1 /* 2 * linux/drivers/s390/crypto/zcrypt_api.c 3 * 4 * zcrypt 2.1.0 5 * 6 * Copyright (C) 2001, 2006 IBM Corporation 7 * Author(s): Robert Burroughs 8 * Eric Rossman (edrossma@us.ibm.com) 9 * Cornelia Huck <cornelia.huck@de.ibm.com> 10 * 11 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) 12 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com> 13 * Ralph Wuerthner <rwuerthn@de.ibm.com> 14 * 15 * This program is free software; you can redistribute it and/or modify 16 * it under the terms of the GNU General Public License as published by 17 * the Free Software Foundation; either version 2, or (at your option) 18 * any later version. 19 * 20 * This program is distributed in the hope that it will be useful, 21 * but WITHOUT ANY WARRANTY; without even the implied warranty of 22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 23 * GNU General Public License for more details. 24 * 25 * You should have received a copy of the GNU General Public License 26 * along with this program; if not, write to the Free Software 27 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 28 */ 29 30 #include <linux/module.h> 31 #include <linux/init.h> 32 #include <linux/interrupt.h> 33 #include <linux/miscdevice.h> 34 #include <linux/fs.h> 35 #include <linux/proc_fs.h> 36 #include <linux/compat.h> 37 #include <asm/atomic.h> 38 #include <asm/uaccess.h> 39 #include <linux/hw_random.h> 40 41 #include "zcrypt_api.h" 42 43 /* 44 * Module description. 45 */ 46 MODULE_AUTHOR("IBM Corporation"); 47 MODULE_DESCRIPTION("Cryptographic Coprocessor interface, " 48 "Copyright 2001, 2006 IBM Corporation"); 49 MODULE_LICENSE("GPL"); 50 51 static DEFINE_SPINLOCK(zcrypt_device_lock); 52 static LIST_HEAD(zcrypt_device_list); 53 static int zcrypt_device_count = 0; 54 static atomic_t zcrypt_open_count = ATOMIC_INIT(0); 55 56 static int zcrypt_rng_device_add(void); 57 static void zcrypt_rng_device_remove(void); 58 59 /* 60 * Device attributes common for all crypto devices. 61 */ 62 static ssize_t zcrypt_type_show(struct device *dev, 63 struct device_attribute *attr, char *buf) 64 { 65 struct zcrypt_device *zdev = to_ap_dev(dev)->private; 66 return snprintf(buf, PAGE_SIZE, "%s\n", zdev->type_string); 67 } 68 69 static DEVICE_ATTR(type, 0444, zcrypt_type_show, NULL); 70 71 static ssize_t zcrypt_online_show(struct device *dev, 72 struct device_attribute *attr, char *buf) 73 { 74 struct zcrypt_device *zdev = to_ap_dev(dev)->private; 75 return snprintf(buf, PAGE_SIZE, "%d\n", zdev->online); 76 } 77 78 static ssize_t zcrypt_online_store(struct device *dev, 79 struct device_attribute *attr, 80 const char *buf, size_t count) 81 { 82 struct zcrypt_device *zdev = to_ap_dev(dev)->private; 83 int online; 84 85 if (sscanf(buf, "%d\n", &online) != 1 || online < 0 || online > 1) 86 return -EINVAL; 87 zdev->online = online; 88 if (!online) 89 ap_flush_queue(zdev->ap_dev); 90 return count; 91 } 92 93 static DEVICE_ATTR(online, 0644, zcrypt_online_show, zcrypt_online_store); 94 95 static struct attribute * zcrypt_device_attrs[] = { 96 &dev_attr_type.attr, 97 &dev_attr_online.attr, 98 NULL, 99 }; 100 101 static struct attribute_group zcrypt_device_attr_group = { 102 .attrs = zcrypt_device_attrs, 103 }; 104 105 /** 106 * __zcrypt_increase_preference(): Increase preference of a crypto device. 107 * @zdev: Pointer the crypto device 108 * 109 * Move the device towards the head of the device list. 110 * Need to be called while holding the zcrypt device list lock. 111 * Note: cards with speed_rating of 0 are kept at the end of the list. 112 */ 113 static void __zcrypt_increase_preference(struct zcrypt_device *zdev) 114 { 115 struct zcrypt_device *tmp; 116 struct list_head *l; 117 118 if (zdev->speed_rating == 0) 119 return; 120 for (l = zdev->list.prev; l != &zcrypt_device_list; l = l->prev) { 121 tmp = list_entry(l, struct zcrypt_device, list); 122 if ((tmp->request_count + 1) * tmp->speed_rating <= 123 (zdev->request_count + 1) * zdev->speed_rating && 124 tmp->speed_rating != 0) 125 break; 126 } 127 if (l == zdev->list.prev) 128 return; 129 /* Move zdev behind l */ 130 list_del(&zdev->list); 131 list_add(&zdev->list, l); 132 } 133 134 /** 135 * __zcrypt_decrease_preference(): Decrease preference of a crypto device. 136 * @zdev: Pointer to a crypto device. 