1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright IBM Corp. 2001, 2023
4 * Author(s): Robert Burroughs
5 * Eric Rossman (edrossma@us.ibm.com)
7 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
8 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
9 * Ralph Wuerthner <rwuerthn@de.ibm.com>
10 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
13 #define KMSG_COMPONENT "zcrypt"
14 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/init.h>
19 #include <linux/err.h>
20 #include <linux/atomic.h>
21 #include <linux/uaccess.h>
24 #include "zcrypt_api.h"
25 #include "zcrypt_error.h"
26 #include "zcrypt_msgtype50.h"
28 /* >= CEX3A: 4096 bits */
29 #define CEX3A_MAX_MOD_SIZE 512
31 /* >= CEX3A: 512 bit modulus, (max outputdatalength) + type80_hdr */
32 #define CEX3A_MAX_RESPONSE_SIZE 0x210
34 MODULE_AUTHOR("IBM Corporation");
35 MODULE_DESCRIPTION("Cryptographic Accelerator (message type 50), " \
36 "Copyright IBM Corp. 2001, 2023");
37 MODULE_LICENSE("GPL");
40 * The type 50 message family is associated with a CEXxA cards.
42 * The four members of the family are described below.
44 * Note that all unsigned char arrays are right-justified and left-padded
47 * Note that all reserved fields must be zeroes.
50 unsigned char reserved1;
51 unsigned char msg_type_code; /* 0x50 */
52 unsigned short msg_len;
53 unsigned char reserved2;
54 unsigned char ignored;
55 unsigned short reserved3;
58 #define TYPE50_TYPE_CODE 0x50
60 #define TYPE50_MEB1_FMT 0x0001
61 #define TYPE50_MEB2_FMT 0x0002
62 #define TYPE50_MEB3_FMT 0x0003
63 #define TYPE50_CRB1_FMT 0x0011
64 #define TYPE50_CRB2_FMT 0x0012
65 #define TYPE50_CRB3_FMT 0x0013
67 /* Mod-Exp, with a small modulus */
68 struct type50_meb1_msg {
69 struct type50_hdr header;
70 unsigned short keyblock_type; /* 0x0001 */
71 unsigned char reserved[6];
72 unsigned char exponent[128];
73 unsigned char modulus[128];
74 unsigned char message[128];
77 /* Mod-Exp, with a large modulus */
78 struct type50_meb2_msg {
79 struct type50_hdr header;
80 unsigned short keyblock_type; /* 0x0002 */
81 unsigned char reserved[6];
82 unsigned char exponent[256];
83 unsigned char modulus[256];
84 unsigned char message[256];
87 /* Mod-Exp, with a larger modulus */
88 struct type50_meb3_msg {
89 struct type50_hdr header;
90 unsigned short keyblock_type; /* 0x0003 */
91 unsigned char reserved[6];
92 unsigned char exponent[512];
93 unsigned char modulus[512];
94 unsigned char message[512];
97 /* CRT, with a small modulus */
98 struct type50_crb1_msg {
99 struct type50_hdr header;
100 unsigned short keyblock_type; /* 0x0011 */
101 unsigned char reserved[6];
104 unsigned char dp[64];
105 unsigned char dq[64];
107 unsigned char message[128];
110 /* CRT, with a large modulus */
111 struct type50_crb2_msg {
112 struct type50_hdr header;
113 unsigned short keyblock_type; /* 0x0012 */
114 unsigned char reserved[6];
115 unsigned char p[128];
116 unsigned char q[128];
117 unsigned char dp[128];
118 unsigned char dq[128];
119 unsigned char u[128];
120 unsigned char message[256];
123 /* CRT, with a larger modulus */
124 struct type50_crb3_msg {
125 struct type50_hdr header;
126 unsigned short keyblock_type; /* 0x0013 */
127 unsigned char reserved[6];
128 unsigned char p[256];
129 unsigned char q[256];
130 unsigned char dp[256];
131 unsigned char dq[256];
132 unsigned char u[256];
133 unsigned char message[512];
137 * The type 80 response family is associated with a CEXxA cards.
