2 * linux/drivers/s390/crypto/zcrypt_pcixcc.c
6 * Copyright (C) 2001, 2006 IBM Corporation
7 * Author(s): Robert Burroughs
8 * Eric Rossman (edrossma@us.ibm.com)
10 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
11 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
12 * Ralph Wuerthner <rwuerthn@de.ibm.com>
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2, or (at your option)
19 * This program is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with this program; if not, write to the Free Software
26 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #include <linux/module.h>
30 #include <linux/init.h>
31 #include <linux/err.h>
32 #include <linux/delay.h>
33 #include <asm/atomic.h>
34 #include <asm/uaccess.h>
37 #include "zcrypt_api.h"
38 #include "zcrypt_error.h"
39 #include "zcrypt_pcicc.h"
40 #include "zcrypt_pcixcc.h"
41 #include "zcrypt_cca_key.h"
43 #define PCIXCC_MIN_MOD_SIZE 16 /* 128 bits */
44 #define PCIXCC_MIN_MOD_SIZE_OLD 64 /* 512 bits */
45 #define PCIXCC_MAX_MOD_SIZE 256 /* 2048 bits */
47 #define PCIXCC_MCL2_SPEED_RATING 7870 /* FIXME: needs finetuning */
48 #define PCIXCC_MCL3_SPEED_RATING 7870
49 #define CEX2C_SPEED_RATING 8540
51 #define PCIXCC_MAX_ICA_MESSAGE_SIZE 0x77c /* max size type6 v2 crt message */
52 #define PCIXCC_MAX_ICA_RESPONSE_SIZE 0x77c /* max size type86 v2 reply */
54 #define PCIXCC_MAX_XCRB_MESSAGE_SIZE (12*1024)
55 #define PCIXCC_MAX_XCRB_RESPONSE_SIZE PCIXCC_MAX_XCRB_MESSAGE_SIZE
56 #define PCIXCC_MAX_XCRB_DATA_SIZE (11*1024)
57 #define PCIXCC_MAX_XCRB_REPLY_SIZE (5*1024)
59 #define PCIXCC_MAX_RESPONSE_SIZE PCIXCC_MAX_XCRB_RESPONSE_SIZE
61 #define PCIXCC_CLEANUP_TIME (15*HZ)
63 #define CEIL4(x) ((((x)+3)/4)*4)
65 struct response_type {
66 struct completion work;
69 #define PCIXCC_RESPONSE_TYPE_ICA 0
70 #define PCIXCC_RESPONSE_TYPE_XCRB 1
72 static struct ap_device_id zcrypt_pcixcc_ids[] = {
73 { AP_DEVICE(AP_DEVICE_TYPE_PCIXCC) },
74 { AP_DEVICE(AP_DEVICE_TYPE_CEX2C) },
75 { /* end of list */ },
78 #ifndef CONFIG_ZCRYPT_MONOLITHIC
79 MODULE_DEVICE_TABLE(ap, zcrypt_pcixcc_ids);
80 MODULE_AUTHOR("IBM Corporation");
81 MODULE_DESCRIPTION("PCIXCC Cryptographic Coprocessor device driver, "
82 "Copyright 2001, 2006 IBM Corporation");
83 MODULE_LICENSE("GPL");
86 static int zcrypt_pcixcc_probe(struct ap_device *ap_dev);
87 static void zcrypt_pcixcc_remove(struct ap_device *ap_dev);
88 static void zcrypt_pcixcc_receive(struct ap_device *, struct ap_message *,
91 static struct ap_driver zcrypt_pcixcc_driver = {
92 .probe = zcrypt_pcixcc_probe,
93 .remove = zcrypt_pcixcc_remove,
94 .receive = zcrypt_pcixcc_receive,
95 .ids = zcrypt_pcixcc_ids,
96 .request_timeout = PCIXCC_CLEANUP_TIME,
100 * The following is used to initialize the CPRBX passed to the PCIXCC/CEX2C
101 * card in a type6 message. The 3 fields that must be filled in at execution
102 * time are req_parml, rpl_parml and usage_domain.
103 * Everything about this interface is ascii/big-endian, since the
104 * device does *not* have 'Intel inside'.
106 * The CPRBX is followed immediately by the parm block.
107 * The parm block contains:
108 * - function code ('PD' 0x5044 or 'PK' 0x504B)
109 * - rule block (one of:)
110 * + 0x000A 'PKCS-1.2' (MCL2 'PD')
111 * + 0x000A 'ZERO-PAD' (MCL2 'PK')
112 * + 0x000A 'ZERO-PAD' (MCL3 'PD' or CEX2C 'PD')
113 * + 0x000A 'MRP ' (MCL3 'PK' or CEX2C 'PK')
116 static struct CPRBX static_cprbx = {
119 .func_id = {0x54,0x32},
123 * Convert a ICAMEX message to a type6 MEX message.
125 * @zdev: crypto device pointer
126 * @ap_msg: pointer to AP message
127 * @mex: pointer to user input data
129 * Returns 0 on success or -EFAULT.
