,0x2D,0x09,0x23,0x57,
414 0x89,0x49,0xB9,0x3F,0xBB,0x99,0x41,0x5B,
415 0x75,0x21,0x7B,0x9D,0x3B,0x6B,0x51,0x39,
416 0xBB,0x0D,0x35,0xB9,0x89,0x0F,0x93,0xA5,
417 0x0B,0x47,0xF1,0xD3,0xBB,0xCB,0xF1,0x9D,
418 0x23,0x73,0x71,0xFF,0xF3,0xF5,0x45,0xFB,
419 0x61,0x29,0x23,0xFD,0xF1,0x29,0x3F,0x7F,
420 0x17,0xB7,0x1B,0xA9,0x19,0xBD,0x57,0xA9,
421 0xD7,0x95,0xA3,0xCB,0xED,0x1D,0xDB,0x45,
422 0x7D,0x11,0xD1,0x51,0x1B,0xED,0x71,0xE9,
423 0xB1,0xD1,0xAB,0xAB,0x21,0x2B,0x1B,0x9F,
424 0x3B,0x9F,0xF7,0xF7,0xBD,0x63,0xEB,0xAD,
425 0xDF,0xB3,0x6F,0x5B,0xDB,0x8D,0xA9,0x5D,
426 0xE3,0x7D,0x77,0x49,0x47,0xF5,0xA7,0xFD,
427 0xAB,0x2F,0x27,0x35,0x77,0xD3,0x49,0xC9,
428 0x09,0xEB,0xB1,0xF9,0xBF,0x4B,0xCB,0x2B,
429 0xEB,0xEB,0x05,0xFF,0x7D,0xC7,0x91,0x8B,
430 0x09,0x83,0xB9,0xB9,0x69,0x33,0x39,0x6B,
431 0x79,0x75,0x19,0xBF,0xBB,0x07,0x1D,0xBD,
432 0x29,0xBF,0x39,0x95,0x93,0x1D,0x35,0xC7,
433 0xC9,0x4D,0xE5,0x97,0x0B,0x43,0x9B,0xF1,
434 0x16,0x93,0x03,0x1F,0xA5,0xFB,0xDB,0xF3,
435 0x27,0x4F,0x27,0x61,0x05,0x1F,0xB9,0x23,
436 0x2F,0xC3,0x81,0xA9,0x23,0x71,0x55,0x55,
437 0xEB,0xED,0x41,0xE5,0xF3,0x11,0xF1,0x43,
438 0x69,0x03,0xBD,0x0B,0x37,0x0F,0x51,0x8F,
439 0x0B,0xB5,0x89,0x5B,0x67,0xA9,0xD9,0x4F,
440 0x01,0xF9,0x21,0x77,0x37,0x73,0x79,0xC5,
441 0x7F,0x51,0xC1,0xCF,0x97,0xA1,0x75,0xAD,
442 0x35,0x9D,0xD3,0xD3,0xA7,0x9D,0x5D,0x41,
443 0x6F,0x65,0x1B,0xCF,0xA9,0x87,0x91,0x09
445 struct type86x_reply *msg = reply->message;
446 unsigned short service_rc, service_rs;
447 unsigned int reply_len, pad_len;
448 char *data;
450 service_rc = msg->cprbx.ccp_rtcode;
451 if (unlikely(service_rc != 0)) {
452 service_rs = msg->cprbx.ccp_rscode;
453 if (service_rc == 8 && service_rs == 66)
454 return -EINVAL;
455 if (service_rc == 8 && service_rs == 65)
456 return -EINVAL;
457 if (service_rc == 8 && service_rs == 770)
458 return -EINVAL;
459 if (service_rc == 8 && service_rs == 783) {
460 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
461 return -EAGAIN;
463 if (service_rc == 12 && service_rs == 769)
464 return -EINVAL;
465 zdev->online = 0;
466 return -EAGAIN; /* repeat the request on a different device. */
468 data = msg->text;
469 reply_len = msg->length - 2;
470 if (reply_len > outputdatalength)
471 return -EINVAL;
473 * For all encipher requests, the length of the ciphertext (reply_len)
474 * will always equal the modulus length. For MEX decipher requests
475 * the output needs to get padded. Minimum pad size is 10.
