1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * pkey device driver 4 * 5 * Copyright IBM Corp. 2017,2019 6 * Author(s): Harald Freudenberger 7 */ 8 9 #define KMSG_COMPONENT "pkey" 10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 11 12 #include <linux/fs.h> 13 #include <linux/init.h> 14 #include <linux/miscdevice.h> 15 #include <linux/module.h> 16 #include <linux/slab.h> 17 #include <linux/kallsyms.h> 18 #include <linux/debugfs.h> 19 #include <linux/random.h> 20 #include <linux/cpufeature.h> 21 #include <asm/zcrypt.h> 22 #include <asm/cpacf.h> 23 #include <asm/pkey.h> 24 #include <crypto/aes.h> 25 26 #include "zcrypt_api.h" 27 #include "zcrypt_ccamisc.h" 28 #include "zcrypt_ep11misc.h" 29 30 MODULE_LICENSE("GPL"); 31 MODULE_AUTHOR("IBM Corporation"); 32 MODULE_DESCRIPTION("s390 protected key interface"); 33 34 #define KEYBLOBBUFSIZE 8192 /* key buffer size used for internal processing */ 35 #define PROTKEYBLOBBUFSIZE 256 /* protected key buffer size used internal */ 36 #define MAXAPQNSINLIST 64 /* max 64 apqns within a apqn list */ 37 38 /* 39 * debug feature data and functions 40 */ 41 42 static debug_info_t *debug_info; 43 44 #define DEBUG_DBG(...) debug_sprintf_event(debug_info, 6, ##__VA_ARGS__) 45 #define DEBUG_INFO(...) debug_sprintf_event(debug_info, 5, ##__VA_ARGS__) 46 #define DEBUG_WARN(...) debug_sprintf_event(debug_info, 4, ##__VA_ARGS__) 47 #define DEBUG_ERR(...) debug_sprintf_event(debug_info, 3, ##__VA_ARGS__) 48 49 static void __init pkey_debug_init(void) 50 { 51 /* 5 arguments per dbf entry (including the format string ptr) */ 52 debug_info = debug_register("pkey", 1, 1, 5 * sizeof(long)); 53 debug_register_view(debug_info, &debug_sprintf_view); 54 debug_set_level(debug_info, 3); 55 } 56 57 static void __exit pkey_debug_exit(void) 58 { 59 debug_unregister(debug_info); 60 } 61 62 /* inside view of a protected key token (only type 0x00 version 0x01) */ 63 struct protaeskeytoken { 64 u8 type; /* 0x00 for PAES specific key tokens */ 65 u8 res0[3]; 66 u8 version; /* should be 0x01 for protected AES key token */ 67 u8 res1[3]; 68 u32 keytype; /* key type, one of the PKEY_KEYTYPE values */ 69 u32 len; /* bytes actually stored in protkey[] */ 70 u8 protkey[MAXPROTKEYSIZE]; /* the protected key blob */ 71 } __packed; 72 73 /* inside view of a clear key token (type 0x00 version 0x02) */ 74 struct clearaeskeytoken { 75 u8 type; /* 0x00 for PAES specific key tokens */ 76 u8 res0[3]; 77 u8 version; /* 0x02 for clear AES key token */ 78 u8 res1[3]; 79 u32 keytype; /* key type, one of the PKEY_KEYTYPE values */ 80 u32 len; /* bytes actually stored in clearkey[] */ 81 u8 clearkey[]; /* clear key value */ 82 } __packed; 83 84 /* 85 * Create a protected key from a clear key value. 86 */ 87 static int pkey_clr2protkey(u32 keytype, 88 const struct pkey_clrkey *clrkey, 89 struct pkey_protkey *protkey) 90 { 91 /* mask of available pckmo subfunctions */ 92 static cpacf_mask_t pckmo_functions; 93 94 long fc; 95 int keysize; 96 u8 paramblock[64]; 97 98 switch (keytype) { 99 case PKEY_KEYTYPE_AES_128: 100 keysize = 16; 101 fc = CPACF_PCKMO_ENC_AES_128_KEY; 102 break; 103 case PKEY_KEYTYPE_AES_192: 104 keysize = 24; 105 fc = CPACF_PCKMO_ENC_AES_192_KEY; 106 break; 107 case PKEY_KEYTYPE_AES_256: 108 keysize = 32; 109 fc = CPACF_PCKMO_ENC_AES_256_KEY; 110 break; 111 default: 112 DEBUG_ERR("%s unknown/unsupported keytype %d\n", 113 __func__, keytype); 114 return -EINVAL; 115 } 116 117 /* Did we already check for PCKMO ? */ 118 if (!pckmo_functions.bytes[0]) { 119 /* no, so check now */ 120 if (!cpacf_query(CPACF_PCKMO, &pckmo_functions)) 121 return -ENODEV; 122 } 123 /* check for the pckmo subfunction we need now */ 124 if (!cpacf_test_func(&pckmo_functions, fc)) { 125 DEBUG_ERR("%s pckmo functions not available\n", __func__); 126 return -ENODEV; 127 } 128 129 /* prepare param block */ 130 memset(paramblock, 0, sizeof(paramblock)); 131 memcpy(paramblock, clrkey->clrkey, keysize); 132 133 /* call the pckmo instruction */ 134 cpacf_pckmo(fc, paramblock); 135 136 /* copy created protected key */ 137 protkey->type = keytype; 138 protkey->len = keysize + 32; 139 memcpy(protkey->protkey, paramblock, keysize + 32); 140 141 return 0; 142 } 143 144 /* 145 * Find card and transform secure key into protected key. 146 */ 147 static int pkey_skey2pkey(const u8 *key, struct pkey_protkey *pkey) 148 { 149 int rc, verify; 150 u16 cardnr, domain; 151 struct keytoken_header *hdr = (struct keytoken_header *)key; 152 153 zcrypt_wait_api_operational(); 154 155 /* 156 * The cca_xxx2protkey call may fail when a card has been 157 * addressed where the master key was changed after last fetch 158 * of the mkvp into the cache. Try 3 times: First without verify 159 * then with verify and last round with verify and old master 160 * key verification pattern match not ignored. 161 */ 162 for (verify = 0; verify < 3; verify++) { 163 rc = cca_findcard(key, &cardnr, &domain, verify); 164 if (rc < 0) 165 continue; 166 if (rc > 0 && verify < 2) 167 continue; 168 switch (hdr->version) { 169 case TOKVER_CCA_AES: 170 rc = cca_sec2protkey(cardnr, domain, 171 key, pkey->protkey, 172 &pkey->len, &pkey->type); 173 break; 174 case TOKVER_CCA_VLSC: 175 rc = cca_cipher2protkey(cardnr, domain, 176 key, pkey->protkey, 177 &pkey->len, &pkey->type); 178 break; 179 default: 180 return -EINVAL; 181 } 182 if (rc == 0) 183 break; 184 } 185 186 if (rc) 187 DEBUG_DBG("%s failed rc=%d\n", __func__, rc); 188 189 return rc; 190 } 191 192 /* 193 * Construct EP11 key with given clear key value. 194 */ 195 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen, 196 u8 *keybuf, size_t *keybuflen) 197 { 198 int i, rc; 199 u16 card, dom; 200 u32 nr_apqns, *apqns = NULL; 201 202 zcrypt_wait_api_operational(); 203 204 /* build a list of apqns suitable for ep11 keys with cpacf support */ 205 rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 206 ZCRYPT_CEX7, EP11_API_V, NULL); 207 if (rc) 208 goto out; 209 210 /* go through the list of apqns and try to bild an ep11 key */ 211 for (rc = -ENODEV, i = 0; i < nr_apqns; i++) { 212 card = apqns[i] >> 16; 213 dom = apqns[i] & 0xFFFF; 214 rc = ep11_clr2keyblob(card, dom, clrkeylen * 8, 215 0, clrkey, keybuf, keybuflen); 216 if (rc == 0) 217 break; 218 } 219 220 out: 221 kfree(apqns); 222 if (rc) 223 DEBUG_DBG("%s failed rc=%d\n", __func__, rc); 224 return rc; 225 } 226 227 /* 228 * Find card and transform EP11 secure key into protected key. 229 */ 230 static int pkey_ep11key2pkey(const u8 *key, struct pkey_protkey *pkey) 231 { 232 int i, rc; 233 u16 card, dom; 234 u32 nr_apqns, *apqns = NULL; 235 struct ep11keyblob *kb = (struct ep11keyblob *) key; 236 237 zcrypt_wait_api_operational(); 238 239 /* build a list of apqns suitable for this key */ 240 rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 241 ZCRYPT_CEX7, EP11_API_V, kb->wkvp); 242 if (rc) 243 goto out; 244 245 /* go through the list of apqns and try to derive an pkey */ 246 for (rc = -ENODEV, i = 0; i < nr_apqns; i++) { 247 card = apqns[i] >> 16; 248 dom = apqns[i] & 0xFFFF; 249 pkey->len = sizeof(pkey->protkey); 250 rc = ep11_kblob2protkey(card, dom, key, kb->head.len, 251 pkey->protkey, &pkey->len, &pkey->type); 252 if (rc == 0) 253 break; 254 } 255 256 out: 257 kfree(apqns); 258 if (rc) 259 DEBUG_DBG("%s failed rc=%d\n", __func__, rc); 260 return rc; 261 } 262 263 /* 264 * Verify key and give back some info about the key. 265 */ 266 static int pkey_verifykey(const struct pkey_seckey *seckey, 267 u16 *pcardnr, u16 *pdomain, 268 u16 *pkeysize, u32 *pattributes) 269 { 270 struct secaeskeytoken *t = (struct secaeskeytoken *) seckey; 271 u16 cardnr, domain; 272 int rc; 273 274 /* check the secure key for valid AES secure key */ 275 rc = cca_check_secaeskeytoken(debug_info, 3, (u8 *) seckey, 0); 276 if (rc) 277 goto out; 278 if (pattributes) 279 *pattributes = PKEY_VERIFY_ATTR_AES; 280 if (pkeysize) 281 *pkeysize = t->bitsize; 282 283 /* try to find a card which can handle this key */ 284 rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1); 285 if (rc < 0) 286 goto out; 287 288 if (rc > 0) { 289 /* key mkvp matches to old master key mkvp */ 290 DEBUG_DBG("%s secure key has old mkvp\n", __func__); 291 if (pattributes) 292 *pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP; 293 rc = 0; 294 } 295 296 if (pcardnr) 297 *pcardnr = cardnr; 298 if (pdomain) 299 *pdomain = domain; 300 301 out: 302 DEBUG_DBG("%s rc=%d\n", __func__, rc); 303 return rc; 304 } 305 306 /* 307 * Generate a random protected key 308 */ 309 static int pkey_genprotkey(u32 keytype, struct pkey_protkey *protkey) 310 { 311 struct pkey_clrkey clrkey; 312 int keysize; 313 int rc; 314 315 switch (keytype) { 316 case PKEY_KEYTYPE_AES_128: 317 keysize = 16; 318 break; 319 case PKEY_KEYTYPE_AES_192: 320 keysize = 24; 321 break; 322 case PKEY_KEYTYPE_AES_256: 323 keysize = 32; 324 break; 325 default: 326 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__, 327 keytype); 328 return -EINVAL; 329 } 330 331 /* generate a dummy random clear key */ 332 get_random_bytes(clrkey.clrkey, keysize); 333 334 /* convert it to a dummy protected key */ 335 rc = pkey_clr2protkey(keytype, &clrkey, protkey); 336 if (rc) 337 return rc; 338 339 /* replace the key part of the protected key with random bytes */ 340 get_random_bytes(protkey->protkey, keysize); 341 342 return 0; 343 } 344 345 /* 346 * Verify if a protected key is still valid 347 */ 348 static int pkey_verifyprotkey(const struct pkey_protkey *protkey) 349 { 350 unsigned long fc; 351 struct { 352 u8 iv[AES_BLOCK_SIZE]; 353 u8 key[MAXPROTKEYSIZE]; 354 } param; 355 u8 null_msg[AES_BLOCK_SIZE]; 356 u8 dest_buf[AES_BLOCK_SIZE]; 357 unsigned int k; 358 359 switch (protkey->type) { 360 case PKEY_KEYTYPE_AES_128: 361 fc = CPACF_KMC_PAES_128; 362 break; 363 case PKEY_KEYTYPE_AES_192: 364 fc = CPACF_KMC_PAES_192; 365 break; 366 case PKEY_KEYTYPE_AES_256: 367 fc = CPACF_KMC_PAES_256; 368 break; 369 default: 370 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__, 371 protkey->type); 372 return -EINVAL; 373 } 374 375 memset(null_msg, 0, sizeof(null_msg)); 376 377 memset(param.iv, 0, sizeof(param.iv)); 378 memcpy(param.key, protkey->protkey, sizeof(param.key)); 379 380 k = cpacf_kmc(fc | CPACF_ENCRYPT, ¶m, null_msg, dest_buf, 381 sizeof(null_msg)); 382 if (k != sizeof(null_msg)) { 383 DEBUG_ERR("%s protected key is not valid\n", __func__); 384 return -EKEYREJECTED; 385 } 386 387 return 0; 388 } 389 390 /* 391 * Transform a non-CCA key token into a protected key 392 */ 393 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen, 394 struct pkey_protkey *protkey) 395 { 396 int rc = -EINVAL; 397 u8 *tmpbuf = NULL; 398 struct keytoken_header *hdr = (struct keytoken_header *)key; 399 400 switch (hdr->version) { 401 case TOKVER_PROTECTED_KEY: { 402 struct protaeskeytoken *t; 403 404 if (keylen != sizeof(struct protaeskeytoken)) 405 goto out; 406 t = (struct protaeskeytoken *)key; 407 protkey->len = t->len; 408 protkey->type = t->keytype; 409 memcpy(protkey->protkey, t->protkey, 410 sizeof(protkey->protkey)); 411 rc = pkey_verifyprotkey(protkey); 412 break; 413 } 414 case TOKVER_CLEAR_KEY: { 415 struct clearaeskeytoken *t; 416 struct pkey_clrkey ckey; 417 union u_tmpbuf { 418 u8 skey[SECKEYBLOBSIZE]; 419 u8 ep11key[MAXEP11AESKEYBLOBSIZE]; 420 }; 421 size_t tmpbuflen = sizeof(union u_tmpbuf); 422 423 if (keylen < sizeof(struct clearaeskeytoken)) 424 goto out; 425 t = (struct clearaeskeytoken *)key; 426 if (keylen != sizeof(*t) + t->len) 427 goto out; 428 if ((t->keytype == PKEY_KEYTYPE_AES_128 && t->len == 16) 429 || (t->keytype == PKEY_KEYTYPE_AES_192 && t->len == 24) 430 || (t->keytype == PKEY_KEYTYPE_AES_256 && t->len == 32)) 431 memcpy(ckey.clrkey, t->clearkey, t->len); 432 else 433 goto out; 434 /* alloc temp key buffer space */ 435 tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC); 436 if (!tmpbuf) { 437 rc = -ENOMEM; 438 goto out; 439 } 440 /* try direct way with the PCKMO instruction */ 441 rc = pkey_clr2protkey(t->keytype, &ckey, protkey); 442 if (rc == 0) 443 break; 444 /* PCKMO failed, so try the CCA secure key way */ 445 zcrypt_wait_api_operational(); 446 rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype, 447 ckey.clrkey, tmpbuf); 448 if (rc == 0) 449 rc = pkey_skey2pkey(tmpbuf, protkey); 450 if (rc == 0) 451 break; 452 /* if the CCA way also failed, let's try via EP11 */ 453 rc = pkey_clr2ep11key(ckey.clrkey, t->len, 454 tmpbuf, &tmpbuflen); 455 if (rc == 0) 456 rc = pkey_ep11key2pkey(tmpbuf, protkey); 457 /* now we should really have an protected key */ 458 DEBUG_ERR("%s unable to build protected key from clear", 459 __func__); 460 break; 461 } 462 case TOKVER_EP11_AES: { 463 /* check ep11 key for exportable as protected key */ 464 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1); 465 if (rc) 466 goto out; 467 rc = pkey_ep11key2pkey(key, protkey); 468 break; 469 } 470 case TOKVER_EP11_AES_WITH_HEADER: 471 /* check ep11 key with header for exportable as protected key */ 472 rc = ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1); 473 if (rc) 474 goto out; 475 rc = pkey_ep11key2pkey(key + sizeof(struct ep11kblob_header), 476 protkey); 477 break; 478 default: 479 DEBUG_ERR("%s unknown/unsupported non-CCA token version %d\n", 480 __func__, hdr->version); 481 rc = -EINVAL; 482 } 483 484 out: 485 kfree(tmpbuf); 486 return rc; 487 } 488 489 /* 490 * Transform a CCA internal key token into a protected key 491 */ 492 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen, 493 struct pkey_protkey *protkey) 494 { 495 struct keytoken_header *hdr = (struct keytoken_header *)key; 496 497 switch (hdr->version) { 498 case TOKVER_CCA_AES: 499 if (keylen != sizeof(struct secaeskeytoken)) 500 return -EINVAL; 501 break; 502 case TOKVER_CCA_VLSC: 503 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 504 return -EINVAL; 505 break; 506 default: 507 DEBUG_ERR("%s unknown/unsupported CCA internal token version %d\n", 508 __func__, hdr->version); 509 return -EINVAL; 510 } 511 512 return pkey_skey2pkey(key, protkey); 513 } 514 515 /* 516 * Transform a key blob (of any type) into a protected key 517 */ 518 int pkey_keyblob2pkey(const u8 *key, u32 keylen, 519 struct pkey_protkey *protkey) 520 { 521 int rc; 522 struct keytoken_header *hdr = (struct keytoken_header *)key; 523 524 if (keylen < sizeof(struct keytoken_header)) { 525 DEBUG_ERR("%s invalid keylen %d\n", __func__, keylen); 526 return -EINVAL; 527 } 528 529 switch (hdr->type) { 530 case TOKTYPE_NON_CCA: 531 rc = pkey_nonccatok2pkey(key, keylen, protkey); 532 break; 533 case TOKTYPE_CCA_INTERNAL: 534 rc = pkey_ccainttok2pkey(key, keylen, protkey); 535 break; 536 default: 537 DEBUG_ERR("%s unknown/unsupported blob type %d\n", 538 __func__, hdr->type); 539 return -EINVAL; 540 } 541 542 DEBUG_DBG("%s rc=%d\n", __func__, rc); 543 return rc; 544 545 } 546 EXPORT_SYMBOL(pkey_keyblob2pkey); 547 548 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns, 549 enum pkey_key_type ktype, enum pkey_key_size ksize, 550 u32 kflags, u8 *keybuf, size_t *keybufsize) 551 { 552 int i, card, dom, rc; 553 554 /* check for at least one apqn given */ 555 if (!apqns || !nr_apqns) 556 return -EINVAL; 557 558 /* check key type and size */ 559 switch (ktype) { 560 case PKEY_TYPE_CCA_DATA: 561 case PKEY_TYPE_CCA_CIPHER: 562 if (*keybufsize < SECKEYBLOBSIZE) 563 return -EINVAL; 564 break; 565 case PKEY_TYPE_EP11: 566 if (*keybufsize < MINEP11AESKEYBLOBSIZE) 567 return -EINVAL; 568 break; 569 default: 570 return -EINVAL; 571 } 572 switch (ksize) { 573 case PKEY_SIZE_AES_128: 574 case PKEY_SIZE_AES_192: 575 case PKEY_SIZE_AES_256: 576 break; 577 default: 578 return -EINVAL; 579 } 580 581 /* simple try all apqns from the list */ 582 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 583 card = apqns[i].card; 584 dom = apqns[i].domain; 585 if (ktype == PKEY_TYPE_EP11) { 586 rc = ep11_genaeskey(card, dom, ksize, kflags, 587 keybuf, keybufsize); 588 } else if (ktype == PKEY_TYPE_CCA_DATA) { 589 rc = cca_genseckey(card, dom, ksize, keybuf); 590 *keybufsize = (rc ? 