]> git.proxmox.com Git - mirror_ubuntu-kernels.git/blob - drivers/s390/crypto/zcrypt_api.c
projects / mirror_ubuntu-kernels.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
HID: logitech-dj: fix spelling in printk
[mirror_ubuntu-kernels.git] / drivers / s390 / crypto / zcrypt_api.c
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright IBM Corp. 2001, 2018
4 * Author(s): Robert Burroughs
5 * Eric Rossman (edrossma@us.ibm.com)
6 * Cornelia Huck <cornelia.huck@de.ibm.com>
7 *
8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
10 * Ralph Wuerthner <rwuerthn@de.ibm.com>
11 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
12 * Multiple device nodes: Harald Freudenberger <freude@linux.ibm.com>
13 */
14
15 #include <linux/module.h>
16 #include <linux/init.h>
17 #include <linux/interrupt.h>
18 #include <linux/miscdevice.h>
19 #include <linux/fs.h>
20 #include <linux/compat.h>
21 #include <linux/slab.h>
22 #include <linux/atomic.h>
23 #include <linux/uaccess.h>
24 #include <linux/hw_random.h>
25 #include <linux/debugfs.h>
26 #include <linux/cdev.h>
27 #include <linux/ctype.h>
28 #include <asm/debug.h>
29
30 #define CREATE_TRACE_POINTS
31 #include <asm/trace/zcrypt.h>
32
33 #include "zcrypt_api.h"
34 #include "zcrypt_debug.h"
35
36 #include "zcrypt_msgtype6.h"
37 #include "zcrypt_msgtype50.h"
38
39 /*
40 * Module description.
41 */
42 MODULE_AUTHOR("IBM Corporation");
43 MODULE_DESCRIPTION("Cryptographic Coprocessor interface, " \
44 "Copyright IBM Corp. 2001, 2012");
45 MODULE_LICENSE("GPL");
46
47 /*
48 * zcrypt tracepoint functions
49 */
50 EXPORT_TRACEPOINT_SYMBOL(s390_zcrypt_req);
51 EXPORT_TRACEPOINT_SYMBOL(s390_zcrypt_rep);
52
53 static int zcrypt_hwrng_seed = 1;
54 module_param_named(hwrng_seed, zcrypt_hwrng_seed, int, 0440);
55 MODULE_PARM_DESC(hwrng_seed, "Turn on/off hwrng auto seed, default is 1 (on).");
56
57 DEFINE_SPINLOCK(zcrypt_list_lock);
58 LIST_HEAD(zcrypt_card_list);
59 int zcrypt_device_count;
60
61 static atomic_t zcrypt_open_count = ATOMIC_INIT(0);
62 static atomic_t zcrypt_rescan_count = ATOMIC_INIT(0);
63
64 atomic_t zcrypt_rescan_req = ATOMIC_INIT(0);
65 EXPORT_SYMBOL(zcrypt_rescan_req);
66
67 static LIST_HEAD(zcrypt_ops_list);
68
69 /* Zcrypt related debug feature stuff. */
70 debug_info_t *zcrypt_dbf_info;
71
72 /**
73 * Process a rescan of the transport layer.
74 *
75 * Returns 1, if the rescan has been processed, otherwise 0.
76 */
77 static inline int zcrypt_process_rescan(void)
78 {
79 if (atomic_read(&zcrypt_rescan_req)) {
80 atomic_set(&zcrypt_rescan_req, 0);
81 atomic_inc(&zcrypt_rescan_count);
82 ap_bus_force_rescan();
83 ZCRYPT_DBF(DBF_INFO, "rescan count=%07d\n",
84 atomic_inc_return(&zcrypt_rescan_count));
85 return 1;
86 }
87 return 0;
88 }
89
90 void zcrypt_msgtype_register(struct zcrypt_ops *zops)
91 {
92 list_add_tail(&zops->list, &zcrypt_ops_list);
93 }
94
95 void zcrypt_msgtype_unregister(struct zcrypt_ops *zops)
96 {
97 list_del_init(&zops->list);
98 }
99
100 struct zcrypt_ops *zcrypt_msgtype(unsigned char *name, int variant)
101 {
102 struct zcrypt_ops *zops;
103
104 list_for_each_entry(zops, &zcrypt_ops_list, list)
105 if ((zops->variant == variant) &&
106 (!strncmp(zops->name, name, sizeof(zops->name))))
107 return zops;
108 return NULL;
109 }
110 EXPORT_SYMBOL(zcrypt_msgtype);
111
112 /*
113 * Multi device nodes extension functions.
114 */
115
116 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
117
118 struct zcdn_device;
119
120 static struct class *zcrypt_class;
121 static dev_t zcrypt_devt;
122 static struct cdev zcrypt_cdev;
123
124 struct zcdn_device {
125 struct device device;
126 struct ap_perms perms;
127 };
128
129 #define to_zcdn_dev(x) container_of((x), struct zcdn_device, device)
130
131 #define ZCDN_MAX_NAME 32
132
133 static int zcdn_create(const char *name);
134 static int zcdn_destroy(const char *name);
135
136 /* helper function, matches the name for find_zcdndev_by_name() */
137 static int __match_zcdn_name(struct device *dev, const void *data)
138 {
139 return strcmp(dev_name(dev), (const char *)data) == 0;
140 }
141
142 /* helper function, matches the devt value for find_zcdndev_by_devt() */
143 static int __match_zcdn_devt(struct device *dev, const void *data)
144 {
145 return dev->devt == *((dev_t *) data);
146 }
147
148 /*
149 * Find zcdn device by name.
150 * Returns reference to the zcdn device which needs to be released
151 * with put_device() after use.
152 */
153 static inline struct zcdn_device *find_zcdndev_by_name(const char *name)
154 {
155 struct device *dev =
156 class_find_device(zcrypt_class, NULL,
157 (void *) name,
158 __match_zcdn_name);
159
160 return dev ? to_zcdn_dev(dev) : NULL;
161 }
162
163 /*
164 * Find zcdn device by devt value.
165 * Returns reference to the zcdn device which needs to be released
166 * with put_device() after use.
