xref: /linux/drivers/s390/crypto/pkey_api.c (revision 1f20a5769446a1acae67ac9e63d07a594829a789)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  *  pkey device driver
4  *
5  *  Copyright IBM Corp. 2017, 2023
6  *
7  *  Author(s): Harald Freudenberger
8  */
9 
10 #define KMSG_COMPONENT "pkey"
11 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
12 
13 #include <linux/fs.h>
14 #include <linux/init.h>
15 #include <linux/miscdevice.h>
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/kallsyms.h>
19 #include <linux/debugfs.h>
20 #include <linux/random.h>
21 #include <linux/cpufeature.h>
22 #include <asm/zcrypt.h>
23 #include <asm/cpacf.h>
24 #include <asm/pkey.h>
25 #include <crypto/aes.h>
26 
27 #include "zcrypt_api.h"
28 #include "zcrypt_ccamisc.h"
29 #include "zcrypt_ep11misc.h"
30 
31 MODULE_LICENSE("GPL");
32 MODULE_AUTHOR("IBM Corporation");
33 MODULE_DESCRIPTION("s390 protected key interface");
34 
35 #define KEYBLOBBUFSIZE 8192	/* key buffer size used for internal processing */
36 #define MINKEYBLOBBUFSIZE (sizeof(struct keytoken_header))
37 #define PROTKEYBLOBBUFSIZE 256	/* protected key buffer size used internal */
38 #define MAXAPQNSINLIST 64	/* max 64 apqns within a apqn list */
39 #define AES_WK_VP_SIZE 32	/* Size of WK VP block appended to a prot key */
40 
41 /*
42  * debug feature data and functions
43  */
44 
45 static debug_info_t *pkey_dbf_info;
46 
47 #define PKEY_DBF_INFO(...) debug_sprintf_event(pkey_dbf_info, 5, ##__VA_ARGS__)
48 #define PKEY_DBF_WARN(...) debug_sprintf_event(pkey_dbf_info, 4, ##__VA_ARGS__)
49 #define PKEY_DBF_ERR(...)  debug_sprintf_event(pkey_dbf_info, 3, ##__VA_ARGS__)
50 
51 static void __init pkey_debug_init(void)
52 {
53 	/* 5 arguments per dbf entry (including the format string ptr) */
54 	pkey_dbf_info = debug_register("pkey", 1, 1, 5 * sizeof(long));
55 	debug_register_view(pkey_dbf_info, &debug_sprintf_view);
56 	debug_set_level(pkey_dbf_info, 3);
57 }
58 
59 static void __exit pkey_debug_exit(void)
60 {
61 	debug_unregister(pkey_dbf_info);
62 }
63 
64 /* inside view of a protected key token (only type 0x00 version 0x01) */
65 struct protaeskeytoken {
66 	u8  type;     /* 0x00 for PAES specific key tokens */
67 	u8  res0[3];
68 	u8  version;  /* should be 0x01 for protected AES key token */
69 	u8  res1[3];
70 	u32 keytype;  /* key type, one of the PKEY_KEYTYPE values */
71 	u32 len;      /* bytes actually stored in protkey[] */
72 	u8  protkey[MAXPROTKEYSIZE]; /* the protected key blob */
73 } __packed;
74 
75 /* inside view of a clear key token (type 0x00 version 0x02) */
76 struct clearkeytoken {
77 	u8  type;	/* 0x00 for PAES specific key tokens */
78 	u8  res0[3];
79 	u8  version;	/* 0x02 for clear key token */
80 	u8  res1[3];
81 	u32 keytype;	/* key type, one of the PKEY_KEYTYPE_* values */
82 	u32 len;	/* bytes actually stored in clearkey[] */
83 	u8  clearkey[]; /* clear key value */
84 } __packed;
85 
86 /* helper function which translates the PKEY_KEYTYPE_AES_* to their keysize */
87 static inline u32 pkey_keytype_aes_to_size(u32 keytype)
88 {
89 	switch (keytype) {
90 	case PKEY_KEYTYPE_AES_128:
91 		return 16;
92 	case PKEY_KEYTYPE_AES_192:
93 		return 24;
94 	case PKEY_KEYTYPE_AES_256:
95 		return 32;
96 	default:
97 		return 0;
98 	}
99 }
100 
101 /*
102  * Create a protected key from a clear key value via PCKMO instruction.
103  */
104 static int pkey_clr2protkey(u32 keytype, const u8 *clrkey,
105 			    u8 *protkey, u32 *protkeylen, u32 *protkeytype)
106 {
107 	/* mask of available pckmo subfunctions */
108 	static cpacf_mask_t pckmo_functions;
109 
110 	u8 paramblock[112];
111 	u32 pkeytype;
112 	int keysize;
113 	long fc;
114 
115 	switch (keytype) {
116 	case PKEY_KEYTYPE_AES_128:
117 		/* 16 byte key, 32 byte aes wkvp, total 48 bytes */
118 		keysize = 16;
119 		pkeytype = keytype;
120 		fc = CPACF_PCKMO_ENC_AES_128_KEY;
121 		break;
122 	case PKEY_KEYTYPE_AES_192:
123 		/* 24 byte key, 32 byte aes wkvp, total 56 bytes */
124 		keysize = 24;
125 		pkeytype = keytype;
126 		fc = CPACF_PCKMO_ENC_AES_192_KEY;
127 		break;
128 	case PKEY_KEYTYPE_AES_256:
129 		/* 32 byte key, 32 byte aes wkvp, total 64 bytes */
130 		keysize = 32;
131 		pkeytype = keytype;
132 		fc = CPACF_PCKMO_ENC_AES_256_KEY;
133 		break;
134 	case PKEY_KEYTYPE_ECC_P256:
135 		/* 32 byte key, 32 byte aes wkvp, total 64 bytes */
136 		keysize = 32;
137 		pkeytype = PKEY_KEYTYPE_ECC;
138 		fc = CPACF_PCKMO_ENC_ECC_P256_KEY;
139 		break;
140 	case PKEY_KEYTYPE_ECC_P384:
141 		/* 48 byte key, 32 byte aes wkvp, total 80 bytes */
142 		keysize = 48;
143 		pkeytype = PKEY_KEYTYPE_ECC;
144 		fc = CPACF_PCKMO_ENC_ECC_P384_KEY;
145 		break;
146 	case PKEY_KEYTYPE_ECC_P521:
147 		/* 80 byte key, 32 byte aes wkvp, total 112 bytes */
148 		keysize = 80;
149 		pkeytype = PKEY_KEYTYPE_ECC;
150 		fc = CPACF_PCKMO_ENC_ECC_P521_KEY;
151 		break;
152 	case PKEY_KEYTYPE_ECC_ED25519:
153 		/* 32 byte key, 32 byte aes wkvp, total 64 bytes */
154 		keysize = 32;
155 		pkeytype = PKEY_KEYTYPE_ECC;
156 		fc = CPACF_PCKMO_ENC_ECC_ED25519_KEY;
157 		break;
158 	case PKEY_KEYTYPE_ECC_ED448:
159 		/* 64 byte key, 32 byte aes wkvp, total 96 bytes */
160 		keysize = 64;
161 		pkeytype = PKEY_KEYTYPE_ECC;
162 		fc = CPACF_PCKMO_ENC_ECC_ED448_KEY;
163 		break;
164 	default:
165 		PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n",
166 			     __func__, keytype);
167 		return -EINVAL;
168 	}
169 
170 	if (*protkeylen < keysize + AES_WK_VP_SIZE) {
171 		PKEY_DBF_ERR("%s prot key buffer size too small: %u < %d\n",
172 			     __func__, *protkeylen, keysize + AES_WK_VP_SIZE);
173 		return -EINVAL;
174 	}
175 
176 	/* Did we already check for PCKMO ? */
177 	if (!pckmo_functions.bytes[0]) {
178 		/* no, so check now */
179 		if (!cpacf_query(CPACF_PCKMO, &pckmo_functions))
180 			return -ENODEV;
181 	}
182 	/* check for the pckmo subfunction we need now */
183 	if (!cpacf_test_func(&pckmo_functions, fc)) {
184 		PKEY_DBF_ERR("%s pckmo functions not available\n", __func__);
185 		return -ENODEV;
186 	}
187 
188 	/* prepare param block */
189 	memset(paramblock, 0, sizeof(paramblock));
190 	memcpy(paramblock, clrkey, keysize);
191 
192 	/* call the pckmo instruction */
193 	cpacf_pckmo(fc, paramblock);
194 
195 	/* copy created protected key to key buffer including the wkvp block */
196 	*protkeylen = keysize + AES_WK_VP_SIZE;
197 	memcpy(protkey, paramblock, *protkeylen);
198 	*protkeytype = pkeytype;
199 
200 	return 0;
201 }
202 
203 /*
204  * Find card and transform secure key into protected key.
205  */
206 static int pkey_skey2pkey(const u8 *key, u8 *protkey,
207 			  u32 *protkeylen, u32 *protkeytype)
208 {
209 	struct keytoken_header *hdr = (struct keytoken_header *)key;
210 	u16 cardnr, domain;
211 	int rc, verify;
212 
213 	zcrypt_wait_api_operational();
214 
215 	/*
216 	 * The cca_xxx2protkey call may fail when a card has been
217 	 * addressed where the master key was changed after last fetch
218 	 * of the mkvp into the cache. Try 3 times: First without verify
219 	 * then with verify and last round with verify and old master
220 	 * key verification pattern match not ignored.
221 	 */
222 	for (verify = 0; verify < 3; verify++) {
223 		rc = cca_findcard(key, &cardnr, &domain, verify);
224 		if (rc < 0)
225 			continue;
226 		if (rc > 0 && verify < 2)
227 			continue;
228 		switch (hdr->version) {
229 		case TOKVER_CCA_AES:
230 			rc = cca_sec2protkey(cardnr, domain, key,
231 					     protkey, protkeylen, protkeytype);
232 			break;
233 		case TOKVER_CCA_VLSC:
234 			rc = cca_cipher2protkey(cardnr, domain, key,
235 						protkey, protkeylen,
236 						protkeytype);
237 			break;
238 		default:
239 			return -EINVAL;
240 		}
241 		if (rc == 0)
242 			break;
243 	}
244 
245 	if (rc)
246 		pr_debug("%s failed rc=%d\n", __func__, rc);
247 
248 	return rc;
249 }
250 
251 /*
252  * Construct EP11 key with given clear key value.
