2 * linux/drivers/s390/crypto/zcrypt_pcixcc.c
6 * Copyright (C) 2001, 2006 IBM Corporation
7 * Author(s): Robert Burroughs
8 * Eric Rossman (edrossma@us.ibm.com)
10 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
11 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
12 * Ralph Wuerthner <rwuerthn@de.ibm.com>
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2, or (at your option)
19 * This program is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with this program; if not, write to the Free Software
26 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #include <linux/module.h>
30 #include <linux/init.h>
31 #include <linux/err.h>
32 #include <linux/delay.h>
33 #include <asm/atomic.h>
34 #include <asm/uaccess.h>
37 #include "zcrypt_api.h"
38 #include "zcrypt_error.h"
39 #include "zcrypt_pcicc.h"
40 #include "zcrypt_pcixcc.h"
41 #include "zcrypt_cca_key.h"
43 #define PCIXCC_MIN_MOD_SIZE 16 /* 128 bits */
44 #define PCIXCC_MIN_MOD_SIZE_OLD 64 /* 512 bits */
45 #define PCIXCC_MAX_MOD_SIZE 256 /* 2048 bits */
47 #define PCIXCC_MCL2_SPEED_RATING 7870 /* FIXME: needs finetuning */
48 #define PCIXCC_MCL3_SPEED_RATING 7870
49 #define CEX2C_SPEED_RATING 8540
51 #define PCIXCC_MAX_ICA_MESSAGE_SIZE 0x77c /* max size type6 v2 crt message */
52 #define PCIXCC_MAX_ICA_RESPONSE_SIZE 0x77c /* max size type86 v2 reply */
54 #define PCIXCC_MAX_XCRB_MESSAGE_SIZE (12*1024)
55 #define PCIXCC_MAX_XCRB_RESPONSE_SIZE PCIXCC_MAX_XCRB_MESSAGE_SIZE
56 #define PCIXCC_MAX_XCRB_DATA_SIZE (11*1024)
57 #define PCIXCC_MAX_XCRB_REPLY_SIZE (5*1024)
59 #define PCIXCC_MAX_RESPONSE_SIZE PCIXCC_MAX_XCRB_RESPONSE_SIZE
61 #define PCIXCC_CLEANUP_TIME (15*HZ)
63 #define CEIL4(x) ((((x)+3)/4)*4)
65 struct response_type {
66 struct completion work;
69 #define PCIXCC_RESPONSE_TYPE_ICA 0
70 #define PCIXCC_RESPONSE_TYPE_XCRB 1
72 static struct ap_device_id zcrypt_pcixcc_ids[] = {
73 { AP_DEVICE(AP_DEVICE_TYPE_PCIXCC) },
74 { AP_DEVICE(AP_DEVICE_TYPE_CEX2C) },
75 { AP_DEVICE(AP_DEVICE_TYPE_CEX2C2) },
76 { /* end of list */ },
79 #ifndef CONFIG_ZCRYPT_MONOLITHIC
80 MODULE_DEVICE_TABLE(ap, zcrypt_pcixcc_ids);
81 MODULE_AUTHOR("IBM Corporation");
82 MODULE_DESCRIPTION("PCIXCC Cryptographic Coprocessor device driver, "
83 "Copyright 2001, 2006 IBM Corporation");
84 MODULE_LICENSE("GPL");
87 static int zcrypt_pcixcc_probe(struct ap_device *ap_dev);
88 static void zcrypt_pcixcc_remove(struct ap_device *ap_dev);
89 static void zcrypt_pcixcc_receive(struct ap_device *, struct ap_message *,
92 static struct ap_driver zcrypt_pcixcc_driver = {
93 .probe = zcrypt_pcixcc_probe,
94 .remove = zcrypt_pcixcc_remove,
95 .receive = zcrypt_pcixcc_receive,
96 .ids = zcrypt_pcixcc_ids,
97 .request_timeout = PCIXCC_CLEANUP_TIME,
101 * The following is used to initialize the CPRBX passed to the PCIXCC/CEX2C
102 * card in a type6 message. The 3 fields that must be filled in at execution
103 * time are req_parml, rpl_parml and usage_domain.
104 * Everything about this interface is ascii/big-endian, since the
105 * device does *not* have 'Intel inside'.
107 * The CPRBX is followed immediately by the parm block.
108 * The parm block contains:
109 * - function code ('PD' 0x5044 or 'PK' 0x504B)
110 * - rule block (one of:)
111 * + 0x000A 'PKCS-1.2' (MCL2 'PD')
112 * + 0x000A 'ZERO-PAD' (MCL2 'PK')
113 * + 0x000A 'ZERO-PAD' (MCL3 'PD' or CEX2C 'PD')
114 * + 0x000A 'MRP ' (MCL3 'PK' or CEX2C 'PK')
117 static struct CPRBX static_cprbx = {
120 .func_id = {0x54,0x32},
124 * Convert a ICAMEX message to a type6 MEX message.
126 * @zdev: crypto device pointer
127 * @ap_msg: pointer to AP message
128 * @mex: pointer to user input data
130 * Returns 0 on success or -EFAULT.
