1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  *  Copyright IBM Corp. 2019
4  *  Author(s): Harald Freudenberger <freude@linux.ibm.com>
5  *	       Ingo Franzki <ifranzki@linux.ibm.com>
6  *
7  *  Collection of CCA misc functions used by zcrypt and pkey
8  */
9 
10 #define KMSG_COMPONENT "zcrypt"
11 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
12 
13 #include <linux/init.h>
14 #include <linux/module.h>
15 #include <linux/slab.h>
16 #include <linux/random.h>
17 #include <asm/zcrypt.h>
18 #include <asm/pkey.h>
19 
20 #include "ap_bus.h"
21 #include "zcrypt_api.h"
22 #include "zcrypt_debug.h"
23 #include "zcrypt_msgtype6.h"
24 #include "zcrypt_ccamisc.h"
25 
26 #define DEBUG_DBG(...)	ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__)
27 #define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__)
28 #define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__)
29 #define DEBUG_ERR(...)	ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__)
30 
31 /* Size of parameter block used for all cca requests/replies */
32 #define PARMBSIZE 512
33 
34 /* Size of vardata block used for some of the cca requests/replies */
35 #define VARDATASIZE 4096
36 
37 struct cca_info_list_entry {
38 	struct list_head list;
39 	u16 cardnr;
40 	u16 domain;
41 	struct cca_info info;
42 };
43 
44 /* a list with cca_info_list_entry entries */
45 static LIST_HEAD(cca_info_list);
46 static DEFINE_SPINLOCK(cca_info_list_lock);
47 
48 /*
49  * Simple check if the token is a valid CCA secure AES data key
50  * token. If keybitsize is given, the bitsize of the key is
51  * also checked. Returns 0 on success or errno value on failure.
52  */
53 int cca_check_secaeskeytoken(debug_info_t *dbg, int dbflvl,
54 			     const u8 *token, int keybitsize)
55 {
56 	struct secaeskeytoken *t = (struct secaeskeytoken *) token;
57 
58 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
59 
60 	if (t->type != TOKTYPE_CCA_INTERNAL) {
61 		if (dbg)
62 			DBF("%s token check failed, type 0x%02x != 0x%02x\n",
63 			    __func__, (int) t->type, TOKTYPE_CCA_INTERNAL);
64 		return -EINVAL;
65 	}
66 	if (t->version != TOKVER_CCA_AES) {
67 		if (dbg)
68 			DBF("%s token check failed, version 0x%02x != 0x%02x\n",
69 			    __func__, (int) t->version, TOKVER_CCA_AES);
70 		return -EINVAL;
71 	}
72 	if (keybitsize > 0 && t->bitsize != keybitsize) {
73 		if (dbg)
74 			DBF("%s token check failed, bitsize %d != %d\n",
75 			    __func__, (int) t->bitsize, keybitsize);
76 		return -EINVAL;
77 	}
78 
79 #undef DBF
80 
81 	return 0;
82 }
83 EXPORT_SYMBOL(cca_check_secaeskeytoken);
84 
85 /*
86  * Simple check if the token is a valid CCA secure AES cipher key
87  * token. If keybitsize is given, the bitsize of the key is
88  * also checked. If checkcpacfexport is enabled, the key is also
89  * checked for the export flag to allow CPACF export.
90  * Returns 0 on success or errno value on failure.
91  */
92 int cca_check_secaescipherkey(debug_info_t *dbg, int dbflvl,
93 			      const u8 *token, int keybitsize,
94 			      int checkcpacfexport)
95 {
96 	struct cipherkeytoken *t = (struct cipherkeytoken *) token;
97 	bool keybitsizeok = true;
98 
99 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
100 
101 	if (t->type != TOKTYPE_CCA_INTERNAL) {
102 		if (dbg)
103 			DBF("%s token check failed, type 0x%02x != 0x%02x\n",
104 			    __func__, (int) t->type, TOKTYPE_CCA_INTERNAL);
105 		return -EINVAL;
106 	}
107 	if (t->version != TOKVER_CCA_VLSC) {
108 		if (dbg)
109 			DBF("%s token check failed, version 0x%02x != 0x%02x\n",
110 			    __func__, (int) t->version, TOKVER_CCA_VLSC);
111 		return -EINVAL;
112 	}
113 	if (t->algtype != 0x02) {
114 		if (dbg)
115 			DBF("%s token check failed, algtype 0x%02x != 0x02\n",
116 			    __func__, (int) t->algtype);
117 		return -EINVAL;
118 	}
119 	if (t->keytype != 0x0001) {
120 		if (dbg)
121 			DBF("%s token check failed, keytype 0x%04x != 0x0001\n",
122 			    __func__, (int) t->keytype);
123 		return -EINVAL;
124 	}
125 	if (t->plfver != 0x00 && t->plfver != 0x01) {
126 		if (dbg)
127 			DBF("%s token check failed, unknown plfver 0x%02x\n",
128 			    __func__, (int) t->plfver);
129 		return -EINVAL;
130 	}
131 	if (t->wpllen != 512 && t->wpllen != 576 && t->wpllen != 640) {
132 		if (dbg)
133 			DBF("%s token check failed, unknown wpllen %d\n",
134 			    __func__, (int) t->wpllen);
135 		return -EINVAL;
136 	}
137 	if (keybitsize > 0) {
138 		switch (keybitsize) {
139 		case 128:
140 			if (t->wpllen != (t->plfver ? 640 : 512))
141 				keybitsizeok = false;
142 			break;
143 		case 192:
144 			if (t->wpllen != (t->plfver ? 640 : 576))
145 				keybitsizeok = false;
146 			break;
147 		case 256:
148 			if (t->wpllen != 640)
149 				keybitsizeok = false;
150 			break;
151 		default:
152 			keybitsizeok = false;
153 			break;
154 		}
155 		if (!keybitsizeok) {
156 			if (dbg)
157 				DBF("%s token check failed, bitsize %d\n",
158 				    __func__, keybitsize);
159 			return -EINVAL;
160 		}
161 	}
162 	if (checkcpacfexport && !(t->kmf1 & KMF1_XPRT_CPAC)) {
163 		if (dbg)
164 			DBF("%s token check failed, XPRT_CPAC bit is 0\n",
165 			    __func__);
166 		return -EINVAL;
167 	}
168 
169 #undef DBF
170 
171 	return 0;
172 }
173 EXPORT_SYMBOL(cca_check_secaescipherkey);
174 
175 /*
176  * Allocate consecutive memory for request CPRB, request param
177  * block, reply CPRB and reply param block and fill in values
178  * for the common fields. Returns 0 on success or errno value
179  * on failure.
180  */
181 static int alloc_and_prep_cprbmem(size_t paramblen,
182 				  u8 **pcprbmem,
183 				  struct CPRBX **preqCPRB,
184 				  struct CPRBX **prepCPRB)
185 {
186 	u8 *cprbmem;
187 	size_t cprbplusparamblen = sizeof(struct CPRBX) + paramblen;
188 	struct CPRBX *preqcblk, *prepcblk;
189 
190 	/*
191 	 * allocate consecutive memory for request CPRB, request param
192 	 * block, reply CPRB and reply param block
193 	 */
194 	cprbmem = kcalloc(2, cprbplusparamblen, GFP_KERNEL);
195 	if (!cprbmem)
196 		return -ENOMEM;
197 
198 	preqcblk = (struct CPRBX *) cprbmem;
199 	prepcblk = (struct CPRBX *) (cprbmem + cprbplusparamblen);
200 
201 	/* fill request cprb struct */
202 	preqcblk->cprb_len = sizeof(struct CPRBX);
203 	preqcblk->cprb_ver_id = 0x02;
204 	memcpy(preqcblk->func_id, "T2", 2);
205 	preqcblk->rpl_msgbl = cprbplusparamblen;
206 	if (paramblen) {
207 		preqcblk->req_parmb =
208 			((u8 *) preqcblk) + sizeof(struct CPRBX);
209 		preqcblk->rpl_parmb =
210 			((u8 *) prepcblk) + sizeof(struct CPRBX);
211 	}
212 
213 	*pcprbmem = cprbmem;
214 	*preqCPRB = preqcblk;
215 	*prepCPRB = prepcblk;
216 
217 	return 0;
218 }
219 
220 /*
221  * Free the cprb memory allocated with the function above.
222  * If the scrub value is not zero, the memory is filled
223  * with zeros before freeing (useful if there was some
224  * clear key material in there).
