Commit | Line | Data |
---|---|---|
963ed931 | 1 | /* |
5432114b | 2 | * zcrypt 2.1.0 |
963ed931 | 3 | * |
a53c8fab | 4 | * Copyright IBM Corp. 2001, 2006 |
963ed931 MS |
5 | * Author(s): Robert Burroughs |
6 | * Eric Rossman (edrossma@us.ibm.com) | |
7 | * | |
8 | * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) | |
9 | * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com> | |
10 | * Ralph Wuerthner <rwuerthn@de.ibm.com> | |
11 | * | |
12 | * This program is free software; you can redistribute it and/or modify | |
13 | * it under the terms of the GNU General Public License as published by | |
14 | * the Free Software Foundation; either version 2, or (at your option) | |
15 | * any later version. | |
16 | * | |
17 | * This program is distributed in the hope that it will be useful, | |
18 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
20 | * GNU General Public License for more details. | |
21 | * | |
22 | * You should have received a copy of the GNU General Public License | |
23 | * along with this program; if not, write to the Free Software | |
24 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. | |
25 | */ | |
26 | ||
27 | #include <linux/module.h> | |
5a0e3ad6 | 28 | #include <linux/slab.h> |
963ed931 MS |
29 | #include <linux/init.h> |
30 | #include <linux/err.h> | |
60063497 | 31 | #include <linux/atomic.h> |
963ed931 MS |
32 | #include <asm/uaccess.h> |
33 | ||
34 | #include "ap_bus.h" | |
35 | #include "zcrypt_api.h" | |
36 | #include "zcrypt_error.h" | |
37 | #include "zcrypt_pcica.h" | |
38 | ||
39 | #define PCICA_MIN_MOD_SIZE 1 /* 8 bits */ | |
40 | #define PCICA_MAX_MOD_SIZE 256 /* 2048 bits */ | |
41 | ||
42 | #define PCICA_SPEED_RATING 2800 | |
43 | ||
44 | #define PCICA_MAX_MESSAGE_SIZE 0x3a0 /* sizeof(struct type4_lcr) */ | |
45 | #define PCICA_MAX_RESPONSE_SIZE 0x110 /* max outputdatalength + type80_hdr */ | |
46 | ||
47 | #define PCICA_CLEANUP_TIME (15*HZ) | |
48 | ||
49 | static struct ap_device_id zcrypt_pcica_ids[] = { | |
50 | { AP_DEVICE(AP_DEVICE_TYPE_PCICA) }, | |
51 | { /* end of list */ }, | |
52 | }; | |
53 | ||
963ed931 MS |
54 | MODULE_DEVICE_TABLE(ap, zcrypt_pcica_ids); |
55 | MODULE_AUTHOR("IBM Corporation"); | |
56 | MODULE_DESCRIPTION("PCICA Cryptographic Coprocessor device driver, " | |
a53c8fab | 57 | "Copyright IBM Corp. 2001, 2006"); |
963ed931 | 58 | MODULE_LICENSE("GPL"); |
963ed931 MS |
59 | |
60 | static int zcrypt_pcica_probe(struct ap_device *ap_dev); | |
61 | static void zcrypt_pcica_remove(struct ap_device *ap_dev); | |
62 | static void zcrypt_pcica_receive(struct ap_device *, struct ap_message *, | |
63 | struct ap_message *); | |
64 | ||
65 | static struct ap_driver zcrypt_pcica_driver = { | |
66 | .probe = zcrypt_pcica_probe, | |
67 | .remove = zcrypt_pcica_remove, | |
963ed931 | 68 | .ids = zcrypt_pcica_ids, |
af512ed0 | 69 | .request_timeout = PCICA_CLEANUP_TIME, |
963ed931 MS |
70 | }; |
71 | ||
72 | /** | |
73 | * Convert a ICAMEX message to a type4 MEX message. | |
74 | * | |
75 | * @zdev: crypto device pointer | |
76 | * @zreq: crypto request pointer | |
77 | * @mex: pointer to user input data | |
78 | * | |
79 | * Returns 0 on success or -EFAULT. | |
80 | */ | |
