1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * pkey device driver 4 * 5 * Copyright IBM Corp. 2017, 2023 6 * 7 * Author(s): Harald Freudenberger 8 */ 9 10 #define KMSG_COMPONENT "pkey" 11 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 12 13 #include <linux/fs.h> 14 #include <linux/init.h> 15 #include <linux/miscdevice.h> 16 #include <linux/module.h> 17 #include <linux/slab.h> 18 #include <linux/kallsyms.h> 19 #include <linux/debugfs.h> 20 #include <linux/random.h> 21 #include <linux/cpufeature.h> 22 #include <asm/zcrypt.h> 23 #include <asm/cpacf.h> 24 #include <asm/pkey.h> 25 #include <crypto/aes.h> 26 27 #include "zcrypt_api.h" 28 #include "zcrypt_ccamisc.h" 29 #include "zcrypt_ep11misc.h" 30 31 MODULE_LICENSE("GPL"); 32 MODULE_AUTHOR("IBM Corporation"); 33 MODULE_DESCRIPTION("s390 protected key interface"); 34 35 #define KEYBLOBBUFSIZE 8192 /* key buffer size used for internal processing */ 36 #define MINKEYBLOBBUFSIZE (sizeof(struct keytoken_header)) 37 #define PROTKEYBLOBBUFSIZE 256 /* protected key buffer size used internal */ 38 #define MAXAPQNSINLIST 64 /* max 64 apqns within a apqn list */ 39 #define AES_WK_VP_SIZE 32 /* Size of WK VP block appended to a prot key */ 40 41 /* 42 * debug feature data and functions 43 */ 44 45 static debug_info_t *debug_info; 46 47 #define DEBUG_DBG(...) debug_sprintf_event(debug_info, 6, ##__VA_ARGS__) 48 #define DEBUG_INFO(...) debug_sprintf_event(debug_info, 5, ##__VA_ARGS__) 49 #define DEBUG_WARN(...) debug_sprintf_event(debug_info, 4, ##__VA_ARGS__) 50 #define DEBUG_ERR(...) debug_sprintf_event(debug_info, 3, ##__VA_ARGS__) 51 52 static void __init pkey_debug_init(void) 53 { 54 /* 5 arguments per dbf entry (including the format string ptr) */ 55 debug_info = debug_register("pkey", 1, 1, 5 * sizeof(long)); 56 debug_register_view(debug_info, &debug_sprintf_view); 57 debug_set_level(debug_info, 3); 58 } 59 60 static void __exit pkey_debug_exit(void) 61 { 62 debug_unregister(debug_info); 63 } 64 65 /* inside view of a protected key token (only type 0x00 version 0x01) */ 66 struct protaeskeytoken { 67 u8 type; /* 0x00 for PAES specific key tokens */ 68 u8 res0[3]; 69 u8 version; /* should be 0x01 for protected AES key token */ 70 u8 res1[3]; 71 u32 keytype; /* key type, one of the PKEY_KEYTYPE values */ 72 u32 len; /* bytes actually stored in protkey[] */ 73 u8 protkey[MAXPROTKEYSIZE]; /* the protected key blob */ 74 } __packed; 75 76 /* inside view of a clear key token (type 0x00 version 0x02) */ 77 struct clearkeytoken { 78 u8 type; /* 0x00 for PAES specific key tokens */ 79 u8 res0[3]; 80 u8 version; /* 0x02 for clear key token */ 81 u8 res1[3]; 82 u32 keytype; /* key type, one of the PKEY_KEYTYPE_* values */ 83 u32 len; /* bytes actually stored in clearkey[] */ 84 u8 clearkey[]; /* clear key value */ 85 } __packed; 86 87 /* helper function which translates the PKEY_KEYTYPE_AES_* to their keysize */ 88 static inline u32 pkey_keytype_aes_to_size(u32 keytype) 89 { 90 switch (keytype) { 91 case PKEY_KEYTYPE_AES_128: 92 return 16; 93 case PKEY_KEYTYPE_AES_192: 94 return 24; 95 case PKEY_KEYTYPE_AES_256: 96 return 32; 97 default: 98 return 0; 99 } 100 } 101 102 /* 103 * Create a protected key from a clear key value via PCKMO instruction. 104 */ 105 static int pkey_clr2protkey(u32 keytype, const u8 *clrkey, 106 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 107 { 108 /* mask of available pckmo subfunctions */ 109 static cpacf_mask_t pckmo_functions; 110 111 u8 paramblock[112]; 112 u32 pkeytype; 113 int keysize; 114 long fc; 115 116 switch (keytype) { 117 case PKEY_KEYTYPE_AES_128: 118 /* 16 byte key, 32 byte aes wkvp, total 48 bytes */ 119 keysize = 16; 120 pkeytype = keytype; 121 fc = CPACF_PCKMO_ENC_AES_128_KEY; 122 break; 123 case PKEY_KEYTYPE_AES_192: 124 /* 24 byte key, 32 byte aes wkvp, total 56 bytes */ 125 keysize = 24; 126 pkeytype = keytype; 127 fc = CPACF_PCKMO_ENC_AES_192_KEY; 128 break; 129 case PKEY_KEYTYPE_AES_256: 130 /* 32 byte key, 32 byte aes wkvp, total 64 bytes */ 131 keysize = 32; 132 pkeytype = keytype; 133 fc = CPACF_PCKMO_ENC_AES_256_KEY; 134 break; 135 case PKEY_KEYTYPE_ECC_P256: 136 /* 32 byte key, 32 byte aes wkvp, total 64 bytes */ 137 keysize = 32; 138 pkeytype = PKEY_KEYTYPE_ECC; 139 fc = CPACF_PCKMO_ENC_ECC_P256_KEY; 140 break; 141 case PKEY_KEYTYPE_ECC_P384: 142 /* 48 byte key, 32 byte aes wkvp, total 80 bytes */ 143 keysize = 48; 144 pkeytype = PKEY_KEYTYPE_ECC; 145 fc = CPACF_PCKMO_ENC_ECC_P384_KEY; 146 break; 147 case PKEY_KEYTYPE_ECC_P521: 148 /* 80 byte key, 32 byte aes wkvp, total 112 bytes */ 149 keysize = 80; 150 pkeytype = PKEY_KEYTYPE_ECC; 151 fc = CPACF_PCKMO_ENC_ECC_P521_KEY; 152 break; 153 case PKEY_KEYTYPE_ECC_ED25519: 154 /* 32 byte key, 32 byte aes wkvp, total 64 bytes */ 155 keysize = 32; 156 pkeytype = PKEY_KEYTYPE_ECC; 157 fc = CPACF_PCKMO_ENC_ECC_ED25519_KEY; 158 break; 159 case PKEY_KEYTYPE_ECC_ED448: 160 /* 64 byte key, 32 byte aes wkvp, total 96 bytes */ 161 keysize = 64; 162 pkeytype = PKEY_KEYTYPE_ECC; 163 fc = CPACF_PCKMO_ENC_ECC_ED448_KEY; 164 break; 165 default: 166 DEBUG_ERR("%s unknown/unsupported keytype %u\n", 167 __func__, keytype); 168 return -EINVAL; 169 } 170 171 if (*protkeylen < keysize + AES_WK_VP_SIZE) { 172 DEBUG_ERR("%s prot key buffer size too small: %u < %d\n", 173 __func__, *protkeylen, keysize + AES_WK_VP_SIZE); 174 return -EINVAL; 175 } 176 177 /* Did we already check for PCKMO ? */ 178 if (!pckmo_functions.bytes[0]) { 179 /* no, so check now */ 180 if (!cpacf_query(CPACF_PCKMO, &pckmo_functions)) 181 return -ENODEV; 182 } 183 /* check for the pckmo subfunction we need now */ 184 if (!cpacf_test_func(&pckmo_functions, fc)) { 185 DEBUG_ERR("%s pckmo functions not available\n", __func__); 186 return -ENODEV; 187 } 188 189 /* prepare param block */ 190 memset(paramblock, 0, sizeof(paramblock)); 191 memcpy(paramblock, clrkey, keysize); 192 193 /* call the pckmo instruction */ 194 cpacf_pckmo(fc, paramblock); 195 196 /* copy created protected key to key buffer including the wkvp block */ 197 *protkeylen = keysize + AES_WK_VP_SIZE; 198 memcpy(protkey, paramblock, *protkeylen); 199 *protkeytype = pkeytype; 200 201 return 0; 202 } 203 204 /* 205 * Find card and transform secure key into protected key. 206 */ 207 static int pkey_skey2pkey(const u8 *key, u8 *protkey, 208 u32 *protkeylen, u32 *protkeytype) 209 { 210 struct keytoken_header *hdr = (struct keytoken_header *)key; 211 u16 cardnr, domain; 212 int rc, verify; 213 214 zcrypt_wait_api_operational(); 215 216 /* 217 * The cca_xxx2protkey call may fail when a card has been 218 * addressed where the master key was changed after last fetch 219 * of the mkvp into the cache. Try 3 times: First without verify 220 * then with verify and last round with verify and old master 221 * key verification pattern match not ignored. 222 */ 223 for (verify = 0; verify < 3; verify++) { 224 rc = cca_findcard(key, &cardnr, &domain, verify); 225 if (rc < 0) 226 continue; 227 if (rc > 0 && verify < 2) 228 continue; 229 switch (hdr->version) { 230 case TOKVER_CCA_AES: 231 rc = cca_sec2protkey(cardnr, domain, key, 232 protkey, protkeylen, protkeytype); 233 break; 234 case TOKVER_CCA_VLSC: 235 rc = cca_cipher2protkey(cardnr, domain, key, 236 protkey, protkeylen, 237 protkeytype); 238 break; 239 default: 240 return -EINVAL; 241 } 242 if (rc == 0) 243 break; 244 } 245 246 if (rc) 247 DEBUG_DBG("%s failed rc=%d\n", __func__, rc); 248 249 return rc; 250 } 251 252 /* 253 * Construct EP11 key with given clear key value. 