253  */
254 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen,
255 			    u8 *keybuf, size_t *keybuflen)
256 {
257 	u32 nr_apqns, *apqns = NULL;
258 	u16 card, dom;
259 	int i, rc;
260 
261 	zcrypt_wait_api_operational();
262 
263 	/* build a list of apqns suitable for ep11 keys with cpacf support */
264 	rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
265 			    ZCRYPT_CEX7,
266 			    ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4,
267 			    NULL);
268 	if (rc)
269 		goto out;
270 
271 	/* go through the list of apqns and try to bild an ep11 key */
272 	for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
273 		card = apqns[i] >> 16;
274 		dom = apqns[i] & 0xFFFF;
275 		rc = ep11_clr2keyblob(card, dom, clrkeylen * 8,
276 				      0, clrkey, keybuf, keybuflen,
277 				      PKEY_TYPE_EP11);
278 		if (rc == 0)
279 			break;
280 	}
281 
282 out:
283 	kfree(apqns);
284 	if (rc)
285 		pr_debug("%s failed rc=%d\n", __func__, rc);
286 	return rc;
287 }
288 
289 /*
290  * Find card and transform EP11 secure key into protected key.
291  */
292 static int pkey_ep11key2pkey(const u8 *key, size_t keylen,
293 			     u8 *protkey, u32 *protkeylen, u32 *protkeytype)
294 {
295 	u32 nr_apqns, *apqns = NULL;
296 	int i, j, rc = -ENODEV;
297 	u16 card, dom;
298 
299 	zcrypt_wait_api_operational();
300 
301 	/* try two times in case of failure */
302 	for (i = 0; i < 2 && rc; i++) {
303 
304 		/* build a list of apqns suitable for this key */
305 		rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
306 				    ZCRYPT_CEX7,
307 				    ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4,
308 				    ep11_kb_wkvp(key, keylen));
309 		if (rc)
310 			continue; /* retry findcard on failure */
311 
312 		/* go through the list of apqns and try to derive an pkey */
313 		for (rc = -ENODEV, j = 0; j < nr_apqns && rc; j++) {
314 			card = apqns[j] >> 16;
315 			dom = apqns[j] & 0xFFFF;
316 			rc = ep11_kblob2protkey(card, dom, key, keylen,
317 						protkey, protkeylen, protkeytype);
318 		}
319 
320 		kfree(apqns);
321 	}
322 
323 	if (rc)
324 		pr_debug("%s failed rc=%d\n", __func__, rc);
325 
326 	return rc;
327 }
328 
329 /*
330  * Verify key and give back some info about the key.
331  */
332 static int pkey_verifykey(const struct pkey_seckey *seckey,
333 			  u16 *pcardnr, u16 *pdomain,
334 			  u16 *pkeysize, u32 *pattributes)
335 {
336 	struct secaeskeytoken *t = (struct secaeskeytoken *)seckey;
337 	u16 cardnr, domain;
338 	int rc;
339 
340 	/* check the secure key for valid AES secure key */
341 	rc = cca_check_secaeskeytoken(pkey_dbf_info, 3, (u8 *)seckey, 0);
342 	if (rc)
343 		goto out;
344 	if (pattributes)
345 		*pattributes = PKEY_VERIFY_ATTR_AES;
346 	if (pkeysize)
347 		*pkeysize = t->bitsize;
348 
349 	/* try to find a card which can handle this key */
350 	rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1);
351 	if (rc < 0)
352 		goto out;
353 
354 	if (rc > 0) {
355 		/* key mkvp matches to old master key mkvp */
356 		pr_debug("%s secure key has old mkvp\n", __func__);
357 		if (pattributes)
358 			*pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP;
359 		rc = 0;
360 	}
361 
362 	if (pcardnr)
363 		*pcardnr = cardnr;
364 	if (pdomain)
365 		*pdomain = domain;
366 
367 out:
368 	pr_debug("%s rc=%d\n", __func__, rc);
369 	return rc;
370 }
371 
372 /*
373  * Generate a random protected key
374  */
375 static int pkey_genprotkey(u32 keytype, u8 *protkey,
376 			   u32 *protkeylen, u32 *protkeytype)
377 {
378 	u8 clrkey[32];
379 	int keysize;
380 	int rc;
381 
382 	keysize = pkey_keytype_aes_to_size(keytype);
383 	if (!keysize) {
384 		PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", __func__,
385 			     keytype);
386 		return -EINVAL;
387 	}
388 
389 	/* generate a dummy random clear key */
390 	get_random_bytes(clrkey, keysize);
391 
392 	/* convert it to a dummy protected key */
393 	rc = pkey_clr2protkey(keytype, clrkey,
394 			      protkey, protkeylen, protkeytype);
395 	if (rc)
396 		return rc;
397 
398 	/* replace the key part of the protected key with random bytes */
399 	get_random_bytes(protkey, keysize);
400 
401 	return 0;
402 }
403 
404 /*
405  * Verify if a protected key is still valid
406  */
407 static int pkey_verifyprotkey(const u8 *protkey, u32 protkeylen,
408 			      u32 protkeytype)
409 {
410 	struct {
411 		u8 iv[AES_BLOCK_SIZE];
412 		u8 key[MAXPROTKEYSIZE];
413 	} param;
414 	u8 null_msg[AES_BLOCK_SIZE];
415 	u8 dest_buf[AES_BLOCK_SIZE];
416 	unsigned int k, pkeylen;
417 	unsigned long fc;
418 
419 	switch (protkeytype) {
420 	case PKEY_KEYTYPE_AES_128:
421 		pkeylen = 16 + AES_WK_VP_SIZE;
422 		fc = CPACF_KMC_PAES_128;
423 		break;
424 	case PKEY_KEYTYPE_AES_192:
425 		pkeylen = 24 + AES_WK_VP_SIZE;
426 		fc = CPACF_KMC_PAES_192;
427 		break;
428 	case PKEY_KEYTYPE_AES_256:
429 		pkeylen = 32 + AES_WK_VP_SIZE;
430 		fc = CPACF_KMC_PAES_256;
431 		break;
432 	default:
433 		PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n", __func__,
434 			     protkeytype);
435 		return -EINVAL;
436 	}
437 	if (protkeylen != pkeylen) {
438 		PKEY_DBF_ERR("%s invalid protected key size %u for keytype %u\n",
439 			     __func__, protkeylen, protkeytype);
440 		return -EINVAL;
441 	}
442 
443 	memset(null_msg, 0, sizeof(null_msg));
444 
445 	memset(param.iv, 0, sizeof(param.iv));
446 	memcpy(param.key, protkey, protkeylen);
447 
448 	k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf,
449 		      sizeof(null_msg));
450 	if (k != sizeof(null_msg)) {
451 		PKEY_DBF_ERR("%s protected key is not valid\n", __func__);
452 		return -EKEYREJECTED;
453 	}
454 
455 	return 0;
456 }
457 
458 /* Helper for pkey_nonccatok2pkey, handles aes clear key token */
459 static int nonccatokaes2pkey(const struct clearkeytoken *t,
460 			     u8 *protkey, u32 *protkeylen, u32 *protkeytype)
461 {
462 	size_t tmpbuflen = max_t(size_t, SECKEYBLOBSIZE, MAXEP11AESKEYBLOBSIZE);
463 	u8 *tmpbuf = NULL;
464 	u32 keysize;
465 	int rc;
466 
467 	keysize = pkey_keytype_aes_to_size(t->keytype);
468 	if (!keysize) {
469 		PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n",
470 			     __func__, t->keytype);
471 		return -EINVAL;
472 	}
473 	if (t->len != keysize) {
474 		PKEY_DBF_ERR("%s non clear key aes token: invalid key len %u\n",
475 			     __func__, t->len);
476 		return -EINVAL;
477 	}
478 
479 	/* try direct way with the PCKMO instruction */
480 	rc = pkey_clr2protkey(t->keytype, t->clearkey,
481 			      protkey, protkeylen, protkeytype);
482 	if (!rc)
483 		goto out;
484 
485 	/* PCKMO failed, so try the CCA secure key way */
486 	tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC);
487 	if (!tmpbuf)
488 		return -ENOMEM;
489 	zcrypt_wait_api_operational();
490 	rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype, t->clearkey, tmpbuf);
491 	if (rc)
492 		goto try_via_ep11;
493 	rc = pkey_skey2pkey(tmpbuf,
494 			    protkey, protkeylen, protkeytype);
495 	if (!rc)
496 		goto out;
497 
498 try_via_ep11:
499 	/* if the CCA way also failed, let's try via EP11 */
500 	rc = pkey_clr2ep11key(t->clearkey, t->len,
501 			      tmpbuf, &tmpbuflen);
502 	if (rc)
503 		goto failure;
504 	rc = pkey_ep11key2pkey(tmpbuf, tmpbuflen,
505 			       protkey, protkeylen, protkeytype);
506 	if (!rc)
507 		goto out;
508 
509 failure:
510 	PKEY_DBF_ERR("%s unable to build protected key from clear", __func__);
511 
512 out:
513 	kfree(tmpbuf);
514 	return rc;
515 }
516 
517 /* Helper for pkey_nonccatok2pkey, handles ecc clear key token */
518 static int nonccatokecc2pkey(const struct clearkeytoken *t,
519 			     u8 *protkey, u32 *protkeylen, u32 *protkeytype)
520 {
521 	u32 keylen;
522 	int rc;
523 
524 	switch (t->keytype) {
525 	case PKEY_KEYTYPE_ECC_P256:
526 		keylen = 32;
527 		break;
528 	case PKEY_KEYTYPE_ECC_P384:
529 		keylen = 48;
530 		break;
531 	case PKEY_KEYTYPE_ECC_P521:
532 		keylen = 80;
533 		break;
534 	case PKEY_KEYTYPE_ECC_ED25519:
535 		keylen = 32;
536 		break;
537 	case PKEY_KEYTYPE_ECC_ED448:
538 		keylen = 64;
539 		break;
540 	default:
541 		PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n",
542 			     __func__, t->keytype);
543 		return -EINVAL;
544 	}
545 
546 	if (t->len != keylen) {
547 		PKEY_DBF_ERR("%s non clear key ecc token: invalid key len %u\n",
548 			     __func__, t->len);
549 		return -EINVAL;
550 	}
551 
552 	/* only one path possible: via PCKMO instruction */
553 	rc = pkey_clr2protkey(t->keytype, t->clearkey,
554 			      protkey, protkeylen, protkeytype);
555 	if (rc) {
556 		PKEY_DBF_ERR("%s unable to build protected key from clear",
557 			     __func__);
558 	}
559 
560 	return rc;
561 }
562 
563 /*
564  * Transform a non-CCA key token into a protected key
565  */
566 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen,
567 			       u8 *protkey, u32 *protkeylen, u32 *protkeytype)
568 {
569 	struct keytoken_header *hdr = (struct keytoken_header *)key;
570 	int rc = -EINVAL;
571 
572 	switch (hdr->version) {
573 	case TOKVER_PROTECTED_KEY: {
574 		struct protaeskeytoken *t;
575 
576 		if (keylen != sizeof(struct protaeskeytoken))
577 			goto out;
578 		t = (struct protaeskeytoken *)key;
579 		rc = pkey_verifyprotkey(t->protkey, t->len, t->keytype);
580 		if (rc)
581 			goto out;