137 * 138 * Move the device towards the tail of the device list. 139 * Need to be called while holding the zcrypt device list lock. 140 * Note: cards with speed_rating of 0 are kept at the end of the list. 141 */ 142 static void __zcrypt_decrease_preference(struct zcrypt_device *zdev) 143 { 144 struct zcrypt_device *tmp; 145 struct list_head *l; 146 147 if (zdev->speed_rating == 0) 148 return; 149 for (l = zdev->list.next; l != &zcrypt_device_list; l = l->next) { 150 tmp = list_entry(l, struct zcrypt_device, list); 151 if ((tmp->request_count + 1) * tmp->speed_rating > 152 (zdev->request_count + 1) * zdev->speed_rating || 153 tmp->speed_rating == 0) 154 break; 155 } 156 if (l == zdev->list.next) 157 return; 158 /* Move zdev before l */ 159 list_del(&zdev->list); 160 list_add_tail(&zdev->list, l); 161 } 162 163 static void zcrypt_device_release(struct kref *kref) 164 { 165 struct zcrypt_device *zdev = 166 container_of(kref, struct zcrypt_device, refcount); 167 zcrypt_device_free(zdev); 168 } 169 170 void zcrypt_device_get(struct zcrypt_device *zdev) 171 { 172 kref_get(&zdev->refcount); 173 } 174 EXPORT_SYMBOL(zcrypt_device_get); 175 176 int zcrypt_device_put(struct zcrypt_device *zdev) 177 { 178 return kref_put(&zdev->refcount, zcrypt_device_release); 179 } 180 EXPORT_SYMBOL(zcrypt_device_put); 181 182 struct zcrypt_device *zcrypt_device_alloc(size_t max_response_size) 183 { 184 struct zcrypt_device *zdev; 185 186 zdev = kzalloc(sizeof(struct zcrypt_device), GFP_KERNEL); 187 if (!zdev) 188 return NULL; 189 zdev->reply.message = kmalloc(max_response_size, GFP_KERNEL); 190 if (!zdev->reply.message) 191 goto out_free; 192 zdev->reply.length = max_response_size; 193 spin_lock_init(&zdev->lock); 194 INIT_LIST_HEAD(&zdev->list); 195 return zdev; 196 197 out_free: 198 kfree(zdev); 199 return NULL; 200 } 201 EXPORT_SYMBOL(zcrypt_device_alloc); 202 203 void zcrypt_device_free(struct zcrypt_device *zdev) 204 { 205 kfree(zdev->reply.message); 206 kfree(zdev); 207 } 208 EXPORT_SYMBOL(zcrypt_device_free); 209 210 /** 211 * zcrypt_device_register() - Register a crypto device. 212 * @zdev: Pointer to a crypto device 213 * 214 * Register a crypto device. Returns 0 if successful. 215 */ 216 int zcrypt_device_register(struct zcrypt_device *zdev) 217 { 218 int rc; 219 220 rc = sysfs_create_group(&zdev->ap_dev->device.kobj, 221 &zcrypt_device_attr_group); 222 if (rc) 223 goto out; 224 get_device(&zdev->ap_dev->device); 225 kref_init(&zdev->refcount); 226 spin_lock_bh(&zcrypt_device_lock); 227 zdev->online = 1; /* New devices are online by default. */ 228 list_add_tail(&zdev->list, &zcrypt_device_list); 229 __zcrypt_increase_preference(zdev); 230 zcrypt_device_count++; 231 spin_unlock_bh(&zcrypt_device_lock); 232 if (zdev->ops->rng) { 233 rc = zcrypt_rng_device_add(); 234 if (rc) 235 goto out_unregister; 236 } 237 return 0; 238 239 out_unregister: 240 spin_lock_bh(&zcrypt_device_lock); 241 zcrypt_device_count--; 242 list_del_init(&zdev->list); 243 spin_unlock_bh(&zcrypt_device_lock); 244 sysfs_remove_group(&zdev->ap_dev->device.kobj, 245 &zcrypt_device_attr_group); 246 put_device(&zdev->ap_dev->device); 247 zcrypt_device_put(zdev); 248 out: 249 return rc; 250 } 251 EXPORT_SYMBOL(zcrypt_device_register); 252 253 /** 254 * zcrypt_device_unregister(): Unregister a crypto device. 255 * @zdev: Pointer to crypto device 256 * 257 * Unregister a crypto device. 258 */ 259 void zcrypt_device_unregister(struct zcrypt_device *zdev) 260 { 261 if (zdev->ops->rng) 262 zcrypt_rng_device_remove(); 263 spin_lock_bh(&zcrypt_device_lock); 264 zcrypt_device_count--; 265 list_del_init(&zdev->list); 266 spin_unlock_bh(&zcrypt_device_lock); 267 sysfs_remove_group(&zdev->ap_dev->device.kobj, 268 &zcrypt_device_attr_group); 269 put_device(&zdev->ap_dev->device); 270 zcrypt_device_put(zdev); 271 } 272 EXPORT_SYMBOL(zcrypt_device_unregister); 273 274 /** 275 * zcrypt_read (): Not supported beyond zcrypt 1.3.1. 276 * 277 * This function is not supported beyond zcrypt 1.3.1. 278 */ 279 static ssize_t zcrypt_read(struct file *filp, char __user *buf, 280 size_t count, loff_t *f_pos) 281 { 282 return -EPERM; 283 } 284 285 /** 286 * zcrypt_write(): Not allowed. 287 * 288 * Write is is not allowed 289 */ 290 static ssize_t zcrypt_write(struct file *filp, const char __user *buf, 291 size_t count, loff_t *f_pos) 292 { 293 return -EPERM; 294 } 295 296 /** 297 * zcrypt_open(): Count number of users. 298 * 299 * Device open function to count number of users. 300 */ 301 static int zcrypt_open(struct inode *inode, struct file *filp) 302 { 303 atomic_inc(&zcrypt_open_count); 304 return 0; 305 } 306 307 /** 308 * zcrypt_release(): Count number of users. 309 * 310 * Device close function to count number of users. 311 */ 312 static int zcrypt_release(struct inode *inode, struct file *filp) 313 { 314 atomic_dec(&zcrypt_open_count); 315 return 0; 316 } 317 318 /* 319 * zcrypt ioctls. 