1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * Copyright IBM Corp. 2019 4 * Author(s): Harald Freudenberger <freude@linux.ibm.com> 5 * Ingo Franzki <ifranzki@linux.ibm.com> 6 * 7 * Collection of CCA misc functions used by zcrypt and pkey 8 */ 9 10 #define KMSG_COMPONENT "zcrypt" 11 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 12 13 #include <linux/init.h> 14 #include <linux/module.h> 15 #include <linux/slab.h> 16 #include <linux/random.h> 17 #include <asm/zcrypt.h> 18 #include <asm/pkey.h> 19 20 #include "ap_bus.h" 21 #include "zcrypt_api.h" 22 #include "zcrypt_debug.h" 23 #include "zcrypt_msgtype6.h" 24 #include "zcrypt_ccamisc.h" 25 26 #define DEBUG_DBG(...) ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__) 27 #define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__) 28 #define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__) 29 #define DEBUG_ERR(...) ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__) 30 31 /* Size of parameter block used for all cca requests/replies */ 32 #define PARMBSIZE 512 33 34 /* Size of vardata block used for some of the cca requests/replies */ 35 #define VARDATASIZE 4096 36 37 struct cca_info_list_entry { 38 struct list_head list; 39 u16 cardnr; 40 u16 domain; 41 struct cca_info info; 42 }; 43 44 /* a list with cca_info_list_entry entries */ 45 static LIST_HEAD(cca_info_list); 46 static DEFINE_SPINLOCK(cca_info_list_lock); 47 48 /* 49 * Simple check if the token is a valid CCA secure AES data key 50 * token. If keybitsize is given, the bitsize of the key is 51 * also checked. Returns 0 on success or errno value on failure. 52 */ 53 int cca_check_secaeskeytoken(debug_info_t *dbg, int dbflvl, 54 const u8 *token, int keybitsize) 55 { 56 struct secaeskeytoken *t = (struct secaeskeytoken *) token; 57 58 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__) 59 60 if (t->type != TOKTYPE_CCA_INTERNAL) { 61 if (dbg) 62 DBF("%s token check failed, type 0x%02x != 0x%02x\n", 63 __func__, (int) t->type, TOKTYPE_CCA_INTERNAL); 64 return -EINVAL; 65 } 66 if (t->version != TOKVER_CCA_AES) { 67 if (dbg) 68 DBF("%s token check failed, version 0x%02x != 0x%02x\n", 69 __func__, (int) t->version, TOKVER_CCA_AES); 70 return -EINVAL; 71 } 72 if (keybitsize > 0 && t->bitsize != keybitsize) { 73 if (dbg) 74 DBF("%s token check failed, bitsize %d != %d\n", 75 __func__, (int) t->bitsize, keybitsize); 76 return -EINVAL; 77 } 78 79 #undef DBF 80 81 return 0; 82 } 83 EXPORT_SYMBOL(cca_check_secaeskeytoken); 84 85 /* 86 * Simple check if the token is a valid CCA secure AES cipher key 87 * token. If keybitsize is given, the bitsize of the key is 88 * also checked. If checkcpacfexport is enabled, the key is also 89 * checked for the export flag to allow CPACF export. 90 * Returns 0 on success or errno value on failure. 91 */ 92 int cca_check_secaescipherkey(debug_info_t *dbg, int dbflvl, 93 const u8 *token, int keybitsize, 94 int checkcpacfexport) 95 { 96 struct cipherkeytoken *t = (struct cipherkeytoken *) token; 97 bool keybitsizeok = true; 98 99 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__) 100 101 if (t->type != TOKTYPE_CCA_INTERNAL) { 102 if (dbg) 103 DBF("%s token check failed, type 0x%02x != 0x%02x\n", 104 __func__, (int) t->type, TOKTYPE_CCA_INTERNAL); 105 return -EINVAL; 106 } 107 if (t->version != TOKVER_CCA_VLSC) { 108 if (dbg) 109 DBF("%s token check failed, version 0x%02x != 0x%02x\n", 110 __func__, (int) t->version, TOKVER_CCA_VLSC); 111 return -EINVAL; 112 } 113 if (t->algtype != 0x02) { 114 if (dbg) 115 DBF("%s token check failed, algtype 0x%02x != 0x02\n", 116 __func__, (int) t->algtype); 117 return -EINVAL; 118 } 119 if (t->keytype != 0x0001) { 120 if (dbg) 121 DBF("%s token check failed, keytype 0x%04x != 0x0001\n", 122 __func__, (int) t->keytype); 123 return -EINVAL; 124 } 125 if (t->plfver != 0x00 && t->plfver != 0x01) { 126 if (dbg) 127 DBF("%s token check failed, unknown plfver 0x%02x\n", 128 __func__, (int) t->plfver); 129 return -EINVAL; 130 } 131 if (t->wpllen != 512 && t->wpllen != 576 && t->wpllen != 640) { 132 if (dbg) 133 DBF("%s token check failed, unknown wpllen %d\n", 134 __func__, (int) t->wpllen); 135 return -EINVAL; 136 } 137 if (keybitsize > 0) { 138 switch (keybitsize) { 139 case 128: 140 if (t->wpllen != (t->plfver ? 640 : 512)) 141 keybitsizeok = false; 142 break; 143 case 192: 144 if (t->wpllen != (t->plfver ? 640 : 576)) 145 keybitsizeok = false; 146 break; 147 case 256: 148 if (t->wpllen != 640) 149 keybitsizeok = false; 150 break; 151 default: 152 keybitsizeok = false; 153 break; 154 } 155 if (!keybitsizeok) { 156 if (dbg) 157 DBF("%s token check failed, bitsize %d\n", 158 __func__, keybitsize); 159 return -EINVAL; 160 } 161 } 162 if (checkcpacfexport && !(t->kmf1 & KMF1_XPRT_CPAC)) { 163 if (dbg) 164 DBF("%s token check failed, XPRT_CPAC bit is 0\n", 165 __func__); 166 return -EINVAL; 167 } 168 169 #undef DBF 170 171 return 0; 172 } 173 EXPORT_SYMBOL(cca_check_secaescipherkey); 174 175 /* 176 * Allocate consecutive memory for request CPRB, request param 177 * block, reply CPRB and reply param block and fill in values 178 * for the common fields. Returns 0 on success or errno value 179 * on failure. 180 */ 181 static int alloc_and_prep_cprbmem(size_t paramblen, 182 u8 **pcprbmem, 183 struct CPRBX **preqCPRB, 184 struct CPRBX **prepCPRB) 185 { 186 u8 *cprbmem; 187 size_t cprbplusparamblen = sizeof(struct CPRBX) + paramblen; 188 struct CPRBX *preqcblk, *prepcblk; 189 190 /* 191 * allocate consecutive memory for request CPRB, request param 192 * block, reply CPRB and reply param block 193 */ 194 cprbmem = kcalloc(2, cprbplusparamblen, GFP_KERNEL); 195 if (!cprbmem) 196 return -ENOMEM; 197 198 preqcblk = (struct CPRBX *) cprbmem; 199 prepcblk = (struct CPRBX *) (cprbmem + cprbplusparamblen); 200 201 /* fill request cprb struct */ 202 preqcblk->cprb_len = sizeof(struct CPRBX); 203 preqcblk->cprb_ver_id = 0x02; 204 memcpy(preqcblk->func_id, "T2", 2); 205 preqcblk->rpl_msgbl = cprbplusparamblen; 206 if (paramblen) { 207 preqcblk->req_parmb = 208 ((u8 __user *) preqcblk) + sizeof(struct CPRBX); 209 preqcblk->rpl_parmb = 210 ((u8 __user *) prepcblk) + sizeof(struct CPRBX); 211 } 212 213 *pcprbmem = cprbmem; 214 *preqCPRB = preqcblk; 215 *prepCPRB = prepcblk; 216 217 return 0; 218 } 219 220 /* 221 * Free the cprb memory allocated with the function above. 