582 		memcpy(protkey, t->protkey, t->len);
583 		*protkeylen = t->len;
584 		*protkeytype = t->keytype;
585 		break;
586 	}
587 	case TOKVER_CLEAR_KEY: {
588 		struct clearkeytoken *t = (struct clearkeytoken *)key;
589 
590 		if (keylen < sizeof(struct clearkeytoken) ||
591 		    keylen != sizeof(*t) + t->len)
592 			goto out;
593 		switch (t->keytype) {
594 		case PKEY_KEYTYPE_AES_128:
595 		case PKEY_KEYTYPE_AES_192:
596 		case PKEY_KEYTYPE_AES_256:
597 			rc = nonccatokaes2pkey(t, protkey,
598 					       protkeylen, protkeytype);
599 			break;
600 		case PKEY_KEYTYPE_ECC_P256:
601 		case PKEY_KEYTYPE_ECC_P384:
602 		case PKEY_KEYTYPE_ECC_P521:
603 		case PKEY_KEYTYPE_ECC_ED25519:
604 		case PKEY_KEYTYPE_ECC_ED448:
605 			rc = nonccatokecc2pkey(t, protkey,
606 					       protkeylen, protkeytype);
607 			break;
608 		default:
609 			PKEY_DBF_ERR("%s unknown/unsupported non cca clear key type %u\n",
610 				     __func__, t->keytype);
611 			return -EINVAL;
612 		}
613 		break;
614 	}
615 	case TOKVER_EP11_AES: {
616 		/* check ep11 key for exportable as protected key */
617 		rc = ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1);
618 		if (rc)
619 			goto out;
620 		rc = pkey_ep11key2pkey(key, keylen,
621 				       protkey, protkeylen, protkeytype);
622 		break;
623 	}
624 	case TOKVER_EP11_AES_WITH_HEADER:
625 		/* check ep11 key with header for exportable as protected key */
626 		rc = ep11_check_aes_key_with_hdr(pkey_dbf_info,
627 						 3, key, keylen, 1);
628 		if (rc)
629 			goto out;
630 		rc = pkey_ep11key2pkey(key, keylen,
631 				       protkey, protkeylen, protkeytype);
632 		break;
633 	default:
634 		PKEY_DBF_ERR("%s unknown/unsupported non-CCA token version %d\n",
635 			     __func__, hdr->version);
636 	}
637 
638 out:
639 	return rc;
640 }
641 
642 /*
643  * Transform a CCA internal key token into a protected key
644  */
645 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen,
646 			       u8 *protkey, u32 *protkeylen, u32 *protkeytype)
647 {
648 	struct keytoken_header *hdr = (struct keytoken_header *)key;
649 
650 	switch (hdr->version) {
651 	case TOKVER_CCA_AES:
652 		if (keylen != sizeof(struct secaeskeytoken))
653 			return -EINVAL;
654 		break;
655 	case TOKVER_CCA_VLSC:
656 		if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
657 			return -EINVAL;
658 		break;
659 	default:
660 		PKEY_DBF_ERR("%s unknown/unsupported CCA internal token version %d\n",
661 			     __func__, hdr->version);
662 		return -EINVAL;
663 	}
664 
665 	return pkey_skey2pkey(key, protkey, protkeylen, protkeytype);
666 }
667 
668 /*
669  * Transform a key blob (of any type) into a protected key
670  */
671 int pkey_keyblob2pkey(const u8 *key, u32 keylen,
672 		      u8 *protkey, u32 *protkeylen, u32 *protkeytype)
673 {
674 	struct keytoken_header *hdr = (struct keytoken_header *)key;
675 	int rc;
676 
677 	if (keylen < sizeof(struct keytoken_header)) {
678 		PKEY_DBF_ERR("%s invalid keylen %d\n", __func__, keylen);
679 		return -EINVAL;
680 	}
681 
682 	switch (hdr->type) {
683 	case TOKTYPE_NON_CCA:
684 		rc = pkey_nonccatok2pkey(key, keylen,
685 					 protkey, protkeylen, protkeytype);
686 		break;
687 	case TOKTYPE_CCA_INTERNAL:
688 		rc = pkey_ccainttok2pkey(key, keylen,
689 					 protkey, protkeylen, protkeytype);
690 		break;
691 	default:
692 		PKEY_DBF_ERR("%s unknown/unsupported blob type %d\n",
693 			     __func__, hdr->type);
694 		return -EINVAL;
695 	}
696 
697 	pr_debug("%s rc=%d\n", __func__, rc);
698 	return rc;
699 }
700 EXPORT_SYMBOL(pkey_keyblob2pkey);
701 
702 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
703 			   enum pkey_key_type ktype, enum pkey_key_size ksize,
704 			   u32 kflags, u8 *keybuf, size_t *keybufsize)
705 {
706 	int i, card, dom, rc;
707 
708 	/* check for at least one apqn given */
709 	if (!apqns || !nr_apqns)
710 		return -EINVAL;
711 
712 	/* check key type and size */
713 	switch (ktype) {
714 	case PKEY_TYPE_CCA_DATA:
715 	case PKEY_TYPE_CCA_CIPHER:
716 		if (*keybufsize < SECKEYBLOBSIZE)
717 			return -EINVAL;
718 		break;
719 	case PKEY_TYPE_EP11:
720 		if (*keybufsize < MINEP11AESKEYBLOBSIZE)
721 			return -EINVAL;
722 		break;
723 	case PKEY_TYPE_EP11_AES:
724 		if (*keybufsize < (sizeof(struct ep11kblob_header) +
725 				   MINEP11AESKEYBLOBSIZE))
726 			return -EINVAL;
727 		break;
728 	default:
729 		return -EINVAL;
730 	}
731 	switch (ksize) {
732 	case PKEY_SIZE_AES_128:
733 	case PKEY_SIZE_AES_192:
734 	case PKEY_SIZE_AES_256:
735 		break;
736 	default:
737 		return -EINVAL;
738 	}
739 
740 	/* simple try all apqns from the list */
741 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
742 		card = apqns[i].card;
743 		dom = apqns[i].domain;
744 		if (ktype == PKEY_TYPE_EP11 ||
745 		    ktype == PKEY_TYPE_EP11_AES) {
746 			rc = ep11_genaeskey(card, dom, ksize, kflags,
747 					    keybuf, keybufsize, ktype);
748 		} else if (ktype == PKEY_TYPE_CCA_DATA) {
749 			rc = cca_genseckey(card, dom, ksize, keybuf);
750 			*keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
751 		} else {
752 			/* TOKVER_CCA_VLSC */
753 			rc = cca_gencipherkey(card, dom, ksize, kflags,
754 					      keybuf, keybufsize);
755 		}
756 		if (rc == 0)
757 			break;
758 	}
759 
760 	return rc;
761 }
762 
763 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
764 			    enum pkey_key_type ktype, enum pkey_key_size ksize,
765 			    u32 kflags, const u8 *clrkey,
766 			    u8 *keybuf, size_t *keybufsize)
767 {
768 	int i, card, dom, rc;
769 
770 	/* check for at least one apqn given */
771 	if (!apqns || !nr_apqns)
772 		return -EINVAL;
773 
774 	/* check key type and size */
775 	switch (ktype) {
776 	case PKEY_TYPE_CCA_DATA:
777 	case PKEY_TYPE_CCA_CIPHER:
778 		if (*keybufsize < SECKEYBLOBSIZE)
779 			return -EINVAL;
780 		break;
781 	case PKEY_TYPE_EP11:
782 		if (*keybufsize < MINEP11AESKEYBLOBSIZE)
783 			return -EINVAL;
784 		break;
785 	case PKEY_TYPE_EP11_AES:
786 		if (*keybufsize < (sizeof(struct ep11kblob_header) +
787 				   MINEP11AESKEYBLOBSIZE))
788 			return -EINVAL;
789 		break;
790 	default:
791 		return -EINVAL;
792 	}
793 	switch (ksize) {
794 	case PKEY_SIZE_AES_128:
795 	case PKEY_SIZE_AES_192:
796 	case PKEY_SIZE_AES_256:
797 		break;
798 	default:
799 		return -EINVAL;
800 	}
801 
802 	zcrypt_wait_api_operational();
803 
804 	/* simple try all apqns from the list */
805 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
806 		card = apqns[i].card;
807 		dom = apqns[i].domain;
808 		if (ktype == PKEY_TYPE_EP11 ||
809 		    ktype == PKEY_TYPE_EP11_AES) {
810 			rc = ep11_clr2keyblob(card, dom, ksize, kflags,
811 					      clrkey, keybuf, keybufsize,
812 					      ktype);
813 		} else if (ktype == PKEY_TYPE_CCA_DATA) {
814 			rc = cca_clr2seckey(card, dom, ksize,
815 					    clrkey, keybuf);
816 			*keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
817 		} else {
818 			/* TOKVER_CCA_VLSC */
819 			rc = cca_clr2cipherkey(card, dom, ksize, kflags,
820 					       clrkey, keybuf, keybufsize);
821 		}
822 		if (rc == 0)
823 			break;
824 	}
825 
826 	return rc;
827 }
828 
829 static int pkey_verifykey2(const u8 *key, size_t keylen,
830 			   u16 *cardnr, u16 *domain,
831 			   enum pkey_key_type *ktype,
832 			   enum pkey_key_size *ksize, u32 *flags)
833 {
834 	struct keytoken_header *hdr = (struct keytoken_header *)key;
835 	u32 _nr_apqns, *_apqns = NULL;
836 	int rc;
837 
838 	if (keylen < sizeof(struct keytoken_header))
839 		return -EINVAL;
840 
841 	if (hdr->type == TOKTYPE_CCA_INTERNAL &&
842 	    hdr->version == TOKVER_CCA_AES) {
843 		struct secaeskeytoken *t = (struct secaeskeytoken *)key;
844 
845 		rc = cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0);
846 		if (rc)
847 			goto out;
848 		if (ktype)
849 			*ktype = PKEY_TYPE_CCA_DATA;
850 		if (ksize)
851 			*ksize = (enum pkey_key_size)t->bitsize;
852 
853 		rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
854 				   ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1);
855 		if (rc == 0 && flags)
856 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
857 		if (rc == -ENODEV) {
858 			rc = cca_findcard2(&_apqns, &_nr_apqns,
859 					   *cardnr, *domain,
860 					   ZCRYPT_CEX3C, AES_MK_SET,
861 					   0, t->mkvp, 1);
862 			if (rc == 0 && flags)
863 				*flags = PKEY_FLAGS_MATCH_ALT_MKVP;
864 		}
865 		if (rc)
866 			goto out;
867 
868 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
869 		*domain = ((struct pkey_apqn *)_apqns)->domain;
870 
871 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
872 		   hdr->version == TOKVER_CCA_VLSC) {
873 		struct cipherkeytoken *t = (struct cipherkeytoken *)key;
874 
875 		rc = cca_check_secaescipherkey(pkey_dbf_info, 3, key, 0, 1);
876 		if (rc)
877 			goto out;
878 		if (ktype)
879 			*ktype = PKEY_TYPE_CCA_CIPHER;
880 		if (ksize) {
881 			*ksize = PKEY_SIZE_UNKNOWN;
882 			if (!t->plfver && t->wpllen == 512)
883 				*ksize = PKEY_SIZE_AES_128;
884 			else if (!t->plfver && t->wpllen == 576)
885 				*ksize = PKEY_SIZE_AES_192;
886 			else if (!t->plfver && t->wpllen == 640)
887 				*ksize = PKEY_SIZE_AES_256;
888 		}
889 
890 		rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
891 				   ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1);
892 		if (rc == 0 && flags)