320 */ 321 static long zcrypt_rsa_modexpo(struct ica_rsa_modexpo *mex) 322 { 323 struct zcrypt_device *zdev; 324 int rc; 325 326 if (mex->outputdatalength < mex->inputdatalength) 327 return -EINVAL; 328 /* 329 * As long as outputdatalength is big enough, we can set the 330 * outputdatalength equal to the inputdatalength, since that is the 331 * number of bytes we will copy in any case 332 */ 333 mex->outputdatalength = mex->inputdatalength; 334 335 spin_lock_bh(&zcrypt_device_lock); 336 list_for_each_entry(zdev, &zcrypt_device_list, list) { 337 if (!zdev->online || 338 !zdev->ops->rsa_modexpo || 339 zdev->min_mod_size > mex->inputdatalength || 340 zdev->max_mod_size < mex->inputdatalength) 341 continue; 342 zcrypt_device_get(zdev); 343 get_device(&zdev->ap_dev->device); 344 zdev->request_count++; 345 __zcrypt_decrease_preference(zdev); 346 if (try_module_get(zdev->ap_dev->drv->driver.owner)) { 347 spin_unlock_bh(&zcrypt_device_lock); 348 rc = zdev->ops->rsa_modexpo(zdev, mex); 349 spin_lock_bh(&zcrypt_device_lock); 350 module_put(zdev->ap_dev->drv->driver.owner); 351 } 352 else 353 rc = -EAGAIN; 354 zdev->request_count--; 355 __zcrypt_increase_preference(zdev); 356 put_device(&zdev->ap_dev->device); 357 zcrypt_device_put(zdev); 358 spin_unlock_bh(&zcrypt_device_lock); 359 return rc; 360 } 361 spin_unlock_bh(&zcrypt_device_lock); 362 return -ENODEV; 363 } 364 365 static long zcrypt_rsa_crt(struct ica_rsa_modexpo_crt *crt) 366 { 367 struct zcrypt_device *zdev; 368 unsigned long long z1, z2, z3; 369 int rc, copied; 370 371 if (crt->outputdatalength < crt->inputdatalength || 372 (crt->inputdatalength & 1)) 373 return -EINVAL; 374 /* 375 * As long as outputdatalength is big enough, we can set the 376 * outputdatalength equal to the inputdatalength, since that is the 377 * number of bytes we will copy in any case 378 */ 379 crt->outputdatalength = crt->inputdatalength; 380 381 copied = 0; 382 restart: 383 spin_lock_bh(&zcrypt_device_lock); 384 list_for_each_entry(zdev, &zcrypt_device_list, list) { 385 if (!zdev->online || 386 !zdev->ops->rsa_modexpo_crt || 387 zdev->min_mod_size > crt->inputdatalength || 388 zdev->max_mod_size < crt->inputdatalength) 389 continue; 390 if (zdev->short_crt && crt->inputdatalength > 240) { 391 /* 392 * Check inputdata for leading zeros for cards 393 * that can't handle np_prime, bp_key, or 394 * u_mult_inv > 128 bytes. 395 */ 396 if (copied == 0) { 397 int len; 398 spin_unlock_bh(&zcrypt_device_lock); 399 /* len is max 256 / 2 - 120 = 8 */ 400 len = crt->inputdatalength / 2 - 120; 401 z1 = z2 = z3 = 0; 402 if (copy_from_user(&z1, crt->np_prime, len) || 403 copy_from_user(&z2, crt->bp_key, len) || 404 copy_from_user(&z3, crt->u_mult_inv, len)) 405 return -EFAULT; 406 copied = 1; 407 /* 408 * We have to restart device lookup - 409 * the device list may have changed by now. 410 */ 411 goto restart; 412 } 413 if (z1 != 0ULL || z2 != 0ULL || z3 != 0ULL) 414 /* The device can't handle this request. */ 415 continue; 416 } 417 zcrypt_device_get(zdev); 418 get_device(&zdev->ap_dev->device); 419 zdev->request_count++; 420 __zcrypt_decrease_preference(zdev); 421 if (try_module_get(zdev->ap_dev->drv->driver.owner)) { 422 spin_unlock_bh(&zcrypt_device_lock); 423 rc = zdev->ops->rsa_modexpo_crt(zdev, crt); 424 spin_lock_bh(&zcrypt_device_lock); 425 module_put(zdev->ap_dev->drv->driver.owner); 426 } 427 else 428 rc = -EAGAIN; 429 zdev->request_count--; 430 __zcrypt_increase_preference(zdev); 431 put_device(&zdev->ap_dev->device); 432 zcrypt_device_put(zdev); 433 spin_unlock_bh(&zcrypt_device_lock); 434 return rc; 435 } 436 spin_unlock_bh(&zcrypt_device_lock); 437 return -ENODEV; 438 } 439 440 static long zcrypt_send_cprb(struct ica_xcRB *xcRB) 441 { 442 struct zcrypt_device *zdev; 443 int rc; 444 445 spin_lock_bh(&zcrypt_device_lock); 446 list_for_each_entry(zdev, &zcrypt_device_list, list) { 447 if (!zdev->online || !zdev->ops->send_cprb || 448 (xcRB->user_defined != AUTOSELECT && 449 AP_QID_DEVICE(zdev->ap_dev->qid) != xcRB->user_defined) 450 ) 451 continue; 452 zcrypt_device_get(zdev); 453 get_device(&zdev->ap_dev->device); 454 zdev->request_count++; 455 __zcrypt_decrease_preference(zdev); 456 if (try_module_get(zdev->ap_dev->drv->driver.owner)) { 457 spin_unlock_bh(&zcrypt_device_lock); 458 rc = zdev->ops->send_cprb(zdev, xcRB); 459 spin_lock_bh(&zcrypt_device_lock); 460 module_put(zdev->ap_dev->drv->driver.owner); 461 } 462 else 463 rc = -EAGAIN; 464 zdev->request_count--; 465 __zcrypt_increase_preference(zdev); 466 