167 */
168 static inline struct zcdn_device *find_zcdndev_by_devt(dev_t devt)
169 {
170 struct device *dev =
171 class_find_device(zcrypt_class, NULL,
172 (void *) &devt,
173 __match_zcdn_devt);
174
175 return dev ? to_zcdn_dev(dev) : NULL;
176 }
177
178 static ssize_t ioctlmask_show(struct device *dev,
179 struct device_attribute *attr,
180 char *buf)
181 {
182 int i, rc;
183 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
184
185 if (mutex_lock_interruptible(&ap_perms_mutex))
186 return -ERESTARTSYS;
187
188 buf[0] = '0';
189 buf[1] = 'x';
190 for (i = 0; i < sizeof(zcdndev->perms.ioctlm) / sizeof(long); i++)
191 snprintf(buf + 2 + 2 * i * sizeof(long),
192 PAGE_SIZE - 2 - 2 * i * sizeof(long),
193 "%016lx", zcdndev->perms.ioctlm[i]);
194 buf[2 + 2 * i * sizeof(long)] = '\n';
195 buf[2 + 2 * i * sizeof(long) + 1] = '\0';
196 rc = 2 + 2 * i * sizeof(long) + 1;
197
198 mutex_unlock(&ap_perms_mutex);
199
200 return rc;
201 }
202
203 static ssize_t ioctlmask_store(struct device *dev,
204 struct device_attribute *attr,
205 const char *buf, size_t count)
206 {
207 int rc;
208 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
209
210 rc = ap_parse_mask_str(buf, zcdndev->perms.ioctlm,
211 AP_IOCTLS, &ap_perms_mutex);
212 if (rc)
213 return rc;
214
215 return count;
216 }
217
218 static DEVICE_ATTR_RW(ioctlmask);
219
220 static ssize_t apmask_show(struct device *dev,
221 struct device_attribute *attr,
222 char *buf)
223 {
224 int i, rc;
225 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
226
227 if (mutex_lock_interruptible(&ap_perms_mutex))
228 return -ERESTARTSYS;
229
230 buf[0] = '0';
231 buf[1] = 'x';
232 for (i = 0; i < sizeof(zcdndev->perms.apm) / sizeof(long); i++)
233 snprintf(buf + 2 + 2 * i * sizeof(long),
234 PAGE_SIZE - 2 - 2 * i * sizeof(long),
235 "%016lx", zcdndev->perms.apm[i]);
236 buf[2 + 2 * i * sizeof(long)] = '\n';
237 buf[2 + 2 * i * sizeof(long) + 1] = '\0';
238 rc = 2 + 2 * i * sizeof(long) + 1;
239
240 mutex_unlock(&ap_perms_mutex);
241
242 return rc;
243 }
244
245 static ssize_t apmask_store(struct device *dev,
246 struct device_attribute *attr,
247 const char *buf, size_t count)
248 {
249 int rc;
250 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
251
252 rc = ap_parse_mask_str(buf, zcdndev->perms.apm,
253 AP_DEVICES, &ap_perms_mutex);
254 if (rc)
255 return rc;
256
257 return count;
258 }
259
260 static DEVICE_ATTR_RW(apmask);
261
262 static ssize_t aqmask_show(struct device *dev,
263 struct device_attribute *attr,
264 char *buf)
265 {
266 int i, rc;
267 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
268
269 if (mutex_lock_interruptible(&ap_perms_mutex))
270 return -ERESTARTSYS;
271
272 buf[0] = '0';
273 buf[1] = 'x';
274 for (i = 0; i < sizeof(zcdndev->perms.aqm) / sizeof(long); i++)
275 snprintf(buf + 2 + 2 * i * sizeof(long),
276 PAGE_SIZE - 2 - 2 * i * sizeof(long),
277 "%016lx", zcdndev->perms.aqm[i]);
278 buf[2 + 2 * i * sizeof(long)] = '\n';
279 buf[2 + 2 * i * sizeof(long) + 1] = '\0';
280 rc = 2 + 2 * i * sizeof(long) + 1;
281
282 mutex_unlock(&ap_perms_mutex);
283
284 return rc;
285 }
286
287 static ssize_t aqmask_store(struct device *dev,
288 struct device_attribute *attr,
289 const char *buf, size_t count)
290 {
291 int rc;
292 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
293
294 rc = ap_parse_mask_str(buf, zcdndev->perms.aqm,
295 AP_DOMAINS, &ap_perms_mutex);
296 if (rc)
297 return rc;
298
299 return count;
300 }
301
302 static DEVICE_ATTR_RW(aqmask);
303
304 static struct attribute *zcdn_dev_attrs[] = {
305 &dev_attr_ioctlmask.attr,
306 &dev_attr_apmask.attr,
307 &dev_attr_aqmask.attr,
308 NULL
309 };
310
311 static struct attribute_group zcdn_dev_attr_group = {
312 .attrs = zcdn_dev_attrs
313 };
314
315 static const struct attribute_group *zcdn_dev_attr_groups[] = {
316 &zcdn_dev_attr_group,
317 NULL
318 };
319
320 static ssize_t zcdn_create_store(struct class *class,
321 struct class_attribute *attr,
322 const char *buf, size_t count)
323 {
324 int rc;
325 char name[ZCDN_MAX_NAME];
326
327 strncpy(name, skip_spaces(buf), sizeof(name));
328 name[sizeof(name) - 1] = '\0';
329
330 rc = zcdn_create(strim(name));
331
332 return rc ? rc : count;
333 }
334
335 static const struct class_attribute class_attr_zcdn_create =
336 __ATTR(create, 0600, NULL, zcdn_create_store);
337
338 static ssize_t zcdn_destroy_store(struct class *class,
339 struct class_attribute *attr,
340 const char *buf, size_t count)
341 {
342 int rc;
343 char name[ZCDN_MAX_NAME];
344
345 strncpy(name, skip_spaces(buf), sizeof(name));
346 name[sizeof(name) - 1] = '\0';
347
348 rc = zcdn_destroy(strim(name));
349
350 return rc ? rc : count;
351 }
352
353 static const struct class_attribute class_attr_zcdn_destroy =
354 __ATTR(destroy, 0600, NULL, zcdn_destroy_store);
355
356 static void zcdn_device_release(struct device *dev)
357 {
358 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
359
360 ZCRYPT_DBF(DBF_INFO, "releasing zcdn device %d:%d\n",
361 MAJOR(dev->devt), MINOR(dev->devt));
362
363 kfree(zcdndev);
364 }
365
366 static int zcdn_create(const char *name)
367 {
368 dev_t devt;
369 int i, rc = 0;
370 char nodename[ZCDN_MAX_NAME];
371 struct zcdn_device *zcdndev;
372
373 if (mutex_lock_interruptible(&ap_perms_mutex))
374 return -ERESTARTSYS;
375
376 /* check if device node with this name already exists */
377 if (name[0]) {
378 zcdndev = find_zcdndev_by_name(name);
379 if (zcdndev) {
380 put_device(&zcdndev->device);
381 rc = -EEXIST;
382 goto unlockout;
383 }
384 }
385
386 /* find an unused minor number */
387 for (i = 0; i < ZCRYPT_MAX_MINOR_NODES; i++) {
388 devt = MKDEV(MAJOR(zcrypt_devt), MINOR(zcrypt_devt) + i);
389 zcdndev = find_zcdndev_by_devt(devt);
390 if (zcdndev)
391 put_device(&zcdndev->device);
392 else
393 break;
394 }
395 if (i == ZCRYPT_MAX_MINOR_NODES) {
396 rc = -ENOSPC;
397 goto unlockout;
398 }
399
400 /* alloc and prepare a new zcdn device */
401 zcdndev = kzalloc(sizeof(*zcdndev), GFP_KERNEL);
402 if (!zcdndev) {
403 rc = -ENOMEM;
404 goto unlockout;
405 }
406 zcdndev->device.release = zcdn_device_release;
407 zcdndev->device.class = zcrypt_class;
408 zcdndev->device.devt = devt;
409 zcdndev->device.groups = zcdn_dev_attr_groups;
410 if (name[0])
411 strncpy(nodename, name, sizeof(nodename));
412 else
413 snprintf(nodename, sizeof(nodename),
414 ZCRYPT_NAME "_%d", (int) MINOR(devt));
415 nodename[sizeof(nodename)-1] = '\0';
416 if (dev_set_name(&zcdndev->device, nodename)) {
417 rc = -EINVAL;
418 goto unlockout;
419 }
420 rc = device_register(&zcdndev->device);
421 if (rc) {
422 put_device(&zcdndev->device);
423 goto unlockout;
424 }
425
426 ZCRYPT_DBF(DBF_INFO, "created zcdn device %d:%d\n",
427 MAJOR(devt), MINOR(devt));
428
429 unlockout:
430 mutex_unlock(&ap_perms_mutex);
431 return rc;
432 }
433
434 static int zcdn_destroy(const char *name)
435 {
436 int rc = 0;
437 struct zcdn_device *zcdndev;
438
439 if (mutex_lock_interruptible(&ap_perms_mutex))
440 return -ERESTARTSYS;
441
442 /* try to find this zcdn device */
443 zcdndev = find_zcdndev_by_name(name);
444 if (!zcdndev) {
445 rc = -ENOENT;
446 goto unlockout;
447 }
448
449 /*
450 * The zcdn device is not hard destroyed. It is subject to
451 * reference counting and thus just needs to be unregistered.
452 */
453 put_device(&zcdndev->device);
454 device_unregister(&zcdndev->device);
455
456 unlockout:
457 mutex_unlock(&ap_perms_mutex);
458 return rc;
459 }
460
461 static void zcdn_destroy_all(void)
462 {
463 int i;
464 dev_t devt;
465 struct zcdn_device *zcdndev;
466
467 mutex_lock(&ap_perms_mutex);
468 for (i = 0; i < ZCRYPT_MAX_MINOR_NODES; i++) {
469 devt = MKDEV(MAJOR(zcrypt_devt), MINOR(zcrypt_devt) + i);
470 zcdndev = find_zcdndev_by_devt(devt);
471 if (zcdndev) {
472 put_device(&zcdndev->device);
473 device_unregister(&zcdndev->device);
474 }
475 }
476 mutex_unlock(&ap_perms_mutex);
477 }
478
479 #endif
480
481 /**
482 * zcrypt_read (): Not supported beyond zcrypt 1.3.1.
483 *
484 * This function is not supported beyond zcrypt 1.3.1.
485 */
486 static ssize_t zcrypt_read(struct file *filp, char __user *buf,
487 size_t count, loff_t *f_pos)
488 {
489 return -EPERM;
490 }
491
492 /**
493 * zcrypt_write(): Not allowed.
494 *
495 * Write is is not allowed
496 */
497 static ssize_t zcrypt_write(struct file *filp, const char __user *buf,
498 size_t count, loff_t *f_pos)
499 {
500 return -EPERM;
501 }
502
503 /**
504 * zcrypt_open(): Count number of users.
505 *
506 * Device open function to count number of users.