893 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
894 		if (rc == -ENODEV) {
895 			rc = cca_findcard2(&_apqns, &_nr_apqns,
896 					   *cardnr, *domain,
897 					   ZCRYPT_CEX6, AES_MK_SET,
898 					   0, t->mkvp0, 1);
899 			if (rc == 0 && flags)
900 				*flags = PKEY_FLAGS_MATCH_ALT_MKVP;
901 		}
902 		if (rc)
903 			goto out;
904 
905 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
906 		*domain = ((struct pkey_apqn *)_apqns)->domain;
907 
908 	} else if (hdr->type == TOKTYPE_NON_CCA &&
909 		   hdr->version == TOKVER_EP11_AES) {
910 		struct ep11keyblob *kb = (struct ep11keyblob *)key;
911 		int api;
912 
913 		rc = ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1);
914 		if (rc)
915 			goto out;
916 		if (ktype)
917 			*ktype = PKEY_TYPE_EP11;
918 		if (ksize)
919 			*ksize = kb->head.bitlen;
920 
921 		api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
922 		rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
923 				    ZCRYPT_CEX7, api,
924 				    ep11_kb_wkvp(key, keylen));
925 		if (rc)
926 			goto out;
927 
928 		if (flags)
929 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
930 
931 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
932 		*domain = ((struct pkey_apqn *)_apqns)->domain;
933 
934 	} else if (hdr->type == TOKTYPE_NON_CCA &&
935 		   hdr->version == TOKVER_EP11_AES_WITH_HEADER) {
936 		struct ep11kblob_header *kh = (struct ep11kblob_header *)key;
937 		int api;
938 
939 		rc = ep11_check_aes_key_with_hdr(pkey_dbf_info,
940 						 3, key, keylen, 1);
941 		if (rc)
942 			goto out;
943 		if (ktype)
944 			*ktype = PKEY_TYPE_EP11_AES;
945 		if (ksize)
946 			*ksize = kh->bitlen;
947 
948 		api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
949 		rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
950 				    ZCRYPT_CEX7, api,
951 				    ep11_kb_wkvp(key, keylen));
952 		if (rc)
953 			goto out;
954 
955 		if (flags)
956 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
957 
958 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
959 		*domain = ((struct pkey_apqn *)_apqns)->domain;
960 	} else {
961 		rc = -EINVAL;
962 	}
963 
964 out:
965 	kfree(_apqns);
966 	return rc;
967 }
968 
969 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns,
970 			      const u8 *key, size_t keylen,
971 			      u8 *protkey, u32 *protkeylen, u32 *protkeytype)
972 {
973 	struct keytoken_header *hdr = (struct keytoken_header *)key;
974 	int i, card, dom, rc;
975 
976 	/* check for at least one apqn given */
977 	if (!apqns || !nr_apqns)
978 		return -EINVAL;
979 
980 	if (keylen < sizeof(struct keytoken_header))
981 		return -EINVAL;
982 
983 	if (hdr->type == TOKTYPE_CCA_INTERNAL) {
984 		if (hdr->version == TOKVER_CCA_AES) {
985 			if (keylen != sizeof(struct secaeskeytoken))
986 				return -EINVAL;
987 			if (cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0))
988 				return -EINVAL;
989 		} else if (hdr->version == TOKVER_CCA_VLSC) {
990 			if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
991 				return -EINVAL;
992 			if (cca_check_secaescipherkey(pkey_dbf_info,
993 						      3, key, 0, 1))
994 				return -EINVAL;
995 		} else {
996 			PKEY_DBF_ERR("%s unknown CCA internal token version %d\n",
997 				     __func__, hdr->version);
998 			return -EINVAL;
999 		}
1000 	} else if (hdr->type == TOKTYPE_NON_CCA) {
1001 		if (hdr->version == TOKVER_EP11_AES) {
1002 			if (ep11_check_aes_key(pkey_dbf_info,
1003 					       3, key, keylen, 1))
1004 				return -EINVAL;
1005 		} else if (hdr->version == TOKVER_EP11_AES_WITH_HEADER) {
1006 			if (ep11_check_aes_key_with_hdr(pkey_dbf_info,
1007 							3, key, keylen, 1))
1008 				return -EINVAL;
1009 		} else {
1010 			return pkey_nonccatok2pkey(key, keylen,
1011 						   protkey, protkeylen,
1012 						   protkeytype);
1013 		}
1014 	} else {
1015 		PKEY_DBF_ERR("%s unknown/unsupported blob type %d\n",
1016 			     __func__, hdr->type);
1017 		return -EINVAL;
1018 	}
1019 
1020 	zcrypt_wait_api_operational();
1021 
1022 	/* simple try all apqns from the list */
1023 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1024 		card = apqns[i].card;
1025 		dom = apqns[i].domain;
1026 		if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1027 		    hdr->version == TOKVER_CCA_AES) {
1028 			rc = cca_sec2protkey(card, dom, key,
1029 					     protkey, protkeylen, protkeytype);
1030 		} else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1031 			   hdr->version == TOKVER_CCA_VLSC) {
1032 			rc = cca_cipher2protkey(card, dom, key,
1033 						protkey, protkeylen,
1034 						protkeytype);
1035 		} else {
1036 			rc = ep11_kblob2protkey(card, dom, key, keylen,
1037 						protkey, protkeylen,
1038 						protkeytype);
1039 		}
1040 		if (rc == 0)
1041 			break;
1042 	}
1043 
1044 	return rc;
1045 }
1046 
1047 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags,
1048 			  struct pkey_apqn *apqns, size_t *nr_apqns)
1049 {
1050 	struct keytoken_header *hdr = (struct keytoken_header *)key;
1051 	u32 _nr_apqns, *_apqns = NULL;
1052 	int rc;
1053 
1054 	if (keylen < sizeof(struct keytoken_header) || flags == 0)
1055 		return -EINVAL;
1056 
1057 	zcrypt_wait_api_operational();
1058 
1059 	if (hdr->type == TOKTYPE_NON_CCA &&
1060 	    (hdr->version == TOKVER_EP11_AES_WITH_HEADER ||
1061 	     hdr->version == TOKVER_EP11_ECC_WITH_HEADER) &&
1062 	    is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1063 		struct ep11keyblob *kb = (struct ep11keyblob *)
1064 			(key + sizeof(struct ep11kblob_header));
1065 		int minhwtype = 0, api = 0;
1066 
1067 		if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
1068 			return -EINVAL;
1069 		if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
1070 			minhwtype = ZCRYPT_CEX7;
1071 			api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
1072 		}
1073 		rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1074 				    minhwtype, api, kb->wkvp);
1075 		if (rc)
1076 			goto out;
1077 	} else if (hdr->type == TOKTYPE_NON_CCA &&
1078 		   hdr->version == TOKVER_EP11_AES &&
1079 		   is_ep11_keyblob(key)) {
1080 		struct ep11keyblob *kb = (struct ep11keyblob *)key;
1081 		int minhwtype = 0, api = 0;
1082 
1083 		if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
1084 			return -EINVAL;
1085 		if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
1086 			minhwtype = ZCRYPT_CEX7;
1087 			api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
1088 		}
1089 		rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1090 				    minhwtype, api, kb->wkvp);
1091 		if (rc)
1092 			goto out;
1093 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL) {
1094 		u64 cur_mkvp = 0, old_mkvp = 0;
1095 		int minhwtype = ZCRYPT_CEX3C;
1096 
1097 		if (hdr->version == TOKVER_CCA_AES) {
1098 			struct secaeskeytoken *t = (struct secaeskeytoken *)key;
1099 
1100 			if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1101 				cur_mkvp = t->mkvp;
1102 			if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1103 				old_mkvp = t->mkvp;
1104 		} else if (hdr->version == TOKVER_CCA_VLSC) {
1105 			struct cipherkeytoken *t = (struct cipherkeytoken *)key;
1106 
1107 			minhwtype = ZCRYPT_CEX6;
1108 			if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1109 				cur_mkvp = t->mkvp0;
1110 			if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1111 				old_mkvp = t->mkvp0;
1112 		} else {
1113 			/* unknown cca internal token type */
1114 			return -EINVAL;
1115 		}
1116 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1117 				   minhwtype, AES_MK_SET,
1118 				   cur_mkvp, old_mkvp, 1);
1119 		if (rc)
1120 			goto out;
1121 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
1122 		struct eccprivkeytoken *t = (struct eccprivkeytoken *)key;
1123 		u64 cur_mkvp = 0, old_mkvp = 0;
1124 
1125 		if (t->secid == 0x20) {
1126 			if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1127 				cur_mkvp = t->mkvp;
1128 			if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1129 				old_mkvp = t->mkvp;
1130 		} else {
1131 			/* unknown cca internal 2 token type */
1132 			return -EINVAL;
1133 		}
1134 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1135 				   ZCRYPT_CEX7, APKA_MK_SET,
1136 				   cur_mkvp, old_mkvp, 1);
1137 		if (rc)
1138 			goto out;
1139 	} else {
1140 		return -EINVAL;
1141 	}
1142 
1143 	if (apqns) {
1144 		if (*nr_apqns < _nr_apqns)
1145 			rc = -ENOSPC;
1146 		else
1147 			memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
1148 	}
1149 	*nr_apqns = _nr_apqns;
1150 
1151 out:
1152 	kfree(_apqns);
1153 	return rc;
1154 }
1155 
1156 static int pkey_apqns4keytype(enum pkey_key_type ktype,
1157 			      u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags,
1158 			      struct pkey_apqn *apqns, size_t *nr_apqns)
1159 {
1160 	u32 _nr_apqns, *_apqns = NULL;
1161 	int rc;
1162 
1163 	zcrypt_wait_api_operational();
1164 
1165 	if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) {
1166 		u64 cur_mkvp = 0, old_mkvp = 0;
1167 		int minhwtype = ZCRYPT_CEX3C;
1168 
1169 		if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1170 			cur_mkvp = *((u64 *)cur_mkvp);
1171 		if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1172 			old_mkvp = *((u64 *)alt_mkvp);
1173 		if (ktype == PKEY_TYPE_CCA_CIPHER)
