drivers/s390/crypto/pkey_api.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  *  pkey device driver
   4  *
   5  *  Copyright IBM Corp. 2017,2019
   6  *  Author(s): Harald Freudenberger
   7  */
   8
   9 #define KMSG_COMPONENT "pkey"
  10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
  11
  12 #include <linux/fs.h>
  13 #include <linux/init.h>
  14 #include <linux/miscdevice.h>
  15 #include <linux/module.h>
  16 #include <linux/slab.h>
  17 #include <linux/kallsyms.h>
  18 #include <linux/debugfs.h>
  19 #include <linux/random.h>
  20 #include <linux/cpufeature.h>
  21 #include <asm/zcrypt.h>
  22 #include <asm/cpacf.h>
  23 #include <asm/pkey.h>
  24 #include <crypto/aes.h>
  25
  26 #include "zcrypt_api.h"
  27 #include "zcrypt_ccamisc.h"
  28 #include "zcrypt_ep11misc.h"
  29
  30 MODULE_LICENSE("GPL");
  31 MODULE_AUTHOR("IBM Corporation");
  32 MODULE_DESCRIPTION("s390 protected key interface");
  33
  34 #define KEYBLOBBUFSIZE 8192     /* key buffer size used for internal processing */
  35 #define PROTKEYBLOBBUFSIZE 256  /* protected key buffer size used internal */
  36 #define MAXAPQNSINLIST 64       /* max 64 apqns within a apqn list */
  37
  38 /*
  39  * debug feature data and functions
  40  */
  41
  42 static debug_info_t *debug_info;
  43
  44 #define DEBUG_DBG(...)  debug_sprintf_event(debug_info, 6, ##__VA_ARGS__)
  45 #define DEBUG_INFO(...) debug_sprintf_event(debug_info, 5, ##__VA_ARGS__)
  46 #define DEBUG_WARN(...) debug_sprintf_event(debug_info, 4, ##__VA_ARGS__)
  47 #define DEBUG_ERR(...)  debug_sprintf_event(debug_info, 3, ##__VA_ARGS__)
  48
  49 static void __init pkey_debug_init(void)
  50 {
  51         /* 5 arguments per dbf entry (including the format string ptr) */
  52         debug_info = debug_register("pkey", 1, 1, 5 * sizeof(long));
  53         debug_register_view(debug_info, &debug_sprintf_view);
  54         debug_set_level(debug_info, 3);
  55 }
  56
  57 static void __exit pkey_debug_exit(void)
  58 {
  59         debug_unregister(debug_info);
  60 }
  61
  62 /* inside view of a protected key token (only type 0x00 version 0x01) */
  63 struct protaeskeytoken {
  64         u8  type;     /* 0x00 for PAES specific key tokens */
  65         u8  res0[3];
  66         u8  version;  /* should be 0x01 for protected AES key token */
  67         u8  res1[3];
  68         u32 keytype;  /* key type, one of the PKEY_KEYTYPE values */
  69         u32 len;      /* bytes actually stored in protkey[] */
  70         u8  protkey[MAXPROTKEYSIZE]; /* the protected key blob */
  71 } __packed;
  72
  73 /* inside view of a clear key token (type 0x00 version 0x02) */
  74 struct clearaeskeytoken {
  75         u8  type;        /* 0x00 for PAES specific key tokens */
  76         u8  res0[3];
  77         u8  version;     /* 0x02 for clear AES key token */
  78         u8  res1[3];
  79         u32 keytype;     /* key type, one of the PKEY_KEYTYPE values */
  80         u32 len;         /* bytes actually stored in clearkey[] */
  81         u8  clearkey[]; /* clear key value */
  82 } __packed;
  83
  84 /*
  85  * Create a protected key from a clear key value.
  86  */
  87 static int pkey_clr2protkey(u32 keytype,
  88                             const struct pkey_clrkey *clrkey,
  89                             struct pkey_protkey *protkey)
  90 {
  91         /* mask of available pckmo subfunctions */
  92         static cpacf_mask_t pckmo_functions;
  93
  94         long fc;
  95         int keysize;
  96         u8 paramblock[64];
  97
  98         switch (keytype) {
  99         case PKEY_KEYTYPE_AES_128:
 100                 keysize = 16;
 101                 fc = CPACF_PCKMO_ENC_AES_128_KEY;
 102                 break;
 103         case PKEY_KEYTYPE_AES_192:
 104                 keysize = 24;
 105                 fc = CPACF_PCKMO_ENC_AES_192_KEY;
 106                 break;
 107         case PKEY_KEYTYPE_AES_256:
 108                 keysize = 32;
 109                 fc = CPACF_PCKMO_ENC_AES_256_KEY;
 110                 break;
 111         default:
 112                 DEBUG_ERR("%s unknown/unsupported keytype %d\n",
 113                           __func__, keytype);
 114                 return -EINVAL;
 115         }
 116
 117         /* Did we already check for PCKMO ? */
 118         if (!pckmo_functions.bytes[0]) {
 119                 /* no, so check now */
 120                 if (!cpacf_query(CPACF_PCKMO, &pckmo_functions))
 121                         return -ENODEV;
 122         }
 123         /* check for the pckmo subfunction we need now */
 124         if (!cpacf_test_func(&pckmo_functions, fc)) {
 125                 DEBUG_ERR("%s pckmo functions not available\n", __func__);
 126                 return -ENODEV;
 127         }
 128
 129         /* prepare param block */
 130         memset(paramblock, 0, sizeof(paramblock));
 131         memcpy(paramblock, clrkey->clrkey, keysize);
 132
 133         /* call the pckmo instruction */
 134         cpacf_pckmo(fc, paramblock);
 135
 136         /* copy created protected key */
 137         protkey->type = keytype;
 138         protkey->len = keysize + 32;
 139         memcpy(protkey->protkey, paramblock, keysize + 32);
 140
 141         return 0;
 142 }
 143
 144 /*
 145  * Find card and transform secure key into protected key.
 146  */
 147 static int pkey_skey2pkey(const u8 *key, struct pkey_protkey *pkey)
 148 {
 149         int rc, verify;
 150         u16 cardnr, domain;
 151         struct keytoken_header *hdr = (struct keytoken_header *)key;
 152
 153         /*
 154          * The cca_xxx2protkey call may fail when a card has been
 155          * addressed where the master key was changed after last fetch
 156          * of the mkvp into the cache. Try 3 times: First witout verify
 157          * then with verify and last round with verify and old master
 158          * key verification pattern match not ignored.
 159          */
 160         for (verify = 0; verify < 3; verify++) {
 161                 rc = cca_findcard(key, &cardnr, &domain, verify);
 162                 if (rc < 0)
 163                         continue;
 164                 if (rc > 0 && verify < 2)
 165                         continue;
 166                 switch (hdr->version) {
 167                 case TOKVER_CCA_AES:
 168                         rc = cca_sec2protkey(cardnr, domain,
 169                                              key, pkey->protkey,
 170                                              &pkey->len, &pkey->type);
 171                         break;
 172                 case TOKVER_CCA_VLSC:
 173                         rc = cca_cipher2protkey(cardnr, domain,
 174                                                 key, pkey->protkey,
 175                                                 &pkey->len, &pkey->type);
 176                         break;
 177                 default:
 178                         return -EINVAL;
 179                 }
 180                 if (rc == 0)
 181                         break;
 182         }
 183
 184         if (rc)
 185                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 186
 187         return rc;
 188 }
 189
 190 /*
 191  * Construct EP11 key with given clear key value.
 192  */
 193 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen,
 194                             u8 *keybuf, size_t *keybuflen)
 195 {
 196         int i, rc;
 197         u16 card, dom;
 198         u32 nr_apqns, *apqns = NULL;
 199
 200         /* build a list of apqns suitable for ep11 keys with cpacf support */
 201         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
 202                             ZCRYPT_CEX7, EP11_API_V, NULL);
 203         if (rc)
 204                 goto out;
 205
 206         /* go through the list of apqns and try to bild an ep11 key */
 207         for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
 208                 card = apqns[i] >> 16;
 209                 dom = apqns[i] & 0xFFFF;
 210                 rc = ep11_clr2keyblob(card, dom, clrkeylen * 8,
 211                                       0, clrkey, keybuf, keybuflen);
 212                 if (rc == 0)
 213                         break;
 214         }
 215
 216 out:
 217         kfree(apqns);
 218         if (rc)
 219                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 220         return rc;
 221 }
 222
 223 /*
 224  * Find card and transform EP11 secure key into protected key.
 225  */
 226 static int pkey_ep11key2pkey(const u8 *key, struct pkey_protkey *pkey)
 227 {
 228         int i, rc;
 229         u16 card, dom;
 230         u32 nr_apqns, *apqns = NULL;
 231         struct ep11keyblob *kb = (struct ep11keyblob *) key;
 232
 233         /* build a list of apqns suitable for this key */
 234         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
 235                             ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
 236         if (rc)
 237                 goto out;
 238
 239         /* go through the list of apqns and try to derive an pkey */
 240         for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
 241                 card = apqns[i] >> 16;
 242                 dom = apqns[i] & 0xFFFF;
 243                 pkey->len = sizeof(pkey->protkey);
 244                 rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
 245                                         pkey->protkey, &pkey->len, &pkey->type);
 246                 if (rc == 0)
 247                         break;
 248         }
 249
 250 out:
 251         kfree(apqns);
 252         if (rc)
 253                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 254         return rc;
 255 }
 256
 257 /*
 258  * Verify key and give back some info about the key.