139 * Note that all unsigned char arrays are right-justified and left-padded
142 * Note that all reserved fields must be zeroes.
145 #define TYPE80_RSP_CODE 0x80
148 unsigned char reserved1;
149 unsigned char type; /* 0x80 */
151 unsigned char code; /* 0x00 */
152 unsigned char reserved2[3];
153 unsigned char reserved3[8];
156 int get_rsa_modex_fc(struct ica_rsa_modexpo *mex, int *fcode)
158 if (!mex->inputdatalength)
161 if (mex->inputdatalength <= 128) /* 1024 bit */
163 else if (mex->inputdatalength <= 256) /* 2048 bit */
171 int get_rsa_crt_fc(struct ica_rsa_modexpo_crt *crt, int *fcode)
173 if (!crt->inputdatalength)
176 if (crt->inputdatalength <= 128) /* 1024 bit */
178 else if (crt->inputdatalength <= 256) /* 2048 bit */
187 * Convert a ICAMEX message to a type50 MEX message.
189 * @zq: crypto queue pointer
190 * @ap_msg: crypto request pointer
191 * @mex: pointer to user input data
193 * Returns 0 on success or -EFAULT.
195 static int ICAMEX_msg_to_type50MEX_msg(struct zcrypt_queue *zq,
196 struct ap_message *ap_msg,
197 struct ica_rsa_modexpo *mex)
199 unsigned char *mod, *exp, *inp;
202 mod_len = mex->inputdatalength;
204 if (mod_len <= 128) {
205 struct type50_meb1_msg *meb1 = ap_msg->msg;
207 memset(meb1, 0, sizeof(*meb1));
208 ap_msg->len = sizeof(*meb1);
209 meb1->header.msg_type_code = TYPE50_TYPE_CODE;
210 meb1->header.msg_len = sizeof(*meb1);
211 meb1->keyblock_type = TYPE50_MEB1_FMT;
212 mod = meb1->modulus + sizeof(meb1->modulus) - mod_len;
213 exp = meb1->exponent + sizeof(meb1->exponent) - mod_len;
214 inp = meb1->message + sizeof(meb1->message) - mod_len;
215 } else if (mod_len <= 256) {
216 struct type50_meb2_msg *meb2 = ap_msg->msg;
218 memset(meb2, 0, sizeof(*meb2));
219 ap_msg->len = sizeof(*meb2);
220 meb2->header.msg_type_code = TYPE50_TYPE_CODE;
221 meb2->header.msg_len = sizeof(*meb2);
222 meb2->keyblock_type = TYPE50_MEB2_FMT;
223 mod = meb2->modulus + sizeof(meb2->modulus) - mod_len;
224 exp = meb2->exponent + sizeof(meb2->exponent) - mod_len;
225 inp = meb2->message + sizeof(meb2->message) - mod_len;
226 } else if (mod_len <= 512) {
227 struct type50_meb3_msg *meb3 = ap_msg->msg;
229 memset(meb3, 0, sizeof(*meb3));
230 ap_msg->len = sizeof(*meb3);
231 meb3->header.msg_type_code = TYPE50_TYPE_CODE;
232 meb3->header.msg_len = sizeof(*meb3);
233 meb3->keyblock_type = TYPE50_MEB3_FMT;
234 mod = meb3->modulus + sizeof(meb3->modulus) - mod_len;
235 exp = meb3->exponent + sizeof(meb3->exponent) - mod_len;
236 inp = meb3->message + sizeof(meb3->message) - mod_len;
241 if (copy_from_user(mod, mex->n_modulus, mod_len) ||
242 copy_from_user(exp, mex->b_key, mod_len) ||
243 copy_from_user(inp, mex->inputdata, mod_len))
250 * Convert a ICACRT message to a type50 CRT message.
252 * @zq: crypto queue pointer
253 * @ap_msg: crypto request pointer
254 * @crt: pointer to user input data
256 * Returns 0 on success or -EFAULT.
