This source file includes following definitions.
- speed_idx_cca
- speed_idx_ep11
- ICAMEX_msg_to_type6MEX_msgX
- ICACRT_msg_to_type6CRT_msgX
- XCRB_msg_to_type6CPRB_msgX
- xcrb_msg_to_type6_ep11cprb_msgx
- convert_type86_ica
- convert_type86_xcrb
- convert_type86_ep11_xcrb
- convert_type86_rng
- convert_response_ica
- convert_response_xcrb
- convert_response_ep11_xcrb
- convert_response_rng
- zcrypt_msgtype6_receive
- zcrypt_msgtype6_receive_ep11
- zcrypt_msgtype6_modexpo
- zcrypt_msgtype6_modexpo_crt
- get_cprb_fc
- zcrypt_msgtype6_send_cprb
- get_ep11cprb_fc
- zcrypt_msgtype6_send_ep11_cprb
- get_rng_fc
- zcrypt_msgtype6_rng
- zcrypt_msgtype6_init
- zcrypt_msgtype6_exit
1
2
3
4
5
6
7
8
9
10
11
12
13 #define KMSG_COMPONENT "zcrypt"
14 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
15
16 #include <linux/module.h>
17 #include <linux/init.h>
18 #include <linux/err.h>
19 #include <linux/delay.h>
20 #include <linux/slab.h>
21 #include <linux/atomic.h>
22 #include <linux/uaccess.h>
23
24 #include "ap_bus.h"
25 #include "zcrypt_api.h"
26 #include "zcrypt_error.h"
27 #include "zcrypt_msgtype6.h"
28 #include "zcrypt_cca_key.h"
29
30 #define CEXXC_MAX_ICA_RESPONSE_SIZE 0x77c
31
32 #define CEIL4(x) ((((x)+3)/4)*4)
33
34 struct response_type {
35 struct completion work;
36 int type;
37 };
38 #define CEXXC_RESPONSE_TYPE_ICA 0
39 #define CEXXC_RESPONSE_TYPE_XCRB 1
40 #define CEXXC_RESPONSE_TYPE_EP11 2
41
42 MODULE_AUTHOR("IBM Corporation");
43 MODULE_DESCRIPTION("Cryptographic Coprocessor (message type 6), " \
44 "Copyright IBM Corp. 2001, 2012");
45 MODULE_LICENSE("GPL");
46
47
48
49
50
51
52
53
54
55
56
57
58
59 struct CPRB {
60 unsigned short cprb_len;
61 unsigned char cprb_ver_id;
62 unsigned char pad_000;
63 unsigned char srpi_rtcode[4];
64 unsigned char srpi_verb;
65 unsigned char flags;
66 unsigned char func_id[2];
67 unsigned char checkpoint_flag;
68 unsigned char resv2;
69 unsigned short req_parml;
70
71 unsigned char req_parmp[4];
72
73
74
75 unsigned char req_datal[4];
76
77 unsigned char req_datap[4];
78
79 unsigned short rpl_parml;
80
81 unsigned char pad_001[2];
82 unsigned char rpl_parmp[4];
83
84
85
86 unsigned char rpl_datal[4];
87 unsigned char rpl_datap[4];
88
89 unsigned short ccp_rscode;
90 unsigned short ccp_rtcode;
91 unsigned char repd_parml[2];
92 unsigned char mac_data_len[2];
93 unsigned char repd_datal[4];
94 unsigned char req_pc[2];
95 unsigned char res_origin[8];
96 unsigned char mac_value[8];
97 unsigned char logon_id[8];
98 unsigned char usage_domain[2];
99 unsigned char resv3[18];
100 unsigned short svr_namel;
101 unsigned char svr_name[8];
102 } __packed;
103
104 struct function_and_rules_block {
105 unsigned char function_code[2];
106 unsigned short ulen;
107 unsigned char only_rule[8];
108 } __packed;
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127 static const struct CPRBX static_cprbx = {
128 .cprb_len = 0x00DC,
129 .cprb_ver_id = 0x02,
130 .func_id = {0x54, 0x32},
131 };
132
133 int speed_idx_cca(int req_type)
134 {
135 switch (req_type) {
136 case 0x4142:
137 case 0x4149:
138 case 0x414D:
139 case 0x4341:
140 case 0x4344:
141 case 0x4354:
142 case 0x4358:
143 case 0x444B:
144 case 0x4558:
145 case 0x4643:
146 case 0x4651:
147 case 0x4C47:
148 case 0x4C4B:
149 case 0x4C51:
150 case 0x4F48:
151 case 0x504F:
152 case 0x5053:
153 case 0x5058:
154 case 0x5343:
155 case 0x5344:
156 case 0x5345:
157 case 0x5350:
158 return LOW;
159 case 0x414B:
160 case 0x4345:
161 case 0x4349:
162 case 0x434D:
163 case 0x4847:
164 case 0x4849:
165 case 0x484D:
166 case 0x4850:
167 case 0x4851:
168 case 0x4954:
169 case 0x4958:
170 case 0x4B43:
171 case 0x4B44:
172 case 0x4B45:
173 case 0x4B47:
174 case 0x4B48:
175 case 0x4B49:
176 case 0x4B4E:
177 case 0x4B50:
178 case 0x4B52:
179 case 0x4B54:
180 case 0x4B58:
181 case 0x4D50:
182 case 0x4D53:
183 case 0x4D56:
184 case 0x4D58:
185 case 0x5044:
186 case 0x5045:
187 case 0x5046:
188 case 0x5047:
189 case 0x5049:
190 case 0x504B:
191 case 0x504D:
192 case 0x5254:
193 case 0x5347:
194 case 0x5349:
195 case 0x534B:
196 case 0x534D:
197 case 0x5356:
198 case 0x5358:
199 case 0x5443:
200 case 0x544B:
201 case 0x5647:
202 return HIGH;
203 default:
204 return MEDIUM;
205 }
206 }
207
208 int speed_idx_ep11(int req_type)
209 {
210 switch (req_type) {
211 case 1:
212 case 2:
213 case 36:
214 case 37:
215 case 38:
216 case 39:
217 case 40:
218 return LOW;
219 case 17:
220 case 18:
221 case 19:
222 case 20:
223 case 21:
224 case 22:
225 case 26:
226 case 30:
227 case 31:
228 case 32:
229 case 33:
