1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * pkey module sysfs related functions 4 * 5 * Copyright IBM Corp. 2024 6 */ 7 8 #define KMSG_COMPONENT "pkey" 9 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 10 11 #include <linux/sysfs.h> 12 13 #include "zcrypt_ccamisc.h" 14 #include "zcrypt_ep11misc.h" 15 16 #include "pkey_base.h" 17 18 /* 19 * Wrapper around pkey_handler_gen_key() which deals with the 20 * ENODEV return code and then tries to enforce a pkey handler 21 * module load. 22 */ 23 static int sys_pkey_handler_gen_key(u32 keytype, u32 keysubtype, 24 u32 keybitsize, u32 flags, 25 u8 *keybuf, u32 *keybuflen, u32 *keyinfo) 26 { 27 int rc; 28 29 rc = pkey_handler_gen_key(NULL, 0, 30 keytype, keysubtype, 31 keybitsize, flags, 32 keybuf, keybuflen, keyinfo); 33 if (rc == -ENODEV) { 34 pkey_handler_request_modules(); 35 rc = pkey_handler_gen_key(NULL, 0, 36 keytype, keysubtype, 37 keybitsize, flags, 38 keybuf, keybuflen, keyinfo); 39 } 40 41 return rc; 42 } 43 44 /* 45 * Sysfs attribute read function for all protected key binary attributes. 46 * The implementation can not deal with partial reads, because a new random 47 * protected key blob is generated with each read. In case of partial reads 48 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 49 */ 50 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf, 51 loff_t off, size_t count) 52 { 53 struct protaeskeytoken protkeytoken; 54 struct pkey_protkey protkey; 55 int rc; 56 57 if (off != 0 || count < sizeof(protkeytoken)) 58 return -EINVAL; 59 if (is_xts) 60 if (count < 2 * sizeof(protkeytoken)) 61 return -EINVAL; 62 63 memset(&protkeytoken, 0, sizeof(protkeytoken)); 64 protkeytoken.type = TOKTYPE_NON_CCA; 65 protkeytoken.version = TOKVER_PROTECTED_KEY; 66 protkeytoken.keytype = keytype; 67 68 protkey.len = sizeof(protkey.protkey); 69 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_PROTKEY, 0, 0, 70 protkey.protkey, &protkey.len, 71 &protkey.type); 72 if (rc) 73 return rc; 74 75 protkeytoken.len = protkey.len; 76 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 77 78 memcpy(buf, &protkeytoken, sizeof(protkeytoken)); 79 80 if (is_xts) { 81 /* xts needs a second protected key, reuse protkey struct */ 82 protkey.len = sizeof(protkey.protkey); 83 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_PROTKEY, 0, 0, 84 protkey.protkey, &protkey.len, 85 &protkey.type); 86 if (rc) 87 return rc; 88 89 protkeytoken.len = protkey.len; 90 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 91 92 memcpy(buf + sizeof(protkeytoken), &protkeytoken, 93 sizeof(protkeytoken)); 94 95 return 2 * sizeof(protkeytoken); 96 } 97 98 return sizeof(protkeytoken); 99 } 100 101 /* 102 * Sysfs attribute read function for the AES XTS prot key binary attributes. 103 * The implementation can not deal with partial reads, because a new random 104 * protected key blob is generated with each read. In case of partial reads 105 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 106 */ 107 static ssize_t pkey_protkey_aes_xts_attr_read(u32 keytype, char *buf, 108 loff_t off, size_t count) 109 { 110 struct protkeytoken *t = (struct protkeytoken *)buf; 111 u32 protlen, prottype; 112 int rc; 113 114 switch (keytype) { 115 case PKEY_KEYTYPE_AES_XTS_128: 116 protlen = 64; 117 break; 118 case PKEY_KEYTYPE_AES_XTS_256: 119 protlen = 96; 120 break; 121 default: 122 return -EINVAL; 123 } 124 125 if (off != 0 || count < sizeof(*t) + protlen) 126 return -EINVAL; 127 128 memset(t, 0, sizeof(*t) + protlen); 129 t->type = TOKTYPE_NON_CCA; 130 t->version = TOKVER_PROTECTED_KEY; 131 t->keytype = keytype; 132 133 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_PROTKEY, 0, 0, 134 t->protkey, &protlen, &prottype); 135 if (rc) 136 return rc; 137 138 t->len = protlen; 139 140 return sizeof(*t) + protlen; 141 } 142 143 /* 144 * Sysfs attribute read function for the HMAC prot key binary attributes. 