477 * Currently, the cases where padding will be added is for:
478 * - PCIXCC_MCL2 using a CRT form token (since PKD didn't support
479 * ZERO-PAD and CRT is only supported for PKD requests)
480 * - PCICC, always
482 pad_len = outputdatalength - reply_len;
483 if (pad_len > 0) {
484 if (pad_len < 10)
485 return -EINVAL;
486 /* 'restore' padding left in the PCICC/PCIXCC card. */
487 if (copy_to_user(outputdata, static_pad, pad_len - 1))
488 return -EFAULT;
489 if (put_user(0, outputdata + pad_len - 1))
490 return -EFAULT;
492 /* Copy the crypto response to user space. */
493 if (copy_to_user(outputdata + pad_len, data, reply_len))
494 return -EFAULT;
495 return 0;
499 * Copy results from a type 86 XCRB reply message back to user space.
501 * @zdev: crypto device pointer
502 * @reply: reply AP message.
503 * @xcRB: pointer to XCRB
505 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
507 static int convert_type86_xcrb(struct zcrypt_device *zdev,
508 struct ap_message *reply,
509 struct ica_xcRB *xcRB)
511 struct type86_fmt2_msg *msg = reply->message;
512 char *data = reply->message;
514 /* Copy CPRB to user */
515 if (copy_to_user(xcRB->reply_control_blk_addr,
516 data + msg->fmt2.offset1, msg->fmt2.count1))
517 return -EFAULT;
518 xcRB->reply_control_blk_length = msg->fmt2.count1;
520 /* Copy data buffer to user */
521 if (msg->fmt2.count2)
522 if (copy_to_user(xcRB->reply_data_addr,
523 data + msg->fmt2.offset2, msg->fmt2.count2))
524 return -EFAULT;
525 xcRB->reply_data_length = msg->fmt2.count2;
526 return 0;
529 static int convert_type86_rng(struct zcrypt_device *zdev,
530 struct ap_message *reply,
531 char *buffer)
533 struct {
534 struct type86_hdr hdr;
535 struct type86_fmt2_ext fmt2;
536 struct CPRBX cprbx;
537 } __attribute__((packed)) *msg = reply->message;
538 char *data = reply->message;
540 if (msg->cprbx.ccp_rtcode != 0 || msg->cprbx.ccp_rscode != 0)
541 return -EINVAL;
542 memcpy(buffer, data + msg->fmt2.offset2, msg->fmt2.count2);
543 return msg->fmt2.count2;
546 static int convert_response_ica(struct zcrypt_device *zdev,
547 struct ap_message *reply,
548 char __user *outputdata,
549 unsigned int outputdatalength)
551 struct type86x_reply *msg = reply->message;
553 /* Response type byte is the second byte in the response. */
554 switch (((unsigned char *) reply->message)[1]) {
555 case TYPE82_RSP_CODE:
556 case TYPE88_RSP_CODE:
557 return convert_error(zdev, reply);
558 case TYPE86_RSP_CODE:
559 if (msg->hdr.reply_code)
560 return convert_error(zdev, reply);
561 if (msg->cprbx.cprb_ver_id == 0x02)
562 return convert_type86_ica(zdev, reply,
563 outputdata, outputdatalength);
564 /* Fall through, no break, incorrect cprb version is an unknown
565 * response */
566 default: /* Unknown response type, this should NEVER EVER happen */
567 zdev->online = 0;
568 return -EAGAIN; /* repeat the request on a different device. */
572 static int convert_response_xcrb(struct zcrypt_device *zdev,
573 struct ap_message *reply,
574 struct ica_xcRB *xcRB)
576 struct type86x_reply *msg = reply->message;
578 /* Response type byte is the second byte in the response. */
579 switch (((unsigned char *) reply->message)[1]) {