132 static int ICAMEX_msg_to_type6MEX_msgX(struct zcrypt_device *zdev,
133 struct ap_message *ap_msg,
134 struct ica_rsa_modexpo *mex)
136 static struct type6_hdr static_type6_hdrX = {
138 .offset1 = 0x00000058,
139 .agent_id = {'C','A',},
140 .function_code = {'P','K'},
142 static struct function_and_rules_block static_pke_fnr = {
143 .function_code = {'P','K'},
145 .only_rule = {'M','R','P',' ',' ',' ',' ',' '}
147 static struct function_and_rules_block static_pke_fnr_MCL2 = {
148 .function_code = {'P','K'},
150 .only_rule = {'Z','E','R','O','-','P','A','D'}
153 struct type6_hdr hdr;
155 struct function_and_rules_block fr;
156 unsigned short length;
158 } __attribute__((packed)) *msg = ap_msg->message;
162 msg->length = mex->inputdatalength + 2;
163 if (copy_from_user(msg->text, mex->inputdata, mex->inputdatalength))
166 /* Set up key which is located after the variable length text. */
167 size = zcrypt_type6_mex_key_en(mex, msg->text+mex->inputdatalength, 1);
170 size += sizeof(*msg) + mex->inputdatalength;
172 /* message header, cprbx and f&r */
173 msg->hdr = static_type6_hdrX;
174 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
175 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
177 msg->cprbx = static_cprbx;
178 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
179 msg->cprbx.rpl_msgbl = msg->hdr.FromCardLen1;
181 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
182 static_pke_fnr_MCL2 : static_pke_fnr;
184 msg->cprbx.req_parml = size - sizeof(msg->hdr) - sizeof(msg->cprbx);
186 ap_msg->length = size;
191 * Convert a ICACRT message to a type6 CRT message.
193 * @zdev: crypto device pointer
194 * @ap_msg: pointer to AP message
195 * @crt: pointer to user input data
197 * Returns 0 on success or -EFAULT.
199 static int ICACRT_msg_to_type6CRT_msgX(struct zcrypt_device *zdev,
200 struct ap_message *ap_msg,
201 struct ica_rsa_modexpo_crt *crt)
203 static struct type6_hdr static_type6_hdrX = {
205 .offset1 = 0x00000058,
206 .agent_id = {'C','A',},
207 .function_code = {'P','D'},
209 static struct function_and_rules_block static_pkd_fnr = {
210 .function_code = {'P','D'},
212 .only_rule = {'Z','E','R','O','-','P','A','D'}
215 static struct function_and_rules_block static_pkd_fnr_MCL2 = {
216 .function_code = {'P','D'},
218 .only_rule = {'P','K','C','S','-','1','.','2'}
221 struct type6_hdr hdr;
223 struct function_and_rules_block fr;
224 unsigned short length;
226 } __attribute__((packed)) *msg = ap_msg->message;
230 msg->length = crt->inputdatalength + 2;
231 if (copy_from_user(msg->text, crt->inputdata, crt->inputdatalength))
234 /* Set up key which is located after the variable length text. */
235 size = zcrypt_type6_crt_key(crt, msg->text + crt->inputdatalength, 1);
238 size += sizeof(*msg) + crt->inputdatalength; /* total size of msg */
240 /* message header, cprbx and f&r */
241 msg->hdr = static_type6_hdrX;
242 msg->hdr.ToCardLen1 = size - sizeof(msg->hdr);
243 msg->hdr.FromCardLen1 = PCIXCC_MAX_ICA_RESPONSE_SIZE - sizeof(msg->hdr);
245 msg->cprbx = static_cprbx;
246 msg->cprbx.domain = AP_QID_QUEUE(zdev->ap_dev->qid);
247 msg->cprbx.req_parml = msg->cprbx.rpl_msgbl =
248 size - sizeof(msg->hdr) - sizeof(msg->cprbx);
250 msg->fr = (zdev->user_space_type == ZCRYPT_PCIXCC_MCL2) ?
251 static_pkd_fnr_MCL2 : static_pkd_fnr;
253 ap_msg->length = size;
258 * Convert a XCRB message to a type6 CPRB message.
260 * @zdev: crypto device pointer
261 * @ap_msg: pointer to AP message
262 * @xcRB: pointer to user input data
264 * Returns 0 on success or -EFAULT.