507 */
508 static int zcrypt_open(struct inode *inode, struct file *filp)
509 {
510 struct ap_perms *perms = &ap_perms;
511
512 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
513 if (filp->f_inode->i_cdev == &zcrypt_cdev) {
514 struct zcdn_device *zcdndev;
515
516 if (mutex_lock_interruptible(&ap_perms_mutex))
517 return -ERESTARTSYS;
518 zcdndev = find_zcdndev_by_devt(filp->f_inode->i_rdev);
519 /* find returns a reference, no get_device() needed */
520 mutex_unlock(&ap_perms_mutex);
521 if (zcdndev)
522 perms = &zcdndev->perms;
523 }
524 #endif
525 filp->private_data = (void *) perms;
526
527 atomic_inc(&zcrypt_open_count);
528 return nonseekable_open(inode, filp);
529 }
530
531 /**
532 * zcrypt_release(): Count number of users.
533 *
534 * Device close function to count number of users.
535 */
536 static int zcrypt_release(struct inode *inode, struct file *filp)
537 {
538 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
539 if (filp->f_inode->i_cdev == &zcrypt_cdev) {
540 struct zcdn_device *zcdndev;
541
542 if (mutex_lock_interruptible(&ap_perms_mutex))
543 return -ERESTARTSYS;
544 zcdndev = find_zcdndev_by_devt(filp->f_inode->i_rdev);
545 mutex_unlock(&ap_perms_mutex);
546 if (zcdndev) {
547 /* 2 puts here: one for find, one for open */
548 put_device(&zcdndev->device);
549 put_device(&zcdndev->device);
550 }
551 }
552 #endif
553
554 atomic_dec(&zcrypt_open_count);
555 return 0;
556 }
557
558 static inline int zcrypt_check_ioctl(struct ap_perms *perms,
559 unsigned int cmd)
560 {
561 int rc = -EPERM;
562 int ioctlnr = (cmd & _IOC_NRMASK) >> _IOC_NRSHIFT;
563
564 if (ioctlnr > 0 && ioctlnr < AP_IOCTLS) {
565 if (test_bit_inv(ioctlnr, perms->ioctlm))
566 rc = 0;
567 }
568
569 if (rc)
570 ZCRYPT_DBF(DBF_WARN,
571 "ioctl check failed: ioctlnr=0x%04x rc=%d\n",
572 ioctlnr, rc);
573
574 return rc;
575 }
576
577 static inline bool zcrypt_check_card(struct ap_perms *perms, int card)
578 {
579 return test_bit_inv(card, perms->apm) ? true : false;
580 }
581
582 static inline bool zcrypt_check_queue(struct ap_perms *perms, int queue)
583 {
584 return test_bit_inv(queue, perms->aqm) ? true : false;
585 }
586
587 static inline struct zcrypt_queue *zcrypt_pick_queue(struct zcrypt_card *zc,
588 struct zcrypt_queue *zq,
589 unsigned int weight)
590 {
591 if (!zq || !try_module_get(zq->queue->ap_dev.drv->driver.owner))
592 return NULL;
593 zcrypt_queue_get(zq);
594 get_device(&zq->queue->ap_dev.device);
595 atomic_add(weight, &zc->load);
596 atomic_add(weight, &zq->load);
597 zq->request_count++;
598 return zq;
599 }
600
601 static inline void zcrypt_drop_queue(struct zcrypt_card *zc,
602 struct zcrypt_queue *zq,
603 unsigned int weight)
604 {
605 struct module *mod = zq->queue->ap_dev.drv->driver.owner;
606
607 zq->request_count--;
608 atomic_sub(weight, &zc->load);
609 atomic_sub(weight, &zq->load);
610 put_device(&zq->queue->ap_dev.device);
611 zcrypt_queue_put(zq);
612 module_put(mod);
613 }
614
615 static inline bool zcrypt_card_compare(struct zcrypt_card *zc,
616 struct zcrypt_card *pref_zc,
617 unsigned int weight,
618 unsigned int pref_weight)
619 {
620 if (!pref_zc)
621 return false;
622 weight += atomic_read(&zc->load);
623 pref_weight += atomic_read(&pref_zc->load);
624 if (weight == pref_weight)
625 return atomic_read(&zc->card->total_request_count) >
626 atomic_read(&pref_zc->card->total_request_count);
627 return weight > pref_weight;
628 }
629
630 static inline bool zcrypt_queue_compare(struct zcrypt_queue *zq,
631 struct zcrypt_queue *pref_zq,
632 unsigned int weight,
633 unsigned int pref_weight)
634 {
635 if (!pref_zq)
636 return false;
637 weight += atomic_read(&zq->load);
638 pref_weight += atomic_read(&pref_zq->load);
639 if (weight == pref_weight)
640 return zq->queue->total_request_count >
641 pref_zq->queue->total_request_count;
642 return weight > pref_weight;
643 }
644
645 /*
646 * zcrypt ioctls.
647 */
648 static long zcrypt_rsa_modexpo(struct ap_perms *perms,
649 struct ica_rsa_modexpo *mex)
650 {
651 struct zcrypt_card *zc, *pref_zc;
652 struct zcrypt_queue *zq, *pref_zq;
653 unsigned int weight, pref_weight;
654 unsigned int func_code;
655 int qid = 0, rc = -ENODEV;
656
657 trace_s390_zcrypt_req(mex, TP_ICARSAMODEXPO);
658
659 if (mex->outputdatalength < mex->inputdatalength) {
660 rc = -EINVAL;
661 goto out;
662 }
663
664 /*
665 * As long as outputdatalength is big enough, we can set the
666 * outputdatalength equal to the inputdatalength, since that is the
667 * number of bytes we will copy in any case
668 */
669 mex->outputdatalength = mex->inputdatalength;
670
671 rc = get_rsa_modex_fc(mex, &func_code);
672 if (rc)
673 goto out;
674
675 pref_zc = NULL;
676 pref_zq = NULL;
677 spin_lock(&zcrypt_list_lock);
678 for_each_zcrypt_card(zc) {
679 /* Check for online accelarator and CCA cards */
680 if (!zc->online || !(zc->card->functions & 0x18000000))
681 continue;
682 /* Check for size limits */
683 if (zc->min_mod_size > mex->inputdatalength ||
684 zc->max_mod_size < mex->inputdatalength)
685 continue;
686 /* check if device node has admission for this card */
687 if (!zcrypt_check_card(perms, zc->card->id))
688 continue;
689 /* get weight index of the card device */
690 weight = zc->speed_rating[func_code];
691 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
692 continue;
693 for_each_zcrypt_queue(zq, zc) {
694 /* check if device is online and eligible */
695 if (!zq->online || !zq->ops->rsa_modexpo)
696 continue;
697 /* check if device node has admission for this queue */
698 if (!zcrypt_check_queue(perms,
699 AP_QID_QUEUE(zq->queue->qid)))
700 continue;
701 if (zcrypt_queue_compare(zq, pref_zq,
702 weight, pref_weight))
703 continue;
704 pref_zc = zc;
705 pref_zq = zq;
706 pref_weight = weight;
707 }
708 }
709 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, weight);
710 spin_unlock(&zcrypt_list_lock);
711
712 if (!pref_zq) {
713 rc = -ENODEV;
714 goto out;
715 }
716
717 qid = pref_zq->queue->qid;
718 rc = pref_zq->ops->rsa_modexpo(pref_zq, mex);
719
720 spin_lock(&zcrypt_list_lock);
721 zcrypt_drop_queue(pref_zc, pref_zq, weight);
722 spin_unlock(&zcrypt_list_lock);
723
724 out:
725 trace_s390_zcrypt_rep(mex, func_code, rc,
726 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
727 return rc;
728 }
729
730 static long zcrypt_rsa_crt(struct ap_perms *perms,
731 struct ica_rsa_modexpo_crt *crt)
732 {
733 struct zcrypt_card *zc, *pref_zc;
734 struct zcrypt_queue *zq, *pref_zq;
735 unsigned int weight, pref_weight;
736 unsigned int func_code;
737 int qid = 0, rc = -ENODEV;
738
739 trace_s390_zcrypt_req(crt, TP_ICARSACRT);
740
741 if (crt->outputdatalength < crt->inputdatalength) {
742 rc = -EINVAL;
743 goto out;
744 }
745
746 /*