0 : SECKEYBLOBSIZE); 591 } else /* TOKVER_CCA_VLSC */ 592 rc = cca_gencipherkey(card, dom, ksize, kflags, 593 keybuf, keybufsize); 594 if (rc == 0) 595 break; 596 } 597 598 return rc; 599 } 600 601 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns, 602 enum pkey_key_type ktype, enum pkey_key_size ksize, 603 u32 kflags, const u8 *clrkey, 604 u8 *keybuf, size_t *keybufsize) 605 { 606 int i, card, dom, rc; 607 608 /* check for at least one apqn given */ 609 if (!apqns || !nr_apqns) 610 return -EINVAL; 611 612 /* check key type and size */ 613 switch (ktype) { 614 case PKEY_TYPE_CCA_DATA: 615 case PKEY_TYPE_CCA_CIPHER: 616 if (*keybufsize < SECKEYBLOBSIZE) 617 return -EINVAL; 618 break; 619 case PKEY_TYPE_EP11: 620 if (*keybufsize < MINEP11AESKEYBLOBSIZE) 621 return -EINVAL; 622 break; 623 default: 624 return -EINVAL; 625 } 626 switch (ksize) { 627 case PKEY_SIZE_AES_128: 628 case PKEY_SIZE_AES_192: 629 case PKEY_SIZE_AES_256: 630 break; 631 default: 632 return -EINVAL; 633 } 634 635 zcrypt_wait_api_operational(); 636 637 /* simple try all apqns from the list */ 638 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 639 card = apqns[i].card; 640 dom = apqns[i].domain; 641 if (ktype == PKEY_TYPE_EP11) { 642 rc = ep11_clr2keyblob(card, dom, ksize, kflags, 643 clrkey, keybuf, keybufsize); 644 } else if (ktype == PKEY_TYPE_CCA_DATA) { 645 rc = cca_clr2seckey(card, dom, ksize, 646 clrkey, keybuf); 647 *keybufsize = (rc ? 0 : SECKEYBLOBSIZE); 648 } else /* TOKVER_CCA_VLSC */ 649 rc = cca_clr2cipherkey(card, dom, ksize, kflags, 650 clrkey, keybuf, keybufsize); 651 if (rc == 0) 652 break; 653 } 654 655 return rc; 656 } 657 658 static int pkey_verifykey2(const u8 *key, size_t keylen, 659 u16 *cardnr, u16 *domain, 660 enum pkey_key_type *ktype, 661 enum pkey_key_size *ksize, u32 *flags) 662 { 663 int rc; 664 u32 _nr_apqns, *_apqns = NULL; 665 struct keytoken_header *hdr = (struct keytoken_header *)key; 666 667 if (keylen < sizeof(struct keytoken_header)) 668 return -EINVAL; 669 670 if (hdr->type == TOKTYPE_CCA_INTERNAL 671 && hdr->version == TOKVER_CCA_AES) { 672 struct secaeskeytoken *t = (struct secaeskeytoken *)key; 673 674 rc = cca_check_secaeskeytoken(debug_info, 3, key, 0); 675 if (rc) 676 goto out; 677 if (ktype) 678 *ktype = PKEY_TYPE_CCA_DATA; 679 if (ksize) 680 *ksize = (enum pkey_key_size) t->bitsize; 681 682 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 683 ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1); 684 if (rc == 0 && flags) 685 *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 686 if (rc == -ENODEV) { 687 rc = cca_findcard2(&_apqns, &_nr_apqns, 688 *cardnr, *domain, 689 ZCRYPT_CEX3C, AES_MK_SET, 690 0, t->mkvp, 1); 691 if (rc == 0 && flags) 692 *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 693 } 694 if (rc) 695 goto out; 696 697 *cardnr = ((struct pkey_apqn *)_apqns)->card; 698 *domain = ((struct pkey_apqn *)_apqns)->domain; 699 700 } else if (hdr->type == TOKTYPE_CCA_INTERNAL 701 && hdr->version == TOKVER_CCA_VLSC) { 702 struct cipherkeytoken *t = (struct cipherkeytoken *)key; 703 704 rc = cca_check_secaescipherkey(debug_info, 3, key, 0, 1); 705 if (rc) 706 goto out; 707 if (ktype) 708 *ktype = PKEY_TYPE_CCA_CIPHER; 709 if (ksize) { 710 *ksize = PKEY_SIZE_UNKNOWN; 711 if (!t->plfver && t->wpllen == 512) 712 *ksize = PKEY_SIZE_AES_128; 713 else if (!t->plfver && t->wpllen == 576) 714 *ksize = PKEY_SIZE_AES_192; 715 else if (!t->plfver && t->wpllen == 640) 716 *ksize = PKEY_SIZE_AES_256; 717 } 718 719 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 720 ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1); 721 if (rc == 0 && flags) 722 *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 723 if (rc == -ENODEV) { 724 rc = cca_findcard2(&_apqns, &_nr_apqns, 725 *cardnr, *domain, 726 ZCRYPT_CEX6, AES_MK_SET, 727 0, t->mkvp0, 1); 728 if (rc == 0 && flags) 729 *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 730 } 731 if (rc) 732 goto out; 733 734 *cardnr = ((struct pkey_apqn *)_apqns)->card; 735 *domain = ((struct pkey_apqn *)_apqns)->domain; 736 737 } else if (hdr->type == TOKTYPE_NON_CCA 738 && hdr->version == TOKVER_EP11_AES) { 739 struct ep11keyblob *kb = (struct ep11keyblob *)key; 740 741 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1); 742 if (rc) 743 goto out; 744 if (ktype) 745 *ktype = PKEY_TYPE_EP11; 746 if (ksize) 747 *ksize = kb->head.keybitlen; 748 749 rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 750 ZCRYPT_CEX7, EP11_API_V, kb->wkvp); 751 if (rc) 752 goto out; 753 754 if (flags) 755 *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 756 757 *cardnr = ((struct pkey_apqn *)_apqns)->card; 758 *domain = ((struct pkey_apqn *)_apqns)->domain; 759 760 } else 761 rc = -EINVAL; 762 763 out: 764 kfree(_apqns); 765 return rc; 766 } 767 768 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns, 769 const u8 *key, size_t keylen, 770 struct pkey_protkey *pkey) 771 { 772 int i, card, dom, rc; 773 struct keytoken_header *hdr = (struct keytoken_header *)key; 774 775 /* check for at least one apqn given */ 776 if (!apqns || !nr_apqns) 777 return -EINVAL; 778 779 if (keylen < sizeof(struct keytoken_header)) 780 return -EINVAL; 781 782 if (hdr->type == TOKTYPE_CCA_INTERNAL) { 783 if (hdr->version == TOKVER_CCA_AES) { 784 if (keylen != sizeof(struct secaeskeytoken)) 785 return -EINVAL; 786 if (cca_check_secaeskeytoken(debug_info, 3, key, 0)) 787 return -EINVAL; 788 } else if (hdr->version == TOKVER_CCA_VLSC) { 789 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 790 return -EINVAL; 791 if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1)) 792 return -EINVAL; 793 } else { 794 DEBUG_ERR("%s unknown CCA internal token version %d\n", 795 __func__, hdr->version); 796 return -EINVAL; 797 } 798 } else if (hdr->type == TOKTYPE_NON_CCA) { 799 if (hdr->version == TOKVER_EP11_AES) { 800 if (keylen < sizeof(struct ep11keyblob)) 801 return -EINVAL; 802 if (ep11_check_aes_key(debug_info, 3, key, keylen, 1)) 803 return -EINVAL; 804 } else { 805 return pkey_nonccatok2pkey(key, keylen, pkey); 806 } 807 } else { 808 DEBUG_ERR("%s unknown/unsupported blob type %d\n", 809 __func__, hdr->type); 810 return -EINVAL; 811 } 812 813 zcrypt_wait_api_operational(); 814 815 /* simple try all apqns from the list */ 816 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 817 card = apqns[i].card; 818 dom = apqns[i].domain; 819 if (hdr->type == TOKTYPE_CCA_INTERNAL 820 && hdr->version == TOKVER_CCA_AES) 821 rc = cca_sec2protkey(card, dom, key, pkey->protkey, 822 &pkey->len, &pkey->type); 