xref: /linux/arch/s390/include/asm/cpacf.h (revision 9fb29c734f9e98adc1f2f3c4629fe487cb93f2dd)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3  * CP Assist for Cryptographic Functions (CPACF)
4  *
5  * Copyright IBM Corp. 2003, 2017
6  * Author(s): Thomas Spatzier
7  *	      Jan Glauber
8  *	      Harald Freudenberger (freude@de.ibm.com)
9  *	      Martin Schwidefsky <schwidefsky@de.ibm.com>
10  */
11 #ifndef _ASM_S390_CPACF_H
12 #define _ASM_S390_CPACF_H
13 
14 #include <asm/facility.h>
15 
16 /*
17  * Instruction opcodes for the CPACF instructions
18  */
19 #define CPACF_KMAC		0xb91e		/* MSA	*/
20 #define CPACF_KM		0xb92e		/* MSA	*/
21 #define CPACF_KMC		0xb92f		/* MSA	*/
22 #define CPACF_KIMD		0xb93e		/* MSA	*/
23 #define CPACF_KLMD		0xb93f		/* MSA	*/
24 #define CPACF_PCKMO		0xb928		/* MSA3 */
25 #define CPACF_KMF		0xb92a		/* MSA4 */
26 #define CPACF_KMO		0xb92b		/* MSA4 */
27 #define CPACF_PCC		0xb92c		/* MSA4 */
28 #define CPACF_KMCTR		0xb92d		/* MSA4 */
29 #define CPACF_PRNO		0xb93c		/* MSA5 */
30 #define CPACF_KMA		0xb929		/* MSA8 */
31 
32 /*
33  * En/decryption modifier bits
34  */
35 #define CPACF_ENCRYPT		0x00
36 #define CPACF_DECRYPT		0x80
37 
38 /*
39  * Function codes for the KM (CIPHER MESSAGE) instruction
40  */
41 #define CPACF_KM_QUERY		0x00
42 #define CPACF_KM_DEA		0x01
43 #define CPACF_KM_TDEA_128	0x02
44 #define CPACF_KM_TDEA_192	0x03
45 #define CPACF_KM_AES_128	0x12
46 #define CPACF_KM_AES_192	0x13
47 #define CPACF_KM_AES_256	0x14
48 #define CPACF_KM_PAES_128	0x1a
49 #define CPACF_KM_PAES_192	0x1b
50 #define CPACF_KM_PAES_256	0x1c
51 #define CPACF_KM_XTS_128	0x32
52 #define CPACF_KM_XTS_256	0x34
53 #define CPACF_KM_PXTS_128	0x3a
54 #define CPACF_KM_PXTS_256	0x3c
55 
56 /*
57  * Function codes for the KMC (CIPHER MESSAGE WITH CHAINING)
58  * instruction
59  */
60 #define CPACF_KMC_QUERY		0x00
61 #define CPACF_KMC_DEA		0x01
62 #define CPACF_KMC_TDEA_128	0x02
63 #define CPACF_KMC_TDEA_192	0x03
64 #define CPACF_KMC_AES_128	0x12
65 #define CPACF_KMC_AES_192	0x13
66 #define CPACF_KMC_AES_256	0x14
67 #define CPACF_KMC_PAES_128	0x1a
68 #define CPACF_KMC_PAES_192	0x1b
69 #define CPACF_KMC_PAES_256	0x1c
70 #define CPACF_KMC_PRNG		0x43
71 
72 /*
73  * Function codes for the KMCTR (CIPHER MESSAGE WITH COUNTER)
74  * instruction
75  */
76 #define CPACF_KMCTR_QUERY	0x00
77 #define CPACF_KMCTR_DEA		0x01
78 #define CPACF_KMCTR_TDEA_128	0x02
79 #define CPACF_KMCTR_TDEA_192	0x03
80 #define CPACF_KMCTR_AES_128	0x12
81 #define CPACF_KMCTR_AES_192	0x13
82 #define CPACF_KMCTR_AES_256	0x14
83 #define CPACF_KMCTR_PAES_128	0x1a
84 #define CPACF_KMCTR_PAES_192	0x1b
85 #define CPACF_KMCTR_PAES_256	0x1c
86 
87 /*
88  * Function codes for the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST)
89  * instruction
90  */
91 #define CPACF_KIMD_QUERY	0x00
92 #define CPACF_KIMD_SHA_1	0x01
93 #define CPACF_KIMD_SHA_256	0x02
94 #define CPACF_KIMD_SHA_512	0x03
95 #define CPACF_KIMD_GHASH	0x41
96 
97 /*
98  * Function codes for the KLMD (COMPUTE LAST MESSAGE DIGEST)
99  * instruction
100  */
101 #define CPACF_KLMD_QUERY	0x00
102 #define CPACF_KLMD_SHA_1	0x01
103 #define CPACF_KLMD_SHA_256	0x02
104 #define CPACF_KLMD_SHA_512	0x03
105 
106 /*