747 * As long as outputdatalength is big enough, we can set the
748 * outputdatalength equal to the inputdatalength, since that is the
749 * number of bytes we will copy in any case
750 */
751 crt->outputdatalength = crt->inputdatalength;
752
753 rc = get_rsa_crt_fc(crt, &func_code);
754 if (rc)
755 goto out;
756
757 pref_zc = NULL;
758 pref_zq = NULL;
759 spin_lock(&zcrypt_list_lock);
760 for_each_zcrypt_card(zc) {
761 /* Check for online accelarator and CCA cards */
762 if (!zc->online || !(zc->card->functions & 0x18000000))
763 continue;
764 /* Check for size limits */
765 if (zc->min_mod_size > crt->inputdatalength ||
766 zc->max_mod_size < crt->inputdatalength)
767 continue;
768 /* check if device node has admission for this card */
769 if (!zcrypt_check_card(perms, zc->card->id))
770 continue;
771 /* get weight index of the card device */
772 weight = zc->speed_rating[func_code];
773 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
774 continue;
775 for_each_zcrypt_queue(zq, zc) {
776 /* check if device is online and eligible */
777 if (!zq->online || !zq->ops->rsa_modexpo_crt)
778 continue;
779 /* check if device node has admission for this queue */
780 if (!zcrypt_check_queue(perms,
781 AP_QID_QUEUE(zq->queue->qid)))
782 continue;
783 if (zcrypt_queue_compare(zq, pref_zq,
784 weight, pref_weight))
785 continue;
786 pref_zc = zc;
787 pref_zq = zq;
788 pref_weight = weight;
789 }
790 }
791 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, weight);
792 spin_unlock(&zcrypt_list_lock);
793
794 if (!pref_zq) {
795 rc = -ENODEV;
796 goto out;
797 }
798
799 qid = pref_zq->queue->qid;
800 rc = pref_zq->ops->rsa_modexpo_crt(pref_zq, crt);
801
802 spin_lock(&zcrypt_list_lock);
803 zcrypt_drop_queue(pref_zc, pref_zq, weight);
804 spin_unlock(&zcrypt_list_lock);
805
806 out:
807 trace_s390_zcrypt_rep(crt, func_code, rc,
808 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
809 return rc;
810 }
811
812 static long _zcrypt_send_cprb(struct ap_perms *perms,
813 struct ica_xcRB *xcRB)
814 {
815 struct zcrypt_card *zc, *pref_zc;
816 struct zcrypt_queue *zq, *pref_zq;
817 struct ap_message ap_msg;
818 unsigned int weight, pref_weight;
819 unsigned int func_code;
820 unsigned short *domain;
821 int qid = 0, rc = -ENODEV;
822
823 trace_s390_zcrypt_req(xcRB, TB_ZSECSENDCPRB);
824
825 xcRB->status = 0;
826 ap_init_message(&ap_msg);
827 rc = get_cprb_fc(xcRB, &ap_msg, &func_code, &domain);
828 if (rc)
829 goto out;
830
831 pref_zc = NULL;
832 pref_zq = NULL;
833 spin_lock(&zcrypt_list_lock);
834 for_each_zcrypt_card(zc) {
835 /* Check for online CCA cards */
836 if (!zc->online || !(zc->card->functions & 0x10000000))
837 continue;
838 /* Check for user selected CCA card */
839 if (xcRB->user_defined != AUTOSELECT &&
840 xcRB->user_defined != zc->card->id)
841 continue;
842 /* check if device node has admission for this card */
843 if (!zcrypt_check_card(perms, zc->card->id))
844 continue;
845 /* get weight index of the card device */
846 weight = speed_idx_cca(func_code) * zc->speed_rating[SECKEY];
847 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
848 continue;
849 for_each_zcrypt_queue(zq, zc) {
850 /* check if device is online and eligible */
851 if (!zq->online ||
852 !zq->ops->send_cprb ||
853 ((*domain != (unsigned short) AUTOSELECT) &&
854 (*domain != AP_QID_QUEUE(zq->queue->qid))))
855 continue;
856 /* check if device node has admission for this queue */
857 if (!zcrypt_check_queue(perms,
858 AP_QID_QUEUE(zq->queue->qid)))
859 continue;
860 if (zcrypt_queue_compare(zq, pref_zq,
861 weight, pref_weight))
862 continue;
863 pref_zc = zc;
864 pref_zq = zq;
865 pref_weight = weight;
866 }
867 }
868 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, weight);
869 spin_unlock(&zcrypt_list_lock);
870
871 if (!pref_zq) {
872 rc = -ENODEV;
873 goto out;
874 }
875
876 /* in case of auto select, provide the correct domain */
877 qid = pref_zq->queue->qid;
878 if (*domain == (unsigned short) AUTOSELECT)
879 *domain = AP_QID_QUEUE(qid);
880
881 rc = pref_zq->ops->send_cprb(pref_zq, xcRB, &ap_msg);
882
883 spin_lock(&zcrypt_list_lock);
884 zcrypt_drop_queue(pref_zc, pref_zq, weight);
885 spin_unlock(&zcrypt_list_lock);
886
887 out:
888 ap_release_message(&ap_msg);
889 trace_s390_zcrypt_rep(xcRB, func_code, rc,
890 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
891 return rc;
892 }
893
894 long zcrypt_send_cprb(struct ica_xcRB *xcRB)
895 {
896 return _zcrypt_send_cprb(&ap_perms, xcRB);
897 }
898 EXPORT_SYMBOL(zcrypt_send_cprb);
899
900 static bool is_desired_ep11_card(unsigned int dev_id,
901 unsigned short target_num,
902 struct ep11_target_dev *targets)
903 {
904 while (target_num-- > 0) {
905 if (dev_id == targets->ap_id)
906 return true;
907 targets++;
908 }
909 return false;
910 }
911
912 static bool is_desired_ep11_queue(unsigned int dev_qid,
913 unsigned short target_num,
914 struct ep11_target_dev *targets)
915 {
916 while (target_num-- > 0) {
917 if (AP_MKQID(targets->ap_id, targets->dom_id) == dev_qid)
918 return true;
919 targets++;
920 }
921 return false;
922 }
923
924 static long zcrypt_send_ep11_cprb(struct ap_perms *perms,
925 struct ep11_urb *xcrb)
926 {
927 struct zcrypt_card *zc, *pref_zc;
928 struct zcrypt_queue *zq, *pref_zq;
929 struct ep11_target_dev *targets;
930 unsigned short target_num;
931 unsigned int weight, pref_weight;
932 unsigned int func_code;
933 struct ap_message ap_msg;
934 int qid = 0, rc = -ENODEV;
935
936 trace_s390_zcrypt_req(xcrb, TP_ZSENDEP11CPRB);
937
938 ap_init_message(&ap_msg);
939
940 target_num = (unsigned short) xcrb->targets_num;
941
942 /* empty list indicates autoselect (all available targets) */
943 targets = NULL;
944 if (target_num != 0) {
945 struct ep11_target_dev __user *uptr;
946
947 targets = kcalloc(target_num, sizeof(*targets), GFP_KERNEL);
948 if (!targets) {
949 rc = -ENOMEM;
950 goto out;
951 }
952
953 uptr = (struct ep11_target_dev __force __user *) xcrb->targets;
954 if (copy_from_user(targets, uptr,
955 target_num * sizeof(*targets))) {
956 rc = -EFAULT;
957 goto out_free;
958 }
959 }
960
961 rc = get_ep11cprb_fc(xcrb, &ap_msg, &func_code);
962 if (rc)
963 goto out_free;
964
965 pref_zc = NULL;
966 pref_zq = NULL;
967 spin_lock(&zcrypt_list_lock);
968 for_each_zcrypt_card(zc) {
969 /* Check for online EP11 cards */
970 if (!zc->online || !(zc->card->functions & 0x04000000))
971 continue;
972 /* Check for user selected EP11 card */
973 if (targets &&
974 !is_desired_ep11_card(zc->card->id, target_num, targets))
975 continue;
976 /* check if device node has admission for this card */
977 if (!zcrypt_check_card(perms, zc->card->id))
978 continue;
979 /* get weight index of the card device */
980 weight = speed_idx_ep11(func_code) * zc->speed_rating[SECKEY];