266 struct type86_fmt2_msg {
267 struct type86_hdr hdr;
268 struct type86_fmt2_ext fmt2;
269 } __attribute__((packed));
271 static int XCRB_msg_to_type6CPRB_msgX(struct zcrypt_device *zdev,
272 struct ap_message *ap_msg,
273 struct ica_xcRB *xcRB)
275 static struct type6_hdr static_type6_hdrX = {
277 .offset1 = 0x00000058,
280 struct type6_hdr hdr;
282 } __attribute__((packed)) *msg = ap_msg->message;
284 int rcblen = CEIL4(xcRB->request_control_blk_length);
286 char *req_data = ap_msg->message + sizeof(struct type6_hdr) + rcblen;
290 ap_msg->length = sizeof(struct type6_hdr) +
291 CEIL4(xcRB->request_control_blk_length) +
292 xcRB->request_data_length;
293 if (ap_msg->length > PCIXCC_MAX_XCRB_MESSAGE_SIZE)
295 if (CEIL4(xcRB->reply_control_blk_length) > PCIXCC_MAX_XCRB_REPLY_SIZE)
297 if (CEIL4(xcRB->reply_data_length) > PCIXCC_MAX_XCRB_DATA_SIZE)
299 replylen = CEIL4(xcRB->reply_control_blk_length) +
300 CEIL4(xcRB->reply_data_length) +
301 sizeof(struct type86_fmt2_msg);
302 if (replylen > PCIXCC_MAX_XCRB_RESPONSE_SIZE) {
303 xcRB->reply_control_blk_length = PCIXCC_MAX_XCRB_RESPONSE_SIZE -
304 (sizeof(struct type86_fmt2_msg) +
305 CEIL4(xcRB->reply_data_length));
308 /* prepare type6 header */
309 msg->hdr = static_type6_hdrX;
310 memcpy(msg->hdr.agent_id , &(xcRB->agent_ID), sizeof(xcRB->agent_ID));
311 msg->hdr.ToCardLen1 = xcRB->request_control_blk_length;
312 if (xcRB->request_data_length) {
313 msg->hdr.offset2 = msg->hdr.offset1 + rcblen;
314 msg->hdr.ToCardLen2 = xcRB->request_data_length;
316 msg->hdr.FromCardLen1 = xcRB->reply_control_blk_length;
317 msg->hdr.FromCardLen2 = xcRB->reply_data_length;
320 if (copy_from_user(&(msg->cprbx), xcRB->request_control_blk_addr,
321 xcRB->request_control_blk_length))
323 if (msg->cprbx.cprb_len + sizeof(msg->hdr.function_code) >
324 xcRB->request_control_blk_length)
326 function_code = ((unsigned char *)&msg->cprbx) + msg->cprbx.cprb_len;
327 memcpy(msg->hdr.function_code, function_code, sizeof(msg->hdr.function_code));
329 /* copy data block */
330 if (xcRB->request_data_length &&
331 copy_from_user(req_data, xcRB->request_data_address,
332 xcRB->request_data_length))
338 * Prepare a type6 CPRB message for random number generation
340 * @ap_dev: AP device pointer
341 * @ap_msg: pointer to AP message
343 static void rng_type6CPRB_msgX(struct ap_device *ap_dev,
344 struct ap_message *ap_msg,
345 unsigned random_number_length)
348 struct type6_hdr hdr;
350 char function_code[2];
351 short int rule_length;
353 short int verb_length;
354 short int key_length;
355 } __attribute__((packed)) *msg = ap_msg->message;
356 static struct type6_hdr static_type6_hdrX = {
358 .offset1 = 0x00000058,
359 .agent_id = {'C', 'A'},
360 .function_code = {'R', 'L'},
361 .ToCardLen1 = sizeof *msg - sizeof(msg->hdr),
362 .FromCardLen1 = sizeof *msg - sizeof(msg->hdr),
364 static struct CPRBX static_cprbx = {
367 .func_id = {0x54, 0x32},
368 .req_parml = sizeof *msg - sizeof(msg->hdr) -
370 .rpl_msgbl = sizeof *msg - sizeof(msg->hdr),
373 msg->hdr = static_type6_hdrX;
374 msg->hdr.FromCardLen2 = random_number_length,
375 msg->cprbx = static_cprbx;
376 msg->cprbx.rpl_datal = random_number_length,
377 msg->cprbx.domain = AP_QID_QUEUE(ap_dev->qid);
378 memcpy(msg->function_code, msg->hdr.function_code, 0x02);
379 msg->rule_length = 0x0a;
380 memcpy(msg->rule, "RANDOM ", 8);
381 msg->verb_length = 0x02;
382 msg->key_length = 0x02;
383 ap_msg->length = sizeof *msg;
387 * Copy results from a type 86 ICA reply message back to user space.
389 * @zdev: crypto device pointer
390 * @reply: reply AP message.
