1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * pkey device driver
4 *
5 * Copyright IBM Corp. 2017, 2023
6 *
7 * Author(s): Harald Freudenberger
8 */
9
10 #define KMSG_COMPONENT "pkey"
11 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
12
13 #include <linux/init.h>
14 #include <linux/miscdevice.h>
15 #include <linux/export.h>
16 #include <linux/slab.h>
17
18 #include "zcrypt_api.h"
19 #include "zcrypt_ccamisc.h"
20
21 #include "pkey_base.h"
22
23 /*
24 * Helper functions
25 */
key2protkey(const struct pkey_apqn * apqns,size_t nr_apqns,const u8 * key,size_t keylen,u8 * protkey,u32 * protkeylen,u32 * protkeytype,u32 xflags)26 static int key2protkey(const struct pkey_apqn *apqns, size_t nr_apqns,
27 const u8 *key, size_t keylen,
28 u8 *protkey, u32 *protkeylen, u32 *protkeytype,
29 u32 xflags)
30 {
31 int rc;
32
33 /* try the direct way */
34 rc = pkey_handler_key_to_protkey(apqns, nr_apqns,
35 key, keylen,
36 protkey, protkeylen,
37 protkeytype, xflags);
38
39 /* if this did not work, try the slowpath way */
40 if (rc == -ENODEV) {
41 rc = pkey_handler_slowpath_key_to_protkey(apqns, nr_apqns,
42 key, keylen,
43 protkey, protkeylen,
44 protkeytype, xflags);
45 if (rc)
46 rc = -ENODEV;
47 }
48
49 pr_debug("rc=%d\n", rc);
50 return rc;
51 }
52
53 /*
54 * In-Kernel function: Transform a key blob (of any type) into a protected key
55 */
pkey_key2protkey(const u8 * key,u32 keylen,u8 * protkey,u32 * protkeylen,u32 * protkeytype,u32 xflags)56 int pkey_key2protkey(const u8 *key, u32 keylen,
57 u8 *protkey, u32 *protkeylen, u32 *protkeytype, u32 xflags)
58 {
59 int rc;
60
61 rc = key2protkey(NULL, 0, key, keylen,
62 protkey, protkeylen, protkeytype, xflags);
63 if (rc == -ENODEV) {
64 pkey_handler_request_modules();
65 rc = key2protkey(NULL, 0, key, keylen,
66 protkey, protkeylen, protkeytype, xflags);
67 }
68
69 return rc;
70 }
71 EXPORT_SYMBOL(pkey_key2protkey);
72
73 /*
74 * Ioctl functions
75 */
76
_copy_key_from_user(void __user * ukey,size_t keylen)77 static void *_copy_key_from_user(void __user *ukey, size_t keylen)
78 {
79 if (!ukey || keylen < MINKEYBLOBBUFSIZE || keylen > KEYBLOBBUFSIZE)
80 return ERR_PTR(-EINVAL);
81
82 return memdup_user(ukey, keylen);
83 }
84
_copy_apqns_from_user(void __user * uapqns,size_t nr_apqns)85 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns)
86 {
87 if (!uapqns || nr_apqns == 0)
88 return NULL;
89
90 return memdup_array_user(uapqns, nr_apqns, sizeof(struct pkey_apqn));
91 }
92
pkey_ioctl_genseck(struct pkey_genseck __user * ugs)93 static int pkey_ioctl_genseck(struct pkey_genseck __user *ugs)
94 {
95 struct pkey_genseck kgs;
96 struct pkey_apqn apqn;
97 u32 keybuflen;
98 int rc;
99
100 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
101 return -EFAULT;
102
103 apqn.card = kgs.cardnr;