225  */
226 static void free_cprbmem(void *mem, size_t paramblen, int scrub)
227 {
228 	if (scrub)
229 		memzero_explicit(mem, 2 * (sizeof(struct CPRBX) + paramblen));
230 	kfree(mem);
231 }
232 
233 /*
234  * Helper function to prepare the xcrb struct
235  */
236 static inline void prep_xcrb(struct ica_xcRB *pxcrb,
237 			     u16 cardnr,
238 			     struct CPRBX *preqcblk,
239 			     struct CPRBX *prepcblk)
240 {
241 	memset(pxcrb, 0, sizeof(*pxcrb));
242 	pxcrb->agent_ID = 0x4341; /* 'CA' */
243 	pxcrb->user_defined = (cardnr == 0xFFFF ? AUTOSELECT : cardnr);
244 	pxcrb->request_control_blk_length =
245 		preqcblk->cprb_len + preqcblk->req_parml;
246 	pxcrb->request_control_blk_addr = (void __user *) preqcblk;
247 	pxcrb->reply_control_blk_length = preqcblk->rpl_msgbl;
248 	pxcrb->reply_control_blk_addr = (void __user *) prepcblk;
249 }
250 
251 /*
252  * Helper function which calls zcrypt_send_cprb with
253  * memory management segment adjusted to kernel space
254  * so that the copy_from_user called within this
255  * function do in fact copy from kernel space.
256  */
257 static inline int _zcrypt_send_cprb(struct ica_xcRB *xcrb)
258 {
259 	int rc;
260 	mm_segment_t old_fs = get_fs();
261 
262 	set_fs(KERNEL_DS);
263 	rc = zcrypt_send_cprb(xcrb);
264 	set_fs(old_fs);
265 
266 	return rc;
267 }
268 
269 /*
270  * Generate (random) CCA AES DATA secure key.
271  */
272 int cca_genseckey(u16 cardnr, u16 domain,
273 		  u32 keybitsize, u8 seckey[SECKEYBLOBSIZE])
274 {
275 	int i, rc, keysize;
276 	int seckeysize;
277 	u8 *mem;
278 	struct CPRBX *preqcblk, *prepcblk;
279 	struct ica_xcRB xcrb;
280 	struct kgreqparm {
281 		u8  subfunc_code[2];
282 		u16 rule_array_len;
283 		struct lv1 {
284 			u16 len;
285 			char  key_form[8];
286 			char  key_length[8];
287 			char  key_type1[8];
288 			char  key_type2[8];
289 		} lv1;
290 		struct lv2 {
291 			u16 len;
292 			struct keyid {
293 				u16 len;
294 				u16 attr;
295 				u8  data[SECKEYBLOBSIZE];
296 			} keyid[6];
297 		} lv2;
298 	} __packed * preqparm;
299 	struct kgrepparm {
300 		u8  subfunc_code[2];
301 		u16 rule_array_len;
302 		struct lv3 {
303 			u16 len;
304 			u16 keyblocklen;
305 			struct {
306 				u16 toklen;
307 				u16 tokattr;
308 				u8  tok[0];
309 				/* ... some more data ... */
310 			} keyblock;
311 		} lv3;
312 	} __packed * prepparm;
313 
314 	/* get already prepared memory for 2 cprbs with param block each */
315 	rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
316 	if (rc)
317 		return rc;
318 
319 	/* fill request cprb struct */
320 	preqcblk->domain = domain;
321 
322 	/* fill request cprb param block with KG request */
323 	preqparm = (struct kgreqparm *) preqcblk->req_parmb;
324 	memcpy(preqparm->subfunc_code, "KG", 2);
325 	preqparm->rule_array_len = sizeof(preqparm->rule_array_len);
326 	preqparm->lv1.len = sizeof(struct lv1);
327 	memcpy(preqparm->lv1.key_form,	 "OP      ", 8);
328 	switch (keybitsize) {
329 	case PKEY_SIZE_AES_128:
330 	case PKEY_KEYTYPE_AES_128: /* older ioctls used this */
331 		keysize = 16;
332 		memcpy(preqparm->lv1.key_length, "KEYLN16 ", 8);
333 		break;
334 	case PKEY_SIZE_AES_192:
335 	case PKEY_KEYTYPE_AES_192: /* older ioctls used this */
336 		keysize = 24;
337 		memcpy(preqparm->lv1.key_length, "KEYLN24 ", 8);
338 		break;
339 	case PKEY_SIZE_AES_256:
340 	case PKEY_KEYTYPE_AES_256: /* older ioctls used this */
341 		keysize = 32;
342 		memcpy(preqparm->lv1.key_length, "KEYLN32 ", 8);
343 		break;
344 	default:
345 		DEBUG_ERR("%s unknown/unsupported keybitsize %d\n",
346 			  __func__, keybitsize);
347 		rc = -EINVAL;
348 		goto out;
349 	}
350 	memcpy(preqparm->lv1.key_type1,  "AESDATA ", 8);
351 	preqparm->lv2.len = sizeof(struct lv2);
352 	for (i = 0; i < 6; i++) {
353 		preqparm->lv2.keyid[i].len = sizeof(struct keyid);
354 		preqparm->lv2.keyid[i].attr = (i == 2 ? 0x30 : 0x10);
355 	}
356 	preqcblk->req_parml = sizeof(struct kgreqparm);
357 
358 	/* fill xcrb struct */
359 	prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
360 
361 	/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
362 	rc = _zcrypt_send_cprb(&xcrb);
363 	if (rc) {
364 		DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, errno %d\n",
365 			  __func__, (int) cardnr, (int) domain, rc);
366 		goto out;
367 	}
368 
369 	/* check response returncode and reasoncode */
370 	if (prepcblk->ccp_rtcode != 0) {
371 		DEBUG_ERR("%s secure key generate failure, card response %d/%d\n",
372 			  __func__,
373 			  (int) prepcblk->ccp_rtcode,
374 			  (int) prepcblk->ccp_rscode);
375 		rc = -EIO;
376 		goto out;
377 	}
378 
379 	/* process response cprb param block */
380 	prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
381 	prepparm = (struct kgrepparm *) prepcblk->rpl_parmb;
382 
383 	/* check length of the returned secure key token */
384 	seckeysize = prepparm->lv3.keyblock.toklen
385 		- sizeof(prepparm->lv3.keyblock.toklen)
386 		- sizeof(prepparm->lv3.keyblock.tokattr);
387 	if (seckeysize != SECKEYBLOBSIZE) {
388 		DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n",
389 			  __func__, seckeysize, SECKEYBLOBSIZE);
390 		rc = -EIO;
391 		goto out;
392 	}
393 
394 	/* check secure key token */
395 	rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR,
396 				      prepparm->lv3.keyblock.tok, 8*keysize);
397 	if (rc) {
398 		rc = -EIO;
399 		goto out;
400 	}
401 
402 	/* copy the generated secure key token */
403 	memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE);
404 
405 out:
406 	free_cprbmem(mem, PARMBSIZE, 0);
407 	return rc;
408 }
409 EXPORT_SYMBOL(cca_genseckey);
410 
411 /*
412  * Generate an CCA AES DATA secure key with given key value.
