1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * CP Assist for Cryptographic Functions (CPACF) 4 * 5 * Copyright IBM Corp. 2003, 2017 6 * Author(s): Thomas Spatzier 7 * Jan Glauber 8 * Harald Freudenberger (freude@de.ibm.com) 9 * Martin Schwidefsky <schwidefsky@de.ibm.com> 10 */ 11 #ifndef _ASM_S390_CPACF_H 12 #define _ASM_S390_CPACF_H 13 14 #include <asm/facility.h> 15 16 /* 17 * Instruction opcodes for the CPACF instructions 18 */ 19 #define CPACF_KMAC 0xb91e /* MSA */ 20 #define CPACF_KM 0xb92e /* MSA */ 21 #define CPACF_KMC 0xb92f /* MSA */ 22 #define CPACF_KIMD 0xb93e /* MSA */ 23 #define CPACF_KLMD 0xb93f /* MSA */ 24 #define CPACF_PCKMO 0xb928 /* MSA3 */ 25 #define CPACF_KMF 0xb92a /* MSA4 */ 26 #define CPACF_KMO 0xb92b /* MSA4 */ 27 #define CPACF_PCC 0xb92c /* MSA4 */ 28 #define CPACF_KMCTR 0xb92d /* MSA4 */ 29 #define CPACF_PRNO 0xb93c /* MSA5 */ 30 #define CPACF_KMA 0xb929 /* MSA8 */ 31 #define CPACF_KDSA 0xb93a /* MSA9 */ 32 33 /* 34 * En/decryption modifier bits 35 */ 36 #define CPACF_ENCRYPT 0x00 37 #define CPACF_DECRYPT 0x80 38 39 /* 40 * Function codes for the KM (CIPHER MESSAGE) instruction 41 */ 42 #define CPACF_KM_QUERY 0x00 43 #define CPACF_KM_DEA 0x01 44 #define CPACF_KM_TDEA_128 0x02 45 #define CPACF_KM_TDEA_192 0x03 46 #define CPACF_KM_AES_128 0x12 47 #define CPACF_KM_AES_192 0x13 48 #define CPACF_KM_AES_256 0x14 49 #define CPACF_KM_PAES_128 0x1a 50 #define CPACF_KM_PAES_192 0x1b 51 #define CPACF_KM_PAES_256 0x1c 52 #define CPACF_KM_XTS_128 0x32 53 #define CPACF_KM_XTS_256 0x34 54 #define CPACF_KM_PXTS_128 0x3a 55 #define CPACF_KM_PXTS_256 0x3c 56 57 /* 58 * Function codes for the KMC (CIPHER MESSAGE WITH CHAINING) 59 * instruction 60 */ 61 #define CPACF_KMC_QUERY 0x00 62 #define CPACF_KMC_DEA 0x01 63 #define CPACF_KMC_TDEA_128 0x02 64 #define CPACF_KMC_TDEA_192 0x03 65 #define CPACF_KMC_AES_128 0x12 66 #define CPACF_KMC_AES_192 0x13 67 #define CPACF_KMC_AES_256 0x14 68 #define CPACF_KMC_PAES_128 0x1a 69 #define CPACF_KMC_PAES_192 0x1b 70 #define CPACF_KMC_PAES_256 0x1c 71 #define CPACF_KMC_PRNG 0x43 72 73 /* 74 * Function codes for the KMCTR (CIPHER MESSAGE WITH COUNTER) 75 * instruction 76 */ 77 #define CPACF_KMCTR_QUERY 0x00 78 #define CPACF_KMCTR_DEA 0x01 79 #define CPACF_KMCTR_TDEA_128 0x02 80 #define CPACF_KMCTR_TDEA_192 0x03 81 #define CPACF_KMCTR_AES_128 0x12 82 #define CPACF_KMCTR_AES_192 0x13 83 #define CPACF_KMCTR_AES_256 0x14 84 #define CPACF_KMCTR_PAES_128 0x1a 85 #define CPACF_KMCTR_PAES_192 0x1b 86 #define CPACF_KMCTR_PAES_256 0x1c 87 88 /* 89 * Function codes for the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) 90 * instruction 91 */ 92 #define CPACF_KIMD_QUERY 0x00 93 #define CPACF_KIMD_SHA_1 0x01 94 #define CPACF_KIMD_SHA_256 0x02 95 #define CPACF_KIMD_SHA_512 0x03 96 #define CPACF_KIMD_SHA3_224 0x20 97 #define CPACF_KIMD_SHA3_256 0x21 98 #define CPACF_KIMD_SHA3_384 0x22 99 #define CPACF_KIMD_SHA3_512 0x23 100 #define CPACF_KIMD_GHASH 0x41 101 102 /* 103 * Function codes for the KLMD (COMPUTE LAST MESSAGE DIGEST) 104 * instruction 105 */ 106 #define CPACF_KLMD_QUERY 0x00 107 #define CPACF_KLMD_SHA_1 0x01 108 #define CPACF_KLMD_SHA_256 0x02 109 #define