254 */ 255 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen, 256 u8 *keybuf, size_t *keybuflen) 257 { 258 u32 nr_apqns, *apqns = NULL; 259 u16 card, dom; 260 int i, rc; 261 262 zcrypt_wait_api_operational(); 263 264 /* build a list of apqns suitable for ep11 keys with cpacf support */ 265 rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 266 ZCRYPT_CEX7, EP11_API_V, NULL); 267 if (rc) 268 goto out; 269 270 /* go through the list of apqns and try to bild an ep11 key */ 271 for (rc = -ENODEV, i = 0; i < nr_apqns; i++) { 272 card = apqns[i] >> 16; 273 dom = apqns[i] & 0xFFFF; 274 rc = ep11_clr2keyblob(card, dom, clrkeylen * 8, 275 0, clrkey, keybuf, keybuflen); 276 if (rc == 0) 277 break; 278 } 279 280 out: 281 kfree(apqns); 282 if (rc) 283 DEBUG_DBG("%s failed rc=%d\n", __func__, rc); 284 return rc; 285 } 286 287 /* 288 * Find card and transform EP11 secure key into protected key. 289 */ 290 static int pkey_ep11key2pkey(const u8 *key, u8 *protkey, 291 u32 *protkeylen, u32 *protkeytype) 292 { 293 struct ep11keyblob *kb = (struct ep11keyblob *)key; 294 u32 nr_apqns, *apqns = NULL; 295 u16 card, dom; 296 int i, rc; 297 298 zcrypt_wait_api_operational(); 299 300 /* build a list of apqns suitable for this key */ 301 rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 302 ZCRYPT_CEX7, EP11_API_V, kb->wkvp); 303 if (rc) 304 goto out; 305 306 /* go through the list of apqns and try to derive an pkey */ 307 for (rc = -ENODEV, i = 0; i < nr_apqns; i++) { 308 card = apqns[i] >> 16; 309 dom = apqns[i] & 0xFFFF; 310 rc = ep11_kblob2protkey(card, dom, key, kb->head.len, 311 protkey, protkeylen, protkeytype); 312 if (rc == 0) 313 break; 314 } 315 316 out: 317 kfree(apqns); 318 if (rc) 319 DEBUG_DBG("%s failed rc=%d\n", __func__, rc); 320 return rc; 321 } 322 323 /* 324 * Verify key and give back some info about the key. 325 */ 326 static int pkey_verifykey(const struct pkey_seckey *seckey, 327 u16 *pcardnr, u16 *pdomain, 328 u16 *pkeysize, u32 *pattributes) 329 { 330 struct secaeskeytoken *t = (struct secaeskeytoken *)seckey; 331 u16 cardnr, domain; 332 int rc; 333 334 /* check the secure key for valid AES secure key */ 335 rc = cca_check_secaeskeytoken(debug_info, 3, (u8 *)seckey, 0); 336 if (rc) 337 goto out; 338 if (pattributes) 339 *pattributes = PKEY_VERIFY_ATTR_AES; 340 if (pkeysize) 341 *pkeysize = t->bitsize; 342 343 /* try to find a card which can handle this key */ 344 rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1); 345 if (rc < 0) 346 goto out; 347 348 if (rc > 0) { 349 /* key mkvp matches to old master key mkvp */ 350 DEBUG_DBG("%s secure key has old mkvp\n", __func__); 351 if (pattributes) 352 *pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP; 353 rc = 0; 354 } 355 356 if (pcardnr) 357 *pcardnr = cardnr; 358 if (pdomain) 359 *pdomain = domain; 360 361 out: 362 DEBUG_DBG("%s rc=%d\n", __func__, rc); 363 return rc; 364 } 365 366 /* 367 * Generate a random protected key 368 */ 369 static int pkey_genprotkey(u32 keytype, u8 *protkey, 370 u32 *protkeylen, u32 *protkeytype) 371 { 372 u8 clrkey[32]; 373 int keysize; 374 int rc; 375 376 keysize = pkey_keytype_aes_to_size(keytype); 377 if (!keysize) { 378 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__, 379 keytype); 380 return -EINVAL; 381 } 382 383 /* generate a dummy random clear key */ 384 get_random_bytes(clrkey, keysize); 385 386 /* convert it to a dummy protected key */ 387 rc = pkey_clr2protkey(keytype, clrkey, 388 protkey, protkeylen, protkeytype); 389 if (rc) 390 return rc; 391 392 /* replace the key part of the protected key with random bytes */ 393 get_random_bytes(protkey, keysize); 394 395 return 0; 396 } 397 398 /* 399 * Verify if a protected key is still valid 400 */ 401 static int pkey_verifyprotkey(const u8 *protkey, u32 protkeylen, 402 u32 protkeytype) 403 { 404 struct { 405 u8 iv[AES_BLOCK_SIZE]; 406 u8 key[MAXPROTKEYSIZE]; 407 } param; 408 u8 null_msg[AES_BLOCK_SIZE]; 409 u8 dest_buf[AES_BLOCK_SIZE]; 410 unsigned int k, pkeylen; 411 unsigned long fc; 412 413 switch (protkeytype) { 414 case PKEY_KEYTYPE_AES_128: 415 pkeylen = 16 + AES_WK_VP_SIZE; 416 fc = CPACF_KMC_PAES_128; 417 break; 418 case PKEY_KEYTYPE_AES_192: 419 pkeylen = 24 + AES_WK_VP_SIZE; 420 fc = CPACF_KMC_PAES_192; 421 break; 422 case PKEY_KEYTYPE_AES_256: 423 pkeylen = 32 + AES_WK_VP_SIZE; 424 fc = CPACF_KMC_PAES_256; 425 break; 426 default: 427 DEBUG_ERR("%s unknown/unsupported keytype %u\n", __func__, 428 protkeytype); 429 return -EINVAL; 430 } 431 if (protkeylen != pkeylen) { 432 DEBUG_ERR("%s invalid protected key size %u for keytype %u\n", 433 __func__, protkeylen, protkeytype); 434 return -EINVAL; 435 } 436 437 memset(null_msg, 0, sizeof(null_msg)); 438 439 memset(param.iv, 0, sizeof(param.iv)); 440 memcpy(param.key, protkey, protkeylen); 441 442 k = cpacf_kmc(fc | CPACF_ENCRYPT, ¶m, null_msg, dest_buf, 443 sizeof(null_msg)); 444 if (k != sizeof(null_msg)) { 445 DEBUG_ERR("%s protected key is not valid\n", __func__); 446 return -EKEYREJECTED; 447 } 448 449 return 0; 450 } 451 452 /* Helper for pkey_nonccatok2pkey, handles aes clear key token */ 453 static int nonccatokaes2pkey(const struct clearkeytoken *t, 454 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 455 { 456 size_t tmpbuflen = max_t(size_t, SECKEYBLOBSIZE, MAXEP11AESKEYBLOBSIZE); 457 u8 *tmpbuf = NULL; 458 u32 keysize; 459 int rc; 460 461 keysize = pkey_keytype_aes_to_size(t->keytype); 462 if (!keysize) { 463 DEBUG_ERR("%s unknown/unsupported keytype %u\n", 464 __func__, t->keytype); 465 return -EINVAL; 466 } 467 if (t->len != keysize) { 468 DEBUG_ERR("%s non clear key aes token: invalid key len %u\n", 469 __func__, t->len); 470 return -EINVAL; 471 } 472 473 /* try direct way with the PCKMO instruction */ 474 rc = pkey_clr2protkey(t->keytype, t->clearkey, 475 protkey, protkeylen, protkeytype); 476 if (!rc) 477 goto out; 478 479 /* PCKMO failed, so try the CCA secure key way */ 480 tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC); 481 if (!tmpbuf) 482 return -ENOMEM; 483 zcrypt_wait_api_operational(); 484 rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype, t->clearkey, tmpbuf); 485 if (rc) 486 goto try_via_ep11; 487 rc = pkey_skey2pkey(tmpbuf, 488 protkey, protkeylen, protkeytype); 489 if (!rc) 490 goto out; 491 492 try_via_ep11: 493 /* if the CCA way also failed, let's try via EP11 */ 494 rc = pkey_clr2ep11key(t->clearkey, t->len, 495 tmpbuf, &tmpbuflen); 496 if (rc) 497 goto failure; 498 rc = pkey_ep11key2pkey(tmpbuf, 499 protkey, protkeylen, protkeytype); 500 if (!rc) 501 goto out; 502 503 failure: 504 DEBUG_ERR("%s unable to build protected key from clear", __func__); 505 506 out: 507 kfree(tmpbuf); 508 return rc; 509 } 510 511 /* Helper for pkey_nonccatok2pkey, handles ecc clear key token */ 512 static int nonccatokecc2pkey(const struct clearkeytoken *t, 513 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 514 { 515 u32 keylen; 516 int rc; 517 518 switch (t->keytype) { 519 case PKEY_KEYTYPE_ECC_P256: 520 keylen = 32; 521 break; 522 case PKEY_KEYTYPE_ECC_P384: 523 keylen = 48; 524 break; 525 case PKEY_KEYTYPE_ECC_P521: 526 keylen = 80; 527 break; 528 case PKEY_KEYTYPE_ECC_ED25519: 529 keylen = 32; 530 break; 531 case PKEY_KEYTYPE_ECC_ED448: 532 keylen = 64; 533 break; 534 default: 535 DEBUG_ERR("%s unknown/unsupported keytype %u\n", 536 __func__, t->keytype); 537 return -EINVAL; 538 } 539 540 if (t->len != keylen) { 541 DEBUG_ERR("%s non clear key ecc token: invalid key len %u\n", 542 __func__, t->len); 543 return -EINVAL; 544 } 545 546 /* only one path possible: via PCKMO instruction */ 547 rc = pkey_clr2protkey(t->keytype, t->clearkey, 548 protkey, protkeylen, protkeytype); 549 if (rc) { 550 DEBUG_ERR("%s unable to build protected key from clear", 551 __func__); 552 } 553 554 return rc; 555 } 556 557 /* 558 * Transform a non-CCA key token into a protected key 559 */ 560 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen, 561 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 562 { 563 struct keytoken_header *hdr = (struct keytoken_header *)key; 564 int rc = -EINVAL; 565 566 switch (hdr->version) { 567 case TOKVER_PROTECTED_KEY: { 568 struct protaeskeytoken *t; 569 570 if (keylen != sizeof(struct protaeskeytoken)) 571 goto out; 572 t = (struct protaeskeytoken *)key; 573 rc = pkey_verifyprotkey(t->protkey, t->len, t->keytype); 574 if (rc) 575 goto out; 576 memcpy(protkey, t->protkey, t->len); 577 *protkeylen = t->len; 578 *protkeytype = t->keytype; 579 break; 580 } 581 case TOKVER_CLEAR_KEY: { 582 struct clearkeytoken *t = (struct clearkeytoken *)key; 583 584 if (keylen < sizeof(struct clearkeytoken) || 585 keylen != sizeof(*t) + t->len) 586 goto out; 587 switch (t->keytype) { 588 case PKEY_KEYTYPE_AES_128: 589 case PKEY_KEYTYPE_AES_192: 590 case PKEY_KEYTYPE_AES_256: 591 rc = nonccatokaes2pkey(t, protkey, 592 protkeylen, protkeytype); 593 break; 594 case