put_device(&zdev->ap_dev->device); 467 zcrypt_device_put(zdev); 468 spin_unlock_bh(&zcrypt_device_lock); 469 return rc; 470 } 471 spin_unlock_bh(&zcrypt_device_lock); 472 return -ENODEV; 473 } 474 475 static long zcrypt_rng(char *buffer) 476 { 477 struct zcrypt_device *zdev; 478 int rc; 479 480 spin_lock_bh(&zcrypt_device_lock); 481 list_for_each_entry(zdev, &zcrypt_device_list, list) { 482 if (!zdev->online || !zdev->ops->rng) 483 continue; 484 zcrypt_device_get(zdev); 485 get_device(&zdev->ap_dev->device); 486 zdev->request_count++; 487 __zcrypt_decrease_preference(zdev); 488 if (try_module_get(zdev->ap_dev->drv->driver.owner)) { 489 spin_unlock_bh(&zcrypt_device_lock); 490 rc = zdev->ops->rng(zdev, buffer); 491 spin_lock_bh(&zcrypt_device_lock); 492 module_put(zdev->ap_dev->drv->driver.owner); 493 } else 494 rc = -EAGAIN; 495 zdev->request_count--; 496 __zcrypt_increase_preference(zdev); 497 put_device(&zdev->ap_dev->device); 498 zcrypt_device_put(zdev); 499 spin_unlock_bh(&zcrypt_device_lock); 500 return rc; 501 } 502 spin_unlock_bh(&zcrypt_device_lock); 503 return -ENODEV; 504 } 505 506 static void zcrypt_status_mask(char status[AP_DEVICES]) 507 { 508 struct zcrypt_device *zdev; 509 510 memset(status, 0, sizeof(char) * AP_DEVICES); 511 spin_lock_bh(&zcrypt_device_lock); 512 list_for_each_entry(zdev, &zcrypt_device_list, list) 513 status[AP_QID_DEVICE(zdev->ap_dev->qid)] = 514 zdev->online ? zdev->user_space_type : 0x0d; 515 spin_unlock_bh(&zcrypt_device_lock); 516 } 517 518 static void zcrypt_qdepth_mask(char qdepth[AP_DEVICES]) 519 { 520 struct zcrypt_device *zdev; 521 522 memset(qdepth, 0, sizeof(char) * AP_DEVICES); 523 spin_lock_bh(&zcrypt_device_lock); 524 list_for_each_entry(zdev, &zcrypt_device_list, list) { 525 spin_lock(&zdev->ap_dev->lock); 526 qdepth[AP_QID_DEVICE(zdev->ap_dev->qid)] = 527 zdev->ap_dev->pendingq_count + 528 zdev->ap_dev->requestq_count; 529 spin_unlock(&zdev->ap_dev->lock); 530 } 531 spin_unlock_bh(&zcrypt_device_lock); 532 } 533 534 static void zcrypt_perdev_reqcnt(int reqcnt[AP_DEVICES]) 535 { 536 struct zcrypt_device *zdev; 537 538 memset(reqcnt, 0, sizeof(int) * AP_DEVICES); 539 spin_lock_bh(&zcrypt_device_lock); 540 list_for_each_entry(zdev, &zcrypt_device_list, list) { 541 spin_lock(&zdev->ap_dev->lock); 542 reqcnt[AP_QID_DEVICE(zdev->ap_dev->qid)] = 543 zdev->ap_dev->total_request_count; 544 spin_unlock(&zdev->ap_dev->lock); 545 } 546 spin_unlock_bh(&zcrypt_device_lock); 547 } 548 549 static int zcrypt_pendingq_count(void) 550 { 551 struct zcrypt_device *zdev; 552 int pendingq_count = 0; 553 554 spin_lock_bh(&zcrypt_device_lock); 555 list_for_each_entry(zdev, &zcrypt_device_list, list) { 556 spin_lock(&zdev->ap_dev->lock); 557 pendingq_count += zdev->ap_dev->pendingq_count; 558 spin_unlock(&zdev->ap_dev->lock); 559 } 560 spin_unlock_bh(&zcrypt_device_lock); 561 return pendingq_count; 562 } 563 564 static int zcrypt_requestq_count(void) 565 { 566 struct zcrypt_device *zdev; 567 int requestq_count = 0; 568 569 spin_lock_bh(&zcrypt_device_lock); 570 list_for_each_entry(zdev, &zcrypt_device_list, list) { 571 spin_lock(&zdev->ap_dev->lock); 572 requestq_count += zdev->ap_dev->requestq_count; 573 spin_unlock(&zdev->ap_dev->lock); 574 } 575 spin_unlock_bh(&zcrypt_device_lock); 576 return requestq_count; 577 } 578 579 static int zcrypt_count_type(int type) 580 { 581 struct zcrypt_device *zdev; 582 int device_count = 0; 583 584 spin_lock_bh(&zcrypt_device_lock); 585 list_for_each_entry(zdev, &zcrypt_device_list, list) 586 if (zdev->user_space_type == type) 587 device_count++; 588 spin_unlock_bh(&zcrypt_device_lock); 589 return device_count; 590 } 591 592 /** 593 * zcrypt_ica_status(): Old, depracted combi status call. 594 * 595 * Old, deprecated combi status call. 596 */ 597 static long zcrypt_ica_status(struct file *filp, unsigned long arg) 598 { 599 struct ica_z90_status *pstat; 600 int ret; 601 602 pstat = kzalloc(sizeof(*pstat), GFP_KERNEL); 603 if (!pstat) 604 return -ENOMEM; 605 pstat->totalcount = zcrypt_device_count; 606 pstat->leedslitecount = zcrypt_count_type(ZCRYPT_PCICA); 607 pstat->leeds2count = zcrypt_count_type(ZCRYPT_PCICC); 608 pstat->requestqWaitCount = zcrypt_requestq_count(); 609 pstat->pendingqWaitCount = zcrypt_pendingq_count(); 610 pstat->totalOpenCount = atomic_read(&zcrypt_open_count); 611 pstat->cryptoDomain = ap_domain_index; 612 zcrypt_status_mask(pstat->status); 613 zcrypt_qdepth_mask(pstat->qdepth); 614 ret = 0; 615 if (copy_to_user((void __user *) arg, pstat, sizeof(*pstat))) 616 ret = -EFAULT; 617 kfree(pstat); 618 return ret; 