1 /* 2 * linux/drivers/s390/crypto/zcrypt_api.c 3 * 4 * zcrypt 2.1.0 5 * 6 * Copyright (C) 2001, 2006 IBM Corporation 7 * Author(s): Robert Burroughs 8 * Eric Rossman (edrossma@us.ibm.com) 9 * Cornelia Huck <cornelia.huck@de.ibm.com> 10 * 11 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) 12 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com> 13 * Ralph Wuerthner <rwuerthn@de.ibm.com> 14 * 15 * This program is free software; you can redistribute it and/or modify 16 * it under the terms of the GNU General Public License as published by 17 * the Free Software Foundation; either version 2, or (at your option) 18 * any later version. 19 * 20 * This program is distributed in the hope that it will be useful, 21 * but WITHOUT ANY WARRANTY; without even the implied warranty of 22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 23 * GNU General Public License for more details. 24 * 25 * You should have received a copy of the GNU General Public License 26 * along with this program; if not, write to the Free Software 27 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 28 */ 29 30 #include <linux/module.h> 31 #include <linux/init.h> 32 #include <linux/interrupt.h> 33 #include <linux/miscdevice.h> 34 #include <linux/fs.h> 35 #include <linux/proc_fs.h> 36 #include <linux/seq_file.h> 37 #include <linux/compat.h> 38 #include <linux/smp_lock.h> 39 #include <asm/atomic.h> 40 #include <asm/uaccess.h> 41 #include <linux/hw_random.h> 42 43 #include "zcrypt_api.h" 44 45 /* 46 * Module description. 47 */ 48 MODULE_AUTHOR("IBM Corporation"); 49 MODULE_DESCRIPTION("Cryptographic Coprocessor interface, " 50 "Copyright 2001, 2006 IBM Corporation"); 51 MODULE_LICENSE("GPL"); 52 53 static DEFINE_SPINLOCK(zcrypt_device_lock); 54 static LIST_HEAD(zcrypt_device_list); 55 static int zcrypt_device_count = 0; 56 static atomic_t zcrypt_open_count = ATOMIC_INIT(0); 57 58 static int zcrypt_rng_device_add(void); 59 static void zcrypt_rng_device_remove(void); 60 61 /* 62 * Device attributes common for all crypto devices. 63 */ 64 static ssize_t zcrypt_type_show(struct device *dev, 65 struct device_attribute *attr, char *buf) 66 { 67 struct zcrypt_device *zdev = to_ap_dev(dev)->private; 68 return snprintf(buf, PAGE_SIZE, "%s\n", zdev->type_string); 69 } 70 71 static DEVICE_ATTR(type, 0444, zcrypt_type_show, NULL); 72 73 static ssize_t zcrypt_online_show(struct device *dev, 74 struct device_attribute *attr, char *buf) 75 { 76 struct zcrypt_device *zdev = to_ap_dev(dev)->private; 77 return snprintf(buf, PAGE_SIZE, "%d\n", zdev->online); 78 } 79 80 static ssize_t zcrypt_online_store(struct device *dev, 81 struct device_attribute *attr, 82 const char *buf, size_t count) 83 { 84 struct zcrypt_device *zdev = to_ap_dev(dev)->private; 85 int online; 86 87 if (sscanf(buf, "%d\n", &online) != 1 || online < 0 || online > 1) 88 return -EINVAL; 89 zdev->online = online; 90 if (!online) 91 ap_flush_queue(zdev->ap_dev); 92 return count; 93 } 94 95 static DEVICE_ATTR(online, 0644, zcrypt_online_show, zcrypt_online_store); 96 97 static struct attribute * zcrypt_device_attrs[] = { 98 &dev_attr_type.attr, 99 &dev_attr_online.attr, 100 NULL, 101 }; 102 103 static struct attribute_group zcrypt_device_attr_group = { 104 .attrs = zcrypt_device_attrs, 105 }; 106 107 /** 108 * __zcrypt_increase_preference(): Increase preference of a crypto device. 109 * @zdev: Pointer the crypto device 110 * 111 * Move the device towards the head of the device list. 112 * Need to be called while holding the zcrypt device list lock. 113 * Note: cards with speed_rating of 0 are kept at the end of the list. 114 */ 115 static void __zcrypt_increase_preference(struct zcrypt_device *zdev) 116 { 117 struct zcrypt_device *tmp; 118 struct list_head *l; 119 120 if (zdev->speed_rating == 0) 121 return; 122 for (l = zdev->list.prev; l != &zcrypt_device_list; l = l->prev) { 123 tmp = list_entry(l, struct zcrypt_device, list); 124 if ((tmp->request_count + 1) * tmp->speed_rating <= 125 (zdev->request_count + 1) * zdev->speed_rating && 126 tmp->speed_rating != 0) 127 break; 128 } 129 if (l == zdev->list.prev) 130 return; 131 /* Move zdev behind l */ 132 list_move(&zdev->list, l); 133 } 134 135 /** 136 * __zcrypt_decrease_preference(): Decrease preference of a crypto device. 137 * @zdev: Pointer to a crypto device. 