104 apqn.domain = kgs.domain;
105 keybuflen = sizeof(kgs.seckey.seckey);
106 rc = pkey_handler_gen_key(&apqn, 1,
107 kgs.keytype, PKEY_TYPE_CCA_DATA, 0, 0,
108 kgs.seckey.seckey, &keybuflen, NULL, 0);
109 pr_debug("gen_key()=%d\n", rc);
110 if (!rc && copy_to_user(ugs, &kgs, sizeof(kgs)))
111 rc = -EFAULT;
112 memzero_explicit(&kgs, sizeof(kgs));
113
114 return rc;
115 }
116
pkey_ioctl_clr2seck(struct pkey_clr2seck __user * ucs)117 static int pkey_ioctl_clr2seck(struct pkey_clr2seck __user *ucs)
118 {
119 struct pkey_clr2seck kcs;
120 struct pkey_apqn apqn;
121 u32 keybuflen;
122 int rc;
123
124 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
125 return -EFAULT;
126
127 apqn.card = kcs.cardnr;
128 apqn.domain = kcs.domain;
129 keybuflen = sizeof(kcs.seckey.seckey);
130 rc = pkey_handler_clr_to_key(&apqn, 1,
131 kcs.keytype, PKEY_TYPE_CCA_DATA, 0, 0,
132 kcs.clrkey.clrkey,
133 pkey_keytype_aes_to_size(kcs.keytype),
134 kcs.seckey.seckey, &keybuflen, NULL, 0);
135 pr_debug("clr_to_key()=%d\n", rc);
136 if (!rc && copy_to_user(ucs, &kcs, sizeof(kcs)))
137 rc = -EFAULT;
138 memzero_explicit(&kcs, sizeof(kcs));
139
140 return rc;
141 }
142
pkey_ioctl_sec2protk(struct pkey_sec2protk __user * usp)143 static int pkey_ioctl_sec2protk(struct pkey_sec2protk __user *usp)
144 {
145 struct pkey_sec2protk ksp;
146 struct pkey_apqn apqn;
147 int rc;
148
149 if (copy_from_user(&ksp, usp, sizeof(ksp)))
150 return -EFAULT;
151
152 apqn.card = ksp.cardnr;
153 apqn.domain = ksp.domain;
154 ksp.protkey.len = sizeof(ksp.protkey.protkey);
155 rc = pkey_handler_key_to_protkey(&apqn, 1,
156 ksp.seckey.seckey,
157 sizeof(ksp.seckey.seckey),
158 ksp.protkey.protkey,
159 &ksp.protkey.len, &ksp.protkey.type,
160 0);
161 pr_debug("key_to_protkey()=%d\n", rc);
162 if (!rc && copy_to_user(usp, &ksp, sizeof(ksp)))
163 rc = -EFAULT;
164 memzero_explicit(&ksp, sizeof(ksp));
165
166 return rc;
167 }
168
pkey_ioctl_clr2protk(struct pkey_clr2protk __user * ucp)169 static int pkey_ioctl_clr2protk(struct pkey_clr2protk __user *ucp)
170 {
171 struct pkey_clr2protk kcp;
172 struct clearkeytoken *t;
173 u32 keylen;
174 u8 *tmpbuf;
175 int rc;
176
177 if (copy_from_user(&kcp, ucp, sizeof(kcp)))
178 return -EFAULT;
179
180 /* build a 'clear key token' from the clear key value */
181 keylen = pkey_keytype_aes_to_size(kcp.keytype);
182 if (!keylen) {
183 PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n",
184 __func__, kcp.keytype);
185 memzero_explicit(&kcp, sizeof(kcp));
186 return -EINVAL;
187 }
188 tmpbuf = kzalloc(sizeof(*t) + keylen, GFP_KERNEL);
189 if (!tmpbuf) {
190 memzero_explicit(&kcp, sizeof(kcp));
191 return -ENOMEM;
192 }
193 t = (struct clearkeytoken *)tmpbuf;
194 t->type = TOKTYPE_NON_CCA;
195 t->version = TOKVER_CLEAR_KEY;
196 t->keytype = (keylen - 8) >> 3;
197 t->len = keylen;
