Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 9872bec773c2e8503fec480c1e8a0c732517e257 / . / drivers / s390 / crypto / zcrypt_pcixcc.c
blob: 70b9ddc8cf9d6270db525c7a62e6d7c019aedccf [file] [log] [blame]
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]1/*
2 * linux/drivers/s390/crypto/zcrypt_pcixcc.c
3 *
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]4 * zcrypt 2.1.0
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]5 *
6 * Copyright (C) 2001, 2006 IBM Corporation
7 * Author(s): Robert Burroughs
8 * Eric Rossman (edrossma@us.ibm.com)
9 *
10 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
11 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
12 * Ralph Wuerthner <rwuerthn@de.ibm.com>
13 *
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2, or (at your option)
17 * any later version.
18 *
19 * This program is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
23 *
24 * You should have received a copy of the GNU General Public License
25 * along with this program; if not, write to the Free Software
26 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
27 */
28
29#include <linux/module.h>
30#include <linux/init.h>
31#include <linux/err.h>
32#include <linux/delay.h>
33#include <asm/atomic.h>
34#include <asm/uaccess.h>
35
36#include "ap_bus.h"
37#include "zcrypt_api.h"
38#include "zcrypt_error.h"
39#include "zcrypt_pcicc.h"
40#include "zcrypt_pcixcc.h"
41#include "zcrypt_cca_key.h"
42
43#define PCIXCC_MIN_MOD_SIZE 16 /* 128 bits */
44#define PCIXCC_MIN_MOD_SIZE_OLD 64 /* 512 bits */
45#define PCIXCC_MAX_MOD_SIZE 256 /* 2048 bits */
46
47#define PCIXCC_MCL2_SPEED_RATING 7870 /* FIXME: needs finetuning */
48#define PCIXCC_MCL3_SPEED_RATING 7870
49#define CEX2C_SPEED_RATING 8540
50
51#define PCIXCC_MAX_ICA_MESSAGE_SIZE 0x77c /* max size type6 v2 crt message */
52#define PCIXCC_MAX_ICA_RESPONSE_SIZE 0x77c /* max size type86 v2 reply */
53
54#define PCIXCC_MAX_XCRB_MESSAGE_SIZE (12*1024)
55#define PCIXCC_MAX_XCRB_RESPONSE_SIZE PCIXCC_MAX_XCRB_MESSAGE_SIZE
56#define PCIXCC_MAX_XCRB_DATA_SIZE (11*1024)
57#define PCIXCC_MAX_XCRB_REPLY_SIZE (5*1024)
58
59#define PCIXCC_MAX_RESPONSE_SIZE PCIXCC_MAX_XCRB_RESPONSE_SIZE
60
61#define PCIXCC_CLEANUP_TIME (15*HZ)
62
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]63#define CEIL4(x) ((((x)+3)/4)*4)
64
65struct response_type {
66 struct completion work;
67 int type;
68};
69#define PCIXCC_RESPONSE_TYPE_ICA 0
70#define PCIXCC_RESPONSE_TYPE_XCRB 1
71
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]72static struct ap_device_id zcrypt_pcixcc_ids[] = {
73 { AP_DEVICE(AP_DEVICE_TYPE_PCIXCC) },
74 { AP_DEVICE(AP_DEVICE_TYPE_CEX2C) },
75 { /* end of list */ },
76};
77
78#ifndef CONFIG_ZCRYPT_MONOLITHIC
79MODULE_DEVICE_TABLE(ap, zcrypt_pcixcc_ids);
80MODULE_AUTHOR("IBM Corporation");
81MODULE_DESCRIPTION("PCIXCC Cryptographic Coprocessor device driver, "
82 "Copyright 2001, 2006 IBM Corporation");
83MODULE_LICENSE("GPL");
84#endif
85
86static int zcrypt_pcixcc_probe(struct ap_device *ap_dev);
87static void zcrypt_pcixcc_remove(struct ap_device *ap_dev);
88static void zcrypt_pcixcc_receive(struct ap_device *, struct ap_message *,
89 struct ap_message *);
90
91static struct ap_driver zcrypt_pcixcc_driver = {
92 .probe = zcrypt_pcixcc_probe,
93 .remove = zcrypt_pcixcc_remove,
94 .receive = zcrypt_pcixcc_receive,
95 .ids = zcrypt_pcixcc_ids,
Ralph Wuerthneraf512ed02007-07-10 11:24:19 +0200[diff] [blame]96 .request_timeout = PCIXCC_CLEANUP_TIME,
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]97};
98
99/**
100 * The following is used to initialize the CPRBX passed to the PCIXCC/CEX2C
101 * card in a type6 message. The 3 fields that must be filled in at execution
102 * time are req_parml, rpl_parml and usage_domain.
103 * Everything about this interface is ascii/big-endian, since the
104 * device does *not* have 'Intel inside'.
105 *
106 * The CPRBX is followed immediately by the parm block.