222 * If the scrub value is not zero, the memory is filled 223 * with zeros before freeing (useful if there was some 224 * clear key material in there). 225 */ 226 static void free_cprbmem(void *mem, size_t paramblen, int scrub) 227 { 228 if (scrub) 229 memzero_explicit(mem, 2 * (sizeof(struct CPRBX) + paramblen)); 230 kfree(mem); 231 } 232 233 /* 234 * Helper function to prepare the xcrb struct 235 */ 236 static inline void prep_xcrb(struct ica_xcRB *pxcrb, 237 u16 cardnr, 238 struct CPRBX *preqcblk, 239 struct CPRBX *prepcblk) 240 { 241 memset(pxcrb, 0, sizeof(*pxcrb)); 242 pxcrb->agent_ID = 0x4341; /* 'CA' */ 243 pxcrb->user_defined = (cardnr == 0xFFFF ? AUTOSELECT : cardnr); 244 pxcrb->request_control_blk_length = 245 preqcblk->cprb_len + preqcblk->req_parml; 246 pxcrb->request_control_blk_addr = (void __user *) preqcblk; 247 pxcrb->reply_control_blk_length = preqcblk->rpl_msgbl; 248 pxcrb->reply_control_blk_addr = (void __user *) prepcblk; 249 } 250 251 /* 252 * Helper function which calls zcrypt_send_cprb with 253 * memory management segment adjusted to kernel space 254 * so that the copy_from_user called within this 255 * function do in fact copy from kernel space. 256 */ 257 static inline int _zcrypt_send_cprb(struct ica_xcRB *xcrb) 258 { 259 int rc; 260 mm_segment_t old_fs = get_fs(); 261 262 set_fs(KERNEL_DS); 263 rc = zcrypt_send_cprb(xcrb); 264 set_fs(old_fs); 265 266 return rc; 267 } 268 269 /* 270 * Generate (random) CCA AES DATA secure key. 271 */ 272 int cca_genseckey(u16 cardnr, u16 domain, 273 u32 keybitsize, u8 seckey[SECKEYBLOBSIZE]) 274 { 275 int i, rc, keysize; 276 int seckeysize; 277 u8 *mem, *ptr; 278 struct CPRBX *preqcblk, *prepcblk; 279 struct ica_xcRB xcrb; 280 struct kgreqparm { 281 u8 subfunc_code[2]; 282 u16 rule_array_len; 283 struct lv1 { 284 u16 len; 285 char key_form[8]; 286 char key_length[8]; 287 char key_type1[8]; 288 char key_type2[8]; 289 } lv1; 290 struct lv2 { 291 u16 len; 292 struct keyid { 293 u16 len; 294 u16 attr; 295 u8 data[SECKEYBLOBSIZE]; 296 } keyid[6]; 297 } lv2; 298 } __packed * preqparm; 299 struct kgrepparm { 300 u8 subfunc_code[2]; 301 u16 rule_array_len; 302 struct lv3 { 303 u16 len; 304 u16 keyblocklen; 305 struct { 306 u16 toklen; 307 u16 tokattr; 308 u8 tok[0]; 309 /* ... some more data ... */ 310 } keyblock; 311 } lv3; 312 } __packed * prepparm; 313 314 /* get already prepared memory for 2 cprbs with param block each */ 315 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 316 if (rc) 317 return rc; 318 319 /* fill request cprb struct */ 320 preqcblk->domain = domain; 321 322 /* fill request cprb param block with KG request */ 323 preqparm = (struct kgreqparm __force *) preqcblk->req_parmb; 324 memcpy(preqparm->subfunc_code, "KG", 2); 325 preqparm->rule_array_len = sizeof(preqparm->rule_array_len); 326 preqparm->lv1.len = sizeof(struct lv1); 327 memcpy(preqparm->lv1.key_form, "OP ", 8); 328 switch (keybitsize) { 329 case PKEY_SIZE_AES_128: 330 case PKEY_KEYTYPE_AES_128: /* older ioctls used this */ 331 keysize = 16; 332 memcpy(preqparm->lv1.key_length, "KEYLN16 ", 8); 333 break; 334 case PKEY_SIZE_AES_192: 335 case PKEY_KEYTYPE_AES_192: /* older ioctls used this */ 336 keysize = 24; 337 memcpy(preqparm->lv1.key_length, "KEYLN24 ", 8); 338 break; 339 case PKEY_SIZE_AES_256: 340 case PKEY_KEYTYPE_AES_256: /* older ioctls used this */ 341 keysize = 32; 342 memcpy(preqparm->lv1.key_length, "KEYLN32 ", 8); 343 break; 344 default: 345 DEBUG_ERR("%s unknown/unsupported keybitsize %d\n", 346 __func__, keybitsize); 347 rc = -EINVAL; 348 goto out; 349 } 350 memcpy(preqparm->lv1.key_type1, "AESDATA ", 8); 351 preqparm->lv2.len = sizeof(struct lv2); 352 for (i = 0; i < 6; i++) { 353 preqparm->lv2.keyid[i].len = sizeof(struct keyid); 354 preqparm->lv2.keyid[i].attr = (i == 2 ? 0x30 : 0x10); 355 } 356 preqcblk->req_parml = sizeof(struct kgreqparm); 357 358 /* fill xcrb struct */ 359 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 360 361 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 362 rc = _zcrypt_send_cprb(&xcrb); 363 if (rc) { 364 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, errno %d\n", 365 __func__, (int) cardnr, (int) domain, rc); 366 goto out; 367 } 368 369 /* check response returncode and reasoncode */ 370 if (prepcblk->ccp_rtcode != 0) { 371 DEBUG_ERR("%s secure key generate failure, card response %d/%d\n", 372 __func__, 373 (int) prepcblk->ccp_rtcode, 374 (int) prepcblk->ccp_rscode); 375 rc = -EIO; 376 goto out; 377 } 378 379 /* process response cprb param block */ 380 ptr = ((u8 *) prepcblk) + sizeof(struct CPRBX); 381 prepcblk->rpl_parmb = (u8 __user *) ptr; 382 prepparm = (struct kgrepparm *) ptr; 383 384 /* check length of the returned secure key token */ 385 seckeysize = prepparm->lv3.keyblock.toklen 386 - sizeof(prepparm->lv3.keyblock.toklen) 387 - sizeof(prepparm->lv3.keyblock.tokattr); 388 if (seckeysize != SECKEYBLOBSIZE) { 389 DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n", 390 __func__, seckeysize, SECKEYBLOBSIZE); 391 rc = -EIO; 392 goto out; 393 } 394 395 /* check secure key token */ 396 rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR, 397 prepparm->lv3.keyblock.tok, 8*keysize); 398 if (rc) { 399 rc = -EIO; 400 goto out; 401 } 402 403 /* copy the generated secure key token */ 404 memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE); 405 406 out: 407 free_cprbmem(mem, PARMBSIZE, 0); 408 return rc; 409 } 410 EXPORT_SYMBOL(cca_genseckey); 411 412 /* 413 * Generate an CCA AES DATA secure key with given key value. 