1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * pkey device driver 4 * 5 * Copyright IBM Corp. 2017,2019 6 * Author(s): Harald Freudenberger 7 */ 8 9 #define KMSG_COMPONENT "pkey" 10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 11 12 #include <linux/fs.h> 13 #include <linux/init.h> 14 #include <linux/miscdevice.h> 15 #include <linux/module.h> 16 #include <linux/slab.h> 17 #include <linux/kallsyms.h> 18 #include <linux/debugfs.h> 19 #include <linux/random.h> 20 #include <linux/cpufeature.h> 21 #include <asm/zcrypt.h> 22 #include <asm/cpacf.h> 23 #include <asm/pkey.h> 24 #include <crypto/aes.h> 25 26 #include "zcrypt_api.h" 27 #include "zcrypt_ccamisc.h" 28 #include "zcrypt_ep11misc.h" 29 30 MODULE_LICENSE("GPL"); 31 MODULE_AUTHOR("IBM Corporation"); 32 MODULE_DESCRIPTION("s390 protected key interface"); 33 34 #define KEYBLOBBUFSIZE 8192 /* key buffer size used for internal processing */ 35 #define MAXAPQNSINLIST 64 /* max 64 apqns within a apqn list */ 36 37 /* mask of available pckmo subfunctions, fetched once at module init */ 38 static cpacf_mask_t pckmo_functions; 39 40 /* 41 * debug feature data and functions 42 */ 43 44 static debug_info_t *debug_info; 45 46 #define DEBUG_DBG(...) debug_sprintf_event(debug_info, 6, ##__VA_ARGS__) 47 #define DEBUG_INFO(...) debug_sprintf_event(debug_info, 5, ##__VA_ARGS__) 48 #define DEBUG_WARN(...) debug_sprintf_event(debug_info, 4, ##__VA_ARGS__) 49 #define DEBUG_ERR(...) debug_sprintf_event(debug_info, 3, ##__VA_ARGS__) 50 51 static void __init pkey_debug_init(void) 52 { 53 /* 5 arguments per dbf entry (including the format string ptr) */ 54 debug_info = debug_register("pkey", 1, 1, 5 * sizeof(long)); 55 debug_register_view(debug_info, &debug_sprintf_view); 56 debug_set_level(debug_info, 3); 57 } 58 59 static void __exit pkey_debug_exit(void) 60 { 61 debug_unregister(debug_info); 62 } 63 64 /* inside view of a protected key token (only type 0x00 version 0x01) */ 65 struct protaeskeytoken { 66 u8 type; /* 0x00 for PAES specific key tokens */ 67 u8 res0[3]; 68 u8 version; /* should be 0x01 for protected AES key token */ 69 u8 res1[3]; 70 u32 keytype; /* key type, one of the PKEY_KEYTYPE values */ 71 u32 len; /* bytes actually stored in protkey[] */ 72 u8 protkey[MAXPROTKEYSIZE]; /* the protected key blob */ 73 } __packed; 74 75 /* inside view of a clear key token (type 0x00 version 0x02) */ 76 struct clearaeskeytoken { 77 u8 type; /* 0x00 for PAES specific key tokens */ 78 u8 res0[3]; 79 u8 version; /* 0x02 for clear AES key token */ 80 u8 res1[3]; 81 u32 keytype; /* key type, one of the PKEY_KEYTYPE values */ 82 u32 len; /* bytes actually stored in clearkey[] */ 83 u8 clearkey[]; /* clear key value */ 84 } __packed; 85 86 /* 87 * Create a protected key from a clear key value. 88 */ 89 static int pkey_clr2protkey(u32 keytype, 90 const struct pkey_clrkey *clrkey, 91 struct pkey_protkey *protkey) 92 { 93 long fc; 94 int keysize; 95 u8 paramblock[64]; 96 97 switch (keytype) { 98 case PKEY_KEYTYPE_AES_128: 99 keysize = 16; 100 fc = CPACF_PCKMO_ENC_AES_128_KEY; 101 break; 102 case PKEY_KEYTYPE_AES_192: 103 keysize = 24; 104 fc = CPACF_PCKMO_ENC_AES_192_KEY; 105 break; 106 case PKEY_KEYTYPE_AES_256: 107 keysize = 32; 108 fc = CPACF_PCKMO_ENC_AES_256_KEY; 109 break; 110 default: 111 DEBUG_ERR("%s unknown/unsupported keytype %d\n", 112 __func__, keytype); 113 return -EINVAL; 114 } 115 116 /* 117 * Check if the needed pckmo subfunction is available. 118 * These subfunctions can be enabled/disabled by customers 119 * in the LPAR profile or may even change on the fly. 120 */ 121 if (!cpacf_test_func(&pckmo_functions, fc)) { 122 DEBUG_ERR("%s pckmo functions not available\n", __func__); 123 return -ENODEV; 124 } 125 126 /* prepare param block */ 127 memset(paramblock, 0, sizeof(paramblock)); 128 memcpy(paramblock, clrkey->clrkey, keysize); 129 130 /* call the pckmo instruction */ 131 cpacf_pckmo(fc, paramblock); 132 133 /* copy created protected key */ 134 protkey->type = keytype; 135 protkey->len = keysize + 32; 136 memcpy(protkey->protkey, paramblock, keysize + 32); 137 138 return 0; 139 } 140 141 /* 142 * Find card and transform secure key into protected key. 143 */ 144 static int pkey_skey2pkey(const u8 *key, struct pkey_protkey *pkey) 145 { 146 int rc, verify; 147 u16 cardnr, domain; 148 struct keytoken_header *hdr = (struct keytoken_header *)key; 149 150 /* 151 * The cca_xxx2protkey call may fail when a card has been 152 * addressed where the master key was changed after last fetch 153 * of the mkvp into the cache. Try 3 times: First witout verify 154 * then with verify and last round with verify and old master 155 * key verification pattern match not ignored. 156 */ 157 for (verify = 0; verify < 3; verify++) { 158 rc = cca_findcard(key, &cardnr, &domain, verify); 159 if (rc < 0) 160 continue; 161 if (rc > 0 && verify < 2) 162 continue; 163 switch (hdr->version) { 164 case TOKVER_CCA_AES: 165 rc = cca_sec2protkey(cardnr, domain, 166 key, pkey->protkey, 167 &pkey->len, &pkey->type); 168 break; 169 case TOKVER_CCA_VLSC: 170 rc = cca_cipher2protkey(cardnr, domain, 171 key, pkey->protkey, 172 &pkey->len, &pkey->type); 173 break; 174 default: 175 return -EINVAL; 176 } 177 if (rc == 0) 178 break; 179 } 180 181 if (rc) 182 DEBUG_DBG("%s failed rc=%d\n", __func__, rc); 183 184 return rc; 185 } 186 187 /* 188 * Construct EP11 key with given clear key value. 189 */ 190 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen, 191 u8 *keybuf, size_t *keybuflen) 192 { 193 int i, rc; 194 u16 card, dom; 195 u32 nr_apqns, *apqns = NULL; 196 197 /* build a list of apqns suitable for ep11 keys with cpacf support */ 198 rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 199 ZCRYPT_CEX7, EP11_API_V, NULL); 200 if (rc) 201 goto out; 202 203 /* go through the list of apqns and try to bild an ep11 key */ 204 for (rc = -ENODEV, i = 0; i < nr_apqns; i++) { 205 card = apqns[i] >> 16; 206 dom = apqns[i] & 0xFFFF; 207 rc = ep11_clr2keyblob(card, dom, clrkeylen * 8, 208 0, clrkey, keybuf, keybuflen); 209 if (rc == 0) 210 break; 211 } 212 213 out: 214 kfree(apqns); 215 if (rc) 216 DEBUG_DBG("%s failed rc=%d\n", __func__, rc); 217 return rc; 218 } 219 220 /* 221 * Find card and transform EP11 secure key into protected key. 222 */ 223 static int pkey_ep11key2pkey(const u8 *key, struct pkey_protkey *pkey) 224 { 225 int i, rc; 226 u16 card, dom; 227 u32 nr_apqns, *apqns = NULL; 228 struct ep11keyblob *kb = (struct ep11keyblob *) key; 229 230 /* build a list of apqns suitable for this key */ 231 rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 232 ZCRYPT_CEX7, EP11_API_V, kb->wkvp); 233 if (rc) 234 goto out; 235 236 /* go through the list of apqns and try to derive an pkey */ 237 for (rc = -ENODEV, i = 0; i < nr_apqns; i++) { 238 card = apqns[i] >> 16; 239 dom = apqns[i] & 0xFFFF; 240 rc = ep11_key2protkey(card, dom, key, kb->head.len, 241 pkey->protkey, &pkey->len, &pkey->type); 242 if (rc == 0) 243 break; 244 } 245 246 out: 247 kfree(apqns); 248 if (rc) 249 DEBUG_DBG("%s failed rc=%d\n", __func__, rc); 250 return rc; 251 } 252 253 /* 254 * Verify key and give back some info about the key. 255 */ 256 static int pkey_verifykey(const struct pkey_seckey *seckey, 257 u16 *pcardnr, u16 *pdomain, 258 u16 *pkeysize, u32 *pattributes) 259 { 260 struct secaeskeytoken *t = (struct secaeskeytoken *) seckey; 261 u16 cardnr, domain; 262 int rc; 263 264 /* check the secure key for valid AES secure key */ 265 rc = cca_check_secaeskeytoken(debug_info, 3, (u8 *) seckey, 0); 266 if (rc) 267 goto out; 268 if (pattributes) 269 *pattributes = PKEY_VERIFY_ATTR_AES; 270 if (pkeysize) 271 *pkeysize = t->bitsize; 272 273 /* try to find a card which can handle this key */ 274 rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1); 275 if (rc < 0) 276 goto out; 277 278 if (rc > 0) { 279 /* key mkvp matches to old master key mkvp */ 280 DEBUG_DBG("%s secure key has old mkvp\n", __func__); 281 if (pattributes) 282 *pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP; 283 rc = 0; 284 } 285 286 if (pcardnr) 287 *pcardnr = cardnr; 288 if (pdomain) 289 *pdomain = domain; 290 291 out: 292 DEBUG_DBG("%s rc=%d\n", __func__, rc); 293 return rc; 294 } 295 296 /* 297 * Generate a random protected key 298 */ 299 static int pkey_genprotkey(u32 keytype, struct pkey_protkey *protkey) 300 { 301 struct pkey_clrkey clrkey; 302 int keysize; 303 int rc; 304 305 switch (keytype) { 306 case PKEY_KEYTYPE_AES_128: 307 keysize = 16; 308 break; 309 case PKEY_KEYTYPE_AES_192: 310 keysize = 24; 311 break; 312 case PKEY_KEYTYPE_AES_256: 313 keysize = 32; 314 break; 315 default: 316 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__, 317 keytype); 318 return -EINVAL; 319 } 320 321 /* generate a dummy random clear key */ 322 get_random_bytes(clrkey.clrkey, keysize); 323 324 /* convert it to a dummy protected key */ 325 rc = pkey_clr2protkey(keytype, &clrkey, protkey); 326 if (rc) 327 return rc; 328 329 /* replace the key part of the protected key with random bytes */ 330 get_random_bytes(protkey->protkey, keysize); 331 332 return 0; 333 } 334 335 /* 336 * Verify if a protected key is still valid 337 */ 338 static int pkey_verifyprotkey(const struct pkey_protkey *protkey) 339 { 340 unsigned long fc; 341 struct { 342 u8 iv[AES_BLOCK_SIZE]; 343 u8 key[MAXPROTKEYSIZE]; 344 } param; 345 u8 null_msg[AES_BLOCK_SIZE]; 346 u8 dest_buf[AES_BLOCK_SIZE]; 347 unsigned int k; 348 349 switch (protkey->type) { 350 case PKEY_KEYTYPE_AES_128: 351 fc = CPACF_KMC_PAES_128; 352 break; 353 case PKEY_KEYTYPE_AES_192: 354 fc = CPACF_KMC_PAES_192; 355 break; 356 case PKEY_KEYTYPE_AES_256: 357 fc = CPACF_KMC_PAES_256; 358 break; 359 default: 360 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__, 361 protkey->type); 362 return -EINVAL; 363 } 364 365 memset(null_msg, 0, sizeof(null_msg)); 366 367 memset(param.iv, 0, sizeof(param.iv)); 368 memcpy(param.key, protkey->protkey, sizeof(param.key)); 369 370 k = cpacf_kmc(fc | CPACF_ENCRYPT, ¶m, null_msg, dest_buf, 371 sizeof(null_msg)); 372 if (k != sizeof(null_msg)) { 373 DEBUG_ERR("%s protected key is not valid\n", __func__); 374 return -EKEYREJECTED; 375 } 376 377 return 0; 378 } 379 380 /* 381 * Transform a non-CCA key token into a protected key 382 */ 383 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen, 384 struct pkey_protkey *protkey) 385 { 386 int rc = -EINVAL; 387 u8 *tmpbuf = NULL; 388 struct keytoken_header *hdr = (struct keytoken_header *)key; 389 390 switch (hdr->version) { 391 case TOKVER_PROTECTED_KEY: { 392 struct protaeskeytoken *t; 393 394 if (keylen != sizeof(struct protaeskeytoken)) 395 goto out; 396 t = (struct protaeskeytoken *)key; 397 protkey->len = t->len; 398 protkey->type = t->keytype; 399 memcpy(protkey->protkey, t->protkey, 400 sizeof(protkey->protkey)); 401 rc = pkey_verifyprotkey(protkey); 402 break; 403 } 404 case TOKVER_CLEAR_KEY: { 405 struct clearaeskeytoken *t; 406 struct pkey_clrkey ckey; 407 union u_tmpbuf { 408 u8 skey[SECKEYBLOBSIZE]; 409 u8 ep11key[MAXEP11AESKEYBLOBSIZE]; 410 }; 411 size_t tmpbuflen = sizeof(union u_tmpbuf); 412 413 if (keylen < sizeof(struct clearaeskeytoken)) 414 goto out; 415 t = (struct clearaeskeytoken *)key; 416 if (keylen != sizeof(*t) + t->len) 417 goto out; 418 if ((t->keytype == PKEY_KEYTYPE_AES_128 && t->len == 16) 419 || (t->keytype == PKEY_KEYTYPE_AES_192 && t->len == 24) 420 || (t->keytype == PKEY_KEYTYPE_AES_256 && t->len == 32)) 421 memcpy(ckey.clrkey, t->clearkey, t->len); 422 else 423 goto out; 424 /* alloc temp key buffer space */ 425 tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC); 426 if (!tmpbuf) { 427 rc = -ENOMEM; 428 goto out; 429 } 430 /* try direct way with the PCKMO instruction */ 431 rc = pkey_clr2protkey(t->keytype, &ckey, protkey); 432 if (rc == 0) 433 break; 434 /* PCKMO failed, so try the CCA secure key way */ 435 rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype, 436 ckey.clrkey, tmpbuf); 437 if (rc == 0) 438 rc = pkey_skey2pkey(tmpbuf, protkey); 439 if (rc == 0) 440 break; 441 /* if the CCA way also failed, let's try via EP11 */ 442 rc = pkey_clr2ep11key(ckey.clrkey, t->len, 443 tmpbuf, &tmpbuflen); 444 if (rc == 0) 445 rc = pkey_ep11key2pkey(tmpbuf, protkey); 446 /* now we should really have an protected key */ 447 DEBUG_ERR("%s unable to build protected key from clear", 448 __func__); 449 break; 450 } 451 case TOKVER_EP11_AES: { 452 if (keylen < MINEP11AESKEYBLOBSIZE) 453 goto out; 454 /* check ep11 key for exportable as protected key */ 455 rc = ep11_check_aeskeyblob(debug_info, 3, key, 0, 1); 456 if (rc) 457 goto out; 458 rc = pkey_ep11key2pkey(key, protkey); 459 break; 460 } 461 default: 462 DEBUG_ERR("%s unknown/unsupported non-CCA token version %d\n", 463 __func__, hdr->version); 464 rc = -EINVAL; 465 } 466 467 out: 468 kfree(tmpbuf); 469 return rc; 470 } 471 472 /* 473 * Transform a CCA internal key token into a protected key 474 */ 475 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen, 476 struct pkey_protkey *protkey) 477 { 478 struct keytoken_header *hdr = (struct keytoken_header *)key; 479 480 switch (hdr->version) { 481 case