1 /* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */ 2 /* 3 * include/asm-s390/zcrypt.h 4 * 5 * zcrypt 2.1.0 (user-visible header) 6 * 7 * Copyright IBM Corp. 2001, 2006 8 * Author(s): Robert Burroughs 9 * Eric Rossman (edrossma@us.ibm.com) 10 * 11 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) 12 */ 13 14 #ifndef __ASM_S390_ZCRYPT_H 15 #define __ASM_S390_ZCRYPT_H 16 17 #define ZCRYPT_VERSION 2 18 #define ZCRYPT_RELEASE 1 19 #define ZCRYPT_VARIANT 1 20 21 #include <linux/ioctl.h> 22 #include <linux/compiler.h> 23 24 /** 25 * struct ica_rsa_modexpo 26 * 27 * Requirements: 28 * - outputdatalength is at least as large as inputdatalength. 29 * - All key parts are right justified in their fields, padded on 30 * the left with zeroes. 31 * - length(b_key) = inputdatalength 32 * - length(n_modulus) = inputdatalength 33 */ 34 struct ica_rsa_modexpo { 35 char __user * inputdata; 36 unsigned int inputdatalength; 37 char __user * outputdata; 38 unsigned int outputdatalength; 39 char __user * b_key; 40 char __user * n_modulus; 41 }; 42 43 /** 44 * struct ica_rsa_modexpo_crt 45 * 46 * Requirements: 47 * - inputdatalength is even. 48 * - outputdatalength is at least as large as inputdatalength. 49 * - All key parts are right justified in their fields, padded on 50 * the left with zeroes. 51 * - length(bp_key) = inputdatalength/2 + 8 52 * - length(bq_key) = inputdatalength/2 53 * - length(np_key) = inputdatalength/2 + 8 54 * - length(nq_key) = inputdatalength/2 55 * - length(u_mult_inv) = inputdatalength/2 + 8 56 */ 57 struct ica_rsa_modexpo_crt { 58 char __user * inputdata; 59 unsigned int inputdatalength; 60 char __user * outputdata; 61 unsigned int outputdatalength; 62 char __user * bp_key; 63 char __user * bq_key; 64 char __user * np_prime; 65 char __user * nq_prime; 66 char __user * u_mult_inv; 67 }; 68 69 /** 70 * CPRBX 71 * Note that all shorts and ints are big-endian. 72 * All pointer fields are 16 bytes long, and mean nothing. 73 * 74 * A request CPRB is followed by a request_parameter_block. 75 * 76 * The request (or reply) parameter block is organized thus: 77 * function code 78 * VUD block 79 * key block 80 */ 81 struct CPRBX { 82 unsigned short cprb_len; /* CPRB length 220 */ 83 unsigned char cprb_ver_id; /* CPRB version id. 0x02 */ 84 unsigned char pad_000[3]; /* Alignment pad bytes */ 85 unsigned char func_id[2]; /* function id 0x5432 */ 86 unsigned char cprb_flags[4]; /* Flags */ 87 unsigned int req_parml; /* request parameter buffer len */ 88 unsigned int req_datal; /* request data buffer */ 89 unsigned int rpl_msgbl; /* reply message block length */ 90 unsigned int rpld_parml; /* replied parameter block len */ 91 unsigned int rpl_datal; /* reply data block len */ 92 unsigned int rpld_datal; /* replied data block len */ 93 unsigned int req_extbl; /* request extension block len */ 94 unsigned char pad_001[4]; /* reserved */ 95 unsigned int rpld_extbl; /* replied extension block len */ 96 unsigned char padx000[16 - sizeof (char *)]; 97 unsigned char * req_parmb; /* request parm block 'address' */ 98 unsigned char padx001[16 - sizeof (char *)]; 99 unsigned char * req_datab; /* request data block 'address' */ 100 unsigned char padx002[16 - sizeof (char *)]; 101 unsigned char * rpl_parmb; /* reply parm block 'address' */ 102 unsigned char padx003[16 - sizeof (char *)]; 103 unsigned char * rpl_datab; /* reply data block 'address' */ 104 unsigned char padx004[16 - sizeof (char *)]; 105 unsigned char * req_extb; /* request extension block 'addr'*/ 106 unsigned char padx005[16 - sizeof (char *)]; 107 unsigned char * rpl_extb; /* reply extension block 'address'*/ 108 unsigned short ccp_rtcode; /* server return code */ 109 unsigned short ccp_rscode; /* server reason code */ 110 unsigned int mac_data_len; /* Mac Data Length */ 111 unsigned char logon_id[8]; /* Logon Identifier */ 112 unsigned char mac_value[8]; /* Mac Value */ 113 unsigned char mac_content_flgs;/* Mac content flag byte */ 114 unsigned char pad_002; /* Alignment */ 115 unsigned short domain; /* Domain */ 116 unsigned char usage_domain[4];/* Usage domain */ 117 unsigned char cntrl_domain[4];/* Control