414 */ 415 int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize, 416 const u8 *clrkey, u8 seckey[SECKEYBLOBSIZE]) 417 { 418 int rc, keysize, seckeysize; 419 u8 *mem, *ptr; 420 struct CPRBX *preqcblk, *prepcblk; 421 struct ica_xcRB xcrb; 422 struct cmreqparm { 423 u8 subfunc_code[2]; 424 u16 rule_array_len; 425 char rule_array[8]; 426 struct lv1 { 427 u16 len; 428 u8 clrkey[0]; 429 } lv1; 430 struct lv2 { 431 u16 len; 432 struct keyid { 433 u16 len; 434 u16 attr; 435 u8 data[SECKEYBLOBSIZE]; 436 } keyid; 437 } lv2; 438 } __packed * preqparm; 439 struct lv2 *plv2; 440 struct cmrepparm { 441 u8 subfunc_code[2]; 442 u16 rule_array_len; 443 struct lv3 { 444 u16 len; 445 u16 keyblocklen; 446 struct { 447 u16 toklen; 448 u16 tokattr; 449 u8 tok[0]; 450 /* ... some more data ... */ 451 } keyblock; 452 } lv3; 453 } __packed * prepparm; 454 455 /* get already prepared memory for 2 cprbs with param block each */ 456 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 457 if (rc) 458 return rc; 459 460 /* fill request cprb struct */ 461 preqcblk->domain = domain; 462 463 /* fill request cprb param block with CM request */ 464 preqparm = (struct cmreqparm __force *) preqcblk->req_parmb; 465 memcpy(preqparm->subfunc_code, "CM", 2); 466 memcpy(preqparm->rule_array, "AES ", 8); 467 preqparm->rule_array_len = 468 sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array); 469 switch (keybitsize) { 470 case PKEY_SIZE_AES_128: 471 case PKEY_KEYTYPE_AES_128: /* older ioctls used this */ 472 keysize = 16; 473 break; 474 case PKEY_SIZE_AES_192: 475 case PKEY_KEYTYPE_AES_192: /* older ioctls used this */ 476 keysize = 24; 477 break; 478 case PKEY_SIZE_AES_256: 479 case PKEY_KEYTYPE_AES_256: /* older ioctls used this */ 480 keysize = 32; 481 break; 482 default: 483 DEBUG_ERR("%s unknown/unsupported keybitsize %d\n", 484 __func__, keybitsize); 485 rc = -EINVAL; 486 goto out; 487 } 488 preqparm->lv1.len = sizeof(struct lv1) + keysize; 489 memcpy(preqparm->lv1.clrkey, clrkey, keysize); 490 plv2 = (struct lv2 *) (((u8 *) &preqparm->lv2) + keysize); 491 plv2->len = sizeof(struct lv2); 492 plv2->keyid.len = sizeof(struct keyid); 493 plv2->keyid.attr = 0x30; 494 preqcblk->req_parml = sizeof(struct cmreqparm) + keysize; 495 496 /* fill xcrb struct */ 497 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 498 499 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 500 rc = _zcrypt_send_cprb(&xcrb); 501 if (rc) { 502 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 503 __func__, (int) cardnr, (int) domain, rc); 504 goto out; 505 } 506 507 /* check response returncode and reasoncode */ 508 if (prepcblk->ccp_rtcode != 0) { 509 DEBUG_ERR("%s clear key import failure, card response %d/%d\n", 510 __func__, 511 (int) prepcblk->ccp_rtcode, 512 (int) prepcblk->ccp_rscode); 513 rc = -EIO; 514 goto out; 515 } 516 517 /* process response cprb param block */ 518 ptr = ((u8 *) prepcblk) + sizeof(struct CPRBX); 519 prepcblk->rpl_parmb = (u8 __user *) ptr; 520 prepparm = (struct cmrepparm *) ptr; 521 522 /* check length of the returned secure key token */ 523 seckeysize = prepparm->lv3.keyblock.toklen 524 - sizeof(prepparm->lv3.keyblock.toklen) 525 - sizeof(prepparm->lv3.keyblock.tokattr); 526 if (seckeysize != SECKEYBLOBSIZE) { 527 DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n", 528 __func__, seckeysize, SECKEYBLOBSIZE); 529 rc = -EIO; 530 goto out; 531 } 532 533 /* check secure key token */ 534 rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR, 535 prepparm->lv3.keyblock.tok, 8*keysize); 536 if (rc) { 537 rc = -EIO; 538 goto out; 539 } 540 541 /* copy the generated secure key token */ 542 if (seckey) 543 memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE); 544 545 out: 546 free_cprbmem(mem, PARMBSIZE, 1); 547 return rc; 548 } 549 EXPORT_SYMBOL(cca_clr2seckey); 550 551 /* 552 * Derive proteced key from an CCA AES DATA secure key. 553 */ 554 int cca_sec2protkey(u16 cardnr, u16 domain, 555 const u8 seckey[SECKEYBLOBSIZE], 556 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 557 { 558 int rc; 559 u8 *mem, *ptr; 560 struct CPRBX *preqcblk, *prepcblk; 561 struct ica_xcRB xcrb; 562 struct uskreqparm { 563 u8 subfunc_code[2]; 564 u16 rule_array_len; 565 struct lv1 { 566 u16 len; 567 u16 attr_len; 568 u16 attr_flags; 569 } lv1; 570 struct lv2 { 571 u16 len; 572 u16 attr_len; 573 u16 attr_flags; 574 u8 token[0]; /* cca secure key token */ 575 } lv2; 576 } __packed * preqparm; 577 struct uskrepparm { 578 u8 subfunc_code[2]; 579 u16 rule_array_len; 580 struct lv3 { 581 u16 len; 582 u16 attr_len; 583 u16 attr_flags; 584 struct cpacfkeyblock { 585 u8 version; /* version of this struct */ 586 u8 flags[2]; 587 u8 algo; 588 u8 form; 589 u8 pad1[3]; 590 u16 len; 591 u8 key[64]; /* the key (len bytes) */ 592 u16 keyattrlen; 593 u8 keyattr[32]; 594 u8 pad2[1]; 595 u8 vptype; 596 u8 vp[32]; /* verification pattern */ 597 } ckb; 598 } lv3; 599 } __packed * prepparm; 600 601 /* get already prepared memory for 2 cprbs with param block each */ 602 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 603 if (rc) 604 return rc; 605 606 /* fill request cprb struct */ 607 preqcblk->domain = domain; 608 609 /* fill request cprb param block with USK request */ 610 preqparm = (struct uskreqparm __force *) preqcblk->req_parmb; 611 memcpy(preqparm->subfunc_code, "US", 2); 612 preqparm->rule_array_len = sizeof(preqparm->rule_array_len); 613 preqparm->lv1.len = sizeof(struct lv1); 614 preqparm->lv1.attr_len = sizeof(struct lv1) - sizeof(preqparm->lv1.len); 615 preqparm->lv1.attr_flags = 0x0001; 616 preqparm->lv2.len = sizeof(struct lv2) + SECKEYBLOBSIZE; 617 preqparm->lv2.attr_len = sizeof(struct lv2) 618 - sizeof(preqparm->lv2.len) + SECKEYBLOBSIZE; 619 preqparm->lv2.attr_flags = 0x0000; 620 memcpy(preqparm->lv2.token, seckey, SECKEYBLOBSIZE); 621 preqcblk->req_parml = sizeof(struct uskreqparm) + SECKEYBLOBSIZE; 622 623 /* fill xcrb struct */ 624 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 625 626 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 627 rc = _zcrypt_send_cprb(&xcrb); 628 if (rc) { 629 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 630 __func__, (int) cardnr, (int) domain, rc); 631 goto out; 632 } 633 634 /* check response returncode and reasoncode */ 635 if (prepcblk->ccp_rtcode != 0) { 636 DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n", 637 __func__, 638 (int) prepcblk->ccp_rtcode, 639 (int) prepcblk->ccp_rscode); 640 rc = -EIO; 641 goto out; 642 } 643 if (prepcblk->ccp_rscode != 0) { 644 DEBUG_WARN("%s unwrap secure key warning, card response %d/%d\n", 645 __func__, 646 (int) prepcblk->ccp_rtcode, 647 (int) prepcblk->ccp_rscode); 648 } 649 650 /* process response cprb param block */ 651 ptr = ((u8 *) prepcblk) + sizeof(struct CPRBX); 652 prepcblk->rpl_parmb = (u8 __user *) ptr; 653 prepparm = (struct uskrepparm *) ptr; 654 655 /* check the returned keyblock */ 656 if (prepparm->lv3.ckb.version != 0x01 && 657 prepparm->lv3.ckb.version != 0x02) { 658 DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n", 659 __func__, (int) prepparm->lv3.ckb.version); 660 rc = -EIO; 661 goto out; 662 } 663 664 /* copy the tanslated protected key */ 665 switch (prepparm->lv3.ckb.len) { 666 case 