580 case TYPE82_RSP_CODE:
581 case TYPE88_RSP_CODE:
582 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
583 return convert_error(zdev, reply);
584 case TYPE86_RSP_CODE:
585 if (msg->hdr.reply_code) {
586 memcpy(&(xcRB->status), msg->fmt2.apfs, sizeof(u32));
587 return convert_error(zdev, reply);
589 if (msg->cprbx.cprb_ver_id == 0x02)
590 return convert_type86_xcrb(zdev, reply, xcRB);
591 /* Fall through, no break, incorrect cprb version is an unknown
592 * response */
593 default: /* Unknown response type, this should NEVER EVER happen */
594 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
595 zdev->online = 0;
596 return -EAGAIN; /* repeat the request on a different device. */
600 static int convert_response_rng(struct zcrypt_device *zdev,
601 struct ap_message *reply,
602 char *data)
604 struct type86x_reply *msg = reply->message;
606 switch (msg->hdr.type) {
607 case TYPE82_RSP_CODE:
608 case TYPE88_RSP_CODE:
609 return -EINVAL;
610 case TYPE86_RSP_CODE:
611 if (msg->hdr.reply_code)
612 return -EINVAL;
613 if (msg->cprbx.cprb_ver_id == 0x02)
614 return convert_type86_rng(zdev, reply, data);
615 /* Fall through, no break, incorrect cprb version is an unknown
616 * response */
617 default: /* Unknown response type, this should NEVER EVER happen */
618 zdev->online = 0;
619 return -EAGAIN; /* repeat the request on a different device. */
624 * This function is called from the AP bus code after a crypto request
625 * "msg" has finished with the reply message "reply".
626 * It is called from tasklet context.
627 * @ap_dev: pointer to the AP device
628 * @msg: pointer to the AP message
629 * @reply: pointer to the AP reply message
631 static void zcrypt_pcixcc_receive(struct ap_device *ap_dev,
632 struct ap_message *msg,
633 struct ap_message *reply)
635 static struct error_hdr error_reply = {
636 .type = TYPE82_RSP_CODE,
637 .reply_code = REP82_ERROR_MACHINE_FAILURE,
639 struct response_type *resp_type =
640 (struct response_type *) msg->private;
641 struct type86x_reply *t86r;
642 int length;
644 /* Copy the reply message to the request message buffer. */
645 if (IS_ERR(reply)) {
646 memcpy(msg->message, &error_reply, sizeof(error_reply));
647 goto out;
649 t86r = reply->message;
650 if (t86r->hdr.type == TYPE86_RSP_CODE &&
651 t86r->cprbx.cprb_ver_id == 0x02) {
652 switch (resp_type->type) {
653 case PCIXCC_RESPONSE_TYPE_ICA:
654 length = sizeof(struct type86x_reply)
655 + t86r->length - 2;
656 length = min(PCIXCC_MAX_ICA_RESPONSE_SIZE, length);
657 memcpy(msg->message, reply->message, length);
658 break;
659 case PCIXCC_RESPONSE_TYPE_XCRB:
660 length = t86r->fmt2.offset2 + t86r->fmt2.count2;
661 length = min(PCIXCC_MAX_XCRB_RESPONSE_SIZE, length);
662 memcpy(msg->message, reply->message, length);
663 break;
664 default:
665 memcpy(msg->message, &error_reply, sizeof error_reply);
667 } else
668 memcpy(msg->message, reply->message, sizeof error_reply);
669 out:
670 complete(&(resp_type->work));
673 static atomic_t zcrypt_step = ATOMIC_INIT(0);
676 * The request distributor calls this function if it picked the PCIXCC/CEX2C
677 * device to handle a modexpo request.
