arch/s390/include/uapi/asm/zcrypt.h

   1 /* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */
   2 /*
   3  *  include/asm-s390/zcrypt.h
   4  *
   5  *  zcrypt 2.1.0 (user-visible header)
   6  *
   7  *  Copyright IBM Corp. 2001, 2006
   8  *  Author(s): Robert Burroughs
   9  *             Eric Rossman (edrossma@us.ibm.com)
  10  *
  11  *  Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
  12  */
  13
  14 #ifndef __ASM_S390_ZCRYPT_H
  15 #define __ASM_S390_ZCRYPT_H
  16
  17 #define ZCRYPT_VERSION 2
  18 #define ZCRYPT_RELEASE 1
  19 #define ZCRYPT_VARIANT 1
  20
  21 #include <linux/ioctl.h>
  22 #include <linux/compiler.h>
  23
  24 /**
  25  * struct ica_rsa_modexpo
  26  *
  27  * Requirements:
  28  * - outputdatalength is at least as large as inputdatalength.
  29  * - All key parts are right justified in their fields, padded on
  30  *   the left with zeroes.
  31  * - length(b_key) = inputdatalength
  32  * - length(n_modulus) = inputdatalength
  33  */
  34 struct ica_rsa_modexpo {
  35         char __user *   inputdata;
  36         unsigned int    inputdatalength;
  37         char __user *   outputdata;
  38         unsigned int    outputdatalength;
  39         char __user *   b_key;
  40         char __user *   n_modulus;
  41 };
  42
  43 /**
  44  * struct ica_rsa_modexpo_crt
  45  *
  46  * Requirements:
  47  * - inputdatalength is even.
  48  * - outputdatalength is at least as large as inputdatalength.
  49  * - All key parts are right justified in their fields, padded on
  50  *   the left with zeroes.
  51  * - length(bp_key)     = inputdatalength/2 + 8
  52  * - length(bq_key)     = inputdatalength/2
  53  * - length(np_key)     = inputdatalength/2 + 8
  54  * - length(nq_key)     = inputdatalength/2
  55  * - length(u_mult_inv) = inputdatalength/2 + 8
  56  */
  57 struct ica_rsa_modexpo_crt {
  58         char __user *   inputdata;
  59         unsigned int    inputdatalength;
  60         char __user *   outputdata;
  61         unsigned int    outputdatalength;
  62         char __user *   bp_key;
  63         char __user *   bq_key;
  64         char __user *   np_prime;
  65         char __user *   nq_prime;
  66         char __user *   u_mult_inv;
  67 };
  68
  69 /**
  70  * CPRBX
  71  *        Note that all shorts and ints are big-endian.
  72  *        All pointer fields are 16 bytes long, and mean nothing.
  73  *
  74  *        A request CPRB is followed by a request_parameter_block.
  75  *
  76  *        The request (or reply) parameter block is organized thus:
  77  *          function code
  78  *          VUD block
  79  *          key block
  80  */
  81 struct CPRBX {
  82         unsigned short  cprb_len;       /* CPRB length        220        */
  83         unsigned char   cprb_ver_id;    /* CPRB version id.   0x02       */
  84         unsigned char   pad_000[3];     /* Alignment pad bytes           */
  85         unsigned char   func_id[2];     /* function id        0x5432     */
  86         unsigned char   cprb_flags[4];  /* Flags                         */
  87         unsigned int    req_parml;      /* request parameter buffer len  */
  88         unsigned int    req_datal;      /* request data buffer           */
  89         unsigned int    rpl_msgbl;      /* reply  message block length   */
  90         unsigned int    rpld_parml;     /* replied parameter block len   */
  91         unsigned int    rpl_datal;      /* reply data block len          */
  92         unsigned int    rpld_datal;     /* replied data block len        */
  93         unsigned int    req_extbl;      /* request extension block len   */
  94         unsigned char   pad_001[4];     /* reserved                      */
  95         unsigned int    rpld_extbl;     /* replied extension block len   */
  96         unsigned char   padx000[16 - sizeof (char *)];
  97         unsigned char * req_parmb;      /* request parm block 'address'  */
  98         unsigned char   padx001[16 - sizeof (char *)];