 259  */
 260 static int pkey_verifykey(const struct pkey_seckey *seckey,
 261                           u16 *pcardnr, u16 *pdomain,
 262                           u16 *pkeysize, u32 *pattributes)
 263 {
 264         struct secaeskeytoken *t = (struct secaeskeytoken *) seckey;
 265         u16 cardnr, domain;
 266         int rc;
 267
 268         /* check the secure key for valid AES secure key */
 269         rc = cca_check_secaeskeytoken(debug_info, 3, (u8 *) seckey, 0);
 270         if (rc)
 271                 goto out;
 272         if (pattributes)
 273                 *pattributes = PKEY_VERIFY_ATTR_AES;
 274         if (pkeysize)
 275                 *pkeysize = t->bitsize;
 276
 277         /* try to find a card which can handle this key */
 278         rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1);
 279         if (rc < 0)
 280                 goto out;
 281
 282         if (rc > 0) {
 283                 /* key mkvp matches to old master key mkvp */
 284                 DEBUG_DBG("%s secure key has old mkvp\n", __func__);
 285                 if (pattributes)
 286                         *pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP;
 287                 rc = 0;
 288         }
 289
 290         if (pcardnr)
 291                 *pcardnr = cardnr;
 292         if (pdomain)
 293                 *pdomain = domain;
 294
 295 out:
 296         DEBUG_DBG("%s rc=%d\n", __func__, rc);
 297         return rc;
 298 }
 299
 300 /*
 301  * Generate a random protected key
 302  */
 303 static int pkey_genprotkey(u32 keytype, struct pkey_protkey *protkey)
 304 {
 305         struct pkey_clrkey clrkey;
 306         int keysize;
 307         int rc;
 308
 309         switch (keytype) {
 310         case PKEY_KEYTYPE_AES_128:
 311                 keysize = 16;
 312                 break;
 313         case PKEY_KEYTYPE_AES_192:
 314                 keysize = 24;
 315                 break;
 316         case PKEY_KEYTYPE_AES_256:
 317                 keysize = 32;
 318                 break;
 319         default:
 320                 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
 321                           keytype);
 322                 return -EINVAL;
 323         }
 324
 325         /* generate a dummy random clear key */
 326         get_random_bytes(clrkey.clrkey, keysize);
 327
 328         /* convert it to a dummy protected key */
 329         rc = pkey_clr2protkey(keytype, &clrkey, protkey);
 330         if (rc)
 331                 return rc;
 332
 333         /* replace the key part of the protected key with random bytes */
 334         get_random_bytes(protkey->protkey, keysize);
 335
 336         return 0;
 337 }
 338
 339 /*
 340  * Verify if a protected key is still valid
 341  */
 342 static int pkey_verifyprotkey(const struct pkey_protkey *protkey)
 343 {
 344         unsigned long fc;
 345         struct {
 346                 u8 iv[AES_BLOCK_SIZE];
 347                 u8 key[MAXPROTKEYSIZE];
 348         } param;
 349         u8 null_msg[AES_BLOCK_SIZE];
 350         u8 dest_buf[AES_BLOCK_SIZE];
 351         unsigned int k;
 352
 353         switch (protkey->type) {
 354         case PKEY_KEYTYPE_AES_128:
 355                 fc = CPACF_KMC_PAES_128;
 356                 break;
 357         case PKEY_KEYTYPE_AES_192:
 358                 fc = CPACF_KMC_PAES_192;
 359                 break;
 360         case PKEY_KEYTYPE_AES_256:
 361                 fc = CPACF_KMC_PAES_256;
 362                 break;
 363         default:
 364                 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
 365                           protkey->type);
 366                 return -EINVAL;
 367         }
 368
 369         memset(null_msg, 0, sizeof(null_msg));
 370
 371         memset(param.iv, 0, sizeof(param.iv));
 372         memcpy(param.key, protkey->protkey, sizeof(param.key));
 373
 374         k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf,
 375                       sizeof(null_msg));
 376         if (k != sizeof(null_msg)) {
 377                 DEBUG_ERR("%s protected key is not valid\n", __func__);
 378                 return -EKEYREJECTED;
 379         }
 380
 381         return 0;
 382 }
 383
 384 /*
 385  * Transform a non-CCA key token into a protected key
 386  */
 387 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen,
 388                                struct pkey_protkey *protkey)
 389 {
 390         int rc = -EINVAL;
 391         u8 *tmpbuf = NULL;
 392         struct keytoken_header *hdr = (struct keytoken_header *)key;
 393
 394         switch (hdr->version) {
 395         case TOKVER_PROTECTED_KEY: {
 396                 struct protaeskeytoken *t;
 397
 398                 if (keylen != sizeof(struct protaeskeytoken))
 399                         goto out;
 400                 t = (struct protaeskeytoken *)key;
 401                 protkey->len = t->len;
 402                 protkey->type = t->keytype;
 403                 memcpy(protkey->protkey, t->protkey,
 404                        sizeof(protkey->protkey));
 405                 rc = pkey_verifyprotkey(protkey);
 406                 break;
 407         }
 408         case TOKVER_CLEAR_KEY: {
 409                 struct clearaeskeytoken *t;
 410                 struct pkey_clrkey ckey;
 411                 union u_tmpbuf {
 412                         u8 skey[SECKEYBLOBSIZE];
 413                         u8 ep11key[MAXEP11AESKEYBLOBSIZE];
 414                 };
 415                 size_t tmpbuflen = sizeof(union u_tmpbuf);
 416
 417                 if (keylen < sizeof(struct clearaeskeytoken))
 418                         goto out;
 419                 t = (struct clearaeskeytoken *)key;
 420                 if (keylen != sizeof(*t) + t->len)
 421                         goto out;
 422                 if ((t->keytype == PKEY_KEYTYPE_AES_128 && t->len == 16)
 423                     || (t->keytype == PKEY_KEYTYPE_AES_192 && t->len == 24)
 424                     || (t->keytype == PKEY_KEYTYPE_AES_256 && t->len == 32))
 425                         memcpy(ckey.clrkey, t->clearkey, t->len);
 426                 else
 427                         goto out;
 428                 /* alloc temp key buffer space */
 429                 tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC);
 430                 if (!tmpbuf) {
 431                         rc = -ENOMEM;
 432                         goto out;
 433                 }
 434                 /* try direct way with the PCKMO instruction */
 435                 rc = pkey_clr2protkey(t->keytype, &ckey, protkey);
 436                 if (rc == 0)
 437                         break;
 438                 /* PCKMO failed, so try the CCA secure key way */
 439                 rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype,
 440                                     ckey.clrkey, tmpbuf);
 441                 if (rc == 0)
 442                         rc = pkey_skey2pkey(tmpbuf, protkey);
 443                 if (rc == 0)
 444                         break;
 445                 /* if the CCA way also failed, let's try via EP11 */
 446                 rc = pkey_clr2ep11key(ckey.clrkey, t->len,
 447                                       tmpbuf, &tmpbuflen);
 448                 if (rc == 0)
 449                         rc = pkey_ep11key2pkey(tmpbuf, protkey);
 450                 /* now we should really have an protected key */
 451                 DEBUG_ERR("%s unable to build protected key from clear",
 452                           __func__);
 453                 break;
 454         }
 455         case TOKVER_EP11_AES: {
 456                 /* check ep11 key for exportable as protected key */
 457                 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
 458                 if (rc)
 459                         goto out;
 460                 rc = pkey_ep11key2pkey(key, protkey);
 461                 break;
 462         }
 463         case TOKVER_EP11_AES_WITH_HEADER:
 464                 /* check ep11 key with header for exportable as protected key */
 465                 rc = ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1);
 466                 if (rc)
 467                         goto out;
 468                 rc = pkey_ep11key2pkey(key + sizeof(struct ep11kblob_header),
 469                                        protkey);
 470                 break;
 471         default:
 472                 DEBUG_ERR("%s unknown/unsupported non-CCA token version %d\n",
 473                           __func__, hdr->version);
 474                 rc = -EINVAL;
 475         }
 476
 477 out:
 478         kfree(tmpbuf);
 479         return rc;
 480 }
 481
 482 /*
 483  * Transform a CCA internal key token into a protected key
 484  */
 485 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen,
 486                                struct pkey_protkey *protkey)
 487 {
 488         struct keytoken_header *hdr = (struct keytoken_header *)key;
 489
 490         switch (hdr->version) {
 491         case TOKVER_CCA_AES:
 492                 if (keylen != sizeof(struct secaeskeytoken))
 493                         return -EINVAL;
 494                 break;
 495         case TOKVER_CCA_VLSC:
 496                 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
 497                         return -EINVAL;
 498                 break;
 499         default:
 500                 DEBUG_ERR("%s unknown/unsupported CCA internal token version %d\n",
 501                           __func__, hdr->version);
 502                 return -EINVAL;
 503         }
 504
 505         return pkey_skey2pkey(key, protkey);
 506 }
 507
 508 /*
 509  * Transform a key blob (of any type) into a protected key
 510  */
 511 int pkey_keyblob2pkey(const u8 *key, u32 keylen,
 512                       struct pkey_protkey *protkey)
 513 {
 514         int rc;
 515         struct keytoken_header *hdr = (struct keytoken_header *)key;
 516
 517         if (keylen < sizeof(struct keytoken_header)) {
 518                 DEBUG_ERR("%s invalid keylen %d\n", __func__, keylen);
 519                 return -EINVAL;
 520         }
 521
 522         switch (hdr->type) {
 523         case TOKTYPE_NON_CCA:
 524                 rc = pkey_nonccatok2pkey(key, keylen, protkey);
 525                 break;
 526         case TOKTYPE_CCA_INTERNAL:
 527                 rc = pkey_ccainttok2pkey(key, keylen, protkey);
 528                 break;
 529         default:
 530                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
 531                           __func__, hdr->type);
 532                 return -EINVAL;
 533         }
 534
 535         DEBUG_DBG("%s rc=%d\n", __func__, rc);
 536         return rc;
 537
 538 }
 539 EXPORT_SYMBOL(pkey_keyblob2pkey);
 540
 541 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 542                            enum pkey_key_type ktype, enum pkey_key_size ksize,
 543                            u32 kflags, u8 *keybuf, size_t *keybufsize)
 544 {
 545         int i, card, dom, rc;
 546
 547         /* check for at least one apqn given */
 548         if (!apqns || !nr_apqns)
 549                 return -EINVAL;
 550
 551         /* check key type and size */
 552         switch (ktype) {
 553         case PKEY_TYPE_CCA_DATA:
 554         case PKEY_TYPE_CCA_CIPHER:
 555                 if (*keybufsize < SECKEYBLOBSIZE)
 556                         return -EINVAL;
 557                 break;
 558         case PKEY_TYPE_EP11:
 559                 if (*keybufsize < MINEP11AESKEYBLOBSIZE)
 560                         return -EINVAL;
 561                 break;
 562         default:
 563                 return -EINVAL;
 564         }
 565         switch (ksize) {