678 * @zdev: pointer to zcrypt_device structure that identifies the
679 * PCIXCC/CEX2C device to the request distributor
680 * @mex: pointer to the modexpo request buffer
682 static long zcrypt_pcixcc_modexpo(struct zcrypt_device *zdev,
683 struct ica_rsa_modexpo *mex)
685 struct ap_message ap_msg;
686 struct response_type resp_type = {
687 .type = PCIXCC_RESPONSE_TYPE_ICA,
689 int rc;
691 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
692 if (!ap_msg.message)
693 return -ENOMEM;
694 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
695 atomic_inc_return(&zcrypt_step);
696 ap_msg.private = &resp_type;
697 rc = ICAMEX_msg_to_type6MEX_msgX(zdev, &ap_msg, mex);
698 if (rc)
699 goto out_free;
700 init_completion(&resp_type.work);
701 ap_queue_message(zdev->ap_dev, &ap_msg);
702 rc = wait_for_completion_interruptible(&resp_type.work);
703 if (rc == 0)
704 rc = convert_response_ica(zdev, &ap_msg, mex->outputdata,
705 mex->outputdatalength);
706 else
707 /* Signal pending. */
708 ap_cancel_message(zdev->ap_dev, &ap_msg);
709 out_free:
710 free_page((unsigned long) ap_msg.message);
711 return rc;
715 * The request distributor calls this function if it picked the PCIXCC/CEX2C
716 * device to handle a modexpo_crt request.
717 * @zdev: pointer to zcrypt_device structure that identifies the
718 * PCIXCC/CEX2C device to the request distributor
719 * @crt: pointer to the modexpoc_crt request buffer
721 static long zcrypt_pcixcc_modexpo_crt(struct zcrypt_device *zdev,
722 struct ica_rsa_modexpo_crt *crt)
724 struct ap_message ap_msg;
725 struct response_type resp_type = {
726 .type = PCIXCC_RESPONSE_TYPE_ICA,
728 int rc;
730 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
731 if (!ap_msg.message)
732 return -ENOMEM;
733 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
734 atomic_inc_return(&zcrypt_step);
735 ap_msg.private = &resp_type;
736 rc = ICACRT_msg_to_type6CRT_msgX(zdev, &ap_msg, crt);
737 if (rc)
738 goto out_free;
739 init_completion(&resp_type.work);
740 ap_queue_message(zdev->ap_dev, &ap_msg);
741 rc = wait_for_completion_interruptible(&resp_type.work);
742 if (rc == 0)
743 rc = convert_response_ica(zdev, &ap_msg, crt->outputdata,
744 crt->outputdatalength);
745 else
746 /* Signal pending. */
747 ap_cancel_message(zdev->ap_dev, &ap_msg);
748 out_free:
749 free_page((unsigned long) ap_msg.message);
750 return rc;
754 * The request distributor calls this function if it picked the PCIXCC/CEX2C
755 * device to handle a send_cprb request.
756 * @zdev: pointer to zcrypt_device structure that identifies the
757 * PCIXCC/CEX2C device to the request distributor
758 * @xcRB: pointer to the send_cprb request buffer
760 static long zcrypt_pcixcc_send_cprb(struct zcrypt_device *zdev,
761 struct ica_xcRB *xcRB)
763 struct ap_message ap_msg;
764 struct response_type resp_type = {
765 .type = PCIXCC_RESPONSE_TYPE_XCRB,
767 int rc;
769 ap_msg.message = kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE, GFP_KERNEL);
770 if (!ap_msg.message)
771 return -ENOMEM;
772 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
773 atomic_inc_return(&zcrypt_step);
774 ap_msg.private = &resp_type;
775 rc = XCRB_msg_to_type6CPRB_msgX(zdev, &ap_msg, xcRB);
776 if (rc)
777 goto out_free;
778 init_completion(&resp_type.work);
779 ap_queue_message(zdev->ap_dev, &ap_msg);
780 rc = wait_for_completion_interruptible(&resp_type.work);
781 if (rc == 0)
782 rc = convert_response_xcrb(zdev, &ap_msg, xcRB);
783 else
784 /* Signal pending. */
785 ap_cancel_message(zdev->ap_dev, &ap_msg);
786 out_free:
787 kzfree(ap_msg.message);
788 return rc;
792 * The request distributor calls this function if it picked the PCIXCC/CEX2C
793 * device to generate random data.