81 | static int ICAMEX_msg_to_type4MEX_msg(struct zcrypt_device *zdev, | |
82 | struct ap_message *ap_msg, | |
83 | struct ica_rsa_modexpo *mex) | |
84 | { | |
85 | unsigned char *modulus, *exponent, *message; | |
86 | int mod_len; | |
87 | ||
88 | mod_len = mex->inputdatalength; | |
89 | ||
90 | if (mod_len <= 128) { | |
91 | struct type4_sme *sme = ap_msg->message; | |
92 | memset(sme, 0, sizeof(*sme)); | |
93 | ap_msg->length = sizeof(*sme); | |
94 | sme->header.msg_fmt = TYPE4_SME_FMT; | |
95 | sme->header.msg_len = sizeof(*sme); | |
96 | sme->header.msg_type_code = TYPE4_TYPE_CODE; | |
97 | sme->header.request_code = TYPE4_REQU_CODE; | |
98 | modulus = sme->modulus + sizeof(sme->modulus) - mod_len; | |
99 | exponent = sme->exponent + sizeof(sme->exponent) - mod_len; | |
100 | message = sme->message + sizeof(sme->message) - mod_len; | |
101 | } else { | |
102 | struct type4_lme *lme = ap_msg->message; | |
103 | memset(lme, 0, sizeof(*lme)); | |
104 | ap_msg->length = sizeof(*lme); | |
105 | lme->header.msg_fmt = TYPE4_LME_FMT; | |
106 | lme->header.msg_len = sizeof(*lme); | |
107 | lme->header.msg_type_code = TYPE4_TYPE_CODE; | |
108 | lme->header.request_code = TYPE4_REQU_CODE; | |
109 | modulus = lme->modulus + sizeof(lme->modulus) - mod_len; | |
110 | exponent = lme->exponent + sizeof(lme->exponent) - mod_len; | |
111 | message = lme->message + sizeof(lme->message) - mod_len; | |
112 | } | |
113 | ||
114 | if (copy_from_user(modulus, mex->n_modulus, mod_len) || | |
115 | copy_from_user(exponent, mex->b_key, mod_len) || | |
116 | copy_from_user(message, mex->inputdata, mod_len)) | |
117 | return -EFAULT; | |
118 | return 0; | |
119 | } | |
120 | ||
121 | /** | |
122 | * Convert a ICACRT message to a type4 CRT message. | |
123 | * | |
124 | * @zdev: crypto device pointer | |
125 | * @zreq: crypto request pointer | |
126 | * @crt: pointer to user input data | |
127 | * | |
128 | * Returns 0 on success or -EFAULT. | |
129 | */ | |
130 | static int ICACRT_msg_to_type4CRT_msg(struct zcrypt_device *zdev, | |
131 | struct ap_message *ap_msg, | |
132 | struct ica_rsa_modexpo_crt *crt) | |
133 | { | |
134 | unsigned char *p, *q, *dp, *dq, *u, *inp; | |
135 | int mod_len, short_len, long_len; | |
136 | ||
137 | mod_len = crt->inputdatalength; | |
138 | short_len = mod_len / 2; | |
139 | long_len = mod_len / 2 + 8; | |
140 | ||
141 | if (mod_len <= 128) { | |
142 | struct type4_scr *scr = ap_msg->message; | |
143 | memset(scr, 0, sizeof(*scr)); | |
144 | ap_msg->length = sizeof(*scr); | |
145 | scr->header.msg_type_code = TYPE4_TYPE_CODE; | |
146 | scr->header.request_code = TYPE4_REQU_CODE; | |
147 | scr->header.msg_fmt = TYPE4_SCR_FMT; | |
148 | scr->header.msg_len = sizeof(*scr); | |
149 | p = scr->p + sizeof(scr->p) - long_len; | |
150 | q = scr->q + sizeof(scr->q) - short_len; | |
151 | dp = scr->dp + sizeof(scr->dp) - long_len; | |
152 | dq = scr->dq + sizeof(scr->dq) - short_len; | |
153 | u = scr->u + sizeof(scr->u) - long_len; | |
154 | inp = scr->message + sizeof(scr->message) - mod_len; | |
155 | } else { | |
156 | struct type4_lcr *lcr = ap_msg->message; | |
157 | memset(lcr, 0, sizeof(*lcr)); | |
158 | ap_msg->length = sizeof(*lcr); | |
159 | lcr->header.msg_type_code = TYPE4_TYPE_CODE; | |