107 * The parm block contains:
108 * - function code ('PD' 0x5044 or 'PK' 0x504B)
109 * - rule block (one of:)
110 * + 0x000A 'PKCS-1.2' (MCL2 'PD')
111 * + 0x000A 'ZERO-PAD' (MCL2 'PK')
112 * + 0x000A 'ZERO-PAD' (MCL3 'PD' or CEX2C 'PD')
113 * + 0x000A 'MRP ' (MCL3 'PK' or CEX2C 'PK')
114 * - VUD block
115 */
116static struct CPRBX static_cprbx = {
117 .cprb_len = 0x00DC,
118 .cprb_ver_id = 0x02,
119 .func_id = {0x54,0x32},
120};
121
122/**
123 * Convert a ICAMEX message to a type6 MEX message.
124 *
125 * @zdev: crypto device pointer
126 * @ap_msg: pointer to AP message
127 * @mex: pointer to user input data
128 *
129 * Returns 0 on success or -EFAULT.
130 */
131static int ICAMEX_msg_to_type6MEX_msgX(struct zcrypt_device *zdev,
132 struct ap_message *ap_msg,
133 struct ica_rsa_modexpo *mex)
134{
135 static struct type6_hdr static_type6_hdrX = {
136 .type = 0x06,
137 .offset1 = 0x00000058,
138 .agent_id = {'C','A',},
139 .function_code = {'P','K'},
140 };
141 static struct function_and_rules_block static_pke_fnr = {
142 .function_code = {'P','K'},
143 .ulen = 10,
144 .only_rule = {'M','R','P',' ',' ',' ',' ',' '}
145 };
146 static struct function_and_rules_block static_pke_fnr_MCL2 = {
147 .function_code = {'P','K'},
148 .ulen = 10,
149 .only_rule = {'Z','E','R','O','-','P','A','D'}
150 };
151 struct {
152 struct type6_hdr hdr;
153 struct CPRBX cprbx;
154 struct function_and_rules_block fr;
155 unsigned short length;
156 char text[0];
157 } __attribute__((packed)) *msg = ap_msg->message;
158 int size;
159
160 /* VUD.ciphertext */
161 msg->length = mex->inputdatalength + 2;
162 if (copy_from_user(msg->text, mex->inputdata, mex->inputdatalength))
163 return -EFAULT;
164
165 /* Set up key which is located after the variable length text. */
166 size = zcrypt_type6_mex_key_en(mex, msg->text+mex->inputdatalength, 1);
167 if (size < 0)
168 return size;
169 size += sizeof(*msg) + mex->inputdatalength;
170
171 /* message header, cprbx and f&r */
172 msg->hdr = static_type6_hdrX;
173 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
174 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
175
176 msg->cprbx = static_cprbx;
177 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
178 msg->cprbx.rpl_msgbl = msg->hdr.FromCardLen1;
179
180 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
181 static_pke_fnr_MCL2 : static_pke_fnr;
182
183 msg->cprbx.req_parml = size - sizeof(msg->hdr) - sizeof(msg->cprbx);
184
185 ap_msg->length = size;
186 return 0;
187}
188
189/**
190 * Convert a ICACRT message to a type6 CRT message.
191 *
192 * @zdev: crypto device pointer
193 * @ap_msg: pointer to AP message
194 * @crt: pointer to user input data
195 *
196 * Returns 0 on success or -EFAULT.
197 */
198static int ICACRT_msg_to_type6CRT_msgX(struct zcrypt_device *zdev,
199 struct ap_message *ap_msg,
200 struct ica_rsa_modexpo_crt *crt)
201{
202 static struct type6_hdr static_type6_hdrX = {
203 .type = 0x06,
204 .offset1 = 0x00000058,
205 .agent_id = {'C','A',},
206 .function_code = {'P','D'},
207 };
208 static struct function_and_rules_block static_pkd_fnr = {
209 .function_code = {'P','D'},
210 .ulen = 10,
211 .only_rule = {'Z','E','R','O','-','P','A','D'}
212 };
213
214 static struct function_and_rules_block static_pkd_fnr_MCL2 = {
215 .function_code = {'P','D'},
216 .ulen = 10,
217 .only_rule = {'P','K','C','S','-','1','.','2'}
218 };
219 struct {
220 struct type6_hdr hdr;
221 struct CPRBX cprbx;
222 struct function_and_rules_block fr;
223 unsigned short length;
224 char text[0];
225 } __attribute__((packed)) *msg = ap_msg->message;
226 int size;
227
228 /* VUD.ciphertext */
229 msg->length = crt->inputdatalength + 2;
230 if (copy_from_user(msg->text, crt->inputdata, crt->inputdatalength))
231 return -EFAULT;
232
233 /* Set up key which is located after the variable length text. */
234 size = zcrypt_type6_crt_key(crt, msg->text + crt->inputdatalength, 1);
235 if (size < 0)
236 return size;
237 size += sizeof(*msg) + crt->inputdatalength; /* total size of msg */
238
239 /* message header, cprbx and f&r */
240 msg->hdr = static_type6_hdrX;
241 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
242 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
243
244 msg->cprbx = static_cprbx;
245 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
246 msg->cprbx.req_parml = msg->cprbx.rpl_msgbl =
247 size - sizeof(msg->hdr) - sizeof(msg->cprbx);
248
249 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
250 static_pkd_fnr_MCL2 : static_pkd_fnr;
251
252 ap_msg->length = size;
253 return 0;
254}
255
256/**
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]257 * Convert a XCRB message to a type6 CPRB message.