131 static int ICAMEX_msg_to_type6MEX_msgX(struct zcrypt_device *zdev,
132 struct ap_message *ap_msg,
133 struct ica_rsa_modexpo *mex)
135 static struct type6_hdr static_type6_hdrX = {
137 .offset1 = 0x00000058,
138 .agent_id = {'C','A',},
139 .function_code = {'P','K'},
141 static struct function_and_rules_block static_pke_fnr = {
142 .function_code = {'P','K'},
144 .only_rule = {'M','R','P',' ',' ',' ',' ',' '}
146 static struct function_and_rules_block static_pke_fnr_MCL2 = {
147 .function_code = {'P','K'},
149 .only_rule = {'Z','E','R','O','-','P','A','D'}
152 struct type6_hdr hdr;
154 struct function_and_rules_block fr;
155 unsigned short length;
157 } __attribute__((packed)) *msg = ap_msg->message;
161 msg->length = mex->inputdatalength + 2;
162 if (copy_from_user(msg->text, mex->inputdata, mex->inputdatalength))
165 /* Set up key which is located after the variable length text. */
166 size = zcrypt_type6_mex_key_en(mex, msg->text+mex->inputdatalength, 1);
169 size += sizeof(*msg) + mex->inputdatalength;
171 /* message header, cprbx and f&r */
172 msg->hdr = static_type6_hdrX;
173 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
174 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
176 msg->cprbx = static_cprbx;
177 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
178 msg->cprbx.rpl_msgbl = msg->hdr.FromCardLen1;
180 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
181 static_pke_fnr_MCL2 : static_pke_fnr;
183 msg->cprbx.req_parml = size - sizeof(msg->hdr) - sizeof(msg->cprbx);
185 ap_msg->length = size;
190 * Convert a ICACRT message to a type6 CRT message.
192 * @zdev: crypto device pointer
193 * @ap_msg: pointer to AP message
194 * @crt: pointer to user input data
196 * Returns 0 on success or -EFAULT.
198 static int ICACRT_msg_to_type6CRT_msgX(struct zcrypt_device *zdev,
199 struct ap_message *ap_msg,
200 struct ica_rsa_modexpo_crt *crt)
202 static struct type6_hdr static_type6_hdrX = {
204 .offset1 = 0x00000058,
205 .agent_id = {'C','A',},
206 .function_code = {'P','D'},
208 static struct function_and_rules_block static_pkd_fnr = {
209 .function_code = {'P','D'},
211 .only_rule = {'Z','E','R','O','-','P','A','D'}
214 static struct function_and_rules_block static_pkd_fnr_MCL2 = {
215 .function_code = {'P','D'},
217 .only_rule = {'P','K','C','S','-','1','.','2'}
220 struct type6_hdr hdr;
222 struct function_and_rules_block fr;
223 unsigned short length;
225 } __attribute__((packed)) *msg = ap_msg->message;
229 msg->length = crt->inputdatalength + 2;
230 if (copy_from_user(msg->text, crt->inputdata, crt->inputdatalength))
233 /* Set up key which is located after the variable length text. */
234 size = zcrypt_type6_crt_key(crt, msg->text + crt->inputdatalength, 1);
237 size += sizeof(*msg) + crt->inputdatalength; /* total size of msg */
239 /* message header, cprbx and f&r */
240 msg->hdr = static_type6_hdrX;
241 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
242 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
244 msg->cprbx = static_cprbx;
245 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
246 msg->cprbx.req_parml = msg->cprbx.rpl_msgbl =
247 size - sizeof(msg->hdr) - sizeof(msg->cprbx);
249 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
250 static_pkd_fnr_MCL2 : static_pkd_fnr;
252 ap_msg->length = size;
257 * Convert a XCRB message to a type6 CPRB message.
259 * @zdev: crypto device pointer
260 * @ap_msg: pointer to AP message
261 * @xcRB: pointer to user input data
263 * Returns 0 on success or -EFAULT.