413  */
414 int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize,
415 		   const u8 *clrkey, u8 seckey[SECKEYBLOBSIZE])
416 {
417 	int rc, keysize, seckeysize;
418 	u8 *mem;
419 	struct CPRBX *preqcblk, *prepcblk;
420 	struct ica_xcRB xcrb;
421 	struct cmreqparm {
422 		u8  subfunc_code[2];
423 		u16 rule_array_len;
424 		char  rule_array[8];
425 		struct lv1 {
426 			u16 len;
427 			u8  clrkey[0];
428 		} lv1;
429 		struct lv2 {
430 			u16 len;
431 			struct keyid {
432 				u16 len;
433 				u16 attr;
434 				u8  data[SECKEYBLOBSIZE];
435 			} keyid;
436 		} lv2;
437 	} __packed * preqparm;
438 	struct lv2 *plv2;
439 	struct cmrepparm {
440 		u8  subfunc_code[2];
441 		u16 rule_array_len;
442 		struct lv3 {
443 			u16 len;
444 			u16 keyblocklen;
445 			struct {
446 				u16 toklen;
447 				u16 tokattr;
448 				u8  tok[0];
449 				/* ... some more data ... */
450 			} keyblock;
451 		} lv3;
452 	} __packed * prepparm;
453 
454 	/* get already prepared memory for 2 cprbs with param block each */
455 	rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
456 	if (rc)
457 		return rc;
458 
459 	/* fill request cprb struct */
460 	preqcblk->domain = domain;
461 
462 	/* fill request cprb param block with CM request */
463 	preqparm = (struct cmreqparm *) preqcblk->req_parmb;
464 	memcpy(preqparm->subfunc_code, "CM", 2);
465 	memcpy(preqparm->rule_array, "AES     ", 8);
466 	preqparm->rule_array_len =
467 		sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array);
468 	switch (keybitsize) {
469 	case PKEY_SIZE_AES_128:
470 	case PKEY_KEYTYPE_AES_128: /* older ioctls used this */
471 		keysize = 16;
472 		break;
473 	case PKEY_SIZE_AES_192:
474 	case PKEY_KEYTYPE_AES_192: /* older ioctls used this */
475 		keysize = 24;
476 		break;
477 	case PKEY_SIZE_AES_256:
478 	case PKEY_KEYTYPE_AES_256: /* older ioctls used this */
479 		keysize = 32;
480 		break;
481 	default:
482 		DEBUG_ERR("%s unknown/unsupported keybitsize %d\n",
483 			  __func__, keybitsize);
484 		rc = -EINVAL;
485 		goto out;
486 	}
487 	preqparm->lv1.len = sizeof(struct lv1) + keysize;
488 	memcpy(preqparm->lv1.clrkey, clrkey, keysize);
489 	plv2 = (struct lv2 *) (((u8 *) &preqparm->lv2) + keysize);
490 	plv2->len = sizeof(struct lv2);
491 	plv2->keyid.len = sizeof(struct keyid);
492 	plv2->keyid.attr = 0x30;
493 	preqcblk->req_parml = sizeof(struct cmreqparm) + keysize;
494 
495 	/* fill xcrb struct */
496 	prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
497 
498 	/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
499 	rc = _zcrypt_send_cprb(&xcrb);
500 	if (rc) {
501 		DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
502 			  __func__, (int) cardnr, (int) domain, rc);
503 		goto out;
504 	}
505 
506 	/* check response returncode and reasoncode */
507 	if (prepcblk->ccp_rtcode != 0) {
508 		DEBUG_ERR("%s clear key import failure, card response %d/%d\n",
509 			  __func__,
510 			  (int) prepcblk->ccp_rtcode,
511 			  (int) prepcblk->ccp_rscode);
512 		rc = -EIO;
513 		goto out;
514 	}
515 
516 	/* process response cprb param block */
517 	prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
518 	prepparm = (struct cmrepparm *) prepcblk->rpl_parmb;
519 
520 	/* check length of the returned secure key token */
521 	seckeysize = prepparm->lv3.keyblock.toklen
522 		- sizeof(prepparm->lv3.keyblock.toklen)
523 		- sizeof(prepparm->lv3.keyblock.tokattr);
524 	if (seckeysize != SECKEYBLOBSIZE) {
525 		DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n",
526 			  __func__, seckeysize, SECKEYBLOBSIZE);
527 		rc = -EIO;
528 		goto out;
529 	}
530 
531 	/* check secure key token */
532 	rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR,
533 				      prepparm->lv3.keyblock.tok, 8*keysize);
534 	if (rc) {
535 		rc = -EIO;
536 		goto out;
537 	}
538 
539 	/* copy the generated secure key token */
540 	if (seckey)
541 		memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE);
542 
543 out:
544 	free_cprbmem(mem, PARMBSIZE, 1);
545 	return rc;
546 }
547 EXPORT_SYMBOL(cca_clr2seckey);
548 
549 /*
550  * Derive proteced key from an CCA AES DATA secure key.
551  */
552 int cca_sec2protkey(u16 cardnr, u16 domain,
553 		    const u8 seckey[SECKEYBLOBSIZE],
554 		    u8 *protkey, u32 *protkeylen, u32 *protkeytype)
555 {
556 	int rc;
557 	u8 *mem;
558 	struct CPRBX *preqcblk, *prepcblk;
559 	struct ica_xcRB xcrb;
560 	struct uskreqparm {
561 		u8  subfunc_code[2];
562 		u16 rule_array_len;
563 		struct lv1 {
564 			u16 len;
565 			u16 attr_len;
566 			u16 attr_flags;
567 		} lv1;
568 		struct lv2 {
569 			u16 len;
570 			u16 attr_len;
571 			u16 attr_flags;
572 			u8  token[0];	      /* cca secure key token */
573 		} lv2;
574 	} __packed * preqparm;
575 	struct uskrepparm {
576 		u8  subfunc_code[2];
577 		u16 rule_array_len;
578 		struct lv3 {
579 			u16 len;
580 			u16 attr_len;
581 			u16 attr_flags;
582 			struct cpacfkeyblock {
583 				u8  version;  /* version of this struct */
584 				u8  flags[2];
585 				u8  algo;
586 				u8  form;
587 				u8  pad1[3];
588 				u16 len;
589 				u8  key[64];  /* the key (len bytes) */
590 				u16 keyattrlen;
591 				u8  keyattr[32];
592 				u8  pad2[1];
593 				u8  vptype;
594 				u8  vp[32];  /* verification pattern */
595 			} ckb;
596 		} lv3;
597 	} __packed * prepparm;
598 
599 	/* get already prepared memory for 2 cprbs with param block each */
600 	rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
601 	if (rc)
602 		return rc;
603 
604 	/* fill request cprb struct */
605 	preqcblk->domain = domain;
606 
607 	/* fill request cprb param block with USK request */
608 	preqparm = (struct uskreqparm *) preqcblk->req_parmb;
609 	memcpy(preqparm->subfunc_code, "US", 2);
610 	preqparm->rule_array_len = sizeof(preqparm->rule_array_len);
611 	preqparm->lv1.len = sizeof(struct lv1);
612 	preqparm->lv1.attr_len = sizeof(struct lv1) - sizeof(preqparm->lv1.len);
613 	preqparm->lv1.attr_flags = 0x0001;
614 	preqparm->lv2.len = sizeof(struct lv2) + SECKEYBLOBSIZE;
615 	preqparm->lv2.attr_len = sizeof(struct lv2)
616 		- sizeof(preqparm->lv2.len) + SECKEYBLOBSIZE;
617 	preqparm->lv2.attr_flags = 0x0000;
618 	memcpy(preqparm->lv2.token, seckey, SECKEYBLOBSIZE);
619 	preqcblk->req_parml = sizeof(struct uskreqparm) + SECKEYBLOBSIZE;
620 
621 	/* fill xcrb struct */
622 	prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
623 
624 	/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
625 	rc = _zcrypt_send_cprb(&xcrb);
626 	if (rc) {
627 		DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
628 			  __func__, (int) cardnr, (int) domain, rc);
629 		goto out;
630 	}
631 
632 	/* check response returncode and reasoncode */
633 	if (prepcblk->ccp_rtcode != 0) {
634 		DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n",
635 			  __func__,
636 			  (int) prepcblk->ccp_rtcode,
637 			  (int) prepcblk->ccp_rscode);
638 		rc = -EIO;
639 		goto out;
640 	}
641 	if (prepcblk->ccp_rscode != 0) {
642 		DEBUG_WARN("%s unwrap secure key warning, card response %d/%d\n",
643 			   __func__,
644 			   (int) prepcblk->ccp_rtcode,
645 			   (int) prepcblk->ccp_rscode);
646 	}
647 
648 	/* process response cprb param block */
649 	prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
650 	prepparm = (struct uskrepparm *) prepcblk->rpl_parmb;
651 
652 	/* check the returned keyblock */
653 	if (prepparm->lv3.ckb.version != 0x01 &&
654 	    prepparm->lv3.ckb.version != 0x02) {
655 		DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n",
656 			  __func__, (int) prepparm->lv3.ckb.version);
657 		rc = -EIO;
658 		goto out;
659 	}
660 
661 	/* copy the tanslated protected key */
662 	switch (prepparm->lv3.ckb.len) {
663 	case 16+32:
664 		/* AES 128 protected key */
665 		if (protkeytype)
666 			*protkeytype = PKEY_KEYTYPE_AES_128;
667 		break;
668 	case 24+32:
669 		/* AES 192 protected key */
670 		if (protkeytype)
671 			*protkeytype = PKEY_KEYTYPE_AES_192;
672 		break;
673 	case 32+32:
674 		/* AES 256 protected key */
675 		if (protkeytype)
676 			*protkeytype = PKEY_KEYTYPE_AES_256;
677 		break;
678 	default:
679 		DEBUG_ERR("%s unknown/unsupported keylen %d\n",
680 			  __func__, prepparm->lv3.ckb.len);
681 		rc = -EIO;
682 		goto out;
683 	}
684 	memcpy(protkey, prepparm->lv3.ckb.key, prepparm->lv3.ckb.len);
685 	if (protkeylen)
686 		*protkeylen = prepparm->lv3.ckb.len;
687 
688 out:
689 	free_cprbmem(mem, PARMBSIZE, 0);
690 	return rc;
691 }
692 EXPORT_SYMBOL(cca_sec2protkey);
693 
694 /*
695  * AES cipher key skeleton created with CSNBKTB2 with these flags:
696  * INTERNAL, NO-KEY, AES, CIPHER, ANY-MODE, NOEX-SYM, NOEXAASY,
697  * NOEXUASY, XPRTCPAC, NOEX-RAW, NOEX-DES, NOEX-AES, NOEX-RSA
698  * used by cca_gencipherkey() and cca_clr2cipherkey().