619 } 620 621 static long zcrypt_unlocked_ioctl(struct file *filp, unsigned int cmd, 622 unsigned long arg) 623 { 624 int rc; 625 626 switch (cmd) { 627 case ICARSAMODEXPO: { 628 struct ica_rsa_modexpo __user *umex = (void __user *) arg; 629 struct ica_rsa_modexpo mex; 630 if (copy_from_user(&mex, umex, sizeof(mex))) 631 return -EFAULT; 632 do { 633 rc = zcrypt_rsa_modexpo(&mex); 634 } while (rc == -EAGAIN); 635 if (rc) 636 return rc; 637 return put_user(mex.outputdatalength, &umex->outputdatalength); 638 } 639 case ICARSACRT: { 640 struct ica_rsa_modexpo_crt __user *ucrt = (void __user *) arg; 641 struct ica_rsa_modexpo_crt crt; 642 if (copy_from_user(&crt, ucrt, sizeof(crt))) 643 return -EFAULT; 644 do { 645 rc = zcrypt_rsa_crt(&crt); 646 } while (rc == -EAGAIN); 647 if (rc) 648 return rc; 649 return put_user(crt.outputdatalength, &ucrt->outputdatalength); 650 } 651 case ZSECSENDCPRB: { 652 struct ica_xcRB __user *uxcRB = (void __user *) arg; 653 struct ica_xcRB xcRB; 654 if (copy_from_user(&xcRB, uxcRB, sizeof(xcRB))) 655 return -EFAULT; 656 do { 657 rc = zcrypt_send_cprb(&xcRB); 658 } while (rc == -EAGAIN); 659 if (copy_to_user(uxcRB, &xcRB, sizeof(xcRB))) 660 return -EFAULT; 661 return rc; 662 } 663 case Z90STAT_STATUS_MASK: { 664 char status[AP_DEVICES]; 665 zcrypt_status_mask(status); 666 if (copy_to_user((char __user *) arg, status, 667 sizeof(char) * AP_DEVICES)) 668 return -EFAULT; 669 return 0; 670 } 671 case Z90STAT_QDEPTH_MASK: { 672 char qdepth[AP_DEVICES]; 673 zcrypt_qdepth_mask(qdepth); 674 if (copy_to_user((char __user *) arg, qdepth, 675 sizeof(char) * AP_DEVICES)) 676 return -EFAULT; 677 return 0; 678 } 679 case Z90STAT_PERDEV_REQCNT: { 680 int reqcnt[AP_DEVICES]; 681 zcrypt_perdev_reqcnt(reqcnt); 682 if (copy_to_user((int __user *) arg, reqcnt, 683 sizeof(int) * AP_DEVICES)) 684 return -EFAULT; 685 return 0; 686 } 687 case Z90STAT_REQUESTQ_COUNT: 688 return put_user(zcrypt_requestq_count(), (int __user *) arg); 689 case Z90STAT_PENDINGQ_COUNT: 690 return put_user(zcrypt_pendingq_count(), (int __user *) arg); 691 case Z90STAT_TOTALOPEN_COUNT: 692 return put_user(atomic_read(&zcrypt_open_count), 693 (int __user *) arg); 694 case Z90STAT_DOMAIN_INDEX: 695 return put_user(ap_domain_index, (int __user *) arg); 696 /* 697 * Deprecated ioctls. Don't add another device count ioctl, 698 * you can count them yourself in the user space with the 699 * output of the Z90STAT_STATUS_MASK ioctl. 700 */ 701 case ICAZ90STATUS: 702 return zcrypt_ica_status(filp, arg); 703 case Z90STAT_TOTALCOUNT: 704 return put_user(zcrypt_device_count, (int __user *) arg); 705 case Z90STAT_PCICACOUNT: 706 return put_user(zcrypt_count_type(ZCRYPT_PCICA), 707 (int __user *) arg); 708 case Z90STAT_PCICCCOUNT: 709 return put_user(zcrypt_count_type(ZCRYPT_PCICC), 710 (int __user *) arg); 711 case Z90STAT_PCIXCCMCL2COUNT: 712 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL2), 713 (int __user *) arg); 714 case Z90STAT_PCIXCCMCL3COUNT: 715 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL3), 716 (int __user *) arg); 717 case Z90STAT_PCIXCCCOUNT: 718 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL2) + 719 zcrypt_count_type(ZCRYPT_PCIXCC_MCL3), 720 (int __user *) arg); 721 case Z90STAT_CEX2CCOUNT: 722 return put_user(zcrypt_count_type(ZCRYPT_CEX2C), 723 (int __user *) arg); 724 case Z90STAT_CEX2ACOUNT: 725 return put_user(zcrypt_count_type(ZCRYPT_CEX2A), 726 (int __user *) arg); 727 default: 728 /* unknown ioctl number */ 729 return -ENOIOCTLCMD; 730 } 731 } 732 733 #ifdef CONFIG_COMPAT 734 /* 735 * ioctl32 conversion routines 736 */ 737 struct compat_ica_rsa_modexpo { 738 compat_uptr_t inputdata; 739 unsigned int inputdatalength; 740 compat_uptr_t outputdata; 741 unsigned int outputdatalength; 742 compat_uptr_t b_key; 743 compat_uptr_t n_modulus; 744 }; 745 746 static long trans_modexpo32(struct file *filp, unsigned int cmd, 747 unsigned long arg) 748 { 749 struct compat_ica_rsa_modexpo __user *umex32 = compat_ptr(arg); 750 struct compat_ica_rsa_modexpo mex32; 751 struct ica_rsa_modexpo mex64; 752 long rc; 753 754 if (copy_from_user(&mex32, umex32, sizeof(mex32))) 755 return -EFAULT; 756 mex64.inputdata = compat_ptr(mex32.inputdata); 757 mex64.inputdatalength = mex32.inputdatalength; 758 mex64.outputdata = compat_ptr(mex32.outputdata); 759 mex64.outputdatalength = mex32.outputdatalength; 760 mex64.b_key = compat_ptr(mex32.b_key); 761 mex64.n_modulus = compat_ptr(mex32.n_modulus); 762 do { 763 rc = zcrypt_rsa_modexpo(&mex64); 764 } while (rc == -EAGAIN); 765 if (!rc) 766 rc = put_user(mex64.outputdatalength, 