xref: /openbmc/linux/arch/s390/include/asm/cpacf.h (revision 301306a9)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3  * CP Assist for Cryptographic Functions (CPACF)
4  *
5  * Copyright IBM Corp. 2003, 2017
6  * Author(s): Thomas Spatzier
7  *	      Jan Glauber
8  *	      Harald Freudenberger (freude@de.ibm.com)
9  *	      Martin Schwidefsky <schwidefsky@de.ibm.com>
10  */
11 #ifndef _ASM_S390_CPACF_H
12 #define _ASM_S390_CPACF_H
13 
14 #include <asm/facility.h>
15 
16 /*
17  * Instruction opcodes for the CPACF instructions
18  */
19 #define CPACF_KMAC		0xb91e		/* MSA	*/
20 #define CPACF_KM		0xb92e		/* MSA	*/
21 #define CPACF_KMC		0xb92f		/* MSA	*/
22 #define CPACF_KIMD		0xb93e		/* MSA	*/
23 #define CPACF_KLMD		0xb93f		/* MSA	*/
24 #define CPACF_PCKMO		0xb928		/* MSA3 */
25 #define CPACF_KMF		0xb92a		/* MSA4 */
26 #define CPACF_KMO		0xb92b		/* MSA4 */
27 #define CPACF_PCC		0xb92c		/* MSA4 */
28 #define CPACF_KMCTR		0xb92d		/* MSA4 */
29 #define CPACF_PRNO		0xb93c		/* MSA5 */
30 #define CPACF_KMA		0xb929		/* MSA8 */
31 #define CPACF_KDSA		0xb93a		/* MSA9 */
32 
33 /*
34  * En/decryption modifier bits
35  */
36 #define CPACF_ENCRYPT		0x00
37 #define CPACF_DECRYPT		0x80
38 
39 /*
40  * Function codes for the KM (CIPHER MESSAGE) instruction
41  */
42 #define CPACF_KM_QUERY		0x00
43 #define CPACF_KM_DEA		0x01
44 #define CPACF_KM_TDEA_128	0x02
45 #define CPACF_KM_TDEA_192	0x03
46 #define CPACF_KM_AES_128	0x12
47 #define CPACF_KM_AES_192	0x13
48 #define CPACF_KM_AES_256	0x14
49 #define CPACF_KM_PAES_128	0x1a
50 #define CPACF_KM_PAES_192	0x1b
51 #define CPACF_KM_PAES_256	0x1c
52 #define CPACF_KM_XTS_128	0x32
53 #define CPACF_KM_XTS_256	0x34
54 #define CPACF_KM_PXTS_128	0x3a
55 #define CPACF_KM_PXTS_256	0x3c
56 
57 /*
58  * Function codes for the KMC (CIPHER MESSAGE WITH CHAINING)
59  * instruction
60  */
61 #define CPACF_KMC_QUERY		0x00
62 #define CPACF_KMC_DEA		0x01
63 #define CPACF_KMC_TDEA_128	0x02
64 #define CPACF_KMC_TDEA_192	0x03
65 #define CPACF_KMC_AES_128	0x12
66 #define CPACF_KMC_AES_192	0x13
67 #define CPACF_KMC_AES_256	0x14
68 #define CPACF_KMC_PAES_128	0x1a
69 #define CPACF_KMC_PAES_192	0x1b
70 #define CPACF_KMC_PAES_256	0x1c
71 #define CPACF_KMC_PRNG		0x43
72 
73 /*
74  * Function codes for the KMCTR (CIPHER MESSAGE WITH COUNTER)
75  * instruction
76  */
77 #define CPACF_KMCTR_QUERY	0x00
78 #define CPACF_KMCTR_DEA		0x01
79 #define CPACF_KMCTR_TDEA_128	0x02
80 #define CPACF_KMCTR_TDEA_192	0x03
81 #define CPACF_KMCTR_AES_128	0x12
82 #define CPACF_KMCTR_AES_192	0x13
83 #define CPACF_KMCTR_AES_256	0x14
84 #define CPACF_KMCTR_PAES_128	0x1a
85 #define CPACF_KMCTR_PAES_192	0x1b
86 #define CPACF_KMCTR_PAES_256	0x1c
87 
88 /*
89  * Function codes for the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST)
90  * instruction
91  */
92 #define CPACF_KIMD_QUERY	0x00
93 #define CPACF_KIMD_SHA_1	0x01
94 #define CPACF_KIMD_SHA_256	0x02
95 #define CPACF_KIMD_SHA_512	0x03
96 #define CPACF_KIMD_SHA3_224	0x20
97 #define CPACF_KIMD_SHA3_256	0x21
98 #define CPACF_KIMD_SHA3_384	0x22
99 #define CPACF_KIMD_SHA3_512	0x23