PKEY_KEYTYPE_ECC_P256: 595 case PKEY_KEYTYPE_ECC_P384: 596 case PKEY_KEYTYPE_ECC_P521: 597 case PKEY_KEYTYPE_ECC_ED25519: 598 case PKEY_KEYTYPE_ECC_ED448: 599 rc = nonccatokecc2pkey(t, protkey, 600 protkeylen, protkeytype); 601 break; 602 default: 603 DEBUG_ERR("%s unknown/unsupported non cca clear key type %u\n", 604 __func__, t->keytype); 605 return -EINVAL; 606 } 607 break; 608 } 609 case TOKVER_EP11_AES: { 610 /* check ep11 key for exportable as protected key */ 611 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1); 612 if (rc) 613 goto out; 614 rc = pkey_ep11key2pkey(key, 615 protkey, protkeylen, protkeytype); 616 break; 617 } 618 case TOKVER_EP11_AES_WITH_HEADER: 619 /* check ep11 key with header for exportable as protected key */ 620 rc = ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1); 621 if (rc) 622 goto out; 623 rc = pkey_ep11key2pkey(key + sizeof(struct ep11kblob_header), 624 protkey, protkeylen, protkeytype); 625 break; 626 default: 627 DEBUG_ERR("%s unknown/unsupported non-CCA token version %d\n", 628 __func__, hdr->version); 629 } 630 631 out: 632 return rc; 633 } 634 635 /* 636 * Transform a CCA internal key token into a protected key 637 */ 638 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen, 639 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 640 { 641 struct keytoken_header *hdr = (struct keytoken_header *)key; 642 643 switch (hdr->version) { 644 case TOKVER_CCA_AES: 645 if (keylen != sizeof(struct secaeskeytoken)) 646 return -EINVAL; 647 break; 648 case TOKVER_CCA_VLSC: 649 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 650 return -EINVAL; 651 break; 652 default: 653 DEBUG_ERR("%s unknown/unsupported CCA internal token version %d\n", 654 __func__, hdr->version); 655 return -EINVAL; 656 } 657 658 return pkey_skey2pkey(key, protkey, protkeylen, protkeytype); 659 } 660 661 /* 662 * Transform a key blob (of any type) into a protected key 663 */ 664 int pkey_keyblob2pkey(const u8 *key, u32 keylen, 665 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 666 { 667 struct keytoken_header *hdr = (struct keytoken_header *)key; 668 int rc; 669 670 if (keylen < sizeof(struct keytoken_header)) { 671 DEBUG_ERR("%s invalid keylen %d\n", __func__, keylen); 672 return -EINVAL; 673 } 674 675 switch (hdr->type) { 676 case TOKTYPE_NON_CCA: 677 rc = pkey_nonccatok2pkey(key, keylen, 678 protkey, protkeylen, protkeytype); 679 break; 680 case TOKTYPE_CCA_INTERNAL: 681 rc = pkey_ccainttok2pkey(key, keylen, 682 protkey, protkeylen, protkeytype); 683 break; 684 default: 685 DEBUG_ERR("%s unknown/unsupported blob type %d\n", 686 __func__, hdr->type); 687 return -EINVAL; 688 } 689 690 DEBUG_DBG("%s rc=%d\n", __func__, rc); 691 return rc; 692 } 693 EXPORT_SYMBOL(pkey_keyblob2pkey); 694 695 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns, 696 enum pkey_key_type ktype, enum pkey_key_size ksize, 697 u32 kflags, u8 *keybuf, size_t *keybufsize) 698 { 699 int i, card, dom, rc; 700 701 /* check for at least one apqn given */ 702 if (!apqns || !nr_apqns) 703 return -EINVAL; 704 705 /* check key type and size */ 706 switch (ktype) { 707 case PKEY_TYPE_CCA_DATA: 708 case PKEY_TYPE_CCA_CIPHER: 709 if (*keybufsize < SECKEYBLOBSIZE) 710 return -EINVAL; 711 break; 712 case PKEY_TYPE_EP11: 713 if (*keybufsize < MINEP11AESKEYBLOBSIZE) 714 return -EINVAL; 715 break; 716 default: 717 return -EINVAL; 718 } 719 switch (ksize) { 720 case PKEY_SIZE_AES_128: 721 case PKEY_SIZE_AES_192: 722 case PKEY_SIZE_AES_256: 723 break; 724 default: 725 return -EINVAL; 726 } 727 728 /* simple try all apqns from the list */ 729 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 730 card = apqns[i].card; 731 dom = apqns[i].domain; 732 if (ktype == PKEY_TYPE_EP11) { 733 rc = ep11_genaeskey(card, dom, ksize, kflags, 734 keybuf, keybufsize); 735 } else if (ktype == PKEY_TYPE_CCA_DATA) { 736 rc = cca_genseckey(card, dom, ksize, keybuf); 737 *keybufsize = (rc ? 0 : SECKEYBLOBSIZE); 738 } else { 739 /* TOKVER_CCA_VLSC */ 740 rc = cca_gencipherkey(card, dom, ksize, kflags, 741 keybuf, keybufsize); 742 } 743 if (rc == 0) 744 break; 745 } 746 747 return rc; 748 } 749 750 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns, 751 enum pkey_key_type ktype, enum pkey_key_size ksize, 752 u32 kflags, const u8 *clrkey, 753 u8 *keybuf, size_t *keybufsize) 754 { 755 int i, card, dom, rc; 756 757 /* check for at least one apqn given */ 758 if (!apqns || !nr_apqns) 759 return -EINVAL; 760 761 /* check key type and size */ 762 switch (ktype) { 763 case PKEY_TYPE_CCA_DATA: 764 case PKEY_TYPE_CCA_CIPHER: 765 if (*keybufsize < SECKEYBLOBSIZE) 766 return -EINVAL; 767 break; 768 case PKEY_TYPE_EP11: 769 if (*keybufsize < MINEP11AESKEYBLOBSIZE) 770 return -EINVAL; 771 break; 772 default: 773 return -EINVAL; 774 } 775 switch (ksize) { 776 case PKEY_SIZE_AES_128: 777 case PKEY_SIZE_AES_192: 778 case PKEY_SIZE_AES_256: 779 break; 780 default: 781 return -EINVAL; 782 } 783 784 zcrypt_wait_api_operational(); 785 786 /* simple try all apqns from the list */ 787 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 788 card = apqns[i].card; 789 dom = apqns[i].domain; 790 if (ktype == PKEY_TYPE_EP11) { 791 rc = ep11_clr2keyblob(card, dom, ksize, kflags, 792 clrkey, keybuf, keybufsize); 793 } else if (ktype == PKEY_TYPE_CCA_DATA) { 794 rc = cca_clr2seckey(card, dom, ksize, 795 clrkey, keybuf); 796 *keybufsize = (rc ? 0 : SECKEYBLOBSIZE); 797 } else { 798 /* TOKVER_CCA_VLSC */ 799 rc = cca_clr2cipherkey(card, dom, ksize, kflags, 800 clrkey, keybuf, keybufsize); 801 } 802 if (rc == 0) 803 break; 804 } 805 806 return rc; 807 } 808 809 static int pkey_verifykey2(const u8 *key, size_t keylen, 810 u16 *cardnr, u16 *domain, 811 enum pkey_key_type *ktype, 812 enum pkey_key_size *ksize, u32 *flags) 813 { 814 struct keytoken_header *hdr = (struct keytoken_header *)key; 815 u32 _nr_apqns, *_apqns = NULL; 816 int rc; 817 818 if (keylen < sizeof(struct keytoken_header)) 819 return -EINVAL; 820 821 if (hdr->type == TOKTYPE_CCA_INTERNAL && 822 hdr->version == TOKVER_CCA_AES) { 823 struct secaeskeytoken *t = (struct secaeskeytoken *)key; 824 825 rc = cca_check_secaeskeytoken(debug_info, 3, key, 0); 826 if (rc) 827 goto out; 828 if (ktype) 829 *ktype = PKEY_TYPE_CCA_DATA; 830 if (ksize) 831 *ksize = (enum pkey_key_size)t->bitsize; 832 833 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 834 ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1); 835 if (rc == 0 && flags) 836 *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 837 if (rc == -ENODEV) { 838 rc = cca_findcard2(&_apqns, &_nr_apqns, 839 *cardnr, *domain, 840 ZCRYPT_CEX3C, AES_MK_SET, 841 0, t->mkvp, 1); 842 if (rc == 0 && flags) 843 *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 844 } 845 if (rc) 846 goto out; 847 848 *cardnr = ((struct pkey_apqn *)_apqns)->card; 849 *domain = ((struct pkey_apqn *)_apqns)->domain; 850 851 } else if (hdr->type == TOKTYPE_CCA_INTERNAL && 852 hdr->version == TOKVER_CCA_VLSC) { 853 struct cipherkeytoken *t = (struct cipherkeytoken *)key; 854 855 rc = cca_check_secaescipherkey(debug_info, 3, key, 0, 1); 856 if (rc) 857 goto out; 858 if (ktype) 859 *ktype = PKEY_TYPE_CCA_CIPHER; 860 if (ksize) { 861 *ksize = PKEY_SIZE_UNKNOWN; 862 if (!t->plfver && t->wpllen == 512) 863 *ksize = PKEY_SIZE_AES_128; 864 else if (!t->plfver && t->wpllen == 576) 865 *ksize = PKEY_SIZE_AES_192; 866 else if (!t->plfver && t->wpllen == 640) 867 *ksize = PKEY_SIZE_AES_256; 868 } 869 870 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 871 ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1); 872 if (rc == 0 && flags) 873 *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 874 if (rc == -ENODEV) { 875 rc = cca_findcard2(&_apqns, &_nr_apqns, 876 *cardnr, *domain, 877 ZCRYPT_CEX6, AES_MK_SET, 878 0, t->mkvp0, 1); 879 if (rc == 0 && flags) 880 *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 881 } 882 if (rc) 883 goto out; 884 885 *cardnr = ((struct pkey_apqn *)_apqns)->card; 886 *domain = ((struct pkey_apqn *)_apqns)->domain; 887 888 } else if (hdr->type == TOKTYPE_NON_CCA && 889 hdr->version == TOKVER_EP11_AES) { 890 struct ep11keyblob *kb = (struct ep11keyblob *)key; 891 892 