145 * The implementation can not deal with partial reads, because a new random 146 * protected key blob is generated with each read. In case of partial reads 147 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 148 */ 149 static ssize_t pkey_protkey_hmac_attr_read(u32 keytype, char *buf, 150 loff_t off, size_t count) 151 { 152 struct protkeytoken *t = (struct protkeytoken *)buf; 153 u32 protlen, prottype; 154 int rc; 155 156 switch (keytype) { 157 case PKEY_KEYTYPE_HMAC_512: 158 protlen = 96; 159 break; 160 case PKEY_KEYTYPE_HMAC_1024: 161 protlen = 160; 162 break; 163 default: 164 return -EINVAL; 165 } 166 167 if (off != 0 || count < sizeof(*t) + protlen) 168 return -EINVAL; 169 170 memset(t, 0, sizeof(*t) + protlen); 171 t->type = TOKTYPE_NON_CCA; 172 t->version = TOKVER_PROTECTED_KEY; 173 t->keytype = keytype; 174 175 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_PROTKEY, 0, 0, 176 t->protkey, &protlen, &prottype); 177 if (rc) 178 return rc; 179 180 t->len = protlen; 181 182 return sizeof(*t) + protlen; 183 } 184 185 static ssize_t protkey_aes_128_read(struct file *filp, 186 struct kobject *kobj, 187 struct bin_attribute *attr, 188 char *buf, loff_t off, 189 size_t count) 190 { 191 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 192 off, count); 193 } 194 195 static ssize_t protkey_aes_192_read(struct file *filp, 196 struct kobject *kobj, 197 struct bin_attribute *attr, 198 char *buf, loff_t off, 199 size_t count) 200 { 201 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 202 off, count); 203 } 204 205 static ssize_t protkey_aes_256_read(struct file *filp, 206 struct kobject *kobj, 207 struct bin_attribute *attr, 208 char *buf, loff_t off, 209 size_t count) 210 { 211 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 212 off, count); 213 } 214 215 static ssize_t protkey_aes_128_xts_read(struct file *filp, 216 struct kobject *kobj, 217 struct bin_attribute *attr, 218 char *buf, loff_t off, 219 size_t count) 220 { 221 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 222 off, count); 223 } 224 225 static ssize_t protkey_aes_256_xts_read(struct file *filp, 226 struct kobject *kobj, 227 struct bin_attribute *attr, 228 char *buf, loff_t off, 229 size_t count) 230 { 231 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 232 off, count); 233 } 234 235 static ssize_t protkey_aes_xts_128_read(struct file *filp, 236 struct kobject *kobj, 237 struct bin_attribute *attr, 238 char *buf, loff_t off, 239 size_t count) 240 { 241 return pkey_protkey_aes_xts_attr_read(PKEY_KEYTYPE_AES_XTS_128, 242 buf, off, count); 243 } 244 245 static ssize_t protkey_aes_xts_256_read(struct file *filp, 246 struct kobject *kobj, 247 struct bin_attribute *attr, 248 char *buf, loff_t off, 249 size_t count) 250 { 251 return pkey_protkey_aes_xts_attr_read(PKEY_KEYTYPE_AES_XTS_256, 252 buf, off, count); 253 } 254 255 static ssize_t protkey_hmac_512_read(struct file *filp, 256 struct kobject *kobj, 257 struct bin_attribute *attr, 258 char *buf, loff_t off, 259 size_t count) 260 { 261 return pkey_protkey_hmac_attr_read(PKEY_KEYTYPE_HMAC_512, 262 buf, off, count); 263 } 264 265 static ssize_t protkey_hmac_1024_read(struct file *filp, 266 struct kobject *kobj, 267 struct bin_attribute *attr, 268 char *buf, loff_t off, 269 size_t count) 270 { 271 return pkey_protkey_hmac_attr_read(PKEY_KEYTYPE_HMAC_1024, 272 buf, off, count); 273 } 274 