1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * pkey module sysfs related functions 4 * 5 * Copyright IBM Corp. 2024 6 */ 7 8 #define KMSG_COMPONENT "pkey" 9 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 10 11 #include <linux/sysfs.h> 12 13 #include "zcrypt_api.h" 14 #include "zcrypt_ccamisc.h" 15 #include "zcrypt_ep11misc.h" 16 17 #include "pkey_base.h" 18 19 /* 20 * Wrapper around pkey_handler_gen_key() which deals with the 21 * ENODEV return code and then tries to enforce a pkey handler 22 * module load. 23 */ 24 static int sys_pkey_handler_gen_key(u32 keytype, u32 keysubtype, 25 u32 keybitsize, u32 flags, 26 u8 *keybuf, u32 *keybuflen, u32 *keyinfo) 27 { 28 int rc; 29 30 rc = pkey_handler_gen_key(NULL, 0, 31 keytype, keysubtype, 32 keybitsize, flags, 33 keybuf, keybuflen, keyinfo); 34 if (rc == -ENODEV) { 35 pkey_handler_request_modules(); 36 rc = pkey_handler_gen_key(NULL, 0, 37 keytype, keysubtype, 38 keybitsize, flags, 39 keybuf, keybuflen, keyinfo); 40 } 41 42 return rc; 43 } 44 45 /* 46 * Sysfs attribute read function for all protected key binary attributes. 47 * The implementation can not deal with partial reads, because a new random 48 * protected key blob is generated with each read. In case of partial reads 49 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 50 */ 51 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf, 52 loff_t off, size_t count) 53 { 54 struct protaeskeytoken protkeytoken; 55 struct pkey_protkey protkey; 56 int rc; 57 58 if (off != 0 || count < sizeof(protkeytoken)) 59 return -EINVAL; 60 if (is_xts) 61 if (count < 2 * sizeof(protkeytoken)) 62 return -EINVAL; 63 64 memset(&protkeytoken, 0, sizeof(protkeytoken)); 65 protkeytoken.type = TOKTYPE_NON_CCA; 66 protkeytoken.version = TOKVER_PROTECTED_KEY; 67 protkeytoken.keytype = keytype; 68 69 protkey.len = sizeof(protkey.protkey); 70 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_PROTKEY, 0, 0, 71 protkey.protkey, &protkey.len, 72 &protkey.type); 73 if (rc) 74 return rc; 75 76 protkeytoken.len = protkey.len; 77 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 78 79 memcpy(buf, &protkeytoken, sizeof(protkeytoken)); 80 81 if (is_xts) { 82 /* xts needs a second protected key, reuse protkey struct */ 83 protkey.len = sizeof(protkey.protkey); 84 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_PROTKEY, 0, 0, 85 protkey.protkey, &protkey.len, 86 &protkey.type); 87 if (rc) 88 return rc; 89 90 protkeytoken.len = protkey.len; 91 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 92 93 memcpy(buf + sizeof(protkeytoken), &protkeytoken, 94 sizeof(protkeytoken)); 95 96 return 2 * sizeof(protkeytoken); 97 } 98 99 return sizeof(protkeytoken); 100 } 101 102 /* 103 * Sysfs attribute read function for the AES XTS prot key binary attributes. 104 * The implementation can not deal with partial reads, because a new random 105 * protected key blob is generated with each read. In case of partial reads 106 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 107 */ 108 static ssize_t pkey_protkey_aes_xts_attr_read(u32 keytype, char *buf, 109 loff_t off, size_t count) 110 { 111 struct protkeytoken *t = (struct protkeytoken *)buf; 112 u32 protlen, prottype; 113 int rc; 114 115 switch (keytype) { 116 case PKEY_KEYTYPE_AES_XTS_128: 117 protlen = 64; 118 break; 119 case PKEY_KEYTYPE_AES_XTS_256: 120 protlen = 96; 121 break; 122 default: 123 return -EINVAL; 124 } 125 126 if (off != 0 || count < sizeof(*t) + protlen) 127 return -EINVAL; 128 129 memset(t, 0, sizeof(*t) + protlen); 130 t->type = TOKTYPE_NON_CCA; 131 t->version = TOKVER_PROTECTED_KEY; 132 t->keytype = keytype; 133 134 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_PROTKEY, 0, 0, 135 t->protkey, &protlen, &prottype); 136 if (rc) 137 return rc; 138 139 t->len = protlen; 140 141 return sizeof(*t) + protlen; 142 } 143 144 /* 145 * Sysfs attribute read function for the HMAC prot key binary attributes. 