258 *
259 * @zdev: crypto device pointer
260 * @ap_msg: pointer to AP message
261 * @xcRB: pointer to user input data
262 *
263 * Returns 0 on success or -EFAULT.
264 */
265struct type86_fmt2_msg {
266 struct type86_hdr hdr;
267 struct type86_fmt2_ext fmt2;
268} __attribute__((packed));
269
270static int XCRB_msg_to_type6CPRB_msgX(struct zcrypt_device *zdev,
271 struct ap_message *ap_msg,
272 struct ica_xcRB *xcRB)
273{
274 static struct type6_hdr static_type6_hdrX = {
275 .type = 0x06,
276 .offset1 = 0x00000058,
277 };
278 struct {
279 struct type6_hdr hdr;
Ralph Wuerthner16db63f2007-10-12 16:11:28 +0200[diff] [blame]280 struct CPRBX cprbx;
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]281 } __attribute__((packed)) *msg = ap_msg->message;
282
283 int rcblen = CEIL4(xcRB->request_control_blk_length);
284 int replylen;
285 char *req_data = ap_msg->message + sizeof(struct type6_hdr) + rcblen;
286 char *function_code;
287
288 /* length checks */
289 ap_msg->length = sizeof(struct type6_hdr) +
290 CEIL4(xcRB->request_control_blk_length) +
291 xcRB->request_data_length;
292 if (ap_msg->length > PCIXCC_MAX_XCRB_MESSAGE_SIZE) {
293 PRINTK("Combined message is too large (%ld/%d/%d).\n",
294 sizeof(struct type6_hdr),
295 xcRB->request_control_blk_length,
296 xcRB->request_data_length);
297 return -EFAULT;
298 }
299 if (CEIL4(xcRB->reply_control_blk_length) >
300 PCIXCC_MAX_XCRB_REPLY_SIZE) {
301 PDEBUG("Reply CPRB length is too large (%d).\n",
302 xcRB->request_control_blk_length);
303 return -EFAULT;
304 }
305 if (CEIL4(xcRB->reply_data_length) > PCIXCC_MAX_XCRB_DATA_SIZE) {
306 PDEBUG("Reply data block length is too large (%d).\n",
307 xcRB->reply_data_length);
308 return -EFAULT;
309 }
310 replylen = CEIL4(xcRB->reply_control_blk_length) +
311 CEIL4(xcRB->reply_data_length) +
312 sizeof(struct type86_fmt2_msg);
313 if (replylen > PCIXCC_MAX_XCRB_RESPONSE_SIZE) {
314 PDEBUG("Reply CPRB + data block > PCIXCC_MAX_XCRB_RESPONSE_SIZE"
315 " (%d/%d/%d).\n",
316 sizeof(struct type86_fmt2_msg),
317 xcRB->reply_control_blk_length,
318 xcRB->reply_data_length);
319 xcRB->reply_control_blk_length = PCIXCC_MAX_XCRB_RESPONSE_SIZE -
320 (sizeof(struct type86_fmt2_msg) +
321 CEIL4(xcRB->reply_data_length));
322 PDEBUG("Capping Reply CPRB length at %d\n",
323 xcRB->reply_control_blk_length);
324 }
325
326 /* prepare type6 header */
327 msg->hdr = static_type6_hdrX;
328 memcpy(msg->hdr.agent_id , &(xcRB->agent_ID), sizeof(xcRB->agent_ID));
329 msg->hdr.ToCardLen1 = xcRB->request_control_blk_length;
330 if (xcRB->request_data_length) {
331 msg->hdr.offset2 = msg->hdr.offset1 + rcblen;
332 msg->hdr.ToCardLen2 = xcRB->request_data_length;
333 }
334 msg->hdr.FromCardLen1 = xcRB->reply_control_blk_length;
335 msg->hdr.FromCardLen2 = xcRB->reply_data_length;
336
337 /* prepare CPRB */
338 if (copy_from_user(&(msg->cprbx), xcRB->request_control_blk_addr,
339 xcRB->request_control_blk_length))
340 return -EFAULT;
341 if (msg->cprbx.cprb_len + sizeof(msg->hdr.function_code) >
342 xcRB->request_control_blk_length) {
343 PDEBUG("cprb_len too large (%d/%d)\n", msg->cprbx.cprb_len,
344 xcRB->request_control_blk_length);
345 return -EFAULT;
346 }
347 function_code = ((unsigned char *)&msg->cprbx) + msg->cprbx.cprb_len;
348 memcpy(msg->hdr.function_code, function_code, sizeof(msg->hdr.function_code));
349
350 /* copy data block */
351 if (xcRB->request_data_length &&
352 copy_from_user(req_data, xcRB->request_data_address,
353 xcRB->request_data_length))
354 return -EFAULT;
355 return 0;
356}
357
358/**
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]359 * Copy results from a type 86 ICA reply message back to user space.
360 *
361 * @zdev: crypto device pointer
362 * @reply: reply AP message.