230 case 34:
231 case 35:
232 return HIGH;
233 default:
234 return MEDIUM;
235 }
236 }
237
238
239
240
241
242
243
244
245
246
247
248 static int ICAMEX_msg_to_type6MEX_msgX(struct zcrypt_queue *zq,
249 struct ap_message *ap_msg,
250 struct ica_rsa_modexpo *mex)
251 {
252 static struct type6_hdr static_type6_hdrX = {
253 .type = 0x06,
254 .offset1 = 0x00000058,
255 .agent_id = {'C', 'A',},
256 .function_code = {'P', 'K'},
257 };
258 static struct function_and_rules_block static_pke_fnr = {
259 .function_code = {'P', 'K'},
260 .ulen = 10,
261 .only_rule = {'M', 'R', 'P', ' ', ' ', ' ', ' ', ' '}
262 };
263 struct {
264 struct type6_hdr hdr;
265 struct CPRBX cprbx;
266 struct function_and_rules_block fr;
267 unsigned short length;
268 char text[0];
269 } __packed * msg = ap_msg->message;
270 int size;
271
272
273
274
275
276
277 if (WARN_ON_ONCE(mex->inputdatalength > PAGE_SIZE))
278 return -EINVAL;
279
280
281 msg->length = mex->inputdatalength + 2;
282 if (copy_from_user(msg->text, mex->inputdata, mex->inputdatalength))
283 return -EFAULT;
284
285
286 size = zcrypt_type6_mex_key_en(mex, msg->text+mex->inputdatalength);
287 if (size < 0)
288 return size;
289 size += sizeof(*msg) + mex->inputdatalength;
290
291
292 msg->hdr = static_type6_hdrX;
293 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
294 msg->hdr.FromCardLen1 = CEXXC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
295
296 msg->cprbx = static_cprbx;
297 msg->cprbx.domain = AP_QID_QUEUE(zq->queue->qid);
298 msg->cprbx.rpl_msgbl = msg->hdr.FromCardLen1;
299
300 msg->fr = static_pke_fnr;
301
302 msg->cprbx.req_parml = size - sizeof(msg->hdr) - sizeof(msg->cprbx);
303
304 ap_msg->length = size;
305 return 0;
306 }
307
308
309
310
311
312
313
314
315
316
317 static int ICACRT_msg_to_type6CRT_msgX(struct zcrypt_queue *zq,
318 struct ap_message *ap_msg,
319 struct ica_rsa_modexpo_crt *crt)
320 {
321 static struct type6_hdr static_type6_hdrX = {
322 .type = 0x06,
323 .offset1 = 0x00000058,
324 .agent_id = {'C', 'A',},
325 .function_code = {'P', 'D'},
326 };
327 static struct function_and_rules_block static_pkd_fnr = {
328 .function_code = {'P', 'D'},
329 .ulen = 10,
330 .only_rule = {'Z', 'E', 'R', 'O', '-', 'P', 'A', 'D'}
331 };
332
333 struct {
334 struct type6_hdr hdr;
335 struct CPRBX cprbx;
336 struct function_and_rules_block fr;
337 unsigned short length;
338 char text[0];
339 } __packed * msg = ap_msg->message;
340 int size;
341
342
343
344
345
346
347 if (WARN_ON_ONCE(crt->inputdatalength > PAGE_SIZE))
348 return -EINVAL;
349
350
351 msg->length = crt->inputdatalength + 2;
352 if (copy_from_user(msg->text, crt->inputdata, crt->inputdatalength))
353 return -EFAULT;
354
355
356 size = zcrypt_type6_crt_key(crt, msg->text + crt->inputdatalength);
357 if (size < 0)
358 return size;
359 size += sizeof(*msg) + crt->inputdatalength;
360
361
362 msg->hdr = static_type6_hdrX;
363 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
364 msg->hdr.FromCardLen1 = CEXXC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
365
366 msg->cprbx = static_cprbx;
367 msg->cprbx.domain = AP_QID_QUEUE(zq->queue->qid);
368 msg->cprbx.req_parml = msg->cprbx.rpl_msgbl =
369 size - sizeof(msg->hdr) - sizeof(msg->cprbx);
370
371 msg->fr = static_pkd_fnr;
372
373 ap_msg->length = size;
374 return 0;
375 }
376
377
378
379
380
381
382
383
384
385
386 struct type86_fmt2_msg {
387 struct type86_hdr hdr;
388 struct type86_fmt2_ext fmt2;
389 } __packed;
390
391 static int XCRB_msg_to_type6CPRB_msgX(struct ap_message *ap_msg,
392 struct ica_xcRB *xcRB,
393 unsigned int *fcode,
394 unsigned short **dom)
395 {
396 static struct type6_hdr static_type6_hdrX = {
397 .type = 0x06,
398 .offset1 = 0x00000058,
399 };
400 struct {
401 struct type6_hdr hdr;
402 struct CPRBX cprbx;
403 } __packed * msg = ap_msg->message;
404
405 int rcblen = CEIL4(xcRB->request_control_blk_length);
406 int replylen, req_sumlen, resp_sumlen;
407 char *req_data = ap_msg->message + sizeof(struct type6_hdr) + rcblen;
408 char *function_code;
409
410 if (CEIL4(xcRB->request_control_blk_length) <
411 xcRB->request_control_blk_length)
412 return -EINVAL;
413
414
415 ap_msg->length = sizeof(struct type6_hdr) +
416 CEIL4(xcRB->request_control_blk_length) +
417 xcRB->request_data_length;
418 if (ap_msg->length > MSGTYPE06_MAX_MSG_SIZE)
419 return -EINVAL;
420
421
422
423
424
425 req_sumlen = CEIL4(xcRB->request_control_blk_length) +
426 xcRB->request_data_length;
427 if ((CEIL4(xcRB->request_control_blk_length) <=
428 xcRB->request_data_length) ?