275 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken)); 276 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken)); 277 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken)); 278 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken)); 279 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken)); 280 static BIN_ATTR_RO(protkey_aes_xts_128, sizeof(struct protkeytoken) + 64); 281 static BIN_ATTR_RO(protkey_aes_xts_256, sizeof(struct protkeytoken) + 96); 282 static BIN_ATTR_RO(protkey_hmac_512, sizeof(struct protkeytoken) + 96); 283 static BIN_ATTR_RO(protkey_hmac_1024, sizeof(struct protkeytoken) + 160); 284 285 static struct bin_attribute *protkey_attrs[] = { 286 &bin_attr_protkey_aes_128, 287 &bin_attr_protkey_aes_192, 288 &bin_attr_protkey_aes_256, 289 &bin_attr_protkey_aes_128_xts, 290 &bin_attr_protkey_aes_256_xts, 291 &bin_attr_protkey_aes_xts_128, 292 &bin_attr_protkey_aes_xts_256, 293 &bin_attr_protkey_hmac_512, 294 &bin_attr_protkey_hmac_1024, 295 NULL 296 }; 297 298 static struct attribute_group protkey_attr_group = { 299 .name = "protkey", 300 .bin_attrs = protkey_attrs, 301 }; 302 303 /* 304 * Sysfs attribute read function for all secure key ccadata binary attributes. 305 * The implementation can not deal with partial reads, because a new random 306 * protected key blob is generated with each read. In case of partial reads 307 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 308 */ 309 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf, 310 loff_t off, size_t count) 311 { 312 struct pkey_seckey *seckey = (struct pkey_seckey *)buf; 313 u32 buflen; 314 int rc; 315 316 if (off != 0 || count < sizeof(struct secaeskeytoken)) 317 return -EINVAL; 318 if (is_xts) 319 if (count < 2 * sizeof(struct secaeskeytoken)) 320 return -EINVAL; 321 322 buflen = sizeof(seckey->seckey); 323 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_CCA_DATA, 0, 0, 324 seckey->seckey, &buflen, NULL); 325 if (rc) 326 return rc; 327 328 if (is_xts) { 329 seckey++; 330 buflen = sizeof(seckey->seckey); 331 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_CCA_DATA, 0, 0, 332 seckey->seckey, &buflen, NULL); 333 if (rc) 334 return rc; 335 336 return 2 * sizeof(struct secaeskeytoken); 337 } 338 339 return sizeof(struct secaeskeytoken); 340 } 341 342 static ssize_t ccadata_aes_128_read(struct file *filp, 343 struct kobject *kobj, 344 struct bin_attribute *attr, 345 char *buf, loff_t off, 346 size_t count) 347 { 348 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 349 off, count); 350 } 351 352 static ssize_t ccadata_aes_192_read(struct file *filp, 353 struct kobject *kobj, 354 struct bin_attribute *attr, 355 char *buf, loff_t off, 356 size_t count) 357 { 358 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 359 off, count); 360 } 361 362 static ssize_t ccadata_aes_256_read(struct file *filp, 363 struct kobject *kobj, 364 struct bin_attribute *attr, 365 char *buf, loff_t off, 366 size_t count) 367 { 368 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 369 off, count); 370 } 371 372 static ssize_t ccadata_aes_128_xts_read(struct file *filp, 373 struct kobject *kobj, 374 struct bin_attribute *attr, 375 char *buf, loff_t off, 376 size_t count) 377 { 378 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 379 off, count); 380 } 381 382 static ssize_t ccadata_aes_256_xts_read(struct file *filp, 383 struct kobject *kobj, 384 struct bin_attribute *attr, 385 char *buf, loff_t off, 386 size_t count) 387 { 388 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 389 off, count); 390 } 391 392 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken)); 393 