138 * 139 * Move the device towards the tail of the device list. 140 * Need to be called while holding the zcrypt device list lock. 141 * Note: cards with speed_rating of 0 are kept at the end of the list. 142 */ 143 static void __zcrypt_decrease_preference(struct zcrypt_device *zdev) 144 { 145 struct zcrypt_device *tmp; 146 struct list_head *l; 147 148 if (zdev->speed_rating == 0) 149 return; 150 for (l = zdev->list.next; l != &zcrypt_device_list; l = l->next) { 151 tmp = list_entry(l, struct zcrypt_device, list); 152 if ((tmp->request_count + 1) * tmp->speed_rating > 153 (zdev->request_count + 1) * zdev->speed_rating || 154 tmp->speed_rating == 0) 155 break; 156 } 157 if (l == zdev->list.next) 158 return; 159 /* Move zdev before l */ 160 list_move_tail(&zdev->list, l); 161 } 162 163 static void zcrypt_device_release(struct kref *kref) 164 { 165 struct zcrypt_device *zdev = 166 container_of(kref, struct zcrypt_device, refcount); 167 zcrypt_device_free(zdev); 168 } 169 170 void zcrypt_device_get(struct zcrypt_device *zdev) 171 { 172 kref_get(&zdev->refcount); 173 } 174 EXPORT_SYMBOL(zcrypt_device_get); 175 176 int zcrypt_device_put(struct zcrypt_device *zdev) 177 { 178 return kref_put(&zdev->refcount, zcrypt_device_release); 179 } 180 EXPORT_SYMBOL(zcrypt_device_put); 181 182 struct zcrypt_device *zcrypt_device_alloc(size_t max_response_size) 183 { 184 struct zcrypt_device *zdev; 185 186 zdev = kzalloc(sizeof(struct zcrypt_device), GFP_KERNEL); 187 if (!zdev) 188 return NULL; 189 zdev->reply.message = kmalloc(max_response_size, GFP_KERNEL); 190 if (!zdev->reply.message) 191 goto out_free; 192 zdev->reply.length = max_response_size; 193 spin_lock_init(&zdev->lock); 194 INIT_LIST_HEAD(&zdev->list); 195 return zdev; 196 197 out_free: 198 kfree(zdev); 199 return NULL; 200 } 201 EXPORT_SYMBOL(zcrypt_device_alloc); 202 203 void zcrypt_device_free(struct zcrypt_device *zdev) 204 { 205 kfree(zdev->reply.message); 206 kfree(zdev); 207 } 208 EXPORT_SYMBOL(zcrypt_device_free); 209 210 /** 211 * zcrypt_device_register() - Register a crypto device. 212 * @zdev: Pointer to a crypto device 213 * 214 * Register a crypto device. Returns 0 if successful. 215 */ 216 int zcrypt_device_register(struct zcrypt_device *zdev) 217 { 218 int rc; 219 220 rc = sysfs_create_group(&zdev->ap_dev->device.kobj, 221 &zcrypt_device_attr_group); 222 if (rc) 223 goto out; 224 get_device(&zdev->ap_dev->device); 225 kref_init(&zdev->refcount); 226 spin_lock_bh(&zcrypt_device_lock); 227 zdev->online = 1; /* New devices are online by default. */ 228 list_add_tail(&zdev->list, &zcrypt_device_list); 229 __zcrypt_increase_preference(zdev); 230 zcrypt_device_count++; 231 spin_unlock_bh(&zcrypt_device_lock); 232 if (zdev->ops->rng) { 233 rc = zcrypt_rng_device_add(); 234 if (rc) 235 goto out_unregister; 236 } 237 return 0; 238 239 out_unregister: 240 spin_lock_bh(&zcrypt_device_lock); 241 zcrypt_device_count--; 242 list_del_init(&zdev->list); 243 spin_unlock_bh(&zcrypt_device_lock); 244 sysfs_remove_group(&zdev->ap_dev->device.kobj, 245 &zcrypt_device_attr_group); 246 put_device(&zdev->ap_dev->device); 247 zcrypt_device_put(zdev); 248 out: 249 return rc; 250 } 251 EXPORT_SYMBOL(zcrypt_device_register); 252 253 /** 254 * zcrypt_device_unregister(): Unregister a crypto device. 255 * @zdev: Pointer to crypto device 256 * 257 * Unregister a crypto device. 258 */ 259 void zcrypt_device_unregister(struct zcrypt_device *zdev) 260 { 261 if (zdev->ops->rng) 262 zcrypt_rng_device_remove(); 263 spin_lock_bh(&zcrypt_device_lock); 264 zcrypt_device_count--; 265 list_del_init(&zdev->list); 266 spin_unlock_bh(&zcrypt_device_lock); 267 sysfs_remove_group(&zdev->ap_dev->device.kobj, 268 &zcrypt_device_attr_group); 269 put_device(&zdev->ap_dev->device); 270 zcrypt_device_put(zdev); 271 } 272 EXPORT_SYMBOL(zcrypt_device_unregister); 273 274 /** 275 * zcrypt_read (): Not supported beyond zcrypt 1.3.1. 276 * 277 * This function is not supported beyond zcrypt 1.3.1. 278 */ 279 static ssize_t zcrypt_read(struct file *filp, char __user *buf, 280 size_t count, loff_t *f_pos) 281 { 282 return -EPERM; 283 } 284 285 /** 286 * zcrypt_write(): Not allowed. 287 * 288 * Write is is not allowed 289 */ 290 static ssize_t zcrypt_write(struct file *filp, const char __user *buf, 291 size_t count, loff_t *f_pos) 292 { 293 return -EPERM; 294 } 295 296 /** 297 * zcrypt_open(): Count number of users. 298 * 299 * Device open function to count number of users. 300 */ 301 static int zcrypt_open(struct inode *inode, struct file *filp) 302 { 303 atomic_inc(&zcrypt_open_count); 304 return 0; 305 } 306 307 /** 308 * zcrypt_release(): Count number of users. 