429 (req_sumlen < xcRB->request_data_length) :
430 (req_sumlen < CEIL4(xcRB->request_control_blk_length))) {
431 return -EINVAL;
432 }
433
434 if (CEIL4(xcRB->reply_control_blk_length) <
435 xcRB->reply_control_blk_length)
436 return -EINVAL;
437
438 replylen = sizeof(struct type86_fmt2_msg) +
439 CEIL4(xcRB->reply_control_blk_length) +
440 xcRB->reply_data_length;
441 if (replylen > MSGTYPE06_MAX_MSG_SIZE)
442 return -EINVAL;
443
444
445
446
447
448 resp_sumlen = CEIL4(xcRB->reply_control_blk_length) +
449 xcRB->reply_data_length;
450 if ((CEIL4(xcRB->reply_control_blk_length) <= xcRB->reply_data_length) ?
451 (resp_sumlen < xcRB->reply_data_length) :
452 (resp_sumlen < CEIL4(xcRB->reply_control_blk_length))) {
453 return -EINVAL;
454 }
455
456
457 msg->hdr = static_type6_hdrX;
458 memcpy(msg->hdr.agent_id, &(xcRB->agent_ID), sizeof(xcRB->agent_ID));
459 msg->hdr.ToCardLen1 = xcRB->request_control_blk_length;
460 if (xcRB->request_data_length) {
461 msg->hdr.offset2 = msg->hdr.offset1 + rcblen;
462 msg->hdr.ToCardLen2 = xcRB->request_data_length;
463 }
464 msg->hdr.FromCardLen1 = xcRB->reply_control_blk_length;
465 msg->hdr.FromCardLen2 = xcRB->reply_data_length;
466
467
468 if (copy_from_user(&(msg->cprbx), xcRB->request_control_blk_addr,
469 xcRB->request_control_blk_length))
470 return -EFAULT;
471 if (msg->cprbx.cprb_len + sizeof(msg->hdr.function_code) >
472 xcRB->request_control_blk_length)
473 return -EINVAL;
474 function_code = ((unsigned char *)&msg->cprbx) + msg->cprbx.cprb_len;
475 memcpy(msg->hdr.function_code, function_code,
476 sizeof(msg->hdr.function_code));
477
478 *fcode = (msg->hdr.function_code[0] << 8) | msg->hdr.function_code[1];
479 *dom = (unsigned short *)&msg->cprbx.domain;
480
481 if (memcmp(function_code, "US", 2) == 0
482 || memcmp(function_code, "AU", 2) == 0)
483 ap_msg->special = 1;
484 else
485 ap_msg->special = 0;
486
487
488 if (xcRB->request_data_length &&
489 copy_from_user(req_data, xcRB->request_data_address,
490 xcRB->request_data_length))
491 return -EFAULT;
492
493 return 0;
494 }
495
496 static int xcrb_msg_to_type6_ep11cprb_msgx(struct ap_message *ap_msg,
497 struct ep11_urb *xcRB,
498 unsigned int *fcode)
499 {
500 unsigned int lfmt;
501 static struct type6_hdr static_type6_ep11_hdr = {
502 .type = 0x06,
503 .rqid = {0x00, 0x01},
504 .function_code = {0x00, 0x00},
505 .agent_id[0] = 0x58,
506 .agent_id[1] = 0x43,
507 .offset1 = 0x00000058,
508 };
509
510 struct {
511 struct type6_hdr hdr;
512 struct ep11_cprb cprbx;
513 unsigned char pld_tag;
514 unsigned char pld_lenfmt;
515 } __packed * msg = ap_msg->message;
516
517 struct pld_hdr {
518 unsigned char func_tag;
519 unsigned char func_len;
520 unsigned int func_val;
521 unsigned char dom_tag;
522 unsigned char dom_len;
523 unsigned int dom_val;
524 } __packed * payload_hdr = NULL;
525
526 if (CEIL4(xcRB->req_len) < xcRB->req_len)
527 return -EINVAL;
528
529
530 ap_msg->length = sizeof(struct type6_hdr) + xcRB->req_len;
531 if (CEIL4(xcRB->req_len) > MSGTYPE06_MAX_MSG_SIZE -
532 (sizeof(struct type6_hdr)))
533 return -EINVAL;
534
535 if (CEIL4(xcRB->resp_len) < xcRB->resp_len)
536 return -EINVAL;
537
538 if (CEIL4(xcRB->resp_len) > MSGTYPE06_MAX_MSG_SIZE -
539 (sizeof(struct type86_fmt2_msg)))
540 return -EINVAL;
541
542
543 msg->hdr = static_type6_ep11_hdr;
544 msg->hdr.ToCardLen1 = xcRB->req_len;
545 msg->hdr.FromCardLen1 = xcRB->resp_len;
546
547
548 if (copy_from_user(&(msg->cprbx.cprb_len),
549 (char __force __user *)xcRB->req, xcRB->req_len)) {
550 return -EFAULT;
551 }
552
553 if ((msg->pld_lenfmt & 0x80) == 0x80) {
554 switch (msg->pld_lenfmt & 0x03) {
555 case 1:
556 lfmt = 2;
557 break;
558 case 2:
559 lfmt = 3;
560 break;
561 default:
562 return -EINVAL;
563 }
564 } else {
565 lfmt = 1;
566 }
567 payload_hdr = (struct pld_hdr *)((&(msg->pld_lenfmt))+lfmt);
568 *fcode = payload_hdr->func_val & 0xFFFF;
569
570
571 if (msg->cprbx.flags & 0x20)
572 ap_msg->special = 1;
573
574 return 0;
575 }
576
577
578
579
580
581
582
583
584
585
586
587 struct type86x_reply {
588 struct type86_hdr hdr;
589 struct type86_fmt2_ext fmt2;