823 else if (hdr->type == TOKTYPE_CCA_INTERNAL 824 && hdr->version == TOKVER_CCA_VLSC) 825 rc = cca_cipher2protkey(card, dom, key, pkey->protkey, 826 &pkey->len, &pkey->type); 827 else { /* EP11 AES secure key blob */ 828 struct ep11keyblob *kb = (struct ep11keyblob *) key; 829 830 pkey->len = sizeof(pkey->protkey); 831 rc = ep11_kblob2protkey(card, dom, key, kb->head.len, 832 pkey->protkey, &pkey->len, 833 &pkey->type); 834 } 835 if (rc == 0) 836 break; 837 } 838 839 return rc; 840 } 841 842 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags, 843 struct pkey_apqn *apqns, size_t *nr_apqns) 844 { 845 int rc; 846 u32 _nr_apqns, *_apqns = NULL; 847 struct keytoken_header *hdr = (struct keytoken_header *)key; 848 849 if (keylen < sizeof(struct keytoken_header) || flags == 0) 850 return -EINVAL; 851 852 zcrypt_wait_api_operational(); 853 854 if (hdr->type == TOKTYPE_NON_CCA 855 && (hdr->version == TOKVER_EP11_AES_WITH_HEADER 856 || hdr->version == TOKVER_EP11_ECC_WITH_HEADER) 857 && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 858 int minhwtype = 0, api = 0; 859 struct ep11keyblob *kb = (struct ep11keyblob *) 860 (key + sizeof(struct ep11kblob_header)); 861 862 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP) 863 return -EINVAL; 864 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) { 865 minhwtype = ZCRYPT_CEX7; 866 api = EP11_API_V; 867 } 868 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 869 minhwtype, api, kb->wkvp); 870 if (rc) 871 goto out; 872 } else if (hdr->type == TOKTYPE_NON_CCA 873 && hdr->version == TOKVER_EP11_AES 874 && is_ep11_keyblob(key)) { 875 int minhwtype = 0, api = 0; 876 struct ep11keyblob *kb = (struct ep11keyblob *) key; 877 878 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP) 879 return -EINVAL; 880 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) { 881 minhwtype = ZCRYPT_CEX7; 882 api = EP11_API_V; 883 } 884 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 885 minhwtype, api, kb->wkvp); 886 if (rc) 887 goto out; 888 } else if (hdr->type == TOKTYPE_CCA_INTERNAL) { 889 int minhwtype = ZCRYPT_CEX3C; 890 u64 cur_mkvp = 0, old_mkvp = 0; 891 892 if (hdr->version == TOKVER_CCA_AES) { 893 struct secaeskeytoken *t = (struct secaeskeytoken *)key; 894 895 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 896 cur_mkvp = t->mkvp; 897 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 898 old_mkvp = t->mkvp; 899 } else if (hdr->version == TOKVER_CCA_VLSC) { 900 struct cipherkeytoken *t = (struct cipherkeytoken *)key; 901 902 minhwtype = ZCRYPT_CEX6; 903 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 904 cur_mkvp = t->mkvp0; 905 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 906 old_mkvp = t->mkvp0; 907 } else { 908 /* unknown cca internal token type */ 909 return -EINVAL; 910 } 911 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 912 minhwtype, AES_MK_SET, 913 cur_mkvp, old_mkvp, 1); 914 if (rc) 915 goto out; 916 } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) { 917 u64 cur_mkvp = 0, old_mkvp = 0; 918 struct eccprivkeytoken *t = (struct eccprivkeytoken *)key; 919 920 if (t->secid == 0x20) { 921 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 922 cur_mkvp = t->mkvp; 923 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 924 old_mkvp = t->mkvp; 925 } else { 926 /* unknown cca internal 2 token type */ 927 return -EINVAL; 928 } 929 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 930 ZCRYPT_CEX7, APKA_MK_SET, 931 cur_mkvp, old_mkvp, 1); 932 if (rc) 933 goto out; 934 } else 935 return -EINVAL; 936 937 if (apqns) { 938 if (*nr_apqns < _nr_apqns) 939 rc = -ENOSPC; 940 else 941 memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 942 } 943 *nr_apqns = _nr_apqns; 944 945 out: 946 kfree(_apqns); 947 return rc; 948 } 949 950 static int pkey_apqns4keytype(enum pkey_key_type ktype, 951 u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags, 952 struct pkey_apqn *apqns, size_t *nr_apqns) 953 { 954 int rc; 955 u32 _nr_apqns, *_apqns = NULL; 956 957 zcrypt_wait_api_operational(); 958 959 if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) { 960 u64 cur_mkvp = 0, old_mkvp = 0; 961 int minhwtype = ZCRYPT_CEX3C; 962 963 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 964 cur_mkvp = *((u64 *) cur_mkvp); 965 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 966 old_mkvp = *((u64 *) alt_mkvp); 967 if (ktype == PKEY_TYPE_CCA_CIPHER) 968 minhwtype = ZCRYPT_CEX6; 969 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 970 minhwtype, AES_MK_SET, 971 cur_mkvp, old_mkvp, 1); 972 if (rc) 973 goto out; 974 } else if (ktype == PKEY_TYPE_CCA_ECC) { 975 u64 cur_mkvp = 0, old_mkvp = 0; 976 977 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 978 cur_mkvp = *((u64 *) cur_mkvp); 979 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 980 old_mkvp = *((u64 *) alt_mkvp); 981 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 982 ZCRYPT_CEX7, APKA_MK_SET, 983 cur_mkvp, old_mkvp, 1); 984 if (rc) 985 goto out; 986 987 } else if (ktype == PKEY_TYPE_EP11 || 988 ktype == PKEY_TYPE_EP11_AES || 989 ktype == PKEY_TYPE_EP11_ECC) { 990 u8 *wkvp = NULL; 991 992 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 993 wkvp = cur_mkvp; 994 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 995 ZCRYPT_CEX7, EP11_API_V, wkvp); 996 if (rc) 997 goto out; 998 999 } else 1000 return -EINVAL; 1001 1002 if (apqns) { 1003 if (*nr_apqns < _nr_apqns) 1004 rc = -ENOSPC; 1005 else 1006 memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 1007 } 1008 *nr_apqns = _nr_apqns; 1009 1010 out: 1011 kfree(_apqns); 1012 return rc; 1013 } 1014 1015 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns, 1016 const u8 *key, size_t keylen, u32 *protkeytype, 1017 u8 *protkey, u32 *protkeylen) 1018 { 1019 int i, card, dom, rc; 1020 struct keytoken_header *hdr = (struct keytoken_header *)key; 1021 1022 /* check for at least one apqn given */ 1023 if (!apqns || !nr_apqns) 1024 return -EINVAL; 1025 1026 if (keylen < sizeof(struct keytoken_header)) 1027 return -EINVAL; 1028 1029 if (hdr->type == TOKTYPE_NON_CCA 1030 && hdr->version == TOKVER_EP11_AES_WITH_HEADER 1031 && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 1032 /* EP11 AES key blob with header */ 1033 if (ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1)) 1034 return -EINVAL; 1035 } else if (hdr->type == TOKTYPE_NON_CCA 1036 && hdr->version == TOKVER_EP11_ECC_WITH_HEADER 1037 && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 1038 /* EP11 ECC key blob with header */ 1039 if (ep11_check_ecc_key_with_hdr(debug_info, 3, key, keylen, 1)) 1040 return -EINVAL; 1041 } else if (hdr->type == TOKTYPE_NON_CCA 1042 && hdr->version == TOKVER_EP11_AES 1043 && is_ep11_keyblob(key)) { 1044 /* EP11 AES key blob with header in session field */ 1045 if (ep11_check_aes_key(debug_info, 3, key, keylen, 1)) 1046 return -EINVAL; 1047 } else if (hdr->type == TOKTYPE_CCA_INTERNAL) { 1048 if (hdr->version == TOKVER_CCA_AES) { 1049 /* CCA AES data key */ 1050 if (keylen != sizeof(struct secaeskeytoken)) 1051 return -EINVAL; 1052 if (cca_check_secaeskeytoken(debug_info, 3, key, 0)) 1053 return -EINVAL; 1054 } else if (hdr->version == TOKVER_CCA_VLSC) { 1055 /* CCA AES cipher key */ 1056 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 1057 return -EINVAL; 1058 if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1)) 1059 return -EINVAL; 1060 } else { 1061 DEBUG_ERR("%s unknown CCA internal token version %d\n", 1062 __func__, hdr->version); 1063 return -EINVAL; 