107  * function codes for the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE)
108  * instruction
109  */
110 #define CPACF_KMAC_QUERY	0x00
111 #define CPACF_KMAC_DEA		0x01
112 #define CPACF_KMAC_TDEA_128	0x02
113 #define CPACF_KMAC_TDEA_192	0x03
114 
115 /*
116  * Function codes for the PCKMO (PERFORM CRYPTOGRAPHIC KEY MANAGEMENT)
117  * instruction
118  */
119 #define CPACF_PCKMO_QUERY		0x00
120 #define CPACF_PCKMO_ENC_DES_KEY		0x01
121 #define CPACF_PCKMO_ENC_TDES_128_KEY	0x02
122 #define CPACF_PCKMO_ENC_TDES_192_KEY	0x03
123 #define CPACF_PCKMO_ENC_AES_128_KEY	0x12
124 #define CPACF_PCKMO_ENC_AES_192_KEY	0x13
125 #define CPACF_PCKMO_ENC_AES_256_KEY	0x14
126 
127 /*
128  * Function codes for the PRNO (PERFORM RANDOM NUMBER OPERATION)
129  * instruction
130  */
131 #define CPACF_PRNO_QUERY		0x00
132 #define CPACF_PRNO_SHA512_DRNG_GEN	0x03
133 #define CPACF_PRNO_SHA512_DRNG_SEED	0x83
134 #define CPACF_PRNO_TRNG_Q_R2C_RATIO	0x70
135 #define CPACF_PRNO_TRNG			0x72
136 
137 /*
138  * Function codes for the KMA (CIPHER MESSAGE WITH AUTHENTICATION)
139  * instruction
140  */
141 #define CPACF_KMA_QUERY		0x00
142 #define CPACF_KMA_GCM_AES_128	0x12
143 #define CPACF_KMA_GCM_AES_192	0x13
144 #define CPACF_KMA_GCM_AES_256	0x14
145 
146 /*
147  * Flags for the KMA (CIPHER MESSAGE WITH AUTHENTICATION) instruction
148  */
149 #define CPACF_KMA_LPC	0x100	/* Last-Plaintext/Ciphertext */
150 #define CPACF_KMA_LAAD	0x200	/* Last-AAD */
151 #define CPACF_KMA_HS	0x400	/* Hash-subkey Supplied */
152 
153 typedef struct { unsigned char bytes[16]; } cpacf_mask_t;
154 
155 /**
156  * cpacf_query() - check if a specific CPACF function is available
157  * @opcode: the opcode of the crypto instruction
158  * @func: the function code to test for
159  *
160  * Executes the query function for the given crypto instruction @opcode
161  * and checks if @func is available
162  *
163  * Returns 1 if @func is available for @opcode, 0 otherwise
164  */
165 static inline void __cpacf_query(unsigned int opcode, cpacf_mask_t *mask)
166 {
167 	register unsigned long r0 asm("0") = 0;	/* query function */
168 	register unsigned long r1 asm("1") = (unsigned long) mask;
169 
170 	asm volatile(
171 		"	spm 0\n" /* pckmo doesn't change the cc */
172 		/* Parameter regs are ignored, but must be nonzero and unique */
173 		"0:	.insn	rrf,%[opc] << 16,2,4,6,0\n"
174 		"	brc	1,0b\n"	/* handle partial completion */
175 		: "=m" (*mask)
176 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (opcode)
177 		: "cc");
178 }
179 
180 static inline int __cpacf_check_opcode(unsigned int opcode)
181 {
182 	switch (opcode) {
183 	case CPACF_KMAC:
184 	case CPACF_KM:
185 	case CPACF_KMC:
186 	case CPACF_KIMD:
187 	case CPACF_KLMD:
188 		return test_facility(17);	/* check for MSA */
189 	case CPACF_PCKMO:
190 		return test_facility(76);	/* check for MSA3 */
191 	case CPACF_KMF:
192 	case CPACF_KMO:
193 	case CPACF_PCC:
194 	case CPACF_KMCTR:
195 		return test_facility(77);	/* check for MSA4 */
196 	case CPACF_PRNO:
197 		return test_facility(57);	/* check for MSA5 */
198 	case CPACF_KMA:
199 		return test_facility(146);	/* check for MSA8 */
200 	default:
201 		BUG();
202 	}
203 }
204 
205 static inline int cpacf_query(unsigned int opcode, cpacf_mask_t *mask)