  99         unsigned char * req_datab;      /* request data block 'address'  */
 100         unsigned char   padx002[16 - sizeof (char *)];
 101         unsigned char * rpl_parmb;      /* reply parm block 'address'    */
 102         unsigned char   padx003[16 - sizeof (char *)];
 103         unsigned char * rpl_datab;      /* reply data block 'address'    */
 104         unsigned char   padx004[16 - sizeof (char *)];
 105         unsigned char * req_extb;       /* request extension block 'addr'*/
 106         unsigned char   padx005[16 - sizeof (char *)];
 107         unsigned char * rpl_extb;       /* reply extension block 'address'*/
 108         unsigned short  ccp_rtcode;     /* server return code            */
 109         unsigned short  ccp_rscode;     /* server reason code            */
 110         unsigned int    mac_data_len;   /* Mac Data Length               */
 111         unsigned char   logon_id[8];    /* Logon Identifier              */
 112         unsigned char   mac_value[8];   /* Mac Value                     */
 113         unsigned char   mac_content_flgs;/* Mac content flag byte        */
 114         unsigned char   pad_002;        /* Alignment                     */
 115         unsigned short  domain;         /* Domain                        */
 116         unsigned char   usage_domain[4];/* Usage domain                  */
 117         unsigned char   cntrl_domain[4];/* Control domain                */
 118         unsigned char   S390enf_mask[4];/* S/390 enforcement mask        */
 119         unsigned char   pad_004[36];    /* reserved                      */
 120 } __attribute__((packed));
 121
 122 /**
 123  * xcRB
 124  */
 125 struct ica_xcRB {
 126         unsigned short  agent_ID;
 127         unsigned int    user_defined;
 128         unsigned short  request_ID;
 129         unsigned int    request_control_blk_length;
 130         unsigned char   padding1[16 - sizeof (char *)];
 131         char __user *   request_control_blk_addr;
 132         unsigned int    request_data_length;
 133         char            padding2[16 - sizeof (char *)];
 134         char __user *   request_data_address;
 135         unsigned int    reply_control_blk_length;
 136         char            padding3[16 - sizeof (char *)];
 137         char __user *   reply_control_blk_addr;
 138         unsigned int    reply_data_length;
 139         char            padding4[16 - sizeof (char *)];
 140         char __user *   reply_data_addr;
 141         unsigned short  priority_window;
 142         unsigned int    status;
 143 } __attribute__((packed));
 144
 145 /**
 146  * struct ep11_cprb - EP11 connectivity programming request block
 147  * @cprb_len:           CPRB header length [0x0020]
 148  * @cprb_ver_id:        CPRB version id.   [0x04]
 149  * @pad_000:            Alignment pad bytes
 150  * @flags:              Admin cmd [0x80] or functional cmd [0x00]
 151  * @func_id:            Function id / subtype [0x5434]
 152  * @source_id:          Source id [originator id]
 153  * @target_id:          Target id [usage/ctrl domain id]
 154  * @ret_code:           Return code
 155  * @reserved1:          Reserved
 156  * @reserved2:          Reserved
 157  * @payload_len:        Payload length
 158  */
 159 struct ep11_cprb {
 160         uint16_t        cprb_len;
 161         unsigned char   cprb_ver_id;
 162         unsigned char   pad_000[2];
 163         unsigned char   flags;
 164         unsigned char   func_id[2];
 165         uint32_t        source_id;
 166         uint32_t        target_id;
 167         uint32_t        ret_code;
 168         uint32_t        reserved1;
 169         uint32_t        reserved2;
 170         uint32_t        payload_len;
 171 } __attribute__((packed));
 172
 173 /**
 174  * struct ep11_target_dev - EP11 target device list
 175  * @ap_id:      AP device id
 176  * @dom_id:     Usage domain id
 177  */
 178 struct ep11_target_dev {
 179         uint16_t ap_id;
 180         uint16_t dom_id;
 181 };
 182
 183 /**