TOKVER_CCA_AES: 482 if (keylen != sizeof(struct secaeskeytoken)) 483 return -EINVAL; 484 break; 485 case TOKVER_CCA_VLSC: 486 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 487 return -EINVAL; 488 break; 489 default: 490 DEBUG_ERR("%s unknown/unsupported CCA internal token version %d\n", 491 __func__, hdr->version); 492 return -EINVAL; 493 } 494 495 return pkey_skey2pkey(key, protkey); 496 } 497 498 /* 499 * Transform a key blob (of any type) into a protected key 500 */ 501 int pkey_keyblob2pkey(const u8 *key, u32 keylen, 502 struct pkey_protkey *protkey) 503 { 504 int rc; 505 struct keytoken_header *hdr = (struct keytoken_header *)key; 506 507 if (keylen < sizeof(struct keytoken_header)) { 508 DEBUG_ERR("%s invalid keylen %d\n", __func__, keylen); 509 return -EINVAL; 510 } 511 512 switch (hdr->type) { 513 case TOKTYPE_NON_CCA: 514 rc = pkey_nonccatok2pkey(key, keylen, protkey); 515 break; 516 case TOKTYPE_CCA_INTERNAL: 517 rc = pkey_ccainttok2pkey(key, keylen, protkey); 518 break; 519 default: 520 DEBUG_ERR("%s unknown/unsupported blob type %d\n", 521 __func__, hdr->type); 522 return -EINVAL; 523 } 524 525 DEBUG_DBG("%s rc=%d\n", __func__, rc); 526 return rc; 527 528 } 529 EXPORT_SYMBOL(pkey_keyblob2pkey); 530 531 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns, 532 enum pkey_key_type ktype, enum pkey_key_size ksize, 533 u32 kflags, u8 *keybuf, size_t *keybufsize) 534 { 535 int i, card, dom, rc; 536 537 /* check for at least one apqn given */ 538 if (!apqns || !nr_apqns) 539 return -EINVAL; 540 541 /* check key type and size */ 542 switch (ktype) { 543 case PKEY_TYPE_CCA_DATA: 544 case PKEY_TYPE_CCA_CIPHER: 545 if (*keybufsize < SECKEYBLOBSIZE) 546 return -EINVAL; 547 break; 548 case PKEY_TYPE_EP11: 549 if (*keybufsize < MINEP11AESKEYBLOBSIZE) 550 return -EINVAL; 551 break; 552 default: 553 return -EINVAL; 554 } 555 switch (ksize) { 556 case PKEY_SIZE_AES_128: 557 case PKEY_SIZE_AES_192: 558 case PKEY_SIZE_AES_256: 559 break; 560 default: 561 return -EINVAL; 562 } 563 564 /* simple try all apqns from the list */ 565 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 566 card = apqns[i].card; 567 dom = apqns[i].domain; 568 if (ktype == PKEY_TYPE_EP11) { 569 rc = ep11_genaeskey(card, dom, ksize, kflags, 570 keybuf, keybufsize); 571 } else if (ktype == PKEY_TYPE_CCA_DATA) { 572 rc = cca_genseckey(card, dom, ksize, keybuf); 573 *keybufsize = (rc ? 0 : SECKEYBLOBSIZE); 574 } else /* TOKVER_CCA_VLSC */ 575 rc = cca_gencipherkey(card, dom, ksize, kflags, 576 keybuf, keybufsize); 577 if (rc == 0) 578 break; 579 } 580 581 return rc; 582 } 583 584 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns, 585 enum pkey_key_type ktype, enum pkey_key_size ksize, 586 u32 kflags, const u8 *clrkey, 587 u8 *keybuf, size_t *keybufsize) 588 { 589 int i, card, dom, rc; 590 591 /* check for at least one apqn given */ 592 if (!apqns || !nr_apqns) 593 return -EINVAL; 594 595 /* check key type and size */ 596 switch (ktype) { 597 case PKEY_TYPE_CCA_DATA: 598 case PKEY_TYPE_CCA_CIPHER: 599 if (*keybufsize < SECKEYBLOBSIZE) 600 return -EINVAL; 601 break; 602 case PKEY_TYPE_EP11: 603 if (*keybufsize < MINEP11AESKEYBLOBSIZE) 604 return -EINVAL; 605 break; 606 default: 607 return -EINVAL; 608 } 609 switch (ksize) { 610 case PKEY_SIZE_AES_128: 611 case PKEY_SIZE_AES_192: 612 case PKEY_SIZE_AES_256: 613 break; 614 default: 615 return -EINVAL; 616 } 617 618 /* simple try all apqns from the list */ 619 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 620 card = apqns[i].card; 621 dom = apqns[i].domain; 622 if (ktype == PKEY_TYPE_EP11) { 623 rc = ep11_clr2keyblob(card, dom, ksize, kflags, 624 clrkey, keybuf, keybufsize); 625 } else if (ktype == PKEY_TYPE_CCA_DATA) { 626 rc = cca_clr2seckey(card, dom, ksize, 627 clrkey, keybuf); 628 *keybufsize = (rc ? 0 : SECKEYBLOBSIZE); 629 } else /* TOKVER_CCA_VLSC */ 630 rc = cca_clr2cipherkey(card, dom, ksize, kflags, 631 clrkey, keybuf, keybufsize); 632 if (rc == 0) 633 break; 634 } 635 636 return rc; 637 } 638 639 static int pkey_verifykey2(const u8 *key, size_t keylen, 640 u16 *cardnr, u16 *domain, 641 enum pkey_key_type *ktype, 642 enum pkey_key_size *ksize, u32 *flags) 643 { 644 int rc; 645 u32 _nr_apqns, *_apqns = NULL; 646 struct keytoken_header *hdr = (struct keytoken_header *)key; 647 648 if (keylen < sizeof(struct keytoken_header)) 649 return -EINVAL; 650 651 if (hdr->type == TOKTYPE_CCA_INTERNAL 652 && hdr->version == TOKVER_CCA_AES) { 653 struct secaeskeytoken *t = (struct secaeskeytoken *)key; 654 655 rc = cca_check_secaeskeytoken(debug_info, 3, key, 0); 656 if (rc) 657 goto out; 658 if (ktype) 659 *ktype = PKEY_TYPE_CCA_DATA; 660 if (ksize) 661 *ksize = (enum pkey_key_size) t->bitsize; 662 663 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 664 ZCRYPT_CEX3C, t->mkvp, 0, 1); 665 if (rc == 0 && flags) 666 *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 667 if (rc == -ENODEV) { 668 rc = cca_findcard2(&_apqns, &_nr_apqns, 669 *cardnr, *domain, 670 ZCRYPT_CEX3C, 0, t->mkvp, 1); 671 if (rc == 0 && flags) 672 *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 673 } 674 if (rc) 675 goto out; 676 677 *cardnr = ((struct pkey_apqn *)_apqns)->card; 678 *domain = ((struct pkey_apqn *)_apqns)->domain; 679 680 } else if (hdr->type == TOKTYPE_CCA_INTERNAL 681 && hdr->version == TOKVER_CCA_VLSC) { 682 struct cipherkeytoken *t = (struct cipherkeytoken *)key; 683 684 rc = cca_check_secaescipherkey(debug_info, 3, key, 0, 1); 685 if (rc) 686 goto out; 687 if (ktype) 688 *ktype = PKEY_TYPE_CCA_CIPHER; 689 if (ksize) { 690 *ksize = PKEY_SIZE_UNKNOWN; 691 if (!t->plfver && t->wpllen == 512) 692 *ksize = PKEY_SIZE_AES_128; 693 else if (!t->plfver && t->wpllen == 576) 694 *ksize = PKEY_SIZE_AES_192; 695 else if (!t->plfver && t->wpllen == 640) 696 *ksize = PKEY_SIZE_AES_256; 697 } 698 699 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 700 ZCRYPT_CEX6, t->mkvp0, 0, 1); 701 if (rc == 0 && flags) 702 *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 703 if (rc == -ENODEV) { 704 rc = cca_findcard2(&_apqns, &_nr_apqns, 705 *cardnr, *domain, 706 ZCRYPT_CEX6, 0, t->mkvp0, 1); 707 if (rc == 0 && flags) 708 *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 709 } 710 if (rc) 711 goto out; 712 713 *cardnr = ((struct pkey_apqn *)_apqns)->card; 714 *domain = ((struct pkey_apqn *)_apqns)->domain; 715 716 } else if (hdr->type == TOKTYPE_NON_CCA 717 && hdr->version == TOKVER_EP11_AES) { 718 struct ep11keyblob *kb = (struct ep11keyblob *)key; 719 720 rc = ep11_check_aeskeyblob(debug_info, 3, key, 