206 {
207 	if (__cpacf_check_opcode(opcode)) {
208 		__cpacf_query(opcode, mask);
209 		return 1;
210 	}
211 	memset(mask, 0, sizeof(*mask));
212 	return 0;
213 }
214 
215 static inline int cpacf_test_func(cpacf_mask_t *mask, unsigned int func)
216 {
217 	return (mask->bytes[func >> 3] & (0x80 >> (func & 7))) != 0;
218 }
219 
220 static inline int cpacf_query_func(unsigned int opcode, unsigned int func)
221 {
222 	cpacf_mask_t mask;
223 
224 	if (cpacf_query(opcode, &mask))
225 		return cpacf_test_func(&mask, func);
226 	return 0;
227 }
228 
229 /**
230  * cpacf_km() - executes the KM (CIPHER MESSAGE) instruction
231  * @func: the function code passed to KM; see CPACF_KM_xxx defines
232  * @param: address of parameter block; see POP for details on each func
233  * @dest: address of destination memory area
234  * @src: address of source memory area
235  * @src_len: length of src operand in bytes
236  *
237  * Returns 0 for the query func, number of processed bytes for
238  * encryption/decryption funcs
239  */
240 static inline int cpacf_km(unsigned long func, void *param,
241 			   u8 *dest, const u8 *src, long src_len)
242 {
243 	register unsigned long r0 asm("0") = (unsigned long) func;
244 	register unsigned long r1 asm("1") = (unsigned long) param;
245 	register unsigned long r2 asm("2") = (unsigned long) src;
246 	register unsigned long r3 asm("3") = (unsigned long) src_len;
247 	register unsigned long r4 asm("4") = (unsigned long) dest;
248 
249 	asm volatile(
250 		"0:	.insn	rre,%[opc] << 16,%[dst],%[src]\n"
251 		"	brc	1,0b\n" /* handle partial completion */
252 		: [src] "+a" (r2), [len] "+d" (r3), [dst] "+a" (r4)
253 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KM)
254 		: "cc", "memory");
255 
256 	return src_len - r3;
257 }
258 
259 /**
260  * cpacf_kmc() - executes the KMC (CIPHER MESSAGE WITH CHAINING) instruction
261  * @func: the function code passed to KM; see CPACF_KMC_xxx defines
262  * @param: address of parameter block; see POP for details on each func
263  * @dest: address of destination memory area
264  * @src: address of source memory area
265  * @src_len: length of src operand in bytes
266  *
267  * Returns 0 for the query func, number of processed bytes for
268  * encryption/decryption funcs
269  */
270 static inline int cpacf_kmc(unsigned long func, void *param,
271 			    u8 *dest, const u8 *src, long src_len)
272 {
273 	register unsigned long r0 asm("0") = (unsigned long) func;
274 	register unsigned long r1 asm("1") = (unsigned long) param;
275 	register unsigned long r2 asm("2") = (unsigned long) src;
276 	register unsigned long r3 asm("3") = (unsigned long) src_len;
277 	register unsigned long r4 asm("4") = (unsigned long) dest;
278 
279 	asm volatile(
280 		"0:	.insn	rre,%[opc] << 16,%[dst],%[src]\n"
281 		"	brc	1,0b\n" /* handle partial completion */
282 		: [src] "+a" (r2), [len] "+d" (r3), [dst] "+a" (r4)
283 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KMC)
284 		: "cc", "memory");
285 
286 	return src_len - r3;
287 }
288 
289 /**
290  * cpacf_kimd() - executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST)
291  *		  instruction
292  * @func: the function code passed to KM; see CPACF_KIMD_xxx defines