198 memcpy(t->clearkey, kcp.clrkey.clrkey, keylen);
199 kcp.protkey.len = sizeof(kcp.protkey.protkey);
200
201 rc = key2protkey(NULL, 0,
202 tmpbuf, sizeof(*t) + keylen,
203 kcp.protkey.protkey,
204 &kcp.protkey.len, &kcp.protkey.type, 0);
205 pr_debug("key2protkey()=%d\n", rc);
206
207 kfree_sensitive(tmpbuf);
208
209 if (!rc && copy_to_user(ucp, &kcp, sizeof(kcp)))
210 rc = -EFAULT;
211 memzero_explicit(&kcp, sizeof(kcp));
212
213 return rc;
214 }
215
pkey_ioctl_findcard(struct pkey_findcard __user * ufc)216 static int pkey_ioctl_findcard(struct pkey_findcard __user *ufc)
217 {
218 struct pkey_findcard kfc;
219 struct pkey_apqn *apqns;
220 size_t nr_apqns;
221 int rc;
222
223 if (copy_from_user(&kfc, ufc, sizeof(kfc)))
224 return -EFAULT;
225
226 nr_apqns = MAXAPQNSINLIST;
227 apqns = kmalloc_array(nr_apqns, sizeof(struct pkey_apqn), GFP_KERNEL);
228 if (!apqns)
229 return -ENOMEM;
230
231 rc = pkey_handler_apqns_for_key(kfc.seckey.seckey,
232 sizeof(kfc.seckey.seckey),
233 PKEY_FLAGS_MATCH_CUR_MKVP,
234 apqns, &nr_apqns, 0);
235 if (rc == -ENODEV)
236 rc = pkey_handler_apqns_for_key(kfc.seckey.seckey,
237 sizeof(kfc.seckey.seckey),
238 PKEY_FLAGS_MATCH_ALT_MKVP,
239 apqns, &nr_apqns, 0);
240 pr_debug("apqns_for_key()=%d\n", rc);
241 if (rc) {
242 kfree(apqns);
243 return rc;
244 }
245 kfc.cardnr = apqns[0].card;
246 kfc.domain = apqns[0].domain;
247 kfree(apqns);
248 if (copy_to_user(ufc, &kfc, sizeof(kfc)))
249 return -EFAULT;
250
251 return 0;
252 }
253
pkey_ioctl_skey2pkey(struct pkey_skey2pkey __user * usp)254 static int pkey_ioctl_skey2pkey(struct pkey_skey2pkey __user *usp)
255 {
256 struct pkey_skey2pkey ksp;
257 int rc;
258
259 if (copy_from_user(&ksp, usp, sizeof(ksp)))
260 return -EFAULT;
261
262 ksp.protkey.len = sizeof(ksp.protkey.protkey);
263 rc = pkey_handler_key_to_protkey(NULL, 0,
264 ksp.seckey.seckey,
265 sizeof(ksp.seckey.seckey),
266 ksp.protkey.protkey,
267 &ksp.protkey.len,
268 &ksp.protkey.type, 0);
269 pr_debug("key_to_protkey()=%d\n", rc);
270 if (!rc && copy_to_user(usp, &ksp, sizeof(ksp)))
271 rc = -EFAULT;
272 memzero_explicit(&ksp, sizeof(ksp));
273
274 return rc;
275 }
276
pkey_ioctl_verifykey(struct pkey_verifykey __user * uvk)277 static int pkey_ioctl_verifykey(struct pkey_verifykey __user *uvk)
278 {
279 u32 keytype, keybitsize, flags;
280 struct pkey_verifykey kvk;
281 int rc;
282
283 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
284 return -EFAULT;
285
286 kvk.cardnr = 0xFFFF;
287 kvk.domain = 0xFFFF;
288 rc = pkey_handler_verify_key(kvk.seckey.seckey,
289 sizeof(kvk.seckey.seckey),
290 &kvk.cardnr, &kvk.domain,
291 &keytype, &keybitsize, &flags, 0);
292 pr_debug("verify_key()=%d\n", rc);
293 if (!rc && keytype != PKEY_TYPE_CCA_DATA)
294 rc = -EINVAL;
295 kvk.attributes = PKEY_VERIFY_ATTR_AES;
296 kvk.keysize = (u16)keybitsize;