146 * The implementation can not deal with partial reads, because a new random 147 * protected key blob is generated with each read. In case of partial reads 148 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 149 */ 150 static ssize_t pkey_protkey_hmac_attr_read(u32 keytype, char *buf, 151 loff_t off, size_t count) 152 { 153 struct protkeytoken *t = (struct protkeytoken *)buf; 154 u32 protlen, prottype; 155 int rc; 156 157 switch (keytype) { 158 case PKEY_KEYTYPE_HMAC_512: 159 protlen = 96; 160 break; 161 case PKEY_KEYTYPE_HMAC_1024: 162 protlen = 160; 163 break; 164 default: 165 return -EINVAL; 166 } 167 168 if (off != 0 || count < sizeof(*t) + protlen) 169 return -EINVAL; 170 171 memset(t, 0, sizeof(*t) + protlen); 172 t->type = TOKTYPE_NON_CCA; 173 t->version = TOKVER_PROTECTED_KEY; 174 t->keytype = keytype; 175 176 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_PROTKEY, 0, 0, 177 t->protkey, &protlen, &prottype); 178 if (rc) 179 return rc; 180 181 t->len = protlen; 182 183 return sizeof(*t) + protlen; 184 } 185 186 static ssize_t protkey_aes_128_read(struct file *filp, 187 struct kobject *kobj, 188 struct bin_attribute *attr, 189 char *buf, loff_t off, 190 size_t count) 191 { 192 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 193 off, count); 194 } 195 196 static ssize_t protkey_aes_192_read(struct file *filp, 197 struct kobject *kobj, 198 struct bin_attribute *attr, 199 char *buf, loff_t off, 200 size_t count) 201 { 202 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 203 off, count); 204 } 205 206 static ssize_t protkey_aes_256_read(struct file *filp, 207 struct kobject *kobj, 208 struct bin_attribute *attr, 209 char *buf, loff_t off, 210 size_t count) 211 { 212 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 213 off, count); 214 } 215 216 static ssize_t protkey_aes_128_xts_read(struct file *filp, 217 struct kobject *kobj, 218 struct bin_attribute *attr, 219 char *buf, loff_t off, 220 size_t count) 221 { 222 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 223 off, count); 224 } 225 226 static ssize_t protkey_aes_256_xts_read(struct file *filp, 227 struct kobject *kobj, 228 struct bin_attribute *attr, 229 char *buf, loff_t off, 230 size_t count) 231 { 232 return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 233 off, count); 234 } 235 236 static ssize_t protkey_aes_xts_128_read(struct file *filp, 237 struct kobject *kobj, 238 struct bin_attribute *attr, 239 char *buf, loff_t off, 240 size_t count) 241 { 242 return pkey_protkey_aes_xts_attr_read(PKEY_KEYTYPE_AES_XTS_128, 243 buf, off, count); 244 } 245 246 static ssize_t protkey_aes_xts_256_read(struct file *filp, 247 struct kobject *kobj, 248 struct bin_attribute *attr, 249 char *buf, loff_t off, 250 size_t count) 251 { 252 return pkey_protkey_aes_xts_attr_read(PKEY_KEYTYPE_AES_XTS_256, 253 buf, off, count); 254 } 255 256 static ssize_t protkey_hmac_512_read(struct file *filp, 257 struct kobject *kobj, 258 struct bin_attribute *attr, 259 char *buf, loff_t off, 260 size_t count) 261 { 262 return pkey_protkey_hmac_attr_read(PKEY_KEYTYPE_HMAC_512, 263 buf, off, count); 264 } 265 266 static ssize_t protkey_hmac_1024_read(struct file *filp, 267 struct kobject *kobj, 268 struct bin_attribute *attr, 269 char *buf, loff_t off, 270 size_t count) 271 { 272 return pkey_protkey_hmac_attr_read(PKEY_KEYTYPE_HMAC_1024, 273 buf, off, count); 