xref: /linux/drivers/s390/crypto/pkey_api.c (revision 96f30c8f0aa9923aa39b30bcaefeacf88b490231)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  *  pkey device driver
4  *
5  *  Copyright IBM Corp. 2017, 2023
6  *
7  *  Author(s): Harald Freudenberger
8  */
9 
10 #define KMSG_COMPONENT "pkey"
11 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
12 
13 #include <linux/fs.h>
14 #include <linux/init.h>
15 #include <linux/miscdevice.h>
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/kallsyms.h>
19 #include <linux/debugfs.h>
20 #include <linux/random.h>
21 #include <linux/cpufeature.h>
22 #include <asm/zcrypt.h>
23 #include <asm/cpacf.h>
24 #include <asm/pkey.h>
25 #include <crypto/aes.h>
26 
27 #include "zcrypt_api.h"
28 #include "zcrypt_ccamisc.h"
29 #include "zcrypt_ep11misc.h"
30 
31 MODULE_LICENSE("GPL");
32 MODULE_AUTHOR("IBM Corporation");
33 MODULE_DESCRIPTION("s390 protected key interface");
34 
35 #define KEYBLOBBUFSIZE 8192	/* key buffer size used for internal processing */
36 #define MINKEYBLOBBUFSIZE (sizeof(struct keytoken_header))
37 #define PROTKEYBLOBBUFSIZE 256	/* protected key buffer size used internal */
38 #define MAXAPQNSINLIST 64	/* max 64 apqns within a apqn list */
39 #define AES_WK_VP_SIZE 32	/* Size of WK VP block appended to a prot key */
40 
41 /*
42  * debug feature data and functions
43  */
44 
45 static debug_info_t *pkey_dbf_info;
46 
47 #define PKEY_DBF_INFO(...) debug_sprintf_event(pkey_dbf_info, 5, ##__VA_ARGS__)
48 #define PKEY_DBF_WARN(...) debug_sprintf_event(pkey_dbf_info, 4, ##__VA_ARGS__)
49 #define PKEY_DBF_ERR(...)  debug_sprintf_event(pkey_dbf_info, 3, ##__VA_ARGS__)
50 
51 static void __init pkey_debug_init(void)
52 {
53 	/* 5 arguments per dbf entry (including the format string ptr) */
54 	pkey_dbf_info = debug_register("pkey", 1, 1, 5 * sizeof(long));
55 	debug_register_view(pkey_dbf_info, &debug_sprintf_view);
56 	debug_set_level(pkey_dbf_info, 3);
57 }
58 
59 static void __exit pkey_debug_exit(void)
60 {
61 	debug_unregister(pkey_dbf_info);
62 }
63 
64 /* inside view of a protected key token (only type 0x00 version 0x01) */
65 struct protaeskeytoken {
66 	u8  type;     /* 0x00 for PAES specific key tokens */
67 	u8  res0[3];
68 	u8  version;  /* should be 0x01 for protected AES key token */
69 	u8  res1[3];
70 	u32 keytype;  /* key type, one of the PKEY_KEYTYPE values */
71 	u32 len;      /* bytes actually stored in protkey[] */
72 	u8  protkey[MAXPROTKEYSIZE]; /* the protected key blob */
73 } __packed;
74 
75 /* inside view of a clear key token (type 0x00 version 0x02) */
76 struct clearkeytoken {
77 	u8  type;	/* 0x00 for PAES specific key tokens */
78 	u8  res0[3];
79 	u8  version;	/* 0x02 for clear key token */
80 	u8  res1[3];
81 	u32 keytype;	/* key type, one of the PKEY_KEYTYPE_* values */
82 	u32 len;	/* bytes actually stored in clearkey[] */
83 	u8  clearkey[]; /* clear key value */
84 } __packed;
85 
86 /* helper function which translates the PKEY_KEYTYPE_AES_* to their keysize */
87 static inline u32 pkey_keytype_aes_to_size(u32 keytype)
88 {
89 	switch (keytype) {
90 	case PKEY_KEYTYPE_AES_128:
91 		return 16;
92 	case PKEY_KEYTYPE_AES_192:
93 		return 24;
94 	case PKEY_KEYTYPE_AES_256:
95 		return 32;
96 	default:
97 		return 0;
98 	}
99 }
100 
101 /*
102  * Create a protected key from a clear key value via PCKMO instruction.
103  */
104 static int pkey_clr2protkey(u32 keytype, const u8 *clrkey,
105 			    u8 *protkey, u32 *protkeylen, u32 *protkeytype)
106 {
107 	/* mask of available pckmo subfunctions */
108 	static cpacf_mask_t pckmo_functions;
109 
110 	u8 paramblock[112];
111 	u32 pkeytype;
112 	int keysize;
113 	long fc;
114 
115 	switch (keytype) {
116 	case PKEY_KEYTYPE_AES_128:
117 		/* 16 byte key, 32 byte aes wkvp, total 48 bytes */
118 		keysize = 16;
119 		pkeytype = keytype;
120 		fc = CPACF_PCKMO_ENC_AES_128_KEY;
121 		break;
122 	case PKEY_KEYTYPE_AES_192:
123 		/* 24 byte key, 32 byte aes wkvp, total 56 bytes */
124 		keysize = 24;
125 		pkeytype = keytype;
126 		fc = CPACF_PCKMO_ENC_AES_192_KEY;
127 		break;
128 	case PKEY_KEYTYPE_AES_256:
129 		/* 32 byte key, 32 byte aes wkvp, total 64 bytes */
130 		keysize = 32;
131 		pkeytype = keytype;
132 		fc = CPACF_PCKMO_ENC_AES_256_KEY;
133 		break;
134 	case PKEY_KEYTYPE_ECC_P256:
135 		/* 32 byte key, 32 byte aes wkvp, total 64 bytes */
136 		keysize = 32;
137 		pkeytype = PKEY_KEYTYPE_ECC;
138 		fc = CPACF_PCKMO_ENC_ECC_P256_KEY;
139 		break;
140 	case PKEY_KEYTYPE_ECC_P384:
141 		/* 48 byte key, 32 byte aes wkvp, total 80 bytes */
142 		keysize = 48;
143 		pkeytype = PKEY_KEYTYPE_ECC;
144 		fc = CPACF_PCKMO_ENC_ECC_P384_KEY;
145 		break;
146 	case PKEY_KEYTYPE_ECC_P521:
147 		/* 80 byte key, 32 byte aes wkvp, total 112 bytes */
148 		keysize = 80;
149 		pkeytype = PKEY_KEYTYPE_ECC;
150 		fc = CPACF_PCKMO_ENC_ECC_P521_KEY;
151 		break;
152 	case PKEY_KEYTYPE_ECC_ED25519:
153 		/* 32 byte key, 32 byte aes wkvp, total 64 bytes */
154 		keysize = 32;
155 		pkeytype = PKEY_KEYTYPE_ECC;
156 		fc = CPACF_PCKMO_ENC_ECC_ED25519_KEY;
157 		break;
158 	case PKEY_KEYTYPE_ECC_ED448:
159 		/* 64 byte key, 32 byte aes wkvp, total 96 bytes */
160 		keysize = 64;
161 		pkeytype = PKEY_KEYTYPE_ECC;
162 		fc = CPACF_PCKMO_ENC_ECC_ED448_KEY;
163 		break;
164 	default:
165 		PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n",
166 			     __func__, keytype);
167 		return -EINVAL;
168 	}
169 
170 	if (*protkeylen < keysize + AES_WK_VP_SIZE) {
171 		PKEY_DBF_ERR("%s prot key buffer size too small: %u < %d\n",
172 			     __func__, *protkeylen, keysize + AES_WK_VP_SIZE);
173 		return -EINVAL;
174 	}
175 
176 	/* Did we already check for PCKMO ? */
177 	if (!pckmo_functions.bytes[0]) {
178 		/* no, so check now */
179 		if (!cpacf_query(CPACF_PCKMO, &pckmo_functions))
180 			return -ENODEV;
181 	}
182 	/* check for the pckmo subfunction we need now */
183 	if (!cpacf_test_func(&pckmo_functions, fc)) {
184 		PKEY_DBF_ERR("%s pckmo functions not available\n", __func__);
185 		return -ENODEV;
186 	}
187 
188 	/* prepare param block */
189 	memset(paramblock, 0, sizeof(paramblock));
190 	memcpy(paramblock, clrkey, keysize);
191 
192 	/* call the pckmo instruction */
193 	cpacf_pckmo(fc, paramblock);
194 
195 	/* copy created protected key to key buffer including the wkvp block */
196 	*protkeylen = keysize + AES_WK_VP_SIZE;
197 	memcpy(protkey, paramblock, *protkeylen);
198 	*protkeytype = pkeytype;
199 
200 	return 0;
201 }
202 
203 /*
204  * Find card and transform secure key into protected key.
205  */
206 static int pkey_skey2pkey(const u8 *key, u8 *protkey,
207 			  u32 *protkeylen, u32 *protkeytype)
208 {
209 	struct keytoken_header *hdr = (struct keytoken_header *)key;
210 	u16 cardnr, domain;
211 	int rc, verify;
212 
213 	zcrypt_wait_api_operational();
214 
215 	/*
216 	 * The cca_xxx2protkey call may fail when a card has been
217 	 * addressed where the master key was changed after last fetch
218 	 * of the mkvp into the cache. Try 3 times: First without verify
219 	 * then with verify and last round with verify and old master
220 	 * key verification pattern match not ignored.
221 	 */
222 	for (verify = 0; verify < 3; verify++) {
223 		rc = cca_findcard(key, &cardnr, &domain, verify);
224 		if (rc < 0)
225 			continue;
226 		if (rc > 0 && verify < 2)
227 			continue;
228 		switch (hdr->version) {
229 		case TOKVER_CCA_AES:
230 			rc = cca_sec2protkey(cardnr, domain, key,
231 					     protkey, protkeylen, protkeytype);
232 			break;
233 		case TOKVER_CCA_VLSC:
234 			rc = cca_cipher2protkey(cardnr, domain, key,
235 						protkey, protkeylen,
236 						protkeytype);
237 			break;
238 		default:
239 			return -EINVAL;
240 		}
241 		if (rc == 0)
242 			break;
243 	}
244 
245 	if (rc)
246 		pr_debug("%s failed rc=%d\n", __func__, rc);
247 
248 	return rc;
249 }
250 
251 /*
252  * Construct EP11 key with given clear key value.
253  */
254 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen,
255 			    u8 *keybuf, size_t *keybuflen)
256 {
257 	u32 nr_apqns, *apqns = NULL;
258 	u16 card, dom;
259 	int i, rc;
260 
261 	zcrypt_wait_api_operational();
262 
263 	/* build a list of apqns suitable for ep11 keys with cpacf support */
264 	rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
265 			    ZCRYPT_CEX7,
266 			    ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4,
267 			    NULL);
268 	if (rc)
269 		goto out;
270 
271 	/* go through the list of apqns and try to bild an ep11 key */
272 	for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
273 		card = apqns[i] >> 16;
274 		dom = apqns[i] & 0xFFFF;
275 		rc = ep11_clr2keyblob(card, dom, clrkeylen * 8,
276 				      0, clrkey, keybuf, keybuflen,
277 				      PKEY_TYPE_EP11);
278 		if (rc == 0)
279 			break;
280 	}
281 
282 out:
283 	kfree(apqns);
284 	if (rc)
285 		pr_debug("%s failed rc=%d\n", __func__, rc);
286 	return rc;
287 }
288 
289 /*
290  * Find card and transform EP11 secure key into protected key.