265 struct type86_fmt2_msg {
266 struct type86_hdr hdr;
267 struct type86_fmt2_ext fmt2;
268 } __attribute__((packed));
270 static int XCRB_msg_to_type6CPRB_msgX(struct zcrypt_device *zdev,
271 struct ap_message *ap_msg,
272 struct ica_xcRB *xcRB)
274 static struct type6_hdr static_type6_hdrX = {
276 .offset1 = 0x00000058,
279 struct type6_hdr hdr;
281 } __attribute__((packed)) *msg = ap_msg->message;
283 int rcblen = CEIL4(xcRB->request_control_blk_length);
285 char *req_data = ap_msg->message + sizeof(struct type6_hdr) + rcblen;
289 ap_msg->length = sizeof(struct type6_hdr) +
290 CEIL4(xcRB->request_control_blk_length) +
291 xcRB->request_data_length;
292 if (ap_msg->length > PCIXCC_MAX_XCRB_MESSAGE_SIZE) {
293 PRINTK("Combined message is too large (%ld/%d/%d).\n",
294 sizeof(struct type6_hdr),
295 xcRB->request_control_blk_length,
296 xcRB->request_data_length);
299 if (CEIL4(xcRB->reply_control_blk_length) >
300 PCIXCC_MAX_XCRB_REPLY_SIZE) {
301 PDEBUG("Reply CPRB length is too large (%d).\n",
302 xcRB->request_control_blk_length);
305 if (CEIL4(xcRB->reply_data_length) > PCIXCC_MAX_XCRB_DATA_SIZE) {
306 PDEBUG("Reply data block length is too large (%d).\n",
307 xcRB->reply_data_length);
310 replylen = CEIL4(xcRB->reply_control_blk_length) +
311 CEIL4(xcRB->reply_data_length) +
312 sizeof(struct type86_fmt2_msg);
313 if (replylen > PCIXCC_MAX_XCRB_RESPONSE_SIZE) {
314 PDEBUG("Reply CPRB + data block > PCIXCC_MAX_XCRB_RESPONSE_SIZE"
316 sizeof(struct type86_fmt2_msg),
317 xcRB->reply_control_blk_length,
318 xcRB->reply_data_length);
319 xcRB->reply_control_blk_length = PCIXCC_MAX_XCRB_RESPONSE_SIZE -
320 (sizeof(struct type86_fmt2_msg) +
321 CEIL4(xcRB->reply_data_length));
322 PDEBUG("Capping Reply CPRB length at %d\n",
323 xcRB->reply_control_blk_length);
326 /* prepare type6 header */
327 msg->hdr = static_type6_hdrX;
328 memcpy(msg->hdr.agent_id , &(xcRB->agent_ID), sizeof(xcRB->agent_ID));
329 msg->hdr.ToCardLen1 = xcRB->request_control_blk_length;
330 if (xcRB->request_data_length) {
331 msg->hdr.offset2 = msg->hdr.offset1 + rcblen;
332 msg->hdr.ToCardLen2 = xcRB->request_data_length;
334 msg->hdr.FromCardLen1 = xcRB->reply_control_blk_length;
335 msg->hdr.FromCardLen2 = xcRB->reply_data_length;
338 if (copy_from_user(&(msg->cprbx), xcRB->request_control_blk_addr,
339 xcRB->request_control_blk_length))
341 if (msg->cprbx.cprb_len + sizeof(msg->hdr.function_code) >
342 xcRB->request_control_blk_length) {
343 PDEBUG("cprb_len too large (%d/%d)\n", msg->cprbx.cprb_len,
344 xcRB->request_control_blk_length);
347 function_code = ((unsigned char *)&msg->cprbx) + msg->cprbx.cprb_len;
348 memcpy(msg->hdr.function_code, function_code, sizeof(msg->hdr.function_code));
350 /* copy data block */
351 if (xcRB->request_data_length &&
352 copy_from_user(req_data, xcRB->request_data_address,
353 xcRB->request_data_length))
359 * Prepare a type6 CPRB message for random number generation
361 * @ap_dev: AP device pointer
362 * @ap_msg: pointer to AP message
364 static void rng_type6CPRB_msgX(struct ap_device *ap_dev,
365 struct ap_message *ap_msg,
366 unsigned random_number_length)
369 struct type6_hdr hdr;
371 char function_code[2];
372 short int rule_length;
374 short int verb_length;
375 short int key_length;
376 } __attribute__((packed)) *msg = ap_msg->message;
377 static struct type6_hdr static_type6_hdrX = {
379 .offset1 = 0x00000058,
380 .agent_id = {'C', 'A'},
381 .function_code = {'R', 'L'},
382 .ToCardLen1 = sizeof *msg - sizeof(msg->hdr),
383 .FromCardLen1 = sizeof *msg - sizeof(msg->hdr),
385 static struct CPRBX static_cprbx = {
388 .func_id = {0x54, 0x32},
389 .req_parml = sizeof *msg - sizeof(msg->hdr) -
391 .rpl_msgbl = sizeof *msg - sizeof(msg->hdr),
394 msg->hdr = static_type6_hdrX;
395 msg->hdr.FromCardLen2 = random_number_length,
396 msg->cprbx = static_cprbx;
397 msg->cprbx.rpl_datal = random_number_length,
398 msg->cprbx.domain = AP_QID_QUEUE(ap_dev->qid);
399 memcpy(msg->function_code, msg->hdr.function_code, 0x02);
400 msg->rule_length = 0x0a;
401 memcpy(msg->rule, "RANDOM ", 8);
402 msg->verb_length = 0x02;
403 msg->key_length = 0x02;
404 ap_msg->length = sizeof *msg;
408 * Copy results from a type 86 ICA reply message back to user space.
410 * @zdev: crypto device pointer
411 * @reply: reply AP message.