160 | lcr->header.request_code = TYPE4_REQU_CODE; | |
161 | lcr->header.msg_fmt = TYPE4_LCR_FMT; | |
162 | lcr->header.msg_len = sizeof(*lcr); | |
163 | p = lcr->p + sizeof(lcr->p) - long_len; | |
164 | q = lcr->q + sizeof(lcr->q) - short_len; | |
165 | dp = lcr->dp + sizeof(lcr->dp) - long_len; | |
166 | dq = lcr->dq + sizeof(lcr->dq) - short_len; | |
167 | u = lcr->u + sizeof(lcr->u) - long_len; | |
168 | inp = lcr->message + sizeof(lcr->message) - mod_len; | |
169 | } | |
170 | ||
171 | if (copy_from_user(p, crt->np_prime, long_len) || | |
172 | copy_from_user(q, crt->nq_prime, short_len) || | |
173 | copy_from_user(dp, crt->bp_key, long_len) || | |
174 | copy_from_user(dq, crt->bq_key, short_len) || | |
175 | copy_from_user(u, crt->u_mult_inv, long_len) || | |
176 | copy_from_user(inp, crt->inputdata, mod_len)) | |
177 | return -EFAULT; | |
178 | return 0; | |
179 | } | |
180 | ||
181 | /** | |
182 | * Copy results from a type 84 reply message back to user space. | |
183 | * | |
184 | * @zdev: crypto device pointer | |
185 | * @reply: reply AP message. | |
186 | * @data: pointer to user output data | |
187 | * @length: size of user output data | |
188 | * | |
189 | * Returns 0 on success or -EFAULT. | |
190 | */ | |
4d284cac HC |
191 | static int convert_type84(struct zcrypt_device *zdev, |
192 | struct ap_message *reply, | |
193 | char __user *outputdata, | |
194 | unsigned int outputdatalength) | |
963ed931 MS |
195 | { |
196 | struct type84_hdr *t84h = reply->message; | |
197 | char *data; | |
198 | ||
199 | if (t84h->len < sizeof(*t84h) + outputdatalength) { | |
200 | /* The result is too short, the PCICA card may not do that.. */ | |
201 | zdev->online = 0; | |
202 | return -EAGAIN; /* repeat the request on a different device. */ | |
203 | } | |
204 | BUG_ON(t84h->len > PCICA_MAX_RESPONSE_SIZE); | |
205 | data = reply->message + t84h->len - outputdatalength; | |
206 | if (copy_to_user(outputdata, data, outputdatalength)) | |
207 | return -EFAULT; | |
208 | return 0; | |
209 | } | |
210 | ||
211 | static int convert_response(struct zcrypt_device *zdev, | |
212 | struct ap_message *reply, | |
213 | char __user *outputdata, | |
214 | unsigned int outputdatalength) | |
215 | { | |
216 | /* Response type byte is the second byte in the response. */ | |
217 | switch (((unsigned char *) reply->message)[1]) { | |
218 | case TYPE82_RSP_CODE: | |
219 | case TYPE88_RSP_CODE: | |
220 | return convert_error(zdev, reply); | |
221 | case TYPE84_RSP_CODE: | |
222 | return convert_type84(zdev, reply, | |
223 | outputdata, outputdatalength); | |
224 | default: /* Unknown response type, this should NEVER EVER happen */ | |
963ed931 MS |
225 | zdev->online = 0; |
226 | return -EAGAIN; /* repeat the request on a different device. */ | |
227 | } | |
228 | } | |
229 | ||
230 | /** | |
231 | * This function is called from the AP bus code after a crypto request | |
232 | * "msg" has finished with the reply message "reply". | |
233 | * It is called from tasklet context. | |
234 | * @ap_dev: pointer to the AP device | |
235 | * @msg: pointer to the AP message | |
236 | * @reply: pointer to the AP reply message | |
237 | */ | |
238 | static void zcrypt_pcica_receive(struct ap_device *ap_dev, | |