291  */
292 static int pkey_ep11key2pkey(const u8 *key, size_t keylen,
293 			     u8 *protkey, u32 *protkeylen, u32 *protkeytype)
294 {
295 	u32 nr_apqns, *apqns = NULL;
296 	int i, j, rc = -ENODEV;
297 	u16 card, dom;
298 
299 	zcrypt_wait_api_operational();
300 
301 	/* try two times in case of failure */
302 	for (i = 0; i < 2 && rc; i++) {
303 
304 		/* build a list of apqns suitable for this key */
305 		rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
306 				    ZCRYPT_CEX7,
307 				    ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4,
308 				    ep11_kb_wkvp(key, keylen));
309 		if (rc)
310 			continue; /* retry findcard on failure */
311 
312 		/* go through the list of apqns and try to derive an pkey */
313 		for (rc = -ENODEV, j = 0; j < nr_apqns && rc; j++) {
314 			card = apqns[j] >> 16;
315 			dom = apqns[j] & 0xFFFF;
316 			rc = ep11_kblob2protkey(card, dom, key, keylen,
317 						protkey, protkeylen, protkeytype);
318 		}
319 
320 		kfree(apqns);
321 	}
322 
323 	if (rc)
324 		pr_debug("%s failed rc=%d\n", __func__, rc);
325 
326 	return rc;
327 }
328 
329 /*
330  * Verify key and give back some info about the key.
331  */
332 static int pkey_verifykey(const struct pkey_seckey *seckey,
333 			  u16 *pcardnr, u16 *pdomain,
334 			  u16 *pkeysize, u32 *pattributes)
335 {
336 	struct secaeskeytoken *t = (struct secaeskeytoken *)seckey;
337 	u16 cardnr, domain;
338 	int rc;
339 
340 	/* check the secure key for valid AES secure key */
341 	rc = cca_check_secaeskeytoken(pkey_dbf_info, 3, (u8 *)seckey, 0);
342 	if (rc)
343 		goto out;
344 	if (pattributes)
345 		*pattributes = PKEY_VERIFY_ATTR_AES;
346 	if (pkeysize)
347 		*pkeysize = t->bitsize;
348 
349 	/* try to find a card which can handle this key */
350 	rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1);
351 	if (rc < 0)
352 		goto out;
353 
354 	if (rc > 0) {
355 		/* key mkvp matches to old master key mkvp */
356 		pr_debug("%s secure key has old mkvp\n", __func__);
357 		if (pattributes)
358 			*pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP;
359 		rc = 0;
360 	}
361 
362 	if (pcardnr)
363 		*pcardnr = cardnr;
364 	if (pdomain)
365 		*pdomain = domain;
366 
367 out:
368 	pr_debug("%s rc=%d\n", __func__, rc);
369 	return rc;
370 }
371 
372 /*
373  * Generate a random protected key
374  */
375 static int pkey_genprotkey(u32 keytype, u8 *protkey,
376 			   u32 *protkeylen, u32 *protkeytype)
377 {
378 	u8 clrkey[32];
379 	int keysize;
380 	int rc;
381 
382 	keysize = pkey_keytype_aes_to_size(keytype);
383 	if (!keysize) {
384 		PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", __func__,
385 			     keytype);
386 		return -EINVAL;
387 	}
388 
389 	/* generate a dummy random clear key */
390 	get_random_bytes(clrkey, keysize);
391 
392 	/* convert it to a dummy protected key */
393 	rc = pkey_clr2protkey(keytype, clrkey,
394 			      protkey, protkeylen, protkeytype);
395 	if (rc)
396 		return rc;
397 
398 	/* replace the key part of the protected key with random bytes */
399 	get_random_bytes(protkey, keysize);
400 
401 	return 0;
402 }
403 
404 /*
405  * Verify if a protected key is still valid
406  */
407 static int pkey_verifyprotkey(const u8 *protkey, u32 protkeylen,
408 			      u32 protkeytype)
409 {
410 	struct {
411 		u8 iv[AES_BLOCK_SIZE];
412 		u8 key[MAXPROTKEYSIZE];
413 	} param;
414 	u8 null_msg[AES_BLOCK_SIZE];
415 	u8 dest_buf[AES_BLOCK_SIZE];
416 	unsigned int k, pkeylen;
417 	unsigned long fc;
418 
419 	switch (protkeytype) {
420 	case PKEY_KEYTYPE_AES_128:
421 		pkeylen = 16 + AES_WK_VP_SIZE;
422 		fc = CPACF_KMC_PAES_128;
423 		break;
424 	case PKEY_KEYTYPE_AES_192:
425 		pkeylen = 24 + AES_WK_VP_SIZE;
426 		fc = CPACF_KMC_PAES_192;
427 		break;
428 	case PKEY_KEYTYPE_AES_256:
429 		pkeylen = 32 + AES_WK_VP_SIZE;
430 		fc = CPACF_KMC_PAES_256;
431 		break;
432 	default:
433 		PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n", __func__,
434 			     protkeytype);
435 		return -EINVAL;
436 	}
437 	if (protkeylen != pkeylen) {
438 		PKEY_DBF_ERR("%s invalid protected key size %u for keytype %u\n",
439 			     __func__, protkeylen, protkeytype);
440 		return -EINVAL;
441 	}
442 
443 	memset(null_msg, 0, sizeof(null_msg));
444 
445 	memset(param.iv, 0, sizeof(param.iv));
446 	memcpy(param.key, protkey, protkeylen);
447 
448 	k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf,
449 		      sizeof(null_msg));
450 	if (k != sizeof(null_msg)) {
451 		PKEY_DBF_ERR("%s protected key is not valid\n", __func__);
452 		return -EKEYREJECTED;
453 	}
454 
455 	return 0;
456 }
457 
458 /* Helper for pkey_nonccatok2pkey, handles aes clear key token */
459 static int nonccatokaes2pkey(const struct clearkeytoken *t,
460 			     u8 *protkey, u32 *protkeylen, u32 *protkeytype)
461 {
462 	size_t tmpbuflen = max_t(size_t, SECKEYBLOBSIZE, MAXEP11AESKEYBLOBSIZE);
463 	u8 *tmpbuf = NULL;
464 	u32 keysize;
465 	int rc;
466 
467 	keysize = pkey_keytype_aes_to_size(t->keytype);
468 	if (!keysize) {
469 		PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n",
470 			     __func__, t->keytype);
471 		return -EINVAL;
472 	}
473 	if (t->len != keysize) {
474 		PKEY_DBF_ERR("%s non clear key aes token: invalid key len %u\n",
475 			     __func__, t->len);
476 		return -EINVAL;
477 	}
478 
479 	/* try direct way with the PCKMO instruction */
480 	rc = pkey_clr2protkey(t->keytype, t->clearkey,
481 			      protkey, protkeylen, protkeytype);
482 	if (!rc)
483 		goto out;
484 
485 	/* PCKMO failed, so try the CCA secure key way */
486 	tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC);
487 	if (!tmpbuf)
488 		return -ENOMEM;
489 	zcrypt_wait_api_operational();
490 	rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype, t->clearkey, tmpbuf);
491 	if (rc)
492 		goto try_via_ep11;
493 	rc = pkey_skey2pkey(tmpbuf,
494 			    protkey, protkeylen, protkeytype);
495 	if (!rc)
496 		goto out;
497 
498 try_via_ep11:
499 	/* if the CCA way also failed, let's try via EP11 */
500 	rc = pkey_clr2ep11key(t->clearkey, t->len,
501 			      tmpbuf, &tmpbuflen);
502 	if (rc)
503 		goto failure;
504 	rc = pkey_ep11key2pkey(tmpbuf, tmpbuflen,
505 			       protkey, protkeylen, protkeytype);
506 	if (!rc)
507 		goto out;
508 
509 failure:
510 	PKEY_DBF_ERR("%s unable to build protected key from clear", __func__);
511 
512 out:
513 	kfree(tmpbuf);
514 	return rc;
515 }
516 
517 /* Helper for pkey_nonccatok2pkey, handles ecc clear key token */
518 static int nonccatokecc2pkey(const struct clearkeytoken *t,
519 			     u8 *protkey, u32 *protkeylen, u32 *protkeytype)
520 {
521 	u32 keylen;
522 	int rc;
523 
524 	switch (t->keytype) {
525 	case PKEY_KEYTYPE_ECC_P256:
526 		keylen = 32;
527 		break;
528 	case PKEY_KEYTYPE_ECC_P384:
529 		keylen = 48;
530 		break;
531 	case PKEY_KEYTYPE_ECC_P521:
532 		keylen = 80;
533 		break;
534 	case PKEY_KEYTYPE_ECC_ED25519:
535 		keylen = 32;
536 		break;
537 	case PKEY_KEYTYPE_ECC_ED448:
538 		keylen = 64;
539 		break;
540 	default:
541 		PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n",
542 			     __func__, t->keytype);
543 		return -EINVAL;
544 	}
545 
546 	if (t->len != keylen) {
547 		PKEY_DBF_ERR("%s non clear key ecc token: invalid key len %u\n",
548 			     __func__, t->len);
549 		return -EINVAL;
550 	}
551 
552 	/* only one path possible: via PCKMO instruction */
553 	rc = pkey_clr2protkey(t->keytype, t->clearkey,
554 			      protkey, protkeylen, protkeytype);
555 	if (rc) {
556 		PKEY_DBF_ERR("%s unable to build protected key from clear",
557 			     __func__);
558 	}
559 
560 	return rc;
561 }
562 
563 /*
564  * Transform a non-CCA key token into a protected key
565  */
566 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen,
567 			       u8 *protkey, u32 *protkeylen, u32 *protkeytype)
568 {
569 	struct keytoken_header *hdr = (struct keytoken_header *)key;
570 	int rc = -EINVAL;
571 
572 	switch (hdr->version) {
573 	case TOKVER_PROTECTED_KEY: {
574 		struct protaeskeytoken *t;
575 
576 		if (keylen != sizeof(struct protaeskeytoken))
577 			goto out;
578 		t = (struct protaeskeytoken *)key;
579 		rc = pkey_verifyprotkey(t->protkey, t->len, t->keytype);
580 		if (rc)
581 			goto out;
582 		memcpy(protkey, t->protkey, t->len);
583 		*protkeylen = t->len;
584 		*protkeytype = t->keytype;
585 		break;
586 	}
587 	case TOKVER_CLEAR_KEY: {
588 		struct clearkeytoken *t = (struct clearkeytoken *)key;
589 
590 		if (keylen < sizeof(struct clearkeytoken) ||
591 		    keylen != sizeof(*t) + t->len)
592 			goto out;
593 		switch (t->keytype) {
594 		case PKEY_KEYTYPE_AES_128:
595 		case PKEY_KEYTYPE_AES_192:
596 		case PKEY_KEYTYPE_AES_256:
597 			rc = nonccatokaes2pkey(t, protkey,
598 					       protkeylen, protkeytype);
599 			break;
600 		case PKEY_KEYTYPE_ECC_P256:
601 		case PKEY_KEYTYPE_ECC_P384:
602 		case PKEY_KEYTYPE_ECC_P521:
603 		case PKEY_KEYTYPE_ECC_ED25519:
604 		case PKEY_KEYTYPE_ECC_ED448:
605 			rc = nonccatokecc2pkey(t, protkey,
606 					       protkeylen, protkeytype);
607 			break;
608 		default:
609 			PKEY_DBF_ERR("%s unknown/unsupported non cca clear key type %u\n",
610 				     __func__, t->keytype);
611 			return -EINVAL;
