1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * CP Assist for Cryptographic Functions (CPACF) 4 * 5 * Copyright IBM Corp. 2003, 2017 6 * Author(s): Thomas Spatzier 7 * Jan Glauber 8 * Harald Freudenberger (freude@de.ibm.com) 9 * Martin Schwidefsky <schwidefsky@de.ibm.com> 10 */ 11 #ifndef _ASM_S390_CPACF_H 12 #define _ASM_S390_CPACF_H 13 14 #include <asm/facility.h> 15 16 /* 17 * Instruction opcodes for the CPACF instructions 18 */ 19 #define CPACF_KMAC 0xb91e /* MSA */ 20 #define CPACF_KM 0xb92e /* MSA */ 21 #define CPACF_KMC 0xb92f /* MSA */ 22 #define CPACF_KIMD 0xb93e /* MSA */ 23 #define CPACF_KLMD 0xb93f /* MSA */ 24 #define CPACF_PCKMO 0xb928 /* MSA3 */ 25 #define CPACF_KMF 0xb92a /* MSA4 */ 26 #define CPACF_KMO 0xb92b /* MSA4 */ 27 #define CPACF_PCC 0xb92c /* MSA4 */ 28 #define CPACF_KMCTR 0xb92d /* MSA4 */ 29 #define CPACF_PRNO 0xb93c /* MSA5 */ 30 #define CPACF_KMA 0xb929 /* MSA8 */ 31 #define CPACF_KDSA 0xb93a /* MSA9 */ 32 33 /* 34 * En/decryption modifier bits 35 */ 36 #define CPACF_ENCRYPT 0x00 37 #define CPACF_DECRYPT 0x80 38 39 /* 40 * Function codes for the KM (CIPHER MESSAGE) instruction 41 */ 42 #define CPACF_KM_QUERY 0x00 43 #define CPACF_KM_DEA 0x01 44 #define CPACF_KM_TDEA_128 0x02 45 #define CPACF_KM_TDEA_192 0x03 46 #define CPACF_KM_AES_128 0x12 47 #define CPACF_KM_AES_192 0x13 48 #define CPACF_KM_AES_256 0x14 49 #define CPACF_KM_PAES_128 0x1a 50 #define CPACF_KM_PAES_192 0x1b 51 #define CPACF_KM_PAES_256 0x1c 52 #define CPACF_KM_XTS_128 0x32 53 #define CPACF_KM_XTS_256 0x34 54 #define CPACF_KM_PXTS_128 0x3a 55 #define CPACF_KM_PXTS_256 0x3c 56 57 /* 58 * Function codes for the KMC (CIPHER MESSAGE WITH CHAINING) 59 * instruction 60 */ 61 #define CPACF_KMC_QUERY 0x00 62 #define CPACF_KMC_DEA 0x01 63 #define CPACF_KMC_TDEA_128 0x02 64 #define CPACF_KMC_TDEA_192 0x03 65 #define CPACF_KMC_AES_128 0x12 66 #define CPACF_KMC_AES_192 0x13 67 #define CPACF_KMC_AES_256 0x14 68 #define CPACF_KMC_PAES_128 0x1a 69 #define CPACF_KMC_PAES_192 0x1b 70 #define CPACF_KMC_PAES_256 0x1c 71 #define CPACF_KMC_PRNG 0x43 72 73 /* 74 * Function codes for the KMCTR (CIPHER MESSAGE WITH COUNTER) 75 * instruction 76 */ 77 #define CPACF_KMCTR_QUERY 0x00 78 #define CPACF_KMCTR_DEA 0x01 79 #define CPACF_KMCTR_TDEA_128 0x02 80 #define CPACF_KMCTR_TDEA_192 0x03 81 #define CPACF_KMCTR_AES_128 0x12 82 #define CPACF_KMCTR_AES_192 0x13 83 #define CPACF_KMCTR_AES_256 0x14 84 #define CPACF_KMCTR_PAES_128 0x1a 85 #define CPACF_KMCTR_PAES_192 0x1b 86 #define CPACF_KMCTR_PAES_256 0x1c 87 88 /* 89 * Function codes for the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) 90 * instruction 91 */ 92 #define CPACF_KIMD_QUERY 0x00 93 #define CPACF_KIMD_SHA_1 0x01 94 #define CPACF_KIMD_SHA_256 0x02 95 #define CPACF_KIMD_SHA_512 0x03 96 #define CPACF_KIMD_SHA3_224 0x20 97 #define CPACF_KIMD_SHA3_256 0x21 98 #define CPACF_KIMD_SHA3_384 0x22 99 #define CPACF_KIMD_SHA3_512 0x23 100 #define CPACF_KIMD_GHASH 