1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * Copyright IBM Corp. 2019 4 * Author(s): Harald Freudenberger <freude@linux.ibm.com> 5 * Ingo Franzki <ifranzki@linux.ibm.com> 6 * 7 * Collection of CCA misc functions used by zcrypt and pkey 8 */ 9 10 #define KMSG_COMPONENT "zcrypt" 11 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 12 13 #include <linux/init.h> 14 #include <linux/module.h> 15 #include <linux/slab.h> 16 #include <linux/random.h> 17 #include <asm/zcrypt.h> 18 #include <asm/pkey.h> 19 20 #include "ap_bus.h" 21 #include "zcrypt_api.h" 22 #include "zcrypt_debug.h" 23 #include "zcrypt_msgtype6.h" 24 #include "zcrypt_ccamisc.h" 25 26 #define DEBUG_DBG(...) ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__) 27 #define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__) 28 #define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__) 29 #define DEBUG_ERR(...) ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__) 30 31 /* Size of parameter block used for all cca requests/replies */ 32 #define PARMBSIZE 512 33 34 /* Size of vardata block used for some of the cca requests/replies */ 35 #define VARDATASIZE 4096 36 37 struct cca_info_list_entry { 38 struct list_head list; 39 u16 cardnr; 40 u16 domain; 41 struct cca_info info; 42 }; 43 44 /* a list with cca_info_list_entry entries */ 45 static LIST_HEAD(cca_info_list); 46 static DEFINE_SPINLOCK(cca_info_list_lock); 47 48 /* 49 * Simple check if the token is a valid CCA secure AES data key 50 * token. If keybitsize is given, the bitsize of the key is 51 * also checked. Returns 0 on success or errno value on failure. 52 */ 53 int cca_check_secaeskeytoken(debug_info_t *dbg, int dbflvl, 54 const u8 *token, int keybitsize) 55 { 56 struct secaeskeytoken *t = (struct secaeskeytoken *) token; 57 58 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__) 59 60 if (t->type != TOKTYPE_CCA_INTERNAL) { 61 if (dbg) 62 DBF("%s token check failed, type 0x%02x != 0x%02x\n", 63 __func__, (int) t->type, TOKTYPE_CCA_INTERNAL); 64 return -EINVAL; 65 } 66 if (t->version != TOKVER_CCA_AES) { 67 if (dbg) 68 DBF("%s token check failed, version 0x%02x != 0x%02x\n", 69 __func__, (int) t->version, TOKVER_CCA_AES); 70 return -EINVAL; 71 } 72 if (keybitsize > 0 && t->bitsize != keybitsize) { 73 if (dbg) 74 DBF("%s token check failed, bitsize %d != %d\n", 75 __func__, (int) t->bitsize, keybitsize); 76 return -EINVAL; 77 } 78 79 #undef DBF 80 81 return 0; 82 } 83 EXPORT_SYMBOL(cca_check_secaeskeytoken); 84 85 /* 86 * Simple check if the token is a valid CCA secure AES cipher key 87 * token. If keybitsize is given, the bitsize of the key is 88 * also checked. If checkcpacfexport is enabled, the key is also 89 * checked for the export flag to allow CPACF export. 90 * Returns 0 on success or errno value on failure. 91 */ 92 int cca_check_secaescipherkey(debug_info_t *dbg, int dbflvl, 93 const u8 *token, int keybitsize, 94 int checkcpacfexport) 95 { 96 struct cipherkeytoken *t = (struct cipherkeytoken *) token; 97 bool keybitsizeok = true; 98 99 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__) 100 101 if (t->type != TOKTYPE_CCA_INTERNAL) { 102 if (dbg) 103 DBF("%s token check failed, type 0x%02x != 0x%02x\n", 104 __func__, (int) t->type, TOKTYPE_CCA_INTERNAL); 105 return -EINVAL; 106 } 107 if (t->version != TOKVER_CCA_VLSC) { 108 if (dbg) 109 DBF("%s token check failed, version 0x%02x != 0x%02x\n", 110 __func__, (int) t->version, TOKVER_CCA_VLSC); 111 return -EINVAL; 112 } 113 if (t->algtype != 0x02) { 114 if (dbg) 115 DBF("%s token check failed, algtype 0x%02x != 0x02\n", 116 __func__, (int) t->algtype); 117 return -EINVAL; 118 } 119 if (t->keytype != 0x0001) { 120 if (dbg) 121 DBF("%s token check failed, keytype 0x%04x != 0x0001\n", 122 __func__, (int) t->keytype); 123 return -EINVAL; 124 } 125 if (t->plfver != 0x00 && t->plfver != 0x01) { 126 if (dbg) 127 DBF("%s token check failed, unknown plfver 0x%02x\n", 128 __func__, (int) t->plfver); 129 return -EINVAL; 130 } 131 if (t->wpllen != 512 && t->wpllen != 576 && t->wpllen != 640) { 132 if (dbg) 133 DBF("%s token check failed, unknown wpllen %d\n", 134 __func__, (int) t->wpllen); 135 return -EINVAL; 136 } 137 if (keybitsize > 0) { 138 switch (keybitsize) { 139 case 128: 140 if (t->wpllen != (t->plfver ? 640 : 512)) 141 keybitsizeok = false; 142 break; 143 case 192: 144 if (t->wpllen != (t->plfver ? 640 : 576)) 145 keybitsizeok = false; 146 break; 147 case 256: 148 if (t->wpllen != 640) 149 keybitsizeok = false; 150 break; 151 default: 152 keybitsizeok = false; 153 break; 154 } 155 if (!keybitsizeok) { 156 if (dbg) 157 DBF("%s token check failed, bitsize %d\n", 158 __func__, keybitsize); 159 return -EINVAL; 160 } 161 } 162 if (checkcpacfexport && !(t->kmf1 & KMF1_XPRT_CPAC)) { 163 if (dbg) 164 DBF("%s token check failed, XPRT_CPAC bit is 0\n", 165 __func__); 166 return -EINVAL; 167 } 168 169 #undef DBF 170 171 return 0; 172 } 173 EXPORT_SYMBOL(cca_check_secaescipherkey); 174 175 /* 176 * Allocate consecutive memory for request CPRB, request param 177 * block, reply CPRB and reply param block and fill in values 178 * for the common fields. Returns 0 on success or errno value 179 * on failure. 180 */ 181 static int alloc_and_prep_cprbmem(size_t paramblen, 182 u8 **pcprbmem, 183 struct CPRBX **preqCPRB, 184 struct CPRBX **prepCPRB) 185 { 186 u8 *cprbmem; 187 size_t cprbplusparamblen = sizeof(struct CPRBX) + paramblen; 188 struct CPRBX *preqcblk, *prepcblk; 189 190 /* 191 * allocate consecutive memory for request CPRB, request param 192 * block, reply CPRB and reply param block 193 */ 194 cprbmem = kcalloc(2, cprbplusparamblen, GFP_KERNEL); 195 if (!cprbmem) 196 return -ENOMEM; 197 198 preqcblk = (struct CPRBX *) cprbmem; 199 prepcblk = (struct CPRBX *) (cprbmem + cprbplusparamblen); 200 201 /* fill request cprb struct */ 202 preqcblk->cprb_len = sizeof(struct CPRBX); 203 preqcblk->cprb_ver_id = 0x02; 204 memcpy(preqcblk->func_id, "T2", 2); 205 preqcblk->rpl_msgbl = cprbplusparamblen; 206 if (paramblen) { 207 preqcblk->req_parmb = 208 ((u8 *) preqcblk) + sizeof(struct CPRBX); 209 preqcblk->rpl_parmb = 210 ((u8 *) prepcblk) + sizeof(struct CPRBX); 211 } 212 213 *pcprbmem = cprbmem; 214 *preqCPRB = preqcblk; 215 *prepCPRB = prepcblk; 216 217 return 0; 218 } 219 220 /* 221 * Free the cprb memory allocated with the function above. 