590 struct CPRBX cprbx;
591 unsigned char pad[4];
592 unsigned short length;
593 char text[0];
594 } __packed;
595
596 struct type86_ep11_reply {
597 struct type86_hdr hdr;
598 struct type86_fmt2_ext fmt2;
599 struct ep11_cprb cprbx;
600 } __packed;
601
602 static int convert_type86_ica(struct zcrypt_queue *zq,
603 struct ap_message *reply,
604 char __user *outputdata,
605 unsigned int outputdatalength)
606 {
607 static unsigned char static_pad[] = {
608 0x00, 0x02,
609 0x1B, 0x7B, 0x5D, 0xB5, 0x75, 0x01, 0x3D, 0xFD,
610 0x8D, 0xD1, 0xC7, 0x03, 0x2D, 0x09, 0x23, 0x57,
611 0x89, 0x49, 0xB9, 0x3F, 0xBB, 0x99, 0x41, 0x5B,
612 0x75, 0x21, 0x7B, 0x9D, 0x3B, 0x6B, 0x51, 0x39,
613 0xBB, 0x0D, 0x35, 0xB9, 0x89, 0x0F, 0x93, 0xA5,
614 0x0B, 0x47, 0xF1, 0xD3, 0xBB, 0xCB, 0xF1, 0x9D,
615 0x23, 0x73, 0x71, 0xFF, 0xF3, 0xF5, 0x45, 0xFB,
616 0x61, 0x29, 0x23, 0xFD, 0xF1, 0x29, 0x3F, 0x7F,
617 0x17, 0xB7, 0x1B, 0xA9, 0x19, 0xBD, 0x57, 0xA9,
618 0xD7, 0x95, 0xA3, 0xCB, 0xED, 0x1D, 0xDB, 0x45,
619 0x7D, 0x11, 0xD1, 0x51, 0x1B, 0xED, 0x71, 0xE9,
620 0xB1, 0xD1, 0xAB, 0xAB, 0x21, 0x2B, 0x1B, 0x9F,
621 0x3B, 0x9F, 0xF7, 0xF7, 0xBD, 0x63, 0xEB, 0xAD,
622 0xDF, 0xB3, 0x6F, 0x5B, 0xDB, 0x8D, 0xA9, 0x5D,
623 0xE3, 0x7D, 0x77, 0x49, 0x47, 0xF5, 0xA7, 0xFD,
624 0xAB, 0x2F, 0x27, 0x35, 0x77, 0xD3, 0x49, 0xC9,
625 0x09, 0xEB, 0xB1, 0xF9, 0xBF, 0x4B, 0xCB, 0x2B,
626 0xEB, 0xEB, 0x05, 0xFF, 0x7D, 0xC7, 0x91, 0x8B,
627 0x09, 0x83, 0xB9, 0xB9, 0x69, 0x33, 0x39, 0x6B,
628 0x79, 0x75, 0x19, 0xBF, 0xBB, 0x07, 0x1D, 0xBD,
629 0x29, 0xBF, 0x39, 0x95, 0x93, 0x1D, 0x35, 0xC7,
630 0xC9, 0x4D, 0xE5, 0x97, 0x0B, 0x43, 0x9B, 0xF1,
631 0x16, 0x93, 0x03, 0x1F, 0xA5, 0xFB, 0xDB, 0xF3,
632 0x27, 0x4F, 0x27, 0x61, 0x05, 0x1F, 0xB9, 0x23,
633 0x2F, 0xC3, 0x81, 0xA9, 0x23, 0x71, 0x55, 0x55,
634 0xEB, 0xED, 0x41, 0xE5, 0xF3, 0x11, 0xF1, 0x43,
635 0x69, 0x03, 0xBD, 0x0B, 0x37, 0x0F, 0x51, 0x8F,
636 0x0B, 0xB5, 0x89, 0x5B, 0x67, 0xA9, 0xD9, 0x4F,
637 0x01, 0xF9, 0x21, 0x77, 0x37, 0x73, 0x79, 0xC5,
638 0x7F, 0x51, 0xC1, 0xCF, 0x97, 0xA1, 0x75, 0xAD,
639 0x35, 0x9D, 0xD3, 0xD3, 0xA7, 0x9D, 0x5D, 0x41,
640 0x6F, 0x65, 0x1B, 0xCF, 0xA9, 0x87, 0x91, 0x09
641 };
642 struct type86x_reply *msg = reply->message;
643 unsigned short service_rc, service_rs;
644 unsigned int reply_len, pad_len;
645 char *data;
646
647 service_rc = msg->cprbx.ccp_rtcode;
648 if (unlikely(service_rc != 0)) {
649 service_rs = msg->cprbx.ccp_rscode;
650 if ((service_rc == 8 && service_rs == 66) ||
651 (service_rc == 8 && service_rs == 65) ||
652 (service_rc == 8 && service_rs == 72) ||
653 (service_rc == 8 && service_rs == 770) ||
654 (service_rc == 12 && service_rs == 769)) {
655 ZCRYPT_DBF(DBF_DEBUG,
656 "device=%02x.%04x rc/rs=%d/%d => rc=EINVAL\n",
657 AP_QID_CARD(zq->queue->qid),
658 AP_QID_QUEUE(zq->queue->qid),
659 (int) service_rc, (int) service_rs);
660 return -EINVAL;
661 }
662 zq->online = 0;
663 pr_err("Cryptographic device %02x.%04x failed and was set offline\n",
664 AP_QID_CARD(zq->queue->qid),
665 AP_QID_QUEUE(zq->queue->qid));
666 ZCRYPT_DBF(DBF_ERR,
667 "device=%02x.%04x rc/rs=%d/%d => online=0 rc=EAGAIN\n",
668 AP_QID_CARD(zq->queue->qid),
669 AP_QID_QUEUE(zq->queue->qid),
670 (int) service_rc, (int) service_rs);
671 return -EAGAIN;
672 }
673 data = msg->text;
674 reply_len = msg->length - 2;
675 if (reply_len > outputdatalength)
676 return -EINVAL;
677
678
679
680
681
682
683
684
685
686
687 pad_len = outputdatalength - reply_len;
688 if (pad_len > 0) {
689 if (pad_len < 10)
690 return -EINVAL;
691
692 if (copy_to_user(outputdata, static_pad, pad_len - 1))
693 return -EFAULT;
694 if (put_user(0, outputdata + pad_len - 1))
695 return -EFAULT;
696 }
697
698 if (copy_to_user(outputdata + pad_len, data, reply_len))
699 return -EFAULT;
700 return 0;
701 }
702
703
704
705
706
707
708
709
710
711
712 static int convert_type86_xcrb(struct zcrypt_queue *zq,
713 struct ap_message *reply,
714 struct ica_xcRB *xcRB)
715 {
716 struct type86_fmt2_msg *msg = reply->message;
717 char *data = reply->message;
718
719
720 if (copy_to_user(xcRB->reply_control_blk_addr,
721 data + msg->fmt2.offset1, msg->fmt2.count1))
722 return -EFAULT;