1174 			minhwtype = ZCRYPT_CEX6;
1175 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1176 				   minhwtype, AES_MK_SET,
1177 				   cur_mkvp, old_mkvp, 1);
1178 		if (rc)
1179 			goto out;
1180 	} else if (ktype == PKEY_TYPE_CCA_ECC) {
1181 		u64 cur_mkvp = 0, old_mkvp = 0;
1182 
1183 		if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1184 			cur_mkvp = *((u64 *)cur_mkvp);
1185 		if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1186 			old_mkvp = *((u64 *)alt_mkvp);
1187 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1188 				   ZCRYPT_CEX7, APKA_MK_SET,
1189 				   cur_mkvp, old_mkvp, 1);
1190 		if (rc)
1191 			goto out;
1192 
1193 	} else if (ktype == PKEY_TYPE_EP11 ||
1194 		   ktype == PKEY_TYPE_EP11_AES ||
1195 		   ktype == PKEY_TYPE_EP11_ECC) {
1196 		u8 *wkvp = NULL;
1197 		int api;
1198 
1199 		if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1200 			wkvp = cur_mkvp;
1201 		api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
1202 		rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1203 				    ZCRYPT_CEX7, api, wkvp);
1204 		if (rc)
1205 			goto out;
1206 
1207 	} else {
1208 		return -EINVAL;
1209 	}
1210 
1211 	if (apqns) {
1212 		if (*nr_apqns < _nr_apqns)
1213 			rc = -ENOSPC;
1214 		else
1215 			memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
1216 	}
1217 	*nr_apqns = _nr_apqns;
1218 
1219 out:
1220 	kfree(_apqns);
1221 	return rc;
1222 }
1223 
1224 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns,
1225 			      const u8 *key, size_t keylen,
1226 			      u8 *protkey, u32 *protkeylen, u32 *protkeytype)
1227 {
1228 	struct keytoken_header *hdr = (struct keytoken_header *)key;
1229 	int i, card, dom, rc;
1230 
1231 	/* check for at least one apqn given */
1232 	if (!apqns || !nr_apqns)
1233 		return -EINVAL;
1234 
1235 	if (keylen < sizeof(struct keytoken_header))
1236 		return -EINVAL;
1237 
1238 	if (hdr->type == TOKTYPE_NON_CCA &&
1239 	    hdr->version == TOKVER_EP11_AES_WITH_HEADER &&
1240 	    is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1241 		/* EP11 AES key blob with header */
1242 		if (ep11_check_aes_key_with_hdr(pkey_dbf_info,
1243 						3, key, keylen, 1))
1244 			return -EINVAL;
1245 	} else if (hdr->type == TOKTYPE_NON_CCA &&
1246 		   hdr->version == TOKVER_EP11_ECC_WITH_HEADER &&
1247 		   is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1248 		/* EP11 ECC key blob with header */
1249 		if (ep11_check_ecc_key_with_hdr(pkey_dbf_info,
1250 						3, key, keylen, 1))
1251 			return -EINVAL;
1252 	} else if (hdr->type == TOKTYPE_NON_CCA &&
1253 		   hdr->version == TOKVER_EP11_AES &&
1254 		   is_ep11_keyblob(key)) {
1255 		/* EP11 AES key blob with header in session field */
1256 		if (ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1))
1257 			return -EINVAL;
1258 	} else	if (hdr->type == TOKTYPE_CCA_INTERNAL) {
1259 		if (hdr->version == TOKVER_CCA_AES) {
1260 			/* CCA AES data key */
1261 			if (keylen != sizeof(struct secaeskeytoken))
1262 				return -EINVAL;
1263 			if (cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0))
1264 				return -EINVAL;
1265 		} else if (hdr->version == TOKVER_CCA_VLSC) {
1266 			/* CCA AES cipher key */
1267 			if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
1268 				return -EINVAL;
1269 			if (cca_check_secaescipherkey(pkey_dbf_info,
1270 						      3, key, 0, 1))
1271 				return -EINVAL;
1272 		} else {
1273 			PKEY_DBF_ERR("%s unknown CCA internal token version %d\n",
1274 				     __func__, hdr->version);
1275 			return -EINVAL;
1276 		}
1277 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
1278 		/* CCA ECC (private) key */
1279 		if (keylen < sizeof(struct eccprivkeytoken))
1280 			return -EINVAL;
1281 		if (cca_check_sececckeytoken(pkey_dbf_info, 3, key, keylen, 1))
1282 			return -EINVAL;
1283 	} else if (hdr->type == TOKTYPE_NON_CCA) {
1284 		return pkey_nonccatok2pkey(key, keylen,
1285 					   protkey, protkeylen, protkeytype);
1286 	} else {
1287 		PKEY_DBF_ERR("%s unknown/unsupported blob type %d\n",
1288 			     __func__, hdr->type);
1289 		return -EINVAL;
1290 	}
1291 
1292 	/* simple try all apqns from the list */
1293 	for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) {
1294 		card = apqns[i].card;
1295 		dom = apqns[i].domain;
1296 		if (hdr->type == TOKTYPE_NON_CCA &&
1297 		    (hdr->version == TOKVER_EP11_AES_WITH_HEADER ||
1298 		     hdr->version == TOKVER_EP11_ECC_WITH_HEADER) &&
1299 		    is_ep11_keyblob(key + sizeof(struct ep11kblob_header)))
1300 			rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1301 						protkey, protkeylen,
1302 						protkeytype);
1303 		else if (hdr->type == TOKTYPE_NON_CCA &&
1304 			 hdr->version == TOKVER_EP11_AES &&
1305 			 is_ep11_keyblob(key))
1306 			rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1307 						protkey, protkeylen,
1308 						protkeytype);
1309 		else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1310 			 hdr->version == TOKVER_CCA_AES)
1311 			rc = cca_sec2protkey(card, dom, key, protkey,
1312 					     protkeylen, protkeytype);
1313 		else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1314 			 hdr->version == TOKVER_CCA_VLSC)
1315 			rc = cca_cipher2protkey(card, dom, key, protkey,
1316 						protkeylen, protkeytype);
1317 		else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA)
1318 			rc = cca_ecc2protkey(card, dom, key, protkey,
1319 					     protkeylen, protkeytype);
1320 		else
1321 			return -EINVAL;
1322 	}
1323 
1324 	return rc;
1325 }
1326 
1327 /*
1328  * File io functions
1329  */
1330 
1331 static void *_copy_key_from_user(void __user *ukey, size_t keylen)
1332 {
1333 	if (!ukey || keylen < MINKEYBLOBBUFSIZE || keylen > KEYBLOBBUFSIZE)
1334 		return ERR_PTR(-EINVAL);
1335 
1336 	return memdup_user(ukey, keylen);
1337 }
1338 
1339 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns)
1340 {
1341 	if (!uapqns || nr_apqns == 0)
1342 		return NULL;
1343 
1344 	return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn));
1345 }
1346 
1347 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
1348 				unsigned long arg)
1349 {
1350 	int rc;
1351 
1352 	switch (cmd) {
1353 	case PKEY_GENSECK: {
1354 		struct pkey_genseck __user *ugs = (void __user *)arg;
1355 		struct pkey_genseck kgs;
1356 
1357 		if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1358 			return -EFAULT;
1359 		rc = cca_genseckey(kgs.cardnr, kgs.domain,
1360 				   kgs.keytype, kgs.seckey.seckey);
1361 		pr_debug("%s cca_genseckey()=%d\n", __func__, rc);
1362 		if (rc)
1363 			break;
1364 		if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1365 			return -EFAULT;
1366 		break;
1367 	}
1368 	case PKEY_CLR2SECK: {
1369 		struct pkey_clr2seck __user *ucs = (void __user *)arg;
1370 		struct pkey_clr2seck kcs;
1371 
1372 		if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1373 			return -EFAULT;
1374 		rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype,
1375 				    kcs.clrkey.clrkey, kcs.seckey.seckey);
1376 		pr_debug("%s cca_clr2seckey()=%d\n", __func__, rc);
1377 		if (rc)
1378 			break;
1379 		if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1380 			return -EFAULT;
1381 		memzero_explicit(&kcs, sizeof(kcs));
1382 		break;
1383 	}
1384 	case PKEY_SEC2PROTK: {
1385 		struct pkey_sec2protk __user *usp = (void __user *)arg;
1386 		struct pkey_sec2protk ksp;
1387 
1388 		if (copy_from_user(&ksp, usp, sizeof(ksp)))
1389 			return -EFAULT;
1390 		ksp.protkey.len = sizeof(ksp.protkey.protkey);
1391 		rc = cca_sec2protkey(ksp.cardnr, ksp.domain,
1392 				     ksp.seckey.seckey, ksp.protkey.protkey,
1393 				     &ksp.protkey.len, &ksp.protkey.type);
1394 		pr_debug("%s cca_sec2protkey()=%d\n", __func__, rc);
1395 		if (rc)
1396 			break;
1397 		if (copy_to_user(usp, &ksp, sizeof(ksp)))
1398 			return -EFAULT;
1399 		break;
1400 	}
1401 	case PKEY_CLR2PROTK: {
1402 		struct pkey_clr2protk __user *ucp = (void __user *)arg;
1403 		struct pkey_clr2protk kcp;
1404 
1405 		if (copy_from_user(&kcp, ucp, sizeof(kcp)))
1406 			return -EFAULT;
1407 		kcp.protkey.len = sizeof(kcp.protkey.protkey);
1408 		rc = pkey_clr2protkey(kcp.keytype, kcp.clrkey.clrkey,
1409 				      kcp.protkey.protkey,
1410 				      &kcp.protkey.len, &kcp.protkey.type);
1411 		pr_debug("%s pkey_clr2protkey()=%d\n", __func__, rc);
1412 		if (rc)
1413 			break;
1414 		if (copy_to_user(ucp, &kcp, sizeof(kcp)))
1415 			return -EFAULT;
1416 		memzero_explicit(&kcp, sizeof(kcp));
1417 		break;
1418 	}
1419 	case PKEY_FINDCARD: {
1420 		struct pkey_findcard __user *ufc = (void __user *)arg;
1421 		struct pkey_findcard kfc;
1422 
1423 		if (copy_from_user(&kfc, ufc, sizeof(kfc)))
1424 			return -EFAULT;
1425 		rc = cca_findcard(kfc.seckey.seckey,
1426 				  &kfc.cardnr, &kfc.domain, 1);
1427 		pr_debug("%s cca_findcard()=%d\n", __func__, rc);
1428 		if (rc < 0)
1429 			break;
1430 		if (copy_to_user(ufc, &kfc, sizeof(kfc)))
1431 			return -EFAULT;
1432 		break;
1433 	}
1434 	case PKEY_SKEY2PKEY: {
1435 		struct pkey_skey2pkey __user *usp = (void __user *)arg;
1436 		struct pkey_skey2pkey ksp;
1437 
1438 		if (copy_from_user(&ksp, usp, sizeof(ksp)))
1439 			return -EFAULT;
1440 		ksp.protkey.len = sizeof(ksp.protkey.protkey);
1441 		rc = pkey_skey2pkey(ksp.seckey.seckey, ksp.protkey.protkey,