363 * @data: pointer to user output data
364 * @length: size of user output data
365 *
366 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
367 */
368struct type86x_reply {
369 struct type86_hdr hdr;
370 struct type86_fmt2_ext fmt2;
371 struct CPRBX cprbx;
372 unsigned char pad[4]; /* 4 byte function code/rules block ? */
373 unsigned short length;
374 char text[0];
375} __attribute__((packed));
376
377static int convert_type86_ica(struct zcrypt_device *zdev,
378 struct ap_message *reply,
379 char __user *outputdata,
380 unsigned int outputdatalength)
381{
382 static unsigned char static_pad[] = {
383 0x00,0x02,
384 0x1B,0x7B,0x5D,0xB5,0x75,0x01,0x3D,0xFD,
385 0x8D,0xD1,0xC7,0x03,0x2D,0x09,0x23,0x57,
386 0x89,0x49,0xB9,0x3F,0xBB,0x99,0x41,0x5B,
387 0x75,0x21,0x7B,0x9D,0x3B,0x6B,0x51,0x39,
388 0xBB,0x0D,0x35,0xB9,0x89,0x0F,0x93,0xA5,
389 0x0B,0x47,0xF1,0xD3,0xBB,0xCB,0xF1,0x9D,
390 0x23,0x73,0x71,0xFF,0xF3,0xF5,0x45,0xFB,
391 0x61,0x29,0x23,0xFD,0xF1,0x29,0x3F,0x7F,
392 0x17,0xB7,0x1B,0xA9,0x19,0xBD,0x57,0xA9,
393 0xD7,0x95,0xA3,0xCB,0xED,0x1D,0xDB,0x45,
394 0x7D,0x11,0xD1,0x51,0x1B,0xED,0x71,0xE9,
395 0xB1,0xD1,0xAB,0xAB,0x21,0x2B,0x1B,0x9F,
396 0x3B,0x9F,0xF7,0xF7,0xBD,0x63,0xEB,0xAD,
397 0xDF,0xB3,0x6F,0x5B,0xDB,0x8D,0xA9,0x5D,
398 0xE3,0x7D,0x77,0x49,0x47,0xF5,0xA7,0xFD,
399 0xAB,0x2F,0x27,0x35,0x77,0xD3,0x49,0xC9,
400 0x09,0xEB,0xB1,0xF9,0xBF,0x4B,0xCB,0x2B,
401 0xEB,0xEB,0x05,0xFF,0x7D,0xC7,0x91,0x8B,
402 0x09,0x83,0xB9,0xB9,0x69,0x33,0x39,0x6B,
403 0x79,0x75,0x19,0xBF,0xBB,0x07,0x1D,0xBD,
404 0x29,0xBF,0x39,0x95,0x93,0x1D,0x35,0xC7,
405 0xC9,0x4D,0xE5,0x97,0x0B,0x43,0x9B,0xF1,
406 0x16,0x93,0x03,0x1F,0xA5,0xFB,0xDB,0xF3,
407 0x27,0x4F,0x27,0x61,0x05,0x1F,0xB9,0x23,
408 0x2F,0xC3,0x81,0xA9,0x23,0x71,0x55,0x55,
409 0xEB,0xED,0x41,0xE5,0xF3,0x11,0xF1,0x43,
410 0x69,0x03,0xBD,0x0B,0x37,0x0F,0x51,0x8F,
411 0x0B,0xB5,0x89,0x5B,0x67,0xA9,0xD9,0x4F,
412 0x01,0xF9,0x21,0x77,0x37,0x73,0x79,0xC5,
413 0x7F,0x51,0xC1,0xCF,0x97,0xA1,0x75,0xAD,
414 0x35,0x9D,0xD3,0xD3,0xA7,0x9D,0x5D,0x41,
415 0x6F,0x65,0x1B,0xCF,0xA9,0x87,0x91,0x09
416 };
417 struct type86x_reply *msg = reply->message;
418 unsigned short service_rc, service_rs;
419 unsigned int reply_len, pad_len;
420 char *data;
421
422 service_rc = msg->cprbx.ccp_rtcode;
423 if (unlikely(service_rc != 0)) {
424 service_rs = msg->cprbx.ccp_rscode;
425 if (service_rc == 8 && service_rs == 66) {
426 PDEBUG("Bad block format on PCIXCC/CEX2C\n");
427 return -EINVAL;
428 }
429 if (service_rc == 8 && service_rs == 65) {
430 PDEBUG("Probably an even modulus on PCIXCC/CEX2C\n");
431 return -EINVAL;
432 }
433 if (service_rc == 8 && service_rs == 770) {
434 PDEBUG("Invalid key length on PCIXCC/CEX2C\n");
Ralph Wuerthner2af48082007-10-12 16:11:30 +0200[diff] [blame]435 return -EINVAL;
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]436 }
437 if (service_rc == 8 && service_rs == 783) {
438 PDEBUG("Extended bitlengths not enabled on PCIXCC/CEX2C\n");
439 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
440 return -EAGAIN;
441 }
Ralph Wuerthner2af48082007-10-12 16:11:30 +0200[diff] [blame]442 if (service_rc == 12 && service_rs == 769) {
443 PDEBUG("Invalid key on PCIXCC/CEX2C\n");
444 return -EINVAL;
445 }
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]446 PRINTK("Unknown service rc/rs (PCIXCC/CEX2C): %d/%d\n",
447 service_rc, service_rs);
448 zdev->online = 0;
449 return -EAGAIN; /* repeat the request on a different device. */
450 }
451 data = msg->text;
452 reply_len = msg->length - 2;
453 if (reply_len > outputdatalength)
454 return -EINVAL;
455 /**
456 * For all encipher requests, the length of the ciphertext (reply_len)
457 * will always equal the modulus length. For MEX decipher requests
458 * the output needs to get padded. Minimum pad size is 10.