 566         case PKEY_SIZE_AES_128:
 567         case PKEY_SIZE_AES_192:
 568         case PKEY_SIZE_AES_256:
 569                 break;
 570         default:
 571                 return -EINVAL;
 572         }
 573
 574         /* simple try all apqns from the list */
 575         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 576                 card = apqns[i].card;
 577                 dom = apqns[i].domain;
 578                 if (ktype == PKEY_TYPE_EP11) {
 579                         rc = ep11_genaeskey(card, dom, ksize, kflags,
 580                                             keybuf, keybufsize);
 581                 } else if (ktype == PKEY_TYPE_CCA_DATA) {
 582                         rc = cca_genseckey(card, dom, ksize, keybuf);
 583                         *keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
 584                 } else /* TOKVER_CCA_VLSC */
 585                         rc = cca_gencipherkey(card, dom, ksize, kflags,
 586                                               keybuf, keybufsize);
 587                 if (rc == 0)
 588                         break;
 589         }
 590
 591         return rc;
 592 }
 593
 594 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 595                             enum pkey_key_type ktype, enum pkey_key_size ksize,
 596                             u32 kflags, const u8 *clrkey,
 597                             u8 *keybuf, size_t *keybufsize)
 598 {
 599         int i, card, dom, rc;
 600
 601         /* check for at least one apqn given */
 602         if (!apqns || !nr_apqns)
 603                 return -EINVAL;
 604
 605         /* check key type and size */
 606         switch (ktype) {
 607         case PKEY_TYPE_CCA_DATA:
 608         case PKEY_TYPE_CCA_CIPHER:
 609                 if (*keybufsize < SECKEYBLOBSIZE)
 610                         return -EINVAL;
 611                 break;
 612         case PKEY_TYPE_EP11:
 613                 if (*keybufsize < MINEP11AESKEYBLOBSIZE)
 614                         return -EINVAL;
 615                 break;
 616         default:
 617                 return -EINVAL;
 618         }
 619         switch (ksize) {
 620         case PKEY_SIZE_AES_128:
 621         case PKEY_SIZE_AES_192:
 622         case PKEY_SIZE_AES_256:
 623                 break;
 624         default:
 625                 return -EINVAL;
 626         }
 627
 628         /* simple try all apqns from the list */
 629         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 630                 card = apqns[i].card;
 631                 dom = apqns[i].domain;
 632                 if (ktype == PKEY_TYPE_EP11) {
 633                         rc = ep11_clr2keyblob(card, dom, ksize, kflags,
 634                                               clrkey, keybuf, keybufsize);
 635                 } else if (ktype == PKEY_TYPE_CCA_DATA) {
 636                         rc = cca_clr2seckey(card, dom, ksize,
 637                                             clrkey, keybuf);
 638                         *keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
 639                 } else /* TOKVER_CCA_VLSC */
 640                         rc = cca_clr2cipherkey(card, dom, ksize, kflags,
 641                                                clrkey, keybuf, keybufsize);
 642                 if (rc == 0)
 643                         break;
 644         }
 645
 646         return rc;
 647 }
 648
 649 static int pkey_verifykey2(const u8 *key, size_t keylen,
 650                            u16 *cardnr, u16 *domain,
 651                            enum pkey_key_type *ktype,
 652                            enum pkey_key_size *ksize, u32 *flags)
 653 {
 654         int rc;
 655         u32 _nr_apqns, *_apqns = NULL;
 656         struct keytoken_header *hdr = (struct keytoken_header *)key;
 657
 658         if (keylen < sizeof(struct keytoken_header))
 659                 return -EINVAL;
 660
 661         if (hdr->type == TOKTYPE_CCA_INTERNAL
 662             && hdr->version == TOKVER_CCA_AES) {
 663                 struct secaeskeytoken *t = (struct secaeskeytoken *)key;
 664
 665                 rc = cca_check_secaeskeytoken(debug_info, 3, key, 0);
 666                 if (rc)
 667                         goto out;
 668                 if (ktype)
 669                         *ktype = PKEY_TYPE_CCA_DATA;
 670                 if (ksize)
 671                         *ksize = (enum pkey_key_size) t->bitsize;
 672
 673                 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 674                                    ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1);
 675                 if (rc == 0 && flags)
 676                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 677                 if (rc == -ENODEV) {
 678                         rc = cca_findcard2(&_apqns, &_nr_apqns,
 679                                            *cardnr, *domain,
 680                                            ZCRYPT_CEX3C, AES_MK_SET,
 681                                            0, t->mkvp, 1);
 682                         if (rc == 0 && flags)
 683                                 *flags = PKEY_FLAGS_MATCH_ALT_MKVP;
 684                 }
 685                 if (rc)
 686                         goto out;
 687
 688                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 689                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 690
 691         } else if (hdr->type == TOKTYPE_CCA_INTERNAL
 692                    && hdr->version == TOKVER_CCA_VLSC) {
 693                 struct cipherkeytoken *t = (struct cipherkeytoken *)key;
 694
 695                 rc = cca_check_secaescipherkey(debug_info, 3, key, 0, 1);
 696                 if (rc)
 697                         goto out;
 698                 if (ktype)
 699                         *ktype = PKEY_TYPE_CCA_CIPHER;
 700                 if (ksize) {
 701                         *ksize = PKEY_SIZE_UNKNOWN;
 702                         if (!t->plfver && t->wpllen == 512)
 703                                 *ksize = PKEY_SIZE_AES_128;
 704                         else if (!t->plfver && t->wpllen == 576)
 705                                 *ksize = PKEY_SIZE_AES_192;
 706                         else if (!t->plfver && t->wpllen == 640)
 707                                 *ksize = PKEY_SIZE_AES_256;
 708                 }
 709
 710                 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 711                                    ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1);
 712                 if (rc == 0 && flags)
 713                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 714                 if (rc == -ENODEV) {
 715                         rc = cca_findcard2(&_apqns, &_nr_apqns,
 716                                            *cardnr, *domain,
 717                                            ZCRYPT_CEX6, AES_MK_SET,
 718                                            0, t->mkvp0, 1);
 719                         if (rc == 0 && flags)
 720                                 *flags = PKEY_FLAGS_MATCH_ALT_MKVP;
 721                 }
 722                 if (rc)
 723                         goto out;
 724
 725                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 726                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 727
 728         } else if (hdr->type == TOKTYPE_NON_CCA
 729                    && hdr->version == TOKVER_EP11_AES) {
 730                 struct ep11keyblob *kb = (struct ep11keyblob *)key;
 731
 732                 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
 733                 if (rc)
 734                         goto out;
 735                 if (ktype)
 736                         *ktype = PKEY_TYPE_EP11;
 737                 if (ksize)
 738                         *ksize = kb->head.bitlen;
 739
 740                 rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 741                                     ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
 742                 if (rc)
 743                         goto out;
 744
 745                 if (flags)
 746                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 747
 748                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 749                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 750
 751         } else
 752                 rc = -EINVAL;
 753
 754 out:
 755         kfree(_apqns);
 756         return rc;
 757 }
 758
 759 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 760                               const u8 *key, size_t keylen,
 761                               struct pkey_protkey *pkey)
 762 {
 763         int i, card, dom, rc;
 764         struct keytoken_header *hdr = (struct keytoken_header *)key;
 765
 766         /* check for at least one apqn given */
 767         if (!apqns || !nr_apqns)
 768                 return -EINVAL;
 769
 770         if (keylen < sizeof(struct keytoken_header))
 771                 return -EINVAL;
 772
 773         if (hdr->type == TOKTYPE_CCA_INTERNAL) {
 774                 if (hdr->version == TOKVER_CCA_AES) {
 775                         if (keylen != sizeof(struct secaeskeytoken))
 776                                 return -EINVAL;
 777                         if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
 778                                 return -EINVAL;
 779                 } else if (hdr->version == TOKVER_CCA_VLSC) {
 780                         if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
 781                                 return -EINVAL;
 782                         if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
 783                                 return -EINVAL;
 784                 } else {
 785                         DEBUG_ERR("%s unknown CCA internal token version %d\n",
 786                                   __func__, hdr->version);
 787                         return -EINVAL;
 788                 }
 789         } else if (hdr->type == TOKTYPE_NON_CCA) {
 790                 if (hdr->version == TOKVER_EP11_AES) {
 791                         if (keylen < sizeof(struct ep11keyblob))
 792                                 return -EINVAL;
 793                         if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
 794                                 return -EINVAL;
 795                 } else {
 796                         return pkey_nonccatok2pkey(key, keylen, pkey);
 797                 }
 798         } else {
 799                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
 800                           __func__, hdr->type);
 801                 return -EINVAL;
 802         }
 803
 804         /* simple try all apqns from the list */
 805         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 806                 card = apqns[i].card;
 807                 dom = apqns[i].domain;
 808                 if (hdr->type == TOKTYPE_CCA_INTERNAL
 809                     && hdr->version == TOKVER_CCA_AES)
 810                         rc = cca_sec2protkey(card, dom, key, pkey->protkey,
 811                                              &pkey->len, &pkey->type);
 812                 else if (hdr->type == TOKTYPE_CCA_INTERNAL
 813                          && hdr->version == TOKVER_CCA_VLSC)
 814                         rc = cca_cipher2protkey(card, dom, key, pkey->protkey,
 815                                                 &pkey->len, &pkey->type);
 816                 else { /* EP11 AES secure key blob */
 817                         struct ep11keyblob *kb = (struct ep11keyblob *) key;
 818
 819                         pkey->len = sizeof(pkey->protkey);