CPACF_KLMD_SHA_512 0x03 110 #define CPACF_KLMD_SHA3_224 0x20 111 #define CPACF_KLMD_SHA3_256 0x21 112 #define CPACF_KLMD_SHA3_384 0x22 113 #define CPACF_KLMD_SHA3_512 0x23 114 115 /* 116 * function codes for the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) 117 * instruction 118 */ 119 #define CPACF_KMAC_QUERY 0x00 120 #define CPACF_KMAC_DEA 0x01 121 #define CPACF_KMAC_TDEA_128 0x02 122 #define CPACF_KMAC_TDEA_192 0x03 123 124 /* 125 * Function codes for the PCKMO (PERFORM CRYPTOGRAPHIC KEY MANAGEMENT) 126 * instruction 127 */ 128 #define CPACF_PCKMO_QUERY 0x00 129 #define CPACF_PCKMO_ENC_DES_KEY 0x01 130 #define CPACF_PCKMO_ENC_TDES_128_KEY 0x02 131 #define CPACF_PCKMO_ENC_TDES_192_KEY 0x03 132 #define CPACF_PCKMO_ENC_AES_128_KEY 0x12 133 #define CPACF_PCKMO_ENC_AES_192_KEY 0x13 134 #define CPACF_PCKMO_ENC_AES_256_KEY 0x14 135 136 /* 137 * Function codes for the PRNO (PERFORM RANDOM NUMBER OPERATION) 138 * instruction 139 */ 140 #define CPACF_PRNO_QUERY 0x00 141 #define CPACF_PRNO_SHA512_DRNG_GEN 0x03 142 #define CPACF_PRNO_SHA512_DRNG_SEED 0x83 143 #define CPACF_PRNO_TRNG_Q_R2C_RATIO 0x70 144 #define CPACF_PRNO_TRNG 0x72 145 146 /* 147 * Function codes for the KMA (CIPHER MESSAGE WITH AUTHENTICATION) 148 * instruction 149 */ 150 #define CPACF_KMA_QUERY 0x00 151 #define CPACF_KMA_GCM_AES_128 0x12 152 #define CPACF_KMA_GCM_AES_192 0x13 153 #define CPACF_KMA_GCM_AES_256 0x14 154 155 /* 156 * Flags for the KMA (CIPHER MESSAGE WITH AUTHENTICATION) instruction 157 */ 158 #define CPACF_KMA_LPC 0x100 /* Last-Plaintext/Ciphertext */ 159 #define CPACF_KMA_LAAD 0x200 /* Last-AAD */ 160 #define CPACF_KMA_HS 0x400 /* Hash-subkey Supplied */ 161 162 typedef struct { unsigned char bytes[16]; } cpacf_mask_t; 163 164 /** 165 * cpacf_query() - check if a specific CPACF function is available 166 * @opcode: the opcode of the crypto instruction 167 * @func: the function code to test for 168 * 169 * Executes the query function for the given crypto instruction @opcode 170 * and checks if @func is available 171 * 172 * Returns 1 if @func is available for @opcode, 0 otherwise 173 */ 174 static inline void __cpacf_query(unsigned int opcode, cpacf_mask_t *mask) 175 { 176 register unsigned long r0 asm("0") = 0; /* query function */ 177 register unsigned long r1 asm("1") = (unsigned long) mask; 178 179 asm volatile( 180 " spm 0\n" /* pckmo doesn't change the cc */ 181 /* Parameter regs are ignored, but must be nonzero and unique */ 182 "0: .insn rrf,%[opc] << 16,2,4,6,0\n" 183 " brc 1,0b\n" /* handle partial completion */ 184 : "=m" (*mask) 185 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (opcode) 186 : "cc"); 187 } 188 189 static __always_inline int __cpacf_check_opcode(unsigned int opcode) 190 { 191 switch (opcode) { 192 case CPACF_KMAC: 193 case CPACF_KM: 194 case CPACF_KMC: 195 case CPACF_KIMD: 196 case CPACF_KLMD: 197 return test_facility(17); /* check for MSA */ 198 case CPACF_PCKMO: 199 return test_facility(76); /* check for MSA3 */ 200 case CPACF_KMF: 201 case CPACF_KMO: 202 case CPACF_PCC: 203 case CPACF_KMCTR: 204 return test_facility(77); /* check for MSA4 */ 205 case CPACF_PRNO: 206 return test_facility(57); /* check