459 *
460 * Currently, the cases where padding will be added is for:
461 * - PCIXCC_MCL2 using a CRT form token (since PKD didn't support
462 * ZERO-PAD and CRT is only supported for PKD requests)
463 * - PCICC, always
464 */
465 pad_len = outputdatalength - reply_len;
466 if (pad_len > 0) {
467 if (pad_len < 10)
468 return -EINVAL;
469 /* 'restore' padding left in the PCICC/PCIXCC card. */
470 if (copy_to_user(outputdata, static_pad, pad_len - 1))
471 return -EFAULT;
472 if (put_user(0, outputdata + pad_len - 1))
473 return -EFAULT;
474 }
475 /* Copy the crypto response to user space. */
476 if (copy_to_user(outputdata + pad_len, data, reply_len))
477 return -EFAULT;
478 return 0;
479}
480
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]481/**
482 * Copy results from a type 86 XCRB reply message back to user space.
483 *
484 * @zdev: crypto device pointer
485 * @reply: reply AP message.
486 * @xcRB: pointer to XCRB
487 *
488 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
489 */
490static int convert_type86_xcrb(struct zcrypt_device *zdev,
491 struct ap_message *reply,
492 struct ica_xcRB *xcRB)
493{
494 struct type86_fmt2_msg *msg = reply->message;
495 char *data = reply->message;
496
497 /* Copy CPRB to user */
498 if (copy_to_user(xcRB->reply_control_blk_addr,
499 data + msg->fmt2.offset1, msg->fmt2.count1))
500 return -EFAULT;
501 xcRB->reply_control_blk_length = msg->fmt2.count1;
502
503 /* Copy data buffer to user */
504 if (msg->fmt2.count2)
505 if (copy_to_user(xcRB->reply_data_addr,
506 data + msg->fmt2.offset2, msg->fmt2.count2))
507 return -EFAULT;
508 xcRB->reply_data_length = msg->fmt2.count2;
509 return 0;
510}
511
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]512static int convert_response_ica(struct zcrypt_device *zdev,
513 struct ap_message *reply,
514 char __user *outputdata,
515 unsigned int outputdatalength)
516{
517 struct type86x_reply *msg = reply->message;
518
519 /* Response type byte is the second byte in the response. */
520 switch (((unsigned char *) reply->message)[1]) {
521 case TYPE82_RSP_CODE:
522 case TYPE88_RSP_CODE:
523 return convert_error(zdev, reply);
524 case TYPE86_RSP_CODE:
525 if (msg->hdr.reply_code)
526 return convert_error(zdev, reply);
527 if (msg->cprbx.cprb_ver_id == 0x02)
528 return convert_type86_ica(zdev, reply,
529 outputdata, outputdatalength);
530 /* no break, incorrect cprb version is an unknown response */
531 default: /* Unknown response type, this should NEVER EVER happen */
532 PRINTK("Unrecognized Message Header: %08x%08x\n",
533 *(unsigned int *) reply->message,
534 *(unsigned int *) (reply->message+4));
535 zdev->online = 0;
536 return -EAGAIN; /* repeat the request on a different device. */
537 }
538}
539
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]540static int convert_response_xcrb(struct zcrypt_device *zdev,
541 struct ap_message *reply,
542 struct ica_xcRB *xcRB)
543{
544 struct type86x_reply *msg = reply->message;
545
546 /* Response type byte is the second byte in the response. */
547 switch (((unsigned char *) reply->message)[1]) {
548 case TYPE82_RSP_CODE:
549 case TYPE88_RSP_CODE:
550 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
551 return convert_error(zdev, reply);
552 case TYPE86_RSP_CODE:
553 if (msg->hdr.reply_code) {
554 memcpy(&(xcRB->status), msg->fmt2.apfs, sizeof(u32));
555 return convert_error(zdev, reply);
556 }
557 if (msg->cprbx.cprb_ver_id == 0x02)
558 return convert_type86_xcrb(zdev, reply, xcRB);
559 /* no break, incorrect cprb version is an unknown response */
560 default: /* Unknown response type, this should NEVER EVER happen */
561 PRINTK("Unrecognized Message Header: %08x%08x\n",
562 *(unsigned int *) reply->message,
563 *(unsigned int *) (reply->message+4));
564 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
565 zdev->online = 0;
566 return -EAGAIN; /* repeat the request on a different device. */
567 }
568}
569
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]570/**
571 * This function is called from the AP bus code after a crypto request
572 * "msg" has finished with the reply message "reply".
573 * It is called from tasklet context.