222 * If the scrub value is not zero, the memory is filled 223 * with zeros before freeing (useful if there was some 224 * clear key material in there). 225 */ 226 static void free_cprbmem(void *mem, size_t paramblen, int scrub) 227 { 228 if (scrub) 229 memzero_explicit(mem, 2 * (sizeof(struct CPRBX) + paramblen)); 230 kfree(mem); 231 } 232 233 /* 234 * Helper function to prepare the xcrb struct 235 */ 236 static inline void prep_xcrb(struct ica_xcRB *pxcrb, 237 u16 cardnr, 238 struct CPRBX *preqcblk, 239 struct CPRBX *prepcblk) 240 { 241 memset(pxcrb, 0, sizeof(*pxcrb)); 242 pxcrb->agent_ID = 0x4341; /* 'CA' */ 243 pxcrb->user_defined = (cardnr == 0xFFFF ? AUTOSELECT : cardnr); 244 pxcrb->request_control_blk_length = 245 preqcblk->cprb_len + preqcblk->req_parml; 246 pxcrb->request_control_blk_addr = (void __user *) preqcblk; 247 pxcrb->reply_control_blk_length = preqcblk->rpl_msgbl; 248 pxcrb->reply_control_blk_addr = (void __user *) prepcblk; 249 } 250 251 /* 252 * Helper function which calls zcrypt_send_cprb with 253 * memory management segment adjusted to kernel space 254 * so that the copy_from_user called within this 255 * function do in fact copy from kernel space. 256 */ 257 static inline int _zcrypt_send_cprb(struct ica_xcRB *xcrb) 258 { 259 int rc; 260 mm_segment_t old_fs = get_fs(); 261 262 set_fs(KERNEL_DS); 263 rc = zcrypt_send_cprb(xcrb); 264 set_fs(old_fs); 265 266 return rc; 267 } 268 269 /* 270 * Generate (random) CCA AES DATA secure key. 271 */ 272 int cca_genseckey(u16 cardnr, u16 domain, 273 u32 keybitsize, u8 seckey[SECKEYBLOBSIZE]) 274 { 275 int i, rc, keysize; 276 int seckeysize; 277 u8 *mem; 278 struct CPRBX *preqcblk, *prepcblk; 279 struct ica_xcRB xcrb; 280 struct kgreqparm { 281 u8 subfunc_code[2]; 282 u16 rule_array_len; 283 struct lv1 { 284 u16 len; 285 char key_form[8]; 286 char key_length[8]; 287 char key_type1[8]; 288 char key_type2[8]; 289 } lv1; 290 struct lv2 { 291 u16 len; 292 struct keyid { 293 u16 len; 294 u16 attr; 295 u8 data[SECKEYBLOBSIZE]; 296 } keyid[6]; 297 } lv2; 298 } __packed * preqparm; 299 struct kgrepparm { 300 u8 subfunc_code[2]; 301 u16 rule_array_len; 302 struct lv3 { 303 u16 len; 304 u16 keyblocklen; 305 struct { 306 u16 toklen; 307 u16 tokattr; 308 u8 tok[0]; 309 /* ... some more data ... */ 310 } keyblock; 311 } lv3; 312 } __packed * prepparm; 313 314 /* get already prepared memory for 2 cprbs with param block each */ 315 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 316 if (rc) 317 return rc; 318 319 /* fill request cprb struct */ 320 preqcblk->domain = domain; 321 322 /* fill request cprb param block with KG request */ 323 preqparm = (struct kgreqparm *) preqcblk->req_parmb; 324 memcpy(preqparm->subfunc_code, "KG", 2); 325 preqparm->rule_array_len = sizeof(preqparm->rule_array_len); 326 preqparm->lv1.len = sizeof(struct lv1); 327 memcpy(preqparm->lv1.key_form, "OP ", 8); 328 switch (keybitsize) { 329 case PKEY_SIZE_AES_128: 330 case PKEY_KEYTYPE_AES_128: /* older ioctls used this */ 331 keysize = 16; 332 memcpy(preqparm->lv1.key_length, "KEYLN16 ", 8); 333 break; 334 case PKEY_SIZE_AES_192: 335 case PKEY_KEYTYPE_AES_192: /* older ioctls used this */ 336 keysize = 24; 337 memcpy(preqparm->lv1.key_length, "KEYLN24 ", 8); 338 break; 339 case PKEY_SIZE_AES_256: 340 case PKEY_KEYTYPE_AES_256: /* older ioctls used this */ 341 keysize = 32; 342 memcpy(preqparm->lv1.key_length, "KEYLN32 ", 8); 343 break; 344 default: 345 DEBUG_ERR("%s unknown/unsupported keybitsize %d\n", 346 __func__, keybitsize); 347 rc = -EINVAL; 348 goto out; 349 } 350 memcpy(preqparm->lv1.key_type1, "AESDATA ", 8); 351 preqparm->lv2.len = sizeof(struct lv2); 352 for (i = 0; i < 6; i++) { 353 preqparm->lv2.keyid[i].len = sizeof(struct keyid); 354 preqparm->lv2.keyid[i].attr = (i == 2 ? 0x30 : 0x10); 355 } 356 preqcblk->req_parml = sizeof(struct kgreqparm); 357 358 /* fill xcrb struct */ 359 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 360 361 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 362 rc = _zcrypt_send_cprb(&xcrb); 363 if (rc) { 364 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, errno %d\n", 365 __func__, (int) cardnr, (int) domain, rc); 366 goto out; 367 } 368 369 /* check response returncode and reasoncode */ 370 if (prepcblk->ccp_rtcode != 0) { 371 DEBUG_ERR("%s secure key generate failure, card response %d/%d\n", 372 __func__, 373 (int) prepcblk->ccp_rtcode, 374 (int) prepcblk->ccp_rscode); 375 rc = -EIO; 376 goto out; 377 } 378 379 /* process response cprb param block */ 380 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX); 381 prepparm = (struct kgrepparm *) prepcblk->rpl_parmb; 382 383 /* check length of the returned secure key token */ 384 seckeysize = prepparm->lv3.keyblock.toklen 385 - sizeof(prepparm->lv3.keyblock.toklen) 386 - sizeof(prepparm->lv3.keyblock.tokattr); 387 if (seckeysize != SECKEYBLOBSIZE) { 388 DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n", 389 __func__, seckeysize, SECKEYBLOBSIZE); 390 rc = -EIO; 391 goto out; 392 } 393 394 /* check secure key token */ 395 rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR, 396 prepparm->lv3.keyblock.tok, 8*keysize); 397 if (rc) { 398 rc = -EIO; 399 goto out; 400 } 401 402 /* copy the generated secure key token */ 403 memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE); 404 405 out: 406 free_cprbmem(mem, PARMBSIZE, 0); 407 return rc; 408 } 409 EXPORT_SYMBOL(cca_genseckey); 410 411 /* 412 * Generate an CCA AES DATA secure key with given key value. 