0x41 101 102 /* 103 * Function codes for the KLMD (COMPUTE LAST MESSAGE DIGEST) 104 * instruction 105 */ 106 #define CPACF_KLMD_QUERY 0x00 107 #define CPACF_KLMD_SHA_1 0x01 108 #define CPACF_KLMD_SHA_256 0x02 109 #define CPACF_KLMD_SHA_512 0x03 110 #define CPACF_KLMD_SHA3_224 0x20 111 #define CPACF_KLMD_SHA3_256 0x21 112 #define CPACF_KLMD_SHA3_384 0x22 113 #define CPACF_KLMD_SHA3_512 0x23 114 115 /* 116 * function codes for the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) 117 * instruction 118 */ 119 #define CPACF_KMAC_QUERY 0x00 120 #define CPACF_KMAC_DEA 0x01 121 #define CPACF_KMAC_TDEA_128 0x02 122 #define CPACF_KMAC_TDEA_192 0x03 123 124 /* 125 * Function codes for the PCKMO (PERFORM CRYPTOGRAPHIC KEY MANAGEMENT) 126 * instruction 127 */ 128 #define CPACF_PCKMO_QUERY 0x00 129 #define CPACF_PCKMO_ENC_DES_KEY 0x01 130 #define CPACF_PCKMO_ENC_TDES_128_KEY 0x02 131 #define CPACF_PCKMO_ENC_TDES_192_KEY 0x03 132 #define CPACF_PCKMO_ENC_AES_128_KEY 0x12 133 #define CPACF_PCKMO_ENC_AES_192_KEY 0x13 134 #define CPACF_PCKMO_ENC_AES_256_KEY 0x14 135 136 /* 137 * Function codes for the PRNO (PERFORM RANDOM NUMBER OPERATION) 138 * instruction 139 */ 140 #define CPACF_PRNO_QUERY 0x00 141 #define CPACF_PRNO_SHA512_DRNG_GEN 0x03 142 #define CPACF_PRNO_SHA512_DRNG_SEED 0x83 143 #define CPACF_PRNO_TRNG_Q_R2C_RATIO 0x70 144 #define CPACF_PRNO_TRNG 0x72 145 146 /* 147 * Function codes for the KMA (CIPHER MESSAGE WITH AUTHENTICATION) 148 * instruction 149 */ 150 #define CPACF_KMA_QUERY 0x00 151 #define CPACF_KMA_GCM_AES_128 0x12 152 #define CPACF_KMA_GCM_AES_192 0x13 153 #define CPACF_KMA_GCM_AES_256 0x14 154 155 /* 156 * Flags for the KMA (CIPHER MESSAGE WITH AUTHENTICATION) instruction 157 */ 158 #define CPACF_KMA_LPC 0x100 /* Last-Plaintext/Ciphertext */ 159 #define CPACF_KMA_LAAD 0x200 /* Last-AAD */ 160 #define CPACF_KMA_HS 0x400 /* Hash-subkey Supplied */ 161 162 typedef struct { unsigned char bytes[16]; } cpacf_mask_t; 163 164 /** 165 * cpacf_query() - check if a specific CPACF function is available 166 * @opcode: the opcode of the crypto instruction 167 * @func: the function code to test for 168 * 169 * Executes the query function for the given crypto instruction @opcode 170 * and checks if @func is available 171 * 172 * Returns 1 if @func is available for @opcode, 0 otherwise 173 */ 174 static __always_inline void __cpacf_query(unsigned int opcode, cpacf_mask_t *mask) 175 { 176 asm volatile( 177 " lghi 0,0\n" /* query function */ 178 " lgr 1,%[mask]\n" 179 " spm 0\n" /* pckmo doesn't change the cc */ 180 /* Parameter regs are ignored, but must be nonzero and unique */ 181 "0: .insn rrf,%[opc] << 16,2,4,6,0\n" 182 " brc 1,0b\n" /* handle partial completion */ 183 : "=m" (*mask) 184 : [mask] "d" ((unsigned long)mask), [opc] "i" (opcode) 185 : "cc", "0", "1"); 186 } 187 188 static __always_inline int __cpacf_check_opcode(unsigned int opcode) 189 { 190 switch (opcode) { 191 case CPACF_KMAC: 