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1); 893 if (rc) 894 goto out; 895 if (ktype) 896 *ktype = PKEY_TYPE_EP11; 897 if (ksize) 898 *ksize = kb->head.keybitlen; 899 900 rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 901 ZCRYPT_CEX7, EP11_API_V, kb->wkvp); 902 if (rc) 903 goto out; 904 905 if (flags) 906 *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 907 908 *cardnr = ((struct pkey_apqn *)_apqns)->card; 909 *domain = ((struct pkey_apqn *)_apqns)->domain; 910 911 } else { 912 rc = -EINVAL; 913 } 914 915 out: 916 kfree(_apqns); 917 return rc; 918 } 919 920 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns, 921 const u8 *key, size_t keylen, 922 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 923 { 924 struct keytoken_header *hdr = (struct keytoken_header *)key; 925 int i, card, dom, rc; 926 927 /* check for at least one apqn given */ 928 if (!apqns || !nr_apqns) 929 return -EINVAL; 930 931 if (keylen < sizeof(struct keytoken_header)) 932 return -EINVAL; 933 934 if (hdr->type == TOKTYPE_CCA_INTERNAL) { 935 if (hdr->version == TOKVER_CCA_AES) { 936 if (keylen != sizeof(struct secaeskeytoken)) 937 return -EINVAL; 938 if (cca_check_secaeskeytoken(debug_info, 3, key, 0)) 939 return -EINVAL; 940 } else if (hdr->version == TOKVER_CCA_VLSC) { 941 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 942 return -EINVAL; 943 if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1)) 944 return -EINVAL; 945 } else { 946 DEBUG_ERR("%s unknown CCA internal token version %d\n", 947 __func__, hdr->version); 948 return -EINVAL; 949 } 950 } else if (hdr->type == TOKTYPE_NON_CCA) { 951 if (hdr->version == TOKVER_EP11_AES) { 952 if (keylen < sizeof(struct ep11keyblob)) 953 return -EINVAL; 954 if (ep11_check_aes_key(debug_info, 3, key, keylen, 1)) 955 return -EINVAL; 956 } else { 957 return pkey_nonccatok2pkey(key, keylen, 958 protkey, protkeylen, 959 protkeytype); 960 } 961 } else { 962 DEBUG_ERR("%s unknown/unsupported blob type %d\n", 963 __func__, hdr->type); 964 return -EINVAL; 965 } 966 967 zcrypt_wait_api_operational(); 968 969 /* simple try all apqns from the list */ 970 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 971 card = apqns[i].card; 972 dom = apqns[i].domain; 973 if (hdr->type == TOKTYPE_CCA_INTERNAL && 974 hdr->version == TOKVER_CCA_AES) { 975 rc = cca_sec2protkey(card, dom, key, 976 protkey, protkeylen, protkeytype); 977 } else if (hdr->type == TOKTYPE_CCA_INTERNAL && 978 hdr->version == TOKVER_CCA_VLSC) { 979 rc = cca_cipher2protkey(card, dom, key, 980 protkey, protkeylen, 981 protkeytype); 982 } else { 983 /* EP11 AES secure key blob */ 984 struct ep11keyblob *kb = (struct ep11keyblob *)key; 985 986 rc = ep11_kblob2protkey(card, dom, key, kb->head.len, 987 protkey, protkeylen, 988 protkeytype); 989 } 990 if (rc == 0) 991 break; 992 } 993 994 return rc; 995 } 996 997 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags, 998 struct pkey_apqn *apqns, size_t *nr_apqns) 999 { 1000 struct keytoken_header *hdr = (struct keytoken_header *)key; 1001 u32 _nr_apqns, *_apqns = NULL; 1002 int rc; 1003 1004 if (keylen < sizeof(struct keytoken_header) || flags == 0) 1005 return -EINVAL; 1006 1007 zcrypt_wait_api_operational(); 1008 1009 if (hdr->type == TOKTYPE_NON_CCA && 1010 (hdr->version == TOKVER_EP11_AES_WITH_HEADER || 1011 hdr->version == TOKVER_EP11_ECC_WITH_HEADER) && 1012 is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 1013 struct ep11keyblob *kb = (struct ep11keyblob *) 1014 (key + sizeof(struct ep11kblob_header)); 1015 int minhwtype = 0, api = 0; 1016 1017 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP) 1018 return -EINVAL; 1019 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) { 1020 minhwtype = ZCRYPT_CEX7; 1021 api = EP11_API_V; 1022 } 1023 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 1024 minhwtype, api, kb->wkvp); 1025 if (rc) 1026 goto out; 1027 } else if (hdr->type == TOKTYPE_NON_CCA && 1028 hdr->version == TOKVER_EP11_AES && 1029 is_ep11_keyblob(key)) { 1030 struct ep11keyblob *kb = (struct ep11keyblob *)key; 1031 int minhwtype = 0, api = 0; 1032 1033 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP) 1034 return -EINVAL; 1035 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) { 1036 minhwtype = ZCRYPT_CEX7; 1037 api = EP11_API_V; 1038 } 1039 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 1040 minhwtype, api, kb->wkvp); 1041 if (rc) 1042 goto out; 1043 } else if (hdr->type == TOKTYPE_CCA_INTERNAL) { 1044 u64 cur_mkvp = 0, old_mkvp = 0; 1045 int minhwtype = ZCRYPT_CEX3C; 1046 1047 if (hdr->version == TOKVER_CCA_AES) { 1048 struct secaeskeytoken *t = (struct secaeskeytoken *)key; 1049 1050 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 1051 cur_mkvp = t->mkvp; 1052 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 1053 old_mkvp = t->mkvp; 1054 } else if (hdr->version == TOKVER_CCA_VLSC) { 1055 struct cipherkeytoken *t = (struct cipherkeytoken *)key; 1056 1057 minhwtype = ZCRYPT_CEX6; 1058 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 1059 cur_mkvp = t->mkvp0; 1060 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 1061 old_mkvp = t->mkvp0; 1062 } else { 1063 /* unknown cca internal token type */ 1064 return -EINVAL; 1065 } 1066 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 1067 minhwtype, AES_MK_SET, 1068 cur_mkvp, old_mkvp, 1); 1069 if (rc) 1070 goto out; 1071 } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) { 1072 struct eccprivkeytoken *t = (struct eccprivkeytoken *)key; 1073 u64 cur_mkvp = 0, old_mkvp = 0; 1074 1075 if (t->secid == 0x20) { 1076 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 1077 cur_mkvp = t->mkvp; 1078 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 1079 old_mkvp = t->mkvp; 1080 } else { 1081 /* unknown cca internal 2 token type */ 1082 return -EINVAL; 1083 } 1084 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 1085 ZCRYPT_CEX7, APKA_MK_SET, 1086 cur_mkvp, old_mkvp, 1); 1087 if (rc) 1088 goto out; 1089 } else { 1090 return -EINVAL; 1091 } 1092 1093 if (apqns) { 1094 if (*nr_apqns < _nr_apqns) 1095 rc = -ENOSPC; 1096 else 1097 memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 1098 } 1099 *nr_apqns = _nr_apqns; 1100 1101 out: 1102 kfree(_apqns); 1103 return rc; 1104 } 1105 1106 static int pkey_apqns4keytype(enum pkey_key_type ktype, 1107 u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags, 1108 struct pkey_apqn *apqns, size_t *nr_apqns) 1109 { 1110 u32 _nr_apqns, *_apqns = NULL; 1111 int rc; 1112 1113 zcrypt_wait_api_operational(); 1114 1115 if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) { 1116 u64 cur_mkvp = 0, old_mkvp = 0; 1117 int minhwtype = ZCRYPT_CEX3C; 1118 1119 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 1120 cur_mkvp = *((u64 *)cur_mkvp); 1121 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 1122 old_mkvp = *((u64 *)alt_mkvp); 1123 if (ktype == PKEY_TYPE_CCA_CIPHER) 1124 minhwtype = ZCRYPT_CEX6; 1125 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 1126 minhwtype, AES_MK_SET, 1127 cur_mkvp, old_mkvp, 1); 1128 if (rc) 1129 goto out; 1130 } else if (ktype == PKEY_TYPE_CCA_ECC) { 1131 u64 cur_mkvp = 0, old_mkvp = 0; 1132 1133 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 1134 cur_mkvp = *((u64 *)cur_mkvp); 1135 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 1136 old_mkvp = *((u64 *)alt_mkvp); 1137 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 1138 ZCRYPT_CEX7, APKA_MK_SET, 1139 cur_mkvp, old_mkvp, 1); 1140 if (rc) 1141 goto out; 1142 1143 } else if (ktype == PKEY_TYPE_EP11 || 1144 ktype == PKEY_TYPE_EP11_AES || 1145 ktype == PKEY_TYPE_EP11_ECC) { 1146 u8 *wkvp = NULL; 1147 1148 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 1149 wkvp = cur_mkvp; 1150 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 1151 ZCRYPT_CEX7, EP11_API_V, wkvp); 1152 if (rc) 1153 goto out; 1154 1155 } else { 1156 return -EINVAL; 1157 } 1158 1159 if (apqns) { 1160 if (*nr_apqns < _nr_apqns) 1161 rc = -ENOSPC; 1162 else 1163 memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 1164 } 1165 *nr_apqns = _nr_apqns; 1166 1167 out: 1168 kfree(_apqns); 1169 return rc; 1170 } 1171 1172 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns, 1173 