413 */ 414 int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize, 415 const u8 *clrkey, u8 seckey[SECKEYBLOBSIZE]) 416 { 417 int rc, keysize, seckeysize; 418 u8 *mem; 419 struct CPRBX *preqcblk, *prepcblk; 420 struct ica_xcRB xcrb; 421 struct cmreqparm { 422 u8 subfunc_code[2]; 423 u16 rule_array_len; 424 char rule_array[8]; 425 struct lv1 { 426 u16 len; 427 u8 clrkey[0]; 428 } lv1; 429 struct lv2 { 430 u16 len; 431 struct keyid { 432 u16 len; 433 u16 attr; 434 u8 data[SECKEYBLOBSIZE]; 435 } keyid; 436 } lv2; 437 } __packed * preqparm; 438 struct lv2 *plv2; 439 struct cmrepparm { 440 u8 subfunc_code[2]; 441 u16 rule_array_len; 442 struct lv3 { 443 u16 len; 444 u16 keyblocklen; 445 struct { 446 u16 toklen; 447 u16 tokattr; 448 u8 tok[0]; 449 /* ... some more data ... */ 450 } keyblock; 451 } lv3; 452 } __packed * prepparm; 453 454 /* get already prepared memory for 2 cprbs with param block each */ 455 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 456 if (rc) 457 return rc; 458 459 /* fill request cprb struct */ 460 preqcblk->domain = domain; 461 462 /* fill request cprb param block with CM request */ 463 preqparm = (struct cmreqparm *) preqcblk->req_parmb; 464 memcpy(preqparm->subfunc_code, "CM", 2); 465 memcpy(preqparm->rule_array, "AES ", 8); 466 preqparm->rule_array_len = 467 sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array); 468 switch (keybitsize) { 469 case PKEY_SIZE_AES_128: 470 case PKEY_KEYTYPE_AES_128: /* older ioctls used this */ 471 keysize = 16; 472 break; 473 case PKEY_SIZE_AES_192: 474 case PKEY_KEYTYPE_AES_192: /* older ioctls used this */ 475 keysize = 24; 476 break; 477 case PKEY_SIZE_AES_256: 478 case PKEY_KEYTYPE_AES_256: /* older ioctls used this */ 479 keysize = 32; 480 break; 481 default: 482 DEBUG_ERR("%s unknown/unsupported keybitsize %d\n", 483 __func__, keybitsize); 484 rc = -EINVAL; 485 goto out; 486 } 487 preqparm->lv1.len = sizeof(struct lv1) + keysize; 488 memcpy(preqparm->lv1.clrkey, clrkey, keysize); 489 plv2 = (struct lv2 *) (((u8 *) &preqparm->lv2) + keysize); 490 plv2->len = sizeof(struct lv2); 491 plv2->keyid.len = sizeof(struct keyid); 492 plv2->keyid.attr = 0x30; 493 preqcblk->req_parml = sizeof(struct cmreqparm) + keysize; 494 495 /* fill xcrb struct */ 496 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 497 498 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 499 rc = _zcrypt_send_cprb(&xcrb); 500 if (rc) { 501 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 502 __func__, (int) cardnr, (int) domain, rc); 503 goto out; 504 } 505 506 /* check response returncode and reasoncode */ 507 if (prepcblk->ccp_rtcode != 0) { 508 DEBUG_ERR("%s clear key import failure, card response %d/%d\n", 509 __func__, 510 (int) prepcblk->ccp_rtcode, 511 (int) prepcblk->ccp_rscode); 512 rc = -EIO; 513 goto out; 514 } 515 516 /* process response cprb param block */ 517 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX); 518 prepparm = (struct cmrepparm *) prepcblk->rpl_parmb; 519 520 /* check length of the returned secure key token */ 521 seckeysize = prepparm->lv3.keyblock.toklen 522 - sizeof(prepparm->lv3.keyblock.toklen) 523 - sizeof(prepparm->lv3.keyblock.tokattr); 524 if (seckeysize != SECKEYBLOBSIZE) { 525 DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n", 526 __func__, seckeysize, SECKEYBLOBSIZE); 527 rc = -EIO; 528 goto out; 529 } 530 531 /* check secure key token */ 532 rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR, 533 prepparm->lv3.keyblock.tok, 8*keysize); 534 if (rc) { 535 rc = -EIO; 536 goto out; 537 } 538 539 /* copy the generated secure key token */ 540 if (seckey) 541 memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE); 542 543 out: 544 free_cprbmem(mem, PARMBSIZE, 1); 545 return rc; 546 } 547 EXPORT_SYMBOL(cca_clr2seckey); 548 549 /* 550 * Derive proteced key from an CCA AES DATA secure key. 551 */ 552 int cca_sec2protkey(u16 cardnr, u16 domain, 553 const u8 seckey[SECKEYBLOBSIZE], 554 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 555 { 556 int rc; 557 u8 *mem; 558 struct CPRBX *preqcblk, *prepcblk; 559 struct ica_xcRB xcrb; 560 struct uskreqparm { 561 u8 subfunc_code[2]; 562 u16 rule_array_len; 563 struct lv1 { 564 u16 len; 565 u16 attr_len; 566 u16 attr_flags; 567 } lv1; 568 struct lv2 { 569 u16 len; 570 u16 attr_len; 571 u16 attr_flags; 572 u8 token[0]; /* cca secure key token */ 573 } lv2; 574 } __packed * preqparm; 575 struct uskrepparm { 576 u8 subfunc_code[2]; 577 u16 rule_array_len; 578 struct lv3 { 579 u16 len; 580 u16 attr_len; 581 u16 attr_flags; 582 struct cpacfkeyblock { 583 u8 version; /* version of this struct */ 584 u8 flags[2]; 585 u8 algo; 586 u8 form; 587 u8 pad1[3]; 588 u16 len; 589 u8 key[64]; /* the key (len bytes) */ 590 u16 keyattrlen; 591 u8 keyattr[32]; 592 u8 pad2[1]; 593 u8 vptype; 594 u8 vp[32]; /* verification pattern */ 595 } ckb; 596 } lv3; 597 } __packed * prepparm; 598 599 /* get already prepared memory for 2 cprbs with param block each */ 600 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 601 if (rc) 602 return rc; 603 604 /* fill request cprb struct */ 605 preqcblk->domain = domain; 606 607 /* fill request cprb param block with USK request */ 608 preqparm = (struct uskreqparm *) preqcblk->req_parmb; 609 memcpy(preqparm->subfunc_code, "US", 2); 610 preqparm->rule_array_len = sizeof(preqparm->rule_array_len); 611 preqparm->lv1.len = sizeof(struct lv1); 612 preqparm->lv1.attr_len = sizeof(struct lv1) - sizeof(preqparm->lv1.len); 613 preqparm->lv1.attr_flags = 0x0001; 614 preqparm->lv2.len = sizeof(struct lv2) + SECKEYBLOBSIZE; 615 preqparm->lv2.attr_len = sizeof(struct lv2) 616 - sizeof(preqparm->lv2.len) + SECKEYBLOBSIZE; 617 preqparm->lv2.attr_flags = 0x0000; 618 memcpy(preqparm->lv2.token, seckey, SECKEYBLOBSIZE); 619 preqcblk->req_parml = sizeof(struct uskreqparm) + SECKEYBLOBSIZE; 620 621 /* fill xcrb struct */ 622 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 623 624 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 625 rc = _zcrypt_send_cprb(&xcrb); 626 if (rc) { 627 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 628 __func__, (int) cardnr, (int) domain, rc); 629 goto out; 630 } 631 632 /* check response returncode and reasoncode */ 633 if (prepcblk->ccp_rtcode != 0) { 634 DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n", 635 __func__, 636 (int) prepcblk->ccp_rtcode, 637 (int) prepcblk->ccp_rscode); 638 rc = -EIO; 639 goto out; 640 } 641 if (prepcblk->ccp_rscode != 0) { 642 DEBUG_WARN("%s unwrap secure key warning, card response %d/%d\n", 643 __func__, 644 (int) prepcblk->ccp_rtcode, 645 (int) prepcblk->ccp_rscode); 646 } 647 648 /* process response cprb param block */ 649 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX); 650 prepparm = (struct uskrepparm *) prepcblk->rpl_parmb; 651 652 /* check the returned keyblock */ 653 if (prepparm->lv3.ckb.version != 0x01 && 654 prepparm->lv3.ckb.version != 0x02) { 655 DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n", 656 __func__, (int) prepparm->lv3.ckb.version); 657 rc = -EIO; 658 goto out; 659 } 660 661 /* copy the tanslated protected key */ 662 switch (prepparm->lv3.ckb.len) { 663 case 16+32: 664 /* AES 