258 static int ICACRT_msg_to_type50CRT_msg(struct zcrypt_queue *zq,
259 struct ap_message *ap_msg,
260 struct ica_rsa_modexpo_crt *crt)
262 int mod_len, short_len;
263 unsigned char *p, *q, *dp, *dq, *u, *inp;
265 mod_len = crt->inputdatalength;
266 short_len = (mod_len + 1) / 2;
269 * CEX2A and CEX3A w/o FW update can handle requests up to
270 * 256 byte modulus (2k keys).
271 * CEX3A with FW update and newer CEXxA cards are able to handle
272 * 512 byte modulus (4k keys).
274 if (mod_len <= 128) { /* up to 1024 bit key size */
275 struct type50_crb1_msg *crb1 = ap_msg->msg;
277 memset(crb1, 0, sizeof(*crb1));
278 ap_msg->len = sizeof(*crb1);
279 crb1->header.msg_type_code = TYPE50_TYPE_CODE;
280 crb1->header.msg_len = sizeof(*crb1);
281 crb1->keyblock_type = TYPE50_CRB1_FMT;
282 p = crb1->p + sizeof(crb1->p) - short_len;
283 q = crb1->q + sizeof(crb1->q) - short_len;
284 dp = crb1->dp + sizeof(crb1->dp) - short_len;
285 dq = crb1->dq + sizeof(crb1->dq) - short_len;
286 u = crb1->u + sizeof(crb1->u) - short_len;
287 inp = crb1->message + sizeof(crb1->message) - mod_len;
288 } else if (mod_len <= 256) { /* up to 2048 bit key size */
289 struct type50_crb2_msg *crb2 = ap_msg->msg;
291 memset(crb2, 0, sizeof(*crb2));
292 ap_msg->len = sizeof(*crb2);
293 crb2->header.msg_type_code = TYPE50_TYPE_CODE;
294 crb2->header.msg_len = sizeof(*crb2);
295 crb2->keyblock_type = TYPE50_CRB2_FMT;
296 p = crb2->p + sizeof(crb2->p) - short_len;
297 q = crb2->q + sizeof(crb2->q) - short_len;
298 dp = crb2->dp + sizeof(crb2->dp) - short_len;
299 dq = crb2->dq + sizeof(crb2->dq) - short_len;
300 u = crb2->u + sizeof(crb2->u) - short_len;
301 inp = crb2->message + sizeof(crb2->message) - mod_len;
302 } else if ((mod_len <= 512) && /* up to 4096 bit key size */
303 (zq->zcard->max_mod_size == CEX3A_MAX_MOD_SIZE)) {
304 struct type50_crb3_msg *crb3 = ap_msg->msg;
306 memset(crb3, 0, sizeof(*crb3));
307 ap_msg->len = sizeof(*crb3);
308 crb3->header.msg_type_code = TYPE50_TYPE_CODE;
309 crb3->header.msg_len = sizeof(*crb3);
310 crb3->keyblock_type = TYPE50_CRB3_FMT;
311 p = crb3->p + sizeof(crb3->p) - short_len;
312 q = crb3->q + sizeof(crb3->q) - short_len;
313 dp = crb3->dp + sizeof(crb3->dp) - short_len;
314 dq = crb3->dq + sizeof(crb3->dq) - short_len;
315 u = crb3->u + sizeof(crb3->u) - short_len;
316 inp = crb3->message + sizeof(crb3->message) - mod_len;
322 * correct the offset of p, bp and mult_inv according zcrypt.h
323 * block size right aligned (skip the first byte)
325 if (copy_from_user(p, crt->np_prime + MSGTYPE_ADJUSTMENT, short_len) ||
326 copy_from_user(q, crt->nq_prime, short_len) ||
327 copy_from_user(dp, crt->bp_key + MSGTYPE_ADJUSTMENT, short_len) ||
328 copy_from_user(dq, crt->bq_key, short_len) ||
329 copy_from_user(u, crt->u_mult_inv + MSGTYPE_ADJUSTMENT, short_len) ||
330 copy_from_user(inp, crt->inputdata, mod_len))
337 * Copy results from a type 80 reply message back to user space.