239 | struct ap_message *msg, | |
240 | struct ap_message *reply) | |
241 | { | |
242 | static struct error_hdr error_reply = { | |
243 | .type = TYPE82_RSP_CODE, | |
244 | .reply_code = REP82_ERROR_MACHINE_FAILURE, | |
245 | }; | |
21e7b2c4 | 246 | struct type84_hdr *t84h; |
963ed931 MS |
247 | int length; |
248 | ||
249 | /* Copy the reply message to the request message buffer. */ | |
21e7b2c4 | 250 | if (IS_ERR(reply)) { |
963ed931 | 251 | memcpy(msg->message, &error_reply, sizeof(error_reply)); |
21e7b2c4 JL |
252 | goto out; |
253 | } | |
254 | t84h = reply->message; | |
255 | if (t84h->code == TYPE84_RSP_CODE) { | |
963ed931 MS |
256 | length = min(PCICA_MAX_RESPONSE_SIZE, (int) t84h->len); |
257 | memcpy(msg->message, reply->message, length); | |
258 | } else | |
259 | memcpy(msg->message, reply->message, sizeof error_reply); | |
21e7b2c4 | 260 | out: |
963ed931 MS |
261 | complete((struct completion *) msg->private); |
262 | } | |
263 | ||
264 | static atomic_t zcrypt_step = ATOMIC_INIT(0); | |
265 | ||
266 | /** | |
267 | * The request distributor calls this function if it picked the PCICA | |
268 | * device to handle a modexpo request. | |
269 | * @zdev: pointer to zcrypt_device structure that identifies the | |
270 | * PCICA device to the request distributor | |
271 | * @mex: pointer to the modexpo request buffer | |
272 | */ | |
273 | static long zcrypt_pcica_modexpo(struct zcrypt_device *zdev, | |
274 | struct ica_rsa_modexpo *mex) | |
275 | { | |
276 | struct ap_message ap_msg; | |
277 | struct completion work; | |
278 | int rc; | |
279 | ||
468ffddf | 280 | ap_init_message(&ap_msg); |
5cbded58 | 281 | ap_msg.message = kmalloc(PCICA_MAX_MESSAGE_SIZE, GFP_KERNEL); |
963ed931 MS |
282 | if (!ap_msg.message) |
283 | return -ENOMEM; | |
54a8f561 | 284 | ap_msg.receive = zcrypt_pcica_receive; |
963ed931 MS |
285 | ap_msg.psmid = (((unsigned long long) current->pid) << 32) + |
286 | atomic_inc_return(&zcrypt_step); | |
287 | ap_msg.private = &work; | |
288 | rc = ICAMEX_msg_to_type4MEX_msg(zdev, &ap_msg, mex); | |
289 | if (rc) | |
290 | goto out_free; | |
291 | init_completion(&work); | |
292 | ap_queue_message(zdev->ap_dev, &ap_msg); | |
af512ed0 RW |
293 | rc = wait_for_completion_interruptible(&work); |
294 | if (rc == 0) | |
963ed931 MS |
295 | rc = convert_response(zdev, &ap_msg, mex->outputdata, |
296 | mex->outputdatalength); | |
af512ed0 RW |
297 | else |
298 | /* Signal pending. */ | |
963ed931 | 299 | ap_cancel_message(zdev->ap_dev, &ap_msg); |
963ed931 MS |
300 | out_free: |
301 | kfree(ap_msg.message); | |
302 | return rc; | |
303 | } | |
304 | ||
305 | /** | |
306 | * The request distributor calls this function if it picked the PCICA | |
307 | * device to handle a modexpo_crt request. | |
308 | * @zdev: pointer to zcrypt_device structure that identifies the | |
309 | * PCICA device to the request distributor | |
310 | * @crt: pointer to the modexpoc_crt request buffer | |
311 | */ | |
312 | static long zcrypt_pcica_modexpo_crt(struct zcrypt_device *zdev, | |
313 | struct ica_rsa_modexpo_crt *crt) | |
314 | { | |
315 | struct ap_message ap_msg; | |
316 | struct completion work; | |
317 | int rc; | |
318 | ||