128 protected key */ 665 if (protkeytype) 666 *protkeytype = PKEY_KEYTYPE_AES_128; 667 break; 668 case 24+32: 669 /* AES 192 protected key */ 670 if (protkeytype) 671 *protkeytype = PKEY_KEYTYPE_AES_192; 672 break; 673 case 32+32: 674 /* AES 256 protected key */ 675 if (protkeytype) 676 *protkeytype = PKEY_KEYTYPE_AES_256; 677 break; 678 default: 679 DEBUG_ERR("%s unknown/unsupported keylen %d\n", 680 __func__, prepparm->lv3.ckb.len); 681 rc = -EIO; 682 goto out; 683 } 684 memcpy(protkey, prepparm->lv3.ckb.key, prepparm->lv3.ckb.len); 685 if (protkeylen) 686 *protkeylen = prepparm->lv3.ckb.len; 687 688 out: 689 free_cprbmem(mem, PARMBSIZE, 0); 690 return rc; 691 } 692 EXPORT_SYMBOL(cca_sec2protkey); 693 694 /* 695 * AES cipher key skeleton created with CSNBKTB2 with these flags: 696 * INTERNAL, NO-KEY, AES, CIPHER, ANY-MODE, NOEX-SYM, NOEXAASY, 697 * NOEXUASY, XPRTCPAC, NOEX-RAW, NOEX-DES, NOEX-AES, NOEX-RSA 698 * used by cca_gencipherkey() and cca_clr2cipherkey(). 699 */ 700 static const u8 aes_cipher_key_skeleton[] = { 701 0x01, 0x00, 0x00, 0x38, 0x05, 0x00, 0x00, 0x00, 702 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 703 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 704 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 705 0x00, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 706 0x00, 0x02, 0x00, 0x01, 0x02, 0xc0, 0x00, 0xff, 707 0x00, 0x03, 0x08, 0xc8, 0x00, 0x00, 0x00, 0x00 }; 708 #define SIZEOF_SKELETON (sizeof(aes_cipher_key_skeleton)) 709 710 /* 711 * Generate (random) CCA AES CIPHER secure key. 712 */ 713 int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, 714 u8 *keybuf, size_t *keybufsize) 715 { 716 int rc; 717 u8 *mem; 718 struct CPRBX *preqcblk, *prepcblk; 719 struct ica_xcRB xcrb; 720 struct gkreqparm { 721 u8 subfunc_code[2]; 722 u16 rule_array_len; 723 char rule_array[2*8]; 724 struct { 725 u16 len; 726 u8 key_type_1[8]; 727 u8 key_type_2[8]; 728 u16 clear_key_bit_len; 729 u16 key_name_1_len; 730 u16 key_name_2_len; 731 u16 user_data_1_len; 732 u16 user_data_2_len; 733 u8 key_name_1[0]; 734 u8 key_name_2[0]; 735 u8 user_data_1[0]; 736 u8 user_data_2[0]; 737 } vud; 738 struct { 739 u16 len; 740 struct { 741 u16 len; 742 u16 flag; 743 u8 kek_id_1[0]; 744 } tlv1; 745 struct { 746 u16 len; 747 u16 flag; 748 u8 kek_id_2[0]; 749 } tlv2; 750 struct { 751 u16 len; 752 u16 flag; 753 u8 gen_key_id_1[SIZEOF_SKELETON]; 754 } tlv3; 755 struct { 756 u16 len; 757 u16 flag; 758 u8 gen_key_id_1_label[0]; 759 } tlv4; 760 struct { 761 u16 len; 762 u16 flag; 763 u8 gen_key_id_2[0]; 764 } tlv5; 765 struct { 766 u16 len; 767 u16 flag; 768 u8 gen_key_id_2_label[0]; 769 } tlv6; 770 } kb; 771 } __packed * preqparm; 772 struct gkrepparm { 773 u8 subfunc_code[2]; 774 u16 rule_array_len; 775 struct { 776 u16 len; 777 } vud; 778 struct { 779 u16 len; 780 struct { 781 u16 len; 782 u16 flag; 783 u8 gen_key[0]; /* 120-136 bytes */ 784 } tlv1; 785 } kb; 786 } __packed * prepparm; 787 struct cipherkeytoken *t; 788 789 /* get already prepared memory for 2 cprbs with param block each */ 790 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 791 if (rc) 792 return rc; 793 794 /* fill request cprb struct */ 795 preqcblk->domain = domain; 796 preqcblk->req_parml = sizeof(struct gkreqparm); 797 798 /* prepare request param block with GK request */ 799 preqparm = (struct gkreqparm *) preqcblk->req_parmb; 800 memcpy(preqparm->subfunc_code, "GK", 2); 801 preqparm->rule_array_len = sizeof(uint16_t) + 2 * 8; 802 memcpy(preqparm->rule_array, "AES OP ", 2*8); 803 804 /* prepare vud block */ 805 preqparm->vud.len = sizeof(preqparm->vud); 806 switch (keybitsize) { 807 case 128: 808 case 192: 809 case 256: 810 break; 811 default: 812 DEBUG_ERR( 813 "%s unknown/unsupported keybitsize %d\n", 814 __func__, keybitsize); 815 rc = -EINVAL; 816 goto out; 817 } 818 preqparm->vud.clear_key_bit_len = keybitsize; 819 memcpy(preqparm->vud.key_type_1, "TOKEN ", 8); 820 memset(preqparm->vud.key_type_2, ' ', sizeof(preqparm->vud.key_type_2)); 821 822 /* prepare kb block */ 823 preqparm->kb.len = sizeof(preqparm->kb); 824 preqparm->kb.tlv1.len = sizeof(preqparm->kb.tlv1); 825 preqparm->kb.tlv1.flag = 0x0030; 826 preqparm->kb.tlv2.len = sizeof(preqparm->kb.tlv2); 827 preqparm->kb.tlv2.flag = 0x0030; 828 preqparm->kb.tlv3.len = sizeof(preqparm->kb.tlv3); 829 preqparm->kb.tlv3.flag = 0x0030; 830 memcpy(preqparm->kb.tlv3.gen_key_id_1, 831 aes_cipher_key_skeleton, SIZEOF_SKELETON); 832 preqparm->kb.tlv4.len = sizeof(preqparm->kb.tlv4); 833 preqparm->kb.tlv4.flag = 0x0030; 834 preqparm->kb.tlv5.len = sizeof(preqparm->kb.tlv5); 835 preqparm->kb.tlv5.flag = 0x0030; 836 preqparm->kb.tlv6.len = sizeof(preqparm->kb.tlv6); 837 preqparm->kb.tlv6.flag = 0x0030; 838 839 /* patch the skeleton key token export flags inside the kb block */ 840 if (keygenflags) { 841 t = (struct cipherkeytoken *) preqparm->kb.tlv3.gen_key_id_1; 842 t->kmf1 |= (u16) (keygenflags & 0x0000FF00); 843 t->kmf1 &= (u16) ~(keygenflags & 0x000000FF); 844 } 845 846 /* prepare xcrb struct */ 847 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 848 849 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 850 rc = _zcrypt_send_cprb(&xcrb); 851 if (rc) { 852 DEBUG_ERR( 853 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 854 __func__, (int) cardnr, (int) domain, rc); 855 goto out; 856 } 857 858 /* check response returncode and reasoncode */ 859 if (prepcblk->ccp_rtcode != 0) { 860 DEBUG_ERR( 861 "%s cipher key generate failure, card response %d/%d\n", 862 __func__, 863 (int) prepcblk->ccp_rtcode, 864 (int) prepcblk->ccp_rscode); 865 rc = -EIO; 866 goto out; 867 } 868 869 /* process response cprb param block */ 870 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX); 871 prepparm = (struct gkrepparm *) prepcblk->rpl_parmb; 872 873 /* do some plausibility checks on the key block */ 874 if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) || 875 prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) { 876 DEBUG_ERR("%s reply with invalid or unknown key block\n", 877 __func__); 878 rc = -EIO; 879 goto out; 880 } 881 882 /* and some checks on the generated key */ 883 rc = cca_check_secaescipherkey(zcrypt_dbf_info, DBF_ERR, 884 prepparm->kb.tlv1.gen_key, 885 keybitsize, 1); 886 if (rc) { 887 rc = -EIO; 888 goto out; 889 } 890 891 /* copy the generated vlsc key token */ 892 t = (struct cipherkeytoken *) prepparm->kb.tlv1.gen_key; 893 if (keybuf) { 894 if (*keybufsize >= t->len) 895 memcpy(keybuf, t, t->len); 896 else 897 rc = -EINVAL; 898 } 899 *keybufsize = t->len; 900 901 out: 902 free_cprbmem(mem, PARMBSIZE, 0); 903 return rc; 904 } 905 EXPORT_SYMBOL(cca_gencipherkey); 906 907 /* 908 * Helper function, does a the CSNBKPI2 CPRB. 909 */ 910 static int _ip_cprb_helper(u16 cardnr, u16 domain, 911 const char *rule_array_1, 912 const char *rule_array_2, 913 const char *rule_array_3, 914 const u8 *clr_key_value, 915 int clr_key_bit_size, 916 u8 *key_token, 917 int *key_token_size) 918 { 919 int rc, n; 920 u8 *mem; 921 struct CPRBX *preqcblk, *prepcblk; 922 struct ica_xcRB xcrb; 923 struct rule_array_block { 924 u8 subfunc_code[2]; 925 u16 rule_array_len; 926 char rule_array[0]; 927 } __packed * preq_ra_block; 928 struct vud_block { 929 u16 len; 930 struct { 931 u16 len; 932 u16 flag; /* 0x0064 */ 933 u16 clr_key_bit_len; 934 } tlv1; 935 struct { 936 u16 len; 937 u16 flag; /* 0x0063 */ 938 u8 clr_key[0]; /* clear key value bytes */ 939 } tlv2; 940 } __packed * preq_vud_block; 941 struct key_block { 942 u16 len; 943 struct { 944 u16 len; 945 u16 flag; /* 0x0030 */ 946 u8 key_token[0]; /* key skeleton */ 947 } tlv1; 948 } __packed * preq_key_block; 949 struct iprepparm { 950 u8 subfunc_code[2]; 951 u16 rule_array_len; 952 struct { 953 u16 len; 954 } vud; 955 struct { 956 u16 len; 957 struct { 958 u16 len; 959 u16 flag; /* 0x0030 */ 960 u8 key_token[0]; /* key token */ 961 } tlv1; 962 } kb; 963 } __packed * prepparm; 964 struct cipherkeytoken *t; 965 int complete = strncmp(rule_array_2, "COMPLETE", 8) ? 0 : 1; 966 967 /* get already prepared memory for 2 cprbs with param block each */ 968 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 969 if (rc) 970 return rc; 971 972 /* fill request cprb struct */ 973 preqcblk->domain = domain; 974 preqcblk->req_parml = 0; 975 976 /* prepare request param block with IP request */ 977 preq_ra_block = (struct rule_array_block *) preqcblk->req_parmb; 978 memcpy(preq_ra_block->subfunc_code, "IP", 2); 979 preq_ra_block->rule_array_len = sizeof(uint16_t) + 2 * 8; 980 memcpy(preq_ra_block->rule_array, rule_array_1, 8); 981 memcpy(preq_ra_block->rule_array + 8, rule_array_2, 8); 982 preqcblk->req_parml = sizeof(struct rule_array_block) + 2 * 8; 983 if (rule_array_3) { 984 preq_ra_block->rule_array_len += 8; 985 memcpy(preq_ra_block->rule_array + 16, rule_array_3, 8); 986 preqcblk->req_parml += 8; 987 } 988 989 /* prepare vud block */ 990 preq_vud_block = (struct vud_block *) 991 (preqcblk->req_parmb + preqcblk->req_parml); 992 n = complete ? 0 : (clr_key_bit_size + 7) / 8; 993 preq_vud_block->len = sizeof(struct vud_block) + n; 994 preq_vud_block->tlv1.len = sizeof(preq_vud_block->tlv1); 995 preq_vud_block->tlv1.flag = 0x0064; 996 preq_vud_block->tlv1.clr_key_bit_len = complete ? 0 : clr_key_bit_size; 997 preq_vud_block->tlv2.len = sizeof(preq_vud_block->tlv2) + n; 998 preq_vud_block->tlv2.flag = 0x0063; 999 if (!complete) 1000 memcpy(preq_vud_block->tlv2.clr_key, clr_key_value, n); 1001 preqcblk->req_parml += preq_vud_block->len; 1002 1003 /* prepare key block */ 1004 preq_key_block = (struct key_block *) 1005 (preqcblk->req_parmb + preqcblk->req_parml); 1006 n = *key_token_size; 1007 preq_key_block->len = sizeof(struct key_block) + n; 1008 preq_key_block->tlv1.len = sizeof(preq_key_block->tlv1) + n; 1009 preq_key_block->tlv1.flag = 0x0030; 1010 memcpy(preq_key_block->tlv1.key_token, key_token, *key_token_size); 1011 preqcblk->req_parml += preq_key_block->len; 1012 1013 /* prepare xcrb struct */ 1014 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 1015 1016 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 1017 rc = _zcrypt_send_cprb(&xcrb); 1018 if (rc) { 1019 DEBUG_ERR( 1020 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 1021 __func__, (int) cardnr, (int) domain, rc); 1022 goto out; 1023 } 1024 1025 /* check response returncode and reasoncode */ 1026 if (prepcblk->ccp_rtcode != 0) { 1027 DEBUG_ERR( 1028 "%s CSNBKPI2 failure, card response %d/%d\n", 1029 __func__, 1030 (int) prepcblk->ccp_rtcode, 1031 (int) prepcblk->ccp_rscode); 1032 rc = -EIO; 1033 goto out; 1034 } 1035 1036 /* process response cprb param block */ 1037 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX); 1038 prepparm = (struct iprepparm *) prepcblk->rpl_parmb; 1039 1040 /* do some plausibility checks on the key block */ 1041 if (prepparm->kb.len < 120 + 3 * sizeof(uint16_t) || 1042 prepparm->kb.len > 136 + 3 * sizeof(uint16_t)) { 1043 DEBUG_ERR("%s reply with invalid or unknown key block\n", 1044 __func__); 1045 rc = -EIO; 1046 goto out; 1047 } 1048 1049 /* do not check the key here, it may be incomplete */ 1050 1051 /* copy the vlsc key token back */ 1052 t = (struct cipherkeytoken *) prepparm->kb.tlv1.key_token; 1053 memcpy(key_token, t, t->len); 1054 *key_token_size = t->len; 1055 1056 out: 1057 free_cprbmem(mem, PARMBSIZE, 0); 1058 return rc; 1059 } 1060 1061 /* 1062 * Build CCA AES CIPHER secure key with a given clear key value. 1063 */ 1064 int cca_clr2cipherkey(u16 card, u16 dom, u32 keybitsize, u32 keygenflags, 1065 const u8 *clrkey, u8 *keybuf, size_t *keybufsize) 1066 { 1067 int rc; 1068 u8 *token; 1069 int tokensize; 1070 u8 exorbuf[32]; 1071 struct cipherkeytoken *t; 1072 1073 /* fill exorbuf with random data */ 1074 get_random_bytes(exorbuf, sizeof(exorbuf)); 1075 1076 /* allocate space for the key token to build */ 1077 token = kmalloc(MAXCCAVLSCTOKENSIZE, GFP_KERNEL); 1078 if (!token) 1079 return -ENOMEM; 1080 1081 /* prepare the token with the key skeleton */ 1082 tokensize = SIZEOF_SKELETON; 1083 memcpy(token, aes_cipher_key_skeleton, tokensize); 1084 1085 /* patch the skeleton key token export flags */ 1086 if (keygenflags) { 1087 t = (struct cipherkeytoken *) token; 1088 t->kmf1 |= (u16) (keygenflags & 0x0000FF00); 1089 t->kmf1 &= (u16) ~(keygenflags & 0x000000FF); 1090 } 1091 1092 /* 1093 * Do the key import with the clear key value in 4 steps: 1094 * 1/4 FIRST import with only random data 1095 * 2/4 EXOR the clear key 1096 * 3/4 EXOR the very same random data again 1097 * 4/4 COMPLETE the secure cipher key import 1098 */ 1099 rc = _ip_cprb_helper(card, dom, "AES ", "FIRST ", "MIN3PART", 1100 exorbuf, keybitsize, token, &tokensize); 1101 if (rc) { 