767 &umex32->outputdatalength); 768 return rc; 769 } 770 771 struct compat_ica_rsa_modexpo_crt { 772 compat_uptr_t inputdata; 773 unsigned int inputdatalength; 774 compat_uptr_t outputdata; 775 unsigned int outputdatalength; 776 compat_uptr_t bp_key; 777 compat_uptr_t bq_key; 778 compat_uptr_t np_prime; 779 compat_uptr_t nq_prime; 780 compat_uptr_t u_mult_inv; 781 }; 782 783 static long trans_modexpo_crt32(struct file *filp, unsigned int cmd, 784 unsigned long arg) 785 { 786 struct compat_ica_rsa_modexpo_crt __user *ucrt32 = compat_ptr(arg); 787 struct compat_ica_rsa_modexpo_crt crt32; 788 struct ica_rsa_modexpo_crt crt64; 789 long rc; 790 791 if (copy_from_user(&crt32, ucrt32, sizeof(crt32))) 792 return -EFAULT; 793 crt64.inputdata = compat_ptr(crt32.inputdata); 794 crt64.inputdatalength = crt32.inputdatalength; 795 crt64.outputdata= compat_ptr(crt32.outputdata); 796 crt64.outputdatalength = crt32.outputdatalength; 797 crt64.bp_key = compat_ptr(crt32.bp_key); 798 crt64.bq_key = compat_ptr(crt32.bq_key); 799 crt64.np_prime = compat_ptr(crt32.np_prime); 800 crt64.nq_prime = compat_ptr(crt32.nq_prime); 801 crt64.u_mult_inv = compat_ptr(crt32.u_mult_inv); 802 do { 803 rc = zcrypt_rsa_crt(&crt64); 804 } while (rc == -EAGAIN); 805 if (!rc) 806 rc = put_user(crt64.outputdatalength, 807 &ucrt32->outputdatalength); 808 return rc; 809 } 810 811 struct compat_ica_xcRB { 812 unsigned short agent_ID; 813 unsigned int user_defined; 814 unsigned short request_ID; 815 unsigned int request_control_blk_length; 816 unsigned char padding1[16 - sizeof (compat_uptr_t)]; 817 compat_uptr_t request_control_blk_addr; 818 unsigned int request_data_length; 819 char padding2[16 - sizeof (compat_uptr_t)]; 820 compat_uptr_t request_data_address; 821 unsigned int reply_control_blk_length; 822 char padding3[16 - sizeof (compat_uptr_t)]; 823 compat_uptr_t reply_control_blk_addr; 824 unsigned int reply_data_length; 825 char padding4[16 - sizeof (compat_uptr_t)]; 826 compat_uptr_t reply_data_addr; 827 unsigned short priority_window; 828 unsigned int status; 829 } __attribute__((packed)); 830 831 static long trans_xcRB32(struct file *filp, unsigned int cmd, 832 unsigned long arg) 833 { 834 struct compat_ica_xcRB __user *uxcRB32 = compat_ptr(arg); 835 struct compat_ica_xcRB xcRB32; 836 struct ica_xcRB xcRB64; 837 long rc; 838 839 if (copy_from_user(&xcRB32, uxcRB32, sizeof(xcRB32))) 840 return -EFAULT; 841 xcRB64.agent_ID = xcRB32.agent_ID; 842 xcRB64.user_defined = xcRB32.user_defined; 843 xcRB64.request_ID = xcRB32.request_ID; 844 xcRB64.request_control_blk_length = 845 xcRB32.request_control_blk_length; 846 xcRB64.request_control_blk_addr = 847 compat_ptr(xcRB32.request_control_blk_addr); 848 xcRB64.request_data_length = 849 xcRB32.request_data_length; 850 xcRB64.request_data_address = 851 compat_ptr(xcRB32.request_data_address); 852 xcRB64.reply_control_blk_length = 853 xcRB32.reply_control_blk_length; 854 xcRB64.reply_control_blk_addr = 855 compat_ptr(xcRB32.reply_control_blk_addr); 856 xcRB64.reply_data_length = xcRB32.reply_data_length; 857 xcRB64.reply_data_addr = 858 compat_ptr(xcRB32.reply_data_addr); 859 xcRB64.priority_window = xcRB32.priority_window; 860 xcRB64.status = xcRB32.status; 861 do { 862 rc = zcrypt_send_cprb(&xcRB64); 863 } while (rc == -EAGAIN); 864 xcRB32.reply_control_blk_length = xcRB64.reply_control_blk_length; 865 xcRB32.reply_data_length = xcRB64.reply_data_length; 866 xcRB32.status = xcRB64.status; 867 if (copy_to_user(uxcRB32, &xcRB32, sizeof(xcRB32))) 868 return -EFAULT; 869 return rc; 870 } 871 872 static long zcrypt_compat_ioctl(struct file *filp, unsigned int cmd, 873 unsigned long arg) 874 { 875 if (cmd == ICARSAMODEXPO) 876 return trans_modexpo32(filp, cmd, arg); 877 if (cmd == ICARSACRT) 878 return trans_modexpo_crt32(filp, cmd, arg); 879 if (cmd == ZSECSENDCPRB) 880 return trans_xcRB32(filp, cmd, arg); 881 return zcrypt_unlocked_ioctl(filp, cmd, arg); 882 } 883 #endif 884 885 /* 886 * Misc device file operations. 887 */ 888 static const struct file_operations zcrypt_fops = { 889 .owner = THIS_MODULE, 890 .read = zcrypt_read, 891 .write = zcrypt_write, 892 .unlocked_ioctl = zcrypt_unlocked_ioctl, 893 #ifdef CONFIG_COMPAT 894 .compat_ioctl = zcrypt_compat_ioctl, 895 #endif 896 .open = zcrypt_open, 897 .release = zcrypt_release 898 }; 899 900 /* 901 * Misc device. 902 */ 903 static struct miscdevice zcrypt_misc_device = { 904 .minor = MISC_DYNAMIC_MINOR, 905 .name = "z90crypt", 906 .fops = &zcrypt_fops, 907 }; 908 909 /* 910 * Deprecated /proc entry support. 