const u8 *key, size_t keylen, 1174 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 1175 { 1176 struct keytoken_header *hdr = (struct keytoken_header *)key; 1177 int i, card, dom, rc; 1178 1179 /* check for at least one apqn given */ 1180 if (!apqns || !nr_apqns) 1181 return -EINVAL; 1182 1183 if (keylen < sizeof(struct keytoken_header)) 1184 return -EINVAL; 1185 1186 if (hdr->type == TOKTYPE_NON_CCA && 1187 hdr->version == TOKVER_EP11_AES_WITH_HEADER && 1188 is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 1189 /* EP11 AES key blob with header */ 1190 if (ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1)) 1191 return -EINVAL; 1192 } else if (hdr->type == TOKTYPE_NON_CCA && 1193 hdr->version == TOKVER_EP11_ECC_WITH_HEADER && 1194 is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 1195 /* EP11 ECC key blob with header */ 1196 if (ep11_check_ecc_key_with_hdr(debug_info, 3, key, keylen, 1)) 1197 return -EINVAL; 1198 } else if (hdr->type == TOKTYPE_NON_CCA && 1199 hdr->version == TOKVER_EP11_AES && 1200 is_ep11_keyblob(key)) { 1201 /* EP11 AES key blob with header in session field */ 1202 if (ep11_check_aes_key(debug_info, 3, key, keylen, 1)) 1203 return -EINVAL; 1204 } else if (hdr->type == TOKTYPE_CCA_INTERNAL) { 1205 if (hdr->version == TOKVER_CCA_AES) { 1206 /* CCA AES data key */ 1207 if (keylen != sizeof(struct secaeskeytoken)) 1208 return -EINVAL; 1209 if (cca_check_secaeskeytoken(debug_info, 3, key, 0)) 1210 return -EINVAL; 1211 } else if (hdr->version == TOKVER_CCA_VLSC) { 1212 /* CCA AES cipher key */ 1213 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 1214 return -EINVAL; 1215 if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1)) 1216 return -EINVAL; 1217 } else { 1218 DEBUG_ERR("%s unknown CCA internal token version %d\n", 1219 __func__, hdr->version); 1220 return -EINVAL; 1221 } 1222 } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) { 1223 /* CCA ECC (private) key */ 1224 if (keylen < sizeof(struct eccprivkeytoken)) 1225 return -EINVAL; 1226 if (cca_check_sececckeytoken(debug_info, 3, key, keylen, 1)) 1227 return -EINVAL; 1228 } else if (hdr->type == TOKTYPE_NON_CCA) { 1229 return pkey_nonccatok2pkey(key, keylen, 1230 protkey, protkeylen, protkeytype); 1231 } else { 1232 DEBUG_ERR("%s unknown/unsupported blob type %d\n", 1233 __func__, hdr->type); 1234 return -EINVAL; 1235 } 1236 1237 /* simple try all apqns from the list */ 1238 for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) { 1239 card = apqns[i].card; 1240 dom = apqns[i].domain; 1241 if (hdr->type == TOKTYPE_NON_CCA && 1242 (hdr->version == TOKVER_EP11_AES_WITH_HEADER || 1243 hdr->version == TOKVER_EP11_ECC_WITH_HEADER) && 1244 is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) 1245 rc = ep11_kblob2protkey(card, dom, key, hdr->len, 1246 protkey, protkeylen, protkeytype); 1247 else if (hdr->type == TOKTYPE_NON_CCA && 1248 hdr->version == TOKVER_EP11_AES && 1249 is_ep11_keyblob(key)) 1250 rc = ep11_kblob2protkey(card, dom, key, hdr->len, 1251 protkey, protkeylen, protkeytype); 1252 else if (hdr->type == TOKTYPE_CCA_INTERNAL && 1253 hdr->version == TOKVER_CCA_AES) 1254 rc = cca_sec2protkey(card, dom, key, protkey, 1255 protkeylen, protkeytype); 1256 else if (hdr->type == TOKTYPE_CCA_INTERNAL && 1257 hdr->version == TOKVER_CCA_VLSC) 1258 rc = cca_cipher2protkey(card, dom, key, protkey, 1259 protkeylen, protkeytype); 1260 else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) 1261 rc = cca_ecc2protkey(card, dom, key, protkey, 1262 protkeylen, protkeytype); 1263 else 1264 return -EINVAL; 1265 } 1266 1267 return rc; 1268 } 1269 1270 /* 1271 * File io functions 1272 */ 1273 1274 static void *_copy_key_from_user(void __user *ukey, size_t keylen) 1275 { 1276 if (!ukey || keylen < MINKEYBLOBBUFSIZE || keylen > KEYBLOBBUFSIZE) 1277 return ERR_PTR(-EINVAL); 1278 1279 return memdup_user(ukey, keylen); 1280 } 1281 1282 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns) 1283 { 1284 if (!uapqns || nr_apqns == 0) 1285 return NULL; 1286 1287 return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn)); 1288 } 1289 1290 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd, 1291 unsigned long arg) 1292 { 1293 int rc; 1294 1295 switch (cmd) { 1296 case PKEY_GENSECK: { 1297 struct pkey_genseck __user *ugs = (void __user *)arg; 1298 struct pkey_genseck kgs; 1299 1300 if (copy_from_user(&kgs, ugs, sizeof(kgs))) 1301 return -EFAULT; 1302 rc = cca_genseckey(kgs.cardnr, kgs.domain, 1303 kgs.keytype, kgs.seckey.seckey); 1304 DEBUG_DBG("%s cca_genseckey()=%d\n", __func__, rc); 1305 if (rc) 1306 break; 1307 if (copy_to_user(ugs, &kgs, sizeof(kgs))) 1308 return -EFAULT; 1309 break; 1310 } 1311 case PKEY_CLR2SECK: { 1312 struct pkey_clr2seck __user *ucs = (void __user *)arg; 1313 struct pkey_clr2seck kcs; 1314 1315 if (copy_from_user(&kcs, ucs, sizeof(kcs))) 1316 return -EFAULT; 1317 rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype, 1318 kcs.clrkey.clrkey, kcs.seckey.seckey); 1319 DEBUG_DBG("%s cca_clr2seckey()=%d\n", __func__, rc); 1320 if (rc) 1321 break; 1322 if (copy_to_user(ucs, &kcs, sizeof(kcs))) 1323 return -EFAULT; 1324 memzero_explicit(&kcs, sizeof(kcs)); 1325 break; 1326 } 1327 case PKEY_SEC2PROTK: { 1328 struct pkey_sec2protk __user *usp = (void __user *)arg; 1329 struct pkey_sec2protk ksp; 1330 1331 if (copy_from_user(&ksp, usp, sizeof(ksp))) 1332 return -EFAULT; 1333 ksp.protkey.len = sizeof(ksp.protkey.protkey); 1334 rc = cca_sec2protkey(ksp.cardnr, ksp.domain, 1335 ksp.seckey.seckey, ksp.protkey.protkey, 1336 &ksp.protkey.len, &ksp.protkey.type); 1337 DEBUG_DBG("%s cca_sec2protkey()=%d\n", __func__, rc); 1338 if (rc) 1339 break; 1340 if (copy_to_user(usp, &ksp, sizeof(ksp))) 1341 return -EFAULT; 1342 break; 1343 } 1344 case PKEY_CLR2PROTK: { 1345 struct pkey_clr2protk __user *ucp = (void __user *)arg; 1346 struct pkey_clr2protk kcp; 1347 1348 if (copy_from_user(&kcp, ucp, sizeof(kcp))) 1349 return -EFAULT; 1350 kcp.protkey.len = sizeof(kcp.protkey.protkey); 1351 rc = pkey_clr2protkey(kcp.keytype, kcp.clrkey.clrkey, 1352 kcp.protkey.protkey, 1353 &kcp.protkey.len, &kcp.protkey.type); 1354 DEBUG_DBG("%s pkey_clr2protkey()=%d\n", __func__, rc); 1355 if (rc) 1356 break; 1357 if (copy_to_user(ucp, &kcp, sizeof(kcp))) 1358 return -EFAULT; 1359 memzero_explicit(&kcp, sizeof(kcp)); 1360 break; 1361 } 1362 case PKEY_FINDCARD: { 1363 struct pkey_findcard __user *ufc = (void __user *)arg; 1364 struct pkey_findcard kfc; 1365 1366 if (copy_from_user(&kfc, ufc, sizeof(kfc))) 1367 return -EFAULT; 1368 rc = cca_findcard(kfc.seckey.seckey, 1369 &kfc.cardnr, &kfc.domain, 1); 1370 DEBUG_DBG("%s cca_findcard()=%d\n", __func__, rc); 1371 if (rc < 0) 1372 break; 1373 if (copy_to_user(ufc, &kfc, sizeof(kfc))) 1374 return -EFAULT; 1375 break; 1376 } 1377 case PKEY_SKEY2PKEY: { 1378 struct pkey_skey2pkey __user *usp = (void __user *)arg; 1379 struct pkey_skey2pkey ksp; 1380 1381 if (copy_from_user(&ksp, usp, sizeof(ksp))) 1382 return -EFAULT; 1383 ksp.protkey.len = sizeof(ksp.protkey.protkey); 1384 rc = pkey_skey2pkey(ksp.seckey.seckey, ksp.protkey.protkey, 1385 &ksp.protkey.len, &ksp.protkey.type); 1386 DEBUG_DBG("%s pkey_skey2pkey()=%d\n", __func__, rc); 1387 if (rc) 1388 break; 1389 if (copy_to_user(usp, &ksp, sizeof(ksp))) 1390 return -EFAULT; 1391 break; 1392 } 1393 case PKEY_VERIFYKEY: { 1394 struct pkey_verifykey __user *uvk = (void __user *)arg; 1395 struct pkey_verifykey kvk; 1396 1397 if (copy_from_user(&kvk, uvk, sizeof(kvk))) 1398 return -EFAULT; 1399 rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain, 1400 &kvk.keysize, &kvk.attributes); 1401 DEBUG_DBG("%s pkey_verifykey()=%d\n", __func__, rc); 1402 if (rc) 1403 break; 1404 if (copy_to_user(uvk, &kvk, sizeof(kvk))) 1405 return -EFAULT; 1406 break; 1407 } 1408 case PKEY_GENPROTK: { 1409 struct pkey_genprotk __user *ugp = (void __user *)arg; 1410 struct pkey_genprotk kgp; 1411 1412 if (copy_from_user(&kgp, ugp, sizeof(kgp))) 1413 return -EFAULT; 1414 kgp.protkey.len = sizeof(kgp.protkey.protkey); 1415 rc = pkey_genprotkey(kgp.keytype, kgp.protkey.protkey, 1416 &kgp.protkey.len, &kgp.protkey.type); 1417 DEBUG_DBG("%s pkey_genprotkey()=%d\n", __func__, rc); 1418 if (rc) 1419 break; 