612 		}
613 		break;
614 	}
615 	case TOKVER_EP11_AES: {
616 		/* check ep11 key for exportable as protected key */
617 		rc = ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1);
618 		if (rc)
619 			goto out;
620 		rc = pkey_ep11key2pkey(key, keylen,
621 				       protkey, protkeylen, protkeytype);
622 		break;
623 	}
624 	case TOKVER_EP11_AES_WITH_HEADER:
625 		/* check ep11 key with header for exportable as protected key */
626 		rc = ep11_check_aes_key_with_hdr(pkey_dbf_info,
627 						 3, key, keylen, 1);
628 		if (rc)
629 			goto out;
630 		rc = pkey_ep11key2pkey(key, keylen,
631 				       protkey, protkeylen, protkeytype);
632 		break;
633 	default:
634 		PKEY_DBF_ERR("%s unknown/unsupported non-CCA token version %d\n",
635 			     __func__, hdr->version);
636 	}
637 
638 out:
639 	return rc;
640 }
641 
642 /*
643  * Transform a CCA internal key token into a protected key
644  */
645 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen,
646 			       u8 *protkey, u32 *protkeylen, u32 *protkeytype)
647 {
648 	struct keytoken_header *hdr = (struct keytoken_header *)key;
649 
650 	switch (hdr->version) {
651 	case TOKVER_CCA_AES:
652 		if (keylen != sizeof(struct secaeskeytoken))
653 			return -EINVAL;
654 		break;
655 	case TOKVER_CCA_VLSC:
656 		if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
657 			return -EINVAL;
658 		break;
659 	default:
660 		PKEY_DBF_ERR("%s unknown/unsupported CCA internal token version %d\n",
661 			     __func__, hdr->version);
662 		return -EINVAL;
663 	}
664 
665 	return pkey_skey2pkey(key, protkey, protkeylen, protkeytype);
666 }
667 
668 /*
669  * Transform a key blob (of any type) into a protected key
670  */
671 int pkey_keyblob2pkey(const u8 *key, u32 keylen,
672 		      u8 *protkey, u32 *protkeylen, u32 *protkeytype)
673 {
674 	struct keytoken_header *hdr = (struct keytoken_header *)key;
675 	int rc;
676 
677 	if (keylen < sizeof(struct keytoken_header)) {
678 		PKEY_DBF_ERR("%s invalid keylen %d\n", __func__, keylen);
679 		return -EINVAL;
680 	}
681 
682 	switch (hdr->type) {
683 	case TOKTYPE_NON_CCA:
684 		rc = pkey_nonccatok2pkey(key, keylen,
685 					 protkey, protkeylen, protkeytype);
686 		break;
687 	case TOKTYPE_CCA_INTERNAL:
688 		rc = pkey_ccainttok2pkey(key, keylen,
689 					 protkey, protkeylen, protkeytype);
690 		break;
691 	default:
692 		PKEY_DBF_ERR("%s unknown/unsupported blob type %d\n",
693 			     __func__, hdr->type);
694 		return -EINVAL;
695 	}
696 
697 	pr_debug("%s rc=%d\n", __func__, rc);
698 	return rc;
699 }
700 EXPORT_SYMBOL(pkey_keyblob2pkey);
701 
702 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
703 			   enum pkey_key_type ktype, enum pkey_key_size ksize,
704 			   u32 kflags, u8 *keybuf, size_t *keybufsize)
705 {
706 	int i, card, dom, rc;
707 
708 	/* check for at least one apqn given */
709 	if (!apqns || !nr_apqns)
710 		return -EINVAL;
711 
712 	/* check key type and size */
713 	switch (ktype) {
714 	case PKEY_TYPE_CCA_DATA:
715 	case PKEY_TYPE_CCA_CIPHER:
716 		if (*keybufsize < SECKEYBLOBSIZE)
717 			return -EINVAL;
718 		break;
719 	case PKEY_TYPE_EP11:
720 		if (*keybufsize < MINEP11AESKEYBLOBSIZE)
721 			return -EINVAL;
722 		break;
723 	case PKEY_TYPE_EP11_AES:
724 		if (*keybufsize < (sizeof(struct ep11kblob_header) +
725 				   MINEP11AESKEYBLOBSIZE))
726 			return -EINVAL;
727 		break;
728 	default:
729 		return -EINVAL;
730 	}
731 	switch (ksize) {
732 	case PKEY_SIZE_AES_128:
733 	case PKEY_SIZE_AES_192:
734 	case PKEY_SIZE_AES_256:
735 		break;
736 	default:
737 		return -EINVAL;
738 	}
739 
740 	/* simple try all apqns from the list */
741 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
742 		card = apqns[i].card;
743 		dom = apqns[i].domain;
744 		if (ktype == PKEY_TYPE_EP11 ||
745 		    ktype == PKEY_TYPE_EP11_AES) {
746 			rc = ep11_genaeskey(card, dom, ksize, kflags,
747 					    keybuf, keybufsize, ktype);
748 		} else if (ktype == PKEY_TYPE_CCA_DATA) {
749 			rc = cca_genseckey(card, dom, ksize, keybuf);
750 			*keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
751 		} else {
752 			/* TOKVER_CCA_VLSC */
753 			rc = cca_gencipherkey(card, dom, ksize, kflags,
754 					      keybuf, keybufsize);
755 		}
756 		if (rc == 0)
757 			break;
758 	}
759 
760 	return rc;
761 }
762 
763 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
764 			    enum pkey_key_type ktype, enum pkey_key_size ksize,
765 			    u32 kflags, const u8 *clrkey,
766 			    u8 *keybuf, size_t *keybufsize)
767 {
768 	int i, card, dom, rc;
769 
770 	/* check for at least one apqn given */
771 	if (!apqns || !nr_apqns)
772 		return -EINVAL;
773 
774 	/* check key type and size */
775 	switch (ktype) {
776 	case PKEY_TYPE_CCA_DATA:
777 	case PKEY_TYPE_CCA_CIPHER:
778 		if (*keybufsize < SECKEYBLOBSIZE)
779 			return -EINVAL;
780 		break;
781 	case PKEY_TYPE_EP11:
782 		if (*keybufsize < MINEP11AESKEYBLOBSIZE)
783 			return -EINVAL;
784 		break;
785 	case PKEY_TYPE_EP11_AES:
786 		if (*keybufsize < (sizeof(struct ep11kblob_header) +
787 				   MINEP11AESKEYBLOBSIZE))
788 			return -EINVAL;
789 		break;
790 	default:
791 		return -EINVAL;
792 	}
793 	switch (ksize) {
794 	case PKEY_SIZE_AES_128:
795 	case PKEY_SIZE_AES_192:
796 	case PKEY_SIZE_AES_256:
797 		break;
798 	default:
799 		return -EINVAL;
800 	}
801 
802 	zcrypt_wait_api_operational();
803 
804 	/* simple try all apqns from the list */
805 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
806 		card = apqns[i].card;
807 		dom = apqns[i].domain;
808 		if (ktype == PKEY_TYPE_EP11 ||
809 		    ktype == PKEY_TYPE_EP11_AES) {
810 			rc = ep11_clr2keyblob(card, dom, ksize, kflags,
811 					      clrkey, keybuf, keybufsize,
812 					      ktype);
813 		} else if (ktype == PKEY_TYPE_CCA_DATA) {
814 			rc = cca_clr2seckey(card, dom, ksize,
815 					    clrkey, keybuf);
816 			*keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
817 		} else {
818 			/* TOKVER_CCA_VLSC */
819 			rc = cca_clr2cipherkey(card, dom, ksize, kflags,
820 					       clrkey, keybuf, keybufsize);
821 		}
822 		if (rc == 0)
823 			break;
824 	}
825 
826 	return rc;
827 }
828 
829 static int pkey_verifykey2(const u8 *key, size_t keylen,
830 			   u16 *cardnr, u16 *domain,
831 			   enum pkey_key_type *ktype,
832 			   enum pkey_key_size *ksize, u32 *flags)
833 {
834 	struct keytoken_header *hdr = (struct keytoken_header *)key;
835 	u32 _nr_apqns, *_apqns = NULL;
836 	int rc;
837 
838 	if (keylen < sizeof(struct keytoken_header))
839 		return -EINVAL;
840 
841 	if (hdr->type == TOKTYPE_CCA_INTERNAL &&
842 	    hdr->version == TOKVER_CCA_AES) {
843 		struct secaeskeytoken *t = (struct secaeskeytoken *)key;
844 
845 		rc = cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0);
846 		if (rc)
847 			goto out;
848 		if (ktype)
849 			*ktype = PKEY_TYPE_CCA_DATA;
850 		if (ksize)
851 			*ksize = (enum pkey_key_size)t->bitsize;
852 
853 		rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
854 				   ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1);
855 		if (rc == 0 && flags)
856 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
857 		if (rc == -ENODEV) {
858 			rc = cca_findcard2(&_apqns, &_nr_apqns,
859 					   *cardnr, *domain,
860 					   ZCRYPT_CEX3C, AES_MK_SET,
861 					   0, t->mkvp, 1);
862 			if (rc == 0 && flags)
863 				*flags = PKEY_FLAGS_MATCH_ALT_MKVP;
864 		}
865 		if (rc)
866 			goto out;
867 
868 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
869 		*domain = ((struct pkey_apqn *)_apqns)->domain;
870 
871 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
872 		   hdr->version == TOKVER_CCA_VLSC) {
873 		struct cipherkeytoken *t = (struct cipherkeytoken *)key;
874 
875 		rc = cca_check_secaescipherkey(pkey_dbf_info, 3, key, 0, 1);
876 		if (rc)
877 			goto out;
878 		if (ktype)
879 			*ktype = PKEY_TYPE_CCA_CIPHER;
880 		if (ksize) {
881 			*ksize = PKEY_SIZE_UNKNOWN;
882 			if (!t->plfver && t->wpllen == 512)
883 				*ksize = PKEY_SIZE_AES_128;
884 			else if (!t->plfver && t->wpllen == 576)
885 				*ksize = PKEY_SIZE_AES_192;
886 			else if (!t->plfver && t->wpllen == 640)
887 				*ksize = PKEY_SIZE_AES_256;
888 		}
889 
890 		rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
891 				   ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1);
892 		if (rc == 0 && flags)
893 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
894 		if (rc == -ENODEV) {
895 			rc = cca_findcard2(&_apqns, &_nr_apqns,
896 					   *cardnr, *domain,
897 					   ZCRYPT_CEX6, AES_MK_SET,
898 					   0, t->mkvp0, 1);
899 			if (rc == 0 && flags)
900 				*flags = PKEY_FLAGS_MATCH_ALT_MKVP;
901 		}
902 		if (rc)
903 			goto out;
904 
905 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
906 		*domain = ((struct pkey_apqn *)_apqns)->domain;
907 
908 	} else if (hdr->type == TOKTYPE_NON_CCA &&
909 		   hdr->version == TOKVER_EP11_AES) {
910 		struct ep11keyblob *kb = (struct ep11keyblob *)key;
911 		int api;
912 
913 		rc = ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1);
914 		if (rc)
915 			goto out;
916 		if (ktype)
917 			*ktype = PKEY_TYPE_EP11;
918 		if (ksize)
919 			*ksize = kb->head.bitlen;
920 