911 */ 912 static struct proc_dir_entry *zcrypt_entry; 913 914 static int sprintcl(unsigned char *outaddr, unsigned char *addr, 915 unsigned int len) 916 { 917 int hl, i; 918 919 hl = 0; 920 for (i = 0; i < len; i++) 921 hl += sprintf(outaddr+hl, "%01x", (unsigned int) addr[i]); 922 hl += sprintf(outaddr+hl, " "); 923 return hl; 924 } 925 926 static int sprintrw(unsigned char *outaddr, unsigned char *addr, 927 unsigned int len) 928 { 929 int hl, inl, c, cx; 930 931 hl = sprintf(outaddr, " "); 932 inl = 0; 933 for (c = 0; c < (len / 16); c++) { 934 hl += sprintcl(outaddr+hl, addr+inl, 16); 935 inl += 16; 936 } 937 cx = len%16; 938 if (cx) { 939 hl += sprintcl(outaddr+hl, addr+inl, cx); 940 inl += cx; 941 } 942 hl += sprintf(outaddr+hl, "\n"); 943 return hl; 944 } 945 946 static int sprinthx(unsigned char *title, unsigned char *outaddr, 947 unsigned char *addr, unsigned int len) 948 { 949 int hl, inl, r, rx; 950 951 hl = sprintf(outaddr, "\n%s\n", title); 952 inl = 0; 953 for (r = 0; r < (len / 64); r++) { 954 hl += sprintrw(outaddr+hl, addr+inl, 64); 955 inl += 64; 956 } 957 rx = len % 64; 958 if (rx) { 959 hl += sprintrw(outaddr+hl, addr+inl, rx); 960 inl += rx; 961 } 962 hl += sprintf(outaddr+hl, "\n"); 963 return hl; 964 } 965 966 static int sprinthx4(unsigned char *title, unsigned char *outaddr, 967 unsigned int *array, unsigned int len) 968 { 969 int hl, r; 970 971 hl = sprintf(outaddr, "\n%s\n", title); 972 for (r = 0; r < len; r++) { 973 if ((r % 8) == 0) 974 hl += sprintf(outaddr+hl, " "); 975 hl += sprintf(outaddr+hl, "%08X ", array[r]); 976 if ((r % 8) == 7) 977 hl += sprintf(outaddr+hl, "\n"); 978 } 979 hl += sprintf(outaddr+hl, "\n"); 980 return hl; 981 } 982 983 static int zcrypt_status_read(char *resp_buff, char **start, off_t offset, 984 int count, int *eof, void *data) 985 { 986 unsigned char *workarea; 987 int len; 988 989 len = 0; 990 991 /* resp_buff is a page. Use the right half for a work area */ 992 workarea = resp_buff + 2000; 993 len += sprintf(resp_buff + len, "\nzcrypt version: %d.%d.%d\n", 994 ZCRYPT_VERSION, ZCRYPT_RELEASE, ZCRYPT_VARIANT); 995 len += sprintf(resp_buff + len, "Cryptographic domain: %d\n", 996 ap_domain_index); 997 len += sprintf(resp_buff + len, "Total device count: %d\n", 998 zcrypt_device_count); 999 len += sprintf(resp_buff + len, "PCICA count: %d\n", 1000 zcrypt_count_type(ZCRYPT_PCICA)); 1001 len += sprintf(resp_buff + len, "PCICC count: %d\n", 1002 zcrypt_count_type(ZCRYPT_PCICC)); 1003 len += sprintf(resp_buff + len, "PCIXCC MCL2 count: %d\n", 1004 zcrypt_count_type(ZCRYPT_PCIXCC_MCL2)); 1005 len += sprintf(resp_buff + len, "PCIXCC MCL3 count: %d\n", 1006 zcrypt_count_type(ZCRYPT_PCIXCC_MCL3)); 1007 len += sprintf(resp_buff + len, "CEX2C count: %d\n", 1008 zcrypt_count_type(ZCRYPT_CEX2C)); 1009 len += sprintf(resp_buff + len, "CEX2A count: %d\n", 1010 zcrypt_count_type(ZCRYPT_CEX2A)); 1011 len += sprintf(resp_buff + len, "requestq count: %d\n", 1012 zcrypt_requestq_count()); 1013 len += sprintf(resp_buff + len, "pendingq count: %d\n", 1014 zcrypt_pendingq_count()); 1015 len += sprintf(resp_buff + len, "Total open handles: %d\n\n", 1016 atomic_read(&zcrypt_open_count)); 1017 zcrypt_status_mask(workarea); 1018 len += sprinthx("Online devices: 1=PCICA 2=PCICC 3=PCIXCC(MCL2) " 1019 "4=PCIXCC(MCL3) 5=CEX2C 6=CEX2A", 1020 resp_buff+len, workarea, AP_DEVICES); 1021 zcrypt_qdepth_mask(workarea); 1022 len += sprinthx("Waiting work element counts", 1023 resp_buff+len, workarea, AP_DEVICES); 1024 zcrypt_perdev_reqcnt((int *) workarea); 1025 len += sprinthx4("Per-device successfully completed request counts", 1026 resp_buff+len,(unsigned int *) workarea, AP_DEVICES); 1027 *eof = 1; 1028 memset((void *) workarea, 0x00, AP_DEVICES * sizeof(unsigned int)); 1029 return len; 1030 } 1031 1032 static void zcrypt_disable_card(int index) 1033 { 1034 struct zcrypt_device *zdev; 1035 1036 spin_lock_bh(&zcrypt_device_lock); 1037 list_for_each_entry(zdev, &zcrypt_device_list, list) 1038 if (AP_QID_DEVICE(zdev->ap_dev->qid) == index) { 1039 zdev->online = 0; 1040 ap_flush_queue(zdev->ap_dev); 1041 break; 1042 } 1043 spin_unlock_bh(&zcrypt_device_lock); 1044 } 1045 1046 static void zcrypt_enable_card(int index) 1047 { 1048 struct zcrypt_device *zdev; 1049 1050 spin_lock_bh(&zcrypt_device_lock); 1051 list_for_each_entry(zdev, &zcrypt_device_list, list) 1052 if (AP_QID_DEVICE(zdev->ap_dev->qid) == index) { 1053 zdev->online = 1; 1054 break; 1055 } 1056 spin_unlock_bh(&zcrypt_device_lock); 1057 } 1058 1059 static int zcrypt_status_write(struct file *file, const char __user *buffer, 1060 unsigned long count, void *data) 1061 { 1062 unsigned char *lbuf, *ptr; 1063 unsigned long local_count; 1064 int j; 1065 1066 if (count <= 0) 1067 return 0; 1068 1069 #define LBUFSIZE 1200UL 1070 lbuf = kmalloc(LBUFSIZE, GFP_KERNEL); 1071 if (!lbuf) { 1072 PRINTK("kmalloc failed!