412 * @data: pointer to user output data
413 * @length: size of user output data
415 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
417 struct type86x_reply {
418 struct type86_hdr hdr;
419 struct type86_fmt2_ext fmt2;
421 unsigned char pad[4]; /* 4 byte function code/rules block ? */
422 unsigned short length;
424 } __attribute__((packed));
426 static int convert_type86_ica(struct zcrypt_device *zdev,
427 struct ap_message *reply,
428 char __user *outputdata,
429 unsigned int outputdatalength)
431 static unsigned char static_pad[] = {
433 0x1B,0x7B,0x5D,0xB5,0x75,0x01,0x3D,0xFD,
434 0x8D,0xD1,0xC7,0x03,0x2D,0x09,0x23,0x57,
435 0x89,0x49,0xB9,0x3F,0xBB,0x99,0x41,0x5B,
436 0x75,0x21,0x7B,0x9D,0x3B,0x6B,0x51,0x39,
437 0xBB,0x0D,0x35,0xB9,0x89,0x0F,0x93,0xA5,
438 0x0B,0x47,0xF1,0xD3,0xBB,0xCB,0xF1,0x9D,
439 0x23,0x73,0x71,0xFF,0xF3,0xF5,0x45,0xFB,
440 0x61,0x29,0x23,0xFD,0xF1,0x29,0x3F,0x7F,
441 0x17,0xB7,0x1B,0xA9,0x19,0xBD,0x57,0xA9,
442 0xD7,0x95,0xA3,0xCB,0xED,0x1D,0xDB,0x45,
443 0x7D,0x11,0xD1,0x51,0x1B,0xED,0x71,0xE9,
444 0xB1,0xD1,0xAB,0xAB,0x21,0x2B,0x1B,0x9F,
445 0x3B,0x9F,0xF7,0xF7,0xBD,0x63,0xEB,0xAD,
446 0xDF,0xB3,0x6F,0x5B,0xDB,0x8D,0xA9,0x5D,
447 0xE3,0x7D,0x77,0x49,0x47,0xF5,0xA7,0xFD,
448 0xAB,0x2F,0x27,0x35,0x77,0xD3,0x49,0xC9,
449 0x09,0xEB,0xB1,0xF9,0xBF,0x4B,0xCB,0x2B,
450 0xEB,0xEB,0x05,0xFF,0x7D,0xC7,0x91,0x8B,
451 0x09,0x83,0xB9,0xB9,0x69,0x33,0x39,0x6B,
452 0x79,0x75,0x19,0xBF,0xBB,0x07,0x1D,0xBD,
453 0x29,0xBF,0x39,0x95,0x93,0x1D,0x35,0xC7,
454 0xC9,0x4D,0xE5,0x97,0x0B,0x43,0x9B,0xF1,
455 0x16,0x93,0x03,0x1F,0xA5,0xFB,0xDB,0xF3,
456 0x27,0x4F,0x27,0x61,0x05,0x1F,0xB9,0x23,
457 0x2F,0xC3,0x81,0xA9,0x23,0x71,0x55,0x55,
458 0xEB,0xED,0x41,0xE5,0xF3,0x11,0xF1,0x43,
459 0x69,0x03,0xBD,0x0B,0x37,0x0F,0x51,0x8F,
460 0x0B,0xB5,0x89,0x5B,0x67,0xA9,0xD9,0x4F,
461 0x01,0xF9,0x21,0x77,0x37,0x73,0x79,0xC5,
462 0x7F,0x51,0xC1,0xCF,0x97,0xA1,0x75,0xAD,
463 0x35,0x9D,0xD3,0xD3,0xA7,0x9D,0x5D,0x41,
464 0x6F,0x65,0x1B,0xCF,0xA9,0x87,0x91,0x09
466 struct type86x_reply *msg = reply->message;
467 unsigned short service_rc, service_rs;
468 unsigned int reply_len, pad_len;
471 service_rc = msg->cprbx.ccp_rtcode;
472 if (unlikely(service_rc != 0)) {
473 service_rs = msg->cprbx.ccp_rscode;
474 if (service_rc == 8 && service_rs == 66) {
475 PDEBUG("Bad block format on PCIXCC/CEX2C\n");
478 if (service_rc == 8 && service_rs == 65) {
479 PDEBUG("Probably an even modulus on PCIXCC/CEX2C\n");
482 if (service_rc == 8 && service_rs == 770) {
483 PDEBUG("Invalid key length on PCIXCC/CEX2C\n");
486 if (service_rc == 8 && service_rs == 783) {
487 PDEBUG("Extended bitlengths not enabled on PCIXCC/CEX2C\n");
488 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
491 if (service_rc == 12 && service_rs == 769) {
492 PDEBUG("Invalid key on PCIXCC/CEX2C\n");
495 PRINTK("Unknown service rc/rs (PCIXCC/CEX2C): %d/%d\n",
496 service_rc, service_rs);
498 return -EAGAIN; /* repeat the request on a different device. */
501 reply_len = msg->length - 2;
502 if (reply_len > outputdatalength)
505 * For all encipher requests, the length of the ciphertext (reply_len)
506 * will always equal the modulus length. For MEX decipher requests
507 * the output needs to get padded. Minimum pad size is 10.
509 * Currently, the cases where padding will be added is for:
510 * - PCIXCC_MCL2 using a CRT form token (since PKD didn't support
511 * ZERO-PAD and CRT is only supported for PKD requests)
514 pad_len = outputdatalength - reply_len;
518 /* 'restore' padding left in the PCICC/PCIXCC card. */
519 if (copy_to_user(outputdata, static_pad, pad_len - 1))
521 if (put_user(0, outputdata + pad_len - 1))
524 /* Copy the crypto response to user space. */
525 if (copy_to_user(outputdata + pad_len, data, reply_len))
531 * Copy results from a type 86 XCRB reply message back to user space.
533 * @zdev: crypto device pointer
534 * @reply: reply AP message.