309 * 310 * Device close function to count number of users. 311 */ 312 static int zcrypt_release(struct inode *inode, struct file *filp) 313 { 314 atomic_dec(&zcrypt_open_count); 315 return 0; 316 } 317 318 /* 319 * zcrypt ioctls. 320 */ 321 static long zcrypt_rsa_modexpo(struct ica_rsa_modexpo *mex) 322 { 323 struct zcrypt_device *zdev; 324 int rc; 325 326 if (mex->outputdatalength < mex->inputdatalength) 327 return -EINVAL; 328 /* 329 * As long as outputdatalength is big enough, we can set the 330 * outputdatalength equal to the inputdatalength, since that is the 331 * number of bytes we will copy in any case 332 */ 333 mex->outputdatalength = mex->inputdatalength; 334 335 spin_lock_bh(&zcrypt_device_lock); 336 list_for_each_entry(zdev, &zcrypt_device_list, list) { 337 if (!zdev->online || 338 !zdev->ops->rsa_modexpo || 339 zdev->min_mod_size > mex->inputdatalength || 340 zdev->max_mod_size < mex->inputdatalength) 341 continue; 342 zcrypt_device_get(zdev); 343 get_device(&zdev->ap_dev->device); 344 zdev->request_count++; 345 __zcrypt_decrease_preference(zdev); 346 if (try_module_get(zdev->ap_dev->drv->driver.owner)) { 347 spin_unlock_bh(&zcrypt_device_lock); 348 rc = zdev->ops->rsa_modexpo(zdev, mex); 349 spin_lock_bh(&zcrypt_device_lock); 350 module_put(zdev->ap_dev->drv->driver.owner); 351 } 352 else 353 rc = -EAGAIN; 354 zdev->request_count--; 355 __zcrypt_increase_preference(zdev); 356 put_device(&zdev->ap_dev->device); 357 zcrypt_device_put(zdev); 358 spin_unlock_bh(&zcrypt_device_lock); 359 return rc; 360 } 361 spin_unlock_bh(&zcrypt_device_lock); 362 return -ENODEV; 363 } 364 365 static long zcrypt_rsa_crt(struct ica_rsa_modexpo_crt *crt) 366 { 367 struct zcrypt_device *zdev; 368 unsigned long long z1, z2, z3; 369 int rc, copied; 370 371 if (crt->outputdatalength < crt->inputdatalength || 372 (crt->inputdatalength & 1)) 373 return -EINVAL; 374 /* 375 * As long as outputdatalength is big enough, we can set the 376 * outputdatalength equal to the inputdatalength, since that is the 377 * number of bytes we will copy in any case 378 */ 379 crt->outputdatalength = crt->inputdatalength; 380 381 copied = 0; 382 restart: 383 spin_lock_bh(&zcrypt_device_lock); 384 list_for_each_entry(zdev, &zcrypt_device_list, list) { 385 if (!zdev->online || 386 !zdev->ops->rsa_modexpo_crt || 387 zdev->min_mod_size > crt->inputdatalength || 388 zdev->max_mod_size < crt->inputdatalength) 389 continue; 390 if (zdev->short_crt && crt->inputdatalength > 240) { 391 /* 392 * Check inputdata for leading zeros for cards 393 * that can't handle np_prime, bp_key, or 394 * u_mult_inv > 128 bytes. 395 */ 396 if (copied == 0) { 397 unsigned int len; 398 spin_unlock_bh(&zcrypt_device_lock); 399 /* len is max 256 / 2 - 120 = 8 */ 400 len = crt->inputdatalength / 2 - 120; 401 if (len > sizeof(z1)) 402 return -EFAULT; 403 z1 = z2 = z3 = 0; 404 if (copy_from_user(&z1, crt->np_prime, len) || 405 copy_from_user(&z2, crt->bp_key, len) || 406 copy_from_user(&z3, crt->u_mult_inv, len)) 407 return -EFAULT; 408 copied = 1; 409 /* 410 * We have to restart device lookup - 411 * the device list may have changed by now. 412 */ 413 goto restart; 414 } 415 if (z1 != 0ULL || z2 != 0ULL || z3 != 0ULL) 416 /* The device can't handle this request. */ 417 continue; 418 } 419 zcrypt_device_get(zdev); 420 get_device(&zdev->ap_dev->device); 421 zdev->request_count++; 422 __zcrypt_decrease_preference(zdev); 423 if (try_module_get(zdev->ap_dev->drv->driver.owner)) { 424 spin_unlock_bh(&zcrypt_device_lock); 425 rc = zdev->ops->rsa_modexpo_crt(zdev, crt); 426 spin_lock_bh(&zcrypt_device_lock); 427 module_put(zdev->ap_dev->drv->driver.owner); 428 } 429 else 430 rc = -EAGAIN; 431 zdev->request_count--; 432 __zcrypt_increase_preference(zdev); 433 put_device(&zdev->ap_dev->device); 434 zcrypt_device_put(zdev); 435 spin_unlock_bh(&zcrypt_device_lock); 436 return rc; 437 } 438 spin_unlock_bh(&zcrypt_device_lock); 439 return -ENODEV; 440 } 441 442 static long zcrypt_send_cprb(struct ica_xcRB *xcRB) 443 { 444 struct zcrypt_device *zdev; 445 int rc; 446 447 spin_lock_bh(&zcrypt_device_lock); 448 list_for_each_entry(zdev, &zcrypt_device_list, list) { 449 if (!zdev->online || !zdev->ops->send_cprb || 450 (xcRB->user_defined != AUTOSELECT && 451 AP_QID_DEVICE(zdev->ap_dev->qid) != xcRB->user_defined) 452 ) 453 continue; 454 zcrypt_device_get(zdev); 455 get_device(&zdev->ap_dev->device); 456 zdev->request_count++; 