339 * @zq: crypto device pointer
340 * @reply: reply AP message.
341 * @data: pointer to user output data
342 * @length: size of user output data
344 * Returns 0 on success or -EFAULT.
346 static int convert_type80(struct zcrypt_queue *zq,
347 struct ap_message *reply,
348 char __user *outputdata,
349 unsigned int outputdatalength)
351 struct type80_hdr *t80h = reply->msg;
354 if (t80h->len < sizeof(*t80h) + outputdatalength) {
355 /* The result is too short, the CEXxA card may not do that.. */
357 pr_err("Crypto dev=%02x.%04x code=0x%02x => online=0 rc=EAGAIN\n",
358 AP_QID_CARD(zq->queue->qid),
359 AP_QID_QUEUE(zq->queue->qid), t80h->code);
360 ZCRYPT_DBF_ERR("%s dev=%02x.%04x code=0x%02x => online=0 rc=EAGAIN\n",
361 __func__, AP_QID_CARD(zq->queue->qid),
362 AP_QID_QUEUE(zq->queue->qid), t80h->code);
363 ap_send_online_uevent(&zq->queue->ap_dev, zq->online);
366 BUG_ON(t80h->len > CEX3A_MAX_RESPONSE_SIZE);
367 data = reply->msg + t80h->len - outputdatalength;
368 if (copy_to_user(outputdata, data, outputdatalength))
373 static int convert_response(struct zcrypt_queue *zq,
374 struct ap_message *reply,
375 char __user *outputdata,
376 unsigned int outputdatalength)
378 /* Response type byte is the second byte in the response. */
379 unsigned char rtype = ((unsigned char *)reply->msg)[1];
382 case TYPE82_RSP_CODE:
383 case TYPE88_RSP_CODE:
384 return convert_error(zq, reply);
385 case TYPE80_RSP_CODE:
386 return convert_type80(zq, reply,
387 outputdata, outputdatalength);
388 default: /* Unknown response type, this should NEVER EVER happen */
390 pr_err("Crypto dev=%02x.%04x unknown response type 0x%02x => online=0 rc=EAGAIN\n",
391 AP_QID_CARD(zq->queue->qid),
392 AP_QID_QUEUE(zq->queue->qid),
395 "%s dev=%02x.%04x unknown response type 0x%02x => online=0 rc=EAGAIN\n",
396 __func__, AP_QID_CARD(zq->queue->qid),
397 AP_QID_QUEUE(zq->queue->qid), (int)rtype);
398 ap_send_online_uevent(&zq->queue->ap_dev, zq->online);
404 * This function is called from the AP bus code after a crypto request
405 * "msg" has finished with the reply message "reply".
406 * It is called from tasklet context.
407 * @aq: pointer to the AP device
408 * @msg: pointer to the AP message
409 * @reply: pointer to the AP reply message
411 static void zcrypt_msgtype50_receive(struct ap_queue *aq,
412 struct ap_message *msg,
413 struct ap_message *reply)
415 static struct error_hdr error_reply = {
416 .type = TYPE82_RSP_CODE,
417 .reply_code = REP82_ERROR_MACHINE_FAILURE,
419 struct type80_hdr *t80h;
422 /* Copy the reply message to the request message buffer. */
424 goto out; /* ap_msg->rc indicates the error */
426 if (t80h->type == TYPE80_RSP_CODE) {
428 if (len > reply->bufsize || len > msg->bufsize ||
430 ZCRYPT_DBF_DBG("%s len mismatch => EMSGSIZE\n", __func__);
434 memcpy(msg->msg, reply->msg, len);
437 memcpy(msg->msg, reply->msg, sizeof(error_reply));
438 msg->len = sizeof(error_reply);
441 complete((struct completion *)msg->private);
444 static atomic_t zcrypt_step = ATOMIC_INIT(0);
447 * The request distributor calls this function if it picked the CEXxA
448 * device to handle a modexpo request.