16+32: 667 /* AES 128 protected key */ 668 if (protkeytype) 669 *protkeytype = PKEY_KEYTYPE_AES_128; 670 break; 671 case 24+32: 672 /* AES 192 protected key */ 673 if (protkeytype) 674 *protkeytype = PKEY_KEYTYPE_AES_192; 675 break; 676 case 32+32: 677 /* AES 256 protected key */ 678 if (protkeytype) 679 *protkeytype = PKEY_KEYTYPE_AES_256; 680 break; 681 default: 682 DEBUG_ERR("%s unknown/unsupported keylen %d\n", 683 __func__, prepparm->lv3.ckb.len); 684 rc = -EIO; 685 goto out; 686 } 687 memcpy(protkey, prepparm->lv3.ckb.key, prepparm->lv3.ckb.len); 688 if (protkeylen) 689 *protkeylen = prepparm->lv3.ckb.len; 690 691 out: 692 free_cprbmem(mem, PARMBSIZE, 0); 693 return rc; 694 } 695 EXPORT_SYMBOL(cca_sec2protkey); 696 697 /* 698 * AES cipher key skeleton created with CSNBKTB2 with these flags: 699 * INTERNAL, NO-KEY, AES, CIPHER, ANY-MODE, NOEX-SYM, NOEXAASY, 700 * NOEXUASY, XPRTCPAC, NOEX-RAW, NOEX-DES, NOEX-AES, NOEX-RSA 701 * used by cca_gencipherkey() and cca_clr2cipherkey(). 702 */ 703 static const u8 aes_cipher_key_skeleton[] = { 704 0x01, 0x00, 0x00, 0x38, 0x05, 0x00, 0x00, 0x00, 705 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 706 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 707 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 708 0x00, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 709 0x00, 0x02, 0x00, 0x01, 0x02, 0xc0, 0x00, 0xff, 710 0x00, 0x03, 0x08, 0xc8, 0x00, 0x00, 0x00, 0x00 }; 711 #define SIZEOF_SKELETON (sizeof(aes_cipher_key_skeleton)) 712 713 /* 714 * Generate (random) CCA AES CIPHER secure key. 715 */ 716 int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, 717 u8 *keybuf, size_t *keybufsize) 718 { 719 int rc; 720 u8 *mem, *ptr; 721 struct CPRBX *preqcblk, *prepcblk; 722 struct ica_xcRB xcrb; 723 struct gkreqparm { 724 u8 subfunc_code[2]; 725 u16 rule_array_len; 726 char rule_array[2*8]; 727 struct { 728 u16 len; 729 u8 key_type_1[8]; 730 u8 key_type_2[8]; 731 u16 clear_key_bit_len; 732 u16 key_name_1_len; 733 u16 key_name_2_len; 734 u16 user_data_1_len; 735 u16 user_data_2_len; 736 u8 key_name_1[0]; 737 u8 key_name_2[0]; 738 u8 user_data_1[0]; 739 u8 user_data_2[0]; 740 } vud; 741 struct { 742 u16 len; 743 struct { 744 u16 len; 745 u16 flag; 746 u8 kek_id_1[0]; 747 } tlv1; 748 struct { 749 u16 len; 750 u16 flag; 751 u8 kek_id_2[0]; 752 } tlv2; 753 struct { 754 u16 len; 755 u16 flag; 756 u8 gen_key_id_1[SIZEOF_SKELETON]; 757 } tlv3; 758 struct { 759 u16 len; 760 u16 flag; 761 u8 gen_key_id_1_label[0]; 762 } tlv4; 763 struct { 764 u16 len; 765 u16 flag; 766 u8 gen_key_id_2[0]; 767 } tlv5; 768 struct { 769 u16 len; 770 u16 flag; 771 u8 gen_key_id_2_label[0]; 772 } tlv6; 773 } kb; 774 } __packed * preqparm; 775 struct gkrepparm { 776 u8 subfunc_code[2]; 777 u16 rule_array_len; 778 struct { 779 u16 len; 780 } vud; 781 struct { 782 u16 len; 783 struct { 784 u16 len; 785 u16 flag; 786 u8 gen_key[0]; /* 120-136 bytes */ 787 } tlv1; 788 } kb; 789 } __packed * prepparm; 790 struct cipherkeytoken *t; 791 792 /* get already prepared memory for 2 cprbs with param block each */ 793 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 794 if (rc) 795 return rc; 796 797 /* fill request cprb struct */ 798 preqcblk->domain = domain; 799 preqcblk->req_parml = sizeof(struct gkreqparm); 800 801 /* prepare request param block with GK request */ 802 preqparm = (struct gkreqparm __force *) preqcblk->req_parmb; 803 memcpy(preqparm->subfunc_code, "GK", 2); 804 preqparm->rule_array_len = sizeof(uint16_t) + 2 * 8; 805 memcpy(preqparm->rule_array, "AES OP ", 2*8); 806 807 /* prepare vud block */ 808 preqparm->vud.len = sizeof(preqparm->vud); 809 switch (keybitsize) { 810 case 128: 811 case 192: 812 case 256: 813 break; 814 default: 815 DEBUG_ERR( 816 "%s unknown/unsupported keybitsize %d\n", 817 __func__, keybitsize); 818 rc = -EINVAL; 819 goto out; 820 } 821 preqparm->vud.clear_key_bit_len = keybitsize; 822 memcpy(preqparm->vud.key_type_1, "TOKEN ", 8); 823 memset(preqparm->vud.key_type_2, ' ', sizeof(preqparm->vud.key_type_2)); 824 825 /* prepare kb block */ 826 preqparm->kb.len = sizeof(preqparm->kb); 827 preqparm->kb.tlv1.len = sizeof(preqparm->kb.tlv1); 828 preqparm->kb.tlv1.flag = 0x0030; 829 preqparm->kb.tlv2.len = sizeof(preqparm->kb.tlv2); 830 preqparm->kb.tlv2.flag = 0x0030; 831 preqparm->kb.tlv3.len = sizeof(preqparm->kb.tlv3); 832 preqparm->kb.tlv3.flag = 0x0030; 833 memcpy(preqparm->kb.tlv3.gen_key_id_1, 834 aes_cipher_key_skeleton, SIZEOF_SKELETON); 835 preqparm->kb.tlv4.len = sizeof(preqparm->kb.tlv4); 836 preqparm->kb.tlv4.flag = 0x0030; 837 preqparm->kb.tlv5.len = sizeof(preqparm->kb.tlv5); 838 preqparm->kb.tlv5.flag = 0x0030; 839 preqparm->kb.tlv6.len = sizeof(preqparm->kb.tlv6); 840 preqparm->kb.tlv6.flag = 0x0030; 841 842 /* patch the skeleton key token export flags inside the kb block */ 843 if (keygenflags) { 844 t = (struct cipherkeytoken *) preqparm->kb.tlv3.gen_key_id_1; 845 t->kmf1 |= (u16) (keygenflags & 0x0000FF00); 846 t->kmf1 &= (u16) ~(keygenflags & 0x000000FF); 847 } 848 849 /* prepare xcrb struct */ 850 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 851 852 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 853 rc = _zcrypt_send_cprb(&xcrb); 854 if (rc) { 855 DEBUG_ERR( 856 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 857 __func__, (int) cardnr, (int) domain, rc); 858 goto out; 859 } 860 861 /* check response returncode and reasoncode */ 862 if (prepcblk->ccp_rtcode != 0) { 863 DEBUG_ERR( 864 "%s cipher key generate failure, card response %d/%d\n", 865 __func__, 866 (int) prepcblk->ccp_rtcode, 867 (int) prepcblk->ccp_rscode); 868 rc = -EIO; 869 goto out; 870 } 871 872 /* process response cprb param block */ 873 ptr = ((u8 *) prepcblk) + sizeof(struct CPRBX); 874 prepcblk->rpl_parmb = (u8 __user *) ptr; 875 prepparm = (struct gkrepparm *) ptr; 876 877 /* do some plausibility checks on the key block */ 878 if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) || 879 prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) { 880 DEBUG_ERR("%s reply with invalid or unknown key block\n", 881 __func__); 882 rc = -EIO; 883 goto out; 884 } 885 886 /* and some checks on the generated key */ 887 rc = cca_check_secaescipherkey(zcrypt_dbf_info, DBF_ERR, 888 prepparm->kb.tlv1.gen_key, 889 keybitsize, 1); 890 if (rc) { 891 rc = -EIO; 892 goto out; 893 } 894 895 /* copy the generated