\n"); 1073 return 0; 1074 } 1075 1076 local_count = min(LBUFSIZE - 1, count); 1077 if (copy_from_user(lbuf, buffer, local_count) != 0) { 1078 kfree(lbuf); 1079 return -EFAULT; 1080 } 1081 lbuf[local_count] = '\0'; 1082 1083 ptr = strstr(lbuf, "Online devices"); 1084 if (!ptr) { 1085 PRINTK("Unable to parse data (missing \"Online devices\")\n"); 1086 goto out; 1087 } 1088 ptr = strstr(ptr, "\n"); 1089 if (!ptr) { 1090 PRINTK("Unable to parse data (missing newline " 1091 "after \"Online devices\")\n"); 1092 goto out; 1093 } 1094 ptr++; 1095 1096 if (strstr(ptr, "Waiting work element counts") == NULL) { 1097 PRINTK("Unable to parse data (missing " 1098 "\"Waiting work element counts\")\n"); 1099 goto out; 1100 } 1101 1102 for (j = 0; j < 64 && *ptr; ptr++) { 1103 /* 1104 * '0' for no device, '1' for PCICA, '2' for PCICC, 1105 * '3' for PCIXCC_MCL2, '4' for PCIXCC_MCL3, 1106 * '5' for CEX2C and '6' for CEX2A' 1107 */ 1108 if (*ptr >= '0' && *ptr <= '6') 1109 j++; 1110 else if (*ptr == 'd' || *ptr == 'D') 1111 zcrypt_disable_card(j++); 1112 else if (*ptr == 'e' || *ptr == 'E') 1113 zcrypt_enable_card(j++); 1114 else if (*ptr != ' ' && *ptr != '\t') 1115 break; 1116 } 1117 out: 1118 kfree(lbuf); 1119 return count; 1120 } 1121 1122 static int zcrypt_rng_device_count; 1123 static u32 *zcrypt_rng_buffer; 1124 static int zcrypt_rng_buffer_index; 1125 static DEFINE_MUTEX(zcrypt_rng_mutex); 1126 1127 static int zcrypt_rng_data_read(struct hwrng *rng, u32 *data) 1128 { 1129 int rc; 1130 1131 /* 1132 * We don't need locking here because the RNG API guarantees serialized 1133 * read method calls. 1134 */ 1135 if (zcrypt_rng_buffer_index == 0) { 1136 rc = zcrypt_rng((char *) zcrypt_rng_buffer); 1137 if (rc < 0) 1138 return -EIO; 1139 zcrypt_rng_buffer_index = rc / sizeof *data; 1140 } 1141 *data = zcrypt_rng_buffer[--zcrypt_rng_buffer_index]; 1142 return sizeof *data; 1143 } 1144 1145 static struct hwrng zcrypt_rng_dev = { 1146 .name = "zcrypt", 1147 .data_read = zcrypt_rng_data_read, 1148 }; 1149 1150 static int zcrypt_rng_device_add(void) 1151 { 1152 int rc = 0; 1153 1154 mutex_lock(&zcrypt_rng_mutex); 1155 if (zcrypt_rng_device_count == 0) { 1156 zcrypt_rng_buffer = (u32 *) get_zeroed_page(GFP_KERNEL); 1157 if (!zcrypt_rng_buffer) { 1158 rc = -ENOMEM; 1159 goto out; 1160 } 1161 zcrypt_rng_buffer_index = 0; 1162 rc = hwrng_register(&zcrypt_rng_dev); 1163 if (rc) 1164 goto out_free; 1165 zcrypt_rng_device_count = 1; 1166 } else 1167 zcrypt_rng_device_count++; 1168 mutex_unlock(&zcrypt_rng_mutex); 1169 return 0; 1170 1171 out_free: 1172 free_page((unsigned long) zcrypt_rng_buffer); 1173 out: 1174 mutex_unlock(&zcrypt_rng_mutex); 1175 return rc; 1176 } 1177 1178 static void zcrypt_rng_device_remove(void) 1179 { 1180 mutex_lock(&zcrypt_rng_mutex); 1181 zcrypt_rng_device_count--; 1182 if (zcrypt_rng_device_count == 0) { 1183 hwrng_unregister(&zcrypt_rng_dev); 1184 free_page((unsigned long) zcrypt_rng_buffer); 1185 } 1186 mutex_unlock(&zcrypt_rng_mutex); 1187 } 1188 1189 /** 1190 * zcrypt_api_init(): Module initialization. 1191 * 1192 * The module initialization code. 1193 */ 1194 int __init zcrypt_api_init(void) 1195 { 1196 int rc; 1197 1198 /* Register the request sprayer. */ 1199 rc = misc_register(&zcrypt_misc_device); 1200 if (rc < 0) { 1201 PRINTKW(KERN_ERR "misc_register (minor %d) failed with %d\n", 1202 zcrypt_misc_device.minor, rc); 1203 goto out; 1204 } 1205 1206 /* Set up the proc file system */ 1207 zcrypt_entry = create_proc_entry("driver/z90crypt", 0644, NULL); 1208 if (!zcrypt_entry) { 1209 PRINTK("Couldn't create z90crypt proc entry\n"); 1210 rc = -ENOMEM; 1211 goto out_misc; 1212 } 1213 zcrypt_entry->data = NULL; 1214 zcrypt_entry->read_proc = zcrypt_status_read; 1215 zcrypt_entry->write_proc = zcrypt_status_write; 1216 1217 return 0; 1218 1219 out_misc: 1220 misc_deregister(&zcrypt_misc_device); 1221 out: 1222 return rc; 1223 } 1224 1225 /** 1226 * zcrypt_api_exit(): Module termination. 1227 * 1228 * The module termination code. 1229 */ 1230 void zcrypt_api_exit(void) 1231 { 1232 remove_proc_entry("driver/z90crypt", NULL); 1233 misc_deregister(&zcrypt_misc_device); 1234 } 1235 1236 #ifndef CONFIG_ZCRYPT_MONOLITHIC 1237 module_init(zcrypt_api_init); 1238 module_exit(zcrypt_api_exit); 1239 #endif 1240