794 * @zdev: pointer to zcrypt_device structure that identifies the
795 * PCIXCC/CEX2C device to the request distributor
796 * @buffer: pointer to a memory page to return random data
799 static long zcrypt_pcixcc_rng(struct zcrypt_device *zdev,
800 char *buffer)
802 struct ap_message ap_msg;
803 struct response_type resp_type = {
804 .type = PCIXCC_RESPONSE_TYPE_XCRB,
806 int rc;
808 ap_msg.message = kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE, GFP_KERNEL);
809 if (!ap_msg.message)
810 return -ENOMEM;
811 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
812 atomic_inc_return(&zcrypt_step);
813 ap_msg.private = &resp_type;
814 rng_type6CPRB_msgX(zdev->ap_dev, &ap_msg, ZCRYPT_RNG_BUFFER_SIZE);
815 init_completion(&resp_type.work);
816 ap_queue_message(zdev->ap_dev, &ap_msg);
817 rc = wait_for_completion_interruptible(&resp_type.work);
818 if (rc == 0)
819 rc = convert_response_rng(zdev, &ap_msg, buffer);
820 else
821 /* Signal pending. */
822 ap_cancel_message(zdev->ap_dev, &ap_msg);
823 kfree(ap_msg.message);
824 return rc;
828 * The crypto operations for a PCIXCC/CEX2C card.
830 static struct zcrypt_ops zcrypt_pcixcc_ops = {
831 .rsa_modexpo = zcrypt_pcixcc_modexpo,
832 .rsa_modexpo_crt = zcrypt_pcixcc_modexpo_crt,
833 .send_cprb = zcrypt_pcixcc_send_cprb,
836 static struct zcrypt_ops zcrypt_pcixcc_with_rng_ops = {
837 .rsa_modexpo = zcrypt_pcixcc_modexpo,
838 .rsa_modexpo_crt = zcrypt_pcixcc_modexpo_crt,
839 .send_cprb = zcrypt_pcixcc_send_cprb,
840 .rng = zcrypt_pcixcc_rng,
844 * Micro-code detection function. Its sends a message to a pcixcc card
845 * to find out the microcode level.
846 * @ap_dev: pointer to the AP device.
848 static int zcrypt_pcixcc_mcl(struct ap_device *ap_dev)
850 static unsigned char msg[] = {
851 0x00,0x06,0x00,0x00,0x00,0x00,0x00,0x00,
852 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
853 0x00,0x00,0x00,0x58,0x00,0x00,0x00,0x00,
854 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
855 0x43,0x41,0x00,0x00,0x00,0x00,0x00,0x00,
856 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
857 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x00,
858 0x00,0x00,0x01,0xC4,0x00,0x00,0x00,0x00,
859 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
860 0x00,0x00,0x07,0x24,0x00,0x00,0x00,0x00,
861 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
862 0x00,0xDC,0x02,0x00,0x00,0x00,0x54,0x32,
863 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE8,
864 0x00,0x00,0x00,0x00,0x00,0x00,0x07,0x24,
865 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
866 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
867 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
868 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
869 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
870 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
871 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
872 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
873 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
874 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
875 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
876 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