for MSA5 */ 207 case CPACF_KMA: 208 return test_facility(146); /* check for MSA8 */ 209 default: 210 BUG(); 211 } 212 } 213 214 static __always_inline int cpacf_query(unsigned int opcode, cpacf_mask_t *mask) 215 { 216 if (__cpacf_check_opcode(opcode)) { 217 __cpacf_query(opcode, mask); 218 return 1; 219 } 220 memset(mask, 0, sizeof(*mask)); 221 return 0; 222 } 223 224 static inline int cpacf_test_func(cpacf_mask_t *mask, unsigned int func) 225 { 226 return (mask->bytes[func >> 3] & (0x80 >> (func & 7))) != 0; 227 } 228 229 static __always_inline int cpacf_query_func(unsigned int opcode, unsigned int func) 230 { 231 cpacf_mask_t mask; 232 233 if (cpacf_query(opcode, &mask)) 234 return cpacf_test_func(&mask, func); 235 return 0; 236 } 237 238 /** 239 * cpacf_km() - executes the KM (CIPHER MESSAGE) instruction 240 * @func: the function code passed to KM; see CPACF_KM_xxx defines 241 * @param: address of parameter block; see POP for details on each func 242 * @dest: address of destination memory area 243 * @src: address of source memory area 244 * @src_len: length of src operand in bytes 245 * 246 * Returns 0 for the query func, number of processed bytes for 247 * encryption/decryption funcs 248 */ 249 static inline int cpacf_km(unsigned long func, void *param, 250 u8 *dest, const u8 *src, long src_len) 251 { 252 register unsigned long r0 asm("0") = (unsigned long) func; 253 register unsigned long r1 asm("1") = (unsigned long) param; 254 register unsigned long r2 asm("2") = (unsigned long) src; 255 register unsigned long r3 asm("3") = (unsigned long) src_len; 256 register unsigned long r4 asm("4") = (unsigned long) dest; 257 258 asm volatile( 259 "0: .insn rre,%[opc] << 16,%[dst],%[src]\n" 260 " brc 1,0b\n" /* handle partial completion */ 261 : [src] "+a" (r2), [len] "+d" (r3), [dst] "+a" (r4) 262 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KM) 263 : "cc", "memory"); 264 265 return src_len - r3; 266 } 267 268 /** 269 * cpacf_kmc() - executes the KMC (CIPHER MESSAGE WITH CHAINING) instruction 270 * @func: the function code passed to KM; see CPACF_KMC_xxx defines 271 * @param: address of parameter block; see POP for details on each func 272 * @dest: address of destination memory area 273 * @src: address of source memory area 274 * @src_len: length of src operand in bytes 275 * 276 * Returns 0 for the query func, number of processed bytes for 277 * encryption/decryption funcs 278 */ 279 static inline int cpacf_kmc(unsigned long func, void *param, 280 u8 *dest, const u8 *src, long src_len) 281 { 282 register unsigned long r0 asm("0") = (unsigned long) func; 283 register unsigned long r1 asm("1") = (unsigned long) param; 284 register unsigned long r2 asm("2") = (unsigned long) src; 285 register unsigned long r3 asm("3") = (unsigned long) src_len; 286 register unsigned long r4 asm("4") = (unsigned long) dest; 287 288 asm volatile( 289 "0: .insn rre,%[opc] << 16,%[dst],%[src]\n" 290 " brc 1,0b\n" /* handle partial completion */ 291 : [src] "+a" (r2), [len] "+d" (r3), [dst] "+a" (r4) 292 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KMC) 293 : "cc", "memory"); 294 295 return src_len - r3; 296 } 297 298 /** 299 * cpacf_kimd() - executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) 300 * instruction 301 * @func: the function code passed to KM; see CPACF_KIMD_xxx defines 302 * @param: address of parameter block; see POP for details on each func 303 * @src: address of source memory area 304 * @src_len: length of src operand in bytes 305 */ 306 static inline void cpacf_kimd(unsigned long func, void *param, 307 const u8 *src, long src_len) 308 { 309 register unsigned long r0 asm("0") = (unsigned long) func; 310 register unsigned long r1 asm("1") = (unsigned long) param; 311 register unsigned long r2 asm("2") = (unsigned long) src; 312 register unsigned long r3 asm("3") = (unsigned long) src_len; 313 314 asm volatile( 315 "0: .insn rre,%[opc] << 16,0,%[src]\n" 316 " brc 1,0b\n" /* handle partial completion */ 317 : [src] "+a" (r2), [len] "+d" (r3) 318 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KIMD) 319 : "cc", "memory"); 320 } 321 322 /** 323 * cpacf_klmd() - executes the KLMD (COMPUTE LAST MESSAGE DIGEST) instruction 324 * @func: the function code passed to KM; see CPACF_KLMD_xxx defines 325 * @param: address of parameter block; see POP for details on each func 326 * @src: address of source memory area 327 * @src_len: length of src operand in bytes 328 */ 329 static inline void cpacf_klmd(unsigned long func, void *param, 330 const u8 *src, long src_len) 331 { 332 register unsigned long r0 asm("0") = (unsigned long) func; 333 register unsigned long r1 asm("1") = (unsigned long) param; 334 register unsigned long r2 asm("2") = (unsigned long) src; 335 register unsigned long r3 asm("3") = (unsigned long) src_len; 336 337 asm volatile( 338 "0: .insn rre,%[opc] << 16,0,%[src]\n" 339 " brc 1,0b\n" /* handle partial completion */ 340 : [src] "+a" (r2), [len] "+d" (r3) 341 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KLMD) 342 : "cc", "memory"); 343 } 344 345 /** 346 * cpacf_kmac() - executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) 347 * instruction 348 * @func: the function code passed to KM; see CPACF_KMAC_xxx defines 349 * @param: address of parameter block; see POP for details on each func 350 * @src: address of source memory area 351 * @src_len: length of src operand in bytes 352 * 353 * Returns 0 for the query func, number of processed bytes for digest funcs 354 */ 355 static inline int cpacf_kmac(unsigned long func, void *param, 356 const u8 *src, long src_len) 357 { 358 register unsigned long r0 asm("0") = (unsigned long) func; 359 register unsigned long r1 asm("1") = (unsigned long) param; 360 register unsigned long r2 asm("2") = (unsigned long) src; 361 register unsigned long r3 asm("3") = (unsigned long) src_len; 362 363 asm volatile( 364 "0: .insn rre,%[opc] << 16,0,%[src]\n" 365 " brc 1,0b\n" /* handle partial completion */ 366 : [src] "+a" (r2), [len] "+d" (r3) 367 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KMAC) 368 : "cc", "memory"); 369 370 return src_len - r3; 371 } 372 373 /** 374 * cpacf_kmctr() - executes the KMCTR (CIPHER MESSAGE WITH COUNTER) instruction 375 * @func: the function code passed to KMCTR; see CPACF_KMCTR_xxx defines 376 * @param: address of parameter block; see POP for details on each func 377 * @dest: address of destination memory area 378 * @src: address of source memory area 379 * @src_len: length of src operand in bytes 380 * @counter: address of counter value 381 * 382 * Returns 0 for the query func, number of processed bytes for 383 * encryption/decryption funcs 384 */ 385 static inline int cpacf_kmctr(unsigned long func, void *param, u8 *dest, 386 const u8 *src, long src_len, u8 *counter) 387 { 388 register unsigned long r0 asm("0") = (unsigned long) func; 389 register unsigned long r1 asm("1") = (unsigned long) param; 390 register unsigned long r2 asm("2") = (unsigned long) src; 391 register unsigned long r3 asm("3") = (unsigned long) src_len; 392 register unsigned long r4 asm("4") = (unsigned long) dest; 393 register unsigned long r6 asm("6") = (unsigned long) counter; 394 395 asm volatile( 396 "0: .insn rrf,%[opc] << 16,%[dst],%[src],%[ctr],0\n" 397 " brc 1,0b\n" /* handle partial completion */ 398 : [src] "+a" (r2), [len] "+d" (r3), 399 [dst] "+a" (r4), [ctr] "+a" (r6) 400 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KMCTR) 401 : "cc", "memory"); 402 403 return src_len - r3; 404 } 405 406 /** 407 * cpacf_prno() - executes the PRNO (PERFORM RANDOM NUMBER OPERATION) 408 * instruction 409 * @func: the function code passed to PRNO; see CPACF_PRNO_xxx defines 410 * @param: address of parameter block; see POP for details on each func 411 * @dest: address of destination memory area 412 * @dest_len: size of destination memory area in bytes 413 * @seed: address of seed data 414 * @seed_len: size of seed data in bytes 415 */ 416 static inline void cpacf_prno(unsigned long func, void *param, 417 u8 *dest, unsigned long dest_len, 418 const u8 *seed, unsigned long seed_len) 419 { 420 register unsigned long r0 asm("0") = (unsigned long) func; 421 register unsigned long r1 asm("1") = (unsigned long) param; 422 register unsigned long r2 asm("2") = (unsigned long) dest; 423 register unsigned long r3 asm("3") = (unsigned long) dest_len; 424 register unsigned long r4 asm("4") = (unsigned long) seed; 425 register unsigned long r5 asm("5") = (unsigned long) seed_len; 426 427 asm volatile ( 428 "0: .insn rre,%[opc] << 16,%[dst],%[seed]\n" 429 " brc 1,0b\n" /* handle partial completion */ 430 : [dst] "+a" (r2), [dlen] "+d" (r3) 431 : [fc] "d" (r0), [pba] "a" (r1), 432 [seed] "a" (r4), [slen] "d" (r5), [opc] "i" (CPACF_PRNO) 433 : "cc", "memory"); 434 } 435 436 /** 437 * cpacf_trng() - executes the TRNG subfunction of the PRNO instruction 438 * @ucbuf: buffer for unconditioned data 439 * @ucbuf_len: amount of unconditioned data to fetch in bytes 440 * @cbuf: buffer for conditioned data 441 * @cbuf_len: amount of conditioned data to fetch in bytes 442 */ 443 static inline void cpacf_trng(u8 *ucbuf, unsigned long ucbuf_len, 444 u8 *cbuf, unsigned long cbuf_len) 445 { 446 register unsigned long r0 asm("0") = (unsigned long) CPACF_PRNO_TRNG; 447 register unsigned long r2 asm("2") = (unsigned long) ucbuf; 448 register unsigned long r3 asm("3") = (unsigned long) ucbuf_len; 449 register unsigned long r4 asm("4") = (unsigned long) cbuf; 450 