vlsc key token */ 896 t = (struct cipherkeytoken *) prepparm->kb.tlv1.gen_key; 897 if (keybuf) { 898 if (*keybufsize >= t->len) 899 memcpy(keybuf, t, t->len); 900 else 901 rc = -EINVAL; 902 } 903 *keybufsize = t->len; 904 905 out: 906 free_cprbmem(mem, PARMBSIZE, 0); 907 return rc; 908 } 909 EXPORT_SYMBOL(cca_gencipherkey); 910 911 /* 912 * Helper function, does a the CSNBKPI2 CPRB. 913 */ 914 static int _ip_cprb_helper(u16 cardnr, u16 domain, 915 const char *rule_array_1, 916 const char *rule_array_2, 917 const char *rule_array_3, 918 const u8 *clr_key_value, 919 int clr_key_bit_size, 920 u8 *key_token, 921 int *key_token_size) 922 { 923 int rc, n; 924 u8 *mem, *ptr; 925 struct CPRBX *preqcblk, *prepcblk; 926 struct ica_xcRB xcrb; 927 struct rule_array_block { 928 u8 subfunc_code[2]; 929 u16 rule_array_len; 930 char rule_array[0]; 931 } __packed * preq_ra_block; 932 struct vud_block { 933 u16 len; 934 struct { 935 u16 len; 936 u16 flag; /* 0x0064 */ 937 u16 clr_key_bit_len; 938 } tlv1; 939 struct { 940 u16 len; 941 u16 flag; /* 0x0063 */ 942 u8 clr_key[0]; /* clear key value bytes */ 943 } tlv2; 944 } __packed * preq_vud_block; 945 struct key_block { 946 u16 len; 947 struct { 948 u16 len; 949 u16 flag; /* 0x0030 */ 950 u8 key_token[0]; /* key skeleton */ 951 } tlv1; 952 } __packed * preq_key_block; 953 struct iprepparm { 954 u8 subfunc_code[2]; 955 u16 rule_array_len; 956 struct { 957 u16 len; 958 } vud; 959 struct { 960 u16 len; 961 struct { 962 u16 len; 963 u16 flag; /* 0x0030 */ 964 u8 key_token[0]; /* key token */ 965 } tlv1; 966 } kb; 967 } __packed * prepparm; 968 struct cipherkeytoken *t; 969 int complete = strncmp(rule_array_2, "COMPLETE", 8) ? 0 : 1; 970 971 /* get already prepared memory for 2 cprbs with param block each */ 972 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 973 if (rc) 974 return rc; 975 976 /* fill request cprb struct */ 977 preqcblk->domain = domain; 978 preqcblk->req_parml = 0; 979 980 /* prepare request param block with IP request */ 981 preq_ra_block = (struct rule_array_block __force *) preqcblk->req_parmb; 982 memcpy(preq_ra_block->subfunc_code, "IP", 2); 983 preq_ra_block->rule_array_len = sizeof(uint16_t) + 2 * 8; 984 memcpy(preq_ra_block->rule_array, rule_array_1, 8); 985 memcpy(preq_ra_block->rule_array + 8, rule_array_2, 8); 986 preqcblk->req_parml = sizeof(struct rule_array_block) + 2 * 8; 987 if (rule_array_3) { 988 preq_ra_block->rule_array_len += 8; 989 memcpy(preq_ra_block->rule_array + 16, rule_array_3, 8); 990 preqcblk->req_parml += 8; 991 } 992 993 /* prepare vud block */ 994 preq_vud_block = (struct vud_block __force *) 995 (preqcblk->req_parmb + preqcblk->req_parml); 996 n = complete ? 0 : (clr_key_bit_size + 7) / 8; 997 preq_vud_block->len = sizeof(struct vud_block) + n; 998 preq_vud_block->tlv1.len = sizeof(preq_vud_block->tlv1); 999 preq_vud_block->tlv1.flag = 0x0064; 1000 preq_vud_block->tlv1.clr_key_bit_len = complete ? 0 : clr_key_bit_size; 1001 preq_vud_block->tlv2.len = sizeof(preq_vud_block->tlv2) + n; 1002 preq_vud_block->tlv2.flag = 0x0063; 1003 if (!complete) 1004 memcpy(preq_vud_block->tlv2.clr_key, clr_key_value, n); 1005 preqcblk->req_parml += preq_vud_block->len; 1006 1007 /* prepare key block */ 1008 preq_key_block = (struct key_block __force *) 1009 (preqcblk->req_parmb + preqcblk->req_parml); 1010 n = *key_token_size; 1011 preq_key_block->len = sizeof(struct key_block) + n; 1012 preq_key_block->tlv1.len = sizeof(preq_key_block->tlv1) + n; 1013 preq_key_block->tlv1.flag = 0x0030; 1014 memcpy(preq_key_block->tlv1.key_token, key_token, *key_token_size); 1015 preqcblk->req_parml += preq_key_block->len; 1016 1017 /* prepare xcrb struct */ 1018 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 1019 1020 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 1021 rc = _zcrypt_send_cprb(&xcrb); 1022 if (rc) { 1023 DEBUG_ERR( 1024 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 1025 __func__, (int) cardnr, (int) domain, rc); 1026 goto out; 1027 } 1028 1029 /* check response returncode and reasoncode */ 1030 if (prepcblk->ccp_rtcode != 0) { 1031 DEBUG_ERR( 1032 "%s CSNBKPI2 failure, card response %d/%d\n", 1033 __func__, 1034 (int) prepcblk->ccp_rtcode, 1035 (int) prepcblk->ccp_rscode); 1036 rc = -EIO; 1037 goto out; 1038 } 1039 1040 /* process response cprb param block */ 1041 ptr = ((u8 *) prepcblk) + sizeof(struct CPRBX); 1042 prepcblk->rpl_parmb = (u8 __user *) ptr; 1043 prepparm = (struct iprepparm *) ptr; 1044 1045 /* do some plausibility checks on the key block */ 1046 if (prepparm->kb.len < 120 + 3 * sizeof(uint16_t) || 1047 prepparm->kb.len > 136 + 3 * sizeof(uint16_t)) { 1048 DEBUG_ERR("%s reply with invalid or unknown key block\n", 1049 __func__); 1050 rc = -EIO; 1051 goto out; 1052 } 1053 1054 /* do not check the key here, it may be incomplete */ 1055 1056 /* copy the vlsc key token back */ 1057 t = (struct cipherkeytoken *) prepparm->kb.tlv1.key_token; 1058 memcpy(key_token, t, t->len); 1059 *key_token_size = t->len; 1060 1061 out: 1062 free_cprbmem(mem, PARMBSIZE, 0); 1063 return rc; 1064 } 1065 1066 /* 1067 * Build CCA AES CIPHER secure key with a given clear key value. 1068 */ 1069 int cca_clr2cipherkey(u16 card, u16 dom, u32 keybitsize, u32 keygenflags, 1070 const u8 *clrkey, u8 *keybuf, size_t *keybufsize) 1071 { 1072 int rc; 1073 u8 *token; 1074 int tokensize; 1075 u8 exorbuf[32]; 1076 struct cipherkeytoken *t; 1077 1078 /* fill exorbuf with random data */ 1079 get_random_bytes(exorbuf, sizeof(exorbuf)); 1080 1081 /* allocate space for the key token to build */ 1082 token = kmalloc(MAXCCAVLSCTOKENSIZE, GFP_KERNEL); 1083 if (!token) 1084 return -ENOMEM; 1085 1086 /* prepare the token with the key skeleton */ 1087 tokensize = SIZEOF_SKELETON; 1088 memcpy(token, aes_cipher_key_skeleton, tokensize); 1089 1090 /* patch the skeleton key token export flags */ 1091 if (keygenflags) { 1092 t = (struct cipherkeytoken *) token; 1093 t->kmf1 |= (u16) (keygenflags & 0x0000FF00); 1094 t->kmf1 &= (u16) ~(keygenflags & 0x000000FF); 1095 } 1096 1097 /* 1098 * Do the key import with the clear key value in 4 steps: 1099 * 1/4 FIRST import with only random data 1100 * 2/4 EXOR the clear key 1101 * 3/4 EXOR the very same random data again 1102 * 4/4 COMPLETE the secure cipher key import 1103 */ 1104 rc = _ip_cprb_helper(card, dom, "AES ", "FIRST ", "MIN3PART", 1105 