457 __zcrypt_decrease_preference(zdev); 458 if (try_module_get(zdev->ap_dev->drv->driver.owner)) { 459 spin_unlock_bh(&zcrypt_device_lock); 460 rc = zdev->ops->send_cprb(zdev, xcRB); 461 spin_lock_bh(&zcrypt_device_lock); 462 module_put(zdev->ap_dev->drv->driver.owner); 463 } 464 else 465 rc = -EAGAIN; 466 zdev->request_count--; 467 __zcrypt_increase_preference(zdev); 468 put_device(&zdev->ap_dev->device); 469 zcrypt_device_put(zdev); 470 spin_unlock_bh(&zcrypt_device_lock); 471 return rc; 472 } 473 spin_unlock_bh(&zcrypt_device_lock); 474 return -ENODEV; 475 } 476 477 static long zcrypt_rng(char *buffer) 478 { 479 struct zcrypt_device *zdev; 480 int rc; 481 482 spin_lock_bh(&zcrypt_device_lock); 483 list_for_each_entry(zdev, &zcrypt_device_list, list) { 484 if (!zdev->online || !zdev->ops->rng) 485 continue; 486 zcrypt_device_get(zdev); 487 get_device(&zdev->ap_dev->device); 488 zdev->request_count++; 489 __zcrypt_decrease_preference(zdev); 490 if (try_module_get(zdev->ap_dev->drv->driver.owner)) { 491 spin_unlock_bh(&zcrypt_device_lock); 492 rc = zdev->ops->rng(zdev, buffer); 493 spin_lock_bh(&zcrypt_device_lock); 494 module_put(zdev->ap_dev->drv->driver.owner); 495 } else 496 rc = -EAGAIN; 497 zdev->request_count--; 498 __zcrypt_increase_preference(zdev); 499 put_device(&zdev->ap_dev->device); 500 zcrypt_device_put(zdev); 501 spin_unlock_bh(&zcrypt_device_lock); 502 return rc; 503 } 504 spin_unlock_bh(&zcrypt_device_lock); 505 return -ENODEV; 506 } 507 508 static void zcrypt_status_mask(char status[AP_DEVICES]) 509 { 510 struct zcrypt_device *zdev; 511 512 memset(status, 0, sizeof(char) * AP_DEVICES); 513 spin_lock_bh(&zcrypt_device_lock); 514 list_for_each_entry(zdev, &zcrypt_device_list, list) 515 status[AP_QID_DEVICE(zdev->ap_dev->qid)] = 516 zdev->online ? zdev->user_space_type : 0x0d; 517 spin_unlock_bh(&zcrypt_device_lock); 518 } 519 520 static void zcrypt_qdepth_mask(char qdepth[AP_DEVICES]) 521 { 522 struct zcrypt_device *zdev; 523 524 memset(qdepth, 0, sizeof(char) * AP_DEVICES); 525 spin_lock_bh(&zcrypt_device_lock); 526 list_for_each_entry(zdev, &zcrypt_device_list, list) { 527 spin_lock(&zdev->ap_dev->lock); 528 qdepth[AP_QID_DEVICE(zdev->ap_dev->qid)] = 529 zdev->ap_dev->pendingq_count + 530 zdev->ap_dev->requestq_count; 531 spin_unlock(&zdev->ap_dev->lock); 532 } 533 spin_unlock_bh(&zcrypt_device_lock); 534 } 535 536 static void zcrypt_perdev_reqcnt(int reqcnt[AP_DEVICES]) 537 { 538 struct zcrypt_device *zdev; 539 540 memset(reqcnt, 0, sizeof(int) * AP_DEVICES); 541 spin_lock_bh(&zcrypt_device_lock); 542 list_for_each_entry(zdev, &zcrypt_device_list, list) { 543 spin_lock(&zdev->ap_dev->lock); 544 reqcnt[AP_QID_DEVICE(zdev->ap_dev->qid)] = 545 zdev->ap_dev->total_request_count; 546 spin_unlock(&zdev->ap_dev->lock); 547 } 548 spin_unlock_bh(&zcrypt_device_lock); 549 } 550 551 static int zcrypt_pendingq_count(void) 552 { 553 struct zcrypt_device *zdev; 554 int pendingq_count = 0; 555 556 spin_lock_bh(&zcrypt_device_lock); 557 list_for_each_entry(zdev, &zcrypt_device_list, list) { 558 spin_lock(&zdev->ap_dev->lock); 559 pendingq_count += zdev->ap_dev->pendingq_count; 560 spin_unlock(&zdev->ap_dev->lock); 561 } 562 spin_unlock_bh(&zcrypt_device_lock); 563 return pendingq_count; 564 } 565 566 static int zcrypt_requestq_count(void) 567 { 568 struct zcrypt_device *zdev; 569 int requestq_count = 0; 570 571 spin_lock_bh(&zcrypt_device_lock); 572 list_for_each_entry(zdev, &zcrypt_device_list, list) { 573 spin_lock(&zdev->ap_dev->lock); 574 requestq_count += zdev->ap_dev->requestq_count; 575 spin_unlock(&zdev->ap_dev->lock); 576 } 577 spin_unlock_bh(&zcrypt_device_lock); 578 return requestq_count; 579 } 580 581 static int zcrypt_count_type(int type) 582 { 583 struct zcrypt_device *zdev; 584 int device_count = 0; 585 586 spin_lock_bh(&zcrypt_device_lock); 587 list_for_each_entry(zdev, &zcrypt_device_list, list) 588 if (zdev->user_space_type == type) 589 device_count++; 590 spin_unlock_bh(&zcrypt_device_lock); 591 return device_count; 592 } 593 594 /** 595 * zcrypt_ica_status(): Old, depracted combi status call. 596 * 597 * Old, deprecated combi status call. 598 */ 599 static long zcrypt_ica_status(struct file *filp, unsigned long arg) 600 { 601 struct ica_z90_status *pstat; 602 int ret; 603 604 pstat = kzalloc(sizeof(*pstat), GFP_KERNEL); 605 if (!pstat) 606 return -ENOMEM; 607 pstat->totalcount = zcrypt_device_count; 608 pstat->leedslitecount = zcrypt_count_type(ZCRYPT_PCICA); 