1420 if (copy_to_user(ugp, &kgp, sizeof(kgp))) 1421 return -EFAULT; 1422 break; 1423 } 1424 case PKEY_VERIFYPROTK: { 1425 struct pkey_verifyprotk __user *uvp = (void __user *)arg; 1426 struct pkey_verifyprotk kvp; 1427 1428 if (copy_from_user(&kvp, uvp, sizeof(kvp))) 1429 return -EFAULT; 1430 rc = pkey_verifyprotkey(kvp.protkey.protkey, 1431 kvp.protkey.len, kvp.protkey.type); 1432 DEBUG_DBG("%s pkey_verifyprotkey()=%d\n", __func__, rc); 1433 break; 1434 } 1435 case PKEY_KBLOB2PROTK: { 1436 struct pkey_kblob2pkey __user *utp = (void __user *)arg; 1437 struct pkey_kblob2pkey ktp; 1438 u8 *kkey; 1439 1440 if (copy_from_user(&ktp, utp, sizeof(ktp))) 1441 return -EFAULT; 1442 kkey = _copy_key_from_user(ktp.key, ktp.keylen); 1443 if (IS_ERR(kkey)) 1444 return PTR_ERR(kkey); 1445 ktp.protkey.len = sizeof(ktp.protkey.protkey); 1446 rc = pkey_keyblob2pkey(kkey, ktp.keylen, ktp.protkey.protkey, 1447 &ktp.protkey.len, &ktp.protkey.type); 1448 DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc); 1449 memzero_explicit(kkey, ktp.keylen); 1450 kfree(kkey); 1451 if (rc) 1452 break; 1453 if (copy_to_user(utp, &ktp, sizeof(ktp))) 1454 return -EFAULT; 1455 break; 1456 } 1457 case PKEY_GENSECK2: { 1458 struct pkey_genseck2 __user *ugs = (void __user *)arg; 1459 size_t klen = KEYBLOBBUFSIZE; 1460 struct pkey_genseck2 kgs; 1461 struct pkey_apqn *apqns; 1462 u8 *kkey; 1463 1464 if (copy_from_user(&kgs, ugs, sizeof(kgs))) 1465 return -EFAULT; 1466 apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries); 1467 if (IS_ERR(apqns)) 1468 return PTR_ERR(apqns); 1469 kkey = kmalloc(klen, GFP_KERNEL); 1470 if (!kkey) { 1471 kfree(apqns); 1472 return -ENOMEM; 1473 } 1474 rc = pkey_genseckey2(apqns, kgs.apqn_entries, 1475 kgs.type, kgs.size, kgs.keygenflags, 1476 kkey, &klen); 1477 DEBUG_DBG("%s pkey_genseckey2()=%d\n", __func__, rc); 1478 kfree(apqns); 1479 if (rc) { 1480 kfree(kkey); 1481 break; 1482 } 1483 if (kgs.key) { 1484 if (kgs.keylen < klen) { 1485 kfree(kkey); 1486 return -EINVAL; 1487 } 1488 if (copy_to_user(kgs.key, kkey, klen)) { 1489 kfree(kkey); 1490 return -EFAULT; 1491 } 1492 } 1493 kgs.keylen = klen; 1494 if (copy_to_user(ugs, &kgs, sizeof(kgs))) 1495 rc = -EFAULT; 1496 kfree(kkey); 1497 break; 1498 } 1499 case PKEY_CLR2SECK2: { 1500 struct pkey_clr2seck2 __user *ucs = (void __user *)arg; 1501 size_t klen = KEYBLOBBUFSIZE; 1502 struct pkey_clr2seck2 kcs; 1503 struct pkey_apqn *apqns; 1504 u8 *kkey; 1505 1506 if (copy_from_user(&kcs, ucs, sizeof(kcs))) 1507 return -EFAULT; 1508 apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries); 1509 if (IS_ERR(apqns)) 1510 return PTR_ERR(apqns); 1511 kkey = kmalloc(klen, GFP_KERNEL); 1512 if (!kkey) { 1513 kfree(apqns); 1514 return -ENOMEM; 1515 } 1516 rc = pkey_clr2seckey2(apqns, kcs.apqn_entries, 1517 kcs.type, kcs.size, kcs.keygenflags, 1518 kcs.clrkey.clrkey, kkey, &klen); 1519 DEBUG_DBG("%s pkey_clr2seckey2()=%d\n", __func__, rc); 1520 kfree(apqns); 1521 if (rc) { 1522 kfree(kkey); 1523 break; 1524 } 1525 if (kcs.key) { 1526 if (kcs.keylen < klen) { 1527 kfree(kkey); 1528 return -EINVAL; 1529 } 1530 if (copy_to_user(kcs.key, kkey, klen)) { 1531 kfree(kkey); 1532 return -EFAULT; 1533 } 1534 } 1535 kcs.keylen = klen; 1536 if (copy_to_user(ucs, &kcs, sizeof(kcs))) 1537 rc = -EFAULT; 1538 memzero_explicit(&kcs, sizeof(kcs)); 1539 kfree(kkey); 1540 break; 1541 } 1542 case PKEY_VERIFYKEY2: { 1543 struct pkey_verifykey2 __user *uvk = (void __user *)arg; 1544 struct pkey_verifykey2 kvk; 1545 u8 *kkey; 1546 1547 if (copy_from_user(&kvk, uvk, sizeof(kvk))) 1548 return -EFAULT; 1549 kkey = _copy_key_from_user(kvk.key, kvk.keylen); 1550 if (IS_ERR(kkey)) 1551 return PTR_ERR(kkey); 1552 rc = pkey_verifykey2(kkey, kvk.keylen, 1553 &kvk.cardnr, &kvk.domain, 1554 &kvk.type, &kvk.size, &kvk.flags); 1555 DEBUG_DBG("%s pkey_verifykey2()=%d\n", __func__, rc); 1556 kfree(kkey); 1557 if (rc) 1558 break; 1559 if (copy_to_user(uvk, &kvk, sizeof(kvk))) 1560 return -EFAULT; 1561 break; 1562 } 1563 case PKEY_KBLOB2PROTK2: { 1564 struct pkey_kblob2pkey2 __user *utp = (void __user *)arg; 1565 struct pkey_apqn *apqns = NULL; 1566 struct pkey_kblob2pkey2 ktp; 1567 u8 *kkey; 1568 1569 if (copy_from_user(&ktp, utp, sizeof(ktp))) 1570 return -EFAULT; 1571 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries); 1572 if (IS_ERR(apqns)) 1573 return PTR_ERR(apqns); 1574 kkey = _copy_key_from_user(ktp.key, ktp.keylen); 1575 if (IS_ERR(kkey)) { 1576 kfree(apqns); 1577 return PTR_ERR(kkey); 1578 } 1579 ktp.protkey.len = sizeof(ktp.protkey.protkey); 1580 rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries, 1581 kkey, ktp.keylen, 1582 ktp.protkey.protkey, &ktp.protkey.len, 1583 &ktp.protkey.type); 1584 DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc); 1585 kfree(apqns); 1586 memzero_explicit(kkey, ktp.keylen); 1587 kfree(kkey); 1588 if (rc) 1589 break; 1590 if (copy_to_user(utp, &ktp, sizeof(ktp))) 1591 return -EFAULT; 1592 break; 1593 } 1594 case PKEY_APQNS4K: { 1595 struct pkey_apqns4key __user *uak = (void __user *)arg; 1596 struct pkey_apqn *apqns = NULL; 1597 struct pkey_apqns4key kak; 1598 size_t nr_apqns, len; 1599 u8 *kkey; 1600 1601 if (copy_from_user(&kak, uak, sizeof(kak))) 1602 return -EFAULT; 1603 nr_apqns = kak.apqn_entries; 1604 if (nr_apqns) { 1605 apqns = kmalloc_array(nr_apqns, 1606 sizeof(struct pkey_apqn), 1607 GFP_KERNEL); 1608 if (!apqns) 1609 return -ENOMEM; 1610 } 1611 kkey = _copy_key_from_user(kak.key, kak.keylen); 1612 if (IS_ERR(kkey)) { 1613 kfree(apqns); 1614 return PTR_ERR(kkey); 1615 } 1616 rc = pkey_apqns4key(kkey, kak.keylen, kak.flags, 1617 apqns, &nr_apqns); 1618 DEBUG_DBG("%s pkey_apqns4key()=%d\n", __func__, rc); 1619 kfree(kkey); 1620 if (rc && rc != -ENOSPC) { 1621 kfree(apqns); 1622 break; 1623 } 1624 if (!rc && kak.apqns) { 1625 if (nr_apqns > kak.apqn_entries) { 1626 kfree(apqns); 1627 return -EINVAL; 1628 } 1629 len = nr_apqns * sizeof(struct pkey_apqn); 1630 if (len) { 1631 if (copy_to_user(kak.apqns, apqns, len)) { 1632 kfree(apqns); 1633 return -EFAULT; 1634 } 1635 } 1636 } 1637 kak.apqn_entries = nr_apqns; 1638 if (copy_to_user(uak, &kak, sizeof(kak))) 1639 rc = -EFAULT; 1640 kfree(apqns); 1641 break; 1642 } 1643 case PKEY_APQNS4KT: { 1644 struct pkey_apqns4keytype __user *uat = (void __user *)arg; 1645 struct pkey_apqn *apqns = NULL; 1646 struct pkey_apqns4keytype kat; 1647 size_t nr_apqns, len; 1648 1649 if (copy_from_user(&kat, uat, sizeof(kat))) 1650 return -EFAULT; 1651 nr_apqns = kat.apqn_entries; 1652 if (nr_apqns) { 1653 apqns = kmalloc_array(nr_apqns, 1654 sizeof(struct pkey_apqn), 1655 GFP_KERNEL); 1656 if (!apqns) 1657 return -ENOMEM; 1658 } 1659 rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp, 1660 kat.flags, apqns, &nr_apqns); 1661 DEBUG_DBG("%s pkey_apqns4keytype()=%d\n", __func__, rc); 1662 if (rc && rc != -ENOSPC) { 1663 kfree(apqns); 1664 break; 1665 } 1666 if (!rc && kat.apqns) { 1667 if (nr_apqns > kat.apqn_entries) { 1668 kfree(apqns); 1669 return -EINVAL; 1670 } 1671 len = nr_apqns * sizeof(struct pkey_apqn); 1672 if (len) { 1673 if (copy_to_user(kat.apqns, apqns, len)) { 1674 kfree(apqns); 1675 return -EFAULT; 1676 } 1677 } 1678 } 1679 kat.apqn_entries = nr_apqns; 1680 if (copy_to_user(uat, &kat, sizeof(kat))) 1681 rc = -EFAULT; 1682 kfree(apqns); 1683 break; 1684 } 1685 case PKEY_KBLOB2PROTK3: { 1686 struct pkey_kblob2pkey3 __user *utp = (void __user *)arg; 1687 u32 protkeylen = PROTKEYBLOBBUFSIZE; 1688 struct pkey_apqn *apqns = NULL; 1689 struct pkey_kblob2pkey3 ktp; 1690 u8 *kkey, *protkey; 1691 1692 if (copy_from_user(&ktp, utp, sizeof(ktp))) 1693 return -EFAULT; 1694 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries); 1695 if (IS_ERR(apqns)) 1696 return PTR_ERR(apqns); 1697 kkey = _copy_key_from_user(ktp.key, ktp.keylen); 1698 if (IS_ERR(kkey)) { 1699 kfree(apqns); 1700 return PTR_ERR(kkey); 1701 } 1702 protkey = kmalloc(protkeylen, GFP_KERNEL); 1703 if (!protkey) { 1704 kfree(apqns); 1705 kfree(kkey); 1706 return -ENOMEM; 1707 } 1708 rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, 1709 kkey, ktp.keylen, 1710 protkey, &protkeylen, &ktp.pkeytype); 1711 DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc); 1712 kfree(apqns); 1713 memzero_explicit(kkey, ktp.keylen); 1714 kfree(kkey); 1715 if (rc) { 1716 kfree(protkey); 1717 break; 1718 } 1719 if (ktp.pkey && ktp.pkeylen) { 1720 if (protkeylen > ktp.pkeylen) { 1721 kfree(protkey); 1722 return -EINVAL; 1723 } 1724 if (copy_to_user(ktp.pkey, protkey, protkeylen)) { 1725 kfree(protkey); 1726 return -EFAULT; 1727 } 1728 } 1729 kfree(protkey); 1730 ktp.pkeylen = protkeylen; 1731 if (copy_to_user(utp, &ktp, sizeof(ktp))) 1732 return -EFAULT; 1733 break; 1734 } 1735 default: 1736 /* unknown/unsupported ioctl cmd */ 1737 return -ENOTTY; 1738 } 1739 1740 return rc; 1741 } 1742 1743 /* 1744 * Sysfs and file io operations 1745 */ 1746 1747 /* 1748 * Sysfs attribute read function for all protected key binary attributes. 