 820                         rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
 821                                                 pkey->protkey, &pkey->len,
 822                                                 &pkey->type);
 823                 }
 824                 if (rc == 0)
 825                         break;
 826         }
 827
 828         return rc;
 829 }
 830
 831 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags,
 832                           struct pkey_apqn *apqns, size_t *nr_apqns)
 833 {
 834         int rc;
 835         u32 _nr_apqns, *_apqns = NULL;
 836         struct keytoken_header *hdr = (struct keytoken_header *)key;
 837
 838         if (keylen < sizeof(struct keytoken_header) || flags == 0)
 839                 return -EINVAL;
 840
 841         if (hdr->type == TOKTYPE_NON_CCA
 842             && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
 843                 || hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
 844             && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
 845                 int minhwtype = 0, api = 0;
 846                 struct ep11keyblob *kb = (struct ep11keyblob *)
 847                         (key + sizeof(struct ep11kblob_header));
 848
 849                 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
 850                         return -EINVAL;
 851                 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
 852                         minhwtype = ZCRYPT_CEX7;
 853                         api = EP11_API_V;
 854                 }
 855                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 856                                     minhwtype, api, kb->wkvp);
 857                 if (rc)
 858                         goto out;
 859         } else if (hdr->type == TOKTYPE_NON_CCA
 860                    && hdr->version == TOKVER_EP11_AES
 861                    && is_ep11_keyblob(key)) {
 862                 int minhwtype = 0, api = 0;
 863                 struct ep11keyblob *kb = (struct ep11keyblob *) key;
 864
 865                 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
 866                         return -EINVAL;
 867                 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
 868                         minhwtype = ZCRYPT_CEX7;
 869                         api = EP11_API_V;
 870                 }
 871                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 872                                     minhwtype, api, kb->wkvp);
 873                 if (rc)
 874                         goto out;
 875         } else if (hdr->type == TOKTYPE_CCA_INTERNAL) {
 876                 int minhwtype = ZCRYPT_CEX3C;
 877                 u64 cur_mkvp = 0, old_mkvp = 0;
 878
 879                 if (hdr->version == TOKVER_CCA_AES) {
 880                         struct secaeskeytoken *t = (struct secaeskeytoken *)key;
 881
 882                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 883                                 cur_mkvp = t->mkvp;
 884                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 885                                 old_mkvp = t->mkvp;
 886                 } else if (hdr->version == TOKVER_CCA_VLSC) {
 887                         struct cipherkeytoken *t = (struct cipherkeytoken *)key;
 888
 889                         minhwtype = ZCRYPT_CEX6;
 890                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 891                                 cur_mkvp = t->mkvp0;
 892                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 893                                 old_mkvp = t->mkvp0;
 894                 } else {
 895                         /* unknown cca internal token type */
 896                         return -EINVAL;
 897                 }
 898                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 899                                    minhwtype, AES_MK_SET,
 900                                    cur_mkvp, old_mkvp, 1);
 901                 if (rc)
 902                         goto out;
 903         } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
 904                 u64 cur_mkvp = 0, old_mkvp = 0;
 905                 struct eccprivkeytoken *t = (struct eccprivkeytoken *)key;
 906
 907                 if (t->secid == 0x20) {
 908                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 909                                 cur_mkvp = t->mkvp;
 910                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 911                                 old_mkvp = t->mkvp;
 912                 } else {
 913                         /* unknown cca internal 2 token type */
 914                         return -EINVAL;
 915                 }
 916                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 917                                    ZCRYPT_CEX7, APKA_MK_SET,
 918                                    cur_mkvp, old_mkvp, 1);
 919                 if (rc)
 920                         goto out;
 921         } else
 922                 return -EINVAL;
 923
 924         if (apqns) {
 925                 if (*nr_apqns < _nr_apqns)
 926                         rc = -ENOSPC;
 927                 else
 928                         memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
 929         }
 930         *nr_apqns = _nr_apqns;
 931
 932 out:
 933         kfree(_apqns);
 934         return rc;
 935 }
 936
 937 static int pkey_apqns4keytype(enum pkey_key_type ktype,
 938                               u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags,
 939                               struct pkey_apqn *apqns, size_t *nr_apqns)
 940 {
 941         int rc;
 942         u32 _nr_apqns, *_apqns = NULL;
 943
 944         if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) {
 945                 u64 cur_mkvp = 0, old_mkvp = 0;
 946                 int minhwtype = ZCRYPT_CEX3C;
 947
 948                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 949                         cur_mkvp = *((u64 *) cur_mkvp);
 950                 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 951                         old_mkvp = *((u64 *) alt_mkvp);
 952                 if (ktype == PKEY_TYPE_CCA_CIPHER)
 953                         minhwtype = ZCRYPT_CEX6;
 954                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 955                                    minhwtype, AES_MK_SET,
 956                                    cur_mkvp, old_mkvp, 1);
 957                 if (rc)
 958                         goto out;
 959         } else if (ktype == PKEY_TYPE_CCA_ECC) {
 960                 u64 cur_mkvp = 0, old_mkvp = 0;
 961
 962                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 963                         cur_mkvp = *((u64 *) cur_mkvp);
 964                 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 965                         old_mkvp = *((u64 *) alt_mkvp);
 966                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 967                                    ZCRYPT_CEX7, APKA_MK_SET,
 968                                    cur_mkvp, old_mkvp, 1);
 969                 if (rc)
 970                         goto out;
 971
 972         } else if (ktype == PKEY_TYPE_EP11 ||
 973                    ktype == PKEY_TYPE_EP11_AES ||
 974                    ktype == PKEY_TYPE_EP11_ECC) {
 975                 u8 *wkvp = NULL;
 976
 977                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 978                         wkvp = cur_mkvp;
 979                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 980                                     ZCRYPT_CEX7, EP11_API_V, wkvp);
 981                 if (rc)
 982                         goto out;
 983
 984         } else
 985                 return -EINVAL;
 986
 987         if (apqns) {
 988                 if (*nr_apqns < _nr_apqns)
 989                         rc = -ENOSPC;
 990                 else
 991                         memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
 992         }
 993         *nr_apqns = _nr_apqns;
 994
 995 out:
 996         kfree(_apqns);
 997         return rc;
 998 }
 999
1000 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns,
1001                               const u8 *key, size_t keylen, u32 *protkeytype,
1002                               u8 *protkey, u32 *protkeylen)
1003 {
1004         int i, card, dom, rc;
1005         struct keytoken_header *hdr = (struct keytoken_header *)key;
1006
1007         /* check for at least one apqn given */
1008         if (!apqns || !nr_apqns)
1009                 return -EINVAL;
1010
1011         if (keylen < sizeof(struct keytoken_header))
1012                 return -EINVAL;
1013
1014         if (hdr->type == TOKTYPE_NON_CCA
1015             && hdr->version == TOKVER_EP11_AES_WITH_HEADER
1016             && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1017                 /* EP11 AES key blob with header */
1018                 if (ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1))
1019                         return -EINVAL;
1020         } else if (hdr->type == TOKTYPE_NON_CCA
1021                    && hdr->version == TOKVER_EP11_ECC_WITH_HEADER
1022                    && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1023                 /* EP11 ECC key blob with header */
1024                 if (ep11_check_ecc_key_with_hdr(debug_info, 3, key, keylen, 1))
1025                         return -EINVAL;
1026         } else if (hdr->type == TOKTYPE_NON_CCA
1027                    && hdr->version == TOKVER_EP11_AES
1028                    && is_ep11_keyblob(key)) {
1029                 /* EP11 AES key blob with header in session field */
1030                 if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
1031                         return -EINVAL;
1032         } else  if (hdr->type == TOKTYPE_CCA_INTERNAL) {
1033                 if (hdr->version == TOKVER_CCA_AES) {
1034                         /* CCA AES data key */
1035                         if (keylen != sizeof(struct secaeskeytoken))
1036                                 return -EINVAL;
1037                         if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
1038                                 return -EINVAL;
1039                 } else if (hdr->version == TOKVER_CCA_VLSC) {
1040                         /* CCA AES cipher key */
1041                         if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
1042                                 return -EINVAL;
1043                         if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
1044                                 return -EINVAL;
1045                 } else {
1046                         DEBUG_ERR("%s unknown CCA internal token version %d\n",
1047                                   __func__, hdr->version);
1048                         return -EINVAL;
1049                 }
1050         } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
1051                 /* CCA ECC (private) key */
1052                 if (keylen < sizeof(struct eccprivkeytoken))
1053                         return -EINVAL;
1054                 if (cca_check_sececckeytoken(debug_info, 3, key, keylen, 1))
1055                         return -EINVAL;
1056         } else if (hdr->type == TOKTYPE_NON_CCA) {
1057                 struct pkey_protkey pkey;
1058
1059                 rc = pkey_nonccatok2pkey(key, keylen, &pkey);
1060                 if (rc)
1061                         return rc;
1062                 memcpy(protkey, pkey.protkey, pkey.len);
1063                 *protkeylen = pkey.len;
1064                 *protkeytype = pkey.type;
1065                 return 0;