699  */
700 static const u8 aes_cipher_key_skeleton[] = {
701 	0x01, 0x00, 0x00, 0x38, 0x05, 0x00, 0x00, 0x00,
702 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
703 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
704 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
705 	0x00, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
706 	0x00, 0x02, 0x00, 0x01, 0x02, 0xc0, 0x00, 0xff,
707 	0x00, 0x03, 0x08, 0xc8, 0x00, 0x00, 0x00, 0x00 };
708 #define SIZEOF_SKELETON (sizeof(aes_cipher_key_skeleton))
709 
710 /*
711  * Generate (random) CCA AES CIPHER secure key.
712  */
713 int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags,
714 		     u8 *keybuf, size_t *keybufsize)
715 {
716 	int rc;
717 	u8 *mem;
718 	struct CPRBX *preqcblk, *prepcblk;
719 	struct ica_xcRB xcrb;
720 	struct gkreqparm {
721 		u8  subfunc_code[2];
722 		u16 rule_array_len;
723 		char rule_array[2*8];
724 		struct {
725 			u16 len;
726 			u8  key_type_1[8];
727 			u8  key_type_2[8];
728 			u16 clear_key_bit_len;
729 			u16 key_name_1_len;
730 			u16 key_name_2_len;
731 			u16 user_data_1_len;
732 			u16 user_data_2_len;
733 			u8  key_name_1[0];
734 			u8  key_name_2[0];
735 			u8  user_data_1[0];
736 			u8  user_data_2[0];
737 		} vud;
738 		struct {
739 			u16 len;
740 			struct {
741 				u16 len;
742 				u16 flag;
743 				u8  kek_id_1[0];
744 			} tlv1;
745 			struct {
746 				u16 len;
747 				u16 flag;
748 				u8  kek_id_2[0];
749 			} tlv2;
750 			struct {
751 				u16 len;
752 				u16 flag;
753 				u8  gen_key_id_1[SIZEOF_SKELETON];
754 			} tlv3;
755 			struct {
756 				u16 len;
757 				u16 flag;
758 				u8  gen_key_id_1_label[0];
759 			} tlv4;
760 			struct {
761 				u16 len;
762 				u16 flag;
763 				u8  gen_key_id_2[0];
764 			} tlv5;
765 			struct {
766 				u16 len;
767 				u16 flag;
768 				u8  gen_key_id_2_label[0];
769 			} tlv6;
770 		} kb;
771 	} __packed * preqparm;
772 	struct gkrepparm {
773 		u8  subfunc_code[2];
774 		u16 rule_array_len;
775 		struct {
776 			u16 len;
777 		} vud;
778 		struct {
779 			u16 len;
780 			struct {
781 				u16 len;
782 				u16 flag;
783 				u8  gen_key[0]; /* 120-136 bytes */
784 			} tlv1;
785 		} kb;
786 	} __packed * prepparm;
787 	struct cipherkeytoken *t;
788 
789 	/* get already prepared memory for 2 cprbs with param block each */
790 	rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
791 	if (rc)
792 		return rc;
793 
794 	/* fill request cprb struct */
795 	preqcblk->domain = domain;
796 	preqcblk->req_parml = sizeof(struct gkreqparm);
797 
798 	/* prepare request param block with GK request */
799 	preqparm = (struct gkreqparm *) preqcblk->req_parmb;
800 	memcpy(preqparm->subfunc_code, "GK", 2);
801 	preqparm->rule_array_len =  sizeof(uint16_t) + 2 * 8;
802 	memcpy(preqparm->rule_array, "AES     OP      ", 2*8);
803 
804 	/* prepare vud block */
805 	preqparm->vud.len = sizeof(preqparm->vud);
806 	switch (keybitsize) {
807 	case 128:
808 	case 192:
809 	case 256:
810 		break;
811 	default:
812 		DEBUG_ERR(
813 			"%s unknown/unsupported keybitsize %d\n",
814 			__func__, keybitsize);
815 		rc = -EINVAL;
816 		goto out;
817 	}
818 	preqparm->vud.clear_key_bit_len = keybitsize;
819 	memcpy(preqparm->vud.key_type_1, "TOKEN   ", 8);
820 	memset(preqparm->vud.key_type_2, ' ', sizeof(preqparm->vud.key_type_2));
821 
822 	/* prepare kb block */
823 	preqparm->kb.len = sizeof(preqparm->kb);
824 	preqparm->kb.tlv1.len = sizeof(preqparm->kb.tlv1);
825 	preqparm->kb.tlv1.flag = 0x0030;
826 	preqparm->kb.tlv2.len = sizeof(preqparm->kb.tlv2);
827 	preqparm->kb.tlv2.flag = 0x0030;
828 	preqparm->kb.tlv3.len = sizeof(preqparm->kb.tlv3);
829 	preqparm->kb.tlv3.flag = 0x0030;
830 	memcpy(preqparm->kb.tlv3.gen_key_id_1,
831 	       aes_cipher_key_skeleton, SIZEOF_SKELETON);
832 	preqparm->kb.tlv4.len = sizeof(preqparm->kb.tlv4);
833 	preqparm->kb.tlv4.flag = 0x0030;
834 	preqparm->kb.tlv5.len = sizeof(preqparm->kb.tlv5);
835 	preqparm->kb.tlv5.flag = 0x0030;
836 	preqparm->kb.tlv6.len = sizeof(preqparm->kb.tlv6);
837 	preqparm->kb.tlv6.flag = 0x0030;
838 
839 	/* patch the skeleton key token export flags inside the kb block */
840 	if (keygenflags) {
841 		t = (struct cipherkeytoken *) preqparm->kb.tlv3.gen_key_id_1;
842 		t->kmf1 |= (u16) (keygenflags & 0x0000FF00);
843 		t->kmf1 &= (u16) ~(keygenflags & 0x000000FF);
844 	}
845 
846 	/* prepare xcrb struct */
847 	prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
848 
849 	/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
850 	rc = _zcrypt_send_cprb(&xcrb);
851 	if (rc) {
852 		DEBUG_ERR(
853 			"%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
854 			__func__, (int) cardnr, (int) domain, rc);
855 		goto out;
856 	}
857 
858 	/* check response returncode and reasoncode */
859 	if (prepcblk->ccp_rtcode != 0) {
860 		DEBUG_ERR(
861 			"%s cipher key generate failure, card response %d/%d\n",
862 			__func__,
863 			(int) prepcblk->ccp_rtcode,
864 			(int) prepcblk->ccp_rscode);
865 		rc = -EIO;
866 		goto out;
867 	}
868 
869 	/* process response cprb param block */
870 	prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
871 	prepparm = (struct gkrepparm *) prepcblk->rpl_parmb;
872 
873 	/* do some plausibility checks on the key block */
874 	if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) ||
875 	    prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) {
876 		DEBUG_ERR("%s reply with invalid or unknown key block\n",
877 			  __func__);
878 		rc = -EIO;
879 		goto out;
880 	}
881 
882 	/* and some checks on the generated key */
883 	rc = cca_check_secaescipherkey(zcrypt_dbf_info, DBF_ERR,
884 				       prepparm->kb.tlv1.gen_key,
885 				       keybitsize, 1);
886 	if (rc) {
887 		rc = -EIO;
888 		goto out;
889 	}
890 
891 	/* copy the generated vlsc key token */
892 	t = (struct cipherkeytoken *) prepparm->kb.tlv1.gen_key;
893 	if (keybuf) {
894 		if (*keybufsize >= t->len)
895 			memcpy(keybuf, t, t->len);
896 		else
897 			rc = -EINVAL;
898 	}
899 	*keybufsize = t->len;
900 
901 out:
902 	free_cprbmem(mem, PARMBSIZE, 0);
903 	return rc;
904 }
905 EXPORT_SYMBOL(cca_gencipherkey);
906 
907 /*
908  * Helper function, does a the CSNBKPI2 CPRB.