574 * @ap_dev: pointer to the AP device
575 * @msg: pointer to the AP message
576 * @reply: pointer to the AP reply message
577 */
578static void zcrypt_pcixcc_receive(struct ap_device *ap_dev,
579 struct ap_message *msg,
580 struct ap_message *reply)
581{
582 static struct error_hdr error_reply = {
583 .type = TYPE82_RSP_CODE,
584 .reply_code = REP82_ERROR_MACHINE_FAILURE,
585 };
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]586 struct response_type *resp_type =
587 (struct response_type *) msg->private;
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]588 struct type86x_reply *t86r = reply->message;
589 int length;
590
591 /* Copy the reply message to the request message buffer. */
592 if (IS_ERR(reply))
593 memcpy(msg->message, &error_reply, sizeof(error_reply));
594 else if (t86r->hdr.type == TYPE86_RSP_CODE &&
595 t86r->cprbx.cprb_ver_id == 0x02) {
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]596 switch (resp_type->type) {
597 case PCIXCC_RESPONSE_TYPE_ICA:
598 length = sizeof(struct type86x_reply)
599 + t86r->length - 2;
600 length = min(PCIXCC_MAX_ICA_RESPONSE_SIZE, length);
601 memcpy(msg->message, reply->message, length);
602 break;
603 case PCIXCC_RESPONSE_TYPE_XCRB:
604 length = t86r->fmt2.offset2 + t86r->fmt2.count2;
605 length = min(PCIXCC_MAX_XCRB_RESPONSE_SIZE, length);
606 memcpy(msg->message, reply->message, length);
607 break;
608 default:
609 PRINTK("Invalid internal response type: %i\n",
610 resp_type->type);
611 memcpy(msg->message, &error_reply,
612 sizeof error_reply);
613 }
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]614 } else
615 memcpy(msg->message, reply->message, sizeof error_reply);
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]616 complete(&(resp_type->work));
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]617}
618
619static atomic_t zcrypt_step = ATOMIC_INIT(0);
620
621/**
622 * The request distributor calls this function if it picked the PCIXCC/CEX2C
623 * device to handle a modexpo request.
624 * @zdev: pointer to zcrypt_device structure that identifies the
625 * PCIXCC/CEX2C device to the request distributor
626 * @mex: pointer to the modexpo request buffer
627 */
628static long zcrypt_pcixcc_modexpo(struct zcrypt_device *zdev,
629 struct ica_rsa_modexpo *mex)
630{
631 struct ap_message ap_msg;
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]632 struct response_type resp_type = {
633 .type = PCIXCC_RESPONSE_TYPE_ICA,
634 };
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]635 int rc;
636
637 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
638 if (!ap_msg.message)
639 return -ENOMEM;
640 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
641 atomic_inc_return(&zcrypt_step);
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]642 ap_msg.private = &resp_type;
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]643 rc = ICAMEX_msg_to_type6MEX_msgX(zdev, &ap_msg, mex);
644 if (rc)
645 goto out_free;
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]646 init_completion(&resp_type.work);
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]647 ap_queue_message(zdev->ap_dev, &ap_msg);
Ralph Wuerthneraf512ed02007-07-10 11:24:19 +0200[diff] [blame]648 rc = wait_for_completion_interruptible(&resp_type.work);
649 if (rc == 0)
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]650 rc = convert_response_ica(zdev, &ap_msg, mex->outputdata,
651 mex->outputdatalength);
Ralph Wuerthneraf512ed02007-07-10 11:24:19 +0200[diff] [blame]652 else
653 /* Signal pending. */
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]654 ap_cancel_message(zdev->ap_dev, &ap_msg);
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]655out_free:
656 free_page((unsigned long) ap_msg.message);
657 return rc;
658}
659
660/**
661 * The request distributor calls this function if it picked the PCIXCC/CEX2C
662 * device to handle a modexpo_crt request.
663 * @zdev: pointer to zcrypt_device structure that identifies the
664 * PCIXCC/CEX2C device to the request distributor
665 * @crt: pointer to the modexpoc_crt request buffer
666 */
667static long zcrypt_pcixcc_modexpo_crt(struct zcrypt_device *zdev,
668 struct ica_rsa_modexpo_crt *crt)
669{
670 struct ap_message ap_msg;
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]671 struct response_type resp_type = {
672 .type = PCIXCC_RESPONSE_TYPE_ICA,
673 };
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]674 int rc;
675
676 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
677 if (!ap_msg.message)
678 return -ENOMEM;
679 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
680 atomic_inc_return(&zcrypt_step);
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]681 ap_msg.private = &resp_type;
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]682 rc = ICACRT_msg_to_type6CRT_msgX(zdev, &ap_msg, crt);
683 if (rc)
684 goto out_free;
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]685 init_completion(&resp_type.work);
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]686 ap_queue_message(zdev->ap_dev, &ap_msg);
Ralph Wuerthneraf512ed02007-07-10 11:24:19 +0200[diff] [blame]687 rc = wait_for_completion_interruptible(&resp_type.work);
688 if (rc == 0)
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]689 rc = convert_response_ica(zdev, &ap_msg, crt->outputdata,
690 crt->outputdatalength);
Ralph Wuerthneraf512ed02007-07-10 11:24:19 +0200[diff] [blame]691 else
692 /* Signal pending. */
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]693 ap_cancel_message(zdev->ap_dev, &ap_msg);
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]694out_free:
695 free_page((unsigned long) ap_msg.message);
696 return rc;
697}
698
699/**
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]700 * The request distributor calls this function if it picked the PCIXCC/CEX2C
701 * device to handle a send_cprb request.