1066         } else {
1067                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
1068                           __func__, hdr->type);
1069                 return -EINVAL;
1070         }
1071
1072         /* simple try all apqns from the list */
1073         for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) {
1074                 card = apqns[i].card;
1075                 dom = apqns[i].domain;
1076                 if (hdr->type == TOKTYPE_NON_CCA
1077                     && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
1078                         || hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
1079                     && is_ep11_keyblob(key + sizeof(struct ep11kblob_header)))
1080                         rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1081                                                 protkey, protkeylen, protkeytype);
1082                 else if (hdr->type == TOKTYPE_NON_CCA
1083                          && hdr->version == TOKVER_EP11_AES
1084                          && is_ep11_keyblob(key))
1085                         rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1086                                                 protkey, protkeylen, protkeytype);
1087                 else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1088                          hdr->version == TOKVER_CCA_AES)
1089                         rc = cca_sec2protkey(card, dom, key, protkey,
1090                                              protkeylen, protkeytype);
1091                 else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1092                          hdr->version == TOKVER_CCA_VLSC)
1093                         rc = cca_cipher2protkey(card, dom, key, protkey,
1094                                                 protkeylen, protkeytype);
1095                 else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA)
1096                         rc = cca_ecc2protkey(card, dom, key, protkey,
1097                                              protkeylen, protkeytype);
1098                 else
1099                         return -EINVAL;
1100         }
1101
1102         return rc;
1103 }
1104
1105 /*
1106  * File io functions
1107  */
1108
1109 static void *_copy_key_from_user(void __user *ukey, size_t keylen)
1110 {
1111         if (!ukey || keylen < MINKEYBLOBSIZE || keylen > KEYBLOBBUFSIZE)
1112                 return ERR_PTR(-EINVAL);
1113
1114         return memdup_user(ukey, keylen);
1115 }
1116
1117 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns)
1118 {
1119         if (!uapqns || nr_apqns == 0)
1120                 return NULL;
1121
1122         return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn));
1123 }
1124
1125 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
1126                                 unsigned long arg)
1127 {
1128         int rc;
1129
1130         switch (cmd) {
1131         case PKEY_GENSECK: {
1132                 struct pkey_genseck __user *ugs = (void __user *) arg;
1133                 struct pkey_genseck kgs;
1134
1135                 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1136                         return -EFAULT;
1137                 rc = cca_genseckey(kgs.cardnr, kgs.domain,
1138                                    kgs.keytype, kgs.seckey.seckey);
1139                 DEBUG_DBG("%s cca_genseckey()=%d\n", __func__, rc);
1140                 if (rc)
1141                         break;
1142                 if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1143                         return -EFAULT;
1144                 break;
1145         }
1146         case PKEY_CLR2SECK: {
1147                 struct pkey_clr2seck __user *ucs = (void __user *) arg;
1148                 struct pkey_clr2seck kcs;
1149
1150                 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1151                         return -EFAULT;
1152                 rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype,
1153                                     kcs.clrkey.clrkey, kcs.seckey.seckey);
1154                 DEBUG_DBG("%s cca_clr2seckey()=%d\n", __func__, rc);
1155                 if (rc)
1156                         break;
1157                 if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1158                         return -EFAULT;
1159                 memzero_explicit(&kcs, sizeof(kcs));
1160                 break;
1161         }
1162         case PKEY_SEC2PROTK: {
1163                 struct pkey_sec2protk __user *usp = (void __user *) arg;
1164                 struct pkey_sec2protk ksp;
1165
1166                 if (copy_from_user(&ksp, usp, sizeof(ksp)))
1167                         return -EFAULT;
1168                 rc = cca_sec2protkey(ksp.cardnr, ksp.domain,
1169                                      ksp.seckey.seckey, ksp.protkey.protkey,
1170                                      &ksp.protkey.len, &ksp.protkey.type);
1171                 DEBUG_DBG("%s cca_sec2protkey()=%d\n", __func__, rc);
1172                 if (rc)
1173                         break;
1174                 if (copy_to_user(usp, &ksp, sizeof(ksp)))
1175                         return -EFAULT;
1176                 break;
1177         }
1178         case PKEY_CLR2PROTK: {
1179                 struct pkey_clr2protk __user *ucp = (void __user *) arg;
1180                 struct pkey_clr2protk kcp;
1181
1182                 if (copy_from_user(&kcp, ucp, sizeof(kcp)))
1183                         return -EFAULT;
1184                 rc = pkey_clr2protkey(kcp.keytype,
1185                                       &kcp.clrkey, &kcp.protkey);
1186                 DEBUG_DBG("%s pkey_clr2protkey()=%d\n", __func__, rc);
1187                 if (rc)
1188                         break;
1189                 if (copy_to_user(ucp, &kcp, sizeof(kcp)))
1190                         return -EFAULT;
1191                 memzero_explicit(&kcp, sizeof(kcp));
1192                 break;
1193         }
1194         case PKEY_FINDCARD: {
1195                 struct pkey_findcard __user *ufc = (void __user *) arg;
1196                 struct pkey_findcard kfc;
1197
1198                 if (copy_from_user(&kfc, ufc, sizeof(kfc)))
1199                         return -EFAULT;
1200                 rc = cca_findcard(kfc.seckey.seckey,
1201                                   &kfc.cardnr, &kfc.domain, 1);
1202                 DEBUG_DBG("%s cca_findcard()=%d\n", __func__, rc);
1203                 if (rc < 0)
1204                         break;
1205                 if (copy_to_user(ufc, &kfc, sizeof(kfc)))
1206                         return -EFAULT;
1207                 break;
1208         }
1209         case PKEY_SKEY2PKEY: {
1210                 struct pkey_skey2pkey __user *usp = (void __user *) arg;
1211                 struct pkey_skey2pkey ksp;
1212
1213                 if (copy_from_user(&ksp, usp, sizeof(ksp)))
1214                         return -EFAULT;
1215                 rc = pkey_skey2pkey(ksp.seckey.seckey, &ksp.protkey);
1216                 DEBUG_DBG("%s pkey_skey2pkey()=%d\n", __func__, rc);
1217                 if (rc)
1218                         break;
1219                 if (copy_to_user(usp, &ksp, sizeof(ksp)))
1220                         return -EFAULT;
1221                 break;
1222         }
1223         case PKEY_VERIFYKEY: {
1224                 struct pkey_verifykey __user *uvk = (void __user *) arg;
1225                 struct pkey_verifykey kvk;
1226
1227                 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1228                         return -EFAULT;
1229                 rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain,
1230                                     &kvk.keysize, &kvk.attributes);
1231                 DEBUG_DBG("%s pkey_verifykey()=%d\n", __func__, rc);
1232                 if (rc)
1233                         break;
1234                 if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1235                         return -EFAULT;
1236                 break;
1237         }
1238         case PKEY_GENPROTK: {
1239                 struct pkey_genprotk __user *ugp = (void __user *) arg;
1240                 struct pkey_genprotk kgp;
1241
1242                 if (copy_from_user(&kgp, ugp, sizeof(kgp)))
1243                         return -EFAULT;
1244                 rc = pkey_genprotkey(kgp.keytype, &kgp.protkey);
1245                 DEBUG_DBG("%s pkey_genprotkey()=%d\n", __func__, rc);
1246                 if (rc)
1247                         break;
1248                 if (copy_to_user(ugp, &kgp, sizeof(kgp)))
1249                         return -EFAULT;
1250                 break;
1251         }
1252         case PKEY_VERIFYPROTK: {
1253                 struct pkey_verifyprotk __user *uvp = (void __user *) arg;
1254                 struct pkey_verifyprotk kvp;
1255
1256                 if (copy_from_user(&kvp, uvp, sizeof(kvp)))
1257                         return -EFAULT;
1258                 rc = pkey_verifyprotkey(&kvp.protkey);
1259                 DEBUG_DBG("%s pkey_verifyprotkey()=%d\n", __func__, rc);
1260                 break;
1261         }
1262         case PKEY_KBLOB2PROTK: {
1263                 struct pkey_kblob2pkey __user *utp = (void __user *) arg;
1264                 struct pkey_kblob2pkey ktp;
1265                 u8 *kkey;
1266
1267                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1268                         return -EFAULT;
1269                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1270                 if (IS_ERR(kkey))
1271                         return PTR_ERR(kkey);
1272                 rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey);
1273                 DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
1274                 memzero_explicit(kkey, ktp.keylen);
1275                 kfree(kkey);
1276                 if (rc)
1277                         break;
1278                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1279                         return -EFAULT;
1280                 break;
1281         }
1282         case PKEY_GENSECK2: {
1283                 struct pkey_genseck2 __user *ugs = (void __user *) arg;
1284                 struct pkey_genseck2 kgs;
1285                 struct pkey_apqn *apqns;
1286                 size_t klen = KEYBLOBBUFSIZE;
1287                 u8 *kkey;
1288
1289                 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1290                         return -EFAULT;
1291                 apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries);
1292                 if (IS_ERR(apqns))
1293                         return PTR_ERR(apqns);
1294                 kkey = kmalloc(klen, GFP_KERNEL);
1295                 if (!kkey) {
1296                         kfree(apqns);
1297                         return -ENOMEM;
1298                 }
1299                 rc = pkey_genseckey2(apqns, kgs.apqn_entries,
1300                                      kgs.type, kgs.size, kgs.keygenflags,
1301                                      kkey, &klen);
1302                 DEBUG_DBG("%s pkey_genseckey2()=%d\n", __func__, rc);
1303                 kfree(apqns);
1304                 if (rc) {
1305                         kfree(kkey);
1306                         break;
1307                 }
1308                 if (kgs.key) {
1309                         if (kgs.keylen < klen) {
1310                                 kfree(kkey);
1311                                 return -EINVAL;
1312                         }
1313                         if (copy_to_user(kgs.key, kkey, klen)) {
1314                                 kfree(kkey);
1315                                 return -EFAULT;