909  */
910 static int _ip_cprb_helper(u16 cardnr, u16 domain,
911 			   const char *rule_array_1,
912 			   const char *rule_array_2,
913 			   const char *rule_array_3,
914 			   const u8 *clr_key_value,
915 			   int clr_key_bit_size,
916 			   u8 *key_token,
917 			   int *key_token_size)
918 {
919 	int rc, n;
920 	u8 *mem;
921 	struct CPRBX *preqcblk, *prepcblk;
922 	struct ica_xcRB xcrb;
923 	struct rule_array_block {
924 		u8  subfunc_code[2];
925 		u16 rule_array_len;
926 		char rule_array[0];
927 	} __packed * preq_ra_block;
928 	struct vud_block {
929 		u16 len;
930 		struct {
931 			u16 len;
932 			u16 flag;	     /* 0x0064 */
933 			u16 clr_key_bit_len;
934 		} tlv1;
935 		struct {
936 			u16 len;
937 			u16 flag;	/* 0x0063 */
938 			u8  clr_key[0]; /* clear key value bytes */
939 		} tlv2;
940 	} __packed * preq_vud_block;
941 	struct key_block {
942 		u16 len;
943 		struct {
944 			u16 len;
945 			u16 flag;	  /* 0x0030 */
946 			u8  key_token[0]; /* key skeleton */
947 		} tlv1;
948 	} __packed * preq_key_block;
949 	struct iprepparm {
950 		u8  subfunc_code[2];
951 		u16 rule_array_len;
952 		struct {
953 			u16 len;
954 		} vud;
955 		struct {
956 			u16 len;
957 			struct {
958 				u16 len;
959 				u16 flag;	  /* 0x0030 */
960 				u8  key_token[0]; /* key token */
961 			} tlv1;
962 		} kb;
963 	} __packed * prepparm;
964 	struct cipherkeytoken *t;
965 	int complete = strncmp(rule_array_2, "COMPLETE", 8) ? 0 : 1;
966 
967 	/* get already prepared memory for 2 cprbs with param block each */
968 	rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
969 	if (rc)
970 		return rc;
971 
972 	/* fill request cprb struct */
973 	preqcblk->domain = domain;
974 	preqcblk->req_parml = 0;
975 
976 	/* prepare request param block with IP request */
977 	preq_ra_block = (struct rule_array_block *) preqcblk->req_parmb;
978 	memcpy(preq_ra_block->subfunc_code, "IP", 2);
979 	preq_ra_block->rule_array_len =  sizeof(uint16_t) + 2 * 8;
980 	memcpy(preq_ra_block->rule_array, rule_array_1, 8);
981 	memcpy(preq_ra_block->rule_array + 8, rule_array_2, 8);
982 	preqcblk->req_parml = sizeof(struct rule_array_block) + 2 * 8;
983 	if (rule_array_3) {
984 		preq_ra_block->rule_array_len += 8;
985 		memcpy(preq_ra_block->rule_array + 16, rule_array_3, 8);
986 		preqcblk->req_parml += 8;
987 	}
988 
989 	/* prepare vud block */
990 	preq_vud_block = (struct vud_block *)
991 		(preqcblk->req_parmb + preqcblk->req_parml);
992 	n = complete ? 0 : (clr_key_bit_size + 7) / 8;
993 	preq_vud_block->len = sizeof(struct vud_block) + n;
994 	preq_vud_block->tlv1.len = sizeof(preq_vud_block->tlv1);
995 	preq_vud_block->tlv1.flag = 0x0064;
996 	preq_vud_block->tlv1.clr_key_bit_len = complete ? 0 : clr_key_bit_size;
997 	preq_vud_block->tlv2.len = sizeof(preq_vud_block->tlv2) + n;
998 	preq_vud_block->tlv2.flag = 0x0063;
999 	if (!complete)
1000 		memcpy(preq_vud_block->tlv2.clr_key, clr_key_value, n);
1001 	preqcblk->req_parml += preq_vud_block->len;
1002 
1003 	/* prepare key block */
1004 	preq_key_block = (struct key_block *)
1005 		(preqcblk->req_parmb + preqcblk->req_parml);
1006 	n = *key_token_size;
1007 	preq_key_block->len = sizeof(struct key_block) + n;
1008 	preq_key_block->tlv1.len = sizeof(preq_key_block->tlv1) + n;
1009 	preq_key_block->tlv1.flag = 0x0030;
1010 	memcpy(preq_key_block->tlv1.key_token, key_token, *key_token_size);
1011 	preqcblk->req_parml += preq_key_block->len;
1012 
1013 	/* prepare xcrb struct */
1014 	prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1015 
1016 	/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1017 	rc = _zcrypt_send_cprb(&xcrb);
1018 	if (rc) {
1019 		DEBUG_ERR(
1020 			"%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1021 			__func__, (int) cardnr, (int) domain, rc);
1022 		goto out;
1023 	}
1024 
1025 	/* check response returncode and reasoncode */
1026 	if (prepcblk->ccp_rtcode != 0) {
1027 		DEBUG_ERR(
1028 			"%s CSNBKPI2 failure, card response %d/%d\n",
1029 			__func__,
1030 			(int) prepcblk->ccp_rtcode,
1031 			(int) prepcblk->ccp_rscode);
1032 		rc = -EIO;
1033 		goto out;
1034 	}
1035 
1036 	/* process response cprb param block */
1037 	prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
1038 	prepparm = (struct iprepparm *) prepcblk->rpl_parmb;
1039 
1040 	/* do some plausibility checks on the key block */
1041 	if (prepparm->kb.len < 120 + 3 * sizeof(uint16_t) ||
1042 	    prepparm->kb.len > 136 + 3 * sizeof(uint16_t)) {
1043 		DEBUG_ERR("%s reply with invalid or unknown key block\n",
1044 			  __func__);
1045 		rc = -EIO;
1046 		goto out;
1047 	}
1048 
1049 	/* do not check the key here, it may be incomplete */
1050 
1051 	/* copy the vlsc key token back */
1052 	t = (struct cipherkeytoken *) prepparm->kb.tlv1.key_token;
1053 	memcpy(key_token, t, t->len);
1054 	*key_token_size = t->len;
1055 
1056 out:
1057 	free_cprbmem(mem, PARMBSIZE, 0);
1058 	return rc;
1059 }
1060 
1061 /*
1062  * Build CCA AES CIPHER secure key with a given clear key value.
1063  */
1064 int cca_clr2cipherkey(u16 card, u16 dom, u32 keybitsize, u32 keygenflags,
1065 		      const u8 *clrkey, u8 *keybuf, size_t *keybufsize)
1066 {
1067 	int rc;
1068 	u8 *token;
1069 	int tokensize;
1070 	u8 exorbuf[32];
1071 	struct cipherkeytoken *t;
1072 
1073 	/* fill exorbuf with random data */
1074 	get_random_bytes(exorbuf, sizeof(exorbuf));
1075 
1076 	/* allocate space for the key token to build */
1077 	token = kmalloc(MAXCCAVLSCTOKENSIZE, GFP_KERNEL);
1078 	if (!token)
1079 		return -ENOMEM;
1080 
1081 	/* prepare the token with the key skeleton */
1082 	tokensize = SIZEOF_SKELETON;
1083 	memcpy(token, aes_cipher_key_skeleton, tokensize);
1084 
1085 	/* patch the skeleton key token export flags */
1086 	if (keygenflags) {
1087 		t = (struct cipherkeytoken *) token;
1088 		t->kmf1 |= (u16) (keygenflags & 0x0000FF00);
1089 		t->kmf1 &= (u16) ~(keygenflags & 0x000000FF);
1090 	}
1091 
1092 	/*
1093 	 * Do the key import with the clear key value in 4 steps:
1094 	 * 1/4 FIRST import with only random data
1095 	 * 2/4 EXOR the clear key
1096 	 * 3/4 EXOR the very same random data again
1097 	 * 4/4 COMPLETE the secure cipher key import
1098 	 */
1099 	rc = _ip_cprb_helper(card, dom, "AES     ", "FIRST   ", "MIN3PART",
1100 			     exorbuf, keybitsize, token, &tokensize);
1101 	if (rc) {
1102 		DEBUG_ERR(
1103 			"%s clear key import 1/4 with CSNBKPI2 failed, rc=%d\n",
1104 			__func__, rc);
1105 		goto out;
1106 	}
1107 	rc = _ip_cprb_helper(card, dom, "AES     ", "ADD-PART", NULL,
1108 			     clrkey, keybitsize, token, &tokensize);
1109 	if (rc) {
1110 		DEBUG_ERR(
1111 			"%s clear key import 2/4 with CSNBKPI2 failed, rc=%d\n",
1112 			__func__, rc);
1113 		goto out;
1114 	}
1115 	rc = _ip_cprb_helper(card, dom, "AES     ", "ADD-PART", NULL,
1116 			     exorbuf, keybitsize, token, &tokensize);
1117 	if (rc) {
1118 		DEBUG_ERR(
1119 			"%s clear key import 3/4 with CSNBKPI2 failed, rc=%d\n",
1120 			__func__, rc);
1121 		goto out;
1122 	}
1123 	rc = _ip_cprb_helper(card, dom, "AES     ", "COMPLETE", NULL,
1124 			     NULL, keybitsize, token, &tokensize);
1125 	if (rc) {
1126 		DEBUG_ERR(
1127 			"%s clear key import 4/4 with CSNBKPI2 failed, rc=%d\n",
1128 			__func__, rc);
1129 		goto out;
1130 	}
1131 
1132 	/* copy the generated key token */
1133 	if (keybuf) {
1134 		if (tokensize > *keybufsize)
1135 			rc = -EINVAL;
1136 		else
1137 			memcpy(keybuf, token, tokensize);
1138 	}
1139 	*keybufsize = tokensize;
1140 
1141 out:
1142 	kfree(token);
1143 	return rc;
1144 }
1145 EXPORT_SYMBOL(cca_clr2cipherkey);
1146 
1147 /*
1148  * Derive proteced key from CCA AES cipher secure key.