exorbuf, keybitsize, token, &tokensize); 1106 if (rc) { 1107 DEBUG_ERR( 1108 "%s clear key import 1/4 with CSNBKPI2 failed, rc=%d\n", 1109 __func__, rc); 1110 goto out; 1111 } 1112 rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL, 1113 clrkey, keybitsize, token, &tokensize); 1114 if (rc) { 1115 DEBUG_ERR( 1116 "%s clear key import 2/4 with CSNBKPI2 failed, rc=%d\n", 1117 __func__, rc); 1118 goto out; 1119 } 1120 rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL, 1121 exorbuf, keybitsize, token, &tokensize); 1122 if (rc) { 1123 DEBUG_ERR( 1124 "%s clear key import 3/4 with CSNBKPI2 failed, rc=%d\n", 1125 __func__, rc); 1126 goto out; 1127 } 1128 rc = _ip_cprb_helper(card, dom, "AES ", "COMPLETE", NULL, 1129 NULL, keybitsize, token, &tokensize); 1130 if (rc) { 1131 DEBUG_ERR( 1132 "%s clear key import 4/4 with CSNBKPI2 failed, rc=%d\n", 1133 __func__, rc); 1134 goto out; 1135 } 1136 1137 /* copy the generated key token */ 1138 if (keybuf) { 1139 if (tokensize > *keybufsize) 1140 rc = -EINVAL; 1141 else 1142 memcpy(keybuf, token, tokensize); 1143 } 1144 *keybufsize = tokensize; 1145 1146 out: 1147 kfree(token); 1148 return rc; 1149 } 1150 EXPORT_SYMBOL(cca_clr2cipherkey); 1151 1152 /* 1153 * Derive proteced key from CCA AES cipher secure key. 1154 */ 1155 int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey, 1156 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 1157 { 1158 int rc; 1159 u8 *mem, *ptr; 1160 struct CPRBX *preqcblk, *prepcblk; 1161 struct ica_xcRB xcrb; 1162 struct aureqparm { 1163 u8 subfunc_code[2]; 1164 u16 rule_array_len; 1165 u8 rule_array[8]; 1166 struct { 1167 u16 len; 1168 u16 tk_blob_len; 1169 u16 tk_blob_tag; 1170 u8 tk_blob[66]; 1171 } vud; 1172 struct { 1173 u16 len; 1174 u16 cca_key_token_len; 1175 u16 cca_key_token_flags; 1176 u8 cca_key_token[0]; // 64 or more 1177 } kb; 1178 } __packed * preqparm; 1179 struct aurepparm { 1180 u8 subfunc_code[2]; 1181 u16 rule_array_len; 1182 struct { 1183 u16 len; 1184 u16 sublen; 1185 u16 tag; 1186 struct cpacfkeyblock { 1187 u8 version; /* version of this struct */ 1188 u8 flags[2]; 1189 u8 algo; 1190 u8 form; 1191 u8 pad1[3]; 1192 u16 keylen; 1193 u8 key[64]; /* the key (keylen bytes) */ 1194 u16 keyattrlen; 1195 u8 keyattr[32]; 1196 u8 pad2[1]; 1197 u8 vptype; 1198 u8 vp[32]; /* verification pattern */ 1199 } ckb; 1200 } vud; 1201 struct { 1202 u16 len; 1203 } kb; 1204 } __packed * prepparm; 1205 int keytoklen = ((struct cipherkeytoken *)ckey)->len; 1206 1207 /* get already prepared memory for 2 cprbs with param block each */ 1208 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 1209 if (rc) 1210 return rc; 1211 1212 /* fill request cprb struct */ 1213 preqcblk->domain = domain; 1214 1215 /* fill request cprb param block with AU request */ 1216 preqparm = (struct aureqparm __force *) preqcblk->req_parmb; 1217 memcpy(preqparm->subfunc_code, "AU", 2); 1218 preqparm->rule_array_len = 1219 sizeof(preqparm->rule_array_len) 1220 + sizeof(preqparm->rule_array); 1221 memcpy(preqparm->rule_array, "EXPT-SK ", 8); 1222 /* vud, tk blob */ 1223 preqparm->vud.len = sizeof(preqparm->vud); 1224 preqparm->vud.tk_blob_len = sizeof(preqparm->vud.tk_blob) 1225 + 2 * sizeof(uint16_t); 1226 preqparm->vud.tk_blob_tag = 0x00C2; 1227 /* kb, cca token */ 1228 preqparm->kb.len = keytoklen + 3 * sizeof(uint16_t); 1229 preqparm->kb.cca_key_token_len = keytoklen + 2 * sizeof(uint16_t); 1230 memcpy(preqparm->kb.cca_key_token, ckey, keytoklen); 1231 /* now fill length of param block into cprb */ 1232 preqcblk->req_parml = sizeof(struct aureqparm) + keytoklen; 1233 1234 /* fill xcrb struct */ 1235 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 1236 1237 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 1238 rc = _zcrypt_send_cprb(&xcrb); 1239 if (rc) { 1240 DEBUG_ERR( 1241 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 1242 __func__, (int) cardnr, (int) domain, rc); 1243 goto out; 1244 } 1245 1246 /* check response returncode and reasoncode */ 1247 if (prepcblk->ccp_rtcode != 0) { 1248 DEBUG_ERR( 1249 "%s unwrap secure key failure, card response %d/%d\n", 1250 __func__, 1251 (int) prepcblk->ccp_rtcode, 1252 (int) prepcblk->ccp_rscode); 1253 rc = -EIO; 1254 goto out; 1255 } 1256 if (prepcblk->ccp_rscode != 0) { 1257 DEBUG_WARN( 1258 "%s unwrap secure key warning, card response %d/%d\n", 1259 __func__, 1260 (int) prepcblk->ccp_rtcode, 1261 (int) prepcblk->ccp_rscode); 1262 } 1263 1264 /* process response cprb param block */ 1265 ptr = ((u8 *) prepcblk) + sizeof(struct CPRBX); 1266 prepcblk->rpl_parmb = (u8 __user *) ptr; 1267 prepparm = (struct aurepparm *) ptr; 1268 1269 /* check the returned keyblock */ 1270 if (prepparm->vud.ckb.version != 0x01 && 1271 prepparm->vud.ckb.version != 0x02) { 1272 DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n", 1273 __func__, (int) prepparm->vud.ckb.version); 1274 rc = -EIO; 1275 goto out; 1276 } 1277 if (prepparm->vud.ckb.algo != 0x02) { 1278 DEBUG_ERR( 1279 "%s reply param keyblock algo mismatch 0x%02x != 0x02\n", 1280 __func__, (int) prepparm->vud.ckb.algo); 1281 rc = -EIO; 1282 goto out; 1283 } 1284 1285 /* copy the translated protected key */ 1286 switch (prepparm->vud.ckb.keylen) { 1287 case 16+32: 1288 /* AES 128 protected key */ 1289 if (protkeytype) 1290 *protkeytype = PKEY_KEYTYPE_AES_128; 1291 break; 1292 case 24+32: 1293 /* AES 192 protected key */ 1294 if (protkeytype) 1295 *protkeytype = PKEY_KEYTYPE_AES_192; 1296 break; 1297 case 32+32: 1298 /* AES 256 protected key */ 1299 if (protkeytype) 1300 *protkeytype = PKEY_KEYTYPE_AES_256; 1301 break; 1302 default: 1303 DEBUG_ERR("%s unknown/unsupported keylen %d\n", 1304 __func__, prepparm->vud.ckb.keylen); 1305 rc = -EIO; 1306 goto out; 1307 } 1308 memcpy(protkey, prepparm->vud.ckb.key, prepparm->vud.ckb.keylen); 1309 if (protkeylen) 1310 *protkeylen = prepparm->vud.ckb.keylen; 1311 1312 out: 1313 free_cprbmem(mem, PARMBSIZE, 0); 1314 return rc; 1315 } 1316 EXPORT_SYMBOL(cca_cipher2protkey); 1317 1318 /* 1319 * query cryptographic facility from CCA adapter 1320 */ 1321 int cca_query_crypto_facility(u16 cardnr, u16 domain, 1322 const char *keyword, 1323 u8 *rarray, size_t *rarraylen, 1324 u8 *varray, size_t *varraylen) 1325 { 1326 int rc; 1327 u16 len; 1328 u8 *mem, *ptr; 1329 struct CPRBX *preqcblk, *prepcblk; 1330 struct ica_xcRB xcrb; 1331 struct fqreqparm { 1332 u8 subfunc_code[2]; 1333 