1102 DEBUG_ERR( 1103 "%s clear key import 1/4 with CSNBKPI2 failed, rc=%d\n", 1104 __func__, rc); 1105 goto out; 1106 } 1107 rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL, 1108 clrkey, keybitsize, token, &tokensize); 1109 if (rc) { 1110 DEBUG_ERR( 1111 "%s clear key import 2/4 with CSNBKPI2 failed, rc=%d\n", 1112 __func__, rc); 1113 goto out; 1114 } 1115 rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL, 1116 exorbuf, keybitsize, token, &tokensize); 1117 if (rc) { 1118 DEBUG_ERR( 1119 "%s clear key import 3/4 with CSNBKPI2 failed, rc=%d\n", 1120 __func__, rc); 1121 goto out; 1122 } 1123 rc = _ip_cprb_helper(card, dom, "AES ", "COMPLETE", NULL, 1124 NULL, keybitsize, token, &tokensize); 1125 if (rc) { 1126 DEBUG_ERR( 1127 "%s clear key import 4/4 with CSNBKPI2 failed, rc=%d\n", 1128 __func__, rc); 1129 goto out; 1130 } 1131 1132 /* copy the generated key token */ 1133 if (keybuf) { 1134 if (tokensize > *keybufsize) 1135 rc = -EINVAL; 1136 else 1137 memcpy(keybuf, token, tokensize); 1138 } 1139 *keybufsize = tokensize; 1140 1141 out: 1142 kfree(token); 1143 return rc; 1144 } 1145 EXPORT_SYMBOL(cca_clr2cipherkey); 1146 1147 /* 1148 * Derive proteced key from CCA AES cipher secure key. 1149 */ 1150 int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey, 1151 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 1152 { 1153 int rc; 1154 u8 *mem; 1155 struct CPRBX *preqcblk, *prepcblk; 1156 struct ica_xcRB xcrb; 1157 struct aureqparm { 1158 u8 subfunc_code[2]; 1159 u16 rule_array_len; 1160 u8 rule_array[8]; 1161 struct { 1162 u16 len; 1163 u16 tk_blob_len; 1164 u16 tk_blob_tag; 1165 u8 tk_blob[66]; 1166 } vud; 1167 struct { 1168 u16 len; 1169 u16 cca_key_token_len; 1170 u16 cca_key_token_flags; 1171 u8 cca_key_token[0]; // 64 or more 1172 } kb; 1173 } __packed * preqparm; 1174 struct aurepparm { 1175 u8 subfunc_code[2]; 1176 u16 rule_array_len; 1177 struct { 1178 u16 len; 1179 u16 sublen; 1180 u16 tag; 1181 struct cpacfkeyblock { 1182 u8 version; /* version of this struct */ 1183 u8 flags[2]; 1184 u8 algo; 1185 u8 form; 1186 u8 pad1[3]; 1187 u16 keylen; 1188 u8 key[64]; /* the key (keylen bytes) */ 1189 u16 keyattrlen; 1190 u8 keyattr[32]; 1191 u8 pad2[1]; 1192 u8 vptype; 1193 u8 vp[32]; /* verification pattern */ 1194 } ckb; 1195 } vud; 1196 struct { 1197 u16 len; 1198 } kb; 1199 } __packed * prepparm; 1200 int keytoklen = ((struct cipherkeytoken *)ckey)->len; 1201 1202 /* get already prepared memory for 2 cprbs with param block each */ 1203 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk); 1204 if (rc) 1205 return rc; 1206 1207 /* fill request cprb struct */ 1208 preqcblk->domain = domain; 1209 1210 /* fill request cprb param block with AU request */ 1211 preqparm = (struct aureqparm *) preqcblk->req_parmb; 1212 memcpy(preqparm->subfunc_code, "AU", 2); 1213 preqparm->rule_array_len = 1214 sizeof(preqparm->rule_array_len) 1215 + sizeof(preqparm->rule_array); 1216 memcpy(preqparm->rule_array, "EXPT-SK ", 8); 1217 /* vud, tk blob */ 1218 preqparm->vud.len = sizeof(preqparm->vud); 1219 preqparm->vud.tk_blob_len = sizeof(preqparm->vud.tk_blob) 1220 + 2 * sizeof(uint16_t); 1221 preqparm->vud.tk_blob_tag = 0x00C2; 1222 /* kb, cca token */ 1223 preqparm->kb.len = keytoklen + 3 * sizeof(uint16_t); 1224 preqparm->kb.cca_key_token_len = keytoklen + 2 * sizeof(uint16_t); 1225 memcpy(preqparm->kb.cca_key_token, ckey, keytoklen); 1226 /* now fill length of param block into cprb */ 1227 preqcblk->req_parml = sizeof(struct aureqparm) + keytoklen; 1228 1229 /* fill xcrb struct */ 1230 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 1231 1232 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 1233 rc = _zcrypt_send_cprb(&xcrb); 1234 if (rc) { 1235 DEBUG_ERR( 1236 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 1237 __func__, (int) cardnr, (int) domain, rc); 1238 goto out; 1239 } 1240 1241 /* check response returncode and reasoncode */ 1242 if (prepcblk->ccp_rtcode != 0) { 1243 DEBUG_ERR( 1244 "%s unwrap secure key failure, card response %d/%d\n", 1245 __func__, 1246 (int) prepcblk->ccp_rtcode, 1247 (int) prepcblk->ccp_rscode); 1248 rc = -EIO; 1249 goto out; 1250 } 1251 if (prepcblk->ccp_rscode != 0) { 1252 DEBUG_WARN( 1253 "%s unwrap secure key warning, card response %d/%d\n", 1254 __func__, 1255 (int) prepcblk->ccp_rtcode, 1256 (int) prepcblk->ccp_rscode); 1257 } 1258 1259 /* process response cprb param block */ 1260 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX); 1261 prepparm = (struct aurepparm *) prepcblk->rpl_parmb; 1262 1263 /* check the returned keyblock */ 1264 if (prepparm->vud.ckb.version != 0x01 && 1265 prepparm->vud.ckb.version != 0x02) { 1266 DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n", 1267 __func__, (int) prepparm->vud.ckb.version); 1268 rc = -EIO; 1269 goto out; 1270 } 1271 if (prepparm->vud.ckb.algo != 0x02) { 1272 DEBUG_ERR( 1273 "%s reply param keyblock algo mismatch 0x%02x != 0x02\n", 1274 __func__, (int) prepparm->vud.ckb.algo); 1275 rc = -EIO; 1276 goto out; 1277 } 1278 1279 /* copy the translated protected key */ 1280 switch (prepparm->vud.ckb.keylen) { 1281 case 16+32: 1282 /* AES 128 protected key */ 1283 if (protkeytype) 1284 *protkeytype = PKEY_KEYTYPE_AES_128; 1285 break; 1286 case 24+32: 1287 /* AES 192 protected key */ 1288 if (protkeytype) 1289 *protkeytype = PKEY_KEYTYPE_AES_192; 1290 break; 1291 case 32+32: 1292 /* AES 256 protected key */ 1293 if (protkeytype) 1294 *protkeytype = PKEY_KEYTYPE_AES_256; 1295 break; 1296 default: 1297 DEBUG_ERR("%s unknown/unsupported keylen %d\n", 1298 __func__, prepparm->vud.ckb.keylen); 1299 rc = -EIO; 1300 goto out; 1301 } 1302 memcpy(protkey, prepparm->vud.ckb.key, prepparm->vud.ckb.keylen); 1303 if (protkeylen) 1304 *protkeylen = prepparm->vud.ckb.keylen; 1305 1306 out: 1307 free_cprbmem(mem, PARMBSIZE, 0); 1308 return rc; 1309 } 1310 EXPORT_SYMBOL(cca_cipher2protkey); 1311 1312 /* 1313 * query cryptographic facility from CCA adapter 1314 */ 1315 int cca_query_crypto_facility(u16 cardnr, u16 domain, 1316 const char *keyword, 1317 u8 *rarray, size_t *rarraylen, 1318 u8 *varray, size_t *varraylen) 1319 { 1320 int rc; 1321 u16 len; 1322 u8 *mem, *ptr; 1323 struct CPRBX *preqcblk, *prepcblk; 1324 struct ica_xcRB xcrb; 1325 struct fqreqparm { 1326 u8 subfunc_code[2]; 1327 u16 rule_array_len; 1328 char rule_array[8]; 