391 * @data: pointer to user output data
392 * @length: size of user output data
394 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
396 struct type86x_reply {
397 struct type86_hdr hdr;
398 struct type86_fmt2_ext fmt2;
400 unsigned char pad[4]; /* 4 byte function code/rules block ? */
401 unsigned short length;
403 } __attribute__((packed));
405 static int convert_type86_ica(struct zcrypt_device *zdev,
406 struct ap_message *reply,
407 char __user *outputdata,
408 unsigned int outputdatalength)
410 static unsigned char static_pad[] = {
412 0x1B,0x7B,0x5D,0xB5,0x75,0x01,0x3D,0xFD,
413 0x8D,0xD1,0xC7,0x03,0x2D,0x09,0x23,0x57,
414 0x89,0x49,0xB9,0x3F,0xBB,0x99,0x41,0x5B,
415 0x75,0x21,0x7B,0x9D,0x3B,0x6B,0x51,0x39,
416 0xBB,0x0D,0x35,0xB9,0x89,0x0F,0x93,0xA5,
417 0x0B,0x47,0xF1,0xD3,0xBB,0xCB,0xF1,0x9D,
418 0x23,0x73,0x71,0xFF,0xF3,0xF5,0x45,0xFB,
419 0x61,0x29,0x23,0xFD,0xF1,0x29,0x3F,0x7F,
420 0x17,0xB7,0x1B,0xA9,0x19,0xBD,0x57,0xA9,
421 0xD7,0x95,0xA3,0xCB,0xED,0x1D,0xDB,0x45,
422 0x7D,0x11,0xD1,0x51,0x1B,0xED,0x71,0xE9,
423 0xB1,0xD1,0xAB,0xAB,0x21,0x2B,0x1B,0x9F,
424 0x3B,0x9F,0xF7,0xF7,0xBD,0x63,0xEB,0xAD,
425 0xDF,0xB3,0x6F,0x5B,0xDB,0x8D,0xA9,0x5D,
426 0xE3,0x7D,0x77,0x49,0x47,0xF5,0xA7,0xFD,
427 0xAB,0x2F,0x27,0x35,0x77,0xD3,0x49,0xC9,
428 0x09,0xEB,0xB1,0xF9,0xBF,0x4B,0xCB,0x2B,
429 0xEB,0xEB,0x05,0xFF,0x7D,0xC7,0x91,0x8B,
430 0x09,0x83,0xB9,0xB9,0x69,0x33,0x39,0x6B,
431 0x79,0x75,0x19,0xBF,0xBB,0x07,0x1D,0xBD,
432 0x29,0xBF,0x39,0x95,0x93,0x1D,0x35,0xC7,
433 0xC9,0x4D,0xE5,0x97,0x0B,0x43,0x9B,0xF1,
434 0x16,0x93,0x03,0x1F,0xA5,0xFB,0xDB,0xF3,
435 0x27,0x4F,0x27,0x61,0x05,0x1F,0xB9,0x23,
436 0x2F,0xC3,0x81,0xA9,0x23,0x71,0x55,0x55,
437 0xEB,0xED,0x41,0xE5,0xF3,0x11,0xF1,0x43,
438 0x69,0x03,0xBD,0x0B,0x37,0x0F,0x51,0x8F,
439 0x0B,0xB5,0x89,0x5B,0x67,0xA9,0xD9,0x4F,
440 0x01,0xF9,0x21,0x77,0x37,0x73,0x79,0xC5,
441 0x7F,0x51,0xC1,0xCF,0x97,0xA1,0x75,0xAD,
442 0x35,0x9D,0xD3,0xD3,0xA7,0x9D,0x5D,0x41,
443 0x6F,0x65,0x1B,0xCF,0xA9,0x87,0x91,0x09
445 struct type86x_reply *msg = reply->message;
446 unsigned short service_rc, service_rs;
447 unsigned int reply_len, pad_len;
450 service_rc = msg->cprbx.ccp_rtcode;
451 if (unlikely(service_rc != 0)) {
452 service_rs = msg->cprbx.ccp_rscode;
453 if (service_rc == 8 && service_rs == 66)
455 if (service_rc == 8 && service_rs == 65)
457 if (service_rc == 8 && service_rs == 770)
459 if (service_rc == 8 && service_rs == 783) {
460 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
463 if (service_rc == 12 && service_rs == 769)
466 return -EAGAIN; /* repeat the request on a different device. */
469 reply_len = msg->length - 2;
470 if (reply_len > outputdatalength)
473 * For all encipher requests, the length of the ciphertext (reply_len)
474 * will always equal the modulus length. For MEX decipher requests
475 * the output needs to get padded. Minimum pad size is 10.
477 * Currently, the cases where padding will be added is for:
478 * - PCIXCC_MCL2 using a CRT form token (since PKD didn't support
479 * ZERO-PAD and CRT is only supported for PKD requests)
482 pad_len = outputdatalength - reply_len;
486 /* 'restore' padding left in the PCICC/PCIXCC card. */
487 if (copy_to_user(outputdata, static_pad, pad_len - 1))
489 if (put_user(0, outputdata + pad_len - 1))
492 /* Copy the crypto response to user space. */
493 if (copy_to_user(outputdata + pad_len, data, reply_len))
499 * Copy results from a type 86 XCRB reply message back to user space.
501 * @zdev: crypto device pointer
502 * @reply: reply AP message.
503 * @xcRB: pointer to XCRB
505 * Returns 0 on success or -EINVAL, -EFAULT, -EAGAIN in case of an error.