981 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
982 continue;
983 for_each_zcrypt_queue(zq, zc) {
984 /* check if device is online and eligible */
985 if (!zq->online ||
986 !zq->ops->send_ep11_cprb ||
987 (targets &&
988 !is_desired_ep11_queue(zq->queue->qid,
989 target_num, targets)))
990 continue;
991 /* check if device node has admission for this queue */
992 if (!zcrypt_check_queue(perms,
993 AP_QID_QUEUE(zq->queue->qid)))
994 continue;
995 if (zcrypt_queue_compare(zq, pref_zq,
996 weight, pref_weight))
997 continue;
998 pref_zc = zc;
999 pref_zq = zq;
1000 pref_weight = weight;
1001 }
1002 }
1003 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, weight);
1004 spin_unlock(&zcrypt_list_lock);
1005
1006 if (!pref_zq) {
1007 rc = -ENODEV;
1008 goto out_free;
1009 }
1010
1011 qid = pref_zq->queue->qid;
1012 rc = pref_zq->ops->send_ep11_cprb(pref_zq, xcrb, &ap_msg);
1013
1014 spin_lock(&zcrypt_list_lock);
1015 zcrypt_drop_queue(pref_zc, pref_zq, weight);
1016 spin_unlock(&zcrypt_list_lock);
1017
1018 out_free:
1019 kfree(targets);
1020 out:
1021 ap_release_message(&ap_msg);
1022 trace_s390_zcrypt_rep(xcrb, func_code, rc,
1023 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
1024 return rc;
1025 }
1026
1027 static long zcrypt_rng(char *buffer)
1028 {
1029 struct zcrypt_card *zc, *pref_zc;
1030 struct zcrypt_queue *zq, *pref_zq;
1031 unsigned int weight, pref_weight;
1032 unsigned int func_code;
1033 struct ap_message ap_msg;
1034 unsigned int domain;
1035 int qid = 0, rc = -ENODEV;
1036
1037 trace_s390_zcrypt_req(buffer, TP_HWRNGCPRB);
1038
1039 ap_init_message(&ap_msg);
1040 rc = get_rng_fc(&ap_msg, &func_code, &domain);
1041 if (rc)
1042 goto out;
1043
1044 pref_zc = NULL;
1045 pref_zq = NULL;
1046 spin_lock(&zcrypt_list_lock);
1047 for_each_zcrypt_card(zc) {
1048 /* Check for online CCA cards */
1049 if (!zc->online || !(zc->card->functions & 0x10000000))
1050 continue;
1051 /* get weight index of the card device */
1052 weight = zc->speed_rating[func_code];
1053 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
1054 continue;
1055 for_each_zcrypt_queue(zq, zc) {
1056 /* check if device is online and eligible */
1057 if (!zq->online || !zq->ops->rng)
1058 continue;
1059 if (zcrypt_queue_compare(zq, pref_zq,
1060 weight, pref_weight))
1061 continue;
1062 pref_zc = zc;
1063 pref_zq = zq;
1064 pref_weight = weight;
1065 }
1066 }
1067 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, weight);
1068 spin_unlock(&zcrypt_list_lock);
1069
1070 if (!pref_zq) {
1071 rc = -ENODEV;
1072 goto out;
1073 }
1074
1075 qid = pref_zq->queue->qid;
1076 rc = pref_zq->ops->rng(pref_zq, buffer, &ap_msg);
1077
1078 spin_lock(&zcrypt_list_lock);
1079 zcrypt_drop_queue(pref_zc, pref_zq, weight);
1080 spin_unlock(&zcrypt_list_lock);
1081
1082 out:
1083 ap_release_message(&ap_msg);
1084 trace_s390_zcrypt_rep(buffer, func_code, rc,
1085 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
1086 return rc;
1087 }
1088
1089 static void zcrypt_device_status_mask(struct zcrypt_device_status *devstatus)
1090 {
1091 struct zcrypt_card *zc;
1092 struct zcrypt_queue *zq;
1093 struct zcrypt_device_status *stat;
1094 int card, queue;
1095
1096 memset(devstatus, 0, MAX_ZDEV_ENTRIES
1097 * sizeof(struct zcrypt_device_status));
1098
1099 spin_lock(&zcrypt_list_lock);
1100 for_each_zcrypt_card(zc) {
1101 for_each_zcrypt_queue(zq, zc) {
1102 card = AP_QID_CARD(zq->queue->qid);
1103 if (card >= MAX_ZDEV_CARDIDS)
1104 continue;
1105 queue = AP_QID_QUEUE(zq->queue->qid);
1106 stat = &devstatus[card * AP_DOMAINS + queue];
1107 stat->hwtype = zc->card->ap_dev.device_type;
1108 stat->functions = zc->card->functions >> 26;
1109 stat->qid = zq->queue->qid;
1110 stat->online = zq->online ? 0x01 : 0x00;
1111 }
1112 }
1113 spin_unlock(&zcrypt_list_lock);
1114 }
1115
1116 void zcrypt_device_status_mask_ext(struct zcrypt_device_status_ext *devstatus)
1117 {
1118 struct zcrypt_card *zc;
1119 struct zcrypt_queue *zq;
1120 struct zcrypt_device_status_ext *stat;
1121 int card, queue;
1122
1123 memset(devstatus, 0, MAX_ZDEV_ENTRIES_EXT
1124 * sizeof(struct zcrypt_device_status_ext));
1125
1126 spin_lock(&zcrypt_list_lock);
1127 for_each_zcrypt_card(zc) {
1128 for_each_zcrypt_queue(zq, zc) {
1129 card = AP_QID_CARD(zq->queue->qid);
1130 queue = AP_QID_QUEUE(zq->queue->qid);
1131 stat = &devstatus[card * AP_DOMAINS + queue];
1132 stat->hwtype = zc->card->ap_dev.device_type;
1133 stat->functions = zc->card->functions >> 26;
1134 stat->qid = zq->queue->qid;
1135 stat->online = zq->online ? 0x01 : 0x00;
1136 }
1137 }
1138 spin_unlock(&zcrypt_list_lock);
1139 }
1140 EXPORT_SYMBOL(zcrypt_device_status_mask_ext);
1141
1142 static void zcrypt_status_mask(char status[], size_t max_adapters)
1143 {
1144 struct zcrypt_card *zc;
1145 struct zcrypt_queue *zq;
1146 int card;
1147
1148 memset(status, 0, max_adapters);
1149 spin_lock(&zcrypt_list_lock);
1150 for_each_zcrypt_card(zc) {
1151 for_each_zcrypt_queue(zq, zc) {
1152 card = AP_QID_CARD(zq->queue->qid);
1153 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index
1154 || card >= max_adapters)
1155 continue;
1156 status[card] = zc->online ? zc->user_space_type : 0x0d;
1157 }
1158 }
1159 spin_unlock(&zcrypt_list_lock);
1160 }
1161
1162 static void zcrypt_qdepth_mask(char qdepth[], size_t max_adapters)
1163 {
1164 struct zcrypt_card *zc;
1165 struct zcrypt_queue *zq;
1166 int card;
1167
1168 memset(qdepth, 0, max_adapters);
1169 spin_lock(&zcrypt_list_lock);
1170 local_bh_disable();
1171 for_each_zcrypt_card(zc) {
1172 for_each_zcrypt_queue(zq, zc) {
1173 card = AP_QID_CARD(zq->queue->qid);
1174 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index
1175 || card >= max_adapters)
1176 continue;
1177 spin_lock(&zq->queue->lock);
1178 qdepth[card] =
1179 zq->queue->pendingq_count +
1180 zq->queue->requestq_count;
1181 spin_unlock(&zq->queue->lock);
1182 }
1183 }
1184 local_bh_enable();
1185 spin_unlock(&zcrypt_list_lock);
1186 }
1187
1188 static void zcrypt_perdev_reqcnt(int reqcnt[], size_t max_adapters)
1189 {
1190 struct zcrypt_card *zc;
1191 struct zcrypt_queue *zq;
1192 int card;
1193
1194 memset(reqcnt, 0, sizeof(int) * max_adapters);
1195 spin_lock(&zcrypt_list_lock);
1196 local_bh_disable();
1197 for_each_zcrypt_card(zc) {
1198 for_each_zcrypt_queue(zq, zc) {
1199 card = AP_QID_CARD(zq->queue->qid);
1200 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index
1201 || card >= max_adapters)
1202 continue;
1203 spin_lock(&zq->queue->lock);
1204 reqcnt[card] = zq->queue->total_request_count;
1205 spin_unlock(&zq->queue->lock);
1206 }
1207 }
1208 local_bh_enable();
1209 spin_unlock(&zcrypt_list_lock);
1210 }
1211
1212 static int zcrypt_pendingq_count(void)
1213 {