100 #define CPACF_KIMD_GHASH	0x41
101 
102 /*
103  * Function codes for the KLMD (COMPUTE LAST MESSAGE DIGEST)
104  * instruction
105  */
106 #define CPACF_KLMD_QUERY	0x00
107 #define CPACF_KLMD_SHA_1	0x01
108 #define CPACF_KLMD_SHA_256	0x02
109 #define CPACF_KLMD_SHA_512	0x03
110 #define CPACF_KLMD_SHA3_224	0x20
111 #define CPACF_KLMD_SHA3_256	0x21
112 #define CPACF_KLMD_SHA3_384	0x22
113 #define CPACF_KLMD_SHA3_512	0x23
114 
115 /*
116  * function codes for the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE)
117  * instruction
118  */
119 #define CPACF_KMAC_QUERY	0x00
120 #define CPACF_KMAC_DEA		0x01
121 #define CPACF_KMAC_TDEA_128	0x02
122 #define CPACF_KMAC_TDEA_192	0x03
123 
124 /*
125  * Function codes for the PCKMO (PERFORM CRYPTOGRAPHIC KEY MANAGEMENT)
126  * instruction
127  */
128 #define CPACF_PCKMO_QUERY		0x00
129 #define CPACF_PCKMO_ENC_DES_KEY		0x01
130 #define CPACF_PCKMO_ENC_TDES_128_KEY	0x02
131 #define CPACF_PCKMO_ENC_TDES_192_KEY	0x03
132 #define CPACF_PCKMO_ENC_AES_128_KEY	0x12
133 #define CPACF_PCKMO_ENC_AES_192_KEY	0x13
134 #define CPACF_PCKMO_ENC_AES_256_KEY	0x14
135 
136 /*
137  * Function codes for the PRNO (PERFORM RANDOM NUMBER OPERATION)
138  * instruction
139  */
140 #define CPACF_PRNO_QUERY		0x00
141 #define CPACF_PRNO_SHA512_DRNG_GEN	0x03
142 #define CPACF_PRNO_SHA512_DRNG_SEED	0x83
143 #define CPACF_PRNO_TRNG_Q_R2C_RATIO	0x70
144 #define CPACF_PRNO_TRNG			0x72
145 
146 /*
147  * Function codes for the KMA (CIPHER MESSAGE WITH AUTHENTICATION)
148  * instruction
149  */
150 #define CPACF_KMA_QUERY		0x00
151 #define CPACF_KMA_GCM_AES_128	0x12
152 #define CPACF_KMA_GCM_AES_192	0x13
153 #define CPACF_KMA_GCM_AES_256	0x14
154 
155 /*
156  * Flags for the KMA (CIPHER MESSAGE WITH AUTHENTICATION) instruction
157  */
158 #define CPACF_KMA_LPC	0x100	/* Last-Plaintext/Ciphertext */
159 #define CPACF_KMA_LAAD	0x200	/* Last-AAD */
160 #define CPACF_KMA_HS	0x400	/* Hash-subkey Supplied */
161 
162 typedef struct { unsigned char bytes[16]; } cpacf_mask_t;
163 
164 /**
165  * cpacf_query() - check if a specific CPACF function is available
166  * @opcode: the opcode of the crypto instruction
167  * @func: the function code to test for
168  *
169  * Executes the query function for the given crypto instruction @opcode
170  * and checks if @func is available
171  *
172  * Returns 1 if @func is available for @opcode, 0 otherwise
173  */
174 static __always_inline void __cpacf_query(unsigned int opcode, cpacf_mask_t *mask)
175 {
176 	asm volatile(
177 		"	lghi	0,0\n" /* query function */
178 		"	lgr	1,%[mask]\n"
179 		"	spm	0\n" /* pckmo doesn't change the cc */
180 		/* Parameter regs are ignored, but must be nonzero and unique */
181 		"0:	.insn	rrf,%[opc] << 16,2,4,6,0\n"
182 		"	brc	1,0b\n"	/* handle partial completion */
183 		: "=m" (*mask)
184 		: [mask] "d" ((unsigned long)mask), [opc] "i" (opcode)
185 		: "cc", "0", "1");
186 }
187 
188 static __always_inline int __cpacf_check_opcode(unsigned int opcode)
189 {
190 	switch (opcode) {
191 	case CPACF_KMAC:
192 	case CPACF_KM:
193 	case CPACF_KMC:
194 	case CPACF_KIMD:
195 	case CPACF_KLMD:
196 		return test_facility(17);	/* check for MSA */
197 	case CPACF_PCKMO:
198 		return test_facility(76);	/* check for MSA3 */
199 	case CPACF_KMF:
200 	case CPACF_KMO:
201 	case CPACF_PCC:
202 	case CPACF_KMCTR:
203 		return test_facility(77);	/* check for MSA4 */
204 	case CPACF_PRNO:
205 		return test_facility(57);	/* check for MSA5 */
206 	case CPACF_KMA:
207 		return test_facility(146);	/* check for MSA8 */
208 	default:
209 		BUG();
210 	}
211 }
212 
213 static __always_inline int cpacf_query(unsigned int opcode, cpacf_mask_t *mask)
214 {
215 	if (__cpacf_check_opcode(opcode)) {
216 		__cpacf_query(opcode, mask);
217 		return 1;
218 	}
219 	memset(mask, 0, sizeof(*mask));
220 	return 0;
221 }
222 
223 static inline int cpacf_test_func(cpacf_mask_t *mask, unsigned int func)
224 {
225 	return (mask->bytes[func >> 3] & (0x80 >> (func & 7))) != 0;
226 }
227 
228 static __always_inline int cpacf_query_func(unsigned int opcode, unsigned int func)
229 {
230 	cpacf_mask_t mask;
231 
232 	if (cpacf_query(opcode, &mask))
233 		return cpacf_test_func(&mask, func);
234 	return 0;
235 }
236 
237 /**
238  * cpacf_km() - executes the KM (CIPHER MESSAGE) instruction
239  * @func: the function code passed to KM; see CPACF_KM_xxx defines
240  * @param: address of parameter block; see POP for details on each func
241  * @dest: address of destination memory area
242  * @src: address of source memory area
243  * @src_len: length of src operand in bytes
244  *
245  * Returns 0 for the query func, number of processed bytes for
246  * encryption/decryption funcs
247  */
248 static inline int cpacf_km(unsigned long func, void *param,
249 			   u8 *dest, const u8 *src, long src_len)
250 {
251 	union register_pair d, s;
252 
253 	d.even = (unsigned long)dest;
254 	s.even = (unsigned long)src;
255 	s.odd  = (unsigned long)src_len;
256 	asm volatile(
257 		"	lgr	0,%[fc]\n"
258 		"	lgr	1,%[pba]\n"
259 		"0:	.insn	rre,%[opc] << 16,%[dst],%[src]\n"
260 		"	brc	1,0b\n" /* handle partial completion */
261 		: [src] "+&d" (s.pair), [dst] "+&d" (d.pair)
262 		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
263 		  [opc] "i" (CPACF_KM)
264 		: "cc", "memory", "0", "1");
265 
266 	return src_len - s.odd;
267 }
268 
269 /**
270  * cpacf_kmc() - executes the KMC (CIPHER MESSAGE WITH CHAINING) instruction
271  * @func: the function code passed to KM; see CPACF_KMC_xxx defines
272  * @param: address of parameter block; see POP for details on each func
273  * @dest: address of destination memory area
274  * @src: address of source memory area
275  * @src_len: length of src operand in bytes
276  *
277  * Returns 0 for the query func, number of processed bytes for
278  * encryption/decryption funcs
279  */
280 static inline int cpacf_kmc(unsigned long func, void *param,
281 			    u8 *dest, const u8 *src, long src_len)
282 {
283 	union register_pair d, s;
284 
285 	d.even = (unsigned long)dest;
286 	s.even = (unsigned long)src;
287 	s.odd  = (unsigned long)src_len;
288 	asm volatile(
289 		"	lgr	0,%[fc]\n"