domain */ 118 unsigned char S390enf_mask[4];/* S/390 enforcement mask */ 119 unsigned char pad_004[36]; /* reserved */ 120 } __attribute__((packed)); 121 122 /** 123 * xcRB 124 */ 125 struct ica_xcRB { 126 unsigned short agent_ID; 127 unsigned int user_defined; 128 unsigned short request_ID; 129 unsigned int request_control_blk_length; 130 unsigned char padding1[16 - sizeof (char *)]; 131 char __user * request_control_blk_addr; 132 unsigned int request_data_length; 133 char padding2[16 - sizeof (char *)]; 134 char __user * request_data_address; 135 unsigned int reply_control_blk_length; 136 char padding3[16 - sizeof (char *)]; 137 char __user * reply_control_blk_addr; 138 unsigned int reply_data_length; 139 char padding4[16 - sizeof (char *)]; 140 char __user * reply_data_addr; 141 unsigned short priority_window; 142 unsigned int status; 143 } __attribute__((packed)); 144 145 /** 146 * struct ep11_cprb - EP11 connectivity programming request block 147 * @cprb_len: CPRB header length [0x0020] 148 * @cprb_ver_id: CPRB version id. [0x04] 149 * @pad_000: Alignment pad bytes 150 * @flags: Admin cmd [0x80] or functional cmd [0x00] 151 * @func_id: Function id / subtype [0x5434] 152 * @source_id: Source id [originator id] 153 * @target_id: Target id [usage/ctrl domain id] 154 * @ret_code: Return code 155 * @reserved1: Reserved 156 * @reserved2: Reserved 157 * @payload_len: Payload length 158 */ 159 struct ep11_cprb { 160 uint16_t cprb_len; 161 unsigned char cprb_ver_id; 162 unsigned char pad_000[2]; 163 unsigned char flags; 164 unsigned char func_id[2]; 165 uint32_t source_id; 166 uint32_t target_id; 167 uint32_t ret_code; 168 uint32_t reserved1; 169 uint32_t reserved2; 170 uint32_t payload_len; 171 } __attribute__((packed)); 172 173 /** 174 * struct ep11_target_dev - EP11 target device list 175 * @ap_id: AP device id 176 * @dom_id: Usage domain id 177 */ 178 struct ep11_target_dev { 179 uint16_t ap_id; 180 uint16_t dom_id; 181 }; 182 183 /** 184 * struct ep11_urb - EP11 user request block 185 * @targets_num: Number of target adapters 186 * @targets: Addr to target adapter list 187 * @weight: Level of request priority 188 * @req_no: Request id/number 189 * @req_len: Request length 190 * @req: Addr to request block 191 * @resp_len: Response length 192 * @resp: Addr to response block 193 */ 194 struct ep11_urb { 195 uint16_t targets_num; 196 uint64_t targets; 197 uint64_t weight; 198 uint64_t req_no; 199 uint64_t req_len; 200 uint64_t req; 201 uint64_t resp_len; 202 uint64_t resp; 203 } __attribute__((packed)); 204 205 /** 206 * struct zcrypt_device_status 207 * @hwtype: raw hardware type 208 * @qid: 6 bit device index, 8 bit domain 209 * @functions: AP device function bit field 'abcdef' 210 * a, b, c = reserved 211 * d = CCA coprocessor 212 * e = Accelerator 213 * f = EP11 coprocessor 214 * @online online status 215 * @reserved reserved 216 */ 217 struct zcrypt_device_status { 218 unsigned int hwtype:8; 219 unsigned int qid:14; 220 unsigned int online:1; 221 unsigned int functions:6; 222 unsigned int reserved:3; 223 }; 224 225 #define MAX_ZDEV_CARDIDS 64 226 #define MAX_ZDEV_DOMAINS 256 227 228 /** 229 * Maximum number of zcrypt devices 230 */ 231 #define MAX_ZDEV_ENTRIES (MAX_ZDEV_CARDIDS * MAX_ZDEV_DOMAINS) 232 233 /** 234 * zcrypt_device_matrix 235 * Device matrix of all zcrypt devices 236 */ 237 struct zcrypt_device_matrix { 238 struct zcrypt_device_status device[MAX_ZDEV_ENTRIES]; 239 }; 240 241 #define AUTOSELECT ((unsigned int)0xFFFFFFFF) 242 243 #define ZCRYPT_IOCTL_MAGIC 'z' 244 245 /** 246 * Interface notes: 247 * 248 * The ioctl()s which are implemented (along with relevant details) 249 * are: 250 * 251 * ICARSAMODEXPO 252 * Perform an RSA operation using a Modulus-Exponent pair 253 * This takes an ica_rsa_modexpo struct as its arg. 254 * 255 * NOTE: please refer to the comments preceding this structure 256 * for the implementation details for the contents of the 257 * block 258 * 259 * ICARSACRT 260 * Perform an RSA operation using a Chinese-Remainder Theorem key 261 * This takes an ica_rsa_modexpo_crt struct as its arg. 262 * 263 * NOTE: please refer to the comments preceding this structure 264 * for the implementation details for the contents of the 265 * block 266 * 267 * ZSECSENDCPRB 268 * Send an arbitrary CPRB to a crypto card. 269 * 270 * ZSENDEP11CPRB 271 * Send an arbitrary EP11 CPRB to an EP11 coprocessor crypto card. 272 * 273 * Z90STAT_STATUS_MASK 274 * Return an 64 element array of unsigned chars for the status of 275 * all devices. 