u16 rule_array_len; 1334 char rule_array[8]; 1335 struct lv1 { 1336 u16 len; 1337 u8 data[VARDATASIZE]; 1338 } lv1; 1339 u16 dummylen; 1340 } __packed * preqparm; 1341 size_t parmbsize = sizeof(struct fqreqparm); 1342 struct fqrepparm { 1343 u8 subfunc_code[2]; 1344 u8 lvdata[0]; 1345 } __packed * prepparm; 1346 1347 /* get already prepared memory for 2 cprbs with param block each */ 1348 rc = alloc_and_prep_cprbmem(parmbsize, &mem, &preqcblk, &prepcblk); 1349 if (rc) 1350 return rc; 1351 1352 /* fill request cprb struct */ 1353 preqcblk->domain = domain; 1354 1355 /* fill request cprb param block with FQ request */ 1356 preqparm = (struct fqreqparm __force *) preqcblk->req_parmb; 1357 memcpy(preqparm->subfunc_code, "FQ", 2); 1358 memcpy(preqparm->rule_array, keyword, sizeof(preqparm->rule_array)); 1359 preqparm->rule_array_len = 1360 sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array); 1361 preqparm->lv1.len = sizeof(preqparm->lv1); 1362 preqparm->dummylen = sizeof(preqparm->dummylen); 1363 preqcblk->req_parml = parmbsize; 1364 1365 /* fill xcrb struct */ 1366 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 1367 1368 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 1369 rc = _zcrypt_send_cprb(&xcrb); 1370 if (rc) { 1371 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 1372 __func__, (int) cardnr, (int) domain, rc); 1373 goto out; 1374 } 1375 1376 /* check response returncode and reasoncode */ 1377 if (prepcblk->ccp_rtcode != 0) { 1378 DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n", 1379 __func__, 1380 (int) prepcblk->ccp_rtcode, 1381 (int) prepcblk->ccp_rscode); 1382 rc = -EIO; 1383 goto out; 1384 } 1385 1386 /* process response cprb param block */ 1387 ptr = ((u8 *) prepcblk) + sizeof(struct CPRBX); 1388 prepcblk->rpl_parmb = (u8 __user *) ptr; 1389 prepparm = (struct fqrepparm *) ptr; 1390 ptr = prepparm->lvdata; 1391 1392 /* check and possibly copy reply rule array */ 1393 len = *((u16 *) ptr); 1394 if (len > sizeof(u16)) { 1395 ptr += sizeof(u16); 1396 len -= sizeof(u16); 1397 if (rarray && rarraylen && *rarraylen > 0) { 1398 *rarraylen = (len > *rarraylen ? *rarraylen : len); 1399 memcpy(rarray, ptr, *rarraylen); 1400 } 1401 ptr += len; 1402 } 1403 /* check and possible copy reply var array */ 1404 len = *((u16 *) ptr); 1405 if (len > sizeof(u16)) { 1406 ptr += sizeof(u16); 1407 len -= sizeof(u16); 1408 if (varray && varraylen && *varraylen > 0) { 1409 *varraylen = (len > *varraylen ? *varraylen : len); 1410 memcpy(varray, ptr, *varraylen); 1411 } 1412 ptr += len; 1413 } 1414 1415 out: 1416 free_cprbmem(mem, parmbsize, 0); 1417 return rc; 1418 } 1419 EXPORT_SYMBOL(cca_query_crypto_facility); 1420 1421 static int cca_info_cache_fetch(u16 cardnr, u16 domain, struct cca_info *ci) 1422 { 1423 int rc = -ENOENT; 1424 struct cca_info_list_entry *ptr; 1425 1426 spin_lock_bh(&cca_info_list_lock); 1427 list_for_each_entry(ptr, &cca_info_list, list) { 1428 if (ptr->cardnr == cardnr && ptr->domain == domain) { 1429 memcpy(ci, &ptr->info, sizeof(*ci)); 1430 rc = 0; 1431 break; 1432 } 1433 } 1434 spin_unlock_bh(&cca_info_list_lock); 1435 1436 return rc; 1437 } 1438 1439 static void cca_info_cache_update(u16 cardnr, u16 domain, 1440 const struct cca_info *ci) 1441 { 1442 int found = 0; 1443 struct cca_info_list_entry *ptr; 1444 1445 spin_lock_bh(&cca_info_list_lock); 1446 list_for_each_entry(ptr, &cca_info_list, list) { 1447 if (ptr->cardnr == cardnr && 1448 ptr->domain == domain) { 1449 memcpy(&ptr->info, ci, sizeof(*ci)); 1450 found = 1; 1451 break; 1452 } 1453 } 1454 if (!found) { 1455 ptr = kmalloc(sizeof(*ptr), GFP_ATOMIC); 1456 if (!ptr) { 1457 spin_unlock_bh(&cca_info_list_lock); 1458 return; 1459 } 1460 ptr->cardnr = cardnr; 1461 ptr->domain = domain; 1462 memcpy(&ptr->info, ci, sizeof(*ci)); 1463 list_add(&ptr->list, &cca_info_list); 1464 } 1465 spin_unlock_bh(&cca_info_list_lock); 1466 } 1467 1468 static void cca_info_cache_scrub(u16 cardnr, u16 domain) 1469 { 1470 struct cca_info_list_entry *ptr; 1471 1472 spin_lock_bh(&cca_info_list_lock); 1473 list_for_each_entry(ptr, &cca_info_list, list) { 1474 if (ptr->cardnr == cardnr && 1475 ptr->domain == domain) { 1476 list_del(&ptr->list); 1477 kfree(ptr); 1478 break; 1479 } 1480 } 1481 spin_unlock_bh(&cca_info_list_lock); 1482 } 1483 1484 static void __exit mkvp_cache_free(void) 1485 { 1486 struct cca_info_list_entry *ptr, *pnext; 1487 1488 spin_lock_bh(&cca_info_list_lock); 1489 list_for_each_entry_safe(ptr, pnext, &cca_info_list, list) { 1490 list_del(&ptr->list); 1491 kfree(ptr); 1492 } 1493 spin_unlock_bh(&cca_info_list_lock); 1494 } 1495 1496 /* 1497 * Fetch cca_info values via query_crypto_facility from adapter. 1498 */ 1499 static int fetch_cca_info(u16 cardnr, u16 domain, struct cca_info *ci) 1500 { 1501 int rc, found = 0; 1502 size_t rlen, vlen; 1503 u8 *rarray, *varray, *pg; 1504 struct zcrypt_device_status_ext devstat; 1505 1506 memset(ci, 0, sizeof(*ci)); 1507 1508 /* get first info from zcrypt device driver about this apqn */ 1509 rc = zcrypt_device_status_ext(cardnr, domain, &devstat); 1510 if (rc) 1511 return rc; 1512 ci->hwtype = devstat.hwtype; 1513 1514 /* prep page for rule array and var array use */ 1515 pg = (u8 *) __get_free_page(GFP_KERNEL); 1516 if (!pg) 1517 return -ENOMEM; 1518 rarray = pg; 1519 varray = pg + PAGE_SIZE/2; 1520 rlen = vlen = PAGE_SIZE/2; 1521 1522 /* QF for this card/domain */ 1523 rc = cca_query_crypto_facility(cardnr, domain, "STATICSA", 1524 rarray, &rlen, varray, &vlen); 1525 if (rc == 0 && rlen >= 10*8 && vlen >= 204) { 1526 memcpy(ci->serial, rarray, 8); 1527 ci->new_mk_state = (char) rarray[7*8]; 1528 ci->cur_mk_state = (char) rarray[8*8]; 1529 ci->old_mk_state = (char) rarray[9*8]; 1530 if (ci->old_mk_state == '2') 1531 memcpy(&ci->old_mkvp, varray + 172, 8); 1532 if (ci->cur_mk_state == '2') 1533 memcpy(&ci->cur_mkvp, varray + 184, 8); 1534 if (ci->new_mk_state == '3') 1535 memcpy(&ci->new_mkvp, varray + 196, 8); 1536 found = 1; 1537 } 1538 1539 free_page((unsigned long) pg); 1540 1541 return found ? 0 : -ENOENT; 1542 } 1543 1544 /* 1545 * Fetch cca information about a CCA queue. 1546 */ 1547 int cca_get_info(u16 card, u16 dom, struct cca_info *ci, int verify) 1548 { 1549 int rc; 1550 1551 rc = cca_info_cache_fetch(card, dom, ci); 1552 if (rc || verify) { 1553 rc = fetch_cca_info(card, dom, ci); 1554 if (rc == 0) 1555 cca_info_cache_update(card, dom, ci); 1556 } 1557 1558 return rc; 1559 } 1560 EXPORT_SYMBOL(cca_get_info); 1561 1562 /* 1563 * Search for a matching crypto card based on the 1564 * Master Key Verification Pattern given. 