535 * @xcRB: pointer to XCRB
537 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
539 static int convert_type86_xcrb(struct zcrypt_device *zdev,
540 struct ap_message *reply,
541 struct ica_xcRB *xcRB)
543 struct type86_fmt2_msg *msg = reply->message;
544 char *data = reply->message;
546 /* Copy CPRB to user */
547 if (copy_to_user(xcRB->reply_control_blk_addr,
548 data + msg->fmt2.offset1, msg->fmt2.count1))
550 xcRB->reply_control_blk_length = msg->fmt2.count1;
552 /* Copy data buffer to user */
553 if (msg->fmt2.count2)
554 if (copy_to_user(xcRB->reply_data_addr,
555 data + msg->fmt2.offset2, msg->fmt2.count2))
557 xcRB->reply_data_length = msg->fmt2.count2;
561 static int convert_type86_rng(struct zcrypt_device *zdev,
562 struct ap_message *reply,
566 struct type86_hdr hdr;
567 struct type86_fmt2_ext fmt2;
569 } __attribute__((packed)) *msg = reply->message;
570 char *data = reply->message;
572 if (msg->cprbx.ccp_rtcode != 0 || msg->cprbx.ccp_rscode != 0) {
573 PDEBUG("RNG response error on PCIXCC/CEX2C rc=%hu/rs=%hu\n",
577 memcpy(buffer, data + msg->fmt2.offset2, msg->fmt2.count2);
578 return msg->fmt2.count2;
581 static int convert_response_ica(struct zcrypt_device *zdev,
582 struct ap_message *reply,
583 char __user *outputdata,
584 unsigned int outputdatalength)
586 struct type86x_reply *msg = reply->message;
588 /* Response type byte is the second byte in the response. */
589 switch (((unsigned char *) reply->message)[1]) {
590 case TYPE82_RSP_CODE:
591 case TYPE88_RSP_CODE:
592 return convert_error(zdev, reply);
593 case TYPE86_RSP_CODE:
594 if (msg->hdr.reply_code)
595 return convert_error(zdev, reply);
596 if (msg->cprbx.cprb_ver_id == 0x02)
597 return convert_type86_ica(zdev, reply,
598 outputdata, outputdatalength);
599 /* no break, incorrect cprb version is an unknown response */
600 default: /* Unknown response type, this should NEVER EVER happen */
601 PRINTK("Unrecognized Message Header: %08x%08x\n",
602 *(unsigned int *) reply->message,
603 *(unsigned int *) (reply->message+4));
605 return -EAGAIN; /* repeat the request on a different device. */
609 static int convert_response_xcrb(struct zcrypt_device *zdev,
610 struct ap_message *reply,
611 struct ica_xcRB *xcRB)
613 struct type86x_reply *msg = reply->message;
615 /* Response type byte is the second byte in the response. */
616 switch (((unsigned char *) reply->message)[1]) {
617 case TYPE82_RSP_CODE:
618 case TYPE88_RSP_CODE:
619 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
620 return convert_error(zdev, reply);
621 case TYPE86_RSP_CODE:
622 if (msg->hdr.reply_code) {
623 memcpy(&(xcRB->status), msg->fmt2.apfs, sizeof(u32));
624 return convert_error(zdev, reply);
626 if (msg->cprbx.cprb_ver_id == 0x02)
627 return convert_type86_xcrb(zdev, reply, xcRB);
628 /* no break, incorrect cprb version is an unknown response */
629 default: /* Unknown response type, this should NEVER EVER happen */
630 PRINTK("Unrecognized Message Header: %08x%08x\n",
631 *(unsigned int *) reply->message,
632 *(unsigned int *) (reply->message+4));
633 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
635 return -EAGAIN; /* repeat the request on a different device. */
639 static int convert_response_rng(struct zcrypt_device *zdev,
640 struct ap_message *reply,
643 struct type86x_reply *msg = reply->message;
645 switch (msg->hdr.type) {
646 case TYPE82_RSP_CODE:
647 case TYPE88_RSP_CODE:
649 case TYPE86_RSP_CODE:
650 if (msg->hdr.reply_code)
652 if (msg->cprbx.cprb_ver_id == 0x02)
653 return convert_type86_rng(zdev, reply, data);
654 /* no break, incorrect cprb version is an unknown response */
655 default: /* Unknown response type, this should NEVER EVER happen */
656 PRINTK("Unrecognized Message Header: %08x%08x\n",
657 *(unsigned int *) reply->message,
658 *(unsigned int *) (reply->message+4));
660 return -EAGAIN; /* repeat the request on a different device. */
665 * This function is called from the AP bus code after a crypto request
666 * "msg" has finished with the reply message "reply".
667 * It is called from tasklet context.