297 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
298 kvk.attributes |= PKEY_VERIFY_ATTR_OLD_MKVP;
299 if (!rc && copy_to_user(uvk, &kvk, sizeof(kvk)))
300 rc = -EFAULT;
301 memzero_explicit(&kvk, sizeof(kvk));
302
303 return rc;
304 }
305
pkey_ioctl_genprotk(struct pkey_genprotk __user * ugp)306 static int pkey_ioctl_genprotk(struct pkey_genprotk __user *ugp)
307 {
308 struct pkey_genprotk kgp;
309 int rc;
310
311 if (copy_from_user(&kgp, ugp, sizeof(kgp)))
312 return -EFAULT;
313
314 kgp.protkey.len = sizeof(kgp.protkey.protkey);
315 rc = pkey_handler_gen_key(NULL, 0, kgp.keytype,
316 PKEY_TYPE_PROTKEY, 0, 0,
317 kgp.protkey.protkey, &kgp.protkey.len,
318 &kgp.protkey.type, 0);
319 pr_debug("gen_key()=%d\n", rc);
320 if (!rc && copy_to_user(ugp, &kgp, sizeof(kgp)))
321 rc = -EFAULT;
322 memzero_explicit(&kgp, sizeof(kgp));
323
324 return rc;
325 }
326
pkey_ioctl_verifyprotk(struct pkey_verifyprotk __user * uvp)327 static int pkey_ioctl_verifyprotk(struct pkey_verifyprotk __user *uvp)
328 {
329 struct pkey_verifyprotk kvp;
330 struct protaeskeytoken *t;
331 u32 keytype;
332 u8 *tmpbuf;
333 int rc;
334
335 if (copy_from_user(&kvp, uvp, sizeof(kvp)))
336 return -EFAULT;
337
338 keytype = pkey_aes_bitsize_to_keytype(8 * kvp.protkey.len);
339 if (!keytype) {
340 PKEY_DBF_ERR("%s unknown/unsupported protkey length %u\n",
341 __func__, kvp.protkey.len);
342 memzero_explicit(&kvp, sizeof(kvp));
343 return -EINVAL;
344 }
345
346 /* build a 'protected key token' from the raw protected key */
347 tmpbuf = kzalloc(sizeof(*t), GFP_KERNEL);
348 if (!tmpbuf) {
349 memzero_explicit(&kvp, sizeof(kvp));
350 return -ENOMEM;
351 }
352 t = (struct protaeskeytoken *)tmpbuf;
353 t->type = TOKTYPE_NON_CCA;
354 t->version = TOKVER_PROTECTED_KEY;
355 t->keytype = keytype;
356 t->len = kvp.protkey.len;
357 memcpy(t->protkey, kvp.protkey.protkey, kvp.protkey.len);
358
359 rc = pkey_handler_verify_key(tmpbuf, sizeof(*t),
360 NULL, NULL, NULL, NULL, NULL, 0);
361 pr_debug("verify_key()=%d\n", rc);
362
363 kfree_sensitive(tmpbuf);
364 memzero_explicit(&kvp, sizeof(kvp));
365
366 return rc;
367 }
368
pkey_ioctl_kblob2protk(struct pkey_kblob2pkey __user * utp)369 static int pkey_ioctl_kblob2protk(struct pkey_kblob2pkey __user *utp)
370 {
371 struct pkey_kblob2pkey ktp;
372 u8 *kkey;
373 int rc;
374
375 if (copy_from_user(&ktp, utp, sizeof(ktp)))
376 return -EFAULT;
377 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
378 if (IS_ERR(kkey))
379 return PTR_ERR(kkey);
380 ktp.protkey.len = sizeof(ktp.protkey.protkey);
381 rc = key2protkey(NULL, 0, kkey, ktp.keylen,
382 ktp.protkey.protkey, &ktp.protkey.len,
383 &ktp.protkey.type, 0);
384 pr_debug("key2protkey()=%d\n", rc);
385 kfree_sensitive(kkey);
386 if (!rc && copy_to_user(utp, &ktp, sizeof(ktp)))
387 rc = -EFAULT;