507 static int convert_type86_xcrb(struct zcrypt_device *zdev,
508 struct ap_message *reply,
509 struct ica_xcRB *xcRB)
511 struct type86_fmt2_msg *msg = reply->message;
512 char *data = reply->message;
514 /* Copy CPRB to user */
515 if (copy_to_user(xcRB->reply_control_blk_addr,
516 data + msg->fmt2.offset1, msg->fmt2.count1))
518 xcRB->reply_control_blk_length = msg->fmt2.count1;
520 /* Copy data buffer to user */
521 if (msg->fmt2.count2)
522 if (copy_to_user(xcRB->reply_data_addr,
523 data + msg->fmt2.offset2, msg->fmt2.count2))
525 xcRB->reply_data_length = msg->fmt2.count2;
529 static int convert_type86_rng(struct zcrypt_device *zdev,
530 struct ap_message *reply,
534 struct type86_hdr hdr;
535 struct type86_fmt2_ext fmt2;
537 } __attribute__((packed)) *msg = reply->message;
538 char *data = reply->message;
540 if (msg->cprbx.ccp_rtcode != 0 || msg->cprbx.ccp_rscode != 0)
542 memcpy(buffer, data + msg->fmt2.offset2, msg->fmt2.count2);
543 return msg->fmt2.count2;
546 static int convert_response_ica(struct zcrypt_device *zdev,
547 struct ap_message *reply,
548 char __user *outputdata,
549 unsigned int outputdatalength)
551 struct type86x_reply *msg = reply->message;
553 /* Response type byte is the second byte in the response. */
554 switch (((unsigned char *) reply->message)[1]) {
555 case TYPE82_RSP_CODE:
556 case TYPE88_RSP_CODE:
557 return convert_error(zdev, reply);
558 case TYPE86_RSP_CODE:
559 if (msg->hdr.reply_code)
560 return convert_error(zdev, reply);
561 if (msg->cprbx.cprb_ver_id == 0x02)
562 return convert_type86_ica(zdev, reply,
563 outputdata, outputdatalength);
564 /* no break, incorrect cprb version is an unknown response */
565 default: /* Unknown response type, this should NEVER EVER happen */
567 return -EAGAIN; /* repeat the request on a different device. */
571 static int convert_response_xcrb(struct zcrypt_device *zdev,
572 struct ap_message *reply,
573 struct ica_xcRB *xcRB)
575 struct type86x_reply *msg = reply->message;
577 /* Response type byte is the second byte in the response. */
578 switch (((unsigned char *) reply->message)[1]) {
579 case TYPE82_RSP_CODE:
580 case TYPE88_RSP_CODE:
581 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
582 return convert_error(zdev, reply);
583 case TYPE86_RSP_CODE:
584 if (msg->hdr.reply_code) {
585 memcpy(&(xcRB->status), msg->fmt2.apfs, sizeof(u32));
586 return convert_error(zdev, reply);
588 if (msg->cprbx.cprb_ver_id == 0x02)
589 return convert_type86_xcrb(zdev, reply, xcRB);
590 /* no break, incorrect cprb version is an unknown response */
591 default: /* Unknown response type, this should NEVER EVER happen */
592 xcRB->status = 0x0008044DL; /* HDD_InvalidParm */
594 return -EAGAIN; /* repeat the request on a different device. */
598 static int convert_response_rng(struct zcrypt_device *zdev,
599 struct ap_message *reply,
602 struct type86x_reply *msg = reply->message;
604 switch (msg->hdr.type) {
605 case TYPE82_RSP_CODE:
606 case TYPE88_RSP_CODE:
608 case TYPE86_RSP_CODE:
609 if (msg->hdr.reply_code)
611 if (msg->cprbx.cprb_ver_id == 0x02)
612 return convert_type86_rng(zdev, reply, data);
613 /* no break, incorrect cprb version is an unknown response */
614 default: /* Unknown response type, this should NEVER EVER happen */
616 return -EAGAIN; /* repeat the request on a different device. */
621 * This function is called from the AP bus code after a crypto request
622 * "msg" has finished with the reply message "reply".
623 * It is called from tasklet context.
624 * @ap_dev: pointer to the AP device
625 * @msg: pointer to the AP message
626 * @reply: pointer to the AP reply message
628 static void zcrypt_pcixcc_receive(struct ap_device *ap_dev,
629 struct ap_message *msg,
630 struct ap_message *reply)
632 static struct error_hdr error_reply = {
633 .type = TYPE82_RSP_CODE,
634 .reply_code = REP82_ERROR_MACHINE_FAILURE,
636 struct response_type *resp_type =
637 (struct response_type *) msg->private;
638 struct type86x_reply *t86r;
641 /* Copy the reply message to the request message buffer. */
643 memcpy(msg->message, &error_reply, sizeof(error_reply));
646 t86r = reply->message;
647 if (t86r->hdr.type == TYPE86_RSP_CODE &&
648 t86r->cprbx.cprb_ver_id == 0x02) {
649 switch (resp_type->type) {
650 case PCIXCC_RESPONSE_TYPE_ICA:
651 length = sizeof(struct type86x_reply)
653 length = min(PCIXCC_MAX_ICA_RESPONSE_SIZE, length);
654 memcpy(msg->message, reply->message, length);
656 case PCIXCC_RESPONSE_TYPE_XCRB:
657 length = t86r->fmt2.offset2 + t86r->fmt2.count2;
658 length = min(PCIXCC_MAX_XCRB_RESPONSE_SIZE, length);
659 memcpy(msg->message, reply->message, length);
662 memcpy(msg->message, &error_reply, sizeof error_reply);
665 memcpy(msg->message, reply->message, sizeof error_reply);
667 complete(&(resp_type->work));
670 static atomic_t zcrypt_step = ATOMIC_INIT(0);
673 * The request distributor calls this function if it picked the PCIXCC/CEX2C
674 * device to handle a modexpo request.