192 case CPACF_KM: 193 case CPACF_KMC: 194 case CPACF_KIMD: 195 case CPACF_KLMD: 196 return test_facility(17); /* check for MSA */ 197 case CPACF_PCKMO: 198 return test_facility(76); /* check for MSA3 */ 199 case CPACF_KMF: 200 case CPACF_KMO: 201 case CPACF_PCC: 202 case CPACF_KMCTR: 203 return test_facility(77); /* check for MSA4 */ 204 case CPACF_PRNO: 205 return test_facility(57); /* check for MSA5 */ 206 case CPACF_KMA: 207 return test_facility(146); /* check for MSA8 */ 208 default: 209 BUG(); 210 } 211 } 212 213 static __always_inline int cpacf_query(unsigned int opcode, cpacf_mask_t *mask) 214 { 215 if (__cpacf_check_opcode(opcode)) { 216 __cpacf_query(opcode, mask); 217 return 1; 218 } 219 memset(mask, 0, sizeof(*mask)); 220 return 0; 221 } 222 223 static inline int cpacf_test_func(cpacf_mask_t *mask, unsigned int func) 224 { 225 return (mask->bytes[func >> 3] & (0x80 >> (func & 7))) != 0; 226 } 227 228 static __always_inline int cpacf_query_func(unsigned int opcode, unsigned int func) 229 { 230 cpacf_mask_t mask; 231 232 if (cpacf_query(opcode, &mask)) 233 return cpacf_test_func(&mask, func); 234 return 0; 235 } 236 237 /** 238 * cpacf_km() - executes the KM (CIPHER MESSAGE) instruction 239 * @func: the function code passed to KM; see CPACF_KM_xxx defines 240 * @param: address of parameter block; see POP for details on each func 241 * @dest: address of destination memory area 242 * @src: address of source memory area 243 * @src_len: length of src operand in bytes 244 * 245 * Returns 0 for the query func, number of processed bytes for 246 * encryption/decryption funcs 247 */ 248 static inline int cpacf_km(unsigned long func, void *param, 249 u8 *dest, const u8 *src, long src_len) 250 { 251 union register_pair d, s; 252 253 d.even = (unsigned long)dest; 254 s.even = (unsigned long)src; 255 s.odd = (unsigned long)src_len; 256 asm volatile( 257 " lgr 0,%[fc]\n" 258 " lgr 1,%[pba]\n" 259 "0: .insn rre,%[opc] << 16,%[dst],%[src]\n" 260 " brc 1,0b\n" /* handle partial completion */ 261 : [src] "+&d" (s.pair), [dst] "+&d" (d.pair) 262 : [fc] "d" (func), [pba] "d" ((unsigned long)param), 263 [opc] "i" (CPACF_KM) 264 : "cc", "memory", "0", "1"); 265 266 return src_len - s.odd; 267 } 268 269 /** 270 * cpacf_kmc() - executes the KMC (CIPHER MESSAGE WITH CHAINING) instruction 271 * @func: the function code passed to KM; see CPACF_KMC_xxx defines 272 * @param: address of parameter block; see POP for details on each func 273 * @dest: address of destination memory area 274 * @src: address of source memory area 275 * @src_len: length of src operand in bytes 276 * 277 * Returns 0 for the query func, number of processed bytes for 278 * encryption/decryption funcs 279 */ 280 static inline int cpacf_kmc(unsigned long func, void *param, 281 u8 *dest, const u8 *src, long src_len) 282 { 283 union register_pair d, s; 284 285 d.even = (unsigned long)dest; 286 s.even = (unsigned long)src; 287 s.odd = (unsigned long)src_len; 288 asm volatile( 289 " lgr 0,%[fc]\n" 290 " lgr 1,%[pba]\n" 291 "0: .insn rre,%[opc] << 16,%[dst],%[src]\n" 292 " brc 1,0b\n" /* handle partial completion */ 293 : [src] "+&d" (s.pair), [dst] "+&d" (d.pair) 294 : [fc] "d" (func), [pba] "d" ((unsigned long)param), 295 [opc] "i" (CPACF_KMC) 296 : "cc", "memory", "0", "1"); 297 298 return src_len - s.odd; 299 } 300 301 /** 302 * cpacf_kimd() - executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) 303 * instruction 304 * @func: the function code passed to KM; see CPACF_KIMD_xxx defines 305 * @param: address of parameter block; see POP for details on each func 306 * @src: address of source memory area 307 * @src_len: length of src operand in bytes 308 */ 309 static inline void cpacf_kimd(unsigned long func, void *param, 310 const u8 *src, long src_len) 311 { 312 union register_pair s; 313 314 s.even = (unsigned long)src; 315 s.odd = (unsigned long)src_len; 316 asm volatile( 317 " lgr 0,%[fc]\n" 318 " lgr 1,%[pba]\n" 319 "0: .insn rre,%[opc] << 16,0,%[src]\n" 320 " brc 1,0b\n" /* handle partial completion */ 321 : [src] "+&d" (s.pair) 322 : [fc] "d" (func), [pba] "d" ((unsigned long)(param)), 323 [opc] "i" (CPACF_KIMD) 324 : "cc", "memory", "0", "1"); 325 } 326 327 /** 328 * cpacf_klmd() - executes the KLMD (COMPUTE LAST MESSAGE DIGEST) instruction 329 * @func: the function code passed to KM; see CPACF_KLMD_xxx defines 330 * @param: address of parameter block; see POP for details on each func 331 * @src: address of source memory area 332 * @src_len: length of src operand in bytes 333 */ 334 static inline void cpacf_klmd(unsigned long func, void *param, 335 const u8 *src, long src_len) 336 { 337 union register_pair s; 338 339 s.even = (unsigned long)src; 340 s.odd = (unsigned long)src_len; 341 asm volatile( 342 " lgr 0,%[fc]\n" 343 " lgr 1,%[pba]\n" 344 "0: .insn rre,%[opc] << 16,0,%[src]\n" 345 " brc 1,0b\n" /* handle partial completion */ 346 : [src] "+&d" (s.pair) 347 : [fc] "d" (func), [pba] "d" ((unsigned long)param), 348 [opc] "i" (CPACF_KLMD) 349 : "cc", "memory", "0", "1"); 350 } 351 352 /** 353 * cpacf_kmac() - executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) 354 * instruction 355 * @func: the function code passed to KM; see CPACF_KMAC_xxx defines 356 * @param: address of parameter block; see POP for details on each func 357 * @src: address of source memory area 358 * @src_len: length of src operand in bytes 359 * 360 * Returns 0 for the query func, number of processed bytes for digest funcs 361 */ 362 static inline int cpacf_kmac(unsigned long func, void *param, 363 const u8 *src, long src_len) 364 { 365 union register_pair s; 366 367 s.even = (unsigned long)src; 368 s.odd = (unsigned long)src_len; 369 asm volatile( 370 " lgr 0,%[fc]\n" 371 " lgr 1,%[pba]\n" 372 "0: .insn rre,%[opc] << 16,0,%[src]\n" 373 " brc 1,0b\n" /* handle partial completion */ 374 : [src] "+&d" (s.pair) 375 : [fc] "d" (func), [pba] "d" ((unsigned long)param), 376 [opc] "i" (CPACF_KMAC) 377 : "cc", "memory", "0", "1"); 378 379 return src_len - s.odd; 380 } 381 382 /** 383 * cpacf_kmctr() - executes the KMCTR (CIPHER MESSAGE WITH COUNTER) instruction 384 * @func: the function code passed to KMCTR; see CPACF_KMCTR_xxx defines 385 * @param: address of parameter block; see POP for details on each func 386 * @dest: address of destination memory area 387 * @src: address of source memory area 388 * @src_len: length of src operand in bytes 389 * @counter: address of counter value 390 * 391 * Returns 0 for the query func, number of processed bytes for 392 * encryption/decryption funcs 393 */ 394 static inline int cpacf_kmctr(unsigned long func, void *param, u8 *dest, 395 const u8 *src, long src_len, u8 *counter) 396 { 397 union register_pair d, s, c; 398 399 d.even = (unsigned long)dest; 400 s.even = (unsigned long)src; 401 s.odd = (unsigned long)src_len; 402 c.even = (unsigned long)counter; 403 asm volatile( 404 " lgr 0,%[fc]\n" 405 " lgr 1,%[pba]\n" 406 "0: .insn rrf,%[opc] << 16,%[dst],%[src],%[ctr],0\n" 407 " brc 1,0b\n" /* handle partial completion */ 408 : [src] "+&d" (s.pair), [dst] "+&d" (d.pair), 409 [ctr] "+&d" (c.pair) 410 : [fc] "d" (func), [pba] "d" ((unsigned long)param), 411 [opc] "i" (CPACF_KMCTR) 412 : "cc", "memory", "0", "1"); 413 414 return src_len - s.odd; 415 } 416 417 /** 418 * cpacf_prno() - executes the PRNO (PERFORM RANDOM NUMBER OPERATION) 419 * instruction 420 * @func: the function code passed to PRNO; see CPACF_PRNO_xxx defines 421 * @param: address of parameter block; see POP for details on each func 422 * @dest: address of destination memory area 423 * @dest_len: size of destination memory area in bytes 424 * @seed: address of seed data 425 * @seed_len: size of seed data in bytes 426 */ 427 static inline void cpacf_prno(unsigned long func, void *param, 428 u8 *dest, unsigned long dest_len, 429 const u8 *seed, unsigned long seed_len) 430 { 431 union register_pair d, s; 432 433 d.even = (unsigned long)dest; 434 d.odd = (unsigned long)dest_len; 435 s.even = (unsigned long)seed; 436 s.odd = (unsigned long)seed_len; 437 asm volatile ( 438 " lgr 0,%[fc]\n" 439 " lgr 1,%[pba]\n" 440 "0: .insn rre,%[opc] << 16,%[dst],%[seed]\n" 441 " brc 1,0b\n" /* handle partial completion */ 442 : [dst] "+&d" (d.pair) 443 : [fc] "d" (func), [pba] "d" ((unsigned long)param), 444 [seed] "d" (s.pair), [opc] "i" (CPACF_PRNO) 445 : "cc", "memory", "0", "1"); 446 } 447 448 /** 449 * cpacf_trng() - executes the TRNG subfunction of the PRNO instruction 450 * @ucbuf: buffer for unconditioned data 451 * @ucbuf_len: amount of unconditioned data to fetch in bytes 452 * @cbuf: buffer for conditioned data 453 * @cbuf_len: amount of conditioned data to fetch in bytes 454 */ 455 static inline void cpacf_trng(u8 *ucbuf, unsigned long ucbuf_len, 456 u8 *cbuf, unsigned long cbuf_len) 457 { 458 union register_pair u, c; 459 