293  * @param: address of parameter block; see POP for details on each func
294  * @src: address of source memory area
295  * @src_len: length of src operand in bytes
296  */
297 static inline void cpacf_kimd(unsigned long func, void *param,
298 			      const u8 *src, long src_len)
299 {
300 	register unsigned long r0 asm("0") = (unsigned long) func;
301 	register unsigned long r1 asm("1") = (unsigned long) param;
302 	register unsigned long r2 asm("2") = (unsigned long) src;
303 	register unsigned long r3 asm("3") = (unsigned long) src_len;
304 
305 	asm volatile(
306 		"0:	.insn	rre,%[opc] << 16,0,%[src]\n"
307 		"	brc	1,0b\n" /* handle partial completion */
308 		: [src] "+a" (r2), [len] "+d" (r3)
309 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KIMD)
310 		: "cc", "memory");
311 }
312 
313 /**
314  * cpacf_klmd() - executes the KLMD (COMPUTE LAST MESSAGE DIGEST) instruction
315  * @func: the function code passed to KM; see CPACF_KLMD_xxx defines
316  * @param: address of parameter block; see POP for details on each func
317  * @src: address of source memory area
318  * @src_len: length of src operand in bytes
319  */
320 static inline void cpacf_klmd(unsigned long func, void *param,
321 			      const u8 *src, long src_len)
322 {
323 	register unsigned long r0 asm("0") = (unsigned long) func;
324 	register unsigned long r1 asm("1") = (unsigned long) param;
325 	register unsigned long r2 asm("2") = (unsigned long) src;
326 	register unsigned long r3 asm("3") = (unsigned long) src_len;
327 
328 	asm volatile(
329 		"0:	.insn	rre,%[opc] << 16,0,%[src]\n"
330 		"	brc	1,0b\n" /* handle partial completion */
331 		: [src] "+a" (r2), [len] "+d" (r3)
332 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KLMD)
333 		: "cc", "memory");
334 }
335 
336 /**
337  * cpacf_kmac() - executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE)
338  *		  instruction
339  * @func: the function code passed to KM; see CPACF_KMAC_xxx defines
340  * @param: address of parameter block; see POP for details on each func
341  * @src: address of source memory area
342  * @src_len: length of src operand in bytes
343  *
344  * Returns 0 for the query func, number of processed bytes for digest funcs
345  */
346 static inline int cpacf_kmac(unsigned long func, void *param,
347 			     const u8 *src, long src_len)
348 {
349 	register unsigned long r0 asm("0") = (unsigned long) func;
350 	register unsigned long r1 asm("1") = (unsigned long) param;
351 	register unsigned long r2 asm("2") = (unsigned long) src;
352 	register unsigned long r3 asm("3") = (unsigned long) src_len;
353 
354 	asm volatile(
355 		"0:	.insn	rre,%[opc] << 16,0,%[src]\n"
356 		"	brc	1,0b\n" /* handle partial completion */
357 		: [src] "+a" (r2), [len] "+d" (r3)
358 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KMAC)
359 		: "cc", "memory");
360 
361 	return src_len - r3;
362 }
363 
364 /**
365  * cpacf_kmctr() - executes the KMCTR (CIPHER MESSAGE WITH COUNTER) instruction
366  * @func: the function code passed to KMCTR; see CPACF_KMCTR_xxx defines
367  * @param: address of parameter block; see POP for details on each func
368  * @dest: address of destination memory area