1442 				    &ksp.protkey.len, &ksp.protkey.type);
1443 		pr_debug("%s pkey_skey2pkey()=%d\n", __func__, rc);
1444 		if (rc)
1445 			break;
1446 		if (copy_to_user(usp, &ksp, sizeof(ksp)))
1447 			return -EFAULT;
1448 		break;
1449 	}
1450 	case PKEY_VERIFYKEY: {
1451 		struct pkey_verifykey __user *uvk = (void __user *)arg;
1452 		struct pkey_verifykey kvk;
1453 
1454 		if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1455 			return -EFAULT;
1456 		rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain,
1457 				    &kvk.keysize, &kvk.attributes);
1458 		pr_debug("%s pkey_verifykey()=%d\n", __func__, rc);
1459 		if (rc)
1460 			break;
1461 		if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1462 			return -EFAULT;
1463 		break;
1464 	}
1465 	case PKEY_GENPROTK: {
1466 		struct pkey_genprotk __user *ugp = (void __user *)arg;
1467 		struct pkey_genprotk kgp;
1468 
1469 		if (copy_from_user(&kgp, ugp, sizeof(kgp)))
1470 			return -EFAULT;
1471 		kgp.protkey.len = sizeof(kgp.protkey.protkey);
1472 		rc = pkey_genprotkey(kgp.keytype, kgp.protkey.protkey,
1473 				     &kgp.protkey.len, &kgp.protkey.type);
1474 		pr_debug("%s pkey_genprotkey()=%d\n", __func__, rc);
1475 		if (rc)
1476 			break;
1477 		if (copy_to_user(ugp, &kgp, sizeof(kgp)))
1478 			return -EFAULT;
1479 		break;
1480 	}
1481 	case PKEY_VERIFYPROTK: {
1482 		struct pkey_verifyprotk __user *uvp = (void __user *)arg;
1483 		struct pkey_verifyprotk kvp;
1484 
1485 		if (copy_from_user(&kvp, uvp, sizeof(kvp)))
1486 			return -EFAULT;
1487 		rc = pkey_verifyprotkey(kvp.protkey.protkey,
1488 					kvp.protkey.len, kvp.protkey.type);
1489 		pr_debug("%s pkey_verifyprotkey()=%d\n", __func__, rc);
1490 		break;
1491 	}
1492 	case PKEY_KBLOB2PROTK: {
1493 		struct pkey_kblob2pkey __user *utp = (void __user *)arg;
1494 		struct pkey_kblob2pkey ktp;
1495 		u8 *kkey;
1496 
1497 		if (copy_from_user(&ktp, utp, sizeof(ktp)))
1498 			return -EFAULT;
1499 		kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1500 		if (IS_ERR(kkey))
1501 			return PTR_ERR(kkey);
1502 		ktp.protkey.len = sizeof(ktp.protkey.protkey);
1503 		rc = pkey_keyblob2pkey(kkey, ktp.keylen, ktp.protkey.protkey,
1504 				       &ktp.protkey.len, &ktp.protkey.type);
1505 		pr_debug("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
1506 		memzero_explicit(kkey, ktp.keylen);
1507 		kfree(kkey);
1508 		if (rc)
1509 			break;
1510 		if (copy_to_user(utp, &ktp, sizeof(ktp)))
1511 			return -EFAULT;
1512 		break;
1513 	}
1514 	case PKEY_GENSECK2: {
1515 		struct pkey_genseck2 __user *ugs = (void __user *)arg;
1516 		size_t klen = KEYBLOBBUFSIZE;
1517 		struct pkey_genseck2 kgs;
1518 		struct pkey_apqn *apqns;
1519 		u8 *kkey;
1520 
1521 		if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1522 			return -EFAULT;
1523 		apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries);
1524 		if (IS_ERR(apqns))
1525 			return PTR_ERR(apqns);
1526 		kkey = kzalloc(klen, GFP_KERNEL);
1527 		if (!kkey) {
1528 			kfree(apqns);
1529 			return -ENOMEM;
1530 		}
1531 		rc = pkey_genseckey2(apqns, kgs.apqn_entries,
1532 				     kgs.type, kgs.size, kgs.keygenflags,
1533 				     kkey, &klen);
1534 		pr_debug("%s pkey_genseckey2()=%d\n", __func__, rc);
1535 		kfree(apqns);
1536 		if (rc) {
1537 			kfree(kkey);
1538 			break;
1539 		}
1540 		if (kgs.key) {
1541 			if (kgs.keylen < klen) {
1542 				kfree(kkey);
1543 				return -EINVAL;
1544 			}
1545 			if (copy_to_user(kgs.key, kkey, klen)) {
1546 				kfree(kkey);
1547 				return -EFAULT;
1548 			}
1549 		}
1550 		kgs.keylen = klen;
1551 		if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1552 			rc = -EFAULT;
1553 		kfree(kkey);
1554 		break;
1555 	}
1556 	case PKEY_CLR2SECK2: {
1557 		struct pkey_clr2seck2 __user *ucs = (void __user *)arg;
1558 		size_t klen = KEYBLOBBUFSIZE;
1559 		struct pkey_clr2seck2 kcs;
1560 		struct pkey_apqn *apqns;
1561 		u8 *kkey;
1562 
1563 		if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1564 			return -EFAULT;
1565 		apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries);
1566 		if (IS_ERR(apqns))
1567 			return PTR_ERR(apqns);
1568 		kkey = kzalloc(klen, GFP_KERNEL);
1569 		if (!kkey) {
1570 			kfree(apqns);
1571 			return -ENOMEM;
1572 		}
1573 		rc = pkey_clr2seckey2(apqns, kcs.apqn_entries,
1574 				      kcs.type, kcs.size, kcs.keygenflags,
1575 				      kcs.clrkey.clrkey, kkey, &klen);
1576 		pr_debug("%s pkey_clr2seckey2()=%d\n", __func__, rc);
1577 		kfree(apqns);
1578 		if (rc) {
1579 			kfree(kkey);
1580 			break;
1581 		}
1582 		if (kcs.key) {
1583 			if (kcs.keylen < klen) {
1584 				kfree(kkey);
1585 				return -EINVAL;
1586 			}
1587 			if (copy_to_user(kcs.key, kkey, klen)) {
1588 				kfree(kkey);
1589 				return -EFAULT;
1590 			}
1591 		}
1592 		kcs.keylen = klen;
1593 		if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1594 			rc = -EFAULT;
1595 		memzero_explicit(&kcs, sizeof(kcs));
1596 		kfree(kkey);
1597 		break;
1598 	}
1599 	case PKEY_VERIFYKEY2: {
1600 		struct pkey_verifykey2 __user *uvk = (void __user *)arg;
1601 		struct pkey_verifykey2 kvk;
1602 		u8 *kkey;
1603 
1604 		if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1605 			return -EFAULT;
1606 		kkey = _copy_key_from_user(kvk.key, kvk.keylen);
1607 		if (IS_ERR(kkey))
1608 			return PTR_ERR(kkey);
1609 		rc = pkey_verifykey2(kkey, kvk.keylen,
1610 				     &kvk.cardnr, &kvk.domain,
1611 				     &kvk.type, &kvk.size, &kvk.flags);
1612 		pr_debug("%s pkey_verifykey2()=%d\n", __func__, rc);
1613 		kfree(kkey);
1614 		if (rc)
1615 			break;
1616 		if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1617 			return -EFAULT;
1618 		break;
1619 	}
1620 	case PKEY_KBLOB2PROTK2: {
1621 		struct pkey_kblob2pkey2 __user *utp = (void __user *)arg;
1622 		struct pkey_apqn *apqns = NULL;
1623 		struct pkey_kblob2pkey2 ktp;
1624 		u8 *kkey;
1625 
1626 		if (copy_from_user(&ktp, utp, sizeof(ktp)))
1627 			return -EFAULT;
1628 		apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1629 		if (IS_ERR(apqns))
1630 			return PTR_ERR(apqns);
1631 		kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1632 		if (IS_ERR(kkey)) {
1633 			kfree(apqns);
1634 			return PTR_ERR(kkey);
1635 		}
1636 		ktp.protkey.len = sizeof(ktp.protkey.protkey);
1637 		rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries,
1638 					kkey, ktp.keylen,
1639 					ktp.protkey.protkey, &ktp.protkey.len,
1640 					&ktp.protkey.type);
1641 		pr_debug("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
1642 		kfree(apqns);
1643 		memzero_explicit(kkey, ktp.keylen);
1644 		kfree(kkey);
1645 		if (rc)
1646 			break;
1647 		if (copy_to_user(utp, &ktp, sizeof(ktp)))
1648 			return -EFAULT;
1649 		break;
1650 	}
1651 	case PKEY_APQNS4K: {
1652 		struct pkey_apqns4key __user *uak = (void __user *)arg;
1653 		struct pkey_apqn *apqns = NULL;
1654 		struct pkey_apqns4key kak;
1655 		size_t nr_apqns, len;
1656 		u8 *kkey;
1657 
1658 		if (copy_from_user(&kak, uak, sizeof(kak)))
1659 			return -EFAULT;
1660 		nr_apqns = kak.apqn_entries;
1661 		if (nr_apqns) {
1662 			apqns = kmalloc_array(nr_apqns,
1663 					      sizeof(struct pkey_apqn),
1664 					      GFP_KERNEL);
1665 			if (!apqns)
1666 				return -ENOMEM;
1667 		}
1668 		kkey = _copy_key_from_user(kak.key, kak.keylen);
1669 		if (IS_ERR(kkey)) {
1670 			kfree(apqns);
1671 			return PTR_ERR(kkey);
1672 		}
1673 		rc = pkey_apqns4key(kkey, kak.keylen, kak.flags,
1674 				    apqns, &nr_apqns);
1675 		pr_debug("%s pkey_apqns4key()=%d\n", __func__, rc);
1676 		kfree(kkey);
1677 		if (rc && rc != -ENOSPC) {
1678 			kfree(apqns);
1679 			break;
1680 		}
1681 		if (!rc && kak.apqns) {
1682 			if (nr_apqns > kak.apqn_entries) {
1683 				kfree(apqns);
1684 				return -EINVAL;
1685 			}
1686 			len = nr_apqns * sizeof(struct pkey_apqn);
1687 			if (len) {
1688 				if (copy_to_user(kak.apqns, apqns, len)) {
1689 					kfree(apqns);
1690 					return -EFAULT;
1691 				}
1692 			}
1693 		}
1694 		kak.apqn_entries = nr_apqns;
1695 		if (copy_to_user(uak, &kak, sizeof(kak)))
1696 			rc = -EFAULT;
1697 		kfree(apqns);
1698 		break;
1699 	}
1700 	case PKEY_APQNS4KT: {
1701 		struct pkey_apqns4keytype __user *uat = (void __user *)arg;
1702 		struct pkey_apqn *apqns = NULL;
1703 		struct pkey_apqns4keytype kat;
1704 		size_t nr_apqns, len;
1705 
1706 		if (copy_from_user(&kat, uat, sizeof(kat)))
1707 			return -EFAULT;
1708 		nr_apqns = kat.apqn_entries;
1709 		if (nr_apqns) {
1710 			apqns = kmalloc_array(nr_apqns,
1711 					      sizeof(struct pkey_apqn),
1712 					      GFP_KERNEL);
1713 			if (!apqns)
1714 				return -ENOMEM;
1715 		}
1716 		rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp,
1717 					kat.flags, apqns, &nr_apqns);
1718 		pr_debug("%s pkey_apqns4keytype()=%d\n", __func__, rc);
1719 		if (rc && rc != -ENOSPC) {
1720 			kfree(apqns);
1721 			break;
1722 		}
1723 		if (!rc && kat.apqns) {
1724 			if (nr_apqns > kat.apqn_entries) {
1725 				kfree(apqns);
1726 				return -EINVAL;
1727 			}
1728 			len = nr_apqns * sizeof(struct pkey_apqn);
1729 			if (len) {
1730 				if (copy_to_user(kat.apqns, apqns, len)) {
1731 					kfree(apqns);
1732 					return -EFAULT;
1733 				}
1734 			}
1735 		}
1736 		kat.apqn_entries = nr_apqns;
1737 		if (copy_to_user(uat, &kat, sizeof(kat)))