702 * @zdev: pointer to zcrypt_device structure that identifies the
703 * PCIXCC/CEX2C device to the request distributor
704 * @xcRB: pointer to the send_cprb request buffer
705 */
Heiko Carstens2b67fc42007-02-05 21:16:47 +0100[diff] [blame]706static long zcrypt_pcixcc_send_cprb(struct zcrypt_device *zdev,
707 struct ica_xcRB *xcRB)
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]708{
709 struct ap_message ap_msg;
710 struct response_type resp_type = {
711 .type = PCIXCC_RESPONSE_TYPE_XCRB,
712 };
713 int rc;
714
Robert P. J. Day5cbded52006-12-13 00:35:56 -0800[diff] [blame]715 ap_msg.message = kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE, GFP_KERNEL);
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]716 if (!ap_msg.message)
717 return -ENOMEM;
718 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
719 atomic_inc_return(&zcrypt_step);
720 ap_msg.private = &resp_type;
721 rc = XCRB_msg_to_type6CPRB_msgX(zdev, &ap_msg, xcRB);
722 if (rc)
723 goto out_free;
724 init_completion(&resp_type.work);
725 ap_queue_message(zdev->ap_dev, &ap_msg);
Ralph Wuerthneraf512ed02007-07-10 11:24:19 +0200[diff] [blame]726 rc = wait_for_completion_interruptible(&resp_type.work);
727 if (rc == 0)
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]728 rc = convert_response_xcrb(zdev, &ap_msg, xcRB);
Ralph Wuerthneraf512ed02007-07-10 11:24:19 +0200[diff] [blame]729 else
730 /* Signal pending. */
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]731 ap_cancel_message(zdev->ap_dev, &ap_msg);
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]732out_free:
733 memset(ap_msg.message, 0x0, ap_msg.length);
734 kfree(ap_msg.message);
735 return rc;
736}
737
738/**
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]739 * The crypto operations for a PCIXCC/CEX2C card.
740 */
741static struct zcrypt_ops zcrypt_pcixcc_ops = {
742 .rsa_modexpo = zcrypt_pcixcc_modexpo,
743 .rsa_modexpo_crt = zcrypt_pcixcc_modexpo_crt,
Ralph Wuerthner54321142006-09-20 15:58:36 +0200[diff] [blame]744 .send_cprb = zcrypt_pcixcc_send_cprb,
Martin Schwidefsky6684af12006-09-20 15:58:32 +0200[diff] [blame]745};
746
747/**
748 * Micro-code detection function. Its sends a message to a pcixcc card
749 * to find out the microcode level.
750 * @ap_dev: pointer to the AP device.
751 */
752static int zcrypt_pcixcc_mcl(struct ap_device *ap_dev)
753{
754 static unsigned char msg[] = {
755 0x00,0x06,0x00,0x00,0x00,0x00,0x00,0x00,
756 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
757 0x00,0x00,0x00,0x58,0x00,0x00,0x00,0x00,
758 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
759 0x43,0x41,0x00,0x00,0x00,0x00,0x00,0x00,
760 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
761 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x00,
762 0x00,0x00,0x01,0xC4,0x00,0x00,0x00,0x00,
763 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
764 0x00,0x00,0x07,0x24,0x00,0x00,0x00,0x00,
765 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
766 0x00,0xDC,0x02,0x00,0x00,0x00,0x54,0x32,
767 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE8,
768 0x00,0x00,0x00,0x00,0x00,0x00,0x07,0x24,
769 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
770 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
771 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
772 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
773 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
774 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
775 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
776 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
777 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
778 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
779 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
780 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
781 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
782 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
783 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
784 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
785 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
786 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
787 0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,
788 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
789 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
790 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
791 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
792 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
793 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x0A,