274 } 275 276 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken)); 277 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken)); 278 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken)); 279 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken)); 280 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken)); 281 static BIN_ATTR_RO(protkey_aes_xts_128, sizeof(struct protkeytoken) + 64); 282 static BIN_ATTR_RO(protkey_aes_xts_256, sizeof(struct protkeytoken) + 96); 283 static BIN_ATTR_RO(protkey_hmac_512, sizeof(struct protkeytoken) + 96); 284 static BIN_ATTR_RO(protkey_hmac_1024, sizeof(struct protkeytoken) + 160); 285 286 static struct bin_attribute *protkey_attrs[] = { 287 &bin_attr_protkey_aes_128, 288 &bin_attr_protkey_aes_192, 289 &bin_attr_protkey_aes_256, 290 &bin_attr_protkey_aes_128_xts, 291 &bin_attr_protkey_aes_256_xts, 292 &bin_attr_protkey_aes_xts_128, 293 &bin_attr_protkey_aes_xts_256, 294 &bin_attr_protkey_hmac_512, 295 &bin_attr_protkey_hmac_1024, 296 NULL 297 }; 298 299 static struct attribute_group protkey_attr_group = { 300 .name = "protkey", 301 .bin_attrs = protkey_attrs, 302 }; 303 304 /* 305 * Sysfs attribute read function for all secure key ccadata binary attributes. 306 * The implementation can not deal with partial reads, because a new random 307 * protected key blob is generated with each read. In case of partial reads 308 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 309 */ 310 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf, 311 loff_t off, size_t count) 312 { 313 struct pkey_seckey *seckey = (struct pkey_seckey *)buf; 314 u32 buflen; 315 int rc; 316 317 if (off != 0 || count < sizeof(struct secaeskeytoken)) 318 return -EINVAL; 319 if (is_xts) 320 if (count < 2 * sizeof(struct secaeskeytoken)) 321 return -EINVAL; 322 323 buflen = sizeof(seckey->seckey); 324 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_CCA_DATA, 0, 0, 325 seckey->seckey, &buflen, NULL); 326 if (rc) 327 return rc; 328 329 if (is_xts) { 330 seckey++; 331 buflen = sizeof(seckey->seckey); 332 rc = sys_pkey_handler_gen_key(keytype, PKEY_TYPE_CCA_DATA, 0, 0, 333 seckey->seckey, &buflen, NULL); 334 if (rc) 335 return rc; 336 337 return 2 * sizeof(struct secaeskeytoken); 338 } 339 340 return sizeof(struct secaeskeytoken); 341 } 342 343 static ssize_t ccadata_aes_128_read(struct file *filp, 344 struct kobject *kobj, 345 struct bin_attribute *attr, 346 char *buf, loff_t off, 347 size_t count) 348 { 349 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 350 off, count); 351 } 352 353 static ssize_t ccadata_aes_192_read(struct file *filp, 354 struct kobject *kobj, 355 struct bin_attribute *attr, 356 char *buf, loff_t off, 357 size_t count) 358 { 359 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 360 off, count); 361 } 362 363 static ssize_t ccadata_aes_256_read(struct file *filp, 364 struct kobject *kobj, 365 struct bin_attribute *attr, 366 char *buf, loff_t off, 367 size_t count) 368 { 369 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 370 off, count); 371 } 372 373 static ssize_t ccadata_aes_128_xts_read(struct file *filp, 374 struct kobject *kobj, 375 struct bin_attribute *attr, 376 char *buf, loff_t off, 377 size_t count) 378 { 379 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 380 off, count); 381 } 382 383 static ssize_t ccadata_aes_256_xts_read(struct file *filp, 384 struct kobject *kobj, 385 struct bin_attribute *attr, 386 char *buf, loff_t off, 387 size_t count) 388 { 389 return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 390 off, count); 391 } 392 393 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken)); 394 