290 		"	lgr	1,%[pba]\n"
291 		"0:	.insn	rre,%[opc] << 16,%[dst],%[src]\n"
292 		"	brc	1,0b\n" /* handle partial completion */
293 		: [src] "+&d" (s.pair), [dst] "+&d" (d.pair)
294 		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
295 		  [opc] "i" (CPACF_KMC)
296 		: "cc", "memory", "0", "1");
297 
298 	return src_len - s.odd;
299 }
300 
301 /**
302  * cpacf_kimd() - executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST)
303  *		  instruction
304  * @func: the function code passed to KM; see CPACF_KIMD_xxx defines
305  * @param: address of parameter block; see POP for details on each func
306  * @src: address of source memory area
307  * @src_len: length of src operand in bytes
308  */
309 static inline void cpacf_kimd(unsigned long func, void *param,
310 			      const u8 *src, long src_len)
311 {
312 	union register_pair s;
313 
314 	s.even = (unsigned long)src;
315 	s.odd  = (unsigned long)src_len;
316 	asm volatile(
317 		"	lgr	0,%[fc]\n"
318 		"	lgr	1,%[pba]\n"
319 		"0:	.insn	rre,%[opc] << 16,0,%[src]\n"
320 		"	brc	1,0b\n" /* handle partial completion */
321 		: [src] "+&d" (s.pair)
322 		: [fc] "d" (func), [pba] "d" ((unsigned long)(param)),
323 		  [opc] "i" (CPACF_KIMD)
324 		: "cc", "memory", "0", "1");
325 }
326 
327 /**
328  * cpacf_klmd() - executes the KLMD (COMPUTE LAST MESSAGE DIGEST) instruction
329  * @func: the function code passed to KM; see CPACF_KLMD_xxx defines
330  * @param: address of parameter block; see POP for details on each func
331  * @src: address of source memory area
332  * @src_len: length of src operand in bytes
333  */
334 static inline void cpacf_klmd(unsigned long func, void *param,
335 			      const u8 *src, long src_len)
336 {
337 	union register_pair s;
338 
339 	s.even = (unsigned long)src;
340 	s.odd  = (unsigned long)src_len;
341 	asm volatile(
342 		"	lgr	0,%[fc]\n"
343 		"	lgr	1,%[pba]\n"
344 		"0:	.insn	rre,%[opc] << 16,0,%[src]\n"
345 		"	brc	1,0b\n" /* handle partial completion */
346 		: [src] "+&d" (s.pair)
347 		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
348 		  [opc] "i" (CPACF_KLMD)
349 		: "cc", "memory", "0", "1");
350 }
351 
352 /**
353  * cpacf_kmac() - executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE)
354  *		  instruction
355  * @func: the function code passed to KM; see CPACF_KMAC_xxx defines
356  * @param: address of parameter block; see POP for details on each func
357  * @src: address of source memory area
358  * @src_len: length of src operand in bytes
359  *
360  * Returns 0 for the query func, number of processed bytes for digest funcs
361  */
362 static inline int cpacf_kmac(unsigned long func, void *param,
363 			     const u8 *src, long src_len)
364 {
365 	union register_pair s;
366 
367 	s.even = (unsigned long)src;
368 	s.odd  = (unsigned long)src_len;
369 	asm volatile(
370 		"	lgr	0,%[fc]\n"
371 		"	lgr	1,%[pba]\n"
372 		"0:	.insn	rre,%[opc] << 16,0,%[src]\n"
373 		"	brc	1,0b\n" /* handle partial completion */
374 		: [src] "+&d" (s.pair)
375 		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