1749 * The implementation can not deal with partial reads, because a new random 1750 * protected key blob is generated with each read. In case of partial reads 1751 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1752 */ 1753 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf, 1754 loff_t off, size_t count) 1755 { 1756 struct protaeskeytoken protkeytoken; 1757 struct pkey_protkey protkey; 1758 int rc; 1759 1760 if (off != 0 || count < sizeof(protkeytoken)) 1761 return -EINVAL; 1762 if (is_xts) 1763 if (count < 2 * sizeof(protkeytoken)) 1764 return -EINVAL; 1765 1766 memset(&protkeytoken, 0, sizeof(protkeytoken)); 1767 protkeytoken.type = TOKTYPE_NON_CCA; 1768 protkeytoken.version = TOKVER_PROTECTED_KEY; 1769 protkeytoken.keytype = keytype; 1770 1771 protkey.len = sizeof(protkey.protkey); 1772 rc = pkey_genprotkey(protkeytoken.keytype, 1773 protkey.protkey, &protkey.len, &protkey.type); 1774 if (rc) 1775 return rc; 1776 1777 protkeytoken.len = protkey.len; 1778 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 1779 1780 memcpy(buf, &protkeytoken, sizeof(protkeytoken)); 1781 1782 if (is_xts) { 1783 /* xts needs a second protected key, reuse protkey struct */ 1784 protkey.len = sizeof(protkey.protkey); 1785 rc = pkey_genprotkey(protkeytoken.keytype, 1786 protkey.protkey, &protkey.len, &protkey.type); 1787 if (rc) 1788 return rc; 1789 1790 protkeytoken.len = protkey.len; 1791 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 1792 1793 memcpy(buf + sizeof(protkeytoken), &protkeytoken, 1794 sizeof(protkeytoken)); 1795 1796 return 2 * sizeof(protkeytoken); 1797 } 1798 1799 return sizeof(protkeytoken); 1800 } 1801 1802 static ssize_t protkey_aes_128_read(struct file *filp, 1803 struct kobject *kobj, 1804 struct bin_attribute *attr, 1805 char *buf, loff_t off, 1806 size_t count) 1807 { 1808 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 1809 off, count); 1810 } 1811 1812 static ssize_t protkey_aes_192_read(struct file *filp, 1813 struct kobject *kobj, 1814 struct bin_attribute *attr, 1815 char *buf, loff_t off, 1816 size_t count) 1817 { 1818 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 1819 off, count); 1820 } 1821 1822 static ssize_t protkey_aes_256_read(struct file *filp, 1823 struct kobject *kobj, 1824 struct bin_attribute *attr, 1825 char *buf, loff_t off, 1826 size_t count) 1827 { 1828 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 1829 off, count); 1830 } 1831 1832 static ssize_t protkey_aes_128_xts_read(struct file *filp, 1833 struct kobject *kobj, 1834 struct bin_attribute *attr, 1835 char *buf, loff_t off, 1836 size_t count) 1837 { 1838 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 1839 off, count); 1840 } 1841 1842 static ssize_t protkey_aes_256_xts_read(struct file *filp, 1843 struct kobject *kobj, 1844 struct bin_attribute *attr, 1845 char *buf, loff_t off, 1846 size_t count) 1847 { 1848 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 1849 off, count); 1850 } 1851 1852 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken)); 1853 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken)); 1854 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken)); 1855 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken)); 1856 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken)); 1857 1858 static struct bin_attribute *protkey_attrs[] = { 1859 &bin_attr_protkey_aes_128, 1860 &bin_attr_protkey_aes_192, 1861 &bin_attr_protkey_aes_256, 1862 &bin_attr_protkey_aes_128_xts, 1863 &bin_attr_protkey_aes_256_xts, 1864 NULL 1865 }; 1866 1867 static struct attribute_group protkey_attr_group = { 1868 .name = "protkey", 1869 .bin_attrs = protkey_attrs, 1870 }; 1871 1872 /* 1873 * Sysfs attribute read function for all secure key ccadata binary attributes. 1874 * The implementation can not deal with partial reads, because a new random 1875 * protected key blob is generated with each read. In case of partial reads 1876 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1877 */ 1878 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf, 1879 loff_t off, size_t count) 1880 { 1881 struct pkey_seckey *seckey = (struct pkey_seckey *)buf; 1882 int rc; 1883 1884 if (off != 0 || count < sizeof(struct secaeskeytoken)) 1885 return -EINVAL; 1886 if (is_xts) 1887 if (count < 2 * sizeof(struct secaeskeytoken)) 1888 return -EINVAL; 1889 1890 rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 1891 if (rc) 1892 return rc; 1893 1894 if (is_xts) { 1895 seckey++; 1896 rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 1897 if (rc) 1898 return rc; 1899 1900 return 2 * sizeof(struct secaeskeytoken); 1901 } 1902 1903 return sizeof(struct secaeskeytoken); 1904 } 1905 1906 static ssize_t ccadata_aes_128_read(struct file *filp, 1907 struct kobject *kobj, 1908 struct bin_attribute *attr, 1909 char *buf, loff_t off, 1910 size_t count) 1911 { 1912 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 1913 off, count); 1914 } 1915 1916 static ssize_t ccadata_aes_192_read(struct file *filp, 1917 struct kobject *kobj, 1918 struct bin_attribute *attr, 1919 char *buf, loff_t off, 1920 size_t count) 1921 { 1922 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 1923 off, count); 1924 } 1925 1926 static ssize_t ccadata_aes_256_read(struct file *filp, 1927 struct kobject *kobj, 1928 struct bin_attribute *attr, 1929 char *buf, loff_t off, 1930 size_t count) 1931 { 1932 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 1933 off, count); 1934 } 1935 1936 static ssize_t ccadata_aes_128_xts_read(struct file *filp, 1937 struct kobject *kobj, 1938 struct bin_attribute *attr, 1939 char *buf, loff_t off, 1940 size_t count) 1941 { 1942 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 1943 off, count); 1944 } 1945 1946 static ssize_t ccadata_aes_256_xts_read(struct file *filp, 1947 struct kobject *kobj, 1948 struct bin_attribute *attr, 1949 char *buf, loff_t off, 1950 size_t count) 1951 { 1952 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 1953 off, count); 1954 } 1955 1956 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken)); 1957 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken)); 1958 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken)); 1959 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken)); 1960 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken)); 1961 1962 static struct bin_attribute *ccadata_attrs[] = { 1963 &bin_attr_ccadata_aes_128, 1964 &bin_attr_ccadata_aes_192, 1965 &bin_attr_ccadata_aes_256, 1966 &bin_attr_ccadata_aes_128_xts, 1967 &bin_attr_ccadata_aes_256_xts, 1968 NULL 1969 }; 1970 1971 static struct attribute_group ccadata_attr_group = { 1972 .name = "ccadata", 1973 .bin_attrs = ccadata_attrs, 1974 }; 1975 1976 #define CCACIPHERTOKENSIZE (sizeof(struct cipherkeytoken) + 80) 1977 1978 /* 1979 * Sysfs attribute read function for all secure key ccacipher binary attributes. 1980 * The implementation can not deal with partial reads, because a new random 1981 * secure key blob is generated with each read. In case of partial reads 1982 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1983 */ 1984 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits, 1985 bool is_xts, char *buf, loff_t off, 1986 size_t count) 1987 { 1988 size_t keysize = CCACIPHERTOKENSIZE; 1989 u32 nr_apqns, *apqns = NULL; 1990 int i, rc, card, dom; 1991 1992 if (off != 0 || count < CCACIPHERTOKENSIZE) 1993 return -EINVAL; 1994 if (is_xts) 1995 if (count < 2 * CCACIPHERTOKENSIZE) 1996 return -EINVAL; 1997 1998 /* build a list of apqns able to generate an cipher key */ 1999 rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 2000 ZCRYPT_CEX6, 0, 0, 0, 0); 2001 if (rc) 2002 return rc; 2003 2004 memset(buf, 0, is_xts ? 