668 * @ap_dev: pointer to the AP device
669 * @msg: pointer to the AP message
670 * @reply: pointer to the AP reply message
672 static void zcrypt_pcixcc_receive(struct ap_device *ap_dev,
673 struct ap_message *msg,
674 struct ap_message *reply)
676 static struct error_hdr error_reply = {
677 .type = TYPE82_RSP_CODE,
678 .reply_code = REP82_ERROR_MACHINE_FAILURE,
680 struct response_type *resp_type =
681 (struct response_type *) msg->private;
682 struct type86x_reply *t86r = reply->message;
685 /* Copy the reply message to the request message buffer. */
687 memcpy(msg->message, &error_reply, sizeof(error_reply));
688 else if (t86r->hdr.type == TYPE86_RSP_CODE &&
689 t86r->cprbx.cprb_ver_id == 0x02) {
690 switch (resp_type->type) {
691 case PCIXCC_RESPONSE_TYPE_ICA:
692 length = sizeof(struct type86x_reply)
694 length = min(PCIXCC_MAX_ICA_RESPONSE_SIZE, length);
695 memcpy(msg->message, reply->message, length);
697 case PCIXCC_RESPONSE_TYPE_XCRB:
698 length = t86r->fmt2.offset2 + t86r->fmt2.count2;
699 length = min(PCIXCC_MAX_XCRB_RESPONSE_SIZE, length);
700 memcpy(msg->message, reply->message, length);
703 PRINTK("Invalid internal response type: %i\n",
705 memcpy(msg->message, &error_reply,
709 memcpy(msg->message, reply->message, sizeof error_reply);
710 complete(&(resp_type->work));
713 static atomic_t zcrypt_step = ATOMIC_INIT(0);
716 * The request distributor calls this function if it picked the PCIXCC/CEX2C
717 * device to handle a modexpo request.
718 * @zdev: pointer to zcrypt_device structure that identifies the
719 * PCIXCC/CEX2C device to the request distributor
720 * @mex: pointer to the modexpo request buffer
722 static long zcrypt_pcixcc_modexpo(struct zcrypt_device *zdev,
723 struct ica_rsa_modexpo *mex)
725 struct ap_message ap_msg;
726 struct response_type resp_type = {
727 .type = PCIXCC_RESPONSE_TYPE_ICA,
731 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
734 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
735 atomic_inc_return(&zcrypt_step);
736 ap_msg.private = &resp_type;
737 rc = ICAMEX_msg_to_type6MEX_msgX(zdev, &ap_msg, mex);
740 init_completion(&resp_type.work);
741 ap_queue_message(zdev->ap_dev, &ap_msg);
742 rc = wait_for_completion_interruptible(&resp_type.work);
744 rc = convert_response_ica(zdev, &ap_msg, mex->outputdata,
745 mex->outputdatalength);
747 /* Signal pending. */
748 ap_cancel_message(zdev->ap_dev, &ap_msg);
750 free_page((unsigned long) ap_msg.message);
755 * The request distributor calls this function if it picked the PCIXCC/CEX2C
756 * device to handle a modexpo_crt request.
757 * @zdev: pointer to zcrypt_device structure that identifies the
758 * PCIXCC/CEX2C device to the request distributor
759 * @crt: pointer to the modexpoc_crt request buffer
761 static long zcrypt_pcixcc_modexpo_crt(struct zcrypt_device *zdev,
762 struct ica_rsa_modexpo_crt *crt)
764 struct ap_message ap_msg;
765 struct response_type resp_type = {
766 .type = PCIXCC_RESPONSE_TYPE_ICA,
770 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
773 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
774 atomic_inc_return(&zcrypt_step);
775 ap_msg.private = &resp_type;
776 rc = ICACRT_msg_to_type6CRT_msgX(zdev, &ap_msg, crt);
779 init_completion(&resp_type.work);
780 ap_queue_message(zdev->ap_dev, &ap_msg);
781 rc = wait_for_completion_interruptible(&resp_type.work);
783 rc = convert_response_ica(zdev, &ap_msg, crt->outputdata,
784 crt->outputdatalength);
786 /* Signal pending. */
787 ap_cancel_message(zdev->ap_dev, &ap_msg);
789 free_page((unsigned long) ap_msg.message);
794 * The request distributor calls this function if it picked the PCIXCC/CEX2C
795 * device to handle a send_cprb request.
796 * @zdev: pointer to zcrypt_device structure that identifies the
797 * PCIXCC/CEX2C device to the request distributor
798 * @xcRB: pointer to the send_cprb request buffer
800 static long zcrypt_pcixcc_send_cprb(struct zcrypt_device *zdev,
801 struct ica_xcRB *xcRB)
803 struct ap_message ap_msg;
804 struct response_type resp_type = {
805 .type = PCIXCC_RESPONSE_TYPE_XCRB,
809 ap_msg.message = kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE, GFP_KERNEL);
812 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
813 atomic_inc_return(&zcrypt_step);
814 ap_msg.private = &resp_type;
815 rc = XCRB_msg_to_type6CPRB_msgX(zdev, &ap_msg, xcRB);
818 init_completion(&resp_type.work);
819 ap_queue_message(zdev->ap_dev, &ap_msg);
820 rc = wait_for_completion_interruptible(&resp_type.work);
822 rc = convert_response_xcrb(zdev, &ap_msg, xcRB);
824 /* Signal pending. */
825 ap_cancel_message(zdev->ap_dev, &ap_msg);
827 memset(ap_msg.message, 0x0, ap_msg.length);
828 kfree(ap_msg.message);
833 * The request distributor calls this function if it picked the PCIXCC/CEX2C
834 * device to generate random data.