460 u.even = (unsigned long)ucbuf; 461 u.odd = (unsigned long)ucbuf_len; 462 c.even = (unsigned long)cbuf; 463 c.odd = (unsigned long)cbuf_len; 464 asm volatile ( 465 " lghi 0,%[fc]\n" 466 "0: .insn rre,%[opc] << 16,%[ucbuf],%[cbuf]\n" 467 " brc 1,0b\n" /* handle partial completion */ 468 : [ucbuf] "+&d" (u.pair), [cbuf] "+&d" (c.pair) 469 : [fc] "K" (CPACF_PRNO_TRNG), [opc] "i" (CPACF_PRNO) 470 : "cc", "memory", "0"); 471 } 472 473 /** 474 * cpacf_pcc() - executes the PCC (PERFORM CRYPTOGRAPHIC COMPUTATION) 475 * instruction 476 * @func: the function code passed to PCC; see CPACF_KM_xxx defines 477 * @param: address of parameter block; see POP for details on each func 478 */ 479 static inline void cpacf_pcc(unsigned long func, void *param) 480 { 481 asm volatile( 482 " lgr 0,%[fc]\n" 483 " lgr 1,%[pba]\n" 484 "0: .insn rre,%[opc] << 16,0,0\n" /* PCC opcode */ 485 " brc 1,0b\n" /* handle partial completion */ 486 : 487 : [fc] "d" (func), [pba] "d" ((unsigned long)param), 488 [opc] "i" (CPACF_PCC) 489 : "cc", "memory", "0", "1"); 490 } 491 492 /** 493 * cpacf_pckmo() - executes the PCKMO (PERFORM CRYPTOGRAPHIC KEY 494 * MANAGEMENT) instruction 495 * @func: the function code passed to PCKMO; see CPACF_PCKMO_xxx defines 496 * @param: address of parameter block; see POP for details on each func 497 * 498 * Returns 0. 499 */ 500 static inline void cpacf_pckmo(long func, void *param) 501 { 502 asm volatile( 503 " lgr 0,%[fc]\n" 504 " lgr 1,%[pba]\n" 505 " .insn rre,%[opc] << 16,0,0\n" /* PCKMO opcode */ 506 : 507 : [fc] "d" (func), [pba] "d" ((unsigned long)param), 508 [opc] "i" (CPACF_PCKMO) 509 : "cc", "memory", "0", "1"); 510 } 511 512 /** 513 * cpacf_kma() - executes the KMA (CIPHER MESSAGE WITH AUTHENTICATION) 514 * instruction 515 * @func: the function code passed to KMA; see CPACF_KMA_xxx defines 516 * @param: address of parameter block; see POP for details on each func 517 * @dest: address of destination memory area 518 * @src: address of source memory area 519 * @src_len: length of src operand in bytes 520 * @aad: address of additional authenticated data memory area 521 * @aad_len: length of aad operand in bytes 522 */ 523 static inline void cpacf_kma(unsigned long func, void *param, u8 *dest, 524 const u8 *src, unsigned long src_len, 525 const u8 *aad, unsigned long aad_len) 526 { 527 union register_pair d, s, a; 528 529 d.even = (unsigned long)dest; 530 s.even = (unsigned long)src; 531 s.odd = (unsigned long)src_len; 532 a.even = (unsigned long)aad; 533 a.odd = (unsigned long)aad_len; 534 asm volatile( 535 " lgr 0,%[fc]\n" 536 " lgr 1,%[pba]\n" 537 "0: .insn rrf,%[opc] << 16,%[dst],%[src],%[aad],0\n" 538 " brc 1,0b\n" /* handle partial completion */ 539 : [dst] "+&d" (d.pair), [src] "+&d" (s.pair), 540 [aad] "+&d" (a.pair) 541 : [fc] "d" (func), [pba] "d" ((unsigned long)param), 542 [opc] "i" (CPACF_KMA) 543 : "cc", "memory", "0", "1"); 544 } 545 546 #endif /* _ASM_S390_CPACF_H */ 547