609 pstat->leeds2count = zcrypt_count_type(ZCRYPT_PCICC); 610 pstat->requestqWaitCount = zcrypt_requestq_count(); 611 pstat->pendingqWaitCount = zcrypt_pendingq_count(); 612 pstat->totalOpenCount = atomic_read(&zcrypt_open_count); 613 pstat->cryptoDomain = ap_domain_index; 614 zcrypt_status_mask(pstat->status); 615 zcrypt_qdepth_mask(pstat->qdepth); 616 ret = 0; 617 if (copy_to_user((void __user *) arg, pstat, sizeof(*pstat))) 618 ret = -EFAULT; 619 kfree(pstat); 620 return ret; 621 } 622 623 static long zcrypt_unlocked_ioctl(struct file *filp, unsigned int cmd, 624 unsigned long arg) 625 { 626 int rc; 627 628 switch (cmd) { 629 case ICARSAMODEXPO: { 630 struct ica_rsa_modexpo __user *umex = (void __user *) arg; 631 struct ica_rsa_modexpo mex; 632 if (copy_from_user(&mex, umex, sizeof(mex))) 633 return -EFAULT; 634 do { 635 rc = zcrypt_rsa_modexpo(&mex); 636 } while (rc == -EAGAIN); 637 if (rc) 638 return rc; 639 return put_user(mex.outputdatalength, &umex->outputdatalength); 640 } 641 case ICARSACRT: { 642 struct ica_rsa_modexpo_crt __user *ucrt = (void __user *) arg; 643 struct ica_rsa_modexpo_crt crt; 644 if (copy_from_user(&crt, ucrt, sizeof(crt))) 645 return -EFAULT; 646 do { 647 rc = zcrypt_rsa_crt(&crt); 648 } while (rc == -EAGAIN); 649 if (rc) 650 return rc; 651 return put_user(crt.outputdatalength, &ucrt->outputdatalength); 652 } 653 case ZSECSENDCPRB: { 654 struct ica_xcRB __user *uxcRB = (void __user *) arg; 655 struct ica_xcRB xcRB; 656 if (copy_from_user(&xcRB, uxcRB, sizeof(xcRB))) 657 return -EFAULT; 658 do { 659 rc = zcrypt_send_cprb(&xcRB); 660 } while (rc == -EAGAIN); 661 if (copy_to_user(uxcRB, &xcRB, sizeof(xcRB))) 662 return -EFAULT; 663 return rc; 664 } 665 case Z90STAT_STATUS_MASK: { 666 char status[AP_DEVICES]; 667 zcrypt_status_mask(status); 668 if (copy_to_user((char __user *) arg, status, 669 sizeof(char) * AP_DEVICES)) 670 return -EFAULT; 671 return 0; 672 } 673 case Z90STAT_QDEPTH_MASK: { 674 char qdepth[AP_DEVICES]; 675 zcrypt_qdepth_mask(qdepth); 676 if (copy_to_user((char __user *) arg, qdepth, 677 sizeof(char) * AP_DEVICES)) 678 return -EFAULT; 679 return 0; 680 } 681 case Z90STAT_PERDEV_REQCNT: { 682 int reqcnt[AP_DEVICES]; 683 zcrypt_perdev_reqcnt(reqcnt); 684 if (copy_to_user((int __user *) arg, reqcnt, 685 sizeof(int) * AP_DEVICES)) 686 return -EFAULT; 687 return 0; 688 } 689 case Z90STAT_REQUESTQ_COUNT: 690 return put_user(zcrypt_requestq_count(), (int __user *) arg); 691 case Z90STAT_PENDINGQ_COUNT: 692 return put_user(zcrypt_pendingq_count(), (int __user *) arg); 693 case Z90STAT_TOTALOPEN_COUNT: 694 return put_user(atomic_read(&zcrypt_open_count), 695 (int __user *) arg); 696 case Z90STAT_DOMAIN_INDEX: 697 return put_user(ap_domain_index, (int __user *) arg); 698 /* 699 * Deprecated ioctls. Don't add another device count ioctl, 700 * you can count them yourself in the user space with the 701 * output of the Z90STAT_STATUS_MASK ioctl. 702 */ 703 case ICAZ90STATUS: 704 return zcrypt_ica_status(filp, arg); 705 case Z90STAT_TOTALCOUNT: 706 return put_user(zcrypt_device_count, (int __user *) arg); 707 case Z90STAT_PCICACOUNT: 708 return put_user(zcrypt_count_type(ZCRYPT_PCICA), 709 (int __user *) arg); 710 case Z90STAT_PCICCCOUNT: 711 return put_user(zcrypt_count_type(ZCRYPT_PCICC), 712 (int __user *) arg); 713 case Z90STAT_PCIXCCMCL2COUNT: 714 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL2), 715 (int __user *) arg); 716 case Z90STAT_PCIXCCMCL3COUNT: 717 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL3), 718 (int __user *) arg); 719 case Z90STAT_PCIXCCCOUNT: 720 return put_user(zcrypt_count_type(ZCRYPT_PCIXCC_MCL2) + 721 zcrypt_count_type(ZCRYPT_PCIXCC_MCL3), 722 (int __user *) arg); 723 case Z90STAT_CEX2CCOUNT: 724 return put_user(zcrypt_count_type(ZCRYPT_CEX2C), 725 (int __user *) arg); 726 case Z90STAT_CEX2ACOUNT: 727 return put_user(zcrypt_count_type(ZCRYPT_CEX2A), 728 (int __user *) arg); 729 default: 730 /* unknown ioctl number */ 731 return -ENOIOCTLCMD; 732 } 733 } 734 735 #ifdef CONFIG_COMPAT 736 /* 737 * ioctl32 conversion routines 738 */ 739 struct compat_ica_rsa_modexpo { 740 compat_uptr_t inputdata; 741 unsigned int inputdatalength; 742 compat_uptr_t outputdata; 743 unsigned int outputdatalength; 744 compat_uptr_t b_key; 745 compat_uptr_t n_modulus; 746 }; 747 748 static long trans_modexpo32(struct file *filp, unsigned int cmd, 749 unsigned long arg) 750 { 751 struct compat_ica_rsa_modexpo __user *umex32 = compat_ptr(arg); 