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken)); 394 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken)); 395 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken)); 396 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken)); 397 398 static struct bin_attribute *ccadata_attrs[] = { 399 &bin_attr_ccadata_aes_128, 400 &bin_attr_ccadata_aes_192, 401 &bin_attr_ccadata_aes_256, 402 &bin_attr_ccadata_aes_128_xts, 403 &bin_attr_ccadata_aes_256_xts, 404 NULL 405 }; 406 407 static struct attribute_group ccadata_attr_group = { 408 .name = "ccadata", 409 .bin_attrs = ccadata_attrs, 410 }; 411 412 #define CCACIPHERTOKENSIZE (sizeof(struct cipherkeytoken) + 80) 413 414 /* 415 * Sysfs attribute read function for all secure key ccacipher binary attributes. 416 * The implementation can not deal with partial reads, because a new random 417 * secure key blob is generated with each read. In case of partial reads 418 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 419 */ 420 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits, 421 bool is_xts, char *buf, loff_t off, 422 size_t count) 423 { 424 u32 keysize = CCACIPHERTOKENSIZE; 425 int rc; 426 427 if (off != 0 || count < CCACIPHERTOKENSIZE) 428 return -EINVAL; 429 if (is_xts) 430 if (count < 2 * CCACIPHERTOKENSIZE) 431 return -EINVAL; 432 433 memset(buf, 0, is_xts ? 2 * keysize : keysize); 434 435 rc = sys_pkey_handler_gen_key(pkey_aes_bitsize_to_keytype(keybits), 436 PKEY_TYPE_CCA_CIPHER, keybits, 0, 437 buf, &keysize, NULL); 438 if (rc) 439 return rc; 440 441 if (is_xts) { 442 keysize = CCACIPHERTOKENSIZE; 443 buf += CCACIPHERTOKENSIZE; 444 rc = sys_pkey_handler_gen_key( 445 pkey_aes_bitsize_to_keytype(keybits), 446 PKEY_TYPE_CCA_CIPHER, keybits, 0, 447 buf, &keysize, NULL); 448 if (rc) 449 return rc; 450 return 2 * CCACIPHERTOKENSIZE; 451 } 452 453 return CCACIPHERTOKENSIZE; 454 } 455 456 static ssize_t ccacipher_aes_128_read(struct file *filp, 457 struct kobject *kobj, 458 struct bin_attribute *attr, 459 char *buf, loff_t off, 460 size_t count) 461 { 462 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 463 off, count); 464 } 465 466 static ssize_t ccacipher_aes_192_read(struct file *filp, 467 struct kobject *kobj, 468 struct bin_attribute *attr, 469 char *buf, loff_t off, 470 size_t count) 471 { 472 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 473 off, count); 474 } 475 476 static ssize_t ccacipher_aes_256_read(struct file *filp, 477 struct kobject *kobj, 478 struct bin_attribute *attr, 479 char *buf, loff_t off, 480 size_t count) 481 { 482 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 483 off, count); 484 } 485 486 static ssize_t ccacipher_aes_128_xts_read(struct file *filp, 487 struct kobject *kobj, 488 struct bin_attribute *attr, 489 char *buf, loff_t off, 490 size_t count) 491 { 492 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 493 off, count); 494 } 495 496 static ssize_t ccacipher_aes_256_xts_read(struct file *filp, 497 struct kobject *kobj, 498 struct bin_attribute *attr, 499 char *buf, loff_t off, 500 size_t count) 501 { 502 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 503 off, count); 504 } 505 506 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE); 507 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE); 508 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE); 509 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE); 510 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE); 511 512 static struct bin_attribute *ccacipher_attrs[] = { 513 &bin_attr_ccacipher_aes_128, 514 &bin_attr_ccacipher_aes_192, 515 &bin_attr_ccacipher_aes_256, 516 &bin_attr_ccacipher_aes_128_xts, 517 &bin_attr_ccacipher_aes_256_xts, 518 NULL 519 }; 520 521 static struct attribute_group ccacipher_attr_group = { 522 .name = "ccacipher", 523 .bin_attrs = ccacipher_attrs, 524 }; 525 526 /* 527 * Sysfs attribute read function for all ep11 aes key binary attributes. 