369  * @src: address of source memory area
370  * @src_len: length of src operand in bytes
371  * @counter: address of counter value
372  *
373  * Returns 0 for the query func, number of processed bytes for
374  * encryption/decryption funcs
375  */
376 static inline int cpacf_kmctr(unsigned long func, void *param, u8 *dest,
377 			      const u8 *src, long src_len, u8 *counter)
378 {
379 	register unsigned long r0 asm("0") = (unsigned long) func;
380 	register unsigned long r1 asm("1") = (unsigned long) param;
381 	register unsigned long r2 asm("2") = (unsigned long) src;
382 	register unsigned long r3 asm("3") = (unsigned long) src_len;
383 	register unsigned long r4 asm("4") = (unsigned long) dest;
384 	register unsigned long r6 asm("6") = (unsigned long) counter;
385 
386 	asm volatile(
387 		"0:	.insn	rrf,%[opc] << 16,%[dst],%[src],%[ctr],0\n"
388 		"	brc	1,0b\n" /* handle partial completion */
389 		: [src] "+a" (r2), [len] "+d" (r3),
390 		  [dst] "+a" (r4), [ctr] "+a" (r6)
391 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KMCTR)
392 		: "cc", "memory");
393 
394 	return src_len - r3;
395 }
396 
397 /**
398  * cpacf_prno() - executes the PRNO (PERFORM RANDOM NUMBER OPERATION)
399  *		  instruction
400  * @func: the function code passed to PRNO; see CPACF_PRNO_xxx defines
401  * @param: address of parameter block; see POP for details on each func
402  * @dest: address of destination memory area
403  * @dest_len: size of destination memory area in bytes
404  * @seed: address of seed data
405  * @seed_len: size of seed data in bytes
406  */
407 static inline void cpacf_prno(unsigned long func, void *param,
408 			      u8 *dest, unsigned long dest_len,
409 			      const u8 *seed, unsigned long seed_len)
410 {
411 	register unsigned long r0 asm("0") = (unsigned long) func;
412 	register unsigned long r1 asm("1") = (unsigned long) param;
413 	register unsigned long r2 asm("2") = (unsigned long) dest;
414 	register unsigned long r3 asm("3") = (unsigned long) dest_len;
415 	register unsigned long r4 asm("4") = (unsigned long) seed;
416 	register unsigned long r5 asm("5") = (unsigned long) seed_len;
417 
418 	asm volatile (
419 		"0:	.insn	rre,%[opc] << 16,%[dst],%[seed]\n"
420 		"	brc	1,0b\n"	  /* handle partial completion */
421 		: [dst] "+a" (r2), [dlen] "+d" (r3)
422 		: [fc] "d" (r0), [pba] "a" (r1),
423 		  [seed] "a" (r4), [slen] "d" (r5), [opc] "i" (CPACF_PRNO)
424 		: "cc", "memory");
425 }
426 
427 /**
428  * cpacf_trng() - executes the TRNG subfunction of the PRNO instruction
429  * @ucbuf: buffer for unconditioned data
430  * @ucbuf_len: amount of unconditioned data to fetch in bytes
431  * @cbuf: buffer for conditioned data
432  * @cbuf_len: amount of conditioned data to fetch in bytes
433  */
434 static inline void cpacf_trng(u8 *ucbuf, unsigned long ucbuf_len,
435 			      u8 *cbuf, unsigned long cbuf_len)
436 {
437 	register unsigned long r0 asm("0") = (unsigned long) CPACF_PRNO_TRNG;
438 	register unsigned long r2 asm("2") = (unsigned long) ucbuf;
439 	register unsigned long r3 asm("3") = (unsigned long) ucbuf_len;
440 	register unsigned long r4 asm("4") = (unsigned long) cbuf;
441 	register unsigned long r5 asm("5") = (unsigned long) cbuf_len;