752 struct compat_ica_rsa_modexpo mex32; 753 struct ica_rsa_modexpo mex64; 754 long rc; 755 756 if (copy_from_user(&mex32, umex32, sizeof(mex32))) 757 return -EFAULT; 758 mex64.inputdata = compat_ptr(mex32.inputdata); 759 mex64.inputdatalength = mex32.inputdatalength; 760 mex64.outputdata = compat_ptr(mex32.outputdata); 761 mex64.outputdatalength = mex32.outputdatalength; 762 mex64.b_key = compat_ptr(mex32.b_key); 763 mex64.n_modulus = compat_ptr(mex32.n_modulus); 764 do { 765 rc = zcrypt_rsa_modexpo(&mex64); 766 } while (rc == -EAGAIN); 767 if (!rc) 768 rc = put_user(mex64.outputdatalength, 769 &umex32->outputdatalength); 770 return rc; 771 } 772 773 struct compat_ica_rsa_modexpo_crt { 774 compat_uptr_t inputdata; 775 unsigned int inputdatalength; 776 compat_uptr_t outputdata; 777 unsigned int outputdatalength; 778 compat_uptr_t bp_key; 779 compat_uptr_t bq_key; 780 compat_uptr_t np_prime; 781 compat_uptr_t nq_prime; 782 compat_uptr_t u_mult_inv; 783 }; 784 785 static long trans_modexpo_crt32(struct file *filp, unsigned int cmd, 786 unsigned long arg) 787 { 788 struct compat_ica_rsa_modexpo_crt __user *ucrt32 = compat_ptr(arg); 789 struct compat_ica_rsa_modexpo_crt crt32; 790 struct ica_rsa_modexpo_crt crt64; 791 long rc; 792 793 if (copy_from_user(&crt32, ucrt32, sizeof(crt32))) 794 return -EFAULT; 795 crt64.inputdata = compat_ptr(crt32.inputdata); 796 crt64.inputdatalength = crt32.inputdatalength; 797 crt64.outputdata= compat_ptr(crt32.outputdata); 798 crt64.outputdatalength = crt32.outputdatalength; 799 crt64.bp_key = compat_ptr(crt32.bp_key); 800 crt64.bq_key = compat_ptr(crt32.bq_key); 801 crt64.np_prime = compat_ptr(crt32.np_prime); 802 crt64.nq_prime = compat_ptr(crt32.nq_prime); 803 crt64.u_mult_inv = compat_ptr(crt32.u_mult_inv); 804 do { 805 rc = zcrypt_rsa_crt(&crt64); 806 } while (rc == -EAGAIN); 807 if (!rc) 808 rc = put_user(crt64.outputdatalength, 809 &ucrt32->outputdatalength); 810 return rc; 811 } 812 813 struct compat_ica_xcRB { 814 unsigned short agent_ID; 815 unsigned int user_defined; 816 unsigned short request_ID; 817 unsigned int request_control_blk_length; 818 unsigned char padding1[16 - sizeof (compat_uptr_t)]; 819 compat_uptr_t request_control_blk_addr; 820 unsigned int request_data_length; 821 char padding2[16 - sizeof (compat_uptr_t)]; 822 compat_uptr_t request_data_address; 823 unsigned int reply_control_blk_length; 824 char padding3[16 - sizeof (compat_uptr_t)]; 825 compat_uptr_t reply_control_blk_addr; 826 unsigned int reply_data_length; 827 char padding4[16 - sizeof (compat_uptr_t)]; 828 compat_uptr_t reply_data_addr; 829 unsigned short priority_window; 830 unsigned int status; 831 } __attribute__((packed)); 832 833 static long trans_xcRB32(struct file *filp, unsigned int cmd, 834 unsigned long arg) 835 { 836 struct compat_ica_xcRB __user *uxcRB32 = compat_ptr(arg); 837 struct compat_ica_xcRB xcRB32; 838 struct ica_xcRB xcRB64; 839 long rc; 840 841 if (copy_from_user(&xcRB32, uxcRB32, sizeof(xcRB32))) 842 return -EFAULT; 843 xcRB64.agent_ID = xcRB32.agent_ID; 844 xcRB64.user_defined = xcRB32.user_defined; 845 xcRB64.request_ID = xcRB32.request_ID; 846 xcRB64.request_control_blk_length = 847 xcRB32.request_control_blk_length; 848 xcRB64.request_control_blk_addr = 849 compat_ptr(xcRB32.request_control_blk_addr); 850 xcRB64.request_data_length = 851 xcRB32.request_data_length; 852 xcRB64.request_data_address = 853 compat_ptr(xcRB32.request_data_address); 854 xcRB64.reply_control_blk_length = 855 xcRB32.reply_control_blk_length; 856 xcRB64.reply_control_blk_addr = 857 compat_ptr(xcRB32.reply_control_blk_addr); 858 xcRB64.reply_data_length = xcRB32.reply_data_length; 859 xcRB64.reply_data_addr = 860 compat_ptr(xcRB32.reply_data_addr); 861 xcRB64.priority_window = xcRB32.priority_window; 862 xcRB64.status = xcRB32.status; 863 do { 864 rc = zcrypt_send_cprb(&xcRB64); 865 } while (rc == -EAGAIN); 866 xcRB32.reply_control_blk_length = xcRB64.reply_control_blk_length; 867 xcRB32.reply_data_length = xcRB64.reply_data_length; 868 xcRB32.status = xcRB64.status; 869 if (copy_to_user(uxcRB32, &xcRB32, sizeof(xcRB32))) 870 return -EFAULT; 871 return rc; 872 } 873 874 static long zcrypt_compat_ioctl(struct file *filp, unsigned int cmd, 875 unsigned long arg) 876 { 877 if (cmd == ICARSAMODEXPO) 878 return trans_modexpo32(filp, cmd, arg); 879 if (cmd == ICARSACRT) 880 return trans_modexpo_crt32(filp, cmd, arg); 881 if (cmd == ZSECSENDCPRB) 882 return trans_xcRB32(filp, cmd, arg); 883 return zcrypt_unlocked_ioctl(filp, cmd, arg); 884 } 885 #endif 886 887 /* 888 * Misc device file operations. 