0, 1); 721 if (rc) 722 goto out; 723 if (ktype) 724 *ktype = PKEY_TYPE_EP11; 725 if (ksize) 726 *ksize = kb->head.keybitlen; 727 728 rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 729 ZCRYPT_CEX7, EP11_API_V, kb->wkvp); 730 if (rc) 731 goto out; 732 733 if (flags) 734 *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 735 736 *cardnr = ((struct pkey_apqn *)_apqns)->card; 737 *domain = ((struct pkey_apqn *)_apqns)->domain; 738 739 } else 740 rc = -EINVAL; 741 742 out: 743 kfree(_apqns); 744 return rc; 745 } 746 747 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns, 748 const u8 *key, size_t keylen, 749 struct pkey_protkey *pkey) 750 { 751 int i, card, dom, rc; 752 struct keytoken_header *hdr = (struct keytoken_header *)key; 753 754 /* check for at least one apqn given */ 755 if (!apqns || !nr_apqns) 756 return -EINVAL; 757 758 if (keylen < sizeof(struct keytoken_header)) 759 return -EINVAL; 760 761 if (hdr->type == TOKTYPE_CCA_INTERNAL) { 762 if (hdr->version == TOKVER_CCA_AES) { 763 if (keylen != sizeof(struct secaeskeytoken)) 764 return -EINVAL; 765 if (cca_check_secaeskeytoken(debug_info, 3, key, 0)) 766 return -EINVAL; 767 } else if (hdr->version == TOKVER_CCA_VLSC) { 768 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 769 return -EINVAL; 770 if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1)) 771 return -EINVAL; 772 } else { 773 DEBUG_ERR("%s unknown CCA internal token version %d\n", 774 __func__, hdr->version); 775 return -EINVAL; 776 } 777 } else if (hdr->type == TOKTYPE_NON_CCA) { 778 if (hdr->version == TOKVER_EP11_AES) { 779 if (keylen < sizeof(struct ep11keyblob)) 780 return -EINVAL; 781 if (ep11_check_aeskeyblob(debug_info, 3, key, 0, 1)) 782 return -EINVAL; 783 } else { 784 return pkey_nonccatok2pkey(key, keylen, pkey); 785 } 786 } else { 787 DEBUG_ERR("%s unknown/unsupported blob type %d\n", 788 __func__, hdr->type); 789 return -EINVAL; 790 } 791 792 /* simple try all apqns from the list */ 793 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 794 card = apqns[i].card; 795 dom = apqns[i].domain; 796 if (hdr->type == TOKTYPE_CCA_INTERNAL 797 && hdr->version == TOKVER_CCA_AES) 798 rc = cca_sec2protkey(card, dom, key, pkey->protkey, 799 &pkey->len, &pkey->type); 800 else if (hdr->type == TOKTYPE_CCA_INTERNAL 801 && hdr->version == TOKVER_CCA_VLSC) 802 rc = cca_cipher2protkey(card, dom, key, pkey->protkey, 803 &pkey->len, &pkey->type); 804 else { /* EP11 AES secure key blob */ 805 struct ep11keyblob *kb = (struct ep11keyblob *) key; 806 807 rc = ep11_key2protkey(card, dom, key, kb->head.len, 808 pkey->protkey, &pkey->len, 809 &pkey->type); 810 } 811 if (rc == 0) 812 break; 813 } 814 815 return rc; 816 } 817 818 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags, 819 struct pkey_apqn *apqns, size_t *nr_apqns) 820 { 821 int rc; 822 u32 _nr_apqns, *_apqns = NULL; 823 struct keytoken_header *hdr = (struct keytoken_header *)key; 824 825 if (keylen < sizeof(struct keytoken_header) || flags == 0) 826 return -EINVAL; 827 828 if (hdr->type == TOKTYPE_NON_CCA && hdr->version == TOKVER_EP11_AES) { 829 int minhwtype = 0, api = 0; 830 struct ep11keyblob *kb = (struct ep11keyblob *) key; 831 832 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP) 833 return -EINVAL; 834 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) { 835 minhwtype = ZCRYPT_CEX7; 836 api = EP11_API_V; 837 } 838 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 839 minhwtype, api, kb->wkvp); 840 if (rc) 841 goto out; 842 } else if (hdr->type == TOKTYPE_CCA_INTERNAL) { 843 int minhwtype = ZCRYPT_CEX3C; 844 u64 cur_mkvp = 0, old_mkvp = 0; 845 846 if (hdr->version == TOKVER_CCA_AES) { 847 struct secaeskeytoken *t = (struct secaeskeytoken *)key; 848 849 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 850 cur_mkvp = t->mkvp; 851 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 852 old_mkvp = t->mkvp; 853 } else if (hdr->version == TOKVER_CCA_VLSC) { 854 struct cipherkeytoken *t = (struct cipherkeytoken *)key; 855 856 minhwtype = ZCRYPT_CEX6; 857 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 858 cur_mkvp = t->mkvp0; 859 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 860 old_mkvp = t->mkvp0; 861 } else { 862 /* unknown cca internal token type */ 863 return -EINVAL; 864 } 865 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 866 minhwtype, cur_mkvp, old_mkvp, 1); 867 if (rc) 868 goto out; 869 } else 870 return -EINVAL; 871 872 if (apqns) { 873 if (*nr_apqns < _nr_apqns) 874 rc = -ENOSPC; 875 else 876 memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 877 } 878 *nr_apqns = _nr_apqns; 879 880 out: 881 kfree(_apqns); 882 return rc; 883 } 884 885 static int pkey_apqns4keytype(enum pkey_key_type ktype, 886 u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags, 887 struct pkey_apqn *apqns, size_t *nr_apqns) 888 { 889 int rc; 890 u32 _nr_apqns, *_apqns = NULL; 891 892 if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) { 893 u64 cur_mkvp = 0, old_mkvp = 0; 894 int minhwtype = ZCRYPT_CEX3C; 895 896 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 897 cur_mkvp = *((u64 *) cur_mkvp); 898 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 899 old_mkvp = *((u64 *) alt_mkvp); 900 if (ktype == PKEY_TYPE_CCA_CIPHER) 901 minhwtype = ZCRYPT_CEX6; 902 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 903 minhwtype, cur_mkvp, old_mkvp, 1); 904 if (rc) 905 goto out; 906 } else if (ktype == PKEY_TYPE_EP11) { 907 u8 *wkvp = NULL; 908 909 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 910 wkvp = cur_mkvp; 911 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 912 ZCRYPT_CEX7, EP11_API_V, wkvp); 913 if (rc) 914 goto out; 915 916 } else 917 return -EINVAL; 918 919 if (apqns) { 920 if (*nr_apqns < _nr_apqns) 921 rc = -ENOSPC; 922 else 923 memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 924 } 925 *nr_apqns = _nr_apqns; 926 927 out: 928 kfree(_apqns); 929 return rc; 930 } 931 932 /* 933 * File io functions 934 */ 935 936 static void *_copy_key_from_user(void __user *ukey, size_t keylen) 937 { 938 if (!ukey || keylen < MINKEYBLOBSIZE || keylen > KEYBLOBBUFSIZE) 939 return ERR_PTR(-EINVAL); 940 941 return memdup_user(ukey, keylen); 942 } 943 944 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns) 945 { 946 if (!uapqns || nr_apqns == 0) 947 return NULL; 948 949 return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn)); 950 } 951 952 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd, 953 unsigned long arg) 954 { 955 int rc; 956 957 switch (cmd) { 958 case PKEY_GENSECK: { 959 struct pkey_genseck __user *ugs = (void __user *) arg; 960 struct pkey_genseck kgs; 961 962 if (copy_from_user(&kgs, ugs, sizeof(kgs))) 963 return -EFAULT; 964 rc = cca_genseckey(kgs.cardnr, kgs.domain, 965 kgs.keytype, kgs.seckey.seckey); 966 DEBUG_DBG("%s cca_genseckey()=%d\n", __func__, rc); 967 if (rc) 968 break; 969 if (copy_to_user(ugs, &kgs, sizeof(kgs))) 970 return -EFAULT; 971 break; 972 } 973 case PKEY_CLR2SECK: { 974 struct pkey_clr2seck __user *ucs = (void __user *) arg; 975 struct pkey_clr2seck kcs; 976 977 if (copy_from_user(&kcs, ucs, sizeof(kcs))) 978 return -EFAULT; 979 rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype, 980 kcs.clrkey.clrkey, kcs.seckey.seckey); 981 DEBUG_DBG("%s cca_clr2seckey()=%d\n", __func__, rc); 982 if (rc) 983 break; 984 if (copy_to_user(ucs, &kcs, sizeof(kcs))) 985 return -EFAULT; 986 memzero_explicit(&kcs, sizeof(kcs)); 987 break; 988 } 989 case PKEY_SEC2PROTK: { 990 struct pkey_sec2protk __user *usp = (void __user *) arg; 991 struct pkey_sec2protk ksp; 992 993 if (copy_from_user(&ksp, usp, sizeof(ksp))) 994 return -EFAULT; 995 rc = cca_sec2protkey(ksp.cardnr, ksp.domain, 996 ksp.seckey.seckey, ksp.protkey.protkey, 997 &ksp.protkey.len, &ksp.protkey.type); 998 DEBUG_DBG("%s cca_sec2protkey()=%d\n", __func__, rc); 999 if (rc) 1000 break; 1001 if (copy_to_user(usp, &ksp, sizeof(ksp))) 1002 return -EFAULT; 1003 break; 1004 } 1005 case PKEY_CLR2PROTK: { 1006 struct pkey_clr2protk __user *ucp = (void __user *) arg; 1007 struct pkey_clr2protk kcp; 1008 1009 if (copy_from_user(&kcp, ucp, sizeof(kcp))) 1010 return -EFAULT; 1011 rc = pkey_clr2protkey(kcp.keytype, 1012 &kcp.clrkey, &kcp.protkey); 1013 DEBUG_DBG("%s pkey_clr2protkey()=%d\n", __func__, rc); 1014 if (rc) 1015 break; 1016 if (copy_to_user(ucp, &kcp, sizeof(kcp))) 1017 return -EFAULT; 1018 memzero_explicit(&kcp, sizeof(kcp)); 1019 break; 1020 } 1021 case PKEY_FINDCARD: { 1022 struct pkey_findcard __user *ufc = (void __user *) arg; 1023 struct pkey_findcard kfc; 1024 1025 if (copy_from_user(&kfc, ufc, sizeof(kfc))) 1026 return -EFAULT; 1027 rc = cca_findcard(kfc.seckey.seckey, 1028 &kfc.cardnr, &kfc.domain, 1); 1029 DEBUG_DBG("%s cca_findcard()=%d\n", __func__, rc); 1030 if (rc < 0) 1031 break; 1032 if (copy_to_user(ufc, &kfc, sizeof(kfc))) 1033 return -EFAULT; 1034 break; 1035 } 1036 case PKEY_SKEY2PKEY: { 1037 struct pkey_skey2pkey __user *usp = (void __user *) arg; 1038 struct pkey_skey2pkey ksp; 1039 1040 if (copy_from_user(&ksp, usp, sizeof(ksp))) 1041 return -EFAULT; 1042 rc = pkey_skey2pkey(ksp.seckey.seckey, &ksp.protkey); 1043 DEBUG_DBG("%s pkey_skey2pkey()=%d\n", __func__, rc); 1044 if (rc) 1045 break; 1046 if (copy_to_user(usp, &ksp, sizeof(ksp))) 1047 return -EFAULT; 1048 break; 1049 } 1050 case PKEY_VERIFYKEY: { 1051 struct pkey_verifykey __user *uvk = (void __user *) arg; 1052 struct pkey_verifykey kvk; 1053 1054 if (copy_from_user(&kvk, uvk, sizeof(kvk))) 1055 return -EFAULT; 1056 rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain, 1057 &kvk.keysize, &kvk.attributes); 1058 DEBUG_DBG("%s pkey_verifykey()=%d\n", __func__, rc); 1059 if (rc) 1060 break; 1061 if (copy_to_user(uvk, &kvk, sizeof(kvk))) 1062 return -EFAULT; 1063 break; 1064 } 1065 case PKEY_GENPROTK: { 1066 struct pkey_genprotk __user *ugp = (void __user *) arg; 1067 struct pkey_genprotk kgp; 1068 1069 if (copy_from_user(&kgp, ugp, sizeof(kgp))) 1070 return -EFAULT; 1071 rc = pkey_genprotkey(kgp.keytype, &kgp.protkey); 1072 DEBUG_DBG("%s pkey_genprotkey()=%d\n", __func__, rc); 1073 if (rc) 1074 break; 1075 if (copy_to_user(ugp, &kgp, sizeof(kgp))) 1076 return -EFAULT; 1077 break; 1078 } 1079 case PKEY_VERIFYPROTK: { 1080 struct pkey_verifyprotk __user *uvp = (void __user *) arg; 1081 struct pkey_verifyprotk kvp; 1082 1083 if (copy_from_user(&kvp, uvp, sizeof(kvp))) 1084 return -EFAULT; 1085 rc = pkey_verifyprotkey(&kvp.protkey); 1086 DEBUG_DBG("%s pkey_verifyprotkey()=%d\n", __func__, rc); 1087 break; 1088 } 1089 case PKEY_KBLOB2PROTK: { 1090 struct pkey_kblob2pkey __user *utp = (void __user *) arg; 1091 struct pkey_kblob2pkey ktp; 1092 u8 *kkey; 1093 1094 if (copy_from_user(&ktp, utp, sizeof(ktp))) 1095 return -EFAULT; 1096 kkey = _copy_key_from_user(ktp.key, ktp.keylen); 1097 if (IS_ERR(kkey)) 1098 return PTR_ERR(kkey); 1099 rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey); 1100 DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc); 1101 kfree(kkey); 1102 if (rc) 1103 break; 1104 if (copy_to_user(utp, &ktp, sizeof(ktp))) 1105 return -EFAULT; 1106 break; 1107 } 1108 case PKEY_GENSECK2: { 1109 struct pkey_genseck2 __user *ugs = (void __user *) arg; 1110 struct pkey_genseck2 kgs; 1111 struct pkey_apqn *apqns; 1112 size_t klen = KEYBLOBBUFSIZE; 1113 u8 *kkey; 1114 1115 if (copy_from_user(&kgs, ugs, sizeof(kgs))) 1116 return -EFAULT; 1117 apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries); 1118 if (IS_ERR(apqns)) 1119 return PTR_ERR(apqns); 1120 kkey = kmalloc(klen, GFP_KERNEL); 1121 if (!kkey) { 1122 kfree(apqns); 1123 return -ENOMEM; 1124 } 1125 rc = pkey_genseckey2(apqns, kgs.apqn_entries, 1126 kgs.type, kgs.size, kgs.keygenflags, 1127 kkey, &klen); 1128 DEBUG_DBG("%s pkey_genseckey2()=%d\n", __func__, rc); 1129 kfree(apqns); 1130 if (rc) { 1131 kfree(kkey); 1132 break; 1133 } 1134 if (kgs.key) { 1135 if (kgs.keylen < klen) { 1136 kfree(kkey); 1137 return -EINVAL; 1138 } 1139 if (copy_to_user(kgs.key, kkey, klen)) { 1140 kfree(kkey); 1141 return -EFAULT; 1142 } 1143 } 1144 kgs.keylen = klen; 1145 if (copy_to_user(ugs, &kgs, sizeof(kgs))) 1146 rc = -EFAULT; 1147 kfree(kkey); 1148 break; 1149 } 1150 case PKEY_CLR2SECK2: { 1151 struct pkey_clr2seck2 __user *ucs = (void __user *) arg; 1152 struct pkey_clr2seck2 kcs; 1153 struct pkey_apqn *apqns; 1154 size_t klen = KEYBLOBBUFSIZE; 1155 u8 *kkey; 1156 1157 if (copy_from_user(&kcs, ucs, sizeof(kcs))) 1158 return -EFAULT; 1159 apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries); 1160 if (IS_ERR(apqns)) 1161 return PTR_ERR(apqns); 1162 kkey = kmalloc(klen, GFP_KERNEL); 1163 if (!kkey) { 1164 kfree(apqns); 1165 return -ENOMEM; 1166 } 1167 rc = pkey_clr2seckey2(apqns, kcs.apqn_entries, 1168 kcs.type, kcs.size, kcs.keygenflags, 1169 kcs.clrkey.clrkey, kkey, &klen); 1170 DEBUG_DBG("%s pkey_clr2seckey2()=%d\n", __func__, rc); 1171 kfree(apqns); 1172 if (rc) { 1173 kfree(kkey); 1174 break; 1175 } 1176 if (kcs.key) { 1177 if (kcs.keylen < klen) { 1178 kfree(kkey); 1179 return -EINVAL; 1180 } 1181 if (copy_to_user(kcs.key, kkey, klen)) { 1182 kfree(kkey); 1183 return -EFAULT; 