723 xcRB->reply_control_blk_length = msg->fmt2.count1;
724
725
726 if (msg->fmt2.count2)
727 if (copy_to_user(xcRB->reply_data_addr,
728 data + msg->fmt2.offset2, msg->fmt2.count2))
729 return -EFAULT;
730 xcRB->reply_data_length = msg->fmt2.count2;
731 return 0;
732 }
733
734
735
736
737
738
739
740
741
742
743 static int convert_type86_ep11_xcrb(struct zcrypt_queue *zq,
744 struct ap_message *reply,
745 struct ep11_urb *xcRB)
746 {
747 struct type86_fmt2_msg *msg = reply->message;
748 char *data = reply->message;
749
750 if (xcRB->resp_len < msg->fmt2.count1)
751 return -EINVAL;
752
753
754 if (copy_to_user((char __force __user *)xcRB->resp,
755 data + msg->fmt2.offset1, msg->fmt2.count1))
756 return -EFAULT;
757 xcRB->resp_len = msg->fmt2.count1;
758 return 0;
759 }
760
761 static int convert_type86_rng(struct zcrypt_queue *zq,
762 struct ap_message *reply,
763 char *buffer)
764 {
765 struct {
766 struct type86_hdr hdr;
767 struct type86_fmt2_ext fmt2;
768 struct CPRBX cprbx;
769 } __packed * msg = reply->message;
770 char *data = reply->message;
771
772 if (msg->cprbx.ccp_rtcode != 0 || msg->cprbx.ccp_rscode != 0)
773 return -EINVAL;
774 memcpy(buffer, data + msg->fmt2.offset2, msg->fmt2.count2);
775 return msg->fmt2.count2;
776 }
777
778 static int convert_response_ica(struct zcrypt_queue *zq,
779 struct ap_message *reply,
780 char __user *outputdata,
781 unsigned int outputdatalength)
782 {
783 struct type86x_reply *msg = reply->message;
784
785 switch (msg->hdr.type) {
786 case TYPE82_RSP_CODE:
787 case TYPE88_RSP_CODE:
788 return convert_error(zq, reply);
789 case TYPE86_RSP_CODE:
790 if (msg->cprbx.ccp_rtcode &&
791 (msg->cprbx.ccp_rscode == 0x14f) &&
792 (outputdatalength > 256)) {
793 if (zq->zcard->max_exp_bit_length <= 17) {
794 zq->zcard->max_exp_bit_length = 17;
795 return -EAGAIN;
796 } else
797 return -EINVAL;
798 }
799 if (msg->hdr.reply_code)
800 return convert_error(zq, reply);
801 if (msg->cprbx.cprb_ver_id == 0x02)
802 return convert_type86_ica(zq, reply,
803 outputdata, outputdatalength);
804
805 default:
806 zq->online = 0;
807 pr_err("Cryptographic device %02x.%04x failed and was set offline\n",
808 AP_QID_CARD(zq->queue->qid),
809 AP_QID_QUEUE(zq->queue->qid));
810 ZCRYPT_DBF(DBF_ERR,
811 "device=%02x.%04x rtype=0x%02x => online=0 rc=EAGAIN\n",
812 AP_QID_CARD(zq->queue->qid),
813 AP_QID_QUEUE(zq->queue->qid),
814 (int) msg->hdr.type);
815 return -EAGAIN;
816 }
817 }
818
819 static int convert_response_xcrb(struct zcrypt_queue *zq,
820 struct ap_message *reply,
821 struct ica_xcRB *xcRB)
822 {
823 struct type86x_reply *msg = reply->message;
824
825 switch (msg->hdr.type) {
826 case TYPE82_RSP_CODE:
827 case TYPE88_RSP_CODE:
828 xcRB->status = 0x0008044DL;
829 return convert_error(zq, reply);
830 case TYPE86_RSP_CODE:
831 if (msg->hdr.reply_code) {
832 memcpy(&(xcRB->status), msg->fmt2.apfs, sizeof(u32));
833 return convert_error(zq, reply);
834 }
835 if (msg->cprbx.cprb_ver_id == 0x02)
836 return convert_type86_xcrb(zq, reply, xcRB);
837
838 default:
839 xcRB->status = 0x0008044DL;
840 zq->online = 0;
841 pr_err("Cryptographic device %02x.%04x failed and was set offline\n",
842 AP_QID_CARD(zq->queue->qid),
843 AP_QID_QUEUE(zq->queue->qid));
844 ZCRYPT_DBF(DBF_ERR,
845 "device=%02x.%04x rtype=0x%02x => online=0 rc=EAGAIN\n",
846 AP_QID_CARD(zq->queue->qid),
847 AP_QID_QUEUE(zq->queue->qid),
848 (int) msg->hdr.type);
849 return -EAGAIN;
850 }
851 }
852
853 static int convert_response_ep11_xcrb(struct zcrypt_queue *zq,
854 struct ap_message *reply, struct ep11_urb *xcRB)
855 {
856 struct type86_ep11_reply *msg = reply->message;
857
858 switch (msg->hdr.type) {
859 case TYPE82_RSP_CODE:
860 case TYPE87_RSP_CODE:
861 return convert_error(zq, reply);
862 case TYPE86_RSP_CODE:
863 if (msg->hdr.reply_code)
864 return convert_error(zq, reply);
865 if (msg->cprbx.cprb_ver_id == 0x04)
866 return convert_type86_ep11_xcrb(zq, reply, xcRB);
867
868 default:
869 zq->online = 0;
870 pr_err("Cryptographic device %02x.%04x failed and was set offline\n",
871 AP_QID_CARD(zq->queue->qid),
872 AP_QID_QUEUE(zq->queue->qid));