1064 } 1065 } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) { 1066 /* CCA ECC (private) key */ 1067 if (keylen < sizeof(struct eccprivkeytoken)) 1068 return -EINVAL; 1069 if (cca_check_sececckeytoken(debug_info, 3, key, keylen, 1)) 1070 return -EINVAL; 1071 } else if (hdr->type == TOKTYPE_NON_CCA) { 1072 struct pkey_protkey pkey; 1073 1074 rc = pkey_nonccatok2pkey(key, keylen, &pkey); 1075 if (rc) 1076 return rc; 1077 memcpy(protkey, pkey.protkey, pkey.len); 1078 *protkeylen = pkey.len; 1079 *protkeytype = pkey.type; 1080 return 0; 1081 } else { 1082 DEBUG_ERR("%s unknown/unsupported blob type %d\n", 1083 __func__, hdr->type); 1084 return -EINVAL; 1085 } 1086 1087 /* simple try all apqns from the list */ 1088 for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) { 1089 card = apqns[i].card; 1090 dom = apqns[i].domain; 1091 if (hdr->type == TOKTYPE_NON_CCA 1092 && (hdr->version == TOKVER_EP11_AES_WITH_HEADER 1093 || hdr->version == TOKVER_EP11_ECC_WITH_HEADER) 1094 && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) 1095 rc = ep11_kblob2protkey(card, dom, key, hdr->len, 1096 protkey, protkeylen, protkeytype); 1097 else if (hdr->type == TOKTYPE_NON_CCA 1098 && hdr->version == TOKVER_EP11_AES 1099 && is_ep11_keyblob(key)) 1100 rc = ep11_kblob2protkey(card, dom, key, hdr->len, 1101 protkey, protkeylen, protkeytype); 1102 else if (hdr->type == TOKTYPE_CCA_INTERNAL && 1103 hdr->version == TOKVER_CCA_AES) 1104 rc = cca_sec2protkey(card, dom, key, protkey, 1105 protkeylen, protkeytype); 1106 else if (hdr->type == TOKTYPE_CCA_INTERNAL && 1107 hdr->version == TOKVER_CCA_VLSC) 1108 rc = cca_cipher2protkey(card, dom, key, protkey, 1109 protkeylen, protkeytype); 1110 else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) 1111 rc = cca_ecc2protkey(card, dom, key, protkey, 1112 protkeylen, protkeytype); 1113 else 1114 return -EINVAL; 1115 } 1116 1117 return rc; 1118 } 1119 1120 /* 1121 * File io functions 1122 */ 1123 1124 static void *_copy_key_from_user(void __user *ukey, size_t keylen) 1125 { 1126 if (!ukey || keylen < MINKEYBLOBSIZE || keylen > KEYBLOBBUFSIZE) 1127 return ERR_PTR(-EINVAL); 1128 1129 return memdup_user(ukey, keylen); 1130 } 1131 1132 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns) 1133 { 1134 if (!uapqns || nr_apqns == 0) 1135 return NULL; 1136 1137 return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn)); 1138 } 1139 1140 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd, 1141 unsigned long arg) 1142 { 1143 int rc; 1144 1145 switch (cmd) { 1146 case PKEY_GENSECK: { 1147 struct pkey_genseck __user *ugs = (void __user *) arg; 1148 struct pkey_genseck kgs; 1149 1150 if (copy_from_user(&kgs, ugs, sizeof(kgs))) 1151 return -EFAULT; 1152 rc = cca_genseckey(kgs.cardnr, kgs.domain, 1153 kgs.keytype, kgs.seckey.seckey); 1154 DEBUG_DBG("%s cca_genseckey()=%d\n", __func__, rc); 1155 if (rc) 1156 break; 1157 if (copy_to_user(ugs, &kgs, sizeof(kgs))) 1158 return -EFAULT; 1159 break; 1160 } 1161 case PKEY_CLR2SECK: { 1162 struct pkey_clr2seck __user *ucs = (void __user *) arg; 1163 struct pkey_clr2seck kcs; 1164 1165 if (copy_from_user(&kcs, ucs, sizeof(kcs))) 1166 return -EFAULT; 1167 rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype, 1168 kcs.clrkey.clrkey, kcs.seckey.seckey); 1169 DEBUG_DBG("%s cca_clr2seckey()=%d\n", __func__, rc); 1170 if (rc) 1171 break; 1172 if (copy_to_user(ucs, &kcs, sizeof(kcs))) 1173 return -EFAULT; 1174 memzero_explicit(&kcs, sizeof(kcs)); 1175 break; 1176 } 1177 case PKEY_SEC2PROTK: { 1178 struct pkey_sec2protk __user *usp = (void __user *) arg; 1179 struct pkey_sec2protk ksp; 1180 1181 if (copy_from_user(&ksp, usp, sizeof(ksp))) 1182 return -EFAULT; 1183 rc = cca_sec2protkey(ksp.cardnr, ksp.domain, 1184 ksp.seckey.seckey, ksp.protkey.protkey, 1185 &ksp.protkey.len, &ksp.protkey.type); 1186 DEBUG_DBG("%s cca_sec2protkey()=%d\n", __func__, rc); 1187 if (rc) 1188 break; 1189 if (copy_to_user(usp, &ksp, sizeof(ksp))) 1190 return -EFAULT; 1191 break; 1192 } 1193 case PKEY_CLR2PROTK: { 1194 struct pkey_clr2protk __user *ucp = (void __user *) arg; 1195 struct pkey_clr2protk kcp; 1196 1197 if (copy_from_user(&kcp, ucp, sizeof(kcp))) 1198 return -EFAULT; 1199 rc = pkey_clr2protkey(kcp.keytype, 1200 &kcp.clrkey, &kcp.protkey); 1201 DEBUG_DBG("%s pkey_clr2protkey()=%d\n", __func__, rc); 1202 if (rc) 1203 break; 1204 if (copy_to_user(ucp, &kcp, sizeof(kcp))) 1205 return -EFAULT; 1206 memzero_explicit(&kcp, sizeof(kcp)); 1207 break; 1208 } 1209 case PKEY_FINDCARD: { 1210 struct pkey_findcard __user *ufc = (void __user *) arg; 1211 struct pkey_findcard kfc; 1212 1213 if (copy_from_user(&kfc, ufc, sizeof(kfc))) 1214 return -EFAULT; 1215 rc = cca_findcard(kfc.seckey.seckey, 1216 &kfc.cardnr, &kfc.domain, 1); 1217 DEBUG_DBG("%s cca_findcard()=%d\n", __func__, rc); 1218 if (rc < 0) 1219 break; 1220 if (copy_to_user(ufc, &kfc, sizeof(kfc))) 1221 return -EFAULT; 1222 break; 1223 } 1224 case PKEY_SKEY2PKEY: { 1225 struct pkey_skey2pkey __user *usp = (void __user *) arg; 1226 struct pkey_skey2pkey ksp; 1227 1228 if (copy_from_user(&ksp, usp, sizeof(ksp))) 1229 return -EFAULT; 1230 rc = pkey_skey2pkey(ksp.seckey.seckey, &ksp.protkey); 1231 DEBUG_DBG("%s pkey_skey2pkey()=%d\n", __func__, rc); 1232 if (rc) 1233 break; 1234 if (copy_to_user(usp, &ksp, sizeof(ksp))) 1235 return -EFAULT; 1236 break; 1237 } 1238 case PKEY_VERIFYKEY: { 1239 struct pkey_verifykey __user *uvk = (void __user *) arg; 1240 struct pkey_verifykey kvk; 1241 1242 if (copy_from_user(&kvk, uvk, sizeof(kvk))) 1243 return -EFAULT; 1244 rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain, 1245 &kvk.keysize, &kvk.attributes); 1246 DEBUG_DBG("%s pkey_verifykey()=%d\n", __func__, rc); 1247 if (rc) 1248 break; 1249 if (copy_to_user(uvk, &kvk, sizeof(kvk))) 1250 return -EFAULT; 1251 break; 1252 } 1253 case PKEY_GENPROTK: { 1254 struct pkey_genprotk __user *ugp = (void __user *) arg; 1255 struct pkey_genprotk kgp; 1256 1257 if (copy_from_user(&kgp, ugp, sizeof(kgp))) 1258 return -EFAULT; 1259 rc = pkey_genprotkey(kgp.keytype, &kgp.protkey); 1260 DEBUG_DBG("%s pkey_genprotkey()=%d\n", __func__, rc); 1261 if (rc) 1262 break; 1263 if (copy_to_user(ugp, &kgp, sizeof(kgp))) 1264 return -EFAULT; 1265 break; 1266 } 1267 case PKEY_VERIFYPROTK: { 1268 struct pkey_verifyprotk __user *uvp = (void __user *) arg; 1269 struct pkey_verifyprotk kvp; 1270 1271 if (copy_from_user(&kvp, uvp, sizeof(kvp))) 1272 return -EFAULT; 1273 rc = pkey_verifyprotkey(&kvp.protkey); 1274 DEBUG_DBG("%s pkey_verifyprotkey()=%d\n", __func__, rc); 1275 break; 1276 } 1277 case PKEY_KBLOB2PROTK: { 1278 struct pkey_kblob2pkey __user *utp = (void __user *) arg; 1279 struct pkey_kblob2pkey ktp; 1280 u8 *kkey; 1281 1282 if (copy_from_user(&ktp, utp, sizeof(ktp))) 1283 return -EFAULT; 1284 kkey = _copy_key_from_user(ktp.key, ktp.keylen); 1285 if (IS_ERR(kkey)) 1286 return PTR_ERR(kkey); 1287 rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey); 1288 DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc); 1289 kfree(kkey); 1290 if (rc) 1291 break; 1292 if (copy_to_user(utp, &ktp, sizeof(ktp))) 1293 return -EFAULT; 1294 break; 1295 } 1296 case PKEY_GENSECK2: { 1297 struct pkey_genseck2 __user *ugs = (void __user *) arg; 1298 struct pkey_genseck2 kgs; 1299 struct pkey_apqn *apqns; 1300 size_t klen = KEYBLOBBUFSIZE; 1301 u8 *kkey; 1302 1303 if (copy_from_user(&kgs, ugs, sizeof(kgs))) 1304 return -EFAULT; 1305 apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries); 1306 if (IS_ERR(apqns)) 1307 return PTR_ERR(apqns); 