468ffddf | 319 | ap_init_message(&ap_msg); |
5cbded58 | 320 | ap_msg.message = kmalloc(PCICA_MAX_MESSAGE_SIZE, GFP_KERNEL); |
963ed931 MS |
321 | if (!ap_msg.message) |
322 | return -ENOMEM; | |
54a8f561 | 323 | ap_msg.receive = zcrypt_pcica_receive; |
963ed931 MS |
324 | ap_msg.psmid = (((unsigned long long) current->pid) << 32) + |
325 | atomic_inc_return(&zcrypt_step); | |
326 | ap_msg.private = &work; | |
327 | rc = ICACRT_msg_to_type4CRT_msg(zdev, &ap_msg, crt); | |
328 | if (rc) | |
329 | goto out_free; | |
330 | init_completion(&work); | |
331 | ap_queue_message(zdev->ap_dev, &ap_msg); | |
af512ed0 RW |
332 | rc = wait_for_completion_interruptible(&work); |
333 | if (rc == 0) | |
963ed931 MS |
334 | rc = convert_response(zdev, &ap_msg, crt->outputdata, |
335 | crt->outputdatalength); | |
af512ed0 RW |
336 | else |
337 | /* Signal pending. */ | |
963ed931 | 338 | ap_cancel_message(zdev->ap_dev, &ap_msg); |
963ed931 MS |
339 | out_free: |
340 | kfree(ap_msg.message); | |
341 | return rc; | |
342 | } | |
343 | ||
344 | /** | |
345 | * The crypto operations for a PCICA card. | |
346 | */ | |
347 | static struct zcrypt_ops zcrypt_pcica_ops = { | |
348 | .rsa_modexpo = zcrypt_pcica_modexpo, | |
349 | .rsa_modexpo_crt = zcrypt_pcica_modexpo_crt, | |
350 | }; | |
351 | ||
352 | /** | |
353 | * Probe function for PCICA cards. It always accepts the AP device | |
354 | * since the bus_match already checked the hardware type. | |
355 | * @ap_dev: pointer to the AP device. | |
356 | */ | |
357 | static int zcrypt_pcica_probe(struct ap_device *ap_dev) | |
358 | { | |
359 | struct zcrypt_device *zdev; | |
360 | int rc; | |
361 | ||
362 | zdev = zcrypt_device_alloc(PCICA_MAX_RESPONSE_SIZE); | |
363 | if (!zdev) | |
364 | return -ENOMEM; | |
365 | zdev->ap_dev = ap_dev; | |
366 | zdev->ops = &zcrypt_pcica_ops; | |
367 | zdev->online = 1; | |
368 | zdev->user_space_type = ZCRYPT_PCICA; | |
369 | zdev->type_string = "PCICA"; | |
370 | zdev->min_mod_size = PCICA_MIN_MOD_SIZE; | |
371 | zdev->max_mod_size = PCICA_MAX_MOD_SIZE; | |
372 | zdev->speed_rating = PCICA_SPEED_RATING; | |
c2567f8f | 373 | zdev->max_exp_bit_length = PCICA_MAX_MOD_SIZE; |
963ed931 MS |
374 | ap_dev->reply = &zdev->reply; |
375 | ap_dev->private = zdev; | |
376 | rc = zcrypt_device_register(zdev); | |
377 | if (rc) | |
378 | goto out_free; | |
379 | return 0; | |
380 | ||
381 | out_free: | |
382 | ap_dev->private = NULL; | |
383 | zcrypt_device_free(zdev); | |
384 | return rc; | |
385 | } | |
386 | ||
387 | /** | |
388 | * This is called to remove the extended PCICA driver information | |
389 | * if an AP device is removed. | |
390 | */ | |
391 | static void zcrypt_pcica_remove(struct ap_device *ap_dev) | |
392 | { | |
393 | struct zcrypt_device *zdev = ap_dev->private; | |
394 | ||
395 | zcrypt_device_unregister(zdev); | |
396 | } | |
397 | ||
398 | int __init zcrypt_pcica_init(void) | |
399 | { | |
400 | return ap_driver_register(&zcrypt_pcica_driver, THIS_MODULE, "pcica"); | |
401 | } | |
402 | ||
403 | void zcrypt_pcica_exit(void) | |
404 | { | |
405 | ap_driver_unregister(&zcrypt_pcica_driver); | |
406 | } | |
407 | ||
963ed931 MS |
408 | module_init(zcrypt_pcica_init); |
409 | module_exit(zcrypt_pcica_exit); |