376 		  [opc] "i" (CPACF_KMAC)
377 		: "cc", "memory", "0", "1");
378 
379 	return src_len - s.odd;
380 }
381 
382 /**
383  * cpacf_kmctr() - executes the KMCTR (CIPHER MESSAGE WITH COUNTER) instruction
384  * @func: the function code passed to KMCTR; see CPACF_KMCTR_xxx defines
385  * @param: address of parameter block; see POP for details on each func
386  * @dest: address of destination memory area
387  * @src: address of source memory area
388  * @src_len: length of src operand in bytes
389  * @counter: address of counter value
390  *
391  * Returns 0 for the query func, number of processed bytes for
392  * encryption/decryption funcs
393  */
394 static inline int cpacf_kmctr(unsigned long func, void *param, u8 *dest,
395 			      const u8 *src, long src_len, u8 *counter)
396 {
397 	union register_pair d, s, c;
398 
399 	d.even = (unsigned long)dest;
400 	s.even = (unsigned long)src;
401 	s.odd  = (unsigned long)src_len;
402 	c.even = (unsigned long)counter;
403 	asm volatile(
404 		"	lgr	0,%[fc]\n"
405 		"	lgr	1,%[pba]\n"
406 		"0:	.insn	rrf,%[opc] << 16,%[dst],%[src],%[ctr],0\n"
407 		"	brc	1,0b\n" /* handle partial completion */
408 		: [src] "+&d" (s.pair), [dst] "+&d" (d.pair),
409 		  [ctr] "+&d" (c.pair)
410 		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
411 		  [opc] "i" (CPACF_KMCTR)
412 		: "cc", "memory", "0", "1");
413 
414 	return src_len - s.odd;
415 }
416 
417 /**
418  * cpacf_prno() - executes the PRNO (PERFORM RANDOM NUMBER OPERATION)
419  *		  instruction
420  * @func: the function code passed to PRNO; see CPACF_PRNO_xxx defines
421  * @param: address of parameter block; see POP for details on each func
422  * @dest: address of destination memory area
423  * @dest_len: size of destination memory area in bytes
424  * @seed: address of seed data
425  * @seed_len: size of seed data in bytes
426  */
427 static inline void cpacf_prno(unsigned long func, void *param,
428 			      u8 *dest, unsigned long dest_len,
429 			      const u8 *seed, unsigned long seed_len)
430 {
431 	union register_pair d, s;
432 
433 	d.even = (unsigned long)dest;
434 	d.odd  = (unsigned long)dest_len;
435 	s.even = (unsigned long)seed;
436 	s.odd  = (unsigned long)seed_len;
437 	asm volatile (
438 		"	lgr	0,%[fc]\n"
439 		"	lgr	1,%[pba]\n"
440 		"0:	.insn	rre,%[opc] << 16,%[dst],%[seed]\n"
441 		"	brc	1,0b\n"	  /* handle partial completion */
442 		: [dst] "+&d" (d.pair)
443 		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
444 		  [seed] "d" (s.pair), [opc] "i" (CPACF_PRNO)
445 		: "cc", "memory", "0", "1");
446 }
447 
448 /**
449  * cpacf_trng() - executes the TRNG subfunction of the PRNO instruction
450  * @ucbuf: buffer for unconditioned data
451  * @ucbuf_len: amount of unconditioned data to fetch in bytes
452  * @cbuf: buffer for conditioned data
453  * @cbuf_len: amount of conditioned data to fetch in bytes
454  */
455 static inline void cpacf_trng(u8 *ucbuf, unsigned long ucbuf_len,
456 			      u8 *cbuf, unsigned long cbuf_len)
457 {
458 	union register_pair u, c;
459 
460 	u.even = (unsigned long)ucbuf;