877 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
878 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
879 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
880 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
881 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
882 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
883 0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,
884 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
885 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
886 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
887 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
888 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
889 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x0A,
890 0x4D,0x52,0x50,0x20,0x20,0x20,0x20,0x20,
891 0x00,0x42,0x00,0x01,0x02,0x03,0x04,0x05,
892 0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,
893 0x0E,0x0F,0x00,0x11,0x22,0x33,0x44,0x55,
894 0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,
895 0xEE,0xFF,0xFF,0xEE,0xDD,0xCC,0xBB,0xAA,
896 0x99,0x88,0x77,0x66,0x55,0x44,0x33,0x22,
897 0x11,0x00,0x01,0x23,0x45,0x67,0x89,0xAB,
898 0xCD,0xEF,0xFE,0xDC,0xBA,0x98,0x76,0x54,
899 0x32,0x10,0x00,0x9A,0x00,0x98,0x00,0x00,
900 0x1E,0x00,0x00,0x94,0x00,0x00,0x00,0x00,
901 0x04,0x00,0x00,0x8C,0x00,0x00,0x00,0x40,
902 0x02,0x00,0x00,0x40,0xBA,0xE8,0x23,0x3C,
903 0x75,0xF3,0x91,0x61,0xD6,0x73,0x39,0xCF,
904 0x7B,0x6D,0x8E,0x61,0x97,0x63,0x9E,0xD9,
905 0x60,0x55,0xD6,0xC7,0xEF,0xF8,0x1E,0x63,
906 0x95,0x17,0xCC,0x28,0x45,0x60,0x11,0xC5,
907 0xC4,0x4E,0x66,0xC6,0xE6,0xC3,0xDE,0x8A,
908 0x19,0x30,0xCF,0x0E,0xD7,0xAA,0xDB,0x01,
909 0xD8,0x00,0xBB,0x8F,0x39,0x9F,0x64,0x28,
910 0xF5,0x7A,0x77,0x49,0xCC,0x6B,0xA3,0x91,
911 0x97,0x70,0xE7,0x60,0x1E,0x39,0xE1,0xE5,
912 0x33,0xE1,0x15,0x63,0x69,0x08,0x80,0x4C,
913 0x67,0xC4,0x41,0x8F,0x48,0xDF,0x26,0x98,
914 0xF1,0xD5,0x8D,0x88,0xD9,0x6A,0xA4,0x96,
915 0xC5,0x84,0xD9,0x30,0x49,0x67,0x7D,0x19,
916 0xB1,0xB3,0x45,0x4D,0xB2,0x53,0x9A,0x47,
917 0x3C,0x7C,0x55,0xBF,0xCC,0x85,0x00,0x36,
918 0xF1,0x3D,0x93,0x53
920 unsigned long long psmid;
921 struct CPRBX *cprbx;
922 char *reply;
923 int rc, i;
925 reply = (void *) get_zeroed_page(GFP_KERNEL);
926 if (!reply)
927 return -ENOMEM;
929 rc = ap_send(ap_dev->qid, 0x0102030405060708ULL, msg, sizeof(msg));
930 if (rc)
931 goto out_free;
933 /* Wait for the test message to complete. */
934 for (i = 0; i < 6; i++) {
935 mdelay(300);
936 rc = ap_recv(ap_dev->qid, &psmid, reply, 4096);
937 if (rc == 0 && psmid == 0x0102030405060708ULL)
938 break;
941 if (i >= 6) {
942 /* Got no answer. */
943 rc = -ENODEV;
944 goto out_free;
947 cprbx = (struct CPRBX *) (reply + 48);
948 if (cprbx->ccp_rtcode == 8 && cprbx->ccp_rscode == 33)
949 rc = ZCRYPT_PCIXCC_MCL2;
950 else
951 rc = ZCRYPT_PCIXCC_MCL3;
952 out_free:
953 free_page((unsigned long) reply);
954 return rc;
958 * Large random number detection function. Its sends a message to a pcixcc
959 * card to find out if large random numbers are supported.
960 * @ap_dev: pointer to the AP device.
962 * Returns 1 if large random numbers are supported, 0 if not and < 0 on error.