889 */ 890 static const struct file_operations zcrypt_fops = { 891 .owner = THIS_MODULE, 892 .read = zcrypt_read, 893 .write = zcrypt_write, 894 .unlocked_ioctl = zcrypt_unlocked_ioctl, 895 #ifdef CONFIG_COMPAT 896 .compat_ioctl = zcrypt_compat_ioctl, 897 #endif 898 .open = zcrypt_open, 899 .release = zcrypt_release 900 }; 901 902 /* 903 * Misc device. 904 */ 905 static struct miscdevice zcrypt_misc_device = { 906 .minor = MISC_DYNAMIC_MINOR, 907 .name = "z90crypt", 908 .fops = &zcrypt_fops, 909 }; 910 911 /* 912 * Deprecated /proc entry support. 913 */ 914 static struct proc_dir_entry *zcrypt_entry; 915 916 static void sprintcl(struct seq_file *m, unsigned char *addr, unsigned int len) 917 { 918 int i; 919 920 for (i = 0; i < len; i++) 921 seq_printf(m, "%01x", (unsigned int) addr[i]); 922 seq_putc(m, ' '); 923 } 924 925 static void sprintrw(struct seq_file *m, unsigned char *addr, unsigned int len) 926 { 927 int inl, c, cx; 928 929 seq_printf(m, " "); 930 inl = 0; 931 for (c = 0; c < (len / 16); c++) { 932 sprintcl(m, addr+inl, 16); 933 inl += 16; 934 } 935 cx = len%16; 936 if (cx) { 937 sprintcl(m, addr+inl, cx); 938 inl += cx; 939 } 940 seq_putc(m, '\n'); 941 } 942 943 static void sprinthx(unsigned char *title, struct seq_file *m, 944 unsigned char *addr, unsigned int len) 945 { 946 int inl, r, rx; 947 948 seq_printf(m, "\n%s\n", title); 949 inl = 0; 950 for (r = 0; r < (len / 64); r++) { 951 sprintrw(m, addr+inl, 64); 952 inl += 64; 953 } 954 rx = len % 64; 955 if (rx) { 956 sprintrw(m, addr+inl, rx); 957 inl += rx; 958 } 959 seq_putc(m, '\n'); 960 } 961 962 static void sprinthx4(unsigned char *title, struct seq_file *m, 963 unsigned int *array, unsigned int len) 964 { 965 int r; 966 967 seq_printf(m, "\n%s\n", title); 968 for (r = 0; r < len; r++) { 969 if ((r % 8) == 0) 970 seq_printf(m, " "); 971 seq_printf(m, "%08X ", array[r]); 972 if ((r % 8) == 7) 973 seq_putc(m, '\n'); 974 } 975 seq_putc(m, '\n'); 976 } 977 978 static int zcrypt_proc_show(struct seq_file *m, void *v) 979 { 980 char workarea[sizeof(int) * AP_DEVICES]; 981 982 seq_printf(m, "\nzcrypt version: %d.%d.%d\n", 983 ZCRYPT_VERSION, ZCRYPT_RELEASE, ZCRYPT_VARIANT); 984 seq_printf(m, "Cryptographic domain: %d\n", ap_domain_index); 985 seq_printf(m, "Total device count: %d\n", zcrypt_device_count); 986 seq_printf(m, "PCICA count: %d\n", zcrypt_count_type(ZCRYPT_PCICA)); 987 seq_printf(m, "PCICC count: %d\n", zcrypt_count_type(ZCRYPT_PCICC)); 988 seq_printf(m, "PCIXCC MCL2 count: %d\n", 989 zcrypt_count_type(ZCRYPT_PCIXCC_MCL2)); 990 seq_printf(m, "PCIXCC MCL3 count: %d\n", 991 zcrypt_count_type(ZCRYPT_PCIXCC_MCL3)); 992 seq_printf(m, "CEX2C count: %d\n", zcrypt_count_type(ZCRYPT_CEX2C)); 993 seq_printf(m, "CEX2A count: %d\n", zcrypt_count_type(ZCRYPT_CEX2A)); 994 seq_printf(m, "CEX3C count: %d\n", zcrypt_count_type(ZCRYPT_CEX3C)); 995 seq_printf(m, "CEX3A count: %d\n", zcrypt_count_type(ZCRYPT_CEX3A)); 996 seq_printf(m, "requestq count: %d\n", zcrypt_requestq_count()); 997 seq_printf(m, "pendingq count: %d\n", zcrypt_pendingq_count()); 998 seq_printf(m, "Total open handles: %d\n\n", 999 atomic_read(&zcrypt_open_count)); 1000 zcrypt_status_mask(workarea); 1001 sprinthx("Online devices: 1=PCICA 2=PCICC 3=PCIXCC(MCL2) " 1002 "4=PCIXCC(MCL3) 5=CEX2C 6=CEX2A 7=CEX3C 8=CEX3A", 1003 m, workarea, AP_DEVICES); 1004 zcrypt_qdepth_mask(workarea); 1005 sprinthx("Waiting work element counts", m, workarea, AP_DEVICES); 1006 zcrypt_perdev_reqcnt((int *) workarea); 1007 sprinthx4("Per-device successfully completed request counts", 1008 m, (unsigned int *) workarea, AP_DEVICES); 1009 return 0; 1010 } 1011 1012 static int zcrypt_proc_open(struct inode *inode, struct file *file) 1013 { 1014 return single_open(file, zcrypt_proc_show, NULL); 1015 } 1016 1017 static void zcrypt_disable_card(int index) 1018 { 1019 struct zcrypt_device *zdev; 1020 1021 spin_lock_bh(&zcrypt_device_lock); 1022 list_for_each_entry(zdev, &zcrypt_device_list, list) 1023 if (AP_QID_DEVICE(zdev->ap_dev->qid) == index) { 1024 zdev->online = 0; 1025 ap_flush_queue(zdev->ap_dev); 1026 break; 1027 } 1028 spin_unlock_bh(&zcrypt_device_lock); 1029 } 1030 1031 static void zcrypt_enable_card(int index) 1032 { 1033 struct zcrypt_device *zdev; 1034 1035 spin_lock_bh(&zcrypt_device_lock); 1036 list_for_each_entry(zdev, &zcrypt_device_list, list) 