1149  */
1150 int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
1151 		       u8 *protkey, u32 *protkeylen, u32 *protkeytype)
1152 {
1153 	int rc;
1154 	u8 *mem;
1155 	struct CPRBX *preqcblk, *prepcblk;
1156 	struct ica_xcRB xcrb;
1157 	struct aureqparm {
1158 		u8  subfunc_code[2];
1159 		u16 rule_array_len;
1160 		u8  rule_array[8];
1161 		struct {
1162 			u16 len;
1163 			u16 tk_blob_len;
1164 			u16 tk_blob_tag;
1165 			u8  tk_blob[66];
1166 		} vud;
1167 		struct {
1168 			u16 len;
1169 			u16 cca_key_token_len;
1170 			u16 cca_key_token_flags;
1171 			u8  cca_key_token[0]; // 64 or more
1172 		} kb;
1173 	} __packed * preqparm;
1174 	struct aurepparm {
1175 		u8  subfunc_code[2];
1176 		u16 rule_array_len;
1177 		struct {
1178 			u16 len;
1179 			u16 sublen;
1180 			u16 tag;
1181 			struct cpacfkeyblock {
1182 				u8  version;  /* version of this struct */
1183 				u8  flags[2];
1184 				u8  algo;
1185 				u8  form;
1186 				u8  pad1[3];
1187 				u16 keylen;
1188 				u8  key[64];  /* the key (keylen bytes) */
1189 				u16 keyattrlen;
1190 				u8  keyattr[32];
1191 				u8  pad2[1];
1192 				u8  vptype;
1193 				u8  vp[32];  /* verification pattern */
1194 			} ckb;
1195 		} vud;
1196 		struct {
1197 			u16 len;
1198 		} kb;
1199 	} __packed * prepparm;
1200 	int keytoklen = ((struct cipherkeytoken *)ckey)->len;
1201 
1202 	/* get already prepared memory for 2 cprbs with param block each */
1203 	rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
1204 	if (rc)
1205 		return rc;
1206 
1207 	/* fill request cprb struct */
1208 	preqcblk->domain = domain;
1209 
1210 	/* fill request cprb param block with AU request */
1211 	preqparm = (struct aureqparm *) preqcblk->req_parmb;
1212 	memcpy(preqparm->subfunc_code, "AU", 2);
1213 	preqparm->rule_array_len =
1214 		sizeof(preqparm->rule_array_len)
1215 		+ sizeof(preqparm->rule_array);
1216 	memcpy(preqparm->rule_array, "EXPT-SK ", 8);
1217 	/* vud, tk blob */
1218 	preqparm->vud.len = sizeof(preqparm->vud);
1219 	preqparm->vud.tk_blob_len = sizeof(preqparm->vud.tk_blob)
1220 		+ 2 * sizeof(uint16_t);
1221 	preqparm->vud.tk_blob_tag = 0x00C2;
1222 	/* kb, cca token */
1223 	preqparm->kb.len = keytoklen + 3 * sizeof(uint16_t);
1224 	preqparm->kb.cca_key_token_len = keytoklen + 2 * sizeof(uint16_t);
1225 	memcpy(preqparm->kb.cca_key_token, ckey, keytoklen);
1226 	/* now fill length of param block into cprb */
1227 	preqcblk->req_parml = sizeof(struct aureqparm) + keytoklen;
1228 
1229 	/* fill xcrb struct */
1230 	prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1231 
1232 	/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1233 	rc = _zcrypt_send_cprb(&xcrb);
1234 	if (rc) {
1235 		DEBUG_ERR(
1236 			"%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1237 			__func__, (int) cardnr, (int) domain, rc);
1238 		goto out;
1239 	}
1240 
1241 	/* check response returncode and reasoncode */
1242 	if (prepcblk->ccp_rtcode != 0) {
1243 		DEBUG_ERR(
1244 			"%s unwrap secure key failure, card response %d/%d\n",
1245 			__func__,
1246 			(int) prepcblk->ccp_rtcode,
1247 			(int) prepcblk->ccp_rscode);
1248 		rc = -EIO;
1249 		goto out;
1250 	}
1251 	if (prepcblk->ccp_rscode != 0) {
1252 		DEBUG_WARN(
1253 			"%s unwrap secure key warning, card response %d/%d\n",
1254 			__func__,
1255 			(int) prepcblk->ccp_rtcode,
1256 			(int) prepcblk->ccp_rscode);
1257 	}
1258 
1259 	/* process response cprb param block */
1260 	prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
1261 	prepparm = (struct aurepparm *) prepcblk->rpl_parmb;
1262 
1263 	/* check the returned keyblock */
1264 	if (prepparm->vud.ckb.version != 0x01 &&
1265 	    prepparm->vud.ckb.version != 0x02) {
1266 		DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n",
1267 			  __func__, (int) prepparm->vud.ckb.version);
1268 		rc = -EIO;
1269 		goto out;
1270 	}
1271 	if (prepparm->vud.ckb.algo != 0x02) {
1272 		DEBUG_ERR(
1273 			"%s reply param keyblock algo mismatch 0x%02x != 0x02\n",
1274 			__func__, (int) prepparm->vud.ckb.algo);
1275 		rc = -EIO;
1276 		goto out;
1277 	}
1278 
1279 	/* copy the translated protected key */
1280 	switch (prepparm->vud.ckb.keylen) {
1281 	case 16+32:
1282 		/* AES 128 protected key */
1283 		if (protkeytype)
1284 			*protkeytype = PKEY_KEYTYPE_AES_128;
1285 		break;
1286 	case 24+32:
1287 		/* AES 192 protected key */
1288 		if (protkeytype)
1289 			*protkeytype = PKEY_KEYTYPE_AES_192;
1290 		break;
1291 	case 32+32:
1292 		/* AES 256 protected key */
1293 		if (protkeytype)
1294 			*protkeytype = PKEY_KEYTYPE_AES_256;
1295 		break;
1296 	default:
1297 		DEBUG_ERR("%s unknown/unsupported keylen %d\n",
1298 			  __func__, prepparm->vud.ckb.keylen);
1299 		rc = -EIO;
1300 		goto out;
1301 	}
1302 	memcpy(protkey, prepparm->vud.ckb.key, prepparm->vud.ckb.keylen);
1303 	if (protkeylen)
1304 		*protkeylen = prepparm->vud.ckb.keylen;
1305 
1306 out:
1307 	free_cprbmem(mem, PARMBSIZE, 0);
1308 	return rc;
1309 }
1310 EXPORT_SYMBOL(cca_cipher2protkey);
1311 
1312 /*
1313  * query cryptographic facility from CCA adapter
1314  */
1315 int cca_query_crypto_facility(u16 cardnr, u16 domain,
1316 			      const char *keyword,
1317 			      u8 *rarray, size_t *rarraylen,
1318 			      u8 *varray, size_t *varraylen)
1319 {
1320 	int rc;
1321 	u16 len;
1322 	u8 *mem, *ptr;
1323 	struct CPRBX *preqcblk, *prepcblk;
1324 	struct ica_xcRB xcrb;
1325 	struct fqreqparm {
1326 		u8  subfunc_code[2];
1327 		u16 rule_array_len;
1328 		char  rule_array[8];
1329 		struct lv1 {
1330 			u16 len;
1331 			u8  data[VARDATASIZE];
1332 		} lv1;
1333 		u16 dummylen;
1334 	} __packed * preqparm;
1335 	size_t parmbsize = sizeof(struct fqreqparm);
1336 	struct fqrepparm {
1337 		u8  subfunc_code[2];
1338 		u8  lvdata[0];
1339 	} __packed * prepparm;
1340 
1341 	/* get already prepared memory for 2 cprbs with param block each */
1342 	rc = alloc_and_prep_cprbmem(parmbsize, &mem, &preqcblk, &prepcblk);
1343 	if (rc)
1344 		return rc;
1345 
1346 	/* fill request cprb struct */
1347 	preqcblk->domain = domain;
1348 
1349 	/* fill request cprb param block with FQ request */
1350 	preqparm = (struct fqreqparm *) preqcblk->req_parmb;