1565 */ 1566 static int findcard(u64 mkvp, u16 *pcardnr, u16 *pdomain, 1567 int verify, int minhwtype) 1568 { 1569 struct zcrypt_device_status_ext *device_status; 1570 u16 card, dom; 1571 struct cca_info ci; 1572 int i, rc, oi = -1; 1573 1574 /* mkvp must not be zero, minhwtype needs to be >= 0 */ 1575 if (mkvp == 0 || minhwtype < 0) 1576 return -EINVAL; 1577 1578 /* fetch status of all crypto cards */ 1579 device_status = kvmalloc_array(MAX_ZDEV_ENTRIES_EXT, 1580 sizeof(struct zcrypt_device_status_ext), 1581 GFP_KERNEL); 1582 if (!device_status) 1583 return -ENOMEM; 1584 zcrypt_device_status_mask_ext(device_status); 1585 1586 /* walk through all crypto cards */ 1587 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) { 1588 card = AP_QID_CARD(device_status[i].qid); 1589 dom = AP_QID_QUEUE(device_status[i].qid); 1590 if (device_status[i].online && 1591 device_status[i].functions & 0x04) { 1592 /* enabled CCA card, check current mkvp from cache */ 1593 if (cca_info_cache_fetch(card, dom, &ci) == 0 && 1594 ci.hwtype >= minhwtype && 1595 ci.cur_mk_state == '2' && 1596 ci.cur_mkvp == mkvp) { 1597 if (!verify) 1598 break; 1599 /* verify: refresh card info */ 1600 if (fetch_cca_info(card, dom, &ci) == 0) { 1601 cca_info_cache_update(card, dom, &ci); 1602 if (ci.hwtype >= minhwtype && 1603 ci.cur_mk_state == '2' && 1604 ci.cur_mkvp == mkvp) 1605 break; 1606 } 1607 } 1608 } else { 1609 /* Card is offline and/or not a CCA card. */ 1610 /* del mkvp entry from cache if it exists */ 1611 cca_info_cache_scrub(card, dom); 1612 } 1613 } 1614 if (i >= MAX_ZDEV_ENTRIES_EXT) { 1615 /* nothing found, so this time without cache */ 1616 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) { 1617 if (!(device_status[i].online && 1618 device_status[i].functions & 0x04)) 1619 continue; 1620 card = AP_QID_CARD(device_status[i].qid); 1621 dom = AP_QID_QUEUE(device_status[i].qid); 1622 /* fresh fetch mkvp from adapter */ 1623 if (fetch_cca_info(card, dom, &ci) == 0) { 1624 cca_info_cache_update(card, dom, &ci); 1625 if (ci.hwtype >= minhwtype && 1626 ci.cur_mk_state == '2' && 1627 ci.cur_mkvp == mkvp) 1628 break; 1629 if (ci.hwtype >= minhwtype && 1630 ci.old_mk_state == '2' && 1631 ci.old_mkvp == mkvp && 1632 oi < 0) 1633 oi = i; 1634 } 1635 } 1636 if (i >= MAX_ZDEV_ENTRIES_EXT && oi >= 0) { 1637 /* old mkvp matched, use this card then */ 1638 card = AP_QID_CARD(device_status[oi].qid); 1639 dom = AP_QID_QUEUE(device_status[oi].qid); 1640 } 1641 } 1642 if (i < MAX_ZDEV_ENTRIES_EXT || oi >= 0) { 1643 if (pcardnr) 1644 *pcardnr = card; 1645 if (pdomain) 1646 *pdomain = dom; 1647 rc = (i < MAX_ZDEV_ENTRIES_EXT ? 0 : 1); 1648 } else 1649 rc = -ENODEV; 1650 1651 kvfree(device_status); 1652 return rc; 1653 } 1654 1655 /* 1656 * Search for a matching crypto card based on the Master Key 1657 * Verification Pattern provided inside a secure key token. 1658 */ 1659 int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify) 1660 { 1661 u64 mkvp; 1662 int minhwtype = 0; 1663 const struct keytoken_header *hdr = (struct keytoken_header *) key; 1664 1665 if (hdr->type != TOKTYPE_CCA_INTERNAL) 1666 return -EINVAL; 1667 1668 switch (hdr->version) { 1669 case TOKVER_CCA_AES: 1670 mkvp = ((struct secaeskeytoken *)key)->mkvp; 1671 break; 1672 case TOKVER_CCA_VLSC: 1673 mkvp = ((struct cipherkeytoken *)key)->mkvp0; 1674 minhwtype = AP_DEVICE_TYPE_CEX6; 1675 break; 1676 default: 1677 return -EINVAL; 1678 } 1679 1680 return findcard(mkvp, pcardnr, pdomain, verify, minhwtype); 1681 } 1682 EXPORT_SYMBOL(cca_findcard); 1683 1684 int cca_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain, 1685 int minhwtype, u64 cur_mkvp, u64 old_mkvp, int verify) 1686 { 1687 struct zcrypt_device_status_ext *device_status; 1688 int i, n, card, dom, curmatch, oldmatch, rc = 0; 1689 struct cca_info ci; 1690 1691 *apqns = NULL; 1692 *nr_apqns = 0; 1693 1694 /* fetch status of all crypto cards */ 1695 device_status = kmalloc_array(MAX_ZDEV_ENTRIES_EXT, 1696 sizeof(struct zcrypt_device_status_ext), 1697 GFP_KERNEL); 1698 if (!device_status) 1699 return -ENOMEM; 1700 zcrypt_device_status_mask_ext(device_status); 1701 1702 /* loop two times: first gather eligible apqns, then store them */ 1703 while (1) { 1704 n = 0; 1705 /* walk through all the crypto cards */ 1706 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) { 1707 card = AP_QID_CARD(device_status[i].qid); 1708 dom = AP_QID_QUEUE(device_status[i].qid); 1709 /* check online state */ 1710 if (!device_status[i].online) 1711 continue; 1712 /* check for cca functions */ 1713 if (!(device_status[i].functions & 0x04)) 1714 continue; 1715 /* check cardnr */ 1716 if (cardnr != 0xFFFF && card != cardnr) 1717 continue; 1718 /* check domain */ 1719 if (domain != 0xFFFF && dom != domain) 1720 continue; 1721 /* get cca info on this apqn */ 1722 if (cca_get_info(card, dom, &ci, verify)) 1723 continue; 1724 /* current master key needs to be valid */ 1725 if (ci.cur_mk_state != '2') 1726 continue; 1727 /* check min hardware type */ 1728 if (minhwtype > 0 && minhwtype > ci.hwtype) 1729 continue; 1730 if (cur_mkvp || old_mkvp) { 1731 /* check mkvps */ 1732 curmatch = oldmatch = 0; 1733 if (cur_mkvp && cur_mkvp == ci.cur_mkvp) 1734 curmatch = 1; 1735 if (old_mkvp && ci.old_mk_state == '2' && 1736 old_mkvp == ci.old_mkvp) 1737 oldmatch = 1; 1738 if ((cur_mkvp || old_mkvp) && 1739 (curmatch + oldmatch < 1)) 1740 continue; 1741 } 1742 /* apqn passed all filtering criterons */ 1743 if (*apqns && n < *nr_apqns) 1744 (*apqns)[n] = (((u16)card) << 16) | ((u16) dom); 1745 n++; 1746 } 1747 /* loop 2nd time: array has been filled */ 1748 if (*apqns) 1749 break; 1750 /* loop 1st time: have # of eligible apqns in n */ 1751 if (!n) { 1752 rc = -ENODEV; /* no eligible apqns found */ 1753 break; 1754 } 1755 *nr_apqns = n; 1756 /* allocate array to store n apqns into */ 1757 *apqns = kmalloc_array(n, sizeof(u32), GFP_KERNEL); 1758 if (!*apqns) { 1759 rc = -ENOMEM; 1760 break; 1761 } 1762 verify = 0; 1763 } 1764 1765 kfree(device_status); 1766 return rc; 1767 } 1768 EXPORT_SYMBOL(cca_findcard2); 1769 1770 void __exit zcrypt_ccamisc_exit(void) 1771 { 1772 mkvp_cache_free(); 1773 } 1774