1214 struct zcrypt_card *zc;
1215 struct zcrypt_queue *zq;
1216 int pendingq_count;
1217
1218 pendingq_count = 0;
1219 spin_lock(&zcrypt_list_lock);
1220 local_bh_disable();
1221 for_each_zcrypt_card(zc) {
1222 for_each_zcrypt_queue(zq, zc) {
1223 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index)
1224 continue;
1225 spin_lock(&zq->queue->lock);
1226 pendingq_count += zq->queue->pendingq_count;
1227 spin_unlock(&zq->queue->lock);
1228 }
1229 }
1230 local_bh_enable();
1231 spin_unlock(&zcrypt_list_lock);
1232 return pendingq_count;
1233 }
1234
1235 static int zcrypt_requestq_count(void)
1236 {
1237 struct zcrypt_card *zc;
1238 struct zcrypt_queue *zq;
1239 int requestq_count;
1240
1241 requestq_count = 0;
1242 spin_lock(&zcrypt_list_lock);
1243 local_bh_disable();
1244 for_each_zcrypt_card(zc) {
1245 for_each_zcrypt_queue(zq, zc) {
1246 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index)
1247 continue;
1248 spin_lock(&zq->queue->lock);
1249 requestq_count += zq->queue->requestq_count;
1250 spin_unlock(&zq->queue->lock);
1251 }
1252 }
1253 local_bh_enable();
1254 spin_unlock(&zcrypt_list_lock);
1255 return requestq_count;
1256 }
1257
1258 static long zcrypt_unlocked_ioctl(struct file *filp, unsigned int cmd,
1259 unsigned long arg)
1260 {
1261 int rc;
1262 struct ap_perms *perms =
1263 (struct ap_perms *) filp->private_data;
1264
1265 rc = zcrypt_check_ioctl(perms, cmd);
1266 if (rc)
1267 return rc;
1268
1269 switch (cmd) {
1270 case ICARSAMODEXPO: {
1271 struct ica_rsa_modexpo __user *umex = (void __user *) arg;
1272 struct ica_rsa_modexpo mex;
1273
1274 if (copy_from_user(&mex, umex, sizeof(mex)))
1275 return -EFAULT;
1276 do {
1277 rc = zcrypt_rsa_modexpo(perms, &mex);
1278 } while (rc == -EAGAIN);
1279 /* on failure: retry once again after a requested rescan */
1280 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1281 do {
1282 rc = zcrypt_rsa_modexpo(perms, &mex);
1283 } while (rc == -EAGAIN);
1284 if (rc) {
1285 ZCRYPT_DBF(DBF_DEBUG, "ioctl ICARSAMODEXPO rc=%d\n", rc);
1286 return rc;
1287 }
1288 return put_user(mex.outputdatalength, &umex->outputdatalength);
1289 }
1290 case ICARSACRT: {
1291 struct ica_rsa_modexpo_crt __user *ucrt = (void __user *) arg;
1292 struct ica_rsa_modexpo_crt crt;
1293
1294 if (copy_from_user(&crt, ucrt, sizeof(crt)))
1295 return -EFAULT;
1296 do {
1297 rc = zcrypt_rsa_crt(perms, &crt);
1298 } while (rc == -EAGAIN);
1299 /* on failure: retry once again after a requested rescan */
1300 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1301 do {
1302 rc = zcrypt_rsa_crt(perms, &crt);
1303 } while (rc == -EAGAIN);
1304 if (rc) {
1305 ZCRYPT_DBF(DBF_DEBUG, "ioctl ICARSACRT rc=%d\n", rc);
1306 return rc;
1307 }
1308 return put_user(crt.outputdatalength, &ucrt->outputdatalength);
1309 }
1310 case ZSECSENDCPRB: {
1311 struct ica_xcRB __user *uxcRB = (void __user *) arg;
1312 struct ica_xcRB xcRB;
1313
1314 if (copy_from_user(&xcRB, uxcRB, sizeof(xcRB)))
1315 return -EFAULT;
1316 do {
1317 rc = _zcrypt_send_cprb(perms, &xcRB);
1318 } while (rc == -EAGAIN);
1319 /* on failure: retry once again after a requested rescan */
1320 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1321 do {
1322 rc = _zcrypt_send_cprb(perms, &xcRB);
1323 } while (rc == -EAGAIN);
1324 if (rc)
1325 ZCRYPT_DBF(DBF_DEBUG, "ioctl ZSENDCPRB rc=%d status=0x%x\n",
1326 rc, xcRB.status);
1327 if (copy_to_user(uxcRB, &xcRB, sizeof(xcRB)))
1328 return -EFAULT;
1329 return rc;
1330 }
1331 case ZSENDEP11CPRB: {
1332 struct ep11_urb __user *uxcrb = (void __user *)arg;
1333 struct ep11_urb xcrb;
1334
1335 if (copy_from_user(&xcrb, uxcrb, sizeof(xcrb)))
1336 return -EFAULT;
1337 do {
1338 rc = zcrypt_send_ep11_cprb(perms, &xcrb);
1339 } while (rc == -EAGAIN);
1340 /* on failure: retry once again after a requested rescan */
1341 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1342 do {
1343 rc = zcrypt_send_ep11_cprb(perms, &xcrb);
1344 } while (rc == -EAGAIN);
1345 if (rc)
1346 ZCRYPT_DBF(DBF_DEBUG, "ioctl ZSENDEP11CPRB rc=%d\n", rc);
1347 if (copy_to_user(uxcrb, &xcrb, sizeof(xcrb)))
1348 return -EFAULT;
1349 return rc;
1350 }
1351 case ZCRYPT_DEVICE_STATUS: {
1352 struct zcrypt_device_status_ext *device_status;
1353 size_t total_size = MAX_ZDEV_ENTRIES_EXT
1354 * sizeof(struct zcrypt_device_status_ext);
1355
1356 device_status = kzalloc(total_size, GFP_KERNEL);
1357 if (!device_status)
1358 return -ENOMEM;
1359 zcrypt_device_status_mask_ext(device_status);
1360 if (copy_to_user((char __user *) arg, device_status,
1361 total_size))
1362 rc = -EFAULT;
1363 kfree(device_status);
1364 return rc;
1365 }
1366 case ZCRYPT_STATUS_MASK: {
1367 char status[AP_DEVICES];
1368
1369 zcrypt_status_mask(status, AP_DEVICES);
1370 if (copy_to_user((char __user *) arg, status, sizeof(status)))
1371 return -EFAULT;
1372 return 0;
1373 }
1374 case ZCRYPT_QDEPTH_MASK: {
1375 char qdepth[AP_DEVICES];
1376
1377 zcrypt_qdepth_mask(qdepth, AP_DEVICES);
1378 if (copy_to_user((char __user *) arg, qdepth, sizeof(qdepth)))
1379 return -EFAULT;
1380 return 0;
1381 }
1382 case ZCRYPT_PERDEV_REQCNT: {
1383 int *reqcnt;
1384
1385 reqcnt = kcalloc(AP_DEVICES, sizeof(int), GFP_KERNEL);
1386 if (!reqcnt)
1387 return -ENOMEM;
1388 zcrypt_perdev_reqcnt(reqcnt, AP_DEVICES);
1389 if (copy_to_user((int __user *) arg, reqcnt, sizeof(reqcnt)))
1390 rc = -EFAULT;
1391 kfree(reqcnt);
1392 return rc;
1393 }
1394 case Z90STAT_REQUESTQ_COUNT:
1395 return put_user(zcrypt_requestq_count(), (int __user *) arg);
1396 case Z90STAT_PENDINGQ_COUNT:
1397 return put_user(zcrypt_pendingq_count(), (int __user *) arg);
1398 case Z90STAT_TOTALOPEN_COUNT:
1399 return put_user(atomic_read(&zcrypt_open_count),
1400 (int __user *) arg);
1401 case Z90STAT_DOMAIN_INDEX:
1402 return put_user(ap_domain_index, (int __user *) arg);
1403 /*
1404 * Deprecated ioctls
1405 */
1406 case ZDEVICESTATUS: {
1407 /* the old ioctl supports only 64 adapters */
1408 struct zcrypt_device_status *device_status;
1409 size_t total_size = MAX_ZDEV_ENTRIES
1410 * sizeof(struct zcrypt_device_status);
1411
1412 device_status = kzalloc(total_size, GFP_KERNEL);
1413 if (!device_status)
1414 return -ENOMEM;
1415 zcrypt_device_status_mask(device_status);
1416 if (copy_to_user((char __user *) arg, device_status,
1417 total_size))
1418 rc = -EFAULT;
1419 kfree(device_status);
1420 return rc;
1421 }
1422 case Z90STAT_STATUS_MASK: {
1423 /* the old ioctl supports only 64 adapters */
1424 char status[MAX_ZDEV_CARDIDS];
1425
1426 zcrypt_status_mask(status, MAX_ZDEV_CARDIDS);
1427 if (copy_to_user((char __user *) arg, status, sizeof(status)))
1428 return -EFAULT;
1429 return 0;
1430 }
1431 case Z90STAT_QDEPTH_MASK: {
1432 /* the old ioctl supports only 64 adapters */
1433 char qdepth[MAX_ZDEV_CARDIDS];