1351 	memcpy(preqparm->subfunc_code, "FQ", 2);
1352 	memcpy(preqparm->rule_array, keyword, sizeof(preqparm->rule_array));
1353 	preqparm->rule_array_len =
1354 		sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array);
1355 	preqparm->lv1.len = sizeof(preqparm->lv1);
1356 	preqparm->dummylen = sizeof(preqparm->dummylen);
1357 	preqcblk->req_parml = parmbsize;
1358 
1359 	/* fill xcrb struct */
1360 	prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1361 
1362 	/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1363 	rc = _zcrypt_send_cprb(&xcrb);
1364 	if (rc) {
1365 		DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1366 			  __func__, (int) cardnr, (int) domain, rc);
1367 		goto out;
1368 	}
1369 
1370 	/* check response returncode and reasoncode */
1371 	if (prepcblk->ccp_rtcode != 0) {
1372 		DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n",
1373 			  __func__,
1374 			  (int) prepcblk->ccp_rtcode,
1375 			  (int) prepcblk->ccp_rscode);
1376 		rc = -EIO;
1377 		goto out;
1378 	}
1379 
1380 	/* process response cprb param block */
1381 	prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
1382 	prepparm = (struct fqrepparm *) prepcblk->rpl_parmb;
1383 	ptr = prepparm->lvdata;
1384 
1385 	/* check and possibly copy reply rule array */
1386 	len = *((u16 *) ptr);
1387 	if (len > sizeof(u16)) {
1388 		ptr += sizeof(u16);
1389 		len -= sizeof(u16);
1390 		if (rarray && rarraylen && *rarraylen > 0) {
1391 			*rarraylen = (len > *rarraylen ? *rarraylen : len);
1392 			memcpy(rarray, ptr, *rarraylen);
1393 		}
1394 		ptr += len;
1395 	}
1396 	/* check and possible copy reply var array */
1397 	len = *((u16 *) ptr);
1398 	if (len > sizeof(u16)) {
1399 		ptr += sizeof(u16);
1400 		len -= sizeof(u16);
1401 		if (varray && varraylen && *varraylen > 0) {
1402 			*varraylen = (len > *varraylen ? *varraylen : len);
1403 			memcpy(varray, ptr, *varraylen);
1404 		}
1405 		ptr += len;
1406 	}
1407 
1408 out:
1409 	free_cprbmem(mem, parmbsize, 0);
1410 	return rc;
1411 }
1412 EXPORT_SYMBOL(cca_query_crypto_facility);
1413 
1414 static int cca_info_cache_fetch(u16 cardnr, u16 domain, struct cca_info *ci)
1415 {
1416 	int rc = -ENOENT;
1417 	struct cca_info_list_entry *ptr;
1418 
1419 	spin_lock_bh(&cca_info_list_lock);
1420 	list_for_each_entry(ptr, &cca_info_list, list) {
1421 		if (ptr->cardnr == cardnr && ptr->domain == domain) {
1422 			memcpy(ci, &ptr->info, sizeof(*ci));
1423 			rc = 0;
1424 			break;
1425 		}
1426 	}
1427 	spin_unlock_bh(&cca_info_list_lock);
1428 
1429 	return rc;
1430 }
1431 
1432 static void cca_info_cache_update(u16 cardnr, u16 domain,
1433 				  const struct cca_info *ci)
1434 {
1435 	int found = 0;
1436 	struct cca_info_list_entry *ptr;
1437 
1438 	spin_lock_bh(&cca_info_list_lock);
1439 	list_for_each_entry(ptr, &cca_info_list, list) {
1440 		if (ptr->cardnr == cardnr &&
1441 		    ptr->domain == domain) {
1442 			memcpy(&ptr->info, ci, sizeof(*ci));
1443 			found = 1;
1444 			break;
1445 		}
1446 	}
1447 	if (!found) {
1448 		ptr = kmalloc(sizeof(*ptr), GFP_ATOMIC);
1449 		if (!ptr) {
1450 			spin_unlock_bh(&cca_info_list_lock);
1451 			return;
1452 		}
1453 		ptr->cardnr = cardnr;
1454 		ptr->domain = domain;
1455 		memcpy(&ptr->info, ci, sizeof(*ci));
1456 		list_add(&ptr->list, &cca_info_list);
1457 	}
1458 	spin_unlock_bh(&cca_info_list_lock);
1459 }
1460 
1461 static void cca_info_cache_scrub(u16 cardnr, u16 domain)
1462 {
1463 	struct cca_info_list_entry *ptr;
1464 
1465 	spin_lock_bh(&cca_info_list_lock);
1466 	list_for_each_entry(ptr, &cca_info_list, list) {
1467 		if (ptr->cardnr == cardnr &&
1468 		    ptr->domain == domain) {
1469 			list_del(&ptr->list);
1470 			kfree(ptr);
1471 			break;
1472 		}
1473 	}
1474 	spin_unlock_bh(&cca_info_list_lock);
1475 }
1476 
1477 static void __exit mkvp_cache_free(void)
1478 {
1479 	struct cca_info_list_entry *ptr, *pnext;
1480 
1481 	spin_lock_bh(&cca_info_list_lock);
1482 	list_for_each_entry_safe(ptr, pnext, &cca_info_list, list) {
1483 		list_del(&ptr->list);
1484 		kfree(ptr);
1485 	}
1486 	spin_unlock_bh(&cca_info_list_lock);
1487 }
1488 
1489 /*
1490  * Fetch cca_info values via query_crypto_facility from adapter.
1491  */
1492 static int fetch_cca_info(u16 cardnr, u16 domain, struct cca_info *ci)
1493 {
1494 	int rc, found = 0;
1495 	size_t rlen, vlen;
1496 	u8 *rarray, *varray, *pg;
1497 	struct zcrypt_device_status_ext devstat;
1498 
1499 	memset(ci, 0, sizeof(*ci));
1500 
1501 	/* get first info from zcrypt device driver about this apqn */
1502 	rc = zcrypt_device_status_ext(cardnr, domain, &devstat);
1503 	if (rc)
1504 		return rc;
1505 	ci->hwtype = devstat.hwtype;
1506 
1507 	/* prep page for rule array and var array use */
1508 	pg = (u8 *) __get_free_page(GFP_KERNEL);
1509 	if (!pg)
1510 		return -ENOMEM;
1511 	rarray = pg;
1512 	varray = pg + PAGE_SIZE/2;
1513 	rlen = vlen = PAGE_SIZE/2;
1514 
1515 	/* QF for this card/domain */
1516 	rc = cca_query_crypto_facility(cardnr, domain, "STATICSA",
1517 				       rarray, &rlen, varray, &vlen);
1518 	if (rc == 0 && rlen >= 10*8 && vlen >= 204) {
1519 		memcpy(ci->serial, rarray, 8);
1520 		ci->new_mk_state = (char) rarray[7*8];
1521 		ci->cur_mk_state = (char) rarray[8*8];
1522 		ci->old_mk_state = (char) rarray[9*8];
1523 		if (ci->old_mk_state == '2')
1524 			memcpy(&ci->old_mkvp, varray + 172, 8);
1525 		if (ci->cur_mk_state == '2')
1526 			memcpy(&ci->cur_mkvp, varray + 184, 8);
1527 		if (ci->new_mk_state == '3')
1528 			memcpy(&ci->new_mkvp, varray + 196, 8);
1529 		found = 1;
1530 	}
1531 
1532 	free_page((unsigned long) pg);
1533 
1534 	return found ? 0 : -ENOENT;
1535 }
1536 
1537 /*
1538  * Fetch cca information about a CCA queue.
1539  */
1540 int cca_get_info(u16 card, u16 dom, struct cca_info *ci, int verify)
1541 {
1542 	int rc;
1543 
1544 	rc = cca_info_cache_fetch(card, dom, ci);
1545 	if (rc || verify) {
1546 		rc = fetch_cca_info(card, dom, ci);
1547 		if (rc == 0)
1548 			cca_info_cache_update(card, dom, ci);
1549 	}
1550 
1551 	return rc;
1552 }
1553 EXPORT_SYMBOL(cca_get_info);
1554 
1555 /*
1556  * Search for a matching crypto card based on the
1557  * Master Key Verification Pattern given.