388 memzero_explicit(&ktp, sizeof(ktp));
389
390 return rc;
391 }
392
pkey_ioctl_genseck2(struct pkey_genseck2 __user * ugs)393 static int pkey_ioctl_genseck2(struct pkey_genseck2 __user *ugs)
394 {
395 u32 klen = KEYBLOBBUFSIZE;
396 struct pkey_genseck2 kgs;
397 struct pkey_apqn *apqns;
398 u8 *kkey;
399 int rc;
400 u32 u;
401
402 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
403 return -EFAULT;
404 u = pkey_aes_bitsize_to_keytype(kgs.size);
405 if (!u) {
406 PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
407 __func__, kgs.size);
408 return -EINVAL;
409 }
410 apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries);
411 if (IS_ERR(apqns))
412 return PTR_ERR(apqns);
413 kkey = kzalloc(klen, GFP_KERNEL);
414 if (!kkey) {
415 kfree(apqns);
416 return -ENOMEM;
417 }
418 rc = pkey_handler_gen_key(apqns, kgs.apqn_entries,
419 u, kgs.type, kgs.size, kgs.keygenflags,
420 kkey, &klen, NULL, 0);
421 pr_debug("gen_key()=%d\n", rc);
422 kfree(apqns);
423 if (rc) {
424 kfree_sensitive(kkey);
425 return rc;
426 }
427 if (kgs.key) {
428 if (kgs.keylen < klen) {
429 kfree_sensitive(kkey);
430 return -EINVAL;
431 }
432 if (copy_to_user(kgs.key, kkey, klen)) {
433 kfree_sensitive(kkey);
434 return -EFAULT;
435 }
436 }
437 kgs.keylen = klen;
438 if (copy_to_user(ugs, &kgs, sizeof(kgs)))
439 rc = -EFAULT;
440 kfree_sensitive(kkey);
441
442 return rc;
443 }
444
pkey_ioctl_clr2seck2(struct pkey_clr2seck2 __user * ucs)445 static int pkey_ioctl_clr2seck2(struct pkey_clr2seck2 __user *ucs)
446 {
447 u32 klen = KEYBLOBBUFSIZE;
448 struct pkey_clr2seck2 kcs;
449 struct pkey_apqn *apqns;
450 u8 *kkey;
451 int rc;
452 u32 u;
453
454 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
455 return -EFAULT;
456 u = pkey_aes_bitsize_to_keytype(kcs.size);
457 if (!u) {
458 PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
459 __func__, kcs.size);
460 memzero_explicit(&kcs, sizeof(kcs));
461 return -EINVAL;
462 }
463 apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries);
464 if (IS_ERR(apqns)) {
465 memzero_explicit(&kcs, sizeof(kcs));
466 return PTR_ERR(apqns);
467 }
468 kkey = kzalloc(klen, GFP_KERNEL);
469 if (!kkey) {
470 kfree(apqns);
471 memzero_explicit(&kcs, sizeof(kcs));
472 return -ENOMEM;
473 }
474 rc = pkey_handler_clr_to_key(apqns, kcs.apqn_entries,
475 u, kcs.type, kcs.size, kcs.keygenflags,
476 kcs.clrkey.clrkey, kcs.size / 8,
477 kkey, &klen, NULL, 0);
478 pr_debug("clr_to_key()=%d\n", rc);
479 kfree(apqns);
480 if (rc) {
481 kfree_sensitive(kkey);
482 memzero_explicit(&kcs, sizeof(kcs));
483 return rc;
484 }
485 if (kcs.key) {
486 if (kcs.keylen < klen) {
487 kfree_sensitive(kkey);
488 memzero_explicit(&kcs, sizeof(kcs));
489 return -EINVAL;
490 }
491 if (copy_to_user(kcs.key, kkey, klen)) {
492 kfree_sensitive(kkey);