1329 struct lv1 { 1330 u16 len; 1331 u8 data[VARDATASIZE]; 1332 } lv1; 1333 u16 dummylen; 1334 } __packed * preqparm; 1335 size_t parmbsize = sizeof(struct fqreqparm); 1336 struct fqrepparm { 1337 u8 subfunc_code[2]; 1338 u8 lvdata[0]; 1339 } __packed * prepparm; 1340 1341 /* get already prepared memory for 2 cprbs with param block each */ 1342 rc = alloc_and_prep_cprbmem(parmbsize, &mem, &preqcblk, &prepcblk); 1343 if (rc) 1344 return rc; 1345 1346 /* fill request cprb struct */ 1347 preqcblk->domain = domain; 1348 1349 /* fill request cprb param block with FQ request */ 1350 preqparm = (struct fqreqparm *) preqcblk->req_parmb; 1351 memcpy(preqparm->subfunc_code, "FQ", 2); 1352 memcpy(preqparm->rule_array, keyword, sizeof(preqparm->rule_array)); 1353 preqparm->rule_array_len = 1354 sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array); 1355 preqparm->lv1.len = sizeof(preqparm->lv1); 1356 preqparm->dummylen = sizeof(preqparm->dummylen); 1357 preqcblk->req_parml = parmbsize; 1358 1359 /* fill xcrb struct */ 1360 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk); 1361 1362 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ 1363 rc = _zcrypt_send_cprb(&xcrb); 1364 if (rc) { 1365 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", 1366 __func__, (int) cardnr, (int) domain, rc); 1367 goto out; 1368 } 1369 1370 /* check response returncode and reasoncode */ 1371 if (prepcblk->ccp_rtcode != 0) { 1372 DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n", 1373 __func__, 1374 (int) prepcblk->ccp_rtcode, 1375 (int) prepcblk->ccp_rscode); 1376 rc = -EIO; 1377 goto out; 1378 } 1379 1380 /* process response cprb param block */ 1381 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX); 1382 prepparm = (struct fqrepparm *) prepcblk->rpl_parmb; 1383 ptr = prepparm->lvdata; 1384 1385 /* check and possibly copy reply rule array */ 1386 len = *((u16 *) ptr); 1387 if (len > sizeof(u16)) { 1388 ptr += sizeof(u16); 1389 len -= sizeof(u16); 1390 if (rarray && rarraylen && *rarraylen > 0) { 1391 *rarraylen = (len > *rarraylen ? *rarraylen : len); 1392 memcpy(rarray, ptr, *rarraylen); 1393 } 1394 ptr += len; 1395 } 1396 /* check and possible copy reply var array */ 1397 len = *((u16 *) ptr); 1398 if (len > sizeof(u16)) { 1399 ptr += sizeof(u16); 1400 len -= sizeof(u16); 1401 if (varray && varraylen && *varraylen > 0) { 1402 *varraylen = (len > *varraylen ? *varraylen : len); 1403 memcpy(varray, ptr, *varraylen); 1404 } 1405 ptr += len; 1406 } 1407 1408 out: 1409 free_cprbmem(mem, parmbsize, 0); 1410 return rc; 1411 } 1412 EXPORT_SYMBOL(cca_query_crypto_facility); 1413 1414 static int cca_info_cache_fetch(u16 cardnr, u16 domain, struct cca_info *ci) 1415 { 1416 int rc = -ENOENT; 1417 struct cca_info_list_entry *ptr; 1418 1419 spin_lock_bh(&cca_info_list_lock); 1420 list_for_each_entry(ptr, &cca_info_list, list) { 1421 if (ptr->cardnr == cardnr && ptr->domain == domain) { 1422 memcpy(ci, &ptr->info, sizeof(*ci)); 1423 rc = 0; 1424 break; 1425 } 1426 } 1427 spin_unlock_bh(&cca_info_list_lock); 1428 1429 return rc; 1430 } 1431 1432 static void cca_info_cache_update(u16 cardnr, u16 domain, 1433 const struct cca_info *ci) 1434 { 1435 int found = 0; 1436 struct cca_info_list_entry *ptr; 1437 1438 spin_lock_bh(&cca_info_list_lock); 1439 list_for_each_entry(ptr, &cca_info_list, list) { 1440 if (ptr->cardnr == cardnr && 1441 ptr->domain == domain) { 1442 memcpy(&ptr->info, ci, sizeof(*ci)); 1443 found = 1; 1444 break; 1445 } 1446 } 1447 if (!found) { 1448 ptr = kmalloc(sizeof(*ptr), GFP_ATOMIC); 1449 if (!ptr) { 1450 spin_unlock_bh(&cca_info_list_lock); 1451 return; 1452 } 1453 ptr->cardnr = cardnr; 1454 ptr->domain = domain; 1455 memcpy(&ptr->info, ci, sizeof(*ci)); 1456 list_add(&ptr->list, &cca_info_list); 1457 } 1458 spin_unlock_bh(&cca_info_list_lock); 1459 } 1460 1461 static void cca_info_cache_scrub(u16 cardnr, u16 domain) 1462 { 1463 struct cca_info_list_entry *ptr; 1464 1465 spin_lock_bh(&cca_info_list_lock); 1466 list_for_each_entry(ptr, &cca_info_list, list) { 1467 if (ptr->cardnr == cardnr && 1468 ptr->domain == domain) { 1469 list_del(&ptr->list); 1470 kfree(ptr); 1471 break; 1472 } 1473 } 1474 spin_unlock_bh(&cca_info_list_lock); 1475 } 1476 1477 static void __exit mkvp_cache_free(void) 1478 { 1479 struct cca_info_list_entry *ptr, *pnext; 1480 1481 spin_lock_bh(&cca_info_list_lock); 1482 list_for_each_entry_safe(ptr, pnext, &cca_info_list, list) { 1483 list_del(&ptr->list); 1484 kfree(ptr); 1485 } 1486 spin_unlock_bh(&cca_info_list_lock); 1487 } 1488 1489 /* 1490 * Fetch cca_info values via query_crypto_facility from adapter. 1491 */ 1492 static int fetch_cca_info(u16 cardnr, u16 domain, struct cca_info *ci) 1493 { 1494 int rc, found = 0; 1495 size_t rlen, vlen; 1496 u8 *rarray, *varray, *pg; 1497 struct zcrypt_device_status_ext devstat; 1498 1499 memset(ci, 0, sizeof(*ci)); 1500 1501 /* get first info from zcrypt device driver about this apqn */ 1502 rc = zcrypt_device_status_ext(cardnr, domain, &devstat); 1503 if (rc) 1504 return rc; 1505 ci->hwtype = devstat.hwtype; 1506 1507 /* prep page for rule array and var array use */ 1508 pg = (u8 *) __get_free_page(GFP_KERNEL); 1509 if (!pg) 1510 return -ENOMEM; 1511 rarray = pg; 1512 varray = pg + PAGE_SIZE/2; 1513 rlen = vlen = PAGE_SIZE/2; 1514 1515 /* QF for this card/domain */ 1516 rc = cca_query_crypto_facility(cardnr, domain, "STATICSA", 1517 rarray, &rlen, varray, &vlen); 1518 if (rc == 0 && rlen >= 10*8 && vlen >= 204) { 1519 memcpy(ci->serial, rarray, 8); 1520 ci->new_mk_state = (char) rarray[7*8]; 1521 ci->cur_mk_state = (char) rarray[8*8]; 1522 ci->old_mk_state = (char) rarray[9*8]; 1523 if (ci->old_mk_state == '2') 1524 memcpy(&ci->old_mkvp, varray + 172, 8); 1525 if (ci->cur_mk_state == '2') 1526 memcpy(&ci->cur_mkvp, varray + 184, 8); 1527 if (ci->new_mk_state == '3') 1528 memcpy(&ci->new_mkvp, varray + 196, 8); 1529 found = 1; 1530 } 1531 1532 free_page((unsigned long) pg); 1533 1534 return found ? 0 : -ENOENT; 1535 } 1536 1537 /* 1538 * Fetch cca information about a CCA queue. 1539 */ 1540 int cca_get_info(u16 card, u16 dom, struct cca_info *ci, int verify) 1541 { 1542 int rc; 1543 1544 rc = cca_info_cache_fetch(card, dom, ci); 1545 if (rc || verify) { 1546 rc = fetch_cca_info(card, dom, ci); 1547 if (rc == 0) 1548 cca_info_cache_update(card, dom, ci); 1549 } 1550 1551 return rc; 1552 } 1553 EXPORT_SYMBOL(cca_get_info); 1554 1555 /* 1556 * Search for a matching crypto card based on the 1557 * Master Key Verification Pattern given. 