461 	u.odd  = (unsigned long)ucbuf_len;
462 	c.even = (unsigned long)cbuf;
463 	c.odd  = (unsigned long)cbuf_len;
464 	asm volatile (
465 		"	lghi	0,%[fc]\n"
466 		"0:	.insn	rre,%[opc] << 16,%[ucbuf],%[cbuf]\n"
467 		"	brc	1,0b\n"	  /* handle partial completion */
468 		: [ucbuf] "+&d" (u.pair), [cbuf] "+&d" (c.pair)
469 		: [fc] "K" (CPACF_PRNO_TRNG), [opc] "i" (CPACF_PRNO)
470 		: "cc", "memory", "0");
471 }
472 
473 /**
474  * cpacf_pcc() - executes the PCC (PERFORM CRYPTOGRAPHIC COMPUTATION)
475  *		 instruction
476  * @func: the function code passed to PCC; see CPACF_KM_xxx defines
477  * @param: address of parameter block; see POP for details on each func
478  */
479 static inline void cpacf_pcc(unsigned long func, void *param)
480 {
481 	asm volatile(
482 		"	lgr	0,%[fc]\n"
483 		"	lgr	1,%[pba]\n"
484 		"0:	.insn	rre,%[opc] << 16,0,0\n" /* PCC opcode */
485 		"	brc	1,0b\n" /* handle partial completion */
486 		:
487 		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
488 		  [opc] "i" (CPACF_PCC)
489 		: "cc", "memory", "0", "1");
490 }
491 
492 /**
493  * cpacf_pckmo() - executes the PCKMO (PERFORM CRYPTOGRAPHIC KEY
494  *		  MANAGEMENT) instruction
495  * @func: the function code passed to PCKMO; see CPACF_PCKMO_xxx defines
496  * @param: address of parameter block; see POP for details on each func
497  *
498  * Returns 0.
499  */
500 static inline void cpacf_pckmo(long func, void *param)
501 {
502 	asm volatile(
503 		"	lgr	0,%[fc]\n"
504 		"	lgr	1,%[pba]\n"
505 		"       .insn   rre,%[opc] << 16,0,0\n" /* PCKMO opcode */
506 		:
507 		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
508 		  [opc] "i" (CPACF_PCKMO)
509 		: "cc", "memory", "0", "1");
510 }
511 
512 /**
513  * cpacf_kma() - executes the KMA (CIPHER MESSAGE WITH AUTHENTICATION)
514  *		 instruction
515  * @func: the function code passed to KMA; see CPACF_KMA_xxx defines
516  * @param: address of parameter block; see POP for details on each func
517  * @dest: address of destination memory area
518  * @src: address of source memory area
519  * @src_len: length of src operand in bytes
520  * @aad: address of additional authenticated data memory area
521  * @aad_len: length of aad operand in bytes
522  */
523 static inline void cpacf_kma(unsigned long func, void *param, u8 *dest,
524 			     const u8 *src, unsigned long src_len,
525 			     const u8 *aad, unsigned long aad_len)
526 {
527 	union register_pair d, s, a;
528 
529 	d.even = (unsigned long)dest;
530 	s.even = (unsigned long)src;
531 	s.odd  = (unsigned long)src_len;
532 	a.even = (unsigned long)aad;
533 	a.odd  = (unsigned long)aad_len;
534 	asm volatile(
535 		"	lgr	0,%[fc]\n"
536 		"	lgr	1,%[pba]\n"
537 		"0:	.insn	rrf,%[opc] << 16,%[dst],%[src],%[aad],0\n"
538 		"	brc	1,0b\n"	/* handle partial completion */
539 		: [dst] "+&d" (d.pair), [src] "+&d" (s.pair),
540 		  [aad] "+&d" (a.pair)
541 		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
542 		  [opc] "i" (CPACF_KMA)
543 		: "cc", "memory", "0", "1");
544 }
545 
546 #endif	/* _ASM_S390_CPACF_H */
547