449 * @zq: pointer to zcrypt_queue structure that identifies the
450 * CEXxA device to the request distributor
451 * @mex: pointer to the modexpo request buffer
453 static long zcrypt_msgtype50_modexpo(struct zcrypt_queue *zq,
454 struct ica_rsa_modexpo *mex,
455 struct ap_message *ap_msg)
457 struct completion work;
460 ap_msg->bufsize = MSGTYPE50_CRB3_MAX_MSG_SIZE;
461 ap_msg->msg = kmalloc(ap_msg->bufsize, GFP_KERNEL);
464 ap_msg->receive = zcrypt_msgtype50_receive;
465 ap_msg->psmid = (((unsigned long)current->pid) << 32) +
466 atomic_inc_return(&zcrypt_step);
467 ap_msg->private = &work;
468 rc = ICAMEX_msg_to_type50MEX_msg(zq, ap_msg, mex);
471 init_completion(&work);
472 rc = ap_queue_message(zq->queue, ap_msg);
475 rc = wait_for_completion_interruptible(&work);
479 rc = convert_response(zq, ap_msg,
481 mex->outputdatalength);
483 /* Signal pending. */
484 ap_cancel_message(zq->queue, ap_msg);
488 ap_msg->private = NULL;
490 ZCRYPT_DBF_DBG("%s send me cprb at dev=%02x.%04x rc=%d\n",
491 __func__, AP_QID_CARD(zq->queue->qid),
492 AP_QID_QUEUE(zq->queue->qid), rc);
497 * The request distributor calls this function if it picked the CEXxA
498 * device to handle a modexpo_crt request.
499 * @zq: pointer to zcrypt_queue structure that identifies the
500 * CEXxA device to the request distributor
501 * @crt: pointer to the modexpoc_crt request buffer
503 static long zcrypt_msgtype50_modexpo_crt(struct zcrypt_queue *zq,
504 struct ica_rsa_modexpo_crt *crt,
505 struct ap_message *ap_msg)
507 struct completion work;
510 ap_msg->bufsize = MSGTYPE50_CRB3_MAX_MSG_SIZE;
511 ap_msg->msg = kmalloc(ap_msg->bufsize, GFP_KERNEL);
514 ap_msg->receive = zcrypt_msgtype50_receive;
515 ap_msg->psmid = (((unsigned long)current->pid) << 32) +
516 atomic_inc_return(&zcrypt_step);
517 ap_msg->private = &work;
518 rc = ICACRT_msg_to_type50CRT_msg(zq, ap_msg, crt);
521 init_completion(&work);
522 rc = ap_queue_message(zq->queue, ap_msg);
525 rc = wait_for_completion_interruptible(&work);
529 rc = convert_response(zq, ap_msg,
531 crt->outputdatalength);
533 /* Signal pending. */
534 ap_cancel_message(zq->queue, ap_msg);
538 ap_msg->private = NULL;
540 ZCRYPT_DBF_DBG("%s send crt cprb at dev=%02x.%04x rc=%d\n",
541 __func__, AP_QID_CARD(zq->queue->qid),
542 AP_QID_QUEUE(zq->queue->qid), rc);
547 * The crypto operations for message type 50.
549 static struct zcrypt_ops zcrypt_msgtype50_ops = {
550 .rsa_modexpo = zcrypt_msgtype50_modexpo,
551 .rsa_modexpo_crt = zcrypt_msgtype50_modexpo_crt,
552 .owner = THIS_MODULE,
553 .name = MSGTYPE50_NAME,
554 .variant = MSGTYPE50_VARIANT_DEFAULT,
557 void __init zcrypt_msgtype50_init(void)
559 zcrypt_msgtype_register(&zcrypt_msgtype50_ops);
562 void __exit zcrypt_msgtype50_exit(void)
564 zcrypt_msgtype_unregister(&zcrypt_msgtype50_ops);
projects / releases.git / blob