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken)); 395 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken)); 396 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken)); 397 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken)); 398 399 static struct bin_attribute *ccadata_attrs[] = { 400 &bin_attr_ccadata_aes_128, 401 &bin_attr_ccadata_aes_192, 402 &bin_attr_ccadata_aes_256, 403 &bin_attr_ccadata_aes_128_xts, 404 &bin_attr_ccadata_aes_256_xts, 405 NULL 406 }; 407 408 static struct attribute_group ccadata_attr_group = { 409 .name = "ccadata", 410 .bin_attrs = ccadata_attrs, 411 }; 412 413 #define CCACIPHERTOKENSIZE (sizeof(struct cipherkeytoken) + 80) 414 415 /* 416 * Sysfs attribute read function for all secure key ccacipher binary attributes. 417 * The implementation can not deal with partial reads, because a new random 418 * secure key blob is generated with each read. In case of partial reads 419 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 420 */ 421 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits, 422 bool is_xts, char *buf, loff_t off, 423 size_t count) 424 { 425 u32 keysize = CCACIPHERTOKENSIZE; 426 int rc; 427 428 if (off != 0 || count < CCACIPHERTOKENSIZE) 429 return -EINVAL; 430 if (is_xts) 431 if (count < 2 * CCACIPHERTOKENSIZE) 432 return -EINVAL; 433 434 memset(buf, 0, is_xts ? 2 * keysize : keysize); 435 436 rc = sys_pkey_handler_gen_key(pkey_aes_bitsize_to_keytype(keybits), 437 PKEY_TYPE_CCA_CIPHER, keybits, 0, 438 buf, &keysize, NULL); 439 if (rc) 440 return rc; 441 442 if (is_xts) { 443 keysize = CCACIPHERTOKENSIZE; 444 buf += CCACIPHERTOKENSIZE; 445 rc = sys_pkey_handler_gen_key( 446 pkey_aes_bitsize_to_keytype(keybits), 447 PKEY_TYPE_CCA_CIPHER, keybits, 0, 448 buf, &keysize, NULL); 449 if (rc) 450 return rc; 451 return 2 * CCACIPHERTOKENSIZE; 452 } 453 454 return CCACIPHERTOKENSIZE; 455 } 456 457 static ssize_t ccacipher_aes_128_read(struct file *filp, 458 struct kobject *kobj, 459 struct bin_attribute *attr, 460 char *buf, loff_t off, 461 size_t count) 462 { 463 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 464 off, count); 465 } 466 467 static ssize_t ccacipher_aes_192_read(struct file *filp, 468 struct kobject *kobj, 469 struct bin_attribute *attr, 470 char *buf, loff_t off, 471 size_t count) 472 { 473 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 474 off, count); 475 } 476 477 static ssize_t ccacipher_aes_256_read(struct file *filp, 478 struct kobject *kobj, 479 struct bin_attribute *attr, 480 char *buf, loff_t off, 481 size_t count) 482 { 483 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 484 off, count); 485 } 486 487 static ssize_t ccacipher_aes_128_xts_read(struct file *filp, 488 struct kobject *kobj, 489 struct bin_attribute *attr, 490 char *buf, loff_t off, 491 size_t count) 492 { 493 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 494 off, count); 495 } 496 497 static ssize_t ccacipher_aes_256_xts_read(struct file *filp, 498 struct kobject *kobj, 499 struct bin_attribute *attr, 500 char *buf, loff_t off, 501 size_t count) 502 { 503 return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 504 off, count); 505 } 506 507 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE); 508 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE); 509 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE); 510 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE); 511 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE); 512 513 static struct bin_attribute *ccacipher_attrs[] = { 514 &bin_attr_ccacipher_aes_128, 515 &bin_attr_ccacipher_aes_192, 516 &bin_attr_ccacipher_aes_256, 517 &bin_attr_ccacipher_aes_128_xts, 518 &bin_attr_ccacipher_aes_256_xts, 519 NULL 520 }; 521 522 static struct attribute_group ccacipher_attr_group = { 523 .name = "ccacipher", 524 .bin_attrs = ccacipher_attrs, 525 }; 526 527 /* 528 * Sysfs attribute read function for all ep11 aes key binary attributes. 