1308 kkey = kmalloc(klen, GFP_KERNEL); 1309 if (!kkey) { 1310 kfree(apqns); 1311 return -ENOMEM; 1312 } 1313 rc = pkey_genseckey2(apqns, kgs.apqn_entries, 1314 kgs.type, kgs.size, kgs.keygenflags, 1315 kkey, &klen); 1316 DEBUG_DBG("%s pkey_genseckey2()=%d\n", __func__, rc); 1317 kfree(apqns); 1318 if (rc) { 1319 kfree(kkey); 1320 break; 1321 } 1322 if (kgs.key) { 1323 if (kgs.keylen < klen) { 1324 kfree(kkey); 1325 return -EINVAL; 1326 } 1327 if (copy_to_user(kgs.key, kkey, klen)) { 1328 kfree(kkey); 1329 return -EFAULT; 1330 } 1331 } 1332 kgs.keylen = klen; 1333 if (copy_to_user(ugs, &kgs, sizeof(kgs))) 1334 rc = -EFAULT; 1335 kfree(kkey); 1336 break; 1337 } 1338 case PKEY_CLR2SECK2: { 1339 struct pkey_clr2seck2 __user *ucs = (void __user *) arg; 1340 struct pkey_clr2seck2 kcs; 1341 struct pkey_apqn *apqns; 1342 size_t klen = KEYBLOBBUFSIZE; 1343 u8 *kkey; 1344 1345 if (copy_from_user(&kcs, ucs, sizeof(kcs))) 1346 return -EFAULT; 1347 apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries); 1348 if (IS_ERR(apqns)) 1349 return PTR_ERR(apqns); 1350 kkey = kmalloc(klen, GFP_KERNEL); 1351 if (!kkey) { 1352 kfree(apqns); 1353 return -ENOMEM; 1354 } 1355 rc = pkey_clr2seckey2(apqns, kcs.apqn_entries, 1356 kcs.type, kcs.size, kcs.keygenflags, 1357 kcs.clrkey.clrkey, kkey, &klen); 1358 DEBUG_DBG("%s pkey_clr2seckey2()=%d\n", __func__, rc); 1359 kfree(apqns); 1360 if (rc) { 1361 kfree(kkey); 1362 break; 1363 } 1364 if (kcs.key) { 1365 if (kcs.keylen < klen) { 1366 kfree(kkey); 1367 return -EINVAL; 1368 } 1369 if (copy_to_user(kcs.key, kkey, klen)) { 1370 kfree(kkey); 1371 return -EFAULT; 1372 } 1373 } 1374 kcs.keylen = klen; 1375 if (copy_to_user(ucs, &kcs, sizeof(kcs))) 1376 rc = -EFAULT; 1377 memzero_explicit(&kcs, sizeof(kcs)); 1378 kfree(kkey); 1379 break; 1380 } 1381 case PKEY_VERIFYKEY2: { 1382 struct pkey_verifykey2 __user *uvk = (void __user *) arg; 1383 struct pkey_verifykey2 kvk; 1384 u8 *kkey; 1385 1386 if (copy_from_user(&kvk, uvk, sizeof(kvk))) 1387 return -EFAULT; 1388 kkey = _copy_key_from_user(kvk.key, kvk.keylen); 1389 if (IS_ERR(kkey)) 1390 return PTR_ERR(kkey); 1391 rc = pkey_verifykey2(kkey, kvk.keylen, 1392 &kvk.cardnr, &kvk.domain, 1393 &kvk.type, &kvk.size, &kvk.flags); 1394 DEBUG_DBG("%s pkey_verifykey2()=%d\n", __func__, rc); 1395 kfree(kkey); 1396 if (rc) 1397 break; 1398 if (copy_to_user(uvk, &kvk, sizeof(kvk))) 1399 return -EFAULT; 1400 break; 1401 } 1402 case PKEY_KBLOB2PROTK2: { 1403 struct pkey_kblob2pkey2 __user *utp = (void __user *) arg; 1404 struct pkey_kblob2pkey2 ktp; 1405 struct pkey_apqn *apqns = NULL; 1406 u8 *kkey; 1407 1408 if (copy_from_user(&ktp, utp, sizeof(ktp))) 1409 return -EFAULT; 1410 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries); 1411 if (IS_ERR(apqns)) 1412 return PTR_ERR(apqns); 1413 kkey = _copy_key_from_user(ktp.key, ktp.keylen); 1414 if (IS_ERR(kkey)) { 1415 kfree(apqns); 1416 return PTR_ERR(kkey); 1417 } 1418 rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries, 1419 kkey, ktp.keylen, &ktp.protkey); 1420 DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc); 1421 kfree(apqns); 1422 kfree(kkey); 1423 if (rc) 1424 break; 1425 if (copy_to_user(utp, &ktp, sizeof(ktp))) 1426 return -EFAULT; 1427 break; 1428 } 1429 case PKEY_APQNS4K: { 1430 struct pkey_apqns4key __user *uak = (void __user *) arg; 1431 struct pkey_apqns4key kak; 1432 struct pkey_apqn *apqns = NULL; 1433 size_t nr_apqns, len; 1434 u8 *kkey; 1435 1436 if (copy_from_user(&kak, uak, sizeof(kak))) 1437 return -EFAULT; 1438 nr_apqns = kak.apqn_entries; 1439 if (nr_apqns) { 1440 apqns = kmalloc_array(nr_apqns, 1441 sizeof(struct pkey_apqn), 1442 GFP_KERNEL); 1443 if (!apqns) 1444 return -ENOMEM; 1445 } 1446 kkey = _copy_key_from_user(kak.key, kak.keylen); 1447 if (IS_ERR(kkey)) { 1448 kfree(apqns); 1449 return PTR_ERR(kkey); 1450 } 1451 rc = pkey_apqns4key(kkey, kak.keylen, kak.flags, 1452 apqns, &nr_apqns); 1453 DEBUG_DBG("%s pkey_apqns4key()=%d\n", __func__, rc); 1454 kfree(kkey); 1455 if (rc && rc != -ENOSPC) { 1456 kfree(apqns); 1457 break; 1458 } 1459 if (!rc && kak.apqns) { 1460 if (nr_apqns > kak.apqn_entries) { 1461 kfree(apqns); 1462 return -EINVAL; 1463 } 1464 len = nr_apqns * sizeof(struct pkey_apqn); 1465 if (len) { 1466 if (copy_to_user(kak.apqns, apqns, len)) { 1467 kfree(apqns); 1468 return -EFAULT; 1469 } 1470 } 1471 } 1472 kak.apqn_entries = nr_apqns; 1473 if (copy_to_user(uak, &kak, sizeof(kak))) 1474 rc = -EFAULT; 1475 kfree(apqns); 1476 break; 1477 } 1478 case PKEY_APQNS4KT: { 1479 struct pkey_apqns4keytype __user *uat = (void __user *) arg; 1480 struct pkey_apqns4keytype kat; 1481 struct pkey_apqn *apqns = NULL; 1482 size_t nr_apqns, len; 1483 1484 if (copy_from_user(&kat, uat, sizeof(kat))) 1485 return -EFAULT; 1486 nr_apqns = kat.apqn_entries; 1487 if (nr_apqns) { 1488 apqns = kmalloc_array(nr_apqns, 1489 sizeof(struct pkey_apqn), 1490 GFP_KERNEL); 1491 if (!apqns) 1492 return -ENOMEM; 1493 } 1494 rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp, 1495 kat.flags, apqns, &nr_apqns); 1496 DEBUG_DBG("%s pkey_apqns4keytype()=%d\n", __func__, rc); 1497 if (rc && rc != -ENOSPC) { 1498 kfree(apqns); 1499 break; 1500 } 1501 if (!rc && kat.apqns) { 1502 if (nr_apqns > kat.apqn_entries) { 1503 kfree(apqns); 1504 return -EINVAL; 1505 } 1506 len = nr_apqns * sizeof(struct pkey_apqn); 1507 if (len) { 1508 if (copy_to_user(kat.apqns, apqns, len)) { 1509 kfree(apqns); 1510 return -EFAULT; 1511 } 1512 } 1513 } 1514 kat.apqn_entries = nr_apqns; 1515 if (copy_to_user(uat, &kat, sizeof(kat))) 1516 rc = -EFAULT; 1517 kfree(apqns); 1518 break; 1519 } 1520 case PKEY_KBLOB2PROTK3: { 1521 struct pkey_kblob2pkey3 __user *utp = (void __user *) arg; 1522 struct pkey_kblob2pkey3 ktp; 1523 struct pkey_apqn *apqns = NULL; 1524 u32 protkeylen = PROTKEYBLOBBUFSIZE; 1525 u8 *kkey, *protkey; 1526 1527 if (copy_from_user(&ktp, utp, sizeof(ktp))) 1528 return -EFAULT; 1529 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries); 1530 if (IS_ERR(apqns)) 1531 return PTR_ERR(apqns); 1532 kkey = _copy_key_from_user(ktp.key, ktp.keylen); 1533 if (IS_ERR(kkey)) { 1534 kfree(apqns); 1535 return PTR_ERR(kkey); 1536 } 1537 protkey = kmalloc(protkeylen, GFP_KERNEL); 1538 if (!protkey) { 1539 kfree(apqns); 1540 kfree(kkey); 1541 return -ENOMEM; 1542 } 1543 rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, kkey, 1544 ktp.keylen, &ktp.pkeytype, 1545 protkey, &protkeylen); 1546 DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc); 1547 kfree(apqns); 1548 kfree(kkey); 1549 if (rc) { 1550 kfree(protkey); 1551 break; 1552 } 1553 if (ktp.pkey && ktp.pkeylen) { 1554 if (protkeylen > ktp.pkeylen) { 1555 kfree(protkey); 1556 return -EINVAL; 1557 } 1558 if (copy_to_user(ktp.pkey, protkey, protkeylen)) { 1559 kfree(protkey); 1560 return -EFAULT; 1561 } 1562 } 1563 kfree(protkey); 1564 ktp.pkeylen = protkeylen; 1565 if (copy_to_user(utp, &ktp, sizeof(ktp))) 1566 return -EFAULT; 1567 break; 1568 } 1569 default: 1570 /* unknown/unsupported ioctl cmd */ 1571 return -ENOTTY; 1572 } 1573 1574 return rc; 1575 } 1576 1577 /* 1578 * Sysfs and file io operations 1579 */ 1580 1581 /* 1582 * Sysfs attribute read function for all protected key binary attributes. 