442 
443 	asm volatile (
444 		"0:	.insn	rre,%[opc] << 16,%[ucbuf],%[cbuf]\n"
445 		"	brc	1,0b\n"	  /* handle partial completion */
446 		: [ucbuf] "+a" (r2), [ucbuflen] "+d" (r3),
447 		  [cbuf] "+a" (r4), [cbuflen] "+d" (r5)
448 		: [fc] "d" (r0), [opc] "i" (CPACF_PRNO)
449 		: "cc", "memory");
450 }
451 
452 /**
453  * cpacf_pcc() - executes the PCC (PERFORM CRYPTOGRAPHIC COMPUTATION)
454  *		 instruction
455  * @func: the function code passed to PCC; see CPACF_KM_xxx defines
456  * @param: address of parameter block; see POP for details on each func
457  */
458 static inline void cpacf_pcc(unsigned long func, void *param)
459 {
460 	register unsigned long r0 asm("0") = (unsigned long) func;
461 	register unsigned long r1 asm("1") = (unsigned long) param;
462 
463 	asm volatile(
464 		"0:	.insn	rre,%[opc] << 16,0,0\n" /* PCC opcode */
465 		"	brc	1,0b\n" /* handle partial completion */
466 		:
467 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_PCC)
468 		: "cc", "memory");
469 }
470 
471 /**
472  * cpacf_pckmo() - executes the PCKMO (PERFORM CRYPTOGRAPHIC KEY
473  *		  MANAGEMENT) instruction
474  * @func: the function code passed to PCKMO; see CPACF_PCKMO_xxx defines
475  * @param: address of parameter block; see POP for details on each func
476  *
477  * Returns 0.
478  */
479 static inline void cpacf_pckmo(long func, void *param)
480 {
481 	register unsigned long r0 asm("0") = (unsigned long) func;
482 	register unsigned long r1 asm("1") = (unsigned long) param;
483 
484 	asm volatile(
485 		"       .insn   rre,%[opc] << 16,0,0\n" /* PCKMO opcode */
486 		:
487 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_PCKMO)
488 		: "cc", "memory");
489 }
490 
491 /**
492  * cpacf_kma() - executes the KMA (CIPHER MESSAGE WITH AUTHENTICATION)
493  *		 instruction
494  * @func: the function code passed to KMA; see CPACF_KMA_xxx defines
495  * @param: address of parameter block; see POP for details on each func
496  * @dest: address of destination memory area
497  * @src: address of source memory area
498  * @src_len: length of src operand in bytes
499  * @aad: address of additional authenticated data memory area
500  * @aad_len: length of aad operand in bytes
501  */
502 static inline void cpacf_kma(unsigned long func, void *param, u8 *dest,
503 			     const u8 *src, unsigned long src_len,
504 			     const u8 *aad, unsigned long aad_len)
505 {
506 	register unsigned long r0 asm("0") = (unsigned long) func;
507 	register unsigned long r1 asm("1") = (unsigned long) param;
508 	register unsigned long r2 asm("2") = (unsigned long) src;
509 	register unsigned long r3 asm("3") = (unsigned long) src_len;
510 	register unsigned long r4 asm("4") = (unsigned long) aad;
511 	register unsigned long r5 asm("5") = (unsigned long) aad_len;
512 	register unsigned long r6 asm("6") = (unsigned long) dest;
513 
514 	asm volatile(
515 		"0:	.insn	rrf,%[opc] << 16,%[dst],%[src],%[aad],0\n"
516 		"	brc	1,0b\n"	/* handle partial completion */
517 		: [dst] "+a" (r6), [src] "+a" (r2), [slen] "+d" (r3),
518 		  [aad] "+a" (r4), [alen] "+d" (r5)
519 		: [fc] "d" (r0), [pba] "a" (r1), [opc] "i" (CPACF_KMA)
520 		: "cc", "memory");
521 }
522 
523 #endif	/* _ASM_S390_CPACF_H */
524