921 		api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
922 		rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
923 				    ZCRYPT_CEX7, api,
924 				    ep11_kb_wkvp(key, keylen));
925 		if (rc)
926 			goto out;
927 
928 		if (flags)
929 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
930 
931 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
932 		*domain = ((struct pkey_apqn *)_apqns)->domain;
933 
934 	} else if (hdr->type == TOKTYPE_NON_CCA &&
935 		   hdr->version == TOKVER_EP11_AES_WITH_HEADER) {
936 		struct ep11kblob_header *kh = (struct ep11kblob_header *)key;
937 		int api;
938 
939 		rc = ep11_check_aes_key_with_hdr(pkey_dbf_info,
940 						 3, key, keylen, 1);
941 		if (rc)
942 			goto out;
943 		if (ktype)
944 			*ktype = PKEY_TYPE_EP11_AES;
945 		if (ksize)
946 			*ksize = kh->bitlen;
947 
948 		api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
949 		rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
950 				    ZCRYPT_CEX7, api,
951 				    ep11_kb_wkvp(key, keylen));
952 		if (rc)
953 			goto out;
954 
955 		if (flags)
956 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
957 
958 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
959 		*domain = ((struct pkey_apqn *)_apqns)->domain;
960 	} else {
961 		rc = -EINVAL;
962 	}
963 
964 out:
965 	kfree(_apqns);
966 	return rc;
967 }
968 
969 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns,
970 			      const u8 *key, size_t keylen,
971 			      u8 *protkey, u32 *protkeylen, u32 *protkeytype)
972 {
973 	struct keytoken_header *hdr = (struct keytoken_header *)key;
974 	int i, card, dom, rc;
975 
976 	/* check for at least one apqn given */
977 	if (!apqns || !nr_apqns)
978 		return -EINVAL;
979 
980 	if (keylen < sizeof(struct keytoken_header))
981 		return -EINVAL;
982 
983 	if (hdr->type == TOKTYPE_CCA_INTERNAL) {
984 		if (hdr->version == TOKVER_CCA_AES) {
985 			if (keylen != sizeof(struct secaeskeytoken))
986 				return -EINVAL;
987 			if (cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0))
988 				return -EINVAL;
989 		} else if (hdr->version == TOKVER_CCA_VLSC) {
990 			if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
991 				return -EINVAL;
992 			if (cca_check_secaescipherkey(pkey_dbf_info,
993 						      3, key, 0, 1))
994 				return -EINVAL;
995 		} else {
996 			PKEY_DBF_ERR("%s unknown CCA internal token version %d\n",
997 				     __func__, hdr->version);
998 			return -EINVAL;
999 		}
1000 	} else if (hdr->type == TOKTYPE_NON_CCA) {
1001 		if (hdr->version == TOKVER_EP11_AES) {
1002 			if (ep11_check_aes_key(pkey_dbf_info,
1003 					       3, key, keylen, 1))
1004 				return -EINVAL;
1005 		} else if (hdr->version == TOKVER_EP11_AES_WITH_HEADER) {
1006 			if (ep11_check_aes_key_with_hdr(pkey_dbf_info,
1007 							3, key, keylen, 1))
1008 				return -EINVAL;
1009 		} else {
1010 			return pkey_nonccatok2pkey(key, keylen,
1011 						   protkey, protkeylen,
1012 						   protkeytype);
1013 		}
1014 	} else {
1015 		PKEY_DBF_ERR("%s unknown/unsupported blob type %d\n",
1016 			     __func__, hdr->type);
1017 		return -EINVAL;
1018 	}
1019 
1020 	zcrypt_wait_api_operational();
1021 
1022 	/* simple try all apqns from the list */
1023 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1024 		card = apqns[i].card;
1025 		dom = apqns[i].domain;
1026 		if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1027 		    hdr->version == TOKVER_CCA_AES) {
1028 			rc = cca_sec2protkey(card, dom, key,
1029 					     protkey, protkeylen, protkeytype);
1030 		} else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1031 			   hdr->version == TOKVER_CCA_VLSC) {
1032 			rc = cca_cipher2protkey(card, dom, key,
1033 						protkey, protkeylen,
1034 						protkeytype);
1035 		} else {
1036 			rc = ep11_kblob2protkey(card, dom, key, keylen,
1037 						protkey, protkeylen,
1038 						protkeytype);
1039 		}
1040 		if (rc == 0)
1041 			break;
1042 	}
1043 
1044 	return rc;
1045 }
1046 
1047 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags,
1048 			  struct pkey_apqn *apqns, size_t *nr_apqns)
1049 {
1050 	struct keytoken_header *hdr = (struct keytoken_header *)key;
1051 	u32 _nr_apqns, *_apqns = NULL;
1052 	int rc;
1053 
1054 	if (keylen < sizeof(struct keytoken_header) || flags == 0)
1055 		return -EINVAL;
1056 
1057 	zcrypt_wait_api_operational();
1058 
1059 	if (hdr->type == TOKTYPE_NON_CCA &&
1060 	    (hdr->version == TOKVER_EP11_AES_WITH_HEADER ||
1061 	     hdr->version == TOKVER_EP11_ECC_WITH_HEADER) &&
1062 	    is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1063 		struct ep11keyblob *kb = (struct ep11keyblob *)
1064 			(key + sizeof(struct ep11kblob_header));
1065 		int minhwtype = 0, api = 0;
1066 
1067 		if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
1068 			return -EINVAL;
1069 		if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
1070 			minhwtype = ZCRYPT_CEX7;
1071 			api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
1072 		}
1073 		rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1074 				    minhwtype, api, kb->wkvp);
1075 		if (rc)
1076 			goto out;
1077 	} else if (hdr->type == TOKTYPE_NON_CCA &&
1078 		   hdr->version == TOKVER_EP11_AES &&
1079 		   is_ep11_keyblob(key)) {
1080 		struct ep11keyblob *kb = (struct ep11keyblob *)key;
1081 		int minhwtype = 0, api = 0;
1082 
1083 		if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
1084 			return -EINVAL;
1085 		if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
1086 			minhwtype = ZCRYPT_CEX7;
1087 			api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
1088 		}
1089 		rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1090 				    minhwtype, api, kb->wkvp);
1091 		if (rc)
1092 			goto out;
1093 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL) {
1094 		u64 cur_mkvp = 0, old_mkvp = 0;
1095 		int minhwtype = ZCRYPT_CEX3C;
1096 
1097 		if (hdr->version == TOKVER_CCA_AES) {
1098 			struct secaeskeytoken *t = (struct secaeskeytoken *)key;
1099 
1100 			if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1101 				cur_mkvp = t->mkvp;
1102 			if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1103 				old_mkvp = t->mkvp;
1104 		} else if (hdr->version == TOKVER_CCA_VLSC) {
1105 			struct cipherkeytoken *t = (struct cipherkeytoken *)key;
1106 
1107 			minhwtype = ZCRYPT_CEX6;
1108 			if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1109 				cur_mkvp = t->mkvp0;
1110 			if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1111 				old_mkvp = t->mkvp0;
1112 		} else {
1113 			/* unknown cca internal token type */
1114 			return -EINVAL;
1115 		}
1116 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1117 				   minhwtype, AES_MK_SET,
1118 				   cur_mkvp, old_mkvp, 1);
1119 		if (rc)
1120 			goto out;
1121 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
1122 		struct eccprivkeytoken *t = (struct eccprivkeytoken *)key;
1123 		u64 cur_mkvp = 0, old_mkvp = 0;
1124 
1125 		if (t->secid == 0x20) {
1126 			if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1127 				cur_mkvp = t->mkvp;
1128 			if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1129 				old_mkvp = t->mkvp;
1130 		} else {
1131 			/* unknown cca internal 2 token type */
1132 			return -EINVAL;
1133 		}
1134 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1135 				   ZCRYPT_CEX7, APKA_MK_SET,
1136 				   cur_mkvp, old_mkvp, 1);
1137 		if (rc)
1138 			goto out;
1139 	} else {
1140 		return -EINVAL;
1141 	}
1142 
1143 	if (apqns) {
1144 		if (*nr_apqns < _nr_apqns)
1145 			rc = -ENOSPC;
1146 		else
1147 			memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
1148 	}
1149 	*nr_apqns = _nr_apqns;
1150 
1151 out:
1152 	kfree(_apqns);
1153 	return rc;
1154 }
1155 
1156 static int pkey_apqns4keytype(enum pkey_key_type ktype,
1157 			      u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags,
1158 			      struct pkey_apqn *apqns, size_t *nr_apqns)
1159 {
1160 	u32 _nr_apqns, *_apqns = NULL;
1161 	int rc;
1162 
1163 	zcrypt_wait_api_operational();
1164 
1165 	if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) {
1166 		u64 cur_mkvp = 0, old_mkvp = 0;
1167 		int minhwtype = ZCRYPT_CEX3C;
1168 
1169 		if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1170 			cur_mkvp = *((u64 *)cur_mkvp);
1171 		if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1172 			old_mkvp = *((u64 *)alt_mkvp);
1173 		if (ktype == PKEY_TYPE_CCA_CIPHER)
1174 			minhwtype = ZCRYPT_CEX6;
1175 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1176 				   minhwtype, AES_MK_SET,
1177 				   cur_mkvp, old_mkvp, 1);
1178 		if (rc)
1179 			goto out;
1180 	} else if (ktype == PKEY_TYPE_CCA_ECC) {
1181 		u64 cur_mkvp = 0, old_mkvp = 0;
1182 
1183 		if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1184 			cur_mkvp = *((u64 *)cur_mkvp);
1185 		if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
1186 			old_mkvp = *((u64 *)alt_mkvp);
1187 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1188 				   ZCRYPT_CEX7, APKA_MK_SET,
1189 				   cur_mkvp, old_mkvp, 1);
1190 		if (rc)
1191 			goto out;
1192 
1193 	} else if (ktype == PKEY_TYPE_EP11 ||
1194 		   ktype == PKEY_TYPE_EP11_AES ||