675 * @zdev: pointer to zcrypt_device structure that identifies the
676 * PCIXCC/CEX2C device to the request distributor
677 * @mex: pointer to the modexpo request buffer
679 static long zcrypt_pcixcc_modexpo(struct zcrypt_device *zdev,
680 struct ica_rsa_modexpo *mex)
682 struct ap_message ap_msg;
683 struct response_type resp_type = {
684 .type = PCIXCC_RESPONSE_TYPE_ICA,
688 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
691 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
692 atomic_inc_return(&zcrypt_step);
693 ap_msg.private = &resp_type;
694 rc = ICAMEX_msg_to_type6MEX_msgX(zdev, &ap_msg, mex);
697 init_completion(&resp_type.work);
698 ap_queue_message(zdev->ap_dev, &ap_msg);
699 rc = wait_for_completion_interruptible(&resp_type.work);
701 rc = convert_response_ica(zdev, &ap_msg, mex->outputdata,
702 mex->outputdatalength);
704 /* Signal pending. */
705 ap_cancel_message(zdev->ap_dev, &ap_msg);
707 free_page((unsigned long) ap_msg.message);
712 * The request distributor calls this function if it picked the PCIXCC/CEX2C
713 * device to handle a modexpo_crt request.
714 * @zdev: pointer to zcrypt_device structure that identifies the
715 * PCIXCC/CEX2C device to the request distributor
716 * @crt: pointer to the modexpoc_crt request buffer
718 static long zcrypt_pcixcc_modexpo_crt(struct zcrypt_device *zdev,
719 struct ica_rsa_modexpo_crt *crt)
721 struct ap_message ap_msg;
722 struct response_type resp_type = {
723 .type = PCIXCC_RESPONSE_TYPE_ICA,
727 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
730 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
731 atomic_inc_return(&zcrypt_step);
732 ap_msg.private = &resp_type;
733 rc = ICACRT_msg_to_type6CRT_msgX(zdev, &ap_msg, crt);
736 init_completion(&resp_type.work);
737 ap_queue_message(zdev->ap_dev, &ap_msg);
738 rc = wait_for_completion_interruptible(&resp_type.work);
740 rc = convert_response_ica(zdev, &ap_msg, crt->outputdata,
741 crt->outputdatalength);
743 /* Signal pending. */
744 ap_cancel_message(zdev->ap_dev, &ap_msg);
746 free_page((unsigned long) ap_msg.message);
751 * The request distributor calls this function if it picked the PCIXCC/CEX2C
752 * device to handle a send_cprb request.
753 * @zdev: pointer to zcrypt_device structure that identifies the
754 * PCIXCC/CEX2C device to the request distributor
755 * @xcRB: pointer to the send_cprb request buffer
757 static long zcrypt_pcixcc_send_cprb(struct zcrypt_device *zdev,
758 struct ica_xcRB *xcRB)
760 struct ap_message ap_msg;
761 struct response_type resp_type = {
762 .type = PCIXCC_RESPONSE_TYPE_XCRB,
766 ap_msg.message = kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE, GFP_KERNEL);
769 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
770 atomic_inc_return(&zcrypt_step);
771 ap_msg.private = &resp_type;
772 rc = XCRB_msg_to_type6CPRB_msgX(zdev, &ap_msg, xcRB);
775 init_completion(&resp_type.work);
776 ap_queue_message(zdev->ap_dev, &ap_msg);
777 rc = wait_for_completion_interruptible(&resp_type.work);
779 rc = convert_response_xcrb(zdev, &ap_msg, xcRB);
781 /* Signal pending. */
782 ap_cancel_message(zdev->ap_dev, &ap_msg);
784 kzfree(ap_msg.message);
789 * The request distributor calls this function if it picked the PCIXCC/CEX2C
790 * device to generate random data.
791 * @zdev: pointer to zcrypt_device structure that identifies the
792 * PCIXCC/CEX2C device to the request distributor
793 * @buffer: pointer to a memory page to return random data
796 static long zcrypt_pcixcc_rng(struct zcrypt_device *zdev,
799 struct ap_message ap_msg;
800 struct response_type resp_type = {
801 .type = PCIXCC_RESPONSE_TYPE_XCRB,
805 ap_msg.message = kmalloc(PCIXCC_MAX_XCRB_MESSAGE_SIZE, GFP_KERNEL);
808 ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
809 atomic_inc_return(&zcrypt_step);
810 ap_msg.private = &resp_type;
811 rng_type6CPRB_msgX(zdev->ap_dev, &ap_msg, ZCRYPT_RNG_BUFFER_SIZE);
812 init_completion(&resp_type.work);
813 ap_queue_message(zdev->ap_dev, &ap_msg);
814 rc = wait_for_completion_interruptible(&resp_type.work);
816 rc = convert_response_rng(zdev, &ap_msg, buffer);
818 /* Signal pending. */
819 ap_cancel_message(zdev->ap_dev, &ap_msg);
820 kfree(ap_msg.message);
825 * The crypto operations for a PCIXCC/CEX2C card.