529 * The implementation can not deal with partial reads, because a new random 530 * secure key blob is generated with each read. In case of partial reads 531 * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 532 * This function and the sysfs attributes using it provide EP11 key blobs 533 * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently 534 * 336 bytes. 535 */ 536 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits, 537 bool is_xts, char *buf, loff_t off, 538 size_t count) 539 { 540 u32 keysize = MAXEP11AESKEYBLOBSIZE; 541 int rc; 542 543 if (off != 0 || count < MAXEP11AESKEYBLOBSIZE) 544 return -EINVAL; 545 if (is_xts) 546 if (count < 2 * MAXEP11AESKEYBLOBSIZE) 547 return -EINVAL; 548 549 memset(buf, 0, is_xts ? 2 * keysize : keysize); 550 551 rc = sys_pkey_handler_gen_key(pkey_aes_bitsize_to_keytype(keybits), 552 PKEY_TYPE_EP11_AES, keybits, 0, 553 buf, &keysize, NULL); 554 if (rc) 555 return rc; 556 557 if (is_xts) { 558 keysize = MAXEP11AESKEYBLOBSIZE; 559 buf += MAXEP11AESKEYBLOBSIZE; 560 rc = sys_pkey_handler_gen_key( 561 pkey_aes_bitsize_to_keytype(keybits), 562 PKEY_TYPE_EP11_AES, keybits, 0, 563 buf, &keysize, NULL); 564 if (rc) 565 return rc; 566 return 2 * MAXEP11AESKEYBLOBSIZE; 567 } 568 569 return MAXEP11AESKEYBLOBSIZE; 570 } 571 572 static ssize_t ep11_aes_128_read(struct file *filp, 573 struct kobject *kobj, 574 struct bin_attribute *attr, 575 char *buf, loff_t off, 576 size_t count) 577 { 578 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 579 off, count); 580 } 581 582 static ssize_t ep11_aes_192_read(struct file *filp, 583 struct kobject *kobj, 584 struct bin_attribute *attr, 585 char *buf, loff_t off, 586 size_t count) 587 { 588 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 589 off, count); 590 } 591 592 static ssize_t ep11_aes_256_read(struct file *filp, 593 struct kobject *kobj, 594 struct bin_attribute *attr, 595 char *buf, loff_t off, 596 size_t count) 597 { 598 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 599 off, count); 600 } 601 602 static ssize_t ep11_aes_128_xts_read(struct file *filp, 603 struct kobject *kobj, 604 struct bin_attribute *attr, 605 char *buf, loff_t off, 606 size_t count) 607 { 608 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 609 off, count); 610 } 611 612 static ssize_t ep11_aes_256_xts_read(struct file *filp, 613 struct kobject *kobj, 614 struct bin_attribute *attr, 615 char *buf, loff_t off, 616 size_t count) 617 { 618 return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 619 off, count); 620 } 621 622 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE); 623 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE); 624 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE); 625 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE); 626 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE); 627 628 static struct bin_attribute *ep11_attrs[] = { 629 &bin_attr_ep11_aes_128, 630 &bin_attr_ep11_aes_192, 631 &bin_attr_ep11_aes_256, 632 &bin_attr_ep11_aes_128_xts, 633 &bin_attr_ep11_aes_256_xts, 634 NULL 635 }; 636 637 static struct attribute_group ep11_attr_group = { 638 .name = "ep11", 639 .bin_attrs = ep11_attrs, 640 }; 641 642 const struct attribute_group *pkey_attr_groups[] = { 643 &protkey_attr_group, 644 &ccadata_attr_group, 645 &ccacipher_attr_group, 646 &ep11_attr_group, 647 NULL, 648 }; 649