1583 * The implementation can not deal with partial reads, because a new random 1584 * protected key blob is generated with each read. In case of partial reads 1585 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1586 */ 1587 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf, 1588 loff_t off, size_t count) 1589 { 1590 struct protaeskeytoken protkeytoken; 1591 struct pkey_protkey protkey; 1592 int rc; 1593 1594 if (off != 0 || count < sizeof(protkeytoken)) 1595 return -EINVAL; 1596 if (is_xts) 1597 if (count < 2 * sizeof(protkeytoken)) 1598 return -EINVAL; 1599 1600 memset(&protkeytoken, 0, sizeof(protkeytoken)); 1601 protkeytoken.type = TOKTYPE_NON_CCA; 1602 protkeytoken.version = TOKVER_PROTECTED_KEY; 1603 protkeytoken.keytype = keytype; 1604 1605 rc = pkey_genprotkey(protkeytoken.keytype, &protkey); 1606 if (rc) 1607 return rc; 1608 1609 protkeytoken.len = protkey.len; 1610 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 1611 1612 memcpy(buf, &protkeytoken, sizeof(protkeytoken)); 1613 1614 if (is_xts) { 1615 rc = pkey_genprotkey(protkeytoken.keytype, &protkey); 1616 if (rc) 1617 return rc; 1618 1619 protkeytoken.len = protkey.len; 1620 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 1621 1622 memcpy(buf + sizeof(protkeytoken), &protkeytoken, 1623 sizeof(protkeytoken)); 1624 1625 return 2 * sizeof(protkeytoken); 1626 } 1627 1628 return sizeof(protkeytoken); 1629 } 1630 1631 static ssize_t protkey_aes_128_read(struct file *filp, 1632 struct kobject *kobj, 1633 struct bin_attribute *attr, 1634 char *buf, loff_t off, 1635 size_t count) 1636 { 1637 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 1638 off, count); 1639 } 1640 1641 static ssize_t protkey_aes_192_read(struct file *filp, 1642 struct kobject *kobj, 1643 struct bin_attribute *attr, 1644 char *buf, loff_t off, 1645 size_t count) 1646 { 1647 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 1648 off, count); 1649 } 1650 1651 static ssize_t protkey_aes_256_read(struct file *filp, 1652 struct kobject *kobj, 1653 struct bin_attribute *attr, 1654 char *buf, loff_t off, 1655 size_t count) 1656 { 1657 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 1658 off, count); 1659 } 1660 1661 static ssize_t protkey_aes_128_xts_read(struct file *filp, 1662 struct kobject *kobj, 1663 struct bin_attribute *attr, 1664 char *buf, loff_t off, 1665 size_t count) 1666 { 1667 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 1668 off, count); 1669 } 1670 1671 static ssize_t protkey_aes_256_xts_read(struct file *filp, 1672 struct kobject *kobj, 1673 struct bin_attribute *attr, 1674 char *buf, loff_t off, 1675 size_t count) 1676 { 1677 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 1678 off, count); 1679 } 1680 1681 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken)); 1682 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken)); 1683 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken)); 1684 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken)); 1685 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken)); 1686 1687 static struct bin_attribute *protkey_attrs[] = { 1688 &bin_attr_protkey_aes_128, 1689 &bin_attr_protkey_aes_192, 1690 &bin_attr_protkey_aes_256, 1691 &bin_attr_protkey_aes_128_xts, 1692 &bin_attr_protkey_aes_256_xts, 1693 NULL 1694 }; 1695 1696 static struct attribute_group protkey_attr_group = { 1697 .name = "protkey", 1698 .bin_attrs = protkey_attrs, 1699 }; 1700 1701 /* 1702 * Sysfs attribute read function for all secure key ccadata binary attributes. 1703 * The implementation can not deal with partial reads, because a new random 1704 * protected key blob is generated with each read. In case of partial reads 1705 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1706 */ 1707 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf, 1708 loff_t off, size_t count) 1709 { 1710 int rc; 1711 struct pkey_seckey *seckey = (struct pkey_seckey *) buf; 1712 1713 if (off != 0 || count < sizeof(struct secaeskeytoken)) 1714 return -EINVAL; 1715 if (is_xts) 1716 if (count < 2 * sizeof(struct secaeskeytoken)) 1717 return -EINVAL; 1718 1719 rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 1720 if (rc) 1721 return rc; 1722 1723 if (is_xts) { 1724 seckey++; 1725 rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 1726 if (rc) 1727 return rc; 1728 1729 return 2 * sizeof(struct secaeskeytoken); 1730 } 1731 1732 return sizeof(struct secaeskeytoken); 1733 } 1734 1735 static ssize_t ccadata_aes_128_read(struct file *filp, 1736 struct kobject *kobj, 1737 struct bin_attribute *attr, 1738 char *buf, loff_t off, 1739 size_t count) 1740 { 1741 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 1742 off, count); 1743 } 1744 1745 static ssize_t ccadata_aes_192_read(struct file *filp, 1746 struct kobject *kobj, 1747 struct bin_attribute *attr, 1748 char *buf, loff_t off, 1749 size_t count) 1750 { 1751 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 1752 off, count); 1753 } 1754 1755 static ssize_t ccadata_aes_256_read(struct file *filp, 1756 struct kobject *kobj, 1757 struct bin_attribute *attr, 1758 char *buf, loff_t off, 1759 size_t count) 1760 { 1761 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 1762 off, count); 1763 } 1764 1765 static ssize_t ccadata_aes_128_xts_read(struct file *filp, 1766 struct kobject *kobj, 1767 struct bin_attribute *attr, 1768 char *buf, loff_t off, 1769 size_t count) 1770 { 1771 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 1772 off, count); 1773 } 1774 1775 static ssize_t ccadata_aes_256_xts_read(struct file *filp, 1776 struct kobject *kobj, 1777 struct bin_attribute *attr, 1778 char *buf, loff_t off, 1779 size_t count) 1780 { 1781 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 1782 off, count); 1783 } 1784 1785 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken)); 1786 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken)); 1787 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken)); 1788 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken)); 1789 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken)); 1790 1791 static struct bin_attribute *ccadata_attrs[] = { 1792 &bin_attr_ccadata_aes_128, 1793 &bin_attr_ccadata_aes_192, 1794 &bin_attr_ccadata_aes_256, 1795 &bin_attr_ccadata_aes_128_xts, 1796 &bin_attr_ccadata_aes_256_xts, 1797 NULL 1798 }; 1799 1800 static struct attribute_group ccadata_attr_group = { 1801 .name = "ccadata", 1802 .bin_attrs = ccadata_attrs, 1803 }; 1804 1805 #define CCACIPHERTOKENSIZE (sizeof(struct cipherkeytoken) + 80) 1806 1807 /* 1808 * Sysfs attribute read function for all secure key ccacipher binary attributes. 1809 * The implementation can not deal with partial reads, because a new random 1810 * secure key blob is generated with each read. In case of partial reads 1811 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1812 */ 1813 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits, 1814 bool is_xts, char *buf, loff_t off, 1815 size_t count) 1816 { 1817 int i, rc, card, dom; 1818 u32 nr_apqns, *apqns = NULL; 1819 size_t keysize = CCACIPHERTOKENSIZE; 1820 1821 if (off != 0 || count < CCACIPHERTOKENSIZE) 1822 return -EINVAL; 1823 if (is_xts) 1824 if (count < 2 * CCACIPHERTOKENSIZE) 1825 return -EINVAL; 1826 1827 /* build a list of apqns able to generate an cipher key */ 1828 rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 1829 ZCRYPT_CEX6, 0, 0, 0, 0); 1830 if (rc) 1831 return rc; 1832 1833 memset(buf, 0, is_xts ? 