528 * The implementation can not deal with partial reads, because a new random 529 * secure key blob is generated with each read. In case of partial reads 530 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 531 * This function and the sysfs attributes using it provide EP11 key blobs 532 * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently 533 * 336 bytes. 534 */ 535 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits, 536 bool is_xts, char *buf, loff_t off, 537 size_t count) 538 { 539 u32 keysize = MAXEP11AESKEYBLOBSIZE; 540 int rc; 541 542 if (off != 0 || count < MAXEP11AESKEYBLOBSIZE) 543 return -EINVAL; 544 if (is_xts) 545 if (count < 2 * MAXEP11AESKEYBLOBSIZE) 546 return -EINVAL; 547 548 memset(buf, 0, is_xts ? 2 * keysize : keysize); 549 550 rc = sys_pkey_handler_gen_key(pkey_aes_bitsize_to_keytype(keybits), 551 PKEY_TYPE_EP11_AES, keybits, 0, 552 buf, &keysize, NULL); 553 if (rc) 554 return rc; 555 556 if (is_xts) { 557 keysize = MAXEP11AESKEYBLOBSIZE; 558 buf += MAXEP11AESKEYBLOBSIZE; 559 rc = sys_pkey_handler_gen_key( 560 pkey_aes_bitsize_to_keytype(keybits), 561 PKEY_TYPE_EP11_AES, keybits, 0, 562 buf, &keysize, NULL); 563 if (rc) 564 return rc; 565 return 2 * MAXEP11AESKEYBLOBSIZE; 566 } 567 568 return MAXEP11AESKEYBLOBSIZE; 569 } 570 571 static ssize_t ep11_aes_128_read(struct file *filp, 572 struct kobject *kobj, 573 struct bin_attribute *attr, 574 char *buf, loff_t off, 575 size_t count) 576 { 577 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 578 off, count); 579 } 580 581 static ssize_t ep11_aes_192_read(struct file *filp, 582 struct kobject *kobj, 583 struct bin_attribute *attr, 584 char *buf, loff_t off, 585 size_t count) 586 { 587 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 588 off, count); 589 } 590 591 static ssize_t ep11_aes_256_read(struct file *filp, 592 struct kobject *kobj, 593 struct bin_attribute *attr, 594 char *buf, loff_t off, 595 size_t count) 596 { 597 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 598 off, count); 599 } 600 601 static ssize_t ep11_aes_128_xts_read(struct file *filp, 602 struct kobject *kobj, 603 struct bin_attribute *attr, 604 char *buf, loff_t off, 605 size_t count) 606 { 607 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 608 off, count); 609 } 610 611 static ssize_t ep11_aes_256_xts_read(struct file *filp, 612 struct kobject *kobj, 613 struct bin_attribute *attr, 614 char *buf, loff_t off, 615 size_t count) 616 { 617 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 618 off, count); 619 } 620 621 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE); 622 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE); 623 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE); 624 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE); 625 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE); 626 627 static struct bin_attribute *ep11_attrs[] = { 628 &bin_attr_ep11_aes_128, 629 &bin_attr_ep11_aes_192, 630 &bin_attr_ep11_aes_256, 631 &bin_attr_ep11_aes_128_xts, 632 &bin_attr_ep11_aes_256_xts, 633 NULL 634 }; 635 636 static struct attribute_group ep11_attr_group = { 637 .name = "ep11", 638 .bin_attrs = ep11_attrs, 639 }; 640 641 const struct attribute_group *pkey_attr_groups[] = { 642 &protkey_attr_group, 643 &ccadata_attr_group, 644 &ccacipher_attr_group, 645 &ep11_attr_group, 646 NULL, 647 }; 648