827 static struct zcrypt_ops zcrypt_pcixcc_ops = {
828 .rsa_modexpo = zcrypt_pcixcc_modexpo,
829 .rsa_modexpo_crt = zcrypt_pcixcc_modexpo_crt,
830 .send_cprb = zcrypt_pcixcc_send_cprb,
833 static struct zcrypt_ops zcrypt_pcixcc_with_rng_ops = {
834 .rsa_modexpo = zcrypt_pcixcc_modexpo,
835 .rsa_modexpo_crt = zcrypt_pcixcc_modexpo_crt,
836 .send_cprb = zcrypt_pcixcc_send_cprb,
837 .rng = zcrypt_pcixcc_rng,
841 * Micro-code detection function. Its sends a message to a pcixcc card
842 * to find out the microcode level.
843 * @ap_dev: pointer to the AP device.
845 static int zcrypt_pcixcc_mcl(struct ap_device *ap_dev)
847 static unsigned char msg[] = {
848 0x00,0x06,0x00,0x00,0x00,0x00,0x00,0x00,
849 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
850 0x00,0x00,0x00,0x58,0x00,0x00,0x00,0x00,
851 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
852 0x43,0x41,0x00,0x00,0x00,0x00,0x00,0x00,
853 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
854 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x00,
855 0x00,0x00,0x01,0xC4,0x00,0x00,0x00,0x00,
856 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
857 0x00,0x00,0x07,0x24,0x00,0x00,0x00,0x00,
858 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
859 0x00,0xDC,0x02,0x00,0x00,0x00,0x54,0x32,
860 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE8,
861 0x00,0x00,0x00,0x00,0x00,0x00,0x07,0x24,
862 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
863 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
864 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
865 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
866 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
867 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
868 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
869 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
870 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
871 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
872 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
873 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
874 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
875 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
876 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
877 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
878 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
879 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
880 0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,
881 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
882 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
883 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
884 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
885 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
886 0x00,0x00,0x00,0x00,0x50,0x4B,0x00,0x0A,
887 0x4D,0x52,0x50,0x20,0x20,0x20,0x20,0x20,
888 0x00,0x42,0x00,0x01,0x02,0x03,0x04,0x05,
889 0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,
890 0x0E,0x0F,0x00,0x11,0x22,0x33,0x44,0x55,
891 0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,
892 0xEE,0xFF,0xFF,0xEE,0xDD,0xCC,0xBB,0xAA,
893 0x99,0x88,0x77,0x66,0x55,0x44,0x33,0x22,
894 0x11,0x00,0x01,0x23,0x45,0x67,0x89,0xAB,
895 0xCD,0xEF,0xFE,0xDC,0xBA,0x98,0x76,0x54,
896 0x32,0x10,0x00,0x9A,0x00,0x98,0x00,0x00,
897 0x1E,0x00,0x00,0x94,0x00,0x00,0x00,0x00,
898 0x04,0x00,0x00,0x8C,0x00,0x00,0x00,0x40,
899 0x02,0x00,0x00,0x40,0xBA,0xE8,0x23,0x3C,
900 0x75,0xF3,0x91,0x61,0xD6,0x73,0x39,0xCF,
901 0x7B,0x6D,0x8E,0x61,0x97,0x63,0x9E,0xD9,
902 0x60,0x55,0xD6,0xC7,0xEF,0xF8,0x1E,0x63,
903 0x95,0x17,0xCC,0x28,0x45,0x60,0x11,0xC5,
904 0xC4,0x4E,0x66,0xC6,0xE6,0xC3,0xDE,0x8A,
905 0x19,0x30,0xCF,0x0E,0xD7,0xAA,0xDB,0x01,
906 0xD8,0x00,0xBB,0x8F,0x39,0x9F,0x64,0x28,
907 0xF5,0x7A,0x77,0x49,0xCC,0x6B,0xA3,0x91,
908 0x97,0x70,0xE7,0x60,0x1E,0x39,0xE1,0xE5,
909 0x33,0xE1,0x15,0x63,0x69,0x08,0x80,0x4C,
910 0x67,0xC4,0x41,0x8F,0x48,0xDF,0x26,0x98,
911 0xF1,0xD5,0x8D,0x88,0xD9,0x6A,0xA4,0x96,
912 0xC5,0x84,0xD9,0x30,0x49,0x67,0x7D,0x19,
913 0xB1,0xB3,0x45,0x4D,0xB2,0x53,0x9A,0x47,
914 0x3C,0x7C,0x55,0xBF,0xCC,0x85,0x00,0x36,
917 unsigned long long psmid;
922 reply = (void *) get_zeroed_page(GFP_KERNEL);
926 rc = ap_send(ap_dev->qid, 0x0102030405060708ULL, msg, sizeof(msg));
930 /* Wait for the test message to complete. */
931 for (i = 0; i < 6; i++) {
933 rc = ap_recv(ap_dev->qid, &psmid, reply, 4096);
934 if (rc == 0 && psmid == 0x0102030405060708ULL)
944 cprbx = (struct CPRBX *) (reply + 48);
945 if (cprbx->ccp_rtcode == 8 && cprbx->ccp_rscode == 33)
946 rc = ZCRYPT_PCIXCC_MCL2;
948 rc = ZCRYPT_PCIXCC_MCL3;
950 free_page((unsigned long) reply);
955 * Large random number detection function. Its sends a message to a pcixcc
956 * card to find out if large random numbers are supported.