 184  * struct ep11_urb - EP11 user request block
 185  * @targets_num:        Number of target adapters
 186  * @targets:            Addr to target adapter list
 187  * @weight:             Level of request priority
 188  * @req_no:             Request id/number
 189  * @req_len:            Request length
 190  * @req:                Addr to request block
 191  * @resp_len:           Response length
 192  * @resp:               Addr to response block
 193  */
 194 struct ep11_urb {
 195         uint16_t                targets_num;
 196         uint64_t                targets;
 197         uint64_t                weight;
 198         uint64_t                req_no;
 199         uint64_t                req_len;
 200         uint64_t                req;
 201         uint64_t                resp_len;
 202         uint64_t                resp;
 203 } __attribute__((packed));
 204
 205 /**
 206  * struct zcrypt_device_status
 207  * @hwtype:             raw hardware type
 208  * @qid:                6 bit device index, 8 bit domain
 209  * @functions:          AP device function bit field 'abcdef'
 210  *                      a, b, c = reserved
 211  *                      d = CCA coprocessor
 212  *                      e = Accelerator
 213  *                      f = EP11 coprocessor
 214  * @online              online status
 215  * @reserved            reserved
 216  */
 217 struct zcrypt_device_status {
 218         unsigned int hwtype:8;
 219         unsigned int qid:14;
 220         unsigned int online:1;
 221         unsigned int functions:6;
 222         unsigned int reserved:3;
 223 };
 224
 225 #define MAX_ZDEV_CARDIDS 64
 226 #define MAX_ZDEV_DOMAINS 256
 227
 228 /**
 229  * Maximum number of zcrypt devices
 230  */
 231 #define MAX_ZDEV_ENTRIES (MAX_ZDEV_CARDIDS * MAX_ZDEV_DOMAINS)
 232
 233 /**
 234  * zcrypt_device_matrix
 235  * Device matrix of all zcrypt devices
 236  */
 237 struct zcrypt_device_matrix {
 238         struct zcrypt_device_status device[MAX_ZDEV_ENTRIES];
 239 };
 240
 241 #define AUTOSELECT ((unsigned int)0xFFFFFFFF)
 242
 243 #define ZCRYPT_IOCTL_MAGIC 'z'
 244
 245 /**
 246  * Interface notes:
 247  *
 248  * The ioctl()s which are implemented (along with relevant details)
 249  * are:
 250  *
 251  *   ICARSAMODEXPO
 252  *     Perform an RSA operation using a Modulus-Exponent pair
 253  *     This takes an ica_rsa_modexpo struct as its arg.
 254  *
 255  *     NOTE: please refer to the comments preceding this structure
 256  *           for the implementation details for the contents of the
 257  *           block
 258  *
 259  *   ICARSACRT
 260  *     Perform an RSA operation using a Chinese-Remainder Theorem key
 261  *     This takes an ica_rsa_modexpo_crt struct as its arg.
 262  *
 263  *     NOTE: please refer to the comments preceding this structure
 264  *           for the implementation details for the contents of the
 265  *           block
 266  *
 267  *   ZSECSENDCPRB
 268  *     Send an arbitrary CPRB to a crypto card.
 269  *
 270  *   ZSENDEP11CPRB
 271  *     Send an arbitrary EP11 CPRB to an EP11 coprocessor crypto card.
 272  *
 273  *   Z90STAT_STATUS_MASK
 274  *     Return an 64 element array of unsigned chars for the status of
 275  *     all devices.
 276  *       0x01: PCICA
 277  *       0x02: PCICC
 278  *       0x03: PCIXCC_MCL2
 279  *       0x04: PCIXCC_MCL3
 280  *       0x05: CEX2C
 281  *       0x06: CEX2A
 282  *       0x0d: device is disabled via the proc filesystem
 283  *
 284  *   Z90STAT_QDEPTH_MASK
 285  *     Return an 64 element array of unsigned chars for the queue
 286  *     depth of all devices.
 287  *
 288  *   Z90STAT_PERDEV_REQCNT
 289  *     Return an 64 element array of unsigned integers for the number
 290  *     of successfully completed requests per device since the device
 291  *     was detected and made available.
 292  *
 293  *   Z90STAT_REQUESTQ_COUNT
 294  *     Return an integer count of the number of entries waiting to be
 295  *     sent to a device.