1195 		   ktype == PKEY_TYPE_EP11_ECC) {
1196 		u8 *wkvp = NULL;
1197 		int api;
1198 
1199 		if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
1200 			wkvp = cur_mkvp;
1201 		api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4;
1202 		rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
1203 				    ZCRYPT_CEX7, api, wkvp);
1204 		if (rc)
1205 			goto out;
1206 
1207 	} else {
1208 		return -EINVAL;
1209 	}
1210 
1211 	if (apqns) {
1212 		if (*nr_apqns < _nr_apqns)
1213 			rc = -ENOSPC;
1214 		else
1215 			memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
1216 	}
1217 	*nr_apqns = _nr_apqns;
1218 
1219 out:
1220 	kfree(_apqns);
1221 	return rc;
1222 }
1223 
1224 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns,
1225 			      const u8 *key, size_t keylen,
1226 			      u8 *protkey, u32 *protkeylen, u32 *protkeytype)
1227 {
1228 	struct keytoken_header *hdr = (struct keytoken_header *)key;
1229 	int i, card, dom, rc;
1230 
1231 	/* check for at least one apqn given */
1232 	if (!apqns || !nr_apqns)
1233 		return -EINVAL;
1234 
1235 	if (keylen < sizeof(struct keytoken_header))
1236 		return -EINVAL;
1237 
1238 	if (hdr->type == TOKTYPE_NON_CCA &&
1239 	    hdr->version == TOKVER_EP11_AES_WITH_HEADER &&
1240 	    is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1241 		/* EP11 AES key blob with header */
1242 		if (ep11_check_aes_key_with_hdr(pkey_dbf_info,
1243 						3, key, keylen, 1))
1244 			return -EINVAL;
1245 	} else if (hdr->type == TOKTYPE_NON_CCA &&
1246 		   hdr->version == TOKVER_EP11_ECC_WITH_HEADER &&
1247 		   is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1248 		/* EP11 ECC key blob with header */
1249 		if (ep11_check_ecc_key_with_hdr(pkey_dbf_info,
1250 						3, key, keylen, 1))
1251 			return -EINVAL;
1252 	} else if (hdr->type == TOKTYPE_NON_CCA &&
1253 		   hdr->version == TOKVER_EP11_AES &&
1254 		   is_ep11_keyblob(key)) {
1255 		/* EP11 AES key blob with header in session field */
1256 		if (ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1))
1257 			return -EINVAL;
1258 	} else	if (hdr->type == TOKTYPE_CCA_INTERNAL) {
1259 		if (hdr->version == TOKVER_CCA_AES) {
1260 			/* CCA AES data key */
1261 			if (keylen != sizeof(struct secaeskeytoken))
1262 				return -EINVAL;
1263 			if (cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0))
1264 				return -EINVAL;
1265 		} else if (hdr->version == TOKVER_CCA_VLSC) {
1266 			/* CCA AES cipher key */
1267 			if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
1268 				return -EINVAL;
1269 			if (cca_check_secaescipherkey(pkey_dbf_info,
1270 						      3, key, 0, 1))
1271 				return -EINVAL;
1272 		} else {
1273 			PKEY_DBF_ERR("%s unknown CCA internal token version %d\n",
1274 				     __func__, hdr->version);
1275 			return -EINVAL;
1276 		}
1277 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
1278 		/* CCA ECC (private) key */
1279 		if (keylen < sizeof(struct eccprivkeytoken))
1280 			return -EINVAL;
1281 		if (cca_check_sececckeytoken(pkey_dbf_info, 3, key, keylen, 1))
1282 			return -EINVAL;
1283 	} else if (hdr->type == TOKTYPE_NON_CCA) {
1284 		return pkey_nonccatok2pkey(key, keylen,
1285 					   protkey, protkeylen, protkeytype);
1286 	} else {
1287 		PKEY_DBF_ERR("%s unknown/unsupported blob type %d\n",
1288 			     __func__, hdr->type);
1289 		return -EINVAL;
1290 	}
1291 
1292 	/* simple try all apqns from the list */
1293 	for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) {
1294 		card = apqns[i].card;
1295 		dom = apqns[i].domain;
1296 		if (hdr->type == TOKTYPE_NON_CCA &&
1297 		    (hdr->version == TOKVER_EP11_AES_WITH_HEADER ||
1298 		     hdr->version == TOKVER_EP11_ECC_WITH_HEADER) &&
1299 		    is_ep11_keyblob(key + sizeof(struct ep11kblob_header)))
1300 			rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1301 						protkey, protkeylen,
1302 						protkeytype);
1303 		else if (hdr->type == TOKTYPE_NON_CCA &&
1304 			 hdr->version == TOKVER_EP11_AES &&
1305 			 is_ep11_keyblob(key))
1306 			rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1307 						protkey, protkeylen,
1308 						protkeytype);
1309 		else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1310 			 hdr->version == TOKVER_CCA_AES)
1311 			rc = cca_sec2protkey(card, dom, key, protkey,
1312 					     protkeylen, protkeytype);
1313 		else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1314 			 hdr->version == TOKVER_CCA_VLSC)
1315 			rc = cca_cipher2protkey(card, dom, key, protkey,
1316 						protkeylen, protkeytype);
1317 		else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA)
1318 			rc = cca_ecc2protkey(card, dom, key, protkey,
1319 					     protkeylen, protkeytype);
1320 		else
1321 			return -EINVAL;
1322 	}
1323 
1324 	return rc;
1325 }
1326 
1327 /*
1328  * File io functions
1329  */
1330 
1331 static void *_copy_key_from_user(void __user *ukey, size_t keylen)
1332 {
1333 	if (!ukey || keylen < MINKEYBLOBBUFSIZE || keylen > KEYBLOBBUFSIZE)
1334 		return ERR_PTR(-EINVAL);
1335 
1336 	return memdup_user(ukey, keylen);
1337 }
1338 
1339 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns)
1340 {
1341 	if (!uapqns || nr_apqns == 0)
1342 		return NULL;
1343 
1344 	return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn));
1345 }
1346 
1347 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
1348 				unsigned long arg)
1349 {
1350 	int rc;
1351 
1352 	switch (cmd) {
1353 	case PKEY_GENSECK: {
1354 		struct pkey_genseck __user *ugs = (void __user *)arg;
1355 		struct pkey_genseck kgs;
1356 
1357 		if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1358 			return -EFAULT;
1359 		rc = cca_genseckey(kgs.cardnr, kgs.domain,
1360 				   kgs.keytype, kgs.seckey.seckey);
1361 		pr_debug("%s cca_genseckey()=%d\n", __func__, rc);
1362 		if (!rc && copy_to_user(ugs, &kgs, sizeof(kgs)))
1363 			rc = -EFAULT;
1364 		memzero_explicit(&kgs, sizeof(kgs));
1365 		break;
1366 	}
1367 	case PKEY_CLR2SECK: {
1368 		struct pkey_clr2seck __user *ucs = (void __user *)arg;
1369 		struct pkey_clr2seck kcs;
1370 
1371 		if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1372 			return -EFAULT;
1373 		rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype,
1374 				    kcs.clrkey.clrkey, kcs.seckey.seckey);
1375 		pr_debug("%s cca_clr2seckey()=%d\n", __func__, rc);
1376 		if (!rc && copy_to_user(ucs, &kcs, sizeof(kcs)))
1377 			rc = -EFAULT;
1378 		memzero_explicit(&kcs, sizeof(kcs));
1379 		break;
1380 	}
1381 	case PKEY_SEC2PROTK: {
1382 		struct pkey_sec2protk __user *usp = (void __user *)arg;
1383 		struct pkey_sec2protk ksp;
1384 
1385 		if (copy_from_user(&ksp, usp, sizeof(ksp)))
1386 			return -EFAULT;
1387 		ksp.protkey.len = sizeof(ksp.protkey.protkey);
1388 		rc = cca_sec2protkey(ksp.cardnr, ksp.domain,
1389 				     ksp.seckey.seckey, ksp.protkey.protkey,
1390 				     &ksp.protkey.len, &ksp.protkey.type);
1391 		pr_debug("%s cca_sec2protkey()=%d\n", __func__, rc);
1392 		if (!rc && copy_to_user(usp, &ksp, sizeof(ksp)))
1393 			rc = -EFAULT;
1394 		memzero_explicit(&ksp, sizeof(ksp));
1395 		break;
1396 	}
1397 	case PKEY_CLR2PROTK: {
1398 		struct pkey_clr2protk __user *ucp = (void __user *)arg;
1399 		struct pkey_clr2protk kcp;
1400 
1401 		if (copy_from_user(&kcp, ucp, sizeof(kcp)))
1402 			return -EFAULT;
1403 		kcp.protkey.len = sizeof(kcp.protkey.protkey);
1404 		rc = pkey_clr2protkey(kcp.keytype, kcp.clrkey.clrkey,
1405 				      kcp.protkey.protkey,
1406 				      &kcp.protkey.len, &kcp.protkey.type);
1407 		pr_debug("%s pkey_clr2protkey()=%d\n", __func__, rc);
1408 		if (!rc && copy_to_user(ucp, &kcp, sizeof(kcp)))
1409 			rc = -EFAULT;
1410 		memzero_explicit(&kcp, sizeof(kcp));
1411 		break;
1412 	}
1413 	case PKEY_FINDCARD: {
1414 		struct pkey_findcard __user *ufc = (void __user *)arg;
1415 		struct pkey_findcard kfc;
1416 
1417 		if (copy_from_user(&kfc, ufc, sizeof(kfc)))
1418 			return -EFAULT;
1419 		rc = cca_findcard(kfc.seckey.seckey,
1420 				  &kfc.cardnr, &kfc.domain, 1);
1421 		pr_debug("%s cca_findcard()=%d\n", __func__, rc);
1422 		if (rc < 0)
1423 			break;
1424 		if (copy_to_user(ufc, &kfc, sizeof(kfc)))
1425 			return -EFAULT;
1426 		break;
1427 	}
1428 	case PKEY_SKEY2PKEY: {
1429 		struct pkey_skey2pkey __user *usp = (void __user *)arg;
1430 		struct pkey_skey2pkey ksp;
1431 
1432 		if (copy_from_user(&ksp, usp, sizeof(ksp)))
1433 			return -EFAULT;
1434 		ksp.protkey.len = sizeof(ksp.protkey.protkey);
1435 		rc = pkey_skey2pkey(ksp.seckey.seckey, ksp.protkey.protkey,
1436 				    &ksp.protkey.len, &ksp.protkey.type);
1437 		pr_debug("%s pkey_skey2pkey()=%d\n", __func__, rc);
1438 		if (!rc && copy_to_user(usp, &ksp, sizeof(ksp)))
1439 			rc = -EFAULT;
1440 		memzero_explicit(&ksp, sizeof(ksp));
1441 		break;
1442 	}
1443 	case PKEY_VERIFYKEY: {
1444 		struct pkey_verifykey __user *uvk = (void __user *)arg;
1445 		struct pkey_verifykey kvk;
1446 
1447 		if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1448 			return -EFAULT;
1449 		rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain,
1450 				    &kvk.keysize, &kvk.attributes);
1451 		pr_debug("%s pkey_verifykey()=%d\n", __func__, rc);