794 0x4D,0x52,0x50,0x20,0x20,0x20,0x20,0x20,
795 0x00,0x42,0x00,0x01,0x02,0x03,0x04,0x05,
796 0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,
797 0x0E,0x0F,0x00,0x11,0x22,0x33,0x44,0x55,
798 0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,
799 0xEE,0xFF,0xFF,0xEE,0xDD,0xCC,0xBB,0xAA,
800 0x99,0x88,0x77,0x66,0x55,0x44,0x33,0x22,
801 0x11,0x00,0x01,0x23,0x45,0x67,0x89,0xAB,
802 0xCD,0xEF,0xFE,0xDC,0xBA,0x98,0x76,0x54,
803 0x32,0x10,0x00,0x9A,0x00,0x98,0x00,0x00,
804 0x1E,0x00,0x00,0x94,0x00,0x00,0x00,0x00,
805 0x04,0x00,0x00,0x8C,0x00,0x00,0x00,0x40,
806 0x02,0x00,0x00,0x40,0xBA,0xE8,0x23,0x3C,
807 0x75,0xF3,0x91,0x61,0xD6,0x73,0x39,0xCF,
808 0x7B,0x6D,0x8E,0x61,0x97,0x63,0x9E,0xD9,
809 0x60,0x55,0xD6,0xC7,0xEF,0xF8,0x1E,0x63,
810 0x95,0x17,0xCC,0x28,0x45,0x60,0x11,0xC5,
811 0xC4,0x4E,0x66,0xC6,0xE6,0xC3,0xDE,0x8A,
812 0x19,0x30,0xCF,0x0E,0xD7,0xAA,0xDB,0x01,
813 0xD8,0x00,0xBB,0x8F,0x39,0x9F,0x64,0x28,
814 0xF5,0x7A,0x77,0x49,0xCC,0x6B,0xA3,0x91,
815 0x97,0x70,0xE7,0x60,0x1E,0x39,0xE1,0xE5,
816 0x33,0xE1,0x15,0x63,0x69,0x08,0x80,0x4C,
817 0x67,0xC4,0x41,0x8F,0x48,0xDF,0x26,0x98,
818 0xF1,0xD5,0x8D,0x88,0xD9,0x6A,0xA4,0x96,
819 0xC5,0x84,0xD9,0x30,0x49,0x67,0x7D,0x19,
820 0xB1,0xB3,0x45,0x4D,0xB2,0x53,0x9A,0x47,
821 0x3C,0x7C,0x55,0xBF,0xCC,0x85,0x00,0x36,
822 0xF1,0x3D,0x93,0x53
823 };
824 unsigned long long psmid;
825 struct CPRBX *cprbx;
826 char *reply;
827 int rc, i;
828
829 reply = (void *) get_zeroed_page(GFP_KERNEL);
830 if (!reply)
831 return -ENOMEM;
832
833 rc = ap_send(ap_dev->qid, 0x0102030405060708ULL, msg, sizeof(msg));
834 if (rc)
835 goto out_free;
836
837 /* Wait for the test message to complete. */
838 for (i = 0; i < 6; i++) {
839 mdelay(300);
840 rc = ap_recv(ap_dev->qid, &psmid, reply, 4096);
841 if (rc == 0 && psmid == 0x0102030405060708ULL)
842 break;
843 }
844
845 if (i >= 6) {
846 /* Got no answer. */
847 rc = -ENODEV;
848 goto out_free;
849 }
850
851 cprbx = (struct CPRBX *) (reply + 48);
852 if (cprbx->ccp_rtcode == 8 && cprbx->ccp_rscode == 33)
853 rc = ZCRYPT_PCIXCC_MCL2;
854 else
855 rc = ZCRYPT_PCIXCC_MCL3;
856out_free:
857 free_page((unsigned long) reply);
858 return rc;
859}
860
861/**
862 * Probe function for PCIXCC/CEX2C cards. It always accepts the AP device
863 * since the bus_match already checked the hardware type. The PCIXCC
864 * cards come in two flavours: micro code level 2 and micro code level 3.
865 * This is checked by sending a test message to the device.
866 * @ap_dev: pointer to the AP device.
867 */
868static int zcrypt_pcixcc_probe(struct ap_device *ap_dev)
869{
870 struct zcrypt_device *zdev;
871 int rc;
872
873 zdev = zcrypt_device_alloc(PCIXCC_MAX_RESPONSE_SIZE);
874 if (!zdev)
875 return -ENOMEM;
876 zdev->ap_dev = ap_dev;
877 zdev->ops = &zcrypt_pcixcc_ops;
878 zdev->online = 1;
879 if (ap_dev->device_type == AP_DEVICE_TYPE_PCIXCC) {
880 rc = zcrypt_pcixcc_mcl(ap_dev);
881 if (rc < 0) {
882 zcrypt_device_free(zdev);
883 return rc;
884 }
885 zdev->user_space_type = rc;
886 if (rc == ZCRYPT_PCIXCC_MCL2) {
887 zdev->type_string = "PCIXCC_MCL2";
888 zdev->speed_rating = PCIXCC_MCL2_SPEED_RATING;
889 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
890 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
891 } else {
892 zdev->type_string = "PCIXCC_MCL3";
893 zdev->speed_rating = PCIXCC_MCL3_SPEED_RATING;
894 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE;
895 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
896 }
897 } else {
898 zdev->user_space_type = ZCRYPT_CEX2C;
899 zdev->type_string = "CEX2C";
900 zdev->speed_rating = CEX2C_SPEED_RATING;
901 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE;
902 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
903 }
904 ap_dev->reply = &zdev->reply;
905 ap_dev->private = zdev;
906 rc = zcrypt_device_register(zdev);
907 if (rc)
908 goto out_free;
909 return 0;
910
911 out_free:
912 ap_dev->private = NULL;
913 zcrypt_device_free(zdev);
914 return rc;
915}
916
917/**
918 * This is called to remove the extended PCIXCC/CEX2C driver information
919 * if an AP device is removed.
920 */
921static void zcrypt_pcixcc_remove(struct ap_device *ap_dev)
922{
923 struct zcrypt_device *zdev = ap_dev->private;
924
925 zcrypt_device_unregister(zdev);
926}
927
928int __init zcrypt_pcixcc_init(void)
929{
930 return ap_driver_register(&zcrypt_pcixcc_driver, THIS_MODULE, "pcixcc");
931}
932
933void zcrypt_pcixcc_exit(void)
934{
935 ap_driver_unregister(&zcrypt_pcixcc_driver);
936}
937
938#ifndef CONFIG_ZCRYPT_MONOLITHIC
939module_init(zcrypt_pcixcc_init);
940module_exit(zcrypt_pcixcc_exit);
941#endif