 296  *
 297  *   Z90STAT_PENDINGQ_COUNT
 298  *     Return an integer count of the number of entries sent to all
 299  *     devices awaiting the reply.
 300  *
 301  *   Z90STAT_TOTALOPEN_COUNT
 302  *     Return an integer count of the number of open file handles.
 303  *
 304  *   Z90STAT_DOMAIN_INDEX
 305  *     Return the integer value of the Cryptographic Domain.
 306  *
 307  *   The following ioctls are deprecated and should be no longer used:
 308  *
 309  *   Z90STAT_TOTALCOUNT
 310  *     Return an integer count of all device types together.
 311  *
 312  *   Z90STAT_PCICACOUNT
 313  *     Return an integer count of all PCICAs.
 314  *
 315  *   Z90STAT_PCICCCOUNT
 316  *     Return an integer count of all PCICCs.
 317  *
 318  *   Z90STAT_PCIXCCMCL2COUNT
 319  *     Return an integer count of all MCL2 PCIXCCs.
 320  *
 321  *   Z90STAT_PCIXCCMCL3COUNT
 322  *     Return an integer count of all MCL3 PCIXCCs.
 323  *
 324  *   Z90STAT_CEX2CCOUNT
 325  *     Return an integer count of all CEX2Cs.
 326  *
 327  *   Z90STAT_CEX2ACOUNT
 328  *     Return an integer count of all CEX2As.
 329  *
 330  *   ICAZ90STATUS
 331  *     Return some device driver status in a ica_z90_status struct
 332  *     This takes an ica_z90_status struct as its arg.
 333  *
 334  *   Z90STAT_PCIXCCCOUNT
 335  *     Return an integer count of all PCIXCCs (MCL2 + MCL3).
 336  *     This is DEPRECATED now that MCL3 PCIXCCs are treated differently from
 337  *     MCL2 PCIXCCs.
 338  */
 339
 340 /**
 341  * Supported ioctl calls
 342  */
 343 #define ICARSAMODEXPO   _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x05, 0)
 344 #define ICARSACRT       _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x06, 0)
 345 #define ZSECSENDCPRB    _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x81, 0)
 346 #define ZSENDEP11CPRB   _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x04, 0)
 347 #define ZDEVICESTATUS   _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x4f, 0)
 348
 349 /* New status calls */
 350 #define Z90STAT_TOTALCOUNT      _IOR(ZCRYPT_IOCTL_MAGIC, 0x40, int)
 351 #define Z90STAT_PCICACOUNT      _IOR(ZCRYPT_IOCTL_MAGIC, 0x41, int)
 352 #define Z90STAT_PCICCCOUNT      _IOR(ZCRYPT_IOCTL_MAGIC, 0x42, int)
 353 #define Z90STAT_PCIXCCMCL2COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4b, int)
 354 #define Z90STAT_PCIXCCMCL3COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4c, int)
 355 #define Z90STAT_CEX2CCOUNT      _IOR(ZCRYPT_IOCTL_MAGIC, 0x4d, int)
 356 #define Z90STAT_CEX2ACOUNT      _IOR(ZCRYPT_IOCTL_MAGIC, 0x4e, int)
 357 #define Z90STAT_REQUESTQ_COUNT  _IOR(ZCRYPT_IOCTL_MAGIC, 0x44, int)
 358 #define Z90STAT_PENDINGQ_COUNT  _IOR(ZCRYPT_IOCTL_MAGIC, 0x45, int)
 359 #define Z90STAT_TOTALOPEN_COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x46, int)
 360 #define Z90STAT_DOMAIN_INDEX    _IOR(ZCRYPT_IOCTL_MAGIC, 0x47, int)
 361 #define Z90STAT_STATUS_MASK     _IOR(ZCRYPT_IOCTL_MAGIC, 0x48, char[64])
 362 #define Z90STAT_QDEPTH_MASK     _IOR(ZCRYPT_IOCTL_MAGIC, 0x49, char[64])
 363 #define Z90STAT_PERDEV_REQCNT   _IOR(ZCRYPT_IOCTL_MAGIC, 0x4a, int[64])
 364
 365 #endif /* __ASM_S390_ZCRYPT_H */