964 static int zcrypt_pcixcc_rng_supported(struct ap_device *ap_dev)
966 struct ap_message ap_msg;
967 unsigned long long psmid;
968 struct {
969 struct type86_hdr hdr;
970 struct type86_fmt2_ext fmt2;
971 struct CPRBX cprbx;
972 } __attribute__((packed)) *reply;
973 int rc, i;
975 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
976 if (!ap_msg.message)
977 return -ENOMEM;
979 rng_type6CPRB_msgX(ap_dev, &ap_msg, 4);
980 rc = ap_send(ap_dev->qid, 0x0102030405060708ULL, ap_msg.message,
981 ap_msg.length);
982 if (rc)
983 goto out_free;
985 /* Wait for the test message to complete. */
986 for (i = 0; i < 2 * HZ; i++) {
987 msleep(1000 / HZ);
988 rc = ap_recv(ap_dev->qid, &psmid, ap_msg.message, 4096);
989 if (rc == 0 && psmid == 0x0102030405060708ULL)
990 break;
993 if (i >= 2 * HZ) {
994 /* Got no answer. */
995 rc = -ENODEV;
996 goto out_free;
999 reply = ap_msg.message;
1000 if (reply->cprbx.ccp_rtcode == 0 && reply->cprbx.ccp_rscode == 0)
1001 rc = 1;
1002 else
1003 rc = 0;
1004 out_free:
1005 free_page((unsigned long) ap_msg.message);
1006 return rc;
1010 * Probe function for PCIXCC/CEX2C cards. It always accepts the AP device
1011 * since the bus_match already checked the hardware type. The PCIXCC
1012 * cards come in two flavours: micro code level 2 and micro code level 3.
1013 * This is checked by sending a test message to the device.
1014 * @ap_dev: pointer to the AP device.
1016 static int zcrypt_pcixcc_probe(struct ap_device *ap_dev)
1018 struct zcrypt_device *zdev;
1019 int rc;
1021 zdev = zcrypt_device_alloc(PCIXCC_MAX_RESPONSE_SIZE);
1022 if (!zdev)
1023 return -ENOMEM;
1024 zdev->ap_dev = ap_dev;
1025 zdev->online = 1;
1026 if (ap_dev->device_type == AP_DEVICE_TYPE_PCIXCC) {
1027 rc = zcrypt_pcixcc_mcl(ap_dev);
1028 if (rc < 0) {
1029 zcrypt_device_free(zdev);
1030 return rc;
1032 zdev->user_space_type = rc;
1033 if (rc == ZCRYPT_PCIXCC_MCL2) {
1034 zdev->type_string = "PCIXCC_MCL2";
1035 zdev->speed_rating = PCIXCC_MCL2_SPEED_RATING;
1036 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
1037 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
1038 } else {
1039 zdev->type_string = "PCIXCC_MCL3";
1040 zdev->speed_rating = PCIXCC_MCL3_SPEED_RATING;
1041 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE;
1042 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
1044 } else {
1045 zdev->user_space_type = ZCRYPT_CEX2C;
1046 zdev->type_string = "CEX2C";
1047 zdev->speed_rating = CEX2C_SPEED_RATING;
1048 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE;
1049 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
1051 rc = zcrypt_pcixcc_rng_supported(ap_dev);
1052 if (rc < 0) {
1053 zcrypt_device_free(zdev);
1054 return rc;
1056 if (rc)
1057 zdev->ops = &zcrypt_pcixcc_with_rng_ops;
1058 else
1059 zdev->ops = &zcrypt_pcixcc_ops;
1060 ap_dev->reply = &zdev->reply;
1061 ap_dev->private = zdev;
1062 rc = zcrypt_device_register(zdev);
1063 if (rc)
1064 goto out_free;
1065 return 0;
1067 out_free:
1068 ap_dev->private = NULL;
1069 zcrypt_device_free(zdev);
1070 return rc;
1074 * This is called to remove the extended PCIXCC/CEX2C driver information
1075 * if an AP device is removed.
1077 static void zcrypt_pcixcc_remove(struct ap_device *ap_dev)
1079 struct zcrypt_device *zdev = ap_dev->private;
1081 zcrypt_device_unregister(zdev);
1084 int __init zcrypt_pcixcc_init(void)
1086 return ap_driver_register(&zcrypt_pcixcc_driver, THIS_MODULE, "pcixcc");
1089 void zcrypt_pcixcc_exit(void)
1091 ap_driver_unregister(&zcrypt_pcixcc_driver);
1094 #ifndef CONFIG_ZCRYPT_MONOLITHIC
1095 module_init(zcrypt_pcixcc_init);
1096 module_exit(zcrypt_pcixcc_exit);
1097 #endif