1738 			rc = -EFAULT;
1739 		kfree(apqns);
1740 		break;
1741 	}
1742 	case PKEY_KBLOB2PROTK3: {
1743 		struct pkey_kblob2pkey3 __user *utp = (void __user *)arg;
1744 		u32 protkeylen = PROTKEYBLOBBUFSIZE;
1745 		struct pkey_apqn *apqns = NULL;
1746 		struct pkey_kblob2pkey3 ktp;
1747 		u8 *kkey, *protkey;
1748 
1749 		if (copy_from_user(&ktp, utp, sizeof(ktp)))
1750 			return -EFAULT;
1751 		apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1752 		if (IS_ERR(apqns))
1753 			return PTR_ERR(apqns);
1754 		kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1755 		if (IS_ERR(kkey)) {
1756 			kfree(apqns);
1757 			return PTR_ERR(kkey);
1758 		}
1759 		protkey = kmalloc(protkeylen, GFP_KERNEL);
1760 		if (!protkey) {
1761 			kfree(apqns);
1762 			kfree(kkey);
1763 			return -ENOMEM;
1764 		}
1765 		rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries,
1766 					kkey, ktp.keylen,
1767 					protkey, &protkeylen, &ktp.pkeytype);
1768 		pr_debug("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
1769 		kfree(apqns);
1770 		memzero_explicit(kkey, ktp.keylen);
1771 		kfree(kkey);
1772 		if (rc) {
1773 			kfree(protkey);
1774 			break;
1775 		}
1776 		if (ktp.pkey && ktp.pkeylen) {
1777 			if (protkeylen > ktp.pkeylen) {
1778 				kfree(protkey);
1779 				return -EINVAL;
1780 			}
1781 			if (copy_to_user(ktp.pkey, protkey, protkeylen)) {
1782 				kfree(protkey);
1783 				return -EFAULT;
1784 			}
1785 		}
1786 		kfree(protkey);
1787 		ktp.pkeylen = protkeylen;
1788 		if (copy_to_user(utp, &ktp, sizeof(ktp)))
1789 			return -EFAULT;
1790 		break;
1791 	}
1792 	default:
1793 		/* unknown/unsupported ioctl cmd */
1794 		return -ENOTTY;
1795 	}
1796 
1797 	return rc;
1798 }
1799 
1800 /*
1801  * Sysfs and file io operations
1802  */
1803 
1804 /*
1805  * Sysfs attribute read function for all protected key binary attributes.
1806  * The implementation can not deal with partial reads, because a new random
1807  * protected key blob is generated with each read. In case of partial reads
1808  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1809  */
1810 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1811 					  loff_t off, size_t count)
1812 {
1813 	struct protaeskeytoken protkeytoken;
1814 	struct pkey_protkey protkey;
1815 	int rc;
1816 
1817 	if (off != 0 || count < sizeof(protkeytoken))
1818 		return -EINVAL;
1819 	if (is_xts)
1820 		if (count < 2 * sizeof(protkeytoken))
1821 			return -EINVAL;
1822 
1823 	memset(&protkeytoken, 0, sizeof(protkeytoken));
1824 	protkeytoken.type = TOKTYPE_NON_CCA;
1825 	protkeytoken.version = TOKVER_PROTECTED_KEY;
1826 	protkeytoken.keytype = keytype;
1827 
1828 	protkey.len = sizeof(protkey.protkey);
1829 	rc = pkey_genprotkey(protkeytoken.keytype,
1830 			     protkey.protkey, &protkey.len, &protkey.type);
1831 	if (rc)
1832 		return rc;
1833 
1834 	protkeytoken.len = protkey.len;
1835 	memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1836 
1837 	memcpy(buf, &protkeytoken, sizeof(protkeytoken));
1838 
1839 	if (is_xts) {
1840 		/* xts needs a second protected key, reuse protkey struct */
1841 		protkey.len = sizeof(protkey.protkey);
1842 		rc = pkey_genprotkey(protkeytoken.keytype,
1843 				     protkey.protkey, &protkey.len, &protkey.type);
1844 		if (rc)
1845 			return rc;
1846 
1847 		protkeytoken.len = protkey.len;
1848 		memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1849 
1850 		memcpy(buf + sizeof(protkeytoken), &protkeytoken,
1851 		       sizeof(protkeytoken));
1852 
1853 		return 2 * sizeof(protkeytoken);
1854 	}
1855 
1856 	return sizeof(protkeytoken);
1857 }
1858 
1859 static ssize_t protkey_aes_128_read(struct file *filp,
1860 				    struct kobject *kobj,
1861 				    struct bin_attribute *attr,
1862 				    char *buf, loff_t off,
1863 				    size_t count)
1864 {
1865 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1866 					  off, count);
1867 }
1868 
1869 static ssize_t protkey_aes_192_read(struct file *filp,
1870 				    struct kobject *kobj,
1871 				    struct bin_attribute *attr,
1872 				    char *buf, loff_t off,
1873 				    size_t count)
1874 {
1875 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1876 					  off, count);
1877 }
1878 
1879 static ssize_t protkey_aes_256_read(struct file *filp,
1880 				    struct kobject *kobj,
1881 				    struct bin_attribute *attr,
1882 				    char *buf, loff_t off,
1883 				    size_t count)
1884 {
1885 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1886 					  off, count);
1887 }
1888 
1889 static ssize_t protkey_aes_128_xts_read(struct file *filp,
1890 					struct kobject *kobj,
1891 					struct bin_attribute *attr,
1892 					char *buf, loff_t off,
1893 					size_t count)
1894 {
1895 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1896 					  off, count);
1897 }
1898 
1899 static ssize_t protkey_aes_256_xts_read(struct file *filp,
1900 					struct kobject *kobj,
1901 					struct bin_attribute *attr,
1902 					char *buf, loff_t off,
1903 					size_t count)
1904 {
1905 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1906 					  off, count);
1907 }
1908 
1909 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken));
1910 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken));
1911 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken));
1912 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken));
1913 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken));
1914 
1915 static struct bin_attribute *protkey_attrs[] = {
1916 	&bin_attr_protkey_aes_128,
1917 	&bin_attr_protkey_aes_192,
1918 	&bin_attr_protkey_aes_256,
1919 	&bin_attr_protkey_aes_128_xts,
1920 	&bin_attr_protkey_aes_256_xts,
1921 	NULL
1922 };
1923 
1924 static struct attribute_group protkey_attr_group = {
1925 	.name	   = "protkey",
1926 	.bin_attrs = protkey_attrs,
1927 };
1928 
1929 /*
1930  * Sysfs attribute read function for all secure key ccadata binary attributes.
1931  * The implementation can not deal with partial reads, because a new random
1932  * protected key blob is generated with each read. In case of partial reads
1933  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1934  */
1935 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1936 					  loff_t off, size_t count)
1937 {
1938 	struct pkey_seckey *seckey = (struct pkey_seckey *)buf;
1939 	int rc;
1940 
1941 	if (off != 0 || count < sizeof(struct secaeskeytoken))
1942 		return -EINVAL;
1943 	if (is_xts)
1944 		if (count < 2 * sizeof(struct secaeskeytoken))
1945 			return -EINVAL;
1946 
1947 	rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1948 	if (rc)
1949 		return rc;
1950 
1951 	if (is_xts) {
1952 		seckey++;
1953 		rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1954 		if (rc)
1955 			return rc;
1956 
1957 		return 2 * sizeof(struct secaeskeytoken);
1958 	}
1959 
1960 	return sizeof(struct secaeskeytoken);
1961 }
1962 
1963 static ssize_t ccadata_aes_128_read(struct file *filp,
1964 				    struct kobject *kobj,
1965 				    struct bin_attribute *attr,
1966 				    char *buf, loff_t off,
1967 				    size_t count)
1968 {
1969 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1970 					  off, count);
1971 }
1972 
1973 static ssize_t ccadata_aes_192_read(struct file *filp,
1974 				    struct kobject *kobj,
1975 				    struct bin_attribute *attr,
1976 				    char *buf, loff_t off,
1977 				    size_t count)
1978 {
1979 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1980 					  off, count);
1981 }
1982 
1983 static ssize_t ccadata_aes_256_read(struct file *filp,
1984 				    struct kobject *kobj,
1985 				    struct bin_attribute *attr,
1986 				    char *buf, loff_t off,
1987 				    size_t count)
1988 {
1989 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1990 					  off, count);
1991 }
1992 
1993 static ssize_t ccadata_aes_128_xts_read(struct file *filp,
1994 					struct kobject *kobj,
1995 					struct bin_attribute *attr,
1996 					char *buf, loff_t off,
1997 					size_t count)
1998 {
1999 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
2000 					  off, count);
2001 }
2002 
2003 static ssize_t ccadata_aes_256_xts_read(struct file *filp,
2004 					struct kobject *kobj,
2005 					struct bin_attribute *attr,
2006 					char *buf, loff_t off,
2007 					size_t count)
2008 {
2009 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
2010 					  off, count);
2011 }
2012 
2013 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken));
2014 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken));
2015 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken));
2016 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken));
2017 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken));
2018 
2019 static struct bin_attribute *ccadata_attrs[] = {
2020 	&bin_attr_ccadata_aes_128,
2021 	&bin_attr_ccadata_aes_192,
2022 	&bin_attr_ccadata_aes_256,
2023 	&bin_attr_ccadata_aes_128_xts,
2024 	&bin_attr_ccadata_aes_256_xts,
2025 	NULL
2026 };
2027 
2028 static struct attribute_group ccadata_attr_group = {
2029 	.name	   = "ccadata",
2030 	.bin_attrs = ccadata_attrs,
2031 };
2032 
2033 #define CCACIPHERTOKENSIZE	(sizeof(struct cipherkeytoken) + 80)
2034 
2035 /*
2036  * Sysfs attribute read function for all secure key ccacipher binary attributes.