873 ZCRYPT_DBF(DBF_ERR,
874 "device=%02x.%04x rtype=0x%02x => online=0 rc=EAGAIN\n",
875 AP_QID_CARD(zq->queue->qid),
876 AP_QID_QUEUE(zq->queue->qid),
877 (int) msg->hdr.type);
878 return -EAGAIN;
879 }
880 }
881
882 static int convert_response_rng(struct zcrypt_queue *zq,
883 struct ap_message *reply,
884 char *data)
885 {
886 struct type86x_reply *msg = reply->message;
887
888 switch (msg->hdr.type) {
889 case TYPE82_RSP_CODE:
890 case TYPE88_RSP_CODE:
891 return -EINVAL;
892 case TYPE86_RSP_CODE:
893 if (msg->hdr.reply_code)
894 return -EINVAL;
895 if (msg->cprbx.cprb_ver_id == 0x02)
896 return convert_type86_rng(zq, reply, data);
897
898 default:
899 zq->online = 0;
900 pr_err("Cryptographic device %02x.%04x failed and was set offline\n",
901 AP_QID_CARD(zq->queue->qid),
902 AP_QID_QUEUE(zq->queue->qid));
903 ZCRYPT_DBF(DBF_ERR,
904 "device=%02x.%04x rtype=0x%02x => online=0 rc=EAGAIN\n",
905 AP_QID_CARD(zq->queue->qid),
906 AP_QID_QUEUE(zq->queue->qid),
907 (int) msg->hdr.type);
908 return -EAGAIN;
909 }
910 }
911
912
913
914
915
916
917
918
919
920 static void zcrypt_msgtype6_receive(struct ap_queue *aq,
921 struct ap_message *msg,
922 struct ap_message *reply)
923 {
924 static struct error_hdr error_reply = {
925 .type = TYPE82_RSP_CODE,
926 .reply_code = REP82_ERROR_MACHINE_FAILURE,
927 };
928 struct response_type *resp_type =
929 (struct response_type *) msg->private;
930 struct type86x_reply *t86r;
931 int length;
932
933
934 if (!reply)
935 goto out;
936 t86r = reply->message;
937 if (t86r->hdr.type == TYPE86_RSP_CODE &&
938 t86r->cprbx.cprb_ver_id == 0x02) {
939 switch (resp_type->type) {
940 case CEXXC_RESPONSE_TYPE_ICA:
941 length = sizeof(struct type86x_reply)
942 + t86r->length - 2;
943 length = min(CEXXC_MAX_ICA_RESPONSE_SIZE, length);
944 memcpy(msg->message, reply->message, length);
945 break;
946 case CEXXC_RESPONSE_TYPE_XCRB:
947 length = t86r->fmt2.offset2 + t86r->fmt2.count2;
948 length = min(MSGTYPE06_MAX_MSG_SIZE, length);
949 memcpy(msg->message, reply->message, length);
950 break;
951 default:
952 memcpy(msg->message, &error_reply,
953 sizeof(error_reply));
954 }
955 } else
956 memcpy(msg->message, reply->message, sizeof(error_reply));
957 out:
958 complete(&(resp_type->work));
959 }
960
961
962
963
964
965
966
967
968
969 static void zcrypt_msgtype6_receive_ep11(struct ap_queue *aq,
970 struct ap_message *msg,
971 struct ap_message *reply)
972 {
973 static struct error_hdr error_reply = {
974 .type = TYPE82_RSP_CODE,
975 .reply_code = REP82_ERROR_MACHINE_FAILURE,
976 };
977 struct response_type *resp_type =
978 (struct response_type *)msg->private;
979 struct type86_ep11_reply *t86r;
980 int length;
981
982
983 if (!reply)
984 goto out;
985 t86r = reply->message;
986 if (t86r->hdr.type == TYPE86_RSP_CODE &&
987 t86r->cprbx.cprb_ver_id == 0x04) {
988 switch (resp_type->type) {
989 case CEXXC_RESPONSE_TYPE_EP11:
990 length = t86r->fmt2.offset1 + t86r->fmt2.count1;
991 length = min(MSGTYPE06_MAX_MSG_SIZE, length);
992 memcpy(msg->message, reply->message, length);
993 break;
994 default:
995 memcpy(msg->message, &error_reply, sizeof(error_reply));
996 }
997 } else {
998 memcpy(msg->message, reply->message, sizeof(error_reply));
999 }
1000 out:
1001 complete(&(resp_type->work));
1002 }
1003
1004 static atomic_t zcrypt_step = ATOMIC_INIT(0);
1005
1006
1007
1008
1009
1010
1011
1012
1013 static long zcrypt_msgtype6_modexpo(struct zcrypt_queue *zq,
1014 struct ica_rsa_modexpo *mex)
1015 {
1016 struct ap_message ap_msg;
1017 struct response_type resp_type = {
1018 .type = CEXXC_RESPONSE_TYPE_ICA,
1019 };
1020 int rc;
1021
1022 ap_init_message(&ap_msg);
1023 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
1024 if (!ap_msg.message)
1025 return -ENOMEM;
1026 ap_msg.receive = zcrypt_msgtype6_receive;
1027 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
1028 atomic_inc_return(&zcrypt_step);
1029 ap_msg.private = &resp_type;
1030 rc = ICAMEX_msg_to_type6MEX_msgX(zq, &ap_msg, mex);
1031 if (rc)
1032 goto out_free;
1033 init_completion(&resp_type.work);
1034 ap_queue_message(zq->queue, &ap_msg);