1184 } 1185 } 1186 kcs.keylen = klen; 1187 if (copy_to_user(ucs, &kcs, sizeof(kcs))) 1188 rc = -EFAULT; 1189 memzero_explicit(&kcs, sizeof(kcs)); 1190 kfree(kkey); 1191 break; 1192 } 1193 case PKEY_VERIFYKEY2: { 1194 struct pkey_verifykey2 __user *uvk = (void __user *) arg; 1195 struct pkey_verifykey2 kvk; 1196 u8 *kkey; 1197 1198 if (copy_from_user(&kvk, uvk, sizeof(kvk))) 1199 return -EFAULT; 1200 kkey = _copy_key_from_user(kvk.key, kvk.keylen); 1201 if (IS_ERR(kkey)) 1202 return PTR_ERR(kkey); 1203 rc = pkey_verifykey2(kkey, kvk.keylen, 1204 &kvk.cardnr, &kvk.domain, 1205 &kvk.type, &kvk.size, &kvk.flags); 1206 DEBUG_DBG("%s pkey_verifykey2()=%d\n", __func__, rc); 1207 kfree(kkey); 1208 if (rc) 1209 break; 1210 if (copy_to_user(uvk, &kvk, sizeof(kvk))) 1211 return -EFAULT; 1212 break; 1213 } 1214 case PKEY_KBLOB2PROTK2: { 1215 struct pkey_kblob2pkey2 __user *utp = (void __user *) arg; 1216 struct pkey_kblob2pkey2 ktp; 1217 struct pkey_apqn *apqns = NULL; 1218 u8 *kkey; 1219 1220 if (copy_from_user(&ktp, utp, sizeof(ktp))) 1221 return -EFAULT; 1222 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries); 1223 if (IS_ERR(apqns)) 1224 return PTR_ERR(apqns); 1225 kkey = _copy_key_from_user(ktp.key, ktp.keylen); 1226 if (IS_ERR(kkey)) { 1227 kfree(apqns); 1228 return PTR_ERR(kkey); 1229 } 1230 rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries, 1231 kkey, ktp.keylen, &ktp.protkey); 1232 DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc); 1233 kfree(apqns); 1234 kfree(kkey); 1235 if (rc) 1236 break; 1237 if (copy_to_user(utp, &ktp, sizeof(ktp))) 1238 return -EFAULT; 1239 break; 1240 } 1241 case PKEY_APQNS4K: { 1242 struct pkey_apqns4key __user *uak = (void __user *) arg; 1243 struct pkey_apqns4key kak; 1244 struct pkey_apqn *apqns = NULL; 1245 size_t nr_apqns, len; 1246 u8 *kkey; 1247 1248 if (copy_from_user(&kak, uak, sizeof(kak))) 1249 return -EFAULT; 1250 nr_apqns = kak.apqn_entries; 1251 if (nr_apqns) { 1252 apqns = kmalloc_array(nr_apqns, 1253 sizeof(struct pkey_apqn), 1254 GFP_KERNEL); 1255 if (!apqns) 1256 return -ENOMEM; 1257 } 1258 kkey = _copy_key_from_user(kak.key, kak.keylen); 1259 if (IS_ERR(kkey)) { 1260 kfree(apqns); 1261 return PTR_ERR(kkey); 1262 } 1263 rc = pkey_apqns4key(kkey, kak.keylen, kak.flags, 1264 apqns, &nr_apqns); 1265 DEBUG_DBG("%s pkey_apqns4key()=%d\n", __func__, rc); 1266 kfree(kkey); 1267 if (rc && rc != -ENOSPC) { 1268 kfree(apqns); 1269 break; 1270 } 1271 if (!rc && kak.apqns) { 1272 if (nr_apqns > kak.apqn_entries) { 1273 kfree(apqns); 1274 return -EINVAL; 1275 } 1276 len = nr_apqns * sizeof(struct pkey_apqn); 1277 if (len) { 1278 if (copy_to_user(kak.apqns, apqns, len)) { 1279 kfree(apqns); 1280 return -EFAULT; 1281 } 1282 } 1283 } 1284 kak.apqn_entries = nr_apqns; 1285 if (copy_to_user(uak, &kak, sizeof(kak))) 1286 rc = -EFAULT; 1287 kfree(apqns); 1288 break; 1289 } 1290 case PKEY_APQNS4KT: { 1291 struct pkey_apqns4keytype __user *uat = (void __user *) arg; 1292 struct pkey_apqns4keytype kat; 1293 struct pkey_apqn *apqns = NULL; 1294 size_t nr_apqns, len; 1295 1296 if (copy_from_user(&kat, uat, sizeof(kat))) 1297 return -EFAULT; 1298 nr_apqns = kat.apqn_entries; 1299 if (nr_apqns) { 1300 apqns = kmalloc_array(nr_apqns, 1301 sizeof(struct pkey_apqn), 1302 GFP_KERNEL); 1303 if (!apqns) 1304 return -ENOMEM; 1305 } 1306 rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp, 1307 kat.flags, apqns, &nr_apqns); 1308 DEBUG_DBG("%s pkey_apqns4keytype()=%d\n", __func__, rc); 1309 if (rc && rc != -ENOSPC) { 1310 kfree(apqns); 1311 break; 1312 } 1313 if (!rc && kat.apqns) { 1314 if (nr_apqns > kat.apqn_entries) { 1315 kfree(apqns); 1316 return -EINVAL; 1317 } 1318 len = nr_apqns * sizeof(struct pkey_apqn); 1319 if (len) { 1320 if (copy_to_user(kat.apqns, apqns, len)) { 1321 kfree(apqns); 1322 return -EFAULT; 1323 } 1324 } 1325 } 1326 kat.apqn_entries = nr_apqns; 1327 if (copy_to_user(uat, &kat, sizeof(kat))) 1328 rc = -EFAULT; 1329 kfree(apqns); 1330 break; 1331 } 1332 default: 1333 /* unknown/unsupported ioctl cmd */ 1334 return -ENOTTY; 1335 } 1336 1337 return rc; 1338 } 1339 1340 /* 1341 * Sysfs and file io operations 1342 */ 1343 1344 /* 1345 * Sysfs attribute read function for all protected key binary attributes. 1346 * The implementation can not deal with partial reads, because a new random 1347 * protected key blob is generated with each read. In case of partial reads 1348 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1349 */ 1350 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf, 1351 loff_t off, size_t count) 1352 { 1353 struct protaeskeytoken protkeytoken; 1354 struct pkey_protkey protkey; 1355 int rc; 1356 1357 if (off != 0 || count < sizeof(protkeytoken)) 1358 return -EINVAL; 1359 if (is_xts) 1360 if (count < 2 * sizeof(protkeytoken)) 1361 return -EINVAL; 1362 1363 memset(&protkeytoken, 0, sizeof(protkeytoken)); 1364 protkeytoken.type = TOKTYPE_NON_CCA; 1365 protkeytoken.version = TOKVER_PROTECTED_KEY; 1366 protkeytoken.keytype = keytype; 1367 1368 rc = pkey_genprotkey(protkeytoken.keytype, &protkey); 1369 if (rc) 1370 return rc; 1371 1372 protkeytoken.len = protkey.len; 1373 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 1374 1375 memcpy(buf, &protkeytoken, sizeof(protkeytoken)); 1376 1377 if (is_xts) { 1378 rc = pkey_genprotkey(protkeytoken.keytype, &protkey); 1379 if (rc) 1380 return rc; 1381 1382 protkeytoken.len = protkey.len; 1383 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 1384 1385 memcpy(buf + sizeof(protkeytoken), &protkeytoken, 1386 sizeof(protkeytoken)); 1387 1388 return 2 * sizeof(protkeytoken); 1389 } 1390 1391 return sizeof(protkeytoken); 1392 } 1393 1394 static ssize_t protkey_aes_128_read(struct file *filp, 1395 struct kobject *kobj, 1396 struct bin_attribute *attr, 1397 char *buf, loff_t off, 1398 size_t count) 1399 { 1400 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 1401 off, count); 1402 } 1403 1404 static ssize_t protkey_aes_192_read(struct file *filp, 1405 struct kobject *kobj, 1406 struct bin_attribute *attr, 1407 char *buf, loff_t off, 1408 size_t count) 1409 { 1410 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 1411 off, count); 1412 } 1413 1414 static ssize_t protkey_aes_256_read(struct file *filp, 1415 struct kobject *kobj, 1416 struct bin_attribute *attr, 1417 char *buf, loff_t off, 1418 size_t count) 1419 { 1420 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 1421 off, count); 1422 } 1423 1424 static ssize_t protkey_aes_128_xts_read(struct file *filp, 1425 struct kobject *kobj, 1426 struct bin_attribute *attr, 1427 char *buf, loff_t off, 1428 size_t count) 1429 { 1430 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 1431 off, count); 1432 } 1433 1434 static ssize_t protkey_aes_256_xts_read(struct file *filp, 1435 struct kobject *kobj, 1436 struct bin_attribute *attr, 1437 char *buf, loff_t off, 1438 size_t count) 1439 { 1440 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 1441 off, count); 1442 } 1443 1444 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken)); 1445 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken)); 1446 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken)); 1447 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken)); 1448 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken)); 1449 1450 static struct bin_attribute *protkey_attrs[] = { 1451 &bin_attr_protkey_aes_128, 1452 &bin_attr_protkey_aes_192, 1453 &bin_attr_protkey_aes_256, 1454 &bin_attr_protkey_aes_128_xts, 1455 &bin_attr_protkey_aes_256_xts, 1456 NULL 1457 }; 1458 1459 static struct attribute_group protkey_attr_group = { 1460 .name = "protkey", 1461 .bin_attrs = protkey_attrs, 1462 }; 1463 1464 /* 1465 * Sysfs attribute read function for all secure key ccadata binary attributes. 1466 * The implementation can not deal with partial reads, because a new random 1467 * protected key blob is generated with each read. In case of partial reads 1468 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1469 */ 1470 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf, 1471 loff_t off, size_t count) 1472 { 1473 int rc; 1474 struct pkey_seckey *seckey = (struct pkey_seckey *) buf; 1475 1476 if (off != 0 || count < sizeof(struct secaeskeytoken)) 1477 return -EINVAL; 1478 if (is_xts) 1479 if (count < 2 * sizeof(struct secaeskeytoken)) 1480 return -EINVAL; 1481 1482 rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 1483 if (rc) 1484 return rc; 1485 1486 if (is_xts) { 1487 seckey++; 1488 rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 1489 if (rc) 1490 return rc; 1491 1492 return 2 * sizeof(struct secaeskeytoken); 1493 } 1494 1495 return sizeof(struct secaeskeytoken); 1496 } 1497 1498 static ssize_t ccadata_aes_128_read(struct file *filp, 1499 struct kobject *kobj, 1500 struct bin_attribute *attr, 1501 char *buf, loff_t off, 1502 size_t count) 1503 { 1504 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 1505 off, count); 1506 } 1507 1508 static ssize_t ccadata_aes_192_read(struct file *filp, 1509 struct kobject *kobj, 1510 struct bin_attribute *attr, 1511 char *buf, loff_t off, 1512 size_t count) 1513 { 1514 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 1515 off, count); 1516 } 1517 1518 static ssize_t ccadata_aes_256_read(struct file *filp, 1519 struct kobject *kobj, 1520 struct bin_attribute *attr, 1521 char *buf, loff_t off, 1522 size_t count) 1523 { 1524 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 1525 off, count); 1526 } 1527 1528 static ssize_t ccadata_aes_128_xts_read(struct file *filp, 1529 struct kobject *kobj, 1530 struct bin_attribute *attr, 1531 char *buf, loff_t off, 1532 size_t count) 1533 { 1534 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 1535 off, count); 1536 } 1537 1538 static ssize_t ccadata_aes_256_xts_read(struct file *filp, 1539 struct kobject *kobj, 1540 struct bin_attribute *attr, 1541 char *buf, loff_t off, 1542 size_t count) 1543 { 1544 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 1545 off, count); 1546 } 1547 1548 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken)); 1549 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken)); 1550 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken)); 1551 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken)); 1552 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken)); 1553 1554 static struct bin_attribute *ccadata_attrs[] = { 1555 &bin_attr_ccadata_aes_128, 1556 &bin_attr_ccadata_aes_192, 1557 &bin_attr_ccadata_aes_256, 1558 &bin_attr_ccadata_aes_128_xts, 1559 &bin_attr_ccadata_aes_256_xts, 1560 NULL 1561 }; 1562 1563 static struct attribute_group ccadata_attr_group = { 1564 .name = "ccadata", 1565 .bin_attrs = ccadata_attrs, 1566 }; 1567 1568 #define CCACIPHERTOKENSIZE (sizeof(struct cipherkeytoken) + 80) 1569 1570 /* 1571 * Sysfs attribute read function for all secure key ccacipher binary attributes. 1572 * The implementation can not deal with partial reads, because a new random 1573 * secure key blob is generated with each read. In case of partial reads 1574 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1575 */ 1576 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits, 1577 bool is_xts, char *buf, loff_t off, 1578 size_t count) 1579 { 1580 int i, rc, card, dom; 1581 u32 nr_apqns, *apqns = NULL; 1582 size_t keysize = CCACIPHERTOKENSIZE; 1583 1584 if (off != 0 || count < CCACIPHERTOKENSIZE) 1585 return -EINVAL; 1586 if (is_xts) 1587 if (count < 2 * CCACIPHERTOKENSIZE) 1588 return -EINVAL; 1589 1590 /* build a list of apqns able to generate an cipher key */ 1591 rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 1592 ZCRYPT_CEX6, 0, 0, 0); 1593 if (rc) 1594 return rc; 1595 1596 memset(buf, 0, is_xts ? 2 * keysize : keysize); 1597 1598 /* simple try all apqns from the list */ 1599 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 1600 card = apqns[i] >> 16; 1601 dom = apqns[i] & 0xFFFF; 1602 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 1603 if (rc == 0) 1604 break; 1605 } 1606 if (rc) 1607 return rc; 1608 1609 if (is_xts) { 1610 keysize = CCACIPHERTOKENSIZE; 1611 buf += CCACIPHERTOKENSIZE; 1612 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 1613 if (rc == 0) 1614 return 2 * CCACIPHERTOKENSIZE; 1615 } 1616 1617 return CCACIPHERTOKENSIZE; 1618 } 1619 1620 static ssize_t ccacipher_aes_128_read(struct file *filp, 1621 struct kobject *kobj, 1622 struct bin_attribute *attr, 1623 char *buf, loff_t off, 1624 size_t count) 1625 { 1626 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 1627 off, count); 1628 } 1629 1630 static ssize_t ccacipher_aes_192_read(struct file *filp, 1631 struct kobject *kobj, 1632 struct bin_attribute *attr, 1633 char *buf, loff_t off, 1634 size_t count) 1635 { 1636 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 1637 off, count); 1638 } 1639 1640 static ssize_t ccacipher_aes_256_read(struct file *filp, 1641 struct kobject *kobj, 1642 struct bin_attribute *attr, 1643 char *buf, loff_t off, 1644 size_t count) 1645 { 1646 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 1647 off, count); 1648 } 1649 1650 static ssize_t