2 * keysize : keysize); 1834 1835 /* simple try all apqns from the list */ 1836 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 1837 card = apqns[i] >> 16; 1838 dom = apqns[i] & 0xFFFF; 1839 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 1840 if (rc == 0) 1841 break; 1842 } 1843 if (rc) 1844 return rc; 1845 1846 if (is_xts) { 1847 keysize = CCACIPHERTOKENSIZE; 1848 buf += CCACIPHERTOKENSIZE; 1849 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 1850 if (rc == 0) 1851 return 2 * CCACIPHERTOKENSIZE; 1852 } 1853 1854 return CCACIPHERTOKENSIZE; 1855 } 1856 1857 static ssize_t ccacipher_aes_128_read(struct file *filp, 1858 struct kobject *kobj, 1859 struct bin_attribute *attr, 1860 char *buf, loff_t off, 1861 size_t count) 1862 { 1863 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 1864 off, count); 1865 } 1866 1867 static ssize_t ccacipher_aes_192_read(struct file *filp, 1868 struct kobject *kobj, 1869 struct bin_attribute *attr, 1870 char *buf, loff_t off, 1871 size_t count) 1872 { 1873 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 1874 off, count); 1875 } 1876 1877 static ssize_t ccacipher_aes_256_read(struct file *filp, 1878 struct kobject *kobj, 1879 struct bin_attribute *attr, 1880 char *buf, loff_t off, 1881 size_t count) 1882 { 1883 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 1884 off, count); 1885 } 1886 1887 static ssize_t ccacipher_aes_128_xts_read(struct file *filp, 1888 struct kobject *kobj, 1889 struct bin_attribute *attr, 1890 char *buf, loff_t off, 1891 size_t count) 1892 { 1893 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 1894 off, count); 1895 } 1896 1897 static ssize_t ccacipher_aes_256_xts_read(struct file *filp, 1898 struct kobject *kobj, 1899 struct bin_attribute *attr, 1900 char *buf, loff_t off, 1901 size_t count) 1902 { 1903 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 1904 off, count); 1905 } 1906 1907 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE); 1908 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE); 1909 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE); 1910 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE); 1911 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE); 1912 1913 static struct bin_attribute *ccacipher_attrs[] = { 1914 &bin_attr_ccacipher_aes_128, 1915 &bin_attr_ccacipher_aes_192, 1916 &bin_attr_ccacipher_aes_256, 1917 &bin_attr_ccacipher_aes_128_xts, 1918 &bin_attr_ccacipher_aes_256_xts, 1919 NULL 1920 }; 1921 1922 static struct attribute_group ccacipher_attr_group = { 1923 .name = "ccacipher", 1924 .bin_attrs = ccacipher_attrs, 1925 }; 1926 1927 /* 1928 * Sysfs attribute read function for all ep11 aes key binary attributes. 1929 * The implementation can not deal with partial reads, because a new random 1930 * secure key blob is generated with each read. In case of partial reads 1931 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1932 * This function and the sysfs attributes using it provide EP11 key blobs 1933 * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently 1934 * 320 bytes. 1935 */ 1936 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits, 1937 bool is_xts, char *buf, loff_t off, 1938 size_t count) 1939 { 1940 int i, rc, card, dom; 1941 u32 nr_apqns, *apqns = NULL; 1942 size_t keysize = MAXEP11AESKEYBLOBSIZE; 1943 1944 if (off != 0 || count < MAXEP11AESKEYBLOBSIZE) 1945 return -EINVAL; 1946 if (is_xts) 1947 if (count < 2 * MAXEP11AESKEYBLOBSIZE) 1948 return -EINVAL; 1949 1950 /* build a list of apqns able to generate an cipher key */ 1951 rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 1952 ZCRYPT_CEX7, EP11_API_V, NULL); 1953 if (rc) 1954 return rc; 1955 1956 memset(buf, 0, is_xts ? 2 * keysize : keysize); 1957 1958 /* simple try all apqns from the list */ 1959 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 1960 card = apqns[i] >> 16; 1961 dom = apqns[i] & 0xFFFF; 1962 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize); 1963 if (rc == 0) 1964 break; 1965 } 1966 if (rc) 1967 return rc; 1968 1969 if (is_xts) { 1970 keysize = MAXEP11AESKEYBLOBSIZE; 1971 buf += MAXEP11AESKEYBLOBSIZE; 1972 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize); 1973 if (rc == 0) 1974 return 2 * MAXEP11AESKEYBLOBSIZE; 1975 } 1976 1977 return MAXEP11AESKEYBLOBSIZE; 1978 } 1979 1980 static ssize_t ep11_aes_128_read(struct file *filp, 1981 struct kobject *kobj, 1982 struct bin_attribute *attr, 1983 char *buf, loff_t off, 1984 size_t count) 1985 { 1986 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 1987 off, count); 1988 } 1989 1990 static ssize_t ep11_aes_192_read(struct file *filp, 1991 struct kobject *kobj, 1992 struct bin_attribute *attr, 1993 char *buf, loff_t off, 1994 size_t count) 1995 { 1996 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 1997 off, count); 1998 } 1999 2000 static ssize_t ep11_aes_256_read(struct file *filp, 2001 struct kobject *kobj, 2002 struct bin_attribute *attr, 2003 char *buf, loff_t off, 2004 size_t count) 2005 { 2006 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 2007 off, count); 2008 } 2009 2010 static ssize_t ep11_aes_128_xts_read(struct file *filp, 2011 struct kobject *kobj, 2012 struct bin_attribute *attr, 2013 char *buf, loff_t off, 2014 size_t count) 2015 { 2016 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 2017 off, count); 2018 } 2019 2020 static ssize_t ep11_aes_256_xts_read(struct file *filp, 2021 struct kobject *kobj, 2022 struct bin_attribute *attr, 2023 char *buf, loff_t off, 2024 size_t count) 2025 { 2026 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 2027 off, count); 2028 } 2029 2030 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE); 2031 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE); 2032 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE); 2033 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE); 2034 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE); 2035 2036 static struct bin_attribute *ep11_attrs[] = { 2037 &bin_attr_ep11_aes_128, 2038 &bin_attr_ep11_aes_192, 2039 &bin_attr_ep11_aes_256, 2040 &bin_attr_ep11_aes_128_xts, 2041 &bin_attr_ep11_aes_256_xts, 2042 NULL 2043 }; 2044 2045 static struct attribute_group ep11_attr_group = { 2046 .name = "ep11", 2047 .bin_attrs = ep11_attrs, 2048 }; 2049 2050 static const struct attribute_group *pkey_attr_groups[] = { 2051 &protkey_attr_group, 2052 &ccadata_attr_group, 2053 &ccacipher_attr_group, 2054 &ep11_attr_group, 2055 NULL, 2056 }; 2057 2058 static const struct file_operations pkey_fops = { 2059 .owner = THIS_MODULE, 2060 .open = nonseekable_open, 2061 .llseek = no_llseek, 2062 .unlocked_ioctl = pkey_unlocked_ioctl, 2063 }; 2064 2065 static struct miscdevice pkey_dev = { 2066 .name = "pkey", 2067 .minor = MISC_DYNAMIC_MINOR, 2068 .mode = 0666, 2069 .fops = &pkey_fops, 2070 .groups = pkey_attr_groups, 2071 }; 2072 2073 /* 2074 * Module init 2075 */ 2076 static int __init pkey_init(void) 2077 { 2078 cpacf_mask_t func_mask; 2079 2080 /* 2081 * The pckmo instruction should be available - even if we don't 2082 * actually invoke it. This instruction comes with MSA 3 which 2083 * is also the minimum level for the kmc instructions which 2084 * are able to work with protected keys. 2085 */ 2086 if (!cpacf_query(CPACF_PCKMO, &func_mask)) 2087 return -ENODEV; 2088 2089 /* check for kmc instructions available */ 2090 if (!cpacf_query(CPACF_KMC, &func_mask)) 2091 return -ENODEV; 2092 if (!cpacf_test_func(&func_mask, CPACF_KMC_PAES_128) || 2093 !cpacf_test_func(&func_mask, CPACF_KMC_PAES_192) || 2094 !cpacf_test_func(&func_mask, CPACF_KMC_PAES_256)) 2095 return -ENODEV; 2096 2097 pkey_debug_init(); 2098 2099 return misc_register(&pkey_dev); 2100 } 2101 2102 /* 2103 * Module exit 2104 */ 2105 static void __exit pkey_exit(void) 2106 { 2107 misc_deregister(&pkey_dev); 2108 pkey_debug_exit(); 2109 } 2110 2111 module_cpu_feature_match(MSA, pkey_init); 2112 module_exit(pkey_exit); 2113