1316                         }
1317                 }
1318                 kgs.keylen = klen;
1319                 if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1320                         rc = -EFAULT;
1321                 kfree(kkey);
1322                 break;
1323         }
1324         case PKEY_CLR2SECK2: {
1325                 struct pkey_clr2seck2 __user *ucs = (void __user *) arg;
1326                 struct pkey_clr2seck2 kcs;
1327                 struct pkey_apqn *apqns;
1328                 size_t klen = KEYBLOBBUFSIZE;
1329                 u8 *kkey;
1330
1331                 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1332                         return -EFAULT;
1333                 apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries);
1334                 if (IS_ERR(apqns))
1335                         return PTR_ERR(apqns);
1336                 kkey = kmalloc(klen, GFP_KERNEL);
1337                 if (!kkey) {
1338                         kfree(apqns);
1339                         return -ENOMEM;
1340                 }
1341                 rc = pkey_clr2seckey2(apqns, kcs.apqn_entries,
1342                                       kcs.type, kcs.size, kcs.keygenflags,
1343                                       kcs.clrkey.clrkey, kkey, &klen);
1344                 DEBUG_DBG("%s pkey_clr2seckey2()=%d\n", __func__, rc);
1345                 kfree(apqns);
1346                 if (rc) {
1347                         kfree(kkey);
1348                         break;
1349                 }
1350                 if (kcs.key) {
1351                         if (kcs.keylen < klen) {
1352                                 kfree(kkey);
1353                                 return -EINVAL;
1354                         }
1355                         if (copy_to_user(kcs.key, kkey, klen)) {
1356                                 kfree(kkey);
1357                                 return -EFAULT;
1358                         }
1359                 }
1360                 kcs.keylen = klen;
1361                 if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1362                         rc = -EFAULT;
1363                 memzero_explicit(&kcs, sizeof(kcs));
1364                 kfree(kkey);
1365                 break;
1366         }
1367         case PKEY_VERIFYKEY2: {
1368                 struct pkey_verifykey2 __user *uvk = (void __user *) arg;
1369                 struct pkey_verifykey2 kvk;
1370                 u8 *kkey;
1371
1372                 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1373                         return -EFAULT;
1374                 kkey = _copy_key_from_user(kvk.key, kvk.keylen);
1375                 if (IS_ERR(kkey))
1376                         return PTR_ERR(kkey);
1377                 rc = pkey_verifykey2(kkey, kvk.keylen,
1378                                      &kvk.cardnr, &kvk.domain,
1379                                      &kvk.type, &kvk.size, &kvk.flags);
1380                 DEBUG_DBG("%s pkey_verifykey2()=%d\n", __func__, rc);
1381                 kfree(kkey);
1382                 if (rc)
1383                         break;
1384                 if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1385                         return -EFAULT;
1386                 break;
1387         }
1388         case PKEY_KBLOB2PROTK2: {
1389                 struct pkey_kblob2pkey2 __user *utp = (void __user *) arg;
1390                 struct pkey_kblob2pkey2 ktp;
1391                 struct pkey_apqn *apqns = NULL;
1392                 u8 *kkey;
1393
1394                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1395                         return -EFAULT;
1396                 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1397                 if (IS_ERR(apqns))
1398                         return PTR_ERR(apqns);
1399                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1400                 if (IS_ERR(kkey)) {
1401                         kfree(apqns);
1402                         return PTR_ERR(kkey);
1403                 }
1404                 rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries,
1405                                         kkey, ktp.keylen, &ktp.protkey);
1406                 DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
1407                 kfree(apqns);
1408                 memzero_explicit(kkey, ktp.keylen);
1409                 kfree(kkey);
1410                 if (rc)
1411                         break;
1412                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1413                         return -EFAULT;
1414                 break;
1415         }
1416         case PKEY_APQNS4K: {
1417                 struct pkey_apqns4key __user *uak = (void __user *) arg;
1418                 struct pkey_apqns4key kak;
1419                 struct pkey_apqn *apqns = NULL;
1420                 size_t nr_apqns, len;
1421                 u8 *kkey;
1422
1423                 if (copy_from_user(&kak, uak, sizeof(kak)))
1424                         return -EFAULT;
1425                 nr_apqns = kak.apqn_entries;
1426                 if (nr_apqns) {
1427                         apqns = kmalloc_array(nr_apqns,
1428                                               sizeof(struct pkey_apqn),
1429                                               GFP_KERNEL);
1430                         if (!apqns)
1431                                 return -ENOMEM;
1432                 }
1433                 kkey = _copy_key_from_user(kak.key, kak.keylen);
1434                 if (IS_ERR(kkey)) {
1435                         kfree(apqns);
1436                         return PTR_ERR(kkey);
1437                 }
1438                 rc = pkey_apqns4key(kkey, kak.keylen, kak.flags,
1439                                     apqns, &nr_apqns);
1440                 DEBUG_DBG("%s pkey_apqns4key()=%d\n", __func__, rc);
1441                 kfree(kkey);
1442                 if (rc && rc != -ENOSPC) {
1443                         kfree(apqns);
1444                         break;
1445                 }
1446                 if (!rc && kak.apqns) {
1447                         if (nr_apqns > kak.apqn_entries) {
1448                                 kfree(apqns);
1449                                 return -EINVAL;
1450                         }
1451                         len = nr_apqns * sizeof(struct pkey_apqn);
1452                         if (len) {
1453                                 if (copy_to_user(kak.apqns, apqns, len)) {
1454                                         kfree(apqns);
1455                                         return -EFAULT;
1456                                 }
1457                         }
1458                 }
1459                 kak.apqn_entries = nr_apqns;
1460                 if (copy_to_user(uak, &kak, sizeof(kak)))
1461                         rc = -EFAULT;
1462                 kfree(apqns);
1463                 break;
1464         }
1465         case PKEY_APQNS4KT: {
1466                 struct pkey_apqns4keytype __user *uat = (void __user *) arg;
1467                 struct pkey_apqns4keytype kat;
1468                 struct pkey_apqn *apqns = NULL;
1469                 size_t nr_apqns, len;
1470
1471                 if (copy_from_user(&kat, uat, sizeof(kat)))
1472                         return -EFAULT;
1473                 nr_apqns = kat.apqn_entries;
1474                 if (nr_apqns) {
1475                         apqns = kmalloc_array(nr_apqns,
1476                                               sizeof(struct pkey_apqn),
1477                                               GFP_KERNEL);
1478                         if (!apqns)
1479                                 return -ENOMEM;
1480                 }
1481                 rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp,
1482                                         kat.flags, apqns, &nr_apqns);
1483                 DEBUG_DBG("%s pkey_apqns4keytype()=%d\n", __func__, rc);
1484                 if (rc && rc != -ENOSPC) {
1485                         kfree(apqns);
1486                         break;
1487                 }
1488                 if (!rc && kat.apqns) {
1489                         if (nr_apqns > kat.apqn_entries) {
1490                                 kfree(apqns);
1491                                 return -EINVAL;
1492                         }
1493                         len = nr_apqns * sizeof(struct pkey_apqn);
1494                         if (len) {
1495                                 if (copy_to_user(kat.apqns, apqns, len)) {
1496                                         kfree(apqns);
1497                                         return -EFAULT;
1498                                 }
1499                         }
1500                 }
1501                 kat.apqn_entries = nr_apqns;
1502                 if (copy_to_user(uat, &kat, sizeof(kat)))
1503                         rc = -EFAULT;
1504                 kfree(apqns);
1505                 break;
1506         }
1507         case PKEY_KBLOB2PROTK3: {
1508                 struct pkey_kblob2pkey3 __user *utp = (void __user *) arg;
1509                 struct pkey_kblob2pkey3 ktp;
1510                 struct pkey_apqn *apqns = NULL;
1511                 u32 protkeylen = PROTKEYBLOBBUFSIZE;
1512                 u8 *kkey, *protkey;
1513
1514                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1515                         return -EFAULT;
1516                 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1517                 if (IS_ERR(apqns))
1518                         return PTR_ERR(apqns);
1519                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1520                 if (IS_ERR(kkey)) {
1521                         kfree(apqns);
1522                         return PTR_ERR(kkey);
1523                 }
1524                 protkey = kmalloc(protkeylen, GFP_KERNEL);
1525                 if (!protkey) {
1526                         kfree(apqns);
1527                         kfree(kkey);
1528                         return -ENOMEM;
1529                 }
1530                 rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, kkey,
1531                                         ktp.keylen, &ktp.pkeytype,
1532                                         protkey, &protkeylen);
1533                 DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
1534                 kfree(apqns);
1535                 memzero_explicit(kkey, ktp.keylen);
1536                 kfree(kkey);
1537                 if (rc) {
1538                         kfree(protkey);
1539                         break;
1540                 }
1541                 if (ktp.pkey && ktp.pkeylen) {
1542                         if (protkeylen > ktp.pkeylen) {
1543                                 kfree(protkey);
1544                                 return -EINVAL;
1545                         }
1546                         if (copy_to_user(ktp.pkey, protkey, protkeylen)) {
1547                                 kfree(protkey);
1548                                 return -EFAULT;
1549                         }
1550                 }
1551                 kfree(protkey);
1552                 ktp.pkeylen = protkeylen;
1553                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1554                         return -EFAULT;
1555                 break;
1556         }
1557         default:
1558                 /* unknown/unsupported ioctl cmd */
1559                 return -ENOTTY;
1560         }
1561
1562         return rc;
1563 }
1564
1565 /*
1566  * Sysfs and file io operations
1567  */
1568
1569 /*
1570  * Sysfs attribute read function for all protected key binary attributes.