1037 if (AP_QID_DEVICE(zdev->ap_dev->qid) == index) { 1038 zdev->online = 1; 1039 break; 1040 } 1041 spin_unlock_bh(&zcrypt_device_lock); 1042 } 1043 1044 static ssize_t zcrypt_proc_write(struct file *file, const char __user *buffer, 1045 size_t count, loff_t *pos) 1046 { 1047 unsigned char *lbuf, *ptr; 1048 size_t local_count; 1049 int j; 1050 1051 if (count <= 0) 1052 return 0; 1053 1054 #define LBUFSIZE 1200UL 1055 lbuf = kmalloc(LBUFSIZE, GFP_KERNEL); 1056 if (!lbuf) 1057 return 0; 1058 1059 local_count = min(LBUFSIZE - 1, count); 1060 if (copy_from_user(lbuf, buffer, local_count) != 0) { 1061 kfree(lbuf); 1062 return -EFAULT; 1063 } 1064 lbuf[local_count] = '\0'; 1065 1066 ptr = strstr(lbuf, "Online devices"); 1067 if (!ptr) 1068 goto out; 1069 ptr = strstr(ptr, "\n"); 1070 if (!ptr) 1071 goto out; 1072 ptr++; 1073 1074 if (strstr(ptr, "Waiting work element counts") == NULL) 1075 goto out; 1076 1077 for (j = 0; j < 64 && *ptr; ptr++) { 1078 /* 1079 * '0' for no device, '1' for PCICA, '2' for PCICC, 1080 * '3' for PCIXCC_MCL2, '4' for PCIXCC_MCL3, 1081 * '5' for CEX2C and '6' for CEX2A' 1082 * '7' for CEX3C and '8' for CEX3A 1083 */ 1084 if (*ptr >= '0' && *ptr <= '8') 1085 j++; 1086 else if (*ptr == 'd' || *ptr == 'D') 1087 zcrypt_disable_card(j++); 1088 else if (*ptr == 'e' || *ptr == 'E') 1089 zcrypt_enable_card(j++); 1090 else if (*ptr != ' ' && *ptr != '\t') 1091 break; 1092 } 1093 out: 1094 kfree(lbuf); 1095 return count; 1096 } 1097 1098 static const struct file_operations zcrypt_proc_fops = { 1099 .owner = THIS_MODULE, 1100 .open = zcrypt_proc_open, 1101 .read = seq_read, 1102 .llseek = seq_lseek, 1103 .release = single_release, 1104 .write = zcrypt_proc_write, 1105 }; 1106 1107 static int zcrypt_rng_device_count; 1108 static u32 *zcrypt_rng_buffer; 1109 static int zcrypt_rng_buffer_index; 1110 static DEFINE_MUTEX(zcrypt_rng_mutex); 1111 1112 static int zcrypt_rng_data_read(struct hwrng *rng, u32 *data) 1113 { 1114 int rc; 1115 1116 /* 1117 * We don't need locking here because the RNG API guarantees serialized 1118 * read method calls. 1119 */ 1120 if (zcrypt_rng_buffer_index == 0) { 1121 rc = zcrypt_rng((char *) zcrypt_rng_buffer); 1122 if (rc < 0) 1123 return -EIO; 1124 zcrypt_rng_buffer_index = rc / sizeof *data; 1125 } 1126 *data = zcrypt_rng_buffer[--zcrypt_rng_buffer_index]; 1127 return sizeof *data; 1128 } 1129 1130 static struct hwrng zcrypt_rng_dev = { 1131 .name = "zcrypt", 1132 .data_read = zcrypt_rng_data_read, 1133 }; 1134 1135 static int zcrypt_rng_device_add(void) 1136 { 1137 int rc = 0; 1138 1139 mutex_lock(&zcrypt_rng_mutex); 1140 if (zcrypt_rng_device_count == 0) { 1141 zcrypt_rng_buffer = (u32 *) get_zeroed_page(GFP_KERNEL); 1142 if (!zcrypt_rng_buffer) { 1143 rc = -ENOMEM; 1144 goto out; 1145 } 1146 zcrypt_rng_buffer_index = 0; 1147 rc = hwrng_register(&zcrypt_rng_dev); 1148 if (rc) 1149 goto out_free; 1150 zcrypt_rng_device_count = 1; 1151 } else 1152 zcrypt_rng_device_count++; 1153 mutex_unlock(&zcrypt_rng_mutex); 1154 return 0; 1155 1156 out_free: 1157 free_page((unsigned long) zcrypt_rng_buffer); 1158 out: 1159 mutex_unlock(&zcrypt_rng_mutex); 1160 return rc; 1161 } 1162 1163 static void zcrypt_rng_device_remove(void) 1164 { 1165 mutex_lock(&zcrypt_rng_mutex); 1166 zcrypt_rng_device_count--; 1167 if (zcrypt_rng_device_count == 0) { 1168 hwrng_unregister(&zcrypt_rng_dev); 1169 free_page((unsigned long) zcrypt_rng_buffer); 1170 } 1171 mutex_unlock(&zcrypt_rng_mutex); 1172 } 1173 1174 /** 1175 * zcrypt_api_init(): Module initialization. 1176 * 1177 * The module initialization code. 1178 */ 1179 int __init zcrypt_api_init(void) 1180 { 1181 int rc; 1182 1183 /* Register the request sprayer. */ 1184 rc = misc_register(&zcrypt_misc_device); 1185 if (rc < 0) 1186 goto out; 1187 1188 /* Set up the proc file system */ 1189 zcrypt_entry = proc_create("driver/z90crypt", 0644, NULL, &zcrypt_proc_fops); 1190 if (!zcrypt_entry) { 1191 rc = -ENOMEM; 1192 goto out_misc; 1193 } 1194 1195 return 0; 1196 1197 out_misc: 1198 misc_deregister(&zcrypt_misc_device); 1199 out: 1200 return rc; 1201 } 1202 1203 /** 1204 * zcrypt_api_exit(): Module termination. 1205 * 1206 * The module termination code. 1207 */ 1208 void zcrypt_api_exit(void) 1209 { 1210 remove_proc_entry("driver/z90crypt", NULL); 1211 misc_deregister(&zcrypt_misc_device); 1212 } 1213 1214 #ifndef CONFIG_ZCRYPT_MONOLITHIC 1215 module_init(zcrypt_api_init); 1216 module_exit(zcrypt_api_exit); 1217 #endif 1218