register unsigned long r5 asm("5") = (unsigned long) cbuf_len; 451 452 asm volatile ( 453 "0: .insn rre,%[opc] << 16,%[ucbuf],%[cbuf]\n" 454 " brc 1,0b\n" /* handle partial completion */ 455 : [ucbuf] "+a" (r2), [ucbuflen] "+d" (r3), 456 [cbuf] "+a" (r4), [cbuflen] "+d" (r5) 457 : [fc] "d" (r0), [opc] "i" (CPACF_PRNO) 458 : "cc", "memory"); 459 } 460 461 /** 462 * cpacf_pcc() - executes the PCC (PERFORM CRYPTOGRAPHIC COMPUTATION) 463 * instruction 464 * @func: the function code passed to PCC; see CPACF_KM_xxx defines 465 * @param: address of parameter block; see POP for details on each func 466 */ 467 static inline void cpacf_pcc(unsigned long func, void *param) 468 { 469 register unsigned long r0 asm("0") = (unsigned long) func; 470 register unsigned long r1 asm("1") = (unsigned long) param; 471 472 asm volatile( 473 "0: .insn rre,%[opc] << 16,0,0\n" /* PCC opcode */ 474 " brc 1,0b\n" /* handle partial completion */ 475 : 476 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_PCC) 477 : "cc", "memory"); 478 } 479 480 /** 481 * cpacf_pckmo() - executes the PCKMO (PERFORM CRYPTOGRAPHIC KEY 482 * MANAGEMENT) instruction 483 * @func: the function code passed to PCKMO; see CPACF_PCKMO_xxx defines 484 * @param: address of parameter block; see POP for details on each func 485 * 486 * Returns 0. 487 */ 488 static inline void cpacf_pckmo(long func, void *param) 489 { 490 register unsigned long r0 asm("0") = (unsigned long) func; 491 register unsigned long r1 asm("1") = (unsigned long) param; 492 493 asm volatile( 494 " .insn rre,%[opc] << 16,0,0\n" /* PCKMO opcode */ 495 : 496 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_PCKMO) 497 : "cc", "memory"); 498 } 499 500 /** 501 * cpacf_kma() - executes the KMA (CIPHER MESSAGE WITH AUTHENTICATION) 502 * instruction 503 * @func: the function code passed to KMA; see CPACF_KMA_xxx defines 504 * @param: address of parameter block; see POP for details on each func 505 * @dest: address of destination memory area 506 * @src: address of source memory area 507 * @src_len: length of src operand in bytes 508 * @aad: address of additional authenticated data memory area 509 * @aad_len: length of aad operand in bytes 510 */ 511 static inline void cpacf_kma(unsigned long func, void *param, u8 *dest, 512 const u8 *src, unsigned long src_len, 513 const u8 *aad, unsigned long aad_len) 514 { 515 register unsigned long r0 asm("0") = (unsigned long) func; 516 register unsigned long r1 asm("1") = (unsigned long) param; 517 register unsigned long r2 asm("2") = (unsigned long) src; 518 register unsigned long r3 asm("3") = (unsigned long) src_len; 519 register unsigned long r4 asm("4") = (unsigned long) aad; 520 register unsigned long r5 asm("5") = (unsigned long) aad_len; 521 register unsigned long r6 asm("6") = (unsigned long) dest; 522 523 asm volatile( 524 "0: .insn rrf,%[opc] << 16,%[dst],%[src],%[aad],0\n" 525 " brc 1,0b\n" /* handle partial completion */ 526 : [dst] "+a" (r6), [src] "+a" (r2), [slen] "+d" (r3), 527 [aad] "+a" (r4), [alen] "+d" (r5) 528 : [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KMA) 529 : "cc", "memory"); 530 } 531 532 #endif /* _ASM_S390_CPACF_H */ 533