2037  * The implementation can not deal with partial reads, because a new random
2038  * secure key blob is generated with each read. In case of partial reads
2039  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
2040  */
2041 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits,
2042 					    bool is_xts, char *buf, loff_t off,
2043 					    size_t count)
2044 {
2045 	size_t keysize = CCACIPHERTOKENSIZE;
2046 	u32 nr_apqns, *apqns = NULL;
2047 	int i, rc, card, dom;
2048 
2049 	if (off != 0 || count < CCACIPHERTOKENSIZE)
2050 		return -EINVAL;
2051 	if (is_xts)
2052 		if (count < 2 * CCACIPHERTOKENSIZE)
2053 			return -EINVAL;
2054 
2055 	/* build a list of apqns able to generate an cipher key */
2056 	rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
2057 			   ZCRYPT_CEX6, 0, 0, 0, 0);
2058 	if (rc)
2059 		return rc;
2060 
2061 	memset(buf, 0, is_xts ? 2 * keysize : keysize);
2062 
2063 	/* simple try all apqns from the list */
2064 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
2065 		card = apqns[i] >> 16;
2066 		dom = apqns[i] & 0xFFFF;
2067 		rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
2068 		if (rc == 0)
2069 			break;
2070 	}
2071 	if (rc)
2072 		return rc;
2073 
2074 	if (is_xts) {
2075 		keysize = CCACIPHERTOKENSIZE;
2076 		buf += CCACIPHERTOKENSIZE;
2077 		rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
2078 		if (rc == 0)
2079 			return 2 * CCACIPHERTOKENSIZE;
2080 	}
2081 
2082 	return CCACIPHERTOKENSIZE;
2083 }
2084 
2085 static ssize_t ccacipher_aes_128_read(struct file *filp,
2086 				      struct kobject *kobj,
2087 				      struct bin_attribute *attr,
2088 				      char *buf, loff_t off,
2089 				      size_t count)
2090 {
2091 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
2092 					    off, count);
2093 }
2094 
2095 static ssize_t ccacipher_aes_192_read(struct file *filp,
2096 				      struct kobject *kobj,
2097 				      struct bin_attribute *attr,
2098 				      char *buf, loff_t off,
2099 				      size_t count)
2100 {
2101 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
2102 					    off, count);
2103 }
2104 
2105 static ssize_t ccacipher_aes_256_read(struct file *filp,
2106 				      struct kobject *kobj,
2107 				      struct bin_attribute *attr,
2108 				      char *buf, loff_t off,
2109 				      size_t count)
2110 {
2111 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
2112 					    off, count);
2113 }
2114 
2115 static ssize_t ccacipher_aes_128_xts_read(struct file *filp,
2116 					  struct kobject *kobj,
2117 					  struct bin_attribute *attr,
2118 					  char *buf, loff_t off,
2119 					  size_t count)
2120 {
2121 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
2122 					    off, count);
2123 }
2124 
2125 static ssize_t ccacipher_aes_256_xts_read(struct file *filp,
2126 					  struct kobject *kobj,
2127 					  struct bin_attribute *attr,
2128 					  char *buf, loff_t off,
2129 					  size_t count)
2130 {
2131 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
2132 					    off, count);
2133 }
2134 
2135 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE);
2136 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE);
2137 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE);
2138 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE);
2139 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE);
2140 
2141 static struct bin_attribute *ccacipher_attrs[] = {
2142 	&bin_attr_ccacipher_aes_128,
2143 	&bin_attr_ccacipher_aes_192,
2144 	&bin_attr_ccacipher_aes_256,
2145 	&bin_attr_ccacipher_aes_128_xts,
2146 	&bin_attr_ccacipher_aes_256_xts,
2147 	NULL
2148 };
2149 
2150 static struct attribute_group ccacipher_attr_group = {
2151 	.name	   = "ccacipher",
2152 	.bin_attrs = ccacipher_attrs,
2153 };
2154 
2155 /*
2156  * Sysfs attribute read function for all ep11 aes key binary attributes.
2157  * The implementation can not deal with partial reads, because a new random
2158  * secure key blob is generated with each read. In case of partial reads
2159  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
2160  * This function and the sysfs attributes using it provide EP11 key blobs
2161  * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently
2162  * 336 bytes.
2163  */
2164 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits,
2165 				       bool is_xts, char *buf, loff_t off,
2166 				       size_t count)
2167 {
2168 	size_t keysize = MAXEP11AESKEYBLOBSIZE;
2169 	u32 nr_apqns, *apqns = NULL;
2170 	int i, rc, card, dom;
2171 
2172 	if (off != 0 || count < MAXEP11AESKEYBLOBSIZE)
2173 		return -EINVAL;
2174 	if (is_xts)
2175 		if (count < 2 * MAXEP11AESKEYBLOBSIZE)
2176 			return -EINVAL;
2177 
2178 	/* build a list of apqns able to generate an cipher key */
2179 	rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
2180 			    ZCRYPT_CEX7,
2181 			    ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4,
2182 			    NULL);
2183 	if (rc)
2184 		return rc;
2185 
2186 	memset(buf, 0, is_xts ? 2 * keysize : keysize);
2187 
2188 	/* simple try all apqns from the list */
2189 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
2190 		card = apqns[i] >> 16;
2191 		dom = apqns[i] & 0xFFFF;
2192 		rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize,
2193 				    PKEY_TYPE_EP11_AES);
2194 		if (rc == 0)
2195 			break;
2196 	}
2197 	if (rc)
2198 		return rc;
2199 
2200 	if (is_xts) {
2201 		keysize = MAXEP11AESKEYBLOBSIZE;
2202 		buf += MAXEP11AESKEYBLOBSIZE;
2203 		rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize,
2204 				    PKEY_TYPE_EP11_AES);
2205 		if (rc == 0)
2206 			return 2 * MAXEP11AESKEYBLOBSIZE;
2207 	}
2208 
2209 	return MAXEP11AESKEYBLOBSIZE;
2210 }
2211 
2212 static ssize_t ep11_aes_128_read(struct file *filp,
2213 				 struct kobject *kobj,
2214 				 struct bin_attribute *attr,
2215 				 char *buf, loff_t off,
2216 				 size_t count)
2217 {
2218 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
2219 				       off, count);
2220 }
2221 
2222 static ssize_t ep11_aes_192_read(struct file *filp,
2223 				 struct kobject *kobj,
2224 				 struct bin_attribute *attr,
2225 				 char *buf, loff_t off,
2226 				 size_t count)
2227 {
2228 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
2229 				       off, count);
2230 }
2231 
2232 static ssize_t ep11_aes_256_read(struct file *filp,
2233 				 struct kobject *kobj,
2234 				 struct bin_attribute *attr,
2235 				 char *buf, loff_t off,
2236 				 size_t count)
2237 {
2238 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
2239 				       off, count);
2240 }
2241 
2242 static ssize_t ep11_aes_128_xts_read(struct file *filp,
2243 				     struct kobject *kobj,
2244 				     struct bin_attribute *attr,
2245 				     char *buf, loff_t off,
2246 				     size_t count)
2247 {
2248 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
2249 				       off, count);
2250 }
2251 
2252 static ssize_t ep11_aes_256_xts_read(struct file *filp,
2253 				     struct kobject *kobj,
2254 				     struct bin_attribute *attr,
2255 				     char *buf, loff_t off,
2256 				     size_t count)
2257 {
2258 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
2259 				       off, count);
2260 }
2261 
2262 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE);
2263 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE);
2264 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE);
2265 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2266 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2267 
2268 static struct bin_attribute *ep11_attrs[] = {
2269 	&bin_attr_ep11_aes_128,
2270 	&bin_attr_ep11_aes_192,
2271 	&bin_attr_ep11_aes_256,
2272 	&bin_attr_ep11_aes_128_xts,
2273 	&bin_attr_ep11_aes_256_xts,
2274 	NULL
2275 };
2276 
2277 static struct attribute_group ep11_attr_group = {
2278 	.name	   = "ep11",
2279 	.bin_attrs = ep11_attrs,
2280 };
2281 
2282 static const struct attribute_group *pkey_attr_groups[] = {
2283 	&protkey_attr_group,
2284 	&ccadata_attr_group,
2285 	&ccacipher_attr_group,
2286 	&ep11_attr_group,
2287 	NULL,
2288 };
2289 
2290 static const struct file_operations pkey_fops = {
2291 	.owner		= THIS_MODULE,
2292 	.open		= nonseekable_open,
2293 	.llseek		= no_llseek,
2294 	.unlocked_ioctl = pkey_unlocked_ioctl,
2295 };
2296 
2297 static struct miscdevice pkey_dev = {
2298 	.name	= "pkey",
2299 	.minor	= MISC_DYNAMIC_MINOR,
2300 	.mode	= 0666,
2301 	.fops	= &pkey_fops,
2302 	.groups = pkey_attr_groups,
2303 };
2304 
2305 /*
2306  * Module init
2307  */
2308 static int __init pkey_init(void)
2309 {
2310 	cpacf_mask_t func_mask;
2311 
2312 	/*
2313 	 * The pckmo instruction should be available - even if we don't
2314 	 * actually invoke it. This instruction comes with MSA 3 which
2315 	 * is also the minimum level for the kmc instructions which
2316 	 * are able to work with protected keys.
2317 	 */
2318 	if (!cpacf_query(CPACF_PCKMO, &func_mask))
2319 		return -ENODEV;
2320 
2321 	/* check for kmc instructions available */
2322 	if (!cpacf_query(CPACF_KMC, &func_mask))
2323 		return -ENODEV;
2324 	if (!cpacf_test_func(&func_mask, CPACF_KMC_PAES_128) ||
2325 	    !cpacf_test_func(&func_mask, CPACF_KMC_PAES_192) ||
2326 	    !cpacf_test_func(&func_mask, CPACF_KMC_PAES_256))
2327 		return -ENODEV;
2328 
2329 	pkey_debug_init();
2330 
2331 	return misc_register(&pkey_dev);
2332 }
2333 
2334 /*
2335  * Module exit
2336  */
2337 static void __exit pkey_exit(void)
2338 {
2339 	misc_deregister(&pkey_dev);
2340 	pkey_debug_exit();
2341 }
2342 
2343 module_cpu_feature_match(S390_CPU_FEATURE_MSA, pkey_init);
2344 module_exit(pkey_exit);
2345