1035 rc = wait_for_completion_interruptible(&resp_type.work);
1036 if (rc == 0) {
1037 rc = ap_msg.rc;
1038 if (rc == 0)
1039 rc = convert_response_ica(zq, &ap_msg,
1040 mex->outputdata,
1041 mex->outputdatalength);
1042 } else
1043
1044 ap_cancel_message(zq->queue, &ap_msg);
1045 out_free:
1046 free_page((unsigned long) ap_msg.message);
1047 return rc;
1048 }
1049
1050
1051
1052
1053
1054
1055
1056
1057 static long zcrypt_msgtype6_modexpo_crt(struct zcrypt_queue *zq,
1058 struct ica_rsa_modexpo_crt *crt)
1059 {
1060 struct ap_message ap_msg;
1061 struct response_type resp_type = {
1062 .type = CEXXC_RESPONSE_TYPE_ICA,
1063 };
1064 int rc;
1065
1066 ap_init_message(&ap_msg);
1067 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
1068 if (!ap_msg.message)
1069 return -ENOMEM;
1070 ap_msg.receive = zcrypt_msgtype6_receive;
1071 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
1072 atomic_inc_return(&zcrypt_step);
1073 ap_msg.private = &resp_type;
1074 rc = ICACRT_msg_to_type6CRT_msgX(zq, &ap_msg, crt);
1075 if (rc)
1076 goto out_free;
1077 init_completion(&resp_type.work);
1078 ap_queue_message(zq->queue, &ap_msg);
1079 rc = wait_for_completion_interruptible(&resp_type.work);
1080 if (rc == 0) {
1081 rc = ap_msg.rc;
1082 if (rc == 0)
1083 rc = convert_response_ica(zq, &ap_msg,
1084 crt->outputdata,
1085 crt->outputdatalength);
1086 } else {
1087
1088 ap_cancel_message(zq->queue, &ap_msg);
1089 }
1090 out_free:
1091 free_page((unsigned long) ap_msg.message);
1092 return rc;
1093 }
1094
1095
1096
1097
1098
1099
1100
1101
1102 unsigned int get_cprb_fc(struct ica_xcRB *xcRB,
1103 struct ap_message *ap_msg,
1104 unsigned int *func_code, unsigned short **dom)
1105 {
1106 struct response_type resp_type = {
1107 .type = CEXXC_RESPONSE_TYPE_XCRB,
1108 };
1109
1110 ap_msg->message = kmalloc(MSGTYPE06_MAX_MSG_SIZE, GFP_KERNEL);
1111 if (!ap_msg->message)
1112 return -ENOMEM;
1113 ap_msg->receive = zcrypt_msgtype6_receive;
1114 ap_msg->psmid = (((unsigned long long) current->pid) << 32) +
1115 atomic_inc_return(&zcrypt_step);
1116 ap_msg->private = kmemdup(&resp_type, sizeof(resp_type), GFP_KERNEL);
1117 if (!ap_msg->private)
1118 return -ENOMEM;
1119 return XCRB_msg_to_type6CPRB_msgX(ap_msg, xcRB, func_code, dom);
1120 }
1121
1122
1123
1124
1125
1126
1127
1128
1129 static long zcrypt_msgtype6_send_cprb(struct zcrypt_queue *zq,
1130 struct ica_xcRB *xcRB,
1131 struct ap_message *ap_msg)
1132 {
1133 int rc;
1134 struct response_type *rtype = (struct response_type *)(ap_msg->private);
1135
1136 init_completion(&rtype->work);
1137 ap_queue_message(zq->queue, ap_msg);
1138 rc = wait_for_completion_interruptible(&rtype->work);
1139 if (rc == 0) {
1140 rc = ap_msg->rc;
1141 if (rc == 0)
1142 rc = convert_response_xcrb(zq, ap_msg, xcRB);
1143 } else
1144
1145 ap_cancel_message(zq->queue, ap_msg);
1146
1147 return rc;
1148 }
1149
1150
1151
1152
1153
1154
1155
1156
1157 unsigned int get_ep11cprb_fc(struct ep11_urb *xcrb,
1158 struct ap_message *ap_msg,
1159 unsigned int *func_code)
1160 {
1161 struct response_type resp_type = {
1162 .type = CEXXC_RESPONSE_TYPE_EP11,
1163 };
1164
1165 ap_msg->message = kmalloc(MSGTYPE06_MAX_MSG_SIZE, GFP_KERNEL);
1166 if (!ap_msg->message)
1167 return -ENOMEM;
1168 ap_msg->receive = zcrypt_msgtype6_receive_ep11;
1169 ap_msg->psmid = (((unsigned long long) current->pid) << 32) +
1170 atomic_inc_return(&zcrypt_step);
1171 ap_msg->private = kmemdup(&resp_type, sizeof(resp_type), GFP_KERNEL);
1172 if (!ap_msg->private)
1173 return -ENOMEM;
1174 return xcrb_msg_to_type6_ep11cprb_msgx(ap_msg, xcrb, func_code);
1175 }
1176
1177
1178
1179
1180
1181
1182
1183
1184 static long zcrypt_msgtype6_send_ep11_cprb(struct zcrypt_queue *zq,
1185 struct ep11_urb *xcrb,
1186 struct ap_message *ap_msg)
1187 {
1188 int rc;
1189 unsigned int lfmt;
1190 struct response_type *rtype = (struct response_type *)(ap_msg->private);
1191 struct {
1192 struct type6_hdr hdr;
1193 struct ep11_cprb cprbx;
1194 unsigned char pld_tag;
1195 unsigned char pld_lenfmt;
1196 } __packed * msg = ap_msg->message;
1197 struct pld_hdr {
1198 unsigned char func_tag;