1452 		if (!rc && copy_to_user(uvk, &kvk, sizeof(kvk)))
1453 			rc = -EFAULT;
1454 		memzero_explicit(&kvk, sizeof(kvk));
1455 		break;
1456 	}
1457 	case PKEY_GENPROTK: {
1458 		struct pkey_genprotk __user *ugp = (void __user *)arg;
1459 		struct pkey_genprotk kgp;
1460 
1461 		if (copy_from_user(&kgp, ugp, sizeof(kgp)))
1462 			return -EFAULT;
1463 		kgp.protkey.len = sizeof(kgp.protkey.protkey);
1464 		rc = pkey_genprotkey(kgp.keytype, kgp.protkey.protkey,
1465 				     &kgp.protkey.len, &kgp.protkey.type);
1466 		pr_debug("%s pkey_genprotkey()=%d\n", __func__, rc);
1467 		if (!rc && copy_to_user(ugp, &kgp, sizeof(kgp)))
1468 			rc = -EFAULT;
1469 		memzero_explicit(&kgp, sizeof(kgp));
1470 		break;
1471 	}
1472 	case PKEY_VERIFYPROTK: {
1473 		struct pkey_verifyprotk __user *uvp = (void __user *)arg;
1474 		struct pkey_verifyprotk kvp;
1475 
1476 		if (copy_from_user(&kvp, uvp, sizeof(kvp)))
1477 			return -EFAULT;
1478 		rc = pkey_verifyprotkey(kvp.protkey.protkey,
1479 					kvp.protkey.len, kvp.protkey.type);
1480 		pr_debug("%s pkey_verifyprotkey()=%d\n", __func__, rc);
1481 		memzero_explicit(&kvp, sizeof(kvp));
1482 		break;
1483 	}
1484 	case PKEY_KBLOB2PROTK: {
1485 		struct pkey_kblob2pkey __user *utp = (void __user *)arg;
1486 		struct pkey_kblob2pkey ktp;
1487 		u8 *kkey;
1488 
1489 		if (copy_from_user(&ktp, utp, sizeof(ktp)))
1490 			return -EFAULT;
1491 		kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1492 		if (IS_ERR(kkey))
1493 			return PTR_ERR(kkey);
1494 		ktp.protkey.len = sizeof(ktp.protkey.protkey);
1495 		rc = pkey_keyblob2pkey(kkey, ktp.keylen, ktp.protkey.protkey,
1496 				       &ktp.protkey.len, &ktp.protkey.type);
1497 		pr_debug("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
1498 		kfree_sensitive(kkey);
1499 		if (!rc && copy_to_user(utp, &ktp, sizeof(ktp)))
1500 			rc = -EFAULT;
1501 		memzero_explicit(&ktp, sizeof(ktp));
1502 		break;
1503 	}
1504 	case PKEY_GENSECK2: {
1505 		struct pkey_genseck2 __user *ugs = (void __user *)arg;
1506 		size_t klen = KEYBLOBBUFSIZE;
1507 		struct pkey_genseck2 kgs;
1508 		struct pkey_apqn *apqns;
1509 		u8 *kkey;
1510 
1511 		if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1512 			return -EFAULT;
1513 		apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries);
1514 		if (IS_ERR(apqns))
1515 			return PTR_ERR(apqns);
1516 		kkey = kzalloc(klen, GFP_KERNEL);
1517 		if (!kkey) {
1518 			kfree(apqns);
1519 			return -ENOMEM;
1520 		}
1521 		rc = pkey_genseckey2(apqns, kgs.apqn_entries,
1522 				     kgs.type, kgs.size, kgs.keygenflags,
1523 				     kkey, &klen);
1524 		pr_debug("%s pkey_genseckey2()=%d\n", __func__, rc);
1525 		kfree(apqns);
1526 		if (rc) {
1527 			kfree_sensitive(kkey);
1528 			break;
1529 		}
1530 		if (kgs.key) {
1531 			if (kgs.keylen < klen) {
1532 				kfree_sensitive(kkey);
1533 				return -EINVAL;
1534 			}
1535 			if (copy_to_user(kgs.key, kkey, klen)) {
1536 				kfree_sensitive(kkey);
1537 				return -EFAULT;
1538 			}
1539 		}
1540 		kgs.keylen = klen;
1541 		if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1542 			rc = -EFAULT;
1543 		kfree_sensitive(kkey);
1544 		break;
1545 	}
1546 	case PKEY_CLR2SECK2: {
1547 		struct pkey_clr2seck2 __user *ucs = (void __user *)arg;
1548 		size_t klen = KEYBLOBBUFSIZE;
1549 		struct pkey_clr2seck2 kcs;
1550 		struct pkey_apqn *apqns;
1551 		u8 *kkey;
1552 
1553 		if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1554 			return -EFAULT;
1555 		apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries);
1556 		if (IS_ERR(apqns)) {
1557 			memzero_explicit(&kcs, sizeof(kcs));
1558 			return PTR_ERR(apqns);
1559 		}
1560 		kkey = kzalloc(klen, GFP_KERNEL);
1561 		if (!kkey) {
1562 			kfree(apqns);
1563 			memzero_explicit(&kcs, sizeof(kcs));
1564 			return -ENOMEM;
1565 		}
1566 		rc = pkey_clr2seckey2(apqns, kcs.apqn_entries,
1567 				      kcs.type, kcs.size, kcs.keygenflags,
1568 				      kcs.clrkey.clrkey, kkey, &klen);
1569 		pr_debug("%s pkey_clr2seckey2()=%d\n", __func__, rc);
1570 		kfree(apqns);
1571 		if (rc) {
1572 			kfree_sensitive(kkey);
1573 			memzero_explicit(&kcs, sizeof(kcs));
1574 			break;
1575 		}
1576 		if (kcs.key) {
1577 			if (kcs.keylen < klen) {
1578 				kfree_sensitive(kkey);
1579 				memzero_explicit(&kcs, sizeof(kcs));
1580 				return -EINVAL;
1581 			}
1582 			if (copy_to_user(kcs.key, kkey, klen)) {
1583 				kfree_sensitive(kkey);
1584 				memzero_explicit(&kcs, sizeof(kcs));
1585 				return -EFAULT;
1586 			}
1587 		}
1588 		kcs.keylen = klen;
1589 		if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1590 			rc = -EFAULT;
1591 		memzero_explicit(&kcs, sizeof(kcs));
1592 		kfree_sensitive(kkey);
1593 		break;
1594 	}
1595 	case PKEY_VERIFYKEY2: {
1596 		struct pkey_verifykey2 __user *uvk = (void __user *)arg;
1597 		struct pkey_verifykey2 kvk;
1598 		u8 *kkey;
1599 
1600 		if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1601 			return -EFAULT;
1602 		kkey = _copy_key_from_user(kvk.key, kvk.keylen);
1603 		if (IS_ERR(kkey))
1604 			return PTR_ERR(kkey);
1605 		rc = pkey_verifykey2(kkey, kvk.keylen,
1606 				     &kvk.cardnr, &kvk.domain,
1607 				     &kvk.type, &kvk.size, &kvk.flags);
1608 		pr_debug("%s pkey_verifykey2()=%d\n", __func__, rc);
1609 		kfree_sensitive(kkey);
1610 		if (rc)
1611 			break;
1612 		if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1613 			return -EFAULT;
1614 		break;
1615 	}
1616 	case PKEY_KBLOB2PROTK2: {
1617 		struct pkey_kblob2pkey2 __user *utp = (void __user *)arg;
1618 		struct pkey_apqn *apqns = NULL;
1619 		struct pkey_kblob2pkey2 ktp;
1620 		u8 *kkey;
1621 
1622 		if (copy_from_user(&ktp, utp, sizeof(ktp)))
1623 			return -EFAULT;
1624 		apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1625 		if (IS_ERR(apqns))
1626 			return PTR_ERR(apqns);
1627 		kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1628 		if (IS_ERR(kkey)) {
1629 			kfree(apqns);
1630 			return PTR_ERR(kkey);
1631 		}
1632 		ktp.protkey.len = sizeof(ktp.protkey.protkey);
1633 		rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries,
1634 					kkey, ktp.keylen,
1635 					ktp.protkey.protkey, &ktp.protkey.len,
1636 					&ktp.protkey.type);
1637 		pr_debug("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
1638 		kfree(apqns);
1639 		kfree_sensitive(kkey);
1640 		if (!rc && copy_to_user(utp, &ktp, sizeof(ktp)))
1641 			rc = -EFAULT;
1642 		memzero_explicit(&ktp, sizeof(ktp));
1643 		break;
1644 	}
1645 	case PKEY_APQNS4K: {
1646 		struct pkey_apqns4key __user *uak = (void __user *)arg;
1647 		struct pkey_apqn *apqns = NULL;
1648 		struct pkey_apqns4key kak;
1649 		size_t nr_apqns, len;
1650 		u8 *kkey;
1651 
1652 		if (copy_from_user(&kak, uak, sizeof(kak)))
1653 			return -EFAULT;
1654 		nr_apqns = kak.apqn_entries;
1655 		if (nr_apqns) {
1656 			apqns = kmalloc_array(nr_apqns,
1657 					      sizeof(struct pkey_apqn),
1658 					      GFP_KERNEL);
1659 			if (!apqns)
1660 				return -ENOMEM;
1661 		}
1662 		kkey = _copy_key_from_user(kak.key, kak.keylen);
1663 		if (IS_ERR(kkey)) {
1664 			kfree(apqns);
1665 			return PTR_ERR(kkey);
1666 		}
1667 		rc = pkey_apqns4key(kkey, kak.keylen, kak.flags,
1668 				    apqns, &nr_apqns);
1669 		pr_debug("%s pkey_apqns4key()=%d\n", __func__, rc);
1670 		kfree_sensitive(kkey);
1671 		if (rc && rc != -ENOSPC) {
1672 			kfree(apqns);
1673 			break;
1674 		}
1675 		if (!rc && kak.apqns) {
1676 			if (nr_apqns > kak.apqn_entries) {
1677 				kfree(apqns);
1678 				return -EINVAL;
1679 			}
1680 			len = nr_apqns * sizeof(struct pkey_apqn);
1681 			if (len) {
1682 				if (copy_to_user(kak.apqns, apqns, len)) {
1683 					kfree(apqns);
1684 					return -EFAULT;
1685 				}
1686 			}
1687 		}
1688 		kak.apqn_entries = nr_apqns;
1689 		if (copy_to_user(uak, &kak, sizeof(kak)))
1690 			rc = -EFAULT;
1691 		kfree(apqns);
1692 		break;
1693 	}
1694 	case PKEY_APQNS4KT: {
1695 		struct pkey_apqns4keytype __user *uat = (void __user *)arg;
1696 		struct pkey_apqn *apqns = NULL;
1697 		struct pkey_apqns4keytype kat;
1698 		size_t nr_apqns, len;
1699 
1700 		if (copy_from_user(&kat, uat, sizeof(kat)))
1701 			return -EFAULT;
1702 		nr_apqns = kat.apqn_entries;
1703 		if (nr_apqns) {
1704 			apqns = kmalloc_array(nr_apqns,
1705 					      sizeof(struct pkey_apqn),
1706 					      GFP_KERNEL);
1707 			if (!apqns)
1708 				return -ENOMEM;
1709 		}
1710 		rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp,
1711 					kat.flags, apqns, &nr_apqns);
1712 		pr_debug("%s pkey_apqns4keytype()=%d\n", __func__, rc);
1713 		if (rc && rc != -ENOSPC) {
1714 			kfree(apqns);
1715 			break;
1716 		}
1717 		if (!rc && kat.apqns) {
1718 			if (nr_apqns > kat.apqn_entries) {
1719 				kfree(apqns);
1720 				return -EINVAL;
1721 			}
1722 			len = nr_apqns * sizeof(struct pkey_apqn);
1723 			if (len) {
1724 				if (copy_to_user(kat.apqns, apqns, len)) {
1725 					kfree(apqns);
1726 					return -EFAULT;
1727 				}
1728 			}
1729 		}
1730 		kat.apqn_entries = nr_apqns;
1731 		if (copy_to_user(uat, &kat, sizeof(kat)))
1732 			rc = -EFAULT;
1733 		kfree(apqns);
1734 		break;
1735 	}
1736 	case PKEY_KBLOB2PROTK3: {