1434
1435 zcrypt_qdepth_mask(qdepth, MAX_ZDEV_CARDIDS);
1436 if (copy_to_user((char __user *) arg, qdepth, sizeof(qdepth)))
1437 return -EFAULT;
1438 return 0;
1439 }
1440 case Z90STAT_PERDEV_REQCNT: {
1441 /* the old ioctl supports only 64 adapters */
1442 int reqcnt[MAX_ZDEV_CARDIDS];
1443
1444 zcrypt_perdev_reqcnt(reqcnt, MAX_ZDEV_CARDIDS);
1445 if (copy_to_user((int __user *) arg, reqcnt, sizeof(reqcnt)))
1446 return -EFAULT;
1447 return 0;
1448 }
1449 /* unknown ioctl number */
1450 default:
1451 ZCRYPT_DBF(DBF_DEBUG, "unknown ioctl 0x%08x\n", cmd);
1452 return -ENOIOCTLCMD;
1453 }
1454 }
1455
1456 #ifdef CONFIG_COMPAT
1457 /*
1458 * ioctl32 conversion routines
1459 */
1460 struct compat_ica_rsa_modexpo {
1461 compat_uptr_t inputdata;
1462 unsigned int inputdatalength;
1463 compat_uptr_t outputdata;
1464 unsigned int outputdatalength;
1465 compat_uptr_t b_key;
1466 compat_uptr_t n_modulus;
1467 };
1468
1469 static long trans_modexpo32(struct ap_perms *perms, struct file *filp,
1470 unsigned int cmd, unsigned long arg)
1471 {
1472 struct compat_ica_rsa_modexpo __user *umex32 = compat_ptr(arg);
1473 struct compat_ica_rsa_modexpo mex32;
1474 struct ica_rsa_modexpo mex64;
1475 long rc;
1476
1477 if (copy_from_user(&mex32, umex32, sizeof(mex32)))
1478 return -EFAULT;
1479 mex64.inputdata = compat_ptr(mex32.inputdata);
1480 mex64.inputdatalength = mex32.inputdatalength;
1481 mex64.outputdata = compat_ptr(mex32.outputdata);
1482 mex64.outputdatalength = mex32.outputdatalength;
1483 mex64.b_key = compat_ptr(mex32.b_key);
1484 mex64.n_modulus = compat_ptr(mex32.n_modulus);
1485 do {
1486 rc = zcrypt_rsa_modexpo(perms, &mex64);
1487 } while (rc == -EAGAIN);
1488 /* on failure: retry once again after a requested rescan */
1489 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1490 do {
1491 rc = zcrypt_rsa_modexpo(perms, &mex64);
1492 } while (rc == -EAGAIN);
1493 if (rc)
1494 return rc;
1495 return put_user(mex64.outputdatalength,
1496 &umex32->outputdatalength);
1497 }
1498
1499 struct compat_ica_rsa_modexpo_crt {
1500 compat_uptr_t inputdata;
1501 unsigned int inputdatalength;
1502 compat_uptr_t outputdata;
1503 unsigned int outputdatalength;
1504 compat_uptr_t bp_key;
1505 compat_uptr_t bq_key;
1506 compat_uptr_t np_prime;
1507 compat_uptr_t nq_prime;
1508 compat_uptr_t u_mult_inv;
1509 };
1510
1511 static long trans_modexpo_crt32(struct ap_perms *perms, struct file *filp,
1512 unsigned int cmd, unsigned long arg)
1513 {
1514 struct compat_ica_rsa_modexpo_crt __user *ucrt32 = compat_ptr(arg);
1515 struct compat_ica_rsa_modexpo_crt crt32;
1516 struct ica_rsa_modexpo_crt crt64;
1517 long rc;
1518
1519 if (copy_from_user(&crt32, ucrt32, sizeof(crt32)))
1520 return -EFAULT;
1521 crt64.inputdata = compat_ptr(crt32.inputdata);
1522 crt64.inputdatalength = crt32.inputdatalength;
1523 crt64.outputdata = compat_ptr(crt32.outputdata);
1524 crt64.outputdatalength = crt32.outputdatalength;
1525 crt64.bp_key = compat_ptr(crt32.bp_key);
1526 crt64.bq_key = compat_ptr(crt32.bq_key);
1527 crt64.np_prime = compat_ptr(crt32.np_prime);
1528 crt64.nq_prime = compat_ptr(crt32.nq_prime);
1529 crt64.u_mult_inv = compat_ptr(crt32.u_mult_inv);
1530 do {
1531 rc = zcrypt_rsa_crt(perms, &crt64);
1532 } while (rc == -EAGAIN);
1533 /* on failure: retry once again after a requested rescan */
1534 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1535 do {
1536 rc = zcrypt_rsa_crt(perms, &crt64);
1537 } while (rc == -EAGAIN);
1538 if (rc)
1539 return rc;
1540 return put_user(crt64.outputdatalength,
1541 &ucrt32->outputdatalength);
1542 }
1543
1544 struct compat_ica_xcRB {
1545 unsigned short agent_ID;
1546 unsigned int user_defined;
1547 unsigned short request_ID;
1548 unsigned int request_control_blk_length;
1549 unsigned char padding1[16 - sizeof(compat_uptr_t)];
1550 compat_uptr_t request_control_blk_addr;
1551 unsigned int request_data_length;
1552 char padding2[16 - sizeof(compat_uptr_t)];
1553 compat_uptr_t request_data_address;
1554 unsigned int reply_control_blk_length;
1555 char padding3[16 - sizeof(compat_uptr_t)];
1556 compat_uptr_t reply_control_blk_addr;
1557 unsigned int reply_data_length;
1558 char padding4[16 - sizeof(compat_uptr_t)];
1559 compat_uptr_t reply_data_addr;
1560 unsigned short priority_window;
1561 unsigned int status;
1562 } __packed;
1563
1564 static long trans_xcRB32(struct ap_perms *perms, struct file *filp,
1565 unsigned int cmd, unsigned long arg)
1566 {
1567 struct compat_ica_xcRB __user *uxcRB32 = compat_ptr(arg);
1568 struct compat_ica_xcRB xcRB32;
1569 struct ica_xcRB xcRB64;
1570 long rc;
1571
1572 if (copy_from_user(&xcRB32, uxcRB32, sizeof(xcRB32)))
1573 return -EFAULT;
1574 xcRB64.agent_ID = xcRB32.agent_ID;
1575 xcRB64.user_defined = xcRB32.user_defined;
1576 xcRB64.request_ID = xcRB32.request_ID;
1577 xcRB64.request_control_blk_length =
1578 xcRB32.request_control_blk_length;
1579 xcRB64.request_control_blk_addr =
1580 compat_ptr(xcRB32.request_control_blk_addr);
1581 xcRB64.request_data_length =
1582 xcRB32.request_data_length;
1583 xcRB64.request_data_address =
1584 compat_ptr(xcRB32.request_data_address);
1585 xcRB64.reply_control_blk_length =
1586 xcRB32.reply_control_blk_length;
1587 xcRB64.reply_control_blk_addr =
1588 compat_ptr(xcRB32.reply_control_blk_addr);
1589 xcRB64.reply_data_length = xcRB32.reply_data_length;
1590 xcRB64.reply_data_addr =
1591 compat_ptr(xcRB32.reply_data_addr);
1592 xcRB64.priority_window = xcRB32.priority_window;
1593 xcRB64.status = xcRB32.status;
1594 do {
1595 rc = _zcrypt_send_cprb(perms, &xcRB64);
1596 } while (rc == -EAGAIN);
1597 /* on failure: retry once again after a requested rescan */
1598 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1599 do {
1600 rc = _zcrypt_send_cprb(perms, &xcRB64);
1601 } while (rc == -EAGAIN);
1602 xcRB32.reply_control_blk_length = xcRB64.reply_control_blk_length;
1603 xcRB32.reply_data_length = xcRB64.reply_data_length;
1604 xcRB32.status = xcRB64.status;
1605 if (copy_to_user(uxcRB32, &xcRB32, sizeof(xcRB32)))
1606 return -EFAULT;
1607 return rc;
1608 }
1609
1610 static long zcrypt_compat_ioctl(struct file *filp, unsigned int cmd,
1611 unsigned long arg)
1612 {
1613 int rc;
1614 struct ap_perms *perms =
1615 (struct ap_perms *) filp->private_data;
1616
1617 rc = zcrypt_check_ioctl(perms, cmd);
1618 if (rc)
1619 return rc;
1620
1621 if (cmd == ICARSAMODEXPO)
1622 return trans_modexpo32(perms, filp, cmd, arg);
1623 if (cmd == ICARSACRT)
1624 return trans_modexpo_crt32(perms, filp, cmd, arg);
1625 if (cmd == ZSECSENDCPRB)
1626 return trans_xcRB32(perms, filp, cmd, arg);
1627 return zcrypt_unlocked_ioctl(filp, cmd, arg);
1628 }
1629 #endif
1630
1631 /*
1632 * Misc device file operations.