835 * @zdev: pointer to zcrypt_device structure that identifies the
836 * PCIXCC/CEX2C device to the request distributor
837 * @buffer: pointer to a memory page to return random data
840 static long zcrypt_pcixcc_rng(struct zcrypt_device *zdev,
843 struct ap_message ap_msg;
844 struct response_type resp_type = {
845 .type = PCIXCC_RESPONSE_TYPE_XCRB,
849 ap_msg.message = kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE, GFP_KERNEL);
852 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
853 atomic_inc_return(&zcrypt_step);
854 ap_msg.private = &resp_type;
855 rng_type6CPRB_msgX(zdev->ap_dev, &ap_msg, ZCRYPT_RNG_BUFFER_SIZE);
856 init_completion(&resp_type.work);
857 ap_queue_message(zdev->ap_dev, &ap_msg);
858 rc = wait_for_completion_interruptible(&resp_type.work);
860 rc = convert_response_rng(zdev, &ap_msg, buffer);
862 /* Signal pending. */
863 ap_cancel_message(zdev->ap_dev, &ap_msg);
864 kfree(ap_msg.message);
869 * The crypto operations for a PCIXCC/CEX2C card.
871 static struct zcrypt_ops zcrypt_pcixcc_ops = {
872 .rsa_modexpo = zcrypt_pcixcc_modexpo,
873 .rsa_modexpo_crt = zcrypt_pcixcc_modexpo_crt,
874 .send_cprb = zcrypt_pcixcc_send_cprb,
877 static struct zcrypt_ops zcrypt_pcixcc_with_rng_ops = {
878 .rsa_modexpo = zcrypt_pcixcc_modexpo,
879 .rsa_modexpo_crt = zcrypt_pcixcc_modexpo_crt,
880 .send_cprb = zcrypt_pcixcc_send_cprb,
881 .rng = zcrypt_pcixcc_rng,
885 * Micro-code detection function. Its sends a message to a pcixcc card
886 * to find out the microcode level.
887 * @ap_dev: pointer to the AP device.
889 static int zcrypt_pcixcc_mcl(struct ap_device *ap_dev)
891 static unsigned char msg[] = {
892 0x00,0x06,0x00,0x00,0x00,0x00,0x00,0x00,
893 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
894 0x00,0x00,0x00,0x58,0x00,0x00,0x00,0x00,
895 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
896 0x43,0x41,0x00,0x00,0x00,0x00,0x00,0x00,
897 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
898 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x00,
899 0x00,0x00,0x01,0xC4,0x00,0x00,0x00,0x00,
900 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
901 0x00,0x00,0x07,0x24,0x00,0x00,0x00,0x00,
902 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
903 0x00,0xDC,0x02,0x00,0x00,0x00,0x54,0x32,
904 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE8,
905 0x00,0x00,0x00,0x00,0x00,0x00,0x07,0x24,
906 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
907 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
908 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
909 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
910 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
911 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
912 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
913 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
914 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
915 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
916 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
917 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
918 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
919 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
920 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
921 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
922 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
923 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
924 0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,
925 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
926 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
927 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
928 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
929 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
930 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x0A,
931 0x4D,0x52,0x50,0x20,0x20,0x20,0x20,0x20,
932 0x00,0x42,0x00,0x01,0x02,0x03,0x04,0x05,
933 0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,
934 0x0E,0x0F,0x00,0x11,0x22,0x33,0x44,0x55,
935 0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,
936 0xEE,0xFF,0xFF,0xEE,0xDD,0xCC,0xBB,0xAA,
937 0x99,0x88,0x77,0x66,0x55,0x44,0x33,0x22,
938 0x11,0x00,0x01,0x23,0x45,0x67,0x89,0xAB,
939 0xCD,0xEF,0xFE,0xDC,0xBA,0x98,0x76,0x54,
940 0x32,0x10,0x00,0x9A,0x00,0x98,0x00,0x00,
941 0x1E,0x00,0x00,0x94,0x00,0x00,0x00,0x00,
942 0x04,0x00,0x00,0x8C,0x00,0x00,0x00,0x40,
943 0x02,0x00,0x00,0x40,0xBA,0xE8,0x23,0x3C,
944 0x75,0xF3,0x91,0x61,0xD6,0x73,0x39,0xCF,
945 0x7B,0x6D,0x8E,0x61,0x97,0x63,0x9E,0xD9,
946 0x60,0x55,0xD6,0xC7,0xEF,0xF8,0x1E,0x63,
947 0x95,0x17,0xCC,0x28,0x45,0x60,0x11,0xC5,
948 0xC4,0x4E,0x66,0xC6,0xE6,0xC3,0xDE,0x8A,
949 0x19,0x30,0xCF,0x0E,0xD7,0xAA,0xDB,0x01,
950 0xD8,0x00,0xBB,0x8F,0x39,0x9F,0x64,0x28,
951 0xF5,0x7A,0x77,0x49,0xCC,0x6B,0xA3,0x91,
952 0x97,0x70,0xE7,0x60,0x1E,0x39,0xE1,0xE5,
953 0x33,0xE1,0x15,0x63,0x69,0x08,0x80,0x4C,
954 0x67,0xC4,0x41,0x8F,0x48,0xDF,0x26,0x98,
955 0xF1,0xD5,0x8D,0x88,0xD9,0x6A,0xA4,0x96,
956 0xC5,0x84,0xD9,0x30,0x49,0x67,0x7D,0x19,
957 0xB1,0xB3,0x45,0x4D,0xB2,0x53,0x9A,0x47,
958 0x3C,0x7C,0x55,0xBF,0xCC,0x85,0x00,0x36,
961 unsigned long long psmid;
966 reply = (void *) get_zeroed_page(GFP_KERNEL);
970 rc = ap_send(ap_dev->qid, 0x0102030405060708ULL, msg, sizeof(msg));
974 /* Wait for the test message to complete. */
975 for (i = 0; i < 6; i++) {
977 rc = ap_recv(ap_dev->qid, &psmid, reply, 4096);
978 if (rc == 0 && psmid == 0x0102030405060708ULL)
988 cprbx = (struct CPRBX *) (reply + 48);
989 if (cprbx->ccp_rtcode == 8 && cprbx->ccp_rscode == 33)
990 rc = ZCRYPT_PCIXCC_MCL2;
992 rc = ZCRYPT_PCIXCC_MCL3;
994 free_page((unsigned long) reply);
999 * Large random number detection function. Its sends a message to a pcixcc
1000 * card to find out if large random numbers are supported.