1737 		struct pkey_kblob2pkey3 __user *utp = (void __user *)arg;
1738 		u32 protkeylen = PROTKEYBLOBBUFSIZE;
1739 		struct pkey_apqn *apqns = NULL;
1740 		struct pkey_kblob2pkey3 ktp;
1741 		u8 *kkey, *protkey;
1742 
1743 		if (copy_from_user(&ktp, utp, sizeof(ktp)))
1744 			return -EFAULT;
1745 		apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1746 		if (IS_ERR(apqns))
1747 			return PTR_ERR(apqns);
1748 		kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1749 		if (IS_ERR(kkey)) {
1750 			kfree(apqns);
1751 			return PTR_ERR(kkey);
1752 		}
1753 		protkey = kmalloc(protkeylen, GFP_KERNEL);
1754 		if (!protkey) {
1755 			kfree(apqns);
1756 			kfree_sensitive(kkey);
1757 			return -ENOMEM;
1758 		}
1759 		rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries,
1760 					kkey, ktp.keylen,
1761 					protkey, &protkeylen, &ktp.pkeytype);
1762 		pr_debug("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
1763 		kfree(apqns);
1764 		kfree_sensitive(kkey);
1765 		if (rc) {
1766 			kfree_sensitive(protkey);
1767 			break;
1768 		}
1769 		if (ktp.pkey && ktp.pkeylen) {
1770 			if (protkeylen > ktp.pkeylen) {
1771 				kfree_sensitive(protkey);
1772 				return -EINVAL;
1773 			}
1774 			if (copy_to_user(ktp.pkey, protkey, protkeylen)) {
1775 				kfree_sensitive(protkey);
1776 				return -EFAULT;
1777 			}
1778 		}
1779 		kfree_sensitive(protkey);
1780 		ktp.pkeylen = protkeylen;
1781 		if (copy_to_user(utp, &ktp, sizeof(ktp)))
1782 			return -EFAULT;
1783 		break;
1784 	}
1785 	default:
1786 		/* unknown/unsupported ioctl cmd */
1787 		return -ENOTTY;
1788 	}
1789 
1790 	return rc;
1791 }
1792 
1793 /*
1794  * Sysfs and file io operations
1795  */
1796 
1797 /*
1798  * Sysfs attribute read function for all protected key binary attributes.
1799  * The implementation can not deal with partial reads, because a new random
1800  * protected key blob is generated with each read. In case of partial reads
1801  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1802  */
1803 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1804 					  loff_t off, size_t count)
1805 {
1806 	struct protaeskeytoken protkeytoken;
1807 	struct pkey_protkey protkey;
1808 	int rc;
1809 
1810 	if (off != 0 || count < sizeof(protkeytoken))
1811 		return -EINVAL;
1812 	if (is_xts)
1813 		if (count < 2 * sizeof(protkeytoken))
1814 			return -EINVAL;
1815 
1816 	memset(&protkeytoken, 0, sizeof(protkeytoken));
1817 	protkeytoken.type = TOKTYPE_NON_CCA;
1818 	protkeytoken.version = TOKVER_PROTECTED_KEY;
1819 	protkeytoken.keytype = keytype;
1820 
1821 	protkey.len = sizeof(protkey.protkey);
1822 	rc = pkey_genprotkey(protkeytoken.keytype,
1823 			     protkey.protkey, &protkey.len, &protkey.type);
1824 	if (rc)
1825 		return rc;
1826 
1827 	protkeytoken.len = protkey.len;
1828 	memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1829 
1830 	memcpy(buf, &protkeytoken, sizeof(protkeytoken));
1831 
1832 	if (is_xts) {
1833 		/* xts needs a second protected key, reuse protkey struct */
1834 		protkey.len = sizeof(protkey.protkey);
1835 		rc = pkey_genprotkey(protkeytoken.keytype,
1836 				     protkey.protkey, &protkey.len, &protkey.type);
1837 		if (rc)
1838 			return rc;
1839 
1840 		protkeytoken.len = protkey.len;
1841 		memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1842 
1843 		memcpy(buf + sizeof(protkeytoken), &protkeytoken,
1844 		       sizeof(protkeytoken));
1845 
1846 		return 2 * sizeof(protkeytoken);
1847 	}
1848 
1849 	return sizeof(protkeytoken);
1850 }
1851 
1852 static ssize_t protkey_aes_128_read(struct file *filp,
1853 				    struct kobject *kobj,
1854 				    struct bin_attribute *attr,
1855 				    char *buf, loff_t off,
1856 				    size_t count)
1857 {
1858 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1859 					  off, count);
1860 }
1861 
1862 static ssize_t protkey_aes_192_read(struct file *filp,
1863 				    struct kobject *kobj,
1864 				    struct bin_attribute *attr,
1865 				    char *buf, loff_t off,
1866 				    size_t count)
1867 {
1868 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1869 					  off, count);
1870 }
1871 
1872 static ssize_t protkey_aes_256_read(struct file *filp,
1873 				    struct kobject *kobj,
1874 				    struct bin_attribute *attr,
1875 				    char *buf, loff_t off,
1876 				    size_t count)
1877 {
1878 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1879 					  off, count);
1880 }
1881 
1882 static ssize_t protkey_aes_128_xts_read(struct file *filp,
1883 					struct kobject *kobj,
1884 					struct bin_attribute *attr,
1885 					char *buf, loff_t off,
1886 					size_t count)
1887 {
1888 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1889 					  off, count);
1890 }
1891 
1892 static ssize_t protkey_aes_256_xts_read(struct file *filp,
1893 					struct kobject *kobj,
1894 					struct bin_attribute *attr,
1895 					char *buf, loff_t off,
1896 					size_t count)
1897 {
1898 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1899 					  off, count);
1900 }
1901 
1902 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken));
1903 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken));
1904 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken));
1905 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken));
1906 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken));
1907 
1908 static struct bin_attribute *protkey_attrs[] = {
1909 	&bin_attr_protkey_aes_128,
1910 	&bin_attr_protkey_aes_192,
1911 	&bin_attr_protkey_aes_256,
1912 	&bin_attr_protkey_aes_128_xts,
1913 	&bin_attr_protkey_aes_256_xts,
1914 	NULL
1915 };
1916 
1917 static struct attribute_group protkey_attr_group = {
1918 	.name	   = "protkey",
1919 	.bin_attrs = protkey_attrs,
1920 };
1921 
1922 /*
1923  * Sysfs attribute read function for all secure key ccadata binary attributes.
1924  * The implementation can not deal with partial reads, because a new random
1925  * protected key blob is generated with each read. In case of partial reads
1926  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1927  */
1928 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1929 					  loff_t off, size_t count)
1930 {
1931 	struct pkey_seckey *seckey = (struct pkey_seckey *)buf;
1932 	int rc;
1933 
1934 	if (off != 0 || count < sizeof(struct secaeskeytoken))
1935 		return -EINVAL;
1936 	if (is_xts)
1937 		if (count < 2 * sizeof(struct secaeskeytoken))
1938 			return -EINVAL;
1939 
1940 	rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1941 	if (rc)
1942 		return rc;
1943 
1944 	if (is_xts) {
1945 		seckey++;
1946 		rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1947 		if (rc)
1948 			return rc;
1949 
1950 		return 2 * sizeof(struct secaeskeytoken);
1951 	}
1952 
1953 	return sizeof(struct secaeskeytoken);
1954 }
1955 
1956 static ssize_t ccadata_aes_128_read(struct file *filp,
1957 				    struct kobject *kobj,
1958 				    struct bin_attribute *attr,
1959 				    char *buf, loff_t off,
1960 				    size_t count)
1961 {
1962 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1963 					  off, count);
1964 }
1965 
1966 static ssize_t ccadata_aes_192_read(struct file *filp,
1967 				    struct kobject *kobj,
1968 				    struct bin_attribute *attr,
1969 				    char *buf, loff_t off,
1970 				    size_t count)
1971 {
1972 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1973 					  off, count);
1974 }
1975 
1976 static ssize_t ccadata_aes_256_read(struct file *filp,
1977 				    struct kobject *kobj,
1978 				    struct bin_attribute *attr,
1979 				    char *buf, loff_t off,
1980 				    size_t count)
1981 {
1982 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1983 					  off, count);
1984 }
1985 
1986 static ssize_t ccadata_aes_128_xts_read(struct file *filp,
1987 					struct kobject *kobj,
1988 					struct bin_attribute *attr,
1989 					char *buf, loff_t off,
1990 					size_t count)
1991 {
1992 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1993 					  off, count);
1994 }
1995 
1996 static ssize_t ccadata_aes_256_xts_read(struct file *filp,
1997 					struct kobject *kobj,
1998 					struct bin_attribute *attr,
1999 					char *buf, loff_t off,
2000 					size_t count)
2001 {
2002 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
2003 					  off, count);
2004 }
2005 
2006 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken));
2007 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken));
2008 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken));
2009 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken));
2010 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken));
2011 
2012 static struct bin_attribute *ccadata_attrs[] = {
2013 	&bin_attr_ccadata_aes_128,
2014 	&bin_attr_ccadata_aes_192,
2015 	&bin_attr_ccadata_aes_256,
2016 	&bin_attr_ccadata_aes_128_xts,
2017 	&bin_attr_ccadata_aes_256_xts,
2018 	NULL
2019 };
2020 
2021 static struct attribute_group ccadata_attr_group = {
2022 	.name	   = "ccadata",
2023 	.bin_attrs = ccadata_attrs,
2024 };
2025 
2026 #define CCACIPHERTOKENSIZE	(sizeof(struct cipherkeytoken) + 80)
2027 
2028 /*
2029  * Sysfs attribute read function for all secure key ccacipher binary attributes.