493 memzero_explicit(&kcs, sizeof(kcs));
494 return -EFAULT;
495 }
496 }
497 kcs.keylen = klen;
498 if (copy_to_user(ucs, &kcs, sizeof(kcs)))
499 rc = -EFAULT;
500 memzero_explicit(&kcs, sizeof(kcs));
501 kfree_sensitive(kkey);
502
503 return rc;
504 }
505
pkey_ioctl_verifykey2(struct pkey_verifykey2 __user * uvk)506 static int pkey_ioctl_verifykey2(struct pkey_verifykey2 __user *uvk)
507 {
508 struct pkey_verifykey2 kvk;
509 u8 *kkey;
510 int rc;
511
512 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
513 return -EFAULT;
514 kkey = _copy_key_from_user(kvk.key, kvk.keylen);
515 if (IS_ERR(kkey))
516 return PTR_ERR(kkey);
517
518 rc = pkey_handler_verify_key(kkey, kvk.keylen,
519 &kvk.cardnr, &kvk.domain,
520 &kvk.type, &kvk.size, &kvk.flags, 0);
521 pr_debug("verify_key()=%d\n", rc);
522
523 kfree_sensitive(kkey);
524 if (!rc && copy_to_user(uvk, &kvk, sizeof(kvk)))
525 return -EFAULT;
526
527 return rc;
528 }
529
pkey_ioctl_kblob2protk2(struct pkey_kblob2pkey2 __user * utp)530 static int pkey_ioctl_kblob2protk2(struct pkey_kblob2pkey2 __user *utp)
531 {
532 struct pkey_apqn *apqns = NULL;
533 struct pkey_kblob2pkey2 ktp;
534 u8 *kkey;
535 int rc;
536
537 if (copy_from_user(&ktp, utp, sizeof(ktp)))
538 return -EFAULT;
539 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
540 if (IS_ERR(apqns))
541 return PTR_ERR(apqns);
542 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
543 if (IS_ERR(kkey)) {
544 kfree(apqns);
545 return PTR_ERR(kkey);
546 }
547 ktp.protkey.len = sizeof(ktp.protkey.protkey);
548 rc = key2protkey(apqns, ktp.apqn_entries, kkey, ktp.keylen,
549 ktp.protkey.protkey, &ktp.protkey.len,
550 &ktp.protkey.type, 0);
551 pr_debug("key2protkey()=%d\n", rc);
552 kfree(apqns);
553 kfree_sensitive(kkey);
554 if (!rc && copy_to_user(utp, &ktp, sizeof(ktp)))
555 rc = -EFAULT;
556 memzero_explicit(&ktp, sizeof(ktp));
557
558 return rc;
559 }
560
pkey_ioctl_apqns4k(struct pkey_apqns4key __user * uak)561 static int pkey_ioctl_apqns4k(struct pkey_apqns4key __user *uak)
562 {
563 struct pkey_apqn *apqns = NULL;
564 struct pkey_apqns4key kak;
565 size_t nr_apqns, len;
566 u8 *kkey;
567 int rc;
568
569 if (copy_from_user(&kak, uak, sizeof(kak)))
570 return -EFAULT;
571 nr_apqns = kak.apqn_entries;
572 if (nr_apqns) {
573 apqns = kmalloc_array(nr_apqns,
574 sizeof(struct pkey_apqn),
575 GFP_KERNEL);
576 if (!apqns)
577 return -ENOMEM;
578 }
579 kkey = _copy_key_from_user(kak.key, kak.keylen);
580 if (IS_ERR(kkey)) {
581 kfree(apqns);
582 return PTR_ERR(kkey);
583 }
584 rc = pkey_handler_apqns_for_key(kkey, kak.keylen, kak.flags,
585 apqns, &nr_apqns, 0);
586 pr_debug("apqns_for_key()=%d\n", rc);
587 kfree_sensitive(kkey);
588 if (rc && rc != -ENOSPC) {
589 kfree(apqns);
590 return rc;
591 }
592 if (!rc && kak.apqns) {
593 if (nr_apqns > kak.apqn_entries) {