1199 unsigned char func_len;
1200 unsigned int func_val;
1201 unsigned char dom_tag;
1202 unsigned char dom_len;
1203 unsigned int dom_val;
1204 } __packed * payload_hdr = NULL;
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215 if (!((msg->cprbx.flags & 0x80) == 0x80)) {
1216 msg->cprbx.target_id = (unsigned int)
1217 AP_QID_QUEUE(zq->queue->qid);
1218
1219 if ((msg->pld_lenfmt & 0x80) == 0x80) {
1220 switch (msg->pld_lenfmt & 0x03) {
1221 case 1:
1222 lfmt = 2;
1223 break;
1224 case 2:
1225 lfmt = 3;
1226 break;
1227 default:
1228 return -EINVAL;
1229 }
1230 } else {
1231 lfmt = 1;
1232 }
1233 payload_hdr = (struct pld_hdr *)((&(msg->pld_lenfmt))+lfmt);
1234 payload_hdr->dom_val = (unsigned int)
1235 AP_QID_QUEUE(zq->queue->qid);
1236 }
1237
1238 init_completion(&rtype->work);
1239 ap_queue_message(zq->queue, ap_msg);
1240 rc = wait_for_completion_interruptible(&rtype->work);
1241 if (rc == 0) {
1242 rc = ap_msg->rc;
1243 if (rc == 0)
1244 rc = convert_response_ep11_xcrb(zq, ap_msg, xcrb);
1245 } else
1246
1247 ap_cancel_message(zq->queue, ap_msg);
1248
1249 return rc;
1250 }
1251
1252 unsigned int get_rng_fc(struct ap_message *ap_msg, int *func_code,
1253 unsigned int *domain)
1254 {
1255 struct response_type resp_type = {
1256 .type = CEXXC_RESPONSE_TYPE_XCRB,
1257 };
1258
1259 ap_msg->message = kmalloc(MSGTYPE06_MAX_MSG_SIZE, GFP_KERNEL);
1260 if (!ap_msg->message)
1261 return -ENOMEM;
1262 ap_msg->receive = zcrypt_msgtype6_receive;
1263 ap_msg->psmid = (((unsigned long long) current->pid) << 32) +
1264 atomic_inc_return(&zcrypt_step);
1265 ap_msg->private = kmemdup(&resp_type, sizeof(resp_type), GFP_KERNEL);
1266 if (!ap_msg->private)
1267 return -ENOMEM;
1268
1269 rng_type6CPRB_msgX(ap_msg, ZCRYPT_RNG_BUFFER_SIZE, domain);
1270
1271 *func_code = HWRNG;
1272 return 0;
1273 }
1274
1275
1276
1277
1278
1279
1280
1281
1282 static long zcrypt_msgtype6_rng(struct zcrypt_queue *zq,
1283 char *buffer, struct ap_message *ap_msg)
1284 {
1285 struct {
1286 struct type6_hdr hdr;
1287 struct CPRBX cprbx;
1288 char function_code[2];
1289 short int rule_length;
1290 char rule[8];
1291 short int verb_length;
1292 short int key_length;
1293 } __packed * msg = ap_msg->message;
1294 struct response_type *rtype = (struct response_type *)(ap_msg->private);
1295 int rc;
1296
1297 msg->cprbx.domain = AP_QID_QUEUE(zq->queue->qid);
1298
1299 init_completion(&rtype->work);
1300 ap_queue_message(zq->queue, ap_msg);
1301 rc = wait_for_completion_interruptible(&rtype->work);
1302 if (rc == 0) {
1303 rc = ap_msg->rc;
1304 if (rc == 0)
1305 rc = convert_response_rng(zq, ap_msg, buffer);
1306 } else
1307
1308 ap_cancel_message(zq->queue, ap_msg);
1309
1310 return rc;
1311 }
1312
1313
1314
1315
1316 static struct zcrypt_ops zcrypt_msgtype6_norng_ops = {
1317 .owner = THIS_MODULE,
1318 .name = MSGTYPE06_NAME,
1319 .variant = MSGTYPE06_VARIANT_NORNG,
1320 .rsa_modexpo = zcrypt_msgtype6_modexpo,
1321 .rsa_modexpo_crt = zcrypt_msgtype6_modexpo_crt,
1322 .send_cprb = zcrypt_msgtype6_send_cprb,
1323 };
1324
1325 static struct zcrypt_ops zcrypt_msgtype6_ops = {
1326 .owner = THIS_MODULE,
1327 .name = MSGTYPE06_NAME,
1328 .variant = MSGTYPE06_VARIANT_DEFAULT,
1329 .rsa_modexpo = zcrypt_msgtype6_modexpo,
1330 .rsa_modexpo_crt = zcrypt_msgtype6_modexpo_crt,
1331 .send_cprb = zcrypt_msgtype6_send_cprb,
1332 .rng = zcrypt_msgtype6_rng,
1333 };
1334
1335 static struct zcrypt_ops zcrypt_msgtype6_ep11_ops = {
1336 .owner = THIS_MODULE,
1337 .name = MSGTYPE06_NAME,
1338 .variant = MSGTYPE06_VARIANT_EP11,
1339 .rsa_modexpo = NULL,
1340 .rsa_modexpo_crt = NULL,
1341 .send_ep11_cprb = zcrypt_msgtype6_send_ep11_cprb,
1342 };
1343
1344 void __init zcrypt_msgtype6_init(void)
1345 {
1346 zcrypt_msgtype_register(&zcrypt_msgtype6_norng_ops);
1347 zcrypt_msgtype_register(&zcrypt_msgtype6_ops);
1348 zcrypt_msgtype_register(&zcrypt_msgtype6_ep11_ops);
1349 }
1350
1351 void __exit zcrypt_msgtype6_exit(void)
1352 {
1353 zcrypt_msgtype_unregister(&zcrypt_msgtype6_norng_ops);
1354 zcrypt_msgtype_unregister(&zcrypt_msgtype6_ops);
1355 zcrypt_msgtype_unregister(&zcrypt_msgtype6_ep11_ops);
1356 }