1558  */
1559 static int findcard(u64 mkvp, u16 *pcardnr, u16 *pdomain,
1560 		    int verify, int minhwtype)
1561 {
1562 	struct zcrypt_device_status_ext *device_status;
1563 	u16 card, dom;
1564 	struct cca_info ci;
1565 	int i, rc, oi = -1;
1566 
1567 	/* mkvp must not be zero, minhwtype needs to be >= 0 */
1568 	if (mkvp == 0 || minhwtype < 0)
1569 		return -EINVAL;
1570 
1571 	/* fetch status of all crypto cards */
1572 	device_status = kvmalloc_array(MAX_ZDEV_ENTRIES_EXT,
1573 				       sizeof(struct zcrypt_device_status_ext),
1574 				       GFP_KERNEL);
1575 	if (!device_status)
1576 		return -ENOMEM;
1577 	zcrypt_device_status_mask_ext(device_status);
1578 
1579 	/* walk through all crypto cards */
1580 	for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1581 		card = AP_QID_CARD(device_status[i].qid);
1582 		dom = AP_QID_QUEUE(device_status[i].qid);
1583 		if (device_status[i].online &&
1584 		    device_status[i].functions & 0x04) {
1585 			/* enabled CCA card, check current mkvp from cache */
1586 			if (cca_info_cache_fetch(card, dom, &ci) == 0 &&
1587 			    ci.hwtype >= minhwtype &&
1588 			    ci.cur_mk_state == '2' &&
1589 			    ci.cur_mkvp == mkvp) {
1590 				if (!verify)
1591 					break;
1592 				/* verify: refresh card info */
1593 				if (fetch_cca_info(card, dom, &ci) == 0) {
1594 					cca_info_cache_update(card, dom, &ci);
1595 					if (ci.hwtype >= minhwtype &&
1596 					    ci.cur_mk_state == '2' &&
1597 					    ci.cur_mkvp == mkvp)
1598 						break;
1599 				}
1600 			}
1601 		} else {
1602 			/* Card is offline and/or not a CCA card. */
1603 			/* del mkvp entry from cache if it exists */
1604 			cca_info_cache_scrub(card, dom);
1605 		}
1606 	}
1607 	if (i >= MAX_ZDEV_ENTRIES_EXT) {
1608 		/* nothing found, so this time without cache */
1609 		for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1610 			if (!(device_status[i].online &&
1611 			      device_status[i].functions & 0x04))
1612 				continue;
1613 			card = AP_QID_CARD(device_status[i].qid);
1614 			dom = AP_QID_QUEUE(device_status[i].qid);
1615 			/* fresh fetch mkvp from adapter */
1616 			if (fetch_cca_info(card, dom, &ci) == 0) {
1617 				cca_info_cache_update(card, dom, &ci);
1618 				if (ci.hwtype >= minhwtype &&
1619 				    ci.cur_mk_state == '2' &&
1620 				    ci.cur_mkvp == mkvp)
1621 					break;
1622 				if (ci.hwtype >= minhwtype &&
1623 				    ci.old_mk_state == '2' &&
1624 				    ci.old_mkvp == mkvp &&
1625 				    oi < 0)
1626 					oi = i;
1627 			}
1628 		}
1629 		if (i >= MAX_ZDEV_ENTRIES_EXT && oi >= 0) {
1630 			/* old mkvp matched, use this card then */
1631 			card = AP_QID_CARD(device_status[oi].qid);
1632 			dom = AP_QID_QUEUE(device_status[oi].qid);
1633 		}
1634 	}
1635 	if (i < MAX_ZDEV_ENTRIES_EXT || oi >= 0) {
1636 		if (pcardnr)
1637 			*pcardnr = card;
1638 		if (pdomain)
1639 			*pdomain = dom;
1640 		rc = (i < MAX_ZDEV_ENTRIES_EXT ? 0 : 1);
1641 	} else
1642 		rc = -ENODEV;
1643 
1644 	kvfree(device_status);
1645 	return rc;
1646 }
1647 
1648 /*
1649  * Search for a matching crypto card based on the Master Key
1650  * Verification Pattern provided inside a secure key token.
1651  */
1652 int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify)
1653 {
1654 	u64 mkvp;
1655 	int minhwtype = 0;
1656 	const struct keytoken_header *hdr = (struct keytoken_header *) key;
1657 
1658 	if (hdr->type != TOKTYPE_CCA_INTERNAL)
1659 		return -EINVAL;
1660 
1661 	switch (hdr->version) {
1662 	case TOKVER_CCA_AES:
1663 		mkvp = ((struct secaeskeytoken *)key)->mkvp;
1664 		break;
1665 	case TOKVER_CCA_VLSC:
1666 		mkvp = ((struct cipherkeytoken *)key)->mkvp0;
1667 		minhwtype = AP_DEVICE_TYPE_CEX6;
1668 		break;
1669 	default:
1670 		return -EINVAL;
1671 	}
1672 
1673 	return findcard(mkvp, pcardnr, pdomain, verify, minhwtype);
1674 }
1675 EXPORT_SYMBOL(cca_findcard);
1676 
1677 int cca_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain,
1678 		  int minhwtype, u64 cur_mkvp, u64 old_mkvp, int verify)
1679 {
1680 	struct zcrypt_device_status_ext *device_status;
1681 	int i, n, card, dom, curmatch, oldmatch, rc = 0;
1682 	struct cca_info ci;
1683 
1684 	*apqns = NULL;
1685 	*nr_apqns = 0;
1686 
1687 	/* fetch status of all crypto cards */
1688 	device_status = kmalloc_array(MAX_ZDEV_ENTRIES_EXT,
1689 				      sizeof(struct zcrypt_device_status_ext),
1690 				      GFP_KERNEL);
1691 	if (!device_status)
1692 		return -ENOMEM;
1693 	zcrypt_device_status_mask_ext(device_status);
1694 
1695 	/* loop two times: first gather eligible apqns, then store them */
1696 	while (1) {
1697 		n = 0;
1698 		/* walk through all the crypto cards */
1699 		for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1700 			card = AP_QID_CARD(device_status[i].qid);
1701 			dom = AP_QID_QUEUE(device_status[i].qid);
1702 			/* check online state */
1703 			if (!device_status[i].online)
1704 				continue;
1705 			/* check for cca functions */
1706 			if (!(device_status[i].functions & 0x04))
1707 				continue;
1708 			/* check cardnr */
1709 			if (cardnr != 0xFFFF && card != cardnr)
1710 				continue;
1711 			/* check domain */
1712 			if (domain != 0xFFFF && dom != domain)
1713 				continue;
1714 			/* get cca info on this apqn */
1715 			if (cca_get_info(card, dom, &ci, verify))
1716 				continue;
1717 			/* current master key needs to be valid */
1718 			if (ci.cur_mk_state != '2')
1719 				continue;
1720 			/* check min hardware type */
1721 			if (minhwtype > 0 && minhwtype > ci.hwtype)
1722 				continue;
1723 			if (cur_mkvp || old_mkvp) {
1724 				/* check mkvps */
1725 				curmatch = oldmatch = 0;
1726 				if (cur_mkvp && cur_mkvp == ci.cur_mkvp)
1727 					curmatch = 1;
1728 				if (old_mkvp && ci.old_mk_state == '2' &&
1729 				    old_mkvp == ci.old_mkvp)
1730 					oldmatch = 1;
1731 				if ((cur_mkvp || old_mkvp) &&
1732 				    (curmatch + oldmatch < 1))
1733 					continue;
1734 			}
1735 			/* apqn passed all filtering criterons */
1736 			if (*apqns && n < *nr_apqns)
1737 				(*apqns)[n] = (((u16)card) << 16) | ((u16) dom);
1738 			n++;
1739 		}
1740 		/* loop 2nd time: array has been filled */
1741 		if (*apqns)
1742 			break;
1743 		/* loop 1st time: have # of eligible apqns in n */
1744 		if (!n) {
1745 			rc = -ENODEV; /* no eligible apqns found */
1746 			break;
1747 		}
1748 		*nr_apqns = n;
1749 		/* allocate array to store n apqns into */
1750 		*apqns = kmalloc_array(n, sizeof(u32), GFP_KERNEL);
1751 		if (!*apqns) {
1752 			rc = -ENOMEM;
1753 			break;
1754 		}
1755 		verify = 0;
1756 	}
1757 
1758 	kfree(device_status);
1759 	return rc;
1760 }
1761 EXPORT_SYMBOL(cca_findcard2);
1762 
1763 void __exit zcrypt_ccamisc_exit(void)
1764 {
1765 	mkvp_cache_free();
1766 }
1767