1001 * @ap_dev: pointer to the AP device.
1003 * Returns 1 if large random numbers are supported, 0 if not and < 0 on error.
1005 static int zcrypt_pcixcc_rng_supported(struct ap_device *ap_dev)
1007 struct ap_message ap_msg;
1008 unsigned long long psmid;
1010 struct type86_hdr hdr;
1011 struct type86_fmt2_ext fmt2;
1013 } __attribute__((packed)) *reply;
1016 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
1017 if (!ap_msg.message)
1020 rng_type6CPRB_msgX(ap_dev, &ap_msg, 4);
1021 rc = ap_send(ap_dev->qid, 0x0102030405060708ULL, ap_msg.message,
1026 /* Wait for the test message to complete. */
1027 for (i = 0; i < 2 * HZ; i++) {
1029 rc = ap_recv(ap_dev->qid, &psmid, ap_msg.message, 4096);
1030 if (rc == 0 && psmid == 0x0102030405060708ULL)
1035 /* Got no answer. */
1040 reply = ap_msg.message;
1041 if (reply->cprbx.ccp_rtcode == 0 && reply->cprbx.ccp_rscode == 0)
1046 free_page((unsigned long) ap_msg.message);
1051 * Probe function for PCIXCC/CEX2C cards. It always accepts the AP device
1052 * since the bus_match already checked the hardware type. The PCIXCC
1053 * cards come in two flavours: micro code level 2 and micro code level 3.
1054 * This is checked by sending a test message to the device.
1055 * @ap_dev: pointer to the AP device.
1057 static int zcrypt_pcixcc_probe(struct ap_device *ap_dev)
1059 struct zcrypt_device *zdev;
1062 zdev = zcrypt_device_alloc(PCIXCC_MAX_RESPONSE_SIZE);
1065 zdev->ap_dev = ap_dev;
1067 if (ap_dev->device_type == AP_DEVICE_TYPE_PCIXCC) {
1068 rc = zcrypt_pcixcc_mcl(ap_dev);
1070 zcrypt_device_free(zdev);
1073 zdev->user_space_type = rc;
1074 if (rc == ZCRYPT_PCIXCC_MCL2) {
1075 zdev->type_string = "PCIXCC_MCL2";
1076 zdev->speed_rating = PCIXCC_MCL2_SPEED_RATING;
1077 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
1078 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
1080 zdev->type_string = "PCIXCC_MCL3";
1081 zdev->speed_rating = PCIXCC_MCL3_SPEED_RATING;
1082 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE;
1083 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
1086 zdev->user_space_type = ZCRYPT_CEX2C;
1087 zdev->type_string = "CEX2C";
1088 zdev->speed_rating = CEX2C_SPEED_RATING;
1089 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE;
1090 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
1092 rc = zcrypt_pcixcc_rng_supported(ap_dev);
1094 zcrypt_device_free(zdev);
1098 zdev->ops = &zcrypt_pcixcc_with_rng_ops;
1100 zdev->ops = &zcrypt_pcixcc_ops;
1101 ap_dev->reply = &zdev->reply;
1102 ap_dev->private = zdev;
1103 rc = zcrypt_device_register(zdev);
1109 ap_dev->private = NULL;
1110 zcrypt_device_free(zdev);
1115 * This is called to remove the extended PCIXCC/CEX2C driver information
1116 * if an AP device is removed.
1118 static void zcrypt_pcixcc_remove(struct ap_device *ap_dev)
1120 struct zcrypt_device *zdev = ap_dev->private;
1122 zcrypt_device_unregister(zdev);
1125 int __init zcrypt_pcixcc_init(void)
1127 return ap_driver_register(&zcrypt_pcixcc_driver, THIS_MODULE, "pcixcc");
1130 void zcrypt_pcixcc_exit(void)
1132 ap_driver_unregister(&zcrypt_pcixcc_driver);
1135 #ifndef CONFIG_ZCRYPT_MONOLITHIC
1136 module_init(zcrypt_pcixcc_init);
1137 module_exit(zcrypt_pcixcc_exit);
git.openpandora.org / pandora-kernel.git / blob