1633 */
1634 static const struct file_operations zcrypt_fops = {
1635 .owner = THIS_MODULE,
1636 .read = zcrypt_read,
1637 .write = zcrypt_write,
1638 .unlocked_ioctl = zcrypt_unlocked_ioctl,
1639 #ifdef CONFIG_COMPAT
1640 .compat_ioctl = zcrypt_compat_ioctl,
1641 #endif
1642 .open = zcrypt_open,
1643 .release = zcrypt_release,
1644 .llseek = no_llseek,
1645 };
1646
1647 /*
1648 * Misc device.
1649 */
1650 static struct miscdevice zcrypt_misc_device = {
1651 .minor = MISC_DYNAMIC_MINOR,
1652 .name = "z90crypt",
1653 .fops = &zcrypt_fops,
1654 };
1655
1656 static int zcrypt_rng_device_count;
1657 static u32 *zcrypt_rng_buffer;
1658 static int zcrypt_rng_buffer_index;
1659 static DEFINE_MUTEX(zcrypt_rng_mutex);
1660
1661 static int zcrypt_rng_data_read(struct hwrng *rng, u32 *data)
1662 {
1663 int rc;
1664
1665 /*
1666 * We don't need locking here because the RNG API guarantees serialized
1667 * read method calls.
1668 */
1669 if (zcrypt_rng_buffer_index == 0) {
1670 rc = zcrypt_rng((char *) zcrypt_rng_buffer);
1671 /* on failure: retry once again after a requested rescan */
1672 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1673 rc = zcrypt_rng((char *) zcrypt_rng_buffer);
1674 if (rc < 0)
1675 return -EIO;
1676 zcrypt_rng_buffer_index = rc / sizeof(*data);
1677 }
1678 *data = zcrypt_rng_buffer[--zcrypt_rng_buffer_index];
1679 return sizeof(*data);
1680 }
1681
1682 static struct hwrng zcrypt_rng_dev = {
1683 .name = "zcrypt",
1684 .data_read = zcrypt_rng_data_read,
1685 .quality = 990,
1686 };
1687
1688 int zcrypt_rng_device_add(void)
1689 {
1690 int rc = 0;
1691
1692 mutex_lock(&zcrypt_rng_mutex);
1693 if (zcrypt_rng_device_count == 0) {
1694 zcrypt_rng_buffer = (u32 *) get_zeroed_page(GFP_KERNEL);
1695 if (!zcrypt_rng_buffer) {
1696 rc = -ENOMEM;
1697 goto out;
1698 }
1699 zcrypt_rng_buffer_index = 0;
1700 if (!zcrypt_hwrng_seed)
1701 zcrypt_rng_dev.quality = 0;
1702 rc = hwrng_register(&zcrypt_rng_dev);
1703 if (rc)
1704 goto out_free;
1705 zcrypt_rng_device_count = 1;
1706 } else
1707 zcrypt_rng_device_count++;
1708 mutex_unlock(&zcrypt_rng_mutex);
1709 return 0;
1710
1711 out_free:
1712 free_page((unsigned long) zcrypt_rng_buffer);
1713 out:
1714 mutex_unlock(&zcrypt_rng_mutex);
1715 return rc;
1716 }
1717
1718 void zcrypt_rng_device_remove(void)
1719 {
1720 mutex_lock(&zcrypt_rng_mutex);
1721 zcrypt_rng_device_count--;
1722 if (zcrypt_rng_device_count == 0) {
1723 hwrng_unregister(&zcrypt_rng_dev);
1724 free_page((unsigned long) zcrypt_rng_buffer);
1725 }
1726 mutex_unlock(&zcrypt_rng_mutex);
1727 }
1728
1729 int __init zcrypt_debug_init(void)
1730 {
1731 zcrypt_dbf_info = debug_register("zcrypt", 1, 1,
1732 DBF_MAX_SPRINTF_ARGS * sizeof(long));
1733 debug_register_view(zcrypt_dbf_info, &debug_sprintf_view);
1734 debug_set_level(zcrypt_dbf_info, DBF_ERR);
1735
1736 return 0;
1737 }
1738
1739 void zcrypt_debug_exit(void)
1740 {
1741 debug_unregister(zcrypt_dbf_info);
1742 }
1743
1744 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
1745
1746 static int __init zcdn_init(void)
1747 {
1748 int rc;
1749
1750 /* create a new class 'zcrypt' */
1751 zcrypt_class = class_create(THIS_MODULE, ZCRYPT_NAME);
1752 if (IS_ERR(zcrypt_class)) {
1753 rc = PTR_ERR(zcrypt_class);
1754 goto out_class_create_failed;
1755 }
1756 zcrypt_class->dev_release = zcdn_device_release;
1757
1758 /* alloc device minor range */
1759 rc = alloc_chrdev_region(&zcrypt_devt,
1760 0, ZCRYPT_MAX_MINOR_NODES,
1761 ZCRYPT_NAME);
1762 if (rc)
1763 goto out_alloc_chrdev_failed;
1764
1765 cdev_init(&zcrypt_cdev, &zcrypt_fops);
1766 zcrypt_cdev.owner = THIS_MODULE;
1767 rc = cdev_add(&zcrypt_cdev, zcrypt_devt, ZCRYPT_MAX_MINOR_NODES);
1768 if (rc)
1769 goto out_cdev_add_failed;
1770
1771 /* need some class specific sysfs attributes */
1772 rc = class_create_file(zcrypt_class, &class_attr_zcdn_create);
1773 if (rc)
1774 goto out_class_create_file_1_failed;
1775 rc = class_create_file(zcrypt_class, &class_attr_zcdn_destroy);
1776 if (rc)
1777 goto out_class_create_file_2_failed;
1778
1779 return 0;
1780
1781 out_class_create_file_2_failed:
1782 class_remove_file(zcrypt_class, &class_attr_zcdn_create);
1783 out_class_create_file_1_failed:
1784 cdev_del(&zcrypt_cdev);
1785 out_cdev_add_failed:
1786 unregister_chrdev_region(zcrypt_devt, ZCRYPT_MAX_MINOR_NODES);
1787 out_alloc_chrdev_failed:
1788 class_destroy(zcrypt_class);
1789 out_class_create_failed:
1790 return rc;
1791 }
1792
1793 static void zcdn_exit(void)
1794 {
1795 class_remove_file(zcrypt_class, &class_attr_zcdn_create);
1796 class_remove_file(zcrypt_class, &class_attr_zcdn_destroy);
1797 zcdn_destroy_all();
1798 cdev_del(&zcrypt_cdev);
1799 unregister_chrdev_region(zcrypt_devt, ZCRYPT_MAX_MINOR_NODES);
1800 class_destroy(zcrypt_class);
1801 }
1802
1803 #endif
1804
1805 /**
1806 * zcrypt_api_init(): Module initialization.
1807 *
1808 * The module initialization code.
1809 */
1810 int __init zcrypt_api_init(void)
1811 {
1812 int rc;
1813
1814 rc = zcrypt_debug_init();
1815 if (rc)
1816 goto out;
1817
1818 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
1819 rc = zcdn_init();
1820 if (rc)
1821 goto out;
1822 #endif
1823
1824 /* Register the request sprayer. */
1825 rc = misc_register(&zcrypt_misc_device);
1826 if (rc < 0)
1827 goto out_misc_register_failed;
1828
1829 zcrypt_msgtype6_init();
1830 zcrypt_msgtype50_init();
1831
1832 return 0;
1833
1834 out_misc_register_failed:
1835 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
1836 zcdn_exit();
1837 #endif
1838 zcrypt_debug_exit();
1839 out:
1840 return rc;
1841 }
1842
1843 /**
1844 * zcrypt_api_exit(): Module termination.
1845 *
1846 * The module termination code.
1847 */
1848 void __exit zcrypt_api_exit(void)
1849 {
1850 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
1851 zcdn_exit();
1852 #endif
1853 misc_deregister(&zcrypt_misc_device);
1854 zcrypt_msgtype6_exit();
1855 zcrypt_msgtype50_exit();
1856 zcrypt_debug_exit();
1857 }
1858
1859 module_init(zcrypt_api_init);
1860 module_exit(zcrypt_api_exit);
Ubuntu combined Linux kernel mirror