1571  * The implementation can not deal with partial reads, because a new random
1572  * protected key blob is generated with each read. In case of partial reads
1573  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1574  */
1575 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1576                                           loff_t off, size_t count)
1577 {
1578         struct protaeskeytoken protkeytoken;
1579         struct pkey_protkey protkey;
1580         int rc;
1581
1582         if (off != 0 || count < sizeof(protkeytoken))
1583                 return -EINVAL;
1584         if (is_xts)
1585                 if (count < 2 * sizeof(protkeytoken))
1586                         return -EINVAL;
1587
1588         memset(&protkeytoken, 0, sizeof(protkeytoken));
1589         protkeytoken.type = TOKTYPE_NON_CCA;
1590         protkeytoken.version = TOKVER_PROTECTED_KEY;
1591         protkeytoken.keytype = keytype;
1592
1593         rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1594         if (rc)
1595                 return rc;
1596
1597         protkeytoken.len = protkey.len;
1598         memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1599
1600         memcpy(buf, &protkeytoken, sizeof(protkeytoken));
1601
1602         if (is_xts) {
1603                 rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1604                 if (rc)
1605                         return rc;
1606
1607                 protkeytoken.len = protkey.len;
1608                 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1609
1610                 memcpy(buf + sizeof(protkeytoken), &protkeytoken,
1611                        sizeof(protkeytoken));
1612
1613                 return 2 * sizeof(protkeytoken);
1614         }
1615
1616         return sizeof(protkeytoken);
1617 }
1618
1619 static ssize_t protkey_aes_128_read(struct file *filp,
1620                                     struct kobject *kobj,
1621                                     struct bin_attribute *attr,
1622                                     char *buf, loff_t off,
1623                                     size_t count)
1624 {
1625         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1626                                           off, count);
1627 }
1628
1629 static ssize_t protkey_aes_192_read(struct file *filp,
1630                                     struct kobject *kobj,
1631                                     struct bin_attribute *attr,
1632                                     char *buf, loff_t off,
1633                                     size_t count)
1634 {
1635         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1636                                           off, count);
1637 }
1638
1639 static ssize_t protkey_aes_256_read(struct file *filp,
1640                                     struct kobject *kobj,
1641                                     struct bin_attribute *attr,
1642                                     char *buf, loff_t off,
1643                                     size_t count)
1644 {
1645         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1646                                           off, count);
1647 }
1648
1649 static ssize_t protkey_aes_128_xts_read(struct file *filp,
1650                                         struct kobject *kobj,
1651                                         struct bin_attribute *attr,
1652                                         char *buf, loff_t off,
1653                                         size_t count)
1654 {
1655         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1656                                           off, count);
1657 }
1658
1659 static ssize_t protkey_aes_256_xts_read(struct file *filp,
1660                                         struct kobject *kobj,
1661                                         struct bin_attribute *attr,
1662                                         char *buf, loff_t off,
1663                                         size_t count)
1664 {
1665         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1666                                           off, count);
1667 }
1668
1669 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken));
1670 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken));
1671 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken));
1672 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken));
1673 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken));
1674
1675 static struct bin_attribute *protkey_attrs[] = {
1676         &bin_attr_protkey_aes_128,
1677         &bin_attr_protkey_aes_192,
1678         &bin_attr_protkey_aes_256,
1679         &bin_attr_protkey_aes_128_xts,
1680         &bin_attr_protkey_aes_256_xts,
1681         NULL
1682 };
1683
1684 static struct attribute_group protkey_attr_group = {
1685         .name      = "protkey",
1686         .bin_attrs = protkey_attrs,
1687 };
1688
1689 /*
1690  * Sysfs attribute read function for all secure key ccadata binary attributes.
1691  * The implementation can not deal with partial reads, because a new random
1692  * protected key blob is generated with each read. In case of partial reads
1693  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1694  */
1695 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1696                                           loff_t off, size_t count)
1697 {
1698         int rc;
1699         struct pkey_seckey *seckey = (struct pkey_seckey *) buf;
1700
1701         if (off != 0 || count < sizeof(struct secaeskeytoken))
1702                 return -EINVAL;
1703         if (is_xts)
1704                 if (count < 2 * sizeof(struct secaeskeytoken))
1705                         return -EINVAL;
1706
1707         rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1708         if (rc)
1709                 return rc;
1710
1711         if (is_xts) {
1712                 seckey++;
1713                 rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1714                 if (rc)
1715                         return rc;
1716
1717                 return 2 * sizeof(struct secaeskeytoken);
1718         }
1719
1720         return sizeof(struct secaeskeytoken);
1721 }
1722
1723 static ssize_t ccadata_aes_128_read(struct file *filp,
1724                                     struct kobject *kobj,
1725                                     struct bin_attribute *attr,
1726                                     char *buf, loff_t off,
1727                                     size_t count)
1728 {
1729         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1730                                           off, count);
1731 }
1732
1733 static ssize_t ccadata_aes_192_read(struct file *filp,
1734                                     struct kobject *kobj,
1735                                     struct bin_attribute *attr,
1736                                     char *buf, loff_t off,
1737                                     size_t count)
1738 {
1739         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1740                                           off, count);
1741 }
1742
1743 static ssize_t ccadata_aes_256_read(struct file *filp,
1744                                     struct kobject *kobj,
1745                                     struct bin_attribute *attr,
1746                                     char *buf, loff_t off,
1747                                     size_t count)
1748 {
1749         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1750                                           off, count);
1751 }
1752
1753 static ssize_t ccadata_aes_128_xts_read(struct file *filp,
1754                                         struct kobject *kobj,
1755                                         struct bin_attribute *attr,
1756                                         char *buf, loff_t off,
1757                                         size_t count)
1758 {
1759         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1760                                           off, count);
1761 }
1762
1763 static ssize_t ccadata_aes_256_xts_read(struct file *filp,
1764                                         struct kobject *kobj,
1765                                         struct bin_attribute *attr,
1766                                         char *buf, loff_t off,
1767                                         size_t count)
1768 {
1769         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1770                                           off, count);
1771 }
1772
1773 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken));
1774 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken));
1775 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken));
1776 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken));
1777 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken));
1778
1779 static struct bin_attribute *ccadata_attrs[] = {
1780         &bin_attr_ccadata_aes_128,
1781         &bin_attr_ccadata_aes_192,
1782         &bin_attr_ccadata_aes_256,
1783         &bin_attr_ccadata_aes_128_xts,
1784         &bin_attr_ccadata_aes_256_xts,
1785         NULL
1786 };
1787
1788 static struct attribute_group ccadata_attr_group = {
1789         .name      = "ccadata",
1790         .bin_attrs = ccadata_attrs,
1791 };
1792
1793 #define CCACIPHERTOKENSIZE      (sizeof(struct cipherkeytoken) + 80)
1794
1795 /*
1796  * Sysfs attribute read function for all secure key ccacipher binary attributes.