ccacipher_aes_128_xts_read(struct file *filp, 1651 struct kobject *kobj, 1652 struct bin_attribute *attr, 1653 char *buf, loff_t off, 1654 size_t count) 1655 { 1656 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 1657 off, count); 1658 } 1659 1660 static ssize_t ccacipher_aes_256_xts_read(struct file *filp, 1661 struct kobject *kobj, 1662 struct bin_attribute *attr, 1663 char *buf, loff_t off, 1664 size_t count) 1665 { 1666 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 1667 off, count); 1668 } 1669 1670 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE); 1671 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE); 1672 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE); 1673 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE); 1674 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE); 1675 1676 static struct bin_attribute *ccacipher_attrs[] = { 1677 &bin_attr_ccacipher_aes_128, 1678 &bin_attr_ccacipher_aes_192, 1679 &bin_attr_ccacipher_aes_256, 1680 &bin_attr_ccacipher_aes_128_xts, 1681 &bin_attr_ccacipher_aes_256_xts, 1682 NULL 1683 }; 1684 1685 static struct attribute_group ccacipher_attr_group = { 1686 .name = "ccacipher", 1687 .bin_attrs = ccacipher_attrs, 1688 }; 1689 1690 /* 1691 * Sysfs attribute read function for all ep11 aes key binary attributes. 1692 * The implementation can not deal with partial reads, because a new random 1693 * secure key blob is generated with each read. In case of partial reads 1694 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1695 * This function and the sysfs attributes using it provide EP11 key blobs 1696 * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently 1697 * 320 bytes. 1698 */ 1699 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits, 1700 bool is_xts, char *buf, loff_t off, 1701 size_t count) 1702 { 1703 int i, rc, card, dom; 1704 u32 nr_apqns, *apqns = NULL; 1705 size_t keysize = MAXEP11AESKEYBLOBSIZE; 1706 1707 if (off != 0 || count < MAXEP11AESKEYBLOBSIZE) 1708 return -EINVAL; 1709 if (is_xts) 1710 if (count < 2 * MAXEP11AESKEYBLOBSIZE) 1711 return -EINVAL; 1712 1713 /* build a list of apqns able to generate an cipher key */ 1714 rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 1715 ZCRYPT_CEX7, EP11_API_V, NULL); 1716 if (rc) 1717 return rc; 1718 1719 memset(buf, 0, is_xts ? 2 * keysize : keysize); 1720 1721 /* simple try all apqns from the list */ 1722 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 1723 card = apqns[i] >> 16; 1724 dom = apqns[i] & 0xFFFF; 1725 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize); 1726 if (rc == 0) 1727 break; 1728 } 1729 if (rc) 1730 return rc; 1731 1732 if (is_xts) { 1733 keysize = MAXEP11AESKEYBLOBSIZE; 1734 buf += MAXEP11AESKEYBLOBSIZE; 1735 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize); 1736 if (rc == 0) 1737 return 2 * MAXEP11AESKEYBLOBSIZE; 1738 } 1739 1740 return MAXEP11AESKEYBLOBSIZE; 1741 } 1742 1743 static ssize_t ep11_aes_128_read(struct file *filp, 1744 struct kobject *kobj, 1745 struct bin_attribute *attr, 1746 char *buf, loff_t off, 1747 size_t count) 1748 { 1749 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 1750 off, count); 1751 } 1752 1753 static ssize_t ep11_aes_192_read(struct file *filp, 1754 struct kobject *kobj, 1755 struct bin_attribute *attr, 1756 char *buf, loff_t off, 1757 size_t count) 1758 { 1759 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 1760 off, count); 1761 } 1762 1763 static ssize_t ep11_aes_256_read(struct file *filp, 1764 struct kobject *kobj, 1765 struct bin_attribute *attr, 1766 char *buf, loff_t off, 1767 size_t count) 1768 { 1769 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 1770 off, count); 1771 } 1772 1773 static ssize_t ep11_aes_128_xts_read(struct file *filp, 1774 struct kobject *kobj, 1775 struct bin_attribute *attr, 1776 char *buf, loff_t off, 1777 size_t count) 1778 { 1779 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 1780 off, count); 1781 } 1782 1783 static ssize_t ep11_aes_256_xts_read(struct file *filp, 1784 struct kobject *kobj, 1785 struct bin_attribute *attr, 1786 char *buf, loff_t off, 1787 size_t count) 1788 { 1789 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 1790 off, count); 1791 } 1792 1793 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE); 1794 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE); 1795 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE); 1796 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE); 1797 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE); 1798 1799 static struct bin_attribute *ep11_attrs[] = { 1800 &bin_attr_ep11_aes_128, 1801 &bin_attr_ep11_aes_192, 1802 &bin_attr_ep11_aes_256, 1803 &bin_attr_ep11_aes_128_xts, 1804 &bin_attr_ep11_aes_256_xts, 1805 NULL 1806 }; 1807 1808 static struct attribute_group ep11_attr_group = { 1809 .name = "ep11", 1810 .bin_attrs = ep11_attrs, 1811 }; 1812 1813 static const struct attribute_group *pkey_attr_groups[] = { 1814 &protkey_attr_group, 1815 &ccadata_attr_group, 1816 &ccacipher_attr_group, 1817 &ep11_attr_group, 1818 NULL, 1819 }; 1820 1821 static const struct file_operations pkey_fops = { 1822 .owner = THIS_MODULE, 1823 .open = nonseekable_open, 1824 .llseek = no_llseek, 1825 .unlocked_ioctl = pkey_unlocked_ioctl, 1826 }; 1827 1828 static struct miscdevice pkey_dev = { 1829 .name = "pkey", 1830 .minor = MISC_DYNAMIC_MINOR, 1831 .mode = 0666, 1832 .fops = &pkey_fops, 1833 .groups = pkey_attr_groups, 1834 }; 1835 1836 /* 1837 * Module init 1838 */ 1839 static int __init pkey_init(void) 1840 { 1841 cpacf_mask_t kmc_functions; 1842 1843 /* 1844 * The pckmo instruction should be available - even if we don't 1845 * actually invoke it. This instruction comes with MSA 3 which 1846 * is also the minimum level for the kmc instructions which 1847 * are able to work with protected keys. 1848 */ 1849 if (!cpacf_query(CPACF_PCKMO, &pckmo_functions)) 1850 return -ENODEV; 1851 1852 /* check for kmc instructions available */ 1853 if (!cpacf_query(CPACF_KMC, &kmc_functions)) 1854 return -ENODEV; 1855 if (!cpacf_test_func(&kmc_functions, CPACF_KMC_PAES_128) || 1856 !cpacf_test_func(&kmc_functions, CPACF_KMC_PAES_192) || 1857 !cpacf_test_func(&kmc_functions, CPACF_KMC_PAES_256)) 1858 return -ENODEV; 1859 1860 pkey_debug_init(); 1861 1862 return misc_register(&pkey_dev); 1863 } 1864 1865 /* 1866 * Module exit 1867 */ 1868 static void __exit pkey_exit(void) 1869 { 1870 misc_deregister(&pkey_dev); 1871 pkey_debug_exit(); 1872 } 1873 1874 module_cpu_feature_match(MSA, pkey_init); 1875 module_exit(pkey_exit); 1876