957 * @ap_dev: pointer to the AP device.
959 * Returns 1 if large random numbers are supported, 0 if not and < 0 on error.
961 static int zcrypt_pcixcc_rng_supported(struct ap_device *ap_dev)
963 struct ap_message ap_msg;
964 unsigned long long psmid;
966 struct type86_hdr hdr;
967 struct type86_fmt2_ext fmt2;
969 } __attribute__((packed)) *reply;
972 ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
976 rng_type6CPRB_msgX(ap_dev, &ap_msg, 4);
977 rc = ap_send(ap_dev->qid, 0x0102030405060708ULL, ap_msg.message,
982 /* Wait for the test message to complete. */
983 for (i = 0; i < 2 * HZ; i++) {
985 rc = ap_recv(ap_dev->qid, &psmid, ap_msg.message, 4096);
986 if (rc == 0 && psmid == 0x0102030405060708ULL)
996 reply = ap_msg.message;
997 if (reply->cprbx.ccp_rtcode == 0 && reply->cprbx.ccp_rscode == 0)
1002 free_page((unsigned long) ap_msg.message);
1007 * Probe function for PCIXCC/CEX2C cards. It always accepts the AP device
1008 * since the bus_match already checked the hardware type. The PCIXCC
1009 * cards come in two flavours: micro code level 2 and micro code level 3.
1010 * This is checked by sending a test message to the device.
1011 * @ap_dev: pointer to the AP device.
1013 static int zcrypt_pcixcc_probe(struct ap_device *ap_dev)
1015 struct zcrypt_device *zdev;
1018 zdev = zcrypt_device_alloc(PCIXCC_MAX_RESPONSE_SIZE);
1021 zdev->ap_dev = ap_dev;
1023 if (ap_dev->device_type == AP_DEVICE_TYPE_PCIXCC) {
1024 rc = zcrypt_pcixcc_mcl(ap_dev);
1026 zcrypt_device_free(zdev);
1029 zdev->user_space_type = rc;
1030 if (rc == ZCRYPT_PCIXCC_MCL2) {
1031 zdev->type_string = "PCIXCC_MCL2";
1032 zdev->speed_rating = PCIXCC_MCL2_SPEED_RATING;
1033 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE_OLD;
1034 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
1036 zdev->type_string = "PCIXCC_MCL3";
1037 zdev->speed_rating = PCIXCC_MCL3_SPEED_RATING;
1038 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE;
1039 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
1042 zdev->user_space_type = ZCRYPT_CEX2C;
1043 zdev->type_string = "CEX2C";
1044 zdev->speed_rating = CEX2C_SPEED_RATING;
1045 zdev->min_mod_size = PCIXCC_MIN_MOD_SIZE;
1046 zdev->max_mod_size = PCIXCC_MAX_MOD_SIZE;
1048 rc = zcrypt_pcixcc_rng_supported(ap_dev);
1050 zcrypt_device_free(zdev);
1054 zdev->ops = &zcrypt_pcixcc_with_rng_ops;
1056 zdev->ops = &zcrypt_pcixcc_ops;
1057 ap_dev->reply = &zdev->reply;
1058 ap_dev->private = zdev;
1059 rc = zcrypt_device_register(zdev);
1065 ap_dev->private = NULL;
1066 zcrypt_device_free(zdev);
1071 * This is called to remove the extended PCIXCC/CEX2C driver information
1072 * if an AP device is removed.
1074 static void zcrypt_pcixcc_remove(struct ap_device *ap_dev)
1076 struct zcrypt_device *zdev = ap_dev->private;
1078 zcrypt_device_unregister(zdev);
1081 int __init zcrypt_pcixcc_init(void)
1083 return ap_driver_register(&zcrypt_pcixcc_driver, THIS_MODULE, "pcixcc");
1086 void zcrypt_pcixcc_exit(void)
1088 ap_driver_unregister(&zcrypt_pcixcc_driver);
1091 #ifndef CONFIG_ZCRYPT_MONOLITHIC
1092 module_init(zcrypt_pcixcc_init);
1093 module_exit(zcrypt_pcixcc_exit);
projects / linux-2.6 / blob