1558 */ 1559 static int findcard(u64 mkvp, u16 *pcardnr, u16 *pdomain, 1560 int verify, int minhwtype) 1561 { 1562 struct zcrypt_device_status_ext *device_status; 1563 u16 card, dom; 1564 struct cca_info ci; 1565 int i, rc, oi = -1; 1566 1567 /* mkvp must not be zero, minhwtype needs to be >= 0 */ 1568 if (mkvp == 0 || minhwtype < 0) 1569 return -EINVAL; 1570 1571 /* fetch status of all crypto cards */ 1572 device_status = kvmalloc_array(MAX_ZDEV_ENTRIES_EXT, 1573 sizeof(struct zcrypt_device_status_ext), 1574 GFP_KERNEL); 1575 if (!device_status) 1576 return -ENOMEM; 1577 zcrypt_device_status_mask_ext(device_status); 1578 1579 /* walk through all crypto cards */ 1580 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) { 1581 card = AP_QID_CARD(device_status[i].qid); 1582 dom = AP_QID_QUEUE(device_status[i].qid); 1583 if (device_status[i].online && 1584 device_status[i].functions & 0x04) { 1585 /* enabled CCA card, check current mkvp from cache */ 1586 if (cca_info_cache_fetch(card, dom, &ci) == 0 && 1587 ci.hwtype >= minhwtype && 1588 ci.cur_mk_state == '2' && 1589 ci.cur_mkvp == mkvp) { 1590 if (!verify) 1591 break; 1592 /* verify: refresh card info */ 1593 if (fetch_cca_info(card, dom, &ci) == 0) { 1594 cca_info_cache_update(card, dom, &ci); 1595 if (ci.hwtype >= minhwtype && 1596 ci.cur_mk_state == '2' && 1597 ci.cur_mkvp == mkvp) 1598 break; 1599 } 1600 } 1601 } else { 1602 /* Card is offline and/or not a CCA card. */ 1603 /* del mkvp entry from cache if it exists */ 1604 cca_info_cache_scrub(card, dom); 1605 } 1606 } 1607 if (i >= MAX_ZDEV_ENTRIES_EXT) { 1608 /* nothing found, so this time without cache */ 1609 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) { 1610 if (!(device_status[i].online && 1611 device_status[i].functions & 0x04)) 1612 continue; 1613 card = AP_QID_CARD(device_status[i].qid); 1614 dom = AP_QID_QUEUE(device_status[i].qid); 1615 /* fresh fetch mkvp from adapter */ 1616 if (fetch_cca_info(card, dom, &ci) == 0) { 1617 cca_info_cache_update(card, dom, &ci); 1618 if (ci.hwtype >= minhwtype && 1619 ci.cur_mk_state == '2' && 1620 ci.cur_mkvp == mkvp) 1621 break; 1622 if (ci.hwtype >= minhwtype && 1623 ci.old_mk_state == '2' && 1624 ci.old_mkvp == mkvp && 1625 oi < 0) 1626 oi = i; 1627 } 1628 } 1629 if (i >= MAX_ZDEV_ENTRIES_EXT && oi >= 0) { 1630 /* old mkvp matched, use this card then */ 1631 card = AP_QID_CARD(device_status[oi].qid); 1632 dom = AP_QID_QUEUE(device_status[oi].qid); 1633 } 1634 } 1635 if (i < MAX_ZDEV_ENTRIES_EXT || oi >= 0) { 1636 if (pcardnr) 1637 *pcardnr = card; 1638 if (pdomain) 1639 *pdomain = dom; 1640 rc = (i < MAX_ZDEV_ENTRIES_EXT ? 0 : 1); 1641 } else 1642 rc = -ENODEV; 1643 1644 kvfree(device_status); 1645 return rc; 1646 } 1647 1648 /* 1649 * Search for a matching crypto card based on the Master Key 1650 * Verification Pattern provided inside a secure key token. 1651 */ 1652 int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify) 1653 { 1654 u64 mkvp; 1655 int minhwtype = 0; 1656 const struct keytoken_header *hdr = (struct keytoken_header *) key; 1657 1658 if (hdr->type != TOKTYPE_CCA_INTERNAL) 1659 return -EINVAL; 1660 1661 switch (hdr->version) { 1662 case TOKVER_CCA_AES: 1663 mkvp = ((struct secaeskeytoken *)key)->mkvp; 1664 break; 1665 case TOKVER_CCA_VLSC: 1666 mkvp = ((struct cipherkeytoken *)key)->mkvp0; 1667 minhwtype = AP_DEVICE_TYPE_CEX6; 1668 break; 1669 default: 1670 return -EINVAL; 1671 } 1672 1673 return findcard(mkvp, pcardnr, pdomain, verify, minhwtype); 1674 } 1675 EXPORT_SYMBOL(cca_findcard); 1676 1677 int cca_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain, 1678 int minhwtype, u64 cur_mkvp, u64 old_mkvp, int verify) 1679 { 1680 struct zcrypt_device_status_ext *device_status; 1681 int i, n, card, dom, curmatch, oldmatch, rc = 0; 1682 struct cca_info ci; 1683 1684 *apqns = NULL; 1685 *nr_apqns = 0; 1686 1687 /* fetch status of all crypto cards */ 1688 device_status = kmalloc_array(MAX_ZDEV_ENTRIES_EXT, 1689 sizeof(struct zcrypt_device_status_ext), 1690 GFP_KERNEL); 1691 if (!device_status) 1692 return -ENOMEM; 1693 zcrypt_device_status_mask_ext(device_status); 1694 1695 /* loop two times: first gather eligible apqns, then store them */ 1696 while (1) { 1697 n = 0; 1698 /* walk through all the crypto cards */ 1699 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) { 1700 card = AP_QID_CARD(device_status[i].qid); 1701 dom = AP_QID_QUEUE(device_status[i].qid); 1702 /* check online state */ 1703 if (!device_status[i].online) 1704 continue; 1705 /* check for cca functions */ 1706 if (!(device_status[i].functions & 0x04)) 1707 continue; 1708 /* check cardnr */ 1709 if (cardnr != 0xFFFF && card != cardnr) 1710 continue; 1711 /* check domain */ 1712 if (domain != 0xFFFF && dom != domain) 1713 continue; 1714 /* get cca info on this apqn */ 1715 if (cca_get_info(card, dom, &ci, verify)) 1716 continue; 1717 /* current master key needs to be valid */ 1718 if (ci.cur_mk_state != '2') 1719 continue; 1720 /* check min hardware type */ 1721 if (minhwtype > 0 && minhwtype > ci.hwtype) 1722 continue; 1723 if (cur_mkvp || old_mkvp) { 1724 /* check mkvps */ 1725 curmatch = oldmatch = 0; 1726 if (cur_mkvp && cur_mkvp == ci.cur_mkvp) 1727 curmatch = 1; 1728 if (old_mkvp && ci.old_mk_state == '2' && 1729 old_mkvp == ci.old_mkvp) 1730 oldmatch = 1; 1731 if ((cur_mkvp || old_mkvp) && 1732 (curmatch + oldmatch < 1)) 1733 continue; 1734 } 1735 /* apqn passed all filtering criterons */ 1736 if (*apqns && n < *nr_apqns) 1737 (*apqns)[n] = (((u16)card) << 16) | ((u16) dom); 1738 n++; 1739 } 1740 /* loop 2nd time: array has been filled */ 1741 if (*apqns) 1742 break; 1743 /* loop 1st time: have # of eligible apqns in n */ 1744 if (!n) { 1745 rc = -ENODEV; /* no eligible apqns found */ 1746 break; 1747 } 1748 *nr_apqns = n; 1749 /* allocate array to store n apqns into */ 1750 *apqns = kmalloc_array(n, sizeof(u32), GFP_KERNEL); 1751 if (!*apqns) { 1752 rc = -ENOMEM; 1753 break; 1754 } 1755 verify = 0; 1756 } 1757 1758 kfree(device_status); 1759 return rc; 1760 } 1761 EXPORT_SYMBOL(cca_findcard2); 1762 1763 void __exit zcrypt_ccamisc_exit(void) 1764 { 1765 mkvp_cache_free(); 1766 } 1767