2 * keysize : keysize); 2005 2006 /* simple try all apqns from the list */ 2007 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 2008 card = apqns[i] >> 16; 2009 dom = apqns[i] & 0xFFFF; 2010 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 2011 if (rc == 0) 2012 break; 2013 } 2014 if (rc) 2015 return rc; 2016 2017 if (is_xts) { 2018 keysize = CCACIPHERTOKENSIZE; 2019 buf += CCACIPHERTOKENSIZE; 2020 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 2021 if (rc == 0) 2022 return 2 * CCACIPHERTOKENSIZE; 2023 } 2024 2025 return CCACIPHERTOKENSIZE; 2026 } 2027 2028 static ssize_t ccacipher_aes_128_read(struct file *filp, 2029 struct kobject *kobj, 2030 struct bin_attribute *attr, 2031 char *buf, loff_t off, 2032 size_t count) 2033 { 2034 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 2035 off, count); 2036 } 2037 2038 static ssize_t ccacipher_aes_192_read(struct file *filp, 2039 struct kobject *kobj, 2040 struct bin_attribute *attr, 2041 char *buf, loff_t off, 2042 size_t count) 2043 { 2044 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 2045 off, count); 2046 } 2047 2048 static ssize_t ccacipher_aes_256_read(struct file *filp, 2049 struct kobject *kobj, 2050 struct bin_attribute *attr, 2051 char *buf, loff_t off, 2052 size_t count) 2053 { 2054 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 2055 off, count); 2056 } 2057 2058 static ssize_t ccacipher_aes_128_xts_read(struct file *filp, 2059 struct kobject *kobj, 2060 struct bin_attribute *attr, 2061 char *buf, loff_t off, 2062 size_t count) 2063 { 2064 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 2065 off, count); 2066 } 2067 2068 static ssize_t ccacipher_aes_256_xts_read(struct file *filp, 2069 struct kobject *kobj, 2070 struct bin_attribute *attr, 2071 char *buf, loff_t off, 2072 size_t count) 2073 { 2074 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 2075 off, count); 2076 } 2077 2078 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE); 2079 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE); 2080 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE); 2081 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE); 2082 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE); 2083 2084 static struct bin_attribute *ccacipher_attrs[] = { 2085 &bin_attr_ccacipher_aes_128, 2086 &bin_attr_ccacipher_aes_192, 2087 &bin_attr_ccacipher_aes_256, 2088 &bin_attr_ccacipher_aes_128_xts, 2089 &bin_attr_ccacipher_aes_256_xts, 2090 NULL 2091 }; 2092 2093 static struct attribute_group ccacipher_attr_group = { 2094 .name = "ccacipher", 2095 .bin_attrs = ccacipher_attrs, 2096 }; 2097 2098 /* 2099 * Sysfs attribute read function for all ep11 aes key binary attributes. 2100 * The implementation can not deal with partial reads, because a new random 2101 * secure key blob is generated with each read. In case of partial reads 2102 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 2103 * This function and the sysfs attributes using it provide EP11 key blobs 2104 * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently 2105 * 320 bytes. 2106 */ 2107 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits, 2108 bool is_xts, char *buf, loff_t off, 2109 size_t count) 2110 { 2111 size_t keysize = MAXEP11AESKEYBLOBSIZE; 2112 u32 nr_apqns, *apqns = NULL; 2113 int i, rc, card, dom; 2114 2115 if (off != 0 || count < MAXEP11AESKEYBLOBSIZE) 2116 return -EINVAL; 2117 if (is_xts) 2118 if (count < 2 * MAXEP11AESKEYBLOBSIZE) 2119 return -EINVAL; 2120 2121 /* build a list of apqns able to generate an cipher key */ 2122 rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 2123 ZCRYPT_CEX7, EP11_API_V, NULL); 2124 if (rc) 2125 return rc; 2126 2127 memset(buf, 0, is_xts ? 2 * keysize : keysize); 2128 2129 /* simple try all apqns from the list */ 2130 for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 2131 card = apqns[i] >> 16; 2132 dom = apqns[i] & 0xFFFF; 2133 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize); 2134 if (rc == 0) 2135 break; 2136 } 2137 if (rc) 2138 return rc; 2139 2140 if (is_xts) { 2141 keysize = MAXEP11AESKEYBLOBSIZE; 2142 buf += MAXEP11AESKEYBLOBSIZE; 2143 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize); 2144 if (rc == 0) 2145 return 2 * MAXEP11AESKEYBLOBSIZE; 2146 } 2147 2148 return MAXEP11AESKEYBLOBSIZE; 2149 } 2150 2151 static ssize_t ep11_aes_128_read(struct file *filp, 2152 struct kobject *kobj, 2153 struct bin_attribute *attr, 2154 char *buf, loff_t off, 2155 size_t count) 2156 { 2157 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 2158 off, count); 2159 } 2160 2161 static ssize_t ep11_aes_192_read(struct file *filp, 2162 struct kobject *kobj, 2163 struct bin_attribute *attr, 2164 char *buf, loff_t off, 2165 size_t count) 2166 { 2167 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 2168 off, count); 2169 } 2170 2171 static ssize_t ep11_aes_256_read(struct file *filp, 2172 struct kobject *kobj, 2173 struct bin_attribute *attr, 2174 char *buf, loff_t off, 2175 size_t count) 2176 { 2177 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 2178 off, count); 2179 } 2180 2181 static ssize_t ep11_aes_128_xts_read(struct file *filp, 2182 struct kobject *kobj, 2183 struct bin_attribute *attr, 2184 char *buf, loff_t off, 2185 size_t count) 2186 { 2187 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 2188 off, count); 2189 } 2190 2191 static ssize_t ep11_aes_256_xts_read(struct file *filp, 2192 struct kobject *kobj, 2193 struct bin_attribute *attr, 2194 char *buf, loff_t off, 2195 size_t count) 2196 { 2197 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 2198 off, count); 2199 } 2200 2201 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE); 2202 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE); 2203 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE); 2204 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE); 2205 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE); 2206 2207 static struct bin_attribute *ep11_attrs[] = { 2208 &bin_attr_ep11_aes_128, 2209 &bin_attr_ep11_aes_192, 2210 &bin_attr_ep11_aes_256, 2211 &bin_attr_ep11_aes_128_xts, 2212 &bin_attr_ep11_aes_256_xts, 2213 NULL 2214 }; 2215 2216 static struct attribute_group ep11_attr_group = { 2217 .name = "ep11", 2218 .bin_attrs = ep11_attrs, 2219 }; 2220 2221 static const struct attribute_group *pkey_attr_groups[] = { 2222 &protkey_attr_group, 2223 &ccadata_attr_group, 2224 &ccacipher_attr_group, 2225 &ep11_attr_group, 2226 NULL, 2227 }; 2228 2229 static const struct file_operations pkey_fops = { 2230 .owner = THIS_MODULE, 2231 .open = nonseekable_open, 2232 .llseek = no_llseek, 2233 .unlocked_ioctl = pkey_unlocked_ioctl, 2234 }; 2235 2236 static struct miscdevice pkey_dev = { 2237 .name = "pkey", 2238 .minor = MISC_DYNAMIC_MINOR, 2239 .mode = 0666, 2240 .fops = &pkey_fops, 2241 .groups = pkey_attr_groups, 2242 }; 2243 2244 /* 2245 * Module init 2246 */ 2247 static int __init pkey_init(void) 2248 { 2249 cpacf_mask_t func_mask; 2250 2251 /* 2252 * The pckmo instruction should be available - even if we don't 2253 * actually invoke it. This instruction comes with MSA 3 which 2254 * is also the minimum level for the kmc instructions which 2255 * are able to work with protected keys. 2256 */ 2257 if (!cpacf_query(CPACF_PCKMO, &func_mask)) 2258 return -ENODEV; 2259 2260 /* check for kmc instructions available */ 2261 if (!cpacf_query(CPACF_KMC, &func_mask)) 2262 return -ENODEV; 2263 if (!cpacf_test_func(&func_mask, CPACF_KMC_PAES_128) || 2264 !cpacf_test_func(&func_mask, CPACF_KMC_PAES_192) || 2265 !cpacf_test_func(&func_mask, CPACF_KMC_PAES_256)) 2266 return -ENODEV; 2267 2268 pkey_debug_init(); 2269 2270 return misc_register(&pkey_dev); 2271 } 2272 2273 /* 2274 * Module exit 2275 */ 2276 static void __exit pkey_exit(void) 2277 { 2278 misc_deregister(&pkey_dev); 2279 pkey_debug_exit(); 2280 } 2281 2282 module_cpu_feature_match(S390_CPU_FEATURE_MSA, pkey_init); 2283 module_exit(pkey_exit); 2284