1797  * The implementation can not deal with partial reads, because a new random
1798  * secure key blob is generated with each read. In case of partial reads
1799  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1800  */
1801 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits,
1802                                             bool is_xts, char *buf, loff_t off,
1803                                             size_t count)
1804 {
1805         int i, rc, card, dom;
1806         u32 nr_apqns, *apqns = NULL;
1807         size_t keysize = CCACIPHERTOKENSIZE;
1808
1809         if (off != 0 || count < CCACIPHERTOKENSIZE)
1810                 return -EINVAL;
1811         if (is_xts)
1812                 if (count < 2 * CCACIPHERTOKENSIZE)
1813                         return -EINVAL;
1814
1815         /* build a list of apqns able to generate an cipher key */
1816         rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1817                            ZCRYPT_CEX6, 0, 0, 0, 0);
1818         if (rc)
1819                 return rc;
1820
1821         memset(buf, 0, is_xts ? 2 * keysize : keysize);
1822
1823         /* simple try all apqns from the list */
1824         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1825                 card = apqns[i] >> 16;
1826                 dom = apqns[i] & 0xFFFF;
1827                 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1828                 if (rc == 0)
1829                         break;
1830         }
1831         if (rc)
1832                 return rc;
1833
1834         if (is_xts) {
1835                 keysize = CCACIPHERTOKENSIZE;
1836                 buf += CCACIPHERTOKENSIZE;
1837                 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1838                 if (rc == 0)
1839                         return 2 * CCACIPHERTOKENSIZE;
1840         }
1841
1842         return CCACIPHERTOKENSIZE;
1843 }
1844
1845 static ssize_t ccacipher_aes_128_read(struct file *filp,
1846                                       struct kobject *kobj,
1847                                       struct bin_attribute *attr,
1848                                       char *buf, loff_t off,
1849                                       size_t count)
1850 {
1851         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1852                                             off, count);
1853 }
1854
1855 static ssize_t ccacipher_aes_192_read(struct file *filp,
1856                                       struct kobject *kobj,
1857                                       struct bin_attribute *attr,
1858                                       char *buf, loff_t off,
1859                                       size_t count)
1860 {
1861         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1862                                             off, count);
1863 }
1864
1865 static ssize_t ccacipher_aes_256_read(struct file *filp,
1866                                       struct kobject *kobj,
1867                                       struct bin_attribute *attr,
1868                                       char *buf, loff_t off,
1869                                       size_t count)
1870 {
1871         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
1872                                             off, count);
1873 }
1874
1875 static ssize_t ccacipher_aes_128_xts_read(struct file *filp,
1876                                           struct kobject *kobj,
1877                                           struct bin_attribute *attr,
1878                                           char *buf, loff_t off,
1879                                           size_t count)
1880 {
1881         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
1882                                             off, count);
1883 }
1884
1885 static ssize_t ccacipher_aes_256_xts_read(struct file *filp,
1886                                           struct kobject *kobj,
1887                                           struct bin_attribute *attr,
1888                                           char *buf, loff_t off,
1889                                           size_t count)
1890 {
1891         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
1892                                             off, count);
1893 }
1894
1895 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE);
1896 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE);
1897 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE);
1898 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE);
1899 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE);
1900
1901 static struct bin_attribute *ccacipher_attrs[] = {
1902         &bin_attr_ccacipher_aes_128,
1903         &bin_attr_ccacipher_aes_192,
1904         &bin_attr_ccacipher_aes_256,
1905         &bin_attr_ccacipher_aes_128_xts,
1906         &bin_attr_ccacipher_aes_256_xts,
1907         NULL
1908 };
1909
1910 static struct attribute_group ccacipher_attr_group = {
1911         .name      = "ccacipher",
1912         .bin_attrs = ccacipher_attrs,
1913 };
1914
1915 /*
1916  * Sysfs attribute read function for all ep11 aes key binary attributes.
1917  * The implementation can not deal with partial reads, because a new random
1918  * secure key blob is generated with each read. In case of partial reads
1919  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1920  * This function and the sysfs attributes using it provide EP11 key blobs
1921  * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently
1922  * 320 bytes.
1923  */
1924 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits,
1925                                        bool is_xts, char *buf, loff_t off,
1926                                        size_t count)
1927 {
1928         int i, rc, card, dom;
1929         u32 nr_apqns, *apqns = NULL;
1930         size_t keysize = MAXEP11AESKEYBLOBSIZE;
1931
1932         if (off != 0 || count < MAXEP11AESKEYBLOBSIZE)
1933                 return -EINVAL;
1934         if (is_xts)
1935                 if (count < 2 * MAXEP11AESKEYBLOBSIZE)
1936                         return -EINVAL;
1937
1938         /* build a list of apqns able to generate an cipher key */
1939         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1940                             ZCRYPT_CEX7, EP11_API_V, NULL);
1941         if (rc)
1942                 return rc;
1943
1944         memset(buf, 0, is_xts ? 2 * keysize : keysize);
1945
1946         /* simple try all apqns from the list */
1947         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1948                 card = apqns[i] >> 16;
1949                 dom = apqns[i] & 0xFFFF;
1950                 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1951                 if (rc == 0)
1952                         break;
1953         }
1954         if (rc)
1955                 return rc;
1956
1957         if (is_xts) {
1958                 keysize = MAXEP11AESKEYBLOBSIZE;
1959                 buf += MAXEP11AESKEYBLOBSIZE;
1960                 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1961                 if (rc == 0)
1962                         return 2 * MAXEP11AESKEYBLOBSIZE;
1963         }
1964
1965         return MAXEP11AESKEYBLOBSIZE;
1966 }
1967
1968 static ssize_t ep11_aes_128_read(struct file *filp,
1969                                  struct kobject *kobj,
1970                                  struct bin_attribute *attr,
1971                                  char *buf, loff_t off,
1972                                  size_t count)
1973 {
1974         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1975                                        off, count);
1976 }
1977
1978 static ssize_t ep11_aes_192_read(struct file *filp,
1979                                  struct kobject *kobj,
1980                                  struct bin_attribute *attr,
1981                                  char *buf, loff_t off,
1982                                  size_t count)
1983 {
1984         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1985                                        off, count);
1986 }
1987
1988 static ssize_t ep11_aes_256_read(struct file *filp,
1989                                  struct kobject *kobj,
1990                                  struct bin_attribute *attr,
1991                                  char *buf, loff_t off,
1992                                  size_t count)
1993 {
1994         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
1995                                        off, count);
1996 }
1997
1998 static ssize_t ep11_aes_128_xts_read(struct file *filp,
1999                                      struct kobject *kobj,
2000                                      struct bin_attribute *attr,
2001                                      char *buf, loff_t off,
2002                                      size_t count)
2003 {
2004         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
2005                                        off, count);
2006 }
2007
2008 static ssize_t ep11_aes_256_xts_read(struct file *filp,
2009                                      struct kobject *kobj,
2010                                      struct bin_attribute *attr,
2011                                      char *buf, loff_t off,
2012                                      size_t count)
2013 {
2014         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
2015                                        off, count);
2016 }
2017
2018 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE);
2019 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE);
2020 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE);
2021 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2022 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2023
2024 static struct bin_attribute *ep11_attrs[] = {
2025         &bin_attr_ep11_aes_128,
2026         &bin_attr_ep11_aes_192,
2027         &bin_attr_ep11_aes_256,
2028         &bin_attr_ep11_aes_128_xts,
2029         &bin_attr_ep11_aes_256_xts,
2030         NULL
2031 };
2032
2033 static struct attribute_group ep11_attr_group = {
2034         .name      = "ep11",
2035         .bin_attrs = ep11_attrs,
2036 };
2037
2038 static const struct attribute_group *pkey_attr_groups[] = {
2039         &protkey_attr_group,
2040         &ccadata_attr_group,
2041         &ccacipher_attr_group,
2042         &ep11_attr_group,
2043         NULL,
2044 };
2045
2046 static const struct file_operations pkey_fops = {
2047         .owner          = THIS_MODULE,
2048         .open           = nonseekable_open,
2049         .llseek         = no_llseek,
2050         .unlocked_ioctl = pkey_unlocked_ioctl,
2051 };
2052
2053 static struct miscdevice pkey_dev = {
2054         .name   = "pkey",
2055         .minor  = MISC_DYNAMIC_MINOR,
2056         .mode   = 0666,
2057         .fops   = &pkey_fops,
2058         .groups = pkey_attr_groups,
2059 };
2060
2061 /*
2062  * Module init
2063  */
2064 static int __init pkey_init(void)
2065 {
2066         cpacf_mask_t func_mask;
2067
2068         /*
2069          * The pckmo instruction should be available - even if we don't
2070          * actually invoke it. This instruction comes with MSA 3 which
2071          * is also the minimum level for the kmc instructions which
2072          * are able to work with protected keys.
2073          */
2074         if (!cpacf_query(CPACF_PCKMO, &func_mask))
2075                 return -ENODEV;
2076
2077         /* check for kmc instructions available */
2078         if (!cpacf_query(CPACF_KMC, &func_mask))
2079                 return -ENODEV;
2080         if (!cpacf_test_func(&func_mask, CPACF_KMC_PAES_128) ||
2081             !cpacf_test_func(&func_mask, CPACF_KMC_PAES_192) ||
2082             !cpacf_test_func(&func_mask, CPACF_KMC_PAES_256))
2083                 return -ENODEV;
2084
2085         pkey_debug_init();
2086
2087         return misc_register(&pkey_dev);
2088 }
2089
2090 /*
2091  * Module exit
2092  */
2093 static void __exit pkey_exit(void)
2094 {
2095         misc_deregister(&pkey_dev);
2096         pkey_debug_exit();
2097 }
2098
2099 module_cpu_feature_match(MSA, pkey_init);
2100 module_exit(pkey_exit);