276 * 0x01: PCICA 277 * 0x02: PCICC 278 * 0x03: PCIXCC_MCL2 279 * 0x04: PCIXCC_MCL3 280 * 0x05: CEX2C 281 * 0x06: CEX2A 282 * 0x0d: device is disabled via the proc filesystem 283 * 284 * Z90STAT_QDEPTH_MASK 285 * Return an 64 element array of unsigned chars for the queue 286 * depth of all devices. 287 * 288 * Z90STAT_PERDEV_REQCNT 289 * Return an 64 element array of unsigned integers for the number 290 * of successfully completed requests per device since the device 291 * was detected and made available. 292 * 293 * Z90STAT_REQUESTQ_COUNT 294 * Return an integer count of the number of entries waiting to be 295 * sent to a device. 296 * 297 * Z90STAT_PENDINGQ_COUNT 298 * Return an integer count of the number of entries sent to all 299 * devices awaiting the reply. 300 * 301 * Z90STAT_TOTALOPEN_COUNT 302 * Return an integer count of the number of open file handles. 303 * 304 * Z90STAT_DOMAIN_INDEX 305 * Return the integer value of the Cryptographic Domain. 306 * 307 * The following ioctls are deprecated and should be no longer used: 308 * 309 * Z90STAT_TOTALCOUNT 310 * Return an integer count of all device types together. 311 * 312 * Z90STAT_PCICACOUNT 313 * Return an integer count of all PCICAs. 314 * 315 * Z90STAT_PCICCCOUNT 316 * Return an integer count of all PCICCs. 317 * 318 * Z90STAT_PCIXCCMCL2COUNT 319 * Return an integer count of all MCL2 PCIXCCs. 320 * 321 * Z90STAT_PCIXCCMCL3COUNT 322 * Return an integer count of all MCL3 PCIXCCs. 323 * 324 * Z90STAT_CEX2CCOUNT 325 * Return an integer count of all CEX2Cs. 326 * 327 * Z90STAT_CEX2ACOUNT 328 * Return an integer count of all CEX2As. 329 * 330 * ICAZ90STATUS 331 * Return some device driver status in a ica_z90_status struct 332 * This takes an ica_z90_status struct as its arg. 333 * 334 * Z90STAT_PCIXCCCOUNT 335 * Return an integer count of all PCIXCCs (MCL2 + MCL3). 336 * This is DEPRECATED now that MCL3 PCIXCCs are treated differently from 337 * MCL2 PCIXCCs. 338 */ 339 340 /** 341 * Supported ioctl calls 342 */ 343 #define ICARSAMODEXPO _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x05, 0) 344 #define ICARSACRT _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x06, 0) 345 #define ZSECSENDCPRB _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x81, 0) 346 #define ZSENDEP11CPRB _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x04, 0) 347 #define ZDEVICESTATUS _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x4f, 0) 348 349 /* New status calls */ 350 #define Z90STAT_TOTALCOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x40, int) 351 #define Z90STAT_PCICACOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x41, int) 352 #define Z90STAT_PCICCCOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x42, int) 353 #define Z90STAT_PCIXCCMCL2COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4b, int) 354 #define Z90STAT_PCIXCCMCL3COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4c, int) 355 #define Z90STAT_CEX2CCOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4d, int) 356 #define Z90STAT_CEX2ACOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4e, int) 357 #define Z90STAT_REQUESTQ_COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x44, int) 358 #define Z90STAT_PENDINGQ_COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x45, int) 359 #define Z90STAT_TOTALOPEN_COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x46, int) 360 #define Z90STAT_DOMAIN_INDEX _IOR(ZCRYPT_IOCTL_MAGIC, 0x47, int) 361 #define Z90STAT_STATUS_MASK _IOR(ZCRYPT_IOCTL_MAGIC, 0x48, char[64]) 362 #define Z90STAT_QDEPTH_MASK _IOR(ZCRYPT_IOCTL_MAGIC, 0x49, char[64]) 363 #define Z90STAT_PERDEV_REQCNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4a, int[64]) 364 365 #endif /* __ASM_S390_ZCRYPT_H */ 366