2030  * The implementation can not deal with partial reads, because a new random
2031  * secure key blob is generated with each read. In case of partial reads
2032  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
2033  */
2034 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits,
2035 					    bool is_xts, char *buf, loff_t off,
2036 					    size_t count)
2037 {
2038 	size_t keysize = CCACIPHERTOKENSIZE;
2039 	u32 nr_apqns, *apqns = NULL;
2040 	int i, rc, card, dom;
2041 
2042 	if (off != 0 || count < CCACIPHERTOKENSIZE)
2043 		return -EINVAL;
2044 	if (is_xts)
2045 		if (count < 2 * CCACIPHERTOKENSIZE)
2046 			return -EINVAL;
2047 
2048 	/* build a list of apqns able to generate an cipher key */
2049 	rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
2050 			   ZCRYPT_CEX6, 0, 0, 0, 0);
2051 	if (rc)
2052 		return rc;
2053 
2054 	memset(buf, 0, is_xts ? 2 * keysize : keysize);
2055 
2056 	/* simple try all apqns from the list */
2057 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
2058 		card = apqns[i] >> 16;
2059 		dom = apqns[i] & 0xFFFF;
2060 		rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
2061 		if (rc == 0)
2062 			break;
2063 	}
2064 	if (rc)
2065 		return rc;
2066 
2067 	if (is_xts) {
2068 		keysize = CCACIPHERTOKENSIZE;
2069 		buf += CCACIPHERTOKENSIZE;
2070 		rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
2071 		if (rc == 0)
2072 			return 2 * CCACIPHERTOKENSIZE;
2073 	}
2074 
2075 	return CCACIPHERTOKENSIZE;
2076 }
2077 
2078 static ssize_t ccacipher_aes_128_read(struct file *filp,
2079 				      struct kobject *kobj,
2080 				      struct bin_attribute *attr,
2081 				      char *buf, loff_t off,
2082 				      size_t count)
2083 {
2084 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
2085 					    off, count);
2086 }
2087 
2088 static ssize_t ccacipher_aes_192_read(struct file *filp,
2089 				      struct kobject *kobj,
2090 				      struct bin_attribute *attr,
2091 				      char *buf, loff_t off,
2092 				      size_t count)
2093 {
2094 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
2095 					    off, count);
2096 }
2097 
2098 static ssize_t ccacipher_aes_256_read(struct file *filp,
2099 				      struct kobject *kobj,
2100 				      struct bin_attribute *attr,
2101 				      char *buf, loff_t off,
2102 				      size_t count)
2103 {
2104 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
2105 					    off, count);
2106 }
2107 
2108 static ssize_t ccacipher_aes_128_xts_read(struct file *filp,
2109 					  struct kobject *kobj,
2110 					  struct bin_attribute *attr,
2111 					  char *buf, loff_t off,
2112 					  size_t count)
2113 {
2114 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
2115 					    off, count);
2116 }
2117 
2118 static ssize_t ccacipher_aes_256_xts_read(struct file *filp,
2119 					  struct kobject *kobj,
2120 					  struct bin_attribute *attr,
2121 					  char *buf, loff_t off,
2122 					  size_t count)
2123 {
2124 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
2125 					    off, count);
2126 }
2127 
2128 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE);
2129 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE);
2130 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE);
2131 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE);
2132 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE);
2133 
2134 static struct bin_attribute *ccacipher_attrs[] = {
2135 	&bin_attr_ccacipher_aes_128,
2136 	&bin_attr_ccacipher_aes_192,
2137 	&bin_attr_ccacipher_aes_256,
2138 	&bin_attr_ccacipher_aes_128_xts,
2139 	&bin_attr_ccacipher_aes_256_xts,
2140 	NULL
2141 };
2142 
2143 static struct attribute_group ccacipher_attr_group = {
2144 	.name	   = "ccacipher",
2145 	.bin_attrs = ccacipher_attrs,
2146 };
2147 
2148 /*
2149  * Sysfs attribute read function for all ep11 aes key binary attributes.
2150  * The implementation can not deal with partial reads, because a new random
2151  * secure key blob is generated with each read. In case of partial reads
2152  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
2153  * This function and the sysfs attributes using it provide EP11 key blobs
2154  * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently
2155  * 336 bytes.
2156  */
2157 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits,
2158 				       bool is_xts, char *buf, loff_t off,
2159 				       size_t count)
2160 {
2161 	size_t keysize = MAXEP11AESKEYBLOBSIZE;
2162 	u32 nr_apqns, *apqns = NULL;
2163 	int i, rc, card, dom;
2164 
2165 	if (off != 0 || count < MAXEP11AESKEYBLOBSIZE)
2166 		return -EINVAL;
2167 	if (is_xts)
2168 		if (count < 2 * MAXEP11AESKEYBLOBSIZE)
2169 			return -EINVAL;
2170 
2171 	/* build a list of apqns able to generate an cipher key */
2172 	rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
2173 			    ZCRYPT_CEX7,
2174 			    ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4,
2175 			    NULL);
2176 	if (rc)
2177 		return rc;
2178 
2179 	memset(buf, 0, is_xts ? 2 * keysize : keysize);
2180 
2181 	/* simple try all apqns from the list */
2182 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
2183 		card = apqns[i] >> 16;
2184 		dom = apqns[i] & 0xFFFF;
2185 		rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize,
2186 				    PKEY_TYPE_EP11_AES);
2187 		if (rc == 0)
2188 			break;
2189 	}
2190 	if (rc)
2191 		return rc;
2192 
2193 	if (is_xts) {
2194 		keysize = MAXEP11AESKEYBLOBSIZE;
2195 		buf += MAXEP11AESKEYBLOBSIZE;
2196 		rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize,
2197 				    PKEY_TYPE_EP11_AES);
2198 		if (rc == 0)
2199 			return 2 * MAXEP11AESKEYBLOBSIZE;
2200 	}
2201 
2202 	return MAXEP11AESKEYBLOBSIZE;
2203 }
2204 
2205 static ssize_t ep11_aes_128_read(struct file *filp,
2206 				 struct kobject *kobj,
2207 				 struct bin_attribute *attr,
2208 				 char *buf, loff_t off,
2209 				 size_t count)
2210 {
2211 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
2212 				       off, count);
2213 }
2214 
2215 static ssize_t ep11_aes_192_read(struct file *filp,
2216 				 struct kobject *kobj,
2217 				 struct bin_attribute *attr,
2218 				 char *buf, loff_t off,
2219 				 size_t count)
2220 {
2221 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
2222 				       off, count);
2223 }
2224 
2225 static ssize_t ep11_aes_256_read(struct file *filp,
2226 				 struct kobject *kobj,
2227 				 struct bin_attribute *attr,
2228 				 char *buf, loff_t off,
2229 				 size_t count)
2230 {
2231 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
2232 				       off, count);
2233 }
2234 
2235 static ssize_t ep11_aes_128_xts_read(struct file *filp,
2236 				     struct kobject *kobj,
2237 				     struct bin_attribute *attr,
2238 				     char *buf, loff_t off,
2239 				     size_t count)
2240 {
2241 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
2242 				       off, count);
2243 }
2244 
2245 static ssize_t ep11_aes_256_xts_read(struct file *filp,
2246 				     struct kobject *kobj,
2247 				     struct bin_attribute *attr,
2248 				     char *buf, loff_t off,
2249 				     size_t count)
2250 {
2251 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
2252 				       off, count);
2253 }
2254 
2255 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE);
2256 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE);
2257 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE);
2258 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2259 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2260 
2261 static struct bin_attribute *ep11_attrs[] = {
2262 	&bin_attr_ep11_aes_128,
2263 	&bin_attr_ep11_aes_192,
2264 	&bin_attr_ep11_aes_256,
2265 	&bin_attr_ep11_aes_128_xts,
2266 	&bin_attr_ep11_aes_256_xts,
2267 	NULL
2268 };
2269 
2270 static struct attribute_group ep11_attr_group = {
2271 	.name	   = "ep11",
2272 	.bin_attrs = ep11_attrs,
2273 };
2274 
2275 static const struct attribute_group *pkey_attr_groups[] = {
2276 	&protkey_attr_group,
2277 	&ccadata_attr_group,
2278 	&ccacipher_attr_group,
2279 	&ep11_attr_group,
2280 	NULL,
2281 };
2282 
2283 static const struct file_operations pkey_fops = {
2284 	.owner		= THIS_MODULE,
2285 	.open		= nonseekable_open,
2286 	.llseek		= no_llseek,
2287 	.unlocked_ioctl = pkey_unlocked_ioctl,
2288 };
2289 
2290 static struct miscdevice pkey_dev = {
2291 	.name	= "pkey",
2292 	.minor	= MISC_DYNAMIC_MINOR,
2293 	.mode	= 0666,
2294 	.fops	= &pkey_fops,
2295 	.groups = pkey_attr_groups,
2296 };
2297 
2298 /*
2299  * Module init
2300  */
2301 static int __init pkey_init(void)
2302 {
2303 	cpacf_mask_t func_mask;
2304 
2305 	/*
2306 	 * The pckmo instruction should be available - even if we don't
2307 	 * actually invoke it. This instruction comes with MSA 3 which
2308 	 * is also the minimum level for the kmc instructions which
2309 	 * are able to work with protected keys.
2310 	 */
2311 	if (!cpacf_query(CPACF_PCKMO, &func_mask))
2312 		return -ENODEV;
2313 
2314 	/* check for kmc instructions available */
2315 	if (!cpacf_query(CPACF_KMC, &func_mask))
2316 		return -ENODEV;
2317 	if (!cpacf_test_func(&func_mask, CPACF_KMC_PAES_128) ||
2318 	    !cpacf_test_func(&func_mask, CPACF_KMC_PAES_192) ||
2319 	    !cpacf_test_func(&func_mask, CPACF_KMC_PAES_256))
2320 		return -ENODEV;
2321 
2322 	pkey_debug_init();
2323 
2324 	return misc_register(&pkey_dev);
2325 }
2326 
2327 /*
2328  * Module exit
2329  */
2330 static void __exit pkey_exit(void)
2331 {
2332 	misc_deregister(&pkey_dev);
2333 	pkey_debug_exit();
2334 }
2335 
2336 module_cpu_feature_match(S390_CPU_FEATURE_MSA, pkey_init);
2337 module_exit(pkey_exit);
2338