594 kfree(apqns);
595 return -EINVAL;
596 }
597 len = nr_apqns * sizeof(struct pkey_apqn);
598 if (len) {
599 if (copy_to_user(kak.apqns, apqns, len)) {
600 kfree(apqns);
601 return -EFAULT;
602 }
603 }
604 }
605 kak.apqn_entries = nr_apqns;
606 if (copy_to_user(uak, &kak, sizeof(kak)))
607 rc = -EFAULT;
608 kfree(apqns);
609
610 return rc;
611 }
612
pkey_ioctl_apqns4kt(struct pkey_apqns4keytype __user * uat)613 static int pkey_ioctl_apqns4kt(struct pkey_apqns4keytype __user *uat)
614 {
615 struct pkey_apqn *apqns = NULL;
616 struct pkey_apqns4keytype kat;
617 size_t nr_apqns, len;
618 int rc;
619
620 if (copy_from_user(&kat, uat, sizeof(kat)))
621 return -EFAULT;
622 nr_apqns = kat.apqn_entries;
623 if (nr_apqns) {
624 apqns = kmalloc_array(nr_apqns,
625 sizeof(struct pkey_apqn),
626 GFP_KERNEL);
627 if (!apqns)
628 return -ENOMEM;
629 }
630 rc = pkey_handler_apqns_for_keytype(kat.type,
631 kat.cur_mkvp, kat.alt_mkvp,
632 kat.flags, apqns, &nr_apqns, 0);
633 pr_debug("apqns_for_keytype()=%d\n", rc);
634 if (rc && rc != -ENOSPC) {
635 kfree(apqns);
636 return rc;
637 }
638 if (!rc && kat.apqns) {
639 if (nr_apqns > kat.apqn_entries) {
640 kfree(apqns);
641 return -EINVAL;
642 }
643 len = nr_apqns * sizeof(struct pkey_apqn);
644 if (len) {
645 if (copy_to_user(kat.apqns, apqns, len)) {
646 kfree(apqns);
647 return -EFAULT;
648 }
649 }
650 }
651 kat.apqn_entries = nr_apqns;
652 if (copy_to_user(uat, &kat, sizeof(kat)))
653 rc = -EFAULT;
654 kfree(apqns);
655
656 return rc;
657 }
658
pkey_ioctl_kblob2protk3(struct pkey_kblob2pkey3 __user * utp)659 static int pkey_ioctl_kblob2protk3(struct pkey_kblob2pkey3 __user *utp)
660 {
661 u32 protkeylen = PROTKEYBLOBBUFSIZE;
662 struct pkey_apqn *apqns = NULL;
663 struct pkey_kblob2pkey3 ktp;
664 u8 *kkey, *protkey;
665 int rc;
666
667 if (copy_from_user(&ktp, utp, sizeof(ktp)))
668 return -EFAULT;
669 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
670 if (IS_ERR(apqns))
671 return PTR_ERR(apqns);
672 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
673 if (IS_ERR(kkey)) {
674 kfree(apqns);
675 return PTR_ERR(kkey);
676 }
677 protkey = kmalloc(protkeylen, GFP_KERNEL);
678 if (!protkey) {
679 kfree(apqns);
680 kfree_sensitive(kkey);
681 return -ENOMEM;
682 }
683 rc = key2protkey(apqns, ktp.apqn_entries, kkey, ktp.keylen,
684 protkey, &protkeylen, &ktp.pkeytype, 0);
685 pr_debug("key2protkey()=%d\n", rc);
686 kfree(apqns);
687 kfree_sensitive(kkey);
688 if (rc) {
689 kfree_sensitive(protkey);
690 return rc;
691 }
692 if (ktp.pkey && ktp.pkeylen) {
693 if (protkeylen > ktp.pkeylen) {
694 kfree_sensitive(protkey);
695 return -EINVAL;
696 }
697 if (copy_to_user(ktp.pkey, protkey, protkeylen)) {
698 kfree_sensitive(protkey);
699 return -EFAULT;
700 }
701 }
702 kfree_sensitive(protkey);
703 ktp.pkeylen = protkeylen;
704 if (copy_to_user(utp, &ktp, sizeof(ktp)))
705 return -EFAULT;
706
707 return 0;
708 }
709
pkey_unlocked_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)710 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
711 unsigned long arg)
712 {
713 int rc;
714
715 switch (cmd) {
716 case PKEY_GENSECK:
717 rc = pkey_ioctl_genseck((struct pkey_genseck __user *)arg);
718 break;
719 case PKEY_CLR2SECK:
720 rc = pkey_ioctl_clr2seck((struct pkey_clr2seck __user *)arg);
721 break;
722 case PKEY_SEC2PROTK:
723 rc = pkey_ioctl_sec2protk((struct pkey_sec2protk __user *)arg);
724 break;
725 case PKEY_CLR2PROTK:
726 rc = pkey_ioctl_clr2protk((struct pkey_clr2protk __user *)arg);
727 break;
728 case PKEY_FINDCARD:
729 rc = pkey_ioctl_findcard((struct pkey_findcard __user *)arg);
730 break;
731 case PKEY_SKEY2PKEY:
732 rc = pkey_ioctl_skey2pkey((struct pkey_skey2pkey __user *)arg);
733 break;
734 case PKEY_VERIFYKEY:
735 rc = pkey_ioctl_verifykey((struct pkey_verifykey __user *)arg);
736 break;
737 case PKEY_GENPROTK:
738 rc = pkey_ioctl_genprotk((struct pkey_genprotk __user *)arg);
739 break;
740 case PKEY_VERIFYPROTK:
741 rc = pkey_ioctl_verifyprotk((struct pkey_verifyprotk __user *)arg);
742 break;
743 case PKEY_KBLOB2PROTK:
744 rc = pkey_ioctl_kblob2protk((struct pkey_kblob2pkey __user *)arg);
745 break;
746 case PKEY_GENSECK2:
747 rc = pkey_ioctl_genseck2((struct pkey_genseck2 __user *)arg);
748 break;
749 case PKEY_CLR2SECK2:
750 rc = pkey_ioctl_clr2seck2((struct pkey_clr2seck2 __user *)arg);
751 break;
752 case PKEY_VERIFYKEY2:
753 rc = pkey_ioctl_verifykey2((struct pkey_verifykey2 __user *)arg);
754 break;
755 case PKEY_KBLOB2PROTK2:
756 rc = pkey_ioctl_kblob2protk2((struct pkey_kblob2pkey2 __user *)arg);
757 break;
758 case PKEY_APQNS4K:
759 rc = pkey_ioctl_apqns4k((struct pkey_apqns4key __user *)arg);
760 break;
761 case PKEY_APQNS4KT:
762 rc = pkey_ioctl_apqns4kt((struct pkey_apqns4keytype __user *)arg);
763 break;
764 case PKEY_KBLOB2PROTK3:
765 rc = pkey_ioctl_kblob2protk3((struct pkey_kblob2pkey3 __user *)arg);
766 break;
767 default:
768 /* unknown/unsupported ioctl cmd */
769 return -ENOTTY;
770 }
771
772 return rc;
773 }
774
775 /*
776 * File io operations
777 */
778
779 static const struct file_operations pkey_fops = {
780 .owner = THIS_MODULE,
781 .open = nonseekable_open,
782 .unlocked_ioctl = pkey_unlocked_ioctl,
783 };
784
785 static struct miscdevice pkey_dev = {
786 .name = "pkey",
787 .minor = MISC_DYNAMIC_MINOR,
788 .mode = 0666,
789 .fops = &pkey_fops,
790 .groups = pkey_attr_groups,
791 };
792
pkey_api_init(void)793 int __init pkey_api_init(void)
794 {
795 /* register as a misc device */
796 return misc_register(&pkey_dev);
797 }
798
pkey_api_exit(void)799 void __exit pkey_api_exit(void)
800 {
801 misc_deregister(&pkey_dev);
802 }
803